Also check app-ops on path-permissions.

Any place that we check permissions we also need to check any
app-ops associated with those permissions.  In the case of providers
with both <provider> and <path-permission> permissions, track and
report the strongest app-ops denial.

Bug: 22718722
Change-Id: I45e62de39b04d16d071558ad980b701667cfcb9a