CNDB-15617: ClienState checks if system before super (#2039)

### What is the issue

`ClientState.isSystem()` only checks the `isInternal` field, which is
false for external client states created via `forExternalCalls(user)`.
This causes the method to return false even when the authenticated user
is `AuthenticatedUser.SYSTEM_USER`.

This leads to incorrect behavior in `isOrdinaryUser()`, which calls
`isSuper()` for `SYSTEM_USER`, triggering expensive database queries via
`Roles.hasSuperuserStatus()`. During system initialization when auth
tables aren't fully ready, this causes `NullPointerException` because
`CassandraRoleManager.loadRoleStatement` may not be initialized yet.

### What does this PR fix and why was it fixed

Change `isSystem()` to check both the internal flag and the user
identity, change `isOrdinaryUser()` to check system users before super
users.

Author: driftx

src/java/org/apache/cassandra/service/ClientState.java

@@ -608,9 +608,10 @@ public void ensureNotAnonymous()
      */
     public boolean isOrdinaryUser()
     {
+        // check isSystem() before super user, system users should bypass all guardrails and permissions
         if (ENABLE_GUARDRAILS_FOR_ANONYMOUS_USER.getBoolean())
-            return !isSuperIgnoreAnonymousUser() && !isSystem();
-        return !isSuper() && !isSystem();
+            return !isSystem() && !isSuperIgnoreAnonymousUser();
+        return !isSystem() && !isSuper();
     }
 
     /**
@@ -633,11 +634,14 @@ public boolean isSuperIgnoreAnonymousUser()
     /**
      * Checks if the user is the system user.
      *
+     * Returns true for both internal calls (isInternal) and external calls
+     * made by system users.
+     *
      * @return {@code true} if this user is the system user, {@code false} otherwise.
      */
     public boolean isSystem()
     {
-        return isInternal;
+        return isInternal || (user != null && user.isSystem());
     }
 
     public void ensureIsSuperuser(String message)