docs: Explain link sharing in /api/upload-file.

Rewrittten by tabbott to clearly explain the security model, and add a
code example.

zerver/openapi/python_examples.py

@@ -882,6 +882,13 @@ def upload_file(client):
             method='POST',
             files=[fp]
         )
+
+    client.send_message({
+        "type": "stream",
+        "to": "Denmark",
+        "topic": "Castle",
+        "content": "Check out [this picture](%s) of my castle!" % (result['uri'],)
+    })
     # {code_example|end}
 
     validate_against_openapi_schema(result, '/user_uploads', 'post', '200')