The acl:

• match: {account: "/.+/", name: "${account}/"}
  actions: [""]
  comment: "Logged in users have full access to images that are in their 'namespace'"

is incorrect. It appears to actually mean that logged in users have full access to images directly under their namespace, e.g. username/image:latest

However this acl does not grant access to 'username/category/image:latest'.
In order to access all images in a user's namespace the acl is name:"/${account}/.*/"