[8.19] Remove skipped user API tests that are no longer accurate (#239786) (#239843)

# Backport

This will backport the following commits from `main` to `8.19`:
- [Remove skipped user API tests that are no longer accurate
(#239786)](#239786)

<!--- Backport version: 9.6.6 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sorenlouv/backport)

<!--BACKPORT [{"author":{"name":"Larry
Gregory","email":"[email protected]"},"sourceCommit":{"committedDate":"2025-10-21T06:42:12Z","message":"Remove
skipped user API tests that are no longer accurate (#239786)\n\n##
Summary\n\nRemoves skipped user api tests that are no longer
relevant.\nThese tests were slated for inclusion when we expected the
user apis to\nbe disabled in Serverless environments. These APIs are to
remain enabled\nin Serverless, with no current plans to disable
them.","sha":"6cdb76c3c2cdc24e544617ef8550567816f02b9c","branchLabelMapping":{"^v9.3.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["chore","Team:Security","release_note:skip","backport:all-open","v9.3.0"],"title":"Remove
skipped user API tests that are no longer
accurate","number":239786,"url":"https://github.com/elastic/kibana/pull/239786","mergeCommit":{"message":"Remove
skipped user API tests that are no longer accurate (#239786)\n\n##
Summary\n\nRemoves skipped user api tests that are no longer
relevant.\nThese tests were slated for inclusion when we expected the
user apis to\nbe disabled in Serverless environments. These APIs are to
remain enabled\nin Serverless, with no current plans to disable
them.","sha":"6cdb76c3c2cdc24e544617ef8550567816f02b9c"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.3.0","branchLabelMappingKey":"^v9.3.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/239786","number":239786,"mergeCommit":{"message":"Remove
skipped user API tests that are no longer accurate (#239786)\n\n##
Summary\n\nRemoves skipped user api tests that are no longer
relevant.\nThese tests were slated for inclusion when we expected the
user apis to\nbe disabled in Serverless environments. These APIs are to
remain enabled\nin Serverless, with no current plans to disable
them.","sha":"6cdb76c3c2cdc24e544617ef8550567816f02b9c"}}]}] BACKPORT-->

Co-authored-by: Larry Gregory <[email protected]>

Author: kibanamachine

x-pack/platform/test/serverless/api_integration/test_suites/platform_security/users.ts

@@ -12,7 +12,6 @@ import { FtrProviderContext } from '../../ftr_provider_context';
 export default function ({ getService }: FtrProviderContext) {
   const samlAuth = getService('samlAuth');
   const supertestWithoutAuth = getService('supertestWithoutAuth');
-  const svlCommonApi = getService('svlCommonApi');
   const roleScopedSupertest = getService('roleScopedSupertest');
   let supertestAdminWithCookieCredentials: SupertestWithRoleScopeType;
 
@@ -28,64 +27,6 @@ export default function ({ getService }: FtrProviderContext) {
     });
 
     describe('route access', () => {
-      // ToDo: uncomment when we disable user APIs
-      describe.skip('disabled', () => {
-        it('get', async () => {
-          const { body, status } = await supertestAdminWithCookieCredentials.get(
-            '/internal/security/users/elastic'
-          );
-          svlCommonApi.assertApiNotFound(body, status);
-        });
-
-        it('get all', async () => {
-          const { body, status } = await supertestAdminWithCookieCredentials.get(
-            '/internal/security/users'
-          );
-          svlCommonApi.assertApiNotFound(body, status);
-        });
-
-        it('create/update', async () => {
-          const { body, status } = await supertestWithoutAuth
-            .post(`/internal/security/users/some_testuser`)
-            .set(samlAuth.getInternalRequestHeader())
-            .send({ username: 'some_testuser', password: 'testpassword', roles: [] });
-          svlCommonApi.assertApiNotFound(body, status);
-        });
-
-        it('delete', async () => {
-          const { body, status } = await supertestAdminWithCookieCredentials.delete(
-            `/internal/security/users/elastic`
-          );
-          svlCommonApi.assertApiNotFound(body, status);
-        });
-
-        it('disable', async () => {
-          const { body, status } = await supertestAdminWithCookieCredentials.post(
-            `/internal/security/users/elastic/_disable`
-          );
-          svlCommonApi.assertApiNotFound(body, status);
-        });
-
-        it('enable', async () => {
-          const { body, status } = await supertestAdminWithCookieCredentials.post(
-            `/internal/security/users/elastic/_enable`
-          );
-          svlCommonApi.assertApiNotFound(body, status);
-        });
-
-        it('set password', async () => {
-          const { body, status } = await supertestWithoutAuth
-            .post(`/internal/security/users/{username}/password`)
-            .set(samlAuth.getInternalRequestHeader())
-            .send({
-              password: 'old_pw',
-              newPassword: 'new_pw',
-            });
-          svlCommonApi.assertApiNotFound(body, status);
-        });
-      });
-
-      // ToDo: remove when we disable user APIs
       describe('internal', () => {
         it('get', async () => {
           const { status } = await supertestAdminWithCookieCredentials.get(