perf: 空间配置恢复默认值修改为批量操作 --story=132989396

[guohelu]

Reviewed, transaction id: 77017

[github-actions]

Code Review Summary

PR 新增了 SpaceConfigAdminViewSet.batch_delete 批量删除空间配置接口，以及对应的 SpaceConfigBatchDeleteSerializer。

主要问题

1. 🚨 关键数据完整性风险：batch_delete 直接调用 SpaceConfig.objects.filter(id__in=ids).delete()，绕过了 SpaceConfigManager.delete_space_config() 中对 REF 类型配置的引擎同步逻辑（TaskComponentClient.delete_engine_config），可能导致引擎侧残留孤立配置。
2. ⚠️ Serializer 缺少 allow_empty=False 校验，空列表会导致无意义的 delete 调用。
3. ⚠️ 日志信息使用中文，项目规范要求批量/清理操作日志使用英文。

整体思路正确，建议复用 Manager 层的 delete_space_config 逻辑（或新增 batch_delete_space_config 方法）来保证 REF 类型配置的引擎同步一致性。

[github-actions]

⚠️ 项目规范要求清理/批量操作日志使用英文。建议改为 "batch delete space configs failed: {e}"。

[github-actions]

Code Review: PR #651

🔒 Security Issue — Space ID Not Validated

bkflow/space/models.py:177 in batch_delete():

instances = self.filter(id__in=inst_ids)

The filter only checks ID but NOT space_id. This allows users to delete configs from other spaces if they know the IDs. Add constraint: .filter(id__in=inst_ids, space_id=space_id)

---

⚡ Logic Error — Redundant Delete

bkflow/space/models.py:187–190:

instances.delete()  # Line 187 deletes ALL instances
if ref_instances_ids:
    self.filter(id__in=ref_instances_ids).delete()  # Line 190 — already deleted!

Line 187 deletes all instances including REF types. Line 190's second delete is unreachable. Remove line 190 entirely since instances are already gone.

---

⚠️ Chinese Error Message — Use English

bkflow/space/views.py:453:

err_msg = f"批量删除空间配置失败: {str(e)}"

Project convention requires English log messages. Change to: f"Failed to batch delete space configs: {str(e)}"

---

🔐 Input Validation Missing

bkflow/space/serializers.py:86–88 SpaceConfigBatchDeleteSerializer:
No validation that IDs belong to the given space_id. Add a validate() method to verify ownership before the model layer processes deletion. This prevents unauthorized access if a user guesses valid config IDs.

---

✨ Test Coverage

No tests added for batch delete. Consider adding:

• Test REF vs non-REF config deletion
• Verify remote API call for REF types
• Ensure atomic rollback on API failure

---

Summary: PR follows batch operation pattern correctly (POST method matches batch_delete_tasks), but has a permission gap (space_id not filtered) and logic redundancy (double delete). These should be fixed before merge. Test coverage would strengthen confidence in the refactoring.

[github-actions]

Code Review Summary

PR 将空间配置恢复默认值的操作改为批量删除，新增 SpaceConfigAdminViewSet.batch_delete 接口和 SpaceConfigBatchDeleteSerializer，并在 Manager 层实现了 batch_delete 方法。

先前评审问题追踪

• ✅ REF 类型引擎同步：batch_delete 已在 Manager 层正确处理 REF 类型配置的引擎侧同步删除
• ✅ 空列表校验：Serializer 已添加 min_length=1
• ✅ 冗余二次删除：已修复，当前仅一次 instances.delete() 调用

当前仍存在的问题

1. 🔒 space_id 未参与过滤（Critical）：batch_delete 的 self.filter(id__in=inst_ids) 未限制 space_id，用户传入其他空间的配置 ID 可跨空间删除
2. ⚠️ 中文日志消息（Minor）：views.py:453 错误日志使用中文，项目规范要求批量操作日志统一使用英文

其他观察

• 测试文件变更为标签模块的格式化修正和断言优化，与主功能无关，无问题
• 使用 POST 方法进行批量删除与项目中 batch_delete_tasks 等现有模式一致
• 建议为 batch_delete 补充单元测试（REF/非 REF 类型、事务回滚场景）

[github-actions]

⚠️ 项目规范要求批量/清理操作日志使用英文。建议改为 f"batch delete space configs failed: {e}"。

[codecov-commenter]

Codecov Report

❌ Patch coverage is 23.33333% with 23 lines in your changes missing coverage. Please review.
⚠️ Please upload report for BASE (develop@5351ad2). Learn more about missing BASE report.

Files with missing lines	Patch %	Lines
bkflow/space/models.py	7.69%	12 Missing ⚠️
bkflow/space/views.py	21.42%	11 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             develop     #651   +/-   ##
==========================================
  Coverage           ?   82.99%           
==========================================
  Files              ?      272           
  Lines              ?    16112           
  Branches           ?        0           
==========================================
  Hits               ?    13372           
  Misses             ?     2740           
  Partials           ?        0           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[github-actions]

Code Review Summary

PR 将空间配置恢复默认值的操作改为批量删除，新增 SpaceConfigAdminViewSet.batch_delete 接口、SpaceConfigBatchDeleteSerializer 和 Manager 层 batch_delete 方法。同时修复了测试中的时间竞争问题和标签引用计数断言的顺序依赖。

先前评审问题追踪

问题	状态
REF 类型引擎同步遗漏	✅ 已解决 — 逻辑已移入 Manager batch_delete
ListField 缺少 min_length	✅ 已解决 — 已添加 min_length=1
space_id 过滤缺失（跨空间删除风险）	✅ 已解决 — 已添加 space_id=space_id
日志应使用英文	❌ 未修复 — 仍为中文

本轮新发现

1. ⚡ models.py:180-184 — ref_instances_ids 计算在事务外，存在竞态风险
2. ⚠️ views.py:453 — 日志仍使用中文，不符合项目规范

测试改动

• test_legacy.py：将 VALID_DATETIME_TEST_CASE 改为动态生成时间，修复模块加载时的时间竞争 — 改动合理
• test_label_viewset.py：用集合比较替代有序断言 — 改动合理

总体来看，先前的关键问题（REF 同步、跨空间删除）已修复，剩余 2 个 Minor/Important 级别建议。

[github-actions]

⚡ ref_instances_ids 的计算在 transaction.atomic() 之外，存在竞态窗口：在迭代 queryset 和进入事务之间，数据可能被并发请求修改。建议将此列表推导移到 with transaction.atomic(): 块内部，与 delete_space_config 保持一致的事务保护模式。

[github-actions]

⚠️ 项目规范要求批量/清理操作日志使用英文（此问题先前已反馈但未修复）。建议改为 f"batch delete space configs failed: {e}"。

[tencentblueking-adm]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
6 out of 7 committers have signed the CLA.

✅ Mianhuatang8
✅ guohelu
✅ dengyh
✅ RGardenia
✅ Yuikill
✅ wyyalt
❌ noahchi

---

noahchi seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}