Fix role permission granting.

Don't override user set/fixed permissions when we are re-granting
permissions during reconciliation. Otherwise, users won't be able to
revoke permissions granted by role (it will be constantly overridden
by the re-grant). This change fixed it by separating
overrideDisabledSystemPackage and overrideUserSetAndFixed, so that for
roles we can say we don't care about disabled system package, but we
do care about whether to override user choice.

Bug: 124452117
Test: presubmit
Change-Id: I9faa2f8bde5c9e6e0558822f1109d3fc2cadd5d7