[Security Solution][Entity Analytics][PrivMon] Code and Tests (Unit & FTR) for unique username across PrivMon Sources (elastic#232915)

## Summary

This PR implements username uniqueness enforcement across all privileged
user data sources (API, CSV upload, and index sync) to prevent duplicate
user entries and ensure consistent user management.

## Problem Statement
Previously, users could be created with identical usernames from
different sources (API calls, CSV uploads, index synchronization),
resulting in:

- Multiple user document entries with the same username but different
sources

Username Deduplication Logic

- When adding a user that already exists: updates the existing record
with merged sources
- When adding a new user: creates single record with appropriate source
tracking
- Prevents creation of multiple documents with identical usernames

Data Consistency

- All operations use the same field mapping (user.name instead of
user.name.keyword)
- Consistent refresh settings ensure immediate data visibility
- Proper source array management prevents duplicate entries


## Testing Steps

### Scenario A: API → CSV Username Uniqueness

1. Pull down this PR
2. Create User via API
```
curl -X POST "localhost:5601/api/entity_analytics/privilege_monitoring/users" \
-H "Content-Type: application/json" \
-H "kbn-xsrf: true" \
-d '{"user": {"name": "testuser1"}}'
```
3. Verify User Created: Check that user exists with sources: ["api"]
4. Navigate to Entity Analytics -> Privileged User Monitoring -> Manage
Data Sources->Upload CSV with Same User:
5. Expected Result: Single user with sources: ["api", "csv"], not
duplicated


### Scenario B: CSV -> API Username Uniqueness
1. Upload CSV First: Upload CSV with testuser2,Manager
2. Create Same User via API: Attempt to create user with name
"testuser2"
```
curl -X POST "localhost:5601/api/entity_analytics/privilege_monitoring/users" \
-H "Content-Type: application/json" \
-H "kbn-xsrf: true" \
-d '{"user": {"name": "testuser2"}}'
```
3. Expected Result: Single user with sources: ["csv", "api"]

### Scenario C: Large File Validation

1. Create Large CSV: Generate CSV file larger than 1MB
2. Upload Large File: Attempt to upload via CSV with more than 10k users
3. Should receive file size/max user error before processing


### Checklist

Check the PR satisfies following conditions. 

Reviewers should verify this PR satisfies this list as well.

- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] If a plugin configuration key changed, check if it needs to be
allowlisted in the cloud and added to the [docker
list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
- [ ] [Flaky Test
Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was
used on any tests changed
- [ ] The PR description includes the appropriate Release Notes section,
and the correct `release_note:*` label is applied per the
[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
- [ ] Review the [backport
guidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)
and apply applicable `backport:*` labels.

---------

Co-authored-by: kibanamachine <[email protected]>
Co-authored-by: Copilot <[email protected]>

Author: 3 people

x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/privilege_monitoring/users/bulk/query_existing_users.ts

@@ -17,6 +17,7 @@ export const queryExistingUsers =
     esClient
       .search<MonitoredUserDoc>({
         index,
+        size: batch.length,
         query: {
           bool: {
             must: [