7 files changed, 17 insertions, 20 deletions

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index e64d3110c3a..36aae42e21f 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -24,6 +24,7 @@ class ApplicationController < ActionController::Base
   include ::Gitlab::EndpointAttributes
   include FlocOptOut
   include CheckRateLimit
+  extend ContentSecurityPolicyPatch
 
   before_action :limit_session_time, if: -> { !current_user }
   before_action :authenticate_user!, except: [:route_not_found]
diff --git a/app/controllers/concerns/observability/content_security_policy.rb b/app/controllers/concerns/observability/content_security_policy.rb
index eccd1e1e3ef..3865e3b606d 100644
--- a/app/controllers/concerns/observability/content_security_policy.rb
+++ b/app/controllers/concerns/observability/content_security_policy.rb
@@ -5,8 +5,14 @@ module Observability
     extend ActiveSupport::Concern
 
     included do
-      content_security_policy do |p|
-        next if p.directives.blank? || Gitlab::Observability.observability_url.blank?
+      content_security_policy_with_context do |p|
+        current_group = if defined?(group)
+                          group
+                        else
+                          defined?(project) ? project&.group : nil
+                        end
+
+        next if p.directives.blank? || !Gitlab::Observability.observability_enabled?(current_user, current_group)
 
         default_frame_src = p.directives['frame-src'] || p.directives['default-src']
 
diff --git a/app/controllers/groups/observability_controller.rb b/app/controllers/groups/observability_controller.rb
index 3baa5e830ff..e0332ce6850 100644
--- a/app/controllers/groups/observability_controller.rb
+++ b/app/controllers/groups/observability_controller.rb
@@ -26,9 +26,7 @@ module Groups
     end
 
     def check_observability_allowed
-      return render_404 unless Gitlab::Observability.observability_url.present?
-
-      render_404 unless can?(current_user, :read_observability, @group)
+      render_404 unless Gitlab::Observability.observability_enabled?(current_user, group)
     end
   end
 end
diff --git a/app/controllers/projects/merge_requests/diffs_controller.rb b/app/controllers/projects/merge_requests/diffs_controller.rb
index 7ea15c830f3..1c546d70df9 100644
--- a/app/controllers/projects/merge_requests/diffs_controller.rb
+++ b/app/controllers/projects/merge_requests/diffs_controller.rb
@@ -46,8 +46,7 @@ class Projects::MergeRequests::DiffsController < Projects::MergeRequests::Applic
       commit: commit,
       diff_view: diff_view,
       merge_ref_head_diff: render_merge_ref_head_diff?,
-      pagination_data: diffs.pagination_data,
-      merge_conflicts_in_diff: display_merge_conflicts_in_diff?
+      pagination_data: diffs.pagination_data
     }
 
     # NOTE: Any variables that would affect the resulting json needs to be added to the cache_context to avoid stale cache issues.
@@ -59,8 +58,7 @@ class Projects::MergeRequests::DiffsController < Projects::MergeRequests::Applic
       params[:expanded],
       params[:page],
       params[:per_page],
-      options[:merge_ref_head_diff],
-      options[:merge_conflicts_in_diff]
+      options[:merge_ref_head_diff]
     ]
 
     return unless stale?(etag: [cache_context + diff_options_hash.fetch(:paths, []), diffs])
@@ -84,8 +82,7 @@ class Projects::MergeRequests::DiffsController < Projects::MergeRequests::Applic
 
     options = additional_attributes.merge(
       only_context_commits: show_only_context_commits?,
-      merge_ref_head_diff: render_merge_ref_head_diff?,
-      merge_conflicts_in_diff: display_merge_conflicts_in_diff?
+      merge_ref_head_diff: render_merge_ref_head_diff?
     )
 
     render json: DiffsMetadataSerializer.new(project: @merge_request.project, current_user: current_user)
@@ -113,8 +110,7 @@ class Projects::MergeRequests::DiffsController < Projects::MergeRequests::Applic
 
     options = additional_attributes.merge(
       diff_view: "inline",
-      merge_ref_head_diff: render_merge_ref_head_diff?,
-      merge_conflicts_in_diff: display_merge_conflicts_in_diff?
+      merge_ref_head_diff: render_merge_ref_head_diff?
     )
 
     options[:context_commits] = @merge_request.recent_context_commits
@@ -242,8 +238,4 @@ class Projects::MergeRequests::DiffsController < Projects::MergeRequests::Applic
     Gitlab::UsageDataCounters::MergeRequestActivityUniqueCounter
       .track_mr_diffs_single_file_action(merge_request: @merge_request, user: current_user)
   end
-
-  def display_merge_conflicts_in_diff?
-    Feature.enabled?(:display_merge_conflicts_in_diff, @merge_request.project)
-  end
 end
diff --git a/app/serializers/diffs_entity.rb b/app/serializers/diffs_entity.rb
index 759d1e0f10a..5b30c0bb58c 100644
--- a/app/serializers/diffs_entity.rb
+++ b/app/serializers/diffs_entity.rb
@@ -74,7 +74,7 @@ class DiffsEntity < Grape::Entity
       options.merge(
         submodule_links: submodule_links,
         code_navigation_path: code_navigation_path(diffs),
-        conflicts: (conflicts(allow_tree_conflicts: true) if options[:merge_conflicts_in_diff])
+        conflicts: conflicts(allow_tree_conflicts: true)
       )
     )
   end
diff --git a/app/serializers/diffs_metadata_entity.rb b/app/serializers/diffs_metadata_entity.rb
index ace5105dda5..e55f31a8376 100644
--- a/app/serializers/diffs_metadata_entity.rb
+++ b/app/serializers/diffs_metadata_entity.rb
@@ -6,7 +6,7 @@ class DiffsMetadataEntity < DiffsEntity
     DiffFileMetadataEntity.represent(
       diffs.raw_diff_files(sorted: true),
       options.merge(
-        conflicts: (conflicts(allow_tree_conflicts: true) if options[:merge_conflicts_in_diff])
+        conflicts: conflicts(allow_tree_conflicts: true)
       )
     )
   end
diff --git a/app/serializers/paginated_diff_entity.rb b/app/serializers/paginated_diff_entity.rb
index b79a0937659..67f4014990c 100644
--- a/app/serializers/paginated_diff_entity.rb
+++ b/app/serializers/paginated_diff_entity.rb
@@ -17,7 +17,7 @@ class PaginatedDiffEntity < Grape::Entity
       options.merge(
         submodule_links: submodule_links,
         code_navigation_path: code_navigation_path(diffs),
-        conflicts: (conflicts(allow_tree_conflicts: true) if options[:merge_conflicts_in_diff])
+        conflicts: conflicts(allow_tree_conflicts: true)
       )
     )
   end