feat(user): 新增用户管理功能

- 添加用户新增、编辑和删除功能
- 实现用户权限控制
- 优化用户列表展示和查询
- 新增登录页面和相关功能

servo/src/main/java/com/yvan/workbench/autoconfigure/AppAutoConfiguration.java

@@ -18,6 +18,7 @@ import org.clever.core.AppContextHolder;
 import org.clever.core.Assert;
 import org.clever.core.ResourcePathUtils;
 import org.clever.core.json.jackson.JacksonConfig;
+import org.clever.core.mapper.JacksonMapper;
 import org.clever.core.reflection.ReflectionsUtils;
 import org.clever.core.task.StartupTaskBootstrap;
 import org.clever.data.jdbc.JdbcBootstrap;
@@ -300,6 +301,7 @@ public class AppAutoConfiguration {
         JavalinConfig javalinConfig = new JavalinConfig();
         ApplyWebConfig.applyConfig(appBasicsConfig.getRootPath(), webConfig, javalinConfig);
         // 修正 ObjectMapper、JsonMapper 属性
+        JacksonMapper.configure(webServerMapper);
         JsonMapper jsonMapper = new JavalinJackson(webServerMapper, webConfig.isUseVirtualThreads());
         jackson.apply(webServerMapper);
         javalinConfig.jsonMapper(jsonMapper);

servo/src/main/java/com/yvan/workbench/controller/UserPermissions.java

@@ -1,13 +1,31 @@
 package com.yvan.workbench.controller;
 
 import com.querydsl.sql.SQLQuery;
+import com.yvan.workbench.model.request.AddUserReq;
 import com.yvan.workbench.model.request.QueryUserReq;
+import com.yvan.workbench.model.request.UpdateUserReq;
+import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
+import org.clever.core.Assert;
+import org.clever.core.Conv;
+import org.clever.core.id.SnowFlake;
+import org.clever.core.mapper.BeanCopyUtils;
+import org.clever.core.mapper.JacksonMapper;
 import org.clever.core.model.request.QueryByPage;
+import org.clever.core.model.response.R;
 import org.clever.data.jdbc.DaoFactory;
 import org.clever.data.jdbc.QueryDSL;
 import org.clever.data.jdbc.querydsl.utils.QueryDslUtils;
+import org.clever.security.SecurityContextHolder;
 import org.clever.security.impl.model.entity.SysUser;
+import org.clever.security.model.SecurityContext;
+import org.clever.web.mvc.annotation.RequestBody;
+import org.clever.web.mvc.annotation.RequestParam;
+import org.clever.web.mvc.annotation.Transactional;
+import org.clever.web.mvc.annotation.Validated;
+
+import java.util.Map;
+import java.util.Objects;
 
 import static org.clever.security.impl.model.query.QSysUser.sysUser;
 
@@ -15,6 +33,7 @@ import static org.clever.security.impl.model.query.QSysUser.sysUser;
  * 作者：lizw <br/>
  * 创建时间：2025/06/26 16:50 <br/>
  */
+@Slf4j
 public class UserPermissions {
     private static final QueryDSL QUERY_DSL = DaoFactory.getQueryDSL();
 
@@ -27,6 +46,42 @@ public class UserPermissions {
         if (req.getIsEnable() != null) {
             query.where(sysUser.isEnable.eq(req.getIsEnable()));
         }
-        return QueryDslUtils.queryByPage(query, queryByPage);
+        Object res = QueryDslUtils.queryByPage(query, queryByPage);
+        log.info("--> {}", JacksonMapper.getInstance().toJson(res));
+        return res;
+    }
+
+    @Transactional
+    public static R<?> addUser(@RequestBody @Validated AddUserReq req) {
+        SecurityContext securityContext = SecurityContextHolder.getContext();
+        long count = QUERY_DSL.selectFrom(sysUser).where(sysUser.loginName.eq(req.getLoginName())).fetchCount();
+        Assert.isTrue(count <= 0, "用户登录名已经存在：" + req.getLoginName());
+        SysUser user = BeanCopyUtils.mapper(SysUser.class, req);
+        user.setId(SnowFlake.SNOW_FLAKE.nextId());
+        user.setCreateBy(securityContext.getUserInfo().getUserId());
+        QUERY_DSL.insert(sysUser).populate(user).execute();
+        return R.success();
+    }
+
+    @Transactional
+    public static R<?> updateUser(@RequestBody @Validated UpdateUserReq req) {
+        SecurityContext securityContext = SecurityContextHolder.getContext();
+        SysUser oldUser = QUERY_DSL.selectFrom(sysUser).where(sysUser.loginName.eq(req.getLoginName())).fetchOne();
+        Assert.notNull(oldUser, "用户不存在：" + req.getLoginName());
+        SysUser user = BeanCopyUtils.mapper(SysUser.class, req);
+        user.setUpdateBy(securityContext.getUserInfo().getUserId());
+        QUERY_DSL.update(sysUser).populate(user).where(sysUser.id.eq(oldUser.getId())).execute();
+        return R.success();
+    }
+
+    @Transactional
+    public static R<?> delUser(@RequestParam Map<String, Object> req) {
+        long id = Conv.asLong(req.get("id"));
+        Assert.isTrue(
+                !Objects.equals(id, SecurityContextHolder.getUserInfo().getUserId()),
+                "不能删除当前登录的用户"
+        );
+        QUERY_DSL.delete(sysUser).where(sysUser.id.eq(id)).execute();
+        return R.success();
     }
 }

servo/src/main/java/com/yvan/workbench/model/request/AddUserReq.java

@@ -0,0 +1,33 @@
+package com.yvan.workbench.model.request;
+
+import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.NotNull;
+import lombok.Data;
+
+/**
+ * 作者：lizw <br/>
+ * 创建时间：2025/06/27 14:10 <br/>
+ */
+@Data
+public class AddUserReq {
+    /**
+     * 用户登录名(允许修改)
+     */
+    @NotBlank
+    private String loginName;
+    /**
+     * 登录密码
+     */
+    @NotBlank
+    private String password;
+    /**
+     * 登录名
+     */
+    @NotBlank
+    private String userName;
+    /**
+     * 是否启用: 0:禁用，1:启用
+     */
+    @NotNull
+    private Integer isEnable;
+}

servo/src/main/java/com/yvan/workbench/model/request/UpdateUserReq.java

@@ -0,0 +1,33 @@
+package com.yvan.workbench.model.request;
+
+import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.NotNull;
+import lombok.Data;
+
+/**
+ * 作者：lizw <br/>
+ * 创建时间：2025/06/27 15:37 <br/>
+ */
+@Data
+public class UpdateUserReq {
+    /**
+     * 用户登录名(允许修改)
+     */
+    @NotBlank
+    private String loginName;
+    /**
+     * 登录密码
+     */
+    @NotBlank
+    private String password;
+    /**
+     * 登录名
+     */
+    @NotBlank
+    private String userName;
+    /**
+     * 是否启用: 0:禁用，1:启用
+     */
+    @NotNull
+    private Integer isEnable;
+}

servo/src/main/resources/application.yml

@@ -141,8 +141,6 @@ web:
       read-only: false
   security:
     ignore-paths:
-      - '/api/**'
-      - '/ok'
       - '/favicon.ico'
       - '/dist/**'
       - '/static/**'
@@ -163,7 +161,8 @@ web:
       - '/**/.git'
       - '/ok'
     ignore-auth-paths: ['/ok']
-    ignore-auth-failed-paths: [ ]
+    ignore-auth-failed-paths:
+      - '/api/**'
     current-user-path: '/api/current_user'
     login:
       paths: [ '/api/login' ]

servo/src/test/java/com/yvan/workbench/JsTest.java

@@ -2,6 +2,7 @@ package com.yvan.workbench;
 
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.pool2.impl.GenericObjectPoolConfig;
+import org.clever.core.mapper.JacksonMapper;
 import org.clever.js.api.ScriptEngineInstance;
 import org.clever.js.api.ScriptObject;
 import org.clever.js.api.folder.FileSystemFolder;
@@ -16,6 +17,8 @@ import org.junit.jupiter.api.Test;
 
 import java.io.File;
 import java.time.Duration;
+import java.util.HashMap;
+import java.util.Map;
 
 @Slf4j
 public class JsTest {
@@ -58,4 +61,11 @@ public class JsTest {
         pool.close();
         factory.close();
     }
+
+    @Test
+    public void test03() {
+        Map<String, Object> map = new HashMap<>();
+        map.put("a", 1L);
+        log.info("--> {}", JacksonMapper.getInstance().toJson(map));
+    }
 }