Update

server/src/main/java/io/flexwork/modules/usermanagement/domain/User.java

@@ -10,10 +10,8 @@
 import java.time.LocalDateTime;
 import java.time.ZoneId;
 import java.time.ZoneOffset;
-import java.util.HashSet;
 import java.util.Set;
 import lombok.*;
-import org.hibernate.annotations.BatchSize;
 
 /** A user. */
 @Entity
@@ -115,16 +113,12 @@ public class User extends AbstractAuditingEntity<Long> implements Serializable {
     @Column(name = "last_login_time")
     private LocalDateTime lastLoginTime;
 
-    @JsonIgnore
     @ManyToMany
     @JoinTable(
             name = "fw_user_authority",
-            joinColumns = {@JoinColumn(name = "user_id", referencedColumnName = "id")},
-            inverseJoinColumns = {
-                @JoinColumn(name = "authority_name", referencedColumnName = "name")
-            })
-    @BatchSize(size = 20)
-    private Set<Authority> authorities = new HashSet<>();
+            joinColumns = @JoinColumn(name = "user_id"),
+            inverseJoinColumns = @JoinColumn(name = "authority_name"))
+    private Set<Authority> authorities;
 
     public LocalDateTime getLastLoginTime() {
         if (lastLoginTime == null) return null;

server/src/main/java/io/flexwork/modules/usermanagement/repository/UserRepository.java

@@ -47,4 +47,14 @@ List<User> findAllByActivatedIsFalseAndActivationKeyIsNotNullAndCreatedDateBefor
 
     @Query("SELECT u FROM User u JOIN u.authorities a WHERE a.name = :authorityName")
     List<User> findAllUsersByAuthority(@Param("authorityName") String authorityName);
+
+    @Query(
+            "SELECT u FROM User u "
+                    + "WHERE (LOWER(u.email) LIKE LOWER(CONCAT('%', :searchTerm, '%')) "
+                    + "OR LOWER(CONCAT(u.firstName, ' ', u.lastName)) LIKE LOWER(CONCAT('%', :searchTerm, '%'))) "
+                    + "AND :authorityName NOT IN (SELECT a.name FROM u.authorities a)")
+    List<User> findUsersNotInAuthority(
+            @Param("searchTerm") String searchTerm,
+            @Param("authorityName") String authorityName,
+            Pageable pageable);
 }

server/src/main/java/io/flexwork/modules/usermanagement/service/UserService.java

@@ -354,9 +354,38 @@ public List<String> getAuthorities() {
         return authorityRepository.findAll().stream().map(Authority::getName).toList();
     }
 
+    @Transactional(readOnly = true)
     public List<UserDTO> findAllUsersByAuthority(String authorityName) {
         return userRepository.findAllUsersByAuthority(authorityName).stream()
                 .map(userMapper::toDto)
                 .collect(Collectors.toList());
     }
+
+    @Transactional(readOnly = true)
+    public List<UserDTO> findUsersNotInAuthority(
+            String searchTerm, String authorityName, Pageable pageable) {
+        return userMapper.toDtos(
+                userRepository.findUsersNotInAuthority(searchTerm, authorityName, pageable));
+    }
+
+    @Transactional
+    public void addUsersToAuthority(List<Long> userIds, String authorityName) {
+        // Fetch the authority entity
+        Authority authority =
+                authorityRepository
+                        .findById(authorityName)
+                        .orElseThrow(
+                                () ->
+                                        new IllegalArgumentException(
+                                                "Authority not found: " + authorityName));
+
+        // Fetch the users and associate them with the authority
+        List<User> users = userRepository.findAllById(userIds);
+        for (User user : users) {
+            user.getAuthorities().add(authority);
+        }
+
+        // Save all updated users
+        userRepository.saveAll(users);
+    }
 }

server/src/main/java/io/flexwork/modules/usermanagement/service/mapper/UserMapper.java

@@ -2,6 +2,7 @@
 
 import io.flexwork.modules.usermanagement.domain.User;
 import io.flexwork.modules.usermanagement.service.dto.UserDTO;
+import java.util.List;
 import org.mapstruct.Mapper;
 
 @Mapper(componentModel = "spring")
@@ -10,4 +11,6 @@ public interface UserMapper {
     UserDTO toDto(User user);
 
     User toEntity(UserDTO userDTO);
+
+    List<UserDTO> toDtos(List<User> users);
 }

server/src/main/java/io/flexwork/modules/usermanagement/web/rest/AuthorityController.java

@@ -2,9 +2,11 @@
 
 import io.flexwork.modules.usermanagement.domain.Authority;
 import io.flexwork.modules.usermanagement.repository.AuthorityRepository;
+import io.flexwork.modules.usermanagement.service.UserService;
 import jakarta.validation.Valid;
 import java.net.URI;
 import java.net.URISyntaxException;
+import java.util.List;
 import java.util.Optional;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -32,8 +34,11 @@ public class AuthorityController {
 
     private final AuthorityRepository authorityRepository;
 
-    public AuthorityController(AuthorityRepository authorityRepository) {
+    private final UserService userService;
+
+    public AuthorityController(AuthorityRepository authorityRepository, UserService userService) {
         this.authorityRepository = authorityRepository;
+        this.userService = userService;
     }
 
     /**
@@ -74,7 +79,7 @@ public Page<Authority> getAllAuthorities(Pageable pageable) {
     /**
      * {@code GET /authorities/:id} : get the "id" authority.
      *
-     * @param id the id of the authority to retrieve.
+     * @param name the id of the authority to retrieve.
      * @return the {@link ResponseEntity} with status {@code 200 (OK)} and with body the authority,
      *     or with status {@code 404 (Not Found)}.
      */
@@ -101,4 +106,11 @@ public ResponseEntity<Void> deleteAuthority(@PathVariable("id") String id) {
                                 applicationName, true, ENTITY_NAME, id))
                 .build();
     }
+
+    @PostMapping("/{authorityName}/add-users")
+    public ResponseEntity<Void> addUsersToAuthority(
+            @PathVariable String authorityName, @RequestBody List<Long> userIds) {
+        userService.addUsersToAuthority(userIds, authorityName);
+        return ResponseEntity.ok().build();
+    }
 }

server/src/main/java/io/flexwork/modules/usermanagement/web/rest/PublicUserController.java

@@ -9,6 +9,7 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.data.domain.Page;
+import org.springframework.data.domain.PageRequest;
 import org.springframework.data.domain.Pageable;
 import org.springframework.data.domain.Sort;
 import org.springframework.http.HttpHeaders;
@@ -19,6 +20,7 @@
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
 import tech.jhipster.web.util.PaginationUtil;
@@ -77,6 +79,16 @@ public ResponseEntity<List<UserDTO>> getUsersByAuthority(@PathVariable String au
         return ResponseEntity.ok(users);
     }
 
+    @GetMapping("/authorities/searchUsersNotInAuthority")
+    public ResponseEntity<List<UserDTO>> findUsersNotInAuthority(
+            @RequestParam("userTerm") String searchTerm,
+            @RequestParam("authorityName") String authorityName) {
+        PageRequest pageRequest = PageRequest.of(0, 20); // Limit to 20 results
+        List<UserDTO> users =
+                userService.findUsersNotInAuthority(searchTerm, authorityName, pageRequest);
+        return ResponseEntity.ok(users);
+    }
+
     private boolean onlyContainsAllowedProperties(Pageable pageable) {
         return pageable.getSort().stream()
                 .map(Sort.Order::getProperty)

tools/liquibase/src/main/resources/config/liquibase/tenant/changelog/00000000000000_initial_schema.xml

@@ -208,14 +208,15 @@
 
 	<changeSet author="flexapp"
 		id="00000000000000:03-insert-default-authority-data" context="!test">
-		<loadData file="config/liquibase/tenant/data/authority.csv"
-			separator=";" tableName="fw_authority" usePreparedStatements="true">
+		<loadData
+			file="config/liquibase/tenant/data/fw_authority.csv" separator=";"
+			tableName="fw_authority" usePreparedStatements="true">
 			<column name="name" type="string" />
 		</loadData>
 	</changeSet>
 	<changeSet author="flexapp"
 		id="00000000000000:04-insert-default-user-data" context="!test">
-		<loadData file="config/liquibase/tenant/data/user.csv"
+		<loadData file="config/liquibase/tenant/data/fw_user.csv"
 			separator=";" tableName="fw_user" usePreparedStatements="true">
 			<column name="id" type="NUMERIC" />
 			<column name="password_hash" type="STRING" />
@@ -247,8 +248,9 @@
 		id="00000000000000:05-insert-default-user-authority-data"
 		context="!test">
 		<loadData
-			file="config/liquibase/tenant/data/user_authority.csv" separator=";"
-			tableName="fw_user_authority" usePreparedStatements="true">
+			file="config/liquibase/tenant/data/fw_user_authority.csv"
+			separator=";" tableName="fw_user_authority"
+			usePreparedStatements="true">
 			<column name="user_id" type="numeric" />
 		</loadData>
 		<loadData
@@ -287,7 +289,7 @@
 	</changeSet>
 	<changeSet author="flexapp"
 		id="00000000000000:08-insert-default-fw-resource" context="!test">
-		<loadData file="config/liquibase/tenant/data/resource.csv"
+		<loadData file="config/liquibase/tenant/data/fw_resource.csv"
 			separator=";" tableName="fw_resource" usePreparedStatements="true">
 			<column name="name" type="STRING" />
 			<column name="description" type="STRING" />
@@ -297,7 +299,7 @@
 		id="00000000000000:09-insert-default-fw-authority-resource-permission"
 		context="!test">
 		<loadData
-			file="config/liquibase/tenant/data/authority_resource_permission.csv"
+			file="config/liquibase/tenant/data/fw_authority_resource_permission.csv"
 			separator=";" tableName="fw_authority_resource_permission"
 			usePreparedStatements="true" />
 	</changeSet>