Add folder permissions UI and WebDAV protocol support

Permissions UI:
- FolderPermissionsDialog component with public/private toggle,
  role/user permission management, and access level badges
- Integrated into file manager toolbar (visible for folder admins)
- Backend returns accessLevel in folder detail endpoint

WebDAV server:
- Full WebDAV protocol at /webdav/ with Basic Auth (existing credentials)
- PROPFIND, GET, PUT, DELETE, MKCOL, COPY, MOVE, LOCK/UNLOCK support
- Permission-checked against existing folder access model
- In-memory lock stubs for Windows client compatibility
- 22 API integration tests covering all operations

Also fixes canAccess to check folder creator (was missing).

packages/backend/src/routes/v1/storage.ts

@@ -45,11 +45,11 @@ export const storageRoutes: FastifyPluginAsync = async (app) => {
     const folder = await StorageFolderService.getById(app.db, id)
     if (!folder) return reply.status(404).send({ error: { message: 'Folder not found', statusCode: 404 } })
 
-    const hasAccess = await StoragePermissionService.canAccess(app.db, id, request.user.id)
-    if (!hasAccess) return reply.status(403).send({ error: { message: 'Access denied', statusCode: 403 } })
+    const accessLevel = await StoragePermissionService.getAccessLevel(app.db, id, request.user.id)
+    if (!accessLevel) return reply.status(403).send({ error: { message: 'Access denied', statusCode: 403 } })
 
     const breadcrumbs = await StorageFolderService.getBreadcrumbs(app.db, id)
-    return reply.send({ ...folder, breadcrumbs })
+    return reply.send({ ...folder, breadcrumbs, accessLevel })
   })
 
   app.patch('/storage/folders/:id', { preHandler: [app.authenticate, app.requirePermission('files.upload')] }, async (request, reply) => {