feat: user management - add/edit/delete users

Backend:
- Add GET /users/roles endpoint (list all roles)
- Add GET /users/depts endpoint (list all departments)

Frontend:
- Add user.ts API client (getUsers, createUser, updateUser, deleteUser, getRoles, getDepts)
- Rewrite System.vue with full user CRUD:
  - User list table with pagination
  - Add User button + dialog form
  - Edit user (username disabled, password hidden)
  - Delete user (disabled for superadmin)
  - Role and department dropdowns
  - Status radio buttons

backend/app/api/v1/user.py

@@ -4,7 +4,8 @@ from sqlalchemy.orm import Session
 
 from app.core.database import get_db
 from app.models.user import User
-from app.schemas.user import UserCreate, UserUpdate, UserOut
+from app.models.user import Role, Dept
+from app.schemas.user import UserCreate, UserUpdate, UserOut, RoleOut, DeptOut
 from app.schemas.common import ResponseModel, ListResponse, PageParams
 from app.services import user_service
 from app.api.deps import get_current_user
@@ -62,3 +63,21 @@ def delete_user(
 ):
     user_service.delete_user(db, user_id)
     return ResponseModel(message="删除成功")
+
+
+@router.get("/roles", response_model=ResponseModel[list[RoleOut]])
+def list_roles(
+    db: Session = Depends(get_db),
+    current_user: User = Depends(get_current_user),
+):
+    items = db.query(Role).order_by(Role.id).all()
+    return ResponseModel(data=[RoleOut.model_validate(r) for r in items])
+
+
+@router.get("/depts", response_model=ResponseModel[list[DeptOut]])
+def list_depts(
+    db: Session = Depends(get_db),
+    current_user: User = Depends(get_current_user),
+):
+    items = db.query(Dept).order_by(Dept.sort_order).all()
+    return ResponseModel(data=[DeptOut.model_validate(d) for d in items])