Manage content access rights should use SecurityEntityProvider service

Description

The manage access rights component in edit mode now has its own REST store that uses SecurityEntityProvider service (just like admin view) to return users from both ASP.NET Identity and Opti ID sources. Opti ID is only for business users (such as editors and admins), while ASP.NET Identity is for end users.  

IQueryableNotificationUsers returns business users only from Opti ID, and you should use it when setting up content approval flows, not access rights. End users (and roles) should have access to protected content but only business users should receive notifications.