Fixes #279 (closed) by adding a new SQL query called isSharedWith that is capable of detecting shared resources and shared nodes, and it can be used inside a nodeCheck to make sure we correctly handle in the access policy cases where before we were getting a 403.

@anoe @fmaniere @cgenie This MR should allegedly allow us to finally put the access policy manager into good use without breaking the API with 403 errors like in the past. I have tested this briefly locally and it seemed to work, but a more extensible test is welcomed.

As I was at it I have noticed an error when requesting user's personal information that got uncaught by one of our reviews:

This happened because we switched to be using the UserId type in the GraphQL API, which wasn't been treated as a scalar (basically, isomorphic to an Int), but now it is.