diff --git a/servo/src/main/java/com/yvan/workbench/autoconfigure/AppAutoConfiguration.java b/servo/src/main/java/com/yvan/workbench/autoconfigure/AppAutoConfiguration.java
index 4d5cb8e..9845384 100644
--- a/servo/src/main/java/com/yvan/workbench/autoconfigure/AppAutoConfiguration.java
+++ b/servo/src/main/java/com/yvan/workbench/autoconfigure/AppAutoConfiguration.java
@@ -17,8 +17,10 @@ import org.clever.core.AppBasicsConfig;
 import org.clever.core.AppContextHolder;
 import org.clever.core.Assert;
 import org.clever.core.ResourcePathUtils;
+import org.clever.core.exception.ExceptionUtils;
 import org.clever.core.json.jackson.JacksonConfig;
 import org.clever.core.mapper.JacksonMapper;
+import org.clever.core.model.response.ErrorResponse;
 import org.clever.core.reflection.ReflectionsUtils;
 import org.clever.core.task.StartupTaskBootstrap;
 import org.clever.data.jdbc.JdbcBootstrap;
@@ -33,6 +35,7 @@ import org.clever.web.config.HttpConfig;
 import org.clever.web.config.WebConfig;
 import org.clever.web.filter.*;
 import org.clever.web.utils.ApplyWebConfig;
+import org.clever.web.utils.GlobalExceptionHandler;
 import org.springframework.boot.autoconfigure.AutoConfigureOrder;
 import org.springframework.boot.context.properties.bind.Binder;
 import org.springframework.boot.web.servlet.FilterRegistrationBean;
@@ -122,10 +125,10 @@ public class AppAutoConfiguration {
     public MultipartConfigElement multipartConfigElement(AppBasicsConfig appBasicsConfig, WebConfig webConfig) {
         HttpConfig.Multipart multipart = webConfig.getHttp().getMultipart();
         return new MultipartConfigElement(
-            ResourcePathUtils.getAbsolutePath(appBasicsConfig.getRootPath(), multipart.getLocation()),
-            multipart.getMaxFileSize().toBytes(),
-            multipart.getMaxTotalRequestSize().toBytes(),
-            (int) multipart.getMaxInMemoryFileSize().toBytes()
+                ResourcePathUtils.getAbsolutePath(appBasicsConfig.getRootPath(), multipart.getLocation()),
+                multipart.getMaxFileSize().toBytes(),
+                multipart.getMaxTotalRequestSize().toBytes(),
+                (int) multipart.getMaxInMemoryFileSize().toBytes()
         );
     }
 
@@ -193,6 +196,13 @@ public class AppAutoConfiguration {
 
     @Bean
     public FilterRegistrationBean<HttpFilter> exceptionHandlerFilter() {
+        GlobalExceptionHandler.clearHandler();
+        GlobalExceptionHandler.setDefaultHandler((exception, request, response) -> {
+            ErrorResponse res = GlobalExceptionHandler.newErrorResponse(request, exception);
+            res.setMessage(exception.getMessage());
+            res.setError(ExceptionUtils.getStackTraceAsString(exception));
+            return res;
+        });
         FilterRegistrationBean<HttpFilter> filterBean = new FilterRegistrationBean<>();
         filterBean.setOrder(Ordered.HIGHEST_PRECEDENCE + 300);
         filterBean.addUrlPatterns(PathConstants.ALL);
diff --git a/servo/src/main/java/com/yvan/workbench/controller/UserPermissions.java b/servo/src/main/java/com/yvan/workbench/controller/UserPermissions.java
index c805350..bfb089a 100644
--- a/servo/src/main/java/com/yvan/workbench/controller/UserPermissions.java
+++ b/servo/src/main/java/com/yvan/workbench/controller/UserPermissions.java
@@ -1,22 +1,20 @@
 package com.yvan.workbench.controller;
 
 import com.querydsl.sql.SQLQuery;
-import com.yvan.workbench.model.request.AddUserReq;
-import com.yvan.workbench.model.request.QueryUserReq;
-import com.yvan.workbench.model.request.UpdateUserReq;
+import com.yvan.workbench.model.request.*;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.clever.core.Assert;
 import org.clever.core.Conv;
 import org.clever.core.id.SnowFlake;
 import org.clever.core.mapper.BeanCopyUtils;
-import org.clever.core.mapper.JacksonMapper;
 import org.clever.core.model.request.QueryByPage;
 import org.clever.core.model.response.R;
 import org.clever.data.jdbc.DaoFactory;
 import org.clever.data.jdbc.QueryDSL;
 import org.clever.data.jdbc.querydsl.utils.QueryDslUtils;
 import org.clever.security.SecurityContextHolder;
+import org.clever.security.impl.model.entity.SysRole;
 import org.clever.security.impl.model.entity.SysUser;
 import org.clever.security.model.SecurityContext;
 import org.clever.web.mvc.annotation.RequestBody;
@@ -27,6 +25,7 @@ import org.clever.web.mvc.annotation.Validated;
 import java.util.Map;
 import java.util.Objects;
 
+import static org.clever.security.impl.model.query.QSysRole.sysRole;
 import static org.clever.security.impl.model.query.QSysUser.sysUser;
 
 /**
@@ -46,9 +45,7 @@ public class UserPermissions {
         if (req.getIsEnable() != null) {
             query.where(sysUser.isEnable.eq(req.getIsEnable()));
         }
-        Object res = QueryDslUtils.queryByPage(query, queryByPage);
-        log.info("--> {}", JacksonMapper.getInstance().toJson(res));
-        return res;
+        return QueryDslUtils.queryByPage(query, queryByPage);
     }
 
     @Transactional
@@ -84,4 +81,46 @@ public class UserPermissions {
         QUERY_DSL.delete(sysUser).where(sysUser.id.eq(id)).execute();
         return R.success();
     }
+
+    public static Object queryRole(QueryRoleReq req) {
+        QueryByPage queryByPage = QueryByPage.getCurrent();
+        SQLQuery<SysRole> query = QUERY_DSL.selectFrom(sysRole);
+        if (StringUtils.isNotBlank(req.getRoleCode())) {
+            query.where(sysRole.roleCode.eq(req.getRoleCode().trim()));
+        }
+        if (req.getIsEnable() != null) {
+            query.where(sysRole.isEnable.eq(req.getIsEnable()));
+        }
+        return QueryDslUtils.queryByPage(query, queryByPage);
+    }
+
+    @Transactional
+    public static R<?> addRole(@RequestBody @Validated AddRoleReq req) {
+        SecurityContext securityContext = SecurityContextHolder.getContext();
+        long count = QUERY_DSL.selectFrom(sysRole).where(sysRole.roleCode.eq(req.getRoleCode())).fetchCount();
+        Assert.isTrue(count <= 0, "角色编号已经存在：" + req.getRoleCode());
+        SysRole role = BeanCopyUtils.mapper(SysRole.class, req);
+        role.setId(SnowFlake.SNOW_FLAKE.nextId());
+        role.setCreateBy(securityContext.getUserInfo().getUserId());
+        QUERY_DSL.insert(sysRole).populate(role).execute();
+        return R.success();
+    }
+
+    @Transactional
+    public static R<?> updateRole(@RequestBody @Validated UpdateRoleReq req) {
+        SecurityContext securityContext = SecurityContextHolder.getContext();
+        SysRole oldRole = QUERY_DSL.selectFrom(sysRole).where(sysRole.roleCode.eq(req.getRoleCode())).fetchOne();
+        Assert.notNull(oldRole, "角色不存在：" + req.getRoleCode());
+        SysRole role = BeanCopyUtils.mapper(SysRole.class, req);
+        role.setUpdateBy(securityContext.getUserInfo().getUserId());
+        QUERY_DSL.update(sysRole).populate(role).where(sysRole.id.eq(oldRole.getId())).execute();
+        return R.success();
+    }
+
+    @Transactional
+    public static R<?> delRole(@RequestParam Map<String, Object> req) {
+        long id = Conv.asLong(req.get("id"));
+        QUERY_DSL.delete(sysRole).where(sysRole.id.eq(id)).execute();
+        return R.success();
+    }
 }
diff --git a/servo/src/main/java/com/yvan/workbench/model/request/AddRoleReq.java b/servo/src/main/java/com/yvan/workbench/model/request/AddRoleReq.java
new file mode 100644
index 0000000..f3ebcde
--- /dev/null
+++ b/servo/src/main/java/com/yvan/workbench/model/request/AddRoleReq.java
@@ -0,0 +1,22 @@
+package com.yvan.workbench.model.request;
+
+import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.NotNull;
+import lombok.Data;
+
+/**
+ * 作者：lizw <br/>
+ * 创建时间：2025/06/30 13:52 <br/>
+ */
+@Data
+public class AddRoleReq {
+    /** 角色编号 */
+    @NotBlank
+    private String roleCode;
+    /** 角色名称 */
+    @NotBlank
+    private String roleName;
+    /** 是否启用: 0:禁用，1:启用 */
+    @NotNull
+    private Integer isEnable;
+}
diff --git a/servo/src/main/java/com/yvan/workbench/model/request/QueryRoleReq.java b/servo/src/main/java/com/yvan/workbench/model/request/QueryRoleReq.java
new file mode 100644
index 0000000..1ae3492
--- /dev/null
+++ b/servo/src/main/java/com/yvan/workbench/model/request/QueryRoleReq.java
@@ -0,0 +1,15 @@
+package com.yvan.workbench.model.request;
+
+import lombok.Data;
+
+/**
+ * 作者：lizw <br/>
+ * 创建时间：2025/06/27 17:59 <br/>
+ */
+@Data
+public class QueryRoleReq {
+    /** 角色编号 */
+    private String roleCode;
+    /** 是否启用: 0:禁用，1:启用 */
+    private Integer isEnable;
+}
diff --git a/servo/src/main/java/com/yvan/workbench/model/request/UpdateRoleReq.java b/servo/src/main/java/com/yvan/workbench/model/request/UpdateRoleReq.java
new file mode 100644
index 0000000..9564d9e
--- /dev/null
+++ b/servo/src/main/java/com/yvan/workbench/model/request/UpdateRoleReq.java
@@ -0,0 +1,25 @@
+package com.yvan.workbench.model.request;
+
+import jakarta.validation.constraints.NotBlank;
+import lombok.Data;
+
+/**
+ * 作者：lizw <br/>
+ * 创建时间：2025/06/30 13:57 <br/>
+ */
+@Data
+public class UpdateRoleReq {
+    /**
+     * 角色编号
+     */
+    @NotBlank
+    private String roleCode;
+    /**
+     * 角色名称
+     */
+    private String roleName;
+    /**
+     * 是否启用: 0:禁用，1:启用
+     */
+    private Integer isEnable;
+}