diff --git a/app/controllers/api/event_controller.rb b/app/controllers/api/event_controller.rb
index 093ec70..4a532a5 100644
--- a/app/controllers/api/event_controller.rb
+++ b/app/controllers/api/event_controller.rb
@@ -130,10 +130,7 @@ def update
 
     if @send_update_email
       event.participants.each do |participant|
-        if participant.profile.email
-          recipient = participant.profile.email
-          event.send_mail_update_event(recipient)
-        end
+        participant.profile.send_mail_update_event(event)
       end
     end
 
@@ -150,19 +147,20 @@ def unpublish
     event.group.decrement!(:events_count)
 
     event.participants.each do |participant|
-      participant.email_notify!(:cancel)
+      participant.profile.send_mail_cancel_event(event)
     end
 
     render json: { result: "ok", event: event.as_json }
   end
 
+  # todo test
   def check_group_permission
     profile = current_profile!
     event = Event.find(params[:id])
     group = event.group
     tz = group.timezone
 
-    if !group.group_ticket_enabled
+    if !group.group_ticket_event_id
       return render json: { result: "ok", check: true, message: "action allowed" }
     end
 
@@ -229,10 +227,7 @@ def join
 
     event.increment!(:participants_count)
 
-    if profile.email.present?
-      recipient = profile.email
-      event.send_mail_new_event(recipient)
-    end
+    profile.send_mail_new_event(event)
 
     render json: { participant: participant.as_json }
   end
@@ -261,10 +256,7 @@ def cancel
     participant.update(status: "cancelled")
     event.decrement!(:participants_count)
 
-    if profile.email.present?
-      recipient = profile.email
-      event.send_mail_cancel_event(recipient)
-    end
+    profile.send_mail_cancel_event(event)
 
     render json: { participant: participant.as_json }
   end
diff --git a/app/controllers/api/group_controller.rb b/app/controllers/api/group_controller.rb
index 2bae7be..8fe275b 100644
--- a/app/controllers/api/group_controller.rb
+++ b/app/controllers/api/group_controller.rb
@@ -21,8 +21,7 @@ def create
       Domain.create(handle: handle, fullname: "#{handle}.sola.day", item_type: "Group", item_id: group.id)
     end
 
-    Membership.create(profile_id: profile.id, group_id: group.id, role: "owner", status: "active")
-    group.increment!(:memberships_count)
+    group.add_member(profile.id, "owner")
     render json: { result: "ok", group: group }
   end
 
diff --git a/app/controllers/api/group_invite_controller.rb b/app/controllers/api/group_invite_controller.rb
index 5ccaf6a..0f80d13 100644
--- a/app/controllers/api/group_invite_controller.rb
+++ b/app/controllers/api/group_invite_controller.rb
@@ -36,13 +36,7 @@ def accept_request
     end
 
     group_invite.update(status: "accepted")
-    membership = Membership.find_by(profile_id: group_invite.receiver_id, group_id: group.id)
-    if membership
-      membership.update(role: group_invite.role)
-    else
-      membership = Membership.create(profile_id: group_invite.receiver_id, group_id: group.id, role: group_invite.role, status: "active")
-      group.increment!(:memberships_count)
-    end
+    membership = group.add_member(group_invite.receiver_id, group_invite.role)
 
     render json: { result: "ok", membership: membership.as_json }
   end
@@ -63,8 +57,9 @@ def send_invite
         receiver_id = receiver.id
 
         membership = Membership.find_by(profile_id: receiver.id, group_id: group.id)
-        if membership && membership.role == "member"
+        if membership && membership.role == "member" && role != "member"
           membership.update(role: role)
+          activity = Activity.create(initiator_id: profile.id, action: "group_invite/update_role", receiver_type: "id", receiver_id: receiver.id)
           invite = { receiver_id: receiver_id, result: "ok", message: "membership updated" }
         elsif membership
           invite = { receiver_id: receiver_id, result: "error", message: "membership exists" }
@@ -118,12 +113,7 @@ def accept_invite
     group_invite.update(status: "accepted")
     raise AppError.new("invite expired") unless DateTime.now < group_invite.expires_at
 
-    if Membership.find_by(profile_id: profile.id, group_id: group.id)
-      raise AppError.new("membership exists")
-      return
-    end
-    Membership.create(profile_id: profile.id, group_id: group.id, role: group_invite.role, status: "active")
-    group.increment!(:memberships_count)
+    group.add_member(profile.id, group_invite.role)
     render json: { result: "ok" }
   end
 
diff --git a/app/controllers/api/profile_controller.rb b/app/controllers/api/profile_controller.rb
index 286d863..bfa4a04 100644
--- a/app/controllers/api/profile_controller.rb
+++ b/app/controllers/api/profile_controller.rb
@@ -33,10 +33,7 @@ def verify
         data = RestClient.get("https://sola.deno.dev/seedao/getname/#{address}")
         domain = JSON.parse(data.body)["domain"]
         if domain.present? && seedao_group
-          membership = Membership.find_by(profile_id: profile.id, target_id: seedao_group.id)
-          if !membership
-            Membership.create(profile_id: profile.id, target_id: seedao_group.id, role: "member", status: "normal")
-          end
+          seedao_group.add_member(profile.id, "member")
         end
       end
       render json: { result: "ok", auth_token: profile.gen_auth_token, address: address, id: profile.id }
diff --git a/app/models/event.rb b/app/models/event.rb
index 643f0b2..35509a9 100644
--- a/app/models/event.rb
+++ b/app/models/event.rb
@@ -62,26 +62,4 @@ def location_url
     self.geo_lat.present? ? "https://www.google.com/maps/search/?api=1&query=#{self.geo_lat}%2C#{self.geo_lng}" : ""
   end
 
-  ### legacy
-
-
-  def send_mail_new_event(recipient)
-    mailer = EventMailer.with(event: self, recipient: recipient).event_created
-    mailer.deliver_now!
-  end
-
-  def send_mail_event_invite(recipient)
-    mailer = EventMailer.with(event: self, recipient: recipient).event_invited
-    mailer.deliver_now!
-  end
-
-  def send_mail_update_event(recipient)
-    mailer = EventMailer.with(event: self, recipient: recipient).event_updated
-    mailer.deliver_now!
-  end
-
-  def send_mail_cancel_event(recipient)
-    mailer = EventMailer.with(event: self, recipient: recipient).event_updated
-    mailer.deliver_now!
-  end
 end
diff --git a/app/models/group.rb b/app/models/group.rb
index be1a3d8..3a5e1b1 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -26,19 +26,30 @@ def get_owner
   end
 
   def is_owner(profile_id)
-    Membership.find_by(profile_id: profile_id, group_id: id, role: 'owner')
+    Membership.find_by(profile_id: profile_id, group_id: id, role: 'owner', status: "active")
   end
 
   def is_manager(profile_id)
-    Membership.find_by(profile_id: profile_id, group_id: id, role: %w[manager owner])
+    Membership.find_by(profile_id: profile_id, group_id: id, role: %w[manager owner], status: "active")
   end
 
   def is_operator(profile_id)
-    Membership.find_by(profile_id: profile_id, group_id: id, role: %w[operator manager owner])
+    Membership.find_by(profile_id: profile_id, group_id: id, role: %w[operator manager owner], status: "active")
   end
 
   def is_member(profile_id)
-    Membership.find_by(profile_id: profile_id, group_id: id, role: %w[member operator manager owner])
+    Membership.find_by(profile_id: profile_id, group_id: id, role: %w[member operator manager owner], status: "active")
+  end
+
+  def add_member(profile_id, role)
+    membership = Membership.find_by(profile_id: profile_id, group_id: self.id)
+    if membership
+      membership.update(role: role)
+    else
+      membership = Membership.create(profile_id: profile_id, group_id: id, role: role, status: "active")
+      self.increment!(:memberships_count)
+    end
+    membership
   end
 
   def display_name
diff --git a/app/models/profile.rb b/app/models/profile.rb
index 308d735..1d5077c 100644
--- a/app/models/profile.rb
+++ b/app/models/profile.rb
@@ -44,4 +44,32 @@ def gen_auth_token
     }
     auth_token = JWT.encode payload, $hmac_secret, "HS256"
   end
+
+  def send_mail_new_event(event)
+    if self.email.present?
+      mailer = EventMailer.with(event: event, recipient: self.email).event_created
+      mailer.deliver_now!
+    end
+  end
+
+  def send_mail_event_invite(event)
+    if self.email.present?
+      mailer = EventMailer.with(event: event, recipient: self.email).event_invited
+      mailer.deliver_now!
+    end
+  end
+
+  def send_mail_update_event(event)
+    if self.email.present?
+      mailer = EventMailer.with(event: event, recipient: self.email).event_updated
+      mailer.deliver_now!
+    end
+  end
+
+  def send_mail_cancel_event(event)
+    if self.email.present?
+      mailer = EventMailer.with(event: event, recipient: self.email).event_updated
+      mailer.deliver_now!
+    end
+  end
 end
diff --git a/test/controllers/api/event_controller_test.rb b/test/controllers/api/event_controller_test.rb
index ee5bda3..99e1a17 100644
--- a/test/controllers/api/event_controller_test.rb
+++ b/test/controllers/api/event_controller_test.rb
@@ -233,7 +233,7 @@ class Api::EventControllerTest < ActionDispatch::IntegrationTest
     profile = Profile.find_by(handle: "cookie")
     auth_token = profile.gen_auth_token
 
-    get api_event_list_url, params: { auth_token: auth_token }
+    get api_event_list_url, params: { auth_token: auth_token, group_id: 1 }
     assert_response :success
 
     response_events = JSON.parse(response.body)
@@ -245,7 +245,6 @@ class Api::EventControllerTest < ActionDispatch::IntegrationTest
     auth_token = profile.gen_auth_token
 
     get api_event_private_list_url, params: { auth_token: auth_token }
-    p response.body
     assert_response :success
 
     response_events = JSON.parse(response.body)