Minimize the stopUser force parameter

The "force" parameter in stopUser is confusing and misleading. It sounds
like "force stopping" a user is a powerful, generic action. In reality,
this parameter is extremely narrow in its meaning: when false, it means
that a profile won't be stopped if it is a profile of the current or
system user. Since, hitherto, profiles always belong to the system user,
this effectively means that
stopUser(force==false) just means "stop the user but only if it isn't a
profile user", which is basically never desired (since then the caller
shouldn't be calling the method in the first place).
For full users (e.g. when called as part of a user switch), it is
completely irrelevant.

This confusion has propagated, since callers seem to think it means
something more. Moreover, due to HSUM, going forward, profiles may
belong to other users, in which case the effective action of this
parameter will change, so clarity is important.

Here, we try to clarify and wean usage off the "force" parameter. It is almost
always set to true, except in the very rare instances where false is actually
desired (when stopping a user due to there being too many running users,
and when stopping a background user due to a change in the corresponding
user restriction).

Unfortunately, we cannot simply get rid of the force-parameter version
of AMS.stopUser, but we can at least make it clear that it's not normal
to use.

Test: atest UserControllerTest

Test: CarSystemUI-tests:com.android.systemui.car.qc.QCLogoutButtonControllerTest
Test: CtsCarBuiltinApiTestCases
Test: CarServiceUnitTest

Test: atest SystemUIGoogleTests:com.google.android.systemui.communal.dock.callbacks.UserSwitcherTest

Bug: 324647580
Change-Id: I28f30d5ac68330850691141be93bcad05b4c3210