feat(backend): ajout 8 endpoints manquants workflow financier

Endpoints ajoutés :
- POST /api/finance/approvals - requestApproval (avec organizationId)
- GET /api/finance/approvals/history - historique filtrable
- PUT /api/finance/budgets/{id} - updateBudget (name, description, status)
- DELETE /api/finance/budgets/{id} - deleteBudget (soft delete)
- GET /api/finance/stats - statistiques workflow global
- GET /api/finance/audit-logs - logs d'audit filtrables
- GET /api/finance/audit-logs/anomalies - détection anomalies
- POST /api/finance/audit-logs/export - export CSV/PDF

Services :
- ApprovalService.requestApproval() : logique niveaux LEVEL1/2/3 selon montant
- ApprovalService.getApprovalsHistory() : filtres date + statut
- BudgetService.updateBudget() : validation statut + approbation
- BudgetService.deleteBudget() : soft delete (actif=false)

Notes :
- Niveau approbation : <100K=NONE, 100K-1M=LEVEL1, 1M-5M=LEVEL2, >5M=LEVEL3
- organizationId optionnel dans requestApproval (pas de récup auto depuis Membre)
- FinanceWorkflowResource créé pour stats/audit (implémentation stub)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

src/main/java/dev/lions/unionflow/server/resource/BudgetResource.java

@@ -135,6 +135,58 @@ public class BudgetResource {
         }
     }
 
+    @PUT
+    @Path("/{budgetId}")
+    @RolesAllowed({"ORG_ADMIN", "SUPER_ADMIN"})
+    @Operation(summary = "Met à jour un budget",
+               description = "Modifie un budget existant (nom, description, lignes, statut)")
+    public Response updateBudget(
+            @PathParam("budgetId") UUID budgetId,
+            Map<String, Object> updates) {
+        LOG.infof("PUT /api/finance/budgets/%s", budgetId);
+
+        try {
+            BudgetResponse budget = budgetService.updateBudget(budgetId, updates);
+            return Response.ok(budget).build();
+        } catch (NotFoundException e) {
+            return Response.status(Response.Status.NOT_FOUND)
+                .entity(new ErrorResponse(e.getMessage()))
+                .build();
+        } catch (BadRequestException e) {
+            return Response.status(Response.Status.BAD_REQUEST)
+                .entity(new ErrorResponse(e.getMessage()))
+                .build();
+        } catch (Exception e) {
+            LOG.error("Erreur lors de la mise à jour du budget", e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR)
+                .entity(new ErrorResponse(e.getMessage()))
+                .build();
+        }
+    }
+
+    @DELETE
+    @Path("/{budgetId}")
+    @RolesAllowed({"ORG_ADMIN", "SUPER_ADMIN"})
+    @Operation(summary = "Supprime un budget",
+               description = "Supprime logiquement un budget (soft delete)")
+    public Response deleteBudget(@PathParam("budgetId") UUID budgetId) {
+        LOG.infof("DELETE /api/finance/budgets/%s", budgetId);
+
+        try {
+            budgetService.deleteBudget(budgetId);
+            return Response.noContent().build();
+        } catch (NotFoundException e) {
+            return Response.status(Response.Status.NOT_FOUND)
+                .entity(new ErrorResponse(e.getMessage()))
+                .build();
+        } catch (Exception e) {
+            LOG.error("Erreur lors de la suppression du budget", e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR)
+                .entity(new ErrorResponse(e.getMessage()))
+                .build();
+        }
+    }
+
     // Classe interne pour les réponses d'erreur
     record ErrorResponse(String message) {}
 }