feat: add logging, marketplace, and admin enhancements

Database & Migrations:
- Add application_logs table migration for hybrid cloud logging
- Add companies table migration and restructure vendor relationships

Logging System:
- Implement hybrid logging system (database + file)
- Add log_service for centralized log management
- Create admin logs page with filtering and viewing capabilities
- Add init_log_settings.py script for log configuration
- Enhance core logging with database integration

Marketplace Integration:
- Add marketplace admin page with product management
- Create marketplace vendor page with product listings
- Implement marketplace.js for both admin and vendor interfaces
- Add marketplace integration documentation

Admin Enhancements:
- Add imports management page and functionality
- Create settings page for admin configuration
- Add vendor themes management page
- Enhance vendor detail and edit pages
- Improve code quality dashboard and violation details
- Add logs viewing and management
- Update icons guide and shared icon system

Architecture & Documentation:
- Document frontend structure and component architecture
- Document models structure and relationships
- Add vendor-in-token architecture documentation
- Add vendor RBAC (role-based access control) documentation
- Document marketplace integration patterns
- Update architecture patterns documentation

Infrastructure:
- Add platform static files structure (css, img, js)
- Move architecture_scan.py to proper models location
- Update model imports and registrations
- Enhance exception handling
- Update dependency injection patterns

UI/UX:
- Improve vendor edit interface
- Update admin user interface
- Enhance page templates documentation
- Add vendor marketplace interface

app/api/deps.py

@@ -271,17 +271,18 @@ def get_current_vendor_api(
     Get current vendor user from Authorization header ONLY.
 
     Used for vendor API endpoints that should not accept cookies.
+    Validates that user still has access to the vendor specified in the token.
 
     Args:
         credentials: Bearer token from Authorization header
         db: Database session
 
     Returns:
-        User: Authenticated vendor user
+        User: Authenticated vendor user (with token_vendor_id, token_vendor_code, token_vendor_role)
 
     Raises:
         InvalidTokenException: If no token or invalid token
-        InsufficientPermissionsException: If user is not vendor or is admin
+        InsufficientPermissionsException: If user is not vendor or lost access to vendor
     """
     if not credentials:
         raise InvalidTokenException("Authorization header required for API calls")
@@ -297,6 +298,24 @@ def get_current_vendor_api(
         logger.warning(f"Non-vendor user {user.username} attempted vendor API")
         raise InsufficientPermissionsException("Vendor privileges required")
 
+    # Validate vendor access if token is vendor-scoped
+    if hasattr(user, "token_vendor_id"):
+        vendor_id = user.token_vendor_id
+
+        # Verify user still has access to this vendor
+        if not user.is_member_of(vendor_id):
+            logger.warning(
+                f"User {user.username} lost access to vendor_id={vendor_id}"
+            )
+            raise InsufficientPermissionsException(
+                "Access to vendor has been revoked. Please login again."
+            )
+
+        logger.debug(
+            f"Vendor API access: user={user.username}, vendor_id={vendor_id}, "
+            f"vendor_code={getattr(user, 'token_vendor_code', 'N/A')}"
+        )
+
     return user