Resolve issues listing catalog by non-admin users

[ErwinsExpertise]

This pull request updates the /v2/_catalog endpoint to improve repository listing security and access control. Now, only authenticated users can see repositories, and the list is filtered based on the user's permissions: system admins see all repositories, while other users only see repositories they have pull access to. The changes also include comprehensive tests for these behaviors.

Access control and filtering improvements:

• The /v2/_catalog endpoint now returns an empty list for unauthenticated users, and only lists repositories the user is authorized to pull for authenticated non-admin users. System admins see all repositories. (src/server/registry/catalog.go, [1] [2]
• The authentication check in the v2 auth middleware was simplified: listing the catalog now only requires authentication, not a specific RBAC permission. (src/server/middleware/v2auth/auth.go, [1] [2]

Testing enhancements:

• Added new test cases to verify catalog filtering for: users with pull access to some repositories, users with no repository permissions, unauthenticated users, and system admins. (src/server/registry/catalog_test.go, src/server/registry/catalog_test.goR139-R260)
• Updated an existing test to expect a 200 OK for authenticated catalog requests. (src/server/middleware/v2auth/auth_test.go, src/server/middleware/v2auth/auth_test.goL197-R197)

Dependency and import updates:

• Added and removed imports to support new access control logic and testing. (src/server/registry/catalog.go, [1]; src/server/registry/catalog_test.go, [2]

Issue being fixed

Fixes #22194

Please indicate you've done the following:

• Well Written Title and Summary of the PR
• Label the PR as needed. "release-note/ignore-for-release, release-note/new-feature, release-note/update, release-note/enhancement, release-note/community, release-note/breaking-change, release-note/docs, release-note/infra, release-note/deprecation"
• Accepted the DCO. Commits without the DCO will delay acceptance.
• Made sure tests are passing and test coverage is added if needed.
• Considered the docs impact and opened a new docs issue or PR with docs changes if needed in website repository.