diff --git a/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/service/bkdevops/DevopsPermissionServiceImpl.kt b/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/service/bkdevops/DevopsPermissionServiceImpl.kt index 3629ab31f0..dfb98ffced 100644 --- a/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/service/bkdevops/DevopsPermissionServiceImpl.kt +++ b/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/service/bkdevops/DevopsPermissionServiceImpl.kt @@ -43,6 +43,9 @@ import com.tencent.bkrepo.auth.constant.PIPELINE import com.tencent.bkrepo.auth.constant.REPORT import com.tencent.bkrepo.auth.dao.PersonalPathDao import com.tencent.bkrepo.auth.dao.RepoAuthConfigDao +import com.tencent.bkrepo.auth.pojo.enums.PermissionAction.DOWNLOAD +import com.tencent.bkrepo.auth.pojo.enums.PermissionAction.VIEW +import com.tencent.bkrepo.auth.pojo.enums.PermissionAction.WRITE import com.tencent.bkrepo.auth.pojo.enums.PermissionAction.MANAGE import com.tencent.bkrepo.auth.pojo.enums.PermissionAction.READ import com.tencent.bkrepo.auth.pojo.enums.ResourceType.NODE @@ -194,12 +197,15 @@ class DevopsPermissionServiceImpl constructor( return false } when (repoName) { - CUSTOM, LOG, REPORT -> { + CUSTOM, LOG -> { return checkDevopsCustomPermission(request) } PIPELINE -> { return checkDevopsPipelinePermission(request) } + REPORT -> { + return checkDevopsReportPermission(request.action) + } else -> { return checkRepoNotInDevops(request) } @@ -207,6 +213,10 @@ class DevopsPermissionServiceImpl constructor( } } + private fun checkDevopsReportPermission(action: String): Boolean { + return action == READ.name || action == WRITE.name || action == VIEW.name || action == DOWNLOAD.name + } + private fun checkDevopsCustomPermission(request: CheckPermissionRequest): Boolean { logger.debug("check devops custom permission request [$request]") with(request) {