feat: Q&A submission deadline for events

[GerardPaligot]

Summary

• Organisers can set an optional Q&A submission deadline (date + time) on an event. Once it passes, partners can no longer add, edit, or delete their Scanzee questions, and see a message explaining why.
• Server (authoritative): deadline enforced in QandaRepositoryExposed.create/update/delete (HTTP 403 once now > deadline, compared in UTC). Persisted on EventsTable.qanda_submission_deadline, exposed via EventDisplay.qanda_config.submission_deadline. New registered schema migration adds the column to existing DBs.
• OpenAPI: flat input field qanda_submission_deadline on create_event; new qanda_config response schema (also closes a pre-existing gap where qanda_config was never typed in responses); front client regenerated.
• Front: organiser sets the deadline in EventForm (datetime-local); partner Scanzee page shows an amber banner and disables every create/edit/delete control when the deadline has passed (parsed as UTC to match the server).
• Backward compatible: a null deadline means no enforcement — existing events behave exactly as before.

Notes for reviewers

• front/utils/api.ts shows a large but cosmetic diff: regenerating against the repo's current orval config reformatted the whole file from double to single quotes. The only real API-surface additions are QandaConfigSchema, qanda_config, submission_deadline, and qanda_submission_deadline (no endpoints/types removed — verified by symbol-set comparison). Squash if desired.
• The deadline uses the existing UTC datetime convention (same as created_at / submission_*); no per-event timezone was introduced. The message is hardcoded French to match the existing Scanzee/EventForm pages (no i18n machinery added).
• Out-of-scope follow-ups noted during review (not addressed here): update() lacks a qandaEnabled guard (pre-existing); the front-wide date formatters parse naive server datetimes as local time while this feature parses as UTC (this feature is the more correct one).
• Design spec & implementation plan are included under docs/superpowers/.

Test plan

• Server ./gradlew check green — contract tests cover: config PUT/GET deadline round-trip, disable→null clearing, and 403 on create/update/delete after the deadline.
• Front npm run lint clean.
• Manual: as organiser set a past deadline on a Q&A-enabled event → partner Scanzee shows the banner and all controls are disabled; clear it or set a future deadline → controls enabled again.

🤖 Generated with Claude Code