Restricted Networking Mode fixes

Insert added packages to restricted networking mode's allowlist

In restricted networking mode, added packages are restricted by default.
This change allows packages with INTERNET permission by default instead,
since only those need allowlisting.

Change-Id: I363c7062a8670c6a5270ac61a71e3197255d9b6c
(cherry picked from commit f0e16aac3e0e342ebb087d2469dc289f1ef050cf)

Insert/remove packages from new/deleted users to/from restricted networking mode's allowlist

In restricted networking mode, when a user is created, its packages are restricted by default.
This change allows packages with the INTERNET permission.
On the other hand, when a user is deleted, the UIDs are removed.

Test:
1. Create new user
2. adb shell settings get global uids_allowed_on_restricted_networks
3. Delete user
4. adb shell settings get global uids_allowed_on_restricted_networks

Change-Id: I5999e5ada12955a46b7e6797261c5ee3788c623d

restricted-networking: Always log newly installed apps being added to the allowlist

* This way we can try to track down rare issues noticed where
  sometimes an app didn't get added to the allowlist, or it got
  added when it shouldn't have.

Change-Id: Ib95f80918feb5db95766837e5708ad070f2d1070

restricted-networking: Always log UID removal

* Will help debug any issues that may or may not arise.

Change-Id: I40f0937b921a83dfdee14891b791a067ae463b95

restricted-networking: Only add newly installed apps to the allowlist, not upgrades

* Upgrading apps still sends PACKAGE_ADDED, since it's sent for
  "new package installs", which technically an upgrade still is.
* Check EXTRA_REPLACING to see if it's a new app.
* Avoids unconditionally turning on networking on app upgrade

Change-Id: Ie7a4090101d47c7033b7f41792e943129dba0700

Co-Authored-By: Chirayu Desai <chirayudesai1@gmail.com>
Change-Id: Ia3ec546747057301c65a792e0fabef4c45b4b5a4