refactor(api): introduce UserContext schema for API dependency injection

Replace direct User database model imports in API endpoints with UserContext
schema, following the architecture principle that API routes should not import
database models directly.

Changes:
- Create UserContext schema in models/schema/auth.py with from_user() factory
- Update app/api/deps.py to return UserContext from all auth dependencies
- Add _get_user_model() helper for functions needing User model access
- Update 58 API endpoint files to use UserContext instead of User
- Add noqa comments for 4 legitimate edge cases (enums, internal helpers)

Architecture validation: 0 errors (down from 61), 11 warnings remain

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

app/api/v1/admin/modules.py

@@ -22,7 +22,7 @@ from app.api.deps import get_current_super_admin, get_db
 from app.modules.registry import MODULES, get_core_module_codes
 from app.modules.service import module_service
 from app.services.platform_service import platform_service
-from models.database.user import User
+from models.schema.auth import UserContext
 
 logger = logging.getLogger(__name__)
 router = APIRouter(prefix="/modules")
@@ -100,7 +100,7 @@ def _build_module_response(
     is_enabled: bool,
 ) -> ModuleResponse:
     """Build ModuleResponse from module code."""
-    from models.database.admin_menu_config import FrontendType
+    from models.database.admin_menu_config import FrontendType  # noqa: API-007 - Enum for type safety
 
     module = MODULES.get(code)
     if not module:
@@ -127,7 +127,7 @@ def _build_module_response(
 
 @router.get("", response_model=ModuleListResponse)
 async def list_all_modules(
-    current_user: User = Depends(get_current_super_admin),
+    current_user: UserContext = Depends(get_current_super_admin),
 ):
     """
     List all available modules.
@@ -157,7 +157,7 @@ async def list_all_modules(
 async def get_platform_modules(
     platform_id: int = Path(..., description="Platform ID"),
     db: Session = Depends(get_db),
-    current_user: User = Depends(get_current_super_admin),
+    current_user: UserContext = Depends(get_current_super_admin),
 ):
     """
     Get module configuration for a platform.
@@ -202,7 +202,7 @@ async def update_platform_modules(
     update_data: EnableModulesRequest,
     platform_id: int = Path(..., description="Platform ID"),
     db: Session = Depends(get_db),
-    current_user: User = Depends(get_current_super_admin),
+    current_user: UserContext = Depends(get_current_super_admin),
 ):
     """
     Update enabled modules for a platform.
@@ -250,7 +250,7 @@ async def enable_module(
     request: ToggleModuleRequest,
     platform_id: int = Path(..., description="Platform ID"),
     db: Session = Depends(get_db),
-    current_user: User = Depends(get_current_super_admin),
+    current_user: UserContext = Depends(get_current_super_admin),
 ):
     """
     Enable a single module for a platform.
@@ -293,7 +293,7 @@ async def disable_module(
     request: ToggleModuleRequest,
     platform_id: int = Path(..., description="Platform ID"),
     db: Session = Depends(get_db),
-    current_user: User = Depends(get_current_super_admin),
+    current_user: UserContext = Depends(get_current_super_admin),
 ):
     """
     Disable a single module for a platform.
@@ -341,7 +341,7 @@ async def disable_module(
 async def enable_all_modules(
     platform_id: int = Path(..., description="Platform ID"),
     db: Session = Depends(get_db),
-    current_user: User = Depends(get_current_super_admin),
+    current_user: UserContext = Depends(get_current_super_admin),
 ):
     """
     Enable all modules for a platform.
@@ -372,7 +372,7 @@ async def enable_all_modules(
 async def disable_optional_modules(
     platform_id: int = Path(..., description="Platform ID"),
     db: Session = Depends(get_db),
-    current_user: User = Depends(get_current_super_admin),
+    current_user: UserContext = Depends(get_current_super_admin),
 ):
     """
     Disable all optional modules for a platform, keeping only core modules.