Don't delete empty groups from database

[adombeck]

When a user logs in, we fetch the groups from the provider and update our database accordingly. When this causes a user to be removed from an authd group and that group doesn't have any other users in it, it's currently removed from our database . That's an issue for two reasons:

1. The next time a user who is a member of that group logs in, a new random GID is generated for that group, which means that any existing files owned by the group won't be accessible to members of the group anymore.
2. Whenever a another group is added, the random GID generated for that group can by chance be the same as the GID of the deleted group, allowing members access to existing files owned by the deleted group.

Existing releases are not affected by this, only current main is, because we only generate random GIDs since #663 was merged.

UDENG-5873

[adombeck]

I think we should fix this the same way we plan to support "deleting" users from the database via a command-line tool (#640), i.e. by marking the group as "disabled" in our database, which allows us to (1.) re-use the GID when it's added again, and (2.) include the GIDs of disabled groups when checking for GID conflicts.

[adombeck]

Actually, I don't see a difference between a "disabled" group and a group which just doesn't have any members. Unless I'm missing something, we don't need to mark it as disabled after all, and just keep the empty group in the database.