SECURITY: Prevent arbitrary topic custom fields from being set

Why this change?

The `PostsController#create` action allows arbitrary topic custom fields
to be set by any user that can create a topic. Without any restrictions,
this opens us up to potential security issues where plugins may be using
topic custom fields in security sensitive areas.

What does this change do?

1. This change introduces the `register_editable_topic_custom_field` plugin
API which allows plugins to register topic custom fields that are
editable either by staff users only or all users. The registered
editable topic custom fields are stored in `DiscoursePluginRegistry` and
is called by a new method `Topic#editable_custom_fields` which is then
used in the `PostsController#create` controller action. When an unpermitted custom fields is present in the `meta_data` params,
a 400 response code is returned.

2. Removes all reference to `meta_data` on a topic as it is confusing
   since we actually mean topic custom fields instead.

lib/topic_creator.rb

@@ -48,7 +48,7 @@ class TopicCreator
     setup_tags(topic)
 
     if fields = @opts[:custom_fields]
-      topic.custom_fields.merge!(fields)
+      topic.custom_fields = fields
     end
 
     DiscourseEvent.trigger(:before_create_topic, topic, self)
@@ -122,7 +122,7 @@ class TopicCreator
       visible: @opts[:visible],
     }
 
-    %i[subtype archetype meta_data import_mode advance_draft].each do |key|
+    %i[subtype archetype import_mode advance_draft].each do |key|
       topic_params[key] = @opts[key] if @opts[key].present?
     end