Fix re-enabling OAuth2 security on APIs configured with only mutual SSL

[nimsara66]

Purpose

This PR resolves an issue where an API published with only Mutual SSL enabled cannot save updates when OAuth2 or API Key application-level security is subsequently enabled.

Approach

When Mutual SSL is the sole selected security option for an API, the tier throttling policies are cleared [1]. If OAuth2 or API Key is later enabled for the same API, the update fails because the API is already published and requires a tier throttling policy. This fix ensures that a default throttling policy is applied in such scenarios, allowing the updates to be successfully saved.
Logic to filter AI policies is based on [2].

Issue

Related to: wso2/api-manager#3486

[1]

carbon-apimgt/components/apimgt/org.wso2.carbon.apimgt.persistence/src/main/java/org/wso2/carbon/apimgt/persistence/utils/RegistryPersistenceUtil.java

Lines 315 to 320 in bf7e34d

	//check in github code to see this method was removed
	String apiSecurity = artifact.getAttribute(APIConstants.API_OVERVIEW_API_SECURITY);
	if (apiSecurity != null && !apiSecurity.contains(APIConstants.DEFAULT_API_SECURITY_OAUTH2) && !apiSecurity
	.contains(APIConstants.API_SECURITY_API_KEY)) {
	artifact.setAttribute(APIConstants.API_OVERVIEW_TIER, "");
	}

[2]

carbon-apimgt/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/impl/ThrottlingPoliciesApiServiceImpl.java

Lines 206 to 209 in bf7e34d

	tierList = tierList.stream()
	.filter(tier -> PolicyConstants.AI_API_QUOTA_TYPE.equals(tier.getQuotaPolicyType())
	|| tier.getName().contains(APIConstants.DEFAULT_SUB_POLICY_SUBSCRIPTIONLESS)
	|| tier.getQuotaPolicyType() == null).collect(Collectors.toList());