[Security Solution] Calculate and save `ruleSource.isCustomized` in API endpoint handlers

[jpdjere]

Epics: https://github.com/elastic/security-team/issues/1974 (internal), #174168

Summary

Implement calculation of ruleSource.isCustomized in all necessary endpoints that write the ruleSource field to prebuilt rules, and where fields can be customized, diverging from the base version from the Rule Asset.

The calculation and saving of the field should be done in the following endpoints:

• Update Rule - PUT /rules
• Patch Rule - PATCH /rules
• Bulk Update Rules - PUT /rules/_bulk_update
• Bulk Patch Rules - PATCH /rules/_bulk_update
• Import Rules - POST /rules/_import
• Perform Rule Upgrade - POST /prebuilt_rules/upgrade/_perform (Internal)

Extracted to other tickets:

• Bulk Actions - POST /rules/_bulk_action: with action Edit rules action
  • [Security Solution] Calculate and save ruleSource.isCustomized in bulk edit API #187706

Background

Context from RFC:

• Calculating the isCustomized field - see table with scenarios for calculation of isCustomized
• Calculating isCustomized during bulk editing rules
• Calculating isCustomized when importing rules - see table with import scenarios and their respective isCustomized calculations

kibana/x-pack/plugins/security_solution/docs/rfcs/detection_response/prebuilt_rules_customization.md

Lines 559 to 584 in 269649a

	#### Updating and upgrading rules
	Updating rules can currently be performed via five endpoints:
	- **Update Rule** - `PUT /rules`
	- **Patch Rule** - `PATCH /rules`
	- **Bulk Update Rules** - `PUT /rules/_bulk_update`
	- **Bulk Patch Rules** - `PATCH /rules/_bulk_update`
	- **Bulk Actions** - `POST /rules/_bulk_action`: with **bulk edit** action
	Upgrading prebuilt rules to their newer version is done by two endpoints:
	- **(LEGACY) Install Prebuilt Rules And Timelines** - `PUT /rules/prepackaged`
	- **Perform Rule Upgrade** - `POST /prebuilt_rules/upgrade/_perform` (Internal)
	The legacy endpoint does not allow for customization of fields during the upgrade, but the new rule upgrade customization endpoint does.
	Additionally:
	- **Bulk Actions** - `POST /rules/_bulk_action`: with **duplicate** action
	will perform migration but does not allow for customization during the duplication process.
	So we can analyze the expected outputs of the migration of all these 8 endpoints together.
	The resulting values for `immutable` and `rule_source` when calling these endpoints, and the migration being performed in the background, should be as follows:

kibana/x-pack/plugins/security_solution/docs/rfcs/detection_response/prebuilt_rules_customization.md

Lines 817 to 821 in b6e0f87

	Secondly, in order to migrate the `is_customized` value for rule edits, we can follow two approaches:
	1. Calculate it in the `paramsModifier` callback that is passed to the `rulesClient.bulkEdit` method. This will need to modify the parameters of the callback to take as parameter the whole rule and the operations on the attributes, in order to have access to the values of the rule's field before and after of the edit.
	2. Calculate it as part of the `validateMutatedRuleTypeParams` method in `x-pack/plugins/alerting/server/lib/validate_mutated_rule_type_params.ts` where we have access to the original params and the modified params.

[elasticmachine]

Pinging @elastic/security-solution (Team: SecuritySolution)

[elasticmachine]

Pinging @elastic/security-detections-response (Team:Detections and Resp)

[elasticmachine]

Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management)