Potentially redundant entity types for permissions

[mas-who]

Required information

• Distribution: 5.21 LTS
• Distribution version: snap

Issue description

Currently in lxd the identity and certificate entity type from the authorisation model may relate to the same entities. An identity entity refers to oidc and tls entities and a certificate entity refers to tls entities only. Therefore, certificate entities is a subset of identity entities. Permissions can be created for both entity types currently, but ideally we should consider combining both entity types in the authorisation model to minimise the possibility of conflicting permissions.