From d6061195d5c8538c79f0bf6c1794291c1da8566e Mon Sep 17 00:00:00 2001
From: owen <owenlxu@tencent.com>
Date: Thu, 11 Jul 2024 19:47:08 +0800
Subject: [PATCH] =?UTF-8?q?feat=20:=20=E4=BF=AE=E5=A4=8D=E6=9D=83=E9=99=90?=
 =?UTF-8?q?=E6=A0=A1=E9=AA=8Cbug=20#2375?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* feat : 修复权限校验bug #2375

* feat : 修复权限校验bug #2375

* feat : 修复权限校验bug #2375

* feat : 修复权限校验bug #2375

* feat : 修复权限校验bug #2375
---
 .../service/bkdevops/DevopsPermissionServiceImpl.kt  | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/service/bkdevops/DevopsPermissionServiceImpl.kt b/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/service/bkdevops/DevopsPermissionServiceImpl.kt
index 3629ab31f0..dfb98ffced 100644
--- a/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/service/bkdevops/DevopsPermissionServiceImpl.kt
+++ b/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/service/bkdevops/DevopsPermissionServiceImpl.kt
@@ -43,6 +43,9 @@ import com.tencent.bkrepo.auth.constant.PIPELINE
 import com.tencent.bkrepo.auth.constant.REPORT
 import com.tencent.bkrepo.auth.dao.PersonalPathDao
 import com.tencent.bkrepo.auth.dao.RepoAuthConfigDao
+import com.tencent.bkrepo.auth.pojo.enums.PermissionAction.DOWNLOAD
+import com.tencent.bkrepo.auth.pojo.enums.PermissionAction.VIEW
+import com.tencent.bkrepo.auth.pojo.enums.PermissionAction.WRITE
 import com.tencent.bkrepo.auth.pojo.enums.PermissionAction.MANAGE
 import com.tencent.bkrepo.auth.pojo.enums.PermissionAction.READ
 import com.tencent.bkrepo.auth.pojo.enums.ResourceType.NODE
@@ -194,12 +197,15 @@ class DevopsPermissionServiceImpl constructor(
                 return false
             }
             when (repoName) {
-                CUSTOM, LOG, REPORT -> {
+                CUSTOM, LOG -> {
                     return checkDevopsCustomPermission(request)
                 }
                 PIPELINE -> {
                     return checkDevopsPipelinePermission(request)
                 }
+                REPORT -> {
+                    return checkDevopsReportPermission(request.action)
+                }
                 else -> {
                     return checkRepoNotInDevops(request)
                 }
@@ -207,6 +213,10 @@ class DevopsPermissionServiceImpl constructor(
         }
     }
 
+    private fun checkDevopsReportPermission(action: String): Boolean {
+        return action == READ.name || action == WRITE.name || action == VIEW.name || action == DOWNLOAD.name
+    }
+
     private fun checkDevopsCustomPermission(request: CheckPermissionRequest): Boolean {
         logger.debug("check devops custom permission request [$request]")
         with(request) {