Permissions control via profile/device owner admin

Profile owners and Device owners can set policies for runtime
permissions. Blanket grant/deny policy can be set for a user.
They can also explicitly grant/revoke permissions for specific apps
which cannot be overridden by the user and will not be prompted.

[More implementation required in PackageManagerService and
 PackageInstaller]

Bug: 20666663
Change-Id: I2c25c18c2a195db9023a17716d5896970848bb45