From 14838dc06400062691dcf9b61029343815fe4926 Mon Sep 17 00:00:00 2001
From: wxy <wwq2103456231@163.com>
Date: Fri, 27 Mar 2026 13:58:31 +0800
Subject: [PATCH] feat: Update user controller

---
 api/app/controllers/user_controller.py | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/api/app/controllers/user_controller.py b/api/app/controllers/user_controller.py
index 20e2b974..e67a0b76 100644
--- a/api/app/controllers/user_controller.py
+++ b/api/app/controllers/user_controller.py
@@ -112,7 +112,7 @@ def get_current_user_info(
     
     api_logger.info(f"当前用户信息获取成功: {result.username}, 角色: {result_schema.role}, 工作空间: {result_schema.current_workspace_name}")
 
-    # 设置权限：如果用户来自 SSO Source，则使用该 Source 的 permissions；否则返回全部权限
+    # 设置权限：如果用户来自 SSO Source，则使用该 Source 的 permissions；否则返回 "all" 表示拥有所有权限
     if current_user.external_source:
         from premium.sso.models import SSOSource
         source = db.query(SSOSource).filter(SSOSource.source_code == current_user.external_source).first()
@@ -121,7 +121,8 @@ def get_current_user_info(
         else:
             result_schema.permissions = []
     else:
-        result_schema.permissions = ["pricing", "user"]
+        from premium.sso.base import SSOPermission
+        result_schema.permissions = [SSOPermission.ALL.value]
 
     return success(data=result_schema, msg=t("users.info.get_success"))
 
@@ -191,7 +192,8 @@ def get_tenant_users(
             source = db.query(SSOSource).filter(SSOSource.source_code == user.external_source).first()
             u_schema.permissions = source.permissions if source and source.permissions else []
         else:
-            u_schema.permissions = ["pricing", "user"]
+            from premium.sso.base import SSOPermission
+            u_schema.permissions = [SSOPermission.ALL.value]
 
     return success(
         data={