Extends RoleDescription so that role can be automatically granted on request

[smirolo]

Through the "Connected profiles" page, a user can request a role on an organization. Typically a Role with a request_key is created. It triggers a notification to profile managers for the Organization that can then grant a role on the Organization to the User.

It is sometimes beneficial to automatically grant a role to users whose e-mail address is within one or multiple specified domains. The e-mail address of the requesting user must be verified.

Extends RoleDescription, add appropriate model(s) and code such that for User whose email is matching the domain of the Organization.e-mail field and which are not in a pre-defined disallow list (ex: @gmail.com, @yahoo.com), request for a RoleDescription marked as skip_grant_for_email_domain is automatically granted.

[smirolo]

Some of the work was done in commit e9002be. It isn't clear if all use cases described above are met with the current "implicit grant" feature.