Description
The domain model, database schema, and repository interface for groups already exist, but there is no way to manage them through the application — no API endpoints and no admin UI. Currently, groups can only be managed via direct SQL queries.
What already exists:
Group entity (Domain/Entities/Group.cs)
groups and user_groups tables in the database (create.sql)
- Admin panel already shows a
highestPriorityGroup column in the users table (the data is there, just not manageable)
What is missing:
Backend:
IGroupRepository interface (Application/Repositories/) with at least:
GetByGuidAsync, ListAsync, CreateAsync, UpdateAsync, DeleteAsync
GetMembersAsync(Guid groupGuid)
AddMemberAsync(Guid groupGuid, Guid userGuid, int priority)
RemoveMemberAsync(Guid groupGuid, Guid userGuid)
GroupRepository implementation in Infrastructure/Persistence/PostgreSQL/Repositories/
IGroupService and GroupService in Application/Services/
- API endpoints under
/api/admin/groups (admin-only):
GET /api/admin/groups — list all groups
POST /api/admin/groups — create a group
DELETE /api/admin/groups/{name} — delete a group
GET /api/admin/groups/{name}/members — list members
POST /api/admin/groups/{name}/members — add a user to a group
DELETE /api/admin/groups/{name}/members/{username} — remove a user from a group
- Registration of
IGroupRepository and IGroupService in HedgehogStartupExtensions.cs
Frontend (Admin.html):
"Create Group" form (name, description)
"Groups" table in the admin grid alongside Users and Servers, showing name, description, member count, and a delete button
"Manage Members" section or inline expansion — add/remove users from a group with priority input
Consistent style with the existing admin forms and tables
- New frontend already covers that
Acceptance Criteria
Notes
- The
admin group is special. Deleting the admin group should either be blocked or require a confirmation warning.
- Priority in
user_groups affects which group is shown as highestPriorityGroup in the users list — the UI should make this value editable when assigning a user to a group.
- Consider invalidating the relevant
IInMemoryStore cache entries (Account) when group membership changes, since groups are loaded as part of the account object.
Description
The domain model, database schema, and repository interface for groups already exist, but there is no way to manage them through the application — no API endpoints and no admin UI. Currently, groups can only be managed via direct SQL queries.
What already exists:
Groupentity (Domain/Entities/Group.cs)groupsanduser_groupstables in the database (create.sql)highestPriorityGroupcolumn in the users table (the data is there, just not manageable)What is missing:
Backend:
IGroupRepositoryinterface (Application/Repositories/) with at least:GetByGuidAsync,ListAsync,CreateAsync,UpdateAsync,DeleteAsyncGetMembersAsync(Guid groupGuid)AddMemberAsync(Guid groupGuid, Guid userGuid, int priority)RemoveMemberAsync(Guid groupGuid, Guid userGuid)GroupRepositoryimplementation inInfrastructure/Persistence/PostgreSQL/Repositories/IGroupServiceandGroupServiceinApplication/Services//api/admin/groups(admin-only):GET /api/admin/groups— list all groupsPOST /api/admin/groups— create a groupDELETE /api/admin/groups/{name}— delete a groupGET /api/admin/groups/{name}/members— list membersPOST /api/admin/groups/{name}/members— add a user to a groupDELETE /api/admin/groups/{name}/members/{username}— remove a user from a groupIGroupRepositoryandIGroupServiceinHedgehogStartupExtensions.csFrontend (
):Admin.html"Create Group" form (name, description)"Groups" table in the admin grid alongside Users and Servers, showing name, description, member count, and a delete button"Manage Members" section or inline expansion — add/remove users from a group with priority inputConsistent style with the existing admin forms and tablesAcceptance Criteria
IGroupRepositoryandGroupRepositoryimplemented and registered in DIIGroupServiceandGroupServiceimplemented and registered in DI/api/admin/groupsendpoints working and protected byRequireRole("Admin")ON DELETE CASCADEalready defined in the schema)isAdmin = true)Notes
admingroup is special. Deleting theadmingroup should either be blocked or require a confirmation warning.user_groupsaffects which group is shown ashighestPriorityGroupin the users list — the UI should make this value editable when assigning a user to a group.IInMemoryStorecache entries (Account) when group membership changes, since groups are loaded as part of the account object.