Perform visibility checks on notification subjects at the query level

This will prevent a notification from being seen by a user if its
subject is deleted or undergoes some kind of permission change (eg.
a discussion is moved into a private tag)

ref #1380

src/Api/Controller/ListNotificationsController.php

@@ -100,10 +100,6 @@ class ListNotificationsController extends AbstractListController
             $areMoreResults ? null : 0
         );
 
-        $notifications = array_filter($notifications, function ($notification) {
-            return ! $notification->subjectModel || $notification->subject;
-        });
-
         if (in_array('subject.discussion', $include)) {
             $this->loadSubjectDiscussions($notifications);
         }