feat: add per-account SubList isolation for message routing

Subscriptions and message routing now go through account-specific SubLists
instead of a single global SubList. Clients in different accounts cannot
see each other's messages. When no account is specified (or auth is not
configured), all clients share the global $G account.

src/NATS.Server/NatsClient.cs

@@ -260,6 +260,13 @@ public sealed class NatsClient : IDisposable
             _logger.LogDebug("Client {ClientId} authenticated as {Identity}", Id, result.Identity);
         }
 
+        // If no account was assigned by auth, assign global account
+        if (Account == null && Router is NatsServer server2)
+        {
+            Account = server2.GetOrCreateAccount(Account.GlobalAccountName);
+            Account.AddClient(Id);
+        }
+
         ConnectReceived = true;
         _logger.LogDebug("CONNECT received from client {ClientId}, name={ClientName}", Id, ClientOpts?.Name);
     }
@@ -286,8 +293,7 @@ public sealed class NatsClient : IDisposable
 
         _logger.LogDebug("SUB {Subject} {Sid} from client {ClientId}", cmd.Subject, cmd.Sid, Id);
 
-        if (Router is ISubListAccess sl)
-            sl.SubList.Insert(sub);
+        Account?.SubList.Insert(sub);
     }
 
     private void ProcessUnsub(ParsedCommand cmd)
@@ -306,8 +312,7 @@ public sealed class NatsClient : IDisposable
 
         _subs.Remove(cmd.Sid!);
 
-        if (Router is ISubListAccess sl)
-            sl.SubList.Remove(sub);
+        Account?.SubList.Remove(sub);
     }
 
     private async ValueTask ProcessPubAsync(ParsedCommand cmd)
@@ -488,6 +493,7 @@ public sealed class NatsClient : IDisposable
 
     public void Dispose()
     {
+        _permissions?.Dispose();
         _clientCts?.Dispose();
         _stream.Dispose();
         _socket.Dispose();