[Security Solution] Adds RBAC for Assistant (#163031)

## Summary

Adds `All`/`None` RBAC for the Elastic AI Assistant within the Security
app via Kibana feature privileges, and also via serverless PLI App
Features for the Security `complete` product (see
https://github.com/elastic/security-team/issues/7023).

Added as high-level category to enable future support of sub-features
(included sample `Create Conversation` sub-feature plumbed as example).

<p align="center">
<img width="500"
src="b42ab3fe-65e1-49b9-a379-262f2438c0eb"
/>
</p> 

Note: Since [`minimumLicense:
'enterprise'`](https://github.com/elastic/kibana/pull/163031/files#diff-56de8b6234daf4e0e69efe680e5a4afc4f88d152243b773d90c3991fa9dabc19R28)
is configured on this privilege, when the license check isn't satisfied,
the privilege will be hidden (not disabled).

## Testing

Feature is available for `enterprise` licenses and when `All` privilege
is set, otherwise Assistant is hidden in Timeline, all `Chat` UI
elements are hidden, and the `cmd/ctrl + ;` shortcut is unavailable.

---

### On Prem Testing:
Create two roles, one for each `all`/`none` Security Elastic AI
Assistant privilege (via Dev Tools):

<details><summary>PUT /_security/role/assistant_all</summary>
<p>

``` ts
PUT /_security/role/assistant_all
{
  "cluster": [
    "all"
  ],
  "indices": [
    {
      "names": [
        "*"
      ],
      "privileges": [
        "all"
      ],
      "field_security": {
        "grant": [
          "*"
        ],
        "except": []
      },
      "allow_restricted_indices": false
    }
  ],
  "applications": [
    {
      "application": "kibana-.kibana",
      "privileges": [
        "feature_securitySolutionAssistant.minimal_all",
        "feature_siem.all",
        "feature_securitySolutionCases.all",
        "feature_actions.all"
      ],
      "resources": [
        "*"
      ]
    }
  ],
  "run_as": [],
  "metadata": {},
  "transient_metadata": {
    "enabled": true
  }
}
```
</p>
</details>


<details><summary>PUT /_security/role/assistant_none</summary>
<p>

``` ts
PUT /_security/role/assistant_none
{
  "cluster": [
    "all"
  ],
  "indices": [
    {
      "names": [
        "*"
      ],
      "privileges": [
        "all"
      ],
      "field_security": {
        "grant": [
          "*"
        ],
        "except": []
      },
      "allow_restricted_indices": false
    }
  ],
  "applications": [
    {
      "application": "kibana-.kibana",
      "privileges": [
        "feature_siem.all",
        "feature_securitySolutionCases.all",
        "feature_actions.all"
      ],
      "resources": [
        "*"
      ]
    }
  ],
  "run_as": [],
  "metadata": {},
  "transient_metadata": {
    "enabled": true
  }
}
```
</p>
</details>

Create a new `assistant_user` (assigned both roles above), log in and
test assistant availability, then remove one role at a time testing
each:

<details><summary>POST /_security/user/assistant_user (ALL)</summary>
<p>

``` ts
POST /_security/user/assistant_user
{
    "username": "assistant_user",
    "password": "changeme",
    "roles": [
      "assistant_all",
      "assistant_none"
    ],
    "full_name": "Assistant User",
    "email": "assistant-user@elastic.co",
    "metadata": {},
    "enabled": true
}
```
</p>
</details>

Test that assistant is available in UI via `Chat` buttons and shortcut
keys.

<details><summary>PUT /_security/user/assistant_user (NONE)</summary>
<p>

``` ts
PUT /_security/user/assistant_user
{
    "username": "assistant_user",
    "roles": [
      "assistant_none"
    ],
    "full_name": "Assistant User",
    "email": "assistant-user@elastic.co",
    "metadata": {},
    "enabled": true
}
```
</p>
</details>

Test that assistant is **NOT** available in UI via `Chat` buttons or
shortcut keys.

---

### Serverless Testing:

To test with the Assistant available, set `productTypes` to `complete`
in `config/serverless.security.yml`

```
xpack.securitySolutionServerless.productTypes:
  [
    { product_line: 'security', product_tier: 'complete' },
    { product_line: 'endpoint', product_tier: 'complete' },
  ]
  ```

otherwise to test without the Assistant, pick a different product type like `essentials`:

```
xpack.securitySolutionServerless.productTypes:
  [
    { product_line: 'security', product_tier: 'essentials' },
    { product_line: 'endpoint', product_tier: 'essentials' },
  ]
```

Then start Serverless Kibana: `yarn serverless-security`

---

### Checklist

Delete any items that are not applicable to this PR.

- [X] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials
- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios

x-pack/test/api_integration/apis/security/privileges.ts

@@ -56,6 +56,7 @@ export default function ({ getService }: FtrProviderContext) {
         'execute_operations_all',
       ],
       uptime: ['all', 'read', 'minimal_all', 'minimal_read'],
+      securitySolutionAssistant: ['all', 'read', 'minimal_all', 'minimal_read'],
       securitySolutionCases: ['all', 'read', 'minimal_all', 'minimal_read', 'cases_delete'],
       infrastructure: ['all', 'read', 'minimal_all', 'minimal_read'],
       logs: ['all', 'read', 'minimal_all', 'minimal_read'],