refactor: 移除门店跨租户访问入口

2026-01-29 14:50:49 +00:00
parent 52fb4fde72
commit f9053356c2
25 changed files with 98 additions and 282 deletions
--- a/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/BatchUpdateBusinessHoursCommandHandler.cs
+++ b/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/BatchUpdateBusinessHoursCommandHandler.cs
@@ -1,5 +1,4 @@
 using MediatR;
-using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Logging;
 using TakeoutSaaS.Application.App.Stores;
 using TakeoutSaaS.Application.App.Stores.Commands;
@@ -19,7 +18,6 @@ namespace TakeoutSaaS.Application.App.Stores.Handlers;
 public sealed class BatchUpdateBusinessHoursCommandHandler(
    IStoreRepository storeRepository,
    ITenantProvider tenantProvider,
-    IHttpContextAccessor httpContextAccessor,
    ILogger<BatchUpdateBusinessHoursCommandHandler> logger)
    : IRequestHandler<BatchUpdateBusinessHoursCommand, IReadOnlyList<StoreBusinessHourDto>>
 {
@@ -27,8 +25,7 @@ public sealed class BatchUpdateBusinessHoursCommandHandler(
    public async Task<IReadOnlyList<StoreBusinessHourDto>> Handle(BatchUpdateBusinessHoursCommand request, CancellationToken cancellationToken)
    {
        // 1. 校验门店存在
-        var ignoreTenantFilter = StoreTenantAccess.ShouldIgnoreTenantFilter(httpContextAccessor);
-        var tenantId = ignoreTenantFilter ? 0 : tenantProvider.GetCurrentTenantId();
+        var tenantId = tenantProvider.GetCurrentTenantId();
        var store = await storeRepository.FindByIdAsync(request.StoreId, tenantId, cancellationToken);
        if (store is null)
        {
--- a/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/CalculateStoreFeeQueryHandler.cs
+++ b/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/CalculateStoreFeeQueryHandler.cs
@@ -1,5 +1,4 @@
 using MediatR;
-using Microsoft.AspNetCore.Http;
 using TakeoutSaaS.Application.App.Stores.Dto;
 using TakeoutSaaS.Application.App.Stores.Queries;
 using TakeoutSaaS.Application.App.Stores.Services;
@@ -18,7 +17,6 @@ namespace TakeoutSaaS.Application.App.Stores.Handlers;
 public sealed class CalculateStoreFeeQueryHandler(
    IStoreRepository storeRepository,
    ITenantProvider tenantProvider,
-    IHttpContextAccessor httpContextAccessor,
    IStoreFeeCalculationService feeCalculationService)
    : IRequestHandler<CalculateStoreFeeQuery, StoreFeeCalculationResultDto>
 {
@@ -26,8 +24,7 @@ public sealed class CalculateStoreFeeQueryHandler(
    public async Task<StoreFeeCalculationResultDto> Handle(CalculateStoreFeeQuery request, CancellationToken cancellationToken)
    {
        // 1. 校验门店存在
-        var ignoreTenantFilter = StoreTenantAccess.ShouldIgnoreTenantFilter(httpContextAccessor);
-        var tenantId = ignoreTenantFilter ? 0 : tenantProvider.GetCurrentTenantId();
+        var tenantId = tenantProvider.GetCurrentTenantId();
        var store = await storeRepository.FindByIdAsync(request.StoreId, tenantId, cancellationToken);
        if (store is null)
        {
--- a/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/CheckStoreDeliveryZoneQueryHandler.cs
+++ b/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/CheckStoreDeliveryZoneQueryHandler.cs
@@ -1,6 +1,4 @@
 using MediatR;
-using Microsoft.AspNetCore.Http;
-using TakeoutSaaS.Application.App.Stores;
 using TakeoutSaaS.Application.App.Stores.Dto;
 using TakeoutSaaS.Application.App.Stores.Queries;
 using TakeoutSaaS.Application.App.Stores.Services;
@@ -17,7 +15,6 @@ namespace TakeoutSaaS.Application.App.Stores.Handlers;
 public sealed class CheckStoreDeliveryZoneQueryHandler(
    IStoreRepository storeRepository,
    ITenantProvider tenantProvider,
-    IHttpContextAccessor httpContextAccessor,
    IDeliveryZoneService deliveryZoneService)
    : IRequestHandler<CheckStoreDeliveryZoneQuery, StoreDeliveryCheckResultDto>
 {
@@ -25,8 +22,7 @@ public sealed class CheckStoreDeliveryZoneQueryHandler(
    public async Task<StoreDeliveryCheckResultDto> Handle(CheckStoreDeliveryZoneQuery request, CancellationToken cancellationToken)
    {
        // 1. 校验门店存在
-        var ignoreTenantFilter = StoreTenantAccess.ShouldIgnoreTenantFilter(httpContextAccessor);
-        var tenantId = ignoreTenantFilter ? 0 : tenantProvider.GetCurrentTenantId();
+        var tenantId = tenantProvider.GetCurrentTenantId();
        var store = await storeRepository.FindByIdAsync(request.StoreId, tenantId, cancellationToken);
        if (store is null)
        {
--- a/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/CheckStoreQualificationsQueryHandler.cs
+++ b/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/CheckStoreQualificationsQueryHandler.cs
@@ -1,5 +1,4 @@
 using MediatR;
-using Microsoft.AspNetCore.Http;
 using TakeoutSaaS.Application.App.Stores.Dto;
 using TakeoutSaaS.Application.App.Stores.Queries;
 using TakeoutSaaS.Domain.Stores.Enums;
@@ -15,16 +14,14 @@ namespace TakeoutSaaS.Application.App.Stores.Handlers;
 /// </summary>
 public sealed class CheckStoreQualificationsQueryHandler(
    IStoreRepository storeRepository,
-    ITenantProvider tenantProvider,
-    IHttpContextAccessor httpContextAccessor)
+    ITenantProvider tenantProvider)
    : IRequestHandler<CheckStoreQualificationsQuery, StoreQualificationCheckResultDto>
 {
    /// <inheritdoc />
    public async Task<StoreQualificationCheckResultDto> Handle(CheckStoreQualificationsQuery request, CancellationToken cancellationToken)
    {
        // 1. 校验门店存在
-        var ignoreTenantFilter = StoreTenantAccess.ShouldIgnoreTenantFilter(httpContextAccessor);
-        var tenantId = ignoreTenantFilter ? 0 : tenantProvider.GetCurrentTenantId();
+        var tenantId = tenantProvider.GetCurrentTenantId();
        var store = await storeRepository.FindByIdAsync(request.StoreId, tenantId, cancellationToken);
        if (store is null)
        {
--- a/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/CreateStoreCommandHandler.cs
+++ b/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/CreateStoreCommandHandler.cs
@@ -1,5 +1,4 @@
 using MediatR;
-using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Logging;
 using TakeoutSaaS.Application.App.Stores;
 using TakeoutSaaS.Application.App.Stores.Commands;
@@ -21,7 +20,6 @@ public sealed class CreateStoreCommandHandler(
    IStoreRepository storeRepository,
    IMerchantRepository merchantRepository,
    ITenantProvider tenantProvider,
-    IHttpContextAccessor httpContextAccessor,
    ILogger<CreateStoreCommandHandler> logger)
    : IRequestHandler<CreateStoreCommand, StoreDto>
 {
@@ -30,10 +28,7 @@ public sealed class CreateStoreCommandHandler(
    {
        // 1. 校验商户存在并解析租户
        var currentTenantId = tenantProvider.GetCurrentTenantId();
-        var allowCrossTenant = StoreTenantAccess.ShouldIgnoreTenantFilter(httpContextAccessor);
-        var merchant = allowCrossTenant
-            ? await merchantRepository.FindByIdAsync(request.MerchantId, cancellationToken)
-            : await merchantRepository.FindByIdAsync(request.MerchantId, currentTenantId, cancellationToken);
+        var merchant = await merchantRepository.FindByIdAsync(request.MerchantId, currentTenantId, cancellationToken);
        if (merchant == null)
        {
            throw new BusinessException(ErrorCodes.NotFound, "商户不存在");
--- a/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/CreateStoreDeliveryZoneCommandHandler.cs
+++ b/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/CreateStoreDeliveryZoneCommandHandler.cs
@@ -1,5 +1,4 @@
 using MediatR;
-using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Logging;
 using TakeoutSaaS.Application.App.Stores;
 using TakeoutSaaS.Application.App.Stores.Commands;
@@ -19,7 +18,6 @@ namespace TakeoutSaaS.Application.App.Stores.Handlers;
 public sealed class CreateStoreDeliveryZoneCommandHandler(
    IStoreRepository storeRepository,
    ITenantProvider tenantProvider,
-    IHttpContextAccessor httpContextAccessor,
    IGeoJsonValidationService geoJsonValidationService,
    ILogger<CreateStoreDeliveryZoneCommandHandler> logger)
    : IRequestHandler<CreateStoreDeliveryZoneCommand, StoreDeliveryZoneDto>
@@ -28,8 +26,7 @@ public sealed class CreateStoreDeliveryZoneCommandHandler(
    public async Task<StoreDeliveryZoneDto> Handle(CreateStoreDeliveryZoneCommand request, CancellationToken cancellationToken)
    {
        // 1. 校验门店存在
-        var ignoreTenantFilter = StoreTenantAccess.ShouldIgnoreTenantFilter(httpContextAccessor);
-        var tenantId = ignoreTenantFilter ? 0 : tenantProvider.GetCurrentTenantId();
+        var tenantId = tenantProvider.GetCurrentTenantId();
        var store = await storeRepository.FindByIdAsync(request.StoreId, tenantId, cancellationToken);
        if (store is null)
        {
--- a/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/CreateStoreHolidayCommandHandler.cs
+++ b/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/CreateStoreHolidayCommandHandler.cs
@@ -1,5 +1,4 @@
 using MediatR;
-using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Logging;
 using TakeoutSaaS.Application.App.Stores;
 using TakeoutSaaS.Application.App.Stores.Commands;
@@ -19,21 +18,18 @@ namespace TakeoutSaaS.Application.App.Stores.Handlers;
 public sealed class CreateStoreHolidayCommandHandler(
    IStoreRepository storeRepository,
    ITenantProvider tenantProvider,
-    IHttpContextAccessor httpContextAccessor,
    ILogger<CreateStoreHolidayCommandHandler> logger)
    : IRequestHandler<CreateStoreHolidayCommand, StoreHolidayDto>
 {
    private readonly IStoreRepository _storeRepository = storeRepository;
    private readonly ITenantProvider _tenantProvider = tenantProvider;
-    private readonly IHttpContextAccessor _httpContextAccessor = httpContextAccessor;
    private readonly ILogger<CreateStoreHolidayCommandHandler> _logger = logger;

    /// <inheritdoc />
    public async Task<StoreHolidayDto> Handle(CreateStoreHolidayCommand request, CancellationToken cancellationToken)
    {
        // 1. 校验门店存在
-        var ignoreTenantFilter = StoreTenantAccess.ShouldIgnoreTenantFilter(_httpContextAccessor);
-        var tenantId = ignoreTenantFilter ? 0 : _tenantProvider.GetCurrentTenantId();
+        var tenantId = _tenantProvider.GetCurrentTenantId();
        var store = await _storeRepository.FindByIdAsync(request.StoreId, tenantId, cancellationToken);
        if (store is null)
        {
--- a/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/DeleteStoreDeliveryZoneCommandHandler.cs
+++ b/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/DeleteStoreDeliveryZoneCommandHandler.cs
@@ -1,7 +1,5 @@
 using MediatR;
-using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Logging;
-using TakeoutSaaS.Application.App.Stores;
 using TakeoutSaaS.Application.App.Stores.Commands;
 using TakeoutSaaS.Domain.Stores.Repositories;
 using TakeoutSaaS.Shared.Abstractions.Tenancy;
@@ -14,21 +12,18 @@ namespace TakeoutSaaS.Application.App.Stores.Handlers;
 public sealed class DeleteStoreDeliveryZoneCommandHandler(
    IStoreRepository storeRepository,
    ITenantProvider tenantProvider,
-    IHttpContextAccessor httpContextAccessor,
    ILogger<DeleteStoreDeliveryZoneCommandHandler> logger)
    : IRequestHandler<DeleteStoreDeliveryZoneCommand, bool>
 {
    private readonly IStoreRepository _storeRepository = storeRepository;
    private readonly ITenantProvider _tenantProvider = tenantProvider;
-    private readonly IHttpContextAccessor _httpContextAccessor = httpContextAccessor;
    private readonly ILogger<DeleteStoreDeliveryZoneCommandHandler> _logger = logger;

    /// <inheritdoc />
    public async Task<bool> Handle(DeleteStoreDeliveryZoneCommand request, CancellationToken cancellationToken)
    {
        // 1. 读取区域
-        var ignoreTenantFilter = StoreTenantAccess.ShouldIgnoreTenantFilter(_httpContextAccessor);
-        var tenantId = ignoreTenantFilter ? 0 : _tenantProvider.GetCurrentTenantId();
+        var tenantId = _tenantProvider.GetCurrentTenantId();
        var existing = await _storeRepository.FindDeliveryZoneByIdAsync(request.DeliveryZoneId, tenantId, cancellationToken);
        if (existing is null)
        {
--- a/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/DeleteStoreHolidayCommandHandler.cs
+++ b/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/DeleteStoreHolidayCommandHandler.cs
@@ -1,7 +1,5 @@
 using MediatR;
-using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Logging;
-using TakeoutSaaS.Application.App.Stores;
 using TakeoutSaaS.Application.App.Stores.Commands;
 using TakeoutSaaS.Domain.Stores.Repositories;
 using TakeoutSaaS.Shared.Abstractions.Tenancy;
@@ -14,21 +12,18 @@ namespace TakeoutSaaS.Application.App.Stores.Handlers;
 public sealed class DeleteStoreHolidayCommandHandler(
    IStoreRepository storeRepository,
    ITenantProvider tenantProvider,
-    IHttpContextAccessor httpContextAccessor,
    ILogger<DeleteStoreHolidayCommandHandler> logger)
    : IRequestHandler<DeleteStoreHolidayCommand, bool>
 {
    private readonly IStoreRepository _storeRepository = storeRepository;
    private readonly ITenantProvider _tenantProvider = tenantProvider;
-    private readonly IHttpContextAccessor _httpContextAccessor = httpContextAccessor;
    private readonly ILogger<DeleteStoreHolidayCommandHandler> _logger = logger;

    /// <inheritdoc />
    public async Task<bool> Handle(DeleteStoreHolidayCommand request, CancellationToken cancellationToken)
    {
        // 1. 读取配置
-        var ignoreTenantFilter = StoreTenantAccess.ShouldIgnoreTenantFilter(_httpContextAccessor);
-        var tenantId = ignoreTenantFilter ? 0 : _tenantProvider.GetCurrentTenantId();
+        var tenantId = _tenantProvider.GetCurrentTenantId();
        var existing = await _storeRepository.FindHolidayByIdAsync(request.HolidayId, tenantId, cancellationToken);
        if (existing is null)
        {
--- a/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/GetStoreByIdQueryHandler.cs
+++ b/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/GetStoreByIdQueryHandler.cs
@@ -1,5 +1,4 @@
 using MediatR;
-using Microsoft.AspNetCore.Http;
 using TakeoutSaaS.Application.App.Stores;
 using TakeoutSaaS.Application.App.Stores.Dto;
 using TakeoutSaaS.Application.App.Stores.Queries;
@@ -14,15 +13,13 @@ namespace TakeoutSaaS.Application.App.Stores.Handlers;
 /// </summary>
 public sealed class GetStoreByIdQueryHandler(
    IStoreRepository storeRepository,
-    ITenantProvider tenantProvider,
-    IHttpContextAccessor httpContextAccessor)
+    ITenantProvider tenantProvider)
    : IRequestHandler<GetStoreByIdQuery, StoreDto?>
 {
    /// <inheritdoc />
    public async Task<StoreDto?> Handle(GetStoreByIdQuery request, CancellationToken cancellationToken)
    {
-        var ignoreTenantFilter = StoreTenantAccess.ShouldIgnoreTenantFilter(httpContextAccessor);
-        var tenantId = ignoreTenantFilter ? 0 : tenantProvider.GetCurrentTenantId();
+        var tenantId = tenantProvider.GetCurrentTenantId();
        var store = await storeRepository.FindByIdAsync(request.StoreId, tenantId, cancellationToken);
        return store == null ? null : StoreMapping.ToDto(store);
    }
--- a/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/GetStoreFeeQueryHandler.cs
+++ b/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/GetStoreFeeQueryHandler.cs
@@ -1,5 +1,5 @@
 using MediatR;
-using Microsoft.AspNetCore.Http;
+using TakeoutSaaS.Application.App.Stores;
 using TakeoutSaaS.Application.App.Stores.Dto;
 using TakeoutSaaS.Application.App.Stores.Queries;
 using TakeoutSaaS.Domain.Stores.Entities;
@@ -15,16 +15,14 @@ namespace TakeoutSaaS.Application.App.Stores.Handlers;
 /// </summary>
 public sealed class GetStoreFeeQueryHandler(
    IStoreRepository storeRepository,
-    ITenantProvider tenantProvider,
-    IHttpContextAccessor httpContextAccessor)
+    ITenantProvider tenantProvider)
    : IRequestHandler<GetStoreFeeQuery, StoreFeeDto?>
 {
    /// <inheritdoc />
    public async Task<StoreFeeDto?> Handle(GetStoreFeeQuery request, CancellationToken cancellationToken)
    {
        // 1. 校验门店存在
-        var ignoreTenantFilter = StoreTenantAccess.ShouldIgnoreTenantFilter(httpContextAccessor);
-        var tenantId = ignoreTenantFilter ? 0 : tenantProvider.GetCurrentTenantId();
+        var tenantId = tenantProvider.GetCurrentTenantId();
        var store = await storeRepository.FindByIdAsync(request.StoreId, tenantId, cancellationToken);
        if (store is null)
        {
--- a/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/ListExpiringStoreQualificationsQueryHandler.cs
+++ b/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/ListExpiringStoreQualificationsQueryHandler.cs
@@ -6,6 +6,8 @@ using TakeoutSaaS.Application.App.Stores.Queries;
 using TakeoutSaaS.Domain.Stores.Enums;
 using TakeoutSaaS.Shared.Abstractions.Constants;
 using TakeoutSaaS.Shared.Abstractions.Data;
+using TakeoutSaaS.Shared.Abstractions.Exceptions;
+using TakeoutSaaS.Shared.Abstractions.Tenancy;

 namespace TakeoutSaaS.Application.App.Stores.Handlers;

@@ -13,7 +15,8 @@ namespace TakeoutSaaS.Application.App.Stores.Handlers;
 /// 资质预警查询处理器。
 /// </summary>
 public sealed class ListExpiringStoreQualificationsQueryHandler(
-    IDapperExecutor dapperExecutor)
+    IDapperExecutor dapperExecutor,
+    ITenantProvider tenantProvider)
    : IRequestHandler<ListExpiringStoreQualificationsQuery, StoreQualificationAlertResultDto>
 {
    /// <inheritdoc />
@@ -33,21 +36,34 @@ public sealed class ListExpiringStoreQualificationsQueryHandler(
        var now = DateOnly.FromDateTime(DateTime.UtcNow);
        var expiringBefore = now.AddDays(daysThreshold);

-        // 2. (空行后) 执行查询
+        // 2. (空行后) 读取当前租户并校验跨租户
+        var currentTenantId = tenantProvider.GetCurrentTenantId();
+        if (currentTenantId <= 0)
+        {
+            throw new BusinessException(ErrorCodes.BadRequest, "缺少租户标识");
+        }
+
+        if (request.TenantId.HasValue && request.TenantId.Value != currentTenantId)
+        {
+            throw new BusinessException(ErrorCodes.Forbidden, "禁止跨租户查询资质预警");
+        }
+        var tenantId = currentTenantId;
+
+        // 3. (空行后) 执行查询
        return await dapperExecutor.QueryAsync(
            DatabaseConstants.AppDataSource,
            DatabaseConnectionRole.Read,
            async (connection, token) =>
            {
-                // 2.1 统计汇总
-                var summary = await ExecuteSummaryAsync(connection, now, expiringBefore, request.TenantId, token);
+                // 3.1 统计汇总
+                var summary = await ExecuteSummaryAsync(connection, now, expiringBefore, tenantId, token);

-                // 2.2 (空行后) 统计总数
+                // 3.2 (空行后) 统计总数
                var total = await ExecuteScalarIntAsync(
                    connection,
                    BuildCountSql(),
                    [
-                        ("tenantId", request.TenantId),
+                        ("tenantId", tenantId),
                        ("expiredOnly", request.Expired),
                        ("now", now),
                        ("expiringBefore", expiringBefore)
@@ -58,12 +74,12 @@ public sealed class ListExpiringStoreQualificationsQueryHandler(
                    return BuildResult([], page, pageSize, total, summary);
                }

-                // 2.3 (空行后) 查询列表
+                // 3.3 (空行后) 查询列表
                await using var listCommand = CreateCommand(
                    connection,
                    BuildListSql(),
                    [
-                        ("tenantId", request.TenantId),
+                        ("tenantId", tenantId),
                        ("expiredOnly", request.Expired),
                        ("now", now),
                        ("expiringBefore", expiringBefore),
@@ -77,7 +93,7 @@ public sealed class ListExpiringStoreQualificationsQueryHandler(
                    return BuildResult([], page, pageSize, total, summary);
                }

-                // 2.4 (空行后) 初始化字段序号
+                // 3.4 (空行后) 初始化字段序号
                var qualificationIdOrdinal = reader.GetOrdinal("QualificationId");
                var storeIdOrdinal = reader.GetOrdinal("StoreId");
                var storeNameOrdinal = reader.GetOrdinal("StoreName");
@@ -88,7 +104,7 @@ public sealed class ListExpiringStoreQualificationsQueryHandler(
                var expiresAtOrdinal = reader.GetOrdinal("ExpiresAt");
                var businessStatusOrdinal = reader.GetOrdinal("BusinessStatus");

-                // 2.5 (空行后) 读取并映射
+                // 3.5 (空行后) 读取并映射
                List<StoreQualificationAlertDto> items = [];
                while (await reader.ReadAsync(token))
                {
@@ -116,7 +132,7 @@ public sealed class ListExpiringStoreQualificationsQueryHandler(
                    });
                }

-                // 2.6 (空行后) 组装结果
+                // 3.6 (空行后) 组装结果
                return BuildResult(items, page, pageSize, total, summary);
            },
            cancellationToken);
@@ -148,7 +164,7 @@ public sealed class ListExpiringStoreQualificationsQueryHandler(
        IDbConnection connection,
        DateOnly now,
        DateOnly expiringBefore,
-        long? tenantId,
+        long tenantId,
        CancellationToken cancellationToken)
    {
        await using var command = CreateCommand(
@@ -186,7 +202,7 @@ public sealed class ListExpiringStoreQualificationsQueryHandler(
            join public.tenants t on t."Id" = s."TenantId" and t."DeletedAt" is null
            where q."DeletedAt" is null
              and q."ExpiresAt" is not null
-              and (@tenantId::bigint is null or s."TenantId" = @tenantId)
+              and s."TenantId" = @tenantId
              and (
                (@expiredOnly::boolean = true and q."ExpiresAt" < @now)
                or (@expiredOnly::boolean = false and q."ExpiresAt" <= @expiringBefore)
@@ -212,7 +228,7 @@ public sealed class ListExpiringStoreQualificationsQueryHandler(
            join public.tenants t on t."Id" = s."TenantId" and t."DeletedAt" is null
            where q."DeletedAt" is null
              and q."ExpiresAt" is not null
-              and (@tenantId::bigint is null or s."TenantId" = @tenantId)
+              and s."TenantId" = @tenantId
              and (
                (@expiredOnly::boolean = true and q."ExpiresAt" < @now)
                or (@expiredOnly::boolean = false and q."ExpiresAt" <= @expiringBefore)
@@ -234,7 +250,7 @@ public sealed class ListExpiringStoreQualificationsQueryHandler(
            join public.tenants t on t."Id" = s."TenantId" and t."DeletedAt" is null
            where q."DeletedAt" is null
              and q."ExpiresAt" is not null
-              and (@tenantId::bigint is null or s."TenantId" = @tenantId);
+              and s."TenantId" = @tenantId;
            """;
    }

--- a/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/ListStoreBusinessHoursQueryHandler.cs
+++ b/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/ListStoreBusinessHoursQueryHandler.cs
@@ -1,6 +1,6 @@
 using System.Linq;
 using MediatR;
-using Microsoft.AspNetCore.Http;
+using TakeoutSaaS.Application.App.Stores;
 using TakeoutSaaS.Application.App.Stores.Dto;
 using TakeoutSaaS.Application.App.Stores.Queries;
 using TakeoutSaaS.Domain.Stores.Repositories;
@@ -13,20 +13,17 @@ namespace TakeoutSaaS.Application.App.Stores.Handlers;
 /// </summary>
 public sealed class ListStoreBusinessHoursQueryHandler(
    IStoreRepository storeRepository,
-    ITenantProvider tenantProvider,
-    IHttpContextAccessor httpContextAccessor)
+    ITenantProvider tenantProvider)
    : IRequestHandler<ListStoreBusinessHoursQuery, IReadOnlyList<StoreBusinessHourDto>>
 {
    private readonly IStoreRepository _storeRepository = storeRepository;
    private readonly ITenantProvider _tenantProvider = tenantProvider;
-    private readonly IHttpContextAccessor _httpContextAccessor = httpContextAccessor;

    /// <inheritdoc />
    public async Task<IReadOnlyList<StoreBusinessHourDto>> Handle(ListStoreBusinessHoursQuery request, CancellationToken cancellationToken)
    {
        // 1. 查询时段列表
-        var ignoreTenantFilter = StoreTenantAccess.ShouldIgnoreTenantFilter(_httpContextAccessor);
-        var tenantId = ignoreTenantFilter ? 0 : _tenantProvider.GetCurrentTenantId();
+        var tenantId = _tenantProvider.GetCurrentTenantId();
        var hours = await _storeRepository.GetBusinessHoursAsync(request.StoreId, tenantId, cancellationToken);

        // 2. 映射 DTO
--- a/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/ListStoreDeliveryZonesQueryHandler.cs
+++ b/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/ListStoreDeliveryZonesQueryHandler.cs
@@ -1,6 +1,6 @@
 using System.Linq;
 using MediatR;
-using Microsoft.AspNetCore.Http;
+using TakeoutSaaS.Application.App.Stores;
 using TakeoutSaaS.Application.App.Stores.Dto;
 using TakeoutSaaS.Application.App.Stores.Queries;
 using TakeoutSaaS.Domain.Stores.Repositories;
@@ -13,20 +13,17 @@ namespace TakeoutSaaS.Application.App.Stores.Handlers;
 /// </summary>
 public sealed class ListStoreDeliveryZonesQueryHandler(
    IStoreRepository storeRepository,
-    ITenantProvider tenantProvider,
-    IHttpContextAccessor httpContextAccessor)
+    ITenantProvider tenantProvider)
    : IRequestHandler<ListStoreDeliveryZonesQuery, IReadOnlyList<StoreDeliveryZoneDto>>
 {
    private readonly IStoreRepository _storeRepository = storeRepository;
    private readonly ITenantProvider _tenantProvider = tenantProvider;
-    private readonly IHttpContextAccessor _httpContextAccessor = httpContextAccessor;

    /// <inheritdoc />
    public async Task<IReadOnlyList<StoreDeliveryZoneDto>> Handle(ListStoreDeliveryZonesQuery request, CancellationToken cancellationToken)
    {
        // 1. 查询配送区域
-        var ignoreTenantFilter = StoreTenantAccess.ShouldIgnoreTenantFilter(_httpContextAccessor);
-        var tenantId = ignoreTenantFilter ? 0 : _tenantProvider.GetCurrentTenantId();
+        var tenantId = _tenantProvider.GetCurrentTenantId();
        var zones = await _storeRepository.GetDeliveryZonesAsync(request.StoreId, tenantId, cancellationToken);

        // 2. 映射 DTO
--- a/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/ListStoreHolidaysQueryHandler.cs
+++ b/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/ListStoreHolidaysQueryHandler.cs
@@ -1,6 +1,5 @@
 using System.Linq;
 using MediatR;
-using Microsoft.AspNetCore.Http;
 using TakeoutSaaS.Application.App.Stores;
 using TakeoutSaaS.Application.App.Stores.Dto;
 using TakeoutSaaS.Application.App.Stores.Queries;
@@ -14,20 +13,17 @@ namespace TakeoutSaaS.Application.App.Stores.Handlers;
 /// </summary>
 public sealed class ListStoreHolidaysQueryHandler(
    IStoreRepository storeRepository,
-    ITenantProvider tenantProvider,
-    IHttpContextAccessor httpContextAccessor)
+    ITenantProvider tenantProvider)
    : IRequestHandler<ListStoreHolidaysQuery, IReadOnlyList<StoreHolidayDto>>
 {
    private readonly IStoreRepository _storeRepository = storeRepository;
    private readonly ITenantProvider _tenantProvider = tenantProvider;
-    private readonly IHttpContextAccessor _httpContextAccessor = httpContextAccessor;

    /// <inheritdoc />
    public async Task<IReadOnlyList<StoreHolidayDto>> Handle(ListStoreHolidaysQuery request, CancellationToken cancellationToken)
    {
        // 1. 查询节假日
-        var ignoreTenantFilter = StoreTenantAccess.ShouldIgnoreTenantFilter(_httpContextAccessor);
-        var tenantId = ignoreTenantFilter ? 0 : _tenantProvider.GetCurrentTenantId();
+        var tenantId = _tenantProvider.GetCurrentTenantId();
        var holidays = await _storeRepository.GetHolidaysAsync(request.StoreId, tenantId, cancellationToken);

        // 2. 映射 DTO
--- a/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/ListStoreQualificationsQueryHandler.cs
+++ b/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/ListStoreQualificationsQueryHandler.cs
@@ -1,5 +1,5 @@
 using MediatR;
-using Microsoft.AspNetCore.Http;
+using TakeoutSaaS.Application.App.Stores;
 using TakeoutSaaS.Application.App.Stores.Dto;
 using TakeoutSaaS.Application.App.Stores.Queries;
 using TakeoutSaaS.Domain.Stores.Repositories;
@@ -14,16 +14,14 @@ namespace TakeoutSaaS.Application.App.Stores.Handlers;
 /// </summary>
 public sealed class ListStoreQualificationsQueryHandler(
    IStoreRepository storeRepository,
-    ITenantProvider tenantProvider,
-    IHttpContextAccessor httpContextAccessor)
+    ITenantProvider tenantProvider)
    : IRequestHandler<ListStoreQualificationsQuery, IReadOnlyList<StoreQualificationDto>>
 {
    /// <inheritdoc />
    public async Task<IReadOnlyList<StoreQualificationDto>> Handle(ListStoreQualificationsQuery request, CancellationToken cancellationToken)
    {
        // 1. 校验门店存在
-        var ignoreTenantFilter = StoreTenantAccess.ShouldIgnoreTenantFilter(httpContextAccessor);
-        var tenantId = ignoreTenantFilter ? 0 : tenantProvider.GetCurrentTenantId();
+        var tenantId = tenantProvider.GetCurrentTenantId();
        var store = await storeRepository.FindByIdAsync(request.StoreId, tenantId, cancellationToken);
        if (store is null)
        {
--- a/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/SearchStoresQueryHandler.cs
+++ b/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/SearchStoresQueryHandler.cs
@@ -1,5 +1,4 @@
 using MediatR;
-using Microsoft.AspNetCore.Http;
 using TakeoutSaaS.Application.App.Stores;
 using TakeoutSaaS.Application.App.Stores.Dto;
 using TakeoutSaaS.Application.App.Stores.Queries;
@@ -14,15 +13,13 @@ namespace TakeoutSaaS.Application.App.Stores.Handlers;
 /// </summary>
 public sealed class SearchStoresQueryHandler(
    IStoreRepository storeRepository,
-    ITenantProvider tenantProvider,
-    IHttpContextAccessor httpContextAccessor)
+    ITenantProvider tenantProvider)
    : IRequestHandler<SearchStoresQuery, PagedResult<StoreDto>>
 {
    /// <inheritdoc />
    public async Task<PagedResult<StoreDto>> Handle(SearchStoresQuery request, CancellationToken cancellationToken)
    {
-        var ignoreTenantFilter = StoreTenantAccess.ShouldIgnoreTenantFilter(httpContextAccessor);
-        var tenantId = ignoreTenantFilter ? 0 : tenantProvider.GetCurrentTenantId();
+        var tenantId = tenantProvider.GetCurrentTenantId();
        var stores = await storeRepository.SearchAsync(
            tenantId,
            request.MerchantId,
@@ -31,7 +28,6 @@ public sealed class SearchStoresQueryHandler(
            request.BusinessStatus,
            request.OwnershipType,
            request.Keyword,
-            ignoreTenantFilter,
            cancellationToken);

        var sorted = ApplySorting(stores, request.SortBy, request.SortDescending);
--- a/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/UpdateStoreCommandHandler.cs
+++ b/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/UpdateStoreCommandHandler.cs
@@ -1,5 +1,4 @@
 using MediatR;
-using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Logging;
 using TakeoutSaaS.Application.App.Stores;
 using TakeoutSaaS.Application.App.Stores.Commands;
@@ -19,7 +18,6 @@ namespace TakeoutSaaS.Application.App.Stores.Handlers;
 public sealed class UpdateStoreCommandHandler(
    IStoreRepository storeRepository,
    ITenantProvider tenantProvider,
-    IHttpContextAccessor httpContextAccessor,
    ILogger<UpdateStoreCommandHandler> logger)
    : IRequestHandler<UpdateStoreCommand, StoreDto?>
 {
@@ -27,8 +25,7 @@ public sealed class UpdateStoreCommandHandler(
    public async Task<StoreDto?> Handle(UpdateStoreCommand request, CancellationToken cancellationToken)
    {
        // 1. 读取门店
-        var ignoreTenantFilter = StoreTenantAccess.ShouldIgnoreTenantFilter(httpContextAccessor);
-        var tenantId = ignoreTenantFilter ? 0 : tenantProvider.GetCurrentTenantId();
+        var tenantId = tenantProvider.GetCurrentTenantId();
        var existing = await storeRepository.FindByIdAsync(request.StoreId, tenantId, cancellationToken);
        if (existing == null)
        {
--- a/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/UpdateStoreDeliveryZoneCommandHandler.cs
+++ b/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/UpdateStoreDeliveryZoneCommandHandler.cs
@@ -1,5 +1,4 @@
 using MediatR;
-using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Logging;
 using TakeoutSaaS.Application.App.Stores;
 using TakeoutSaaS.Application.App.Stores.Commands;
@@ -19,7 +18,6 @@ namespace TakeoutSaaS.Application.App.Stores.Handlers;
 public sealed class UpdateStoreDeliveryZoneCommandHandler(
    IStoreRepository storeRepository,
    ITenantProvider tenantProvider,
-    IHttpContextAccessor httpContextAccessor,
    IGeoJsonValidationService geoJsonValidationService,
    ILogger<UpdateStoreDeliveryZoneCommandHandler> logger)
    : IRequestHandler<UpdateStoreDeliveryZoneCommand, StoreDeliveryZoneDto?>
@@ -28,8 +26,7 @@ public sealed class UpdateStoreDeliveryZoneCommandHandler(
    public async Task<StoreDeliveryZoneDto?> Handle(UpdateStoreDeliveryZoneCommand request, CancellationToken cancellationToken)
    {
        // 1. 读取区域
-        var ignoreTenantFilter = StoreTenantAccess.ShouldIgnoreTenantFilter(httpContextAccessor);
-        var tenantId = ignoreTenantFilter ? 0 : tenantProvider.GetCurrentTenantId();
+        var tenantId = tenantProvider.GetCurrentTenantId();
        var existing = await storeRepository.FindDeliveryZoneByIdAsync(request.DeliveryZoneId, tenantId, cancellationToken);
        if (existing is null)
        {
--- a/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/UpdateStoreFeeCommandHandler.cs
+++ b/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/UpdateStoreFeeCommandHandler.cs
@@ -1,5 +1,4 @@
 using MediatR;
-using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Logging;
 using TakeoutSaaS.Application.App.Stores;
 using TakeoutSaaS.Application.App.Stores.Commands;
@@ -19,7 +18,6 @@ namespace TakeoutSaaS.Application.App.Stores.Handlers;
 public sealed class UpdateStoreFeeCommandHandler(
    IStoreRepository storeRepository,
    ITenantProvider tenantProvider,
-    IHttpContextAccessor httpContextAccessor,
    ILogger<UpdateStoreFeeCommandHandler> logger)
    : IRequestHandler<UpdateStoreFeeCommand, StoreFeeDto>
 {
@@ -27,8 +25,7 @@ public sealed class UpdateStoreFeeCommandHandler(
    public async Task<StoreFeeDto> Handle(UpdateStoreFeeCommand request, CancellationToken cancellationToken)
    {
        // 1. 校验门店状态
-        var ignoreTenantFilter = StoreTenantAccess.ShouldIgnoreTenantFilter(httpContextAccessor);
-        var tenantId = ignoreTenantFilter ? 0 : tenantProvider.GetCurrentTenantId();
+        var tenantId = tenantProvider.GetCurrentTenantId();
        var store = await storeRepository.FindByIdAsync(request.StoreId, tenantId, cancellationToken);
        if (store is null)
        {
--- a/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/UpdateStoreHolidayCommandHandler.cs
+++ b/src/Application/TakeoutSaaS.Application/App/Stores/Handlers/UpdateStoreHolidayCommandHandler.cs
@@ -1,5 +1,4 @@
 using MediatR;
-using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Logging;
 using TakeoutSaaS.Application.App.Stores;
 using TakeoutSaaS.Application.App.Stores.Commands;
@@ -19,21 +18,18 @@ namespace TakeoutSaaS.Application.App.Stores.Handlers;
 public sealed class UpdateStoreHolidayCommandHandler(
    IStoreRepository storeRepository,
    ITenantProvider tenantProvider,
-    IHttpContextAccessor httpContextAccessor,
    ILogger<UpdateStoreHolidayCommandHandler> logger)
    : IRequestHandler<UpdateStoreHolidayCommand, StoreHolidayDto?>
 {
    private readonly IStoreRepository _storeRepository = storeRepository;
    private readonly ITenantProvider _tenantProvider = tenantProvider;
-    private readonly IHttpContextAccessor _httpContextAccessor = httpContextAccessor;
    private readonly ILogger<UpdateStoreHolidayCommandHandler> _logger = logger;

    /// <inheritdoc />
    public async Task<StoreHolidayDto?> Handle(UpdateStoreHolidayCommand request, CancellationToken cancellationToken)
    {
        // 1. 读取配置
-        var ignoreTenantFilter = StoreTenantAccess.ShouldIgnoreTenantFilter(_httpContextAccessor);
-        var tenantId = ignoreTenantFilter ? 0 : _tenantProvider.GetCurrentTenantId();
+        var tenantId = _tenantProvider.GetCurrentTenantId();
        var existing = await _storeRepository.FindHolidayByIdAsync(request.HolidayId, tenantId, cancellationToken);
        if (existing is null)
        {
--- a/src/Application/TakeoutSaaS.Application/App/Stores/Queries/ListExpiringStoreQualificationsQuery.cs
+++ b/src/Application/TakeoutSaaS.Application/App/Stores/Queries/ListExpiringStoreQualificationsQuery.cs
@@ -14,7 +14,7 @@ public sealed record ListExpiringStoreQualificationsQuery : IRequest<StoreQualif
    public int? DaysThreshold { get; init; }

    /// <summary>
-    /// 租户 ID（可选）。
+    /// 租户 ID（可选，默认当前租户；禁止跨租户）。
    /// </summary>
    public long? TenantId { get; init; }

--- a/src/Application/TakeoutSaaS.Application/App/Stores/StoreTenantAccess.cs
+++ b/src/Application/TakeoutSaaS.Application/App/Stores/StoreTenantAccess.cs
@@ -1,12 +0,0 @@
-using Microsoft.AspNetCore.Http;
-
-namespace TakeoutSaaS.Application.App.Stores;
-
-internal static class StoreTenantAccess
-{
-    public static bool ShouldIgnoreTenantFilter(IHttpContextAccessor httpContextAccessor)
-    {
-        // 1. 租户管理端不允许跨租户访问门店数据
-        return false;
-    }
-}
--- a/src/Domain/TakeoutSaaS.Domain/Stores/Repositories/IStoreRepository.cs
+++ b/src/Domain/TakeoutSaaS.Domain/Stores/Repositories/IStoreRepository.cs
@@ -29,7 +29,6 @@ public interface IStoreRepository
        StoreBusinessStatus? businessStatus,
        StoreOwnershipType? ownershipType,
        string? keyword,
-        bool ignoreTenantFilter = false,
        CancellationToken cancellationToken = default);

    /// <summary>
@@ -46,7 +45,7 @@ public interface IStoreRepository
    /// <summary>
    /// 获取指定商户集合的门店数量。
    /// </summary>
-    Task<Dictionary<long, int>> GetStoreCountsAsync(long? tenantId, IReadOnlyCollection<long> merchantIds, CancellationToken cancellationToken = default);
+    Task<Dictionary<long, int>> GetStoreCountsAsync(long tenantId, IReadOnlyCollection<long> merchantIds, CancellationToken cancellationToken = default);

    /// <summary>
    /// 获取门店营业时段。
--- a/src/Infrastructure/TakeoutSaaS.Infrastructure/App/Repositories/EfStoreRepository.cs
+++ b/src/Infrastructure/TakeoutSaaS.Infrastructure/App/Repositories/EfStoreRepository.cs
@@ -19,19 +19,9 @@ public sealed class EfStoreRepository(TakeoutAppDbContext context) : IStoreRepos
    /// <inheritdoc />
    public Task<Store?> FindByIdAsync(long storeId, long tenantId, CancellationToken cancellationToken = default)
    {
-        var query = context.Stores.AsNoTracking();
-        if (tenantId <= 0)
-        {
-            query = query.IgnoreQueryFilters()
-                .Where(x => x.DeletedAt == null);
-        }
-        else
-        {
-            query = query.Where(x => x.TenantId == tenantId);
-        }
-
-        return query
-            .Where(x => x.Id == storeId)
+        return context.Stores
+            .AsNoTracking()
+            .Where(x => x.TenantId == tenantId && x.Id == storeId)
            .FirstOrDefaultAsync(cancellationToken);
    }

@@ -54,19 +44,11 @@ public sealed class EfStoreRepository(TakeoutAppDbContext context) : IStoreRepos
        StoreBusinessStatus? businessStatus,
        StoreOwnershipType? ownershipType,
        string? keyword,
-        bool ignoreTenantFilter = false,
        CancellationToken cancellationToken = default)
    {
-        var query = context.Stores.AsNoTracking();
-        if (ignoreTenantFilter)
-        {
-            query = query.IgnoreQueryFilters()
-                .Where(x => x.DeletedAt == null);
-        }
-        else
-        {
-            query = query.Where(x => x.TenantId == tenantId);
-        }
+        var query = context.Stores
+            .AsNoTracking()
+            .Where(x => x.TenantId == tenantId);

        if (merchantId.HasValue)
        {
@@ -144,22 +126,16 @@ public sealed class EfStoreRepository(TakeoutAppDbContext context) : IStoreRepos
    }

    /// <inheritdoc />
-    public async Task<Dictionary<long, int>> GetStoreCountsAsync(long? tenantId, IReadOnlyCollection<long> merchantIds, CancellationToken cancellationToken = default)
+    public async Task<Dictionary<long, int>> GetStoreCountsAsync(long tenantId, IReadOnlyCollection<long> merchantIds, CancellationToken cancellationToken = default)
    {
        if (merchantIds.Count == 0)
        {
            return new Dictionary<long, int>();
        }

-        var query = context.Stores.AsNoTracking();
-        if (!tenantId.HasValue || tenantId.Value <= 0)
-        {
-            query = query.IgnoreQueryFilters();
-        }
-        else
-        {
-            query = query.Where(x => x.TenantId == tenantId.Value);
-        }
+        var query = context.Stores
+            .AsNoTracking()
+            .Where(x => x.TenantId == tenantId);

        return await query
            .Where(x => merchantIds.Contains(x.MerchantId))
@@ -171,19 +147,9 @@ public sealed class EfStoreRepository(TakeoutAppDbContext context) : IStoreRepos
    /// <inheritdoc />
    public async Task<IReadOnlyList<StoreBusinessHour>> GetBusinessHoursAsync(long storeId, long tenantId, CancellationToken cancellationToken = default)
    {
-        var query = context.StoreBusinessHours.AsNoTracking();
-        if (tenantId <= 0)
-        {
-            query = query.IgnoreQueryFilters()
-                .Where(x => x.DeletedAt == null);
-        }
-        else
-        {
-            query = query.Where(x => x.TenantId == tenantId);
-        }
-
-        var hours = await query
-            .Where(x => x.StoreId == storeId)
+        var hours = await context.StoreBusinessHours
+            .AsNoTracking()
+            .Where(x => x.TenantId == tenantId && x.StoreId == storeId)
            .OrderBy(x => x.DayOfWeek)
            .ThenBy(x => x.StartTime)
            .ToListAsync(cancellationToken);
@@ -194,19 +160,9 @@ public sealed class EfStoreRepository(TakeoutAppDbContext context) : IStoreRepos
    /// <inheritdoc />
    public Task<StoreFee?> GetStoreFeeAsync(long storeId, long tenantId, CancellationToken cancellationToken = default)
    {
-        var query = context.StoreFees.AsNoTracking();
-        if (tenantId <= 0)
-        {
-            query = query.IgnoreQueryFilters()
-                .Where(x => x.DeletedAt == null);
-        }
-        else
-        {
-            query = query.Where(x => x.TenantId == tenantId);
-        }
-
-        return query
-            .Where(x => x.StoreId == storeId)
+        return context.StoreFees
+            .AsNoTracking()
+            .Where(x => x.TenantId == tenantId && x.StoreId == storeId)
            .FirstOrDefaultAsync(cancellationToken);
    }

@@ -226,19 +182,9 @@ public sealed class EfStoreRepository(TakeoutAppDbContext context) : IStoreRepos
    /// <inheritdoc />
    public async Task<IReadOnlyList<StoreQualification>> GetQualificationsAsync(long storeId, long tenantId, CancellationToken cancellationToken = default)
    {
-        var query = context.StoreQualifications.AsNoTracking();
-        if (tenantId <= 0)
-        {
-            query = query.IgnoreQueryFilters()
-                .Where(x => x.DeletedAt == null);
-        }
-        else
-        {
-            query = query.Where(x => x.TenantId == tenantId);
-        }
-
-        var qualifications = await query
-            .Where(x => x.StoreId == storeId)
+        var qualifications = await context.StoreQualifications
+            .AsNoTracking()
+            .Where(x => x.TenantId == tenantId && x.StoreId == storeId)
            .OrderBy(x => x.SortOrder)
            .ThenBy(x => x.QualificationType)
            .ToListAsync(cancellationToken);
@@ -307,19 +253,9 @@ public sealed class EfStoreRepository(TakeoutAppDbContext context) : IStoreRepos
    /// <inheritdoc />
    public async Task<IReadOnlyList<StoreDeliveryZone>> GetDeliveryZonesAsync(long storeId, long tenantId, CancellationToken cancellationToken = default)
    {
-        var query = context.StoreDeliveryZones.AsNoTracking();
-        if (tenantId <= 0)
-        {
-            query = query.IgnoreQueryFilters()
-                .Where(x => x.DeletedAt == null);
-        }
-        else
-        {
-            query = query.Where(x => x.TenantId == tenantId);
-        }
-
-        var zones = await query
-            .Where(x => x.StoreId == storeId)
+        var zones = await context.StoreDeliveryZones
+            .AsNoTracking()
+            .Where(x => x.TenantId == tenantId && x.StoreId == storeId)
            .OrderBy(x => x.SortOrder)
            .ToListAsync(cancellationToken);

@@ -329,38 +265,17 @@ public sealed class EfStoreRepository(TakeoutAppDbContext context) : IStoreRepos
    /// <inheritdoc />
    public Task<StoreDeliveryZone?> FindDeliveryZoneByIdAsync(long deliveryZoneId, long tenantId, CancellationToken cancellationToken = default)
    {
-        var query = context.StoreDeliveryZones.AsQueryable();
-        if (tenantId <= 0)
-        {
-            query = query.IgnoreQueryFilters()
-                .Where(x => x.DeletedAt == null);
-        }
-        else
-        {
-            query = query.Where(x => x.TenantId == tenantId);
-        }
-
-        return query
-            .Where(x => x.Id == deliveryZoneId)
+        return context.StoreDeliveryZones
+            .Where(x => x.TenantId == tenantId && x.Id == deliveryZoneId)
            .FirstOrDefaultAsync(cancellationToken);
    }

    /// <inheritdoc />
    public async Task<IReadOnlyList<StoreHoliday>> GetHolidaysAsync(long storeId, long tenantId, CancellationToken cancellationToken = default)
    {
-        var query = context.StoreHolidays.AsNoTracking();
-        if (tenantId <= 0)
-        {
-            query = query.IgnoreQueryFilters()
-                .Where(x => x.DeletedAt == null);
-        }
-        else
-        {
-            query = query.Where(x => x.TenantId == tenantId);
-        }
-
-        var holidays = await query
-            .Where(x => x.StoreId == storeId)
+        var holidays = await context.StoreHolidays
+            .AsNoTracking()
+            .Where(x => x.TenantId == tenantId && x.StoreId == storeId)
            .OrderBy(x => x.Date)
            .ToListAsync(cancellationToken);

@@ -370,19 +285,8 @@ public sealed class EfStoreRepository(TakeoutAppDbContext context) : IStoreRepos
    /// <inheritdoc />
    public Task<StoreHoliday?> FindHolidayByIdAsync(long holidayId, long tenantId, CancellationToken cancellationToken = default)
    {
-        var query = context.StoreHolidays.AsQueryable();
-        if (tenantId <= 0)
-        {
-            query = query.IgnoreQueryFilters()
-                .Where(x => x.DeletedAt == null);
-        }
-        else
-        {
-            query = query.Where(x => x.TenantId == tenantId);
-        }
-
-        return query
-            .Where(x => x.Id == holidayId)
+        return context.StoreHolidays
+            .Where(x => x.TenantId == tenantId && x.Id == holidayId)
            .FirstOrDefaultAsync(cancellationToken);
    }

@@ -626,19 +530,8 @@ public sealed class EfStoreRepository(TakeoutAppDbContext context) : IStoreRepos
    /// <inheritdoc />
    public async Task DeleteDeliveryZoneAsync(long deliveryZoneId, long tenantId, CancellationToken cancellationToken = default)
    {
-        var query = context.StoreDeliveryZones.AsQueryable();
-        if (tenantId <= 0)
-        {
-            query = query.IgnoreQueryFilters()
-                .Where(x => x.DeletedAt == null);
-        }
-        else
-        {
-            query = query.Where(x => x.TenantId == tenantId);
-        }
-
-        var existing = await query
-            .Where(x => x.Id == deliveryZoneId)
+        var existing = await context.StoreDeliveryZones
+            .Where(x => x.TenantId == tenantId && x.Id == deliveryZoneId)
            .FirstOrDefaultAsync(cancellationToken);

        if (existing != null)
@@ -650,19 +543,8 @@ public sealed class EfStoreRepository(TakeoutAppDbContext context) : IStoreRepos
    /// <inheritdoc />
    public async Task DeleteHolidayAsync(long holidayId, long tenantId, CancellationToken cancellationToken = default)
    {
-        var query = context.StoreHolidays.AsQueryable();
-        if (tenantId <= 0)
-        {
-            query = query.IgnoreQueryFilters()
-                .Where(x => x.DeletedAt == null);
-        }
-        else
-        {
-            query = query.Where(x => x.TenantId == tenantId);
-        }
-
-        var existing = await query
-            .Where(x => x.Id == holidayId)
+        var existing = await context.StoreHolidays
+            .Where(x => x.TenantId == tenantId && x.Id == holidayId)
            .FirstOrDefaultAsync(cancellationToken);

        if (existing != null)