Use ListOrgOrganizations when switching orgs

Replace GetOrgOrganization (GET by ID) with ListOrgOrganizations (list)
for validation in the use command, since the org-scoped JWT only allows
reading the current org. Add integration test for already-active org
path to increase coverage.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: ap00rv

internal/organization/command_use.go

@@ -48,8 +48,26 @@ func (c *command) validArgs(cmd *cobra.Command, args []string) []string {
 func (c *command) use(_ *cobra.Command, args []string) error {
 	id := args[0]
 
-	if _, httpResp, err := c.V2Client.GetOrgOrganization(id); err != nil {
-		return errors.CatchCCloudV2ResourceNotFoundError(err, resource.Organization, httpResp)
+	// Use the list endpoint instead of get-by-ID because the org-scoped JWT
+	// only authorizes reading the *current* organization. The list endpoint
+	// returns every organization the user belongs to regardless of JWT scope.
+	organizations, err := c.V2Client.ListOrgOrganizations()
+	if err != nil {
+		return fmt.Errorf("failed to list organizations: %w", err)
+	}
+
+	found := false
+	for _, org := range organizations {
+		if org.GetId() == id {
+			found = true
+			break
+		}
+	}
+	if !found {
+		return errors.NewErrorWithSuggestions(
+			fmt.Sprintf(`organization "%s" not found or access forbidden`, id),
+			"List available organizations with `organization list`.",
+		)
 	}
 
 	if id == c.Context.GetCurrentOrganization() {

test/fixtures/output/organization/use-already-active.golden

@@ -0,0 +1 @@
+Using organization "abc-123".

test/fixtures/output/organization/use-not-found.golden

@@ -1,4 +1,4 @@
-Error: organization not found or access forbidden: Resource not found or access forbidden
+Error: organization "org-dne" not found or access forbidden
 
 Suggestions:
     List available organizations with `organization list`.

test/organization_test.go

@@ -15,6 +15,7 @@ func (s *CLITestSuite) TestOrganization() {
 		{args: "organization update --name default-updated", fixture: "organization/update.golden"},
 		{args: "organization update --name default-updated -o json", fixture: "organization/update-json.golden"},
 		{args: "organization use abc-456", fixture: "organization/use.golden"},
+		{args: "organization use abc-123", fixture: "organization/use-already-active.golden"},
 	}
 
 	for _, test := range tests {
@@ -49,10 +50,9 @@ func (s *CLITestSuite) TestOrganization() {
 		s.runIntegrationTest(test)
 	})
 
+	// The use command validates via the list endpoint, so org-dne simply
+	// won't appear in the returned list — no need for TestOrgNotFound.
 	s.T().Run("organization use not found", func(t *testing.T) {
-		testserver.TestOrgNotFound = true
-		defer func() { testserver.TestOrgNotFound = false }()
-
 		test := CLITest{
 			args:     "organization use org-dne",
 			fixture:  "organization/use-not-found.golden",