chore: implement 'use' verb to template object, read has less scope now (#16075)

Template `use` is now a verb.
- Template admins can `use` all templates (org template admins same in
org)
- Members get the `use` perm from the `everyone` group in the
`group_acl`.

coderd/database/migrations/000287_template_read_to_use.down.sql

@@ -0,0 +1,5 @@
+UPDATE
+	templates
+SET
+	group_acl = replace(group_acl::text, '["read", "use"]', '["read"]')::jsonb,
+	user_acl = replace(user_acl::text, '["read", "use"]', '["read"]')::jsonb

coderd/database/migrations/000287_template_read_to_use.up.sql

@@ -0,0 +1,12 @@
+-- With the "use" verb now existing for templates, we need to update the acl's to
+-- include "use" where the permissions set ["read"] is present.
+-- The other permission set is ["*"] which is unaffected.
+
+UPDATE
+	templates
+SET
+	-- Instead of trying to write a complicated SQL query to update the JSONB
+	-- object, a string replace is much simpler and easier to understand.
+	-- Both pieces of text are JSON arrays, so this safe to do.
+	group_acl = replace(group_acl::text, '["read"]', '["read", "use"]')::jsonb,
+	user_acl = replace(user_acl::text, '["read"]', '["read", "use"]')::jsonb