Sub-folder sharing fix

[alexkoon]

WARNING - This was vibe coded. I am a Java dev, and don't really know typescript. I had a Claude sub so wanted to apply it to this as I use pigallery2. I have tested (not extensively) via a local build docker image.

Fix: Subfolder navigation now works for shared folder links

This fixes the regression reported in Discussion #1068 where shared folder links no longer allowed recipients to browse into subfolders.

What was broken and what was fixed:

1. Subfolder visibility (backend) — The sharing projection query in SearchManager only matched the exact shared directory, so subdirectories were invisible to sharing users. Added recursive directory matching so that
   when a folder is shared, all its subdirectories are included in the allowed content projection.
2. Password-protected share login (frontend + backend) — Visiting a shared link (/share/) with passwordRequired: true produced a blank screen and a spinning loop of 401 errors in the browser console. Two root
   causes:
   - NavigationService.toLogin() was awaiting the currentSharing observable to determine whether to show the password prompt — but that observable only emits after authentication, creating a deadlock. Fixed by exposing
   passwordProtected from the public /share//key endpoint (no auth required) so the redirect decision can be made synchronously.
   - error.interceptor.ts was calling logout() unconditionally on every HTTP 401, even when the user was already unauthenticated, causing an infinite logout→getSessionUser→401 loop. Fixed to only call logout() when a
   user is actually authenticated; otherwise navigates to the login/share-login page directly.
3. Directory listing access for sharing users (backend) — After successful share password entry, the gallery content endpoint returned 401 NOT_AUTHORISED. The route required UserRoles.Guest but sharing users are
   assigned UserRoles.LimitedGuest. Changed the role check to LimitedGuest — the existing session projectionQuery already restricts sharing users to only see content within their shared directory, so there is no security
   regression.
4. Breadcrumb navigation for sharing users (frontend) — Once inside a shared folder, there was no way to navigate back up through the folder hierarchy (only the browser back button worked). The breadcrumb bar now
   renders each folder at or below the share root as a clickable link, while folders above the share root remain plain text so users cannot navigate outside their share. The sharing key is preserved in all breadcrumb
   links automatically.
5. Share dialog cleanup — Removed the now-inaccurate notice "Folders are not shared." from the share creation dialog.

[alexkoon]

Force pushed over with fixes for the tests - these were the changes to the tests

Test fixes

src/frontend/app/ui/gallery/gallery.component.spec.ts
Added waitForSessionUser to MockAuthenticationService (jasmine.createSpy(...).and.returnValue(Promise.resolve())). Without this the CI Jasmine tests threw TypeError: this.authService.waitForSessionUser is not a
function when ngOnInit was triggered.

test/cypress/e2e/share.cy.ts
Updated the three share E2E tests to intercept /pgapi/gallery/content/* instead of /pgapi/search/*, and to assert on #directory-path (the breadcrumb) instead of the old search-result nav link — matching the new gallery-view navigation.