fix(security): topologically sort composable feature privileges before composing actions (elastic#211035)

## Summary

This PR changes the privilege's actions merging logic for the composable
and deprecated Kibana features. The change makes it possible to have any
number of composable and deprecated features chained by `replaceBy`,
`composedOf`, or a combination of the two.

Under the hood, the privileges factory sorts all deprecated and
composable privileges using Kahn's algorithm for topological sorting,
similar to what is used to sort Kibana plugin dependencies. This allows
us to not only detect cyclical dependencies but also sort privileges in
the proper order depending on their dependency chain.

The use cases addressed by this change are best illustrated by the
`actions should respect composedOf when specified with replaceBy at the
privilege` test in `privileges.test.ts`.

Author: azasypkin