Merge pull request TencentBlueKing#1030 from lannoy0523/issue_1029

feat:流水线仓库批量操作权限不清晰，移除批量操作 TencentBlueKing#1029

src/backend/common/common-artifact/artifact-api/src/main/resources/i18n/messages_en.properties

@@ -53,7 +53,7 @@ artifact.version.not-found=Package version [{0}-{1}] not found
 artifact.version.existed=Package version [{0}-{1}] existed
 artifact.temporary-token.invalid=Temporary token invalid
 artifact.temporary-token.expired=Temporary token expired
-artifact.pipeline.banned=Pipeline repository query is banned
+artifact.pipeline.banned=The action on Pipeline repository is banned
 artifact.repository.over-quota=Exceeded repository [{0}] quota value [{1}]
 artifact.download.forbidden=Artifact do not conform to the download rules, please contact project {0} manager
 artifact.size.too-large=Artifact size is over than {0}

src/backend/common/common-artifact/artifact-api/src/main/resources/i18n/messages_zh_CN.properties

@@ -50,7 +50,7 @@ artifact.version.not-found=制品包版本[{0}]不存在
 artifact.version.existed=制品包版本[{0}]已存在
 artifact.temporary-token.invalid=临时token无效
 artifact.temporary-token.expired=临时token过期
-artifact.pipeline.banned=禁止查询流水线仓库
+artifact.pipeline.banned=流水线仓库禁止此类操作
 artifact.download.forbidden=正在下载的制品不符合下载规则，请联系{0}项目的管理员
 artifact.size.too-large=制品大小超过{0}
 artifact.type.unsupported=不支持{0}类型制品

src/backend/common/common-artifact/artifact-api/src/main/resources/i18n/messages_zh_TW.properties

@@ -50,7 +50,7 @@ artifact.version.not-found=制品包版本[{0}]不存在
 artifact.version.existed=制品包版本[{0}]已存在
 artifact.temporary-token.invalid=臨時token無效
 artifact.temporary-token.expired=臨時token過期
-artifact.pipeline.banned=禁止查詢流水線倉庫
+artifact.pipeline.banned=流水線倉庫禁止此類操作
 artifact.download.forbidden=正在下載的製品不符合下載規則，請聯係{0}項目的管理員
 artifact.size.too-large=製品大小超過{0}
 artifact.type.unsupported=不支持{0}類型製品

src/backend/repository/biz-repository/src/main/kotlin/com/tencent/bkrepo/repository/util/PipelineRepoUtils.kt → src/backend/common/common-artifact/artifact-service/src/main/kotlin/com/tencent/bkrepo/common/artifact/util/PipelineRepoUtils.kt

@@ -29,10 +29,12 @@
  * SOFTWARE.
  */
 
-package com.tencent.bkrepo.repository.util
+package com.tencent.bkrepo.common.artifact.util
 
+import com.tencent.bkrepo.common.api.constant.HttpStatus
 import com.tencent.bkrepo.common.api.exception.ErrorCodeException
 import com.tencent.bkrepo.common.artifact.constant.PIPELINE
+import com.tencent.bkrepo.common.artifact.message.ArtifactMessageCode
 import org.slf4j.LoggerFactory
 
 /**
@@ -46,13 +48,13 @@ object PipelineRepoUtils {
      * 验证仓库不是pipeline仓库
      * @throws ErrorCodeException 如果是流水线仓库则抛异常
      */
-    fun checkPipeline(repoName: String) {
+    fun forbidPipeline(repoName: String) {
         if (repoName == PIPELINE) {
-            logger.warn("Pipeline repo query is forbidden")
-            // throw ErrorCodeException(
-            //     status = HttpStatus.FORBIDDEN,
-            //     messageCode = ArtifactMessageCode.PIPELINE_BANNED
-            // )
+            logger.warn("Work on pipeline repo is forbidden")
+             throw ErrorCodeException(
+                 status = HttpStatus.FORBIDDEN,
+                 messageCode = ArtifactMessageCode.PIPELINE_BANNED
+             )
         }
     }
 }

src/backend/generic/biz-generic/src/main/kotlin/com/tencent/bkrepo/generic/controller/GenericController.kt

@@ -37,6 +37,7 @@ import com.tencent.bkrepo.common.api.pojo.Response
 import com.tencent.bkrepo.common.api.util.Preconditions
 import com.tencent.bkrepo.common.artifact.api.ArtifactFile
 import com.tencent.bkrepo.common.artifact.api.ArtifactPathVariable
+import com.tencent.bkrepo.common.artifact.util.PipelineRepoUtils
 import com.tencent.bkrepo.common.security.manager.PermissionManager
 import com.tencent.bkrepo.common.security.permission.Permission
 import com.tencent.bkrepo.common.service.util.ResponseBuilder
@@ -142,6 +143,7 @@ class GenericController(
         @PathVariable repoName: String,
         @RequestBody batchDownloadPaths: BatchDownloadPaths,
     ) {
+        PipelineRepoUtils.forbidPipeline(repoName)
         Preconditions.checkNotBlank(batchDownloadPaths.paths, BatchDownloadPaths::paths.name)
         val artifacts = batchDownloadPaths.paths.map { GenericArtifactInfo(projectId, repoName, it) }
             .distinctBy { it.getArtifactFullPath() }

src/backend/repository/biz-repository/src/main/kotlin/com/tencent/bkrepo/repository/controller/user/UserListViewController.kt

@@ -40,7 +40,6 @@ import com.tencent.bkrepo.common.security.permission.Permission
 import com.tencent.bkrepo.common.security.permission.Principal
 import com.tencent.bkrepo.common.security.permission.PrincipalType
 import com.tencent.bkrepo.repository.service.file.ListViewService
-import com.tencent.bkrepo.repository.util.PipelineRepoUtils
 import io.swagger.annotations.Api
 import org.springframework.web.bind.annotation.GetMapping
 import org.springframework.web.bind.annotation.PathVariable
@@ -58,8 +57,6 @@ class UserListViewController(
     @Permission(type = ResourceType.NODE, action = PermissionAction.READ)
     @GetMapping(DEFAULT_MAPPING_URI)
     fun listNodeView(artifactInfo: ArtifactInfo) {
-        // 禁止查询pipeline仓库
-        PipelineRepoUtils.checkPipeline(artifactInfo.repoName)
         listViewService.listNodeView(artifactInfo)
     }
 

src/backend/repository/biz-repository/src/main/kotlin/com/tencent/bkrepo/repository/controller/user/UserNodeController.kt

@@ -67,7 +67,7 @@ import com.tencent.bkrepo.repository.pojo.node.user.UserNodeUpdateRequest
 import com.tencent.bkrepo.repository.pojo.software.ProjectPackageOverview
 import com.tencent.bkrepo.repository.service.node.NodeSearchService
 import com.tencent.bkrepo.repository.service.node.NodeService
-import com.tencent.bkrepo.repository.util.PipelineRepoUtils
+import com.tencent.bkrepo.common.artifact.util.PipelineRepoUtils
 import io.swagger.annotations.Api
 import io.swagger.annotations.ApiOperation
 import io.swagger.annotations.ApiParam
@@ -159,6 +159,7 @@ class UserNodeController(
             fullPaths = fullPaths,
             operator = userId
         )
+        PipelineRepoUtils.forbidPipeline(repoName)
         return ResponseBuilder.success(nodeService.deleteNodes(nodesDeleteRequest))
     }
 
@@ -321,8 +322,6 @@ class UserNodeController(
         artifactInfo: ArtifactInfo,
         nodeListOption: NodeListOption
     ): Response<Page<NodeInfo>> {
-        // 禁止查询pipeline仓库
-        PipelineRepoUtils.checkPipeline(artifactInfo.repoName)
         val nodePage = nodeService.listNodePage(artifactInfo, nodeListOption)
         return ResponseBuilder.success(nodePage)
     }

src/frontend/devops-repository/src/views/repoGeneric/index.vue

@@ -47,12 +47,12 @@
                     <span v-else> {{repoName + (searchFullPath || (selectedTreeNode && selectedTreeNode.fullPath) || '') }}</span>
                     <div class="repo-generic-actions bk-button-group">
                         <bk-button
-                            v-if="multiSelect.length"
+                            v-if="multiSelect.length && repoName !== 'pipeline'"
                             @click="handlerMultiDownload">
                             {{$t('batchDownload')}}
                         </bk-button>
                         <bk-button
-                            v-if="multiSelect.length"
+                            v-if="multiSelect.length && repoName !== 'pipeline'"
                             class="ml10"
                             @click="handlerMultiDelete()">
                             {{ $t('batchDeletion') }}