Cannot reset the password for a login role through UI

[Anish9901]

Description

• We don't perform any validation while configuring a new role on mathesar
• So if we have created a login role 'bob' with password 'bobisgreat' it can be configured in mathesar with any random password e.g. 'bob_bob' because there is no validation
• This can be a problem when an admin grants a bunch of privileges to 'bob' and assigns a mathesar user to connect using bob, only to find out that the mathesar user cannot access anything because the password is wrong.
• The role cannot be dropped easily because other objects might depend on it
• Also there is no way to reset the password for the role 'bob'.

Tasks

Preview Give feedback

1. Automatically configure new roles created via mathesar #4118
   0 of 3
   affects: ux beta: approved needs: ux design restricted: maintainers work: backend work: frontend +6
2. Allow resetting password for a pg role via mathesar #4119
   affects: ux beta: needs discussion needs: ux design restricted: maintainers work: backend work: frontend +6

[mathemancer]

I prefer the first option.

[pavish]

Also there is no way to reset the password for the role 'bob'
only to find out that the mathesar user cannot access anything because the password is wrong

Stored passwords for configured roles can be modified via the UI in the "Configurd Roles" page. I'm not sure why the user would want to reset the role password on the DB in this scenario.

That said, I do agree that we should automatically configure the role in Mathesar when a new role is created via the UI. We would probably need to mention somewhere on the UI that the role password will be stored in Mathesar automatically and allow the user to not store it if they don't want to.

[seancolsen]

@kgodey I think we should check in about this at a meeting ASAP to figure out whether we want to address this for beta, and if so: how. This is another one of those small issues that would cut through a large slice of our stack and potentially require design work. So if we're going to take it up, we need to get some clarity on it immediately.

[kgodey]

Just following up to say that we did discuss this at a meeting and moved this out of beta.