feat: add database, role & privilege management

Add Admin sidebar tab with database/role management panels, role manager
workspace tab, and privilege dialogs. Backend provides 10 new Tauri
commands for CRUD on databases, roles, and privileges with read-only
mode enforcement. Context menus on schema tree nodes allow dropping
databases and viewing/granting table privileges.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

src-tauri/src/models/management.rs

@@ -0,0 +1,97 @@
+use serde::{Deserialize, Serialize};
+
+#[derive(Debug, Serialize, Deserialize)]
+pub struct DatabaseInfo {
+    pub name: String,
+    pub owner: String,
+    pub encoding: String,
+    pub collation: String,
+    pub ctype: String,
+    pub tablespace: String,
+    pub connection_limit: i32,
+    pub size: String,
+    pub description: Option<String>,
+}
+
+#[derive(Debug, Deserialize)]
+pub struct CreateDatabaseParams {
+    pub name: String,
+    pub owner: Option<String>,
+    pub template: Option<String>,
+    pub encoding: Option<String>,
+    pub tablespace: Option<String>,
+    pub connection_limit: Option<i32>,
+}
+
+#[derive(Debug, Serialize, Deserialize)]
+pub struct RoleInfo {
+    pub name: String,
+    pub is_superuser: bool,
+    pub can_login: bool,
+    pub can_create_db: bool,
+    pub can_create_role: bool,
+    pub inherit: bool,
+    pub is_replication: bool,
+    pub connection_limit: i32,
+    pub password_set: bool,
+    pub valid_until: Option<String>,
+    pub member_of: Vec<String>,
+    pub members: Vec<String>,
+    pub description: Option<String>,
+}
+
+#[derive(Debug, Deserialize)]
+pub struct CreateRoleParams {
+    pub name: String,
+    pub password: Option<String>,
+    pub login: bool,
+    pub superuser: bool,
+    pub createdb: bool,
+    pub createrole: bool,
+    pub inherit: bool,
+    pub replication: bool,
+    pub connection_limit: Option<i32>,
+    pub valid_until: Option<String>,
+    pub in_roles: Vec<String>,
+}
+
+#[derive(Debug, Deserialize)]
+pub struct AlterRoleParams {
+    pub name: String,
+    pub password: Option<String>,
+    pub login: Option<bool>,
+    pub superuser: Option<bool>,
+    pub createdb: Option<bool>,
+    pub createrole: Option<bool>,
+    pub inherit: Option<bool>,
+    pub replication: Option<bool>,
+    pub connection_limit: Option<i32>,
+    pub valid_until: Option<String>,
+    pub rename_to: Option<String>,
+}
+
+#[derive(Debug, Serialize, Deserialize)]
+pub struct TablePrivilege {
+    pub grantee: String,
+    pub table_schema: String,
+    pub table_name: String,
+    pub privilege_type: String,
+    pub is_grantable: bool,
+}
+
+#[derive(Debug, Deserialize)]
+pub struct GrantRevokeParams {
+    pub action: String,
+    pub privileges: Vec<String>,
+    pub object_type: String,
+    pub object_name: String,
+    pub role_name: String,
+    pub with_grant_option: bool,
+}
+
+#[derive(Debug, Deserialize)]
+pub struct RoleMembershipParams {
+    pub action: String,
+    pub role_name: String,
+    pub member_name: String,
+}

src-tauri/src/models/mod.rs

@@ -1,4 +1,5 @@
 pub mod connection;
 pub mod history;
+pub mod management;
 pub mod query_result;
 pub mod schema;