sql: Remove inheritance of role attributes

[jkosh44]

Previously, roles inherited role attributes of all their member roles. This was incorrect and not has PostgreSQL works. This commit removes this inheritance.

Part of MaterializeInc/database-issues#3380

Motivation

This PR adds a known-desirable feature.

Checklist

• This PR has adequate test coverage / QA involvement has been duly considered.
• This PR has an associated up-to-date design doc, is a design doc (template), or is sufficiently small to not require a design.
• This PR evolves an existing $T ⇔ Proto$T mapping (possibly in a backwards-incompatible way) and therefore is tagged with a T-proto label.
• If this PR will require changes to cloud orchestration, there is a companion cloud PR to account for those changes that is tagged with the release-blocker label (example).
• This PR includes the following user-facing behavior changes:

[maddyblue]

Wait what? Is this because of NOINHERIT or something? I'm reading over https://www.postgresql.org/docs/current/role-membership.html but don't see what's going on here.

[jkosh44]

No, I just originally misunderstood role attributes. They are never inherited, unlike role privileges and object ownership. If you scroll down to the end of those docs you'll see:

The role attributes LOGIN, SUPERUSER, CREATEDB, and CREATEROLE can be thought of as special privileges, but they are never inherited as ordinary privileges on database objects are. You must actually SET ROLE to a specific role having one of these attributes in order to make use of the attribute. Continuing the above example, we might choose to grant CREATEDB and CREATEROLE to the admin role. Then a session connecting as role joe would not have these privileges immediately, only after doing SET ROLE admin.

[def-]

Thanks for test updates, lgtm