From 1b74a32eea02fbe8c46211f9de85b6cc691ec0fc Mon Sep 17 00:00:00 2001
From: Sanjay Babu <sanjaytkbabu@gmail.com>
Date: Thu, 1 Aug 2024 10:29:47 -0700
Subject: [PATCH] user mgmt supervisor backend implementation

---
 app/src/controllers/accessRequest.ts          |  46 +++++
 app/src/controllers/index.ts                  |   1 +
 app/src/controllers/user.ts                   |   3 +-
 .../20240717000000_007_access-request.ts      |  51 +++++
 app/src/db/models/access_request.ts           |  33 ++++
 app/src/db/models/index.ts                    |   1 +
 app/src/db/prisma/schema.prisma               |  20 ++
 app/src/routes/v1/accessRequest.ts            |  30 +++
 app/src/routes/v1/index.ts                    |  14 +-
 app/src/routes/v1/user.ts                     |   2 +-
 app/src/services/accessRequest.ts             |  59 ++++++
 app/src/services/index.ts                     |   1 +
 app/src/services/user.ts                      |  28 +++
 app/src/types/AccessRequest.ts                |  10 +
 app/src/types/UserAccessRequest.ts            |   4 +
 app/src/types/UserSearchParameters.ts         |   1 +
 app/src/types/index.ts                        |   2 +
 app/src/utils/enums/application.ts            |   6 +
 app/src/validators/accessRequest.ts           |  33 ++++
 app/src/validators/index.ts                   |   1 +
 app/src/validators/user.ts                    |   4 +-
 .../src/components/user/UserCreateModal.vue   | 137 ++++++++++---
 .../src/components/user/UserManageModal.vue   |  14 +-
 frontend/src/components/user/UserTable.vue    |  44 +++--
 frontend/src/interfaces/ISSOAttribute.ts      |   6 +
 frontend/src/services/accessRequestService.ts |  31 +++
 frontend/src/services/index.ts                |   1 +
 frontend/src/services/permissionService.ts    |   7 +-
 frontend/src/types/AccessRequest.ts           |  11 ++
 frontend/src/types/BasicBCeIDAttribute.ts     |   5 +
 frontend/src/types/BusinessBCeIDAttribute.ts  |   5 +
 frontend/src/types/IDIRAttribute.ts           |   5 +
 frontend/src/types/UserAccessRequest.ts       |   6 +
 frontend/src/types/UserSearchParameters.ts    |   1 +
 frontend/src/types/index.ts                   |   5 +
 frontend/src/utils/constants/application.ts   |  10 +-
 frontend/src/utils/enums/application.ts       |  18 ++
 .../src/views/user/UserManagementView.vue     | 187 ++++++++++++++----
 38 files changed, 744 insertions(+), 99 deletions(-)
 create mode 100644 app/src/controllers/accessRequest.ts
 create mode 100644 app/src/db/migrations/20240717000000_007_access-request.ts
 create mode 100644 app/src/db/models/access_request.ts
 create mode 100644 app/src/routes/v1/accessRequest.ts
 create mode 100644 app/src/services/accessRequest.ts
 create mode 100644 app/src/types/AccessRequest.ts
 create mode 100644 app/src/types/UserAccessRequest.ts
 create mode 100644 app/src/validators/accessRequest.ts
 create mode 100644 frontend/src/interfaces/ISSOAttribute.ts
 create mode 100644 frontend/src/services/accessRequestService.ts
 create mode 100644 frontend/src/types/AccessRequest.ts
 create mode 100644 frontend/src/types/BasicBCeIDAttribute.ts
 create mode 100644 frontend/src/types/BusinessBCeIDAttribute.ts
 create mode 100644 frontend/src/types/IDIRAttribute.ts
 create mode 100644 frontend/src/types/UserAccessRequest.ts

diff --git a/app/src/controllers/accessRequest.ts b/app/src/controllers/accessRequest.ts
new file mode 100644
index 00000000..7fe795b9
--- /dev/null
+++ b/app/src/controllers/accessRequest.ts
@@ -0,0 +1,46 @@
+import { userService, accessRequestService } from '../services';
+
+import type { NextFunction, Request, Response } from 'express';
+
+import type { UserAccessRequest } from '../types';
+
+const controller = {
+  // Request to create user & access
+  createUserAccessRevokeRequest: async (req: Request, res: Response, next: NextFunction) => {
+    // TODO check if the calling user is a supervisor or an admin
+    try {
+      let response;
+      const { user, accessRequest } = req.body;
+      if (accessRequest?.grant === false) {
+        response = await accessRequestService.createUserAccessRevokeRequest(accessRequest);
+        res.status(201).json(response);
+      } else {
+        const userResponse = await userService.createUserIfNew(user);
+        if (userResponse) {
+          accessRequest.userId = userResponse.userId;
+          response = userResponse as UserAccessRequest;
+          response.accessRequest = await accessRequestService.createUserAccessRevokeRequest(accessRequest);
+          res.status(201).json(response);
+        } else {
+          // TODO check if the user is a proponent
+          // Put an entry in accessRequest table
+          // Send 409 if the user is not a proponent
+          res.status(409).json({ message: 'User already exists' });
+        }
+      }
+    } catch (e: unknown) {
+      next(e);
+    }
+  },
+
+  getAccessRequests: async (req: Request, res: Response, next: NextFunction) => {
+    try {
+      const response = await accessRequestService.getAccessRequests();
+      res.status(200).json(response);
+    } catch (e: unknown) {
+      next(e);
+    }
+  }
+};
+
+export default controller;
diff --git a/app/src/controllers/index.ts b/app/src/controllers/index.ts
index e70dcde7..1519842c 100644
--- a/app/src/controllers/index.ts
+++ b/app/src/controllers/index.ts
@@ -1,3 +1,4 @@
+export { default as accessRequestController } from './accessRequest';
 export { default as documentController } from './document';
 export { default as enquiryController } from './enquiry';
 export { default as noteController } from './note';
diff --git a/app/src/controllers/user.ts b/app/src/controllers/user.ts
index 458652be..8e3d13ae 100644
--- a/app/src/controllers/user.ts
+++ b/app/src/controllers/user.ts
@@ -17,7 +17,8 @@ const controller = {
         firstName: req.query.firstName as string,
         fullName: req.query.fullName as string,
         lastName: req.query.lastName as string,
-        active: isTruthy(req.query.active as string)
+        active: isTruthy(req.query.active as string),
+        role: req.query.role as string
       });
       res.status(200).json(response);
     } catch (e: unknown) {
diff --git a/app/src/db/migrations/20240717000000_007_access-request.ts b/app/src/db/migrations/20240717000000_007_access-request.ts
new file mode 100644
index 00000000..e6b72870
--- /dev/null
+++ b/app/src/db/migrations/20240717000000_007_access-request.ts
@@ -0,0 +1,51 @@
+import stamps from '../stamps';
+
+import type { Knex } from 'knex';
+
+export async function up(knex: Knex): Promise<void> {
+  return (
+    Promise.resolve()
+      // Create the access_request table
+      .then(() =>
+        knex.schema.createTable('access_request', (table) => {
+          table.uuid('access_request_id').primary();
+          table.uuid('user_id').notNullable().references('user_id').inTable('user');
+          table.text('role');
+          table
+            .enu('status', ['Approved', 'Pending', 'Rejected'], {
+              useNative: true,
+              enumName: 'access_request_status_enum'
+            })
+            .defaultTo('Pending')
+            .notNullable();
+          table.boolean('grant').notNullable();
+          stamps(knex, table);
+        })
+      )
+
+      .then(() =>
+        knex.schema.raw(`create trigger before_update_access_request_trigger
+          before update on public.access_request
+          for each row execute procedure public.set_updated_at();`)
+      )
+
+      .then(() =>
+        knex.schema.raw(`CREATE TRIGGER audit_access_request_trigger
+          AFTER UPDATE OR DELETE ON access_request
+          FOR EACH ROW EXECUTE PROCEDURE audit.if_modified_func();`)
+      )
+  );
+}
+
+export async function down(knex: Knex): Promise<void> {
+  return (
+    Promise.resolve()
+      // Drop triggers
+      .then(() => knex.schema.raw('DROP TRIGGER IF EXISTS before_update_access_request_trigger ON access_request'))
+      .then(() => knex.schema.raw('DROP TRIGGER IF EXISTS audit_access_request_trigger ON access_request'))
+      // Drop the access_request table
+      .then(() => knex.schema.dropTableIfExists('access_request'))
+      // Drop the access_request_status_enum type
+      .then(() => knex.schema.raw('DROP TYPE IF EXISTS access_request_status_enum'))
+  );
+}
diff --git a/app/src/db/models/access_request.ts b/app/src/db/models/access_request.ts
new file mode 100644
index 00000000..6baf3cc9
--- /dev/null
+++ b/app/src/db/models/access_request.ts
@@ -0,0 +1,33 @@
+import { Prisma } from '@prisma/client';
+
+import { AccessRequestStatus } from '../../utils/enums/application';
+
+import type { Stamps } from '../stamps';
+import type { AccessRequest } from '../../types/AccessRequest'; // Import the access_request_status_enum type
+
+// Define types
+const _accessRequest = Prisma.validator<Prisma.access_requestDefaultArgs>()({});
+
+type PrismaRelationAccessRequest = Omit<Prisma.access_requestGetPayload<typeof _accessRequest>, keyof Stamps>;
+
+export default {
+  toPrismaModel(input: AccessRequest): PrismaRelationAccessRequest {
+    return {
+      access_request_id: input.accessRequestId,
+      grant: input.grant,
+      role: input.role,
+      status: input.status as AccessRequestStatus, // Cast the status property to AccessRequestStatus enum
+      user_id: input.userId
+    };
+  },
+
+  fromPrismaModel(input: PrismaRelationAccessRequest): AccessRequest {
+    return {
+      accessRequestId: input.access_request_id,
+      grant: input.grant,
+      role: input.role,
+      userId: input.user_id as string,
+      status: input.status as AccessRequestStatus // Cast the status property to AccessRequestStatus enum
+    };
+  }
+};
diff --git a/app/src/db/models/index.ts b/app/src/db/models/index.ts
index e62d513c..2d29975a 100644
--- a/app/src/db/models/index.ts
+++ b/app/src/db/models/index.ts
@@ -1,4 +1,5 @@
 export { default as activity } from './activity';
+export { default as access_request } from './access_request';
 export { default as document } from './document';
 export { default as enquiry } from './enquiry';
 export { default as identity_provider } from './identity_provider';
diff --git a/app/src/db/prisma/schema.prisma b/app/src/db/prisma/schema.prisma
index 93fa188c..a147e7de 100644
--- a/app/src/db/prisma/schema.prisma
+++ b/app/src/db/prisma/schema.prisma
@@ -209,6 +209,7 @@ model user {
   created_at        DateTime?          @default(now()) @db.Timestamptz(6)
   updated_by        String?
   updated_at        DateTime?          @db.Timestamptz(6)
+  access_request    access_request[]
   enquiry           enquiry[]
   submission        submission[]
   identity_provider identity_provider? @relation(fields: [idp], references: [idp], onDelete: Cascade, map: "user_idp_foreign")
@@ -245,3 +246,22 @@ model enquiry {
   activity                       activity  @relation(fields: [activity_id], references: [activity_id], onDelete: Cascade, map: "enquiry_activity_id_foreign")
   user                           user?     @relation(fields: [assigned_user_id], references: [user_id], onDelete: Cascade, map: "enquiry_assigned_user_id_foreign")
 }
+
+model access_request {
+  access_request_id String                     @id @db.Uuid
+  user_id           String                     @db.Uuid
+  role              String?
+  status            access_request_status_enum @default(Pending)
+  grant             Boolean
+  created_by        String?                    @default("00000000-0000-0000-0000-000000000000")
+  created_at        DateTime?                  @default(now()) @db.Timestamptz(6)
+  updated_by        String?
+  updated_at        DateTime?                  @db.Timestamptz(6)
+  user              user                       @relation(fields: [user_id], references: [user_id], onDelete: NoAction, onUpdate: NoAction, map: "access_request_user_id_foreign")
+}
+
+enum access_request_status_enum {
+  Approved
+  Pending
+  Rejected
+}
diff --git a/app/src/routes/v1/accessRequest.ts b/app/src/routes/v1/accessRequest.ts
new file mode 100644
index 00000000..d41c12b8
--- /dev/null
+++ b/app/src/routes/v1/accessRequest.ts
@@ -0,0 +1,30 @@
+import express from 'express';
+import { accessRequestController } from '../../controllers';
+import { requireSomeAuth } from '../../middleware/requireSomeAuth';
+import { accessRequestValidator } from '../../validators';
+
+import type { NextFunction, Request, Response } from 'express';
+
+const router = express.Router();
+router.use(requireSomeAuth);
+
+// Request to create/revoke a user and access request - called by supervisor(201) & admin(200)
+router.post(
+  '/',
+  accessRequestValidator.userAccessRevokeRequest,
+  (req: Request, res: Response, next: NextFunction): void => {
+    accessRequestController.createUserAccessRevokeRequest(req, res, next);
+  }
+);
+
+// Approve/Deny access/revoke request - called by admin (200)
+// eslint-disable-next-line @typescript-eslint/no-unused-vars
+router.patch('/', (req: Request, res: Response, next: NextFunction): void => {
+  // TODO: approve/deny access request
+});
+
+router.get('/', (req: Request, res: Response, next: NextFunction): void => {
+  accessRequestController.getAccessRequests(req, res, next);
+});
+
+export default router;
diff --git a/app/src/routes/v1/index.ts b/app/src/routes/v1/index.ts
index 082fe123..bfe23aac 100644
--- a/app/src/routes/v1/index.ts
+++ b/app/src/routes/v1/index.ts
@@ -2,6 +2,7 @@ import { currentUser } from '../../middleware/authentication';
 
 import express from 'express';
 
+import accessRequest from './accessRequest';
 import document from './document';
 import enquiry from './enquiry';
 import note from './note';
@@ -17,10 +18,21 @@ router.use(currentUser);
 // Base v1 Responder
 router.get('/', (_req, res) => {
   res.status(200).json({
-    endpoints: ['/document', '/enquiry', '/note', '/permit', '/roadmap', '/sso', '/submission', '/user']
+    endpoints: [
+      '/accessRequest',
+      '/document',
+      '/enquiry',
+      '/note',
+      '/permit',
+      '/roadmap',
+      '/sso',
+      '/submission',
+      '/user'
+    ]
   });
 });
 
+router.use('/accessRequest', accessRequest);
 router.use('/document', document);
 router.use('/enquiry', enquiry);
 router.use('/note', note);
diff --git a/app/src/routes/v1/user.ts b/app/src/routes/v1/user.ts
index b09b9c17..cb3bcc4f 100644
--- a/app/src/routes/v1/user.ts
+++ b/app/src/routes/v1/user.ts
@@ -8,7 +8,7 @@ import type { NextFunction, Request, Response } from 'express';
 const router = express.Router();
 router.use(requireSomeAuth);
 
-// Submission endpoint
+// Search for users
 router.get('/', userValidator.searchUsers, (req: Request, res: Response, next: NextFunction): void => {
   userController.searchUsers(req, res, next);
 });
diff --git a/app/src/services/accessRequest.ts b/app/src/services/accessRequest.ts
new file mode 100644
index 00000000..56ff5929
--- /dev/null
+++ b/app/src/services/accessRequest.ts
@@ -0,0 +1,59 @@
+// import jwt from 'jsonwebtoken';
+// import { Prisma } from '@prisma/client';
+import { v4 as uuidv4 } from 'uuid';
+
+import prisma from '../db/dataConnection';
+import { access_request } from '../db/models';
+import { AccessRequestStatus } from '../utils/enums/application';
+
+import type { AccessRequest } from '../types';
+
+/**
+ * The User DB Service
+ */
+const service = {
+  /**
+   * @function createUserAccessRequest
+   * Create an access_request record
+   * @param {object} data Incoming accessRequest data
+   * @returns {Promise<object>} The result of running the insert operation
+   * @throws The error encountered upon db transaction failure
+   */
+  createUserAccessRevokeRequest: async (accessRequest: AccessRequest) => {
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+
+    const newAccessRequest = {
+      accessRequestId: uuidv4(),
+      userId: accessRequest.userId,
+      grant: accessRequest.grant as boolean,
+      role: accessRequest.role as string,
+      status: AccessRequestStatus.PENDING
+    };
+    const accessRequestResponse = await prisma.access_request.create({
+      data: access_request.toPrismaModel(newAccessRequest)
+    });
+
+    return access_request.fromPrismaModel(accessRequestResponse);
+  },
+
+  /**
+   * @function getAccessRequests
+   * Get all access requests
+   * @returns {Promise<object>} The result of running the find operation
+   */
+  getAccessRequests: async () => {
+    const response = await prisma.access_request.findMany();
+    return response.map((x) => access_request.fromPrismaModel(x));
+  },
+
+  /**
+   * @function updateUserRole
+   * Updates user role
+   * @returns {Promise<object>} The result of running the put operation
+   */
+  updateUserRole: async () => {
+    // TODO: Implement updateUserRole
+  }
+};
+
+export default service;
diff --git a/app/src/services/index.ts b/app/src/services/index.ts
index 4264a3fd..c48106c7 100644
--- a/app/src/services/index.ts
+++ b/app/src/services/index.ts
@@ -1,3 +1,4 @@
+export { default as accessRequestService } from './accessRequest';
 export { default as activityService } from './activity';
 export { default as comsService } from './coms';
 export { default as documentService } from './document';
diff --git a/app/src/services/user.ts b/app/src/services/user.ts
index f69db4cb..d2517c68 100644
--- a/app/src/services/user.ts
+++ b/app/src/services/user.ts
@@ -4,6 +4,7 @@ import { v4 as uuidv4, NIL } from 'uuid';
 
 import prisma from '../db/dataConnection';
 import { identity_provider, user } from '../db/models';
+import { AccessRole } from '../utils/enums/application';
 import { parseIdentityKeyClaims } from '../utils/utils';
 
 import type { User, UserSearchParameters } from '../types';
@@ -117,6 +118,28 @@ const service = {
     return response;
   },
 
+  /**
+   * @function createUserIfNew
+   * Create a user DB record if it does not exist
+   * @param {object} data Incoming user data
+   * @returns {Promise<object>} The result of running the insert operation
+   * @throws The error encountered upon db transaction failure
+   */
+  createUserIfNew: async (data: User) => {
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    let response: any;
+    response = await prisma.user.findFirst({
+      where: {
+        identity_id: data.identityId,
+        idp: data.idp
+      }
+    });
+
+    if (!response) {
+      response = await service.createUser(data);
+      return user.fromPrismaModel(response);
+    } else return;
+  },
   /**
    * @function getCurrentUserId
    * Gets userId (primary identifier of a user in db) of currentUser.
@@ -262,6 +285,11 @@ const service = {
       }
     });
 
+    if ((params.role as string) === AccessRole.PCNS_NAVIGATOR) {
+      // eslint-disable-next-line max-len
+      // TODO filter out any use without a role of PCNS_NAVIGATOR|PCNS_READ_ONLY or a pending access request from the response
+    }
+
     return response.map((x) => user.fromPrismaModel(x));
   },
 
diff --git a/app/src/types/AccessRequest.ts b/app/src/types/AccessRequest.ts
new file mode 100644
index 00000000..5653d058
--- /dev/null
+++ b/app/src/types/AccessRequest.ts
@@ -0,0 +1,10 @@
+import { IStamps } from '../interfaces/IStamps';
+import { AccessRequestStatus } from '../utils/enums/application';
+
+export type AccessRequest = {
+  accessRequestId: string; // Primary key
+  grant: boolean;
+  role: string | null;
+  status: AccessRequestStatus;
+  userId: string;
+} & Partial<IStamps>;
diff --git a/app/src/types/UserAccessRequest.ts b/app/src/types/UserAccessRequest.ts
new file mode 100644
index 00000000..a0fb899d
--- /dev/null
+++ b/app/src/types/UserAccessRequest.ts
@@ -0,0 +1,4 @@
+import type { AccessRequest, User } from '.';
+export type UserAccessRequest = {
+  accessRequest?: AccessRequest;
+} & User;
diff --git a/app/src/types/UserSearchParameters.ts b/app/src/types/UserSearchParameters.ts
index a49b61aa..26648717 100644
--- a/app/src/types/UserSearchParameters.ts
+++ b/app/src/types/UserSearchParameters.ts
@@ -8,4 +8,5 @@ export type UserSearchParameters = {
   fullName?: string;
   lastName?: string;
   active?: boolean;
+  role?: string;
 };
diff --git a/app/src/types/index.ts b/app/src/types/index.ts
index 5690d27f..b0757883 100644
--- a/app/src/types/index.ts
+++ b/app/src/types/index.ts
@@ -1,4 +1,5 @@
 export type { Activity } from './Activity';
+export type { AccessRequest } from './AccessRequest';
 export type { BringForward } from './BringForward';
 export type { ChefsFormConfig, ChefsFormConfigData } from './ChefsFormConfig';
 export type { ChefsSubmissionExport } from './ChefsSubmissionExport';
@@ -16,4 +17,5 @@ export type { PermitType } from './PermitType';
 export type { Submission } from './Submission';
 export type { SubmissionSearchParameters } from './SubmissionSearchParameters';
 export type { User } from './User';
+export type { UserAccessRequest } from './UserAccessRequest';
 export type { UserSearchParameters } from './UserSearchParameters';
diff --git a/app/src/utils/enums/application.ts b/app/src/utils/enums/application.ts
index 4db04a52..d9299a72 100644
--- a/app/src/utils/enums/application.ts
+++ b/app/src/utils/enums/application.ts
@@ -30,6 +30,12 @@ export enum Initiative {
   HOUSING = 'HOUSING'
 }
 
+export enum AccessRequestStatus {
+  APPROVED = 'Approved',
+  PENDING = 'Pending',
+  REJECTED = 'Rejected'
+}
+
 export enum Regex {
   /**
    * Generic email regex modified to require domain of at least 2 characters
diff --git a/app/src/validators/accessRequest.ts b/app/src/validators/accessRequest.ts
new file mode 100644
index 00000000..7554fe7a
--- /dev/null
+++ b/app/src/validators/accessRequest.ts
@@ -0,0 +1,33 @@
+import Joi from 'joi';
+
+import { uuidv4 } from './common';
+import { validate } from '../middleware/validation';
+
+const schema = {
+  userAccessRevokeRequest: {
+    body: Joi.object({
+      user: Joi.object({
+        userId: uuidv4.allow(null),
+        identityId: uuidv4.required(),
+        idp: Joi.string().max(255).required(),
+        username: Joi.string().max(255).required(),
+        email: Joi.string().max(255).required(),
+        firstName: Joi.string().max(255).required(),
+        fullName: Joi.string().max(255).required(),
+        lastName: Joi.string().max(255).required(),
+        active: Joi.string().max(255).allow(null)
+      }),
+      accessRequest: Joi.object({
+        accessRequestId: uuidv4.allow(null),
+        userId: uuidv4.allow(null),
+        grant: Joi.boolean().required(),
+        role: Joi.string().max(255).allow(null),
+        status: Joi.string().max(255).allow(null)
+      })
+    })
+  }
+};
+
+export default {
+  userAccessRevokeRequest: validate(schema.userAccessRevokeRequest)
+};
diff --git a/app/src/validators/index.ts b/app/src/validators/index.ts
index 5aca938a..f7f533c2 100644
--- a/app/src/validators/index.ts
+++ b/app/src/validators/index.ts
@@ -1,3 +1,4 @@
+export { default as accessRequestValidator } from './accessRequest';
 export { default as documentValidator } from './document';
 export { default as enquiryValidator } from './enquiry';
 export { default as noteValidator } from './note';
diff --git a/app/src/validators/user.ts b/app/src/validators/user.ts
index 10c9e0c3..3684399f 100644
--- a/app/src/validators/user.ts
+++ b/app/src/validators/user.ts
@@ -1,4 +1,5 @@
 import Joi from 'joi';
+
 import { uuidv4 } from './common';
 import { validate } from '../middleware/validation';
 
@@ -13,7 +14,8 @@ const schema = {
       firstName: Joi.string().max(255),
       fullName: Joi.string().max(255),
       lastName: Joi.string().max(255),
-      active: Joi.string().max(255)
+      active: Joi.string().max(255),
+      role: Joi.string().max(255)
     })
   }
 };
diff --git a/frontend/src/components/user/UserCreateModal.vue b/frontend/src/components/user/UserCreateModal.vue
index 1959dd2d..474e1862 100644
--- a/frontend/src/components/user/UserCreateModal.vue
+++ b/frontend/src/components/user/UserCreateModal.vue
@@ -1,25 +1,78 @@
 <script setup lang="ts">
 import { ref } from 'vue';
-import { Button, Column, DataTable, Dialog, FilterMatchMode, IconField, InputIcon, InputText } from '@/lib/primevue';
 
 import { Dropdown } from '@/components/form';
+import { Spinner } from '@/components/layout';
+import { Button, Column, DataTable, Dialog, IconField, InputIcon, InputText, useToast } from '@/lib/primevue';
+import { PermissionService } from '@/services';
 import { ROLES } from '@/utils/constants/application';
 
+import type { DropdownChangeEvent } from 'primevue/dropdown';
 import type { Ref } from 'vue';
-import type { User } from '@/types';
-
+import type { UserAccessRequest } from '@/types';
+import axios from 'axios';
 // Emits
 const emit = defineEmits(['userCreate:request']);
 
 // State
+let cancelTokenSource: any = null; // Initialize a variable to hold the cancel token source
+const loading: Ref<boolean> = ref(false);
 const visible = defineModel<boolean>('visible');
-const users: Ref<Array<User>> = ref([]);
-const selection: Ref<User | undefined> = ref(undefined);
+const users: Ref<Array<UserAccessRequest>> = ref([]);
+const selection: Ref<UserAccessRequest | undefined> = ref(undefined);
+const selectedRole: Ref<string | undefined> = ref(undefined);
+const selectedParam: Ref<string | undefined> = ref(undefined);
+const searchTag: Ref<string> = ref('');
+
+const USER_SEARCH_PARAMS: { [key: string]: string } = {
+  firstName: 'First name',
+  lastName: 'Last name',
+  email: 'Email'
+};
+
+// Actions
+const permissionService = new PermissionService();
+const toast = useToast();
+
+async function searchIdirUsers() {
+  selection.value = undefined;
+  const searchParam =
+    Object.keys(USER_SEARCH_PARAMS).find((key) => USER_SEARCH_PARAMS[key] === selectedParam.value) ||
+    Object.keys(USER_SEARCH_PARAMS)[0];
+  searchTag.value = searchTag.value.trim();
+  if (searchTag.value.length > 2) {
+    if (cancelTokenSource) {
+      cancelTokenSource.cancel('Cancelling the previous request'); // Cancel the previous request
+    }
+    cancelTokenSource = axios.CancelToken.source(); // Create a new cancel token source for the new request
 
-// Datatable filter(s)
-const filters = ref({
-  global: { value: null, matchMode: FilterMatchMode.CONTAINS }
-});
+    try {
+      loading.value = true;
+      const response = await permissionService.searchIdirUsers(
+        {
+          [searchParam]: searchTag.value
+        },
+        cancelTokenSource.token // Attach the cancel token to the request
+      );
+      loading.value = false;
+      // Map the response data to the required format
+      // Spread the rest of the properties and filter out users without email
+      users.value = response.data
+        .map(({ attributes, ...rest }: any) => ({
+          ...rest,
+          fullName: attributes?.display_name?.[0] as string,
+          identityId: attributes?.idir_user_guid?.[0] as string
+        }))
+        .filter((user: any) => !!user.email);
+    } catch (error) {
+      if (!axios.isCancel(error)) toast.error('Error searching for users ' + error);
+    } finally {
+      cancelTokenSource = null; // Reset the cancel token source
+    }
+  } else {
+    users.value = [];
+  }
+}
 </script>
 
 <template>
@@ -27,41 +80,64 @@ const filters = ref({
     v-model:visible="visible"
     :draggable="false"
     :modal="true"
-    class="app-info-dialog w-5"
+    class="app-info-dialog w-6"
   >
     <template #header>
       <span class="p-dialog-title">Create new user</span>
     </template>
-    <IconField
-      icon-position="left"
-      class="mt-1"
-    >
-      <InputIcon class="pi pi-search" />
-      <InputText
-        v-model="filters['global'].value"
-        placeholder="Search by first name, last name, or email"
-        class="col-12 pl-5"
+    <div class="flex justify-content-between align-items-center">
+      <div class="col-9 mb-2">
+        <IconField icon-position="left">
+          <InputIcon class="pi pi-search" />
+          <InputText
+            v-model="searchTag"
+            placeholder="Search by first name, last name, or email"
+            class="col-12 pl-5"
+            @update:model-value="searchIdirUsers"
+          />
+        </IconField>
+      </div>
+      <Dropdown
+        class="col-3 m-0"
+        name="assignRole"
+        placeholder="First name"
+        :options="Object.values(USER_SEARCH_PARAMS)"
+        @on-change="
+          (param: DropdownChangeEvent) => {
+            selectedParam = param.value;
+            searchIdirUsers();
+          }
+        "
       />
-    </IconField>
+    </div>
     <DataTable
       v-model:selection="selection"
-      v-model:filters="filters"
       :row-hover="true"
-      class="datatable mt-3 mb-2"
+      :loading="loading"
+      class="datatable mt-3 mb-2 pl-2 pr-2"
       :value="users"
       selection-mode="single"
-      data-key="userId"
+      data-key="username"
+      :rows="5"
+      :paginator="true"
     >
       <template #empty>
         <div class="flex justify-content-center">
           <h5 class="m-0">No users found.</h5>
         </div>
       </template>
+      <template #loading>
+        <Spinner />
+      </template>
       <Column
         field="username"
         header="Username"
         sortable
-      />
+      >
+        <template #body="{ data }">
+          {{ data.fullName }}
+        </template>
+      </Column>
       <Column
         field="firstName"
         header="First Name"
@@ -72,23 +148,30 @@ const filters = ref({
         header="Last Name"
         sortable
       />
+      <Column
+        field="email"
+        header="Email"
+        sortable
+      />
     </DataTable>
     <Dropdown
       class="col-12"
       name="assignRole"
       label="Assign role"
       :options="ROLES"
+      :disabled="!selection"
+      @on-change="(e: DropdownChangeEvent) => (selectedRole = e.value)"
     />
-    <div class="flex-auto">
+    <div class="flex-auto pl-2">
       <Button
         class="mr-2"
         label="Request approval"
         type="submit"
         icon="pi pi-check"
+        :disabled="!selection || !selectedRole"
         @click="
           () => {
-            emit('userCreate:request', selection);
-            visible = false;
+            emit('userCreate:request', selection, selectedRole);
           }
         "
       />
diff --git a/frontend/src/components/user/UserManageModal.vue b/frontend/src/components/user/UserManageModal.vue
index bb0fa75b..7b8f8061 100644
--- a/frontend/src/components/user/UserManageModal.vue
+++ b/frontend/src/components/user/UserManageModal.vue
@@ -1,14 +1,18 @@
 <script setup lang="ts">
-import { Button, Dialog } from '@/lib/primevue';
+import { ref } from 'vue';
 
 import { RadioList } from '@/components/form';
+import { Button, Dialog } from '@/lib/primevue';
 import { ROLES } from '@/utils/constants/application';
 
+import type { Ref } from 'vue';
+
 // Emits
 const emit = defineEmits(['userManage:save']);
 
 // State
 const visible = defineModel<boolean>('visible');
+const role: Ref<string | undefined> = ref(undefined);
 </script>
 
 <template>
@@ -27,6 +31,7 @@ const visible = defineModel<boolean>('visible');
       :bold="false"
       :options="ROLES"
       class="mt-3 mb-4"
+      @on-change="(value) => (role = value)"
     />
     <div class="flex-auto">
       <Button
@@ -34,12 +39,7 @@ const visible = defineModel<boolean>('visible');
         label="Save"
         type="submit"
         icon="pi pi-check"
-        @click="
-          () => {
-            emit('userManage:save');
-            visible = false;
-          }
-        "
+        @click="emit('userManage:save', role)"
       />
       <Button
         class="p-button-outlined mr-2"
diff --git a/frontend/src/components/user/UserTable.vue b/frontend/src/components/user/UserTable.vue
index fe5da044..22a700d7 100644
--- a/frontend/src/components/user/UserTable.vue
+++ b/frontend/src/components/user/UserTable.vue
@@ -1,32 +1,32 @@
 <script setup lang="ts">
 import { ref } from 'vue';
-import { Button, Column, DataTable } from '@/lib/primevue';
 
+import { Button, Column, DataTable } from '@/lib/primevue';
 import PermissionService, { Permissions } from '@/services/permissionService';
+import { AccessRequestStatus } from '@/utils/enums/application';
 
 import type { Ref } from 'vue';
-import type { User } from '@/types';
+import type { UserAccessRequest } from '@/types';
 
 // Props
 type Props = {
-  users: Array<User>;
+  usersRequest: Array<UserAccessRequest>;
   revocation?: boolean;
 };
 
 const props = withDefaults(defineProps<Props>(), {
-  users: undefined
+  usersRequest: undefined
 });
 
-// Constants
-const USER_STATUS = {
-  APPROVED: 'Approved'
-};
-
 // Emits
 const emit = defineEmits(['userTable:delete', 'userTable:approve', 'userTable:manage', 'userTable:revoke']);
 
+// Constants
+const DEFAULT_SORT_ORDER = 1;
+const DEFAULT_SORT_FIELD = 'fullName';
+
 // State
-const selection: Ref<User | undefined> = ref(undefined);
+const selection: Ref<UserAccessRequest | undefined> = ref(undefined);
 
 // Actions
 const permissionService = new PermissionService();
@@ -37,8 +37,10 @@ const permissionService = new PermissionService();
     v-model:selection="selection"
     :row-hover="true"
     class="datatable"
-    :value="props.users"
+    :value="props.usersRequest"
     selection-mode="single"
+    :sort-field="DEFAULT_SORT_FIELD"
+    :sort-order="DEFAULT_SORT_ORDER"
   >
     <template #empty>
       <div class="flex justify-content-center">
@@ -46,7 +48,7 @@ const permissionService = new PermissionService();
       </div>
     </template>
     <Column
-      field="username"
+      field="fullName"
       header="Username"
       sortable
     />
@@ -69,7 +71,11 @@ const permissionService = new PermissionService();
       field="role"
       header="Role"
       sortable
-    />
+    >
+      <template #body="{ data }">
+        {{ data.role ?? data.accessRequest?.role }}
+      </template>
+    </Column>
     <Column
       v-if="!revocation"
       field="manage"
@@ -80,9 +86,9 @@ const permissionService = new PermissionService();
     >
       <template #body="{ data }">
         <Button
-          class="p-button-lg p-button-text p-0 pr-3"
+          class="p-button-lg p-button-text p-0 mr-3"
           aria-label="Manage user"
-          :disabled="revocation || data.status !== USER_STATUS.APPROVED"
+          :disabled="revocation || data.accessRequest?.status === AccessRequestStatus.PENDING"
           @click="
             () => {
               selection = data;
@@ -104,9 +110,9 @@ const permissionService = new PermissionService();
     >
       <template #body="{ data }">
         <Button
-          class="p-button-lg p-button-text p-0 pr-3"
+          class="p-button-lg p-button-text p-0 mr-3"
           aria-label="Approve user"
-          :disabled="revocation || data.status === USER_STATUS.APPROVED"
+          :disabled="revocation || data.status === AccessRequestStatus.APPROVED"
           @click="
             () => {
               selection = data;
@@ -127,9 +133,9 @@ const permissionService = new PermissionService();
     >
       <template #body="{ data }">
         <Button
-          class="p-button-lg p-button-text p-button-danger p-0 pr-3"
+          class="p-button-lg p-button-text p-button-danger p-0 mr-3"
           aria-label="Delete user"
-          :disabled="data.status !== USER_STATUS.APPROVED"
+          :disabled="revocation || data.accessRequest?.status === AccessRequestStatus.PENDING"
           @click="
             () => {
               selection = data;
diff --git a/frontend/src/interfaces/ISSOAttribute.ts b/frontend/src/interfaces/ISSOAttribute.ts
new file mode 100644
index 00000000..0800aead
--- /dev/null
+++ b/frontend/src/interfaces/ISSOAttribute.ts
@@ -0,0 +1,6 @@
+export interface ISSOAttribute {
+  displayName?: string;
+  IDIRAttribute?: any;
+  BasicBCeIDAttribute?: any;
+  BusinessBCeIDAttribute?: any;
+}
diff --git a/frontend/src/services/accessRequestService.ts b/frontend/src/services/accessRequestService.ts
new file mode 100644
index 00000000..058dc61c
--- /dev/null
+++ b/frontend/src/services/accessRequestService.ts
@@ -0,0 +1,31 @@
+import { appAxios } from './interceptors';
+
+import type { AxiosResponse } from 'axios';
+
+const PATH = 'accessRequest';
+
+export default {
+  /**
+   * @function createUserAccessRequest
+   * @returns {Promise} An axios response
+   */
+  createUserAccessRequest(data: any) {
+    return appAxios().post(`${PATH}/`, data);
+  },
+
+  /**
+   * @function getAccessRequests
+   * @returns {Promise} An axios response
+   */
+  getAccessRequests(): Promise<AxiosResponse> {
+    return appAxios().get(`${PATH}`);
+  },
+
+  /**
+   * @function revokeUserAccessRequest
+   * @returns {Promise} An axios response
+   */
+  revokeUserAccessRequest(data: any) {
+    return appAxios().post(`${PATH}/`, data);
+  }
+};
diff --git a/frontend/src/services/index.ts b/frontend/src/services/index.ts
index 2af85a1f..de2789af 100644
--- a/frontend/src/services/index.ts
+++ b/frontend/src/services/index.ts
@@ -1,3 +1,4 @@
+export { default as accessRequestService } from './accessRequestService';
 export { default as AuthService } from './authService';
 export { default as ConfigService } from './configService';
 export { default as PermissionService } from './permissionService';
diff --git a/frontend/src/services/permissionService.ts b/frontend/src/services/permissionService.ts
index 3d9b4866..1895f41c 100644
--- a/frontend/src/services/permissionService.ts
+++ b/frontend/src/services/permissionService.ts
@@ -1,6 +1,7 @@
+import type { CancelToken } from 'axios';
+
 import { AccessRole } from '@/utils/enums/application';
 import { appAxios } from './interceptors';
-
 import { useAuthStore } from '@/store';
 
 export enum Permissions {
@@ -168,8 +169,8 @@ export default class PermissionService {
     return appAxios().post('sso/requestBasicAccess');
   }
 
-  public async searchIdirUsers(params?: any) {
-    return appAxios().get('sso/idir/users', { params: params });
+  public async searchIdirUsers(params?: any, cancelToken?: CancelToken) {
+    return appAxios().get('sso/idir/users', { params: params, cancelToken: cancelToken });
   }
 
   public async searchBasicBceidUsers(params?: any) {
diff --git a/frontend/src/types/AccessRequest.ts b/frontend/src/types/AccessRequest.ts
new file mode 100644
index 00000000..12d39e24
--- /dev/null
+++ b/frontend/src/types/AccessRequest.ts
@@ -0,0 +1,11 @@
+import type { IStamps } from '@/interfaces';
+
+import { AccessRequestStatus } from '@/utils/enums/application';
+
+export type AccessRequest = {
+  accessRequestId?: string;
+  grant?: boolean;
+  role?: string;
+  status?: AccessRequestStatus;
+  userId?: string;
+} & IStamps;
diff --git a/frontend/src/types/BasicBCeIDAttribute.ts b/frontend/src/types/BasicBCeIDAttribute.ts
new file mode 100644
index 00000000..a53a1a77
--- /dev/null
+++ b/frontend/src/types/BasicBCeIDAttribute.ts
@@ -0,0 +1,5 @@
+import type { ISSOAttribute } from '@/interfaces/ISSOAttribute';
+export type BasicBCeIDAttribute = {
+  bceidUserGuid: string;
+  bceidUsername: string;
+} & ISSOAttribute;
diff --git a/frontend/src/types/BusinessBCeIDAttribute.ts b/frontend/src/types/BusinessBCeIDAttribute.ts
new file mode 100644
index 00000000..610c4b2c
--- /dev/null
+++ b/frontend/src/types/BusinessBCeIDAttribute.ts
@@ -0,0 +1,5 @@
+import type { BasicBCeIDAttribute } from '@/types';
+export type BusinessBCeIDAttribute = {
+  bceidBusinessGuid: string;
+  bceidBusinessName: string;
+} & BasicBCeIDAttribute;
diff --git a/frontend/src/types/IDIRAttribute.ts b/frontend/src/types/IDIRAttribute.ts
new file mode 100644
index 00000000..ac5c9217
--- /dev/null
+++ b/frontend/src/types/IDIRAttribute.ts
@@ -0,0 +1,5 @@
+import type { ISSOAttribute } from '@/interfaces/ISSOAttribute';
+export type IDIRAttribute = {
+  idirUserGuid: string;
+  idiUsername: string;
+} & ISSOAttribute;
diff --git a/frontend/src/types/UserAccessRequest.ts b/frontend/src/types/UserAccessRequest.ts
new file mode 100644
index 00000000..46014990
--- /dev/null
+++ b/frontend/src/types/UserAccessRequest.ts
@@ -0,0 +1,6 @@
+import type { AccessRequest, IDIRAttribute, User } from '@/types';
+
+export type UserAccessRequest = {
+  accessRequest?: AccessRequest;
+  idirAttributes?: IDIRAttribute;
+} & User;
diff --git a/frontend/src/types/UserSearchParameters.ts b/frontend/src/types/UserSearchParameters.ts
index a49b61aa..26648717 100644
--- a/frontend/src/types/UserSearchParameters.ts
+++ b/frontend/src/types/UserSearchParameters.ts
@@ -8,4 +8,5 @@ export type UserSearchParameters = {
   fullName?: string;
   lastName?: string;
   active?: boolean;
+  role?: string;
 };
diff --git a/frontend/src/types/index.ts b/frontend/src/types/index.ts
index 4249f803..c4ca35fe 100644
--- a/frontend/src/types/index.ts
+++ b/frontend/src/types/index.ts
@@ -1,8 +1,12 @@
+export type { AccessRequest } from './AccessRequest';
+export type { BasicBCeIDAttribute } from './BasicBCeIDAttribute';
 export type { BringForward } from './BringForward';
+export type { BusinessBCeIDAttribute } from './BusinessBCeIDAttribute';
 export type { Document } from './Document';
 export type { Email } from './Email';
 export type { Enquiry } from './Enquiry';
 export type { IdentityProvider } from './IdentityProvider';
+export type { IDIRAttribute } from './IDIRAttribute';
 export type { Note } from './Note';
 export type { Permit } from './Permit';
 export type { PermitForm } from './PermitForm';
@@ -10,4 +14,5 @@ export type { PermitType } from './PermitType';
 export type { Statistics } from './Statistics';
 export type { Submission } from './Submission';
 export type { User } from './User';
+export type { UserAccessRequest } from './UserAccessRequest';
 export type { UserSearchParameters } from './UserSearchParameters';
diff --git a/frontend/src/utils/constants/application.ts b/frontend/src/utils/constants/application.ts
index 14469a10..6b86ec48 100644
--- a/frontend/src/utils/constants/application.ts
+++ b/frontend/src/utils/constants/application.ts
@@ -3,7 +3,7 @@
  */
 
 import { NIL } from 'uuid';
-import { AccessRole, BasicResponse, Roles } from '../enums/application';
+import { AccessRequestStatus, AccessRole, BasicResponse, Roles, UserSearchParams } from '../enums/application';
 
 export const ACCESS_ROLES_LIST = [
   AccessRole.PCNS_ADMIN,
@@ -22,7 +22,15 @@ export const PCNS_CONTACT = {
 
 export const ROLES = [Roles.NAVIGATOR, Roles.READ_ONLY];
 
+export const ACCESS_REQUEST_STATUS = [
+  AccessRequestStatus.APPROVED,
+  AccessRequestStatus.PENDING,
+  AccessRequestStatus.REJECTED
+];
+
 export const SYSTEM_USER = NIL;
 
+export const USER_SEARCH_PARAMS = [UserSearchParams.FIRST_NAME, UserSearchParams.LAST_NAME, UserSearchParams.EMAIL];
+
 export const YES_NO_LIST = [BasicResponse.YES, BasicResponse.NO];
 export const YES_NO_UNSURE_LIST = [BasicResponse.YES, BasicResponse.NO, BasicResponse.UNSURE];
diff --git a/frontend/src/utils/enums/application.ts b/frontend/src/utils/enums/application.ts
index d0cac319..f7e660b8 100644
--- a/frontend/src/utils/enums/application.ts
+++ b/frontend/src/utils/enums/application.ts
@@ -57,11 +57,23 @@ export enum RouteName {
   USER_MANAGEMENT = 'user_management'
 }
 
+export enum IdentityProvider {
+  IDIR = 'idir',
+  BCEID = 'bceidbasic',
+  BCEIDBUSINESS = 'bceidbusiness'
+}
+
 export enum Roles {
   NAVIGATOR = 'Navigator',
   READ_ONLY = 'Read-only'
 }
 
+export enum AccessRequestStatus {
+  APPROVED = 'Approved',
+  PENDING = 'Pending',
+  REJECTED = 'Rejected'
+}
+
 export enum StorageKey {
   AUTH = 'entrypoint',
   BF_ACCORDION_IDX = 'bf_accordion_idx',
@@ -75,3 +87,9 @@ export enum ToastTimeout {
   SUCCESS = 3000,
   WARNING = 5000
 }
+
+export enum UserSearchParams {
+  FIRST_NAME = 'First name',
+  LAST_NAME = 'Last name',
+  EMAIL = 'Email'
+}
diff --git a/frontend/src/views/user/UserManagementView.vue b/frontend/src/views/user/UserManagementView.vue
index ceb2a698..fb7a51e0 100644
--- a/frontend/src/views/user/UserManagementView.vue
+++ b/frontend/src/views/user/UserManagementView.vue
@@ -1,4 +1,11 @@
 <script setup lang="ts">
+import { NIL } from 'uuid';
+import { onMounted, ref } from 'vue';
+
+import { ProgressLoader } from '@/components/layout';
+import UserCreateModal from '@/components/user/UserCreateModal.vue';
+import UserManageModal from '@/components/user/UserManageModal.vue';
+import UserTable from '@/components/user/UserTable.vue';
 import {
   Button,
   FilterMatchMode,
@@ -7,37 +14,58 @@ import {
   InputText,
   TabPanel,
   TabView,
-  useConfirm
+  useConfirm,
+  useToast
 } from '@/lib/primevue';
-import { ref } from 'vue';
-
-import UserCreateModal from '@/components/user/UserCreateModal.vue';
-import UserManageModal from '@/components/user/UserManageModal.vue';
-import UserTable from '@/components/user/UserTable.vue';
 import PermissionService, { Permissions } from '@/services/permissionService';
+import { accessRequestService, userService } from '@/services';
+import { IdentityProvider, AccessRequestStatus, AccessRole } from '@/utils/enums/application';
 
 import type { Ref } from 'vue';
-import type { User } from '@/types';
+import type { AccessRequest, User, UserAccessRequest } from '@/types';
 
 //State
-const users: Ref<Array<User>> = ref([]);
-const createUserCreateModalVisible: Ref<boolean> = ref(false);
-const manageUserCreateModalVisible: Ref<boolean> = ref(false);
+const createUserModalVisible: Ref<boolean> = ref(false);
+const manageUserModalVisible: Ref<boolean> = ref(false);
 const activeTab: Ref<number> = ref(Number(0));
+const getIsLoading: Ref<boolean> = ref(false);
+const managedUser: Ref<UserAccessRequest | undefined> = ref(undefined);
+const usersRequest: Ref<Array<UserAccessRequest>> = ref([]);
+
+// Constants
+const PENDING_STATUSES = {
+  PENDING_APPROVAL: 'Pending Approval',
+  PENDING_REVOCATION: 'Pending Revocation'
+};
 
 //Actions
 const confirm = useConfirm();
 const permissionService = new PermissionService();
+const toast = useToast();
 
-function onDelete(user: User) {
-  // TODO: Implement
+function onDelete(user: UserAccessRequest) {
+  let message = '';
+  let header = '';
+  if (user.accessRequest?.status === 'Pending') {
+    message = 'The user will now be deleted from the list.';
+    header = 'Delete user';
+  } else {
+    message = 'The user will now lose all access to the system.';
+    header = 'Revoke user';
+  }
   confirm.require({
-    message: 'The user will now lose all access to the system.',
-    header: 'Revoke user',
+    message: message,
+    header: header,
     acceptLabel: 'Confirm',
     acceptClass: 'p-button-danger',
     rejectLabel: 'Cancel',
-    accept: () => {}
+    accept: async () => {
+      try {
+        //TODO : Implement
+      } catch (error) {
+        throw new Error('Error deleting user access ' + error);
+      }
+    }
   });
 }
 
@@ -53,46 +81,119 @@ function onApprove(user: User) {
   });
 }
 
-function onRevoke(user: User) {
-  // TODO: Implement
+function onRevoke(user: UserAccessRequest) {
   confirm.require({
     message: 'The user will be revoked from the system upon the approval of an admin.',
     header: 'Revoke user',
     acceptLabel: 'Confirm',
     acceptClass: 'p-button-danger',
     rejectLabel: 'Cancel',
-    accept: () => {}
+    accept: async () => {
+      try {
+        const response = await accessRequestService.revokeUserAccessRequest({
+          accessRequest: { userId: user.userId, grant: false }
+        });
+        if (response) {
+          user.accessRequest = response.data;
+          user = assignUserStatus(user);
+          toast.success('Revoke requested');
+        }
+      } catch (error) {
+        toast.error('Error revoking user access');
+        throw new Error('Error revoking user access ' + error);
+      }
+    }
   });
 }
 
-function onManage(user: User) {
-  manageUserCreateModalVisible.value = true;
+async function onUserManageSave(role: string) {
+  if (managedUser.value?.accessRequest) managedUser.value.accessRequest.role = role;
+  try {
+    // TODO: Implement
+    toast.success('User role updated');
+  } catch (error) {
+    toast.error('Error updating user role ');
+  } finally {
+    manageUserModalVisible.value = false;
+  }
 }
 
-function onSave() {
-  // TODO: Implement
-}
+async function onUserCreate(user: UserAccessRequest, role: string) {
+  let newUser: UserAccessRequest = { ...user }; // using spread operator to avoid reference to the same object
+  try {
+    getIsLoading.value = true;
+    newUser.idp = IdentityProvider.IDIR;
+    const accessRequest = {
+      userId: user.userId,
+      grant: true,
+      status: AccessRequestStatus.PENDING,
+      role: role
+    };
+    const response = await accessRequestService.createUserAccessRequest({
+      user: newUser,
+      accessRequest: accessRequest
+    });
 
-function onUserCreate() {
-  // TODO: Implement
+    usersRequest.value.push(assignUserStatus(response.data));
+    toast.success('Access requested');
+  } catch (error: any) {
+    toast.error('Failed to request access', error.response?.data?.message ?? error.message);
+  } finally {
+    createUserModalVisible.value = false;
+    getIsLoading.value = false;
+  }
 }
 
 // Datatable filter(s)
 const filters = ref({
   global: { value: null, matchMode: FilterMatchMode.CONTAINS }
 });
+
+onMounted(async () => {
+  const response = await userService.searchUsers({
+    active: true,
+    role: AccessRole.PCNS_NAVIGATOR
+  });
+  let users: Array<UserAccessRequest> = response.data;
+  // filtering out system user
+  users = users.filter((user) => user.userId !== NIL);
+  let accessRequests: Array<AccessRequest> = (await accessRequestService.getAccessRequests()).data;
+  // combining user and access request data
+  usersRequest.value = users.map((user) => {
+    const accessRequest = accessRequests.find((accessRequest) => accessRequest.userId === user.userId);
+    user.accessRequest = accessRequest ?? user.accessRequest;
+    user = assignUserStatus(user);
+    return user;
+  });
+});
+
+function assignUserStatus(user: UserAccessRequest) {
+  user.status =
+    user?.accessRequest?.status && user.accessRequest?.status === AccessRequestStatus.PENDING
+      ? user.accessRequest.grant
+        ? PENDING_STATUSES.PENDING_APPROVAL
+        : PENDING_STATUSES.PENDING_REVOCATION
+      : AccessRequestStatus.APPROVED;
+  return user;
+}
 </script>
+
 <template>
+  <ProgressLoader v-if="getIsLoading" />
   <h3>User Management</h3>
   <UserCreateModal
-    v-if="createUserCreateModalVisible"
-    v-model:visible="createUserCreateModalVisible"
-    @user-create:request="onUserCreate"
+    v-if="createUserModalVisible"
+    v-model:visible="createUserModalVisible"
+    @user-create:request="
+      (user: User, role: string) => {
+        onUserCreate(user, role);
+      }
+    "
   />
   <UserManageModal
-    v-if="manageUserCreateModalVisible"
-    v-model:visible="manageUserCreateModalVisible"
-    @user-manage:save="onSave"
+    v-if="manageUserModalVisible"
+    v-model:visible="manageUserModalVisible"
+    @user-manage:save="onUserManageSave"
   />
   <TabView
     v-if="permissionService.can(Permissions.NAVIGATION_HOUSING_USER_MANAGEMENT_ADMIN)"
@@ -104,7 +205,7 @@ const filters = ref({
           label="Create new user"
           type="submit"
           icon="pi pi-plus"
-          @click="createUserCreateModalVisible = true"
+          @click="createUserModalVisible = true"
         />
         <IconField icon-position="left">
           <InputIcon class="pi pi-search" />
@@ -117,9 +218,14 @@ const filters = ref({
       </div>
       <UserTable
         v-model:filters="filters"
-        :users="users"
+        :users-request="usersRequest"
         class="mt-4"
-        @user-table:manage="onManage"
+        @user-table:manage="
+          (user: User) => {
+            managedUser = user;
+            manageUserModalVisible = true;
+          }
+        "
         @user-table:approve="onApprove"
         @user-table:delete="onDelete"
       />
@@ -137,7 +243,7 @@ const filters = ref({
       </div>
       <UserTable
         v-model:filters="filters"
-        :users="users"
+        :users-request="usersRequest"
         class="mt-4"
         :revocation="true"
         @user-table:delete="onDelete"
@@ -150,7 +256,7 @@ const filters = ref({
         label="Create new user"
         type="submit"
         icon="pi pi-plus"
-        @click="createUserCreateModalVisible = true"
+        @click="createUserModalVisible = true"
       />
       <IconField icon-position="left">
         <InputIcon class="pi pi-search" />
@@ -163,9 +269,14 @@ const filters = ref({
     </div>
     <UserTable
       v-model:filters="filters"
-      :users="users"
+      :users-request="usersRequest"
       class="mt-4"
-      @user-table:manage="onManage"
+      @user-table:manage="
+        (user: User) => {
+          managedUser = user;
+          manageUserModalVisible = true;
+        }
+      "
       @user-table:revoke="onRevoke"
     />
   </div>