Using migrated roles on Fleet server side

[gergoabraham]

Summary

So far this is only an acceptance test which should fail until the underlying issue is not fixed.

With the given scenario a suspected underlying bug can be brought forward:

• endpointManagementSpaceAwarenessEnabled feature flag is enabled: this requires users to have global_artifact_management_all privilege for modifying global artifacts
• a user role uses a deprecated siem or siemV2 feature

The role migration introduced in #219566 makes sure that these users have the new global_artifact_management_all privilege, and this works in most cases, but seemingly, on server side when validating an API call, it does not applied.

Checklist

Check the PR satisfies following conditions.

Reviewers should verify this PR satisfies this list as well.

• Any text added follows EUI's writing guidelines, uses sentence case text and includes i18n support
• Documentation was added for features that require explanation or tutorials
• Unit or functional tests were updated or added to match the most common scenarios
• If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the docker list
• This was checked for breaking HTTP API changes, and any breaking changes have been approved by the breaking-change committee. The release_note:breaking label should be applied in these situations.
• Flaky Test Runner was used on any tests changed
• The PR description includes the appropriate Release Notes section, and the correct release_note:* label is applied per the guidelines

Identify risks

Does this PR introduce any risks? For example, consider risks like hard to test bugs, performance regression, potential of data loss.

Describe the risk, its severity, and mitigation for each identified risk. Invite stakeholders and evaluate how to proceed before merging.

• See some risk examples
• ...

[elasticmachine]

Pinging @elastic/security-defend-workflows (Team:Defend Workflows)

[elasticmachine]

🤖 Jobs for this PR can be triggered through checkboxes. 🚧

ℹ️ To trigger the CI, please tick the checkbox below 👇

• Click to trigger kibana-pull-request for this PR!
• Click to trigger kibana-deploy-project-from-pr for this PR!
• Click to trigger kibana-deploy-cloud-from-pr for this PR!
• Click to trigger kibana-renovate-helper for this PR!

[elasticmachine]

💔 Build Failed

• Buildkite Build
• Commit: b4b2dab

Failed CI Steps

• Check Types

cc @gergoabraham

[gergoabraham]

closing in favor of #225678
(the tests added here are included in that PR)