Rationale:

Converting * to data frame / numpy array efficiently is required in all
wendelin projects, without this functionality wendelin is useless.
Currently all projects allow this functionality in an insecure way.
This commit aims to improve the situation by supporting a secure way of
this functionality.

(See nexedi/wendelin!99 (comment 158474))

Because pandas (in restricted Python) can also be useful in 'pure' ERP5
(without Wendelin) the functionality is added to ERP5 source code.

---

Security:

Security is guaranteed by patching selected read_* functions and
allowing the patched versions. The patch prohibits anything but
string input which directly contains the data (e.g. no urls, file
paths). New unit tests ensure the restrictions of the patches
are actually effective.

---

Notes on implementation decisions:

Instead of offering new ERP5 extension methods (e.g. Base_readJson)
this commit adds patched pandas read functions in restricted Python.
In this way the change of the known API is as minimal as possible.

Instead of globally monkey-patching pandas read_* functions, only the
functions inside restricted python are patched.
In this way the fully-functional, original functions are still available
in Zope products or ERP5 extension code.

Minor changes in the way how pandas is allowed in restricted python
have been applied. Please consult the following discussions in the Merge
request for details:

nexedi/erp5!1615 (comment 159203)
nexedi/erp5!1615 (comment 159341)