Fix validation error msg for invalid attribute on nested entity attribute

[john-h-kastner-aws]

Description of changes

In sandbox_b/policies_5_bad.cedar the validation error message was

× policy set validation failed
  ╰─▶ unable to guarantee safety of access to optional attribute `` for entity type User
    ╭─[14:10]
 13 │ when { resource.private }
 14 │ unless { resource.account.owner == principal };
    ·          ──────────────────────
    ╰────
  help: try testing for the attribute with `e has f && ..`

The attribute name was empty, it it thought the access happened on a User entity.
With this fix it correctly sees that the policy access owner on an Account entity.

  × policy set validation failed
  ╰─▶ unable to guarantee safety of access to optional attribute `owner` for entity type Account
    ╭─[14:10]
 13 │ when { resource.private }
 14 │ unless { resource.account.owner == principal };
    ·          ──────────────────────
    ╰────
  help: try testing for the attribute with `e has owner && ..`

Issue #, if available

Checklist for requesting a review

The change in this PR is (choose one, and delete the other options):

• A bug fix or other functionality change requiring a patch to cedar-policy.

I confirm that this PR (choose one, and delete the other options):

• Updates the "Unreleased" section of the CHANGELOG with a description of my change (required for major/minor version bumps).

I confirm that cedar-spec (choose one, and delete the other options):

• Does not require updates because my change does not impact the Cedar formal model or DRT infrastructure.

[shaobo-he-aws]

Nit: is it possible to instantiate e in e has ...?

[john-h-kastner-aws]

Nit: is it possible to instantiate e in e has ...?

With the new way we carry source range and original source code, I might be able to snip the exact original e out of the policy source if it's present. Otherwise using the Display for e would work well enough.