From 2150ae8f8cd4884a30b2414146ac7136d01a9246 Mon Sep 17 00:00:00 2001
From: MSuMshk <2039814060@qq.com>
Date: Mon, 15 Dec 2025 15:27:32 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E9=87=8D=E7=BD=AE=E5=AF=86=E7=A0=81?=
=?UTF-8?q?=E5=BF=BD=E7=95=A5=E7=A7=9F=E6=88=B7=E8=BF=87=E6=BB=A4?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
.../ResetAdminPasswordByTokenCommandHandler.cs | 5 ++---
.../Repositories/IIdentityUserRepository.cs | 9 +++++++++
.../Persistence/EfIdentityUserRepository.cs | 13 +++++++++++++
3 files changed, 24 insertions(+), 3 deletions(-)
diff --git a/src/Application/TakeoutSaaS.Application/Identity/Handlers/ResetAdminPasswordByTokenCommandHandler.cs b/src/Application/TakeoutSaaS.Application/Identity/Handlers/ResetAdminPasswordByTokenCommandHandler.cs
index 8df343d..1d1ace2 100644
--- a/src/Application/TakeoutSaaS.Application/Identity/Handlers/ResetAdminPasswordByTokenCommandHandler.cs
+++ b/src/Application/TakeoutSaaS.Application/Identity/Handlers/ResetAdminPasswordByTokenCommandHandler.cs
@@ -46,12 +46,11 @@ public sealed class ResetAdminPasswordByTokenCommandHandler(
throw new BusinessException(ErrorCodes.BadRequest, "重置链接无效或已过期");
}
- // 3. (空行后) 获取用户(可更新)并写入新密码哈希
- var user = await userRepository.GetForUpdateAsync(userId.Value, cancellationToken)
+ // 3. (空行后) 获取用户(可更新,忽略租户过滤器)并写入新密码哈希
+ var user = await userRepository.GetForUpdateIgnoringTenantAsync(userId.Value, cancellationToken)
?? throw new BusinessException(ErrorCodes.NotFound, "用户不存在");
user.PasswordHash = passwordHasher.HashPassword(user, password);
await userRepository.SaveChangesAsync(cancellationToken);
}
}
-
diff --git a/src/Domain/TakeoutSaaS.Domain/Identity/Repositories/IIdentityUserRepository.cs b/src/Domain/TakeoutSaaS.Domain/Identity/Repositories/IIdentityUserRepository.cs
index 773854a..3f10ffb 100644
--- a/src/Domain/TakeoutSaaS.Domain/Identity/Repositories/IIdentityUserRepository.cs
+++ b/src/Domain/TakeoutSaaS.Domain/Identity/Repositories/IIdentityUserRepository.cs
@@ -39,6 +39,15 @@ public interface IIdentityUserRepository
/// 后台用户或 null。
Task GetForUpdateAsync(long userId, CancellationToken cancellationToken = default);
+ ///
+ /// 根据 ID 获取后台用户(用于更新,忽略租户过滤器)。
+ ///
+ /// 用于跨租户场景(如平台生成的重置密码链接)。
+ /// 用户 ID。
+ /// 取消标记。
+ /// 后台用户或 null。
+ Task GetForUpdateIgnoringTenantAsync(long userId, CancellationToken cancellationToken = default);
+
///
/// 按租户与关键字查询后台用户列表(仅读)。
///
diff --git a/src/Infrastructure/TakeoutSaaS.Infrastructure/Identity/Persistence/EfIdentityUserRepository.cs b/src/Infrastructure/TakeoutSaaS.Infrastructure/Identity/Persistence/EfIdentityUserRepository.cs
index a79df2f..2cf7e38 100644
--- a/src/Infrastructure/TakeoutSaaS.Infrastructure/Identity/Persistence/EfIdentityUserRepository.cs
+++ b/src/Infrastructure/TakeoutSaaS.Infrastructure/Identity/Persistence/EfIdentityUserRepository.cs
@@ -50,6 +50,19 @@ public sealed class EfIdentityUserRepository(IdentityDbContext dbContext) : IIde
public Task GetForUpdateAsync(long userId, CancellationToken cancellationToken = default)
=> dbContext.IdentityUsers.FirstOrDefaultAsync(x => x.Id == userId, cancellationToken);
+ ///
+ /// 根据 ID 获取后台用户(用于更新,忽略租户过滤器)。
+ ///
+ /// 用于跨租户场景(如平台生成的重置密码链接)。
+ /// 用户 ID。
+ /// 取消标记。
+ /// 后台用户或 null。
+ public Task GetForUpdateIgnoringTenantAsync(long userId, CancellationToken cancellationToken = default)
+ => dbContext.IdentityUsers
+ .IgnoreQueryFilters()
+ .Where(x => x.DeletedAt == null)
+ .FirstOrDefaultAsync(x => x.Id == userId, cancellationToken);
+
///
/// 按租户与关键字搜索后台用户(只读)。
///