diff --git a/user/group/extension.go b/user/group/extension.go
index 8285053..eaec901 100644
--- a/user/group/extension.go
+++ b/user/group/extension.go
@@ -35,12 +35,14 @@ func (s *Extension) GetName() string {
 	return "user-group"
 }
 
+// GetParamValueFromRequest is a convenience function to extract the value of a named param for a request
 func GetParamValueFromRequest(paramName string) func(r *http.Request) (s string, err error) {
 	return func(r *http.Request) (s string, err error) {
 		return mux.Vars(r)[paramName], nil
 	}
 }
 
+// PostInit adds the default roues, if DisableDefaultRoutes is false
 func (s *Extension) PostInit(app *nibbler.Application) error {
 	if !s.DisableDefaultRoutes {
 		app.Router.HandleFunc(app.Config.ApiPrefix+"/group/composite", s.SessionExtension.EnforceLoggedIn(s.GetUserCompositeRequestHandler)).Methods("GET")
@@ -55,6 +57,7 @@ func (s *Extension) PostInit(app *nibbler.Application) error {
 	return nil
 }
 
+// GetModels provides all relevant models for stuff like SQLExtension initialization
 func GetModels() []interface{} {
 	var models []interface{}
 	models = append(models, nibbler.Group{})
diff --git a/user/group/membership.go b/user/group/membership.go
index 93e7321..f9d716d 100644
--- a/user/group/membership.go
+++ b/user/group/membership.go
@@ -19,6 +19,7 @@ func (s *Extension) GetGroupMembershipsForUser(userId string) ([]nibbler.GroupMe
 	return s.PersistenceExtension.GetGroupMembershipsForUser(userId)
 }
 
+// CreateGroupMembershipRequestHandler will handle an http request with path param "groupId", and a membership request body
 func (s *Extension) CreateGroupMembershipRequestHandler(w http.ResponseWriter, r *http.Request) {
 	membership, err := getMembershipFromBody(r)
 	if err != nil {
@@ -50,6 +51,7 @@ func (s *Extension) CreateGroupMembershipRequestHandler(w http.ResponseWriter, r
 	nibbler.Write200Json(w, string(resultJson))
 }
 
+// getMembershipFromBody parses the request body into a GroupMembership struct
 func getMembershipFromBody(r *http.Request) (*nibbler.GroupMembership, error) {
 	if r.Body == nil {
 		return nil, errors.New("no body provided")
diff --git a/user/group/privilege.go b/user/group/privilege.go
index db20b31..eb63591 100644
--- a/user/group/privilege.go
+++ b/user/group/privilege.go
@@ -20,8 +20,9 @@ const DeleteGroupPrivilegeAction = "delete-group-privilege"
 const ListGroupsAction = "list-groups"
 const RemoveMemberFromGroupAction = "remove-member-from-group"
 
-// allows all groups in the groupIdList to perform the provided action on the targetGroupId.  If targetGroupId is blank,
-// it means "all resources/groups"
+// AddPrivilegeToGroups adds a specific privilege definition to save to multiple groups.  It allows all groups in the
+// groupIdList to perform the provided action on the targetGroupId.  If targetGroupId is blank, it means
+// "all resources/groups"
 func (s *Extension) AddPrivilegeToGroups(
 	groupIdList []string,
 	targetGroupId string,
@@ -72,6 +73,7 @@ func (s *Extension) HasPrivilegeOnResource(userId, resourceId, action string) (b
 	return len(privileges) == 0, nil
 }
 
+// DeleteGroupPrivilegeRequestHandler handles an http request with a privilege in its body and "groupId" in the path params
 func (s *Extension) DeleteGroupPrivilegeRequestHandler(w http.ResponseWriter, r *http.Request) {
 	priv, err := getPrivilegeFromBody(r)
 	if err != nil {
@@ -127,6 +129,7 @@ func (s *Extension) DeleteGroupPrivilegeRequestHandler(w http.ResponseWriter, r
 	nibbler.Write200Json(w, "{\"result\":\"ok\"")
 }
 
+// CreateGroupPrivilegeRequestHandler handles an http request with a path param of groupId and body that is a Privilege
 func (s *Extension) CreateGroupPrivilegeRequestHandler(w http.ResponseWriter, r *http.Request) {
 	priv, err := getPrivilegeFromBody(r)
 	if err != nil {
@@ -161,7 +164,7 @@ func (s *Extension) CreateGroupPrivilegeRequestHandler(w http.ResponseWriter, r
 		}
 	}
 
-	if err := s.PersistenceExtension.AddPrivilegeToGroups([]string{ priv.GroupID }, priv.ResourceID, priv.Action); err != nil {
+	if err := s.PersistenceExtension.AddPrivilegeToGroups([]string{priv.GroupID}, priv.ResourceID, priv.Action); err != nil {
 		nibbler.Write500Json(w, err.Error())
 		return
 	}
@@ -169,6 +172,7 @@ func (s *Extension) CreateGroupPrivilegeRequestHandler(w http.ResponseWriter, r
 	nibbler.Write200Json(w, "{\"result\":\"ok\"")
 }
 
+// getPrivilegeFromBody parses the request body into a GroupPrivilege struct
 func getPrivilegeFromBody(r *http.Request) (*nibbler.GroupPrivilege, error) {
 	if r.Body == nil {
 		return nil, errors.New("no body provided")