Entity-level access control checks should be simplified to delegate to the AccessController

We currently test whether entity-level access control is turn on before performing every access check on an entity. This behavior should be simplified to just passing the entity being checked to the AccessController to perform the check (if enabled) in one line. This would not only simplify the code but would consolidate activities such as security audit logging.