[Response Ops][Alerting] Schedule backfill API (merging into feature …

…branch) (#176185)

Towards #174355

Note that this merges into a feature branch

## Summary

Adds API for scheduling backfill jobs. Other APIs such as `get`, `find`
and `delete` will be added in follow-on PRs.

This PR introduces 2 concepts
- `ad hoc run` - This is an execution of a rule over a specific time
range. I kept this terminology generic so that in the future, it could
be used to support other custom rule executions (like preview rule
runs). The parameters used for the `ad hoc run` are specified in a new
encrypted saved object type (`ad_hoc_run_params`). This SO is encrypted
because it stores the API key to use (copied from the rule)
- `backfill job` - This is a specific type of `ad hoc run` that
schedules a rule run for a historical time range to cover a gap in
execution

### Schedule Backfill API

* Only allows scheduling for persistent (not lifecycle) rule types -
this is currently all detection rules
* Only allows scheduling for currently enabled rules
* Limits the max number of backfill jobs that can be scheduled at one
time (currently limited to 10)
* Checks that user has the appropriate RBAC permissions for the alerting
rule types they are scheduling backfills for. This only requires `READ`
permission for the rule type, which follows the same permission required
to invoke the `runSoon` API
* Once all permissions and pre-requisites have been validated, the API
creates an `ad_hoc_run_params` saved object that is stored in the
`.kibana_alerting_cases` index
* Task runner to run the rule using the parameters in
`ad_hoc_run_params` will be added in a follow-on PR.

**Sample Request**
```
POST /internal/alerting/rules/backfill/_schedule
[
  {
    "rule_id": "abc",
    "start": "2023-12-30T12:00:00.000Z",
    "end": "2024-01-01T12:00:00.000Z",
  }
]
```

This would create an `ad_hoc_run_params` saved object that looks like

```
{
  "apiKeyId": <apiKeyId>,
  "apiKeyToUse": <apiKey>,  // this is copied from the decrypted rule and then re-encrypted
  "createdAt": "2024-01-30T00:00:00.000Z",
  "duration": "12h", // uses the same schedule interval as the rule
  "enabled": false,
  "end": "2024-01-01T12:00:00.000Z",
  "rule": {             // copied from the rule
    "name": "my rule name", 
    "tags": ["foo"],
    "alertTypeId": "myType",
    "params": {},
    "apiKeyOwner": "user",
    "apiKeyCreatedByUser": false,
    "consumer": "myApp",
    "enabled": true,
    "schedule": {
      "interval": "12h",
    },
    "createdBy": "user",
    "updatedBy": "user",
    "createdAt": "2019-02-12T21:01:22.479Z",
    "updatedAt": "2019-02-12T21:01:22.479Z",
    "revision": 0,
  },
  "spaceId": "default",
  "start": "2023-12-30T12:00:00.000Z",
  "status": "pending",
  "schedule": [
    { "interval": "12h", "runAt": "2023-12-31T00:00:00.000Z", "status": "pending" },
    { "interval": "12h", "runAt": "2023-12-31T12:00:00.000Z", "status": "pending" },
    { "interval": "12h", "runAt": "2024-01-01T00:00:00.000Z", "status": "pending" },
    { "interval": "12h", "runAt": "2024-01-01T12:00:00.000Z", "status": "pending" },
  ],
}
```

x-pack/plugins/alerting/server/saved_objects/index.ts

@@ -208,4 +208,12 @@ export function setupSavedObjects(
     // attributesToIncludeInAAD: new Set(['enabled', 'start', 'duration', 'createdAt', 'spaceId', 'rule']),
     attributesToExcludeFromAAD: new Set(['status', 'schedule']),
   });
+
+  // Encrypted attributes
+  encryptedSavedObjects.registerType({
+    type: AD_HOC_RUN_SAVED_OBJECT_TYPE,
+    attributesToEncrypt: new Set(['apiKeyToUse']),
+    // attributesToIncludeInAAD: new Set(['enabled', 'start', 'duration', 'createdAt', 'spaceId', 'rule']),
+    attributesToExcludeFromAAD: new Set(['status', 'schedule']),
+  });
 }