Surface admin import-log view in user actions

[SiteRelEnby]

Summary

Surfaces the existing admin import-job view in the admin UI. The backend endpoints (list a user's import jobs + a reason-gated, audited detail view) and their client functions already shipped; this wires them into the per-user admin panel so support can actually read an import's event log when debugging a failed import.

Changes

• Adds an ImportLogsSection to the per-user "Explain account" panel (next to Sessions), modelled on the existing SessionsSection pattern.
• Lists the user's import jobs (source, status, timestamp, error flag). For any one, a required-reason inline prompt fetches and renders the full event log (level / stage / message / record_ref) inline.
• Viewing a job writes the existing import_log_view audit row (already shown in the admin audit log and the user's own "admin activity on your account" card). On success it refreshes the panel's recent-activity list so the access shows immediately.

Testing

• ruff check sheaf/ passes (no backend changes)
• cd web && npm run lint && npx tsc --noEmit passes (zero errors in the touched files)
• Existing tests pass (no backend changes; the admin endpoints have their own coverage)
• New tests added (frontend wiring of already-tested endpoints)
• Tested manually

Security / privacy impact

Article 9 data. The detail view is the existing reason-gated, admin-only endpoint that writes an import_log_view audit row, so reading a user's import history stays transparent to that user. Import events carry only structural data (counts, stages, source ids), never decrypted member content. No new endpoint and no new data exposure; this is UI wiring of an already-audited backend.

Screenshots

Inline addition to the existing admin Users > Explain account expander (an "Import jobs" list with per-job "View logs"); no standalone screen.