Enforce type and role constraints on object accessors

[brummett]

Type constraints aren't checked for object accessors, either in create(), calling the mutator, or during commit():

class Foo { };
class Bar {
    has => [
        foo => { is => 'Foo', id_by => 'foo_id' },
    ]
};
class Junk { };
my $j = Junk->create();
my $b = Bar->create(foo => $j);
$b->foo($j);
UR::Context->commit();

Some possible solutions:

• We've been relying on DB constraints to catch these when they commit. Maybe UR::Context::__errors__() should do some validation here, but in a way that avoids DB queries if possible. If it's a non-nullable property, then either both the id-related accessor and object accessor should return undef, or both the id-related and object accessors should return something valid.
• Validate values during create() and in the mutators. This is probably easier to accomplish, but we don't validate other kinds of values except when committing.

Whatever we come up with, it should also support adding does metadata to properties to trigger Role validation for values, too.