feat(backend): audit event for pool file reordering

Reorder was the only pool-file operation that didn't record an audit
entry, unlike AddFiles (file_pool_add) and RemoveFiles
(file_pool_remove). Log file_pool_reorder on success and seed the new
action type.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

backend/internal/service/pool_service.go

@@ -247,5 +247,10 @@ func (s *PoolService) Reorder(ctx context.Context, poolID uuid.UUID, fileIDs []u
 	if err := s.authorizeEdit(ctx, poolID); err != nil {
 		return err
 	}
-	return s.pools.Reorder(ctx, poolID, fileIDs)
+	if err := s.pools.Reorder(ctx, poolID, fileIDs); err != nil {
+		return err
+	}
+	objType := poolObjectType
+	_ = s.audit.Log(ctx, "file_pool_reorder", &objType, &poolID, map[string]any{"count": len(fileIDs)})
+	return nil
 }

backend/migrations/007_seed_data.sql

@@ -30,7 +30,7 @@ INSERT INTO activity.action_types (name) VALUES
     ('pool_create'), ('pool_edit'), ('pool_delete'),
     -- Relations
     ('file_tag_add'), ('file_tag_remove'),
-    ('file_pool_add'), ('file_pool_remove'),
+    ('file_pool_add'), ('file_pool_remove'), ('file_pool_reorder'),
     -- ACL
     ('acl_change'),
     -- Admin