feat : 修复权限校验bug TencentBlueKing#2375

* feat : 修复权限校验bug TencentBlueKing#2375

* feat : 修复权限校验bug TencentBlueKing#2375

* feat : 修复权限校验bug TencentBlueKing#2375

* feat : 修复权限校验bug TencentBlueKing#2375

* feat : 修复权限校验bug TencentBlueKing#2375

src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/service/bkdevops/DevopsPermissionServiceImpl.kt

@@ -43,6 +43,9 @@ import com.tencent.bkrepo.auth.constant.PIPELINE
 import com.tencent.bkrepo.auth.constant.REPORT
 import com.tencent.bkrepo.auth.dao.PersonalPathDao
 import com.tencent.bkrepo.auth.dao.RepoAuthConfigDao
+import com.tencent.bkrepo.auth.pojo.enums.PermissionAction.DOWNLOAD
+import com.tencent.bkrepo.auth.pojo.enums.PermissionAction.VIEW
+import com.tencent.bkrepo.auth.pojo.enums.PermissionAction.WRITE
 import com.tencent.bkrepo.auth.pojo.enums.PermissionAction.MANAGE
 import com.tencent.bkrepo.auth.pojo.enums.PermissionAction.READ
 import com.tencent.bkrepo.auth.pojo.enums.ResourceType.NODE
@@ -194,19 +197,26 @@ class DevopsPermissionServiceImpl constructor(
                 return false
             }
             when (repoName) {
-                CUSTOM, LOG, REPORT -> {
+                CUSTOM, LOG -> {
                     return checkDevopsCustomPermission(request)
                 }
                 PIPELINE -> {
                     return checkDevopsPipelinePermission(request)
                 }
+                REPORT -> {
+                    return checkDevopsReportPermission(request.action)
+                }
                 else -> {
                     return checkRepoNotInDevops(request)
                 }
             }
         }
     }
 
+    private fun checkDevopsReportPermission(action: String): Boolean {
+        return action == READ.name || action == WRITE.name || action == VIEW.name || action == DOWNLOAD.name
+    }
+
     private fun checkDevopsCustomPermission(request: CheckPermissionRequest): Boolean {
         logger.debug("check devops custom permission request [$request]")
         with(request) {