[Security Solution][Detection Engine][CPS] Rule Preview Issue Project Routing (elastic#259352)

## Summary

Closes issue [elastic#258902](elastic#258902).

Without `projectRouting: 'space'`, all three clients default to
`_alias:_origin`, restricting preview searches to the origin project
only. The fix passes `{ projectRouting: 'space' }` to each:

- `scopedClusterClient`: fixes field caps and index resolution
(pre-search checks in `run_execution_validation.ts`)
- `searchSourceClient`: fixes data fetches for
query/saved_query/threshold rule types
- `asyncSearchClient`: fixes data fetches for EQL and ESQL rule types

Author: hannahbrooks

x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/rule_preview/api/preview_rules/route.ts

@@ -114,9 +114,14 @@ export const previewRulesRoute = (
           return siemResponse.error({ statusCode: 400, body: validationErrors });
         }
         try {
-          const [, { data, security: securityService, share, dataViews }] =
+          const [coreStart, { data, security: securityService, share, dataViews }] =
             await getStartServices();
-          const searchSourceClient = await data.search.searchSource.asScoped(request);
+          const searchSourceClientWithCps = await data.search.searchSource.asScoped(request, {
+            projectRouting: 'space',
+          });
+          const scopedClusterClientWithCps = coreStart.elasticsearch.client.asScoped(request, {
+            projectRouting: 'space',
+          });
           const savedObjectsClient = coreContext.savedObjects.client;
           const siemClient = (await context.securitySolution).getAppClient();
           const actionsClient = (await context.actions).getActionsClient();
@@ -274,20 +279,22 @@ export const previewRulesRoute = (
                   savedObjectsClient: coreContext.savedObjects.client,
                   scopedClusterClient: wrapScopedClusterClient({
                     abortController,
-                    scopedClusterClient: coreContext.elasticsearch.client,
+                    scopedClusterClient: scopedClusterClientWithCps,
                   }),
                   getSearchSourceClient: async () =>
                     wrapSearchSourceClient({
                       abortController,
-                      searchSourceClient,
+                      searchSourceClient: searchSourceClientWithCps,
                     }),
                   getMaintenanceWindowIds: async () => [],
                   getMaintenanceWindowNames: async () => [],
                   uiSettingsClient: coreContext.uiSettings.client,
                   getDataViews: async () => dataViewsService,
                   share,
                   getAsyncSearchClient: (strategy) => {
-                    const client = data.search.asScoped(request);
+                    const clientWithCps = data.search.asScoped(request, {
+                      projectRouting: 'space',
+                    });
                     return wrapAsyncSearchClient({
                       rule: {
                         name: rule.name,
@@ -297,7 +304,7 @@ export const previewRulesRoute = (
                       },
                       logger,
                       strategy,
-                      client,
+                      client: clientWithCps,
                       abortController,
                     });
                   },