fix(auth): block non-admin access to /dashboard completely

Root page (/): now client-side, checks role before redirecting. Admin → /dashboard, non-admin → /mis-dashboards.

Dashboard page: added useAuth guard that redirects non-admin users to /mis-dashboards via router.replace. The page is now completely inaccessible to non-admin users even via direct URL.

Combined with the sidebar fix (dashboard link hidden for non-admin), the main dashboard is fully restricted to admin role.

Co-Authored-By: Claude Opus 4.6 (1M context) noreply@anthropic.com