user-group-api: use simple schema validator to be consistent how we validate user group names during creation between API and WEB.

security: use safe escaped version of description for repo and repo group to potentially prevent any XSS attacks on returned data.

audit-logs: implemented full audit logs across application. - Fixes #5321 - Api+web actions - To be extended while we develop new features.

security: fix self-xss inside the email add functionality.

security: escape the returned paths of files and directories. Nodes function is used for autocomplete in files view, it prevents from XSS type of attack in file search.

security: use 404 instead of 403 in case missing permissions for comment deletion. - prevents resource discovery

security: don't use literal in notifications. - exposes security problems - we don't store any html anyway in the subject

audit-logs: added *basic* support for NOT query term in audit logs.

audit-logs: updated action data attrbiutes.

audit-logs: consistent data between my-account and admin user logs.