test adapter

2025-10-06 22:51:14 -03:00 · 2025-10-06 22:51:14 -03:00 · b21283f295
commit b21283f295
521 changed files with 41292 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,36 @@
+# ---> Maven
+target/
+pom.xml.tag
+pom.xml.releaseBackup
+pom.xml.versionsBackup
+pom.xml.next
+release.properties
+dependency-reduced-pom.xml
+buildNumber.properties
+.mvn/timing.properties
+# https://github.com/takari/maven-wrapper#usage-without-binary-jar
+.mvn/wrapper/maven-wrapper.jar
+
+# Eclipse m2e generated files
+# Eclipse Core
+.project
+# JDT-specific (Eclipse Java Development Tools)
+.classpath
+
+### IntelliJ IDEA ###
+.idea
+*.iws
+*.iml
+*.ipr
+
+# ---> NetBeans
+**/nbproject/private/
+**/nbproject/Makefile-*.mk
+**/nbproject/Package-*.bash
+nb-configuration.xml
+
+build/
+nbbuild/
+dist/
+nbdist/
+.nb-gradle/
--- a/README.md
+++ b/README.md
@ -0,0 +1,2 @@
+# iqr-server-gen
+
--- a/nbactions.xml
+++ b/nbactions.xml
@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<actions>
+        <action>
+            <actionName>run</actionName>
+            <packagings>
+                <packaging>jar</packaging>
+            </packagings>
+            <goals>
+                <goal>process-classes</goal>
+                <goal>org.codehaus.mojo:exec-maven-plugin:3.1.0:exec</goal>
+            </goals>
+            <properties>
+                <exec.vmArgs></exec.vmArgs>
+                <exec.args>${exec.vmArgs} -classpath %classpath ${exec.mainClass} ${exec.appArgs}</exec.args>
+                <exec.appArgs></exec.appArgs>
+                <exec.mainClass>io.kumare.iqr.IqrApplication</exec.mainClass>
+                <exec.executable>java</exec.executable>
+            </properties>
+        </action>
+        <action>
+            <actionName>debug</actionName>
+            <packagings>
+                <packaging>jar</packaging>
+            </packagings>
+            <goals>
+                <goal>process-classes</goal>
+                <goal>org.codehaus.mojo:exec-maven-plugin:3.1.0:exec</goal>
+            </goals>
+            <properties>
+                <exec.vmArgs>-agentlib:jdwp=transport=dt_socket,server=n,address=${jpda.address}</exec.vmArgs>
+                <exec.args>${exec.vmArgs} -classpath %classpath ${exec.mainClass} ${exec.appArgs}</exec.args>
+                <exec.appArgs></exec.appArgs>
+                <exec.mainClass>io.kumare.iqr.IqrApplication</exec.mainClass>
+                <exec.executable>java</exec.executable>
+                <jpda.listen>true</jpda.listen>
+            </properties>
+        </action>
+        <action>
+            <actionName>profile</actionName>
+            <packagings>
+                <packaging>jar</packaging>
+            </packagings>
+            <goals>
+                <goal>process-classes</goal>
+                <goal>org.codehaus.mojo:exec-maven-plugin:3.1.0:exec</goal>
+            </goals>
+            <properties>
+                <exec.vmArgs></exec.vmArgs>
+                <exec.args>${exec.vmArgs} -classpath %classpath ${exec.mainClass} ${exec.appArgs}</exec.args>
+                <exec.mainClass>io.kumare.iqr.IqrApplication</exec.mainClass>
+                <exec.executable>java</exec.executable>
+                <exec.appArgs></exec.appArgs>
+            </properties>
+        </action>
+    </actions>
--- a/pom.xml
+++ b/pom.xml
@ -0,0 +1,161 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+  
+    <parent>
+        <groupId>org.springframework.boot</groupId>
+        <artifactId>spring-boot-starter-parent</artifactId>
+        <version>3.5.0</version>
+        <relativePath/> <!-- lookup parent from repository -->
+    </parent>
+  
+    <!-- ## ARTIFACT ## -->
+    <groupId>io.kumare.time</groupId>
+    <artifactId>time-server</artifactId>
+    <version>0.0.1-SNAPSHOT</version>
+    <name>Kumare Time Server</name>
+    <description>time</description>
+	
+    <url/>
+    <licenses>
+        <license/>
+    </licenses>
+	
+    <developers>
+        <developer/>
+    </developers>
+	
+    <scm>
+        <connection/>
+        <developerConnection/>
+        <tag/>
+        <url/>
+    </scm>
+	
+    <!-- ## PROPERTIES ## -->
+    <properties>
+        <java.version>22</java.version>
+    </properties>
+
+    <!-- ## DEPENDENCIES ## -->
+    <dependencies>
+        <!-- base -->
+        <dependency>
+            <groupId>io.kumare</groupId>
+            <artifactId>kumare-base-server-spring</artifactId>
+            <version>0.0.1-SNAPSHOT</version>
+        </dependency>
+        <!-- oauth -->
+        <dependency>
+            <groupId>io.kumare</groupId>
+            <artifactId>kumare-adapter-spring-oauthlib</artifactId>
+            <version>0.0.1-SNAPSHOT</version>
+        </dependency>
+        <!-- visma -->
+        <dependency>
+            <groupId>io.kumare</groupId>
+            <artifactId>kumare-adapter-spring-visma-time</artifactId>
+            <version>0.0.1-SNAPSHOT</version>
+        </dependency>
+
+        <dependency>
+            <groupId>com.fasterxml.jackson.datatype</groupId>
+            <artifactId>jackson-datatype-hibernate6</artifactId>
+        </dependency>
+
+        <!-- security -->    
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-core</artifactId>
+        </dependency>
+
+        <!-- web -->
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+
+        <!-- jpa -->
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-data-jpa</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.postgresql</groupId>
+            <artifactId>postgresql</artifactId>
+            <scope>runtime</scope>
+        </dependency>
+
+        <!-- security -->
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+    
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-oauth2-client</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
+        </dependency>
+
+        <!-- https://mvnrepository.com/artifact/com.google.code.gson/gson -->
+        <dependency>
+            <groupId>com.google.code.gson</groupId>
+            <artifactId>gson</artifactId>
+        </dependency>
+
+        <!-- swagger -->
+        <dependency>
+            <groupId>org.springdoc</groupId>
+            <artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
+            <version>2.8.13</version>
+        </dependency>
+
+        <!-- test -->
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-test</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-devtools</artifactId>
+            <scope>runtime</scope>
+            <optional>true</optional>
+        </dependency>
+    </dependencies>
+
+    <!-- ## PLUGINS ## -->
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.springframework.boot</groupId>
+                <artifactId>spring-boot-maven-plugin</artifactId>
+            </plugin>
+        </plugins>
+    </build>
+
+    <!--
+  <repositories>
+  <repository>
+    <id>gitea</id>
+    <url>https://gitea.example.com/api/packages/{owner}/maven</url>
+  </repository>
+  </repositories>
+  <distributionManagement>
+  <repository>
+    <id>gitea</id>
+    <url>https://gitea.example.com/api/packages/{owner}/maven</url>
+  </repository>
+  <snapshotRepository>
+    <id>gitea</id>
+    <url>https://gitea.example.com/api/packages/{owner}/maven</url>
+  </snapshotRepository>
+  </distributionManagement>
+    -->
+
+</project>
--- a/src/main/java/io/kumare/iqr/IqrApplication.java
+++ b/src/main/java/io/kumare/iqr/IqrApplication.java
@ -0,0 +1,32 @@
+/*
+ *
+ */
+package io.kumare.iqr;
+
+// spring
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.data.web.config.EnableSpringDataWebSupport;
+// app
+import io.kumare.iqr.app.App;
+
+/**
+ *
+ * @author afatecha
+ */
+@SpringBootApplication(scanBasePackages = {"io.kumare"})
+@EnableSpringDataWebSupport(pageSerializationMode = EnableSpringDataWebSupport.PageSerializationMode.VIA_DTO)
+public class IqrApplication {
+
+  // ::: cons
+  //
+  public static void main(String[] args) {
+
+    var innerContext = SpringApplication.run(IqrApplication.class, args);
+
+    // app
+    App.getEngine().getBase().setInnerContext(innerContext);
+    App.init();
+  }
+
+}
--- a/src/main/java/io/kumare/iqr/app/App.java
+++ b/src/main/java/io/kumare/iqr/app/App.java
@ -0,0 +1,48 @@
+/*
+ *
+ */
+package io.kumare.iqr.app;
+
+// base
+import io.kumare.lib.app.api.module.ServiceModuleController;
+// app
+import io.kumare.iqr.app.adapter.AppAdapters;
+import io.kumare.iqr.app.module.AppModules;
+
+/**
+ *
+ * @author afatecha
+ */
+public class App {
+
+  // ::: constants
+  //
+  private static final AppModules modules = new AppModules();
+  private static final AppAdapters adapters = new AppAdapters();
+  //
+  private static boolean initialized = false;
+
+  public static void init() {
+    if (!initialized) {
+      modules.init();
+      //adapters.init();
+      initialized = true;
+    }
+  }
+
+  public static AppEngine getEngine() {
+    return AppEngine.getEngine();
+  }
+
+  public static AppModules getModules() {
+    return modules;
+  }
+
+  public static AppAdapters getAdapters() {
+    return adapters;
+  }
+
+  public static ServiceModuleController getController(String name) {
+    return getModules().getController(name);
+  }
+}
--- a/src/main/java/io/kumare/iqr/app/AppConstants.java
+++ b/src/main/java/io/kumare/iqr/app/AppConstants.java
@ -0,0 +1,21 @@
+/*
+ *
+ */
+package io.kumare.iqr.app;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AppConstants {
+  
+  // ::: modules
+  //
+  public static final int AUTHENTICATION_CODE = 1;
+  public static final int TAXONOMY_CODE = 2;
+  public static final int POCKET_CODE = 3;
+  public static final int BIZ_CODE = 4;
+  public static final int CLIENTELE_CODE = 5;
+  public static final int LOYALTY_CODE = 6;  
+  
+}
--- a/src/main/java/io/kumare/iqr/app/AppContext.java
+++ b/src/main/java/io/kumare/iqr/app/AppContext.java
@ -0,0 +1,77 @@
+/*
+ *
+ */
+package io.kumare.iqr.app;
+
+// base
+import io.kumare.lib.app.api.module.ServiceModuleController;
+import io.kumare.lib.app.api.security.PermissionReference;
+import io.kumare.lib.base.server.spring.BaseContext;
+// app
+import io.kumare.iqr.app.adapter.AppAdapters;
+import io.kumare.iqr.app.module.AppModules;
+import io.kumare.iqr.app.security.AppSecurityContext;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AppContext extends BaseContext {
+  
+  // ::: cons
+  //
+  private final AppSecurityContext security = new AppSecurityContext(this);
+
+  // ::: vars
+  //
+  
+  // ::: fields
+  //
+  @Override
+  public AppEngine getEngine() {
+    return AppEngine.getEngine();
+  }
+  
+  // ::: adapters
+  //
+  @Override 
+  public AppAdapters getAdapters() {
+    return App.getAdapters();
+  }
+  
+  // ::: modules
+  //
+  @Override
+  public AppModules getModules() {
+    return App.getModules();
+  }
+  
+  @Override
+  public ServiceModuleController getController(String name) {
+    return App.getController(name);
+  }
+
+  // ::: security
+  //
+  @Override
+  public AppSecurityContext getSecurity() {
+    return security;
+  }
+  
+  @Override
+  public void ensureAuthorization(PermissionReference ref) {
+    /*
+    var attached = isAttached("authorized");
+    if(attached && (Boolean) get("authorized")) {
+      return;
+    }
+    
+    var controller = AppModules.auth.getController();
+    var allowed = controller.isAllowed(this, ref);
+    V.ifFalse(allowed, ref.getError());
+    attach("authorized", true);*/
+  }
+
+}
+
+
--- a/src/main/java/io/kumare/iqr/app/AppEngine.java
+++ b/src/main/java/io/kumare/iqr/app/AppEngine.java
@ -0,0 +1,64 @@
+/*
+ *
+ */
+package io.kumare.iqr.app;
+
+// base
+import io.kumare.lib.app.api.Engine;
+import io.kumare.lib.base.server.spring.BaseEngine;
+import org.springframework.context.ConfigurableApplicationContext;
+// app
+import io.kumare.iqr.app.action.AppActionManager;
+import io.kumare.iqr.app.security.AppPermissionManager;
+
+/**
+ * wrapper of BaseEngine
+ *
+ * @author afatecha
+ */
+public class AppEngine implements Engine {
+
+  // cons
+  //
+  private static final AppEngine engine = new AppEngine();
+
+  // ::: constructors
+  //
+  private AppEngine() {
+  }
+
+  // ::: api
+  //
+  public static AppEngine getEngine() {
+    return engine;
+  }
+
+  // ::: api
+  //
+  @Override
+  public BaseEngine getBase() {
+    return BaseEngine.getEngine();
+  }
+
+  @Override
+  public ConfigurableApplicationContext getInnerContext() {
+    return (ConfigurableApplicationContext) getBase().getInnerContext();
+  }
+
+  @Override
+  public AppContext newContext() {
+    return new AppContext();
+  }
+  
+  @Override
+  public AppActionManager getActionManager() {
+    return new AppActionManager();
+  }
+  
+  @Override
+  public AppPermissionManager getPermissionManager() {
+    return new AppPermissionManager();
+  }
+}
+
+
--- a/src/main/java/io/kumare/iqr/app/AppErrors.java
+++ b/src/main/java/io/kumare/iqr/app/AppErrors.java
@ -0,0 +1,69 @@
+/*
+ *
+ */
+package io.kumare.iqr.app;
+
+// java
+import java.util.Map;
+import java.util.HashMap;
+// lib
+import io.kumare.lib.transport.TransportCode;
+import static io.kumare.lib.transport.Transports.code;
+import io.kumare.lib.v.ExceptionPrototype;
+// app
+import io.kumare.iqr.app.endpoint.AppTransports;
+
+/**
+ *
+ * @author afatecha
+ */
+public enum AppErrors implements ExceptionPrototype {
+
+  action_arg_notfound(1, code(AppTransports.http, 500)),
+  action_unauthorized(2, code(AppTransports.http, 500));
+
+  // ::: vars
+  //
+  private final Map transportCodes = new HashMap();
+  private final int code;
+
+  // ::: constructors
+  //
+  AppErrors(int code, TransportCode... codes) {
+    this.code = code;
+    if (codes != null) {
+      for (var i : codes) {
+        if (i != null) {
+          transportCodes.put(i.getId(), i.getCode());
+        }
+      }
+    }
+  }
+
+  // ::: prototype api
+  //
+  @Override
+  public int getCode() {
+    return code;
+  }
+
+  @Override
+  public String getName() {
+    return name();
+  }
+
+  @Override
+  public Map getTransportCodes() {
+    return transportCodes;
+  }
+
+  @Override
+  public RuntimeException newInstance(String msg, Throwable cause, Map extra) {
+    var ex = new AppException(this, msg, cause);
+    ex.setExtra(extra);
+    return ex;
+  }
+
+}
+
+
--- a/src/main/java/io/kumare/iqr/app/AppException.java
+++ b/src/main/java/io/kumare/iqr/app/AppException.java
@ -0,0 +1,132 @@
+/*
+ *
+ */
+package io.kumare.iqr.app;
+
+// java
+import java.util.HashMap;
+import java.util.Map;
+// lib
+import io.kumare.lib.v.ExceptionInterface;
+import io.kumare.lib.v.ExceptionPrototype;
+// app
+import io.kumare.iqr.app.endpoint.AppTransports;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AppException extends RuntimeException implements ExceptionInterface {
+
+  // ::: vars
+  //
+  private int code = 1;
+  private String name = "unknown";
+  private final Map<AppTransports, Object> transportCodes = new HashMap<>();
+  private Map<String, Object> extra;
+
+  // ::: constructors
+  //
+  public AppException() {
+  }
+
+  public AppException(Throwable cause) {
+    this(null, null, cause);
+  }
+
+  public AppException(ExceptionPrototype proto, String msg) {
+    this(proto, msg, null);
+  }
+
+  public AppException(ExceptionPrototype proto, String msg, Throwable cause) {
+    super(msg);
+    
+    if (proto != null) {
+      this.code = proto.getCode();
+      this.name = proto.getName();
+      this.addTransportCodes(proto.getTransportCodes());
+    }
+
+    if (cause != null) {
+      initCause(cause);
+    }
+  }
+
+  public AppException(int code, String name) {
+    this(code, name, null);
+  }
+
+  public AppException(int code, String name, String msg) {
+    this(code, name, msg, null);
+  }
+
+  public AppException(int code, String name, String msg, Throwable cause) {
+    super(msg);
+
+    if (code > 0) {
+      this.code = code;
+    }
+
+    if (name != null) {
+      this.name = name;
+    }
+
+    if (cause != null) {
+      initCause(cause);
+    }
+
+  }
+
+  // ::: fields
+  //
+  @Override
+  public int getCode() {
+    return code;
+  }
+
+  @Override
+  public String getName() {
+    return name;
+  }
+
+  @Override
+  public Object getTransportCode(String transportName) {
+    return getTransportCode(AppTransports.valueOf(transportName));
+  }
+
+  @Override
+  public Object getTransportCode(Enum transportId) {
+    return getTransportCode(AppTransports.valueOf(transportId.name()));
+  }
+
+  public Object getTransportCode(AppTransports transportId) {
+    return transportCodes.get(transportId);
+  }
+
+  public void setTransportCode(AppTransports transportId, Object code) {
+    transportCodes.put(transportId, code);
+  }
+
+  @Override
+  public Map getTransportCodes() {
+    return transportCodes;
+  }
+
+  public final void addTransportCodes(Map<AppTransports, Object> map) {
+    if (map != null) {
+      this.transportCodes.putAll(map);
+    }
+  }
+
+  @Override
+  public Map getExtra() {
+    return extra;
+  }
+
+  public void setExtra(Map<String, Object> extra) {
+    this.extra = extra;
+  }
+
+}
+
+
--- a/src/main/java/io/kumare/iqr/app/action/AppAction.java
+++ b/src/main/java/io/kumare/iqr/app/action/AppAction.java
@ -0,0 +1,36 @@
+/*
+ *
+ */
+package io.kumare.iqr.app.action;
+
+// base
+import io.kumare.lib.base.server.spring.action.BaseAction;
+// app
+import io.kumare.iqr.app.AppContext;
+
+/**
+ *
+ * @author afatecha
+ * @param <I>
+ * @param <O>
+ */
+public abstract class AppAction<I, O> extends BaseAction<AppContext, I, O, AppActionError> {
+
+
+  // ::: cons
+  //
+  
+  // ::: vars
+  //
+  
+  // ::: fields
+  //
+  
+  
+  
+  // ::: api
+  //
+  
+  // ::: internals
+  //
+}
--- a/src/main/java/io/kumare/iqr/app/action/AppActionArgument.java
+++ b/src/main/java/io/kumare/iqr/app/action/AppActionArgument.java
@ -0,0 +1,40 @@
+/*
+ *
+ */
+package io.kumare.iqr.app.action;
+
+// java
+import java.io.Serializable;
+import java.util.Map;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AppActionArgument implements Serializable {
+
+
+  // ::: vars
+  //
+  private Map<String, Object> context;
+  private Map<String, Object> params;
+
+  // ::: fields
+  //
+  public Map<String, Object> getContext() {
+    return context;
+  }
+
+  public void setContext(Map<String, Object> context) {
+    this.context = context;
+  }
+
+  public Map<String, Object> getParams() {
+    return params;
+  }
+
+  public void setParams(Map<String, Object> params) {
+    this.params = params;
+  }
+
+}
--- a/src/main/java/io/kumare/iqr/app/action/AppActionError.java
+++ b/src/main/java/io/kumare/iqr/app/action/AppActionError.java
@ -0,0 +1,12 @@
+/*
+ *
+ */
+package io.kumare.iqr.app.action;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AppActionError {
+  
+}
--- a/src/main/java/io/kumare/iqr/app/action/AppActionManager.java
+++ b/src/main/java/io/kumare/iqr/app/action/AppActionManager.java
@ -0,0 +1,15 @@
+/*
+ * 
+ */
+package io.kumare.iqr.app.action;
+
+// base
+import io.kumare.lib.base.server.spring.action.BaseActionManager;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AppActionManager extends BaseActionManager {
+  
+}
--- a/src/main/java/io/kumare/iqr/app/action/AppActionResult.java
+++ b/src/main/java/io/kumare/iqr/app/action/AppActionResult.java
@ -0,0 +1,15 @@
+/*
+ *
+ */
+package io.kumare.iqr.app.action;
+
+// java
+import java.io.Serializable;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AppActionResult implements Serializable {
+  
+}
--- a/src/main/java/io/kumare/iqr/app/action/AppEntityActionArgument.java
+++ b/src/main/java/io/kumare/iqr/app/action/AppEntityActionArgument.java
@ -0,0 +1,46 @@
+/*
+ *
+ */
+package io.kumare.iqr.app.action;
+
+// base
+import io.kumare.lib.app.api.store.Entity;
+
+/**
+ *
+ * @author afatecha
+ * @param <E>
+ */
+public class AppEntityActionArgument<E extends Entity> extends AppActionArgument {
+
+  // ::: vars
+  //
+  private E entity;
+
+  // ::: constructors
+  //
+  public AppEntityActionArgument() {
+  }
+  
+  public AppEntityActionArgument(E entity) {
+    this.entity = entity;
+  }
+
+  // ::: fields
+  //
+  public E getEntity() {
+    return entity;
+  }
+
+  public void setEntity(E entity) {
+    this.entity = entity;
+  }
+  
+  // ::: fluents
+  //
+  public AppEntityActionArgument<E> entity(E entity) {
+    setEntity(entity);
+    return this;
+  }
+
+}
--- a/src/main/java/io/kumare/iqr/app/action/AppEntityActionResult.java
+++ b/src/main/java/io/kumare/iqr/app/action/AppEntityActionResult.java
@ -0,0 +1,30 @@
+/*
+ *
+ */
+package io.kumare.iqr.app.action;
+
+// base
+import io.kumare.lib.app.api.store.Entity;
+
+/**
+ *
+ * @author afatecha
+ * @param <E>
+ */
+public class AppEntityActionResult<E extends Entity> extends AppActionResult {
+
+  // ::: vars
+  //
+  private E entity;
+
+  // ::: fields
+  //
+  public E getEntity() {
+    return entity;
+  }
+
+  public void setEntity(E entity) {
+    this.entity = entity;
+  }
+
+}
--- a/src/main/java/io/kumare/iqr/app/action/AppListActionArgument.java
+++ b/src/main/java/io/kumare/iqr/app/action/AppListActionArgument.java
@ -0,0 +1,85 @@
+/*
+ *
+ */
+package io.kumare.iqr.app.action;
+
+// base
+import io.kumare.lib.app.api.store.Entity;
+
+/**
+ *
+ * @author afatecha
+ * @param <E>
+ */
+public class AppListActionArgument<E extends Entity> extends AppEntityActionArgument<E> {
+
+  // ::: vars
+  //
+  private boolean wrapped = false;
+  private boolean pageable = false;
+  private int pageNumber = 0;
+  private int pageSize = 0;
+  private String sort;
+  private String query;
+
+  // ::: constructor
+  //
+  public AppListActionArgument() {
+  }
+
+  public AppListActionArgument(E entity) {
+    super(entity);
+  }
+
+  // ::: fields
+  //
+  public boolean isWrapped() {
+    return wrapped;
+  }
+
+  public void setWrapped(boolean wrapped) {
+    this.wrapped = wrapped;
+  }
+
+  public boolean isPageable() {
+    return pageable;
+  }
+
+  public void setPageable(boolean pageable) {
+    this.pageable = pageable;
+  }
+
+  public int getPageNumber() {
+    return pageNumber;
+  }
+
+  public void setPageNumber(int pageNumber) {
+    this.pageNumber = pageNumber;
+  }
+
+  public int getPageSize() {
+    return pageSize;
+  }
+
+  public void setPageSize(int pageSize) {
+    this.pageSize = pageSize;
+  }
+
+  public String getSort() {
+    return sort;
+  }
+
+  public void setSort(String sort) {
+    this.sort = sort;
+  }
+
+  public String getQuery() {
+    return query;
+  }
+
+  public void setQuery(String query) {
+    this.query = query;
+  }
+
+
+}
--- a/src/main/java/io/kumare/iqr/app/adapter/AppAdapters.java
+++ b/src/main/java/io/kumare/iqr/app/adapter/AppAdapters.java
@ -0,0 +1,27 @@
+/*
+ *
+ */
+package io.kumare.iqr.app.adapter;
+
+// base
+import io.kumare.adapter.spring.vismatime.VismaTimeAdapter;
+import io.kumare.lib.base.server.spring.adapter.BaseAdapters;
+import io.kumare.oauthlib.server.app.adapter.oauth.OauthAdapter;
+// app
+
+/**
+ *
+ * @author afatecha
+ */
+public class AppAdapters extends BaseAdapters {
+
+  // ::: adapters
+  //
+  public OauthAdapter getOauth() {
+    return getContext().getBean(OauthAdapter.class);
+  }
+
+  public VismaTimeAdapter getVisma() {
+    return getContext().getBean(VismaTimeAdapter.class);
+  }
+}
--- a/src/main/java/io/kumare/iqr/app/endpoint/AppTransports.java
+++ b/src/main/java/io/kumare/iqr/app/endpoint/AppTransports.java
@ -0,0 +1,14 @@
+/*
+ *
+ */
+package io.kumare.iqr.app.endpoint;
+
+/**
+ *
+ * @author afatecha
+ */
+public enum AppTransports {
+  
+  http
+  
+}
--- a/src/main/java/io/kumare/iqr/app/endpoint/rest/AppEndpointRest.java
+++ b/src/main/java/io/kumare/iqr/app/endpoint/rest/AppEndpointRest.java
@ -0,0 +1,28 @@
+/*
+ * 
+ */
+package io.kumare.iqr.app.endpoint.rest;
+
+// base
+import io.kumare.lib.app.api.action.ActionManager;
+import io.kumare.lib.base.server.spring.endpoint.rest.BaseEndpointRest;
+// app
+import io.kumare.iqr.app.AppContext;
+import io.kumare.iqr.app.AppEngine;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AppEndpointRest extends BaseEndpointRest {
+
+  @Override
+  protected ActionManager getActionManager() {
+    return AppEngine.getEngine().getActionManager();
+  }
+
+  @Override
+  protected AppContext newContext() {
+    return AppEngine.getEngine().newContext();
+  }
+}
--- a/src/main/java/io/kumare/iqr/app/endpoint/rest/AppOpenAPIConfiguration.java
+++ b/src/main/java/io/kumare/iqr/app/endpoint/rest/AppOpenAPIConfiguration.java
@ -0,0 +1,31 @@
+/*
+ *
+ */
+package io.kumare.iqr.app.endpoint.rest;
+
+// openapi
+import io.swagger.v3.oas.models.OpenAPI;
+import io.swagger.v3.oas.models.info.Contact;
+import io.swagger.v3.oas.models.info.Info;
+// spring
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ *
+ * @author afatecha
+ */
+@Configuration
+public class AppOpenAPIConfiguration {
+
+  @Bean
+  public OpenAPI customOpenAPI() {
+    return new OpenAPI().info(
+      new Info()
+        .title("iqr")
+        .version("1.0")
+        .description("iqr project")
+        .contact(new Contact().name("Catatrepa").email("soporte@catatrepa.com"))
+    );
+  }
+}
--- a/src/main/java/io/kumare/iqr/app/endpoint/rest/WebSecurityConfig.java
+++ b/src/main/java/io/kumare/iqr/app/endpoint/rest/WebSecurityConfig.java
@ -0,0 +1,122 @@
+/*
+ */
+package io.kumare.iqr.app.endpoint.rest;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+
+import java.util.Arrays;
+
+/**
+ * @author aservin
+ */
+@Configuration
+@EnableWebSecurity
+public class WebSecurityConfig {
+
+	// ::: constants
+	//
+	//private final JwtAuthConverter jwtAuthConverter;
+
+	// ::: constructors
+	//
+  /*
+	public WebSecurityConfig(JwtAuthConverter jwtAuthConverter) {
+		this.jwtAuthConverter = jwtAuthConverter;
+	}*/
+
+	// ::: beans
+	//
+	@Bean
+	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+		// REQUESTS
+    /*http.authorizeHttpRequests(authorize -> authorize
+            // Permitir acceso al login
+            .requestMatchers(HttpMethod.POST, "/account/accounts/login/**").permitAll()
+            // Agrupar rutas con las mismas reglas de autorización
+            .requestMatchers(
+                    "/account/**",
+                    "/actor/**",
+                    "/attachment/**",
+                    "/bpmflow/**",
+                    "/authority/**",
+                    "/bpmwork/**",
+                    "/currency/**",
+                    "/instrument/**",
+                    "/issue/**",
+                    "/management/**",
+                    "/sale/**",
+                    "/title/**",
+                    "/workcase/**",
+                    "/workgroup/**",
+                    "/workflow/**"
+            ).hasAnyRole("ADMIN", "MOD")
+            // Permitir todas las rutas bajo "/procesos/" para todos los métodos
+            .requestMatchers("/procesos/**",
+                    "/location/**").permitAll()
+            // Permitir acceso a Swagger y documentación API
+            .requestMatchers(HttpMethod.GET,
+                    "/swagger-workflow-server.html",
+                    "/swagger-ui/**",
+                    "/swagger-ui.html",
+                    "/v3/api-docs/**").permitAll()
+            // Requiere autenticación para el resto de las rutas
+            .anyRequest().authenticated());*/
+
+		//http
+		//	.authorizeHttpRequests(authorize -> authorize.anyRequest().permitAll());
+    
+
+    /*
+		// OAUTH JWT CONFIGURATION
+		http.oauth2ResourceServer(oauth2ResourceServer
+			-> oauth2ResourceServer.jwt(jwt
+			-> jwt.jwtAuthenticationConverter(jwtAuthConverter)));*/
+
+		// CORS CONFIGURATION
+		var source = new UrlBasedCorsConfigurationSource();
+		var corsConfig = new CorsConfiguration();
+		corsConfig.setAllowCredentials(true);
+		corsConfig.addAllowedOriginPattern("*"); // Permitir cualquier origen
+		corsConfig.addAllowedHeader("*");
+		corsConfig.setAllowedMethods(Arrays.asList("OPTIONS", "HEAD", "GET", "PUT", "POST", "DELETE", "PATCH"));
+		source.registerCorsConfiguration("/**", corsConfig);
+
+		http.csrf(csrf -> csrf.disable()).cors(cors -> cors.configurationSource(source));
+
+		// SESSION MANAGEMENT
+    /*
+		http.sessionManagement(sessionManagement
+			-> sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS));*/
+
+		// FINAL CONFIGURATION
+		return http.getOrBuild();
+	}
+
+  /*
+  //para prueba
+  @Bean
+  public CorsFilter corsFilter() {
+    final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+    final CorsConfiguration config = new CorsConfiguration();
+    //config.setAllowCredentials(true);
+    config.setAllowCredentials(false);
+    config.addAllowedOrigin("*");
+    config.addAllowedHeader("*");
+    config.addAllowedMethod("OPTIONS");
+    config.addAllowedMethod("HEAD");
+    config.addAllowedMethod("GET");
+    config.addAllowedMethod("PUT");
+    config.addAllowedMethod("POST");
+    config.addAllowedMethod("DELETE");
+    config.addAllowedMethod("PATCH");
+    source.registerCorsConfiguration("/**", config);
+    return new CorsFilter(source);
+  }*/
+}
--- a/src/main/java/io/kumare/iqr/app/module/AppModuleController.java
+++ b/src/main/java/io/kumare/iqr/app/module/AppModuleController.java
@ -0,0 +1,16 @@
+/*
+ *
+ */
+package io.kumare.iqr.app.module;
+
+// base
+import io.kumare.lib.base.server.spring.module.BaseModuleController;
+
+/**
+ *
+ * @author afatecha
+ */
+public abstract class AppModuleController extends BaseModuleController {
+  
+  
+}
--- a/src/main/java/io/kumare/iqr/app/module/AppModules.java
+++ b/src/main/java/io/kumare/iqr/app/module/AppModules.java
@ -0,0 +1,67 @@
+/*
+ *
+ */
+package io.kumare.iqr.app.module;
+
+//  base
+import io.kumare.lib.base.server.spring.module.BaseModules;
+// app
+import io.kumare.iqr.mod.authentication.AuthenticationModule;
+import io.kumare.iqr.mod.taxonomy.TaxonomyModule;
+import io.kumare.iqr.mod.pocket.PocketModule;
+import io.kumare.iqr.mod.biz.BizModule;
+import io.kumare.iqr.mod.clientele.ClienteleModule;
+import io.kumare.iqr.mod.loyalty.LoyaltyModule;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AppModules extends BaseModules {
+
+  // ::: constants
+  //
+  public static final AuthenticationModule authentication = new AuthenticationModule();
+  public static final TaxonomyModule taxonomy = new TaxonomyModule();
+  public static final PocketModule pocket = new PocketModule();
+  public static final BizModule biz = new BizModule();
+  public static final ClienteleModule clientele = new ClienteleModule();
+  public static final LoyaltyModule loyalty = new LoyaltyModule();
+
+  // ::: modules
+  //
+  public AuthenticationModule getAuthentication() {
+    return authentication;
+  }
+  
+  public TaxonomyModule getTaxonomy() {
+    return taxonomy;
+  }
+  
+  public PocketModule getPocket() {
+    return pocket;
+  }
+  
+  public BizModule getBiz() {
+    return biz;
+  }
+  
+  public ClienteleModule getClientele() {
+    return clientele;
+  }
+  
+  public LoyaltyModule getLoyalty() {
+    return loyalty;
+  }
+
+  // ::: init
+  //
+  public void init() {
+    add(authentication);
+    add(taxonomy);
+    add(pocket);
+    add(biz);
+    add(clientele);
+    add(loyalty);
+  }
+}
--- a/src/main/java/io/kumare/iqr/app/security/AppPermissionManager.java
+++ b/src/main/java/io/kumare/iqr/app/security/AppPermissionManager.java
@ -0,0 +1,16 @@
+/*
+ *
+ */
+package io.kumare.iqr.app.security;
+
+//  base
+import io.kumare.lib.base.server.spring.security.BasePermissionManager;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AppPermissionManager extends BasePermissionManager {
+
+
+}
--- a/src/main/java/io/kumare/iqr/app/security/AppSecurityContext.java
+++ b/src/main/java/io/kumare/iqr/app/security/AppSecurityContext.java
@ -0,0 +1,23 @@
+/*
+ *
+ */
+package io.kumare.iqr.app.security;
+
+//  base
+import io.kumare.lib.base.server.spring.security.BaseSecurityContext;
+// app
+import io.kumare.iqr.app.AppContext;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AppSecurityContext extends BaseSecurityContext {
+
+  // ::: constructor
+  //
+  public AppSecurityContext(AppContext context) {
+    super(context);
+  }
+
+}
--- a/src/main/java/io/kumare/iqr/app/security/AppSecurityScopes.java
+++ b/src/main/java/io/kumare/iqr/app/security/AppSecurityScopes.java
@ -0,0 +1,57 @@
+/*
+ *
+ */
+package io.kumare.iqr.app.security;
+
+//  java
+import java.util.LinkedList;
+import java.util.List;
+
+
+/**
+ *
+ * @author afatecha
+ */
+public enum AppSecurityScopes {
+
+  system(false),
+  service(false),
+  module(false),
+  reference(true),
+  component(true);
+
+  // ::: api
+  //
+  private final boolean idRequired;
+
+  AppSecurityScopes(boolean idRequired) {
+    this.idRequired = idRequired;
+  }
+
+  public boolean isIdRequired() {
+    return idRequired;
+  }
+
+  public int level() {
+    return ordinal() + 1;
+  }
+
+  // ::: static
+  //
+  public static List<String> scopes(String referenceId, String componentId) {
+    var list = new LinkedList<String>();
+
+    list.add(system.name());
+    list.add(service.name());
+    list.add(module.name());
+
+    if (referenceId != null) {
+      list.add(reference.name() + "-" + referenceId);
+    }
+    if (componentId != null) {
+      list.add(component.name() + "-" + componentId);
+    }
+
+    return list;
+  }
+}
--- a/src/main/java/io/kumare/iqr/app/store/AppEntity.java
+++ b/src/main/java/io/kumare/iqr/app/store/AppEntity.java
@ -0,0 +1,29 @@
+/*
+ *
+ */
+package io.kumare.iqr.app.store;
+
+// java
+import jakarta.persistence.MappedSuperclass;
+// base
+import io.kumare.lib.base.server.spring.store.jpa.DefaultJpaEntity;
+
+/**
+ *
+ * @author afatecha
+ */
+@MappedSuperclass
+public class AppEntity extends DefaultJpaEntity {
+
+  // ::: constructors
+  //
+  public AppEntity() {
+    super();
+  }
+
+  public AppEntity(String id) {
+    super(id);
+  }
+
+}
+
--- a/src/main/java/io/kumare/iqr/app/store/AppEntityRepository.java
+++ b/src/main/java/io/kumare/iqr/app/store/AppEntityRepository.java
@ -0,0 +1,21 @@
+/*
+ *
+ */
+package io.kumare.iqr.app.store;
+
+// spring
+import org.springframework.data.repository.NoRepositoryBean;
+// base
+import io.kumare.lib.app.api.store.Entity;
+import io.kumare.lib.base.server.spring.store.jpa.BaseJpaEntityRepository;
+
+/**
+ *
+ * @author afatecha
+ * @param <E>
+ */
+@NoRepositoryBean
+public interface AppEntityRepository<E extends Entity> extends BaseJpaEntityRepository<String, E> {
+  
+  
+}
--- a/src/main/java/io/kumare/iqr/app/store/AppEntityStore.java
+++ b/src/main/java/io/kumare/iqr/app/store/AppEntityStore.java
@ -0,0 +1,29 @@
+/*
+ *
+ */
+package io.kumare.iqr.app.store;
+
+// base
+import io.kumare.lib.app.api.store.Entity;
+import io.kumare.lib.base.server.spring.BaseContext;
+import io.kumare.lib.base.server.spring.store.jpa.BaseJpaEntityStore;
+// app
+import io.kumare.iqr.app.util.AppUtil;
+
+/**
+ *
+ * @author afatecha
+ * @param <E>
+ */
+public abstract class AppEntityStore<E extends Entity> extends BaseJpaEntityStore<BaseContext, String, E> {
+
+  // ::: api
+  //
+  @Override
+  protected String makeEntityId(E model) {
+    return model.getId() == null ? AppUtil.randomId() : model.getId().toString();
+  }
+
+
+
+}
--- a/src/main/java/io/kumare/iqr/app/store/AppExtendedEntity.java
+++ b/src/main/java/io/kumare/iqr/app/store/AppExtendedEntity.java
@ -0,0 +1,30 @@
+/*
+ *
+ */
+package io.kumare.iqr.app.store;
+
+// java
+import java.io.Serializable;
+import jakarta.persistence.MappedSuperclass;
+// base
+import io.kumare.lib.base.server.spring.store.jpa.DefaultExtendedJpaEntity;
+
+/**
+ *
+ * @author afatecha
+ * @param <D>
+ */
+@MappedSuperclass
+public class AppExtendedEntity<D extends Serializable> extends DefaultExtendedJpaEntity<D> {
+
+  // ::: constructors
+  //
+  public AppExtendedEntity() {
+    super();
+  }
+
+  public AppExtendedEntity(String id) {
+    super(id);
+  }
+}
+
--- a/src/main/java/io/kumare/iqr/app/store/AppExtendedEntityData.java
+++ b/src/main/java/io/kumare/iqr/app/store/AppExtendedEntityData.java
@ -0,0 +1,15 @@
+/*
+ *
+ */
+package io.kumare.iqr.app.store;
+
+// java
+import java.io.Serializable;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AppExtendedEntityData implements Serializable {
+  
+}
--- a/src/main/java/io/kumare/iqr/app/store/AppJacksonConfiguration.java
+++ b/src/main/java/io/kumare/iqr/app/store/AppJacksonConfiguration.java
@ -0,0 +1,26 @@
+/*
+ *
+ */
+package io.kumare.iqr.app.store;
+
+// jackson
+import com.fasterxml.jackson.datatype.hibernate6.Hibernate6Module;
+// spring
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ *
+ */
+@Configuration
+public class AppJacksonConfiguration {
+
+  @Bean
+	public Hibernate6Module hibernate6Module() {
+
+    Hibernate6Module module = new Hibernate6Module();
+		module.enable(Hibernate6Module.Feature.SERIALIZE_IDENTIFIER_FOR_LAZY_NOT_LOADED_OBJECTS);
+		return module;
+	}
+	
+}
--- a/src/main/java/io/kumare/iqr/app/store/AppKeyEntityRepository.java
+++ b/src/main/java/io/kumare/iqr/app/store/AppKeyEntityRepository.java
@ -0,0 +1,21 @@
+/*
+ *
+ */
+package io.kumare.iqr.app.store;
+
+// spring
+import org.springframework.data.repository.NoRepositoryBean;
+// base
+import io.kumare.lib.app.api.store.Entity;
+import io.kumare.lib.base.server.spring.store.jpa.BaseJpaKeyEntityRepository;
+
+/**
+ *
+ * @author afatecha
+ * @param <E>
+ */
+@NoRepositoryBean
+public interface AppKeyEntityRepository<E extends Entity> extends BaseJpaKeyEntityRepository<String, E>{
+  
+  
+}
--- a/src/main/java/io/kumare/iqr/app/store/AppKeyEntityStore.java
+++ b/src/main/java/io/kumare/iqr/app/store/AppKeyEntityStore.java
@ -0,0 +1,29 @@
+/*
+ *
+ */
+package io.kumare.iqr.app.store;
+
+// base
+import io.kumare.lib.app.api.store.Entity;
+import io.kumare.lib.app.api.Context;
+import io.kumare.lib.base.server.spring.store.jpa.BaseJpaKeyEntityStore;
+// app
+import io.kumare.iqr.app.util.AppUtil;
+
+/**
+ *
+ * @author afatecha
+ * @param <E>
+ */
+public abstract class AppKeyEntityStore<E extends Entity> extends BaseJpaKeyEntityStore<Context, String, E> {
+
+  // ::: api
+  //
+  @Override
+  protected String makeEntityId(E model) {
+    return model.getId() == null ? AppUtil.randomId() : model.getId().toString();
+  }
+
+
+
+}
--- a/src/main/java/io/kumare/iqr/app/util/AppUtil.java
+++ b/src/main/java/io/kumare/iqr/app/util/AppUtil.java
@ -0,0 +1,18 @@
+/*
+ *
+ */
+package io.kumare.iqr.app.util;
+
+import java.util.UUID;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AppUtil {
+  
+  public static String randomId() {
+    return UUID.randomUUID().toString();
+  }
+  
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/AuthenticationConstants.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/AuthenticationConstants.java
@ -0,0 +1,20 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.authentication;
+
+// base
+import io.kumare.iqr.app.AppConstants;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthenticationConstants {
+
+  // ::: codes
+  //
+  public static final int CODE = AppConstants.AUTHENTICATION_CODE;
+  public static final String NAME = "authentication";
+    
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/AuthenticationController.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/AuthenticationController.java
@ -0,0 +1,57 @@
+/*
+ *
+ */
+package io.kumare.iqr.mod.authentication;
+
+// java
+import io.kumare.iqr.mod.authentication.store.AuthenticationEntities;
+import java.util.Arrays;
+import java.util.List;
+// base
+import io.kumare.lib.base.server.spring.store.jpa.EntityDescriptor;
+// app
+import io.kumare.iqr.app.module.AppModuleController;
+// module
+import io.kumare.iqr.mod.authentication.store.authuser.AuthUserStore;
+import io.kumare.iqr.mod.authentication.store.authuserrelation.AuthUserRelationStore;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthenticationController extends AppModuleController {
+
+  // ::: api
+  //
+  @Override
+  public boolean hasStore(String name) {
+    return AuthenticationEntities.hasDescriptor(name);
+  }
+
+  @Override
+  public EntityDescriptor getEntityDescriptor(Class entityClass) {
+    return AuthenticationEntities.descriptorOf(entityClass);
+  }
+
+  @Override
+  public EntityDescriptor getEntityDescriptor(String name) {
+    return AuthenticationEntities.descriptorOf(name);
+  }
+
+  @Override
+  public List<EntityDescriptor> getEntityDescriptors() {
+    return Arrays.asList(AuthenticationEntities.values());
+  }
+
+  // ::: stores
+  //
+  public AuthUserStore getAuthUserStore() {
+    return getService(AuthUserStore.class);
+  }
+  
+  public AuthUserRelationStore getAuthUserRelationStore() {
+    return getService(AuthUserRelationStore.class);
+  }
+
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/AuthenticationErrors.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/AuthenticationErrors.java
@ -0,0 +1,94 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.authentication;
+
+// java
+import java.util.HashMap;
+import java.util.Map;
+// lib
+import io.kumare.lib.transport.TransportCode;
+import static io.kumare.lib.transport.Transports.code;
+import io.kumare.lib.v.ExceptionPrototype;
+// app
+import io.kumare.iqr.app.AppException;
+import io.kumare.iqr.app.endpoint.AppTransports;
+
+
+/**
+ *
+ * @author afatecha
+ */
+public enum AuthenticationErrors implements ExceptionPrototype {
+
+  
+  // auth user
+  authuser_notfound(1, code(AppTransports.http, 400)),
+  authuser_data_notfound(1, code(AppTransports.http, 400)),
+  authuser_preload_empty(1, code(AppTransports.http, 400)),
+  authuser_externalid_empty(1, code(AppTransports.http, 400)),
+  authuser_entitykey_empty(1, code(AppTransports.http, 400)),
+  authuser_custom_empty(1, code(AppTransports.http, 400)),
+  authuser_visible_empty(1, code(AppTransports.http, 400)),
+  authuser_email_empty(1, code(AppTransports.http, 400)),
+  authuser_emailconfirmed_empty(1, code(AppTransports.http, 400)),
+  authuser_phone_empty(1, code(AppTransports.http, 400)),
+  authuser_phoneconfirmed_empty(1, code(AppTransports.http, 400)),
+  authuser_name_empty(1, code(AppTransports.http, 400)),
+  
+  // auth user relation
+  authuserrelation_notfound(1, code(AppTransports.http, 400)),
+  authuserrelation_data_notfound(1, code(AppTransports.http, 400)),
+  authuserrelation_preload_empty(1, code(AppTransports.http, 400)),
+  authuserrelation_externalid_empty(1, code(AppTransports.http, 400)),
+  authuserrelation_userkey_empty(1, code(AppTransports.http, 400)),
+  authuserrelation_typevalue_empty(1, code(AppTransports.http, 400)),
+  authuserrelation_resourcetype_empty(1, code(AppTransports.http, 400)),
+  authuserrelation_resourcekey_empty(1, code(AppTransports.http, 400)),
+  authuserrelation_resourceid_empty(1, code(AppTransports.http, 400)),
+  authuserrelation_authuser_notfound(1, code(AppTransports.http, 400));
+
+  // ::: vars
+  //
+  private final Map transportCodes = new HashMap();
+  private final int code;
+
+  // ::: constructors
+  //
+  private AuthenticationErrors(int code, TransportCode... codes) {
+    this.code = code;
+    if (codes != null) {
+      for (var i : codes) {
+        if (i != null) {
+          transportCodes.put(i.getId(), i.getCode());
+        }
+      }
+    }
+  }
+
+  // ::: prototype api
+  //
+  @Override
+  public int getCode() {
+    return code;
+  }
+
+  @Override
+  public String getName() {
+    return name();
+  }
+
+  @Override
+  public Map getTransportCodes() {
+    return transportCodes;
+  }
+
+  @Override
+  public RuntimeException newInstance(String msg, Throwable cause, Map extra) {
+    var ex = new AppException(this, msg, cause);
+    ex.setExtra(extra);
+    return ex;
+  }
+
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/AuthenticationModule.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/AuthenticationModule.java
@ -0,0 +1,37 @@
+/*
+ *
+ */
+package io.kumare.iqr.mod.authentication;
+
+// java
+import io.kumare.lib.base.server.spring.module.BaseModule;
+
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthenticationModule extends BaseModule {
+
+  // :::
+  //
+  public static final AuthenticationController controller = new AuthenticationController();
+
+  // ::: api
+  //
+  @Override
+  public int getId() {
+    return AuthenticationConstants.CODE;
+  }
+
+  @Override
+  public String getName() {
+    return AuthenticationConstants.NAME;
+  }
+
+  @Override
+  public AuthenticationController getController() {
+    return controller;
+  }
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/AuthenticationPermissions.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/AuthenticationPermissions.java
@ -0,0 +1,84 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.authentication;
+
+// base
+import io.kumare.iqr.mod.authentication.store.AuthenticationEntities;
+import io.kumare.lib.app.api.security.PermissionReference;
+// app
+import io.kumare.iqr.app.AppErrors;
+
+/**
+ *
+ * @author afatecha
+ */
+public enum AuthenticationPermissions {
+
+  // auth user
+  //auth_user_add(AuthenticationEntities.authUser),
+  //auth_user_edit(AuthenticationEntities.authUser),
+  //auth_user_find(AuthenticationEntities.authUser),
+  //auth_user_enable(AuthenticationEntities.authUser),
+  //auth_user_disable(AuthenticationEntities.authUser),
+  //auth_user_list(AuthenticationEntities.authUser),
+  //auth_user_delete(AuthenticationEntities.authUser),
+  //auth_user_preload(AuthenticationEntities.authUser),
+  //
+  auth_user_viewer(AuthenticationEntities.authUser),
+  //auth_user_guest(AuthenticationEntities.authUser),
+  //auth_user_collab(AuthenticationEntities.authUser),
+  auth_user_worker(AuthenticationEntities.authUser),
+  //auth_user_control(AuthenticationEntities.authUser),
+  auth_user_manager(AuthenticationEntities.authUser),
+  auth_user_admin(null),
+  auth_user_system(null),
+  
+  // auth user relation
+  //auth_user_relation_add(AuthenticationEntities.authUserRelation),
+  //auth_user_relation_edit(AuthenticationEntities.authUserRelation),
+  //auth_user_relation_find(AuthenticationEntities.authUserRelation),
+  //auth_user_relation_enable(AuthenticationEntities.authUserRelation),
+  //auth_user_relation_disable(AuthenticationEntities.authUserRelation),
+  //auth_user_relation_list(AuthenticationEntities.authUserRelation),
+  //auth_user_relation_delete(AuthenticationEntities.authUserRelation),
+  //auth_user_relation_preload(AuthenticationEntities.authUserRelation),
+  //
+  auth_user_relation_viewer(AuthenticationEntities.authUserRelation),
+  //auth_user_relation_guest(AuthenticationEntities.authUserRelation),
+  //auth_user_relation_collab(AuthenticationEntities.authUserRelation),
+  auth_user_relation_worker(AuthenticationEntities.authUserRelation),
+  //auth_user_relation_control(AuthenticationEntities.authUserRelation),
+  auth_user_relation_manager(AuthenticationEntities.authUserRelation),
+  auth_user_relation_admin(null),
+  auth_user_relation_system(null);
+
+
+  // :::
+  //
+  private final AuthenticationEntities resourceType;
+
+  AuthenticationPermissions(AuthenticationEntities entityRef) {
+    this.resourceType = entityRef;
+  }
+
+  //
+  public PermissionReference toReference() {
+    return toReference(null);
+  }
+
+  public PermissionReference toReference(String resourceKey) {
+    var ref = new PermissionReference()
+      .module(AuthenticationConstants.NAME)
+      .permission(name())
+      .error(AppErrors.action_unauthorized);
+    
+    if (resourceType != null && resourceKey != null) {
+      ref.resourceType(resourceType.name())
+        .resourceKey(resourceKey);
+    }
+    
+    return ref;
+  }
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/action/authuser/AuthUserActionArgument.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/action/authuser/AuthUserActionArgument.java
@ -0,0 +1,29 @@
+/*
+ *
+ */
+package io.kumare.iqr.mod.authentication.action.authuser;
+
+// base
+import io.kumare.iqr.app.action.AppEntityActionArgument;
+// entity
+import io.kumare.iqr.mod.authentication.store.authuser.AuthUserEntity;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthUserActionArgument extends AppEntityActionArgument<AuthUserEntity> {
+
+  // ::: constructors
+  //
+  public AuthUserActionArgument() {
+  }
+
+  public AuthUserActionArgument(AuthUserEntity entity) {
+    super(entity);
+  }
+
+  // ::: api
+  //
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/action/authuser/AuthUserAddAction.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/action/authuser/AuthUserAddAction.java
@ -0,0 +1,169 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.authentication.action.authuser;
+
+// java
+import java.util.List;
+// lib
+import io.kumare.lib.base.server.spring.action.Actions;
+import io.kumare.lib.v.V;
+// base
+import io.kumare.iqr.app.AppErrors;
+import io.kumare.iqr.app.action.AppAction;
+import io.kumare.iqr.app.action.AppEntityActionResult;
+import io.kumare.iqr.app.module.AppModules;
+// module
+import io.kumare.iqr.mod.authentication.AuthenticationErrors;
+// entity
+import io.kumare.iqr.mod.authentication.store.authuser.AuthUserEntity;
+
+import io.kumare.iqr.mod.authentication.action.authuserrelation.AuthUserRelationAddAction;
+import io.kumare.iqr.mod.authentication.action.authuserrelation.AuthUserRelationAddArgument;
+import io.kumare.oauthlib.server.app.adapter.oauth.OauthAdapter;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+import org.keycloak.admin.client.CreatedResponseUtil;
+import org.keycloak.representations.idm.CredentialRepresentation;
+import org.keycloak.representations.idm.UserRepresentation;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthUserAddAction extends AppAction<AuthUserAddArgument, AppEntityActionResult<AuthUserEntity>> {
+
+  // ::: vars
+  //
+  private AuthUserEntity entity;
+  private UserRepresentation user;
+  private OauthAdapter oauth;
+
+  // ::: protected api
+  //
+  @Override
+  protected void checkArgument() {
+    V.ifNull(getArgument(), AppErrors.action_arg_notfound);
+
+    // entity
+    var model = getArgument().getEntity();
+    V.ifNull(model, AuthenticationErrors.authuser_notfound);
+
+    // relations
+    // fields
+    //V.ifEmpty(model.getExternalId(), AuthenticationErrors.authuser_externalid_empty);
+    //V.ifEmpty(model.getEntityKey(), AuthenticationErrors.authuser_entitykey_empty);
+    //V.ifEmpty(model.isCustom(), AuthenticationErrors.authuser_custom_empty);
+    //V.ifEmpty(model.isVisible(), AuthenticationErrors.authuser_visible_empty);
+    V.ifEmpty(model.getEmail(), AuthenticationErrors.authuser_email_empty);
+    //V.ifEmpty(model.isEmailConfirmed(), AuthenticationErrors.authuser_emailconfirmed_empty);
+    //V.ifEmpty(model.getPhone(), AuthenticationErrors.authuser_phone_empty);
+    //V.ifEmpty(model.isPhoneConfirmed(), AuthenticationErrors.authuser_phoneconfirmed_empty);
+    V.ifEmpty(model.getName(), AuthenticationErrors.authuser_name_empty);
+  }
+
+  @Override
+  protected void doAction() {
+
+    // adapters
+    //oauth = getContext().getAdapters().getOauth();
+
+    // controllers
+    //createKeycloakUser();
+    // model
+    var model = makeModel();
+
+    // add
+    entity = saveEntity(model);
+
+    // add others
+    addRelations(getArgument().getRelations());
+
+    // dispatchEvents
+  }
+
+  @Override
+  protected void setResultOnly() {
+    var result = new AppEntityActionResult<AuthUserEntity>();
+    result.setEntity(entity);
+    setResult(result);
+  }
+
+  // ::: model
+  //
+  private AuthUserEntity makeModel() {
+    var argModel = getArgument().getEntity();
+    var model = new AuthUserEntity();
+
+    // relations
+    // fields
+    //model.setExternalId(user.getId());
+    model.setEntityKey(argModel.getEntityKey());//user.getUsername());
+    model.setCustom(argModel.isCustom());
+    model.setVisible(argModel.isVisible());
+    model.setEmail(argModel.getEmail());
+    model.setEmailConfirmed(argModel.isEmailConfirmed());
+    model.setPhone(argModel.getPhone());
+    model.setPhoneConfirmed(argModel.isPhoneConfirmed());
+    model.setName(argModel.getName());
+    model.setActive(true);
+
+    return model;
+  }
+
+  // ::: save
+  //  
+  private AuthUserEntity saveEntity(AuthUserEntity model) {
+
+    var store = AppModules.authentication.getController().getAuthUserStore();
+
+    var saved = store.add(getContext(), model);
+    getContext().attach(saved.getId(), saved);
+    return saved;
+  }
+
+  // ::: add relations
+  //
+  private void addRelations(List<AuthUserRelationAddArgument> list) {
+    if (list != null) {
+      list.forEach(i -> {
+        i.getEntity().authUser(entity);
+        Actions.perform(getContext(), new AuthUserRelationAddAction(), i);
+      });
+    }
+  }
+
+  private void createKeycloakUser() {
+    var arg = getArgument().getEntity();
+
+    user = new UserRepresentation();
+    user.setFirstName(arg.getName());
+    user.setLastName(arg.getName());
+    user.setEmail(arg.getEmail());
+    user.setEmailVerified(false);
+    user.setUsername(arg.getEmail());
+
+    var credential = new CredentialRepresentation();
+    credential.setType("password");
+    credential.setTemporary(false);
+    String password = getArgument().getPassword();
+    credential.setValue(password);
+    user.setCredentials(Collections.singletonList(credential));
+    Map<String, List<String>> attributes = new HashMap<>();
+    attributes.put("phone", Collections.singletonList(arg.getPhone()));
+    user.setAttributes(attributes);
+
+    createUserInKeycloak();
+  }
+
+  private void createUserInKeycloak() {
+    user.setEnabled(true);
+    user.setEmailVerified(false);
+
+    var response = oauth.users().create(user);
+    String userId = CreatedResponseUtil.getCreatedId(response);
+    user = oauth.users().find(userId);
+  }
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/action/authuser/AuthUserAddArgument.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/action/authuser/AuthUserAddArgument.java
@ -0,0 +1,52 @@
+/*
+ *
+ */
+package io.kumare.iqr.mod.authentication.action.authuser;
+
+// java
+import java.util.List;
+// app
+import io.kumare.iqr.mod.authentication.store.authuser.AuthUserEntity;
+import io.kumare.iqr.mod.authentication.action.authuserrelation.AuthUserRelationAddArgument;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthUserAddArgument extends AuthUserActionArgument {
+
+  // ::: vars
+  //
+  private List<AuthUserRelationAddArgument> relations;
+  private String password;
+
+  // ::: constructors
+  //
+  public AuthUserAddArgument() {
+  }
+
+  public AuthUserAddArgument(AuthUserEntity entity) {
+    super(entity);
+  }
+
+  // ::: fields
+  //
+  public List<AuthUserRelationAddArgument> getRelations() {
+    return relations;
+  }
+  
+  public void setRelations(List<AuthUserRelationAddArgument> list) {
+    this.relations = list;
+  }
+
+  public String getPassword() {
+    return password;
+  }
+
+  public void setPassword(String password) {
+    this.password = password;
+  }
+  
+  
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/action/authuser/AuthUserDeleteAction.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/action/authuser/AuthUserDeleteAction.java
@ -0,0 +1,59 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.authentication.action.authuser;
+
+// lib
+import io.kumare.lib.v.V;
+// base
+import io.kumare.iqr.app.AppErrors;
+import io.kumare.iqr.app.action.AppAction;
+import io.kumare.iqr.app.action.AppEntityActionResult;
+import io.kumare.iqr.app.module.AppModules;
+// module
+import io.kumare.iqr.mod.authentication.AuthenticationErrors;
+// entity
+import io.kumare.iqr.mod.authentication.store.authuser.AuthUserEntity;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthUserDeleteAction extends AppAction<AuthUserActionArgument, AppEntityActionResult<AuthUserEntity>> {
+
+  // ::: vars
+  //
+  private AuthUserEntity entity;
+
+  // ::: protected api
+  //
+  @Override
+  protected void checkArgument() {
+    V.ifNull(getArgument(), AppErrors.action_arg_notfound);
+    V.ifNull(getArgument().getEntity(), AuthenticationErrors.authuser_notfound);
+    V.ifNull(getArgument().getEntity().getId(), AuthenticationErrors.authuser_notfound);
+  }
+
+  @Override
+  protected void doAction() {
+
+    var argModel = getArgument().getEntity();
+
+    deleteEntity(argModel);
+  }
+
+  @Override
+  protected void setResultOnly() {
+  }
+
+  // ::: delete
+  //
+  private void deleteEntity(AuthUserEntity model) {
+
+    var store = AppModules.authentication.getController().getAuthUserStore();
+
+    store.deleteById(getContext(), model.getId());
+  }
+
+}
+
--- a/src/main/java/io/kumare/iqr/mod/authentication/action/authuser/AuthUserEditAction.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/action/authuser/AuthUserEditAction.java
@ -0,0 +1,109 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.authentication.action.authuser;
+
+// lib
+import io.kumare.lib.v.V;
+// app
+import io.kumare.iqr.app.AppErrors;
+import io.kumare.iqr.app.action.AppAction;
+import io.kumare.iqr.app.action.AppEntityActionResult;
+import io.kumare.iqr.app.module.AppModules;
+// module
+import io.kumare.iqr.mod.authentication.AuthenticationErrors;
+// entity
+import io.kumare.iqr.mod.authentication.store.authuser.AuthUserEntity;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthUserEditAction extends AppAction<AuthUserActionArgument, AppEntityActionResult<AuthUserEntity>> {
+
+  // ::: vars
+  //
+  private AuthUserEntity entity;
+
+  // ::: protected api
+  //
+  @Override
+  protected void checkArgument() {
+    V.ifNull(getArgument(), AppErrors.action_arg_notfound);
+    
+    // entity
+    var model = getArgument().getEntity();
+    V.ifNull(model, AuthenticationErrors.authuser_notfound);
+    
+    // fields
+    V.ifEmpty(model.getExternalId(), AuthenticationErrors.authuser_externalid_empty);
+    V.ifEmpty(model.getEntityKey(), AuthenticationErrors.authuser_entitykey_empty);
+    V.ifEmpty(model.isCustom(), AuthenticationErrors.authuser_custom_empty);
+    V.ifEmpty(model.isVisible(), AuthenticationErrors.authuser_visible_empty);
+    V.ifEmpty(model.getEmail(), AuthenticationErrors.authuser_email_empty);
+    V.ifEmpty(model.isEmailConfirmed(), AuthenticationErrors.authuser_emailconfirmed_empty);
+    V.ifEmpty(model.getPhone(), AuthenticationErrors.authuser_phone_empty);
+    V.ifEmpty(model.isPhoneConfirmed(), AuthenticationErrors.authuser_phoneconfirmed_empty);
+    V.ifEmpty(model.getName(), AuthenticationErrors.authuser_name_empty);
+  }
+
+  @Override
+  protected void doAction() {
+    // arguments
+    var argModel = getArgument().getEntity();
+    
+    // controllers
+    
+    var authentication = AppModules.authentication.getController();
+    var authUserStore = authentication.getAuthUserStore();
+
+    // edit
+    entity = authUserStore.ensure(getContext(), argModel, AuthenticationErrors.authuser_notfound);
+    
+    editEntity();
+
+    entity = saveEntity();
+
+    // dispatchEvents
+  }
+
+  @Override
+  protected void setResultOnly() {
+    var result = new AppEntityActionResult<AuthUserEntity>();
+    result.setEntity(entity);
+    setResult(result);
+  }
+
+  // ::: model
+  //
+  private void editEntity() {
+
+    var model = getArgument().getEntity();
+
+    // fields
+    entity.setExternalId(V.firstNotEmpty(model.getExternalId(), entity.getExternalId()));
+    entity.setEntityKey(V.firstNotEmpty(model.getEntityKey(), entity.getEntityKey()));
+    entity.setCustom(V.firstNotEmpty(model.isCustom(), entity.isCustom()));
+    entity.setVisible(V.firstNotEmpty(model.isVisible(), entity.isVisible()));
+    entity.setEmail(V.firstNotEmpty(model.getEmail(), entity.getEmail()));
+    entity.setEmailConfirmed(V.firstNotEmpty(model.isEmailConfirmed(), entity.isEmailConfirmed()));
+    entity.setPhone(V.firstNotEmpty(model.getPhone(), entity.getPhone()));
+    entity.setPhoneConfirmed(V.firstNotEmpty(model.isPhoneConfirmed(), entity.isPhoneConfirmed()));
+    entity.setName(V.firstNotEmpty(model.getName(), entity.getName()));
+
+
+  }
+  
+  // ::: save
+  //
+  private AuthUserEntity saveEntity() {
+
+    var store = AppModules.authentication.getController().getAuthUserStore();
+
+    var saved = store.edit(getContext(), entity);
+    getContext().attach(saved.getId(), saved);
+    return saved;
+  }
+
+}
+
--- a/src/main/java/io/kumare/iqr/mod/authentication/action/authuser/AuthUserEditArgument.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/action/authuser/AuthUserEditArgument.java
@ -0,0 +1,32 @@
+/*
+ *
+ */
+package io.kumare.iqr.mod.authentication.action.authuser;
+
+// app
+import io.kumare.iqr.mod.authentication.store.authuser.AuthUserEntity;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthUserEditArgument extends AuthUserActionArgument {
+
+  // ::: vars
+  //
+
+
+  // ::: constructors
+  //
+  public AuthUserEditArgument() {
+  }
+
+  public AuthUserEditArgument(AuthUserEntity entity) {
+    super(entity);
+  }
+
+
+  // ::: fields
+  //
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/action/authuser/AuthUserEnableAction.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/action/authuser/AuthUserEnableAction.java
@ -0,0 +1,60 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.authentication.action.authuser;
+
+// lib
+import io.kumare.lib.v.V;
+// base
+import io.kumare.iqr.app.AppErrors;
+import io.kumare.iqr.app.action.AppAction;
+import io.kumare.iqr.app.action.AppActionResult;
+import io.kumare.iqr.app.module.AppModules;
+// module
+import io.kumare.iqr.mod.authentication.AuthenticationErrors;
+// entity
+import io.kumare.iqr.mod.authentication.store.authuser.AuthUserEntity;
+
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthUserEnableAction extends AppAction<AuthUserActionArgument, AppActionResult> {
+
+  // ::: protected api
+  //
+  @Override
+  protected void checkArgument() {
+    V.ifNull(getArgument(), AppErrors.action_arg_notfound);
+    V.ifNull(getArgument().getEntity(), AuthenticationErrors.authuser_notfound);
+    V.ifNull(getArgument().getEntity().getId(), AuthenticationErrors.authuser_notfound);
+  }
+
+  @Override
+  protected void doAction() {
+
+    var model = getArgument().getEntity();
+
+    enableEntity(model);
+  }
+
+  @Override
+  protected void setResultOnly() {
+  }
+
+  // ::: enable
+  //
+  private void enableEntity(AuthUserEntity model) {
+
+    var store = AppModules.authentication.getController().getAuthUserStore();
+
+    if (getArgument().getEntity().isActive()) {
+      store.enableById(getContext(), model.getId());
+    } else {
+      store.disableById(getContext(), model.getId());
+    }
+  }
+
+}
+
--- a/src/main/java/io/kumare/iqr/mod/authentication/action/authuser/AuthUserFindAction.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/action/authuser/AuthUserFindAction.java
@ -0,0 +1,64 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.authentication.action.authuser;
+
+// java
+import java.util.HashMap;
+import java.util.Map;
+// lib
+import io.kumare.lib.v.V;
+// base
+import io.kumare.iqr.app.AppErrors;
+import io.kumare.iqr.app.action.AppAction;
+import io.kumare.iqr.app.module.AppModules;
+// module
+import io.kumare.iqr.mod.authentication.AuthenticationErrors;
+// entity
+import io.kumare.iqr.mod.authentication.store.authuser.AuthUserEntity;
+
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthUserFindAction extends AppAction<AuthUserActionArgument, Map> {
+
+  // ::: vars
+  //
+  private AuthUserEntity entity;
+
+  // ::: protected api
+  //
+  @Override
+  protected void checkArgument() {
+    V.ifNull(getArgument(), AppErrors.action_arg_notfound);
+    V.ifNull(getArgument().getEntity(), AuthenticationErrors.authuser_notfound);
+    V.ifNull(getArgument().getEntity().getId(), AuthenticationErrors.authuser_notfound);
+  }
+
+  @Override
+  protected void doAction() {
+
+    var model = getArgument().getEntity();
+    entity = findEntity(model);
+  }
+
+  @Override
+  protected void setResultOnly() {
+    var result = new HashMap();
+    result.put("entity", entity);
+    setResult(result);
+  }
+
+  // ::: find
+  // 
+  private AuthUserEntity findEntity(AuthUserEntity model) {
+
+    var store = AppModules.authentication.getController().getAuthUserStore();
+    return store.findById(getContext(), model.getId());
+  }
+
+
+}
+
--- a/src/main/java/io/kumare/iqr/mod/authentication/action/authuser/AuthUserListAction.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/action/authuser/AuthUserListAction.java
@ -0,0 +1,148 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.authentication.action.authuser;
+
+// java
+import java.util.HashMap;
+import java.util.List;
+import java.util.LinkedList;
+import java.util.Map;
+// spring
+import org.springframework.data.domain.Page;
+import org.springframework.data.domain.PageRequest;
+// lib
+import io.kumare.lib.v.V;
+// base
+import io.kumare.iqr.app.AppErrors;
+import io.kumare.iqr.app.action.AppAction;
+import io.kumare.iqr.app.module.AppModules;
+// entity
+import io.kumare.iqr.mod.authentication.store.authuser.AuthUserEntity;
+import io.kumare.iqr.mod.authentication.store.authuser.AuthUserMapBuilder;
+
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthUserListAction extends AppAction<AuthUserListArgument, Map> {
+
+  // ::: vars
+  //
+  private final Map result = new HashMap<String, Object>();
+  private final List<AuthUserEntity> entities = new LinkedList<>();
+
+  // ::: public api
+  //
+  public List<AuthUserEntity> getEntities() {
+    return entities;
+  }
+
+  // ::: protected api
+  //
+  @Override
+  protected void checkArgument() {
+    V.ifNull(getArgument(), AppErrors.action_arg_notfound);
+  }
+
+  @Override
+  protected void doAction() {
+
+    result.put("pageable", getArgument().isPageable());
+    result.put("wrapped", getArgument().isWrapped());
+
+    if (getArgument().isPageable()) {
+
+      var page = makePage();
+      entities.addAll(page.toList());
+      
+      if (getArgument().isWrapped()) {
+        result.put("page", makeWrappedPage(page));
+      } else {
+        result.put("page", page);
+      }
+
+    } else {
+
+      var list = makeList();
+      entities.addAll(list);
+      
+      if (getArgument().isWrapped()) {
+        result.put("list", makeWrappedList());
+      } else {
+        result.put("list", list);
+      }
+    }
+
+  }
+
+  @Override
+  protected void setResultOnly() {
+    setResult(result);
+  }
+
+  // ::: page
+  //
+  private Page<AuthUserEntity> makePage() {
+
+    var page = getArgument().getPageNumber();
+    var size = getArgument().getPageSize();
+    //var sort = getArgument().getSort();
+    
+    var pageable = PageRequest.of(page, size);
+
+    var store = AppModules.authentication.getController().getAuthUserStore();
+    return store.getRepository().findAll(pageable);
+  }
+
+  // ::: wrapped page
+  //
+  private Map makeWrappedPage(Page<AuthUserEntity> found) {
+
+    var page = new HashMap();
+    var content = new LinkedList();
+
+    wrapList(entities, content);
+
+    page.put("size", found.getSize());
+    page.put("number", found.getNumber());
+    page.put("totalElements", found.getTotalElements());
+    page.put("totalPages", found.getTotalPages());
+    page.put("content", content);
+
+    return page;
+  }
+
+  
+  // ::: list
+  //
+  
+  private List<AuthUserEntity> makeList() {
+
+    var store = AppModules.authentication.getController().getAuthUserStore();
+
+    return store.listAll(getContext());
+  }
+
+  // ::: wrapped list
+  private List makeWrappedList() {
+    var list = new LinkedList();
+
+    wrapList(entities, list);
+
+    return list;
+  }
+
+  // ::: wrapper
+  //
+  private void wrapList(List<AuthUserEntity> found, List output) {
+
+    var builder = new AuthUserMapBuilder().addListGroup();
+
+
+    output.addAll(builder.build(getContext(), found));
+  }
+
+}
+
--- a/src/main/java/io/kumare/iqr/mod/authentication/action/authuser/AuthUserListArgument.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/action/authuser/AuthUserListArgument.java
@ -0,0 +1,33 @@
+/*
+ *
+ */
+package io.kumare.iqr.mod.authentication.action.authuser;
+
+// app
+import io.kumare.iqr.app.action.AppListActionArgument;
+// store
+import io.kumare.iqr.mod.authentication.store.authuser.AuthUserEntity;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthUserListArgument extends AppListActionArgument<AuthUserEntity> {
+
+  // ::: vars
+  //
+
+  // ::: constructors
+  //
+  public AuthUserListArgument() {
+  }
+
+  public AuthUserListArgument(AuthUserEntity entity) {
+    super(entity);
+  }
+
+
+  // ::: fields
+  //
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/action/authuser/AuthUserPreloadAction.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/action/authuser/AuthUserPreloadAction.java
@ -0,0 +1,101 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.authentication.action.authuser;
+
+// java
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+// lib
+import io.kumare.lib.v.V;
+// base
+import io.kumare.iqr.app.AppErrors;
+import io.kumare.iqr.app.action.AppAction;
+import io.kumare.iqr.app.module.AppModules;
+// module
+import io.kumare.iqr.mod.authentication.AuthenticationErrors;
+// entity
+import io.kumare.iqr.mod.authentication.store.authuser.AuthUserEntity;
+// relations
+
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthUserPreloadAction extends AppAction<AuthUserPreloadArgument, Map> {
+
+  // ::: vars
+  //
+  private final Map result = new HashMap();
+  private Map<String, Object> params = new HashMap<>();
+
+  // ::: protected api
+  //
+  @Override
+  protected void checkArgument() {
+    V.ifNull(getArgument(), AppErrors.action_arg_notfound);
+    V.ifEmpty(getArgument().getAction(), AuthenticationErrors.authuser_preload_empty);
+  }
+
+  @Override
+  protected void doAction() {
+    if(getArgument().getParams() != null) {
+      params = getArgument().getParams();
+    }
+
+    switch (getArgument().getAction()) {
+      case "find" ->
+        prepareFind();
+      case "list" ->
+        prepareList();
+      case "add" ->
+        prepareAdd();
+      case "edit" ->
+        prepareEdit();
+    }
+  }
+
+  @Override
+  protected void setResultOnly() {
+    setResult(result);
+  }
+
+  // ::: preload
+  //
+  private void prepareAdd() {
+
+  }
+
+  private void prepareEdit() {
+    var entity = findEntity();
+    result.put("entity", entity);
+
+  }
+
+  private void prepareList() {
+  }
+
+  private void prepareFind() {
+    var entity = findEntity();
+    result.put("entity", entity);
+
+  }
+
+  // ::: queries
+  //
+  private AuthUserEntity findEntity() {
+    var store = AppModules.authentication.getController().getAuthUserStore();
+    
+    var id = (String) params.get("id");
+    if(id == null && getArgument().getEntity() != null) {
+      id = getArgument().getEntity().getId();
+    }
+    return store.findById(getContext(), id);
+  }
+
+
+
+}
+
--- a/src/main/java/io/kumare/iqr/mod/authentication/action/authuser/AuthUserPreloadArgument.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/action/authuser/AuthUserPreloadArgument.java
@ -0,0 +1,26 @@
+/*
+ *
+ */
+package io.kumare.iqr.mod.authentication.action.authuser;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthUserPreloadArgument extends AuthUserActionArgument {
+
+  // ::: vars
+  //
+  private String action;
+
+  // ::: fields
+  //
+  public String getAction() {
+    return action;
+  }
+
+  public void setAction(String action) {
+    this.action = action;
+  }
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/action/authuserrelation/AuthUserRelationActionArgument.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/action/authuserrelation/AuthUserRelationActionArgument.java
@ -0,0 +1,29 @@
+/*
+ *
+ */
+package io.kumare.iqr.mod.authentication.action.authuserrelation;
+
+// base
+import io.kumare.iqr.app.action.AppEntityActionArgument;
+// entity
+import io.kumare.iqr.mod.authentication.store.authuserrelation.AuthUserRelationEntity;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthUserRelationActionArgument extends AppEntityActionArgument<AuthUserRelationEntity> {
+
+  // ::: constructors
+  //
+  public AuthUserRelationActionArgument() {
+  }
+
+  public AuthUserRelationActionArgument(AuthUserRelationEntity entity) {
+    super(entity);
+  }
+
+  // ::: api
+  //
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/action/authuserrelation/AuthUserRelationAddAction.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/action/authuserrelation/AuthUserRelationAddAction.java
@ -0,0 +1,123 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.authentication.action.authuserrelation;
+
+
+// lib
+import io.kumare.lib.base.server.spring.action.Actions;
+import io.kumare.lib.v.V;
+// base
+import io.kumare.iqr.app.AppErrors;
+import io.kumare.iqr.app.action.AppAction;
+import io.kumare.iqr.app.action.AppEntityActionResult;
+import io.kumare.iqr.app.module.AppModules;
+// module
+import io.kumare.iqr.mod.authentication.AuthenticationErrors;
+// entity
+import io.kumare.iqr.mod.authentication.store.authuserrelation.AuthUserRelationEntity;
+import io.kumare.iqr.mod.authentication.store.authuser.AuthUserEntity;
+
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthUserRelationAddAction extends AppAction<AuthUserRelationAddArgument, AppEntityActionResult<AuthUserRelationEntity>> {
+
+  // ::: vars
+  //
+  private AuthUserRelationEntity entity;
+
+  // ::: protected api
+  //
+  @Override
+  protected void checkArgument() {
+    V.ifNull(getArgument(), AppErrors.action_arg_notfound);
+    
+    // entity
+    var model = getArgument().getEntity();
+    V.ifNull(model, AuthenticationErrors.authuserrelation_notfound);
+    
+    // relations
+    V.ifNull(model.getAuthUser(), AuthenticationErrors.authuserrelation_authuser_notfound);
+    
+    // fields
+    V.ifEmpty(model.getExternalId(), AuthenticationErrors.authuserrelation_externalid_empty);
+    V.ifEmpty(model.getUserKey(), AuthenticationErrors.authuserrelation_userkey_empty);
+    V.ifEmpty(model.getTypeValue(), AuthenticationErrors.authuserrelation_typevalue_empty);
+    V.ifEmpty(model.getResourceType(), AuthenticationErrors.authuserrelation_resourcetype_empty);
+    V.ifEmpty(model.getResourceKey(), AuthenticationErrors.authuserrelation_resourcekey_empty);
+    V.ifEmpty(model.getResourceId(), AuthenticationErrors.authuserrelation_resourceid_empty);
+  }
+
+  @Override
+  protected void doAction() {
+    // arguments
+    var argModel = getArgument().getEntity();
+
+    // controllers
+    var authentication = AppModules.authentication.getController();
+
+    var authUserStore = authentication.getAuthUserStore();
+
+    var authUser = authUserStore.ensure(getContext(), argModel.getAuthUser(), AuthenticationErrors.authuserrelation_authuser_notfound);
+
+    // model
+    var model = makeModel(authUser);
+
+    // add
+    entity = saveEntity(model);
+
+    // add others
+
+
+    // dispatchEvents
+  }
+
+  @Override
+  protected void setResultOnly() {
+    var result = new AppEntityActionResult<AuthUserRelationEntity>();
+    result.setEntity(entity);
+    setResult(result);
+  }
+
+  // ::: model
+  //
+  private AuthUserRelationEntity makeModel(AuthUserEntity authUser) {
+
+    var argModel = getArgument().getEntity();
+    var model = new AuthUserRelationEntity();
+
+    // relations
+    model.setAuthUser(authUser);
+
+    // fields
+    model.setExternalId(argModel.getExternalId());
+    model.setUserKey(argModel.getUserKey());
+    model.setTypeValue(argModel.getTypeValue());
+    model.setResourceType(argModel.getResourceType());
+    model.setResourceKey(argModel.getResourceKey());
+    model.setResourceId(argModel.getResourceId());
+    model.setActive(true);
+
+
+
+    return model;
+  }
+
+  // ::: save
+  //  
+  private AuthUserRelationEntity saveEntity(AuthUserRelationEntity model) {
+
+    var store = AppModules.authentication.getController().getAuthUserRelationStore();
+
+    var saved = store.add(getContext(), model);
+    getContext().attach(saved.getId(), saved);
+    return saved;
+  }
+
+
+
+}
+
--- a/src/main/java/io/kumare/iqr/mod/authentication/action/authuserrelation/AuthUserRelationAddArgument.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/action/authuserrelation/AuthUserRelationAddArgument.java
@ -0,0 +1,34 @@
+/*
+ *
+ */
+package io.kumare.iqr.mod.authentication.action.authuserrelation;
+
+
+// app
+import io.kumare.iqr.mod.authentication.store.authuserrelation.AuthUserRelationEntity;
+
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthUserRelationAddArgument extends AuthUserRelationActionArgument {
+
+  // ::: vars
+  //
+
+
+  // ::: constructors
+  //
+  public AuthUserRelationAddArgument() {
+  }
+
+  public AuthUserRelationAddArgument(AuthUserRelationEntity entity) {
+    super(entity);
+  }
+
+  // ::: fields
+  //
+
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/action/authuserrelation/AuthUserRelationDeleteAction.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/action/authuserrelation/AuthUserRelationDeleteAction.java
@ -0,0 +1,59 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.authentication.action.authuserrelation;
+
+// lib
+import io.kumare.lib.v.V;
+// base
+import io.kumare.iqr.app.AppErrors;
+import io.kumare.iqr.app.action.AppAction;
+import io.kumare.iqr.app.action.AppEntityActionResult;
+import io.kumare.iqr.app.module.AppModules;
+// module
+import io.kumare.iqr.mod.authentication.AuthenticationErrors;
+// entity
+import io.kumare.iqr.mod.authentication.store.authuserrelation.AuthUserRelationEntity;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthUserRelationDeleteAction extends AppAction<AuthUserRelationActionArgument, AppEntityActionResult<AuthUserRelationEntity>> {
+
+  // ::: vars
+  //
+  private AuthUserRelationEntity entity;
+
+  // ::: protected api
+  //
+  @Override
+  protected void checkArgument() {
+    V.ifNull(getArgument(), AppErrors.action_arg_notfound);
+    V.ifNull(getArgument().getEntity(), AuthenticationErrors.authuserrelation_notfound);
+    V.ifNull(getArgument().getEntity().getId(), AuthenticationErrors.authuserrelation_notfound);
+  }
+
+  @Override
+  protected void doAction() {
+
+    var argModel = getArgument().getEntity();
+
+    deleteEntity(argModel);
+  }
+
+  @Override
+  protected void setResultOnly() {
+  }
+
+  // ::: delete
+  //
+  private void deleteEntity(AuthUserRelationEntity model) {
+
+    var store = AppModules.authentication.getController().getAuthUserRelationStore();
+
+    store.deleteById(getContext(), model.getId());
+  }
+
+}
+
--- a/src/main/java/io/kumare/iqr/mod/authentication/action/authuserrelation/AuthUserRelationEditAction.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/action/authuserrelation/AuthUserRelationEditAction.java
@ -0,0 +1,103 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.authentication.action.authuserrelation;
+
+// lib
+import io.kumare.lib.v.V;
+// app
+import io.kumare.iqr.app.AppErrors;
+import io.kumare.iqr.app.action.AppAction;
+import io.kumare.iqr.app.action.AppEntityActionResult;
+import io.kumare.iqr.app.module.AppModules;
+// module
+import io.kumare.iqr.mod.authentication.AuthenticationErrors;
+// entity
+import io.kumare.iqr.mod.authentication.store.authuserrelation.AuthUserRelationEntity;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthUserRelationEditAction extends AppAction<AuthUserRelationActionArgument, AppEntityActionResult<AuthUserRelationEntity>> {
+
+  // ::: vars
+  //
+  private AuthUserRelationEntity entity;
+
+  // ::: protected api
+  //
+  @Override
+  protected void checkArgument() {
+    V.ifNull(getArgument(), AppErrors.action_arg_notfound);
+    
+    // entity
+    var model = getArgument().getEntity();
+    V.ifNull(model, AuthenticationErrors.authuserrelation_notfound);
+    
+    // fields
+    V.ifEmpty(model.getExternalId(), AuthenticationErrors.authuserrelation_externalid_empty);
+    V.ifEmpty(model.getUserKey(), AuthenticationErrors.authuserrelation_userkey_empty);
+    V.ifEmpty(model.getTypeValue(), AuthenticationErrors.authuserrelation_typevalue_empty);
+    V.ifEmpty(model.getResourceType(), AuthenticationErrors.authuserrelation_resourcetype_empty);
+    V.ifEmpty(model.getResourceKey(), AuthenticationErrors.authuserrelation_resourcekey_empty);
+    V.ifEmpty(model.getResourceId(), AuthenticationErrors.authuserrelation_resourceid_empty);
+  }
+
+  @Override
+  protected void doAction() {
+    // arguments
+    var argModel = getArgument().getEntity();
+    
+    // controllers
+    
+    var authentication = AppModules.authentication.getController();
+    var authUserRelationStore = authentication.getAuthUserRelationStore();
+
+    // edit
+    entity = authUserRelationStore.ensure(getContext(), argModel, AuthenticationErrors.authuserrelation_notfound);
+    
+    editEntity();
+
+    entity = saveEntity();
+
+    // dispatchEvents
+  }
+
+  @Override
+  protected void setResultOnly() {
+    var result = new AppEntityActionResult<AuthUserRelationEntity>();
+    result.setEntity(entity);
+    setResult(result);
+  }
+
+  // ::: model
+  //
+  private void editEntity() {
+
+    var model = getArgument().getEntity();
+
+    // fields
+    entity.setExternalId(V.firstNotEmpty(model.getExternalId(), entity.getExternalId()));
+    entity.setUserKey(V.firstNotEmpty(model.getUserKey(), entity.getUserKey()));
+    entity.setTypeValue(V.firstNotEmpty(model.getTypeValue(), entity.getTypeValue()));
+    entity.setResourceType(V.firstNotEmpty(model.getResourceType(), entity.getResourceType()));
+    entity.setResourceKey(V.firstNotEmpty(model.getResourceKey(), entity.getResourceKey()));
+    entity.setResourceId(V.firstNotEmpty(model.getResourceId(), entity.getResourceId()));
+
+
+  }
+  
+  // ::: save
+  //
+  private AuthUserRelationEntity saveEntity() {
+
+    var store = AppModules.authentication.getController().getAuthUserRelationStore();
+
+    var saved = store.edit(getContext(), entity);
+    getContext().attach(saved.getId(), saved);
+    return saved;
+  }
+
+}
+
--- a/src/main/java/io/kumare/iqr/mod/authentication/action/authuserrelation/AuthUserRelationEditArgument.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/action/authuserrelation/AuthUserRelationEditArgument.java
@ -0,0 +1,32 @@
+/*
+ *
+ */
+package io.kumare.iqr.mod.authentication.action.authuserrelation;
+
+// app
+import io.kumare.iqr.mod.authentication.store.authuserrelation.AuthUserRelationEntity;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthUserRelationEditArgument extends AuthUserRelationActionArgument {
+
+  // ::: vars
+  //
+
+
+  // ::: constructors
+  //
+  public AuthUserRelationEditArgument() {
+  }
+
+  public AuthUserRelationEditArgument(AuthUserRelationEntity entity) {
+    super(entity);
+  }
+
+
+  // ::: fields
+  //
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/action/authuserrelation/AuthUserRelationEnableAction.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/action/authuserrelation/AuthUserRelationEnableAction.java
@ -0,0 +1,60 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.authentication.action.authuserrelation;
+
+// lib
+import io.kumare.lib.v.V;
+// base
+import io.kumare.iqr.app.AppErrors;
+import io.kumare.iqr.app.action.AppAction;
+import io.kumare.iqr.app.action.AppActionResult;
+import io.kumare.iqr.app.module.AppModules;
+// module
+import io.kumare.iqr.mod.authentication.AuthenticationErrors;
+// entity
+import io.kumare.iqr.mod.authentication.store.authuserrelation.AuthUserRelationEntity;
+
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthUserRelationEnableAction extends AppAction<AuthUserRelationActionArgument, AppActionResult> {
+
+  // ::: protected api
+  //
+  @Override
+  protected void checkArgument() {
+    V.ifNull(getArgument(), AppErrors.action_arg_notfound);
+    V.ifNull(getArgument().getEntity(), AuthenticationErrors.authuserrelation_notfound);
+    V.ifNull(getArgument().getEntity().getId(), AuthenticationErrors.authuserrelation_notfound);
+  }
+
+  @Override
+  protected void doAction() {
+
+    var model = getArgument().getEntity();
+
+    enableEntity(model);
+  }
+
+  @Override
+  protected void setResultOnly() {
+  }
+
+  // ::: enable
+  //
+  private void enableEntity(AuthUserRelationEntity model) {
+
+    var store = AppModules.authentication.getController().getAuthUserRelationStore();
+
+    if (getArgument().getEntity().isActive()) {
+      store.enableById(getContext(), model.getId());
+    } else {
+      store.disableById(getContext(), model.getId());
+    }
+  }
+
+}
+
--- a/src/main/java/io/kumare/iqr/mod/authentication/action/authuserrelation/AuthUserRelationFindAction.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/action/authuserrelation/AuthUserRelationFindAction.java
@ -0,0 +1,64 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.authentication.action.authuserrelation;
+
+// java
+import java.util.HashMap;
+import java.util.Map;
+// lib
+import io.kumare.lib.v.V;
+// base
+import io.kumare.iqr.app.AppErrors;
+import io.kumare.iqr.app.action.AppAction;
+import io.kumare.iqr.app.module.AppModules;
+// module
+import io.kumare.iqr.mod.authentication.AuthenticationErrors;
+// entity
+import io.kumare.iqr.mod.authentication.store.authuserrelation.AuthUserRelationEntity;
+
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthUserRelationFindAction extends AppAction<AuthUserRelationActionArgument, Map> {
+
+  // ::: vars
+  //
+  private AuthUserRelationEntity entity;
+
+  // ::: protected api
+  //
+  @Override
+  protected void checkArgument() {
+    V.ifNull(getArgument(), AppErrors.action_arg_notfound);
+    V.ifNull(getArgument().getEntity(), AuthenticationErrors.authuserrelation_notfound);
+    V.ifNull(getArgument().getEntity().getId(), AuthenticationErrors.authuserrelation_notfound);
+  }
+
+  @Override
+  protected void doAction() {
+
+    var model = getArgument().getEntity();
+    entity = findEntity(model);
+  }
+
+  @Override
+  protected void setResultOnly() {
+    var result = new HashMap();
+    result.put("entity", entity);
+    setResult(result);
+  }
+
+  // ::: find
+  // 
+  private AuthUserRelationEntity findEntity(AuthUserRelationEntity model) {
+
+    var store = AppModules.authentication.getController().getAuthUserRelationStore();
+    return store.findById(getContext(), model.getId());
+  }
+
+
+}
+
--- a/src/main/java/io/kumare/iqr/mod/authentication/action/authuserrelation/AuthUserRelationListAction.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/action/authuserrelation/AuthUserRelationListAction.java
@ -0,0 +1,148 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.authentication.action.authuserrelation;
+
+// java
+import java.util.HashMap;
+import java.util.List;
+import java.util.LinkedList;
+import java.util.Map;
+// spring
+import org.springframework.data.domain.Page;
+import org.springframework.data.domain.PageRequest;
+// lib
+import io.kumare.lib.v.V;
+// base
+import io.kumare.iqr.app.AppErrors;
+import io.kumare.iqr.app.action.AppAction;
+import io.kumare.iqr.app.module.AppModules;
+// entity
+import io.kumare.iqr.mod.authentication.store.authuserrelation.AuthUserRelationEntity;
+import io.kumare.iqr.mod.authentication.store.authuserrelation.AuthUserRelationMapBuilder;
+
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthUserRelationListAction extends AppAction<AuthUserRelationListArgument, Map> {
+
+  // ::: vars
+  //
+  private final Map result = new HashMap<String, Object>();
+  private final List<AuthUserRelationEntity> entities = new LinkedList<>();
+
+  // ::: public api
+  //
+  public List<AuthUserRelationEntity> getEntities() {
+    return entities;
+  }
+
+  // ::: protected api
+  //
+  @Override
+  protected void checkArgument() {
+    V.ifNull(getArgument(), AppErrors.action_arg_notfound);
+  }
+
+  @Override
+  protected void doAction() {
+
+    result.put("pageable", getArgument().isPageable());
+    result.put("wrapped", getArgument().isWrapped());
+
+    if (getArgument().isPageable()) {
+
+      var page = makePage();
+      entities.addAll(page.toList());
+      
+      if (getArgument().isWrapped()) {
+        result.put("page", makeWrappedPage(page));
+      } else {
+        result.put("page", page);
+      }
+
+    } else {
+
+      var list = makeList();
+      entities.addAll(list);
+      
+      if (getArgument().isWrapped()) {
+        result.put("list", makeWrappedList());
+      } else {
+        result.put("list", list);
+      }
+    }
+
+  }
+
+  @Override
+  protected void setResultOnly() {
+    setResult(result);
+  }
+
+  // ::: page
+  //
+  private Page<AuthUserRelationEntity> makePage() {
+
+    var page = getArgument().getPageNumber();
+    var size = getArgument().getPageSize();
+    //var sort = getArgument().getSort();
+    
+    var pageable = PageRequest.of(page, size);
+
+    var store = AppModules.authentication.getController().getAuthUserRelationStore();
+    return store.getRepository().findAll(pageable);
+  }
+
+  // ::: wrapped page
+  //
+  private Map makeWrappedPage(Page<AuthUserRelationEntity> found) {
+
+    var page = new HashMap();
+    var content = new LinkedList();
+
+    wrapList(entities, content);
+
+    page.put("size", found.getSize());
+    page.put("number", found.getNumber());
+    page.put("totalElements", found.getTotalElements());
+    page.put("totalPages", found.getTotalPages());
+    page.put("content", content);
+
+    return page;
+  }
+
+  
+  // ::: list
+  //
+  
+  private List<AuthUserRelationEntity> makeList() {
+
+    var store = AppModules.authentication.getController().getAuthUserRelationStore();
+
+    return store.listAll(getContext());
+  }
+
+  // ::: wrapped list
+  private List makeWrappedList() {
+    var list = new LinkedList();
+
+    wrapList(entities, list);
+
+    return list;
+  }
+
+  // ::: wrapper
+  //
+  private void wrapList(List<AuthUserRelationEntity> found, List output) {
+
+    var builder = new AuthUserRelationMapBuilder().addListGroup();
+    builder.getAuthUserBuilder().addMainGroup();
+
+    output.addAll(builder.build(getContext(), found));
+  }
+
+}
+
--- a/src/main/java/io/kumare/iqr/mod/authentication/action/authuserrelation/AuthUserRelationListArgument.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/action/authuserrelation/AuthUserRelationListArgument.java
@ -0,0 +1,33 @@
+/*
+ *
+ */
+package io.kumare.iqr.mod.authentication.action.authuserrelation;
+
+// app
+import io.kumare.iqr.app.action.AppListActionArgument;
+// store
+import io.kumare.iqr.mod.authentication.store.authuserrelation.AuthUserRelationEntity;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthUserRelationListArgument extends AppListActionArgument<AuthUserRelationEntity> {
+
+  // ::: vars
+  //
+
+  // ::: constructors
+  //
+  public AuthUserRelationListArgument() {
+  }
+
+  public AuthUserRelationListArgument(AuthUserRelationEntity entity) {
+    super(entity);
+  }
+
+
+  // ::: fields
+  //
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/action/authuserrelation/AuthUserRelationPreloadAction.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/action/authuserrelation/AuthUserRelationPreloadAction.java
@ -0,0 +1,105 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.authentication.action.authuserrelation;
+
+// java
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+// lib
+import io.kumare.lib.v.V;
+// base
+import io.kumare.iqr.app.AppErrors;
+import io.kumare.iqr.app.action.AppAction;
+import io.kumare.iqr.app.module.AppModules;
+// module
+import io.kumare.iqr.mod.authentication.AuthenticationErrors;
+// entity
+import io.kumare.iqr.mod.authentication.store.authuserrelation.AuthUserRelationEntity;
+// relations
+import io.kumare.iqr.mod.authentication.store.authuser.AuthUserEntity;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthUserRelationPreloadAction extends AppAction<AuthUserRelationPreloadArgument, Map> {
+
+  // ::: vars
+  //
+  private final Map result = new HashMap();
+  private Map<String, Object> params = new HashMap<>();
+
+  // ::: protected api
+  //
+  @Override
+  protected void checkArgument() {
+    V.ifNull(getArgument(), AppErrors.action_arg_notfound);
+    V.ifEmpty(getArgument().getAction(), AuthenticationErrors.authuserrelation_preload_empty);
+  }
+
+  @Override
+  protected void doAction() {
+    if(getArgument().getParams() != null) {
+      params = getArgument().getParams();
+    }
+
+    switch (getArgument().getAction()) {
+      case "find" ->
+        prepareFind();
+      case "list" ->
+        prepareList();
+      case "add" ->
+        prepareAdd();
+      case "edit" ->
+        prepareEdit();
+    }
+  }
+
+  @Override
+  protected void setResultOnly() {
+    setResult(result);
+  }
+
+  // ::: preload
+  //
+  private void prepareAdd() {
+    result.put("authUsers", listAuthUsers());
+  }
+
+  private void prepareEdit() {
+    var entity = findEntity();
+    result.put("entity", entity);
+    result.put("authUser", entity.getAuthUser());
+  }
+
+  private void prepareList() {
+  }
+
+  private void prepareFind() {
+    var entity = findEntity();
+    result.put("entity", entity);
+    result.put("authUser", entity.getAuthUser());
+  }
+
+  // ::: queries
+  //
+  private AuthUserRelationEntity findEntity() {
+    var store = AppModules.authentication.getController().getAuthUserRelationStore();
+    
+    var id = (String) params.get("id");
+    if(id == null && getArgument().getEntity() != null) {
+      id = getArgument().getEntity().getId();
+    }
+    return store.findById(getContext(), id);
+  }
+
+  public List<AuthUserEntity> listAuthUsers() {
+    var store = AppModules.authentication.getController().getAuthUserStore();
+  
+    return store.listAll(getContext());
+  }
+
+}
+
--- a/src/main/java/io/kumare/iqr/mod/authentication/action/authuserrelation/AuthUserRelationPreloadArgument.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/action/authuserrelation/AuthUserRelationPreloadArgument.java
@ -0,0 +1,26 @@
+/*
+ *
+ */
+package io.kumare.iqr.mod.authentication.action.authuserrelation;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthUserRelationPreloadArgument extends AuthUserRelationActionArgument {
+
+  // ::: vars
+  //
+  private String action;
+
+  // ::: fields
+  //
+  public String getAction() {
+    return action;
+  }
+
+  public void setAction(String action) {
+    this.action = action;
+  }
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/endpoint/rest/AbstractAuthUserRelationRest.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/endpoint/rest/AbstractAuthUserRelationRest.java
@ -0,0 +1,214 @@
+/*
+ *
+ */
+package io.kumare.iqr.mod.authentication.endpoint.rest;
+
+// java
+import java.util.Map;
+// openapi
+import io.swagger.v3.oas.annotations.*;
+import io.swagger.v3.oas.annotations.media.*;
+import io.swagger.v3.oas.annotations.responses.*;
+// spring
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+// base
+import io.kumare.lib.app.api.operation.TransactionType;
+import io.kumare.lib.app.api.security.PermissionReference;
+// app
+import io.kumare.iqr.app.endpoint.rest.AppEndpointRest;
+import io.kumare.iqr.app.action.*;
+// module
+import io.kumare.iqr.mod.authentication.AuthenticationPermissions;
+import io.kumare.iqr.mod.authentication.store.authuserrelation.AuthUserRelationEntity;
+import io.kumare.iqr.mod.authentication.action.authuserrelation.*;
+
+/**
+*
+* @author afatecha
+*/
+public abstract class AbstractAuthUserRelationRest extends AppEndpointRest {
+
+  // ::: DEFAULT PERMISSIONS
+  //
+  protected PermissionReference getPermission(String action, String ref, Object extra) {
+    switch (action) {
+      case null -> {
+        return null;
+      }
+      case "add" -> {
+        return AuthenticationPermissions.auth_user_relation_worker.toReference(ref);
+      }
+      case "edit" -> {
+        return AuthenticationPermissions.auth_user_relation_worker.toReference(ref);
+      }
+      case "enable" -> {
+        return AuthenticationPermissions.auth_user_relation_manager.toReference(ref);
+      }
+      case "disable" -> {
+        return AuthenticationPermissions.auth_user_relation_manager.toReference(ref);
+      }
+      case "delete" -> {
+        return AuthenticationPermissions.auth_user_relation_manager.toReference(ref);
+      }
+      case "find" -> {
+        return AuthenticationPermissions.auth_user_relation_viewer.toReference(ref);
+      }
+      case "list" -> {
+        return AuthenticationPermissions.auth_user_relation_viewer.toReference(ref);
+      }
+      default -> {
+        return null;
+      }
+    }
+  }
+
+
+  // ::: ADD
+  //
+  @ApiResponses(value = {
+    @ApiResponse(content = @Content(mediaType = "application/json",
+                                    schema = @Schema(implementation = AppEntityActionResult.class)))
+  })
+  @Operation(summary = "auth user relation add operation", description = "")
+  //
+  @PostMapping
+  public ResponseEntity add(@RequestBody AuthUserRelationAddArgument arg) {
+  
+    var permission = getPermission("add", null, arg);
+    return handle(new AuthUserRelationAddAction(), arg, permission, TransactionType.service);
+  }
+  
+  // ::: EDIT
+  //
+  @ApiResponses(value = {
+    @ApiResponse(content = @Content(mediaType = "application/json",
+                                    schema = @Schema(implementation = AppEntityActionResult.class)))
+  })
+  @Operation(summary = "auth user relation edit operation", description = "")
+  //
+  @PutMapping("/{id}")
+  public ResponseEntity edit(@PathVariable("id") String id,
+                             @RequestBody AuthUserRelationEditArgument arg) {
+  
+    arg.getEntity().id(id);
+  
+    var permission = getPermission("edit", id, arg);
+    return handle(new AuthUserRelationEditAction(), arg, permission, TransactionType.service);
+  }
+  
+  // ::: FIND
+  //
+  @ApiResponses(value = {
+    @ApiResponse(content = @Content(mediaType = "application/json",
+                                    schema = @Schema(implementation = Map.class)))
+  })
+  @Operation(summary = "auth user relation find operation", description = "")
+  //
+  @GetMapping("/{id}")
+  public ResponseEntity find(@PathVariable("id") String id,
+                             @ModelAttribute AuthUserRelationActionArgument arg) {
+  
+  
+    arg = arg == null ? new AuthUserRelationActionArgument() : arg;
+  
+    arg.entity(new AuthUserRelationEntity(id));
+  
+    var permission = getPermission("find", id, arg);
+    return handle(new AuthUserRelationFindAction(), arg, permission);
+  }
+  
+  // ::: ENABLE
+  //
+  /*
+  @ApiResponses(value = {
+    @ApiResponse(content = @Content(mediaType = "application/json",
+                                    schema = @Schema(implementation = AppActionResult.class)))
+  })
+  @Operation(summary = "auth user relation enable operation", description = "")
+  //
+  @PutMapping("/{id}/enable")
+  public ResponseEntity enable(@PathVariable("id") String id) {
+  
+    var arg = new AuthUserRelationActionArgument();
+    arg.setEntity(new AuthUserRelationEntity(id));
+    arg.getEntity().setActive(true);
+  
+    var permission = getPermission("disable", id, arg);
+    return handle(new AuthUserRelationEnableAction(), arg, permission, TransactionType.service);
+  }
+  */
+  
+  // ::: DISABLE
+  //
+  /*
+  @ApiResponses(value = {
+    @ApiResponse(content = @Content(mediaType = "application/json",
+                                    schema = @Schema(implementation = AppActionResult.class)))
+  })
+  @Operation(summary = "auth user relation disable operation", description = "")
+  //
+  @PutMapping("/{id}/disable")
+  public ResponseEntity disable(@PathVariable("id") String id) {
+  
+    var arg = new AuthUserRelationActionArgument();
+    arg.setEntity(new AuthUserRelationEntity(id));
+    arg.getEntity().setActive(false);
+  
+    var permission = getPermission("disable", id, arg);
+    return handle(new AuthUserRelationEnableAction(), arg, permission, TransactionType.service);
+  }
+  */
+  
+  // ::: LIST
+  //
+  @ApiResponses(value = {
+    @ApiResponse(content = @Content(mediaType = "application/json",
+                                    schema = @Schema(implementation = Map.class)))
+  })
+  @Operation(summary = "auth user relation list operation", description = "")
+  //
+  @GetMapping
+  public ResponseEntity list(@ModelAttribute AuthUserRelationListArgument arg) {
+  
+    arg = arg == null ? new AuthUserRelationListArgument() : arg;
+  
+    var permission = getPermission("list", null, arg);
+    return handle(new AuthUserRelationListAction(), arg, permission);
+  }
+  
+  // ::: DELETE
+  //
+  @ApiResponses(value = {
+    @ApiResponse(content = @Content(mediaType = "application/json",
+                                    schema = @Schema(implementation = AppActionResult.class)))
+  })
+  @Operation(summary = "auth user relation delete operation", description = "")
+  //
+  @DeleteMapping("/{id}")
+  public ResponseEntity delete(@PathVariable("id") String id) {
+  
+    var arg = new AuthUserRelationActionArgument();
+  
+    arg.setEntity(new AuthUserRelationEntity(id));
+  
+    var permission = getPermission("delete", id, arg);
+    return handle(new AuthUserRelationDeleteAction(), arg, permission, TransactionType.service);
+  }
+  
+  // ::: PRELOAD
+  //
+  @ApiResponses(value = {
+    @ApiResponse(content = @Content(mediaType = "application/json",
+                                    schema = @Schema(implementation = Map.class)))
+  })
+  @Operation(summary = "auth user relation preload operation", description = "")
+  //
+  @PostMapping("/preload")
+  public ResponseEntity preload(@RequestBody AuthUserRelationPreloadArgument arg) {
+  
+    var permission = getPermission(arg.getAction(), null, arg);
+    return handle(new AuthUserRelationPreloadAction(), arg, permission);
+  }
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/endpoint/rest/AbstractAuthUserRest.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/endpoint/rest/AbstractAuthUserRest.java
@ -0,0 +1,214 @@
+/*
+ *
+ */
+package io.kumare.iqr.mod.authentication.endpoint.rest;
+
+// java
+import java.util.Map;
+// openapi
+import io.swagger.v3.oas.annotations.*;
+import io.swagger.v3.oas.annotations.media.*;
+import io.swagger.v3.oas.annotations.responses.*;
+// spring
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+// base
+import io.kumare.lib.app.api.operation.TransactionType;
+import io.kumare.lib.app.api.security.PermissionReference;
+// app
+import io.kumare.iqr.app.endpoint.rest.AppEndpointRest;
+import io.kumare.iqr.app.action.*;
+// module
+import io.kumare.iqr.mod.authentication.AuthenticationPermissions;
+import io.kumare.iqr.mod.authentication.store.authuser.AuthUserEntity;
+import io.kumare.iqr.mod.authentication.action.authuser.*;
+
+/**
+*
+* @author afatecha
+*/
+public abstract class AbstractAuthUserRest extends AppEndpointRest {
+
+  // ::: DEFAULT PERMISSIONS
+  //
+  protected PermissionReference getPermission(String action, String ref, Object extra) {
+    switch (action) {
+      case null -> {
+        return null;
+      }
+      case "add" -> {
+        return AuthenticationPermissions.auth_user_worker.toReference(ref);
+      }
+      case "edit" -> {
+        return AuthenticationPermissions.auth_user_worker.toReference(ref);
+      }
+      case "enable" -> {
+        return AuthenticationPermissions.auth_user_manager.toReference(ref);
+      }
+      case "disable" -> {
+        return AuthenticationPermissions.auth_user_manager.toReference(ref);
+      }
+      case "delete" -> {
+        return AuthenticationPermissions.auth_user_manager.toReference(ref);
+      }
+      case "find" -> {
+        return AuthenticationPermissions.auth_user_viewer.toReference(ref);
+      }
+      case "list" -> {
+        return AuthenticationPermissions.auth_user_viewer.toReference(ref);
+      }
+      default -> {
+        return null;
+      }
+    }
+  }
+
+
+  // ::: ADD
+  //
+  @ApiResponses(value = {
+    @ApiResponse(content = @Content(mediaType = "application/json",
+                                    schema = @Schema(implementation = AppEntityActionResult.class)))
+  })
+  @Operation(summary = "auth user add operation", description = "")
+  //
+  @PostMapping
+  public ResponseEntity add(@RequestBody AuthUserAddArgument arg) {
+  
+    var permission = getPermission("add", null, arg);
+    return handle(new AuthUserAddAction(), arg, permission, TransactionType.service);
+  }
+  
+  // ::: EDIT
+  //
+  @ApiResponses(value = {
+    @ApiResponse(content = @Content(mediaType = "application/json",
+                                    schema = @Schema(implementation = AppEntityActionResult.class)))
+  })
+  @Operation(summary = "auth user edit operation", description = "")
+  //
+  @PutMapping("/{id}")
+  public ResponseEntity edit(@PathVariable("id") String id,
+                             @RequestBody AuthUserEditArgument arg) {
+  
+    arg.getEntity().id(id);
+  
+    var permission = getPermission("edit", id, arg);
+    return handle(new AuthUserEditAction(), arg, permission, TransactionType.service);
+  }
+  
+  // ::: FIND
+  //
+  @ApiResponses(value = {
+    @ApiResponse(content = @Content(mediaType = "application/json",
+                                    schema = @Schema(implementation = Map.class)))
+  })
+  @Operation(summary = "auth user find operation", description = "")
+  //
+  @GetMapping("/{id}")
+  public ResponseEntity find(@PathVariable("id") String id,
+                             @ModelAttribute AuthUserActionArgument arg) {
+  
+  
+    arg = arg == null ? new AuthUserActionArgument() : arg;
+  
+    arg.entity(new AuthUserEntity(id));
+  
+    var permission = getPermission("find", id, arg);
+    return handle(new AuthUserFindAction(), arg, permission);
+  }
+  
+  // ::: ENABLE
+  //
+  /*
+  @ApiResponses(value = {
+    @ApiResponse(content = @Content(mediaType = "application/json",
+                                    schema = @Schema(implementation = AppActionResult.class)))
+  })
+  @Operation(summary = "auth user enable operation", description = "")
+  //
+  @PutMapping("/{id}/enable")
+  public ResponseEntity enable(@PathVariable("id") String id) {
+  
+    var arg = new AuthUserActionArgument();
+    arg.setEntity(new AuthUserEntity(id));
+    arg.getEntity().setActive(true);
+  
+    var permission = getPermission("disable", id, arg);
+    return handle(new AuthUserEnableAction(), arg, permission, TransactionType.service);
+  }
+  */
+  
+  // ::: DISABLE
+  //
+  /*
+  @ApiResponses(value = {
+    @ApiResponse(content = @Content(mediaType = "application/json",
+                                    schema = @Schema(implementation = AppActionResult.class)))
+  })
+  @Operation(summary = "auth user disable operation", description = "")
+  //
+  @PutMapping("/{id}/disable")
+  public ResponseEntity disable(@PathVariable("id") String id) {
+  
+    var arg = new AuthUserActionArgument();
+    arg.setEntity(new AuthUserEntity(id));
+    arg.getEntity().setActive(false);
+  
+    var permission = getPermission("disable", id, arg);
+    return handle(new AuthUserEnableAction(), arg, permission, TransactionType.service);
+  }
+  */
+  
+  // ::: LIST
+  //
+  @ApiResponses(value = {
+    @ApiResponse(content = @Content(mediaType = "application/json",
+                                    schema = @Schema(implementation = Map.class)))
+  })
+  @Operation(summary = "auth user list operation", description = "")
+  //
+  @GetMapping
+  public ResponseEntity list(@ModelAttribute AuthUserListArgument arg) {
+  
+    arg = arg == null ? new AuthUserListArgument() : arg;
+  
+    var permission = getPermission("list", null, arg);
+    return handle(new AuthUserListAction(), arg, permission);
+  }
+  
+  // ::: DELETE
+  //
+  @ApiResponses(value = {
+    @ApiResponse(content = @Content(mediaType = "application/json",
+                                    schema = @Schema(implementation = AppActionResult.class)))
+  })
+  @Operation(summary = "auth user delete operation", description = "")
+  //
+  @DeleteMapping("/{id}")
+  public ResponseEntity delete(@PathVariable("id") String id) {
+  
+    var arg = new AuthUserActionArgument();
+  
+    arg.setEntity(new AuthUserEntity(id));
+  
+    var permission = getPermission("delete", id, arg);
+    return handle(new AuthUserDeleteAction(), arg, permission, TransactionType.service);
+  }
+  
+  // ::: PRELOAD
+  //
+  @ApiResponses(value = {
+    @ApiResponse(content = @Content(mediaType = "application/json",
+                                    schema = @Schema(implementation = Map.class)))
+  })
+  @Operation(summary = "auth user preload operation", description = "")
+  //
+  @PostMapping("/preload")
+  public ResponseEntity preload(@RequestBody AuthUserPreloadArgument arg) {
+  
+    var permission = getPermission(arg.getAction(), null, arg);
+    return handle(new AuthUserPreloadAction(), arg, permission);
+  }
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/endpoint/rest/AuthUserRelationRest.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/endpoint/rest/AuthUserRelationRest.java
@ -0,0 +1,24 @@
+/*
+ *
+ */
+package io.kumare.iqr.mod.authentication.endpoint.rest;
+
+// java
+import io.swagger.v3.oas.annotations.tags.*;
+// spring
+import org.springframework.web.bind.annotation.*;
+
+/**
+*
+* @author afatecha
+*/
+
+// openapi
+//@Tag(name = "auth user relation rest endpoint")
+//
+//@RestController
+//@RequestMapping("/authentication/auth-user-relations")
+public class AuthUserRelationRest extends AbstractAuthUserRelationRest {
+
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/endpoint/rest/AuthUserRest.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/endpoint/rest/AuthUserRest.java
@ -0,0 +1,24 @@
+/*
+ *
+ */
+package io.kumare.iqr.mod.authentication.endpoint.rest;
+
+// java
+import io.swagger.v3.oas.annotations.tags.*;
+// spring
+import org.springframework.web.bind.annotation.*;
+
+/**
+*
+* @author afatecha
+*/
+
+// openapi
+//@Tag(name = "auth user rest endpoint")
+//
+//@RestController
+//@RequestMapping("/authentication/auth-users")
+public class AuthUserRest extends AbstractAuthUserRest {
+
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/store/AuthenticationEntities.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/store/AuthenticationEntities.java
@ -0,0 +1,102 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.authentication.store;
+
+// base
+// base
+import io.kumare.lib.app.api.module.ServiceModule;
+import io.kumare.lib.app.api.store.EntityStore;
+import io.kumare.lib.base.server.spring.store.jpa.EntityDescriptor;
+// app
+import io.kumare.iqr.app.AppEngine;
+import io.kumare.iqr.app.module.AppModules;
+import io.kumare.iqr.mod.authentication.store.authuser.AuthUserEntity;
+import io.kumare.iqr.mod.authentication.store.authuser.AuthUserStore;
+import io.kumare.iqr.mod.authentication.store.authuserrelation.AuthUserRelationEntity;
+import io.kumare.iqr.mod.authentication.store.authuserrelation.AuthUserRelationStore;
+
+
+/**
+ *
+ * @author afatecha
+ */
+public enum AuthenticationEntities implements EntityDescriptor {
+
+  authUser(AuthUserEntity.class, AuthUserStore.class),
+  authUserRelation(AuthUserRelationEntity.class, AuthUserRelationStore.class);
+
+  // ::: vars
+  //
+  private final Class entityClass;
+  private final Class storeClass;
+
+  // ::: constructor
+  //
+  AuthenticationEntities(Class entityClass, Class storeClass) {
+    this.entityClass = entityClass;
+    this.storeClass = storeClass;
+  }
+
+  // ::: entity descriptor api
+  //
+  @Override
+  public String getName() {
+    return name();
+  }
+
+  @Override
+  public ServiceModule getModule() {
+    return AppModules.authentication;
+  }
+
+  @Override
+  public Class getEntityClass() {
+    return entityClass;
+  }
+
+  @Override
+  public Class getStoreClass() {
+    return storeClass;
+  }
+
+  @Override
+  public EntityStore getStore() {
+    return (EntityStore) AppEngine.getEngine().getInnerContext().getBean(storeClass);
+  }
+
+  // ::: statics
+  //
+  public static boolean hasDescriptor(String name) {
+    try {
+      var value = valueOf(name);
+      return value != null;
+
+    } catch (Throwable t) {
+      return false;
+    }
+  }
+
+  public static EntityDescriptor descriptorOf(String name) {
+    try {
+      return valueOf(name);
+
+    } catch (Throwable t) {
+      return null;
+    }
+  }
+
+  public static EntityDescriptor descriptorOf(Class entityClass) {
+    try {
+      for (var i : values()) {
+        if (i.entityClass == entityClass) {
+          return i;
+        }
+      }
+
+    } catch (Throwable t) {
+    }
+
+    return null;
+  }
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/store/authuser/AuthUserData.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/store/authuser/AuthUserData.java
@ -0,0 +1,25 @@
+/*
+ *
+ */
+package io.kumare.iqr.mod.authentication.store.authuser;
+
+// base
+import io.kumare.iqr.app.store.AppExtendedEntityData;
+// imports
+
+
+public class AuthUserData extends AppExtendedEntityData {
+
+  // ::: vars
+  //
+
+
+  // ::: fields
+  //
+
+
+  // ::: fluent
+  //
+
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/store/authuser/AuthUserEntity.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/store/authuser/AuthUserEntity.java
@ -0,0 +1,179 @@
+/*
+ *
+ */
+package io.kumare.iqr.mod.authentication.store.authuser;
+
+// jakarta
+import jakarta.persistence.Entity;
+import jakarta.persistence.Index;
+import jakarta.persistence.Table;
+// base
+import io.kumare.lib.app.api.store.*;
+import io.kumare.iqr.app.store.*;
+// imports
+
+// relations
+// annotations
+@Entity
+@Table(
+        name = "auth_user",
+        indexes = {
+          @Index(name = "idx_auth_user_external_id", columnList = "externalId"),
+          @Index(name = "idx_auth_user_entity_key", columnList = "entityKey"),
+          @Index(name = "idx_auth_user_custom", columnList = "custom"),
+          @Index(name = "idx_auth_user_visible", columnList = "visible"),
+          @Index(name = "idx_auth_user_email", columnList = "email"),
+          @Index(name = "idx_auth_user_email_confirmed", columnList = "emailConfirmed"),
+          @Index(name = "idx_auth_user_phone", columnList = "phone"),
+          @Index(name = "idx_auth_user_phone_confirmed", columnList = "phoneConfirmed"),
+          @Index(name = "idx_auth_user_name", columnList = "name")
+        }
+)
+public class AuthUserEntity extends AppEntity implements SupportedEntityKey {
+
+  // ::: vars
+  //
+  private String externalId;
+  private String entityKey;
+  private boolean custom;
+  private boolean visible;
+  private String email;
+  private boolean emailConfirmed;
+  private String phone;
+  private boolean phoneConfirmed;
+  private String name;
+  // relations
+
+  // ::: constructors
+  //
+  public AuthUserEntity() {
+  }
+
+  public AuthUserEntity(String id) {
+    super(id);
+  }
+
+  // ::: fields
+  //
+  public String getExternalId() {
+    return externalId;
+  }
+
+  public void setExternalId(String externalId) {
+    this.externalId = externalId;
+  }
+
+  public String getEntityKey() {
+    return entityKey;
+  }
+
+  public void setEntityKey(String entityKey) {
+    this.entityKey = entityKey;
+  }
+
+  public boolean isCustom() {
+    return custom;
+  }
+
+  public void setCustom(boolean custom) {
+    this.custom = custom;
+  }
+
+  public boolean isVisible() {
+    return visible;
+  }
+
+  public void setVisible(boolean visible) {
+    this.visible = visible;
+  }
+
+  public String getEmail() {
+    return email;
+  }
+
+  public void setEmail(String email) {
+    this.email = email;
+  }
+
+  public boolean isEmailConfirmed() {
+    return emailConfirmed;
+  }
+
+  public void setEmailConfirmed(boolean emailConfirmed) {
+    this.emailConfirmed = emailConfirmed;
+  }
+
+  public String getPhone() {
+    return phone;
+  }
+
+  public void setPhone(String phone) {
+    this.phone = phone;
+  }
+
+  public boolean isPhoneConfirmed() {
+    return phoneConfirmed;
+  }
+
+  public void setPhoneConfirmed(boolean phoneConfirmed) {
+    this.phoneConfirmed = phoneConfirmed;
+  }
+
+  public String getName() {
+    return name;
+  }
+
+  public void setName(String name) {
+    this.name = name;
+  }
+
+  // relations
+  // ::: fluent
+  //
+  public AuthUserEntity externalId(String externalId) {
+    setExternalId(externalId);
+    return this;
+  }
+
+  public AuthUserEntity entityKey(String entityKey) {
+    setEntityKey(entityKey);
+    return this;
+  }
+
+  public AuthUserEntity custom(boolean custom) {
+    setCustom(custom);
+    return this;
+  }
+
+  public AuthUserEntity visible(boolean visible) {
+    setVisible(visible);
+    return this;
+  }
+
+  public AuthUserEntity email(String email) {
+    setEmail(email);
+    return this;
+  }
+
+  public AuthUserEntity emailConfirmed(boolean emailConfirmed) {
+    setEmailConfirmed(emailConfirmed);
+    return this;
+  }
+
+  public AuthUserEntity phone(String phone) {
+    setPhone(phone);
+    return this;
+  }
+
+  public AuthUserEntity phoneConfirmed(boolean phoneConfirmed) {
+    setPhoneConfirmed(phoneConfirmed);
+    return this;
+  }
+
+  public AuthUserEntity name(String name) {
+    setName(name);
+    return this;
+  }
+
+  // relations
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/store/authuser/AuthUserFields.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/store/authuser/AuthUserFields.java
@ -0,0 +1,163 @@
+/*
+ */
+package io.kumare.iqr.mod.authentication.store.authuser;
+
+// java
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+// base
+import io.kumare.lib.app.api.store.EntityFieldDescriptor;
+import io.kumare.lib.base.server.spring.store.jpa.EntityDescriptor;
+// app
+
+
+/**
+ *
+ * @author afatecha
+ */
+public enum AuthUserFields implements EntityFieldDescriptor<AuthUserEntity> {
+
+  id(MAIN, FIND, LIST),  
+  externalId(MAIN, FIND, LIST),
+  entityKey(MAIN, FIND, LIST),
+  custom(MAIN, FIND, LIST),
+  visible(MAIN, FIND, LIST),
+  email(MAIN, FIND, LIST),
+  emailConfirmed(MAIN, FIND, LIST),
+  phone(MAIN, FIND, LIST),
+  phoneConfirmed(MAIN, FIND, LIST),
+  name(MAIN, FIND, LIST),
+  active(MAIN, FIND, LIST),
+  inserted(AUDIT, FIND, LIST),
+  inserter(AUDIT, FIND, LIST),
+  modified(AUDIT, FIND),
+  modifier(AUDIT, FIND),
+  deleted(AUDIT),
+  removed(AUDIT),
+  remover(AUDIT);
+
+  // ::: vars
+  //
+  private final boolean relation;
+  private final EntityDescriptor entityDescriptor;
+  private final Class enumClass;
+  private final List<String> groups;
+
+  // ::: constructors
+  //
+  AuthUserFields(String... groups) {
+    this(false, null, null, groups);
+  }
+
+  AuthUserFields(EntityDescriptor entityDescriptor, Class enumClass, String... groups) {
+    this(true, entityDescriptor, enumClass, groups);
+  }
+
+  AuthUserFields(boolean relation, EntityDescriptor entityDescriptor, Class enumClass, String... groups) {
+    this.relation = relation;
+    this.entityDescriptor = entityDescriptor;
+    this.enumClass = enumClass;
+    this.groups = groups == null ? Collections.EMPTY_LIST : Arrays.asList(groups);
+  }
+
+  // ::: api
+  //
+  @Override
+  public String getName() {
+    return name();
+  }
+
+  @Override
+  public boolean isRelation() {
+    return relation;
+  }
+
+  @Override
+  public Class<Enum> getRelationEnumClass() {
+    return enumClass;
+  }
+
+  @Override
+  public List<String> getGroups() {
+    return groups;
+  }
+
+  @Override
+  public EntityDescriptor getEntityDescriptor() {
+    return entityDescriptor;
+  }
+
+  @Override
+  public Object fetchValue(AuthUserEntity entity) {
+    if (entity == null) {
+      return null;
+    }
+
+    switch (this) {
+      case null -> {
+        return null;
+      }
+      case id -> {
+        return entity.getId();
+      }
+      case externalId ->{
+        return entity.getExternalId();
+      }
+      case entityKey ->{
+        return entity.getEntityKey();
+      }
+      case custom ->{
+        return entity.isCustom();
+      }
+      case visible ->{
+        return entity.isVisible();
+      }
+      case email ->{
+        return entity.getEmail();
+      }
+      case emailConfirmed ->{
+        return entity.isEmailConfirmed();
+      }
+      case phone ->{
+        return entity.getPhone();
+      }
+      case phoneConfirmed ->{
+        return entity.isPhoneConfirmed();
+      }
+      case name ->{
+        return entity.getName();
+      }
+      case active -> {
+        return entity.isActive();
+      }
+      case inserted -> {
+        return entity.getInserted();
+      }
+      case inserter -> {
+        return entity.getInserter();
+      }
+      case modified -> {
+        return entity.getModified();
+      }
+      case modifier -> {
+        return entity.getModifier();
+      }
+      case deleted -> {
+        return entity.isDeleted();
+      }
+      case removed -> {
+        return entity.getRemoved();
+      }
+      case remover -> {
+        return entity.getRemover();
+      }
+
+      default -> {
+        return null;
+      }
+    }
+
+  }
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/store/authuser/AuthUserMapBuilder.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/store/authuser/AuthUserMapBuilder.java
@ -0,0 +1,93 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.authentication.store.authuser;
+
+// java
+import java.util.List;
+import java.util.Map;
+// base
+import io.kumare.lib.app.api.Context;
+import io.kumare.lib.app.api.store.EntityFieldDescriptor;
+import io.kumare.lib.base.server.spring.store.jpa.BaseEntityMapBuilder;
+// app
+
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthUserMapBuilder extends BaseEntityMapBuilder<AuthUserEntity, AuthUserMapBuilder> {
+
+  // ::: vars
+  //
+
+
+
+  // ::: fields
+  //
+  @Override
+  public AuthUserMapBuilder addGroup(String name, boolean cascade) {
+    includes.addAll(EntityFieldDescriptor.group(AuthUserFields.values(), name));
+
+    return this;
+  }
+
+  @Override
+  public AuthUserMapBuilder add(String fieldName) {
+    includes.add(AuthUserFields.valueOf(fieldName));
+    return this;
+  }
+
+  @Override
+  public AuthUserMapBuilder addAll(String... names) {
+    for (var i : names) {
+      includes.add(AuthUserFields.valueOf(i));
+    }
+    return this;
+  }
+
+  @Override
+  public AuthUserMapBuilder remove(String fieldName) {
+    excludes.add(AuthUserFields.valueOf(fieldName));
+    return this;
+  }
+
+  @Override
+  public AuthUserMapBuilder removeAll(String... names) {
+    for (var i : names) {
+      excludes.add(AuthUserFields.valueOf(i));
+    }
+    return this;
+  }
+
+  // ::: relations
+  //
+  @Override
+  public AuthUserMapBuilder addPlains(boolean cascade) {
+    includes.addAll(EntityFieldDescriptor.plains(AuthUserFields.values()));
+
+    return this;
+  }
+
+  @Override
+  public AuthUserMapBuilder addRelations(boolean cascade) {
+    includes.addAll(EntityFieldDescriptor.relations(AuthUserFields.values()));
+
+    return this;
+  }
+
+
+
+  // ::: internals
+  //
+  @Override
+  protected void internalAttachRelations(Context context,
+                                         AuthUserEntity entity,
+                                         List<EntityFieldDescriptor> fields,
+                                         Map<String, Object> resultMap) {
+
+
+  }
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/store/authuser/AuthUserRepository.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/store/authuser/AuthUserRepository.java
@ -0,0 +1,18 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.authentication.store.authuser;
+
+// spring
+import org.springframework.stereotype.Repository;
+// base
+import io.kumare.iqr.app.store.*;
+
+/**
+ *
+ * @author afatecha
+ */
+@Repository
+public interface AuthUserRepository extends AppKeyEntityRepository<AuthUserEntity>{
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/store/authuser/AuthUserStore.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/store/authuser/AuthUserStore.java
@ -0,0 +1,35 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.authentication.store.authuser;
+
+// spring
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+// base
+import io.kumare.iqr.app.store.*;
+
+/**
+ *
+ * @author afatecha
+ */
+@Service
+public class AuthUserStore extends AppKeyEntityStore<AuthUserEntity> {
+
+  // ::: vars
+  //
+  @Autowired
+  private AuthUserRepository repository;
+
+  // ::: override
+  //
+  @Override
+  public AuthUserRepository getRepository() {
+    return repository;
+  }
+
+  // ::: api
+  //
+  
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/store/authuserrelation/AuthUserRelationData.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/store/authuserrelation/AuthUserRelationData.java
@ -0,0 +1,25 @@
+/*
+ *
+ */
+package io.kumare.iqr.mod.authentication.store.authuserrelation;
+
+// base
+import io.kumare.iqr.app.store.AppExtendedEntityData;
+// imports
+
+
+public class AuthUserRelationData extends AppExtendedEntityData {
+
+  // ::: vars
+  //
+
+
+  // ::: fields
+  //
+
+
+  // ::: fluent
+  //
+
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/store/authuserrelation/AuthUserRelationEntity.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/store/authuserrelation/AuthUserRelationEntity.java
@ -0,0 +1,153 @@
+/*
+ *
+ */
+package io.kumare.iqr.mod.authentication.store.authuserrelation;
+
+// jakarta
+import jakarta.persistence.Entity;
+import jakarta.persistence.FetchType;
+import jakarta.persistence.Index;
+import jakarta.persistence.ManyToOne;
+import jakarta.persistence.Table;
+// base
+import io.kumare.lib.app.api.store.*;
+import io.kumare.iqr.app.store.*;
+// imports
+
+// relations
+import io.kumare.iqr.mod.authentication.store.authuser.AuthUserEntity;
+
+// annotations
+@Entity
+@Table(
+  name = "auth_user_relation",
+  indexes = {
+    @Index(name = "idx_auth_user_relation_external_id", columnList = "externalId"),
+    @Index(name = "idx_auth_user_relation_user_key", columnList = "userKey"),
+    @Index(name = "idx_auth_user_relation_type_value", columnList = "typeValue"),
+    @Index(name = "idx_auth_user_relation_resource_type", columnList = "resourceType"),
+    @Index(name = "idx_auth_user_relation_resource_key", columnList = "resourceKey"),
+    @Index(name = "idx_auth_user_relation_resource_id", columnList = "resourceId")
+  }
+)
+public class AuthUserRelationEntity extends AppEntity  {
+
+  // ::: vars
+  //
+  private String externalId;
+  private String userKey;
+  private String typeValue;
+  private String resourceType;
+  private String resourceKey;
+  private String resourceId;
+  // relations
+  @ManyToOne(fetch = FetchType.LAZY)
+  private AuthUserEntity authUser;
+
+  // ::: constructors
+  //
+  public AuthUserRelationEntity() {
+  }
+
+  public AuthUserRelationEntity(String id) {
+    super(id);
+  }
+
+  // ::: fields
+  //
+  public String getExternalId() {
+    return externalId;
+  }
+  
+  public void setExternalId(String externalId) {
+    this.externalId = externalId;
+  }
+  
+  public String getUserKey() {
+    return userKey;
+  }
+  
+  public void setUserKey(String userKey) {
+    this.userKey = userKey;
+  }
+  
+  public String getTypeValue() {
+    return typeValue;
+  }
+  
+  public void setTypeValue(String typeValue) {
+    this.typeValue = typeValue;
+  }
+  
+  public String getResourceType() {
+    return resourceType;
+  }
+  
+  public void setResourceType(String resourceType) {
+    this.resourceType = resourceType;
+  }
+  
+  public String getResourceKey() {
+    return resourceKey;
+  }
+  
+  public void setResourceKey(String resourceKey) {
+    this.resourceKey = resourceKey;
+  }
+  
+  public String getResourceId() {
+    return resourceId;
+  }
+  
+  public void setResourceId(String resourceId) {
+    this.resourceId = resourceId;
+  }
+
+  // relations
+  public AuthUserEntity getAuthUser() {
+    return authUser;
+  }
+  
+  public void setAuthUser(AuthUserEntity authUser) {
+    this.authUser = authUser;
+  }
+
+  // ::: fluent
+  //
+  public AuthUserRelationEntity externalId(String externalId) {
+    setExternalId(externalId);
+    return this;
+  }
+  
+  public AuthUserRelationEntity userKey(String userKey) {
+    setUserKey(userKey);
+    return this;
+  }
+  
+  public AuthUserRelationEntity typeValue(String typeValue) {
+    setTypeValue(typeValue);
+    return this;
+  }
+  
+  public AuthUserRelationEntity resourceType(String resourceType) {
+    setResourceType(resourceType);
+    return this;
+  }
+  
+  public AuthUserRelationEntity resourceKey(String resourceKey) {
+    setResourceKey(resourceKey);
+    return this;
+  }
+  
+  public AuthUserRelationEntity resourceId(String resourceId) {
+    setResourceId(resourceId);
+    return this;
+  }
+
+  // relations
+  public AuthUserRelationEntity authUser(AuthUserEntity authUser) {
+    setAuthUser(authUser);
+    return this;
+  }
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/store/authuserrelation/AuthUserRelationFields.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/store/authuserrelation/AuthUserRelationFields.java
@ -0,0 +1,155 @@
+/*
+ */
+package io.kumare.iqr.mod.authentication.store.authuserrelation;
+
+// java
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+// base
+import io.kumare.lib.app.api.store.EntityFieldDescriptor;
+import io.kumare.lib.base.server.spring.store.jpa.EntityDescriptor;
+// app
+import io.kumare.iqr.mod.authentication.store.AuthenticationEntities;
+import io.kumare.iqr.mod.authentication.store.authuser.AuthUserFields;
+
+/**
+ *
+ * @author afatecha
+ */
+public enum AuthUserRelationFields implements EntityFieldDescriptor<AuthUserRelationEntity> {
+
+  id(MAIN, FIND, LIST),  
+  externalId(MAIN, FIND, LIST),
+  userKey(MAIN, FIND, LIST),
+  typeValue(MAIN, FIND, LIST),
+  resourceType(MAIN, FIND, LIST),
+  resourceKey(MAIN, FIND, LIST),
+  resourceId(MAIN, FIND, LIST),
+  active(MAIN, FIND, LIST),
+  inserted(AUDIT, FIND, LIST),
+  inserter(AUDIT, FIND, LIST),
+  modified(AUDIT, FIND),
+  modifier(AUDIT, FIND),
+  deleted(AUDIT),
+  removed(AUDIT),
+  remover(AUDIT),
+  authUser(AuthenticationEntities.authUser, AuthUserFields.class, FIND, LIST);
+
+  // ::: vars
+  //
+  private final boolean relation;
+  private final EntityDescriptor entityDescriptor;
+  private final Class enumClass;
+  private final List<String> groups;
+
+  // ::: constructors
+  //
+  AuthUserRelationFields(String... groups) {
+    this(false, null, null, groups);
+  }
+
+  AuthUserRelationFields(EntityDescriptor entityDescriptor, Class enumClass, String... groups) {
+    this(true, entityDescriptor, enumClass, groups);
+  }
+
+  AuthUserRelationFields(boolean relation, EntityDescriptor entityDescriptor, Class enumClass, String... groups) {
+    this.relation = relation;
+    this.entityDescriptor = entityDescriptor;
+    this.enumClass = enumClass;
+    this.groups = groups == null ? Collections.EMPTY_LIST : Arrays.asList(groups);
+  }
+
+  // ::: api
+  //
+  @Override
+  public String getName() {
+    return name();
+  }
+
+  @Override
+  public boolean isRelation() {
+    return relation;
+  }
+
+  @Override
+  public Class<Enum> getRelationEnumClass() {
+    return enumClass;
+  }
+
+  @Override
+  public List<String> getGroups() {
+    return groups;
+  }
+
+  @Override
+  public EntityDescriptor getEntityDescriptor() {
+    return entityDescriptor;
+  }
+
+  @Override
+  public Object fetchValue(AuthUserRelationEntity entity) {
+    if (entity == null) {
+      return null;
+    }
+
+    switch (this) {
+      case null -> {
+        return null;
+      }
+      case id -> {
+        return entity.getId();
+      }
+      case externalId ->{
+        return entity.getExternalId();
+      }
+      case userKey ->{
+        return entity.getUserKey();
+      }
+      case typeValue ->{
+        return entity.getTypeValue();
+      }
+      case resourceType ->{
+        return entity.getResourceType();
+      }
+      case resourceKey ->{
+        return entity.getResourceKey();
+      }
+      case resourceId ->{
+        return entity.getResourceId();
+      }
+      case active -> {
+        return entity.isActive();
+      }
+      case inserted -> {
+        return entity.getInserted();
+      }
+      case inserter -> {
+        return entity.getInserter();
+      }
+      case modified -> {
+        return entity.getModified();
+      }
+      case modifier -> {
+        return entity.getModifier();
+      }
+      case deleted -> {
+        return entity.isDeleted();
+      }
+      case removed -> {
+        return entity.getRemoved();
+      }
+      case remover -> {
+        return entity.getRemover();
+      }
+      case authUser ->{
+        return entity.getAuthUser();
+      }
+      default -> {
+        return null;
+      }
+    }
+
+  }
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/store/authuserrelation/AuthUserRelationMapBuilder.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/store/authuserrelation/AuthUserRelationMapBuilder.java
@ -0,0 +1,139 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.authentication.store.authuserrelation;
+
+// java
+import java.util.List;
+import java.util.Map;
+// base
+import io.kumare.lib.app.api.Context;
+import io.kumare.lib.app.api.store.EntityFieldDescriptor;
+import io.kumare.lib.base.server.spring.store.jpa.BaseEntityMapBuilder;
+// app
+import io.kumare.iqr.mod.authentication.store.authuser.AuthUserMapBuilder;
+
+/**
+ *
+ * @author afatecha
+ */
+public class AuthUserRelationMapBuilder extends BaseEntityMapBuilder<AuthUserRelationEntity, AuthUserRelationMapBuilder> {
+
+  // ::: vars
+  //
+  private AuthUserMapBuilder authUserBuilder;
+
+
+  // ::: fields
+  //
+  @Override
+  public AuthUserRelationMapBuilder addGroup(String name, boolean cascade) {
+    includes.addAll(EntityFieldDescriptor.group(AuthUserRelationFields.values(), name));
+    
+    if(cascade) {
+    if (includes.contains(AuthUserRelationFields.authUser)) {
+      getAuthUserBuilder().addGroup(name);
+    }
+    }
+    return this;
+  }
+
+  @Override
+  public AuthUserRelationMapBuilder add(String fieldName) {
+    includes.add(AuthUserRelationFields.valueOf(fieldName));
+    return this;
+  }
+
+  @Override
+  public AuthUserRelationMapBuilder addAll(String... names) {
+    for (var i : names) {
+      includes.add(AuthUserRelationFields.valueOf(i));
+    }
+    return this;
+  }
+
+  @Override
+  public AuthUserRelationMapBuilder remove(String fieldName) {
+    excludes.add(AuthUserRelationFields.valueOf(fieldName));
+    return this;
+  }
+
+  @Override
+  public AuthUserRelationMapBuilder removeAll(String... names) {
+    for (var i : names) {
+      excludes.add(AuthUserRelationFields.valueOf(i));
+    }
+    return this;
+  }
+
+  // ::: relations
+  //
+  @Override
+  public AuthUserRelationMapBuilder addPlains(boolean cascade) {
+    includes.addAll(EntityFieldDescriptor.plains(AuthUserRelationFields.values()));
+    
+    if(cascade) {
+    if (includes.contains(AuthUserRelationFields.authUser)) {
+      getAuthUserBuilder().addPlains();
+    }
+    }
+    return this;
+  }
+
+  @Override
+  public AuthUserRelationMapBuilder addRelations(boolean cascade) {
+    includes.addAll(EntityFieldDescriptor.relations(AuthUserRelationFields.values()));
+    
+    if(cascade) {
+    if (includes.contains(AuthUserRelationFields.authUser)) {
+      getAuthUserBuilder().addRelations();
+    }
+    }
+    return this;
+  }
+
+  // ::: auth user
+  //
+  public AuthUserRelationMapBuilder addAuthUser() {
+    return addAuthUser(null);
+  }
+  
+  public AuthUserRelationMapBuilder addAuthUser(String group) {
+    return addAuthUser(group, false);
+  }
+  
+  public AuthUserRelationMapBuilder addAuthUser(String group, boolean cascade) {
+    includes.add(AuthUserRelationFields.authUser);
+  
+    if (group != null) {
+      getAuthUserBuilder().addGroup(group);
+    }
+  
+    return this;
+  }
+  
+  public AuthUserMapBuilder getAuthUserBuilder() {
+    if(authUserBuilder == null) {
+      authUserBuilder = new AuthUserMapBuilder();
+    }
+    return authUserBuilder;
+  }
+
+  // ::: internals
+  //
+  @Override
+  protected void internalAttachRelations(Context context,
+                                         AuthUserRelationEntity entity,
+                                         List<EntityFieldDescriptor> fields,
+                                         Map<String, Object> resultMap) {
+
+    if (fields.contains(AuthUserRelationFields.authUser)) {
+      attachRelation(context,
+        entity,
+        AuthUserRelationFields.authUser,
+        getAuthUserBuilder(),
+        resultMap);
+    }
+  }
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/store/authuserrelation/AuthUserRelationRepository.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/store/authuserrelation/AuthUserRelationRepository.java
@ -0,0 +1,18 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.authentication.store.authuserrelation;
+
+// spring
+import org.springframework.stereotype.Repository;
+// base
+import io.kumare.iqr.app.store.*;
+
+/**
+ *
+ * @author afatecha
+ */
+@Repository
+public interface AuthUserRelationRepository extends AppEntityRepository<AuthUserRelationEntity>{
+
+}
--- a/src/main/java/io/kumare/iqr/mod/authentication/store/authuserrelation/AuthUserRelationStore.java
+++ b/src/main/java/io/kumare/iqr/mod/authentication/store/authuserrelation/AuthUserRelationStore.java
@ -0,0 +1,35 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.authentication.store.authuserrelation;
+
+// spring
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+// base
+import io.kumare.iqr.app.store.*;
+
+/**
+ *
+ * @author afatecha
+ */
+@Service
+public class AuthUserRelationStore extends AppEntityStore<AuthUserRelationEntity> {
+
+  // ::: vars
+  //
+  @Autowired
+  private AuthUserRelationRepository repository;
+
+  // ::: override
+  //
+  @Override
+  public AuthUserRelationRepository getRepository() {
+    return repository;
+  }
+
+  // ::: api
+  //
+  
+
+}
--- a/src/main/java/io/kumare/iqr/mod/biz/BizConstants.java
+++ b/src/main/java/io/kumare/iqr/mod/biz/BizConstants.java
@ -0,0 +1,20 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.biz;
+
+// base
+import io.kumare.iqr.app.AppConstants;
+
+/**
+ *
+ * @author afatecha
+ */
+public class BizConstants {
+
+  // ::: codes
+  //
+  public static final int CODE = AppConstants.BIZ_CODE;
+  public static final String NAME = "biz";
+    
+}
--- a/src/main/java/io/kumare/iqr/mod/biz/BizController.java
+++ b/src/main/java/io/kumare/iqr/mod/biz/BizController.java
@ -0,0 +1,87 @@
+/*
+ *
+ */
+package io.kumare.iqr.mod.biz;
+
+// java
+import io.kumare.iqr.mod.biz.store.BizEntities;
+import java.util.Arrays;
+import java.util.List;
+// base
+import io.kumare.lib.base.server.spring.store.jpa.EntityDescriptor;
+// app
+import io.kumare.iqr.app.module.AppModuleController;
+// module
+import io.kumare.iqr.mod.biz.store.business.BusinessStore;
+import io.kumare.iqr.mod.biz.store.businessprofile.BusinessProfileStore;
+import io.kumare.iqr.mod.biz.store.businesssetting.BusinessSettingStore;
+import io.kumare.iqr.mod.biz.store.businesspromo.BusinessPromoStore;
+import io.kumare.iqr.mod.biz.store.businesspromoitem.BusinessPromoItemStore;
+import io.kumare.iqr.mod.biz.store.businessimage.BusinessImageStore;
+import io.kumare.iqr.mod.biz.store.businessworker.BusinessWorkerStore;
+import io.kumare.iqr.mod.biz.store.businesstag.BusinessTagStore;
+
+/**
+ *
+ * @author afatecha
+ */
+public class BizController extends AppModuleController {
+
+  // ::: api
+  //
+  @Override
+  public boolean hasStore(String name) {
+    return BizEntities.hasDescriptor(name);
+  }
+
+  @Override
+  public EntityDescriptor getEntityDescriptor(Class entityClass) {
+    return BizEntities.descriptorOf(entityClass);
+  }
+
+  @Override
+  public EntityDescriptor getEntityDescriptor(String name) {
+    return BizEntities.descriptorOf(name);
+  }
+
+  @Override
+  public List<EntityDescriptor> getEntityDescriptors() {
+    return Arrays.asList(BizEntities.values());
+  }
+
+  // ::: stores
+  //
+  public BusinessStore getBusinessStore() {
+    return getService(BusinessStore.class);
+  }
+  
+  public BusinessProfileStore getBusinessProfileStore() {
+    return getService(BusinessProfileStore.class);
+  }
+  
+  public BusinessSettingStore getBusinessSettingStore() {
+    return getService(BusinessSettingStore.class);
+  }
+  
+  public BusinessPromoStore getBusinessPromoStore() {
+    return getService(BusinessPromoStore.class);
+  }
+  
+  public BusinessPromoItemStore getBusinessPromoItemStore() {
+    return getService(BusinessPromoItemStore.class);
+  }
+  
+  public BusinessImageStore getBusinessImageStore() {
+    return getService(BusinessImageStore.class);
+  }
+  
+  public BusinessWorkerStore getBusinessWorkerStore() {
+    return getService(BusinessWorkerStore.class);
+  }
+  
+  public BusinessTagStore getBusinessTagStore() {
+    return getService(BusinessTagStore.class);
+  }
+
+
+}
--- a/src/main/java/io/kumare/iqr/mod/biz/BizErrors.java
+++ b/src/main/java/io/kumare/iqr/mod/biz/BizErrors.java
@ -0,0 +1,165 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.biz;
+
+// java
+import java.util.HashMap;
+import java.util.Map;
+// lib
+import io.kumare.lib.transport.TransportCode;
+import static io.kumare.lib.transport.Transports.code;
+import io.kumare.lib.v.ExceptionPrototype;
+// app
+import io.kumare.iqr.app.AppException;
+import io.kumare.iqr.app.endpoint.AppTransports;
+
+
+/**
+ *
+ * @author afatecha
+ */
+public enum BizErrors implements ExceptionPrototype {
+
+  
+  // business
+  business_notfound(1, code(AppTransports.http, 400)),
+  business_data_notfound(1, code(AppTransports.http, 400)),
+  business_preload_empty(1, code(AppTransports.http, 400)),
+  business_entitykey_empty(1, code(AppTransports.http, 400)),
+  business_alias_empty(1, code(AppTransports.http, 400)),
+  business_statevalue_empty(1, code(AppTransports.http, 400)),
+  business_name_empty(1, code(AppTransports.http, 400)),
+  business_description_empty(1, code(AppTransports.http, 400)),
+  business_logo_notfound(1, code(AppTransports.http, 400)),
+  business_state_notfound(1, code(AppTransports.http, 400)),
+  
+  // business profile
+  businessprofile_notfound(1, code(AppTransports.http, 400)),
+  businessprofile_data_notfound(1, code(AppTransports.http, 400)),
+  businessprofile_preload_empty(1, code(AppTransports.http, 400)),
+  businessprofile_activityvalue_empty(1, code(AppTransports.http, 400)),
+  businessprofile_gpslatitude_empty(1, code(AppTransports.http, 400)),
+  businessprofile_gpslongitude_empty(1, code(AppTransports.http, 400)),
+  businessprofile_website_empty(1, code(AppTransports.http, 400)),
+  businessprofile_phone_empty(1, code(AppTransports.http, 400)),
+  businessprofile_address_empty(1, code(AppTransports.http, 400)),
+  businessprofile_extrainfo_empty(1, code(AppTransports.http, 400)),
+  businessprofile_description_empty(1, code(AppTransports.http, 400)),
+  businessprofile_business_notfound(1, code(AppTransports.http, 400)),
+  businessprofile_image_notfound(1, code(AppTransports.http, 400)),
+  businessprofile_activity_notfound(1, code(AppTransports.http, 400)),
+  
+  // business setting
+  businesssetting_notfound(1, code(AppTransports.http, 400)),
+  businesssetting_data_notfound(1, code(AppTransports.http, 400)),
+  businesssetting_preload_empty(1, code(AppTransports.http, 400)),
+  businesssetting_pointexchange_empty(1, code(AppTransports.http, 400)),
+  businesssetting_leadcapturereward_empty(1, code(AppTransports.http, 400)),
+  businesssetting_customercapturereward_empty(1, code(AppTransports.http, 400)),
+  businesssetting_business_notfound(1, code(AppTransports.http, 400)),
+  
+  // business promo
+  businesspromo_notfound(1, code(AppTransports.http, 400)),
+  businesspromo_data_notfound(1, code(AppTransports.http, 400)),
+  businesspromo_preload_empty(1, code(AppTransports.http, 400)),
+  businesspromo_statevalue_empty(1, code(AppTransports.http, 400)),
+  businesspromo_started_empty(1, code(AppTransports.http, 400)),
+  businesspromo_ended_empty(1, code(AppTransports.http, 400)),
+  businesspromo_schedulestart_empty(1, code(AppTransports.http, 400)),
+  businesspromo_scheduleend_empty(1, code(AppTransports.http, 400)),
+  businesspromo_title_empty(1, code(AppTransports.http, 400)),
+  businesspromo_bodyinfo_empty(1, code(AppTransports.http, 400)),
+  businesspromo_footerinfo_empty(1, code(AppTransports.http, 400)),
+  businesspromo_business_notfound(1, code(AppTransports.http, 400)),
+  businesspromo_image_notfound(1, code(AppTransports.http, 400)),
+  businesspromo_state_notfound(1, code(AppTransports.http, 400)),
+  
+  // business promo item
+  businesspromoitem_notfound(1, code(AppTransports.http, 400)),
+  businesspromoitem_data_notfound(1, code(AppTransports.http, 400)),
+  businesspromoitem_preload_empty(1, code(AppTransports.http, 400)),
+  businesspromoitem_title_empty(1, code(AppTransports.http, 400)),
+  businesspromoitem_description_empty(1, code(AppTransports.http, 400)),
+  businesspromoitem_points_empty(1, code(AppTransports.http, 400)),
+  businesspromoitem_condition_empty(1, code(AppTransports.http, 400)),
+  businesspromoitem_business_notfound(1, code(AppTransports.http, 400)),
+  businesspromoitem_promo_notfound(1, code(AppTransports.http, 400)),
+  businesspromoitem_image_notfound(1, code(AppTransports.http, 400)),
+  
+  // business image
+  businessimage_notfound(1, code(AppTransports.http, 400)),
+  businessimage_data_notfound(1, code(AppTransports.http, 400)),
+  businessimage_preload_empty(1, code(AppTransports.http, 400)),
+  businessimage_typevalue_empty(1, code(AppTransports.http, 400)),
+  businessimage_bytes_empty(1, code(AppTransports.http, 400)),
+  businessimage_business_notfound(1, code(AppTransports.http, 400)),
+  businessimage_type_notfound(1, code(AppTransports.http, 400)),
+  
+  // business worker
+  businessworker_notfound(1, code(AppTransports.http, 400)),
+  businessworker_data_notfound(1, code(AppTransports.http, 400)),
+  businessworker_preload_empty(1, code(AppTransports.http, 400)),
+  businessworker_entitykey_empty(1, code(AppTransports.http, 400)),
+  businessworker_rolevalue_empty(1, code(AppTransports.http, 400)),
+  businessworker_statevalue_empty(1, code(AppTransports.http, 400)),
+  businessworker_email_empty(1, code(AppTransports.http, 400)),
+  businessworker_phone_empty(1, code(AppTransports.http, 400)),
+  businessworker_name_empty(1, code(AppTransports.http, 400)),
+  businessworker_description_empty(1, code(AppTransports.http, 400)),
+  businessworker_business_notfound(1, code(AppTransports.http, 400)),
+  businessworker_authuser_notfound(1, code(AppTransports.http, 400)),
+  businessworker_role_notfound(1, code(AppTransports.http, 400)),
+  businessworker_state_notfound(1, code(AppTransports.http, 400)),
+  
+  // business tag
+  businesstag_notfound(1, code(AppTransports.http, 400)),
+  businesstag_data_notfound(1, code(AppTransports.http, 400)),
+  businesstag_preload_empty(1, code(AppTransports.http, 400)),
+  businesstag_entitykey_empty(1, code(AppTransports.http, 400)),
+  businesstag_name_empty(1, code(AppTransports.http, 400));
+
+  // ::: vars
+  //
+  private final Map transportCodes = new HashMap();
+  private final int code;
+
+  // ::: constructors
+  //
+  private BizErrors(int code, TransportCode... codes) {
+    this.code = code;
+    if (codes != null) {
+      for (var i : codes) {
+        if (i != null) {
+          transportCodes.put(i.getId(), i.getCode());
+        }
+      }
+    }
+  }
+
+  // ::: prototype api
+  //
+  @Override
+  public int getCode() {
+    return code;
+  }
+
+  @Override
+  public String getName() {
+    return name();
+  }
+
+  @Override
+  public Map getTransportCodes() {
+    return transportCodes;
+  }
+
+  @Override
+  public RuntimeException newInstance(String msg, Throwable cause, Map extra) {
+    var ex = new AppException(this, msg, cause);
+    ex.setExtra(extra);
+    return ex;
+  }
+
+
+}
--- a/src/main/java/io/kumare/iqr/mod/biz/BizModule.java
+++ b/src/main/java/io/kumare/iqr/mod/biz/BizModule.java
@ -0,0 +1,37 @@
+/*
+ *
+ */
+package io.kumare.iqr.mod.biz;
+
+// java
+import io.kumare.lib.base.server.spring.module.BaseModule;
+
+
+/**
+ *
+ * @author afatecha
+ */
+public class BizModule extends BaseModule {
+
+  // :::
+  //
+  public static final BizController controller = new BizController();
+
+  // ::: api
+  //
+  @Override
+  public int getId() {
+    return BizConstants.CODE;
+  }
+
+  @Override
+  public String getName() {
+    return BizConstants.NAME;
+  }
+
+  @Override
+  public BizController getController() {
+    return controller;
+  }
+
+}
--- a/src/main/java/io/kumare/iqr/mod/biz/BizPermissions.java
+++ b/src/main/java/io/kumare/iqr/mod/biz/BizPermissions.java
@ -0,0 +1,198 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.biz;
+
+// base
+import io.kumare.iqr.mod.biz.store.BizEntities;
+import io.kumare.lib.app.api.security.PermissionReference;
+// app
+import io.kumare.iqr.app.AppErrors;
+
+/**
+ *
+ * @author afatecha
+ */
+public enum BizPermissions {
+
+  // business
+  //business_add(BizEntities.business),
+  //business_edit(BizEntities.business),
+  //business_find(BizEntities.business),
+  //business_enable(BizEntities.business),
+  //business_disable(BizEntities.business),
+  //business_list(BizEntities.business),
+  //business_delete(BizEntities.business),
+  //business_preload(BizEntities.business),
+  //
+  business_viewer(BizEntities.business),
+  //business_guest(BizEntities.business),
+  //business_collab(BizEntities.business),
+  business_worker(BizEntities.business),
+  //business_control(BizEntities.business),
+  business_manager(BizEntities.business),
+  business_admin(null),
+  business_system(null),
+  
+  // business profile
+  //business_profile_add(BizEntities.businessProfile),
+  //business_profile_edit(BizEntities.businessProfile),
+  //business_profile_find(BizEntities.businessProfile),
+  //business_profile_enable(BizEntities.businessProfile),
+  //business_profile_disable(BizEntities.businessProfile),
+  //business_profile_list(BizEntities.businessProfile),
+  //business_profile_delete(BizEntities.businessProfile),
+  //business_profile_preload(BizEntities.businessProfile),
+  //
+  business_profile_viewer(BizEntities.businessProfile),
+  //business_profile_guest(BizEntities.businessProfile),
+  //business_profile_collab(BizEntities.businessProfile),
+  business_profile_worker(BizEntities.businessProfile),
+  //business_profile_control(BizEntities.businessProfile),
+  business_profile_manager(BizEntities.businessProfile),
+  business_profile_admin(null),
+  business_profile_system(null),
+  
+  // business setting
+  //business_setting_add(BizEntities.businessSetting),
+  //business_setting_edit(BizEntities.businessSetting),
+  //business_setting_find(BizEntities.businessSetting),
+  //business_setting_enable(BizEntities.businessSetting),
+  //business_setting_disable(BizEntities.businessSetting),
+  //business_setting_list(BizEntities.businessSetting),
+  //business_setting_delete(BizEntities.businessSetting),
+  //business_setting_preload(BizEntities.businessSetting),
+  //
+  business_setting_viewer(BizEntities.businessSetting),
+  //business_setting_guest(BizEntities.businessSetting),
+  //business_setting_collab(BizEntities.businessSetting),
+  business_setting_worker(BizEntities.businessSetting),
+  //business_setting_control(BizEntities.businessSetting),
+  business_setting_manager(BizEntities.businessSetting),
+  business_setting_admin(null),
+  business_setting_system(null),
+  
+  // business promo
+  //business_promo_add(BizEntities.businessPromo),
+  //business_promo_edit(BizEntities.businessPromo),
+  //business_promo_find(BizEntities.businessPromo),
+  //business_promo_enable(BizEntities.businessPromo),
+  //business_promo_disable(BizEntities.businessPromo),
+  //business_promo_list(BizEntities.businessPromo),
+  //business_promo_delete(BizEntities.businessPromo),
+  //business_promo_preload(BizEntities.businessPromo),
+  //
+  business_promo_viewer(BizEntities.businessPromo),
+  //business_promo_guest(BizEntities.businessPromo),
+  //business_promo_collab(BizEntities.businessPromo),
+  business_promo_worker(BizEntities.businessPromo),
+  //business_promo_control(BizEntities.businessPromo),
+  business_promo_manager(BizEntities.businessPromo),
+  business_promo_admin(null),
+  business_promo_system(null),
+  
+  // business promo item
+  //business_promo_item_add(BizEntities.businessPromoItem),
+  //business_promo_item_edit(BizEntities.businessPromoItem),
+  //business_promo_item_find(BizEntities.businessPromoItem),
+  //business_promo_item_enable(BizEntities.businessPromoItem),
+  //business_promo_item_disable(BizEntities.businessPromoItem),
+  //business_promo_item_list(BizEntities.businessPromoItem),
+  //business_promo_item_delete(BizEntities.businessPromoItem),
+  //business_promo_item_preload(BizEntities.businessPromoItem),
+  //
+  business_promo_item_viewer(BizEntities.businessPromoItem),
+  //business_promo_item_guest(BizEntities.businessPromoItem),
+  //business_promo_item_collab(BizEntities.businessPromoItem),
+  business_promo_item_worker(BizEntities.businessPromoItem),
+  //business_promo_item_control(BizEntities.businessPromoItem),
+  business_promo_item_manager(BizEntities.businessPromoItem),
+  business_promo_item_admin(null),
+  business_promo_item_system(null),
+  
+  // business image
+  //business_image_add(BizEntities.businessImage),
+  //business_image_edit(BizEntities.businessImage),
+  //business_image_find(BizEntities.businessImage),
+  //business_image_enable(BizEntities.businessImage),
+  //business_image_disable(BizEntities.businessImage),
+  //business_image_list(BizEntities.businessImage),
+  //business_image_delete(BizEntities.businessImage),
+  //business_image_preload(BizEntities.businessImage),
+  //
+  business_image_viewer(BizEntities.businessImage),
+  //business_image_guest(BizEntities.businessImage),
+  //business_image_collab(BizEntities.businessImage),
+  business_image_worker(BizEntities.businessImage),
+  //business_image_control(BizEntities.businessImage),
+  business_image_manager(BizEntities.businessImage),
+  business_image_admin(null),
+  business_image_system(null),
+  
+  // business worker
+  //business_worker_add(BizEntities.businessWorker),
+  //business_worker_edit(BizEntities.businessWorker),
+  //business_worker_find(BizEntities.businessWorker),
+  //business_worker_enable(BizEntities.businessWorker),
+  //business_worker_disable(BizEntities.businessWorker),
+  //business_worker_list(BizEntities.businessWorker),
+  //business_worker_delete(BizEntities.businessWorker),
+  //business_worker_preload(BizEntities.businessWorker),
+  //
+  business_worker_viewer(BizEntities.businessWorker),
+  //business_worker_guest(BizEntities.businessWorker),
+  //business_worker_collab(BizEntities.businessWorker),
+  business_worker_worker(BizEntities.businessWorker),
+  //business_worker_control(BizEntities.businessWorker),
+  business_worker_manager(BizEntities.businessWorker),
+  business_worker_admin(null),
+  business_worker_system(null),
+  
+  // business tag
+  //business_tag_add(BizEntities.businessTag),
+  //business_tag_edit(BizEntities.businessTag),
+  //business_tag_find(BizEntities.businessTag),
+  //business_tag_enable(BizEntities.businessTag),
+  //business_tag_disable(BizEntities.businessTag),
+  //business_tag_list(BizEntities.businessTag),
+  //business_tag_delete(BizEntities.businessTag),
+  //business_tag_preload(BizEntities.businessTag),
+  //
+  business_tag_viewer(BizEntities.businessTag),
+  //business_tag_guest(BizEntities.businessTag),
+  //business_tag_collab(BizEntities.businessTag),
+  business_tag_worker(BizEntities.businessTag),
+  //business_tag_control(BizEntities.businessTag),
+  business_tag_manager(BizEntities.businessTag),
+  business_tag_admin(null),
+  business_tag_system(null);
+
+
+  // :::
+  //
+  private final BizEntities resourceType;
+
+  BizPermissions(BizEntities entityRef) {
+    this.resourceType = entityRef;
+  }
+
+  //
+  public PermissionReference toReference() {
+    return toReference(null);
+  }
+
+  public PermissionReference toReference(String resourceKey) {
+    var ref = new PermissionReference()
+      .module(BizConstants.NAME)
+      .permission(name())
+      .error(AppErrors.action_unauthorized);
+    
+    if (resourceType != null && resourceKey != null) {
+      ref.resourceType(resourceType.name())
+        .resourceKey(resourceKey);
+    }
+    
+    return ref;
+  }
+
+}
--- a/src/main/java/io/kumare/iqr/mod/biz/action/business/BusinessActionArgument.java
+++ b/src/main/java/io/kumare/iqr/mod/biz/action/business/BusinessActionArgument.java
@ -0,0 +1,29 @@
+/*
+ *
+ */
+package io.kumare.iqr.mod.biz.action.business;
+
+// base
+import io.kumare.iqr.app.action.AppEntityActionArgument;
+// entity
+import io.kumare.iqr.mod.biz.store.business.BusinessEntity;
+
+/**
+ *
+ * @author afatecha
+ */
+public class BusinessActionArgument extends AppEntityActionArgument<BusinessEntity> {
+
+  // ::: constructors
+  //
+  public BusinessActionArgument() {
+  }
+
+  public BusinessActionArgument(BusinessEntity entity) {
+    super(entity);
+  }
+
+  // ::: api
+  //
+
+}
--- a/src/main/java/io/kumare/iqr/mod/biz/action/business/BusinessAddAction.java
+++ b/src/main/java/io/kumare/iqr/mod/biz/action/business/BusinessAddAction.java
@ -0,0 +1,161 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.biz.action.business;
+
+// lib
+import io.kumare.lib.v.V;
+// base
+import io.kumare.iqr.app.AppErrors;
+import io.kumare.iqr.app.action.AppAction;
+import io.kumare.iqr.app.action.AppEntityActionResult;
+import io.kumare.iqr.app.module.AppModules;
+import io.kumare.iqr.mod.authentication.action.authuser.AuthUserAddArgument;
+import io.kumare.iqr.mod.authentication.store.authuser.AuthUserEntity;
+// module
+import io.kumare.iqr.mod.biz.BizErrors;
+import io.kumare.iqr.mod.biz.action.businessprofile.BusinessProfileAddAction;
+import io.kumare.iqr.mod.biz.action.businessprofile.BusinessProfileAddArgument;
+import io.kumare.iqr.mod.biz.action.businesstag.BusinessTagAddAction;
+import io.kumare.iqr.mod.biz.action.businesstag.BusinessTagAddArgument;
+import io.kumare.iqr.mod.biz.action.businessworker.BusinessWorkerAddAction;
+import io.kumare.iqr.mod.biz.action.businessworker.BusinessWorkerAddArgument;
+import io.kumare.iqr.mod.biz.store.BizTaxonomies;
+import io.kumare.iqr.mod.biz.store.BizWorkerRoles;
+// entity
+import io.kumare.iqr.mod.biz.store.business.BusinessEntity;
+import io.kumare.iqr.mod.biz.store.businesstag.BusinessTagEntity;
+import io.kumare.iqr.mod.taxonomy.store.taxon.TaxonEntity;
+import io.kumare.lib.base.server.spring.action.Actions;
+
+/**
+ *
+ * @author afatecha
+ */
+public class BusinessAddAction extends AppAction<BusinessAddArgument, AppEntityActionResult<BusinessEntity>> {
+
+  // ::: vars
+  //
+  private BusinessEntity entity;
+
+  // ::: protected api
+  //
+  @Override
+  protected void checkArgument() {
+    V.ifNull(getArgument(), AppErrors.action_arg_notfound);
+
+    // entity
+    var model = getArgument().getEntity();
+    V.ifNull(model, BizErrors.business_notfound);
+
+    // relations
+    //V.ifNull(model.getState(), BizErrors.business_state_notfound);
+    // fields
+    //V.ifEmpty(model.getEntityKey(), BizErrors.business_entitykey_empty);
+    //V.ifEmpty(model.getAlias(), BizErrors.business_alias_empty);
+    //V.ifEmpty(model.getStateValue(), BizErrors.business_statevalue_empty);
+    V.ifEmpty(model.getName(), BizErrors.business_name_empty);
+    //V.ifEmpty(model.getDescription(), BizErrors.business_description_empty);
+  }
+
+  @Override
+  protected void doAction() {
+    // controllers
+    var state = BizTaxonomies.businessState.ensureDefault(getContext());
+
+    // model
+    var model = makeModel(state);
+
+    // add
+    entity = saveEntity(model);
+
+    // add others
+    addProfile(getArgument().getProfile());
+    addManager(getArgument().getManager());
+    addTags();
+
+    // dispatchEvents
+  }
+
+  @Override
+  protected void setResultOnly() {
+    var result = new AppEntityActionResult<BusinessEntity>();
+    result.setEntity(entity);
+    setResult(result);
+  }
+
+  // ::: model
+  //
+  private BusinessEntity makeModel(TaxonEntity state) {
+
+    var argModel = getArgument().getEntity();
+    var model = new BusinessEntity();
+
+    // relations
+    model.setState(state);
+    model.setStateValue(state.getValue());
+
+    // fields
+    model.setEntityKey(generateKey());
+    model.setAlias(argModel.getAlias());
+    model.setName(argModel.getName());
+    model.setDescription(argModel.getDescription());
+    model.setActive(true);
+
+    return model;
+  }
+
+  private String generateKey() {
+    return null;
+  }
+
+  // ::: save
+  //  
+  private BusinessEntity saveEntity(BusinessEntity model) {
+
+    var store = AppModules.biz.getController().getBusinessStore();
+
+    var saved = store.add(getContext(), model);
+    getContext().attach(saved.getId(), saved);
+    return saved;
+  }
+
+  // ::: adds
+  //
+  private void addProfile(BusinessProfileAddArgument argument) {
+    argument.getEntity().setBusiness(entity);
+    Actions.perform(getContext(), new BusinessProfileAddAction(), argument);
+  }
+
+  private void addManager(BusinessWorkerAddArgument argument) {
+
+    var worker = argument.getEntity();
+    worker
+      .business(entity)
+      .role(new TaxonEntity()
+        .taxaKey(BizTaxonomies.businessWorkerRole.getKey())
+        .entityKey(BizWorkerRoles.manager.getKey()));
+    
+    var addUser = new AuthUserAddArgument();
+    addUser.entity(new AuthUserEntity()
+      .email(worker.getEmail())
+      .phone(worker.getPhone())
+      .name(worker.getName())
+      .visible(true)
+      .entityKey(worker.getEntityKey()));
+    
+    argument.setAuthUser(addUser);
+
+    Actions.perform(getContext(), new BusinessWorkerAddAction(), argument);
+  }
+
+  private void addTags() {
+    var tags = BizTaxonomies.businessDefaultTag.list(getContext());
+
+    tags.forEach(i -> {
+      var arg = new BusinessTagAddArgument();
+      arg.entity(new BusinessTagEntity().name(i.getName()));
+      Actions.perform(getContext(), new BusinessTagAddAction(), arg);
+    });
+  }
+}
--- a/src/main/java/io/kumare/iqr/mod/biz/action/business/BusinessAddArgument.java
+++ b/src/main/java/io/kumare/iqr/mod/biz/action/business/BusinessAddArgument.java
@ -0,0 +1,49 @@
+/*
+ *
+ */
+package io.kumare.iqr.mod.biz.action.business;
+
+// app
+import io.kumare.iqr.mod.biz.action.businessprofile.BusinessProfileAddArgument;
+import io.kumare.iqr.mod.biz.action.businessworker.BusinessWorkerAddArgument;
+import io.kumare.iqr.mod.biz.store.business.BusinessEntity;
+
+/**
+ *
+ * @author afatecha
+ */
+public class BusinessAddArgument extends BusinessActionArgument {
+
+  // ::: vars
+  //
+  private BusinessProfileAddArgument profile;
+  private BusinessWorkerAddArgument manager;
+
+  // ::: constructors
+  //
+  public BusinessAddArgument() {
+  }
+
+  public BusinessAddArgument(BusinessEntity entity) {
+    super(entity);
+  }
+
+  // ::: fields
+  //
+  public BusinessProfileAddArgument getProfile() {
+    return profile;
+  }
+
+  public void setProfile(BusinessProfileAddArgument profile) {
+    this.profile = profile;
+  }
+
+  public BusinessWorkerAddArgument getManager() {
+    return manager;
+  }
+
+  public void setManager(BusinessWorkerAddArgument manager) {
+    this.manager = manager;
+  }
+
+}
--- a/src/main/java/io/kumare/iqr/mod/biz/action/business/BusinessDeleteAction.java
+++ b/src/main/java/io/kumare/iqr/mod/biz/action/business/BusinessDeleteAction.java
@ -0,0 +1,59 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.biz.action.business;
+
+// lib
+import io.kumare.lib.v.V;
+// base
+import io.kumare.iqr.app.AppErrors;
+import io.kumare.iqr.app.action.AppAction;
+import io.kumare.iqr.app.action.AppEntityActionResult;
+import io.kumare.iqr.app.module.AppModules;
+// module
+import io.kumare.iqr.mod.biz.BizErrors;
+// entity
+import io.kumare.iqr.mod.biz.store.business.BusinessEntity;
+
+/**
+ *
+ * @author afatecha
+ */
+public class BusinessDeleteAction extends AppAction<BusinessActionArgument, AppEntityActionResult<BusinessEntity>> {
+
+  // ::: vars
+  //
+  private BusinessEntity entity;
+
+  // ::: protected api
+  //
+  @Override
+  protected void checkArgument() {
+    V.ifNull(getArgument(), AppErrors.action_arg_notfound);
+    V.ifNull(getArgument().getEntity(), BizErrors.business_notfound);
+    V.ifNull(getArgument().getEntity().getId(), BizErrors.business_notfound);
+  }
+
+  @Override
+  protected void doAction() {
+
+    var argModel = getArgument().getEntity();
+
+    deleteEntity(argModel);
+  }
+
+  @Override
+  protected void setResultOnly() {
+  }
+
+  // ::: delete
+  //
+  private void deleteEntity(BusinessEntity model) {
+
+    var store = AppModules.biz.getController().getBusinessStore();
+
+    store.deleteById(getContext(), model.getId());
+  }
+
+}
+
--- a/src/main/java/io/kumare/iqr/mod/biz/action/business/BusinessEditAction.java
+++ b/src/main/java/io/kumare/iqr/mod/biz/action/business/BusinessEditAction.java
@ -0,0 +1,110 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.biz.action.business;
+
+// lib
+import io.kumare.lib.v.V;
+// app
+import io.kumare.iqr.app.AppErrors;
+import io.kumare.iqr.app.action.AppAction;
+import io.kumare.iqr.app.action.AppEntityActionResult;
+import io.kumare.iqr.app.module.AppModules;
+// module
+import io.kumare.iqr.mod.biz.BizErrors;
+import io.kumare.iqr.mod.biz.action.businessprofile.BusinessProfileEditAction;
+import io.kumare.iqr.mod.biz.action.businessprofile.BusinessProfileEditArgument;
+// entity
+import io.kumare.iqr.mod.biz.store.business.BusinessEntity;
+import io.kumare.lib.base.server.spring.action.Actions;
+
+/**
+ *
+ * @author afatecha
+ */
+public class BusinessEditAction extends AppAction<BusinessActionArgument, AppEntityActionResult<BusinessEntity>> {
+
+  // ::: vars
+  //
+  private BusinessEntity entity;
+
+  // ::: protected api
+  //
+  @Override
+  protected void checkArgument() {
+    V.ifNull(getArgument(), AppErrors.action_arg_notfound);
+
+    // entity
+    var model = getArgument().getEntity();
+    V.ifNull(model, BizErrors.business_notfound);
+
+    // fields
+    //V.ifEmpty(model.getEntityKey(), BizErrors.business_entitykey_empty);
+    //V.ifEmpty(model.getAlias(), BizErrors.business_alias_empty);
+    //V.ifEmpty(model.getStateValue(), BizErrors.business_statevalue_empty);
+    //V.ifEmpty(model.getName(), BizErrors.business_name_empty);
+    //V.ifEmpty(model.getDescription(), BizErrors.business_description_empty);
+  }
+
+  @Override
+  protected void doAction() {
+    // arguments
+    var argModel = getArgument().getEntity();
+
+    // controllers
+    var biz = AppModules.biz.getController();
+    var businessStore = biz.getBusinessStore();
+
+    // edit
+    entity = businessStore.ensure(getContext(), argModel, BizErrors.business_notfound);
+
+    editEntity();
+
+    entity = saveEntity();
+
+    // dispatchEvents
+  }
+
+  @Override
+  protected void setResultOnly() {
+    var result = new AppEntityActionResult<BusinessEntity>();
+    result.setEntity(entity);
+    setResult(result);
+  }
+
+  // ::: model
+  //
+  private void editEntity() {
+
+    var model = getArgument().getEntity();
+
+    // fields
+    //entity.setEntityKey(V.firstNotEmpty(model.getEntityKey(), entity.getEntityKey()));
+    entity.setAlias(V.firstNotEmpty(model.getAlias(), entity.getAlias()));
+    //entity.setStateValue(V.firstNotEmpty(model.getStateValue(), entity.getStateValue()));
+    entity.setName(V.firstNotEmpty(model.getName(), entity.getName()));
+    entity.setDescription(V.firstNotEmpty(model.getDescription(), entity.getDescription()));
+
+  }
+
+  // ::: save
+  //
+  private BusinessEntity saveEntity() {
+
+    var store = AppModules.biz.getController().getBusinessStore();
+
+    var saved = store.edit(getContext(), entity);
+    getContext().attach(saved.getId(), saved);
+    return saved;
+  }
+
+  // ::: edit others
+  //
+  public void editProfile(BusinessProfileEditArgument argument) {
+    if (argument != null) {
+      argument.getEntity().setBusiness(entity);
+      Actions.perform(getContext(), new BusinessProfileEditAction(), argument);
+    }
+  }
+
+}
--- a/src/main/java/io/kumare/iqr/mod/biz/action/business/BusinessEditArgument.java
+++ b/src/main/java/io/kumare/iqr/mod/biz/action/business/BusinessEditArgument.java
@ -0,0 +1,39 @@
+/*
+ *
+ */
+package io.kumare.iqr.mod.biz.action.business;
+
+// app
+import io.kumare.iqr.mod.biz.action.businessprofile.BusinessProfileEditArgument;
+import io.kumare.iqr.mod.biz.store.business.BusinessEntity;
+
+/**
+ *
+ * @author afatecha
+ */
+public class BusinessEditArgument extends BusinessActionArgument {
+
+  // ::: vars
+  //
+  private BusinessProfileEditArgument profile;
+
+  // ::: constructors
+  //
+  public BusinessEditArgument() {
+  }
+
+  public BusinessEditArgument(BusinessEntity entity) {
+    super(entity);
+  }
+
+  // ::: fields
+  //
+  public BusinessProfileEditArgument getProfile() {
+    return profile;
+  }
+
+  public void setProfile(BusinessProfileEditArgument profile) {
+    this.profile = profile;
+  }
+
+}
--- a/src/main/java/io/kumare/iqr/mod/biz/action/business/BusinessEnableAction.java
+++ b/src/main/java/io/kumare/iqr/mod/biz/action/business/BusinessEnableAction.java
@ -0,0 +1,60 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.biz.action.business;
+
+// lib
+import io.kumare.lib.v.V;
+// base
+import io.kumare.iqr.app.AppErrors;
+import io.kumare.iqr.app.action.AppAction;
+import io.kumare.iqr.app.action.AppActionResult;
+import io.kumare.iqr.app.module.AppModules;
+// module
+import io.kumare.iqr.mod.biz.BizErrors;
+// entity
+import io.kumare.iqr.mod.biz.store.business.BusinessEntity;
+
+
+/**
+ *
+ * @author afatecha
+ */
+public class BusinessEnableAction extends AppAction<BusinessActionArgument, AppActionResult> {
+
+  // ::: protected api
+  //
+  @Override
+  protected void checkArgument() {
+    V.ifNull(getArgument(), AppErrors.action_arg_notfound);
+    V.ifNull(getArgument().getEntity(), BizErrors.business_notfound);
+    V.ifNull(getArgument().getEntity().getId(), BizErrors.business_notfound);
+  }
+
+  @Override
+  protected void doAction() {
+
+    var model = getArgument().getEntity();
+
+    enableEntity(model);
+  }
+
+  @Override
+  protected void setResultOnly() {
+  }
+
+  // ::: enable
+  //
+  private void enableEntity(BusinessEntity model) {
+
+    var store = AppModules.biz.getController().getBusinessStore();
+
+    if (getArgument().getEntity().isActive()) {
+      store.enableById(getContext(), model.getId());
+    } else {
+      store.disableById(getContext(), model.getId());
+    }
+  }
+
+}
+
--- a/src/main/java/io/kumare/iqr/mod/biz/action/business/BusinessFindAction.java
+++ b/src/main/java/io/kumare/iqr/mod/biz/action/business/BusinessFindAction.java
@ -0,0 +1,70 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.biz.action.business;
+
+// java
+import java.util.HashMap;
+import java.util.Map;
+// lib
+import io.kumare.lib.v.V;
+// base
+import io.kumare.iqr.app.AppErrors;
+import io.kumare.iqr.app.action.AppAction;
+import io.kumare.iqr.app.module.AppModules;
+// module
+import io.kumare.iqr.mod.biz.BizErrors;
+// entity
+import io.kumare.iqr.mod.biz.store.business.BusinessEntity;
+
+
+/**
+ *
+ * @author afatecha
+ */
+public class BusinessFindAction extends AppAction<BusinessActionArgument, Map> {
+
+  // ::: vars
+  //
+  private BusinessEntity entity;
+  
+  // ::: public api
+  //
+  public BusinessEntity getEntity() {
+    return entity;
+  }
+
+  // ::: protected api
+  //
+  @Override
+  protected void checkArgument() {
+    V.ifNull(getArgument(), AppErrors.action_arg_notfound);
+    V.ifNull(getArgument().getEntity(), BizErrors.business_notfound);
+    V.ifNull(getArgument().getEntity().getId(), BizErrors.business_notfound);
+  }
+
+  @Override
+  protected void doAction() {
+
+    var model = getArgument().getEntity();
+    entity = findEntity(model);
+  }
+
+  @Override
+  protected void setResultOnly() {
+    var result = new HashMap();
+    result.put("entity", entity);
+    setResult(result);
+  }
+
+  // ::: find
+  // 
+  private BusinessEntity findEntity(BusinessEntity model) {
+
+    var store = AppModules.biz.getController().getBusinessStore();
+    return store.findById(getContext(), model.getId());
+  }
+
+
+}
+
--- a/src/main/java/io/kumare/iqr/mod/biz/action/business/BusinessListAction.java
+++ b/src/main/java/io/kumare/iqr/mod/biz/action/business/BusinessListAction.java
@ -0,0 +1,148 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.biz.action.business;
+
+// java
+import java.util.HashMap;
+import java.util.List;
+import java.util.LinkedList;
+import java.util.Map;
+// spring
+import org.springframework.data.domain.Page;
+import org.springframework.data.domain.PageRequest;
+// lib
+import io.kumare.lib.v.V;
+// base
+import io.kumare.iqr.app.AppErrors;
+import io.kumare.iqr.app.action.AppAction;
+import io.kumare.iqr.app.module.AppModules;
+// entity
+import io.kumare.iqr.mod.biz.store.business.BusinessEntity;
+import io.kumare.iqr.mod.biz.store.business.BusinessMapBuilder;
+
+
+/**
+ *
+ * @author afatecha
+ */
+public class BusinessListAction extends AppAction<BusinessListArgument, Map> {
+
+  // ::: vars
+  //
+  private final Map result = new HashMap<String, Object>();
+  private final List<BusinessEntity> entities = new LinkedList<>();
+
+  // ::: public api
+  //
+  public List<BusinessEntity> getEntities() {
+    return entities;
+  }
+
+  // ::: protected api
+  //
+  @Override
+  protected void checkArgument() {
+    V.ifNull(getArgument(), AppErrors.action_arg_notfound);
+  }
+
+  @Override
+  protected void doAction() {
+
+    result.put("pageable", getArgument().isPageable());
+    result.put("wrapped", getArgument().isWrapped());
+
+    if (getArgument().isPageable()) {
+
+      var page = makePage();
+      entities.addAll(page.toList());
+      
+      if (getArgument().isWrapped()) {
+        result.put("page", makeWrappedPage(page));
+      } else {
+        result.put("page", page);
+      }
+
+    } else {
+
+      var list = makeList();
+      entities.addAll(list);
+      
+      if (getArgument().isWrapped()) {
+        result.put("list", makeWrappedList());
+      } else {
+        result.put("list", list);
+      }
+    }
+
+  }
+
+  @Override
+  protected void setResultOnly() {
+    setResult(result);
+  }
+
+  // ::: page
+  //
+  private Page<BusinessEntity> makePage() {
+
+    var page = getArgument().getPageNumber();
+    var size = getArgument().getPageSize();
+    //var sort = getArgument().getSort();
+    
+    var pageable = PageRequest.of(page, size);
+
+    var store = AppModules.biz.getController().getBusinessStore();
+    return store.getRepository().findAll(pageable);
+  }
+
+  // ::: wrapped page
+  //
+  private Map makeWrappedPage(Page<BusinessEntity> found) {
+
+    var page = new HashMap();
+    var content = new LinkedList();
+
+    wrapList(entities, content);
+
+    page.put("size", found.getSize());
+    page.put("number", found.getNumber());
+    page.put("totalElements", found.getTotalElements());
+    page.put("totalPages", found.getTotalPages());
+    page.put("content", content);
+
+    return page;
+  }
+
+  
+  // ::: list
+  //
+  
+  private List<BusinessEntity> makeList() {
+
+    var store = AppModules.biz.getController().getBusinessStore();
+
+    return store.listAll(getContext());
+  }
+
+  // ::: wrapped list
+  private List makeWrappedList() {
+    var list = new LinkedList();
+
+    wrapList(entities, list);
+
+    return list;
+  }
+
+  // ::: wrapper
+  //
+  private void wrapList(List<BusinessEntity> found, List output) {
+
+    var builder = new BusinessMapBuilder().addListGroup();
+    builder.getStateBuilder().addMainGroup();
+
+    output.addAll(builder.build(getContext(), found));
+  }
+
+}
+
--- a/src/main/java/io/kumare/iqr/mod/biz/action/business/BusinessListArgument.java
+++ b/src/main/java/io/kumare/iqr/mod/biz/action/business/BusinessListArgument.java
@ -0,0 +1,33 @@
+/*
+ *
+ */
+package io.kumare.iqr.mod.biz.action.business;
+
+// app
+import io.kumare.iqr.app.action.AppListActionArgument;
+// store
+import io.kumare.iqr.mod.biz.store.business.BusinessEntity;
+
+/**
+ *
+ * @author afatecha
+ */
+public class BusinessListArgument extends AppListActionArgument<BusinessEntity> {
+
+  // ::: vars
+  //
+
+  // ::: constructors
+  //
+  public BusinessListArgument() {
+  }
+
+  public BusinessListArgument(BusinessEntity entity) {
+    super(entity);
+  }
+
+
+  // ::: fields
+  //
+
+}
--- a/src/main/java/io/kumare/iqr/mod/biz/action/business/BusinessPreloadAction.java
+++ b/src/main/java/io/kumare/iqr/mod/biz/action/business/BusinessPreloadAction.java
@ -0,0 +1,97 @@
+/*
+ * 
+ */
+package io.kumare.iqr.mod.biz.action.business;
+
+// java
+import java.util.HashMap;
+import java.util.Map;
+// lib
+import io.kumare.lib.v.V;
+// base
+import io.kumare.iqr.app.AppErrors;
+import io.kumare.iqr.app.action.AppAction;
+import io.kumare.iqr.app.module.AppModules;
+// module
+import io.kumare.iqr.mod.biz.BizErrors;
+import io.kumare.iqr.mod.biz.store.BizTaxonomies;
+// entity
+import io.kumare.iqr.mod.biz.store.business.BusinessEntity;
+// relations
+
+/**
+ *
+ * @author afatecha
+ */
+public class BusinessPreloadAction extends AppAction<BusinessPreloadArgument, Map> {
+
+  // ::: vars
+  //
+  private final Map result = new HashMap();
+  private Map<String, Object> params = new HashMap<>();
+
+  // ::: protected api
+  //
+  @Override
+  protected void checkArgument() {
+    V.ifNull(getArgument(), AppErrors.action_arg_notfound);
+    V.ifEmpty(getArgument().getAction(), BizErrors.business_preload_empty);
+  }
+
+  @Override
+  protected void doAction() {
+    if (getArgument().getParams() != null) {
+      params = getArgument().getParams();
+    }
+
+    switch (getArgument().getAction()) {
+      case "find" ->
+        prepareFind();
+      case "list" ->
+        prepareList();
+      case "add" ->
+        prepareAdd();
+      case "edit" ->
+        prepareEdit();
+    }
+  }
+
+  @Override
+  protected void setResultOnly() {
+    setResult(result);
+  }
+
+  // ::: preload
+  //
+  private void prepareAdd() {
+    var activities = BizTaxonomies.businessActivity.list(getContext());
+    result.put("activities", activities);
+  }
+
+  private void prepareEdit() {
+    var entity = findEntity();
+    result.put("entity", entity);
+    result.put("state", entity.getState());
+  }
+
+  private void prepareList() {
+  }
+
+  private void prepareFind() {
+    var entity = findEntity();
+    result.put("entity", entity);
+    result.put("state", entity.getState());
+  }
+
+  // ::: queries
+  //
+  private BusinessEntity findEntity() {
+    var store = AppModules.biz.getController().getBusinessStore();
+
+    var id = (String) params.get("id");
+    if (id == null && getArgument().getEntity() != null) {
+      id = getArgument().getEntity().getId();
+    }
+    return store.findById(getContext(), id);
+  }
+}
--- a/Show More
+++ b/Show More