Miscellaneous Fixes (0.17 beta) (#21301)

* Wait for config to load before evaluating route access

Fix race condition where custom role users are temporarily denied access after login while config is still loading. Defer route rendering in DefaultAppView until config is available so the complete role list is known before ProtectedRoute evaluates permissions

* Use batching for state classification generation

* Ignore incorrect scoring images if they make it through the deletion

* Delete unclassified images

* mitigate tensorflow atexit crash by pre-importing tflite/tensorflow on main thread

Pre-import Interpreter in embeddings maintainer and add defensive lazy imports in classification processors to avoid worker-thread tensorflow imports causing "can't register atexit after shutdown"

* don't require old password for users with admin role when changing passwords

* don't render actions menu if no options are available

* Remove hwaccel arg as it is not used for encoding

* change password button text

---------

Co-authored-by: Nicolas Mowen <nickmowen213@gmail.com>

frigate/api/auth.py

@@ -893,13 +893,9 @@ async def update_password(
     except DoesNotExist:
         return JSONResponse(content={"message": "User not found"}, status_code=404)
 
-    # Require old_password when:
-    # 1. Non-admin user is changing another user's password (admin only action)
-    # 2. Any user is changing their own password
-    is_changing_own_password = current_username == username
-    is_non_admin = current_role != "admin"
-
-    if is_changing_own_password or is_non_admin:
+    # Require old_password when non-admin user is changing any password
+    # Admin users changing passwords do NOT need to provide the current password
+    if current_role != "admin":
         if not body.old_password:
             return JSONResponse(
                 content={"message": "Current password is required"},