fix: 角色权限保存收集改为 columns 驱动 + 修复 substring 误匹配

- handleSaveRolePermission: 从 state.columns 获取角色列名代替 Object.keys(data[0])，
  排除 Vue/ElementPlus 注入的脏属性导致生成非法 role id
- 权限显示: String.includes() 改为 split('|').includes() 精确匹配，
  避免 'user' 误匹配 'user.list' 造成虚假勾选

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

admin-web/src/views/admin/role/index.vue

@@ -152,7 +152,8 @@ const loadPermissionList = (roleList: Array<any>) => {
         // hasChildren: !u.isEmptyOrNull(childrenPermissionList)
       } as any;
       roleList.forEach(role => {
-        record['role_' + role.id] = !!(role.permissions && role.permissions.includes(value));
+        let permArr = role.permissions ? role.permissions.split("|") : [];
+        record['role_' + role.id] = permArr.includes(value);
       })
 
       let children = [] as Array<any>;
@@ -164,7 +165,8 @@ const loadPermissionList = (roleList: Array<any>) => {
             perm: child.value,
           } as any;
           roleList.forEach(role => {
-            childRecord['role_' + role.id] = !!(role.permissions && role.permissions.includes(child.value));
+            let permArr = role.permissions ? role.permissions.split("|") : [];
+            childRecord['role_' + role.id] = permArr.includes(child.value);
           })
           children.push(childRecord);
         });
@@ -238,41 +240,37 @@ const handleSaveRolePermission = () => {
   let updateRoles = [] as Array<any>;
   let map = new Map();
 
-  let keys = Object.keys(state.tableData.data[0])
-  //console.log(state.tableData.data)
+  // 从 columns 定义获取角色列名，避免 Object.keys 采集到 Vue/ElementPlus 注入的脏属性
+  let roleColumns = state.columns
+      .filter(col => col.prop && col.prop.startsWith("role_"))
+      .map(col => col.prop);
+
   state.tableData.data.forEach(record => {
-    keys.forEach((k: string) => {
-      if (k.startsWith("role_")) {
-        if (record[k]) {
-          let roleId = k.split("_")[1];
-          let newVar = map.get(roleId);
-          if (!newVar) {
-            map.set(roleId, [record.perm])
-          } else {
-            newVar.push(record.perm);
-            map.set(roleId, newVar);
-          }
+    roleColumns.forEach((k: string) => {
+      if (record[k]) {
+        let roleId = k.split("_")[1];
+        let perms = map.get(roleId);
+        if (!perms) {
+          map.set(roleId, [record.perm]);
+        } else {
+          perms.push(record.perm);
         }
       }
       if (!u.isEmptyOrNull(record.children)) {
         record.children.forEach((child: any) => {
-          if (k.startsWith("role_")) {
-            if (child[k]) {
-              let roleId = k.split("_")[1];
-              let newVar = map.get(roleId);
-              if (!newVar) {
-                map.set(roleId, [child.perm])
-              } else {
-                newVar.push(child.perm);
-                map.set(roleId, newVar);
-              }
+          if (child[k]) {
+            let roleId = k.split("_")[1];
+            let perms = map.get(roleId);
+            if (!perms) {
+              map.set(roleId, [child.perm]);
+            } else {
+              perms.push(child.perm);
             }
-
           }
-        })
+        });
       }
-    })
-  })
+    });
+  });
 
   ////console.log(map)
   map.forEach((value: Array<string>, key: any) => {