Remove permission based active admin.

The only way such an admin can be accessed is via
DevicePolicyData.createOrGetPermissionBasedAdmin(), and this is only used
when creating an EnforcingAdmin. But as of previous CL in the chain,
ActiveAdmin is never queried from EnforcingAdmin, so even if such an
admin is created, it is never used, i.e. no policies are saved or
queried there. With this change all references to permission-based
ActiveAdmin should be guarded by !Flags.activeAdminCleanup()

Bug: 335663055
Test: TH
Flag: android.app.admin.flags.active_admin_cleanup
Change-Id: Ia791802291163f3a4c66e68208d44b87f525b4ac