Add validation to the Objects API prefill plugin to check if the user is the owner of the object

[stevenbal]

The prefill plugin should check if the value of the auth attribute (this path will be configurable after https://github.com/open-formulieren/open-forms/issues/4396) is the same as the value of this authattribute for the authenticated user, if not, it should raise a PermissionDenied which should result in a 403 on the Submission create endpoint

We might want to remove the Submission in case this 403 happens, but I'm not 100% sure about this

We might also have to add a check to verify that the object is of the same objecttype as part of the config