Merge branch 'develop' into refactor/memory_search

# Conflicts:
#	api/app/core/memory/storage_services/search/__init__.py

api/app/controllers/__init__.py

@@ -47,7 +47,8 @@ from . import (
     user_memory_controllers,
     workspace_controller,
     ontology_controller,
-    skill_controller
+    skill_controller,
+    tenant_subscription_controller,
 )
 
 # 创建管理端 API 路由器
@@ -98,5 +99,7 @@ manager_router.include_router(file_storage_controller.router)
 manager_router.include_router(ontology_controller.router)
 manager_router.include_router(skill_controller.router)
 manager_router.include_router(i18n_controller.router)
+manager_router.include_router(tenant_subscription_controller.router)
+manager_router.include_router(tenant_subscription_controller.public_router)
 
 __all__ = ["manager_router"]

api/app/controllers/app_controller.py

@@ -28,6 +28,7 @@ from app.services.app_statistics_service import AppStatisticsService
 from app.services.workflow_import_service import WorkflowImportService
 from app.services.workflow_service import WorkflowService, get_workflow_service
 from app.services.app_dsl_service import AppDslService
+from app.core.quota_stub import check_app_quota
 
 router = APIRouter(prefix="/apps", tags=["Apps"])
 logger = get_business_logger()
@@ -35,6 +36,7 @@ logger = get_business_logger()
 
 @router.post("", summary="创建应用（可选创建 Agent 配置）")
 @cur_workspace_access_guard()
+@check_app_quota
 def create_app(
         payload: app_schema.AppCreate,
         db: Session = Depends(get_db),
@@ -269,6 +271,19 @@ def update_agent_config(
     return success(data=app_schema.AgentConfig.model_validate(cfg))
 
 
+@router.get("/{app_id}/model/parameters/default", summary="获取 Agent 模型参数默认配置")
+@cur_workspace_access_guard()
+def get_agent_model_parameters(
+        app_id: uuid.UUID,
+        db: Session = Depends(get_db),
+        current_user=Depends(get_current_user),
+):
+    workspace_id = current_user.current_workspace_id
+    service = AppService(db)
+    model_parameters = service.get_default_model_parameters(app_id=app_id)
+    return success(data=model_parameters, msg="获取 Agent 模型参数默认配置")
+
+
 @router.get("/{app_id}/config", summary="获取 Agent 配置")
 @cur_workspace_access_guard()
 def get_agent_config(
@@ -1250,9 +1265,11 @@ async def export_app(
 async def import_app(
         file: UploadFile = File(...),
         db: Session = Depends(get_db),
-        current_user: User = Depends(get_current_user)
+        current_user: User = Depends(get_current_user),
+        app_id: Optional[str] = Form(None),
 ):
     """从 YAML 文件导入 agent / multi_agent / workflow 应用。
+    传入 app_id 时覆盖该应用的配置（类型必须一致），否则创建新应用。
     跨空间/跨租户导入时，模型/工具/知识库会按名称匹配，匹配不到则置空并返回 warnings。
     """
     if not file.filename.lower().endswith((".yaml", ".yml")):
@@ -1263,13 +1280,15 @@ async def import_app(
     if not dsl or "app" not in dsl:
         return fail(msg="YAML 格式无效，缺少 app 字段", code=BizCode.BAD_REQUEST)
 
-    new_app, warnings = AppDslService(db).import_dsl(
+    target_app_id = uuid.UUID(app_id) if app_id else None
+    result_app, warnings = AppDslService(db).import_dsl(
         dsl=dsl,
         workspace_id=current_user.current_workspace_id,
         tenant_id=current_user.tenant_id,
         user_id=current_user.id,
+        app_id=target_app_id,
     )
     return success(
-        data={"app": app_schema.App.model_validate(new_app), "warnings": warnings},
+        data={"app": app_schema.App.model_validate(result_app), "warnings": warnings},
         msg="应用导入成功" + ("，但部分资源需手动配置" if warnings else "")
     )

api/app/controllers/chunk_controller.py

@@ -443,10 +443,10 @@ async def retrieve_chunks(
     match retrieve_data.retrieve_type:
         case chunk_schema.RetrieveType.PARTICIPLE:
             rs = vector_service.search_by_full_text(query=retrieve_data.query, top_k=retrieve_data.top_k, indices=indices, score_threshold=retrieve_data.similarity_threshold, file_names_filter=retrieve_data.file_names_filter)
-            return success(data=rs, msg="retrieval successful")
+            return success(data=jsonable_encoder(rs), msg="retrieval successful")
         case chunk_schema.RetrieveType.SEMANTIC:
             rs = vector_service.search_by_vector(query=retrieve_data.query, top_k=retrieve_data.top_k, indices=indices, score_threshold=retrieve_data.vector_similarity_weight, file_names_filter=retrieve_data.file_names_filter)
-            return success(data=rs, msg="retrieval successful")
+            return success(data=jsonable_encoder(rs), msg="retrieval successful")
         case _:
             rs1 = vector_service.search_by_vector(query=retrieve_data.query, top_k=retrieve_data.top_k, indices=indices, score_threshold=retrieve_data.vector_similarity_weight, file_names_filter=retrieve_data.file_names_filter)
             rs2 = vector_service.search_by_full_text(query=retrieve_data.query, top_k=retrieve_data.top_k, indices=indices, score_threshold=retrieve_data.similarity_threshold, file_names_filter=retrieve_data.file_names_filter)

api/app/controllers/file_controller.py

@@ -19,6 +19,7 @@ from app.models.user_model import User
 from app.schemas import file_schema, document_schema
 from app.schemas.response_schema import ApiResponse
 from app.services import file_service, document_service
+from app.core.quota_stub import check_knowledge_capacity_quota
 
 
 # Obtain a dedicated API logger
@@ -131,6 +132,7 @@ async def create_folder(
 
 
 @router.post("/file", response_model=ApiResponse)
+@check_knowledge_capacity_quota
 async def upload_file(
         kb_id: uuid.UUID,
         parent_id: uuid.UUID,

api/app/controllers/knowledge_controller.py

@@ -27,6 +27,7 @@ from app.schemas import knowledge_schema
 from app.schemas.response_schema import ApiResponse
 from app.services import knowledge_service, document_service
 from app.services.model_service import ModelConfigService
+from app.core.quota_stub import check_knowledge_capacity_quota
 
 # Obtain a dedicated API logger
 api_logger = get_api_logger()
@@ -179,6 +180,7 @@ async def get_knowledges(
 
 
 @router.post("/knowledge", response_model=ApiResponse)
+@check_knowledge_capacity_quota
 async def create_knowledge(
         create_data: knowledge_schema.KnowledgeCreate,
         db: Session = Depends(get_db),

api/app/controllers/memory_storage_controller.py

@@ -34,6 +34,7 @@ from app.services.memory_storage_service import (
     search_entity,
     search_statement,
 )
+from app.core.quota_stub import check_memory_engine_quota
 from fastapi import APIRouter, Depends, Header
 from fastapi.responses import StreamingResponse
 from sqlalchemy.orm import Session
@@ -76,6 +77,7 @@ async def get_storage_info(
 
 
 @router.post("/create_config", response_model=ApiResponse)  # 创建配置文件，其他参数默认
+@check_memory_engine_quota
 def create_config(
         payload: ConfigParamsCreate,
         current_user: User = Depends(get_current_user),

api/app/controllers/model_controller.py

@@ -15,6 +15,7 @@ from app.core.response_utils import success
 from app.schemas.response_schema import ApiResponse, PageData
 from app.services.model_service import ModelConfigService, ModelApiKeyService, ModelBaseService
 from app.core.logging_config import get_api_logger
+from app.core.quota_stub import check_model_quota, check_model_activation_quota
 
 # 获取API专用日志器
 api_logger = get_api_logger()
@@ -236,6 +237,7 @@ def delete_model_base(
 
 
 @router.post("/model_plaza/{model_base_id}/add", response_model=ApiResponse)
+@check_model_quota
 def add_model_from_plaza(
     model_base_id: uuid.UUID,
     db: Session = Depends(get_db),
@@ -273,6 +275,7 @@ def get_model_by_id(
 
 
 @router.post("", response_model=ApiResponse)
+@check_model_quota
 async def create_model(
     model_data: model_schema.ModelConfigCreate,
     db: Session = Depends(get_db),
@@ -303,6 +306,7 @@ async def create_model(
 
 
 @router.post("/composite", response_model=ApiResponse)
+@check_model_quota
 async def create_composite_model(
     model_data: model_schema.CompositeModelCreate,
     db: Session = Depends(get_db),
@@ -329,6 +333,7 @@ async def create_composite_model(
 
 
 @router.put("/composite/{model_id}", response_model=ApiResponse)
+@check_model_activation_quota
 async def update_composite_model(
     model_id: uuid.UUID,
     model_data: model_schema.CompositeModelCreate,
@@ -370,6 +375,7 @@ def delete_composite_model(
 
 
 @router.put("/{model_id}", response_model=ApiResponse)
+@check_model_activation_quota
 def update_model(
     model_id: uuid.UUID,
     model_data: model_schema.ModelConfigUpdate,

api/app/controllers/ontology_controller.py

@@ -28,6 +28,8 @@ from fastapi import APIRouter, Depends, HTTPException, File, UploadFile, Form, H
 from fastapi.responses import StreamingResponse, JSONResponse
 from sqlalchemy.orm import Session
 
+from app.core.quota_stub import check_ontology_project_quota
+
 from app.core.config import settings
 from app.core.error_codes import BizCode
 from app.core.language_utils import get_language_from_header
@@ -163,7 +165,7 @@ def _get_ontology_service(
             api_key=api_key_config.api_key,
             base_url=api_key_config.api_base,
             is_omni=api_key_config.is_omni,
-            support_thinking="thinking" in (api_key_config.capability or []),
+            capability=api_key_config.capability,
             max_retries=3,
             timeout=60.0
         )
@@ -287,6 +289,7 @@ async def extract_ontology(
 # ==================== 本体场景管理接口 ====================
 
 @router.post("/scene", response_model=ApiResponse)
+@check_ontology_project_quota
 async def create_scene(
     request: SceneCreateRequest,
     db: Session = Depends(get_db),

api/app/controllers/prompt_optimizer_controller.py

@@ -124,10 +124,11 @@ async def get_prompt_opt(
                     skill=data.skill
             ):
                 # chunk 是 prompt 的增量内容
-                yield f"event:message\ndata: {json.dumps(chunk)}\n\n"
+                yield f"event:message\ndata: {json.dumps(chunk, ensure_ascii=False)}\n\n"
         except Exception as e:
             yield f"event:error\ndata: {json.dumps(
-                {"error": str(e)}
+                {"error": str(e)},
+                ensure_ascii=False
             )}\n\n"
         yield "event:end\ndata: {}\n\n"
 

api/app/controllers/public_share_controller.py

@@ -10,6 +10,7 @@ from sqlalchemy.orm import Session
 from app.core.error_codes import BizCode
 from app.core.exceptions import BusinessException
 from app.core.logging_config import get_business_logger
+from app.core.quota_manager import check_end_user_quota
 from app.core.response_utils import success, fail
 from app.db import get_db, get_db_read
 from app.dependencies import get_share_user_id, ShareTokenData
@@ -308,6 +309,7 @@ def get_conversation(
     "/chat",
     summary="发送消息（支持流式和非流式）"
 )
+@check_end_user_quota
 async def chat(
         payload: conversation_schema.ChatRequest,
         share_data: ShareTokenData = Depends(get_share_user_id),

api/app/controllers/service/__init__.py

@@ -4,7 +4,17 @@
 认证方式: API Key
 """
 from fastapi import APIRouter
-from . import app_api_controller, rag_api_knowledge_controller, rag_api_document_controller, rag_api_file_controller, rag_api_chunk_controller, memory_api_controller, end_user_api_controller
+
+from . import (
+    app_api_controller,
+    end_user_api_controller,
+    memory_api_controller,
+    memory_config_api_controller,
+    rag_api_chunk_controller,
+    rag_api_document_controller,
+    rag_api_file_controller,
+    rag_api_knowledge_controller,
+)
 
 # 创建 V1 API 路由器
 service_router = APIRouter()
@@ -17,5 +27,6 @@ service_router.include_router(rag_api_file_controller.router)
 service_router.include_router(rag_api_chunk_controller.router)
 service_router.include_router(memory_api_controller.router)
 service_router.include_router(end_user_api_controller.router)
+service_router.include_router(memory_config_api_controller.router)
 
 __all__ = ["service_router"]

api/app/controllers/service/end_user_api_controller.py

@@ -5,23 +5,44 @@ import uuid
 from fastapi import APIRouter, Body, Depends, Request
 from sqlalchemy.orm import Session
 
+from app.controllers import user_memory_controllers
 from app.core.api_key_auth import require_api_key
 from app.core.error_codes import BizCode
 from app.core.exceptions import BusinessException
 from app.core.logging_config import get_business_logger
+from app.core.quota_stub import check_end_user_quota
 from app.core.response_utils import success
 from app.db import get_db
 from app.repositories.end_user_repository import EndUserRepository
 from app.schemas.api_key_schema import ApiKeyAuth
+from app.schemas.end_user_info_schema import EndUserInfoUpdate
 from app.schemas.memory_api_schema import CreateEndUserRequest, CreateEndUserResponse
+from app.services import api_key_service
 from app.services.memory_config_service import MemoryConfigService
 
 router = APIRouter(prefix="/end_user", tags=["V1 - End User API"])
 logger = get_business_logger()
 
 
+def _get_current_user(api_key_auth: ApiKeyAuth, db: Session):
+    """Build a current_user object from API key auth
+
+    Args:
+        api_key_auth: Validated API key auth info
+        db: Database session
+
+    Returns:
+        User object with current_workspace_id set
+    """
+    api_key = api_key_service.ApiKeyService.get_api_key(db, api_key_auth.api_key_id, api_key_auth.workspace_id)
+    current_user = api_key.creator
+    current_user.current_workspace_id = api_key_auth.workspace_id
+    return current_user
+
+
 @router.post("/create")
 @require_api_key(scopes=["memory"])
+@check_end_user_quota
 async def create_end_user(
     request: Request,
     api_key_auth: ApiKeyAuth = None,
@@ -37,6 +58,7 @@ async def create_end_user(
 
     Optionally accepts a memory_config_id to connect the end user to a specific
     memory configuration. If not provided, falls back to the workspace default config.
+    Optionally accepts an app_id to bind the end user to a specific app.
     """
     body = await request.json()
     payload = CreateEndUserRequest(**body)
@@ -71,14 +93,26 @@ async def create_end_user(
         else:
             logger.warning(f"No default memory config found for workspace: {workspace_id}")
 
+    # Resolve app_id: explicit from payload, otherwise None
+    app_id = None
+    if payload.app_id:
+        try:
+            app_id = uuid.UUID(payload.app_id)
+        except ValueError:
+            raise BusinessException(
+                f"Invalid app_id format: {payload.app_id}",
+                BizCode.INVALID_PARAMETER
+            )
+
     end_user_repo = EndUserRepository(db)
     end_user = end_user_repo.get_or_create_end_user_with_config(
-        app_id=api_key_auth.resource_id,
+        app_id=app_id,
         workspace_id=workspace_id,
         other_id=payload.other_id,
         memory_config_id=memory_config_id,
+        other_name=payload.other_name,
     )
-
+    end_user.other_name = payload.other_name  
     logger.info(f"End user ready: {end_user.id}")
 
     result = {
@@ -90,3 +124,50 @@ async def create_end_user(
     }
 
     return success(data=CreateEndUserResponse(**result).model_dump(), msg="End user created successfully")
+
+
+@router.get("/info")
+@require_api_key(scopes=["memory"])
+async def get_end_user_info(
+    request: Request,
+    end_user_id: str,
+    api_key_auth: ApiKeyAuth = None,
+    db: Session = Depends(get_db),
+):
+    """
+    Get end user info.
+
+    Retrieves the info record (aliases, meta_data, etc.) for the specified end user.
+    Delegates to the manager-side controller for shared logic.
+    """
+    current_user = _get_current_user(api_key_auth, db)
+    return await user_memory_controllers.get_end_user_info(
+        end_user_id=end_user_id,
+        current_user=current_user,
+        db=db,
+    )
+
+
+@router.post("/info/update")
+@require_api_key(scopes=["memory"])
+async def update_end_user_info(
+    request: Request,
+    api_key_auth: ApiKeyAuth = None,
+    db: Session = Depends(get_db),
+    message: str = Body(None, description="Request body"),
+):
+    """
+    Update end user info.
+
+    Updates the info record (other_name, aliases, meta_data) for the specified end user.
+    Delegates to the manager-side controller for shared logic.
+    """
+    body = await request.json()
+    payload = EndUserInfoUpdate(**body)
+
+    current_user = _get_current_user(api_key_auth, db)
+    return await user_memory_controllers.update_end_user_info(
+        info_update=payload,
+        current_user=current_user,
+        db=db,
+    )

api/app/controllers/service/memory_api_controller.py

@@ -1,53 +1,83 @@
 """Memory 服务接口 - 基于 API Key 认证"""
 
+from fastapi import APIRouter, Body, Depends, Query, Request
+from sqlalchemy.orm import Session
+
 from app.core.api_key_auth import require_api_key
 from app.core.logging_config import get_business_logger
+from app.core.quota_stub import check_end_user_quota
 from app.core.response_utils import success
 from app.db import get_db
 from app.schemas.api_key_schema import ApiKeyAuth
 from app.schemas.memory_api_schema import (
-    CreateEndUserRequest,
-    CreateEndUserResponse,
-    ListConfigsResponse,
     MemoryReadRequest,
     MemoryReadResponse,
+    MemoryReadSyncResponse,
     MemoryWriteRequest,
     MemoryWriteResponse,
+    MemoryWriteSyncResponse,
 )
 from app.services.memory_api_service import MemoryAPIService
-from fastapi import APIRouter, Body, Depends, Request
-from sqlalchemy.orm import Session
 
 router = APIRouter(prefix="/memory", tags=["V1 - Memory API"])
 logger = get_business_logger()
 
 
+def _sanitize_task_result(result: dict) -> dict:
+    """Make Celery task result JSON-serializable.
+
+    Converts UUID and other non-serializable values to strings.
+
+    Args:
+        result: Raw task result dict from task_service
+
+    Returns:
+        JSON-safe dict
+    """
+    import uuid as _uuid
+    from datetime import datetime
+
+    def _convert(obj):
+        if isinstance(obj, dict):
+            return {k: _convert(v) for k, v in obj.items()}
+        if isinstance(obj, list):
+            return [_convert(i) for i in obj]
+        if isinstance(obj, _uuid.UUID):
+            return str(obj)
+        if isinstance(obj, datetime):
+            return obj.isoformat()
+        return obj
+
+    return _convert(result)
+
+
 @router.get("")
 async def get_memory_info():
     """获取记忆服务信息（占位）"""
     return success(data={}, msg="Memory API - Coming Soon")
 
 
-@router.post("/write_api_service")
+@router.post("/write")
 @require_api_key(scopes=["memory"])
-async def write_memory_api_service(
+async def write_memory(
     request: Request,
     api_key_auth: ApiKeyAuth = None,
     db: Session = Depends(get_db),
     message: str = Body(..., description="Message content"),
 ):
     """
-    Write memory to storage.
-    
-    Stores memory content for the specified end user using the Memory API Service.
+    Submit a memory write task.
+
+    Validates the end user, then dispatches the write to a Celery background task
+    with per-user fair locking. Returns a task_id for status polling.
     """
     body = await request.json()
     payload = MemoryWriteRequest(**body)
     logger.info(f"Memory write request - end_user_id: {payload.end_user_id}, workspace_id: {api_key_auth.workspace_id}")
-    
+
     memory_api_service = MemoryAPIService(db)
-    
-    result = await memory_api_service.write_memory(
+
+    result = memory_api_service.write_memory(
         workspace_id=api_key_auth.workspace_id,
         end_user_id=payload.end_user_id,
         message=payload.message,
@@ -55,31 +85,53 @@ async def write_memory_api_service(
         storage_type=payload.storage_type,
         user_rag_memory_id=payload.user_rag_memory_id,
     )
-    
-    logger.info(f"Memory write successful for end_user: {payload.end_user_id}")
-    return success(data=MemoryWriteResponse(**result).model_dump(), msg="Memory written successfully")
+
+    logger.info(f"Memory write task submitted: task_id={result['task_id']}, end_user_id: {payload.end_user_id}")
+    return success(data=MemoryWriteResponse(**result).model_dump(), msg="Memory write task submitted")
 
 
-@router.post("/read_api_service")
+@router.get("/write/status")
 @require_api_key(scopes=["memory"])
-async def read_memory_api_service(
+async def get_write_task_status(
+    request: Request,
+    task_id: str = Query(..., description="Celery task ID"),
+    api_key_auth: ApiKeyAuth = None,
+    db: Session = Depends(get_db),
+):
+    """
+    Check the status of a memory write task.
+
+    Returns the current status and result (if completed) of a previously submitted write task.
+    """
+    logger.info(f"Write task status check - task_id: {task_id}")
+
+    from app.services.task_service import get_task_memory_write_result
+    result = get_task_memory_write_result(task_id)
+
+    return success(data=_sanitize_task_result(result), msg="Task status retrieved")
+
+
+@router.post("/read")
+@require_api_key(scopes=["memory"])
+async def read_memory(
     request: Request,
     api_key_auth: ApiKeyAuth = None,
     db: Session = Depends(get_db),
     message: str = Body(..., description="Query message"),
 ):
     """
-    Read memory from storage.
-    
-    Queries and retrieves memories for the specified end user with context-aware responses.
+    Submit a memory read task.
+
+    Validates the end user, then dispatches the read to a Celery background task.
+    Returns a task_id for status polling.
     """
     body = await request.json()
     payload = MemoryReadRequest(**body)
     logger.info(f"Memory read request - end_user_id: {payload.end_user_id}")
-    
+
     memory_api_service = MemoryAPIService(db)
-    
-    result = await memory_api_service.read_memory(
+
+    result = memory_api_service.read_memory(
         workspace_id=api_key_auth.workspace_id,
         end_user_id=payload.end_user_id,
         message=payload.message,
@@ -88,58 +140,95 @@ async def read_memory_api_service(
         storage_type=payload.storage_type,
         user_rag_memory_id=payload.user_rag_memory_id,
     )
-    
-    logger.info(f"Memory read successful for end_user: {payload.end_user_id}")
-    return success(data=MemoryReadResponse(**result).model_dump(), msg="Memory read successfully")
+
+    logger.info(f"Memory read task submitted: task_id={result['task_id']}, end_user_id: {payload.end_user_id}")
+    return success(data=MemoryReadResponse(**result).model_dump(), msg="Memory read task submitted")
 
 
-@router.get("/configs")
+@router.get("/read/status")
 @require_api_key(scopes=["memory"])
-async def list_memory_configs(
+async def get_read_task_status(
     request: Request,
+    task_id: str = Query(..., description="Celery task ID"),
     api_key_auth: ApiKeyAuth = None,
     db: Session = Depends(get_db),
 ):
     """
-    List all memory configs for the workspace.
-    
-    Returns all available memory configurations associated with the authorized workspace.
+    Check the status of a memory read task.
+
+    Returns the current status and result (if completed) of a previously submitted read task.
     """
-    logger.info(f"List configs request - workspace_id: {api_key_auth.workspace_id}")
+    logger.info(f"Read task status check - task_id: {task_id}")
 
-    memory_api_service = MemoryAPIService(db)
+    from app.services.task_service import get_task_memory_read_result
+    result = get_task_memory_read_result(task_id)
 
-    result = memory_api_service.list_memory_configs(
-        workspace_id=api_key_auth.workspace_id,
-    )
-
-    logger.info(f"Listed {result['total']} configs for workspace: {api_key_auth.workspace_id}")
-    return success(data=ListConfigsResponse(**result).model_dump(), msg="Configs listed successfully")
+    return success(data=_sanitize_task_result(result), msg="Task status retrieved")
 
 
-@router.post("/end_users")
+@router.post("/write/sync")
 @require_api_key(scopes=["memory"])
-async def create_end_user(
+@check_end_user_quota
+async def write_memory_sync(
     request: Request,
     api_key_auth: ApiKeyAuth = None,
     db: Session = Depends(get_db),
+    message: str = Body(..., description="Message content"),
 ):
     """
-    Create an end user.
-    
-    Creates a new end user for the authorized workspace.
-    If an end user with the same other_id already exists, returns the existing one.
+    Write memory synchronously.
+
+    Blocks until the write completes and returns the result directly.
+    For async processing with task polling, use /write instead.
     """
     body = await request.json()
-    payload = CreateEndUserRequest(**body)
-    logger.info(f"Create end user request - other_id: {payload.other_id}, workspace_id: {api_key_auth.workspace_id}")
+    payload = MemoryWriteRequest(**body)
+    logger.info(f"Memory write (sync) request - end_user_id: {payload.end_user_id}")
 
     memory_api_service = MemoryAPIService(db)
 
-    result = memory_api_service.create_end_user(
+    result = await memory_api_service.write_memory_sync(
         workspace_id=api_key_auth.workspace_id,
-        other_id=payload.other_id,
+        end_user_id=payload.end_user_id,
+        message=payload.message,
+        config_id=payload.config_id,
+        storage_type=payload.storage_type,
+        user_rag_memory_id=payload.user_rag_memory_id,
     )
 
-    logger.info(f"End user ready: {result['id']}")
-    return success(data=CreateEndUserResponse(**result).model_dump(), msg="End user created successfully")
+    logger.info(f"Memory write (sync) successful for end_user: {payload.end_user_id}")
+    return success(data=MemoryWriteSyncResponse(**result).model_dump(), msg="Memory written successfully")
+
+
+@router.post("/read/sync")
+@require_api_key(scopes=["memory"])
+async def read_memory_sync(
+    request: Request,
+    api_key_auth: ApiKeyAuth = None,
+    db: Session = Depends(get_db),
+    message: str = Body(..., description="Query message"),
+):
+    """
+    Read memory synchronously.
+
+    Blocks until the read completes and returns the answer directly.
+    For async processing with task polling, use /read instead.
+    """
+    body = await request.json()
+    payload = MemoryReadRequest(**body)
+    logger.info(f"Memory read (sync) request - end_user_id: {payload.end_user_id}")
+
+    memory_api_service = MemoryAPIService(db)
+
+    result = await memory_api_service.read_memory_sync(
+        workspace_id=api_key_auth.workspace_id,
+        end_user_id=payload.end_user_id,
+        message=payload.message,
+        search_switch=payload.search_switch,
+        config_id=payload.config_id,
+        storage_type=payload.storage_type,
+        user_rag_memory_id=payload.user_rag_memory_id,
+    )
+
+    logger.info(f"Memory read (sync) successful for end_user: {payload.end_user_id}")
+    return success(data=MemoryReadSyncResponse(**result).model_dump(), msg="Memory read successfully")

api/app/controllers/service/memory_config_api_controller.py

@@ -0,0 +1,491 @@
+"""Memory Config 服务接口 - 基于 API Key 认证"""
+
+from typing import Optional
+import uuid
+
+from fastapi import APIRouter, Body, Depends, Header, Query, Request
+from fastapi.encoders import jsonable_encoder
+from sqlalchemy.orm import Session
+
+from app.controllers import memory_storage_controller
+from app.controllers import memory_forget_controller
+from app.controllers import ontology_controller
+from app.controllers import emotion_config_controller
+from app.controllers import memory_reflection_controller
+from app.schemas.memory_storage_schema import ForgettingConfigUpdateRequest
+from app.controllers.emotion_config_controller import EmotionConfigUpdate
+from app.schemas.memory_reflection_schemas import Memory_Reflection
+from app.core.api_key_auth import require_api_key
+from app.core.error_codes import BizCode
+from app.core.exceptions import BusinessException
+from app.core.logging_config import get_business_logger
+from app.core.response_utils import success
+from app.db import get_db
+from app.repositories.memory_config_repository import MemoryConfigRepository
+from app.schemas.api_key_schema import ApiKeyAuth
+from app.schemas.memory_api_schema import (
+    ConfigUpdateExtractedRequest,
+    ConfigUpdateRequest,
+    ListConfigsResponse,
+    ConfigCreateRequest,
+    ConfigUpdateForgettingRequest,
+    EmotionConfigUpdateRequest,
+    ReflectionConfigUpdateRequest,
+)
+from app.schemas.memory_storage_schema import (
+    ConfigUpdate, 
+    ConfigUpdateExtracted,
+    ConfigParamsCreate,
+)
+from app.services import api_key_service
+from app.services.memory_api_service import MemoryAPIService
+from app.utils.config_utils import resolve_config_id
+
+router = APIRouter(prefix="/memory_config", tags=["V1 - Memory Config API"])
+logger = get_business_logger()
+
+
+def _get_current_user(api_key_auth: ApiKeyAuth, db: Session):
+    """Build a current_user object from API key auth
+
+    Args:
+        api_key_auth: Validated API key auth info
+        db: Database session
+
+    Returns:
+        User object with current_workspace_id set
+    """
+    api_key = api_key_service.ApiKeyService.get_api_key(db, api_key_auth.api_key_id, api_key_auth.workspace_id)
+    current_user = api_key.creator
+    current_user.current_workspace_id = api_key_auth.workspace_id
+    return current_user
+
+
+def _verify_config_ownership(config_id:str, workspace_id:uuid.UUID, db:Session):
+    """Verify that the config belongs to the workspace.
+    
+      Args: 
+          config_id: The ID of the config to verify
+          workspace_id: The workspace ID tocheck against
+          db: Database session for querying
+        Raises:
+            BusinessException: If the config does not exist or does not belong to the workspace
+    """
+    try:
+        resolved_id = resolve_config_id(config_id, db)
+    except ValueError as e:
+        raise BusinessException(
+            message=f"Invalid config_id: {e}",
+            code=BizCode.INVALID_PARAMETER,
+        )
+    config = MemoryConfigRepository.get_by_id(db, resolved_id)
+    if not config or config.workspace_id != workspace_id:
+        raise BusinessException(
+            message="Config not found or access denied",
+            code=BizCode.MEMORY_CONFIG_NOT_FOUND,
+        )
+
+# @router.get("/configs")
+# @require_api_key(scopes=["memory"])
+# async def list_memory_configs(
+#     request: Request,
+#     api_key_auth: ApiKeyAuth = None,
+#     db: Session = Depends(get_db),
+# ):
+#     """
+#     List all memory configs for the workspace.
+
+#     Returns all available memory configurations associated with the authorized workspace.
+#     """
+#     logger.info(f"List configs request - workspace_id: {api_key_auth.workspace_id}")
+
+#     memory_api_service = MemoryAPIService(db)
+
+#     result = memory_api_service.list_memory_configs(
+#         workspace_id=api_key_auth.workspace_id,
+#     )
+
+#     logger.info(f"Listed {result['total']} configs for workspace: {api_key_auth.workspace_id}")
+#     return success(data=ListConfigsResponse(**result).model_dump(), msg="Configs listed successfully")
+
+@router.get("/read_all_config")
+@require_api_key(scopes=["memory"])
+async def read_all_config(
+    request:Request,
+    api_key_auth: ApiKeyAuth = None,
+    db: Session = Depends(get_db),
+):
+    """
+    List all memory configs with full details (enhanced version).
+
+    Returns complete config fields for the authorized workspace.
+    No config_id ownership check needed — results are filtered by workspace.
+    """
+    logger.info(f"V1 get all configs (full) - workspace: {api_key_auth.workspace_id}")
+
+    current_user = _get_current_user(api_key_auth, db)
+
+    return memory_storage_controller.read_all_config(
+        current_user=current_user,
+        db=db,
+    )
+
+@router.get("/scenes/simple")
+@require_api_key(scopes=["memory"])
+async def get_ontology_scenes(
+    request: Request,
+    api_key_auth: ApiKeyAuth = None,
+    db: Session = Depends(get_db),
+):
+    """
+    Get available ontology scenes for the workspace.
+
+    Returns a simple list of scene_id and scene_name for dropdown selection.
+    Used before creating a memory config to choose which ontology scene to associate.
+    """
+    logger.info(f"V1 get scenes - workspace: {api_key_auth.workspace_id}")
+
+    current_user = _get_current_user(api_key_auth, db)
+
+    return await ontology_controller.get_scenes_simple(
+        db=db,
+        current_user=current_user,
+    )
+
+@router.get("/read_config_extracted")
+@require_api_key(scopes=["memory"])
+async def read_config_extracted(
+    request: Request,
+    config_id: str = Query(..., description="config_id"),
+    api_key_auth: ApiKeyAuth = None,
+    db: Session = Depends(get_db),
+):
+    """
+    Get extraction engine config details for a specific config.
+
+    Only configs belonging to the authorized workspace can be queried.
+    """
+    logger.info(f"V1 read extracted config - config_id: {config_id}, workspace: {api_key_auth.workspace_id}")
+
+    _verify_config_ownership(config_id, api_key_auth.workspace_id, db)
+
+    current_user = _get_current_user(api_key_auth, db)
+
+    return memory_storage_controller.read_config_extracted(
+        config_id = config_id,
+        current_user = current_user,
+        db = db,
+    )
+
+@router.get("/read_config_forgetting")
+@require_api_key(scopes=["memory"])
+async def read_config_forgetting(
+    request: Request,
+    config_id: str = Query(..., description="config_id"),
+    api_key_auth: ApiKeyAuth = None,
+    db: Session = Depends(get_db),
+):
+    """
+    Get forgetting settings for a specific memory config.
+
+    Only configs belonging to the authorized workspace can be queried.
+    """
+    logger.info(f"V1 read forgetting config - config_id: {config_id}, workspace: {api_key_auth.workspace_id}")
+
+    _verify_config_ownership(config_id, api_key_auth.workspace_id, db)
+
+    current_user = _get_current_user(api_key_auth, db)
+
+    result = await memory_forget_controller.read_forgetting_config(
+        config_id = config_id,
+        current_user = current_user,
+        db = db,
+    )
+    return jsonable_encoder(result)
+
+
+
+@router.get("/read_config_emotion")
+@require_api_key(scopes=["memory"])
+async def read_config_emotion(
+    request: Request,
+    config_id: str = Query(..., description="config_id"),
+    api_key_auth: ApiKeyAuth = None,
+    db: Session = Depends(get_db),
+):
+    """
+    Get emotion engine config details for a specific config.
+
+    Only configs belonging to the authorized workspace can be queried.
+    """
+    logger.info(f"V1 read emotion config - config_id: {config_id}, workspace: {api_key_auth.workspace_id}")
+
+    _verify_config_ownership(config_id, api_key_auth.workspace_id, db)
+
+    current_user = _get_current_user(api_key_auth, db)
+
+    return jsonable_encoder(emotion_config_controller.get_emotion_config(
+        config_id=config_id,
+        db=db,
+        current_user=current_user,
+    ))
+
+@router.get("/read_config_reflection")
+@require_api_key(scopes=["memory"])
+async def read_config_reflection(
+    request: Request,
+    config_id: str = Query(..., description="config_id"),
+    api_key_auth: ApiKeyAuth = None,
+    db: Session = Depends(get_db),
+):
+    """
+    Get reflection engine config details for a specific config.
+
+    Only configs belonging to the authorized workspace can be queried.
+    """
+    logger.info(f"V1 read reflection config - config_id: {config_id}, workspace: {api_key_auth.workspace_id}")
+
+    _verify_config_ownership(config_id, api_key_auth.workspace_id, db)
+
+    current_user = _get_current_user(api_key_auth, db)
+
+    return jsonable_encoder(await memory_reflection_controller.start_reflection_configs(
+        config_id=config_id,
+        current_user=current_user,
+        db=db,
+    ))
+
+
+@router.post("/create_config")
+@require_api_key(scopes=["memory"])
+async def create_memory_config(
+    request: Request,
+    api_key_auth: ApiKeyAuth = None,
+    db: Session = Depends(get_db),
+    message: str = Body(None, description="Request body"),
+    x_language_type: Optional[str] = Header(None, alias="X-Language-Type"),
+):
+    """
+    Create a new memory config for the workspace.
+
+    The config will be associated with the workspace of the API Key.
+    config_name is required, other fields are optional.
+    """
+    body = await request.json()
+    payload = ConfigCreateRequest(**body)
+
+    logger.info(f"V1 create config - workspace: {api_key_auth.workspace_id}, config_name: {payload.config_name}")
+    
+    # 构造管理端 Schema，workspace_id 从 API Key 注入
+    current_user = _get_current_user(api_key_auth, db)
+    mgmt_payload = ConfigParamsCreate(
+        config_name=payload.config_name,
+        config_desc=payload.config_desc or "",
+        scene_id=payload.scene_id,
+        llm_id=payload.llm_id,
+        embedding_id=payload.embedding_id,
+        rerank_id=payload.rerank_id,
+        reflection_model_id=payload.reflection_model_id,
+        emotion_model_id=payload.emotion_model_id,
+    )
+    #将返回数据中UUID序列化处理
+    result =memory_storage_controller.create_config(
+        payload=mgmt_payload,
+        current_user=current_user,
+        db=db,
+        x_language_type=x_language_type,
+    )
+    return jsonable_encoder(result)
+
+@router.put("/update_config")
+@require_api_key(scopes=["memory"])
+async def update_memory_config(
+    request: Request,
+    api_key_auth: ApiKeyAuth = None,
+    db: Session = Depends(get_db),
+    message: str = Body(None, description="Request body"),
+):
+    """
+    Update memory config basic info (name, description, scene).
+
+    Requires API Key with 'memory' scope
+    Only configs belonging to the authorized workspace can be updated.
+    """
+    body = await request.json()
+    payload = ConfigUpdateRequest(**body)
+    
+    logger.info(f"V1 update config - config_id: {payload.config_id}, workspace: {api_key_auth.workspace_id}")
+
+    _verify_config_ownership(payload.config_id, api_key_auth.workspace_id, db)
+
+    current_user = _get_current_user(api_key_auth, db)
+    mgmt_payload = ConfigUpdate(
+        config_id = payload.config_id,
+        config_name = payload.config_name,
+        config_desc = payload.config_desc,
+        scene_id = payload.scene_id,
+    )
+
+    return memory_storage_controller.update_config(
+        payload = mgmt_payload,
+        current_user = current_user,
+        db = db,
+    )
+
+@router.put("/update_config_extracted")
+@require_api_key(scopes=["memory"])
+async def update_memory_config_extracted(
+    request: Request,
+    api_key_auth: ApiKeyAuth = None,
+    db: Session = Depends(get_db),
+    message: str = Body(None, description="Request body"),
+):
+   """
+    update memory config extraction engine config (models, thresholds, chunking, pruning, etc.).
+
+    Requires API Key with 'memory' scope.
+    Only configs belonging to the authorized workspace can be updated.
+   """
+   body = await request.json()
+   payload = ConfigUpdateExtractedRequest(**body)
+
+   logger.info(f"V1 update extracted config - config_id: {payload.config_id}, workspace: {api_key_auth.workspace_id}")
+
+   #校验权限
+   _verify_config_ownership(payload.config_id, api_key_auth.workspace_id, db)
+
+   current_user = _get_current_user(api_key_auth, db)
+   update_fields = payload.model_dump(exclude_unset=True)
+   mgmt_payload = ConfigUpdateExtracted(**update_fields)
+
+   return memory_storage_controller.update_config_extracted(
+        payload = mgmt_payload,
+        current_user = current_user,
+        db = db,
+   )
+
+@router.put("/update_config_forgetting")
+@require_api_key(scopes=["memory"])
+async def update_memory_config_forgetting(
+    request: Request,
+    api_key_auth: ApiKeyAuth = None,
+    db: Session = Depends(get_db),
+    message: str = Body(None, description="Request body"),
+):
+   """
+    update memory config forgetting settings (forgetting strategy, parameters, etc.).
+
+    Requires API Key with 'memory' scope.
+    Only configs belonging to the authorized workspace can be updated.
+   """
+   body = await request.json()
+   payload = ConfigUpdateForgettingRequest(**body)
+
+   logger.info(f"V1 update forgetting config - config_id: {payload.config_id}, workspace: {api_key_auth.workspace_id}")
+
+   #校验权限
+   _verify_config_ownership(payload.config_id, api_key_auth.workspace_id, db)
+
+   current_user = _get_current_user(api_key_auth, db)
+   update_fields = payload.model_dump(exclude_unset=True)
+   mgmt_payload = ForgettingConfigUpdateRequest(**update_fields)
+
+   #将返回数据中UUID序列化处理
+   result = await memory_forget_controller.update_forgetting_config(
+        payload = mgmt_payload,
+        current_user = current_user,
+        db = db,
+   )
+   return jsonable_encoder(result)
+
+@router.put("/update_config_emotion")
+@require_api_key(scopes=["memory"])
+async def update_config_emotion(
+    request: Request,
+    api_key_auth: ApiKeyAuth = None,
+    db: Session = Depends(get_db),
+    message: str = Body(None, description="Request body"),
+):
+    """
+    Update emotion engine config (full update).
+
+    All fields except emotion_model_id are required.
+    Only configs belonging to the authorized workspace can be updated.
+    """
+    body = await request.json()
+    payload = EmotionConfigUpdateRequest(**body)
+
+    logger.info(f"V1 update emotion config - config_id: {payload.config_id}, workspace: {api_key_auth.workspace_id}")
+
+    _verify_config_ownership(payload.config_id, api_key_auth.workspace_id, db)
+
+    current_user = _get_current_user(api_key_auth, db)
+    update_fields = payload.model_dump(exclude_unset=True)
+    mgmt_payload = EmotionConfigUpdate(**update_fields)
+    return jsonable_encoder(emotion_config_controller.update_emotion_config(
+        config=mgmt_payload,
+        db=db,
+        current_user=current_user,
+    ))
+
+@router.put("/update_config_reflection")
+@require_api_key(scopes=["memory"])
+async def update_config_reflection(
+    request: Request,
+    api_key_auth: ApiKeyAuth = None,
+    db: Session = Depends(get_db),
+    message: str = Body(None, description="Request body"),
+):
+    """
+    Update reflection engine config (full update).
+
+    All fields are required.
+    Only configs belonging to the authorized workspace can be updated.
+    """
+    body = await request.json()
+    payload = ReflectionConfigUpdateRequest(**body)
+
+    logger.info(f"V1 update reflection config - config_id: {payload.config_id}, workspace: {api_key_auth.workspace_id}")
+
+    _verify_config_ownership(payload.config_id, api_key_auth.workspace_id, db)
+
+    current_user = _get_current_user(api_key_auth, db)
+    update_fields = payload.model_dump(exclude_unset=True)
+    mgmt_payload = Memory_Reflection(**update_fields)
+
+    return jsonable_encoder(await memory_reflection_controller.save_reflection_config(
+        request=mgmt_payload,
+        current_user=current_user,
+        db=db,
+    ))
+
+@router.delete("/delete_config")
+@require_api_key(scopes=["memory"])
+async def delete_memory_config(
+    config_id: str,
+    request: Request,
+    force: bool = Query(False, description="是否强制删除（即使有终端用户正在使用）"),
+    api_key_auth: ApiKeyAuth = None,
+    db: Session = Depends(get_db),
+):
+    """
+    Delete a memory config.
+
+    - Default configs cannot be deleted.
+    - If end users are connected and force=False, returns a warning.
+    - If force=True, clears end user references and deletes the config.
+
+    Only configs belonging to the authorized workspace can be deleted.
+    """
+    logger.info(f"V1 delete config - config_id: {config_id}, force: {force}, workspace: {api_key_auth.workspace_id}")
+
+    _verify_config_ownership(config_id, api_key_auth.workspace_id, db)
+
+    current_user = _get_current_user(api_key_auth, db)
+
+    return memory_storage_controller.delete_config(
+        config_id=config_id,
+        force=force,
+        current_user=current_user,
+        db=db,
+    )

api/app/controllers/skill_controller.py

@@ -11,11 +11,13 @@ from app.schemas import skill_schema
 from app.schemas.response_schema import PageData, PageMeta
 from app.services.skill_service import SkillService
 from app.core.response_utils import success
+from app.core.quota_stub import check_skill_quota
 
 router = APIRouter(prefix="/skills", tags=["Skills"])
 
 
 @router.post("", summary="创建技能")
+@check_skill_quota
 def create_skill(
     data: skill_schema.SkillCreate,
     db: Session = Depends(get_db),

api/app/controllers/tenant_subscription_controller.py

@@ -0,0 +1,173 @@
+"""
+租户套餐查询接口（普通用户可访问）
+"""
+import datetime
+from typing import Callable, Optional
+
+from fastapi import APIRouter, Depends
+from fastapi.responses import JSONResponse
+from sqlalchemy.orm import Session
+
+from app.core.logging_config import get_api_logger
+from app.core.response_utils import success, fail
+from app.db import get_db
+from app.dependencies import get_current_user
+from app.i18n.dependencies import get_translator
+from app.models.user_model import User
+from app.schemas.response_schema import ApiResponse
+
+logger = get_api_logger()
+
+router = APIRouter(prefix="/tenant", tags=["Tenant"])
+public_router = APIRouter(tags=["Tenant"])
+
+
+@router.get("/subscription", response_model=ApiResponse, summary="获取当前用户所属租户的套餐信息")
+async def get_my_tenant_subscription(
+    current_user: User = Depends(get_current_user),
+    db: Session = Depends(get_db),
+    t: Callable = Depends(get_translator),
+):
+    """
+    获取当前登录用户所属租户的有效套餐订阅信息。
+    包含套餐名称、版本、配额、到期时间等。
+    """
+    try:
+        from premium.platform_admin.package_plan_service import TenantSubscriptionService
+
+        if not current_user.tenant:
+            return JSONResponse(status_code=404, content=fail(code=404, msg="用户未关联租户"))
+
+        tenant_id = current_user.tenant.id
+        svc = TenantSubscriptionService(db)
+        sub = svc.get_subscription(tenant_id)
+
+        if not sub:
+            # 无订阅记录时，兜底返回免费套餐信息
+            free_plan = svc.plan_repo.get_free_plan()
+            if not free_plan:
+                return success(data=None, msg="暂无有效套餐")
+            return success(data={
+                "subscription_id": None,
+                "tenant_id": str(tenant_id),
+                "package_plan_id": str(free_plan.id),
+                "package_version": free_plan.version,
+                "package_plan": {
+                    "id": str(free_plan.id),
+                    "name": free_plan.name,
+                    "name_en": free_plan.name_en,
+                    "version": free_plan.version,
+                    "category": free_plan.category,
+                    "tier_level": free_plan.tier_level,
+                    "price": float(free_plan.price) if free_plan.price is not None else 0.0,
+                    "billing_cycle": free_plan.billing_cycle,
+                    "core_value": free_plan.core_value,
+                    "core_value_en": free_plan.core_value_en,
+                    "tech_support": free_plan.tech_support,
+                    "tech_support_en": free_plan.tech_support_en,
+                    "sla_compliance": free_plan.sla_compliance,
+                    "sla_compliance_en": free_plan.sla_compliance_en,
+                    "page_customization": free_plan.page_customization,
+                    "page_customization_en": free_plan.page_customization_en,
+                    "theme_color": free_plan.theme_color,
+                },
+                "started_at": None,
+                "expired_at": None,
+                "status": "active",
+                "quotas": free_plan.quotas or {},
+                "created_at": int(datetime.datetime.utcnow().timestamp() * 1000),
+                "updated_at": int(datetime.datetime.utcnow().timestamp() * 1000),
+            }, msg="免费套餐")
+
+        return success(data=svc.build_response(sub))
+
+    except ModuleNotFoundError:
+        # 社区版无 premium 模块，从配置文件读取免费套餐
+        if not current_user.tenant:
+            return JSONResponse(status_code=404, content=fail(code=404, msg="用户未关联租户"))
+
+        from app.config.default_free_plan import DEFAULT_FREE_PLAN
+
+        plan = DEFAULT_FREE_PLAN
+        response_data = {
+            "subscription_id": None,
+            "tenant_id": str(current_user.tenant.id),
+            "package_plan_id": None,
+            "package_version": plan["version"],
+            "package_plan": {
+                "id": None,
+                "name": plan["name"],
+                "name_en": plan.get("name_en"),
+                "version": plan["version"],
+                "category": plan["category"],
+                "tier_level": plan["tier_level"],
+                "price": float(plan["price"]),
+                "billing_cycle": plan["billing_cycle"],
+                "core_value": plan.get("core_value"),
+                "core_value_en": plan.get("core_value_en"),
+                "tech_support": plan.get("tech_support"),
+                "tech_support_en": plan.get("tech_support_en"),
+                "sla_compliance": plan.get("sla_compliance"),
+                "sla_compliance_en": plan.get("sla_compliance_en"),
+                "page_customization": plan.get("page_customization"),
+                "page_customization_en": plan.get("page_customization_en"),
+                "theme_color": plan.get("theme_color"),
+            },
+            "started_at": None,
+            "expired_at": None,
+            "status": "active",
+            "quotas": plan["quotas"],
+            "created_at": int(datetime.datetime.utcnow().timestamp() * 1000),
+            "updated_at": int(datetime.datetime.utcnow().timestamp() * 1000),
+        }
+        return success(data=response_data, msg="社区版免费套餐")
+
+    except Exception as e:
+        logger.error(f"获取租户套餐信息失败: {e}", exc_info=True)
+        return JSONResponse(status_code=500, content=fail(code=500, msg="获取套餐信息失败"))
+
+
+@public_router.get("/package-plans", response_model=ApiResponse, summary="获取套餐列表（公开）")
+async def list_package_plans_public(
+    category: Optional[str] = None,
+    status: Optional[bool] = None,
+    search: Optional[str] = None,
+    db: Session = Depends(get_db),
+):
+    """
+    公开接口，无需鉴权。
+    SaaS 版从数据库读取套餐列表；社区版降级返回 default_free_plan.py 中的免费套餐。
+    """
+    try:
+        from premium.platform_admin.package_plan_service import PackagePlanService
+        from premium.platform_admin.package_plan_schema import PackagePlanResponse
+        svc = PackagePlanService(db)
+        result = svc.get_list(page=1, size=9999, category=category, status=status, search=search)
+        return success(data=[PackagePlanResponse.model_validate(p).model_dump(mode="json") for p in result["items"]])
+    except ModuleNotFoundError:
+        from app.config.default_free_plan import DEFAULT_FREE_PLAN
+        plan = DEFAULT_FREE_PLAN
+        return success(data=[{
+            "id": None,
+            "name": plan["name"],
+            "name_en": plan.get("name_en"),
+            "version": plan["version"],
+            "category": plan["category"],
+            "tier_level": plan["tier_level"],
+            "price": float(plan["price"]),
+            "billing_cycle": plan["billing_cycle"],
+            "core_value": plan.get("core_value"),
+            "core_value_en": plan.get("core_value_en"),
+            "tech_support": plan.get("tech_support"),
+            "tech_support_en": plan.get("tech_support_en"),
+            "sla_compliance": plan.get("sla_compliance"),
+            "sla_compliance_en": plan.get("sla_compliance_en"),
+            "page_customization": plan.get("page_customization"),
+            "page_customization_en": plan.get("page_customization_en"),
+            "theme_color": plan.get("theme_color"),
+            "status": plan.get("status", True),
+            "quotas": plan["quotas"],
+        }])
+    except Exception as e:
+        logger.error(f"获取套餐列表失败: {e}", exc_info=True)
+        return JSONResponse(status_code=500, content=fail(code=500, msg="获取套餐列表失败"))

api/app/controllers/user_controller.py

@@ -114,11 +114,14 @@ def get_current_user_info(
 
     # 设置权限：如果用户来自 SSO Source，则使用该 Source 的 permissions；否则返回 "all" 表示拥有所有权限
     if current_user.external_source:
-        from premium.sso.models import SSOSource
-        source = db.query(SSOSource).filter(SSOSource.source_code == current_user.external_source).first()
-        if source and source.permissions:
-            result_schema.permissions = source.permissions
-        else:
+        try:
+            from premium.sso.models import SSOSource
+            source = db.query(SSOSource).filter(SSOSource.source_code == current_user.external_source).first()
+            if source and source.permissions:
+                result_schema.permissions = source.permissions
+            else:
+                result_schema.permissions = []
+        except ModuleNotFoundError:
             result_schema.permissions = []
     else:
         result_schema.permissions = ["all"]

api/app/controllers/workspace_controller.py

@@ -35,6 +35,7 @@ from app.schemas.workspace_schema import (
     WorkspaceUpdate,
 )
 from app.services import workspace_service
+from app.core.quota_stub import check_workspace_quota
 
 # 获取API专用日志器
 api_logger = get_api_logger()
@@ -106,6 +107,7 @@ def get_workspaces(
 
 
 @router.post("", response_model=ApiResponse)
+@check_workspace_quota
 def create_workspace(
     workspace: WorkspaceCreate,
     language_type: str = Header(default="zh", alias="X-Language-Type"),