[DO NOT MERGE] Verify URI Permissions in Autofill RemoteViews

Check permissions of URI inside of FillResponse's RemoteViews. If the
current user does not have the required permissions to view the URI, the
RemoteView is dropped from displaying.

This fixes a security spill in which a user can view content of another
user through a malicious Autofill provider.

Bug: 283137865
Fixes: b/283264674 b/281666022 b/281665050 b/281848557 b/281533566
b/281534749 b/283101289
Test: Verified by POC app attached in bugs
Test: atest CtsAutoFillServiceTestCases (added new tests)
Change-Id: I6f4d2a35e89bbed7bd9e07bf5cd3e2d68b20af9a
4 files changed