advanced support for resource entity and entitytype check in subscriptions

[chicco785]

Is your feature request related to a problem? Please describe.

Ideally, a user should be able to create / modify subscription only if the referred entity / entity_type in the body is accessible to him.

Describe the solution you'd like

Rules for subscription creation and update should check that referred entities / entities types / paths ect, are authorised to the user. Most probably, it would be good to have a "specific" acl for that e.g. acl:subscribe (or something similar, using a custom namespace to avoid "breaking" the spec).

Describe alternatives you've considered

N/A

Additional context

N/A