diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/service/impl/MemberServiceImpl.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/service/impl/MemberServiceImpl.java
index b007a5d141..ad0b542b3a 100644
--- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/service/impl/MemberServiceImpl.java
+++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/service/impl/MemberServiceImpl.java
@@ -21,6 +21,8 @@
 import org.apache.streampark.console.base.domain.RestRequest;
 import org.apache.streampark.console.base.exception.ApiAlertException;
 import org.apache.streampark.console.base.mybatis.pager.MybatisPager;
+import org.apache.streampark.console.core.enums.UserType;
+import org.apache.streampark.console.core.service.ServiceHelper;
 import org.apache.streampark.console.system.entity.Member;
 import org.apache.streampark.console.system.entity.Team;
 import org.apache.streampark.console.system.entity.User;
@@ -54,6 +56,7 @@ public class MemberServiceImpl extends ServiceImpl<MemberMapper, Member> impleme
   @Autowired private RoleService roleService;
 
   @Autowired private TeamService teamService;
+  @Autowired private ServiceHelper serviceHelper;
 
   @Override
   @Transactional
@@ -153,6 +156,7 @@ public void createMember(Member member) {
 
   @Override
   public void deleteMember(Member memberArg) {
+    checkPermission(memberArg);
     Member member =
         Optional.ofNullable(this.getById(memberArg.getId()))
             .orElseThrow(
@@ -163,8 +167,21 @@ public void deleteMember(Member memberArg) {
     userService.clearLastTeam(member.getUserId(), member.getTeamId());
   }
 
+  private void checkPermission(Member member) {
+    User user = serviceHelper.getLoginUser();
+    ApiAlertException.throwIfTrue(user == null, "Permission denied, invalid login");
+    if (user.getUserType() == UserType.USER) {
+      List<Team> teamList = this.findUserTeams(user.getUserId());
+      Optional<Team> team =
+          teamList.stream().filter(c -> c.getId().equals(member.getTeamId())).findFirst();
+      ApiAlertException.throwIfTrue(
+          !team.isPresent(), "Permission denied, The current user is not in the team");
+    }
+  }
+
   @Override
   public void updateMember(Member member) {
+    checkPermission(member);
     Member oldMember =
         Optional.ofNullable(this.getById(member.getId()))
             .orElseThrow(
diff --git a/streampark-console/streampark-console-service/src/main/resources/mapper/system/MemberMapper.xml b/streampark-console/streampark-console-service/src/main/resources/mapper/system/MemberMapper.xml
index 643ebc2065..a402027fbc 100644
--- a/streampark-console/streampark-console-service/src/main/resources/mapper/system/MemberMapper.xml
+++ b/streampark-console/streampark-console-service/src/main/resources/mapper/system/MemberMapper.xml
@@ -71,14 +71,25 @@
     </select>
 
     <select id="findUsersNotInTeam" resultType="org.apache.streampark.console.system.entity.User">
-        select tu.* from t_user tu
-        where tu.user_id
+        select u.user_id,
+            u.username,
+            u.nick_name,
+            u.user_type,
+            u.login_type,
+            u.status,
+            u.email,
+            u.create_time,
+            u.modify_time,
+            u.sex,
+            u.description
+        from t_user u
+        where u.user_id
         not in (
-                    select u.user_id
-                        from t_user u join t_member m
-                        on m.team_id = #{teamId}
-                        and m.user_id = u.user_id
-                )
+            select u.user_id
+            from t_user u join t_member m
+            on m.team_id = #{teamId}
+            and m.user_id = u.user_id
+        )
     </select>
 
 </mapper>