Create AphrontWriteGuard, a backup mechanism for CSRF validation

Summary:
Provide a catchall mechanism to find unprotected writes.

  - Depends on D758.
  - Similar to WriteOnHTTPGet stuff from Facebook's stack.
  - Since we have a small number of storage mechanisms and highly structured
read/write pathways, we can explicitly answer the question "is this page
performing a write?".
  - Never allow writes without CSRF checks.
  - This will probably break some things. That's fine: they're CSRF
vulnerabilities or weird edge cases that we can fix. But don't push to Facebook
for a few days unless you're prepared to deal with this.
  - **>>> MEGADERP: All Conduit write APIs are currently vulnerable to CSRF!
<<<**

Test Plan:
  - Ran some scripts that perform writes (scripts/search indexers), no issues.
  - Performed normal CSRF submits.
  - Added writes to an un-CSRF'd page, got an exception.
  - Executed conduit methods.
  - Did login/logout (this works because the logged-out user validates the
logged-out csrf "token").
  - Did OAuth login.
  - Did OAuth registration.

Reviewers: pedram, andrewjcg, erling, jungejason, tuomaspelkonen, aran,
codeblock
Commenters: pedram
CC: aran, epriestley, pedram
Differential Revision: 777

src/applications/files/engine/localdisk/PhabricatorLocalDiskFileStorageEngine.php

@@ -66,6 +66,7 @@ final class PhabricatorLocalDiskFileStorageEngine
       execx('mkdir -p %s', $parent);
     }
 
+    AphrontWriteGuard::willWrite();
     Filesystem::writeFile($root.'/'.$name, $data);
 
     return $name;
@@ -89,6 +90,7 @@ final class PhabricatorLocalDiskFileStorageEngine
   public function deleteFile($handle) {
     $path = $this->getLocalDiskFileStorageFullPath($handle);
     if (Filesystem::pathExists($path)) {
+      AphrontWriteGuard::willWrite();
       Filesystem::remove($path);
     }
   }