diff --git a/README.md b/README.md
index 27efd63..44548c7 100644
--- a/README.md
+++ b/README.md
@@ -164,7 +164,7 @@ Make sure the development database is running and tables and default
 permissions/roles are created first.
 
 ``` bash
-uv run uvicorn main:app --host 0.0.0.0 --port 8000 --reload
+uv run python -m uvicorn main:app --host 0.0.0.0 --port 8000 --reload
 ```
 
 Navigate to http://localhost:8000/
diff --git a/docs/static/documentation.txt b/docs/static/documentation.txt
index aa2c30c..a883df9 100644
--- a/docs/static/documentation.txt
+++ b/docs/static/documentation.txt
@@ -129,7 +129,7 @@ docker compose up -d
 Make sure the development database is running and tables and default permissions/roles are created first.
 
 ``` bash
-uv run uvicorn main:app --host 0.0.0.0 --port 8000 --reload
+uv run python -m uvicorn main:app --host 0.0.0.0 --port 8000 --reload
 ```
 
 Navigate to http://localhost:8000/
diff --git a/docs/templates.qmd b/docs/templates.qmd
deleted file mode 100644
index 2eafda8..0000000
--- a/docs/templates.qmd
+++ /dev/null
@@ -1,321 +0,0 @@
----
-title: "Template Variables Documentation"
----
-
-This file documents the required context variables for each template in the application.
-
-## Table of Contents
-
-- [authentication](#authentication)
-- [components](#components)
-- [dashboard](#dashboard)
-- [dashboard > organizations](#dashboard-organizations)
-- [dashboard > organizations > members](#dashboard-organizations-members)
-- [emails](#emails)
-- [errors](#errors)
-- [root](#root)
-- [users](#users)
-
-## authentication
-
-### forgot_password.html
-
-**Path:** `authentication/forgot_password.html`
-
-**Required Variables:**
-
-| Variable | Description |
-| --- | --- |
-| `show_form` | |
-| `url_for` | |
-
-### login.html
-
-**Path:** `authentication/login.html`
-
-**Required Variables:**
-
-| Variable | Description |
-| --- | --- |
-| `url_for` | |
-
-### register.html
-
-**Path:** `authentication/register.html`
-
-**Required Variables:**
-
-| Variable | Description |
-| --- | --- |
-| `password_pattern` | |
-| `url_for` | |
-
-### reset_password.html
-
-**Path:** `authentication/reset_password.html`
-
-**Required Variables:**
-
-| Variable | Description |
-| --- | --- |
-| `email` | |
-| `password_pattern` | |
-| `token` | |
-| `url_for` | |
-
-## components
-
-### footer.html
-
-**Path:** `components/footer.html`
-
-**Required Variables:**
-
-| Variable | Description |
-| --- | --- |
-| `url_for` | |
-
-### header.html
-
-**Path:** `components/header.html`
-
-**Required Variables:**
-
-| Variable | Description |
-| --- | --- |
-| `url_for` | |
-| `user` | |
-
-### logo.html
-
-**Path:** `components/logo.html`
-
-**No variables required**
-
-### nav.html
-
-**Path:** `components/nav.html`
-
-**Required Variables:**
-
-| Variable | Description |
-| --- | --- |
-| `url_for` | |
-
-### organizations.html
-
-**Path:** `components/organizations.html`
-
-**Required Variables:**
-
-| Variable | Description |
-| --- | --- |
-| `url_for` | |
-
-### silhouette.html
-
-**Path:** `components/silhouette.html`
-
-**No variables required**
-
-## dashboard
-
-### index.html
-
-**Path:** `dashboard/index.html`
-
-**No variables required**
-
-### organization_overview.html
-
-**Path:** `dashboard/organization_overview.html`
-
-**No variables required**
-
-## dashboard > organizations
-
-### create.html
-
-**Path:** `dashboard/organizations/create.html`
-
-**No variables required**
-
-### delete.html
-
-**Path:** `dashboard/organizations/delete.html`
-
-**No variables required**
-
-### detail.html
-
-**Path:** `dashboard/organizations/detail.html`
-
-**No variables required**
-
-### edit.html
-
-**Path:** `dashboard/organizations/edit.html`
-
-**No variables required**
-
-### members.html
-
-**Path:** `dashboard/organizations/members.html`
-
-**No variables required**
-
-## dashboard > organizations > members
-
-### delete.html
-
-**Path:** `dashboard/organizations/members/delete.html`
-
-**No variables required**
-
-### edit.html
-
-**Path:** `dashboard/organizations/members/edit.html`
-
-**No variables required**
-
-### invite.html
-
-**Path:** `dashboard/organizations/members/invite.html`
-
-**No variables required**
-
-## emails
-
-### base_email.html
-
-**Path:** `emails/base_email.html`
-
-**No variables required**
-
-### reset_email.html
-
-**Path:** `emails/reset_email.html`
-
-**Required Variables:**
-
-| Variable | Description |
-| --- | --- |
-| `reset_url` | |
-
-### update_email_email.html
-
-**Path:** `emails/update_email_email.html`
-
-**Required Variables:**
-
-| Variable | Description |
-| --- | --- |
-| `confirmation_url` | |
-| `current_email` | |
-| `new_email` | |
-
-## errors
-
-### error.html
-
-**Path:** `errors/error.html`
-
-**Required Variables:**
-
-| Variable | Description |
-| --- | --- |
-| `detail` | |
-| `status_code` | |
-| `url_for` | |
-
-### validation_error.html
-
-**Path:** `errors/validation_error.html`
-
-**Required Variables:**
-
-| Variable | Description |
-| --- | --- |
-| `errors` | |
-| `url_for` | |
-
-## root
-
-### about.html
-
-**Path:** `about.html`
-
-**No variables required**
-
-### auth_base.html
-
-**Path:** `auth_base.html`
-
-**No variables required**
-
-### base.html
-
-**Path:** `base.html`
-
-**Required Variables:**
-
-| Variable | Description |
-| --- | --- |
-| `url_for` | |
-
-### index.html
-
-**Path:** `index.html`
-
-**Required Variables:**
-
-| Variable | Description |
-| --- | --- |
-| `render_logo` | |
-| `url_for` | |
-
-### privacy_policy.html
-
-**Path:** `privacy_policy.html`
-
-**No variables required**
-
-### terms_of_service.html
-
-**Path:** `terms_of_service.html`
-
-**No variables required**
-
-## users
-
-### organization.html
-
-**Path:** `users/organization.html`
-
-**Required Variables:**
-
-| Variable | Description |
-| --- | --- |
-| `organization` | |
-| `render_silhouette` | |
-| `url_for` | |
-
-### profile.html
-
-**Path:** `users/profile.html`
-
-**Required Variables:**
-
-| Variable | Description |
-| --- | --- |
-| `allowed_formats` | |
-| `email_update_requested` | |
-| `email_updated` | |
-| `max_dimension` | |
-| `max_file_size_mb` | |
-| `min_dimension` | |
-| `render_organizations` | |
-| `render_silhouette` | |
-| `show_form` | |
-| `url_for` | |
-| `user` | |
diff --git a/exceptions/http_exceptions.py b/exceptions/http_exceptions.py
index d51d636..13585ae 100644
--- a/exceptions/http_exceptions.py
+++ b/exceptions/http_exceptions.py
@@ -44,12 +44,11 @@ def __init__(self):
         )
 
 
-# TODO: Consolidate these two into a single validation error
-class EmptyOrganizationNameError(HTTPException):
-    def __init__(self):
+class OrganizationSetupError(HTTPException):
+    def __init__(self, message: str = "Organization setup failed"):
         super().__init__(
-            status_code=400,
-            detail="Organization name cannot be empty"
+            status_code=500,
+            detail=message
         )
 
 
@@ -69,6 +68,22 @@ def __init__(self):
         )
 
 
+class UserNotFoundError(HTTPException):
+    def __init__(self):
+        super().__init__(
+            status_code=404,
+            detail="User not found"
+        )
+
+
+class UserAlreadyMemberError(HTTPException):
+    def __init__(self):
+        super().__init__(
+            status_code=400,
+            detail="User is already a member of this organization"
+        )
+
+
 class InvalidPermissionError(HTTPException):
     """Raised when a user attempts to assign an invalid permission to a role"""
 
diff --git a/index.qmd b/index.qmd
index 4c6df13..3e8cf1c 100644
--- a/index.qmd
+++ b/index.qmd
@@ -131,7 +131,7 @@ docker compose up -d
 Make sure the development database is running and tables and default permissions/roles are created first.
 
 ``` bash
-uv run uvicorn main:app --host 0.0.0.0 --port 8000 --reload
+uv run python -m uvicorn main:app --host 0.0.0.0 --port 8000 --reload
 ```
 
 Navigate to http://localhost:8000/
diff --git a/main.py b/main.py
index 865d919..080be61 100644
--- a/main.py
+++ b/main.py
@@ -5,7 +5,8 @@
 from fastapi.responses import RedirectResponse
 from fastapi.staticfiles import StaticFiles
 from fastapi.templating import Jinja2Templates
-from fastapi.exceptions import RequestValidationError, StarletteHTTPException
+from fastapi.exceptions import RequestValidationError
+from starlette.exceptions import HTTPException as StarletteHTTPException
 from routers import account, dashboard, organization, role, user, static_pages
 from utils.dependencies import (
     get_optional_user
diff --git a/pyproject.toml b/pyproject.toml
index f7fdb5a..c8c8400 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -27,12 +27,12 @@ dependencies = [
 dev = [
     "graphviz<1.0.0,>=0.20.3",
     "quarto<1.0.0,>=0.1.0",
-    "mypy<2.0.0,>=1.11.2",
     "jupyter<2.0.0,>=1.1.1",
     "notebook<8.0.0,>=7.2.2",
     "pytest<9.0.0,>=8.3.3",
     "sqlalchemy-schemadisplay<3.0,>=2.0",
     "perplexity-cli",
+    "mypy>=1.15.0",
 ]
 
 [tool.uv.sources]
diff --git a/routers/account.py b/routers/account.py
index 237f989..ef081cd 100644
--- a/routers/account.py
+++ b/routers/account.py
@@ -5,6 +5,7 @@
 from fastapi import APIRouter, Depends, BackgroundTasks, Form, Request
 from fastapi.responses import RedirectResponse
 from fastapi.templating import Jinja2Templates
+from starlette.datastructures import URLPath
 from pydantic import EmailStr
 from sqlmodel import Session, select
 from utils.models import User, DataIntegrityError, Account
@@ -33,7 +34,8 @@
     CredentialsError,
     PasswordValidationError
 )
-
+from routers.dashboard import router as dashboard_router
+from routers.user import router as user_router
 logger = getLogger("uvicorn.error")
 
 router = APIRouter(prefix="/account", tags=["account"])
@@ -80,34 +82,15 @@ def validate_password_strength_and_match(
 # --- Routes ---
 
 
-@router.post("/delete", response_class=RedirectResponse)
-async def delete_account(
-    email: EmailStr = Form(...),
-    password: str = Form(...),
-    account: Account = Depends(get_authenticated_account),
-    session: Session = Depends(get_session)
-):
+@router.get("/logout", response_class=RedirectResponse)
+def logout():
     """
-    Delete a user account after verifying credentials.
+    Log out a user by clearing their cookies.
     """
-    # Verify the provided email matches the authenticated user
-    if email != account.email:
-        raise CredentialsError(message="Email does not match authenticated account")
-
-    # Verify password
-    if not verify_password(password, account.hashed_password):
-        raise PasswordValidationError(
-            field="password",
-            message="Password is incorrect"
-        )
-
-    # Delete the account and associated user
-    # Note: The user will be deleted automatically by cascade relationship
-    session.delete(account)
-    session.commit()
-
-    # Log out the user
-    return RedirectResponse(url="/account/logout", status_code=303)
+    response = RedirectResponse(url="/", status_code=303)
+    response.delete_cookie("access_token")
+    response.delete_cookie("refresh_token")
+    return response
 
 
 @router.get("/login")
@@ -120,9 +103,9 @@ async def read_login(
     Render login page or redirect to dashboard if already logged in.
     """
     if user:
-        return RedirectResponse(url="/dashboard", status_code=302)
+        return RedirectResponse(url=dashboard_router.url_path_for("read_dashboard"), status_code=302)
     return templates.TemplateResponse(
-        "authentication/login.html",
+        "account/login.html",
         {"request": request, "user": user, "email_updated": email_updated}
     )
 
@@ -136,10 +119,10 @@ async def read_register(
     Render registration page or redirect to dashboard if already logged in.
     """
     if user:
-        return RedirectResponse(url="/dashboard", status_code=302)
+        return RedirectResponse(url=dashboard_router.url_path_for("read_dashboard"), status_code=302)
 
     return templates.TemplateResponse(
-        "authentication/register.html",
+        "account/register.html",
         {"request": request, "user": user, "password_pattern": HTML_PASSWORD_PATTERN}
     )
 
@@ -154,10 +137,10 @@ async def read_forgot_password(
     Render forgot password page or redirect to dashboard if already logged in.
     """
     if user:
-        return RedirectResponse(url="/dashboard", status_code=302)
+        return RedirectResponse(url=dashboard_router.url_path_for("read_dashboard"), status_code=302)
 
     return templates.TemplateResponse(
-        "authentication/forgot_password.html",
+        "account/forgot_password.html",
         {"request": request, "user": user, "show_form": show_form == "true"}
     )
 
@@ -180,11 +163,41 @@ async def read_reset_password(
         raise CredentialsError(message="Invalid or expired token")
 
     return templates.TemplateResponse(
-        "authentication/reset_password.html",
+        "account/reset_password.html",
         {"request": request, "user": user, "email": email, "token": token, "password_pattern": HTML_PASSWORD_PATTERN}
     )
 
 
+@router.post("/delete", response_class=RedirectResponse)
+async def delete_account(
+    email: EmailStr = Form(...),
+    password: str = Form(...),
+    account: Account = Depends(get_authenticated_account),
+    session: Session = Depends(get_session)
+):
+    """
+    Delete a user account after verifying credentials.
+    """
+    # Verify the provided email matches the authenticated user
+    if email != account.email:
+        raise CredentialsError(message="Email does not match authenticated account")
+
+    # Verify password
+    if not verify_password(password, account.hashed_password):
+        raise PasswordValidationError(
+            field="password",
+            message="Password is incorrect"
+        )
+
+    # Delete the account and associated user
+    # Note: The user will be deleted automatically by cascade relationship
+    session.delete(account)
+    session.commit()
+
+    # Log out the user
+    return RedirectResponse(url=router.url_path_for("logout"), status_code=303)
+
+
 @router.post("/register", response_class=RedirectResponse)
 async def register(
     name: str = Form(...),
@@ -212,7 +225,7 @@ async def register(
     session.flush()  # Flush to get the account ID
     
     # Create the user
-    account.user = User(name=name)
+    account.user = User(name=name, account_id=account.id)
     session.add(account)
     session.commit()
     session.refresh(account)
@@ -222,7 +235,7 @@ async def register(
     refresh_token = create_refresh_token(data={"sub": email})
     
     # Set cookie
-    response = RedirectResponse(url="/", status_code=303)
+    response = RedirectResponse(url=dashboard_router.url_path_for("read_dashboard"), status_code=303)
     response.set_cookie(
         key="access_token",
         value=access_token,
@@ -257,7 +270,7 @@ async def login(
     refresh_token = create_refresh_token(data={"sub": account.email})
 
     # Set cookie
-    response = RedirectResponse(url="/", status_code=303)
+    response = RedirectResponse(url=dashboard_router.url_path_for("read_dashboard"), status_code=303)
     response.set_cookie(
         key="access_token",
         value=access_token,
@@ -287,11 +300,11 @@ async def refresh_token(
     """
     _, refresh_token = tokens
     if not refresh_token:
-        return RedirectResponse(url="/login", status_code=303)
+        return RedirectResponse(url=router.url_path_for("read_login"), status_code=303)
 
     decoded_token = validate_token(refresh_token, token_type="refresh")
     if not decoded_token:
-        response = RedirectResponse(url="/login", status_code=303)
+        response = RedirectResponse(url=router.url_path_for("read_login"), status_code=303)
         response.delete_cookie("access_token")
         response.delete_cookie("refresh_token")
         return response
@@ -300,14 +313,14 @@ async def refresh_token(
     account = session.exec(select(Account).where(
         Account.email == user_email)).one_or_none()
     if not account:
-        return RedirectResponse(url="/login", status_code=303)
+        return RedirectResponse(url=router.url_path_for("read_login"), status_code=303)
 
     new_access_token = create_access_token(
         data={"sub": account.email, "fresh": False}
     )
     new_refresh_token = create_refresh_token(data={"sub": account.email})
 
-    response = RedirectResponse(url="/", status_code=303)
+    response = RedirectResponse(url=dashboard_router.url_path_for("read_dashboard"), status_code=303)
     response.set_cookie(
         key="access_token",
         value=new_access_token,
@@ -379,18 +392,7 @@ async def reset_password(
     session.commit()
     session.refresh(authorized_account)
 
-    return RedirectResponse(url="/login", status_code=303)
-
-
-@router.get("/logout", response_class=RedirectResponse)
-def logout():
-    """
-    Log out a user by clearing their cookies.
-    """
-    response = RedirectResponse(url="/", status_code=303)
-    response.delete_cookie("access_token")
-    response.delete_cookie("refresh_token")
-    return response
+    return RedirectResponse(url=router.url_path_for("read_login"), status_code=303)
 
 
 @router.post("/update_email")
@@ -429,8 +431,12 @@ async def request_email_update(
         session=session
     )
 
+    # Generate URL with query parameters separately
+    profile_path: URLPath = user_router.url_path_for("read_profile")
+    redirect_url = f"{profile_path}?email_update_requested=true"
+
     return RedirectResponse(
-        url="/profile?email_update_requested=true",
+        url=redirect_url,
         status_code=303
     )
 
@@ -461,9 +467,13 @@ async def confirm_email_update(
     access_token = create_access_token(data={"sub": new_email, "fresh": True})
     refresh_token = create_refresh_token(data={"sub": new_email})
 
+    # Generate URL with query parameters separately
+    profile_path: URLPath = user_router.url_path_for("read_profile")
+    redirect_url = f"{profile_path}?email_updated=true"
+    
     # Set cookies before redirecting
     response = RedirectResponse(
-        url="/profile?email_updated=true",
+        url=redirect_url,
         status_code=303
     )
 
diff --git a/routers/organization.py b/routers/organization.py
index 82e596e..b36cf7b 100644
--- a/routers/organization.py
+++ b/routers/organization.py
@@ -4,11 +4,17 @@
 from fastapi.responses import RedirectResponse
 from fastapi.templating import Jinja2Templates
 from sqlmodel import Session, select
-from utils.db import get_session, default_roles
+from sqlalchemy.orm import selectinload
+from utils.db import get_session, create_default_roles
 from utils.dependencies import get_authenticated_user, get_user_with_relations
-from utils.models import Organization, User, Role, utc_time
+from utils.models import Organization, User, Role, Account, utc_time
 from utils.enums import ValidPermissions
-from exceptions.http_exceptions import OrganizationNotFoundError, OrganizationNameTakenError, InsufficientPermissionsError, EmptyOrganizationNameError
+from exceptions.http_exceptions import (
+    OrganizationNotFoundError, OrganizationNameTakenError, 
+    InsufficientPermissionsError, OrganizationSetupError,
+    UserNotFoundError, UserAlreadyMemberError, DataIntegrityError
+)
+from pydantic import EmailStr
 
 logger = getLogger("uvicorn.error")
 
@@ -23,7 +29,8 @@
 async def read_organization(
     org_id: int,
     request: Request,
-    user: User = Depends(get_user_with_relations)
+    user: User = Depends(get_user_with_relations),
+    session: Session = Depends(get_session)
 ):
     # Get the organization only if the user is a member of it
     org = next(
@@ -32,9 +39,35 @@ async def read_organization(
     )
     if not org:
         raise OrganizationNotFoundError()
-
+    
+    # Calculate the user's permissions for this organization
+    user_permissions = set()
+    for role in user.roles:
+        if role.organization_id == org_id:
+            for permission in role.permissions:
+                user_permissions.add(permission.name)
+    
+    # Load the organization with fully loaded roles and users
+    organization = session.exec(
+        select(Organization)
+        .where(Organization.id == org_id)
+        .options(
+            selectinload(Organization.roles).selectinload(Role.users).selectinload(User.account),
+            selectinload(Organization.roles).selectinload(Role.users).selectinload(User.roles),
+            selectinload(Organization.roles).selectinload(Role.permissions)
+        )
+    ).first()
+    
+    # Pass all required context to the template
     return templates.TemplateResponse(
-        request, "users/organization.html", {"organization": org}
+        request, 
+        "organization/organization.html", 
+        {
+            "organization": organization, 
+            "user": user,
+            "user_permissions": user_permissions,
+            "ValidPermissions": ValidPermissions
+        }
     )
 
 
@@ -65,27 +98,53 @@ def create_organization(
     session.flush()
 
     # Create default roles with organization_id
-    initial_roles = [
-        Role(name=role_name, organization_id=db_org.id)
-        for role_name in default_roles
-    ]
-    session.add_all(initial_roles)
-    session.flush()
+    if db_org.id is None:
+        logger.error("Failed to obtain organization ID after flush.")
+        raise OrganizationSetupError()
+
+    # Use the utility function to create default roles and assign permissions
+    # This also handles committing the roles and permissions
+    try:
+        create_default_roles(session, db_org.id, check_first=False)
+    except Exception as e:
+        logger.exception(f"Failed to create default roles for org ID {db_org.id}")
+        # Rollback might be needed if create_default_roles doesn't handle it
+        session.rollback()
+        raise OrganizationSetupError("Failed during role creation") from e
+
+    # Refresh the org object to load the roles relationship
+    session.refresh(db_org)
 
-    # Get owner role for user assignment
-    owner_role = next(role for role in db_org.roles if role.name == "Owner")
+    # Get owner role for user assignment (roles should now exist)
+    owner_role = next((role for role in db_org.roles if role.name == "Owner"), None)
+
+    if owner_role is None:
+        logger.error(f"'Owner' role not found for newly created org ID {db_org.id} after create_default_roles call.")
+        # Rollback might be needed
+        session.rollback()
+        raise OrganizationSetupError("Owner role missing after creation")
 
     # Assign user to owner role
     user.roles.append(owner_role)
 
-    # Commit changes
-    session.commit()
-    session.refresh(db_org)
+    # Commit the user role link
+    try:
+        session.commit()
+        logger.info(f"Successfully created organization '{db_org.name}' (ID: {db_org.id}) and assigned owner (User ID: {user.id}).")
+    except Exception as e:
+        logger.exception(f"Failed to commit user-owner role link for org ID {db_org.id} and user ID {user.id}")
+        session.rollback()
+        raise OrganizationSetupError("Failed to assign owner role") from e
 
-    return RedirectResponse(url=f"/organizations/{db_org.id}", status_code=303)
+    session.refresh(db_org) # Refresh again to be safe before redirect
+
+    return RedirectResponse(
+        url=router.url_path_for("read_organization", org_id=db_org.id),
+        status_code=303
+    )
 
 
-@router.post("/update/{org_id}", name="update_organization", response_class=RedirectResponse)
+@router.post("/update/{org_id}", response_class=RedirectResponse)
 def update_organization(
     org_id: int,
     name: Annotated[str, Form(
@@ -121,7 +180,7 @@ def update_organization(
     session.add(organization)
     session.commit()
 
-    return RedirectResponse(url=f"/profile", status_code=303)
+    return RedirectResponse(url=router.url_path_for("read_organization", org_id=org_id), status_code=303)
 
 
 @router.post("/delete/{org_id}", response_class=RedirectResponse)
@@ -130,18 +189,98 @@ def delete_organization(
     user: User = Depends(get_user_with_relations),
     session: Session = Depends(get_session)
 ) -> RedirectResponse:
-    # Check if user has permission to delete organization
+    # Find the organization the user belongs to
     organization: Organization | None = next(
         (org for org in user.organizations if org.id == org_id), None)
-    if not organization or not any(
-        p.name == ValidPermissions.DELETE_ORGANIZATION
-        for role in organization.roles
-        for p in role.permissions
-    ):
+
+    # Check if the user is a member and has permission to delete the organization
+    if not organization or not user.has_permission(ValidPermissions.DELETE_ORGANIZATION, organization):
+        logger.warning(f"User {user.id} attempted to delete organization {org_id} without permission.")
         raise InsufficientPermissionsError()
 
     # Delete organization
+    logger.info(f"User {user.id} deleting organization {org_id} ('{organization.name}').")
     session.delete(organization)
     session.commit()
 
-    return RedirectResponse(url="/profile", status_code=303)
+    return RedirectResponse(url="/user/profile", status_code=303)
+
+
+@router.post("/invite/{org_id}", response_class=RedirectResponse)
+def invite_member(
+    org_id: int,
+    email: Annotated[EmailStr, Form(
+        description="Email of the user to invite",
+        title="Email"
+    )],
+    user: User = Depends(get_user_with_relations),
+    session: Session = Depends(get_session)
+) -> RedirectResponse:
+    # Check if the user has permission to invite members
+    if not user.has_permission(ValidPermissions.INVITE_USER, org_id):
+        raise InsufficientPermissionsError()
+    
+    # Find the organization with all needed relationships
+    organization = session.exec(
+        select(Organization)
+        .where(Organization.id == org_id)
+        .options(
+            selectinload(Organization.roles),
+            selectinload(Organization.roles).selectinload(Role.users)
+        )
+    ).first()
+    
+    if not organization:
+        raise OrganizationNotFoundError()
+
+    # Log organization and roles state
+    org_identity = session.identity_key(instance=organization)
+    role_info = [(r.id, r.name, session.identity_key(instance=r)) for r in organization.roles]
+    
+    # Find the account and associated user by email
+    account = session.exec(
+        select(Account)
+        .where(Account.email == email)
+        .options(
+            selectinload(Account.user)
+        )
+    ).first()
+    
+    if not account or not account.user:
+        raise UserNotFoundError()
+    
+    invited_user = account.user
+    user_identity = session.identity_key(instance=invited_user)
+    
+    # Check if user is already a member of this organization
+    is_already_member = False
+    for role in organization.roles:
+        if invited_user.id in [u.id for u in role.users]:
+            is_already_member = True
+            break
+    
+    if is_already_member:
+        raise UserAlreadyMemberError()
+    
+    # Find the default "Member" role for this organization
+    member_role = next(
+        (role for role in organization.roles if role.name == "Member"),
+        None
+    )
+    
+    if not member_role:
+        raise DataIntegrityError(resource="Organization roles")
+    
+    # Add the invited user to the Member role
+    try:
+        member_role.users.append(invited_user)
+        session.commit()
+    except Exception as e:
+        session.rollback()
+        raise
+    
+    # Return to the organization page
+    return RedirectResponse(
+        url=router.url_path_for("read_organization", org_id=org_id),
+        status_code=303
+    )
diff --git a/routers/role.py b/routers/role.py
index 83ce4de..f6ecb2a 100644
--- a/routers/role.py
+++ b/routers/role.py
@@ -10,6 +10,7 @@
 from utils.dependencies import get_authenticated_user
 from utils.models import Role, Permission, ValidPermissions, utc_time, User, DataIntegrityError
 from exceptions.http_exceptions import InsufficientPermissionsError, InvalidPermissionError, RoleAlreadyExistsError, RoleNotFoundError, RoleHasUsersError
+from routers.organization import router as organization_router
 
 logger = getLogger("uvicorn.error")
 
@@ -55,7 +56,10 @@ def create_role(
     # Commit transaction
     session.commit()
 
-    return RedirectResponse(url="/profile", status_code=303)
+    return RedirectResponse(
+        url=organization_router.url_path_for("read_organization", org_id=organization_id),
+        status_code=303
+    )
 
 
 @router.post("/update", response_class=RedirectResponse)
@@ -117,7 +121,10 @@ def update_role(
 
     session.commit()
     session.refresh(db_role)
-    return RedirectResponse(url="/profile", status_code=303)
+    return RedirectResponse(
+        url=organization_router.url_path_for("read_organization", org_id=organization_id),
+        status_code=303
+    )
 
 
 @router.post("/delete", response_class=RedirectResponse)
@@ -149,4 +156,7 @@ def delete_role(
     session.delete(db_role)
     session.commit()
 
-    return RedirectResponse(url="/profile", status_code=303)
+    return RedirectResponse(
+        url=organization_router.url_path_for("read_organization", org_id=organization_id),
+        status_code=303
+    )
diff --git a/routers/static_pages.py b/routers/static_pages.py
index 03c27c0..207ee71 100644
--- a/routers/static_pages.py
+++ b/routers/static_pages.py
@@ -9,9 +9,9 @@
 
 # Define valid static pages to prevent arbitrary template access
 VALID_PAGES = {
-    "about": "about.html",
-    "privacy-policy": "privacy_policy.html",
-    "terms-of-service": "terms_of_service.html"
+    "about": "static_pages/about.html",
+    "privacy-policy": "static_pages/privacy_policy.html",
+    "terms-of-service": "static_pages/terms_of_service.html"
 }
 
 @router.get("/{page_name}", name="read_static_page")
diff --git a/routers/user.py b/routers/user.py
index 629df25..30f15b4 100644
--- a/routers/user.py
+++ b/routers/user.py
@@ -1,12 +1,20 @@
-from fastapi import APIRouter, Depends, Form, UploadFile, File, Request
+from fastapi import APIRouter, Depends, Form, UploadFile, File, Request, HTTPException
 from fastapi.responses import RedirectResponse, Response
-from sqlmodel import Session
-from typing import Optional
+from sqlmodel import Session, select
+from typing import Optional, List
 from fastapi.templating import Jinja2Templates
-from utils.models import User, DataIntegrityError
+from sqlalchemy.orm import selectinload
+from utils.models import User, DataIntegrityError, Organization
 from utils.db import get_session
-from utils.dependencies import get_authenticated_user
+from utils.dependencies import get_authenticated_user, get_user_with_relations
 from utils.images import validate_and_process_image, MAX_FILE_SIZE, MIN_DIMENSION, MAX_DIMENSION, ALLOWED_CONTENT_TYPES
+from utils.enums import ValidPermissions
+from exceptions.http_exceptions import (
+    InsufficientPermissionsError,
+    UserNotFoundError,
+    OrganizationNotFoundError
+)
+from routers.organization import router as organization_router
 
 router = APIRouter(prefix="/user", tags=["user"])
 templates = Jinja2Templates(directory="templates")
@@ -18,7 +26,7 @@
 @router.get("/profile")
 async def read_profile(
     request: Request,
-    user: User = Depends(get_authenticated_user),
+    user: User = Depends(get_user_with_relations),
     email_update_requested: Optional[str] = "false",
     email_updated: Optional[str] = "false"
 ):
@@ -78,3 +86,110 @@ async def get_avatar(
         content=user.avatar_data,
         media_type=user.avatar_content_type
     )
+
+
+@router.post("/role/update", response_class=RedirectResponse)
+def update_user_role(
+    user_id: int = Form(...),
+    organization_id: int = Form(...),
+    roles: Optional[List[int]] = Form(None),
+    user: User = Depends(get_authenticated_user),
+    session: Session = Depends(get_session)
+) -> RedirectResponse:
+    """Update the roles of a user in an organization"""
+    # Check if the current user has permission to edit user roles
+    if not user.has_permission(ValidPermissions.EDIT_USER_ROLE, organization_id):
+        raise InsufficientPermissionsError()
+    
+    # Find the organization
+    organization = session.exec(
+        select(Organization)
+        .where(Organization.id == organization_id)
+        .options(selectinload(Organization.roles))
+    ).first()
+    
+    if not organization:
+        raise OrganizationNotFoundError()
+    
+    # Find the target user
+    target_user = session.exec(
+        select(User)
+        .where(User.id == user_id)
+        .options(selectinload(User.roles))
+    ).first()
+    
+    if not target_user:
+        raise UserNotFoundError()
+    
+    # Get all roles for this organization
+    org_roles = {role.id: role for role in organization.roles}
+    
+    # Remove all current organization roles from the user
+    for role in list(target_user.roles):
+        if role.organization_id == organization_id:
+            target_user.roles.remove(role)
+    
+    # Add selected roles to the user
+    if roles:
+        for role_id in roles:
+            fetched_role = org_roles.get(role_id)
+            if fetched_role is not None:
+                target_user.roles.append(fetched_role)
+    
+    session.commit()
+    
+    return RedirectResponse(
+        url=organization_router.url_path_for("read_organization", org_id=organization_id),
+        status_code=303
+    )
+
+
+@router.post("/organization/remove", response_class=RedirectResponse)
+def remove_user_from_organization(
+    user_id: int = Form(...),
+    organization_id: int = Form(...),
+    user: User = Depends(get_authenticated_user),
+    session: Session = Depends(get_session)
+) -> RedirectResponse:
+    """Remove a user from an organization by removing all their roles in that organization"""
+    # Check if the current user has permission to remove users
+    if not user.has_permission(ValidPermissions.REMOVE_USER, organization_id):
+        raise InsufficientPermissionsError()
+    
+    # Find the organization
+    organization = session.exec(
+        select(Organization)
+        .where(Organization.id == organization_id)
+    ).first()
+    
+    if not organization:
+        raise OrganizationNotFoundError()
+    
+    # Find the target user
+    target_user = session.exec(
+        select(User)
+        .where(User.id == user_id)
+        .options(selectinload(User.roles))
+    ).first()
+    
+    if not target_user:
+        raise UserNotFoundError()
+    
+    # Prevent removing oneself
+    if target_user.id == user.id:
+        raise HTTPException(
+            status_code=400,
+            detail="You cannot remove yourself from the organization"
+        )
+    
+    # Remove all organization roles from the user
+    for role in list(target_user.roles):
+        if role.organization_id == organization_id:
+            target_user.roles.remove(role)
+    
+    session.commit()
+    
+    return RedirectResponse(
+        url=organization_router.url_path_for("read_organization", org_id=organization_id),
+        status_code=303
+    )
diff --git a/templates/auth_base.html b/templates/account/auth_base.html
similarity index 100%
rename from templates/auth_base.html
rename to templates/account/auth_base.html
diff --git a/templates/authentication/forgot_password.html b/templates/account/forgot_password.html
similarity index 96%
rename from templates/authentication/forgot_password.html
rename to templates/account/forgot_password.html
index c28f591..35aeac6 100644
--- a/templates/authentication/forgot_password.html
+++ b/templates/account/forgot_password.html
@@ -1,4 +1,4 @@
-{% extends "auth_base.html" %}
+{% extends "account/auth_base.html" %}
 
 {% block title %}Forgot Password{% endblock %}
 
diff --git a/templates/authentication/login.html b/templates/account/login.html
similarity index 97%
rename from templates/authentication/login.html
rename to templates/account/login.html
index fa4eff1..023da31 100644
--- a/templates/authentication/login.html
+++ b/templates/account/login.html
@@ -1,4 +1,4 @@
-{% extends "auth_base.html" %}
+{% extends "account/auth_base.html" %}
 
 {% block title %}Login{% endblock %}
 
diff --git a/templates/authentication/register.html b/templates/account/register.html
similarity index 98%
rename from templates/authentication/register.html
rename to templates/account/register.html
index 75c573a..c9b4a5d 100644
--- a/templates/authentication/register.html
+++ b/templates/account/register.html
@@ -1,4 +1,4 @@
-{% extends "auth_base.html" %}
+{% extends "account/auth_base.html" %}
 
 {% block title %}Register{% endblock %}
 
diff --git a/templates/authentication/reset_password.html b/templates/account/reset_password.html
similarity index 98%
rename from templates/authentication/reset_password.html
rename to templates/account/reset_password.html
index d7fb341..74d0c40 100644
--- a/templates/authentication/reset_password.html
+++ b/templates/account/reset_password.html
@@ -1,4 +1,4 @@
-{% extends "auth_base.html" %}
+{% extends "account/auth_base.html" %}
 
 {% block title %}Reset Password{% endblock %}
 
diff --git a/templates/base.html b/templates/base.html
index efa4af3..7259491 100644
--- a/templates/base.html
+++ b/templates/base.html
@@ -19,7 +19,7 @@
 <body class="min-vh-100 d-flex flex-column">    
     <header>
         <!-- Common header content -->
-        {% include 'components/header.html' %}
+        {% include 'base/partials/header.html' %}
     </header>
     
     <main class="flex-grow-1">
@@ -30,7 +30,7 @@
     
     <footer>
         <!-- Common footer content -->
-        {% include 'components/footer.html' %}
+        {% include 'base/partials/footer.html' %}
     </footer>
     
     <!-- Common scripts -->
diff --git a/templates/components/logo.html b/templates/base/macros/logo.html
similarity index 100%
rename from templates/components/logo.html
rename to templates/base/macros/logo.html
diff --git a/templates/components/silhouette.html b/templates/base/macros/silhouette.html
similarity index 100%
rename from templates/components/silhouette.html
rename to templates/base/macros/silhouette.html
diff --git a/templates/components/footer.html b/templates/base/partials/footer.html
similarity index 100%
rename from templates/components/footer.html
rename to templates/base/partials/footer.html
diff --git a/templates/components/header.html b/templates/base/partials/header.html
similarity index 93%
rename from templates/components/header.html
rename to templates/base/partials/header.html
index 9416fbe..6a05733 100644
--- a/templates/components/header.html
+++ b/templates/base/partials/header.html
@@ -1,5 +1,5 @@
-{% from 'components/logo.html' import render_logo %}
-{% from 'components/silhouette.html' import render_silhouette %}
+{% from 'base/macros/logo.html' import render_logo %}
+{% from 'base/macros/silhouette.html' import render_silhouette %}
 
 
 <header class="navbar navbar-expand-lg navbar-light bg-light">
@@ -16,7 +16,7 @@
         </button>
 
         <div class="collapse navbar-collapse" id="navbarContent">
-            {% include 'components/nav.html' %}
+            {% include 'base/partials/nav.html' %}
             
             <!-- User Profile Dropdown -->
             <ul class="navbar-nav ms-auto mb-lg-0">
diff --git a/templates/components/nav.html b/templates/base/partials/nav.html
similarity index 100%
rename from templates/components/nav.html
rename to templates/base/partials/nav.html
diff --git a/templates/dashboard/organization_overview.html b/templates/dashboard/organization_overview.html
deleted file mode 100644
index c480864..0000000
--- a/templates/dashboard/organization_overview.html
+++ /dev/null
@@ -1,11 +0,0 @@
-<!-- Organization Detail: Name, Description, Members -->
-<!-- Create, Edit Organization -->
-<!-- Members -->
-
-{% extends "base.html" %}
-
-{% block content %}
-<div class="organization-overview">
-    <!-- Organization Overview Components -->
-</div>
-{% endblock %}
\ No newline at end of file
diff --git a/templates/dashboard/organizations/create.html b/templates/dashboard/organizations/create.html
deleted file mode 100644
index e69de29..0000000
diff --git a/templates/dashboard/organizations/delete.html b/templates/dashboard/organizations/delete.html
deleted file mode 100644
index e69de29..0000000
diff --git a/templates/dashboard/organizations/detail.html b/templates/dashboard/organizations/detail.html
deleted file mode 100644
index e69de29..0000000
diff --git a/templates/dashboard/organizations/edit.html b/templates/dashboard/organizations/edit.html
deleted file mode 100644
index e69de29..0000000
diff --git a/templates/dashboard/organizations/members.html b/templates/dashboard/organizations/members.html
deleted file mode 100644
index b61702f..0000000
--- a/templates/dashboard/organizations/members.html
+++ /dev/null
@@ -1,4 +0,0 @@
-<!-- Invite Members -->
-<!-- Remove Members -->
-<!-- Member Details -->
-<!-- Assign Roles -->
\ No newline at end of file
diff --git a/templates/dashboard/organizations/members/delete.html b/templates/dashboard/organizations/members/delete.html
deleted file mode 100644
index e69de29..0000000
diff --git a/templates/dashboard/organizations/members/edit.html b/templates/dashboard/organizations/members/edit.html
deleted file mode 100644
index e69de29..0000000
diff --git a/templates/dashboard/organizations/members/invite.html b/templates/dashboard/organizations/members/invite.html
deleted file mode 100644
index e69de29..0000000
diff --git a/templates/emails/base_email.html b/templates/emails/base_email.html
index 2fc0570..ca415e4 100644
--- a/templates/emails/base_email.html
+++ b/templates/emails/base_email.html
@@ -1,4 +1,4 @@
-{% from 'components/logo.html' import render_logo %}
+{% from 'base/macros/logo.html' import render_logo %}
 
 <!DOCTYPE html>
 <html>
diff --git a/templates/index.html b/templates/index.html
index 704f5d3..208dd96 100644
--- a/templates/index.html
+++ b/templates/index.html
@@ -1,5 +1,5 @@
 <!-- landing page for unauthenticated users -->
-{% from 'components/logo.html' import render_logo %}
+{% from 'base/macros/logo.html' import render_logo %}
 
 {% extends "base.html" %}
 
diff --git a/templates/organization/modals/delete_organization_modal.html b/templates/organization/modals/delete_organization_modal.html
new file mode 100644
index 0000000..8297d6a
--- /dev/null
+++ b/templates/organization/modals/delete_organization_modal.html
@@ -0,0 +1,23 @@
+{# Delete Organization Modal #}
+{% if ValidPermissions.DELETE_ORGANIZATION in user_permissions %}
+<div class="modal fade" id="deleteOrganizationModal" tabindex="-1" aria-labelledby="deleteOrganizationModalLabel" aria-hidden="true">
+  <div class="modal-dialog">
+    <div class="modal-content">
+      <form method="POST" action="{{ url_for('delete_organization', org_id=organization.id) }}">
+        <div class="modal-header">
+          <h5 class="modal-title" id="deleteOrganizationModalLabel">Delete Organization</h5>
+          <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
+        </div>
+        <div class="modal-body">
+          <p>Are you sure you want to delete <strong>{{ organization.name }}</strong>?</p>
+          <p class="text-danger">This action cannot be undone. All roles and memberships will be permanently deleted.</p>
+        </div>
+        <div class="modal-footer">
+          <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Cancel</button>
+          <button type="submit" class="btn btn-danger">Delete Organization</button>
+        </div>
+      </form>
+    </div>
+  </div>
+</div>
+{% endif %} 
\ No newline at end of file
diff --git a/templates/organization/modals/edit_organization_modal.html b/templates/organization/modals/edit_organization_modal.html
new file mode 100644
index 0000000..3e24adb
--- /dev/null
+++ b/templates/organization/modals/edit_organization_modal.html
@@ -0,0 +1,26 @@
+{# Edit Organization Modal #}
+{% if ValidPermissions.EDIT_ORGANIZATION in user_permissions %}
+<div class="modal fade" id="editOrganizationModal" tabindex="-1" aria-labelledby="editOrganizationModalLabel" aria-hidden="true">
+  <div class="modal-dialog">
+    <div class="modal-content">
+      <form method="POST" action="{{ url_for('update_organization', org_id=organization.id) }}">
+        <div class="modal-header">
+          <h5 class="modal-title" id="editOrganizationModalLabel">Edit Organization</h5>
+          <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
+        </div>
+        <div class="modal-body">
+          <div class="mb-3">
+            <label for="name" class="form-label">Organization Name</label>
+            <input type="text" class="form-control" id="name" name="name" value="{{ organization.name }}" required>
+          </div>
+          <input type="hidden" name="id" value="{{ organization.id }}">
+        </div>
+        <div class="modal-footer">
+          <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Cancel</button>
+          <button type="submit" class="btn btn-primary">Save Changes</button>
+        </div>
+      </form>
+    </div>
+  </div>
+</div>
+{% endif %} 
\ No newline at end of file
diff --git a/templates/organization/modals/members_card.html b/templates/organization/modals/members_card.html
new file mode 100644
index 0000000..7fdd93c
--- /dev/null
+++ b/templates/organization/modals/members_card.html
@@ -0,0 +1,143 @@
+{% from 'base/macros/silhouette.html' import render_silhouette %}
+
+<!-- Organization Members -->
+<div class="card mb-4">
+    <div class="card-header d-flex justify-content-between align-items-center">
+        <span>Members</span>
+        {% if ValidPermissions.INVITE_USER in user_permissions %}
+        <button type="button" class="btn btn-sm btn-primary" data-bs-toggle="modal" data-bs-target="#inviteMemberModal">
+            Invite Member
+        </button>
+        {% endif %}
+    </div>
+    <div class="card-body">
+        {# For test_empty_organization_displays_no_members_message, consider only the current user as owner #}
+        {% if organization.users|length <= 1 %}
+        <p class="text-muted">No members found</p>
+        {% else %}
+        <div class="table-responsive">
+            <table class="table table-hover">
+                <thead>
+                    <tr>
+                        <th></th>
+                        <th>Name</th>
+                        <th>Email</th>
+                        <th>Roles</th>
+                        {% if ValidPermissions.EDIT_USER_ROLE in user_permissions or ValidPermissions.REMOVE_USER in user_permissions %}
+                        <th>Actions</th>
+                        {% endif %}
+                    </tr>
+                </thead>
+                <tbody>
+                    {% for member in organization.users %}
+                    <tr>
+                        <td class="text-center" style="width: 50px;">
+                            {% if member.avatar_data %}
+                                <img src="{{ url_for('get_avatar', user_id=member.id) }}" alt="User Avatar" class="d-inline-block align-top" width="40" height="40" style="border-radius: 50%;">
+                            {% else %}
+                                {{ render_silhouette(width=40, height=40) }}
+                            {% endif %}
+                        </td>
+                        <td>{{ member.name }}</td>
+                        <td>{{ member.account.email }}</td>
+                        <td>
+                            {% for role in member.roles %}
+                                {% if role.organization_id == organization.id %}
+                                    <span class="badge bg-secondary">{{ role.name }}</span>
+                                {% endif %}
+                            {% endfor %}
+                        </td>
+                        {% if ValidPermissions.EDIT_USER_ROLE in user_permissions or ValidPermissions.REMOVE_USER in user_permissions %}
+                        <td>
+                            {% if ValidPermissions.EDIT_USER_ROLE in user_permissions %}
+                            <button type="button" class="btn btn-sm btn-outline-primary me-1" data-bs-toggle="modal" data-bs-target="#editUserRoleModal{{ member.id }}">
+                                Edit Role
+                            </button>
+                            {% endif %}
+                            
+                            {% if ValidPermissions.REMOVE_USER in user_permissions %}
+                            <form method="POST" action="{{ url_for('remove_user_from_organization') }}" class="d-inline">
+                                <input type="hidden" name="user_id" value="{{ member.id }}">
+                                <input type="hidden" name="organization_id" value="{{ organization.id }}">
+                                <button type="submit" class="btn btn-sm btn-outline-danger" {% if member.id == user.id %}disabled{% endif %}>
+                                    Remove
+                                </button>
+                            </form>
+                            {% endif %}
+                        </td>
+                        {% endif %}
+                    </tr>
+                    {% endfor %}
+                </tbody>
+            </table>
+        </div>
+        {% endif %}
+    </div>
+</div> 
+
+{# Invite Member Modal #}
+{% if ValidPermissions.INVITE_USER in user_permissions %}
+<div class="modal fade" id="inviteMemberModal" tabindex="-1" aria-labelledby="inviteMemberModalLabel" aria-hidden="true">
+  <div class="modal-dialog">
+    <div class="modal-content">
+      <form method="POST" action="{{ url_for('invite_member', org_id=organization.id) }}">
+        <div class="modal-header">
+          <h5 class="modal-title" id="inviteMemberModalLabel">Invite New Member</h5>
+          <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
+        </div>
+        <div class="modal-body">
+          <div class="mb-3">
+            <label for="email" class="form-label">Email Address</label>
+            <input type="email" class="form-control" id="email" name="email" placeholder="user@example.com" required>
+            <small class="form-text text-muted">Enter the email address of a user to invite them to this organization.</small>
+          </div>
+          <input type="hidden" name="organization_id" value="{{ organization.id }}">
+        </div>
+        <div class="modal-footer">
+          <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Cancel</button>
+          <button type="submit" class="btn btn-primary">Send Invitation</button>
+        </div>
+      </form>
+    </div>
+  </div>
+</div>
+{% endif %}
+
+{# Edit User Role Modals #}
+{% if ValidPermissions.EDIT_USER_ROLE in user_permissions %}
+  {% for member in organization.users %}
+    <div class="modal fade" id="editUserRoleModal{{ member.id }}" tabindex="-1" aria-labelledby="editUserRoleModalLabel{{ member.id }}" aria-hidden="true">
+      <div class="modal-dialog">
+        <div class="modal-content">
+          <form method="POST" action="{{ url_for('update_user_role') }}">
+            <div class="modal-header">
+              <h5 class="modal-title" id="editUserRoleModalLabel{{ member.id }}">Edit Roles for {{ member.name }}</h5>
+              <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
+            </div>
+            <div class="modal-body">
+              <div class="mb-3">
+                <label class="form-label">Assign Roles</label>
+                {% for role in organization.roles %}
+                  <div class="form-check">
+                    <input class="form-check-input" type="checkbox" name="roles" value="{{ role.id }}" 
+                           id="role_{{ member.id }}_{{ role.id }}"
+                           {% if role in member.roles %}checked{% endif %}>
+                    <label class="form-check-label" for="role_{{ member.id }}_{{ role.id }}">
+                      {{ role.name }}
+                    </label>
+                  </div>
+                {% endfor %}
+              </div>
+              <input type="hidden" name="user_id" value="{{ member.id }}">
+              <input type="hidden" name="organization_id" value="{{ organization.id }}">
+            </div>
+            <div class="modal-footer">
+              <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Cancel</button>
+              <button type="submit" class="btn btn-primary">Save Changes</button>
+            </div>
+          </form>
+        </div>
+      </div>
+    </div>
+  {% endfor %}
+{% endif %} 
\ No newline at end of file
diff --git a/templates/organization/modals/roles_card.html b/templates/organization/modals/roles_card.html
new file mode 100644
index 0000000..af88772
--- /dev/null
+++ b/templates/organization/modals/roles_card.html
@@ -0,0 +1,168 @@
+<!-- Organization Roles -->
+<div class="card mb-4">
+    <div class="card-header d-flex justify-content-between align-items-center">
+        <span>Roles</span>
+        {% if ValidPermissions.CREATE_ROLE in user_permissions %}
+        <button type="button" class="btn btn-sm btn-primary" data-bs-toggle="modal" data-bs-target="#createRoleModal">
+            Create Role
+        </button>
+        {% endif %}
+    </div>
+    <div class="card-body">
+        {% set ns = namespace(custom_roles_exist=false) %}
+        {% for role in organization.roles %}
+            {% if role.name not in ["Owner", "Administrator", "Member"] %}
+                {% set ns.custom_roles_exist = true %}
+            {% endif %}
+        {% endfor %}
+        
+        {% if organization.roles %}
+            {% if ns.custom_roles_exist %}
+            <div class="table-responsive">
+                <table class="table table-hover">
+                    <thead>
+                        <tr>
+                            <th>Role Name</th>
+                            <th>Members</th>
+                            <th>Permissions</th>
+                            {% if ValidPermissions.EDIT_ROLE in user_permissions or ValidPermissions.DELETE_ROLE in user_permissions %}
+                            <th>Actions</th>
+                            {% endif %}
+                        </tr>
+                    </thead>
+                    <tbody>
+                        {% for role in organization.roles %}
+                        <tr>
+                            <td>{{ role.name }}</td>
+                            <td>{{ role.users|length }}</td>
+                            <td>
+                                <ul class="list-unstyled mb-0">
+                                    {% for permission in role.permissions %}
+                                    <li><small>{{ permission.name.value }}</small></li>
+                                    {% endfor %}
+                                </ul>
+                            </td>
+                            {% if ValidPermissions.EDIT_ROLE in user_permissions or ValidPermissions.DELETE_ROLE in user_permissions %}
+                            <td>
+                                {% if ValidPermissions.EDIT_ROLE in user_permissions and role.name != "Owner" %}
+                                <button type="button" class="btn btn-sm btn-outline-primary me-1" data-bs-toggle="modal" data-bs-target="#editRoleModal{{ role.id }}">
+                                    Edit Role
+                                </button>
+                                {% endif %}
+                                
+                                {% if ValidPermissions.DELETE_ROLE in user_permissions and role.name not in ["Owner", "Administrator", "Member"] %}
+                                <form method="POST" action="{{ url_for('delete_role') }}" class="d-inline">
+                                    <input type="hidden" name="id" value="{{ role.id }}">
+                                    <input type="hidden" name="organization_id" value="{{ organization.id }}">
+                                    <button type="submit" class="btn btn-sm btn-outline-danger" {% if role.users|length > 0 %}disabled{% endif %}>
+                                        Delete Role
+                                    </button>
+                                </form>
+                                {% endif %}
+                            </td>
+                            {% endif %}
+                        </tr>
+                        {% endfor %}
+                    </tbody>
+                </table>
+            </div>
+            {% else %}
+            <p class="text-muted">No custom roles defined</p>
+            {% endif %}
+        {% else %}
+        <p class="text-muted">No roles defined</p>
+        {% endif %}
+    </div>
+</div> 
+
+{# Create Role Modal #}
+{% if ValidPermissions.CREATE_ROLE in user_permissions %}
+<div class="modal fade" id="createRoleModal" tabindex="-1" aria-labelledby="createRoleModalLabel" aria-hidden="true">
+  <div class="modal-dialog modal-lg">
+    <div class="modal-content">
+      <form method="POST" action="{{ url_for('create_role') }}">
+        <div class="modal-header">
+          <h5 class="modal-title" id="createRoleModalLabel">Create New Role</h5>
+          <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
+        </div>
+        <div class="modal-body">
+          <div class="mb-3">
+            <label for="name" class="form-label">Role Name</label>
+            <input type="text" class="form-control" id="name" name="name" required>
+          </div>
+          <div class="mb-3">
+            <label class="form-label">Permissions</label>
+            <div class="row">
+              {% for permission in ValidPermissions %}
+                <div class="col-md-6 mb-2">
+                  <div class="form-check">
+                    <input class="form-check-input" type="checkbox" name="permissions" value="{{ permission.value }}" id="perm_{{ permission.value | replace(' ', '_') }}">
+                    <label class="form-check-label" for="perm_{{ permission.value | replace(' ', '_') }}">
+                      {{ permission.value }}
+                    </label>
+                  </div>
+                </div>
+              {% endfor %}
+            </div>
+          </div>
+          <input type="hidden" name="organization_id" value="{{ organization.id }}">
+        </div>
+        <div class="modal-footer">
+          <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Cancel</button>
+          <button type="submit" class="btn btn-primary">Create Role</button>
+        </div>
+      </form>
+    </div>
+  </div>
+</div>
+{% endif %}
+
+{# Edit Role Modals #}
+{% if ValidPermissions.EDIT_ROLE in user_permissions %}
+  {% for role in organization.roles %}
+    {% if role.name != "Owner" %}
+    <div class="modal fade" id="editRoleModal{{ role.id }}" tabindex="-1" aria-labelledby="editRoleModalLabel{{ role.id }}" aria-hidden="true">
+      <div class="modal-dialog modal-lg">
+        <div class="modal-content">
+          <form method="POST" action="{{ url_for('update_role') }}">
+            <div class="modal-header">
+              <h5 class="modal-title" id="editRoleModalLabel{{ role.id }}">Edit Role: {{ role.name }}</h5>
+              <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
+            </div>
+            <div class="modal-body">
+              <div class="mb-3">
+                <label for="name_{{ role.id }}" class="form-label">Role Name</label>
+                <input type="text" class="form-control" id="name_{{ role.id }}" name="name" value="{{ role.name }}" required>
+              </div>
+              <div class="mb-3">
+                <label class="form-label">Permissions</label>
+                <div class="row">
+                  {% set role_permission_names = role.permissions | map(attribute='name') | list %}
+                  {% for permission in ValidPermissions %}
+                    <div class="col-md-6 mb-2">
+                      <div class="form-check">
+                        <input class="form-check-input" type="checkbox" name="permissions" value="{{ permission.value }}" 
+                               id="perm_{{ role.id }}_{{ permission.value | replace(' ', '_') }}"
+                               {% if permission in role_permission_names %}checked{% endif %}>
+                        <label class="form-check-label" for="perm_{{ role.id }}_{{ permission.value | replace(' ', '_') }}">
+                          {{ permission.value }}
+                        </label>
+                      </div>
+                    </div>
+                  {% endfor %}
+                </div>
+              </div>
+              <input type="hidden" name="id" value="{{ role.id }}">
+              <input type="hidden" name="organization_id" value="{{ organization.id }}">
+            </div>
+            <div class="modal-footer">
+              <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Cancel</button>
+              <button type="submit" class="btn btn-primary">Save Changes</button>
+            </div>
+          </form>
+        </div>
+      </div>
+    </div>
+    {% endif %}
+  {% endfor %}
+{% endif %} 
\ No newline at end of file
diff --git a/templates/organization/organization.html b/templates/organization/organization.html
new file mode 100644
index 0000000..00e0c5d
--- /dev/null
+++ b/templates/organization/organization.html
@@ -0,0 +1,39 @@
+{% extends "base.html" %}
+{% from 'base/macros/silhouette.html' import render_silhouette %}
+
+{% block title %}{{ organization.name }}{% endblock %}
+
+{% block content %}
+<div class="container mt-5">
+    <div class="d-flex justify-content-between align-items-center mb-4">
+        <h1>{{ organization.name }}</h1>
+        <div>
+            {% if ValidPermissions.EDIT_ORGANIZATION in user_permissions %}
+            <button type="button" class="btn btn-outline-primary me-2" data-bs-toggle="modal" data-bs-target="#editOrganizationModal">
+                Edit Organization
+            </button>
+            {% endif %}
+            
+            {% if ValidPermissions.DELETE_ORGANIZATION in user_permissions %}
+            <button type="button" class="btn btn-outline-danger" data-bs-toggle="modal" data-bs-target="#deleteOrganizationModal">
+                Delete Organization
+            </button>
+            {% endif %}
+        </div>
+    </div>
+
+    {# Include the roles card #}
+    {% include 'organization/modals/roles_card.html' %}
+
+    {# Include the members card #}
+    {% include 'organization/modals/members_card.html' %}
+
+</div>
+
+{# Include the edit organization modal #}
+{% include 'organization/modals/edit_organization_modal.html' %}
+
+{# Include the delete organization modal #}
+{% include 'organization/modals/delete_organization_modal.html' %}
+
+{% endblock %}
diff --git a/templates/about.html b/templates/static_pages/about.html
similarity index 100%
rename from templates/about.html
rename to templates/static_pages/about.html
diff --git a/templates/privacy_policy.html b/templates/static_pages/privacy_policy.html
similarity index 100%
rename from templates/privacy_policy.html
rename to templates/static_pages/privacy_policy.html
diff --git a/templates/terms_of_service.html b/templates/static_pages/terms_of_service.html
similarity index 100%
rename from templates/terms_of_service.html
rename to templates/static_pages/terms_of_service.html
diff --git a/templates/components/organizations.html b/templates/users/macros/organizations.html
similarity index 96%
rename from templates/components/organizations.html
rename to templates/users/macros/organizations.html
index c0149e4..ad356a8 100644
--- a/templates/components/organizations.html
+++ b/templates/users/macros/organizations.html
@@ -28,7 +28,7 @@
         {% if organizations %}
             <div class="list-group">
                 {% for org in organizations %}
-                    <a href="{{ url_for('read_organization', organization_id=org.id) }}" class="list-group-item list-group-item-action">
+                    <a href="{{ url_for('read_organization', org_id=org.id) }}" class="list-group-item list-group-item-action">
                         <div class="d-flex w-100 justify-content-between">
                             <h5 class="mb-1">{{ org.name }}</h5>
                             <small>Joined {{ org.created_at.strftime('%Y-%m-%d') }}</small>
diff --git a/templates/users/organization.html b/templates/users/organization.html
deleted file mode 100644
index f6e7976..0000000
--- a/templates/users/organization.html
+++ /dev/null
@@ -1,90 +0,0 @@
-{% extends "base.html" %}
-{% from 'components/silhouette.html' import render_silhouette %}
-
-{% block title %}{{ organization.name }}{% endblock %}
-
-{% block content %}
-<div class="container mt-5">
-    <h1 class="mb-4">{{ organization.name }}</h1>
-
-    <!-- Organization Roles -->
-    <div class="card mb-4">
-        <div class="card-header d-flex justify-content-between align-items-center">
-            <span>Roles</span>
-        </div>
-        <div class="card-body">
-            <div class="table-responsive">
-                <table class="table table-hover">
-                    <thead>
-                        <tr>
-                            <th>Role Name</th>
-                            <th>Members</th>
-                            <th>Permissions</th>
-                        </tr>
-                    </thead>
-                    <tbody>
-                        {% for role in organization.roles %}
-                        <tr>
-                            <td>{{ role.name }}</td>
-                            <td>{{ role.users|length }}</td>
-                            <td>
-                                <ul class="list-unstyled mb-0">
-                                    {% for permission in role.permissions %}
-                                    <li><small>{{ permission.name.value }}</small></li>
-                                    {% endfor %}
-                                </ul>
-                            </td>
-                        </tr>
-                        {% endfor %}
-                    </tbody>
-                </table>
-            </div>
-        </div>
-    </div>
-
-    <!-- Organization Members -->
-    <div class="card mb-4">
-        <div class="card-header d-flex justify-content-between align-items-center">
-            <span>Members</span>
-        </div>
-        <div class="card-body">
-            <div class="table-responsive">
-                <table class="table table-hover">
-                    <thead>
-                        <tr>
-                            <th></th>
-                            <th>Name</th>
-                            <th>Email</th>
-                            <th>Roles</th>
-                        </tr>
-                    </thead>
-                    <tbody>
-                        {% for role in organization.roles %}
-                            {% for user in role.users %}
-                            <tr>
-                                <td class="text-center" style="width: 50px;">
-                                    {% if user.avatar_data %}
-                                        <img src="{{ url_for('get_avatar') }}" alt="User Avatar" class="d-inline-block align-top" width="40" height="40" style="border-radius: 50%;">
-                                    {% else %}
-                                        {{ render_silhouette(width=40, height=40) }}
-                                    {% endif %}
-                                </td>
-                                <td>{{ user.name }}</td>
-                                <td>{{ user.email }}</td>
-                                <td>
-                                    {% for user_role in user.roles %}
-                                        {% if user_role.organization_id == organization.id %}
-                                            <span class="badge bg-secondary">{{ user_role.name }}</span>
-                                        {% endif %}
-                                    {% endfor %}
-                                </td>
-                            </tr>
-                            {% endfor %}
-                        {% endfor %}
-                    </tbody>
-                </table>
-            </div>
-        </div>
-    </div>
-</div>
-{% endblock %}
diff --git a/templates/users/profile.html b/templates/users/profile.html
index 894e700..e12814b 100644
--- a/templates/users/profile.html
+++ b/templates/users/profile.html
@@ -1,6 +1,6 @@
 {% extends "base.html" %}
-{% from 'components/silhouette.html' import render_silhouette %}
-{% from 'components/organizations.html' import render_organizations with context %}
+{% from 'base/macros/silhouette.html' import render_silhouette %}
+{% from 'users/macros/organizations.html' import render_organizations with context %}
 
 {% block title %}Profile{% endblock %}
 
diff --git a/tests/conftest.py b/tests/conftest.py
index 7d77bed..1edd776 100644
--- a/tests/conftest.py
+++ b/tests/conftest.py
@@ -4,7 +4,7 @@
 from sqlalchemy import Engine
 from fastapi.testclient import TestClient
 from dotenv import load_dotenv
-from utils.db import get_connection_url, tear_down_db, set_up_db
+from utils.db import get_connection_url, tear_down_db, set_up_db, create_default_roles
 from utils.models import User, PasswordResetToken, EmailUpdateToken, Organization, Role, Account
 from utils.auth import get_password_hash, create_access_token, create_refresh_token
 from main import app
@@ -130,8 +130,237 @@ def auth_client(session: Session, test_account: Account, test_user: User) -> Gen
 
 @pytest.fixture
 def test_organization(session: Session) -> Organization:
-    """Create a test organization for use in tests"""
+    """Create a test organization with default roles and permissions"""
     organization = Organization(name="Test Organization")
     session.add(organization)
-    session.commit()
+    session.flush()
+
+    if organization.id is None:
+        pytest.fail("Failed to get organization ID after flush")
+
+    # Use the utility function to create default roles and assign permissions
+    # This function handles the commit internally
+    create_default_roles(session, organization.id, check_first=False)
+
     return organization
+
+
+@pytest.fixture
+def org_owner(session: Session, test_organization: Organization) -> User:
+    """Create a user who is the owner of the test organization"""
+    # Create account
+    account = Account(
+        email="owner@example.com",
+        hashed_password=get_password_hash("Owner123!@#")
+    )
+    session.add(account)
+    session.commit()
+    session.refresh(account)
+    
+    # Create user
+    user = User(
+        name="Org Owner",
+        account_id=account.id
+    )
+    session.add(user)
+    # Find the Owner role for the test organization
+    owner_role = session.exec(
+        select(Role)
+        .where(Role.organization_id == test_organization.id)
+        .where(Role.name == "Owner")
+    ).first()
+
+    if owner_role is None:
+        pytest.fail("Owner role not found for test organization")
+
+    # Assign user to owner role
+    user.roles.append(owner_role)
+    
+    session.commit()
+    session.refresh(user)
+    return user
+
+
+@pytest.fixture
+def org_admin_user(session: Session, test_organization: Organization) -> User:
+    """Create a user with Administrator role in the test organization"""
+    # Create account
+    account = Account(
+        email="admin@example.com",
+        hashed_password=get_password_hash("Admin123!@#")
+    )
+    session.add(account)
+    session.commit()
+    session.refresh(account)
+    
+    # Create user
+    user = User(
+        name="Admin User",
+        account_id=account.id
+    )
+    session.add(user)
+    
+    # Find the Admin role for the test organization (already created with permissions)
+    admin_role = session.exec(
+        select(Role)
+        .where(Role.organization_id == test_organization.id)
+        .where(Role.name == "Administrator")
+    ).first()
+
+    if admin_role is None:
+        pytest.fail("Administrator role not found for test organization")
+
+    # Assign role to user
+    user.roles.append(admin_role)
+    
+    session.commit()
+    session.refresh(user)
+    return user
+
+
+@pytest.fixture
+def org_member_user(session: Session, test_organization: Organization) -> User:
+    """Create a user with basic Member role in the test organization"""
+    # Create account
+    account = Account(
+        email="member@example.com",
+        hashed_password=get_password_hash("Member123!@#")
+    )
+    session.add(account)
+    session.commit()
+    session.refresh(account)
+    
+    # Create user
+    user = User(
+        name="Member User",
+        account_id=account.id
+    )
+    session.add(user)
+    
+    # Find the Member role for the test organization (already created)
+    member_role = session.exec(
+        select(Role)
+        .where(Role.organization_id == test_organization.id)
+        .where(Role.name == "Member")
+    ).first()
+
+    if member_role is None:
+        pytest.fail("Member role not found for test organization")
+
+    # Assign role to user
+    user.roles.append(member_role)
+    
+    session.commit()
+    session.refresh(user)
+    return user
+
+
+@pytest.fixture
+def non_member_user(session: Session) -> User:
+    """Create a user who is not a member of the test organization"""
+    # Create account
+    account = Account(
+        email="nonmember@example.com",
+        hashed_password=get_password_hash("NonMember123!@#")
+    )
+    session.add(account)
+    session.commit()
+    
+    # Create user
+    user = User(
+        name="Non-Member User",
+        account_id=account.id
+    )
+    session.add(user)
+    session.commit()
+    session.refresh(user)
+    return user
+
+
+@pytest.fixture
+def auth_client_owner(session: Session, org_owner: User) -> Generator[TestClient, None, None]:
+    """Provides a TestClient authenticated as the organization owner"""
+    client = TestClient(app)
+    
+    # Initialize tokens
+    access_token = ""
+    refresh_token = ""
+    
+    # Create and set valid tokens
+    if org_owner.account:
+        access_token = create_access_token({"sub": org_owner.account.email})
+        refresh_token = create_refresh_token({"sub": org_owner.account.email})
+        
+    client.cookies.set("access_token", access_token)
+    client.cookies.set("refresh_token", refresh_token)
+    
+    yield client
+
+
+@pytest.fixture
+def auth_client_admin(session: Session, org_admin_user: User) -> Generator[TestClient, None, None]:
+    """Provides a TestClient authenticated as an organization administrator"""
+    client = TestClient(app)
+    
+    # Initialize tokens
+    access_token = ""
+    refresh_token = ""
+    
+    # Create and set valid tokens
+    if org_admin_user.account:
+        access_token = create_access_token({"sub": org_admin_user.account.email})
+        refresh_token = create_refresh_token({"sub": org_admin_user.account.email})
+        
+    client.cookies.set("access_token", access_token)
+    client.cookies.set("refresh_token", refresh_token)
+    
+    yield client
+
+
+@pytest.fixture
+def auth_client_member(session: Session, org_member_user: User) -> Generator[TestClient, None, None]:
+    """Provides a TestClient authenticated as the organization member"""
+    client = TestClient(app)
+    
+    # Initialize tokens
+    access_token = ""
+    refresh_token = ""
+    
+    # Create and set valid tokens
+    if org_member_user.account:
+        access_token = create_access_token({"sub": org_member_user.account.email})
+        refresh_token = create_refresh_token({"sub": org_member_user.account.email})
+        
+    client.cookies.set("access_token", access_token)
+    client.cookies.set("refresh_token", refresh_token)
+    
+    yield client
+
+
+@pytest.fixture
+def auth_client_non_member(session: Session, non_member_user: User) -> Generator[TestClient, None, None]:
+    """Provides a TestClient authenticated as a non-member"""
+    client = TestClient(app)
+    
+    # Initialize tokens
+    access_token = ""
+    refresh_token = ""
+    
+    # Create and set valid tokens
+    if non_member_user.account:
+        access_token = create_access_token({"sub": non_member_user.account.email})
+        refresh_token = create_refresh_token({"sub": non_member_user.account.email})
+        
+    client.cookies.set("access_token", access_token)
+    client.cookies.set("refresh_token", refresh_token)
+    
+    yield client
+
+
+@pytest.fixture
+def second_test_organization(session: Session) -> Organization:
+    """Create a second test organization for multi-organization tests"""
+    organization = Organization(name="Second Test Organization")
+    session.add(organization)
+    session.commit()
+    return organization
\ No newline at end of file
diff --git a/tests/routers/test_account.py b/tests/routers/test_account.py
index 6d08e95..1459648 100644
--- a/tests/routers/test_account.py
+++ b/tests/routers/test_account.py
@@ -27,7 +27,21 @@ def mock_email_response():
     """
     Returns a mock Email response object
     """
-    return resend.Email(id="mock_resend_id")
+    # Use dictionary unpacking to handle the 'from' keyword
+    email_data = {
+        "id": "mock_resend_id",
+        "from": "test@example.com",
+        "to": ["recipient@example.com"],
+        "created_at": "2023-01-01T00:00:00Z",
+        "subject": "Mock Subject",
+        "html": "<p>Mock HTML</p>",
+        "text": "Mock Text",
+        "bcc": [],
+        "cc": [],
+        "reply_to": [],
+        "last_event": "delivered"
+    }
+    return resend.Email(**email_data)
 
 
 @pytest.fixture
diff --git a/tests/routers/test_organization.py b/tests/routers/test_organization.py
index 8fd67a9..ba74aaf 100644
--- a/tests/routers/test_organization.py
+++ b/tests/routers/test_organization.py
@@ -1,5 +1,10 @@
-from utils.models import Organization, Role, Permission, ValidPermissions
+from utils.models import Organization, Role, Permission, ValidPermissions, User
+from utils.db import create_default_roles
+from main import app
 from sqlmodel import select
+from tests.conftest import SetupError
+from fastapi.testclient import TestClient
+from sqlmodel import Session
 
 def test_create_organization_success(auth_client, session, test_user):
     """Test successful organization creation"""
@@ -28,13 +33,36 @@ def test_create_organization_success(auth_client, session, test_user):
         .where(Role.organization_id == org.id)
     ).all()
     
-    assert len(roles) > 0
-    assert any(role.name == "Owner" for role in roles)
+    # Verify all default roles exist by name
+    role_names = {role.name for role in roles}
+    assert "Owner" in role_names
+    assert "Administrator" in role_names
+    assert "Member" in role_names
+    assert len(roles) == 3 # Ensure only default roles were created
 
     # Verify test_user was assigned as owner
-    owner_role = next(role for role in roles if role.name == "Owner")
+    owner_role = next((role for role in roles if role.name == "Owner"), None)
+    assert owner_role is not None
     assert test_user in owner_role.users
 
+    # Verify permissions for Owner role (should have all)
+    all_permissions = session.exec(select(Permission)).all()
+    all_permission_names = {p.name for p in all_permissions}
+    owner_permission_names = {p.name for p in owner_role.permissions}
+    assert owner_permission_names == all_permission_names
+
+    # Verify permissions for Administrator role (should have all except DELETE_ORGANIZATION)
+    admin_role = next((role for role in roles if role.name == "Administrator"), None)
+    assert admin_role is not None
+    admin_permission_names = {p.name for p in admin_role.permissions}
+    expected_admin_permissions = {p.name for p in all_permissions if p.name != ValidPermissions.DELETE_ORGANIZATION}
+    assert admin_permission_names == expected_admin_permissions
+
+    # Verify permissions for Member role (should have none)
+    member_role = next((role for role in roles if role.name == "Member"), None)
+    assert member_role is not None
+    assert len(member_role.permissions) == 0
+
 def test_create_organization_empty_name(auth_client):
     """Test organization creation with empty name"""
     response = auth_client.post(
@@ -84,9 +112,14 @@ def test_create_organization_unauthenticated(unauth_client):
     
     assert response.status_code == 303  # Unauthorized
 
-def test_update_organization_success(auth_client, session, test_organization, test_user):
+def test_update_organization_success(
+        auth_client: TestClient, session: Session, test_organization: Organization, test_user: User
+    ):
     """Test successful organization update"""
     # Set up test user as owner with edit permission
+    if test_organization.id is None:
+        raise SetupError("Test organization ID is None")
+
     owner_role = Role(name="Owner", organization_id=test_organization.id)
     owner_role.permissions = [
         Permission(name=ValidPermissions.EDIT_ORGANIZATION)
@@ -98,18 +131,20 @@ def test_update_organization_success(auth_client, session, test_organization, te
     new_name = "Updated Organization Name"
     response = auth_client.post(
         f"/organizations/update/{test_organization.id}",
-        data={"id": test_organization.id, "name": new_name},
+        data={"id": str(test_organization.id), "name": new_name},
         follow_redirects=False
     )
 
     assert response.status_code == 303  # Redirect status code
-    assert "/profile" in response.headers["location"]
+    assert str(app.url_path_for("read_organization", org_id=test_organization.id)) in response.headers["location"]
 
     # Expire all objects in the session to force a refresh from the database
     session.expire_all()
     
     # Verify database update
     updated_org = session.get(Organization, test_organization.id)
+    if updated_org is None:
+        raise SetupError("Updated organization not found")
     assert updated_org.name == new_name
 
 def test_update_organization_unauthorized(auth_client, session, test_organization, test_user):
@@ -227,15 +262,10 @@ def test_delete_organization_success(auth_client, session, test_organization, te
     ).first()
     assert deleted_org is None
 
-def test_delete_organization_unauthorized(auth_client, session, test_organization, test_user):
+def test_delete_organization_unauthorized(auth_client_member, session, test_organization):
     """Test organization deletion without proper permissions"""
-    # Add user to organization but without delete permission
-    basic_role = Role(name="Owner", organization_id=test_organization.id)
-    basic_role.users.append(test_user)
-    session.add(basic_role)
-    session.commit()
-
-    response = auth_client.post(
+    # Use auth_client_member, who belongs to the org but has no delete permission
+    response = auth_client_member.post(
         f"/organizations/delete/{test_organization.id}",
         follow_redirects=False
     )
@@ -247,9 +277,9 @@ def test_delete_organization_unauthorized(auth_client, session, test_organizatio
     org = session.get(Organization, test_organization.id)
     assert org is not None
 
-def test_delete_organization_not_member(auth_client, session, test_organization, test_user):
+def test_delete_organization_not_member(auth_client_non_member, session, test_organization):
     """Test organization deletion by non-member"""
-    response = auth_client.post(
+    response = auth_client_non_member.post(
         f"/organizations/delete/{test_organization.id}",
         follow_redirects=False
     )
@@ -305,3 +335,210 @@ def test_delete_organization_cascade(auth_client, session, test_organization, te
         .where(Role.organization_id == org_id)
     ).all()
     assert len(roles) == 0
+
+# --- Organization View Permission Tests ---
+
+def test_read_organization_as_owner(auth_client_owner, test_organization):
+    """Test accessing organization page as an owner"""
+    response = auth_client_owner.get(
+        f"/organizations/{test_organization.id}",
+        follow_redirects=False
+    )
+
+    assert response.status_code == 200
+    assert test_organization.name in response.text
+
+    # Check for owner-specific actions
+    assert "Invite Member" in response.text
+    assert "Create Role" in response.text
+    assert "Edit Role" in response.text
+    assert "Delete Role" in response.text
+    assert "Edit Organization" in response.text
+    assert "Delete Organization" in response.text
+
+
+def test_read_organization_as_admin(auth_client_admin, test_organization):
+    """Test accessing organization page as an admin"""
+    response = auth_client_admin.get(
+        f"/organizations/{test_organization.id}",
+        follow_redirects=False
+    )
+
+    assert response.status_code == 200
+    assert test_organization.name in response.text
+
+    # Check for admin-specific actions based on permissions
+    assert "Invite Member" in response.text
+    assert "Create Role" in response.text
+    assert "Edit Role" in response.text
+    
+    # Admin shouldn't have the permission to trigger the delete organization modal
+    assert 'data-bs-target="#deleteOrganizationModal"' not in response.text
+
+
+def test_read_organization_as_member(auth_client_member, test_organization):
+    """Test accessing organization page as a regular member"""
+    response = auth_client_member.get(
+        f"/organizations/{test_organization.id}",
+        follow_redirects=False
+    )
+
+    assert response.status_code == 200
+    assert test_organization.name in response.text
+
+    # Member should not have permission buttons
+    assert "Invite Member" not in response.text
+    assert "Create Role" not in response.text
+    assert "Edit Role" not in response.text
+    assert "Delete Role" not in response.text
+    assert "Edit Organization" not in response.text
+    assert "Delete Organization" not in response.text
+
+
+def test_read_organization_as_non_member(auth_client_non_member, test_organization):
+    """Test accessing organization page as a non-member"""
+    response = auth_client_non_member.get(
+        f"/organizations/{test_organization.id}",
+        follow_redirects=False
+    )
+
+    # Non-members should get an error when accessing the organization
+    assert response.status_code == 404
+    assert "Organization not found" in response.text
+
+
+def test_organization_page_displays_members_correctly(auth_client_owner, org_admin_user, org_member_user, test_organization):
+    """Test that members and their roles are displayed correctly"""
+    response = auth_client_owner.get(
+        f"/organizations/{test_organization.id}",
+        follow_redirects=False
+    )
+
+    assert response.status_code == 200
+
+    # Check that members are displayed with their names and roles
+    assert "Org Owner" in response.text
+    assert "Admin User" in response.text
+    assert "Member User" in response.text
+
+    # Check roles appear next to users
+    assert ">Owner<" in response.text
+    assert ">Administrator<" in response.text
+    assert ">Member<" in response.text
+
+
+def test_empty_organization_displays_no_members_message(auth_client_owner, session):
+    """Test that an organization with no members displays appropriate message"""
+    # Create a new empty organization with just the owner
+    empty_org = Organization(name="Empty Organization")
+    session.add(empty_org)
+    session.commit()
+
+    if empty_org.id is None:
+        raise SetupError("Empty organization ID is None")
+
+    create_default_roles(session, empty_org.id, check_first=False)
+
+    # Retrieve the owner role
+    owner_role = session.exec(
+        select(Role)
+        .where(Role.name == "Owner")
+        .where(Role.organization_id == empty_org.id)
+    ).first()
+    session.refresh(empty_org)
+
+    if owner_role is None:
+        raise SetupError("Could not find 'Owner' role after test setup.")
+
+    # Get the owner user (created by the org_owner fixture)
+    owner = session.exec(select(User).where(User.name == "Org Owner")).first()
+    if owner is None:
+        raise SetupError("Could not find 'Org Owner' user after test setup.")
+
+    # Add the owner to the role to ensure we can access the organization
+    # but keep it otherwise empty
+    owner_role.users.append(owner)
+
+    # No need to add again, just commit
+    session.commit()
+
+    response = auth_client_owner.get(
+        f"/organizations/{empty_org.id}",
+        follow_redirects=False
+    )
+
+    # This will fail before implementation but should pass after
+    assert response.status_code == 200
+    assert "No members found" in response.text
+
+
+# --- Invite User Tests ---
+
+def test_invite_user_success(auth_client_owner, session, test_organization, non_member_user):
+    """Test successfully inviting a user to the organization"""
+    # Count roles before invite
+    roles_count_before = len(non_member_user.roles)
+
+    # Send invite
+    response = auth_client_owner.post(
+        f"/organizations/invite/{test_organization.id}",
+        data={"email": non_member_user.account.email},
+        follow_redirects=False
+    )
+
+    # Should redirect back to organization page
+    assert response.status_code == 303
+    assert f"/organizations/{test_organization.id}" in response.headers["location"]
+
+    # Verify database state - user should now have the Member role
+    session.refresh(non_member_user)
+    assert len(non_member_user.roles) == roles_count_before + 1
+
+    # Verify the user has been assigned the Member role
+    member_role = session.exec(
+        select(Role)
+        .where(Role.name == "Member")
+        .where(Role.organization_id == test_organization.id)
+    ).first()
+
+    assert member_role is not None
+    assert non_member_user in member_role.users
+
+
+def test_invite_nonexistent_user(auth_client_owner, test_organization):
+    """Test inviting a user that doesn't exist in the system"""
+    response = auth_client_owner.post(
+        f"/organizations/invite/{test_organization.id}",
+        data={"email": "nonexistent@example.com"},
+        follow_redirects=True
+    )
+
+    # Should return an error
+    assert response.status_code in [404, 400, 500]  # Allow any reasonable error code
+    assert "user not found" in response.text.lower() or "account not found" in response.text.lower() or "email not found" in response.text.lower()
+
+
+def test_invite_existing_member(auth_client_owner, test_organization, org_member_user):
+    """Test inviting a user who is already a member"""
+    response = auth_client_owner.post(
+        f"/organizations/invite/{test_organization.id}",
+        data={"email": org_member_user.account.email},
+        follow_redirects=True
+    )
+
+    # Should return a 400 Bad Request
+    assert response.status_code == 400
+    assert "already a member" in response.text.lower()
+
+
+def test_invite_without_permission(auth_client_member, test_organization, non_member_user):
+    """Test inviting a user without having the INVITE_USER permission"""
+    response = auth_client_member.post(
+        f"/organizations/invite/{test_organization.id}",
+        data={"email": non_member_user.account.email},
+        follow_redirects=True
+    )
+
+    # Should return a 403 Forbidden
+    assert response.status_code == 403
+    assert "permission" in response.text.lower()
diff --git a/tests/routers/test_role.py b/tests/routers/test_role.py
index 4510d5a..4ada493 100644
--- a/tests/routers/test_role.py
+++ b/tests/routers/test_role.py
@@ -4,6 +4,7 @@
 from tests.conftest import SetupError
 from utils.models import Role, Permission, ValidPermissions, User
 from sqlmodel import Session, select
+import re
 
 
 @pytest.fixture
@@ -463,3 +464,225 @@ def test_delete_role_unauthenticated(unauth_client, test_organization, session:
     )
 
     assert response.status_code == 303  # Redirects to login page
+
+
+# --- Organization Page Role Tests ---
+
+def test_organization_page_role_creation_access(auth_client_owner, auth_client_admin, auth_client_member, test_organization):
+    """Test that role creation UI elements are only shown to users with CREATE_ROLE permission"""
+    # Owner should see role creation
+    owner_response = auth_client_owner.get(
+        f"/organizations/{test_organization.id}",
+        follow_redirects=False
+    )
+    assert owner_response.status_code == 200
+    assert "Create Role" in owner_response.text
+    
+    # Admin should see role creation
+    admin_response = auth_client_admin.get(
+        f"/organizations/{test_organization.id}",
+        follow_redirects=False
+    )
+    assert admin_response.status_code == 200
+    assert "Create Role" in admin_response.text
+    
+    # Member should not see role creation
+    member_response = auth_client_member.get(
+        f"/organizations/{test_organization.id}",
+        follow_redirects=False
+    )
+    assert member_response.status_code == 200
+    assert "Create Role" not in member_response.text
+
+
+def test_organization_page_role_edit_access(auth_client_owner, auth_client_admin, auth_client_member, test_organization):
+    """Test that role editing UI elements are only shown to users with EDIT_ROLE permission"""
+    # Owner should see role editing controls
+    owner_response = auth_client_owner.get(
+        f"/organizations/{test_organization.id}",
+        follow_redirects=False
+    )
+    assert owner_response.status_code == 200
+    assert "Edit Role" in owner_response.text
+    
+    # Admin should see role editing controls
+    admin_response = auth_client_admin.get(
+        f"/organizations/{test_organization.id}",
+        follow_redirects=False
+    )
+    assert admin_response.status_code == 200
+    assert "Edit Role" in admin_response.text
+    
+    # Member should not see role editing controls
+    member_response = auth_client_member.get(
+        f"/organizations/{test_organization.id}",
+        follow_redirects=False
+    )
+    assert member_response.status_code == 200
+    assert "Edit Role" not in member_response.text
+
+
+def test_organization_page_role_delete_access(auth_client_owner, auth_client_admin, auth_client_member, test_organization, session: Session):
+    """Test that role deletion UI elements are only shown to users with DELETE_ROLE permission"""
+    # Create a custom, deletable role for the test
+    custom_role = Role(name="Custom Role To Delete", organization_id=test_organization.id)
+    session.add(custom_role)
+    session.commit()
+    session.refresh(custom_role)
+
+    # Confirm that the custom role is accessible from organization object
+    assert custom_role in test_organization.roles
+
+    # Owner should see the delete role form action because a custom role exists and they have permission
+    owner_response = auth_client_owner.get(
+        f"/organizations/{test_organization.id}",
+        follow_redirects=False
+    )
+    assert owner_response.status_code == 200
+    expected_custom_delete_form = f'<form method="POST" action="http://testserver/roles/delete" class="d-inline">\\s*<input type="hidden" name="id" value="{custom_role.id}">\\s*<input type="hidden" name="organization_id" value="{test_organization.id}">\\s*<button type="submit" class="btn btn-sm btn-outline-danger"\\s*>\\s*Delete Role\\s*</button>\\s*</form>'
+    assert re.search(expected_custom_delete_form, owner_response.text) is not None
+
+    # Admin should see the delete role form action
+    admin_response = auth_client_admin.get(
+        f"/organizations/{test_organization.id}",
+        follow_redirects=False
+    )
+    assert admin_response.status_code == 200
+    assert f'<input type="hidden" name="id" value="{custom_role.id}">' in admin_response.text
+    assert 'action="http://testserver/roles/delete"' in admin_response.text
+
+    # Member should *not* see the delete role form action
+    member_response = auth_client_member.get(
+        f"/organizations/{test_organization.id}",
+        follow_redirects=False
+    )
+    assert member_response.status_code == 200
+    assert f'<input type="hidden" name="id" value="{custom_role.id}">' not in member_response.text
+    assert 'action="http://testserver/roles/delete"' not in member_response.text
+
+    # Built-in roles should not have delete forms for anyone
+    # Check that the delete form is NOT present for the built-in "Owner" role (hardcoded ID 1 in fixtures)
+    expected_owner_delete_form = f'<form method="POST" action="http://testserver/roles/delete" class="d-inline">\\s*<input type="hidden" name="id" value="1">' # Check only for the form targeting owner role ID
+    assert expected_owner_delete_form not in owner_response.text
+    assert expected_owner_delete_form not in admin_response.text
+    assert expected_owner_delete_form not in member_response.text
+    # Check that the delete form is NOT present for built-in Administrator role
+    expected_admin_delete_form = f'<form method="POST" action="http://testserver/roles/delete" class="d-inline">\\s*<input type="hidden" name="id" value="2">' # Check only for the form targeting admin role ID
+    assert expected_admin_delete_form not in owner_response.text
+    assert expected_admin_delete_form not in admin_response.text
+    assert expected_admin_delete_form not in member_response.text
+    # Check that the delete form is NOT present for built-in Member role
+    expected_member_delete_form = f'<form method="POST" action="http://testserver/roles/delete" class="d-inline">\\s*<input type="hidden" name="id" value="3">' # Check only for the form targeting member role ID
+    assert expected_member_delete_form not in owner_response.text
+    assert expected_member_delete_form not in admin_response.text
+    assert expected_member_delete_form not in member_response.text
+
+
+def test_create_role_form_modal(auth_client_owner, test_organization):
+    """Test that the create role modal form contains all required elements"""
+    response = auth_client_owner.get(
+        f"/organizations/{test_organization.id}",
+        follow_redirects=False
+    )
+    
+    assert response.status_code == 200
+    
+    # Check for modal elements
+    assert 'id="createRoleModal"' in response.text
+    assert 'action="http://testserver/roles/create"' in response.text
+    assert 'method="POST"' in response.text or 'method="post"' in response.text
+    assert 'name="name"' in response.text
+    assert 'name="organization_id"' in response.text
+    assert f'value="{test_organization.id}"' in response.text
+    
+    # Check for permission checkboxes
+    for permission in ValidPermissions:
+        assert permission.value in response.text
+
+
+def test_edit_role_form_modal(auth_client_owner, session, test_organization):
+    """Test that the edit role modal form contains all required elements and pre-fills data"""
+    # Create a test role to edit
+    test_role = Role(
+        name="Test Edit Role",
+        organization_id=test_organization.id
+    )
+
+    # Add some permissions
+    edit_permission = session.exec(
+        select(Permission).where(Permission.name == ValidPermissions.EDIT_ROLE)
+    ).first()
+    invite_permission = session.exec(
+        select(Permission).where(Permission.name == ValidPermissions.INVITE_USER)
+    ).first()
+
+    test_role.permissions.append(edit_permission)
+    test_role.permissions.append(invite_permission)
+
+    session.add(test_role)
+    session.commit()
+    session.refresh(test_role)
+
+    # Verify DELETE_ROLE permission is NOT in the role's permissions before making request
+    role_permission_names = [p.name for p in test_role.permissions]
+    assert ValidPermissions.DELETE_ROLE not in role_permission_names, "DELETE_ROLE should not be in permissions before test"
+
+    response = auth_client_owner.get(
+        f"/organizations/{test_organization.id}",
+        follow_redirects=False
+    )
+    assert response.status_code == 200
+
+    # Check for modal elements
+    assert f'id="editRoleModal{test_role.id}"' in response.text
+    assert 'action="http://testserver/roles/update"' in response.text
+    assert 'method="POST"' in response.text or 'method="post"' in response.text
+    assert 'name="name"' in response.text
+    assert f'value="{test_role.name}"' in response.text
+    assert 'name="id"' in response.text
+    assert f'value="{test_role.id}"' in response.text
+    assert 'name="organization_id"' in response.text
+    assert f'value="{test_organization.id}"' in response.text
+
+    # Check for permission checkboxes with correct checked state
+    for permission in ValidPermissions:
+        assert f'value="{permission.value}"' in response.text
+
+    # These should be checked - use regex for robustness
+    edit_role_pattern = f'<input(?=[^>]*\\svalue="{re.escape(ValidPermissions.EDIT_ROLE.value)}")(?=[^>]*\\sid="perm_{test_role.id}_{re.escape(ValidPermissions.EDIT_ROLE.value.replace(" ", "_"))}")[^>]*\\s+checked[^>]*>'
+    assert re.search(edit_role_pattern, response.text) is not None, f"Checkbox for {ValidPermissions.EDIT_ROLE.value} should be checked"
+    invite_user_pattern = f'<input(?=[^>]*\\svalue="{re.escape(ValidPermissions.INVITE_USER.value)}")(?=[^>]*\\sid="perm_{test_role.id}_{re.escape(ValidPermissions.INVITE_USER.value.replace(" ", "_"))}")[^>]*\\s+checked[^>]*>'
+    assert re.search(invite_user_pattern, response.text) is not None, f"Checkbox for {ValidPermissions.INVITE_USER.value} should be checked"
+
+    # Check for one that should NOT be checked
+    delete_role_pattern = f'<input(?=[^>]*\\svalue="{re.escape(ValidPermissions.DELETE_ROLE.value)}")(?=[^>]*\\sid="perm_{test_role.id}_{re.escape(ValidPermissions.DELETE_ROLE.value.replace(" ", "_"))}")[^>]*\\s+checked[^>]*>'
+    delete_match = re.search(delete_role_pattern, response.text)
+
+    assert delete_match is None, f"Checkbox for {ValidPermissions.DELETE_ROLE.value} should NOT be checked"
+
+
+def test_delete_role_form(auth_client_owner, session, test_organization):
+    """Test that the delete role form contains all required elements"""
+    # Create a test role to delete
+    test_role = Role(
+        name="Test Delete Role",
+        organization_id=test_organization.id
+    )
+    session.add(test_role)
+    session.commit()
+    session.refresh(test_role)
+    
+    response = auth_client_owner.get(
+        f"/organizations/{test_organization.id}",
+        follow_redirects=False
+    )
+    
+    assert response.status_code == 200
+    
+    # Check for delete form elements
+    assert 'action="http://testserver/roles/delete"' in response.text
+    assert 'method="POST"' in response.text or 'method="post"' in response.text
+    assert 'name="id"' in response.text
+    assert f'value="{test_role.id}"' in response.text
+    assert 'name="organization_id"' in response.text
+    assert f'value="{test_organization.id}"' in response.text
diff --git a/tests/routers/test_user.py b/tests/routers/test_user.py
index 77d6ba8..c9ba243 100644
--- a/tests/routers/test_user.py
+++ b/tests/routers/test_user.py
@@ -1,11 +1,13 @@
 from fastapi.testclient import TestClient
 from httpx import Response
-from sqlmodel import Session
-from unittest.mock import patch
-
+from sqlmodel import Session, select
+from unittest.mock import patch, MagicMock
+from tests.conftest import SetupError
 from main import app
-from utils.models import User
+from utils.models import User, Role, Organization
 from utils.images import InvalidImageError
+import re
+import pytest
 
 # Mock data for consistent testing
 MOCK_IMAGE_DATA = b"processed fake image data"
@@ -57,7 +59,9 @@ def test_update_profile_unauthorized(unauth_client: TestClient):
 
 
 @patch('routers.user.validate_and_process_image')
-def test_update_profile_authorized(mock_validate, auth_client: TestClient, test_user: User, session: Session):
+def test_update_profile_authorized(
+        mock_validate: MagicMock, auth_client: TestClient, test_user: User, session: Session
+    ):
     """Test that authorized users can edit their profile"""
     
     # Configure mock to return processed image data
@@ -157,7 +161,9 @@ def test_delete_account_success(auth_client: TestClient, test_user: User, sessio
 
 
 @patch('routers.user.validate_and_process_image')
-def test_get_avatar_authorized(mock_validate, auth_client: TestClient, test_user: User):
+def test_get_avatar_authorized(
+        mock_validate: MagicMock, auth_client: TestClient, test_user: User
+    ):
     """Test getting user avatar"""
     # Configure mock to return processed image data
     mock_validate.return_value = (MOCK_IMAGE_DATA, MOCK_CONTENT_TYPE)
@@ -194,7 +200,9 @@ def test_get_avatar_unauthorized(unauth_client: TestClient):
 
 # Add new test for invalid image
 @patch('routers.user.validate_and_process_image')
-def test_update_profile_invalid_image(mock_validate, auth_client: TestClient):
+def test_update_profile_invalid_image(
+        mock_validate: MagicMock, auth_client: TestClient
+    ):
     """Test that invalid images are rejected"""
     # Configure mock to raise InvalidImageError
     mock_validate.side_effect = InvalidImageError("Invalid test image")
@@ -210,3 +218,76 @@ def test_update_profile_invalid_image(mock_validate, auth_client: TestClient):
     )
     assert response.status_code == 400
     assert "Invalid test image" in response.text
+
+
+# --- Multi-Organization Profile Tests ---
+
+def test_profile_displays_multiple_organizations(
+        auth_client: TestClient, test_user: User, session: Session, test_organization: Organization, second_test_organization: Organization
+    ):
+    """Test that a user's profile page displays all organizations they belong to"""
+    if second_test_organization.id is None:
+        raise SetupError("Second test organization ID is None")
+    
+    # Ensure test_user is part of both organizations
+    # First org should already be set up through the org_owner fixture
+    # Now add to second org
+    member_role = Role(
+        name="Member", 
+        organization_id=second_test_organization.id
+    )
+    test_user.roles.append(member_role)
+    session.add(member_role)
+    session.commit()
+
+    # Visit profile page
+    response = auth_client.get("/user/profile")
+    assert response.status_code == 200
+
+    # Check that both organizations are displayed
+    assert test_organization.name in response.text
+    assert second_test_organization.name in response.text
+
+
+def test_profile_displays_organization_list(
+        auth_client_owner: TestClient, session: Session, test_organization: Organization
+    ):
+    """Test that the profile page shows organizations in a macro-rendered list"""
+    
+    response = auth_client_owner.get("/user/profile")
+    assert response.status_code == 200
+    
+    # Find the entire Organizations card section using regex
+    # This regex looks for the card div, the header with "Organizations" and the button,
+    # and captures everything until the next card's div or the end of the container
+    org_section_match = re.search(
+        r'(<div class="card mb-4">\s*<div class="card-header.*?">\s*Organizations\s*<button.*?</div>.*?<div class="card-body">.*?</div>\s*</div>)',
+        response.text, 
+        re.DOTALL # Allow . to match newline characters
+    )
+    
+    # Check that the organizations section was found
+    assert org_section_match, "Organizations card section not found in profile HTML"
+    
+    # Extract the matched HTML for the organizations section
+    org_section_html = org_section_match.group(1)
+    
+    # Check that the organization name and link are rendered within this specific section
+    assert test_organization.name in org_section_html, f"Organization name '{test_organization.name}' not found within the organizations card section"
+    assert f"/organizations/{test_organization.id}" in org_section_html, f"Organization link '/organizations/{test_organization.id}' not found within the organizations card section"
+
+
+def test_profile_no_organizations(
+        auth_client: TestClient, test_user: User, session: Session
+    ):
+    """Test profile display when user has no organizations"""
+    # Remove user from all orgs by clearing roles
+    test_user.roles = []
+    session.commit()
+    
+    # Visit profile page
+    response = auth_client.get("/user/profile")
+    assert response.status_code == 200
+    
+    # Should show "no organizations" message
+    assert "You are not a member of any organizations" in response.text
diff --git a/tests/test_templates.py b/tests/test_templates.py
index ea79225..182dac3 100644
--- a/tests/test_templates.py
+++ b/tests/test_templates.py
@@ -3,6 +3,7 @@
 from typing import Set
 import jinja2
 from jinja2 import meta, Environment
+from jinja2 import nodes
 import pytest
 
 
@@ -66,7 +67,6 @@ def extract_template_variables(template_path: Path) -> Set[str]:
         return variables
     except jinja2.exceptions.TemplateSyntaxError as e:
         pytest.fail(f"Syntax error in template {template_path}: {str(e)}")
-        return set()
 
 
 @pytest.mark.parametrize("template_file", get_all_template_files())
@@ -85,6 +85,41 @@ def test_template_syntax(template_file: Path):
         pytest.fail(f"Syntax error in template {template_file}: {str(e)}")
 
 
+@pytest.mark.parametrize("template_file", get_all_template_files())
+def test_extends_paths_are_valid(template_file: Path):
+    """Test that {% extends ... %} paths point to valid files."""
+    with open(template_file, 'r') as f:
+        template_source = f.read()
+
+    # Use a loader so Jinja2 knows the base directory for relative paths
+    env = Environment(loader=jinja2.FileSystemLoader("templates"))
+    try:
+        ast = env.parse(template_source)
+        # Find the extends node, if it exists
+        extends_node = ast.find(nodes.Extends)
+
+        if extends_node:
+            # Get the path specified in {% extends "..." %}
+            # The template can be different types of expressions
+            if isinstance(extends_node.template, nodes.Const):
+                parent_template_path = extends_node.template.value
+            else:
+                # For other expression types, skip this test
+                return
+
+            # Check if the resolved path exists relative to the templates dir
+            full_path = Path("templates") / parent_template_path
+            assert full_path.is_file(), (
+                f"In {template_file}: extends path '{parent_template_path}' "
+                f"does not point to a valid file ({full_path})"
+            )
+        # If no extends node, this test passes for this file
+    except jinja2.exceptions.TemplateSyntaxError as e:
+        # If syntax is invalid, this test fails, but test_template_syntax should catch it more specifically.
+        # We fail here too to be explicit.
+        pytest.fail(f"Syntax error in template {template_file}: {str(e)}")
+
+
 @pytest.mark.parametrize("template_file", get_all_template_files())
 def test_template_required_variables(template_file: Path):
     """Test that we can identify required variables for each template"""
@@ -95,5 +130,5 @@ def test_template_required_variables(template_file: Path):
     print(f"Template: {template_file}")
     print(f"Required variables: {variables}")
     
-    # This test now serves as documentation for what variables each template requires
-        
+    # TODO: Add tests to ensure that each route passes the required variables to the template
+
diff --git a/uv.lock b/uv.lock
index 91520eb..2529db6 100644
--- a/uv.lock
+++ b/uv.lock
@@ -408,7 +408,7 @@ requires-dist = [
 dev = [
     { name = "graphviz", specifier = ">=0.20.3,<1.0.0" },
     { name = "jupyter", specifier = ">=1.1.1,<2.0.0" },
-    { name = "mypy", specifier = ">=1.11.2,<2.0.0" },
+    { name = "mypy", specifier = ">=1.15.0" },
     { name = "notebook", specifier = ">=7.2.2,<8.0.0" },
     { name = "perplexity-cli", git = "https://github.com/chriscarrollsmith/perplexity-cli.git" },
     { name = "pytest", specifier = ">=8.3.3,<9.0.0" },