[BUG] When authenticated, any collection is accessible if you have the right collection id

[jps327]

Describe the bug
If you're authenticated and have the collection id for another user's collection, you can still access that collection by entering the correct URL.

This violates an expectation of privacy that needs to be fixed. Collections should only be accessible via a URL when marked as Shareable. This will require needing to add some field in the db to mark a collection as shareable, and we'll need to add a UI element in a collection page to toggle whether or not a collection is shareable. But it's important that a Collection be inaccessible even with the correct URL in order to maintain privacy, and only when a user explicitly decides to share a collection should it be accessible via a URL.

To Reproduce
Steps to reproduce the behavior:

1. Run the app locally
2. Login as user A
3. Create a collection
4. Copy the URL and log out
5. Login as user B
6. Paste the URL and user A's collection will load. This should not happen.

Expected behavior
A page saying that you don't have permission to access this collection should be displayed.

Screenshots
If applicable, add screenshots to help explain your problem.

Desktop (please complete the following information):

• OS: MacOS
• Browser: Chrome
• Version: 102.0