1 files changed, 6 insertions, 126 deletions

diff --git a/lib/gitlab/observability.rb b/lib/gitlab/observability.rb
index a4e18cc170b..d42d10cd0f4 100644
--- a/lib/gitlab/observability.rb
+++ b/lib/gitlab/observability.rb
@@ -4,15 +4,6 @@ module Gitlab
   module Observability
     extend self
 
-    ACTION_TO_PERMISSION = {
-      explore: :read_observability,
-      datasources: :admin_observability,
-      manage: :admin_observability,
-      dashboards: :read_observability
-    }.freeze
-
-    EMBEDDABLE_PATHS = %w[explore goto].freeze
-
     # Returns the GitLab Observability URL
     #
     def observability_url
@@ -31,124 +22,13 @@ module Gitlab
       "#{Gitlab::Observability.observability_url}/v3/tenant/#{project.id}"
     end
 
-    # Returns true if the GitLab Observability UI (GOUI) feature flag is enabled
-    #
-    # @deprecated
-    #
-    def enabled?(group = nil)
-      return Feature.enabled?(:observability_group_tab, group) if group
-
-      Feature.enabled?(:observability_group_tab)
-    end
-
-    # Returns the embeddable Observability URL of a given URL
-    #
-    #  - Validates the URL
-    #  - Checks that the path is embeddable
-    #  - Converts the gitlab.com URL to observe.gitlab.com URL
-    #
-    # e.g.
-    #
-    #  from: gitlab.com/groups/GROUP_PATH/-/observability/explore?observability_path=/explore
-    #  to observe.gitlab.com/-/GROUP_ID/explore
-    #
-    # Returns nil if the URL is not a valid Observability URL or the path is not embeddable
-    #
-    def embeddable_url(url)
-      uri = validate_url(url, Gitlab.config.gitlab.url)
-      return unless uri
-
-      group = group_from_observability_url(url)
-      return unless group
-
-      parsed_query = CGI.parse(uri.query.to_s).transform_values(&:first).symbolize_keys
-      observability_path = parsed_query[:observability_path]
-
-      return build_full_url(group, observability_path, '/') if observability_path_embeddable?(observability_path)
-    end
-
-    # Returns true if the user is allowed to perform an action within a group
-    #
-    def allowed_for_action?(user, group, action)
-      return false if action.nil?
-
-      permission = ACTION_TO_PERMISSION.fetch(action.to_sym, :admin_observability)
-      allowed?(user, group, permission)
-    end
-
-    # Returns true if the user has the specified permission within the group
-    def allowed?(user, group, permission = :admin_observability)
-      return false unless group && user
-
-      observability_url.present? && Ability.allowed?(user, permission, group)
-    end
-
-    # Builds the full Observability URL given a certan group and path
-    #
-    # If unsanitized_observability_path is not valid or missing, fallbacks to fallback_path
-    #
-    def build_full_url(group, unsanitized_observability_path, fallback_path)
-      return unless group
-
-      # When running Observability UI in standalone mode (i.e. not backed by Observability Backend)
-      # the group-id is not required. !!This is only used for local dev!!
-      base_url = ENV['STANDALONE_OBSERVABILITY_UI'] == 'true' ? observability_url : "#{observability_url}/-/#{group.id}"
-
-      sanitized_path = if unsanitized_observability_path && sanitize(unsanitized_observability_path) != ''
-                         CGI.unescapeHTML(sanitize(unsanitized_observability_path))
-                       else
-                         fallback_path || '/'
-                       end
-
-      sanitized_path.prepend('/') if sanitized_path[0] != '/'
-
-      "#{base_url}#{sanitized_path}"
-    end
-
-    private
-
-    def validate_url(url, reference_url)
-      uri = URI.parse(url)
-      reference_uri = URI.parse(reference_url)
-
-      return uri if uri.scheme == reference_uri.scheme &&
-        uri.port == reference_uri.port &&
-        uri.host.casecmp?(reference_uri.host)
-    rescue URI::InvalidURIError
-      nil
-    end
-
-    def link_sanitizer
-      @link_sanitizer ||= Rails::Html::Sanitizer.safe_list_sanitizer.new
-    end
-
-    def sanitize(input)
-      link_sanitizer.sanitize(input, {})&.html_safe
-    end
-
-    def group_from_observability_url(url)
-      match = Rails.application.routes.recognize_path(url)
-
-      return if match[:unmatched_route].present?
-      return if match[:group_id].blank? || match[:action].blank? || match[:controller] != "groups/observability"
-
-      group_path = match[:group_id]
-      Group.find_by_full_path(group_path)
-    rescue ActionController::RoutingError
-      nil
-    end
-
-    def observability_path_embeddable?(observability_path)
-      return false unless observability_path
-
-      observability_path = observability_path[1..] if observability_path[0] == '/'
-
-      parsed_observability_path = URI.parse(observability_path).path.split('/')
-
-      base_path = parsed_observability_path[0]
+    def should_enable_observability_auth_scopes?(resource)
+      # Enable the needed oauth scopes if tracing is enabled.
+      if resource.is_a?(Group) || resource.is_a?(Project)
+        return Feature.enabled?(:observability_tracing,
+          resource.root_ancestor)
+      end
 
-      EMBEDDABLE_PATHS.include?(base_path)
-    rescue URI::InvalidURIError
       false
     end
   end