### Description
User creation was not properly logged within the action log, neither
from sub-user invite or manual user creation. This PR adds the relevant
log and includes testing.
### Manual testing scenarios
1. Invite a user within any created server
2. Create a user in the admin
3. Verify both users appear as an action in the action log
### Questions or comments
AI was used for secondary testing, QA and code review. No code was
written by AI.
### Resolved issues:
1. [x] resolvespterodactyl/panel#5631
This change applies a rate limit to account email changes to prevent
enumeration on the system. The throttle is applied at the account level.
Administrators can still update an account's email address manually to
bypass this restriction if/when necessary.
This is a partial implementation to begin moving towards stripe-style
identifiers for resources in the system. Any models with an existing
`uuid` column can easily be updated to return an identifier in the
format of `prfx_xyz` where `prfx` is a four character prefix, and `xyz`
is the UUID, encoded using base-32.
These are quite easy to use within the API layer because we just need to
do one quick transformation to extract the UUID for those models. This
PR implements that logic for servers in the `SubstituteClientBindings`
logic.
A future PR will need to come through and handle identifiers for models
that _don't_ currently use UUIDs for reference that we want to expose to
clients. In those cases it is easier to just generate base-32 encoded
UUID7s that get stored in the database and indexed. They follow the same
base approach, but you don't need to do any transformations in the code
(other than stripping the prefix, unless we decide to store the prefix).
There is also now a `PTERODACTYL_USE_SERVER_IDENTIFIERS` environment
variable, that when set to true, updates the front-end and API response
to use this new identifier in place of the `uuidShort` value.
This expands upon previous work done to better disconnect users from
SFTP when different events occur within Pterodactyl. This new logic also
accounts for password changes and their account being deleted entirely
from the system.
These events now trigger background jobs that will reach out to every
node they are associated with to ensure they're disconnected if
currently connected.
Changes the API internals to use normal Laravel binding which automatically supports nested-models and can determine their relationships. This removes a lot of confusingly complex internal logic and replaces it with standard Laravel code.
This also removes a deprecated "getModel" method and fully replaces it with a "parameter" method that does stricter type-checking.
