Fix special characters in admin-generated secret keys (#7994)

Fixes #7990

The issue was that the Charset constant used for generating secret keys
included the '/' character, which is URL-unsafe. When secret keys
containing '/' were used in HTTP requests, they would be URL-encoded,
causing a mismatch during signature verification.

Changes:
- Removed '/' from the Charset constant in weed/iam/constants.go
- Added TestGenerateSecretAccessKey_URLSafe to verify generated keys
  don't contain URL-unsafe characters like '/' or '+'

This ensures all newly generated secret keys are URL-safe and will
work correctly with S3 authentication. Existing keys continue to work.

weed/iam/constants.go

@@ -3,7 +3,7 @@ package iam
 // Character sets for credential generation
 const (
 	CharsetUpper = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
-	Charset      = CharsetUpper + "abcdefghijklmnopqrstuvwxyz/"
+	Charset      = CharsetUpper + "abcdefghijklmnopqrstuvwxyz"
 )
 
 // Policy document version