feat(adminui): Reconnect/Restart on DriverStatusPanel (DriverOperator-gated)

- RestartDriver / ReconnectDriver messages + AdminOperationsActor
  handlers (broadcast via driver-control DPS topic; audited via
  ConfigEdits).
- DriverHostActor subscribes to driver-control; locates the
  matching child DriverInstanceActor and stops+respawns it
  (Restart) or sends it a ForceReconnect internal message
  (Reconnect — re-enters Reconnecting state without full stop).
  DriverInstanceSpec constructor call uses named args to handle
  the full 6-parameter signature.
- New DriverOperator authorization policy mapped to DriverOperator
  or FleetAdmin role; documented in docs/security.md. Map LDAP
  group via GroupToRole (e.g. "ot-driver-operator": "DriverOperator").
- DriverStatusPanel renders Reconnect + Restart buttons when the
  user holds the DriverOperator policy (hidden otherwise). Restart
  requires an in-page Razor confirm block (no JS confirm, keeps
  SignalR event loop unblocked). Both buttons show a spinner and
  are disabled during in-flight; result chip auto-clears after 8s.
  Username sourced from AuthenticationStateProvider.

Reconnect resolves to "ForceReconnect" (re-enter Reconnecting,
not full stop+respawn) — transport drops and retries while actor
and in-memory state are preserved. All DriverInstanceActor states
handle ForceReconnect safely (no-op when already in transition).

src/Core/ZB.MOM.WW.OtOpcUa.Commons/Messages/Admin/ReconnectDriver.cs

@@ -0,0 +1,25 @@
+namespace ZB.MOM.WW.OtOpcUa.Commons.Messages.Admin;
+
+/// <summary>
+///     AdminUI → AdminOperationsActor: reconnect the driver actor's transport without
+///     respawning the actor itself. Sends the actor back through its Reconnecting state —
+///     fast, preserves in-memory state. The driver actor's supervisor performs the work.
+/// </summary>
+/// <param name="ClusterId">Cluster scope identifier (for audit).</param>
+/// <param name="DriverInstanceId">The driver instance to reconnect.</param>
+/// <param name="ActorByUserName">The authenticated admin user who triggered the reconnect.</param>
+/// <param name="CorrelationId">Round-trip correlation token.</param>
+public sealed record ReconnectDriver(
+    string ClusterId,
+    string DriverInstanceId,
+    string ActorByUserName,
+    Guid CorrelationId);
+
+/// <summary>Reply for <see cref="ReconnectDriver"/>.</summary>
+/// <param name="Ok">True iff the operation was dispatched without error.</param>
+/// <param name="Message">Failure reason; null on success.</param>
+/// <param name="CorrelationId">Echoes the request's correlation token.</param>
+public sealed record ReconnectDriverResult(
+    bool Ok,
+    string? Message,
+    Guid CorrelationId);

src/Core/ZB.MOM.WW.OtOpcUa.Commons/Messages/Admin/RestartDriver.cs

@@ -0,0 +1,25 @@
+namespace ZB.MOM.WW.OtOpcUa.Commons.Messages.Admin;
+
+/// <summary>
+///     AdminUI → AdminOperationsActor: restart the driver actor for one instance.
+///     A restart fully stops and respawns the actor — loses in-memory state, may briefly
+///     interrupt active subscriptions. The driver actor's supervisor performs the work.
+/// </summary>
+/// <param name="ClusterId">Cluster scope identifier (for audit).</param>
+/// <param name="DriverInstanceId">The driver instance to restart.</param>
+/// <param name="ActorByUserName">The authenticated admin user who triggered the restart.</param>
+/// <param name="CorrelationId">Round-trip correlation token.</param>
+public sealed record RestartDriver(
+    string ClusterId,
+    string DriverInstanceId,
+    string ActorByUserName,
+    Guid CorrelationId);
+
+/// <summary>Reply for <see cref="RestartDriver"/>.</summary>
+/// <param name="Ok">True iff the operation was dispatched without error.</param>
+/// <param name="Message">Failure reason; null on success.</param>
+/// <param name="CorrelationId">Echoes the request's correlation token.</param>
+public sealed record RestartDriverResult(
+    bool Ok,
+    string? Message,
+    Guid CorrelationId);