refactor(users): 优化用户管理接口权限控制

- 修复普通用户访问用户列表时返回空数据
- 优化用户创建接口中的角色权限检查
- 调整代码格式，提高可读性

src/users/users.admin.controller.ts

@@ -45,6 +45,17 @@ export class UsersAdminController {
                 const userIds = await this.usersService.getApiInvitesIds(req.user.id)
                 ;(page.search as any).where.invitor = In(userIds)
             }
+        } else if (req.user.roles.includes('user')) {
+            return {
+                items: [],
+                meta: {
+                    itemCount: 0,
+                    totalItems: 0,
+                    itemsPerPage: 0,
+                    totalPages: 0,
+                    currentPage: 0
+                }
+            }
         }
         ;(page.search as any).where = (page.search as any).where || {}
         if ((page.search as any).where.username) {
@@ -58,10 +69,13 @@ export class UsersAdminController {
     public async create(@Req() req, @Body() user: UserCreateDto) {
         if (user.roles) {
             for (const role of user.roles) {
-                if (role === Role.Admin && !req.user.roles.includes((Role.Admin))) {
+                if (role === Role.Admin && !req.user.roles.includes(Role.Admin)) {
                     throw new ForbiddenException('无权限')
                 }
-                if (role === Role.Api && !(req.user.roles.includes(Role.Admin) || req.user.roles.includes((Role.SuperApi)))) {
+                if (
+                    role === Role.Api &&
+                    !(req.user.roles.includes(Role.Admin) || req.user.roles.includes(Role.SuperApi))
+                ) {
                     throw new ForbiddenException('无权限')
                 }
             }