Perform visibility checks on notification subjects at the query level

This will prevent a notification from being seen by a user if its
subject is deleted or undergoes some kind of permission change (eg.
a discussion is moved into a private tag)

ref #1380

src/Notification/NotificationRepository.php

@@ -33,6 +33,7 @@ class NotificationRepository
             ->where('user_id', $user->id)
             ->whereIn('type', $user->getAlertableNotificationTypes())
             ->where('is_deleted', false)
+            ->whereSubjectVisibleTo($user)
             ->groupBy('type', 'subject_id')
             ->orderByRaw('MAX(created_at) DESC')
             ->skip($offset)