Redefine UserMemento#isSystemUser to instead take into account SudoService#accessAll role

We currently have two very similar notions that are meant to disable permission checking (typically for integration tests), `UserMemento#isSystemUser`, and separately the `SudoService#ACCESS_ALL` role, as set up by the `NoPermissionsCheck` junit 5 extension.

However, the `TenantedAuthorizationFacetDefault` is only aware of the former of these, via `UserService#isCurrentUserWithSystemPrivileges`, and because the UserMemento#isSystem is an equality check, the two mechanisms are incompatible.

Luckily, `TenantedAuthorizationFacetDefault` is the only usage of this API.  Therefore, the purpose of this improvement is to combine these two notions, and refactor names from (real) "system user" (aka root) to (effective) user (aka sudo).