consolidation of some of the modules, localization fixes, product advisories work, qa work

src/Concelier/StellaOps.Excititor.WebService/Security/ExcititorPolicies.cs

@@ -0,0 +1,20 @@
+namespace StellaOps.Excititor.WebService.Security;
+
+/// <summary>
+/// Named authorization policy constants for the Excititor service.
+/// These policies map to OAuth2 scopes enforced at the endpoint level.
+/// </summary>
+internal static class ExcititorPolicies
+{
+    /// <summary>Policy requiring the vex.admin scope (approve/reject, ingest control, reconcile).</summary>
+    public const string VexAdmin = "excititor.vex.admin";
+
+    /// <summary>Policy requiring the vex.read scope (read-only VEX data, observations, linksets, attestations).</summary>
+    public const string VexRead = "excititor.vex.read";
+
+    /// <summary>Policy requiring the vex.ingest scope (VEX data ingestion operations).</summary>
+    public const string VexIngest = "excititor.vex.ingest";
+
+    /// <summary>Policy requiring the vex.attest scope (Rekor attestation operations).</summary>
+    public const string VexAttest = "excititor.vex.attest";
+}