Audit event types for token permissions

We currently log 12 event types for CI job token (docs).

We need to add events to include permissions and the user who performed the action to:

• add permissions to a project/group
• remove permissions from a project/group
• Edited permissions? (not sure how this is going to be tracked - maybe this is a combo of add/remove)

This is limited to the permissions tied to the allowlist.