refactor: migrate vendor APIs to token-based context and consolidate architecture

## Vendor-in-Token Architecture (Complete Migration)
- Migrate all vendor API endpoints from require_vendor_context() to token_vendor_id
- Update permission dependencies to extract vendor from JWT token
- Add vendor exceptions: VendorAccessDeniedException, VendorOwnerOnlyException,
  InsufficientVendorPermissionsException
- Shop endpoints retain require_vendor_context() for URL-based detection
- Add AUTH-004 architecture rule enforcing vendor context patterns
- Fix marketplace router missing /marketplace prefix

## Exception Pattern Fixes (API-003/API-004)
- Services raise domain exceptions, endpoints let them bubble up
- Add code_quality and content_page exception modules
- Move business logic from endpoints to services (admin, auth, content_page)
- Fix exception handling in admin, shop, and vendor endpoints

## Tailwind CSS Consolidation
- Consolidate CSS to per-area files (admin, vendor, shop, platform)
- Remove shared/cdn-fallback.html and shared/css/tailwind.min.css
- Update all templates to use area-specific Tailwind output files
- Remove Node.js config (package.json, postcss.config.js, tailwind.config.js)

## Documentation & Cleanup
- Update vendor-in-token-architecture.md with completed migration status
- Update architecture-rules.md with new rules
- Move migration docs to docs/development/migration/
- Remove duplicate/obsolete documentation files
- Merge pytest.ini settings into pyproject.toml

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

app/api/v1/vendor/content_pages.py

@@ -10,11 +10,12 @@ Vendors can:
 
 import logging
 
-from fastapi import APIRouter, Depends, HTTPException, Query
+from fastapi import APIRouter, Depends, Query
 from pydantic import BaseModel, Field
 from sqlalchemy.orm import Session
 
 from app.api.deps import get_current_vendor_api, get_db
+from app.exceptions.content_page import VendorNotAssociatedException
 from app.services.content_page_service import content_page_service
 from models.database.user import User
 
@@ -106,9 +107,7 @@ def list_vendor_pages(
     Returns vendor-specific overrides + platform defaults (vendor overrides take precedence).
     """
     if not current_user.vendor_id:
-        raise HTTPException(
-            status_code=403, detail="User is not associated with a vendor"
-        )
+        raise VendorNotAssociatedException()
 
     pages = content_page_service.list_pages_for_vendor(
         db, vendor_id=current_user.vendor_id, include_unpublished=include_unpublished
@@ -129,9 +128,7 @@ def list_vendor_overrides(
     Shows what the vendor has customized.
     """
     if not current_user.vendor_id:
-        raise HTTPException(
-            status_code=403, detail="User is not associated with a vendor"
-        )
+        raise VendorNotAssociatedException()
 
     pages = content_page_service.list_all_vendor_pages(
         db, vendor_id=current_user.vendor_id, include_unpublished=include_unpublished
@@ -153,20 +150,15 @@ def get_page(
     Returns vendor override if exists, otherwise platform default.
     """
     if not current_user.vendor_id:
-        raise HTTPException(
-            status_code=403, detail="User is not associated with a vendor"
-        )
+        raise VendorNotAssociatedException()
 
-    page = content_page_service.get_page_for_vendor(
+    page = content_page_service.get_page_for_vendor_or_raise(
         db,
         slug=slug,
         vendor_id=current_user.vendor_id,
         include_unpublished=include_unpublished,
     )
 
-    if not page:
-        raise HTTPException(status_code=404, detail=f"Content page not found: {slug}")
-
     return page.to_dict()
 
 
@@ -182,9 +174,7 @@ def create_vendor_page(
     This will be shown instead of the platform default for this vendor.
     """
     if not current_user.vendor_id:
-        raise HTTPException(
-            status_code=403, detail="User is not associated with a vendor"
-        )
+        raise VendorNotAssociatedException()
 
     page = content_page_service.create_page(
         db,
@@ -218,24 +208,13 @@ def update_vendor_page(
     Can only update pages owned by this vendor.
     """
     if not current_user.vendor_id:
-        raise HTTPException(
-            status_code=403, detail="User is not associated with a vendor"
-        )
+        raise VendorNotAssociatedException()
 
-    # Verify ownership
-    existing_page = content_page_service.get_page_by_id(db, page_id)
-    if not existing_page:
-        raise HTTPException(status_code=404, detail="Content page not found")
-
-    if existing_page.vendor_id != current_user.vendor_id:
-        raise HTTPException(
-            status_code=403, detail="Cannot edit pages from other vendors"
-        )
-
-    # Update
-    page = content_page_service.update_page(
+    # Update with ownership check in service layer
+    page = content_page_service.update_vendor_page(
         db,
         page_id=page_id,
+        vendor_id=current_user.vendor_id,
         title=page_data.title,
         content=page_data.content,
         content_format=page_data.content_format,
@@ -264,21 +243,7 @@ def delete_vendor_page(
     After deletion, platform default will be shown (if exists).
     """
     if not current_user.vendor_id:
-        raise HTTPException(
-            status_code=403, detail="User is not associated with a vendor"
-        )
+        raise VendorNotAssociatedException()
 
-    # Verify ownership
-    existing_page = content_page_service.get_page_by_id(db, page_id)
-    if not existing_page:
-        raise HTTPException(status_code=404, detail="Content page not found")
-
-    if existing_page.vendor_id != current_user.vendor_id:
-        raise HTTPException(
-            status_code=403, detail="Cannot delete pages from other vendors"
-        )
-
-    # Delete
-    content_page_service.delete_page(db, page_id)
-
-    return
+    # Delete with ownership check in service layer
+    content_page_service.delete_vendor_page(db, page_id, current_user.vendor_id)