Implement notifications RBAC role

[dannykopping]

There are a number of TODOs in the notifications package around RBAC.

@Emyrk gave us some pointers on how to implement this:

Add a new resource like template here: https://github.com/coder/coder/blob/769ac83729fb642d61538f871889d5161e0136fa/coderd/rbac/policy/policy.go#L130-L139
It will autogen in some files.
Copy this RBACObject from File pretty much exactly:
https://github.com/coder/coder/blob/769ac83729fb642d61538f871889d5161e0136fa/coderd/database/modelmethods.go#L208-L212

---

With those 2 things, the rbac should just work. As all users by default get allPermsExcept() here: https://github.com/coder/coder/blob/769ac83729fb642d61538f871889d5161e0136fa/coderd/rbac/roles.go#L246-L246
So the notificaton resource will be appended automatically. The WithOwner() scopes the resource to the user

[dannykopping]

Nothing needed to be done for now.

Once users need to request their own notifications via the API we'll need to relook at this.
Marking this as "Done" for this sprint, but let's keep this open for the future.

[Emyrk]

Today we are leveraging the system permissions since no users will query a notification via Coder.

If/when we add viewing notifications from within Coder, then we will have to add a resource for notifications and allow users to view them.