[meta][Security Solution][ResponseOps][Cases] Case connector known enhancements list

[jonathan-buttner]

This issues details the final enhancements to complete the user experience for case connector.

• Refactor _find API to fix the total field when ignoring Collections. Need to add collectionState field that holds a value indicating whether the collection is empty and it needs to be set when a sub cases is created or deleted
• Get sub case API should return a CaseResponse it should handle retrieving both the parent information and the sub case information
• Allow changing status of a sub case in the UI
• Allow deletion of a sub case through the UI
• Profile and optimize the _find cases route
• Investigate if we can remove update_at to avoid a saved object document version change each time a generated alert is attached to a sub case (the collection version changes)
• Try to optimize the case push functionality, for example the SIR we have to retrieve all the alerts for a case and send them to the external SIR service which takes a long time
• Once the case connector feature is completed remove all references to ENABLE_SUB_CASES flag reenable the skipped tests
• Add RBAC to each sub cases route
• Check for subCase?.attributes.owner within commentable_case
• Correctly handle the owner field in sub cases
• Import default max signals from here: https://github.com/elastic/kibana/pull/98999/files#diff-f0a25812770884a773aed459d250197118850e53c44cd06ff7240ccffe156d1cR21 (kbn-securitysolution-io-ts-utils)

[elasticmachine]

Pinging @elastic/security-threat-hunting (Team:Threat Hunting)

[elasticmachine]

Pinging @elastic/security-threat-hunting-cases (Team:Threat Hunting:Cases)

[elasticmachine]

Pinging @elastic/response-ops (Team:ResponseOps)

[cnasikas]

Closing this as the case connector is totally removed from the codebase.