Removed default healthcheck in prod Dockerfile

# Conflicts:
#	e2e/members.spec.ts
#	e2e/organization.spec.ts

.env.ci

@@ -31,12 +31,7 @@ REDIS_HOST=127.0.0.1
 REDIS_PASSWORD=null
 REDIS_PORT=6379
 
-MAIL_MAILER=smtp
-MAIL_HOST=mailpit
-MAIL_PORT=1025
-MAIL_USERNAME=null
-MAIL_PASSWORD=null
-MAIL_ENCRYPTION=null
+MAIL_MAILER=log
 MAIL_FROM_ADDRESS="hello@example.com"
 MAIL_FROM_NAME="${APP_NAME}"
 

.env.example

@@ -3,11 +3,12 @@ APP_ENV=local
 APP_KEY=base64:UNQNf1SXeASNkWux01Rj8EnHYx8FO0kAxWNDwktclkk=
 APP_DEBUG=true
 APP_URL=https://solidtime.test
+AUDITING_ENABLED=true
 
 SUPER_ADMINS=admin@example.com
 
-LOG_CHANNEL=stack
-LOG_DEPRECATIONS_CHANNEL=null
+LOG_CHANNEL=single
+LOG_DEPRECATIONS_CHANNEL=deprecation
 LOG_LEVEL=debug
 
 DB_CONNECTION=pgsql
@@ -73,3 +74,5 @@ NETWORK_NAME=reverse-proxy-docker-traefik_routing
 
 FORWARD_DB_PORT=5432
 FORWARD_WEB_PORT=8083
+
+PAGINATION_PER_PAGE_DEFAULT=500

.env.production

@@ -4,7 +4,7 @@ APP_ENV=production
 APP_DEBUG=false
 APP_FORCE_HTTPS=true
 SESSION_SECURE_COOKIE=true
-OCTANE_SERVER=swoole
+OCTANE_SERVER=frankenphp
 PAGINATION_PER_PAGE_DEFAULT=500
 
 LOG_CHANNEL=stack

.github/workflows/build-private.yml

@@ -3,6 +3,8 @@ on:
     branches:
       - main
       - develop
+    tags:
+      - '*'
   pull_request:
     paths:
       - '.github/workflows/build-private.yml'
@@ -13,6 +15,8 @@ name: Build - Private
 jobs:
   build:
     runs-on: ubuntu-latest
+    timeout-minutes: 10
+
     steps:
       - name: "Check out code"
         uses: actions/checkout@v4
@@ -67,7 +71,7 @@ jobs:
         uses: shivammathur/setup-php@v2
         with:
           php-version: '8.3'
-          extensions: mbstring, dom, fileinfo, pgsql, swoole
+          extensions: mbstring, dom, fileinfo, pgsql
 
       - name: "Install dependencies"
         uses: php-actions/composer@v6
@@ -114,9 +118,11 @@ jobs:
         uses: docker/setup-buildx-action@v3
 
       - name: "Build and push"
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
+          build-args: |
+            DOCKER_FILES_BASE_PATH=docker/prod/
           file: docker/prod/Dockerfile
           push: true
           tags: ${{ steps.meta.outputs.tags }}

.github/workflows/build-public.yml

@@ -3,6 +3,8 @@ on:
     branches:
       - main
       - develop
+    tags:
+      - '*'
   pull_request:
     paths:
       - '.github/workflows/build-public.yml'
@@ -13,6 +15,8 @@ name: Build - Public
 jobs:
   build:
     runs-on: ubuntu-latest
+    timeout-minutes: 10
+
     steps:
       - name: "Check out code"
         uses: actions/checkout@v4
@@ -60,10 +64,12 @@ jobs:
         uses: docker/setup-buildx-action@v3
 
       - name: "Build and push"
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
           file: docker/prod/Dockerfile
+          build-args: |
+            DOCKER_FILES_BASE_PATH=docker/prod/
           platforms: linux/amd64
           push: true
           tags: ${{ steps.meta.outputs.tags }}

.github/workflows/generate-api-docs.yml

@@ -6,6 +6,7 @@ on:
 jobs:
   api_docs:
     runs-on: ubuntu-latest
+    timeout-minutes: 10
 
     services:
       pgsql_test:

.github/workflows/npm-build.yml

@@ -4,8 +4,8 @@ on: [push]
 
 jobs:
   build:
-
     runs-on: ubuntu-latest
+    timeout-minutes: 10
 
     steps:
       - name: "Checkout code"

.github/workflows/npm-lint.yml

@@ -4,8 +4,8 @@ on: [push]
 
 jobs:
   build:
-
     runs-on: ubuntu-latest
+    timeout-minutes: 10
 
     steps:
       - name: "Checkout code"

.github/workflows/npm-publish-api.yml

@@ -0,0 +1,29 @@
+name: Publish API package to NPM
+on:
+  workflow_dispatch
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+    steps:
+      - uses: actions/checkout@v4
+      # Setup .npmrc file to publish to npm
+      - name: Install root project dependencies
+        run: npm ci
+      - uses: actions/setup-node@v4
+        with:
+          node-version: '20.x'
+          registry-url: 'https://registry.npmjs.org'
+      - name: Install dependencies
+        run: npm ci
+        working-directory: ./resources/js/packages/api
+      - name: Build package
+        run: npm run build
+        working-directory: ./resources/js/packages/api
+      - name: Publish Package
+        run: npm publish --provenance --access public
+        working-directory: ./resources/js/packages/api
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

.github/workflows/npm-publish-ui.yml

@@ -0,0 +1,29 @@
+name: Publish UI package to NPM
+on:
+  workflow_dispatch
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+    steps:
+      - uses: actions/checkout@v4
+      # Setup .npmrc file to publish to npm
+      - uses: actions/setup-node@v4
+        with:
+          node-version: '20.x'
+          registry-url: 'https://registry.npmjs.org'
+      - name: Install root project dependencies
+        run: npm ci
+      - name: Install package dependencies
+        run: npm ci
+        working-directory: ./resources/js/packages/ui
+      - name: Build package
+        run: npm run build
+        working-directory: ./resources/js/packages/ui
+      - name: Publish Package
+        run: npm publish --provenance --access public
+        working-directory: ./resources/js/packages/ui
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

.github/workflows/npm-typecheck.yml

@@ -4,8 +4,8 @@ on: [push]
 
 jobs:
   build:
-
     runs-on: ubuntu-latest
+    timeout-minutes: 10
 
     steps:
       - name: "Checkout code"

.github/workflows/phpstan.yml

@@ -3,6 +3,7 @@ on: push
 jobs:
   phpstan:
     runs-on: ubuntu-latest
+    timeout-minutes: 10
 
     steps:
       - name: "Checkout code"

.github/workflows/phpunit.yml

@@ -3,6 +3,7 @@ on: push
 jobs:
   phpunit:
     runs-on: ubuntu-latest
+    timeout-minutes: 10
 
     services:
       pgsql_test:
@@ -54,7 +55,7 @@ jobs:
         run: php artisan test --stop-on-failure --coverage-text --coverage-clover=coverage.xml
 
       - name: "Upload coverage reports to Codecov"
-        uses: codecov/codecov-action@v4.4.1
+        uses: codecov/codecov-action@v4.5.0
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           slug: solidtime-io/solidtime

.github/workflows/pint.yml

@@ -3,6 +3,8 @@ on: push
 jobs:
   pint:
     runs-on: ubuntu-latest
+    timeout-minutes: 10
+
     steps:
       - name: "Checkout code"
         uses: actions/checkout@v4

.github/workflows/playwright.yml

@@ -1,10 +1,10 @@
 name: Playwright Tests
-on:
-  workflow_dispatch:
+on: [push]
 jobs:
   test:
-    timeout-minutes: 60
     runs-on: ubuntu-latest
+    timeout-minutes: 60
+
     services:
       mailpit:
         image: 'axllent/mailpit:latest'

.gitignore

@@ -1,5 +1,6 @@
 /.phpunit.cache
-/node_modules
+node_modules
+dist
 /public/build
 /public/hot
 /public/storage
@@ -33,3 +34,11 @@ yarn-error.log
 /k8s
 /_ide_helper.php
 /.phpstorm.meta.php
+/.rnd
+
+/caddy
+/frankenphp
+/public/frankenphp-worker.php
+/data
+/config/caddy
+/config/composer

README.md

@@ -20,82 +20,13 @@ solidtime is a modern open-source time tracking application for Freelancers and
  - Roles and permissions: Create and manage organizations
  - Import: Import your time tracking data from other time tracking applications (Supported: Toggl, Clockify, Timeentry CSV)
 
-## Local setup for development
+## Self Hosting
 
-**System requirements**
- * Docker
+If you are looking into self-hosting solidtime, you can find the guides [here](https://docs.solidtime.io/self-hosting/intro)
 
-First you need to download or clone the repository f.e. with `git@github.com:solidtime-io/solidtime.git`. 
+We also have an examples repository [here](https://github.com/solidtime-io/self-hosting-examples)
 
-After that, execute the following commands **inside the project folder**: 
-
-```bash
-docker run --rm \
-    --pull=always \
-    -v "$(pwd)":/opt \
-    -w /opt \
-    laravelsail/php83-composer:latest \
-    bash -c "composer install --ignore-platform-reqs"
-
-cp .env.example .env
-
-./vendor/bin/sail up -d
-
-./vendor/bin/sail artisan key:generate
-
-./vendor/bin/sail artisan migrate:fresh --seed
-
-./vendor/bin/sail php artisan passport:install
-
-./vendor/bin/sail npm install
-
-./vendor/bin/sail npm run build
-```
-
-Make sure to set the APP_PORT and VITE_PORT inside your `.env` file to a port that is not already used by your system.
-
-By default the application will run on [localhost:8083](http://localhost:8083/)
-
-### Setup with Reverse Proxy
-
-**Additional System Requirements**
-* Traefik 2 Reverse-Proxy (https://github.com/korridor/reverse-proxy-docker-traefik)
-
-Add the following entry to your `/etc/hosts`
-
-```
-127.0.0.1 solidtime.test
-127.0.0.1 playwright.solidtime.test
-127.0.0.1 vite.solidtime.test
-127.0.0.1 mail.solidtime.test
-```
-
-### Running E2E Tests
-
-`./vendor/bin/sail up -d ` will automatically start a Playwright UI server that you can access at `https://playwright.solidtime.test`. 
-Make sure that you use HTTPS otherwise the resources will not be loaded correctly.
-
-### Recording E2E Tests
-
-To record E2E tests, you need to install and execute playwright locally (outside the Docker container) using: 
-
-```bash
-npx playwright install
-npx playwright codegen solidtime.test
-``` 
-
-### E2E Troubleshooting
-
-If E2E tests are not working at all, make sure you do not have the Vite server running and just run `npm run build` to update the version.
-If the E2E tests are not working consistently and fail with a timeout during the authentication, you might want to delete the `test-results/.auth` directory to force new test accounts to be created.
-
-### Generate ZOD Client
-
-The Zodius HTTP client is generated using the following command:
-
-```bash
-npm run zod:generate
-```
+If you do not want to self-host solidtime or try it out you can sign up for [solidtime cloud](https://www.solidtime.io/)
 
 ## Contributing
 

app/Actions/Fortify/CreateNewUser.php

@@ -9,6 +9,7 @@ use App\Enums\Weekday;
 use App\Events\NewsletterRegistered;
 use App\Models\Organization;
 use App\Models\User;
+use App\Service\IpLookup\IpLookupServiceContract;
 use App\Service\TimezoneService;
 use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Support\Facades\DB;
@@ -18,6 +19,7 @@ use Illuminate\Validation\ValidationException;
 use Korridor\LaravelModelValidationRules\Rules\UniqueEloquent;
 use Laravel\Fortify\Contracts\CreatesNewUsers;
 use Laravel\Jetstream\Jetstream;
+use Log;
 
 class CreateNewUser implements CreatesNewUsers
 {
@@ -55,20 +57,49 @@ class CreateNewUser implements CreatesNewUsers
             ],
         ])->validate();
 
-        $timezone = 'UTC';
-        if (array_key_exists('timezone', $input) && is_string($input['timezone']) && app(TimezoneService::class)->isValid($input['timezone'])) {
-            $timezone = $input['timezone'];
+        $timezone = null;
+        if (array_key_exists('timezone', $input) && is_string($input['timezone'])) {
+            if (app(TimezoneService::class)->isValid($input['timezone'])) {
+                $timezone = $input['timezone'];
+            } else {
+                Log::debug('Invalid timezone', ['timezone' => $input['timezone']]);
+            }
         }
 
-        $user = DB::transaction(function () use ($input, $timezone) {
+        $ipLookupResponse = app(IpLookupServiceContract::class)->lookup(request()->ip());
+
+        $startOfWeek = Weekday::Monday;
+        $currency = null;
+        if ($ipLookupResponse !== null) {
+            $startOfWeek = $ipLookupResponse->startOfWeek ?? Weekday::Monday;
+            if ($timezone === null) {
+                $timezone = $ipLookupResponse->timezone;
+            }
+            $currency = $ipLookupResponse->currency;
+        }
+
+        $user = DB::transaction(function () use ($input, $timezone, $startOfWeek, $currency) {
             return tap(User::create([
                 'name' => $input['name'],
                 'email' => $input['email'],
                 'password' => Hash::make($input['password']),
-                'timezone' => $timezone,
-                'week_start' => Weekday::Monday,
-            ]), function (User $user) {
-                $this->createTeam($user);
+                'timezone' => $timezone ?? 'UTC',
+                'week_start' => $startOfWeek,
+            ]), function (User $user) use ($currency): void {
+                $organization = new Organization();
+                $organization->name = explode(' ', $user->name, 2)[0]."'s Organization";
+                $organization->personal_team = true;
+                $organization->currency = $currency ?? 'EUR';
+                $organization->owner()->associate($user);
+                $organization->save();
+
+                $organization->users()->attach(
+                    $user, [
+                        'role' => Role::Owner->value,
+                    ]
+                );
+
+                $user->ownedTeams()->save($organization);
             });
         });
 
@@ -79,24 +110,4 @@ class CreateNewUser implements CreatesNewUsers
 
         return $user;
     }
-
-    /**
-     * Create a personal team for the user.
-     */
-    protected function createTeam(User $user): void
-    {
-        $organization = new Organization();
-        $organization->name = explode(' ', $user->name, 2)[0]."'s Organization";
-        $organization->personal_team = true;
-        $organization->owner()->associate($user);
-        $organization->save();
-
-        $organization->users()->attach(
-            $user, [
-                'role' => Role::Owner->value,
-            ]
-        );
-
-        $user->ownedTeams()->save($organization);
-    }
 }

app/Actions/Fortify/UpdateUserProfileInformation.php

@@ -7,9 +7,11 @@ namespace App\Actions\Fortify;
 use App\Enums\Weekday;
 use App\Models\User;
 use Illuminate\Contracts\Auth\MustVerifyEmail;
+use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Support\Facades\Validator;
 use Illuminate\Validation\Rule;
 use Illuminate\Validation\ValidationException;
+use Korridor\LaravelModelValidationRules\Rules\UniqueEloquent;
 use Laravel\Fortify\Contracts\UpdatesUserProfileInformation;
 
 class UpdateUserProfileInformation implements UpdatesUserProfileInformation
@@ -24,11 +26,33 @@ class UpdateUserProfileInformation implements UpdatesUserProfileInformation
     public function update(User $user, array $input): void
     {
         Validator::make($input, [
-            'name' => ['required', 'string', 'max:255'],
-            'email' => ['required', 'email', 'max:255', Rule::unique('users')->ignore($user->id)],
-            'photo' => ['nullable', 'mimes:jpg,jpeg,png', 'max:1024'],
-            'timezone' => ['required', 'timezone:all'],
-            'week_start' => ['required', Rule::enum(Weekday::class)],
+            'name' => [
+                'required',
+                'string',
+                'max:255',
+            ],
+            'email' => [
+                'required',
+                'email',
+                'max:255',
+                (new UniqueEloquent(User::class, 'email'))->ignore($user->id)->query(function (Builder $query) {
+                    /** @var Builder<User> $query */
+                    return $query->where('is_placeholder', '=', false);
+                }),
+            ],
+            'photo' => [
+                'nullable',
+                'mimes:jpg,jpeg,png',
+                'max:1024',
+            ],
+            'timezone' => [
+                'required',
+                'timezone:all',
+            ],
+            'week_start' => [
+                'required',
+                Rule::enum(Weekday::class),
+            ],
         ])->validateWithBag('updateProfileInformation');
 
         if (isset($input['photo'])) {

app/Actions/Jetstream/AddOrganizationMember.php

@@ -7,7 +7,6 @@ namespace App\Actions\Jetstream;
 use App\Enums\Role;
 use App\Models\Organization;
 use App\Models\User;
-use App\Service\UserService;
 use Closure;
 use Illuminate\Contracts\Validation\ValidationRule;
 use Illuminate\Database\Eloquent\Builder;
@@ -43,10 +42,6 @@ class AddOrganizationMember implements AddsTeamMembers
             $organization->users()->attach(
                 $newOrganizationMember, ['role' => $role]
             );
-
-            if ($role === Role::Owner->value) {
-                app(UserService::class)->changeOwnership($organization, $newOrganizationMember);
-            }
         });
 
         TeamMemberAdded::dispatch($organization, $newOrganizationMember);
@@ -84,7 +79,6 @@ class AddOrganizationMember implements AddsTeamMembers
                 'required',
                 'string',
                 Rule::in([
-                    Role::Owner->value,
                     Role::Admin->value,
                     Role::Manager->value,
                     Role::Employee->value,

app/Actions/Jetstream/DeleteOrganization.php

@@ -5,6 +5,7 @@ declare(strict_types=1);
 namespace App\Actions\Jetstream;
 
 use App\Models\Organization;
+use App\Service\DeletionService;
 use Laravel\Jetstream\Contracts\DeletesTeams;
 
 class DeleteOrganization implements DeletesTeams
@@ -12,8 +13,9 @@ class DeleteOrganization implements DeletesTeams
     /**
      * Delete the given team.
      */
-    public function delete(Organization $team): void
+    public function delete(Organization $organization): void
     {
-        $team->purge();
+        /** @see ValidateOrganizationDeletion */
+        app(DeletionService::class)->deleteOrganization($organization);
     }
 }

app/Actions/Jetstream/DeleteUser.php

@@ -4,51 +4,27 @@ declare(strict_types=1);
 
 namespace App\Actions\Jetstream;
 
-use App\Models\Organization;
+use App\Exceptions\Api\ApiException;
 use App\Models\User;
-use Illuminate\Support\Facades\DB;
-use Laravel\Jetstream\Contracts\DeletesTeams;
+use App\Service\DeletionService;
+use Illuminate\Validation\ValidationException;
 use Laravel\Jetstream\Contracts\DeletesUsers;
 
 class DeleteUser implements DeletesUsers
 {
-    /**
-     * The team deleter implementation.
-     *
-     * @var \Laravel\Jetstream\Contracts\DeletesTeams
-     */
-    protected $deletesTeams;
-
-    /**
-     * Create a new action instance.
-     */
-    public function __construct(DeletesTeams $deletesTeams)
-    {
-        $this->deletesTeams = $deletesTeams;
-    }
-
     /**
      * Delete the given user.
+     *
+     * @throws ValidationException
      */
     public function delete(User $user): void
     {
-        DB::transaction(function () use ($user) {
-            $this->deleteTeams($user);
-            $user->deleteProfilePhoto();
-            $user->tokens->each->delete();
-            $user->delete();
-        });
-    }
-
-    /**
-     * Delete the teams and team associations attached to the user.
-     */
-    protected function deleteTeams(User $user): void
-    {
-        $user->teams()->detach();
-
-        $user->ownedTeams->each(function (Organization $team) {
-            $this->deletesTeams->delete($team);
-        });
+        try {
+            app(DeletionService::class)->deleteUser($user);
+        } catch (ApiException $exception) {
+            throw ValidationException::withMessages([
+                'password' => $exception->getTranslatedMessage(),
+            ]);
+        }
     }
 }

app/Actions/Jetstream/InviteOrganizationMember.php

@@ -4,103 +4,21 @@ declare(strict_types=1);
 
 namespace App\Actions\Jetstream;
 
-use App\Enums\Role;
+use App\Exceptions\MovedToApiException;
 use App\Models\Organization;
-use App\Models\OrganizationInvitation;
 use App\Models\User;
-use App\Service\PermissionStore;
-use Closure;
-use Illuminate\Auth\Access\AuthorizationException;
-use Illuminate\Contracts\Validation\ValidationRule;
-use Illuminate\Database\Eloquent\Builder;
-use Illuminate\Support\Facades\Mail;
-use Illuminate\Support\Facades\Validator;
-use Illuminate\Validation\Rule;
-use Illuminate\Validation\Rules\In;
-use Korridor\LaravelModelValidationRules\Rules\UniqueEloquent;
+use Exception;
 use Laravel\Jetstream\Contracts\InvitesTeamMembers;
-use Laravel\Jetstream\Events\InvitingTeamMember;
-use Laravel\Jetstream\Mail\TeamInvitation;
 
 class InviteOrganizationMember implements InvitesTeamMembers
 {
     /**
      * Invite a new team member to the given team.
      *
-     * @throws AuthorizationException
+     * @throws Exception
      */
     public function invite(User $user, Organization $organization, string $email, ?string $role = null): void
     {
-        if (! app(PermissionStore::class)->has($organization, 'invitations:create')) {
-            throw new AuthorizationException();
-        }
-
-        $this->validate($organization, $email, $role);
-
-        InvitingTeamMember::dispatch($organization, $email, $role);
-
-        /** @var OrganizationInvitation $invitation */
-        $invitation = $organization->teamInvitations()->create([
-            'email' => $email,
-            'role' => $role,
-        ]);
-
-        Mail::to($email)->send(new TeamInvitation($invitation));
-    }
-
-    /**
-     * Validate the invite member operation.
-     */
-    protected function validate(Organization $organization, string $email, ?string $role): void
-    {
-        Validator::make([
-            'email' => $email,
-            'role' => $role,
-        ], $this->rules($organization))->after(
-            $this->ensureUserIsNotAlreadyOnTeam($organization, $email)
-        )->validateWithBag('addTeamMember');
-    }
-
-    /**
-     * Get the validation rules for inviting a team member.
-     *
-     * @return array<string, array<ValidationRule|Rule|string|In>>
-     */
-    protected function rules(Organization $organization): array
-    {
-        return array_filter([
-            'email' => [
-                'required',
-                'email',
-                (new UniqueEloquent(OrganizationInvitation::class, 'email', function (Builder $builder) use ($organization) {
-                    /** @var Builder<OrganizationInvitation> $builder */
-                    return $builder->whereBelongsTo($organization, 'organization');
-                }))->withMessage(__('This user has already been invited to the team.')),
-            ],
-            'role' => [
-                'required',
-                'string',
-                Rule::in([
-                    Role::Owner->value,
-                    Role::Admin->value,
-                    Role::Manager->value,
-                    Role::Employee->value,
-                ]),
-            ],
-        ]);
-    }
-
-    /**
-     * Ensure that the user is not already on the team.
-     */
-    protected function ensureUserIsNotAlreadyOnTeam(Organization $organization, string $email): Closure
-    {
-        return function ($validator) use ($organization, $email) {
-            $validator->errors()->addIf(
-                $organization->hasRealUserWithEmail($email),
-                'email',
-                __('This user already belongs to the team.')
-            );
-        };
+        throw new MovedToApiException();
     }
 }

app/Actions/Jetstream/RemoveOrganizationMember.php

@@ -4,50 +4,21 @@ declare(strict_types=1);
 
 namespace App\Actions\Jetstream;
 
+use App\Exceptions\MovedToApiException;
 use App\Models\Organization;
 use App\Models\User;
-use Illuminate\Auth\Access\AuthorizationException;
-use Illuminate\Support\Facades\Gate;
-use Illuminate\Validation\ValidationException;
+use Exception;
 use Laravel\Jetstream\Contracts\RemovesTeamMembers;
-use Laravel\Jetstream\Events\TeamMemberRemoved;
 
 class RemoveOrganizationMember implements RemovesTeamMembers
 {
     /**
      * Remove the team member from the given team.
+     *
+     * @throws Exception
      */
     public function remove(User $user, Organization $organization, User $teamMember): void
     {
-        $this->authorize($user, $organization, $teamMember);
-
-        $this->ensureUserDoesNotOwnTeam($teamMember, $organization);
-
-        $organization->removeUser($teamMember);
-
-        TeamMemberRemoved::dispatch($organization, $teamMember);
-    }
-
-    /**
-     * Authorize that the user can remove the team member.
-     */
-    protected function authorize(User $user, Organization $organization, User $teamMember): void
-    {
-        if (! Gate::forUser($user)->check('removeTeamMember', $organization) &&
-            $user->id !== $teamMember->id) {
-            throw new AuthorizationException;
-        }
-    }
-
-    /**
-     * Ensure that the currently authenticated user does not own the team.
-     */
-    protected function ensureUserDoesNotOwnTeam(User $teamMember, Organization $organization): void
-    {
-        if ($teamMember->id === $organization->owner->id) {
-            throw ValidationException::withMessages([
-                'team' => [__('You may not leave a team that you created.')],
-            ])->errorBag('removeTeamMember');
-        }
+        throw new MovedToApiException();
     }
 }

app/Actions/Jetstream/UpdateMemberRole.php

@@ -5,63 +5,21 @@ declare(strict_types=1);
 namespace App\Actions\Jetstream;
 
 use App\Enums\Role;
+use App\Exceptions\MovedToApiException;
 use App\Models\Member;
 use App\Models\Organization;
 use App\Models\User;
-use App\Service\PermissionStore;
-use App\Service\UserService;
-use Illuminate\Auth\Access\AuthorizationException;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Validator;
-use Illuminate\Validation\Rule;
-use Illuminate\Validation\ValidationException;
-use Laravel\Jetstream\Events\TeamMemberUpdated;
+use Exception;
 
 class UpdateMemberRole
 {
     /**
      * Update the role for the given team member.
      *
-     * @throws AuthorizationException
-     * @throws ValidationException
+     * @throws Exception
      */
     public function update(User $actingUser, Organization $organization, string $userId, string $role): void
     {
-        if (! app(PermissionStore::class)->has($organization, 'members:change-role')) {
-            throw new AuthorizationException();
-        }
-
-        $user = User::where('id', '=', $userId)->firstOrFail();
-        $member = Member::whereBelongsTo($user)->whereBelongsTo($organization)->firstOrFail();
-        if ($member->role === Role::Placeholder->value) {
-            abort(403, 'Cannot update the role of a placeholder member.');
-        }
-
-        Validator::make([
-            'role' => $role,
-        ], [
-            'role' => [
-                'required',
-                'string',
-                Rule::in([
-                    Role::Owner->value,
-                    Role::Admin->value,
-                    Role::Manager->value,
-                    Role::Employee->value,
-                ]),
-            ],
-        ])->validate();
-
-        DB::transaction(function () use ($organization, $userId, $role, $user) {
-            $organization->users()->updateExistingPivot($userId, [
-                'role' => $role,
-            ]);
-
-            if ($role === Role::Owner->value) {
-                app(UserService::class)->changeOwnership($organization, $user);
-            }
-        });
-
-        TeamMemberUpdated::dispatch($organization->fresh(), User::findOrFail($userId));
+        throw new MovedToApiException();
     }
 }

app/Actions/Jetstream/ValidateOrganizationDeletion.php

@@ -0,0 +1,28 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Actions\Jetstream;
+
+use App\Models\Organization;
+use App\Models\User;
+use App\Service\PermissionStore;
+use Illuminate\Auth\Access\AuthorizationException;
+
+class ValidateOrganizationDeletion
+{
+    /**
+     * Validate that the team can be deleted by the given user.
+     *
+     * @param  User  $user  Authenticated user
+     * @param  Organization  $organization  Organization to be deleted
+     *
+     * @throws AuthorizationException
+     */
+    public function validate(User $user, Organization $organization): void
+    {
+        if (! app(PermissionStore::class)->userHas($organization, $user, 'organizations:delete')) {
+            throw new AuthorizationException();
+        }
+    }
+}

app/Console/Commands/Admin/DeleteOrganizationCommand.php

@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Console\Commands\Admin;
+
+use App\Models\Organization;
+use App\Service\DeletionService;
+use Illuminate\Console\Command;
+use Illuminate\Support\Str;
+
+class DeleteOrganizationCommand extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'admin:delete-organization
+                { organization : The ID of the organization to delete }';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Delete a organization.';
+
+    /**
+     * Execute the console command.
+     */
+    public function handle(DeletionService $deletionService): int
+    {
+        $organizationId = $this->argument('organization');
+
+        if (! Str::isUuid($organizationId)) {
+            $this->error('Organization ID must be a valid UUID.');
+
+            return self::FAILURE;
+
+        }
+
+        /** @var Organization|null $organization */
+        $organization = Organization::find($organizationId);
+        if ($organization === null) {
+            $this->error('Organization with ID '.$organizationId.' not found.');
+
+            return self::FAILURE;
+        }
+
+        $this->info('Deleting organization with ID '.$organization->getKey());
+
+        $deletionService->deleteOrganization($organization);
+
+        $this->info('Organization with ID '.$organization->getKey().' has been deleted.');
+
+        return self::SUCCESS;
+    }
+}

app/Console/Commands/SelfHost/SelfHostGenerateKeysCommand.php

@@ -9,7 +9,7 @@ use Illuminate\Encryption\Encrypter;
 use Illuminate\Support\Str;
 use phpseclib3\Crypt\RSA;
 
-class SelfHostGenerateKeys extends Command
+class SelfHostGenerateKeysCommand extends Command
 {
     /**
      * The name and signature of the console command.

app/Console/Commands/Test/TestJobCommand.php

@@ -15,7 +15,7 @@ class TestJobCommand extends Command
      *
      * @var string
      */
-    protected $signature = 'test:job';
+    protected $signature = 'test:job {--fail}';
 
     /**
      * The console command description.
@@ -30,7 +30,9 @@ class TestJobCommand extends Command
     public function handle(): int
     {
         $user = User::firstOrFail();
-        TestJob::dispatch($user, 'Test job message.');
+        $fail = (bool) $this->option('fail');
+
+        TestJob::dispatch($user, 'Test job message.', $fail);
 
         return self::SUCCESS;
     }

app/Console/Commands/TimeEntry/TimeEntrySendStillRunningMailsCommand.php

@@ -0,0 +1,70 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Console\Commands\TimeEntry;
+
+use App\Mail\TimeEntryStillRunningMail;
+use App\Models\TimeEntry;
+use Illuminate\Console\Command;
+use Illuminate\Database\Eloquent\Collection;
+use Illuminate\Support\Carbon;
+use Illuminate\Support\Facades\Mail;
+
+class TimeEntrySendStillRunningMailsCommand extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'time-entry:send-still-running-mails '.
+        ' { --dry-run : Do not actually send emails or save anything to the database, just output what would happen }';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Sends emails to users who have running time entries for more than 8 hours.';
+
+    /**
+     * Execute the console command.
+     */
+    public function handle(): int
+    {
+        $this->comment('Sending still running time entry emails...');
+        $dryRun = (bool) $this->option('dry-run');
+        if ($dryRun) {
+            $this->comment('Running in dry-run mode. No emails will be sent and nothing will be saved to the database.');
+        }
+
+        $sentMails = 0;
+        TimeEntry::query()
+            ->whereNull('end')
+            ->where('start', '<', now()->subHours(8))
+            ->whereNull('still_active_email_sent_at')
+            ->with([
+                'user',
+            ])
+            ->orderBy('created_at', 'asc')
+            ->chunk(500, function (Collection $timeEntries) use ($dryRun, &$sentMails) {
+                /** @var Collection<int, TimeEntry> $timeEntries */
+                foreach ($timeEntries as $timeEntry) {
+                    $user = $timeEntry->user;
+                    $this->info('Start sending email to user "'.$user->email.'" ('.$user->getKey().') for time entry '.$timeEntry->getKey());
+                    $sentMails++;
+                    if (! $dryRun) {
+                        Mail::to($user->email)
+                            ->queue(new TimeEntryStillRunningMail($timeEntry, $user));
+                        $timeEntry->still_active_email_sent_at = Carbon::now();
+                        $timeEntry->save();
+                    }
+                }
+            });
+
+        $this->comment('Finished sending '.$sentMails.' still running time entry emails...');
+
+        return self::SUCCESS;
+    }
+}

app/Console/Kernel.php

@@ -14,7 +14,9 @@ class Kernel extends ConsoleKernel
      */
     protected function schedule(Schedule $schedule): void
     {
-        // $schedule->command('inspire')->hourly();
+        $schedule->command('time-entry:send-still-running-mails')
+            ->when(fn (): bool => config('scheduling.tasks.time_entry_send_still_running_mails'))
+            ->everyTenMinutes();
     }
 
     /**

app/Enums/Role.php

@@ -11,5 +11,4 @@ enum Role: string
     case Manager = 'manager';
     case Employee = 'employee';
     case Placeholder = 'placeholder';
-
 }

app/Events/BeforeOrganizationDeletion.php

@@ -0,0 +1,20 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Events;
+
+use App\Models\Organization;
+use Illuminate\Foundation\Events\Dispatchable;
+
+class BeforeOrganizationDeletion
+{
+    use Dispatchable;
+
+    public Organization $organization;
+
+    public function __construct(Organization $organization)
+    {
+        $this->organization = $organization;
+    }
+}

app/Exceptions/Api/ApiException.php

@@ -13,6 +13,11 @@ abstract class ApiException extends Exception
 {
     public const string KEY = 'api_exception';
 
+    public function __construct()
+    {
+        parent::__construct(static::KEY);
+    }
+
     /**
      * Render the exception into an HTTP response.
      */

app/Exceptions/Api/CanNotDeleteUserWhoIsOwnerOfOrganizationWithMultipleMembers.php

@@ -0,0 +1,10 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Exceptions\Api;
+
+class CanNotDeleteUserWhoIsOwnerOfOrganizationWithMultipleMembers extends ApiException
+{
+    public const string KEY = 'can_not_delete_user_who_is_owner_of_organization_with_multiple_members';
+}

app/Exceptions/Api/ChangingRoleToPlaceholderIsNotAllowed.php

@@ -0,0 +1,10 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Exceptions\Api;
+
+class ChangingRoleToPlaceholderIsNotAllowed extends ApiException
+{
+    public const string KEY = 'changing_role_to_placeholder_is_not_allowed';
+}

app/Exceptions/Api/EntityStillInUseApiException.php

@@ -12,7 +12,7 @@ class EntityStillInUseApiException extends ApiException
 
     public function __construct(string $modelToDelete, string $modelInUse)
     {
-        parent::__construct('', 0, null);
+        parent::__construct();
         $this->modelToDelete = $modelToDelete;
         $this->modelInUse = $modelInUse;
     }

app/Exceptions/Api/OnlyOwnerCanChangeOwnership.php

@@ -0,0 +1,10 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Exceptions\Api;
+
+class OnlyOwnerCanChangeOwnership extends ApiException
+{
+    public const string KEY = 'only_owner_can_change_ownership';
+}

app/Exceptions/Api/OrganizationNeedsAtLeastOneOwner.php

@@ -0,0 +1,10 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Exceptions\Api;
+
+class OrganizationNeedsAtLeastOneOwner extends ApiException
+{
+    public const string KEY = 'organization_needs_at_least_one_owner';
+}

app/Exceptions/Api/UserIsAlreadyMemberOfOrganizationApiException.php

@@ -0,0 +1,10 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Exceptions\Api;
+
+class UserIsAlreadyMemberOfOrganizationApiException extends ApiException
+{
+    public const string KEY = 'user_is_already_member_of_organization';
+}

app/Exceptions/MovedToApiException.php

@@ -0,0 +1,15 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Exceptions;
+
+use Symfony\Component\HttpKernel\Exception\HttpException;
+
+class MovedToApiException extends HttpException
+{
+    public function __construct()
+    {
+        parent::__construct(403, 'Moved to API');
+    }
+}

app/Extensions/Auditing/Resolvers/CustomIpAddressResolver.php

@@ -0,0 +1,33 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Extensions\Auditing\Resolvers;
+
+use Illuminate\Support\Facades\Request;
+use OwenIt\Auditing\Contracts\Auditable;
+use OwenIt\Auditing\Contracts\Resolver;
+
+class CustomIpAddressResolver implements Resolver
+{
+    private static function anonymizeIpAddress(string $ipAddress): string
+    {
+        /** @source https://stackoverflow.com/a/48777412 */
+        return preg_replace(
+            ['/\.\d*$/', '/[\da-f]*:[\da-f]*$/'],
+            ['.0', '0:0'],
+            $ipAddress
+        );
+    }
+
+    public static function resolve(Auditable $auditable): string
+    {
+        $ip = $auditable->preloadedResolverData['ip_address'] ?? Request::ip();
+
+        if ($ip !== null) {
+            $ip = self::anonymizeIpAddress($ip);
+        }
+
+        return $ip;
+    }
+}

app/Extensions/Scramble/PaginatedResourceCollectionTypeToSchema.php

@@ -27,13 +27,10 @@ class PaginatedResourceCollectionTypeToSchema extends TypeToSchemaExtension
             && $type->isInstanceOf(PaginatedResourceCollection::class);
     }
 
-    /**
-     * @param  Generic  $type
-     */
-    public function toResponse(Type $type): ?Response
+    public function toSchema(Type $type): ?OpenApiObjectType
     {
         /** @var Type|null $collectingClassType */
-        $collectingClassType = $type->templateTypes[0];
+        $collectingClassType = $type->templateTypes[0] ?? null;
 
         if (! $collectingClassType instanceof ObjectType) {
             return null;
@@ -79,6 +76,21 @@ class PaginatedResourceCollectionTypeToSchema extends TypeToSchemaExtension
         );
         $type->setRequired(['data', 'links', 'meta']);
 
+        return $type;
+    }
+
+    /**
+     * @param  Generic  $type
+     */
+    public function toResponse(Type $type): ?Response
+    {
+        /** @var ObjectType|null $collectingClassType */
+        $collectingClassType = $type->templateTypes[0] ?? null;
+        if (! $collectingClassType instanceof ObjectType) {
+            return null;
+        }
+        $type = $this->toSchema($type);
+
         return Response::make(200)
             ->description('Paginated set of `'.$this->components->uniqueSchemaName($collectingClassType->name).'`')
             ->setContent('application/json', Schema::fromType($type));

app/Filament/Resources/AuditResource.php

@@ -0,0 +1,95 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources;
+
+use App\Filament\Resources\AuditResource\Pages;
+use App\Models\Audit;
+use Filament\Forms;
+use Filament\Forms\Form;
+use Filament\Resources\Resource;
+use Filament\Tables;
+use Filament\Tables\Columns\IconColumn;
+use Filament\Tables\Table;
+use Illuminate\Support\Str;
+use Novadaemon\FilamentPrettyJson\PrettyJson;
+
+class AuditResource extends Resource
+{
+    protected static ?string $model = Audit::class;
+
+    protected static ?string $navigationIcon = 'heroicon-o-archive-box';
+
+    protected static ?string $navigationGroup = 'System';
+
+    public static function form(Form $form): Form
+    {
+        return $form
+            ->schema([
+                Forms\Components\TextInput::make('user_type')
+                    ->maxLength(255),
+                Forms\Components\TextInput::make('user_id'),
+                Forms\Components\TextInput::make('event')
+                    ->required()
+                    ->maxLength(255),
+                Forms\Components\TextInput::make('auditable_type')
+                    ->required()
+                    ->maxLength(255),
+                Forms\Components\TextInput::make('auditable_id')
+                    ->required(),
+                PrettyJson::make('old_values'),
+                PrettyJson::make('new_values'),
+                Forms\Components\Textarea::make('url'),
+                Forms\Components\TextInput::make('ip_address'),
+                Forms\Components\TextInput::make('user_agent')
+                    ->maxLength(1023),
+                Forms\Components\TextInput::make('tags')
+                    ->maxLength(255),
+            ]);
+    }
+
+    public static function table(Table $table): Table
+    {
+        return $table
+            ->columns([
+                Tables\Columns\TextColumn::make('user.name'),
+                Tables\Columns\TextColumn::make('event'),
+                Tables\Columns\TextColumn::make('auditable_type'),
+                Tables\Columns\TextColumn::make('auditable_id'),
+                IconColumn::make('was_command')
+                    ->getStateUsing(fn (Audit $record) => Str::startsWith($record->url, 'artisan '))
+                    ->boolean(),
+                Tables\Columns\TextColumn::make('created_at')
+                    ->sortable()
+                    ->dateTime(),
+                Tables\Columns\TextColumn::make('updated_at')
+                    ->sortable()
+                    ->dateTime(),
+            ])
+            ->filters([
+                //
+            ])
+            ->actions([
+                Tables\Actions\ViewAction::make(),
+            ])
+            ->bulkActions([
+            ])
+            ->defaultSort('created_at', 'desc');
+    }
+
+    public static function getRelations(): array
+    {
+        return [
+        ];
+    }
+
+    public static function getPages(): array
+    {
+        return [
+            'index' => Pages\ListAudits::route('/'),
+            'create' => Pages\CreateAudit::route('/create'),
+            'view' => Pages\ViewAudit::route('/{record}'),
+        ];
+    }
+}

app/Filament/Resources/AuditResource/Pages/CreateAudit.php

@@ -0,0 +1,13 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources\AuditResource\Pages;
+
+use App\Filament\Resources\AuditResource;
+use Filament\Resources\Pages\CreateRecord;
+
+class CreateAudit extends CreateRecord
+{
+    protected static string $resource = AuditResource::class;
+}

app/Filament/Resources/AuditResource/Pages/ListAudits.php

@@ -0,0 +1,18 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources\AuditResource\Pages;
+
+use App\Filament\Resources\AuditResource;
+use Filament\Resources\Pages\ListRecords;
+
+class ListAudits extends ListRecords
+{
+    protected static string $resource = AuditResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [];
+    }
+}

app/Filament/Resources/AuditResource/Pages/ViewAudit.php

@@ -0,0 +1,13 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources\AuditResource\Pages;
+
+use App\Filament\Resources\AuditResource;
+use Filament\Resources\Pages\ViewRecord;
+
+class ViewAudit extends ViewRecord
+{
+    protected static string $resource = AuditResource::class;
+}

app/Filament/Resources/FailedJobResource.php

@@ -0,0 +1,115 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources;
+
+use App\Filament\Resources\FailedJobResource\Pages\ListFailedJobs;
+use App\Filament\Resources\FailedJobResource\Pages\ViewFailedJobs;
+use App\Models\FailedJob;
+use Filament\Forms\Components\Textarea;
+use Filament\Forms\Components\TextInput;
+use Filament\Forms\Form;
+use Filament\Notifications\Notification;
+use Filament\Resources\Resource;
+use Filament\Tables\Actions\Action;
+use Filament\Tables\Actions\BulkAction;
+use Filament\Tables\Actions\DeleteAction;
+use Filament\Tables\Actions\ViewAction;
+use Filament\Tables\Columns\TextColumn;
+use Filament\Tables\Table;
+use Illuminate\Support\Collection;
+use Illuminate\Support\Facades\Artisan;
+use Novadaemon\FilamentPrettyJson\PrettyJson;
+
+/**
+ * @source https://gitlab.com/amvisor/filament-failed-jobs
+ */
+class FailedJobResource extends Resource
+{
+    protected static ?string $model = FailedJob::class;
+
+    protected static ?string $navigationIcon = 'heroicon-o-exclamation-circle';
+
+    protected static ?string $navigationGroup = 'System';
+
+    public static function getNavigationBadge(): ?string
+    {
+        return (string) FailedJob::query()->count();
+    }
+
+    public static function form(Form $form): Form
+    {
+        return $form
+            ->schema([
+                TextInput::make('uuid')->disabled()->columnSpan(4),
+                TextInput::make('failed_at')->disabled(),
+                TextInput::make('id')->disabled(),
+                TextInput::make('connection')->disabled(),
+                TextInput::make('queue')->disabled(),
+
+                // make text a little bit smaller because often a complete Stack Trace is shown:
+                TextArea::make('exception')->disabled()->columnSpan(4)->extraInputAttributes(['style' => 'font-size: 80%;']),
+                PrettyJson::make('payload')->disabled()->columnSpan(4),
+            ])->columns(4);
+    }
+
+    public static function table(Table $table): Table
+    {
+        return $table
+            ->defaultSort('id', 'desc')
+            ->columns([
+                TextColumn::make('id')->sortable()->searchable()->toggleable(),
+                TextColumn::make('failed_at')->sortable()->searchable(false)->toggleable(),
+                TextColumn::make('exception')
+                    ->sortable()
+                    ->searchable()
+                    ->toggleable()
+                    ->wrap()
+                    ->limit(200)
+                    ->tooltip(fn (FailedJob $record) => "{$record->failed_at} UUID: {$record->uuid}; Connection: {$record->connection}; Queue: {$record->queue};"),
+                TextColumn::make('uuid')->sortable()->searchable()->toggleable(isToggledHiddenByDefault: true),
+                TextColumn::make('connection')->sortable()->searchable()->toggleable(isToggledHiddenByDefault: true),
+                TextColumn::make('queue')->sortable()->searchable()->toggleable(isToggledHiddenByDefault: true),
+            ])
+            ->filters([])
+            ->bulkActions([
+                BulkAction::make('retry')
+                    ->label('Retry')
+                    ->requiresConfirmation()
+                    ->action(function (Collection $records): void {
+                        /** @var FailedJob $record */
+                        foreach ($records as $record) {
+                            Artisan::call("queue:retry {$record->uuid}");
+                        }
+                        Notification::make()
+                            ->title("{$records->count()} jobs have been pushed back onto the queue.")
+                            ->success()
+                            ->send();
+                    }),
+            ])
+            ->actions([
+                DeleteAction::make('Delete'),
+                ViewAction::make('View'),
+                Action::make('retry')
+                    ->label('Retry')
+                    ->requiresConfirmation()
+                    ->action(function (FailedJob $record): void {
+                        Artisan::call("queue:retry {$record->uuid}");
+                        Notification::make()
+                            ->title("The job with uuid '{$record->uuid}' has been pushed back onto the queue.")
+                            ->success()
+                            ->send();
+                    }),
+            ]);
+    }
+
+    public static function getPages(): array
+    {
+        return [
+            'index' => ListFailedJobs::route('/'),
+            'view' => ViewFailedJobs::route('/{record}'),
+
+        ];
+    }
+}

app/Filament/Resources/FailedJobResource/Pages/ListFailedJobs.php

@@ -0,0 +1,45 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources\FailedJobResource\Pages;
+
+use App\Filament\Resources\FailedJobResource;
+use App\Models\FailedJob;
+use Filament\Notifications\Notification;
+use Filament\Pages\Actions\Action;
+use Filament\Resources\Pages\ListRecords;
+use Illuminate\Support\Facades\Artisan;
+
+class ListFailedJobs extends ListRecords
+{
+    protected static string $resource = FailedJobResource::class;
+
+    public function getHeaderActions(): array
+    {
+        return [
+            Action::make('retry_all')
+                ->label('Retry all failed Jobs')
+                ->requiresConfirmation()
+                ->action(function (): void {
+                    Artisan::call('queue:retry all');
+                    Notification::make()
+                        ->title('All failed jobs have been pushed back onto the queue.')
+                        ->success()
+                        ->send();
+                }),
+
+            Action::make('delete_all')
+                ->label('Delete all failed Jobs')
+                ->requiresConfirmation()
+                ->color('danger')
+                ->action(function (): void {
+                    FailedJob::truncate();
+                    Notification::make()
+                        ->title('All failed jobs have been removed.')
+                        ->success()
+                        ->send();
+                }),
+        ];
+    }
+}

app/Filament/Resources/FailedJobResource/Pages/ViewFailedJobs.php

@@ -0,0 +1,13 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources\FailedJobResource\Pages;
+
+use App\Filament\Resources\FailedJobResource;
+use Filament\Resources\Pages\ViewRecord;
+
+class ViewFailedJobs extends ViewRecord
+{
+    protected static string $resource = FailedJobResource::class;
+}

app/Filament/Resources/OrganizationResource.php

@@ -7,6 +7,7 @@ namespace App\Filament\Resources;
 use App\Filament\Resources\OrganizationResource\Pages;
 use App\Filament\Resources\OrganizationResource\RelationManagers\UsersRelationManager;
 use App\Models\Organization;
+use App\Service\Export\ExportService;
 use App\Service\Import\Importers\ImporterProvider;
 use App\Service\Import\Importers\ImportException;
 use App\Service\Import\Importers\ReportDto;
@@ -65,6 +66,11 @@ class OrganizationResource extends Resource
                 Forms\Components\TextInput::make('billable_rate')
                     ->label('Billable rate (in Cents)')
                     ->nullable()
+                    ->rules([
+                        'nullable',
+                        'integer',
+                        'gt:0',
+                    ])
                     ->numeric(),
                 Forms\Components\DateTimePicker::make('created_at')
                     ->label('Created At')
@@ -105,6 +111,30 @@ class OrganizationResource extends Resource
             ])
             ->actions([
                 Tables\Actions\EditAction::make(),
+                Action::make('Export')
+                    ->icon('heroicon-o-arrow-down-tray')
+                    ->action(function (Organization $record) {
+                        try {
+                            $file = app(ExportService::class)->export($record);
+                            Notification::make()
+                                ->title('Export successful')
+                                ->success()
+                                ->persistent()
+                                ->send();
+
+                            return response()->streamDownload(function () use ($file) {
+                                echo Storage::disk(config('filesystems.private'))->get($file);
+                            }, 'export.zip');
+                        } catch (\Exception $exception) {
+                            report($exception);
+                            Notification::make()
+                                ->title('Export failed')
+                                ->danger()
+                                ->body('Message: '.$exception->getMessage())
+                                ->persistent()
+                                ->send();
+                        }
+                    }),
                 Action::make('Import')
                     ->icon('heroicon-o-inbox-arrow-down')
                     ->action(function (Organization $record, array $data) {
@@ -169,7 +199,6 @@ class OrganizationResource extends Resource
             ])
             ->bulkActions([
                 Tables\Actions\BulkActionGroup::make([
-                    Tables\Actions\DeleteBulkAction::make(),
                 ]),
             ]);
     }

app/Filament/Resources/OrganizationResource/Actions/DeleteOrganization.php

@@ -0,0 +1,47 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources\OrganizationResource\Actions;
+
+use App\Exceptions\Api\ApiException;
+use App\Models\Organization;
+use App\Service\DeletionService;
+use Filament\Actions\DeleteAction;
+use Throwable;
+
+class DeleteOrganization extends DeleteAction
+{
+    protected function setUp(): void
+    {
+        parent::setUp();
+        // TODO: check why setting the icon is necessary
+        $this->icon('heroicon-m-trash');
+        $this->action(function (): void {
+            $result = $this->process(function (Organization $record): bool {
+                try {
+                    $deletionService = app(DeletionService::class);
+                    $deletionService->deleteOrganization($record);
+
+                    return true;
+                } catch (ApiException $exception) {
+                    $this->failureNotificationTitle($exception->getTranslatedMessage());
+                    report($exception);
+                } catch (Throwable $exception) {
+                    $this->failureNotificationTitle(__('exceptions.unknown_error_in_admin_panel'));
+                    report($exception);
+                }
+
+                return false;
+            });
+
+            if (! $result) {
+                $this->failure();
+
+                return;
+            }
+
+            $this->success();
+        });
+    }
+}

app/Filament/Resources/OrganizationResource/Pages/EditOrganization.php

@@ -5,7 +5,6 @@ declare(strict_types=1);
 namespace App\Filament\Resources\OrganizationResource\Pages;
 
 use App\Filament\Resources\OrganizationResource;
-use Filament\Actions;
 use Filament\Resources\Pages\EditRecord;
 
 class EditOrganization extends EditRecord
@@ -15,7 +14,7 @@ class EditOrganization extends EditRecord
     protected function getHeaderActions(): array
     {
         return [
-            Actions\DeleteAction::make(),
+            OrganizationResource\Actions\DeleteOrganization::make(),
         ];
     }
 }

app/Filament/Resources/OrganizationResource/Pages/ViewOrganization.php

@@ -5,7 +5,6 @@ declare(strict_types=1);
 namespace App\Filament\Resources\OrganizationResource\Pages;
 
 use App\Filament\Resources\OrganizationResource;
-use Filament\Actions\DeleteAction;
 use Filament\Actions\EditAction;
 use Filament\Resources\Pages\ViewRecord;
 
@@ -18,8 +17,6 @@ class ViewOrganization extends ViewRecord
         return [
             EditAction::make('edit')
                 ->icon('heroicon-s-pencil'),
-            DeleteAction::make('delete')
-                ->icon('heroicon-s-trash'),
         ];
     }
 }

app/Filament/Resources/ProjectMemberResource.php

@@ -0,0 +1,91 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources;
+
+use App\Filament\Resources\ProjectMemberResource\Pages;
+use App\Models\ProjectMember;
+use Filament\Forms;
+use Filament\Forms\Form;
+use Filament\Resources\Resource;
+use Filament\Tables;
+use Filament\Tables\Table;
+
+class ProjectMemberResource extends Resource
+{
+    protected static ?string $model = ProjectMember::class;
+
+    protected static bool $shouldRegisterNavigation = false;
+
+    public static function form(Form $form): Form
+    {
+        return $form
+            ->schema([
+                Forms\Components\TextInput::make('billable_rate')
+                    ->label('Billable rate (in Cents)')
+                    ->nullable()
+                    ->rules([
+                        'nullable',
+                        'integer',
+                        'gt:0',
+                    ])
+                    ->numeric(),
+                Forms\Components\Select::make('user_id')
+                    ->relationship('user', 'name')
+                    ->required(),
+                Forms\Components\Select::make('member_id')
+                    ->relationship('member', 'id')
+                    ->required(),
+            ]);
+    }
+
+    public static function table(Table $table): Table
+    {
+        return $table
+            ->columns([
+                Tables\Columns\TextColumn::make('id')
+                    ->label('ID'),
+                Tables\Columns\TextColumn::make('billable_rate')
+                    ->numeric()
+                    ->sortable(),
+                Tables\Columns\TextColumn::make('project.name'),
+                Tables\Columns\TextColumn::make('user.name'),
+                Tables\Columns\TextColumn::make('created_at')
+                    ->dateTime()
+                    ->sortable(),
+                Tables\Columns\TextColumn::make('updated_at')
+                    ->dateTime()
+                    ->sortable()
+                    ->toggleable(isToggledHiddenByDefault: true),
+            ])
+            ->filters([
+                //
+            ])
+            ->actions([
+                Tables\Actions\EditAction::make(),
+            ])
+            ->bulkActions([
+                Tables\Actions\BulkActionGroup::make([
+                    Tables\Actions\DeleteBulkAction::make(),
+                ]),
+            ]);
+    }
+
+    public static function getRelations(): array
+    {
+        return [
+            //
+        ];
+    }
+
+    public static function getPages(): array
+    {
+        return [
+            'index' => Pages\ListProjectMembers::route('/'),
+            'create' => Pages\CreateProjectMember::route('/create'),
+            'edit' => Pages\EditProjectMember::route('/{record}/edit'),
+            'view' => Pages\ViewProjectMembers::route('/{record}'),
+        ];
+    }
+}

app/Filament/Resources/ProjectMemberResource/Pages/CreateProjectMember.php

@@ -0,0 +1,13 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources\ProjectMemberResource\Pages;
+
+use App\Filament\Resources\ProjectMemberResource;
+use Filament\Resources\Pages\CreateRecord;
+
+class CreateProjectMember extends CreateRecord
+{
+    protected static string $resource = ProjectMemberResource::class;
+}

app/Filament/Resources/ProjectMemberResource/Pages/EditProjectMember.php

@@ -0,0 +1,21 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources\ProjectMemberResource\Pages;
+
+use App\Filament\Resources\ProjectMemberResource;
+use Filament\Actions;
+use Filament\Resources\Pages\EditRecord;
+
+class EditProjectMember extends EditRecord
+{
+    protected static string $resource = ProjectMemberResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+            Actions\DeleteAction::make(),
+        ];
+    }
+}

app/Filament/Resources/ProjectMemberResource/Pages/ListProjectMembers.php

@@ -0,0 +1,21 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources\ProjectMemberResource\Pages;
+
+use App\Filament\Resources\ProjectMemberResource;
+use Filament\Actions;
+use Filament\Resources\Pages\ListRecords;
+
+class ListProjectMembers extends ListRecords
+{
+    protected static string $resource = ProjectMemberResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+            Actions\CreateAction::make(),
+        ];
+    }
+}

app/Filament/Resources/ProjectMemberResource/Pages/ViewProjectMembers.php

@@ -0,0 +1,22 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources\ProjectMemberResource\Pages;
+
+use App\Filament\Resources\ProjectMemberResource;
+use Filament\Actions\EditAction;
+use Filament\Resources\Pages\ViewRecord;
+
+class ViewProjectMembers extends ViewRecord
+{
+    protected static string $resource = ProjectMemberResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+            EditAction::make('edit')
+                ->icon('heroicon-s-pencil'),
+        ];
+    }
+}

app/Filament/Resources/ProjectResource.php

@@ -5,6 +5,7 @@ declare(strict_types=1);
 namespace App\Filament\Resources;
 
 use App\Filament\Resources\ProjectResource\Pages;
+use App\Filament\Resources\ProjectResource\RelationManagers\ProjectMembersRelationManager;
 use App\Models\Project;
 use Filament\Forms;
 use Filament\Forms\Components\ColorPicker;
@@ -37,6 +38,15 @@ class ProjectResource extends Resource
                 ColorPicker::make('color')
                     ->label('Color')
                     ->required(),
+                Forms\Components\TextInput::make('billable_rate')
+                    ->label('Billable rate (in Cents)')
+                    ->nullable()
+                    ->rules([
+                        'nullable',
+                        'integer',
+                        'gt:0',
+                    ])
+                    ->numeric(),
                 Forms\Components\Select::make('organization_id')
                     ->relationship(name: 'organization', titleAttribute: 'name')
                     ->searchable(['name'])
@@ -78,7 +88,7 @@ class ProjectResource extends Resource
     public static function getRelations(): array
     {
         return [
-            //
+            ProjectMembersRelationManager::make(),
         ];
     }
 

app/Filament/Resources/ProjectResource/RelationManagers/ProjectMembersRelationManager.php

@@ -0,0 +1,60 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources\ProjectResource\RelationManagers;
+
+use App\Filament\Resources\ProjectMemberResource;
+use App\Models\ProjectMember;
+use Filament\Forms\Form;
+use Filament\Resources\RelationManagers\RelationManager;
+use Filament\Tables;
+use Filament\Tables\Actions\Action;
+use Filament\Tables\Table;
+
+class ProjectMembersRelationManager extends RelationManager
+{
+    protected static ?string $title = 'Project Members';
+
+    protected static string $relationship = 'members';
+
+    public function form(Form $form): Form
+    {
+        return $form
+            ->schema([
+            ]);
+    }
+
+    public function table(Table $table): Table
+    {
+        return $table
+            ->recordTitleAttribute('name')
+            ->columns([
+                Tables\Columns\TextColumn::make('user.name'),
+                Tables\Columns\TextColumn::make('billable_rate')
+                    ->numeric()
+                    ->sortable(),
+            ])
+            ->filters([
+                //
+            ])
+            ->headerActions([
+            ])
+            ->actions([
+                Action::make('view')
+                    ->icon('heroicon-o-eye')
+                    ->color('gray')
+                    ->url(fn (ProjectMember $record): string => ProjectMemberResource::getUrl('view', [
+                        'record' => $record->getKey(),
+                    ])),
+                Action::make('edit')
+                    ->icon('heroicon-o-pencil')
+                    ->url(fn (ProjectMember $record): string => ProjectMemberResource::getUrl('edit', [
+                        'record' => $record->getKey(),
+                    ]))
+                    ->openUrlInNewTab(),
+            ])
+            ->bulkActions([
+            ]);
+    }
+}

app/Filament/Resources/TagResource.php

@@ -11,6 +11,7 @@ use Filament\Forms\Components\TextInput;
 use Filament\Forms\Form;
 use Filament\Resources\Resource;
 use Filament\Tables;
+use Filament\Tables\Filters\SelectFilter;
 use Filament\Tables\Table;
 
 class TagResource extends Resource
@@ -58,7 +59,9 @@ class TagResource extends Resource
             ])
             ->defaultSort('created_at', 'desc')
             ->filters([
-                //
+                SelectFilter::make('organization')
+                    ->relationship('organization', 'name')
+                    ->searchable(),
             ])
             ->actions([
                 Tables\Actions\EditAction::make(),

app/Filament/Resources/UserResource/Actions/DeleteUser.php

@@ -0,0 +1,46 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources\UserResource\Actions;
+
+use App\Exceptions\Api\ApiException;
+use App\Models\User;
+use App\Service\DeletionService;
+use Filament\Actions\DeleteAction;
+use Throwable;
+
+class DeleteUser extends DeleteAction
+{
+    protected function setUp(): void
+    {
+        parent::setUp();
+        $this->icon('heroicon-m-trash');
+        $this->action(function (): void {
+            $result = $this->process(function (User $record): bool {
+                try {
+                    $deletionService = app(DeletionService::class);
+                    $deletionService->deleteUser($record);
+
+                    return true;
+                } catch (ApiException $exception) {
+                    $this->failureNotificationTitle($exception->getTranslatedMessage());
+                    report($exception);
+                } catch (Throwable $exception) {
+                    $this->failureNotificationTitle(__('exceptions.unknown_error_in_admin_panel'));
+                    report($exception);
+                }
+
+                return false;
+            });
+
+            if (! $result) {
+                $this->failure();
+
+                return;
+            }
+
+            $this->success();
+        });
+    }
+}

app/Filament/Resources/UserResource/Pages/EditUser.php

@@ -5,7 +5,6 @@ declare(strict_types=1);
 namespace App\Filament\Resources\UserResource\Pages;
 
 use App\Filament\Resources\UserResource;
-use Filament\Actions;
 use Filament\Resources\Pages\EditRecord;
 use STS\FilamentImpersonate\Pages\Actions\Impersonate;
 
@@ -17,7 +16,7 @@ class EditUser extends EditRecord
     {
         return [
             Impersonate::make()->record($this->getRecord()),
-            Actions\DeleteAction::make(),
+            UserResource\Actions\DeleteUser::make(),
         ];
     }
 }

app/Filament/Resources/UserResource/Pages/ViewUser.php

@@ -5,7 +5,6 @@ declare(strict_types=1);
 namespace App\Filament\Resources\UserResource\Pages;
 
 use App\Filament\Resources\UserResource;
-use Filament\Actions\DeleteAction;
 use Filament\Actions\EditAction;
 use Filament\Resources\Pages\ViewRecord;
 
@@ -18,8 +17,6 @@ class ViewUser extends ViewRecord
         return [
             EditAction::make('edit')
                 ->icon('heroicon-s-pencil'),
-            DeleteAction::make('delete')
-                ->icon('heroicon-s-trash'),
         ];
     }
 }

app/Filament/Widgets/ActiveUserOverview.php

@@ -11,6 +11,8 @@ use Illuminate\Database\Eloquent\Builder;
 
 class ActiveUserOverview extends BaseWidget
 {
+    protected static ?int $sort = 1;
+
     protected static ?string $heading = 'A Registrations';
 
     protected function getCards(): array

app/Filament/Widgets/TimeEntriesCreated.php

@@ -15,6 +15,8 @@ class TimeEntriesCreated extends ChartWidget
 
     public ?string $filter = 'week';
 
+    protected static ?int $sort = 3;
+
     protected function getData(): array
     {
         $filter = $this->filter;
@@ -27,7 +29,9 @@ class TimeEntriesCreated extends ChartWidget
         } else {
             $start = now()->subWeek();
         }
-        $trend = Trend::model(TimeEntry::class)
+        $trend = Trend::query(
+            TimeEntry::query()->where('is_imported', '=', false)
+        )
             ->between(
                 start: $start,
                 end: now(),

app/Filament/Widgets/TimeEntriesImported.php

@@ -0,0 +1,77 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Widgets;
+
+use App\Models\TimeEntry;
+use Filament\Widgets\ChartWidget;
+use Flowframe\Trend\Trend;
+use Flowframe\Trend\TrendValue;
+
+class TimeEntriesImported extends ChartWidget
+{
+    protected static ?string $heading = 'Time Entries Imported';
+
+    public ?string $filter = 'week';
+
+    protected static ?int $sort = 4;
+
+    protected function getData(): array
+    {
+        $filter = $this->filter;
+        if ($filter === 'week') {
+            $start = now()->subWeek();
+        } elseif ($filter === 'month') {
+            $start = now()->subMonth();
+        } elseif ($filter === 'year') {
+            $start = now()->subYear();
+        } else {
+            $start = now()->subWeek();
+        }
+        $trend = Trend::query(
+            TimeEntry::query()->where('is_imported', '=', true)
+        )
+            ->between(
+                start: $start,
+                end: now(),
+            )
+            ->perDay();
+
+        if ($filter === 'week') {
+            $trend->perDay();
+        } elseif ($filter === 'month') {
+            $trend->perDay();
+        } elseif ($filter === 'year') {
+            $trend->perMonth();
+        } else {
+            $trend->perDay();
+        }
+
+        $data = $trend->count();
+
+        return [
+            'datasets' => [
+                [
+                    'label' => self::$heading,
+                    'data' => $data->map(fn (TrendValue $value) => $value->aggregate),
+                ],
+            ],
+            'labels' => $data->map(fn (TrendValue $value) => $value->date),
+        ];
+    }
+
+    protected function getFilters(): ?array
+    {
+        return [
+            'week' => 'Last week',
+            'month' => 'Last month',
+            'year' => 'Last year',
+        ];
+    }
+
+    protected function getType(): string
+    {
+        return 'line';
+    }
+}

app/Filament/Widgets/UserRegistrations.php

@@ -15,6 +15,8 @@ class UserRegistrations extends ChartWidget
 
     public ?string $filter = 'week';
 
+    protected static ?int $sort = 2;
+
     protected function getData(): array
     {
         $filter = $this->filter;

app/Http/Controllers/Api/V1/ClientController.php

@@ -5,14 +5,16 @@ declare(strict_types=1);
 namespace App\Http\Controllers\Api\V1;
 
 use App\Exceptions\Api\EntityStillInUseApiException;
-use App\Http\Requests\V1\Tag\TagStoreRequest;
-use App\Http\Requests\V1\Tag\TagUpdateRequest;
+use App\Http\Requests\V1\Client\ClientIndexRequest;
+use App\Http\Requests\V1\Client\ClientStoreRequest;
+use App\Http\Requests\V1\Client\ClientUpdateRequest;
 use App\Http\Resources\V1\Client\ClientCollection;
 use App\Http\Resources\V1\Client\ClientResource;
 use App\Models\Client;
 use App\Models\Organization;
 use Illuminate\Auth\Access\AuthorizationException;
 use Illuminate\Http\JsonResponse;
+use Illuminate\Support\Carbon;
 
 class ClientController extends Controller
 {
@@ -33,14 +35,22 @@ class ClientController extends Controller
      *
      * @operationId getClients
      */
-    public function index(Organization $organization): ClientCollection
+    public function index(Organization $organization, ClientIndexRequest $request): ClientCollection
     {
         $this->checkPermission($organization, 'clients:view');
 
-        $clients = Client::query()
+        $clientsQuery = Client::query()
             ->whereBelongsTo($organization, 'organization')
-            ->orderBy('created_at', 'desc')
-            ->paginate(config('app.pagination_per_page_default'));
+            ->orderBy('created_at', 'desc');
+
+        $filterArchived = $request->getFilterArchived();
+        if ($filterArchived === 'true') {
+            $clientsQuery->whereNotNull('archived_at');
+        } elseif ($filterArchived === 'false') {
+            $clientsQuery->whereNull('archived_at');
+        }
+
+        $clients = $clientsQuery->paginate(config('app.pagination_per_page_default'));
 
         return new ClientCollection($clients);
     }
@@ -52,7 +62,7 @@ class ClientController extends Controller
      *
      * @operationId createClient
      */
-    public function store(Organization $organization, TagStoreRequest $request): ClientResource
+    public function store(Organization $organization, ClientStoreRequest $request): ClientResource
     {
         $this->checkPermission($organization, 'clients:create');
 
@@ -71,11 +81,14 @@ class ClientController extends Controller
      *
      * @operationId updateClient
      */
-    public function update(Organization $organization, Client $client, TagUpdateRequest $request): ClientResource
+    public function update(Organization $organization, Client $client, ClientUpdateRequest $request): ClientResource
     {
         $this->checkPermission($organization, 'clients:update', $client);
 
         $client->name = $request->input('name');
+        if ($request->has('is_archived')) {
+            $client->archived_at = $request->getIsArchived() ? Carbon::now() : null;
+        }
         $client->save();
 
         return new ClientResource($client);

app/Http/Controllers/Api/V1/Controller.php

@@ -4,13 +4,9 @@ declare(strict_types=1);
 
 namespace App\Http\Controllers\Api\V1;
 
-use App\Models\Member;
 use App\Models\Organization;
-use App\Models\User;
 use App\Service\PermissionStore;
 use Illuminate\Auth\Access\AuthorizationException;
-use Illuminate\Support\Facades\Auth;
-use Illuminate\Support\Facades\Log;
 
 class Controller extends \App\Http\Controllers\Controller
 {
@@ -48,34 +44,4 @@ class Controller extends \App\Http\Controllers\Controller
     {
         return $this->permissionStore->has($organization, $permission);
     }
-
-    /**
-     * @throws AuthorizationException
-     */
-    protected function user(): User
-    {
-        /** @var User|null $user */
-        $user = Auth::user();
-        if ($user === null) {
-            Log::error('This function should only be called in authenticated context');
-            throw new AuthorizationException();
-        }
-
-        return $user;
-    }
-
-    /**
-     * @throws AuthorizationException
-     */
-    protected function member(Organization $organization): Member
-    {
-        $user = $this->user();
-        $member = Member::query()->whereBelongsTo($organization, 'organization')->whereBelongsTo($user, 'user')->first();
-        if ($member === null) {
-            Log::error('This function should only be called in authenticated context after checking the user is a member of the organization');
-            throw new AuthorizationException();
-        }
-
-        return $member;
-    }
 }

app/Http/Controllers/Api/V1/ExportController.php

@@ -0,0 +1,38 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Controllers\Api\V1;
+
+use App\Models\Organization;
+use App\Service\Export\ExportException;
+use App\Service\Export\ExportService;
+use Illuminate\Auth\Access\AuthorizationException;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Support\Carbon;
+use Illuminate\Support\Facades\Storage;
+
+class ExportController extends Controller
+{
+    /**
+     * Export data of an organization
+     *
+     * @throws AuthorizationException
+     * @throws ExportException
+     *
+     * @operationId exportOrganization
+     */
+    public function export(Organization $organization, ExportService $exportService): JsonResponse
+    {
+        $this->checkPermission($organization, 'export');
+
+        $filepath = $exportService->export($organization);
+        $downloadUrl = Storage::disk(config('filesystems.private'))
+            ->temporaryUrl($filepath, Carbon::now()->addMinutes(10));
+
+        return new JsonResponse([
+            'success' => true,
+            'download_url' => $downloadUrl,
+        ], 200);
+    }
+}

app/Http/Controllers/Api/V1/InvitationController.php

@@ -4,17 +4,18 @@ declare(strict_types=1);
 
 namespace App\Http\Controllers\Api\V1;
 
+use App\Exceptions\Api\UserIsAlreadyMemberOfOrganizationApiException;
 use App\Http\Requests\V1\Invitation\InvitationIndexRequest;
 use App\Http\Requests\V1\Invitation\InvitationStoreRequest;
 use App\Http\Resources\V1\Invitation\InvitationCollection;
 use App\Http\Resources\V1\Invitation\InvitationResource;
+use App\Mail\OrganizationInvitationMail;
 use App\Models\Organization;
 use App\Models\OrganizationInvitation;
+use App\Service\InvitationService;
 use Illuminate\Auth\Access\AuthorizationException;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Support\Facades\Mail;
-use Laravel\Jetstream\Contracts\InvitesTeamMembers;
-use Laravel\Jetstream\Mail\TeamInvitation;
 
 class InvitationController extends Controller
 {
@@ -49,19 +50,18 @@ class InvitationController extends Controller
      * Invite a user to the organization
      *
      * @throws AuthorizationException
+     * @throws UserIsAlreadyMemberOfOrganizationApiException
      *
      * @operationId invite
      */
-    public function store(Organization $organization, InvitationStoreRequest $request): JsonResponse
+    public function store(Organization $organization, InvitationStoreRequest $request, InvitationService $invitationService): JsonResponse
     {
         $this->checkPermission($organization, 'invitations:create');
 
-        app(InvitesTeamMembers::class)->invite(
-            $this->user(),
-            $organization,
-            $request->input('email'),
-            $request->input('role')
-        );
+        $email = $request->getEmail();
+        $role = $request->getRole();
+
+        $invitationService->inviteUser($organization, $email, $role);
 
         return response()->json(null, 204);
     }
@@ -77,7 +77,8 @@ class InvitationController extends Controller
     {
         $this->checkPermission($organization, 'invitations:resend', $invitation);
 
-        Mail::to($invitation->email)->send(new TeamInvitation($invitation));
+        Mail::to($invitation->email)
+            ->queue(new OrganizationInvitationMail($invitation));
 
         return response()->json(null, 204);
     }

app/Http/Controllers/Api/V1/MemberController.php

@@ -6,22 +6,25 @@ namespace App\Http\Controllers\Api\V1;
 
 use App\Enums\Role;
 use App\Exceptions\Api\CanNotRemoveOwnerFromOrganization;
+use App\Exceptions\Api\ChangingRoleToPlaceholderIsNotAllowed;
 use App\Exceptions\Api\EntityStillInUseApiException;
+use App\Exceptions\Api\OnlyOwnerCanChangeOwnership;
+use App\Exceptions\Api\OrganizationNeedsAtLeastOneOwner;
 use App\Exceptions\Api\UserNotPlaceholderApiException;
 use App\Http\Requests\V1\Member\MemberIndexRequest;
 use App\Http\Requests\V1\Member\MemberUpdateRequest;
 use App\Http\Resources\V1\Member\MemberCollection;
-use App\Http\Resources\V1\Member\MemberPivotResource;
 use App\Http\Resources\V1\Member\MemberResource;
 use App\Models\Member;
 use App\Models\Organization;
 use App\Models\ProjectMember;
 use App\Models\TimeEntry;
+use App\Service\BillableRateService;
+use App\Service\InvitationService;
+use App\Service\MemberService;
 use Illuminate\Auth\Access\AuthorizationException;
 use Illuminate\Http\JsonResponse;
-use Illuminate\Http\Request;
 use Illuminate\Http\Resources\Json\JsonResource;
-use Laravel\Jetstream\Contracts\InvitesTeamMembers;
 
 class MemberController extends Controller
 {
@@ -36,7 +39,7 @@ class MemberController extends Controller
     /**
      * List all members of an organization
      *
-     * @return MemberCollection<MemberPivotResource>>
+     * @return MemberCollection<MemberResource>
      *
      * @throws AuthorizationException
      *
@@ -46,7 +49,9 @@ class MemberController extends Controller
     {
         $this->checkPermission($organization, 'members:view');
 
-        $members = $organization->users()
+        $members = Member::query()
+            ->whereBelongsTo($organization, 'organization')
+            ->with(['user'])
             ->paginate(config('app.pagination_per_page_default'));
 
         return MemberCollection::make($members);
@@ -56,15 +61,40 @@ class MemberController extends Controller
      * Update a member of the organization
      *
      * @throws AuthorizationException
+     * @throws OrganizationNeedsAtLeastOneOwner
+     * @throws OnlyOwnerCanChangeOwnership
+     * @throws ChangingRoleToPlaceholderIsNotAllowed
      *
      * @operationId updateMember
      */
-    public function update(Organization $organization, Member $member, MemberUpdateRequest $request): JsonResource
+    public function update(Organization $organization, Member $member, MemberUpdateRequest $request, BillableRateService $billableRateService, MemberService $memberService): JsonResource
     {
         $this->checkPermission($organization, 'members:update', $member);
 
-        $member->billable_rate = $request->input('billable_rate');
-        $member->role = $request->input('role');
+        if ($request->has('billable_rate') && $member->billable_rate !== $request->getBillableRate()) {
+            $member->billable_rate = $request->getBillableRate();
+
+            $billableRateService->updateTimeEntriesBillableRateForMember($member);
+        }
+        if ($request->has('role') && $member->role !== $request->getRole()->value) {
+            $newRole = $request->getRole();
+            $oldRole = Role::from($member->role);
+            if ($oldRole === Role::Owner) {
+                throw new OrganizationNeedsAtLeastOneOwner();
+            }
+            if ($newRole === Role::Placeholder) {
+                throw new ChangingRoleToPlaceholderIsNotAllowed();
+            }
+            if ($newRole === Role::Owner) {
+                if ($this->hasPermission($organization, 'members:change-ownership')) {
+                    $memberService->changeOwnership($organization, $member);
+                } else {
+                    throw new OnlyOwnerCanChangeOwnership();
+                }
+            } else {
+                $member->role = $request->getRole()->value;
+            }
+        }
         $member->save();
 
         return new MemberResource($member);
@@ -104,7 +134,7 @@ class MemberController extends Controller
      *
      * @operationId invitePlaceholder
      */
-    public function invitePlaceholder(Organization $organization, Member $member, Request $request): JsonResponse
+    public function invitePlaceholder(Organization $organization, Member $member, InvitationService $invitationService): JsonResponse
     {
         $this->checkPermission($organization, 'members:invite-placeholder', $member);
         $user = $member->user;
@@ -113,12 +143,7 @@ class MemberController extends Controller
             throw new UserNotPlaceholderApiException();
         }
 
-        app(InvitesTeamMembers::class)->invite(
-            $this->user(),
-            $organization,
-            $user->email,
-            Role::Employee->value,
-        );
+        $invitationService->inviteUser($organization, $user->email, Role::Employee);
 
         return response()->json(null, 204);
     }

app/Http/Controllers/Api/V1/OrganizationController.php

@@ -7,6 +7,7 @@ namespace App\Http\Controllers\Api\V1;
 use App\Http\Requests\V1\Organization\OrganizationUpdateRequest;
 use App\Http\Resources\V1\Organization\OrganizationResource;
 use App\Models\Organization;
+use App\Service\BillableRateService;
 use Illuminate\Auth\Access\AuthorizationException;
 
 class OrganizationController extends Controller
@@ -14,6 +15,8 @@ class OrganizationController extends Controller
     /**
      * Get organization
      *
+     * @operationId getOrganization
+     *
      * @throws AuthorizationException
      */
     public function show(Organization $organization): OrganizationResource
@@ -26,16 +29,23 @@ class OrganizationController extends Controller
     /**
      * Update organization
      *
+     * @operationId updateOrganization
+     *
      * @throws AuthorizationException
      */
-    public function update(Organization $organization, OrganizationUpdateRequest $request): OrganizationResource
+    public function update(Organization $organization, OrganizationUpdateRequest $request, BillableRateService $billableRateService): OrganizationResource
     {
         $this->checkPermission($organization, 'organizations:update');
 
         $organization->name = $request->input('name');
-        $organization->billable_rate = $request->input('billable_rate');
+        $oldBillableRate = $organization->billable_rate;
+        $organization->billable_rate = $request->getBillableRate();
         $organization->save();
 
+        if ($oldBillableRate !== $request->getBillableRate()) {
+            $billableRateService->updateTimeEntriesBillableRateForOrganization($organization);
+        }
+
         return new OrganizationResource($organization);
     }
 }

app/Http/Controllers/Api/V1/ProjectController.php

@@ -13,10 +13,11 @@ use App\Http\Resources\V1\Project\ProjectResource;
 use App\Models\Organization;
 use App\Models\Project;
 use App\Models\ProjectMember;
-use App\Models\User;
+use App\Service\BillableRateService;
 use Illuminate\Auth\Access\AuthorizationException;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Resources\Json\JsonResource;
+use Illuminate\Support\Carbon;
 use Illuminate\Support\Facades\DB;
 
 class ProjectController extends Controller
@@ -50,6 +51,12 @@ class ProjectController extends Controller
         if (! $canViewAllProjects) {
             $projectsQuery->visibleByEmployee($user);
         }
+        $filterArchived = $request->getFilterArchived();
+        if ($filterArchived === 'true') {
+            $projectsQuery->whereNotNull('archived_at');
+        } elseif ($filterArchived === 'false') {
+            $projectsQuery->whereNull('archived_at');
+        }
 
         $projects = $projectsQuery->paginate(config('app.pagination_per_page_default'));
 
@@ -85,7 +92,8 @@ class ProjectController extends Controller
         $project = new Project();
         $project->name = $request->input('name');
         $project->color = $request->input('color');
-        $project->billable_rate = $request->input('billable_rate');
+        $project->is_billable = (bool) $request->input('is_billable');
+        $project->billable_rate = $request->getBillableRate();
         $project->client_id = $request->input('client_id');
         $project->organization()->associate($organization);
         $project->save();
@@ -100,15 +108,24 @@ class ProjectController extends Controller
      *
      * @operationId updateProject
      */
-    public function update(Organization $organization, Project $project, ProjectUpdateRequest $request): JsonResource
+    public function update(Organization $organization, Project $project, ProjectUpdateRequest $request, BillableRateService $billableRateService): JsonResource
     {
         $this->checkPermission($organization, 'projects:update', $project);
         $project->name = $request->input('name');
         $project->color = $request->input('color');
-        $project->billable_rate = $request->input('billable_rate');
+        $project->is_billable = (bool) $request->input('is_billable');
+        if ($request->has('is_archived')) {
+            $project->archived_at = $request->getIsArchived() ? Carbon::now() : null;
+        }
+        $oldBillableRate = $project->billable_rate;
+        $project->billable_rate = $request->getBillableRate();
         $project->client_id = $request->input('client_id');
         $project->save();
 
+        if ($oldBillableRate !== $request->getBillableRate()) {
+            $billableRateService->updateTimeEntriesBillableRateForProject($project);
+        }
+
         return new ProjectResource($project);
     }
 

app/Http/Controllers/Api/V1/ProjectMemberController.php

@@ -14,6 +14,7 @@ use App\Models\Member;
 use App\Models\Organization;
 use App\Models\Project;
 use App\Models\ProjectMember;
+use App\Service\BillableRateService;
 use Illuminate\Auth\Access\AuthorizationException;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Resources\Json\JsonResource;
@@ -58,7 +59,7 @@ class ProjectMemberController extends Controller
      *
      * @operationId createProjectMember
      */
-    public function store(Organization $organization, Project $project, ProjectMemberStoreRequest $request): JsonResource
+    public function store(Organization $organization, Project $project, ProjectMemberStoreRequest $request, BillableRateService $billableRateService): JsonResource
     {
         $this->checkPermission($organization, 'project-members:create', $project);
 
@@ -71,12 +72,16 @@ class ProjectMemberController extends Controller
         }
 
         $projectMember = new ProjectMember();
-        $projectMember->billable_rate = $request->input('billable_rate');
+        $projectMember->billable_rate = $request->getBillableRate();
         $projectMember->member()->associate($member);
         $projectMember->user()->associate($member->user);
         $projectMember->project()->associate($project);
         $projectMember->save();
 
+        if ($request->getBillableRate() !== null) {
+            $billableRateService->updateTimeEntriesBillableRateForProjectMember($projectMember);
+        }
+
         return new ProjectMemberResource($projectMember);
     }
 
@@ -87,12 +92,17 @@ class ProjectMemberController extends Controller
      *
      * @operationId updateProjectMember
      */
-    public function update(Organization $organization, ProjectMember $projectMember, ProjectMemberUpdateRequest $request): JsonResource
+    public function update(Organization $organization, ProjectMember $projectMember, ProjectMemberUpdateRequest $request, BillableRateService $billableRateService): JsonResource
     {
         $this->checkPermission($organization, 'project-members:update', projectMember: $projectMember);
-        $projectMember->billable_rate = $request->input('billable_rate');
+        $oldBillableRate = $projectMember->billable_rate;
+        $projectMember->billable_rate = $request->getBillableRate();
         $projectMember->save();
 
+        if ($oldBillableRate !== $request->getBillableRate()) {
+            $billableRateService->updateTimeEntriesBillableRateForProjectMember($projectMember);
+        }
+
         return new ProjectMemberResource($projectMember);
     }
 
@@ -103,12 +113,22 @@ class ProjectMemberController extends Controller
      *
      * @operationId deleteProjectMember
      */
-    public function destroy(Organization $organization, ProjectMember $projectMember): JsonResponse
+    public function destroy(Organization $organization, ProjectMember $projectMember, BillableRateService $billableRateService): JsonResponse
     {
         $this->checkPermission($organization, 'project-members:delete', projectMember: $projectMember);
 
+        $hadBillableRate = $projectMember->billable_rate !== null;
+        $project = $projectMember->project;
+        $member = $projectMember->member;
+
         $projectMember->delete();
 
+        if ($hadBillableRate) {
+            $billableRateService->updateTimeEntriesBillableRateForMember($member);
+            $billableRateService->updateTimeEntriesBillableRateForProject($project);
+            $billableRateService->updateTimeEntriesBillableRateForOrganization($organization);
+        }
+
         return response()
             ->json(null, 204);
     }

app/Http/Controllers/Api/V1/TaskController.php

@@ -15,6 +15,7 @@ use App\Models\Task;
 use Illuminate\Auth\Access\AuthorizationException;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Resources\Json\JsonResource;
+use Illuminate\Support\Carbon;
 
 class TaskController extends Controller
 {
@@ -53,6 +54,12 @@ class TaskController extends Controller
         if (! $canViewAllTasks) {
             $query->visibleByEmployee($user);
         }
+        $doneFilter = $request->getFilterDone();
+        if ($doneFilter === 'true') {
+            $query->whereNotNull('done_at');
+        } elseif ($doneFilter === 'false') {
+            $query->whereNull('done_at');
+        }
 
         $tasks = $query->paginate(config('app.pagination_per_page_default'));
 
@@ -89,6 +96,9 @@ class TaskController extends Controller
     {
         $this->checkPermission($organization, 'tasks:update', $task);
         $task->name = $request->input('name');
+        if ($request->has('is_done')) {
+            $task->done_at = $request->getIsDone() ? Carbon::now() : null;
+        }
         $task->save();
 
         return new TaskResource($task);

app/Http/Controllers/Api/V1/TimeEntryController.php

@@ -257,12 +257,17 @@ class TimeEntryController extends Controller
 
         $timeEntry->fill($request->validated());
         $timeEntry->description = $request->input('description', $timeEntry->description) ?? '';
+        $timeEntry->setComputedAttributeValue('billable_rate');
         $timeEntry->save();
 
         return new TimeEntryResource($timeEntry);
     }
 
     /**
+     * Update multiple time entries
+     *
+     * @operationId updateMultipleTimeEntries
+     *
      * @throws AuthorizationException
      */
     public function updateMultiple(Organization $organization, TimeEntryUpdateMultipleRequest $request): JsonResponse
@@ -270,14 +275,14 @@ class TimeEntryController extends Controller
         $this->checkAnyPermission($organization, ['time-entries:update:all', 'time-entries:update:own']);
         $canAccessAll = $this->hasPermission($organization, 'time-entries:update:all');
 
-        $ids = $request->input('ids');
+        $ids = $request->validated('ids');
 
         $timeEntries = TimeEntry::query()
             ->whereBelongsTo($organization, 'organization')
             ->whereIn('id', $ids)
             ->get();
 
-        $changes = $request->input('changes');
+        $changes = $request->validated('changes');
 
         if (isset($changes['member_id']) && ! $canAccessAll && $this->member($organization)->getKey() !== $changes['member_id']) {
             throw new AuthorizationException();
@@ -294,6 +299,7 @@ class TimeEntryController extends Controller
         $error = new Collection();
 
         foreach ($ids as $id) {
+            /** @var TimeEntry|null $timeEntry */
             $timeEntry = $timeEntries->firstWhere('id', $id);
             if ($timeEntry === null) {
                 // Note: ID wrong or time entry in different organization
@@ -311,6 +317,7 @@ class TimeEntryController extends Controller
             if ($overwriteClient) {
                 $timeEntry->client()->associate($client);
             }
+            $timeEntry->setComputedAttributeValue('billable_rate');
             $timeEntry->save();
             $success->push($id);
         }

app/Http/Controllers/Api/V1/UserController.php

@@ -0,0 +1,28 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Controllers\Api\V1;
+
+use App\Http\Resources\V1\User\UserResource;
+use Illuminate\Auth\Access\AuthorizationException;
+use Illuminate\Http\Resources\Json\JsonResource;
+
+class UserController extends Controller
+{
+    /**
+     * Get the current user
+     *
+     * This endpoint is independent of organization.
+     *
+     * @operationId getMe
+     *
+     * @throws AuthorizationException
+     */
+    public function me(): JsonResource
+    {
+        $user = $this->user();
+
+        return new UserResource($user);
+    }
+}

app/Http/Controllers/Api/V1/UserMembershipController.php

@@ -0,0 +1,36 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Controllers\Api\V1;
+
+use App\Http\Resources\V1\Member\PersonalMembershipCollection;
+use App\Models\Member;
+use Illuminate\Auth\Access\AuthorizationException;
+use Illuminate\Http\Resources\Json\JsonResource;
+
+class UserMembershipController extends Controller
+{
+    /**
+     * Get the memberships of the current user
+     *
+     * This endpoint is independent of organization.
+     *
+     * @operationId getMyMemberships
+     *
+     * @return PersonalMembershipCollection
+     *
+     * @throws AuthorizationException
+     */
+    public function myMemberships(): JsonResource
+    {
+        $user = $this->user();
+
+        $members = Member::query()
+            ->whereBelongsTo($user, 'user')
+            ->with(['organization'])
+            ->get();
+
+        return new PersonalMembershipCollection($members);
+    }
+}

app/Http/Controllers/Controller.php

@@ -4,11 +4,63 @@ declare(strict_types=1);
 
 namespace App\Http\Controllers;
 
+use App\Models\Member;
+use App\Models\Organization;
+use App\Models\User;
+use Illuminate\Auth\Access\AuthorizationException;
 use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
 use Illuminate\Foundation\Validation\ValidatesRequests;
 use Illuminate\Routing\Controller as BaseController;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Log;
 
 class Controller extends BaseController
 {
-    use AuthorizesRequests, ValidatesRequests;
+    use AuthorizesRequests;
+    use ValidatesRequests;
+
+    /**
+     * @throws AuthorizationException
+     */
+    protected function user(): User
+    {
+        /** @var User|null $user */
+        $user = Auth::user();
+        if ($user === null) {
+            Log::error('This function should only be called in authenticated context');
+            throw new AuthorizationException();
+        }
+
+        return $user;
+    }
+
+    /**
+     * @throws AuthorizationException
+     */
+    protected function member(Organization $organization): Member
+    {
+        $user = $this->user();
+        /** @var Member|null $member */
+        $member = Member::query()->whereBelongsTo($organization, 'organization')->whereBelongsTo($user, 'user')->first();
+        if ($member === null) {
+            Log::error('This function should only be called in authenticated context after checking the user is a member of the organization');
+            throw new AuthorizationException();
+        }
+
+        return $member;
+    }
+
+    /**
+     * @throws AuthorizationException
+     */
+    protected function currentOrganization(): Organization
+    {
+        $user = $this->user();
+        $organization = $user->currentTeam;
+        if ($organization === null) {
+            $organization = $user->organizations()->first();
+        }
+
+        return $organization;
+    }
 }

app/Http/Controllers/Web/DashboardController.php

@@ -4,21 +4,21 @@ declare(strict_types=1);
 
 namespace App\Http\Controllers\Web;
 
-use App\Models\Organization;
-use App\Models\User;
 use App\Service\DashboardService;
 use App\Service\PermissionStore;
+use Illuminate\Auth\Access\AuthorizationException;
 use Inertia\Inertia;
 use Inertia\Response;
 
 class DashboardController extends Controller
 {
+    /**
+     * @throws AuthorizationException
+     */
     public function dashboard(DashboardService $dashboardService, PermissionStore $permissionStore): Response
     {
-        /** @var User $user */
-        $user = auth()->user();
-        /** @var Organization $organization */
-        $organization = $user->currentTeam;
+        $user = $this->user();
+        $organization = $this->currentOrganization();
         $dailyTrackedHours = $dashboardService->getDailyTrackedHours($user, $organization, 60);
         $weeklyHistory = $dashboardService->getWeeklyHistory($user, $organization);
         $totalWeeklyTime = $dashboardService->totalWeeklyTime($user, $organization);

app/Http/Middleware/HandleInertiaRequests.php

@@ -4,6 +4,7 @@ declare(strict_types=1);
 
 namespace App\Http\Middleware;
 
+use App\Service\BillingContract;
 use Illuminate\Http\Request;
 use Inertia\Middleware;
 use Nwidart\Modules\Facades\Module;
@@ -38,8 +39,20 @@ class HandleInertiaRequests extends Middleware
      */
     public function share(Request $request): array
     {
+        $hasBilling = Module::has('Billing') && Module::isEnabled('Billing');
+        $billing = null;
+        if ($hasBilling) {
+            /** @var BillingContract $billing */
+            $billing = app(BillingContract::class);
+        }
+
+        $currentOrganization = $request->user()?->currentTeam;
+
         return array_merge(parent::share($request), [
-            'has_billing_extension' => Module::has('Billing'),
+            'has_billing_extension' => $hasBilling,
+            'billing' => $billing !== null ? [
+                'has_subscription' => $currentOrganization !== null ? $billing->hasSubscription($currentOrganization) : null,
+            ] : null,
             'flash' => [
                 'message' => fn () => $request->session()->get('message'),
             ],

app/Http/Requests/V1/Client/ClientIndexRequest.php

@@ -0,0 +1,35 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Requests\V1\Client;
+
+use Illuminate\Contracts\Validation\ValidationRule;
+use Illuminate\Foundation\Http\FormRequest;
+
+class ClientIndexRequest extends FormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, array<string|ValidationRule>>
+     */
+    public function rules(): array
+    {
+        return [
+            'page' => [
+                'integer',
+                'min:1',
+            ],
+            'archived' => [
+                'string',
+                'in:true,false,all',
+            ],
+        ];
+    }
+
+    public function getFilterArchived(): string
+    {
+        return $this->input('archived', 'false');
+    }
+}

app/Http/Requests/V1/Client/ClientStoreRequest.php

@@ -0,0 +1,39 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Requests\V1\Client;
+
+use App\Models\Client;
+use App\Models\Organization;
+use Illuminate\Contracts\Validation\ValidationRule;
+use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Foundation\Http\FormRequest;
+use Korridor\LaravelModelValidationRules\Rules\UniqueEloquent;
+
+/**
+ * @property Organization $organization Organization from model binding
+ */
+class ClientStoreRequest extends FormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, array<string|ValidationRule>>
+     */
+    public function rules(): array
+    {
+        return [
+            'name' => [
+                'required',
+                'string',
+                'min:1',
+                'max:255',
+                (new UniqueEloquent(Client::class, 'name', function (Builder $builder): Builder {
+                    /** @var Builder<Client> $builder */
+                    return $builder->whereBelongsTo($this->organization, 'organization');
+                }))->withCustomTranslation('validation.client_name_already_exists'),
+            ],
+        ];
+    }
+}

app/Http/Requests/V1/Client/ClientUpdateRequest.php

@@ -0,0 +1,51 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Requests\V1\Client;
+
+use App\Models\Client;
+use App\Models\Organization;
+use Illuminate\Contracts\Validation\ValidationRule;
+use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Foundation\Http\FormRequest;
+use Korridor\LaravelModelValidationRules\Rules\UniqueEloquent;
+
+/**
+ * @property Organization $organization Organization from model binding
+ * @property Client|null $client Client from model binding
+ */
+class ClientUpdateRequest extends FormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, array<string|ValidationRule>>
+     */
+    public function rules(): array
+    {
+        return [
+            // Name of the client
+            'name' => [
+                'required',
+                'string',
+                'min:1',
+                'max:255',
+                (new UniqueEloquent(Client::class, 'name', function (Builder $builder): Builder {
+                    /** @var Builder<Client> $builder */
+                    return $builder->whereBelongsTo($this->organization, 'organization');
+                }))->ignore($this->client?->getKey())->withCustomTranslation('validation.client_name_already_exists'),
+            ],
+            'is_archived' => [
+                'boolean',
+            ],
+        ];
+    }
+
+    public function getIsArchived(): bool
+    {
+        assert($this->has('is_archived'));
+
+        return (bool) $this->input('is_archived');
+    }
+}

app/Http/Requests/V1/Invitation/InvitationStoreRequest.php

@@ -6,9 +6,12 @@ namespace App\Http\Requests\V1\Invitation;
 
 use App\Enums\Role;
 use App\Models\Organization;
+use App\Models\OrganizationInvitation;
 use Illuminate\Contracts\Validation\ValidationRule;
+use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Foundation\Http\FormRequest;
 use Illuminate\Validation\Rule;
+use Korridor\LaravelModelValidationRules\Rules\UniqueEloquent;
 
 /**
  * @property Organization $organization
@@ -26,13 +29,27 @@ class InvitationStoreRequest extends FormRequest
             'email' => [
                 'required',
                 'email',
+                (new UniqueEloquent(OrganizationInvitation::class, 'email', function (Builder $builder): Builder {
+                    /** @var Builder<OrganizationInvitation> $builder */
+                    return $builder->whereBelongsTo($this->organization, 'organization');
+                }))->withCustomTranslation('validation.invitation_already_exists'),
             ],
             'role' => [
                 'required',
                 'string',
-                // TODO: placeholder role should not be allowed
-                Rule::enum(Role::class),
+                Rule::enum(Role::class)
+                    ->except([Role::Owner, Role::Placeholder]),
             ],
         ];
     }
+
+    public function getRole(): Role
+    {
+        return Role::from($this->input('role'));
+    }
+
+    public function getEmail(): string
+    {
+        return $this->input('email');
+    }
 }

app/Http/Requests/V1/Member/MemberUpdateRequest.php

@@ -23,17 +23,27 @@ class MemberUpdateRequest extends FormRequest
     public function rules(): array
     {
         return [
+            'role' => [
+                'string',
+                Rule::enum(Role::class),
+            ],
             'billable_rate' => [
                 'nullable',
                 'integer',
                 'min:0',
             ],
-            'role' => [
-                'required',
-                'string',
-                // TODO: placeholder role should not be allowed
-                Rule::enum(Role::class),
-            ],
         ];
     }
+
+    public function getBillableRate(): ?int
+    {
+        $input = $this->input('billable_rate');
+
+        return $input !== null && $input !== 0 ? (int) $this->input('billable_rate') : null;
+    }
+
+    public function getRole(): Role
+    {
+        return Role::from($this->input('role'));
+    }
 }

app/Http/Requests/V1/Organization/OrganizationUpdateRequest.php

@@ -33,4 +33,11 @@ class OrganizationUpdateRequest extends FormRequest
             ],
         ];
     }
+
+    public function getBillableRate(): ?int
+    {
+        $input = $this->input('billable_rate');
+
+        return $input !== null && $input !== 0 ? (int) $this->input('billable_rate') : null;
+    }
 }

app/Http/Requests/V1/Project/ProjectIndexRequest.php

@@ -21,6 +21,15 @@ class ProjectIndexRequest extends FormRequest
                 'integer',
                 'min:1',
             ],
+            'archived' => [
+                'string',
+                'in:true,false,all',
+            ],
         ];
     }
+
+    public function getFilterArchived(): string
+    {
+        return $this->input('archived', 'false');
+    }
 }

app/Http/Requests/V1/Project/ProjectStoreRequest.php

@@ -6,11 +6,13 @@ namespace App\Http\Requests\V1\Project;
 
 use App\Models\Client;
 use App\Models\Organization;
+use App\Models\Project;
 use App\Rules\ColorRule;
 use Illuminate\Contracts\Validation\ValidationRule;
 use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Foundation\Http\FormRequest;
 use Korridor\LaravelModelValidationRules\Rules\ExistsEloquent;
+use Korridor\LaravelModelValidationRules\Rules\UniqueEloquent;
 
 /**
  * @property Organization $organization Organization from model binding
@@ -26,11 +28,14 @@ class ProjectStoreRequest extends FormRequest
     {
         return [
             'name' => [
-                // TODO: unique
                 'required',
                 'string',
                 'min:1',
                 'max:255',
+                (new UniqueEloquent(Project::class, 'name', function (Builder $builder): Builder {
+                    /** @var Builder<Project> $builder */
+                    return $builder->whereBelongsTo($this->organization, 'organization');
+                }))->withCustomTranslation('validation.project_name_already_exists'),
             ],
             'color' => [
                 'required',
@@ -38,6 +43,10 @@ class ProjectStoreRequest extends FormRequest
                 'max:255',
                 new ColorRule(),
             ],
+            'is_billable' => [
+                'required',
+                'boolean',
+            ],
             'billable_rate' => [
                 'nullable',
                 'integer',
@@ -52,4 +61,11 @@ class ProjectStoreRequest extends FormRequest
             ],
         ];
     }
+
+    public function getBillableRate(): ?int
+    {
+        $input = $this->input('billable_rate');
+
+        return $input !== null && $input !== 0 ? (int) $this->input('billable_rate') : null;
+    }
 }

app/Http/Requests/V1/Project/ProjectUpdateRequest.php

@@ -6,14 +6,17 @@ namespace App\Http\Requests\V1\Project;
 
 use App\Models\Client;
 use App\Models\Organization;
+use App\Models\Project;
 use App\Rules\ColorRule;
 use Illuminate\Contracts\Validation\ValidationRule;
 use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Foundation\Http\FormRequest;
 use Korridor\LaravelModelValidationRules\Rules\ExistsEloquent;
+use Korridor\LaravelModelValidationRules\Rules\UniqueEloquent;
 
 /**
  * @property Organization $organization Organization from model binding
+ * @property Project|null $project Project from model binding
  */
 class ProjectUpdateRequest extends FormRequest
 {
@@ -26,10 +29,13 @@ class ProjectUpdateRequest extends FormRequest
     {
         return [
             'name' => [
-                // TODO: unique
                 'required',
                 'string',
                 'max:255',
+                (new UniqueEloquent(Project::class, 'name', function (Builder $builder): Builder {
+                    /** @var Builder<Project> $builder */
+                    return $builder->whereBelongsTo($this->organization, 'organization');
+                }))->ignore($this->project?->getKey())->withCustomTranslation('validation.project_name_already_exists'),
             ],
             'color' => [
                 'required',
@@ -37,10 +43,12 @@ class ProjectUpdateRequest extends FormRequest
                 'max:255',
                 new ColorRule(),
             ],
-            'billable_rate' => [
-                'nullable',
-                'integer',
-                'min:0',
+            'is_billable' => [
+                'required',
+                'boolean',
+            ],
+            'is_archived' => [
+                'boolean',
             ],
             'client_id' => [
                 'nullable',
@@ -49,6 +57,25 @@ class ProjectUpdateRequest extends FormRequest
                     return $builder->whereBelongsTo($this->organization, 'organization');
                 }),
             ],
+            'billable_rate' => [
+                'nullable',
+                'integer',
+                'min:0',
+            ],
         ];
     }
+
+    public function getIsArchived(): bool
+    {
+        assert($this->has('is_archived'));
+
+        return (bool) $this->input('is_archived');
+    }
+
+    public function getBillableRate(): ?int
+    {
+        $input = $this->input('billable_rate');
+
+        return $input !== null && $input !== 0 ? (int) $this->input('billable_rate') : null;
+    }
 }

app/Http/Requests/V1/ProjectMember/ProjectMemberStoreRequest.php

@@ -39,4 +39,11 @@ class ProjectMemberStoreRequest extends FormRequest
             ],
         ];
     }
+
+    public function getBillableRate(): ?int
+    {
+        $input = $this->input('billable_rate');
+
+        return $input !== null && $input !== 0 ? (int) $this->input('billable_rate') : null;
+    }
 }

app/Http/Requests/V1/ProjectMember/ProjectMemberUpdateRequest.php

@@ -28,4 +28,11 @@ class ProjectMemberUpdateRequest extends FormRequest
             ],
         ];
     }
+
+    public function getBillableRate(): ?int
+    {
+        $input = $this->input('billable_rate');
+
+        return $input !== null && $input !== 0 ? (int) $this->input('billable_rate') : null;
+    }
 }

app/Http/Requests/V1/Tag/TagStoreRequest.php

@@ -4,9 +4,16 @@ declare(strict_types=1);
 
 namespace App\Http\Requests\V1\Tag;
 
+use App\Models\Organization;
+use App\Models\Tag;
 use Illuminate\Contracts\Validation\ValidationRule;
+use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Foundation\Http\FormRequest;
+use Korridor\LaravelModelValidationRules\Rules\UniqueEloquent;
 
+/**
+ * @property Organization $organization Organization from model binding
+ */
 class TagStoreRequest extends FormRequest
 {
     /**
@@ -18,11 +25,14 @@ class TagStoreRequest extends FormRequest
     {
         return [
             'name' => [
-                // TODO: unique
                 'required',
                 'string',
                 'min:1',
                 'max:255',
+                (new UniqueEloquent(Tag::class, 'name', function (Builder $builder): Builder {
+                    /** @var Builder<Tag> $builder */
+                    return $builder->whereBelongsTo($this->organization, 'organization');
+                }))->withCustomTranslation('validation.tag_name_already_exists'),
             ],
         ];
     }

app/Http/Requests/V1/Tag/TagUpdateRequest.php

@@ -4,9 +4,17 @@ declare(strict_types=1);
 
 namespace App\Http\Requests\V1\Tag;
 
+use App\Models\Organization;
+use App\Models\Tag;
 use Illuminate\Contracts\Validation\ValidationRule;
+use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Foundation\Http\FormRequest;
+use Korridor\LaravelModelValidationRules\Rules\UniqueEloquent;
 
+/**
+ * @property Organization $organization Organization from model binding
+ * @property Tag|null $tag Tag from model binding
+ */
 class TagUpdateRequest extends FormRequest
 {
     /**
@@ -18,11 +26,14 @@ class TagUpdateRequest extends FormRequest
     {
         return [
             'name' => [
-                // TODO: unique
                 'required',
                 'string',
                 'min:1',
                 'max:255',
+                (new UniqueEloquent(Tag::class, 'name', function (Builder $builder): Builder {
+                    /** @var Builder<Tag> $builder */
+                    return $builder->whereBelongsTo($this->organization, 'organization');
+                }))->ignore($this->tag?->getKey())->withCustomTranslation('validation.tag_name_already_exists'),
             ],
         ];
     }

app/Http/Requests/V1/Task/TaskIndexRequest.php

@@ -39,6 +39,15 @@ class TaskIndexRequest extends FormRequest
                     return $builder;
                 }),
             ],
+            'done' => [
+                'string',
+                'in:true,false,all',
+            ],
         ];
     }
+
+    public function getFilterDone(): string
+    {
+        return $this->input('done', 'false');
+    }
 }

app/Http/Requests/V1/Task/TaskStoreRequest.php

@@ -6,10 +6,12 @@ namespace App\Http\Requests\V1\Task;
 
 use App\Models\Organization;
 use App\Models\Project;
+use App\Models\Task;
 use Illuminate\Contracts\Validation\ValidationRule;
 use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Foundation\Http\FormRequest;
 use Korridor\LaravelModelValidationRules\Rules\ExistsEloquent;
+use Korridor\LaravelModelValidationRules\Rules\UniqueEloquent;
 
 /**
  * @property Organization $organization Organization from model binding
@@ -25,11 +27,14 @@ class TaskStoreRequest extends FormRequest
     {
         return [
             'name' => [
-                // TODO: unique
                 'required',
                 'string',
                 'min:1',
                 'max:255',
+                (new UniqueEloquent(Task::class, 'name', function (Builder $builder): Builder {
+                    /** @var Builder<Task> $builder */
+                    return $builder->where('project_id', '=', $this->input('project_id'));
+                }))->withCustomTranslation('validation.task_name_already_exists'),
             ],
             'project_id' => [
                 'required',

app/Http/Requests/V1/Task/TaskUpdateRequest.php

@@ -5,11 +5,15 @@ declare(strict_types=1);
 namespace App\Http\Requests\V1\Task;
 
 use App\Models\Organization;
+use App\Models\Task;
 use Illuminate\Contracts\Validation\ValidationRule;
+use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Foundation\Http\FormRequest;
+use Korridor\LaravelModelValidationRules\Rules\UniqueEloquent;
 
 /**
  * @property Organization $organization Organization from model binding
+ * @property Task|null $task Task from model binding
  */
 class TaskUpdateRequest extends FormRequest
 {
@@ -22,12 +26,25 @@ class TaskUpdateRequest extends FormRequest
     {
         return [
             'name' => [
-                // TODO: unique
                 'required',
                 'string',
                 'min:1',
                 'max:255',
+                (new UniqueEloquent(Task::class, 'name', function (Builder $builder): Builder {
+                    /** @var Builder<Task> $builder */
+                    return $builder->where('project_id', '=', $this->task->project_id);
+                }))->ignore($this->task?->getKey())->withCustomTranslation('validation.task_name_already_exists'),
+            ],
+            'is_done' => [
+                'boolean',
             ],
         ];
     }
+
+    public function getIsDone(): bool
+    {
+        assert($this->has('is_done'));
+
+        return $this->boolean('is_done');
+    }
 }