fix(backend): Wave 1 Day 1 三个 P0 D Bug 修复

- W1-T3 修 4 处 fdw_etl.* 必坏残留 → app.* (P0-5 致命 1)
  · tenant_users.py L431/L456-457: v_dim_assistant + v_dim_staff(_ex)
  · tenant_excel.py L394/L411: v_dim_assistant + v_dim_staff
  · tenant_clues.py L119: v_dim_member
  · 修复后 tenant-admin 用户审核 / Excel 上传 / 维客线索恢复正常

- W1-T4 JWT aud sign 端写入 (P0-5 致命 2 最小止血)
  · jwt.py 全部 token 创建/解码函数加 audience 参数
  · auth.py admin 端加 audience="admin"
  · xcx_auth.py miniapp 端加 audience="miniapp" (8 处调用)
  · 18 router 切强制 aud 校验留 Wave 2

- W1-T5 DBViewer 白名单 + 黑名单双保险 (P0-8)
  · 白名单: SELECT/WITH/EXPLAIN/SHOW 开头
  · 黑名单: 17 关键词覆盖全 DML/DDL/DCL
  · 注释剥离避免误伤;15/15 单测 PASS

参考: docs/audit/changes/2026-05-04__wave1_day1_d_bug_triple_fix.md

apps/backend/app/routers/tenant_excel.py

@@ -391,7 +391,7 @@ def match_personnel(
         try:
             with etl_conn.cursor() as cur:
                 cur.execute(
-                    "SELECT assistant_id, nickname, number FROM fdw_etl.v_dim_assistant WHERE scd2_is_current = 1",
+                    "SELECT assistant_id, nickname, number FROM app.v_dim_assistant WHERE scd2_is_current = 1",
                 )
                 for aid, nickname, number in cur.fetchall():
                     if nickname and number:
@@ -408,7 +408,7 @@ def match_personnel(
         try:
             with etl_conn.cursor() as cur:
                 cur.execute(
-                    "SELECT staff_id, name, number FROM fdw_etl.v_dim_staff",
+                    "SELECT staff_id, name, number FROM app.v_dim_staff",
                 )
                 for sid, name, number in cur.fetchall():
                     if name and number: