Add latest changes from gitlab-org/gitlab@master

6 files changed, 8 insertions, 92 deletions

diff --git a/lib/banzai/filter/inline_observability_filter.rb b/lib/banzai/filter/inline_observability_filter.rb
index 334c04f2b59..fdba12b4a0a 100644
--- a/lib/banzai/filter/inline_observability_filter.rb
+++ b/lib/banzai/filter/inline_observability_filter.rb
@@ -4,7 +4,7 @@ module Banzai
   module Filter
     class InlineObservabilityFilter < ::Banzai::Filter::InlineEmbedsFilter
       def call
-        return doc unless can_view_observability?
+        return doc unless Gitlab::Observability.enabled?(group)
 
         super
       end
@@ -34,10 +34,6 @@ module Banzai
 
       private
 
-      def can_view_observability?
-        Feature.enabled?(:observability_group_tab, group)
-      end
-
       def group
         context[:group] || context[:project]&.group
       end
diff --git a/lib/banzai/filter/inline_observability_redactor_filter.rb b/lib/banzai/filter/inline_observability_redactor_filter.rb
deleted file mode 100644
index 8cd1084e904..00000000000
--- a/lib/banzai/filter/inline_observability_redactor_filter.rb
+++ /dev/null
@@ -1,77 +0,0 @@
-# frozen_string_literal: true
-
-module Banzai
-  module Filter
-    class InlineObservabilityRedactorFilter < HTML::Pipeline::Filter
-      include Gitlab::Utils::StrongMemoize
-
-      CSS_SELECTOR = '.js-render-observability'
-
-      XPATH = Gitlab::Utils::Nokogiri.css_to_xpath(CSS_SELECTOR).freeze
-      EMBED_LIMIT = 100
-
-      def call
-        return doc if Gitlab::Utils.to_boolean(ENV.fetch('STANDALONE_OBSERVABILITY_UI', false))
-
-        nodes.each do |node|
-          group_id = group_ids_by_nodes[node]
-          user_has_access = group_id && user_access_by_group_id[group_id]
-          node.remove unless user_has_access
-        end
-
-        doc
-      end
-
-      private
-
-      def user
-        context[:current_user]
-      end
-
-      # Returns all observability embed placeholder nodes
-      #
-      # Removes any nodes beyond the first 100
-      #
-      # @return [Nokogiri::XML::NodeSet]
-      def nodes
-        nodes = doc.xpath(XPATH)
-        nodes.drop(EMBED_LIMIT).each(&:remove)
-        nodes
-      end
-      strong_memoize_attr :nodes
-
-      # Returns a mapping representing whether the current user has permission to access observability
-      # for group-ids linked in by the embed nodes
-      #
-      # @return [Hash<String, Boolean>]
-      def user_access_by_group_id
-        user_groups_from_nodes.each_with_object({}) do |group, user_access|
-          user_access[group.id] = Gitlab::Observability.allowed?(user, group, :read_observability)
-        end
-      end
-      strong_memoize_attr :user_access_by_group_id
-
-      # Maps a node to the group_id linked by the node
-      #
-      # @return [Hash<Nokogiri::XML::Node, string>]
-      def group_ids_by_nodes
-        nodes.each_with_object({}) do |node, group_ids|
-          url = node.attribute('data-frame-url').to_s
-          next unless url
-
-          group_id = Gitlab::Observability.group_id_from_url(url)
-          group_ids[node] = group_id if group_id
-        end
-      end
-      strong_memoize_attr :group_ids_by_nodes
-
-      # Returns the list of groups linked in the embed nodes and readable by the user
-      #
-      # @return [ActiveRecord_Relation]
-      def user_groups_from_nodes
-        GroupsFinder.new(user, filter_group_ids: group_ids_by_nodes.values.uniq).execute
-      end
-      strong_memoize_attr :user_groups_from_nodes
-    end
-  end
-end
diff --git a/lib/banzai/pipeline/post_process_pipeline.rb b/lib/banzai/pipeline/post_process_pipeline.rb
index b9cf5b4fbdd..f8035698b9b 100644
--- a/lib/banzai/pipeline/post_process_pipeline.rb
+++ b/lib/banzai/pipeline/post_process_pipeline.rb
@@ -16,7 +16,6 @@ module Banzai
         [
           Filter::ReferenceRedactorFilter,
           Filter::InlineMetricsRedactorFilter,
-          Filter::InlineObservabilityRedactorFilter,
           # UploadLinkFilter must come before RepositoryLinkFilter to
           # prevent unnecessary Gitaly calls from being made.
           Filter::UploadLinkFilter,
diff --git a/lib/gitlab/no_cache_headers.rb b/lib/gitlab/no_cache_headers.rb
index 2d03741480d..6afb108dcfd 100644
--- a/lib/gitlab/no_cache_headers.rb
+++ b/lib/gitlab/no_cache_headers.rb
@@ -4,7 +4,6 @@ module Gitlab
   module NoCacheHeaders
     DEFAULT_GITLAB_NO_CACHE_HEADERS = {
       'Cache-Control' => "#{ActionDispatch::Http::Cache::Response::DEFAULT_CACHE_CONTROL}, no-store, no-cache",
-      'Pragma' => 'no-cache', # HTTP 1.0 compatibility
       'Expires' => 'Fri, 01 Jan 1990 00:00:00 GMT'
     }.freeze
 
diff --git a/lib/gitlab/observability.rb b/lib/gitlab/observability.rb
index 853eecc946f..47220e33189 100644
--- a/lib/gitlab/observability.rb
+++ b/lib/gitlab/observability.rb
@@ -19,6 +19,12 @@ module Gitlab
       'https://observe.gitlab.com'
     end
 
+    def enabled?(group = nil)
+      return Feature.enabled?(:observability_group_tab, group) if group
+
+      Feature.enabled?(:observability_group_tab)
+    end
+
     def valid_observability_url?(url)
       uri = URI.parse(url)
       observability_uri = URI.parse(Gitlab::Observability.observability_url)
@@ -31,13 +37,6 @@ module Gitlab
       false
     end
 
-    def group_id_from_url(url)
-      return unless valid_observability_url?(url)
-
-      group_id = URI.parse(url).path.split('/')[1]
-      group_id.to_i unless group_id.to_i <= 0
-    end
-
     def allowed_for_action?(user, group, action)
       return false if action.nil?
 
diff --git a/lib/tasks/gitlab/tw/codeowners.rake b/lib/tasks/gitlab/tw/codeowners.rake
index 0c6a78ccc77..8861e8574b3 100644
--- a/lib/tasks/gitlab/tw/codeowners.rake
+++ b/lib/tasks/gitlab/tw/codeowners.rake
@@ -58,7 +58,7 @@ namespace :tw do
       CodeOwnerRule.new('Pipeline Security', '@marcel.amirault'),
       CodeOwnerRule.new('Portfolio Management', '@msedlakjakubowski'),
       CodeOwnerRule.new('Product Analytics', '@lciutacu'),
-      CodeOwnerRule.new('Product Intelligence', '@dianalogan'),
+      CodeOwnerRule.new('Product Intelligence', '@lciutacu'),
       CodeOwnerRule.new('Product Planning', '@msedlakjakubowski'),
       CodeOwnerRule.new('Project Management', '@msedlakjakubowski'),
       CodeOwnerRule.new('Provision', '@fneill'),