Handle side effect of requests that delete resources

[niklashaug]

When a request deletes a resource, the server can't make a valid decision on whether to permit a request or not.
Therefore the tool also can't make a valid decision and should do one of the following:

• after successful deletion of a resource stop making any further requests on that resource
• OR ensure that seeding can take place after each individual request – a callback could be provided for this case but this could mean a significant overhead

Regardless of this, all test cases from non-legitimate users should be done first so that real security issues are caught (non-legitimate user can escape privileges) rather than just malfunctioning business logic (legitimate user can't perform legitimate action).

[niklashaug]

Sorting of test cases currently works like that:

• first sort by permitted state to ensure test cases with denied as expectation are executed first
• after that, sort by resource action to ensure test cases with delete as action are executed last