Provide "delete" entity operation access checks on group entities

[pfrenssen]

Currently we only have full entity operation access checks for group content (see for example OgEventSubscriber::provideDefaultNodePermissions() which supplies these for node group content).

We have a group permission called update group but this is not currently enforced and (edit: is enforced now, ref. #673) test coverage for this is incomplete (ref. a user with this permission (user4) is created in OgEntityAccessTest but the test doesn't actually check that this user has edit access and other users don't.

We are also lacking a delete group permission. I think a create group permission is not needed, since this is controlled by Drupal permissions (a newly created group doesn't have any members yet so we cannot control this using an OG permission). We are ignoring view permissions too.

In order to fulfill this I propose:

• Create a new GroupPermission to delete groups, apply it to the group admin by default, and treat it in the same way as the UPDATE_GROUP_PERMISSION.
• Extend the tests, not only on the return value of the access checks like is being done in OgEntityAccessTest but also in scenarios where groups are actually being updated and deleted, i.e. through hook_entity_access().