// Copyright (c) StellaOps. Licensed under the BUSL-1.1.

namespace StellaOps.VexHub.WebService.Security;

/// <summary>
/// Named authorization policy constants for the VexHub service.
/// VexHub uses API-key authentication. All VEX query endpoints require a valid,
/// authenticated API key. Scope enforcement is delegated to the API key configuration.
/// </summary>
internal static class VexHubPolicies
{
    /// <summary>Policy for querying and reading VEX statements. Requires an authenticated API key.</summary>
    public const string Read = "VexHub.Read";

    /// <summary>Policy for administrative operations (ingestion, source management). Requires an authenticated API key with admin scope.</summary>
    public const string Admin = "VexHub.Admin";
}