Only revoke ownerless grants when unprivileged.

Recently we relaxed revokeUriPermission() to allow apps to revoke
Uri permissions that had been granted to them, but this uncovered
bugs in apps that had been relying on the previous no-op behavior.

To mitigate this, only revoke ownerless Uri permissions when in the
unprivileged state; an active owner indicates that another component
of the calling app still needs the permission.

Bug: 17554268
Change-Id: Icc412933b29041ffb699d20136a623440ecc71ec