* fix(goals): scope funding-account picker to the current user's accessible accounts
The new/edit goal funding picker and the linkable-account count queried
`Current.family.accounts`, so it listed (and would link/fund from) every
depository account in the family — including accounts owned by other
members that aren't shared with the current user. Switch the three
queries (index count, lookup, picker list) to
`Current.user.accessible_accounts`, matching the access boundary used
elsewhere. Adds controller tests covering the new-form picker and the
create path rejecting a non-accessible same-family account.
Fixes#2168
* fix(goals): preserve inaccessible linked accounts on goal edit
The funding picker only renders Current.user.accessible_accounts, so a
family goal linked to another member's private account renders no
checkbox for it. On update, sync_linked_accounts! treated that omission
as an intentional removal and destroyed the link the editor could not
see. Restrict unlinking to the editor's accessible accounts so links
outside their access are preserved. Adds a regression test.
0d32f7507c