Well that's fairly useless: apparently Roundcube's PGP plugin works the opposite of what most would expect: the private key is generated client side, and then sent unwrapped to the server, along with the password you want it to be wrapped by.
Then for any future operations, you send the password to the server to unwrap it server-side, for the server to do any signing/decryption tasks, to send you the plaintext in the HTTP response.

The only use-case I can make sense of this is if you don't trust the device you're accessing the webmail on, even though it could just export the key, and have all the info needed to unwrap and compromise the private key anyway. I really don't see any real-world use to this model, other than a corporate environment that wants things 'wiretappable'.