Scope admin area setting for CSP under organization

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

Close this issue

Why are we doing this work

In !196402 (merged), we're scoping the Security::PolicySetting under organizations, because the approach of using gitlab_main_cell_setting as a schema will not work well with Cells.

In the longer run, we'll want to scope the setting under Organization.

Changes !196402 (merged) make backend compatible to using organizations. However, the current admin area CSP setting is not scoped under organization, so the API uses the default organization to set the setting for now.

Relevant links

Discussion: #541510 (comment 2597696243)

Non-functional requirements

Documentation:
Feature flag:
Performance:
Testing:

Implementation plan

Provide the admin area views that are scoped to organization, so that organization owners can manage this setting
Change the API to take the current organization for the PolicySetting

Verification steps

Edited Aug 04, 2025 by 🤖 GitLab Bot 🤖