Restrict `reports/e2e-delete-all-reports/` to when `E2E_TEST` is True

[exalate-issue-sync]

TASK: Restrict reports/e2e-delete-all-reports/ to when E2E_TEST is True, return 404

We've restricted it to certain IDs, but should we another layer of protection that hitting that endpoint only works if E2E_TEST is true. If the rules for delete_all_reports changed it could end up actually deleting all reports.

Note: I think we share a function with a management command that’s used in the lower environments, but the API call should not work in any environment.

See e2e_delete_all_contacts as an example of us not allowing it and returning a 404. It might be more ideal to not include the endpoint in the routing if possible. DRF likely supports dynamic routes based on conditions. If there is a way to take that approach update the e2e_delete_all_contacts to follow that pattern.

QA Notes

null

DEV Notes

null

Design

null

See full ticket and images here: FECFILE-2819

[exalate-issue-sync]

akhorsand commented: [~accountid:5b92c509d0b4022bdc51bdf4] is there still a question on the path forward for this, or is it ready for refinement?

[exalate-issue-sync]

Laura Beaufort commented: [~accountid:61b0b42cd5986c006a9e1c94] I think it’s ready for refinement, but [~accountid:712020:2a1493e5-adee-45bd-b27e-868a5c8d3f62] might want to take a look first.

[exalate-issue-sync]

Joshua Coombs commented: I can take this one