More judicious permission-change handling

There is a steady report of ANRs from AccountManagerService when it's processing changes to PermissionState. The optimistic canceling of a possible notification seems like it's backlogging the NotificationService messages operation queue. The specific AppOps/Permissions that AccountManager cares about are pretty narrow and not terribly volatile, while other kinds of changes can be *very* chatty.

This changes things to just use the AppOps listener (which allows for listening to just the specific AppOps) and uses changes to the three related settings as a trigger to revoke the notifications. This still could be reduced more if necessary/appropriate. Like by keeping track of the IDs of posted notifications at this layer and then only trying to cancel things that have been posted. But this change keeps most of the original logic as a way to minimize risk of regressions.

Bug: b/322509266
Flag: EXEMPT bugfix
Test: presubmit
Change-Id: I373aa33657dc7e87da9bd12406bcfc9634dc99dc