diff --git a/app/api/controller/space/label_define.go b/app/api/controller/space/label_define.go
index 1ad66366c..990b8eeeb 100644
--- a/app/api/controller/space/label_define.go
+++ b/app/api/controller/space/label_define.go
@@ -30,7 +30,7 @@ func (c *Controller) DefineLabel(
 	spaceRef string,
 	in *types.DefineLabelInput,
 ) (*types.Label, error) {
-	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionSpaceEdit)
+	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionRepoEdit)
 	if err != nil {
 		return nil, fmt.Errorf("failed to acquire access to space: %w", err)
 	}
diff --git a/app/api/controller/space/label_delete.go b/app/api/controller/space/label_delete.go
index 47b953890..e454e4ab7 100644
--- a/app/api/controller/space/label_delete.go
+++ b/app/api/controller/space/label_delete.go
@@ -29,7 +29,7 @@ func (c *Controller) DeleteLabel(
 	spaceRef string,
 	key string,
 ) error {
-	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionSpaceEdit)
+	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionRepoEdit)
 	if err != nil {
 		return fmt.Errorf("failed to acquire access to space: %w", err)
 	}
diff --git a/app/api/controller/space/label_list.go b/app/api/controller/space/label_list.go
index a49d92b7a..8d498b931 100644
--- a/app/api/controller/space/label_list.go
+++ b/app/api/controller/space/label_list.go
@@ -30,7 +30,7 @@ func (c *Controller) ListLabels(
 	spaceRef string,
 	filter *types.LabelFilter,
 ) ([]*types.Label, int64, error) {
-	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionSpaceView)
+	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionRepoView)
 	if err != nil {
 		return nil, 0, fmt.Errorf("failed to acquire access to space: %w", err)
 	}
diff --git a/app/api/controller/space/label_save.go b/app/api/controller/space/label_save.go
index f947b1195..7f32a4945 100644
--- a/app/api/controller/space/label_save.go
+++ b/app/api/controller/space/label_save.go
@@ -30,7 +30,7 @@ func (c *Controller) SaveLabel(
 	spaceRef string,
 	in *types.SaveInput,
 ) (*types.LabelWithValues, error) {
-	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionSpaceEdit)
+	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionRepoEdit)
 	if err != nil {
 		return nil, fmt.Errorf("failed to acquire access to space: %w", err)
 	}
diff --git a/app/api/controller/space/label_update.go b/app/api/controller/space/label_update.go
index 5e544c9e5..7ef005a81 100644
--- a/app/api/controller/space/label_update.go
+++ b/app/api/controller/space/label_update.go
@@ -31,7 +31,7 @@ func (c *Controller) UpdateLabel(
 	key string,
 	in *types.UpdateLabelInput,
 ) (*types.Label, error) {
-	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionSpaceEdit)
+	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionRepoEdit)
 	if err != nil {
 		return nil, fmt.Errorf("failed to acquire access to space: %w", err)
 	}
diff --git a/app/api/controller/space/label_value_define.go b/app/api/controller/space/label_value_define.go
index 13db74ab1..951dd01b0 100644
--- a/app/api/controller/space/label_value_define.go
+++ b/app/api/controller/space/label_value_define.go
@@ -32,7 +32,7 @@ func (c *Controller) DefineLabelValue(
 	in *types.DefineValueInput,
 ) (*types.LabelValue, error) {
 	// TODO: permission check should be based on static vs dynamic label
-	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionSpaceEdit)
+	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionRepoEdit)
 	if err != nil {
 		return nil, fmt.Errorf("failed to acquire access to space: %w", err)
 	}
diff --git a/app/api/controller/space/label_value_delete.go b/app/api/controller/space/label_value_delete.go
index ff12f82f8..ac1fb7845 100644
--- a/app/api/controller/space/label_value_delete.go
+++ b/app/api/controller/space/label_value_delete.go
@@ -30,7 +30,7 @@ func (c *Controller) DeleteLabelValue(
 	key string,
 	value string,
 ) error {
-	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionSpaceEdit)
+	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionRepoEdit)
 	if err != nil {
 		return fmt.Errorf("failed to acquire access to space: %w", err)
 	}
diff --git a/app/api/controller/space/label_value_list.go b/app/api/controller/space/label_value_list.go
index 551afbaeb..169e753b6 100644
--- a/app/api/controller/space/label_value_list.go
+++ b/app/api/controller/space/label_value_list.go
@@ -31,7 +31,7 @@ func (c *Controller) ListLabelValues(
 	key string,
 	filter *types.ListQueryFilter,
 ) ([]*types.LabelValue, error) {
-	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionSpaceView)
+	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionRepoView)
 	if err != nil {
 		return nil, fmt.Errorf("failed to acquire access to space: %w", err)
 	}
diff --git a/app/api/controller/space/label_value_update.go b/app/api/controller/space/label_value_update.go
index 52a888e33..d12869081 100644
--- a/app/api/controller/space/label_value_update.go
+++ b/app/api/controller/space/label_value_update.go
@@ -32,7 +32,7 @@ func (c *Controller) UpdateLabelValue(
 	value string,
 	in *types.UpdateValueInput,
 ) (*types.LabelValue, error) {
-	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionSpaceEdit)
+	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionRepoEdit)
 	if err != nil {
 		return nil, fmt.Errorf("failed to acquire access to space: %w", err)
 	}