Decouple GaeUserCredentials from UserService and simplify tests

This disentangles GaeUserCredentials and UserService, which lets us remove a
bunch of hacky and brittle code from LoginFlowViaConsoleTest.

Previously, GaeUserCredentials was constructed for a user, but then was still
directly calling UserService to check if the user was an admin.  UserService
can be adjusted in tests (via AppEngineRule / LocalServiceTestHelper) but it's
a pain, especially to do dynamically within a single test file.  The hacky
code in LoginFlowViaConsoleTest was working around that restriction.

With this CL, you can pass into GaeUserCredentials whether the user is an
admin or not (for testing) or construct one directly from a UserService object
(for production, and for convenience in tests using an AppEngineRule user).

Note that I also changed EppConsoleAction to @Inject UserService.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=132696391

java/google/registry/flows/EppConsoleAction.java

@@ -14,8 +14,7 @@
 
 package google.registry.flows;
 
-import static com.google.appengine.api.users.UserServiceFactory.getUserService;
-
+import com.google.appengine.api.users.UserService;
 import google.registry.request.Action;
 import google.registry.request.Action.Method;
 import google.registry.request.Payload;
@@ -35,13 +34,14 @@ public class EppConsoleAction implements Runnable {
   @Inject @Payload byte[] inputXmlBytes;
   @Inject HttpSession session;
   @Inject EppRequestHandler eppRequestHandler;
+  @Inject UserService userService;
   @Inject EppConsoleAction() {}
 
   @Override
   public void run() {
     eppRequestHandler.executeEpp(
         new HttpSessionMetadata(session),
-        new GaeUserCredentials(getUserService().getCurrentUser()),
+        GaeUserCredentials.forCurrentUser(userService),
         EppRequestSource.CONSOLE,
         false,  // This endpoint is never a dry run.
         false,  // This endpoint is never a superuser.