Update Special App Access Compose Components for ECM

This is the first in a series of changes to wire up all app settings to
be ECM restrictable. We introduce a new method in
RestrictedLockUtilsInternal which determines whether or not a setting is
restricted based on a passed in key. It currently duplicates the current
implementation, but will eventually be replaced by a call to permissions
mainline.

The settings under SpaPrivileged are then updated to have a new
BlockedByEcm which is decided by the RestrictedLockUtilsInternal call.

Enable ECM restrictions for Usage Access and Device Admin

Bug: 297372999
Test: Manually tested on device. Automated Tests at end of chain
Change-Id: I4da9cb3309723682101b7c40af4e66683e5917e7