AccessControl: introduce a different accesscontrol check (licensed or not) (#44777)

Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>

public/app/core/services/context_srv.ts

@@ -1,8 +1,8 @@
 import config from '../../core/config';
 import { extend } from 'lodash';
 import { rangeUtil, WithAccessControlMetadata } from '@grafana/data';
-import { featureEnabled } from '@grafana/runtime';
 import { AccessControlAction, UserPermission } from 'app/types';
+import { featureEnabled } from '@grafana/runtime';
 
 export class User {
   id: number;
@@ -83,13 +83,17 @@ export class ContextSrv {
   }
 
   accessControlEnabled(): boolean {
+    return Boolean(config.featureToggles['accesscontrol']);
+  }
+
+  licensedAccessControlEnabled(): boolean {
     return featureEnabled('accesscontrol') && Boolean(config.featureToggles['accesscontrol']);
   }
 
   // Checks whether user has required permission
   hasPermissionInMetadata(action: AccessControlAction | string, object: WithAccessControlMetadata): boolean {
     // Fallback if access control disabled
-    if (!config.featureToggles['accesscontrol']) {
+    if (!this.accessControlEnabled()) {
       return true;
     }
 
@@ -99,7 +103,7 @@ export class ContextSrv {
   // Checks whether user has required permission
   hasPermission(action: AccessControlAction | string): boolean {
     // Fallback if access control disabled
-    if (!config.featureToggles['accesscontrol']) {
+    if (!this.accessControlEnabled()) {
       return true;
     }
 
@@ -126,14 +130,14 @@ export class ContextSrv {
   }
 
   hasAccessToExplore() {
-    if (config.featureToggles['accesscontrol']) {
+    if (this.accessControlEnabled()) {
       return this.hasPermission(AccessControlAction.DataSourcesExplore);
     }
     return (this.isEditor || config.viewersCanEdit) && config.exploreEnabled;
   }
 
   hasAccess(action: string, fallBack: boolean) {
-    if (!config.featureToggles['accesscontrol']) {
+    if (!this.accessControlEnabled()) {
       return fallBack;
     }
     return this.hasPermission(action);
@@ -141,7 +145,7 @@ export class ContextSrv {
 
   // evaluates access control permissions, granting access if the user has any of them; uses fallback if access control is disabled
   evaluatePermission(fallback: () => string[], actions: string[]) {
-    if (!config.featureToggles['accesscontrol']) {
+    if (!this.accessControlEnabled()) {
       return fallback();
     }
     if (actions.some((action) => this.hasPermission(action))) {

public/app/features/admin/UserOrgs.tsx

@@ -176,7 +176,7 @@ class UnThemedOrgRow extends PureComponent<OrgRowProps> {
         <td className={labelClass}>
           <label htmlFor={inputId}>{org.name}</label>
         </td>
-        {contextSrv.accessControlEnabled() ? (
+        {contextSrv.licensedAccessControlEnabled() ? (
           <td>
             <div className={styles.rolePickerWrapper}>
               <div className={styles.rolePicker}>

public/app/features/teams/TeamList.tsx

@@ -43,7 +43,7 @@ export class TeamList extends PureComponent<Props, State> {
 
   componentDidMount() {
     this.fetchTeams();
-    if (contextSrv.accessControlEnabled()) {
+    if (contextSrv.licensedAccessControlEnabled()) {
       this.fetchRoleOptions();
     }
   }
@@ -89,7 +89,7 @@ export class TeamList extends PureComponent<Props, State> {
         <td className="link-td">
           <a href={teamUrl}>{team.memberCount}</a>
         </td>
-        {contextSrv.accessControlEnabled() && (
+        {contextSrv.licensedAccessControlEnabled() && (
           <td>
             <TeamRolePicker teamId={team.id} getRoleOptions={async () => this.state.roleOptions} />
           </td>
@@ -155,7 +155,7 @@ export class TeamList extends PureComponent<Props, State> {
                   <th>Name</th>
                   <th>Email</th>
                   <th>Members</th>
-                  {contextSrv.accessControlEnabled() && <th>Roles</th>}
+                  {contextSrv.licensedAccessControlEnabled() && <th>Roles</th>}
                   <th style={{ width: '1%' }} />
                 </tr>
               </thead>

public/app/features/users/UsersTable.test.tsx

@@ -9,7 +9,7 @@ jest.mock('app/core/core', () => ({
   contextSrv: {
     hasPermission: () => true,
     hasPermissionInMetadata: () => true,
-    accessControlEnabled: () => false,
+    licensedAccessControlEnabled: () => false,
   },
 }));
 

public/app/features/users/UsersTable.tsx

@@ -40,7 +40,7 @@ const UsersTable: FC<Props> = (props) => {
         console.error('Error loading options');
       }
     }
-    if (contextSrv.accessControlEnabled()) {
+    if (contextSrv.licensedAccessControlEnabled()) {
       fetchOptions();
     }
   }, [orgId]);
@@ -88,7 +88,7 @@ const UsersTable: FC<Props> = (props) => {
                 <td className="width-1">{user.lastSeenAtAge}</td>
 
                 <td className="width-8">
-                  {contextSrv.accessControlEnabled() ? (
+                  {contextSrv.licensedAccessControlEnabled() ? (
                     <UserRolePicker
                       userId={user.userId}
                       orgId={orgId}