Add soft deletes to Group and User permissions

[rtisma]

As detailed in the spec under deletion

• When deleting entities or entity relationships, a soft delete should always be performed (flag the record as deleted rather than physically deleting from the database) for audit purposes
• This can be done in the status column (for users, groups, applications, policies & tokens), or in an 'isActive' column in the relationship tables