feat: role-based ACL + admin management UI

Backend:
- Add acl.ts with requireAuth/requireRole/requireOwnerOrAdmin helpers
- Gate premium videos from unauthenticated users in videos query/resolver
- Fix updateVideoPlay to verify ownership before updating
- Add admin mutations: adminListUsers, adminUpdateUser, adminDeleteUser
- Add admin mutations: createVideo, updateVideo, deleteVideo, setVideoModels, adminListVideos
- Add admin mutations: createArticle, updateArticle, deleteArticle, adminListArticles
- Add deleteComment mutation (owner or admin only)
- Add AdminUserListType to GraphQL types
- Fix featured filter on articles query

Frontend:
- Install marked for markdown rendering
- Add /admin/* section with sidebar layout and admin-only guard
- Admin users page: paginated table with search, role filter, inline role change, delete
- Admin videos pages: list, create form, edit form with file upload and model assignment
- Admin articles pages: list, create form, edit form with split-pane markdown editor
- Add admin nav link in header (desktop + mobile) for admin users
- Render article content through marked in magazine detail page
- Add all admin GraphQL service functions to services.ts

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

packages/frontend/src/routes/magazine/[slug]/+page.svelte

@@ -9,6 +9,7 @@
   import Meta from "$lib/components/meta/meta.svelte";
   import PeonyBackground from "$lib/components/background/peony-background.svelte";
   import SharingPopupButton from "$lib/components/sharing-popup/sharing-popup-button.svelte";
+  import { marked } from "marked";
 
   const { data } = $props();
 
@@ -115,7 +116,7 @@
             <div
               class="prose prose-lg max-w-none prose-headings:text-foreground prose-p:text-muted-foreground prose-strong:text-foreground prose-ul:text-muted-foreground"
             >
-              {@html data.article.content}
+              {@html marked.parse(data.article.content ?? "")}
             </div>
           </CardContent>
         </Card>