feat(resources): add hard-delete action to resource list (per-row and batch)

- Add batchHardDelete adminProcedure to resource-mutations router
- Per-row Delete button visible to ADMIN role only
- Delete Selected button in BatchActionBar for ADMIN role only
- Two-step confirmation dialogs with permanent-action warnings
- Audit log written for each deleted resource

Co-Authored-By: claude-flow <ruv@ruv.net>

packages/api/src/router/resource-mutations.ts

@@ -289,4 +289,31 @@ export const resourceMutationProcedures = {
 
       return { deleted: true };
     }),
+
+  batchHardDelete: adminProcedure
+    .input(z.object({ ids: z.array(z.string()).min(1) }))
+    .mutation(async ({ ctx, input }) => {
+      const resources = await ctx.db.resource.findMany({
+        where: { id: { in: input.ids } },
+        select: { id: true, displayName: true, eid: true },
+      });
+
+      await ctx.db.$transaction([
+        ctx.db.assignment.deleteMany({ where: { resourceId: { in: input.ids } } }),
+        ctx.db.vacation.deleteMany({ where: { resourceId: { in: input.ids } } }),
+        ctx.db.resource.deleteMany({ where: { id: { in: input.ids } } }),
+      ]);
+
+      await ctx.db.auditLog.createMany({
+        data: resources.map((r) => ({
+          entityType: "Resource",
+          entityId: r.id,
+          action: "DELETE",
+          userId: ctx.dbUser?.id,
+          changes: { before: r } as unknown as import("@capakraken/db").Prisma.InputJsonValue,
+        })),
+      });
+
+      return { deleted: resources.length };
+    }),
 };