From 318aded4bf7a3b05d8012b5199eaba26bdbb36b0 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 29 Jan 2026 04:52:50 +0000 Subject: [PATCH] =?UTF-8?q?docs:=20=E6=9B=B4=E6=96=B0=20AdminApi=20?= =?UTF-8?q?=E7=A7=9F=E6=88=B7=E7=BA=A6=E6=9D=9F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Document/15_API边界与自检清单.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Document/15_API边界与自检清单.md b/Document/15_API边界与自检清单.md index 53e284a..ea4bb88 100644 --- a/Document/15_API边界与自检清单.md +++ b/Document/15_API边界与自检清单.md @@ -5,7 +5,7 @@ ## 1. AdminApi(管理后台) - **面向对象**:运营、客服、商户管理员。 - **职责**:租户/门店/商品/订单/支付/配送/字典/权限/RBAC/审计/任务调度等后台管理与洞察。 -- **鉴权**:JWT + RBAC(`[Authorize]` + `PermissionAuthorize`),必须带租户头 `X-Tenant-Id/Code`。 +- **鉴权**:JWT + RBAC(`[Authorize]` + `PermissionAuthorize`),租户头不再强制(单租户操作以路由 `tenantId` 为准)。 - **路由前缀**:`api/admin/v{version}/...`。 - **DTO/约束**:仅管理字段,禁止返回 C 端敏感信息;long -> string;严禁实体直接返回。 - **现有控制器**:`AuthController`、`DeliveriesController`、`DictionaryController`、`FilesController`、`MerchantsController`、`OrdersController`、`PaymentsController`、`PermissionsController`、`RolesController`、`StoresController`、`SystemParametersController`、`TenantPackagesController`、`TenantsController`、`TenantBillingsController`、`TenantAnnouncementsController`、`TenantNotificationsController`、`UserPermissionsController`、`HealthController`。