Fix document management permission enforcement.

Allow both explicit holders of the MANAGE_DOCUMENTS permission and
those holding Uri grants to perform management tasks.

Extend grants for newly created documents when caller doesn't have
permission.  Revoke grants when deleting documents.

Test now writes actual content into picked file.  Workaround updated
flags for Drive app.

Bug: 10623211
Change-Id: Ia8e90b33e0fac8294b2cacb96d083c43fdf75aab