Treat play_file() and co as internal routines without protection

Our code and add-ons need a way to play audio from arbitrary locations.
I propose we treat the _tag API as dangerous, and the _file API as
trusted.

Related: #4058

qt/aqt/sound.py

@@ -177,16 +177,28 @@ class AVPlayer:
             self._stop_if_playing()
 
     def play_file(self, filename: str) -> None:
-        self.play_tags([SoundOrVideoTag(filename=os.path.basename(filename))])
+        """Play the provided path.
+
+        SECURITY: Filename may be an arbitrary path. For content coming from a collection,
+        use play_tag() instead."""
+        self.play_tags([SoundOrVideoTag(filename=filename)])
 
     def play_file_with_caller(self, filename: str, caller: Any) -> None:
+        """Play the provided path, noting down the caller.
+
+        SECURITY: Filename may be an arbitrary path. For content coming from a collection,
+        use play_tag() instead."""
         if self.current_caller:
             self.current_caller_interrupted = True
         self.current_caller = caller
         self.play_file(filename)
 
     def insert_file(self, filename: str) -> None:
-        self._enqueued.insert(0, SoundOrVideoTag(filename=os.path.basename(filename)))
+        """Place the provided path at the top of the playlist.
+
+        SECURITY: Filename may be an arbitrary path. For content coming from a collection,
+        use play_tag() instead."""
+        self._enqueued.insert(0, SoundOrVideoTag(filename=filename))
         self._play_next_if_idle()
 
     def toggle_pause(self) -> None: