From 4de336c0bdd018187de5654c58a0865b0d3d8494 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E8=91=9B=E9=94=90?= <gerui@geruideMacBook-Pro.local>
Date: Thu, 8 Jan 2026 14:26:07 +0800
Subject: [PATCH 01/38] feat:bug fix

---
 frontend/components/agent/AgentImportWizard.tsx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/frontend/components/agent/AgentImportWizard.tsx b/frontend/components/agent/AgentImportWizard.tsx
index 10e7b0899..6100bacb8 100644
--- a/frontend/components/agent/AgentImportWizard.tsx
+++ b/frontend/components/agent/AgentImportWizard.tsx
@@ -786,7 +786,7 @@ export default function AgentImportWizard({
       const result = await importAgent(importData, { forceImport: false });
       
       if (result.success) {
-        message.success(t("market.install.success", "Agent installed successfully!"));
+        // Parent component will show a success message; invalidate and notify parent
         queryClient.invalidateQueries({ queryKey: ["agents"] });
         onImportComplete?.();
         handleCancel(); // Close wizard after success

From ceab2628176955990c89a6f6c04f6a98677355d2 Mon Sep 17 00:00:00 2001
From: Jasonxia007 <iamjasonxia@126.com>
Date: Wed, 31 Dec 2025 11:12:27 +0800
Subject: [PATCH 02/38] =?UTF-8?q?=E2=99=BB=EF=B8=8F=20[WIP]=20User=20Manag?=
 =?UTF-8?q?ement=20Part1:=20Add=20database=20fields=20and=20db=20functions?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 backend/consts/exceptions.py                  |   6 +
 backend/database/db_models.py                 |  87 +++
 backend/database/group_db.py                  | 295 +++++++++
 backend/database/invitation_db.py             | 258 ++++++++
 backend/database/knowledge_db.py              |   4 +
 backend/database/role_permission_db.py        | 236 +++++++
 backend/database/tenant_config_db.py          |  16 +
 backend/database/tool_db.py                   |   2 +-
 backend/database/user_tenant_db.py            |  15 +-
 backend/utils/str_utils.py                    |  31 +
 ...0_1226_add_invitation_and_group_system.sql | 146 +++++
 test/backend/database/test_group_db.py        | 575 ++++++++++++++++++
 test/backend/database/test_invitation_db.py   | 513 ++++++++++++++++
 test/backend/database/test_knowledge_db.py    |  56 +-
 .../database/test_role_permission_db.py       | 467 ++++++++++++++
 test/backend/database/test_user_tenant_db.py  | 101 +--
 test/backend/utils/test_str_utils.py          |  33 +-
 17 files changed, 2789 insertions(+), 52 deletions(-)
 create mode 100644 backend/database/group_db.py
 create mode 100644 backend/database/invitation_db.py
 create mode 100644 backend/database/role_permission_db.py
 create mode 100644 docker/sql/v1.8.0_1226_add_invitation_and_group_system.sql
 create mode 100644 test/backend/database/test_group_db.py
 create mode 100644 test/backend/database/test_invitation_db.py
 create mode 100644 test/backend/database/test_role_permission_db.py

diff --git a/backend/consts/exceptions.py b/backend/consts/exceptions.py
index 068249998..815ed0eef 100644
--- a/backend/consts/exceptions.py
+++ b/backend/consts/exceptions.py
@@ -58,6 +58,12 @@ class TimeoutException(Exception):
     pass
 
 
+
+class ValidationError(Exception):
+    """Raised when validation fails."""
+    pass
+
+
 class NotFoundException(Exception):
     """Raised when not found exception occurs."""
     pass
diff --git a/backend/database/db_models.py b/backend/database/db_models.py
index 301dd64aa..3f1875de3 100644
--- a/backend/database/db_models.py
+++ b/backend/database/db_models.py
@@ -217,6 +217,7 @@ class AgentInfo(TableBase):
         Text, doc="Manually entered by the user to describe the entire business process")
     business_logic_model_name = Column(String(100), doc="Model name used for business logic prompt generation")
     business_logic_model_id = Column(Integer, doc="Model ID used for business logic prompt generation, foreign key reference to model_record_t.model_id")
+    group_ids = Column(String, doc="Agent group IDs list")
 
 
 class ToolInstance(TableBase):
@@ -251,6 +252,9 @@ class KnowledgeRecord(TableBase):
     knowledge_sources = Column(String(300), doc="Knowledge base sources")
     embedding_model_name = Column(String(200), doc="Embedding model name, used to record the embedding model used by the knowledge base")
     tenant_id = Column(String(100), doc="Tenant ID")
+    group_ids = Column(String, doc="Knowledge base group IDs list")
+    ingroup_permission = Column(
+        String(30), doc="In-group permission: EDIT, READ_ONLY, PRIVATE")
 
 
 class TenantConfig(TableBase):
@@ -322,6 +326,7 @@ class UserTenant(TableBase):
                             primary_key=True, nullable=False, doc="User tenant relationship ID, unique primary key")
     user_id = Column(String(100), nullable=False, doc="User ID")
     tenant_id = Column(String(100), nullable=False, doc="Tenant ID")
+    user_role = Column(String(30), doc="User role: SU, ADMIN, DEV, USER")
 
 
 class AgentRelation(TableBase):
@@ -355,3 +360,85 @@ class PartnerMappingId(TableBase):
         30), doc="Type of the external - internal mapping, value set: CONVERSATION")
     tenant_id = Column(String(100), doc="Tenant ID")
     user_id = Column(String(100), doc="User ID")
+
+
+class TenantInvitationCode(TableBase):
+    """
+    Tenant invitation code information table
+    """
+    __tablename__ = "tenant_invitation_code_t"
+    __table_args__ = {"schema": SCHEMA}
+
+    invitation_id = Column(Integer, Sequence("tenant_invitation_code_t_invitation_id_seq", schema=SCHEMA),
+                           primary_key=True, nullable=False, doc="Invitation ID, primary key")
+    tenant_id = Column(String(100), nullable=False,
+                       doc="Tenant ID, foreign key")
+    invitation_code = Column(String(100), nullable=False,
+                             unique=True, doc="Invitation code")
+    group_ids = Column(String, doc="Associated group IDs list")
+    capacity = Column(Integer, nullable=False, default=1,
+                      doc="Invitation code capacity")
+    expiry_date = Column(TIMESTAMP(timezone=False),
+                         doc="Invitation code expiry date")
+    status = Column(String(30), nullable=False,
+                    doc="Invitation code status: IN_USE, EXPIRE, DISABLE, RUN_OUT")
+    code_type = Column(String(30), nullable=False,
+                       doc="Invitation code type: ADMIN_INVITE, DEV_INVITE, USER_INVITE")
+
+
+class TenantInvitationRecord(TableBase):
+    """
+    Tenant invitation record table
+    """
+    __tablename__ = "tenant_invitation_record_t"
+    __table_args__ = {"schema": SCHEMA}
+
+    invitation_record_id = Column(Integer, Sequence("tenant_invitation_record_t_invitation_record_id_seq", schema=SCHEMA),
+                                  primary_key=True, nullable=False, doc="Invitation record ID, primary key")
+    invitation_id = Column(Integer, nullable=False,
+                           doc="Invitation ID, foreign key")
+    user_id = Column(String(100), nullable=False, doc="User ID")
+
+
+class TenantGroupInfo(TableBase):
+    """
+    Tenant group information table
+    """
+    __tablename__ = "tenant_group_info_t"
+    __table_args__ = {"schema": SCHEMA}
+
+    group_id = Column(Integer, Sequence("tenant_group_info_t_group_id_seq", schema=SCHEMA),
+                      primary_key=True, nullable=False, doc="Group ID, primary key")
+    tenant_id = Column(String(100), nullable=False,
+                       doc="Tenant ID, foreign key")
+    group_name = Column(String(100), nullable=False, doc="Group name")
+    group_description = Column(String(500), doc="Group description")
+
+
+class TenantGroupUser(TableBase):
+    """
+    Tenant group user membership table
+    """
+    __tablename__ = "tenant_group_user_t"
+    __table_args__ = {"schema": SCHEMA}
+
+    group_user_id = Column(Integer, Sequence("tenant_group_user_t_group_user_id_seq", schema=SCHEMA),
+                           primary_key=True, nullable=False, doc="Group user ID, primary key")
+    group_id = Column(Integer, nullable=False, doc="Group ID, foreign key")
+    user_id = Column(String(100), nullable=False, doc="User ID, foreign key")
+
+
+class RolePermission(TableBase):
+    """
+    Role permission configuration table
+    """
+    __tablename__ = "role_permission_t"
+    __table_args__ = {"schema": SCHEMA}
+
+    role_permission_id = Column(Integer, Sequence("role_permission_t_role_permission_id_seq", schema=SCHEMA),
+                                primary_key=True, nullable=False, doc="Role permission ID, primary key")
+    user_role = Column(String(30), nullable=False,
+                       doc="User role: SU, ADMIN, DEV, USER")
+    permission_category = Column(String(30), doc="Permission category")
+    permission_type = Column(String(30), doc="Permission type")
+    permission_subtype = Column(String(30), doc="Permission subtype")
diff --git a/backend/database/group_db.py b/backend/database/group_db.py
new file mode 100644
index 000000000..487d86715
--- /dev/null
+++ b/backend/database/group_db.py
@@ -0,0 +1,295 @@
+"""
+Database operations for group management
+"""
+from typing import Any, Dict, List, Optional, Union
+
+from database.client import as_dict, get_db_session
+from database.db_models import TenantGroupInfo, TenantGroupUser
+from utils.str_utils import convert_string_to_list
+
+
+def query_groups(group_id: Union[int, str, List[int]]) -> Union[Optional[Dict[str, Any]], List[Dict[str, Any]]]:
+    """
+    Query group(s) by group ID(s)
+
+    Args:
+        group_id: Group ID(s) - can be int, comma-separated string, or list of ints
+
+    Returns:
+        Single group dict if int provided, list of group dicts if string/list provided
+    """
+    # Convert input to list of integers
+    if isinstance(group_id, int):
+        group_ids = [group_id]
+        return_single = True
+    elif isinstance(group_id, str):
+        group_ids = convert_string_to_list(group_id)
+        return_single = False
+    elif isinstance(group_id, list):
+        group_ids = group_id
+        return_single = False
+    else:
+        raise ValueError("group_id must be int, str, or List[int]")
+
+    if not group_ids:
+        return [] if not return_single else None
+
+    with get_db_session() as session:
+        result = session.query(TenantGroupInfo).filter(
+            TenantGroupInfo.group_id.in_(group_ids),
+            TenantGroupInfo.delete_flag == "N"
+        ).all()
+
+        groups = [as_dict(record) for record in result]
+
+        # Return single result if single ID was provided
+        if return_single:
+            return groups[0] if groups else None
+        else:
+            return groups
+
+
+def query_groups_by_tenant(tenant_id: str) -> List[Dict[str, Any]]:
+    """
+    Query all groups for a tenant
+
+    Args:
+        tenant_id (str): Tenant ID
+
+    Returns:
+        List[Dict[str, Any]]: List of group records
+    """
+    with get_db_session() as session:
+        result = session.query(TenantGroupInfo).filter(
+            TenantGroupInfo.tenant_id == tenant_id,
+            TenantGroupInfo.delete_flag == "N"
+        ).all()
+
+        return [as_dict(record) for record in result]
+
+
+def add_group(tenant_id: str, group_name: str, group_description: Optional[str] = None,
+              created_by: Optional[str] = None) -> int:
+    """
+    Add a new group
+
+    Args:
+        tenant_id (str): Tenant ID
+        group_name (str): Group name
+        group_description (Optional[str]): Group description
+        created_by (Optional[str]): Created by user
+
+    Returns:
+        int: Created group ID
+    """
+    with get_db_session() as session:
+        group = TenantGroupInfo(
+            tenant_id=tenant_id,
+            group_name=group_name,
+            group_description=group_description,
+            created_by=created_by,
+            updated_by=created_by
+        )
+        session.add(group)
+        session.flush()  # To get the ID
+        return group.group_id
+
+
+def modify_group(group_id: int, updates: Dict[str, Any], updated_by: Optional[str] = None) -> bool:
+    """
+    Modify group information
+
+    Args:
+        group_id (int): Group ID
+        updates (Dict[str, Any]): Fields to update
+        updated_by (Optional[str]): Updated by user
+
+    Returns:
+        bool: Whether update was successful
+    """
+    with get_db_session() as session:
+        update_data = updates.copy()
+        if updated_by:
+            update_data["updated_by"] = updated_by
+
+        result = session.query(TenantGroupInfo).filter(
+            TenantGroupInfo.group_id == group_id,
+            TenantGroupInfo.delete_flag == "N"
+        ).update(update_data, synchronize_session=False)
+
+        return result > 0
+
+
+def remove_group(group_id: int, updated_by: Optional[str] = None) -> bool:
+    """
+    Remove group (soft delete)
+
+    Args:
+        group_id (int): Group ID
+        updated_by (Optional[str]): Updated by user
+
+    Returns:
+        bool: Whether removal was successful
+    """
+    with get_db_session() as session:
+        update_data: Dict[str, Any] = {"delete_flag": "Y"}
+        if updated_by:
+            update_data["updated_by"] = updated_by
+
+        result = session.query(TenantGroupInfo).filter(
+            TenantGroupInfo.group_id == group_id,
+            TenantGroupInfo.delete_flag == "N"
+        ).update(update_data, synchronize_session=False)
+
+        return result > 0
+
+
+def add_user_to_group(group_id: int, user_id: str, created_by: Optional[str] = None) -> int:
+    """
+    Add user to group
+
+    Args:
+        group_id (int): Group ID
+        user_id (str): User ID
+        created_by (Optional[str]): Created by user
+
+    Returns:
+        int: Created group user ID
+    """
+    with get_db_session() as session:
+        group_user = TenantGroupUser(
+            group_id=group_id,
+            user_id=user_id,
+            created_by=created_by,
+            updated_by=created_by
+        )
+        session.add(group_user)
+        session.flush()  # To get the ID
+        return group_user.group_user_id
+
+
+def remove_user_from_group(group_id: int, user_id: str, updated_by: Optional[str] = None) -> bool:
+    """
+    Remove user from group
+
+    Args:
+        group_id (int): Group ID
+        user_id (str): User ID
+        updated_by (Optional[str]): Updated by user
+
+    Returns:
+        bool: Whether removal was successful
+    """
+    with get_db_session() as session:
+        update_data: Dict[str, Any] = {"delete_flag": "Y"}
+        if updated_by:
+            update_data["updated_by"] = updated_by
+
+        result = session.query(TenantGroupUser).filter(
+            TenantGroupUser.group_id == group_id,
+            TenantGroupUser.user_id == user_id,
+            TenantGroupUser.delete_flag == "N"
+        ).update(update_data, synchronize_session=False)
+
+        return result > 0
+
+
+def query_group_users(group_id: int) -> List[Dict[str, Any]]:
+    """
+    Query all users in a group
+
+    Args:
+        group_id (int): Group ID
+
+    Returns:
+        List[Dict[str, Any]]: List of group user records
+    """
+    with get_db_session() as session:
+        result = session.query(TenantGroupUser).filter(
+            TenantGroupUser.group_id == group_id,
+            TenantGroupUser.delete_flag == "N"
+        ).all()
+
+        return [as_dict(record) for record in result]
+
+
+def query_group_ids_by_user(user_id: str) -> List[int]:
+    """
+    Query all group IDs for a user
+
+    Args:
+        user_id (str): User ID
+
+    Returns:
+        List[int]: List of group IDs
+    """
+    with get_db_session() as session:
+        result = session.query(TenantGroupUser.group_id).filter(
+            TenantGroupUser.user_id == user_id,
+            TenantGroupUser.delete_flag == "N"
+        ).all()
+
+        return [record[0] for record in result]
+
+
+def query_groups_by_user(user_id: str) -> List[Dict[str, Any]]:
+    """
+    Query all groups for a user
+
+    Args:
+        user_id (str): User ID
+
+    Returns:
+        List[Dict[str, Any]]: List of group records
+    """
+    with get_db_session() as session:
+        result = session.query(TenantGroupInfo).join(
+            TenantGroupUser,
+            TenantGroupInfo.group_id == TenantGroupUser.group_id
+        ).filter(
+            TenantGroupUser.user_id == user_id,
+            TenantGroupUser.delete_flag == "N",
+            TenantGroupInfo.delete_flag == "N"
+        ).all()
+
+        return [as_dict(record) for record in result]
+
+
+def check_user_in_group(user_id: str, group_id: int) -> bool:
+    """
+    Check if user is in a specific group
+
+    Args:
+        user_id (str): User ID
+        group_id (int): Group ID
+
+    Returns:
+        bool: Whether user is in the group
+    """
+    with get_db_session() as session:
+        result = session.query(TenantGroupUser).filter(
+            TenantGroupUser.group_id == group_id,
+            TenantGroupUser.user_id == user_id,
+            TenantGroupUser.delete_flag == "N"
+        ).first()
+
+        return result is not None
+
+
+def count_group_users(group_id: int) -> int:
+    """
+    Count users in a group
+
+    Args:
+        group_id (int): Group ID
+
+    Returns:
+        int: Number of users in the group
+    """
+    with get_db_session() as session:
+        result = session.query(TenantGroupUser).filter(
+            TenantGroupUser.group_id == group_id,
+            TenantGroupUser.delete_flag == "N"
+        ).count()
+
+        return result
diff --git a/backend/database/invitation_db.py b/backend/database/invitation_db.py
new file mode 100644
index 000000000..c9c71b30f
--- /dev/null
+++ b/backend/database/invitation_db.py
@@ -0,0 +1,258 @@
+"""
+Database operations for invitation code management
+"""
+from typing import Any, Dict, List, Optional
+
+from database.client import as_dict, get_db_session
+from database.db_models import TenantInvitationCode, TenantInvitationRecord
+from utils.str_utils import convert_list_to_string
+
+
+def query_invitation_by_code(invitation_code: str) -> Optional[Dict[str, Any]]:
+    """
+    Query invitation by invitation code
+
+    Args:
+        invitation_code (str): Invitation code
+
+    Returns:
+        Optional[Dict[str, Any]]: Invitation record
+    """
+    with get_db_session() as session:
+        result = session.query(TenantInvitationCode).filter(
+            TenantInvitationCode.invitation_code == invitation_code,
+            TenantInvitationCode.delete_flag == "N"
+        ).first()
+
+        if result:
+            return as_dict(result)
+        return None
+
+
+def query_invitation_by_id(invitation_id: int) -> Optional[Dict[str, Any]]:
+    """
+    Query invitation by ID
+
+    Args:
+        invitation_id (int): Invitation ID
+
+    Returns:
+        Optional[Dict[str, Any]]: Invitation record
+    """
+    with get_db_session() as session:
+        result = session.query(TenantInvitationCode).filter(
+            TenantInvitationCode.invitation_id == invitation_id,
+            TenantInvitationCode.delete_flag == "N"
+        ).first()
+
+        if result:
+            return as_dict(result)
+        return None
+
+
+def query_invitations_by_tenant(tenant_id: str) -> List[Dict[str, Any]]:
+    """
+    Query all invitations for a tenant
+
+    Args:
+        tenant_id (str): Tenant ID
+
+    Returns:
+        List[Dict[str, Any]]: List of invitation records
+    """
+    with get_db_session() as session:
+        result = session.query(TenantInvitationCode).filter(
+            TenantInvitationCode.tenant_id == tenant_id,
+            TenantInvitationCode.delete_flag == "N"
+        ).all()
+
+        return [as_dict(record) for record in result]
+
+
+def add_invitation(tenant_id: str, invitation_code: str, code_type: str, group_ids: Optional[List[int]] = None,
+                          capacity: int = 1, expiry_date: Optional[str] = None,
+                          status: str = "IN_USE", created_by: Optional[str] = None) -> int:
+    """
+    Add a new invitation
+
+    Args:
+        tenant_id (str): Tenant ID
+        invitation_code (str): Invitation code
+        code_type (str): Invitation code type (ADMIN_INVITE, DEV_INVITE, USER_INVITE)
+        group_ids (Optional[List[int]]): Associated group IDs
+        capacity (int): Invitation capacity
+        expiry_date (Optional[str]): Expiry date
+        status (str): Status
+        created_by (Optional[str]): Created by user
+
+    Returns:
+        int: Created invitation ID
+    """
+    with get_db_session() as session:
+        invitation = TenantInvitationCode(
+            tenant_id=tenant_id,
+            invitation_code=invitation_code,
+            code_type=code_type,
+            group_ids=convert_list_to_string(group_ids),
+            capacity=capacity,
+            expiry_date=expiry_date,
+            status=status,
+            created_by=created_by,
+            updated_by=created_by
+        )
+        session.add(invitation)
+        session.flush()  # To get the ID
+        return invitation.invitation_id
+
+
+def modify_invitation(invitation_id: int, updates: Dict[str, Any], updated_by: Optional[str] = None) -> bool:
+    """
+    Modify invitation
+
+    Args:
+        invitation_id (int): Invitation ID
+        updates (Dict[str, Any]): Fields to update
+        updated_by (Optional[str]): Updated by user
+
+    Returns:
+        bool: Whether update was successful
+    """
+    with get_db_session() as session:
+        update_data = updates.copy()
+        if updated_by:
+            update_data["updated_by"] = updated_by
+
+        # Convert group_ids list to string if present
+        if "group_ids" in update_data and isinstance(update_data["group_ids"], list):
+            update_data["group_ids"] = convert_list_to_string(update_data["group_ids"])
+
+        result = session.query(TenantInvitationCode).filter(
+            TenantInvitationCode.invitation_id == invitation_id,
+            TenantInvitationCode.delete_flag == "N"
+        ).update(update_data, synchronize_session=False)
+
+        return result > 0
+
+
+def remove_invitation(invitation_id: int, updated_by: Optional[str] = None) -> bool:
+    """
+    Remove invitation (soft delete)
+
+    Args:
+        invitation_id (int): Invitation ID
+        updated_by (Optional[str]): Updated by user
+
+    Returns:
+        bool: Whether removal was successful
+    """
+    with get_db_session() as session:
+        update_data: Dict[str, Any] = {"delete_flag": "Y"}
+        if updated_by:
+            update_data["updated_by"] = updated_by
+
+        result = session.query(TenantInvitationCode).filter(
+            TenantInvitationCode.invitation_id == invitation_id,
+            TenantInvitationCode.delete_flag == "N"
+        ).update(update_data, synchronize_session=False)
+
+        return result > 0
+
+
+def query_invitation_records(invitation_id: int) -> List[Dict[str, Any]]:
+    """
+    Query invitation records by invitation ID
+
+    Args:
+        invitation_id (int): Invitation ID
+
+    Returns:
+        List[Dict[str, Any]]: List of invitation records
+    """
+    with get_db_session() as session:
+        result = session.query(TenantInvitationRecord).filter(
+            TenantInvitationRecord.invitation_id == invitation_id,
+            TenantInvitationRecord.delete_flag == "N"
+        ).all()
+
+        return [as_dict(record) for record in result]
+
+
+def add_invitation_record(invitation_id: int, user_id: str, created_by: Optional[str] = None) -> int:
+    """
+    Add invitation usage record
+
+    Args:
+        invitation_id (int): Invitation ID
+        user_id (str): User ID
+        created_by (Optional[str]): Created by user
+
+    Returns:
+        int: Created invitation record ID
+    """
+    with get_db_session() as session:
+        record = TenantInvitationRecord(
+            invitation_id=invitation_id,
+            user_id=user_id,
+            created_by=created_by,
+            updated_by=created_by
+        )
+        session.add(record)
+        session.flush()  # To get the ID
+        return record.invitation_record_id
+
+
+def query_invitation_records_by_user(user_id: str) -> List[Dict[str, Any]]:
+    """
+    Query invitation records by user ID
+
+    Args:
+        user_id (str): User ID
+
+    Returns:
+        List[Dict[str, Any]]: List of invitation records
+    """
+    with get_db_session() as session:
+        result = session.query(TenantInvitationRecord).filter(
+            TenantInvitationRecord.user_id == user_id,
+            TenantInvitationRecord.delete_flag == "N"
+        ).all()
+
+        return [as_dict(record) for record in result]
+
+
+def count_invitation_usage(invitation_id: int) -> int:
+    """
+    Count usage for an invitation code
+
+    Args:
+        invitation_id (int): Invitation ID
+
+    Returns:
+        int: Number of times the invitation has been used
+    """
+    with get_db_session() as session:
+        result = session.query(TenantInvitationRecord).filter(
+            TenantInvitationRecord.invitation_id == invitation_id,
+            TenantInvitationRecord.delete_flag == "N"
+        ).count()
+
+        return result
+
+
+def query_invitation_status(invitation_code: str) -> Optional[str]:
+    """
+    Query invitation status
+
+    Args:
+        invitation_code (str): Invitation code
+
+    Returns:
+        Optional[str]: Invitation status if exists, None otherwise
+    """
+    with get_db_session() as session:
+        invitation = session.query(TenantInvitationCode).filter(
+            TenantInvitationCode.invitation_code == invitation_code,
+            TenantInvitationCode.delete_flag == "N"
+        ).first()
+
+        return invitation.status if invitation else None
diff --git a/backend/database/knowledge_db.py b/backend/database/knowledge_db.py
index 6faccdafa..f270cf7bf 100644
--- a/backend/database/knowledge_db.py
+++ b/backend/database/knowledge_db.py
@@ -6,6 +6,7 @@
 
 from database.client import as_dict, get_db_session
 from database.db_models import KnowledgeRecord
+from utils.str_utils import convert_list_to_string
 
 
 def _generate_index_name(knowledge_id: int) -> str:
@@ -40,6 +41,7 @@ def create_knowledge_record(query: Dict[str, Any]) -> Dict[str, Any]:
                 "knowledge_name") or query.get("index_name")
 
             # Prepare data dictionary
+            group_ids = query.get("group_ids")
             data: Dict[str, Any] = {
                 "knowledge_describe": query.get("knowledge_describe", ""),
                 "created_by": query.get("user_id"),
@@ -48,6 +50,8 @@ def create_knowledge_record(query: Dict[str, Any]) -> Dict[str, Any]:
                 "tenant_id": query.get("tenant_id"),
                 "embedding_model_name": query.get("embedding_model_name"),
                 "knowledge_name": knowledge_name,
+                "group_ids": convert_list_to_string(group_ids) if isinstance(group_ids, list) else group_ids,
+                "ingroup_permission": query.get("ingroup_permission"),
             }
 
             # For backward compatibility: if caller explicitly provides index_name,
diff --git a/backend/database/role_permission_db.py b/backend/database/role_permission_db.py
new file mode 100644
index 000000000..71714430b
--- /dev/null
+++ b/backend/database/role_permission_db.py
@@ -0,0 +1,236 @@
+"""
+Database operations for role permission management
+"""
+from typing import Any, Dict, List, Optional
+
+from database.client import as_dict, get_db_session
+from database.db_models import RolePermission
+
+
+def get_role_permissions(user_role: str) -> List[Dict[str, Any]]:
+    """
+    Get all permissions for a user role
+
+    Args:
+        user_role (str): User role (SU, ADMIN, DEV, USER)
+
+    Returns:
+        List[Dict[str, Any]]: List of role permission records
+    """
+    with get_db_session() as session:
+        result = session.query(RolePermission).filter(
+            RolePermission.user_role == user_role,
+            RolePermission.delete_flag == "N"
+        ).all()
+
+        return [as_dict(record) for record in result]
+
+
+def get_all_role_permissions() -> List[Dict[str, Any]]:
+    """
+    Get all role permissions
+
+    Returns:
+        List[Dict[str, Any]]: List of all role permission records
+    """
+    with get_db_session() as session:
+        result = session.query(RolePermission).filter(
+            RolePermission.delete_flag == "N"
+        ).all()
+
+        return [as_dict(record) for record in result]
+
+
+def create_role_permission(user_role: str, permission_category: Optional[str] = None,
+                          permission_type: Optional[str] = None, permission_subtype: Optional[str] = None,
+                          created_by: Optional[str] = None) -> int:
+    """
+    Create a new role permission
+
+    Args:
+        user_role (str): User role
+        permission_category (Optional[str]): Permission category
+        permission_type (Optional[str]): Permission type
+        permission_subtype (Optional[str]): Permission subtype
+        created_by (Optional[str]): Created by user
+
+    Returns:
+        int: Created role permission ID
+    """
+    with get_db_session() as session:
+        permission = RolePermission(
+            user_role=user_role,
+            permission_category=permission_category,
+            permission_type=permission_type,
+            permission_subtype=permission_subtype,
+            created_by=created_by,
+            updated_by=created_by
+        )
+        session.add(permission)
+        session.flush()  # To get the ID
+        return permission.role_permission_id
+
+
+def update_role_permission(role_permission_id: int, updates: Dict[str, Any],
+                          updated_by: Optional[str] = None) -> bool:
+    """
+    Update role permission
+
+    Args:
+        role_permission_id (int): Role permission ID
+        updates (Dict[str, Any]): Fields to update
+        updated_by (Optional[str]): Updated by user
+
+    Returns:
+        bool: Whether update was successful
+    """
+    with get_db_session() as session:
+        update_data = updates.copy()
+        if updated_by:
+            update_data["updated_by"] = updated_by
+
+        result = session.query(RolePermission).filter(
+            RolePermission.role_permission_id == role_permission_id,
+            RolePermission.delete_flag == "N"
+        ).update(update_data, synchronize_session=False)
+
+        return result > 0
+
+
+def soft_delete_role_permission(role_permission_id: int, updated_by: Optional[str] = None) -> bool:
+    """
+    Soft delete role permission
+
+    Args:
+        role_permission_id (int): Role permission ID
+        updated_by (Optional[str]): Updated by user
+
+    Returns:
+        bool: Whether deletion was successful
+    """
+    with get_db_session() as session:
+        update_data: Dict[str, Any] = {"delete_flag": "Y"}
+        if updated_by:
+            update_data["updated_by"] = updated_by
+
+        result = session.query(RolePermission).filter(
+            RolePermission.role_permission_id == role_permission_id,
+            RolePermission.delete_flag == "N"
+        ).update(update_data, synchronize_session=False)
+
+        return result > 0
+
+
+def delete_role_permissions_by_role(user_role: str, updated_by: Optional[str] = None) -> int:
+    """
+    Delete all permissions for a user role
+
+    Args:
+        user_role (str): User role
+        updated_by (Optional[str]): Updated by user
+
+    Returns:
+        int: Number of deleted permissions
+    """
+    with get_db_session() as session:
+        update_data: Dict[str, Any] = {"delete_flag": "Y"}
+        if updated_by:
+            update_data["updated_by"] = updated_by
+
+        result = session.query(RolePermission).filter(
+            RolePermission.user_role == user_role,
+            RolePermission.delete_flag == "N"
+        ).update(update_data, synchronize_session=False)
+
+        return result
+
+
+def check_role_permission(user_role: str, permission_category: Optional[str] = None,
+                         permission_type: Optional[str] = None, permission_subtype: Optional[str] = None) -> bool:
+    """
+    Check if a role has specific permission
+
+    Args:
+        user_role (str): User role
+        permission_category (Optional[str]): Permission category
+        permission_type (Optional[str]): Permission type
+        permission_subtype (Optional[str]): Permission subtype
+
+    Returns:
+        bool: Whether the role has the permission
+    """
+    with get_db_session() as session:
+        query = session.query(RolePermission).filter(
+            RolePermission.user_role == user_role,
+            RolePermission.delete_flag == "N"
+        )
+
+        if permission_category:
+            query = query.filter(RolePermission.permission_category == permission_category)
+        if permission_type:
+            query = query.filter(RolePermission.permission_type == permission_type)
+        if permission_subtype:
+            query = query.filter(RolePermission.permission_subtype == permission_subtype)
+
+        result = query.first()
+        return result is not None
+
+
+def get_permissions_by_category(permission_category: str) -> List[Dict[str, Any]]:
+    """
+    Get all permissions for a specific category
+
+    Args:
+        permission_category (str): Permission category
+
+    Returns:
+        List[Dict[str, Any]]: List of role permission records
+    """
+    with get_db_session() as session:
+        result = session.query(RolePermission).filter(
+            RolePermission.permission_category == permission_category,
+            RolePermission.delete_flag == "N"
+        ).all()
+
+        return [as_dict(record) for record in result]
+
+
+def initialize_default_permissions() -> None:
+    """
+    Initialize default role permissions
+    This should be called during system setup
+    """
+    default_permissions = [
+        # SUPER_ADMIN permissions (SU)
+        {"user_role": "SU", "permission_category": "SYSTEM", "permission_type": "ALL", "permission_subtype": "FULL_ACCESS"},
+        # ADMIN permissions
+        {"user_role": "ADMIN", "permission_category": "USER_MANAGEMENT", "permission_type": "USER", "permission_subtype": "CRUD"},
+        {"user_role": "ADMIN", "permission_category": "GROUP_MANAGEMENT", "permission_type": "GROUP", "permission_subtype": "CRUD"},
+        {"user_role": "ADMIN", "permission_category": "KNOWLEDGE_BASE", "permission_type": "KNOWLEDGE", "permission_subtype": "CRUD"},
+        {"user_role": "ADMIN", "permission_category": "AGENT_MANAGEMENT", "permission_type": "AGENT", "permission_subtype": "CRUD"},
+        {"user_role": "ADMIN", "permission_category": "INVITATION_MANAGEMENT", "permission_type": "INVITATION", "permission_subtype": "CRUD"},
+        # DEV permissions
+        {"user_role": "DEV", "permission_category": "KNOWLEDGE_BASE", "permission_type": "KNOWLEDGE", "permission_subtype": "READ"},
+        {"user_role": "DEV", "permission_category": "KNOWLEDGE_BASE", "permission_type": "KNOWLEDGE", "permission_subtype": "CREATE"},
+        {"user_role": "DEV", "permission_category": "AGENT_MANAGEMENT", "permission_type": "AGENT", "permission_subtype": "READ"},
+        {"user_role": "DEV", "permission_category": "AGENT_MANAGEMENT", "permission_type": "AGENT", "permission_subtype": "CREATE"},
+        # USER permissions
+        {"user_role": "USER", "permission_category": "KNOWLEDGE_BASE", "permission_type": "KNOWLEDGE", "permission_subtype": "READ"},
+        {"user_role": "USER", "permission_category": "AGENT_MANAGEMENT", "permission_type": "AGENT", "permission_subtype": "READ"},
+    ]
+
+    for permission in default_permissions:
+        # Check if permission already exists
+        if not check_role_permission(
+            user_role=permission["user_role"],
+            permission_category=permission["permission_category"],
+            permission_type=permission["permission_type"],
+            permission_subtype=permission["permission_subtype"]
+        ):
+            create_role_permission(
+                user_role=permission["user_role"],
+                permission_category=permission["permission_category"],
+                permission_type=permission["permission_type"],
+                permission_subtype=permission["permission_subtype"],
+                created_by="SYSTEM"
+            )
diff --git a/backend/database/tenant_config_db.py b/backend/database/tenant_config_db.py
index 2c97df457..fd4389e17 100644
--- a/backend/database/tenant_config_db.py
+++ b/backend/database/tenant_config_db.py
@@ -137,3 +137,19 @@ def update_config_by_tenant_config_id_and_data(tenant_config_id: int, insert_dat
             session.rollback()
             logger.error(f"update config by tenant config id and data failed, error: {e}")
             return False
+
+
+def get_all_tenant_ids():
+    """
+    Get all tenant IDs that have tenant configurations
+
+    Returns:
+        List[str]: List of tenant IDs
+    """
+    with get_db_session() as session:
+        result = session.query(TenantConfig.tenant_id).filter(
+            TenantConfig.config_key == "TENANT_NAME",
+            TenantConfig.delete_flag == "N"
+        ).distinct().all()
+
+        return [row[0] for row in result]
diff --git a/backend/database/tool_db.py b/backend/database/tool_db.py
index edc256fde..ff9c1488c 100644
--- a/backend/database/tool_db.py
+++ b/backend/database/tool_db.py
@@ -182,7 +182,7 @@ def search_tools_for_sub_agent(agent_id, tenant_id):
             ToolInstance.agent_id == agent_id,
             ToolInstance.tenant_id == tenant_id,
             ToolInstance.delete_flag != 'Y',
-            ToolInstance.enabled == True
+            ToolInstance.enabled
         )
 
         tool_instances = query.all()
diff --git a/backend/database/user_tenant_db.py b/backend/database/user_tenant_db.py
index 16c8c0928..960b38855 100644
--- a/backend/database/user_tenant_db.py
+++ b/backend/database/user_tenant_db.py
@@ -1,11 +1,12 @@
 """
 Database operations for user tenant relationship management
 """
-from typing import Any, Dict, Optional
+from typing import Any, List, Dict, Optional
 
 from consts.const import DEFAULT_TENANT_ID
 from database.client import as_dict, get_db_session
 from database.db_models import UserTenant
+from utils.str_utils import convert_list_to_string
 
 
 def get_user_tenant_by_user_id(user_id: str) -> Optional[Dict[str, Any]]:
@@ -32,7 +33,7 @@ def get_user_tenant_by_user_id(user_id: str) -> Optional[Dict[str, Any]]:
 def get_all_tenant_ids() -> list[str]:
     """
     Get all unique tenant IDs from the database
-    
+
     Returns:
         list[str]: List of unique tenant IDs
     """
@@ -40,28 +41,30 @@ def get_all_tenant_ids() -> list[str]:
         result = session.query(UserTenant.tenant_id).filter(
             UserTenant.delete_flag == "N"
         ).distinct().all()
-        
+
         tenant_ids = [row[0] for row in result]
-        
+
         # Add default tenant_id if not already in the list
         if DEFAULT_TENANT_ID not in tenant_ids:
             tenant_ids.append(DEFAULT_TENANT_ID)
-        
+
         return tenant_ids
 
 
-def insert_user_tenant(user_id: str, tenant_id: str):
+def insert_user_tenant(user_id: str, tenant_id: str, user_role: str = "USER"):
     """
     Insert user tenant relationship
 
     Args:
         user_id (str): User ID
         tenant_id (str): Tenant ID
+        user_role (str): User role (SUPER_ADMIN, ADMIN, DEV, USER)
     """
     with get_db_session() as session:
         user_tenant = UserTenant(
             user_id=user_id,
             tenant_id=tenant_id,
+            user_role=user_role,
             created_by=user_id,
             updated_by=user_id
         )
diff --git a/backend/utils/str_utils.py b/backend/utils/str_utils.py
index a20b4e4b7..dc7887595 100644
--- a/backend/utils/str_utils.py
+++ b/backend/utils/str_utils.py
@@ -1,4 +1,5 @@
 import re
+from typing import List, Optional
 
 
 def remove_think_blocks(text: str) -> str:
@@ -6,3 +7,33 @@ def remove_think_blocks(text: str) -> str:
     if not text:
         return text
     return re.sub(r"(?:<think>)?.*?</think>", "", text, flags=re.DOTALL | re.IGNORECASE)
+
+
+def convert_list_to_string(items: Optional[List[int]]) -> str:
+    """
+    Convert list of integers to comma-separated string for database storage
+
+    Args:
+        items: List of integers or None
+
+    Returns:
+        Comma-separated string, empty string if None
+    """
+    if items is None:
+        return ""
+    return ",".join(str(item) for item in items)
+
+
+def convert_string_to_list(items_str: Optional[str]) -> List[int]:
+    """
+    Convert comma-separated string to list of integers for processing
+
+    Args:
+        items_str: Comma-separated string or None
+
+    Returns:
+        List of integers, empty list if None or empty string
+    """
+    if not items_str or items_str.strip() == "":
+        return []
+    return [int(item.strip()) for item in items_str.split(",") if item.strip().isdigit()]
diff --git a/docker/sql/v1.8.0_1226_add_invitation_and_group_system.sql b/docker/sql/v1.8.0_1226_add_invitation_and_group_system.sql
new file mode 100644
index 000000000..a8376162c
--- /dev/null
+++ b/docker/sql/v1.8.0_1226_add_invitation_and_group_system.sql
@@ -0,0 +1,146 @@
+-- Add invitation code and group management system
+-- This migration adds invitation codes, groups, and permission management features
+
+-- 1. Create tenant_invitation_code_t table for invitation codes
+CREATE TABLE IF NOT EXISTS nexent.tenant_invitation_code_t (
+    invitation_id SERIAL PRIMARY KEY,
+    tenant_id VARCHAR(100) NOT NULL,
+    invitation_code VARCHAR(100) NOT NULL,
+    group_ids VARCHAR, -- int4 list
+    capacity INT4 NOT NULL DEFAULT 1,
+    expiry_date TIMESTAMP(6) WITHOUT TIME ZONE,
+    status VARCHAR(30) NOT NULL,
+    code_type VARCHAR(30) NOT NULL,
+    create_time TIMESTAMP(6) WITHOUT TIME ZONE DEFAULT NOW(),
+    update_time TIMESTAMP(6) WITHOUT TIME ZONE DEFAULT NOW(),
+    created_by VARCHAR(100),
+    updated_by VARCHAR(100),
+    delete_flag VARCHAR(1) DEFAULT 'N'
+);
+
+-- Add comments for tenant_invitation_code_t table
+COMMENT ON TABLE nexent.tenant_invitation_code_t IS 'Tenant invitation code information table';
+COMMENT ON COLUMN nexent.tenant_invitation_code_t.invitation_id IS 'Invitation ID, primary key';
+COMMENT ON COLUMN nexent.tenant_invitation_code_t.tenant_id IS 'Tenant ID, foreign key';
+COMMENT ON COLUMN nexent.tenant_invitation_code_t.invitation_code IS 'Invitation code';
+COMMENT ON COLUMN nexent.tenant_invitation_code_t.group_ids IS 'Associated group IDs list';
+COMMENT ON COLUMN nexent.tenant_invitation_code_t.capacity IS 'Invitation code capacity';
+COMMENT ON COLUMN nexent.tenant_invitation_code_t.expiry_date IS 'Invitation code expiry date';
+COMMENT ON COLUMN nexent.tenant_invitation_code_t.status IS 'Invitation code status: IN_USE, EXPIRE, DISABLE, RUN_OUT';
+COMMENT ON COLUMN nexent.tenant_invitation_code_t.code_type IS 'Invitation code type: ADMIN_INVITE, DEV_INVITE, USER_INVITE';
+COMMENT ON COLUMN nexent.tenant_invitation_code_t.create_time IS 'Create time';
+COMMENT ON COLUMN nexent.tenant_invitation_code_t.update_time IS 'Update time';
+COMMENT ON COLUMN nexent.tenant_invitation_code_t.created_by IS 'Created by';
+COMMENT ON COLUMN nexent.tenant_invitation_code_t.updated_by IS 'Updated by';
+COMMENT ON COLUMN nexent.tenant_invitation_code_t.delete_flag IS 'Delete flag, Y/N';
+
+-- 2. Create tenant_invitation_record_t table for invitation usage records
+CREATE TABLE IF NOT EXISTS nexent.tenant_invitation_record_t (
+    invitation_record_id SERIAL PRIMARY KEY,
+    invitation_id INT4 NOT NULL,
+    user_id VARCHAR(100) NOT NULL,
+    create_time TIMESTAMP(6) WITHOUT TIME ZONE DEFAULT NOW(),
+    update_time TIMESTAMP(6) WITHOUT TIME ZONE DEFAULT NOW(),
+    created_by VARCHAR(100),
+    updated_by VARCHAR(100),
+    delete_flag VARCHAR(1) DEFAULT 'N'
+);
+
+-- Add comments for tenant_invitation_record_t table
+COMMENT ON TABLE nexent.tenant_invitation_record_t IS 'Tenant invitation record table';
+COMMENT ON COLUMN nexent.tenant_invitation_record_t.invitation_record_id IS 'Invitation record ID, primary key';
+COMMENT ON COLUMN nexent.tenant_invitation_record_t.invitation_id IS 'Invitation ID, foreign key';
+COMMENT ON COLUMN nexent.tenant_invitation_record_t.user_id IS 'User ID';
+COMMENT ON COLUMN nexent.tenant_invitation_record_t.create_time IS 'Create time';
+COMMENT ON COLUMN nexent.tenant_invitation_record_t.update_time IS 'Update time';
+COMMENT ON COLUMN nexent.tenant_invitation_record_t.created_by IS 'Created by';
+COMMENT ON COLUMN nexent.tenant_invitation_record_t.updated_by IS 'Updated by';
+COMMENT ON COLUMN nexent.tenant_invitation_record_t.delete_flag IS 'Delete flag, Y/N';
+
+-- 3. Create tenant_group_info_t table for group information
+CREATE TABLE IF NOT EXISTS nexent.tenant_group_info_t (
+    group_id SERIAL PRIMARY KEY,
+    tenant_id VARCHAR(100) NOT NULL,
+    group_name VARCHAR(100) NOT NULL,
+    group_description VARCHAR(500),
+    create_time TIMESTAMP(6) WITHOUT TIME ZONE DEFAULT NOW(),
+    update_time TIMESTAMP(6) WITHOUT TIME ZONE DEFAULT NOW(),
+    created_by VARCHAR(100),
+    updated_by VARCHAR(100),
+    delete_flag VARCHAR(1) DEFAULT 'N'
+);
+
+-- Add comments for tenant_group_info_t table
+COMMENT ON TABLE nexent.tenant_group_info_t IS 'Tenant group information table';
+COMMENT ON COLUMN nexent.tenant_group_info_t.group_id IS 'Group ID, primary key';
+COMMENT ON COLUMN nexent.tenant_group_info_t.tenant_id IS 'Tenant ID, foreign key';
+COMMENT ON COLUMN nexent.tenant_group_info_t.group_name IS 'Group name';
+COMMENT ON COLUMN nexent.tenant_group_info_t.group_description IS 'Group description';
+COMMENT ON COLUMN nexent.tenant_group_info_t.create_time IS 'Create time';
+COMMENT ON COLUMN nexent.tenant_group_info_t.update_time IS 'Update time';
+COMMENT ON COLUMN nexent.tenant_group_info_t.created_by IS 'Created by';
+COMMENT ON COLUMN nexent.tenant_group_info_t.updated_by IS 'Updated by';
+COMMENT ON COLUMN nexent.tenant_group_info_t.delete_flag IS 'Delete flag, Y/N';
+
+-- 4. Create tenant_group_user_t table for group user membership
+CREATE TABLE IF NOT EXISTS nexent.tenant_group_user_t (
+    group_user_id SERIAL PRIMARY KEY,
+    group_id INT4 NOT NULL,
+    user_id VARCHAR(100) NOT NULL,
+    create_time TIMESTAMP(6) WITHOUT TIME ZONE DEFAULT NOW(),
+    update_time TIMESTAMP(6) WITHOUT TIME ZONE DEFAULT NOW(),
+    created_by VARCHAR(100),
+    updated_by VARCHAR(100),
+    delete_flag VARCHAR(1) DEFAULT 'N'
+);
+
+-- Add comments for tenant_group_user_t table
+COMMENT ON TABLE nexent.tenant_group_user_t IS 'Tenant group user membership table';
+COMMENT ON COLUMN nexent.tenant_group_user_t.group_user_id IS 'Group user ID, primary key';
+COMMENT ON COLUMN nexent.tenant_group_user_t.group_id IS 'Group ID, foreign key';
+COMMENT ON COLUMN nexent.tenant_group_user_t.user_id IS 'User ID, foreign key';
+COMMENT ON COLUMN nexent.tenant_group_user_t.create_time IS 'Create time';
+COMMENT ON COLUMN nexent.tenant_group_user_t.update_time IS 'Update time';
+COMMENT ON COLUMN nexent.tenant_group_user_t.created_by IS 'Created by';
+COMMENT ON COLUMN nexent.tenant_group_user_t.updated_by IS 'Updated by';
+COMMENT ON COLUMN nexent.tenant_group_user_t.delete_flag IS 'Delete flag, Y/N';
+
+-- 5. Add fields to user_tenant_t table
+ALTER TABLE nexent.user_tenant_t
+ADD COLUMN IF NOT EXISTS user_role VARCHAR(30);
+
+-- Add comments for new fields in user_tenant_t table
+COMMENT ON COLUMN nexent.user_tenant_t.user_role IS 'User role: SU, ADMIN, DEV, USER';
+
+-- 6. Create role_permission_t table for role permissions
+CREATE TABLE IF NOT EXISTS nexent.role_permission_t (
+    role_permission_id SERIAL PRIMARY KEY,
+    user_role VARCHAR(30) NOT NULL,
+    permission_category VARCHAR(30),
+    permission_type VARCHAR(30),
+    permission_subtype VARCHAR(30)
+);
+
+-- Add comments for role_permission_t table
+COMMENT ON TABLE nexent.role_permission_t IS 'Role permission configuration table';
+COMMENT ON COLUMN nexent.role_permission_t.role_permission_id IS 'Role permission ID, primary key';
+COMMENT ON COLUMN nexent.role_permission_t.user_role IS 'User role: SU, ADMIN, DEV, USER';
+COMMENT ON COLUMN nexent.role_permission_t.permission_category IS 'Permission category';
+COMMENT ON COLUMN nexent.role_permission_t.permission_type IS 'Permission type';
+COMMENT ON COLUMN nexent.role_permission_t.permission_subtype IS 'Permission subtype';
+
+-- 7. Add fields to knowledge_record_t table
+ALTER TABLE nexent.knowledge_record_t
+ADD COLUMN IF NOT EXISTS group_ids VARCHAR, -- int4 list
+ADD COLUMN IF NOT EXISTS ingroup_permission VARCHAR(30);
+
+-- Add comments for new fields in knowledge_record_t table
+COMMENT ON COLUMN nexent.knowledge_record_t.group_ids IS 'Knowledge base group IDs list';
+COMMENT ON COLUMN nexent.knowledge_record_t.ingroup_permission IS 'In-group permission: EDIT, READ_ONLY, PRIVATE';
+
+-- 8. Add fields to ag_tenant_agent_t table
+ALTER TABLE nexent.ag_tenant_agent_t
+ADD COLUMN IF NOT EXISTS group_ids VARCHAR; -- int4 list
+
+-- Add comments for new fields in ag_tenant_agent_t table
+COMMENT ON COLUMN nexent.ag_tenant_agent_t.group_ids IS 'Agent group IDs list';
diff --git a/test/backend/database/test_group_db.py b/test/backend/database/test_group_db.py
new file mode 100644
index 000000000..e76de74c5
--- /dev/null
+++ b/test/backend/database/test_group_db.py
@@ -0,0 +1,575 @@
+import sys
+import os
+sys.path.insert(0, os.path.join(os.path.dirname(__file__), "../../.."))
+
+import pytest
+from unittest.mock import MagicMock
+
+# First mock the consts module to avoid ModuleNotFoundError
+consts_mock = MagicMock()
+consts_mock.const = MagicMock()
+# Set required constants in consts.const
+consts_mock.const.MINIO_ENDPOINT = "http://localhost:9000"
+consts_mock.const.MINIO_ACCESS_KEY = "test_access_key"
+consts_mock.const.MINIO_SECRET_KEY = "test_secret_key"
+consts_mock.const.MINIO_REGION = "us-east-1"
+consts_mock.const.MINIO_DEFAULT_BUCKET = "test-bucket"
+consts_mock.const.POSTGRES_HOST = "localhost"
+consts_mock.const.POSTGRES_USER = "test_user"
+consts_mock.const.NEXENT_POSTGRES_PASSWORD = "test_password"
+consts_mock.const.POSTGRES_DB = "test_db"
+consts_mock.const.POSTGRES_PORT = 5432
+consts_mock.const.DEFAULT_TENANT_ID = "default_tenant"
+
+# Add the mocked consts module to sys.modules
+sys.modules['consts'] = consts_mock
+sys.modules['consts.const'] = consts_mock.const
+
+# Mock utils module
+utils_mock = MagicMock()
+utils_mock.auth_utils = MagicMock()
+utils_mock.auth_utils.get_current_user_id_from_token = MagicMock(return_value="test_user_id")
+
+# Mock str_utils module
+str_utils_mock = MagicMock()
+
+
+def mock_convert_string_to_list(s):
+    """Mock implementation of convert_string_to_list that converts comma-separated string to int list"""
+    if isinstance(s, str) and s:
+        return [int(x.strip()) for x in s.split(',') if x.strip()]
+    return []
+
+
+str_utils_mock.convert_string_to_list = mock_convert_string_to_list
+utils_mock.str_utils = str_utils_mock
+
+# Add the mocked utils module to sys.modules
+sys.modules['utils'] = utils_mock
+sys.modules['utils.auth_utils'] = utils_mock.auth_utils
+sys.modules['utils.str_utils'] = str_utils_mock
+
+# Provide a stub for the `boto3` module so that it can be imported safely even
+# if the testing environment does not have it available.
+boto3_mock = MagicMock()
+sys.modules['boto3'] = boto3_mock
+
+# Mock the entire client module
+client_mock = MagicMock()
+client_mock.MinioClient = MagicMock()
+client_mock.PostgresClient = MagicMock()
+client_mock.db_client = MagicMock()
+client_mock.get_db_session = MagicMock()
+client_mock.as_dict = MagicMock()
+client_mock.filter_property = MagicMock()
+
+# Add the mocked client module to sys.modules
+sys.modules['database.client'] = client_mock
+sys.modules['backend.database.client'] = client_mock
+
+# Mock db_models module
+db_models_mock = MagicMock()
+db_models_mock.TenantGroupInfo = MagicMock()
+db_models_mock.TenantGroupUser = MagicMock()
+
+class MockTenantGroupInfo:
+    def __init__(self, **kwargs):
+        self.group_id = kwargs.get('group_id', 1)
+        self.tenant_id = kwargs.get('tenant_id', 'test_tenant')
+        self.group_name = kwargs.get('group_name', 'test_group')
+        self.group_description = kwargs.get('group_description', 'test description')
+        self.created_by = kwargs.get('created_by', 'test_user')
+        self.updated_by = kwargs.get('updated_by', 'test_user')
+        self.delete_flag = kwargs.get('delete_flag', 'N')
+        self.create_time = kwargs.get('create_time', '2024-01-01 00:00:00')
+        self.update_time = kwargs.get('update_time', '2024-01-01 00:00:00')
+
+class MockTenantGroupUser:
+    def __init__(self, **kwargs):
+        self.group_user_id = kwargs.get('group_user_id', 1)
+        self.group_id = kwargs.get('group_id', 1)
+        self.user_id = kwargs.get('user_id', 'test_user')
+        self.created_by = kwargs.get('created_by', 'test_user')
+        self.updated_by = kwargs.get('updated_by', 'test_user')
+        self.delete_flag = kwargs.get('delete_flag', 'N')
+        self.create_time = kwargs.get('create_time', '2024-01-01 00:00:00')
+        self.update_time = kwargs.get('update_time', '2024-01-01 00:00:00')
+
+
+# Add the mocked db_models module to sys.modules
+sys.modules['database.db_models'] = db_models_mock
+sys.modules['backend.database.db_models'] = db_models_mock
+
+# Mock exceptions module
+exceptions_mock = MagicMock()
+sys.modules['consts.exceptions'] = exceptions_mock
+sys.modules['backend.consts.exceptions'] = exceptions_mock
+
+# Mock sqlalchemy module
+sqlalchemy_mock = MagicMock()
+sqlalchemy_mock.exc = MagicMock()
+
+class MockSQLAlchemyError(Exception):
+    pass
+
+sqlalchemy_mock.exc.SQLAlchemyError = MockSQLAlchemyError
+
+# Add the mocked sqlalchemy module to sys.modules
+sys.modules['sqlalchemy'] = sqlalchemy_mock
+sys.modules['sqlalchemy.exc'] = sqlalchemy_mock.exc
+
+# Now we can safely import the module under test
+from backend.database.group_db import (
+    query_groups,
+    query_groups_by_tenant,
+    add_group,
+    modify_group,
+    remove_group,
+    add_user_to_group,
+    remove_user_from_group,
+    query_group_users,
+    query_groups_by_user,
+    query_group_ids_by_user,
+    check_user_in_group,
+    count_group_users
+)
+
+
+@pytest.fixture
+def mock_session():
+    """Create mock database session"""
+    mock_session = MagicMock()
+    mock_query = MagicMock()
+    mock_session.query.return_value = mock_query
+    return mock_session, mock_query
+
+
+def test_get_group_by_id_success(monkeypatch, mock_session):
+    """Test successfully retrieving group by ID"""
+    session, query = mock_session
+
+    mock_group = MockTenantGroupInfo()
+    mock_group.group_id = 123
+    mock_group.group_name = "test_group"
+
+    mock_filter = MagicMock()
+    mock_filter.all.return_value = [mock_group]
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.group_db.get_db_session", lambda: mock_ctx)
+    monkeypatch.setattr("backend.database.group_db.as_dict", lambda obj: obj.__dict__)
+
+    result = query_groups(123)
+
+    assert result is not None
+    assert result["group_id"] == 123
+    assert result["group_name"] == "test_group"
+
+
+def test_get_group_by_id_not_found(monkeypatch, mock_session):
+    """Test retrieving non-existent group"""
+    session, query = mock_session
+
+    mock_filter = MagicMock()
+    mock_filter.first.return_value = None
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.group_db.get_db_session", lambda: mock_ctx)
+
+    result = query_groups(999)
+
+    assert result is None
+
+
+def test_get_group_by_id_with_string_input(monkeypatch, mock_session):
+    """Test retrieving groups by comma-separated string"""
+    session, query = mock_session
+
+    mock_group1 = MockTenantGroupInfo(group_id=1, group_name="group1")
+    mock_group2 = MockTenantGroupInfo(group_id=2, group_name="group2")
+
+    mock_filter = MagicMock()
+    mock_filter.all.return_value = [mock_group1, mock_group2]
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr(
+        "backend.database.group_db.get_db_session", lambda: mock_ctx)
+    monkeypatch.setattr("backend.database.group_db.as_dict",
+                        lambda obj: obj.__dict__)
+
+    result = query_groups("1,2")
+
+    assert len(result) == 2
+    assert result[0]["group_id"] == 1
+    assert result[1]["group_id"] == 2
+
+
+def test_get_group_by_id_with_list_input(monkeypatch, mock_session):
+    """Test retrieving groups by list of IDs"""
+    session, query = mock_session
+
+    mock_group1 = MockTenantGroupInfo(group_id=1, group_name="group1")
+    mock_group2 = MockTenantGroupInfo(group_id=3, group_name="group3")
+
+    mock_filter = MagicMock()
+    mock_filter.all.return_value = [mock_group1, mock_group2]
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr(
+        "backend.database.group_db.get_db_session", lambda: mock_ctx)
+    monkeypatch.setattr("backend.database.group_db.as_dict",
+                        lambda obj: obj.__dict__)
+
+    result = query_groups([1, 3])
+
+    assert len(result) == 2
+    assert result[0]["group_id"] == 1
+    assert result[1]["group_id"] == 3
+
+
+def test_get_group_by_id_empty_string(monkeypatch, mock_session):
+    """Test retrieving groups with empty string"""
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = None
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr(
+        "backend.database.group_db.get_db_session", lambda: mock_ctx)
+
+    result = query_groups("")
+
+    assert result == []
+
+
+def test_get_group_by_id_empty_list(monkeypatch, mock_session):
+    """Test retrieving groups with empty list"""
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = None
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr(
+        "backend.database.group_db.get_db_session", lambda: mock_ctx)
+
+    result = query_groups([])
+
+    assert result == []
+
+
+def test_get_group_by_id_invalid_type():
+    """Test get_group_by_id with invalid input type"""
+    import pytest
+
+    with pytest.raises(ValueError, match="group_id must be int, str, or List\\[int\\]"):
+        query_groups(1.5)  # float is not supported
+
+
+def test_get_groups_by_tenant_success(monkeypatch, mock_session):
+    """Test retrieving groups by tenant"""
+    session, query = mock_session
+
+    mock_group1 = MockTenantGroupInfo(group_id=1, group_name="group1")
+    mock_group2 = MockTenantGroupInfo(group_id=2, group_name="group2")
+
+    mock_filter = MagicMock()
+    mock_filter.all.return_value = [mock_group1, mock_group2]
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.group_db.get_db_session", lambda: mock_ctx)
+    monkeypatch.setattr("backend.database.group_db.as_dict", lambda obj: obj.__dict__)
+
+    result = query_groups_by_tenant("test_tenant")
+
+    assert len(result) == 2
+    assert result[0]["group_name"] == "group1"
+    assert result[1]["group_name"] == "group2"
+
+
+def test_create_group_success(monkeypatch, mock_session):
+    """Test successfully creating group"""
+    session, _ = mock_session
+    session.add = MagicMock()
+
+    mock_group = MockTenantGroupInfo()
+    mock_group.group_id = 123
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.group_db.get_db_session", lambda: mock_ctx)
+
+    from unittest.mock import patch
+    with patch('backend.database.group_db.TenantGroupInfo', return_value=mock_group):
+        result = add_group(
+            tenant_id="test_tenant",
+            group_name="test_group",
+            group_description="test description",
+            created_by="test_user"
+        )
+
+    assert result == 123
+    session.add.assert_called_once_with(mock_group)
+    session.flush.assert_called_once()
+
+
+def test_update_group_success(monkeypatch, mock_session):
+    """Test successfully updating group"""
+    session, query = mock_session
+
+    # Setup query filter().update() chain
+    mock_update = MagicMock()
+    mock_update.return_value = 1  # 1 row affected
+    mock_filter = MagicMock()
+    mock_filter.update = mock_update
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.group_db.get_db_session", lambda: mock_ctx)
+
+    result = modify_group(
+        group_id=123,
+        updates={"group_name": "new_name", "group_description": "new description"},
+        updated_by="test_user"
+    )
+
+    assert result is True
+
+
+def test_soft_delete_group_success(monkeypatch, mock_session):
+    """Test successfully soft deleting group"""
+    session, query = mock_session
+
+    # Setup query filter().update() chain
+    mock_update = MagicMock()
+    mock_update.return_value = 1  # 1 row affected
+    mock_filter = MagicMock()
+    mock_filter.update = mock_update
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.group_db.get_db_session", lambda: mock_ctx)
+
+    result = remove_group(group_id=123, updated_by="test_user")
+
+    assert result is True
+
+
+def test_add_user_to_group_success(monkeypatch, mock_session):
+    """Test successfully adding user to group"""
+    session, _ = mock_session
+    session.add = MagicMock()
+
+    mock_group_user = MockTenantGroupUser()
+    mock_group_user.group_user_id = 456
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.group_db.get_db_session", lambda: mock_ctx)
+
+    from unittest.mock import patch
+    with patch('backend.database.group_db.TenantGroupUser', return_value=mock_group_user):
+        result = add_user_to_group(
+            group_id=123,
+            user_id="test_user",
+            created_by="test_user"
+        )
+
+    assert result == 456
+    session.add.assert_called_once_with(mock_group_user)
+    session.flush.assert_called_once()
+
+
+def test_remove_user_from_group_success(monkeypatch, mock_session):
+    """Test successfully removing user from group"""
+    session, query = mock_session
+
+    # Setup query filter().update() chain
+    mock_update = MagicMock()
+    mock_update.return_value = 1  # 1 row affected
+    mock_filter = MagicMock()
+    mock_filter.update = mock_update
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.group_db.get_db_session", lambda: mock_ctx)
+
+    result = remove_user_from_group(
+        group_id=123,
+        user_id="test_user",
+        updated_by="test_user"
+    )
+
+    assert result is True
+
+
+def test_get_group_users_success(monkeypatch, mock_session):
+    """Test retrieving users in a group"""
+    session, query = mock_session
+
+    mock_user1 = MockTenantGroupUser(group_user_id=1, user_id="user1")
+    mock_user2 = MockTenantGroupUser(group_user_id=2, user_id="user2")
+
+    mock_filter = MagicMock()
+    mock_filter.all.return_value = [mock_user1, mock_user2]
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.group_db.get_db_session", lambda: mock_ctx)
+    monkeypatch.setattr("backend.database.group_db.as_dict", lambda obj: obj.__dict__)
+
+    result = query_group_users(123)
+
+    assert len(result) == 2
+    assert result[0]["user_id"] == "user1"
+    assert result[1]["user_id"] == "user2"
+
+
+def test_get_groups_by_user_success(monkeypatch, mock_session):
+    """Test retrieving groups for a user"""
+    session, query = mock_session
+
+    mock_group1 = MockTenantGroupInfo(group_id=1, group_name="group1")
+    mock_group2 = MockTenantGroupInfo(group_id=2, group_name="group2")
+
+    # Mock the join query
+    mock_join = MagicMock()
+    mock_filter = MagicMock()
+    mock_filter.all.return_value = [mock_group1, mock_group2]
+    mock_join.filter.return_value = mock_filter
+    query.join.return_value = mock_join
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.group_db.get_db_session", lambda: mock_ctx)
+    monkeypatch.setattr("backend.database.group_db.as_dict", lambda obj: obj.__dict__)
+
+    result = query_groups_by_user("test_user")
+
+    assert len(result) == 2
+    assert result[0]["group_name"] == "group1"
+    assert result[1]["group_name"] == "group2"
+
+
+def test_get_group_ids_by_user_success(monkeypatch, mock_session):
+    """Test retrieving group IDs for a user"""
+    session, _ = mock_session
+
+    # Create a mock query that returns tuples of group_ids
+    mock_specific_query = MagicMock()
+    mock_filter = MagicMock()
+    mock_filter.all.return_value = [(1,), (2,), (3,)]
+    mock_specific_query.filter.return_value = mock_filter
+
+    def mock_query_func(*args, **kwargs):
+        return mock_specific_query
+
+    session.query = mock_query_func
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr(
+        "backend.database.group_db.get_db_session", lambda: mock_ctx)
+
+    result = query_group_ids_by_user("test_user")
+
+    assert result == [1, 2, 3]
+
+
+def test_is_user_in_group_true(monkeypatch, mock_session):
+    """Test checking if user is in group - user is in group"""
+    session, query = mock_session
+
+    mock_group_user = MockTenantGroupUser()
+
+    mock_filter = MagicMock()
+    mock_filter.first.return_value = mock_group_user
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.group_db.get_db_session", lambda: mock_ctx)
+
+    result = check_user_in_group("test_user", 123)
+
+    assert result is True
+
+
+def test_is_user_in_group_false(monkeypatch, mock_session):
+    """Test checking if user is in group - user is not in group"""
+    session, query = mock_session
+
+    mock_filter = MagicMock()
+    mock_filter.first.return_value = None
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.group_db.get_db_session", lambda: mock_ctx)
+
+    result = check_user_in_group("test_user", 123)
+
+    assert result is False
+
+
+def test_get_group_user_count_success(monkeypatch, mock_session):
+    """Test getting group user count"""
+    session, _ = mock_session
+
+    # Create a mock query that returns count
+    mock_specific_query = MagicMock()
+    mock_filter = MagicMock()
+    mock_filter.count.return_value = 5
+    mock_specific_query.filter.return_value = mock_filter
+
+    def mock_query_func(*args, **kwargs):
+        return mock_specific_query
+
+    session.query = mock_query_func
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.group_db.get_db_session", lambda: mock_ctx)
+
+    result = count_group_users(123)
+
+    assert result == 5
+
+
+def test_database_error_handling(monkeypatch, mock_session):
+    """Test database error handling"""
+    session, query = mock_session
+    query.filter.side_effect = MockSQLAlchemyError("Database error")
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.group_db.get_db_session", lambda: mock_ctx)
+
+    with pytest.raises(MockSQLAlchemyError, match="Database error"):
+        query_groups(123)
diff --git a/test/backend/database/test_invitation_db.py b/test/backend/database/test_invitation_db.py
new file mode 100644
index 000000000..6f4be3ef1
--- /dev/null
+++ b/test/backend/database/test_invitation_db.py
@@ -0,0 +1,513 @@
+import sys
+import pytest
+from unittest.mock import MagicMock
+
+# First mock the consts module to avoid ModuleNotFoundError
+consts_mock = MagicMock()
+consts_mock.const = MagicMock()
+# Set required constants in consts.const
+consts_mock.const.MINIO_ENDPOINT = "http://localhost:9000"
+consts_mock.const.MINIO_ACCESS_KEY = "test_access_key"
+consts_mock.const.MINIO_SECRET_KEY = "test_secret_key"
+consts_mock.const.MINIO_REGION = "us-east-1"
+consts_mock.const.MINIO_DEFAULT_BUCKET = "test-bucket"
+consts_mock.const.POSTGRES_HOST = "localhost"
+consts_mock.const.POSTGRES_USER = "test_user"
+consts_mock.const.NEXENT_POSTGRES_PASSWORD = "test_password"
+consts_mock.const.POSTGRES_DB = "test_db"
+consts_mock.const.POSTGRES_PORT = 5432
+consts_mock.const.DEFAULT_TENANT_ID = "default_tenant"
+
+# Add the mocked consts module to sys.modules
+sys.modules['consts'] = consts_mock
+sys.modules['consts.const'] = consts_mock.const
+
+# Mock utils module
+utils_mock = MagicMock()
+utils_mock.auth_utils = MagicMock()
+utils_mock.auth_utils.get_current_user_id_from_token = MagicMock(return_value="test_user_id")
+utils_mock.str_utils = MagicMock()
+utils_mock.str_utils.convert_list_to_string = MagicMock(side_effect=lambda x: ",".join(str(i) for i in x) if x else "")
+
+# Add the mocked utils module to sys.modules
+sys.modules['utils'] = utils_mock
+sys.modules['utils.auth_utils'] = utils_mock.auth_utils
+sys.modules['utils.str_utils'] = utils_mock.str_utils
+
+# Provide a stub for the `boto3` module so that it can be imported safely even
+# if the testing environment does not have it available.
+boto3_mock = MagicMock()
+sys.modules['boto3'] = boto3_mock
+
+# Mock the entire client module
+client_mock = MagicMock()
+client_mock.MinioClient = MagicMock()
+client_mock.PostgresClient = MagicMock()
+client_mock.db_client = MagicMock()
+client_mock.get_db_session = MagicMock()
+client_mock.as_dict = MagicMock()
+client_mock.filter_property = MagicMock()
+
+# Add the mocked client module to sys.modules
+sys.modules['database.client'] = client_mock
+sys.modules['backend.database.client'] = client_mock
+
+# Mock db_models module
+db_models_mock = MagicMock()
+db_models_mock.TenantInvitationCode = MagicMock()
+db_models_mock.TenantInvitationRecord = MagicMock()
+
+class MockTenantInvitationCode:
+    def __init__(self, **kwargs):
+        self.invitation_id = kwargs.get('invitation_id', 1)
+        self.tenant_id = kwargs.get('tenant_id', 'test_tenant')
+        self.invitation_code = kwargs.get('invitation_code', 'test_code')
+        self.group_ids = kwargs.get('group_ids', '1,2,3')
+        self.capacity = kwargs.get('capacity', 5)
+        self.expiry_date = kwargs.get('expiry_date', '2024-12-31 23:59:59')
+        self.status = kwargs.get('status', 'IN_USE')
+        self.code_type = kwargs.get('code_type', 'ADMIN_INVITE')
+        self.created_by = kwargs.get('created_by', 'test_user')
+        self.updated_by = kwargs.get('updated_by', 'test_user')
+        self.delete_flag = kwargs.get('delete_flag', 'N')
+        self.create_time = kwargs.get('create_time', '2024-01-01 00:00:00')
+        self.update_time = kwargs.get('update_time', '2024-01-01 00:00:00')
+
+class MockTenantInvitationRecord:
+    def __init__(self, **kwargs):
+        self.invitation_record_id = kwargs.get('invitation_record_id', 1)
+        self.invitation_id = kwargs.get('invitation_id', 1)
+        self.user_id = kwargs.get('user_id', 'test_user')
+        self.created_by = kwargs.get('created_by', 'test_user')
+        self.updated_by = kwargs.get('updated_by', 'test_user')
+        self.delete_flag = kwargs.get('delete_flag', 'N')
+        self.create_time = kwargs.get('create_time', '2024-01-01 00:00:00')
+        self.update_time = kwargs.get('update_time', '2024-01-01 00:00:00')
+
+
+# Add the mocked db_models module to sys.modules
+sys.modules['database.db_models'] = db_models_mock
+sys.modules['backend.database.db_models'] = db_models_mock
+
+# Mock exceptions module
+exceptions_mock = MagicMock()
+sys.modules['consts.exceptions'] = exceptions_mock
+sys.modules['backend.consts.exceptions'] = exceptions_mock
+
+# Mock sqlalchemy module
+sqlalchemy_mock = MagicMock()
+sqlalchemy_mock.exc = MagicMock()
+
+class MockSQLAlchemyError(Exception):
+    pass
+
+sqlalchemy_mock.exc.SQLAlchemyError = MockSQLAlchemyError
+
+# Add the mocked sqlalchemy module to sys.modules
+sys.modules['sqlalchemy'] = sqlalchemy_mock
+sys.modules['sqlalchemy.exc'] = sqlalchemy_mock.exc
+
+# Now we can safely import the module under test
+from backend.database.invitation_db import (
+    query_invitation_by_code,
+    query_invitation_by_id,
+    query_invitations_by_tenant,
+    add_invitation,
+    modify_invitation,
+    remove_invitation,
+    query_invitation_records,
+    add_invitation_record,
+    count_invitation_usage,
+    query_invitation_status
+)
+
+
+@pytest.fixture
+def mock_session():
+    """Create mock database session"""
+    mock_session = MagicMock()
+    mock_query = MagicMock()
+    mock_session.query.return_value = mock_query
+    return mock_session, mock_query
+
+
+def test_query_invitation_by_code_success(monkeypatch, mock_session):
+    """Test successfully retrieving invitation code by code"""
+    session, query = mock_session
+
+    mock_invitation = MockTenantInvitationCode()
+    mock_invitation.invitation_id = 123
+    mock_invitation.invitation_code = "test_code"
+
+    mock_filter = MagicMock()
+    mock_filter.first.return_value = mock_invitation
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.invitation_db.get_db_session", lambda: mock_ctx)
+    monkeypatch.setattr("backend.database.invitation_db.as_dict", lambda obj: obj.__dict__)
+
+    result = query_invitation_by_code("test_code")
+
+    assert result is not None
+    assert result["invitation_code"] == "test_code"
+    assert result["invitation_id"] == 123
+
+
+def test_query_invitation_by_code_not_found(monkeypatch, mock_session):
+    """Test retrieving non-existent invitation code"""
+    session, query = mock_session
+
+    mock_filter = MagicMock()
+    mock_filter.first.return_value = None
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.invitation_db.get_db_session", lambda: mock_ctx)
+
+    result = query_invitation_by_code("nonexistent_code")
+
+    assert result is None
+
+
+def test_query_invitation_by_id_success(monkeypatch, mock_session):
+    """Test retrieving invitation code by ID"""
+    session, query = mock_session
+
+    mock_invitation = MockTenantInvitationCode()
+    mock_invitation.invitation_id = 123
+    mock_invitation.invitation_code = "test_code"
+
+    mock_filter = MagicMock()
+    mock_filter.first.return_value = mock_invitation
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr(
+        "backend.database.invitation_db.get_db_session", lambda: mock_ctx)
+    monkeypatch.setattr(
+        "backend.database.invitation_db.as_dict", lambda obj: obj.__dict__)
+
+    result = query_invitation_by_id(123)
+
+    assert result is not None
+    assert result["invitation_code"] == "test_code"
+    assert result["invitation_id"] == 123
+
+
+def test_query_invitation_by_id_not_found(monkeypatch, mock_session):
+    """Test retrieving non-existent invitation code by ID"""
+    session, query = mock_session
+
+    mock_filter = MagicMock()
+    mock_filter.first.return_value = None
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr(
+        "backend.database.invitation_db.get_db_session", lambda: mock_ctx)
+
+    result = query_invitation_by_id(999)
+
+    assert result is None
+
+
+def test_query_invitations_by_tenant_success(monkeypatch, mock_session):
+    """Test retrieving invitation codes by tenant"""
+    session, query = mock_session
+
+    mock_invitation1 = MockTenantInvitationCode(invitation_id=1, invitation_code="code1")
+    mock_invitation2 = MockTenantInvitationCode(invitation_id=2, invitation_code="code2")
+
+    mock_filter = MagicMock()
+    mock_filter.all.return_value = [mock_invitation1, mock_invitation2]
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.invitation_db.get_db_session", lambda: mock_ctx)
+    monkeypatch.setattr("backend.database.invitation_db.as_dict", lambda obj: obj.__dict__)
+
+    result = query_invitations_by_tenant("test_tenant")
+
+    assert len(result) == 2
+    assert result[0]["invitation_code"] == "code1"
+    assert result[1]["invitation_code"] == "code2"
+
+
+def test_add_invitation_success(monkeypatch, mock_session):
+    """Test successfully creating invitation code"""
+    session, _ = mock_session
+    session.add = MagicMock()
+
+    mock_invitation = MockTenantInvitationCode()
+    mock_invitation.invitation_id = 123
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.invitation_db.get_db_session", lambda: mock_ctx)
+
+    from unittest.mock import patch
+    with patch('backend.database.invitation_db.TenantInvitationCode', return_value=mock_invitation):
+        result = add_invitation(
+            tenant_id="test_tenant",
+            invitation_code="test_code",
+            code_type="ADMIN_INVITE",
+            group_ids=[1, 2, 3],
+            capacity=5,
+            expiry_date="2024-12-31",
+            status="IN_USE",
+            created_by="test_user"
+        )
+
+    assert result == 123
+    session.add.assert_called_once_with(mock_invitation)
+    session.flush.assert_called_once()
+
+
+def test_add_invitation_with_group_ids_list(monkeypatch, mock_session):
+    """Test successfully creating invitation code with group IDs as list"""
+    session, _ = mock_session
+    session.add = MagicMock()
+
+    mock_invitation = MockTenantInvitationCode()
+    mock_invitation.invitation_id = 123
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.invitation_db.get_db_session", lambda: mock_ctx)
+
+    from unittest.mock import patch
+    with patch('backend.database.invitation_db.TenantInvitationCode', return_value=mock_invitation) as mock_constructor:
+        result = add_invitation(
+            tenant_id="test_tenant",
+            invitation_code="test_code",
+            code_type="ADMIN_INVITE",
+            group_ids=[1, 2, 3],
+            capacity=5,
+            expiry_date="2024-12-31",
+            status="IN_USE",
+            created_by="test_user"
+        )
+
+    assert result == 123
+    # Verify TenantInvitationCode was called with group_ids converted to string
+    mock_constructor.assert_called_once_with(
+        tenant_id="test_tenant",
+        invitation_code="test_code",
+        code_type="ADMIN_INVITE",
+        group_ids="1,2,3",  # Should be converted to comma-separated string
+        capacity=5,
+        expiry_date="2024-12-31",
+        status="IN_USE",
+        created_by="test_user",
+        updated_by="test_user"
+    )
+    session.add.assert_called_once_with(mock_invitation)
+    session.flush.assert_called_once()
+
+
+def test_modify_invitation_success(monkeypatch, mock_session):
+    """Test successfully updating invitation code"""
+    session, query = mock_session
+
+    # Setup query filter().update() chain
+    mock_update = MagicMock()
+    mock_update.return_value = 1  # 1 row affected
+    mock_filter = MagicMock()
+    mock_filter.update = mock_update
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.invitation_db.get_db_session", lambda: mock_ctx)
+
+    result = modify_invitation(
+        invitation_id=123,
+        updates={"status": "DISABLE", "capacity": 10},
+        updated_by="test_user"
+    )
+
+    assert result is True
+
+
+def test_remove_invitation_success(monkeypatch, mock_session):
+    """Test successfully soft deleting invitation code"""
+    session, query = mock_session
+
+    # Setup query filter().update() chain
+    mock_update = MagicMock()
+    mock_update.return_value = 1  # 1 row affected
+    mock_filter = MagicMock()
+    mock_filter.update = mock_update
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.invitation_db.get_db_session", lambda: mock_ctx)
+
+    result = remove_invitation(invitation_id=123, updated_by="test_user")
+
+    assert result is True
+
+
+def test_query_invitation_records_success(monkeypatch, mock_session):
+    """Test retrieving invitation records by invitation ID"""
+    session, query = mock_session
+
+    mock_record1 = MockTenantInvitationRecord(invitation_record_id=1, user_id="user1")
+    mock_record2 = MockTenantInvitationRecord(invitation_record_id=2, user_id="user2")
+
+    mock_filter = MagicMock()
+    mock_filter.all.return_value = [mock_record1, mock_record2]
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.invitation_db.get_db_session", lambda: mock_ctx)
+    monkeypatch.setattr("backend.database.invitation_db.as_dict", lambda obj: obj.__dict__)
+
+    result = query_invitation_records(123)
+
+    assert len(result) == 2
+    assert result[0]["user_id"] == "user1"
+    assert result[1]["user_id"] == "user2"
+
+
+def test_add_invitation_record_success(monkeypatch, mock_session):
+    """Test successfully creating invitation record"""
+    session, _ = mock_session
+    session.add = MagicMock()
+
+    mock_record = MockTenantInvitationRecord()
+    mock_record.invitation_record_id = 456
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.invitation_db.get_db_session", lambda: mock_ctx)
+
+    from unittest.mock import patch
+    with patch('backend.database.invitation_db.TenantInvitationRecord', return_value=mock_record):
+        result = add_invitation_record(
+            invitation_id=123,
+            user_id="test_user",
+            created_by="test_user"
+        )
+
+    assert result == 456
+    session.add.assert_called_once_with(mock_record)
+    session.flush.assert_called_once()
+
+
+def test_count_invitation_usage_success(monkeypatch, mock_session):
+    """Test getting invitation usage count"""
+    session, _ = mock_session
+
+    # Create a mock query that returns count
+    mock_specific_query = MagicMock()
+    mock_filter = MagicMock()
+    mock_filter.count.return_value = 3
+    mock_specific_query.filter.return_value = mock_filter
+
+    def mock_query_func(*args, **kwargs):
+        return mock_specific_query
+
+    session.query = mock_query_func
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.invitation_db.get_db_session", lambda: mock_ctx)
+
+    result = count_invitation_usage(123)
+
+    assert result == 3
+
+
+def test_get_invitation_status_in_use(monkeypatch, mock_session):
+    """Test getting invitation status when in use"""
+    session, query = mock_session
+
+    mock_invitation = MockTenantInvitationCode()
+    mock_invitation.status = "IN_USE"
+
+    mock_filter = MagicMock()
+    mock_filter.first.return_value = mock_invitation
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.invitation_db.get_db_session", lambda: mock_ctx)
+
+    result = query_invitation_status("test_code")
+
+    assert result == "IN_USE"
+
+
+def test_get_invitation_status_expired(monkeypatch, mock_session):
+    """Test getting invitation status when expired"""
+    session, query = mock_session
+
+    mock_invitation = MockTenantInvitationCode()
+    mock_invitation.status = "EXPIRE"
+
+    mock_filter = MagicMock()
+    mock_filter.first.return_value = mock_invitation
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.invitation_db.get_db_session", lambda: mock_ctx)
+
+    result = query_invitation_status("test_code")
+
+    assert result == "EXPIRE"
+
+
+def test_get_invitation_status_not_found(monkeypatch, mock_session):
+    """Test getting invitation status when it doesn't exist"""
+    session, query = mock_session
+
+    mock_filter = MagicMock()
+    mock_filter.first.return_value = None
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.invitation_db.get_db_session", lambda: mock_ctx)
+
+    result = query_invitation_status("nonexistent_code")
+
+    assert result is None
+
+
+def test_database_error_handling(monkeypatch, mock_session):
+    """Test database error handling"""
+    session, query = mock_session
+    query.filter.side_effect = MockSQLAlchemyError("Database error")
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.invitation_db.get_db_session", lambda: mock_ctx)
+
+    with pytest.raises(MockSQLAlchemyError, match="Database error"):
+        query_invitation_by_code("test_code")
diff --git a/test/backend/database/test_knowledge_db.py b/test/backend/database/test_knowledge_db.py
index af337eb8d..415e2b8bd 100644
--- a/test/backend/database/test_knowledge_db.py
+++ b/test/backend/database/test_knowledge_db.py
@@ -26,10 +26,13 @@
 utils_mock = MagicMock()
 utils_mock.auth_utils = MagicMock()
 utils_mock.auth_utils.get_current_user_id_from_token = MagicMock(return_value="test_user_id")
+utils_mock.str_utils = MagicMock()
+utils_mock.str_utils.convert_list_to_string = MagicMock(side_effect=lambda x: ",".join(str(i) for i in x) if x else "")
 
 # Add the mocked utils module to sys.modules
 sys.modules['utils'] = utils_mock
 sys.modules['utils.auth_utils'] = utils_mock.auth_utils
+sys.modules['utils.str_utils'] = utils_mock.str_utils
 
 # Provide a stub for the `boto3` module so that it can be imported safely even
 # if the testing environment does not have it available.
@@ -78,6 +81,8 @@ def __init__(self, **kwargs):
         self.knowledge_sources = kwargs.get('knowledge_sources', 'elasticsearch')
         self.tenant_id = kwargs.get('tenant_id', 'test_tenant')
         self.embedding_model_name = kwargs.get('embedding_model_name', 'test_model')
+        self.group_ids = kwargs.get('group_ids', '1,2,3')  # New field
+        self.ingroup_permission = kwargs.get('ingroup_permission', 'READ_ONLY')  # New field, corrected name
         self.delete_flag = kwargs.get('delete_flag', 'N')
         self.update_time = kwargs.get('update_time', "2023-01-01 00:00:00")
         
@@ -91,6 +96,8 @@ def __init__(self, **kwargs):
     knowledge_sources = MagicMock(name="knowledge_sources_column")
     tenant_id = MagicMock(name="tenant_id_column")
     embedding_model_name = MagicMock(name="embedding_model_name_column")
+    group_ids = MagicMock(name="group_ids_column")  # New field
+    ingroup_permission = MagicMock(name="ingroup_permission_column")  # New field, corrected name
     delete_flag = MagicMock(name="delete_flag_column")
     update_time = MagicMock(name="update_time_column")
 
@@ -146,7 +153,9 @@ def test_create_knowledge_record_success(monkeypatch, mock_session):
         "user_id": "test_user",
         "tenant_id": "test_tenant",
         "embedding_model_name": "test_model",
-        "knowledge_name": "test_knowledge"
+        "knowledge_name": "test_knowledge",
+        "group_ids": [1, 2, 3],
+        "ingroup_permission": "READ_ONLY"
     }
     
     # Mock KnowledgeRecord constructor
@@ -163,6 +172,51 @@ def test_create_knowledge_record_success(monkeypatch, mock_session):
     session.commit.assert_called_once()
 
 
+def test_create_knowledge_record_with_group_ids_list(monkeypatch, mock_session):
+    """Test successful creation of knowledge record with group IDs as list"""
+    session, _ = mock_session
+
+    # Create mock knowledge record
+    mock_record = MockKnowledgeRecord(knowledge_name="test_knowledge")
+    mock_record.knowledge_id = 123
+    mock_record.index_name = "test_knowledge"
+
+    # Mock database session context
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.knowledge_db.get_db_session", lambda: mock_ctx)
+
+    # Prepare test data with group_ids as list
+    test_query = {
+        "index_name": "test_knowledge",
+        "knowledge_describe": "Test knowledge description",
+        "user_id": "test_user",
+        "tenant_id": "test_tenant",
+        "embedding_model_name": "test_model",
+        "knowledge_name": "test_knowledge",
+        "group_ids": [1, 2, 3],
+        "ingroup_permission": "READ_ONLY"
+    }
+
+    # Mock KnowledgeRecord constructor
+    with patch('backend.database.knowledge_db.KnowledgeRecord', return_value=mock_record) as mock_constructor:
+        result = create_knowledge_record(test_query)
+
+    assert result == {
+        "knowledge_id": 123,
+        "index_name": "test_knowledge",
+        "knowledge_name": "test_knowledge",
+    }
+    # Verify KnowledgeRecord was called with group_ids converted to string
+    mock_constructor.assert_called_once()
+    call_kwargs = mock_constructor.call_args[1]  # Get kwargs from the call
+    assert call_kwargs["group_ids"] == "1,2,3"  # Should be converted to comma-separated string
+    session.add.assert_called_once_with(mock_record)
+    assert session.flush.call_count == 1
+    session.commit.assert_called_once()
+
+
 def test_create_knowledge_record_exception(monkeypatch, mock_session):
     """Test exception during knowledge record creation"""
     session, _ = mock_session
diff --git a/test/backend/database/test_role_permission_db.py b/test/backend/database/test_role_permission_db.py
new file mode 100644
index 000000000..5bfbd6d76
--- /dev/null
+++ b/test/backend/database/test_role_permission_db.py
@@ -0,0 +1,467 @@
+import sys
+import pytest
+from unittest.mock import MagicMock
+
+# First mock the consts module to avoid ModuleNotFoundError
+consts_mock = MagicMock()
+consts_mock.const = MagicMock()
+# Set required constants in consts.const
+consts_mock.const.MINIO_ENDPOINT = "http://localhost:9000"
+consts_mock.const.MINIO_ACCESS_KEY = "test_access_key"
+consts_mock.const.MINIO_SECRET_KEY = "test_secret_key"
+consts_mock.const.MINIO_REGION = "us-east-1"
+consts_mock.const.MINIO_DEFAULT_BUCKET = "test-bucket"
+consts_mock.const.POSTGRES_HOST = "localhost"
+consts_mock.const.POSTGRES_USER = "test_user"
+consts_mock.const.NEXENT_POSTGRES_PASSWORD = "test_password"
+consts_mock.const.POSTGRES_DB = "test_db"
+consts_mock.const.POSTGRES_PORT = 5432
+consts_mock.const.DEFAULT_TENANT_ID = "default_tenant"
+
+# Add the mocked consts module to sys.modules
+sys.modules['consts'] = consts_mock
+sys.modules['consts.const'] = consts_mock.const
+
+# Mock utils module
+utils_mock = MagicMock()
+utils_mock.auth_utils = MagicMock()
+utils_mock.auth_utils.get_current_user_id_from_token = MagicMock(return_value="test_user_id")
+
+# Add the mocked utils module to sys.modules
+sys.modules['utils'] = utils_mock
+sys.modules['utils.auth_utils'] = utils_mock.auth_utils
+
+# Provide a stub for the `boto3` module so that it can be imported safely even
+# if the testing environment does not have it available.
+boto3_mock = MagicMock()
+sys.modules['boto3'] = boto3_mock
+
+# Mock the entire client module
+client_mock = MagicMock()
+client_mock.MinioClient = MagicMock()
+client_mock.PostgresClient = MagicMock()
+client_mock.db_client = MagicMock()
+client_mock.get_db_session = MagicMock()
+client_mock.as_dict = MagicMock()
+client_mock.filter_property = MagicMock()
+
+# Add the mocked client module to sys.modules
+sys.modules['database.client'] = client_mock
+sys.modules['backend.database.client'] = client_mock
+
+# Mock db_models module
+db_models_mock = MagicMock()
+db_models_mock.RolePermission = MagicMock()
+
+class MockRolePermission:
+    def __init__(self, **kwargs):
+        self.role_permission_id = kwargs.get('role_permission_id', 1)
+        self.user_role = kwargs.get('user_role', 'USER')
+        self.permission_category = kwargs.get('permission_category', 'SYSTEM')
+        self.permission_type = kwargs.get('permission_type', 'READ')
+        self.permission_subtype = kwargs.get('permission_subtype', 'BASIC')
+        self.created_by = kwargs.get('created_by', 'test_user')
+        self.updated_by = kwargs.get('updated_by', 'test_user')
+        self.delete_flag = kwargs.get('delete_flag', 'N')
+        self.create_time = kwargs.get('create_time', '2024-01-01 00:00:00')
+        self.update_time = kwargs.get('update_time', '2024-01-01 00:00:00')
+
+
+# Add the mocked db_models module to sys.modules
+sys.modules['database.db_models'] = db_models_mock
+sys.modules['backend.database.db_models'] = db_models_mock
+
+# Mock exceptions module
+exceptions_mock = MagicMock()
+sys.modules['consts.exceptions'] = exceptions_mock
+sys.modules['backend.consts.exceptions'] = exceptions_mock
+
+# Mock sqlalchemy module
+sqlalchemy_mock = MagicMock()
+sqlalchemy_mock.exc = MagicMock()
+
+class MockSQLAlchemyError(Exception):
+    pass
+
+sqlalchemy_mock.exc.SQLAlchemyError = MockSQLAlchemyError
+
+# Add the mocked sqlalchemy module to sys.modules
+sys.modules['sqlalchemy'] = sqlalchemy_mock
+sys.modules['sqlalchemy.exc'] = sqlalchemy_mock.exc
+
+# Now we can safely import the module under test
+from backend.database.role_permission_db import (
+    get_role_permissions,
+    get_all_role_permissions,
+    create_role_permission,
+    update_role_permission,
+    soft_delete_role_permission,
+    delete_role_permissions_by_role,
+    check_role_permission,
+    get_permissions_by_category,
+    initialize_default_permissions
+)
+
+
+@pytest.fixture
+def mock_session():
+    """Create mock database session"""
+    mock_session = MagicMock()
+    mock_query = MagicMock()
+    mock_session.query.return_value = mock_query
+    return mock_session, mock_query
+
+
+def test_get_role_permissions_success(monkeypatch, mock_session):
+    """Test successfully retrieving role permissions"""
+    session, query = mock_session
+
+    mock_permission1 = MockRolePermission(
+        role_permission_id=1,
+        user_role="USER",
+        permission_category="KNOWLEDGE_BASE",
+        permission_type="KNOWLEDGE",
+        permission_subtype="READ"
+    )
+    mock_permission2 = MockRolePermission(
+        role_permission_id=2,
+        user_role="USER",
+        permission_category="AGENT_MANAGEMENT",
+        permission_type="AGENT",
+        permission_subtype="READ"
+    )
+
+    mock_filter = MagicMock()
+    mock_filter.all.return_value = [mock_permission1, mock_permission2]
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.role_permission_db.get_db_session", lambda: mock_ctx)
+    monkeypatch.setattr("backend.database.role_permission_db.as_dict", lambda obj: obj.__dict__)
+
+    result = get_role_permissions("USER")
+
+    assert len(result) == 2
+    assert result[0]["user_role"] == "USER"
+    assert result[0]["permission_category"] == "KNOWLEDGE_BASE"
+    assert result[1]["permission_category"] == "AGENT_MANAGEMENT"
+
+
+def test_get_all_role_permissions_success(monkeypatch, mock_session):
+    """Test retrieving all role permissions"""
+    session, query = mock_session
+
+    mock_permission1 = MockRolePermission(user_role="USER")
+    mock_permission2 = MockRolePermission(user_role="ADMIN")
+
+    mock_filter = MagicMock()
+    mock_filter.all.return_value = [mock_permission1, mock_permission2]
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.role_permission_db.get_db_session", lambda: mock_ctx)
+    monkeypatch.setattr("backend.database.role_permission_db.as_dict", lambda obj: obj.__dict__)
+
+    result = get_all_role_permissions()
+
+    assert len(result) == 2
+    assert result[0]["user_role"] == "USER"
+    assert result[1]["user_role"] == "ADMIN"
+
+
+def test_create_role_permission_success(monkeypatch, mock_session):
+    """Test successfully creating role permission"""
+    session, _ = mock_session
+    session.add = MagicMock()
+
+    mock_permission = MockRolePermission()
+    mock_permission.role_permission_id = 123
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.role_permission_db.get_db_session", lambda: mock_ctx)
+
+    from unittest.mock import patch
+    with patch('backend.database.role_permission_db.RolePermission', return_value=mock_permission):
+        result = create_role_permission(
+            user_role="USER",
+            permission_category="KNOWLEDGE_BASE",
+            permission_type="KNOWLEDGE",
+            permission_subtype="READ",
+            created_by="test_user"
+        )
+
+    assert result == 123
+    session.add.assert_called_once_with(mock_permission)
+    session.flush.assert_called_once()
+
+
+def test_update_role_permission_success(monkeypatch, mock_session):
+    """Test successfully updating role permission"""
+    session, query = mock_session
+
+    # Setup query filter().update() chain
+    mock_update = MagicMock()
+    mock_update.return_value = 1  # 1 row affected
+    mock_filter = MagicMock()
+    mock_filter.update = mock_update
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.role_permission_db.get_db_session", lambda: mock_ctx)
+
+    result = update_role_permission(
+        role_permission_id=123,
+        updates={"permission_category": "new_category"},
+        updated_by="test_user"
+    )
+
+    assert result is True
+
+
+def test_soft_delete_role_permission_success(monkeypatch, mock_session):
+    """Test successfully soft deleting role permission"""
+    session, query = mock_session
+
+    # Setup query filter().update() chain
+    mock_update = MagicMock()
+    mock_update.return_value = 1  # 1 row affected
+    mock_filter = MagicMock()
+    mock_filter.update = mock_update
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.role_permission_db.get_db_session", lambda: mock_ctx)
+
+    result = soft_delete_role_permission(role_permission_id=123, updated_by="test_user")
+
+    assert result is True
+
+
+def test_delete_role_permissions_by_role_success(monkeypatch, mock_session):
+    """Test successfully deleting all permissions for a role"""
+    session, query = mock_session
+
+    # Setup query filter().update() chain
+    mock_update = MagicMock()
+    mock_update.return_value = 3  # 3 rows affected
+    mock_filter = MagicMock()
+    mock_filter.update = mock_update
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.role_permission_db.get_db_session", lambda: mock_ctx)
+
+    result = delete_role_permissions_by_role("USER", updated_by="test_user")
+
+    assert result == 3
+
+
+def test_check_role_permission_true(monkeypatch, mock_session):
+    """Test checking role permission - permission exists"""
+    session, query = mock_session
+
+    mock_permission = MockRolePermission()
+
+    # Mock chain: query.filter().filter().filter().filter().first()
+    mock_filter_final = MagicMock()
+    mock_filter_final.first.return_value = mock_permission
+
+    mock_filter3 = MagicMock()
+    mock_filter3.filter.return_value = mock_filter_final
+
+    mock_filter2 = MagicMock()
+    mock_filter2.filter.return_value = mock_filter3
+
+    mock_filter1 = MagicMock()
+    mock_filter1.filter.return_value = mock_filter2
+
+    query.filter.return_value = mock_filter1
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.role_permission_db.get_db_session", lambda: mock_ctx)
+
+    result = check_role_permission(
+        user_role="USER",
+        permission_category="KNOWLEDGE_BASE",
+        permission_type="KNOWLEDGE",
+        permission_subtype="READ"
+    )
+
+    assert result is True
+
+
+def test_check_role_permission_false(monkeypatch, mock_session):
+    """Test checking role permission - permission does not exist"""
+    session, query = mock_session
+
+    # Mock chain: query.filter().filter().filter().filter().first()
+    mock_filter_final = MagicMock()
+    mock_filter_final.first.return_value = None
+
+    mock_filter3 = MagicMock()
+    mock_filter3.filter.return_value = mock_filter_final
+
+    mock_filter2 = MagicMock()
+    mock_filter2.filter.return_value = mock_filter3
+
+    mock_filter1 = MagicMock()
+    mock_filter1.filter.return_value = mock_filter2
+
+    query.filter.return_value = mock_filter1
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.role_permission_db.get_db_session", lambda: mock_ctx)
+
+    result = check_role_permission(
+        user_role="USER",
+        permission_category="NONEXISTENT",
+        permission_type="NONEXISTENT",
+        permission_subtype="NONEXISTENT"
+    )
+
+    assert result is False
+
+
+def test_get_permissions_by_category_success(monkeypatch, mock_session):
+    """Test retrieving permissions by category"""
+    session, query = mock_session
+
+    mock_permission1 = MockRolePermission(
+        role_permission_id=1,
+        user_role="USER",
+        permission_category="KNOWLEDGE_BASE"
+    )
+    mock_permission2 = MockRolePermission(
+        role_permission_id=2,
+        user_role="ADMIN",
+        permission_category="KNOWLEDGE_BASE"
+    )
+
+    mock_filter = MagicMock()
+    mock_filter.all.return_value = [mock_permission1, mock_permission2]
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.role_permission_db.get_db_session", lambda: mock_ctx)
+    monkeypatch.setattr("backend.database.role_permission_db.as_dict", lambda obj: obj.__dict__)
+
+    result = get_permissions_by_category("KNOWLEDGE_BASE")
+
+    assert len(result) == 2
+    assert all(perm["permission_category"] == "KNOWLEDGE_BASE" for perm in result)
+
+
+def test_initialize_default_permissions_success(monkeypatch, mock_session):
+    """Test initializing default permissions"""
+    session, query = mock_session
+
+    # Mock that permissions don't exist yet
+    mock_filter = MagicMock()
+    mock_filter.first.return_value = None
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.role_permission_db.get_db_session", lambda: mock_ctx)
+
+    # Mock create_role_permission to avoid actual creation
+    def mock_create(*args, **kwargs):
+        return 1
+
+    monkeypatch.setattr("backend.database.role_permission_db.create_role_permission", mock_create)
+
+    # Should not raise any exception
+    initialize_default_permissions()
+
+    # Verify create_role_permission was called multiple times for default permissions
+    # (We can't easily count calls with this mock setup, but we can ensure no exception)
+
+
+def test_database_error_handling(monkeypatch, mock_session):
+    """Test database error handling"""
+    session, query = mock_session
+    query.filter.side_effect = MockSQLAlchemyError("Database error")
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.role_permission_db.get_db_session", lambda: mock_ctx)
+
+    with pytest.raises(MockSQLAlchemyError, match="Database error"):
+        get_role_permissions("USER")
+
+
+def test_create_role_permission_with_none_fields(monkeypatch, mock_session):
+    """Test creating role permission with None fields"""
+    session, _ = mock_session
+    session.add = MagicMock()
+
+    mock_permission = MockRolePermission()
+    mock_permission.role_permission_id = 123
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.role_permission_db.get_db_session", lambda: mock_ctx)
+
+    from unittest.mock import patch
+    with patch('backend.database.role_permission_db.RolePermission', return_value=mock_permission):
+        result = create_role_permission(
+            user_role="USER",
+            permission_category=None,
+            permission_type=None,
+            permission_subtype=None,
+            created_by="test_user"
+        )
+
+    assert result == 123
+    session.add.assert_called_once_with(mock_permission)
+
+
+def test_check_role_permission_partial_match(monkeypatch, mock_session):
+    """Test checking role permission with partial criteria"""
+    session, query = mock_session
+
+    mock_permission = MockRolePermission()
+
+    # Mock filter chain for partial matching
+    mock_filter1 = MagicMock()
+    mock_filter2 = MagicMock()
+    mock_filter3 = MagicMock()
+    mock_filter3.first.return_value = mock_permission
+
+    query.filter.return_value = mock_filter1
+    mock_filter1.filter.return_value = mock_filter2
+    mock_filter2.filter.return_value = mock_filter3
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.role_permission_db.get_db_session", lambda: mock_ctx)
+
+    result = check_role_permission(
+        user_role="USER",
+        permission_category="KNOWLEDGE_BASE"
+        # Only checking category, not type or subtype
+    )
+
+    assert result is True
diff --git a/test/backend/database/test_user_tenant_db.py b/test/backend/database/test_user_tenant_db.py
index 305eb3806..f78cd7a34 100644
--- a/test/backend/database/test_user_tenant_db.py
+++ b/test/backend/database/test_user_tenant_db.py
@@ -29,10 +29,14 @@
 utils_mock = MagicMock()
 utils_mock.auth_utils = MagicMock()
 utils_mock.auth_utils.get_current_user_id_from_token = MagicMock(return_value="test_user_id")
+utils_mock.str_utils = MagicMock()
+utils_mock.str_utils.convert_list_to_string = MagicMock(
+    side_effect=lambda x: ",".join(str(i) for i in x) if x else "")
 
 # Add the mocked utils module to sys.modules
 sys.modules['utils'] = utils_mock
 sys.modules['utils.auth_utils'] = utils_mock.auth_utils
+sys.modules['utils.str_utils'] = utils_mock.str_utils
 
 # Provide a stub for the `boto3` module so that it can be imported safely even
 # if the testing environment does not have it available.
@@ -75,6 +79,8 @@ class MockUserTenant:
     def __init__(self):
         self.user_id = "test_user_id"
         self.tenant_id = "test_tenant_id"
+        self.group_ids = "1,2,3"  # New field
+        self.user_role = "USER"  # New field with correct role value
         self.delete_flag = "N"
         self.created_by = "test_user_id"
         self.updated_by = "test_user_id"
@@ -83,6 +89,8 @@ def __init__(self):
         self.__dict__ = {
             "user_id": "test_user_id",
             "tenant_id": "test_tenant_id",
+            "group_ids": "1,2,3",
+            "user_role": "USER",
             "delete_flag": "N",
             "created_by": "test_user_id",
             "updated_by": "test_user_id",
@@ -102,57 +110,59 @@ def test_get_user_tenant_by_user_id_success(monkeypatch, mock_session):
     """Test successful retrieval of user tenant relationship by user ID"""
     session, query = mock_session
     mock_user_tenant = MockUserTenant()
-    
+
     mock_first = MagicMock()
     mock_first.return_value = mock_user_tenant
     mock_filter = MagicMock()
     mock_filter.first = mock_first
     query.filter.return_value = mock_filter
-    
+
     mock_ctx = MagicMock()
     mock_ctx.__enter__.return_value = session
     mock_ctx.__exit__.return_value = None
     monkeypatch.setattr("backend.database.user_tenant_db.get_db_session", lambda: mock_ctx)
     monkeypatch.setattr("backend.database.user_tenant_db.as_dict", lambda obj: obj.__dict__)
-    
+
     result = get_user_tenant_by_user_id("test_user_id")
-    
+
     assert result is not None
     assert result["user_id"] == "test_user_id"
     assert result["tenant_id"] == "test_tenant_id"
+    assert result["group_ids"] == "1,2,3"
+    assert result["user_role"] == "USER"
     assert result["delete_flag"] == "N"
 
 def test_get_user_tenant_by_user_id_not_found(monkeypatch, mock_session):
     """Test retrieval of user tenant relationship when record does not exist"""
     session, query = mock_session
-    
+
     mock_first = MagicMock()
     mock_first.return_value = None
     mock_filter = MagicMock()
     mock_filter.first = mock_first
     query.filter.return_value = mock_filter
-    
+
     mock_ctx = MagicMock()
     mock_ctx.__enter__.return_value = session
     mock_ctx.__exit__.return_value = None
     monkeypatch.setattr("backend.database.user_tenant_db.get_db_session", lambda: mock_ctx)
-    
+
     result = get_user_tenant_by_user_id("nonexistent_user_id")
-    
+
     assert result is None
 
 def test_get_user_tenant_by_user_id_database_error(monkeypatch, mock_session):
     """Test database error when retrieving user tenant relationship - exception should propagate"""
     from sqlalchemy.exc import SQLAlchemyError
-    
+
     session, query = mock_session
     query.filter.side_effect = SQLAlchemyError("Database error")
-    
+
     mock_ctx = MagicMock()
     mock_ctx.__enter__.return_value = session
     mock_ctx.__exit__.return_value = None
     monkeypatch.setattr("backend.database.user_tenant_db.get_db_session", lambda: mock_ctx)
-    
+
     # Should raise SQLAlchemyError
     with pytest.raises(SQLAlchemyError):
         get_user_tenant_by_user_id("test_user_id")
@@ -161,31 +171,31 @@ def test_insert_user_tenant_success(monkeypatch, mock_session):
     """Test successful insertion of user tenant relationship"""
     session, _ = mock_session
     session.add = MagicMock()
-    
+
     mock_ctx = MagicMock()
     mock_ctx.__enter__.return_value = session
     mock_ctx.__exit__.return_value = None
     monkeypatch.setattr("backend.database.user_tenant_db.get_db_session", lambda: mock_ctx)
     monkeypatch.setattr("backend.database.user_tenant_db.UserTenant", lambda **kwargs: MagicMock())
-    
+
     # Should not raise any exception
     insert_user_tenant("test_user_id", "test_tenant_id")
-    
+
     session.add.assert_called_once()
 
 def test_insert_user_tenant_failure(monkeypatch, mock_session):
     """Test failure of user tenant relationship insertion - exception should propagate"""
     from sqlalchemy.exc import SQLAlchemyError
-    
+
     session, _ = mock_session
     session.add = MagicMock(side_effect=SQLAlchemyError("Database error"))
-    
+
     mock_ctx = MagicMock()
     mock_ctx.__enter__.return_value = session
     mock_ctx.__exit__.return_value = None
     monkeypatch.setattr("backend.database.user_tenant_db.get_db_session", lambda: mock_ctx)
     monkeypatch.setattr("backend.database.user_tenant_db.UserTenant", lambda **kwargs: MagicMock())
-    
+
     # Should raise SQLAlchemyError
     with pytest.raises(SQLAlchemyError):
         insert_user_tenant("test_user_id", "test_tenant_id")
@@ -194,51 +204,54 @@ def test_insert_user_tenant_with_empty_user_id(monkeypatch, mock_session):
     """Test insertion of user tenant relationship with empty user ID"""
     session, _ = mock_session
     session.add = MagicMock()
-    
+
     mock_ctx = MagicMock()
     mock_ctx.__enter__.return_value = session
     mock_ctx.__exit__.return_value = None
     monkeypatch.setattr("backend.database.user_tenant_db.get_db_session", lambda: mock_ctx)
-    
+
     # Mock UserTenant constructor to capture the arguments
     mock_user_tenant_instance = MagicMock()
     mock_user_tenant_constructor = MagicMock(return_value=mock_user_tenant_instance)
     monkeypatch.setattr("backend.database.user_tenant_db.UserTenant", mock_user_tenant_constructor)
-    
+
     # Should not raise any exception
     insert_user_tenant("", "test_tenant_id")
-    
+
     # Verify UserTenant was called with correct parameters
     mock_user_tenant_constructor.assert_called_once_with(
         user_id="",
         tenant_id="test_tenant_id",
+        user_role="USER",
         created_by="",
         updated_by=""
     )
     session.add.assert_called_once_with(mock_user_tenant_instance)
 
+
 def test_insert_user_tenant_with_empty_tenant_id(monkeypatch, mock_session):
     """Test insertion of user tenant relationship with empty tenant ID"""
     session, _ = mock_session
     session.add = MagicMock()
-    
+
     mock_ctx = MagicMock()
     mock_ctx.__enter__.return_value = session
     mock_ctx.__exit__.return_value = None
     monkeypatch.setattr("backend.database.user_tenant_db.get_db_session", lambda: mock_ctx)
-    
+
     # Mock UserTenant constructor to capture the arguments
     mock_user_tenant_instance = MagicMock()
     mock_user_tenant_constructor = MagicMock(return_value=mock_user_tenant_instance)
     monkeypatch.setattr("backend.database.user_tenant_db.UserTenant", mock_user_tenant_constructor)
-    
+
     # Should not raise any exception
     insert_user_tenant("test_user_id", "")
-    
+
     # Verify UserTenant was called with correct parameters
     mock_user_tenant_constructor.assert_called_once_with(
         user_id="test_user_id",
         tenant_id="",
+        user_role="USER",
         created_by="test_user_id",
         updated_by="test_user_id"
     )
@@ -248,10 +261,10 @@ def test_insert_user_tenant_with_empty_tenant_id(monkeypatch, mock_session):
 def test_user_tenant_lifecycle(monkeypatch, mock_session):
     """Test complete user tenant lifecycle: insert and then retrieve"""
     session, query = mock_session
-    
+
     # Mock database operations for insertion
     session.add = MagicMock()
-    
+
     # Mock database operations for retrieval
     mock_user_tenant = MockUserTenant()
     mock_first = MagicMock()
@@ -259,48 +272,50 @@ def test_user_tenant_lifecycle(monkeypatch, mock_session):
     mock_filter = MagicMock()
     mock_filter.first = mock_first
     query.filter.return_value = mock_filter
-    
+
     # Create a proper mock UserTenant class with attributes
     mock_user_tenant_class = MagicMock()
     mock_user_tenant_class.user_id = MagicMock()
     mock_user_tenant_class.delete_flag = MagicMock()
-    
+
     mock_ctx = MagicMock()
     mock_ctx.__enter__.return_value = session
     mock_ctx.__exit__.return_value = None
     monkeypatch.setattr("backend.database.user_tenant_db.get_db_session", lambda: mock_ctx)
     monkeypatch.setattr("backend.database.user_tenant_db.UserTenant", mock_user_tenant_class)
     monkeypatch.setattr("backend.database.user_tenant_db.as_dict", lambda obj: obj.__dict__)
-    
+
     # 1. Insert user tenant relationship - should not raise exception
     insert_user_tenant("test_user_id", "test_tenant_id")
     session.add.assert_called_once()
-    
+
     # 2. Retrieve user tenant relationship
     result = get_user_tenant_by_user_id("test_user_id")
     assert result is not None
     assert result["user_id"] == "test_user_id"
     assert result["tenant_id"] == "test_tenant_id"
+    assert result["group_ids"] == "1,2,3"
+    assert result["user_role"] == "USER"
     assert result["delete_flag"] == "N"
 
 def test_get_user_tenant_by_user_id_with_deleted_record(monkeypatch, mock_session):
     """Test retrieval of user tenant relationship when record is marked as deleted"""
     session, query = mock_session
-    
+
     # Mock a deleted record (should not be returned)
     mock_first = MagicMock()
     mock_first.return_value = None  # Filter should exclude deleted records
     mock_filter = MagicMock()
     mock_filter.first = mock_first
     query.filter.return_value = mock_filter
-    
+
     mock_ctx = MagicMock()
     mock_ctx.__enter__.return_value = session
     mock_ctx.__exit__.return_value = None
     monkeypatch.setattr("backend.database.user_tenant_db.get_db_session", lambda: mock_ctx)
-    
+
     result = get_user_tenant_by_user_id("deleted_user_id")
-    
+
     assert result is None
     # Verify that the filter was called with correct conditions
     query.filter.assert_called_once()
@@ -309,17 +324,17 @@ def test_get_user_tenant_by_user_id_with_deleted_record(monkeypatch, mock_sessio
 def test_get_all_tenant_ids_empty_database(monkeypatch, mock_session):
     """Test get_all_tenant_ids when database is empty - should return only DEFAULT_TENANT_ID"""
     session, query = mock_session
-    
+
     # Mock empty database result
     query.filter.return_value.distinct.return_value.all.return_value = []
-    
+
     mock_ctx = MagicMock()
     mock_ctx.__enter__.return_value = session
     mock_ctx.__exit__.return_value = None
     monkeypatch.setattr("backend.database.user_tenant_db.get_db_session", lambda: mock_ctx)
-    
+
     result = get_all_tenant_ids()
-    
+
     assert result == ["default_tenant"]  # DEFAULT_TENANT_ID from consts_mock
     assert len(result) == 1
 
@@ -327,7 +342,7 @@ def test_get_all_tenant_ids_empty_database(monkeypatch, mock_session):
 def test_get_all_tenant_ids_with_existing_tenants(monkeypatch, mock_session):
     """Test get_all_tenant_ids with existing tenants - should include all plus DEFAULT_TENANT_ID"""
     session, query = mock_session
-    
+
     # Mock database result with existing tenants
     mock_tenants = [
         ("tenant_1",),
@@ -335,14 +350,14 @@ def test_get_all_tenant_ids_with_existing_tenants(monkeypatch, mock_session):
         ("tenant_3",)
     ]
     query.filter.return_value.distinct.return_value.all.return_value = mock_tenants
-    
+
     mock_ctx = MagicMock()
     mock_ctx.__enter__.return_value = session
     mock_ctx.__exit__.return_value = None
     monkeypatch.setattr("backend.database.user_tenant_db.get_db_session", lambda: mock_ctx)
-    
+
     result = get_all_tenant_ids()
-    
+
     assert len(result) == 4  # 3 existing + 1 default
     assert "tenant_1" in result
     assert "tenant_2" in result
diff --git a/test/backend/utils/test_str_utils.py b/test/backend/utils/test_str_utils.py
index a66487d93..a5429f80e 100644
--- a/test/backend/utils/test_str_utils.py
+++ b/test/backend/utils/test_str_utils.py
@@ -1,5 +1,5 @@
 import pytest
-from backend.utils.str_utils import remove_think_blocks
+from backend.utils.str_utils import remove_think_blocks, convert_list_to_string
 
 
 class TestStrUtils:
@@ -8,6 +8,7 @@ class TestStrUtils:
     def setup_method(self):
         """Setup before each test method"""
         self.remove_think_blocks = remove_think_blocks
+        self.convert_list_to_string = convert_list_to_string
 
     def test_remove_think_blocks_no_tags(self):
         """Text without any think tags remains unchanged"""
@@ -63,6 +64,36 @@ def test_remove_think_blocks_case_insensitive(self):
         result = self.remove_think_blocks(text)
         assert result == " tags"
 
+    def test_convert_list_to_string_none_input(self):
+        """None input should return empty string"""
+        result = self.convert_list_to_string(None)
+        assert result == ""
+
+    def test_convert_list_to_string_empty_list(self):
+        """Empty list should return empty string"""
+        result = self.convert_list_to_string([])
+        assert result == ""
+
+    def test_convert_list_to_string_single_item(self):
+        """Single item list should return single item as string"""
+        result = self.convert_list_to_string([42])
+        assert result == "42"
+
+    def test_convert_list_to_string_multiple_items(self):
+        """Multiple items should be joined with commas"""
+        result = self.convert_list_to_string([1, 2, 3])
+        assert result == "1,2,3"
+
+    def test_convert_list_to_string_mixed_types(self):
+        """List with mixed integer types should work correctly"""
+        result = self.convert_list_to_string([1, 2, 3, 10])
+        assert result == "1,2,3,10"
+
+    def test_convert_list_to_string_zero_and_negative(self):
+        """Zero and negative numbers should be handled correctly"""
+        result = self.convert_list_to_string([0, -1, 5])
+        assert result == "0,-1,5"
+
 
 if __name__ == "__main__":
     pytest.main()

From 2405b03503148830d96b193c3677a2e36eaafb11 Mon Sep 17 00:00:00 2001
From: zhizhi <928570418@qq.com>
Date: Fri, 9 Jan 2026 21:28:39 +0800
Subject: [PATCH 03/38] =?UTF-8?q?=E2=9C=A8Added=20ModelEngine=20ENV=20Conf?=
 =?UTF-8?q?ig?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 backend/consts/const.py                       |  14 +-
 backend/services/config_sync_service.py       |   3 +-
 backend/services/model_provider_service.py    |   3 -
 docker/.env.example                           |   2 -
 docker/deploy.sh                              |   2 +-
 frontend/app/[locale]/layout.tsx              |  25 ++-
 .../models/components/modelConfig.tsx         | 113 +++++-----
 frontend/hooks/useConfig.ts                   |  27 ++-
 frontend/lib/config.ts                        | 209 ++++++++++--------
 frontend/server.js                            |  88 ++++----
 frontend/services/api.ts                      |   3 +
 frontend/services/configService.ts            |  32 +--
 frontend/types/modelConfig.ts                 |   2 +-
 13 files changed, 293 insertions(+), 230 deletions(-)

diff --git a/backend/consts/const.py b/backend/consts/const.py
index 7fd0e0098..a0039e196 100644
--- a/backend/consts/const.py
+++ b/backend/consts/const.py
@@ -16,11 +16,6 @@ class VectorDatabaseType(str, Enum):
     ELASTICSEARCH = "elasticsearch"
 
 
-# ModelEngine Configuration
-MODEL_ENGINE_HOST = os.getenv('MODEL_ENGINE_HOST')
-MODEL_ENGINE_APIKEY = os.getenv('MODEL_ENGINE_APIKEY')
-
-
 # Elasticsearch Configuration
 ES_HOST = os.getenv("ELASTICSEARCH_HOST")
 ES_API_KEY = os.getenv("ELASTICSEARCH_API_KEY")
@@ -129,8 +124,10 @@ class VectorDatabaseType(str, Enum):
 DISABLE_CELERY_FLOWER = os.getenv(
     "DISABLE_CELERY_FLOWER", "false").lower() == "true"
 DOCKER_ENVIRONMENT = os.getenv("DOCKER_ENVIRONMENT", "false").lower() == "true"
-NEXENT_MCP_DOCKER_IMAGE = os.getenv("NEXENT_MCP_DOCKER_IMAGE", "nexent/nexent-mcp:latest")
-ENABLE_UPLOAD_IMAGE = os.getenv("ENABLE_UPLOAD_IMAGE", "false").lower() == "true"
+NEXENT_MCP_DOCKER_IMAGE = os.getenv(
+    "NEXENT_MCP_DOCKER_IMAGE", "nexent/nexent-mcp:latest")
+ENABLE_UPLOAD_IMAGE = os.getenv(
+    "ENABLE_UPLOAD_IMAGE", "false").lower() == "true"
 
 
 # Celery Configuration
@@ -286,5 +283,8 @@ class VectorDatabaseType(str, Enum):
 DEFAULT_EN_TITLE = "New Conversation"
 
 
+# Model Engine Configuration
+MODEL_ENGINE_ENABLED = os.getenv("MODEL_ENGINE_ENABLED")
+
 # APP Version
 APP_VERSION = "v1.7.9.1"
diff --git a/backend/services/config_sync_service.py b/backend/services/config_sync_service.py
index 54b477a0e..464f3ab11 100644
--- a/backend/services/config_sync_service.py
+++ b/backend/services/config_sync_service.py
@@ -49,7 +49,8 @@ def handle_model_config(tenant_id: str, user_id: str, config_key: str, model_id:
         return
 
     current_model_id = tenant_config_dict.get(config_key)
-    current_model_id = int(current_model_id) if str(current_model_id).isdigit() else None
+    current_model_id = int(current_model_id) if str(
+        current_model_id).isdigit() else None
 
     if current_model_id == model_id:
         tenant_config_manager.update_single_config(tenant_id, config_key)
diff --git a/backend/services/model_provider_service.py b/backend/services/model_provider_service.py
index 24fb5bc16..3e67a804f 100644
--- a/backend/services/model_provider_service.py
+++ b/backend/services/model_provider_service.py
@@ -9,12 +9,9 @@
     DEFAULT_LLM_MAX_TOKENS,
     DEFAULT_EXPECTED_CHUNK_SIZE,
     DEFAULT_MAXIMUM_CHUNK_SIZE,
-    MODEL_ENGINE_HOST,
-    MODEL_ENGINE_APIKEY,
 )
 from consts.model import ModelConnectStatusEnum, ModelRequest
 from consts.provider import SILICON_GET_URL, ProviderEnum
-from consts.exceptions import TimeoutException
 from database.model_management_db import get_models_by_tenant_factory_type
 from services.model_health_service import embedding_dimension_check
 from utils.model_name_utils import split_repo_name, add_repo_to_name
diff --git a/docker/.env.example b/docker/.env.example
index 04a9cfa5a..bd1ad2ee5 100644
--- a/docker/.env.example
+++ b/docker/.env.example
@@ -71,8 +71,6 @@ REDIS_BACKEND_URL=redis://redis:6379/1
 
 # Model Engine Config
 MODEL_ENGINE_ENABLED=false
-MODEL_ENGINE_HOST=""
-MODEL_ENGINE_API_KEY=""
 
 # Supabase Config
 DASHBOARD_USERNAME=supabase
diff --git a/docker/deploy.sh b/docker/deploy.sh
index 2545bf2dc..b149b1cd9 100755
--- a/docker/deploy.sh
+++ b/docker/deploy.sh
@@ -916,7 +916,7 @@ main_deploy() {
   echo "--------------------------------"
   echo ""
 
-  APP_VERSION="$(get_app_version)"
+  APP_VERSION="latest"
   if [ -z "$APP_VERSION" ]; then
     echo "❌ Failed to get app version, please check the backend/consts/const.py file"
     exit 1
diff --git a/frontend/app/[locale]/layout.tsx b/frontend/app/[locale]/layout.tsx
index 26a6f9d6b..638cbc530 100644
--- a/frontend/app/[locale]/layout.tsx
+++ b/frontend/app/[locale]/layout.tsx
@@ -19,9 +19,9 @@ export async function generateMetadata(props: {
   params: Promise<{ locale?: string }>;
 }): Promise<Metadata> {
   const { locale } = await props.params;
-  const resolvedLocale = (["zh", "en"].includes(locale ?? "")
-    ? locale
-    : "zh") as "zh" | "en";
+  const resolvedLocale = (
+    ["zh", "en"].includes(locale ?? "") ? locale : "zh"
+  ) as "zh" | "en";
   let messages: any = {};
 
   if (["zh", "en"].includes(resolvedLocale)) {
@@ -65,9 +65,12 @@ export default async function RootLayout({
   params: Promise<{ locale?: string }>;
 }) {
   const { locale } = await params;
-  const resolvedLocale = (["zh", "en"].includes(locale ?? "")
-    ? locale
-    : "zh") as "zh" | "en";
+  const resolvedLocale = (
+    ["zh", "en"].includes(locale ?? "") ? locale : "zh"
+  ) as "zh" | "en";
+
+  // 获取环境变量
+  const modelEngineEnabled = process.env.MODEL_ENGINE_ENABLED || "true";
 
   return (
     <html lang={resolvedLocale} suppressHydrationWarning>
@@ -82,6 +85,16 @@ export default async function RootLayout({
             <RootProvider>{children}</RootProvider>
           </I18nProviderWrapper>
         </NextThemesProvider>
+        <script
+          dangerouslySetInnerHTML={{
+            __html: `
+              window.__ENV__ = {
+                MODEL_ENGINE_ENABLED: "${modelEngineEnabled}"
+              };
+              console.log("Client: window.__ENV__ =", window.__ENV__);
+            `,
+          }}
+        />
       </body>
     </html>
   );
diff --git a/frontend/app/[locale]/models/components/modelConfig.tsx b/frontend/app/[locale]/models/components/modelConfig.tsx
index e07aa502e..7fbad2e3c 100644
--- a/frontend/app/[locale]/models/components/modelConfig.tsx
+++ b/frontend/app/[locale]/models/components/modelConfig.tsx
@@ -1,13 +1,15 @@
-import { forwardRef, useEffect, useImperativeHandle, useState, useRef, ReactNode } from 'react'
-import { useTranslation } from 'react-i18next'
-
-import { Button, Card, Col, Row, Space, App } from 'antd'
-import { 
-  Plus,
-  ShieldCheck,
-  RefreshCw,
-  PenLine
-} from "lucide-react";
+import {
+  forwardRef,
+  useEffect,
+  useImperativeHandle,
+  useState,
+  useRef,
+  ReactNode,
+} from "react";
+import { useTranslation } from "react-i18next";
+
+import { Button, Card, Col, Row, Space, App } from "antd";
+import { Plus, ShieldCheck, RefreshCw, PenLine } from "lucide-react";
 
 import {
   MODEL_TYPES,
@@ -16,10 +18,10 @@ import {
   CARD_THEMES,
 } from "@/const/modelConfig";
 import { useConfig } from "@/hooks/useConfig";
+import { configStore } from "@/lib/config";
 import { modelService } from "@/services/modelService";
 import { configService } from "@/services/configService";
 import { ModelOption, ModelType } from "@/types/modelConfig";
-import { configStore } from "@/lib/config";
 import log from "@/lib/logger";
 
 import { ModelListCard } from "./model/ModelListCard";
@@ -34,9 +36,7 @@ type ModelConnectStatus = (typeof MODEL_STATUS)[keyof typeof MODEL_STATUS];
 const getModelData = (t: any) => ({
   llm: {
     title: t("modelConfig.category.llm"),
-    options: [
-      { id: "main", name: t('modelConfig.option.mainModel') },
-    ],
+    options: [{ id: "main", name: t("modelConfig.option.mainModel") }],
   },
   embedding: {
     title: t("modelConfig.category.embedding"),
@@ -97,13 +97,17 @@ export const ModelConfigSection = forwardRef<
   const { message } = App.useApp();
   const { skipVerification = false, canAccessProtectedData = false } = props;
   const { modelConfig, updateModelConfig } = useConfig();
+  const modelEngineEnable =
+    (typeof window !== "undefined" && window.__ENV__?.MODEL_ENGINE_ENABLED) ===
+    "true";
   const modelData = getModelData(t);
   const { confirm } = useConfirmModal();
 
   // State management
   const [models, setModels] = useState<ModelOption[]>([]);
   const [isAddModalOpen, setIsAddModalOpen] = useState(false);
-  const [addModalDefaultIsBatch, setAddModalDefaultIsBatch] = useState<boolean>(false);
+  const [addModalDefaultIsBatch, setAddModalDefaultIsBatch] =
+    useState<boolean>(false);
   const [isDeleteModalOpen, setIsDeleteModalOpen] = useState(false);
   const [isVerifying, setIsVerifying] = useState(false);
 
@@ -267,7 +271,6 @@ export const ModelConfigSection = forwardRef<
           )
         : true;
 
-
       const embedding = modelConfig.embedding.displayName;
       const embeddingExists = embedding
         ? allModels.some(
@@ -348,7 +351,6 @@ export const ModelConfigSection = forwardRef<
         };
       }
 
-
       if (!embeddingExists && embedding) {
         configUpdates.embedding = {
           modelName: "",
@@ -453,12 +455,7 @@ export const ModelConfigSection = forwardRef<
       const hasStt = !!modelConfig.stt.modelName;
 
       hasSelectedModels =
-        hasLlmMain ||
-        hasEmbedding ||
-        hasReranker ||
-        hasVlm ||
-        hasTts ||
-        hasStt;
+        hasLlmMain || hasEmbedding || hasReranker || hasVlm || hasTts || hasStt;
 
       if (hasSelectedModels) {
         // Override current selected models with models from configuration
@@ -739,7 +736,7 @@ export const ModelConfigSection = forwardRef<
       if (configKey === "embedding" || configKey === "multiEmbedding") {
         configUpdate[configKey].dimension = modelInfo?.maxTokens || 0;
       }
-    };
+    }
 
     // embedding needs dimension field
     if (configKey === "embedding" || configKey === "multiEmbedding") {
@@ -842,26 +839,34 @@ export const ModelConfigSection = forwardRef<
           }}
         >
           <Row gutter={[8, 8]} style={{ width: "100%" }}>
-            <Col xs={24} sm={12} md={6} lg={6} xl={6}>
-              <Button 
-                type="primary" 
-                size="middle" 
-                onClick={handleSyncModels}
-                style={{ width: "100%" }}
-                block
-              >
-                <RefreshCw className="mr-1" size={16} />
-                <span style={{ marginLeft: 4 }}>
-                  <span className="hidden xl:inline button-text-full">
-                    {t("modelConfig.button.syncModelEngine")}
-                  </span>
-                  <span className="xl:hidden button-text-short">
-                    {t("modelConfig.button.sync")}
+            {modelEngineEnable && (
+              <Col xs={24} sm={12} md={6} lg={6} xl={6}>
+                <Button
+                  type="primary"
+                  size="middle"
+                  onClick={handleSyncModels}
+                  style={{ width: "100%" }}
+                  block
+                >
+                  <RefreshCw className="mr-1" size={16} />
+                  <span style={{ marginLeft: 4 }}>
+                    <span className="hidden xl:inline button-text-full">
+                      {t("modelConfig.button.syncModelEngine")}
+                    </span>
+                    <span className="xl:hidden button-text-short">
+                      {t("modelConfig.button.sync")}
+                    </span>
                   </span>
-                </span>
-              </Button>
-            </Col>
-            <Col xs={24} sm={12} md={6} lg={6} xl={6}>
+                </Button>
+              </Col>
+            )}
+            <Col
+              xs={24}
+              sm={12}
+              md={modelEngineEnable ? 6 : 8}
+              lg={modelEngineEnable ? 6 : 8}
+              xl={modelEngineEnable ? 6 : 8}
+            >
               <Button
                 type="primary"
                 size="middle"
@@ -881,7 +886,13 @@ export const ModelConfigSection = forwardRef<
                 </span>
               </Button>
             </Col>
-            <Col xs={24} sm={12} md={6} lg={6} xl={6}>
+            <Col
+              xs={24}
+              sm={12}
+              md={modelEngineEnable ? 6 : 8}
+              lg={modelEngineEnable ? 6 : 8}
+              xl={modelEngineEnable ? 6 : 8}
+            >
               <Button
                 type="primary"
                 size="middle"
@@ -1003,11 +1014,11 @@ export const ModelConfigSection = forwardRef<
                               ? MODEL_TYPES.TTS
                               : MODEL_TYPES.STT
                             : key === "multimodal"
-                            ? MODEL_TYPES.VLM
-                            : key === MODEL_TYPES.EMBEDDING &&
-                              option.id === MODEL_TYPES.MULTI_EMBEDDING
-                            ? MODEL_TYPES.MULTI_EMBEDDING
-                            : (key as ModelType)
+                              ? MODEL_TYPES.VLM
+                              : key === MODEL_TYPES.EMBEDDING &&
+                                  option.id === MODEL_TYPES.MULTI_EMBEDDING
+                                ? MODEL_TYPES.MULTI_EMBEDDING
+                                : (key as ModelType)
                         }
                         modelId={option.id}
                         modelTypeName={option.name}
@@ -1053,9 +1064,7 @@ export const ModelConfigSection = forwardRef<
           }}
           models={models}
         />
-
-
       </div>
     </>
   );
-});
\ No newline at end of file
+});
diff --git a/frontend/hooks/useConfig.ts b/frontend/hooks/useConfig.ts
index b676b6f69..935dffabb 100644
--- a/frontend/hooks/useConfig.ts
+++ b/frontend/hooks/useConfig.ts
@@ -1,10 +1,10 @@
-'use client';
+"use client";
 
-import { useState, useCallback, useEffect } from 'react';
+import { useState, useCallback, useEffect } from "react";
 
-import { GlobalConfig, AppConfig, ModelConfig } from '@/types/modelConfig';
-import { ConfigStore } from '@/lib/config';
-import { getAvatarUrl } from '@/lib/avatar';
+import { GlobalConfig, AppConfig, ModelConfig } from "@/types/modelConfig";
+import { ConfigStore } from "@/lib/config";
+import { getAvatarUrl } from "@/lib/avatar";
 
 const configStore = ConfigStore.getInstance();
 
@@ -18,9 +18,9 @@ export function useConfig() {
       setConfig(newConfig);
     };
 
-    window.addEventListener('configChanged', handleConfigChanged);
+    window.addEventListener("configChanged", handleConfigChanged);
     return () => {
-      window.removeEventListener('configChanged', handleConfigChanged);
+      window.removeEventListener("configChanged", handleConfigChanged);
     };
   }, []);
 
@@ -54,9 +54,12 @@ export function useConfig() {
   }, []);
 
   // Get avatar URL
-  const getAppAvatarUrl = useCallback((size?: number) => {
-    return getAvatarUrl(config.app, size);
-  }, [config.app]);
+  const getAppAvatarUrl = useCallback(
+    (size?: number) => {
+      return getAvatarUrl(config.app, size);
+    },
+    [config.app]
+  );
 
   return {
     config,
@@ -69,6 +72,6 @@ export function useConfig() {
     appConfig: config.app,
     modelConfig: config.models,
     // Avatar related functionality
-    getAppAvatarUrl
+    getAppAvatarUrl,
   };
-} 
\ No newline at end of file
+}
diff --git a/frontend/lib/config.ts b/frontend/lib/config.ts
index c8fbb6724..f13bdd44d 100644
--- a/frontend/lib/config.ts
+++ b/frontend/lib/config.ts
@@ -1,7 +1,11 @@
-'use client';
+"use client";
 
-import { GlobalConfig, AppConfig, ModelConfig } from '../types/modelConfig';
-import { APP_CONFIG_KEY, MODEL_CONFIG_KEY, defaultConfig } from '../const/modelConfig';
+import { GlobalConfig, AppConfig, ModelConfig } from "../types/modelConfig";
+import {
+  APP_CONFIG_KEY,
+  MODEL_CONFIG_KEY,
+  defaultConfig,
+} from "../const/modelConfig";
 import log from "@/lib/logger";
 
 class ConfigStoreClass {
@@ -18,7 +22,7 @@ class ConfigStoreClass {
     this.updateModelConfig = this.updateModelConfig.bind(this);
     this.clearConfig = this.clearConfig.bind(this);
     this.reloadFromStorage = this.reloadFromStorage.bind(this);
-    
+
     // Initialize config
     this.initializeConfig();
   }
@@ -34,7 +38,7 @@ class ConfigStoreClass {
     try {
       this.config = this.loadFromStorage();
     } catch (error) {
-      log.error('Failed to initialize config:', error);
+      log.error("Failed to initialize config:", error);
       this.config = JSON.parse(JSON.stringify(defaultConfig));
     }
   }
@@ -43,14 +47,18 @@ class ConfigStoreClass {
   private deepMerge<T>(target: T, source: Partial<T>): T {
     if (!source) return target;
     if (!target) return source as T;
-    
+
     const result = { ...target } as T;
-    
-    Object.keys(source).forEach(key => {
+
+    Object.keys(source).forEach((key) => {
       const targetValue = (target as any)[key];
       const sourceValue = (source as any)[key];
-      
-      if (sourceValue && typeof sourceValue === 'object' && !Array.isArray(sourceValue)) {
+
+      if (
+        sourceValue &&
+        typeof sourceValue === "object" &&
+        !Array.isArray(sourceValue)
+      ) {
         // If target has no value for this key, use source value directly
         if (targetValue !== undefined && targetValue !== null) {
           (result as any)[key] = this.deepMerge(targetValue, sourceValue);
@@ -61,7 +69,7 @@ class ConfigStoreClass {
         (result as any)[key] = sourceValue;
       }
     });
-    
+
     return result;
   }
 
@@ -69,7 +77,7 @@ class ConfigStoreClass {
   private loadFromStorage(): GlobalConfig {
     try {
       // Check if we're in browser environment
-      if (typeof window === 'undefined') {
+      if (typeof window === "undefined") {
         return JSON.parse(JSON.stringify(defaultConfig));
       }
 
@@ -77,21 +85,31 @@ class ConfigStoreClass {
       const storedModelConfig = localStorage.getItem(MODEL_CONFIG_KEY);
 
       // Start with default configuration
-      let mergedConfig: GlobalConfig = JSON.parse(JSON.stringify(defaultConfig));
+      let mergedConfig: GlobalConfig = JSON.parse(
+        JSON.stringify(defaultConfig)
+      );
 
       // Check for old configuration format and migrate if found
-      const oldConfig = localStorage.getItem('config');
+      const oldConfig = localStorage.getItem("config");
       if (oldConfig) {
         try {
           const parsedOldConfig = JSON.parse(oldConfig);
           // Migrate old config to new format
-          if (parsedOldConfig.app) localStorage.setItem(APP_CONFIG_KEY, JSON.stringify(parsedOldConfig.app));
-          if (parsedOldConfig.models) localStorage.setItem(MODEL_CONFIG_KEY, JSON.stringify(parsedOldConfig.models));
-          
+          if (parsedOldConfig.app)
+            localStorage.setItem(
+              APP_CONFIG_KEY,
+              JSON.stringify(parsedOldConfig.app)
+            );
+          if (parsedOldConfig.models)
+            localStorage.setItem(
+              MODEL_CONFIG_KEY,
+              JSON.stringify(parsedOldConfig.models)
+            );
+
           // Remove old config
-          localStorage.removeItem('config');
+          localStorage.removeItem("config");
         } catch (error) {
-          log.error('Failed to migrate old config:', error);
+          log.error("Failed to migrate old config:", error);
         }
       }
 
@@ -100,7 +118,7 @@ class ConfigStoreClass {
         try {
           mergedConfig.app = JSON.parse(storedAppConfig);
         } catch (error) {
-          log.error('Failed to parse app config:', error);
+          log.error("Failed to parse app config:", error);
         }
       }
 
@@ -108,13 +126,13 @@ class ConfigStoreClass {
         try {
           mergedConfig.models = JSON.parse(storedModelConfig);
         } catch (error) {
-          log.error('Failed to parse model config:', error);
+          log.error("Failed to parse model config:", error);
         }
       }
 
       return mergedConfig;
     } catch (error) {
-      log.error('Failed to load config from storage:', error);
+      log.error("Failed to load config from storage:", error);
       return JSON.parse(JSON.stringify(defaultConfig));
     }
   }
@@ -122,12 +140,15 @@ class ConfigStoreClass {
   // Save configuration to storage
   private saveToStorage(): void {
     try {
-      if (typeof window === 'undefined' || !this.config) return;
-      
+      if (typeof window === "undefined" || !this.config) return;
+
       localStorage.setItem(APP_CONFIG_KEY, JSON.stringify(this.config.app));
-      localStorage.setItem(MODEL_CONFIG_KEY, JSON.stringify(this.config.models));
+      localStorage.setItem(
+        MODEL_CONFIG_KEY,
+        JSON.stringify(this.config.models)
+      );
     } catch (error) {
-      log.error('Failed to save config to storage:', error);
+      log.error("Failed to save config to storage:", error);
     }
   }
 
@@ -179,7 +200,7 @@ class ConfigStoreClass {
 
   // Clear all configuration
   clearConfig(): void {
-    if (typeof window !== 'undefined') {
+    if (typeof window !== "undefined") {
       localStorage.removeItem(APP_CONFIG_KEY);
       localStorage.removeItem(MODEL_CONFIG_KEY);
     }
@@ -193,75 +214,81 @@ class ConfigStoreClass {
       ? {
           appName: backendConfig.app.name || "",
           appDescription: backendConfig.app.description || "",
-          iconType: (backendConfig.app.icon?.type as "preset" | "custom") || "preset",
+          iconType:
+            (backendConfig.app.icon?.type as "preset" | "custom") || "preset",
           customIconUrl: backendConfig.app.icon?.customUrl || null,
-          avatarUri: backendConfig.app.icon?.avatarUri || null
+          avatarUri: backendConfig.app.icon?.avatarUri || null,
         }
       : {
           appName: "",
           appDescription: "",
           iconType: "preset" as "preset" | "custom",
           customIconUrl: null,
-          avatarUri: null
+          avatarUri: null,
         };
 
     // Adapt models field
-    const models = backendConfig.models ? {
-      llm: {
-        modelName: backendConfig.models.llm?.name || "",
-        displayName: backendConfig.models.llm?.displayName || "",
-        apiConfig: {
-          apiKey: backendConfig.models.llm?.apiConfig?.apiKey || "",
-          modelUrl: backendConfig.models.llm?.apiConfig?.modelUrl || ""
-        }
-      },
-      embedding: {
-        modelName: backendConfig.models.embedding?.name || "",
-        displayName: backendConfig.models.embedding?.displayName || "",
-        apiConfig: {
-          apiKey: backendConfig.models.embedding?.apiConfig?.apiKey || "",
-          modelUrl: backendConfig.models.embedding?.apiConfig?.modelUrl || ""
-        },
-        dimension: backendConfig.models.embedding?.dimension || 0
-      },
-      multiEmbedding: {
-        modelName: backendConfig.models.multiEmbedding?.name || "",
-        displayName: backendConfig.models.multiEmbedding?.displayName || "",
-        apiConfig: {
-          apiKey: backendConfig.models.multiEmbedding?.apiConfig?.apiKey || "",
-          modelUrl: backendConfig.models.multiEmbedding?.apiConfig?.modelUrl || ""
-        },
-        dimension: backendConfig.models.multiEmbedding?.dimension || 0
-      },
-      rerank: {
-        modelName: backendConfig.models.rerank?.name || "",
-        displayName: backendConfig.models.rerank?.displayName || ""
-      },
-      vlm: {
-        modelName: backendConfig.models.vlm?.name || "",
-        displayName: backendConfig.models.vlm?.displayName || "",
-        apiConfig: {
-          apiKey: backendConfig.models.vlm?.apiConfig?.apiKey || "",
-          modelUrl: backendConfig.models.vlm?.apiConfig?.modelUrl || ""
-        }
-      },
-      stt: {
-        modelName: backendConfig.models.stt?.name || "",
-        displayName: backendConfig.models.stt?.displayName || "",
-        apiConfig: {
-          apiKey: backendConfig.models.stt?.apiConfig?.apiKey || "",
-          modelUrl: backendConfig.models.stt?.apiConfig?.modelUrl || ""
-        }
-      },
-      tts: {
-        modelName: backendConfig.models.tts?.name || "",
-        displayName: backendConfig.models.tts?.displayName || "",
-        apiConfig: {
-          apiKey: backendConfig.models.tts?.apiConfig?.apiKey || "",
-          modelUrl: backendConfig.models.tts?.apiConfig?.modelUrl || ""
+    const models = backendConfig.models
+      ? {
+          llm: {
+            modelName: backendConfig.models.llm?.name || "",
+            displayName: backendConfig.models.llm?.displayName || "",
+            apiConfig: {
+              apiKey: backendConfig.models.llm?.apiConfig?.apiKey || "",
+              modelUrl: backendConfig.models.llm?.apiConfig?.modelUrl || "",
+            },
+          },
+          embedding: {
+            modelName: backendConfig.models.embedding?.name || "",
+            displayName: backendConfig.models.embedding?.displayName || "",
+            apiConfig: {
+              apiKey: backendConfig.models.embedding?.apiConfig?.apiKey || "",
+              modelUrl:
+                backendConfig.models.embedding?.apiConfig?.modelUrl || "",
+            },
+            dimension: backendConfig.models.embedding?.dimension || 0,
+          },
+          multiEmbedding: {
+            modelName: backendConfig.models.multiEmbedding?.name || "",
+            displayName: backendConfig.models.multiEmbedding?.displayName || "",
+            apiConfig: {
+              apiKey:
+                backendConfig.models.multiEmbedding?.apiConfig?.apiKey || "",
+              modelUrl:
+                backendConfig.models.multiEmbedding?.apiConfig?.modelUrl || "",
+            },
+            dimension: backendConfig.models.multiEmbedding?.dimension || 0,
+          },
+          rerank: {
+            modelName: backendConfig.models.rerank?.name || "",
+            displayName: backendConfig.models.rerank?.displayName || "",
+          },
+          vlm: {
+            modelName: backendConfig.models.vlm?.name || "",
+            displayName: backendConfig.models.vlm?.displayName || "",
+            apiConfig: {
+              apiKey: backendConfig.models.vlm?.apiConfig?.apiKey || "",
+              modelUrl: backendConfig.models.vlm?.apiConfig?.modelUrl || "",
+            },
+          },
+          stt: {
+            modelName: backendConfig.models.stt?.name || "",
+            displayName: backendConfig.models.stt?.displayName || "",
+            apiConfig: {
+              apiKey: backendConfig.models.stt?.apiConfig?.apiKey || "",
+              modelUrl: backendConfig.models.stt?.apiConfig?.modelUrl || "",
+            },
+          },
+          tts: {
+            modelName: backendConfig.models.tts?.name || "",
+            displayName: backendConfig.models.tts?.displayName || "",
+            apiConfig: {
+              apiKey: backendConfig.models.tts?.apiConfig?.apiKey || "",
+              modelUrl: backendConfig.models.tts?.apiConfig?.modelUrl || "",
+            },
+          },
         }
-      }
-    } : undefined;
+      : undefined;
 
     return {
       app,
@@ -272,10 +299,12 @@ class ConfigStoreClass {
   // New: Reload configuration from localStorage and trigger configChanged event
   reloadFromStorage(): void {
     this.config = this.loadFromStorage();
-    if (typeof window !== 'undefined') {
-      window.dispatchEvent(new CustomEvent('configChanged', {
-        detail: { config: this.config }
-      }));
+    if (typeof window !== "undefined") {
+      window.dispatchEvent(
+        new CustomEvent("configChanged", {
+          detail: { config: this.config },
+        })
+      );
     }
   }
 }
@@ -285,4 +314,4 @@ class ConfigStoreClass {
 export const ConfigStore = ConfigStoreClass;
 
 // Export singleton
-export const configStore = ConfigStoreClass.getInstance(); 
\ No newline at end of file
+export const configStore = ConfigStoreClass.getInstance();
diff --git a/frontend/server.js b/frontend/server.js
index 45ec14799..809f3ae5f 100644
--- a/frontend/server.js
+++ b/frontend/server.js
@@ -1,29 +1,31 @@
-const { createServer } = require('http');
-const { parse } = require('url');
-const next = require('next');
-const { createProxyServer } = require('http-proxy');
-const path = require('path');
+const { createServer } = require("http");
+const { parse } = require("url");
+const next = require("next");
+const { createProxyServer } = require("http-proxy");
+const path = require("path");
 
 // Load environment variables from .env file in parent directory (project root)
 // In container environments, env vars are injected directly by Docker, so .env file may not exist
 // Using optional: true to avoid errors if .env file is not found
-require('dotenv').config({ 
-  path: path.resolve(__dirname, '../.env'),
-  override: false // Don't override existing environment variables (important for Docker)
+require("dotenv").config({
+  path: path.resolve(__dirname, "../.env"),
+  override: false, // Don't override existing environment variables (important for Docker)
 });
 
-const dev = process.env.NODE_ENV !== 'production';
-const app = next({ 
+const dev = process.env.NODE_ENV !== "production";
+const app = next({
   dev,
 });
 const handle = app.getRequestHandler();
 
 // Backend addresses
-const HTTP_BACKEND = process.env.HTTP_BACKEND || 'http://localhost:5010'; // config
-const WS_BACKEND = process.env.WS_BACKEND || 'ws://localhost:5014'; // runtime
-const RUNTIME_HTTP_BACKEND = process.env.RUNTIME_HTTP_BACKEND || 'http://localhost:5014'; // runtime
-const MINIO_BACKEND = process.env.MINIO_ENDPOINT || 'http://localhost:9010';
-const MARKET_BACKEND = process.env.MARKET_BACKEND || 'https://market.nexent.tech'; // market
+const HTTP_BACKEND = process.env.HTTP_BACKEND || "http://localhost:5010"; // config
+const WS_BACKEND = process.env.WS_BACKEND || "ws://localhost:5014"; // runtime
+const RUNTIME_HTTP_BACKEND =
+  process.env.RUNTIME_HTTP_BACKEND || "http://localhost:5014"; // runtime
+const MINIO_BACKEND = process.env.MINIO_ENDPOINT || "http://localhost:9010";
+const MARKET_BACKEND =
+  process.env.MARKET_BACKEND || "https://market.nexent.tech"; // market
 const PORT = 3000;
 
 const proxy = createProxyServer();
@@ -34,42 +36,50 @@ app.prepare().then(() => {
     const { pathname } = parsedUrl;
 
     // Proxy HTTP requests
-    if (pathname.includes('/attachments/') && !pathname.startsWith('/api/')) {
+    if (pathname.includes("/attachments/") && !pathname.startsWith("/api/")) {
       proxy.web(req, res, { target: MINIO_BACKEND });
-    } else if (pathname.startsWith('/api/')) {
+    } else if (pathname.startsWith("/api/")) {
       // Route market endpoints to market backend
-      if (pathname.startsWith('/api/market/')) {
+      if (pathname.startsWith("/api/market/")) {
         // Rewrite path: /api/market/agents -> /agents
-        req.url = req.url.replace('/api/market', '');
+        req.url = req.url.replace("/api/market", "");
         proxy.web(req, res, { target: MARKET_BACKEND, changeOrigin: true });
       } else {
-      // Route runtime endpoints to runtime backend, others to config backend
-      const isRuntime =
-        pathname.startsWith('/api/agent/run') ||
-        pathname.startsWith('/api/agent/stop') ||
-        pathname.startsWith('/api/conversation/') ||
-        pathname.startsWith('/api/memory/') ||
-        pathname.startsWith('/api/file/storage') ||
-        pathname.startsWith('/api/file/preprocess');
-      const target = isRuntime ? RUNTIME_HTTP_BACKEND : HTTP_BACKEND;
-      proxy.web(req, res, { target, changeOrigin: true });
+        // Route runtime endpoints to runtime backend, others to config backend
+        const isRuntime =
+          pathname.startsWith("/api/agent/run") ||
+          pathname.startsWith("/api/agent/stop") ||
+          pathname.startsWith("/api/conversation/") ||
+          pathname.startsWith("/api/memory/") ||
+          pathname.startsWith("/api/file/storage") ||
+          pathname.startsWith("/api/file/preprocess");
+        const target = isRuntime ? RUNTIME_HTTP_BACKEND : HTTP_BACKEND;
+        proxy.web(req, res, { target, changeOrigin: true });
       }
     } else {
-      // Let Next.js handle all other requests
+      // Let Next.js handle the request (environment variables now injected via layout.tsx)
       handle(req, res, parsedUrl);
     }
   });
 
   // Proxy WebSocket upgrade requests
-  server.on('upgrade', (req, socket, head) => {
+  server.on("upgrade", (req, socket, head) => {
     const { pathname } = parse(req.url);
-    if (pathname.startsWith('/api/voice/')) {
-      proxy.ws(req, socket, head, { target: WS_BACKEND, changeOrigin: true }, (err) => {
-        console.error('[Proxy] WebSocket Proxy Error:', err);
-        socket.destroy();
-      });
+    if (pathname.startsWith("/api/voice/")) {
+      proxy.ws(
+        req,
+        socket,
+        head,
+        { target: WS_BACKEND, changeOrigin: true },
+        (err) => {
+          console.error("[Proxy] WebSocket Proxy Error:", err);
+          socket.destroy();
+        }
+      );
     } else {
-      console.log(`[Proxy] Ignoring non-voice WebSocket upgrade for: ${pathname}`);
+      console.log(
+        `[Proxy] Ignoring non-voice WebSocket upgrade for: ${pathname}`
+      );
       // Do nothing for other WebSocket requests (like Next.js HMR).
     }
   });
@@ -77,11 +87,11 @@ app.prepare().then(() => {
   server.listen(PORT, (err) => {
     if (err) throw err;
     console.log(`> Ready on http://localhost:${PORT}`);
-    console.log('> --- Backend URL Configuration ---');
+    console.log("> --- Backend URL Configuration ---");
     console.log(`> HTTP Backend Target: ${HTTP_BACKEND}`);
     console.log(`> WebSocket Backend Target: ${WS_BACKEND}`);
     console.log(`> MinIO Backend Target: ${MINIO_BACKEND}`);
     console.log(`> Market Backend Target: ${MARKET_BACKEND}`);
-    console.log('> ---------------------------------');
+    console.log("> ---------------------------------");
   });
 });
diff --git a/frontend/services/api.ts b/frontend/services/api.ts
index d8931186a..2064ececf 100644
--- a/frontend/services/api.ts
+++ b/frontend/services/api.ts
@@ -312,5 +312,8 @@ function handleSessionExpired() {
 declare global {
   interface Window {
     __isHandlingSessionExpired?: boolean;
+    __ENV__?: {
+      MODEL_ENGINE_ENABLED?: string;
+    };
   }
 }
diff --git a/frontend/services/configService.ts b/frontend/services/configService.ts
index c37340298..57ae9751c 100644
--- a/frontend/services/configService.ts
+++ b/frontend/services/configService.ts
@@ -1,9 +1,9 @@
-import { API_ENDPOINTS } from './api';
+import { API_ENDPOINTS } from "./api";
 
-import { GlobalConfig } from '@/types/modelConfig';
+import { GlobalConfig } from "@/types/modelConfig";
 
-import { fetchWithAuth, getAuthHeaders } from '@/lib/auth';
-import { ConfigStore } from '@/lib/config';
+import { fetchWithAuth, getAuthHeaders } from "@/lib/auth";
+import { ConfigStore } from "@/lib/config";
 import log from "@/lib/logger";
 // @ts-ignore
 const fetch = fetchWithAuth;
@@ -13,21 +13,21 @@ export class ConfigService {
   async saveConfigToBackend(config: GlobalConfig): Promise<boolean> {
     try {
       const response = await fetch(API_ENDPOINTS.config.save, {
-        method: 'POST',
+        method: "POST",
         headers: getAuthHeaders(),
         body: JSON.stringify(config),
       });
 
       if (!response.ok) {
         const errorData = await response.json();
-        log.error('Failed to save configuration:', errorData);
+        log.error("Failed to save configuration:", errorData);
         return false;
       }
 
       await response.json();
       return true;
     } catch (error) {
-      log.error('Save configuration request exception:', error);
+      log.error("Save configuration request exception:", error);
       return false;
     }
   }
@@ -36,12 +36,12 @@ export class ConfigService {
   async loadConfigToFrontend(): Promise<boolean> {
     try {
       const response = await fetch(API_ENDPOINTS.config.load, {
-        method: 'GET',
+        method: "GET",
         headers: getAuthHeaders(),
       });
       if (!response.ok) {
         const errorData = await response.json();
-        log.error('Failed to load configuration:', errorData);
+        log.error("Failed to load configuration:", errorData);
         return false;
       }
       const result = await response.json();
@@ -52,27 +52,27 @@ export class ConfigService {
 
         // Write to localStorage separately
         if (frontendConfig.app) {
-          localStorage.setItem('app', JSON.stringify(frontendConfig.app));
+          localStorage.setItem("app", JSON.stringify(frontendConfig.app));
         }
         if (frontendConfig.models) {
-          localStorage.setItem('model', JSON.stringify(frontendConfig.models));
+          localStorage.setItem("model", JSON.stringify(frontendConfig.models));
         }
-        
+
         // Trigger configuration reload and dispatch event
-        if (typeof window !== 'undefined') {
+        if (typeof window !== "undefined") {
           const configStore = ConfigStore.getInstance();
           configStore.reloadFromStorage();
         }
-        
+
         return true;
       }
       return false;
     } catch (error) {
-      log.error('Load configuration request exception:', error);
+      log.error("Load configuration request exception:", error);
       return false;
     }
   }
 }
 
 // Export singleton instance
-export const configService = new ConfigService(); 
\ No newline at end of file
+export const configService = new ConfigService();
diff --git a/frontend/types/modelConfig.ts b/frontend/types/modelConfig.ts
index 0d463161f..36a9a69c7 100644
--- a/frontend/types/modelConfig.ts
+++ b/frontend/types/modelConfig.ts
@@ -92,7 +92,7 @@ export interface GlobalConfig {
 export interface ModelValidationResponse {
   connectivity: boolean;
   model_name: string;
-  error?: string;  // Error message when connectivity fails
+  error?: string; // Error message when connectivity fails
 }
 
 // Model engine check result interface

From fc0f393a3aebcdbd05d7df209e116f4fa03a372a Mon Sep 17 00:00:00 2001
From: zhizhi <928570418@qq.com>
Date: Fri, 9 Jan 2026 21:30:58 +0800
Subject: [PATCH 04/38] =?UTF-8?q?=E2=9C=A8=20Refactor=20ModelEngine=20ENV?=
 =?UTF-8?q?=20Config=20for=20improved=20performance=20and=20stability?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 docker/deploy.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker/deploy.sh b/docker/deploy.sh
index b149b1cd9..2545bf2dc 100755
--- a/docker/deploy.sh
+++ b/docker/deploy.sh
@@ -916,7 +916,7 @@ main_deploy() {
   echo "--------------------------------"
   echo ""
 
-  APP_VERSION="latest"
+  APP_VERSION="$(get_app_version)"
   if [ -z "$APP_VERSION" ]; then
     echo "❌ Failed to get app version, please check the backend/consts/const.py file"
     exit 1

From 664f3e95fed0ba64d1e1f0f55f319428ca3265af Mon Sep 17 00:00:00 2001
From: xuyaqi <xuyaqist@gmail.com>
Date: Mon, 12 Jan 2026 20:57:20 +0800
Subject: [PATCH 05/38] bugfix when create agents, invoke tool config update

---
 frontend/hooks/agent/useSaveGuard.ts | 75 +++++++++++++++-------------
 1 file changed, 39 insertions(+), 36 deletions(-)

diff --git a/frontend/hooks/agent/useSaveGuard.ts b/frontend/hooks/agent/useSaveGuard.ts
index 0a00eaa9b..60c5bad1d 100644
--- a/frontend/hooks/agent/useSaveGuard.ts
+++ b/frontend/hooks/agent/useSaveGuard.ts
@@ -4,7 +4,7 @@ import { App } from "antd";
 import { useQueryClient } from "@tanstack/react-query";
 import { useConfirmModal } from "../useConfirmModal";
 import { useAgentConfigStore } from "@/stores/agentConfigStore";
-import { updateAgent } from "@/services/agentConfigService";
+import { updateAgent, updateToolConfig } from "@/services/agentConfigService";
 import { Agent } from "@/types/agentConfig";
 
 /**
@@ -66,45 +66,48 @@ export const useSaveGuard = () => {
             t("businessLogic.config.message.agentSaveSuccess")
         );
 
-        // For both creation and update, ensure the store has the latest agent data
+        // Get the final agent ID (from result for new agents, existing currentAgentId for updates)
+        const finalAgentId = result.data?.agent_id || currentAgentId;
+        if (!finalAgentId) {
+          throw new Error("Failed to get agent ID after save operation");
+        }
+
+        // Handle new agent creation - save tool configurations
         if (!currentAgentId && result.data?.agent_id) {
-          // New agent creation - create agent object with backend-generated ID
-          const newAgentId = result.data.agent_id.toString();
-          const updatedAgent: Agent = {
-            id: newAgentId, // Backend-generated ID as string
-            name: currentEditedAgent.name,
-            display_name: currentEditedAgent.display_name,
-            description: currentEditedAgent.description,
-            author: currentEditedAgent.author,
-            model: currentEditedAgent.model,
-            model_id: currentEditedAgent.model_id,
-            max_step: currentEditedAgent.max_step,
-            provide_run_summary: currentEditedAgent.provide_run_summary,
-            tools: currentEditedAgent.tools || [],
-            duty_prompt: currentEditedAgent.duty_prompt,
-            constraint_prompt: currentEditedAgent.constraint_prompt,
-            few_shots_prompt: currentEditedAgent.few_shots_prompt,
-            business_description: currentEditedAgent.business_description,
-            business_logic_model_name: currentEditedAgent.business_logic_model_name,
-            business_logic_model_id: currentEditedAgent.business_logic_model_id,
-            sub_agent_id_list: currentEditedAgent.sub_agent_id_list,
-          };
-          useAgentConfigStore.getState().setCurrentAgent(updatedAgent);
-        } else if (currentAgentId) {
-          // Existing agent update - invalidate and refetch the specific agent info cache
-          await queryClient.invalidateQueries({
-            queryKey: ["agentInfo", currentAgentId]
-          });
-          await queryClient.refetchQueries({
-            queryKey: ["agentInfo", currentAgentId]
-          });
-          // Get the updated agent data from the refreshed cache
-          const updatedAgent = queryClient.getQueryData(["agentInfo", currentAgentId]) as Agent;
-          if (updatedAgent) {
-            useAgentConfigStore.getState().setCurrentAgent(updatedAgent);
+          // Save tool configurations for the newly created agent
+          const agentIdNumber = result.data.agent_id;
+          if (currentEditedAgent.tools && currentEditedAgent.tools.length > 0) {
+            for (const tool of currentEditedAgent.tools) {
+              const toolId = parseInt(tool.id);
+              const isEnabled = tool.is_available !== false; // Default to true if not explicitly set to false
+              const params = tool.initParams?.reduce((acc, param) => {
+                acc[param.name] = param.value;
+                return acc;
+              }, {} as Record<string, any>) || {};
+
+              try {
+                await updateToolConfig(toolId, agentIdNumber, params, isEnabled);
+              } catch (error) {
+                console.error(`Failed to save tool config for tool ${toolId}:`, error);
+                // Continue with other tools even if one fails
+              }
+            }
           }
         }
 
+        // Common logic for both creation and update: refresh cache and update store
+        await queryClient.invalidateQueries({
+          queryKey: ["agentInfo", finalAgentId]
+        });
+        await queryClient.refetchQueries({
+          queryKey: ["agentInfo", finalAgentId]
+        });
+        // Get the updated agent data from the refreshed cache
+        const updatedAgent = queryClient.getQueryData(["agentInfo", finalAgentId]) as Agent;
+        if (updatedAgent) {
+          useAgentConfigStore.getState().setCurrentAgent(updatedAgent);
+        }
+
         // Also invalidate the agents list cache to ensure the list reflects any changes
         queryClient.invalidateQueries({ queryKey: ["agents"] });
 

From 368b461395697782030e5360a0dc98d95c7ba496 Mon Sep 17 00:00:00 2001
From: xuyaqi <xuyaqist@gmail.com>
Date: Mon, 12 Jan 2026 20:58:10 +0800
Subject: [PATCH 06/38] bugfix before debug agent, open save model

---
 frontend/app/[locale]/agents/components/AgentInfoComp.tsx | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/frontend/app/[locale]/agents/components/AgentInfoComp.tsx b/frontend/app/[locale]/agents/components/AgentInfoComp.tsx
index d4832b6f3..1102c9b73 100644
--- a/frontend/app/[locale]/agents/components/AgentInfoComp.tsx
+++ b/frontend/app/[locale]/agents/components/AgentInfoComp.tsx
@@ -84,7 +84,13 @@ export default function AgentInfoComp({}: AgentInfoCompProps) {
               <Button
                 type="primary"
                 icon={<Bug size={16} />}
-                onClick={() => setIsDebugDrawerOpen(true)}
+                onClick={() =>
+                  saveGuard.saveWithModal().then((success) => {
+                    if (success) {
+                      setIsDebugDrawerOpen(true);
+                    }
+                  })
+                }
                 size="middle"
               >
                 {t("systemPrompt.button.debug")}

From 7d4c03ac06bfb67e65dd276aba98c6b728555aaa Mon Sep 17 00:00:00 2001
From: xuyaqi <xuyaqist@gmail.com>
Date: Mon, 12 Jan 2026 20:59:08 +0800
Subject: [PATCH 07/38] cache tool info until user create agent

---
 .../components/agentConfig/ToolManagement.tsx | 149 +++++++++++-------
 1 file changed, 91 insertions(+), 58 deletions(-)

diff --git a/frontend/app/[locale]/agents/components/agentConfig/ToolManagement.tsx b/frontend/app/[locale]/agents/components/agentConfig/ToolManagement.tsx
index a56df9bd4..5fb7428be 100644
--- a/frontend/app/[locale]/agents/components/agentConfig/ToolManagement.tsx
+++ b/frontend/app/[locale]/agents/components/agentConfig/ToolManagement.tsx
@@ -51,7 +51,7 @@ export default function ToolManagement({
 
   // Get tool info for selected tool (when checking if config is needed)
   const { data: selectedToolInfo, isLoading: isToolInfoLoading } = useToolInfo(
-    (selectedTool) ? parseInt(selectedTool.id) : null,
+    selectedTool ? parseInt(selectedTool.id) : null,
     currentAgentId ?? null
   );
 
@@ -62,43 +62,46 @@ export default function ToolManagement({
     if (isCreatingMode && selectedTool) {
       mergedParams = selectedTool.initParams || [];
     } else if (selectedTool && selectedToolInfo) {
-      mergedParams = selectedTool.initParams?.map((param: ToolParam) => {
-        const instanceValue = selectedToolInfo?.params?.[param.name];
-        return {
-          ...param,
-          value: instanceValue !== undefined ? instanceValue : param.value,
-        };
-      }) || [];
+      mergedParams =
+        selectedTool.initParams?.map((param: ToolParam) => {
+          const instanceValue = selectedToolInfo?.params?.[param.name];
+          return {
+            ...param,
+            value: instanceValue !== undefined ? instanceValue : param.value,
+          };
+        }) || [];
     } else {
       return;
     }
     setToolParams(mergedParams);
     const hasEmptyRequiredParams = mergedParams.some(
-      (param: ToolParam) => param.required &&
-        (param.value === undefined || param.value === '' || param.value === null)
+      (param: ToolParam) =>
+        param.required &&
+        (param.value === undefined ||
+          param.value === "" ||
+          param.value === null)
     );
     if (isClickSetting || hasEmptyRequiredParams) {
       // Open modal for configuration with pre-calculated params
       setIsToolModalOpen(true);
-      setIsClickSetting(false)
+      setIsClickSetting(false);
     } else {
       // Add tool directly
-      const newSelectedTools = [...usedTools, {
-        ...selectedTool,
-        initParams: mergedParams
-      }];
+      const newSelectedTools = [
+        ...usedTools,
+        {
+          ...selectedTool,
+          initParams: mergedParams,
+        },
+      ];
       updateTools(newSelectedTools);
       setSelectedTool(null); // Clear selected tool
-      setIsClickSetting(false)
+      setIsClickSetting(false);
     }
-
-    
-  }, [selectedTool, isToolInfoLoading]); 
+  }, [selectedTool, isToolInfoLoading]);
 
   // Create selected tool ID set for efficient lookup
-  const selectedToolIdsSet = new Set(
-    usedTools.map((tool) => tool.id)
-  );
+  const selectedToolIdsSet = new Set(usedTools.map((tool) => tool.id));
 
   // Set default active tab
   useEffect(() => {
@@ -111,62 +114,88 @@ export default function ToolManagement({
     setIsToolModalOpen(false);
     setSelectedTool(null);
     setToolParams([]);
-    setIsClickSetting(false)
+    setIsClickSetting(false);
   };
 
   const handleToolModalSave = async (params: ToolParam[]) => {
     if (!selectedTool) return;
 
-      // Convert params to backend format
-      const paramsObj = params.reduce((acc, param) => {
+    // Convert params to backend format
+    const paramsObj = params.reduce(
+      (acc, param) => {
         acc[param.name] = param.value;
         return acc;
-      }, {} as Record<string, any>);
-
-      if (isCreatingMode) {
-        saveToolConfig(params);
-      } else if (currentAgentId) {
+      },
+      {} as Record<string, any>
+    );
 
-        try {
-          const isEnabled = true; // New tool is enabled by default
-          const result = await updateToolConfig(
-            parseInt(selectedTool.id),
-            currentAgentId,
-            paramsObj,
-            isEnabled
-          );
+    if (isCreatingMode) {
+      saveToolConfig(params);
+    } else if (currentAgentId) {
+      try {
+        const isEnabled = true; // New tool is enabled by default
+        const result = await updateToolConfig(
+          parseInt(selectedTool.id),
+          currentAgentId,
+          paramsObj,
+          isEnabled
+        );
 
-          if (result.success) {
-            saveToolConfig(params);
-            queryClient.invalidateQueries({ 
-              queryKey: ["toolInfo", parseInt(selectedTool.id), currentAgentId] 
-            });
-          } else {
-            message.error(result.message || t("toolConfig.message.saveError"));
-          }
-        } catch (error) {
-          message.error(t("toolConfig.message.saveError"));
+        if (result.success) {
+          saveToolConfig(params);
+          queryClient.invalidateQueries({
+            queryKey: ["toolInfo", parseInt(selectedTool.id), currentAgentId],
+          });
+        } else {
+          message.error(result.message || t("toolConfig.message.saveError"));
         }
+      } catch (error) {
+        message.error(t("toolConfig.message.saveError"));
       }
+    }
   };
 
-
   const saveToolConfig = async (params: ToolParam[]) => {
     // Add tool to selected tools with updated params
     const updatedTool = { ...selectedTool!, initParams: params };
-    const newSelectedTools = [...usedTools, updatedTool];
+    // Get latest tools from store to avoid stale closure
+    const currentTools = useAgentConfigStore.getState().editedAgent.tools;
+
+    // Check if tool already exists, if so replace it, otherwise add it
+    const existingToolIndex = currentTools.findIndex(
+      (t) => parseInt(t.id) === parseInt(updatedTool.id)
+    );
+
+    let newSelectedTools;
+    if (existingToolIndex >= 0) {
+      // Replace existing tool
+      newSelectedTools = [...currentTools];
+      newSelectedTools[existingToolIndex] = updatedTool;
+    } else {
+      // Add new tool
+      newSelectedTools = [...currentTools, updatedTool];
+    }
+
     updateTools(newSelectedTools);
+    console.log("params", params);
 
     message.success(t("toolConfig.message.saveSuccess"));
 
     setIsToolModalOpen(false);
     setSelectedTool(null);
     setToolParams([]);
-    setIsClickSetting(false)
-  }
+    setIsClickSetting(false);
+  };
   const handleToolSettingsClick = (tool: Tool) => {
-    setIsClickSetting(true)
-    setSelectedTool(tool); 
+    // In creating mode, get the configured tool from usedTools (which has updated params)
+    // In editing mode, get from usedTools if available, otherwise use the passed tool
+    // Get latest tools directly from store to avoid stale closure issues
+    const currentTools = useAgentConfigStore.getState().editedAgent.tools;
+    const configuredTool = currentTools.find(
+      (t) => parseInt(t.id) === parseInt(tool.id)
+    );
+    setIsClickSetting(true);
+    setSelectedTool(configuredTool || tool);
   };
 
   const handleToolSelect = (toolId: number) => {
@@ -174,16 +203,20 @@ export default function ToolManagement({
     const tool = availableTools.find((t) => parseInt(t.id) === toolId);
     if (!tool) return;
 
-    const isCurrentlySelected = usedTools.some(
+    // Get latest tools directly from store to avoid stale closure issues
+    const currentTools = useAgentConfigStore.getState().editedAgent.tools;
+    const isCurrentlySelected = currentTools.some(
       (t) => parseInt(t.id) === toolId
     );
     if (isCurrentlySelected) {
-      const newSelectedTools = usedTools.filter((t) => parseInt(t.id) !== toolId);
-      updateTools(newSelectedTools);   
+      const newSelectedTools = currentTools.filter(
+        (t) => parseInt(t.id) !== toolId
+      );
+      updateTools(newSelectedTools);
     } else {
       setSelectedTool(tool);
     }
-  }
+  };
 
   const handleToolClick = (toolId: string) => {
     const numericId = parseInt(toolId, 10);

From 8fe99f8c4a1c38b1a24d919a6ee0d81b1d942c95 Mon Sep 17 00:00:00 2001
From: zhizhi <928570418@qq.com>
Date: Mon, 12 Jan 2026 09:23:36 +0800
Subject: [PATCH 08/38] =?UTF-8?q?=F0=9F=90=9B=20Remove=20unused=20test=20f?=
 =?UTF-8?q?or=20ModelEngineProvider=20when=20environment=20variables=20are?=
 =?UTF-8?q?=20not=20configured?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 docker/docker-compose.yml                     | 71 ++++++++++---------
 .../services/test_model_provider_service.py   | 20 +-----
 2 files changed, 39 insertions(+), 52 deletions(-)

diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
index bfe707a04..e792a8f40 100644
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -35,21 +35,25 @@ services:
     volumes:
       - ${ROOT_DIR}/elasticsearch:/usr/share/elasticsearch/data
     ports:
-      - "9210:9200"  # HTTP API
-      - "9310:9300"  # Cluster communication port
+      - "9210:9200" # HTTP API
+      - "9310:9300" # Cluster communication port
     networks:
       - nexent
     restart: always
     healthcheck:
-      test: ["CMD-SHELL", "curl -sf -u elastic:${ELASTIC_PASSWORD} http://localhost:9200/_cluster/health | grep -qE '\"status\":\"(green|yellow)\"' || exit 1"]
+      test:
+        [
+          "CMD-SHELL",
+          'curl -sf -u elastic:${ELASTIC_PASSWORD} http://localhost:9200/_cluster/health | grep -qE ''"status":"(green|yellow)"'' || exit 1',
+        ]
       interval: 5s
       timeout: 10s
       retries: 20
     logging:
       driver: "json-file"
       options:
-        max-size: "100m"  # Maximum size of a single log file
-        max-file: "3"     # Maximum number of log files to keep
+        max-size: "100m" # Maximum size of a single log file
+        max-file: "3" # Maximum number of log files to keep
 
   nexent-postgresql:
     image: ${POSTGRESQL_IMAGE}
@@ -69,8 +73,8 @@ services:
     logging:
       driver: "json-file"
       options:
-        max-size: "100m"  # Maximum size of a single log file
-        max-file: "3"     # Maximum number of log files to keep
+        max-size: "100m" # Maximum size of a single log file
+        max-file: "3" # Maximum number of log files to keep
     networks:
       - nexent
 
@@ -79,11 +83,11 @@ services:
     container_name: nexent-config
     restart: always
     ports:
-      - "5010:5010"  # Config service port
+      - "5010:5010" # Config service port
     volumes:
       - ${NEXENT_USER_DIR:-$HOME/nexent}:/mnt/nexent
       - ${ROOT_DIR}/openssh-server/ssh-keys:/opt/ssh-keys:ro
-      - /var/run/docker.sock:/var/run/docker.sock:ro  # Docker socket for MCP container management
+      - /var/run/docker.sock:/var/run/docker.sock:ro # Docker socket for MCP container management
     environment:
       <<: [*minio-vars, *es-vars]
       skip_proxy: "true"
@@ -97,8 +101,8 @@ services:
     logging:
       driver: "json-file"
       options:
-        max-size: "10m"  # Maximum size of a single log file
-        max-file: "3"    # Maximum number of log files to keep
+        max-size: "10m" # Maximum size of a single log file
+        max-file: "3" # Maximum number of log files to keep
     networks:
       - nexent
     entrypoint: ["/bin/bash", "-c", "python backend/config_service.py"]
@@ -108,7 +112,7 @@ services:
     container_name: nexent-runtime
     restart: always
     ports:
-      - "5014:5014"  # Runtime service port
+      - "5014:5014" # Runtime service port
     volumes:
       - ${NEXENT_USER_DIR:-$HOME/nexent}:/mnt/nexent
       - ${ROOT_DIR}/openssh-server/ssh-keys:/opt/ssh-keys:ro
@@ -125,8 +129,8 @@ services:
     logging:
       driver: "json-file"
       options:
-        max-size: "10m"  # Maximum size of a single log file
-        max-file: "3"    # Maximum number of log files to keep
+        max-size: "10m" # Maximum size of a single log file
+        max-file: "3" # Maximum number of log files to keep
     networks:
       - nexent
     entrypoint: ["/bin/bash", "-c", "python backend/runtime_service.py"]
@@ -136,7 +140,7 @@ services:
     container_name: nexent-mcp
     restart: always
     ports:
-      - "5011:5011"  # MCP service port
+      - "5011:5011" # MCP service port
     volumes:
       - ${NEXENT_USER_DIR:-$HOME/nexent}:/mnt/nexent
       - ${ROOT_DIR}/openssh-server/ssh-keys:/opt/ssh-keys:ro
@@ -153,8 +157,8 @@ services:
     logging:
       driver: "json-file"
       options:
-        max-size: "10m"  # Maximum size of a single log file
-        max-file: "3"    # Maximum number of log files to keep
+        max-size: "10m" # Maximum size of a single log file
+        max-file: "3" # Maximum number of log files to keep
     networks:
       - nexent
     entrypoint: ["/bin/bash", "-c", "python backend/mcp_service.py"]
@@ -164,7 +168,7 @@ services:
     container_name: nexent-northbound
     restart: always
     ports:
-      - "5013:5013"  # Northbound service port
+      - "5013:5013" # Northbound service port
     volumes:
       - ${NEXENT_USER_DIR:-$HOME/nexent}:/mnt/nexent
       - ${ROOT_DIR}/openssh-server/ssh-keys:/opt/ssh-keys:ro
@@ -181,8 +185,8 @@ services:
     logging:
       driver: "json-file"
       options:
-        max-size: "10m"  # Maximum size of a single log file
-        max-file: "3"    # Maximum number of log files to keep
+        max-size: "10m" # Maximum size of a single log file
+        max-file: "3" # Maximum number of log files to keep
     networks:
       - nexent
     entrypoint: ["/bin/bash", "-c", "python backend/northbound_service.py"]
@@ -201,11 +205,12 @@ services:
       - RUNTIME_HTTP_BACKEND=http://nexent-runtime:5014
       - MINIO_ENDPOINT=http://nexent-minio:9000
       - MARKET_BACKEND=https://market.nexent.tech
+      - MODEL_ENGINE_ENABLED=${MODEL_ENGINE_ENABLED:-true}
     logging:
       driver: "json-file"
       options:
-        max-size: "10m"  # Maximum size of a single log file
-        max-file: "3"    # Maximum number of log files to keep
+        max-size: "10m" # Maximum size of a single log file
+        max-file: "3" # Maximum number of log files to keep
 
   nexent-data-process:
     image: ${NEXENT_DATA_PROCESS_IMAGE}
@@ -215,8 +220,8 @@ services:
     privileged: true
     ports:
       - "5012:5012"
-      - "5555:5555"  # Celery Flower port
-      - "8265:8265"  # Ray Dashboardport
+      - "5555:5555" # Celery Flower port
+      - "8265:8265" # Ray Dashboardport
     volumes:
       - ${NEXENT_USER_DIR:-$HOME/nexent}:/mnt/nexent
     environment:
@@ -253,7 +258,7 @@ services:
     volumes:
       - ${ROOT_DIR}/redis:/data
     healthcheck:
-      test: [ "CMD", "redis-cli", "ping" ]
+      test: ["CMD", "redis-cli", "ping"]
       interval: 5s
       timeout: 5s
       retries: 5
@@ -266,8 +271,8 @@ services:
     container_name: nexent-minio
     command: server /data
     ports:
-      - "9010:9000"  # MinIO API port
-      - "9011:9001"  # MinIO Console port
+      - "9010:9000" # MinIO API port
+      - "9011:9001" # MinIO Console port
     environment:
       <<: [*minio-vars, *proxy-vars]
       MINIO_ROOT_USER: ${MINIO_ROOT_USER}
@@ -280,8 +285,8 @@ services:
     logging:
       driver: "json-file"
       options:
-        max-size: "100m"  # Maximum size of a single log file
-        max-file: "3"     # Maximum number of log files to keep
+        max-size: "100m" # Maximum size of a single log file
+        max-file: "3" # Maximum number of log files to keep
     entrypoint: >
       /bin/sh -c "
         minio server /etc/minio/data --address ':9000' --console-address ':9001' &
@@ -303,7 +308,7 @@ services:
       - DEV_USER=${SSH_USERNAME:-linuxserver.io}
       - DEV_PASSWORD=${SSH_PASSWORD:-nexent123}
     ports:
-      - "2222:22"  # SSH port
+      - "2222:22" # SSH port
     volumes:
       - ${TERMINAL_MOUNT_DIR:-./workspace}:/opt/terminal
     networks:
@@ -312,8 +317,8 @@ services:
     logging:
       driver: "json-file"
       options:
-        max-size: "10m"  # Maximum size of a single log file
-        max-file: "3"    # Maximum number of log files to keep
+        max-size: "10m" # Maximum size of a single log file
+        max-file: "3" # Maximum number of log files to keep
     profiles:
       - terminal
 
@@ -322,4 +327,4 @@ networks:
     driver: bridge
 
 volumes:
-  redis_data:
\ No newline at end of file
+  redis_data:
diff --git a/test/backend/services/test_model_provider_service.py b/test/backend/services/test_model_provider_service.py
index 5cf9db3a1..ce96d86ef 100644
--- a/test/backend/services/test_model_provider_service.py
+++ b/test/backend/services/test_model_provider_service.py
@@ -755,22 +755,6 @@ async def test_get_provider_models_silicon_with_different_model_types():
 # Test-cases for ModelEngineProvider.get_models
 # ---------------------------------------------------------------------------
 
-@pytest.mark.asyncio
-async def test_modelengine_get_models_no_env_config():
-    """ModelEngine provider should return empty list when env vars not configured."""
-    # Import ModelEngineProvider
-    from backend.services.model_provider_service import ModelEngineProvider
-
-    provider_config = {"model_type": "llm"}
-
-    with mock.patch("backend.services.model_provider_service.MODEL_ENGINE_HOST", ""), \
-         mock.patch("backend.services.model_provider_service.MODEL_ENGINE_APIKEY", ""):
-
-        result = await ModelEngineProvider().get_models(provider_config)
-
-        assert result == []
-
-
 @pytest.mark.asyncio
 async def test_modelengine_get_models_llm_success():
     """ModelEngine provider should return LLM models with correct type mapping."""
@@ -922,9 +906,7 @@ async def test_modelengine_get_models_exception():
 
     provider_config = {"model_type": "llm"}
 
-    with mock.patch("backend.services.model_provider_service.MODEL_ENGINE_HOST", "https://model-engine.com"), \
-         mock.patch("backend.services.model_provider_service.MODEL_ENGINE_APIKEY", "test-key"), \
-         mock.patch("backend.services.model_provider_service.aiohttp.ClientSession") as mock_session:
+    with mock.patch("backend.services.model_provider_service.aiohttp.ClientSession") as mock_session:
 
         mock_session_instance = mock.AsyncMock()
         mock_session_instance.__aenter__.return_value = mock_session_instance

From e1ba8fa0d72ffc61050e971ecf0825bb3575742a Mon Sep 17 00:00:00 2001
From: zhizhi <928570418@qq.com>
Date: Tue, 13 Jan 2026 08:30:33 +0800
Subject: [PATCH 09/38] =?UTF-8?q?=E2=9C=A8Added=20ModelEngine=20ENV=20Conf?=
 =?UTF-8?q?ig?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 docker/docker-compose.yml | 71 ++++++++++++++++++---------------------
 1 file changed, 33 insertions(+), 38 deletions(-)

diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
index e792a8f40..bfe707a04 100644
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -35,25 +35,21 @@ services:
     volumes:
       - ${ROOT_DIR}/elasticsearch:/usr/share/elasticsearch/data
     ports:
-      - "9210:9200" # HTTP API
-      - "9310:9300" # Cluster communication port
+      - "9210:9200"  # HTTP API
+      - "9310:9300"  # Cluster communication port
     networks:
       - nexent
     restart: always
     healthcheck:
-      test:
-        [
-          "CMD-SHELL",
-          'curl -sf -u elastic:${ELASTIC_PASSWORD} http://localhost:9200/_cluster/health | grep -qE ''"status":"(green|yellow)"'' || exit 1',
-        ]
+      test: ["CMD-SHELL", "curl -sf -u elastic:${ELASTIC_PASSWORD} http://localhost:9200/_cluster/health | grep -qE '\"status\":\"(green|yellow)\"' || exit 1"]
       interval: 5s
       timeout: 10s
       retries: 20
     logging:
       driver: "json-file"
       options:
-        max-size: "100m" # Maximum size of a single log file
-        max-file: "3" # Maximum number of log files to keep
+        max-size: "100m"  # Maximum size of a single log file
+        max-file: "3"     # Maximum number of log files to keep
 
   nexent-postgresql:
     image: ${POSTGRESQL_IMAGE}
@@ -73,8 +69,8 @@ services:
     logging:
       driver: "json-file"
       options:
-        max-size: "100m" # Maximum size of a single log file
-        max-file: "3" # Maximum number of log files to keep
+        max-size: "100m"  # Maximum size of a single log file
+        max-file: "3"     # Maximum number of log files to keep
     networks:
       - nexent
 
@@ -83,11 +79,11 @@ services:
     container_name: nexent-config
     restart: always
     ports:
-      - "5010:5010" # Config service port
+      - "5010:5010"  # Config service port
     volumes:
       - ${NEXENT_USER_DIR:-$HOME/nexent}:/mnt/nexent
       - ${ROOT_DIR}/openssh-server/ssh-keys:/opt/ssh-keys:ro
-      - /var/run/docker.sock:/var/run/docker.sock:ro # Docker socket for MCP container management
+      - /var/run/docker.sock:/var/run/docker.sock:ro  # Docker socket for MCP container management
     environment:
       <<: [*minio-vars, *es-vars]
       skip_proxy: "true"
@@ -101,8 +97,8 @@ services:
     logging:
       driver: "json-file"
       options:
-        max-size: "10m" # Maximum size of a single log file
-        max-file: "3" # Maximum number of log files to keep
+        max-size: "10m"  # Maximum size of a single log file
+        max-file: "3"    # Maximum number of log files to keep
     networks:
       - nexent
     entrypoint: ["/bin/bash", "-c", "python backend/config_service.py"]
@@ -112,7 +108,7 @@ services:
     container_name: nexent-runtime
     restart: always
     ports:
-      - "5014:5014" # Runtime service port
+      - "5014:5014"  # Runtime service port
     volumes:
       - ${NEXENT_USER_DIR:-$HOME/nexent}:/mnt/nexent
       - ${ROOT_DIR}/openssh-server/ssh-keys:/opt/ssh-keys:ro
@@ -129,8 +125,8 @@ services:
     logging:
       driver: "json-file"
       options:
-        max-size: "10m" # Maximum size of a single log file
-        max-file: "3" # Maximum number of log files to keep
+        max-size: "10m"  # Maximum size of a single log file
+        max-file: "3"    # Maximum number of log files to keep
     networks:
       - nexent
     entrypoint: ["/bin/bash", "-c", "python backend/runtime_service.py"]
@@ -140,7 +136,7 @@ services:
     container_name: nexent-mcp
     restart: always
     ports:
-      - "5011:5011" # MCP service port
+      - "5011:5011"  # MCP service port
     volumes:
       - ${NEXENT_USER_DIR:-$HOME/nexent}:/mnt/nexent
       - ${ROOT_DIR}/openssh-server/ssh-keys:/opt/ssh-keys:ro
@@ -157,8 +153,8 @@ services:
     logging:
       driver: "json-file"
       options:
-        max-size: "10m" # Maximum size of a single log file
-        max-file: "3" # Maximum number of log files to keep
+        max-size: "10m"  # Maximum size of a single log file
+        max-file: "3"    # Maximum number of log files to keep
     networks:
       - nexent
     entrypoint: ["/bin/bash", "-c", "python backend/mcp_service.py"]
@@ -168,7 +164,7 @@ services:
     container_name: nexent-northbound
     restart: always
     ports:
-      - "5013:5013" # Northbound service port
+      - "5013:5013"  # Northbound service port
     volumes:
       - ${NEXENT_USER_DIR:-$HOME/nexent}:/mnt/nexent
       - ${ROOT_DIR}/openssh-server/ssh-keys:/opt/ssh-keys:ro
@@ -185,8 +181,8 @@ services:
     logging:
       driver: "json-file"
       options:
-        max-size: "10m" # Maximum size of a single log file
-        max-file: "3" # Maximum number of log files to keep
+        max-size: "10m"  # Maximum size of a single log file
+        max-file: "3"    # Maximum number of log files to keep
     networks:
       - nexent
     entrypoint: ["/bin/bash", "-c", "python backend/northbound_service.py"]
@@ -205,12 +201,11 @@ services:
       - RUNTIME_HTTP_BACKEND=http://nexent-runtime:5014
       - MINIO_ENDPOINT=http://nexent-minio:9000
       - MARKET_BACKEND=https://market.nexent.tech
-      - MODEL_ENGINE_ENABLED=${MODEL_ENGINE_ENABLED:-true}
     logging:
       driver: "json-file"
       options:
-        max-size: "10m" # Maximum size of a single log file
-        max-file: "3" # Maximum number of log files to keep
+        max-size: "10m"  # Maximum size of a single log file
+        max-file: "3"    # Maximum number of log files to keep
 
   nexent-data-process:
     image: ${NEXENT_DATA_PROCESS_IMAGE}
@@ -220,8 +215,8 @@ services:
     privileged: true
     ports:
       - "5012:5012"
-      - "5555:5555" # Celery Flower port
-      - "8265:8265" # Ray Dashboardport
+      - "5555:5555"  # Celery Flower port
+      - "8265:8265"  # Ray Dashboardport
     volumes:
       - ${NEXENT_USER_DIR:-$HOME/nexent}:/mnt/nexent
     environment:
@@ -258,7 +253,7 @@ services:
     volumes:
       - ${ROOT_DIR}/redis:/data
     healthcheck:
-      test: ["CMD", "redis-cli", "ping"]
+      test: [ "CMD", "redis-cli", "ping" ]
       interval: 5s
       timeout: 5s
       retries: 5
@@ -271,8 +266,8 @@ services:
     container_name: nexent-minio
     command: server /data
     ports:
-      - "9010:9000" # MinIO API port
-      - "9011:9001" # MinIO Console port
+      - "9010:9000"  # MinIO API port
+      - "9011:9001"  # MinIO Console port
     environment:
       <<: [*minio-vars, *proxy-vars]
       MINIO_ROOT_USER: ${MINIO_ROOT_USER}
@@ -285,8 +280,8 @@ services:
     logging:
       driver: "json-file"
       options:
-        max-size: "100m" # Maximum size of a single log file
-        max-file: "3" # Maximum number of log files to keep
+        max-size: "100m"  # Maximum size of a single log file
+        max-file: "3"     # Maximum number of log files to keep
     entrypoint: >
       /bin/sh -c "
         minio server /etc/minio/data --address ':9000' --console-address ':9001' &
@@ -308,7 +303,7 @@ services:
       - DEV_USER=${SSH_USERNAME:-linuxserver.io}
       - DEV_PASSWORD=${SSH_PASSWORD:-nexent123}
     ports:
-      - "2222:22" # SSH port
+      - "2222:22"  # SSH port
     volumes:
       - ${TERMINAL_MOUNT_DIR:-./workspace}:/opt/terminal
     networks:
@@ -317,8 +312,8 @@ services:
     logging:
       driver: "json-file"
       options:
-        max-size: "10m" # Maximum size of a single log file
-        max-file: "3" # Maximum number of log files to keep
+        max-size: "10m"  # Maximum size of a single log file
+        max-file: "3"    # Maximum number of log files to keep
     profiles:
       - terminal
 
@@ -327,4 +322,4 @@ networks:
     driver: bridge
 
 volumes:
-  redis_data:
+  redis_data:
\ No newline at end of file

From 6879b633282da92936c9162f1a52fed3cc05aca0 Mon Sep 17 00:00:00 2001
From: xuyaqi <xuyaqist@gmail.com>
Date: Tue, 13 Jan 2026 14:20:45 +0800
Subject: [PATCH 10/38] replace deprecated usage

---
 .../components/agentManage/AgentCallRelationshipModal.tsx   | 2 +-
 .../knowledges/components/document/DocumentChunk.tsx        | 2 +-
 frontend/app/[locale]/models/components/appConfig.tsx       | 2 +-
 .../app/[locale]/models/components/model/ModelAddDialog.tsx | 4 ++--
 .../[locale]/models/components/model/ModelDeleteDialog.tsx  | 6 +++---
 .../[locale]/models/components/model/ModelEditDialog.tsx    | 4 ++--
 frontend/components/ui/AgentCallRelationshipModal.tsx       | 2 +-
 7 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/frontend/app/[locale]/agents/components/agentManage/AgentCallRelationshipModal.tsx b/frontend/app/[locale]/agents/components/agentManage/AgentCallRelationshipModal.tsx
index dfb6faeaf..d71f82038 100644
--- a/frontend/app/[locale]/agents/components/agentManage/AgentCallRelationshipModal.tsx
+++ b/frontend/app/[locale]/agents/components/agentManage/AgentCallRelationshipModal.tsx
@@ -406,7 +406,7 @@ export default function AgentCallRelationshipModal({
         onCancel={onClose}
         footer={null}
         width={1800}
-        destroyOnClose
+        destroyOnHidden
         centered
         style={{ top: 20 }}
       >
diff --git a/frontend/app/[locale]/knowledges/components/document/DocumentChunk.tsx b/frontend/app/[locale]/knowledges/components/document/DocumentChunk.tsx
index 049fc95de..7d40b0df7 100644
--- a/frontend/app/[locale]/knowledges/components/document/DocumentChunk.tsx
+++ b/frontend/app/[locale]/knowledges/components/document/DocumentChunk.tsx
@@ -776,7 +776,7 @@ const DocumentChunk: React.FC<DocumentChunkProps> = ({
       </div>
       <Modal
         centered
-        destroyOnClose
+        destroyOnHidden
         open={isChunkModalOpen}
         title={
           chunkModalMode === "create"
diff --git a/frontend/app/[locale]/models/components/appConfig.tsx b/frontend/app/[locale]/models/components/appConfig.tsx
index 5531ba974..8caf82acb 100644
--- a/frontend/app/[locale]/models/components/appConfig.tsx
+++ b/frontend/app/[locale]/models/components/appConfig.tsx
@@ -404,7 +404,7 @@ export const AppConfigSection: React.FC = () => {
               {t("common.confirm")}
             </Button>,
           ]}
-          destroyOnClose={true}
+          destroyOnHidden={true}
           width={520}
           centered
         >
diff --git a/frontend/app/[locale]/models/components/model/ModelAddDialog.tsx b/frontend/app/[locale]/models/components/model/ModelAddDialog.tsx
index 4c182ebcd..f70e65641 100644
--- a/frontend/app/[locale]/models/components/model/ModelAddDialog.tsx
+++ b/frontend/app/[locale]/models/components/model/ModelAddDialog.tsx
@@ -653,7 +653,7 @@ export const ModelAddDialog = ({
       open={isOpen}
       onCancel={onClose}
       footer={null}
-      destroyOnClose
+      destroyOnHidden
     >
       <div className="space-y-4">
         {/* Batch Import Switch */}
@@ -1248,7 +1248,7 @@ export const ModelAddDialog = ({
         onOk={handleSettingsSave}
         cancelText={t("common.cancel")}
         okText={t("common.confirm")}
-        destroyOnClose
+        destroyOnHidden
       >
         <div className="space-y-3">
           <div>
diff --git a/frontend/app/[locale]/models/components/model/ModelDeleteDialog.tsx b/frontend/app/[locale]/models/components/model/ModelDeleteDialog.tsx
index 37670674b..541ed6266 100644
--- a/frontend/app/[locale]/models/components/model/ModelDeleteDialog.tsx
+++ b/frontend/app/[locale]/models/components/model/ModelDeleteDialog.tsx
@@ -865,7 +865,7 @@ export const ModelDeleteDialog = ({
           ),
       ]}
       width={520}
-      destroyOnClose
+      destroyOnHidden
     >
       {!deletingModelType ? (
         <div className="space-y-4">
@@ -1375,7 +1375,7 @@ export const ModelDeleteDialog = ({
         onOk={handleSettingsSave}
         cancelText={t("common.button.cancel")}
         okText={t("common.button.save")}
-        destroyOnClose
+        destroyOnHidden
       >
         <div className="space-y-3">
           <div>
@@ -1409,7 +1409,7 @@ export const ModelDeleteDialog = ({
         cancelText={t("common.button.cancel")}
         okText={t("common.button.save")}
         confirmLoading={savingEmbeddingConfig}
-        destroyOnClose
+        destroyOnHidden
       >
         <div className="space-y-4">
           {/* Chunk Size Range */}
diff --git a/frontend/app/[locale]/models/components/model/ModelEditDialog.tsx b/frontend/app/[locale]/models/components/model/ModelEditDialog.tsx
index 972f30d27..fc4991f0b 100644
--- a/frontend/app/[locale]/models/components/model/ModelEditDialog.tsx
+++ b/frontend/app/[locale]/models/components/model/ModelEditDialog.tsx
@@ -235,7 +235,7 @@ export const ModelEditDialog = ({
       open={isOpen}
       onCancel={onClose}
       footer={null}
-      destroyOnClose
+      destroyOnHidden
     >
       <div className="space-y-4">
         {/* Model Name */}
@@ -434,7 +434,7 @@ export const ProviderConfigEditDialog = ({
       open={isOpen}
       onCancel={onClose}
       footer={null}
-      destroyOnClose
+      destroyOnHidden
     >
       <div className="space-y-4">
         <div>
diff --git a/frontend/components/ui/AgentCallRelationshipModal.tsx b/frontend/components/ui/AgentCallRelationshipModal.tsx
index b8457151b..d88da31b0 100644
--- a/frontend/components/ui/AgentCallRelationshipModal.tsx
+++ b/frontend/components/ui/AgentCallRelationshipModal.tsx
@@ -406,7 +406,7 @@ export default function AgentCallRelationshipModal({
         onCancel={onClose}
         footer={null}
         width={1400}
-        destroyOnClose
+        destroyOnHidden
         centered
         style={{ top: 20 }}
       >

From 22a7e6284322aa857231a0e6a29987053d2b6282 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E8=91=9B=E9=94=90?= <gerui@geruideMacBook-Pro.local>
Date: Tue, 13 Jan 2026 16:26:29 +0800
Subject: [PATCH 11/38] feat:review

---
 .../components/agent/AgentImportWizard.tsx    | 54 +++++++++----------
 1 file changed, 26 insertions(+), 28 deletions(-)

diff --git a/frontend/components/agent/AgentImportWizard.tsx b/frontend/components/agent/AgentImportWizard.tsx
index 6100bacb8..5723f334c 100644
--- a/frontend/components/agent/AgentImportWizard.tsx
+++ b/frontend/components/agent/AgentImportWizard.tsx
@@ -108,14 +108,14 @@ export default function AgentImportWizard({
   const [currentStep, setCurrentStep] = useState(0);
   const [llmModels, setLlmModels] = useState<ModelOption[]>([]);
   const [loadingModels, setLoadingModels] = useState(false);
-  
+
   // Model selection mode: "unified" (one model for all) or "individual" (separate model for each agent)
   const [modelSelectionMode, setModelSelectionMode] = useState<"unified" | "individual">("unified");
-  
+
   // Unified mode: single model for all agents
   const [selectedModelId, setSelectedModelId] = useState<number | null>(null);
   const [selectedModelName, setSelectedModelName] = useState<string>("");
-  
+
   // Individual mode: model for each agent
   const [selectedModelsByAgent, setSelectedModelsByAgent] = useState<Record<string, { modelId: number | null; modelName: string }>>({});
 
@@ -216,13 +216,13 @@ export default function AgentImportWizard({
   // Initialize model selection for individual mode
   const initializeModelSelection = () => {
     if (!initialData?.agent_info) return;
-    
+
     const initialModels: Record<string, { modelId: number | null; modelName: string }> = {};
-    
+
     Object.keys(initialData.agent_info).forEach(agentKey => {
       initialModels[agentKey] = { modelId: null, modelName: "" };
     });
-    
+
     setSelectedModelsByAgent(initialModels);
   };
 
@@ -288,7 +288,7 @@ export default function AgentImportWizard({
       });
 
       setAgentNameConflicts(conflicts);
-      
+
       // Update successfully renamed agents based on initial check
       // Only add to successfullyRenamedAgents if there was a conflict that was resolved
       // For initial check, we don't add anything since no renaming has happened yet
@@ -327,7 +327,7 @@ export default function AgentImportWizard({
       const hasDisplayNameConflict = checkResult?.display_name_conflict || false;
       const hasConflict = hasNameConflict || hasDisplayNameConflict;
       const conflictAgentsRaw = Array.isArray(checkResult?.conflict_agents) ? checkResult.conflict_agents : [];
-      
+
       // Deduplicate by name/display_name
       const seen = new Set<string>();
       const conflictAgents = conflictAgentsRaw.reduce((acc: Array<{ name?: string; display_name?: string }>, curr: any) => {
@@ -457,7 +457,7 @@ export default function AgentImportWizard({
     try {
       const models = await modelService.getLLMModels();
       setLlmModels(models.filter(m => m.connect_status === "available"));
-      
+
       // Auto-select first available model
       if (models.length > 0 && models[0].connect_status === "available") {
         setSelectedModelId(models[0].id);
@@ -656,11 +656,11 @@ export default function AgentImportWizard({
       // Check each MCP server from mcp_info
       const serversToInstall: McpServerToInstall[] = initialData.mcp_info.map((mcp: any) => {
         const isUrlConfigNeeded = needsConfig(mcp.mcp_url);
-        
+
         // Check if already installed (match by both name and url)
         const isInstalled = !isUrlConfigNeeded && existing.some(
-          (existingMcp: McpServer) => 
-            existingMcp.service_name === mcp.mcp_server_name && 
+          (existingMcp: McpServer) =>
+            existingMcp.service_name === mcp.mcp_server_name &&
             existingMcp.mcp_url === mcp.mcp_url
         );
 
@@ -773,7 +773,7 @@ export default function AgentImportWizard({
     try {
       // Prepare the data structure for import
       const importData = prepareImportData();
-      
+
       if (!importData) {
         message.error(t("market.install.error.invalidData", "Invalid agent data"));
         return;
@@ -784,9 +784,7 @@ export default function AgentImportWizard({
       setIsImporting(true);
       // Import using agentConfigService directly
       const result = await importAgent(importData, { forceImport: false });
-      
       if (result.success) {
-        // Parent component will show a success message; invalidate and notify parent
         queryClient.invalidateQueries({ queryKey: ["agents"] });
         onImportComplete?.();
         handleCancel(); // Close wizard after success
@@ -825,7 +823,7 @@ export default function AgentImportWizard({
       Object.entries(agentJson.agent_info).forEach(([agentKey, agentInfo]: [string, any]) => {
         agentInfo.model_id = selectedModelId;
         agentInfo.model_name = selectedModelName;
-        
+
         // Clear business logic model fields
         agentInfo.business_logic_model_id = null;
         agentInfo.business_logic_model_name = null;
@@ -837,7 +835,7 @@ export default function AgentImportWizard({
         if (modelSelection && modelSelection.modelId && modelSelection.modelName) {
           agentInfo.model_id = modelSelection.modelId;
           agentInfo.model_name = modelSelection.modelName;
-          
+
           // Clear business logic model fields
           agentInfo.business_logic_model_id = null;
           agentInfo.business_logic_model_name = null;
@@ -957,7 +955,7 @@ export default function AgentImportWizard({
     }
 
     const currentStepKey = steps[currentStep]?.key;
-    
+
     if (currentStepKey === "rename") {
       return true;
     } else if (currentStepKey === "tools") {
@@ -978,13 +976,13 @@ export default function AgentImportWizard({
       return configFields.every(field => configValues[field.valueKey]?.trim());
     } else if (currentStepKey === "mcp") {
       // All non-editable MCPs should be installed or have edited URLs
-      return mcpServers.every(mcp => 
-        mcp.isInstalled || 
+      return mcpServers.every(mcp =>
+        mcp.isInstalled ||
         (mcp.isUrlEditable && mcp.editedUrl && mcp.editedUrl.trim() !== "") ||
         (!mcp.isUrlEditable && mcp.mcp_url && mcp.mcp_url.trim() !== "")
       );
     }
-    
+
     return true;
   };
 
@@ -1384,7 +1382,7 @@ export default function AgentImportWizard({
                 <p className="text-sm text-gray-600 dark:text-gray-400 mb-4">
                   {t("market.install.model.description.unified", "Select a model from your configured models. This model will be applied to all agents (main agent and sub-agents).")}
                 </p>
-                
+
                 <div className="flex items-center gap-3">
                   <label className="text-sm font-medium text-gray-700 dark:text-gray-300 whitespace-nowrap">
                     {t("market.install.model.label", "Model")}
@@ -1446,11 +1444,11 @@ export default function AgentImportWizard({
                         const currentSelection = selectedModelsByAgent[agentKey] || { modelId: null, modelName: "" };
 
                         return (
-                          <div 
-                            key={agentKey} 
+                          <div
+                            key={agentKey}
                             className={`border rounded-lg p-4 ${
-                              isMainAgent 
-                                ? "bg-blue-50 dark:bg-blue-900/20 border-blue-200 dark:border-blue-800" 
+                              isMainAgent
+                                ? "bg-blue-50 dark:bg-blue-900/20 border-blue-200 dark:border-blue-800"
                                 : "border-gray-200 dark:border-gray-700"
                             }`}
                           >
@@ -1651,7 +1649,7 @@ export default function AgentImportWizard({
                         <Input
                           value={mcp.editedUrl || ""}
                           onChange={(e) => handleMcpUrlChange(index, e.target.value)}
-                          placeholder={mcp.isUrlEditable 
+                          placeholder={mcp.isUrlEditable
                             ? t("market.install.mcp.urlPlaceholder", "Enter MCP server URL")
                             : mcp.mcp_url
                           }
@@ -1731,7 +1729,7 @@ export default function AgentImportWizard({
                 loading={isImporting}
                 icon={<Download size={16} />}
               >
-                {isImporting 
+                {isImporting
                   ? t("market.install.button.installing", "Installing...")
                   : t("market.install.button.install", "Install")}
               </Button>

From a573175bff943f2cf05ae807b69bf86371a6a071 Mon Sep 17 00:00:00 2001
From: xuyaqi <xuyaqist@gmail.com>
Date: Tue, 13 Jan 2026 19:41:25 +0800
Subject: [PATCH 12/38] Refactoring router: split main page.tsx into seperated
 page.tsx

---
 .../agents/AgentSetupOrchestrator.tsx         |  70 ---
 .../agents/components/AgentManageComp.tsx     |  88 ++-
 frontend/app/[locale]/agents/page.tsx         |  88 +++
 .../{internal/ChatContent.tsx => page.tsx}    |   5 +-
 .../knowledges/KnowledgeBaseConfiguration.tsx |  79 +--
 .../[locale]/knowledges/KnowledgesContent.tsx | 110 ----
 .../components/document/DocumentList.tsx      |   7 +-
 .../knowledge/KnowledgeBaseList.tsx           |  94 ++-
 frontend/app/[locale]/knowledges/page.tsx     |  74 +++
 frontend/app/[locale]/layout.client.tsx       | 192 ++++++
 frontend/app/[locale]/layout.tsx              |  58 +-
 .../market/{MarketContent.tsx => page.tsx}    |  50 +-
 .../{McpToolsContent.tsx => page.tsx}         |  33 +-
 .../app/[locale]/memory/MemoryContent.tsx     | 532 -----------------
 .../app/[locale]/memory/MemoryMenuList.tsx    | 179 ++++++
 frontend/app/[locale]/memory/page.tsx         | 404 +++++++++++++
 .../[locale]/models/ModelConfiguration.tsx    |  74 +--
 .../app/[locale]/models/ModelsContent.tsx     |  78 ---
 frontend/app/[locale]/models/page.tsx         |  49 ++
 .../{MonitoringContent.tsx => page.tsx}       |  35 +-
 frontend/app/[locale]/page.tsx                | 549 +-----------------
 frontend/app/[locale]/setup/SetupLayout.tsx   | 173 ------
 frontend/app/[locale]/setup/page.tsx          | 168 ++++++
 .../[locale]/space/components/AgentCard.tsx   |  35 +-
 .../space/components/SpaceContent.tsx         | 211 -------
 frontend/app/[locale]/space/page.tsx          | 245 ++++++++
 frontend/app/[locale]/users/UsersContent.tsx  | 131 -----
 frontend/app/[locale]/users/page.tsx          | 109 ++++
 .../components/navigation/FooterLayout.tsx    |   4 -
 .../navigation/NavigationLayout.tsx           | 194 -------
 .../components/navigation/SideNavigation.tsx  | 201 +++----
 frontend/components/navigation/index.ts       |   5 -
 .../providers/I18nProviderWrapper.tsx         |  24 +-
 .../providers/deploymentProvider.tsx          |  49 ++
 frontend/components/providers/index.ts        |   6 -
 .../components/providers/rootProvider.tsx     |  16 +-
 frontend/const/modelConfig.ts                 |   9 -
 frontend/hooks/useAuth.ts                     |  36 +-
 frontend/hooks/useSetupFlow.ts                |  37 +-
 frontend/types/auth.ts                        |   2 +-
 frontend/types/modelConfig.ts                 |  11 -
 41 files changed, 1962 insertions(+), 2552 deletions(-)
 delete mode 100644 frontend/app/[locale]/agents/AgentSetupOrchestrator.tsx
 create mode 100644 frontend/app/[locale]/agents/page.tsx
 rename frontend/app/[locale]/chat/{internal/ChatContent.tsx => page.tsx} (95%)
 delete mode 100644 frontend/app/[locale]/knowledges/KnowledgesContent.tsx
 create mode 100644 frontend/app/[locale]/knowledges/page.tsx
 create mode 100644 frontend/app/[locale]/layout.client.tsx
 rename frontend/app/[locale]/market/{MarketContent.tsx => page.tsx} (92%)
 rename frontend/app/[locale]/mcp-tools/{McpToolsContent.tsx => page.tsx} (78%)
 delete mode 100644 frontend/app/[locale]/memory/MemoryContent.tsx
 create mode 100644 frontend/app/[locale]/memory/MemoryMenuList.tsx
 create mode 100644 frontend/app/[locale]/memory/page.tsx
 delete mode 100644 frontend/app/[locale]/models/ModelsContent.tsx
 create mode 100644 frontend/app/[locale]/models/page.tsx
 rename frontend/app/[locale]/monitoring/{MonitoringContent.tsx => page.tsx} (78%)
 delete mode 100644 frontend/app/[locale]/setup/SetupLayout.tsx
 create mode 100644 frontend/app/[locale]/setup/page.tsx
 delete mode 100644 frontend/app/[locale]/space/components/SpaceContent.tsx
 create mode 100644 frontend/app/[locale]/space/page.tsx
 delete mode 100644 frontend/app/[locale]/users/UsersContent.tsx
 create mode 100644 frontend/app/[locale]/users/page.tsx
 delete mode 100644 frontend/components/navigation/NavigationLayout.tsx
 delete mode 100644 frontend/components/navigation/index.ts
 create mode 100644 frontend/components/providers/deploymentProvider.tsx
 delete mode 100644 frontend/components/providers/index.ts

diff --git a/frontend/app/[locale]/agents/AgentSetupOrchestrator.tsx b/frontend/app/[locale]/agents/AgentSetupOrchestrator.tsx
deleted file mode 100644
index 99f3c7d3b..000000000
--- a/frontend/app/[locale]/agents/AgentSetupOrchestrator.tsx
+++ /dev/null
@@ -1,70 +0,0 @@
-"use client";
-
-import { Card, Row, Col } from "antd";
-
-import AgentManageComp from "./components/AgentManageComp";
-import AgentConfigComp from "./components/AgentConfigComp";
-import AgentInfoComp from "./components/AgentInfoComp";
-
-interface AgentSetupOrchestratorProps {
-  onImportAgent?: () => void;
-}
-
-export default function AgentSetupOrchestrator({
-  onImportAgent,
-}: AgentSetupOrchestratorProps) {
-  return (
-    <Card
-      className="h-full min-h-0 w-full min-w-0"
-      style={{ minHeight: 400, maxHeight: "80vh" }}
-    >
-      <style jsx global>{`
-        .ant-card-body {
-          height: 100%;
-        }
-      `}</style>
-      {/* Three-column layout using Ant Design Grid */}
-      <Row
-        gutter={[16, 16]}
-        className="h-full min-h-0 w-full min-w-0"
-        align="stretch"
-      >
-        {/* Left column: Agent Management */}
-        <Col
-          xs={24}
-          sm={24}
-          md={24}
-          lg={24}
-          xl={8}
-          className="flex flex-col h-full w-full"
-        >
-          <AgentManageComp onImportAgent={onImportAgent} />
-        </Col>
-
-        {/* Middle column: Agent Config */}
-        <Col
-          xs={24}
-          sm={24}
-          md={24}
-          lg={24}
-          xl={8}
-          className="flex flex-col h-full w-full"
-        >
-          <AgentConfigComp />
-        </Col>
-
-        {/* Right column: Agent Info */}
-        <Col
-          xs={24}
-          sm={24}
-          md={24}
-          lg={24}
-          xl={8}
-          className="flex flex-col h-full w-full"
-        >
-          <AgentInfoComp />
-        </Col>
-      </Row>
-    </Card>
-  );
-}
diff --git a/frontend/app/[locale]/agents/components/AgentManageComp.tsx b/frontend/app/[locale]/agents/components/AgentManageComp.tsx
index 7e5afe3c9..daa8cf3fb 100644
--- a/frontend/app/[locale]/agents/components/AgentManageComp.tsx
+++ b/frontend/app/[locale]/agents/components/AgentManageComp.tsx
@@ -1,17 +1,7 @@
 "use client";
 
 import { useTranslation } from "react-i18next";
-import {
-  App,
-  Row,
-  Col,
-  Flex,
-  Tooltip,
-  Badge,
-  Divider,
-  Upload,
-  theme,
-} from "antd";
+import { App, Row, Col, Flex, Tooltip, Badge, Divider } from "antd";
 import { FileInput, Plus, X } from "lucide-react";
 
 import { Agent } from "@/types/agentConfig";
@@ -25,14 +15,10 @@ import { useAgentList } from "@/hooks/agent/useAgentList";
 import { useAgentInfo } from "@/hooks/agent/useAgentInfo";
 import log from "@/lib/logger";
 import { useState, useEffect } from "react";
+import { ImportAgentData } from "@/hooks/useAgentImport";
+import AgentImportWizard from "@/components/agent/AgentImportWizard";
 
-interface AgentManageCompProps {
-  onImportAgent?: () => void;
-}
-
-export default function AgentManageComp({
-  onImportAgent,
-}: AgentManageCompProps) {
+export default function AgentManageComp() {
   const { t } = useTranslation("common");
   const { message } = App.useApp();
 
@@ -69,6 +55,11 @@ export default function AgentManageComp({
   // State for selected agent info loading
   const [selectedAgentId, setSelectedAgentId] = useState<number | null>(null);
 
+  // Import wizard state
+  const [importWizardVisible, setImportWizardVisible] = useState(false);
+  const [importWizardData, setImportWizardData] =
+    useState<ImportAgentData | null>(null);
+
   const {
     data: agentDetail,
     isLoading: agentInfoLoading,
@@ -80,6 +71,50 @@ export default function AgentManageComp({
     onSuccess: () => queryClient.invalidateQueries({ queryKey: ["agents"] }),
   });
 
+  // Handle import agent for space view - open wizard instead of direct import
+  const handleImportAgent = () => {
+    const fileInput = document.createElement("input");
+    fileInput.type = "file";
+    fileInput.accept = ".json";
+    fileInput.onchange = async (event) => {
+      const file = (event.target as HTMLInputElement).files?.[0];
+      if (!file) return;
+
+      if (!file.name.endsWith(".json")) {
+        message.error(t("businessLogic.config.error.invalidFileType"));
+        return;
+      }
+
+      try {
+        // Read and parse file
+        const fileContent = await file.text();
+        let agentData: ImportAgentData;
+
+        try {
+          agentData = JSON.parse(fileContent);
+        } catch (parseError) {
+          message.error(t("businessLogic.config.error.invalidFileType"));
+          return;
+        }
+
+        // Validate structure
+        if (!agentData.agent_id || !agentData.agent_info) {
+          message.error(t("businessLogic.config.error.invalidFileType"));
+          return;
+        }
+
+        // Open wizard with parsed data
+        setImportWizardData(agentData);
+        setImportWizardVisible(true);
+      } catch (error) {
+        log.error("Failed to read import file:", error);
+        message.error(t("businessLogic.config.error.agentImportFailed"));
+      }
+    };
+
+    fileInput.click();
+  };
+
   // Handle agent detail loading completion
   useEffect(() => {
     if (
@@ -206,7 +241,7 @@ export default function AgentManageComp({
             <Tooltip title={t("subAgentPool.description.importAgent")}>
               <div
                 className="rounded-md p-3 cursor-pointer transition-all duration-200 bg-white hover:bg-green-50 hover:shadow-sm"
-                onClick={onImportAgent}
+                onClick={handleImportAgent}
               >
                 <Flex align="center" gap={12} className="text-green-600">
                   <Flex
@@ -247,6 +282,21 @@ export default function AgentManageComp({
           />
         </div>
       </Flex>
+
+      {/* Import Wizard Modal */}
+      <AgentImportWizard
+        visible={importWizardVisible}
+        onCancel={() => {
+          setImportWizardVisible(false);
+          setImportWizardData(null);
+        }}
+        initialData={importWizardData}
+        onImportComplete={() => {
+          setImportWizardVisible(false);
+          setImportWizardData(null);
+          refetch(); // Refresh the agent list
+        }}
+      />
     </>
   );
 }
diff --git a/frontend/app/[locale]/agents/page.tsx b/frontend/app/[locale]/agents/page.tsx
new file mode 100644
index 000000000..b259f3584
--- /dev/null
+++ b/frontend/app/[locale]/agents/page.tsx
@@ -0,0 +1,88 @@
+"use client";
+
+import { Card, Row, Col, Flex } from "antd";
+
+import { useSetupFlow } from "@/hooks/useSetupFlow";
+import { motion } from "framer-motion";
+import AgentManageComp from "./components/AgentManageComp";
+import AgentConfigComp from "./components/AgentConfigComp";
+import AgentInfoComp from "./components/AgentInfoComp";
+
+export default function AgentSetupOrchestrator() {
+  const { pageVariants, pageTransition, canAccessProtectedData } =
+    useSetupFlow();
+
+  return (
+    <>
+      {canAccessProtectedData ? (
+        <Flex
+          justify="center"
+          align="center"
+          className="py-8 px-16 h-full w-full"
+        >
+          <motion.div
+            initial="initial"
+            animate="in"
+            exit="out"
+            variants={pageVariants}
+            transition={pageTransition}
+            style={{ width: "100%", height: "100%" }}
+          >
+            <Card
+              className="h-full min-h-0 w-full min-w-0"
+              style={{ minHeight: 400, maxHeight: "80vh" }}
+            >
+              <style jsx global>{`
+                .ant-card-body {
+                  height: 100%;
+                }
+              `}</style>
+              {/* Three-column layout using Ant Design Grid */}
+              <Row
+                gutter={[16, 16]}
+                className="h-full min-h-0 w-full min-w-0"
+                align="stretch"
+              >
+                {/* Left column: Agent Management */}
+                <Col
+                  xs={24}
+                  sm={24}
+                  md={24}
+                  lg={24}
+                  xl={8}
+                  className="flex flex-col h-full w-full"
+                >
+                  <AgentManageComp />
+                </Col>
+
+                {/* Middle column: Agent Config */}
+                <Col
+                  xs={24}
+                  sm={24}
+                  md={24}
+                  lg={24}
+                  xl={8}
+                  className="flex flex-col h-full w-full"
+                >
+                  <AgentConfigComp />
+                </Col>
+
+                {/* Right column: Agent Info */}
+                <Col
+                  xs={24}
+                  sm={24}
+                  md={24}
+                  lg={24}
+                  xl={8}
+                  className="flex flex-col h-full w-full"
+                >
+                  <AgentInfoComp />
+                </Col>
+              </Row>
+            </Card>
+          </motion.div>
+        </Flex>
+      ) : null}
+    </>
+  );
+}
diff --git a/frontend/app/[locale]/chat/internal/ChatContent.tsx b/frontend/app/[locale]/chat/page.tsx
similarity index 95%
rename from frontend/app/[locale]/chat/internal/ChatContent.tsx
rename to frontend/app/[locale]/chat/page.tsx
index 4c6eaffee..5349f5cd7 100644
--- a/frontend/app/[locale]/chat/internal/ChatContent.tsx
+++ b/frontend/app/[locale]/chat/page.tsx
@@ -5,13 +5,13 @@ import { useAuth } from "@/hooks/useAuth";
 import { useConfig } from "@/hooks/useConfig";
 import { configService } from "@/services/configService";
 import { EVENTS } from "@/const/auth";
-import { ChatInterface } from "./chatInterface";
+import { ChatInterface } from "./internal/chatInterface";
 
 /**
  * ChatContent component - Main chat page content
  * Handles authentication, config loading, and session management for the chat interface
  */
-export function ChatContent() {
+export default function ChatContent() {
   const { appConfig } = useConfig();
   const { user, isLoading: userLoading, isSpeedMode } = useAuth();
   const canAccessProtectedData = isSpeedMode || (!userLoading && !!user);
@@ -63,4 +63,3 @@ export function ChatContent() {
     </div>
   );
 }
-
diff --git a/frontend/app/[locale]/knowledges/KnowledgeBaseConfiguration.tsx b/frontend/app/[locale]/knowledges/KnowledgeBaseConfiguration.tsx
index 283730e0f..e189caf52 100644
--- a/frontend/app/[locale]/knowledges/KnowledgeBaseConfiguration.tsx
+++ b/frontend/app/[locale]/knowledges/KnowledgeBaseConfiguration.tsx
@@ -5,7 +5,11 @@ import { useState, useEffect, useRef, useLayoutEffect } from "react";
 import { useTranslation } from "react-i18next";
 
 import { App, Modal, Row, Col, theme } from "antd";
-import { ExclamationCircleFilled, WarningFilled, InfoCircleFilled } from "@ant-design/icons";
+import {
+  ExclamationCircleFilled,
+  WarningFilled,
+  InfoCircleFilled,
+} from "@ant-design/icons";
 import {
   DOCUMENT_ACTION_TYPES,
   KNOWLEDGE_BASE_ACTION_TYPES,
@@ -784,7 +788,7 @@ function DataConfig({ isActive }: DataConfigProps) {
   if (showEmbeddingWarning) {
     return (
       <div
-        className="w-full mx-auto relative"
+        className="w-full h-full mx-auto relative"
         style={{
           maxWidth: SETUP_PAGE_CONTAINER.MAX_WIDTH,
           padding: `0 ${SETUP_PAGE_CONTAINER.HORIZONTAL_PADDING}`,
@@ -817,7 +821,7 @@ function DataConfig({ isActive }: DataConfigProps) {
   return (
     <>
       <div
-        className="w-full mx-auto relative"
+        className="w-full h-full mx-auto relative"
         style={{
           maxWidth: SETUP_PAGE_CONTAINER.MAX_WIDTH,
           padding: `0 ${SETUP_PAGE_CONTAINER.HORIZONTAL_PADDING}`,
@@ -827,37 +831,9 @@ function DataConfig({ isActive }: DataConfigProps) {
         onDragLeave={handleDragLeave}
         onDrop={handleDrop}
       >
-        <Modal
-          open={showAutoDeselectModal}
-          title={null}
-          onOk={() => setShowAutoDeselectModal(false)}
-          onCancel={() => setShowAutoDeselectModal(false)}
-          okText={t("common.confirm")}
-          cancelButtonProps={{ style: { display: "none" } }}
-          centered
-          okButtonProps={{ type: "primary", danger: true }}
-          getContainer={() => contentRef.current || document.body}
-        >
-          <div className="flex items-start gap-4">
-            <ExclamationCircleFilled 
-              style={{
-                color: token.colorWarning,
-                fontSize: '22px',
-                marginTop: '2px'
-              }}
-            />
-            <div className="flex-1">
-              <div className="text-base font-medium mb-3">
-                {t("embedding.knowledgeBaseAutoDeselectModal.title")}
-              </div>
-              <div className="text-sm leading-6">
-                {t("embedding.knowledgeBaseAutoDeselectModal.content")}
-              </div>
-            </div>
-          </div>
-        </Modal>
-        <Row gutter={TWO_COLUMN_LAYOUT.GUTTER} className="h-full">
+        <Row className="h-full w-full" gutter={TWO_COLUMN_LAYOUT.GUTTER}>
           <Col
+            className="h-full"
             xs={TWO_COLUMN_LAYOUT.LEFT_COLUMN.xs}
             md={TWO_COLUMN_LAYOUT.LEFT_COLUMN.md}
             lg={TWO_COLUMN_LAYOUT.LEFT_COLUMN.lg}
@@ -883,6 +859,7 @@ function DataConfig({ isActive }: DataConfigProps) {
           </Col>
 
           <Col
+            className="h-full"
             xs={TWO_COLUMN_LAYOUT.RIGHT_COLUMN.xs}
             md={TWO_COLUMN_LAYOUT.RIGHT_COLUMN.md}
             lg={TWO_COLUMN_LAYOUT.RIGHT_COLUMN.lg}
@@ -942,13 +919,9 @@ function DataConfig({ isActive }: DataConfigProps) {
               />
             ) : (
               <div
-                className={STANDARD_CARD.BASE_CLASSES}
+                className={`${STANDARD_CARD.BASE_CLASSES} flex flex-col h-full w-full`}
                 style={{
-                  height: SETUP_PAGE_CONTAINER.MAIN_CONTENT_HEIGHT,
                   padding: STANDARD_CARD.PADDING,
-                  display: "flex",
-                  alignItems: "center",
-                  justifyContent: "center",
                 }}
               >
                 <EmptyState
@@ -966,6 +939,36 @@ function DataConfig({ isActive }: DataConfigProps) {
           </Col>
         </Row>
       </div>
+
+      <Modal
+        open={showAutoDeselectModal}
+        title={null}
+        onOk={() => setShowAutoDeselectModal(false)}
+        onCancel={() => setShowAutoDeselectModal(false)}
+        okText={t("common.confirm")}
+        cancelButtonProps={{ style: { display: "none" } }}
+        centered
+        okButtonProps={{ type: "primary", danger: true }}
+        getContainer={() => contentRef.current || document.body}
+      >
+        <div className="flex items-start gap-4">
+          <ExclamationCircleFilled
+            style={{
+              color: token.colorWarning,
+              fontSize: "22px",
+              marginTop: "2px",
+            }}
+          />
+          <div className="flex-1">
+            <div className="text-base font-medium mb-3">
+              {t("embedding.knowledgeBaseAutoDeselectModal.title")}
+            </div>
+            <div className="text-sm leading-6">
+              {t("embedding.knowledgeBaseAutoDeselectModal.content")}
+            </div>
+          </div>
+        </div>
+      </Modal>
     </>
   );
 }
diff --git a/frontend/app/[locale]/knowledges/KnowledgesContent.tsx b/frontend/app/[locale]/knowledges/KnowledgesContent.tsx
deleted file mode 100644
index 779ab47dc..000000000
--- a/frontend/app/[locale]/knowledges/KnowledgesContent.tsx
+++ /dev/null
@@ -1,110 +0,0 @@
-"use client";
-
-import React, {useEffect} from "react";
-import {motion} from "framer-motion";
-
-import {useSetupFlow} from "@/hooks/useSetupFlow";
-import {configService} from "@/services/configService";
-import {configStore} from "@/lib/config";
-import {
-  USER_ROLES,
-  ConnectionStatus,
-} from "@/const/modelConfig";
-import log from "@/lib/logger";
-
-import DataConfig from "./KnowledgeBaseConfiguration";
-
-interface KnowledgesContentProps {
-  /** Whether currently saving */
-  isSaving: boolean;
-  /** Connection status */
-  connectionStatus?: ConnectionStatus;
-  /** Is checking connection */
-  isCheckingConnection?: boolean;
-  /** Check connection callback */
-  onCheckConnection?: () => void;
-  /** Callback to expose connection status */
-  onConnectionStatusChange?: (status: ConnectionStatus) => void;
-  /** Callback to expose saving state */
-  onSavingStateChange?: (isSaving: boolean) => void;
-}
-
-/**
- * KnowledgesContent - Main component for knowledge base configuration
- * Can be used in setup flow or as standalone page
- */
-export default function KnowledgesContent({
-  isSaving = false,
-  connectionStatus: externalConnectionStatus,
-  isCheckingConnection: externalIsCheckingConnection,
-  onCheckConnection: externalOnCheckConnection,
-  onConnectionStatusChange,
-  onSavingStateChange,
-}: KnowledgesContentProps) {
-  
-  // Use custom hook for common setup flow logic
-  const {
-    user,
-    isSpeedMode,
-    canAccessProtectedData,
-    pageVariants,
-    pageTransition,
-  } = useSetupFlow({
-    requireAdmin: false, // Knowledge base accessible to all users
-    externalConnectionStatus,
-    externalIsCheckingConnection,
-    onCheckConnection: externalOnCheckConnection,
-    onConnectionStatusChange,
-  });
-  
-  // Update external saving state
-  useEffect(() => {
-    onSavingStateChange?.(isSaving);
-  }, [isSaving, onSavingStateChange]);
-
-  // Knowledge base specific initialization
-  useEffect(() => {
-    if (!canAccessProtectedData) return;
-
-    // Trigger knowledge base data acquisition when the page is initialized
-    window.dispatchEvent(
-      new CustomEvent("knowledgeBaseDataUpdated", {
-        detail: {forceRefresh: true},
-      })
-    );
-
-    // Load config for normal user
-    const loadConfigForNormalUser = async () => {
-      if (!isSpeedMode && user && user.role !== USER_ROLES.ADMIN) {
-        try {
-          await configService.loadConfigToFrontend();
-          configStore.reloadFromStorage();
-        } catch (error) {
-          log.error("Failed to load config:", error);
-        }
-      }
-    };
-
-    loadConfigForNormalUser();
-  }, [canAccessProtectedData, externalOnCheckConnection]);
-
-  return (
-    <>
-      {canAccessProtectedData ? (
-        <motion.div
-          initial="initial"
-          animate="in"
-          exit="out"
-          variants={pageVariants}
-          transition={pageTransition}
-          style={{width: "100%", height: "100%"}}
-        >
-          <div className="w-full h-full flex items-center justify-center">
-            <DataConfig isActive={true} />
-          </div>
-        </motion.div>
-      ) : null}
-    </>
-  );
-}
-
diff --git a/frontend/app/[locale]/knowledges/components/document/DocumentList.tsx b/frontend/app/[locale]/knowledges/components/document/DocumentList.tsx
index 725eccb26..c99100958 100644
--- a/frontend/app/[locale]/knowledges/components/document/DocumentList.tsx
+++ b/frontend/app/[locale]/knowledges/components/document/DocumentList.tsx
@@ -257,9 +257,8 @@ const DocumentListContainer = forwardRef<DocumentListRef, DocumentListProps>(
       const fetchSummary = async () => {
         if (showDetail && knowledgeBaseId) {
           try {
-            const result = await knowledgeBaseService.getSummary(
-              knowledgeBaseId
-            );
+            const result =
+              await knowledgeBaseService.getSummary(knowledgeBaseId);
             setSummary(result);
           } catch (error) {
             log.error(t("knowledgeBase.error.getSummary"), error);
@@ -338,7 +337,7 @@ const DocumentListContainer = forwardRef<DocumentListRef, DocumentListProps>(
 
     return (
       <div
-        className={`flex flex-col w-full bg-white border border-gray-200 rounded-md shadow-sm ${containerHeightClass}`}
+        className={`flex flex-col w-full h-full bg-white border border-gray-200 rounded-md shadow-sm `}
       >
         {/* Title bar */}
         <div
diff --git a/frontend/app/[locale]/knowledges/components/knowledge/KnowledgeBaseList.tsx b/frontend/app/[locale]/knowledges/components/knowledge/KnowledgeBaseList.tsx
index d49883d1c..f0594b042 100644
--- a/frontend/app/[locale]/knowledges/components/knowledge/KnowledgeBaseList.tsx
+++ b/frontend/app/[locale]/knowledges/components/knowledge/KnowledgeBaseList.tsx
@@ -1,57 +1,58 @@
-import React from 'react'
-import { useTranslation } from 'react-i18next'
+import React from "react";
+import { useTranslation } from "react-i18next";
 
-import { Button, Checkbox, ConfigProvider } from 'antd'
-import { SyncOutlined, PlusOutlined } from '@ant-design/icons'
+import { Button, Checkbox, ConfigProvider } from "antd";
+import { SyncOutlined, PlusOutlined } from "@ant-design/icons";
 
-import { KnowledgeBase } from '@/types/knowledgeBase'
+import { KnowledgeBase } from "@/types/knowledgeBase";
 
 // Knowledge base layout constants configuration
 const KB_LAYOUT = {
   // Knowledge base row height configuration
-  ROW_PADDING: 'py-4', // Row vertical padding
-  HEADER_PADDING: 'p-3', // List header padding
-  BUTTON_PADDING: 'p-2', // Create button area padding
-  TAG_SPACING: 'gap-0.5', // Spacing between tags
-  TAG_MARGIN: 'mt-2.5', // Tag container top margin
+  ROW_PADDING: "py-4", // Row vertical padding
+  HEADER_PADDING: "p-3", // List header padding
+  BUTTON_PADDING: "p-2", // Create button area padding
+  TAG_SPACING: "gap-0.5", // Spacing between tags
+  TAG_MARGIN: "mt-2.5", // Tag container top margin
   // Tag related configuration
-  TAG_PADDING: 'px-1.5 py-0.5', // Tag padding
-  TAG_TEXT: 'text-xs font-medium', // Tag text style
-  TAG_ROUNDED: 'rounded-md', // Tag rounded corners
+  TAG_PADDING: "px-1.5 py-0.5", // Tag padding
+  TAG_TEXT: "text-xs font-medium", // Tag text style
+  TAG_ROUNDED: "rounded-md", // Tag rounded corners
   // Line break related configuration
-  TAG_BREAK_HEIGHT: 'h-0.5', // Line break interval height
-  SECOND_ROW_TAG_MARGIN: 'mt-0.5', // Second row tag top margin
+  TAG_BREAK_HEIGHT: "h-0.5", // Line break interval height
+  SECOND_ROW_TAG_MARGIN: "mt-0.5", // Second row tag top margin
   // Other layout configuration
-  TITLE_MARGIN: 'ml-2', // Title left margin
-  EMPTY_STATE_PADDING: 'py-4', // Empty state padding
+  TITLE_MARGIN: "ml-2", // Title left margin
+  EMPTY_STATE_PADDING: "py-4", // Empty state padding
   // Title related configuration
-  TITLE_TEXT: 'text-xl font-bold', // Title text style
-  KB_NAME_TEXT: 'text-lg font-medium', // Knowledge base name text style
+  TITLE_TEXT: "text-xl font-bold", // Title text style
+  KB_NAME_TEXT: "text-lg font-medium", // Knowledge base name text style
   // Knowledge base name configuration
-  KB_NAME_MAX_WIDTH: '220px', // Knowledge base name max width
-  KB_NAME_OVERFLOW: {        // Knowledge base name overflow style
-    textOverflow: 'ellipsis',
-    whiteSpace: 'nowrap',
-    overflow: 'hidden',
-    display: 'block'
-  }
-}
+  KB_NAME_MAX_WIDTH: "220px", // Knowledge base name max width
+  KB_NAME_OVERFLOW: {
+    // Knowledge base name overflow style
+    textOverflow: "ellipsis",
+    whiteSpace: "nowrap",
+    overflow: "hidden",
+    display: "block",
+  },
+};
 
 interface KnowledgeBaseListProps {
-  knowledgeBases: KnowledgeBase[]
-  selectedIds: string[]
-  activeKnowledgeBase: KnowledgeBase | null
-  currentEmbeddingModel: string | null
-  isLoading?: boolean
-  onSelect: (id: string) => void
-  onClick: (kb: KnowledgeBase) => void
-  onDelete: (id: string) => void
-  onSync: () => void
-  onCreateNew: () => void
-  isSelectable: (kb: KnowledgeBase) => boolean
-  getModelDisplayName: (modelId: string) => string
-  containerHeight?: string // Container total height, consistent with DocumentList
-  onKnowledgeBaseChange?: () => void // New: callback function when knowledge base switches
+  knowledgeBases: KnowledgeBase[];
+  selectedIds: string[];
+  activeKnowledgeBase: KnowledgeBase | null;
+  currentEmbeddingModel: string | null;
+  isLoading?: boolean;
+  onSelect: (id: string) => void;
+  onClick: (kb: KnowledgeBase) => void;
+  onDelete: (id: string) => void;
+  onSync: () => void;
+  onCreateNew: () => void;
+  isSelectable: (kb: KnowledgeBase) => boolean;
+  getModelDisplayName: (modelId: string) => string;
+  containerHeight?: string; // Container total height, consistent with DocumentList
+  onKnowledgeBaseChange?: () => void; // New: callback function when knowledge base switches
 }
 
 const KnowledgeBaseList: React.FC<KnowledgeBaseListProps> = ({
@@ -67,8 +68,8 @@ const KnowledgeBaseList: React.FC<KnowledgeBaseListProps> = ({
   onCreateNew,
   isSelectable,
   getModelDisplayName,
-  containerHeight = '70vh', // Default container height consistent with DocumentList
-  onKnowledgeBaseChange // New: callback function when knowledge base switches
+  containerHeight = "70vh", // Default container height consistent with DocumentList
+  onKnowledgeBaseChange, // New: callback function when knowledge base switches
 }) => {
   const { t } = useTranslation();
 
@@ -103,10 +104,7 @@ const KnowledgeBaseList: React.FC<KnowledgeBaseListProps> = ({
   });
 
   return (
-    <div
-      className="w-full bg-white border border-gray-200 rounded-md flex flex-col"
-      style={{ height: containerHeight }}
-    >
+    <div className="w-full h-full bg-white border border-gray-200 rounded-md flex flex-col">
       {/* Fixed header area */}
       <div
         className={`${KB_LAYOUT.HEADER_PADDING} border-b border-gray-200 shrink-0`}
@@ -408,4 +406,4 @@ const KnowledgeBaseList: React.FC<KnowledgeBaseListProps> = ({
   );
 };
 
-export default KnowledgeBaseList;
\ No newline at end of file
+export default KnowledgeBaseList;
diff --git a/frontend/app/[locale]/knowledges/page.tsx b/frontend/app/[locale]/knowledges/page.tsx
new file mode 100644
index 000000000..835018df3
--- /dev/null
+++ b/frontend/app/[locale]/knowledges/page.tsx
@@ -0,0 +1,74 @@
+"use client";
+
+import React, { useEffect } from "react";
+import { motion } from "framer-motion";
+
+import { useSetupFlow } from "@/hooks/useSetupFlow";
+import { configService } from "@/services/configService";
+import { configStore } from "@/lib/config";
+import { USER_ROLES } from "@/const/modelConfig";
+import log from "@/lib/logger";
+
+import DataConfig from "./KnowledgeBaseConfiguration";
+
+/**
+ * KnowledgesContent - Main component for knowledge base configuration
+ * Can be used in setup flow or as standalone page
+ */
+export default function KnowledgesContent() {
+  // Use custom hook for common setup flow logic
+  const {
+    user,
+    isSpeedMode,
+    pageVariants,
+    pageTransition,
+    canAccessProtectedData,
+  } = useSetupFlow({
+    requireAdmin: false, // Knowledge base accessible to all users
+  });
+
+  // Knowledge base specific initialization
+  useEffect(() => {
+    // Trigger knowledge base data acquisition when the page is initialized
+    window.dispatchEvent(
+      new CustomEvent("knowledgeBaseDataUpdated", {
+        detail: { forceRefresh: true },
+      })
+    );
+
+    // Load config for normal user
+    const loadConfigForNormalUser = async () => {
+      if (!isSpeedMode && user && user.role !== USER_ROLES.ADMIN) {
+        try {
+          await configService.loadConfigToFrontend();
+          configStore.reloadFromStorage();
+        } catch (error) {
+          log.error("Failed to load config:", error);
+        }
+      }
+    };
+
+    loadConfigForNormalUser();
+  }, []);
+
+  return (
+    <>
+      <div className="w-full h-full p-8">
+        {canAccessProtectedData ? (
+          <motion.div
+            initial="initial"
+            animate="in"
+            exit="out"
+            variants={pageVariants}
+            transition={pageTransition}
+            style={{ width: "100%", height: "100%" }}
+          >
+            <div className="w-full h-full flex items-center justify-center">
+              <DataConfig isActive={true} />
+            </div>
+          </motion.div>
+        ) : null}
+      </div>
+    </>
+  );
+}
diff --git a/frontend/app/[locale]/layout.client.tsx b/frontend/app/[locale]/layout.client.tsx
new file mode 100644
index 000000000..6bb748a48
--- /dev/null
+++ b/frontend/app/[locale]/layout.client.tsx
@@ -0,0 +1,192 @@
+"use client";
+
+import { ReactNode, useState } from "react";
+import { Layout, Button } from "antd";
+import { TopNavbar } from "@/components/navigation/TopNavbar";
+import { SideNavigation } from "@/components/navigation/SideNavigation";
+import { FooterLayout } from "@/components/navigation/FooterLayout";
+import {
+  HEADER_CONFIG,
+  FOOTER_CONFIG,
+  SIDER_CONFIG,
+} from "@/const/layoutConstants";
+import { AuthDialogs } from "@/components/homepage/AuthDialogs";
+import { useAuth } from "@/hooks/useAuth";
+import { ChevronLeft, ChevronRight } from "lucide-react";
+import { usePathname } from "next/navigation";
+
+const { Header, Sider, Content, Footer } = Layout;
+
+export function ClientLayout({ children }: { children: ReactNode }) {
+  const { user, openLoginModal, openRegisterModal, isSpeedMode } = useAuth();
+  const pathname = usePathname();
+
+  // Check if current route is setup page
+  const isSetupPage = pathname?.includes("/setup");
+
+  // Authentication dialog states
+  const [loginPromptOpen, setLoginPromptOpen] = useState(false);
+  const [adminRequiredPromptOpen, setAdminRequiredPromptOpen] = useState(false);
+
+  // Sidebar collapse state
+  const [collapsed, setCollapsed] = useState(false);
+
+  // Layout style calculations
+  const headerReservedHeight = parseInt(HEADER_CONFIG.RESERVED_HEIGHT);
+  const footerReservedHeight = parseInt(FOOTER_CONFIG.RESERVED_HEIGHT);
+
+  const layoutStyle: React.CSSProperties = {
+    height: "100vh",
+    width: "100vw",
+    overflow: "hidden",
+    backgroundColor: "#fff",
+  };
+
+  const siderStyle: React.CSSProperties = {
+    textAlign: "start",
+    display: "flex",
+    flexDirection: "column",
+    alignItems: "stretch",
+    justifyContent: "flex-start",
+    position: "fixed",
+    top: headerReservedHeight,
+    bottom: isSetupPage ? 0 : footerReservedHeight,
+    left: 0,
+    backgroundColor: "#fff",
+    overflow: "visible",
+    zIndex: 998,
+  };
+
+  const siderInnerStyle: React.CSSProperties = {
+    height: "100%",
+    overflowY: "auto",
+    overflowX: "hidden",
+    WebkitOverflowScrolling: "touch",
+    display: "flex",
+    flexDirection: "column",
+  };
+
+  const headerStyle: React.CSSProperties = {
+    textAlign: "center",
+    height: headerReservedHeight,
+    backgroundColor: "#fff",
+    lineHeight: "64px",
+    paddingInline: 0,
+    flexShrink: 0,
+  };
+
+  const footerStyle: React.CSSProperties = {
+    textAlign: "center",
+    height: footerReservedHeight,
+    lineHeight: footerReservedHeight,
+    padding: 0,
+    flexShrink: 0,
+    backgroundColor: "#fff",
+  };
+
+  const contentStyle: React.CSSProperties = {
+    overflowY: "auto",
+    overflowX: "hidden",
+    position: "relative",
+    marginLeft: collapsed
+      ? `${SIDER_CONFIG.COLLAPSED_WIDTH}px`
+      : `${SIDER_CONFIG.EXPANDED_WIDTH}px`,
+    backgroundColor: "#fff",
+  };
+
+  // Authentication handlers
+  const handleAuthRequired = () => {
+    if (!isSpeedMode && !user) {
+      setLoginPromptOpen(true);
+    }
+  };
+
+  const handleAdminRequired = () => {
+    if (!isSpeedMode && user?.role !== "admin") {
+      setAdminRequiredPromptOpen(true);
+    }
+  };
+
+  const handleCloseLoginPrompt = () => setLoginPromptOpen(false);
+  const handleCloseAdminPrompt = () => setAdminRequiredPromptOpen(false);
+
+  return (
+    <Layout style={layoutStyle}>
+      <Header style={headerStyle}>
+        <TopNavbar />
+      </Header>
+
+      <Layout>
+        <Sider
+          style={siderStyle}
+          width={SIDER_CONFIG.EXPANDED_WIDTH}
+          collapsed={collapsed}
+          trigger={null}
+          breakpoint="lg"
+          collapsedWidth={SIDER_CONFIG.COLLAPSED_WIDTH}
+          className="dark:bg-slate-900/95 border-r border-slate-200 dark:border-slate-700 backdrop-blur-sm shadow-sm"
+        >
+          <div style={siderInnerStyle}>
+            <SideNavigation
+              onAuthRequired={handleAuthRequired}
+              onAdminRequired={handleAdminRequired}
+              collapsed={collapsed}
+            />
+          </div>
+          <Button
+            type="primary"
+            shape="circle"
+            size="small"
+            onClick={() => setCollapsed(!collapsed)}
+            style={{
+              position: "absolute",
+              top: "50%",
+              transform: "translateY(-50%)",
+              right: "-12px",
+              transition: "right 0.2s ease, left 0.2s ease",
+              zIndex: 999,
+            }}
+            icon={
+              collapsed ? (
+                <ChevronRight className="w-3 h-3" />
+              ) : (
+                <ChevronLeft className="w-3 h-3" />
+              )
+            }
+          />
+        </Sider>
+
+        <Content style={contentStyle}>{children}</Content>
+      </Layout>
+
+      {/* Conditionally render footer */}
+      {!isSetupPage && (
+        <Footer style={footerStyle}>
+          <FooterLayout />
+        </Footer>
+      )}
+
+      {/* Global authentication dialogs */}
+      {!isSpeedMode && (
+        <>
+          <AuthDialogs
+            loginPromptOpen={loginPromptOpen}
+            adminPromptOpen={adminRequiredPromptOpen}
+            onCloseLoginPrompt={handleCloseLoginPrompt}
+            onCloseAdminPrompt={handleCloseAdminPrompt}
+            onLoginClick={() => {
+              setLoginPromptOpen(false);
+              setAdminRequiredPromptOpen(false);
+              openLoginModal();
+            }}
+            onRegisterClick={() => {
+              setLoginPromptOpen(false);
+              setAdminRequiredPromptOpen(false);
+              openRegisterModal();
+            }}
+          />
+        </>
+      )}
+    </Layout>
+  );
+}
diff --git a/frontend/app/[locale]/layout.tsx b/frontend/app/[locale]/layout.tsx
index 26a6f9d6b..0926c189b 100644
--- a/frontend/app/[locale]/layout.tsx
+++ b/frontend/app/[locale]/layout.tsx
@@ -1,54 +1,29 @@
 import type { Metadata } from "next";
 import { Inter } from "next/font/google";
 import { ReactNode } from "react";
-import path from "path";
-import fs from "fs/promises";
-import { RootProvider } from "@/components/providers";
+import { RootProvider } from "@/components/providers/rootProvider";
+import { DeploymentProvider } from "@/components/providers/deploymentProvider";
 import { ThemeProvider as NextThemesProvider } from "next-themes";
+import { ClientLayout } from "./layout.client";
 import I18nProviderWrapper from "@/components/providers/I18nProviderWrapper";
 
 import "@/styles/globals.css";
 import "@/styles/react-markdown.css";
 import "github-markdown-css/github-markdown.css";
 import "katex/dist/katex.min.css";
-import log from "@/lib/logger";
 
 const inter = Inter({ subsets: ["latin"] });
 
-export async function generateMetadata(props: {
+export async function generateMetadata({
+  params,
+}: {
   params: Promise<{ locale?: string }>;
 }): Promise<Metadata> {
-  const { locale } = await props.params;
-  const resolvedLocale = (["zh", "en"].includes(locale ?? "")
-    ? locale
-    : "zh") as "zh" | "en";
-  let messages: any = {};
-
-  if (["zh", "en"].includes(resolvedLocale)) {
-    try {
-      const filePath = path.join(
-        process.cwd(),
-        "public",
-        "locales",
-        resolvedLocale,
-        "common.json"
-      );
-      const fileContent = await fs.readFile(filePath, "utf8");
-      messages = JSON.parse(fileContent);
-    } catch (error) {
-      log.error(
-        `Failed to load i18n messages for locale: ${resolvedLocale}`,
-        error
-      );
-    }
-  }
-
+  // Simple metadata for now - can be enhanced later with i18n
   return {
-    title: {
-      default: messages["mainPage.layout.title"],
-      template: messages["mainPage.layout.titleTemplate"],
-    },
-    description: messages["mainPage.layout.description"],
+    title: "Nexent - AI Agent Platform",
+    description:
+      "A powerful AI agent platform for intelligent conversations and automation",
     icons: {
       icon: "/favicon.png",
       shortcut: "/favicon.png",
@@ -65,12 +40,9 @@ export default async function RootLayout({
   params: Promise<{ locale?: string }>;
 }) {
   const { locale } = await params;
-  const resolvedLocale = (["zh", "en"].includes(locale ?? "")
-    ? locale
-    : "zh") as "zh" | "en";
 
   return (
-    <html lang={resolvedLocale} suppressHydrationWarning>
+    <html lang="zh" suppressHydrationWarning>
       <body className={inter.className}>
         <NextThemesProvider
           attribute="class"
@@ -78,8 +50,12 @@ export default async function RootLayout({
           enableSystem
           disableTransitionOnChange
         >
-          <I18nProviderWrapper>
-            <RootProvider>{children}</RootProvider>
+          <I18nProviderWrapper locale={locale}>
+            <DeploymentProvider>
+              <RootProvider>
+                <ClientLayout>{children}</ClientLayout>
+              </RootProvider>
+            </DeploymentProvider>
           </I18nProviderWrapper>
         </NextThemesProvider>
       </body>
diff --git a/frontend/app/[locale]/market/MarketContent.tsx b/frontend/app/[locale]/market/page.tsx
similarity index 92%
rename from frontend/app/[locale]/market/MarketContent.tsx
rename to frontend/app/[locale]/market/page.tsx
index 9d66050ef..7f71f5e5b 100644
--- a/frontend/app/[locale]/market/MarketContent.tsx
+++ b/frontend/app/[locale]/market/page.tsx
@@ -8,7 +8,6 @@ import { Tabs, Input, Spin, Empty, Pagination, App } from "antd";
 import log from "@/lib/logger";
 
 import { useSetupFlow } from "@/hooks/useSetupFlow";
-import { ConnectionStatus } from "@/const/modelConfig";
 import {
   MarketAgentListItem,
   MarketCategory,
@@ -22,41 +21,17 @@ import AgentImportWizard from "@/components/agent/AgentImportWizard";
 import { ImportAgentData } from "@/hooks/useAgentImport";
 import MarketErrorState from "./components/MarketErrorState";
 
-interface MarketContentProps {
-  /** Connection status */
-  connectionStatus?: ConnectionStatus;
-  /** Is checking connection */
-  isCheckingConnection?: boolean;
-  /** Check connection callback */
-  onCheckConnection?: () => void;
-  /** Callback to expose connection status */
-  onConnectionStatusChange?: (status: ConnectionStatus) => void;
-}
-
 /**
  * MarketContent - Agent marketplace page
  * Browse and download pre-built agents from the marketplace
  */
-export default function MarketContent({
-  connectionStatus: externalConnectionStatus,
-  isCheckingConnection: externalIsCheckingConnection,
-  onCheckConnection: externalOnCheckConnection,
-  onConnectionStatusChange,
-}: MarketContentProps) {
+export default function MarketContent() {
   const { t, i18n } = useTranslation("common");
   const { message } = App.useApp();
   const isZh = i18n.language === "zh" || i18n.language === "zh-CN";
 
   // Use custom hook for common setup flow logic
-  const { canAccessProtectedData, pageVariants, pageTransition } = useSetupFlow(
-    {
-    requireAdmin: false, // Market accessible to all users
-    externalConnectionStatus,
-    externalIsCheckingConnection,
-    onCheckConnection: externalOnCheckConnection,
-    onConnectionStatusChange,
-    }
-  );
+  const { pageVariants, pageTransition } = useSetupFlow();
 
   // State management
   const [categories, setCategories] = useState<MarketCategory[]>([]);
@@ -107,7 +82,7 @@ export default function MarketContent({
       setCategories(data);
     } catch (error) {
       log.error("Failed to load market categories:", error);
-      
+
       if (error instanceof MarketApiError) {
         setErrorType(error.type);
       } else {
@@ -143,13 +118,13 @@ export default function MarketContent({
       setTotalAgents(data.pagination.total);
     } catch (error) {
       log.error("Failed to load market agents:", error);
-      
+
       if (error instanceof MarketApiError) {
         setErrorType(error.type);
       } else {
         setErrorType("unknown");
       }
-      
+
       setAgents([]);
       setTotalAgents(0);
     } finally {
@@ -195,7 +170,9 @@ export default function MarketContent({
       setSelectedAgent(agentDetail);
     } catch (error) {
       log.error("Failed to load agent detail:", error);
-      message.error(t("market.error.loadAgents", "Failed to load agent details"));
+      message.error(
+        t("market.error.loadAgents", "Failed to load agent details")
+      );
       setDetailModalVisible(false);
     } finally {
       setIsLoadingDetail(false);
@@ -268,7 +245,7 @@ export default function MarketContent({
 
   return (
     <>
-      {canAccessProtectedData ? (
+      <div className="w-full h-full">
         <motion.div
           initial="initial"
           animate="in"
@@ -281,7 +258,7 @@ export default function MarketContent({
             <div className="max-w-7xl mx-auto">
               {/* Page header */}
               <div className="flex items-center justify-between mb-6">
-            <motion.div
+                <motion.div
                   initial={{ opacity: 0, y: -20 }}
                   animate={{ opacity: 1, y: 0 }}
                   transition={{ duration: 0.5 }}
@@ -302,12 +279,12 @@ export default function MarketContent({
                       </p>
                     </div>
                   </div>
-            </motion.div>
+                </motion.div>
 
                 {/* Refresh button */}
                 <motion.div
                   initial={{ opacity: 0, y: -20 }}
-              animate={{ opacity: 1, y: 0 }}
+                  animate={{ opacity: 1, y: 0 }}
                   transition={{ duration: 0.5, delay: 0.1 }}
                 >
                   <button
@@ -465,8 +442,7 @@ export default function MarketContent({
             agentDescription={installAgent?.description}
           />
         </motion.div>
-      ) : null}
+      </div>
     </>
   );
 }
-
diff --git a/frontend/app/[locale]/mcp-tools/McpToolsContent.tsx b/frontend/app/[locale]/mcp-tools/page.tsx
similarity index 78%
rename from frontend/app/[locale]/mcp-tools/McpToolsContent.tsx
rename to frontend/app/[locale]/mcp-tools/page.tsx
index 89c6c03d4..12691f8f2 100644
--- a/frontend/app/[locale]/mcp-tools/McpToolsContent.tsx
+++ b/frontend/app/[locale]/mcp-tools/page.tsx
@@ -6,43 +6,20 @@ import { useTranslation } from "react-i18next";
 import { Puzzle } from "lucide-react";
 
 import { useSetupFlow } from "@/hooks/useSetupFlow";
-import { ConnectionStatus } from "@/const/modelConfig";
-
-interface McpToolsContentProps {
-  /** Connection status */
-  connectionStatus?: ConnectionStatus;
-  /** Is checking connection */
-  isCheckingConnection?: boolean;
-  /** Check connection callback */
-  onCheckConnection?: () => void;
-  /** Callback to expose connection status */
-  onConnectionStatusChange?: (status: ConnectionStatus) => void;
-}
 
 /**
  * McpToolsContent - MCP tools management coming soon page
  * This will allow admins to manage MCP servers and tools
  */
-export default function McpToolsContent({
-  connectionStatus: externalConnectionStatus,
-  isCheckingConnection: externalIsCheckingConnection,
-  onCheckConnection: externalOnCheckConnection,
-  onConnectionStatusChange,
-}: McpToolsContentProps) {
+export default function McpToolsContent({}) {
   const { t } = useTranslation("common");
 
   // Use custom hook for common setup flow logic
-  const { canAccessProtectedData, pageVariants, pageTransition } = useSetupFlow({
-    requireAdmin: true,
-    externalConnectionStatus,
-    externalIsCheckingConnection,
-    onCheckConnection: externalOnCheckConnection,
-    onConnectionStatusChange,
-  });
+  const { pageVariants, pageTransition } = useSetupFlow();
 
   return (
     <>
-      {canAccessProtectedData ? (
+      <div className="w-full h-full">
         <motion.div
           initial="initial"
           animate="in"
@@ -120,9 +97,7 @@ export default function McpToolsContent({
             </motion.div>
           </div>
         </motion.div>
-      ) : null}
+      </div>
     </>
   );
 }
-
-
diff --git a/frontend/app/[locale]/memory/MemoryContent.tsx b/frontend/app/[locale]/memory/MemoryContent.tsx
deleted file mode 100644
index d116a8606..000000000
--- a/frontend/app/[locale]/memory/MemoryContent.tsx
+++ /dev/null
@@ -1,532 +0,0 @@
-"use client";
-
-import React, { useEffect, useState, useCallback } from "react";
-import { App, Button, Card, Input, List, Menu, Switch, Tabs } from "antd";
-import { motion } from "framer-motion";
-import "./memory.css";
-import {
-  MessageSquarePlus,
-  Eraser,
-  MessageSquareOff,
-  UsersRound,
-  UserRound,
-  Bot,
-  Share2,
-  Settings,
-  MessageSquareDashed,
-  Check,
-  X,
-} from "lucide-react";
-import { useTranslation, Trans } from "react-i18next";
-
-import { useAuth } from "@/hooks/useAuth";
-import { useMemory } from "@/hooks/useMemory";
-import { useSetupFlow } from "@/hooks/useSetupFlow";
-import { USER_ROLES, MEMORY_TAB_KEYS, MemoryTabKey } from "@/const/modelConfig";
-import { MEMORY_SHARE_STRATEGY, MemoryShareStrategy } from "@/const/memoryConfig";
-import {
-  SETUP_PAGE_CONTAINER,
-  STANDARD_CARD,
-} from "@/const/layoutConstants";
-
-import { useConfirmModal } from "@/hooks/useConfirmModal";
-
-interface MemoryContentProps {
-  /** Custom navigation handler (optional) */
-  onNavigate?: () => void;
-}
-
-/**
- * MemoryContent - Main component for memory management page
- * Redesigned from modal to full-page layout with cards
- */
-export default function MemoryContent({ onNavigate }: MemoryContentProps) {
-  const { message } = App.useApp();
-  const { t } = useTranslation("common");
-  const { user, isSpeedMode } = useAuth();
-  const { confirm } = useConfirmModal();
-
-  // Use custom hook for common setup flow logic
-  const { canAccessProtectedData, pageVariants, pageTransition } = useSetupFlow({
-    requireAdmin: false,
-  });
-
-  const role: (typeof USER_ROLES)[keyof typeof USER_ROLES] = (isSpeedMode ||
-    user?.role === USER_ROLES.ADMIN
-    ? USER_ROLES.ADMIN
-    : USER_ROLES.USER) as (typeof USER_ROLES)[keyof typeof USER_ROLES];
-
-  // Mock user and tenant IDs (should come from context)
-  const currentUserId = "user1";
-  const currentTenantId = "tenant1";
-
-  const memory = useMemory({
-    visible: true,
-    currentUserId,
-    currentTenantId,
-    message,
-  });
-
-  const handleClearConfirm = (groupKey: string, groupTitle: string) => {
-    confirm({
-      title: t("memoryDeleteModal.title"),
-      content: (
-        <div className="space-y-4 mt-4">
-          <p className="text-base">
-            <Trans
-              i18nKey="memoryDeleteModal.description"
-              values={{ title: groupTitle }}
-              components={{ strong: <strong className="font-semibold" /> }}
-            />
-          </p>
-          <p className="text-sm text-gray-500">
-            {t("memoryDeleteModal.prompt")}
-          </p>
-        </div>
-      ),
-      onOk: () => memory.handleClearMemory(groupKey, groupTitle),
-    });
-  };
-
-  // Render base settings in a horizontal control bar
-  const renderBaseSettings = () => {
-    const shareOptionLabels: Record<MemoryShareStrategy, string> = {
-      [MEMORY_SHARE_STRATEGY.ALWAYS]: t("memoryManageModal.shareOption.always"),
-      [MEMORY_SHARE_STRATEGY.ASK]: t("memoryManageModal.shareOption.ask"),
-      [MEMORY_SHARE_STRATEGY.NEVER]: t("memoryManageModal.shareOption.never"),
-    };
-
-    return (
-      <Card className="mb-6 shadow-sm">
-        <div className="flex items-center justify-between gap-8">
-          <div className="flex items-center gap-4">
-            <Settings className="size-5 text-gray-600" />
-            <div className="flex flex-col">
-              <span className="text-sm font-medium">
-                {t("memoryManageModal.memoryAbility")}
-              </span>
-            </div>
-          </div>
-          <Switch
-            checked={memory.memoryEnabled}
-            onChange={memory.setMemoryEnabled}
-          />
-        </div>
-
-        {memory.memoryEnabled && (
-          <div className="flex items-center justify-between gap-8 mt-6 pt-6 border-t">
-            <div className="flex items-center gap-4">
-              <Share2 className="size-5 text-gray-600" />
-              <div className="flex flex-col">
-                <span className="text-sm font-medium">
-                  {t("memoryManageModal.agentMemoryShare")}
-                </span>
-              </div>
-            </div>
-            <div className="flex gap-2">
-              {Object.entries(shareOptionLabels).map(([key, label]) => (
-                <Button
-                  key={key}
-                  type={memory.shareOption === key ? "primary" : "default"}
-                  size="middle"
-                  onClick={() => memory.setShareOption(key as MemoryShareStrategy)}
-                >
-                  {label}
-                </Button>
-              ))}
-            </div>
-          </div>
-        )}
-      </Card>
-    );
-  };
-
-  // Render add memory input (inline, doesn't expand container)
-  const renderAddMemoryInput = (groupKey: string) => {
-    if (memory.addingMemoryKey !== groupKey) return null;
-
-    return (
-      <div className="w-full flex items-center justify-center">
-        <div className="w-full flex items-start gap-3">
-          <Input.TextArea
-            value={memory.newMemoryContent}
-            onChange={(e) => memory.setNewMemoryContent(e.target.value)}
-            placeholder={t("memoryManageModal.inputPlaceholder")}
-            maxLength={500}
-            showCount
-            onPressEnter={memory.confirmAddingMemory}
-            disabled={memory.isAddingMemory}
-            className="flex-1"
-            autoSize={{ minRows: 1, maxRows: 3 }}
-            style={{ minHeight: "60px" }}
-          />
-          <div className="flex flex-col gap-2 flex-shrink-0 pt-1">
-            <Button
-              type="primary"
-              size="middle"
-              shape="circle"
-              icon={<Check className="size-4" />}
-              onClick={memory.confirmAddingMemory}
-              loading={memory.isAddingMemory}
-              disabled={!memory.newMemoryContent.trim()}
-              className="bg-green-500 hover:bg-green-600"
-            />
-            <Button
-              size="middle"
-              shape="circle"
-              icon={<X className="size-4" />}
-              onClick={memory.cancelAddingMemory}
-              disabled={memory.isAddingMemory}
-            />
-          </div>
-        </div>
-      </div>
-    );
-  };
-
-  // Render single list (for tenant shared and user personal) - no card, with header buttons
-  const renderSingleList = useCallback((group: { title: string; key: string; items: any[] }) => {
-    return (
-      <div className="memory-single-list" key={`${group.key}-${group.items.length}-${memory.addingMemoryKey}`}>
-        {/* Add memory input - appears before the list */}
-        {memory.addingMemoryKey === group.key && (
-          <div className="border border-gray-200 rounded-md p-3 mb-3 bg-blue-50">
-            {renderAddMemoryInput(group.key)}
-          </div>
-        )}
-        
-        <List
-          header={
-            <div className="flex items-center justify-between">
-              <span className="text-base font-medium">{group.title}</span>
-              <div className="flex items-center gap-2">
-                <Button
-                  type="text"
-                  size="small"
-                  icon={<MessageSquarePlus className="size-4" />}
-                  onClick={() => {
-                    memory.startAddingMemory(group.key);
-                  }}
-                  className="hover:bg-green-50 hover:text-green-600"
-                  title={t("memoryManageModal.addMemory")}
-                />
-                {group.items.length > 0 && (
-                  <Button
-                    type="text"
-                    size="small"
-                    icon={<MessageSquareOff className="size-4" />}
-                    onClick={() => handleClearConfirm(group.key, group.title)}
-                    danger
-                    className="hover:bg-red-50"
-                    title={t("memoryManageModal.clearMemory")}
-                  />
-                )}
-              </div>
-            </div>
-          }
-          bordered
-          dataSource={group.items}
-          locale={{
-            emptyText: (
-              <div className="flex flex-col items-center justify-center py-16 text-gray-400">
-                <MessageSquareDashed className="size-12 mb-3 opacity-50" />
-                <p className="text-sm">{t("memoryManageModal.noMemory")}</p>
-              </div>
-            ),
-          }}
-          style={{ height: memory.addingMemoryKey === group.key ? "calc(100vh - 380px)" : "calc(100vh - 280px)", overflowY: "auto" }}
-          renderItem={(item) => (
-            <List.Item
-              className="hover:bg-gray-50 transition-colors"
-              actions={[
-                <Button
-                  key="delete"
-                  type="text"
-                  size="small"
-                  danger
-                  icon={<Eraser className="size-4" />}
-                  onClick={() => memory.handleDeleteMemory(item.id, group.key)}
-                  title={t("memoryManageModal.deleteMemory")}
-                />,
-              ]}
-            >
-              <div className="flex flex-col text-sm">{item.memory}</div>
-            </List.Item>
-          )}
-        />
-      </div>
-    );
-  }, [memory.addingMemoryKey, memory.startAddingMemory, memory.handleDeleteMemory, handleClearConfirm, renderAddMemoryInput, t]);
-
-  const renderMemoryWithMenu = (
-    groups: { title: string; key: string; items: any[] }[],
-    showSwitch = false
-  ) => (
-    <MemoryMenuList
-      groups={groups}
-      showSwitch={showSwitch}
-      memory={memory}
-      t={t}
-      onClearConfirm={handleClearConfirm}
-      renderAddMemoryInput={renderAddMemoryInput}
-    />
-  );
-
-  const tabItems = [
-    {
-      key: MEMORY_TAB_KEYS.BASE,
-      label: (
-        <span className="inline-flex items-center gap-2">
-          <Settings className="size-4" />
-          {t("memoryManageModal.baseSettings")}
-        </span>
-      ),
-      children: renderBaseSettings(),
-    },
-    ...(role === USER_ROLES.ADMIN
-      ? [
-          {
-            key: MEMORY_TAB_KEYS.TENANT,
-            label: (
-              <span className="inline-flex items-center gap-2">
-                <UsersRound className="size-4" />
-                {t("memoryManageModal.tenantShareTab")}
-              </span>
-            ),
-            children: renderSingleList(memory.tenantSharedGroup),
-            disabled: !memory.memoryEnabled,
-          },
-          {
-            key: MEMORY_TAB_KEYS.AGENT_SHARED,
-            label: (
-              <span className="inline-flex items-center gap-2">
-                <Share2 className="size-4" />
-                {t("memoryManageModal.agentShareTab")}
-              </span>
-            ),
-            children: renderMemoryWithMenu(memory.agentSharedGroups, true),
-            disabled:
-              !memory.memoryEnabled ||
-              memory.shareOption === MEMORY_SHARE_STRATEGY.NEVER,
-          },
-        ]
-      : []),
-    {
-      key: MEMORY_TAB_KEYS.USER_PERSONAL,
-      label: (
-        <span className="inline-flex items-center gap-2">
-          <UserRound className="size-4" />
-          {t("memoryManageModal.userPersonalTab")}
-        </span>
-      ),
-      children: renderSingleList(memory.userPersonalGroup),
-      disabled: !memory.memoryEnabled,
-    },
-    {
-      key: MEMORY_TAB_KEYS.USER_AGENT,
-      label: (
-        <span className="inline-flex items-center gap-2">
-          <Bot className="size-4" />
-          {t("memoryManageModal.userAgentTab")}
-        </span>
-      ),
-      children: renderMemoryWithMenu(memory.userAgentGroups, true),
-      disabled: !memory.memoryEnabled,
-    },
-  ];
-
-  return (
-    <>
-      <motion.div
-        initial="initial"
-        animate="in"
-        exit="out"
-        variants={pageVariants}
-        transition={pageTransition}
-        style={{ width: "100%", height: "100%" }}
-      >
-        {canAccessProtectedData ? (
-          <div className="w-full h-full flex items-center justify-center">
-            <div
-              className="w-full mx-auto"
-              style={{
-                maxWidth: SETUP_PAGE_CONTAINER.MAX_WIDTH,
-                padding: `0 ${SETUP_PAGE_CONTAINER.HORIZONTAL_PADDING}`,
-              }}
-            >
-              <div
-                className={STANDARD_CARD.BASE_CLASSES}
-                style={{
-                  height: SETUP_PAGE_CONTAINER.MAIN_CONTENT_HEIGHT,
-                  padding: "25px",
-                }}
-              >
-                <Tabs
-                  size="middle"
-                  items={tabItems}
-                  activeKey={memory.activeTabKey}
-                  onChange={(key) => memory.setActiveTabKey(key)}
-                  tabBarStyle={{
-                    marginBottom: "16px",
-                  }}
-                />
-              </div>
-            </div>
-          </div>
-        ) : null}
-      </motion.div>
-
-
-    </>
-  );
-}
-
-interface MemoryMenuListProps {
-  groups: { title: string; key: string; items: any[] }[];
-  showSwitch?: boolean;
-  memory: ReturnType<typeof useMemory>;
-  t: ReturnType<typeof useTranslation>["t"];
-  onClearConfirm: (groupKey: string, groupTitle: string) => void;
-  renderAddMemoryInput: (groupKey: string) => React.ReactNode;
-}
-
-function MemoryMenuList({
-  groups,
-  showSwitch = false,
-  memory,
-  t,
-  onClearConfirm,
-  renderAddMemoryInput,
-}: MemoryMenuListProps) {
-  const [selectedKey, setSelectedKey] = useState<string>(
-    groups.length > 0 ? groups[0].key : ""
-  );
-
-  useEffect(() => {
-    if (!groups.some((group) => group.key === selectedKey)) {
-      setSelectedKey(groups[0]?.key ?? "");
-    }
-  }, [groups, selectedKey]);
-
-  if (groups.length === 0) {
-    return (
-      <div className="flex flex-col items-center justify-center py-20">
-        <MessageSquareDashed className="size-16 mb-4 text-gray-300" />
-        <p className="text-base text-gray-500">{t("memoryManageModal.noMemory")}</p>
-      </div>
-    );
-  }
-
-  const currentGroup = groups.find((g) => g.key === selectedKey) || groups[0];
-  const isPlaceholder = /-placeholder$/.test(currentGroup.key);
-  const disabled = !isPlaceholder && !!memory.disabledGroups[currentGroup.key];
-
-  const menuItems = groups.map((g) => {
-    const groupDisabled = !/-placeholder$/.test(g.key) && !!memory.disabledGroups[g.key];
-    return {
-      key: g.key,
-      label: (
-        <div className="flex items-center justify-between w-full">
-          <span className="truncate">{g.title}</span>
-          {showSwitch && !/-placeholder$/.test(g.key) && (
-            <div onClick={(e) => e.stopPropagation()}>
-              <Switch
-                size="small"
-                checked={!groupDisabled}
-                onChange={(val) => memory.toggleGroup(g.key, val)}
-              />
-            </div>
-          )}
-        </div>
-      ),
-      disabled: groupDisabled,
-    };
-  });
-
-  return (
-    <div className="flex gap-4" style={{ height: "calc(100vh - 280px)" }}>
-      <Menu
-        mode="inline"
-        selectedKeys={[selectedKey]}
-        onClick={({ key }) => setSelectedKey(key)}
-        items={menuItems}
-        style={{ width: 280, height: "100%", overflowY: "auto" }}
-      />
-
-      <div className="flex-1">
-        {/* Add memory input - appears before the list */}
-        {memory.addingMemoryKey === currentGroup.key && (
-          <div className="border border-gray-200 rounded-md p-3 mb-3 bg-blue-50">
-            {renderAddMemoryInput(currentGroup.key)}
-          </div>
-        )}
-        
-        <List
-          header={
-            <div className="flex items-center justify-between">
-              <span className="text-base font-medium">{currentGroup.title}</span>
-              <div className="flex items-center gap-2">
-                <Button
-                  type="text"
-                  size="small"
-                  icon={<MessageSquarePlus className="size-4" />}
-                  onClick={() => {
-                    memory.startAddingMemory(currentGroup.key);
-                  }}
-                  disabled={disabled}
-                  className="hover:bg-green-50 hover:text-green-600"
-                  title={t("memoryManageModal.addMemory")}
-                />
-                {currentGroup.items.length > 0 && (
-                  <Button
-                    type="text"
-                    size="small"
-                    icon={<MessageSquareOff className="size-4" />}
-                    onClick={() =>
-                      !isPlaceholder && onClearConfirm(currentGroup.key, currentGroup.title)
-                    }
-                    disabled={disabled}
-                    danger
-                    className="hover:bg-red-50"
-                    title={t("memoryManageModal.clearMemory")}
-                  />
-                )}
-              </div>
-            </div>
-          }
-          bordered
-          dataSource={currentGroup.items}
-          locale={{
-            emptyText: (
-              <div className="flex flex-col items-center justify-center py-16 text-gray-400">
-                <MessageSquareDashed className="size-12 mb-3 opacity-50" />
-                <p className="text-sm">{t("memoryManageModal.noMemory")}</p>
-              </div>
-            ),
-          }}
-          style={{ height: memory.addingMemoryKey === currentGroup.key ? "calc(100% - 100px)" : "100%", overflowY: "auto" }}
-          renderItem={(item) => (
-            <List.Item
-              className="hover:bg-gray-50 transition-colors"
-              actions={[
-                <Button
-                  key="delete"
-                  type="text"
-                  size="small"
-                  danger
-                  icon={<Eraser className="size-4" />}
-                  onClick={() => memory.handleDeleteMemory(item.id, currentGroup.key)}
-                  disabled={disabled}
-                  title={t("memoryManageModal.deleteMemory")}
-                />,
-              ]}
-            >
-              <div className="flex flex-col text-sm">{item.memory}</div>
-            </List.Item>
-          )}
-        />
-      </div>
-    </div>
-  );
-}
-
diff --git a/frontend/app/[locale]/memory/MemoryMenuList.tsx b/frontend/app/[locale]/memory/MemoryMenuList.tsx
new file mode 100644
index 000000000..afb404dea
--- /dev/null
+++ b/frontend/app/[locale]/memory/MemoryMenuList.tsx
@@ -0,0 +1,179 @@
+"use client";
+
+import React, { useEffect, useState } from "react";
+import { Button, List, Menu, Switch } from "antd";
+import {
+  MessageSquarePlus,
+  Eraser,
+  MessageSquareOff,
+  MessageSquareDashed,
+} from "lucide-react";
+import { useTranslation } from "react-i18next";
+
+interface MemoryMenuListProps {
+  groups: { title: string; key: string; items: any[] }[];
+  showSwitch?: boolean;
+  memory: ReturnType<typeof import("@/hooks/useMemory").useMemory>;
+  t: ReturnType<typeof useTranslation>["t"];
+  onClearConfirm: (groupKey: string, groupTitle: string) => void;
+  renderAddMemoryInput: (groupKey: string) => React.ReactNode;
+}
+
+export function MemoryMenuList({
+  groups,
+  showSwitch = false,
+  memory,
+  t,
+  onClearConfirm,
+  renderAddMemoryInput,
+}: MemoryMenuListProps) {
+  const [selectedKey, setSelectedKey] = useState<string>(
+    groups.length > 0 ? groups[0].key : ""
+  );
+
+  useEffect(() => {
+    if (!groups.some((group) => group.key === selectedKey)) {
+      setSelectedKey(groups[0]?.key ?? "");
+    }
+  }, [groups, selectedKey]);
+
+  if (groups.length === 0) {
+    return (
+      <div className="flex flex-col items-center justify-center py-20">
+        <MessageSquareDashed className="size-16 mb-4 text-gray-300" />
+        <p className="text-base text-gray-500">
+          {t("memoryManageModal.noMemory")}
+        </p>
+      </div>
+    );
+  }
+
+  const currentGroup = groups.find((g) => g.key === selectedKey) || groups[0];
+  const isPlaceholder = /-placeholder$/.test(currentGroup.key);
+  const disabled = !isPlaceholder && !!memory.disabledGroups[currentGroup.key];
+
+  const menuItems = groups.map((g) => {
+    const groupDisabled =
+      !/-placeholder$/.test(g.key) && !!memory.disabledGroups[g.key];
+    return {
+      key: g.key,
+      label: (
+        <div className="flex items-center justify-between w-full">
+          <span className="truncate">{g.title}</span>
+          {showSwitch && !/-placeholder$/.test(g.key) && (
+            <div onClick={(e) => e.stopPropagation()}>
+              <Switch
+                size="small"
+                checked={!groupDisabled}
+                onChange={(val) => memory.toggleGroup(g.key, val)}
+              />
+            </div>
+          )}
+        </div>
+      ),
+      disabled: groupDisabled,
+    };
+  });
+
+  return (
+    <div className="w-full h-full p-8">
+      <Menu
+        mode="inline"
+        selectedKeys={[selectedKey]}
+        onClick={({ key }) => setSelectedKey(key)}
+        items={menuItems}
+        style={{ width: 280, height: "100%", overflowY: "auto" }}
+      />
+
+      <div className="flex-1">
+        {/* Add memory input - appears before the list */}
+        {memory.addingMemoryKey === currentGroup.key && (
+          <div className="border border-gray-200 rounded-md p-3 mb-3 bg-blue-50">
+            {renderAddMemoryInput(currentGroup.key)}
+          </div>
+        )}
+
+        <List
+          header={
+            <div className="flex items-center justify-between">
+              <span className="text-base font-medium">
+                {currentGroup.title}
+              </span>
+              <div className="flex items-center gap-2">
+                <Button
+                  type="text"
+                  size="small"
+                  icon={<MessageSquarePlus className="size-4" />}
+                  onClick={() => {
+                    memory.startAddingMemory(currentGroup.key);
+                  }}
+                  disabled={disabled}
+                  className="hover:bg-green-50 hover:text-green-600"
+                  title={t("memoryManageModal.addMemory")}
+                />
+                {currentGroup.items.length > 0 && (
+                  <Button
+                    type="text"
+                    size="small"
+                    icon={<MessageSquareOff className="size-4" />}
+                    onClick={() =>
+                      !isPlaceholder &&
+                      onClearConfirm(currentGroup.key, currentGroup.title)
+                    }
+                    disabled={disabled}
+                    danger
+                    className="hover:bg-red-50"
+                    title={t("memoryManageModal.clearMemory")}
+                  />
+                )}
+              </div>
+            </div>
+          }
+          bordered
+          dataSource={currentGroup.items}
+          locale={{
+            emptyText: (
+              <div className="flex flex-col items-center justify-center py-16 text-gray-400">
+                <MessageSquareDashed className="size-12 mb-3 opacity-50" />
+                <p className="text-sm">{t("memoryManageModal.noMemory")}</p>
+              </div>
+            ),
+          }}
+          style={{
+            height:
+              memory.addingMemoryKey === currentGroup.key
+                ? "calc(100% - 100px)"
+                : "100%",
+            overflowY: "auto",
+          }}
+          renderItem={(item) => (
+            <List.Item
+              className="hover:bg-gray-50 transition-colors"
+              actions={[
+                <Button
+                  key="delete"
+                  type="text"
+                  size="small"
+                  danger
+                  icon={<Eraser className="size-4" />}
+                  onClick={() =>
+                    memory.handleDeleteMemory(item.id, currentGroup.key)
+                  }
+                  disabled={disabled}
+                  title={t("memoryManageModal.deleteMemory")}
+                />,
+              ]}
+            >
+              <div className="flex flex-col text-sm">{item.memory}</div>
+            </List.Item>
+          )}
+        />
+      </div>
+    </div>
+  );
+}
+
+
+
+
+
diff --git a/frontend/app/[locale]/memory/page.tsx b/frontend/app/[locale]/memory/page.tsx
new file mode 100644
index 000000000..0828e9af1
--- /dev/null
+++ b/frontend/app/[locale]/memory/page.tsx
@@ -0,0 +1,404 @@
+"use client";
+
+import React, { useEffect, useState, useCallback } from "react";
+import { App, Button, Card, Input, List, Menu, Switch, Tabs } from "antd";
+import { motion } from "framer-motion";
+import "./memory.css";
+import {
+  MessageSquarePlus,
+  Eraser,
+  MessageSquareOff,
+  UsersRound,
+  UserRound,
+  Bot,
+  Share2,
+  Settings,
+  MessageSquareDashed,
+  Check,
+  X,
+} from "lucide-react";
+import { useTranslation, Trans } from "react-i18next";
+
+import { useAuth } from "@/hooks/useAuth";
+import { useMemory } from "@/hooks/useMemory";
+import { useSetupFlow } from "@/hooks/useSetupFlow";
+import { USER_ROLES, MEMORY_TAB_KEYS, MemoryTabKey } from "@/const/modelConfig";
+import {
+  MEMORY_SHARE_STRATEGY,
+  MemoryShareStrategy,
+} from "@/const/memoryConfig";
+import { SETUP_PAGE_CONTAINER, STANDARD_CARD } from "@/const/layoutConstants";
+
+import { useConfirmModal } from "@/hooks/useConfirmModal";
+import { MemoryMenuList } from "./MemoryMenuList";
+
+/**
+ * MemoryContent - Main component for memory management page
+ * Redesigned from modal to full-page layout with cards
+ */
+export default function MemoryContent() {
+  const { message } = App.useApp();
+  const { t } = useTranslation("common");
+  const { user, isSpeedMode } = useAuth();
+  const { confirm } = useConfirmModal();
+
+  // Use custom hook for common setup flow logic
+  const { canAccessProtectedData, pageVariants, pageTransition } = useSetupFlow(
+    {
+      requireAdmin: false,
+    }
+  );
+
+  const role: (typeof USER_ROLES)[keyof typeof USER_ROLES] = (
+    isSpeedMode || user?.role === USER_ROLES.ADMIN
+      ? USER_ROLES.ADMIN
+      : USER_ROLES.USER
+  ) as (typeof USER_ROLES)[keyof typeof USER_ROLES];
+
+  // Mock user and tenant IDs (should come from context)
+  const currentUserId = "user1";
+  const currentTenantId = "tenant1";
+
+  const memory = useMemory({
+    visible: true,
+    currentUserId,
+    currentTenantId,
+    message,
+  });
+
+  const handleClearConfirm = (groupKey: string, groupTitle: string) => {
+    confirm({
+      title: t("memoryDeleteModal.title"),
+      content: (
+        <div className="space-y-4 mt-4">
+          <p className="text-base">
+            <Trans
+              i18nKey="memoryDeleteModal.description"
+              values={{ title: groupTitle }}
+              components={{ strong: <strong className="font-semibold" /> }}
+            />
+          </p>
+          <p className="text-sm text-gray-500">
+            {t("memoryDeleteModal.prompt")}
+          </p>
+        </div>
+      ),
+      onOk: () => memory.handleClearMemory(groupKey, groupTitle),
+    });
+  };
+
+  // Render base settings in a horizontal control bar
+  const renderBaseSettings = () => {
+    const shareOptionLabels: Record<MemoryShareStrategy, string> = {
+      [MEMORY_SHARE_STRATEGY.ALWAYS]: t("memoryManageModal.shareOption.always"),
+      [MEMORY_SHARE_STRATEGY.ASK]: t("memoryManageModal.shareOption.ask"),
+      [MEMORY_SHARE_STRATEGY.NEVER]: t("memoryManageModal.shareOption.never"),
+    };
+
+    return (
+      <Card className="mb-6 shadow-sm">
+        <div className="flex items-center justify-between gap-8">
+          <div className="flex items-center gap-4">
+            <Settings className="size-5 text-gray-600" />
+            <div className="flex flex-col">
+              <span className="text-sm font-medium">
+                {t("memoryManageModal.memoryAbility")}
+              </span>
+            </div>
+          </div>
+          <Switch
+            checked={memory.memoryEnabled}
+            onChange={memory.setMemoryEnabled}
+          />
+        </div>
+
+        {memory.memoryEnabled && (
+          <div className="flex items-center justify-between gap-8 mt-6 pt-6 border-t">
+            <div className="flex items-center gap-4">
+              <Share2 className="size-5 text-gray-600" />
+              <div className="flex flex-col">
+                <span className="text-sm font-medium">
+                  {t("memoryManageModal.agentMemoryShare")}
+                </span>
+              </div>
+            </div>
+            <div className="flex gap-2">
+              {Object.entries(shareOptionLabels).map(([key, label]) => (
+                <Button
+                  key={key}
+                  type={memory.shareOption === key ? "primary" : "default"}
+                  size="middle"
+                  onClick={() =>
+                    memory.setShareOption(key as MemoryShareStrategy)
+                  }
+                >
+                  {label}
+                </Button>
+              ))}
+            </div>
+          </div>
+        )}
+      </Card>
+    );
+  };
+
+  // Render add memory input (inline, doesn't expand container)
+  const renderAddMemoryInput = (groupKey: string) => {
+    if (memory.addingMemoryKey !== groupKey) return null;
+
+    return (
+      <div className="w-full flex items-center justify-center">
+        <div className="w-full flex items-start gap-3">
+          <Input.TextArea
+            value={memory.newMemoryContent}
+            onChange={(e) => memory.setNewMemoryContent(e.target.value)}
+            placeholder={t("memoryManageModal.inputPlaceholder")}
+            maxLength={500}
+            showCount
+            onPressEnter={memory.confirmAddingMemory}
+            disabled={memory.isAddingMemory}
+            className="flex-1"
+            autoSize={{ minRows: 1, maxRows: 3 }}
+            style={{ minHeight: "60px" }}
+          />
+          <div className="flex flex-col gap-2 flex-shrink-0 pt-1">
+            <Button
+              type="primary"
+              size="middle"
+              shape="circle"
+              icon={<Check className="size-4" />}
+              onClick={memory.confirmAddingMemory}
+              loading={memory.isAddingMemory}
+              disabled={!memory.newMemoryContent.trim()}
+              className="bg-green-500 hover:bg-green-600"
+            />
+            <Button
+              size="middle"
+              shape="circle"
+              icon={<X className="size-4" />}
+              onClick={memory.cancelAddingMemory}
+              disabled={memory.isAddingMemory}
+            />
+          </div>
+        </div>
+      </div>
+    );
+  };
+
+  // Render single list (for tenant shared and user personal) - no card, with header buttons
+  const renderSingleList = useCallback(
+    (group: { title: string; key: string; items: any[] }) => {
+      return (
+        <div
+          className="memory-single-list"
+          key={`${group.key}-${group.items.length}-${memory.addingMemoryKey}`}
+        >
+          {/* Add memory input - appears before the list */}
+          {memory.addingMemoryKey === group.key && (
+            <div className="border border-gray-200 rounded-md p-3 mb-3 bg-blue-50">
+              {renderAddMemoryInput(group.key)}
+            </div>
+          )}
+
+          <List
+            header={
+              <div className="flex items-center justify-between">
+                <span className="text-base font-medium">{group.title}</span>
+                <div className="flex items-center gap-2">
+                  <Button
+                    type="text"
+                    size="small"
+                    icon={<MessageSquarePlus className="size-4" />}
+                    onClick={() => {
+                      memory.startAddingMemory(group.key);
+                    }}
+                    className="hover:bg-green-50 hover:text-green-600"
+                    title={t("memoryManageModal.addMemory")}
+                  />
+                  {group.items.length > 0 && (
+                    <Button
+                      type="text"
+                      size="small"
+                      icon={<MessageSquareOff className="size-4" />}
+                      onClick={() => handleClearConfirm(group.key, group.title)}
+                      danger
+                      className="hover:bg-red-50"
+                      title={t("memoryManageModal.clearMemory")}
+                    />
+                  )}
+                </div>
+              </div>
+            }
+            bordered
+            dataSource={group.items}
+            locale={{
+              emptyText: (
+                <div className="flex flex-col items-center justify-center py-16 text-gray-400">
+                  <MessageSquareDashed className="size-12 mb-3 opacity-50" />
+                  <p className="text-sm">{t("memoryManageModal.noMemory")}</p>
+                </div>
+              ),
+            }}
+            style={{
+              height:
+                memory.addingMemoryKey === group.key
+                  ? "calc(100vh - 380px)"
+                  : "calc(100vh - 280px)",
+              overflowY: "auto",
+            }}
+            renderItem={(item) => (
+              <List.Item
+                className="hover:bg-gray-50 transition-colors"
+                actions={[
+                  <Button
+                    key="delete"
+                    type="text"
+                    size="small"
+                    danger
+                    icon={<Eraser className="size-4" />}
+                    onClick={() =>
+                      memory.handleDeleteMemory(item.id, group.key)
+                    }
+                    title={t("memoryManageModal.deleteMemory")}
+                  />,
+                ]}
+              >
+                <div className="flex flex-col text-sm">{item.memory}</div>
+              </List.Item>
+            )}
+          />
+        </div>
+      );
+    },
+    [
+      memory.addingMemoryKey,
+      memory.startAddingMemory,
+      memory.handleDeleteMemory,
+      handleClearConfirm,
+      renderAddMemoryInput,
+      t,
+    ]
+  );
+
+  const renderMemoryWithMenu = (
+    groups: { title: string; key: string; items: any[] }[],
+    showSwitch = false
+  ) => (
+    <MemoryMenuList
+      groups={groups}
+      showSwitch={showSwitch}
+      memory={memory}
+      t={t}
+      onClearConfirm={handleClearConfirm}
+      renderAddMemoryInput={renderAddMemoryInput}
+    />
+  );
+
+  const tabItems = [
+    {
+      key: MEMORY_TAB_KEYS.BASE,
+      label: (
+        <span className="inline-flex items-center gap-2">
+          <Settings className="size-4" />
+          {t("memoryManageModal.baseSettings")}
+        </span>
+      ),
+      children: renderBaseSettings(),
+    },
+    ...(role === USER_ROLES.ADMIN
+      ? [
+          {
+            key: MEMORY_TAB_KEYS.TENANT,
+            label: (
+              <span className="inline-flex items-center gap-2">
+                <UsersRound className="size-4" />
+                {t("memoryManageModal.tenantShareTab")}
+              </span>
+            ),
+            children: renderSingleList(memory.tenantSharedGroup),
+            disabled: !memory.memoryEnabled,
+          },
+          {
+            key: MEMORY_TAB_KEYS.AGENT_SHARED,
+            label: (
+              <span className="inline-flex items-center gap-2">
+                <Share2 className="size-4" />
+                {t("memoryManageModal.agentShareTab")}
+              </span>
+            ),
+            children: renderMemoryWithMenu(memory.agentSharedGroups, true),
+            disabled:
+              !memory.memoryEnabled ||
+              memory.shareOption === MEMORY_SHARE_STRATEGY.NEVER,
+          },
+        ]
+      : []),
+    {
+      key: MEMORY_TAB_KEYS.USER_PERSONAL,
+      label: (
+        <span className="inline-flex items-center gap-2">
+          <UserRound className="size-4" />
+          {t("memoryManageModal.userPersonalTab")}
+        </span>
+      ),
+      children: renderSingleList(memory.userPersonalGroup),
+      disabled: !memory.memoryEnabled,
+    },
+    {
+      key: MEMORY_TAB_KEYS.USER_AGENT,
+      label: (
+        <span className="inline-flex items-center gap-2">
+          <Bot className="size-4" />
+          {t("memoryManageModal.userAgentTab")}
+        </span>
+      ),
+      children: renderMemoryWithMenu(memory.userAgentGroups, true),
+      disabled: !memory.memoryEnabled,
+    },
+  ];
+
+  return (
+    <>
+      <div className="w-full h-full p-8">
+        <motion.div
+          initial="initial"
+          animate="in"
+          exit="out"
+          variants={pageVariants}
+          transition={pageTransition}
+          style={{ width: "100%", height: "100%" }}
+        >
+          {canAccessProtectedData ? (
+            <div className="w-full h-full flex items-center justify-center">
+              <div
+                className="w-full mx-auto"
+                style={{
+                  maxWidth: SETUP_PAGE_CONTAINER.MAX_WIDTH,
+                  padding: `0 ${SETUP_PAGE_CONTAINER.HORIZONTAL_PADDING}`,
+                }}
+              >
+                <div
+                  className={STANDARD_CARD.BASE_CLASSES}
+                  style={{
+                    height: SETUP_PAGE_CONTAINER.MAIN_CONTENT_HEIGHT,
+                    padding: "25px",
+                  }}
+                >
+                  <Tabs
+                    size="middle"
+                    items={tabItems}
+                    activeKey={memory.activeTabKey}
+                    onChange={(key) => memory.setActiveTabKey(key)}
+                    tabBarStyle={{
+                      marginBottom: "16px",
+                    }}
+                  />
+                </div>
+              </div>
+            </div>
+          ) : null}
+        </motion.div>
+      </div>
+    </>
+  );
+}
diff --git a/frontend/app/[locale]/models/ModelConfiguration.tsx b/frontend/app/[locale]/models/ModelConfiguration.tsx
index 3fad16875..1fe154a76 100644
--- a/frontend/app/[locale]/models/ModelConfiguration.tsx
+++ b/frontend/app/[locale]/models/ModelConfiguration.tsx
@@ -1,32 +1,28 @@
-"use client"
+"use client";
 
-import { useState, useEffect, useRef } from "react"
-import { useTranslation } from 'react-i18next'
-import { Typography, Row, Col } from "antd"
+import { useState, useEffect, useRef } from "react";
+import { useTranslation } from "react-i18next";
+import { Typography, Row, Col } from "antd";
 
-import { 
-  SETUP_PAGE_CONTAINER, 
-  TWO_COLUMN_LAYOUT, 
+import {
+  SETUP_PAGE_CONTAINER,
+  TWO_COLUMN_LAYOUT,
   STANDARD_CARD,
-  CARD_HEADER 
-} from '@/const/layoutConstants'
+  CARD_HEADER,
+} from "@/const/layoutConstants";
 
-import { AppConfigSection } from './components/appConfig'
-import { ModelConfigSection, ModelConfigSectionRef } from './components/modelConfig'
+import { AppConfigSection } from "./components/appConfig";
+import {
+  ModelConfigSection,
+  ModelConfigSectionRef,
+} from "./components/modelConfig";
 
-const { Title } = Typography
+const { Title } = Typography;
 
 // Add interface definition
 interface AppModelConfigProps {
   skipModelVerification?: boolean;
   canAccessProtectedData?: boolean;
-  onSelectedModelsChange?: (
-    selected: Record<string, Record<string, string>>
-  ) => void;
-  onEmbeddingConnectivityChange?: (status: {
-    // can add multi_embedding in future
-    embedding?: string;
-  }) => void;
   // Expose a ref from parent to allow programmatic dropdown change
   forwardedRef?: React.Ref<ModelConfigSectionRef>;
 }
@@ -34,8 +30,6 @@ interface AppModelConfigProps {
 export default function AppModelConfig({
   skipModelVerification = false,
   canAccessProtectedData = false,
-  onSelectedModelsChange,
-  onEmbeddingConnectivityChange,
   forwardedRef,
 }: AppModelConfigProps) {
   const { t } = useTranslation();
@@ -51,27 +45,10 @@ export default function AppModelConfig({
     };
   }, [skipModelVerification]);
 
-  // Report selected models from child component to parent (if callback provided)
-  useEffect(() => {
-    if (!onSelectedModelsChange && !onEmbeddingConnectivityChange) return;
-    const timer = setInterval(() => {
-      const current = modelConfigRef.current?.getSelectedModels?.();
-      const embeddingConn =
-        modelConfigRef.current?.getEmbeddingConnectivity?.();
-      if (current && onSelectedModelsChange) onSelectedModelsChange(current);
-      if (embeddingConn && onEmbeddingConnectivityChange) {
-        onEmbeddingConnectivityChange({
-          embedding: embeddingConn.embedding,
-        });
-      }
-    }, 300);
-    return () => clearInterval(timer);
-  }, [onSelectedModelsChange, onEmbeddingConnectivityChange]);
-
   // Bridge internal ref to external forwardedRef so parent can call simulateDropdownChange
   useEffect(() => {
     if (!forwardedRef) return;
-    if (typeof forwardedRef === 'function') {
+    if (typeof forwardedRef === "function") {
       forwardedRef(modelConfigRef.current);
     } else {
       // @ts-ignore allow writing current
@@ -81,16 +58,17 @@ export default function AppModelConfig({
 
   return (
     <div
-      className="w-full mx-auto"
+      className="w-full h-full mx-auto"
       style={{
         maxWidth: SETUP_PAGE_CONTAINER.MAX_WIDTH,
         padding: `0 ${SETUP_PAGE_CONTAINER.HORIZONTAL_PADDING}`,
       }}
     >
       {isClientSide ? (
-        <div className="w-full">
-          <Row gutter={TWO_COLUMN_LAYOUT.GUTTER}>
+        <div className="w-full h-full">
+          <Row className="h-full w-full" gutter={TWO_COLUMN_LAYOUT.GUTTER}>
             <Col
+              className="h-full"
               xs={TWO_COLUMN_LAYOUT.LEFT_COLUMN.xs}
               md={TWO_COLUMN_LAYOUT.LEFT_COLUMN.md}
               lg={TWO_COLUMN_LAYOUT.LEFT_COLUMN.lg}
@@ -98,12 +76,9 @@ export default function AppModelConfig({
               xxl={TWO_COLUMN_LAYOUT.LEFT_COLUMN.xxl}
             >
               <div
-                className={STANDARD_CARD.BASE_CLASSES}
+                className={`${STANDARD_CARD.BASE_CLASSES} flex flex-col h-full w-full`}
                 style={{
-                  height: SETUP_PAGE_CONTAINER.MAIN_CONTENT_HEIGHT,
                   padding: STANDARD_CARD.PADDING,
-                  display: "flex",
-                  flexDirection: "column",
                 }}
               >
                 <div
@@ -134,12 +109,9 @@ export default function AppModelConfig({
               xxl={TWO_COLUMN_LAYOUT.RIGHT_COLUMN.xxl}
             >
               <div
-                className={STANDARD_CARD.BASE_CLASSES}
+                className={`${STANDARD_CARD.BASE_CLASSES} flex flex-col h-full w-full`}
                 style={{
-                  height: SETUP_PAGE_CONTAINER.MAIN_CONTENT_HEIGHT,
                   padding: STANDARD_CARD.PADDING,
-                  display: "flex",
-                  flexDirection: "column",
                 }}
               >
                 <div
@@ -177,4 +149,4 @@ export default function AppModelConfig({
       )}
     </div>
   );
-}
\ No newline at end of file
+}
diff --git a/frontend/app/[locale]/models/ModelsContent.tsx b/frontend/app/[locale]/models/ModelsContent.tsx
deleted file mode 100644
index 87e0120d8..000000000
--- a/frontend/app/[locale]/models/ModelsContent.tsx
+++ /dev/null
@@ -1,78 +0,0 @@
-"use client";
-
-import {useRef} from "react";
-import {motion} from "framer-motion";
-
-import {useSetupFlow} from "@/hooks/useSetupFlow";
-import {
-  ConnectionStatus,
-} from "@/const/modelConfig";
-
-import AppModelConfig from "./ModelConfiguration";
-import {ModelConfigSectionRef} from "./components/modelConfig";
-
-interface ModelsContentProps {
-  /** Custom next button handler (optional) */
-  onNext?: () => void;
-  /** Connection status */
-  connectionStatus?: ConnectionStatus;
-  /** Is checking connection */
-  isCheckingConnection?: boolean;
-  /** Check connection callback */
-  onCheckConnection?: () => void;
-  /** Callback to expose connection status */
-  onConnectionStatusChange?: (status: ConnectionStatus) => void;
-}
-
-/**
- * ModelsContent - Main component for model configuration
- * Can be used in setup flow or as standalone page
- */
-export default function ModelsContent({
-  connectionStatus: externalConnectionStatus,
-  isCheckingConnection: externalIsCheckingConnection,
-  onCheckConnection: externalOnCheckConnection,
-  onConnectionStatusChange,
-}: ModelsContentProps) {
-  // Use custom hook for common setup flow logic
-  const {
-    canAccessProtectedData,
-    pageVariants,
-    pageTransition,
-  } = useSetupFlow({
-    requireAdmin: true,
-    externalConnectionStatus,
-    externalIsCheckingConnection,
-    onCheckConnection: externalOnCheckConnection,
-    onConnectionStatusChange,
-    nonAdminRedirect: "/setup/knowledges",
-  });
-
-  const modelConfigSectionRef = useRef<ModelConfigSectionRef | null>(null);
-
-  return (
-    <>
-      <motion.div
-        initial="initial"
-        animate="in"
-        exit="out"
-        variants={pageVariants}
-        transition={pageTransition}
-        style={{width: "100%", height: "100%"}}
-      >
-        <div className="w-full h-full flex items-center justify-center">
-          {canAccessProtectedData ? (
-            <AppModelConfig
-              onSelectedModelsChange={() => {}}
-              onEmbeddingConnectivityChange={() => {}}
-              forwardedRef={modelConfigSectionRef}
-              canAccessProtectedData={canAccessProtectedData}
-            />
-          ) : null}
-        </div>
-      </motion.div>
-
-    </>
-  );
-}
-
diff --git a/frontend/app/[locale]/models/page.tsx b/frontend/app/[locale]/models/page.tsx
new file mode 100644
index 000000000..ca81be7ac
--- /dev/null
+++ b/frontend/app/[locale]/models/page.tsx
@@ -0,0 +1,49 @@
+"use client";
+
+import { useRef } from "react";
+import { motion } from "framer-motion";
+
+import { useSetupFlow } from "@/hooks/useSetupFlow";
+
+import AppModelConfig from "./ModelConfiguration";
+import { ModelConfigSectionRef } from "./components/modelConfig";
+
+/**
+ * ModelsContent - Main component for model configuration
+ * Can be used in setup flow or as standalone page
+ */
+export default function ModelsContent() {
+  // Use custom hook for common setup flow logic
+  const { canAccessProtectedData, pageVariants, pageTransition } = useSetupFlow(
+    {
+      requireAdmin: true,
+      nonAdminRedirect: "/setup/knowledges",
+    }
+  );
+
+  const modelConfigSectionRef = useRef<ModelConfigSectionRef | null>(null);
+
+  return (
+    <>
+      <div className="w-full h-full p-8">
+        <motion.div
+          initial="initial"
+          animate="in"
+          exit="out"
+          variants={pageVariants}
+          transition={pageTransition}
+          style={{ width: "100%", height: "100%" }}
+        >
+          <div className="w-full h-full flex items-center justify-center">
+            {canAccessProtectedData ? (
+              <AppModelConfig
+                forwardedRef={modelConfigSectionRef}
+                canAccessProtectedData={canAccessProtectedData}
+              />
+            ) : null}
+          </div>
+        </motion.div>
+      </div>
+    </>
+  );
+}
diff --git a/frontend/app/[locale]/monitoring/MonitoringContent.tsx b/frontend/app/[locale]/monitoring/page.tsx
similarity index 78%
rename from frontend/app/[locale]/monitoring/MonitoringContent.tsx
rename to frontend/app/[locale]/monitoring/page.tsx
index adb41dcd5..ee625b2a0 100644
--- a/frontend/app/[locale]/monitoring/MonitoringContent.tsx
+++ b/frontend/app/[locale]/monitoring/page.tsx
@@ -6,43 +6,18 @@ import { useTranslation } from "react-i18next";
 import { Activity } from "lucide-react";
 
 import { useSetupFlow } from "@/hooks/useSetupFlow";
-import { ConnectionStatus } from "@/const/modelConfig";
-
-interface MonitoringContentProps {
-  /** Connection status */
-  connectionStatus?: ConnectionStatus;
-  /** Is checking connection */
-  isCheckingConnection?: boolean;
-  /** Check connection callback */
-  onCheckConnection?: () => void;
-  /** Callback to expose connection status */
-  onConnectionStatusChange?: (status: ConnectionStatus) => void;
-}
 
 /**
  * MonitoringContent - Agent monitoring and operations coming soon page
  * This will allow admins to monitor and operate agents (health, logs, alerts)
  */
-export default function MonitoringContent({
-  connectionStatus: externalConnectionStatus,
-  isCheckingConnection: externalIsCheckingConnection,
-  onCheckConnection: externalOnCheckConnection,
-  onConnectionStatusChange,
-}: MonitoringContentProps) {
+export default function MonitoringContent({}) {
   const { t } = useTranslation("common");
-
   // Use custom hook for common setup flow logic
-  const { canAccessProtectedData, pageVariants, pageTransition } = useSetupFlow({
-    requireAdmin: true,
-    externalConnectionStatus,
-    externalIsCheckingConnection,
-    onCheckConnection: externalOnCheckConnection,
-    onConnectionStatusChange,
-  });
-
+  const { pageVariants, pageTransition } = useSetupFlow();
   return (
     <>
-      {canAccessProtectedData ? (
+      <div className="w-full h-full">
         <motion.div
           initial="initial"
           animate="in"
@@ -120,9 +95,7 @@ export default function MonitoringContent({
             </motion.div>
           </div>
         </motion.div>
-      ) : null}
+      </div>
     </>
   );
 }
-
-
diff --git a/frontend/app/[locale]/page.tsx b/frontend/app/[locale]/page.tsx
index 2fde0fa71..79a7418f4 100644
--- a/frontend/app/[locale]/page.tsx
+++ b/frontend/app/[locale]/page.tsx
@@ -1,536 +1,37 @@
 "use client";
 
-import { useState, useEffect, useCallback } from "react";
-import { useTranslation } from "react-i18next";
-import { NavigationLayout } from "@/components/navigation/NavigationLayout";
+import { useRouter } from "next/navigation";
 import { HomepageContent } from "@/components/homepage/HomepageContent";
-import { AuthDialogs } from "@/components/homepage/AuthDialogs";
-import { LoginModal } from "@/components/auth/loginModal";
-import { RegisterModal } from "@/components/auth/registerModal";
 import { useAuth } from "@/hooks/useAuth";
-import { ConfigProvider, App } from "antd";
-import log from "@/lib/logger";
-
-// Import content components
-import MemoryContent from "./memory/MemoryContent";
-import ModelsContent from "./models/ModelsContent";
-import AgentSetupOrchestrator from "./agents/AgentSetupOrchestrator";
-import KnowledgesContent from "./knowledges/KnowledgesContent";
-import { SpaceContent } from "./space/components/SpaceContent";
-import { fetchAgentList } from "@/services/agentConfigService";
-import { useAgentImport, ImportAgentData } from "@/hooks/useAgentImport";
-import SetupLayout from "./setup/SetupLayout";
-import AgentImportWizard from "@/components/agent/AgentImportWizard";
-import { ChatContent } from "./chat/internal/ChatContent";
-import { ChatTopNavContent } from "./chat/internal/ChatTopNavContent";
-import { Badge, Button as AntButton, Flex } from "antd";
-import { RefreshCw } from "lucide-react";
-import { USER_ROLES } from "@/const/modelConfig";
-import MarketContent from "./market/MarketContent";
-import UsersContent from "./users/UsersContent";
-import McpToolsContent from "./mcp-tools/McpToolsContent";
-import MonitoringContent from "./monitoring/MonitoringContent";
-import { getSavedView, saveView } from "@/lib/viewPersistence";
-import { useSaveGuard } from "@/hooks/agent/useSaveGuard";
-
-// View type definition
-type ViewType =
-  | "home"
-  | "memory"
-  | "models"
-  | "agents"
-  | "knowledges"
-  | "space"
-  | "setup"
-  | "chat"
-  | "market"
-  | "users"
-  | "mcpTools"
-  | "monitoring";
-type SetupStep = "models" | "knowledges" | "agents";
 
 export default function Home() {
-  const [mounted, setMounted] = useState(false);
-
-  // Prevent hydration errors
-  useEffect(() => {
-    setMounted(true);
-  }, []);
-
-  if (!mounted) {
-    return null;
-  }
+  const router = useRouter();
+  const { user, isSpeedMode } = useAuth();
+
+  const handleAuthRequired = () => {
+    // This will trigger the global auth dialogs in the layout
+    if (!isSpeedMode && !user) {
+      // The layout component will handle showing the login prompt
+    }
+  };
+
+  const handleAdminRequired = () => {
+    // This will trigger the global auth dialogs in the layout
+    if (!isSpeedMode && user?.role !== "admin") {
+      // The layout component will handle showing the admin prompt
+    }
+  };
 
   return (
-    <ConfigProvider getPopupContainer={() => document.body}>
-      <FrontpageContent />
-    </ConfigProvider>
-  );
-
-  function FrontpageContent() {
-    const { t } = useTranslation("common");
-    const { message } = App.useApp();
-    const {
-      user,
-      isLoading: userLoading,
-      openLoginModal,
-      openRegisterModal,
-      isSpeedMode,
-    } = useAuth();
-    const [loginPromptOpen, setLoginPromptOpen] = useState(false);
-    const [adminRequiredPromptOpen, setAdminRequiredPromptOpen] =
-      useState(false);
-
-    // View state management with localStorage persistence
-    const [currentView, setCurrentView] = useState<ViewType>(getSavedView);
-    
-    // Connection status removed per request.
-    
-    // Space-specific states
-    const [agents, setAgents] = useState<any[]>([]);
-    const [isLoadingAgents, setIsLoadingAgents] = useState(false);
-    const [isImporting, setIsImporting] = useState(false);
-
-    // Agent import wizard states
-    const [importWizardVisible, setImportWizardVisible] = useState(false);
-    const [importWizardData, setImportWizardData] =
-      useState<ImportAgentData | null>(null);
-
-    // Setup-specific states
-    const [currentSetupStep, setCurrentSetupStep] =
-      useState<SetupStep>("models");
-    const [isSaving, setIsSaving] = useState(false);
-
-    // Handle operations that require login
-    const handleAuthRequired = () => {
-      if (!isSpeedMode && !user) {
-        setLoginPromptOpen(true);
-      }
-    };
-
-    // Confirm login dialog
-    const handleCloseLoginPrompt = () => {
-      setLoginPromptOpen(false);
-    };
-
-    // Handle operations that require admin privileges
-    const handleAdminRequired = () => {
-      if (!isSpeedMode && user?.role !== "admin") {
-        setAdminRequiredPromptOpen(true);
-      }
-    };
-
-    // Close admin prompt dialog
-    const handleCloseAdminPrompt = () => {
-      setAdminRequiredPromptOpen(false);
-    };
-
-    // Determine if user is admin
-    const isAdmin = isSpeedMode || user?.role === USER_ROLES.ADMIN;
-
-    // Unsaved changes guard for setup completion
-    const checkUnsavedChangesForSetup = useSaveGuard();
-
-    // Load data for the saved view on initial mount
-    useEffect(() => {
-      if (currentView === "space" && agents.length === 0) {
-        loadAgents();
-      }
-    }, []); // Only run on mount
-
-    // Handle view change from navigation
-    const handleViewChange = (view: string) => {
-      const viewType = view as ViewType;
-      setCurrentView(viewType);
-
-      // Save current view to localStorage for persistence across page refreshes
-      saveView(viewType);
-
-      // Initialize setup step based on user role
-      if (viewType === "setup") {
-        if (isAdmin) {
-          setCurrentSetupStep("models");
-        } else {
-          setCurrentSetupStep("knowledges");
-        }
-      }
-
-      // Load data for specific views
-      if (viewType === "space") {
-        loadAgents(); // Always refresh agents when entering space
-      }
-    };
-    
-    // Connection check removed.
-    
-    // Load agents for space view
-    const loadAgents = async () => {
-      setIsLoadingAgents(true);
-      try {
-        const result = await fetchAgentList();
-        if (result.success) {
-          setAgents(result.data);
-        } else {
-          message.error(t(result.message) || "Failed to load agents");
-        }
-      } catch (error) {
-        log.error("Failed to load agents:", error);
-        message.error("Failed to load agents");
-      } finally {
-        setIsLoadingAgents(false);
-      }
-    };
-
-    // Use unified import hook for space view
-    const { importFromData } = useAgentImport({
-      onSuccess: () => {
-        message.success(t("businessLogic.config.error.agentImportSuccess"));
-        loadAgents();
-        setIsImporting(false);
-        setImportWizardVisible(false);
-        setImportWizardData(null);
-      },
-      onError: (error) => {
-        log.error(t("agentConfig.agents.importFailed"), error);
-        message.error(t("businessLogic.config.error.agentImportFailed"));
-        setIsImporting(false);
-      },
-    });
-
-    // Handle import agent for space view - open wizard instead of direct import
-    const handleImportAgent = () => {
-      const fileInput = document.createElement("input");
-      fileInput.type = "file";
-      fileInput.accept = ".json";
-      fileInput.onchange = async (event) => {
-        const file = (event.target as HTMLInputElement).files?.[0];
-        if (!file) return;
-
-        if (!file.name.endsWith(".json")) {
-          message.error(t("businessLogic.config.error.invalidFileType"));
-          return;
-        }
-
-        try {
-          // Read and parse file
-          const fileContent = await file.text();
-          let agentData: ImportAgentData;
-
-          try {
-            agentData = JSON.parse(fileContent);
-          } catch (parseError) {
-            message.error(t("businessLogic.config.error.invalidFileType"));
-            return;
-          }
-
-          // Validate structure
-          if (!agentData.agent_id || !agentData.agent_info) {
-            message.error(t("businessLogic.config.error.invalidFileType"));
-            return;
-          }
-
-          // Open wizard with parsed data
-          setImportWizardData(agentData);
-          setImportWizardVisible(true);
-        } catch (error) {
-          log.error("Failed to read import file:", error);
-          message.error(t("businessLogic.config.error.agentImportFailed"));
-        }
-      };
-
-      fileInput.click();
-    };
-
-    // Handle import completion from wizard
-    // Note: AgentImportWizard already handles the import internally,
-    // so we just need to refresh the agent list
-    const handleImportComplete = () => {
-      loadAgents();
-      setImportWizardVisible(false);
-      setImportWizardData(null);
-    };
-
-    // Setup navigation handlers
-    const handleSetupNext = () => {
-      if (currentSetupStep === "models") {
-        setCurrentSetupStep("knowledges");
-      } else if (currentSetupStep === "knowledges") {
-        if (isAdmin) {
-          setCurrentSetupStep("agents");
-        }
-      }
-    };
-
-    const handleSetupBack = () => {
-      if (currentSetupStep === "knowledges") {
-        if (isAdmin) {
-          setCurrentSetupStep("models");
-        }
-      } else if (currentSetupStep === "agents") {
-        setCurrentSetupStep("knowledges");
-      }
-    };
-
-    const handleSetupComplete = async () => {
-      // Check if we're on the agents step and if there are unsaved changes
-      if (currentSetupStep === "agents" && isAdmin) {
-        const canProceed = await checkUnsavedChangesForSetup.saveWithModal;
-        if (!canProceed) {
-          return; // Save failed or user cancelled
-        }
-      }
-
-      // Proceed to chat
-      setCurrentView("chat");
-      saveView("chat");
-    };
-
-    // Determine setup button visibility based on current step and user role
-    const getSetupNavigationProps = () => {
-      if (!isAdmin) {
-        return {
-          showBack: false,
-          showNext: false,
-          showComplete: true,
-        };
-      }
-
-      switch (currentSetupStep) {
-        case "models":
-          return {
-            showBack: false,
-            showNext: true,
-            showComplete: false,
-          };
-        case "knowledges":
-          return {
-            showBack: true,
-            showNext: true,
-            showComplete: false,
-          };
-        case "agents":
-          return {
-            showBack: true,
-            showNext: false,
-            showComplete: true,
-          };
-        default:
-          return {
-            showBack: false,
-            showNext: false,
-            showComplete: false,
-          };
-      }
-    };
-
-    // Render content based on current view
-    const renderContent = () => {
-      switch (currentView) {
-        case "home":
-          return (
-            <div className="w-full h-full flex items-center justify-center p-4">
-              <HomepageContent
-                onAuthRequired={handleAuthRequired}
-                onAdminRequired={handleAdminRequired}
-                onChatNavigate={() => {
-                  setCurrentView("chat");
-                  saveView("chat");
-                }}
-                onSetupNavigate={() => {
-                  setCurrentView("setup");
-                  saveView("setup");
-                }}
-                onSpaceNavigate={() => {
-                  setCurrentView("space");
-                  saveView("space");
-                }}
-              />
-            </div>
-          );
-
-        case "memory":
-          return (
-            <div className="w-full h-full">
-              <MemoryContent />
-            </div>
-          );
-
-        case "models":
-          return (
-            <div className="w-full h-full p-8">
-              <ModelsContent />
-            </div>
-          );
-
-        case "agents":
-          return (
-            <Flex
-              justify="center"
-              align="center"
-              className="py-8 px-16 h-full w-full"
-            >
-              <AgentSetupOrchestrator onImportAgent={handleImportAgent} />
-            </Flex>
-          );
-
-        case "knowledges":
-          return (
-            <div className="w-full h-full p-8">
-              <KnowledgesContent isSaving={false} />
-            </div>
-          );
-
-        case "space":
-          return (
-            <>
-              <SpaceContent
-                agents={agents}
-                isLoading={isLoadingAgents}
-                isImporting={isImporting}
-                onRefresh={loadAgents}
-                onLoadAgents={loadAgents}
-                onImportAgent={handleImportAgent}
-                onChatNavigate={(agentId) => {
-                  // Update URL with agent_id parameter for auto-selection in ChatAgentSelector
-                  const url = new URL(window.location.href);
-                  url.searchParams.set("agent_id", agentId);
-                  window.history.replaceState({}, "", url.toString());
-
-                  setCurrentView("chat");
-                  saveView("chat");
-                }}
-                onEditNavigate={() => {
-                  // Navigate to agents development view
-                  setCurrentView("agents");
-                  saveView("agents");
-                }}
-              />
-            </>
-          );
-
-        case "chat":
-          return <ChatContent />;
-
-        case "market":
-          return (
-            <div className="w-full h-full">
-              <MarketContent />
-            </div>
-          );
-
-        case "users":
-          return (
-            <div className="w-full h-full">
-              <UsersContent />
-            </div>
-          );
-
-        case "mcpTools":
-          return (
-            <div className="w-full h-full p-8">
-              <McpToolsContent />
-            </div>
-          );
-
-        case "monitoring":
-          return (
-            <div className="w-full h-full p-8">
-              <MonitoringContent />
-            </div>
-          );
-
-        case "setup":
-          const setupNavProps = getSetupNavigationProps();
-          return (
-            <SetupLayout
-              onBack={handleSetupBack}
-              onNext={handleSetupNext}
-              onComplete={handleSetupComplete}
-              isSaving={isSaving}
-              showBack={setupNavProps.showBack}
-              showNext={setupNavProps.showNext}
-              showComplete={setupNavProps.showComplete}
-              nextText={t("setup.navigation.button.next")}
-              completeText={t("setup.navigation.button.complete")}
-            >
-              {currentSetupStep === "models" && isAdmin && (
-                <ModelsContent onNext={handleSetupNext} />
-              )}
-
-              {currentSetupStep === "knowledges" && (
-                <KnowledgesContent isSaving={isSaving} onSavingStateChange={setIsSaving} />
-              )}
-
-              {currentSetupStep === "agents" && isAdmin && (
-                <AgentSetupOrchestrator onImportAgent={handleImportAgent} />
-              )}
-            </SetupLayout>
-          );
-
-        default:
-          return null;
-      }
-    };
-
-    // Note: Setup connection status UI removed (badge + refresh) per request.
-
-    return (
-      <NavigationLayout
+    <div className="w-full h-full flex items-center justify-center p-4">
+      <HomepageContent
         onAuthRequired={handleAuthRequired}
         onAdminRequired={handleAdminRequired}
-        onViewChange={handleViewChange}
-        currentView={currentView}
-        showFooter={true}
-        contentMode={"centered"}
-        topNavbarAdditionalTitle={
-          currentView === "chat" ? <ChatTopNavContent /> : undefined
-        }
-      >
-        {renderContent()}
-
-        <AgentImportWizard
-          visible={importWizardVisible}
-          onCancel={() => {
-            setImportWizardVisible(false);
-            setImportWizardData(null);
-          }}
-          initialData={importWizardData}
-          onImportComplete={handleImportComplete}
-          title={undefined} // Use default title
-          agentDisplayName={
-            importWizardData?.agent_info?.[String(importWizardData.agent_id)]
-              ?.display_name
-          }
-          agentDescription={
-            importWizardData?.agent_info?.[String(importWizardData.agent_id)]
-              ?.description
-          }
-        />
+        onChatNavigate={() => router.push('chat')}
+        onSetupNavigate={() => router.push('setup')}
+        onSpaceNavigate={() => router.push('space')}
+      />
+    </div>
+  );
 
-        {/* Auth dialogs - only shown in full version */}
-        {!isSpeedMode && (
-          <>
-            <AuthDialogs
-              loginPromptOpen={loginPromptOpen}
-              adminPromptOpen={adminRequiredPromptOpen}
-              onCloseLoginPrompt={handleCloseLoginPrompt}
-              onCloseAdminPrompt={handleCloseAdminPrompt}
-              onLoginClick={() => {
-                setLoginPromptOpen(false);
-                setAdminRequiredPromptOpen(false);
-                openLoginModal();
-              }}
-              onRegisterClick={() => {
-                setLoginPromptOpen(false);
-                setAdminRequiredPromptOpen(false);
-                openRegisterModal();
-              }}
-            />
-            <LoginModal />
-            <RegisterModal />
-          </>
-        )}
-      </NavigationLayout>
-    );
-  }
 }
diff --git a/frontend/app/[locale]/setup/SetupLayout.tsx b/frontend/app/[locale]/setup/SetupLayout.tsx
deleted file mode 100644
index d2d98a3e1..000000000
--- a/frontend/app/[locale]/setup/SetupLayout.tsx
+++ /dev/null
@@ -1,173 +0,0 @@
-"use client";
-
-import {ReactNode} from "react";
-import {useTranslation} from "react-i18next";
-
-import { Dropdown } from "antd";
-import {
-  ChevronDown,
-  Globe,
-} from "lucide-react";
-import {languageOptions} from "@/const/constants";
-import {useLanguageSwitch} from "@/lib/language";
-import {CONNECTION_STATUS, ConnectionStatus,} from "@/const/modelConfig";
-
-// ================ Setup Header Content Components ================
-// These components are exported so they can be used to customize the TopNavbar
-
-export function SetupHeaderRightContent() {
-  const { t } = useTranslation();
-  const { currentLanguage, handleLanguageChange } = useLanguageSwitch();
-
-  return (
-    <div className="flex items-center gap-3">
-      <Dropdown
-        menu={{
-          items: languageOptions.map((opt) => ({
-            key: opt.value,
-            label: opt.label,
-          })),
-          onClick: ({ key }) => handleLanguageChange(key as string),
-        }}
-      >
-        <a className="ant-dropdown-link text-sm !font-medium text-slate-600 hover:text-slate-900 dark:text-slate-300 dark:hover:text-white transition-colors flex items-center gap-2 cursor-pointer w-[110px] border-0 shadow-none bg-transparent text-left">
-          <Globe className="h-4 w-4" />
-          {languageOptions.find((o) => o.value === currentLanguage)?.label ||
-            currentLanguage}
-          <ChevronDown className="text-[10px]" />
-        </a>
-      </Dropdown>
-    </div>
-  );
-}
-
-// ================ Navigation ================
-interface NavigationProps {
-  onBack?: () => void;
-  onNext?: () => void;
-  onComplete?: () => void;
-  isSaving?: boolean;
-  showBack?: boolean;
-  showNext?: boolean;
-  showComplete?: boolean;
-  nextText?: string;
-  completeText?: string;
-}
-
-function Navigation({
-  onBack,
-  onNext,
-  onComplete,
-  isSaving = false,
-  showBack = false,
-  showNext = false,
-  showComplete = false,
-  nextText,
-  completeText,
-}: NavigationProps) {
-  const { t } = useTranslation();
-
-  const handleClick = () => {
-    if (showComplete && onComplete) {
-      onComplete();
-    } else if (showNext && onNext) {
-      onNext();
-    }
-  };
-
-  const buttonText = () => {
-    if (showComplete) {
-      return isSaving
-        ? t("setup.navigation.button.saving")
-        : completeText || t("setup.navigation.button.complete");
-    }
-    if (showNext) {
-      return nextText || t("setup.navigation.button.next");
-    }
-    return "";
-  };
-
-  return (
-    <div className="mt-3 flex justify-between" style={{ padding: "0 16px" }}>
-      <div className="flex gap-2">
-        {showBack && onBack && (
-          <button
-            onClick={onBack}
-            className="px-6 py-2.5 rounded-md flex items-center text-sm font-medium bg-slate-100 dark:bg-slate-800 text-slate-700 dark:text-slate-300 hover:bg-slate-200 dark:hover:bg-slate-700 cursor-pointer transition-colors"
-          >
-            {t("setup.navigation.button.previous")}
-          </button>
-        )}
-      </div>
-
-      <div className="flex gap-2">
-        {(showNext || showComplete) && (
-          <button
-            onClick={handleClick}
-            disabled={isSaving}
-            className="px-6 py-2.5 rounded-md flex items-center text-sm font-medium bg-blue-600 dark:bg-blue-600 text-white hover:bg-blue-700 dark:hover:bg-blue-700 disabled:opacity-50 disabled:cursor-not-allowed transition-colors"
-            style={{
-              border: "none",
-              marginLeft: !showBack ? "auto" : undefined,
-            }}
-          >
-            {buttonText()}
-          </button>
-        )}
-      </div>
-    </div>
-  );
-}
-
-// ================ Layout ================
-interface SetupLayoutProps {
-  children: ReactNode;
-  onBack?: () => void;
-  onNext?: () => void;
-  onComplete?: () => void;
-  isSaving?: boolean;
-  showBack?: boolean;
-  showNext?: boolean;
-  showComplete?: boolean;
-  nextText?: string;
-  completeText?: string;
-}
-
-/**
- * SetupLayout - Content wrapper for setup pages
- * This component should be wrapped by NavigationLayout
- */
-export default function SetupLayout({
-  children,
-  onBack,
-  onNext,
-  onComplete,
-  isSaving = false,
-  showBack = false,
-  showNext = false,
-  showComplete = false,
-  nextText,
-  completeText,
-}: SetupLayoutProps) {
-  return (
-    <div className="w-full h-full bg-slate-50 dark:bg-slate-900 font-sans overflow-hidden">
-      {/* Main content with fixed size */}
-      <div className="max-w-[1800px] mx-auto px-8 pb-6 pt-6 bg-transparent h-full flex flex-col">
-        <div className="flex-1 w-full h-full flex items-center justify-center">
-        {children}
-        </div>
-        <Navigation
-          onBack={onBack}
-          onNext={onNext}
-          onComplete={onComplete}
-          isSaving={isSaving}
-          showBack={showBack}
-          showNext={showNext}
-          showComplete={showComplete}
-          nextText={nextText}
-          completeText={completeText}
-        />
-      </div>
-    </div>
-  );
-}
diff --git a/frontend/app/[locale]/setup/page.tsx b/frontend/app/[locale]/setup/page.tsx
new file mode 100644
index 000000000..63b9adc47
--- /dev/null
+++ b/frontend/app/[locale]/setup/page.tsx
@@ -0,0 +1,168 @@
+"use client";
+
+import { useState } from "react";
+import { USER_ROLES } from "@/const/modelConfig";
+import { Steps, Button } from "antd";
+import { ChevronLeft, ChevronRight, Check } from "lucide-react";
+import { useSetupFlow } from "@/hooks/useSetupFlow";
+import ModelsContent from "../models/page";
+import KnowledgesContent from "../knowledges/page";
+import AgentSetupOrchestrator from "../agents/page";
+
+type SetupStep = "models" | "knowledges" | "agents";
+
+export default function SetupPage() {
+  const { t, router, canAccessProtectedData, isSpeedMode, user } = useSetupFlow(
+    {
+      requireAdmin: true,
+      nonAdminRedirect: "/setup/knowledges",
+    }
+  );
+
+  const isAdmin = isSpeedMode || user?.role === USER_ROLES.ADMIN;
+
+  const [currentStepIndex, setCurrentStepIndex] = useState<number>(0);
+  const [isSaving, setIsSaving] = useState(false);
+
+  const steps = [
+    {
+      key: "models" as SetupStep,
+      title: t("setup.model.description"),
+    },
+    {
+      key: "knowledges" as SetupStep,
+      title: t("setup.knowledge.description"),
+    },
+    {
+      key: "agents" as SetupStep,
+      title: t("setup.agent.description"),
+    },
+  ];
+
+  const [completed, setCompleted] = useState<boolean[]>(
+    new Array(steps.length).fill(false)
+  );
+
+  const currentStep = steps[currentStepIndex];
+  const isFirstStep = currentStepIndex === 0;
+  const isLastStep = currentStepIndex === steps.length - 1;
+
+  const handleNext = () => {
+    // mark current as completed then advance (unless last)
+    setCompleted((prev) => {
+      const next = [...prev];
+      next[currentStepIndex] = true;
+      return next;
+    });
+    if (!isLastStep) {
+      setCurrentStepIndex((i) => i + 1);
+    } else {
+      // last step -> complete
+      router.push("/chat");
+    }
+  };
+
+  const handleBack = () => {
+    if (!isFirstStep) {
+      // Mark current step as incomplete when going back
+      setCompleted((prev) => {
+        const next = [...prev];
+        next[currentStepIndex - 1] = false;
+        return next;
+      });
+      setCurrentStepIndex((i) => i - 1);
+    }
+  };
+
+  const handleComplete = () => {
+    router.push("/chat");
+  };
+
+  const renderStepContent = () => {
+    switch (currentStep.key) {
+      case "models":
+        return <ModelsContent />;
+      case "knowledges":
+        return <KnowledgesContent />;
+      case "agents":
+        return <AgentSetupOrchestrator />;
+      default:
+        return null;
+    }
+  };
+
+  // 如果没有访问权限，返回 null 让 SESSION_EXPIRED 事件处理登录弹窗
+  if (!canAccessProtectedData || !isAdmin) {
+    return null;
+  }
+
+  return (
+    <div className="w-full h-full flex flex-col bg-slate-50 dark:bg-slate-900 font-sans overflow-hidden">
+      {/* Top fixed Steps bar */}
+      <div className="bg-white dark:bg-slate-900 border-b z-50">
+        <div className="max-w-[1800px] mx-auto px-8 py-6">
+          <Steps
+            current={currentStepIndex}
+            onChange={(idx) => {
+              // allow jumping only to already completed steps or current
+              if (idx <= currentStepIndex || completed[idx]) {
+                setCurrentStepIndex(idx);
+              }
+            }}
+            size="default"
+            items={steps.map((s, i) => ({
+              title: s.title,
+              status: completed[i]
+                ? "finish"
+                : i === currentStepIndex
+                  ? "process"
+                  : "wait",
+              icon: completed[i] ? <Check className="w-4 h-4" /> : undefined,
+            }))}
+          />
+        </div>
+      </div>
+
+      {/* Main container*/}
+      <div className="flex:1 min-h-0 h-full w-full">
+        {/* Main Content area */}
+        {renderStepContent()}
+      </div>
+
+      {/* Bottom fixed action bar */}
+      <div className="bg-white dark:bg-slate-900 border-t z-50">
+        <div className="max-w-[1800px] mx-auto px-8 py-4 flex justify-end gap-4">
+          <Button
+            onClick={handleBack}
+            disabled={isFirstStep}
+            type="default"
+            className="px-4 py-2 rounded-lg h-10 flex items-center gap-2 border border-gray-200 bg-white text-gray-700"
+            icon={<ChevronLeft className="w-4 h-4" />}
+          >
+            {t("setup.navigation.button.previous")}
+          </Button>
+          {!isLastStep ? (
+            <Button
+              type="primary"
+              onClick={handleNext}
+              className="px-4 py-2 rounded-lg h-10 flex items-center gap-2 shadow-md"
+              icon={<ChevronRight className="w-4 h-4 text-white" />}
+            >
+              {t("setup.navigation.button.next")}
+            </Button>
+          ) : (
+            <Button
+              type="primary"
+              onClick={handleComplete}
+              loading={isSaving}
+              className="px-4 py-2 rounded-lg h-10 flex items-center gap-2 shadow-md"
+              icon={<Check className="w-4 h-4 text-white" />}
+            >
+              {t("setup.navigation.button.complete")}
+            </Button>
+          )}
+        </div>
+      </div>
+    </div>
+  );
+}
diff --git a/frontend/app/[locale]/space/components/AgentCard.tsx b/frontend/app/[locale]/space/components/AgentCard.tsx
index 044a80d44..4653b9b8f 100644
--- a/frontend/app/[locale]/space/components/AgentCard.tsx
+++ b/frontend/app/[locale]/space/components/AgentCard.tsx
@@ -2,6 +2,7 @@
 
 import React, { useState } from "react";
 import { useTranslation } from "react-i18next";
+import { useRouter } from "next/navigation";
 import { App } from "antd";
 import {
   Trash2,
@@ -25,30 +26,20 @@ import { generateAvatarFromName } from "@/lib/avatar";
 import { useAuth } from "@/hooks/useAuth";
 import { useConfirmModal } from "@/hooks/useConfirmModal";
 import { USER_ROLES } from "@/const/modelConfig";
+import { Agent } from "@/types/agentConfig";
 import log from "@/lib/logger";
 
-interface Agent {
-  id: string;
-  name: string;
-  display_name: string;
-  description: string;
-  author?: string;
-  is_available: boolean;
-  enabled?: boolean;
-}
-
 interface AgentCardProps {
   agent: Agent;
   onRefresh: () => void;
-  onChat: (agentId: string) => void;
-  onEdit?: () => void;
 }
 
-export default function AgentCard({ agent, onRefresh, onChat, onEdit }: AgentCardProps) {
+export default function AgentCard({ agent, onRefresh }: AgentCardProps) {
   const { t } = useTranslation("common");
   const { message } = App.useApp();
   const { user, isSpeedMode } = useAuth();
   const { confirm } = useConfirmModal();
+  const router = useRouter();
 
   const [isDeleting, setIsDeleting] = useState(false);
   const [isExporting, setIsExporting] = useState(false);
@@ -132,14 +123,12 @@ export default function AgentCard({ agent, onRefresh, onChat, onEdit }: AgentCar
 
   // Handle chat
   const handleChat = () => {
-    onChat(agent.id);
+    router.push("/chat");
   };
 
   // Handle edit - navigate to agents view
   const handleEdit = () => {
-    if (onEdit) {
-      onEdit();
-    }
+    router.push("/agent");
   };
 
   // Handle view detail
@@ -198,7 +187,10 @@ export default function AgentCard({ agent, onRefresh, onChat, onEdit }: AgentCar
           </h3>
           {agent.author ? (
             <p className="text-xs text-slate-500 dark:text-slate-400 mb-2">
-              {t("market.by", { defaultValue: "By {{author}}", author: agent.author })}
+              {t("market.by", {
+                defaultValue: "By {{author}}",
+                author: agent.author,
+              })}
             </p>
           ) : (
             <div className="h-4 mb-2" aria-hidden />
@@ -275,7 +267,11 @@ export default function AgentCard({ agent, onRefresh, onChat, onEdit }: AgentCar
                 ? "hover:bg-green-50 dark:hover:bg-green-900/20 text-slate-400 hover:text-green-600 dark:hover:text-green-400"
                 : "text-slate-300 dark:text-slate-600 cursor-not-allowed"
             }`}
-            title={agent.is_available ? t("space.actions.chat", "Chat") : t("space.status.unavailable", "Unavailable")}
+            title={
+              agent.is_available
+                ? t("space.actions.chat", "Chat")
+                : t("space.status.unavailable", "Unavailable")
+            }
           >
             <MessageSquare className="h-4 w-4" />
           </button>
@@ -300,4 +296,3 @@ export default function AgentCard({ agent, onRefresh, onChat, onEdit }: AgentCar
     </>
   );
 }
-
diff --git a/frontend/app/[locale]/space/components/SpaceContent.tsx b/frontend/app/[locale]/space/components/SpaceContent.tsx
deleted file mode 100644
index e849bfb04..000000000
--- a/frontend/app/[locale]/space/components/SpaceContent.tsx
+++ /dev/null
@@ -1,211 +0,0 @@
-"use client";
-
-import React from "react";
-import { useRouter } from "next/navigation";
-import { useTranslation } from "react-i18next";
-import { motion } from "framer-motion";
-import { Plus, RefreshCw, Upload } from "lucide-react";
-import { USER_ROLES } from "@/const/modelConfig";
-import { useAuth } from "@/hooks/useAuth";
-import { useSetupFlow } from "@/hooks/useSetupFlow";
-import AgentCard from "./AgentCard";
-
-interface Agent {
-  id: string;
-  name: string;
-  display_name: string;
-  description: string;
-  is_available: boolean;
-}
-
-interface SpaceContentProps {
-  agents: Agent[];
-  isLoading: boolean;
-  isImporting: boolean;
-  onRefresh: () => void;
-  onLoadAgents: () => void;
-  onImportAgent: () => void;
-  onChatNavigate?: (agentId: string) => void;
-  onEditNavigate?: () => void;
-}
-
-/**
- * Agent Space content component
- * Displays agent cards grid and management controls
- */
-export function SpaceContent({
-  agents,
-  isLoading,
-  isImporting,
-  onRefresh,
-  onLoadAgents,
-  onImportAgent,
-  onChatNavigate,
-  onEditNavigate,
-}: SpaceContentProps) {
-  const router = useRouter();
-  const { t } = useTranslation("common");
-  const { user, isSpeedMode } = useAuth();
-  const { canAccessProtectedData, pageVariants, pageTransition } = useSetupFlow({
-    requireAdmin: false,
-  });
-
-  // Check if user is admin (or in speed mode where all features are available)
-  const isAdmin = isSpeedMode || user?.role === USER_ROLES.ADMIN;
-
-  // Handle create new agent - navigate to agents view
-  const handleCreateAgent = () => {
-    if (onEditNavigate) {
-      onEditNavigate();
-    }
-  };
-
-  // Handle chat with agent
-  const handleChat = (agentId: string) => {
-    if (onChatNavigate) {
-      onChatNavigate(agentId);
-    } else {
-      // Fallback to URL navigation if callback not provided
-      router.push(`/chat?agent_id=${agentId}`);
-    }
-  };
-
-  if (!canAccessProtectedData) {
-    return null;
-  }
-
-  return (
-    <motion.div
-      initial="initial"
-      animate="in"
-      exit="out"
-      variants={pageVariants}
-      transition={pageTransition}
-      className="w-full px-4 md:px-8 lg:px-16 py-8 h-full"
-    >
-      <div className="max-w-7xl mx-auto">
-        {/* Page header */}
-        <div className="flex items-center justify-between mb-6">
-          <motion.div
-            initial={{ opacity: 0, y: -20 }}
-            animate={{ opacity: 1, y: 0 }}
-            transition={{ duration: 0.5 }}
-          >
-            <h1 className="text-3xl font-bold text-blue-600 dark:text-blue-500">
-              {t("space.title", "Agent Space")}
-            </h1>
-            <p className="text-slate-600 dark:text-slate-300 mt-2">
-              {t(
-                "space.description",
-                "Manage and interact with your intelligent agents"
-              )}
-            </p>
-          </motion.div>
-
-          {/* Refresh button */}
-          <motion.div
-            initial={{ opacity: 0, y: -20 }}
-            animate={{ opacity: 1, y: 0 }}
-            transition={{ duration: 0.5, delay: 0.1 }}
-          >
-            <button
-              onClick={onRefresh}
-              disabled={isLoading}
-              className="p-2 rounded-md hover:bg-blue-50 dark:hover:bg-blue-900/20 text-slate-600 dark:text-slate-300 hover:text-blue-600 dark:hover:text-blue-400 transition-colors disabled:opacity-50"
-              title={t("common.refresh", "Refresh")}
-            >
-              <RefreshCw
-                className={`h-5 w-5 ${isLoading ? "animate-spin" : ""}`}
-              />
-            </button>
-          </motion.div>
-        </div>
-
-        {/* Agent cards grid */}
-        <motion.div
-          initial={{ opacity: 0 }}
-          animate={{ opacity: 1 }}
-          transition={{ duration: 0.5, delay: 0.2 }}
-          className="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 xl:grid-cols-4 gap-4 pb-8"
-        >
-          {/* Create/Import agent card - only for admin */}
-          {isAdmin && (
-            <motion.div
-              initial={{ opacity: 0, scale: 0.9 }}
-              animate={{ opacity: 1, scale: 1 }}
-              transition={{ duration: 0.3, delay: 0.3 }}
-              className="aspect-[4/3]"
-            >
-              <div className="w-full h-full flex flex-col gap-2">
-                {/* Create new agent - top half */}
-                <button
-                  onClick={handleCreateAgent}
-                  className="flex-1 border-2 border-dashed border-blue-300 dark:border-blue-600 rounded-lg hover:border-blue-500 dark:hover:border-blue-400 bg-blue-50 dark:bg-blue-900/20 hover:bg-blue-100 dark:hover:bg-blue-900/40 transition-all duration-300 flex flex-col items-center justify-center gap-2 group"
-                >
-                  <div className="w-12 h-12 rounded-full bg-blue-100 dark:bg-blue-900/40 flex items-center justify-center group-hover:bg-blue-200 dark:group-hover:bg-blue-900/60 transition-colors">
-                    <Plus className="h-6 w-6 text-blue-500 group-hover:text-blue-600 dark:text-blue-400 dark:group-hover:text-blue-300" />
-                  </div>
-                  <span className="text-sm font-medium text-blue-600 dark:text-blue-400 group-hover:text-blue-700 dark:group-hover:text-blue-300">
-                    {t("space.createAgent", "Create New Agent")}
-                  </span>
-                </button>
-
-                {/* Import agent - bottom half */}
-                <button
-                  onClick={onImportAgent}
-                  disabled={isImporting}
-                  className="flex-1 border-2 border-dashed border-green-300 dark:border-green-600 rounded-lg hover:border-green-500 dark:hover:border-green-400 bg-green-50 dark:bg-green-900/20 hover:bg-green-100 dark:hover:bg-green-900/40 transition-all duration-300 flex flex-col items-center justify-center gap-2 group disabled:opacity-50 disabled:cursor-not-allowed"
-                >
-                  <div className="w-12 h-12 rounded-full bg-green-100 dark:bg-green-900/40 flex items-center justify-center group-hover:bg-green-200 dark:group-hover:bg-green-900/60 transition-colors">
-                    <Upload className="h-6 w-6 text-green-500 group-hover:text-green-600 dark:text-green-400 dark:group-hover:text-green-300" />
-                  </div>
-                  <span className="text-sm font-medium text-green-600 dark:text-green-400 group-hover:text-green-700 dark:group-hover:text-green-300">
-                    {isImporting
-                      ? t("subAgentPool.button.importing", "Importing...")
-                      : t("subAgentPool.button.import", "Import Agent")}
-                  </span>
-                </button>
-              </div>
-            </motion.div>
-          )}
-
-          {/* Agent cards */}
-          {agents.map((agent, index) => (
-            <motion.div
-              key={agent.id}
-              initial={{ opacity: 0, scale: 0.9 }}
-              animate={{ opacity: 1, scale: 1 }}
-              transition={{ duration: 0.3, delay: 0.3 + (index + 1) * 0.05 }}
-              className="aspect-[4/3]"
-            >
-              <AgentCard
-                agent={agent}
-                onRefresh={onLoadAgents}
-                onChat={handleChat}
-                onEdit={onEditNavigate}
-              />
-            </motion.div>
-          ))}
-        </motion.div>
-
-        {/* Empty state */}
-        {!isLoading && agents.length === 0 && (
-          <motion.div
-            initial={{ opacity: 0 }}
-            animate={{ opacity: 1 }}
-            transition={{ duration: 0.5, delay: 0.4 }}
-            className="text-center py-16"
-          >
-            <p className="text-slate-500 dark:text-slate-400">
-              {t(
-                "space.noAgents",
-                "No agents yet. Create your first agent to get started!"
-              )}
-            </p>
-          </motion.div>
-        )}
-      </div>
-    </motion.div>
-  );
-}
-
diff --git a/frontend/app/[locale]/space/page.tsx b/frontend/app/[locale]/space/page.tsx
new file mode 100644
index 000000000..b5d14e9b9
--- /dev/null
+++ b/frontend/app/[locale]/space/page.tsx
@@ -0,0 +1,245 @@
+"use client";
+
+import React, { useState } from "react";
+import { useRouter } from "next/navigation";
+import { useTranslation } from "react-i18next";
+import { motion } from "framer-motion";
+import { App } from "antd";
+import { Plus, RefreshCw, Upload } from "lucide-react";
+import { USER_ROLES } from "@/const/modelConfig";
+import { useAuth } from "@/hooks/useAuth";
+import { useSetupFlow } from "@/hooks/useSetupFlow";
+import { useAgentList } from "@/hooks/agent/useAgentList";
+import { Agent } from "@/types/agentConfig";
+import AgentCard from "./components/AgentCard";
+import { ImportAgentData } from "@/hooks/useAgentImport";
+import AgentImportWizard from "@/components/agent/AgentImportWizard";
+import log from "@/lib/logger";
+
+/**
+ * Agent Space page component
+ * Displays agent cards grid and management controls
+ */
+export default function SpacePage() {
+  const router = useRouter();
+
+  const { t } = useTranslation("common");
+  const { message } = App.useApp();
+  const { user, isSpeedMode } = useAuth();
+  const { canAccessProtectedData, pageVariants, pageTransition } = useSetupFlow(
+    {
+      requireAdmin: false,
+    }
+  );
+  const [isImporting, setIsImporting] = useState(false);
+  const { agents, isLoading, invalidate } = useAgentList();
+
+  // Import wizard state
+  const [importWizardVisible, setImportWizardVisible] = useState(false);
+  const [importWizardData, setImportWizardData] =
+    useState<ImportAgentData | null>(null);
+
+  // Check if user is admin (or in speed mode where all features are available)
+  const isAdmin = isSpeedMode || user?.role === USER_ROLES.ADMIN;
+
+  const handleCreateAgent = () => {
+    router.push("/agent");
+  };
+
+  const onRefresh = () => {
+    invalidate();
+  };
+
+  const onImportAgent = () => {
+    const fileInput = document.createElement("input");
+    fileInput.type = "file";
+    fileInput.accept = ".json";
+    fileInput.onchange = async (event) => {
+      const file = (event.target as HTMLInputElement).files?.[0];
+      if (!file) return;
+
+      if (!file.name.endsWith(".json")) {
+        message.error(t("businessLogic.config.error.invalidFileType"));
+        return;
+      }
+
+      try {
+        // Read and parse file
+        const fileContent = await file.text();
+        let agentData: ImportAgentData;
+
+        try {
+          agentData = JSON.parse(fileContent);
+        } catch (parseError) {
+          message.error(t("businessLogic.config.error.invalidFileType"));
+          return;
+        }
+
+        // Validate structure
+        if (!agentData.agent_id || !agentData.agent_info) {
+          message.error(t("businessLogic.config.error.invalidFileType"));
+          return;
+        }
+
+        // Open wizard with parsed data
+        setImportWizardData(agentData);
+        setImportWizardVisible(true);
+      } catch (error) {
+        log.error("Failed to read import file:", error);
+        message.error(t("businessLogic.config.error.agentImportFailed"));
+      }
+    };
+
+    fileInput.click();
+  };
+
+  if (!canAccessProtectedData) {
+    return null;
+  }
+
+  return (
+    <div className="w-full h-full">
+      <motion.div
+        initial="initial"
+        animate="in"
+        exit="out"
+        variants={pageVariants}
+        transition={pageTransition}
+        className="w-full px-4 md:px-8 lg:px-16 py-8 h-full"
+      >
+        <div className="max-w-7xl mx-auto">
+          {/* Page header */}
+          <div className="flex items-center justify-between mb-6">
+            <motion.div
+              initial={{ opacity: 0, y: -20 }}
+              animate={{ opacity: 1, y: 0 }}
+              transition={{ duration: 0.5 }}
+            >
+              <h1 className="text-3xl font-bold text-blue-600 dark:text-blue-500">
+                {t("space.title", "Agent Space")}
+              </h1>
+              <p className="text-slate-600 dark:text-slate-300 mt-2">
+                {t(
+                  "space.description",
+                  "Manage and interact with your intelligent agents"
+                )}
+              </p>
+            </motion.div>
+
+            {/* Refresh button */}
+            <motion.div
+              initial={{ opacity: 0, y: -20 }}
+              animate={{ opacity: 1, y: 0 }}
+              transition={{ duration: 0.5, delay: 0.1 }}
+            >
+              <button
+                onClick={onRefresh}
+                disabled={isLoading}
+                className="p-2 rounded-md hover:bg-blue-50 dark:hover:bg-blue-900/20 text-slate-600 dark:text-slate-300 hover:text-blue-600 dark:hover:text-blue-400 transition-colors disabled:opacity-50"
+                title={t("common.refresh", "Refresh")}
+              >
+                <RefreshCw
+                  className={`h-5 w-5 ${isLoading ? "animate-spin" : ""}`}
+                />
+              </button>
+            </motion.div>
+          </div>
+
+          {/* Agent cards grid */}
+          <motion.div
+            initial={{ opacity: 0 }}
+            animate={{ opacity: 1 }}
+            transition={{ duration: 0.5, delay: 0.2 }}
+            className="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 xl:grid-cols-4 gap-4 pb-8"
+          >
+            {/* Create/Import agent card - only for admin */}
+            {isAdmin && (
+              <motion.div
+                initial={{ opacity: 0, scale: 0.9 }}
+                animate={{ opacity: 1, scale: 1 }}
+                transition={{ duration: 0.3, delay: 0.3 }}
+                className="aspect-[4/3]"
+              >
+                <div className="w-full h-full flex flex-col gap-2">
+                  {/* Create new agent - top half */}
+                  <button
+                    onClick={handleCreateAgent}
+                    className="flex-1 border-2 border-dashed border-blue-300 dark:border-blue-600 rounded-lg hover:border-blue-500 dark:hover:border-blue-400 bg-blue-50 dark:bg-blue-900/20 hover:bg-blue-100 dark:hover:bg-blue-900/40 transition-all duration-300 flex flex-col items-center justify-center gap-2 group"
+                  >
+                    <div className="w-12 h-12 rounded-full bg-blue-100 dark:bg-blue-900/40 flex items-center justify-center group-hover:bg-blue-200 dark:group-hover:bg-blue-900/60 transition-colors">
+                      <Plus className="h-6 w-6 text-blue-500 group-hover:text-blue-600 dark:text-blue-400 dark:group-hover:text-blue-300" />
+                    </div>
+                    <span className="text-sm font-medium text-blue-600 dark:text-blue-400 group-hover:text-blue-700 dark:group-hover:text-blue-300">
+                      {t("space.createAgent", "Create New Agent")}
+                    </span>
+                  </button>
+
+                  {/* Import agent - bottom half */}
+                  <button
+                    onClick={onImportAgent}
+                    disabled={isImporting}
+                    className="flex-1 border-2 border-dashed border-green-300 dark:border-green-600 rounded-lg hover:border-green-500 dark:hover:border-green-400 bg-green-50 dark:bg-green-900/20 hover:bg-green-100 dark:hover:bg-green-900/40 transition-all duration-300 flex flex-col items-center justify-center gap-2 group disabled:opacity-50 disabled:cursor-not-allowed"
+                  >
+                    <div className="w-12 h-12 rounded-full bg-green-100 dark:bg-green-900/40 flex items-center justify-center group-hover:bg-green-200 dark:group-hover:bg-green-900/60 transition-colors">
+                      <Upload className="h-6 w-6 text-green-500 group-hover:text-green-600 dark:text-green-400 dark:group-hover:text-green-300" />
+                    </div>
+                    <span className="text-sm font-medium text-green-600 dark:text-green-400 group-hover:text-green-700 dark:group-hover:text-green-300">
+                      {isImporting
+                        ? t("subAgentPool.button.importing", "Importing...")
+                        : t("subAgentPool.button.import", "Import Agent")}
+                    </span>
+                  </button>
+                </div>
+              </motion.div>
+            )}
+
+            {/* Agent cards */}
+            {agents.map((agent: Agent, index: number) => (
+              <motion.div
+                key={agent.id}
+                initial={{ opacity: 0, scale: 0.9 }}
+                animate={{ opacity: 1, scale: 1 }}
+                transition={{ duration: 0.3, delay: 0.3 + (index + 1) * 0.05 }}
+                className="aspect-[4/3]"
+              >
+                <AgentCard agent={agent} onRefresh={onRefresh} />
+              </motion.div>
+            ))}
+          </motion.div>
+
+          {/* Empty state */}
+          {!isLoading && agents.length === 0 && (
+            <motion.div
+              initial={{ opacity: 0 }}
+              animate={{ opacity: 1 }}
+              transition={{ duration: 0.5, delay: 0.4 }}
+              className="text-center py-16"
+            >
+              <p className="text-slate-500 dark:text-slate-400">
+                {t(
+                  "space.noAgents",
+                  "No agents yet. Create your first agent to get started!"
+                )}
+              </p>
+            </motion.div>
+          )}
+        </div>
+      </motion.div>
+
+      {/* Import Wizard Modal */}
+      <AgentImportWizard
+        visible={importWizardVisible}
+        onCancel={() => {
+          setImportWizardVisible(false);
+          setImportWizardData(null);
+        }}
+        initialData={importWizardData}
+        onImportComplete={() => {
+          setImportWizardVisible(false);
+          setImportWizardData(null);
+          invalidate(); // Refresh the agent list
+        }}
+      />
+    </div>
+  );
+}
diff --git a/frontend/app/[locale]/users/UsersContent.tsx b/frontend/app/[locale]/users/UsersContent.tsx
deleted file mode 100644
index 4e1ed132b..000000000
--- a/frontend/app/[locale]/users/UsersContent.tsx
+++ /dev/null
@@ -1,131 +0,0 @@
-"use client";
-
-import React from "react";
-import { motion } from "framer-motion";
-import { useTranslation } from "react-i18next";
-import { Users } from "lucide-react";
-
-import { useSetupFlow } from "@/hooks/useSetupFlow";
-import { ConnectionStatus } from "@/const/modelConfig";
-
-interface UsersContentProps {
-  /** Connection status */
-  connectionStatus?: ConnectionStatus;
-  /** Is checking connection */
-  isCheckingConnection?: boolean;
-  /** Check connection callback */
-  onCheckConnection?: () => void;
-  /** Callback to expose connection status */
-  onConnectionStatusChange?: (status: ConnectionStatus) => void;
-}
-
-/**
- * UsersContent - User management coming soon page
- * This will allow admins to manage users, roles, and permissions
- */
-export default function UsersContent({
-  connectionStatus: externalConnectionStatus,
-  isCheckingConnection: externalIsCheckingConnection,
-  onCheckConnection: externalOnCheckConnection,
-  onConnectionStatusChange,
-}: UsersContentProps) {
-  const { t } = useTranslation("common");
-
-  // Use custom hook for common setup flow logic
-  const {
-    canAccessProtectedData,
-    pageVariants,
-    pageTransition,
-  } = useSetupFlow({
-    requireAdmin: true, // User management requires admin privileges
-    externalConnectionStatus,
-    externalIsCheckingConnection,
-    onCheckConnection: externalOnCheckConnection,
-    onConnectionStatusChange,
-  });
-
-  return (
-    <>
-      {canAccessProtectedData ? (
-        <motion.div
-          initial="initial"
-          animate="in"
-          exit="out"
-          variants={pageVariants}
-          transition={pageTransition}
-          className="w-full h-full flex items-center justify-center"
-        >
-          <div className="flex flex-col items-center justify-center space-y-6 p-8 max-w-md text-center">
-            {/* Icon */}
-            <motion.div
-              initial={{ scale: 0 }}
-              animate={{ scale: 1 }}
-              transition={{ delay: 0.2, type: "spring", stiffness: 200 }}
-              className="w-24 h-24 rounded-full bg-gradient-to-br from-green-500 to-teal-600 flex items-center justify-center shadow-lg"
-            >
-              <Users className="h-12 w-12 text-white" />
-            </motion.div>
-
-            {/* Title */}
-            <motion.h1
-              initial={{ opacity: 0, y: 20 }}
-              animate={{ opacity: 1, y: 0 }}
-              transition={{ delay: 0.3 }}
-              className="text-3xl font-bold text-slate-800 dark:text-slate-100"
-            >
-              {t("users.comingSoon.title")}
-            </motion.h1>
-
-            {/* Description */}
-            <motion.p
-              initial={{ opacity: 0, y: 20 }}
-              animate={{ opacity: 1, y: 0 }}
-              transition={{ delay: 0.4 }}
-              className="text-lg text-slate-600 dark:text-slate-400"
-            >
-              {t("users.comingSoon.description")}
-            </motion.p>
-
-            {/* Feature list */}
-            <motion.ul
-              initial={{ opacity: 0, y: 20 }}
-              animate={{ opacity: 1, y: 0 }}
-              transition={{ delay: 0.5 }}
-              className="text-left space-y-2 w-full"
-            >
-              <li className="flex items-start space-x-2">
-                <span className="text-green-500 mt-1">✓</span>
-                <span className="text-slate-600 dark:text-slate-400">
-                  {t("users.comingSoon.feature1")}
-                </span>
-              </li>
-              <li className="flex items-start space-x-2">
-                <span className="text-green-500 mt-1">✓</span>
-                <span className="text-slate-600 dark:text-slate-400">
-                  {t("users.comingSoon.feature2")}
-                </span>
-              </li>
-              <li className="flex items-start space-x-2">
-                <span className="text-green-500 mt-1">✓</span>
-                <span className="text-slate-600 dark:text-slate-400">
-                  {t("users.comingSoon.feature3")}
-                </span>
-              </li>
-            </motion.ul>
-
-            {/* Coming soon badge */}
-            <motion.div
-              initial={{ opacity: 0, scale: 0.8 }}
-              animate={{ opacity: 1, scale: 1 }}
-              transition={{ delay: 0.6 }}
-              className="px-4 py-2 bg-gradient-to-r from-green-500 to-teal-600 text-white rounded-full text-sm font-medium shadow-md"
-            >
-              {t("users.comingSoon.badge")}
-            </motion.div>
-          </div>
-        </motion.div>
-      ) : null}
-    </>
-  );
-}
-
diff --git a/frontend/app/[locale]/users/page.tsx b/frontend/app/[locale]/users/page.tsx
new file mode 100644
index 000000000..65cf1eecc
--- /dev/null
+++ b/frontend/app/[locale]/users/page.tsx
@@ -0,0 +1,109 @@
+"use client";
+
+import React from "react";
+import { motion } from "framer-motion";
+import { useTranslation } from "react-i18next";
+import { Users } from "lucide-react";
+
+import { useSetupFlow } from "@/hooks/useSetupFlow";
+
+/**
+ * UsersContent - User management coming soon page
+ * This will allow admins to manage users, roles, and permissions
+ */
+export default function UsersContent({}) {
+  const { t } = useTranslation("common");
+
+  // Use custom hook for common setup flow logic
+  const { canAccessProtectedData, pageVariants, pageTransition } = useSetupFlow(
+    {
+      requireAdmin: true, // User management requires admin privileges
+    }
+  );
+
+  return (
+    <>
+      <div className="w-full h-full">
+        {canAccessProtectedData ? (
+          <motion.div
+            initial="initial"
+            animate="in"
+            exit="out"
+            variants={pageVariants}
+            transition={pageTransition}
+            className="w-full h-full flex items-center justify-center"
+          >
+            <div className="flex flex-col items-center justify-center space-y-6 p-8 max-w-md text-center">
+              {/* Icon */}
+              <motion.div
+                initial={{ scale: 0 }}
+                animate={{ scale: 1 }}
+                transition={{ delay: 0.2, type: "spring", stiffness: 200 }}
+                className="w-24 h-24 rounded-full bg-gradient-to-br from-green-500 to-teal-600 flex items-center justify-center shadow-lg"
+              >
+                <Users className="h-12 w-12 text-white" />
+              </motion.div>
+
+              {/* Title */}
+              <motion.h1
+                initial={{ opacity: 0, y: 20 }}
+                animate={{ opacity: 1, y: 0 }}
+                transition={{ delay: 0.3 }}
+                className="text-3xl font-bold text-slate-800 dark:text-slate-100"
+              >
+                {t("users.comingSoon.title")}
+              </motion.h1>
+
+              {/* Description */}
+              <motion.p
+                initial={{ opacity: 0, y: 20 }}
+                animate={{ opacity: 1, y: 0 }}
+                transition={{ delay: 0.4 }}
+                className="text-lg text-slate-600 dark:text-slate-400"
+              >
+                {t("users.comingSoon.description")}
+              </motion.p>
+
+              {/* Feature list */}
+              <motion.ul
+                initial={{ opacity: 0, y: 20 }}
+                animate={{ opacity: 1, y: 0 }}
+                transition={{ delay: 0.5 }}
+                className="text-left space-y-2 w-full"
+              >
+                <li className="flex items-start space-x-2">
+                  <span className="text-green-500 mt-1">✓</span>
+                  <span className="text-slate-600 dark:text-slate-400">
+                    {t("users.comingSoon.feature1")}
+                  </span>
+                </li>
+                <li className="flex items-start space-x-2">
+                  <span className="text-green-500 mt-1">✓</span>
+                  <span className="text-slate-600 dark:text-slate-400">
+                    {t("users.comingSoon.feature2")}
+                  </span>
+                </li>
+                <li className="flex items-start space-x-2">
+                  <span className="text-green-500 mt-1">✓</span>
+                  <span className="text-slate-600 dark:text-slate-400">
+                    {t("users.comingSoon.feature3")}
+                  </span>
+                </li>
+              </motion.ul>
+
+              {/* Coming soon badge */}
+              <motion.div
+                initial={{ opacity: 0, scale: 0.8 }}
+                animate={{ opacity: 1, scale: 1 }}
+                transition={{ delay: 0.6 }}
+                className="px-4 py-2 bg-gradient-to-r from-green-500 to-teal-600 text-white rounded-full text-sm font-medium shadow-md"
+              >
+                {t("users.comingSoon.badge")}
+              </motion.div>
+            </div>
+          </motion.div>
+        ) : null}
+      </div>
+    </>
+  );
+}
diff --git a/frontend/components/navigation/FooterLayout.tsx b/frontend/components/navigation/FooterLayout.tsx
index 97b1ecf4a..7bd424d1a 100644
--- a/frontend/components/navigation/FooterLayout.tsx
+++ b/frontend/components/navigation/FooterLayout.tsx
@@ -1,15 +1,12 @@
 "use client";
 
 import { useState, useEffect } from "react";
-import { Layout,  } from "antd";
 import { useTranslation } from "react-i18next";
 import Link from "next/link";
 import { APP_VERSION } from "@/const/constants";
-import { FOOTER_CONFIG } from "@/const/layoutConstants";
 import { versionService } from "@/services/versionService";
 import log from "@/lib/logger";
 
-
 /**
  * Footer component with copyright, version, and links
  * Displays at the bottom of the page
@@ -64,4 +61,3 @@ export function FooterLayout() {
     </div>
   );
 }
-
diff --git a/frontend/components/navigation/NavigationLayout.tsx b/frontend/components/navigation/NavigationLayout.tsx
deleted file mode 100644
index 0db7ce6aa..000000000
--- a/frontend/components/navigation/NavigationLayout.tsx
+++ /dev/null
@@ -1,194 +0,0 @@
-"use client";
-
-import { Layout, Button } from "antd";
-import { TopNavbar } from "./TopNavbar";
-import { SideNavigation } from "./SideNavigation";
-import { FooterLayout } from "./FooterLayout";
-import { HEADER_CONFIG, FOOTER_CONFIG, SIDER_CONFIG } from "@/const/layoutConstants";
-import React from "react";
-import { useState, useEffect } from "react";
-
-import {
-  ChevronLeft,
-  ChevronRight,
-} from "lucide-react";
-
-const { Header, Sider, Content, Footer } = Layout;
-interface NavigationLayoutProps {
-  children: React.ReactNode;
-  onAuthRequired?: () => void;
-  onAdminRequired?: () => void;
-  showFooter?: boolean;
-  contentMode?: "centered" | "scrollable" | "fullscreen";
-  /** Additional title text to display after logo in top navbar */
-  topNavbarAdditionalTitle?: React.ReactNode;
-  /** Additional content to insert before default right nav items in top navbar */
-  topNavbarAdditionalRightContent?: React.ReactNode;
-  /** Callback for view changes in side navigation */
-  onViewChange?: (view: string) => void;
-  /** Current active view */
-  currentView?: string;
-}
-
-/**
- * Main navigation layout component
- * Combines top navbar, side navigation, and optional footer with main content area
- * 
- * @param contentMode - "centered": content is centered vertically and horizontally (default)
- *                      "scrollable": content can scroll and fills the entire area
- *                      "fullscreen": content fills entire area with no padding, seamless integration
- * @param topNavbarAdditionalTitle - Additional title text after logo in top navbar
- * @param topNavbarAdditionalRightContent - Additional content before default right nav items
- */
-export function NavigationLayout({
-  children,
-  onAuthRequired,
-  onAdminRequired,
-  showFooter = true,
-  contentMode = "centered",
-  topNavbarAdditionalTitle,
-  topNavbarAdditionalRightContent,
-  onViewChange,
-  currentView,
-}: NavigationLayoutProps) {
-  // Use RESERVED_HEIGHT for layout calculations (actual space occupied)
-  const headerReservedHeight = parseInt(HEADER_CONFIG.RESERVED_HEIGHT);
-  const footerReservedHeight = parseInt(FOOTER_CONFIG.RESERVED_HEIGHT);
-  const contentMinHeight = showFooter
-    ? `calc(100vh - ${headerReservedHeight}px - ${footerReservedHeight}px)`
-    : `calc(100vh - ${headerReservedHeight}px)`;
-  
-  const [collapsed, setCollapsed] = useState(false);
-
-  const layoutStyle: React.CSSProperties = {
-    height: "100vh", // Key: fill the viewport height
-    width: "100vw", // Key: fill the viewport width
-    overflow: "hidden", // Key: prevent the outermost scrollbar
-    backgroundColor: "#fff"
-  };
-
-  const siderStyle: React.CSSProperties = {
-    textAlign: "start",
-    display: "flex", // use column layout to allow inner scrollable area
-    flexDirection: "column",
-    alignItems: "stretch",
-    justifyContent: "flex-start",
-    position: "fixed",
-    top: headerReservedHeight,
-    bottom: showFooter? footerReservedHeight: 0,
-    left: 0,
-    backgroundColor: "#fff",
-    overflow: "visible",
-    // Ensure the sider (and its toggle) sits above main content
-    zIndex: 998,
-  };
-
-  const siderInnerStyle: React.CSSProperties = {
-    height: "100%",
-    overflowY: "auto",
-    overflowX: "hidden",
-    WebkitOverflowScrolling: "touch",
-    display: "flex",
-    flexDirection: "column",
-  };
-
-  const headerStyle: React.CSSProperties = {
-    textAlign: "center",
-    height: headerReservedHeight, // Fixed height 64px
-    backgroundColor: "#fff",
-    lineHeight: "64px",
-    paddingInline: 0,
-    flexShrink: 0, // Prevent shrinking
-  };
-
-  const footerStyle: React.CSSProperties = {
-    textAlign: "center",
-    height: showFooter? footerReservedHeight: 0, // Fixed height 64px
-    lineHeight: showFooter? footerReservedHeight: 0,
-    padding: 0,
-    flexShrink: 0, // 防止被挤压
-    backgroundColor: "#fff",
-  };
-
-  const contentStyle: React.CSSProperties = {
-    // Key settings:
-    overflowY: "auto", // If content overflows vertically, scroll inside Content only
-    overflowX: "hidden", // Hide horizontal scrollbar (optional)
-    display: "flex", // (optional) used to center content for demo
-    alignItems: "center", // (optional)
-    justifyContent: "center", // (optional)
-    position: "relative", // Allow absolute-positioned children
-    marginLeft: collapsed
-    ? `${SIDER_CONFIG.COLLAPSED_WIDTH}px`
-    : `${SIDER_CONFIG.EXPANDED_WIDTH}px`,
-    backgroundColor: "#fff"
-  };
-
-  return (
-      <Layout style={layoutStyle}>
-        <Header style={headerStyle}>      
-          <TopNavbar 
-            additionalTitle={topNavbarAdditionalTitle}
-            additionalRightContent={topNavbarAdditionalRightContent}
-          />
-        </Header>
-
-        <Layout >
-          <Sider
-            style={siderStyle}
-            width={SIDER_CONFIG.EXPANDED_WIDTH}
-            collapsed={collapsed}
-            trigger={null}
-            breakpoint="lg"
-            collapsedWidth={SIDER_CONFIG.COLLAPSED_WIDTH}
-            className="dark:bg-slate-900/95 border-r border-slate-200 dark:border-slate-700 backdrop-blur-sm shadow-sm"
-          >
-            {/* Side navigation - wrapped to allow internal vertical scrolling when needed */}
-            <div style={siderInnerStyle}>
-              <SideNavigation
-                onAuthRequired={onAuthRequired}
-                onAdminRequired={onAdminRequired}
-                onViewChange={onViewChange}
-                currentView={currentView}
-                collapsed={collapsed}
-              />
-            </div>
-            <Button
-              type="primary"
-              shape="circle"
-              size="small"
-              onClick={() => setCollapsed(!collapsed)}
-              style={{
-                position: "absolute",
-                top: "50%",
-                transform: "translateY(-50%)",
-                right: "-12px",
-                transition: "right 0.2s ease, left 0.2s ease",
-                // Place toggle above most content; Sider already has high z-index
-                zIndex: 999,
-              }}
-              icon={collapsed ? <ChevronRight className="w-3 h-3" /> : <ChevronLeft className="w-3 h-3" />}
-            />
-          </Sider>
-          {/* Main content area */}
-          <Content style={contentStyle}
-          >
-            {contentMode === "centered" ? (
-              <div className="w-full h-full flex items-center justify-center">
-                {children}
-              </div>
-            ) : (
-              children
-            )}
-          </Content>
-        </Layout>
-
-        { showFooter && 
-            <Footer style={footerStyle}>
-              <FooterLayout />
-            </Footer> 
-        }
-      </Layout>
-  );
-}
-
diff --git a/frontend/components/navigation/SideNavigation.tsx b/frontend/components/navigation/SideNavigation.tsx
index 732d26778..06bea02e4 100644
--- a/frontend/components/navigation/SideNavigation.tsx
+++ b/frontend/components/navigation/SideNavigation.tsx
@@ -2,8 +2,8 @@
 
 import { useState, useEffect } from "react";
 import { useTranslation } from "react-i18next";
-import { usePathname } from "next/navigation";
-import { Layout, Menu, ConfigProvider, Button } from "antd";
+import { useRouter, usePathname } from "next/navigation";
+import { Menu, ConfigProvider } from "antd";
 import {
   Bot,
   Globe,
@@ -14,53 +14,20 @@ import {
   Database,
   ShoppingBag,
   Code,
-  ChevronLeft,
-  ChevronRight,
   Home,
   Puzzle,
   Activity,
 } from "lucide-react";
 import type { MenuProps } from "antd";
 import { useAuth } from "@/hooks/useAuth";
-import { HEADER_CONFIG, FOOTER_CONFIG, SIDER_CONFIG } from "@/const/layoutConstants";
-
-const { Sider } = Layout;
+import { SIDER_CONFIG } from "@/const/layoutConstants";
 
 interface SideNavigationProps {
   onAuthRequired?: () => void;
   onAdminRequired?: () => void;
-  onViewChange?: (view: string) => void;
-  currentView?: string;
   collapsed?: boolean;
 }
 
-/**
- * Get menu key based on current pathname
- */
-function getMenuKeyFromPathname(pathname: string): string {
-  // Remove locale prefix (e.g., /zh/, /en/)
-  const segments = pathname.split('/').filter(Boolean);
-  const pathWithoutLocale = segments.length > 1 ? segments[1] : '';
-  
-  // Map paths to menu keys
-  const pathToKeyMap: Record<string, string> = {
-    '': '0',           // Home page
-    'chat': '1',       // Start chat (separate page)
-    'setup': '2',      // Quick config
-    'space': '3',      // Agent space
-    'market': '4',     // Agent market
-    'agents': '5',     // Agent dev
-    'knowledges': '6', // Knowledge base
-    'models': '7',     // Model management
-    'memory': '8',     // Memory management
-    'users': '9',       // User management
-    'mcp-tools': '10',  // MCP tools management
-    'monitoring': '11', // Monitoring and operations
-  };
-  
-  return pathToKeyMap[pathWithoutLocale] || '0';
-}
-
 /**
  * Side navigation component with collapsible menu
  * Displays main navigation items for the application
@@ -68,46 +35,59 @@ function getMenuKeyFromPathname(pathname: string): string {
 export function SideNavigation({
   onAuthRequired,
   onAdminRequired,
-  onViewChange,
-  currentView,
-  collapsed: collapsedProp,
+  collapsed,
 }: SideNavigationProps) {
   const { t } = useTranslation("common");
   const { user, isSpeedMode } = useAuth();
+  const router = useRouter();
   const pathname = usePathname();
-  // Support controlled collapse from parent; fall back to internal state if needed
-  const [internalCollapsed, setInternalCollapsed] = useState(false);
-  const [selectedKey, setSelectedKey] = useState("0");
-  const isCollapsed = typeof collapsedProp === "boolean" ? collapsedProp : internalCollapsed;
-  // Update selected key when pathname or currentView changes
+
+  const [selectedKey, setSelectedKey] = useState("home");
+  const isCollapsed = typeof collapsed === "boolean" ? collapsed : false;
+
+  // 添加路径到key的映射
+  const pathToKeyMap: Record<string, string> = {
+    "/": "home",
+    "/chat": "chat",
+    "/setup": "setup",
+    "/space": "space",
+    "/market": "market",
+    "/agents": "agents",
+    "/knowledges": "knowledges",
+    "/mcp-tools": "mcp-tools",
+    "/monitoring": "monitoring",
+    "/models": "models",
+    "/memory": "memory",
+    "/users": "users",
+  };
+
+  // 添加useEffect来监听pathname变化并更新selectedKey
   useEffect(() => {
-    // If we have a currentView from parent, use it to determine the key
-    if (currentView) {
-      const viewToKeyMap: Record<string, string> = {
-        home: "0",
-        chat: "1",
-        setup: "2",
-        space: "3",
-        market: "4",
-        agents: "5",
-        knowledges: "6",
-        models: "7",
-        memory: "8",
-        users: "9",
-        mcpTools: "10",
-        monitoring: "11",
-      };
-      setSelectedKey(viewToKeyMap[currentView] || '0');
-    } else {
-      // Otherwise, fall back to pathname-based selection
-      const key = getMenuKeyFromPathname(pathname);
-      setSelectedKey(key);
+    // 从pathname中提取实际路径（去掉locale前缀）
+    const segments = pathname.split("/").filter(Boolean);
+    // 如果第一个segment是locale（zh或en），则去掉它
+    if (segments.length > 0 && (segments[0] === "zh" || segments[0] === "en")) {
+      segments.shift();
     }
-  }, [pathname, currentView]);
+    // 重新构建路径
+    const currentPath = "/" + segments.join("/");
+
+    // 查找对应的key，找不到则默认为home
+    const matchedKey = pathToKeyMap[currentPath] || "home";
+    setSelectedKey(matchedKey);
+  }, [pathname]);
 
   // Helper function to create menu item with consistent icon styling
-  const createMenuItem = (key: string, Icon: any, labelKey: string, view: string, requiresAuth = false, requiresAdmin = false) => ({
+  const createMenuItem = (
+    key: string,
+    path: string,
+    Icon: any,
+    labelKey: string,
+    requiresAuth = false,
+    requiresAdmin = false
+  ) => ({
     key,
+    path,
     icon: <Icon className="w-4 h-4" />,
     label: t(labelKey),
     onClick: () => {
@@ -116,53 +96,80 @@ export function SideNavigation({
       } else if (!isSpeedMode && requiresAuth && !user) {
         onAuthRequired?.();
       } else {
-        onViewChange?.(view);
+        setSelectedKey(key);
+        if (path) {
+          router.push(path);
+        }
       }
     },
   });
 
-  // Menu items configuration
+  // Menu items configuration - paths without locale prefix (middleware will add it)
   const menuItems: MenuProps["items"] = [
-    createMenuItem("0", Home, "sidebar.homePage", "home"),
-    createMenuItem("1", Bot, "sidebar.startChat", "chat", true),
-    createMenuItem("2", Zap, "sidebar.quickConfig", "setup", false, true),
-    createMenuItem("3", Globe, "sidebar.agentSpace", "space", true),
-    createMenuItem("4", ShoppingBag, "sidebar.agentMarket", "market", true),
-    createMenuItem("5", Code, "sidebar.agentDev", "agents", false, true),
-    createMenuItem("6", BookOpen, "sidebar.knowledgeBase", "knowledges", true),
-    createMenuItem("10", Puzzle, "sidebar.mcpToolsManagement", "mcpTools", false, true),
-    createMenuItem("11", Activity, "sidebar.monitoringManagement", "monitoring", false, true),
-    createMenuItem("7", Settings, "sidebar.modelManagement", "models", false, true),
-    createMenuItem("8", Database, "sidebar.memoryManagement", "memory", false, true),
-    createMenuItem("9", Users, "sidebar.userManagement", "users", false, true),
+    createMenuItem("0", "/", Home, "sidebar.homePage"),
+    createMenuItem("1", "/chat", Bot, "sidebar.startChat", true),
+    createMenuItem("2", "/setup", Zap, "sidebar.quickConfig", false, true),
+    createMenuItem("3", "/space", Globe, "sidebar.agentSpace", true),
+    createMenuItem("4", "/market", ShoppingBag, "sidebar.agentMarket", true),
+    createMenuItem("5", "/agents", Code, "sidebar.agentDev", false, true),
+    createMenuItem("6", "/knowledges", BookOpen, "sidebar.knowledgeBase", true),
+    createMenuItem(
+      "10",
+      "/mcp-tools",
+      Puzzle,
+      "sidebar.mcpToolsManagement",
+      false,
+      true
+    ),
+    createMenuItem(
+      "11",
+      "/monitoring",
+      Activity,
+      "sidebar.monitoringManagement",
+      false,
+      true
+    ),
+    createMenuItem(
+      "7",
+      "/models",
+      Settings,
+      "sidebar.modelManagement",
+      false,
+      true
+    ),
+    createMenuItem(
+      "8",
+      "/memory",
+      Database,
+      "sidebar.memoryManagement",
+      false,
+      true
+    ),
+    createMenuItem("9", "/users", Users, "sidebar.userManagement", false, true),
   ];
 
-  // Calculate sidebar height and position dynamically
-  const sidebarHeight = `calc(100vh - ${HEADER_CONFIG.RESERVED_HEIGHT} - ${FOOTER_CONFIG.RESERVED_HEIGHT})`;
-  const sidebarTop = HEADER_CONFIG.RESERVED_HEIGHT;
-
   return (
     <ConfigProvider>
       <div className="relative">
         <div
           className="flex-shrink-0"
           style={{
-            width: isCollapsed ? SIDER_CONFIG.COLLAPSED_WIDTH : SIDER_CONFIG.EXPANDED_WIDTH,
+            width: isCollapsed
+              ? SIDER_CONFIG.COLLAPSED_WIDTH
+              : SIDER_CONFIG.EXPANDED_WIDTH,
           }}
         >
-            <div className="py-2 h-full">
-              <Menu
-                mode="inline"
-                inlineCollapsed={isCollapsed}
-                selectedKeys={[selectedKey]}
-                items={menuItems}
-                onClick={({ key }) => setSelectedKey(key)}
-                className="bg-transparent border-r-0 h-full"
-              />
-            </div>
+          <div className="py-2 h-full">
+            <Menu
+              mode="inline"
+              inlineCollapsed={isCollapsed}
+              selectedKeys={[selectedKey]}
+              items={menuItems}
+              className="bg-transparent border-r-0 h-full"
+            />
+          </div>
         </div>
       </div>
     </ConfigProvider>
   );
 }
-
diff --git a/frontend/components/navigation/index.ts b/frontend/components/navigation/index.ts
deleted file mode 100644
index 514ab752e..000000000
--- a/frontend/components/navigation/index.ts
+++ /dev/null
@@ -1,5 +0,0 @@
-export { NavigationLayout } from "./NavigationLayout";
-export { TopNavbar } from "./TopNavbar";
-export { SideNavigation } from "./SideNavigation";
-export { FooterLayout } from "./FooterLayout";
-
diff --git a/frontend/components/providers/I18nProviderWrapper.tsx b/frontend/components/providers/I18nProviderWrapper.tsx
index ce5643af3..dda44436d 100644
--- a/frontend/components/providers/I18nProviderWrapper.tsx
+++ b/frontend/components/providers/I18nProviderWrapper.tsx
@@ -6,11 +6,15 @@ import { I18nextProvider } from "react-i18next";
 
 import i18n from "@/app/i18n";
 
+interface I18nProviderWrapperProps {
+  children: ReactNode;
+  locale?: string;
+}
+
 export default function I18nProviderWrapper({
   children,
-}: {
-  children: ReactNode;
-}) {
+  locale: initialLocale,
+}: I18nProviderWrapperProps) {
   const [mounted, setMounted] = useState(false);
   const pathname = usePathname();
 
@@ -18,10 +22,20 @@ export default function I18nProviderWrapper({
     setMounted(true);
   }, []);
 
-  // Synchronize i18n language according to the URL
+  // Initialize i18n language from props or URL
   useEffect(() => {
     if (!mounted) return;
 
+    // If locale is provided via props, use it
+    if (initialLocale && (initialLocale === "zh" || initialLocale === "en")) {
+      if (i18n.language !== initialLocale) {
+        i18n.changeLanguage(initialLocale);
+      }
+      document.cookie = `NEXT_LOCALE=${initialLocale}; path=/; max-age=31536000`;
+      return;
+    }
+
+    // Fallback: synchronize i18n language according to the URL
     const segments = pathname.split("/").filter(Boolean);
     const urlLocale = segments[0];
 
@@ -31,7 +45,7 @@ export default function I18nProviderWrapper({
       }
       document.cookie = `NEXT_LOCALE=${urlLocale}; path=/; max-age=31536000`;
     }
-  }, [pathname, i18n, mounted]);
+  }, [initialLocale, pathname, mounted]);
 
   if (!mounted) {
     return null;
diff --git a/frontend/components/providers/deploymentProvider.tsx b/frontend/components/providers/deploymentProvider.tsx
new file mode 100644
index 000000000..2612f2b9d
--- /dev/null
+++ b/frontend/components/providers/deploymentProvider.tsx
@@ -0,0 +1,49 @@
+"use client";
+
+import { createContext, useContext, useState, useEffect, ReactNode } from "react";
+import { API_ENDPOINTS } from "@/services/api";
+import log from "@/lib/logger";
+
+interface DeploymentContextType {
+  isSpeedMode: boolean;
+  isDeploymentReady: boolean;
+}
+
+const DeploymentContext = createContext<DeploymentContextType>({
+  isSpeedMode: false,
+  isDeploymentReady: false,
+});
+
+export function DeploymentProvider({ children }: { children: ReactNode }) {
+  const [isSpeedMode, setIsSpeedMode] = useState(false);
+  const [isDeploymentReady, setIsDeploymentReady] = useState(false);
+
+  useEffect(() => {
+    const checkDeploymentVersion = async () => {
+      try {
+        const response = await fetch(API_ENDPOINTS.tenantConfig.deploymentVersion);
+        if (response.ok) {
+          const data = await response.json();
+          const version = data.content?.deployment_version || data.deployment_version;
+          setIsSpeedMode(version === 'speed');
+        }
+      } catch (error) {
+        log.error('Failed to check deployment version:', error);
+        setIsSpeedMode(false);
+      } finally {
+        setIsDeploymentReady(true);
+      }
+    };
+
+    checkDeploymentVersion();
+  }, []);
+
+  return (
+    <DeploymentContext.Provider value={{ isSpeedMode, isDeploymentReady }}>
+      {children}
+    </DeploymentContext.Provider>
+  );
+}
+
+export const useDeployment = () => useContext(DeploymentContext);
+
diff --git a/frontend/components/providers/index.ts b/frontend/components/providers/index.ts
deleted file mode 100644
index ccdec7e8e..000000000
--- a/frontend/components/providers/index.ts
+++ /dev/null
@@ -1,6 +0,0 @@
-/**
- * Export all provider components in one place
- */
-
-export * from "./rootProvider";
-export * from "./I18nProviderWrapper";
diff --git a/frontend/components/providers/rootProvider.tsx b/frontend/components/providers/rootProvider.tsx
index 460aea917..463cff979 100644
--- a/frontend/components/providers/rootProvider.tsx
+++ b/frontend/components/providers/rootProvider.tsx
@@ -5,17 +5,23 @@ import { ConfigProvider, App } from "antd";
 import { QueryClient, QueryClientProvider } from "@tanstack/react-query";
 
 import {
-  AuthProvider as AuthContextProvider,
+  AuthProvider,
   AuthContext,
   useAuth,
 } from "@/hooks/useAuth";
 
 import { LoginModal, RegisterModal, SessionListeners } from "@/components/auth";
 import { FullScreenLoading } from "@/components/ui/loading";
+import { useDeployment } from "./deploymentProvider";
 
 function AppReadyWrapper({ children }: { children: ReactNode }) {
-  const { isReady } = useAuth();
-  return isReady ? <>{children}</> : <FullScreenLoading />;
+  const { isDeploymentReady } = useDeployment();
+  const auth = useAuth();
+  const isAuthReady = (auth as any).isAuthReady;
+
+  const isAppReady = isDeploymentReady && isAuthReady;
+
+  return isAppReady ? <>{children}</> : <FullScreenLoading />;
 }
 
 /**
@@ -27,7 +33,7 @@ export function RootProvider({ children }: { children: ReactNode }) {
     <ConfigProvider getPopupContainer={() => document.body}>
       <QueryClientProvider client={queryClient}>
         <App>
-          <AuthContextProvider>
+          <AuthProvider>
             {(authContextValue) => (
               <AuthContext.Provider value={authContextValue}>
                 <AppReadyWrapper>
@@ -40,7 +46,7 @@ export function RootProvider({ children }: { children: ReactNode }) {
                 <RegisterModal />
               </AuthContext.Provider>
             )}
-          </AuthContextProvider>
+          </AuthProvider>
         </App>
       </QueryClientProvider>
     </ConfigProvider>
diff --git a/frontend/const/modelConfig.ts b/frontend/const/modelConfig.ts
index a68b087fb..c842f2004 100644
--- a/frontend/const/modelConfig.ts
+++ b/frontend/const/modelConfig.ts
@@ -91,15 +91,6 @@ export const MEMORY_TAB_KEYS = {
 // Type for memory tab keys
 export type MemoryTabKey = (typeof MEMORY_TAB_KEYS)[keyof typeof MEMORY_TAB_KEYS];
 
-// Connection status constants
-export const CONNECTION_STATUS = {
-  SUCCESS: "success",
-  ERROR: "error", 
-  PROCESSING: "processing"
-} as const;
-
-export type ConnectionStatus = (typeof CONNECTION_STATUS)[keyof typeof CONNECTION_STATUS];
-
 // Layout configuration constants
 export const LAYOUT_CONFIG = {
   CARD_HEADER_PADDING: "10px 24px",
diff --git a/frontend/hooks/useAuth.ts b/frontend/hooks/useAuth.ts
index e76f11b74..5b2f1074f 100644
--- a/frontend/hooks/useAuth.ts
+++ b/frontend/hooks/useAuth.ts
@@ -9,11 +9,11 @@ import { USER_ROLES } from "@/const/modelConfig"
 
 import { authService } from "@/services/authService"
 import { configService } from "@/services/configService"
-import { API_ENDPOINTS } from "@/services/api"
 import { User, AuthContextType } from "@/types/auth"
 import { EVENTS, STATUS_CODES } from "@/const/auth"
 import { getSessionFromStorage, removeSessionFromStorage } from "@/lib/auth"
 import log from "@/lib/logger"
+import { useDeployment } from "@/components/providers/deploymentProvider"
 
 // Create auth context
 const AuthContext = createContext<AuthContextType | undefined>(undefined)
@@ -22,6 +22,7 @@ const AuthContext = createContext<AuthContextType | undefined>(undefined)
 export function AuthProvider({ children }: { children: (value: AuthContextType) => ReactNode }) {
   const { t } = useTranslation('common');
   const { message } = App.useApp();
+  const { isSpeedMode } = useDeployment(); // 从 deployment context 获取
   const [user, setUser] = useState<User | null>(null)
   const [isLoading, setIsLoading] = useState(true)
   const [isLoginModalOpen, setIsLoginModalOpen] = useState(false)
@@ -29,8 +30,6 @@ export function AuthProvider({ children }: { children: (value: AuthContextType)
   const [isFromSessionExpired, setIsFromSessionExpired] = useState(false)
   const [shouldCheckSession, setShouldCheckSession] = useState(false)
   const [authServiceUnavailable, setAuthServiceUnavailable] = useState(false)
-  const [isSpeedMode, setIsSpeedMode] = useState(false)
-  const [isReady, setIsReady] = useState(false)
   const pathname = usePathname()
 
   // Check auth service availability
@@ -45,27 +44,7 @@ export function AuthProvider({ children }: { children: (value: AuthContextType)
     if (isLoginModalOpen || isRegisterModalOpen) {
       checkAuthService()
     }
-  }, [isLoginModalOpen, isRegisterModalOpen])
-
-  // Check deployment version and handle speed mode
-  const checkDeploymentVersion = async () => {
-    try {
-      setIsReady(false);
-      const response = await fetch(API_ENDPOINTS.tenantConfig.deploymentVersion);
-      if (response.ok) {
-        const data = await response.json();
-        const version = data.content?.deployment_version || data.deployment_version;
-        
-        setIsSpeedMode(version === 'speed');
-        // In speed mode, do not perform any auto login; UI should not depend on login
-      }
-    } catch (error) {
-      log.error('Failed to check deployment version:', error);
-      setIsSpeedMode(false);
-    } finally {
-      setIsReady(true);
-    }
-  };
+  }, [isLoginModalOpen, isRegisterModalOpen]);
 
   // Auto login function (for speed mode)
   const performAutoLogin = async () => {
@@ -134,11 +113,6 @@ export function AuthProvider({ children }: { children: (value: AuthContextType)
     };
   }, []);
 
-  // Check deployment version
-  useEffect(() => {
-    checkDeploymentVersion();
-  }, []); // When user status changes, check again
-
   // Check user login status (skip in speed mode)
   useEffect(() => {
     if (isSpeedMode) return;
@@ -373,7 +347,7 @@ export function AuthProvider({ children }: { children: (value: AuthContextType)
     isFromSessionExpired,
     authServiceUnavailable,
     isSpeedMode,
-    isReady,
+    isAuthReady: true, // 认证部分总是就绪
     openLoginModal,
     closeLoginModal,
     openRegisterModal,
@@ -390,7 +364,7 @@ export function AuthProvider({ children }: { children: (value: AuthContextType)
 }
 
 // Custom hook for accessing auth context
-export function useAuth() {
+export function useAuth(): AuthContextType {
   const context = useContext(AuthContext)
   if (context === undefined) {
     throw new Error("useAuth must be used within an AuthProvider")
diff --git a/frontend/hooks/useSetupFlow.ts b/frontend/hooks/useSetupFlow.ts
index 632ad77e8..3a03d7582 100644
--- a/frontend/hooks/useSetupFlow.ts
+++ b/frontend/hooks/useSetupFlow.ts
@@ -5,22 +5,12 @@ import {useTranslation} from "react-i18next";
 import {useAuth} from "@/hooks/useAuth";
 import {
   USER_ROLES,
-  CONNECTION_STATUS,
-  ConnectionStatus,
 } from "@/const/modelConfig";
 import {EVENTS} from "@/const/auth";
 
 interface UseSetupFlowOptions {
   /** Whether admin role is required to access this page */
   requireAdmin?: boolean;
-  /** External connection status (if managed by parent) */
-  externalConnectionStatus?: ConnectionStatus;
-  /** External checking connection state (if managed by parent) */
-  externalIsCheckingConnection?: boolean;
-  /** External check connection handler (if managed by parent) */
-  onCheckConnection?: () => void;
-  /** Callback to expose connection status changes */
-  onConnectionStatusChange?: (status: ConnectionStatus) => void;
   /** Redirect path for non-admin users */
   nonAdminRedirect?: string;
 }
@@ -31,11 +21,7 @@ interface UseSetupFlowReturn {
   isLoading: boolean;
   isSpeedMode: boolean;
   canAccessProtectedData: boolean;
-  
-  // Connection status
-  connectionStatus: ConnectionStatus;
-  isCheckingConnection: boolean;
-  
+
   // Animation config
   pageVariants: {
     initial: { opacity: number; x: number };
@@ -58,7 +44,6 @@ interface UseSetupFlowReturn {
  * 
  * Provides common functionality for setup pages including:
  * - Authentication and permission checks
- * - Connection status management
  * - Session expiration handling
  * - Page transition animations
  * 
@@ -68,10 +53,6 @@ interface UseSetupFlowReturn {
 export function useSetupFlow(options: UseSetupFlowOptions = {}): UseSetupFlowReturn {
   const {
     requireAdmin = false,
-    externalConnectionStatus,
-    externalIsCheckingConnection,
-    onCheckConnection: externalOnCheckConnection,
-    onConnectionStatusChange,
     nonAdminRedirect = "/setup/knowledges",
   } = options;
 
@@ -83,15 +64,7 @@ export function useSetupFlow(options: UseSetupFlowOptions = {}): UseSetupFlowRet
   // Calculate if user can access protected data
   const canAccessProtectedData = isSpeedMode || (!userLoading && !!user);
 
-  // Internal connection status management (if not provided externally)
-  const [internalConnectionStatus, setInternalConnectionStatus] = useState<ConnectionStatus>(
-    CONNECTION_STATUS.PROCESSING
-  );
-  const [internalIsCheckingConnection, setInternalIsCheckingConnection] = useState(false);
 
-  // Use external status if provided, otherwise use internal
-  const connectionStatus = externalConnectionStatus ?? internalConnectionStatus;
-  const isCheckingConnection = externalIsCheckingConnection ?? internalIsCheckingConnection;
 
   // Check login status and handle session expiration
   useEffect(() => {
@@ -161,15 +134,11 @@ export function useSetupFlow(options: UseSetupFlowOptions = {}): UseSetupFlowRet
     isLoading: userLoading,
     isSpeedMode,
     canAccessProtectedData,
-    
-    // Connection
-    connectionStatus,
-    isCheckingConnection,
-    
+
     // Animation
     pageVariants,
     pageTransition,
-    
+
     // Utilities
     router,
     t,
diff --git a/frontend/types/auth.ts b/frontend/types/auth.ts
index 5f0f56fb6..6d35384c6 100644
--- a/frontend/types/auth.ts
+++ b/frontend/types/auth.ts
@@ -39,7 +39,7 @@ export interface AuthContextType {
   isFromSessionExpired: boolean;
   authServiceUnavailable: boolean;
   isSpeedMode: boolean;
-  isReady: boolean;
+  isAuthReady: boolean;
   openLoginModal: () => void;
   closeLoginModal: () => void;
   openRegisterModal: () => void;
diff --git a/frontend/types/modelConfig.ts b/frontend/types/modelConfig.ts
index 0d463161f..e95874456 100644
--- a/frontend/types/modelConfig.ts
+++ b/frontend/types/modelConfig.ts
@@ -1,5 +1,3 @@
-import { CONNECTION_STATUS } from "@/const/modelConfig";
-
 // Model connection status type
 export type ModelConnectStatus =
   | "not_detected"
@@ -94,12 +92,3 @@ export interface ModelValidationResponse {
   model_name: string;
   error?: string;  // Error message when connectivity fails
 }
-
-// Model engine check result interface
-export interface ModelEngineCheckResult {
-  status:
-    | typeof CONNECTION_STATUS.SUCCESS
-    | typeof CONNECTION_STATUS.ERROR
-    | typeof CONNECTION_STATUS.PROCESSING;
-  lastChecked: string;
-}

From 7f587f65897a5928e86ede8c823666150672d2d3 Mon Sep 17 00:00:00 2001
From: xuyaqi <xuyaqist@gmail.com>
Date: Tue, 13 Jan 2026 20:17:48 +0800
Subject: [PATCH 13/38] UI optimization: set next/prev always at the right
 corner of the footer

---
 frontend/app/[locale]/setup/page.tsx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/frontend/app/[locale]/setup/page.tsx b/frontend/app/[locale]/setup/page.tsx
index 63b9adc47..d24e5af40 100644
--- a/frontend/app/[locale]/setup/page.tsx
+++ b/frontend/app/[locale]/setup/page.tsx
@@ -131,7 +131,7 @@ export default function SetupPage() {
 
       {/* Bottom fixed action bar */}
       <div className="bg-white dark:bg-slate-900 border-t z-50">
-        <div className="max-w-[1800px] mx-auto px-8 py-4 flex justify-end gap-4">
+        <div className="mx-auto px-8 py-4 flex justify-end gap-4">
           <Button
             onClick={handleBack}
             disabled={isFirstStep}

From e46ef26c6ca2b23d015209defbd90f70d7523480 Mon Sep 17 00:00:00 2001
From: zhizhi <928570418@qq.com>
Date: Tue, 13 Jan 2026 09:40:08 +0800
Subject: [PATCH 14/38] =?UTF-8?q?=E2=9C=A8Added=20ModelEngine=20ENV=20Conf?=
 =?UTF-8?q?ig?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 backend/consts/model.py                       |   1 +
 backend/services/config_sync_service.py       |   6 +-
 docker/docker-compose.yml                     |  71 +++---
 frontend/app/[locale]/layout.tsx              |  13 -
 .../models/components/modelConfig.tsx         |   6 +-
 frontend/const/modelConfig.ts                 |  27 ++-
 frontend/lib/config.ts                        |   2 +
 frontend/services/api.ts                      |   3 -
 frontend/types/modelConfig.ts                 |   1 +
 .../services/test_config_sync_service.py      | 225 ++++++++++++++++--
 10 files changed, 262 insertions(+), 93 deletions(-)

diff --git a/backend/consts/model.py b/backend/consts/model.py
index b7a377077..bc5a0900f 100644
--- a/backend/consts/model.py
+++ b/backend/consts/model.py
@@ -105,6 +105,7 @@ class AppConfig(BaseModel):
     iconType: str
     customIconUrl: Optional[str] = None
     avatarUri: Optional[str] = None
+    modelEngineEnabled: bool = True
 
 
 class GlobalConfig(BaseModel):
diff --git a/backend/services/config_sync_service.py b/backend/services/config_sync_service.py
index 464f3ab11..68dfc014b 100644
--- a/backend/services/config_sync_service.py
+++ b/backend/services/config_sync_service.py
@@ -12,7 +12,8 @@
     DEFAULT_APP_NAME_ZH,
     ICON_TYPE,
     MODEL_CONFIG_MAPPING,
-    LANGUAGE
+    LANGUAGE,
+    MODEL_ENGINE_ENABLED
 )
 from database.model_management_db import get_model_id_by_display_name
 from utils.config_utils import (
@@ -135,7 +136,8 @@ def build_app_config(language: str, tenant_id: str) -> dict:
             "type": tenant_config_manager.get_app_config(ICON_TYPE, tenant_id=tenant_id) or "preset",
             "avatarUri": tenant_config_manager.get_app_config(AVATAR_URI, tenant_id=tenant_id) or "",
             "customUrl": tenant_config_manager.get_app_config(CUSTOM_ICON_URL, tenant_id=tenant_id) or ""
-        }
+        },
+        "modelEngineEnabled": str(MODEL_ENGINE_ENABLED).lower() == "true"
     }
 
 
diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
index bfe707a04..36f1129b2 100644
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -35,21 +35,25 @@ services:
     volumes:
       - ${ROOT_DIR}/elasticsearch:/usr/share/elasticsearch/data
     ports:
-      - "9210:9200"  # HTTP API
-      - "9310:9300"  # Cluster communication port
+      - "9210:9200" # HTTP API
+      - "9310:9300" # Cluster communication port
     networks:
       - nexent
     restart: always
     healthcheck:
-      test: ["CMD-SHELL", "curl -sf -u elastic:${ELASTIC_PASSWORD} http://localhost:9200/_cluster/health | grep -qE '\"status\":\"(green|yellow)\"' || exit 1"]
+      test:
+        [
+          "CMD-SHELL",
+          'curl -sf -u elastic:${ELASTIC_PASSWORD} http://localhost:9200/_cluster/health | grep -qE ''"status":"(green|yellow)"'' || exit 1',
+        ]
       interval: 5s
       timeout: 10s
       retries: 20
     logging:
       driver: "json-file"
       options:
-        max-size: "100m"  # Maximum size of a single log file
-        max-file: "3"     # Maximum number of log files to keep
+        max-size: "100m" # Maximum size of a single log file
+        max-file: "3" # Maximum number of log files to keep
 
   nexent-postgresql:
     image: ${POSTGRESQL_IMAGE}
@@ -69,8 +73,8 @@ services:
     logging:
       driver: "json-file"
       options:
-        max-size: "100m"  # Maximum size of a single log file
-        max-file: "3"     # Maximum number of log files to keep
+        max-size: "100m" # Maximum size of a single log file
+        max-file: "3" # Maximum number of log files to keep
     networks:
       - nexent
 
@@ -79,11 +83,11 @@ services:
     container_name: nexent-config
     restart: always
     ports:
-      - "5010:5010"  # Config service port
+      - "5010:5010" # Config service port
     volumes:
       - ${NEXENT_USER_DIR:-$HOME/nexent}:/mnt/nexent
       - ${ROOT_DIR}/openssh-server/ssh-keys:/opt/ssh-keys:ro
-      - /var/run/docker.sock:/var/run/docker.sock:ro  # Docker socket for MCP container management
+      - /var/run/docker.sock:/var/run/docker.sock:ro # Docker socket for MCP container management
     environment:
       <<: [*minio-vars, *es-vars]
       skip_proxy: "true"
@@ -97,8 +101,8 @@ services:
     logging:
       driver: "json-file"
       options:
-        max-size: "10m"  # Maximum size of a single log file
-        max-file: "3"    # Maximum number of log files to keep
+        max-size: "10m" # Maximum size of a single log file
+        max-file: "3" # Maximum number of log files to keep
     networks:
       - nexent
     entrypoint: ["/bin/bash", "-c", "python backend/config_service.py"]
@@ -108,7 +112,7 @@ services:
     container_name: nexent-runtime
     restart: always
     ports:
-      - "5014:5014"  # Runtime service port
+      - "5014:5014" # Runtime service port
     volumes:
       - ${NEXENT_USER_DIR:-$HOME/nexent}:/mnt/nexent
       - ${ROOT_DIR}/openssh-server/ssh-keys:/opt/ssh-keys:ro
@@ -125,8 +129,8 @@ services:
     logging:
       driver: "json-file"
       options:
-        max-size: "10m"  # Maximum size of a single log file
-        max-file: "3"    # Maximum number of log files to keep
+        max-size: "10m" # Maximum size of a single log file
+        max-file: "3" # Maximum number of log files to keep
     networks:
       - nexent
     entrypoint: ["/bin/bash", "-c", "python backend/runtime_service.py"]
@@ -136,7 +140,7 @@ services:
     container_name: nexent-mcp
     restart: always
     ports:
-      - "5011:5011"  # MCP service port
+      - "5011:5011" # MCP service port
     volumes:
       - ${NEXENT_USER_DIR:-$HOME/nexent}:/mnt/nexent
       - ${ROOT_DIR}/openssh-server/ssh-keys:/opt/ssh-keys:ro
@@ -153,8 +157,8 @@ services:
     logging:
       driver: "json-file"
       options:
-        max-size: "10m"  # Maximum size of a single log file
-        max-file: "3"    # Maximum number of log files to keep
+        max-size: "10m" # Maximum size of a single log file
+        max-file: "3" # Maximum number of log files to keep
     networks:
       - nexent
     entrypoint: ["/bin/bash", "-c", "python backend/mcp_service.py"]
@@ -164,7 +168,7 @@ services:
     container_name: nexent-northbound
     restart: always
     ports:
-      - "5013:5013"  # Northbound service port
+      - "5013:5013" # Northbound service port
     volumes:
       - ${NEXENT_USER_DIR:-$HOME/nexent}:/mnt/nexent
       - ${ROOT_DIR}/openssh-server/ssh-keys:/opt/ssh-keys:ro
@@ -181,8 +185,8 @@ services:
     logging:
       driver: "json-file"
       options:
-        max-size: "10m"  # Maximum size of a single log file
-        max-file: "3"    # Maximum number of log files to keep
+        max-size: "10m" # Maximum size of a single log file
+        max-file: "3" # Maximum number of log files to keep
     networks:
       - nexent
     entrypoint: ["/bin/bash", "-c", "python backend/northbound_service.py"]
@@ -201,11 +205,12 @@ services:
       - RUNTIME_HTTP_BACKEND=http://nexent-runtime:5014
       - MINIO_ENDPOINT=http://nexent-minio:9000
       - MARKET_BACKEND=https://market.nexent.tech
+      - MODEL_ENGINE_ENABLED=${MODEL_ENGINE_ENABLED:-false}
     logging:
       driver: "json-file"
       options:
-        max-size: "10m"  # Maximum size of a single log file
-        max-file: "3"    # Maximum number of log files to keep
+        max-size: "10m" # Maximum size of a single log file
+        max-file: "3" # Maximum number of log files to keep
 
   nexent-data-process:
     image: ${NEXENT_DATA_PROCESS_IMAGE}
@@ -215,8 +220,8 @@ services:
     privileged: true
     ports:
       - "5012:5012"
-      - "5555:5555"  # Celery Flower port
-      - "8265:8265"  # Ray Dashboardport
+      - "5555:5555" # Celery Flower port
+      - "8265:8265" # Ray Dashboardport
     volumes:
       - ${NEXENT_USER_DIR:-$HOME/nexent}:/mnt/nexent
     environment:
@@ -253,7 +258,7 @@ services:
     volumes:
       - ${ROOT_DIR}/redis:/data
     healthcheck:
-      test: [ "CMD", "redis-cli", "ping" ]
+      test: ["CMD", "redis-cli", "ping"]
       interval: 5s
       timeout: 5s
       retries: 5
@@ -266,8 +271,8 @@ services:
     container_name: nexent-minio
     command: server /data
     ports:
-      - "9010:9000"  # MinIO API port
-      - "9011:9001"  # MinIO Console port
+      - "9010:9000" # MinIO API port
+      - "9011:9001" # MinIO Console port
     environment:
       <<: [*minio-vars, *proxy-vars]
       MINIO_ROOT_USER: ${MINIO_ROOT_USER}
@@ -280,8 +285,8 @@ services:
     logging:
       driver: "json-file"
       options:
-        max-size: "100m"  # Maximum size of a single log file
-        max-file: "3"     # Maximum number of log files to keep
+        max-size: "100m" # Maximum size of a single log file
+        max-file: "3" # Maximum number of log files to keep
     entrypoint: >
       /bin/sh -c "
         minio server /etc/minio/data --address ':9000' --console-address ':9001' &
@@ -303,7 +308,7 @@ services:
       - DEV_USER=${SSH_USERNAME:-linuxserver.io}
       - DEV_PASSWORD=${SSH_PASSWORD:-nexent123}
     ports:
-      - "2222:22"  # SSH port
+      - "2222:22" # SSH port
     volumes:
       - ${TERMINAL_MOUNT_DIR:-./workspace}:/opt/terminal
     networks:
@@ -312,8 +317,8 @@ services:
     logging:
       driver: "json-file"
       options:
-        max-size: "10m"  # Maximum size of a single log file
-        max-file: "3"    # Maximum number of log files to keep
+        max-size: "10m" # Maximum size of a single log file
+        max-file: "3" # Maximum number of log files to keep
     profiles:
       - terminal
 
@@ -322,4 +327,4 @@ networks:
     driver: bridge
 
 volumes:
-  redis_data:
\ No newline at end of file
+  redis_data:
diff --git a/frontend/app/[locale]/layout.tsx b/frontend/app/[locale]/layout.tsx
index 638cbc530..403581fa3 100644
--- a/frontend/app/[locale]/layout.tsx
+++ b/frontend/app/[locale]/layout.tsx
@@ -69,9 +69,6 @@ export default async function RootLayout({
     ["zh", "en"].includes(locale ?? "") ? locale : "zh"
   ) as "zh" | "en";
 
-  // 获取环境变量
-  const modelEngineEnabled = process.env.MODEL_ENGINE_ENABLED || "true";
-
   return (
     <html lang={resolvedLocale} suppressHydrationWarning>
       <body className={inter.className}>
@@ -85,16 +82,6 @@ export default async function RootLayout({
             <RootProvider>{children}</RootProvider>
           </I18nProviderWrapper>
         </NextThemesProvider>
-        <script
-          dangerouslySetInnerHTML={{
-            __html: `
-              window.__ENV__ = {
-                MODEL_ENGINE_ENABLED: "${modelEngineEnabled}"
-              };
-              console.log("Client: window.__ENV__ =", window.__ENV__);
-            `,
-          }}
-        />
       </body>
     </html>
   );
diff --git a/frontend/app/[locale]/models/components/modelConfig.tsx b/frontend/app/[locale]/models/components/modelConfig.tsx
index 7fbad2e3c..5f4a699a9 100644
--- a/frontend/app/[locale]/models/components/modelConfig.tsx
+++ b/frontend/app/[locale]/models/components/modelConfig.tsx
@@ -96,10 +96,8 @@ export const ModelConfigSection = forwardRef<
   const { t } = useTranslation();
   const { message } = App.useApp();
   const { skipVerification = false, canAccessProtectedData = false } = props;
-  const { modelConfig, updateModelConfig } = useConfig();
-  const modelEngineEnable =
-    (typeof window !== "undefined" && window.__ENV__?.MODEL_ENGINE_ENABLED) ===
-    "true";
+  const { modelConfig, updateModelConfig, appConfig } = useConfig();
+  const modelEngineEnable = appConfig.modelEngineEnabled;
   const modelData = getModelData(t);
   const { confirm } = useConfirmModal();
 
diff --git a/frontend/const/modelConfig.ts b/frontend/const/modelConfig.ts
index a68b087fb..e252e0d07 100644
--- a/frontend/const/modelConfig.ts
+++ b/frontend/const/modelConfig.ts
@@ -7,12 +7,12 @@ export const MODEL_CONFIG_KEY = "model";
 // Model type constants
 export const MODEL_TYPES = {
   LLM: "llm",
-  EMBEDDING: "embedding", 
+  EMBEDDING: "embedding",
   MULTI_EMBEDDING: "multi_embedding",
   RERANK: "rerank",
   STT: "stt",
   TTS: "tts",
-  VLM: "vlm"
+  VLM: "vlm",
 } as const;
 
 // Model source constants
@@ -21,7 +21,7 @@ export const MODEL_SOURCES = {
   SILICON: "silicon",
   MODELENGINE: "modelengine",
   OPENAI_API_COMPATIBLE: "OpenAI-API-Compatible",
-  CUSTOM: "custom"
+  CUSTOM: "custom",
 } as const;
 
 // Model status constants
@@ -29,13 +29,13 @@ export const MODEL_STATUS = {
   AVAILABLE: "available",
   UNAVAILABLE: "unavailable",
   CHECKING: "detecting",
-  UNCHECKED: "not_detected"
+  UNCHECKED: "not_detected",
 } as const;
 
 // Icon type constants
 export const ICON_TYPES = {
   PRESET: "preset",
-  CUSTOM: "custom"
+  CUSTOM: "custom",
 } as const;
 
 // Provider detection and icon mapping
@@ -76,29 +76,31 @@ export const DEFAULT_PROVIDER_ICON = "/default-icon.png";
 // User role constants
 export const USER_ROLES = {
   USER: "user",
-  ADMIN: "admin"
+  ADMIN: "admin",
 } as const;
 
 // Memory tab key constants
 export const MEMORY_TAB_KEYS = {
   BASE: "base",
-  TENANT: "tenant", 
+  TENANT: "tenant",
   AGENT_SHARED: "agentShared",
   USER_PERSONAL: "userPersonal",
-  USER_AGENT: "userAgent"
+  USER_AGENT: "userAgent",
 } as const;
 
 // Type for memory tab keys
-export type MemoryTabKey = (typeof MEMORY_TAB_KEYS)[keyof typeof MEMORY_TAB_KEYS];
+export type MemoryTabKey =
+  (typeof MEMORY_TAB_KEYS)[keyof typeof MEMORY_TAB_KEYS];
 
 // Connection status constants
 export const CONNECTION_STATUS = {
   SUCCESS: "success",
-  ERROR: "error", 
-  PROCESSING: "processing"
+  ERROR: "error",
+  PROCESSING: "processing",
 } as const;
 
-export type ConnectionStatus = (typeof CONNECTION_STATUS)[keyof typeof CONNECTION_STATUS];
+export type ConnectionStatus =
+  (typeof CONNECTION_STATUS)[keyof typeof CONNECTION_STATUS];
 
 // Layout configuration constants
 export const LAYOUT_CONFIG = {
@@ -148,6 +150,7 @@ export const defaultConfig: GlobalConfig = {
     iconType: ICON_TYPES.PRESET,
     customIconUrl: "",
     avatarUri: "",
+    modelEngineEnabled: false,
   },
   models: {
     llm: {
diff --git a/frontend/lib/config.ts b/frontend/lib/config.ts
index f13bdd44d..89bb3d213 100644
--- a/frontend/lib/config.ts
+++ b/frontend/lib/config.ts
@@ -218,6 +218,7 @@ class ConfigStoreClass {
             (backendConfig.app.icon?.type as "preset" | "custom") || "preset",
           customIconUrl: backendConfig.app.icon?.customUrl || null,
           avatarUri: backendConfig.app.icon?.avatarUri || null,
+          modelEngineEnabled: backendConfig.app.modelEngineEnabled ?? false,
         }
       : {
           appName: "",
@@ -225,6 +226,7 @@ class ConfigStoreClass {
           iconType: "preset" as "preset" | "custom",
           customIconUrl: null,
           avatarUri: null,
+          modelEngineEnabled: false,
         };
 
     // Adapt models field
diff --git a/frontend/services/api.ts b/frontend/services/api.ts
index 2064ececf..d8931186a 100644
--- a/frontend/services/api.ts
+++ b/frontend/services/api.ts
@@ -312,8 +312,5 @@ function handleSessionExpired() {
 declare global {
   interface Window {
     __isHandlingSessionExpired?: boolean;
-    __ENV__?: {
-      MODEL_ENGINE_ENABLED?: string;
-    };
   }
 }
diff --git a/frontend/types/modelConfig.ts b/frontend/types/modelConfig.ts
index 36a9a69c7..0f0a95c25 100644
--- a/frontend/types/modelConfig.ts
+++ b/frontend/types/modelConfig.ts
@@ -55,6 +55,7 @@ export interface AppConfig {
   iconType: "preset" | "custom";
   customIconUrl: string | null;
   avatarUri: string | null;
+  modelEngineEnabled: boolean;
 }
 
 // Model API configuration interface
diff --git a/test/backend/services/test_config_sync_service.py b/test/backend/services/test_config_sync_service.py
index ecc73a14c..e36dbe5bb 100644
--- a/test/backend/services/test_config_sync_service.py
+++ b/test/backend/services/test_config_sync_service.py
@@ -1,35 +1,117 @@
+# Apply ALL critical patches BEFORE any imports
+# This prevents real AWS/MinIO/Elasticsearch calls during import
+from backend.services.config_sync_service import (
+    handle_model_config,
+    save_config_impl,
+    load_config_impl,
+    build_models_config,
+    build_app_config
+)
+import os
 import sys
-from unittest.mock import patch, MagicMock
-
+from unittest.mock import MagicMock, patch
 import pytest
 
-# Patch boto3 and other dependencies before importing anything from backend
+# Set mock environment variables BEFORE any imports
+os.environ.setdefault('MINIO_ENDPOINT', 'http://mock-minio:9000')
+os.environ.setdefault('MINIO_ACCESS_KEY', 'mock-key')
+os.environ.setdefault('MINIO_SECRET_KEY', 'mock-secret')
+os.environ.setdefault('MINIO_REGION', 'us-east-1')
+os.environ.setdefault('MINIO_DEFAULT_BUCKET', 'mock-bucket')
+
+# Mock boto3 at the module level
 boto3_mock = MagicMock()
 sys.modules['boto3'] = boto3_mock
 
-# Apply critical patches before importing any modules
-# This prevents real AWS/MinIO/Elasticsearch calls during import
-patch('botocore.client.BaseClient._make_api_call', return_value={}).start()
-
-# Patch storage factory and MinIO config validation to avoid errors during initialization
-# These patches must be started before any imports that use MinioClient
-storage_client_mock = MagicMock()
+# Create comprehensive mocks for MinIO and related modules
 minio_client_mock = MagicMock()
 minio_client_mock._ensure_bucket_exists = MagicMock()
 minio_client_mock.client = MagicMock()
-patch('nexent.storage.storage_client_factory.create_storage_client_from_config', return_value=storage_client_mock).start()
-patch('nexent.storage.minio_config.MinIOStorageConfig.validate', lambda self: None).start()
-patch('backend.database.client.MinioClient', return_value=minio_client_mock).start()
-patch('database.client.MinioClient', return_value=minio_client_mock).start()
-patch('backend.database.client.minio_client', minio_client_mock).start()
-patch('elasticsearch.Elasticsearch', return_value=MagicMock()).start()
 
-from backend.services.config_sync_service import (
-    handle_model_config,
-    save_config_impl,
-    load_config_impl,
-    build_models_config
-)
+storage_client_mock = MagicMock()
+
+# Mock the entire minio_config module
+minio_config_mock = MagicMock()
+minio_config_mock.MinIOStorageConfig = MagicMock()
+minio_config_mock.MinIOStorageConfig.return_value.validate = MagicMock(
+    return_value=None)
+sys.modules['nexent.storage.minio_config'] = minio_config_mock
+
+# Mock the storage_client_factory module
+storage_factory_mock = MagicMock()
+storage_factory_mock.create_storage_client_from_config = MagicMock(
+    return_value=storage_client_mock)
+sys.modules['nexent.storage.storage_client_factory'] = storage_factory_mock
+
+# Create a more comprehensive mock for the database client module
+db_client_mock = MagicMock()
+
+# Mock classes to prevent instantiation
+db_client_mock.MinioClient = MagicMock(return_value=minio_client_mock)
+db_client_mock.PostgresClient = MagicMock()
+
+# Mock global variables that get assigned at module level
+db_client_mock.minio_client = minio_client_mock
+db_client_mock.db_client = MagicMock()
+
+# Mock utility functions
+db_client_mock.as_dict = MagicMock()
+db_client_mock.get_db_session = MagicMock()
+
+# Set the mock module BEFORE any imports that might trigger it
+sys.modules['backend.database.client'] = db_client_mock
+
+# Also mock the submodules that might be imported
+sys.modules['backend.database'] = MagicMock()
+sys.modules['database'] = MagicMock()
+sys.modules['database.client'] = db_client_mock
+
+# Mock model management database module
+model_mgmt_mock = MagicMock()
+model_mgmt_mock.get_model_id_by_display_name = MagicMock(return_value=None)
+sys.modules['database.model_management_db'] = model_mgmt_mock
+
+# Mock utils modules
+utils_config_mock = MagicMock()
+utils_config_mock.get_env_key = MagicMock(return_value="TEST_KEY")
+utils_config_mock.get_model_name_from_config = MagicMock(
+    return_value="test-model")
+utils_config_mock.safe_value = MagicMock(return_value="safe_value")
+utils_config_mock.tenant_config_manager = MagicMock()
+sys.modules['utils.config_utils'] = utils_config_mock
+sys.modules['utils'] = MagicMock()
+
+# Mock elasticsearch
+es_mock = MagicMock()
+es_mock.Elasticsearch = MagicMock(return_value=MagicMock())
+sys.modules['elasticsearch'] = es_mock
+
+# Mock consts package and submodules
+consts_mock = MagicMock()
+consts_const_mock = MagicMock()
+# Mock the constants used in config_sync_service
+consts_const_mock.APP_DESCRIPTION = "Test description"
+consts_const_mock.APP_NAME = "Test app"
+consts_const_mock.AVATAR_URI = "test-avatar"
+consts_const_mock.CUSTOM_ICON_URL = "test-custom-url"
+consts_const_mock.ICON_TYPE = "test-icon-type"
+consts_const_mock.MODEL_CONFIG_MAPPING = {}
+consts_const_mock.LANGUAGE = {"ZH": "zh", "EN": "en"}
+consts_const_mock.DEFAULT_APP_DESCRIPTION_EN = "Default description"
+consts_const_mock.DEFAULT_APP_DESCRIPTION_ZH = "默认描述"
+consts_const_mock.DEFAULT_APP_NAME_EN = "Default App"
+consts_const_mock.DEFAULT_APP_NAME_ZH = "默认应用"
+consts_const_mock.MODEL_ENGINE_ENABLED = "false"  # Default to false
+consts_mock.const = consts_const_mock
+sys.modules['consts'] = consts_mock
+sys.modules['consts.const'] = consts_const_mock
+
+# NOW we can safely import the modules under test
+
+# Note: We already mock the entire backend.database.client module above,
+# so we don't need additional patches for individual classes within that module
+
+# NOW we can safely import the modules under test
 
 
 @pytest.fixture
@@ -740,10 +822,14 @@ async def test_load_config_impl_english(self, service_mocks):
             ""           # TTS_ID
         ]
 
-        # Execute
-        result = await load_config_impl(language, tenant_id)
+        # Mock MODEL_ENGINE_ENABLED for this test
+        with patch('backend.services.config_sync_service.MODEL_ENGINE_ENABLED', "true"):
+            # Execute
+            result = await load_config_impl(language, tenant_id)
 
         assert result["app"]["name"] == "Custom App Name"
+        # Default value when MODEL_ENGINE_ENABLED == "true"
+        assert result["app"]["modelEngineEnabled"] is True
         assert result["models"]["llm"]["displayName"] == "Test LLM"
 
     @pytest.mark.asyncio
@@ -762,11 +848,14 @@ async def test_load_config_impl_chinese(self, service_mocks):
         # Mock model name conversion to return string values
         service_mocks['get_model_name'].return_value = ""
 
-        # Execute
-        result = await load_config_impl(language, tenant_id)
+        # Mock MODEL_ENGINE_ENABLED for this test
+        with patch('backend.services.config_sync_service.MODEL_ENGINE_ENABLED', "true"):
+            # Execute
+            result = await load_config_impl(language, tenant_id)
 
         # Check Chinese default values
         assert result["app"]["name"] == "Nexent 智能体"
+        assert result["app"]["modelEngineEnabled"] is True
 
     @pytest.mark.asyncio
     async def test_load_config_impl_with_embedding_dimension(self, service_mocks):
@@ -920,3 +1009,87 @@ def side_effect(config_key, tenant_id=None):
         service_mocks['logger'].warning.assert_called_with(
             "Failed to get config for EMBEDDING_ID: Database timeout"
         )
+
+
+class TestBuildAppConfig:
+    """Test cases for build_app_config function"""
+
+    @pytest.mark.parametrize("language,expected_name,expected_description", [
+        ("zh", "中文应用名称", "中文应用描述"),
+        ("en", "English App Name", "English app description"),
+        # Default to English
+        ("unknown", "English App Name", "English app description"),
+    ])
+    def test_build_app_config_with_custom_values(self, service_mocks, language, expected_name, expected_description):
+        """Test build_app_config with custom app values"""
+        # Setup
+        tenant_id = "test_tenant_id"
+
+        # Mock tenant config manager to return custom values
+        service_mocks['tenant_config_manager'].get_app_config.side_effect = [
+            expected_name,      # APP_NAME
+            expected_description,  # APP_DESCRIPTION
+            "custom",           # ICON_TYPE
+            "test-avatar-uri",  # AVATAR_URI
+            "test-custom-url"   # CUSTOM_ICON_URL
+        ]
+
+        # Mock MODEL_ENGINE_ENABLED
+        with patch('backend.services.config_sync_service.MODEL_ENGINE_ENABLED', "true"):
+            # Execute
+            result = build_app_config(language, tenant_id)
+
+            # Assert
+            assert result["name"] == expected_name
+            assert result["description"] == expected_description
+            assert result["icon"]["type"] == "custom"
+            assert result["icon"]["avatarUri"] == "test-avatar-uri"
+            assert result["icon"]["customUrl"] == "test-custom-url"
+            assert result["modelEngineEnabled"] is True
+
+    @pytest.mark.parametrize("model_engine_enabled_env,expected_enabled", [
+        ("true", True),
+        ("false", False),
+        ("TRUE", True),   # Case insensitive now - "true" in any case should be True
+        ("True", True),   # Case insensitive now - "true" in any case should be True
+        ("", False),
+        (None, False),
+    ])
+    def test_build_app_config_model_engine_enabled(self, service_mocks, model_engine_enabled_env, expected_enabled):
+        """Test build_app_config with different MODEL_ENGINE_ENABLED values (case insensitive for 'true')"""
+        # Setup
+        language = "en"
+        tenant_id = "test_tenant_id"
+
+        # Mock tenant config manager to return None (use defaults)
+        service_mocks['tenant_config_manager'].get_app_config.return_value = None
+
+        # Mock MODEL_ENGINE_ENABLED
+        with patch('backend.services.config_sync_service.MODEL_ENGINE_ENABLED', model_engine_enabled_env):
+            # Execute
+            result = build_app_config(language, tenant_id)
+
+            # Assert
+            assert result["modelEngineEnabled"] == expected_enabled
+
+    def test_build_app_config_with_defaults(self, service_mocks):
+        """Test build_app_config with default values"""
+        # Setup
+        language = "en"
+        tenant_id = "test_tenant_id"
+
+        # Mock tenant config manager to return None (use defaults)
+        service_mocks['tenant_config_manager'].get_app_config.return_value = None
+
+        # Mock MODEL_ENGINE_ENABLED to default
+        with patch('backend.services.config_sync_service.MODEL_ENGINE_ENABLED', "true"):
+            # Execute
+            result = build_app_config(language, tenant_id)
+
+            # Assert default English values
+            assert result["name"] == "Nexent Agent"
+            assert result["description"] == "Nexent is an open-source agent platform built on the MCP tool ecosystem, providing flexible multi-modal Q&A, retrieval, data analysis, and processing capabilities."
+            assert result["icon"]["type"] == "preset"
+            assert result["icon"]["avatarUri"] == ""
+            assert result["icon"]["customUrl"] == ""
+            assert result["modelEngineEnabled"] is True

From b1c92f48adea334bef930ac7922b9246f569c50d Mon Sep 17 00:00:00 2001
From: zhizhi <928570418@qq.com>
Date: Wed, 14 Jan 2026 08:57:47 +0800
Subject: [PATCH 15/38] =?UTF-8?q?=E2=9C=A8Added=20ModelEngine=20ENV=20Conf?=
 =?UTF-8?q?ig?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../services/test_config_sync_service.py      | 887 ++++++++++++++----
 1 file changed, 717 insertions(+), 170 deletions(-)

diff --git a/test/backend/services/test_config_sync_service.py b/test/backend/services/test_config_sync_service.py
index e36dbe5bb..7557b2e85 100644
--- a/test/backend/services/test_config_sync_service.py
+++ b/test/backend/services/test_config_sync_service.py
@@ -1,117 +1,39 @@
-# Apply ALL critical patches BEFORE any imports
-# This prevents real AWS/MinIO/Elasticsearch calls during import
 from backend.services.config_sync_service import (
     handle_model_config,
     save_config_impl,
     load_config_impl,
     build_models_config,
-    build_app_config
+    build_app_config,
+    build_model_config
 )
-import os
 import sys
-from unittest.mock import MagicMock, patch
-import pytest
+from unittest.mock import patch, MagicMock
 
-# Set mock environment variables BEFORE any imports
-os.environ.setdefault('MINIO_ENDPOINT', 'http://mock-minio:9000')
-os.environ.setdefault('MINIO_ACCESS_KEY', 'mock-key')
-os.environ.setdefault('MINIO_SECRET_KEY', 'mock-secret')
-os.environ.setdefault('MINIO_REGION', 'us-east-1')
-os.environ.setdefault('MINIO_DEFAULT_BUCKET', 'mock-bucket')
+import pytest
 
-# Mock boto3 at the module level
+# Patch boto3 and other dependencies before importing anything from backend
 boto3_mock = MagicMock()
 sys.modules['boto3'] = boto3_mock
 
-# Create comprehensive mocks for MinIO and related modules
+# Apply critical patches before importing any modules
+# This prevents real AWS/MinIO/Elasticsearch calls during import
+patch('botocore.client.BaseClient._make_api_call', return_value={}).start()
+
+# Patch storage factory and MinIO config validation to avoid errors during initialization
+# These patches must be started before any imports that use MinioClient
+storage_client_mock = MagicMock()
 minio_client_mock = MagicMock()
 minio_client_mock._ensure_bucket_exists = MagicMock()
 minio_client_mock.client = MagicMock()
-
-storage_client_mock = MagicMock()
-
-# Mock the entire minio_config module
-minio_config_mock = MagicMock()
-minio_config_mock.MinIOStorageConfig = MagicMock()
-minio_config_mock.MinIOStorageConfig.return_value.validate = MagicMock(
-    return_value=None)
-sys.modules['nexent.storage.minio_config'] = minio_config_mock
-
-# Mock the storage_client_factory module
-storage_factory_mock = MagicMock()
-storage_factory_mock.create_storage_client_from_config = MagicMock(
-    return_value=storage_client_mock)
-sys.modules['nexent.storage.storage_client_factory'] = storage_factory_mock
-
-# Create a more comprehensive mock for the database client module
-db_client_mock = MagicMock()
-
-# Mock classes to prevent instantiation
-db_client_mock.MinioClient = MagicMock(return_value=minio_client_mock)
-db_client_mock.PostgresClient = MagicMock()
-
-# Mock global variables that get assigned at module level
-db_client_mock.minio_client = minio_client_mock
-db_client_mock.db_client = MagicMock()
-
-# Mock utility functions
-db_client_mock.as_dict = MagicMock()
-db_client_mock.get_db_session = MagicMock()
-
-# Set the mock module BEFORE any imports that might trigger it
-sys.modules['backend.database.client'] = db_client_mock
-
-# Also mock the submodules that might be imported
-sys.modules['backend.database'] = MagicMock()
-sys.modules['database'] = MagicMock()
-sys.modules['database.client'] = db_client_mock
-
-# Mock model management database module
-model_mgmt_mock = MagicMock()
-model_mgmt_mock.get_model_id_by_display_name = MagicMock(return_value=None)
-sys.modules['database.model_management_db'] = model_mgmt_mock
-
-# Mock utils modules
-utils_config_mock = MagicMock()
-utils_config_mock.get_env_key = MagicMock(return_value="TEST_KEY")
-utils_config_mock.get_model_name_from_config = MagicMock(
-    return_value="test-model")
-utils_config_mock.safe_value = MagicMock(return_value="safe_value")
-utils_config_mock.tenant_config_manager = MagicMock()
-sys.modules['utils.config_utils'] = utils_config_mock
-sys.modules['utils'] = MagicMock()
-
-# Mock elasticsearch
-es_mock = MagicMock()
-es_mock.Elasticsearch = MagicMock(return_value=MagicMock())
-sys.modules['elasticsearch'] = es_mock
-
-# Mock consts package and submodules
-consts_mock = MagicMock()
-consts_const_mock = MagicMock()
-# Mock the constants used in config_sync_service
-consts_const_mock.APP_DESCRIPTION = "Test description"
-consts_const_mock.APP_NAME = "Test app"
-consts_const_mock.AVATAR_URI = "test-avatar"
-consts_const_mock.CUSTOM_ICON_URL = "test-custom-url"
-consts_const_mock.ICON_TYPE = "test-icon-type"
-consts_const_mock.MODEL_CONFIG_MAPPING = {}
-consts_const_mock.LANGUAGE = {"ZH": "zh", "EN": "en"}
-consts_const_mock.DEFAULT_APP_DESCRIPTION_EN = "Default description"
-consts_const_mock.DEFAULT_APP_DESCRIPTION_ZH = "默认描述"
-consts_const_mock.DEFAULT_APP_NAME_EN = "Default App"
-consts_const_mock.DEFAULT_APP_NAME_ZH = "默认应用"
-consts_const_mock.MODEL_ENGINE_ENABLED = "false"  # Default to false
-consts_mock.const = consts_const_mock
-sys.modules['consts'] = consts_mock
-sys.modules['consts.const'] = consts_const_mock
-
-# NOW we can safely import the modules under test
-
-# Note: We already mock the entire backend.database.client module above,
-# so we don't need additional patches for individual classes within that module
-
-# NOW we can safely import the modules under test
+patch('nexent.storage.storage_client_factory.create_storage_client_from_config',
+      return_value=storage_client_mock).start()
+patch('nexent.storage.minio_config.MinIOStorageConfig.validate',
+      lambda self: None).start()
+patch('backend.database.client.MinioClient',
+      return_value=minio_client_mock).start()
+patch('database.client.MinioClient', return_value=minio_client_mock).start()
+patch('backend.database.client.minio_client', minio_client_mock).start()
+patch('elasticsearch.Elasticsearch', return_value=MagicMock()).start()
 
 
 @pytest.fixture
@@ -253,6 +175,83 @@ def test_handle_model_config_none_model_id(self, service_mocks):
             tenant_id, config_key)
         service_mocks['tenant_config_manager'].set_single_config.assert_not_called()
 
+    def test_handle_model_config_empty_string_model_id(self, service_mocks):
+        """Test handle_model_config when model_id is empty string"""
+        # Setup
+        tenant_id = "test_tenant_id"
+        user_id = "test_user_id"
+        config_key = "LLM_ID"
+        model_id = ""
+        tenant_config_dict = {"LLM_ID": "123"}
+
+        # Execute
+        handle_model_config(tenant_id, user_id, config_key,
+                            model_id, tenant_config_dict)
+
+        # Assert - empty string should be treated as falsy and delete existing config
+        service_mocks['tenant_config_manager'].delete_single_config.assert_called_once_with(
+            tenant_id, config_key)
+        service_mocks['tenant_config_manager'].set_single_config.assert_not_called()
+
+    def test_handle_model_config_invalid_string_model_id(self, service_mocks):
+        """Test handle_model_config when model_id is non-numeric string"""
+        # Setup
+        tenant_id = "test_tenant_id"
+        user_id = "test_user_id"
+        config_key = "LLM_ID"
+        model_id = "invalid"
+        tenant_config_dict = {"LLM_ID": "123"}
+
+        # Execute
+        handle_model_config(tenant_id, user_id, config_key,
+                            model_id, tenant_config_dict)
+
+        # Assert - should delete existing and set new value
+        service_mocks['tenant_config_manager'].delete_single_config.assert_called_once_with(
+            tenant_id, config_key)
+        service_mocks['tenant_config_manager'].set_single_config.assert_called_once_with(
+            user_id, tenant_id, config_key, model_id
+        )
+
+    def test_handle_model_config_empty_tenant_config_dict(self, service_mocks):
+        """Test handle_model_config when tenant_config_dict is empty"""
+        # Setup
+        tenant_id = "test_tenant_id"
+        user_id = "test_user_id"
+        config_key = "LLM_ID"
+        model_id = 456
+        tenant_config_dict = {}
+
+        # Execute
+        handle_model_config(tenant_id, user_id, config_key,
+                            model_id, tenant_config_dict)
+
+        # Assert - should set new config since key doesn't exist
+        service_mocks['tenant_config_manager'].delete_single_config.assert_not_called()
+        service_mocks['tenant_config_manager'].set_single_config.assert_called_once_with(
+            user_id, tenant_id, config_key, model_id
+        )
+
+    def test_handle_model_config_zero_model_id_with_existing_config(self, service_mocks):
+        """Test handle_model_config when model_id is 0 and config exists"""
+        # Setup
+        tenant_id = "test_tenant_id"
+        user_id = "test_user_id"
+        config_key = "LLM_ID"
+        model_id = 0
+        tenant_config_dict = {"LLM_ID": "123"}
+
+        # Execute
+        handle_model_config(tenant_id, user_id, config_key,
+                            model_id, tenant_config_dict)
+
+        # Assert - should delete existing and set new value (0 is falsy but should be treated as valid model_id)
+        service_mocks['tenant_config_manager'].delete_single_config.assert_called_once_with(
+            tenant_id, config_key)
+        service_mocks['tenant_config_manager'].set_single_config.assert_called_once_with(
+            user_id, tenant_id, config_key, model_id
+        )
+
 
 class TestSaveConfigImpl:
     """Test cases for save_config_impl function"""
@@ -773,6 +772,180 @@ async def test_save_config_impl_app_config_new_keys(self, service_mocks):
         service_mocks['tenant_config_manager'].delete_single_config.assert_not_called()
         service_mocks['tenant_config_manager'].update_single_config.assert_not_called()
 
+    @pytest.mark.asyncio
+    async def test_save_config_impl_model_dump_exception(self, service_mocks):
+        """Test save_config_impl when config.model_dump() raises exception"""
+        # Setup
+        config = MagicMock()
+        config.model_dump.side_effect = Exception("Serialization failed")
+
+        tenant_id = "test_tenant_id"
+        user_id = "test_user_id"
+
+        # Execute and assert exception is raised
+        with pytest.raises(Exception) as exc_info:
+            await save_config_impl(config, tenant_id, user_id)
+
+        assert "Serialization failed" in str(exc_info.value)
+
+    @pytest.mark.asyncio
+    async def test_save_config_impl_load_config_exception(self, service_mocks):
+        """Test save_config_impl when load_config raises exception"""
+        # Setup
+        config = MagicMock()
+        config_dict = {"app": {"name": "Test App"}}
+        config.model_dump.return_value = config_dict
+
+        tenant_id = "test_tenant_id"
+        user_id = "test_user_id"
+
+        # Mock load_config to raise exception
+        service_mocks['tenant_config_manager'].load_config.side_effect = Exception(
+            "Database connection failed")
+
+        # Execute and assert exception is raised
+        with pytest.raises(Exception) as exc_info:
+            await save_config_impl(config, tenant_id, user_id)
+
+        assert "Database connection failed" in str(exc_info.value)
+
+    @pytest.mark.asyncio
+    async def test_save_config_impl_get_model_id_exception(self, service_mocks):
+        """Test save_config_impl when get_model_id_by_display_name raises exception"""
+        # Setup
+        config = MagicMock()
+        config_dict = {
+            "app": {"name": "Test App"},
+            "models": {
+                "llm": {
+                    "modelName": "gpt-4",
+                    "displayName": "GPT-4"
+                }
+            }
+        }
+        config.model_dump.return_value = config_dict
+
+        tenant_id = "test_tenant_id"
+        user_id = "test_user_id"
+
+        # Mock tenant config
+        service_mocks['tenant_config_manager'].load_config.return_value = {}
+
+        # Mock get_env_key
+        service_mocks['get_env_key'].side_effect = lambda key: key.upper()
+
+        # Mock safe_value
+        service_mocks['safe_value'].side_effect = lambda value: str(
+            value) if value is not None else ""
+
+        # Mock get_model_id_by_display_name to raise exception
+        service_mocks['get_model_id'].side_effect = Exception(
+            "Model not found")
+
+        # Execute and assert exception is raised
+        with pytest.raises(Exception) as exc_info:
+            await save_config_impl(config, tenant_id, user_id)
+
+        assert "Model not found" in str(exc_info.value)
+
+    @pytest.mark.asyncio
+    async def test_save_config_impl_empty_config_dict(self, service_mocks):
+        """Test save_config_impl with empty config_dict"""
+        # Setup
+        config = MagicMock()
+        config_dict = {}
+        config.model_dump.return_value = config_dict
+
+        tenant_id = "test_tenant_id"
+        user_id = "test_user_id"
+
+        # Mock tenant config
+        service_mocks['tenant_config_manager'].load_config.return_value = {}
+
+        # Execute
+        result = await save_config_impl(config, tenant_id, user_id)
+
+        # Assert
+        assert result is None
+        # Should not call any config operations since config_dict is empty
+        service_mocks['tenant_config_manager'].set_single_config.assert_not_called()
+        service_mocks['tenant_config_manager'].delete_single_config.assert_not_called()
+        service_mocks['tenant_config_manager'].update_single_config.assert_not_called()
+
+    @pytest.mark.asyncio
+    async def test_save_config_impl_empty_models_section(self, service_mocks):
+        """Test save_config_impl with empty models section"""
+        # Setup
+        config = MagicMock()
+        config_dict = {
+            "app": {"name": "Test App"},
+            "models": {}
+        }
+        config.model_dump.return_value = config_dict
+
+        tenant_id = "test_tenant_id"
+        user_id = "test_user_id"
+
+        # Mock tenant config
+        service_mocks['tenant_config_manager'].load_config.return_value = {}
+
+        # Mock get_env_key
+        service_mocks['get_env_key'].side_effect = lambda key: key.upper()
+
+        # Mock safe_value
+        service_mocks['safe_value'].side_effect = lambda value: str(
+            value) if value is not None else ""
+
+        # Execute
+        result = await save_config_impl(config, tenant_id, user_id)
+
+        # Assert
+        assert result is None
+        # Should only process app config, not model config
+        service_mocks['get_model_id'].assert_not_called()
+
+    @pytest.mark.asyncio
+    async def test_save_config_impl_embedding_without_api_config(self, service_mocks):
+        """Test save_config_impl with embedding model without apiConfig"""
+        # Setup
+        config = MagicMock()
+        config_dict = {
+            "app": {"name": "Test App"},
+            "models": {
+                "embedding": {
+                    "modelName": "text-embedding-ada-002",
+                    "displayName": "Ada Embeddings",
+                    "dimension": 1536
+                }
+            }
+        }
+        config.model_dump.return_value = config_dict
+
+        tenant_id = "test_tenant_id"
+        user_id = "test_user_id"
+
+        # Mock tenant config
+        service_mocks['tenant_config_manager'].load_config.return_value = {}
+
+        # Mock get_env_key
+        service_mocks['get_env_key'].side_effect = lambda key: key.upper()
+
+        # Mock safe_value
+        service_mocks['safe_value'].side_effect = lambda value: str(
+            value) if value is not None else ""
+
+        # Mock get_model_id_by_display_name
+        service_mocks['get_model_id'].return_value = "embedding-model-id"
+
+        # Execute
+        result = await save_config_impl(config, tenant_id, user_id)
+
+        # Assert
+        assert result is None
+        # Should not try to access apiConfig since it's not present
+        service_mocks['logger'].info.assert_called_once_with(
+            "Configuration saved successfully")
+
 
 class TestLoadConfigImpl:
     """Test cases for load_config_impl function"""
@@ -822,14 +995,10 @@ async def test_load_config_impl_english(self, service_mocks):
             ""           # TTS_ID
         ]
 
-        # Mock MODEL_ENGINE_ENABLED for this test
-        with patch('backend.services.config_sync_service.MODEL_ENGINE_ENABLED', "true"):
-            # Execute
-            result = await load_config_impl(language, tenant_id)
+        # Execute
+        result = await load_config_impl(language, tenant_id)
 
         assert result["app"]["name"] == "Custom App Name"
-        # Default value when MODEL_ENGINE_ENABLED == "true"
-        assert result["app"]["modelEngineEnabled"] is True
         assert result["models"]["llm"]["displayName"] == "Test LLM"
 
     @pytest.mark.asyncio
@@ -848,14 +1017,11 @@ async def test_load_config_impl_chinese(self, service_mocks):
         # Mock model name conversion to return string values
         service_mocks['get_model_name'].return_value = ""
 
-        # Mock MODEL_ENGINE_ENABLED for this test
-        with patch('backend.services.config_sync_service.MODEL_ENGINE_ENABLED', "true"):
-            # Execute
-            result = await load_config_impl(language, tenant_id)
+        # Execute
+        result = await load_config_impl(language, tenant_id)
 
         # Check Chinese default values
         assert result["app"]["name"] == "Nexent 智能体"
-        assert result["app"]["modelEngineEnabled"] is True
 
     @pytest.mark.asyncio
     async def test_load_config_impl_with_embedding_dimension(self, service_mocks):
@@ -959,6 +1125,97 @@ async def test_load_config_impl_exception(self, service_mocks):
                 f"Failed to load config for tenant {tenant_id}: Database connection failed"
             )
 
+    @pytest.mark.asyncio
+    async def test_load_config_impl_empty_language(self, service_mocks):
+        """Test loading configuration with empty language"""
+        # Setup
+        language = ""
+        tenant_id = "test_tenant_id"
+
+        # Mock empty configurations to avoid default values
+        service_mocks['tenant_config_manager'].get_app_config.return_value = None
+        service_mocks['tenant_config_manager'].get_model_config.return_value = {}
+
+        # Mock model name conversion to return string values
+        service_mocks['get_model_name'].return_value = ""
+
+        # Execute
+        result = await load_config_impl(language, tenant_id)
+
+        # Assert - should use English defaults when language is empty
+        assert result["app"]["name"] == "Nexent"  # DEFAULT_APP_NAME_EN
+        assert result["models"]["llm"]["name"] == ""
+
+    @pytest.mark.asyncio
+    async def test_load_config_impl_invalid_language(self, service_mocks):
+        """Test loading configuration with invalid language"""
+        # Setup
+        language = "invalid"
+        tenant_id = "test_tenant_id"
+
+        # Mock empty configurations to avoid default values
+        service_mocks['tenant_config_manager'].get_app_config.return_value = None
+        service_mocks['tenant_config_manager'].get_model_config.return_value = {}
+
+        # Mock model name conversion to return string values
+        service_mocks['get_model_name'].return_value = ""
+
+        # Execute
+        result = await load_config_impl(language, tenant_id)
+
+        # Assert - should use English defaults when language is invalid
+        assert result["app"]["name"] == "Nexent"  # DEFAULT_APP_NAME_EN
+        assert result["models"]["llm"]["name"] == ""
+
+    @pytest.mark.asyncio
+    async def test_load_config_impl_empty_tenant_id(self, service_mocks):
+        """Test loading configuration with empty tenant_id"""
+        # Setup
+        language = "en"
+        tenant_id = ""
+
+        # Mock empty configurations to avoid default values
+        service_mocks['tenant_config_manager'].get_app_config.return_value = None
+        service_mocks['tenant_config_manager'].get_model_config.return_value = {}
+
+        # Mock model name conversion to return string values
+        service_mocks['get_model_name'].return_value = ""
+
+        # Execute
+        result = await load_config_impl(language, tenant_id)
+
+        # Assert - should still work with empty tenant_id
+        assert result["app"]["name"] == "Nexent"
+        assert result["models"]["llm"]["name"] == ""
+
+    @pytest.mark.asyncio
+    async def test_load_config_impl_both_build_functions_exception(self, service_mocks):
+        """Test loading configuration when both build functions raise exceptions"""
+        # Setup
+        language = "en"
+        tenant_id = "test_tenant_id"
+
+        # Mock build_app_config to raise an exception
+        with patch('backend.services.config_sync_service.build_app_config') as mock_build_app_config, \
+                patch('backend.services.config_sync_service.build_models_config') as mock_build_models_config:
+
+            mock_build_app_config.side_effect = Exception("App config failed")
+            mock_build_models_config.side_effect = Exception(
+                "Models config failed")
+
+            # Execute and assert that exception is raised
+            with pytest.raises(Exception) as exc_info:
+                await load_config_impl(language, tenant_id)
+
+            # Verify the exception message
+            assert f"Failed to load config for tenant {tenant_id}." in str(
+                exc_info.value)
+
+            # Verify that logger.error was called
+            service_mocks['logger'].error.assert_called_once_with(
+                f"Failed to load config for tenant {tenant_id}: App config failed"
+            )
+
     def test_build_models_config_partial_success(self, service_mocks):
         """Test build_models_config with some successful and some failed configs"""
         # Setup
@@ -1010,86 +1267,376 @@ def side_effect(config_key, tenant_id=None):
             "Failed to get config for EMBEDDING_ID: Database timeout"
         )
 
+    def test_build_models_config_all_success(self, service_mocks):
+        """Test build_models_config with all configurations successful"""
+        # Setup
+        tenant_id = "test_tenant_id"
+
+        # Mock successful model configurations for all model types
+        def side_effect(config_key, tenant_id=None):
+            configs = {
+                "LLM_ID": {
+                    "display_name": "GPT-4",
+                    "api_key": "test-key",
+                    "base_url": "https://api.openai.com"
+                },
+                "LLM_SECONDARY_ID": {},
+                "EMBEDDING_ID": {
+                    "display_name": "Ada Embeddings",
+                    "api_key": "test-key",
+                    "base_url": "https://api.openai.com",
+                    "max_tokens": 1536,
+                    "model_type": "embedding"
+                },
+                "MULTI_EMBEDDING_ID": {},
+                "RERANK_ID": {},
+                "VLM_ID": {},
+                "STT_ID": {},
+                "TTS_ID": {}
+            }
+            return configs.get(config_key, {})
+
+        service_mocks['tenant_config_manager'].get_model_config.side_effect = side_effect
+
+        # Execute
+        result = build_models_config(tenant_id)
+
+        # Assert
+        assert isinstance(result, dict)
+        assert len(result) == 8  # All model types should be present
+
+        # Verify successful configs
+        assert result["llm"]["displayName"] == "GPT-4"
+        assert result["llm"]["apiConfig"]["apiKey"] == "test-key"
+
+        # Verify empty configs are handled
+        assert result["llmSecondary"]["name"] == ""
+        assert result["llmSecondary"]["displayName"] == ""
+
+        # Verify no warnings were logged (all successful)
+        service_mocks['logger'].warning.assert_not_called()
+
+    def test_build_models_config_all_failures(self, service_mocks):
+        """Test build_models_config when all configurations fail"""
+        # Setup
+        tenant_id = "test_tenant_id"
+
+        # Mock all get_model_config calls to raise exceptions
+        service_mocks['tenant_config_manager'].get_model_config.side_effect = Exception(
+            "Database completely down")
+
+        # Execute
+        result = build_models_config(tenant_id)
+
+        # Assert
+        assert isinstance(result, dict)
+        # All model types should still be present with empty configs
+        assert len(result) == 8
+
+        # All configs should be empty due to exceptions
+        for model_key in ["llm", "llmSecondary", "embedding", "multiEmbedding", "rerank", "vlm", "stt", "tts"]:
+            assert result[model_key]["name"] == ""
+            assert result[model_key]["displayName"] == ""
+            assert result[model_key]["apiConfig"]["apiKey"] == ""
+            assert result[model_key]["apiConfig"]["modelUrl"] == ""
+
+        # Verify that logger.warning was called for each model type
+        assert service_mocks['logger'].warning.call_count == 8
+        warning_calls = service_mocks['logger'].warning.call_args_list
+        expected_configs = ["LLM_ID", "LLM_SECONDARY_ID", "EMBEDDING_ID", "MULTI_EMBEDDING_ID",
+                            "RERANK_ID", "VLM_ID", "STT_ID", "TTS_ID"]
+        for i, config_key in enumerate(expected_configs):
+            assert f"Failed to get config for {config_key}: Database completely down" in warning_calls[
+                i][0][0]
+
 
 class TestBuildAppConfig:
     """Test cases for build_app_config function"""
 
-    @pytest.mark.parametrize("language,expected_name,expected_description", [
-        ("zh", "中文应用名称", "中文应用描述"),
-        ("en", "English App Name", "English app description"),
-        # Default to English
-        ("unknown", "English App Name", "English app description"),
-    ])
-    def test_build_app_config_with_custom_values(self, service_mocks, language, expected_name, expected_description):
-        """Test build_app_config with custom app values"""
+    def test_build_app_config_english_with_values(self, service_mocks):
+        """Test build_app_config with English language and all config values present"""
         # Setup
+        language = "en"
         tenant_id = "test_tenant_id"
 
-        # Mock tenant config manager to return custom values
+        # Mock all app config values
         service_mocks['tenant_config_manager'].get_app_config.side_effect = [
-            expected_name,      # APP_NAME
-            expected_description,  # APP_DESCRIPTION
-            "custom",           # ICON_TYPE
-            "test-avatar-uri",  # AVATAR_URI
-            "test-custom-url"   # CUSTOM_ICON_URL
+            "Custom App Name",  # APP_NAME
+            "Custom description",  # APP_DESCRIPTION
+            "custom",  # ICON_TYPE
+            "avatar-uri",  # AVATAR_URI
+            "https://custom-icon.com"  # CUSTOM_ICON_URL
+        ]
+
+        # Execute
+        result = build_app_config(language, tenant_id)
+
+        # Assert
+        assert result["name"] == "Custom App Name"
+        assert result["description"] == "Custom description"
+        assert result["icon"]["type"] == "custom"
+        assert result["icon"]["avatarUri"] == "avatar-uri"
+        assert result["icon"]["customUrl"] == "https://custom-icon.com"
+        # MODEL_ENGINE_ENABLED is not mocked, defaults to False
+        assert result["modelEngineEnabled"] == False
+
+        # Verify calls
+        expected_calls = [
+            ("APP_NAME", tenant_id),
+            ("APP_DESCRIPTION", tenant_id),
+            ("ICON_TYPE", tenant_id),
+            ("AVATAR_URI", tenant_id),
+            ("CUSTOM_ICON_URL", tenant_id)
         ]
+        assert service_mocks['tenant_config_manager'].get_app_config.call_count == 5
+        service_mocks['tenant_config_manager'].get_app_config.assert_has_calls(
+            [pytest.call(key, tenant_id=tenant_id)
+             for key, _ in expected_calls]
+        )
+
+    def test_build_app_config_chinese_defaults(self, service_mocks):
+        """Test build_app_config with Chinese language and no config values"""
+        # Setup
+        language = "zh"
+        tenant_id = "test_tenant_id"
 
-        # Mock MODEL_ENGINE_ENABLED
-        with patch('backend.services.config_sync_service.MODEL_ENGINE_ENABLED', "true"):
-            # Execute
-            result = build_app_config(language, tenant_id)
-
-            # Assert
-            assert result["name"] == expected_name
-            assert result["description"] == expected_description
-            assert result["icon"]["type"] == "custom"
-            assert result["icon"]["avatarUri"] == "test-avatar-uri"
-            assert result["icon"]["customUrl"] == "test-custom-url"
-            assert result["modelEngineEnabled"] is True
-
-    @pytest.mark.parametrize("model_engine_enabled_env,expected_enabled", [
-        ("true", True),
-        ("false", False),
-        ("TRUE", True),   # Case insensitive now - "true" in any case should be True
-        ("True", True),   # Case insensitive now - "true" in any case should be True
-        ("", False),
-        (None, False),
-    ])
-    def test_build_app_config_model_engine_enabled(self, service_mocks, model_engine_enabled_env, expected_enabled):
-        """Test build_app_config with different MODEL_ENGINE_ENABLED values (case insensitive for 'true')"""
+        # Mock all app config values to return None (use defaults)
+        service_mocks['tenant_config_manager'].get_app_config.return_value = None
+
+        # Execute
+        result = build_app_config(language, tenant_id)
+
+        # Assert - should use Chinese defaults
+        assert result["name"] == "Nexent 智能体"  # DEFAULT_APP_NAME_ZH
+        # DEFAULT_APP_DESCRIPTION_ZH
+        assert result["description"] == "Nexent 智能体是一个强大的 AI 助手平台"
+        assert result["icon"]["type"] == "preset"
+        assert result["icon"]["avatarUri"] == ""
+        assert result["icon"]["customUrl"] == ""
+        assert result["modelEngineEnabled"] == False
+
+    def test_build_app_config_english_defaults(self, service_mocks):
+        """Test build_app_config with English language and no config values"""
         # Setup
         language = "en"
         tenant_id = "test_tenant_id"
 
-        # Mock tenant config manager to return None (use defaults)
+        # Mock all app config values to return None (use defaults)
         service_mocks['tenant_config_manager'].get_app_config.return_value = None
 
-        # Mock MODEL_ENGINE_ENABLED
-        with patch('backend.services.config_sync_service.MODEL_ENGINE_ENABLED', model_engine_enabled_env):
-            # Execute
-            result = build_app_config(language, tenant_id)
+        # Execute
+        result = build_app_config(language, tenant_id)
+
+        # Assert - should use English defaults
+        assert result["name"] == "Nexent"  # DEFAULT_APP_NAME_EN
+        # DEFAULT_APP_DESCRIPTION_EN
+        assert result["description"] == "Nexent is a powerful AI assistant platform"
+        assert result["icon"]["type"] == "preset"
+        assert result["icon"]["avatarUri"] == ""
+        assert result["icon"]["customUrl"] == ""
+        assert result["modelEngineEnabled"] == False
+
+    def test_build_app_config_partial_values(self, service_mocks):
+        """Test build_app_config with some config values present and some missing"""
+        # Setup
+        language = "en"
+        tenant_id = "test_tenant_id"
+
+        # Mock partial app config values
+        def side_effect(config_key, tenant_id=None):
+            config_map = {
+                "APP_NAME": "Custom App Name",
+                "APP_DESCRIPTION": None,  # Will use default
+                "ICON_TYPE": "custom",
+                "AVATAR_URI": None,  # Will use empty string
+                "CUSTOM_ICON_URL": "https://custom-icon.com"
+            }
+            return config_map.get(config_key)
+
+        service_mocks['tenant_config_manager'].get_app_config.side_effect = side_effect
 
-            # Assert
-            assert result["modelEngineEnabled"] == expected_enabled
+        # Execute
+        result = build_app_config(language, tenant_id)
 
-    def test_build_app_config_with_defaults(self, service_mocks):
-        """Test build_app_config with default values"""
+        # Assert
+        assert result["name"] == "Custom App Name"
+        # Default
+        assert result["description"] == "Nexent is a powerful AI assistant platform"
+        assert result["icon"]["type"] == "custom"
+        assert result["icon"]["avatarUri"] == ""  # Default empty
+        assert result["icon"]["customUrl"] == "https://custom-icon.com"
+        assert result["modelEngineEnabled"] == False
+
+    def test_build_app_config_exception_handling(self, service_mocks):
+        """Test build_app_config when get_app_config raises exception"""
         # Setup
         language = "en"
         tenant_id = "test_tenant_id"
 
-        # Mock tenant config manager to return None (use defaults)
-        service_mocks['tenant_config_manager'].get_app_config.return_value = None
+        # Mock get_app_config to raise exception
+        service_mocks['tenant_config_manager'].get_app_config.side_effect = Exception(
+            "Database timeout")
+
+        # Execute and assert exception is raised (since this function doesn't handle exceptions internally)
+        with pytest.raises(Exception) as exc_info:
+            build_app_config(language, tenant_id)
+
+        assert "Database timeout" in str(exc_info.value)
+
+
+class TestBuildModelConfig:
+    """Test cases for build_model_config function"""
 
-        # Mock MODEL_ENGINE_ENABLED to default
-        with patch('backend.services.config_sync_service.MODEL_ENGINE_ENABLED', "true"):
-            # Execute
-            result = build_app_config(language, tenant_id)
-
-            # Assert default English values
-            assert result["name"] == "Nexent Agent"
-            assert result["description"] == "Nexent is an open-source agent platform built on the MCP tool ecosystem, providing flexible multi-modal Q&A, retrieval, data analysis, and processing capabilities."
-            assert result["icon"]["type"] == "preset"
-            assert result["icon"]["avatarUri"] == ""
-            assert result["icon"]["customUrl"] == ""
-            assert result["modelEngineEnabled"] is True
+    def test_build_model_config_empty_config(self):
+        """Test build_model_config with empty/None config"""
+        # Test with None
+        result = build_model_config(None)
+        assert result == {
+            "name": "",
+            "displayName": "",
+            "apiConfig": {
+                "apiKey": "",
+                "modelUrl": ""
+            }
+        }
+
+        # Test with empty dict
+        result = build_model_config({})
+        assert result == {
+            "name": "",
+            "displayName": "",
+            "apiConfig": {
+                "apiKey": "",
+                "modelUrl": ""
+            }
+        }
+
+    def test_build_model_config_non_embedding_model(self):
+        """Test build_model_config with non-embedding model config"""
+        # Setup
+        model_config = {
+            "display_name": "GPT-4",
+            "api_key": "test-api-key",
+            "base_url": "https://api.openai.com",
+            "model_type": "llm",
+            "max_tokens": 4096
+        }
+
+        # Execute
+        result = build_model_config(model_config)
+
+        # Assert
+        # get_model_name_from_config is mocked to return ""
+        assert result["name"] == ""
+        assert result["displayName"] == "GPT-4"
+        assert result["apiConfig"]["apiKey"] == "test-api-key"
+        assert result["apiConfig"]["modelUrl"] == "https://api.openai.com"
+        # Should not have dimension field for non-embedding models
+        assert "dimension" not in result
+
+    def test_build_model_config_embedding_model(self):
+        """Test build_model_config with embedding model config"""
+        # Setup
+        model_config = {
+            "display_name": "Ada Embeddings",
+            "api_key": "test-api-key",
+            "base_url": "https://api.openai.com",
+            "model_type": "embedding",
+            "max_tokens": 1536
+        }
+
+        # Execute
+        result = build_model_config(model_config)
+
+        # Assert
+        # get_model_name_from_config is mocked to return ""
+        assert result["name"] == ""
+        assert result["displayName"] == "Ada Embeddings"
+        assert result["apiConfig"]["apiKey"] == "test-api-key"
+        assert result["apiConfig"]["modelUrl"] == "https://api.openai.com"
+        # Should have dimension field for embedding models
+        assert result["dimension"] == 1536
+
+    def test_build_model_config_multi_embedding_model(self):
+        """Test build_model_config with multi_embedding model config"""
+        # Setup
+        model_config = {
+            "display_name": "Multi Ada Embeddings",
+            "api_key": "test-api-key",
+            "base_url": "https://api.openai.com",
+            "model_type": "multi_embedding",
+            "max_tokens": 768
+        }
+
+        # Execute
+        result = build_model_config(model_config)
+
+        # Assert
+        # get_model_name_from_config is mocked to return ""
+        assert result["name"] == ""
+        assert result["displayName"] == "Multi Ada Embeddings"
+        assert result["apiConfig"]["apiKey"] == "test-api-key"
+        assert result["apiConfig"]["modelUrl"] == "https://api.openai.com"
+        # Should have dimension field for multi_embedding models
+        assert result["dimension"] == 768
+
+    def test_build_model_config_partial_fields(self):
+        """Test build_model_config with partial fields missing"""
+        # Setup
+        model_config = {
+            "display_name": "Test Model",
+            # api_key and base_url are missing
+            "model_type": "llm"
+        }
+
+        # Execute
+        result = build_model_config(model_config)
+
+        # Assert
+        assert result["name"] == ""
+        assert result["displayName"] == "Test Model"
+        assert result["apiConfig"]["apiKey"] == ""  # Default empty
+        assert result["apiConfig"]["modelUrl"] == ""  # Default empty
+        assert "dimension" not in result  # No dimension for llm
+
+    def test_build_model_config_embedding_without_max_tokens(self):
+        """Test build_model_config with embedding model but no max_tokens"""
+        # Setup
+        model_config = {
+            "display_name": "Test Embedding",
+            "api_key": "test-key",
+            "base_url": "https://test.com",
+            "model_type": "embedding"
+            # max_tokens is missing
+        }
+
+        # Execute
+        result = build_model_config(model_config)
+
+        # Assert
+        assert result["name"] == ""
+        assert result["displayName"] == "Test Embedding"
+        assert result["apiConfig"]["apiKey"] == "test-key"
+        assert result["apiConfig"]["modelUrl"] == "https://test.com"
+        # Should have dimension field with default value 0
+        assert result["dimension"] == 0
+
+    def test_build_model_config_model_type_partial_match(self):
+        """Test build_model_config with model_type that partially contains 'embedding'"""
+        # Setup
+        model_config = {
+            "display_name": "Test Model",
+            "api_key": "test-key",
+            "model_type": "some_embedding_type",  # Contains 'embedding'
+            "max_tokens": 512
+        }
+
+        # Execute
+        result = build_model_config(model_config)
+
+        # Assert
+        assert result["name"] == ""
+        assert result["displayName"] == "Test Model"
+        assert result["apiConfig"]["apiKey"] == "test-key"
+        # Should have dimension since model_type contains 'embedding'
+        assert result["dimension"] == 512

From 6bf86995f584d77d679913fdaa9701d70d623743 Mon Sep 17 00:00:00 2001
From: zhizhi <928570418@qq.com>
Date: Wed, 14 Jan 2026 09:03:53 +0800
Subject: [PATCH 16/38] =?UTF-8?q?=E2=9C=A8Added=20ModelEngine=20ENV=20Conf?=
 =?UTF-8?q?ig?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../services/test_config_sync_service.py      | 194 ++++++++++--------
 1 file changed, 112 insertions(+), 82 deletions(-)

diff --git a/test/backend/services/test_config_sync_service.py b/test/backend/services/test_config_sync_service.py
index 7557b2e85..863564b24 100644
--- a/test/backend/services/test_config_sync_service.py
+++ b/test/backend/services/test_config_sync_service.py
@@ -1,13 +1,5 @@
-from backend.services.config_sync_service import (
-    handle_model_config,
-    save_config_impl,
-    load_config_impl,
-    build_models_config,
-    build_app_config,
-    build_model_config
-)
 import sys
-from unittest.mock import patch, MagicMock
+from unittest.mock import patch, MagicMock, call
 
 import pytest
 
@@ -25,16 +17,34 @@
 minio_client_mock = MagicMock()
 minio_client_mock._ensure_bucket_exists = MagicMock()
 minio_client_mock.client = MagicMock()
+
+# Mock the entire MinIOStorageConfig class to avoid validation
+minio_config_mock = MagicMock()
+minio_config_mock.validate = MagicMock()
+
 patch('nexent.storage.storage_client_factory.create_storage_client_from_config',
       return_value=storage_client_mock).start()
-patch('nexent.storage.minio_config.MinIOStorageConfig.validate',
-      lambda self: None).start()
+patch('nexent.storage.minio_config.MinIOStorageConfig',
+      return_value=minio_config_mock).start()
 patch('backend.database.client.MinioClient',
       return_value=minio_client_mock).start()
 patch('database.client.MinioClient', return_value=minio_client_mock).start()
 patch('backend.database.client.minio_client', minio_client_mock).start()
 patch('elasticsearch.Elasticsearch', return_value=MagicMock()).start()
 
+# Import backend modules after all patches are applied
+# Use additional context manager to ensure MinioClient is properly mocked during import
+with patch('backend.database.client.MinioClient', return_value=minio_client_mock), \
+        patch('nexent.storage.minio_config.MinIOStorageConfig', return_value=minio_config_mock):
+    from backend.services.config_sync_service import (
+        handle_model_config,
+        save_config_impl,
+        load_config_impl,
+        build_models_config,
+        build_app_config,
+        build_model_config
+    )
+
 
 @pytest.fixture
 def service_mocks():
@@ -188,10 +198,12 @@ def test_handle_model_config_empty_string_model_id(self, service_mocks):
         handle_model_config(tenant_id, user_id, config_key,
                             model_id, tenant_config_dict)
 
-        # Assert - empty string should be treated as falsy and delete existing config
+        # Assert - empty string is not falsy, so it should delete existing and set new value
         service_mocks['tenant_config_manager'].delete_single_config.assert_called_once_with(
             tenant_id, config_key)
-        service_mocks['tenant_config_manager'].set_single_config.assert_not_called()
+        service_mocks['tenant_config_manager'].set_single_config.assert_called_once_with(
+            user_id, tenant_id, config_key, model_id
+        )
 
     def test_handle_model_config_invalid_string_model_id(self, service_mocks):
         """Test handle_model_config when model_id is non-numeric string"""
@@ -1143,7 +1155,7 @@ async def test_load_config_impl_empty_language(self, service_mocks):
         result = await load_config_impl(language, tenant_id)
 
         # Assert - should use English defaults when language is empty
-        assert result["app"]["name"] == "Nexent"  # DEFAULT_APP_NAME_EN
+        assert result["app"]["name"] == "Nexent Agent"  # DEFAULT_APP_NAME_EN
         assert result["models"]["llm"]["name"] == ""
 
     @pytest.mark.asyncio
@@ -1164,7 +1176,7 @@ async def test_load_config_impl_invalid_language(self, service_mocks):
         result = await load_config_impl(language, tenant_id)
 
         # Assert - should use English defaults when language is invalid
-        assert result["app"]["name"] == "Nexent"  # DEFAULT_APP_NAME_EN
+        assert result["app"]["name"] == "Nexent Agent"  # DEFAULT_APP_NAME_EN
         assert result["models"]["llm"]["name"] == ""
 
     @pytest.mark.asyncio
@@ -1185,7 +1197,7 @@ async def test_load_config_impl_empty_tenant_id(self, service_mocks):
         result = await load_config_impl(language, tenant_id)
 
         # Assert - should still work with empty tenant_id
-        assert result["app"]["name"] == "Nexent"
+        assert result["app"]["name"] == "Nexent Agent"
         assert result["models"]["llm"]["name"] == ""
 
     @pytest.mark.asyncio
@@ -1303,16 +1315,12 @@ def side_effect(config_key, tenant_id=None):
 
         # Assert
         assert isinstance(result, dict)
-        assert len(result) == 8  # All model types should be present
+        assert len(result) == 7  # All model types should be present
 
         # Verify successful configs
         assert result["llm"]["displayName"] == "GPT-4"
         assert result["llm"]["apiConfig"]["apiKey"] == "test-key"
 
-        # Verify empty configs are handled
-        assert result["llmSecondary"]["name"] == ""
-        assert result["llmSecondary"]["displayName"] == ""
-
         # Verify no warnings were logged (all successful)
         service_mocks['logger'].warning.assert_not_called()
 
@@ -1331,19 +1339,19 @@ def test_build_models_config_all_failures(self, service_mocks):
         # Assert
         assert isinstance(result, dict)
         # All model types should still be present with empty configs
-        assert len(result) == 8
+        assert len(result) == 7
 
         # All configs should be empty due to exceptions
-        for model_key in ["llm", "llmSecondary", "embedding", "multiEmbedding", "rerank", "vlm", "stt", "tts"]:
+        for model_key in ["llm", "embedding", "multiEmbedding", "rerank", "vlm", "stt", "tts"]:
             assert result[model_key]["name"] == ""
             assert result[model_key]["displayName"] == ""
             assert result[model_key]["apiConfig"]["apiKey"] == ""
             assert result[model_key]["apiConfig"]["modelUrl"] == ""
 
         # Verify that logger.warning was called for each model type
-        assert service_mocks['logger'].warning.call_count == 8
+        assert service_mocks['logger'].warning.call_count == 7
         warning_calls = service_mocks['logger'].warning.call_args_list
-        expected_configs = ["LLM_ID", "LLM_SECONDARY_ID", "EMBEDDING_ID", "MULTI_EMBEDDING_ID",
+        expected_configs = ["LLM_ID", "EMBEDDING_ID", "MULTI_EMBEDDING_ID",
                             "RERANK_ID", "VLM_ID", "STT_ID", "TTS_ID"]
         for i, config_key in enumerate(expected_configs):
             assert f"Failed to get config for {config_key}: Database completely down" in warning_calls[
@@ -1368,17 +1376,18 @@ def test_build_app_config_english_with_values(self, service_mocks):
             "https://custom-icon.com"  # CUSTOM_ICON_URL
         ]
 
-        # Execute
-        result = build_app_config(language, tenant_id)
+        # Mock MODEL_ENGINE_ENABLED
+        with patch('backend.services.config_sync_service.MODEL_ENGINE_ENABLED', 'false'):
+            # Execute
+            result = build_app_config(language, tenant_id)
 
-        # Assert
-        assert result["name"] == "Custom App Name"
-        assert result["description"] == "Custom description"
-        assert result["icon"]["type"] == "custom"
-        assert result["icon"]["avatarUri"] == "avatar-uri"
-        assert result["icon"]["customUrl"] == "https://custom-icon.com"
-        # MODEL_ENGINE_ENABLED is not mocked, defaults to False
-        assert result["modelEngineEnabled"] == False
+            # Assert
+            assert result["name"] == "Custom App Name"
+            assert result["description"] == "Custom description"
+            assert result["icon"]["type"] == "custom"
+            assert result["icon"]["avatarUri"] == "avatar-uri"
+            assert result["icon"]["customUrl"] == "https://custom-icon.com"
+            assert result["modelEngineEnabled"] == False
 
         # Verify calls
         expected_calls = [
@@ -1390,7 +1399,7 @@ def test_build_app_config_english_with_values(self, service_mocks):
         ]
         assert service_mocks['tenant_config_manager'].get_app_config.call_count == 5
         service_mocks['tenant_config_manager'].get_app_config.assert_has_calls(
-            [pytest.call(key, tenant_id=tenant_id)
+            [call(key, tenant_id=tenant_id)
              for key, _ in expected_calls]
         )
 
@@ -1403,17 +1412,19 @@ def test_build_app_config_chinese_defaults(self, service_mocks):
         # Mock all app config values to return None (use defaults)
         service_mocks['tenant_config_manager'].get_app_config.return_value = None
 
-        # Execute
-        result = build_app_config(language, tenant_id)
+        # Mock MODEL_ENGINE_ENABLED
+        with patch('backend.services.config_sync_service.MODEL_ENGINE_ENABLED', 'false'):
+            # Execute
+            result = build_app_config(language, tenant_id)
 
-        # Assert - should use Chinese defaults
-        assert result["name"] == "Nexent 智能体"  # DEFAULT_APP_NAME_ZH
-        # DEFAULT_APP_DESCRIPTION_ZH
-        assert result["description"] == "Nexent 智能体是一个强大的 AI 助手平台"
-        assert result["icon"]["type"] == "preset"
-        assert result["icon"]["avatarUri"] == ""
-        assert result["icon"]["customUrl"] == ""
-        assert result["modelEngineEnabled"] == False
+            # Assert - should use Chinese defaults
+            assert result["name"] == "Nexent 智能体"  # DEFAULT_APP_NAME_ZH
+            # DEFAULT_APP_DESCRIPTION_ZH
+            assert result["description"] == "Nexent 是一个开源智能体平台，基于 MCP 工具生态系统，提供灵活的多模态问答、检索、数据分析、处理等能力。"
+            assert result["icon"]["type"] == "preset"
+            assert result["icon"]["avatarUri"] == ""
+            assert result["icon"]["customUrl"] == ""
+            assert result["modelEngineEnabled"] == False
 
     def test_build_app_config_english_defaults(self, service_mocks):
         """Test build_app_config with English language and no config values"""
@@ -1424,17 +1435,19 @@ def test_build_app_config_english_defaults(self, service_mocks):
         # Mock all app config values to return None (use defaults)
         service_mocks['tenant_config_manager'].get_app_config.return_value = None
 
-        # Execute
-        result = build_app_config(language, tenant_id)
+        # Mock MODEL_ENGINE_ENABLED
+        with patch('backend.services.config_sync_service.MODEL_ENGINE_ENABLED', 'false'):
+            # Execute
+            result = build_app_config(language, tenant_id)
 
-        # Assert - should use English defaults
-        assert result["name"] == "Nexent"  # DEFAULT_APP_NAME_EN
-        # DEFAULT_APP_DESCRIPTION_EN
-        assert result["description"] == "Nexent is a powerful AI assistant platform"
-        assert result["icon"]["type"] == "preset"
-        assert result["icon"]["avatarUri"] == ""
-        assert result["icon"]["customUrl"] == ""
-        assert result["modelEngineEnabled"] == False
+            # Assert - should use English defaults
+            assert result["name"] == "Nexent Agent"  # DEFAULT_APP_NAME_EN
+            # DEFAULT_APP_DESCRIPTION_EN
+            assert result["description"] == "Nexent is an open-source agent platform built on the MCP tool ecosystem, providing flexible multi-modal Q&A, retrieval, data analysis, and processing capabilities."
+            assert result["icon"]["type"] == "preset"
+            assert result["icon"]["avatarUri"] == ""
+            assert result["icon"]["customUrl"] == ""
+            assert result["modelEngineEnabled"] == False
 
     def test_build_app_config_partial_values(self, service_mocks):
         """Test build_app_config with some config values present and some missing"""
@@ -1455,17 +1468,19 @@ def side_effect(config_key, tenant_id=None):
 
         service_mocks['tenant_config_manager'].get_app_config.side_effect = side_effect
 
-        # Execute
-        result = build_app_config(language, tenant_id)
+        # Mock MODEL_ENGINE_ENABLED
+        with patch('backend.services.config_sync_service.MODEL_ENGINE_ENABLED', 'false'):
+            # Execute
+            result = build_app_config(language, tenant_id)
 
-        # Assert
-        assert result["name"] == "Custom App Name"
-        # Default
-        assert result["description"] == "Nexent is a powerful AI assistant platform"
-        assert result["icon"]["type"] == "custom"
-        assert result["icon"]["avatarUri"] == ""  # Default empty
-        assert result["icon"]["customUrl"] == "https://custom-icon.com"
-        assert result["modelEngineEnabled"] == False
+            # Assert
+            assert result["name"] == "Custom App Name"
+            # Default
+            assert result["description"] == "Nexent is an open-source agent platform built on the MCP tool ecosystem, providing flexible multi-modal Q&A, retrieval, data analysis, and processing capabilities."
+            assert result["icon"]["type"] == "custom"
+            assert result["icon"]["avatarUri"] == ""  # Default empty
+            assert result["icon"]["customUrl"] == "https://custom-icon.com"
+            assert result["modelEngineEnabled"] == False
 
     def test_build_app_config_exception_handling(self, service_mocks):
         """Test build_app_config when get_app_config raises exception"""
@@ -1487,7 +1502,7 @@ def test_build_app_config_exception_handling(self, service_mocks):
 class TestBuildModelConfig:
     """Test cases for build_model_config function"""
 
-    def test_build_model_config_empty_config(self):
+    def test_build_model_config_empty_config(self, service_mocks):
         """Test build_model_config with empty/None config"""
         # Test with None
         result = build_model_config(None)
@@ -1511,7 +1526,7 @@ def test_build_model_config_empty_config(self):
             }
         }
 
-    def test_build_model_config_non_embedding_model(self):
+    def test_build_model_config_non_embedding_model(self, service_mocks):
         """Test build_model_config with non-embedding model config"""
         # Setup
         model_config = {
@@ -1522,19 +1537,21 @@ def test_build_model_config_non_embedding_model(self):
             "max_tokens": 4096
         }
 
+        # Mock get_model_name_from_config
+        service_mocks['get_model_name'].return_value = "gpt-4"
+
         # Execute
         result = build_model_config(model_config)
 
         # Assert
-        # get_model_name_from_config is mocked to return ""
-        assert result["name"] == ""
+        assert result["name"] == "gpt-4"
         assert result["displayName"] == "GPT-4"
         assert result["apiConfig"]["apiKey"] == "test-api-key"
         assert result["apiConfig"]["modelUrl"] == "https://api.openai.com"
         # Should not have dimension field for non-embedding models
         assert "dimension" not in result
 
-    def test_build_model_config_embedding_model(self):
+    def test_build_model_config_embedding_model(self, service_mocks):
         """Test build_model_config with embedding model config"""
         # Setup
         model_config = {
@@ -1545,19 +1562,21 @@ def test_build_model_config_embedding_model(self):
             "max_tokens": 1536
         }
 
+        # Mock get_model_name_from_config
+        service_mocks['get_model_name'].return_value = "text-embedding-ada-002"
+
         # Execute
         result = build_model_config(model_config)
 
         # Assert
-        # get_model_name_from_config is mocked to return ""
-        assert result["name"] == ""
+        assert result["name"] == "text-embedding-ada-002"
         assert result["displayName"] == "Ada Embeddings"
         assert result["apiConfig"]["apiKey"] == "test-api-key"
         assert result["apiConfig"]["modelUrl"] == "https://api.openai.com"
         # Should have dimension field for embedding models
         assert result["dimension"] == 1536
 
-    def test_build_model_config_multi_embedding_model(self):
+    def test_build_model_config_multi_embedding_model(self, service_mocks):
         """Test build_model_config with multi_embedding model config"""
         # Setup
         model_config = {
@@ -1568,19 +1587,21 @@ def test_build_model_config_multi_embedding_model(self):
             "max_tokens": 768
         }
 
+        # Mock get_model_name_from_config
+        service_mocks['get_model_name'].return_value = "text-embedding-3-small"
+
         # Execute
         result = build_model_config(model_config)
 
         # Assert
-        # get_model_name_from_config is mocked to return ""
-        assert result["name"] == ""
+        assert result["name"] == "text-embedding-3-small"
         assert result["displayName"] == "Multi Ada Embeddings"
         assert result["apiConfig"]["apiKey"] == "test-api-key"
         assert result["apiConfig"]["modelUrl"] == "https://api.openai.com"
         # Should have dimension field for multi_embedding models
         assert result["dimension"] == 768
 
-    def test_build_model_config_partial_fields(self):
+    def test_build_model_config_partial_fields(self, service_mocks):
         """Test build_model_config with partial fields missing"""
         # Setup
         model_config = {
@@ -1589,17 +1610,20 @@ def test_build_model_config_partial_fields(self):
             "model_type": "llm"
         }
 
+        # Mock get_model_name_from_config
+        service_mocks['get_model_name'].return_value = "test-model"
+
         # Execute
         result = build_model_config(model_config)
 
         # Assert
-        assert result["name"] == ""
+        assert result["name"] == "test-model"
         assert result["displayName"] == "Test Model"
         assert result["apiConfig"]["apiKey"] == ""  # Default empty
         assert result["apiConfig"]["modelUrl"] == ""  # Default empty
         assert "dimension" not in result  # No dimension for llm
 
-    def test_build_model_config_embedding_without_max_tokens(self):
+    def test_build_model_config_embedding_without_max_tokens(self, service_mocks):
         """Test build_model_config with embedding model but no max_tokens"""
         # Setup
         model_config = {
@@ -1610,18 +1634,21 @@ def test_build_model_config_embedding_without_max_tokens(self):
             # max_tokens is missing
         }
 
+        # Mock get_model_name_from_config
+        service_mocks['get_model_name'].return_value = "test-embedding"
+
         # Execute
         result = build_model_config(model_config)
 
         # Assert
-        assert result["name"] == ""
+        assert result["name"] == "test-embedding"
         assert result["displayName"] == "Test Embedding"
         assert result["apiConfig"]["apiKey"] == "test-key"
         assert result["apiConfig"]["modelUrl"] == "https://test.com"
         # Should have dimension field with default value 0
         assert result["dimension"] == 0
 
-    def test_build_model_config_model_type_partial_match(self):
+    def test_build_model_config_model_type_partial_match(self, service_mocks):
         """Test build_model_config with model_type that partially contains 'embedding'"""
         # Setup
         model_config = {
@@ -1631,11 +1658,14 @@ def test_build_model_config_model_type_partial_match(self):
             "max_tokens": 512
         }
 
+        # Mock get_model_name_from_config
+        service_mocks['get_model_name'].return_value = "test-model"
+
         # Execute
         result = build_model_config(model_config)
 
         # Assert
-        assert result["name"] == ""
+        assert result["name"] == "test-model"
         assert result["displayName"] == "Test Model"
         assert result["apiConfig"]["apiKey"] == "test-key"
         # Should have dimension since model_type contains 'embedding'

From dbac33f5108f1f1f071a47649026678a817cbfcf Mon Sep 17 00:00:00 2001
From: xuyaqi <xuyaqist@gmail.com>
Date: Wed, 14 Jan 2026 17:26:42 +0800
Subject: [PATCH 17/38] fix incorrected editable calculation

---
 frontend/app/[locale]/agents/components/AgentConfigComp.tsx  | 5 ++---
 frontend/app/[locale]/agents/components/AgentInfoComp.tsx    | 2 +-
 .../agents/components/agentConfig/ToolManagement.tsx         | 5 +++--
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/frontend/app/[locale]/agents/components/AgentConfigComp.tsx b/frontend/app/[locale]/agents/components/AgentConfigComp.tsx
index 8f8ce4bc3..b510b120a 100644
--- a/frontend/app/[locale]/agents/components/AgentConfigComp.tsx
+++ b/frontend/app/[locale]/agents/components/AgentConfigComp.tsx
@@ -24,7 +24,7 @@ export default function AgentConfigComp({}: AgentConfigCompProps) {
 
   const isCreatingMode = useAgentConfigStore((state) => state.isCreatingMode);
 
-  const editable = !!(currentAgentId || isCreatingMode);
+  const editable = currentAgentId || isCreatingMode;
 
   const [isMcpModalOpen, setIsMcpModalOpen] = useState(false);
   const [isRefreshing, setIsRefreshing] = useState(false);
@@ -51,7 +51,6 @@ export default function AgentConfigComp({}: AgentConfigCompProps) {
     }
   }, [invalidate]);
 
-
   return (
     <>
       {/* Import handled by Ant Design Upload (no hidden input required) */}
@@ -144,7 +143,7 @@ export default function AgentConfigComp({}: AgentConfigCompProps) {
             <ToolManagement
               toolGroups={groupedTools}
               isCreatingMode={isCreatingMode}
-              currentAgentId={currentAgentId?? undefined}
+              currentAgentId={currentAgentId ?? undefined}
             />
           </Col>
         </Row>
diff --git a/frontend/app/[locale]/agents/components/AgentInfoComp.tsx b/frontend/app/[locale]/agents/components/AgentInfoComp.tsx
index 1102c9b73..bb64b3ed6 100644
--- a/frontend/app/[locale]/agents/components/AgentInfoComp.tsx
+++ b/frontend/app/[locale]/agents/components/AgentInfoComp.tsx
@@ -25,7 +25,7 @@ export default function AgentInfoComp({}: AgentInfoCompProps) {
   // Get state from store
   const currentAgentId = useAgentConfigStore((state) => state.currentAgentId);
 
-  const editable = !!(currentAgentId || isCreatingMode);
+  const editable = currentAgentId || isCreatingMode;
 
   // Save guard hook
   const saveGuard = useSaveGuard();
diff --git a/frontend/app/[locale]/agents/components/agentConfig/ToolManagement.tsx b/frontend/app/[locale]/agents/components/agentConfig/ToolManagement.tsx
index 5fb7428be..67815a64a 100644
--- a/frontend/app/[locale]/agents/components/agentConfig/ToolManagement.tsx
+++ b/frontend/app/[locale]/agents/components/agentConfig/ToolManagement.tsx
@@ -26,13 +26,14 @@ interface ToolManagementProps {
  */
 export default function ToolManagement({
   toolGroups,
-  isCreatingMode = true,
+  isCreatingMode,
   currentAgentId,
 }: ToolManagementProps) {
   const { t } = useTranslation("common");
   const queryClient = useQueryClient();
 
-  const editable = currentAgentId !== null || isCreatingMode;
+  const editable = currentAgentId || isCreatingMode;
+  console.log("editable", editable, currentAgentId, isCreatingMode);
   // Get state from store
   const usedTools = useAgentConfigStore((state) => state.editedAgent.tools);
   const updateTools = useAgentConfigStore((state) => state.updateTools);

From 51f930172f1e896fc27dbcc23fa1c19a16e2debf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E8=91=9B=E9=94=90?= <gerui@geruideMacBook-Pro.local>
Date: Thu, 8 Jan 2026 10:58:49 +0800
Subject: [PATCH 18/38] Slected Agents for Agent Market

---
 .../market/components/AgentMarketCard.tsx     |  85 ++++++---
 frontend/app/[locale]/market/page.tsx         | 180 ++++++++++++++----
 frontend/styles/globals.css                   |  42 ++++
 3 files changed, 236 insertions(+), 71 deletions(-)

diff --git a/frontend/app/[locale]/market/components/AgentMarketCard.tsx b/frontend/app/[locale]/market/components/AgentMarketCard.tsx
index 3a0102adf..2b283a74c 100644
--- a/frontend/app/[locale]/market/components/AgentMarketCard.tsx
+++ b/frontend/app/[locale]/market/components/AgentMarketCard.tsx
@@ -12,6 +12,7 @@ interface AgentMarketCardProps {
   agent: MarketAgentListItem;
   onDownload: (agent: MarketAgentListItem) => void;
   onViewDetails: (agent: MarketAgentListItem) => void;
+  variant?: "featured" | "default";
 }
 
 /**
@@ -22,6 +23,7 @@ export function AgentMarketCard({
   agent,
   onDownload,
   onViewDetails,
+  variant = "default",
 }: AgentMarketCardProps) {
   const { t, i18n } = useTranslation("common");
   const isZh = i18n.language === "zh" || i18n.language === "zh-CN";
@@ -40,12 +42,31 @@ export function AgentMarketCard({
     ? agent.category.icon || getCategoryIcon(agent.category.name)
     : "📦";
 
+  const baseClasses =
+    "group h-full min-h-[320px] rounded-lg border transition-all duration-300 overflow-hidden flex flex-col cursor-pointer relative";
+  const defaultClasses =
+    "bg-white dark:bg-slate-800 border-slate-200 dark:border-slate-700 hover:border-purple-300 dark:hover:border-purple-600 hover:shadow-lg";
+  const featuredClasses =
+    "border-slate-200 dark:border-slate-700 text-slate-900 dark:text-white";
+
   return (
     <motion.div
       whileHover={{ y: -4 }}
       onClick={handleCardClick}
-      className="group h-full bg-white dark:bg-slate-800 rounded-lg border border-slate-200 dark:border-slate-700 hover:border-purple-300 dark:hover:border-purple-600 hover:shadow-lg transition-all duration-300 overflow-hidden flex flex-col cursor-pointer"
+      className={`${baseClasses} ${variant === "featured" ? featuredClasses : defaultClasses}`}
     >
+      {variant === "featured" && (
+        // Full-card subtle purple gradient background overlay
+        <div
+          aria-hidden
+          className="absolute inset-0 rounded-lg pointer-events-none"
+          style={{
+            background:
+              "linear-gradient(180deg, rgba(139,92,246,0.06), rgba(99,102,241,0.04))",
+            zIndex: 0,
+          }}
+        />
+      )}
       {/* Card header with category */}
       <div className="px-4 pt-4 pb-3 border-b border-slate-100 dark:border-slate-700">
         <div className="flex items-center justify-between mb-2">
@@ -70,41 +91,43 @@ export function AgentMarketCard({
         <h3 className="text-lg font-semibold text-slate-800 dark:text-slate-100 line-clamp-1 group-hover:text-purple-600 dark:group-hover:text-purple-400 transition-colors">
           {agent.display_name}
         </h3>
-        {agent.author ? (
-          <p className="text-xs text-slate-500 dark:text-slate-400 mt-1">
-            {t("market.by", { defaultValue: "By {{author}}", author: agent.author })}
-          </p>
-        ) : (
-          <div className="h-5" aria-hidden />
-        )}
+        <div className="h-5 flex items-center">
+          {agent.author ? (
+            <p className="text-xs text-slate-500 dark:text-slate-400">
+              {t("market.by", { defaultValue: "By {{author}}", author: agent.author })}
+            </p>
+          ) : null}
+        </div>
       </div>
 
       {/* Card body */}
-      <div className="flex-1 px-4 py-3 flex flex-col gap-3">
+      <div className="flex-1 px-4 py-3 flex flex-col gap-3 relative z-10 pb-20 min-h-[120px]">
         {/* Description */}
         <p className="text-sm text-slate-600 dark:text-slate-300 line-clamp-3 flex-1">
           {agent.description}
         </p>
 
-        {/* Tags */}
-        {agent.tags && agent.tags.length > 0 && (
-          <div className="flex flex-wrap gap-1.5">
-            {agent.tags.slice(0, 3).map((tag) => (
-              <span
-                key={tag.id}
-                className="inline-flex items-center gap-1 px-2 py-0.5 rounded-full text-xs bg-slate-100 dark:bg-slate-700 text-slate-600 dark:text-slate-300"
-              >
-                <Tag className="h-3 w-3" />
-                {getGenericLabel(tag.display_name, t)}
-              </span>
-            ))}
-            {agent.tags.length > 3 && (
-              <span className="inline-flex items-center px-2 py-0.5 rounded-full text-xs bg-slate-100 dark:bg-slate-700 text-slate-600 dark:text-slate-300">
-                +{agent.tags.length - 3}
-              </span>
-            )}
-          </div>
-        )}
+        {/* Tags - always show container for consistent height */}
+        <div className="min-h-[24px]">
+          {agent.tags && agent.tags.length > 0 && (
+            <div className="flex flex-wrap gap-1.5 max-h-6 overflow-hidden">
+              {agent.tags.slice(0, 3).map((tag) => (
+                <span
+                  key={tag.id}
+                  className="inline-flex items-center gap-1 px-2 py-0.5 rounded-full text-xs bg-slate-100 dark:bg-slate-700 text-slate-600 dark:text-slate-300"
+                >
+                  <Tag className="h-3 w-3" />
+                  {getGenericLabel(tag.display_name, t)}
+                </span>
+              ))}
+              {agent.tags.length > 3 && (
+                <span className="inline-flex items-center px-2 py-0.5 rounded-full text-xs bg-slate-100 dark:bg-slate-700 text-slate-600 dark:text-slate-300">
+                  +{agent.tags.length - 3}
+                </span>
+              )}
+            </div>
+          )}
+        </div>
 
         {/* Tool count */}
         <div className="flex items-center gap-1 text-xs text-slate-500 dark:text-slate-400">
@@ -115,11 +138,11 @@ export function AgentMarketCard({
         </div>
       </div>
 
-      {/* Card footer */}
-      <div className="px-4 py-3 border-t border-slate-100 dark:border-slate-700">
+      {/* Card footer - pinned to bottom to keep all cards aligned */}
+      <div className="absolute left-0 right-0 bottom-0 px-4 py-3 border-t border-slate-100 dark:border-slate-700 bg-transparent z-10">
         <button
           onClick={handleDownload}
-          className="w-full px-4 py-2 rounded-md bg-gradient-to-r from-purple-500 to-indigo-500 hover:from-purple-600 hover:to-indigo-600 text-white text-sm font-medium transition-all duration-300 flex items-center justify-center gap-2 group-hover:shadow-md"
+          className="w-full px-4 py-2 rounded-md bg-gradient-to-r from-purple-500 to-indigo-500 hover:from-purple-600 hover:to-indigo-600 text-white text-sm font-medium transition-all duration-300 flex items-center justify-center gap-2 group-hover:shadow-md z-10"
         >
           <Download className="h-4 w-4" />
           {t("market.download", "Download")}
diff --git a/frontend/app/[locale]/market/page.tsx b/frontend/app/[locale]/market/page.tsx
index 7f71f5e5b..3b827889f 100644
--- a/frontend/app/[locale]/market/page.tsx
+++ b/frontend/app/[locale]/market/page.tsx
@@ -1,6 +1,6 @@
 "use client";
 
-import React, { useState, useEffect } from "react";
+import React, { useState, useEffect, useRef } from "react";
 import { motion } from "framer-motion";
 import { useTranslation } from "react-i18next";
 import { ShoppingBag, Search, RefreshCw } from "lucide-react";
@@ -36,6 +36,7 @@ export default function MarketContent() {
   // State management
   const [categories, setCategories] = useState<MarketCategory[]>([]);
   const [agents, setAgents] = useState<MarketAgentListItem[]>([]);
+  const [featuredItems, setFeaturedItems] = useState<MarketAgentListItem[]>([]);
   const [isLoadingCategories, setIsLoadingCategories] = useState(true);
   const [isLoadingAgents, setIsLoadingAgents] = useState(false);
   const [currentCategory, setCurrentCategory] = useState<string>("all");
@@ -54,6 +55,7 @@ export default function MarketContent() {
   );
   const [isLoadingDetail, setIsLoadingDetail] = useState(false);
 
+
   // Install modal state
   const [installModalVisible, setInstallModalVisible] = useState(false);
   const [installAgent, setInstallAgent] = useState<MarketAgentDetail | null>(
@@ -66,6 +68,33 @@ export default function MarketContent() {
     loadAgents(); // Auto-refresh on page load
   }, []);
 
+  // Refs and state for featured card width calculation
+  const contentRef = useRef<HTMLDivElement | null>(null);
+  const featuredRowRef = useRef<HTMLDivElement | null>(null);
+  const [featuredCardWidth, setFeaturedCardWidth] = useState<number | null>(null);
+
+  // Calculate featured card width so it matches grid column width (accounting for gaps)
+  useEffect(() => {
+    const calc = () => {
+      const container = contentRef.current;
+      if (!container) return;
+      const containerWidth = container.clientWidth;
+      const w = window.innerWidth;
+      let columns = 4;
+      if (w < 768) columns = 1;
+      else if (w < 1024) columns = 2;
+      else if (w < 1280) columns = 3;
+      else columns = 4;
+      const gap = 16; // tailwind gap-4 == 16px
+      const totalGap = gap * (columns - 1);
+      const cardW = Math.floor((containerWidth - totalGap) / columns);
+      setFeaturedCardWidth(cardW);
+    };
+    calc();
+    window.addEventListener("resize", calc);
+    return () => window.removeEventListener("resize", calc);
+  }, [featuredItems]);
+
   // Load agents when category, page, or search changes (but not on initial mount)
   useEffect(() => {
     loadAgents();
@@ -113,8 +142,18 @@ export default function MarketContent() {
         params.search = searchKeyword.trim();
       }
 
+      // Request featured items for this query (category/search). Backend will return relevant featured_items.
+      params.include_featured = true;
+      params.featured_limit = 6;
+
       const data = await marketService.fetchMarketAgentList(params);
-      setAgents(data.items);
+      const featured = data.featured_items || [];
+      const featuredIds = new Set(featured.map((f) => f.agent_id));
+      // Exclude featured agents from main items (de-duplicate)
+      const items = (data.items || []).filter((it) => !featuredIds.has(it.agent_id));
+
+      setFeaturedItems(featured);
+      setAgents(items);
       setTotalAgents(data.pagination.total);
     } catch (error) {
       log.error("Failed to load market agents:", error);
@@ -255,7 +294,7 @@ export default function MarketContent() {
           className="w-full h-full overflow-auto"
         >
           <div className="w-full px-4 md:px-8 lg:px-16 py-8">
-            <div className="max-w-7xl mx-auto">
+            <div ref={contentRef} className="max-w-7xl mx-auto">
               {/* Page header */}
               <div className="flex items-center justify-between mb-6">
                 <motion.div
@@ -354,7 +393,7 @@ export default function MarketContent() {
                       <div className="flex justify-center py-16">
                         <Spin size="large" />
                       </div>
-                    ) : agents.length === 0 ? (
+                    ) : agents.length === 0 && featuredItems.length === 0 ? (
                       <Empty
                         description={t(
                           "market.noAgents",
@@ -364,45 +403,106 @@ export default function MarketContent() {
                       />
                     ) : (
                       <>
-                        <div className="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 xl:grid-cols-4 gap-4 pb-8">
-                          {agents.map((agent, index) => (
-                            <motion.div
-                              key={agent.id}
-                              initial={{ opacity: 0, scale: 0.9 }}
-                              animate={{ opacity: 1, scale: 1 }}
-                              transition={{
-                                duration: 0.3,
-                                delay: 0.05 * index,
-                              }}
-                              className="h-full"
+                        {/* Featured row per category (show only if there are featured items) */}
+                        {featuredItems.length > 0 && (
+                          <div className="mb-6 featured-area">
+                            <div className="flex items-center justify-between mb-4">
+                              <h2 className="text-2xl font-bold">{t("market.featuredTitle", "精选智能体")}</h2>
+                              <div className="hidden md:flex items-center gap-2">
+                                <button
+                                  aria-label="Prev featured"
+                                  onClick={() => {
+                                    const el = document.getElementById("featured-row");
+                                    if (el) el.scrollBy({ left: -Math.floor(el.clientWidth * 0.9), behavior: "smooth" });
+                                  }}
+                                  className="px-2 py-1 hover:opacity-90"
+                                  style={{ background: "transparent" }}
+                                >
+                                  <svg className="w-6 h-6 text-slate-500" viewBox="0 0 20 20" fill="currentColor" aria-hidden>
+                                    <path fillRule="evenodd" d="M12.707 14.707a1 1 0 01-1.414 0L7 10.414a1 1 0 010-1.414l4.293-4.293a1 1 0 111.414 1.414L9.414 10l3.293 3.293a1 1 0 010 1.414z" clipRule="evenodd" />
+                                  </svg>
+                                </button>
+                                <button
+                                  aria-label="Next featured"
+                                  onClick={() => {
+                                    const el = document.getElementById("featured-row");
+                                    if (el) el.scrollBy({ left: Math.floor(el.clientWidth * 0.9), behavior: "smooth" });
+                                  }}
+                                  className="px-2 py-1 hover:opacity-90"
+                                  style={{ background: "transparent" }}
+                                >
+                                  <svg className="w-6 h-6 text-slate-500" viewBox="0 0 20 20" fill="currentColor" aria-hidden>
+                                    <path fillRule="evenodd" d="M7.293 5.293a1 1 0 011.414 0L13 9.586a1 1 0 010 1.414L8.707 15.293a1 1 0 01-1.414-1.414L10.586 10 7.293 6.707a1 1 0 010-1.414z" clipRule="evenodd" />
+                                  </svg>
+                                </button>
+                              </div>
+                            </div>
+                            <div
+                              id="featured-row"
+                              ref={featuredRowRef}
+                              className="flex gap-4 overflow-x-auto no-scrollbar pb-2"
                             >
-                              <AgentMarketCard
-                                agent={agent}
-                                onDownload={handleDownload}
-                                onViewDetails={handleViewDetails}
-                              />
-                            </motion.div>
-                          ))}
-                        </div>
-
-                        {/* Pagination */}
-                        {totalAgents > pageSize && (
-                          <div className="flex justify-center mt-8">
-                            <Pagination
-                              current={currentPage}
-                              total={totalAgents}
-                              pageSize={pageSize}
-                              onChange={handlePageChange}
-                              showSizeChanger={false}
-                              showTotal={(total) =>
-                                t("market.totalAgents", {
-                                  defaultValue: "Total {{total}} agents",
-                                  total,
-                                })
-                              }
-                            />
+                              {featuredItems.map((agent, index) => (
+                                <div
+                                  key={`featured-${agent.id}`}
+                                  className="flex-shrink-0 h-full"
+                                  style={featuredCardWidth ? { width: `${featuredCardWidth}px` } : undefined}
+                                >
+                                  <AgentMarketCard
+                                    agent={agent}
+                                    onDownload={handleDownload}
+                                    onViewDetails={handleViewDetails}
+                                    variant="featured"
+                                  />
+                                </div>
+                              ))}
+                            </div>
                           </div>
                         )}
+
+                        {agents.length > 0 && (
+                          <>
+                            <div className="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 xl:grid-cols-4 gap-4 pb-8">
+                              {agents.map((agent, index) => (
+                                <motion.div
+                                  key={agent.id}
+                                  initial={{ opacity: 0, scale: 0.9 }}
+                                  animate={{ opacity: 1, scale: 1 }}
+                                  transition={{
+                                    duration: 0.3,
+                                    delay: 0.05 * index,
+                                  }}
+                                  className="h-full"
+                                >
+                                  <AgentMarketCard
+                                    agent={agent}
+                                    onDownload={handleDownload}
+                                    onViewDetails={handleViewDetails}
+                                  />
+                                </motion.div>
+                              ))}
+                            </div>
+
+                            {/* Pagination */}
+                            {totalAgents > pageSize && (
+                              <div className="flex justify-center mt-8">
+                                <Pagination
+                                  current={currentPage}
+                                  total={totalAgents}
+                                  pageSize={pageSize}
+                                  onChange={handlePageChange}
+                                  showSizeChanger={false}
+                                  showTotal={(total) =>
+                                    t("market.totalAgents", {
+                                      defaultValue: "Total {{total}} agents",
+                                      total,
+                                    })
+                                  }
+                                />
+                              </div>
+                            )}
+                          </>
+                        )}
                       </>
                     )}
                   </motion.div>
diff --git a/frontend/styles/globals.css b/frontend/styles/globals.css
index 32715a2f0..95189a2b8 100644
--- a/frontend/styles/globals.css
+++ b/frontend/styles/globals.css
@@ -167,6 +167,48 @@
   scrollbar-color: rgba(0, 0, 0, 0.4) transparent;
 }
 
+/* Utility to hide scrollbars (useful for horizontal featured row) */
+.no-scrollbar {
+  /* Default: hide visual scrollbar by making thumb transparent while keeping track height minimal.
+     We use hover to fade-in the thumb for desktop (hover-capable) devices. */
+  -ms-overflow-style: none; /* IE and Edge - hides scrollbar */
+  scrollbar-width: thin; /* Firefox: use thin scrollbar so hover can change color */
+  scrollbar-color: rgba(0,0,0,0) transparent;
+}
+
+/* WebKit browsers: keep a small scrollbar height but make thumb transparent by default */
+.no-scrollbar::-webkit-scrollbar {
+  height: 8px;
+  background-color: transparent;
+}
+.no-scrollbar::-webkit-scrollbar-track {
+  background: transparent;
+}
+.no-scrollbar::-webkit-scrollbar-thumb {
+  background-color: rgba(0, 0, 0, 0); /* invisible by default */
+  border-radius: 8px;
+  border: 2px solid transparent;
+  background-clip: content-box;
+  transition: background-color 1000ms ease, opacity 1000ms ease;
+}
+
+/* On hover (desktop), fade the thumb in */
+@media (hover: hover) and (pointer: fine) {
+  .no-scrollbar:hover::-webkit-scrollbar-thumb {
+    background-color: rgba(0, 0, 0, 0.35);
+  }
+  .no-scrollbar:hover {
+    scrollbar-color: rgba(0,0,0,0.35) transparent; /* Firefox */
+  }
+  /* Also allow hovering the whole featured area (including header/buttons) to show the scrollbar */
+  .featured-area:hover .no-scrollbar::-webkit-scrollbar-thumb {
+    background-color: rgba(0, 0, 0, 0.35);
+  }
+  .featured-area:hover .no-scrollbar {
+    scrollbar-color: rgba(0,0,0,0.35) transparent; /* Firefox */
+  }
+}
+
 /* Tool Pool Tabs scroll fix */
 .tool-pool-tabs .ant-tabs-content-holder {
   overflow: hidden;

From 229dae5910cdd201c0b71d4198570e55dfbf1491 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E8=91=9B=E9=94=90?= <gerui@geruideMacBook-Pro.local>
Date: Thu, 8 Jan 2026 12:48:46 +0800
Subject: [PATCH 19/38] =?UTF-8?q?feat:=E9=80=82=E9=85=8D=E8=8B=B1=E6=96=87?=
 =?UTF-8?q?=E7=89=88?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

feat:修复，补充类型定义 + 给隐式 any 的参数加类型
---
 .../market/components/AgentMarketCard.tsx       | 12 ++++++++----
 frontend/app/[locale]/market/page.tsx           | 17 +++++++++++++----
 frontend/styles/globals.css                     |  6 ++++++
 frontend/types/market.ts                        |  6 ++++++
 4 files changed, 33 insertions(+), 8 deletions(-)

diff --git a/frontend/app/[locale]/market/components/AgentMarketCard.tsx b/frontend/app/[locale]/market/components/AgentMarketCard.tsx
index 2b283a74c..9b017cf3d 100644
--- a/frontend/app/[locale]/market/components/AgentMarketCard.tsx
+++ b/frontend/app/[locale]/market/components/AgentMarketCard.tsx
@@ -43,15 +43,19 @@ export function AgentMarketCard({
     : "📦";
 
   const baseClasses =
-    "group h-full min-h-[320px] rounded-lg border transition-all duration-300 overflow-hidden flex flex-col cursor-pointer relative";
+    "group z-10 hover:z-0 h-full min-h-[320px] rounded-lg border transition-all duration-300 overflow-visible flex flex-col cursor-pointer relative";
   const defaultClasses =
     "bg-white dark:bg-slate-800 border-slate-200 dark:border-slate-700 hover:border-purple-300 dark:hover:border-purple-600 hover:shadow-lg";
   const featuredClasses =
-    "border-slate-200 dark:border-slate-700 text-slate-900 dark:text-white";
+    "bg-white dark:bg-slate-800 border-slate-200 dark:border-slate-700 text-slate-900 dark:text-white hover:border-purple-300 dark:hover:border-purple-600 hover:shadow-lg";
+
+  const unifiedHoverShadow =
+    "0 10px 15px -3px rgba(0,0,0,0.1), 0 4px 6px -2px rgba(0,0,0,0.05)";
 
   return (
     <motion.div
-      whileHover={{ y: -4 }}
+      whileHover={{ y: -4, boxShadow: unifiedHoverShadow }}
+      transition={{ type: "spring", stiffness: 300, damping: 25 }}
       onClick={handleCardClick}
       className={`${baseClasses} ${variant === "featured" ? featuredClasses : defaultClasses}`}
     >
@@ -142,7 +146,7 @@ export function AgentMarketCard({
       <div className="absolute left-0 right-0 bottom-0 px-4 py-3 border-t border-slate-100 dark:border-slate-700 bg-transparent z-10">
         <button
           onClick={handleDownload}
-          className="w-full px-4 py-2 rounded-md bg-gradient-to-r from-purple-500 to-indigo-500 hover:from-purple-600 hover:to-indigo-600 text-white text-sm font-medium transition-all duration-300 flex items-center justify-center gap-2 group-hover:shadow-md z-10"
+          className="w-full px-4 py-2 rounded-md bg-gradient-to-r from-purple-500 to-indigo-500 hover:from-purple-600 hover:to-indigo-600 text-white text-sm font-medium transition-all duration-300 flex items-center justify-center gap-2"
         >
           <Download className="h-4 w-4" />
           {t("market.download", "Download")}
diff --git a/frontend/app/[locale]/market/page.tsx b/frontend/app/[locale]/market/page.tsx
index 3b827889f..4846bcf99 100644
--- a/frontend/app/[locale]/market/page.tsx
+++ b/frontend/app/[locale]/market/page.tsx
@@ -406,8 +406,10 @@ export default function MarketContent() {
                         {/* Featured row per category (show only if there are featured items) */}
                         {featuredItems.length > 0 && (
                           <div className="mb-6 featured-area">
-                            <div className="flex items-center justify-between mb-4">
-                              <h2 className="text-2xl font-bold">{t("market.featuredTitle", "精选智能体")}</h2>
+                            <div className="flex items-center justify-between mb-5">
+                              <h2 className="text-2xl font-bold">
+                                {isZh ? t("market.featuredTitle", "精选智能体") : "Featured Agents"}
+                              </h2>
                               <div className="hidden md:flex items-center gap-2">
                                 <button
                                   aria-label="Prev featured"
@@ -440,7 +442,7 @@ export default function MarketContent() {
                             <div
                               id="featured-row"
                               ref={featuredRowRef}
-                              className="flex gap-4 overflow-x-auto no-scrollbar pb-2"
+                              className="flex gap-4 overflow-x-auto no-scrollbar pt-2 pb-2"
                             >
                               {featuredItems.map((agent, index) => (
                                 <div
@@ -460,9 +462,16 @@ export default function MarketContent() {
                           </div>
                         )}
 
+                        {/* Separator between featured and main list (only when both exist) */}
+                        {featuredItems.length > 0 && agents.length > 0 && (
+                          <div className="mt-4 mb-8">
+                            <div className="w-full h-[0.5px] bg-slate-200 dark:bg-slate-700 rounded" />
+                          </div>
+                        )}
+
                         {agents.length > 0 && (
                           <>
-                            <div className="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 xl:grid-cols-4 gap-4 pb-8">
+                            <div className="mt-6 grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 xl:grid-cols-4 gap-4 pb-8">
                               {agents.map((agent, index) => (
                                 <motion.div
                                   key={agent.id}
diff --git a/frontend/styles/globals.css b/frontend/styles/globals.css
index 95189a2b8..a8d902828 100644
--- a/frontend/styles/globals.css
+++ b/frontend/styles/globals.css
@@ -209,6 +209,12 @@
   }
 }
 
+/* Reserve space at bottom of featured area so separator spacing stays consistent
+   whether native scrollbar is visible or not. Matches typical scrollbar height. */
+.featured-area {
+  padding-bottom: 0px;
+}
+
 /* Tool Pool Tabs scroll fix */
 .tool-pool-tabs .ant-tabs-content-holder {
   overflow: hidden;
diff --git a/frontend/types/market.ts b/frontend/types/market.ts
index 770e39520..88a0c13e5 100644
--- a/frontend/types/market.ts
+++ b/frontend/types/market.ts
@@ -90,6 +90,8 @@ export interface MarketPagination {
 export interface MarketAgentListResponse {
   items: MarketAgentListItem[];
   pagination: MarketPagination;
+  // Optional featured items returned by the API when requested
+  featured_items?: MarketAgentListItem[];
 }
 
 export interface MarketAgentListParams {
@@ -98,5 +100,9 @@ export interface MarketAgentListParams {
   category?: string;
   tag?: string;
   search?: string;
+  // Request featured items in the response (optional)
+  include_featured?: boolean;
+  // Limit how many featured items to return; undefined means no limit
+  featured_limit?: number;
 }
 

From 5a988ad084aa60a0b1f030706896b200ffb3895a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E8=91=9B=E9=94=90?= <gerui@geruideMacBook-Pro.local>
Date: Thu, 8 Jan 2026 17:42:13 +0800
Subject: [PATCH 20/38] =?UTF-8?q?=E9=9A=8F=E5=90=8E=E7=AB=AF=E6=94=B9?=
 =?UTF-8?q?=E5=8A=A8=E6=9B=B4=E6=96=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 frontend/app/[locale]/market/page.tsx | 17 ++++++++---------
 1 file changed, 8 insertions(+), 9 deletions(-)

diff --git a/frontend/app/[locale]/market/page.tsx b/frontend/app/[locale]/market/page.tsx
index 4846bcf99..7dae9b891 100644
--- a/frontend/app/[locale]/market/page.tsx
+++ b/frontend/app/[locale]/market/page.tsx
@@ -142,19 +142,18 @@ export default function MarketContent() {
         params.search = searchKeyword.trim();
       }
 
-      // Request featured items for this query (category/search). Backend will return relevant featured_items.
-      params.include_featured = true;
-      params.featured_limit = 6;
-
+      // Backend now returns paginated items including is_featured.
       const data = await marketService.fetchMarketAgentList(params);
-      const featured = data.featured_items || [];
-      const featuredIds = new Set(featured.map((f) => f.agent_id));
-      // Exclude featured agents from main items (de-duplicate)
-      const items = (data.items || []).filter((it) => !featuredIds.has(it.agent_id));
+      const allItems = data.items || [];
+      const featured = allItems.filter((a) => a.is_featured);
+      const items = allItems.filter((a) => !a.is_featured);
 
       setFeaturedItems(featured);
       setAgents(items);
-      setTotalAgents(data.pagination.total);
+      // Adjust total to represent non-featured items for pagination
+      const featuredCount = featured.length || 0;
+      const total = (data.pagination?.total || 0) - featuredCount;
+      setTotalAgents(total > 0 ? total : 0);
     } catch (error) {
       log.error("Failed to load market agents:", error);
 

From 9daae404a4a6a2257b762e2fd4fc4273a781a29b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E8=91=9B=E9=94=90?= <gerui@geruideMacBook-Pro.local>
Date: Fri, 9 Jan 2026 10:32:25 +0800
Subject: [PATCH 21/38] =?UTF-8?q?feat:=E6=A3=80=E8=A7=86=E5=90=8E=E4=BB=A3?=
 =?UTF-8?q?=E7=A0=81=E4=BC=98=E5=8C=96?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../market/components/AgentMarketCard.tsx     | 18 ++--
 frontend/app/[locale]/market/page.tsx         | 84 +++++++++----------
 frontend/types/market.ts                      |  9 +-
 3 files changed, 51 insertions(+), 60 deletions(-)

diff --git a/frontend/app/[locale]/market/components/AgentMarketCard.tsx b/frontend/app/[locale]/market/components/AgentMarketCard.tsx
index 9b017cf3d..72ac5d624 100644
--- a/frontend/app/[locale]/market/components/AgentMarketCard.tsx
+++ b/frontend/app/[locale]/market/components/AgentMarketCard.tsx
@@ -42,22 +42,16 @@ export function AgentMarketCard({
     ? agent.category.icon || getCategoryIcon(agent.category.name)
     : "📦";
 
-  const baseClasses =
-    "group z-10 hover:z-0 h-full min-h-[320px] rounded-lg border transition-all duration-300 overflow-visible flex flex-col cursor-pointer relative";
-  const defaultClasses =
-    "bg-white dark:bg-slate-800 border-slate-200 dark:border-slate-700 hover:border-purple-300 dark:hover:border-purple-600 hover:shadow-lg";
-  const featuredClasses =
-    "bg-white dark:bg-slate-800 border-slate-200 dark:border-slate-700 text-slate-900 dark:text-white hover:border-purple-300 dark:hover:border-purple-600 hover:shadow-lg";
-
-  const unifiedHoverShadow =
-    "0 10px 15px -3px rgba(0,0,0,0.1), 0 4px 6px -2px rgba(0,0,0,0.05)";
 
   return (
     <motion.div
-      whileHover={{ y: -4, boxShadow: unifiedHoverShadow }}
+      whileHover={{
+        y: -4,
+        boxShadow: "0 10px 15px -3px rgba(0,0,0,0.1), 0 4px 6px -2px rgba(0,0,0,0.05)"
+      }}
       transition={{ type: "spring", stiffness: 300, damping: 25 }}
       onClick={handleCardClick}
-      className={`${baseClasses} ${variant === "featured" ? featuredClasses : defaultClasses}`}
+      className="group z-10 hover:z-0 h-full min-h-[320px] rounded-lg border transition-all duration-300 overflow-visible flex flex-col cursor-pointer relative bg-white dark:bg-slate-800 border-slate-200 dark:border-slate-700 hover:border-purple-300 dark:hover:border-purple-600 hover:shadow-lg"
     >
       {variant === "featured" && (
         // Full-card subtle purple gradient background overlay
@@ -137,7 +131,7 @@ export function AgentMarketCard({
         <div className="flex items-center gap-1 text-xs text-slate-500 dark:text-slate-400">
           <Wrench className="h-3.5 w-3.5" />
           <span>
-            {agent.tool_count} {t("market.tools", "tools")}
+            {agent.tool_count || 0} {t("market.tools", "tools")}
           </span>
         </div>
       </div>
diff --git a/frontend/app/[locale]/market/page.tsx b/frontend/app/[locale]/market/page.tsx
index 7dae9b891..83d77570d 100644
--- a/frontend/app/[locale]/market/page.tsx
+++ b/frontend/app/[locale]/market/page.tsx
@@ -142,18 +142,18 @@ export default function MarketContent() {
         params.search = searchKeyword.trim();
       }
 
-      // Backend now returns paginated items including is_featured.
+      // Backend returns all items in pagination, with is_featured flag
       const data = await marketService.fetchMarketAgentList(params);
       const allItems = data.items || [];
+
+      // Separate featured and regular items
       const featured = allItems.filter((a) => a.is_featured);
       const items = allItems.filter((a) => !a.is_featured);
 
       setFeaturedItems(featured);
       setAgents(items);
-      // Adjust total to represent non-featured items for pagination
-      const featuredCount = featured.length || 0;
-      const total = (data.pagination?.total || 0) - featuredCount;
-      setTotalAgents(total > 0 ? total : 0);
+      // Use pagination total as is - it represents total items across both featured and regular
+      setTotalAgents(data.pagination?.total || 0);
     } catch (error) {
       log.error("Failed to load market agents:", error);
 
@@ -471,43 +471,43 @@ export default function MarketContent() {
                         {agents.length > 0 && (
                           <>
                             <div className="mt-6 grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 xl:grid-cols-4 gap-4 pb-8">
-                              {agents.map((agent, index) => (
-                                <motion.div
-                                  key={agent.id}
-                                  initial={{ opacity: 0, scale: 0.9 }}
-                                  animate={{ opacity: 1, scale: 1 }}
-                                  transition={{
-                                    duration: 0.3,
-                                    delay: 0.05 * index,
-                                  }}
-                                  className="h-full"
-                                >
-                                  <AgentMarketCard
-                                    agent={agent}
-                                    onDownload={handleDownload}
-                                    onViewDetails={handleViewDetails}
-                                  />
-                                </motion.div>
-                              ))}
-                            </div>
-
-                            {/* Pagination */}
-                            {totalAgents > pageSize && (
-                              <div className="flex justify-center mt-8">
-                                <Pagination
-                                  current={currentPage}
-                                  total={totalAgents}
-                                  pageSize={pageSize}
-                                  onChange={handlePageChange}
-                                  showSizeChanger={false}
-                                  showTotal={(total) =>
-                                    t("market.totalAgents", {
-                                      defaultValue: "Total {{total}} agents",
-                                      total,
-                                    })
-                                  }
-                                />
-                              </div>
+                          {agents.map((agent, index) => (
+                            <motion.div
+                              key={agent.id}
+                              initial={{ opacity: 0, scale: 0.9 }}
+                              animate={{ opacity: 1, scale: 1 }}
+                              transition={{
+                                duration: 0.3,
+                                delay: 0.05 * index,
+                              }}
+                              className="h-full"
+                            >
+                              <AgentMarketCard
+                                agent={agent}
+                                onDownload={handleDownload}
+                                onViewDetails={handleViewDetails}
+                              />
+                            </motion.div>
+                          ))}
+                        </div>
+
+                        {/* Pagination */}
+                        {totalAgents > pageSize && (
+                          <div className="flex justify-center mt-8">
+                            <Pagination
+                              current={currentPage}
+                              total={totalAgents}
+                              pageSize={pageSize}
+                              onChange={handlePageChange}
+                              showSizeChanger={false}
+                              showTotal={(total) =>
+                                t("market.totalAgents", {
+                                  defaultValue: "Total {{total}} agents",
+                                  total,
+                                })
+                              }
+                            />
+                          </div>
                             )}
                           </>
                         )}
diff --git a/frontend/types/market.ts b/frontend/types/market.ts
index 88a0c13e5..aa604723e 100644
--- a/frontend/types/market.ts
+++ b/frontend/types/market.ts
@@ -29,11 +29,12 @@ export interface MarketAgentListItem {
   display_name: string;
   description: string;
   author?: string;
-  category: MarketCategory;
+  category?: MarketCategory; // 可选，与后端保持一致
   tags: MarketTag[];
   download_count: number;
   created_at: string;
-  tool_count: number;
+  tool_count?: number; // 可选，与后端保持一致
+  is_featured: boolean; // 必填，后端默认为false
 }
 
 export interface MarketAgentTool {
@@ -100,9 +101,5 @@ export interface MarketAgentListParams {
   category?: string;
   tag?: string;
   search?: string;
-  // Request featured items in the response (optional)
-  include_featured?: boolean;
-  // Limit how many featured items to return; undefined means no limit
-  featured_limit?: number;
 }
 

From 45eedea0ec358bd0847d4d03a08b960c82fc7604 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E8=91=9B=E9=94=90?= <gerui@geruideMacBook-Pro.local>
Date: Tue, 13 Jan 2026 11:37:39 +0800
Subject: [PATCH 22/38] feat:optimize

---
 frontend/app/[locale]/market/page.tsx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/frontend/app/[locale]/market/page.tsx b/frontend/app/[locale]/market/page.tsx
index 83d77570d..fc218ece6 100644
--- a/frontend/app/[locale]/market/page.tsx
+++ b/frontend/app/[locale]/market/page.tsx
@@ -84,7 +84,7 @@ export default function MarketContent() {
       if (w < 768) columns = 1;
       else if (w < 1024) columns = 2;
       else if (w < 1280) columns = 3;
-      else columns = 4;
+      else ;
       const gap = 16; // tailwind gap-4 == 16px
       const totalGap = gap * (columns - 1);
       const cardW = Math.floor((containerWidth - totalGap) / columns);

From 3adc755fafbfbfe1f6fa6df6f0de26ac82a45620 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E8=91=9B=E9=94=90?= <gerui@geruideMacBook-Pro.local>
Date: Tue, 13 Jan 2026 19:08:05 +0800
Subject: [PATCH 23/38] feat:Delete redundant comments

---
 frontend/types/market.ts | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/frontend/types/market.ts b/frontend/types/market.ts
index aa604723e..d4005c0a4 100644
--- a/frontend/types/market.ts
+++ b/frontend/types/market.ts
@@ -29,12 +29,12 @@ export interface MarketAgentListItem {
   display_name: string;
   description: string;
   author?: string;
-  category?: MarketCategory; // 可选，与后端保持一致
+  category?: MarketCategory;
   tags: MarketTag[];
   download_count: number;
   created_at: string;
-  tool_count?: number; // 可选，与后端保持一致
-  is_featured: boolean; // 必填，后端默认为false
+  tool_count?: number;
+  is_featured: boolean;
 }
 
 export interface MarketAgentTool {

From 6fd2b2e62407567c8a6615ab89e7b9f521a10892 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E8=91=9B=E9=94=90?= <gerui@geruideMacBook-Pro.local>
Date: Tue, 13 Jan 2026 19:52:00 +0800
Subject: [PATCH 24/38] feat:Resolved issues related to the "Solved" button,
 English language

---
 .../[locale]/market/MarketContent.module.css  | 34 ++++++++++++++
 frontend/app/[locale]/market/page.tsx         | 17 +++----
 frontend/public/locales/en/common.json        |  1 +
 frontend/public/locales/zh/common.json        |  1 +
 frontend/styles/globals.css                   | 47 -------------------
 5 files changed, 43 insertions(+), 57 deletions(-)
 create mode 100644 frontend/app/[locale]/market/MarketContent.module.css

diff --git a/frontend/app/[locale]/market/MarketContent.module.css b/frontend/app/[locale]/market/MarketContent.module.css
new file mode 100644
index 000000000..fb4b8e6ef
--- /dev/null
+++ b/frontend/app/[locale]/market/MarketContent.module.css
@@ -0,0 +1,34 @@
+/* Custom styles for MarketContent component */
+
+/* Hide scrollbars for featured row with subtle hover reveal */
+.noScrollbar {
+  /* Modern browsers: hide scrollbar but keep functionality */
+  scrollbar-width: thin;
+  scrollbar-color: transparent transparent;
+  -ms-overflow-style: none; /* IE/Edge */
+}
+
+.noScrollbar::-webkit-scrollbar {
+  height: 4px;
+}
+
+.noScrollbar::-webkit-scrollbar-track {
+  background: transparent;
+}
+
+.noScrollbar::-webkit-scrollbar-thumb {
+  background-color: transparent;
+  border-radius: 2px;
+  transition: background-color 0.2s ease;
+}
+
+/* Show subtle scrollbar on hover for better UX */
+@media (hover: hover) {
+  .noScrollbar:hover::-webkit-scrollbar-thumb {
+    background-color: rgba(0, 0, 0, 0.2);
+  }
+
+  .noScrollbar:hover {
+    scrollbar-color: rgba(0, 0, 0, 0.2) transparent;
+  }
+}
diff --git a/frontend/app/[locale]/market/page.tsx b/frontend/app/[locale]/market/page.tsx
index fc218ece6..c4532c793 100644
--- a/frontend/app/[locale]/market/page.tsx
+++ b/frontend/app/[locale]/market/page.tsx
@@ -3,7 +3,7 @@
 import React, { useState, useEffect, useRef } from "react";
 import { motion } from "framer-motion";
 import { useTranslation } from "react-i18next";
-import { ShoppingBag, Search, RefreshCw } from "lucide-react";
+import { ShoppingBag, Search, RefreshCw, ChevronLeft, ChevronRight } from "lucide-react";
 import { Tabs, Input, Spin, Empty, Pagination, App } from "antd";
 import log from "@/lib/logger";
 
@@ -20,6 +20,7 @@ import MarketAgentDetailModal from "./components/MarketAgentDetailModal";
 import AgentImportWizard from "@/components/agent/AgentImportWizard";
 import { ImportAgentData } from "@/hooks/useAgentImport";
 import MarketErrorState from "./components/MarketErrorState";
+import styles from "./MarketContent.module.css";
 
 /**
  * MarketContent - Agent marketplace page
@@ -404,10 +405,10 @@ export default function MarketContent() {
                       <>
                         {/* Featured row per category (show only if there are featured items) */}
                         {featuredItems.length > 0 && (
-                          <div className="mb-6 featured-area">
+                          <div className="mb-6">
                             <div className="flex items-center justify-between mb-5">
                               <h2 className="text-2xl font-bold">
-                                {isZh ? t("market.featuredTitle", "精选智能体") : "Featured Agents"}
+                                {t("market.featuredTitle")}
                               </h2>
                               <div className="hidden md:flex items-center gap-2">
                                 <button
@@ -419,9 +420,7 @@ export default function MarketContent() {
                                   className="px-2 py-1 hover:opacity-90"
                                   style={{ background: "transparent" }}
                                 >
-                                  <svg className="w-6 h-6 text-slate-500" viewBox="0 0 20 20" fill="currentColor" aria-hidden>
-                                    <path fillRule="evenodd" d="M12.707 14.707a1 1 0 01-1.414 0L7 10.414a1 1 0 010-1.414l4.293-4.293a1 1 0 111.414 1.414L9.414 10l3.293 3.293a1 1 0 010 1.414z" clipRule="evenodd" />
-                                  </svg>
+                                  <ChevronLeft className="w-6 h-6 text-slate-500" />
                                 </button>
                                 <button
                                   aria-label="Next featured"
@@ -432,16 +431,14 @@ export default function MarketContent() {
                                   className="px-2 py-1 hover:opacity-90"
                                   style={{ background: "transparent" }}
                                 >
-                                  <svg className="w-6 h-6 text-slate-500" viewBox="0 0 20 20" fill="currentColor" aria-hidden>
-                                    <path fillRule="evenodd" d="M7.293 5.293a1 1 0 011.414 0L13 9.586a1 1 0 010 1.414L8.707 15.293a1 1 0 01-1.414-1.414L10.586 10 7.293 6.707a1 1 0 010-1.414z" clipRule="evenodd" />
-                                  </svg>
+                                  <ChevronRight className="w-6 h-6 text-slate-500" />
                                 </button>
                               </div>
                             </div>
                             <div
                               id="featured-row"
                               ref={featuredRowRef}
-                              className="flex gap-4 overflow-x-auto no-scrollbar pt-2 pb-2"
+                              className={`flex gap-4 overflow-x-auto ${styles.noScrollbar} pt-2 pb-2`}
                             >
                               {featuredItems.map((agent, index) => (
                                 <div
diff --git a/frontend/public/locales/en/common.json b/frontend/public/locales/en/common.json
index 9694b6ddf..92dd98457 100644
--- a/frontend/public/locales/en/common.json
+++ b/frontend/public/locales/en/common.json
@@ -1203,6 +1203,7 @@
   "market.downloadSuccess": "Agent downloaded successfully!",
   "market.downloadFailed": "Failed to download agent",
   "market.tools": "tools",
+  "market.featuredTitle": "Featured Agents",
   "market.noAgents": "No agents found in this category",
   "market.totalAgents": "Total {{total}} agents",
   "market.error.loadCategories": "Failed to load categories",
diff --git a/frontend/public/locales/zh/common.json b/frontend/public/locales/zh/common.json
index 8b18c9b9a..b0e0d69e1 100644
--- a/frontend/public/locales/zh/common.json
+++ b/frontend/public/locales/zh/common.json
@@ -1182,6 +1182,7 @@
   "market.downloadSuccess": "智能体下载成功！",
   "market.downloadFailed": "下载智能体失败",
   "market.tools": "工具",
+  "market.featuredTitle": "精选智能体",
   "market.noAgents": "此分类下未找到智能体",
   "market.totalAgents": "共 {{total}} 个智能体",
   "market.error.loadCategories": "加载分类失败",
diff --git a/frontend/styles/globals.css b/frontend/styles/globals.css
index a8d902828..019ad8380 100644
--- a/frontend/styles/globals.css
+++ b/frontend/styles/globals.css
@@ -167,53 +167,6 @@
   scrollbar-color: rgba(0, 0, 0, 0.4) transparent;
 }
 
-/* Utility to hide scrollbars (useful for horizontal featured row) */
-.no-scrollbar {
-  /* Default: hide visual scrollbar by making thumb transparent while keeping track height minimal.
-     We use hover to fade-in the thumb for desktop (hover-capable) devices. */
-  -ms-overflow-style: none; /* IE and Edge - hides scrollbar */
-  scrollbar-width: thin; /* Firefox: use thin scrollbar so hover can change color */
-  scrollbar-color: rgba(0,0,0,0) transparent;
-}
-
-/* WebKit browsers: keep a small scrollbar height but make thumb transparent by default */
-.no-scrollbar::-webkit-scrollbar {
-  height: 8px;
-  background-color: transparent;
-}
-.no-scrollbar::-webkit-scrollbar-track {
-  background: transparent;
-}
-.no-scrollbar::-webkit-scrollbar-thumb {
-  background-color: rgba(0, 0, 0, 0); /* invisible by default */
-  border-radius: 8px;
-  border: 2px solid transparent;
-  background-clip: content-box;
-  transition: background-color 1000ms ease, opacity 1000ms ease;
-}
-
-/* On hover (desktop), fade the thumb in */
-@media (hover: hover) and (pointer: fine) {
-  .no-scrollbar:hover::-webkit-scrollbar-thumb {
-    background-color: rgba(0, 0, 0, 0.35);
-  }
-  .no-scrollbar:hover {
-    scrollbar-color: rgba(0,0,0,0.35) transparent; /* Firefox */
-  }
-  /* Also allow hovering the whole featured area (including header/buttons) to show the scrollbar */
-  .featured-area:hover .no-scrollbar::-webkit-scrollbar-thumb {
-    background-color: rgba(0, 0, 0, 0.35);
-  }
-  .featured-area:hover .no-scrollbar {
-    scrollbar-color: rgba(0,0,0,0.35) transparent; /* Firefox */
-  }
-}
-
-/* Reserve space at bottom of featured area so separator spacing stays consistent
-   whether native scrollbar is visible or not. Matches typical scrollbar height. */
-.featured-area {
-  padding-bottom: 0px;
-}
 
 /* Tool Pool Tabs scroll fix */
 .tool-pool-tabs .ant-tabs-content-holder {

From d04e7a96a1e6df2a5811bc8e8355fa0244334a45 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E8=91=9B=E9=94=90?= <gerui@geruideMacBook-Pro.local>
Date: Wed, 14 Jan 2026 11:55:02 +0800
Subject: [PATCH 25/38] feat:rename

---
 .../market/{MarketContent.module.css => MarketContent.css}    | 0
 frontend/app/[locale]/market/page.tsx                         | 4 ++--
 2 files changed, 2 insertions(+), 2 deletions(-)
 rename frontend/app/[locale]/market/{MarketContent.module.css => MarketContent.css} (100%)

diff --git a/frontend/app/[locale]/market/MarketContent.module.css b/frontend/app/[locale]/market/MarketContent.css
similarity index 100%
rename from frontend/app/[locale]/market/MarketContent.module.css
rename to frontend/app/[locale]/market/MarketContent.css
diff --git a/frontend/app/[locale]/market/page.tsx b/frontend/app/[locale]/market/page.tsx
index c4532c793..65fa03915 100644
--- a/frontend/app/[locale]/market/page.tsx
+++ b/frontend/app/[locale]/market/page.tsx
@@ -20,7 +20,7 @@ import MarketAgentDetailModal from "./components/MarketAgentDetailModal";
 import AgentImportWizard from "@/components/agent/AgentImportWizard";
 import { ImportAgentData } from "@/hooks/useAgentImport";
 import MarketErrorState from "./components/MarketErrorState";
-import styles from "./MarketContent.module.css";
+import "./MarketContent.css";
 
 /**
  * MarketContent - Agent marketplace page
@@ -438,7 +438,7 @@ export default function MarketContent() {
                             <div
                               id="featured-row"
                               ref={featuredRowRef}
-                              className={`flex gap-4 overflow-x-auto ${styles.noScrollbar} pt-2 pb-2`}
+                              className={`flex gap-4 overflow-x-auto noScrollbar pt-2 pb-2`}
                             >
                               {featuredItems.map((agent, index) => (
                                 <div

From 83e919f17a199e946f1d653fbb5b146eb962def6 Mon Sep 17 00:00:00 2001
From: Jasonxia007 <iamjasonxia@126.com>
Date: Fri, 9 Jan 2026 17:42:39 +0800
Subject: [PATCH 26/38] =?UTF-8?q?=E2=99=BB=EF=B8=8F=20[WIP]=20User=20Manag?=
 =?UTF-8?q?ement=20Part2:=20Add=20service=20functions?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 backend/consts/const.py                       |   6 +
 backend/consts/model.py                       | 122 ++++
 backend/database/invitation_db.py             |  45 ++
 backend/services/agent_service.py             |  75 ++-
 backend/services/config_sync_service.py       |   7 +-
 backend/services/group_service.py             | 492 +++++++++++++++
 backend/services/invitation_service.py        | 428 +++++++++++++
 backend/services/tenant_service.py            | 240 ++++++++
 backend/services/user_management_service.py   | 166 ++++-
 backend/services/vectordatabase_service.py    | 158 ++++-
 test/backend/app/test_agent_app.py            |   8 +-
 test/backend/services/test_agent_service.py   | 389 ++++++++----
 .../services/test_config_sync_service.py      |  26 +
 test/backend/services/test_group_service.py   | 455 ++++++++++++++
 .../services/test_invitation_service.py       | 410 +++++++++++++
 test/backend/services/test_tenant_service.py  | 577 ++++++++++++++++++
 .../services/test_user_management_service.py  | 480 +++++++++------
 .../services/test_vectordatabase_service.py   | 190 ++++--
 18 files changed, 3878 insertions(+), 396 deletions(-)
 create mode 100644 backend/services/group_service.py
 create mode 100644 backend/services/invitation_service.py
 create mode 100644 backend/services/tenant_service.py
 create mode 100644 test/backend/services/test_group_service.py
 create mode 100644 test/backend/services/test_invitation_service.py
 create mode 100644 test/backend/services/test_tenant_service.py

diff --git a/backend/consts/const.py b/backend/consts/const.py
index a0039e196..0765bbbf4 100644
--- a/backend/consts/const.py
+++ b/backend/consts/const.py
@@ -183,6 +183,9 @@ class VectorDatabaseType(str, Enum):
 # Debug JWT expiration time (seconds), not set or 0 means not effective
 DEBUG_JWT_EXPIRE_SECONDS = int(os.getenv('DEBUG_JWT_EXPIRE_SECONDS', '0') or 0)
 
+# User info query source control: "supabase" or "pg" (default: "supabase" for backward compatibility)
+USER_INFO_QUERY_SOURCE = os.getenv('USER_INFO_QUERY_SOURCE', 'supabase').lower()
+
 # Memory Search Status Messages (for i18n placeholders)
 MEMORY_SEARCH_START_MSG = "<MEM_START>"
 MEMORY_SEARCH_DONE_MSG = "<MEM_DONE>"
@@ -247,6 +250,9 @@ class VectorDatabaseType(str, Enum):
 ICON_TYPE = "ICON_TYPE"
 AVATAR_URI = "AVATAR_URI"
 CUSTOM_ICON_URL = "CUSTOM_ICON_URL"
+TENANT_NAME = "TENANT_NAME"
+TENANT_ID = "TENANT_ID"
+DEFAULT_GROUP_ID = "DEFAULT_GROUP_ID"
 
 # Task Status Constants
 TASK_STATUS = {
diff --git a/backend/consts/model.py b/backend/consts/model.py
index bc5a0900f..112464c1c 100644
--- a/backend/consts/model.py
+++ b/backend/consts/model.py
@@ -32,6 +32,7 @@ class UserSignUpRequest(BaseModel):
     password: str = Field(..., min_length=6)
     is_admin: Optional[bool] = False
     invite_code: Optional[str] = None
+    with_new_invitation: Optional[bool] = False
 
 
 class UserSignInRequest(BaseModel):
@@ -457,3 +458,124 @@ class MCPConfigRequest(BaseModel):
     """Request model for adding MCP servers from configuration"""
     mcpServers: Dict[str, MCPServerConfig] = Field(
         ..., description="Dictionary of MCP server configurations")
+
+
+# Tenant Management Data Models
+# ---------------------------------------------------------------------------
+class TenantCreateRequest(BaseModel):
+    """Request model for creating a tenant"""
+    tenant_name: str = Field(..., min_length=1,
+                             description="Tenant display name")
+
+
+class TenantUpdateRequest(BaseModel):
+    """Request model for updating tenant information"""
+    tenant_name: str = Field(..., min_length=1,
+                             description="New tenant display name")
+
+
+class TenantResponse(BaseModel):
+    """Response model for tenant information"""
+    tenant_id: str = Field(..., description="Tenant identifier")
+    tenant_name: str = Field(..., description="Tenant display name")
+    default_group_id: Optional[int] = Field(
+        None, description="Default group ID for the tenant")
+
+
+# Group Management Data Models
+# ---------------------------------------------------------------------------
+class GroupCreateRequest(BaseModel):
+    """Request model for creating a group"""
+    tenant_id: str = Field(..., min_length=1,
+                           description="Tenant ID where the group belongs")
+    group_name: str = Field(..., min_length=1,
+                            description="Group display name")
+    group_description: Optional[str] = Field(
+        None, description="Optional group description")
+
+
+class GroupUpdateRequest(BaseModel):
+    """Request model for updating group information"""
+    group_name: Optional[str] = Field(None, description="New group name")
+    group_description: Optional[str] = Field(
+        None, description="New group description")
+
+
+class GroupListRequest(BaseModel):
+    """Request model for listing groups"""
+    tenant_id: str = Field(..., description="Tenant ID to filter groups")
+    page: int = Field(1, ge=1, description="Page number for pagination")
+    page_size: int = Field(
+        20, ge=1, le=100, description="Number of items per page")
+
+
+class GroupUserRequest(BaseModel):
+    """Request model for adding/removing user from group"""
+    user_id: str = Field(..., min_length=1,
+                         description="User ID to add/remove")
+    group_ids: Optional[List[int]] = Field(
+        None, description="List of group IDs (for batch operations)")
+
+
+class SetDefaultGroupRequest(BaseModel):
+    """Request model for setting tenant's default group"""
+    default_group_id: int = Field(..., ge=1,
+                                  description="Group ID to set as default for the tenant")
+
+
+# Invitation Management Data Models
+# ---------------------------------------------------------------------------
+class InvitationCreateRequest(BaseModel):
+    """Request model for creating invitation code"""
+    code_type: str = Field(
+        ..., description="Invitation code type (ADMIN_INVITE, DEV_INVITE, USER_INVITE)")
+    invitation_code: Optional[str] = Field(
+        None, description="Custom invitation code (auto-generated if not provided)")
+    group_ids: Optional[List[int]] = Field(
+        None, description="Associated group IDs")
+    capacity: int = Field(
+        default=1, ge=1, description="Maximum usage capacity")
+    expiry_date: Optional[str] = Field(
+        None, description="Expiry date in ISO format")
+
+
+class InvitationUpdateRequest(BaseModel):
+    """Request model for updating invitation code"""
+    capacity: Optional[int] = Field(None, ge=1, description="New capacity")
+    expiry_date: Optional[str] = Field(None, description="New expiry date")
+    group_ids: Optional[List[int]] = Field(None, description="New group IDs")
+
+
+class InvitationResponse(BaseModel):
+    """Response model for invitation information"""
+    invitation_id: int = Field(..., description="Invitation ID")
+    invitation_code: str = Field(..., description="Invitation code")
+    code_type: str = Field(..., description="Code type")
+    group_ids: Optional[List[int]] = Field(
+        None, description="Associated group IDs")
+    capacity: int = Field(..., description="Usage capacity")
+    expiry_date: Optional[str] = Field(None, description="Expiry date")
+    status: str = Field(..., description="Current status")
+    created_at: Optional[str] = Field(None, description="Creation timestamp")
+    updated_at: Optional[str] = Field(
+        None, description="Last update timestamp")
+
+
+class InvitationListRequest(BaseModel):
+    """Request model for listing invitation codes"""
+    tenant_id: Optional[str] = Field(
+        None, description="Tenant ID to filter by (optional)")
+    page: int = Field(1, ge=1, description="Page number for pagination")
+    page_size: int = Field(
+        20, ge=1, le=100, description="Number of items per page")
+
+
+class InvitationUseResponse(BaseModel):
+    """Response model for invitation usage"""
+    invitation_record_id: int = Field(..., description="Usage record ID")
+    invitation_code: str = Field(..., description="Used invitation code")
+    user_id: str = Field(..., description="User who used the code")
+    invitation_id: int = Field(..., description="Invitation ID")
+    code_type: str = Field(..., description="Code type")
+    group_ids: Optional[List[int]] = Field(
+        None, description="Associated group IDs")
diff --git a/backend/database/invitation_db.py b/backend/database/invitation_db.py
index c9c71b30f..e3d494976 100644
--- a/backend/database/invitation_db.py
+++ b/backend/database/invitation_db.py
@@ -256,3 +256,48 @@ def query_invitation_status(invitation_code: str) -> Optional[str]:
         ).first()
 
         return invitation.status if invitation else None
+
+
+def query_invitations_with_pagination(
+    tenant_id: Optional[str] = None,
+    page: int = 1,
+    page_size: int = 20
+) -> Dict[str, Any]:
+    """
+    Query invitations with pagination support
+
+    Args:
+        tenant_id (Optional[str]): Tenant ID to filter by, None for all tenants
+        page (int): Page number (1-based)
+        page_size (int): Number of items per page
+
+    Returns:
+        Dict[str, Any]: Dictionary containing items list and total count
+    """
+    with get_db_session() as session:
+        query = session.query(TenantInvitationCode).filter(
+            TenantInvitationCode.delete_flag == "N"
+        )
+
+        # Apply tenant filter if provided
+        if tenant_id:
+            query = query.filter(TenantInvitationCode.tenant_id == tenant_id)
+
+        # Get total count
+        total = query.count()
+
+        # Apply pagination
+        offset = (page - 1) * page_size
+        results = query.offset(offset).limit(page_size).all()
+
+        # Convert to dict format
+        items = [as_dict(record) for record in results]
+
+        return {
+            "items": items,
+            "total": total,
+            "page": page,
+            "page_size": page_size,
+            # Ceiling division
+            "total_pages": (total + page_size - 1) // page_size
+        }
diff --git a/backend/services/agent_service.py b/backend/services/agent_service.py
index 591da0064..ab8a4284a 100644
--- a/backend/services/agent_service.py
+++ b/backend/services/agent_service.py
@@ -53,6 +53,8 @@
     query_tool_instances_by_id,
     search_tools_for_sub_agent
 )
+from database.group_db import query_group_ids_by_user
+from utils.str_utils import convert_list_to_string, convert_string_to_list
 from services.conversation_management_service import save_conversation_assistant, save_conversation_user
 from services.memory_config_service import build_memory_context
 from utils.auth_utils import get_current_user_info, get_user_language
@@ -89,6 +91,26 @@ def _resolve_user_tenant_language(
         return user_id, tenant_id, get_user_language(http_request)
 
 
+def _get_user_group_ids(user_id: str, tenant_id: str) -> str:
+    """
+    Get user's group IDs as a comma-separated string.
+
+    Args:
+        user_id: User ID
+        tenant_id: Tenant ID
+
+    Returns:
+        Comma-separated string of group IDs
+    """
+    try:
+        group_ids = query_group_ids_by_user(user_id)
+        return convert_list_to_string(group_ids)
+    except Exception as e:
+        logger.warning(
+            f"Failed to get user groups for user {user_id}: {str(e)}")
+        return ""
+
+
 def _resolve_model_with_fallback(
     model_display_name: str | None,
     exported_model_id: str | None,
@@ -97,45 +119,45 @@ def _resolve_model_with_fallback(
 ) -> str | None:
     """
     Resolve model_id from model_display_name with fallback to quick config LLM model.
-    
+
     Args:
         model_display_name: Display name of the model to lookup
         exported_model_id: Original model_id from export (for logging only)
         model_label: Label for logging (e.g., "Model", "Business logic model")
         tenant_id: Tenant ID for model lookup
-    
+
     Returns:
         Resolved model_id or None if not found and no fallback available
     """
     if not model_display_name:
         return None
-    
+
     # Try to find model by display name in current tenant
     resolved_id = get_model_id_by_display_name(model_display_name, tenant_id)
-    
+
     if resolved_id:
         logger.info(
             f"{model_label} '{model_display_name}' found in tenant {tenant_id}, "
             f"mapped to model_id: {resolved_id} (exported model_id was: {exported_model_id})")
         return resolved_id
-    
+
     # Model not found, try fallback to quick config LLM model
     logger.warning(
         f"{model_label} '{model_display_name}' (exported model_id: {exported_model_id}) "
         f"not found in tenant {tenant_id}, falling back to quick config LLM model.")
-    
+
     quick_config_model = tenant_config_manager.get_model_config(
         key=MODEL_CONFIG_MAPPING["llm"],
         tenant_id=tenant_id
     )
-    
+
     if quick_config_model:
         fallback_id = quick_config_model.get("model_id")
         logger.info(
             f"Using quick config LLM model for {model_label.lower()}: "
             f"{quick_config_model.get('display_name')} (model_id: {fallback_id})")
         return fallback_id
-    
+
     logger.warning(f"No quick config LLM model found for tenant {tenant_id}")
     return None
 
@@ -775,7 +797,8 @@ async def update_agent_info_impl(request: AgentInfoRequest, authorization: str =
     agent_id: Optional[int] = request.agent_id
     try:
         if agent_id is None:
-            # Create agent
+            # Create agent - automatically set group_ids to current user's groups
+            user_group_ids = _get_user_group_ids(user_id, tenant_id)
             created = create_agent(agent_info={
                 "name": request.name,
                 "display_name": request.display_name,
@@ -791,7 +814,8 @@ async def update_agent_info_impl(request: AgentInfoRequest, authorization: str =
                 "duty_prompt": request.duty_prompt,
                 "constraint_prompt": request.constraint_prompt,
                 "few_shots_prompt": request.few_shots_prompt,
-                "enabled": request.enabled if request.enabled is not None else True
+                "enabled": request.enabled if request.enabled is not None else True,
+                "group_ids": user_group_ids
             }, tenant_id=tenant_id, user_id=user_id)
             agent_id = created["agent_id"]
         else:
@@ -1132,7 +1156,7 @@ async def import_agent_by_agent_id(
     if not import_agent_info.name.isidentifier():
         raise ValueError(
             f"Invalid agent name: {import_agent_info.name}. agent name must be a valid python variable name.")
-    
+
     # Resolve model IDs with fallback
     # Note: We use model_display_name for cross-tenant compatibility
     # The exported model_id is kept for reference/debugging only
@@ -1142,7 +1166,7 @@ async def import_agent_by_agent_id(
         model_label="Model",
         tenant_id=tenant_id
     )
-    
+
     business_logic_model_id = _resolve_model_with_fallback(
         model_display_name=import_agent_info.business_logic_model_name,
         exported_model_id=import_agent_info.business_logic_model_id,
@@ -1153,7 +1177,8 @@ async def import_agent_by_agent_id(
     agent_name = import_agent_info.name
     agent_display_name = import_agent_info.display_name
 
-    # create a new agent
+    # create a new agent - use current user's groups instead of imported group_ids
+    user_group_ids = _get_user_group_ids(user_id, tenant_id)
     new_agent = create_agent(agent_info={"name": agent_name,
                                          "display_name": agent_display_name,
                                          "description": import_agent_info.description,
@@ -1168,7 +1193,8 @@ async def import_agent_by_agent_id(
                                          "duty_prompt": import_agent_info.duty_prompt,
                                          "constraint_prompt": import_agent_info.constraint_prompt,
                                          "few_shots_prompt": import_agent_info.few_shots_prompt,
-                                         "enabled": import_agent_info.enabled},
+                                         "enabled": import_agent_info.enabled,
+                                         "group_ids": user_group_ids},
                              tenant_id=tenant_id,
                              user_id=user_id)
     new_agent_id = new_agent["agent_id"]
@@ -1248,7 +1274,8 @@ async def list_all_agent_info_impl(tenant_id: str) -> list[dict]:
                 "description": agent["description"],
                 "author": agent.get("author"),
                 "is_available": len(unavailable_reasons) == 0,
-                "unavailable_reasons": unavailable_reasons
+                "unavailable_reasons": unavailable_reasons,
+                "group_ids": convert_string_to_list(agent.get("group_ids"))
             })
 
         return simple_agent_list
@@ -1344,28 +1371,28 @@ def check_agent_availability(
 ) -> tuple[bool, list[str]]:
     """
     Check if an agent is available based on its tools and model configuration.
-    
+
     Args:
         agent_id: The agent ID to check
         tenant_id: The tenant ID
         agent_info: Optional pre-fetched agent info (to avoid duplicate DB queries)
         model_cache: Optional model cache for performance optimization
-        
+
     Returns:
         tuple: (is_available: bool, unavailable_reasons: list[str])
     """
     unavailable_reasons: list[str] = []
-    
+
     if model_cache is None:
         model_cache = {}
-    
+
     # Fetch agent info if not provided
     if agent_info is None:
         agent_info = search_agent_info_by_agent_id(agent_id, tenant_id)
-    
+
     if not agent_info:
         return False, ["agent_not_found"]
-    
+
     # Check tool availability
     tool_info = search_tools_for_sub_agent(agent_id=agent_id, tenant_id=tenant_id)
     tool_id_list = [tool["tool_id"] for tool in tool_info if tool.get("tool_id") is not None]
@@ -1373,7 +1400,7 @@ def check_agent_availability(
         tool_statuses = check_tool_is_available(tool_id_list)
         if not all(tool_statuses):
             unavailable_reasons.append("tool_unavailable")
-    
+
     # Check model availability
     model_reasons = _collect_model_availability_reasons(
         agent=agent_info,
@@ -1381,7 +1408,7 @@ def check_agent_availability(
         model_cache=model_cache
     )
     unavailable_reasons.extend(model_reasons)
-    
+
     is_available = len(unavailable_reasons) == 0
     return is_available, unavailable_reasons
 
@@ -1936,4 +1963,4 @@ def get_sub_agents_recursive(parent_agent_id: int, depth: int = 0, max_depth: in
     except Exception as e:
         logger.exception(
             f"Failed to get agent call relationship for agent {agent_id}: {str(e)}")
-        raise ValueError(f"Failed to get agent call relationship: {str(e)}")
\ No newline at end of file
+        raise ValueError(f"Failed to get agent call relationship: {str(e)}")
diff --git a/backend/services/config_sync_service.py b/backend/services/config_sync_service.py
index 68dfc014b..2621557b2 100644
--- a/backend/services/config_sync_service.py
+++ b/backend/services/config_sync_service.py
@@ -10,10 +10,13 @@
     DEFAULT_APP_DESCRIPTION_ZH,
     DEFAULT_APP_NAME_EN,
     DEFAULT_APP_NAME_ZH,
+    DEFAULT_GROUP_ID,
     ICON_TYPE,
+    LANGUAGE,
     MODEL_CONFIG_MAPPING,
     LANGUAGE,
-    MODEL_ENGINE_ENABLED
+    MODEL_ENGINE_ENABLED,
+    TENANT_NAME
 )
 from database.model_management_db import get_model_id_by_display_name
 from utils.config_utils import (
@@ -132,6 +135,8 @@ def build_app_config(language: str, tenant_id: str) -> dict:
         "name": tenant_config_manager.get_app_config(APP_NAME, tenant_id=tenant_id) or default_app_name,
         "description": tenant_config_manager.get_app_config(APP_DESCRIPTION,
                                                             tenant_id=tenant_id) or default_app_description,
+        "tenantName": tenant_config_manager.get_app_config(TENANT_NAME, tenant_id=tenant_id) or "",
+        "defaultGroupId": tenant_config_manager.get_app_config(DEFAULT_GROUP_ID, tenant_id=tenant_id) or "",
         "icon": {
             "type": tenant_config_manager.get_app_config(ICON_TYPE, tenant_id=tenant_id) or "preset",
             "avatarUri": tenant_config_manager.get_app_config(AVATAR_URI, tenant_id=tenant_id) or "",
diff --git a/backend/services/group_service.py b/backend/services/group_service.py
new file mode 100644
index 000000000..bd838e1da
--- /dev/null
+++ b/backend/services/group_service.py
@@ -0,0 +1,492 @@
+"""
+Group service for managing groups and group memberships.
+"""
+import logging
+from typing import Any, Dict, List, Optional, Union
+
+from database.group_db import (
+    query_groups,
+    query_groups_by_tenant,
+    add_group,
+    modify_group,
+    remove_group,
+    add_user_to_group,
+    remove_user_from_group,
+    query_group_users,
+    query_groups_by_user,
+    query_group_ids_by_user,
+    check_user_in_group,
+    count_group_users
+)
+from database.user_tenant_db import get_user_tenant_by_user_id
+from database.tenant_config_db import get_single_config_info, insert_config, update_config_by_tenant_config_id
+from consts.exceptions import NotFoundException, UnauthorizedError, ValidationError
+from consts.const import DEFAULT_GROUP_ID
+from services.tenant_service import get_tenant_info
+
+logger = logging.getLogger(__name__)
+
+
+def get_group_info(group_id: Union[int, str, List[int]]) -> Union[Optional[Dict[str, Any]], List[Dict[str, Any]]]:
+    """
+    Get group(s) by group ID(s).
+
+    Args:
+        group_id: Group ID(s) - can be int, comma-separated string, or list of ints
+
+    Returns:
+        Single group dict with group_id, group_name, group_description if int provided,
+        list of group dicts if string/list provided
+
+    Raises:
+        NotFoundException: When group not found
+    """
+    result = query_groups(group_id)
+
+    if isinstance(group_id, int) and result is None:
+        raise NotFoundException(f"Group {group_id} not found")
+
+    # Extract only the required fields: group_id, group_name, group_description
+    if isinstance(group_id, int) and result is not None:
+        # Single group result
+        return {
+            "group_id": result.get("group_id"),
+            "group_name": result.get("group_name"),
+            "group_description": result.get("group_description")
+        }
+    elif isinstance(group_id, (str, list)) and result is not None:
+        # List of groups result
+        filtered_groups = []
+        for group in result:
+            filtered_groups.append({
+                "group_id": group.get("group_id"),
+                "group_name": group.get("group_name"),
+                "group_description": group.get("group_description")
+            })
+        return filtered_groups
+
+    return result
+
+
+def get_groups_by_tenant(tenant_id: str, page: int = 1, page_size: int = 20) -> Dict[str, Any]:
+    """
+    Get groups for a specific tenant with pagination.
+
+    Args:
+        tenant_id (str): Tenant ID
+        page (int): Page number (1-based)
+        page_size (int): Number of items per page
+
+    Returns:
+        Dict[str, Any]: Dictionary containing groups list and total count
+    """
+    # Get paginated results and total count
+    result = query_groups_by_tenant(tenant_id, page, page_size)
+
+    # Filter to only return required fields for each group
+    filtered_groups = []
+    for group in result["groups"]:
+        filtered_groups.append({
+            "group_id": group.get("group_id"),
+            "group_name": group.get("group_name"),
+            "group_description": group.get("group_description")
+        })
+
+    return {
+        "groups": filtered_groups,
+        "total": result["total"]
+    }
+
+
+def get_tenant_default_group_id(tenant_id: str) -> Optional[int]:
+    """
+    Get the default group ID for a tenant.
+
+    Args:
+        tenant_id (str): Tenant ID
+
+    Returns:
+        Optional[int]: Default group ID if exists, None otherwise
+    """
+    try:
+        tenant_info = get_tenant_info(tenant_id)
+        default_group_id = tenant_info.get("default_group_id")
+        return int(default_group_id) if default_group_id else None
+    except Exception as e:
+        logger.warning(f"Failed to get default group ID for tenant {tenant_id}: {str(e)}")
+        return None
+
+
+def set_tenant_default_group_id(tenant_id: str, group_id: int, updated_by: Optional[str] = None) -> bool:
+    """
+    Set the default group ID for a tenant.
+
+    Args:
+        tenant_id (str): Tenant ID
+        group_id (int): Group ID to set as default
+        updated_by (Optional[str]): User ID performing the update
+
+    Returns:
+        bool: Whether the operation was successful
+
+    Raises:
+        NotFoundException: When tenant or group not found
+        ValidationError: When group doesn't belong to the tenant
+    """
+    # Verify tenant exists
+    try:
+        tenant_info = get_tenant_info(tenant_id)
+        if not tenant_info:
+            raise NotFoundException(f"Tenant {tenant_id} not found")
+    except NotFoundException:
+        raise
+
+    # Verify group exists and belongs to the tenant
+    group = query_groups(group_id)
+    if not group:
+        raise NotFoundException(f"Group {group_id} not found")
+
+    # Check if group belongs to the tenant (groups are tenant-specific)
+    if str(group.get("tenant_id")) != tenant_id:
+        raise ValidationError(
+            f"Group {group_id} does not belong to tenant {tenant_id}")
+
+    try:
+        # Try to update existing default group config
+        existing_config = get_single_config_info(tenant_id, DEFAULT_GROUP_ID)
+        if existing_config:
+            success = update_config_by_tenant_config_id(
+                existing_config["tenant_config_id"],
+                str(group_id)
+            )
+            if success:
+                logger.info(
+                    f"Updated default group ID to {group_id} for tenant {tenant_id} by user {updated_by}")
+        else:
+            # Create new default group config
+            config_data = {
+                "tenant_id": tenant_id,
+                "config_key": DEFAULT_GROUP_ID,
+                "config_value": str(group_id),
+                "created_by": updated_by,
+                "updated_by": updated_by
+            }
+            success = insert_config(config_data)
+            if success:
+                logger.info(
+                    f"Set default group ID to {group_id} for tenant {tenant_id} by user {updated_by}")
+
+        return success
+
+    except Exception as e:
+        logger.error(
+            f"Failed to set default group ID to {group_id} for tenant {tenant_id}: {str(e)}")
+        raise ValidationError(f"Failed to set default group: {str(e)}")
+
+
+def create_group(tenant_id: str, group_name: str, group_description: Optional[str] = None,
+               user_id: str = None) -> Dict[str, Any]:
+    """
+    Create a new group.
+
+    Args:
+        tenant_id (str): Tenant ID
+        group_name (str): Group name
+        group_description (Optional[str]): Group description
+        user_id (str): Current user ID
+
+    Returns:
+        Dict[str, Any]: Created group information
+
+    Raises:
+        NotFoundException: When user not found
+        UnauthorizedError: When user doesn't have permission
+    """
+    # Check user permission
+    if user_id:
+        user_info = get_user_tenant_by_user_id(user_id)
+        if not user_info:
+            raise NotFoundException(f"User {user_id} not found")
+
+        user_role = user_info.get("user_role", "USER")
+        if user_role not in ["SU", "ADMIN"]:
+            raise UnauthorizedError(f"User role {user_role} not authorized to create groups")
+
+    # Create group
+    group_id = add_group(
+        tenant_id=tenant_id,
+        group_name=group_name,
+        group_description=group_description,
+        created_by=user_id
+    )
+
+    logger.info(f"Created group {group_name} for tenant {tenant_id} by user {user_id}")
+
+    return {
+        "group_id": group_id,
+        "group_name": group_name,
+        "group_description": group_description
+    }
+
+
+def update_group(group_id: int, updates: Dict[str, Any], user_id: str) -> bool:
+    """
+    Update group information.
+
+    Args:
+        group_id (int): Group ID
+        updates (Dict[str, Any]): Fields to update
+        user_id (str): Current user ID
+
+    Returns:
+        bool: Whether update was successful
+
+    Raises:
+        NotFoundException: When user or group not found
+        UnauthorizedError: When user doesn't have permission
+    """
+    # Check user permission
+    user_info = get_user_tenant_by_user_id(user_id)
+    if not user_info:
+        raise NotFoundException(f"User {user_id} not found")
+
+    user_role = user_info.get("user_role", "USER")
+    if user_role not in ["SU", "ADMIN"]:
+        raise UnauthorizedError(f"User role {user_role} not authorized to update groups")
+
+    # Check if group exists
+    group = query_groups(group_id)
+    if not group:
+        raise NotFoundException(f"Group {group_id} not found")
+
+    # Update group
+    success = modify_group(
+        group_id=group_id,
+        updates=updates,
+        updated_by=user_id
+    )
+
+    if success:
+        logger.info(f"Updated group {group_id} by user {user_id}")
+
+    return success
+
+
+def delete_group(group_id: int, user_id: str) -> bool:
+    """
+    Delete group.
+    TODO: Clear user-group relationship, knowledgebases, agents, invitation codes under the group
+
+    Args:
+        group_id (int): Group ID
+        user_id (str): Current user ID
+
+    Returns:
+        bool: Whether deletion was successful
+
+    Raises:
+        NotFoundException: When user or group not found
+        UnauthorizedError: When user doesn't have permission
+    """
+    # Check user permission
+    user_info = get_user_tenant_by_user_id(user_id)
+    if not user_info:
+        raise NotFoundException(f"User {user_id} not found")
+
+    user_role = user_info.get("user_role", "USER")
+    if user_role not in ["SU", "ADMIN"]:
+        raise UnauthorizedError(f"User role {user_role} not authorized to delete groups")
+
+    # Check if group exists
+    group = query_groups(group_id)
+    if not group:
+        raise NotFoundException(f"Group {group_id} not found")
+
+    # Delete group
+    success = remove_group(
+        group_id=group_id,
+        updated_by=user_id
+    )
+
+    if success:
+        logger.info(f"Deleted group {group_id} by user {user_id}")
+
+    return success
+
+
+def add_user_to_single_group(group_id: int, user_id: str, current_user_id: str) -> Dict[str, Any]:
+    """
+    Add user to group.
+
+    Args:
+        group_id (int): Group ID
+        user_id (str): User ID to add
+        current_user_id (str): Current user ID performing the action
+
+    Returns:
+        Dict[str, Any]: Group membership information
+
+    Raises:
+        NotFoundException: When user or group not found
+        UnauthorizedError: When user doesn't have permission
+    """
+    # Check current user permission
+    user_info = get_user_tenant_by_user_id(current_user_id)
+    if not user_info:
+        raise UnauthorizedError(f"User {current_user_id} not found")
+
+    # Check if group exists
+    group = query_groups(group_id)
+    if not group:
+        raise NotFoundException(f"Group {group_id} not found")
+
+    # Check if user is already in group
+    if check_user_in_group(user_id, group_id):
+        return {
+            "group_id": group_id,
+            "user_id": user_id,
+            "already_member": True
+        }
+
+    # Add user to group
+    group_user_id = add_user_to_group(
+        group_id=group_id,
+        user_id=user_id,
+        created_by=current_user_id
+    )
+
+    logger.info(f"Added user {user_id} to group {group_id} by user {current_user_id}")
+
+    return {
+        "group_user_id": group_user_id,
+        "group_id": group_id,
+        "user_id": user_id,
+        "already_member": False
+    }
+
+
+def remove_user_from_single_group(group_id: int, user_id: str, current_user_id: str) -> bool:
+    """
+    Remove user from group.
+
+    Args:
+        group_id (int): Group ID
+        user_id (str): User ID to remove
+        current_user_id (str): Current user ID performing the action
+
+    Returns:
+        bool: Whether removal was successful
+
+    Raises:
+        NotFoundException: When user or group not found
+        UnauthorizedError: When user doesn't have permission
+    """
+    # Check current user permission
+    user_info = get_user_tenant_by_user_id(current_user_id)
+    if not user_info:
+        raise UnauthorizedError(f"User {current_user_id} not found")
+
+    user_role = user_info.get("user_role", "USER")
+    if user_role not in ["SU", "ADMIN"]:
+        raise UnauthorizedError(f"User role {user_role} not authorized to manage group memberships")
+
+    # Check if group exists
+    group = query_groups(group_id)
+    if not group:
+        raise NotFoundException(f"Group {group_id} not found")
+
+    # Remove user from group
+    success = remove_user_from_group(
+        group_id=group_id,
+        user_id=user_id,
+        updated_by=current_user_id
+    )
+
+    if success:
+        logger.info(f"Removed user {user_id} from group {group_id} by user {current_user_id}")
+
+    return success
+
+
+def get_group_users(group_id: int) -> List[Dict[str, Any]]:
+    """
+    Get all users in a group.
+
+    Args:
+        group_id (int): Group ID
+
+    Returns:
+        List[Dict[str, Any]]: List of group user records
+
+    Raises:
+        NotFoundException: When group not found
+    """
+    # Check if group exists
+    group = query_groups(group_id)
+    if not group:
+        raise NotFoundException(f"Group {group_id} not found")
+
+    users = query_group_users(group_id)
+
+    filtered_users = []
+    for user in users:
+        filtered_users.append({
+            "group_user_id": user.get("group_user_id"),
+            "group_id": user.get("group_id"),
+            "user_id": user.get("user_id")
+        })
+
+    return filtered_users
+
+
+def get_group_user_count(group_id: int) -> int:
+    """
+    Get user count in a group.
+
+    Args:
+        group_id (int): Group ID
+
+    Returns:
+        int: Number of users in the group
+
+    Raises:
+        NotFoundException: When group not found
+    """
+    # Check if group exists
+    group = query_groups(group_id)
+    if not group:
+        raise NotFoundException(f"Group {group_id} not found")
+
+    return count_group_users(group_id)
+
+
+def add_user_to_groups(user_id: str, group_ids: List[int], current_user_id: str) -> List[Dict[str, Any]]:
+    """
+    Add user to multiple groups.
+
+    Args:
+        user_id (str): User ID to add
+        group_ids (List[int]): List of group IDs
+        current_user_id (str): Current user ID performing the action
+
+    Returns:
+        List[Dict[str, Any]]: List of group membership results
+
+    Raises:
+        UnauthorizedError: When user doesn't have permission
+    """
+    results = []
+    for group_id in group_ids:
+        try:
+            result = add_user_to_single_group(
+                group_id, user_id, current_user_id)
+            results.append(result)
+        except Exception as e:
+            logger.error(f"Failed to add user {user_id} to group {group_id}: {str(e)}")
+            results.append({
+                "group_id": group_id,
+                "user_id": user_id,
+                "error": str(e)
+            })
+
+    return results
\ No newline at end of file
diff --git a/backend/services/invitation_service.py b/backend/services/invitation_service.py
new file mode 100644
index 000000000..fb0dc5ac4
--- /dev/null
+++ b/backend/services/invitation_service.py
@@ -0,0 +1,428 @@
+"""
+Invitation service for managing invitation codes and records.
+"""
+import logging
+import random
+import string
+from datetime import datetime
+from typing import Optional, Dict, Any, List
+
+from database.invitation_db import (
+    query_invitation_by_code,
+    query_invitation_by_id,
+    add_invitation,
+    modify_invitation,
+    add_invitation_record,
+    count_invitation_usage,
+    query_invitations_with_pagination
+)
+from database.user_tenant_db import get_user_tenant_by_user_id
+from database.group_db import query_group_ids_by_user
+from consts.exceptions import NotFoundException, UnauthorizedError
+from services.group_service import get_tenant_default_group_id
+from utils.str_utils import convert_string_to_list
+
+logger = logging.getLogger(__name__)
+
+
+def create_invitation_code(
+    tenant_id: str,
+    code_type: str,
+    invitation_code: Optional[str] = None,
+    group_ids: Optional[List[int]] = None,
+    capacity: int = 1,
+    expiry_date: Optional[str] = None,
+    status: str = "IN_USE",
+    user_id: str = None
+) -> Dict[str, Any]:
+    """
+    Create a new invitation code with business logic.
+
+    Args:
+        tenant_id (str): Tenant ID
+        code_type (str): Invitation code type (ADMIN_INVITE, DEV_INVITE, USER_INVITE)
+        invitation_code (Optional[str]): Invitation code, auto-generated if None
+        group_ids (Optional[List[int]]): Associated group IDs
+        capacity (int): Invitation code capacity
+        expiry_date (Optional[str]): Expiry date
+        status (str): Status
+        user_id (str): Current user ID
+
+    Returns:
+        Dict[str, Any]: Created invitation code information
+
+    Raises:
+        NotFoundException: When user not found
+        UnauthorizedError: When user doesn't have permission
+        ValueError: When code_type is invalid
+    """
+    # Validate code_type
+    valid_code_types = ["ADMIN_INVITE", "DEV_INVITE", "USER_INVITE"]
+    if code_type not in valid_code_types:
+        raise ValueError(f"Invalid code_type: {code_type}. Must be one of {valid_code_types}")
+
+    # Get user information
+    user_info = get_user_tenant_by_user_id(user_id)
+    if not user_info:
+        raise NotFoundException(f"User {user_id} not found")
+
+    user_role = user_info.get("user_role", "USER")
+
+    # Check permission based on code_type
+    if code_type == "ADMIN_INVITE" and user_role not in ["SU"]:
+        raise UnauthorizedError(f"User role {user_role} not authorized to create ADMIN_INVITE codes")
+    elif code_type in ["DEV_INVITE", "USER_INVITE"] and user_role not in ["SU", "ADMIN"]:
+        raise UnauthorizedError(f"User role {user_role} not authorized to create {code_type} codes")
+
+    # Set default group_ids based on code_type if not provided
+    if group_ids is None:
+        if code_type == "ADMIN_INVITE":
+            # For admin invites, try to use tenant default group, fallback to empty list
+            default_group_id = get_tenant_default_group_id(tenant_id)
+            group_ids = [default_group_id] if default_group_id else []
+        elif code_type in ["DEV_INVITE", "USER_INVITE"]:
+            group_ids = query_group_ids_by_user(user_id)
+        else:
+            group_ids = []
+
+    # Generate invitation code if not provided
+    if not invitation_code:
+        invitation_code = _generate_unique_invitation_code()
+    else:
+        # Change to upper case by default
+        invitation_code = invitation_code.upper()
+
+    # Create invitation (status will be set automatically)
+    invitation_id = add_invitation(
+        tenant_id=tenant_id,
+        invitation_code=invitation_code,
+        code_type=code_type,
+        group_ids=group_ids,
+        capacity=capacity,
+        expiry_date=expiry_date,
+        status=status,
+        created_by=user_id
+    )
+
+    # Automatically update status based on expiry date and capacity
+    update_invitation_code_status(invitation_id)
+
+    logger.info(f"Created invitation code {invitation_code} (type: {code_type}) for tenant {tenant_id} by user {user_id}")
+
+    # Get the final invitation info with correct status
+    invitation_info = query_invitation_by_id(invitation_id)
+    normalized_info = _normalize_invitation_data(invitation_info) if invitation_info else None
+
+    return {
+        "invitation_id": invitation_id,
+        "invitation_code": invitation_code,
+        "code_type": code_type,
+        "group_ids": group_ids,
+        "capacity": capacity,
+        "expiry_date": expiry_date,
+        "status": normalized_info.get("status", "IN_USE") if normalized_info else "IN_USE"
+    }
+
+
+def update_invitation_code(
+    invitation_id: int,
+    updates: Dict[str, Any],
+    user_id: str
+) -> bool:
+    """
+    Update invitation code information.
+
+    Args:
+        invitation_id (int): Invitation ID
+        updates (Dict[str, Any]): Fields to update
+        user_id (str): Current user ID
+
+    Returns:
+        bool: Whether update was successful
+
+    Raises:
+        UnauthorizedError: When user doesn't have permission
+    """
+    # Check user permission
+    user_info = get_user_tenant_by_user_id(user_id)
+    if not user_info:
+        raise UnauthorizedError(f"User {user_id} not found")
+
+    user_role = user_info.get("user_role", "USER")
+    if user_role not in ["SU", "ADMIN"]:
+        raise UnauthorizedError(f"User role {user_role} not authorized to update invitation codes")
+
+    # Update invitation code
+    success = modify_invitation(
+        invitation_id=invitation_id,
+        updates=updates,
+        updated_by=user_id
+    )
+
+    if success:
+        logger.info(f"Updated invitation code {invitation_id} by user {user_id}")
+        # Automatically update status after successful update
+        update_invitation_code_status(invitation_id)
+
+    return success
+
+
+def _normalize_invitation_data(invitation_data: Dict[str, Any]) -> Dict[str, Any]:
+    """
+    Normalize invitation data types for consistent API responses.
+
+    Args:
+        invitation_data: Raw invitation data from database
+
+    Returns:
+        Normalized invitation data with correct types
+    """
+    if not invitation_data:
+        return invitation_data
+
+    # Create a copy to avoid modifying the original
+    normalized = invitation_data.copy()
+
+    # Convert datetime objects to ISO format strings
+    for key, value in normalized.items():
+        if isinstance(value, datetime):
+            normalized[key] = value.isoformat()
+
+    # Ensure correct data types
+    if "invitation_id" in normalized:
+        normalized["invitation_id"] = int(normalized["invitation_id"])
+    if "capacity" in normalized:
+        normalized["capacity"] = int(normalized["capacity"])
+    if "group_ids" in normalized:
+        # Convert group_ids string back to list
+        group_ids_value = normalized["group_ids"]
+        if isinstance(group_ids_value, str):
+            normalized["group_ids"] = convert_string_to_list(group_ids_value)
+        elif group_ids_value is None:
+            normalized["group_ids"] = []
+
+    return normalized
+
+
+def get_invitation_by_code(invitation_code: str) -> Optional[Dict[str, Any]]:
+    """
+    Get invitation code information by code.
+
+    Args:
+        invitation_code (str): Invitation code
+
+    Returns:
+        Optional[Dict[str, Any]]: Invitation code information or None if not found
+    """
+    invitation_data = query_invitation_by_code(invitation_code)
+    return _normalize_invitation_data(invitation_data) if invitation_data else None
+
+
+def check_invitation_available(invitation_code: str) -> bool:
+    """
+    Check if invitation is available for use.
+
+    Args:
+        invitation_code (str): Invitation code
+
+    Returns:
+        bool: Whether the code is available
+    """
+    invitation = query_invitation_by_code(invitation_code)
+    if not invitation:
+        return False
+
+    # Check status
+    if invitation.get("status") != "IN_USE":
+        return False
+
+    # Check capacity
+    usage_count = count_invitation_usage(invitation["invitation_id"])
+    return usage_count < invitation["capacity"]
+
+
+def use_invitation_code(
+    invitation_code: str,
+    user_id: str
+) -> Dict[str, Any]:
+    """
+    Use an invitation code by creating a usage record.
+    
+    Args:
+        invitation_code (str): Invitation code to use
+        user_id (str): User ID using the code
+
+    Returns:
+        Dict[str, Any]: Invitation usage result including code_type
+
+    Raises:
+        NotFoundException: When invitation code not found or not available
+    """
+    # Check if invitation is available
+    if not check_invitation_available(invitation_code):
+        raise NotFoundException(f"Invitation code {invitation_code} is not available")
+
+    # Get invitation code details
+    invitation_info = query_invitation_by_code(invitation_code)
+    if not invitation_info:
+        raise NotFoundException(f"Invitation code {invitation_code} not found")
+
+    # Create usage record
+    record_id = add_invitation_record(
+        invitation_id=invitation_info["invitation_id"],
+        user_id=user_id,
+        created_by=user_id
+    )
+
+    # Update invitation status
+    update_invitation_code_status(invitation_info["invitation_id"])
+
+    logger.info(f"User {user_id} used invitation code {invitation_code}")
+
+    return {
+        "invitation_record_id": record_id,
+        "invitation_code": invitation_code,
+        "user_id": user_id,
+        "invitation_id": invitation_info["invitation_id"],
+        "code_type": invitation_info["code_type"],
+        "group_ids": invitation_info["group_ids"]
+    }
+
+
+def update_invitation_code_status(invitation_id: int) -> bool:
+    """
+    Update invitation code status based on expiry date and usage count.
+
+    Args:
+        invitation_id (int): Invitation ID
+
+    Returns:
+        bool: Whether status was updated
+    """
+    # Get invitation code details
+    invitation_info = query_invitation_by_id(invitation_id)
+    if not invitation_info:
+        return False
+
+    current_time = datetime.now()
+    expiry_date = invitation_info.get("expiry_date")
+    capacity = int(invitation_info["capacity"])
+
+    usage_count = count_invitation_usage(invitation_id)
+    current_status = invitation_info["status"]
+
+    new_status = current_status
+
+    # Check expiry
+    if expiry_date:
+        try:
+            if isinstance(expiry_date, datetime):
+                expiry_datetime = expiry_date
+            else:
+                expiry_datetime = datetime.fromisoformat(
+                    str(expiry_date).replace('Z', '+00:00'))
+            if current_time > expiry_datetime:
+                new_status = "EXPIRE"
+        except (ValueError, AttributeError, TypeError):
+            logger.warning(f"Invalid expiry_date format for invitation {invitation_id}: {expiry_date}")
+
+    # Check capacity
+    if usage_count >= capacity:
+        new_status = "RUN_OUT"
+
+    # Update status if changed
+    if new_status != current_status:
+        modify_invitation(
+            invitation_id=invitation_id,
+            updates={"status": new_status},
+            updated_by="system"
+        )
+        logger.info(f"Updated invitation code {invitation_id} status to {new_status}")
+        return True
+
+    return False
+
+
+def _generate_unique_invitation_code(length: int = 6) -> str:
+    """
+    Generate a unique invitation code.
+
+    Args:
+        length (int): Code length
+
+    Returns:
+        str: Unique invitation code
+    """
+    max_attempts = 100  # Prevent infinite loop
+    attempts = 0
+
+    while attempts < max_attempts:
+        # Generate random code with letters and digits
+        code = ''.join(random.choices(string.ascii_letters + string.digits, k=length))
+
+        # Check uniqueness
+        if not query_invitation_by_code(code):
+            return code.upper()
+
+        attempts += 1
+
+    raise RuntimeError(f"Failed to generate unique invitation code after {max_attempts} attempts")
+
+
+def get_invitations_list(
+    tenant_id: Optional[str],
+    page: int,
+    page_size: int,
+    user_id: str
+) -> Dict[str, Any]:
+    """
+    Get invitations list with pagination and permission checks.
+
+    Args:
+        tenant_id (Optional[str]): Tenant ID to filter by, None for all tenants
+        page (int): Page number
+        page_size (int): Number of items per page
+        user_id (str): Current user ID for permission checks
+
+    Returns:
+        Dict[str, Any]: Paginated invitation list result
+
+    Raises:
+        UnauthorizedError: When user doesn't have permission to view the requested data
+    """
+    # Get user information for permission checks
+    user_info = get_user_tenant_by_user_id(user_id)
+    if not user_info:
+        raise UnauthorizedError(f"User {user_id} not found")
+
+    user_role = user_info.get("user_role", "USER")
+
+    # Permission logic:
+    # - If tenant_id is provided: ADMIN or SU can view that tenant's invitations
+    # - If tenant_id is not provided: Only SU can view all invitations
+    if tenant_id:
+        # If tenant_id is specified, user must be ADMIN/SU
+        if user_role not in ["SU", "ADMIN"]:
+            raise UnauthorizedError(
+                f"User role {user_role} not authorized to view invitation lists")
+    else:
+        # If no tenant_id specified, only SU can view all invitations
+        if user_role not in ["SU"]:
+            raise UnauthorizedError(
+                f"User role {user_role} not authorized to view all tenant invitations")
+
+    # Query invitations with pagination
+    result = query_invitations_with_pagination(
+        tenant_id=tenant_id,
+        page=page,
+        page_size=page_size
+    )
+
+    logger.info(
+        f"User {user_id} queried invitations list (tenant: {tenant_id or 'all'}, page: {page}, size: {page_size})")
+
+    # Normalize each invitation item in the list
+    if result and "items" in result:
+        result["items"] = [_normalize_invitation_data(item) for item in result["items"]]
+
+    return result
diff --git a/backend/services/tenant_service.py b/backend/services/tenant_service.py
new file mode 100644
index 000000000..0519b8fa8
--- /dev/null
+++ b/backend/services/tenant_service.py
@@ -0,0 +1,240 @@
+"""
+Tenant service for managing tenant operations
+"""
+import logging
+import uuid
+from typing import Any, Dict, List, Optional
+
+from database.tenant_config_db import (
+    get_single_config_info,
+    insert_config,
+    update_config_by_tenant_config_id,
+    get_all_tenant_ids
+)
+from database.group_db import add_group
+from consts.const import TENANT_NAME, TENANT_ID, DEFAULT_GROUP_ID
+from consts.exceptions import NotFoundException, ValidationError
+
+logger = logging.getLogger(__name__)
+
+
+def get_tenant_info(tenant_id: str) -> Dict[str, Any]:
+    """
+    Get tenant information by tenant ID
+
+    Args:
+        tenant_id (str): Tenant ID
+
+    Returns:
+        Dict[str, Any]: Tenant information
+
+    Raises:
+        NotFoundException: When tenant not found
+    """
+    # Get tenant name
+    name_config = get_single_config_info(tenant_id, TENANT_NAME)
+    if not name_config:
+        raise NotFoundException("The name of tenant not found.")
+
+    group_config = get_single_config_info(tenant_id, DEFAULT_GROUP_ID)
+
+    tenant_info = {
+        "tenant_id": tenant_id,
+        "tenant_name": name_config.get("config_value") if name_config else "",
+        "default_group_id": group_config.get("config_value") if group_config else ""
+    }
+
+    return tenant_info
+
+
+def get_all_tenants() -> List[Dict[str, Any]]:
+    """
+    Get all tenants
+
+    Returns:
+        List[Dict[str, Any]]: List of all tenant information
+    """
+    tenant_ids = get_all_tenant_ids()
+    tenants = []
+
+    for tenant_id in tenant_ids:
+        try:
+            tenant_info = get_tenant_info(tenant_id)
+            tenants.append(tenant_info)
+        except NotFoundException:
+            # Skip tenants that can't be found (shouldn't happen but being defensive)
+            logging.warning(f"Tenant info of {tenant_id} not found. Which is not expected to happend. Continue anyway.")
+            continue
+
+    return tenants
+
+
+def create_tenant(tenant_name: str, created_by: Optional[str] = None) -> Dict[str, Any]:
+    """
+    Create a new tenant with default group
+
+    Args:
+        tenant_name (str): Tenant name
+        created_by (Optional[str]): Created by user ID
+
+    Returns:
+        Dict[str, Any]: Created tenant information
+
+    Raises:
+        ValidationError: When tenant creation fails
+    """
+    # Generate a random UUID for tenant_id
+    tenant_id = str(uuid.uuid4())
+
+    # Check if tenant already exists (extremely unlikely with UUID, but good practice)
+    try:
+        existing_tenant = get_tenant_info(tenant_id)
+        if existing_tenant:
+            raise ValidationError(f"Tenant {tenant_id} already exists")
+    except NotFoundException:
+        # Tenant doesn't exist, which is what we want
+        pass
+
+    # Validate tenant name
+    if not tenant_name or not tenant_name.strip():
+        raise ValidationError("Tenant name cannot be empty")
+
+    try:
+        # Create default group first
+        default_group_id = _create_default_group_for_tenant(tenant_id, created_by)
+
+        # Create tenant ID configuration
+        tenant_id_data = {
+            "tenant_id": tenant_id,
+            "config_key": TENANT_ID,
+            "config_value": tenant_id,
+            "created_by": created_by,
+            "updated_by": created_by
+        }
+        id_success = insert_config(tenant_id_data)
+        if not id_success:
+            raise ValidationError("Failed to create tenant ID configuration")
+
+        # Create tenant name configuration
+        tenant_name_data = {
+            "tenant_id": tenant_id,
+            "config_key": TENANT_NAME,
+            "config_value": tenant_name.strip(),
+            "created_by": created_by,
+            "updated_by": created_by
+        }
+        name_success = insert_config(tenant_name_data)
+        if not name_success:
+            raise ValidationError("Failed to create tenant name configuration")
+
+        # Create default group ID configuration
+        group_config_data = {
+            "tenant_id": tenant_id,
+            "config_key": DEFAULT_GROUP_ID,
+            "config_value": str(default_group_id),
+            "created_by": created_by,
+            "updated_by": created_by
+        }
+        group_success = insert_config(group_config_data)
+        if not group_success:
+            raise ValidationError("Failed to create tenant default group configuration")
+
+        tenant_info = {
+            "tenant_id": tenant_id,
+            "tenant_name": tenant_name.strip(),
+            "default_group_id": str(default_group_id)
+        }
+
+        logger.info(f"Created tenant {tenant_id} with name '{tenant_name}' and default group {default_group_id}")
+        return tenant_info
+
+    except Exception as e:
+        logger.error(f"Failed to create tenant {tenant_id}: {str(e)}")
+        raise ValidationError(f"Failed to create tenant: {str(e)}")
+
+
+def update_tenant_info(tenant_id: str, tenant_name: str, updated_by: Optional[str] = None) -> Dict[str, Any]:
+    """
+    Update tenant information
+
+    Args:
+        tenant_id (str): Tenant ID
+        tenant_name (str): New tenant name
+        updated_by (Optional[str]): Updated by user ID
+
+    Returns:
+        Dict[str, Any]: Updated tenant information
+
+    Raises:
+        NotFoundException: When tenant not found
+        ValidationError: When tenant name is invalid
+    """
+    # Check if tenant exists and get current name config
+    name_config = get_single_config_info(tenant_id, TENANT_NAME)
+    if not name_config: 
+        raise NotFoundException(f"Tenant {tenant_id} not found")
+
+    # Validate tenant name
+    if not tenant_name or not tenant_name.strip():
+        raise ValidationError("Tenant name cannot be empty")
+
+    # Update tenant name
+    success = update_config_by_tenant_config_id(
+        name_config["tenant_config_id"],
+        tenant_name.strip()
+    )
+    if not success:
+        raise ValidationError("Failed to update tenant name")
+
+    # Return updated tenant information
+    updated_tenant = get_tenant_info(tenant_id)
+    logger.info(f"Updated tenant {tenant_id} name to '{tenant_name}'")
+    return updated_tenant
+
+
+def delete_tenant(tenant_id: str, deleted_by: Optional[str] = None) -> bool:
+    """
+    Delete tenant (placeholder for future implementation)
+    NOTE: Deletion logic is complex and not yet implemented
+
+    Args:
+        tenant_id (str): Tenant ID
+        deleted_by (Optional[str]): Deleted by user ID
+
+    Returns:
+        bool: Always returns False as this is not yet implemented
+
+    Raises:
+        ValidationError: Always raised as this is not yet implemented
+    """
+    raise NotImplementedError("Tenant deletion is not yet implemented due to complex dependencies")
+
+
+def _create_default_group_for_tenant(tenant_id: str, created_by: Optional[str] = None) -> int:
+    """
+    Create a default group for a new tenant
+
+    Args:
+        tenant_id (str): Tenant ID
+        created_by (Optional[str]): Created by user ID
+
+    Returns:
+        int: Created default group ID
+
+    Raises:
+        ValidationError: When default group creation fails
+    """
+    try:
+        default_group_name = "Default Group"
+        group_id = add_group(
+            tenant_id=tenant_id,
+            group_name=default_group_name,
+            group_description="Default group created automatically for new tenant",
+            created_by=created_by
+        )
+
+        return group_id
+
+    except Exception as e:
+        logger.error(f"Failed to create default group for tenant {tenant_id}: {str(e)}")
+        raise ValidationError(f"Failed to create default group: {str(e)}")
diff --git a/backend/services/user_management_service.py b/backend/services/user_management_service.py
index 9a5cd60a2..5c0b55ce2 100644
--- a/backend/services/user_management_service.py
+++ b/backend/services/user_management_service.py
@@ -1,5 +1,5 @@
 import logging
-from typing import Optional, Any, Tuple
+from typing import Optional, Any, Tuple, Dict
 
 import aiohttp
 from fastapi import Header
@@ -12,15 +12,18 @@
     calculate_expires_at,
     get_jwt_expiry_seconds,
 )
-from consts.const import INVITE_CODE, SUPABASE_URL, SUPABASE_KEY
+from consts.const import INVITE_CODE, SUPABASE_URL, SUPABASE_KEY, DEFAULT_TENANT_ID
 from consts.exceptions import NoInviteCodeException, IncorrectInviteCodeException, UserRegistrationException, UnauthorizedError
 
 from database.model_management_db import create_model_record
-from database.user_tenant_db import insert_user_tenant, soft_delete_user_tenant_by_user_id
+from database.user_tenant_db import insert_user_tenant, soft_delete_user_tenant_by_user_id, get_user_tenant_by_user_id
 from database.memory_config_db import soft_delete_all_configs_by_user_id
 from database.conversation_db import soft_delete_all_conversations_by_user
+from database.group_db import query_group_ids_by_user
 from utils.memory_utils import build_memory_config
 from nexent.memory.memory_service import clear_memory
+from services.invitation_service import use_invitation_code, check_invitation_available, get_invitation_by_code
+from services.group_service import add_user_to_groups
 
 
 logging.getLogger("user_management_service").setLevel(logging.DEBUG)
@@ -160,6 +163,120 @@ async def signup_user(email: EmailStr,
             "Registration service is temporarily unavailable, please try again later")
 
 
+async def signup_user_with_invitation(email: EmailStr,
+                                      password: str,
+                                      invite_code: Optional[str] = None):
+    """User registration with invitation code support"""
+    client = get_supabase_client()
+    logging.info(
+        f"Receive registration request: email={email}, invite_code={'provided' if invite_code else 'not provided'}")
+
+    # Default user role is USER
+    user_role = "USER"
+    invitation_info = None
+
+    # Validate invitation code if provided (without using it yet)
+    if invite_code:
+        try:
+            # Convert invite code to upper case for consistency
+            invite_code = invite_code.upper()
+
+            # Check if invitation is available
+            if not check_invitation_available(invite_code):
+                raise IncorrectInviteCodeException(
+                    f"Invitation code {invite_code} is not available")
+
+            # Get invitation code details
+            invitation_info = get_invitation_by_code(invite_code)
+            if not invitation_info:
+                raise IncorrectInviteCodeException(
+                    f"Invitation code {invite_code} not found")
+
+            # Determine user role based on invitation code type
+            code_type = invitation_info["code_type"]
+            if code_type == "ADMIN_INVITE":
+                user_role = "ADMIN"
+            elif code_type == "DEV_INVITE":
+                user_role = "DEV"
+
+            logging.info(
+                f"Invitation code {invite_code} validated successfully, will assign role: {user_role}")
+
+        except IncorrectInviteCodeException:
+            raise
+        except Exception as e:
+            logging.error(
+                f"Invitation code {invite_code} validation failed: {str(e)}")
+            raise IncorrectInviteCodeException(
+                f"Invalid invitation code: {str(e)}")
+
+    # Set user metadata, including role information
+    response = client.auth.sign_up({
+        "email": email,
+        "password": password
+    })
+
+    if response.user:
+        user_id = response.user.id
+
+        # Determine tenant_id based on invitation code
+        if invitation_info:
+            tenant_id = invitation_info["tenant_id"]
+        else:
+            tenant_id = DEFAULT_TENANT_ID
+
+        # Create user tenant relationship
+        logging.debug(f"Creating user tenant relationship: user_id={user_id}, tenant_id={tenant_id}, user_role={user_role}")
+        insert_user_tenant(
+            user_id=user_id, tenant_id=tenant_id, user_role=user_role)
+        logging.debug(f"User tenant relationship created successfully for user {user_id}")
+
+        # Use invitation code now that we have the real user_id
+        if invitation_info:
+            try:
+                invitation_result = use_invitation_code(invite_code, user_id)
+                logging.debug(
+                    f"Invitation code {invite_code} used successfully for user {user_id}")
+
+                # Add user to groups specified in invitation code
+                group_ids = invitation_result.get("group_ids", [])
+                if group_ids:
+                    try:
+                        # Convert group_ids from string to list if needed
+                        if isinstance(group_ids, str):
+                            from utils.str_utils import convert_string_to_list
+                            group_ids = convert_string_to_list(group_ids)
+
+                        if group_ids:
+                            group_results = add_user_to_groups(user_id, group_ids, user_id)
+                            successful_adds = [
+                                r for r in group_results if not r.get("error")]
+                            logging.info(
+                                f"User {user_id} added to {len(successful_adds)} groups from invitation code")
+
+                    except Exception as e:
+                        logging.error(
+                            f"Failed to add user {user_id} to invitation groups: {str(e)}")
+
+            except Exception as e:
+                # If using invitation code fails after registration, log error but don't fail registration
+                logging.error(
+                    f"Failed to use invitation code {invite_code} for user {user_id}: {str(e)}")
+
+        logging.info(
+            f"User {email} registered successfully, role: {user_role}, tenant: {tenant_id}")
+
+        if user_role == "ADMIN":
+            await generate_tts_stt_4_admin(tenant_id, user_id)
+
+        return await parse_supabase_response(False, response, user_role)
+    else:
+        logging.error(
+            "Supabase registration request returned no user object")
+        raise UserRegistrationException(
+            "Registration service is temporarily unavailable, please try again later")
+
+
 async def parse_supabase_response(is_admin, response, user_role):
     """Parse Supabase response and build standardized user registration response"""
     user_data = {
@@ -379,3 +496,46 @@ async def revoke_regular_user(user_id: str, tenant_id: str) -> None:
         logging.error(
             f"Unexpected error in revoke_regular_user for {user_id}: {e}")
         # swallow to keep idempotent behavior
+
+
+async def get_user_info(user_id: str) -> Optional[Dict[str, Any]]:
+    """
+    Get user information including user ID, group IDs list, tenant ID, and user role.
+    All information is retrieved from PostgreSQL database.
+
+    Args:
+        user_id (str): User ID to query
+
+    Returns:
+        Optional[Dict[str, Any]]: User information dictionary containing:
+            - user_id: User ID
+            - group_ids: List of group IDs the user belongs to
+            - tenant_id: Tenant ID
+            - user_role: User role (USER, ADMIN, DEV, etc.)
+        Returns None if user not found
+    """
+    try:
+
+
+        # Get user tenant relationship
+        user_tenant = get_user_tenant_by_user_id(user_id)
+        if not user_tenant:
+            return None
+
+        tenant_id = user_tenant["tenant_id"]
+        user_role = user_tenant["user_role"]
+
+        # Get group IDs
+        group_ids = query_group_ids_by_user(user_id)
+
+        return {
+            "user_id": user_id,
+            "group_ids": group_ids,
+            "tenant_id": tenant_id,
+            "user_role": user_role
+        }
+
+    except Exception as e:
+        logging.error(
+            f"Failed to get user info for user {user_id}: {str(e)}")
+        return None
diff --git a/backend/services/vectordatabase_service.py b/backend/services/vectordatabase_service.py
index 18203847e..4954ece66 100644
--- a/backend/services/vectordatabase_service.py
+++ b/backend/services/vectordatabase_service.py
@@ -35,9 +35,13 @@
     get_knowledge_info_by_tenant_id,
     update_model_name_by_index_name,
 )
+from database.user_tenant_db import get_user_tenant_by_user_id
+from database.group_db import query_group_ids_by_user
 from services.redis_service import get_redis_service
+from services.group_service import get_tenant_default_group_id
 from utils.config_utils import tenant_config_manager, get_model_name_from_config
 from utils.file_management_utils import get_all_files_status, get_file_size
+from utils.str_utils import convert_string_to_list
 
 
 def _update_progress(task_id: str, processed: int, total: int):
@@ -480,8 +484,18 @@ def list_indices(
             vdb_core: VectorDatabaseCore = Depends(get_vector_db_core)
     ):
         """
-        List all indices that the current user has permissions to access.
-        async PG database to sync ES, remove the data that is not in ES
+        List all indices that the current user has permissions to access based on role and group permissions.
+
+        Permission logic:
+        - SU: All knowledgebases visible, all editable
+        - ADMIN: Knowledgebases from same tenant visible, all editable
+        - USER/DEV: Knowledgebases where user belongs to intersecting groups, permission determined by:
+            * If user is creator: editable
+            * If ingroup_permission=EDIT: editable
+            * If ingroup_permission=READ_ONLY: read-only
+            * If ingroup_permission=PRIVATE: not visible
+
+        Also syncs PG database with ES, removing data that is not in ES.
 
         Args:
             pattern: Pattern to match index names
@@ -491,33 +505,105 @@ def list_indices(
             vdb_core: VectorDatabaseCore instance
 
         Returns:
-            Dict[str, Any]: A dictionary containing the list of indices and the count.
+            Dict[str, Any]: A dictionary containing the list of visible knowledgebases with permissions.
         """
-        all_indices_list = vdb_core.get_user_indices(pattern)
+        # Get user tenant information for permission checking
+        user_tenant = get_user_tenant_by_user_id(user_id)
+        if not user_tenant:
+            return {"indices": [], "count": 0}
 
-        db_record = get_knowledge_info_by_tenant_id(tenant_id=tenant_id)
+        user_role = user_tenant.get("user_role")
+        user_tenant_id = user_tenant.get("tenant_id")
+        # Get user group IDs from tenant_group_user_t table
+        user_group_ids = query_group_ids_by_user(user_id)
 
-        # Build mapping from index_name to user-facing knowledge_name (fallback to index_name)
-        index_to_display_name = {
-            record["index_name"]: record.get(
-                "knowledge_name") or record["index_name"]
-            for record in db_record
-        }
+        # Get all indices from Elasticsearch
+        es_indices_list = vdb_core.get_user_indices(pattern)
+
+        # Get all knowledgebase records from database (for cleanup and permission checking)
+        all_db_records = get_knowledge_info_by_tenant_id(user_tenant_id)
 
-        filtered_indices_list = []
+        # Filter visible knowledgebases based on user role and permissions
+        visible_knowledgebases = []
         model_name_is_none_list = []
-        for record in db_record:
-            # async PG database to sync ES, remove the data that is not in ES
-            if record["index_name"] not in all_indices_list:
-                delete_knowledge_record(
-                    {"index_name": record["index_name"], "user_id": user_id})
+
+        for record in all_db_records:
+            index_name = record["index_name"]
+
+            # Check if index exists in Elasticsearch (skip if not found)
+            if index_name not in es_indices_list:
                 continue
-            if record["embedding_model_name"] is None:
-                model_name_is_none_list.append(record["index_name"])
-            filtered_indices_list.append(record["index_name"])
 
-        indices = [info.get("index") if isinstance(
-            info, dict) else info for info in filtered_indices_list]
+            # Check permission based on user role
+            permission = None
+
+            if user_role == "SU":
+                # SU can see all knowledgebases
+                permission = "EDIT"
+            elif user_role == "ADMIN":
+                # ADMIN can see all knowledgebases in their tenant
+                if record.get("tenant_id") == user_tenant_id:
+                    permission = "EDIT"
+            elif user_role in ["USER", "DEV"]:
+                # USER/DEV need group-based permission checking
+                kb_group_ids_str = record.get("group_ids")
+                kb_group_ids = convert_string_to_list(kb_group_ids_str or "")
+                kb_created_by = record.get("created_by")
+                kb_ingroup_permission = record.get("ingroup_permission") or "READ_ONLY"
+
+                # Check if user belongs to any of the knowledgebase groups
+                # Compatibility logic for legacy data:
+                # - If both kb_group_ids and user_group_ids are effectively empty (None or empty lists),
+                #   consider them intersecting (backward compatibility)
+                # - If either side has groups but they don't intersect, no intersection
+                kb_groups_empty = kb_group_ids_str is None or (isinstance(
+                    kb_group_ids_str, str) and kb_group_ids_str.strip() == "") or len(kb_group_ids) == 0
+                user_groups_empty = len(user_group_ids) == 0
+
+                if kb_groups_empty and user_groups_empty:
+                    # Both are empty/None - consider intersecting for backward compatibility
+                    has_group_intersection = True
+                else:
+                    # Normal intersection check
+                    has_group_intersection = bool(set(user_group_ids) & set(kb_group_ids))
+
+                if has_group_intersection:
+                    # Determine permission level
+                    permission = "READ_ONLY"  # Default
+
+                    # User is creator: creator permission
+                    if kb_created_by == user_id:
+                        permission = "CREATOR"
+                    # Group permission allows editing
+                    elif kb_ingroup_permission == "EDIT":
+                        permission = "EDIT"
+                    # Group permission is read-only: already set
+                    elif kb_ingroup_permission == "READ_ONLY":
+                        permission = "READ_ONLY"
+                    # Group permission is private: not visible
+                    elif kb_ingroup_permission == "PRIVATE":
+                        permission = None
+
+            # Add to visible list if permission is granted
+            if permission:
+                record_with_permission = dict(record)
+                record_with_permission["permission"] = permission
+                # Convert group_ids string to list for easier client consumption
+                if record.get("group_ids"):
+                    record_with_permission["group_ids"] = convert_string_to_list(
+                        record["group_ids"])
+                else:
+                    # If no group_ids specified, use tenant default group
+                    default_group_id = get_tenant_default_group_id(record.get("tenant_id"))
+                    record_with_permission["group_ids"] = [default_group_id] if default_group_id else []
+                visible_knowledgebases.append(record_with_permission)
+
+                # Track records with missing embedding model for stats update
+                if record.get("embedding_model_name") is None:
+                    model_name_is_none_list.append(index_name)
+
+        # Build response
+        indices = [record["index_name"] for record in visible_knowledgebases]
 
         response = {
             "indices": indices,
@@ -526,22 +612,34 @@ def list_indices(
 
         if include_stats:
             stats_info = []
-            if filtered_indices_list:
-                indice_stats = vdb_core.get_indices_detail(filtered_indices_list)
-                for index_name in filtered_indices_list:
+            if visible_knowledgebases:
+                index_names = [record["index_name"]
+                               for record in visible_knowledgebases]
+                indice_stats = vdb_core.get_indices_detail(index_names)
+
+                for record in visible_knowledgebases:
+                    index_name = record["index_name"]
                     index_stats = indice_stats.get(index_name, {})
                     stats_info.append({
                         # Internal index name (used as ID)
                         "name": index_name,
                         # User-facing knowledge base name from PostgreSQL (fallback to index_name)
-                        "display_name": index_to_display_name.get(index_name, index_name),
+                        "display_name": record.get("knowledge_name", index_name),
+                        "permission": record["permission"],
+                        "group_ids": record["group_ids"],
                         "stats": index_stats,
                     })
+
+                    # Update model name if missing
                     if index_name in model_name_is_none_list:
-                        update_model_name_by_index_name(index_name,
-                                                        index_stats.get("base_info", {}).get(
-                                                            "embedding_model", ""),
-                                                        tenant_id, user_id)
+                        update_model_name_by_index_name(
+                            index_name,
+                            index_stats.get("base_info", {}).get(
+                                "embedding_model", ""),
+                            record.get("tenant_id", tenant_id),
+                            user_id
+                        )
+
             response["indices_info"] = stats_info
 
         return response
diff --git a/test/backend/app/test_agent_app.py b/test/backend/app/test_agent_app.py
index dbb5a5318..6d34bf5e4 100644
--- a/test/backend/app/test_agent_app.py
+++ b/test/backend/app/test_agent_app.py
@@ -529,8 +529,8 @@ def test_list_all_agent_info_api_success(mocker, mock_auth_header):
     # Mock return values
     mock_get_user_info.return_value = ("test_user", "test_tenant", "en")
     mock_list_all_agent.return_value = [
-        {"agent_id": 1, "name": "Agent 1", "display_name": "Display Agent 1"},
-        {"agent_id": 2, "name": "Agent 2", "display_name": "Display Agent 2"}
+        {"agent_id": 1, "name": "Agent 1", "display_name": "Display Agent 1", "group_ids": []},
+        {"agent_id": 2, "name": "Agent 2", "display_name": "Display Agent 2", "group_ids": [1, 2, 3]}
     ]
 
     # Test the endpoint
@@ -546,8 +546,10 @@ def test_list_all_agent_info_api_success(mocker, mock_auth_header):
     assert len(response.json()) == 2
     assert response.json()[0]["agent_id"] == 1
     assert response.json()[0]["display_name"] == "Display Agent 1"
+    assert response.json()[0]["group_ids"] == []
     assert response.json()[1]["name"] == "Agent 2"
     assert response.json()[1]["display_name"] == "Display Agent 2"
+    assert response.json()[1]["group_ids"] == [1, 2, 3]
 
 
 def test_list_all_agent_info_api_exception(mocker, mock_auth_header):
@@ -805,4 +807,4 @@ def test_regenerate_agent_name_batch_api_error(mocker, mock_auth_header):
     )
 
     assert resp.status_code == 500
-    assert "Agent name batch regenerate error" in resp.json()["detail"]
\ No newline at end of file
+    assert "Agent name batch regenerate error" in resp.json()["detail"]
diff --git a/test/backend/services/test_agent_service.py b/test/backend/services/test_agent_service.py
index 9ad61c7c6..569d3c6be 100644
--- a/test/backend/services/test_agent_service.py
+++ b/test/backend/services/test_agent_service.py
@@ -63,7 +63,7 @@ def _mock_context():
      patch('backend.database.client.get_db_session', side_effect=mock_get_db_session), \
      patch('backend.database.client.MinioClient', return_value=minio_client_mock) as minio_mock, \
      patch('elasticsearch.Elasticsearch', return_value=MagicMock()) as es_mock:
-    
+
     import backend.services.agent_service as agent_service
     from backend.services.agent_service import update_agent_info_impl
     from backend.services.agent_service import get_creating_sub_agent_info_impl
@@ -305,10 +305,10 @@ async def test_get_agent_info_impl_success(mock_search_agent_info, mock_search_t
 
     mock_sub_agent_ids = [456, 789]
     mock_query_sub_agents_id.return_value = mock_sub_agent_ids
-    
+
     # Mock get_model_by_model_id - return None for model_id=None
     mock_get_model_by_model_id.return_value = None
-    
+
     # Mock check_agent_availability - agent is available
     mock_check_availability.return_value = (True, [])
 
@@ -373,7 +373,7 @@ async def test_get_creating_sub_agent_info_impl_success(mock_get_current_user_in
     }
     mock_get_enable_tools.return_value = [1, 2]
     mock_query_sub_agents_id.return_value = [789]
-    
+
     # Mock get_model_by_model_id - return None for model_id=None
     mock_get_model_by_model_id.return_value = None
 
@@ -883,6 +883,122 @@ async def test_delete_agent_impl_exception_handling(mock_get_current_user_info,
     assert "Failed to delete agent" in str(context.value)
 
 
+@patch('backend.services.agent_service.query_group_ids_by_user')
+def test_get_user_group_ids_success(mock_get_group_ids):
+    """
+    Test successful retrieval of user's group IDs as comma-separated string.
+
+    This test verifies that:
+    1. The _get_user_group_ids function calls get_group_ids_by_user
+    2. Returns a comma-separated string of group IDs
+    3. Uses convert_list_to_string utility function
+    """
+    # Setup
+    from backend.services.agent_service import _get_user_group_ids
+    mock_get_group_ids.return_value = [1, 2, 3]
+
+    # Execute
+    result = _get_user_group_ids("test_user", "test_tenant")
+
+    # Assert
+    assert result == "1,2,3"
+    mock_get_group_ids.assert_called_once_with("test_user")
+
+
+@patch('backend.services.agent_service.query_group_ids_by_user')
+def test_get_user_group_ids_empty_groups(mock_get_group_ids):
+    """
+    Test _get_user_group_ids with empty group list.
+
+    This test verifies that:
+    1. When user has no groups, returns empty string
+    """
+    # Setup
+    from backend.services.agent_service import _get_user_group_ids
+    mock_get_group_ids.return_value = []
+
+    # Execute
+    result = _get_user_group_ids("test_user", "test_tenant")
+
+    # Assert
+    assert result == ""
+    mock_get_group_ids.assert_called_once_with("test_user")
+
+
+@patch('backend.services.agent_service.query_group_ids_by_user')
+def test_get_user_group_ids_exception_handling(mock_get_group_ids):
+    """
+    Test _get_user_group_ids exception handling.
+
+    This test verifies that:
+    1. When get_group_ids_by_user raises exception, logs warning and returns empty string
+    """
+    # Setup
+    from backend.services.agent_service import _get_user_group_ids
+    mock_get_group_ids.side_effect = Exception("Database error")
+
+    # Execute
+    result = _get_user_group_ids("test_user", "test_tenant")
+
+    # Assert
+    assert result == ""
+    mock_get_group_ids.assert_called_once_with("test_user")
+
+
+@patch('backend.services.agent_service.query_group_ids_by_user')
+@patch('backend.services.agent_service.create_agent')
+@patch('backend.services.agent_service.get_current_user_info')
+@pytest.mark.asyncio
+async def test_update_agent_info_impl_create_agent_auto_group_ids(mock_get_current_user_info, mock_create_agent, mock_get_group_ids):
+    """
+    Test creating a new agent with automatic group_ids assignment.
+
+    This test verifies that:
+    1. When agent_id is None, a new agent is created
+    2. The group_ids are automatically set to the current user's groups
+    3. The create_agent function is called with the correct parameters including group_ids
+    """
+    # Setup
+    from backend.services.agent_service import update_agent_info_impl
+    mock_get_current_user_info.return_value = (
+        "test_user", "test_tenant", "en")
+    mock_get_group_ids.return_value = [1, 2, 3]
+    mock_create_agent.return_value = {"agent_id": 456}
+
+    # Create a mock AgentInfoRequest object
+    request = MagicMock()
+    request.agent_id = None  # This triggers create mode
+    request.name = "New Agent"
+    request.display_name = "New Display Name"
+    request.business_description = "New agent description"
+    request.author = "test_author"
+    request.model_id = 1
+    request.model_name = "test-model"
+    request.business_logic_model_id = None
+    request.business_logic_model_name = None
+    request.max_steps = 10
+    request.provide_run_summary = True
+    request.duty_prompt = "Test duty"
+    request.constraint_prompt = "Test constraint"
+    request.few_shots_prompt = "Test few shots"
+    request.enabled = True
+    request.enabled_tool_ids = None
+    request.related_agent_ids = None
+
+    # Execute
+    result = await update_agent_info_impl(request, authorization="Bearer token")
+
+    # Assert
+    assert result["agent_id"] == 456
+    mock_get_group_ids.assert_called_once_with("test_user")
+    mock_create_agent.assert_called_once()
+    # Verify that group_ids is included in the agent_info dict passed to create_agent
+    # agent_info keyword argument
+    call_args = mock_create_agent.call_args[1]["agent_info"]
+    # Should be comma-separated string
+    assert call_args["group_ids"] == "1,2,3"
+
+
 @patch('backend.services.agent_service.get_mcp_server_by_name_and_tenant')
 @patch('backend.services.agent_service.ExportAndImportDataFormat')
 @patch('backend.services.agent_service.export_agent_by_agent_id')
@@ -1200,7 +1316,7 @@ async def test_get_agent_info_impl_with_model_id_success(mock_search_agent_info,
         "provider": "openai"
     }
     mock_get_model_by_model_id.return_value = mock_model_info
-    
+
     # Mock check_agent_availability - agent is available
     mock_check_availability.return_value = (True, [])
 
@@ -1366,14 +1482,14 @@ async def test_get_agent_info_impl_with_business_logic_model(mock_search_agent_i
         "display_name": "GPT-4",
         "provider": "openai"
     }
-    
+
     # Mock model info for business logic model
     mock_business_logic_model_info = {
         "model_id": 789,
         "display_name": "Claude-3.5",
         "provider": "anthropic"
     }
-    
+
     # Mock get_model_by_model_id to return different values based on input
     def mock_get_model(model_id):
         if model_id == 456:
@@ -1381,7 +1497,7 @@ def mock_get_model(model_id):
         elif model_id == 789:
             return mock_business_logic_model_info
         return None
-    
+
     mock_get_model_by_model_id.side_effect = mock_get_model
     mock_check_availability.return_value = (True, [])
 
@@ -1402,7 +1518,7 @@ def mock_get_model(model_id):
         "unavailable_reasons": []
     }
     assert result == expected_result
-    
+
     # Verify both models were looked up
     assert mock_get_model_by_model_id.call_count == 2
     mock_get_model_by_model_id.assert_any_call(456)
@@ -1444,7 +1560,7 @@ async def test_get_agent_info_impl_with_business_logic_model_none(mock_search_ag
         "display_name": "GPT-4",
         "provider": "openai"
     }
-    
+
     # Mock get_model_by_model_id to return None for business_logic_model_id
     def mock_get_model(model_id):
         if model_id == 456:
@@ -1452,7 +1568,7 @@ def mock_get_model(model_id):
         elif model_id == 789:
             return None  # Business logic model not found
         return None
-    
+
     mock_get_model_by_model_id.side_effect = mock_get_model
     mock_check_availability.return_value = (True, [])
 
@@ -1473,7 +1589,7 @@ def mock_get_model(model_id):
         "unavailable_reasons": []
     }
     assert result == expected_result
-    
+
     # Verify both models were looked up
     assert mock_get_model_by_model_id.call_count == 2
     mock_get_model_by_model_id.assert_any_call(456)
@@ -1515,14 +1631,14 @@ async def test_get_agent_info_impl_with_business_logic_model_no_display_name(moc
         "display_name": "GPT-4",
         "provider": "openai"
     }
-    
+
     # Mock model info for business logic model without display_name
     mock_business_logic_model_info = {
         "model_id": 789,
         "provider": "anthropic"
         # No display_name field
     }
-    
+
     # Mock get_model_by_model_id to return different values based on input
     def mock_get_model(model_id):
         if model_id == 456:
@@ -1530,7 +1646,7 @@ def mock_get_model(model_id):
         elif model_id == 789:
             return mock_business_logic_model_info
         return None
-    
+
     mock_get_model_by_model_id.side_effect = mock_get_model
     mock_check_availability.return_value = (True, [])
 
@@ -1551,7 +1667,7 @@ def mock_get_model(model_id):
         "unavailable_reasons": []
     }
     assert result == expected_result
-    
+
     # Verify both models were looked up
     assert mock_get_model_by_model_id.call_count == 2
     mock_get_model_by_model_id.assert_any_call(456)
@@ -1575,14 +1691,16 @@ async def test_list_all_agent_info_impl_success():
             "name": "Agent 1",
             "display_name": "Display Agent 1",
             "description": "First test agent",
-            "enabled": True
+            "enabled": True,
+            "group_ids": ""
         },
         {
             "agent_id": 2,
             "name": "Agent 2",
             "display_name": "Display Agent 2",
             "description": "Second test agent",
-            "enabled": True
+            "enabled": True,
+            "group_ids": "1,2,3"
         }
     ]
 
@@ -1610,11 +1728,13 @@ async def test_list_all_agent_info_impl_success():
         assert result[0]["display_name"] == "Display Agent 1"
         assert result[0]["is_available"] == True
         assert result[0]["unavailable_reasons"] == []
+        assert result[0]["group_ids"] == []
         assert result[1]["agent_id"] == 2
         assert result[1]["name"] == "Agent 2"
         assert result[1]["display_name"] == "Display Agent 2"
         assert result[1]["is_available"] == True
         assert result[1]["unavailable_reasons"] == []
+        assert result[1]["group_ids"] == [1, 2, 3]
 
         # Verify mock calls
         mock_query_agents.assert_called_once_with(tenant_id="test_tenant")
@@ -1644,14 +1764,16 @@ async def test_list_all_agent_info_impl_with_unavailable_tools():
             "name": "Agent 1",
             "display_name": "Display Agent 1",
             "description": "Agent with available tools",
-            "enabled": True
+            "enabled": True,
+            "group_ids": ""
         },
         {
             "agent_id": 2,
             "name": "Agent 2",
             "display_name": "Display Agent 2",
             "description": "Agent with unavailable tools",
-            "enabled": True
+            "enabled": True,
+            "group_ids": "5,6"
         }
     ]
 
@@ -1677,8 +1799,10 @@ async def test_list_all_agent_info_impl_with_unavailable_tools():
         assert len(result) == 2
         assert result[0]["is_available"] == True
         assert result[0]["unavailable_reasons"] == []
+        assert result[0]["group_ids"] == []
         assert result[1]["is_available"] == False
         assert result[1]["unavailable_reasons"] == ["tool_unavailable"]
+        assert result[1]["group_ids"] == [5, 6]
 
         # Verify mock calls
         mock_query_agents.assert_called_once_with(tenant_id="test_tenant")
@@ -1714,7 +1838,8 @@ async def test_list_all_agent_info_impl_model_unavailable():
             "display_name": "Display Agent 1",
             "description": "Agent with unavailable model",
             "enabled": True,
-            "model_id": 101
+            "model_id": 101,
+            "group_ids": "7,8,9"
         }
     ]
 
@@ -1732,6 +1857,7 @@ async def test_list_all_agent_info_impl_model_unavailable():
         assert len(result) == 1
         assert result[0]["is_available"] is False
         assert result[0]["unavailable_reasons"] == ["model_unavailable"]
+        assert result[0]["group_ids"] == [7, 8, 9]
 
 
 async def test_list_all_agent_info_impl_duplicate_names():
@@ -1742,7 +1868,8 @@ async def test_list_all_agent_info_impl_duplicate_names():
             "create_time": "2024-01-01T00:00:00",
             "display_name": "Agent Display 1",
             "description": "First agent",
-            "enabled": True
+            "enabled": True,
+            "group_ids": "10"
         },
         {
             "agent_id": 2,
@@ -1750,7 +1877,8 @@ async def test_list_all_agent_info_impl_duplicate_names():
             "create_time": "2024-02-01T00:00:00",
             "display_name": "Agent Display 2",
             "description": "Second agent",
-            "enabled": True
+            "enabled": True,
+            "group_ids": "10,11"
         }
     ]
 
@@ -1767,11 +1895,13 @@ async def test_list_all_agent_info_impl_duplicate_names():
         agent1 = next(a for a in result if a["agent_id"] == 1)
         assert agent1["is_available"] is True
         assert "duplicate_name" not in agent1["unavailable_reasons"]
+        assert agent1["group_ids"] == [10]
 
         # The later created agent (agent_id=2) should be unavailable due to duplication
         agent2 = next(a for a in result if a["agent_id"] == 2)
         assert agent2["is_available"] is False
         assert "duplicate_name" in agent2["unavailable_reasons"]
+        assert agent2["group_ids"] == [10, 11]
 
 
 @patch('backend.services.agent_service.query_sub_agents_id_list')
@@ -3698,21 +3828,24 @@ async def test_list_all_agent_info_impl_with_disabled_agents():
             "name": "Enabled Agent 1",
             "display_name": "Display Enabled Agent 1",
             "description": "First enabled agent",
-            "enabled": True
+            "enabled": True,
+            "group_ids": "12"
         },
         {
             "agent_id": 2,
             "name": "Disabled Agent",
             "display_name": "Display Disabled Agent",
             "description": "Disabled agent that should be skipped",
-            "enabled": False
+            "enabled": False,
+            "group_ids": "13"
         },
         {
             "agent_id": 3,
             "name": "Enabled Agent 2",
             "display_name": "Display Enabled Agent 2",
             "description": "Second enabled agent",
-            "enabled": True
+            "enabled": True,
+            "group_ids": "12,14"
         }
     ]
 
@@ -3739,11 +3872,13 @@ async def test_list_all_agent_info_impl_with_disabled_agents():
         assert result[0]["name"] == "Enabled Agent 1"
         assert result[0]["display_name"] == "Display Enabled Agent 1"
         assert result[0]["is_available"] == True
+        assert result[0]["group_ids"] == [12]
 
         assert result[1]["agent_id"] == 3
         assert result[1]["name"] == "Enabled Agent 2"
         assert result[1]["display_name"] == "Display Enabled Agent 2"
         assert result[1]["is_available"] == True
+        assert result[1]["group_ids"] == [12, 14]
 
         # Verify mock calls
         mock_query_agents.assert_called_once_with(tenant_id="test_tenant")
@@ -3773,14 +3908,16 @@ async def test_list_all_agent_info_impl_all_disabled_agents():
             "name": "Disabled Agent 1",
             "display_name": "Display Disabled Agent 1",
             "description": "First disabled agent",
-            "enabled": False
+            "enabled": False,
+            "group_ids": "15"
         },
         {
             "agent_id": 2,
             "name": "Disabled Agent 2",
             "display_name": "Display Disabled Agent 2",
             "description": "Second disabled agent",
-            "enabled": False
+            "enabled": False,
+            "group_ids": "16,17"
         }
     ]
 
@@ -4325,7 +4462,7 @@ async def test_main_model_fallback_to_quick_config(
 ):
     """
     Test that when main model is not found, system falls back to quick config LLM model
-    
+
     Scenario:
     - Agent config specifies "Qwen/Qwen3-8B" as main model
     - Model not found in target tenant
@@ -4334,39 +4471,39 @@ async def test_main_model_fallback_to_quick_config(
     """
     # Setup: No tools to process
     mock_query_tools.return_value = []
-    
+
     # Setup: Model not found by display name, but quick config exists
     mock_get_model_id.side_effect = [
         None,  # Main model not found
         50  # Business logic model found
     ]
-    
+
     mock_tenant_config_manager.get_model_config.return_value = sample_quick_config_model
-    
+
     mock_create_agent.return_value = {
         "agent_id": 999,
         "name": sample_agent_info["name"]
     }
-    
+
     # Execute
     result = await import_agent_by_agent_id(
         import_agent_info=mock_import_agent_info,
         tenant_id=mock_tenant_id,
         user_id=mock_user_id
     )
-    
+
     # Verify: Quick config model was requested
     from consts.const import MODEL_CONFIG_MAPPING
     mock_tenant_config_manager.get_model_config.assert_called_with(
         key=MODEL_CONFIG_MAPPING["llm"],
         tenant_id=mock_tenant_id
     )
-    
+
     # Verify: Agent was created with quick config model_id
     mock_create_agent.assert_called_once()
     call_args = mock_create_agent.call_args
     agent_info = call_args.kwargs["agent_info"]
-    
+
     assert agent_info["model_id"] == sample_quick_config_model["model_id"]
     assert result == 999
 
@@ -4389,7 +4526,7 @@ async def test_business_logic_model_fallback_to_quick_config(
 ):
     """
     Test that when business logic model is not found, system falls back to quick config LLM model
-    
+
     Scenario:
     - Agent config specifies "Qwen/QwQ-32B" as business logic model
     - Business logic model not found in target tenant
@@ -4398,40 +4535,40 @@ async def test_business_logic_model_fallback_to_quick_config(
     """
     # Setup: No tools to process
     mock_query_tools.return_value = []
-    
+
     # Setup: Main model found, but business logic model not found
     main_model_id = 50
     mock_get_model_id.side_effect = [
         main_model_id,  # Main model found
         None  # Business logic model not found
     ]
-    
+
     mock_tenant_config_manager.get_model_config.return_value = sample_quick_config_model
-    
+
     mock_create_agent.return_value = {
         "agent_id": 888,
         "name": sample_agent_info["name"]
     }
-    
+
     # Execute
     result = await import_agent_by_agent_id(
         import_agent_info=mock_import_agent_info,
         tenant_id=mock_tenant_id,
         user_id=mock_user_id
     )
-    
+
     # Verify: Quick config model was requested for business logic model
     from consts.const import MODEL_CONFIG_MAPPING
     mock_tenant_config_manager.get_model_config.assert_called_with(
         key=MODEL_CONFIG_MAPPING["llm"],
         tenant_id=mock_tenant_id
     )
-    
+
     # Verify: Agent was created with correct model IDs
     mock_create_agent.assert_called_once()
     call_args = mock_create_agent.call_args
     agent_info = call_args.kwargs["agent_info"]
-    
+
     assert agent_info["model_id"] == main_model_id
     assert agent_info["business_logic_model_id"] == sample_quick_config_model["model_id"]
     assert result == 888
@@ -4455,7 +4592,7 @@ async def test_both_models_fallback_to_quick_config(
 ):
     """
     Test that both main and business logic models fallback to quick config when not found
-    
+
     Scenario:
     - Neither main model nor business logic model found in target tenant
     - Both should fallback to quick config LLM model
@@ -4463,35 +4600,35 @@ async def test_both_models_fallback_to_quick_config(
     """
     # Setup: No tools to process
     mock_query_tools.return_value = []
-    
+
     # Setup: Both models not found
     mock_get_model_id.side_effect = [
         None,  # Main model not found
         None  # Business logic model not found
     ]
-    
+
     mock_tenant_config_manager.get_model_config.return_value = sample_quick_config_model
-    
+
     mock_create_agent.return_value = {
         "agent_id": 777,
         "name": sample_agent_info["name"]
     }
-    
+
     # Execute
     result = await import_agent_by_agent_id(
         import_agent_info=mock_import_agent_info,
         tenant_id=mock_tenant_id,
         user_id=mock_user_id
     )
-    
+
     # Verify: Quick config model was requested twice (once for each model)
     assert mock_tenant_config_manager.get_model_config.call_count == 2
-    
+
     # Verify: Agent was created with quick config model_id for both fields
     mock_create_agent.assert_called_once()
     call_args = mock_create_agent.call_args
     agent_info = call_args.kwargs["agent_info"]
-    
+
     assert agent_info["model_id"] == sample_quick_config_model["model_id"]
     assert agent_info["business_logic_model_id"] == sample_quick_config_model["model_id"]
     assert result == 777
@@ -4514,7 +4651,7 @@ async def test_no_quick_config_model_available(
 ):
     """
     Test behavior when model not found and no quick config model is available
-    
+
     Scenario:
     - Main model not found in target tenant
     - Quick config LLM model also not configured
@@ -4522,39 +4659,39 @@ async def test_no_quick_config_model_available(
     """
     # Setup: No tools to process
     mock_query_tools.return_value = []
-    
+
     # Setup: Model not found and no quick config
     mock_get_model_id.side_effect = [
         None,  # Main model not found
         50  # Business logic model found
     ]
-    
+
     mock_tenant_config_manager.get_model_config.return_value = None  # No quick config
-    
+
     mock_create_agent.return_value = {
         "agent_id": 666,
         "name": sample_agent_info["name"]
     }
-    
+
     # Execute
     result = await import_agent_by_agent_id(
         import_agent_info=mock_import_agent_info,
         tenant_id=mock_tenant_id,
         user_id=mock_user_id
     )
-    
+
     # Verify: Quick config was attempted
     from consts.const import MODEL_CONFIG_MAPPING
     mock_tenant_config_manager.get_model_config.assert_called_with(
         key=MODEL_CONFIG_MAPPING["llm"],
         tenant_id=mock_tenant_id
     )
-    
+
     # Verify: Agent was created with model_id = None
     mock_create_agent.assert_called_once()
     call_args = mock_create_agent.call_args
     agent_info = call_args.kwargs["agent_info"]
-    
+
     assert agent_info["model_id"] is None
     assert agent_info["business_logic_model_id"] == 50
     assert result == 666
@@ -4577,7 +4714,7 @@ async def test_model_found_no_fallback_needed(
 ):
     """
     Test that quick config fallback is NOT used when model is found
-    
+
     Scenario:
     - Both main model and business logic model found in target tenant
     - Quick config should NOT be called
@@ -4585,36 +4722,36 @@ async def test_model_found_no_fallback_needed(
     """
     # Setup: No tools to process
     mock_query_tools.return_value = []
-    
+
     # Setup: Both models found
     main_model_id = 30
     business_logic_model_id = 40
-    
+
     mock_get_model_id.side_effect = [
         main_model_id,  # Main model found
         business_logic_model_id  # Business logic model found
     ]
-    
+
     mock_create_agent.return_value = {
         "agent_id": 555,
         "name": sample_agent_info["name"]
     }
-    
+
     # Execute
     result = await import_agent_by_agent_id(
         import_agent_info=mock_import_agent_info,
         tenant_id=mock_tenant_id,
         user_id=mock_user_id
     )
-    
+
     # Verify: Quick config was NOT called
     mock_tenant_config_manager.get_model_config.assert_not_called()
-    
+
     # Verify: Agent was created with found model IDs
     mock_create_agent.assert_called_once()
     call_args = mock_create_agent.call_args
     agent_info = call_args.kwargs["agent_info"]
-    
+
     assert agent_info["model_id"] == main_model_id
     assert agent_info["business_logic_model_id"] == business_logic_model_id
     assert result == 555
@@ -4665,7 +4802,7 @@ async def test_import_agent_includes_model_names(
 
     # Create import data with model_name and business_logic_model_name
     from nexent.core.agents.agent_model import ToolConfig as NexentToolConfig
-    
+
     tool_config = NexentToolConfig(
         class_name="TestTool",
         name="Test Tool",
@@ -4895,7 +5032,7 @@ async def test_import_agent_model_not_found_in_target_tenant(
 
     # Simulate model not found in target tenant
     mock_get_model_id.return_value = None
-    
+
     # Mock the tenant config manager to return None (no quick config fallback)
     mock_tenant_config_manager.get_model_config.return_value = None
 
@@ -5390,7 +5527,7 @@ def mock_render(template_str, **kwargs):
     )
 
     builder_called = {"called": False}
-    
+
     def default_user_prompt_builder(ctx):
         builder_called["called"] = True
         # Verify context is passed correctly
@@ -5779,7 +5916,7 @@ async def fake_to_thread(fn, *args, **kwargs):
         raising=False,
     )
 
-    
+
 
     request = AgentNameBatchRegenerateRequest(
         items=[
@@ -5910,10 +6047,10 @@ async def test_resolve_model_success_found_in_tenant(
         """Test successful model resolution when model exists in tenant."""
         # Arrange
         mock_get_model_id.return_value = "resolved_model_123"
-        
+
         # Import the function
         from backend.services.agent_service import _resolve_model_with_fallback
-        
+
         # Act
         result = _resolve_model_with_fallback(
             model_display_name="GPT-4",
@@ -5921,7 +6058,7 @@ async def test_resolve_model_success_found_in_tenant(
             model_label="Model",
             tenant_id="tenant_001"
         )
-        
+
         # Assert
         assert result == "resolved_model_123"
         mock_get_model_id.assert_called_once_with("GPT-4", "tenant_001")
@@ -5942,9 +6079,9 @@ async def test_resolve_model_fallback_to_quick_config(
             "model_id": "quick_config_model_789",
             "display_name": "Default LLM Model"
         }
-        
+
         from backend.services.agent_service import _resolve_model_with_fallback
-        
+
         # Act
         result = _resolve_model_with_fallback(
             model_display_name="NonExistentModel",
@@ -5952,7 +6089,7 @@ async def test_resolve_model_fallback_to_quick_config(
             model_label="Model",
             tenant_id="tenant_002"
         )
-        
+
         # Assert
         assert result == "quick_config_model_789"
         mock_get_model_id.assert_called_once_with("NonExistentModel", "tenant_002")
@@ -5970,9 +6107,9 @@ async def test_resolve_model_no_fallback_available(
         # Arrange
         mock_get_model_id.return_value = None
         mock_get_model_config.return_value = None  # No quick config model
-        
+
         from backend.services.agent_service import _resolve_model_with_fallback
-        
+
         # Act
         result = _resolve_model_with_fallback(
             model_display_name="NonExistentModel",
@@ -5980,7 +6117,7 @@ async def test_resolve_model_no_fallback_available(
             model_label="Model",
             tenant_id="tenant_003"
         )
-        
+
         # Assert
         assert result is None
         mock_get_model_id.assert_called_once_with("NonExistentModel", "tenant_003")
@@ -5997,7 +6134,7 @@ async def test_resolve_model_none_model_name(
         """Test when model_name is None."""
         # Arrange
         from backend.services.agent_service import _resolve_model_with_fallback
-        
+
         # Act
         result = _resolve_model_with_fallback(
             model_display_name=None,
@@ -6005,7 +6142,7 @@ async def test_resolve_model_none_model_name(
             model_label="Model",
             tenant_id="tenant_004"
         )
-        
+
         # Assert
         assert result is None
         mock_get_model_id.assert_not_called()
@@ -6022,7 +6159,7 @@ async def test_resolve_model_empty_model_name(
         """Test when model_name is an empty string."""
         # Arrange
         from backend.services.agent_service import _resolve_model_with_fallback
-        
+
         # Act
         result = _resolve_model_with_fallback(
             model_display_name="",
@@ -6030,7 +6167,7 @@ async def test_resolve_model_empty_model_name(
             model_label="Model",
             tenant_id="tenant_005"
         )
-        
+
         # Assert
         assert result is None
         mock_get_model_id.assert_not_called()
@@ -6047,9 +6184,9 @@ async def test_resolve_business_logic_model_success(
         """Test successful resolution of business logic model."""
         # Arrange
         mock_get_model_id.return_value = "business_model_555"
-        
+
         from backend.services.agent_service import _resolve_model_with_fallback
-        
+
         # Act
         result = _resolve_model_with_fallback(
             model_display_name="Qwen/QwQ-32B",
@@ -6057,7 +6194,7 @@ async def test_resolve_business_logic_model_success(
             model_label="Business logic model",
             tenant_id="tenant_006"
         )
-        
+
         # Assert
         assert result == "business_model_555"
         mock_get_model_id.assert_called_once_with("Qwen/QwQ-32B", "tenant_006")
@@ -6078,9 +6215,9 @@ async def test_resolve_model_quick_config_no_model_id(
             "display_name": "Default Model",
             # No model_id field
         }
-        
+
         from backend.services.agent_service import _resolve_model_with_fallback
-        
+
         # Act
         result = _resolve_model_with_fallback(
             model_display_name="SomeModel",
@@ -6088,7 +6225,7 @@ async def test_resolve_model_quick_config_no_model_id(
             model_label="Model",
             tenant_id="tenant_007"
         )
-        
+
         # Assert
         assert result is None  # Should return None when model_id is missing
         mock_get_model_id.assert_called_once_with("SomeModel", "tenant_007")
@@ -6105,9 +6242,9 @@ async def test_resolve_model_with_various_labels(
         """Test that different model_labels are handled correctly."""
         # Arrange
         mock_get_model_id.return_value = "model_111"
-        
+
         from backend.services.agent_service import _resolve_model_with_fallback
-        
+
         # Act & Assert - Test with "Model" label
         result1 = _resolve_model_with_fallback(
             model_display_name="TestModel",
@@ -6116,11 +6253,11 @@ async def test_resolve_model_with_various_labels(
             tenant_id="tenant_008"
         )
         assert result1 == "model_111"
-        
+
         # Reset mock
         mock_get_model_id.reset_mock()
         mock_get_model_id.return_value = "model_222"
-        
+
         # Act & Assert - Test with "Business logic model" label
         result2 = _resolve_model_with_fallback(
             model_display_name="TestModel2",
@@ -6141,9 +6278,9 @@ async def test_resolve_model_exception_handling(
         """Test that exceptions from database calls are propagated."""
         # Arrange
         mock_get_model_id.side_effect = Exception("Database connection error")
-        
+
         from backend.services.agent_service import _resolve_model_with_fallback
-        
+
         # Act & Assert
         with pytest.raises(Exception, match="Database connection error"):
             _resolve_model_with_fallback(
@@ -6152,7 +6289,7 @@ async def test_resolve_model_exception_handling(
                 model_label="Model",
                 tenant_id="tenant_010"
             )
-        
+
         mock_get_model_config.assert_not_called()
 
     @pytest.mark.asyncio
@@ -6167,9 +6304,9 @@ async def test_resolve_model_quick_config_exception(
         # Arrange
         mock_get_model_id.return_value = None
         mock_get_model_config.side_effect = Exception("Config service error")
-        
+
         from backend.services.agent_service import _resolve_model_with_fallback
-        
+
         # Act & Assert
         with pytest.raises(Exception, match="Config service error"):
             _resolve_model_with_fallback(
@@ -6254,18 +6391,18 @@ def test_check_agent_availability_all_available(
 ):
     """Test check_agent_availability when all tools and models are available."""
     from backend.services.agent_service import check_agent_availability
-    
+
     mock_agent_info = {"agent_id": 123, "model_id": 456}
     mock_search_agent_info.return_value = mock_agent_info
     mock_search_tools.return_value = [{"tool_id": 1}, {"tool_id": 2}]
     mock_check_tool.return_value = [True, True]
     mock_collect_model_reasons.return_value = []
-    
+
     is_available, reasons = check_agent_availability(
         agent_id=123,
         tenant_id="test_tenant"
     )
-    
+
     assert is_available is True
     assert reasons == []
     mock_search_agent_info.assert_called_once_with(123, "test_tenant")
@@ -6285,18 +6422,18 @@ def test_check_agent_availability_tool_unavailable(
 ):
     """Test check_agent_availability when some tools are unavailable."""
     from backend.services.agent_service import check_agent_availability
-    
+
     mock_agent_info = {"agent_id": 123, "model_id": 456}
     mock_search_agent_info.return_value = mock_agent_info
     mock_search_tools.return_value = [{"tool_id": 1}, {"tool_id": 2}]
     mock_check_tool.return_value = [True, False]  # One tool unavailable
     mock_collect_model_reasons.return_value = []
-    
+
     is_available, reasons = check_agent_availability(
         agent_id=123,
         tenant_id="test_tenant"
     )
-    
+
     assert is_available is False
     assert reasons == ["tool_unavailable"]
 
@@ -6313,18 +6450,18 @@ def test_check_agent_availability_model_unavailable(
 ):
     """Test check_agent_availability when model is unavailable."""
     from backend.services.agent_service import check_agent_availability
-    
+
     mock_agent_info = {"agent_id": 123, "model_id": 456}
     mock_search_agent_info.return_value = mock_agent_info
     mock_search_tools.return_value = [{"tool_id": 1}]
     mock_check_tool.return_value = [True]
     mock_collect_model_reasons.return_value = ["model_unavailable"]
-    
+
     is_available, reasons = check_agent_availability(
         agent_id=123,
         tenant_id="test_tenant"
     )
-    
+
     assert is_available is False
     assert reasons == ["model_unavailable"]
 
@@ -6341,18 +6478,18 @@ def test_check_agent_availability_both_unavailable(
 ):
     """Test check_agent_availability when both tools and model are unavailable."""
     from backend.services.agent_service import check_agent_availability
-    
+
     mock_agent_info = {"agent_id": 123, "model_id": 456}
     mock_search_agent_info.return_value = mock_agent_info
     mock_search_tools.return_value = [{"tool_id": 1}]
     mock_check_tool.return_value = [False]
     mock_collect_model_reasons.return_value = ["model_unavailable"]
-    
+
     is_available, reasons = check_agent_availability(
         agent_id=123,
         tenant_id="test_tenant"
     )
-    
+
     assert is_available is False
     assert "tool_unavailable" in reasons
     assert "model_unavailable" in reasons
@@ -6368,17 +6505,17 @@ def test_check_agent_availability_no_tools(
 ):
     """Test check_agent_availability when agent has no tools."""
     from backend.services.agent_service import check_agent_availability
-    
+
     mock_agent_info = {"agent_id": 123, "model_id": 456}
     mock_search_agent_info.return_value = mock_agent_info
     mock_search_tools.return_value = []  # No tools
     mock_collect_model_reasons.return_value = []
-    
+
     is_available, reasons = check_agent_availability(
         agent_id=123,
         tenant_id="test_tenant"
     )
-    
+
     assert is_available is True
     assert reasons == []
 
@@ -6387,14 +6524,14 @@ def test_check_agent_availability_no_tools(
 def test_check_agent_availability_agent_not_found(mock_search_agent_info):
     """Test check_agent_availability when agent is not found."""
     from backend.services.agent_service import check_agent_availability
-    
+
     mock_search_agent_info.return_value = None
-    
+
     is_available, reasons = check_agent_availability(
         agent_id=999,
         tenant_id="test_tenant"
     )
-    
+
     assert is_available is False
     assert reasons == ["agent_not_found"]
 
@@ -6409,18 +6546,18 @@ def test_check_agent_availability_with_pre_fetched_agent_info(
 ):
     """Test check_agent_availability with pre-fetched agent_info (avoids duplicate DB query)."""
     from backend.services.agent_service import check_agent_availability
-    
+
     pre_fetched_agent_info = {"agent_id": 123, "model_id": 456}
     mock_search_tools.return_value = [{"tool_id": 1}]
     mock_check_tool.return_value = [True]
     mock_collect_model_reasons.return_value = []
-    
+
     is_available, reasons = check_agent_availability(
         agent_id=123,
         tenant_id="test_tenant",
         agent_info=pre_fetched_agent_info
     )
-    
+
     assert is_available is True
     assert reasons == []
     # search_agent_info_by_agent_id should NOT be called since agent_info was provided
@@ -6437,20 +6574,20 @@ def test_check_agent_availability_with_model_cache(
 ):
     """Test check_agent_availability with pre-populated model cache."""
     from backend.services.agent_service import check_agent_availability
-    
+
     pre_fetched_agent_info = {"agent_id": 123, "model_id": 456}
     model_cache = {456: {"connect_status": "available"}}
     mock_search_tools.return_value = [{"tool_id": 1}]
     mock_check_tool.return_value = [True]
     mock_collect_model_reasons.return_value = []
-    
+
     is_available, reasons = check_agent_availability(
         agent_id=123,
         tenant_id="test_tenant",
         agent_info=pre_fetched_agent_info,
         model_cache=model_cache
     )
-    
+
     assert is_available is True
     assert reasons == []
     # Verify model_cache was passed to _collect_model_availability_reasons
@@ -6484,9 +6621,9 @@ async def test_get_agent_info_impl_with_unavailable_agent(
     mock_get_model_by_model_id.return_value = {"display_name": "GPT-4"}
     # Agent is unavailable due to tool issues
     mock_check_availability.return_value = (False, ["tool_unavailable"])
-    
+
     result = await get_agent_info_impl(agent_id=123, tenant_id="test_tenant")
-    
+
     assert result["is_available"] is False
     assert result["unavailable_reasons"] == ["tool_unavailable"]
 
diff --git a/test/backend/services/test_config_sync_service.py b/test/backend/services/test_config_sync_service.py
index 863564b24..49d7dad83 100644
--- a/test/backend/services/test_config_sync_service.py
+++ b/test/backend/services/test_config_sync_service.py
@@ -990,6 +990,8 @@ async def test_load_config_impl_english(self, service_mocks):
         service_mocks['tenant_config_manager'].get_app_config.side_effect = [
             "Custom App Name",  # APP_NAME
             "Custom description",  # APP_DESCRIPTION
+            "Test Tenant",  # TENANT_NAME
+            "default-group-123",  # DEFAULT_GROUP_ID
             "preset",  # ICON_TYPE
             "avatar-uri",  # AVATAR_URI
             "https://custom-icon.com"  # CUSTOM_ICON_URL
@@ -1011,6 +1013,12 @@ async def test_load_config_impl_english(self, service_mocks):
         result = await load_config_impl(language, tenant_id)
 
         assert result["app"]["name"] == "Custom App Name"
+        assert result["app"]["description"] == "Custom description"
+        assert result["app"]["tenantName"] == "Test Tenant"
+        assert result["app"]["defaultGroupId"] == "default-group-123"
+        assert result["app"]["icon"]["type"] == "preset"
+        assert result["app"]["icon"]["avatarUri"] == "avatar-uri"
+        assert result["app"]["icon"]["customUrl"] == "https://custom-icon.com"
         assert result["models"]["llm"]["displayName"] == "Test LLM"
 
     @pytest.mark.asyncio
@@ -1034,6 +1042,12 @@ async def test_load_config_impl_chinese(self, service_mocks):
 
         # Check Chinese default values
         assert result["app"]["name"] == "Nexent 智能体"
+        assert result["app"]["description"] == "面向企业应用的智能体平台"
+        assert result["app"]["tenantName"] == ""
+        assert result["app"]["defaultGroupId"] == ""
+        assert result["app"]["icon"]["type"] == "preset"
+        assert result["app"]["icon"]["avatarUri"] == ""
+        assert result["app"]["icon"]["customUrl"] == ""
 
     @pytest.mark.asyncio
     async def test_load_config_impl_with_embedding_dimension(self, service_mocks):
@@ -1085,6 +1099,12 @@ async def test_load_config_impl_with_embedding_dimension(self, service_mocks):
         # Execute
         result = await load_config_impl(language, tenant_id)
 
+        # Check app config (should use defaults)
+        assert result["app"]["name"] == "Nexent Agent"
+        assert result["app"]["description"] == "Intelligent agent platform for enterprise applications"
+        assert result["app"]["tenantName"] == ""
+        assert result["app"]["defaultGroupId"] == ""
+
         # Check dimension values
         assert result["models"]["embedding"]["dimension"] == 1536
         assert result["models"]["multiEmbedding"]["dimension"] == 768
@@ -1108,6 +1128,12 @@ async def test_load_config_impl_empty_models(self, service_mocks):
         # Execute
         result = await load_config_impl(language, tenant_id)
 
+        # Check app config (should use defaults)
+        assert result["app"]["name"] == "Nexent Agent"
+        assert result["app"]["description"] == "Intelligent agent platform for enterprise applications"
+        assert result["app"]["tenantName"] == ""
+        assert result["app"]["defaultGroupId"] == ""
+
         # Check that models have empty values
         assert result["models"]["llm"]["name"] == ""
         assert result["models"]["embedding"]["name"] == ""
diff --git a/test/backend/services/test_group_service.py b/test/backend/services/test_group_service.py
new file mode 100644
index 000000000..e296f59de
--- /dev/null
+++ b/test/backend/services/test_group_service.py
@@ -0,0 +1,455 @@
+from consts.exceptions import NotFoundException, UnauthorizedError, ValidationError
+import sys
+import pytest
+from unittest.mock import patch, MagicMock
+
+# Mock external dependencies before importing
+sys.modules['psycopg2'] = MagicMock()
+sys.modules['boto3'] = MagicMock()
+sys.modules['supabase'] = MagicMock()
+
+# Patch storage factory and MinIO config validation to avoid errors during initialization
+# These patches must be started before any imports that use MinioClient
+storage_client_mock = MagicMock()
+minio_client_mock = MagicMock()
+patch('nexent.storage.storage_client_factory.create_storage_client_from_config',
+      return_value=storage_client_mock).start()
+patch('nexent.storage.minio_config.MinIOStorageConfig.validate',
+      lambda self: None).start()
+patch('backend.database.client.MinioClient',
+      return_value=minio_client_mock).start()
+
+
+from backend.services.group_service import (
+    get_group_info,
+    get_groups_by_tenant,
+    get_tenant_default_group_id,
+    set_tenant_default_group_id,
+    create_group,
+    update_group,
+    delete_group,
+    add_user_to_single_group,
+    remove_user_from_single_group,
+    get_group_users,
+    get_group_user_count,
+    add_user_to_groups
+)
+from backend.database.group_db import (
+    query_groups_by_tenant,
+    query_groups_by_user,
+    query_group_ids_by_user,
+    check_user_in_group
+)
+
+
+@pytest.fixture
+def mock_user_info():
+    """Mock user tenant information"""
+    return {
+        "user_tenant_id": 1,
+        "user_id": "test_user",
+        "tenant_id": "test_tenant",
+        "user_role": "ADMIN"
+    }
+
+
+@pytest.fixture
+def mock_group_info():
+    """Mock group information"""
+    return {
+        "group_id": 123,
+        "tenant_id": "test_tenant",
+        "group_name": "Test Group",
+        "group_description": "Test group description"
+    }
+
+
+@patch('backend.services.group_service.query_groups')
+def test_get_group_info_single(mock_query_groups):
+    """Test getting single group"""
+    mock_query_groups.return_value = {
+        "group_id": 123, "group_name": "Test Group"}
+
+    result = get_group_info(123)
+
+    assert result["group_id"] == 123
+    assert result["group_name"] == "Test Group"
+    mock_query_groups.assert_called_once_with(123)
+
+
+@patch('backend.services.group_service.query_groups')
+def test_get_group_info_not_found(mock_query_groups):
+    """Test getting non-existent group"""
+    mock_query_groups.return_value = None
+
+    with pytest.raises(NotFoundException, match="Group 123 not found"):
+        get_group_info(123)
+
+
+
+
+@patch('backend.services.group_service.get_user_tenant_by_user_id')
+@patch('backend.services.group_service.add_group')
+def test_create_group_success(mock_add_group, mock_get_user, mock_user_info):
+    """Test creating group successfully"""
+    mock_get_user.return_value = mock_user_info
+    mock_add_group.return_value = 123
+
+    result = create_group(
+        tenant_id="test_tenant",
+        group_name="Test Group",
+        group_description="Description",
+        user_id="test_user"
+    )
+
+    assert result["group_id"] == 123
+    assert result["group_name"] == "Test Group"
+    mock_add_group.assert_called_once_with(
+        tenant_id="test_tenant",
+        group_name="Test Group",
+        group_description="Description",
+        created_by="test_user"
+    )
+
+
+@patch('backend.services.group_service.get_user_tenant_by_user_id')
+def test_create_group_unauthorized(mock_get_user, mock_user_info):
+    """Test creating group with unauthorized user"""
+    mock_user_info["user_role"] = "USER"
+    mock_get_user.return_value = mock_user_info
+
+    with pytest.raises(UnauthorizedError, match="not authorized to create groups"):
+        create_group(
+            tenant_id="test_tenant",
+            group_name="Test Group",
+            user_id="test_user"
+        )
+
+
+@patch('backend.services.group_service.get_user_tenant_by_user_id')
+@patch('backend.services.group_service.query_groups')
+@patch('backend.services.group_service.modify_group')
+def test_update_group_success(mock_modify_group, mock_query_groups, mock_get_user, mock_user_info, mock_group_info):
+    """Test updating group successfully"""
+    mock_get_user.return_value = mock_user_info
+    mock_query_groups.return_value = mock_group_info
+    mock_modify_group.return_value = True
+
+    result = update_group(
+        group_id=123,
+        updates={"group_name": "Updated Group"},
+        user_id="test_user"
+    )
+
+    assert result is True
+    mock_modify_group.assert_called_once_with(
+        group_id=123,
+        updates={"group_name": "Updated Group"},
+        updated_by="test_user"
+    )
+
+
+@patch('backend.services.group_service.get_user_tenant_by_user_id')
+@patch('backend.services.group_service.query_groups')
+def test_update_group_not_found(mock_query_groups, mock_get_user, mock_user_info):
+    """Test updating non-existent group"""
+    mock_get_user.return_value = mock_user_info
+    mock_query_groups.return_value = None
+
+    with pytest.raises(NotFoundException, match="Group 123 not found"):
+        update_group(
+            group_id=123,
+            updates={"group_name": "Updated Group"},
+            user_id="test_user"
+        )
+
+
+@patch('backend.services.group_service.get_user_tenant_by_user_id')
+@patch('backend.services.group_service.query_groups')
+@patch('backend.services.group_service.remove_group')
+def test_delete_group_success(mock_remove_group, mock_query_groups, mock_get_user, mock_user_info, mock_group_info):
+    """Test deleting group successfully"""
+    mock_get_user.return_value = mock_user_info
+    mock_query_groups.return_value = mock_group_info
+    mock_remove_group.return_value = True
+
+    result = delete_group(
+        group_id=123,
+        user_id="test_user"
+    )
+
+    assert result is True
+    mock_remove_group.assert_called_once_with(
+        group_id=123,
+        updated_by="test_user"
+    )
+
+
+@patch('backend.services.group_service.get_user_tenant_by_user_id')
+@patch('backend.services.group_service.query_groups')
+@patch('backend.services.group_service.add_user_to_group')
+@patch('backend.services.group_service.check_user_in_group')
+def test_add_user_to_single_group_success(mock_check_user, mock_add_user, mock_query_groups, mock_get_user, mock_user_info, mock_group_info):
+    """Test adding user to group successfully"""
+    mock_get_user.return_value = mock_user_info
+    mock_query_groups.return_value = mock_group_info
+    mock_check_user.return_value = False
+    mock_add_user.return_value = 456
+
+    result = add_user_to_single_group(
+        group_id=123,
+        user_id="member_user",
+        current_user_id="test_user"
+    )
+
+    assert result["group_user_id"] == 456
+    assert result["already_member"] is False
+    mock_add_user.assert_called_once_with(
+        group_id=123,
+        user_id="member_user",
+        created_by="test_user"
+    )
+
+
+@patch('backend.services.group_service.get_user_tenant_by_user_id')
+@patch('backend.services.group_service.query_groups')
+@patch('backend.services.group_service.check_user_in_group')
+def test_add_user_to_single_group_already_member(mock_check_user, mock_query_groups, mock_get_user, mock_user_info, mock_group_info):
+    """Test adding user who is already in group"""
+    mock_get_user.return_value = mock_user_info
+    mock_query_groups.return_value = mock_group_info
+    mock_check_user.return_value = True
+
+    result = add_user_to_single_group(
+        group_id=123,
+        user_id="member_user",
+        current_user_id="test_user"
+    )
+
+    assert result["already_member"] is True
+    assert result["group_id"] == 123
+
+
+@patch('backend.services.group_service.query_groups')
+@patch('backend.services.group_service.query_group_users')
+def test_get_group_users_success(mock_query_users, mock_query_groups, mock_group_info):
+    """Test getting group users successfully"""
+    mock_query_groups.return_value = mock_group_info
+    mock_users = [{"user_id": "user1"}, {"user_id": "user2"}]
+    mock_query_users.return_value = mock_users
+
+    result = get_group_users(123)
+
+    assert len(result) == 2
+    assert result[0]["user_id"] == "user1"
+    mock_query_users.assert_called_once_with(123)
+
+
+@patch('backend.services.group_service.query_groups')
+@patch('backend.services.group_service.count_group_users')
+def test_get_group_user_count_success(mock_count_users, mock_query_groups, mock_group_info):
+    """Test getting group user count successfully"""
+    mock_query_groups.return_value = mock_group_info
+    mock_count_users.return_value = 5
+
+    result = get_group_user_count(123)
+
+    assert result == 5
+    mock_count_users.assert_called_once_with(123)
+
+
+@patch('backend.services.group_service.add_user_to_single_group')
+def test_add_user_to_groups(mock_add_user):
+    """Test adding user to multiple groups"""
+    mock_add_user.side_effect = [
+        {"group_id": 1, "user_id": "user_123", "already_member": False},
+        {"group_id": 2, "user_id": "user_123", "already_member": False}
+    ]
+
+    result = add_user_to_groups("user_123", [1, 2], "admin_user")
+
+    assert len(result) == 2
+    assert result[0]["group_id"] == 1
+    assert result[1]["group_id"] == 2
+
+
+@patch('backend.services.group_service.get_tenant_info')
+def test_get_tenant_default_group_id_success(mock_get_tenant_info):
+    """Test getting tenant default group ID successfully"""
+    mock_get_tenant_info.return_value = {"default_group_id": "123"}
+
+    result = get_tenant_default_group_id("test_tenant")
+
+    assert result == 123
+    mock_get_tenant_info.assert_called_once_with("test_tenant")
+
+
+@patch('backend.services.group_service.get_tenant_info')
+def test_get_tenant_default_group_id_no_default(mock_get_tenant_info):
+    """Test getting tenant default group ID when none is set"""
+    mock_get_tenant_info.return_value = {"default_group_id": ""}
+
+    result = get_tenant_default_group_id("test_tenant")
+
+    assert result is None
+    mock_get_tenant_info.assert_called_once_with("test_tenant")
+
+
+@patch('backend.services.group_service.get_tenant_info')
+def test_get_tenant_default_group_id_exception(mock_get_tenant_info):
+    """Test getting tenant default group ID when exception occurs"""
+    mock_get_tenant_info.side_effect = Exception("Database error")
+
+    result = get_tenant_default_group_id("test_tenant")
+
+    assert result is None
+
+
+@patch('backend.services.group_service.get_tenant_info')
+@patch('backend.services.group_service.query_groups')
+@patch('backend.services.group_service.get_single_config_info')
+@patch('backend.services.group_service.update_config_by_tenant_config_id')
+def test_set_tenant_default_group_id_update_existing(mock_update_config, mock_get_config, mock_query_groups, mock_get_tenant_info):
+    """Test setting tenant default group ID by updating existing config"""
+    mock_get_tenant_info.return_value = {"tenant_id": "test_tenant"}
+    mock_query_groups.return_value = {"tenant_id": "test_tenant"}
+    mock_get_config.return_value = {"tenant_config_id": 456}
+    mock_update_config.return_value = True
+
+    result = set_tenant_default_group_id("test_tenant", 123, "user_123")
+
+    assert result is True
+    mock_update_config.assert_called_once_with(456, "123")
+
+
+@patch('backend.services.group_service.get_tenant_info')
+@patch('backend.services.group_service.query_groups')
+@patch('backend.services.group_service.get_single_config_info')
+@patch('backend.services.group_service.insert_config')
+def test_set_tenant_default_group_id_create_new(mock_insert_config, mock_get_config, mock_query_groups, mock_get_tenant_info):
+    """Test setting tenant default group ID by creating new config"""
+    mock_get_tenant_info.return_value = {"tenant_id": "test_tenant"}
+    mock_query_groups.return_value = {"tenant_id": "test_tenant"}
+    mock_get_config.return_value = None  # No existing config
+    mock_insert_config.return_value = True
+
+    result = set_tenant_default_group_id("test_tenant", 123, "user_123")
+
+    assert result is True
+    mock_insert_config.assert_called_once()
+    call_args = mock_insert_config.call_args[0][0]  # Get the dict argument
+    assert call_args["tenant_id"] == "test_tenant"
+    assert call_args["config_key"] == "DEFAULT_GROUP_ID"
+    assert call_args["config_value"] == "123"
+
+
+@patch('backend.services.group_service.get_tenant_info')
+def test_set_tenant_default_group_id_tenant_not_found(mock_get_tenant_info):
+    """Test setting tenant default group ID when tenant doesn't exist"""
+    mock_get_tenant_info.return_value = None
+
+    with pytest.raises(NotFoundException, match="Tenant test_tenant not found"):
+        set_tenant_default_group_id("test_tenant", 123, "user_123")
+
+
+@patch('backend.services.group_service.get_tenant_info')
+@patch('backend.services.group_service.query_groups')
+def test_set_tenant_default_group_id_group_not_found(mock_query_groups, mock_get_tenant_info):
+    """Test setting tenant default group ID when group doesn't exist"""
+    mock_get_tenant_info.return_value = {"tenant_id": "test_tenant"}
+    mock_query_groups.return_value = None
+
+    with pytest.raises(NotFoundException, match="Group 123 not found"):
+        set_tenant_default_group_id("test_tenant", 123, "user_123")
+
+
+@patch('backend.services.group_service.get_tenant_info')
+@patch('backend.services.group_service.query_groups')
+def test_set_tenant_default_group_id_wrong_tenant(mock_query_groups, mock_get_tenant_info):
+    """Test setting tenant default group ID when group belongs to different tenant"""
+    mock_get_tenant_info.return_value = {"tenant_id": "test_tenant"}
+    mock_query_groups.return_value = {"tenant_id": "other_tenant"}
+
+    with pytest.raises(ValidationError, match="Group 123 does not belong to tenant test_tenant"):
+        set_tenant_default_group_id("test_tenant", 123, "user_123")
+
+
+@patch('backend.services.group_service.get_tenant_info')
+@patch('backend.services.group_service.query_groups')
+@patch('backend.services.group_service.get_single_config_info')
+@patch('backend.services.group_service.update_config_by_tenant_config_id')
+def test_set_tenant_default_group_id_update_failure(mock_update_config, mock_get_config, mock_query_groups, mock_get_tenant_info):
+    """Test setting tenant default group ID when update fails"""
+    mock_get_tenant_info.return_value = {"tenant_id": "test_tenant"}
+    mock_query_groups.return_value = {"tenant_id": "test_tenant"}
+    mock_get_config.return_value = {"tenant_config_id": 456}
+    mock_update_config.return_value = False
+
+    result = set_tenant_default_group_id("test_tenant", 123, "user_123")
+
+    assert result is False
+
+
+@patch('backend.services.group_service.get_user_tenant_by_user_id')
+@patch('backend.services.group_service.query_groups')
+@patch('backend.services.group_service.remove_user_from_group')
+def test_remove_user_from_single_group_success(mock_remove_user, mock_query_groups, mock_get_user, mock_user_info, mock_group_info):
+    """Test removing user from group successfully"""
+    mock_get_user.return_value = mock_user_info
+    mock_query_groups.return_value = mock_group_info
+    mock_remove_user.return_value = True
+
+    result = remove_user_from_single_group(
+        group_id=123,
+        user_id="member_user",
+        current_user_id="test_user"
+    )
+
+    assert result is True
+    mock_remove_user.assert_called_once_with(
+        group_id=123,
+        user_id="member_user",
+        updated_by="test_user"
+    )
+
+
+@patch('backend.services.group_service.get_user_tenant_by_user_id')
+def test_remove_user_from_single_group_unauthorized_user_not_found(mock_get_user):
+    """Test removing user from group when current user doesn't exist"""
+    mock_get_user.return_value = None
+
+    with pytest.raises(UnauthorizedError, match="User test_user not found"):
+        remove_user_from_single_group(
+            group_id=123,
+            user_id="member_user",
+            current_user_id="test_user"
+        )
+
+
+@patch('backend.services.group_service.get_user_tenant_by_user_id')
+def test_remove_user_from_single_group_unauthorized_role(mock_get_user, mock_user_info):
+    """Test removing user from group with insufficient permissions"""
+    mock_user_info["user_role"] = "USER"
+    mock_get_user.return_value = mock_user_info
+
+    with pytest.raises(UnauthorizedError, match="not authorized to manage group memberships"):
+        remove_user_from_single_group(
+            group_id=123,
+            user_id="member_user",
+            current_user_id="test_user"
+        )
+
+
+@patch('backend.services.group_service.get_user_tenant_by_user_id')
+@patch('backend.services.group_service.query_groups')
+def test_remove_user_from_single_group_group_not_found(mock_query_groups, mock_get_user, mock_user_info):
+    """Test removing user from group when group doesn't exist"""
+    mock_get_user.return_value = mock_user_info
+    mock_query_groups.return_value = None
+
+    with pytest.raises(NotFoundException, match="Group 123 not found"):
+        remove_user_from_single_group(
+            group_id=123,
+            user_id="member_user",
+            current_user_id="test_user"
+        )
diff --git a/test/backend/services/test_invitation_service.py b/test/backend/services/test_invitation_service.py
new file mode 100644
index 000000000..3fa53d2e7
--- /dev/null
+++ b/test/backend/services/test_invitation_service.py
@@ -0,0 +1,410 @@
+import sys
+import pytest
+from unittest.mock import patch, MagicMock
+
+# Mock external dependencies before importing
+sys.modules['psycopg2'] = MagicMock()
+sys.modules['boto3'] = MagicMock()
+sys.modules['supabase'] = MagicMock()
+
+# Patch storage factory and MinIO config validation to avoid errors during initialization
+# These patches must be started before any imports that use MinioClient
+storage_client_mock = MagicMock()
+minio_client_mock = MagicMock()
+patch('nexent.storage.storage_client_factory.create_storage_client_from_config', return_value=storage_client_mock).start()
+patch('nexent.storage.minio_config.MinIOStorageConfig.validate', lambda self: None).start()
+patch('backend.database.client.MinioClient', return_value=minio_client_mock).start()
+
+from consts.exceptions import NotFoundException, UnauthorizedError
+from backend.services.invitation_service import (
+    create_invitation_code,
+    update_invitation_code,
+    use_invitation_code,
+    update_invitation_code_status,
+    get_invitations_list,
+    _generate_unique_invitation_code
+)
+
+
+@pytest.fixture
+def mock_user_info():
+    """Mock user tenant information"""
+    return {
+        "user_tenant_id": 1,
+        "user_id": "test_user",
+        "tenant_id": "test_tenant",
+        "user_role": "SU"
+    }
+
+
+@pytest.fixture
+def mock_invitation_info():
+    """Mock invitation code information"""
+    return {
+        "invitation_id": 123,
+        "tenant_id": "test_tenant",
+        "invitation_code": "ABC123",
+        "code_type": "ADMIN_INVITE",
+        "group_ids": [],
+        "capacity": 5,
+        "expiry_date": "2024-12-31T23:59:59",
+        "status": "IN_USE"
+    }
+
+
+@patch('backend.services.invitation_service.get_tenant_default_group_id')
+@patch('backend.services.invitation_service.get_user_tenant_by_user_id')
+@patch('backend.services.invitation_service._generate_unique_invitation_code')
+@patch('backend.services.invitation_service.add_invitation')
+@patch('backend.services.invitation_service.query_invitation_by_id')
+@patch('backend.services.invitation_service.update_invitation_code_status')
+def test_create_invitation_code_admin_invite(
+    mock_update_status,
+    mock_query_invitation,
+    mock_add_invitation,
+    mock_generate_code,
+    mock_get_user_info,
+    mock_get_tenant_default_group_id,
+    mock_user_info
+):
+    """Test creating ADMIN_INVITE invitation code"""
+    # Setup mocks
+    mock_user_info["user_role"] = "SU"
+    mock_get_user_info.return_value = mock_user_info
+    mock_get_tenant_default_group_id.return_value = None
+    mock_generate_code.return_value = "ABC123"
+    mock_add_invitation.return_value = 123
+    mock_update_status.return_value = None
+    mock_query_invitation.return_value = {"status": "IN_USE"}
+
+    result = create_invitation_code(
+        tenant_id="test_tenant",
+        code_type="ADMIN_INVITE",
+        user_id="test_user"
+    )
+
+    assert result["invitation_id"] == 123
+    assert result["code_type"] == "ADMIN_INVITE"
+    assert result["group_ids"] == []
+    mock_add_invitation.assert_called_once_with(
+        tenant_id="test_tenant",
+        invitation_code="ABC123",
+        code_type="ADMIN_INVITE",
+        group_ids=[],
+        capacity=1,
+        expiry_date=None,
+        status="IN_USE",
+        created_by="test_user"
+    )
+
+
+@patch('backend.services.invitation_service.get_user_tenant_by_user_id')
+@patch('backend.services.invitation_service.query_group_ids_by_user')
+@patch('backend.services.invitation_service._generate_unique_invitation_code')
+@patch('backend.services.invitation_service.add_invitation')
+@patch('backend.services.invitation_service.query_invitation_by_id')
+@patch('backend.services.invitation_service.update_invitation_code_status')
+def test_create_invitation_code_dev_invite_admin_role(
+    mock_update_status,
+    mock_query_invitation,
+    mock_add_invitation,
+    mock_generate_code,
+    mock_query_group_ids_by_user,
+    mock_get_user_info,
+    mock_user_info
+):
+    """Test creating DEV_INVITE invitation code with ADMIN role"""
+    # Setup mocks
+    mock_user_info["user_role"] = "ADMIN"
+    mock_get_user_info.return_value = mock_user_info
+    mock_query_group_ids_by_user.return_value = [1, 2, 3]
+    mock_generate_code.return_value = "DEF456"
+    mock_add_invitation.return_value = 123
+    mock_update_status.return_value = None
+    mock_query_invitation.return_value = {"status": "IN_USE"}
+
+    result = create_invitation_code(
+        tenant_id="test_tenant",
+        code_type="DEV_INVITE",
+        user_id="test_user"
+    )
+
+    assert result["invitation_id"] == 123
+    assert result["code_type"] == "DEV_INVITE"
+    assert result["group_ids"] == [1, 2, 3]
+    mock_add_invitation.assert_called_once_with(
+        tenant_id="test_tenant",
+        invitation_code="DEF456",
+        code_type="DEV_INVITE",
+        group_ids=[1, 2, 3],
+        capacity=1,
+        expiry_date=None,
+        status="IN_USE",
+        created_by="test_user"
+    )
+
+
+@patch('backend.services.invitation_service.get_user_tenant_by_user_id')
+def test_create_invitation_code_invalid_code_type(mock_get_user_info, mock_user_info):
+    """Test creating invitation code with invalid code_type"""
+    # Setup mocks
+    mock_user_info["user_role"] = "SU"
+    mock_get_user_info.return_value = mock_user_info
+
+    with pytest.raises(ValueError, match="Invalid code_type"):
+            create_invitation_code(
+                tenant_id="test_tenant",
+                code_type="INVALID_TYPE",
+                user_id="test_user"
+            )
+
+
+@patch('backend.services.invitation_service.get_user_tenant_by_user_id')
+def test_create_invitation_code_unauthorized_admin_invite(mock_get_user_info, mock_user_info):
+    """Test creating ADMIN_INVITE code with insufficient permissions"""
+    # Setup mocks
+    mock_user_info["user_role"] = "ADMIN"
+    mock_get_user_info.return_value = mock_user_info
+
+    with pytest.raises(UnauthorizedError, match="not authorized to create ADMIN_INVITE codes"):
+            create_invitation_code(
+                tenant_id="test_tenant",
+                code_type="ADMIN_INVITE",
+                user_id="test_user"
+            )
+
+
+@patch('backend.services.invitation_service.get_user_tenant_by_user_id')
+def test_create_invitation_code_unauthorized_dev_invite(mock_get_user_info, mock_user_info):
+    """Test creating DEV_INVITE code with insufficient permissions"""
+    # Setup mocks
+    mock_user_info["user_role"] = "USER"
+    mock_get_user_info.return_value = mock_user_info
+
+    with pytest.raises(UnauthorizedError, match="not authorized to create DEV_INVITE codes"):
+            create_invitation_code(
+                tenant_id="test_tenant",
+                code_type="DEV_INVITE",
+                user_id="test_user"
+            )
+
+
+@patch('backend.services.invitation_service.get_user_tenant_by_user_id')
+@patch('backend.services.invitation_service.modify_invitation')
+@patch('backend.services.invitation_service.update_invitation_code_status')
+def test_update_invitation_code_success(mock_update_status, mock_modify_invitation, mock_get_user_info, mock_user_info):
+    """Test updating invitation code successfully"""
+    mock_get_user_info.return_value = mock_user_info
+    mock_modify_invitation.return_value = True
+    mock_update_status.return_value = None
+
+    result = update_invitation_code(
+        invitation_id=123,
+        updates={"status": "DISABLE"},
+        user_id="test_user"
+    )
+
+    assert result is True
+    mock_modify_invitation.assert_called_once_with(
+        invitation_id=123,
+        updates={"status": "DISABLE"},
+        updated_by="test_user"
+    )
+
+
+@patch('backend.services.invitation_service.check_invitation_available')
+@patch('backend.services.invitation_service.query_invitation_by_code')
+@patch('backend.services.invitation_service.add_invitation_record')
+@patch('backend.services.invitation_service.update_invitation_code_status')
+def test_use_invitation_code_success(
+    mock_update_status,
+    mock_add_invitation_record,
+    mock_query_invitation_by_code,
+    mock_check_available,
+    mock_invitation_info
+):
+    """Test using invitation code successfully"""
+    mock_check_available.return_value = True
+    mock_query_invitation_by_code.return_value = mock_invitation_info
+    mock_add_invitation_record.return_value = 456
+
+    result = use_invitation_code(
+        invitation_code="ABC123",
+        user_id="test_user"
+    )
+
+    assert result["invitation_record_id"] == 456
+    assert result["invitation_code"] == "ABC123"
+    assert result["code_type"] == "ADMIN_INVITE"
+    assert result["group_ids"] == []
+    mock_add_invitation_record.assert_called_once_with(
+        invitation_id=123,
+        user_id="test_user",
+        created_by="test_user"
+    )
+    mock_update_status.assert_called_once_with(123)
+
+
+@patch('backend.services.invitation_service.check_invitation_available')
+def test_use_invitation_code_unavailable(mock_check_available):
+    """Test using unavailable invitation code"""
+    mock_check_available.return_value = False
+
+    with pytest.raises(NotFoundException, match="is not available"):
+        use_invitation_code(
+            invitation_code="ABC123",
+            user_id="test_user"
+        )
+
+
+@patch('backend.services.invitation_service.query_invitation_by_id')
+@patch('backend.services.invitation_service.count_invitation_usage')
+@patch('backend.services.invitation_service.modify_invitation')
+def test_update_invitation_code_status_expired(
+    mock_modify_invitation,
+    mock_count_invitation_usage,
+    mock_query_invitation_by_code,
+    mock_invitation_info
+):
+    """Test updating invitation status to expired"""
+    from datetime import datetime
+
+    # Mock expired invitation
+    mock_invitation_info["expiry_date"] = "2020-01-01T00:00:00"
+    mock_query_invitation_by_code.return_value = mock_invitation_info
+    mock_count_invitation_usage.return_value = 2
+
+    result = update_invitation_code_status(123)
+
+    assert result is True
+    mock_modify_invitation.assert_called_once_with(
+        invitation_id=123,
+        updates={"status": "EXPIRE"},
+        updated_by="system"
+    )
+
+
+@patch('backend.services.invitation_service.query_invitation_by_id')
+@patch('backend.services.invitation_service.count_invitation_usage')
+@patch('backend.services.invitation_service.modify_invitation')
+def test_update_invitation_code_status_run_out(
+    mock_modify_invitation,
+    mock_count_invitation_usage,
+    mock_query_invitation_by_code,
+    mock_invitation_info
+):
+    """Test updating invitation status to run out"""
+    # Mock invitation at capacity
+    mock_invitation_info["capacity"] = 5
+    mock_query_invitation_by_code.return_value = mock_invitation_info
+    mock_count_invitation_usage.return_value = 5
+
+    result = update_invitation_code_status(123)
+
+    assert result is True
+    mock_modify_invitation.assert_called_once_with(
+        invitation_id=123,
+        updates={"status": "RUN_OUT"},
+        updated_by="system"
+    )
+
+
+@patch('backend.services.invitation_service.query_invitation_by_code')
+def test_generate_unique_invitation_code(mock_query_invitation_by_code):
+    """Test generating unique invitation code"""
+    # Mock that first code exists, second doesn't
+    mock_query_invitation_by_code.side_effect = [True, None]
+
+    with patch('random.choices') as mock_random:
+        mock_random.return_value = ['A', 'B', 'C', '1', '2', '3']
+
+        result = _generate_unique_invitation_code()
+
+        assert result == "ABC123"
+        assert len(result) == 6
+
+
+@patch('backend.services.invitation_service.get_user_tenant_by_user_id')
+@patch('backend.services.invitation_service.query_invitations_with_pagination')
+def test_get_invitations_list_success(mock_query_invitations, mock_get_user, mock_user_info):
+    """Test getting invitations list successfully"""
+    mock_get_user.return_value = mock_user_info
+
+    mock_invitations_data = {
+        "items": [
+            {
+                "invitation_id": 123,
+                "invitation_code": "ABC123",
+                "code_type": "ADMIN_INVITE",
+                "group_ids": [],
+                "capacity": 5,
+                "expiry_date": "2024-12-31T23:59:59",
+                "status": "IN_USE"
+            }
+        ],
+        "total": 1,
+        "page": 1,
+        "page_size": 10
+    }
+    mock_query_invitations.return_value = mock_invitations_data
+
+    result = get_invitations_list(
+        tenant_id="test_tenant",
+        page=1,
+        page_size=10,
+        user_id="test_user"
+    )
+
+    assert result["total"] == 1
+    assert len(result["items"]) == 1
+    assert result["items"][0]["invitation_code"] == "ABC123"
+    mock_query_invitations.assert_called_once_with(
+        tenant_id="test_tenant",
+        page=1,
+        page_size=10
+    )
+
+
+@patch('backend.services.invitation_service.get_user_tenant_by_user_id')
+def test_get_invitations_list_user_not_found(mock_get_user):
+    """Test getting invitations list when user doesn't exist"""
+    mock_get_user.return_value = None
+
+    with pytest.raises(UnauthorizedError, match="User test_user not found"):
+        get_invitations_list(
+            tenant_id="test_tenant",
+            page=1,
+            page_size=10,
+            user_id="test_user"
+        )
+
+
+@patch('backend.services.invitation_service.get_user_tenant_by_user_id')
+@patch('backend.services.invitation_service.query_invitations_with_pagination')
+def test_get_invitations_list_unauthorized_user_role(mock_query_invitations, mock_get_user, mock_user_info):
+    """Test getting invitations list with unauthorized user role"""
+    mock_user_info["user_role"] = "USER"
+    mock_get_user.return_value = mock_user_info
+
+    with pytest.raises(UnauthorizedError, match="not authorized to view invitation lists"):
+        get_invitations_list(
+            tenant_id="test_tenant",
+            page=1,
+            page_size=10,
+            user_id="test_user"
+        )
+
+
+@patch('backend.services.invitation_service.get_user_tenant_by_user_id')
+def test_get_invitations_list_unauthorized_user_role_all_tenants(mock_get_user, mock_user_info):
+    """Test getting invitations list for all tenants with insufficient permissions"""
+    mock_user_info["user_role"] = "ADMIN"
+    mock_get_user.return_value = mock_user_info
+
+    with pytest.raises(UnauthorizedError, match="not authorized to view all tenant invitations"):
+        get_invitations_list(
+            tenant_id=None,  # Requesting all tenants
+            page=1,
+            page_size=10,
+            user_id="test_user"
+        )
diff --git a/test/backend/services/test_tenant_service.py b/test/backend/services/test_tenant_service.py
new file mode 100644
index 000000000..6b2dfaef4
--- /dev/null
+++ b/test/backend/services/test_tenant_service.py
@@ -0,0 +1,577 @@
+import sys
+import os
+sys.path.insert(0, os.path.join(os.path.dirname(__file__), "../../.."))
+
+import pytest
+from unittest.mock import patch, MagicMock
+
+# Mock external dependencies before importing
+sys.modules['psycopg2'] = MagicMock()
+sys.modules['boto3'] = MagicMock()
+sys.modules['supabase'] = MagicMock()
+
+# Patch storage factory and MinIO config validation to avoid errors during initialization
+# These patches must be started before any imports that use MinioClient
+storage_client_mock = MagicMock()
+minio_client_mock = MagicMock()
+patch('nexent.storage.storage_client_factory.create_storage_client_from_config',
+      return_value=storage_client_mock).start()
+patch('nexent.storage.minio_config.MinIOStorageConfig.validate',
+      lambda self: None).start()
+patch('backend.database.client.MinioClient',
+      return_value=minio_client_mock).start()
+
+from consts.exceptions import NotFoundException, ValidationError
+from backend.services.tenant_service import (
+    get_tenant_info,
+    get_all_tenants,
+    create_tenant,
+    update_tenant_info,
+    delete_tenant,
+    _create_default_group_for_tenant
+)
+
+
+@pytest.fixture
+def service_mocks():
+    """Create mocks for service layer dependencies"""
+    with patch('backend.services.tenant_service.get_single_config_info') as mock_get_single_config, \
+            patch('backend.services.tenant_service.insert_config') as mock_insert_config, \
+            patch('backend.services.tenant_service.update_config_by_tenant_config_id') as mock_update_config, \
+            patch('backend.services.tenant_service.get_all_tenant_ids') as mock_get_all_tenant_ids, \
+            patch('backend.services.tenant_service.add_group') as mock_add_group:
+
+        yield {
+            'get_single_config_info': mock_get_single_config,
+            'insert_config': mock_insert_config,
+            'update_config_by_tenant_config_id': mock_update_config,
+            'get_all_tenant_ids': mock_get_all_tenant_ids,
+            'add_group': mock_add_group
+        }
+
+
+class TestGetTenantInfo:
+    """Test cases for get_tenant_info function"""
+
+    def test_get_tenant_info_success(self, service_mocks):
+        """Test successfully retrieving tenant information"""
+        # Setup
+        tenant_id = "test_tenant_id"
+        expected_name = "Test Tenant"
+        expected_group_id = "group-123"
+
+        # Mock config functions
+        service_mocks['get_single_config_info'].side_effect = [
+            {"config_value": expected_name},  # TENANT_NAME
+            {"config_value": expected_group_id}  # DEFAULT_GROUP_ID
+        ]
+
+        # Execute
+        result = get_tenant_info(tenant_id)
+
+        # Assert
+        assert result["tenant_id"] == tenant_id
+        assert result["tenant_name"] == expected_name
+        assert result["default_group_id"] == expected_group_id
+
+        # Verify calls
+        service_mocks['get_single_config_info'].assert_any_call(
+            tenant_id, "TENANT_NAME")
+        service_mocks['get_single_config_info'].assert_any_call(
+            tenant_id, "DEFAULT_GROUP_ID")
+
+    def test_get_tenant_info_name_not_found(self, service_mocks):
+        """Test get_tenant_info when tenant name is not found"""
+        # Setup
+        tenant_id = "test_tenant_id"
+
+        # Mock config functions to return empty dict for name
+        service_mocks['get_single_config_info'].side_effect = [
+            {},  # TENANT_NAME not found
+            {"config_value": "group-123"}  # DEFAULT_GROUP_ID
+        ]
+
+        # Execute & Assert
+        with pytest.raises(NotFoundException, match="The name of tenant not found"):
+            get_tenant_info(tenant_id)
+
+    def test_get_tenant_info_with_empty_group_id(self, service_mocks):
+        """Test get_tenant_info when default group ID is empty"""
+        # Setup
+        tenant_id = "test_tenant_id"
+        expected_name = "Test Tenant"
+
+        # Mock config functions
+        service_mocks['get_single_config_info'].side_effect = [
+            {"config_value": expected_name},  # TENANT_NAME
+            {}  # DEFAULT_GROUP_ID not found
+        ]
+
+        # Execute
+        result = get_tenant_info(tenant_id)
+
+        # Assert
+        assert result["tenant_id"] == tenant_id
+        assert result["tenant_name"] == expected_name
+        assert result["default_group_id"] == ""
+
+    def test_get_tenant_info_get_single_config_exception(self, service_mocks):
+        """Test get_tenant_info when get_single_config_info raises exception"""
+        # Setup
+        tenant_id = "test_tenant_id"
+
+        # Mock get_single_config_info to raise exception
+        service_mocks['get_single_config_info'].side_effect = Exception(
+            "Database connection error")
+
+        # Execute & Assert
+        with pytest.raises(Exception, match="Database connection error"):
+            get_tenant_info(tenant_id)
+
+    def test_get_tenant_info_both_configs_none(self, service_mocks):
+        """Test get_tenant_info when both configs return None"""
+        # Setup
+        tenant_id = "test_tenant_id"
+
+        # Mock config functions to return None
+        service_mocks['get_single_config_info'].side_effect = [None, None]
+
+        # Execute & Assert
+        with pytest.raises(NotFoundException, match="The name of tenant not found"):
+            get_tenant_info(tenant_id)
+
+
+class TestGetAllTenants:
+    """Test cases for get_all_tenants function"""
+
+    def test_get_all_tenants_success(self, service_mocks):
+        """Test successfully retrieving all tenants"""
+        # Setup
+        tenant_ids = ["tenant1", "tenant2", "tenant3"]
+        tenant_infos = [
+            {"tenant_id": "tenant1", "tenant_name": "Tenant 1", "default_group_id": "group1"},
+            {"tenant_id": "tenant2", "tenant_name": "Tenant 2", "default_group_id": "group2"},
+            {"tenant_id": "tenant3", "tenant_name": "Tenant 3", "default_group_id": "group3"}
+        ]
+
+        # Mock dependencies
+        with patch('backend.services.tenant_service.get_all_tenant_ids', return_value=tenant_ids), \
+             patch('backend.services.tenant_service.get_tenant_info', side_effect=tenant_infos) as mock_get_tenant_info:
+
+            # Execute
+            result = get_all_tenants()
+
+            # Assert
+            assert len(result) == 3
+            assert result == tenant_infos
+
+    def test_get_all_tenants_with_failed_tenant(self, service_mocks):
+        """Test get_all_tenants when one tenant fails to load"""
+        # Setup
+        tenant_ids = ["tenant1", "tenant2", "tenant3"]
+
+        # Mock get_tenant_info to succeed for first two, fail for third
+        def mock_get_tenant_info(tenant_id):
+            if tenant_id == "tenant3":
+                raise NotFoundException("Tenant not found")
+            return {
+                "tenant_id": tenant_id,
+                "tenant_name": f"Tenant {tenant_id[-1]}",
+                "default_group_id": f"group{tenant_id[-1]}"
+            }
+
+        # Mock dependencies
+        with patch('backend.services.tenant_service.get_all_tenant_ids', return_value=tenant_ids), \
+             patch('backend.services.tenant_service.get_tenant_info', side_effect=mock_get_tenant_info):
+
+            # Execute
+            result = get_all_tenants()
+
+            # Assert - should skip the failed tenant
+            assert len(result) == 2
+            assert result[0]["tenant_id"] == "tenant1"
+            assert result[1]["tenant_id"] == "tenant2"
+
+    def test_get_all_tenants_empty_list(self, service_mocks):
+        """Test get_all_tenants when no tenants exist"""
+        # Mock dependencies
+        with patch('backend.services.tenant_service.get_all_tenant_ids', return_value=[]) as mock_get_tenant_ids:
+
+            # Execute
+            result = get_all_tenants()
+
+            # Assert
+            assert result == []
+            mock_get_tenant_ids.assert_called_once()
+
+    def test_get_all_tenants_get_all_tenant_ids_exception(self, service_mocks):
+        """Test get_all_tenants when get_all_tenant_ids raises exception"""
+        # Mock dependencies
+        with patch('backend.services.tenant_service.get_all_tenant_ids', side_effect=Exception("Database error")) as mock_get_tenant_ids:
+
+            # Execute & Assert
+            with pytest.raises(Exception, match="Database error"):
+                get_all_tenants()
+
+
+class TestCreateTenant:
+    """Test cases for create_tenant function"""
+
+    def test_create_tenant_success(self, service_mocks):
+        """Test successfully creating a tenant"""
+        # Setup
+        tenant_name = "New Tenant"
+        user_id = "creator_user"
+        group_id = 123
+
+        # Mock dependencies
+        with patch('backend.services.tenant_service.get_tenant_info', side_effect=NotFoundException()), \
+             patch('backend.services.tenant_service._create_default_group_for_tenant', return_value=group_id):
+
+            # Configure insert_config to succeed
+            service_mocks['insert_config'].return_value = True
+
+            # Execute
+            result = create_tenant(tenant_name, user_id)
+
+            # Assert
+            assert result["tenant_name"] == tenant_name
+            assert result["default_group_id"] == str(group_id)
+            assert "tenant_id" in result  # tenant_id is auto-generated UUID
+
+            # Verify config insertions were called (3 configs: ID, name, group)
+            assert service_mocks['insert_config'].call_count == 3
+
+    def test_create_tenant_already_exists(self, service_mocks):
+        """Test creating tenant that already exists"""
+        # Setup
+        tenant_name = "Existing Tenant"
+        user_id = "creator_user"
+
+        # Mock get_tenant_info to return existing tenant (UUID collision)
+        with patch('backend.services.tenant_service.get_tenant_info', return_value={"tenant_id": "some-uuid"}) as mock_get_tenant_info:
+
+            # Execute & Assert
+            with pytest.raises(ValidationError, match="already exists"):
+                create_tenant(tenant_name, user_id)
+
+    def test_create_tenant_empty_name(self, service_mocks):
+        """Test creating tenant with empty name"""
+        # Setup
+        tenant_name = ""
+        user_id = "creator_user"
+
+        # Mock get_tenant_info to raise NotFoundException (tenant doesn't exist)
+        with patch('backend.services.tenant_service.get_tenant_info', side_effect=NotFoundException()) as mock_get_tenant_info:
+
+            # Execute & Assert
+            with pytest.raises(ValidationError, match="Tenant name cannot be empty"):
+                create_tenant(tenant_name, user_id)
+
+    def test_create_tenant_config_insertion_failure(self, service_mocks):
+        """Test create_tenant when config insertion fails"""
+        # Setup
+        tenant_name = "New Tenant"
+        user_id = "creator_user"
+
+        # Mock dependencies
+        with patch('backend.services.tenant_service.get_tenant_info', side_effect=NotFoundException()), \
+             patch('backend.services.tenant_service._create_default_group_for_tenant', return_value=123):
+
+            service_mocks['insert_config'].return_value = False
+
+            # Execute & Assert
+            with pytest.raises(ValidationError, match="Failed to create tenant ID configuration"):
+                create_tenant(tenant_name, user_id)
+
+    def test_create_tenant_whitespace_name(self, service_mocks):
+        """Test creating tenant with whitespace-only name"""
+        # Setup
+        tenant_name = "   \t\n   "  # Only whitespace
+        user_id = "creator_user"
+
+        # Mock get_tenant_info to raise NotFoundException (tenant doesn't exist)
+        with patch('backend.services.tenant_service.get_tenant_info', side_effect=NotFoundException()) as mock_get_tenant_info:
+
+            # Execute & Assert
+            with pytest.raises(ValidationError, match="Tenant name cannot be empty"):
+                create_tenant(tenant_name, user_id)
+
+    def test_create_tenant_tenant_id_config_failure(self, service_mocks):
+        """Test create_tenant when tenant ID config insertion fails"""
+        # Setup
+        tenant_name = "New Tenant"
+        user_id = "creator_user"
+
+        # Mock dependencies
+        with patch('backend.services.tenant_service.get_tenant_info', side_effect=NotFoundException()), \
+                patch('backend.services.tenant_service._create_default_group_for_tenant', return_value=123):
+
+            # Configure insert_config to fail on first call (tenant ID config)
+            service_mocks['insert_config'].side_effect = [False, True, True]
+
+            # Execute & Assert
+            with pytest.raises(ValidationError, match="Failed to create tenant ID configuration"):
+                create_tenant(tenant_name, user_id)
+
+    def test_create_tenant_group_config_failure(self, service_mocks):
+        """Test create_tenant when group config insertion fails"""
+        # Setup
+        tenant_name = "New Tenant"
+        user_id = "creator_user"
+
+        # Mock dependencies
+        with patch('backend.services.tenant_service.get_tenant_info', side_effect=NotFoundException()), \
+                patch('backend.services.tenant_service._create_default_group_for_tenant', return_value=123):
+
+            # Configure insert_config to succeed for first two, fail for third (group config)
+            service_mocks['insert_config'].side_effect = [True, True, False]
+
+            # Execute & Assert
+            with pytest.raises(ValidationError, match="Failed to create tenant default group configuration"):
+                create_tenant(tenant_name, user_id)
+
+    def test_create_tenant_default_group_creation_failure(self, service_mocks):
+        """Test create_tenant when default group creation fails"""
+        # Setup
+        tenant_name = "New Tenant"
+        user_id = "creator_user"
+
+        # Mock dependencies
+        with patch('backend.services.tenant_service.get_tenant_info', side_effect=NotFoundException()), \
+                patch('backend.services.tenant_service._create_default_group_for_tenant', side_effect=ValidationError("Group creation failed")):
+
+            # Execute & Assert
+            with pytest.raises(ValidationError, match="Failed to create tenant: Group creation failed"):
+                create_tenant(tenant_name, user_id)
+
+    def test_create_tenant_unexpected_exception_in_try_block(self, service_mocks):
+        """Test create_tenant when unexpected exception occurs in try block"""
+        # Setup
+        tenant_name = "New Tenant"
+        user_id = "creator_user"
+
+        # Mock dependencies
+        with patch('backend.services.tenant_service.get_tenant_info', side_effect=NotFoundException()), \
+                patch('backend.services.tenant_service._create_default_group_for_tenant', side_effect=Exception("Unexpected error")):
+
+            # Execute & Assert
+            with pytest.raises(ValidationError, match="Failed to create tenant: Unexpected error"):
+                create_tenant(tenant_name, user_id)
+
+    def test_create_tenant_uuid_collision(self, service_mocks):
+        """Test create_tenant when UUID collision occurs"""
+        # Setup
+        tenant_name = "New Tenant"
+        user_id = "creator_user"
+
+        # Mock get_tenant_info to return existing tenant (UUID collision)
+        with patch('backend.services.tenant_service.get_tenant_info', return_value={"tenant_id": "existing-uuid"}) as mock_get_tenant_info:
+
+            # Execute & Assert
+            with pytest.raises(ValidationError, match="already exists"):
+                create_tenant(tenant_name, user_id)
+
+
+class TestUpdateTenantInfo:
+    """Test cases for update_tenant_info function"""
+
+    def test_update_tenant_info_success(self, service_mocks):
+        """Test successfully updating tenant information"""
+        # Setup
+        tenant_id = "test_tenant"
+        new_tenant_name = "Updated Tenant Name"
+        user_id = "updater_user"
+
+        # Mock config info
+        config_info = {"tenant_config_id": 123, "config_value": "Old Name"}
+
+        # Mock dependencies
+        with patch('backend.services.tenant_service.get_tenant_info') as mock_get_tenant_info:
+
+            service_mocks['get_single_config_info'].return_value = config_info
+            service_mocks['update_config_by_tenant_config_id'].return_value = True
+
+            mock_get_tenant_info.return_value = {
+                "tenant_id": tenant_id,
+                "tenant_name": new_tenant_name,
+                "default_group_id": "group-123"
+            }
+
+            # Execute
+            result = update_tenant_info(tenant_id, new_tenant_name, user_id)
+
+            # Assert
+            assert result["tenant_id"] == tenant_id
+            assert result["tenant_name"] == new_tenant_name
+
+    def test_update_tenant_info_tenant_not_found(self, service_mocks):
+        """Test update_tenant_info when tenant doesn't exist"""
+        # Setup
+        tenant_id = "nonexistent_tenant"
+        new_tenant_name = "Updated Name"
+        user_id = "updater_user"
+
+        # Mock get_single_config_info to return empty dict (not found)
+        service_mocks['get_single_config_info'].return_value = {}
+
+        # Execute & Assert
+        with pytest.raises(NotFoundException, match="not found"):
+            update_tenant_info(tenant_id, new_tenant_name, user_id)
+
+    def test_update_tenant_info_empty_name(self, service_mocks):
+        """Test update_tenant_info with empty name"""
+        # Setup
+        tenant_id = "test_tenant"
+        new_tenant_name = ""
+        user_id = "updater_user"
+
+        # Mock config info
+        config_info = {"tenant_config_id": 123, "config_value": "Old Name"}
+
+        # Mock dependencies
+        service_mocks['get_single_config_info'].return_value = config_info
+
+        # Execute & Assert
+        with pytest.raises(ValidationError, match="Tenant name cannot be empty"):
+            update_tenant_info(tenant_id, new_tenant_name, user_id)
+
+    def test_update_tenant_info_update_failure(self, service_mocks):
+        """Test update_tenant_info when config update fails"""
+        # Setup
+        tenant_id = "test_tenant"
+        new_tenant_name = "Updated Name"
+        user_id = "updater_user"
+
+        # Mock config info
+        config_info = {"tenant_config_id": 123, "config_value": "Old Name"}
+
+        # Mock dependencies
+        service_mocks['get_single_config_info'].return_value = config_info
+        service_mocks['update_config_by_tenant_config_id'].return_value = False
+
+        # Execute & Assert
+        with pytest.raises(ValidationError, match="Failed to update tenant name"):
+            update_tenant_info(tenant_id, new_tenant_name, user_id)
+
+    def test_update_tenant_info_whitespace_name(self, service_mocks):
+        """Test update_tenant_info with whitespace-only name"""
+        # Setup
+        tenant_id = "test_tenant"
+        new_tenant_name = "   \t\n   "  # Only whitespace
+        user_id = "updater_user"
+
+        # Mock config info
+        config_info = {"tenant_config_id": 123, "config_value": "Old Name"}
+
+        # Mock dependencies
+        service_mocks['get_single_config_info'].return_value = config_info
+
+        # Execute & Assert
+        with pytest.raises(ValidationError, match="Tenant name cannot be empty"):
+            update_tenant_info(tenant_id, new_tenant_name, user_id)
+
+    def test_update_tenant_info_get_tenant_info_failure(self, service_mocks):
+        """Test update_tenant_info when get_tenant_info fails after successful update"""
+        # Setup
+        tenant_id = "test_tenant"
+        new_tenant_name = "Updated Name"
+        user_id = "updater_user"
+
+        # Mock config info
+        config_info = {"tenant_config_id": 123, "config_value": "Old Name"}
+
+        # Mock dependencies
+        with patch('backend.services.tenant_service.get_tenant_info', side_effect=NotFoundException("Failed to get updated info")) as mock_get_tenant_info:
+
+            service_mocks['get_single_config_info'].return_value = config_info
+            service_mocks['update_config_by_tenant_config_id'].return_value = True
+
+            # Execute & Assert
+            with pytest.raises(NotFoundException, match="Failed to get updated info"):
+                update_tenant_info(tenant_id, new_tenant_name, user_id)
+
+
+class TestDeleteTenant:
+    """Test cases for delete_tenant function"""
+
+    def test_delete_tenant_always_fails(self):
+        """Test that delete_tenant always raises NotImplementedError"""
+        # Execute & Assert
+        with pytest.raises(NotImplementedError, match="Tenant deletion is not yet implemented"):
+            delete_tenant("any_tenant", "any_user")
+
+
+class TestCreateDefaultGroupForTenant:
+    """Test cases for _create_default_group_for_tenant function"""
+
+    def test_create_default_group_for_tenant_success(self, service_mocks):
+        """Test successfully creating default group for tenant"""
+        # Setup
+        tenant_id = "test_tenant"
+        user_id = "creator_user"
+        expected_group_id = 123
+
+        # Mock add_group to return expected group ID
+        with patch('backend.services.tenant_service.add_group', return_value=expected_group_id) as mock_add_group:
+            # Execute
+            result = _create_default_group_for_tenant(tenant_id, user_id)
+
+            # Assert
+            assert result == expected_group_id
+
+            # Verify add_group was called with correct parameters
+            mock_add_group.assert_called_once_with(
+                tenant_id=tenant_id,
+                group_name="Default Group",
+                group_description="Default group created automatically for new tenant",
+                created_by=user_id
+            )
+
+    def test_create_default_group_for_tenant_failure(self, service_mocks):
+        """Test _create_default_group_for_tenant when group creation fails"""
+        # Setup
+        tenant_id = "test_tenant"
+        user_id = "creator_user"
+
+        # Mock add_group to raise exception
+        with patch('backend.services.tenant_service.add_group', side_effect=Exception("Database error")):
+            # Execute & Assert
+            with pytest.raises(ValidationError, match="Failed to create default group"):
+                _create_default_group_for_tenant(tenant_id, user_id)
+
+    def test_create_default_group_for_tenant_with_none_user(self, service_mocks):
+        """Test _create_default_group_for_tenant with None user"""
+        # Setup
+        tenant_id = "test_tenant"
+        user_id = None
+        expected_group_id = 123
+
+        # Mock add_group to return expected group ID
+        with patch('backend.services.tenant_service.add_group', return_value=expected_group_id) as mock_add_group:
+            # Execute
+            result = _create_default_group_for_tenant(tenant_id, user_id)
+
+            # Assert
+            assert result == expected_group_id
+
+            # Verify add_group was called with None as created_by
+            mock_add_group.assert_called_once_with(
+                tenant_id=tenant_id,
+                group_name="Default Group",
+                group_description="Default group created automatically for new tenant",
+                created_by=None
+            )
+
+    def test_create_default_group_for_tenant_validation_error_from_add_group(self, service_mocks):
+        """Test _create_default_group_for_tenant when add_group raises ValidationError"""
+        # Setup
+        tenant_id = "test_tenant"
+        user_id = "creator_user"
+
+        # Mock add_group to raise ValidationError
+        from consts.exceptions import ValidationError as VE
+        with patch('backend.services.tenant_service.add_group', side_effect=VE("Invalid group data")):
+            # Execute & Assert
+            with pytest.raises(ValidationError, match="Failed to create default group: Invalid group data"):
+                _create_default_group_for_tenant(tenant_id, user_id)
diff --git a/test/backend/services/test_user_management_service.py b/test/backend/services/test_user_management_service.py
index 37ec2e404..e93bc9518 100644
--- a/test/backend/services/test_user_management_service.py
+++ b/test/backend/services/test_user_management_service.py
@@ -24,6 +24,11 @@
 sys.modules['nexent.memory.memory_service'] = nexent_memory_service
 sys.modules['nexent.storage.storage_client_factory'] = MagicMock()
 
+# Mock services
+sys.modules['services'] = MagicMock()
+sys.modules['services.invitation_service'] = MagicMock()
+sys.modules['services.group_service'] = MagicMock()
+
 from consts.exceptions import NoInviteCodeException, IncorrectInviteCodeException, UserRegistrationException, UnauthorizedError
 
 # Patch storage factory and MinIO config validation to avoid errors during initialization
@@ -62,18 +67,18 @@ def test_set_token_with_bearer_prefix(self):
         """Test setting token with Bearer prefix"""
         mock_client = MagicMock()
         token = "Bearer test-jwt-token"
-        
+
         set_auth_token_to_client(mock_client, token)
-        
+
         self.assertEqual(mock_client.auth.access_token, "test-jwt-token")
 
     def test_set_token_without_bearer_prefix(self):
         """Test setting token without Bearer prefix"""
         mock_client = MagicMock()
         token = "test-jwt-token"
-        
+
         set_auth_token_to_client(mock_client, token)
-        
+
         self.assertEqual(mock_client.auth.access_token, "test-jwt-token")
 
     def test_set_token_exception(self):
@@ -82,7 +87,7 @@ def test_set_token_exception(self):
         # Mock the auth attribute to raise an exception when access_token is set
         type(mock_client.auth).access_token = PropertyMock(side_effect=Exception("Auth error"))
         token = "test-jwt-token"
-        
+
         # This should not raise an exception, but should log the error
         set_auth_token_to_client(mock_client, token)
 
@@ -96,9 +101,9 @@ def test_get_client_with_authorization(self, mock_set_token, mock_get_client):
         """Test getting client with authorization header"""
         mock_client = MagicMock()
         mock_get_client.return_value = mock_client
-        
+
         result = get_authorized_client("Bearer test-token")
-        
+
         self.assertEqual(result, mock_client)
         mock_set_token.assert_called_once_with(mock_client, "test-token")
 
@@ -108,9 +113,9 @@ def test_get_client_without_authorization(self, mock_set_token, mock_get_client)
         """Test getting client without authorization header"""
         mock_client = MagicMock()
         mock_get_client.return_value = mock_client
-        
+
         result = get_authorized_client(None)
-        
+
         self.assertEqual(result, mock_client)
         mock_set_token.assert_not_called()
 
@@ -125,9 +130,9 @@ def test_get_user_success(self):
         mock_response = MagicMock()
         mock_response.user = mock_user
         mock_client.auth.get_user.return_value = mock_response
-        
+
         result = get_current_user_from_client(mock_client)
-        
+
         self.assertEqual(result, mock_user)
 
     def test_get_user_no_user(self):
@@ -136,27 +141,27 @@ def test_get_user_no_user(self):
         mock_response = MagicMock()
         mock_response.user = None
         mock_client.auth.get_user.return_value = mock_response
-        
+
         result = get_current_user_from_client(mock_client)
-        
+
         self.assertIsNone(result)
 
     def test_get_user_no_response(self):
         """Test when no response is returned"""
         mock_client = MagicMock()
         mock_client.auth.get_user.return_value = None
-        
+
         result = get_current_user_from_client(mock_client)
-        
+
         self.assertIsNone(result)
 
     def test_get_user_exception(self):
         """Test exception handling"""
         mock_client = MagicMock()
         mock_client.auth.get_user.side_effect = Exception("Get user error")
-        
+
         result = get_current_user_from_client(mock_client)
-        
+
         self.assertIsNone(result)
 
 
@@ -172,9 +177,9 @@ def test_validate_token_success(self, mock_get_client, mock_set_token, mock_get_
         mock_user = MagicMock()
         mock_get_client.return_value = mock_client
         mock_get_user.return_value = mock_user
-        
+
         is_valid, user = validate_token("test-token")
-        
+
         self.assertTrue(is_valid)
         self.assertEqual(user, mock_user)
         mock_set_token.assert_called_once_with(mock_client, "test-token")
@@ -187,9 +192,9 @@ def test_validate_token_no_user(self, mock_get_client, mock_set_token, mock_get_
         mock_client = MagicMock()
         mock_get_client.return_value = mock_client
         mock_get_user.return_value = None
-        
+
         is_valid, user = validate_token("test-token")
-        
+
         self.assertFalse(is_valid)
         self.assertIsNone(user)
 
@@ -201,9 +206,9 @@ def test_validate_token_exception(self, mock_get_client, mock_set_token, mock_ge
         mock_client = MagicMock()
         mock_get_client.return_value = mock_client
         mock_get_user.side_effect = Exception("Validation error")
-        
+
         is_valid, user = validate_token("test-token")
-        
+
         self.assertFalse(is_valid)
         self.assertIsNone(user)
 
@@ -224,9 +229,9 @@ def test_extend_session_success(self, mock_calc_expires, mock_get_expiry):
         mock_client.auth.refresh_session.return_value = mock_response
         mock_calc_expires.return_value = "2024-01-01T00:00:00Z"
         mock_get_expiry.return_value = 3600
-        
+
         result = extend_session(mock_client, "refresh-token")
-        
+
         expected = {
             "access_token": "new-access-token",
             "refresh_token": "new-refresh-token",
@@ -241,27 +246,27 @@ def test_extend_session_no_session(self):
         mock_response = MagicMock()
         mock_response.session = None
         mock_client.auth.refresh_session.return_value = mock_response
-        
+
         result = extend_session(mock_client, "refresh-token")
-        
+
         self.assertIsNone(result)
 
     def test_extend_session_no_response(self):
         """Test session extension with no response"""
         mock_client = MagicMock()
         mock_client.auth.refresh_session.return_value = None
-        
+
         result = extend_session(mock_client, "refresh-token")
-        
+
         self.assertIsNone(result)
 
     def test_extend_session_exception(self):
         """Test session extension exception"""
         mock_client = MagicMock()
         mock_client.auth.refresh_session.side_effect = Exception("Refresh error")
-        
+
         result = extend_session(mock_client, "refresh-token")
-        
+
         self.assertIsNone(result)
 
 
@@ -275,31 +280,31 @@ async def test_health_check_success(self):
         class MockResponse:
             def __init__(self):
                 self.ok = True
-            
+
             async def json(self):
                 return {"name": "GoTrue"}
-        
+
         class MockGet:
             def __init__(self):
                 self.response = MockResponse()
-            
+
             async def __aenter__(self):
                 return self.response
-            
+
             async def __aexit__(self, exc_type, exc_val, exc_tb):
                 return None
-        
+
         class MockSession:
             def get(self, *args, **kwargs):
                 return MockGet()
-        
+
         class MockClientSession:
             async def __aenter__(self):
                 return MockSession()
-            
+
             async def __aexit__(self, exc_type, exc_val, exc_tb):
                 return None
-        
+
         # Patch the ClientSession
         with patch('backend.services.user_management_service.aiohttp.ClientSession', MockClientSession):
             # Function should not raise exception and should not return anything
@@ -313,34 +318,34 @@ async def test_health_check_not_ok_response(self):
         class MockResponse:
             def __init__(self):
                 self.ok = False
-        
+
         class MockGet:
             def __init__(self):
                 self.response = MockResponse()
-            
+
             async def __aenter__(self):
                 return self.response
-            
+
             async def __aexit__(self, exc_type, exc_val, exc_tb):
                 return None
-        
+
         class MockSession:
             def get(self, *args, **kwargs):
                 return MockGet()
-        
+
         class MockClientSession:
             async def __aenter__(self):
                 return MockSession()
-            
+
             async def __aexit__(self, exc_type, exc_val, exc_tb):
                 return None
-        
+
         # Patch the ClientSession
         with patch('backend.services.user_management_service.aiohttp.ClientSession', MockClientSession):
             # Function should raise ConnectionError for non-OK response
             with self.assertRaises(ConnectionError) as context:
                 await check_auth_service_health()
-            
+
             self.assertIn("Auth service is unavailable", str(context.exception))
 
     @patch.dict(os.environ, {'SUPABASE_URL': 'http://test.supabase.co', 'SUPABASE_KEY': 'test-key'})
@@ -350,37 +355,37 @@ async def test_health_check_wrong_service_name(self):
         class MockResponse:
             def __init__(self):
                 self.ok = True
-            
+
             async def json(self):
                 return {"name": "WrongService"}
-        
+
         class MockGet:
             def __init__(self):
                 self.response = MockResponse()
-            
+
             async def __aenter__(self):
                 return self.response
-            
+
             async def __aexit__(self, exc_type, exc_val, exc_tb):
                 return None
-        
+
         class MockSession:
             def get(self, *args, **kwargs):
                 return MockGet()
-        
+
         class MockClientSession:
             async def __aenter__(self):
                 return MockSession()
-            
+
             async def __aexit__(self, exc_type, exc_val, exc_tb):
                 return None
-        
+
         # Patch the ClientSession
         with patch('backend.services.user_management_service.aiohttp.ClientSession', MockClientSession):
             # Function should raise ConnectionError for wrong service name
             with self.assertRaises(ConnectionError) as context:
                 await check_auth_service_health()
-            
+
             self.assertIn("Auth service is unavailable", str(context.exception))
 
     @patch.dict(os.environ, {'SUPABASE_URL': 'http://test.supabase.co', 'SUPABASE_KEY': 'test-key'})
@@ -390,37 +395,37 @@ async def test_health_check_empty_response(self):
         class MockResponse:
             def __init__(self):
                 self.ok = True
-            
+
             async def json(self):
                 return None  # Empty response
-        
+
         class MockGet:
             def __init__(self):
                 self.response = MockResponse()
-            
+
             async def __aenter__(self):
                 return self.response
-            
+
             async def __aexit__(self, exc_type, exc_val, exc_tb):
                 return None
-        
+
         class MockSession:
             def get(self, *args, **kwargs):
                 return MockGet()
-        
+
         class MockClientSession:
             async def __aenter__(self):
                 return MockSession()
-            
+
             async def __aexit__(self, exc_type, exc_val, exc_tb):
                 return None
-        
+
         # Patch the ClientSession
         with patch('backend.services.user_management_service.aiohttp.ClientSession', MockClientSession):
             # Function should raise ConnectionError for empty response
             with self.assertRaises(ConnectionError) as context:
                 await check_auth_service_health()
-            
+
             self.assertIn("Auth service is unavailable", str(context.exception))
 
     @patch.dict(os.environ, {'SUPABASE_URL': 'http://test.supabase.co', 'SUPABASE_KEY': 'test-key'})
@@ -430,37 +435,37 @@ async def test_health_check_missing_name_field(self):
         class MockResponse:
             def __init__(self):
                 self.ok = True
-            
+
             async def json(self):
                 return {"status": "ok"}  # Missing "name" field
-        
+
         class MockGet:
             def __init__(self):
                 self.response = MockResponse()
-            
+
             async def __aenter__(self):
                 return self.response
-            
+
             async def __aexit__(self, exc_type, exc_val, exc_tb):
                 return None
-        
+
         class MockSession:
             def get(self, *args, **kwargs):
                 return MockGet()
-        
+
         class MockClientSession:
             async def __aenter__(self):
                 return MockSession()
-            
+
             async def __aexit__(self, exc_type, exc_val, exc_tb):
                 return None
-        
+
         # Patch the ClientSession
         with patch('backend.services.user_management_service.aiohttp.ClientSession', MockClientSession):
             # Function should raise ConnectionError for missing name field
             with self.assertRaises(ConnectionError) as context:
                 await check_auth_service_health()
-            
+
             self.assertIn("Auth service is unavailable", str(context.exception))
 
     @patch.dict(os.environ, {'SUPABASE_URL': 'http://test.supabase.co', 'SUPABASE_KEY': 'test-key'})
@@ -468,11 +473,11 @@ async def __aexit__(self, exc_type, exc_val, exc_tb):
     async def test_health_check_connection_error(self, mock_session_cls):
         """Test health check with connection error"""
         mock_session_cls.side_effect = aiohttp.ClientError("Connection failed")
-        
+
         # Function should raise the original exception
         with self.assertRaises(aiohttp.ClientError) as context:
             await check_auth_service_health()
-        
+
         self.assertIn("Connection failed", str(context.exception))
 
     @patch.dict(os.environ, {'SUPABASE_URL': 'http://test.supabase.co', 'SUPABASE_KEY': 'test-key'})
@@ -480,11 +485,11 @@ async def test_health_check_connection_error(self, mock_session_cls):
     async def test_health_check_general_exception(self, mock_session_cls):
         """Test health check with general exception"""
         mock_session_cls.side_effect = Exception("General error")
-        
+
         # Function should raise the original exception
         with self.assertRaises(Exception) as context:
             await check_auth_service_health()
-        
+
         self.assertIn("General error", str(context.exception))
 
     @patch.dict(os.environ, {'SUPABASE_URL': 'http://test.supabase.co', 'SUPABASE_KEY': 'test-key'})
@@ -494,37 +499,37 @@ async def test_health_check_empty_data_dict(self):
         class MockResponse:
             def __init__(self):
                 self.ok = True
-            
+
             async def json(self):
                 return {}  # Empty dictionary - data exists but no "name" field
-        
+
         class MockGet:
             def __init__(self):
                 self.response = MockResponse()
-            
+
             async def __aenter__(self):
                 return self.response
-            
+
             async def __aexit__(self, exc_type, exc_val, exc_tb):
                 return None
-        
+
         class MockSession:
             def get(self, *args, **kwargs):
                 return MockGet()
-        
+
         class MockClientSession:
             async def __aenter__(self):
                 return MockSession()
-            
+
             async def __aexit__(self, exc_type, exc_val, exc_tb):
                 return None
-        
+
         # Patch the ClientSession
         with patch('backend.services.user_management_service.aiohttp.ClientSession', MockClientSession):
             # Function should raise ConnectionError for empty data dictionary
             with self.assertRaises(ConnectionError) as context:
                 await check_auth_service_health()
-            
+
             self.assertIn("Auth service is unavailable", str(context.exception))
 
 
@@ -547,39 +552,35 @@ async def test_signup_user_regular_user(self, mock_get_client, mock_verify_code,
         mock_client.auth.sign_up.return_value = mock_response
         mock_get_client.return_value = mock_client
         mock_parse_response.return_value = {"user": "data"}
-        
-        result = await signup_user("test@example.com", "password123", False)
-        
+
+        result = await signup_user("test@example.com", "password123")
+
         self.assertEqual(result, {"user": "data"})
         mock_verify_code.assert_not_called()
         mock_generate_tts.assert_not_called()
-        mock_insert_tenant.assert_called_once_with(user_id="user-123", tenant_id="tenant_id")
-        mock_parse_response.assert_called_once_with(False, mock_response, "user")
+        mock_insert_tenant.assert_called_once_with(user_id="user-123", tenant_id="tenant_id", user_role="USER")
+        mock_parse_response.assert_called_once_with(False, mock_response, "USER")
 
     @patch('backend.services.user_management_service.parse_supabase_response')
-    @patch('backend.services.user_management_service.generate_tts_stt_4_admin')
     @patch('backend.services.user_management_service.insert_user_tenant')
-    @patch('backend.services.user_management_service.verify_invite_code')
     @patch('backend.services.user_management_service.get_supabase_client')
-    async def test_signup_user_admin(self, mock_get_client, mock_verify_code,
-                                   mock_insert_tenant, mock_generate_tts, mock_parse_response):
-        """Test admin user signup"""
+    async def test_signup_user_regular_without_invite_code(self, mock_get_client,
+                                                          mock_insert_tenant, mock_parse_response):
+        """Test regular user signup without invitation code"""
         mock_client = MagicMock()
         mock_user = MagicMock()
-        mock_user.id = "admin-123"
+        mock_user.id = "user-123"
         mock_response = MagicMock()
         mock_response.user = mock_user
         mock_client.auth.sign_up.return_value = mock_response
         mock_get_client.return_value = mock_client
         mock_parse_response.return_value = {"user": "data"}
-        
-        result = await signup_user("admin@example.com", "password123", True, "invite-code")
-        
+
+        result = await signup_user("user@example.com", "password123")
+
         self.assertEqual(result, {"user": "data"})
-        mock_verify_code.assert_called_once_with("invite-code")
-        mock_generate_tts.assert_called_once_with("admin-123", "admin-123")
-        mock_insert_tenant.assert_called_once_with(user_id="admin-123", tenant_id="admin-123")
-        mock_parse_response.assert_called_once_with(True, mock_response, "admin")
+        mock_insert_tenant.assert_called_once_with(user_id="user-123", tenant_id="tenant_id", user_role="USER")
+        mock_parse_response.assert_called_once_with(False, mock_response, "USER")
 
     @patch('backend.services.user_management_service.get_supabase_client')
     async def test_signup_user_no_user_returned(self, mock_get_client):
@@ -589,12 +590,124 @@ async def test_signup_user_no_user_returned(self, mock_get_client):
         mock_response.user = None
         mock_client.auth.sign_up.return_value = mock_response
         mock_get_client.return_value = mock_client
-        
+
         with self.assertRaises(UserRegistrationException) as context:
             await signup_user("test@example.com", "password123")
-        
+
         self.assertIn("Registration service is temporarily unavailable", str(context.exception))
 
+    @patch('backend.services.user_management_service.add_user_to_groups')
+    @patch('backend.services.user_management_service.parse_supabase_response')
+    @patch('backend.services.user_management_service.generate_tts_stt_4_admin')
+    @patch('backend.services.user_management_service.insert_user_tenant')
+    @patch('backend.services.user_management_service.get_invitation_by_code')
+    @patch('backend.services.user_management_service.check_invitation_available')
+    @patch('backend.services.user_management_service.use_invitation_code')
+    @patch('backend.services.user_management_service.get_supabase_client')
+    async def test_signup_user_with_admin_invite_code(self, mock_get_client, mock_use_invite,
+                                                     mock_check_available, mock_get_invite_code,
+                                                     mock_insert_tenant, mock_generate_tts, mock_parse_response, mock_add_groups):
+        """Test user signup with ADMIN_INVITE code"""
+        # Setup mocks
+        mock_client = MagicMock()
+        mock_user = MagicMock()
+        mock_user.id = "user-123"
+        mock_response = MagicMock()
+        mock_response.user = mock_user
+        mock_client.auth.sign_up.return_value = mock_response
+        mock_get_client.return_value = mock_client
+
+        # Mock invitation code validation
+        mock_check_available.return_value = True
+        mock_get_invite_code.return_value = {
+            "invitation_id": 1,
+            "code_type": "ADMIN_INVITE",
+            "group_ids": "1,2,3",
+            "tenant_id": "tenant_id"
+        }
+        mock_use_invite.return_value = {
+            "invitation_id": 1,
+            "code_type": "ADMIN_INVITE",
+            "group_ids": "1,2,3"
+        }
+        mock_parse_response.return_value = {"user": "admin_data"}
+        mock_add_groups.return_value = [
+            {"group_id": 1, "user_id": "user-123", "already_member": False},
+            {"group_id": 2, "user_id": "user-123", "already_member": False},
+            {"group_id": 3, "user_id": "user-123", "already_member": False}
+        ]
+
+        result = await signup_user("admin@example.com", "password123", "ADMIN123")
+
+        # Verify generate_tts_stt_4_admin was called for admin user
+        mock_generate_tts.assert_called_once_with("tenant_id", "user-123")
+
+        self.assertEqual(result, {"user": "admin_data"})
+        mock_insert_tenant.assert_called_once_with(user_id="user-123", tenant_id="tenant_id", user_role="ADMIN")
+        mock_use_invite.assert_called_once_with("ADMIN123", "user-123")
+        mock_add_groups.assert_called_once_with("user-123", [1, 2, 3], "user-123")
+        mock_parse_response.assert_called_once_with(True, mock_response, "ADMIN")
+
+    @patch('backend.services.user_management_service.add_user_to_groups')
+    @patch('backend.services.user_management_service.parse_supabase_response')
+    @patch('backend.services.user_management_service.insert_user_tenant')
+    @patch('backend.services.user_management_service.get_invitation_by_code')
+    @patch('backend.services.user_management_service.check_invitation_available')
+    @patch('backend.services.user_management_service.use_invitation_code')
+    @patch('backend.services.user_management_service.get_supabase_client')
+    async def test_signup_user_with_dev_invite_code(self, mock_get_client, mock_use_invite,
+                                                   mock_check_available, mock_get_invite_code,
+                                                   mock_insert_tenant, mock_parse_response, mock_add_groups):
+        """Test user signup with DEV_INVITE code"""
+        # Setup mocks
+        mock_client = MagicMock()
+        mock_user = MagicMock()
+        mock_user.id = "user-456"
+        mock_response = MagicMock()
+        mock_response.user = mock_user
+        mock_client.auth.sign_up.return_value = mock_response
+        mock_get_client.return_value = mock_client
+
+        # Mock invitation code validation
+        mock_check_available.return_value = True
+        mock_get_invite_code.return_value = {
+            "invitation_id": 2,
+            "code_type": "DEV_INVITE",
+            "group_ids": "4,5",
+            "tenant_id": "tenant_id"
+        }
+        mock_use_invite.return_value = {
+            "invitation_id": 2,
+            "code_type": "DEV_INVITE",
+            "group_ids": "4,5"
+        }
+        mock_parse_response.return_value = {"user": "dev_data"}
+        mock_add_groups.return_value = [
+            {"group_id": 4, "user_id": "user-456", "already_member": False},
+            {"group_id": 5, "user_id": "user-456", "already_member": False}
+        ]
+
+        result = await signup_user("dev@example.com", "password123", "DEV456")
+
+        self.assertEqual(result, {"user": "dev_data"})
+        mock_insert_tenant.assert_called_once_with(user_id="user-456", tenant_id="tenant_id", user_role="DEV")
+        mock_use_invite.assert_called_once_with("DEV456", "user-456")
+        mock_add_groups.assert_called_once_with("user-456", [4, 5], "user-456")
+        mock_parse_response.assert_called_once_with(False, mock_response, "DEV")
+
+    @patch('backend.services.user_management_service.get_invitation_by_code')
+    @patch('backend.services.user_management_service.check_invitation_available')
+    @patch('backend.services.user_management_service.get_supabase_client')
+    async def test_signup_user_with_invalid_invite_code(self, mock_get_client, mock_check_available, mock_get_invite_code):
+        """Test user signup with invalid invitation code"""
+        # Mock invitation code validation to fail
+        mock_check_available.return_value = False
+
+        with self.assertRaises(IncorrectInviteCodeException) as context:
+            await signup_user("test@example.com", "password123", "INVALID")
+
+        self.assertIn("is not available", str(context.exception))
+
 
 class TestParseSupabaseResponse(unittest.IsolatedAsyncioTestCase):
     """Test parse_supabase_response"""
@@ -606,20 +719,20 @@ async def test_parse_response_with_session(self, mock_calc_expires, mock_get_exp
         mock_user = MagicMock()
         mock_user.id = "user-123"
         mock_user.email = "test@example.com"
-        
+
         mock_session = MagicMock()
         mock_session.access_token = "access-token"
         mock_session.refresh_token = "refresh-token"
-        
+
         mock_response = MagicMock()
         mock_response.user = mock_user
         mock_response.session = mock_session
-        
+
         mock_calc_expires.return_value = "2024-01-01T00:00:00Z"
         mock_get_expiry.return_value = 3600
-        
+
         result = await parse_supabase_response(False, mock_response, "user")
-        
+
         expected = {
             "user": {
                 "id": "user-123",
@@ -641,13 +754,13 @@ async def test_parse_response_without_session(self):
         mock_user = MagicMock()
         mock_user.id = "user-123"
         mock_user.email = "test@example.com"
-        
+
         mock_response = MagicMock()
         mock_response.user = mock_user
         mock_response.session = None
-        
+
         result = await parse_supabase_response(True, mock_response, "admin")
-        
+
         expected = {
             "user": {
                 "id": "user-123",
@@ -667,16 +780,16 @@ class TestGenerateTtsStt4Admin(unittest.IsolatedAsyncioTestCase):
     async def test_generate_tts_stt_models(self, mock_create_record):
         """Test TTS and STT model generation for admin"""
         await generate_tts_stt_4_admin("tenant-123", "user-123")
-        
+
         # Should be called twice - once for TTS, once for STT
         self.assertEqual(mock_create_record.call_count, 2)
-        
+
         # Check TTS model call
         tts_call = mock_create_record.call_args_list[0]
         tts_data = tts_call[0][0]
         self.assertEqual(tts_data["model_name"], "volcano_tts")
         self.assertEqual(tts_data["model_type"], "tts")
-        
+
         # Check STT model call
         stt_call = mock_create_record.call_args_list[1]
         stt_data = stt_call[0][0]
@@ -698,7 +811,7 @@ async def test_verify_invite_code_no_system_code(self):
         """Test when system has no invite code configured"""
         with self.assertRaises(NoInviteCodeException) as context:
             await verify_invite_code('any-code')
-        
+
         self.assertIn("The system has not configured the admin invite code", str(context.exception))
 
     @patch('backend.services.user_management_service.INVITE_CODE', 'correct-code')
@@ -706,7 +819,7 @@ async def test_verify_invite_code_no_user_code(self):
         """Test when user provides no invite code"""
         with self.assertRaises(IncorrectInviteCodeException) as context:
             await verify_invite_code(None)
-        
+
         self.assertIn("Please enter the invite code", str(context.exception))
 
     @patch('backend.services.user_management_service.INVITE_CODE', 'correct-code')
@@ -714,7 +827,7 @@ async def test_verify_invite_code_wrong_code(self):
         """Test when user provides wrong invite code"""
         with self.assertRaises(IncorrectInviteCodeException) as context:
             await verify_invite_code('wrong-code')
-        
+
         self.assertIn("Please enter the correct admin invite code", str(context.exception))
 
 
@@ -731,22 +844,22 @@ async def test_signin_user_success(self, mock_get_client, mock_calc_expires, moc
         mock_user.id = "user-123"
         mock_user.email = "test@example.com"
         mock_user.user_metadata = {"role": "admin"}
-        
+
         mock_session = MagicMock()
         mock_session.access_token = "access-token"
         mock_session.refresh_token = "refresh-token"
-        
+
         mock_response = MagicMock()
         mock_response.user = mock_user
         mock_response.session = mock_session
-        
+
         mock_client.auth.sign_in_with_password.return_value = mock_response
         mock_get_client.return_value = mock_client
         mock_calc_expires.return_value = "2024-01-01T00:00:00Z"
         mock_get_expiry.return_value = 3600
-        
+
         result = await signin_user("test@example.com", "password123")
-        
+
         expected = {
             "message": "Login successful, session validity is 3600 seconds",
             "data": {
@@ -775,22 +888,22 @@ async def test_signin_user_default_role(self, mock_get_client, mock_calc_expires
         mock_user.id = "user-123"
         mock_user.email = "test@example.com"
         mock_user.user_metadata = {}  # No role in metadata
-        
+
         mock_session = MagicMock()
         mock_session.access_token = "access-token"
         mock_session.refresh_token = "refresh-token"
-        
+
         mock_response = MagicMock()
         mock_response.user = mock_user
         mock_response.session = mock_session
-        
+
         mock_client.auth.sign_in_with_password.return_value = mock_response
         mock_get_client.return_value = mock_client
         mock_calc_expires.return_value = "2024-01-01T00:00:00Z"
         mock_get_expiry.return_value = 3600
-        
+
         result = await signin_user("test@example.com", "password123")
-        
+
         self.assertEqual(result["data"]["user"]["role"], "user")
 
 
@@ -803,7 +916,7 @@ async def test_refresh_token_success(self, mock_get_client, mock_extend_session)
         """Test successful token refresh"""
         mock_client = MagicMock()
         mock_get_client.return_value = mock_client
-        
+
         session_info = {
             "access_token": "new-access-token",
             "refresh_token": "new-refresh-token",
@@ -811,9 +924,9 @@ async def test_refresh_token_success(self, mock_get_client, mock_extend_session)
             "expires_in_seconds": 3600
         }
         mock_extend_session.return_value = session_info
-        
+
         result = await refresh_user_token("Bearer old-token", "refresh-token")
-        
+
         self.assertEqual(result, session_info)
         mock_get_client.assert_called_once_with("Bearer old-token")
         mock_extend_session.assert_called_once_with(mock_client, "refresh-token")
@@ -825,10 +938,10 @@ async def test_refresh_token_failure(self, mock_get_client, mock_extend_session)
         mock_client = MagicMock()
         mock_get_client.return_value = mock_client
         mock_extend_session.return_value = None
-        
+
         with self.assertRaises(ValueError) as context:
             await refresh_user_token("Bearer old-token", "refresh-token")
-        
+
         self.assertEqual(str(context.exception), "Refresh token failed, the token may have expired")
 
 
@@ -843,9 +956,9 @@ async def test_get_session_success(self, mock_validate_token):
         mock_user.email = "test@example.com"
         mock_user.user_metadata = {"role": "admin"}
         mock_validate_token.return_value = (True, mock_user)
-        
+
         result = await get_session_by_authorization("Bearer token")
-        
+
         expected = {
             "user": {
                 "id": "user-123",
@@ -863,19 +976,19 @@ async def test_get_session_default_role(self, mock_validate_token):
         mock_user.email = "test@example.com"
         mock_user.user_metadata = None
         mock_validate_token.return_value = (True, mock_user)
-        
+
         result = await get_session_by_authorization("Bearer token")
-        
+
         self.assertEqual(result["user"]["role"], "user")
 
     @patch('backend.services.user_management_service.validate_token')
     async def test_get_session_invalid_token(self, mock_validate_token):
         """Test session retrieval with invalid token"""
         mock_validate_token.return_value = (False, None)
-        
+
         with self.assertRaises(UnauthorizedError) as context:
             await get_session_by_authorization("Bearer invalid-token")
-        
+
         self.assertEqual(str(context.exception), "Session is invalid or expired")
 
 
@@ -943,37 +1056,64 @@ async def test_revoke_regular_user_outer_exception_swallowed(self, _mock_log):
             await revoke_regular_user("u1", "t1")
 
 
+class TestGetUserInfo(unittest.TestCase):
+    """Test get_user_info function"""
+
+    @patch('backend.services.user_management_service.get_user_tenant_by_user_id')
+    @patch('backend.services.user_management_service.query_group_ids_by_user')
+    def test_get_user_info_success(self, mock_query_group_ids, mock_get_user_tenant):
+        """Test getting user information successfully"""
+        # Setup mocks
+        mock_get_user_tenant.return_value = {
+            "tenant_id": "test_tenant",
+            "user_role": "ADMIN"
+        }
+        mock_query_group_ids.return_value = [1, 2, 3]
+
+        # Execute
+        result = get_user_info("test_user")
+
+        # Assert
+        assert result is not None
+        assert result["user_id"] == "test_user"
+        assert result["tenant_id"] == "test_tenant"
+        assert result["user_role"] == "ADMIN"
+        assert result["group_ids"] == [1, 2, 3]
+
+        mock_get_user_tenant.assert_called_once_with("test_user")
+        mock_query_group_ids.assert_called_once_with("test_user")
+
+    @patch('backend.services.user_management_service.get_user_tenant_by_user_id')
+    def test_get_user_info_user_not_found(self, mock_get_user_tenant):
+        """Test getting user information when user doesn't exist"""
+        # Setup mocks
+        mock_get_user_tenant.return_value = None
+
+        # Execute
+        result = get_user_info("nonexistent_user")
+
+        # Assert
+        assert result is None
+        mock_get_user_tenant.assert_called_once_with("nonexistent_user")
+
+    @patch('backend.services.user_management_service.get_user_tenant_by_user_id')
+    @patch('backend.services.user_management_service.query_group_ids_by_user')
+    def test_get_user_info_exception_handling(self, mock_query_group_ids, mock_get_user_tenant):
+        """Test get_user_info handles exceptions gracefully"""
+        # Setup mocks to raise exception
+        mock_get_user_tenant.side_effect = Exception("Database error")
+
+        # Execute
+        result = get_user_info("test_user")
+
+        # Assert
+        assert result is None
+
+
 class TestIntegrationScenarios(unittest.IsolatedAsyncioTestCase):
     """Integration test scenarios"""
 
-    @patch('backend.services.user_management_service.parse_supabase_response')
-    @patch('backend.services.user_management_service.generate_tts_stt_4_admin')
-    @patch('backend.services.user_management_service.insert_user_tenant')
-    @patch('backend.services.user_management_service.verify_invite_code')
-    @patch('backend.services.user_management_service.get_supabase_client')
-    async def test_admin_signup_and_validation(self, mock_get_client, 
-                                             mock_verify_code, mock_insert_tenant, 
-                                             mock_generate_tts, mock_parse_response):
-        """Test complete admin signup and token validation flow"""
-        # Setup signup
-        mock_client = MagicMock()
-        mock_user = MagicMock()
-        mock_user.id = "admin-123"
-        mock_response = MagicMock()
-        mock_response.user = mock_user
-        mock_client.auth.sign_up.return_value = mock_response
-        mock_get_client.return_value = mock_client
-        mock_parse_response.return_value = {"user": {"id": "admin-123"}}
-        
-        # Test signup
-        signup_result = await signup_user("admin@example.com", "password123", True, "invite-code")
-        self.assertEqual(signup_result["user"]["id"], "admin-123")
-        
-        # Verify that the correct functions were called
-        mock_verify_code.assert_called_once_with("invite-code")
-        mock_generate_tts.assert_called_once_with("admin-123", "admin-123")
-        mock_insert_tenant.assert_called_once_with(user_id="admin-123", tenant_id="admin-123")
 
 
 if __name__ == '__main__':
-    unittest.main() 
\ No newline at end of file
+    unittest.main()
diff --git a/test/backend/services/test_vectordatabase_service.py b/test/backend/services/test_vectordatabase_service.py
index e7b9c0fcb..304b9327d 100644
--- a/test/backend/services/test_vectordatabase_service.py
+++ b/test/backend/services/test_vectordatabase_service.py
@@ -384,8 +384,10 @@ async def run_test():
 
         asyncio.run(run_test())
 
+    @patch('backend.services.vectordatabase_service.query_group_ids_by_user')
+    @patch('backend.services.vectordatabase_service.get_user_tenant_by_user_id')
     @patch('backend.services.vectordatabase_service.get_knowledge_info_by_tenant_id')
-    def test_list_indices_without_stats(self, mock_get_knowledge):
+    def test_list_indices_without_stats(self, mock_get_knowledge, mock_get_user_tenant, mock_get_group_ids):
         """
         Test listing indices without including statistics.
 
@@ -397,9 +399,13 @@ def test_list_indices_without_stats(self, mock_get_knowledge):
         # Setup
         self.mock_vdb_core.get_user_indices.return_value = ["index1", "index2"]
         mock_get_knowledge.return_value = [
-            {"index_name": "index1", "embedding_model_name": "test-model"},
-            {"index_name": "index2", "embedding_model_name": "test-model"}
+            {"index_name": "index1",
+                "embedding_model_name": "test-model", "group_ids": "1,2"},
+            {"index_name": "index2", "embedding_model_name": "test-model", "group_ids": ""}
         ]
+        mock_get_user_tenant.return_value = {
+            "user_role": "SU", "tenant_id": "test_tenant"}
+        mock_get_group_ids.return_value = []
 
         # Execute
         result = ElasticSearchService.list_indices(
@@ -414,10 +420,12 @@ def test_list_indices_without_stats(self, mock_get_knowledge):
         self.assertEqual(len(result["indices"]), 2)
         self.assertEqual(result["count"], 2)
         self.mock_vdb_core.get_user_indices.assert_called_once_with("*")
-        mock_get_knowledge.assert_called_once_with(tenant_id="test_tenant")
+        mock_get_knowledge.assert_called_once_with("test_tenant")
 
+    @patch('backend.services.vectordatabase_service.query_group_ids_by_user')
+    @patch('backend.services.vectordatabase_service.get_user_tenant_by_user_id')
     @patch('backend.services.vectordatabase_service.get_knowledge_info_by_tenant_id')
-    def test_list_indices_with_stats(self, mock_get_knowledge):
+    def test_list_indices_with_stats(self, mock_get_knowledge, mock_get_user_tenant, mock_get_group_ids):
         """
         Test listing indices with statistics included.
 
@@ -433,9 +441,13 @@ def test_list_indices_with_stats(self, mock_get_knowledge):
             "index2": {"base_info": {"doc_count": 20, "embedding_model": "test-model"}}
         }
         mock_get_knowledge.return_value = [
-            {"index_name": "index1", "embedding_model_name": "test-model"},
-            {"index_name": "index2", "embedding_model_name": "test-model"}
+            {"index_name": "index1",
+                "embedding_model_name": "test-model", "group_ids": "1,2"},
+            {"index_name": "index2", "embedding_model_name": "test-model", "group_ids": ""}
         ]
+        mock_get_user_tenant.return_value = {
+            "user_role": "SU", "tenant_id": "test_tenant"}
+        mock_get_group_ids.return_value = []
 
         # Execute
         result = ElasticSearchService.list_indices(
@@ -450,21 +462,31 @@ def test_list_indices_with_stats(self, mock_get_knowledge):
         self.assertEqual(len(result["indices"]), 2)
         self.assertEqual(result["count"], 2)
         self.assertEqual(len(result["indices_info"]), 2)
+
+        # Verify group_ids are included and correctly parsed
+        self.assertEqual(result["indices_info"][0]["group_ids"], [1, 2])
+        self.assertEqual(result["indices_info"][1]["group_ids"], [])
+
         self.mock_vdb_core.get_user_indices.assert_called_once_with("*")
         self.mock_vdb_core.get_indices_detail.assert_called_once_with(
             ["index1", "index2"])
-        mock_get_knowledge.assert_called_once_with(tenant_id="test_tenant")
+        mock_get_knowledge.assert_called_once_with("test_tenant")
 
+    @patch('backend.services.vectordatabase_service.query_group_ids_by_user')
+    @patch('backend.services.vectordatabase_service.get_user_tenant_by_user_id')
     @patch('backend.services.vectordatabase_service.get_knowledge_info_by_tenant_id')
-    @patch('backend.services.vectordatabase_service.delete_knowledge_record')
-    def test_list_indices_removes_stale_pg_records(self, mock_delete_knowledge, mock_get_info):
+    def test_list_indices_skips_missing_indices(self, mock_get_info, mock_get_user_tenant, mock_get_group_ids):
         """
-        Test that list_indices deletes PostgreSQL records whose indices are missing in Elasticsearch.
+        Test that list_indices skips indices that exist in database but not in Elasticsearch.
         """
         self.mock_vdb_core.get_user_indices.return_value = ["es_index"]
         mock_get_info.return_value = [
-            {"index_name": "dangling_index", "embedding_model_name": "model-A"}
+            {"index_name": "dangling_index",
+                "embedding_model_name": "model-A", "group_ids": "1"}
         ]
+        mock_get_user_tenant.return_value = {
+            "user_role": "SU", "tenant_id": "tenant-1"}
+        mock_get_group_ids.return_value = []
 
         result = ElasticSearchService.list_indices(
             pattern="*",
@@ -474,22 +496,25 @@ def test_list_indices_removes_stale_pg_records(self, mock_delete_knowledge, mock
             vdb_core=self.mock_vdb_core
         )
 
-        mock_delete_knowledge.assert_called_once_with(
-            {"index_name": "dangling_index", "user_id": "user-1"}
-        )
+        # Should skip the dangling index and return empty result
         self.assertEqual(result["indices"], [])
         self.assertEqual(result["count"], 0)
 
+    @patch('backend.services.vectordatabase_service.query_group_ids_by_user')
+    @patch('backend.services.vectordatabase_service.get_user_tenant_by_user_id')
     @patch('backend.services.vectordatabase_service.get_knowledge_info_by_tenant_id')
-    def test_list_indices_stats_defaults_when_missing(self, mock_get_info):
+    def test_list_indices_stats_defaults_when_missing(self, mock_get_info, mock_get_user_tenant, mock_get_group_ids):
         """
         Test list_indices include_stats path when Elasticsearch returns no stats for an index.
         """
         self.mock_vdb_core.get_user_indices.return_value = ["index1"]
         mock_get_info.return_value = [
-            {"index_name": "index1", "embedding_model_name": "model-A"}
+            {"index_name": "index1", "embedding_model_name": "model-A", "group_ids": "1,2"}
         ]
         self.mock_vdb_core.get_indices_detail.return_value = {}
+        mock_get_user_tenant.return_value = {
+            "user_role": "SU", "tenant_id": "tenant-1"}
+        mock_get_group_ids.return_value = []
 
         result = ElasticSearchService.list_indices(
             pattern="*",
@@ -503,9 +528,11 @@ def test_list_indices_stats_defaults_when_missing(self, mock_get_info):
         self.assertEqual(result["indices_info"][0]["name"], "index1")
         self.assertEqual(result["indices_info"][0]["stats"], {})
 
+    @patch('backend.services.vectordatabase_service.query_group_ids_by_user')
+    @patch('backend.services.vectordatabase_service.get_user_tenant_by_user_id')
     @patch('backend.services.vectordatabase_service.update_model_name_by_index_name')
     @patch('backend.services.vectordatabase_service.get_knowledge_info_by_tenant_id')
-    def test_list_indices_backfills_missing_model_names(self, mock_get_info, mock_update_model):
+    def test_list_indices_backfills_missing_model_names(self, mock_get_info, mock_update_model, mock_get_user_tenant, mock_get_group_ids):
         """
         Test that list_indices updates database records when embedding_model_name is missing.
         """
@@ -516,6 +543,9 @@ def test_list_indices_backfills_missing_model_names(self, mock_get_info, mock_up
         self.mock_vdb_core.get_indices_detail.return_value = {
             "index1": {"base_info": {"embedding_model": "text-embedding-ada-002"}}
         }
+        mock_get_user_tenant.return_value = {
+            "user_role": "SU", "tenant_id": "tenant-1"}
+        mock_get_group_ids.return_value = []
 
         result = ElasticSearchService.list_indices(
             pattern="*",
@@ -531,18 +561,23 @@ def test_list_indices_backfills_missing_model_names(self, mock_get_info, mock_up
         self.assertEqual(result["count"], 1)
         self.assertEqual(result["indices"][0], "index1")
 
+    @patch('backend.services.vectordatabase_service.query_group_ids_by_user')
+    @patch('backend.services.vectordatabase_service.get_user_tenant_by_user_id')
     @patch('backend.services.vectordatabase_service.get_knowledge_info_by_tenant_id')
-    def test_list_indices_stats_surfaces_elasticsearch_errors(self, mock_get_info):
+    def test_list_indices_stats_surfaces_elasticsearch_errors(self, mock_get_info, mock_get_user_tenant, mock_get_group_ids):
         """
         Test that list_indices propagates Elasticsearch errors while fetching stats.
         """
         self.mock_vdb_core.get_user_indices.return_value = ["index1"]
         mock_get_info.return_value = [
-            {"index_name": "index1", "embedding_model_name": "model-A"}
+            {"index_name": "index1", "embedding_model_name": "model-A", "group_ids": "1,2"}
         ]
         self.mock_vdb_core.get_indices_detail.side_effect = Exception(
             "503 Service Unavailable"
         )
+        mock_get_user_tenant.return_value = {
+            "user_role": "SU", "tenant_id": "tenant-1"}
+        mock_get_group_ids.return_value = []
 
         with self.assertRaises(Exception) as context:
             ElasticSearchService.list_indices(
@@ -555,14 +590,16 @@ def test_list_indices_stats_surfaces_elasticsearch_errors(self, mock_get_info):
 
         self.assertIn("503 Service Unavailable", str(context.exception))
 
+    @patch('backend.services.vectordatabase_service.query_group_ids_by_user')
+    @patch('backend.services.vectordatabase_service.get_user_tenant_by_user_id')
     @patch('backend.services.vectordatabase_service.get_knowledge_info_by_tenant_id')
-    def test_list_indices_stats_keeps_non_stat_fields(self, mock_get_info):
+    def test_list_indices_stats_keeps_non_stat_fields(self, mock_get_info, mock_get_user_tenant, mock_get_group_ids):
         """
         Test that list_indices preserves all stats fields returned by ElasticSearchCore.
         """
         self.mock_vdb_core.get_user_indices.return_value = ["index1"]
         mock_get_info.return_value = [
-            {"index_name": "index1", "embedding_model_name": "model-A"}
+            {"index_name": "index1", "embedding_model_name": "model-A", "group_ids": "1,2"}
         ]
         detailed_stats = {
             "index1": {
@@ -575,6 +612,9 @@ def test_list_indices_stats_keeps_non_stat_fields(self, mock_get_info):
             }
         }
         self.mock_vdb_core.get_indices_detail.return_value = detailed_stats
+        mock_get_user_tenant.return_value = {
+            "user_role": "SU", "tenant_id": "tenant-1"}
+        mock_get_group_ids.return_value = []
 
         result = ElasticSearchService.list_indices(
             pattern="*",
@@ -585,7 +625,61 @@ def test_list_indices_stats_keeps_non_stat_fields(self, mock_get_info):
         )
 
         self.assertEqual(len(result["indices_info"]), 1)
-        self.assertEqual(result["indices_info"][0]["stats"], detailed_stats["index1"])
+        self.assertEqual(result["indices_info"][0]
+                         ["stats"], detailed_stats["index1"])
+
+    @patch('backend.services.vectordatabase_service.query_group_ids_by_user')
+    @patch('backend.services.vectordatabase_service.get_user_tenant_by_user_id')
+    @patch('backend.services.vectordatabase_service.get_knowledge_info_by_tenant_id')
+    def test_list_indices_creator_permission(self, mock_get_knowledge, mock_get_user_tenant, mock_get_group_ids):
+        """
+        Test that creator of a knowledge base gets CREATOR permission.
+
+        This test verifies that:
+        1. When user is the creator of a knowledge base, they get CREATOR permission
+        2. When user is not the creator, they don't get CREATOR permission
+        """
+        # Setup
+        self.mock_vdb_core.get_user_indices.return_value = ["index1", "index2"]
+        mock_get_knowledge.return_value = [
+            {
+                "index_name": "index1",
+                "embedding_model_name": "test-model",
+                "group_ids": "1",
+                "created_by": "test_user",  # User is creator
+                "ingroup_permission": "READ_ONLY",
+                "tenant_id": "test_tenant"
+            },
+            {
+                "index_name": "index2",
+                "embedding_model_name": "test-model",
+                "group_ids": "1",
+                "created_by": "other_user",  # User is not creator
+                "ingroup_permission": "EDIT",
+                "tenant_id": "test_tenant"
+            }
+        ]
+        mock_get_user_tenant.return_value = {
+            "user_role": "USER", "tenant_id": "test_tenant"}
+        mock_get_group_ids.return_value = [1]
+
+        # Execute
+        result = ElasticSearchService.list_indices(
+            pattern="*",
+            include_stats=False,
+            tenant_id="test_tenant",
+            user_id="test_user",
+            vdb_core=self.mock_vdb_core
+        )
+
+        # Assert
+        self.assertEqual(len(result["indices"]), 2)
+        self.assertEqual(result["count"], 2)
+
+        # When include_stats=False, indices is just a list of names
+        # When include_stats=True, indices_info contains the detailed info with permissions
+        self.assertIn("index1", result["indices"])
+        self.assertIn("index2", result["indices"])
 
     def test_vectorize_documents_success(self):
         """
@@ -917,7 +1011,8 @@ def test_delete_documents(self, mock_delete_file):
         # Setup
         self.mock_vdb_core.delete_documents.return_value = 5
         # Configure delete_file to return a success response
-        mock_delete_file.return_value = {"success": True, "object_name": "test_path"}
+        mock_delete_file.return_value = {
+            "success": True, "object_name": "test_path"}
 
         # Execute
         result = ElasticSearchService.delete_documents(
@@ -1501,7 +1596,8 @@ async def run_test():
                     async for item in generator:
                         break
 
-                self.assertIn("No documents found in index", str(context.exception))
+                self.assertIn("No documents found in index",
+                              str(context.exception))
 
             asyncio.run(run_test())
 
@@ -1521,11 +1617,13 @@ def test_summary_index_name_runtime_error_fallback(self):
 
             # Mock return values
             mock_process_docs.return_value = (
-                {"doc1": {"chunks": [{"content": "test content"}]}},  # document_samples
+                # document_samples
+                {"doc1": {"chunks": [{"content": "test content"}]}},
                 {"doc1": np.array([0.1, 0.2, 0.3])}  # doc_embeddings
             )
             mock_cluster.return_value = {"doc1": 0}  # clusters
-            mock_summarize.return_value = {0: "Test cluster summary"}  # cluster_summaries
+            mock_summarize.return_value = {
+                0: "Test cluster summary"}  # cluster_summaries
             mock_merge.return_value = "Final merged summary"  # final_summary
 
             # Create a mock loop with run_in_executor that returns a coroutine
@@ -1587,11 +1685,13 @@ def test_summary_index_name_generator_exception(self):
 
             # Mock return values
             mock_process_docs.return_value = (
-                {"doc1": {"chunks": [{"content": "test content"}]}},  # document_samples
+                # document_samples
+                {"doc1": {"chunks": [{"content": "test content"}]}},
                 {"doc1": np.array([0.1, 0.2, 0.3])}  # doc_embeddings
             )
             mock_cluster.return_value = {"doc1": 0}  # clusters
-            mock_summarize.return_value = {0: "Test cluster summary"}  # cluster_summaries
+            mock_summarize.return_value = {
+                0: "Test cluster summary"}  # cluster_summaries
             mock_merge.return_value = "Final merged summary"  # final_summary
 
             # Execute
@@ -1639,11 +1739,13 @@ def test_summary_index_name_sample_count_calculation(self):
 
             # Mock return values
             mock_process_docs.return_value = (
-                {"doc1": {"chunks": [{"content": "test content"}]}},  # document_samples
+                # document_samples
+                {"doc1": {"chunks": [{"content": "test content"}]}},
                 {"doc1": np.array([0.1, 0.2, 0.3])}  # doc_embeddings
             )
             mock_cluster.return_value = {"doc1": 0}  # clusters
-            mock_summarize.return_value = {0: "Test cluster summary"}  # cluster_summaries
+            mock_summarize.return_value = {
+                0: "Test cluster summary"}  # cluster_summaries
             mock_merge.return_value = "Final merged summary"  # final_summary
 
             # Execute with batch_size=1000
@@ -1755,7 +1857,8 @@ def test_get_random_documents(self):
         # Assert
         self.assertEqual(result["total"], 100)
         self.assertEqual(len(result["documents"]), 2)
-        self.mock_vdb_core.count_documents.assert_called_once_with("test_index")
+        self.mock_vdb_core.count_documents.assert_called_once_with(
+            "test_index")
         self.mock_vdb_core.search.assert_called_once()
 
     @patch('backend.services.vectordatabase_service.update_knowledge_record')
@@ -1846,8 +1949,10 @@ def test_get_index_chunks_filters_fields(self):
 
         self.assertEqual(result["status"], "success")
         self.assertEqual(result["total"], 2)
-        self.assertEqual(result["chunks"][0], {"id": "1", "content": "A", "path_or_url": "/a"})
-        self.assertEqual(result["chunks"][1], {"content": "B", "create_time": "2024-01-01T00:00:00"})
+        self.assertEqual(result["chunks"][0], {
+                         "id": "1", "content": "A", "path_or_url": "/a"})
+        self.assertEqual(result["chunks"][1], {
+                         "content": "B", "create_time": "2024-01-01T00:00:00"})
         self.mock_vdb_core.get_index_chunks.assert_called_once_with(
             "kb-index",
             page=None,
@@ -1886,7 +1991,8 @@ def test_get_index_chunks_error(self):
                 vdb_core=self.mock_vdb_core
             )
 
-        self.assertIn("Error retrieving chunks from index kb-index: boom", str(exc.exception))
+        self.assertIn(
+            "Error retrieving chunks from index kb-index: boom", str(exc.exception))
 
     def test_create_chunk_builds_payload_and_calls_core(self):
         """
@@ -1999,9 +2105,11 @@ def test_delete_chunk_not_found_raises_value_error(self):
         self.assertIn(
             "Error deleting chunk: Chunk missing not found in index kb-index", str(exc.exception))
 
+    @patch('backend.services.vectordatabase_service.query_group_ids_by_user')
+    @patch('backend.services.vectordatabase_service.get_user_tenant_by_user_id')
     @patch('backend.services.vectordatabase_service.get_knowledge_info_by_tenant_id')
     @patch('fastapi.Response')
-    def test_list_indices_success_status_200(self, mock_response, mock_get_knowledge):
+    def test_list_indices_success_status_200(self, mock_response, mock_get_knowledge, mock_get_user_tenant, mock_get_group_ids):
         """
         Test list_indices method returns status code 200 on success.
 
@@ -2014,9 +2122,13 @@ def test_list_indices_success_status_200(self, mock_response, mock_get_knowledge
         self.mock_vdb_core.get_user_indices.return_value = ["index1", "index2"]
         mock_response.status_code = 200
         mock_get_knowledge.return_value = [
-            {"index_name": "index1", "embedding_model_name": "test-model"},
-            {"index_name": "index2", "embedding_model_name": "test-model"}
+            {"index_name": "index1",
+                "embedding_model_name": "test-model", "group_ids": "1,2"},
+            {"index_name": "index2", "embedding_model_name": "test-model", "group_ids": ""}
         ]
+        mock_get_user_tenant.return_value = {
+            "user_role": "SU", "tenant_id": "test_tenant"}
+        mock_get_group_ids.return_value = []
 
         # Execute
         result = ElasticSearchService.list_indices(
@@ -2033,7 +2145,7 @@ def test_list_indices_success_status_200(self, mock_response, mock_get_knowledge
         # Verify no exception is raised, implying 200 status code
         self.assertIsInstance(result, dict)  # Success response is a dictionary
         self.mock_vdb_core.get_user_indices.assert_called_once_with("*")
-        mock_get_knowledge.assert_called_once_with(tenant_id="test_tenant")
+        mock_get_knowledge.assert_called_once_with("test_tenant")
 
     def test_health_check_success_status_200(self):
         """

From 8f059e919b6bfa280f8905ebdbc674cd314afb8a Mon Sep 17 00:00:00 2001
From: Jasonxia007 <iamjasonxia@126.com>
Date: Thu, 15 Jan 2026 02:44:27 +0800
Subject: [PATCH 27/38] =?UTF-8?q?=E2=99=BB=EF=B8=8F=20[WIP]=20User=20Manag?=
 =?UTF-8?q?ement=20Part2:=20Add=20service=20functions?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../services/test_config_sync_service.py      | 14 +++++---
 .../services/test_user_management_service.py  | 32 ++++++++++---------
 2 files changed, 27 insertions(+), 19 deletions(-)

diff --git a/test/backend/services/test_config_sync_service.py b/test/backend/services/test_config_sync_service.py
index 49d7dad83..e3b8a9d34 100644
--- a/test/backend/services/test_config_sync_service.py
+++ b/test/backend/services/test_config_sync_service.py
@@ -1042,7 +1042,7 @@ async def test_load_config_impl_chinese(self, service_mocks):
 
         # Check Chinese default values
         assert result["app"]["name"] == "Nexent 智能体"
-        assert result["app"]["description"] == "面向企业应用的智能体平台"
+        assert result["app"]["description"] == "Nexent 是一个开源智能体平台，基于 MCP 工具生态系统，提供灵活的多模态问答、检索、数据分析、处理等能力。"
         assert result["app"]["tenantName"] == ""
         assert result["app"]["defaultGroupId"] == ""
         assert result["app"]["icon"]["type"] == "preset"
@@ -1101,7 +1101,7 @@ async def test_load_config_impl_with_embedding_dimension(self, service_mocks):
 
         # Check app config (should use defaults)
         assert result["app"]["name"] == "Nexent Agent"
-        assert result["app"]["description"] == "Intelligent agent platform for enterprise applications"
+        assert result["app"]["description"] == "Nexent is an open-source agent platform built on the MCP tool ecosystem, providing flexible multi-modal Q&A, retrieval, data analysis, and processing capabilities."
         assert result["app"]["tenantName"] == ""
         assert result["app"]["defaultGroupId"] == ""
 
@@ -1130,7 +1130,7 @@ async def test_load_config_impl_empty_models(self, service_mocks):
 
         # Check app config (should use defaults)
         assert result["app"]["name"] == "Nexent Agent"
-        assert result["app"]["description"] == "Intelligent agent platform for enterprise applications"
+        assert result["app"]["description"] == "Nexent is an open-source agent platform built on the MCP tool ecosystem, providing flexible multi-modal Q&A, retrieval, data analysis, and processing capabilities."
         assert result["app"]["tenantName"] == ""
         assert result["app"]["defaultGroupId"] == ""
 
@@ -1397,6 +1397,8 @@ def test_build_app_config_english_with_values(self, service_mocks):
         service_mocks['tenant_config_manager'].get_app_config.side_effect = [
             "Custom App Name",  # APP_NAME
             "Custom description",  # APP_DESCRIPTION
+            None,  # TENANT_NAME (use default)
+            None,  # DEFAULT_GROUP_ID (use default)
             "custom",  # ICON_TYPE
             "avatar-uri",  # AVATAR_URI
             "https://custom-icon.com"  # CUSTOM_ICON_URL
@@ -1410,6 +1412,8 @@ def test_build_app_config_english_with_values(self, service_mocks):
             # Assert
             assert result["name"] == "Custom App Name"
             assert result["description"] == "Custom description"
+            assert result["tenantName"] == ""  # None returns default empty string
+            assert result["defaultGroupId"] == ""  # None returns default empty string
             assert result["icon"]["type"] == "custom"
             assert result["icon"]["avatarUri"] == "avatar-uri"
             assert result["icon"]["customUrl"] == "https://custom-icon.com"
@@ -1419,11 +1423,13 @@ def test_build_app_config_english_with_values(self, service_mocks):
         expected_calls = [
             ("APP_NAME", tenant_id),
             ("APP_DESCRIPTION", tenant_id),
+            ("TENANT_NAME", tenant_id),
+            ("DEFAULT_GROUP_ID", tenant_id),
             ("ICON_TYPE", tenant_id),
             ("AVATAR_URI", tenant_id),
             ("CUSTOM_ICON_URL", tenant_id)
         ]
-        assert service_mocks['tenant_config_manager'].get_app_config.call_count == 5
+        assert service_mocks['tenant_config_manager'].get_app_config.call_count == 7
         service_mocks['tenant_config_manager'].get_app_config.assert_has_calls(
             [call(key, tenant_id=tenant_id)
              for key, _ in expected_calls]
diff --git a/test/backend/services/test_user_management_service.py b/test/backend/services/test_user_management_service.py
index e93bc9518..0e6ae9077 100644
--- a/test/backend/services/test_user_management_service.py
+++ b/test/backend/services/test_user_management_service.py
@@ -48,6 +48,7 @@
         extend_session,
         check_auth_service_health,
         signup_user,
+        signup_user_with_invitation,
         parse_supabase_response,
         generate_tts_stt_4_admin,
         verify_invite_code,
@@ -55,6 +56,7 @@
         refresh_user_token,
         get_session_by_authorization,
         revoke_regular_user,
+        get_user_info,
     )
 
 # Functions to test
@@ -558,8 +560,8 @@ async def test_signup_user_regular_user(self, mock_get_client, mock_verify_code,
         self.assertEqual(result, {"user": "data"})
         mock_verify_code.assert_not_called()
         mock_generate_tts.assert_not_called()
-        mock_insert_tenant.assert_called_once_with(user_id="user-123", tenant_id="tenant_id", user_role="USER")
-        mock_parse_response.assert_called_once_with(False, mock_response, "USER")
+        mock_insert_tenant.assert_called_once_with(user_id="user-123", tenant_id="tenant_id")
+        mock_parse_response.assert_called_once_with(False, mock_response, "user")
 
     @patch('backend.services.user_management_service.parse_supabase_response')
     @patch('backend.services.user_management_service.insert_user_tenant')
@@ -579,8 +581,8 @@ async def test_signup_user_regular_without_invite_code(self, mock_get_client,
         result = await signup_user("user@example.com", "password123")
 
         self.assertEqual(result, {"user": "data"})
-        mock_insert_tenant.assert_called_once_with(user_id="user-123", tenant_id="tenant_id", user_role="USER")
-        mock_parse_response.assert_called_once_with(False, mock_response, "USER")
+        mock_insert_tenant.assert_called_once_with(user_id="user-123", tenant_id="tenant_id")
+        mock_parse_response.assert_called_once_with(False, mock_response, "user")
 
     @patch('backend.services.user_management_service.get_supabase_client')
     async def test_signup_user_no_user_returned(self, mock_get_client):
@@ -637,7 +639,7 @@ async def test_signup_user_with_admin_invite_code(self, mock_get_client, mock_us
             {"group_id": 3, "user_id": "user-123", "already_member": False}
         ]
 
-        result = await signup_user("admin@example.com", "password123", "ADMIN123")
+        result = await signup_user_with_invitation("admin@example.com", "password123", invite_code="ADMIN123")
 
         # Verify generate_tts_stt_4_admin was called for admin user
         mock_generate_tts.assert_called_once_with("tenant_id", "user-123")
@@ -646,7 +648,7 @@ async def test_signup_user_with_admin_invite_code(self, mock_get_client, mock_us
         mock_insert_tenant.assert_called_once_with(user_id="user-123", tenant_id="tenant_id", user_role="ADMIN")
         mock_use_invite.assert_called_once_with("ADMIN123", "user-123")
         mock_add_groups.assert_called_once_with("user-123", [1, 2, 3], "user-123")
-        mock_parse_response.assert_called_once_with(True, mock_response, "ADMIN")
+        mock_parse_response.assert_called_once_with(False, mock_response, "ADMIN")
 
     @patch('backend.services.user_management_service.add_user_to_groups')
     @patch('backend.services.user_management_service.parse_supabase_response')
@@ -687,7 +689,7 @@ async def test_signup_user_with_dev_invite_code(self, mock_get_client, mock_use_
             {"group_id": 5, "user_id": "user-456", "already_member": False}
         ]
 
-        result = await signup_user("dev@example.com", "password123", "DEV456")
+        result = await signup_user_with_invitation("dev@example.com", "password123", invite_code="DEV456")
 
         self.assertEqual(result, {"user": "dev_data"})
         mock_insert_tenant.assert_called_once_with(user_id="user-456", tenant_id="tenant_id", user_role="DEV")
@@ -704,7 +706,7 @@ async def test_signup_user_with_invalid_invite_code(self, mock_get_client, mock_
         mock_check_available.return_value = False
 
         with self.assertRaises(IncorrectInviteCodeException) as context:
-            await signup_user("test@example.com", "password123", "INVALID")
+            await signup_user_with_invitation("test@example.com", "password123", "INVALID")
 
         self.assertIn("is not available", str(context.exception))
 
@@ -1056,12 +1058,12 @@ async def test_revoke_regular_user_outer_exception_swallowed(self, _mock_log):
             await revoke_regular_user("u1", "t1")
 
 
-class TestGetUserInfo(unittest.TestCase):
+class TestGetUserInfo(unittest.IsolatedAsyncioTestCase):
     """Test get_user_info function"""
 
     @patch('backend.services.user_management_service.get_user_tenant_by_user_id')
     @patch('backend.services.user_management_service.query_group_ids_by_user')
-    def test_get_user_info_success(self, mock_query_group_ids, mock_get_user_tenant):
+    async def test_get_user_info_success(self, mock_query_group_ids, mock_get_user_tenant):
         """Test getting user information successfully"""
         # Setup mocks
         mock_get_user_tenant.return_value = {
@@ -1071,7 +1073,7 @@ def test_get_user_info_success(self, mock_query_group_ids, mock_get_user_tenant)
         mock_query_group_ids.return_value = [1, 2, 3]
 
         # Execute
-        result = get_user_info("test_user")
+        result = await get_user_info("test_user")
 
         # Assert
         assert result is not None
@@ -1084,13 +1086,13 @@ def test_get_user_info_success(self, mock_query_group_ids, mock_get_user_tenant)
         mock_query_group_ids.assert_called_once_with("test_user")
 
     @patch('backend.services.user_management_service.get_user_tenant_by_user_id')
-    def test_get_user_info_user_not_found(self, mock_get_user_tenant):
+    async def test_get_user_info_user_not_found(self, mock_get_user_tenant):
         """Test getting user information when user doesn't exist"""
         # Setup mocks
         mock_get_user_tenant.return_value = None
 
         # Execute
-        result = get_user_info("nonexistent_user")
+        result = await get_user_info("nonexistent_user")
 
         # Assert
         assert result is None
@@ -1098,13 +1100,13 @@ def test_get_user_info_user_not_found(self, mock_get_user_tenant):
 
     @patch('backend.services.user_management_service.get_user_tenant_by_user_id')
     @patch('backend.services.user_management_service.query_group_ids_by_user')
-    def test_get_user_info_exception_handling(self, mock_query_group_ids, mock_get_user_tenant):
+    async def test_get_user_info_exception_handling(self, mock_query_group_ids, mock_get_user_tenant):
         """Test get_user_info handles exceptions gracefully"""
         # Setup mocks to raise exception
         mock_get_user_tenant.side_effect = Exception("Database error")
 
         # Execute
-        result = get_user_info("test_user")
+        result = await get_user_info("test_user")
 
         # Assert
         assert result is None

From a80333b54ddc7361ab73328deb2fbe474e1e53d8 Mon Sep 17 00:00:00 2001
From: Jasonxia007 <iamjasonxia@126.com>
Date: Thu, 15 Jan 2026 03:11:29 +0800
Subject: [PATCH 28/38] =?UTF-8?q?=E2=99=BB=EF=B8=8F=20[WIP]=20User=20Manag?=
 =?UTF-8?q?ement=20Part2:=20Add=20service=20functions?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 test/backend/database/test_invitation_db.py   | 147 ++++++-
 test/backend/services/test_group_service.py   | 218 +++++++++-
 .../services/test_invitation_service.py       | 404 +++++++++++++++++-
 3 files changed, 761 insertions(+), 8 deletions(-)

diff --git a/test/backend/database/test_invitation_db.py b/test/backend/database/test_invitation_db.py
index 6f4be3ef1..be1cb348d 100644
--- a/test/backend/database/test_invitation_db.py
+++ b/test/backend/database/test_invitation_db.py
@@ -118,7 +118,8 @@ class MockSQLAlchemyError(Exception):
     query_invitation_records,
     add_invitation_record,
     count_invitation_usage,
-    query_invitation_status
+    query_invitation_status,
+    query_invitations_with_pagination
 )
 
 
@@ -511,3 +512,147 @@ def test_database_error_handling(monkeypatch, mock_session):
 
     with pytest.raises(MockSQLAlchemyError, match="Database error"):
         query_invitation_by_code("test_code")
+
+
+def test_query_invitations_with_pagination_success(monkeypatch, mock_session):
+    """Test successfully querying invitations with pagination"""
+    session, query = mock_session
+
+    # Mock invitations data
+    mock_invitation1 = MockTenantInvitationCode(invitation_id=1, invitation_code="code1")
+    mock_invitation2 = MockTenantInvitationCode(invitation_id=2, invitation_code="code2")
+    mock_results = [mock_invitation1, mock_invitation2]
+
+    # Mock query chain
+    mock_filter = MagicMock()
+    mock_filter.count.return_value = 5  # Total count
+    mock_offset = MagicMock()
+    mock_offset.limit.return_value = mock_offset
+    mock_offset.all.return_value = mock_results
+    mock_filter.offset.return_value = mock_offset
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.invitation_db.get_db_session", lambda: mock_ctx)
+    monkeypatch.setattr("backend.database.invitation_db.as_dict", lambda obj: obj.__dict__)
+
+    result = query_invitations_with_pagination(page=1, page_size=2)
+
+    assert result["total"] == 5
+    assert result["page"] == 1
+    assert result["page_size"] == 2
+    assert result["total_pages"] == 3  # Ceiling division: (5 + 2 - 1) // 2 = 3
+    assert len(result["items"]) == 2
+    assert result["items"][0]["invitation_code"] == "code1"
+    assert result["items"][1]["invitation_code"] == "code2"
+
+
+def test_query_invitations_with_pagination_empty_results(monkeypatch, mock_session):
+    """Test querying invitations with pagination when no results"""
+    session, query = mock_session
+
+    # Mock empty results
+    mock_filter = MagicMock()
+    mock_filter.count.return_value = 0  # Total count
+    mock_offset = MagicMock()
+    mock_offset.limit.return_value = mock_offset
+    mock_offset.all.return_value = []
+    mock_filter.offset.return_value = mock_offset
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.invitation_db.get_db_session", lambda: mock_ctx)
+    monkeypatch.setattr("backend.database.invitation_db.as_dict", lambda obj: obj.__dict__)
+
+    result = query_invitations_with_pagination(page=1, page_size=10)
+
+    assert result["total"] == 0
+    assert result["page"] == 1
+    assert result["page_size"] == 10
+    assert result["total_pages"] == 0  # Ceiling division: (0 + 10 - 1) // 10 = 0
+    assert len(result["items"]) == 0
+
+
+def test_query_invitations_with_pagination_with_tenant_filter(monkeypatch, mock_session):
+    """Test querying invitations with pagination and tenant filter"""
+    session, query = mock_session
+
+    # Mock invitations data
+    mock_invitation = MockTenantInvitationCode(invitation_id=1, invitation_code="code1", tenant_id="test_tenant")
+
+    # Mock query chain with tenant filter
+    mock_tenant_filter = MagicMock()
+    mock_tenant_filter.count.return_value = 1
+    mock_offset = MagicMock()
+    mock_offset.limit.return_value = mock_offset
+    mock_offset.all.return_value = [mock_invitation]
+    mock_tenant_filter.offset.return_value = mock_offset
+
+    mock_base_filter = MagicMock()
+    mock_base_filter.filter.return_value = mock_tenant_filter
+    query.filter.return_value = mock_base_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.invitation_db.get_db_session", lambda: mock_ctx)
+    monkeypatch.setattr("backend.database.invitation_db.as_dict", lambda obj: obj.__dict__)
+
+    result = query_invitations_with_pagination(tenant_id="test_tenant", page=1, page_size=10)
+
+    assert result["total"] == 1
+    assert result["page"] == 1
+    assert result["page_size"] == 10
+    assert result["total_pages"] == 1
+    assert len(result["items"]) == 1
+    assert result["items"][0]["tenant_id"] == "test_tenant"
+
+
+def test_query_invitations_with_pagination_second_page(monkeypatch, mock_session):
+    """Test querying invitations with pagination on second page"""
+    session, query = mock_session
+
+    # Mock invitations data for second page
+    mock_invitation = MockTenantInvitationCode(invitation_id=3, invitation_code="code3")
+
+    # Mock query chain
+    mock_filter = MagicMock()
+    mock_filter.count.return_value = 5  # Total count
+    mock_offset = MagicMock()
+    mock_offset.limit.return_value = mock_offset
+    mock_offset.all.return_value = [mock_invitation]
+    mock_filter.offset.return_value = mock_offset
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.invitation_db.get_db_session", lambda: mock_ctx)
+    monkeypatch.setattr("backend.database.invitation_db.as_dict", lambda obj: obj.__dict__)
+
+    result = query_invitations_with_pagination(page=2, page_size=2)
+
+    assert result["total"] == 5
+    assert result["page"] == 2
+    assert result["page_size"] == 2
+    assert result["total_pages"] == 3
+    assert len(result["items"]) == 1
+    assert result["items"][0]["invitation_code"] == "code3"
+
+
+def test_query_invitations_with_pagination_database_error(monkeypatch, mock_session):
+    """Test database error handling in pagination query"""
+    session, query = mock_session
+    query.filter.side_effect = MockSQLAlchemyError("Database error")
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.invitation_db.get_db_session", lambda: mock_ctx)
+
+    with pytest.raises(MockSQLAlchemyError, match="Database error"):
+        query_invitations_with_pagination()
diff --git a/test/backend/services/test_group_service.py b/test/backend/services/test_group_service.py
index e296f59de..f99a08341 100644
--- a/test/backend/services/test_group_service.py
+++ b/test/backend/services/test_group_service.py
@@ -34,12 +34,7 @@
     get_group_user_count,
     add_user_to_groups
 )
-from backend.database.group_db import (
-    query_groups_by_tenant,
-    query_groups_by_user,
-    query_group_ids_by_user,
-    check_user_in_group
-)
+# These imports are used in the patch decorators, not directly in the test functions
 
 
 @pytest.fixture
@@ -86,6 +81,69 @@ def test_get_group_info_not_found(mock_query_groups):
         get_group_info(123)
 
 
+@patch('backend.services.group_service.query_groups')
+def test_get_group_info_multiple_groups(mock_query_groups):
+    """Test getting multiple groups by list of IDs"""
+    mock_groups = [
+        {"group_id": 1, "group_name": "Group 1", "group_description": "Desc 1"},
+        {"group_id": 2, "group_name": "Group 2", "group_description": "Desc 2"}
+    ]
+    mock_query_groups.return_value = mock_groups
+
+    result = get_group_info([1, 2])
+
+    assert len(result) == 2
+    assert result[0]["group_id"] == 1
+    assert result[0]["group_name"] == "Group 1"
+    assert result[0]["group_description"] == "Desc 1"
+    assert result[1]["group_id"] == 2
+    assert result[1]["group_name"] == "Group 2"
+    assert result[1]["group_description"] == "Desc 2"
+    mock_query_groups.assert_called_once_with([1, 2])
+
+
+@patch('backend.services.group_service.query_groups')
+def test_get_group_info_string_group_ids(mock_query_groups):
+    """Test getting groups by comma-separated string of IDs"""
+    mock_groups = [
+        {"group_id": 1, "group_name": "Group 1", "group_description": "Desc 1"}
+    ]
+    mock_query_groups.return_value = mock_groups
+
+    result = get_group_info("1")
+
+    assert len(result) == 1
+    assert result[0]["group_id"] == 1
+    assert result[0]["group_name"] == "Group 1"
+    assert result[0]["group_description"] == "Desc 1"
+    mock_query_groups.assert_called_once_with("1")
+
+
+@patch('backend.services.group_service.query_groups_by_tenant')
+def test_get_groups_by_tenant_success(mock_query_groups_by_tenant):
+    """Test getting groups by tenant with pagination"""
+    mock_result = {
+        "groups": [
+            {"group_id": 1, "group_name": "Group 1", "group_description": "Desc 1"},
+            {"group_id": 2, "group_name": "Group 2", "group_description": "Desc 2"}
+        ],
+        "total": 2
+    }
+    mock_query_groups_by_tenant.return_value = mock_result
+
+    result = get_groups_by_tenant("test_tenant", page=1, page_size=10)
+
+    assert result["total"] == 2
+    assert len(result["groups"]) == 2
+    assert result["groups"][0]["group_id"] == 1
+    assert result["groups"][0]["group_name"] == "Group 1"
+    assert result["groups"][0]["group_description"] == "Desc 1"
+    assert result["groups"][1]["group_id"] == 2
+    assert result["groups"][1]["group_name"] == "Group 2"
+    assert result["groups"][1]["group_description"] == "Desc 2"
+    mock_query_groups_by_tenant.assert_called_once_with("test_tenant", 1, 10)
+
+
 
 
 @patch('backend.services.group_service.get_user_tenant_by_user_id')
@@ -126,6 +184,19 @@ def test_create_group_unauthorized(mock_get_user, mock_user_info):
         )
 
 
+@patch('backend.services.group_service.get_user_tenant_by_user_id')
+def test_create_group_user_not_found(mock_get_user):
+    """Test creating group when user doesn't exist"""
+    mock_get_user.return_value = None
+
+    with pytest.raises(NotFoundException, match="User test_user not found"):
+        create_group(
+            tenant_id="test_tenant",
+            group_name="Test Group",
+            user_id="test_user"
+        )
+
+
 @patch('backend.services.group_service.get_user_tenant_by_user_id')
 @patch('backend.services.group_service.query_groups')
 @patch('backend.services.group_service.modify_group')
@@ -164,6 +235,33 @@ def test_update_group_not_found(mock_query_groups, mock_get_user, mock_user_info
         )
 
 
+@patch('backend.services.group_service.get_user_tenant_by_user_id')
+def test_update_group_user_not_found(mock_get_user):
+    """Test updating group when user doesn't exist"""
+    mock_get_user.return_value = None
+
+    with pytest.raises(NotFoundException, match="User test_user not found"):
+        update_group(
+            group_id=123,
+            updates={"group_name": "Updated Group"},
+            user_id="test_user"
+        )
+
+
+@patch('backend.services.group_service.get_user_tenant_by_user_id')
+def test_update_group_unauthorized_role(mock_get_user, mock_user_info):
+    """Test updating group with insufficient user permissions"""
+    mock_user_info["user_role"] = "USER"
+    mock_get_user.return_value = mock_user_info
+
+    with pytest.raises(UnauthorizedError, match="not authorized to update groups"):
+        update_group(
+            group_id=123,
+            updates={"group_name": "Updated Group"},
+            user_id="test_user"
+        )
+
+
 @patch('backend.services.group_service.get_user_tenant_by_user_id')
 @patch('backend.services.group_service.query_groups')
 @patch('backend.services.group_service.remove_group')
@@ -185,6 +283,45 @@ def test_delete_group_success(mock_remove_group, mock_query_groups, mock_get_use
     )
 
 
+@patch('backend.services.group_service.get_user_tenant_by_user_id')
+def test_delete_group_user_not_found(mock_get_user):
+    """Test deleting group when user doesn't exist"""
+    mock_get_user.return_value = None
+
+    with pytest.raises(NotFoundException, match="User test_user not found"):
+        delete_group(
+            group_id=123,
+            user_id="test_user"
+        )
+
+
+@patch('backend.services.group_service.get_user_tenant_by_user_id')
+def test_delete_group_unauthorized_role(mock_get_user, mock_user_info):
+    """Test deleting group with insufficient user permissions"""
+    mock_user_info["user_role"] = "USER"
+    mock_get_user.return_value = mock_user_info
+
+    with pytest.raises(UnauthorizedError, match="not authorized to delete groups"):
+        delete_group(
+            group_id=123,
+            user_id="test_user"
+        )
+
+
+@patch('backend.services.group_service.get_user_tenant_by_user_id')
+@patch('backend.services.group_service.query_groups')
+def test_delete_group_group_not_found(mock_query_groups, mock_get_user, mock_user_info):
+    """Test deleting non-existent group"""
+    mock_get_user.return_value = mock_user_info
+    mock_query_groups.return_value = None
+
+    with pytest.raises(NotFoundException, match="Group 123 not found"):
+        delete_group(
+            group_id=123,
+            user_id="test_user"
+        )
+
+
 @patch('backend.services.group_service.get_user_tenant_by_user_id')
 @patch('backend.services.group_service.query_groups')
 @patch('backend.services.group_service.add_user_to_group')
@@ -230,6 +367,34 @@ def test_add_user_to_single_group_already_member(mock_check_user, mock_query_gro
     assert result["group_id"] == 123
 
 
+@patch('backend.services.group_service.get_user_tenant_by_user_id')
+def test_add_user_to_single_group_current_user_not_found(mock_get_user):
+    """Test adding user to group when current user doesn't exist"""
+    mock_get_user.return_value = None
+
+    with pytest.raises(UnauthorizedError, match="User test_user not found"):
+        add_user_to_single_group(
+            group_id=123,
+            user_id="member_user",
+            current_user_id="test_user"
+        )
+
+
+@patch('backend.services.group_service.get_user_tenant_by_user_id')
+@patch('backend.services.group_service.query_groups')
+def test_add_user_to_single_group_group_not_found(mock_query_groups, mock_get_user, mock_user_info):
+    """Test adding user to non-existent group"""
+    mock_get_user.return_value = mock_user_info
+    mock_query_groups.return_value = None
+
+    with pytest.raises(NotFoundException, match="Group 123 not found"):
+        add_user_to_single_group(
+            group_id=123,
+            user_id="member_user",
+            current_user_id="test_user"
+        )
+
+
 @patch('backend.services.group_service.query_groups')
 @patch('backend.services.group_service.query_group_users')
 def test_get_group_users_success(mock_query_users, mock_query_groups, mock_group_info):
@@ -258,6 +423,15 @@ def test_get_group_user_count_success(mock_count_users, mock_query_groups, mock_
     mock_count_users.assert_called_once_with(123)
 
 
+@patch('backend.services.group_service.query_groups')
+def test_get_group_user_count_group_not_found(mock_query_groups):
+    """Test getting user count for non-existent group"""
+    mock_query_groups.return_value = None
+
+    with pytest.raises(NotFoundException, match="Group 123 not found"):
+        get_group_user_count(123)
+
+
 @patch('backend.services.group_service.add_user_to_single_group')
 def test_add_user_to_groups(mock_add_user):
     """Test adding user to multiple groups"""
@@ -273,6 +447,23 @@ def test_add_user_to_groups(mock_add_user):
     assert result[1]["group_id"] == 2
 
 
+@patch('backend.services.group_service.add_user_to_single_group')
+def test_add_user_to_groups_with_exception(mock_add_user):
+    """Test adding user to multiple groups with exception handling"""
+    mock_add_user.side_effect = [
+        {"group_id": 1, "user_id": "user_123", "already_member": False},
+        Exception("Group not found")  # Simulate exception for second group
+    ]
+
+    result = add_user_to_groups("user_123", [1, 2], "admin_user")
+
+    assert len(result) == 2
+    assert result[0]["group_id"] == 1
+    assert result[0]["already_member"] is False
+    assert result[1]["group_id"] == 2
+    assert result[1]["error"] == "Group not found"
+
+
 @patch('backend.services.group_service.get_tenant_info')
 def test_get_tenant_default_group_id_success(mock_get_tenant_info):
     """Test getting tenant default group ID successfully"""
@@ -390,6 +581,21 @@ def test_set_tenant_default_group_id_update_failure(mock_update_config, mock_get
     assert result is False
 
 
+@patch('backend.services.group_service.get_tenant_info')
+@patch('backend.services.group_service.query_groups')
+@patch('backend.services.group_service.get_single_config_info')
+@patch('backend.services.group_service.insert_config')
+def test_set_tenant_default_group_id_exception_handling(mock_insert_config, mock_get_config, mock_query_groups, mock_get_tenant_info):
+    """Test exception handling in set_tenant_default_group_id"""
+    mock_get_tenant_info.return_value = {"tenant_id": "test_tenant"}
+    mock_query_groups.return_value = {"tenant_id": "test_tenant"}
+    mock_get_config.return_value = None  # No existing config
+    mock_insert_config.side_effect = Exception("Database connection failed")
+
+    with pytest.raises(ValidationError, match="Failed to set default group: Database connection failed"):
+        set_tenant_default_group_id("test_tenant", 123, "user_123")
+
+
 @patch('backend.services.group_service.get_user_tenant_by_user_id')
 @patch('backend.services.group_service.query_groups')
 @patch('backend.services.group_service.remove_user_from_group')
diff --git a/test/backend/services/test_invitation_service.py b/test/backend/services/test_invitation_service.py
index 3fa53d2e7..a19eaee27 100644
--- a/test/backend/services/test_invitation_service.py
+++ b/test/backend/services/test_invitation_service.py
@@ -22,7 +22,10 @@
     use_invitation_code,
     update_invitation_code_status,
     get_invitations_list,
-    _generate_unique_invitation_code
+    _generate_unique_invitation_code,
+    _normalize_invitation_data,
+    get_invitation_by_code,
+    check_invitation_available
 )
 
 
@@ -189,6 +192,102 @@ def test_create_invitation_code_unauthorized_dev_invite(mock_get_user_info, mock
             )
 
 
+@patch('backend.services.invitation_service.get_user_tenant_by_user_id')
+def test_create_invitation_code_user_not_found(mock_get_user_info):
+    """Test creating invitation code when user is not found"""
+    # Setup mocks
+    mock_get_user_info.return_value = None
+
+    with pytest.raises(NotFoundException, match="User test_user not found"):
+        create_invitation_code(
+            tenant_id="test_tenant",
+            code_type="ADMIN_INVITE",
+            user_id="test_user"
+        )
+
+
+@patch('backend.services.invitation_service.get_tenant_default_group_id')
+@patch('backend.services.invitation_service.get_user_tenant_by_user_id')
+@patch('backend.services.invitation_service._generate_unique_invitation_code')
+@patch('backend.services.invitation_service.add_invitation')
+@patch('backend.services.invitation_service.query_invitation_by_id')
+@patch('backend.services.invitation_service.update_invitation_code_status')
+def test_create_invitation_code_default_empty_group_ids(
+    mock_update_status,
+    mock_query_invitation,
+    mock_add_invitation,
+    mock_generate_code,
+    mock_get_user_info,
+    mock_get_tenant_default_group_id,
+    mock_user_info
+):
+    """Test creating invitation code with default empty group_ids when no default group found"""
+    # Setup mocks
+    mock_user_info["user_role"] = "SU"
+    mock_get_user_info.return_value = mock_user_info
+    mock_get_tenant_default_group_id.return_value = None  # No default group found
+    mock_generate_code.return_value = "ABC123"
+    mock_add_invitation.return_value = 123
+    mock_update_status.return_value = None
+    mock_query_invitation.return_value = {"status": "IN_USE"}
+
+    # Test ADMIN_INVITE with no default group - should result in empty group_ids
+    result = create_invitation_code(
+        tenant_id="test_tenant",
+        code_type="ADMIN_INVITE",
+        user_id="test_user"
+    )
+
+    assert result["invitation_id"] == 123
+    assert result["code_type"] == "ADMIN_INVITE"
+    assert result["group_ids"] == []  # Should be empty list when default group is None
+    mock_add_invitation.assert_called_once()
+    call_args = mock_add_invitation.call_args[1]
+    assert call_args["group_ids"] == []
+
+
+@patch('backend.services.invitation_service.get_tenant_default_group_id')
+@patch('backend.services.invitation_service.get_user_tenant_by_user_id')
+@patch('backend.services.invitation_service.add_invitation')
+@patch('backend.services.invitation_service.query_invitation_by_id')
+@patch('backend.services.invitation_service.update_invitation_code_status')
+def test_create_invitation_code_provided_code_uppercase_conversion(
+    mock_update_status,
+    mock_query_invitation,
+    mock_add_invitation,
+    mock_get_user_info,
+    mock_get_tenant_default_group_id,
+    mock_user_info
+):
+    """Test creating invitation code with provided code converted to uppercase (line 93)"""
+    # Setup mocks
+    mock_user_info["user_role"] = "SU"
+    mock_get_user_info.return_value = mock_user_info
+    mock_get_tenant_default_group_id.return_value = None
+    mock_add_invitation.return_value = 123
+    mock_update_status.return_value = None
+    mock_query_invitation.return_value = {"status": "IN_USE"}
+
+    result = create_invitation_code(
+        tenant_id="test_tenant",
+        code_type="ADMIN_INVITE",
+        invitation_code="abc123",  # lowercase code
+        user_id="test_user"
+    )
+
+    assert result["invitation_code"] == "ABC123"  # Should be converted to uppercase
+    mock_add_invitation.assert_called_once_with(
+        tenant_id="test_tenant",
+        invitation_code="ABC123",  # Should be uppercase in the call
+        code_type="ADMIN_INVITE",
+        group_ids=[],
+        capacity=1,
+        expiry_date=None,
+        status="IN_USE",
+        created_by="test_user"
+    )
+
+
 @patch('backend.services.invitation_service.get_user_tenant_by_user_id')
 @patch('backend.services.invitation_service.modify_invitation')
 @patch('backend.services.invitation_service.update_invitation_code_status')
@@ -212,6 +311,195 @@ def test_update_invitation_code_success(mock_update_status, mock_modify_invitati
     )
 
 
+@patch('backend.services.invitation_service.get_user_tenant_by_user_id')
+def test_update_invitation_code_user_not_found(mock_get_user_info):
+    """Test updating invitation code when user is not found"""
+    # Setup mocks
+    mock_get_user_info.return_value = None
+
+    with pytest.raises(UnauthorizedError, match="User test_user not found"):
+        update_invitation_code(
+            invitation_id=123,
+            updates={"status": "DISABLE"},
+            user_id="test_user"
+        )
+
+
+@patch('backend.services.invitation_service.get_user_tenant_by_user_id')
+def test_update_invitation_code_unauthorized_user_role(mock_get_user_info, mock_user_info):
+    """Test updating invitation code with unauthorized user role"""
+    # Setup mocks
+    mock_user_info["user_role"] = "USER"  # Not SU or ADMIN
+    mock_get_user_info.return_value = mock_user_info
+
+    with pytest.raises(UnauthorizedError, match="not authorized to update invitation codes"):
+        update_invitation_code(
+            invitation_id=123,
+            updates={"status": "DISABLE"},
+            user_id="test_user"
+        )
+
+
+def test_normalize_invitation_data_empty_input():
+    """Test _normalize_invitation_data with empty input (lines 180-181)"""
+    # Test with None input
+    result = _normalize_invitation_data(None)
+    assert result is None
+
+    # Test with empty dict input
+    result = _normalize_invitation_data({})
+    assert result == {}
+
+
+def test_normalize_invitation_data_datetime_conversion():
+    """Test _normalize_invitation_data datetime to ISO conversion (lines 188-189)"""
+    from datetime import datetime
+
+    test_datetime = datetime(2024, 12, 31, 23, 59, 59)
+    input_data = {
+        "invitation_id": 123,
+        "created_at": test_datetime,
+        "updated_at": test_datetime,
+        "capacity": 5,
+        "group_ids": [1, 2, 3]
+    }
+
+    result = _normalize_invitation_data(input_data)
+
+    # Check that datetime objects are converted to ISO strings
+    assert result["created_at"] == "2024-12-31T23:59:59"
+    assert result["updated_at"] == "2024-12-31T23:59:59"
+    # Other fields should remain unchanged
+    assert result["invitation_id"] == 123
+    assert result["capacity"] == 5
+    assert result["group_ids"] == [1, 2, 3]
+
+
+def test_normalize_invitation_data_group_ids_conversion():
+    """Test _normalize_invitation_data group_ids string/list conversion (lines 199-202)"""
+    # Test string to list conversion (comma-separated format from database)
+    input_data_string = {
+        "invitation_id": 123,
+        "group_ids": "1,2,3"
+    }
+    result = _normalize_invitation_data(input_data_string)
+    assert result["group_ids"] == [1, 2, 3]
+
+    # Test None to empty list conversion
+    input_data_none = {
+        "invitation_id": 123,
+        "group_ids": None
+    }
+    result = _normalize_invitation_data(input_data_none)
+    assert result["group_ids"] == []
+
+    # Test list remains unchanged
+    input_data_list = {
+        "invitation_id": 123,
+        "group_ids": [4, 5, 6]
+    }
+    result = _normalize_invitation_data(input_data_list)
+    assert result["group_ids"] == [4, 5, 6]
+
+
+@patch('backend.services.invitation_service.query_invitation_by_code')
+def test_get_invitation_by_code_success(mock_query_invitation_by_code):
+    """Test get_invitation_by_code function success case (lines 217-218)"""
+    mock_data = {
+        "invitation_id": 123,
+        "invitation_code": "ABC123",
+        "code_type": "ADMIN_INVITE",
+        "group_ids": "1,2,3",  # Comma-separated string format from database
+        "capacity": 5
+    }
+    mock_query_invitation_by_code.return_value = mock_data
+
+    result = get_invitation_by_code("ABC123")
+
+    assert result is not None
+    assert result["invitation_id"] == 123
+    assert result["invitation_code"] == "ABC123"
+    assert result["group_ids"] == [1, 2, 3]  # Should be normalized
+    mock_query_invitation_by_code.assert_called_once_with("ABC123")
+
+
+@patch('backend.services.invitation_service.query_invitation_by_code')
+def test_get_invitation_by_code_not_found(mock_query_invitation_by_code):
+    """Test get_invitation_by_code function when invitation not found"""
+    mock_query_invitation_by_code.return_value = None
+
+    result = get_invitation_by_code("NONEXISTENT")
+
+    assert result is None
+    mock_query_invitation_by_code.assert_called_once_with("NONEXISTENT")
+
+
+@patch('backend.services.invitation_service.query_invitation_by_code')
+@patch('backend.services.invitation_service.count_invitation_usage')
+def test_check_invitation_available_not_found(mock_count_usage, mock_query_invitation_by_code):
+    """Test check_invitation_available when invitation not found (line 231-233)"""
+    mock_query_invitation_by_code.return_value = None
+
+    result = check_invitation_available("NONEXISTENT")
+
+    assert result is False
+    mock_query_invitation_by_code.assert_called_once_with("NONEXISTENT")
+    mock_count_usage.assert_not_called()
+
+
+@patch('backend.services.invitation_service.query_invitation_by_code')
+@patch('backend.services.invitation_service.count_invitation_usage')
+def test_check_invitation_available_not_in_use(mock_count_usage, mock_query_invitation_by_code):
+    """Test check_invitation_available when status is not IN_USE (lines 235-237)"""
+    mock_query_invitation_by_code.return_value = {
+        "invitation_id": 123,
+        "status": "EXPIRE",
+        "capacity": 5
+    }
+
+    result = check_invitation_available("ABC123")
+
+    assert result is False
+    mock_query_invitation_by_code.assert_called_once_with("ABC123")
+    mock_count_usage.assert_not_called()
+
+
+@patch('backend.services.invitation_service.query_invitation_by_code')
+@patch('backend.services.invitation_service.count_invitation_usage')
+def test_check_invitation_available_capacity_exceeded(mock_count_usage, mock_query_invitation_by_code):
+    """Test check_invitation_available when capacity exceeded (lines 239-241)"""
+    mock_query_invitation_by_code.return_value = {
+        "invitation_id": 123,
+        "status": "IN_USE",
+        "capacity": 5
+    }
+    mock_count_usage.return_value = 5  # At capacity
+
+    result = check_invitation_available("ABC123")
+
+    assert result is False
+    mock_query_invitation_by_code.assert_called_once_with("ABC123")
+    mock_count_usage.assert_called_once_with(123)
+
+
+@patch('backend.services.invitation_service.query_invitation_by_code')
+@patch('backend.services.invitation_service.count_invitation_usage')
+def test_check_invitation_available_success(mock_count_usage, mock_query_invitation_by_code):
+    """Test check_invitation_available success case"""
+    mock_query_invitation_by_code.return_value = {
+        "invitation_id": 123,
+        "status": "IN_USE",
+        "capacity": 5
+    }
+    mock_count_usage.return_value = 2  # Below capacity
+
+    result = check_invitation_available("ABC123")
+
+    assert result is True
+    mock_query_invitation_by_code.assert_called_once_with("ABC123")
+    mock_count_usage.assert_called_once_with(123)
+
+
 @patch('backend.services.invitation_service.check_invitation_available')
 @patch('backend.services.invitation_service.query_invitation_by_code')
 @patch('backend.services.invitation_service.add_invitation_record')
@@ -257,6 +545,26 @@ def test_use_invitation_code_unavailable(mock_check_available):
         )
 
 
+@patch('backend.services.invitation_service.check_invitation_available')
+@patch('backend.services.invitation_service.query_invitation_by_code')
+def test_use_invitation_code_double_check_not_found(mock_query_invitation_by_code, mock_check_available):
+    """Test use_invitation_code double check logic when invitation not found (lines 267-268)"""
+    # First check passes
+    mock_check_available.return_value = True
+    # But second check fails (double-check logic)
+    mock_query_invitation_by_code.return_value = None
+
+    with pytest.raises(NotFoundException, match="not found"):
+        use_invitation_code(
+            invitation_code="ABC123",
+            user_id="test_user"
+        )
+
+    # Verify both functions are called
+    mock_check_available.assert_called_once_with("ABC123")
+    mock_query_invitation_by_code.assert_called_once_with("ABC123")
+
+
 @patch('backend.services.invitation_service.query_invitation_by_id')
 @patch('backend.services.invitation_service.count_invitation_usage')
 @patch('backend.services.invitation_service.modify_invitation')
@@ -309,6 +617,62 @@ def test_update_invitation_code_status_run_out(
     )
 
 
+@patch('backend.services.invitation_service.query_invitation_by_id')
+def test_update_invitation_code_status_invitation_not_found(mock_query_invitation_by_id):
+    """Test update_invitation_code_status when invitation not found (lines 304-305)"""
+    mock_query_invitation_by_id.return_value = None
+
+    result = update_invitation_code_status(999)
+
+    assert result is False
+    mock_query_invitation_by_id.assert_called_once_with(999)
+
+
+@patch('backend.services.invitation_service.query_invitation_by_id')
+@patch('backend.services.invitation_service.count_invitation_usage')
+def test_update_invitation_code_status_invalid_expiry_date(mock_count_invitation_usage, mock_query_invitation_by_id):
+    """Test update_invitation_code_status with invalid expiry date handling (lines 317-327)"""
+    # Mock invitation with invalid expiry date
+    mock_query_invitation_by_id.return_value = {
+        "invitation_id": 123,
+        "expiry_date": "invalid-date-format",
+        "capacity": 5,
+        "status": "IN_USE"
+    }
+    mock_count_invitation_usage.return_value = 2
+
+    result = update_invitation_code_status(123)
+
+    # Should return False because status didn't change and invalid date was logged but not crashed
+    assert result is False
+    mock_query_invitation_by_id.assert_called_once_with(123)
+    mock_count_invitation_usage.assert_called_once_with(123)
+
+
+@patch('backend.services.invitation_service.query_invitation_by_id')
+@patch('backend.services.invitation_service.count_invitation_usage')
+def test_update_invitation_code_status_no_change(mock_count_invitation_usage, mock_query_invitation_by_id):
+    """Test update_invitation_code_status when status doesn't change (line 343)"""
+    from datetime import datetime
+
+    # Mock invitation that's not expired and not at capacity
+    future_date = datetime.now().replace(year=datetime.now().year + 1).isoformat()
+    mock_query_invitation_by_id.return_value = {
+        "invitation_id": 123,
+        "expiry_date": future_date,
+        "capacity": 10,
+        "status": "IN_USE"
+    }
+    mock_count_invitation_usage.return_value = 5  # Well below capacity
+
+    result = update_invitation_code_status(123)
+
+    # Should return False because status didn't change
+    assert result is False
+    mock_query_invitation_by_id.assert_called_once_with(123)
+    mock_count_invitation_usage.assert_called_once_with(123)
+
+
 @patch('backend.services.invitation_service.query_invitation_by_code')
 def test_generate_unique_invitation_code(mock_query_invitation_by_code):
     """Test generating unique invitation code"""
@@ -324,6 +688,44 @@ def test_generate_unique_invitation_code(mock_query_invitation_by_code):
         assert len(result) == 6
 
 
+@patch('backend.services.invitation_service.query_invitation_by_code')
+def test_generate_unique_invitation_code_uniqueness_logic(mock_query_invitation_by_code):
+    """Test _generate_unique_invitation_code uniqueness logic (line 359)"""
+    # Mock that first two codes exist, third doesn't
+    mock_query_invitation_by_code.side_effect = [True, True, None]
+
+    with patch('random.choices') as mock_random:
+        # First call returns existing code, second call also returns existing code, third call succeeds
+        mock_random.side_effect = [
+            ['A', 'B', 'C', '1', '2', '3'],  # First attempt - exists
+            ['D', 'E', 'F', '4', '5', '6'],  # Second attempt - exists
+            ['G', 'H', 'I', '7', '8', '9']   # Third attempt - doesn't exist
+        ]
+
+        result = _generate_unique_invitation_code()
+
+        assert result == "GHI789"
+        assert len(result) == 6
+        # Should be called 3 times: twice for existing codes, once for success
+        assert mock_query_invitation_by_code.call_count == 3
+
+
+@patch('backend.services.invitation_service.query_invitation_by_code')
+def test_generate_unique_invitation_code_max_attempts_exception(mock_query_invitation_by_code):
+    """Test _generate_unique_invitation_code max attempts exception (line 369)"""
+    # Mock that all codes exist (never find a unique one)
+    mock_query_invitation_by_code.return_value = True
+
+    with patch('random.choices') as mock_random:
+        mock_random.return_value = ['A', 'B', 'C', '1', '2', '3']
+
+        with pytest.raises(RuntimeError, match="Failed to generate unique invitation code after 100 attempts"):
+            _generate_unique_invitation_code()
+
+        # Should be called 100 times (max_attempts)
+        assert mock_query_invitation_by_code.call_count == 100
+
+
 @patch('backend.services.invitation_service.get_user_tenant_by_user_id')
 @patch('backend.services.invitation_service.query_invitations_with_pagination')
 def test_get_invitations_list_success(mock_query_invitations, mock_get_user, mock_user_info):

From 32b7c0d46a622cbb08d9490bde9489d72f15068b Mon Sep 17 00:00:00 2001
From: wmc1112 <759659013@qq.com>
Date: Thu, 15 Jan 2026 10:31:55 +0800
Subject: [PATCH 29/38] =?UTF-8?q?=F0=9F=93=9D=20Update=20app=20version=20t?=
 =?UTF-8?q?o=201.7.9.2?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 backend/consts/const.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/backend/consts/const.py b/backend/consts/const.py
index 7fd0e0098..3ba403089 100644
--- a/backend/consts/const.py
+++ b/backend/consts/const.py
@@ -287,4 +287,4 @@ class VectorDatabaseType(str, Enum):
 
 
 # APP Version
-APP_VERSION = "v1.7.9.1"
+APP_VERSION = "v1.7.9.2"

From d57280e564a81f0f3626296ee00c4bbfe11ecfc5 Mon Sep 17 00:00:00 2001
From: xuyaqi <xuyaqist@gmail.com>
Date: Thu, 15 Jan 2026 18:49:24 +0800
Subject: [PATCH 30/38] bugfix model setting buttons display text

---
 .../models/components/modelConfig.tsx         | 66 ++++++-------------
 1 file changed, 19 insertions(+), 47 deletions(-)

diff --git a/frontend/app/[locale]/models/components/modelConfig.tsx b/frontend/app/[locale]/models/components/modelConfig.tsx
index 5f4a699a9..08ea8af20 100644
--- a/frontend/app/[locale]/models/components/modelConfig.tsx
+++ b/frontend/app/[locale]/models/components/modelConfig.tsx
@@ -837,34 +837,21 @@ export const ModelConfigSection = forwardRef<
           }}
         >
           <Row gutter={[8, 8]} style={{ width: "100%" }}>
-            {modelEngineEnable && (
-              <Col xs={24} sm={12} md={6} lg={6} xl={6}>
-                <Button
-                  type="primary"
-                  size="middle"
-                  onClick={handleSyncModels}
-                  style={{ width: "100%" }}
-                  block
-                >
-                  <RefreshCw className="mr-1" size={16} />
-                  <span style={{ marginLeft: 4 }}>
-                    <span className="hidden xl:inline button-text-full">
-                      {t("modelConfig.button.syncModelEngine")}
-                    </span>
-                    <span className="xl:hidden button-text-short">
-                      {t("modelConfig.button.sync")}
-                    </span>
-                  </span>
-                </Button>
-              </Col>
-            )}
-            <Col
-              xs={24}
-              sm={12}
-              md={modelEngineEnable ? 6 : 8}
-              lg={modelEngineEnable ? 6 : 8}
-              xl={modelEngineEnable ? 6 : 8}
-            >
+            <Col xs={24} sm={12} md={6} lg={6} xl={6}>
+              <Button
+                type="primary"
+                size="middle"
+                onClick={handleSyncModels}
+                style={{ width: "100%" }}
+                icon={<RefreshCw size={16} />}
+                block
+              >
+                <span className="button-text-full">
+                  {t("modelConfig.button.syncModelEngine")}
+                </span>
+              </Button>
+            </Col>
+            <Col xs={24} sm={12} md={6} lg={6} xl={6}>
               <Button
                 type="primary"
                 size="middle"
@@ -876,21 +863,12 @@ export const ModelConfigSection = forwardRef<
                 style={{ width: "100%" }}
                 block
               >
-                <span className="hidden xl:inline button-text-full">
+                <span className="button-text-full">
                   {t("modelConfig.button.addCustomModel")}
                 </span>
-                <span className="xl:hidden button-text-short">
-                  {t("modelConfig.button.add")}
-                </span>
               </Button>
             </Col>
-            <Col
-              xs={24}
-              sm={12}
-              md={modelEngineEnable ? 6 : 8}
-              lg={modelEngineEnable ? 6 : 8}
-              xl={modelEngineEnable ? 6 : 8}
-            >
+            <Col xs={24} sm={12} md={6} lg={6} xl={6}>
               <Button
                 type="primary"
                 size="middle"
@@ -899,12 +877,9 @@ export const ModelConfigSection = forwardRef<
                 style={{ width: "100%" }}
                 block
               >
-                <span className="hidden xl:inline button-text-full">
+                <span className="button-text-full">
                   {t("modelConfig.button.editCustomModel")}
                 </span>
-                <span className="xl:hidden button-text-short">
-                  {t("modelConfig.button.edit")}
-                </span>
               </Button>
             </Col>
             <Col xs={24} sm={12} md={6} lg={6} xl={6}>
@@ -917,12 +892,9 @@ export const ModelConfigSection = forwardRef<
                 style={{ width: "100%" }}
                 block
               >
-                <span className="hidden xl:inline button-text-full">
+                <span className="button-text-full">
                   {t("modelConfig.button.checkConnectivity")}
                 </span>
-                <span className="xl:hidden button-text-short">
-                  {t("modelConfig.button.check")}
-                </span>
               </Button>
             </Col>
           </Row>

From 1366fa69a5e1c1564e14e54c4206ce78c7bcaf63 Mon Sep 17 00:00:00 2001
From: xuyaqi <xuyaqist@gmail.com>
Date: Thu, 15 Jan 2026 18:56:25 +0800
Subject: [PATCH 31/38] delete useless css

---
 frontend/styles/globals.css | 11 -----------
 1 file changed, 11 deletions(-)

diff --git a/frontend/styles/globals.css b/frontend/styles/globals.css
index 019ad8380..78eb70594 100644
--- a/frontend/styles/globals.css
+++ b/frontend/styles/globals.css
@@ -308,17 +308,6 @@
   min-width: 0;
 }
 
-/* Responsive button text - global utility */
-@media (max-width: 1279px) {
-  .button-text-full {
-    display: none !important;
-  }
-  .button-text-short {
-    display: inline !important;
-  }
-}
-
-
 .button-text-full {
   display: inline !important;
   overflow: hidden;

From 0726b4d801f0314eea86da7db2ece5eadefb6d84 Mon Sep 17 00:00:00 2001
From: xuyaqi <xuyaqist@gmail.com>
Date: Thu, 15 Jan 2026 19:15:38 +0800
Subject: [PATCH 32/38] Button Style Optimization

---
 .../agentInfo/AgentGenerateDetail.tsx         | 39 ++++++++++---------
 1 file changed, 20 insertions(+), 19 deletions(-)

diff --git a/frontend/app/[locale]/agents/components/agentInfo/AgentGenerateDetail.tsx b/frontend/app/[locale]/agents/components/agentInfo/AgentGenerateDetail.tsx
index 481f0d950..de2cbaa0c 100644
--- a/frontend/app/[locale]/agents/components/agentInfo/AgentGenerateDetail.tsx
+++ b/frontend/app/[locale]/agents/components/agentInfo/AgentGenerateDetail.tsx
@@ -64,7 +64,6 @@ export default function AgentGenerateDetail({
   // Generation state
   const [isGenerating, setIsGenerating] = useState(false);
 
-
   const userManuallySwitchedTabRef = useRef(false);
 
   const stylesObject: TabsProps["styles"] = {
@@ -94,8 +93,6 @@ export default function AgentGenerateDetail({
     businessLogicModelId: 0,
   });
 
-  
-
   // Initialize form values when component mounts or currentAgentId changes
   useEffect(() => {
     const initialAgentInfo = {
@@ -613,8 +610,8 @@ export default function AgentGenerateDetail({
               />
 
               {/* Control area */}
-              <Flex justify="space-between" align="center">
-                <div>
+              <Row style={{ width: "100%" }} justify="space-between">
+                <Col xs={24} sm={14} md={14} lg={14} xl={14}>
                   <span className="text-xs text-gray-600 mr-3">
                     {t("model.type.llm")}:
                   </span>
@@ -628,20 +625,24 @@ export default function AgentGenerateDetail({
                     size="middle"
                     disabled={!editable || isGenerating}
                   />
-                </div>
-
-                <button
-                  onClick={handleGenerateAgent}
-                  disabled={!editable || loadingModels || isGenerating}
-                  className="px-3 py-1.5 rounded-md flex items-center justify-center text-sm bg-blue-500 text-white hover:bg-blue-600 disabled:opacity-50 disabled:cursor-not-allowed"
-                  style={{ border: "none" }}
-                >
-                  <Zap size={16} className="mr-1" />
-                  {isGenerating
-                    ? t("businessLogic.config.button.generating")
-                    : t("businessLogic.config.button.generatePrompt")}
-                </button>
-              </Flex>
+                </Col>
+                <Col xs={24} sm={10} md={10} lg={10} xl={10}>
+                  <Button
+                    type="primary"
+                    size="middle"
+                    onClick={handleGenerateAgent}
+                    disabled={!editable || loadingModels || isGenerating}
+                    icon={<Zap size={16} />}
+                    style={{ width: "100%" }}
+                  >
+                    <span className="button-text-full">
+                      {isGenerating
+                        ? t("businessLogic.config.button.generating")
+                        : t("businessLogic.config.button.generatePrompt")}
+                    </span>
+                  </Button>
+                </Col>
+              </Row>
             </Card>
           </Flex>
         </Col>

From 1bd85b01099f06e45880d94f20428f38a8d7925e Mon Sep 17 00:00:00 2001
From: Jasonxia007 <iamjasonxia@126.com>
Date: Thu, 15 Jan 2026 19:01:38 +0800
Subject: [PATCH 33/38] =?UTF-8?q?=E2=99=BB=EF=B8=8F=20[WIP]=20User=20Manag?=
 =?UTF-8?q?ement=20Part3:=20Add=20app=20routes=20and=20revise=20some=20ser?=
 =?UTF-8?q?vice=20logic?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 backend/apps/config_app.py                    |   6 +
 backend/apps/group_app.py                     | 651 ++++++++++++++++++
 backend/apps/invitation_app.py                | 488 +++++++++++++
 backend/apps/tenant_app.py                    | 244 +++++++
 backend/apps/user_management_app.py           |  85 ++-
 backend/consts/model.py                       |   2 +
 backend/database/group_db.py                  |  24 +-
 backend/database/role_permission_db.py        | 145 ----
 backend/database/tenant_config_db.py          |   3 +-
 backend/services/invitation_service.py        |  96 ++-
 backend/services/user_management_service.py   |  29 +
 backend/services/vectordatabase_service.py    |  14 +-
 test/backend/app/test_config_app.py           |  72 ++
 test/backend/app/test_group_app.py            | 620 +++++++++++++++++
 test/backend/app/test_invitation_app.py       | 627 +++++++++++++++++
 test/backend/app/test_tenant_app.py           | 355 ++++++++++
 test/backend/app/test_user_management_app.py  | 107 +++
 test/backend/database/test_group_db.py        | 218 +++++-
 .../database/test_role_permission_db.py       | 156 +----
 .../backend/database/test_tenant_config_db.py | 539 +++++++++++++++
 .../services/test_invitation_service.py       |  58 +-
 .../services/test_user_management_service.py  |  64 ++
 .../services/test_vectordatabase_service.py   |  58 ++
 23 files changed, 4336 insertions(+), 325 deletions(-)
 create mode 100644 backend/apps/group_app.py
 create mode 100644 backend/apps/invitation_app.py
 create mode 100644 backend/apps/tenant_app.py
 create mode 100644 test/backend/app/test_group_app.py
 create mode 100644 test/backend/app/test_invitation_app.py
 create mode 100644 test/backend/app/test_tenant_app.py
 create mode 100644 test/backend/database/test_tenant_config_db.py

diff --git a/backend/apps/config_app.py b/backend/apps/config_app.py
index 88be72d55..67a5e934c 100644
--- a/backend/apps/config_app.py
+++ b/backend/apps/config_app.py
@@ -18,6 +18,9 @@
 from apps.tool_config_app import router as tool_config_router
 from apps.user_management_app import router as user_management_router
 from apps.voice_app import voice_config_router as voice_router
+from apps.tenant_app import router as tenant_router
+from apps.group_app import router as group_router
+from apps.invitation_app import router as invitation_router
 from consts.const import IS_SPEED_MODE
 
 # Import monitoring utilities
@@ -57,6 +60,9 @@
 app.include_router(prompt_router)
 app.include_router(tenant_config_router)
 app.include_router(remote_mcp_router)
+app.include_router(tenant_router)
+app.include_router(group_router)
+app.include_router(invitation_router)
 
 # Initialize monitoring for the application
 monitoring_manager.setup_fastapi_app(app)
diff --git a/backend/apps/group_app.py b/backend/apps/group_app.py
new file mode 100644
index 000000000..3648f0476
--- /dev/null
+++ b/backend/apps/group_app.py
@@ -0,0 +1,651 @@
+"""
+Group management API endpoints
+"""
+import logging
+from typing import Optional
+
+from fastapi import APIRouter, HTTPException, Header
+from http import HTTPStatus
+from starlette.responses import JSONResponse
+
+from consts.model import (
+    GroupCreateRequest, GroupUpdateRequest,
+    GroupUserRequest, GroupListRequest, SetDefaultGroupRequest
+)
+from consts.exceptions import NotFoundException, ValidationError, UnauthorizedError
+from services.group_service import (
+    create_group, get_group_info, update_group, delete_group,
+    add_user_to_single_group, remove_user_from_single_group, get_group_users,
+    add_user_to_groups, get_tenant_default_group_id, set_tenant_default_group_id,
+    get_groups_by_tenant
+)
+from services.tenant_service import get_tenant_info
+from utils.auth_utils import get_current_user_id
+
+logger = logging.getLogger(__name__)
+router = APIRouter(prefix="/groups", tags=["groups"])
+
+
+@router.post("", response_model=None)
+async def create_group_endpoint(
+    request: GroupCreateRequest,
+    authorization: Optional[str] = Header(None)
+) -> JSONResponse:
+    """
+    Create a new group
+
+    Args:
+        request: Group creation request
+        authorization: Bearer token for authentication
+
+    Returns:
+        JSONResponse: Created group information
+    """
+    try:
+        # Get current user ID from token
+        user_id, _ = get_current_user_id(authorization)
+
+        # Create group
+        group_info = create_group(
+            tenant_id=request.tenant_id,
+            group_name=request.group_name,
+            group_description=request.group_description,
+            user_id=user_id
+        )
+
+        logger.info(f"Created group '{request.group_name}' in tenant {request.tenant_id} by user {user_id}")
+
+        return JSONResponse(
+            status_code=HTTPStatus.CREATED,
+            content={
+                "message": "Group created successfully",
+                "data": group_info
+            }
+        )
+
+    except UnauthorizedError as exc:
+        logger.warning(f"Unauthorized group creation attempt: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.UNAUTHORIZED,
+            detail=str(exc)
+        )
+    except ValidationError as exc:
+        logger.warning(f"Group creation validation error: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.BAD_REQUEST,
+            detail=str(exc)
+        )
+    except Exception as exc:
+        logger.error(f"Unexpected error during group creation: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+            detail="Failed to create group"
+        )
+
+
+@router.get("/{group_id}")
+async def get_group_endpoint(group_id: int) -> JSONResponse:
+    """
+    Get group information by group ID
+
+    Args:
+        group_id: Group identifier
+        authorization: Bearer token for authentication
+
+    Returns:
+        JSONResponse: Group information
+    """
+    try:
+        # Get group info
+        group_info = get_group_info(group_id)
+
+        if not group_info:
+            raise NotFoundException(f"Group {group_id} not found")
+
+        return JSONResponse(
+            status_code=HTTPStatus.OK,
+            content={
+                "message": "Group retrieved successfully",
+                "data": group_info
+            }
+        )
+
+    except NotFoundException as exc:
+        logger.warning(f"Group not found: {group_id}")
+        raise HTTPException(
+            status_code=HTTPStatus.NOT_FOUND,
+            detail=str(exc)
+        )
+    except Exception as exc:
+        logger.error(f"Unexpected error retrieving group {group_id}: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+            detail="Failed to retrieve group"
+        )
+
+
+@router.post("/list")
+async def get_groups_endpoint(
+    request: GroupListRequest,
+) -> JSONResponse:
+    """
+    Search groups for a specific tenant with pagination
+
+    Args:
+        request: Group search request with tenant_id, page, and page_size
+
+    Returns:
+        JSONResponse: Paginated list of groups for the tenant
+    """
+    try:
+        # Validate tenant exists
+        get_tenant_info(request.tenant_id)
+        # Get groups under given tenant with pagination
+        result = get_groups_by_tenant(
+            tenant_id=request.tenant_id,
+            page=request.page,
+            page_size=request.page_size
+        )
+
+        return JSONResponse(
+            status_code=HTTPStatus.OK,
+            content={
+                "message": "Groups retrieved successfully",
+                "data": result["groups"],
+                "pagination": {
+                    "page": request.page,
+                    "page_size": request.page_size,
+                    "total": result["total"],
+                    "total_pages": (result["total"] + request.page_size - 1) // request.page_size
+                }
+            }
+        )
+
+    except NotFoundException as exc:
+        logger.warning(f"Tenant not found: {request.tenant_id}")
+        raise HTTPException(
+            status_code=HTTPStatus.NOT_FOUND,
+            detail=str(exc)
+        )
+    except Exception as exc:
+        logger.error(f"Unexpected error retrieving groups: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+            detail="Failed to retrieve groups"
+        )
+
+
+@router.put("/{group_id}")
+async def update_group_endpoint(
+    group_id: int,
+    request: GroupUpdateRequest,
+    authorization: Optional[str] = Header(None)
+) -> JSONResponse:
+    """
+    Update group information
+
+    Args:
+        group_id: Group identifier
+        request: Group update request
+        authorization: Bearer token for authentication
+
+    Returns:
+        JSONResponse: Success status
+    """
+    try:
+        # Get current user ID from token
+        user_id, _ = get_current_user_id(authorization)
+
+        # Prepare updates dict
+        updates = {}
+        if request.group_name is not None:
+            updates["group_name"] = request.group_name
+        if request.group_description is not None:
+            updates["group_description"] = request.group_description
+
+        if not updates:
+            raise ValidationError("No valid fields provided for update")
+
+        # Update group
+        success = update_group(
+            group_id=group_id,
+            updates=updates,
+            user_id=user_id
+        )
+
+        if not success:
+            raise ValidationError("Failed to update group")
+
+        logger.info(f"Updated group {group_id} by user {user_id}")
+
+        return JSONResponse(
+            status_code=HTTPStatus.OK,
+            content={
+                "message": "Group updated successfully"
+            }
+        )
+
+    except NotFoundException as exc:
+        logger.warning(f"Group not found for update: {group_id}")
+        raise HTTPException(
+            status_code=HTTPStatus.NOT_FOUND,
+            detail=str(exc)
+        )
+    except ValidationError as exc:
+        logger.warning(f"Group update validation error: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.BAD_REQUEST,
+            detail=str(exc)
+        )
+    except UnauthorizedError as exc:
+        logger.warning(f"Unauthorized group update attempt: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.UNAUTHORIZED,
+            detail=str(exc)
+        )
+    except Exception as exc:
+        logger.error(f"Unexpected error during group update: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+            detail="Failed to update group"
+        )
+
+
+@router.delete("/{group_id}")
+async def delete_group_endpoint(
+    group_id: int,
+    authorization: Optional[str] = Header(None)
+) -> JSONResponse:
+    """
+    Delete group
+
+    Args:
+        group_id: Group identifier
+        authorization: Bearer token for authentication
+
+    Returns:
+        JSONResponse: Success status
+    """
+    try:
+        # Get current user ID from token
+        user_id, _ = get_current_user_id(authorization)
+
+        # Delete group
+        success = delete_group(
+            group_id=group_id,
+            user_id=user_id
+        )
+
+        if not success:
+            raise ValidationError("Failed to delete group")
+
+        logger.info(f"Deleted group {group_id} by user {user_id}")
+
+        return JSONResponse(
+            status_code=HTTPStatus.OK,
+            content={
+                "message": "Group deleted successfully"
+            }
+        )
+
+    except NotFoundException as exc:
+        logger.warning(f"Group not found for deletion: {group_id}")
+        raise HTTPException(
+            status_code=HTTPStatus.NOT_FOUND,
+            detail=str(exc)
+        )
+    except ValidationError as exc:
+        logger.warning(f"Group deletion validation error: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.BAD_REQUEST,
+            detail=str(exc)
+        )
+    except UnauthorizedError as exc:
+        logger.warning(f"Unauthorized group deletion attempt: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.UNAUTHORIZED,
+            detail=str(exc)
+        )
+    except Exception as exc:
+        logger.error(f"Unexpected error during group deletion: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+            detail="Failed to delete group"
+        )
+
+
+@router.post("/{group_id}/members")
+async def add_user_to_group_endpoint(
+    group_id: int,
+    request: GroupUserRequest,
+    authorization: Optional[str] = Header(None)
+) -> JSONResponse:
+    """
+    Add user to group
+
+    Args:
+        group_id: Group identifier
+        request: User addition request containing user_id
+        authorization: Bearer token for authentication
+
+    Returns:
+        JSONResponse: Group membership result
+    """
+    try:
+        # Validate request - only user_id should be provided in body
+        if request.group_ids is not None:
+            raise ValidationError("group_ids should not be provided for single group operation")
+
+        # Get current user ID from token
+        current_user_id, _ = get_current_user_id(authorization)
+
+        # Add user to group
+        result = add_user_to_single_group(
+            group_id=group_id,
+            user_id=request.user_id,
+            current_user_id=current_user_id
+        )
+
+        logger.info(f"Added user {request.user_id} to group {group_id} by user {current_user_id}")
+
+        return JSONResponse(
+            status_code=HTTPStatus.OK,
+            content={
+                "message": "User added to group successfully",
+                "data": result
+            }
+        )
+
+    except NotFoundException as exc:
+        logger.warning(f"Group or user not found: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.NOT_FOUND,
+            detail=str(exc)
+        )
+    except ValidationError as exc:
+        logger.warning(f"Group membership validation error: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.BAD_REQUEST,
+            detail=str(exc)
+        )
+    except UnauthorizedError as exc:
+        logger.warning(f"Unauthorized group membership modification: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.UNAUTHORIZED,
+            detail=str(exc)
+        )
+    except Exception as exc:
+        logger.error(f"Unexpected error adding user to group: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+            detail="Failed to add user to group"
+        )
+
+
+@router.delete("/{group_id}/members/{user_id}")
+async def remove_user_from_group_endpoint(
+    group_id: int,
+    user_id: str,
+    authorization: Optional[str] = Header(None)
+) -> JSONResponse:
+    """
+    Remove user from group
+
+    Args:
+        group_id: Group identifier
+        user_id: User identifier
+        authorization: Bearer token for authentication
+
+    Returns:
+        JSONResponse: Success status
+    """
+    try:
+        # Get current user ID from token
+        current_user_id, _ = get_current_user_id(authorization)
+
+        # Remove user from group
+        success = remove_user_from_single_group(
+            group_id=group_id,
+            user_id=user_id,
+            current_user_id=current_user_id
+        )
+
+        if not success:
+            raise ValidationError("Failed to remove user from group")
+
+        logger.info(f"Removed user {user_id} from group {group_id} by user {current_user_id}")
+
+        return JSONResponse(
+            status_code=HTTPStatus.OK,
+            content={
+                "message": "User removed from group successfully"
+            }
+        )
+
+    except NotFoundException as exc:
+        logger.warning(f"Group or user not found: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.NOT_FOUND,
+            detail=str(exc)
+        )
+    except ValidationError as exc:
+        logger.warning(f"Group membership removal validation error: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.BAD_REQUEST,
+            detail=str(exc)
+        )
+    except UnauthorizedError as exc:
+        logger.warning(f"Unauthorized group membership modification: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.UNAUTHORIZED,
+            detail=str(exc)
+        )
+    except Exception as exc:
+        logger.error(f"Unexpected error removing user from group: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+            detail="Failed to remove user from group"
+        )
+
+
+@router.get("/{group_id}/members")
+async def get_group_users_endpoint(group_id: int) -> JSONResponse:
+    """
+    Get all users in a group
+
+    Args:
+        group_id: Group identifier
+        authorization: Bearer token for authentication
+
+    Returns:
+        JSONResponse: List of group users
+    """
+    try:
+        # Get group users
+        users = get_group_users(group_id)
+
+        return JSONResponse(
+            status_code=HTTPStatus.OK,
+            content={
+                "message": "Group users retrieved successfully",
+                "data": users
+            }
+        )
+
+    except NotFoundException as exc:
+        logger.warning(f"Group not found: {group_id}")
+        raise HTTPException(
+            status_code=HTTPStatus.NOT_FOUND,
+            detail=str(exc)
+        )
+    except Exception as exc:
+        logger.error(f"Unexpected error retrieving group users: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+            detail="Failed to retrieve group users"
+        )
+
+
+@router.post("/members/batch")
+async def add_user_to_groups_endpoint(
+    request: GroupUserRequest,
+    authorization: Optional[str] = Header(None)
+) -> JSONResponse:
+    """
+    Add user to multiple groups (batch operation)
+
+    Args:
+        request: Batch user addition request containing user_id and group_ids
+        authorization: Bearer token for authentication
+
+    Returns:
+        JSONResponse: Batch operation results
+    """
+    try:
+        # Validate request for batch operation
+        if request.group_ids is None or len(request.group_ids) == 0:
+            raise ValidationError("group_ids is required for batch operations")
+
+        # Get current user ID from token
+        current_user_id, _ = get_current_user_id(authorization)
+
+        # Add user to multiple groups
+        results = add_user_to_groups(
+            user_id=request.user_id,
+            group_ids=request.group_ids,
+            current_user_id=current_user_id
+        )
+
+        logger.info(f"Batch added user {request.user_id} to {len(request.group_ids)} groups by user {current_user_id}")
+
+        return JSONResponse(
+            status_code=HTTPStatus.OK,
+            content={
+                "message": "Batch user addition completed",
+                "data": results
+            }
+        )
+
+    except ValidationError as exc:
+        logger.warning(f"Batch user addition validation error: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.BAD_REQUEST,
+            detail=str(exc)
+        )
+    except UnauthorizedError as exc:
+        logger.warning(f"Unauthorized batch group membership modification: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.UNAUTHORIZED,
+            detail=str(exc)
+        )
+    except Exception as exc:
+        logger.error(f"Unexpected error in batch user addition: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+            detail="Failed to add user to groups"
+        )
+
+
+@router.get("/tenants/{tenant_id}/default")
+async def get_tenant_default_group_endpoint(tenant_id: str) -> JSONResponse:
+    """
+    Get tenant's default group ID
+
+    Args:
+        tenant_id: Tenant identifier
+        authorization: Bearer token for authentication
+
+    Returns:
+        JSONResponse: Default group ID
+    """
+    try:
+        # Get default group ID
+        default_group_id = get_tenant_default_group_id(tenant_id)
+
+        return JSONResponse(
+            status_code=HTTPStatus.OK,
+            content={
+                "message": "Default group ID retrieved successfully",
+                "data": {
+                    "tenant_id": tenant_id,
+                    "default_group_id": default_group_id
+                }
+            }
+        )
+
+    except Exception as exc:
+        logger.error(f"Unexpected error retrieving default group for tenant {tenant_id}: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+            detail="Failed to retrieve default group"
+        )
+
+
+@router.put("/tenants/{tenant_id}/default")
+async def set_tenant_default_group_endpoint(
+    tenant_id: str,
+    request: SetDefaultGroupRequest,
+    authorization: Optional[str] = Header(None)
+) -> JSONResponse:
+    """
+    Set tenant's default group ID
+
+    Args:
+        tenant_id: Tenant identifier
+        request: Request containing the default group ID to set
+        authorization: Bearer token for authentication
+
+    Returns:
+        JSONResponse: Success status
+    """
+    try:
+        # Get current user ID from token
+        user_id, _ = get_current_user_id(authorization)
+
+        # Set default group ID
+        success = set_tenant_default_group_id(
+            tenant_id=tenant_id,
+            group_id=request.default_group_id,
+            updated_by=user_id
+        )
+
+        if not success:
+            raise ValidationError("Failed to set default group")
+
+        logger.info(f"Set default group {request.default_group_id} for tenant {tenant_id} by user {user_id}")
+
+        return JSONResponse(
+            status_code=HTTPStatus.OK,
+            content={
+                "message": "Default group set successfully",
+                "data": {
+                    "tenant_id": tenant_id,
+                    "default_group_id": request.default_group_id
+                }
+            }
+        )
+
+    except NotFoundException as exc:
+        logger.warning(f"Tenant or group not found: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.NOT_FOUND,
+            detail=str(exc)
+        )
+    except ValidationError as exc:
+        logger.warning(f"Validation error setting default group: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.BAD_REQUEST,
+            detail=str(exc)
+        )
+    except UnauthorizedError as exc:
+        logger.warning(f"Unauthorized attempt to set default group: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.UNAUTHORIZED,
+            detail=str(exc)
+        )
+    except Exception as exc:
+        logger.error(f"Unexpected error setting default group for tenant {tenant_id}: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+            detail="Failed to set default group"
+        )
diff --git a/backend/apps/invitation_app.py b/backend/apps/invitation_app.py
new file mode 100644
index 000000000..1512e3274
--- /dev/null
+++ b/backend/apps/invitation_app.py
@@ -0,0 +1,488 @@
+"""
+Invitation management API endpoints
+"""
+import logging
+from typing import Optional
+
+from fastapi import APIRouter, HTTPException, Header
+from http import HTTPStatus
+from starlette.responses import JSONResponse
+
+from consts.model import (
+    InvitationCreateRequest, InvitationUpdateRequest, InvitationListRequest
+)
+from consts.exceptions import NotFoundException, ValidationError, UnauthorizedError
+from services.invitation_service import (
+    create_invitation_code, update_invitation_code, get_invitation_by_code,
+    check_invitation_available, use_invitation_code, update_invitation_code_status,
+    get_invitations_list, delete_invitation_code
+)
+from database.user_tenant_db import get_user_tenant_by_user_id
+from utils.auth_utils import get_current_user_id
+
+logger = logging.getLogger(__name__)
+router = APIRouter(prefix="/invitations", tags=["invitations"])
+
+
+@router.post("/list")
+async def list_invitations_endpoint(
+    request: InvitationListRequest,
+    authorization: Optional[str] = Header(None)
+) -> JSONResponse:
+    """
+    List invitation codes with pagination
+
+    Args:
+        request: Invitation list request with pagination parameters
+        authorization: Bearer token for authentication
+
+    Returns:
+        JSONResponse: Paginated list of invitation codes
+    """
+    try:
+        # Get current user ID from token
+        user_id, _ = get_current_user_id(authorization)
+
+        # Get invitations list
+        result = get_invitations_list(
+            tenant_id=request.tenant_id,
+            page=request.page,
+            page_size=request.page_size,
+            user_id=user_id
+        )
+
+        logger.info(f"User {user_id} retrieved invitation list (tenant: {request.tenant_id or 'all'}, page: {request.page}, size: {request.page_size})")
+
+        return JSONResponse(
+            status_code=HTTPStatus.OK,
+            content={
+                "message": "Invitation codes retrieved successfully",
+                "data": result
+            }
+        )
+
+    except UnauthorizedError as exc:
+        logger.warning(f"Unauthorized invitation list access attempt: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.UNAUTHORIZED,
+            detail=str(exc)
+        )
+    except Exception as exc:
+        logger.error(f"Unexpected error retrieving invitation list: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+            detail="Failed to retrieve invitation codes"
+        )
+
+
+@router.post("")
+async def create_invitation_endpoint(
+    request: InvitationCreateRequest,
+    authorization: Optional[str] = Header(None)
+) -> JSONResponse:
+    """
+    Create a new invitation code
+
+    Args:
+        request: Invitation creation request
+        authorization: Bearer token for authentication
+
+    Returns:
+        JSONResponse: Created invitation information
+    """
+    try:
+        # Get current user ID from token
+        user_id, _ = get_current_user_id(authorization)
+
+        # Validate tenant_id from request
+        tenant_id = request.tenant_id
+
+        # Preprocess request parameters to handle empty values
+        invitation_code = request.invitation_code if request.invitation_code else None
+        group_ids = request.group_ids if request.group_ids else None
+        expiry_date = request.expiry_date if request.expiry_date else None
+
+        # Create invitation code
+        invitation_info = create_invitation_code(
+            tenant_id=tenant_id,
+            code_type=request.code_type,
+            invitation_code=invitation_code,
+            group_ids=group_ids,
+            capacity=request.capacity,
+            expiry_date=expiry_date,
+            user_id=user_id
+        )
+
+        logger.info(f"Created invitation code {invitation_info['invitation_code']} (type: {request.code_type}) for tenant {tenant_id} by user {user_id}")
+
+        return JSONResponse(
+            status_code=HTTPStatus.CREATED,
+            content={
+                "message": "Invitation code created successfully",
+                "data": invitation_info
+            }
+        )
+
+    except ValueError as exc:
+        logger.warning(f"Invalid invitation creation parameters: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.BAD_REQUEST,
+            detail=str(exc)
+        )
+    except NotFoundException as exc:
+        logger.warning(f"User not found during invitation creation: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.NOT_FOUND,
+            detail=str(exc)
+        )
+    except UnauthorizedError as exc:
+        logger.warning(f"Unauthorized invitation creation attempt: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.UNAUTHORIZED,
+            detail=str(exc)
+        )
+    except Exception as exc:
+        logger.error(f"Unexpected error during invitation creation: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+            detail="Failed to create invitation code"
+        )
+
+
+@router.put("/{invitation_code}")
+async def update_invitation_endpoint(
+    invitation_code: str,
+    request: InvitationUpdateRequest,
+    authorization: Optional[str] = Header(None)
+) -> JSONResponse:
+    """
+    Update invitation code information
+
+    Args:
+        invitation_code: Invitation code
+        request: Invitation update request
+        authorization: Bearer token for authentication
+
+    Returns:
+        JSONResponse: Success status
+    """
+    try:
+        # Get current user ID from token
+        user_id, _ = get_current_user_id(authorization)
+
+        # Get invitation info to find invitation_id
+        invitation_info = get_invitation_by_code(invitation_code)
+        if not invitation_info:
+            raise NotFoundException(f"Invitation code {invitation_code} not found")
+
+        invitation_id = invitation_info["invitation_id"]
+
+        # Prepare updates dict
+        updates = {}
+        if request.capacity is not None:
+            updates["capacity"] = request.capacity
+        if request.expiry_date is not None:
+            updates["expiry_date"] = request.expiry_date
+        if request.group_ids is not None:
+            updates["group_ids"] = request.group_ids
+
+        if not updates:
+            raise ValidationError("No valid fields provided for update")
+
+        # Update invitation
+        success = update_invitation_code(
+            invitation_id=invitation_id,
+            updates=updates,
+            user_id=user_id
+        )
+
+        if not success:
+            raise ValidationError("Failed to update invitation code")
+
+        logger.info(f"Updated invitation code {invitation_code} by user {user_id}")
+
+        return JSONResponse(
+            status_code=HTTPStatus.OK,
+            content={
+                "message": "Invitation code updated successfully"
+            }
+        )
+
+    except NotFoundException as exc:
+        logger.warning(f"Invitation not found for update: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.NOT_FOUND,
+            detail=str(exc)
+        )
+    except ValidationError as exc:
+        logger.warning(f"Invitation update validation error: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.BAD_REQUEST,
+            detail=str(exc)
+        )
+    except UnauthorizedError as exc:
+        logger.warning(f"Unauthorized invitation update attempt: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.UNAUTHORIZED,
+            detail=str(exc)
+        )
+    except Exception as exc:
+        import traceback
+        logger.error(f"Unexpected error during invitation update: {str(exc)}")
+        logger.error(f"Exception type: {type(exc).__name__}")
+        logger.error(f"Full traceback: {traceback.format_exc()}")
+        raise HTTPException(
+            status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+            detail="Failed to update invitation code"
+        )
+
+
+@router.get("/{invitation_code}")
+async def get_invitation_endpoint(invitation_code: str) -> JSONResponse:
+    """
+    Get invitation information by code
+
+    Args:
+        invitation_code: Invitation code
+
+    Returns:
+        JSONResponse: Invitation information
+    """
+    try:
+        # Get invitation info
+        invitation_info = get_invitation_by_code(invitation_code)
+
+        if not invitation_info:
+            raise NotFoundException(f"Invitation code {invitation_code} not found")
+
+        return JSONResponse(
+            status_code=HTTPStatus.OK,
+            content={
+                "message": "Invitation code retrieved successfully",
+                "data": invitation_info
+            }
+        )
+
+    except NotFoundException as exc:
+        logger.warning(f"Invitation code not found: {invitation_code}")
+        raise HTTPException(
+            status_code=HTTPStatus.NOT_FOUND,
+            detail=str(exc)
+        )
+    except Exception as exc:
+        logger.error(f"Unexpected error retrieving invitation code {invitation_code}: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+            detail="Failed to retrieve invitation code"
+        )
+
+
+@router.delete("/{invitation_code}")
+async def delete_invitation_endpoint(
+    invitation_code: str,
+    authorization: Optional[str] = Header(None)
+) -> JSONResponse:
+    """
+    Delete invitation code
+
+    Args:
+        invitation_code: Invitation code to delete
+        authorization: Bearer token for authentication
+
+    Returns:
+        JSONResponse: Success status
+    """
+    try:
+        # Get current user ID from token
+        user_id, _ = get_current_user_id(authorization)
+
+        # Get invitation info to find invitation_id
+        invitation_info = get_invitation_by_code(invitation_code)
+        if not invitation_info:
+            raise NotFoundException(f"Invitation code {invitation_code} not found")
+
+        invitation_id = invitation_info["invitation_id"]
+
+        # Delete invitation code
+        success = delete_invitation_code(
+            invitation_id=invitation_id,
+            user_id=user_id
+        )
+
+        if not success:
+            raise ValidationError("Failed to delete invitation code")
+
+        logger.info(f"Deleted invitation code {invitation_code} by user {user_id}")
+
+        return JSONResponse(
+            status_code=HTTPStatus.OK,
+            content={
+                "message": "Invitation code deleted successfully"
+            }
+        )
+
+    except NotFoundException as exc:
+        logger.warning(f"Invitation not found for deletion: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.NOT_FOUND,
+            detail=str(exc)
+        )
+    except ValidationError as exc:
+        logger.warning(f"Invitation deletion validation error: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.BAD_REQUEST,
+            detail=str(exc)
+        )
+    except UnauthorizedError as exc:
+        logger.warning(f"Unauthorized invitation deletion attempt: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.UNAUTHORIZED,
+            detail=str(exc)
+        )
+    except Exception as exc:
+        logger.error(f"Unexpected error during invitation deletion: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+            detail="Failed to delete invitation code"
+        )
+
+
+@router.get("/{invitation_code}/available")
+async def check_invitation_available_endpoint(invitation_code: str) -> JSONResponse:
+    """
+    Check if invitation code is available for use
+
+    Args:
+        invitation_code: Invitation code to check
+
+    Returns:
+        JSONResponse: Availability status
+    """
+    try:
+        # Check availability
+        is_available = check_invitation_available(invitation_code)
+
+        return JSONResponse(
+            status_code=HTTPStatus.OK,
+            content={
+                "message": "Invitation availability checked successfully",
+                "data": {
+                    "invitation_code": invitation_code,
+                    "available": is_available
+                }
+            }
+        )
+
+    except Exception as exc:
+        logger.error(f"Unexpected error checking invitation availability: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+            detail="Failed to check invitation availability"
+        )
+
+
+@router.post("/{invitation_code}/use")
+async def use_invitation_endpoint(
+    invitation_code: str,
+    authorization: Optional[str] = Header(None)
+) -> JSONResponse:
+    """
+    Use an invitation code
+
+    Args:
+        invitation_code: Invitation code to use
+        authorization: Bearer token for authentication
+
+    Returns:
+        JSONResponse: Usage result
+    """
+    try:
+        # Get current user ID from token
+        current_user_id, _ = get_current_user_id(authorization)
+
+        # Users can use invitation codes for themselves
+
+        # Use invitation code
+        usage_result = use_invitation_code(
+            invitation_code=invitation_code,
+            user_id=current_user_id
+        )
+
+        logger.info(f"User {current_user_id} used invitation code {invitation_code}")
+
+        return JSONResponse(
+            status_code=HTTPStatus.OK,
+            content={
+                "message": "Invitation code used successfully",
+                "data": usage_result
+            }
+        )
+
+    except NotFoundException as exc:
+        logger.warning(f"Invitation code not available: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.NOT_FOUND,
+            detail=str(exc)
+        )
+    except UnauthorizedError as exc:
+        logger.warning(f"Unauthorized invitation usage attempt: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.UNAUTHORIZED,
+            detail=str(exc)
+        )
+    except Exception as exc:
+        logger.error(f"Unexpected error using invitation code: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+            detail="Failed to use invitation code"
+        )
+
+
+@router.post("/{invitation_code}/update-status")
+async def update_invitation_status_endpoint(invitation_code: str) -> JSONResponse:
+    """
+    Update invitation code status based on expiry and usage
+
+    Args:
+        invitation_code: Invitation code
+        authorization: Bearer token for authentication
+
+    Returns:
+        JSONResponse: Status update result
+    """
+    try:
+        # Get invitation info to find invitation_id
+        invitation_info = get_invitation_by_code(invitation_code)
+        if not invitation_info:
+            raise NotFoundException(f"Invitation code {invitation_code} not found")
+
+        invitation_id = invitation_info["invitation_id"]
+
+        # Update status
+        status_updated = update_invitation_code_status(invitation_id)
+
+        message = "Invitation status updated" if status_updated else "Invitation status unchanged"
+
+        return JSONResponse(
+            status_code=HTTPStatus.OK,
+            content={
+                "message": message,
+                "data": {
+                    "invitation_code": invitation_code,
+                    "status_updated": status_updated
+                }
+            }
+        )
+
+    except NotFoundException as exc:
+        logger.warning(f"Invitation not found for status update: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.NOT_FOUND,
+            detail=str(exc)
+        )
+    except Exception as exc:
+        logger.error(f"Unexpected error updating invitation status: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+            detail="Failed to update invitation status"
+        )
diff --git a/backend/apps/tenant_app.py b/backend/apps/tenant_app.py
new file mode 100644
index 000000000..07215b5b2
--- /dev/null
+++ b/backend/apps/tenant_app.py
@@ -0,0 +1,244 @@
+"""
+Tenant management API endpoints
+"""
+import logging
+from typing import Optional
+
+from fastapi import APIRouter, HTTPException, Header
+from http import HTTPStatus
+from starlette.responses import JSONResponse
+
+from consts.model import TenantCreateRequest, TenantUpdateRequest
+from consts.exceptions import NotFoundException, ValidationError, UnauthorizedError
+from services.tenant_service import create_tenant, get_tenant_info, get_all_tenants, update_tenant_info
+from utils.auth_utils import get_current_user_id
+
+logger = logging.getLogger(__name__)
+router = APIRouter(prefix="/tenants", tags=["tenants"])
+
+
+@router.post("", response_model=None)
+async def create_tenant_endpoint(
+    request: TenantCreateRequest,
+    authorization: Optional[str] = Header(None)
+) -> JSONResponse:
+    """
+    Create a new tenant
+
+    Args:
+        request: Tenant creation request
+        authorization: Bearer token for authentication
+
+    Returns:
+        JSONResponse: Created tenant information
+    """
+    try:
+        # Get current user ID from token
+        user_id, _ = get_current_user_id(authorization)
+
+        # Create tenant
+        tenant_info = create_tenant(
+            tenant_name=request.tenant_name,
+            created_by=user_id
+        )
+
+        logger.info(f"Created tenant {tenant_info['tenant_id']} by user {user_id}")
+
+        return JSONResponse(
+            status_code=HTTPStatus.CREATED,
+            content={
+                "message": "Tenant created successfully",
+                "data": tenant_info
+            }
+        )
+
+    except UnauthorizedError as exc:
+        logger.warning(f"Unauthorized tenant creation attempt: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.UNAUTHORIZED,
+            detail=str(exc)
+        )
+    except ValidationError as exc:
+        logger.warning(f"Tenant creation validation error: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.BAD_REQUEST,
+            detail=str(exc)
+        )
+    except Exception as exc:
+        logger.error(f"Unexpected error during tenant creation: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+            detail="Failed to create tenant"
+        )
+
+
+@router.get("/{tenant_id}")
+async def get_tenant_endpoint(tenant_id: str) -> JSONResponse:
+    """
+    Get tenant information by tenant ID
+
+    Args:
+        tenant_id: Tenant identifier
+
+    Returns:
+        JSONResponse: Tenant information
+    """
+    try:
+        # Get tenant info
+        tenant_info = get_tenant_info(tenant_id)
+
+        return JSONResponse(
+            status_code=HTTPStatus.OK,
+            content={
+                "message": "Tenant retrieved successfully",
+                "data": tenant_info
+            }
+        )
+
+    except NotFoundException as exc:
+        logger.warning(f"Tenant not found: {tenant_id}")
+        raise HTTPException(
+            status_code=HTTPStatus.NOT_FOUND,
+            detail=str(exc)
+        )
+    except Exception as exc:
+        logger.error(f"Unexpected error retrieving tenant {tenant_id}: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+            detail="Failed to retrieve tenant"
+        )
+
+
+@router.get("")
+async def get_all_tenants_endpoint() -> JSONResponse:
+    """
+    Get all tenants
+
+    Returns:
+        JSONResponse: List of all tenants
+    """
+    try:
+        # Get all tenants
+        tenants = get_all_tenants()
+
+        return JSONResponse(
+            status_code=HTTPStatus.OK,
+            content={
+                "message": "Tenants retrieved successfully",
+                "data": tenants
+            }
+        )
+
+    except Exception as exc:
+        logger.error(f"Unexpected error retrieving tenants: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+            detail="Failed to retrieve tenants"
+        )
+
+
+@router.put("/{tenant_id}")
+async def update_tenant_endpoint(
+    tenant_id: str,
+    request: TenantUpdateRequest,
+    authorization: Optional[str] = Header(None)
+) -> JSONResponse:
+    """
+    Update tenant information
+
+    Args:
+        tenant_id: Tenant identifier
+        request: Tenant update request
+        authorization: Bearer token for authentication
+
+    Returns:
+        JSONResponse: Updated tenant information
+    """
+    try:
+        # Get current user ID from token
+        user_id, _ = get_current_user_id(authorization)
+
+        # Update tenant
+        updated_tenant = update_tenant_info(
+            tenant_id=tenant_id,
+            tenant_name=request.tenant_name,
+            updated_by=user_id
+        )
+
+        logger.info(f"Updated tenant {tenant_id} by user {user_id}")
+
+        return JSONResponse(
+            status_code=HTTPStatus.OK,
+            content={
+                "message": "Tenant updated successfully",
+                "data": updated_tenant
+            }
+        )
+
+    except NotFoundException as exc:
+        logger.warning(f"Tenant not found for update: {tenant_id}")
+        raise HTTPException(
+            status_code=HTTPStatus.NOT_FOUND,
+            detail=str(exc)
+        )
+    except ValidationError as exc:
+        logger.warning(f"Tenant update validation error: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.BAD_REQUEST,
+            detail=str(exc)
+        )
+    except UnauthorizedError as exc:
+        logger.warning(f"Unauthorized tenant update attempt: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.UNAUTHORIZED,
+            detail=str(exc)
+        )
+    except Exception as exc:
+        logger.error(f"Unexpected error during tenant update: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+            detail="Failed to update tenant"
+        )
+
+
+@router.delete("/{tenant_id}")
+async def delete_tenant_endpoint(
+    tenant_id: str,
+    authorization: Optional[str] = Header(None)
+) -> JSONResponse:
+    """
+    Delete tenant (placeholder - not yet implemented)
+
+    Args:
+        tenant_id: Tenant identifier
+        authorization: Bearer token for authentication
+
+    Returns:
+        JSONResponse: Deletion result
+    """
+    try:
+        # Get current user ID from token
+        user_id, _ = get_current_user_id(authorization)
+
+        # Note: Delete functionality is not yet implemented in the service layer
+        # This will raise ValidationError as per current implementation
+        raise ValidationError("Tenant deletion is not yet implemented due to complex dependencies")
+
+    except ValidationError as exc:
+        logger.warning(f"Tenant deletion not supported: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.NOT_IMPLEMENTED,
+            detail=str(exc)
+        )
+    except UnauthorizedError as exc:
+        logger.warning(f"Unauthorized tenant deletion attempt: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.UNAUTHORIZED,
+            detail=str(exc)
+        )
+    except Exception as exc:
+        logger.error(f"Unexpected error during tenant deletion: {str(exc)}")
+        raise HTTPException(
+            status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+            detail="Failed to delete tenant"
+        )
diff --git a/backend/apps/user_management_app.py b/backend/apps/user_management_app.py
index 1d26aa10d..8265aed9c 100644
--- a/backend/apps/user_management_app.py
+++ b/backend/apps/user_management_app.py
@@ -10,8 +10,8 @@
 from consts.model import UserSignInRequest, UserSignUpRequest
 from consts.exceptions import NoInviteCodeException, IncorrectInviteCodeException, UserRegistrationException
 from services.user_management_service import get_authorized_client, validate_token, \
-    check_auth_service_health, signup_user, signin_user, refresh_user_token, \
-    get_session_by_authorization, revoke_regular_user
+    check_auth_service_health, signup_user, signup_user_with_invitation, signin_user, refresh_user_token, \
+    get_session_by_authorization, revoke_regular_user, get_user_info, get_permissions_by_role
 from consts.exceptions import UnauthorizedError
 from utils.auth_utils import get_current_user_id
 
@@ -41,10 +41,15 @@ async def service_health():
 async def signup(request: UserSignUpRequest):
     """User registration"""
     try:
-        user_data = await signup_user(email=request.email,
-                          password=request.password,
-                          is_admin=request.is_admin,
-                          invite_code=request.invite_code)
+        if request.with_new_invitation:
+            user_data = await signup_user_with_invitation(email=request.email,
+                                                          password=request.password,
+                                                          invite_code=request.invite_code)
+        else:
+            user_data = await signup_user(email=request.email,
+                                          password=request.password,
+                                          is_admin=request.is_admin,
+                                          invite_code=request.invite_code)
         if request.is_admin:
             success_message = "🎉 Admin account registered successfully! You now have system management permissions."
         else:
@@ -167,6 +172,43 @@ async def get_session(request: Request):
                             detail="Get user session failed")
 
 
+@router.get("/current_user_info")
+async def get_user_information(request: Request):
+    """Get current user information including user ID, group IDs, tenant ID, and role"""
+    authorization = request.headers.get("Authorization")
+    if not authorization:
+        # Treat as not logged in when missing token
+        return JSONResponse(status_code=HTTPStatus.OK,
+                            content={"message": "User not logged in",
+                                     "data": None})
+
+    try:
+        # Use the unified token validation function to get user ID
+        is_valid, user = validate_token(authorization)
+        if not is_valid or not user:
+            raise UnauthorizedError("User not logged in or session invalid")
+
+        user_id = user.id
+
+        # Get user information
+        user_info = await get_user_info(user_id)
+        if not user_info:
+            raise UnauthorizedError("User information not found")
+
+        return JSONResponse(status_code=HTTPStatus.OK,
+                            content={"message": "Success",
+                                     "data": user_info})
+
+    except UnauthorizedError as e:
+        logging.error(f"Get user information unauthorized: {str(e)}")
+        raise HTTPException(status_code=HTTPStatus.UNAUTHORIZED,
+                            detail="User not logged in or session invalid")
+    except Exception as e:
+        logging.error(f"Get user information failed: {str(e)}")
+        raise HTTPException(status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+                            detail="Get user information failed")
+
+
 @router.get("/current_user_id")
 async def get_user_id(request: Request):
     """Get current user ID, return None if not logged in"""
@@ -195,7 +237,7 @@ async def get_user_id(request: Request):
     except ValueError as e:
         logging.error(f"Get user ID failed: {str(e)}")
         raise HTTPException(status_code=HTTPStatus.UNPROCESSABLE_ENTITY,
-                            detail="User not logged in or session invalid")     
+                            detail="User not logged in or session invalid")
     except Exception as e:
         logging.error(f"Get user ID failed: {str(e)}")
         raise HTTPException(status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
@@ -245,3 +287,32 @@ async def revoke_user_account(request: Request):
         logging.error(f"User revoke failed: {str(e)}")
         raise HTTPException(
             status_code=HTTPStatus.INTERNAL_SERVER_ERROR, detail="User revoke failed")
+
+
+@router.get("/role_permissions/{user_role}")
+async def get_role_permissions(user_role: str):
+    """
+    Get all permissions for a specific user role.
+
+    Args:
+        user_role (str): User role to query permissions for (SU, ADMIN, DEV, USER)
+
+    Returns:
+        JSONResponse: Permissions data with success message
+    """
+    try:
+        permissions_data = await get_permissions_by_role(user_role)
+
+        return JSONResponse(status_code=HTTPStatus.OK, content={
+            "message": permissions_data["message"],
+            "data": {
+                "user_role": permissions_data["user_role"],
+                "permissions": permissions_data["permissions"],
+                "total_permissions": permissions_data["total_permissions"]
+            }
+        })
+    except Exception as e:
+        logging.error(
+            f"Failed to get role permissions for role {user_role}: {str(e)}")
+        raise HTTPException(status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+                            detail=f"Failed to retrieve permissions for role {user_role}")
diff --git a/backend/consts/model.py b/backend/consts/model.py
index 112464c1c..633a1fc82 100644
--- a/backend/consts/model.py
+++ b/backend/consts/model.py
@@ -527,6 +527,8 @@ class SetDefaultGroupRequest(BaseModel):
 # ---------------------------------------------------------------------------
 class InvitationCreateRequest(BaseModel):
     """Request model for creating invitation code"""
+    tenant_id: str = Field(
+        ..., min_length=1, description="Tenant ID where the invitation belongs")
     code_type: str = Field(
         ..., description="Invitation code type (ADMIN_INVITE, DEV_INVITE, USER_INVITE)")
     invitation_code: Optional[str] = Field(
diff --git a/backend/database/group_db.py b/backend/database/group_db.py
index 487d86715..346a29dd7 100644
--- a/backend/database/group_db.py
+++ b/backend/database/group_db.py
@@ -49,23 +49,37 @@ def query_groups(group_id: Union[int, str, List[int]]) -> Union[Optional[Dict[st
             return groups
 
 
-def query_groups_by_tenant(tenant_id: str) -> List[Dict[str, Any]]:
+def query_groups_by_tenant(tenant_id: str, page: int = 1, page_size: int = 20) -> Dict[str, Any]:
     """
-    Query all groups for a tenant
+    Query groups for a tenant with pagination
 
     Args:
         tenant_id (str): Tenant ID
+        page (int): Page number (1-based)
+        page_size (int): Number of items per page
 
     Returns:
-        List[Dict[str, Any]]: List of group records
+        Dict[str, Any]: Dictionary containing groups list and total count
     """
+    offset = (page - 1) * page_size
+
     with get_db_session() as session:
+        # Get total count
+        total = session.query(TenantGroupInfo).filter(
+            TenantGroupInfo.tenant_id == tenant_id,
+            TenantGroupInfo.delete_flag == "N"
+        ).count()
+
+        # Get paginated results
         result = session.query(TenantGroupInfo).filter(
             TenantGroupInfo.tenant_id == tenant_id,
             TenantGroupInfo.delete_flag == "N"
-        ).all()
+        ).offset(offset).limit(page_size).all()
 
-        return [as_dict(record) for record in result]
+        return {
+            "groups": [as_dict(record) for record in result],
+            "total": total
+        }
 
 
 def add_group(tenant_id: str, group_name: str, group_description: Optional[str] = None,
diff --git a/backend/database/role_permission_db.py b/backend/database/role_permission_db.py
index 71714430b..f2155a557 100644
--- a/backend/database/role_permission_db.py
+++ b/backend/database/role_permission_db.py
@@ -41,110 +41,6 @@ def get_all_role_permissions() -> List[Dict[str, Any]]:
         return [as_dict(record) for record in result]
 
 
-def create_role_permission(user_role: str, permission_category: Optional[str] = None,
-                          permission_type: Optional[str] = None, permission_subtype: Optional[str] = None,
-                          created_by: Optional[str] = None) -> int:
-    """
-    Create a new role permission
-
-    Args:
-        user_role (str): User role
-        permission_category (Optional[str]): Permission category
-        permission_type (Optional[str]): Permission type
-        permission_subtype (Optional[str]): Permission subtype
-        created_by (Optional[str]): Created by user
-
-    Returns:
-        int: Created role permission ID
-    """
-    with get_db_session() as session:
-        permission = RolePermission(
-            user_role=user_role,
-            permission_category=permission_category,
-            permission_type=permission_type,
-            permission_subtype=permission_subtype,
-            created_by=created_by,
-            updated_by=created_by
-        )
-        session.add(permission)
-        session.flush()  # To get the ID
-        return permission.role_permission_id
-
-
-def update_role_permission(role_permission_id: int, updates: Dict[str, Any],
-                          updated_by: Optional[str] = None) -> bool:
-    """
-    Update role permission
-
-    Args:
-        role_permission_id (int): Role permission ID
-        updates (Dict[str, Any]): Fields to update
-        updated_by (Optional[str]): Updated by user
-
-    Returns:
-        bool: Whether update was successful
-    """
-    with get_db_session() as session:
-        update_data = updates.copy()
-        if updated_by:
-            update_data["updated_by"] = updated_by
-
-        result = session.query(RolePermission).filter(
-            RolePermission.role_permission_id == role_permission_id,
-            RolePermission.delete_flag == "N"
-        ).update(update_data, synchronize_session=False)
-
-        return result > 0
-
-
-def soft_delete_role_permission(role_permission_id: int, updated_by: Optional[str] = None) -> bool:
-    """
-    Soft delete role permission
-
-    Args:
-        role_permission_id (int): Role permission ID
-        updated_by (Optional[str]): Updated by user
-
-    Returns:
-        bool: Whether deletion was successful
-    """
-    with get_db_session() as session:
-        update_data: Dict[str, Any] = {"delete_flag": "Y"}
-        if updated_by:
-            update_data["updated_by"] = updated_by
-
-        result = session.query(RolePermission).filter(
-            RolePermission.role_permission_id == role_permission_id,
-            RolePermission.delete_flag == "N"
-        ).update(update_data, synchronize_session=False)
-
-        return result > 0
-
-
-def delete_role_permissions_by_role(user_role: str, updated_by: Optional[str] = None) -> int:
-    """
-    Delete all permissions for a user role
-
-    Args:
-        user_role (str): User role
-        updated_by (Optional[str]): Updated by user
-
-    Returns:
-        int: Number of deleted permissions
-    """
-    with get_db_session() as session:
-        update_data: Dict[str, Any] = {"delete_flag": "Y"}
-        if updated_by:
-            update_data["updated_by"] = updated_by
-
-        result = session.query(RolePermission).filter(
-            RolePermission.user_role == user_role,
-            RolePermission.delete_flag == "N"
-        ).update(update_data, synchronize_session=False)
-
-        return result
-
-
 def check_role_permission(user_role: str, permission_category: Optional[str] = None,
                          permission_type: Optional[str] = None, permission_subtype: Optional[str] = None) -> bool:
     """
@@ -193,44 +89,3 @@ def get_permissions_by_category(permission_category: str) -> List[Dict[str, Any]
         ).all()
 
         return [as_dict(record) for record in result]
-
-
-def initialize_default_permissions() -> None:
-    """
-    Initialize default role permissions
-    This should be called during system setup
-    """
-    default_permissions = [
-        # SUPER_ADMIN permissions (SU)
-        {"user_role": "SU", "permission_category": "SYSTEM", "permission_type": "ALL", "permission_subtype": "FULL_ACCESS"},
-        # ADMIN permissions
-        {"user_role": "ADMIN", "permission_category": "USER_MANAGEMENT", "permission_type": "USER", "permission_subtype": "CRUD"},
-        {"user_role": "ADMIN", "permission_category": "GROUP_MANAGEMENT", "permission_type": "GROUP", "permission_subtype": "CRUD"},
-        {"user_role": "ADMIN", "permission_category": "KNOWLEDGE_BASE", "permission_type": "KNOWLEDGE", "permission_subtype": "CRUD"},
-        {"user_role": "ADMIN", "permission_category": "AGENT_MANAGEMENT", "permission_type": "AGENT", "permission_subtype": "CRUD"},
-        {"user_role": "ADMIN", "permission_category": "INVITATION_MANAGEMENT", "permission_type": "INVITATION", "permission_subtype": "CRUD"},
-        # DEV permissions
-        {"user_role": "DEV", "permission_category": "KNOWLEDGE_BASE", "permission_type": "KNOWLEDGE", "permission_subtype": "READ"},
-        {"user_role": "DEV", "permission_category": "KNOWLEDGE_BASE", "permission_type": "KNOWLEDGE", "permission_subtype": "CREATE"},
-        {"user_role": "DEV", "permission_category": "AGENT_MANAGEMENT", "permission_type": "AGENT", "permission_subtype": "READ"},
-        {"user_role": "DEV", "permission_category": "AGENT_MANAGEMENT", "permission_type": "AGENT", "permission_subtype": "CREATE"},
-        # USER permissions
-        {"user_role": "USER", "permission_category": "KNOWLEDGE_BASE", "permission_type": "KNOWLEDGE", "permission_subtype": "READ"},
-        {"user_role": "USER", "permission_category": "AGENT_MANAGEMENT", "permission_type": "AGENT", "permission_subtype": "READ"},
-    ]
-
-    for permission in default_permissions:
-        # Check if permission already exists
-        if not check_role_permission(
-            user_role=permission["user_role"],
-            permission_category=permission["permission_category"],
-            permission_type=permission["permission_type"],
-            permission_subtype=permission["permission_subtype"]
-        ):
-            create_role_permission(
-                user_role=permission["user_role"],
-                permission_category=permission["permission_category"],
-                permission_type=permission["permission_type"],
-                permission_subtype=permission["permission_subtype"],
-                created_by="SYSTEM"
-            )
diff --git a/backend/database/tenant_config_db.py b/backend/database/tenant_config_db.py
index fd4389e17..6ac4e08b6 100644
--- a/backend/database/tenant_config_db.py
+++ b/backend/database/tenant_config_db.py
@@ -3,6 +3,7 @@
 
 from sqlalchemy.exc import SQLAlchemyError
 
+from consts.const import TENANT_ID
 from database.client import get_db_session
 from database.db_models import TenantConfig
 
@@ -148,7 +149,7 @@ def get_all_tenant_ids():
     """
     with get_db_session() as session:
         result = session.query(TenantConfig.tenant_id).filter(
-            TenantConfig.config_key == "TENANT_NAME",
+            TenantConfig.config_key == TENANT_ID,
             TenantConfig.delete_flag == "N"
         ).distinct().all()
 
diff --git a/backend/services/invitation_service.py b/backend/services/invitation_service.py
index fb0dc5ac4..f4ba727c3 100644
--- a/backend/services/invitation_service.py
+++ b/backend/services/invitation_service.py
@@ -14,7 +14,8 @@
     modify_invitation,
     add_invitation_record,
     count_invitation_usage,
-    query_invitations_with_pagination
+    query_invitations_with_pagination,
+    remove_invitation
 )
 from database.user_tenant_db import get_user_tenant_by_user_id
 from database.group_db import query_group_ids_by_user
@@ -167,6 +168,47 @@ def update_invitation_code(
     return success
 
 
+def delete_invitation_code(invitation_id: int, user_id: str) -> bool:
+    """
+    Delete invitation code (soft delete).
+
+    Args:
+        invitation_id (int): Invitation ID to delete
+        user_id (str): Current user ID for permission checks
+
+    Returns:
+        bool: Whether deletion was successful
+
+    Raises:
+        UnauthorizedError: When user doesn't have permission to delete
+        NotFoundException: When invitation not found
+    """
+    # Check user permission
+    user_info = get_user_tenant_by_user_id(user_id)
+    if not user_info:
+        raise UnauthorizedError(f"User {user_id} not found")
+
+    user_role = user_info.get("user_role", "USER")
+    if user_role not in ["SU", "ADMIN"]:
+        raise UnauthorizedError(
+            f"User role {user_role} not authorized to delete invitation codes")
+
+    # Check if invitation exists
+    invitation_info = query_invitation_by_id(invitation_id)
+    if not invitation_info:
+        raise NotFoundException(f"Invitation {invitation_id} not found")
+
+    # Delete invitation code
+    success = remove_invitation(
+        invitation_id=invitation_id, updated_by=user_id)
+
+    if success:
+        logger.info(
+            f"Deleted invitation code {invitation_id} by user {user_id}")
+
+    return success
+
+
 def _normalize_invitation_data(invitation_data: Dict[str, Any]) -> Dict[str, Any]:
     """
     Normalize invitation data types for consistent API responses.
@@ -215,9 +257,61 @@ def get_invitation_by_code(invitation_code: str) -> Optional[Dict[str, Any]]:
         Optional[Dict[str, Any]]: Invitation code information or None if not found
     """
     invitation_data = query_invitation_by_code(invitation_code)
+    if invitation_data:
+        # Calculate current status to ensure expiry and capacity checks are current
+        invitation_data = _calculate_current_status(invitation_data)
     return _normalize_invitation_data(invitation_data) if invitation_data else None
 
 
+def _calculate_current_status(invitation_data: Dict[str, Any]) -> Dict[str, Any]:
+    """
+    Calculate the current status of an invitation based on expiry and usage.
+
+    Args:
+        invitation_data: Raw invitation data from database
+
+    Returns:
+        Updated invitation data with current status
+    """
+    if not invitation_data:
+        return invitation_data
+
+    invitation_id = invitation_data.get("invitation_id")
+    if not invitation_id:
+        return invitation_data
+
+    current_time = datetime.now()
+    expiry_date = invitation_data.get("expiry_date")
+    capacity = int(invitation_data.get("capacity", 1))
+
+    # Get usage count
+    usage_count = count_invitation_usage(invitation_id)
+    current_status = invitation_data.get("status", "IN_USE")
+
+    new_status = current_status
+
+    # Check expiry
+    if expiry_date:
+        try:
+            if isinstance(expiry_date, datetime):
+                expiry_datetime = expiry_date
+            else:
+                expiry_datetime = datetime.fromisoformat(
+                    str(expiry_date).replace('Z', '+00:00'))
+            if current_time > expiry_datetime:
+                new_status = "EXPIRE"
+        except (ValueError, AttributeError, TypeError):
+            logger.warning(f"Invalid expiry_date format for invitation {invitation_id}: {expiry_date}")
+
+    # Check capacity
+    if usage_count >= capacity:
+        new_status = "RUN_OUT"
+
+    # Update status in the data dict
+    invitation_data["status"] = new_status
+    return invitation_data
+
+
 def check_invitation_available(invitation_code: str) -> bool:
     """
     Check if invitation is available for use.
diff --git a/backend/services/user_management_service.py b/backend/services/user_management_service.py
index 5c0b55ce2..b565e8aad 100644
--- a/backend/services/user_management_service.py
+++ b/backend/services/user_management_service.py
@@ -20,6 +20,7 @@
 from database.memory_config_db import soft_delete_all_configs_by_user_id
 from database.conversation_db import soft_delete_all_conversations_by_user
 from database.group_db import query_group_ids_by_user
+from database.role_permission_db import get_role_permissions
 from utils.memory_utils import build_memory_config
 from nexent.memory.memory_service import clear_memory
 from services.invitation_service import use_invitation_code, check_invitation_available, get_invitation_by_code
@@ -539,3 +540,31 @@ async def get_user_info(user_id: str) -> Optional[Dict[str, Any]]:
         logging.error(
             f"Failed to get user info for user {user_id}: {str(e)}")
         return None
+
+
+async def get_permissions_by_role(user_role: str) -> Dict[str, Any]:
+    """
+    Get all permissions for a specific user role.
+
+    This method retrieves role permissions from the database and returns them
+    in a structured format suitable for API responses.
+
+    Args:
+        user_role (str): User role to query permissions for (SU, ADMIN, DEV, USER)
+
+    Returns:
+        Dict[str, Any]: Response containing permissions data and metadata
+    """
+    try:
+        permissions = get_role_permissions(user_role)
+
+        return {
+            "user_role": user_role,
+            "permissions": permissions,
+            "total_permissions": len(permissions),
+            "message": f"Successfully retrieved {len(permissions)} permissions for role {user_role}"
+        }
+    except Exception as e:
+        logging.error(
+            f"Failed to get role permissions for role {user_role}: {str(e)}")
+        raise Exception(f"Failed to retrieve permissions for role {user_role}")
diff --git a/backend/services/vectordatabase_service.py b/backend/services/vectordatabase_service.py
index 4954ece66..0095bb7ad 100644
--- a/backend/services/vectordatabase_service.py
+++ b/backend/services/vectordatabase_service.py
@@ -537,14 +537,22 @@ def list_indices(
             # Check permission based on user role
             permission = None
 
-            if user_role == "SU":
+            # Fallback logic: if user_id equals tenant_id, treat as legacy admin user
+            # even if user_role is None or empty
+            effective_user_role = user_role
+            if user_id == tenant_id:
+                effective_user_role = "ADMIN"
+                logger.debug(
+                    f"User {user_id} identified as legacy admin (user_id equals tenant_id)")
+
+            if effective_user_role == "SU":
                 # SU can see all knowledgebases
                 permission = "EDIT"
-            elif user_role == "ADMIN":
+            elif effective_user_role == "ADMIN":
                 # ADMIN can see all knowledgebases in their tenant
                 if record.get("tenant_id") == user_tenant_id:
                     permission = "EDIT"
-            elif user_role in ["USER", "DEV"]:
+            elif effective_user_role in ["USER", "DEV"]:
                 # USER/DEV need group-based permission checking
                 kb_group_ids_str = record.get("group_ids")
                 kb_group_ids = convert_string_to_list(kb_group_ids_str or "")
diff --git a/test/backend/app/test_config_app.py b/test/backend/app/test_config_app.py
index fcfcbc92e..87ca2b959 100644
--- a/test/backend/app/test_config_app.py
+++ b/test/backend/app/test_config_app.py
@@ -139,6 +139,78 @@ def test_exception_handling_with_client(self):
         response = self.client.get("/non-existent-endpoint")
         self.assertEqual(response.status_code, 404)
 
+    def test_speed_mode_logic(self):
+        """Test the speed mode conditional logic."""
+        # Since the conditional logic is executed at import time,
+        # we test the logic by checking the final state of the app
+        from apps.config_app import app
+        from consts.const import IS_SPEED_MODE
+
+        # Verify that the app has been properly initialized with routers
+        self.assertIsNotNone(app)
+        self.assertGreater(len(app.routes), 10)  # Should have many routes
+
+        # Test that IS_SPEED_MODE is accessible
+        self.assertIsInstance(IS_SPEED_MODE, bool)
+
+    @patch('utils.monitoring.monitoring_manager.setup_fastapi_app')
+    def test_monitoring_setup(self, mock_setup):
+        """Test that monitoring is set up for the application."""
+        # Re-import to trigger the setup
+        import importlib
+        import apps.config_app
+        importlib.reload(apps.config_app)
+
+        # Verify that setup_fastapi_app was called with the app
+        mock_setup.assert_called_once()
+        # The argument should be the FastAPI app instance
+        call_args = mock_setup.call_args[0]
+        self.assertEqual(call_args[0].root_path, "/api")
+
+    def test_all_routers_included(self):
+        """Test that all expected routers are included in the app."""
+        expected_routers = [
+            'model_manager_router',
+            'config_sync_router',
+            'agent_router',
+            'vectordatabase_router',
+            'voice_router',
+            'file_manager_router',
+            'proxy_router',
+            'tool_config_router',
+            'mock_user_management_router',  # or 'user_management_router' depending on IS_SPEED_MODE
+            'summary_router',
+            'prompt_router',
+            'tenant_config_router',
+            'remote_mcp_router',
+            'tenant_router',
+            'group_router',
+            'invitation_router'
+        ]
+
+        # Get all router names that were included
+        included_routers = []
+        for route in app.routes:
+            if hasattr(route, 'tags') and route.tags:
+                # Try to identify router by tags or other means
+                pass
+
+        # Since it's hard to identify routers directly from routes,
+        # we'll check that we have a reasonable number of routes
+        self.assertGreater(len(app.routes), 10)  # Should have many routes from all routers
+
+    def test_http_exception_handler_registration(self):
+        """Test that HTTP exception handler is properly registered."""
+        # Test that the exception handler exists in the app
+        exception_handlers = app.exception_handlers
+        self.assertIn(HTTPException, exception_handlers)
+
+    def test_generic_exception_handler_registration(self):
+        """Test that generic exception handler is properly registered."""
+        # Test that the exception handler exists in the app
+        exception_handlers = app.exception_handlers
+        self.assertIn(Exception, exception_handlers)
+
 
 if __name__ == "__main__":
     unittest.main()
diff --git a/test/backend/app/test_group_app.py b/test/backend/app/test_group_app.py
new file mode 100644
index 000000000..aee5e0485
--- /dev/null
+++ b/test/backend/app/test_group_app.py
@@ -0,0 +1,620 @@
+import pytest
+from unittest.mock import patch, MagicMock, AsyncMock
+import sys
+import os
+from typing import Optional
+
+# Add path for correct imports
+sys.path.insert(0, os.path.join(os.path.dirname(__file__), "../../../backend"))
+
+# Mock external dependencies
+sys.modules['boto3'] = MagicMock()
+sys.modules['psycopg2'] = MagicMock()
+sys.modules['supabase'] = MagicMock()
+
+# Apply critical patches before importing any modules
+storage_client_mock = MagicMock()
+minio_mock = MagicMock()
+minio_mock._ensure_bucket_exists = MagicMock()
+minio_mock.client = MagicMock()
+
+patch('nexent.storage.storage_client_factory.create_storage_client_from_config', return_value=storage_client_mock).start()
+patch('nexent.storage.minio_config.MinIOStorageConfig.validate', lambda self: None).start()
+patch('backend.database.client.MinioClient', return_value=minio_mock).start()
+patch('database.client.MinioClient', return_value=minio_mock).start()
+patch('elasticsearch.Elasticsearch', return_value=MagicMock()).start()
+
+# Import exception classes and models
+from consts.exceptions import NotFoundException, ValidationError, UnauthorizedError
+from consts.model import (
+    GroupCreateRequest, GroupUpdateRequest,
+    GroupUserRequest, GroupListRequest, SetDefaultGroupRequest
+)
+
+# Import the modules we need
+from fastapi.testclient import TestClient
+from http import HTTPStatus
+from fastapi import FastAPI
+
+# Create a test client with a fresh FastAPI app
+from apps.group_app import router
+
+app = FastAPI()
+app.include_router(router)
+client = TestClient(app)
+
+
+class TestGroupCreation:
+    """Test group creation endpoint"""
+
+    def test_create_group_success(self):
+        """Test successful group creation"""
+        mock_group_info = {
+            "group_id": 1,
+            "group_name": "Test Group",
+            "group_description": "Test Description",
+            "tenant_id": "tenant-123",
+            "created_by": "user-123"
+        }
+
+        with patch('apps.group_app.get_current_user_id') as mock_get_user, \
+             patch('apps.group_app.create_group') as mock_create_group:
+
+            mock_get_user.return_value = ("user-123", "tenant-123")
+            mock_create_group.return_value = mock_group_info
+
+            request_data = {
+                "tenant_id": "tenant-123",
+                "group_name": "Test Group",
+                "group_description": "Test Description"
+            }
+
+            response = client.post("/groups", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.CREATED
+            data = response.json()
+            assert data["message"] == "Group created successfully"
+            assert data["data"] == mock_group_info
+            mock_get_user.assert_called_once_with("Bearer token")
+            mock_create_group.assert_called_once_with(
+                tenant_id="tenant-123",
+                group_name="Test Group",
+                group_description="Test Description",
+                user_id="user-123"
+            )
+
+    def test_create_group_unauthorized(self):
+        """Test group creation with unauthorized access"""
+        with patch('apps.group_app.get_current_user_id') as mock_get_user:
+            mock_get_user.side_effect = UnauthorizedError("Invalid token")
+
+            request_data = {
+                "tenant_id": "tenant-123",
+                "group_name": "Test Group",
+                "group_description": "Test Description"
+            }
+
+            response = client.post("/groups", json=request_data, headers={"Authorization": "Bearer invalid"})
+
+            assert response.status_code == HTTPStatus.UNAUTHORIZED
+            data = response.json()
+            assert "Invalid token" in data["detail"]
+
+    def test_create_group_validation_error(self):
+        """Test group creation with validation error from service layer"""
+        with patch('apps.group_app.get_current_user_id') as mock_get_user, \
+             patch('apps.group_app.create_group') as mock_create_group:
+
+            mock_get_user.return_value = ("user-123", "tenant-123")
+            mock_create_group.side_effect = ValidationError("Group name already exists")
+
+            request_data = {
+                "tenant_id": "tenant-123",
+                "group_name": "Existing Group",
+                "group_description": "Test Description"
+            }
+
+            response = client.post("/groups", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.BAD_REQUEST
+            data = response.json()
+            assert "Group name already exists" in data["detail"]
+
+    def test_create_group_unexpected_error(self):
+        """Test group creation with unexpected error"""
+        with patch('apps.group_app.get_current_user_id') as mock_get_user, \
+             patch('apps.group_app.create_group') as mock_create_group:
+
+            mock_get_user.return_value = ("user-123", "tenant-123")
+            mock_create_group.side_effect = Exception("Database connection failed")
+
+            request_data = {
+                "tenant_id": "tenant-123",
+                "group_name": "Test Group",
+                "group_description": "Test Description"
+            }
+
+            response = client.post("/groups", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR
+            data = response.json()
+            assert data["detail"] == "Failed to create group"
+
+
+class TestGroupRetrieval:
+    """Test group retrieval endpoints"""
+
+    def test_get_group_success(self):
+        """Test successful group retrieval"""
+        mock_group_info = {
+            "group_id": 1,
+            "group_name": "Test Group",
+            "group_description": "Test Description",
+            "tenant_id": "tenant-123"
+        }
+
+        with patch('apps.group_app.get_group_info') as mock_get_group:
+            mock_get_group.return_value = mock_group_info
+
+            response = client.get("/groups/1")
+
+            assert response.status_code == HTTPStatus.OK
+            data = response.json()
+            assert data["message"] == "Group retrieved successfully"
+            assert data["data"] == mock_group_info
+            mock_get_group.assert_called_once_with(1)
+
+    def test_get_group_not_found(self):
+        """Test group retrieval when group doesn't exist"""
+        with patch('apps.group_app.get_group_info') as mock_get_group:
+            mock_get_group.return_value = None
+
+            response = client.get("/groups/999")
+
+            assert response.status_code == HTTPStatus.NOT_FOUND
+            data = response.json()
+            assert "Group 999 not found" in data["detail"]
+
+    def test_get_group_unexpected_error(self):
+        """Test group retrieval with unexpected error"""
+        with patch('apps.group_app.get_group_info') as mock_get_group:
+            mock_get_group.side_effect = Exception("Database error")
+
+            response = client.get("/groups/1")
+
+            assert response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR
+            data = response.json()
+            assert data["detail"] == "Failed to retrieve group"
+
+
+class TestGroupListing:
+    """Test group listing endpoint"""
+
+    def test_get_groups_success(self):
+        """Test successful group listing"""
+        mock_groups = [
+            {"group_id": 1, "group_name": "Group 1"},
+            {"group_id": 2, "group_name": "Group 2"}
+        ]
+        mock_result = {"groups": mock_groups, "total": 2}
+
+        with patch('apps.group_app.get_tenant_info') as mock_get_tenant, \
+             patch('apps.group_app.get_groups_by_tenant') as mock_get_groups:
+
+            mock_get_tenant.return_value = {"tenant_id": "tenant-123"}
+            mock_get_groups.return_value = mock_result
+
+            request_data = {
+                "tenant_id": "tenant-123",
+                "page": 1,
+                "page_size": 20
+            }
+
+            response = client.post("/groups/list", json=request_data)
+
+            assert response.status_code == HTTPStatus.OK
+            data = response.json()
+            assert data["message"] == "Groups retrieved successfully"
+            assert data["data"] == mock_groups
+            assert data["pagination"]["page"] == 1
+            assert data["pagination"]["page_size"] == 20
+            assert data["pagination"]["total"] == 2
+            assert data["pagination"]["total_pages"] == 1
+
+    def test_get_groups_tenant_not_found(self):
+        """Test group listing when tenant doesn't exist"""
+        with patch('apps.group_app.get_tenant_info') as mock_get_tenant:
+            mock_get_tenant.side_effect = NotFoundException("Tenant not found")
+
+            request_data = {
+                "tenant_id": "invalid-tenant",
+                "page": 1,
+                "page_size": 20
+            }
+
+            response = client.post("/groups/list", json=request_data)
+
+            assert response.status_code == HTTPStatus.NOT_FOUND
+            data = response.json()
+            assert "Tenant not found" in data["detail"]
+
+    def test_get_groups_unexpected_error(self):
+        """Test group listing with unexpected error"""
+        with patch('apps.group_app.get_tenant_info') as mock_get_tenant, \
+             patch('apps.group_app.get_groups_by_tenant') as mock_get_groups:
+
+            mock_get_tenant.return_value = {"tenant_id": "tenant-123"}
+            mock_get_groups.side_effect = Exception("Database error")
+
+            request_data = {
+                "tenant_id": "tenant-123",
+                "page": 1,
+                "page_size": 20
+            }
+
+            response = client.post("/groups/list", json=request_data)
+
+            assert response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR
+            data = response.json()
+            assert data["detail"] == "Failed to retrieve groups"
+
+
+class TestGroupUpdate:
+    """Test group update endpoint"""
+
+    def test_update_group_success(self):
+        """Test successful group update"""
+        with patch('apps.group_app.get_current_user_id') as mock_get_user, \
+             patch('apps.group_app.update_group') as mock_update_group:
+
+            mock_get_user.return_value = ("user-123", "tenant-123")
+            mock_update_group.return_value = True
+
+            request_data = {
+                "group_name": "Updated Group",
+                "group_description": "Updated Description"
+            }
+
+            response = client.put("/groups/1", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.OK
+            data = response.json()
+            assert data["message"] == "Group updated successfully"
+            mock_update_group.assert_called_once_with(
+                group_id=1,
+                updates={"group_name": "Updated Group", "group_description": "Updated Description"},
+                user_id="user-123"
+            )
+
+    def test_update_group_no_updates(self):
+        """Test group update with no valid fields"""
+        with patch('apps.group_app.get_current_user_id') as mock_get_user:
+            mock_get_user.return_value = ("user-123", "tenant-123")
+
+            request_data = {}
+
+            response = client.put("/groups/1", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.BAD_REQUEST
+            data = response.json()
+            assert "No valid fields provided for update" in data["detail"]
+
+    def test_update_group_not_found(self):
+        """Test group update when group doesn't exist"""
+        with patch('apps.group_app.get_current_user_id') as mock_get_user, \
+             patch('apps.group_app.update_group') as mock_update_group:
+
+            mock_get_user.return_value = ("user-123", "tenant-123")
+            mock_update_group.side_effect = NotFoundException("Group not found")
+
+            request_data = {"group_name": "Updated Group"}
+
+            response = client.put("/groups/999", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.NOT_FOUND
+            data = response.json()
+            assert "Group not found" in data["detail"]
+
+    def test_update_group_unauthorized(self):
+        """Test group update with unauthorized access"""
+        with patch('apps.group_app.get_current_user_id') as mock_get_user:
+            mock_get_user.side_effect = UnauthorizedError("Invalid token")
+
+            request_data = {"group_name": "Updated Group"}
+
+            response = client.put("/groups/1", json=request_data, headers={"Authorization": "Bearer invalid"})
+
+            assert response.status_code == HTTPStatus.UNAUTHORIZED
+            data = response.json()
+            assert "Invalid token" in data["detail"]
+
+
+class TestGroupDeletion:
+    """Test group deletion endpoint"""
+
+    def test_delete_group_success(self):
+        """Test successful group deletion"""
+        with patch('apps.group_app.get_current_user_id') as mock_get_user, \
+             patch('apps.group_app.delete_group') as mock_delete_group:
+
+            mock_get_user.return_value = ("user-123", "tenant-123")
+            mock_delete_group.return_value = True
+
+            response = client.delete("/groups/1", headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.OK
+            data = response.json()
+            assert data["message"] == "Group deleted successfully"
+            mock_delete_group.assert_called_once_with(group_id=1, user_id="user-123")
+
+    def test_delete_group_not_found(self):
+        """Test group deletion when group doesn't exist"""
+        with patch('apps.group_app.get_current_user_id') as mock_get_user, \
+             patch('apps.group_app.delete_group') as mock_delete_group:
+
+            mock_get_user.return_value = ("user-123", "tenant-123")
+            mock_delete_group.side_effect = NotFoundException("Group not found")
+
+            response = client.delete("/groups/999", headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.NOT_FOUND
+            data = response.json()
+            assert "Group not found" in data["detail"]
+
+    def test_delete_group_validation_error(self):
+        """Test group deletion with validation error"""
+        with patch('apps.group_app.get_current_user_id') as mock_get_user, \
+             patch('apps.group_app.delete_group') as mock_delete_group:
+
+            mock_get_user.return_value = ("user-123", "tenant-123")
+            mock_delete_group.side_effect = ValidationError("Cannot delete group with active members")
+
+            response = client.delete("/groups/1", headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.BAD_REQUEST
+            data = response.json()
+            assert "Cannot delete group with active members" in data["detail"]
+
+
+class TestGroupMembership:
+    """Test group membership endpoints"""
+
+    def test_add_user_to_group_success(self):
+        """Test successful user addition to group"""
+        mock_result = {"user_id": "user-123", "group_id": 1}
+
+        with patch('apps.group_app.get_current_user_id') as mock_get_user, \
+             patch('apps.group_app.add_user_to_single_group') as mock_add_user:
+
+            mock_get_user.return_value = ("user-456", "tenant-123")
+            mock_add_user.return_value = mock_result
+
+            request_data = {"user_id": "user-123"}
+
+            response = client.post("/groups/1/members", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.OK
+            data = response.json()
+            assert data["message"] == "User added to group successfully"
+            assert data["data"] == mock_result
+
+    def test_add_user_to_group_invalid_request(self):
+        """Test user addition with invalid request (group_ids provided)"""
+        request_data = {
+            "user_id": "user-123",
+            "group_ids": [1, 2]
+        }
+
+        response = client.post("/groups/1/members", json=request_data, headers={"Authorization": "Bearer token"})
+
+        assert response.status_code == HTTPStatus.BAD_REQUEST
+        data = response.json()
+        assert "group_ids should not be provided" in data["detail"]
+
+    def test_add_user_to_group_not_found(self):
+        """Test user addition when group or user doesn't exist"""
+        with patch('apps.group_app.get_current_user_id') as mock_get_user, \
+             patch('apps.group_app.add_user_to_single_group') as mock_add_user:
+
+            mock_get_user.return_value = ("user-456", "tenant-123")
+            mock_add_user.side_effect = NotFoundException("Group not found")
+
+            request_data = {"user_id": "user-123"}
+
+            response = client.post("/groups/999/members", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.NOT_FOUND
+            data = response.json()
+            assert "Group not found" in data["detail"]
+
+    def test_remove_user_from_group_success(self):
+        """Test successful user removal from group"""
+        with patch('apps.group_app.get_current_user_id') as mock_get_user, \
+             patch('apps.group_app.remove_user_from_single_group') as mock_remove_user:
+
+            mock_get_user.return_value = ("user-456", "tenant-123")
+            mock_remove_user.return_value = True
+
+            response = client.delete("/groups/1/members/user-123", headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.OK
+            data = response.json()
+            assert data["message"] == "User removed from group successfully"
+
+    def test_remove_user_from_group_not_found(self):
+        """Test user removal when group or user doesn't exist"""
+        with patch('apps.group_app.get_current_user_id') as mock_get_user, \
+             patch('apps.group_app.remove_user_from_single_group') as mock_remove_user:
+
+            mock_get_user.return_value = ("user-456", "tenant-123")
+            mock_remove_user.side_effect = NotFoundException("User not in group")
+
+            response = client.delete("/groups/1/members/user-999", headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.NOT_FOUND
+            data = response.json()
+            assert "User not in group" in data["detail"]
+
+    def test_get_group_users_success(self):
+        """Test successful retrieval of group users"""
+        mock_users = [
+            {"user_id": "user-1", "email": "user1@example.com"},
+            {"user_id": "user-2", "email": "user2@example.com"}
+        ]
+
+        with patch('apps.group_app.get_group_users') as mock_get_users:
+            mock_get_users.return_value = mock_users
+
+            response = client.get("/groups/1/members")
+
+            assert response.status_code == HTTPStatus.OK
+            data = response.json()
+            assert data["message"] == "Group users retrieved successfully"
+            assert data["data"] == mock_users
+
+    def test_get_group_users_not_found(self):
+        """Test group users retrieval when group doesn't exist"""
+        with patch('apps.group_app.get_group_users') as mock_get_users:
+            mock_get_users.side_effect = NotFoundException("Group not found")
+
+            response = client.get("/groups/999/members")
+
+            assert response.status_code == HTTPStatus.NOT_FOUND
+            data = response.json()
+            assert "Group not found" in data["detail"]
+
+
+class TestBatchGroupMembership:
+    """Test batch group membership endpoint"""
+
+    def test_add_user_to_groups_success(self):
+        """Test successful batch user addition to groups"""
+        mock_results = [
+            {"user_id": "user-123", "group_id": 1, "success": True},
+            {"user_id": "user-123", "group_id": 2, "success": True}
+        ]
+
+        with patch('apps.group_app.get_current_user_id') as mock_get_user, \
+             patch('apps.group_app.add_user_to_groups') as mock_add_batch:
+
+            mock_get_user.return_value = ("user-456", "tenant-123")
+            mock_add_batch.return_value = mock_results
+
+            request_data = {
+                "user_id": "user-123",
+                "group_ids": [1, 2]
+            }
+
+            response = client.post("/groups/members/batch", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.OK
+            data = response.json()
+            assert data["message"] == "Batch user addition completed"
+            assert data["data"] == mock_results
+
+    def test_add_user_to_groups_invalid_request(self):
+        """Test batch user addition with invalid request (no group_ids)"""
+        request_data = {"user_id": "user-123"}
+
+        response = client.post("/groups/members/batch", json=request_data, headers={"Authorization": "Bearer token"})
+
+        assert response.status_code == HTTPStatus.BAD_REQUEST
+        data = response.json()
+        assert "group_ids is required for batch operations" in data["detail"]
+
+    def test_add_user_to_groups_validation_error(self):
+        """Test batch user addition with validation error"""
+        with patch('apps.group_app.get_current_user_id') as mock_get_user, \
+             patch('apps.group_app.add_user_to_groups') as mock_add_batch:
+
+            mock_get_user.return_value = ("user-456", "tenant-123")
+            mock_add_batch.side_effect = ValidationError("Invalid group IDs")
+
+            request_data = {
+                "user_id": "user-123",
+                "group_ids": [1, 2]
+            }
+
+            response = client.post("/groups/members/batch", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.BAD_REQUEST
+            data = response.json()
+            assert "Invalid group IDs" in data["detail"]
+
+
+class TestDefaultGroupManagement:
+    """Test default group management endpoints"""
+
+    def test_get_tenant_default_group_success(self):
+        """Test successful retrieval of tenant default group"""
+        with patch('apps.group_app.get_tenant_default_group_id') as mock_get_default:
+            mock_get_default.return_value = 1
+
+            response = client.get("/groups/tenants/tenant-123/default")
+
+            assert response.status_code == HTTPStatus.OK
+            data = response.json()
+            assert data["message"] == "Default group ID retrieved successfully"
+            assert data["data"]["tenant_id"] == "tenant-123"
+            assert data["data"]["default_group_id"] == 1
+
+    def test_get_tenant_default_group_unexpected_error(self):
+        """Test tenant default group retrieval with unexpected error"""
+        with patch('apps.group_app.get_tenant_default_group_id') as mock_get_default:
+            mock_get_default.side_effect = Exception("Database error")
+
+            response = client.get("/groups/tenants/tenant-123/default")
+
+            assert response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR
+            data = response.json()
+            assert data["detail"] == "Failed to retrieve default group"
+
+    def test_set_tenant_default_group_success(self):
+        """Test successful setting of tenant default group"""
+        with patch('apps.group_app.get_current_user_id') as mock_get_user, \
+             patch('apps.group_app.set_tenant_default_group_id') as mock_set_default:
+
+            mock_get_user.return_value = ("user-123", "tenant-123")
+            mock_set_default.return_value = True
+
+            request_data = {"default_group_id": 2}
+
+            response = client.put("/groups/tenants/tenant-123/default", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.OK
+            data = response.json()
+            assert data["message"] == "Default group set successfully"
+            assert data["data"]["tenant_id"] == "tenant-123"
+            assert data["data"]["default_group_id"] == 2
+
+    def test_set_tenant_default_group_validation_error(self):
+        """Test setting tenant default group with validation error"""
+        with patch('apps.group_app.get_current_user_id') as mock_get_user, \
+             patch('apps.group_app.set_tenant_default_group_id') as mock_set_default:
+
+            mock_get_user.return_value = ("user-123", "tenant-123")
+            mock_set_default.side_effect = ValidationError("Group does not belong to tenant")
+
+            request_data = {"default_group_id": 999}
+
+            response = client.put("/groups/tenants/tenant-123/default", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.BAD_REQUEST
+            data = response.json()
+            assert "Group does not belong to tenant" in data["detail"]
+
+    def test_set_tenant_default_group_not_found(self):
+        """Test setting tenant default group when tenant doesn't exist"""
+        with patch('apps.group_app.get_current_user_id') as mock_get_user, \
+             patch('apps.group_app.set_tenant_default_group_id') as mock_set_default:
+
+            mock_get_user.return_value = ("user-123", "tenant-123")
+            mock_set_default.side_effect = NotFoundException("Tenant not found")
+
+            request_data = {"default_group_id": 2}
+
+            response = client.put("/groups/tenants/invalid-tenant/default", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.NOT_FOUND
+            data = response.json()
+            assert "Tenant not found" in data["detail"]
diff --git a/test/backend/app/test_invitation_app.py b/test/backend/app/test_invitation_app.py
new file mode 100644
index 000000000..5bcfe76b9
--- /dev/null
+++ b/test/backend/app/test_invitation_app.py
@@ -0,0 +1,627 @@
+import pytest
+from unittest.mock import patch, MagicMock, AsyncMock
+import sys
+import os
+from typing import Optional
+
+# Add path for correct imports
+sys.path.insert(0, os.path.join(os.path.dirname(__file__), "../../../backend"))
+
+# Mock external dependencies
+sys.modules['boto3'] = MagicMock()
+sys.modules['psycopg2'] = MagicMock()
+sys.modules['supabase'] = MagicMock()
+
+# Apply critical patches before importing any modules
+storage_client_mock = MagicMock()
+minio_mock = MagicMock()
+minio_mock._ensure_bucket_exists = MagicMock()
+minio_mock.client = MagicMock()
+
+patch('nexent.storage.storage_client_factory.create_storage_client_from_config', return_value=storage_client_mock).start()
+patch('nexent.storage.minio_config.MinIOStorageConfig.validate', lambda self: None).start()
+patch('backend.database.client.MinioClient', return_value=minio_mock).start()
+patch('database.client.MinioClient', return_value=minio_mock).start()
+patch('elasticsearch.Elasticsearch', return_value=MagicMock()).start()
+
+# Import exception classes and models
+from consts.exceptions import NotFoundException, ValidationError, UnauthorizedError
+from consts.model import (
+    InvitationCreateRequest, InvitationUpdateRequest, InvitationListRequest
+)
+
+# Import the modules we need
+from fastapi.testclient import TestClient
+from http import HTTPStatus
+from fastapi import FastAPI
+
+# Create a test client with a fresh FastAPI app
+from apps.invitation_app import router
+
+app = FastAPI()
+app.include_router(router)
+client = TestClient(app)
+
+
+class TestInvitationListing:
+    """Test invitation listing endpoint"""
+
+    def test_list_invitations_success(self):
+        """Test successful invitation listing"""
+        mock_result = [
+            {
+                "invitation_id": 1,
+                "invitation_code": "ABC123",
+                "code_type": "single_use",
+                "tenant_id": "tenant-123",
+                "capacity": 10,
+                "used_count": 2
+            },
+            {
+                "invitation_id": 2,
+                "invitation_code": "DEF456",
+                "code_type": "multi_use",
+                "tenant_id": "tenant-123",
+                "capacity": 50,
+                "used_count": 15
+            }
+        ]
+
+        with patch('apps.invitation_app.get_current_user_id') as mock_get_user, \
+             patch('apps.invitation_app.get_invitations_list') as mock_list_invitations:
+
+            mock_get_user.return_value = ("user-123", "tenant-123")
+            mock_list_invitations.return_value = mock_result
+
+            request_data = {
+                "tenant_id": "tenant-123",
+                "page": 1,
+                "page_size": 20
+            }
+
+            response = client.post("/invitations/list", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.OK
+            data = response.json()
+            assert data["message"] == "Invitation codes retrieved successfully"
+            assert data["data"] == mock_result
+            mock_get_user.assert_called_once_with("Bearer token")
+            mock_list_invitations.assert_called_once_with(
+                tenant_id="tenant-123",
+                page=1,
+                page_size=20,
+                user_id="user-123"
+            )
+
+    def test_list_invitations_unauthorized(self):
+        """Test invitation listing with unauthorized access"""
+        with patch('apps.invitation_app.get_current_user_id') as mock_get_user:
+            mock_get_user.side_effect = UnauthorizedError("Invalid token")
+
+            request_data = {
+                "tenant_id": "tenant-123",
+                "page": 1,
+                "page_size": 20
+            }
+
+            response = client.post("/invitations/list", json=request_data, headers={"Authorization": "Bearer invalid"})
+
+            assert response.status_code == HTTPStatus.UNAUTHORIZED
+            data = response.json()
+            assert "Invalid token" in data["detail"]
+
+    def test_list_invitations_unexpected_error(self):
+        """Test invitation listing with unexpected error"""
+        with patch('apps.invitation_app.get_current_user_id') as mock_get_user, \
+             patch('apps.invitation_app.get_invitations_list') as mock_list_invitations:
+
+            mock_get_user.return_value = ("user-123", "tenant-123")
+            mock_list_invitations.side_effect = Exception("Database error")
+
+            request_data = {
+                "tenant_id": "tenant-123",
+                "page": 1,
+                "page_size": 20
+            }
+
+            response = client.post("/invitations/list", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR
+            data = response.json()
+            assert data["detail"] == "Failed to retrieve invitation codes"
+
+
+class TestInvitationCreation:
+    """Test invitation creation endpoint"""
+
+    def test_create_invitation_success(self):
+        """Test successful invitation creation"""
+        mock_invitation_info = {
+            "invitation_id": 1,
+            "invitation_code": "ABC123",
+            "code_type": "single_use",
+            "tenant_id": "tenant-123",
+            "capacity": 10,
+            "group_ids": [1, 2],
+            "expiry_date": "2024-12-31T23:59:59Z",
+            "created_by": "user-123"
+        }
+
+        with patch('apps.invitation_app.get_current_user_id') as mock_get_user, \
+             patch('apps.invitation_app.create_invitation_code') as mock_create_invitation:
+
+            mock_get_user.return_value = ("user-123", "tenant-123")
+            mock_create_invitation.return_value = mock_invitation_info
+
+            request_data = {
+                "tenant_id": "tenant-123",
+                "code_type": "single_use",
+                "invitation_code": "ABC123",
+                "group_ids": [1, 2],
+                "capacity": 10,
+                "expiry_date": "2024-12-31T23:59:59Z"
+            }
+
+            response = client.post("/invitations", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.CREATED
+            data = response.json()
+            assert data["message"] == "Invitation code created successfully"
+            assert data["data"] == mock_invitation_info
+
+    def test_create_invitation_auto_generated_code(self):
+        """Test invitation creation with auto-generated code"""
+        mock_invitation_info = {
+            "invitation_id": 1,
+            "invitation_code": "AUTO456",
+            "code_type": "multi_use",
+            "tenant_id": "tenant-123",
+            "capacity": 50
+        }
+
+        with patch('apps.invitation_app.get_current_user_id') as mock_get_user, \
+             patch('apps.invitation_app.create_invitation_code') as mock_create_invitation:
+
+            mock_get_user.return_value = ("user-123", "tenant-123")
+            mock_create_invitation.return_value = mock_invitation_info
+
+            request_data = {
+                "tenant_id": "tenant-123",
+                "code_type": "multi_use",
+                "capacity": 50
+            }
+
+            response = client.post("/invitations", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.CREATED
+            data = response.json()
+            assert data["data"]["invitation_code"] == "AUTO456"
+
+    def test_create_invitation_user_not_found(self):
+        """Test invitation creation when user is not found"""
+        with patch('apps.invitation_app.get_current_user_id') as mock_get_user, \
+             patch('apps.invitation_app.create_invitation_code') as mock_create_invitation:
+
+            mock_get_user.return_value = ("user-999", "tenant-123")
+            mock_create_invitation.side_effect = NotFoundException("User user-999 not found")
+
+            request_data = {
+                "tenant_id": "tenant-123",
+                "code_type": "ADMIN_INVITE",
+                "capacity": 10
+            }
+
+            response = client.post("/invitations", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.NOT_FOUND
+            data = response.json()
+            assert "User user-999 not found" in data["detail"]
+
+    def test_create_invitation_value_error(self):
+        """Test invitation creation with value error"""
+        with patch('apps.invitation_app.get_current_user_id') as mock_get_user, \
+             patch('apps.invitation_app.create_invitation_code') as mock_create_invitation:
+
+            mock_get_user.return_value = ("user-123", "tenant-123")
+            mock_create_invitation.side_effect = ValueError("Invalid code type")
+
+            request_data = {
+                "tenant_id": "tenant-123",
+                "code_type": "invalid_type",
+                "capacity": 10
+            }
+
+            response = client.post("/invitations", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.BAD_REQUEST
+            data = response.json()
+            assert "Invalid code type" in data["detail"]
+
+
+class TestInvitationUpdate:
+    """Test invitation update endpoint"""
+
+    def test_update_invitation_success(self):
+        """Test successful invitation update"""
+        mock_invitation_info = {
+            "invitation_id": 1,
+            "invitation_code": "ABC123"
+        }
+
+        with patch('apps.invitation_app.get_current_user_id') as mock_get_user, \
+             patch('apps.invitation_app.get_invitation_by_code') as mock_get_invitation, \
+             patch('apps.invitation_app.update_invitation_code') as mock_update_invitation:
+
+            mock_get_user.return_value = ("user-123", "tenant-123")
+            mock_get_invitation.return_value = mock_invitation_info
+            mock_update_invitation.return_value = True
+
+            request_data = {
+                "capacity": 20,
+                "expiry_date": "2024-12-31T23:59:59Z"
+            }
+
+            response = client.put("/invitations/ABC123", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.OK
+            data = response.json()
+            assert data["message"] == "Invitation code updated successfully"
+            mock_update_invitation.assert_called_once_with(
+                invitation_id=1,
+                updates={"capacity": 20, "expiry_date": "2024-12-31T23:59:59Z"},
+                user_id="user-123"
+            )
+
+    def test_update_invitation_no_updates(self):
+        """Test invitation update with no valid fields"""
+        mock_invitation_info = {
+            "invitation_id": 1,
+            "invitation_code": "ABC123"
+        }
+
+        with patch('apps.invitation_app.get_current_user_id') as mock_get_user, \
+             patch('apps.invitation_app.get_invitation_by_code') as mock_get_invitation:
+
+            mock_get_user.return_value = ("user-123", "tenant-123")
+            mock_get_invitation.return_value = mock_invitation_info
+
+            request_data = {}
+
+            response = client.put("/invitations/ABC123", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.BAD_REQUEST
+            data = response.json()
+            assert "No valid fields provided for update" in data["detail"]
+
+    def test_update_invitation_not_found(self):
+        """Test invitation update when invitation doesn't exist"""
+        with patch('apps.invitation_app.get_current_user_id') as mock_get_user, \
+             patch('apps.invitation_app.get_invitation_by_code') as mock_get_invitation:
+
+            mock_get_user.return_value = ("user-123", "tenant-123")
+            mock_get_invitation.return_value = None
+
+            request_data = {"capacity": 20}
+
+            response = client.put("/invitations/NOTFOUND", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.NOT_FOUND
+            data = response.json()
+            assert "Invitation code NOTFOUND not found" in data["detail"]
+
+    def test_update_invitation_unauthorized(self):
+        """Test invitation update with unauthorized access"""
+        with patch('apps.invitation_app.get_current_user_id') as mock_get_user:
+            mock_get_user.side_effect = UnauthorizedError("Invalid token")
+
+            request_data = {"capacity": 20}
+
+            response = client.put("/invitations/ABC123", json=request_data, headers={"Authorization": "Bearer invalid"})
+
+            assert response.status_code == HTTPStatus.UNAUTHORIZED
+            data = response.json()
+            assert "Invalid token" in data["detail"]
+
+
+class TestInvitationRetrieval:
+    """Test invitation retrieval endpoints"""
+
+    def test_get_invitation_success(self):
+        """Test successful invitation retrieval"""
+        mock_invitation_info = {
+            "invitation_id": 1,
+            "invitation_code": "ABC123",
+            "code_type": "single_use",
+            "tenant_id": "tenant-123",
+            "capacity": 10,
+            "used_count": 2
+        }
+
+        with patch('apps.invitation_app.get_invitation_by_code') as mock_get_invitation:
+            mock_get_invitation.return_value = mock_invitation_info
+
+            response = client.get("/invitations/ABC123")
+
+            assert response.status_code == HTTPStatus.OK
+            data = response.json()
+            assert data["message"] == "Invitation code retrieved successfully"
+            assert data["data"] == mock_invitation_info
+            mock_get_invitation.assert_called_once_with("ABC123")
+
+    def test_get_invitation_not_found(self):
+        """Test invitation retrieval when invitation doesn't exist"""
+        with patch('apps.invitation_app.get_invitation_by_code') as mock_get_invitation:
+            mock_get_invitation.return_value = None
+
+            response = client.get("/invitations/NOTFOUND")
+
+            assert response.status_code == HTTPStatus.NOT_FOUND
+            data = response.json()
+            assert "Invitation code NOTFOUND not found" in data["detail"]
+
+    def test_get_invitation_unexpected_error(self):
+        """Test invitation retrieval with unexpected error"""
+        with patch('apps.invitation_app.get_invitation_by_code') as mock_get_invitation:
+            mock_get_invitation.side_effect = Exception("Database error")
+
+            response = client.get("/invitations/ABC123")
+
+            assert response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR
+            data = response.json()
+            assert data["detail"] == "Failed to retrieve invitation code"
+
+
+class TestInvitationAvailability:
+    """Test invitation availability check endpoint"""
+
+    def test_check_invitation_available_true(self):
+        """Test invitation availability check when available"""
+        with patch('apps.invitation_app.check_invitation_available') as mock_check_available:
+            mock_check_available.return_value = True
+
+            response = client.get("/invitations/ABC123/available")
+
+            assert response.status_code == HTTPStatus.OK
+            data = response.json()
+            assert data["message"] == "Invitation availability checked successfully"
+            assert data["data"]["invitation_code"] == "ABC123"
+            assert data["data"]["available"] is True
+            mock_check_available.assert_called_once_with("ABC123")
+
+    def test_check_invitation_available_false(self):
+        """Test invitation availability check when not available"""
+        with patch('apps.invitation_app.check_invitation_available') as mock_check_available:
+            mock_check_available.return_value = False
+
+            response = client.get("/invitations/ABC123/available")
+
+            assert response.status_code == HTTPStatus.OK
+            data = response.json()
+            assert data["data"]["available"] is False
+
+    def test_check_invitation_available_unexpected_error(self):
+        """Test invitation availability check with unexpected error"""
+        with patch('apps.invitation_app.check_invitation_available') as mock_check_available:
+            mock_check_available.side_effect = Exception("Database error")
+
+            response = client.get("/invitations/ABC123/available")
+
+            assert response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR
+            data = response.json()
+            assert data["detail"] == "Failed to check invitation availability"
+
+
+class TestInvitationUsage:
+    """Test invitation usage endpoint"""
+
+    def test_use_invitation_success(self):
+        """Test successful invitation usage"""
+        mock_usage_result = {
+            "invitation_code": "ABC123",
+            "user_id": "user-456",
+            "tenant_id": "tenant-123",
+            "group_ids": [1, 2],
+            "success": True
+        }
+
+        with patch('apps.invitation_app.get_current_user_id') as mock_get_user, \
+             patch('apps.invitation_app.use_invitation_code') as mock_use_invitation:
+
+            mock_get_user.return_value = ("user-456", "tenant-123")
+            mock_use_invitation.return_value = mock_usage_result
+
+            response = client.post("/invitations/ABC123/use", headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.OK
+            data = response.json()
+            assert data["message"] == "Invitation code used successfully"
+            assert data["data"] == mock_usage_result
+            mock_use_invitation.assert_called_once_with(
+                invitation_code="ABC123",
+                user_id="user-456"
+            )
+
+    def test_use_invitation_not_found(self):
+        """Test invitation usage when invitation doesn't exist"""
+        with patch('apps.invitation_app.get_current_user_id') as mock_get_user, \
+             patch('apps.invitation_app.use_invitation_code') as mock_use_invitation:
+
+            mock_get_user.return_value = ("user-456", "tenant-123")
+            mock_use_invitation.side_effect = NotFoundException("Invitation code not available")
+
+            response = client.post("/invitations/INVALID/use", headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.NOT_FOUND
+            data = response.json()
+            assert "Invitation code not available" in data["detail"]
+
+    def test_use_invitation_unauthorized(self):
+        """Test invitation usage with unauthorized access"""
+        with patch('apps.invitation_app.get_current_user_id') as mock_get_user:
+            mock_get_user.side_effect = UnauthorizedError("Invalid token")
+
+            response = client.post("/invitations/ABC123/use", headers={"Authorization": "Bearer invalid"})
+
+            assert response.status_code == HTTPStatus.UNAUTHORIZED
+            data = response.json()
+            assert "Invalid token" in data["detail"]
+
+
+class TestInvitationStatusUpdate:
+    """Test invitation status update endpoint"""
+
+    def test_update_invitation_status_success_updated(self):
+        """Test successful invitation status update when status changed"""
+        mock_invitation_info = {
+            "invitation_id": 1,
+            "invitation_code": "ABC123"
+        }
+
+        with patch('apps.invitation_app.get_invitation_by_code') as mock_get_invitation, \
+             patch('apps.invitation_app.update_invitation_code_status') as mock_update_status:
+
+            mock_get_invitation.return_value = mock_invitation_info
+            mock_update_status.return_value = True
+
+            response = client.post("/invitations/ABC123/update-status")
+
+            assert response.status_code == HTTPStatus.OK
+            data = response.json()
+            assert data["message"] == "Invitation status updated"
+            assert data["data"]["invitation_code"] == "ABC123"
+            assert data["data"]["status_updated"] is True
+            mock_update_status.assert_called_once_with(1)
+
+    def test_update_invitation_status_success_unchanged(self):
+        """Test successful invitation status update when status unchanged"""
+        mock_invitation_info = {
+            "invitation_id": 1,
+            "invitation_code": "ABC123"
+        }
+
+        with patch('apps.invitation_app.get_invitation_by_code') as mock_get_invitation, \
+             patch('apps.invitation_app.update_invitation_code_status') as mock_update_status:
+
+            mock_get_invitation.return_value = mock_invitation_info
+            mock_update_status.return_value = False
+
+            response = client.post("/invitations/ABC123/update-status")
+
+            assert response.status_code == HTTPStatus.OK
+            data = response.json()
+            assert data["message"] == "Invitation status unchanged"
+            assert data["data"]["status_updated"] is False
+
+    def test_update_invitation_status_not_found(self):
+        """Test invitation status update when invitation doesn't exist"""
+        with patch('apps.invitation_app.get_invitation_by_code') as mock_get_invitation:
+            mock_get_invitation.return_value = None
+
+            response = client.post("/invitations/NOTFOUND/update-status")
+
+            assert response.status_code == HTTPStatus.NOT_FOUND
+            data = response.json()
+            assert "Invitation code NOTFOUND not found" in data["detail"]
+
+    def test_update_invitation_status_unexpected_error(self):
+        """Test invitation status update with unexpected error"""
+        mock_invitation_info = {
+            "invitation_id": 1,
+            "invitation_code": "ABC123"
+        }
+
+        with patch('apps.invitation_app.get_invitation_by_code') as mock_get_invitation, \
+             patch('apps.invitation_app.update_invitation_code_status') as mock_update_status:
+
+            mock_get_invitation.return_value = mock_invitation_info
+            mock_update_status.side_effect = Exception("Database error")
+
+            response = client.post("/invitations/ABC123/update-status")
+
+            assert response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR
+            data = response.json()
+            assert data["detail"] == "Failed to update invitation status"
+
+
+class TestInvitationDeletion:
+    """Test invitation deletion endpoint"""
+
+    def test_delete_invitation_success(self):
+        """Test successful invitation deletion"""
+        mock_invitation_info = {
+            "invitation_id": 1,
+            "invitation_code": "ABC123"
+        }
+
+        with patch('apps.invitation_app.get_current_user_id') as mock_get_user, \
+             patch('apps.invitation_app.get_invitation_by_code') as mock_get_invitation, \
+             patch('apps.invitation_app.delete_invitation_code') as mock_delete_invitation:
+
+            mock_get_user.return_value = ("user-123", "tenant-123")
+            mock_get_invitation.return_value = mock_invitation_info
+            mock_delete_invitation.return_value = True
+
+            response = client.delete("/invitations/ABC123", headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.OK
+            data = response.json()
+            assert data["message"] == "Invitation code deleted successfully"
+            mock_delete_invitation.assert_called_once_with(
+                invitation_id=1,
+                user_id="user-123"
+            )
+
+    def test_delete_invitation_not_found(self):
+        """Test invitation deletion when invitation doesn't exist"""
+        with patch('apps.invitation_app.get_current_user_id') as mock_get_user, \
+             patch('apps.invitation_app.get_invitation_by_code') as mock_get_invitation:
+
+            mock_get_user.return_value = ("user-123", "tenant-123")
+            mock_get_invitation.return_value = None
+
+            response = client.delete("/invitations/NOTFOUND", headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.NOT_FOUND
+            data = response.json()
+            assert "Invitation code NOTFOUND not found" in data["detail"]
+
+    def test_delete_invitation_unauthorized(self):
+        """Test invitation deletion with unauthorized access"""
+        with patch('apps.invitation_app.get_current_user_id') as mock_get_user, \
+             patch('apps.invitation_app.delete_invitation_code') as mock_delete_invitation:
+
+            mock_get_user.return_value = ("user-123", "tenant-123")
+            mock_delete_invitation.side_effect = UnauthorizedError("User role USER not authorized to delete invitation codes")
+
+            # Need a valid invitation code for the request
+            mock_invitation_info = {"invitation_id": 1, "invitation_code": "ABC123"}
+
+            with patch('apps.invitation_app.get_invitation_by_code') as mock_get_invitation:
+                mock_get_invitation.return_value = mock_invitation_info
+
+                response = client.delete("/invitations/ABC123", headers={"Authorization": "Bearer token"})
+
+                assert response.status_code == HTTPStatus.UNAUTHORIZED
+                data = response.json()
+                assert "not authorized to delete invitation codes" in data["detail"]
+
+    def test_delete_invitation_validation_error(self):
+        """Test invitation deletion with validation error"""
+        mock_invitation_info = {
+            "invitation_id": 1,
+            "invitation_code": "ABC123"
+        }
+
+        with patch('apps.invitation_app.get_current_user_id') as mock_get_user, \
+             patch('apps.invitation_app.get_invitation_by_code') as mock_get_invitation, \
+             patch('apps.invitation_app.delete_invitation_code') as mock_delete_invitation:
+
+            mock_get_user.return_value = ("user-123", "tenant-123")
+            mock_get_invitation.return_value = mock_invitation_info
+            mock_delete_invitation.side_effect = ValidationError("Failed to delete invitation code")
+
+            response = client.delete("/invitations/ABC123", headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.BAD_REQUEST
+            data = response.json()
+            assert "Failed to delete invitation code" in data["detail"]
diff --git a/test/backend/app/test_tenant_app.py b/test/backend/app/test_tenant_app.py
new file mode 100644
index 000000000..c023746b3
--- /dev/null
+++ b/test/backend/app/test_tenant_app.py
@@ -0,0 +1,355 @@
+import pytest
+from unittest.mock import patch, MagicMock, AsyncMock
+import sys
+import os
+from typing import Optional
+
+# Add path for correct imports
+sys.path.insert(0, os.path.join(os.path.dirname(__file__), "../../../backend"))
+
+# Mock external dependencies
+sys.modules['boto3'] = MagicMock()
+sys.modules['psycopg2'] = MagicMock()
+sys.modules['supabase'] = MagicMock()
+
+# Apply critical patches before importing any modules
+storage_client_mock = MagicMock()
+minio_mock = MagicMock()
+minio_mock._ensure_bucket_exists = MagicMock()
+minio_mock.client = MagicMock()
+
+patch('nexent.storage.storage_client_factory.create_storage_client_from_config', return_value=storage_client_mock).start()
+patch('nexent.storage.minio_config.MinIOStorageConfig.validate', lambda self: None).start()
+patch('backend.database.client.MinioClient', return_value=minio_mock).start()
+patch('database.client.MinioClient', return_value=minio_mock).start()
+patch('elasticsearch.Elasticsearch', return_value=MagicMock()).start()
+
+# Import exception classes and models
+from consts.exceptions import NotFoundException, ValidationError, UnauthorizedError
+from consts.model import TenantCreateRequest, TenantUpdateRequest
+
+# Import the modules we need
+from fastapi.testclient import TestClient
+from http import HTTPStatus
+from fastapi import FastAPI
+
+# Create a test client with a fresh FastAPI app
+from apps.tenant_app import router
+
+app = FastAPI()
+app.include_router(router)
+client = TestClient(app)
+
+
+class TestTenantCreation:
+    """Test tenant creation endpoint"""
+
+    def test_create_tenant_success(self):
+        """Test successful tenant creation"""
+        mock_tenant_info = {
+            "tenant_id": "tenant-123",
+            "tenant_name": "Test Tenant",
+            "created_by": "user-456",
+            "created_at": "2024-01-01T00:00:00Z"
+        }
+
+        with patch('apps.tenant_app.get_current_user_id') as mock_get_user, \
+             patch('apps.tenant_app.create_tenant') as mock_create_tenant:
+
+            mock_get_user.return_value = ("user-456", "tenant-123")
+            mock_create_tenant.return_value = mock_tenant_info
+
+            request_data = {
+                "tenant_name": "Test Tenant"
+            }
+
+            response = client.post("/tenants", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.CREATED
+            data = response.json()
+            assert data["message"] == "Tenant created successfully"
+            assert data["data"] == mock_tenant_info
+            mock_get_user.assert_called_once_with("Bearer token")
+            mock_create_tenant.assert_called_once_with(
+                tenant_name="Test Tenant",
+                created_by="user-456"
+            )
+
+    def test_create_tenant_unauthorized(self):
+        """Test tenant creation with unauthorized access"""
+        with patch('apps.tenant_app.get_current_user_id') as mock_get_user:
+            mock_get_user.side_effect = UnauthorizedError("Invalid token")
+
+            request_data = {
+                "tenant_name": "Test Tenant"
+            }
+
+            response = client.post("/tenants", json=request_data, headers={"Authorization": "Bearer invalid"})
+
+            assert response.status_code == HTTPStatus.UNAUTHORIZED
+            data = response.json()
+            assert "Invalid token" in data["detail"]
+
+    def test_create_tenant_validation_error(self):
+        """Test tenant creation with validation error"""
+        with patch('apps.tenant_app.get_current_user_id') as mock_get_user, \
+             patch('apps.tenant_app.create_tenant') as mock_create_tenant:
+
+            mock_get_user.return_value = ("user-456", "tenant-123")
+            mock_create_tenant.side_effect = ValidationError("Tenant name already exists")
+
+            request_data = {
+                "tenant_name": "Existing Tenant"
+            }
+
+            response = client.post("/tenants", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.BAD_REQUEST
+            data = response.json()
+            assert "Tenant name already exists" in data["detail"]
+
+    def test_create_tenant_unexpected_error(self):
+        """Test tenant creation with unexpected error"""
+        with patch('apps.tenant_app.get_current_user_id') as mock_get_user, \
+             patch('apps.tenant_app.create_tenant') as mock_create_tenant:
+
+            mock_get_user.return_value = ("user-456", "tenant-123")
+            mock_create_tenant.side_effect = Exception("Database connection failed")
+
+            request_data = {
+                "tenant_name": "Test Tenant"
+            }
+
+            response = client.post("/tenants", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR
+            data = response.json()
+            assert data["detail"] == "Failed to create tenant"
+
+
+class TestTenantRetrieval:
+    """Test tenant retrieval endpoints"""
+
+    def test_get_tenant_success(self):
+        """Test successful tenant retrieval"""
+        mock_tenant_info = {
+            "tenant_id": "tenant-123",
+            "tenant_name": "Test Tenant",
+            "created_by": "user-456",
+            "created_at": "2024-01-01T00:00:00Z",
+            "updated_at": "2024-01-02T00:00:00Z"
+        }
+
+        with patch('apps.tenant_app.get_tenant_info') as mock_get_tenant:
+            mock_get_tenant.return_value = mock_tenant_info
+
+            response = client.get("/tenants/tenant-123")
+
+            assert response.status_code == HTTPStatus.OK
+            data = response.json()
+            assert data["message"] == "Tenant retrieved successfully"
+            assert data["data"] == mock_tenant_info
+            mock_get_tenant.assert_called_once_with("tenant-123")
+
+    def test_get_tenant_not_found(self):
+        """Test tenant retrieval when tenant doesn't exist"""
+        with patch('apps.tenant_app.get_tenant_info') as mock_get_tenant:
+            mock_get_tenant.side_effect = NotFoundException("Tenant tenant-999 not found")
+
+            response = client.get("/tenants/tenant-999")
+
+            assert response.status_code == HTTPStatus.NOT_FOUND
+            data = response.json()
+            assert "Tenant tenant-999 not found" in data["detail"]
+
+    def test_get_tenant_unexpected_error(self):
+        """Test tenant retrieval with unexpected error"""
+        with patch('apps.tenant_app.get_tenant_info') as mock_get_tenant:
+            mock_get_tenant.side_effect = Exception("Database error")
+
+            response = client.get("/tenants/tenant-123")
+
+            assert response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR
+            data = response.json()
+            assert data["detail"] == "Failed to retrieve tenant"
+
+    def test_get_all_tenants_success(self):
+        """Test successful retrieval of all tenants"""
+        mock_tenants = [
+            {
+                "tenant_id": "tenant-123",
+                "tenant_name": "Tenant 1",
+                "created_by": "user-456"
+            },
+            {
+                "tenant_id": "tenant-456",
+                "tenant_name": "Tenant 2",
+                "created_by": "user-789"
+            }
+        ]
+
+        with patch('apps.tenant_app.get_all_tenants') as mock_get_all_tenants:
+            mock_get_all_tenants.return_value = mock_tenants
+
+            response = client.get("/tenants")
+
+            assert response.status_code == HTTPStatus.OK
+            data = response.json()
+            assert data["message"] == "Tenants retrieved successfully"
+            assert data["data"] == mock_tenants
+            mock_get_all_tenants.assert_called_once()
+
+    def test_get_all_tenants_unexpected_error(self):
+        """Test retrieval of all tenants with unexpected error"""
+        with patch('apps.tenant_app.get_all_tenants') as mock_get_all_tenants:
+            mock_get_all_tenants.side_effect = Exception("Database error")
+
+            response = client.get("/tenants")
+
+            assert response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR
+            data = response.json()
+            assert data["detail"] == "Failed to retrieve tenants"
+
+
+class TestTenantUpdate:
+    """Test tenant update endpoint"""
+
+    def test_update_tenant_success(self):
+        """Test successful tenant update"""
+        mock_updated_tenant = {
+            "tenant_id": "tenant-123",
+            "tenant_name": "Updated Tenant Name",
+            "created_by": "user-456",
+            "updated_by": "user-789",
+            "updated_at": "2024-01-03T00:00:00Z"
+        }
+
+        with patch('apps.tenant_app.get_current_user_id') as mock_get_user, \
+             patch('apps.tenant_app.update_tenant_info') as mock_update_tenant:
+
+            mock_get_user.return_value = ("user-789", "tenant-123")
+            mock_update_tenant.return_value = mock_updated_tenant
+
+            request_data = {
+                "tenant_name": "Updated Tenant Name"
+            }
+
+            response = client.put("/tenants/tenant-123", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.OK
+            data = response.json()
+            assert data["message"] == "Tenant updated successfully"
+            assert data["data"] == mock_updated_tenant
+            mock_get_user.assert_called_once_with("Bearer token")
+            mock_update_tenant.assert_called_once_with(
+                tenant_id="tenant-123",
+                tenant_name="Updated Tenant Name",
+                updated_by="user-789"
+            )
+
+    def test_update_tenant_not_found(self):
+        """Test tenant update when tenant doesn't exist"""
+        with patch('apps.tenant_app.get_current_user_id') as mock_get_user, \
+             patch('apps.tenant_app.update_tenant_info') as mock_update_tenant:
+
+            mock_get_user.return_value = ("user-789", "tenant-123")
+            mock_update_tenant.side_effect = NotFoundException("Tenant tenant-999 not found")
+
+            request_data = {
+                "tenant_name": "Updated Name"
+            }
+
+            response = client.put("/tenants/tenant-999", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.NOT_FOUND
+            data = response.json()
+            assert "Tenant tenant-999 not found" in data["detail"]
+
+    def test_update_tenant_validation_error(self):
+        """Test tenant update with validation error"""
+        with patch('apps.tenant_app.get_current_user_id') as mock_get_user, \
+             patch('apps.tenant_app.update_tenant_info') as mock_update_tenant:
+
+            mock_get_user.return_value = ("user-789", "tenant-123")
+            mock_update_tenant.side_effect = ValidationError("Tenant name already exists")
+
+            request_data = {
+                "tenant_name": "Existing Name"
+            }
+
+            response = client.put("/tenants/tenant-123", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.BAD_REQUEST
+            data = response.json()
+            assert "Tenant name already exists" in data["detail"]
+
+    def test_update_tenant_unauthorized(self):
+        """Test tenant update with unauthorized access"""
+        with patch('apps.tenant_app.get_current_user_id') as mock_get_user:
+            mock_get_user.side_effect = UnauthorizedError("Invalid token")
+
+            request_data = {
+                "tenant_name": "Updated Name"
+            }
+
+            response = client.put("/tenants/tenant-123", json=request_data, headers={"Authorization": "Bearer invalid"})
+
+            assert response.status_code == HTTPStatus.UNAUTHORIZED
+            data = response.json()
+            assert "Invalid token" in data["detail"]
+
+    def test_update_tenant_unexpected_error(self):
+        """Test tenant update with unexpected error"""
+        with patch('apps.tenant_app.get_current_user_id') as mock_get_user, \
+             patch('apps.tenant_app.update_tenant_info') as mock_update_tenant:
+
+            mock_get_user.return_value = ("user-789", "tenant-123")
+            mock_update_tenant.side_effect = Exception("Database error")
+
+            request_data = {
+                "tenant_name": "Updated Name"
+            }
+
+            response = client.put("/tenants/tenant-123", json=request_data, headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR
+            data = response.json()
+            assert data["detail"] == "Failed to update tenant"
+
+
+class TestTenantDeletion:
+    """Test tenant deletion endpoint"""
+
+    def test_delete_tenant_not_implemented(self):
+        """Test tenant deletion returns not implemented"""
+        with patch('apps.tenant_app.get_current_user_id') as mock_get_user:
+            mock_get_user.return_value = ("user-789", "tenant-123")
+
+            response = client.delete("/tenants/tenant-123", headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.NOT_IMPLEMENTED
+            data = response.json()
+            assert "Tenant deletion is not yet implemented" in data["detail"]
+
+    def test_delete_tenant_unauthorized(self):
+        """Test tenant deletion with unauthorized access"""
+        with patch('apps.tenant_app.get_current_user_id') as mock_get_user:
+            mock_get_user.side_effect = UnauthorizedError("Invalid token")
+
+            response = client.delete("/tenants/tenant-123", headers={"Authorization": "Bearer invalid"})
+
+            assert response.status_code == HTTPStatus.UNAUTHORIZED
+            data = response.json()
+            assert "Invalid token" in data["detail"]
+
+    def test_delete_tenant_unexpected_error(self):
+        """Test tenant deletion with unexpected error during auth"""
+        with patch('apps.tenant_app.get_current_user_id') as mock_get_user:
+            mock_get_user.side_effect = Exception("Auth service error")
+
+            response = client.delete("/tenants/tenant-123", headers={"Authorization": "Bearer token"})
+
+            assert response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR
+            data = response.json()
+            assert data["detail"] == "Failed to delete tenant"
+
diff --git a/test/backend/app/test_user_management_app.py b/test/backend/app/test_user_management_app.py
index eefd270f9..807fa1c48 100644
--- a/test/backend/app/test_user_management_app.py
+++ b/test/backend/app/test_user_management_app.py
@@ -1,5 +1,6 @@
 import pytest
 from unittest.mock import patch, MagicMock, AsyncMock
+import unittest
 import sys
 import os
 
@@ -747,5 +748,111 @@ def test_signup_invalid_email_format(self):
         assert response.status_code == HTTPStatus.UNPROCESSABLE_ENTITY
 
 
+class TestGetRolePermissions(unittest.TestCase):
+    """Test get role permissions endpoint"""
+
+    @patch('apps.user_management_app.get_permissions_by_role')
+    def test_get_role_permissions_success(self, mock_get_permissions):
+        """Test successfully getting role permissions"""
+        # Setup mock data
+        mock_permissions_data = {
+            "user_role": "USER",
+            "permissions": [
+                {
+                    "role_permission_id": 1,
+                    "permission_category": "KNOWLEDGE_BASE",
+                    "permission_type": "KNOWLEDGE",
+                    "permission_subtype": "READ"
+                },
+                {
+                    "role_permission_id": 2,
+                    "permission_category": "AGENT_MANAGEMENT",
+                    "permission_type": "AGENT",
+                    "permission_subtype": "READ"
+                }
+            ],
+            "total_permissions": 2,
+            "message": "Successfully retrieved 2 permissions for role USER"
+        }
+        mock_get_permissions.return_value = mock_permissions_data
+
+        # Execute
+        response = client.get("/user/role_permissions/USER")
+
+        # Assert
+        assert response.status_code == HTTPStatus.OK
+        data = response.json()
+        assert data["message"] == "Successfully retrieved 2 permissions for role USER"
+        assert data["data"]["user_role"] == "USER"
+        assert len(data["data"]["permissions"]) == 2
+        assert data["data"]["total_permissions"] == 2
+        mock_get_permissions.assert_called_once_with("USER")
+
+    @patch('apps.user_management_app.get_permissions_by_role')
+    def test_get_role_permissions_admin_role(self, mock_get_permissions):
+        """Test getting permissions for ADMIN role"""
+        # Setup mock data for ADMIN role
+        mock_permissions_data = {
+            "user_role": "ADMIN",
+            "permissions": [
+                {
+                    "role_permission_id": 3,
+                    "permission_category": "USER_MANAGEMENT",
+                    "permission_type": "USER",
+                    "permission_subtype": "CRUD"
+                }
+            ],
+            "total_permissions": 1,
+            "message": "Successfully retrieved 1 permissions for role ADMIN"
+        }
+        mock_get_permissions.return_value = mock_permissions_data
+
+        # Execute
+        response = client.get("/user/role_permissions/ADMIN")
+
+        # Assert
+        assert response.status_code == HTTPStatus.OK
+        data = response.json()
+        assert data["data"]["user_role"] == "ADMIN"
+        assert data["data"]["total_permissions"] == 1
+        mock_get_permissions.assert_called_once_with("ADMIN")
+
+    @patch('apps.user_management_app.get_permissions_by_role')
+    def test_get_role_permissions_empty_result(self, mock_get_permissions):
+        """Test getting permissions for role with no permissions"""
+        # Setup mock data for role with no permissions
+        mock_permissions_data = {
+            "user_role": "NEW_ROLE",
+            "permissions": [],
+            "total_permissions": 0,
+            "message": "Successfully retrieved 0 permissions for role NEW_ROLE"
+        }
+        mock_get_permissions.return_value = mock_permissions_data
+
+        # Execute
+        response = client.get("/user/role_permissions/NEW_ROLE")
+
+        # Assert
+        assert response.status_code == HTTPStatus.OK
+        data = response.json()
+        assert data["data"]["user_role"] == "NEW_ROLE"
+        assert len(data["data"]["permissions"]) == 0
+        assert data["data"]["total_permissions"] == 0
+
+    @patch('apps.user_management_app.get_permissions_by_role')
+    def test_get_role_permissions_error(self, mock_get_permissions):
+        """Test error handling for role permissions endpoint"""
+        # Setup mock to raise exception
+        mock_get_permissions.side_effect = Exception("Database connection failed")
+
+        # Execute
+        response = client.get("/user/role_permissions/USER")
+
+        # Assert
+        assert response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR
+        data = response.json()
+        assert "Failed to retrieve permissions for role USER" in data["detail"]
+
+
 if __name__ == "__main__":
     pytest.main([__file__]) 
\ No newline at end of file
diff --git a/test/backend/database/test_group_db.py b/test/backend/database/test_group_db.py
index e76de74c5..74f556a08 100644
--- a/test/backend/database/test_group_db.py
+++ b/test/backend/database/test_group_db.py
@@ -280,9 +280,33 @@ def test_get_groups_by_tenant_success(monkeypatch, mock_session):
     mock_group1 = MockTenantGroupInfo(group_id=1, group_name="group1")
     mock_group2 = MockTenantGroupInfo(group_id=2, group_name="group2")
 
-    mock_filter = MagicMock()
-    mock_filter.all.return_value = [mock_group1, mock_group2]
-    query.filter.return_value = mock_filter
+    # Mock the count query
+    mock_count_filter = MagicMock()
+    mock_count_filter.count.return_value = 2
+    query.filter.return_value = mock_count_filter
+
+    # Create a separate mock for the paginated query
+    mock_paginated_filter = MagicMock()
+    mock_paginated_filter.offset.return_value = mock_paginated_filter
+    mock_paginated_filter.limit.return_value = mock_paginated_filter
+    mock_paginated_filter.all.return_value = [mock_group1, mock_group2]
+
+    # Mock session.query to return different objects for different calls
+    original_query = session.query
+    call_count = 0
+    def mock_query(*args, **kwargs):
+        nonlocal call_count
+        call_count += 1
+        if call_count == 1:  # First call for count
+            mock_q = MagicMock()
+            mock_q.filter.return_value = mock_count_filter
+            return mock_q
+        else:  # Second call for paginated results
+            mock_q = MagicMock()
+            mock_q.filter.return_value = mock_paginated_filter
+            return mock_q
+
+    session.query = mock_query
 
     mock_ctx = MagicMock()
     mock_ctx.__enter__.return_value = session
@@ -292,9 +316,10 @@ def test_get_groups_by_tenant_success(monkeypatch, mock_session):
 
     result = query_groups_by_tenant("test_tenant")
 
-    assert len(result) == 2
-    assert result[0]["group_name"] == "group1"
-    assert result[1]["group_name"] == "group2"
+    assert result["total"] == 2
+    assert len(result["groups"]) == 2
+    assert result["groups"][0]["group_name"] == "group1"
+    assert result["groups"][1]["group_name"] == "group2"
 
 
 def test_create_group_success(monkeypatch, mock_session):
@@ -561,6 +586,187 @@ def mock_query_func(*args, **kwargs):
     assert result == 5
 
 
+def test_query_groups_by_tenant_with_pagination(monkeypatch, mock_session):
+    """Test retrieving groups by tenant with pagination"""
+    session, query = mock_session
+
+    mock_group1 = MockTenantGroupInfo(group_id=1, group_name="group1")
+    mock_group2 = MockTenantGroupInfo(group_id=2, group_name="group2")
+
+    # Mock the count query
+    mock_count_filter = MagicMock()
+    mock_count_filter.count.return_value = 2
+
+    # Mock the paginated query chain
+    mock_limit = MagicMock()
+    mock_limit.all.return_value = [mock_group1, mock_group2]
+
+    mock_offset = MagicMock()
+    mock_offset.limit.return_value = mock_limit
+
+    mock_paginated_filter = MagicMock()
+    mock_paginated_filter.offset.return_value = mock_offset
+
+    # Mock session.query to return different objects for different calls
+    call_count = 0
+    def mock_query(*args, **kwargs):
+        nonlocal call_count
+        call_count += 1
+        if call_count == 1:  # First call for count
+            mock_q = MagicMock()
+            mock_q.filter.return_value = mock_count_filter
+            return mock_q
+        else:  # Second call for paginated results
+            mock_q = MagicMock()
+            mock_q.filter.return_value = mock_paginated_filter
+            return mock_q
+
+    session.query = mock_query
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.group_db.get_db_session", lambda: mock_ctx)
+    monkeypatch.setattr("backend.database.group_db.as_dict", lambda obj: obj.__dict__)
+
+    result = query_groups_by_tenant("test_tenant", page=2, page_size=10)
+
+    # Verify pagination parameters were used correctly
+    mock_paginated_filter.offset.assert_called_with(10)  # (page-1) * page_size = (2-1) * 10 = 10
+    mock_offset.limit.assert_called_with(10)
+
+    assert result["total"] == 2
+    assert len(result["groups"]) == 2
+    assert result["groups"][0]["group_name"] == "group1"
+    assert result["groups"][1]["group_name"] == "group2"
+
+
+def test_modify_group_no_updates_provided(monkeypatch, mock_session):
+    """Test modifying group with no updates provided"""
+    session, query = mock_session
+
+    mock_update = MagicMock()
+    mock_update.return_value = 1
+    mock_filter = MagicMock()
+    mock_filter.update = mock_update
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.group_db.get_db_session", lambda: mock_ctx)
+
+    result = modify_group(group_id=123, updates={})
+
+    assert result is True
+
+
+def test_modify_group_no_rows_affected(monkeypatch, mock_session):
+    """Test modifying group when no rows are affected"""
+    session, query = mock_session
+
+    mock_update = MagicMock()
+    mock_update.return_value = 0  # No rows affected
+    mock_filter = MagicMock()
+    mock_filter.update = mock_update
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.group_db.get_db_session", lambda: mock_ctx)
+
+    result = modify_group(group_id=999, updates={"group_name": "new_name"})
+
+    assert result is False
+
+
+def test_remove_group_no_rows_affected(monkeypatch, mock_session):
+    """Test removing group when no rows are affected"""
+    session, query = mock_session
+
+    mock_update = MagicMock()
+    mock_update.return_value = 0  # No rows affected
+    mock_filter = MagicMock()
+    mock_filter.update = mock_update
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.group_db.get_db_session", lambda: mock_ctx)
+
+    result = remove_group(group_id=999, updated_by="test_user")
+
+    assert result is False
+
+
+def test_remove_user_from_group_no_rows_affected(monkeypatch, mock_session):
+    """Test removing user from group when no rows are affected"""
+    session, query = mock_session
+
+    mock_update = MagicMock()
+    mock_update.return_value = 0  # No rows affected
+    mock_filter = MagicMock()
+    mock_filter.update = mock_update
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.group_db.get_db_session", lambda: mock_ctx)
+
+    result = remove_user_from_group(group_id=999, user_id="nonexistent_user", updated_by="test_user")
+
+    assert result is False
+
+
+def test_query_groups_by_user_no_groups(monkeypatch, mock_session):
+    """Test retrieving groups for user when user has no groups"""
+    session, query = mock_session
+
+    mock_join = MagicMock()
+    mock_filter = MagicMock()
+    mock_filter.all.return_value = []
+    mock_join.filter.return_value = mock_filter
+    query.join.return_value = mock_join
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.group_db.get_db_session", lambda: mock_ctx)
+    monkeypatch.setattr("backend.database.group_db.as_dict", lambda obj: obj.__dict__)
+
+    result = query_groups_by_user("user_with_no_groups")
+
+    assert result == []
+
+
+def test_query_group_ids_by_user_no_groups(monkeypatch, mock_session):
+    """Test retrieving group IDs for user when user has no groups"""
+    session, _ = mock_session
+
+    # Create a mock query that returns empty result
+    mock_specific_query = MagicMock()
+    mock_filter = MagicMock()
+    mock_filter.all.return_value = []
+    mock_specific_query.filter.return_value = mock_filter
+
+    def mock_query_func(*args, **kwargs):
+        return mock_specific_query
+
+    session.query = mock_query_func
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.group_db.get_db_session", lambda: mock_ctx)
+
+    result = query_group_ids_by_user("user_with_no_groups")
+
+    assert result == []
+
+
 def test_database_error_handling(monkeypatch, mock_session):
     """Test database error handling"""
     session, query = mock_session
diff --git a/test/backend/database/test_role_permission_db.py b/test/backend/database/test_role_permission_db.py
index 5bfbd6d76..15d13e53a 100644
--- a/test/backend/database/test_role_permission_db.py
+++ b/test/backend/database/test_role_permission_db.py
@@ -93,13 +93,8 @@ class MockSQLAlchemyError(Exception):
 from backend.database.role_permission_db import (
     get_role_permissions,
     get_all_role_permissions,
-    create_role_permission,
-    update_role_permission,
-    soft_delete_role_permission,
-    delete_role_permissions_by_role,
     check_role_permission,
-    get_permissions_by_category,
-    initialize_default_permissions
+    get_permissions_by_category
 )
 
 
@@ -173,101 +168,6 @@ def test_get_all_role_permissions_success(monkeypatch, mock_session):
     assert result[1]["user_role"] == "ADMIN"
 
 
-def test_create_role_permission_success(monkeypatch, mock_session):
-    """Test successfully creating role permission"""
-    session, _ = mock_session
-    session.add = MagicMock()
-
-    mock_permission = MockRolePermission()
-    mock_permission.role_permission_id = 123
-
-    mock_ctx = MagicMock()
-    mock_ctx.__enter__.return_value = session
-    mock_ctx.__exit__.return_value = None
-    monkeypatch.setattr("backend.database.role_permission_db.get_db_session", lambda: mock_ctx)
-
-    from unittest.mock import patch
-    with patch('backend.database.role_permission_db.RolePermission', return_value=mock_permission):
-        result = create_role_permission(
-            user_role="USER",
-            permission_category="KNOWLEDGE_BASE",
-            permission_type="KNOWLEDGE",
-            permission_subtype="READ",
-            created_by="test_user"
-        )
-
-    assert result == 123
-    session.add.assert_called_once_with(mock_permission)
-    session.flush.assert_called_once()
-
-
-def test_update_role_permission_success(monkeypatch, mock_session):
-    """Test successfully updating role permission"""
-    session, query = mock_session
-
-    # Setup query filter().update() chain
-    mock_update = MagicMock()
-    mock_update.return_value = 1  # 1 row affected
-    mock_filter = MagicMock()
-    mock_filter.update = mock_update
-    query.filter.return_value = mock_filter
-
-    mock_ctx = MagicMock()
-    mock_ctx.__enter__.return_value = session
-    mock_ctx.__exit__.return_value = None
-    monkeypatch.setattr("backend.database.role_permission_db.get_db_session", lambda: mock_ctx)
-
-    result = update_role_permission(
-        role_permission_id=123,
-        updates={"permission_category": "new_category"},
-        updated_by="test_user"
-    )
-
-    assert result is True
-
-
-def test_soft_delete_role_permission_success(monkeypatch, mock_session):
-    """Test successfully soft deleting role permission"""
-    session, query = mock_session
-
-    # Setup query filter().update() chain
-    mock_update = MagicMock()
-    mock_update.return_value = 1  # 1 row affected
-    mock_filter = MagicMock()
-    mock_filter.update = mock_update
-    query.filter.return_value = mock_filter
-
-    mock_ctx = MagicMock()
-    mock_ctx.__enter__.return_value = session
-    mock_ctx.__exit__.return_value = None
-    monkeypatch.setattr("backend.database.role_permission_db.get_db_session", lambda: mock_ctx)
-
-    result = soft_delete_role_permission(role_permission_id=123, updated_by="test_user")
-
-    assert result is True
-
-
-def test_delete_role_permissions_by_role_success(monkeypatch, mock_session):
-    """Test successfully deleting all permissions for a role"""
-    session, query = mock_session
-
-    # Setup query filter().update() chain
-    mock_update = MagicMock()
-    mock_update.return_value = 3  # 3 rows affected
-    mock_filter = MagicMock()
-    mock_filter.update = mock_update
-    query.filter.return_value = mock_filter
-
-    mock_ctx = MagicMock()
-    mock_ctx.__enter__.return_value = session
-    mock_ctx.__exit__.return_value = None
-    monkeypatch.setattr("backend.database.role_permission_db.get_db_session", lambda: mock_ctx)
-
-    result = delete_role_permissions_by_role("USER", updated_by="test_user")
-
-    assert result == 3
-
-
 def test_check_role_permission_true(monkeypatch, mock_session):
     """Test checking role permission - permission exists"""
     session, query = mock_session
@@ -369,33 +269,6 @@ def test_get_permissions_by_category_success(monkeypatch, mock_session):
     assert all(perm["permission_category"] == "KNOWLEDGE_BASE" for perm in result)
 
 
-def test_initialize_default_permissions_success(monkeypatch, mock_session):
-    """Test initializing default permissions"""
-    session, query = mock_session
-
-    # Mock that permissions don't exist yet
-    mock_filter = MagicMock()
-    mock_filter.first.return_value = None
-    query.filter.return_value = mock_filter
-
-    mock_ctx = MagicMock()
-    mock_ctx.__enter__.return_value = session
-    mock_ctx.__exit__.return_value = None
-    monkeypatch.setattr("backend.database.role_permission_db.get_db_session", lambda: mock_ctx)
-
-    # Mock create_role_permission to avoid actual creation
-    def mock_create(*args, **kwargs):
-        return 1
-
-    monkeypatch.setattr("backend.database.role_permission_db.create_role_permission", mock_create)
-
-    # Should not raise any exception
-    initialize_default_permissions()
-
-    # Verify create_role_permission was called multiple times for default permissions
-    # (We can't easily count calls with this mock setup, but we can ensure no exception)
-
-
 def test_database_error_handling(monkeypatch, mock_session):
     """Test database error handling"""
     session, query = mock_session
@@ -410,33 +283,6 @@ def test_database_error_handling(monkeypatch, mock_session):
         get_role_permissions("USER")
 
 
-def test_create_role_permission_with_none_fields(monkeypatch, mock_session):
-    """Test creating role permission with None fields"""
-    session, _ = mock_session
-    session.add = MagicMock()
-
-    mock_permission = MockRolePermission()
-    mock_permission.role_permission_id = 123
-
-    mock_ctx = MagicMock()
-    mock_ctx.__enter__.return_value = session
-    mock_ctx.__exit__.return_value = None
-    monkeypatch.setattr("backend.database.role_permission_db.get_db_session", lambda: mock_ctx)
-
-    from unittest.mock import patch
-    with patch('backend.database.role_permission_db.RolePermission', return_value=mock_permission):
-        result = create_role_permission(
-            user_role="USER",
-            permission_category=None,
-            permission_type=None,
-            permission_subtype=None,
-            created_by="test_user"
-        )
-
-    assert result == 123
-    session.add.assert_called_once_with(mock_permission)
-
-
 def test_check_role_permission_partial_match(monkeypatch, mock_session):
     """Test checking role permission with partial criteria"""
     session, query = mock_session
diff --git a/test/backend/database/test_tenant_config_db.py b/test/backend/database/test_tenant_config_db.py
new file mode 100644
index 000000000..1a139e2ec
--- /dev/null
+++ b/test/backend/database/test_tenant_config_db.py
@@ -0,0 +1,539 @@
+import sys
+import os
+sys.path.insert(0, os.path.join(os.path.dirname(__file__), "../../.."))
+
+import pytest
+from unittest.mock import MagicMock
+
+# First mock the consts module to avoid ModuleNotFoundError
+consts_mock = MagicMock()
+consts_mock.const = MagicMock()
+# Set required constants in consts.const
+consts_mock.const.MINIO_ENDPOINT = "http://localhost:9000"
+consts_mock.const.MINIO_ACCESS_KEY = "test_access_key"
+consts_mock.const.MINIO_SECRET_KEY = "test_secret_key"
+consts_mock.const.MINIO_REGION = "us-east-1"
+consts_mock.const.MINIO_DEFAULT_BUCKET = "test-bucket"
+consts_mock.const.POSTGRES_HOST = "localhost"
+consts_mock.const.POSTGRES_USER = "test_user"
+consts_mock.const.NEXENT_POSTGRES_PASSWORD = "test_password"
+consts_mock.const.POSTGRES_DB = "test_db"
+consts_mock.const.POSTGRES_PORT = 5432
+consts_mock.const.DEFAULT_TENANT_ID = "default_tenant"
+consts_mock.const.TENANT_ID = "tenant_id"
+
+# Add the mocked consts module to sys.modules
+sys.modules['consts'] = consts_mock
+sys.modules['consts.const'] = consts_mock.const
+
+# Mock utils module
+utils_mock = MagicMock()
+utils_mock.auth_utils = MagicMock()
+utils_mock.auth_utils.get_current_user_id_from_token = MagicMock(return_value="test_user_id")
+
+# Add the mocked utils module to sys.modules
+sys.modules['utils'] = utils_mock
+sys.modules['utils.auth_utils'] = utils_mock.auth_utils
+
+# Mock the entire client module
+client_mock = MagicMock()
+client_mock.MinioClient = MagicMock()
+client_mock.PostgresClient = MagicMock()
+client_mock.db_client = MagicMock()
+client_mock.get_db_session = MagicMock()
+client_mock.as_dict = MagicMock()
+client_mock.filter_property = MagicMock()
+
+# Add the mocked client module to sys.modules
+sys.modules['database.client'] = client_mock
+sys.modules['backend.database.client'] = client_mock
+
+# Mock db_models module
+db_models_mock = MagicMock()
+db_models_mock.TenantConfig = MagicMock()
+
+class MockTenantConfig:
+    def __init__(self, **kwargs):
+        self.tenant_config_id = kwargs.get('tenant_config_id', 1)
+        self.tenant_id = kwargs.get('tenant_id', 'test_tenant')
+        self.user_id = kwargs.get('user_id', 'test_user')
+        self.config_key = kwargs.get('config_key', 'test_key')
+        self.config_value = kwargs.get('config_value', 'test_value')
+        self.created_by = kwargs.get('created_by', 'test_user')
+        self.updated_by = kwargs.get('updated_by', 'test_user')
+        self.delete_flag = kwargs.get('delete_flag', 'N')
+        self.create_time = kwargs.get('create_time', '2024-01-01 00:00:00')
+        self.update_time = kwargs.get('update_time', '2024-01-01 00:00:00')
+
+# Add the mocked db_models module to sys.modules
+sys.modules['database.db_models'] = db_models_mock
+sys.modules['backend.database.db_models'] = db_models_mock
+
+# Mock sqlalchemy module
+sqlalchemy_mock = MagicMock()
+sqlalchemy_mock.exc = MagicMock()
+
+class MockSQLAlchemyError(Exception):
+    pass
+
+sqlalchemy_mock.exc.SQLAlchemyError = MockSQLAlchemyError
+
+# Add the mocked sqlalchemy module to sys.modules
+sys.modules['sqlalchemy'] = sqlalchemy_mock
+sys.modules['sqlalchemy.exc'] = sqlalchemy_mock.exc
+
+# Now we can safely import the module under test
+from backend.database.tenant_config_db import (
+    get_all_configs_by_tenant_id,
+    get_tenant_config_info,
+    get_single_config_info,
+    insert_config,
+    delete_config_by_tenant_config_id,
+    delete_config,
+    update_config_by_tenant_config_id,
+    update_config_by_tenant_config_id_and_data,
+    get_all_tenant_ids
+)
+
+
+@pytest.fixture
+def mock_session():
+    """Create mock database session"""
+    mock_session = MagicMock()
+    mock_query = MagicMock()
+    mock_session.query.return_value = mock_query
+    return mock_session, mock_query
+
+
+def test_get_all_configs_by_tenant_id_success(monkeypatch, mock_session):
+    """Test successfully retrieving all configs for a tenant"""
+    session, query = mock_session
+
+    mock_config1 = MockTenantConfig(
+        tenant_config_id=1,
+        config_key="key1",
+        config_value="value1",
+        update_time="2024-01-01 10:00:00"
+    )
+    mock_config2 = MockTenantConfig(
+        tenant_config_id=2,
+        config_key="key2",
+        config_value="value2",
+        update_time="2024-01-01 11:00:00"
+    )
+
+    mock_filter = MagicMock()
+    mock_filter.all.return_value = [mock_config1, mock_config2]
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.tenant_config_db.get_db_session", lambda: mock_ctx)
+
+    result = get_all_configs_by_tenant_id("test_tenant")
+
+    assert len(result) == 2
+    assert result[0]["config_key"] == "key1"
+    assert result[0]["config_value"] == "value1"
+    assert result[1]["config_key"] == "key2"
+    assert result[1]["config_value"] == "value2"
+
+
+def test_get_all_configs_by_tenant_id_empty(monkeypatch, mock_session):
+    """Test retrieving configs when none exist"""
+    session, query = mock_session
+
+    mock_filter = MagicMock()
+    mock_filter.all.return_value = []
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.tenant_config_db.get_db_session", lambda: mock_ctx)
+
+    result = get_all_configs_by_tenant_id("test_tenant")
+
+    assert result == []
+
+
+def test_get_tenant_config_info_success(monkeypatch, mock_session):
+    """Test successfully retrieving tenant config info for user and key"""
+    session, query = mock_session
+
+    mock_config = MockTenantConfig(
+        config_value="test_value",
+        tenant_config_id=123
+    )
+
+    mock_filter = MagicMock()
+    mock_filter.all.return_value = [mock_config]
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.tenant_config_db.get_db_session", lambda: mock_ctx)
+
+    result = get_tenant_config_info("test_tenant", "test_user", "test_key")
+
+    assert len(result) == 1
+    assert result[0]["config_value"] == "test_value"
+    assert result[0]["tenant_config_id"] == 123
+
+
+def test_get_tenant_config_info_not_found(monkeypatch, mock_session):
+    """Test retrieving tenant config info when not found"""
+    session, query = mock_session
+
+    mock_filter = MagicMock()
+    mock_filter.all.return_value = []
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.tenant_config_db.get_db_session", lambda: mock_ctx)
+
+    result = get_tenant_config_info("test_tenant", "test_user", "test_key")
+
+    assert result == []
+
+
+def test_get_single_config_info_success(monkeypatch, mock_session):
+    """Test successfully retrieving single config info"""
+    session, query = mock_session
+
+    mock_config = MockTenantConfig(
+        config_value="single_value",
+        tenant_config_id=456
+    )
+
+    mock_filter = MagicMock()
+    mock_filter.first.return_value = mock_config
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.tenant_config_db.get_db_session", lambda: mock_ctx)
+
+    result = get_single_config_info("test_tenant", "test_key")
+
+    assert result["config_value"] == "single_value"
+    assert result["tenant_config_id"] == 456
+
+
+def test_get_single_config_info_not_found(monkeypatch, mock_session):
+    """Test retrieving single config info when not found"""
+    session, query = mock_session
+
+    mock_filter = MagicMock()
+    mock_filter.first.return_value = None
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.tenant_config_db.get_db_session", lambda: mock_ctx)
+
+    result = get_single_config_info("test_tenant", "test_key")
+
+    assert result == {}
+
+
+def test_insert_config_success(monkeypatch, mock_session):
+    """Test successfully inserting config"""
+    session, _ = mock_session
+    session.add = MagicMock()
+    session.commit = MagicMock()
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.tenant_config_db.get_db_session", lambda: mock_ctx)
+
+    insert_data = {
+        "tenant_id": "test_tenant",
+        "user_id": "test_user",
+        "config_key": "test_key",
+        "config_value": "test_value"
+    }
+
+    result = insert_config(insert_data)
+
+    assert result is True
+    session.add.assert_called_once()
+    session.commit.assert_called_once()
+
+
+def test_insert_config_failure(monkeypatch, mock_session):
+    """Test inserting config with database error"""
+    session, _ = mock_session
+    session.add = MagicMock()
+    session.commit = MagicMock(side_effect=MockSQLAlchemyError("Insert failed"))
+    session.rollback = MagicMock()
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.tenant_config_db.get_db_session", lambda: mock_ctx)
+
+    insert_data = {
+        "tenant_id": "test_tenant",
+        "user_id": "test_user",
+        "config_key": "test_key",
+        "config_value": "test_value"
+    }
+
+    result = insert_config(insert_data)
+
+    assert result is False
+    session.rollback.assert_called_once()
+
+
+def test_delete_config_by_tenant_config_id_success(monkeypatch, mock_session):
+    """Test successfully deleting config by tenant config ID"""
+    session, query = mock_session
+
+    mock_update = MagicMock()
+    mock_update.return_value = 1  # 1 row affected
+    mock_filter = MagicMock()
+    mock_filter.update = mock_update
+    query.filter.return_value = mock_filter
+
+    session.commit = MagicMock()
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.tenant_config_db.get_db_session", lambda: mock_ctx)
+
+    result = delete_config_by_tenant_config_id(123)
+
+    assert result is True
+    session.commit.assert_called_once()
+
+
+def test_delete_config_by_tenant_config_id_failure(monkeypatch, mock_session):
+    """Test deleting config by tenant config ID with database error"""
+    session, query = mock_session
+
+    mock_filter = MagicMock()
+    mock_filter.update = MagicMock(side_effect=MockSQLAlchemyError("Delete failed"))
+    query.filter.return_value = mock_filter
+
+    session.rollback = MagicMock()
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.tenant_config_db.get_db_session", lambda: mock_ctx)
+
+    result = delete_config_by_tenant_config_id(123)
+
+    assert result is False
+    session.rollback.assert_called_once()
+
+
+def test_delete_config_success(monkeypatch, mock_session):
+    """Test successfully deleting config"""
+    session, query = mock_session
+
+    mock_update = MagicMock()
+    mock_update.return_value = 1  # 1 row affected
+    mock_filter = MagicMock()
+    mock_filter.update = mock_update
+    query.filter.return_value = mock_filter
+
+    session.commit = MagicMock()
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.tenant_config_db.get_db_session", lambda: mock_ctx)
+
+    result = delete_config("test_tenant", "test_user", "test_key", "test_value")
+
+    assert result is True
+    session.commit.assert_called_once()
+
+
+def test_delete_config_failure(monkeypatch, mock_session):
+    """Test deleting config with database error"""
+    session, query = mock_session
+
+    mock_filter = MagicMock()
+    mock_filter.update = MagicMock(side_effect=MockSQLAlchemyError("Delete failed"))
+    query.filter.return_value = mock_filter
+
+    session.rollback = MagicMock()
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.tenant_config_db.get_db_session", lambda: mock_ctx)
+
+    result = delete_config("test_tenant", "test_user", "test_key", "test_value")
+
+    assert result is False
+    session.rollback.assert_called_once()
+
+
+def test_update_config_by_tenant_config_id_success(monkeypatch, mock_session):
+    """Test successfully updating config by tenant config ID"""
+    session, query = mock_session
+
+    mock_update = MagicMock()
+    mock_update.return_value = 1  # 1 row affected
+    mock_filter = MagicMock()
+    mock_filter.update = mock_update
+    query.filter.return_value = mock_filter
+
+    session.commit = MagicMock()
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.tenant_config_db.get_db_session", lambda: mock_ctx)
+
+    result = update_config_by_tenant_config_id(123, "new_value")
+
+    assert result is True
+    session.commit.assert_called_once()
+
+
+def test_update_config_by_tenant_config_id_failure(monkeypatch, mock_session):
+    """Test updating config by tenant config ID with database error"""
+    session, query = mock_session
+
+    mock_filter = MagicMock()
+    mock_filter.update = MagicMock(side_effect=MockSQLAlchemyError("Update failed"))
+    query.filter.return_value = mock_filter
+
+    session.rollback = MagicMock()
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.tenant_config_db.get_db_session", lambda: mock_ctx)
+
+    result = update_config_by_tenant_config_id(123, "new_value")
+
+    assert result is False
+    session.rollback.assert_called_once()
+
+
+def test_update_config_by_tenant_config_id_and_data_success(monkeypatch, mock_session):
+    """Test successfully updating config by tenant config ID and data"""
+    session, query = mock_session
+
+    mock_update = MagicMock()
+    mock_update.return_value = 1  # 1 row affected
+    mock_filter = MagicMock()
+    mock_filter.update = mock_update
+    query.filter.return_value = mock_filter
+
+    session.commit = MagicMock()
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.tenant_config_db.get_db_session", lambda: mock_ctx)
+
+    update_data = {"config_value": "new_value", "updated_by": "test_user"}
+    result = update_config_by_tenant_config_id_and_data(123, update_data)
+
+    assert result is True
+    session.commit.assert_called_once()
+
+
+def test_update_config_by_tenant_config_id_and_data_failure(monkeypatch, mock_session):
+    """Test updating config by tenant config ID and data with database error"""
+    session, query = mock_session
+
+    mock_filter = MagicMock()
+    mock_filter.update = MagicMock(side_effect=MockSQLAlchemyError("Update failed"))
+    query.filter.return_value = mock_filter
+
+    session.rollback = MagicMock()
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.tenant_config_db.get_db_session", lambda: mock_ctx)
+
+    update_data = {"config_value": "new_value", "updated_by": "test_user"}
+    result = update_config_by_tenant_config_id_and_data(123, update_data)
+
+    assert result is False
+    session.rollback.assert_called_once()
+
+
+def test_get_all_tenant_ids_success(monkeypatch, mock_session):
+    """Test successfully retrieving all tenant IDs"""
+    session, _ = mock_session
+
+    # Create a mock query chain that returns tenant IDs
+    mock_distinct = MagicMock()
+    mock_distinct.all.return_value = [("tenant1",), ("tenant2",), ("tenant3",)]
+
+    mock_filter = MagicMock()
+    mock_filter.distinct.return_value = mock_distinct
+
+    mock_specific_query = MagicMock()
+    mock_specific_query.filter.return_value = mock_filter
+
+    def mock_query_func(*args, **kwargs):
+        return mock_specific_query
+
+    session.query = mock_query_func
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.tenant_config_db.get_db_session", lambda: mock_ctx)
+
+    result = get_all_tenant_ids()
+
+    assert result == ["tenant1", "tenant2", "tenant3"]
+
+
+def test_get_all_tenant_ids_empty(monkeypatch, mock_session):
+    """Test retrieving tenant IDs when none exist"""
+    session, _ = mock_session
+
+    # Create a mock query that returns empty result
+    mock_specific_query = MagicMock()
+    mock_filter = MagicMock()
+    mock_filter.all.return_value = []
+    mock_specific_query.filter.return_value = mock_filter
+
+    def mock_query_func(*args, **kwargs):
+        return mock_specific_query
+
+    session.query = mock_query_func
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.tenant_config_db.get_db_session", lambda: mock_ctx)
+
+    result = get_all_tenant_ids()
+
+    assert result == []
+
+
+def test_database_error_handling(monkeypatch, mock_session):
+    """Test database error handling across functions"""
+    session, query = mock_session
+    query.filter.side_effect = MockSQLAlchemyError("Database error")
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.tenant_config_db.get_db_session", lambda: mock_ctx)
+
+    with pytest.raises(MockSQLAlchemyError, match="Database error"):
+        get_all_configs_by_tenant_id("test_tenant")
diff --git a/test/backend/services/test_invitation_service.py b/test/backend/services/test_invitation_service.py
index a19eaee27..5e5ff83e9 100644
--- a/test/backend/services/test_invitation_service.py
+++ b/test/backend/services/test_invitation_service.py
@@ -22,6 +22,7 @@
     use_invitation_code,
     update_invitation_code_status,
     get_invitations_list,
+    delete_invitation_code,
     _generate_unique_invitation_code,
     _normalize_invitation_data,
     get_invitation_by_code,
@@ -402,17 +403,20 @@ def test_normalize_invitation_data_group_ids_conversion():
     assert result["group_ids"] == [4, 5, 6]
 
 
+@patch('backend.services.invitation_service.count_invitation_usage')
 @patch('backend.services.invitation_service.query_invitation_by_code')
-def test_get_invitation_by_code_success(mock_query_invitation_by_code):
+def test_get_invitation_by_code_success(mock_query_invitation_by_code, mock_count_usage):
     """Test get_invitation_by_code function success case (lines 217-218)"""
     mock_data = {
         "invitation_id": 123,
         "invitation_code": "ABC123",
         "code_type": "ADMIN_INVITE",
         "group_ids": "1,2,3",  # Comma-separated string format from database
-        "capacity": 5
+        "capacity": 5,
+        "status": "IN_USE"
     }
     mock_query_invitation_by_code.return_value = mock_data
+    mock_count_usage.return_value = 2  # Less than capacity, so status should remain IN_USE
 
     result = get_invitation_by_code("ABC123")
 
@@ -420,7 +424,9 @@ def test_get_invitation_by_code_success(mock_query_invitation_by_code):
     assert result["invitation_id"] == 123
     assert result["invitation_code"] == "ABC123"
     assert result["group_ids"] == [1, 2, 3]  # Should be normalized
+    assert result["status"] == "IN_USE"  # Should maintain status
     mock_query_invitation_by_code.assert_called_once_with("ABC123")
+    mock_count_usage.assert_called_once_with(123)
 
 
 @patch('backend.services.invitation_service.query_invitation_by_code')
@@ -810,3 +816,51 @@ def test_get_invitations_list_unauthorized_user_role_all_tenants(mock_get_user,
             page_size=10,
             user_id="test_user"
         )
+
+
+@patch('backend.services.invitation_service.get_user_tenant_by_user_id')
+@patch('backend.services.invitation_service.query_invitation_by_id')
+@patch('backend.services.invitation_service.remove_invitation')
+def test_delete_invitation_code_success(mock_remove_invitation, mock_query_invitation, mock_get_user, mock_user_info):
+    """Test deleting invitation code successfully"""
+    mock_get_user.return_value = mock_user_info
+    mock_query_invitation.return_value = {"invitation_id": 123}
+    mock_remove_invitation.return_value = True
+
+    result = delete_invitation_code(
+        invitation_id=123,
+        user_id="test_user"
+    )
+
+    assert result is True
+    mock_remove_invitation.assert_called_once_with(
+        invitation_id=123,
+        updated_by="test_user"
+    )
+
+
+@patch('backend.services.invitation_service.get_user_tenant_by_user_id')
+def test_delete_invitation_code_unauthorized_user_role(mock_get_user, mock_user_info):
+    """Test deleting invitation code with insufficient permissions"""
+    mock_user_info["user_role"] = "USER"
+    mock_get_user.return_value = mock_user_info
+
+    with pytest.raises(UnauthorizedError, match="not authorized to delete invitation codes"):
+        delete_invitation_code(
+            invitation_id=123,
+            user_id="test_user"
+        )
+
+
+@patch('backend.services.invitation_service.get_user_tenant_by_user_id')
+@patch('backend.services.invitation_service.query_invitation_by_id')
+def test_delete_invitation_code_not_found(mock_query_invitation, mock_get_user, mock_user_info):
+    """Test deleting non-existent invitation code"""
+    mock_get_user.return_value = mock_user_info
+    mock_query_invitation.return_value = None
+
+    with pytest.raises(NotFoundException, match="Invitation 123 not found"):
+        delete_invitation_code(
+            invitation_id=123,
+            user_id="test_user"
+        )
diff --git a/test/backend/services/test_user_management_service.py b/test/backend/services/test_user_management_service.py
index 0e6ae9077..3c13aab7d 100644
--- a/test/backend/services/test_user_management_service.py
+++ b/test/backend/services/test_user_management_service.py
@@ -57,6 +57,7 @@
         get_session_by_authorization,
         revoke_regular_user,
         get_user_info,
+        get_permissions_by_role,
     )
 
 # Functions to test
@@ -1112,6 +1113,69 @@ async def test_get_user_info_exception_handling(self, mock_query_group_ids, mock
         assert result is None
 
 
+class TestGetRolePermissionsByRole(unittest.IsolatedAsyncioTestCase):
+    """Test get_permissions_by_role function"""
+
+    @patch('backend.services.user_management_service.get_role_permissions')
+    async def test_get_permissions_by_role_success(self, mock_get_permissions):
+        """Test successfully getting role permissions"""
+        # Setup mock data
+        mock_permissions = [
+            {
+                "role_permission_id": 1,
+                "user_role": "USER",
+                "permission_category": "KNOWLEDGE_BASE",
+                "permission_type": "KNOWLEDGE",
+                "permission_subtype": "READ"
+            },
+            {
+                "role_permission_id": 2,
+                "user_role": "USER",
+                "permission_category": "AGENT_MANAGEMENT",
+                "permission_type": "AGENT",
+                "permission_subtype": "READ"
+            }
+        ]
+        mock_get_permissions.return_value = mock_permissions
+
+        # Execute
+        result = await get_permissions_by_role("USER")
+
+        # Assert
+        assert result["user_role"] == "USER"
+        assert len(result["permissions"]) == 2
+        assert result["total_permissions"] == 2
+        assert "Successfully retrieved 2 permissions" in result["message"]
+        mock_get_permissions.assert_called_once_with("USER")
+
+    @patch('backend.services.user_management_service.get_role_permissions')
+    async def test_get_permissions_by_role_empty_result(self, mock_get_permissions):
+        """Test getting role permissions with empty result"""
+        # Setup mock to return empty list
+        mock_get_permissions.return_value = []
+
+        # Execute
+        result = await get_permissions_by_role("NONEXISTENT_ROLE")
+
+        # Assert
+        assert result["user_role"] == "NONEXISTENT_ROLE"
+        assert len(result["permissions"]) == 0
+        assert result["total_permissions"] == 0
+        assert "Successfully retrieved 0 permissions" in result["message"]
+
+    @patch('backend.services.user_management_service.get_role_permissions')
+    async def test_get_permissions_by_role_exception_handling(self, mock_get_permissions):
+        """Test exception handling in get_permissions_by_role"""
+        # Setup mock to raise exception
+        mock_get_permissions.side_effect = Exception("Database connection failed")
+
+        # Execute and assert
+        with self.assertRaises(Exception) as context:
+            await get_permissions_by_role("USER")
+
+        assert "Failed to retrieve permissions for role USER" in str(context.exception)
+
+
 class TestIntegrationScenarios(unittest.IsolatedAsyncioTestCase):
     """Integration test scenarios"""
 
diff --git a/test/backend/services/test_vectordatabase_service.py b/test/backend/services/test_vectordatabase_service.py
index 304b9327d..feccb9f17 100644
--- a/test/backend/services/test_vectordatabase_service.py
+++ b/test/backend/services/test_vectordatabase_service.py
@@ -681,6 +681,64 @@ def test_list_indices_creator_permission(self, mock_get_knowledge, mock_get_user
         self.assertIn("index1", result["indices"])
         self.assertIn("index2", result["indices"])
 
+    @patch('backend.services.vectordatabase_service.query_group_ids_by_user')
+    @patch('backend.services.vectordatabase_service.get_user_tenant_by_user_id')
+    @patch('backend.services.vectordatabase_service.get_knowledge_info_by_tenant_id')
+    def test_list_indices_fallback_admin_logic(self, mock_get_knowledge, mock_get_user_tenant, mock_get_group_ids):
+        """
+        Test the fallback admin logic when user_id equals tenant_id.
+
+        This test verifies that:
+        1. When user_id equals tenant_id, user is treated as legacy admin regardless of user_role
+        2. Legacy admin gets EDIT permission on all knowledgebases in their tenant
+        3. Debug log is recorded for legacy admin identification
+        """
+        # Setup
+        self.mock_vdb_core.get_user_indices.return_value = ["index1", "index2"]
+        mock_get_knowledge.return_value = [
+            {
+                "index_name": "index1",
+                "embedding_model_name": "test-model",
+                "group_ids": "1,2",
+                "tenant_id": "legacy_admin_user"  # Same as user_id
+            },
+            {
+                "index_name": "index2",
+                "embedding_model_name": "test-model",
+                "group_ids": "3",
+                "tenant_id": "legacy_admin_user"  # Same as user_id
+            }
+        ]
+        # user_role is None to test fallback logic
+        mock_get_user_tenant.return_value = {
+            "user_role": None, "tenant_id": "legacy_admin_user"}
+        mock_get_group_ids.return_value = []
+
+        # Execute
+        with patch('backend.services.vectordatabase_service.logger') as mock_logger:
+            result = ElasticSearchService.list_indices(
+                pattern="*",
+                include_stats=True,  # Need stats to see permissions
+                tenant_id="legacy_admin_user",
+                user_id="legacy_admin_user",  # user_id equals tenant_id
+                vdb_core=self.mock_vdb_core
+            )
+
+        # Assert
+        self.assertEqual(len(result["indices"]), 2)
+        self.assertEqual(result["count"], 2)
+        self.assertEqual(len(result["indices_info"]), 2)
+
+        # Both knowledgebases should have EDIT permission due to legacy admin fallback
+        for kb_info in result["indices_info"]:
+            self.assertEqual(kb_info["permission"], "EDIT")
+
+        # Verify debug log was called (once for each index)
+        mock_logger.debug.assert_has_calls([
+            ((f"User legacy_admin_user identified as legacy admin (user_id equals tenant_id)",), {})
+            for _ in range(2)
+        ])
+
     def test_vectorize_documents_success(self):
         """
         Test successful document indexing.

From d466e705064de045cece2e08084577149f2f90c0 Mon Sep 17 00:00:00 2001
From: xuyaqi <xuyaqist@gmail.com>
Date: Fri, 16 Jan 2026 10:00:25 +0800
Subject: [PATCH 34/38] fix workflow

---
 frontend/app/[locale]/agents/components/AgentInfoComp.tsx | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/frontend/app/[locale]/agents/components/AgentInfoComp.tsx b/frontend/app/[locale]/agents/components/AgentInfoComp.tsx
index bb64b3ed6..055b6e99a 100644
--- a/frontend/app/[locale]/agents/components/AgentInfoComp.tsx
+++ b/frontend/app/[locale]/agents/components/AgentInfoComp.tsx
@@ -1,6 +1,6 @@
 "use client";
 
-import { useState, useEffect } from "react";
+import { useState } from "react";
 import { useTranslation } from "react-i18next";
 import { Row, Col, Flex, Badge, Divider, Button, Drawer, App } from "antd";
 import { Bug, Save, Info } from "lucide-react";
@@ -25,7 +25,7 @@ export default function AgentInfoComp({}: AgentInfoCompProps) {
   // Get state from store
   const currentAgentId = useAgentConfigStore((state) => state.currentAgentId);
 
-  const editable = currentAgentId || isCreatingMode;
+  const editable = currentAgentId !== null;
 
   // Save guard hook
   const saveGuard = useSaveGuard();

From 76cc6f8e352e6d52f8daf9637c7ffe980e8f8bf4 Mon Sep 17 00:00:00 2001
From: xuyaqi <xuyaqist@gmail.com>
Date: Fri, 16 Jan 2026 10:00:49 +0800
Subject: [PATCH 35/38] Revert "fix workflow"

This reverts commit d466e705064de045cece2e08084577149f2f90c0.
---
 frontend/app/[locale]/agents/components/AgentInfoComp.tsx | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/frontend/app/[locale]/agents/components/AgentInfoComp.tsx b/frontend/app/[locale]/agents/components/AgentInfoComp.tsx
index 055b6e99a..bb64b3ed6 100644
--- a/frontend/app/[locale]/agents/components/AgentInfoComp.tsx
+++ b/frontend/app/[locale]/agents/components/AgentInfoComp.tsx
@@ -1,6 +1,6 @@
 "use client";
 
-import { useState } from "react";
+import { useState, useEffect } from "react";
 import { useTranslation } from "react-i18next";
 import { Row, Col, Flex, Badge, Divider, Button, Drawer, App } from "antd";
 import { Bug, Save, Info } from "lucide-react";
@@ -25,7 +25,7 @@ export default function AgentInfoComp({}: AgentInfoCompProps) {
   // Get state from store
   const currentAgentId = useAgentConfigStore((state) => state.currentAgentId);
 
-  const editable = currentAgentId !== null;
+  const editable = currentAgentId || isCreatingMode;
 
   // Save guard hook
   const saveGuard = useSaveGuard();

From a664497239bd7886f3f1488adacc6af200894174 Mon Sep 17 00:00:00 2001
From: xuyaqi <xuyaqist@gmail.com>
Date: Fri, 16 Jan 2026 10:02:14 +0800
Subject: [PATCH 36/38] fix workflow

---
 frontend/app/[locale]/agents/components/AgentInfoComp.tsx | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/frontend/app/[locale]/agents/components/AgentInfoComp.tsx b/frontend/app/[locale]/agents/components/AgentInfoComp.tsx
index bb64b3ed6..20d7b72c4 100644
--- a/frontend/app/[locale]/agents/components/AgentInfoComp.tsx
+++ b/frontend/app/[locale]/agents/components/AgentInfoComp.tsx
@@ -1,6 +1,6 @@
 "use client";
 
-import { useState, useEffect } from "react";
+import { useState } from "react";
 import { useTranslation } from "react-i18next";
 import { Row, Col, Flex, Badge, Divider, Button, Drawer, App } from "antd";
 import { Bug, Save, Info } from "lucide-react";
@@ -25,7 +25,8 @@ export default function AgentInfoComp({}: AgentInfoCompProps) {
   // Get state from store
   const currentAgentId = useAgentConfigStore((state) => state.currentAgentId);
 
-  const editable = currentAgentId || isCreatingMode;
+  const editable =
+    (currentAgentId != null && currentAgentId != undefined) || isCreatingMode;
 
   // Save guard hook
   const saveGuard = useSaveGuard();

From 5184c0079973735bf337919ae0d2c585afb69de1 Mon Sep 17 00:00:00 2001
From: Jasonxia007 <iamjasonxia@126.com>
Date: Fri, 16 Jan 2026 11:46:43 +0800
Subject: [PATCH 37/38] =?UTF-8?q?=E2=99=BB=EF=B8=8F=20[WIP]=20User=20Manag?=
 =?UTF-8?q?ement=20Part3:=20Add=20app=20routes=20and=20revise=20some=20ser?=
 =?UTF-8?q?vice=20logic=20=F0=9F=90=9B=20Bugfix:=20legacy=20admin=20cannot?=
 =?UTF-8?q?=20see=20full=20knowledgebase=20list=20=F0=9F=90=9B=20Bugfix:?=
 =?UTF-8?q?=20knowledgebase=20duplicate=20name=20check=20problem?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 backend/apps/vectordatabase_app.py            |  18 +-
 backend/database/knowledge_db.py              |   7 +-
 backend/services/vectordatabase_service.py    |  77 ++----
 frontend/services/api.ts                      |   2 +-
 frontend/services/knowledgeBaseService.ts     |  10 +-
 test/backend/app/test_vectordatabase_app.py   |  18 +-
 test/backend/database/test_knowledge_db.py    |  73 +++++-
 .../services/test_invitation_service.py       | 172 +++++++++++++
 .../services/test_user_management_service.py  | 126 ++++++++++
 .../services/test_vectordatabase_service.py   | 225 ++++++------------
 10 files changed, 491 insertions(+), 237 deletions(-)

diff --git a/backend/apps/vectordatabase_app.py b/backend/apps/vectordatabase_app.py
index 39b94fbd0..7d01c10d7 100644
--- a/backend/apps/vectordatabase_app.py
+++ b/backend/apps/vectordatabase_app.py
@@ -25,21 +25,27 @@
 logger = logging.getLogger("vectordatabase_app")
 
 
-@router.get("/check_exist/{index_name}")
+@router.post("/check_exist")
 async def check_knowledge_base_exist(
-        index_name: str = Path(..., description="Name of the index to check"),
+        request: Dict[str, str] = Body(
+            ..., description="Request body containing knowledge base name"),
         vdb_core: VectorDatabaseCore = Depends(get_vector_db_core),
         authorization: Optional[str] = Header(None)
 ):
-    """Check if a knowledge base name exists and in which scope."""
+    """Check if a knowledge base name exists in the current tenant."""
     try:
+        knowledge_name = request.get("knowledge_name", "")
+        if not knowledge_name:
+            raise HTTPException(
+                status_code=HTTPStatus.BAD_REQUEST, detail="Knowledge base name is required")
+
         user_id, tenant_id = get_current_user_id(authorization)
-        return check_knowledge_base_exist_impl(index_name=index_name, vdb_core=vdb_core, user_id=user_id, tenant_id=tenant_id)
+        return check_knowledge_base_exist_impl(knowledge_name=knowledge_name, vdb_core=vdb_core, user_id=user_id, tenant_id=tenant_id)
     except Exception as e:
         logger.error(
-            f"Error checking knowledge base existence for '{index_name}': {str(e)}", exc_info=True)
+            f"Error checking knowledge base existence for '{knowledge_name}': {str(e)}", exc_info=True)
         raise HTTPException(
-            status_code=HTTPStatus.INTERNAL_SERVER_ERROR, detail=f"Error checking existence for index: {str(e)}")
+            status_code=HTTPStatus.INTERNAL_SERVER_ERROR, detail=f"Error checking existence for knowledge base: {str(e)}")
 
 
 @router.post("/{index_name}")
diff --git a/backend/database/knowledge_db.py b/backend/database/knowledge_db.py
index f270cf7bf..7f60f873c 100644
--- a/backend/database/knowledge_db.py
+++ b/backend/database/knowledge_db.py
@@ -172,9 +172,14 @@ def get_knowledge_record(query: Optional[Dict[str, Any]] = None) -> Dict[str, An
         with get_db_session() as session:
             db_query = session.query(KnowledgeRecord).filter(
                 KnowledgeRecord.delete_flag != 'Y',
-                KnowledgeRecord.index_name == query['index_name'],
             )
 
+            # Support both index_name and knowledge_name queries
+            if 'index_name' in query:
+                db_query = db_query.filter(KnowledgeRecord.index_name == query['index_name'])
+            elif 'knowledge_name' in query:
+                db_query = db_query.filter(KnowledgeRecord.knowledge_name == query['knowledge_name'])
+
             # Add tenant_id filter only if it is provided in the query
             if 'tenant_id' in query and query['tenant_id'] is not None:
                 db_query = db_query.filter(
diff --git a/backend/services/vectordatabase_service.py b/backend/services/vectordatabase_service.py
index 0095bb7ad..497aebfe7 100644
--- a/backend/services/vectordatabase_service.py
+++ b/backend/services/vectordatabase_service.py
@@ -24,7 +24,7 @@
 from nexent.vector_database.base import VectorDatabaseCore
 from nexent.vector_database.elasticsearch_core import ElasticSearchCore
 
-from consts.const import ES_API_KEY, ES_HOST, LANGUAGE, VectorDatabaseType
+from consts.const import DEFAULT_TENANT_ID, DEFAULT_USER_ID, ES_API_KEY, ES_HOST, LANGUAGE, VectorDatabaseType
 from consts.model import ChunkCreateRequest, ChunkUpdateRequest
 from database.attachment_db import delete_file
 from database.knowledge_db import (
@@ -131,12 +131,12 @@ def _rethrow_or_plain(exc: Exception) -> None:
     raise Exception(msg)
 
 
-def check_knowledge_base_exist_impl(index_name: str, vdb_core: VectorDatabaseCore, user_id: str, tenant_id: str) -> dict:
+def check_knowledge_base_exist_impl(knowledge_name: str, vdb_core: VectorDatabaseCore, user_id: str, tenant_id: str) -> dict:
     """
     Check knowledge base existence and handle orphan cases
 
     Args:
-        index_name: Name of the index to check
+        knowledge_name: Name of the knowledge base to check
         vdb_core: Elasticsearch core instance
         user_id: Current user ID
         tenant_id: Current tenant ID
@@ -144,59 +144,16 @@ def check_knowledge_base_exist_impl(index_name: str, vdb_core: VectorDatabaseCor
     Returns:
         dict: Status information about the knowledge base
     """
-    # 1. Check index existence in ES and corresponding record in PG
-    es_exists = vdb_core.check_index_exists(index_name)
-    pg_record = get_knowledge_record({"index_name": index_name})
+    # 1. Check if knowledge_name exists in PG for the current tenant
+    pg_record = get_knowledge_record(
+        {"knowledge_name": knowledge_name, "tenant_id": tenant_id})
 
-    # Case A: Orphan in ES only (exists in ES, missing in PG)
-    if es_exists and not pg_record:
-        logger.warning(
-            f"Detected orphan knowledge base '{index_name}' – present in ES, absent in PG. Deleting ES index only.")
-        try:
-            vdb_core.delete_index(index_name)
-            # Clean up Redis records related to this index to avoid stale tasks
-            try:
-                redis_service = get_redis_service()
-                redis_cleanup = redis_service.delete_knowledgebase_records(
-                    index_name)
-                logger.debug(
-                    f"Redis cleanup for orphan index '{index_name}': {redis_cleanup['total_deleted']} records removed")
-            except Exception as redis_error:
-                logger.warning(
-                    f"Redis cleanup failed for orphan index '{index_name}': {str(redis_error)}")
-            return {
-                "status": "error_cleaning_orphans",
-                "action": "cleaned_es"
-            }
-        except Exception as e:
-            logger.error(
-                f"Failed to delete orphan ES index '{index_name}': {str(e)}")
-            # Still return orphan status so frontend knows it requires attention
-            return {"status": "error_cleaning_orphans", "error": True}
-
-    # Case B: Orphan in PG only (missing in ES, present in PG)
-    if not es_exists and pg_record:
-        logger.warning(
-            f"Detected orphan knowledge base '{index_name}' – present in PG, absent in ES. Deleting PG record only.")
-        try:
-            delete_knowledge_record(
-                {"index_name": index_name, "user_id": user_id})
-            return {"status": "error_cleaning_orphans", "action": "cleaned_pg"}
-        except Exception as e:
-            logger.error(
-                f"Failed to delete orphan PG record for '{index_name}': {str(e)}")
-            return {"status": "error_cleaning_orphans", "error": True}
-
-    # Case C: Index/record both absent -> name is available
-    if not es_exists and not pg_record:
-        return {"status": "available"}
-
-    # Case D: Index and record both exist – check tenant ownership
-    record_tenant_id = pg_record.get('tenant_id') if pg_record else None
-    if str(record_tenant_id) == str(tenant_id):
+    # Case A: Knowledge base name already exists in the same tenant
+    if pg_record:
         return {"status": "exists_in_tenant"}
-    else:
-        return {"status": "exists_in_other_tenant"}
+
+    # Case B: Name is available in this tenant
+    return {"status": "available"}
 
 
 def get_embedding_model(tenant_id: str):
@@ -542,16 +499,14 @@ def list_indices(
             effective_user_role = user_role
             if user_id == tenant_id:
                 effective_user_role = "ADMIN"
-                logger.debug(
-                    f"User {user_id} identified as legacy admin (user_id equals tenant_id)")
+                logger.info(f"User {user_id} identified as legacy admin")
+            elif user_id == DEFAULT_USER_ID and tenant_id == DEFAULT_TENANT_ID:
+                effective_user_role = "ADMIN"
+                logger.info("User under SPEED version is treated as admin")
 
-            if effective_user_role == "SU":
+            if effective_user_role in ["SU", "ADMIN"] :
                 # SU can see all knowledgebases
                 permission = "EDIT"
-            elif effective_user_role == "ADMIN":
-                # ADMIN can see all knowledgebases in their tenant
-                if record.get("tenant_id") == user_tenant_id:
-                    permission = "EDIT"
             elif effective_user_role in ["USER", "DEV"]:
                 # USER/DEV need group-based permission checking
                 kb_group_ids_str = record.get("group_ids")
diff --git a/frontend/services/api.ts b/frontend/services/api.ts
index d8931186a..4cae21e33 100644
--- a/frontend/services/api.ts
+++ b/frontend/services/api.ts
@@ -121,7 +121,7 @@ export const API_ENDPOINTS = {
     // Elasticsearch service
     health: `${API_BASE_URL}/indices/health`,
     indices: `${API_BASE_URL}/indices`,
-    checkName: (name: string) => `${API_BASE_URL}/indices/check_exist/${name}`,
+    checkName: `${API_BASE_URL}/indices/check_exist`,
     listFiles: (indexName: string) =>
       `${API_BASE_URL}/indices/${indexName}/files`,
     indexDetail: (indexName: string) => `${API_BASE_URL}/indices/${indexName}`,
diff --git a/frontend/services/knowledgeBaseService.ts b/frontend/services/knowledgeBaseService.ts
index 0ea443081..bbce1b29a 100644
--- a/frontend/services/knowledgeBaseService.ts
+++ b/frontend/services/knowledgeBaseService.ts
@@ -155,10 +155,14 @@ class KnowledgeBaseService {
   ): Promise<{ status: string; action?: string }> {
     try {
       const response = await fetch(
-        API_ENDPOINTS.knowledgeBase.checkName(name),
+        API_ENDPOINTS.knowledgeBase.checkName,
         {
-          method: "GET",
-          headers: getAuthHeaders(),
+          method: "POST",
+          headers: {
+            ...getAuthHeaders(),
+            "Content-Type": "application/json",
+          },
+          body: JSON.stringify({ knowledge_name: name }),
         }
       );
       if (!response.ok) {
diff --git a/test/backend/app/test_vectordatabase_app.py b/test/backend/app/test_vectordatabase_app.py
index 97e26842a..711976fb5 100644
--- a/test/backend/app/test_vectordatabase_app.py
+++ b/test/backend/app/test_vectordatabase_app.py
@@ -1010,11 +1010,14 @@ async def test_check_knowledge_base_exist_success(vdb_core_mock, auth_data):
             patch("backend.apps.vectordatabase_app.get_current_user_id", return_value=(auth_data["user_id"], auth_data["tenant_id"])), \
             patch("backend.apps.vectordatabase_app.check_knowledge_base_exist_impl") as mock_impl:
 
-        expected_response = {"exist": True, "scope": "tenant"}
+        expected_response = {"status": "exists_in_tenant"}
         mock_impl.return_value = expected_response
 
-        response = client.get(
-            f"/indices/check_exist/{auth_data['index_name']}", headers=auth_data["auth_header"])
+        response = client.post(
+            "/indices/check_exist",
+            json={"knowledge_name": auth_data['index_name']},
+            headers=auth_data["auth_header"]
+        )
 
         assert response.status_code == 200
         assert response.json() == expected_response
@@ -1031,12 +1034,15 @@ async def test_check_knowledge_base_exist_error(vdb_core_mock, auth_data):
 
         mock_impl.side_effect = Exception("Test error")
 
-        response = client.get(
-            f"/indices/check_exist/{auth_data['index_name']}", headers=auth_data["auth_header"])
+        response = client.post(
+            "/indices/check_exist",
+            json={"knowledge_name": auth_data['index_name']},
+            headers=auth_data["auth_header"]
+        )
 
         assert response.status_code == 500
         assert response.json() == {
-            "detail": f"Error checking existence for index: Test error"}
+            "detail": "Error checking existence for knowledge base: Test error"}
 
 
 @pytest.mark.asyncio
diff --git a/test/backend/database/test_knowledge_db.py b/test/backend/database/test_knowledge_db.py
index 415e2b8bd..78f4cf515 100644
--- a/test/backend/database/test_knowledge_db.py
+++ b/test/backend/database/test_knowledge_db.py
@@ -960,34 +960,93 @@ def test_delete_knowledge_record_without_user_id(monkeypatch, mock_session):
 def test_get_knowledge_record_with_tenant_id_none(monkeypatch, mock_session):
     """Test get_knowledge_record with tenant_id explicitly set to None"""
     session, query = mock_session
-    
+
     mock_record = MockKnowledgeRecord()
     mock_record.knowledge_id = 123
-    
+
     mock_filter = MagicMock()
     mock_filter.first.return_value = mock_record
     query.filter.return_value = mock_filter
-    
+
     mock_ctx = MagicMock()
     mock_ctx.__enter__.return_value = session
     mock_ctx.__exit__.return_value = None
     monkeypatch.setattr("backend.database.knowledge_db.get_db_session", lambda: mock_ctx)
-    
+
     expected_result = {"knowledge_id": 123}
     monkeypatch.setattr("backend.database.knowledge_db.as_dict", lambda x: expected_result)
-    
+
     test_query = {
         "index_name": "test_knowledge",
         "tenant_id": None  # Explicitly None
     }
-    
+
     result = get_knowledge_record(test_query)
-    
+
     assert result == expected_result
     # Should not add tenant_id filter when tenant_id is None
     assert query.filter.call_count >= 1
 
 
+def test_get_knowledge_record_by_knowledge_name_success(monkeypatch, mock_session):
+    """Test successfully retrieving knowledge record by knowledge_name"""
+    session, query = mock_session
+
+    # Create mock knowledge record
+    mock_record = MockKnowledgeRecord()
+    mock_record.knowledge_id = 123
+    mock_record.knowledge_name = "test_kb"
+
+    mock_filter = MagicMock()
+    mock_filter.first.return_value = mock_record
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.knowledge_db.get_db_session", lambda: mock_ctx)
+
+    # Mock as_dict function
+    expected_result = {
+        "knowledge_id": 123,
+        "knowledge_name": "test_kb",
+        "index_name": "test_index"
+    }
+    monkeypatch.setattr("backend.database.knowledge_db.as_dict", lambda x: expected_result)
+
+    test_query = {
+        "knowledge_name": "test_kb",
+        "tenant_id": "test_tenant"
+    }
+
+    result = get_knowledge_record(test_query)
+
+    assert result == expected_result
+
+
+def test_get_knowledge_record_by_knowledge_name_not_found(monkeypatch, mock_session):
+    """Test retrieving knowledge record by knowledge_name when not found"""
+    session, query = mock_session
+
+    mock_filter = MagicMock()
+    mock_filter.first.return_value = None
+    query.filter.return_value = mock_filter
+
+    mock_ctx = MagicMock()
+    mock_ctx.__enter__.return_value = session
+    mock_ctx.__exit__.return_value = None
+    monkeypatch.setattr("backend.database.knowledge_db.get_db_session", lambda: mock_ctx)
+
+    test_query = {
+        "knowledge_name": "nonexistent_kb",
+        "tenant_id": "test_tenant"
+    }
+
+    result = get_knowledge_record(test_query)
+
+    assert result == {}
+
+
 def test_get_knowledge_info_by_knowledge_ids_empty_list(monkeypatch, mock_session):
     """Test get_knowledge_info_by_knowledge_ids with empty list"""
     session, query = mock_session
diff --git a/test/backend/services/test_invitation_service.py b/test/backend/services/test_invitation_service.py
index 5e5ff83e9..28511e294 100644
--- a/test/backend/services/test_invitation_service.py
+++ b/test/backend/services/test_invitation_service.py
@@ -679,6 +679,159 @@ def test_update_invitation_code_status_no_change(mock_count_invitation_usage, mo
     mock_count_invitation_usage.assert_called_once_with(123)
 
 
+def test_calculate_current_status_empty_invitation_data():
+    """Test _calculate_current_status with empty invitation_data (line 276-277)"""
+    from backend.services.invitation_service import _calculate_current_status
+
+    # Test with None input
+    result = _calculate_current_status(None)
+    assert result is None
+
+    # Test with empty dict input
+    result = _calculate_current_status({})
+    assert result == {}
+
+
+def test_calculate_current_status_missing_invitation_id():
+    """Test _calculate_current_status with missing invitation_id (lines 279-281)"""
+    from backend.services.invitation_service import _calculate_current_status
+
+    # Test with invitation_data missing invitation_id
+    input_data = {
+        "code_type": "ADMIN_INVITE",
+        "capacity": 5,
+        "status": "IN_USE"
+    }
+
+    result = _calculate_current_status(input_data)
+
+    # Should return unchanged data since no invitation_id
+    assert result == input_data
+    assert result["code_type"] == "ADMIN_INVITE"
+    assert result["capacity"] == 5
+    assert result["status"] == "IN_USE"
+
+
+@patch('backend.services.invitation_service.count_invitation_usage')
+def test_calculate_current_status_datetime_expiry_date(mock_count_usage):
+    """Test _calculate_current_status with datetime object expiry_date (lines 296-297)"""
+    from backend.services.invitation_service import _calculate_current_status
+    from datetime import datetime
+
+    # Mock usage count below capacity
+    mock_count_usage.return_value = 2
+
+    # Test with datetime object expiry_date
+    past_datetime = datetime.now().replace(year=datetime.now().year - 1)  # Expired
+    input_data = {
+        "invitation_id": 123,
+        "expiry_date": past_datetime,
+        "capacity": 5,
+        "status": "IN_USE"
+    }
+
+    result = _calculate_current_status(input_data)
+
+    # Should set status to EXPIRE due to expired datetime
+    assert result["status"] == "EXPIRE"
+
+
+@patch('backend.services.invitation_service.count_invitation_usage')
+def test_calculate_current_status_string_expiry_date(mock_count_usage):
+    """Test _calculate_current_status with string expiry_date conversion (lines 299-300)"""
+    from backend.services.invitation_service import _calculate_current_status
+    from datetime import datetime
+
+    # Mock usage count below capacity
+    mock_count_usage.return_value = 1
+
+    # Test with ISO string expiry_date (expired) - use format without timezone
+    past_date_str = "2020-01-01T00:00:00"
+    input_data = {
+        "invitation_id": 123,
+        "expiry_date": past_date_str,
+        "capacity": 5,
+        "status": "IN_USE"
+    }
+
+    result = _calculate_current_status(input_data)
+
+    # Should set status to EXPIRE due to expired date string
+    assert result["status"] == "EXPIRE"
+
+
+@patch('backend.services.invitation_service.count_invitation_usage')
+def test_calculate_current_status_expired_check_logic(mock_count_usage):
+    """Test _calculate_current_status expiry check logic (lines 301-302)"""
+    from backend.services.invitation_service import _calculate_current_status
+    from datetime import datetime
+
+    # Mock usage count below capacity
+    mock_count_usage.return_value = 1
+
+    # Test with future expiry date (should not expire)
+    future_datetime = datetime.now().replace(year=datetime.now().year + 1)
+    input_data = {
+        "invitation_id": 123,
+        "expiry_date": future_datetime,
+        "capacity": 5,
+        "status": "IN_USE"
+    }
+
+    result = _calculate_current_status(input_data)
+
+    # Should keep original status since not expired
+    assert result["status"] == "IN_USE"
+
+
+@patch('backend.services.invitation_service.logger')
+@patch('backend.services.invitation_service.count_invitation_usage')
+def test_calculate_current_status_invalid_expiry_date_format(mock_count_usage, mock_logger):
+    """Test _calculate_current_status with invalid expiry_date format (lines 303-304)"""
+    from backend.services.invitation_service import _calculate_current_status
+
+    # Mock usage count below capacity
+    mock_count_usage.return_value = 1
+
+    # Test with invalid expiry_date format
+    input_data = {
+        "invitation_id": 123,
+        "expiry_date": "invalid-date-format",
+        "capacity": 5,
+        "status": "IN_USE"
+    }
+
+    result = _calculate_current_status(input_data)
+
+    # Should keep original status and log warning
+    assert result["status"] == "IN_USE"
+    mock_logger.warning.assert_called_once_with("Invalid expiry_date format for invitation 123: invalid-date-format")
+
+
+@patch('backend.services.invitation_service.count_invitation_usage')
+def test_calculate_current_status_capacity_check(mock_count_usage):
+    """Test _calculate_current_status capacity check logic (lines 307-308)"""
+    from backend.services.invitation_service import _calculate_current_status
+    from datetime import datetime
+
+    # Mock usage count at capacity
+    mock_count_usage.return_value = 5
+
+    # Test with capacity reached
+    future_datetime = datetime.now().replace(year=datetime.now().year + 1)  # Not expired
+    input_data = {
+        "invitation_id": 123,
+        "expiry_date": future_datetime,
+        "capacity": 5,
+        "status": "IN_USE"
+    }
+
+    result = _calculate_current_status(input_data)
+
+    # Should set status to RUN_OUT due to capacity exceeded
+    assert result["status"] == "RUN_OUT"
+
+
 @patch('backend.services.invitation_service.query_invitation_by_code')
 def test_generate_unique_invitation_code(mock_query_invitation_by_code):
     """Test generating unique invitation code"""
@@ -839,6 +992,25 @@ def test_delete_invitation_code_success(mock_remove_invitation, mock_query_invit
     )
 
 
+@patch('backend.services.invitation_service.logger')
+@patch('backend.services.invitation_service.get_user_tenant_by_user_id')
+@patch('backend.services.invitation_service.query_invitation_by_id')
+@patch('backend.services.invitation_service.remove_invitation')
+def test_delete_invitation_code_success_logging(mock_remove_invitation, mock_query_invitation, mock_get_user, mock_logger, mock_user_info):
+    """Test that successful deletion logs the appropriate message (line 205-207)"""
+    mock_get_user.return_value = mock_user_info
+    mock_query_invitation.return_value = {"invitation_id": 123}
+    mock_remove_invitation.return_value = True
+
+    result = delete_invitation_code(
+        invitation_id=123,
+        user_id="test_user"
+    )
+
+    assert result is True
+    mock_logger.info.assert_called_once_with("Deleted invitation code 123 by user test_user")
+
+
 @patch('backend.services.invitation_service.get_user_tenant_by_user_id')
 def test_delete_invitation_code_unauthorized_user_role(mock_get_user, mock_user_info):
     """Test deleting invitation code with insufficient permissions"""
diff --git a/test/backend/services/test_user_management_service.py b/test/backend/services/test_user_management_service.py
index 3c13aab7d..fe4f8026a 100644
--- a/test/backend/services/test_user_management_service.py
+++ b/test/backend/services/test_user_management_service.py
@@ -711,6 +711,132 @@ async def test_signup_user_with_invalid_invite_code(self, mock_get_client, mock_
 
         self.assertIn("is not available", str(context.exception))
 
+    @patch('backend.services.user_management_service.get_invitation_by_code')
+    @patch('backend.services.user_management_service.check_invitation_available')
+    async def test_signup_user_with_invite_code_uppercase_conversion(self, mock_check_available, mock_get_invite_code):
+        """Test invitation code is converted to uppercase (line 183)"""
+        # Mock invitation code validation
+        mock_check_available.return_value = True
+        mock_get_invite_code.return_value = {
+            "invitation_id": 1,
+            "code_type": "USER_INVITE",
+            "group_ids": [],
+            "tenant_id": "tenant_id"
+        }
+
+        with patch('backend.services.user_management_service.get_supabase_client') as mock_get_client, \
+             patch('backend.services.user_management_service.insert_user_tenant'), \
+             patch('backend.services.user_management_service.parse_supabase_response') as mock_parse, \
+             patch('backend.services.user_management_service.use_invitation_code'):
+
+            mock_user = MagicMock()
+            mock_user.id = "user-123"
+            mock_response = MagicMock()
+            mock_response.user = mock_user
+            mock_client = MagicMock()
+            mock_client.auth.sign_up.return_value = mock_response
+            mock_get_client.return_value = mock_client
+            mock_parse.return_value = {"user": "data"}
+
+            # Use lowercase invite code
+            result = await signup_user_with_invitation("test@example.com", "password123", invite_code="lowercase")
+
+            # Verify the code was converted to uppercase in the check
+            mock_check_available.assert_called_with("LOWERCASE")
+            mock_get_invite_code.assert_called_with("LOWERCASE")
+
+    @patch('backend.services.user_management_service.get_invitation_by_code')
+    @patch('backend.services.user_management_service.check_invitation_available')
+    async def test_signup_user_with_invite_code_not_found_after_check(self, mock_check_available, mock_get_invite_code):
+        """Test when invitation code passes availability check but get_invitation_by_code returns None (lines 191-194)"""
+        # Mock invitation code availability check passes but get_invitation_by_code returns None
+        mock_check_available.return_value = True
+        mock_get_invite_code.return_value = None
+
+        with self.assertRaises(IncorrectInviteCodeException) as context:
+            await signup_user_with_invitation("test@example.com", "password123", invite_code="NONEXISTENT")
+
+        self.assertIn("not found", str(context.exception))
+
+    @patch('backend.services.user_management_service.get_invitation_by_code')
+    @patch('backend.services.user_management_service.check_invitation_available')
+    async def test_signup_user_with_admin_invite_role_assignment(self, mock_check_available, mock_get_invite_code):
+        """Test ADMIN role assignment from ADMIN_INVITE code type (lines 198-199)"""
+        # Mock invitation code validation
+        mock_check_available.return_value = True
+        mock_get_invite_code.return_value = {
+            "invitation_id": 1,
+            "code_type": "ADMIN_INVITE",
+            "group_ids": [],
+            "tenant_id": "tenant_id"
+        }
+
+        with patch('backend.services.user_management_service.get_supabase_client') as mock_get_client, \
+             patch('backend.services.user_management_service.insert_user_tenant') as mock_insert_tenant, \
+             patch('backend.services.user_management_service.parse_supabase_response') as mock_parse, \
+             patch('backend.services.user_management_service.use_invitation_code'), \
+             patch('backend.services.user_management_service.generate_tts_stt_4_admin') as mock_generate_tts:
+
+            mock_user = MagicMock()
+            mock_user.id = "user-123"
+            mock_response = MagicMock()
+            mock_response.user = mock_user
+            mock_client = MagicMock()
+            mock_client.auth.sign_up.return_value = mock_response
+            mock_get_client.return_value = mock_client
+            mock_parse.return_value = {"user": "data"}
+
+            result = await signup_user_with_invitation("admin@example.com", "password123", invite_code="ADMIN123")
+
+            # Verify ADMIN role was assigned and TTS/STT generation was called
+            mock_insert_tenant.assert_called_with(user_id="user-123", tenant_id="tenant_id", user_role="ADMIN")
+            mock_generate_tts.assert_called_once_with("tenant_id", "user-123")
+            mock_parse.assert_called_with(False, mock_response, "ADMIN")
+
+    @patch('backend.services.user_management_service.get_invitation_by_code')
+    @patch('backend.services.user_management_service.check_invitation_available')
+    async def test_signup_user_with_dev_invite_role_assignment(self, mock_check_available, mock_get_invite_code):
+        """Test DEV role assignment from DEV_INVITE code type (lines 200-201)"""
+        # Mock invitation code validation
+        mock_check_available.return_value = True
+        mock_get_invite_code.return_value = {
+            "invitation_id": 1,
+            "code_type": "DEV_INVITE",
+            "group_ids": [],
+            "tenant_id": "tenant_id"
+        }
+
+        with patch('backend.services.user_management_service.get_supabase_client') as mock_get_client, \
+             patch('backend.services.user_management_service.insert_user_tenant') as mock_insert_tenant, \
+             patch('backend.services.user_management_service.parse_supabase_response') as mock_parse, \
+             patch('backend.services.user_management_service.use_invitation_code'):
+
+            mock_user = MagicMock()
+            mock_user.id = "user-123"
+            mock_response = MagicMock()
+            mock_response.user = mock_user
+            mock_client = MagicMock()
+            mock_client.auth.sign_up.return_value = mock_response
+            mock_get_client.return_value = mock_client
+            mock_parse.return_value = {"user": "data"}
+
+            result = await signup_user_with_invitation("dev@example.com", "password123", invite_code="DEV123")
+
+            # Verify DEV role was assigned and TTS/STT generation was NOT called
+            mock_insert_tenant.assert_called_with(user_id="user-123", tenant_id="tenant_id", user_role="DEV")
+            mock_parse.assert_called_with(False, mock_response, "DEV")
+
+    @patch('backend.services.user_management_service.check_invitation_available')
+    async def test_signup_user_with_invite_code_validation_exception_conversion(self, mock_check_available):
+        """Test that other exceptions during invitation validation are converted to IncorrectInviteCodeException (line 208)"""
+        # Mock check_invitation_available to raise a generic exception
+        mock_check_available.side_effect = Exception("Database connection failed")
+
+        with self.assertRaises(IncorrectInviteCodeException) as context:
+            await signup_user_with_invitation("test@example.com", "password123", invite_code="TEST123")
+
+        self.assertIn("Invalid invitation code: Database connection failed", str(context.exception))
+
 
 class TestParseSupabaseResponse(unittest.IsolatedAsyncioTestCase):
     """Test parse_supabase_response"""
diff --git a/test/backend/services/test_vectordatabase_service.py b/test/backend/services/test_vectordatabase_service.py
index feccb9f17..bd7f3c5aa 100644
--- a/test/backend/services/test_vectordatabase_service.py
+++ b/test/backend/services/test_vectordatabase_service.py
@@ -733,11 +733,65 @@ def test_list_indices_fallback_admin_logic(self, mock_get_knowledge, mock_get_us
         for kb_info in result["indices_info"]:
             self.assertEqual(kb_info["permission"], "EDIT")
 
-        # Verify debug log was called (once for each index)
-        mock_logger.debug.assert_has_calls([
-            ((f"User legacy_admin_user identified as legacy admin (user_id equals tenant_id)",), {})
-            for _ in range(2)
-        ])
+        # Verify info log was called once for legacy admin identification
+        mock_logger.info.assert_called_once_with(
+            "User legacy_admin_user identified as legacy admin")
+
+    @patch('backend.services.vectordatabase_service.query_group_ids_by_user')
+    @patch('backend.services.vectordatabase_service.get_user_tenant_by_user_id')
+    @patch('backend.services.vectordatabase_service.get_knowledge_info_by_tenant_id')
+    def test_list_indices_speed_version_admin_logic(self, mock_get_knowledge, mock_get_user_tenant, mock_get_group_ids):
+        """
+        Test the SPEED version admin logic when user is default user and tenant is default tenant.
+
+        This test verifies that:
+        1. When user_id equals DEFAULT_USER_ID and tenant_id equals DEFAULT_TENANT_ID, user is treated as admin
+        2. SPEED version admin gets EDIT permission on all knowledgebases in their tenant
+        3. Info log is recorded for SPEED version admin identification
+        """
+        # Setup
+        self.mock_vdb_core.get_user_indices.return_value = ["index1", "index2"]
+        mock_get_knowledge.return_value = [
+            {
+                "index_name": "index1",
+                "embedding_model_name": "test-model",
+                "group_ids": "1,2",
+                "tenant_id": "tenant_id"  # DEFAULT_TENANT_ID
+            },
+            {
+                "index_name": "index2",
+                "embedding_model_name": "test-model",
+                "group_ids": "3",
+                "tenant_id": "tenant_id"  # DEFAULT_TENANT_ID
+            }
+        ]
+        # user_role is USER but should be overridden by SPEED logic
+        mock_get_user_tenant.return_value = {
+            "user_role": "USER", "tenant_id": "tenant_id"}  # DEFAULT_TENANT_ID
+        mock_get_group_ids.return_value = []
+
+        # Execute
+        with patch('backend.services.vectordatabase_service.logger') as mock_logger:
+            result = ElasticSearchService.list_indices(
+                pattern="*",
+                include_stats=True,  # Need stats to see permissions
+                tenant_id="tenant_id",  # DEFAULT_TENANT_ID
+                user_id="user_id",  # DEFAULT_USER_ID
+                vdb_core=self.mock_vdb_core
+            )
+
+        # Assert
+        self.assertEqual(len(result["indices"]), 2)
+        self.assertEqual(result["count"], 2)
+        self.assertEqual(len(result["indices_info"]), 2)
+
+        # Both knowledgebases should have EDIT permission due to SPEED version admin logic
+        for kb_info in result["indices_info"]:
+            self.assertEqual(kb_info["permission"], "EDIT")
+
+        # Verify info log was called once for SPEED version admin identification
+        mock_logger.info.assert_called_once_with(
+            "User under SPEED version is treated as admin")
 
     def test_vectorize_documents_success(self):
         """
@@ -2419,187 +2473,54 @@ def test_get_summary_success_status_200(self, mock_get_record):
         self.assertEqual(result["status"], "success")
         mock_get_record.assert_called_once_with({'index_name': 'test_index'})
 
-    @patch('backend.services.vectordatabase_service.get_redis_service')
-    @patch('backend.services.vectordatabase_service.get_knowledge_record')
-    def test_check_kb_exist_orphan_in_es(self, mock_get_knowledge, mock_get_redis_service):
-        """Test handling of orphaned knowledge base existing only in Elasticsearch."""
-        # Setup: ES index exists, PG record missing
-        self.mock_vdb_core.check_index_exists.return_value = True
-        mock_get_knowledge.return_value = None
-
-        # Mock Redis service
-        mock_redis_service = MagicMock()
-        mock_redis_service.delete_knowledgebase_records.return_value = {
-            "total_deleted": 1}
-        mock_get_redis_service.return_value = mock_redis_service
-
-        # Execute
-        result = check_knowledge_base_exist_impl(
-            index_name="test_index",
-            vdb_core=self.mock_vdb_core,
-            user_id="test_user",
-            tenant_id="tenant1"
-        )
-
-        # Assert
-        self.mock_vdb_core.delete_index.assert_called_once_with("test_index")
-        mock_redis_service.delete_knowledgebase_records.assert_called_once_with(
-            "test_index")
-        self.assertEqual(result["status"], "error_cleaning_orphans")
-        self.assertEqual(result["action"], "cleaned_es")
-
-    @patch('backend.services.vectordatabase_service.delete_knowledge_record')
-    @patch('backend.services.vectordatabase_service.get_knowledge_record')
-    def test_check_kb_exist_orphan_in_pg(self, mock_get_knowledge, mock_delete_record):
-        """Test handling of orphaned knowledge base existing only in PostgreSQL."""
-        # Setup: ES index missing, PG record exists
-        self.mock_vdb_core.check_index_exists.return_value = False
-        mock_get_knowledge.return_value = {
-            "index_name": "test_index", "tenant_id": "tenant1"}
-        mock_delete_record.return_value = True
-
-        # Execute
-        result = check_knowledge_base_exist_impl(
-            index_name="test_index",
-            vdb_core=self.mock_vdb_core,
-            user_id="test_user",
-            tenant_id="tenant1"
-        )
-
-        # Assert
-        mock_delete_record.assert_called_once()
-        self.assertEqual(result["status"], "error_cleaning_orphans")
-        self.assertEqual(result["action"], "cleaned_pg")
-
     @patch('backend.services.vectordatabase_service.get_knowledge_record')
     def test_check_kb_exist_available(self, mock_get_knowledge):
-        """Test knowledge base name availability when neither ES nor PG has the record."""
-        # Setup: ES index missing, PG record missing
-        self.mock_vdb_core.check_index_exists.return_value = False
+        """Test knowledge base name availability when not found in tenant."""
+        # Setup: knowledge_name not found in tenant
         mock_get_knowledge.return_value = None
 
         # Execute
         result = check_knowledge_base_exist_impl(
-            index_name="test_index",
+            knowledge_name="test_kb",
             vdb_core=self.mock_vdb_core,
             user_id="test_user",
             tenant_id="tenant1"
         )
 
         # Assert
+        mock_get_knowledge.assert_called_once_with({
+            "knowledge_name": "test_kb",
+            "tenant_id": "tenant1"
+        })
         self.assertEqual(result["status"], "available")
 
     @patch('backend.services.vectordatabase_service.get_knowledge_record')
     def test_check_kb_exist_exists_in_tenant(self, mock_get_knowledge):
         """Test detection when knowledge base exists within the same tenant."""
-        # Setup: ES index exists, PG record exists with same tenant_id
-        self.mock_vdb_core.check_index_exists.return_value = True
+        # Setup: knowledge_name exists in tenant
         mock_get_knowledge.return_value = {
-            "index_name": "test_index", "tenant_id": "tenant1"}
+            "knowledge_name": "test_kb", "tenant_id": "tenant1"}
 
         # Execute
         result = check_knowledge_base_exist_impl(
-            index_name="test_index",
+            knowledge_name="test_kb",
             vdb_core=self.mock_vdb_core,
             user_id="test_user",
             tenant_id="tenant1"
         )
 
         # Assert
+        mock_get_knowledge.assert_called_once_with({
+            "knowledge_name": "test_kb",
+            "tenant_id": "tenant1"
+        })
         self.assertEqual(result["status"], "exists_in_tenant")
 
-    @patch('backend.services.vectordatabase_service.get_knowledge_record')
-    def test_check_kb_exist_exists_in_other_tenant(self, mock_get_knowledge):
-        """Test detection when knowledge base exists in a different tenant."""
-        # Setup: ES index exists, PG record exists with different tenant_id
-        self.mock_vdb_core.check_index_exists.return_value = True
-        mock_get_knowledge.return_value = {
-            "index_name": "test_index", "tenant_id": "other_tenant"}
 
-        # Execute
-        result = check_knowledge_base_exist_impl(
-            index_name="test_index",
-            vdb_core=self.mock_vdb_core,
-            user_id="test_user",
-            tenant_id="tenant1"
-        )
 
-        # Assert
-        self.assertEqual(result["status"], "exists_in_other_tenant")
 
-    @patch('backend.services.vectordatabase_service.get_redis_service')
-    @patch('backend.services.vectordatabase_service.get_knowledge_record')
-    def test_check_kb_exist_orphan_in_es_redis_failure(self, mock_get_knowledge, mock_get_redis_service):
-        """Test orphan ES case when Redis cleanup raises an exception."""
-        # Setup: ES index exists, PG record missing
-        self.mock_vdb_core.check_index_exists.return_value = True
-        mock_get_knowledge.return_value = None
 
-        # Mock Redis service that raises an exception
-        mock_redis_service = MagicMock()
-        mock_redis_service.delete_knowledgebase_records.side_effect = Exception(
-            "Redis error")
-        mock_get_redis_service.return_value = mock_redis_service
 
-        # Execute
-        result = check_knowledge_base_exist_impl(
-            index_name="test_index",
-            vdb_core=self.mock_vdb_core,
-            user_id="test_user",
-            tenant_id="tenant1"
-        )
-
-        # Assert: ES index deletion attempted, Redis cleanup attempted and exception handled
-        self.mock_vdb_core.delete_index.assert_called_once_with("test_index")
-        mock_redis_service.delete_knowledgebase_records.assert_called_once_with(
-            "test_index")
-        self.assertEqual(result["status"], "error_cleaning_orphans")
-        self.assertEqual(result["action"], "cleaned_es")
-
-    @patch('backend.services.vectordatabase_service.get_knowledge_record')
-    def test_check_kb_exist_orphan_in_es_delete_failure(self, mock_get_knowledge):
-        """Test failure when deleting orphan ES index raises an exception."""
-        # Setup: ES index exists, PG record missing, delete_index raises
-        self.mock_vdb_core.check_index_exists.return_value = True
-        mock_get_knowledge.return_value = None
-        self.mock_vdb_core.delete_index.side_effect = Exception(
-            "Delete index failed")
-
-        # Execute
-        result = check_knowledge_base_exist_impl(
-            index_name="test_index",
-            vdb_core=self.mock_vdb_core,
-            user_id="test_user",
-            tenant_id="tenant1"
-        )
-
-        # Assert
-        self.mock_vdb_core.delete_index.assert_called_once_with("test_index")
-        self.assertEqual(result["status"], "error_cleaning_orphans")
-        self.assertTrue(result.get("error"))
-
-    @patch('backend.services.vectordatabase_service.delete_knowledge_record')
-    @patch('backend.services.vectordatabase_service.get_knowledge_record')
-    def test_check_kb_exist_orphan_in_pg_delete_failure(self, mock_get_knowledge, mock_delete_record):
-        """Test failure when deleting orphan PG record raises an exception."""
-        # Setup: ES index missing, PG record exists, deletion raises
-        self.mock_vdb_core.check_index_exists.return_value = False
-        mock_get_knowledge.return_value = {
-            "index_name": "test_index", "tenant_id": "tenant1"}
-        mock_delete_record.side_effect = Exception("Delete PG record failed")
-
-        # Execute
-        result = check_knowledge_base_exist_impl(
-            index_name="test_index",
-            vdb_core=self.mock_vdb_core,
-            user_id="test_user",
-            tenant_id="tenant1"
-        )
-
-        # Assert
-        mock_delete_record.assert_called_once()
-        self.assertEqual(result["status"], "error_cleaning_orphans")
-        self.assertTrue(result.get("error"))
 
     # Note: generate_knowledge_summary_stream function has been removed
     # These tests are no longer relevant as the function was replaced with summary_index_name

From 94d35e2f94b84b69e8025d6a3fbba57778b9a036 Mon Sep 17 00:00:00 2001
From: Jasonxia007 <iamjasonxia@126.com>
Date: Fri, 16 Jan 2026 12:01:50 +0800
Subject: [PATCH 38/38] =?UTF-8?q?=E2=99=BB=EF=B8=8F=20[WIP]=20User=20Manag?=
 =?UTF-8?q?ement=20Part3:=20Add=20app=20routes=20and=20revise=20some=20ser?=
 =?UTF-8?q?vice=20logic=20=F0=9F=90=9B=20Bugfix:=20legacy=20admin=20cannot?=
 =?UTF-8?q?=20see=20full=20knowledgebase=20list=20=F0=9F=90=9B=20Bugfix:?=
 =?UTF-8?q?=20knowledgebase=20duplicate=20name=20check=20problem?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 test/backend/database/test_knowledge_db.py    | 42 +++++++++++--------
 .../services/test_vectordatabase_service.py   | 18 ++++----
 2 files changed, 36 insertions(+), 24 deletions(-)

diff --git a/test/backend/database/test_knowledge_db.py b/test/backend/database/test_knowledge_db.py
index 78f4cf515..95efc2841 100644
--- a/test/backend/database/test_knowledge_db.py
+++ b/test/backend/database/test_knowledge_db.py
@@ -482,22 +482,23 @@ def test_get_knowledge_record_found(monkeypatch, mock_session):
 def test_get_knowledge_record_not_found(monkeypatch, mock_session):
     """Test retrieving non-existent knowledge record"""
     session, query = mock_session
-    
+
     mock_filter = MagicMock()
     mock_filter.first.return_value = None
+    mock_filter.filter.return_value = mock_filter  # Support chaining
     query.filter.return_value = mock_filter
-    
+
     mock_ctx = MagicMock()
     mock_ctx.__enter__.return_value = session
     mock_ctx.__exit__.return_value = None
     monkeypatch.setattr("backend.database.knowledge_db.get_db_session", lambda: mock_ctx)
-    
+
     test_query = {
         "index_name": "nonexistent_knowledge"
     }
-    
+
     result = get_knowledge_record(test_query)
-    
+
     assert result == {}
 
 
@@ -549,34 +550,40 @@ def test_get_knowledge_record_exception(monkeypatch, mock_session):
 def test_get_knowledge_record_with_none_query(monkeypatch, mock_session):
     """Test get_knowledge_record with None query raises TypeError"""
     session, query = mock_session
-    
+
     mock_ctx = MagicMock()
     mock_ctx.__enter__.return_value = session
     mock_ctx.__exit__.return_value = None
     monkeypatch.setattr("backend.database.knowledge_db.get_db_session", lambda: mock_ctx)
-    
-    # When query is None, accessing query['index_name'] will raise TypeError
-    with pytest.raises(TypeError, match="'NoneType' object is not subscriptable"):
+
+    # When query is None, checking 'index_name' in query will raise TypeError
+    with pytest.raises(TypeError, match="argument of type 'NoneType' is not iterable"):
         get_knowledge_record(None)
 
 
 def test_get_knowledge_record_without_index_name_key(monkeypatch, mock_session):
-    """Test get_knowledge_record with query missing index_name key raises KeyError"""
+    """Test get_knowledge_record with query missing index_name and knowledge_name keys"""
     session, query = mock_session
-    
+
+    mock_filter = MagicMock()
+    mock_filter.first.return_value = None
+    mock_filter.filter.return_value = mock_filter  # Support chaining
+    query.filter.return_value = mock_filter
+
     mock_ctx = MagicMock()
     mock_ctx.__enter__.return_value = session
     mock_ctx.__exit__.return_value = None
     monkeypatch.setattr("backend.database.knowledge_db.get_db_session", lambda: mock_ctx)
-    
-    # When query doesn't have 'index_name' key, accessing query['index_name'] will raise KeyError
+
+    # When query doesn't have 'index_name' or 'knowledge_name' key, no specific filter is applied
     test_query = {
         "tenant_id": "test_tenant"
-        # Missing index_name key
+        # Missing index_name and knowledge_name keys
     }
-    
-    with pytest.raises(KeyError):
-        get_knowledge_record(test_query)
+
+    result = get_knowledge_record(test_query)
+
+    assert result == {}
 
 
 def test_get_knowledge_info_by_knowledge_ids_success(monkeypatch, mock_session):
@@ -1030,6 +1037,7 @@ def test_get_knowledge_record_by_knowledge_name_not_found(monkeypatch, mock_sess
 
     mock_filter = MagicMock()
     mock_filter.first.return_value = None
+    mock_filter.filter.return_value = mock_filter  # Support chaining
     query.filter.return_value = mock_filter
 
     mock_ctx = MagicMock()
diff --git a/test/backend/services/test_vectordatabase_service.py b/test/backend/services/test_vectordatabase_service.py
index bd7f3c5aa..012eb0233 100644
--- a/test/backend/services/test_vectordatabase_service.py
+++ b/test/backend/services/test_vectordatabase_service.py
@@ -3,7 +3,7 @@
 import os
 import time
 import unittest
-from unittest.mock import MagicMock, ANY, AsyncMock
+from unittest.mock import MagicMock, ANY, AsyncMock, call
 # Mock MinioClient before importing modules that use it
 from unittest.mock import patch
 import numpy as np
@@ -733,9 +733,11 @@ def test_list_indices_fallback_admin_logic(self, mock_get_knowledge, mock_get_us
         for kb_info in result["indices_info"]:
             self.assertEqual(kb_info["permission"], "EDIT")
 
-        # Verify info log was called once for legacy admin identification
-        mock_logger.info.assert_called_once_with(
-            "User legacy_admin_user identified as legacy admin")
+        # Verify info log was called once for each index for legacy admin identification
+        mock_logger.info.assert_has_calls([
+            call("User legacy_admin_user identified as legacy admin"),
+            call("User legacy_admin_user identified as legacy admin")
+        ])
 
     @patch('backend.services.vectordatabase_service.query_group_ids_by_user')
     @patch('backend.services.vectordatabase_service.get_user_tenant_by_user_id')
@@ -789,9 +791,11 @@ def test_list_indices_speed_version_admin_logic(self, mock_get_knowledge, mock_g
         for kb_info in result["indices_info"]:
             self.assertEqual(kb_info["permission"], "EDIT")
 
-        # Verify info log was called once for SPEED version admin identification
-        mock_logger.info.assert_called_once_with(
-            "User under SPEED version is treated as admin")
+        # Verify info log was called once for each index for SPEED version admin identification
+        mock_logger.info.assert_has_calls([
+            call("User under SPEED version is treated as admin"),
+            call("User under SPEED version is treated as admin")
+        ])
 
     def test_vectorize_documents_success(self):
         """