* setup triage user on pds, update moderator username (invalidates old token)
* initial pass on triage access on pds, limit access to email addrs
* apply moderator vs triage rules on taking and reversing mod actions for pds
* update pds tests for triage auth role
* setup moderator and triage roles on bsky appview
* apply mod and triage access rules to bsky admin endpoints
* reframe admin auth as role-based auth, tidy auth apis
* tidy
* build
* revert change to basic auth username for role-based auth