Test pre-configured actions and see if they follow feature controls restrictions

[mikecote]

I noticed when reviewing #63432 that pre-configured actions are not validated to make sure the user has access to actions in general (feature controls). This is because the validation relied on an error to be thrown when user doesn't have access to action type saved objects.

This means two things to test:

• I believe it will restrict properly if invoking an action via the /_execute API
• I don't think it works properly when invoked via an alert (plugins.actions.execute)

This issue is to test and write a follow up issue if the assumption is correct.

[elasticmachine]

Pinging @elastic/kibana-alerting-services (Team:Alerting Services)

[mikecote]

Ran some tests today and can confirm the pre-configured actions are protected from alerts executing them without access. This is caused by not being able to create action_task_params objects. This will have to be revisited if ever action objects can deny access to some but not all objects.