refactor(api): introduce UserContext schema for API dependency injection

Replace direct User database model imports in API endpoints with UserContext
schema, following the architecture principle that API routes should not import
database models directly.

Changes:
- Create UserContext schema in models/schema/auth.py with from_user() factory
- Update app/api/deps.py to return UserContext from all auth dependencies
- Add _get_user_model() helper for functions needing User model access
- Update 58 API endpoint files to use UserContext instead of User
- Add noqa comments for 4 legitimate edge cases (enums, internal helpers)

Architecture validation: 0 errors (down from 61), 11 warnings remain

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

app/api/v1/admin/code_quality.py

@@ -20,7 +20,7 @@ from app.services.code_quality_service import (
 )
 from app.tasks.code_quality_tasks import execute_code_quality_scan
 from app.modules.dev_tools.models import ArchitectureScan
-from models.database.user import User
+from models.schema.auth import UserContext
 from app.modules.analytics.schemas import CodeQualityDashboardStatsResponse
 
 router = APIRouter()
@@ -197,7 +197,7 @@ async def trigger_scan(
     request: ScanRequest = None,
     background_tasks: BackgroundTasks = None,
     db: Session = Depends(get_db),
-    current_user: User = Depends(get_current_admin_api),
+    current_user: UserContext = Depends(get_current_admin_api),
 ):
     """
     Trigger code quality scan(s) as background tasks.
@@ -255,7 +255,7 @@ async def trigger_scan(
 async def get_scan_status(
     scan_id: int,
     db: Session = Depends(get_db),
-    current_user: User = Depends(get_current_admin_api),
+    current_user: UserContext = Depends(get_current_admin_api),
 ):
     """
     Get status of a specific scan.
@@ -272,7 +272,7 @@ async def get_scan_status(
 @router.get("/scans/running", response_model=list[ScanResponse])
 async def get_running_scans(
     db: Session = Depends(get_db),
-    current_user: User = Depends(get_current_admin_api),
+    current_user: UserContext = Depends(get_current_admin_api),
 ):
     """
     Get all currently running scans.
@@ -290,7 +290,7 @@ async def list_scans(
         None, description="Filter by validator type"
     ),
     db: Session = Depends(get_db),
-    current_user: User = Depends(get_current_admin_api),
+    current_user: UserContext = Depends(get_current_admin_api),
 ):
     """
     Get scan history
@@ -326,7 +326,7 @@ async def list_violations(
     page: int = Query(1, ge=1, description="Page number"),
     page_size: int = Query(50, ge=1, le=200, description="Items per page"),
     db: Session = Depends(get_db),
-    current_user: User = Depends(get_current_admin_api),
+    current_user: UserContext = Depends(get_current_admin_api),
 ):
     """
     Get violations with filtering and pagination
@@ -384,7 +384,7 @@ async def list_violations(
 async def get_violation(
     violation_id: int,
     db: Session = Depends(get_db),
-    current_user: User = Depends(get_current_admin_api),
+    current_user: UserContext = Depends(get_current_admin_api),
 ):
     """
     Get single violation with details
@@ -450,7 +450,7 @@ async def assign_violation(
     violation_id: int,
     request: AssignViolationRequest,
     db: Session = Depends(get_db),
-    current_user: User = Depends(get_current_admin_api),
+    current_user: UserContext = Depends(get_current_admin_api),
 ):
     """
     Assign violation to a developer
@@ -483,7 +483,7 @@ async def resolve_violation(
     violation_id: int,
     request: ResolveViolationRequest,
     db: Session = Depends(get_db),
-    current_user: User = Depends(get_current_admin_api),
+    current_user: UserContext = Depends(get_current_admin_api),
 ):
     """
     Mark violation as resolved
@@ -515,7 +515,7 @@ async def ignore_violation(
     violation_id: int,
     request: IgnoreViolationRequest,
     db: Session = Depends(get_db),
-    current_user: User = Depends(get_current_admin_api),
+    current_user: UserContext = Depends(get_current_admin_api),
 ):
     """
     Mark violation as ignored (won't fix)
@@ -547,7 +547,7 @@ async def add_comment(
     violation_id: int,
     request: AddCommentRequest,
     db: Session = Depends(get_db),
-    current_user: User = Depends(get_current_admin_api),
+    current_user: UserContext = Depends(get_current_admin_api),
 ):
     """
     Add comment to violation
@@ -577,7 +577,7 @@ async def get_dashboard_stats(
         None, description="Filter by validator type (returns combined stats if not specified)"
     ),
     db: Session = Depends(get_db),
-    current_user: User = Depends(get_current_admin_api),
+    current_user: UserContext = Depends(get_current_admin_api),
 ):
     """
     Get dashboard statistics
@@ -602,7 +602,7 @@ async def get_dashboard_stats(
 
 @router.get("/validator-types")
 async def get_validator_types(
-    current_user: User = Depends(get_current_admin_api),
+    current_user: UserContext = Depends(get_current_admin_api),
 ):
     """
     Get list of available validator types