switchUser checks INTERACT_ACROSS_USERS_FULL

Previously, there were implicit checks for other permissions. Here we
add an explicit check for INTERACT_ACROSS_USERS_FULL, in line with
startUser and stopUser.

We also clean up the code by introducing a checkCallingPermission
method, but this introduces no functional changes.

Fixes: 128601341
Test: Manual confirmation that a test app cannot call switchUser but
that shell can. Same for all changed methods.

Change-Id: I447ee7a7fbf634fee602613a6287fdccf835128a