When a deploy token is authenticated, project access
is checked and rejected if not allowed.

Auth spec is fixed to properly test this scenario

Update guard clause to allow nil projects to pass for registry access

Update LFS spec - now returns 401 for invalid deploy token

Fixing flaky tests

Add spec for group deploy token as well