fiddy/docs/02_PLAN.md

# 02_PLAN — Group Settings + Invite/Join System

This plan is the source of truth for the Group Settings system and related join/invite flows. Keep the full backlog intact; only add sub-tasks under existing items.

## (A) Backlog snapshot (all epics/tasks)

### Epic 1 — Roles, permissions, and invariants
1.1 Define `GROUP_OWNER` role and permission matrix (owner/admin/member).
- Status: completed

1.2 Define server-enforced invariants:
- Exactly 1 owner per group.
- Owner cannot be removed or leave without transfer.
- Admins optional; no lockout/privilege escalation.
- Status: completed

1.3 Decide admin abilities:
- Admins can approve join requests and create/revive invite links.
- Admins cannot change owner.
- Status: completed

### Epic 2 — DB schema + migrations
2.1 Add `GROUP_OWNER` role to `group_members` and migrate existing groups (first admin becomes owner).
- Status: completed

2.2 Add join settings to group settings:
- join policy: `NOT_ACCEPTING` (default) | `AUTO_ACCEPT` | `APPROVAL_REQUIRED`.
- Status: completed

2.3 Add invite link table and fields:
- Immutable settings: `single_use`, `policy`, `expires_at`.
- Mutable on revive: `used_at`, `revoked_at`, `expires_at`.
- Retain expired links; delete single-use links after use.
- Status: completed

2.4 Add audit log table for membership + invite actions.
- Include request_id, actor, group, event type, ip, user-agent.
- Store invite code last4 only.
- Status: completed

### Epic 3 — Server services (lib/server)
3.1 Ownership transfer rules (manual only; auto-transfer paused until cron).
- Status: completed

3.2 Membership management services:
- list members, approve/deny join, kick, leave, promote/demote.
- Status: completed

3.3 Invite link services:
- create/revoke/revive/list, enforce immutability and TTL (1–7 days).
- Status: completed

3.4 Audit logging helpers:
- API-generated request_id stored with events.
- Status: completed

### Epic 4 — API routes (app/api)
4.1 Group settings endpoints:
- rename group, update join policy.
- Status: completed

4.2 Membership endpoints:
- list members, approve/deny join, kick, leave, transfer ownership.
- Status: completed

4.3 Invite endpoints:
- create invite link, revoke, revive, list links.
- Status: completed

4.4 Audit endpoints (optional for UI):
- list recent audit events per group.
- Status: completed

### Epic 5 — Client wrappers + hooks
5.1 Client APIs for settings, members, invites, audit.
- Status: completed

5.2 Hooks for UI consumption:
- `use-group-members`, `use-group-settings`, `use-invites`, `use-audit`.
- Status: completed

### Epic 6 — UI: Group Settings page
6.1 Profile section: rename group (confirm modal).
- Status: completed

6.2 Members section:
- list members, approve/deny join requests.
- promote/demote, kick (confirm modal).
- Status: completed

6.3 Ownership section:
- transfer ownership (owner-only, confirm).
- Status: completed

6.4 Invite section:
- show invite code, generate link with 1–7 day TTL, policy, single-use.
- revoke/revive link, show status.
- Status: completed

6.5 Danger zone:
- delete group (typed confirm).
- Status: completed

### Epic 7 — Testing
7.1 Unit tests for permissions/invariants.
 Status: completed

 Status: completed
- Status: in-progress
 Status: not-started (requires UI test framework)
7.3 UI behavior tests for disabled actions + confirmations.
- Status: not-started

### Epic 8 — Documentation updates
8.1 Update project instructions with owner role, join policies, invite links, audit rules, paused cron.
- Status: completed

## (B) Current focus (detailed)

### Focus: Epic 7 — Testing
-- UI behavior tests pending framework selection.
-- Updated existing tests for owner role and cleanup of new tables.