Document security implications when using the local connector

[jensschuppe]

The local connector (as opposed to remote connectors) does not require a Drupal user and thus no permissions to send CiviCRM API requests via the CiviMRF interface.

The permission to add/edit CiviMRF profiles should therefore be marked as a restricted permission (see the hook_permission() documentation) and a warning should be printed on the configuration page, explaining the implications involved with using the local connector.

A problematic scenario would be Webform editors being granted the permission to configure CiviMRF for Webforms, which allows selecting the CiviMRF profile, regardless of whether the local or a remote connector is being used.

[jensschuppe]

This involves introducing a dedicated permission, as the administer site configuration permission is currently being used for that, and it already has the "restricted" designation.

Also, in the D8/9 version of the module, the local connector can not be used anymore. This leaves this issue with missing documentation.