Define a new permission to guard role-based application executing action

The system would like to enable Assistant to perform actions on
behalf of users inside of applications. We introduce a permission
that will be automatically granted to the assistant role. The
application exposes some services that allow only the assistant to
use the service, so application can use this permission to check the
caller that calls app’s service is the Assistant

Bug: 264324827
Test: atest PermissionPolicyTest#platformPermissionPolicyIsUnaltered
Change-Id: Ib0ad7a865e2bd89a32b4b2df955baeea293ff7dc