ipn/ipnlocal: only show Taildrive peers to which ACLs grant us access

This improves convenience and security.

* Convenience - no need to see nodes that can't share anything with you.
* Security - malicious nodes can't expose shares to peers that aren't
             allowed to access their shares.

Updates tailscale/corp#19432

Signed-off-by: Percy Wegmann <percy@tailscale.com>

tailcfg/tailcfg.go

@@ -131,7 +131,8 @@ type CapabilityVersion int
 //   - 88: 2024-03-05: Client understands NodeAttrSuggestExitNode
 //   - 89: 2024-03-23: Client no longer respects deleted PeerChange.Capabilities (use CapMap)
 //   - 90: 2024-04-03: Client understands PeerCapabilityTaildrive.
-const CurrentCapabilityVersion CapabilityVersion = 90
+//   - 91: 2024-04-24: Client understands PeerCapabilityTaildriveSharer.
+const CurrentCapabilityVersion CapabilityVersion = 91
 
 type StableID string
 
@@ -1357,8 +1358,12 @@ const (
 	// PeerCapabilityWebUI grants the ability for a peer to edit features from the
 	// device Web UI.
 	PeerCapabilityWebUI PeerCapability = "tailscale.com/cap/webui"
-	// PeerCapabilityTaildrive grants the ability for a peer to access Taildrive shares.
+	// PeerCapabilityTaildrive grants the ability for a peer to access Taildrive
+	// shares.
 	PeerCapabilityTaildrive PeerCapability = "tailscale.com/cap/drive"
+	// PeerCapabilityTaildriveSharer indicates that a peer has the ability to
+	// share folders with us.
+	PeerCapabilityTaildriveSharer PeerCapability = "tailscale.com/cap/drive-sharer"
 )
 
 // NodeCapMap is a map of capabilities to their optional values. It is valid for