* Audit log CRUD permission failures

When we run `metabase.api.common/*-check` functions like `update-check` or `create-check`, publish an event when the
check fails, along with enough context that, on the other side, the audit log handler can record the relevant event.

Note that we won't fire events for a `read-check` failure. Eventually we will and these events will be handled by the "read log" instead of the audit log.

If we throw an event that isn't derived from `:metabase/event` it will throw an exception. That `derive` no longer belongs in the
audit log code, and until we have the view log there's not really a logical place to put it. For now, I just commented
out the `publish-event!` call, with the assumption that the view log is coming very soon. Otherwise we can just delete
it and add it back in when it's needed.

Some tangentially related required changes here to make this work include:

* allow `audit-log/model-name` to work with RootCollections

`(t2/model root-collection)` returns a Class rather than a keyword - `name` doesn't work here, so we'll use
`getSimpleName` instead.

* add a default model-details clause for dashboards

If the event-type is not one that we've explicitly delineated, just return an empty map for the model details.

* Migration to fit longer model names in `activity.model`

The `NativeQuerySnippet` or `PermissionsGroupMembership` models, for example, were too long to fit in `VARCHAR(16)`.
I'm doubling the length of this column to fit the longest model I see, with a little extra room.