Test: cts-cli: Update test outputs for later ACL denial detection

We no longer get a <failed> object in the cib_process_create() output in
the case of ACL denial. This is because the denial is caught later
instead of at attribute set time. See previous commit message for more
details.

To address the other test output changes specifically:

• Previously, the denial happened when update_cib_object() -> copy_in_properties() -> crm_xml_add() called pcmkcheck_acl(). We made it past the creation of the <primitive> element, and that was allowed during pcmkapply_creation_acl(). However, the first attempt to set an attribute caused crm_xml_add() to error, which in turn caused update_cib_object() and add_cib_object() to error, leaving an empty <primitive> element.
• Now, we don't set any attributes explicitly; we copy the whole subtree. So we get our first error message from pcmkcheck_acl() later, and it reflects the fact that <primitive id="dummy"> was copied with its attributes. cib_perform_op() -> xml_acl_disable() -> pcmkapply_creation_acl() (recursive) -> pcmk__check_acl().

Signed-off-by: Reid Wahl <nrwahl@protonmail.com>