Fix CLI delete to use admin protection logic

Updates the CLI delete command to use UserManager.delete_user()
instead of direct session manipulation, ensuring consistent
admin protection between CLI and API endpoints.

Changes:
- Refactored delete command to call UserManager.delete_user()
- Added HTTPException handling for validation errors
- Updated all delete tests to mock UserManager instead of session
- Added test_delete_last_admin_blocked for admin protection
- Removed unnecessary try/except that immediately re-raised

The CLI now correctly prevents deletion of the last admin user,
matching the behavior of the API endpoint.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

Author: seapagan

app/commands/user.py

@@ -356,31 +356,25 @@ def delete(
 ) -> None:
     """Delete the user with the given id."""
 
-    async def _delete_user(user_id: int) -> User | None:
+    async def _delete_user(user_id: int) -> None:
         """Async function to delete a user."""
         try:
             async with async_session() as session:
                 await check_db_initialized(session)
-                user = await session.get(User, user_id)
-                if user:
-                    await session.delete(user)
-                    await session.commit()
+                await UserManager.delete_user(user_id, user_id, session)
+                await session.commit()
+        except HTTPException as exc:
+            rprint(f"\n[RED]-> ERROR deleting that User : [bold]{exc.detail}\n")
+            raise typer.Exit(1) from exc
         except SQLAlchemyError as exc:
             rprint(f"\n[RED]-> ERROR deleting that User : [bold]{exc}\n")
             raise typer.Exit(1) from exc
-        else:
-            return user
 
-    user = aiorun(_delete_user(user_id))
-
-    if user:
-        rprint(
-            f"\n[green]-> User [bold]{user_id}[/bold] "
-            f"[red]DELETED[/red] succesfully."
-        )
-    else:
-        rprint("\n[red]-> ERROR deleting that User : [bold]User not found\n")
-        raise typer.Exit(1)
+    aiorun(_delete_user(user_id))
+    rprint(
+        f"\n[green]-> User [bold]{user_id}[/bold] "
+        f"[red]DELETED[/red] succesfully."
+    )
 
 
 @app.command()

tests/cli/test_cli_user_command.py

@@ -561,40 +561,29 @@ def test_admin_missing_user(
     # ------------------------------------------------------------------------ #
     def test_delete_user(self, runner: CliRunner, mocker, test_user) -> None:
         """Test that the 'delete' command works."""
-        mock_session = mocker.patch(
-            self.patch_async_session,
-        )
-
-        mock_session.return_value.__aenter__.return_value.get.return_value = (
-            test_user
+        mock_manager = mocker.patch(
+            "app.commands.user.UserManager.delete_user",
+            return_value=None,
         )
+        mocker.patch(self.patch_async_session)
 
         result = runner.invoke(app, ["user", "delete", str(test_user.id)])
         assert result.exit_code == 0
 
-        assert mock_session.called
-        assert mock_session.return_value.__aenter__.return_value.commit.called
-
+        assert mock_manager.called
         assert f"User {test_user.id} DELETED" in result.output
 
     def test_delete_sqlalchemy_error(
         self, runner: CliRunner, mocker, test_user
     ) -> None:
         """Test that the 'delete' command exits when there is an error."""
-        mock_session = mocker.patch(
-            self.patch_async_session,
-        )
-        mock_session.return_value.__aenter__.return_value.get.side_effect = (
-            SQLAlchemyError("Ooooops!!")
-        )
-        result = runner.invoke(app, ["user", "delete", str(test_user.id)])
-        assert result.exit_code == 1
-
-        assert mock_session.called
-        assert (
-            not mock_session.return_value.__aenter__.return_value.commit.called
+        mocker.patch(
+            "app.commands.user.UserManager.delete_user",
+            side_effect=SQLAlchemyError("Ooooops!!"),
         )
+        mocker.patch(self.patch_async_session)
 
+        result = runner.invoke(app, ["user", "delete", str(test_user.id)])
         assert result.exit_code == 1
 
         assert "ERROR deleting that User" in result.output
@@ -604,23 +593,39 @@ def test_delete_missing_user(
         self, runner: CliRunner, mocker, test_user
     ) -> None:
         """Test that the 'delete' command exits when the user is missing."""
-        mock_session = mocker.patch(
-            self.patch_async_session,
-        )
-        mock_session.return_value.__aenter__.return_value.get.return_value = (
-            None
+        mocker.patch(
+            "app.commands.user.UserManager.delete_user",
+            side_effect=HTTPException(
+                status_code=status.HTTP_404_NOT_FOUND,
+                detail=ErrorMessages.USER_INVALID,
+            ),
         )
+        mocker.patch(self.patch_async_session)
 
         result = runner.invoke(app, ["user", "delete", str(test_user.id)])
         assert result.exit_code == 1
 
-        assert mock_session.called
-        assert (
-            not mock_session.return_value.__aenter__.return_value.commit.called
+        assert "ERROR deleting that User" in result.output
+        assert ErrorMessages.USER_INVALID in result.output
+
+    def test_delete_last_admin_blocked(
+        self, runner: CliRunner, mocker, test_admin
+    ) -> None:
+        """Test that deleting the last admin is blocked."""
+        mocker.patch(
+            "app.commands.user.UserManager.delete_user",
+            side_effect=HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail=ErrorMessages.CANT_DELETE_LAST_ADMIN,
+            ),
         )
+        mocker.patch(self.patch_async_session)
+
+        result = runner.invoke(app, ["user", "delete", str(test_admin.id)])
+        assert result.exit_code == 1
 
         assert "ERROR deleting that User" in result.output
-        assert "User not found" in result.output
+        assert ErrorMessages.CANT_DELETE_LAST_ADMIN in result.output
 
     # ------------------------------------------------------------------------ #
     #                         test 'search' subcommand                         #