What type of PR is this?

This is a feature

What does this do?

This PR introduces a safeguard that prevents all members from being removed from the built-in admin role on any domain. When an attempt is made to remove the last user from the admin role, the system now rejects the request with:

{
    "error": "",
    "message": "failed to remove entity"
}

This ensures that at least one user always retains admin privileges, preventing domains from becoming orphaned.

Example behavior:

• If a domain has 2 admin users, removing one is allowed.
• Attempting to remove both in the same request is rejected.
• If only one admin remains, any attempt to remove them is blocked.

Which issue(s) does this PR fix/relate to?

• Resolves Feature: Prevent removing of all users from Built in admin role #2739
• Related # SMQ-226 - Add built-in admin role deletions restrictions to docs supermq-docs#223

Have you included tests for your changes?

Yes. Manual testing was performed by removing members via the /domains/{domainID}/roles/{roleID}/members/delete endpoint and verifying behavior with various admin user counts. Unit tests will follow up in a separate test refactor PR.

Did you document any new/modified feature?

Yes. Documented at absmach/supermq-docs#223

Notes