feat: use new resource attributes for filtering groups

Uses attributes groupEntitlementDisabled and proxyAccessControlDisabled which should be added to Perun as a part of this task. These attributes are used when determining which groups can be used when calculating sp authorization and entitlements. If a group is assigned only using disabled resources, it is not counted as eligible in auth/entitlement calculation.

does not close but solves a part of PRX-213