fix: ensure that notes are not stored inside a shared folder

[DeepDiver1975]

No description provided.

[jnweiger]

Silly admin scenario:

• admin believes, users should not see a toplevel /Notes folder, but have their notes inside e.g. an /apps/priv/NotesDir subfolder
  • update oc_preferences set configvalue = 'apps/priv/NotesDir' where userid='Alice' and appid='notes' and configkey='notesRoot';
• Bob has an apps folder with some nice binaries, and shares that with Alice, before Alice uses the notes app for the first time.
• Alice starts using the notes app.
  • The notesRoot gets reset to a toplevel folder 'Notes' -- or (2) or (3) etc as needed. OKish.

[jnweiger]

@DeepDiver1975 Is this a scenario to consider:

Update from notes app 2.0.5

• User bob receives shared Notes folder from user alice
• User bob starts the notes app, happily adds notes (which is a security issue)
• Admin updates to the notes app including fix: ensure that notes are not stored inside a shared folder #488
• The new notes app changes notesRoot to a 'Notes (2)' folder. Which is now empty. OKish
• User bob panics, as he believes all his notes are lost. BAD
• User bob hopefully realizes that the shared Notes folder is still there, and sorts things out.

[DeepDiver1975]

• User bob hopefully realizes that the shared Notes folder is still there, and sorts things out.

Users will get this if they ever fall into this pit. Please note that this is a very unlikely scenario is real life.

[jnweiger]

Thanks!