fix(security): 修复登录时 Collection.size() NPE — Spring Boot 4.0 适配

LoginUser.getAuthorities() 直接返回 null，Spring Security 6.x
  内部链路调用 c.size() 触发 NPE，导致 admin 用户无法登录。

  变更:
  - LoginUser.java: getAuthorities() 改为将 permissions 转为
    SimpleGrantedAuthority 集合，空时返回空集合而非 null
  - SysUserMapper.xml: collection 映射添加 notNullColumn="role_id"，
    防止 LEFT JOIN 无角色时产生 null 集合

openhis-server-new/core-common/src/main/java/com/core/common/core/domain/model/LoginUser.java

@@ -9,9 +9,13 @@ import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
 
 import java.util.Collection;
+import java.util.Collections;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
+import java.util.stream.Collectors;
+
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 /**
  * 登录用户身份权限
@@ -267,6 +271,9 @@ public class LoginUser implements UserDetails {
 
     @Override
     public Collection<? extends GrantedAuthority> getAuthorities() {
-        return null;
+        if (permissions == null || permissions.isEmpty()) {
+            return Collections.emptySet();
+        }
+        return permissions.stream().map(SimpleGrantedAuthority::new).collect(Collectors.toSet());
     }
 }

openhis-server-new/core-system/src/main/resources/mapper/system/SysUserMapper.xml

@@ -24,7 +24,7 @@
         <result property="updateTime" column="update_time"/>
         <result property="remark" column="remark"/>
         <association property="dept" javaType="SysDept" resultMap="deptResult"/>
-        <collection property="roles" javaType="java.util.List" resultMap="RoleResult"/>
+        <collection property="roles" javaType="java.util.List" resultMap="RoleResult" notNullColumn="role_id"/>
     </resultMap>
 
     <resultMap id="deptResult" type="SysDept">