This commit introduces a new permission toggle that allows administrators to control whether users can publicly share their notes.
- Adds a new environment variable `USER_PERMISSIONS_NOTES_ALLOW_PUBLIC_SHARING` to control the default setting.
- Adds a `public_notes` permission to the `sharing` section of the user permissions.
- Adds a toggle switch to the admin panel for managing this permission.
- Implements backend logic to enforce the permission when a user attempts to share a note publicly.
- Replace inefficient memory-based filtering with database-level filtering
- Add proper access control conditions to SQL query
- Reduce memory usage by filtering at database level instead of loading all notes
- Maintain access control validation with post-filtering for complex cases
This change significantly improves performance for users with many notes
by reducing the number of database queries and memory usage.
Signed-off-by: Sihyeon Jang <sihyeon.jang@navercorp.com>
