Add internal service paths for enterprise setup

Add internal service paths for enterprise device initialization through
the addition of several TimeDetectorInternal and
TimeZoneDetectorInternal methods that are intended for use by
DevicePolicyManagerService (in a later commit).

Many of the changes to service code relate to the need to bypass user
policy checks for the new usecases (which don't need to enforce them,
because they are acting on behalf of a "device admin").

A check to enforce user policy checks for setting time has been added as
part of this commit. The absence looks like an omission.

This commit changes some permission checks in *Service classes to be
more restrictive, i.e. enforceCallingOrSelfPermission() ->
enforceCallingPermission().  Looking at the history the "OrSelf" was
originally added for enterprise use cases (since calls were made via
*Service), and some were just copy-and-pastes.  With dedicated paths
being added for enterprise via *Internal APIs, the "OrSelf" shouldn't be
needed as there are no binder calls involved for enterprise.

This commit switches some test code to using Mockito's spy() for
call-tracking to simplify hand-rolled fakes. It also adds a new
dependency on the junit-params for easier parameterization of test
methods.

Bug: 236612872
Test: atest services/tests/servicestests/src/com/android/server/timedetector/
Test: atest services/tests/servicestests/src/com/android/server/timezonedetector/
Change-Id: Ie5a8cccbb092077c000abd24854b70917d5e324d