Apply visibility filtering to dashboard statistics

StatsModel.getAllStats() now accepts a user array and applies the same
getVisibilityFilter() logic used by ticket listings. Admins continue to
share a single cached result; non-admin users get per-user cache entries
so confidential ticket counts are not leaked in dashboard stats.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

controllers/DashboardController.php

@@ -155,7 +155,7 @@ class DashboardController {
         $totalPages = $result['pages'];
 
         // Load dashboard statistics
-        $stats = $this->statsModel->getAllStats();
+        $stats = $this->statsModel->getAllStats($GLOBALS['currentUser'] ?? []);
 
         // Load the dashboard view
         include 'views/DashboardView.php';