add unit tests

since this has grown considerably complex and it deals with some sensitive things (potential for leaking an applicant's information, could accidentally delete the wrong file, etc.) i think it would be a good idea to add unit testing before adding any new features or rewriting.

this is also tangentially related to #5 (closed); i hesitate to call something secure if it doesn't have decent test coverage running in ci :P