From 06b823ff96e4505afa3dcb84c95b654138b87e32 Mon Sep 17 00:00:00 2001
From: wxy <wwq2103456231@163.com>
Date: Thu, 26 Mar 2026 18:48:20 +0800
Subject: [PATCH 1/2] fix: prevent token refresh when tenant is disabled

---
 api/app/repositories/user_repository.py | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/api/app/repositories/user_repository.py b/api/app/repositories/user_repository.py
index b4c11aa4..3f8919aa 100644
--- a/api/app/repositories/user_repository.py
+++ b/api/app/repositories/user_repository.py
@@ -19,18 +19,22 @@ class UserRepository:
         self.db = db
 
     def get_user_by_id(self, user_id: uuid.UUID) -> Optional[User]:
-        """根据ID获取用户"""
-        db_logger.debug(f"根据ID查询用户: user_id={user_id}")
+        """根据 ID 获取用户（租户禁用时返回 None）"""
+        db_logger.debug(f"根据 ID 查询用户：user_id={user_id}")
         
         try:
             user = self.db.query(User).options(joinedload(User.tenant)).filter(User.id == user_id).first()
             if user:
-                db_logger.debug(f"用户查询成功: {user.username} (ID: {user_id})")
+                # 检查租户状态，租户禁用时返回 None
+                if user.tenant and not user.tenant.is_active:
+                    db_logger.warning(f"用户 {user.username} (ID: {user_id}) 所属租户 {user.tenant_id} 已被禁用")
+                    return None
+                db_logger.debug(f"用户查询成功：{user.username} (ID: {user_id})")
             else:
-                db_logger.debug(f"用户不存在: user_id={user_id}")
+                db_logger.debug(f"用户不存在：user_id={user_id}")
             return user
         except Exception as e:
-            db_logger.error(f"根据ID查询用户失败: user_id={user_id} - {str(e)}")
+            db_logger.error(f"根据 ID 查询用户失败：user_id={user_id} - {str(e)}")
             raise
 
     def get_user_by_email(self, email: str) -> Optional[User]:

From 35be03803f8ba8be991638c815cb0c572765b81f Mon Sep 17 00:00:00 2001
From: wxy <wwq2103456231@163.com>
Date: Thu, 26 Mar 2026 18:56:43 +0800
Subject: [PATCH 2/2] feat: add tenant relationship and status fields to User
 model

---
 api/app/models/tenant_model.py | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/api/app/models/tenant_model.py b/api/app/models/tenant_model.py
index 8f101eb5..a92b5629 100644
--- a/api/app/models/tenant_model.py
+++ b/api/app/models/tenant_model.py
@@ -35,10 +35,6 @@ class Tenants(Base):
     api_ops_rate_limit = Column(String(100), nullable=True)         # API 调用频率限制
     status = Column(String(50), nullable=True, default='active')    # 租户状态
     
-    # 租户功能开关字段
-    feature_billing = Column(Boolean, default=False, nullable=False, server_default='false', comment="是否启用收费管理菜单")
-    feature_user_management = Column(Boolean, default=False, nullable=False, server_default='false', comment="是否启用用户管理菜单")
-    
     # Relationship to users - one tenant has many users
     users = relationship("User", back_populates="tenant")