first commit

2025-03-21 11:05:42 +08:00
commit 7dffc94035
1717 changed files with 724764 additions and 0 deletions
--- a/internal/router/manage/system/sys_audit_log.go
+++ b/internal/router/manage/system/sys_audit_log.go
@@ -0,0 +1,43 @@
+package system
+
+import (
+	"net/http"
+
+	"management/internal/db/model/dto"
+	"management/internal/router/manage/util"
+	systemservice "management/internal/service/system"
+	"management/internal/tpl"
+)
+
+type SysAuditLogHandler struct{}
+
+func NewSysAuditLogHandler() *SysAuditLogHandler {
+	return &SysAuditLogHandler{}
+}
+
+func (h *SysAuditLogHandler) List(w http.ResponseWriter, r *http.Request) {
+	tpl.HTML(w, r, "audit_log/list.tmpl", nil)
+}
+
+func (h *SysAuditLogHandler) PostList(w http.ResponseWriter, r *http.Request) {
+	var q dto.SearchDto
+	q.SearchTimeBegin, q.SearchTimeEnd = util.DefaultStartTimeAndEndTime(r.PostFormValue("SearchTimeBegin"), r.PostFormValue("SearchTimeEnd"))
+	q.SearchName = r.PostFormValue("SearchName")
+	q.SearchKey = r.PostFormValue("SearchKey")
+	q.Page = util.ConvertInt(r.PostFormValue("page"), 1)
+	q.Rows = util.ConvertInt(r.PostFormValue("rows"), 10)
+	ctx := r.Context()
+	res, count, err := systemservice.ListSysAuditLog(ctx, q)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	data := tpl.ResponseList{
+		Code:    0,
+		Message: "ok",
+		Count:   count,
+		Data:    res,
+	}
+	tpl.JSON(w, data)
+}
--- a/internal/router/manage/system/sys_config.go
+++ b/internal/router/manage/system/sys_config.go
@@ -0,0 +1,166 @@
+package system
+
+import (
+	"encoding/json"
+	"net/http"
+	"strings"
+
+	"management/internal/db/model/dto"
+	db "management/internal/db/sqlc"
+	"management/internal/global/pearadmin"
+	"management/internal/pkg/redis"
+	"management/internal/router/manage/util"
+	systemservice "management/internal/service/system"
+	"management/internal/tpl"
+)
+
+type SysConfigHandler struct{}
+
+func NewSysConfigHandler() *SysConfigHandler {
+	return &SysConfigHandler{}
+}
+
+func (h *SysConfigHandler) Pear(w http.ResponseWriter, r *http.Request) {
+	ctx := r.Context()
+	pear, err := systemservice.PearConfig(ctx)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	tpl.JSON(w, pear)
+}
+
+func (h *SysConfigHandler) List(w http.ResponseWriter, r *http.Request) {
+	tpl.HTML(w, r, "config/list.tmpl", nil)
+}
+
+func (h *SysConfigHandler) PostList(w http.ResponseWriter, r *http.Request) {
+	var q dto.SearchDto
+	q.SearchKey = r.PostFormValue("SearchKey")
+	q.Page = util.ConvertInt(r.PostFormValue("page"), 1)
+	q.Rows = util.ConvertInt(r.PostFormValue("rows"), 10)
+	ctx := r.Context()
+	res, count, err := systemservice.ListSysConfigCondition(ctx, q)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	data := tpl.ResponseList{
+		Code:    0,
+		Message: "ok",
+		Count:   count,
+		Data:    res,
+	}
+	tpl.JSON(w, data)
+}
+
+type EditSysConfig struct {
+	*db.SysConfig
+	Result string
+}
+
+func (h *SysConfigHandler) Add(w http.ResponseWriter, r *http.Request) {
+	tpl.HTML(w, r, "config/edit.tmpl", map[string]any{
+		"Item":   &db.SysConfig{},
+		"Result": "",
+	})
+}
+
+func (h *SysConfigHandler) Edit(w http.ResponseWriter, r *http.Request) {
+	vars := r.URL.Query()
+	id := util.DefaultInt(vars, "id", 0)
+	vm := &EditSysConfig{}
+	if id > 0 {
+		ctx := r.Context()
+		if conf, err := systemservice.GetSysConfig(ctx, int32(id)); err == nil {
+			vm.SysConfig = conf
+			vm.Result = string(conf.Value)
+		}
+	}
+	tpl.HTML(w, r, "config/edit.tmpl", map[string]any{
+		"Item":   vm.SysConfig,
+		"Result": vm.Result,
+	})
+}
+
+func (h *SysConfigHandler) Save(w http.ResponseWriter, r *http.Request) {
+	id := util.ConvertInt(r.PostFormValue("ID"), 0)
+	key := r.PostFormValue("Key")
+	value := r.PostFormValue("Value")
+	if len(key) == 0 {
+		tpl.JSON(w, tpl.Response{Success: false, Message: "Key不能为空"})
+		return
+	}
+	if len(value) == 0 {
+		tpl.JSON(w, tpl.Response{Success: false, Message: "Value不能为空"})
+		return
+	}
+
+	ctx := r.Context()
+	if id == 0 {
+		arg := &db.CreateSysConfigParams{
+			Key:   key,
+			Value: []byte(value),
+		}
+		err := systemservice.CreateSysConfig(ctx, arg)
+		if err != nil {
+			if db.IsUniqueViolation(err) {
+				tpl.JSON(w, tpl.Response{Success: false, Message: "数据已存在"})
+				return
+			}
+			tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+			return
+		}
+
+		tpl.JSON(w, tpl.Response{Success: true, Message: "添加成功"})
+	} else {
+		res, err := systemservice.GetSysConfig(ctx, int32(id))
+		if err != nil {
+			tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+			return
+		}
+
+		arg := &db.UpdateSysConfigByKeyParams{
+			Key:   res.Key,
+			Value: []byte(value),
+		}
+		err = systemservice.UpdateSysConfigByKey(ctx, arg)
+		if err != nil {
+			tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+			return
+		}
+
+		tpl.JSON(w, tpl.Response{Success: true, Message: "更新成功"})
+	}
+}
+
+func (h *SysConfigHandler) ResetPear(w http.ResponseWriter, r *http.Request) {
+	b, err := json.Marshal(pearadmin.PearJson)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	ctx := r.Context()
+	err = systemservice.UpdateSysConfigByKey(ctx, &db.UpdateSysConfigByKeyParams{
+		Key:   pearadmin.PearKey,
+		Value: b,
+	})
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	tpl.JSON(w, tpl.Response{Success: true, Message: "重置成功"})
+}
+
+func (h *SysConfigHandler) Refresh(w http.ResponseWriter, r *http.Request) {
+	key := r.FormValue("key")
+	err := redis.Del(r.Context(), strings.ToLower(key))
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	tpl.JSON(w, tpl.Response{Success: true, Message: "刷新成功"})
+}
--- a/internal/router/manage/system/sys_department.go
+++ b/internal/router/manage/system/sys_department.go
@@ -0,0 +1,177 @@
+package system
+
+import (
+	"fmt"
+	"net/http"
+	"time"
+
+	"management/internal/db/model/dto"
+	db "management/internal/db/sqlc"
+	"management/internal/router/manage/util"
+	systemservice "management/internal/service/system"
+	"management/internal/tpl"
+)
+
+type SysDepartmentHandler struct{}
+
+func NewSysDepartmentHandler() *SysDepartmentHandler {
+	return &SysDepartmentHandler{}
+}
+
+func (h *SysDepartmentHandler) List(w http.ResponseWriter, r *http.Request) {
+	tpl.HTML(w, r, "department/list.tmpl", nil)
+}
+
+func (h *SysDepartmentHandler) PostList(w http.ResponseWriter, r *http.Request) {
+	var q dto.SearchDto
+	q.SearchStatus = util.ConvertInt(r.PostFormValue("SearchStatus"), 9999)
+	q.SearchParentID = util.ConvertInt(r.PostFormValue("SearchParentID"), 0)
+	q.SearchName = r.PostFormValue("SearchName")
+	q.SearchKey = r.PostFormValue("SearchKey")
+	q.Page = util.ConvertInt(r.PostFormValue("page"), 1)
+	q.Rows = util.ConvertInt(r.PostFormValue("rows"), 10)
+	res, count, err := systemservice.ListSysDepartmentCondition(r.Context(), q)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	data := tpl.ResponseList{
+		Code:    0,
+		Message: "ok",
+		Count:   count,
+		Data:    res,
+	}
+	tpl.JSON(w, data)
+}
+
+func (h *SysDepartmentHandler) Add(w http.ResponseWriter, r *http.Request) {
+	tpl.HTML(w, r, "department/edit.tmpl", map[string]any{
+		"Item": &db.SysDepartment{Sort: 6666},
+	})
+}
+
+func (h *SysDepartmentHandler) AddChildren(w http.ResponseWriter, r *http.Request) {
+	vars := r.URL.Query()
+	parentID := util.DefaultInt(vars, "parentID", 0)
+	vm := &db.SysDepartment{ParentID: int32(parentID), Sort: 6666}
+	tpl.HTML(w, r, "department/edit.tmpl", map[string]any{
+		"Item": vm,
+	})
+}
+
+func (h *SysDepartmentHandler) Edit(w http.ResponseWriter, r *http.Request) {
+	vars := r.URL.Query()
+	id := util.DefaultInt(vars, "id", 0)
+	vm := &db.SysDepartment{Sort: 6666}
+	if id > 0 {
+		vm, _ = systemservice.GetSysDepartment(r.Context(), int32(id))
+	}
+	tpl.HTML(w, r, "department/edit.tmpl", map[string]any{
+		"Item": vm,
+	})
+}
+
+func (h *SysDepartmentHandler) Save(w http.ResponseWriter, r *http.Request) {
+	id := util.ConvertInt(r.PostFormValue("ID"), 0)
+	ParentID := util.ConvertInt(r.PostFormValue("ParentID"), 0)
+	name := r.PostFormValue("Name")
+	sort := util.ConvertInt(r.PostFormValue("Sort"), 6666)
+	status := util.ConvertInt(r.PostFormValue("Status"), 9999)
+
+	ctx := r.Context()
+	var parent *db.SysDepartment
+	if ParentID > 0 {
+		var err error
+		parent, err = systemservice.GetSysDepartment(ctx, int32(ParentID))
+		if err != nil {
+			tpl.JSON(w, tpl.Response{Success: false, Message: "父级节点错误"})
+			return
+		}
+	}
+
+	if id == 0 {
+		arg := db.CreateSysDepartmentParams{
+			Name:       name,
+			ParentID:   int32(ParentID),
+			ParentPath: fmt.Sprintf("%s,%d,", parent.ParentPath, parent.ID),
+			Status:     int32(status),
+			Sort:       int32(sort),
+			CreatedAt:  time.Now(),
+			UpdatedAt:  time.Now(),
+		}
+		_, err := systemservice.CreateSysDepartment(ctx, &arg)
+		if err != nil {
+			if db.IsUniqueViolation(err) {
+				tpl.JSON(w, tpl.Response{Success: false, Message: "部门名称已存在"})
+				return
+			}
+			tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+			return
+		}
+
+		tpl.JSON(w, tpl.Response{Success: true, Message: "添加成功"})
+	} else {
+		res, err := systemservice.GetSysDepartment(ctx, int32(id))
+		if err != nil {
+			tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+			return
+		}
+
+		arg := &db.UpdateSysDepartmentParams{
+			ID:         res.ID,
+			Name:       name,
+			ParentID:   int32(ParentID),
+			ParentPath: fmt.Sprintf("%s,%d,", parent.ParentPath, parent.ID),
+			Status:     int32(status),
+			Sort:       int32(sort),
+			UpdatedAt:  time.Now(),
+		}
+		_, err = systemservice.UpdateSysDepartment(ctx, arg)
+		if err != nil {
+			tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+			return
+		}
+
+		tpl.JSON(w, tpl.Response{Success: true, Message: "更新成功"})
+	}
+}
+
+func (h *SysDepartmentHandler) DTree(w http.ResponseWriter, r *http.Request) {
+	ctx := r.Context()
+	res, err := systemservice.DTreeSysDepartment(ctx, 0)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	rsp := tpl.ResponseDtree{
+		Status: tpl.ResponseDtreeStatus{
+			Code:    200,
+			Message: "OK",
+		},
+		Data: res,
+	}
+	tpl.JSON(w, rsp)
+}
+
+func (h *SysDepartmentHandler) Refresh(w http.ResponseWriter, r *http.Request) {
+	ctx := r.Context()
+	err := systemservice.RefreshSysDepartment(ctx)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	tpl.JSON(w, tpl.Response{Success: true, Message: "刷新成功"})
+}
+
+func (h *SysDepartmentHandler) RebuildParentPath(w http.ResponseWriter, r *http.Request) {
+	ctx := r.Context()
+	err := systemservice.RebuildSysDepartmentParentPath(ctx)
+	if err != nil {
+		tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+		return
+	}
+
+	tpl.JSON(w, tpl.Response{Success: true, Message: "重建成功"})
+}
--- a/internal/router/manage/system/sys_menu.go
+++ b/internal/router/manage/system/sys_menu.go
@@ -0,0 +1,227 @@
+package system
+
+import (
+	"encoding/json"
+	"net/http"
+	"strconv"
+	"strings"
+	"time"
+
+	"management/internal/db/model/dto"
+	db "management/internal/db/sqlc"
+	"management/internal/global/auth"
+	"management/internal/pkg/session"
+	"management/internal/router/manage/util"
+	systemservice "management/internal/service/system"
+	"management/internal/tpl"
+
+	"github.com/google/uuid"
+)
+
+type SysMenuHandler struct{}
+
+func NewSysMenuHandler() *SysMenuHandler {
+	return &SysMenuHandler{}
+}
+
+func (h *SysMenuHandler) Tree(w http.ResponseWriter, r *http.Request) {
+	ctx := r.Context()
+	vars := r.URL.Query()
+	id := util.DefaultInt(vars, "id", 0)
+	res, err := systemservice.ToTreeMenu(ctx, id, true)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	tpl.JSON(w, res)
+}
+
+func (h *SysMenuHandler) List(w http.ResponseWriter, r *http.Request) {
+	tpl.HTML(w, r, "menu/list.tmpl", nil)
+}
+
+func (h *SysMenuHandler) PostList(w http.ResponseWriter, r *http.Request) {
+	ctx := r.Context()
+	res, err := systemservice.ListMenuTree(ctx)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	data := tpl.ResponseList{
+		Code:    0,
+		Message: "ok",
+		Count:   0,
+		Data:    res,
+	}
+	tpl.JSON(w, data)
+}
+
+func (h *SysMenuHandler) Add(w http.ResponseWriter, r *http.Request) {
+	tpl.HTML(w, r, "menu/edit.tmpl", map[string]any{
+		"Item": &db.SysMenu{Style: "pear-btn-primary pear-btn-sm", Visible: true, Sort: 6666},
+	})
+}
+
+func (h *SysMenuHandler) AddChildren(w http.ResponseWriter, r *http.Request) {
+	vars := r.URL.Query()
+	parentID := util.DefaultInt(vars, "parentID", 0)
+	vm := &db.SysMenu{ParentID: int32(parentID), Style: "pear-btn-primary pear-btn-sm", Visible: true, Sort: 6666}
+	ctx := r.Context()
+	parent, err := systemservice.GetSysMenu(ctx, int32(parentID))
+	if err == nil {
+		if parent.Type == "node" {
+			vm.Type = "menu"
+		} else if parent.Type == "menu" {
+			vm.Type = "btn"
+		}
+	}
+	tpl.HTML(w, r, "menu/edit.tmpl", map[string]any{
+		"Item": vm,
+	})
+}
+
+func (h *SysMenuHandler) Edit(w http.ResponseWriter, r *http.Request) {
+	vars := r.URL.Query()
+	id := util.DefaultInt(vars, "id", 0)
+	vm := &db.SysMenu{Style: "pear-btn-primary pear-btn-sm", Sort: 6666}
+	if id > 0 {
+		ctx := r.Context()
+		vm, _ = systemservice.GetSysMenu(ctx, int32(id))
+	}
+	tpl.HTML(w, r, "menu/edit.tmpl", map[string]any{
+		"Item": vm,
+	})
+}
+
+func (h *SysMenuHandler) Save(w http.ResponseWriter, r *http.Request) {
+	id := util.ConvertInt(r.PostFormValue("ID"), 0)
+	name := r.PostFormValue("Name")
+	dispalyName := r.PostFormValue("DisplayName")
+	t := r.PostFormValue("Type")
+	url := r.PostFormValue("Url")
+	if len(url) == 0 {
+		url = uuid.Must(uuid.NewRandom()).String()
+	}
+	avatar := r.PostFormValue("Avatar")
+	style := r.PostFormValue("Style")
+	parentID := util.ConvertInt(r.PostFormValue("ParentID"), 0)
+	visible := util.ConvertBool(r.PostFormValue("Visible"), false)
+	isList := util.ConvertBool(r.PostFormValue("IsList"), false)
+	sort := util.ConvertInt(r.PostFormValue("Sort"), 6666)
+	status := util.ConvertInt(r.PostFormValue("Status"), 9999)
+
+	ctx := r.Context()
+	if len(avatar) > 0 && !strings.Contains(avatar, "layui-icon ") {
+		avatar = "layui-icon " + avatar
+	}
+
+	parentPath := ""
+	if parentID > 0 {
+		parent, err := systemservice.GetSysMenu(ctx, int32(parentID))
+		if err != nil {
+			tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+			return
+		}
+		parentPath = parent.ParentPath + "," + strconv.Itoa(parentID) + ","
+		parentPath = strings.ReplaceAll(parentPath, ",,", ",")
+	}
+
+	if id == 0 {
+		arg := &db.CreateSysMenuParams{
+			Name:        name,
+			DisplayName: dispalyName,
+			Url:         url,
+			Type:        t,
+			ParentID:    int32(parentID),
+			ParentPath:  parentPath,
+			Avatar:      avatar,
+			Style:       style,
+			Visible:     visible,
+			IsList:      isList,
+			Status:      int32(status),
+			Sort:        int32(sort),
+			CreatedAt:   time.Now(),
+			UpdatedAt:   time.Now(),
+		}
+		_, err := systemservice.CreateSysMenu(ctx, arg)
+		if err != nil {
+			if db.IsUniqueViolation(err) {
+				tpl.JSON(w, tpl.Response{Success: false, Message: "菜单已存在"})
+				return
+			}
+			tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+			return
+		}
+
+		tpl.JSON(w, tpl.Response{Success: true, Message: "添加成功"})
+	} else {
+		res, err := systemservice.GetSysMenu(ctx, int32(id))
+		if err != nil {
+			tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+			return
+		}
+
+		arg := &db.UpdateSysMenuParams{
+			ID:          res.ID,
+			Name:        name,
+			DisplayName: dispalyName,
+			Url:         url,
+			Type:        t,
+			ParentID:    int32(parentID),
+			ParentPath:  parentPath,
+			Avatar:      avatar,
+			Style:       style,
+			Visible:     visible,
+			IsList:      isList,
+			Status:      int32(status),
+			Sort:        int32(sort),
+			UpdatedAt:   time.Now(),
+		}
+		_, err = systemservice.UpdateSysMenu(ctx, arg)
+		if err != nil {
+			tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+			return
+		}
+
+		tpl.JSON(w, tpl.Response{Success: true, Message: "更新成功"})
+	}
+}
+
+func (h *SysMenuHandler) UserMenus(w http.ResponseWriter, r *http.Request) {
+	ctx := r.Context()
+	b := session.GetBytes(ctx, auth.StoreName)
+	var u dto.AuthorizeUser
+	if err := json.Unmarshal(b, &u); err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	menus, err := systemservice.RecursiveSysMenus(ctx, u.RoleID)
+	if err != nil {
+		tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+		return
+	}
+
+	tpl.JSON(w, menus)
+}
+
+func (h *SysMenuHandler) XmSelectTree(w http.ResponseWriter, r *http.Request) {
+	ctx := r.Context()
+	res, err := systemservice.ToTreeMenu(ctx, 0, false)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	tpl.JSON(w, res)
+}
+
+func (h *SysMenuHandler) Refresh(w http.ResponseWriter, r *http.Request) {
+	ctx := r.Context()
+	err := systemservice.RefreshMenus(ctx)
+	if err != nil {
+		tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+		return
+	}
+
+	tpl.JSON(w, tpl.Response{Success: true, Message: "刷新成功"})
+}
--- a/internal/router/manage/system/sys_role.go
+++ b/internal/router/manage/system/sys_role.go
@@ -0,0 +1,300 @@
+package system
+
+import (
+	"fmt"
+	"net/http"
+	"strings"
+	"time"
+
+	"management/internal/db/model/dto"
+	db "management/internal/db/sqlc"
+	"management/internal/router/manage/util"
+	systemservice "management/internal/service/system"
+	"management/internal/tpl"
+)
+
+type SysRoleHandler struct{}
+
+func NewSysRoleHandler() *SysRoleHandler {
+	return &SysRoleHandler{}
+}
+
+func (h *SysRoleHandler) List(w http.ResponseWriter, r *http.Request) {
+	tpl.HTML(w, r, "role/list.tmpl", nil)
+}
+
+func (h *SysRoleHandler) PostList(w http.ResponseWriter, r *http.Request) {
+	var q dto.SearchDto
+	q.SearchStatus = util.ConvertInt(r.PostFormValue("SearchStatus"), 9999)
+	q.SearchParentID = util.ConvertInt(r.PostFormValue("SearchParentID"), 0)
+	q.SearchName = r.PostFormValue("SearchName")
+	q.SearchKey = r.PostFormValue("SearchKey")
+	q.Page = util.ConvertInt(r.PostFormValue("page"), 1)
+	q.Rows = util.ConvertInt(r.PostFormValue("rows"), 10)
+	ctx := r.Context()
+	res, count, err := systemservice.ListSysRoleCondition(ctx, q)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	data := tpl.ResponseList{
+		Code:    0,
+		Message: "ok",
+		Count:   count,
+		Data:    res,
+	}
+	tpl.JSON(w, data)
+}
+
+func (h *SysRoleHandler) Add(w http.ResponseWriter, r *http.Request) {
+	vm := &db.SysRole{Sort: 6666}
+	tpl.HTML(w, r, "role/edit.tmpl", map[string]any{
+		"Item": vm,
+	})
+}
+
+func (h *SysRoleHandler) Edit(w http.ResponseWriter, r *http.Request) {
+	vars := r.URL.Query()
+	id := util.DefaultInt(vars, "id", 0)
+	vm := &db.SysRole{Sort: 6666}
+	if id > 0 {
+		ctx := r.Context()
+		vm, _ = systemservice.GetSysRole(ctx, int32(id))
+	}
+	tpl.HTML(w, r, "role/edit.tmpl", map[string]any{
+		"Item": vm,
+	})
+}
+
+func (h *SysRoleHandler) Save(w http.ResponseWriter, r *http.Request) {
+	id := util.ConvertInt(r.PostFormValue("ID"), 0)
+	name := r.PostFormValue("Name")
+	parentID := util.ConvertInt(r.PostFormValue("ParentID"), 0)
+	displayName := r.PostFormValue("DisplayName")
+	sort := util.ConvertInt(r.PostFormValue("Sort"), 6666)
+	status := util.ConvertInt(r.PostFormValue("Status"), 9999)
+
+	ctx := r.Context()
+	var parent *db.SysRole
+	if parentID > 0 {
+		var err error
+		parent, err = systemservice.GetSysRole(ctx, int32(parentID))
+		if err != nil {
+			tpl.JSON(w, tpl.Response{Success: false, Message: "父级节点错误"})
+			return
+		}
+	} else {
+		parent = &db.SysRole{
+			ID:         0,
+			ParentID:   0,
+			ParentPath: ",0,",
+		}
+	}
+
+	if id == 0 {
+		arg := &db.CreateSysRoleParams{
+			Name:        name,
+			DisplayName: displayName,
+			Vip:         false,
+			ParentID:    parent.ID,
+			ParentPath:  fmt.Sprintf("%s,%d,", parent.ParentPath, parent.ID),
+			Status:      int32(status),
+			CreatedAt:   time.Now(),
+			UpdatedAt:   time.Now(),
+		}
+		_, err := systemservice.CreateSysRole(ctx, arg)
+		if err != nil {
+			if db.IsUniqueViolation(err) {
+				tpl.JSON(w, tpl.Response{Success: false, Message: "角色名称已存在"})
+				return
+			}
+			tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+			return
+		}
+
+		tpl.JSON(w, tpl.Response{Success: true, Message: "添加成功"})
+	} else {
+		res, err := systemservice.GetSysRole(ctx, int32(id))
+		if err != nil {
+			tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+			return
+		}
+		arg := &db.UpdateSysRoleParams{
+			ID:          res.ID,
+			DisplayName: displayName,
+			Sort:        int32(sort),
+			Status:      int32(status),
+			ParentID:    parent.ID,
+			ParentPath:  fmt.Sprintf("%s,%d,", parent.ParentPath, parent.ID),
+			UpdatedAt:   time.Now(),
+		}
+		_, err = systemservice.UpdateSysRole(ctx, arg)
+		if err != nil {
+			tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+			return
+		}
+
+		tpl.JSON(w, tpl.Response{Success: true, Message: "更新成功"})
+	}
+}
+
+func (h *SysRoleHandler) XmSelect(w http.ResponseWriter, r *http.Request) {
+	ctx := r.Context()
+	res, err := systemservice.XmSelectSysRole(ctx)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	tpl.JSON(w, res)
+}
+
+func (h *SysRoleHandler) SetMenu(w http.ResponseWriter, r *http.Request) {
+	vars := r.URL.Query()
+	id := util.DefaultInt(vars, "id", 0)
+	vm := struct {
+		Role  *db.SysRole
+		Menus []*dto.SetMenuDto
+	}{}
+	if id > 0 {
+		ctx := r.Context()
+		var err error
+		vm.Role, err = systemservice.GetSysRole(ctx, int32(id))
+		if err == nil {
+			vm.Menus, _ = systemservice.SetMenuViewData(ctx, vm.Role.ID)
+		}
+	}
+
+	tpl.HTML(w, r, "role/set_menu.tmpl", map[string]any{
+		"Item": vm,
+	})
+}
+
+func (h *SysRoleHandler) PostSetMenu(w http.ResponseWriter, r *http.Request) {
+	id := util.ConvertInt(r.PostFormValue("ID"), 0)
+	menus := r.PostFormValue("roleMenu")
+
+	if id == 0 {
+		tpl.JSON(w, tpl.Response{Success: false, Message: "角色异常, 请刷新重试"})
+		return
+	}
+
+	if len(menus) == 0 {
+		tpl.JSON(w, tpl.Response{Success: false, Message: "请选择菜单"})
+		return
+	}
+
+	ctx := r.Context()
+	_, err := systemservice.GetSysRole(ctx, int32(id))
+	if err != nil {
+		tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+		return
+	}
+
+	menuArr := strings.Split(menus, ",")
+	if len(menuArr) == 0 {
+		tpl.JSON(w, tpl.Response{Success: false, Message: "请选择菜单"})
+		return
+	}
+
+	var menuList []*db.SysMenu
+	for _, v := range menuArr {
+		menuID := util.ConvertInt(v, 0)
+		if menuID > 0 {
+			menu, err := systemservice.GetSysMenu(ctx, int32(menuID))
+			if err != nil {
+				tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+				return
+			}
+
+			menuList = append(menuList, menu)
+		}
+	}
+
+	if len(menuList) == 0 {
+		tpl.JSON(w, tpl.Response{Success: false, Message: "请选择正确的菜单"})
+		return
+	}
+
+	err = systemservice.SetMenu(ctx, int32(id), menuList)
+	if err != nil {
+		tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+		return
+	}
+
+	tpl.JSON(w, tpl.Response{Success: true, Message: "设置成功"})
+}
+
+func (h *SysRoleHandler) DTree(w http.ResponseWriter, r *http.Request) {
+	ctx := r.Context()
+	res, err := systemservice.DTreeSysRole(ctx, 0)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	rsp := tpl.ResponseDtree{
+		Status: tpl.ResponseDtreeStatus{
+			Code:    200,
+			Message: "OK",
+		},
+		Data: res,
+	}
+	tpl.JSON(w, rsp)
+}
+
+func (h *SysRoleHandler) Refresh(w http.ResponseWriter, r *http.Request) {
+	ctx := r.Context()
+	err := systemservice.RefreshSysRole(ctx)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	tpl.JSON(w, tpl.Response{Success: true, Message: "刷新成功"})
+}
+
+func (h *SysRoleHandler) RebuildParentPath(w http.ResponseWriter, r *http.Request) {
+	ctx := r.Context()
+	err := systemservice.RebuildSysRoleParentPath(ctx)
+	if err != nil {
+		tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+		return
+	}
+
+	tpl.JSON(w, tpl.Response{Success: true, Message: "重建成功"})
+}
+
+func (h *SysRoleHandler) RefreshRoleMenus(w http.ResponseWriter, r *http.Request) {
+	ctx := r.Context()
+
+	// 获取需要刷新的角色ID
+	roleID := util.ConvertInt(r.PostFormValue("roleID"), 0)
+	sysRole, err := systemservice.GetSysRole(ctx, int32(roleID))
+	if err != nil || sysRole == nil {
+		tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+		return
+	}
+
+	// 刷新角色菜单 (角色所拥有的菜单集合)
+	_, err = systemservice.SetOwnerListMenuByRoleID(ctx, sysRole.ID)
+	if err != nil {
+		tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+		return
+	}
+
+	// 刷新角色菜单 (角色所拥有的菜单集合)
+	_, err = systemservice.SetOwnerMapMenuByRoleID(ctx, sysRole.ID)
+	if err != nil {
+		tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+		return
+	}
+
+	// 刷新角色菜单树 (pear admin layui 使用的格式)
+	_, err = systemservice.SetRecursiveSysMenus(ctx, sysRole.ID)
+	if err != nil {
+		tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+		return
+	}
+
+	tpl.JSON(w, tpl.Response{Success: true, Message: "刷新成功"})
+}
--- a/internal/router/manage/system/sys_user.go
+++ b/internal/router/manage/system/sys_user.go
@@ -0,0 +1,213 @@
+package system
+
+import (
+	"net/http"
+	"time"
+
+	"management/internal/db/model/dto"
+	db "management/internal/db/sqlc"
+	"management/internal/middleware/manage/auth"
+	"management/internal/pkg/crypto"
+	"management/internal/pkg/rand"
+	"management/internal/router/manage/util"
+	systemservice "management/internal/service/system"
+	"management/internal/tpl"
+
+	"github.com/google/uuid"
+)
+
+type SysUserHandler struct{}
+
+func NewSysUserHandler() *SysUserHandler {
+	return &SysUserHandler{}
+}
+
+func (h *SysUserHandler) List(w http.ResponseWriter, r *http.Request) {
+	tpl.HTML(w, r, "user/list.tmpl", nil)
+}
+
+func (h *SysUserHandler) PostList(w http.ResponseWriter, r *http.Request) {
+	var q dto.SearchDto
+	q.SearchStatus = util.ConvertInt(r.PostFormValue("SearchStatus"), 9999)
+	q.SearchName = r.PostFormValue("SearchName")
+	q.SearchKey = r.PostFormValue("SearchKey")
+	q.Page = util.ConvertInt(r.PostFormValue("page"), 1)
+	q.Rows = util.ConvertInt(r.PostFormValue("rows"), 10)
+	ctx := r.Context()
+	res, count, err := systemservice.ListSysUserCondition(ctx, q)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	data := tpl.ResponseList{
+		Code:    0,
+		Message: "ok",
+		Count:   count,
+		Data:    res,
+	}
+	tpl.JSON(w, data)
+}
+
+func (h *SysUserHandler) Add(w http.ResponseWriter, r *http.Request) {
+	tpl.HTML(w, r, "user/edit.tmpl", map[string]any{
+		"Item": &db.SysUser{
+			HashedPassword: nil,
+		},
+	})
+}
+
+func (h *SysUserHandler) Edit(w http.ResponseWriter, r *http.Request) {
+	vars := r.URL.Query()
+	id := util.DefaultInt(vars, "id", 0)
+	sysUser := &db.SysUser{}
+	if id > 0 {
+		ctx := r.Context()
+		if user, err := systemservice.GetSysUser(ctx, int32(id)); err == nil {
+			user.HashedPassword = nil
+			sysUser = user
+		}
+	}
+	tpl.HTML(w, r, "user/edit.tmpl", map[string]any{
+		"Item": sysUser,
+	})
+}
+
+func (h *SysUserHandler) Profile(w http.ResponseWriter, r *http.Request) {
+	ctx := r.Context()
+	user := auth.AuthUser(ctx)
+	vm, _ := systemservice.GetSysUser(ctx, user.ID)
+	tpl.HTML(w, r, "user/profile.tmpl", map[string]any{
+		"Item": vm,
+	})
+}
+
+func (h *SysUserHandler) Save(w http.ResponseWriter, r *http.Request) {
+	id := util.ConvertInt(r.PostFormValue("ID"), 0)
+	email := r.PostFormValue("Email")
+	username := r.PostFormValue("Username")
+	password := r.PostFormValue("Password")
+	changePassword := r.PostFormValue("ChangePassword")
+	gender := util.ConvertInt(r.PostFormValue("Gender"), 0)
+	avatar := r.PostFormValue("File")
+	status := util.ConvertInt(r.PostFormValue("Status"), 9999)
+
+	ctx := r.Context()
+	departmentID := util.ConvertInt(r.PostFormValue("DepartmentID"), 0)
+	var department *db.SysDepartment
+	var err error
+	if departmentID > 0 {
+		department, err = systemservice.GetSysDepartment(ctx, int32(departmentID))
+		if err != nil {
+			tpl.JSON(w, tpl.Response{Success: false, Message: "部门数据错误"})
+			return
+		}
+	}
+	var role *db.SysRole
+	roleID := util.ConvertInt(r.PostFormValue("RoleID"), 0)
+	if roleID > 0 {
+		role, err = systemservice.GetSysRole(ctx, int32(roleID))
+		if err != nil {
+			tpl.JSON(w, tpl.Response{Success: false, Message: "角色数据错误"})
+			return
+		}
+	}
+
+	if id == 0 {
+		salt, err := rand.String(10)
+		if err != nil {
+			tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+			return
+		}
+
+		hashedPassword, err := crypto.BcryptHashPassword(password + salt)
+		if err != nil {
+			tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+			return
+		}
+
+		initTime, err := time.ParseInLocation(time.DateTime, "0001-01-01 00:00:00", time.Local)
+		if err != nil {
+			tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+			return
+		}
+		arg := &db.CreateSysUserParams{
+			Uuid:             uuid.Must(uuid.NewV7()),
+			Email:            email,
+			Username:         username,
+			HashedPassword:   hashedPassword,
+			Salt:             salt,
+			Avatar:           avatar,
+			Gender:           int32(gender),
+			DepartmentID:     department.ID,
+			RoleID:           role.ID,
+			Status:           int32(status),
+			ChangePasswordAt: initTime,
+			CreatedAt:        time.Now(),
+			UpdatedAt:        time.Now(),
+		}
+		_, err = systemservice.CreateSysUser(ctx, arg)
+		if err != nil {
+			if db.IsUniqueViolation(err) {
+				tpl.JSON(w, tpl.Response{Success: false, Message: "数据已存在"})
+				return
+			}
+			tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+			return
+		}
+
+		tpl.JSON(w, tpl.Response{Success: true, Message: "添加成功"})
+	} else {
+		res, err := systemservice.GetSysUser(ctx, int32(id))
+		if err != nil {
+			tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+			return
+		}
+
+		arg := &db.UpdateSysUserParams{
+			ID:               res.ID,
+			Username:         username,
+			HashedPassword:   res.HashedPassword,
+			Avatar:           avatar,
+			Gender:           int32(gender),
+			DepartmentID:     department.ID,
+			RoleID:           role.ID,
+			Status:           int32(status),
+			ChangePasswordAt: res.ChangePasswordAt,
+			UpdatedAt:        time.Now(),
+		}
+		if changePassword == "on" {
+			hashedPassword, err := crypto.BcryptHashPassword(password + res.Salt)
+			if err != nil {
+				tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+				return
+			}
+			arg.HashedPassword = hashedPassword
+			arg.ChangePasswordAt = time.Now()
+		}
+		_, err = systemservice.UpdateSysUser(ctx, arg)
+		if err != nil {
+			tpl.JSON(w, tpl.Response{Success: false, Message: err.Error()})
+			return
+		}
+
+		tpl.JSON(w, tpl.Response{Success: true, Message: "更新成功"})
+	}
+}
+
+func (h *SysUserHandler) XmSelect(w http.ResponseWriter, r *http.Request) {
+	all, err := db.Engine.ListSysUser(r.Context())
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	var res []*dto.XmSelectInt32Dto
+	for _, v := range all {
+		res = append(res, &dto.XmSelectInt32Dto{
+			Name:  v.Username,
+			Value: v.ID,
+		})
+	}
+	tpl.JSON(w, res)
+}
--- a/internal/router/manage/system/sys_user_login_log.go
+++ b/internal/router/manage/system/sys_user_login_log.go
@@ -0,0 +1,43 @@
+package system
+
+import (
+	"net/http"
+
+	"management/internal/db/model/dto"
+	"management/internal/router/manage/util"
+	systemservice "management/internal/service/system"
+	"management/internal/tpl"
+)
+
+type SysUserLoginLogHandler struct{}
+
+func NewSysUserLoginLogHandler() *SysUserLoginLogHandler {
+	return &SysUserLoginLogHandler{}
+}
+
+func (h *SysUserLoginLogHandler) List(w http.ResponseWriter, r *http.Request) {
+	tpl.HTML(w, r, "login_log/list.tmpl", nil)
+}
+
+func (h *SysUserLoginLogHandler) PostList(w http.ResponseWriter, r *http.Request) {
+	var q dto.SearchDto
+	q.SearchTimeBegin, q.SearchTimeEnd = util.DefaultStartTimeAndEndTime(r.PostFormValue("SearchTimeBegin"), r.PostFormValue("SearchTimeEnd"))
+	q.SearchName = r.PostFormValue("SearchName")
+	q.SearchKey = r.PostFormValue("SearchKey")
+	q.Page = util.ConvertInt(r.PostFormValue("page"), 1)
+	q.Rows = util.ConvertInt(r.PostFormValue("rows"), 10)
+	ctx := r.Context()
+	res, count, err := systemservice.ListSysUserLoginLog(ctx, q)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	data := tpl.ResponseList{
+		Code:    0,
+		Message: "ok",
+		Count:   count,
+		Data:    res,
+	}
+	tpl.JSON(w, data)
+}