LockSettingsService: remove unnecessary permission constants

Remove the PERMISSION and BIOMETRIC_PERMISSION fields and replace them
with ACCESS_KEYGUARD_SECURE_STORAGE and MANAGE_BIOMETRIC directly.
Originally LockSettingsService only ever checked for 1 permission
(ACCESS_KEYGUARD_SECURE_STORAGE), and PERMISSION was used as a shorthand
for that permission.  But now LockSettingsService checks for 5 different
permissions and it makes more sense to write each one explicitly.

Test: presubmit
Flag: EXEMPT refactor
Change-Id: Id6e689b5217391f5b5dc8715f0a6b3d937f1ab02