fix: 修复伪装登录与重置链接返回

src/Api/TakeoutSaaS.AdminApi/Controllers/TenantsController.cs

@@ -359,7 +359,7 @@ public sealed class TenantsController(IMediator mediator) : BaseApiController
         var resetUrl = $"{origin}/#/auth/reset-password?token={Uri.EscapeDataString(token)}";
 
         // 3. (空行后) 返回链接
-        return ApiResponse<string>.Ok(resetUrl);
+        return ApiResponse<string>.Ok(data: resetUrl);
     }
 
     /// <summary>

src/Application/TakeoutSaaS.Application/App/Tenants/Handlers/ImpersonateTenantCommandHandler.cs

@@ -18,6 +18,7 @@ namespace TakeoutSaaS.Application.App.Tenants.Handlers;
 public sealed class ImpersonateTenantCommandHandler(
     ITenantRepository tenantRepository,
     ITenantProvider tenantProvider,
+    ITenantContextAccessor tenantContextAccessor,
     ICurrentUserAccessor currentUserAccessor,
     IAdminAuthService adminAuthService,
     IJwtTokenService jwtTokenService)
@@ -35,6 +36,12 @@ public sealed class ImpersonateTenantCommandHandler(
             throw new BusinessException(ErrorCodes.Forbidden, "仅平台超级管理员可执行伪装登录");
         }
 
+        // 2. (空行后) 读取操作者信息（在平台租户上下文内）
+        var operatorProfile = await adminAuthService.GetProfileAsync(currentUserAccessor.UserId, cancellationToken);
+        var operatorName = string.IsNullOrWhiteSpace(operatorProfile.DisplayName)
+            ? $"user:{currentUserAccessor.UserId}"
+            : operatorProfile.DisplayName;
+
         // 2. (空行后) 校验租户存在且存在主管理员
         var tenant = await tenantRepository.FindByIdAsync(request.TenantId, cancellationToken)
             ?? throw new BusinessException(ErrorCodes.NotFound, "租户不存在");
@@ -44,16 +51,17 @@ public sealed class ImpersonateTenantCommandHandler(
             throw new BusinessException(ErrorCodes.BadRequest, "该租户未配置主管理员账号，无法伪装登录");
         }
 
-        // 3. (空行后) 为租户主管理员签发令牌
+        // 3. (空行后) 进入目标租户上下文以读取租户内用户（避免多租户查询过滤导致找不到用户）
+        var originalTenantContext = tenantContextAccessor.Current;
+        tenantContextAccessor.Current = new TenantContext(tenant.Id, null, "admin:impersonate");
+        try
+        {
+            // 4. 为租户主管理员签发令牌
             var targetProfile = await adminAuthService.GetProfileAsync(tenant.PrimaryOwnerUserId.Value, cancellationToken);
             var token = await jwtTokenService.CreateTokensAsync(targetProfile, false, cancellationToken);
 
-        // 4. (空行后) 写入审计日志
+            // 5. (空行后) 恢复租户上下文后写入审计日志
-        var operatorProfile = await adminAuthService.GetProfileAsync(currentUserAccessor.UserId, cancellationToken);
+            tenantContextAccessor.Current = originalTenantContext;
-        var operatorName = string.IsNullOrWhiteSpace(operatorProfile.DisplayName)
-            ? $"user:{currentUserAccessor.UserId}"
-            : operatorProfile.DisplayName;
-
             var auditLog = new TenantAuditLog
             {
                 TenantId = tenant.Id,
@@ -68,8 +76,13 @@ public sealed class ImpersonateTenantCommandHandler(
             await tenantRepository.AddAuditLogAsync(auditLog, cancellationToken);
             await tenantRepository.SaveChangesAsync(cancellationToken);
 
-        // 5. (空行后) 返回令牌
+            // 6. (空行后) 返回令牌
             return token;
         }
+        finally
+        {
+            // 7. (空行后) 确保恢复租户上下文
+            tenantContextAccessor.Current = originalTenantContext;
+        }
+    }
 }
-