Implement Hackathon Reset API Endpoint

[balebbae]

Summary

Add a POST /v1/superadmin/reset-hackathon endpoint (super_admin only) that performs a complete database reset while preserving users. This is needed for resetting the system after a hackathon ends or after QA testing before a new event.

Requirements

Backend API Endpoint

• POST /v1/superadmin/reset-hackathon — under the existing superadmin route group with RequireRoleMiddleware(RoleSuperAdmin)
• Register the route in cmd/api/api.go within the /v1/superadmin/ router group
• Accepts a JSON body with granular reset options (checklist):
  • reset_applications (bool) — truncates applications table (CASCADE deletes application_reviews)
  • reset_scans (bool) — truncates scans table
  • reset_schedule (bool) — truncates schedule table
  • reset_settings (bool) — resets scan_stats to {} and review_assignment_toggle to []
• All operations run in a single transaction
• Log who triggered the reset and what was reset (audit trail)
• If reset_applications is true, also handle cleanup of uploaded resume files from storage (S3/local)
• Return success/failure response with details of what was reset

Frontend (Admin Dashboard)

• Add a "Reset Hackathon" button in the super_admin settings/dashboard area
• Show a confirmation dialog that:
  • Lists exactly what will be deleted with checkboxes for granular control
  • Requires typing a confirmation phrase (e.g., "RESET HACKATHON") to prevent accidental resets
  • Shows warning about irreversibility
• Display success/error toast after the operation

Database Considerations

• applications CASCADE deletes application_reviews automatically
• users table is never touched
• settings table is selectively reset (stats/toggles only), not truncated
• short_answer_questions and scan_types settings should be preserved (default: preserve)

Testing

• Add handler tests for the reset endpoint
• Test transaction rollback on partial failure
• Test authorization (only super_admin can access)

Implementation Notes

• Route file: cmd/api/api.go — add to the existing r.Route("/v1/superadmin", ...) group
• Middleware: AuthRequiredMiddleware → RequireRoleMiddleware(RoleSuperAdmin) (already applied to superadmin group)
• Follow existing patterns for handler, store method, and request/response types

[NoelVarghese2006]

Log who triggered the reset and what was reset (audit trail)

wdym by what was the reset? Should I ask why the reset or am I missing something?

[balebbae]

Honestly ig you don't even need a reset trail, it's not like were letting them undo the reset.