Add P3A feature for deprecating NTT JSON reporting

[DJAndries]

Resolves brave/brave-browser#42143

Submitter Checklist:

• I confirm that no security/privacy review is needed and no other type of reviews are needed, or that I have requested them
• There is a ticket for my issue
• Used Github auto-closing keywords in the PR description above
• Wrote a good PR/commit description
• Squashed any review feedback or "fixup" commits before merge, so that history is a record of what happened in the repo, not your PR
• Added appropriate labels (QA/Yes or QA/No; release-notes/include or release-notes/exclude; OS/...) to the associated issue
• Checked the PR locally:
  • npm run test -- brave_browser_tests, npm run test -- brave_unit_tests wiki
  • npm run presubmit wiki, npm run gn_check, npm run tslint
• Ran git rebase master (if needed)

Reviewer Checklist:

• A security review is not needed, or a link to one is included in the PR description
• New files have MPL-2.0 license header
• Adequate test coverage exists to prevent regressions
• Major classes, functions and non-trivial code blocks are well-commented
• Changes in component dependencies are properly reflected in gn
• Code follows the style guide
• Test plan is specified in PR before merging

After-merge Checklist:

• The associated issue milestone is set to the smallest version that the
  changes has landed on
• All relevant documentation has been updated, for instance:
  • https://github.com/brave/brave-browser/wiki/Deviations-from-Chromium-(features-we-disable-or-remove)
  • https://github.com/brave/brave-browser/wiki/Proxy-redirected-URLs
  • https://github.com/brave/brave-browser/wiki/Fingerprinting-Protections
  • https://github.com/brave/brave-browser/wiki/Brave%E2%80%99s-Use-of-Referral-Codes
  • https://github.com/brave/brave-browser/wiki/Web-Compatibility-Exceptions-in-Brave
  • https://github.com/brave/brave-browser/wiki/QA-Guide
  • https://github.com/brave/brave-browser/wiki/P3A

Test Plan:

[github-actions]

[puLL-Merge] - brave/brave-core@26428

Description

This PR makes several changes to the P3A (Privacy-Preserving Product Analytics) system in the Brave browser. The main changes include:

1. Updating the JSON deprecation feature flags and their implementation.
2. Modifying the handling of different metric log types (typical, express, etc.).
3. Updating the test suite to reflect the new behavior and structure.
4. Implementing a new randomness-based system for metric reporting.

Changes

Changes

1. browser/ntp_background/ntp_p3a_helper_impl.cc:

   • Fixed a logic error in the condition for recording constellation metrics.

2. components/p3a/features.cc and components/p3a/features.h:

   • Added new feature flags for JSON deprecation, including kNTTJSONDeprecation.
   • Updated the implementation of IsJSONDeprecated and added ShouldOnlyAllowNTTJSON.

3. components/p3a/message_manager.cc:

   • Added logic to handle NTT (New Tab Tab) metrics differently from other express metrics.

4. components/p3a/metric_log_type.cc and components/p3a/metric_log_type.h:

   • Moved IsMetricCreative function to a more appropriate location.

5. components/p3a/p3a_service_unittest.cc:

   • Updated tests to use the new constellation-based system instead of separate P3A and P2A endpoints.
   • Modified test expectations to align with the new behavior.

6. components/p3a/star_randomness_test_util.cc:

   • Adjusted expectations for the number of points in randomness requests and responses.

Possible Issues

1. The change in ntp_p3a_helper_impl.cc might affect the reporting of constellation metrics. Careful testing should be done to ensure this doesn't introduce unintended behavior.

2. The introduction of the new kNTTJSONDeprecation feature and the changes to JSON deprecation logic might affect metric reporting. Thorough testing across different configurations is necessary.

3. The changes to the test suite, particularly in p3a_service_unittest.cc, are significant. There's a risk that some edge cases or specific behaviors might not be covered in the updated tests.

Security Hotspots

No significant security vulnerabilities were identified in this change. However, given that this PR deals with the privacy-preserving analytics system, any changes should be carefully reviewed to ensure they don't compromise user privacy or introduce potential data leaks.