Afform - Delegated API calls should use a security helper

Afform - Delegated API calls should use a security helper

Before
------

The `Prefill`, `Submit`, and `AbstractProcessor` have various calls to `civicrm_api4()`
which are meant to read/write data for a specific entity.

These calls may or may not have `checkPermissions` sprinkled in.

After
-----

Those calls to `civicrm_api4()` now go through a wrapper. For example:

```php
$formDataModel->getSecureApi4('spouse')('Contact', 'get', [...]);
```

In this call, we use the settings for the `spouse` entity to pick a security
policy.  Then, we execute the `Contact.get` API within that security policy.