refactor: migrate remaining routes to modules and enforce auto-discovery

MIGRATION:
- Delete app/api/v1/vendor/analytics.py (duplicate - analytics module already auto-discovered)
- Move usage routes from app/api/v1/vendor/usage.py to billing module
- Move onboarding routes from app/api/v1/vendor/onboarding.py to marketplace module
- Move features routes to billing module (admin + vendor)
- Move inventory routes to inventory module (admin + vendor)
- Move marketplace/letzshop routes to marketplace module
- Move orders routes to orders module
- Delete legacy letzshop service files (moved to marketplace module)

DOCUMENTATION:
- Add docs/development/migration/module-autodiscovery-migration.md with full migration history
- Update docs/architecture/module-system.md with Entity Auto-Discovery Reference section
- Add detailed sections for each entity type: routes, services, models, schemas, tasks,
  exceptions, templates, static files, locales, configuration

ARCHITECTURE VALIDATION:
- Add MOD-016: Routes must be in modules, not app/api/v1/
- Add MOD-017: Services must be in modules, not app/services/
- Add MOD-018: Tasks must be in modules, not app/tasks/
- Add MOD-019: Schemas must be in modules, not models/schema/
- Update scripts/validate_architecture.py with _validate_legacy_locations method
- Update .architecture-rules/module.yaml with legacy location rules

These rules enforce that all entities must be in self-contained modules.
Legacy locations now trigger ERROR severity violations.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

app/modules/orders/routes/__init__.py

@@ -6,23 +6,31 @@ This module provides functions to register orders routes
 with module-based access control.
 
 NOTE: Routers are NOT auto-imported to avoid circular dependencies.
-Import directly from admin.py or vendor.py as needed:
-  from app.modules.orders.routes.admin import admin_router
-  from app.modules.orders.routes.vendor import vendor_router
+Import directly from api submodule as needed:
+  from app.modules.orders.routes.api import admin_router
+  from app.modules.orders.routes.api import vendor_router
 """
 
-# Routers are imported on-demand to avoid circular dependencies
-# Do NOT add auto-imports here
-
-__all__ = ["admin_router", "vendor_router"]
+__all__ = [
+    "admin_router",
+    "admin_exceptions_router",
+    "vendor_router",
+    "vendor_exceptions_router",
+]
 
 
 def __getattr__(name: str):
     """Lazy import routers to avoid circular dependencies."""
     if name == "admin_router":
-        from app.modules.orders.routes.admin import admin_router
+        from app.modules.orders.routes.api import admin_router
         return admin_router
+    elif name == "admin_exceptions_router":
+        from app.modules.orders.routes.api import admin_exceptions_router
+        return admin_exceptions_router
     elif name == "vendor_router":
-        from app.modules.orders.routes.vendor import vendor_router
+        from app.modules.orders.routes.api import vendor_router
         return vendor_router
+    elif name == "vendor_exceptions_router":
+        from app.modules.orders.routes.api import vendor_exceptions_router
+        return vendor_exceptions_router
     raise AttributeError(f"module {__name__!r} has no attribute {name!r}")

app/modules/orders/routes/admin.py

@@ -1,40 +0,0 @@
-# app/modules/orders/routes/admin.py
-"""
-Orders module admin routes.
-
-This module wraps the existing admin orders routes and adds
-module-based access control. Routes are re-exported from the
-original location with the module access dependency.
-
-Includes:
-- /orders/* - Order management
-- /order-item-exceptions/* - Exception handling
-"""
-
-from fastapi import APIRouter, Depends
-
-from app.api.deps import require_module_access
-
-# Import original routers (direct import to avoid circular dependency)
-from app.api.v1.admin.orders import router as orders_original_router
-from app.api.v1.admin.order_item_exceptions import router as exceptions_original_router
-
-# Create module-aware router for orders
-admin_router = APIRouter(
-    prefix="/orders",
-    dependencies=[Depends(require_module_access("orders"))],
-)
-
-# Re-export all routes from the original orders module
-for route in orders_original_router.routes:
-    admin_router.routes.append(route)
-
-# Create separate router for order item exceptions
-# This is included separately in the admin __init__.py
-admin_exceptions_router = APIRouter(
-    prefix="/order-item-exceptions",
-    dependencies=[Depends(require_module_access("orders"))],
-)
-
-for route in exceptions_original_router.routes:
-    admin_exceptions_router.routes.append(route)

app/modules/orders/routes/vendor.py

@@ -1,39 +0,0 @@
-# app/modules/orders/routes/vendor.py
-"""
-Orders module vendor routes.
-
-This module wraps the existing vendor orders routes and adds
-module-based access control. Routes are re-exported from the
-original location with the module access dependency.
-
-Includes:
-- /orders/* - Order management
-- /order-item-exceptions/* - Exception handling
-"""
-
-from fastapi import APIRouter, Depends
-
-from app.api.deps import require_module_access
-
-# Import original routers (direct import to avoid circular dependency)
-from app.api.v1.vendor.orders import router as orders_original_router
-from app.api.v1.vendor.order_item_exceptions import router as exceptions_original_router
-
-# Create module-aware router for orders
-vendor_router = APIRouter(
-    prefix="/orders",
-    dependencies=[Depends(require_module_access("orders"))],
-)
-
-# Re-export all routes from the original orders module
-for route in orders_original_router.routes:
-    vendor_router.routes.append(route)
-
-# Create separate router for order item exceptions
-vendor_exceptions_router = APIRouter(
-    prefix="/order-item-exceptions",
-    dependencies=[Depends(require_module_access("orders"))],
-)
-
-for route in exceptions_original_router.routes:
-    vendor_exceptions_router.routes.append(route)