QA Release (March 10): Mail Backend Migration, Batch Document-Type Pagination, Standardized Date Formatting, and Admin Fixes

This release promotes 29 commits from development into the QA environment across the Mail, Admin, and Vendor apps. The headline items are migrating the Mail app to the March 10 backend API contract, adding paginated document-type navigation to the batch documents sidebar, and standardizing all date displays to the US MM/DD/YYYY format. It also bundles a batch of bug fixes for admin rules, role permissions, tenant management, and session-expiry handling.

The backend evolved its bulk-operation and sharing API contract, so the Mail frontend had to be realigned to keep batch, folder, and share actions working. Several admin surfaces had visible defects: the Edit Rule form opened empty and rule update/delete calls returned 405 errors, the Rules grid Active column and the Users Last Login column rendered incorrectly, and clicking Select All or pagination inside the Edit Role dialog triggered an unintended auto-save. Date formats were inconsistent across apps (including a vendor screen using European dd/MM/yyyy), and the batch document-type sidebar loaded a fixed cap of 50 types with only client-side search.

Clients see consistent US-style dates (MM/DD/YYYY) everywhere, with the vendor Files tab no longer showing day/month transposed. Admins can edit rules with the form correctly pre-filled, and rule create/edit/delete now succeed instead of failing. Role permission edits only save when the user clicks Save. The batch documents sidebar now paginates system and custom document types (5 per page) with server-side debounced search, so large tenants can browse all types. Duplicate session-expiry toasts are suppressed and expiry redirects are smoother. The non-functional Last Login column and bulk delete/export on the tenants list (which were not backed by working APIs) were removed to avoid misleading controls.

• Mail backend API migration (#844): moved grid_status_id/entity_id from request bodies to URL query params via a new buildBulkQueryParams() helper for select-all bulk endpoints; renamed batch_status -> target_status across services/mutations/UI; removed stale fields (grid_status_id, tenant_id, subtenant_ids) from many generated API model types; added isConflictError() and 409 handling on folder create/update.
• Batch document-type pagination (#843): replaced the hardcoded page=1/limit=50 fetch with the usePaginatedDocumentTypes hook; system, custom, and search sections now render pagination controls and use server-side debounced search.
• Date standardization (#835): new @dsm/ui/utils/format-date with formatDateOnly, formatDateTime, formatDateTimeFull; ~22 call sites across admin/mail/vendor switched from toLocaleString to the shared formatter; fixed vendor FilesTab European-format bug; .npmrc hoists date-fns.
• Admin rule fixes (#836, #837): Edit Rule modal accepts initialRuleData for immediate pre-fill and derives effectiveRuleId; rule update uses the correct ID; delete switched to POST /v1/rules/bulk-delete; is_active now renders an Active/Inactive badge.
• Other fixes: added type="button" to non-submit buttons in RoleFormDialog to stop auto-save (#840); removed the Last Login column and last_login/login_count from AdminUser (#838); removed tenant bulk actions and useBulkDeleteTenants (#839); session-expiry utility plus MailCookieAuthProvider; docs-search-index route now requires STRAPI_API_TOKEN, filters records by user permissions server-side, and sets Cache-Control: private, no-store.

Moderate. The Mail API migration touches many bulk/share/folder paths and removes fields from generated types, so a frontend/backend contract mismatch could break batch operations or sharing if the QA backend is not on the matching contract. The date refactor is broad (~22 files) but mechanical; the main risk is an unstyled/incorrect date in a missed call site. Mitigation: the changes are isolated to the QA environment for verification before production promotion, type removals are compile-checked, and the date logic is centralized in one tested utility.

• Mail batch bulk actions with select-all (assign, delete, update) succeed and send status/entity as query params, not in the body.
• Folder create/update with a duplicate name surfaces the inline 'already exists' error (409 handling).
• Batch documents sidebar paginates system and custom document types (5/page) and search returns server-side results with debounce.
• Admin: Edit Rule opens pre-filled; create, edit, and delete rules all succeed (no 405); Rules grid shows Active/Inactive badges.
• Edit Role dialog: Select All, pagination, and transfer arrows do NOT trigger a save; only Save Changes persists.
• Dates render as MM/DD/YYYY across admin, mail, and vendor; confirm the vendor Files tab is no longer dd/MM/yyyy.
• Session expiry shows a single toast and redirects to login cleanly; no duplicate toasts.
• Confirm the Users grid no longer shows Last Login and the tenants list no longer shows checkboxes/Export/Delete bulk controls.