Connection impersonation (#30714)

* initial prototype w/out statement count parameter

* new approach

* default-database-role driver method

* migration for connection_impersonations table

* conn impersonation model, API and tests

* impersonation fetch and deletion endpoints

* switch test to t2 with-temp

* read conn impersonation settings from DB

* fix merge issue

* add impersonated key to data perms graph and treat it the same as full self-service access

* include impersonated key in returned permissions graph

* make sure impersonated graph passes StrictDataPerms validation

* fix boolean logic

* make sure impersonated keyword doesnt cause error when deleting gtaps

* clear impersonations as necessary when perms graphs changes

* add impersonation support for postgres

* fix typo

* make sure impersonation updates are a non-lazy seq

* add impersonated-user? fn

* fix impersonation api tests

* fix snippet tests

* fix build & exclude connection impersonations from serialization

* switch a test to use t2.with-temp

* add with-impersonations helper and util tests

* move macro and add a connection impersonation driver-level test for postgres

* fix rebase issue

* more tests and code reorganization

* add snowflake test

* clarify comment

* fix lint errors

* fix final kondo error

* reorganization

* fix one test

* fix lint errors

* revert change to sql_jdbc.execute from bad merge

* make sure perms for all users gets reset after conn impersonation tests

* ignore exceptions when restoring perms

* fix postgres test

* refactor to address bryan's comment

* add note about new methods to database changelog

* driver method refactor