diff --git a/app/Filament/Resources/RoleResource.php b/app/Filament/Resources/RoleResource.php
new file mode 100644
index 0000000..c0899d6
--- /dev/null
+++ b/app/Filament/Resources/RoleResource.php
@@ -0,0 +1,264 @@
+<?php
+
+namespace App\Filament\Resources;
+
+use App\Filament\Resources\RoleResource\Pages;
+use Filament\Forms;
+use Filament\Forms\Form;
+use Filament\Resources\Resource;
+use Filament\Tables;
+use Filament\Tables\Table;
+use Spatie\Permission\Models\Permission;
+use Spatie\Permission\Models\Role;
+
+class RoleResource extends Resource
+{
+    protected static ?string $model = Role::class;
+
+    protected static ?string $navigationIcon = 'heroicon-o-shield-check';
+
+    protected static ?string $navigationLabel = '角色管理';
+
+    protected static ?string $modelLabel = '角色';
+
+    protected static ?string $pluralModelLabel = '角色';
+
+    protected static ?int $navigationSort = 5;
+
+    protected static ?string $navigationGroup = '系统管理';
+
+    public static function form(Form $form): Form
+    {
+        return $form
+            ->schema([
+                Forms\Components\Section::make('基本信息')
+                    ->schema([
+                        Forms\Components\TextInput::make('name')
+                            ->label('角色标识')
+                            ->required()
+                            ->unique(ignoreRecord: true)
+                            ->maxLength(255)
+                            ->placeholder('例如: content-manager')
+                            ->helperText('角色的唯一标识符，使用小写字母和连字符')
+                            ->regex('/^[a-z0-9\-]+$/')
+                            ->validationMessages([
+                                'regex' => '角色标识只能包含小写字母、数字和连字符',
+                            ])
+                            ->disabled(fn (?Role $record): bool => $record?->name === 'super-admin'),
+
+                        Forms\Components\Select::make('guard_name')
+                            ->label('守卫')
+                            ->options([
+                                'web' => 'Web',
+                            ])
+                            ->default('web')
+                            ->required()
+                            ->disabled(),
+                    ])
+                    ->columns(2),
+
+                Forms\Components\Section::make('权限配置')
+                    ->schema([
+                        Forms\Components\CheckboxList::make('permissions')
+                            ->label('权限')
+                            ->relationship('permissions', 'name')
+                            ->options(function () {
+                                return Permission::all()
+                                    ->groupBy(function ($permission) {
+                                        // 按模块分组（取权限名称的第一部分）
+                                        return explode('.', $permission->name)[0];
+                                    })
+                                    ->map(function ($permissions, $module) {
+                                        // 模块名称映射
+                                        $moduleNames = [
+                                            'document' => '文档管理',
+                                            'system-setting' => '系统设置',
+                                            'activity-log' => '操作日志',
+                                            'terminal' => '终端管理',
+                                            'sop-template' => 'SOP模板',
+                                            'group' => '分组管理',
+                                            'user' => '用户管理',
+                                            'role' => '角色管理',
+                                        ];
+
+                                        $moduleName = $moduleNames[$module] ?? $module;
+
+                                        return $permissions->pluck('name', 'name')
+                                            ->mapWithKeys(function ($name) use ($moduleName) {
+                                                // 操作名称映射
+                                                $action = explode('.', $name)[1] ?? '';
+                                                $actionNames = [
+                                                    'viewAny' => '查看列表',
+                                                    'view' => '查看详情',
+                                                    'create' => '创建',
+                                                    'update' => '编辑',
+                                                    'delete' => '删除',
+                                                    'download' => '下载',
+                                                    'export' => '导出',
+                                                    'sync' => '同步',
+                                                    'publish' => '发布',
+                                                    'archive' => '归档',
+                                                ];
+
+                                                $actionName = $actionNames[$action] ?? $action;
+                                                $label = "{$moduleName} - {$actionName}";
+
+                                                return [$name => $label];
+                                            });
+                                    })
+                                    ->flatten()
+                                    ->toArray();
+                            })
+                            ->columns(3)
+                            ->searchable()
+                            ->bulkToggleable()
+                            ->helperText('选择该角色拥有的权限')
+                            ->disabled(fn (?Role $record): bool => $record?->name === 'super-admin'),
+                    ])
+                    ->description('配置角色的权限，super-admin 角色拥有所有权限且不可修改'),
+            ]);
+    }
+
+    public static function table(Table $table): Table
+    {
+        return $table
+            ->columns([
+                Tables\Columns\TextColumn::make('name')
+                    ->label('角色标识')
+                    ->searchable()
+                    ->sortable()
+                    ->weight('bold')
+                    ->badge()
+                    ->color(fn (string $state): string => match ($state) {
+                        'super-admin' => 'danger',
+                        'admin' => 'warning',
+                        'user' => 'success',
+                        default => 'gray',
+                    }),
+
+                Tables\Columns\TextColumn::make('guard_name')
+                    ->label('守卫')
+                    ->badge()
+                    ->sortable()
+                    ->toggleable(),
+
+                Tables\Columns\TextColumn::make('permissions_count')
+                    ->label('权限数量')
+                    ->counts('permissions')
+                    ->sortable()
+                    ->alignCenter()
+                    ->badge()
+                    ->color('info'),
+
+                Tables\Columns\TextColumn::make('users_count')
+                    ->label('用户数量')
+                    ->counts('users')
+                    ->sortable()
+                    ->alignCenter()
+                    ->badge()
+                    ->color('success'),
+
+                Tables\Columns\IconColumn::make('is_system')
+                    ->label('系统角色')
+                    ->boolean()
+                    ->trueIcon('heroicon-o-lock-closed')
+                    ->falseIcon('heroicon-o-lock-open')
+                    ->trueColor('danger')
+                    ->falseColor('gray')
+                    ->getStateUsing(fn (Role $record): bool => $record->name === 'super-admin')
+                    ->alignCenter()
+                    ->tooltip(fn (Role $record): string => 
+                        $record->name === 'super-admin' 
+                            ? '系统角色，不可删除' 
+                            : '可以删除'
+                    ),
+
+                Tables\Columns\TextColumn::make('created_at')
+                    ->label('创建时间')
+                    ->dateTime('Y-m-d H:i:s')
+                    ->sortable()
+                    ->toggleable(isToggledHiddenByDefault: true),
+
+                Tables\Columns\TextColumn::make('updated_at')
+                    ->label('更新时间')
+                    ->dateTime('Y-m-d H:i:s')
+                    ->sortable()
+                    ->toggleable(isToggledHiddenByDefault: true),
+            ])
+            ->filters([
+                Tables\Filters\SelectFilter::make('guard_name')
+                    ->label('守卫')
+                    ->options([
+                        'web' => 'Web',
+                    ]),
+            ])
+            ->actions([
+                Tables\Actions\ViewAction::make()
+                    ->label('查看'),
+                Tables\Actions\EditAction::make()
+                    ->label('编辑')
+                    ->visible(fn (Role $record): bool => $record->name !== 'super-admin'),
+                Tables\Actions\DeleteAction::make()
+                    ->label('删除')
+                    ->visible(fn (Role $record): bool => $record->name !== 'super-admin')
+                    ->before(function (Tables\Actions\DeleteAction $action, Role $record) {
+                        // 检查是否有关联用户
+                        if ($record->users()->count() > 0) {
+                            \Filament\Notifications\Notification::make()
+                                ->danger()
+                                ->title('无法删除')
+                                ->body("该角色还有 {$record->users()->count()} 个用户，请先移除用户的角色后再删除。")
+                                ->persistent()
+                                ->send();
+
+                            $action->cancel();
+                        }
+                    }),
+            ])
+            ->bulkActions([
+                Tables\Actions\BulkActionGroup::make([
+                    Tables\Actions\DeleteBulkAction::make()
+                        ->label('批量删除')
+                        ->before(function (Tables\Actions\DeleteBulkAction $action, $records) {
+                            // 检查是否包含 super-admin
+                            if ($records->contains('name', 'super-admin')) {
+                                \Filament\Notifications\Notification::make()
+                                    ->danger()
+                                    ->title('无法删除')
+                                    ->body('不能删除 super-admin 角色')
+                                    ->persistent()
+                                    ->send();
+
+                                $action->cancel();
+                                return;
+                            }
+
+                            // 检查是否有关联用户
+                            $rolesWithUsers = $records->filter(fn ($role) => $role->users()->count() > 0);
+                            if ($rolesWithUsers->count() > 0) {
+                                $roleNames = $rolesWithUsers->pluck('name')->join('、');
+                                \Filament\Notifications\Notification::make()
+                                    ->danger()
+                                    ->title('无法删除')
+                                    ->body("以下角色还有关联用户：{$roleNames}，请先移除用户的角色后再删除。")
+                                    ->persistent()
+                                    ->send();
+
+                                $action->cancel();
+                            }
+                        }),
+                ]),
+            ])
+            ->defaultSort('created_at', 'desc');
+    }
+
+    public static function getPages(): array
+    {
+        return [
+            'index' => Pages\ListRoles::route('/'),
+            'create' => Pages\CreateRole::route('/create'),
+            'edit' => Pages\EditRole::route('/{record}/edit'),
+            'view' => Pages\ViewRole::route('/{record}'),
+        ];
+    }
+}
diff --git a/app/Filament/Resources/RoleResource/Pages/CreateRole.php b/app/Filament/Resources/RoleResource/Pages/CreateRole.php
new file mode 100644
index 0000000..1cc04ff
--- /dev/null
+++ b/app/Filament/Resources/RoleResource/Pages/CreateRole.php
@@ -0,0 +1,21 @@
+<?php
+
+namespace App\Filament\Resources\RoleResource\Pages;
+
+use App\Filament\Resources\RoleResource;
+use Filament\Resources\Pages\CreateRecord;
+
+class CreateRole extends CreateRecord
+{
+    protected static string $resource = RoleResource::class;
+
+    protected function getRedirectUrl(): string
+    {
+        return $this->getResource()::getUrl('index');
+    }
+
+    protected function getCreatedNotificationTitle(): ?string
+    {
+        return '角色创建成功';
+    }
+}
diff --git a/app/Filament/Resources/RoleResource/Pages/EditRole.php b/app/Filament/Resources/RoleResource/Pages/EditRole.php
new file mode 100644
index 0000000..1f2e33c
--- /dev/null
+++ b/app/Filament/Resources/RoleResource/Pages/EditRole.php
@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Filament\Resources\RoleResource\Pages;
+
+use App\Filament\Resources\RoleResource;
+use Filament\Actions;
+use Filament\Resources\Pages\EditRecord;
+
+class EditRole extends EditRecord
+{
+    protected static string $resource = RoleResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+            Actions\ViewAction::make()
+                ->label('查看'),
+            Actions\DeleteAction::make()
+                ->label('删除'),
+        ];
+    }
+
+    protected function getRedirectUrl(): string
+    {
+        return $this->getResource()::getUrl('index');
+    }
+
+    protected function getSavedNotificationTitle(): ?string
+    {
+        return '角色更新成功';
+    }
+}
diff --git a/app/Filament/Resources/RoleResource/Pages/ListRoles.php b/app/Filament/Resources/RoleResource/Pages/ListRoles.php
new file mode 100644
index 0000000..cff319d
--- /dev/null
+++ b/app/Filament/Resources/RoleResource/Pages/ListRoles.php
@@ -0,0 +1,20 @@
+<?php
+
+namespace App\Filament\Resources\RoleResource\Pages;
+
+use App\Filament\Resources\RoleResource;
+use Filament\Actions;
+use Filament\Resources\Pages\ListRecords;
+
+class ListRoles extends ListRecords
+{
+    protected static string $resource = RoleResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+            Actions\CreateAction::make()
+                ->label('创建角色'),
+        ];
+    }
+}
diff --git a/app/Filament/Resources/RoleResource/Pages/ViewRole.php b/app/Filament/Resources/RoleResource/Pages/ViewRole.php
new file mode 100644
index 0000000..fe9d887
--- /dev/null
+++ b/app/Filament/Resources/RoleResource/Pages/ViewRole.php
@@ -0,0 +1,116 @@
+<?php
+
+namespace App\Filament\Resources\RoleResource\Pages;
+
+use App\Filament\Resources\RoleResource;
+use Filament\Actions;
+use Filament\Resources\Pages\ViewRecord;
+use Filament\Infolists;
+use Filament\Infolists\Infolist;
+
+class ViewRole extends ViewRecord
+{
+    protected static string $resource = RoleResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+            Actions\EditAction::make()
+                ->label('编辑')
+                ->visible(fn (): bool => $this->record->name !== 'super-admin'),
+        ];
+    }
+
+    public function infolist(Infolist $infolist): Infolist
+    {
+        return $infolist
+            ->schema([
+                Infolists\Components\Section::make('角色信息')
+                    ->schema([
+                        Infolists\Components\TextEntry::make('name')
+                            ->label('角色标识')
+                            ->badge()
+                            ->color(fn (string $state): string => match ($state) {
+                                'super-admin' => 'danger',
+                                'admin' => 'warning',
+                                'user' => 'success',
+                                default => 'gray',
+                            }),
+
+                        Infolists\Components\TextEntry::make('guard_name')
+                            ->label('守卫')
+                            ->badge(),
+
+                        Infolists\Components\TextEntry::make('permissions_count')
+                            ->label('权限数量')
+                            ->getStateUsing(fn ($record) => $record->permissions()->count())
+                            ->badge()
+                            ->color('info'),
+
+                        Infolists\Components\TextEntry::make('users_count')
+                            ->label('用户数量')
+                            ->getStateUsing(fn ($record) => $record->users()->count())
+                            ->badge()
+                            ->color('success'),
+
+                        Infolists\Components\TextEntry::make('created_at')
+                            ->label('创建时间')
+                            ->dateTime('Y-m-d H:i:s'),
+
+                        Infolists\Components\TextEntry::make('updated_at')
+                            ->label('更新时间')
+                            ->dateTime('Y-m-d H:i:s'),
+                    ])
+                    ->columns(2),
+
+                Infolists\Components\Section::make('权限列表')
+                    ->schema([
+                        Infolists\Components\RepeatableEntry::make('permissions')
+                            ->label('')
+                            ->schema([
+                                Infolists\Components\TextEntry::make('name')
+                                    ->label('权限')
+                                    ->badge()
+                                    ->formatStateUsing(function (string $state): string {
+                                        // 格式化权限名称
+                                        $parts = explode('.', $state);
+                                        $module = $parts[0] ?? '';
+                                        $action = $parts[1] ?? '';
+
+                                        $moduleNames = [
+                                            'document' => '文档管理',
+                                            'system-setting' => '系统设置',
+                                            'activity-log' => '操作日志',
+                                            'terminal' => '终端管理',
+                                            'sop-template' => 'SOP模板',
+                                            'group' => '分组管理',
+                                            'user' => '用户管理',
+                                            'role' => '角色管理',
+                                        ];
+
+                                        $actionNames = [
+                                            'viewAny' => '查看列表',
+                                            'view' => '查看详情',
+                                            'create' => '创建',
+                                            'update' => '编辑',
+                                            'delete' => '删除',
+                                            'download' => '下载',
+                                            'export' => '导出',
+                                            'sync' => '同步',
+                                            'publish' => '发布',
+                                            'archive' => '归档',
+                                        ];
+
+                                        $moduleName = $moduleNames[$module] ?? $module;
+                                        $actionName = $actionNames[$action] ?? $action;
+
+                                        return "{$moduleName} - {$actionName}";
+                                    }),
+                            ])
+                            ->columns(3)
+                            ->grid(3),
+                    ])
+                    ->collapsible(),
+            ]);
+    }
+}
diff --git a/app/Policies/RolePolicy.php b/app/Policies/RolePolicy.php
new file mode 100644
index 0000000..bd652b7
--- /dev/null
+++ b/app/Policies/RolePolicy.php
@@ -0,0 +1,72 @@
+<?php
+
+namespace App\Policies;
+
+use App\Models\User;
+use Spatie\Permission\Models\Role;
+
+class RolePolicy
+{
+    /**
+     * 查看角色列表
+     */
+    public function viewAny(User $user): bool
+    {
+        return $user->can('role.viewAny');
+    }
+
+    /**
+     * 查看角色详情
+     */
+    public function view(User $user, Role $role): bool
+    {
+        return $user->can('role.view');
+    }
+
+    /**
+     * 创建角色
+     */
+    public function create(User $user): bool
+    {
+        return $user->can('role.create');
+    }
+
+    /**
+     * 编辑角色
+     */
+    public function update(User $user, Role $role): bool
+    {
+        // super-admin 角色不能被编辑
+        if ($role->name === 'super-admin') {
+            return false;
+        }
+
+        return $user->can('role.update');
+    }
+
+    /**
+     * 删除角色
+     */
+    public function delete(User $user, Role $role): bool
+    {
+        // super-admin 角色不能被删除
+        if ($role->name === 'super-admin') {
+            return false;
+        }
+
+        // 检查是否有关联用户
+        if ($role->users()->count() > 0) {
+            return false;
+        }
+
+        return $user->can('role.delete');
+    }
+
+    /**
+     * 批量删除角色
+     */
+    public function deleteAny(User $user): bool
+    {
+        return $user->can('role.delete');
+    }
+}
diff --git a/app/Providers/AppServiceProvider.php b/app/Providers/AppServiceProvider.php
index 818cab2..d5856bf 100644
--- a/app/Providers/AppServiceProvider.php
+++ b/app/Providers/AppServiceProvider.php
@@ -35,5 +35,6 @@ class AppServiceProvider extends ServiceProvider
         Gate::policy(\App\Models\Document::class, \App\Policies\DocumentPolicy::class);
         Gate::policy(\App\Models\Terminal::class, \App\Policies\TerminalPolicy::class);
         Gate::policy(SopTemplate::class, SopTemplatePolicy::class);
+        Gate::policy(\Spatie\Permission\Models\Role::class, \App\Policies\RolePolicy::class);
     }
 }