Add a hook in the policy framework to restrict access to agl_shell_desktop

Close for JJ RC1

Changes are now in master. 

Btw, I've added the hooks and tried to see if I can get an client id, which later on should've been used in https://lf-automotivelinux.atlassian.net/browse/SPEC-3396#icft=SPEC-3396. 

I did a few experiments with this, and it seems that due to the async nature of how qtwayland processes things from the client I can't determine the client trying to bind to the interface – or the moment in which client connects is too early to figure out some of the xdg shell properties like the application id. I was hinting that maybe that was the case for the agl-shell interface and not for the agl-shell-desktop one. It seems that most sensitive thing to do is to add the hook checking while/before issuing the requests, but this redundant as we already have hooks for creation and displaying. 

Problem is that some requests need to happen before the surface is created, for instance the dialog pop-up and the remote surface roles. 

We can defer this to when the client displays/commits the surface (as we already have hooks for it). For the moment I don't really have another alternative, it seems a chicken and the egg situation. Can't check if the client is legitimate if I don't know which client is doing it....

@Scott Murray  I'm open to ideas here. 

You won't be able to access the config.xml files, they're inside the widgets and as such labelled such that that is explicitly impossible, even if you could work out where they're located (which is potentially non-trivial).  The AGL security mechanisms for permissions are driven using SMACK labels and group additions created at widget install time plus whatever is done for the web app token authentication, that's what you have to work with.