feature:access-control deactivate_entity should also emit access-revoked events for active permissions

[Emmanuelluxury]

closes #338

Description
The deactivate_entity function emits a deactivation event but does not emit access-revoked events for all the active consents and permissions held by the deactivated entity. External systems listening for access-revoked events (e.g., audit loggers) will miss these implicit revocations.

Expected Behavior
When an entity is deactivated, iterate its active permissions and emit an access-revoked event for each one, or emit a single deactivation event that downstream consumers can treat as revoking all access.

Contract
contracts/access-control

[drips-wave]

@Emmanuelluxury Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits