fix: REST client BASIC auth uses Rest\$ConstantValue with correct BSON key (#200)

Three root causes found and fixed:

1. Studio Pro requires Rest\$ConstantValue for BASIC auth credentials,
   not Rest\$StringValue. Using StringValue causes InvalidCastException
   when opening the document and 401 at runtime because the auth header
   is never sent.

2. The BSON field name for the constant reference is "Value" (matching
   the metamodel), not "Constant" (which was an incorrect guess). With
   the wrong key, Mendix can't resolve the constant → CE7073.

3. When literal strings are provided for auth credentials (e.g.,
   Password: 'secret'), the executor now auto-creates string constants
   (Module.ClientName_Username / _Password) so the BSON always contains
   Rest\$ConstantValue references. This is transparent to the user.

Also adds missing ExportLevel, Tags, Timeout, BaseUrlParameter, and
OpenApiFile fields that Studio Pro always populates on REST clients.

Test case: mdl-examples/bug-tests/200-basic-auth-rest-client.mdl
creates a REST client pointing at httpbin.org/basic-auth with a test
page for side-by-side comparison of REST client auth vs inline REST
CALL auth.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: ako

mdl/executor/cmd_rest_clients.go

@@ -355,7 +355,7 @@ func createRestClient(ctx *ExecContext, stmt *ast.CreateRestClientStmt) error {
 			auth.Username = "$" + name
 		} else if stmt.Authentication.Username != "" {
 			constName := stmt.Name.Name + "_Username"
-			if err := e.ensureConstant(moduleName, containerID, constName, stmt.Authentication.Username); err != nil {
+			if err := ensureConstant(ctx, moduleName, containerID, constName, stmt.Authentication.Username); err != nil {
 				return fmt.Errorf("failed to create username constant: %w", err)
 			}
 			auth.Username = "$" + moduleName + "." + constName
@@ -369,7 +369,7 @@ func createRestClient(ctx *ExecContext, stmt *ast.CreateRestClientStmt) error {
 			auth.Password = "$" + name
 		} else if stmt.Authentication.Password != "" {
 			constName := stmt.Name.Name + "_Password"
-			if err := e.ensureConstant(moduleName, containerID, constName, stmt.Authentication.Password); err != nil {
+			if err := ensureConstant(ctx, moduleName, containerID, constName, stmt.Authentication.Password); err != nil {
 				return fmt.Errorf("failed to create password constant: %w", err)
 			}
 			auth.Password = "$" + moduleName + "." + constName
@@ -489,10 +489,10 @@ func convertMappingEntries(entries []ast.RestMappingEntry, importDirection bool)
 }
 
 // ensureConstant creates a string constant if it doesn't already exist.
-func (e *Executor) ensureConstant(moduleName string, containerID model.ID, constName, value string) error {
+func ensureConstant(ctx *ExecContext, moduleName string, containerID model.ID, constName, value string) error {
 	// Check if constant already exists
-	constants, _ := e.reader.ListConstants()
-	h, _ := e.getHierarchy()
+	constants, _ := ctx.Backend.ListConstants()
+	h, _ := getHierarchy(ctx)
 	for _, c := range constants {
 		modID := h.FindModuleID(c.ContainerID)
 		modName := h.GetModuleName(modID)
@@ -509,7 +509,7 @@ func (e *Executor) ensureConstant(moduleName string, containerID model.ID, const
 		DefaultValue: value,
 		ExportLevel:  "Hidden",
 	}
-	return e.writer.CreateConstant(constant)
+	return ctx.Backend.CreateConstant(constant)
 }
 
 // dropRestClient handles DROP REST CLIENT statement.