Implement roles.add RPC endpoint

[Anish9901]

Fixes #3670

Checklist

• My pull request has a descriptive title (not a vague title like Update index.md).
• My pull request targets the develop branch of the repository
• My commit messages follow best practices.
• My code follows the established code style of the repository.
• I added tests for the changes I made (if applicable).
• I added or updated documentation (if applicable).
• I tried running the project locally and verified that there are no
  visible errors.

Developer Certificate of Origin

Developer Certificate of Origin

Developer Certificate of Origin
Version 1.1

Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
1 Letterman Drive
Suite D4700
San Francisco, CA, 94129

Everyone is permitted to copy and distribute verbatim copies of this
license document, but changing it is not allowed.


Developer's Certificate of Origin 1.1

By making a contribution to this project, I certify that:

(a) The contribution was created in whole or in part by me and I
    have the right to submit it under the open source license
    indicated in the file; or

(b) The contribution is based upon previous work that, to the best
    of my knowledge, is covered under an appropriate open source
    license and I have the right under that license to submit that
    work with modifications, whether created in whole or in part
    by me, under the same open source license (unless I am
    permitted to submit under a different license), as indicated
    in the file; or

(c) The contribution was provided directly to me by some other
    person who certified (a), (b) or (c) and I have not modified
    it.

(d) I understand and agree that this project and the contribution
    are public and that a record of the contribution (including all
    personal information I submit with it, including my sign-off) is
    maintained indefinitely and may be redistributed consistent with
    this project or the open source license(s) involved.

[mathemancer]

There are some issues that keep this from working. See line comments for details.

Additionally, please write a couple of SQL tests to make sure the functionality is working (these would have caught one of the issues), and a couple of mocked call-of-the-RPC-function tests for the roles.add and roles.list_ methods (these would have caught the other breaking problem).

[pavish]

The user/role should not have the CREATE privilege on the database while creating the role, which both create_basic_mathesar_user and the code here grants.

A tangential question:
I was under the impression that we would allow mathesar_schemas to be used by PUBLIC which will not require us to have to explicitly grant access to each role. Is that not the case? What about roles created outside of Mathesar and configured here? Do those roles not have access to our schemas? (Also a question to @mathemancer)

[mathemancer]

I think this would be the right thing to do. We'd have to add default privileges to them.

[Anish9901]

@pavish @mathemancer I found out that creating a new role automatically grants CONNECT and TEMPORARY privileges to the role, no matter weather the role is login or non-login. I also tried revoking all privileges from the created roles which had no effect.

You could also notice this in the sql test in the PR test_create_role()

[pavish]

@Anish9901 CONNECT and TEMPORARY are good with me.

[mathemancer]

@pavish @mathemancer I found out that creating a new role automatically grants CONNECT and TEMPORARY privileges to the role, no matter weather the role is login or non-login. I also tried revoking all privileges from the created roles which had no effect.

You could also notice this in the sql test in the PR test_create_role()

Huh. Well, I looked into this in the docs and found this:

PostgreSQL grants privileges on some types of objects to PUBLIC by default when the objects are created. No privileges are granted to PUBLIC by default on tables, table columns, sequences, foreign data wrappers, foreign servers, large objects, schemas, tablespaces, or configuration parameters. For other types of objects, the default privileges granted to PUBLIC are as follows: CONNECT and TEMPORARY (create temporary tables) privileges for databases; EXECUTE privilege for functions and procedures; and USAGE privilege for languages and data types (including domains). The object owner can, of course, REVOKE both default and expressly granted privileges. (For maximum security, issue the REVOKE in the same transaction that creates the object; then there is no window in which another user can use the object.) Also, these default privilege settings can be overridden using the ALTER DEFAULT PRIVILEGES command.

@pavish What are the UI implications (if any) of this? I think we should avoid altering those default privileges unless we really need to (even on internal DBs) and we should definitely not do that on non-internal DBs.

@Anish9901 The reason your REVOKE had no effect is because the role didn't have the privilege directly; it's just inherited from PUBLIC (and I assume you didn't REVOKE anything from PUBLIC).

[pavish]

@mathemancer

What are the UI implications (if any) of this? I think we should avoid altering those default privileges unless we really need to (even on internal DBs) and we should definitely not do that on non-internal DBs.

The UI would not be affected by this. We currently do not support altering default privileges for objects for RC.

[mathemancer]

Okay, LGTM.

[mathemancer]

Nice!

[pavish]

Looks good to me!