feat: 新增租户管理端 TenantApi 并移除旧 API

src/Application/TakeoutSaaS.Application/App/Stores/StoreTenantAccess.cs

@@ -1,45 +1,12 @@
 using Microsoft.AspNetCore.Http;
-using System;
-using System.Linq;
 
 namespace TakeoutSaaS.Application.App.Stores;
 
 internal static class StoreTenantAccess
 {
-    private const string PermissionClaimType = "permission";
-    private const string ViewAllStoresPermission = "store:read:all";
-    private static readonly string[] PlatformRoleCodes =
-    {
-        "super-admin",
-        "SUPER_ADMIN",
-        "PlatformAdmin",
-        "platform-admin"
-    };
-
     public static bool ShouldIgnoreTenantFilter(IHttpContextAccessor httpContextAccessor)
     {
-        var httpContext = httpContextAccessor.HttpContext;
-        if (httpContext == null)
-        {
-            return false;
-        }
-
-        var user = httpContext.User;
-        if (user?.Identity?.IsAuthenticated != true)
-        {
-            return false;
-        }
-
-        if (PlatformRoleCodes.Any(user.IsInRole))
-        {
-            return true;
-        }
-
-        var permissions = user.FindAll(PermissionClaimType)
-            .Select(c => c.Value?.Trim())
-            .Where(value => !string.IsNullOrWhiteSpace(value))
-            .ToHashSet(StringComparer.OrdinalIgnoreCase);
-
-        return permissions.Contains(ViewAllStoresPermission);
+        // 1. 租户管理端不允许跨租户访问门店数据
+        return false;
     }
 }