FIX: Users without shared drafts access can still have access to the category. (#11476)

This is an edge-case of 9fb3629. An admin could set the shared draft category to one where both TL2 and TL3 users have access but only give shared draft access to TL3 users. If something like this happens, we need to make sure that TL2 users won't be able to see them, and they won't be listed on latest.

Before this change, `SharedDrafts` were lazily created when a destination category was selected. We now create it alongside the topic and set the destination to the same shared draft category.

app/controllers/topics_controller.rb

@@ -168,6 +168,8 @@ class TopicsController < ApplicationController
     topic = Topic.find(params[:id])
     category = Category.find(params[:destination_category_id])
 
+    raise Discourse::InvalidParameters if category.id == SiteSetting.shared_drafts_category.to_i
+
     guardian.ensure_can_publish_topic!(topic, category)
     topic = TopicPublisher.new(topic, current_user, category.id).publish!