Role name casing

[gvkries]

Describe the bug

The headless recipe uses upper casing for the system role names 'Authenticated' and 'Anonymous' (i.e. 'AUTHENTICATED' and 'ANONYMOUS'). This casing discrepancy leads to several issues:

• The computation of effective permissions in the admin portal is incorrect when the system role 'Anonymous' is not cased in that way.
• Default permission stereotypes are not applied during setup and feature enabling. For instance, the anonymous role is missing the default 'View all content' permission.

To Reproduce

1. Use the headless recipe to create a tenant. That recipe uses upper casing for the anonymous and authenticated roles.
2. Edit permissions for the anonymous role. It will show inherited permissions from other roles and will not assign the default permission.

Expected behavior

The casing of the roles should not matter. At least for the internal system roles.

Upon reviewing the source code, it appears that role name comparisons vary in their use of case sensitivity. Some locations use case-insensitive rules, while others use the equality operator. This inconsistency should be consolidated for uniform behavior.
Additionally the used permission names are hardcoded hundred of times all over again. This is error prone and introducing some kind of RolesNames utility would be handy.