refactor: complete module-driven architecture migration

This commit completes the migration to a fully module-driven architecture:

## Models Migration
- Moved all domain models from models/database/ to their respective modules:
  - tenancy: User, Admin, Vendor, Company, Platform, VendorDomain, etc.
  - cms: MediaFile, VendorTheme
  - messaging: Email, VendorEmailSettings, VendorEmailTemplate
  - core: AdminMenuConfig
- models/database/ now only contains Base and TimestampMixin (infrastructure)

## Schemas Migration
- Moved all domain schemas from models/schema/ to their respective modules:
  - tenancy: company, vendor, admin, team, vendor_domain
  - cms: media, image, vendor_theme
  - messaging: email
- models/schema/ now only contains base.py and auth.py (infrastructure)

## Routes Migration
- Moved admin routes from app/api/v1/admin/ to modules:
  - menu_config.py -> core module
  - modules.py -> tenancy module
  - module_config.py -> tenancy module
- app/api/v1/admin/ now only aggregates auto-discovered module routes

## Menu System
- Implemented module-driven menu system with MenuDiscoveryService
- Extended FrontendType enum: PLATFORM, ADMIN, VENDOR, STOREFRONT
- Added MenuItemDefinition and MenuSectionDefinition dataclasses
- Each module now defines its own menu items in definition.py
- MenuService integrates with MenuDiscoveryService for template rendering

## Documentation
- Updated docs/architecture/models-structure.md
- Updated docs/architecture/menu-management.md
- Updated architecture validation rules for new exceptions

## Architecture Validation
- Updated MOD-019 rule to allow base.py in models/schema/
- Created core module exceptions.py and schemas/ directory
- All validation errors resolved (only warnings remain)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

app/modules/tenancy/models/vendor_domain.py

@@ -0,0 +1,99 @@
+# app/modules/tenancy/models/vendor_domain.py
+"""
+Vendor Domain Model - Maps custom domains to vendors
+"""
+
+from sqlalchemy import (
+    Boolean,
+    Column,
+    DateTime,
+    ForeignKey,
+    Index,
+    Integer,
+    String,
+    UniqueConstraint,
+)
+from sqlalchemy.orm import relationship
+
+from app.core.database import Base
+from models.database.base import TimestampMixin
+
+
+class VendorDomain(Base, TimestampMixin):
+    """
+    Maps custom domains to vendors for multi-domain routing.
+
+    Examples:
+    - customdomain1.com -> Vendor 1
+    - shop.mybusiness.com -> Vendor 2
+    - www.customdomain1.com -> Vendor 1 (www is stripped)
+    """
+
+    __tablename__ = "vendor_domains"
+
+    id = Column(Integer, primary_key=True, index=True)
+    vendor_id = Column(
+        Integer, ForeignKey("vendors.id", ondelete="CASCADE"), nullable=False
+    )
+
+    # Domain configuration
+    domain = Column(String(255), nullable=False, unique=True, index=True)
+    is_primary = Column(Boolean, default=False, nullable=False)
+    is_active = Column(Boolean, default=True, nullable=False)
+
+    # SSL/TLS status (for monitoring)
+    ssl_status = Column(
+        String(50), default="pending"
+    )  # pending, active, expired, error
+    ssl_verified_at = Column(DateTime(timezone=True), nullable=True)
+
+    # DNS verification (to confirm domain ownership)
+    verification_token = Column(String(100), unique=True, nullable=True)
+    is_verified = Column(Boolean, default=False, nullable=False)
+    verified_at = Column(DateTime(timezone=True), nullable=True)
+
+    # Relationships
+    vendor = relationship("Vendor", back_populates="domains")
+
+    # Constraints
+    __table_args__ = (
+        UniqueConstraint("vendor_id", "domain", name="uq_vendor_domain"),
+        Index("idx_domain_active", "domain", "is_active"),
+        Index("idx_vendor_primary", "vendor_id", "is_primary"),
+    )
+
+    def __repr__(self):
+        return f"<VendorDomain(domain='{self.domain}', vendor_id={self.vendor_id})>"
+
+    @property
+    def full_url(self):
+        """Return full URL with https"""
+        return f"https://{self.domain}"
+
+    @classmethod
+    def normalize_domain(cls, domain: str) -> str:
+        """
+        Normalize domain for consistent storage.
+
+        Examples:
+        - https://example.com -> example.com
+        - www.example.com -> example.com
+        - EXAMPLE.COM -> example.com
+        """
+        # Remove protocol
+        domain = domain.replace("https://", "").replace("http://", "")  # noqa: SEC-034
+
+        # Remove trailing slash
+        domain = domain.rstrip("/")
+
+        # Remove www prefix (optional - depends on your preference)
+        # if domain.startswith("www."):
+        #     domain = domain[4:]
+
+        # Convert to lowercase
+        domain = domain.lower()
+
+        return domain
+
+
+__all__ = ["VendorDomain"]