Unable to Use Quoted Role Identifiers with Snowflake

[andresrecalde]

Describe the bug
Role identifiers are not quoted for Snowflake, which has case-sensitive object naming conventions. For example, Snowflake can have a role with the identifier "test" which Metabase cannot use. This is because when it runs the use role command in Snowflake, it will run use role test which does not exist since, per Snowflake docs, "Unquoted identifiers are stored and resolved in uppercase".

Logs
N/A

To Reproduce
Steps to reproduce the behavior:

1. Create a case-sensitive identifier in a connected snowflake instance (ex. create role "test";)
2. In Metabase, attempt to use the role "test". In our example, we attempted to use the role with Impersonation with test as a user attribute.
3. Fail to properly authenticate with the role.

Expected behavior
A feature flag for a Snowflake connection, similar to DB quoting behavior, that enables always-on identifier quoting for roles (either default or impersonated).

Screenshots
N/A

Severity
This is blocking our roll out of Metabase to our entire user base because it prevents RLS from working from Snowflake. Changing our permissions model is not an option due to the way we have RLS configured and working in Snowflake.

Additional context
N/A

Metabase Diagnostic Info

{
  "browser-info": {
    "language": "en-US",
    "platform": "MacIntel",
    "userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36",
    "vendor": "Google Inc."
  },
  "system-info": {
    "file.encoding": "UTF-8",
    "java.runtime.name": "OpenJDK Runtime Environment",
    "java.runtime.version": "11.0.22+7",
    "java.vendor": "Eclipse Adoptium",
    "java.vendor.url": "https://adoptium.net/",
    "java.version": "11.0.22",
    "java.vm.name": "OpenJDK 64-Bit Server VM",
    "java.vm.version": "11.0.22+7",
    "os.name": "Linux",
    "os.version": "5.10.214-202.855.amzn2.x86_64",
    "user.language": "en",
    "user.timezone": "GMT"
  },
  "metabase-info": {
    "databases": [
      "postgres",
      "snowflake"
    ],
    "hosting-env": "unknown",
    "application-database": "postgres",
    "application-database-details": {
      "database": {
        "name": "PostgreSQL",
        "version": "14.10"
      },
      "jdbc-driver": {
        "name": "PostgreSQL JDBC Driver",
        "version": "42.7.2"
      }
    },
    "run-mode": "prod",
    "version": {
      "date": "2024-04-22",
      "tag": "v1.49.7",
      "hash": "f0ff786"
    },
    "settings": {
      "report-timezone": null
    }
  }
}

[andresrecalde]

Related to #27856

[paoliniluis]

Can you write to our support email ?

[camsaul]

See #34858 for context as to why it works this way

[dpsutton]

The thought is to add a checkbox (default to off) when entering the role to enable case sensitive role or somehow indicate that we will use quotes to pass through their value verbatim.