texts fixes, search bar fixes, global menu fixes.

src/Web/StellaOps.Web/tests/e2e/nav-shell.spec.ts

@@ -172,13 +172,14 @@ test.describe('Nav shell canonical domains', () => {
     const navText = (await page.locator('aside.sidebar').textContent()) ?? '';
 
     const labels = [
-      'Mission Board',
-      'Mission Alerts',
-      'Mission Activity',
+      'Release Control',
+      'Security & Evidence',
+      'Platform & Setup',
+      'Dashboard',
       'Releases',
-      'Security',
+      'Vulnerabilities',
       'Evidence',
-      'Ops',
+      'Operations',
       'Setup',
     ];
 
@@ -198,6 +199,45 @@ test.describe('Nav shell canonical domains', () => {
     expect(navText).not.toContain('Administration');
     expect(navText).not.toContain('Policy Studio');
   });
+
+  test('group headers are unique and navigate to group landing routes', async ({ page }) => {
+    await go(page, '/mission-control/board');
+    await ensureShell(page);
+
+    const releaseGroup = page.locator('aside.sidebar .nav-group__label', { hasText: 'Release Control' });
+    const securityGroup = page.locator('aside.sidebar .nav-group__label', { hasText: 'Security & Evidence' });
+    const platformGroup = page.locator('aside.sidebar .nav-group__label', { hasText: 'Platform & Setup' });
+
+    await expect(releaseGroup).toHaveCount(1);
+    await expect(securityGroup).toHaveCount(1);
+    await expect(platformGroup).toHaveCount(1);
+
+    await releaseGroup.click();
+    await expect(page).toHaveURL(/\/mission-control\/board$/);
+
+    await securityGroup.click();
+    await expect(page).toHaveURL(/\/security(\/|$)/);
+
+    await platformGroup.click();
+    await expect(page).toHaveURL(/\/ops(\/|$)/);
+  });
+
+  test('grouped root entries navigate when clicked', async ({ page }) => {
+    await go(page, '/mission-control/board');
+    await ensureShell(page);
+
+    await page.locator('aside.sidebar a.nav-item', { hasText: 'Releases' }).first().click();
+    await expect(page).toHaveURL(/\/releases\/deployments$/);
+
+    await page.locator('aside.sidebar a.nav-item', { hasText: 'Vulnerabilities' }).first().click();
+    await expect(page).toHaveURL(/\/security(\/|$)/);
+
+    await page.locator('aside.sidebar a.nav-item', { hasText: 'Evidence' }).first().click();
+    await expect(page).toHaveURL(/\/evidence\/overview$/);
+
+    await page.locator('aside.sidebar a.nav-item', { hasText: 'Operations' }).first().click();
+    await expect(page).toHaveURL(/\/ops\/operations$/);
+  });
 });
 
 test.describe('Nav shell breadcrumbs and stability', () => {

src/Web/StellaOps.Web/tests/e2e/unified-search-fixtures.ts

@@ -21,7 +21,7 @@ export const mockConfig = {
     redirectUri: 'http://127.0.0.1:4400/auth/callback',
     postLogoutRedirectUri: 'http://127.0.0.1:4400/',
     scope:
-      'openid profile email ui.read advisory:search advisory:read search:read findings:read vex:read policy:read health:read',
+      'openid profile email ui.read advisory:read advisory-ai:view advisory-ai:operate findings:read vex:read policy:read health:read',
     audience: 'https://scanner.local',
     dpopAlgorithms: ['ES256'],
     refreshLeewaySeconds: 60,
@@ -55,9 +55,9 @@ export const shellSession = {
       ...policyAuthorSession.scopes,
       'ui.read',
       'admin',
-      'advisory:search',
       'advisory:read',
-      'search:read',
+      'advisory-ai:view',
+      'advisory-ai:operate',
       'findings:read',
       'vex:read',
       'policy:read',