Skip to content

Group Management API & Admin UI #11

Description

@Batacek

Description

The domain model, database schema, and repository interface for groups already exist, but there is no way to manage them through the application — no API endpoints and no admin UI. Currently, groups can only be managed via direct SQL queries.

What already exists:

  • Group entity (Domain/Entities/Group.cs)
  • groups and user_groups tables in the database (create.sql)
  • Admin panel already shows a highestPriorityGroup column in the users table (the data is there, just not manageable)

What is missing:

Backend:

  • IGroupRepository interface (Application/Repositories/) with at least:
    • GetByGuidAsync, ListAsync, CreateAsync, UpdateAsync, DeleteAsync
    • GetMembersAsync(Guid groupGuid)
    • AddMemberAsync(Guid groupGuid, Guid userGuid, int priority)
    • RemoveMemberAsync(Guid groupGuid, Guid userGuid)
  • GroupRepository implementation in Infrastructure/Persistence/PostgreSQL/Repositories/
  • IGroupService and GroupService in Application/Services/
  • API endpoints under /api/admin/groups (admin-only):
    • GET /api/admin/groups — list all groups
    • POST /api/admin/groups — create a group
    • DELETE /api/admin/groups/{name} — delete a group
    • GET /api/admin/groups/{name}/members — list members
    • POST /api/admin/groups/{name}/members — add a user to a group
    • DELETE /api/admin/groups/{name}/members/{username} — remove a user from a group
  • Registration of IGroupRepository and IGroupService in HedgehogStartupExtensions.cs

Frontend (Admin.html):

  • "Create Group" form (name, description)
  • "Groups" table in the admin grid alongside Users and Servers, showing name, description, member count, and a delete button
  • "Manage Members" section or inline expansion — add/remove users from a group with priority input
  • Consistent style with the existing admin forms and tables
  • New frontend already covers that

Acceptance Criteria

  • IGroupRepository and GroupRepository implemented and registered in DI
  • IGroupService and GroupService implemented and registered in DI
  • All /api/admin/groups endpoints working and protected by RequireRole("Admin")
  • Admin UI allows creating and deleting groups
  • Admin UI allows adding and removing users from groups with a priority value
  • Deleting a group that has members fails gracefully or cascades correctly (consistent with the ON DELETE CASCADE already defined in the schema)
  • Remove existing behavior (admin group → isAdmin = true)

Notes

  • The admin group is special. Deleting the admin group should either be blocked or require a confirmation warning.
  • Priority in user_groups affects which group is shown as highestPriorityGroup in the users list — the UI should make this value editable when assigning a user to a group.
  • Consider invalidating the relevant IInMemoryStore cache entries (Account) when group membership changes, since groups are loaded as part of the account object.

Metadata

Metadata

Assignees

Labels

enhancementNew feature or request

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions