(core) Decode cell values to prevent working around rule using 'in' on lists

Summary:
Fixes bug described in https://grist.slack.com/archives/C069RUP71/p1699643458649019

Decodes cell values obtained from `InfoView.get` when evaluating user-defined ACL formulas, i.e. the result of `rec.foo` in such a formula. In particular this is so that `rec.some_list` loses the leading `L` type code and behaves sensibly in an expression like `thing in rec.some_list`.

`InfoView.get` is called in many places, but for every usage I found other than here, leaving the cell values encoded was best.

Test Plan: Added two unit server tests. The first is for the main bug involving lists. The second checks the only other plausible way I could think of that this change affects behaviour, and it seems to be for the better since both tests failed before. Most operations involving non-primitive cell values don't do anything sensible with or without decoding, so behaviour shouldn't change meaningfully in those cases.

Reviewers: georgegevoian, paulfitz

Reviewed By: georgegevoian, paulfitz

Subscribers: paulfitz

Differential Revision: https://phab.getgrist.com/D4123

app/server/lib/ACLFormula.ts

@@ -11,6 +11,7 @@
 import {CellValue} from 'app/common/DocActions';
 import {ErrorWithCode} from 'app/common/ErrorWithCode';
 import {AclMatchFunc, AclMatchInput, ParsedAclFormula} from 'app/common/GranularAccessClause';
+import {decodeObject} from "app/plugin/objtypes";
 import constant = require('lodash/constant');
 
 const GRIST_CONSTANTS: Record<string, string> = {
@@ -94,7 +95,7 @@ function getAttr(value: any, attrName: string, valueNode: ParsedAclFormula): any
     }
     throw new Error(`No value for '${describeNode(valueNode)}'`);
   }
-  return (typeof value.get === 'function' ? value.get(attrName) : // InfoView
+  return (typeof value.get === 'function' ? decodeObject(value.get(attrName)) : // InfoView
           value[attrName]);
 }