[keyserver] Fix keyserver allowing adding unauthorized users to chats

Summary:
issue: ENG-8801
It should not be possible to create a subchannel in a chat under GENESIS with users the current user is not friends with, even if they are not in the parent chat
It should not be possible to add a user that is not a friend of the current user, even if they are not in the parent chat, to a subchannel of a chat under GENESIS
To see the full explanation of what behaviour we want in all cases, please see this comment

Test Plan:
I tested the behaviour of keyserver by removing filtering from UI and allowing it to display all users.
Tested that it is not possible to create a subchannel in GENESIS subchannel that would contain users that are not in parent chat, unless they are our friends

Tested that it is not possible to create a chat through ChatThreadComposer with non-friend (even if UI allows it), or create direct GENESIS subchannels with non-friends (from admin)

Tested that it IS possible to create direct GENESIS subchannels with friends (from admin)

Tested that it IS possible to create subchannel in GENESIS subchannel with members of the parent even if they are not our friends.

Tested that it IS possible to create to create a subchannel in a different community with users that are in this community but we are not friends with.

Tested that it IS NOT possible to create a subchannel in a different community with users that are not in this community and we are not friends with.

Reviewers: tomek, ashoat

Reviewed By: ashoat

Differential Revision: https://phab.comm.dev/D12727