Backport of always update acl policy if it exists into release/0.49.x

[hc-github-team-consul-core]

Backport

This PR is auto-generated from #2392 to be assessed for backporting due to the inclusion of the label backport/0.49.x.

The below text is copied from the body of the original PR.

---

Changes proposed in this PR:

• removed c.flagEnableNamespaces || c.flagSyncCatalog check to always allow acl update

Context :-
Between 0.49.0 and 1.0.x: we don't update ACL policies unless namespaces or sync catalog is enabled but between those versions, we merged controller and connect-inject. This meant we added required ACL rules to connect inject but those don't actually get updated and so now the controller can't do things like create intention CRDs.

How I've tested this PR:

• deploy 0.49.x with connect inject enabled and acls enabled
• Get the acl policy for connect injector and save it locally
• build a control plane image and set imageK8s with it.
• upgrade to 1.0.x with your changes
• Check the acl policy again and check that it has updated rules as opposed to the one from step 2

Checklist:

• Tests added
• CHANGELOG entry added

  HashiCorp engineers only, community PRs should not add a changelog entry.
  Entries should use present tense (e.g. Add support for...)

---

Overview of commits

• 9a8c45b - 8007920 - 7ab54ce - 399853b - ed3f58a - 55a9090