Add missing permission check to offerNetwork

The missing permission check means that an unauthorized app could
have registered a network offer to intercept all NetworkRequests (by
trivially guessing an existing provider ID) which would have leaked
information about other apps on the system.

This adds a NETWORK_FACTORY or MAINLINE_NETWORK_STACK permission check
to offerNetwork per the API annotations in ConnectivityManager.
Test networks can be offered when holding the MANAGE_TEST_NETWORKS
permission which is consistent with similar APIs in this class.

There can be no legitimate use of this API a) offerNetwork is @hide
and only exposed via NetworkProvider, and b) it requires getting a
provider ID by calling registerNetworkProvider which correctly enforces
permissions.

unofferNetwork does not currently require any permissions. Again, this
is consistent with the API annotations in ConnectivityManager.

Test: TH
(cherry picked from https://android-review.googlesource.com/q/commit:ff65257bd07c791a5bfef2f54bf96ae224c03273)
Bug: 388828859
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:16fc1534dd891de18bdb14016d183001adb273d3)
Merged-In: If71ce012f927a34c647d36b5eaf3723de2c01879
Change-Id: If71ce012f927a34c647d36b5eaf3723de2c01879