[TASK] Make code migration checking roles in policies more robust
The migration checking for the use of globally defined roles identifier
was a bit too eager in working on packages without Policy.yaml and/or
role definitions, plus it did not skip local roles in ACLs.
Releases: master, 2.0