diff --git a/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/service/local/PermissionServiceImpl.kt b/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/service/local/PermissionServiceImpl.kt
index 322b0c24ec..c49cf34e2e 100644
--- a/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/service/local/PermissionServiceImpl.kt
+++ b/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/service/local/PermissionServiceImpl.kt
@@ -417,9 +417,17 @@ open class PermissionServiceImpl constructor(
             repoName,
         )
 
+        return getNoPermissionPathFromConfig(userId, user.roles, projectPermission)
+    }
+
+    private fun getNoPermissionPathFromConfig(
+        userId: String,
+        roles: List<String>,
+        config: List<TPermission>
+    ): List<String> {
         val excludePath = mutableListOf<String>()
         val includePath = mutableListOf<String>()
-        projectPermission.forEach {
+        config.forEach {
             if (it.users.contains(userId)) {
                 if (it.excludePattern.isNotEmpty()) {
                     excludePath.addAll(it.excludePattern)
@@ -433,7 +441,7 @@ open class PermissionServiceImpl constructor(
                 }
             }
 
-            val interRole = it.roles.intersect(user.roles.toSet())
+            val interRole = it.roles.intersect(roles.toSet())
             if (interRole.isNotEmpty()) {
                 if (it.excludePattern.isNotEmpty()) {
                     excludePath.addAll(it.excludePattern)