fix: resolve E2E audit findings and add Phase C frontend pages

- Fix audit_log handler multi-tenant bug: use Extension<TenantContext>
  instead of hardcoded default_tenant_id
- Fix sendMessage route mismatch: frontend /messages/send → /messages
- Add POST /users/{id}/roles backend route for role assignment
- Add task.completed event payload: started_by + instance_id for
  notification delivery
- Add audit log viewer frontend page (AuditLogViewer.tsx)
- Add language management frontend page (LanguageManager.tsx)
- Add api/auditLogs.ts and api/languages.ts modules

crates/erp-auth/src/module.rs

@@ -53,6 +53,10 @@ impl AuthModule {
                     .put(user_handler::update_user)
                     .delete(user_handler::delete_user),
             )
+            .route(
+                "/users/{id}/roles",
+                axum::routing::post(user_handler::assign_roles),
+            )
             .route(
                 "/roles",
                 axum::routing::get(role_handler::list_roles).post(role_handler::create_role),