Admin Portal Data-Accuracy Overhaul, Personalization Settings, and Searchable Entity Picker (QA)

A large batch promotion to QA that reworks the Admin Portal so its tables, detail dialogs, and forms display exactly the data the backend actually returns, removing broken or empty columns and fixing pages that previously rendered blank. It also adds a personalization settings panel (theme, typography, density, interface scale), a faster searchable entity picker with infinite scroll, visual rule condition/action viewers, a two-step user-creation flow with password rules, and supporting infrastructure (centralized IdP provider constants, pagination adapters, modular sidebar). Reaching QA for validation.

Several Admin Portal pages had drifted out of sync with the backend API: tables referenced fields that no longer exist (codes, document counts, max file size, sub-folder counts), IdP Entity and Role Mapping pages rendered blank because the API returns a plain array instead of a paginated object, pagination showed "Page X of NaN", and dashboard widgets pointed at endpoints that return 404. User creation also failed because the backend now requires a password. These gaps made the portal look broken and blocked admin workflows.

Admin users see accurate, populated tables and detail dialogs across Entities, Folders, Document Types, Roles, Upload Centers, IdP mappings, and Notification Policies, with no more empty/NaN states or blank pages. Creating a user now works via a clearer two-step flow (create, then assign roles, with live password-strength checks). Entity selection in forms is faster and searchable with infinite scroll instead of loading everything at once. Rule details are shown as readable condition/action cards rather than raw JSON, and a new Settings panel lets admins tune theme, font, density, and scale, with preferences shared across the Mail and Vendor apps.

Scope: 60 files, +2849/-1470, almost entirely under apps/admin/. Notable changes:

• Table/detail/form alignment to real API schemas for document-types, entities, folders, roles, upload-centers, notification-policies, and IdP mappings; removed non-existent columns and added fields like auto_extract, mail_count, parent_details, client_name, usage_stats.
• Fixed blank IdP Entity/Role Mapping pages by handling plain-array responses; centralized provider constants in constants/idp.constants.ts.
• New personalization Settings component plus Theme/Typography/Density/InterfaceScale cards and a slider UI primitive; preferences persisted to localStorage for cross-app sharing.
• Refactored monolithic AdminSidebar into modular sidebar/ pieces (NavGroup, NavItem, InitialsAvatar, constants, utils); always-visible nav.
• New entity-select.tsx rewritten on cmdk with useInfiniteEntities, 300ms debounced server search, and IntersectionObserver infinite scroll.
• Two-step user-creation flow with password field, validation rules, and live indicators (UserFormDialog, AssignRolesDialog).
• New rule viewers ConditionGroupsDisplay / ActionsDisplay replacing raw JSON in the Rule Details dialog.
• New lib/pagination.ts adapter for inconsistent backend pagination params; admin.services.ts / admin.queries.ts updated; enableHiding:false on actions columns so they cannot be hidden.
• Renamed "Admin Hub" to "Admin Portal" in packages/ui AppSwitcher.
• CI: docker-ecr.yml now builds/pushes a dev-branch image with dev env vars; .claude/settings.local.json adds a permission.
• Note: PDF-splitting commits appear in the history (feature PR #755) but the splitter source files are not part of this PR's diff; they landed in an earlier dev merge and are not the changes shipping here.

Medium. This touches many admin pages and rewrites shared building blocks (sidebar, entity picker, services/queries), so regressions could surface in table rendering, pagination, or entity selection. The new dev-branch CI publish targets a separate dev ECR repo and should not affect QA/main images. Mitigation: changes are type-driven against the backend OpenAPI schema and confined to the admin app; verify each rewritten page against live API data in QA before promoting to production.

• Open each admin page (Entities, Folders, Document Types, Roles, Upload Centers, Notification Policies, IdP Entity Mappings, IdP Role Mappings, Rules) and confirm tables and View Details dialogs populate with correct data and no NaN/blank states.
• Verify IdP Entity and Role Mapping pages render rows (not blank) and the provider dropdown lists available providers.
• Create a user via the two-step flow: enter a password (check min-8 / upper / lower / number indicators), create, then assign or skip roles.
• Exercise the searchable Entity picker: type to search (debounced), scroll to auto-load more, select with keyboard, confirm it opens correctly inside dialogs.
• Open the Settings panel: change theme/typography/density/scale and confirm it applies and persists across Mail/Vendor apps.
• Confirm the actions column cannot be hidden via the column toggle on every table.
• Confirm the app switcher label reads "Admin Portal".
• Sanity-check pagination controls show correct page counts.