feat(06.2-04): backend — handle enrichment, user_handle filter, two daily-export endpoints

- Add _audit_to_dict_with_handles() with user_handle + actor_handle fields
- Add _build_filtered_query_with_handles() with aliased User double-JOIN
- Change list_audit_log user_id param to user_handle string with handle→UUID resolution
- Change export_audit_log user_id param to user_handle (Pitfall 7 — both endpoints enriched)
- Add GET /audit-log/daily-exports — lists MinIO audit-logs bucket, asyncio.to_thread
- Add GET /audit-log/daily-exports/{date} — streams CSV, date regex validation (T-06.2-04-01)
- Move daily-export endpoints before viewer to ensure specific path registration order
- Update test_audit_log_export_csv to match enriched CSV header (user_handle, actor_handle)
- All 10 test_audit.py tests pass

backend/tests/test_audit.py

@@ -178,8 +178,10 @@ async def test_audit_log_export_csv(async_client, admin_user, db_session):
         f"got '{content_disposition}'"
     )
 
+    # Phase 6.2: CSV now includes user_handle and actor_handle columns (D-11, Pitfall 7)
     expected_header = (
-        "id,event_type,user_id,actor_id,resource_id,ip_address,metadata_,created_at"
+        "id,event_type,user_id,actor_id,user_handle,actor_handle,"
+        "resource_id,ip_address,metadata_,created_at"
     )
     assert expected_header in response.text, (
         f"CSV header line not found in response. "