Access control: Add phone-home metrics to check if fine-grained access control is enabled or not (#34107)

* Access control: Add phone-home metrics to check if fine-grained access control is enabled or not

* Apply suggestions from code review

pkg/services/accesscontrol/ossaccesscontrol/ossaccesscontrol.go

@@ -5,6 +5,7 @@ import (
 
 	"github.com/grafana/grafana/pkg/infra/log"
 	"github.com/grafana/grafana/pkg/infra/metrics"
+	"github.com/grafana/grafana/pkg/infra/usagestats"
 	"github.com/grafana/grafana/pkg/models"
 	"github.com/grafana/grafana/pkg/services/accesscontrol"
 	"github.com/grafana/grafana/pkg/services/accesscontrol/evaluator"
@@ -14,14 +15,17 @@ import (
 
 // OSSAccessControlService is the service implementing role based access control.
 type OSSAccessControlService struct {
-	Cfg *setting.Cfg `inject:""`
-	Log log.Logger
+	Cfg        *setting.Cfg          `inject:""`
+	UsageStats usagestats.UsageStats `inject:""`
+	Log        log.Logger
 }
 
 // Init initializes the OSSAccessControlService.
 func (ac *OSSAccessControlService) Init() error {
 	ac.Log = log.New("accesscontrol")
 
+	ac.registerUsageMetrics()
+
 	return nil
 }
 
@@ -34,6 +38,17 @@ func (ac *OSSAccessControlService) IsDisabled() bool {
 	return !exists
 }
 
+func (ac *OSSAccessControlService) registerUsageMetrics() {
+	ac.UsageStats.RegisterMetric("stats.oss.accesscontrol.enabled.count", ac.getUsageMetrics)
+}
+
+func (ac *OSSAccessControlService) getUsageMetrics() (interface{}, error) {
+	if ac.IsDisabled() {
+		return 0, nil
+	}
+	return 1, nil
+}
+
 // Evaluate evaluates access to the given resource
 func (ac *OSSAccessControlService) Evaluate(ctx context.Context, user *models.SignedInUser, permission string, scope ...string) (bool, error) {
 	return evaluator.Evaluate(ctx, ac, user, permission, scope...)

pkg/services/accesscontrol/ossaccesscontrol/ossaccesscontrol_test.go

@@ -8,6 +8,7 @@ import (
 	"github.com/stretchr/testify/require"
 
 	"github.com/grafana/grafana/pkg/infra/log"
+	"github.com/grafana/grafana/pkg/infra/usagestats"
 	"github.com/grafana/grafana/pkg/models"
 	"github.com/grafana/grafana/pkg/registry"
 	"github.com/grafana/grafana/pkg/services/accesscontrol"
@@ -21,8 +22,9 @@ func setupTestEnv(t testing.TB) *OSSAccessControlService {
 	cfg.FeatureToggles = map[string]bool{"accesscontrol": true}
 
 	ac := OSSAccessControlService{
-		Cfg: cfg,
-		Log: log.New("accesscontrol-test"),
+		Cfg:        cfg,
+		UsageStats: &usageStatsMock{metricFuncs: make(map[string]usagestats.MetricFunc)},
+		Log:        log.New("accesscontrol-test"),
 	}
 
 	err := ac.Init()
@@ -30,6 +32,25 @@ func setupTestEnv(t testing.TB) *OSSAccessControlService {
 	return &ac
 }
 
+type usageStatsMock struct {
+	t           *testing.T
+	metricFuncs map[string]usagestats.MetricFunc
+}
+
+func (usm *usageStatsMock) RegisterMetric(name string, fn usagestats.MetricFunc) {
+	usm.metricFuncs[name] = fn
+}
+
+func (usm *usageStatsMock) GetUsageReport(_ context.Context) (usagestats.UsageReport, error) {
+	metrics := make(map[string]interface{})
+	for name, fn := range usm.metricFuncs {
+		v, err := fn()
+		metrics[name] = v
+		require.NoError(usm.t, err)
+	}
+	return usagestats.UsageReport{Metrics: metrics}, nil
+}
+
 type evaluatingPermissionsTestCase struct {
 	desc       string
 	user       userTestCase
@@ -97,3 +118,45 @@ func TestEvaluatingPermissions(t *testing.T) {
 		})
 	}
 }
+
+func TestUsageMetrics(t *testing.T) {
+	tests := []struct {
+		name          string
+		enabled       bool
+		expectedValue int
+	}{
+		{
+			name:          "Expecting metric with value 0",
+			enabled:       false,
+			expectedValue: 0,
+		},
+		{
+			name:          "Expecting metric with value 1",
+			enabled:       true,
+			expectedValue: 1,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			cfg := setting.NewCfg()
+			if tt.enabled {
+				cfg.FeatureToggles = map[string]bool{"accesscontrol": true}
+			}
+
+			s := &OSSAccessControlService{
+				Cfg:        cfg,
+				UsageStats: &usageStatsMock{t: t, metricFuncs: make(map[string]usagestats.MetricFunc)},
+				Log:        log.New("accesscontrol-test"),
+			}
+
+			err := s.Init()
+			assert.Nil(t, err)
+
+			report, err := s.UsageStats.GetUsageReport(context.Background())
+			assert.Nil(t, err)
+
+			assert.Equal(t, tt.expectedValue, report.Metrics["stats.oss.accesscontrol.enabled.count"])
+		})
+	}
+}