Fix for tests

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5.4.0 to 5.4.2.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v5.4.0...v5.4.2)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-version: 5.4.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

.env.ci

@@ -1,3 +1,4 @@
+# Application
 APP_NAME=solidtime
 APP_ENV=local
 APP_KEY=
@@ -5,7 +6,6 @@ APP_DEBUG=true
 APP_URL=http://localhost
 APP_FORCE_HTTPS=false
 APP_ENABLE_REGISTRATION=true
-SESSION_SECURE_COOKIE=false
 
 # Logging
 LOG_CHANNEL=stack
@@ -20,35 +20,39 @@ DB_TEST_DATABASE=laravel
 DB_TEST_USERNAME=root
 DB_TEST_PASSWORD=root
 
-BROADCAST_DRIVER=log
+# Broadcasting
+BROADCAST_DRIVER=null
+
+# Cache
 CACHE_DRIVER=file
+
+# Queue
 QUEUE_CONNECTION=sync
+
+# Session
 SESSION_DRIVER=database
 SESSION_LIFETIME=120
 
 # Mail
 MAIL_MAILER=log
-MAIL_FROM_ADDRESS="hello@example.com"
-MAIL_FROM_NAME="${APP_NAME}"
+MAIL_FROM_ADDRESS="no-reply@solidtime.test"
+MAIL_FROM_NAME="solidtime"
+MAIL_REPLY_TO_ADDRESS="hello@solidtime.test"
+MAIL_REPLY_TO_NAME="solidtime"
 
 # Filesystems
 FILESYSTEM_DISK=local
 PUBLIC_FILESYSTEM_DISK=public
 
+# Passport
+PASSPORT_PERSONAL_ACCESS_CLIENT_ID="9e27f54d-5dfb-4dde-99d7-834518236c92"
+PASSPORT_PERSONAL_ACCESS_CLIENT_SECRET="EL5mXp3aF8ITjcwoOXRpbSK7zGrWhW4zTDpQXTkf"
+
+# Auditing
+AUDITING_ENABLED=true
+
+# Telescope
+TELESCOPE_ENABLED=false
+
 # Services
 GOTENBERG_URL=http://0.0.0.0:3000
-
-PUSHER_APP_ID=
-PUSHER_APP_KEY=
-PUSHER_APP_SECRET=
-PUSHER_HOST=
-PUSHER_PORT=443
-PUSHER_SCHEME=https
-PUSHER_APP_CLUSTER=mt1
-
-VITE_APP_NAME="${APP_NAME}"
-VITE_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
-VITE_PUSHER_HOST="${PUSHER_HOST}"
-VITE_PUSHER_PORT="${PUSHER_PORT}"
-VITE_PUSHER_SCHEME="${PUSHER_SCHEME}"
-VITE_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"

.env.example

@@ -4,7 +4,7 @@ APP_ENV=local
 APP_KEY=base64:UNQNf1SXeASNkWux01Rj8EnHYx8FO0kAxWNDwktclkk=
 APP_DEBUG=true
 APP_URL=https://solidtime.test
-AUDITING_ENABLED=true
+APP_FORCE_HTTPS=false
 APP_ENABLE_REGISTRATION=true
 SUPER_ADMINS=admin@example.com
 PAGINATION_PER_PAGE_DEFAULT=500
@@ -49,7 +49,9 @@ MAIL_USERNAME=null
 MAIL_PASSWORD=null
 MAIL_ENCRYPTION=null
 MAIL_FROM_ADDRESS="no-reply@solidtime.test"
-MAIL_FROM_NAME="${APP_NAME}"
+MAIL_FROM_NAME="solidtime"
+MAIL_REPLY_TO_ADDRESS="hello@solidtime.test"
+MAIL_REPLY_TO_NAME="solidtime"
 
 # Filesystems
 FILESYSTEM_DISK=s3
@@ -62,14 +64,24 @@ S3_URL=http://storage.solidtime.test/local
 S3_ENDPOINT=http://storage.solidtime.test
 S3_USE_PATH_STYLE_ENDPOINT=true
 
+# Passport
+PASSPORT_PERSONAL_ACCESS_CLIENT_ID="9e27f54d-5dfb-4dde-99d7-834518236c92"
+PASSPORT_PERSONAL_ACCESS_CLIENT_SECRET="EL5mXp3aF8ITjcwoOXRpbSK7zGrWhW4zTDpQXTkf"
+
+# Auditing
+AUDITING_ENABLED=true
+
+# Telescope
+TELESCOPE_ENABLED=false
+
 # Services
 GOTENBERG_URL=http://gotenberg:3000
 
-VITE_HOST_NAME=vite.solidtime.test
-VITE_APP_NAME="${APP_NAME}"
-
 # Local setup
 NGINX_HOST_NAME=solidtime.test
 NETWORK_NAME=reverse-proxy-docker-traefik_routing
 FORWARD_DB_PORT=5432
 FORWARD_WEB_PORT=8083
+VITE_HOST_NAME=vite.solidtime.test
+VITE_APP_NAME="${APP_NAME}"
+#SAIL_XDEBUG_MODE=develop,debug,coverage

.env.production

@@ -5,7 +5,6 @@ VITE_APP_NAME=solidtime
 APP_ENV=production
 APP_DEBUG=false
 APP_FORCE_HTTPS=true
-SESSION_SECURE_COOKIE=true
 OCTANE_SERVER=frankenphp
 PAGINATION_PER_PAGE_DEFAULT=500
 

.github/ISSUE_TEMPLATE/1_bug_report.yml

@@ -0,0 +1,47 @@
+name: Bug Report
+description: "Report a bug"
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Before creating a new bug report, please check that there isn't already a similar issue.
+
+  - type: textarea
+    attributes:
+      label: Description
+      description: A clear and concise description of what the bug is.
+    validations:
+      required: true
+
+  - type: textarea
+    attributes:
+      label: "Steps To Reproduce"
+      description: How do you trigger this bug? Please walk us through it step by step.
+      value: |
+        1.
+        2.
+        3.
+        ...
+    validations:
+      required: false
+
+  - type: dropdown
+    attributes:
+      label: "Self-hosted or Cloud?"
+      options:
+        - Self-Hosted
+        - solidtime Cloud
+        - Both
+
+  - type: input
+    attributes:
+      label: "Version of solidtime: (for self-hosted)"
+    validations:
+      required: false
+
+  - type: input
+    attributes:
+      label: "solidtime self-hosting guide: (for self-hosted)"
+      description: "Did you use the official guide to self-host solidtime? If yes, which one?"
+    validations:
+      required: false

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,8 @@
+blank_issues_enabled: false
+contact_links:
+  - name: 🚀 Feature Request
+    url: https://github.com/solidtime-io/solidtime/discussions/new?category=feature-requests
+    about: Share ideas for new features
+  - name: ❓ Ask a Question
+    url: https://github.com/solidtime-io/solidtime/discussions/new?category=general
+    about: Ask the community for help

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,8 @@
+<!--
+This project is early stage. The structure and APIs are still subject to change and not stable.
+Therefore, we do not currently accept any contributions, unless you are a member of the team.
+
+As soon as we feel comfortable enough that the application structure is stable enough, we will open up the project for contributions.
+
+We do accept contributions in the [documentation repository](https://github.com/solidtime-io/docs) f.e. to add new self-hosting guides.
+-->

.github/workflows/build-private.yml

@@ -107,6 +107,24 @@ jobs:
       - name: "Install npm dependencies in services extension"
         run: cd extensions/Services && npm ci
 
+      - name: "Checkout invoicing extension"
+        uses: actions/checkout@v4
+        with:
+          repository: solidtime-io/extension-invoicing
+          path: extensions/Invoicing
+          ssh-key: ${{ secrets.SSH_PRIVATE_KEY_INVOICING_EXTENSION }}
+
+      - name: "Install composer dependencies in invoicing extension"
+        uses: php-actions/composer@v6
+        with:
+          working_dir: "extensions/Invoicing"
+          command: install
+          only_args: --no-dev --no-ansi --no-interaction --prefer-dist --ignore-platform-reqs --classmap-authoritative
+          php_version: 8.3
+
+      - name: "Install npm dependencies in invoicing extension"
+        run: cd extensions/Invoicing && npm ci
+
       - name: "Setup PHP with PECL extension"
         uses: shivammathur/setup-php@v2
         with:
@@ -127,6 +145,9 @@ jobs:
       - name: "Activate services extension"
         run: php artisan module:enable Services
 
+      - name: "Activate invoicing extension"
+        run: php artisan module:enable Invoicing
+
       - name: "Install npm dependencies"
         run: npm ci
 

.github/workflows/build-public.yml

@@ -11,10 +11,21 @@ on:
       - 'docker/prod/**'
   workflow_dispatch:
 
+env:
+  DOCKERHUB_REPO: solidtime/solidtime
+  GHCR_REPO: ghcr.io/solidtime-io/solidtime
+
 name: Build - Public
 jobs:
   build:
-    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        include:
+          - runs-on: "ubuntu-24.04-arm"
+            platform: "linux/arm64"
+          - runs-on: "ubuntu-24.04"
+            platform: "linux/amd64"
+    runs-on: ${{ matrix.runs-on }}
     permissions:
       packages: write
       contents: read
@@ -29,7 +40,7 @@ jobs:
           fetch-depth: 0 # Required for WyriHaximus/github-action-get-previous-tag
 
       - name: "Get build"
-        id: build
+        id: release-build
         run: echo "build=$(git rev-parse --short=8 HEAD)" >> "$GITHUB_OUTPUT"
 
       - name: "Get Previous tag (normal push)"
@@ -40,7 +51,7 @@ jobs:
           prefix: "v"
 
       - name: "Get version"
-        id: version
+        id: release-version
         run: |
           if ${{ !startsWith(github.ref, 'refs/tags/v') }}; then
             if ${{ startsWith(steps.previoustag.outputs.tag, 'v') }}; then
@@ -61,21 +72,23 @@ jobs:
           rm .env.production .env.ci .env.example
 
       - name: "Add version to .env"
-        run: sed -i 's/APP_VERSION=0.0.0/APP_VERSION=${{ steps.version.outputs.app_version }}/g' .env
+        run: sed -i 's/APP_VERSION=0.0.0/APP_VERSION=${{ steps.release-version.outputs.app_version }}/g' .env
 
       - name: "Add build to .env"
-        run: sed -i 's/APP_BUILD=0/APP_BUILD=${{ steps.build.outputs.build }}/g' .env
+        run: sed -i 's/APP_BUILD=0/APP_BUILD=${{ steps.release-build.outputs.build }}/g' .env
 
       - name: "Output .env"
         run: cat .env
 
-      - name: "Install dependencies"
-        uses: php-actions/composer@v6
-        if: steps.cache-vendor.outputs.cache-hit != 'true' # Skip if cache hit
+      - name: "Setup PHP with PECL extension"
+        uses: shivammathur/setup-php@v2
         with:
-          command: install
-          only_args: --no-dev --no-ansi --no-interaction --prefer-dist --ignore-platform-reqs --classmap-authoritative
-          php_version: 8.3
+          php-version: '8.3'
+          extensions: mbstring, dom, fileinfo, pgsql
+
+      - name: "Install dependencies"
+        run: composer install --no-dev --no-ansi --no-interaction --prefer-dist --ignore-platform-reqs --classmap-authoritative
+        if: steps.cache-vendor.outputs.cache-hit != 'true' # Skip if cache hit
 
       - name: "Use Node.js"
         uses: actions/setup-node@v4
@@ -88,29 +101,31 @@ jobs:
       - name: "Build"
         run: npm run build
 
-      - name: "Login to GitHub Container Registry"
+      - name: "Prepare"
+        run: |
+          platform=${{ matrix.platform }}
+          echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
+
+      - name: "Docker meta"
+        id: "meta"
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            ${{ env.DOCKERHUB_REPO }}
+            ${{ env.GHCR_REPO }}
+
+      - name: "Login to Docker Hub Container Registry"
         uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
+
       - name: "Login to GitHub Container Registry"
         uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
-      - name: "Docker meta"
-        id: "meta"
-        uses: docker/metadata-action@v5
-        with:
-          images: |
-            solidtime/solidtime
-            ghcr.io/${{ github.repository }}
-          tags: |
-            type=ref,event=branch
-            type=ref,event=pr
-            type=semver,pattern={{version}}
-            type=semver,pattern={{major}}.{{minor}}
 
       - name: "Set up QEMU"
         uses: docker/setup-qemu-action@v3
@@ -118,16 +133,90 @@ jobs:
       - name: "Set up Docker Buildx"
         uses: docker/setup-buildx-action@v3
 
-      - name: "Build and push"
+      - name: "Build and push by digest"
+        id: build
         uses: docker/build-push-action@v6
         with:
           context: .
           file: docker/prod/Dockerfile
           build-args: |
             DOCKER_FILES_BASE_PATH=docker/prod/
-          platforms: linux/amd64,linux/arm64
-          push: true
-          tags: ${{ steps.meta.outputs.tags }}
+          platforms: ${{ matrix.platform }}
           labels: ${{ steps.meta.outputs.labels }}
+          outputs: type=image,"name=${{ env.DOCKERHUB_REPO }},${{ env.GHCR_REPO }}",push-by-digest=true,name-canonical=true,push=true
           cache-from: type=gha
           cache-to: type=gha,mode=max
+
+      - name: "Export digest"
+        run: |
+          mkdir -p ${{ runner.temp }}/digests
+          digest="${{ steps.build.outputs.digest }}"
+          touch "${{ runner.temp }}/digests/${digest#sha256:}"
+
+      - name: "Upload digest"
+        uses: actions/upload-artifact@v4
+        with:
+          name: digests-${{ env.PLATFORM_PAIR }}
+          path: ${{ runner.temp }}/digests/*
+          if-no-files-found: error
+          retention-days: 1
+
+  merge:
+    runs-on: ubuntu-latest
+    permissions:
+      packages: write
+      contents: read
+      attestations: write
+      id-token: write
+    timeout-minutes: 90
+    needs:
+      - build
+    steps:
+      - name: "Download digests"
+        uses: actions/download-artifact@v4
+        with:
+          path: ${{ runner.temp }}/digests
+          pattern: digests-*
+          merge-multiple: true
+
+      - name: "Login to Docker Hub"
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: "Login to GHCR"
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: "Set up Docker Buildx"
+        uses: docker/setup-buildx-action@v3
+
+      - name: "Docker meta"
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            ${{ env.DOCKERHUB_REPO }}
+            ${{ env.GHCR_REPO }}
+          tags: |
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+
+      - name: "Create manifest list and push"
+        working-directory: ${{ runner.temp }}/digests
+        run: |
+          docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
+            $(printf '${{ env.DOCKERHUB_REPO }}@sha256:%s ' *)
+          docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
+            $(printf '${{ env.GHCR_REPO }}@sha256:%s ' *)
+
+      - name: "Inspect image"
+        run: |
+          docker buildx imagetools inspect ${{ env.DOCKERHUB_REPO }}:${{ steps.meta.outputs.version }}
+          docker buildx imagetools inspect ${{ env.GHCR_REPO }}:${{ steps.meta.outputs.version }}

.github/workflows/npm-publish-api.yml

@@ -8,7 +8,8 @@ jobs:
       contents: read
       id-token: write
     steps:
-      - uses: actions/checkout@v4
+      - name: "Checkout code"
+        uses: actions/checkout@v4
       # Setup .npmrc file to publish to npm
       - name: Install root project dependencies
         run: npm ci

.github/workflows/npm-publish-ui.yml

@@ -8,7 +8,8 @@ jobs:
       contents: read
       id-token: write
     steps:
-      - uses: actions/checkout@v4
+      - name: "Checkout code"
+        uses: actions/checkout@v4
       # Setup .npmrc file to publish to npm
       - uses: actions/setup-node@v4
         with:

.github/workflows/phpunit.yml

@@ -60,10 +60,10 @@ jobs:
           php artisan passport:keys
 
       - name: "Run PHPUnit"
-        run: php artisan test --stop-on-failure --coverage-text --coverage-clover=coverage.xml
+        run: php artisan test --parallel --stop-on-failure --coverage-text --coverage-clover=coverage.xml
 
       - name: "Upload coverage reports to Codecov"
-        uses: codecov/codecov-action@v5.3.1
+        uses: codecov/codecov-action@v5.4.2
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           slug: solidtime-io/solidtime

.github/workflows/playwright.yml

@@ -27,45 +27,47 @@ jobs:
       - name: "Checkout code"
         uses: actions/checkout@v4
 
-      - uses: actions/setup-node@v4
+      - name: "Setup node"
+        uses: actions/setup-node@v4
         with:
           node-version: '20.x'
 
-      - name: Setup PHP
+      - name: "Setup PHP"
         uses: shivammathur/setup-php@v2
         with:
           php-version: '8.3'
           extensions: dom, curl, libxml, mbstring, zip, pcntl, pdo, pdo_sqlite, bcmath, soap, intl, gd, exif, iconv
           coverage: none
 
-      - name: Run composer install
+      - name: "Run composer install"
         run: composer install -n --prefer-dist
 
-      - name: Prepare Laravel Application
+      - name: "Prepare Laravel Application"
         run: |
           cp .env.ci .env
           php artisan key:generate
-          php artisan migrate --seed
           php artisan passport:keys
+          php artisan migrate --seed
 
-      - name: Install dependencies
+      - name: "Install dependencies"
         run: npm ci
 
-      - name: Build Frontend
+      - name: "Build Frontend"
         run: npm run build
 
-      - name: Run Laravel Server
+      - name: "Run Laravel Server"
         run: php artisan serve > /dev/null 2>&1 &
 
-      - name: Install Playwright Browsers
+      - name: "Install Playwright Browsers"
         run: npx playwright install --with-deps
 
-      - name: Run Playwright tests
+      - name: "Run Playwright tests"
         run: npx playwright test
         env:
           PLAYWRIGHT_BASE_URL: 'http://127.0.0.1:8000'
 
-      - uses: actions/upload-artifact@v4
+      - name: "Upload test results"
+        uses: actions/upload-artifact@v4
         if: always()
         with:
           name: test-results

app/Actions/Fortify/CreateNewUser.php

@@ -76,6 +76,11 @@ class CreateNewUser implements CreatesNewUsers
         $ipLookupResponse = app(IpLookupServiceContract::class)->lookup(request()->ip());
 
         $startOfWeek = Weekday::Monday;
+        $numberFormat = null;
+        $currencyFormat = null;
+        $dateFormat = null;
+        $intervalFormat = null;
+        $timeFormat = null;
         $currency = null;
         if ($ipLookupResponse !== null) {
             $startOfWeek = $ipLookupResponse->startOfWeek ?? Weekday::Monday;
@@ -85,7 +90,7 @@ class CreateNewUser implements CreatesNewUsers
             $currency = $ipLookupResponse->currency;
         }
         $user = null;
-        DB::transaction(function () use (&$user, $input, $timezone, $startOfWeek, $currency): void {
+        DB::transaction(function () use (&$user, $input, $timezone, $startOfWeek, $currency, $numberFormat, $currencyFormat, $dateFormat, $intervalFormat, $timeFormat): void {
             $userService = app(UserService::class);
             $user = $userService->createUser(
                 $input['name'],
@@ -93,7 +98,12 @@ class CreateNewUser implements CreatesNewUsers
                 $input['password'],
                 $timezone ?? 'UTC',
                 $startOfWeek,
-                $currency ?? 'EUR',
+                $currency,
+                $numberFormat,
+                $currencyFormat,
+                $dateFormat,
+                $intervalFormat,
+                $timeFormat
             );
         });
 

app/Actions/Jetstream/CreateOrganization.php

@@ -4,10 +4,11 @@ declare(strict_types=1);
 
 namespace App\Actions\Jetstream;
 
-use App\Enums\Role;
 use App\Events\AfterCreateOrganization;
 use App\Models\Organization;
 use App\Models\User;
+use App\Service\IpLookup\IpLookupServiceContract;
+use App\Service\OrganizationService;
 use Illuminate\Auth\Access\AuthorizationException;
 use Illuminate\Support\Facades\Gate;
 use Illuminate\Support\Facades\Validator;
@@ -33,16 +34,18 @@ class CreateOrganization implements CreatesTeams
             'name' => ['required', 'string', 'max:255'],
         ])->validateWithBag('createTeam');
 
-        $organization = new Organization;
-        $organization->name = $input['name'];
-        $organization->personal_team = false;
-        $organization->owner()->associate($user);
-        $organization->save();
+        $ipLookupResponse = app(IpLookupServiceContract::class)->lookup(request()->ip());
 
-        $organization->users()->attach(
-            $user, [
-                'role' => Role::Owner->value,
-            ]
+        $currency = null;
+        if ($ipLookupResponse !== null) {
+            $currency = $ipLookupResponse->currency;
+        }
+
+        $organization = app(OrganizationService::class)->createOrganization(
+            $input['name'],
+            $user,
+            false,
+            $currency
         );
 
         $user->switchTeam($organization);

app/Console/Commands/Admin/UserCreateCommand.php

@@ -64,8 +64,8 @@ class UserCreateCommand extends Command
                 $password,
                 'UTC',
                 Weekday::Monday,
-                'EUR',
-                $verifyEmail
+                null,
+                verifyEmail: $verifyEmail
             );
         });
         /** @var Organization|null $organization */

app/Console/Commands/Correction/CorrectionPlaceholderMembersCommand.php

@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Console\Commands\Correction;
+
+use App\Enums\Role;
+use App\Models\Member;
+use App\Models\User;
+use Illuminate\Console\Command;
+use Illuminate\Database\Eloquent\Builder;
+
+class CorrectionPlaceholderMembersCommand extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'correction:placeholder-members '.
+        ' { --dry-run : Do not actually save anything to the database, just output what would happen }';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Sets all members who belong to a placeholder user to role placeholder';
+
+    /**
+     * Execute the console command.
+     */
+    public function handle(): int
+    {
+        $this->comment('Sets all members who belong to a placeholder user to role placeholder...');
+        $dryRun = (bool) $this->option('dry-run');
+        if ($dryRun) {
+            $this->comment('Running in dry-run mode. Nothing will be saved to the database.');
+        }
+
+        $members = Member::query()
+            ->where('role', '!=', Role::Placeholder->value)
+            ->whereHas('user', function (Builder $builder): void {
+                /** @var Builder<User> $builder */
+                $builder->where('is_placeholder', '=', true);
+            })
+            ->get();
+        foreach ($members as $member) {
+            /** @var Member $member */
+            $member->role = Role::Placeholder->value;
+            if (! $dryRun) {
+                $member->save();
+            }
+            $this->line('Set role of member (id='.$member->getKey().') to placeholder');
+        }
+
+        return self::SUCCESS;
+    }
+}

app/Console/Commands/SelfHost/SelfHostDatabaseConsistency.php

@@ -0,0 +1,123 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Console\Commands\SelfHost;
+
+use Illuminate\Console\Command;
+use Illuminate\Database\Query\Builder;
+use Illuminate\Database\Query\JoinClause;
+use Illuminate\Support\Collection;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Log;
+
+class SelfHostDatabaseConsistency extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'self-host:database-consistency';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = '';
+
+    /**
+     * Execute the console command.
+     */
+    public function handle(): int
+    {
+        $hadAProblem = false;
+
+        // Task need to be part of project in time entries
+        $problems = DB::table('time_entries')
+            ->select(['time_entries.id as id'])
+            ->join('tasks', 'time_entries.task_id', '=', 'tasks.id')
+            ->where('tasks.project_id', '!=', DB::raw('time_entries.project_id'))
+            ->get();
+        $this->logProblems($problems, 'Time entries have a task that does not belong to the project of the time entry', $hadAProblem);
+
+        // Client id is the client id of the project
+        $problems = DB::table('time_entries')
+            ->select(['time_entries.id as id'])
+            ->join('projects', 'time_entries.project_id', '=', 'projects.id')
+            ->where(DB::raw('coalesce(projects.client_id::varchar, \'\')'), '!=', DB::raw('coalesce(time_entries.client_id::varchar, \'\')'))
+            ->get();
+        $this->logProblems($problems, 'Time entries have a client that does not match the client of the project', $hadAProblem);
+
+        // Client id can only be not null if the project id is not null
+        $problems = DB::table('time_entries')
+            ->select(['time_entries.id as id'])
+            ->whereNotNull('client_id')
+            ->whereNull('project_id')
+            ->get();
+        $this->logProblems($problems, 'Time entries have a client but no project', $hadAProblem);
+
+        // Every user needs to be a member of at least one organization
+        $problems = DB::table('users')
+            ->select(['users.id as id'])
+            ->leftJoin('members', 'users.id', '=', 'members.user_id')
+            ->whereNull('members.id')
+            ->get();
+        $this->logProblems($problems, 'Users are not member of any organization', $hadAProblem);
+
+        // Every organization needs at least an owner
+        $problems = DB::table('organizations')
+            ->select(['organizations.id as id'])
+            ->leftJoin('members', function (JoinClause $join): void {
+                $join->on('organizations.id', '=', 'members.organization_id')
+                    ->where('members.role', '=', 'owner');
+            })
+            ->whereNull('members.id')
+            ->get();
+        $this->logProblems($problems, 'Organizations without an owner', $hadAProblem);
+
+        // Every member can only have one running time entry
+        $problems = DB::table('time_entries')
+            ->select(['user_id as id'])
+            ->whereNull('end')
+            ->groupBy('user_id')
+            ->havingRaw('count(*) > 1')
+            ->get(['user_id', DB::raw('count(*) as count')]);
+        $this->logProblems($problems, 'Users with more than one running time entry', $hadAProblem);
+
+        // Users have a current organization that they are not a member of
+        $problems = DB::table('users')
+            ->select(['users.id as id'])
+            ->whereNotNull('current_team_id')
+            ->whereNotIn('current_team_id', function (Builder $query): void {
+                $query->select('organization_id')
+                    ->from('members')
+                    ->whereColumn('members.user_id', 'users.id');
+            })->get();
+        $this->logProblems($problems, 'Users have a current organization that they are not a member of', $hadAProblem);
+
+        return $hadAProblem ? self::FAILURE : self::SUCCESS;
+    }
+
+    /**
+     * @param  Collection<int, \stdClass>  $problems
+     */
+    private function logProblems(Collection $problems, string $message, bool &$hadAProblem): void
+    {
+        $message = 'Consistency problem: '.$message;
+        if ($problems->isNotEmpty()) {
+            $ids = $problems->pluck('id');
+            $hadAProblem = true;
+            Log::error($message, [
+                'ids' => $ids,
+            ]);
+
+            $error = $message;
+            foreach ($ids as $id) {
+                $error .= "\n  - ".$id;
+            }
+            $this->error($error);
+        }
+    }
+}

app/Console/Kernel.php

@@ -25,6 +25,10 @@ class Kernel extends ConsoleKernel
         $schedule->command('self-host:telemetry')
             ->when(fn (): bool => config('scheduling.tasks.self_hosting_telemetry'))
             ->twiceDaily();
+
+        $schedule->command('self-host:database-consistency')
+            ->when(fn (): bool => config('scheduling.tasks.self_hosting_database_consistency'))
+            ->twiceDaily();
     }
 
     /**

app/Enums/CurrencyFormat.php

@@ -0,0 +1,36 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Enums;
+
+use Datomatic\LaravelEnumHelper\LaravelEnumHelper;
+
+enum CurrencyFormat: string
+{
+    use LaravelEnumHelper;
+
+    case ISOCodeBeforeWithSpace = 'iso-code-before-with-space';
+    case ISOCodeAfterWithSpace = 'iso-code-after-with-space';
+
+    case SymbolBefore = 'symbol-before';
+
+    case SymbolAfter = 'symbol-after';
+
+    case SymbolBeforeWithSpace = 'symbol-before-with-space';
+
+    case SymbolAfterWithSpace = 'symbol-after-with-space';
+
+    /**
+     * @return array<string, string>
+     */
+    public static function toSelectArray(): array
+    {
+        $selectArray = [];
+        foreach (self::values() as $value) {
+            $selectArray[(string) $value] = (string) __('enum.currency_format.'.$value);
+        }
+
+        return $selectArray;
+    }
+}

app/Enums/DateFormat.php

@@ -0,0 +1,48 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Enums;
+
+use Datomatic\LaravelEnumHelper\LaravelEnumHelper;
+
+enum DateFormat: string
+{
+    use LaravelEnumHelper;
+
+    case PointSeparatedDMYYYY = 'point-separated-d-m-yyyy';
+    case SlashSeparatedMMDDYYYY = 'slash-separated-mm-dd-yyyy';
+
+    case SlashSeparatedDDMMYYYY = 'slash-separated-dd-mm-yyyy';
+
+    case HyphenSeparatedDDMMYYY = 'hyphen-separated-dd-mm-yyyy';
+
+    case HyphenSeparatedMMDDDYYYY = 'hyphen-separated-mm-dd-yyyy';
+
+    case HyphenSeparatedYYYYMMDD = 'hyphen-separated-yyyy-mm-dd';
+
+    public function toCarbonFormat(): string
+    {
+        return match ($this->value) {
+            self::PointSeparatedDMYYYY->value => 'j.n.Y',
+            self::SlashSeparatedMMDDYYYY->value => 'm/d/Y',
+            self::SlashSeparatedDDMMYYYY->value => 'd/m/Y',
+            self::HyphenSeparatedDDMMYYY->value => 'd-m-Y',
+            self::HyphenSeparatedMMDDDYYYY->value => 'm-d-Y',
+            self::HyphenSeparatedYYYYMMDD->value => 'Y-m-d',
+        };
+    }
+
+    /**
+     * @return array<string, string>
+     */
+    public static function toSelectArray(): array
+    {
+        $selectArray = [];
+        foreach (self::values() as $value) {
+            $selectArray[(string) $value] = (string) __('enum.date_format.'.$value);
+        }
+
+        return $selectArray;
+    }
+}

app/Enums/IntervalFormat.php

@@ -0,0 +1,32 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Enums;
+
+use Datomatic\LaravelEnumHelper\LaravelEnumHelper;
+
+enum IntervalFormat: string
+{
+    use LaravelEnumHelper;
+
+    case Decimal = 'decimal';
+    case HoursMinutes = 'hours-minutes';
+
+    case HoursMinutesColonSeparated = 'hours-minutes-colon-separated';
+
+    case HoursMinutesSecondsColonSeparated = 'hours-minutes-seconds-colon-separated';
+
+    /**
+     * @return array<string, string>
+     */
+    public static function toSelectArray(): array
+    {
+        $selectArray = [];
+        foreach (self::values() as $value) {
+            $selectArray[(string) $value] = (string) __('enum.interval_format.'.$value);
+        }
+
+        return $selectArray;
+    }
+}

app/Enums/NumberFormat.php

@@ -0,0 +1,37 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Enums;
+
+use Datomatic\LaravelEnumHelper\LaravelEnumHelper;
+
+/**
+ * @info https://en.wikipedia.org/wiki/Decimal_separator
+ */
+enum NumberFormat: string
+{
+    use LaravelEnumHelper;
+
+    case ThousandsPointDecimalComma = 'point-comma';
+
+    case ThousandsCommaDecimalPoint = 'comma-point';
+    case ThousandsSpaceDecimalComma = 'space-comma';
+
+    case ThousandsSpaceDecimalPoint = 'space-point';
+
+    case ThousandsApostropheDecimalPoint = 'apostrophe-point';
+
+    /**
+     * @return array<string, string>
+     */
+    public static function toSelectArray(): array
+    {
+        $selectArray = [];
+        foreach (self::values() as $value) {
+            $selectArray[(string) $value] = (string) __('enum.number_format.'.$value);
+        }
+
+        return $selectArray;
+    }
+}

app/Enums/TimeFormat.php

@@ -0,0 +1,28 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Enums;
+
+use Datomatic\LaravelEnumHelper\LaravelEnumHelper;
+
+enum TimeFormat: string
+{
+    use LaravelEnumHelper;
+
+    case TwelveHours = '12-hours';
+    case TwentyFourHours = '24-hours';
+
+    /**
+     * @return array<string, string>
+     */
+    public static function toSelectArray(): array
+    {
+        $selectArray = [];
+        foreach (self::values() as $value) {
+            $selectArray[(string) $value] = (string) __('enum.time_format.'.$value);
+        }
+
+        return $selectArray;
+    }
+}

app/Events/DatabaseSeederAfterSeed.php

@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Events;
+
+use Illuminate\Foundation\Events\Dispatchable;
+
+class DatabaseSeederAfterSeed
+{
+    use Dispatchable;
+
+    public function __construct() {}
+}

app/Events/DatabaseSeederBeforeDelete.php

@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Events;
+
+use Illuminate\Foundation\Events\Dispatchable;
+
+class DatabaseSeederBeforeDelete
+{
+    use Dispatchable;
+
+    public function __construct() {}
+}

app/Exceptions/Api/ChangingRoleOfPlaceholderIsNotAllowed.php

@@ -0,0 +1,10 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Exceptions\Api;
+
+class ChangingRoleOfPlaceholderIsNotAllowed extends ApiException
+{
+    public const string KEY = 'changing_role_of_placeholder_is_not_allowed';
+}

app/Exceptions/Api/OnlyPlaceholdersCanBeMergedIntoAnotherMember.php

@@ -0,0 +1,10 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Exceptions\Api;
+
+class OnlyPlaceholdersCanBeMergedIntoAnotherMember extends ApiException
+{
+    public const string KEY = 'only_placeholders_can_be_merged_into_another_member';
+}

app/Exceptions/Api/PersonalAccessClientIsNotConfiguredException.php

@@ -0,0 +1,10 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Exceptions\Api;
+
+class PersonalAccessClientIsNotConfiguredException extends ApiException
+{
+    public const string KEY = 'personal_access_client_is_not_configured';
+}

app/Exceptions/Api/ThisPlaceholderCanNotBeInvitedUseTheMergeToolInsteadException.php

@@ -0,0 +1,10 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Exceptions\Api;
+
+class ThisPlaceholderCanNotBeInvitedUseTheMergeToolInsteadException extends ApiException
+{
+    public const string KEY = 'this_placeholder_can_not_be_invited_use_the_merge_tool_instead_api_exception';
+}

app/Filament/Resources/AuditResource.php

@@ -13,7 +13,7 @@ use Filament\Tables;
 use Filament\Tables\Columns\IconColumn;
 use Filament\Tables\Table;
 use Illuminate\Support\Str;
-use Novadaemon\FilamentPrettyJson\PrettyJson;
+use Novadaemon\FilamentPrettyJson\Form\PrettyJsonField;
 
 class AuditResource extends Resource
 {
@@ -38,8 +38,8 @@ class AuditResource extends Resource
                     ->maxLength(255),
                 Forms\Components\TextInput::make('auditable_id')
                     ->required(),
-                PrettyJson::make('old_values'),
-                PrettyJson::make('new_values'),
+                PrettyJsonField::make('old_values'),
+                PrettyJsonField::make('new_values'),
                 Forms\Components\Textarea::make('url'),
                 Forms\Components\TextInput::make('ip_address'),
                 Forms\Components\TextInput::make('user_agent')

app/Filament/Resources/FailedJobResource.php

@@ -20,7 +20,7 @@ use Filament\Tables\Columns\TextColumn;
 use Filament\Tables\Table;
 use Illuminate\Support\Collection;
 use Illuminate\Support\Facades\Artisan;
-use Novadaemon\FilamentPrettyJson\PrettyJson;
+use Novadaemon\FilamentPrettyJson\Form\PrettyJsonField;
 
 /**
  * @source https://gitlab.com/amvisor/filament-failed-jobs
@@ -50,7 +50,7 @@ class FailedJobResource extends Resource
 
                 // make text a little bit smaller because often a complete Stack Trace is shown:
                 TextArea::make('exception')->disabled()->columnSpan(4)->extraInputAttributes(['style' => 'font-size: 80%;']),
-                PrettyJson::make('payload')->disabled()->columnSpan(4),
+                PrettyJsonField::make('payload')->disabled()->columnSpan(4),
             ])->columns(4);
     }
 

app/Filament/Resources/OrganizationResource.php

@@ -4,6 +4,11 @@ declare(strict_types=1);
 
 namespace App\Filament\Resources;
 
+use App\Enums\CurrencyFormat;
+use App\Enums\DateFormat;
+use App\Enums\IntervalFormat;
+use App\Enums\NumberFormat;
+use App\Enums\TimeFormat;
 use App\Filament\Resources\OrganizationResource\Pages;
 use App\Filament\Resources\OrganizationResource\RelationManagers\InvitationsRelationManager;
 use App\Filament\Resources\OrganizationResource\RelationManagers\UsersRelationManager;
@@ -56,6 +61,21 @@ class OrganizationResource extends Resource
                     ->searchable(['name', 'email'])
                     ->disabledOn(['edit'])
                     ->required(),
+                Select::make('date_format')
+                    ->options(DateFormat::toSelectArray())
+                    ->required(),
+                Select::make('currency_format')
+                    ->options(CurrencyFormat::toSelectArray())
+                    ->required(),
+                Select::make('interval_format')
+                    ->options(IntervalFormat::toSelectArray())
+                    ->required(),
+                Select::make('number_format')
+                    ->options(NumberFormat::toSelectArray())
+                    ->required(),
+                Select::make('time_format')
+                    ->options(TimeFormat::toSelectArray())
+                    ->required(),
                 Forms\Components\Select::make('currency')
                     ->label('Currency')
                     ->options(function (): array {

app/Filament/Resources/ReportResource.php

@@ -18,7 +18,7 @@ use Filament\Tables\Columns\TextColumn;
 use Filament\Tables\Columns\ToggleColumn;
 use Filament\Tables\Filters\SelectFilter;
 use Filament\Tables\Table;
-use Novadaemon\FilamentPrettyJson\PrettyJson;
+use Novadaemon\FilamentPrettyJson\Form\PrettyJsonField;
 
 class ReportResource extends Resource
 {
@@ -58,7 +58,7 @@ class ReportResource extends Resource
                 Forms\Components\TextInput::make('share_secret')
                     ->label('Share Secret')
                     ->nullable(),
-                PrettyJson::make('properties')
+                PrettyJsonField::make('properties')
                     ->formatStateUsing(function (ReportPropertiesDto $state, Report $record): string {
                         return $record->getRawOriginal('properties');
                     })

app/Filament/Resources/TokenResource.php

@@ -0,0 +1,148 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources;
+
+use App\Filament\Resources\TokenResource\Pages;
+use App\Models\Passport\Client;
+use App\Models\Passport\Token;
+use Filament\Forms;
+use Filament\Forms\Form;
+use Filament\Resources\Resource;
+use Filament\Tables;
+use Filament\Tables\Filters\TernaryFilter;
+use Filament\Tables\Table;
+use Illuminate\Database\Eloquent\Builder;
+
+class TokenResource extends Resource
+{
+    protected static ?string $model = Token::class;
+
+    protected static ?string $navigationIcon = 'heroicon-o-key';
+
+    protected static ?string $navigationGroup = 'Auth';
+
+    protected static ?int $navigationSort = 6;
+
+    public static function form(Form $form): Form
+    {
+        return $form
+            ->columns(1)
+            ->schema([
+                Forms\Components\TextInput::make('id')
+                    ->label('ID')
+                    ->disabled()
+                    ->visibleOn(['update', 'show'])
+                    ->readOnly()
+                    ->maxLength(255),
+                Forms\Components\TextInput::make('name')
+                    ->label('Name')
+                    ->required()
+                    ->maxLength(255),
+                Forms\Components\Select::make('user_id')
+                    ->label('User')
+                    ->relationship(name: 'user', titleAttribute: 'name')
+                    ->searchable(['name'])
+                    ->disabled()
+                    ->required(),
+                Forms\Components\Select::make('client_id')
+                    ->label('Client')
+                    ->relationship(name: 'client', titleAttribute: 'name')
+                    ->searchable(['name'])
+                    ->required(),
+                Forms\Components\Toggle::make('revoked')
+                    ->label('Revoked')
+                    ->required(),
+                Forms\Components\DateTimePicker::make('expires_at')
+                    ->label('Expires At')
+                    ->disabled(),
+                Forms\Components\DateTimePicker::make('created_at')
+                    ->label('Created At')
+                    ->disabled(),
+                Forms\Components\DateTimePicker::make('updated_at')
+                    ->label('Updated At')
+                    ->disabled(),
+            ]);
+    }
+
+    public static function table(Table $table): Table
+    {
+        return $table
+            ->columns([
+                Tables\Columns\TextColumn::make('name')
+                    ->searchable()
+                    ->sortable(),
+                Tables\Columns\TextColumn::make('user.name')
+                    ->searchable()
+                    ->sortable(),
+                Tables\Columns\TextColumn::make('client.name')
+                    ->searchable()
+                    ->sortable(),
+                Tables\Columns\IconColumn::make('client.personal_access_client')
+                    ->boolean()
+                    ->label('API token?')
+                    ->sortable(),
+                Tables\Columns\IconColumn::make('revoked')
+                    ->boolean()
+                    ->label('Revoked?')
+                    ->sortable(),
+                Tables\Columns\TextColumn::make('expires_at')
+                    ->dateTime()
+                    ->sortable(),
+                Tables\Columns\TextColumn::make('created_at')
+                    ->dateTime()
+                    ->sortable(),
+                Tables\Columns\TextColumn::make('updated_at')
+                    ->dateTime()
+                    ->sortable()
+                    ->toggleable(isToggledHiddenByDefault: true),
+            ])
+            ->defaultSort('created_at', 'desc')
+            ->filters([
+                TernaryFilter::make('is_personal_access_client')
+                    ->queries(
+                        true: function (Builder $query) {
+                            /** @var Builder<Token> $query */
+                            return $query->whereHas('client', function (Builder $query) {
+                                /** @var Builder<Client> $query */
+                                return $query->where('personal_access_client', true);
+                            });
+                        },
+                        false: function (Builder $query) {
+                            /** @var Builder<Token> $query */
+                            return $query->whereHas('client', function (Builder $query) {
+                                /** @var Builder<Client> $query */
+                                return $query->where('personal_access_client', false);
+                            });
+                        },
+                        blank: function (Builder $query) {
+                            /** @var Builder<Token> $query */
+                            return $query;
+                        },
+                    )
+                    ->label('API token?'),
+                TernaryFilter::make('revoked')
+                    ->label('Revoked?'),
+            ])
+            ->actions([
+                Tables\Actions\ViewAction::make(),
+            ])
+            ->bulkActions([
+            ]);
+    }
+
+    public static function getRelations(): array
+    {
+        return [
+        ];
+    }
+
+    public static function getPages(): array
+    {
+        return [
+            'index' => Pages\ListTokens::route('/'),
+            'view' => Pages\ViewToken::route('/{record}'),
+        ];
+    }
+}

app/Filament/Resources/TokenResource/Pages/ListTokens.php

@@ -0,0 +1,19 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources\TokenResource\Pages;
+
+use App\Filament\Resources\TokenResource;
+use Filament\Resources\Pages\ListRecords;
+
+class ListTokens extends ListRecords
+{
+    protected static string $resource = TokenResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+        ];
+    }
+}

app/Filament/Resources/TokenResource/Pages/ViewToken.php

@@ -0,0 +1,19 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources\TokenResource\Pages;
+
+use App\Filament\Resources\TokenResource;
+use Filament\Resources\Pages\ViewRecord;
+
+class ViewToken extends ViewRecord
+{
+    protected static string $resource = TokenResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+        ];
+    }
+}

app/Filament/Resources/UserResource.php

@@ -42,6 +42,7 @@ class UserResource extends Resource
     {
         /** @var User|null $record */
         $record = $form->getRecord();
+
         return $form
             ->columns(1)
             ->schema([

app/Filament/Resources/UserResource/Pages/CreateUser.php

@@ -24,7 +24,7 @@ class CreateUser extends CreateRecord
             $data['timezone'],
             Weekday::from($data['week_start']),
             $data['currency'],
-            (bool) $data['is_email_verified']
+            verifyEmail: (bool) $data['is_email_verified']
         );
 
         return $user;

app/Http/Controllers/Api/V1/ApiTokenController.php

@@ -0,0 +1,114 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Controllers\Api\V1;
+
+use App\Exceptions\Api\PersonalAccessClientIsNotConfiguredException;
+use App\Http\Requests\V1\ApiToken\ApiTokenStoreRequest;
+use App\Http\Resources\V1\ApiToken\ApiTokenCollection;
+use App\Http\Resources\V1\ApiToken\ApiTokenWithAccessTokenResource;
+use App\Models\Passport\Token;
+use Illuminate\Auth\Access\AuthorizationException;
+use Illuminate\Http\JsonResponse;
+
+class ApiTokenController extends Controller
+{
+    /**
+     * List all api token of the currently authenticated user
+     *
+     * This endpoint is independent of organization.
+     *
+     * @operationId getApiTokens
+     *
+     * @throws AuthorizationException
+     */
+    public function index(): ApiTokenCollection
+    {
+        $user = $this->user();
+
+        $tokens = $user->tokens()
+            ->where('client_id', '=', config('passport.personal_access_client.id'))
+            ->get();
+
+        return new ApiTokenCollection($tokens);
+    }
+
+    /**
+     * Create a new api token for the currently authenticated user
+     *
+     * The response will contain the access token that can be used to send authenticated API requests.
+     * Please note that the access token is only shown in this response and cannot be retrieved later.
+     *
+     * @operationId createApiToken
+     *
+     * @throws AuthorizationException|PersonalAccessClientIsNotConfiguredException
+     */
+    public function store(ApiTokenStoreRequest $request): ApiTokenWithAccessTokenResource
+    {
+        $user = $this->user();
+
+        if (config('passport.personal_access_client.id') === null || config('passport.personal_access_client.secret') === null) {
+            throw new PersonalAccessClientIsNotConfiguredException;
+        }
+
+        $token = $user->createToken($request->getName(), ['*']);
+        /** @var Token $tokenModel */
+        $tokenModel = $token->token;
+
+        return new ApiTokenWithAccessTokenResource($tokenModel, $token->accessToken);
+    }
+
+    /**
+     * Revoke an api token
+     *
+     * @operationId revokeApiToken
+     *
+     * @throws AuthorizationException
+     * @throws PersonalAccessClientIsNotConfiguredException
+     */
+    public function revoke(Token $apiToken): JsonResponse
+    {
+        $user = $this->user();
+
+        if (config('passport.personal_access_client.id') === null || config('passport.personal_access_client.secret') === null) {
+            throw new PersonalAccessClientIsNotConfiguredException;
+        }
+        if ($apiToken->user_id !== $user->getKey()) {
+            throw new AuthorizationException('API token does not belong to user');
+        }
+        if ($apiToken->client_id !== config('passport.personal_access_client.id')) {
+            throw new AuthorizationException('API token is not a personal access token');
+        }
+
+        $apiToken->revoke();
+
+        return response()->json(null, 204);
+    }
+
+    /**
+     * Delete an api token
+     *
+     * @operationId deleteApiToken
+     *
+     * @throws AuthorizationException|PersonalAccessClientIsNotConfiguredException
+     */
+    public function destroy(Token $apiToken): JsonResponse
+    {
+        $user = $this->user();
+
+        if (config('passport.personal_access_client.id') === null || config('passport.personal_access_client.secret') === null) {
+            throw new PersonalAccessClientIsNotConfiguredException;
+        }
+        if ($apiToken->user_id !== $user->getKey()) {
+            throw new AuthorizationException('API token does not belong to user');
+        }
+        if ($apiToken->client_id !== config('passport.personal_access_client.id')) {
+            throw new AuthorizationException('API token is not a personal access token');
+        }
+
+        $apiToken->delete();
+
+        return response()->json(null, 204);
+    }
+}

app/Http/Controllers/Api/V1/ChartController.php

@@ -0,0 +1,172 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Controllers\Api\V1;
+
+use App\Enums\Role;
+use App\Models\Organization;
+use App\Service\DashboardService;
+use App\Service\PermissionStore;
+use Illuminate\Auth\Access\AuthorizationException;
+use Illuminate\Http\JsonResponse;
+
+class ChartController extends Controller
+{
+    /**
+     * @throws AuthorizationException
+     *
+     * @operationId weeklyProjectOverview
+     *
+     * @response array<int, array{value: int, name: string, color: string}>
+     */
+    public function weeklyProjectOverview(Organization $organization, DashboardService $dashboardService): JsonResponse
+    {
+        $this->checkPermission($organization, 'charts:view:own');
+        $user = $this->user();
+
+        $weeklyProjectOverview = $dashboardService->weeklyProjectOverview($user, $organization);
+
+        return response()->json($weeklyProjectOverview);
+    }
+
+    /**
+     * @throws AuthorizationException
+     *
+     * @operationId latestTasks
+     *
+     * @response array<int, array{task_id: string, name: string, description: string|null, status: bool, time_entry_id: string|null}>
+     */
+    public function latestTasks(Organization $organization, DashboardService $dashboardService): JsonResponse
+    {
+        $this->checkPermission($organization, 'charts:view:own');
+        $user = $this->user();
+
+        $latestTasks = $dashboardService->latestTasks($user, $organization);
+
+        return response()->json($latestTasks);
+    }
+
+    /**
+     * @throws AuthorizationException
+     *
+     * @operationId lastSevenDays
+     *
+     * @response array<int, array{ date: string, duration: int, history: array<int> }>
+     */
+    public function lastSevenDays(Organization $organization, DashboardService $dashboardService): JsonResponse
+    {
+        $this->checkPermission($organization, 'charts:view:own');
+        $user = $this->user();
+
+        $lastSevenDays = $dashboardService->lastSevenDays($user, $organization);
+
+        return response()->json($lastSevenDays);
+    }
+
+    /**
+     * @throws AuthorizationException
+     *
+     * @operationId latestTeamActivity
+     *
+     * @response array<int, array{member_id: string, name: string, description: string|null, time_entry_id: string, task_id: string|null, status: bool }>
+     */
+    public function latestTeamActivity(Organization $organization, DashboardService $dashboardService, PermissionStore $permissionStore): JsonResponse
+    {
+        $this->checkPermission($organization, 'charts:view:all');
+
+        $latestTeamActivity = $dashboardService->latestTeamActivity($organization);
+
+        return response()->json($latestTeamActivity);
+    }
+
+    /**
+     * @throws AuthorizationException
+     *
+     * @operationId dailyTrackedHours
+     *
+     * @response array<int, array{date: string, duration: int}>
+     */
+    public function dailyTrackedHours(Organization $organization, DashboardService $dashboardService): JsonResponse
+    {
+        $this->checkPermission($organization, 'charts:view:own');
+        $user = $this->user();
+
+        $dailyTrackedHours = $dashboardService->getDailyTrackedHours($user, $organization, 60);
+
+        return response()->json($dailyTrackedHours);
+    }
+
+    /**
+     * @throws AuthorizationException
+     *
+     * @operationId totalWeeklyTime
+     *
+     * @response int
+     */
+    public function totalWeeklyTime(Organization $organization, DashboardService $dashboardService): JsonResponse
+    {
+        $this->checkPermission($organization, 'charts:view:own');
+        $user = $this->user();
+
+        $totalWeeklyTime = $dashboardService->totalWeeklyTime($user, $organization);
+
+        return response()->json($totalWeeklyTime);
+    }
+
+    /**
+     * @throws AuthorizationException
+     *
+     * @operationId totalWeeklyBillableTime
+     *
+     * @response int
+     */
+    public function totalWeeklyBillableTime(Organization $organization, DashboardService $dashboardService): JsonResponse
+    {
+        $this->checkPermission($organization, 'charts:view:own');
+        $user = $this->user();
+
+        $totalWeeklyBillableTime = $dashboardService->totalWeeklyBillableTime($user, $organization);
+
+        return response()->json($totalWeeklyBillableTime);
+    }
+
+    /**
+     * @throws AuthorizationException
+     *
+     * @operationId totalWeeklyBillableAmount
+     *
+     * @response array{value: int, currency: string}
+     */
+    public function totalWeeklyBillableAmount(Organization $organization, DashboardService $dashboardService): JsonResponse
+    {
+        $this->checkPermission($organization, 'charts:view:own');
+        $user = $this->user();
+
+        $showBillableRate = $this->member($organization)->role !== Role::Employee->value || $organization->employees_can_see_billable_rates;
+        if (! $showBillableRate) {
+            throw new AuthorizationException('You do not have permission to view billable rates.');
+        }
+
+        $totalWeeklyBillableAmount = $dashboardService->totalWeeklyBillableAmount($user, $organization);
+
+        return response()->json($totalWeeklyBillableAmount);
+    }
+
+    /**
+     * @throws AuthorizationException
+     *
+     * @operationId weeklyHistory
+     *
+     * @response array<int, array{date: string, duration: int}>
+     */
+    public function weeklyHistory(Organization $organization, DashboardService $dashboardService): JsonResponse
+    {
+        $this->checkPermission($organization, 'charts:view:own');
+        $user = $this->user();
+
+        $weeklyHistory = $dashboardService->getWeeklyHistory($user, $organization);
+
+        return response()->json($weeklyHistory);
+    }
+}

app/Http/Controllers/Api/V1/CurrencyController.php

@@ -0,0 +1,37 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Controllers\Api\V1;
+
+use App\Http\Controllers\Controller;
+use App\Service\CurrencyService;
+use Brick\Money\Currency;
+use Brick\Money\ISOCurrencyProvider;
+use Illuminate\Http\JsonResponse;
+
+class CurrencyController extends Controller
+{
+    /**
+     * Get all currencies
+     *
+     * @response array{code: string, name: string, symbol: string}[]
+     *
+     * @operationId getCurrencies
+     */
+    public function index(): JsonResponse
+    {
+        $currencyService = app(CurrencyService::class);
+
+        $currencies = array_values(array_map(
+            fn (Currency $currency): array => [
+                'code' => $currency->getCurrencyCode(),
+                'name' => $currency->getName(),
+                'symbol' => $currencyService->getCurrencySymbol($currency->getCurrencyCode()),
+            ],
+            ISOCurrencyProvider::getInstance()->getAvailableCurrencies()
+        ));
+
+        return response()->json($currencies);
+    }
+}

app/Http/Controllers/Api/V1/MemberController.php

@@ -7,12 +7,17 @@ namespace App\Http\Controllers\Api\V1;
 use App\Enums\Role;
 use App\Events\MemberMadeToPlaceholder;
 use App\Exceptions\Api\CanNotRemoveOwnerFromOrganization;
+use App\Exceptions\Api\ChangingRoleOfPlaceholderIsNotAllowed;
 use App\Exceptions\Api\ChangingRoleToPlaceholderIsNotAllowed;
 use App\Exceptions\Api\EntityStillInUseApiException;
 use App\Exceptions\Api\OnlyOwnerCanChangeOwnership;
+use App\Exceptions\Api\OnlyPlaceholdersCanBeMergedIntoAnotherMember;
 use App\Exceptions\Api\OrganizationNeedsAtLeastOneOwner;
+use App\Exceptions\Api\ThisPlaceholderCanNotBeInvitedUseTheMergeToolInsteadException;
+use App\Exceptions\Api\UserIsAlreadyMemberOfOrganizationApiException;
 use App\Exceptions\Api\UserNotPlaceholderApiException;
 use App\Http\Requests\V1\Member\MemberIndexRequest;
+use App\Http\Requests\V1\Member\MemberMergeIntoRequest;
 use App\Http\Requests\V1\Member\MemberUpdateRequest;
 use App\Http\Resources\V1\Member\MemberCollection;
 use App\Http\Resources\V1\Member\MemberResource;
@@ -24,6 +29,8 @@ use App\Service\MemberService;
 use Illuminate\Auth\Access\AuthorizationException;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Resources\Json\JsonResource;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Str;
 
 class MemberController extends Controller
 {
@@ -63,6 +70,7 @@ class MemberController extends Controller
      * @throws OrganizationNeedsAtLeastOneOwner
      * @throws OnlyOwnerCanChangeOwnership
      * @throws ChangingRoleToPlaceholderIsNotAllowed
+     * @throws ChangingRoleOfPlaceholderIsNotAllowed
      *
      * @operationId updateMember
      */
@@ -105,7 +113,9 @@ class MemberController extends Controller
     /**
      * Make a member a placeholder member
      *
-     * @throws AuthorizationException|CanNotRemoveOwnerFromOrganization
+     * @throws AuthorizationException|CanNotRemoveOwnerFromOrganization|ChangingRoleOfPlaceholderIsNotAllowed
+     *
+     * @operationId makePlaceholder
      */
     public function makePlaceholder(Organization $organization, Member $member, MemberService $memberService): JsonResponse
     {
@@ -114,6 +124,9 @@ class MemberController extends Controller
         if ($member->role === Role::Owner->value) {
             throw new CanNotRemoveOwnerFromOrganization;
         }
+        if ($member->role === Role::Placeholder->value) {
+            throw new ChangingRoleOfPlaceholderIsNotAllowed;
+        }
 
         $memberService->makeMemberToPlaceholder($member);
 
@@ -122,10 +135,41 @@ class MemberController extends Controller
         return response()->json(null, 204);
     }
 
+    /**
+     * Merge one member into another
+     *
+     * @throws AuthorizationException
+     * @throws OnlyPlaceholdersCanBeMergedIntoAnotherMember
+     * @throws \Throwable
+     *
+     * @operationId mergeMember
+     */
+    public function mergeInto(Organization $organization, Member $member, MemberMergeIntoRequest $request, MemberService $memberService): JsonResponse
+    {
+        $this->checkPermission($organization, 'members:merge-into', $member);
+
+        $user = $member->user;
+        if ($member->role !== Role::Placeholder->value || ! $user->is_placeholder) {
+            throw new OnlyPlaceholdersCanBeMergedIntoAnotherMember;
+        }
+        $memberTo = Member::findOrFail($request->getMemberId());
+
+        DB::transaction(function () use ($organization, $member, $user, $memberTo, $memberService): void {
+            $memberService->assignOrganizationEntitiesToDifferentMember($organization, $member, $memberTo);
+            $member->delete();
+            $user->delete();
+        });
+
+        return response()->json(null, 204);
+    }
+
     /**
      * Invite a placeholder member to become a real member of the organization
      *
-     * @throws AuthorizationException|UserNotPlaceholderApiException
+     * @throws AuthorizationException
+     * @throws UserNotPlaceholderApiException
+     * @throws UserIsAlreadyMemberOfOrganizationApiException
+     * @throws ThisPlaceholderCanNotBeInvitedUseTheMergeToolInsteadException
      *
      * @operationId invitePlaceholder
      */
@@ -138,6 +182,10 @@ class MemberController extends Controller
             throw new UserNotPlaceholderApiException;
         }
 
+        if (Str::endsWith($user->email, '@solidtime-import.test')) {
+            throw new ThisPlaceholderCanNotBeInvitedUseTheMergeToolInsteadException;
+        }
+
         $invitationService->inviteUser($organization, $user->email, Role::Employee);
 
         return response()->json(null, 204);

app/Http/Controllers/Api/V1/OrganizationController.php

@@ -40,15 +40,35 @@ class OrganizationController extends Controller
     {
         $this->checkPermission($organization, 'organizations:update');
 
-        $organization->name = $request->input('name');
-        $oldBillableRate = $organization->billable_rate;
-        if ($request->has('employees_can_see_billable_rates')) {
-            $organization->employees_can_see_billable_rates = $request->validated('employees_can_see_billable_rates');
+        if ($request->getName() !== null) {
+            $organization->name = $request->getName();
+        }
+        if ($request->getEmployeesCanSeeBillableRates() !== null) {
+            $organization->employees_can_see_billable_rates = $request->getEmployeesCanSeeBillableRates();
+        }
+        if ($request->getNumberFormat() !== null) {
+            $organization->number_format = $request->getNumberFormat();
+        }
+        if ($request->getCurrencyFormat() !== null) {
+            $organization->currency_format = $request->getCurrencyFormat();
+        }
+        if ($request->getDateFormat() !== null) {
+            $organization->date_format = $request->getDateFormat();
+        }
+        if ($request->getIntervalFormat() !== null) {
+            $organization->interval_format = $request->getIntervalFormat();
+        }
+        if ($request->getTimeFormat() !== null) {
+            $organization->time_format = $request->getTimeFormat();
+        }
+        $hasBillableRate = $request->has('billable_rate');
+        if ($hasBillableRate) {
+            $oldBillableRate = $organization->billable_rate;
+            $organization->billable_rate = $request->getBillableRate();
         }
-        $organization->billable_rate = $request->getBillableRate();
         $organization->save();
 
-        if ($oldBillableRate !== $request->getBillableRate()) {
+        if ($hasBillableRate && $oldBillableRate !== $request->getBillableRate()) {
             $billableRateService->updateTimeEntriesBillableRateForOrganization($organization);
         }
 

app/Http/Controllers/Api/V1/Public/ReportController.php

@@ -73,6 +73,7 @@ class ReportController extends Controller
             false,
             $report->properties->start,
             $report->properties->end,
+            true
         );
         $historyData = $timeEntryAggregationService->getAggregatedTimeEntriesWithDescriptions(
             $timeEntriesQuery->clone(),
@@ -83,6 +84,7 @@ class ReportController extends Controller
             true,
             $report->properties->start,
             $report->properties->end,
+            true
         );
 
         return new DetailedWithDataReportResource($report, $data, $historyData);

app/Http/Controllers/Api/V1/TimeEntryController.php

@@ -5,6 +5,7 @@ declare(strict_types=1);
 namespace App\Http\Controllers\Api\V1;
 
 use App\Enums\ExportFormat;
+use App\Enums\Role;
 use App\Exceptions\Api\FeatureIsNotAvailableInFreePlanApiException;
 use App\Exceptions\Api\PdfRendererIsNotConfiguredException;
 use App\Exceptions\Api\TimeEntryCanNotBeRestartedApiException;
@@ -26,6 +27,7 @@ use App\Models\Organization;
 use App\Models\Project;
 use App\Models\Task;
 use App\Models\TimeEntry;
+use App\Service\LocalizationService;
 use App\Service\ReportExport\TimeEntriesDetailedCsvExport;
 use App\Service\ReportExport\TimeEntriesDetailedExport;
 use App\Service\ReportExport\TimeEntriesReportExport;
@@ -180,6 +182,7 @@ class TimeEntryController extends Controller
         }
         $user = $this->user();
         $timezone = $user->timezone;
+        $showBillableRate = $this->member($organization)->role !== Role::Employee->value || $organization->employees_can_see_billable_rates;
 
         $timeEntriesQuery = $this->getTimeEntriesQuery($organization, $request, $member);
         $timeEntriesQuery->with([
@@ -192,6 +195,7 @@ class TimeEntryController extends Controller
         $filename = 'time-entries-export-'.now()->format('Y-m-d_H-i-s').'.'.$format->getFileExtension();
         $folderPath = 'exports';
         $path = $folderPath.'/'.$filename;
+        $localizationService = LocalizationService::forOrganization($organization);
         if ($format === ExportFormat::CSV) {
             $export = new TimeEntriesDetailedCsvExport(config('filesystems.private'), $folderPath, $filename, $timeEntriesQuery, 1000, $timezone);
             $export->export();
@@ -211,7 +215,8 @@ class TimeEntryController extends Controller
                 $user->week_start,
                 false,
                 null,
-                null
+                null,
+                $showBillableRate
             );
             $html = Blade::render($viewFile, [
                 'timeEntries' => $timeEntriesQuery->get(),
@@ -220,6 +225,8 @@ class TimeEntryController extends Controller
                 'currency' => $organization->currency,
                 'start' => $request->getStart()->timezone($timezone),
                 'end' => $request->getEnd()->timezone($timezone),
+                'localization' => $localizationService,
+                'showBillableRate' => $showBillableRate,
             ]);
             $footerViewFile = file_get_contents(resource_path('views/reports/time-entry-index/pdf-footer.blade.php'));
             if ($footerViewFile === false) {
@@ -254,7 +261,7 @@ class TimeEntryController extends Controller
                 ->putFileAs($folderPath, new File($tempFolder->path($filenameTemp)), $filename);
         } else {
             Excel::store(
-                new TimeEntriesDetailedExport($timeEntriesQuery, $format, $timezone),
+                new TimeEntriesDetailedExport($timeEntriesQuery, $format, $timezone, $localizationService),
                 $path,
                 config('filesystems.private'),
                 $format->getExportPackageType(),
@@ -285,18 +292,18 @@ class TimeEntryController extends Controller
      *          grouped_data: null|array<array{
      *              key: string|null,
      *              seconds: int,
-     *              cost: int,
+     *              cost: int|null,
      *              grouped_type: string|null,
      *              grouped_data: null|array<array{
      *                  key: string|null,
      *                  seconds: int,
-     *                  cost: int,
+     *                  cost: int|null,
      *                  grouped_type: null,
      *                  grouped_data: null
      *              }>
      *          }>,
      *          seconds: int,
-     *          cost: int
+     *          cost: int|null
      *      }
      * }
      *
@@ -312,6 +319,7 @@ class TimeEntryController extends Controller
             $this->checkPermission($organization, 'time-entries:view:all');
         }
         $user = $this->user();
+        $showBillableRate = $this->member($organization)->role !== Role::Employee->value || $organization->employees_can_see_billable_rates;
 
         $group1Type = $request->getGroup();
         $group2Type = $request->getSubGroup();
@@ -325,7 +333,8 @@ class TimeEntryController extends Controller
             $user->week_start,
             $request->getFillGapsInTimeGroups(),
             $request->getStart(),
-            $request->getEnd()
+            $request->getEnd(),
+            $showBillableRate
         );
 
         return [
@@ -359,6 +368,7 @@ class TimeEntryController extends Controller
         }
         $debug = $request->getDebug();
         $user = $this->user();
+        $showBillableRate = $this->member($organization)->role !== Role::Employee->value || $organization->employees_can_see_billable_rates;
 
         $group = $request->getGroup();
         $subGroup = $request->getSubGroup();
@@ -372,7 +382,8 @@ class TimeEntryController extends Controller
             $user->week_start,
             false,
             $request->getStart(),
-            $request->getEnd()
+            $request->getEnd(),
+            $showBillableRate
         );
         $dataHistoryChart = $timeEntryAggregationService->getAggregatedTimeEntries(
             $timeEntriesAggregateQuery->clone(),
@@ -382,10 +393,12 @@ class TimeEntryController extends Controller
             $user->week_start,
             true,
             $request->getStart(),
-            $request->getEnd()
+            $request->getEnd(),
+            $showBillableRate
         );
         $currency = $organization->currency;
         $timezone = app(TimezoneService::class)->getTimezoneFromUser($this->user());
+        $localizationService = LocalizationService::forOrganization($organization);
 
         $filename = 'time-entries-report-'.now()->format('Y-m-d_H-i-s').'.'.$format->getFileExtension();
         $folderPath = 'exports';
@@ -411,9 +424,12 @@ class TimeEntryController extends Controller
                 'currency' => $currency,
                 'group' => $group,
                 'subGroup' => $subGroup,
+                'timezone' => $timezone,
                 'start' => $request->getStart()->timezone($timezone),
                 'end' => $request->getEnd()->timezone($timezone),
                 'debug' => $debug,
+                'localization' => $localizationService,
+                'showBillableRate' => $showBillableRate,
             ]);
             $footerViewFile = file_get_contents(resource_path('views/reports/time-entry-aggregate/pdf-footer.blade.php'));
             if ($footerViewFile === false) {
@@ -442,7 +458,7 @@ class TimeEntryController extends Controller
                 ->putFileAs($folderPath, new File($tempFolder->path($filenameTemp)), $filename);
         } else {
             Excel::store(
-                new TimeEntriesReportExport($aggregatedData, $format, $currency, $group, $subGroup),
+                new TimeEntriesReportExport($aggregatedData, $format, $currency, $group, $subGroup, $showBillableRate),
                 $path,
                 config('filesystems.private'),
                 $format->getExportPackageType(),

app/Http/Controllers/Api/V1/UserController.php

@@ -6,7 +6,6 @@ namespace App\Http\Controllers\Api\V1;
 
 use App\Http\Resources\V1\User\UserResource;
 use Illuminate\Auth\Access\AuthorizationException;
-use Illuminate\Http\Resources\Json\JsonResource;
 
 class UserController extends Controller
 {
@@ -19,7 +18,7 @@ class UserController extends Controller
      *
      * @throws AuthorizationException
      */
-    public function me(): JsonResource
+    public function me(): UserResource
     {
         $user = $this->user();
 

app/Http/Controllers/Web/DashboardController.php

@@ -4,6 +4,7 @@ declare(strict_types=1);
 
 namespace App\Http\Controllers\Web;
 
+use App\Enums\Role;
 use App\Service\DashboardService;
 use App\Service\PermissionStore;
 use Illuminate\Auth\Access\AuthorizationException;
@@ -19,30 +20,14 @@ class DashboardController extends Controller
     {
         $user = $this->user();
         $organization = $this->currentOrganization();
-        $dailyTrackedHours = $dashboardService->getDailyTrackedHours($user, $organization, 60);
-        $weeklyHistory = $dashboardService->getWeeklyHistory($user, $organization);
-        $totalWeeklyTime = $dashboardService->totalWeeklyTime($user, $organization);
-        $totalWeeklyBillableTime = $dashboardService->totalWeeklyBillableTime($user, $organization);
-        $totalWeeklyBillableAmount = $dashboardService->totalWeeklyBillableAmount($user, $organization);
-        $weeklyProjectOverview = $dashboardService->weeklyProjectOverview($user, $organization);
-        $latestTasks = $dashboardService->latestTasks($user, $organization);
-        $lastSevenDays = $dashboardService->lastSevenDays($user, $organization);
 
         $latestTeamActivity = null;
         if ($permissionStore->has($organization, 'time-entries:view:all')) {
             $latestTeamActivity = $dashboardService->latestTeamActivity($organization);
         }
 
-        return Inertia::render('Dashboard', [
-            'weeklyProjectOverview' => $weeklyProjectOverview,
-            'latestTasks' => $latestTasks,
-            'lastSevenDays' => $lastSevenDays,
-            'latestTeamActivity' => $latestTeamActivity,
-            'dailyTrackedHours' => $dailyTrackedHours,
-            'totalWeeklyTime' => $totalWeeklyTime,
-            'totalWeeklyBillableTime' => $totalWeeklyBillableTime,
-            'totalWeeklyBillableAmount' => $totalWeeklyBillableAmount,
-            'weeklyHistory' => $weeklyHistory,
-        ]);
+        $showBillableRate = $this->member($organization)->role !== Role::Employee->value || $organization->employees_can_see_billable_rates;
+
+        return Inertia::render('Dashboard');
     }
 }

app/Http/Controllers/Web/HealthCheckController.php

@@ -64,6 +64,7 @@ class HealthCheckController extends Controller
             $response['app_env'] = app()->environment();
             $response['app_timezone'] = config('app.timezone');
             $response['app_force_https'] = config('app.force_https');
+            $response['session_secure'] = config('session.secure');
             $response['trusted_proxies'] = config('trustedproxy.proxies');
             $headers = $request->headers->all();
             if (isset($headers['cookie'])) {

app/Http/Kernel.php

@@ -18,7 +18,7 @@ class Kernel extends HttpKernel
      * @var array<int, class-string|string>
      */
     protected $middleware = [
-        // \App\Http\Middleware\TrustHosts::class,
+        \App\Http\Middleware\ForceHttps::class,
         \App\Http\Middleware\TrustProxies::class,
         \Illuminate\Http\Middleware\HandleCors::class,
         \App\Http\Middleware\PreventRequestsDuringMaintenance::class,

app/Http/Middleware/ForceHttps.php

@@ -0,0 +1,29 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\URL;
+use Symfony\Component\HttpFoundation\Response;
+
+class ForceHttps
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response)  $next
+     */
+    public function handle(Request $request, Closure $next, string ...$guards): Response
+    {
+        if (config('app.force_https', false)) {
+            URL::forceScheme('https');
+            $request->server->set('HTTPS', 'on');
+            $request->headers->set('X-Forwarded-Proto', 'https');
+        }
+
+        return $next($request);
+    }
+}

app/Http/Middleware/HandleInertiaRequests.php

@@ -40,6 +40,7 @@ class HandleInertiaRequests extends Middleware
     public function share(Request $request): array
     {
         $hasBilling = Module::has('Billing') && Module::isEnabled('Billing');
+        $hasInvoicing = Module::has('Invoicing') && Module::isEnabled('Invoicing');
 
         /** @var BillingContract $billing */
         $billing = app(BillingContract::class);
@@ -48,6 +49,7 @@ class HandleInertiaRequests extends Middleware
 
         return array_merge(parent::share($request), [
             'has_billing_extension' => $hasBilling,
+            'has_invoicing_extension' => $hasInvoicing,
             'billing' => $billing !== null && $currentOrganization !== null ? [
                 'has_subscription' => $billing->hasSubscription($currentOrganization),
                 'has_trial' => $billing->hasTrial($currentOrganization),

app/Http/Middleware/TrustHosts.php

@@ -1,22 +0,0 @@
-<?php
-
-declare(strict_types=1);
-
-namespace App\Http\Middleware;
-
-use Illuminate\Http\Middleware\TrustHosts as Middleware;
-
-class TrustHosts extends Middleware
-{
-    /**
-     * Get the host patterns that should be trusted.
-     *
-     * @return array<int, string|null>
-     */
-    public function hosts(): array
-    {
-        return [
-            $this->allSubdomainsOfApplicationUrl(),
-        ];
-    }
-}

app/Http/Requests/V1/ApiToken/ApiTokenStoreRequest.php

@@ -0,0 +1,32 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Requests\V1\ApiToken;
+
+use App\Http\Requests\V1\BaseFormRequest;
+
+class ApiTokenStoreRequest extends BaseFormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, array<string>>
+     */
+    public function rules(): array
+    {
+        return [
+            'name' => [
+                'required',
+                'string',
+                'min:1',
+                'max:255',
+            ],
+        ];
+    }
+
+    public function getName(): string
+    {
+        return $this->input('name');
+    }
+}

app/Http/Requests/V1/BaseFormRequest.php

@@ -0,0 +1,28 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Requests\V1;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class BaseFormRequest extends FormRequest
+{
+    /**
+     * @return list<string>
+     */
+    protected function moneyRules(bool $bigInt = false): array
+    {
+        $rules = [
+            'integer',
+            'min:0',
+        ];
+        if ($bigInt) {
+            $rules[] = 'max:9223372036854775807';
+        } else {
+            $rules[] = 'max:2147483647';
+        }
+
+        return $rules;
+    }
+}

app/Http/Requests/V1/Client/ClientIndexRequest.php

@@ -4,10 +4,10 @@ declare(strict_types=1);
 
 namespace App\Http\Requests\V1\Client;
 
+use App\Http\Requests\V1\BaseFormRequest;
 use Illuminate\Contracts\Validation\ValidationRule;
-use Illuminate\Foundation\Http\FormRequest;
 
-class ClientIndexRequest extends FormRequest
+class ClientIndexRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.

app/Http/Requests/V1/Client/ClientStoreRequest.php

@@ -4,17 +4,17 @@ declare(strict_types=1);
 
 namespace App\Http\Requests\V1\Client;
 
+use App\Http\Requests\V1\BaseFormRequest;
 use App\Models\Client;
 use App\Models\Organization;
 use Illuminate\Contracts\Validation\ValidationRule;
 use Illuminate\Database\Eloquent\Builder;
-use Illuminate\Foundation\Http\FormRequest;
 use Korridor\LaravelModelValidationRules\Rules\UniqueEloquent;
 
 /**
  * @property Organization $organization Organization from model binding
  */
-class ClientStoreRequest extends FormRequest
+class ClientStoreRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.

app/Http/Requests/V1/Client/ClientUpdateRequest.php

@@ -4,18 +4,18 @@ declare(strict_types=1);
 
 namespace App\Http\Requests\V1\Client;
 
+use App\Http\Requests\V1\BaseFormRequest;
 use App\Models\Client;
 use App\Models\Organization;
 use Illuminate\Contracts\Validation\ValidationRule;
 use Illuminate\Database\Eloquent\Builder;
-use Illuminate\Foundation\Http\FormRequest;
 use Korridor\LaravelModelValidationRules\Rules\UniqueEloquent;
 
 /**
  * @property Organization $organization Organization from model binding
  * @property Client|null $client Client from model binding
  */
-class ClientUpdateRequest extends FormRequest
+class ClientUpdateRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.

app/Http/Requests/V1/Import/ImportRequest.php

@@ -4,10 +4,10 @@ declare(strict_types=1);
 
 namespace App\Http\Requests\V1\Import;
 
+use App\Http\Requests\V1\BaseFormRequest;
 use Illuminate\Contracts\Validation\ValidationRule;
-use Illuminate\Foundation\Http\FormRequest;
 
-class ImportRequest extends FormRequest
+class ImportRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.

app/Http/Requests/V1/Invitation/InvitationIndexRequest.php

@@ -4,14 +4,14 @@ declare(strict_types=1);
 
 namespace App\Http\Requests\V1\Invitation;
 
+use App\Http\Requests\V1\BaseFormRequest;
 use App\Models\Organization;
 use Illuminate\Contracts\Validation\ValidationRule;
-use Illuminate\Foundation\Http\FormRequest;
 
 /**
  * @property Organization $organization
  */
-class InvitationIndexRequest extends FormRequest
+class InvitationIndexRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.

app/Http/Requests/V1/Invitation/InvitationStoreRequest.php

@@ -5,18 +5,18 @@ declare(strict_types=1);
 namespace App\Http\Requests\V1\Invitation;
 
 use App\Enums\Role;
+use App\Http\Requests\V1\BaseFormRequest;
 use App\Models\Organization;
 use App\Models\OrganizationInvitation;
 use Illuminate\Contracts\Validation\ValidationRule;
 use Illuminate\Database\Eloquent\Builder;
-use Illuminate\Foundation\Http\FormRequest;
 use Illuminate\Validation\Rule;
 use Korridor\LaravelModelValidationRules\Rules\UniqueEloquent;
 
 /**
  * @property Organization $organization
  */
-class InvitationStoreRequest extends FormRequest
+class InvitationStoreRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.

app/Http/Requests/V1/Member/MemberIndexRequest.php

@@ -4,14 +4,14 @@ declare(strict_types=1);
 
 namespace App\Http\Requests\V1\Member;
 
+use App\Http\Requests\V1\BaseFormRequest;
 use App\Models\Organization;
 use Illuminate\Contracts\Validation\ValidationRule;
-use Illuminate\Foundation\Http\FormRequest;
 
 /**
  * @property Organization $organization
  */
-class MemberIndexRequest extends FormRequest
+class MemberIndexRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.

app/Http/Requests/V1/Member/MemberMergeIntoRequest.php

@@ -0,0 +1,42 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Requests\V1\Member;
+
+use App\Http\Requests\V1\BaseFormRequest;
+use App\Models\Member;
+use App\Models\Organization;
+use Illuminate\Contracts\Validation\ValidationRule;
+use Illuminate\Database\Eloquent\Builder;
+use Korridor\LaravelModelValidationRules\Rules\ExistsEloquent;
+
+/**
+ * @property Organization $organization
+ */
+class MemberMergeIntoRequest extends BaseFormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, array<string|ValidationRule|\Illuminate\Contracts\Validation\Rule>>
+     */
+    public function rules(): array
+    {
+        return [
+            // ID of the member to which the data should be transferred (destination)
+            'member_id' => [
+                'string',
+                ExistsEloquent::make(Member::class, null, function (Builder $builder): Builder {
+                    /** @var Builder<Member> $builder */
+                    return $builder->whereBelongsTo($this->organization, 'organization');
+                })->uuid(),
+            ],
+        ];
+    }
+
+    public function getMemberId(): string
+    {
+        return (string) $this->input('member_id');
+    }
+}

app/Http/Requests/V1/Member/MemberUpdateRequest.php

@@ -5,15 +5,15 @@ declare(strict_types=1);
 namespace App\Http\Requests\V1\Member;
 
 use App\Enums\Role;
+use App\Http\Requests\V1\BaseFormRequest;
 use App\Models\Organization;
 use Illuminate\Contracts\Validation\ValidationRule;
-use Illuminate\Foundation\Http\FormRequest;
 use Illuminate\Validation\Rule;
 
 /**
  * @property Organization $organization
  */
-class MemberUpdateRequest extends FormRequest
+class MemberUpdateRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.
@@ -27,12 +27,12 @@ class MemberUpdateRequest extends FormRequest
                 'string',
                 Rule::enum(Role::class),
             ],
-            'billable_rate' => [
-                'nullable',
-                'integer',
-                'min:0',
-                'max:2147483647',
-            ],
+            'billable_rate' => array_merge(
+                [
+                    'nullable',
+                ],
+                $this->moneyRules()
+            ),
         ];
     }
 

app/Http/Requests/V1/Organization/OrganizationUpdateRequest.php

@@ -4,44 +4,98 @@ declare(strict_types=1);
 
 namespace App\Http\Requests\V1\Organization;
 
+use App\Enums\CurrencyFormat;
+use App\Enums\DateFormat;
+use App\Enums\IntervalFormat;
+use App\Enums\NumberFormat;
+use App\Enums\TimeFormat;
+use App\Http\Requests\V1\BaseFormRequest;
 use App\Models\Organization;
-use Illuminate\Contracts\Validation\ValidationRule;
-use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Validation\Rule;
 
 /**
  * @property Organization $organization Organization from model binding
  */
-class OrganizationUpdateRequest extends FormRequest
+class OrganizationUpdateRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.
      *
-     * @return array<string, array<string|ValidationRule>>
+     * @return array<string, array<string|\Illuminate\Contracts\Validation\Rule>>
      */
     public function rules(): array
     {
         return [
             'name' => [
-                'required',
                 'string',
                 'max:255',
             ],
-            'billable_rate' => [
-                'nullable',
-                'integer',
-                'min:0',
-                'max:2147483647',
-            ],
+            'billable_rate' => array_merge(
+                [
+                    'nullable',
+                ],
+                $this->moneyRules()
+            ),
             'employees_can_see_billable_rates' => [
                 'boolean',
             ],
+            'number_format' => [
+                Rule::enum(NumberFormat::class),
+            ],
+            'currency_format' => [
+                Rule::enum(CurrencyFormat::class),
+            ],
+            'date_format' => [
+                Rule::enum(DateFormat::class),
+            ],
+            'interval_format' => [
+                Rule::enum(IntervalFormat::class),
+            ],
+            'time_format' => [
+                Rule::enum(TimeFormat::class),
+            ],
         ];
     }
 
+    public function getName(): ?string
+    {
+        return $this->has('name') ? (string) $this->input('name') : null;
+    }
+
+    public function getNumberFormat(): ?NumberFormat
+    {
+        return $this->has('number_format') ? NumberFormat::from($this->input('number_format')) : null;
+    }
+
+    public function getCurrencyFormat(): ?CurrencyFormat
+    {
+        return $this->has('currency_format') ? CurrencyFormat::from($this->input('currency_format')) : null;
+    }
+
+    public function getDateFormat(): ?DateFormat
+    {
+        return $this->has('date_format') ? DateFormat::from($this->input('date_format')) : null;
+    }
+
+    public function getIntervalFormat(): ?IntervalFormat
+    {
+        return $this->has('interval_format') ? IntervalFormat::from($this->input('interval_format')) : null;
+    }
+
+    public function getTimeFormat(): ?TimeFormat
+    {
+        return $this->has('time_format') ? TimeFormat::from($this->input('time_format')) : null;
+    }
+
     public function getBillableRate(): ?int
     {
         $input = $this->input('billable_rate');
 
         return $input !== null && $input !== 0 ? (int) $this->input('billable_rate') : null;
     }
+
+    public function getEmployeesCanSeeBillableRates(): ?bool
+    {
+        return $this->has('employees_can_see_billable_rates') ? $this->boolean('employees_can_see_billable_rates') : null;
+    }
 }

app/Http/Requests/V1/Project/ProjectIndexRequest.php

@@ -4,10 +4,10 @@ declare(strict_types=1);
 
 namespace App\Http\Requests\V1\Project;
 
+use App\Http\Requests\V1\BaseFormRequest;
 use Illuminate\Contracts\Validation\ValidationRule;
-use Illuminate\Foundation\Http\FormRequest;
 
-class ProjectIndexRequest extends FormRequest
+class ProjectIndexRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.

app/Http/Requests/V1/Project/ProjectStoreRequest.php

@@ -4,20 +4,21 @@ declare(strict_types=1);
 
 namespace App\Http\Requests\V1\Project;
 
+use App\Http\Requests\V1\BaseFormRequest;
 use App\Models\Client;
 use App\Models\Organization;
 use App\Models\Project;
 use App\Rules\ColorRule;
 use Illuminate\Contracts\Validation\ValidationRule;
 use Illuminate\Database\Eloquent\Builder;
-use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Support\Str;
 use Korridor\LaravelModelValidationRules\Rules\ExistsEloquent;
 use Korridor\LaravelModelValidationRules\Rules\UniqueEloquent;
 
 /**
  * @property Organization $organization Organization from model binding
  */
-class ProjectStoreRequest extends FormRequest
+class ProjectStoreRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.
@@ -27,6 +28,7 @@ class ProjectStoreRequest extends FormRequest
     public function rules(): array
     {
         return [
+            // Name of the project, the name needs to be unique per client and organization
             'name' => [
                 'required',
                 'string',
@@ -34,7 +36,13 @@ class ProjectStoreRequest extends FormRequest
                 'max:255',
                 UniqueEloquent::make(Project::class, 'name', function (Builder $builder): Builder {
                     /** @var Builder<Project> $builder */
-                    return $builder->whereBelongsTo($this->organization, 'organization');
+                    $clientId = $this->input('client_id');
+                    if (! is_string($clientId) || ! Str::isUuid($clientId)) {
+                        $clientId = null;
+                    }
+
+                    return $builder->whereBelongsTo($this->organization, 'organization')
+                        ->where('client_id', $clientId);
                 })->withCustomTranslation('validation.project_name_already_exists'),
             ],
             'color' => [
@@ -47,14 +55,15 @@ class ProjectStoreRequest extends FormRequest
                 'required',
                 'boolean',
             ],
-            'billable_rate' => [
-                'nullable',
-                'integer',
-                'min:0',
-                'max:2147483647',
-            ],
+            'billable_rate' => array_merge(
+                [
+                    'nullable',
+                ],
+                $this->moneyRules()
+            ),
             // ID of the client
             'client_id' => [
+                'present',
                 'nullable',
                 ExistsEloquent::make(Client::class, null, function (Builder $builder): Builder {
                     /** @var Builder<Client> $builder */

app/Http/Requests/V1/Project/ProjectUpdateRequest.php

@@ -4,13 +4,14 @@ declare(strict_types=1);
 
 namespace App\Http\Requests\V1\Project;
 
+use App\Http\Requests\V1\BaseFormRequest;
 use App\Models\Client;
 use App\Models\Organization;
 use App\Models\Project;
 use App\Rules\ColorRule;
 use Illuminate\Contracts\Validation\ValidationRule;
 use Illuminate\Database\Eloquent\Builder;
-use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Support\Str;
 use Korridor\LaravelModelValidationRules\Rules\ExistsEloquent;
 use Korridor\LaravelModelValidationRules\Rules\UniqueEloquent;
 
@@ -18,7 +19,7 @@ use Korridor\LaravelModelValidationRules\Rules\UniqueEloquent;
  * @property Organization $organization Organization from model binding
  * @property Project|null $project Project from model binding
  */
-class ProjectUpdateRequest extends FormRequest
+class ProjectUpdateRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.
@@ -34,7 +35,13 @@ class ProjectUpdateRequest extends FormRequest
                 'max:255',
                 UniqueEloquent::make(Project::class, 'name', function (Builder $builder): Builder {
                     /** @var Builder<Project> $builder */
-                    return $builder->whereBelongsTo($this->organization, 'organization');
+                    $clientId = $this->input('client_id');
+                    if (! is_string($clientId) || ! Str::isUuid($clientId)) {
+                        $clientId = null;
+                    }
+
+                    return $builder->whereBelongsTo($this->organization, 'organization')
+                        ->where('client_id', $clientId);
                 })->ignore($this->project?->getKey())->withCustomTranslation('validation.project_name_already_exists'),
             ],
             'color' => [
@@ -54,18 +61,18 @@ class ProjectUpdateRequest extends FormRequest
                 'boolean',
             ],
             'client_id' => [
+                'present',
                 'nullable',
                 ExistsEloquent::make(Client::class, null, function (Builder $builder): Builder {
                     /** @var Builder<Client> $builder */
                     return $builder->whereBelongsTo($this->organization, 'organization');
                 })->uuid(),
             ],
-            'billable_rate' => [
+            'billable_rate' => array_merge([
                 'nullable',
-                'integer',
-                'min:0',
-                'max:2147483647',
             ],
+                $this->moneyRules()
+            ),
             // Estimated time in seconds
             'estimated_time' => [
                 'nullable',

app/Http/Requests/V1/ProjectMember/ProjectMemberStoreRequest.php

@@ -4,17 +4,17 @@ declare(strict_types=1);
 
 namespace App\Http\Requests\V1\ProjectMember;
 
+use App\Http\Requests\V1\BaseFormRequest;
 use App\Models\Member;
 use App\Models\Organization;
 use Illuminate\Contracts\Validation\ValidationRule;
 use Illuminate\Database\Eloquent\Builder;
-use Illuminate\Foundation\Http\FormRequest;
 use Korridor\LaravelModelValidationRules\Rules\ExistsEloquent;
 
 /**
  * @property Organization $organization Organization from model binding
  */
-class ProjectMemberStoreRequest extends FormRequest
+class ProjectMemberStoreRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.
@@ -31,12 +31,12 @@ class ProjectMemberStoreRequest extends FormRequest
                     return $builder->whereBelongsTo($this->organization, 'organization');
                 })->uuid(),
             ],
-            'billable_rate' => [
-                'nullable',
-                'integer',
-                'min:0',
-                'max:2147483647',
-            ],
+            'billable_rate' => array_merge(
+                [
+                    'nullable',
+                ],
+                $this->moneyRules()
+            ),
         ];
     }
 

app/Http/Requests/V1/ProjectMember/ProjectMemberUpdateRequest.php

@@ -4,14 +4,14 @@ declare(strict_types=1);
 
 namespace App\Http\Requests\V1\ProjectMember;
 
+use App\Http\Requests\V1\BaseFormRequest;
 use App\Models\Organization;
 use Illuminate\Contracts\Validation\ValidationRule;
-use Illuminate\Foundation\Http\FormRequest;
 
 /**
  * @property Organization $organization Organization from model binding
  */
-class ProjectMemberUpdateRequest extends FormRequest
+class ProjectMemberUpdateRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.
@@ -21,12 +21,12 @@ class ProjectMemberUpdateRequest extends FormRequest
     public function rules(): array
     {
         return [
-            'billable_rate' => [
-                'nullable',
-                'integer',
-                'min:0',
-                'max:2147483647',
-            ],
+            'billable_rate' => array_merge(
+                [
+                    'nullable',
+                ],
+                $this->moneyRules()
+            ),
         ];
     }
 

app/Http/Requests/V1/Report/ReportStoreRequest.php

@@ -7,17 +7,17 @@ namespace App\Http\Requests\V1\Report;
 use App\Enums\TimeEntryAggregationType;
 use App\Enums\TimeEntryAggregationTypeInterval;
 use App\Enums\Weekday;
+use App\Http\Requests\V1\BaseFormRequest;
 use App\Models\Organization;
 use Illuminate\Contracts\Validation\Rule as LegacyValidationRule;
 use Illuminate\Contracts\Validation\ValidationRule;
-use Illuminate\Foundation\Http\FormRequest;
 use Illuminate\Support\Carbon;
 use Illuminate\Validation\Rule;
 
 /**
  * @property Organization $organization Organization from model binding
  */
-class ReportStoreRequest extends FormRequest
+class ReportStoreRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.
@@ -40,7 +40,7 @@ class ReportStoreRequest extends FormRequest
                 'required',
                 'boolean',
             ],
-            // After this date the report will be automatically set to private (is_public=false) (ISO 8601 format, UTC timezone)
+            // After this date the report will be automatically set to private (is_public=false) (Format: "Y-m-d\TH:i:s\Z", UTC timezone, Example: "2000-02-22T14:58:59Z")
             'public_until' => [
                 'nullable',
                 'date_format:Y-m-d\TH:i:s\Z',

app/Http/Requests/V1/Report/ReportUpdateRequest.php

@@ -4,15 +4,15 @@ declare(strict_types=1);
 
 namespace App\Http\Requests\V1\Report;
 
+use App\Http\Requests\V1\BaseFormRequest;
 use App\Models\Organization;
 use Illuminate\Contracts\Validation\ValidationRule;
-use Illuminate\Foundation\Http\FormRequest;
 use Illuminate\Support\Carbon;
 
 /**
  * @property Organization $organization Organization from model binding
  */
-class ReportUpdateRequest extends FormRequest
+class ReportUpdateRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.

app/Http/Requests/V1/Tag/TagStoreRequest.php

@@ -4,17 +4,17 @@ declare(strict_types=1);
 
 namespace App\Http\Requests\V1\Tag;
 
+use App\Http\Requests\V1\BaseFormRequest;
 use App\Models\Organization;
 use App\Models\Tag;
 use Illuminate\Contracts\Validation\ValidationRule;
 use Illuminate\Database\Eloquent\Builder;
-use Illuminate\Foundation\Http\FormRequest;
 use Korridor\LaravelModelValidationRules\Rules\UniqueEloquent;
 
 /**
  * @property Organization $organization Organization from model binding
  */
-class TagStoreRequest extends FormRequest
+class TagStoreRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.

app/Http/Requests/V1/Tag/TagUpdateRequest.php

@@ -4,18 +4,18 @@ declare(strict_types=1);
 
 namespace App\Http\Requests\V1\Tag;
 
+use App\Http\Requests\V1\BaseFormRequest;
 use App\Models\Organization;
 use App\Models\Tag;
 use Illuminate\Contracts\Validation\ValidationRule;
 use Illuminate\Database\Eloquent\Builder;
-use Illuminate\Foundation\Http\FormRequest;
 use Korridor\LaravelModelValidationRules\Rules\UniqueEloquent;
 
 /**
  * @property Organization $organization Organization from model binding
  * @property Tag|null $tag Tag from model binding
  */
-class TagUpdateRequest extends FormRequest
+class TagUpdateRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.

app/Http/Requests/V1/Task/TaskIndexRequest.php

@@ -4,19 +4,19 @@ declare(strict_types=1);
 
 namespace App\Http\Requests\V1\Task;
 
+use App\Http\Requests\V1\BaseFormRequest;
 use App\Models\Organization;
 use App\Models\Project;
 use App\Service\PermissionStore;
 use Illuminate\Contracts\Validation\ValidationRule;
 use Illuminate\Database\Eloquent\Builder;
-use Illuminate\Foundation\Http\FormRequest;
 use Illuminate\Support\Facades\Auth;
 use Korridor\LaravelModelValidationRules\Rules\ExistsEloquent;
 
 /**
  * @property Organization $organization Organization from model binding
  */
-class TaskIndexRequest extends FormRequest
+class TaskIndexRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.

app/Http/Requests/V1/Task/TaskStoreRequest.php

@@ -4,19 +4,19 @@ declare(strict_types=1);
 
 namespace App\Http\Requests\V1\Task;
 
+use App\Http\Requests\V1\BaseFormRequest;
 use App\Models\Organization;
 use App\Models\Project;
 use App\Models\Task;
 use Illuminate\Contracts\Validation\ValidationRule;
 use Illuminate\Database\Eloquent\Builder;
-use Illuminate\Foundation\Http\FormRequest;
 use Korridor\LaravelModelValidationRules\Rules\ExistsEloquent;
 use Korridor\LaravelModelValidationRules\Rules\UniqueEloquent;
 
 /**
  * @property Organization $organization Organization from model binding
  */
-class TaskStoreRequest extends FormRequest
+class TaskStoreRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.

app/Http/Requests/V1/Task/TaskUpdateRequest.php

@@ -4,18 +4,18 @@ declare(strict_types=1);
 
 namespace App\Http\Requests\V1\Task;
 
+use App\Http\Requests\V1\BaseFormRequest;
 use App\Models\Organization;
 use App\Models\Task;
 use Illuminate\Contracts\Validation\ValidationRule;
 use Illuminate\Database\Eloquent\Builder;
-use Illuminate\Foundation\Http\FormRequest;
 use Korridor\LaravelModelValidationRules\Rules\UniqueEloquent;
 
 /**
  * @property Organization $organization Organization from model binding
  * @property Task|null $task Task from model binding
  */
-class TaskUpdateRequest extends FormRequest
+class TaskUpdateRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.

app/Http/Requests/V1/TimeEntry/TimeEntryAggregateExportRequest.php

@@ -7,6 +7,7 @@ namespace App\Http\Requests\V1\TimeEntry;
 use App\Enums\ExportFormat;
 use App\Enums\TimeEntryAggregationType;
 use App\Enums\TimeEntryAggregationTypeInterval;
+use App\Http\Requests\V1\BaseFormRequest;
 use App\Models\Client;
 use App\Models\Member;
 use App\Models\Organization;
@@ -16,7 +17,6 @@ use App\Models\Task;
 use App\Models\User;
 use Illuminate\Contracts\Validation\ValidationRule;
 use Illuminate\Database\Eloquent\Builder;
-use Illuminate\Foundation\Http\FormRequest;
 use Illuminate\Support\Carbon;
 use Illuminate\Validation\Rule;
 use Korridor\LaravelModelValidationRules\Rules\ExistsEloquent;
@@ -24,7 +24,7 @@ use Korridor\LaravelModelValidationRules\Rules\ExistsEloquent;
 /**
  * @property Organization $organization
  */
-class TimeEntryAggregateExportRequest extends FormRequest
+class TimeEntryAggregateExportRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.

app/Http/Requests/V1/TimeEntry/TimeEntryAggregateRequest.php

@@ -5,6 +5,7 @@ declare(strict_types=1);
 namespace App\Http\Requests\V1\TimeEntry;
 
 use App\Enums\TimeEntryAggregationType;
+use App\Http\Requests\V1\BaseFormRequest;
 use App\Models\Client;
 use App\Models\Member;
 use App\Models\Organization;
@@ -14,7 +15,6 @@ use App\Models\Task;
 use App\Models\User;
 use Illuminate\Contracts\Validation\ValidationRule;
 use Illuminate\Database\Eloquent\Builder;
-use Illuminate\Foundation\Http\FormRequest;
 use Illuminate\Support\Carbon;
 use Illuminate\Validation\Rule;
 use Korridor\LaravelModelValidationRules\Rules\ExistsEloquent;
@@ -22,7 +22,7 @@ use Korridor\LaravelModelValidationRules\Rules\ExistsEloquent;
 /**
  * @property Organization $organization
  */
-class TimeEntryAggregateRequest extends FormRequest
+class TimeEntryAggregateRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.

app/Http/Requests/V1/TimeEntry/TimeEntryDestroyMultipleRequest.php

@@ -4,14 +4,14 @@ declare(strict_types=1);
 
 namespace App\Http\Requests\V1\TimeEntry;
 
+use App\Http\Requests\V1\BaseFormRequest;
 use App\Models\Organization;
 use Illuminate\Contracts\Validation\ValidationRule;
-use Illuminate\Foundation\Http\FormRequest;
 
 /**
  * @property Organization $organization Organization from model binding
  */
-class TimeEntryDestroyMultipleRequest extends FormRequest
+class TimeEntryDestroyMultipleRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.

app/Http/Requests/V1/TimeEntry/TimeEntryIndexRequest.php

@@ -4,6 +4,7 @@ declare(strict_types=1);
 
 namespace App\Http\Requests\V1\TimeEntry;
 
+use App\Http\Requests\V1\BaseFormRequest;
 use App\Models\Client;
 use App\Models\Member;
 use App\Models\Organization;
@@ -12,13 +13,12 @@ use App\Models\Tag;
 use App\Models\Task;
 use Illuminate\Contracts\Validation\ValidationRule;
 use Illuminate\Database\Eloquent\Builder;
-use Illuminate\Foundation\Http\FormRequest;
 use Korridor\LaravelModelValidationRules\Rules\ExistsEloquent;
 
 /**
  * @property Organization $organization
  */
-class TimeEntryIndexRequest extends FormRequest
+class TimeEntryIndexRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.

app/Http/Requests/V1/TimeEntry/TimeEntryStoreRequest.php

@@ -4,6 +4,7 @@ declare(strict_types=1);
 
 namespace App\Http\Requests\V1\TimeEntry;
 
+use App\Http\Requests\V1\BaseFormRequest;
 use App\Models\Member;
 use App\Models\Organization;
 use App\Models\Project;
@@ -11,13 +12,12 @@ use App\Models\Tag;
 use App\Models\Task;
 use Illuminate\Contracts\Validation\ValidationRule;
 use Illuminate\Database\Eloquent\Builder;
-use Illuminate\Foundation\Http\FormRequest;
 use Korridor\LaravelModelValidationRules\Rules\ExistsEloquent;
 
 /**
  * @property Organization $organization Organization from model binding
  */
-class TimeEntryStoreRequest extends FormRequest
+class TimeEntryStoreRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.
@@ -59,12 +59,12 @@ class TimeEntryStoreRequest extends FormRequest
                         ->where('project_id', $this->input('project_id'));
                 })->uuid()->withMessage(__('validation.task_belongs_to_project')),
             ],
-            // Start of time entry (ISO 8601 format, UTC timezone)
+            // Start of time entry (Format: "Y-m-d\TH:i:s\Z", UTC timezone, Example: "2000-02-22T14:58:59Z")
             'start' => [
                 'required',
                 'date_format:Y-m-d\TH:i:s\Z',
             ],
-            // End of time entry (ISO 8601 format, UTC timezone)
+            // End of time entry (Format: "Y-m-d\TH:i:s\Z", UTC timezone, Example: "2000-02-22T14:58:59Z")
             'end' => [
                 'nullable',
                 'date_format:Y-m-d\TH:i:s\Z',

app/Http/Requests/V1/TimeEntry/TimeEntryUpdateMultipleRequest.php

@@ -4,6 +4,7 @@ declare(strict_types=1);
 
 namespace App\Http\Requests\V1\TimeEntry;
 
+use App\Http\Requests\V1\BaseFormRequest;
 use App\Models\Member;
 use App\Models\Organization;
 use App\Models\Project;
@@ -11,13 +12,12 @@ use App\Models\Tag;
 use App\Models\Task;
 use Illuminate\Contracts\Validation\ValidationRule;
 use Illuminate\Database\Eloquent\Builder;
-use Illuminate\Foundation\Http\FormRequest;
 use Korridor\LaravelModelValidationRules\Rules\ExistsEloquent;
 
 /**
  * @property Organization $organization Organization from model binding
  */
-class TimeEntryUpdateMultipleRequest extends FormRequest
+class TimeEntryUpdateMultipleRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.

app/Http/Requests/V1/TimeEntry/TimeEntryUpdateRequest.php

@@ -4,6 +4,7 @@ declare(strict_types=1);
 
 namespace App\Http\Requests\V1\TimeEntry;
 
+use App\Http\Requests\V1\BaseFormRequest;
 use App\Models\Member;
 use App\Models\Organization;
 use App\Models\Project;
@@ -11,13 +12,12 @@ use App\Models\Tag;
 use App\Models\Task;
 use Illuminate\Contracts\Validation\ValidationRule;
 use Illuminate\Database\Eloquent\Builder;
-use Illuminate\Foundation\Http\FormRequest;
 use Korridor\LaravelModelValidationRules\Rules\ExistsEloquent;
 
 /**
  * @property Organization $organization Organization from model binding
  */
-class TimeEntryUpdateRequest extends FormRequest
+class TimeEntryUpdateRequest extends BaseFormRequest
 {
     /**
      * Get the validation rules that apply to the request.
@@ -59,11 +59,11 @@ class TimeEntryUpdateRequest extends FormRequest
                         ->where('project_id', $this->input('project_id'));
                 })->uuid()->withMessage(__('validation.task_belongs_to_project')),
             ],
-            // Start of time entry (ISO 8601 format, UTC timezone)
+            // Start of time entry (Format: "Y-m-d\TH:i:s\Z", UTC timezone, Example: "2000-02-22T14:58:59Z")
             'start' => [
                 'date_format:Y-m-d\TH:i:s\Z',
             ],
-            // End of time entry (ISO 8601 format, UTC timezone)
+            // End of time entry (Format: "Y-m-d\TH:i:s\Z", UTC timezone, Example: "2000-02-22T14:58:59Z")
             'end' => [
                 'nullable',
                 'date_format:Y-m-d\TH:i:s\Z',

app/Http/Resources/V1/ApiToken/ApiTokenCollection.php

@@ -0,0 +1,17 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Resources\V1\ApiToken;
+
+use Illuminate\Http\Resources\Json\ResourceCollection;
+
+class ApiTokenCollection extends ResourceCollection
+{
+    /**
+     * The resource that this resource collects.
+     *
+     * @var string
+     */
+    public $collects = ApiTokenResource::class;
+}

app/Http/Resources/V1/ApiToken/ApiTokenResource.php

@@ -0,0 +1,38 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Resources\V1\ApiToken;
+
+use App\Http\Resources\V1\BaseResource;
+use App\Models\Passport\Token;
+use Illuminate\Http\Request;
+
+/**
+ * @property-read Token $resource
+ */
+class ApiTokenResource extends BaseResource
+{
+    /**
+     * Transform the resource into an array.
+     *
+     * @return array<string, string|bool|int|null|array<string>>
+     */
+    public function toArray(Request $request): array
+    {
+        return [
+            /** @var string $id ID of the API token, this ID is NOT a UUID */
+            'id' => $this->resource->id,
+            /** @var string $name Name of the API token */
+            'name' => $this->resource->name,
+            /** @var bool $revoked Whether the API token is revoked */
+            'revoked' => $this->resource->revoked,
+            /** @var array<string> $scopes List of scopes that the API token has */
+            'scopes' => $this->resource->scopes,
+            /** @var string $created_at When the API token was created (ISO 8601 format, UTC timezone, example: 2024-02-26T17:17:17Z) */
+            'created_at' => $this->formatDateTime($this->resource->created_at),
+            /** @var string|null $expires_at At what time the API token expires (ISO 8601 format, UTC timezone, example: 2024-02-26T17:17:17Z) */
+            'expires_at' => $this->formatDateTime($this->resource->expires_at),
+        ];
+    }
+}

app/Http/Resources/V1/ApiToken/ApiTokenWithAccessTokenResource.php

@@ -0,0 +1,49 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Resources\V1\ApiToken;
+
+use App\Http\Resources\V1\BaseResource;
+use App\Models\Passport\Token;
+use Illuminate\Http\Request;
+
+/**
+ * @property-read Token $resource
+ */
+class ApiTokenWithAccessTokenResource extends BaseResource
+{
+    private string $accessToken;
+
+    public function __construct(Token $resource, string $accessToken)
+    {
+        $this->accessToken = $accessToken;
+        parent::__construct($resource);
+    }
+
+    /**
+     * Transform the resource into an array.
+     *
+     * @return array<string, string|bool|int|null|array<string>>
+     */
+    public function toArray(Request $request): array
+    {
+        return [
+            /** @var string $id ID of the API token, this ID is NOT a UUID */
+            'id' => $this->resource->id,
+            /** @var string $name Name of the API token */
+            'name' => $this->resource->name,
+            /** @var bool $revoked Whether the API token is revoked */
+            'revoked' => $this->resource->revoked,
+            /** @var array<string> $scopes List of scopes that the API token has */
+            'scopes' => $this->resource->scopes,
+            /** @var string $created_at When the API token was created (ISO 8601 format, UTC timezone, example: 2024-02-26T17:17:17Z) */
+            'created_at' => $this->formatDateTime($this->resource->created_at),
+            /** @var string|null $expires_at At what time the API token expires (ISO 8601 format, UTC timezone, example: 2024-02-26T17:17:17Z) */
+            'expires_at' => $this->formatDateTime($this->resource->expires_at),
+            // Additional fields
+            /** @var string $access_token Access token that can be used to authenticate requests */
+            'access_token' => $this->accessToken,
+        ];
+    }
+}

app/Http/Resources/V1/BaseResource.php

@@ -12,6 +12,10 @@ abstract class BaseResource extends JsonResource
     protected function formatDateTime(?Carbon $carbon): ?string
     {
         return $carbon?->toIso8601ZuluString();
+    }
 
+    protected function formatDate(?Carbon $carbon): ?string
+    {
+        return $carbon?->format('Y-m-d');
     }
 }

app/Http/Resources/V1/Organization/OrganizationResource.php

@@ -4,8 +4,14 @@ declare(strict_types=1);
 
 namespace App\Http\Resources\V1\Organization;
 
+use App\Enums\CurrencyFormat;
+use App\Enums\DateFormat;
+use App\Enums\IntervalFormat;
+use App\Enums\NumberFormat;
+use App\Enums\TimeFormat;
 use App\Http\Resources\V1\BaseResource;
 use App\Models\Organization;
+use App\Service\CurrencyService;
 use Illuminate\Http\Request;
 
 /**
@@ -34,6 +40,8 @@ class OrganizationResource extends BaseResource
      */
     public function toArray(Request $request): array
     {
+        $currencyService = app(CurrencyService::class);
+
         return [
             /** @var string $id ID */
             'id' => $this->resource->id,
@@ -47,6 +55,18 @@ class OrganizationResource extends BaseResource
             'employees_can_see_billable_rates' => $this->resource->employees_can_see_billable_rates,
             /** @var string $currency Currency code (ISO 4217) */
             'currency' => $this->resource->currency,
+            /** @var string $currency_symbol Currency symbol */
+            'currency_symbol' => $currencyService->getCurrencySymbol($this->resource->currency),
+            /** @var NumberFormat $number_format Number format */
+            'number_format' => $this->resource->number_format->value,
+            /** @var CurrencyFormat $currency_format Currency format */
+            'currency_format' => $this->resource->currency_format->value,
+            /** @var DateFormat $date_format Date format */
+            'date_format' => $this->resource->date_format->value,
+            /** @var IntervalFormat $interval_format Interval format */
+            'interval_format' => $this->resource->interval_format->value,
+            /** @var TimeFormat $time_format Time format */
+            'time_format' => $this->resource->time_format->value,
         ];
     }
 }

app/Http/Resources/V1/Report/DetailedReportResource.php

@@ -30,7 +30,7 @@ class DetailedReportResource extends BaseResource
             /** @var bool $is_public Whether the report can be accessed via an external link */
             'is_public' => $this->resource->is_public,
             /** @var string|null $public_until Date until the report is public */
-            'public_until' => $this->resource->public_until?->toIso8601ZuluString(),
+            'public_until' => $this->formatDateTime($this->resource->public_until),
             /** @var string|null $shareable_link Get link to access the report externally, not set if the report is private */
             'shareable_link' => $this->resource->getShareableLink(),
             'properties' => [
@@ -41,9 +41,9 @@ class DetailedReportResource extends BaseResource
                 /** @var string $history_group Type of grouping of the historic aggregation (time chart) */
                 'history_group' => $this->resource->properties->historyGroup->value,
                 /** @var string $start Start date of the report */
-                'start' => $this->resource->properties->start->toIso8601ZuluString(),
+                'start' => $this->formatDateTime($this->resource->properties->start),
                 /** @var string $end End date of the report */
-                'end' => $this->resource->properties->end->toIso8601ZuluString(),
+                'end' => $this->formatDateTime($this->resource->properties->end),
                 /** @var bool|null $active Whether the report is active */
                 'active' => $this->resource->properties->active,
                 /** @var array<string>|null $member_ids Filter by multiple member IDs, member IDs are OR combined */
@@ -60,9 +60,9 @@ class DetailedReportResource extends BaseResource
                 'task_ids' => $this->resource->properties->taskIds?->toArray(),
             ],
             /** @var string $created_at Date when the report was created */
-            'created_at' => $this->resource->created_at?->toIso8601ZuluString(),
+            'created_at' => $this->formatDateTime($this->resource->created_at),
             /** @var string $updated_at Date when the report was last updated */
-            'updated_at' => $this->resource->updated_at?->toIso8601ZuluString(),
+            'updated_at' => $this->formatDateTime($this->resource->updated_at),
         ];
     }
 }

app/Http/Resources/V1/Report/DetailedWithDataReportResource.php

@@ -4,8 +4,14 @@ declare(strict_types=1);
 
 namespace App\Http\Resources\V1\Report;
 
+use App\Enums\CurrencyFormat;
+use App\Enums\DateFormat;
+use App\Enums\IntervalFormat;
+use App\Enums\NumberFormat;
+use App\Enums\TimeFormat;
 use App\Http\Resources\V1\BaseResource;
 use App\Models\Report;
+use App\Service\CurrencyService;
 use Illuminate\Http\Request;
 
 /**
@@ -18,20 +24,20 @@ use Illuminate\Http\Request;
  *              description: string|null,
  *              color: string|null,
  *              seconds: int,
- *              cost: int,
+ *              cost: int|null,
  *              grouped_type: string|null,
  *              grouped_data: null|array<array{
  *                  key: string|null,
  *                  description: string|null,
  *                  color: string|null,
  *                  seconds: int,
- *                  cost: int,
+ *                  cost: int|null,
  *                  grouped_type: null,
  *                  grouped_data: null
  *              }>
  *          }>,
  *          seconds: int,
- *          cost: int
+ *          cost: int|null
  *    }
  */
 class DetailedWithDataReportResource extends BaseResource
@@ -64,15 +70,29 @@ class DetailedWithDataReportResource extends BaseResource
      */
     public function toArray(Request $request): array
     {
+        $currencyService = app(CurrencyService::class);
+
         return [
             /** @var string $name Name */
             'name' => $this->resource->name,
             /** @var string|null $email Description */
             'description' => $this->resource->description,
             /** @var string|null $public_until Date until the report is public */
-            'public_until' => $this->resource->public_until?->toIso8601ZuluString(),
+            'public_until' => $this->formatDateTime($this->resource->public_until),
             /** @var string $currency Currency code (ISO 4217) */
             'currency' => $this->resource->organization->currency,
+            /** @var NumberFormat $number_format Number format */
+            'number_format' => $this->resource->organization->number_format->value,
+            /** @var CurrencyFormat $currency_format Currency format */
+            'currency_format' => $this->resource->organization->currency_format->value,
+            /** @var string $currency_symbol Currency symbol */
+            'currency_symbol' => $currencyService->getCurrencySymbol($this->resource->organization->currency),
+            /** @var DateFormat $date_format Date format */
+            'date_format' => $this->resource->organization->date_format->value,
+            /** @var IntervalFormat $interval_format Interval format */
+            'interval_format' => $this->resource->organization->interval_format->value,
+            /** @var TimeFormat $time_format Time format */
+            'time_format' => $this->resource->organization->time_format->value,
             'properties' => [
                 /** @var string $group Type of first grouping */
                 'group' => $this->resource->properties->group->value,
@@ -81,9 +101,9 @@ class DetailedWithDataReportResource extends BaseResource
                 /** @var string $history_group Type of grouping of the historic aggregation (time chart) */
                 'history_group' => $this->resource->properties->historyGroup->value,
                 /** @var string $start Start date of the report */
-                'start' => $this->resource->properties->start->toIso8601ZuluString(),
+                'start' => $this->formatDateTime($this->resource->properties->start),
                 /** @var string $end End date of the report */
-                'end' => $this->resource->properties->end->toIso8601ZuluString(),
+                'end' => $this->formatDateTime($this->resource->properties->end),
             ],
             /** @var array{
              *        grouped_type: string|null,

app/Http/Resources/V1/Report/ReportResource.php

@@ -30,13 +30,13 @@ class ReportResource extends BaseResource
             /** @var bool $is_public Whether the report can be accessed via an external link */
             'is_public' => $this->resource->is_public,
             /** @var string|null $public_until Date until the report is public */
-            'public_until' => $this->resource->public_until?->toIso8601ZuluString(),
+            'public_until' => $this->formatDateTime($this->resource->public_until),
             /** @var string|null $shareable_link Get link to access the report externally, not set if the report is private */
             'shareable_link' => $this->resource->getShareableLink(),
             /** @var string $created_at Date when the report was created */
-            'created_at' => $this->resource->created_at?->toIso8601ZuluString(),
+            'created_at' => $this->formatDateTime($this->resource->created_at),
             /** @var string $updated_at Date when the report was last updated */
-            'updated_at' => $this->resource->updated_at?->toIso8601ZuluString(),
+            'updated_at' => $this->formatDateTime($this->resource->updated_at),
         ];
     }
 }

app/Listeners/RemovePlaceholder.php

@@ -6,7 +6,7 @@ namespace App\Listeners;
 
 use App\Models\Member;
 use App\Models\User;
-use App\Service\UserService;
+use App\Service\MemberService;
 use Illuminate\Database\Eloquent\Builder;
 use Laravel\Jetstream\Events\TeamMemberAdded;
 
@@ -17,8 +17,11 @@ class RemovePlaceholder
      */
     public function handle(TeamMemberAdded $event): void
     {
-        /** @var UserService $userService */
-        $userService = app(UserService::class);
+        $memberService = app(MemberService::class);
+        $member = Member::query()
+            ->whereBelongsTo($event->team, 'organization')
+            ->whereBelongsTo($event->user, 'user')
+            ->firstOrFail();
         $placeholders = Member::query()
             ->whereHas('user', function (Builder $query) use ($event): void {
                 /** @var Builder<User> $query */
@@ -32,7 +35,7 @@ class RemovePlaceholder
         foreach ($placeholders as $placeholder) {
             /** @var Member $placeholder */
             $placeholderUser = $placeholder->user;
-            $userService->assignOrganizationEntitiesToDifferentUser($event->team, $placeholderUser, $event->user);
+            $memberService->assignOrganizationEntitiesToDifferentMember($event->team, $placeholder, $member);
             $placeholder->delete();
             $placeholderUser->delete();
         }

app/Models/Member.php

@@ -7,6 +7,7 @@ namespace App\Models;
 use App\Models\Concerns\CustomAuditable;
 use App\Models\Concerns\HasUuids;
 use Database\Factories\MemberFactory;
+use Illuminate\Database\Eloquent\Collection;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Database\Eloquent\Relations\BelongsTo;
 use Illuminate\Database\Eloquent\Relations\HasMany;
@@ -24,6 +25,8 @@ use OwenIt\Auditing\Contracts\Auditable as AuditableContract;
  * @property Carbon|null $updated_at
  * @property-read Organization $organization
  * @property-read User $user
+ * @property-read Collection<ProjectMember> $projectMembers
+ * @property-read Collection<TimeEntry> $timeEntries
  *
  * @method static MemberFactory factory()
  */
@@ -59,6 +62,14 @@ class Member extends JetstreamMembership implements AuditableContract
         return $this->belongsTo(Organization::class, 'organization_id');
     }
 
+    /**
+     * @return HasMany<TimeEntry>
+     */
+    public function timeEntries(): HasMany
+    {
+        return $this->hasMany(TimeEntry::class, 'member_id');
+    }
+
     /**
      * @return HasMany<ProjectMember>
      */

app/Models/Organization.php

@@ -4,6 +4,11 @@ declare(strict_types=1);
 
 namespace App\Models;
 
+use App\Enums\CurrencyFormat;
+use App\Enums\DateFormat;
+use App\Enums\IntervalFormat;
+use App\Enums\NumberFormat;
+use App\Enums\TimeFormat;
 use App\Models\Concerns\CustomAuditable;
 use App\Models\Concerns\HasUuids;
 use Database\Factories\OrganizationFactory;
@@ -18,7 +23,6 @@ use Illuminate\Support\Str;
 use Laravel\Jetstream\Events\TeamCreated;
 use Laravel\Jetstream\Events\TeamDeleted;
 use Laravel\Jetstream\Events\TeamUpdated;
-use Laravel\Jetstream\Jetstream;
 use Laravel\Jetstream\Team as JetstreamTeam;
 use OwenIt\Auditing\Contracts\Auditable as AuditableContract;
 
@@ -37,6 +41,11 @@ use OwenIt\Auditing\Contracts\Auditable as AuditableContract;
  * @property Collection<int, User> $realUsers
  * @property-read Collection<int, OrganizationInvitation> $teamInvitations
  * @property Member $membership
+ * @property NumberFormat $number_format
+ * @property CurrencyFormat $currency_format
+ * @property DateFormat $date_format
+ * @property IntervalFormat $interval_format
+ * @property TimeFormat $time_format
  *
  * @method HasMany<OrganizationInvitation> teamInvitations()
  * @method static OrganizationFactory factory()
@@ -60,6 +69,11 @@ class Organization extends JetstreamTeam implements AuditableContract
         'personal_team' => 'boolean',
         'currency' => 'string',
         'employees_can_see_billable_rates' => 'boolean',
+        'number_format' => NumberFormat::class,
+        'currency_format' => CurrencyFormat::class,
+        'date_format' => DateFormat::class,
+        'interval_format' => IntervalFormat::class,
+        'time_format' => TimeFormat::class,
     ];
 
     /**
@@ -89,7 +103,6 @@ class Organization extends JetstreamTeam implements AuditableContract
      * @var array<string, mixed>
      */
     protected $attributes = [
-        'currency' => 'EUR',
     ];
 
     /**

app/Models/Passport/AuthCode.php

@@ -0,0 +1,9 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Models\Passport;
+
+use Laravel\Passport\AuthCode as PassportAuthCode;
+
+class AuthCode extends PassportAuthCode {}

app/Models/Passport/Client.php

@@ -0,0 +1,26 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Models\Passport;
+
+use Database\Factories\Passport\ClientFactory;
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Laravel\Passport\Client as PassportClient;
+
+/**
+ * @property string $id
+ * @property string|null $user_id
+ * @property string $name
+ * @property string|null $secret
+ * @property string|null $provider
+ * @property string $redirect
+ * @property bool $personal_access_client
+ * @property bool $password_client
+ * @property bool $revoked
+ */
+class Client extends PassportClient
+{
+    /** @use HasFactory<ClientFactory> */
+    use HasFactory;
+}

app/Models/Passport/PersonalAccessClient.php

@@ -0,0 +1,9 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Models\Passport;
+
+use Laravel\Passport\PersonalAccessClient as PassportPersonalAccessClient;
+
+class PersonalAccessClient extends PassportPersonalAccessClient {}

app/Models/Passport/RefreshToken.php

@@ -0,0 +1,9 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Models\Passport;
+
+use Laravel\Passport\RefreshToken as PassportRefreshToken;
+
+class RefreshToken extends PassportRefreshToken {}

app/Models/Passport/Token.php

@@ -0,0 +1,38 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Models\Passport;
+
+use Database\Factories\Passport\TokenFactory;
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Illuminate\Database\Eloquent\Relations\BelongsTo;
+use Illuminate\Support\Carbon;
+use Laravel\Passport\Token as PassportToken;
+
+/**
+ * @property string $id
+ * @property null|string $user_id
+ * @property string $client_id
+ * @property null|string $name
+ * @property array<string> $scopes
+ * @property bool $revoked
+ * @property Carbon|null $created_at
+ * @property Carbon|null $updated_at
+ * @property Carbon|null $expires_at
+ */
+class Token extends PassportToken
+{
+    /** @use HasFactory<TokenFactory> */
+    use HasFactory;
+
+    /**
+     * Get the client that the token belongs to.
+     *
+     * @return BelongsTo<Client, Token>
+     */
+    public function client(): BelongsTo
+    {
+        return $this->belongsTo(Client::class, 'client_id', 'id');
+    }
+}

app/Models/User.php

@@ -7,6 +7,7 @@ namespace App\Models;
 use App\Enums\Weekday;
 use App\Models\Concerns\CustomAuditable;
 use App\Models\Concerns\HasUuids;
+use App\Models\Passport\Token;
 use Database\Factories\UserFactory;
 use Filament\Models\Contracts\FilamentUser;
 use Filament\Panel;
@@ -27,7 +28,6 @@ use Laravel\Jetstream\HasProfilePhoto;
 use Laravel\Jetstream\HasTeams;
 use Laravel\Passport\AuthCode;
 use Laravel\Passport\HasApiTokens;
-use Laravel\Passport\Token;
 use OwenIt\Auditing\Contracts\Auditable as AuditableContract;
 
 /**
@@ -44,6 +44,7 @@ use OwenIt\Auditing\Contracts\Auditable as AuditableContract;
  * @property-read Organization|null $currentOrganization
  * @property-read Organization|null $currentTeam
  * @property-read string $profile_photo_url
+ * @property-read Collection<int, Token> $tokens
  * @property Carbon|null $created_at
  * @property Carbon|null $updated_at
  * @property string|null $current_team_id
@@ -196,6 +197,17 @@ class User extends Authenticatable implements AuditableContract, FilamentUser, M
         return $this->hasMany(AuthCode::class);
     }
 
+    /**
+     * Get the access tokens for the user.
+     *
+     * @return HasMany<Token>
+     */
+    public function tokens(): HasMany
+    {
+        return $this->hasMany(Token::class, 'user_id')
+            ->orderBy('created_at', 'desc');
+    }
+
     /**
      * @param  Builder<User>  $builder
      */