migrate daterange picker to shadcn component

improve time entry range design issue in 12-h format
add support for timeFormat in the frontend
2026-06-15 13:32:43 +01:00 · 2025-05-13 16:22:04 +02:00 · 2025-05-12 22:06:24 +02:00 · 2025-05-12 21:45:57 +02:00 · 2025-05-12 17:20:48 +02:00 · 2025-05-12 16:08:52 +02:00
648 changed files with 33442 additions and 8046 deletions
--- a/.env.ci
+++ b/.env.ci
@@ -1,57 +1,58 @@
+# Application
 APP_NAME=solidtime
 APP_ENV=local
 APP_KEY=
 APP_DEBUG=true
 APP_URL=http://localhost
 APP_FORCE_HTTPS=false
-SESSION_SECURE_COOKIE=false
+APP_ENABLE_REGISTRATION=true

+# Logging
 LOG_CHANNEL=stack
 LOG_DEPRECATIONS_CHANNEL=null
 LOG_LEVEL=debug

+# Database
 DB_CONNECTION=pgsql_test
-
 DB_TEST_HOST=127.0.0.1
 DB_TEST_PORT=5432
 DB_TEST_DATABASE=laravel
 DB_TEST_USERNAME=root
 DB_TEST_PASSWORD=root

-BROADCAST_DRIVER=log
+# Broadcasting
+BROADCAST_DRIVER=null
+
+# Cache
 CACHE_DRIVER=file
-FILESYSTEM_DISK=local
+
+# Queue
 QUEUE_CONNECTION=sync
+
+# Session
 SESSION_DRIVER=database
 SESSION_LIFETIME=120

-MEMCACHED_HOST=127.0.0.1
-
-REDIS_HOST=127.0.0.1
-REDIS_PASSWORD=null
-REDIS_PORT=6379
-
+# Mail
 MAIL_MAILER=log
-MAIL_FROM_ADDRESS="hello@example.com"
-MAIL_FROM_NAME="${APP_NAME}"
+MAIL_FROM_ADDRESS="no-reply@solidtime.test"
+MAIL_FROM_NAME="solidtime"
+MAIL_REPLY_TO_ADDRESS="hello@solidtime.test"
+MAIL_REPLY_TO_NAME="solidtime"

-S3_ACCESS_KEY_ID=
-S3_SECRET_ACCESS_KEY=
-S3_REGION=us-east-1
-S3_BUCKET=
-S3_USE_PATH_STYLE_ENDPOINT=false
+# Filesystems
+FILESYSTEM_DISK=local
+PUBLIC_FILESYSTEM_DISK=public

-PUSHER_APP_ID=
-PUSHER_APP_KEY=
-PUSHER_APP_SECRET=
-PUSHER_HOST=
-PUSHER_PORT=443
-PUSHER_SCHEME=https
-PUSHER_APP_CLUSTER=mt1
+# Passport
+PASSPORT_PERSONAL_ACCESS_CLIENT_ID="9e27f54d-5dfb-4dde-99d7-834518236c92"
+PASSPORT_PERSONAL_ACCESS_CLIENT_SECRET="EL5mXp3aF8ITjcwoOXRpbSK7zGrWhW4zTDpQXTkf"

-VITE_APP_NAME="${APP_NAME}"
-VITE_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
-VITE_PUSHER_HOST="${PUSHER_HOST}"
-VITE_PUSHER_PORT="${PUSHER_PORT}"
-VITE_PUSHER_SCHEME="${PUSHER_SCHEME}"
-VITE_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"
+# Auditing
+AUDITING_ENABLED=true
+
+# Telescope
+TELESCOPE_ENABLED=false
+
+# Services
+GOTENBERG_URL=http://0.0.0.0:3000
--- a/.env.example
+++ b/.env.example
@@ -1,18 +1,21 @@
+# Application
 APP_NAME=solidtime
 APP_ENV=local
 APP_KEY=base64:UNQNf1SXeASNkWux01Rj8EnHYx8FO0kAxWNDwktclkk=
 APP_DEBUG=true
 APP_URL=https://solidtime.test
-AUDITING_ENABLED=true
-
+APP_FORCE_HTTPS=false
+APP_ENABLE_REGISTRATION=true
 SUPER_ADMINS=admin@example.com
+PAGINATION_PER_PAGE_DEFAULT=500

+# Logging
 LOG_CHANNEL=single
 LOG_DEPRECATIONS_CHANNEL=deprecation
 LOG_LEVEL=debug

+# Database
 DB_CONNECTION=pgsql
-
 DB_HOST=pgsql
 DB_PORT=5432
 DB_DATABASE=laravel
@@ -25,18 +28,20 @@ DB_TEST_DATABASE=laravel
 DB_TEST_USERNAME=root
 DB_TEST_PASSWORD=root

-BROADCAST_DRIVER=log
+# Broadcasting
+BROADCAST_DRIVER=null
+
+# Cache
 CACHE_DRIVER=file
+
+# Queue
 QUEUE_CONNECTION=sync
+
+# Session
 SESSION_DRIVER=database
 SESSION_LIFETIME=120

-MEMCACHED_HOST=127.0.0.1
-
-REDIS_HOST=127.0.0.1
-REDIS_PASSWORD=null
-REDIS_PORT=6379
-
+# Mail
 MAIL_MAILER=smtp
 MAIL_HOST=mailpit
 MAIL_PORT=1025
@@ -44,17 +49,11 @@ MAIL_USERNAME=null
 MAIL_PASSWORD=null
 MAIL_ENCRYPTION=null
 MAIL_FROM_ADDRESS="no-reply@solidtime.test"
-MAIL_FROM_NAME="${APP_NAME}"
+MAIL_FROM_NAME="solidtime"
+MAIL_REPLY_TO_ADDRESS="hello@solidtime.test"
+MAIL_REPLY_TO_NAME="solidtime"

-PUSHER_APP_ID=
-PUSHER_APP_KEY=
-PUSHER_APP_SECRET=
-PUSHER_HOST=
-PUSHER_PORT=443
-PUSHER_SCHEME=https
-PUSHER_APP_CLUSTER=mt1
-
-# Storage
+# Filesystems
 FILESYSTEM_DISK=s3
 PUBLIC_FILESYSTEM_DISK=s3
 S3_ACCESS_KEY_ID=sail
@@ -65,18 +64,24 @@ S3_URL=http://storage.solidtime.test/local
 S3_ENDPOINT=http://storage.solidtime.test
 S3_USE_PATH_STYLE_ENDPOINT=true

-VITE_HOST_NAME=vite.solidtime.test
-VITE_APP_NAME="${APP_NAME}"
-VITE_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
-VITE_PUSHER_HOST="${PUSHER_HOST}"
-VITE_PUSHER_PORT="${PUSHER_PORT}"
-VITE_PUSHER_SCHEME="${PUSHER_SCHEME}"
-VITE_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"
+# Passport
+PASSPORT_PERSONAL_ACCESS_CLIENT_ID="9e27f54d-5dfb-4dde-99d7-834518236c92"
+PASSPORT_PERSONAL_ACCESS_CLIENT_SECRET="EL5mXp3aF8ITjcwoOXRpbSK7zGrWhW4zTDpQXTkf"

+# Auditing
+AUDITING_ENABLED=true
+
+# Telescope
+TELESCOPE_ENABLED=false
+
+# Services
+GOTENBERG_URL=http://gotenberg:3000
+
+# Local setup
 NGINX_HOST_NAME=solidtime.test
 NETWORK_NAME=reverse-proxy-docker-traefik_routing
-
 FORWARD_DB_PORT=5432
 FORWARD_WEB_PORT=8083
-
-PAGINATION_PER_PAGE_DEFAULT=500
+VITE_HOST_NAME=vite.solidtime.test
+VITE_APP_NAME="${APP_NAME}"
+#SAIL_XDEBUG_MODE=develop,debug,coverage
--- a/.env.production
+++ b/.env.production
@@ -5,7 +5,6 @@ VITE_APP_NAME=solidtime
 APP_ENV=production
 APP_DEBUG=false
 APP_FORCE_HTTPS=true
-SESSION_SECURE_COOKIE=true
 OCTANE_SERVER=frankenphp
 PAGINATION_PER_PAGE_DEFAULT=500

--- a/.eslintrc.cjs
+++ b/.eslintrc.cjs
@@ -1,13 +0,0 @@
-/* eslint-env node */
-require("@rushstack/eslint-patch/modern-module-resolution")
-
-module.exports = {
-    extends: ['plugin:vue/vue3-essential', '@vue/eslint-config-typescript/recommended', '@vue/eslint-config-prettier'],
-    rules: {
-        'vue/multi-word-component-names': 'off',
-        "@typescript-eslint/no-unused-vars": "off",
-        "unused-imports/no-unused-imports": "error",
-        "unused-imports/no-unused-vars": "error",
-    },
-    plugins: ['unused-imports'],
-}
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@@ -0,0 +1 @@
+github: solidtime-io
--- a/.github/ISSUE_TEMPLATE/1_bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/1_bug_report.yml
@@ -0,0 +1,47 @@
+name: Bug Report
+description: "Report a bug"
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Before creating a new bug report, please check that there isn't already a similar issue.
+
+  - type: textarea
+    attributes:
+      label: Description
+      description: A clear and concise description of what the bug is.
+    validations:
+      required: true
+
+  - type: textarea
+    attributes:
+      label: "Steps To Reproduce"
+      description: How do you trigger this bug? Please walk us through it step by step.
+      value: |
+        1.
+        2.
+        3.
+        ...
+    validations:
+      required: false
+
+  - type: dropdown
+    attributes:
+      label: "Self-hosted or Cloud?"
+      options:
+        - Self-Hosted
+        - solidtime Cloud
+        - Both
+
+  - type: input
+    attributes:
+      label: "Version of solidtime: (for self-hosted)"
+    validations:
+      required: false
+
+  - type: input
+    attributes:
+      label: "solidtime self-hosting guide: (for self-hosted)"
+      description: "Did you use the official guide to self-host solidtime? If yes, which one?"
+    validations:
+      required: false
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -0,0 +1,8 @@
+blank_issues_enabled: false
+contact_links:
+  - name: 🚀 Feature Request
+    url: https://github.com/solidtime-io/solidtime/discussions/new?category=feature-requests
+    about: Share ideas for new features
+  - name: ❓ Ask a Question
+    url: https://github.com/solidtime-io/solidtime/discussions/new?category=general
+    about: Ask the community for help
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,8 @@
+<!--
+This project is early stage. The structure and APIs are still subject to change and not stable.
+Therefore, we do not currently accept any contributions, unless you are a member of the team.
+
+As soon as we feel comfortable enough that the application structure is stable enough, we will open up the project for contributions.
+
+We do accept contributions in the [documentation repository](https://github.com/solidtime-io/docs) f.e. to add new self-hosting guides.
+-->
--- a/.github/workflows/build-private.yml
+++ b/.github/workflows/build-private.yml
@@ -107,6 +107,24 @@ jobs:
      - name: "Install npm dependencies in services extension"
        run: cd extensions/Services && npm ci

+      - name: "Checkout invoicing extension"
+        uses: actions/checkout@v4
+        with:
+          repository: solidtime-io/extension-invoicing
+          path: extensions/Invoicing
+          ssh-key: ${{ secrets.SSH_PRIVATE_KEY_INVOICING_EXTENSION }}
+
+      - name: "Install composer dependencies in invoicing extension"
+        uses: php-actions/composer@v6
+        with:
+          working_dir: "extensions/Invoicing"
+          command: install
+          only_args: --no-dev --no-ansi --no-interaction --prefer-dist --ignore-platform-reqs --classmap-authoritative
+          php_version: 8.3
+
+      - name: "Install npm dependencies in invoicing extension"
+        run: cd extensions/Invoicing && npm ci
+
      - name: "Setup PHP with PECL extension"
        uses: shivammathur/setup-php@v2
        with:
@@ -127,6 +145,9 @@ jobs:
      - name: "Activate services extension"
        run: php artisan module:enable Services

+      - name: "Activate invoicing extension"
+        run: php artisan module:enable Invoicing
+
      - name: "Install npm dependencies"
        run: npm ci

--- a/.github/workflows/build-public.yml
+++ b/.github/workflows/build-public.yml
@@ -11,10 +11,21 @@ on:
      - 'docker/prod/**'
  workflow_dispatch:

+env:
+  DOCKERHUB_REPO: solidtime/solidtime
+  GHCR_REPO: ghcr.io/solidtime-io/solidtime
+
 name: Build - Public
 jobs:
  build:
-    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        include:
+          - runs-on: "ubuntu-24.04-arm"
+            platform: "linux/arm64"
+          - runs-on: "ubuntu-24.04"
+            platform: "linux/amd64"
+    runs-on: ${{ matrix.runs-on }}
    permissions:
      packages: write
      contents: read
@@ -29,7 +40,7 @@ jobs:
          fetch-depth: 0 # Required for WyriHaximus/github-action-get-previous-tag

      - name: "Get build"
-        id: build
+        id: release-build
        run: echo "build=$(git rev-parse --short=8 HEAD)" >> "$GITHUB_OUTPUT"

      - name: "Get Previous tag (normal push)"
@@ -40,7 +51,7 @@ jobs:
          prefix: "v"

      - name: "Get version"
-        id: version
+        id: release-version
        run: |
          if ${{ !startsWith(github.ref, 'refs/tags/v') }}; then
            if ${{ startsWith(steps.previoustag.outputs.tag, 'v') }}; then
@@ -61,21 +72,23 @@ jobs:
          rm .env.production .env.ci .env.example

      - name: "Add version to .env"
-        run: sed -i 's/APP_VERSION=0.0.0/APP_VERSION=${{ steps.version.outputs.app_version }}/g' .env
+        run: sed -i 's/APP_VERSION=0.0.0/APP_VERSION=${{ steps.release-version.outputs.app_version }}/g' .env

      - name: "Add build to .env"
-        run: sed -i 's/APP_BUILD=0/APP_BUILD=${{ steps.build.outputs.build }}/g' .env
+        run: sed -i 's/APP_BUILD=0/APP_BUILD=${{ steps.release-build.outputs.build }}/g' .env

      - name: "Output .env"
        run: cat .env

-      - name: "Install dependencies"
-        uses: php-actions/composer@v6
-        if: steps.cache-vendor.outputs.cache-hit != 'true' # Skip if cache hit
+      - name: "Setup PHP with PECL extension"
+        uses: shivammathur/setup-php@v2
        with:
-          command: install
-          only_args: --no-dev --no-ansi --no-interaction --prefer-dist --ignore-platform-reqs --classmap-authoritative
-          php_version: 8.3
+          php-version: '8.3'
+          extensions: mbstring, dom, fileinfo, pgsql
+
+      - name: "Install dependencies"
+        run: composer install --no-dev --no-ansi --no-interaction --prefer-dist --ignore-platform-reqs --classmap-authoritative
+        if: steps.cache-vendor.outputs.cache-hit != 'true' # Skip if cache hit

      - name: "Use Node.js"
        uses: actions/setup-node@v4
@@ -88,29 +101,31 @@ jobs:
      - name: "Build"
        run: npm run build

-      - name: "Login to GitHub Container Registry"
+      - name: "Prepare"
+        run: |
+          platform=${{ matrix.platform }}
+          echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
+
+      - name: "Docker meta"
+        id: "meta"
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            ${{ env.DOCKERHUB_REPO }}
+            ${{ env.GHCR_REPO }}
+
+      - name: "Login to Docker Hub Container Registry"
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
      - name: "Login to GitHub Container Registry"
        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: "Docker meta"
-        id: "meta"
-        uses: docker/metadata-action@v5
-        with:
-          images: |
-            solidtime/solidtime
-            ghcr.io/${{ github.repository }}
-          tags: |
-            type=ref,event=branch
-            type=ref,event=pr
-            type=semver,pattern={{version}}
-            type=semver,pattern={{major}}.{{minor}}

      - name: "Set up QEMU"
        uses: docker/setup-qemu-action@v3
@@ -118,16 +133,90 @@ jobs:
      - name: "Set up Docker Buildx"
        uses: docker/setup-buildx-action@v3

-      - name: "Build and push"
+      - name: "Build and push by digest"
+        id: build
        uses: docker/build-push-action@v6
        with:
          context: .
          file: docker/prod/Dockerfile
          build-args: |
            DOCKER_FILES_BASE_PATH=docker/prod/
-          platforms: linux/amd64,linux/arm64
-          push: true
-          tags: ${{ steps.meta.outputs.tags }}
+          platforms: ${{ matrix.platform }}
          labels: ${{ steps.meta.outputs.labels }}
+          outputs: type=image,"name=${{ env.DOCKERHUB_REPO }},${{ env.GHCR_REPO }}",push-by-digest=true,name-canonical=true,push=true
          cache-from: type=gha
          cache-to: type=gha,mode=max
+
+      - name: "Export digest"
+        run: |
+          mkdir -p ${{ runner.temp }}/digests
+          digest="${{ steps.build.outputs.digest }}"
+          touch "${{ runner.temp }}/digests/${digest#sha256:}"
+
+      - name: "Upload digest"
+        uses: actions/upload-artifact@v4
+        with:
+          name: digests-${{ env.PLATFORM_PAIR }}
+          path: ${{ runner.temp }}/digests/*
+          if-no-files-found: error
+          retention-days: 1
+
+  merge:
+    runs-on: ubuntu-latest
+    permissions:
+      packages: write
+      contents: read
+      attestations: write
+      id-token: write
+    timeout-minutes: 90
+    needs:
+      - build
+    steps:
+      - name: "Download digests"
+        uses: actions/download-artifact@v4
+        with:
+          path: ${{ runner.temp }}/digests
+          pattern: digests-*
+          merge-multiple: true
+
+      - name: "Login to Docker Hub"
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: "Login to GHCR"
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: "Set up Docker Buildx"
+        uses: docker/setup-buildx-action@v3
+
+      - name: "Docker meta"
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            ${{ env.DOCKERHUB_REPO }}
+            ${{ env.GHCR_REPO }}
+          tags: |
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+
+      - name: "Create manifest list and push"
+        working-directory: ${{ runner.temp }}/digests
+        run: |
+          docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
+            $(printf '${{ env.DOCKERHUB_REPO }}@sha256:%s ' *)
+          docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
+            $(printf '${{ env.GHCR_REPO }}@sha256:%s ' *)
+
+      - name: "Inspect image"
+        run: |
+          docker buildx imagetools inspect ${{ env.DOCKERHUB_REPO }}:${{ steps.meta.outputs.version }}
+          docker buildx imagetools inspect ${{ env.GHCR_REPO }}:${{ steps.meta.outputs.version }}
--- a/.github/workflows/npm-publish-api.yml
+++ b/.github/workflows/npm-publish-api.yml
@@ -8,7 +8,8 @@ jobs:
      contents: read
      id-token: write
    steps:
-      - uses: actions/checkout@v4
+      - name: "Checkout code"
+        uses: actions/checkout@v4
      # Setup .npmrc file to publish to npm
      - name: Install root project dependencies
        run: npm ci
--- a/.github/workflows/npm-publish-ui.yml
+++ b/.github/workflows/npm-publish-ui.yml
@@ -8,7 +8,8 @@ jobs:
      contents: read
      id-token: write
    steps:
-      - uses: actions/checkout@v4
+      - name: "Checkout code"
+        uses: actions/checkout@v4
      # Setup .npmrc file to publish to npm
      - uses: actions/setup-node@v4
        with:
--- a/.github/workflows/phpunit.yml
+++ b/.github/workflows/phpunit.yml
@@ -20,7 +20,15 @@ jobs:
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
-
+      gotenberg:
+        image: gotenberg/gotenberg:8
+        ports:
+          - 3000:3000
+        options: >-
+          --health-cmd "curl --silent --fail http://localhost:3000/health"
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
    steps:
      - name: "Checkout code"
        uses: actions/checkout@v4
@@ -55,7 +63,7 @@ jobs:
        run: php artisan test --stop-on-failure --coverage-text --coverage-clover=coverage.xml

      - name: "Upload coverage reports to Codecov"
-        uses: codecov/codecov-action@v4.5.0
+        uses: codecov/codecov-action@v5.4.2
        with:
          token: ${{ secrets.CODECOV_TOKEN }}
          slug: solidtime-io/solidtime
--- a/.github/workflows/pint.yml
+++ b/.github/workflows/pint.yml
@@ -10,6 +10,6 @@ jobs:
        uses: actions/checkout@v4

      - name: "Check code style"
-        uses: aglipanci/laravel-pint-action@2.4
+        uses: aglipanci/laravel-pint-action@2.5
        with:
          configPath: "pint.json"
--- a/.github/workflows/playwright.yml
+++ b/.github/workflows/playwright.yml
@@ -27,45 +27,47 @@ jobs:
      - name: "Checkout code"
        uses: actions/checkout@v4

-      - uses: actions/setup-node@v4
+      - name: "Setup node"
+        uses: actions/setup-node@v4
        with:
          node-version: '20.x'

-      - name: Setup PHP
+      - name: "Setup PHP"
        uses: shivammathur/setup-php@v2
        with:
          php-version: '8.3'
          extensions: dom, curl, libxml, mbstring, zip, pcntl, pdo, pdo_sqlite, bcmath, soap, intl, gd, exif, iconv
          coverage: none

-      - name: Run composer install
+      - name: "Run composer install"
        run: composer install -n --prefer-dist

-      - name: Prepare Laravel Application
+      - name: "Prepare Laravel Application"
        run: |
          cp .env.ci .env
          php artisan key:generate
-          php artisan migrate --seed
          php artisan passport:keys
+          php artisan migrate --seed

-      - name: Install dependencies
+      - name: "Install dependencies"
        run: npm ci

-      - name: Build Frontend
+      - name: "Build Frontend"
        run: npm run build

-      - name: Run Laravel Server
+      - name: "Run Laravel Server"
        run: php artisan serve > /dev/null 2>&1 &

-      - name: Install Playwright Browsers
+      - name: "Install Playwright Browsers"
        run: npx playwright install --with-deps

-      - name: Run Playwright tests
+      - name: "Run Playwright tests"
        run: npx playwright test
        env:
          PLAYWRIGHT_BASE_URL: 'http://127.0.0.1:8000'

-      - uses: actions/upload-artifact@v4
+      - name: "Upload test results"
+        uses: actions/upload-artifact@v4
        if: always()
        with:
          name: test-results
--- a/README.md
+++ b/README.md
@@ -13,7 +13,7 @@ solidtime is a modern open-source time tracking application for Freelancers and

 - Time tracking: Track your time with a modern and easy-to-use interface
 - Projects: Create and manage projects and assign project members
- - Tasks: Create and manage tasks and assign tasks to project members
+ - Tasks: Create and manage tasks and assign tasks to projects
 - Clients: Create and manage clients and assign clients to projects
 - Billable rates: Set billable rates for projects, project members, organization members and organizations 
 - Multiple organizations: Create and manage multiple organizations with one account
@@ -28,6 +28,11 @@ We also have an examples repository [here](https://github.com/solidtime-io/self-

 If you do not want to self-host solidtime or try it out you can sign up for [solidtime cloud](https://www.solidtime.io/)

+## Issues & Feature Requests
+
+If you find any **bugs in solidtime**, please feel free to [**open an issue**](https://github.com/solidtime-io/solidtime/issues/new) in this repository, with instructions on how to reproduce the bug. 
+If you have a **feature request**, please [**create a discussion**](https://github.com/solidtime-io/solidtime/discussions/new?category=feature-requests) in this repository.
+
 ## Contributing

 This project is in a very early stage. The structure and APIs are still subject to change and not stable. 
@@ -35,6 +40,8 @@ Therefore, we do not currently accept any contributions, unless you are a member

 As soon as we feel comfortable enough that the application structure is stable enough, we will open up the project for contributions.

+We do accept contributions in the [documentation repository](https://github.com/solidtime-io/docs) f.e. to add new self-hosting guides.
+
 ## Security

 Looking to report a vulnerability? Please refer our [SECURITY.md](./SECURITY.md) file.
--- a/app/Actions/Fortify/CreateNewUser.php
+++ b/app/Actions/Fortify/CreateNewUser.php
@@ -4,16 +4,14 @@ declare(strict_types=1);

 namespace App\Actions\Fortify;

-use App\Enums\Role;
 use App\Enums\Weekday;
 use App\Events\NewsletterRegistered;
-use App\Models\Organization;
 use App\Models\User;
 use App\Service\IpLookup\IpLookupServiceContract;
 use App\Service\TimezoneService;
+use App\Service\UserService;
 use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Hash;
 use Illuminate\Support\Facades\Validator;
 use Illuminate\Validation\ValidationException;
 use Korridor\LaravelModelValidationRules\Rules\UniqueEloquent;
@@ -34,6 +32,12 @@ class CreateNewUser implements CreatesNewUsers
     */
    public function create(array $input): User
    {
+        if (! config('app.enable_registration')) {
+            throw ValidationException::withMessages([
+                'email' => [__('Registration is disabled.')],
+            ]);
+        }
+
        Validator::make($input, [
            'name' => [
                'required',
@@ -43,7 +47,7 @@ class CreateNewUser implements CreatesNewUsers
            'email' => [
                'required',
                'string',
-                'email',
+                'email:rfc,strict',
                'max:255',
                UniqueEloquent::make(User::class, 'email', function (Builder $builder): Builder {
                    /** @var Builder<User> $builder */
@@ -72,6 +76,11 @@ class CreateNewUser implements CreatesNewUsers
        $ipLookupResponse = app(IpLookupServiceContract::class)->lookup(request()->ip());

        $startOfWeek = Weekday::Monday;
+        $numberFormat = null;
+        $currencyFormat = null;
+        $dateFormat = null;
+        $intervalFormat = null;
+        $timeFormat = null;
        $currency = null;
        if ($ipLookupResponse !== null) {
            $startOfWeek = $ipLookupResponse->startOfWeek ?? Weekday::Monday;
@@ -81,30 +90,21 @@ class CreateNewUser implements CreatesNewUsers
            $currency = $ipLookupResponse->currency;
        }
        $user = null;
-        $organization = null;
-        DB::transaction(function () use (&$user, &$organization, $input, $timezone, $startOfWeek, $currency): void {
-            $user = User::create([
-                'name' => $input['name'],
-                'email' => $input['email'],
-                'password' => Hash::make($input['password']),
-                'timezone' => $timezone ?? 'UTC',
-                'week_start' => $startOfWeek,
-            ]);
-
-            $organization = new Organization;
-            $organization->name = explode(' ', $user->name, 2)[0]."'s Organization";
-            $organization->personal_team = true;
-            $organization->currency = $currency ?? 'EUR';
-            $organization->owner()->associate($user);
-            $organization->save();
-
-            $organization->users()->attach(
-                $user, [
-                    'role' => Role::Owner->value,
-                ]
+        DB::transaction(function () use (&$user, $input, $timezone, $startOfWeek, $currency, $numberFormat, $currencyFormat, $dateFormat, $intervalFormat, $timeFormat): void {
+            $userService = app(UserService::class);
+            $user = $userService->createUser(
+                $input['name'],
+                $input['email'],
+                $input['password'],
+                $timezone ?? 'UTC',
+                $startOfWeek,
+                $currency,
+                $numberFormat,
+                $currencyFormat,
+                $dateFormat,
+                $intervalFormat,
+                $timeFormat
            );
-
-            $user->ownedTeams()->save($organization);
        });

        $newsletterConsent = isset($input['newsletter_consent']) && (bool) $input['newsletter_consent'];
--- a/app/Actions/Jetstream/AddOrganizationMember.php
+++ b/app/Actions/Jetstream/AddOrganizationMember.php
@@ -7,18 +7,16 @@ namespace App\Actions\Jetstream;
 use App\Enums\Role;
 use App\Models\Organization;
 use App\Models\User;
+use App\Service\MemberService;
 use Closure;
 use Illuminate\Contracts\Validation\ValidationRule;
 use Illuminate\Database\Eloquent\Builder;
-use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Facades\Gate;
 use Illuminate\Support\Facades\Validator;
 use Illuminate\Validation\Rule;
 use Illuminate\Validation\Rules\In;
 use Korridor\LaravelModelValidationRules\Rules\ExistsEloquent;
 use Laravel\Jetstream\Contracts\AddsTeamMembers;
-use Laravel\Jetstream\Events\AddingTeamMember;
-use Laravel\Jetstream\Events\TeamMemberAdded;

 class AddOrganizationMember implements AddsTeamMembers
 {
@@ -36,15 +34,7 @@ class AddOrganizationMember implements AddsTeamMembers
            ->where('is_placeholder', '=', false)
            ->firstOrFail();

-        AddingTeamMember::dispatch($organization, $newOrganizationMember);
-
-        DB::transaction(function () use ($organization, $newOrganizationMember, $role): void {
-            $organization->users()->attach(
-                $newOrganizationMember, ['role' => $role]
-            );
-        });
-
-        TeamMemberAdded::dispatch($organization, $newOrganizationMember);
+        app(MemberService::class)->addMember($newOrganizationMember, $organization, Role::from($role));
    }

    /**
--- a/app/Actions/Jetstream/CreateOrganization.php
+++ b/app/Actions/Jetstream/CreateOrganization.php
@@ -4,10 +4,11 @@ declare(strict_types=1);

 namespace App\Actions\Jetstream;

-use App\Enums\Role;
 use App\Events\AfterCreateOrganization;
 use App\Models\Organization;
 use App\Models\User;
+use App\Service\IpLookup\IpLookupServiceContract;
+use App\Service\OrganizationService;
 use Illuminate\Auth\Access\AuthorizationException;
 use Illuminate\Support\Facades\Gate;
 use Illuminate\Support\Facades\Validator;
@@ -33,16 +34,18 @@ class CreateOrganization implements CreatesTeams
            'name' => ['required', 'string', 'max:255'],
        ])->validateWithBag('createTeam');

-        $organization = new Organization;
-        $organization->name = $input['name'];
-        $organization->personal_team = false;
-        $organization->owner()->associate($user);
-        $organization->save();
+        $ipLookupResponse = app(IpLookupServiceContract::class)->lookup(request()->ip());

-        $organization->users()->attach(
-            $user, [
-                'role' => Role::Owner->value,
-            ]
+        $currency = null;
+        if ($ipLookupResponse !== null) {
+            $currency = $ipLookupResponse->currency;
+        }
+
+        $organization = app(OrganizationService::class)->createOrganization(
+            $input['name'],
+            $user,
+            false,
+            $currency
        );

        $user->switchTeam($organization);
--- a/app/Console/Commands/Admin/UserCreateCommand.php
+++ b/app/Console/Commands/Admin/UserCreateCommand.php
@@ -0,0 +1,92 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Console\Commands\Admin;
+
+use App\Enums\Weekday;
+use App\Models\Organization;
+use App\Models\User;
+use App\Service\UserService;
+use Illuminate\Console\Command;
+use Illuminate\Support\Facades\DB;
+use LogicException;
+
+class UserCreateCommand extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'admin:user:create
+                { name : The name of the user }
+                { email : The email of the user }
+                { --ask-for-password : Ask for the password, otherwise the command will generate a random one }
+                { --verify-email : Verify the email address of the user }';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Create a new user';
+
+    /**
+     * Execute the console command.
+     */
+    public function handle(): int
+    {
+        $name = $this->argument('name');
+        $email = $this->argument('email');
+        $askForPassword = (bool) $this->option('ask-for-password');
+        $verifyEmail = (bool) $this->option('verify-email');
+
+        if (User::query()->where('email', $email)->where('is_placeholder', '=', false)->exists()) {
+            $this->error('User with email "'.$email.'" already exists.');
+
+            return self::FAILURE;
+        }
+
+        if ($askForPassword) {
+            $outputPassword = false;
+            $password = $this->secret('Enter the password');
+        } else {
+            $outputPassword = true;
+            $password = bin2hex(random_bytes(16));
+        }
+
+        $user = null;
+        DB::transaction(function () use (&$user, $name, $email, $password, $verifyEmail): void {
+            $user = app(UserService::class)->createUser(
+                $name,
+                $email,
+                $password,
+                'UTC',
+                Weekday::Monday,
+                null,
+                verifyEmail: $verifyEmail
+            );
+        });
+        /** @var Organization|null $organization */
+        $organization = $user->ownedTeams->first();
+        if ($organization === null) {
+            throw new LogicException('User does not have an organization');
+        }
+
+        $this->info('Created user "'.$name.'" ("'.$email.'")');
+        $this->line('ID: '.$user->getKey());
+        $this->line('Name: '.$name);
+        $this->line('Email: '.$email);
+        if ($outputPassword) {
+            $this->line('Password: '.$password);
+        }
+        $this->line('Timezone: '.$user->timezone);
+        $this->line('Week start: '.$user->week_start->value);
+
+        // Organization
+        $this->line('Currency: '.$organization->currency);
+
+        return self::SUCCESS;
+    }
+}
--- a/app/Console/Commands/Admin/UserVerifyCommand.php
+++ b/app/Console/Commands/Admin/UserVerifyCommand.php
@@ -35,7 +35,9 @@ class UserVerifyCommand extends Command
        $this->info('Start verifying user with email "'.$email.'"');

        /** @var User|null $user */
-        $user = User::where('email', $email)->first();
+        $user = User::query()->where('email', $email)
+            ->where('is_placeholder', '=', false)
+            ->first();

        if ($user === null) {
            $this->error('User with email "'.$email.'" not found.');
--- a/app/Console/Commands/Correction/CorrectionPlaceholderMembersCommand.php
+++ b/app/Console/Commands/Correction/CorrectionPlaceholderMembersCommand.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Console\Commands\Correction;
+
+use App\Enums\Role;
+use App\Models\Member;
+use App\Models\User;
+use Illuminate\Console\Command;
+use Illuminate\Database\Eloquent\Builder;
+
+class CorrectionPlaceholderMembersCommand extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'correction:placeholder-members '.
+        ' { --dry-run : Do not actually save anything to the database, just output what would happen }';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Sets all members who belong to a placeholder user to role placeholder';
+
+    /**
+     * Execute the console command.
+     */
+    public function handle(): int
+    {
+        $this->comment('Sets all members who belong to a placeholder user to role placeholder...');
+        $dryRun = (bool) $this->option('dry-run');
+        if ($dryRun) {
+            $this->comment('Running in dry-run mode. Nothing will be saved to the database.');
+        }
+
+        $members = Member::query()
+            ->where('role', '!=', Role::Placeholder->value)
+            ->whereHas('user', function (Builder $builder): void {
+                /** @var Builder<User> $builder */
+                $builder->where('is_placeholder', '=', true);
+            })
+            ->get();
+        foreach ($members as $member) {
+            /** @var Member $member */
+            $member->role = Role::Placeholder->value;
+            if (! $dryRun) {
+                $member->save();
+            }
+            $this->line('Set role of member (id='.$member->getKey().') to placeholder');
+        }
+
+        return self::SUCCESS;
+    }
+}
--- a/app/Console/Commands/Report/ReportSetExpiredToPrivateCommand.php
+++ b/app/Console/Commands/Report/ReportSetExpiredToPrivateCommand.php
@@ -0,0 +1,67 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Console\Commands\Report;
+
+use App\Models\Report;
+use Illuminate\Console\Command;
+use Illuminate\Database\Eloquent\Collection;
+use Illuminate\Support\Carbon;
+use LogicException;
+
+class ReportSetExpiredToPrivateCommand extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'report:set-expired-to-private '.
+        ' { --dry-run : Do not actually save anything to the database, just output what would happen }';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Makes public reports private if the public_until date has passed.';
+
+    /**
+     * Execute the console command.
+     */
+    public function handle(): int
+    {
+        $this->comment('Makes public reports private if the public_until date has passed...');
+        $dryRun = (bool) $this->option('dry-run');
+        if ($dryRun) {
+            $this->comment('Running in dry-run mode. Nothing will be saved to the database.');
+        }
+
+        $resetReports = 0;
+        Report::query()
+            ->where('public_until', '<', Carbon::now())
+            ->orderBy('created_at', 'asc')
+            ->chunk(500, function (Collection $reports) use ($dryRun, &$resetReports): void {
+                /** @var Collection<int, Report> $reports */
+                foreach ($reports as $report) {
+                    $publicUntil = $report->public_until;
+                    if ($publicUntil === null) {
+                        throw new LogicException('public_until should not be null');
+                    }
+                    $this->info('Make report "'.$report->name.'" ('.$report->getKey().') private, expired: '.
+                        $publicUntil->toIso8601ZuluString().' ('.$publicUntil->diffForHumans().')');
+                    $resetReports++;
+                    if (! $dryRun) {
+                        $report->is_public = false;
+                        $report->share_secret = null;
+                        $report->save();
+                    }
+                }
+            });
+
+        $this->comment('Finished setting '.$resetReports.' expired reports to private...');
+
+        return self::SUCCESS;
+    }
+}
--- a/app/Console/Commands/SelfHost/SelfHostGenerateKeysCommand.php
+++ b/app/Console/Commands/SelfHost/SelfHostGenerateKeysCommand.php
@@ -18,6 +18,7 @@ class SelfHostGenerateKeysCommand extends Command
     */
    protected $signature = 'self-host:generate-keys
                { --length=4096 : The length of the passport private key }
+                { --multi-line : Whether to output the keys in multiple lines }
                { --format=env : The format of the output (env, yaml) }';

    /**
@@ -34,6 +35,7 @@ class SelfHostGenerateKeysCommand extends Command
    {
        $format = $this->option('format');
        $key = RSA::createKey((int) $this->option('length'));
+        $multiLine = (bool) $this->option('multi-line');

        $publicKey = (string) $key->getPublicKey();
        $privateKey = (string) $key;
@@ -41,12 +43,17 @@ class SelfHostGenerateKeysCommand extends Command

        if ($format === 'env') {
            $this->line('APP_KEY="'.$appKey.'"');
-            $this->line('PASSPORT_PRIVATE_KEY="'.$privateKey.'"');
-            $this->line('PASSPORT_PUBLIC_KEY="'.$publicKey.'"');
+            if ($multiLine) {
+                $this->line('PASSPORT_PRIVATE_KEY="'.Str::replace("\r\n", "\n", $privateKey).'"');
+                $this->line('PASSPORT_PUBLIC_KEY="'.Str::replace("\r\n", "\n", $publicKey).'"');
+            } else {
+                $this->line('PASSPORT_PRIVATE_KEY="'.Str::replace("\r\n", '\n', $privateKey).'"');
+                $this->line('PASSPORT_PUBLIC_KEY="'.Str::replace("\r\n", '\n', $publicKey).'"');
+            }
        } elseif ($format === 'yaml') {
            $this->line('APP_KEY: "'.$appKey.'"');
-            $this->line("PASSPORT_PRIVATE_KEY: |\n  ".Str::replace("\n", "\n  ", $privateKey));
-            $this->line("PASSPORT_PUBLIC_KEY: |\n  ".Str::replace("\n", "\n  ", $publicKey));
+            $this->line("PASSPORT_PRIVATE_KEY: |\n  ".Str::replace("\r\n", "\n  ", $privateKey));
+            $this->line("PASSPORT_PUBLIC_KEY: |\n  ".Str::replace("\r\n", "\n  ", $publicKey));
        } else {
            $this->error('Invalid format');

--- a/app/Enums/CurrencyFormat.php
+++ b/app/Enums/CurrencyFormat.php
@@ -0,0 +1,36 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Enums;
+
+use Datomatic\LaravelEnumHelper\LaravelEnumHelper;
+
+enum CurrencyFormat: string
+{
+    use LaravelEnumHelper;
+
+    case ISOCodeBeforeWithSpace = 'iso-code-before-with-space';
+    case ISOCodeAfterWithSpace = 'iso-code-after-with-space';
+
+    case SymbolBefore = 'symbol-before';
+
+    case SymbolAfter = 'symbol-after';
+
+    case SymbolBeforeWithSpace = 'symbol-before-with-space';
+
+    case SymbolAfterWithSpace = 'symbol-after-with-space';
+
+    /**
+     * @return array<string, string>
+     */
+    public static function toSelectArray(): array
+    {
+        $selectArray = [];
+        foreach (self::values() as $value) {
+            $selectArray[(string) $value] = (string) __('enum.currency_format.'.$value);
+        }
+
+        return $selectArray;
+    }
+}
--- a/app/Enums/DateFormat.php
+++ b/app/Enums/DateFormat.php
@@ -0,0 +1,48 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Enums;
+
+use Datomatic\LaravelEnumHelper\LaravelEnumHelper;
+
+enum DateFormat: string
+{
+    use LaravelEnumHelper;
+
+    case PointSeparatedDMYYYY = 'point-separated-d-m-yyyy';
+    case SlashSeparatedMMDDYYYY = 'slash-separated-mm-dd-yyyy';
+
+    case SlashSeparatedDDMMYYYY = 'slash-separated-dd-mm-yyyy';
+
+    case HyphenSeparatedDDMMYYY = 'hyphen-separated-dd-mm-yyyy';
+
+    case HyphenSeparatedMMDDDYYYY = 'hyphen-separated-mm-dd-yyyy';
+
+    case HyphenSeparatedYYYYMMDD = 'hyphen-separated-yyyy-mm-dd';
+
+    public function toCarbonFormat(): string
+    {
+        return match ($this->value) {
+            self::PointSeparatedDMYYYY->value => 'j.n.Y',
+            self::SlashSeparatedMMDDYYYY->value => 'm/d/Y',
+            self::SlashSeparatedDDMMYYYY->value => 'd/m/Y',
+            self::HyphenSeparatedDDMMYYY->value => 'd-m-Y',
+            self::HyphenSeparatedMMDDDYYYY->value => 'm-d-Y',
+            self::HyphenSeparatedYYYYMMDD->value => 'Y-m-d',
+        };
+    }
+
+    /**
+     * @return array<string, string>
+     */
+    public static function toSelectArray(): array
+    {
+        $selectArray = [];
+        foreach (self::values() as $value) {
+            $selectArray[(string) $value] = (string) __('enum.date_format.'.$value);
+        }
+
+        return $selectArray;
+    }
+}
--- a/app/Enums/ExportFormat.php
+++ b/app/Enums/ExportFormat.php
@@ -0,0 +1,35 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Enums;
+
+use Maatwebsite\Excel\Excel;
+
+enum ExportFormat: string
+{
+    case CSV = 'csv';
+    case PDF = 'pdf';
+    case XLSX = 'xlsx';
+    case ODS = 'ods';
+
+    public function getFileExtension(): string
+    {
+        return match ($this) {
+            self::CSV => 'csv',
+            self::PDF => 'pdf',
+            self::XLSX => 'xlsx',
+            self::ODS => 'ods',
+        };
+    }
+
+    public function getExportPackageType(): string
+    {
+        return match ($this) {
+            self::CSV => Excel::CSV,
+            self::PDF => Excel::MPDF,
+            self::XLSX => Excel::XLSX,
+            self::ODS => Excel::ODS,
+        };
+    }
+}
--- a/app/Enums/IntervalFormat.php
+++ b/app/Enums/IntervalFormat.php
@@ -0,0 +1,32 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Enums;
+
+use Datomatic\LaravelEnumHelper\LaravelEnumHelper;
+
+enum IntervalFormat: string
+{
+    use LaravelEnumHelper;
+
+    case Decimal = 'decimal';
+    case HoursMinutes = 'hours-minutes';
+
+    case HoursMinutesColonSeparated = 'hours-minutes-colon-separated';
+
+    case HoursMinutesSecondsColonSeparated = 'hours-minutes-seconds-colon-separated';
+
+    /**
+     * @return array<string, string>
+     */
+    public static function toSelectArray(): array
+    {
+        $selectArray = [];
+        foreach (self::values() as $value) {
+            $selectArray[(string) $value] = (string) __('enum.interval_format.'.$value);
+        }
+
+        return $selectArray;
+    }
+}
--- a/app/Enums/NumberFormat.php
+++ b/app/Enums/NumberFormat.php
@@ -0,0 +1,37 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Enums;
+
+use Datomatic\LaravelEnumHelper\LaravelEnumHelper;
+
+/**
+ * @info https://en.wikipedia.org/wiki/Decimal_separator
+ */
+enum NumberFormat: string
+{
+    use LaravelEnumHelper;
+
+    case ThousandsPointDecimalComma = 'point-comma';
+
+    case ThousandsCommaDecimalPoint = 'comma-point';
+    case ThousandsSpaceDecimalComma = 'space-comma';
+
+    case ThousandsSpaceDecimalPoint = 'space-point';
+
+    case ThousandsApostropheDecimalPoint = 'apostrophe-point';
+
+    /**
+     * @return array<string, string>
+     */
+    public static function toSelectArray(): array
+    {
+        $selectArray = [];
+        foreach (self::values() as $value) {
+            $selectArray[(string) $value] = (string) __('enum.number_format.'.$value);
+        }
+
+        return $selectArray;
+    }
+}
--- a/app/Enums/TimeEntryAggregationType.php
+++ b/app/Enums/TimeEntryAggregationType.php
@@ -4,8 +4,12 @@ declare(strict_types=1);

 namespace App\Enums;

+use Datomatic\LaravelEnumHelper\LaravelEnumHelper;
+
 enum TimeEntryAggregationType: string
 {
+    use LaravelEnumHelper;
+
    case Day = 'day';
    case Week = 'week';
    case Month = 'month';
@@ -17,6 +21,16 @@ enum TimeEntryAggregationType: string
    case Billable = 'billable';
    case Description = 'description';

+    public static function fromInterval(TimeEntryAggregationTypeInterval $timeEntryAggregationTypeInterval): TimeEntryAggregationType
+    {
+        return match ($timeEntryAggregationTypeInterval) {
+            TimeEntryAggregationTypeInterval::Day => TimeEntryAggregationType::Day,
+            TimeEntryAggregationTypeInterval::Week => TimeEntryAggregationType::Week,
+            TimeEntryAggregationTypeInterval::Month => TimeEntryAggregationType::Month,
+            TimeEntryAggregationTypeInterval::Year => TimeEntryAggregationType::Year,
+        };
+    }
+
    public function toInterval(): ?TimeEntryAggregationTypeInterval
    {
        return match ($this) {
--- a/app/Enums/TimeFormat.php
+++ b/app/Enums/TimeFormat.php
@@ -0,0 +1,28 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Enums;
+
+use Datomatic\LaravelEnumHelper\LaravelEnumHelper;
+
+enum TimeFormat: string
+{
+    use LaravelEnumHelper;
+
+    case TwelveHours = '12-hours';
+    case TwentyFourHours = '24-hours';
+
+    /**
+     * @return array<string, string>
+     */
+    public static function toSelectArray(): array
+    {
+        $selectArray = [];
+        foreach (self::values() as $value) {
+            $selectArray[(string) $value] = (string) __('enum.time_format.'.$value);
+        }
+
+        return $selectArray;
+    }
+}
--- a/app/Enums/Weekday.php
+++ b/app/Enums/Weekday.php
@@ -4,10 +4,13 @@ declare(strict_types=1);

 namespace App\Enums;

+use Datomatic\LaravelEnumHelper\LaravelEnumHelper;
 use Illuminate\Support\Carbon;

 enum Weekday: string
 {
+    use LaravelEnumHelper;
+
    case Monday = 'monday';
    case Tuesday = 'tuesday';
    case Wednesday = 'wednesday';
--- a/app/Exceptions/Api/ChangingRoleOfPlaceholderIsNotAllowed.php
+++ b/app/Exceptions/Api/ChangingRoleOfPlaceholderIsNotAllowed.php
@@ -0,0 +1,10 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Exceptions\Api;
+
+class ChangingRoleOfPlaceholderIsNotAllowed extends ApiException
+{
+    public const string KEY = 'changing_role_of_placeholder_is_not_allowed';
+}
--- a/app/Exceptions/Api/FeatureIsNotAvailableInFreePlanApiException.php
+++ b/app/Exceptions/Api/FeatureIsNotAvailableInFreePlanApiException.php
@@ -0,0 +1,10 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Exceptions\Api;
+
+class FeatureIsNotAvailableInFreePlanApiException extends ApiException
+{
+    public const string KEY = 'feature_is_not_available_in_free_plan';
+}
--- a/app/Exceptions/Api/OnlyPlaceholdersCanBeMergedIntoAnotherMember.php
+++ b/app/Exceptions/Api/OnlyPlaceholdersCanBeMergedIntoAnotherMember.php
@@ -0,0 +1,10 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Exceptions\Api;
+
+class OnlyPlaceholdersCanBeMergedIntoAnotherMember extends ApiException
+{
+    public const string KEY = 'only_placeholders_can_be_merged_into_another_member';
+}
--- a/app/Exceptions/Api/PdfRendererIsNotConfiguredException.php
+++ b/app/Exceptions/Api/PdfRendererIsNotConfiguredException.php
@@ -0,0 +1,10 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Exceptions\Api;
+
+class PdfRendererIsNotConfiguredException extends ApiException
+{
+    public const string KEY = 'pdf_renderer_is_not_configured';
+}
--- a/app/Exceptions/Api/PersonalAccessClientIsNotConfiguredException.php
+++ b/app/Exceptions/Api/PersonalAccessClientIsNotConfiguredException.php
@@ -0,0 +1,10 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Exceptions\Api;
+
+class PersonalAccessClientIsNotConfiguredException extends ApiException
+{
+    public const string KEY = 'personal_access_client_is_not_configured';
+}
--- a/app/Exceptions/Api/ThisPlaceholderCanNotBeInvitedUseTheMergeToolInsteadException.php
+++ b/app/Exceptions/Api/ThisPlaceholderCanNotBeInvitedUseTheMergeToolInsteadException.php
@@ -0,0 +1,10 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Exceptions\Api;
+
+class ThisPlaceholderCanNotBeInvitedUseTheMergeToolInsteadException extends ApiException
+{
+    public const string KEY = 'this_placeholder_can_not_be_invited_use_the_merge_tool_instead_api_exception';
+}
--- a/app/Filament/Resources/AuditResource.php
+++ b/app/Filament/Resources/AuditResource.php
@@ -13,7 +13,7 @@ use Filament\Tables;
 use Filament\Tables\Columns\IconColumn;
 use Filament\Tables\Table;
 use Illuminate\Support\Str;
-use Novadaemon\FilamentPrettyJson\PrettyJson;
+use Novadaemon\FilamentPrettyJson\Form\PrettyJsonField;

 class AuditResource extends Resource
 {
@@ -38,8 +38,8 @@ class AuditResource extends Resource
                    ->maxLength(255),
                Forms\Components\TextInput::make('auditable_id')
                    ->required(),
-                PrettyJson::make('old_values'),
-                PrettyJson::make('new_values'),
+                PrettyJsonField::make('old_values'),
+                PrettyJsonField::make('new_values'),
                Forms\Components\Textarea::make('url'),
                Forms\Components\TextInput::make('ip_address'),
                Forms\Components\TextInput::make('user_agent')
--- a/app/Filament/Resources/ClientResource.php
+++ b/app/Filament/Resources/ClientResource.php
@@ -60,8 +60,13 @@ class ClientResource extends Resource
            ->defaultSort('created_at', 'desc')
            ->filters([
                SelectFilter::make('organization')
+                    ->label('Organization')
                    ->relationship('organization', 'name')
                    ->searchable(),
+                SelectFilter::make('organization_id')
+                    ->label('Organization ID')
+                    ->relationship('organization', 'id')
+                    ->searchable(),
            ])
            ->actions([
                Tables\Actions\EditAction::make(),
--- a/app/Filament/Resources/ClientResource/Pages/EditClient.php
+++ b/app/Filament/Resources/ClientResource/Pages/EditClient.php
@@ -15,7 +15,8 @@ class EditClient extends EditRecord
    protected function getHeaderActions(): array
    {
        return [
-            Actions\DeleteAction::make(),
+            Actions\DeleteAction::make()
+                ->icon('heroicon-m-trash'),
        ];
    }
 }
--- a/app/Filament/Resources/ClientResource/Pages/ListClients.php
+++ b/app/Filament/Resources/ClientResource/Pages/ListClients.php
@@ -15,7 +15,8 @@ class ListClients extends ListRecords
    protected function getHeaderActions(): array
    {
        return [
-            Actions\CreateAction::make(),
+            Actions\CreateAction::make()
+                ->icon('heroicon-s-plus'),
        ];
    }
 }
--- a/app/Filament/Resources/FailedJobResource.php
+++ b/app/Filament/Resources/FailedJobResource.php
@@ -20,7 +20,7 @@ use Filament\Tables\Columns\TextColumn;
 use Filament\Tables\Table;
 use Illuminate\Support\Collection;
 use Illuminate\Support\Facades\Artisan;
-use Novadaemon\FilamentPrettyJson\PrettyJson;
+use Novadaemon\FilamentPrettyJson\Form\PrettyJsonField;

 /**
 * @source https://gitlab.com/amvisor/filament-failed-jobs
@@ -50,7 +50,7 @@ class FailedJobResource extends Resource

                // make text a little bit smaller because often a complete Stack Trace is shown:
                TextArea::make('exception')->disabled()->columnSpan(4)->extraInputAttributes(['style' => 'font-size: 80%;']),
-                PrettyJson::make('payload')->disabled()->columnSpan(4),
+                PrettyJsonField::make('payload')->disabled()->columnSpan(4),
            ])->columns(4);
    }

--- a/app/Filament/Resources/OrganizationInvitationResource.php
+++ b/app/Filament/Resources/OrganizationInvitationResource.php
@@ -0,0 +1,114 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources;
+
+use App\Enums\Role;
+use App\Filament\Resources\OrganizationInvitationResource\Pages;
+use App\Models\OrganizationInvitation;
+use App\Service\OrganizationInvitationService;
+use Filament\Forms;
+use Filament\Forms\Components\Select;
+use Filament\Forms\Form;
+use Filament\Resources\Resource;
+use Filament\Tables;
+use Filament\Tables\Table;
+use Illuminate\Support\Collection;
+
+class OrganizationInvitationResource extends Resource
+{
+    protected static ?string $model = OrganizationInvitation::class;
+
+    protected static ?string $label = 'Invitations';
+
+    protected static ?string $navigationIcon = 'heroicon-o-user-plus';
+
+    protected static ?string $navigationGroup = 'Users';
+
+    protected static ?int $navigationSort = 9;
+
+    public static function form(Form $form): Form
+    {
+        return $form
+            ->columns(1)
+            ->schema([
+                Forms\Components\TextInput::make('email')
+                    ->label('Email')
+                    ->disabledOn(['edit'])
+                    ->required(),
+                Select::make('role')
+                    ->options(Role::class),
+                Forms\Components\Select::make('organization_id')
+                    ->label('Organization')
+                    ->relationship(name: 'organization', titleAttribute: 'name')
+                    ->searchable(['name'])
+                    ->disabledOn(['edit'])
+                    ->required(),
+                Forms\Components\DateTimePicker::make('created_at')
+                    ->label('Created At')
+                    ->hiddenOn(['create'])
+                    ->disabled(),
+                Forms\Components\DateTimePicker::make('updated_at')
+                    ->label('Updated At')
+                    ->hiddenOn(['create'])
+                    ->disabled(),
+            ]);
+    }
+
+    public static function table(Table $table): Table
+    {
+        return $table
+            ->columns([
+                Tables\Columns\TextColumn::make('organization.name')
+                    ->searchable()
+                    ->sortable(),
+                Tables\Columns\TextColumn::make('email')
+                    ->sortable(),
+                Tables\Columns\TextColumn::make('role'),
+                Tables\Columns\TextColumn::make('created_at')
+                    ->label('Created At')
+                    ->dateTime()
+                    ->sortable(),
+                Tables\Columns\TextColumn::make('updated_at')
+                    ->label('Updated At')
+                    ->dateTime()
+                    ->sortable()
+                    ->toggleable(isToggledHiddenByDefault: true),
+            ])
+            ->defaultSort('created_at', 'desc')
+            ->filters([
+                //
+            ])
+            ->actions([
+                Tables\Actions\EditAction::make(),
+                Tables\Actions\DeleteAction::make(),
+            ])
+            ->bulkActions([
+                Tables\Actions\BulkActionGroup::make([
+                    Tables\Actions\BulkAction::make('resend')
+                        ->label('Resend')
+                        ->action(function (Collection $records): void {
+                            foreach ($records as $organizationInvite) {
+                                app(OrganizationInvitationService::class)->resend($organizationInvite);
+                            }
+                        }),
+                ]),
+            ]);
+    }
+
+    public static function getRelations(): array
+    {
+        return [
+        ];
+    }
+
+    public static function getPages(): array
+    {
+        return [
+            'index' => Pages\ListOrganizationInvitations::route('/'),
+            'edit' => Pages\EditOrganizationInvitation::route('/{record}/edit'),
+            'view' => Pages\ViewOrganizationInvitation::route('/{record}'),
+        ];
+    }
+}
--- a/app/Filament/Resources/OrganizationInvitationResource/Pages/EditOrganizationInvitation.php
+++ b/app/Filament/Resources/OrganizationInvitationResource/Pages/EditOrganizationInvitation.php
@@ -0,0 +1,22 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources\OrganizationInvitationResource\Pages;
+
+use App\Filament\Resources\OrganizationInvitationResource;
+use Filament\Actions;
+use Filament\Resources\Pages\EditRecord;
+
+class EditOrganizationInvitation extends EditRecord
+{
+    protected static string $resource = OrganizationInvitationResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+            Actions\DeleteAction::make()
+                ->icon('heroicon-m-trash'),
+        ];
+    }
+}
--- a/app/Filament/Resources/OrganizationInvitationResource/Pages/ListOrganizationInvitations.php
+++ b/app/Filament/Resources/OrganizationInvitationResource/Pages/ListOrganizationInvitations.php
@@ -0,0 +1,19 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources\OrganizationInvitationResource\Pages;
+
+use App\Filament\Resources\OrganizationInvitationResource;
+use Filament\Resources\Pages\ListRecords;
+
+class ListOrganizationInvitations extends ListRecords
+{
+    protected static string $resource = OrganizationInvitationResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+        ];
+    }
+}
--- a/app/Filament/Resources/OrganizationInvitationResource/Pages/ViewOrganizationInvitation.php
+++ b/app/Filament/Resources/OrganizationInvitationResource/Pages/ViewOrganizationInvitation.php
@@ -0,0 +1,22 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources\OrganizationInvitationResource\Pages;
+
+use App\Filament\Resources\OrganizationInvitationResource;
+use Filament\Actions\EditAction;
+use Filament\Resources\Pages\ViewRecord;
+
+class ViewOrganizationInvitation extends ViewRecord
+{
+    protected static string $resource = OrganizationInvitationResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+            EditAction::make('edit')
+                ->icon('heroicon-s-pencil'),
+        ];
+    }
+}
--- a/app/Filament/Resources/OrganizationResource.php
+++ b/app/Filament/Resources/OrganizationResource.php
@@ -4,9 +4,16 @@ declare(strict_types=1);

 namespace App\Filament\Resources;

+use App\Enums\CurrencyFormat;
+use App\Enums\DateFormat;
+use App\Enums\IntervalFormat;
+use App\Enums\NumberFormat;
+use App\Enums\TimeFormat;
 use App\Filament\Resources\OrganizationResource\Pages;
+use App\Filament\Resources\OrganizationResource\RelationManagers\InvitationsRelationManager;
 use App\Filament\Resources\OrganizationResource\RelationManagers\UsersRelationManager;
 use App\Models\Organization;
+use App\Service\DeletionService;
 use App\Service\Export\ExportService;
 use App\Service\Import\Importers\ImporterProvider;
 use App\Service\Import\Importers\ImportException;
@@ -46,10 +53,28 @@ class OrganizationResource extends Resource
                    ->maxLength(255),
                Forms\Components\Toggle::make('personal_team')
                    ->label('Is personal?')
+                    ->hiddenOn(['create'])
                    ->required(),
                Forms\Components\Select::make('user_id')
+                    ->label('Owner')
                    ->relationship(name: 'owner', titleAttribute: 'email')
                    ->searchable(['name', 'email'])
+                    ->disabledOn(['edit'])
+                    ->required(),
+                Select::make('date_format')
+                    ->options(DateFormat::toSelectArray())
+                    ->required(),
+                Select::make('currency_format')
+                    ->options(CurrencyFormat::toSelectArray())
+                    ->required(),
+                Select::make('interval_format')
+                    ->options(IntervalFormat::toSelectArray())
+                    ->required(),
+                Select::make('number_format')
+                    ->options(NumberFormat::toSelectArray())
+                    ->required(),
+                Select::make('time_format')
+                    ->options(TimeFormat::toSelectArray())
                    ->required(),
                Forms\Components\Select::make('currency')
                    ->label('Currency')
@@ -62,6 +87,7 @@ class OrganizationResource extends Resource

                        return $select;
                    })
+                    ->required()
                    ->searchable(),
                Forms\Components\TextInput::make('billable_rate')
                    ->label('Billable rate (in Cents)')
@@ -75,9 +101,11 @@ class OrganizationResource extends Resource
                    ->numeric(),
                Forms\Components\DateTimePicker::make('created_at')
                    ->label('Created At')
+                    ->hiddenOn(['create'])
                    ->disabled(),
                Forms\Components\DateTimePicker::make('updated_at')
                    ->label('Updated At')
+                    ->hiddenOn(['create'])
                    ->disabled(),
            ]);
    }
@@ -97,7 +125,7 @@ class OrganizationResource extends Resource
                    ->sortable(),
                Tables\Columns\TextColumn::make('currency'),
                TextColumn::make('billable_rate')
-                    ->money(fn (Organization $resource) => $resource->currency ?? 'EUR', divideBy: 100),
+                    ->money(fn (Organization $resource) => $resource->currency, divideBy: 100),
                Tables\Columns\TextColumn::make('created_at')
                    ->dateTime()
                    ->sortable(),
@@ -112,6 +140,10 @@ class OrganizationResource extends Resource
            ])
            ->actions([
                Tables\Actions\EditAction::make(),
+                Tables\Actions\DeleteAction::make()
+                    ->using(function (Organization $record): void {
+                        app(DeletionService::class)->deleteOrganization($record);
+                    }),
                Action::make('Export')
                    ->icon('heroicon-o-arrow-down-tray')
                    ->action(function (Organization $record) {
@@ -199,8 +231,6 @@ class OrganizationResource extends Resource
                    ]),
            ])
            ->bulkActions([
-                Tables\Actions\BulkActionGroup::make([
-                ]),
            ]);
    }

@@ -208,6 +238,7 @@ class OrganizationResource extends Resource
    {
        return [
            UsersRelationManager::class,
+            InvitationsRelationManager::class,
        ];
    }

--- a/app/Filament/Resources/OrganizationResource/Actions/DeleteOrganization.php
+++ b/app/Filament/Resources/OrganizationResource/Actions/DeleteOrganization.php
@@ -15,7 +15,6 @@ class DeleteOrganization extends DeleteAction
    protected function setUp(): void
    {
        parent::setUp();
-        // TODO: check why setting the icon is necessary
        $this->icon('heroicon-m-trash');
        $this->action(function (): void {
            $result = $this->process(function (Organization $record): bool {
--- a/app/Filament/Resources/OrganizationResource/Pages/CreateOrganization.php
+++ b/app/Filament/Resources/OrganizationResource/Pages/CreateOrganization.php
@@ -4,10 +4,33 @@ declare(strict_types=1);

 namespace App\Filament\Resources\OrganizationResource\Pages;

+use App\Enums\Role;
 use App\Filament\Resources\OrganizationResource;
+use App\Models\Organization;
 use Filament\Resources\Pages\CreateRecord;

 class CreateOrganization extends CreateRecord
 {
    protected static string $resource = OrganizationResource::class;
+
+    protected function mutateFormDataBeforeCreate(array $data): array
+    {
+        $data['personal_team'] = false;
+
+        return $data;
+    }
+
+    protected function afterCreate(): void
+    {
+        /** @var Organization $organization */
+        $organization = $this->record;
+
+        $user = $organization->owner;
+
+        $organization->users()->attach(
+            $user, [
+                'role' => Role::Owner->value,
+            ]
+        );
+    }
 }
--- a/app/Filament/Resources/OrganizationResource/Pages/ListOrganizations.php
+++ b/app/Filament/Resources/OrganizationResource/Pages/ListOrganizations.php
@@ -15,7 +15,8 @@ class ListOrganizations extends ListRecords
    protected function getHeaderActions(): array
    {
        return [
-            Actions\CreateAction::make(),
+            Actions\CreateAction::make()
+                ->icon('heroicon-s-plus'),
        ];
    }
 }
--- a/app/Filament/Resources/OrganizationResource/RelationManagers/InvitationsRelationManager.php
+++ b/app/Filament/Resources/OrganizationResource/RelationManagers/InvitationsRelationManager.php
@@ -0,0 +1,86 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources\OrganizationResource\RelationManagers;
+
+use App\Enums\Role;
+use App\Filament\Resources\OrganizationInvitationResource;
+use App\Models\Organization;
+use App\Models\OrganizationInvitation;
+use App\Service\InvitationService;
+use Filament\Forms\Components\Select;
+use Filament\Forms\Components\TextInput;
+use Filament\Forms\Form;
+use Filament\Resources\RelationManagers\RelationManager;
+use Filament\Tables;
+use Filament\Tables\Actions\Action;
+use Filament\Tables\Table;
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Validation\Rule;
+
+class InvitationsRelationManager extends RelationManager
+{
+    protected static string $relationship = 'teamInvitations';
+
+    protected static ?string $title = 'Invitations';
+
+    public function form(Form $form): Form
+    {
+        return $form
+            ->schema([
+                TextInput::make('email')
+                    ->label('Email')
+                    ->disabledOn(['edit'])
+                    ->required(),
+                Select::make('role')
+                    ->options(Role::class)
+                    ->label('Role')
+                    ->rules([
+                        'required',
+                        'string',
+                        Rule::enum(Role::class)
+                            ->except([Role::Owner, Role::Placeholder]),
+                    ])
+                    ->required(),
+            ]);
+    }
+
+    public function table(Table $table): Table
+    {
+        return $table
+            ->recordTitleAttribute('email')
+            ->modelLabel('Invitation')
+            ->pluralModelLabel('Invitations')
+            ->columns([
+                Tables\Columns\TextColumn::make('email'),
+                Tables\Columns\TextColumn::make('role'),
+            ])
+            ->headerActions([
+                Tables\Actions\CreateAction::make()
+                    ->icon('heroicon-s-plus')
+                    ->using(function (array $data, string $model): Model {
+                        /** @var Organization $ownerRecord */
+                        $ownerRecord = $this->getOwnerRecord();
+
+                        return app(InvitationService::class)
+                            ->inviteUser($ownerRecord, $data['email'], Role::from($data['role']));
+                    }),
+            ])
+            ->actions([
+                Action::make('view')
+                    ->icon('heroicon-o-eye')
+                    ->color('gray')
+                    ->url(fn (OrganizationInvitation $record): string => OrganizationInvitationResource::getUrl('view', [
+                        'record' => $record->getKey(),
+                    ])),
+                Tables\Actions\EditAction::make(),
+                Tables\Actions\DeleteAction::make(),
+            ])
+            ->bulkActions([
+                Tables\Actions\BulkActionGroup::make([
+                    Tables\Actions\DetachBulkAction::make(),
+                ]),
+            ]);
+    }
+}
--- a/app/Filament/Resources/OrganizationResource/RelationManagers/UsersRelationManager.php
+++ b/app/Filament/Resources/OrganizationResource/RelationManagers/UsersRelationManager.php
@@ -5,17 +5,24 @@ declare(strict_types=1);
 namespace App\Filament\Resources\OrganizationResource\RelationManagers;

 use App\Enums\Role;
+use App\Exceptions\Api\ApiException;
 use App\Filament\Resources\UserResource;
+use App\Models\Member;
+use App\Models\Organization;
 use App\Models\User;
+use App\Service\BillableRateService;
+use App\Service\MemberService;
 use Filament\Forms\Components\Select;
 use Filament\Forms\Components\TextInput;
 use Filament\Forms\Form;
+use Filament\Notifications\Notification;
 use Filament\Resources\RelationManagers\RelationManager;
 use Filament\Tables;
 use Filament\Tables\Actions\Action;
 use Filament\Tables\Actions\AttachAction;
 use Filament\Tables\Columns\TextColumn;
 use Filament\Tables\Table;
+use Illuminate\Validation\Rule;

 class UsersRelationManager extends RelationManager
 {
@@ -36,20 +43,40 @@ class UsersRelationManager extends RelationManager

    public function table(Table $table): Table
    {
+        /** @var Organization $organization */
+        $organization = $this->getOwnerRecord();
+
        return $table
            ->recordTitleAttribute('name')
            ->columns([
                Tables\Columns\TextColumn::make('name'),
                Tables\Columns\TextColumn::make('role'),
                TextColumn::make('billable_rate')
-                    ->money($this->getOwnerRecord()->currency ?? 'EUR', divideBy: 100),
+                    ->money($organization->currency, divideBy: 100),
            ])
            ->headerActions([
-                Tables\Actions\AttachAction::make()->form(fn (AttachAction $action): array => [
-                    $action->getRecordSelect(),
-                    Select::make('role')
-                        ->options(Role::class),
-                ]),
+                Tables\Actions\AttachAction::make()
+                    ->recordTitle(fn (User $record): string => "{$record->name} ({$record->email})")
+                    ->form(fn (AttachAction $action): array => [
+                        $action->getRecordSelect(),
+                        Select::make('role')
+                            ->required()
+                            ->options(Role::class)
+                            ->rule([
+                                'required',
+                                'string',
+                                Rule::enum(Role::class)
+                                    ->except([Role::Owner, Role::Placeholder]),
+                            ]),
+                    ])
+                    ->label('Add user')
+                    ->modalHeading('Add user')
+                    ->icon('heroicon-s-plus')
+                    ->using(function (User $record, array $data): void {
+                        /** @var Organization $organization */
+                        $organization = $this->getOwnerRecord();
+                        app(MemberService::class)->addMember($record, $organization, Role::from($data['role']), true);
+                    }),
            ])
            ->actions([
                Action::make('view')
@@ -58,13 +85,55 @@ class UsersRelationManager extends RelationManager
                    ->url(fn (User $record): string => UserResource::getUrl('view', [
                        'record' => $record->getKey(),
                    ])),
-                Tables\Actions\EditAction::make(),
-                Tables\Actions\DetachAction::make(),
+                Tables\Actions\EditAction::make()
+                    ->using(function (User $record, array $data): User {
+                        /** @var Organization $organization */
+                        $organization = $this->getOwnerRecord();
+                        /** @var Member $member */
+                        $member = $record->getRelation('membership');
+
+                        if ($data['billable_rate'] !== $member->billable_rate) {
+                            $member->billable_rate = $data['billable_rate'];
+                            app(BillableRateService::class)->updateTimeEntriesBillableRateForMember($member);
+                        }
+
+                        if ($data['role'] !== $member->role) {
+                            try {
+                                app(MemberService::class)->changeRole($member, $organization, Role::from($data['role']), true);
+                            } catch (ApiException $exception) {
+                                Notification::make()
+                                    ->danger()
+                                    ->title('Update failed')
+                                    ->body($exception->getTranslatedMessage())
+                                    ->persistent()
+                                    ->send();
+                            }
+                        }
+                        $member->save();
+
+                        return $record;
+                    }),
+                Tables\Actions\DetachAction::make()
+                    ->using(function (User $record): void {
+                        /** @var Organization $organization */
+                        $organization = $this->getOwnerRecord();
+                        $member = Member::query()
+                            ->whereBelongsTo($record, 'user')
+                            ->whereBelongsTo($organization, 'organization')
+                            ->firstOrFail();
+                        try {
+                            app(MemberService::class)->removeMember($member, $organization);
+                        } catch (ApiException $exception) {
+                            Notification::make()
+                                ->danger()
+                                ->title('Delete failed')
+                                ->body($exception->getTranslatedMessage())
+                                ->persistent()
+                                ->send();
+                        }
+                    }),
            ])
            ->bulkActions([
-                Tables\Actions\BulkActionGroup::make([
-                    Tables\Actions\DetachBulkAction::make(),
-                ]),
            ]);
    }
 }
--- a/app/Filament/Resources/ProjectMemberResource/Pages/EditProjectMember.php
+++ b/app/Filament/Resources/ProjectMemberResource/Pages/EditProjectMember.php
@@ -15,7 +15,8 @@ class EditProjectMember extends EditRecord
    protected function getHeaderActions(): array
    {
        return [
-            Actions\DeleteAction::make(),
+            Actions\DeleteAction::make()
+                ->icon('heroicon-m-trash'),
        ];
    }
 }
--- a/app/Filament/Resources/ProjectMemberResource/Pages/ListProjectMembers.php
+++ b/app/Filament/Resources/ProjectMemberResource/Pages/ListProjectMembers.php
@@ -15,7 +15,8 @@ class ListProjectMembers extends ListRecords
    protected function getHeaderActions(): array
    {
        return [
-            Actions\CreateAction::make(),
+            Actions\CreateAction::make()
+                ->icon('heroicon-s-plus'),
        ];
    }
 }
--- a/app/Filament/Resources/ProjectResource.php
+++ b/app/Filament/Resources/ProjectResource.php
@@ -72,8 +72,13 @@ class ProjectResource extends Resource
            ])
            ->filters([
                SelectFilter::make('organization')
+                    ->label('Organization')
                    ->relationship('organization', 'name')
                    ->searchable(),
+                SelectFilter::make('organization_id')
+                    ->label('Organization ID')
+                    ->relationship('organization', 'id')
+                    ->searchable(),
            ])
            ->defaultSort('created_at', 'desc')
            ->actions([
--- a/app/Filament/Resources/ProjectResource/Pages/EditProject.php
+++ b/app/Filament/Resources/ProjectResource/Pages/EditProject.php
@@ -15,7 +15,8 @@ class EditProject extends EditRecord
    protected function getHeaderActions(): array
    {
        return [
-            Actions\DeleteAction::make(),
+            Actions\DeleteAction::make()
+                ->icon('heroicon-m-trash'),
        ];
    }
 }
--- a/app/Filament/Resources/ProjectResource/Pages/ListProjects.php
+++ b/app/Filament/Resources/ProjectResource/Pages/ListProjects.php
@@ -15,7 +15,8 @@ class ListProjects extends ListRecords
    protected function getHeaderActions(): array
    {
        return [
-            Actions\CreateAction::make(),
+            Actions\CreateAction::make()
+                ->icon('heroicon-s-plus'),
        ];
    }
 }
--- a/app/Filament/Resources/ReportResource.php
+++ b/app/Filament/Resources/ReportResource.php
@@ -0,0 +1,141 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources;
+
+use App\Filament\Resources\ReportResource\Pages;
+use App\Models\Report;
+use App\Service\Dto\ReportPropertiesDto;
+use Filament\Forms;
+use Filament\Forms\Components\DateTimePicker;
+use Filament\Forms\Components\Toggle;
+use Filament\Forms\Form;
+use Filament\Resources\Resource;
+use Filament\Tables;
+use Filament\Tables\Actions\Action;
+use Filament\Tables\Columns\TextColumn;
+use Filament\Tables\Columns\ToggleColumn;
+use Filament\Tables\Filters\SelectFilter;
+use Filament\Tables\Table;
+use Novadaemon\FilamentPrettyJson\Form\PrettyJsonField;
+
+class ReportResource extends Resource
+{
+    protected static ?string $model = Report::class;
+
+    protected static ?string $navigationIcon = 'heroicon-o-document-chart-bar';
+
+    protected static ?string $navigationGroup = 'Timetracking';
+
+    protected static ?int $navigationSort = 7;
+
+    public static function form(Form $form): Form
+    {
+        return $form
+            ->columns(1)
+            ->schema([
+                Forms\Components\TextInput::make('name')
+                    ->label('Name')
+                    ->required()
+                    ->maxLength(255),
+                Forms\Components\TextInput::make('description')
+                    ->label('Description')
+                    ->nullable()
+                    ->maxLength(255),
+                Toggle::make('is_public')
+                    ->label('Is public?')
+                    ->required(),
+                DateTimePicker::make('public_until')
+                    ->label('Public until')
+                    ->nullable(),
+                Forms\Components\Select::make('organization_id')
+                    ->label('Organization')
+                    ->relationship(name: 'organization', titleAttribute: 'name')
+                    ->searchable(['name'])
+                    ->disabled()
+                    ->required(),
+                Forms\Components\TextInput::make('share_secret')
+                    ->label('Share Secret')
+                    ->nullable(),
+                PrettyJsonField::make('properties')
+                    ->formatStateUsing(function (ReportPropertiesDto $state, Report $record): string {
+                        return $record->getRawOriginal('properties');
+                    })
+                    ->disabled(),
+                Forms\Components\DateTimePicker::make('created_at')
+                    ->label('Created At')
+                    ->hiddenOn(['create'])
+                    ->disabled(),
+                Forms\Components\DateTimePicker::make('updated_at')
+                    ->label('Updated At')
+                    ->hiddenOn(['create'])
+                    ->disabled(),
+            ]);
+    }
+
+    public static function table(Table $table): Table
+    {
+        return $table
+            ->columns([
+                Tables\Columns\TextColumn::make('name')
+                    ->searchable()
+                    ->sortable(),
+                Tables\Columns\TextColumn::make('description')
+                    ->searchable()
+                    ->sortable(),
+                ToggleColumn::make('is_public')
+                    ->label('Is public?')
+                    ->sortable(),
+                TextColumn::make('organization.name')
+                    ->searchable()
+                    ->sortable(),
+                Tables\Columns\TextColumn::make('created_at')
+                    ->dateTime()
+                    ->sortable(),
+                Tables\Columns\TextColumn::make('updated_at')
+                    ->dateTime()
+                    ->sortable()
+                    ->toggleable(isToggledHiddenByDefault: true),
+            ])
+            ->defaultSort('created_at', 'desc')
+            ->filters([
+                SelectFilter::make('organization')
+                    ->label('Organization')
+                    ->relationship('organization', 'name')
+                    ->searchable(),
+                SelectFilter::make('organization_id')
+                    ->label('Organization ID')
+                    ->relationship('organization', 'id')
+                    ->searchable(),
+            ])
+            ->actions([
+                Action::make('public-view')
+                    ->label('Public')
+                    ->icon('heroicon-o-eye')
+                    ->color('gray')
+                    ->hidden(fn (Report $record): bool => $record->getShareableLink() === null)
+                    ->url(fn (Report $record): string => $record->getShareableLink(), true),
+                Tables\Actions\ViewAction::make(),
+                Tables\Actions\EditAction::make(),
+                Tables\Actions\DeleteAction::make(),
+            ])
+            ->bulkActions([
+            ]);
+    }
+
+    public static function getRelations(): array
+    {
+        return [
+        ];
+    }
+
+    public static function getPages(): array
+    {
+        return [
+            'index' => Pages\ListReports::route('/'),
+            'edit' => Pages\EditReport::route('/{record}/edit'),
+            'view' => Pages\ViewReport::route('/{record}'),
+        ];
+    }
+}
--- a/app/Filament/Resources/ReportResource/Pages/EditReport.php
+++ b/app/Filament/Resources/ReportResource/Pages/EditReport.php
@@ -0,0 +1,22 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources\ReportResource\Pages;
+
+use App\Filament\Resources\ReportResource;
+use Filament\Actions;
+use Filament\Resources\Pages\EditRecord;
+
+class EditReport extends EditRecord
+{
+    protected static string $resource = ReportResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+            Actions\DeleteAction::make()
+                ->icon('heroicon-m-trash'),
+        ];
+    }
+}
--- a/app/Filament/Resources/ReportResource/Pages/ListReports.php
+++ b/app/Filament/Resources/ReportResource/Pages/ListReports.php
@@ -0,0 +1,19 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources\ReportResource\Pages;
+
+use App\Filament\Resources\ReportResource;
+use Filament\Resources\Pages\ListRecords;
+
+class ListReports extends ListRecords
+{
+    protected static string $resource = ReportResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+        ];
+    }
+}
--- a/app/Filament/Resources/ReportResource/Pages/ViewReport.php
+++ b/app/Filament/Resources/ReportResource/Pages/ViewReport.php
@@ -0,0 +1,22 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources\ReportResource\Pages;
+
+use App\Filament\Resources\ReportResource;
+use Filament\Actions\EditAction;
+use Filament\Resources\Pages\ViewRecord;
+
+class ViewReport extends ViewRecord
+{
+    protected static string $resource = ReportResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+            EditAction::make('edit')
+                ->icon('heroicon-s-pencil'),
+        ];
+    }
+}
--- a/app/Filament/Resources/TagResource.php
+++ b/app/Filament/Resources/TagResource.php
@@ -60,8 +60,13 @@ class TagResource extends Resource
            ->defaultSort('created_at', 'desc')
            ->filters([
                SelectFilter::make('organization')
+                    ->label('Organization')
                    ->relationship('organization', 'name')
                    ->searchable(),
+                SelectFilter::make('organization_id')
+                    ->label('Organization ID')
+                    ->relationship('organization', 'id')
+                    ->searchable(),
            ])
            ->actions([
                Tables\Actions\EditAction::make(),
--- a/app/Filament/Resources/TagResource/Pages/EditTag.php
+++ b/app/Filament/Resources/TagResource/Pages/EditTag.php
@@ -15,7 +15,8 @@ class EditTag extends EditRecord
    protected function getHeaderActions(): array
    {
        return [
-            Actions\DeleteAction::make(),
+            Actions\DeleteAction::make()
+                ->icon('heroicon-m-trash'),
        ];
    }
 }
--- a/app/Filament/Resources/TagResource/Pages/ListTags.php
+++ b/app/Filament/Resources/TagResource/Pages/ListTags.php
@@ -15,7 +15,8 @@ class ListTags extends ListRecords
    protected function getHeaderActions(): array
    {
        return [
-            Actions\CreateAction::make(),
+            Actions\CreateAction::make()
+                ->icon('heroicon-s-plus'),
        ];
    }
 }
--- a/app/Filament/Resources/TaskResource.php
+++ b/app/Filament/Resources/TaskResource.php
@@ -61,8 +61,13 @@ class TaskResource extends Resource
            ])
            ->filters([
                SelectFilter::make('organization')
+                    ->label('Organization')
                    ->relationship('organization', 'name')
                    ->searchable(),
+                SelectFilter::make('organization_id')
+                    ->label('Organization ID')
+                    ->relationship('organization', 'id')
+                    ->searchable(),
            ])
            ->defaultSort('created_at', 'desc')
            ->actions([
--- a/app/Filament/Resources/TaskResource/Pages/EditTask.php
+++ b/app/Filament/Resources/TaskResource/Pages/EditTask.php
@@ -15,7 +15,8 @@ class EditTask extends EditRecord
    protected function getHeaderActions(): array
    {
        return [
-            Actions\DeleteAction::make(),
+            Actions\DeleteAction::make()
+                ->icon('heroicon-m-trash'),
        ];
    }
 }
--- a/app/Filament/Resources/TaskResource/Pages/ListTasks.php
+++ b/app/Filament/Resources/TaskResource/Pages/ListTasks.php
@@ -15,7 +15,8 @@ class ListTasks extends ListRecords
    protected function getHeaderActions(): array
    {
        return [
-            Actions\CreateAction::make(),
+            Actions\CreateAction::make()
+                ->icon('heroicon-s-plus'),
        ];
    }
 }
--- a/app/Filament/Resources/TimeEntryResource.php
+++ b/app/Filament/Resources/TimeEntryResource.php
@@ -92,8 +92,13 @@ class TimeEntryResource extends Resource
            ])
            ->filters([
                SelectFilter::make('organization')
+                    ->label('Organization')
                    ->relationship('organization', 'name')
                    ->searchable(),
+                SelectFilter::make('organization_id')
+                    ->label('Organization ID')
+                    ->relationship('organization', 'id')
+                    ->searchable(),
            ])
            ->defaultSort('created_at', 'desc')
            ->actions([
--- a/app/Filament/Resources/TimeEntryResource/Pages/EditTimeEntry.php
+++ b/app/Filament/Resources/TimeEntryResource/Pages/EditTimeEntry.php
@@ -15,7 +15,8 @@ class EditTimeEntry extends EditRecord
    protected function getHeaderActions(): array
    {
        return [
-            Actions\DeleteAction::make(),
+            Actions\DeleteAction::make()
+                ->icon('heroicon-m-trash'),
        ];
    }
 }
--- a/app/Filament/Resources/TimeEntryResource/Pages/ListTimeEntries.php
+++ b/app/Filament/Resources/TimeEntryResource/Pages/ListTimeEntries.php
@@ -15,7 +15,8 @@ class ListTimeEntries extends ListRecords
    protected function getHeaderActions(): array
    {
        return [
-            Actions\CreateAction::make(),
+            Actions\CreateAction::make()
+                ->icon('heroicon-s-plus'),
        ];
    }
 }
--- a/app/Filament/Resources/TokenResource.php
+++ b/app/Filament/Resources/TokenResource.php
@@ -0,0 +1,148 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources;
+
+use App\Filament\Resources\TokenResource\Pages;
+use App\Models\Passport\Client;
+use App\Models\Passport\Token;
+use Filament\Forms;
+use Filament\Forms\Form;
+use Filament\Resources\Resource;
+use Filament\Tables;
+use Filament\Tables\Filters\TernaryFilter;
+use Filament\Tables\Table;
+use Illuminate\Database\Eloquent\Builder;
+
+class TokenResource extends Resource
+{
+    protected static ?string $model = Token::class;
+
+    protected static ?string $navigationIcon = 'heroicon-o-key';
+
+    protected static ?string $navigationGroup = 'Auth';
+
+    protected static ?int $navigationSort = 6;
+
+    public static function form(Form $form): Form
+    {
+        return $form
+            ->columns(1)
+            ->schema([
+                Forms\Components\TextInput::make('id')
+                    ->label('ID')
+                    ->disabled()
+                    ->visibleOn(['update', 'show'])
+                    ->readOnly()
+                    ->maxLength(255),
+                Forms\Components\TextInput::make('name')
+                    ->label('Name')
+                    ->required()
+                    ->maxLength(255),
+                Forms\Components\Select::make('user_id')
+                    ->label('User')
+                    ->relationship(name: 'user', titleAttribute: 'name')
+                    ->searchable(['name'])
+                    ->disabled()
+                    ->required(),
+                Forms\Components\Select::make('client_id')
+                    ->label('Client')
+                    ->relationship(name: 'client', titleAttribute: 'name')
+                    ->searchable(['name'])
+                    ->required(),
+                Forms\Components\Toggle::make('revoked')
+                    ->label('Revoked')
+                    ->required(),
+                Forms\Components\DateTimePicker::make('expires_at')
+                    ->label('Expires At')
+                    ->disabled(),
+                Forms\Components\DateTimePicker::make('created_at')
+                    ->label('Created At')
+                    ->disabled(),
+                Forms\Components\DateTimePicker::make('updated_at')
+                    ->label('Updated At')
+                    ->disabled(),
+            ]);
+    }
+
+    public static function table(Table $table): Table
+    {
+        return $table
+            ->columns([
+                Tables\Columns\TextColumn::make('name')
+                    ->searchable()
+                    ->sortable(),
+                Tables\Columns\TextColumn::make('user.name')
+                    ->searchable()
+                    ->sortable(),
+                Tables\Columns\TextColumn::make('client.name')
+                    ->searchable()
+                    ->sortable(),
+                Tables\Columns\IconColumn::make('client.personal_access_client')
+                    ->boolean()
+                    ->label('API token?')
+                    ->sortable(),
+                Tables\Columns\IconColumn::make('revoked')
+                    ->boolean()
+                    ->label('Revoked?')
+                    ->sortable(),
+                Tables\Columns\TextColumn::make('expires_at')
+                    ->dateTime()
+                    ->sortable(),
+                Tables\Columns\TextColumn::make('created_at')
+                    ->dateTime()
+                    ->sortable(),
+                Tables\Columns\TextColumn::make('updated_at')
+                    ->dateTime()
+                    ->sortable()
+                    ->toggleable(isToggledHiddenByDefault: true),
+            ])
+            ->defaultSort('created_at', 'desc')
+            ->filters([
+                TernaryFilter::make('is_personal_access_client')
+                    ->queries(
+                        true: function (Builder $query) {
+                            /** @var Builder<Token> $query */
+                            return $query->whereHas('client', function (Builder $query) {
+                                /** @var Builder<Client> $query */
+                                return $query->where('personal_access_client', true);
+                            });
+                        },
+                        false: function (Builder $query) {
+                            /** @var Builder<Token> $query */
+                            return $query->whereHas('client', function (Builder $query) {
+                                /** @var Builder<Client> $query */
+                                return $query->where('personal_access_client', false);
+                            });
+                        },
+                        blank: function (Builder $query) {
+                            /** @var Builder<Token> $query */
+                            return $query;
+                        },
+                    )
+                    ->label('API token?'),
+                TernaryFilter::make('revoked')
+                    ->label('Revoked?'),
+            ])
+            ->actions([
+                Tables\Actions\ViewAction::make(),
+            ])
+            ->bulkActions([
+            ]);
+    }
+
+    public static function getRelations(): array
+    {
+        return [
+        ];
+    }
+
+    public static function getPages(): array
+    {
+        return [
+            'index' => Pages\ListTokens::route('/'),
+            'view' => Pages\ViewToken::route('/{record}'),
+        ];
+    }
+}
--- a/app/Filament/Resources/TokenResource/Pages/ListTokens.php
+++ b/app/Filament/Resources/TokenResource/Pages/ListTokens.php
@@ -0,0 +1,19 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources\TokenResource\Pages;
+
+use App\Filament\Resources\TokenResource;
+use Filament\Resources\Pages\ListRecords;
+
+class ListTokens extends ListRecords
+{
+    protected static string $resource = TokenResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+        ];
+    }
+}
--- a/app/Filament/Resources/TokenResource/Pages/ViewToken.php
+++ b/app/Filament/Resources/TokenResource/Pages/ViewToken.php
@@ -0,0 +1,19 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Filament\Resources\TokenResource\Pages;
+
+use App\Filament\Resources\TokenResource;
+use Filament\Resources\Pages\ViewRecord;
+
+class ViewToken extends ViewRecord
+{
+    protected static string $resource = TokenResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+        ];
+    }
+}
--- a/app/Filament/Resources/UserResource.php
+++ b/app/Filament/Resources/UserResource.php
@@ -5,21 +5,27 @@ declare(strict_types=1);
 namespace App\Filament\Resources;

 use App\Enums\Weekday;
+use App\Exceptions\Api\ApiException;
 use App\Filament\Resources\UserResource\Pages;
 use App\Filament\Resources\UserResource\RelationManagers\OrganizationsRelationManager;
 use App\Filament\Resources\UserResource\RelationManagers\OwnedOrganizationsRelationManager;
 use App\Models\User;
+use App\Service\DeletionService;
 use App\Service\TimezoneService;
+use Brick\Money\ISOCurrencyProvider;
 use Exception;
 use Filament\Forms;
 use Filament\Forms\Components\TextInput;
 use Filament\Forms\Form;
+use Filament\Notifications\Notification;
 use Filament\Resources\Resource;
 use Filament\Tables;
 use Filament\Tables\Filters\TernaryFilter;
 use Filament\Tables\Table;
 use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Hash;
+use Korridor\LaravelModelValidationRules\Rules\UniqueEloquent;
 use STS\FilamentImpersonate\Tables\Actions\Impersonate;

 class UserResource extends Resource
@@ -34,6 +40,9 @@ class UserResource extends Resource

    public static function form(Form $form): Form
    {
+        /** @var User|null $record */
+        $record = $form->getRecord();
+
        return $form
            ->columns(1)
            ->schema([
@@ -50,12 +59,25 @@ class UserResource extends Resource
                Forms\Components\TextInput::make('email')
                    ->label('Email')
                    ->required()
+                    ->rules($record?->is_placeholder ? [] : [
+                        UniqueEloquent::make(User::class, 'email')
+                            ->ignore($record?->getKey()),
+                    ])
+                    ->rule([
+                        'email',
+                    ])
                    ->maxLength(255),
                Forms\Components\Toggle::make('is_placeholder')
-                    ->label('Is Placeholder'),
+                    ->label('Is Placeholder?')
+                    ->hiddenOn(['create'])
+                    ->disabledOn(['edit']),
                Forms\Components\DateTimePicker::make('email_verified_at')
                    ->label('Email Verified At')
+                    ->hiddenOn(['create'])
                    ->nullable(),
+                Forms\Components\Toggle::make('is_email_verified')
+                    ->label('Email Verified?')
+                    ->visibleOn(['create']),
                Forms\Components\Select::make('timezone')
                    ->label('Timezone')
                    ->options(fn (): array => app(TimezoneService::class)->getSelectOptions())
@@ -67,15 +89,39 @@ class UserResource extends Resource
                    ->required(),
                TextInput::make('password')
                    ->password()
+                    ->label('Password')
                    ->dehydrateStateUsing(fn ($state) => Hash::make($state))
                    ->dehydrated(fn ($state) => filled($state))
+                    ->hiddenOn(['create'])
                    ->required(fn (string $context): bool => $context === 'create')
                    ->maxLength(255),
+                TextInput::make('password_create')
+                    ->password()
+                    ->label('Password')
+                    ->visibleOn(['create'])
+                    ->required(fn (string $context): bool => $context === 'create')
+                    ->maxLength(255),
+                Forms\Components\Select::make('currency')
+                    ->label('Currency (Personal Organization)')
+                    ->options(function (): array {
+                        $currencies = ISOCurrencyProvider::getInstance()->getAvailableCurrencies();
+                        $select = [];
+                        foreach ($currencies as $currency) {
+                            $select[$currency->getCurrencyCode()] = $currency->getName().' ('.$currency->getCurrencyCode().')';
+                        }
+
+                        return $select;
+                    })
+                    ->required()
+                    ->visibleOn(['create'])
+                    ->searchable(),
                Forms\Components\DateTimePicker::make('created_at')
                    ->label('Created At')
+                    ->hiddenOn(['create'])
                    ->disabled(),
                Forms\Components\DateTimePicker::make('updated_at')
                    ->label('Updated At')
+                    ->hiddenOn(['create'])
                    ->disabled(),
            ]);
    }
@@ -145,11 +191,22 @@ class UserResource extends Resource
                    }
                }),
                Tables\Actions\EditAction::make(),
+                Tables\Actions\DeleteAction::make()
+                    ->hidden(fn (User $record) => $record->is(Auth::user()))
+                    ->using(function (User $record): void {
+                        try {
+                            app(DeletionService::class)->deleteUser($record);
+                        } catch (ApiException $exception) {
+                            Notification::make()
+                                ->danger()
+                                ->title('Delete failed')
+                                ->body($exception->getTranslatedMessage())
+                                ->persistent()
+                                ->send();
+                        }
+                    }),
            ])
            ->bulkActions([
-                Tables\Actions\BulkActionGroup::make([
-                    Tables\Actions\DeleteBulkAction::make(),
-                ]),
            ]);
    }

--- a/app/Filament/Resources/UserResource/Pages/CreateUser.php
+++ b/app/Filament/Resources/UserResource/Pages/CreateUser.php
@@ -4,24 +4,29 @@ declare(strict_types=1);

 namespace App\Filament\Resources\UserResource\Pages;

+use App\Enums\Weekday;
 use App\Filament\Resources\UserResource;
-use App\Models\Organization;
 use App\Models\User;
+use App\Service\UserService;
 use Filament\Resources\Pages\CreateRecord;

 class CreateUser extends CreateRecord
 {
    protected static string $resource = UserResource::class;

-    protected function afterCreate(): void
+    protected function handleRecordCreation(array $data): User
    {
-        /** @var User $user */
-        $user = $this->record;
+        $userService = app(UserService::class);
+        $user = $userService->createUser(
+            $data['name'],
+            $data['email'],
+            $data['password_create'],
+            $data['timezone'],
+            Weekday::from($data['week_start']),
+            $data['currency'],
+            verifyEmail: (bool) $data['is_email_verified']
+        );

-        $user->ownedTeams()->save(Organization::forceCreate([
-            'user_id' => $user->id,
-            'name' => explode(' ', $user->name, 2)[0]."'s Organization",
-            'personal_team' => true,
-        ]));
+        return $user;
    }
 }
--- a/app/Filament/Resources/UserResource/Pages/ListUsers.php
+++ b/app/Filament/Resources/UserResource/Pages/ListUsers.php
@@ -15,7 +15,8 @@ class ListUsers extends ListRecords
    protected function getHeaderActions(): array
    {
        return [
-            Actions\CreateAction::make(),
+            Actions\CreateAction::make()
+                ->icon('heroicon-s-plus'),
        ];
    }
 }
--- a/app/Filament/Resources/UserResource/Pages/ViewUser.php
+++ b/app/Filament/Resources/UserResource/Pages/ViewUser.php
@@ -7,6 +7,7 @@ namespace App\Filament\Resources\UserResource\Pages;
 use App\Filament\Resources\UserResource;
 use Filament\Actions\EditAction;
 use Filament\Resources\Pages\ViewRecord;
+use STS\FilamentImpersonate\Pages\Actions\Impersonate;

 class ViewUser extends ViewRecord
 {
@@ -15,6 +16,7 @@ class ViewUser extends ViewRecord
    protected function getHeaderActions(): array
    {
        return [
+            Impersonate::make()->record($this->getRecord()),
            EditAction::make('edit')
                ->icon('heroicon-s-pencil'),
        ];
--- a/app/Filament/Resources/UserResource/RelationManagers/OrganizationsRelationManager.php
+++ b/app/Filament/Resources/UserResource/RelationManagers/OrganizationsRelationManager.php
@@ -5,15 +5,18 @@ declare(strict_types=1);
 namespace App\Filament\Resources\UserResource\RelationManagers;

 use App\Enums\Role;
+use App\Exceptions\Api\ApiException;
 use App\Filament\Resources\OrganizationResource;
+use App\Models\Member;
 use App\Models\Organization;
+use App\Models\User;
+use App\Service\MemberService;
 use Filament\Forms\Components\Select;
-use Filament\Forms\Components\TextInput;
 use Filament\Forms\Form;
+use Filament\Notifications\Notification;
 use Filament\Resources\RelationManagers\RelationManager;
 use Filament\Tables;
 use Filament\Tables\Actions\Action;
-use Filament\Tables\Actions\AttachAction;
 use Filament\Tables\Columns\TextColumn;
 use Filament\Tables\Table;

@@ -27,10 +30,6 @@ class OrganizationsRelationManager extends RelationManager
            ->schema([
                Select::make('role')
                    ->options(Role::class),
-                TextInput::make('billable_rate')
-                    ->label('Billable rate (in Cents)')
-                    ->nullable()
-                    ->numeric(),
            ]);
    }

@@ -41,15 +40,11 @@ class OrganizationsRelationManager extends RelationManager
            ->columns([
                TextColumn::make('name'),
                TextColumn::make('role'),
-                TextColumn::make('billable_rate')
-                    ->money(fn (Organization $resource) => $resource->currency ?? 'EUR', divideBy: 100),
+                TextColumn::make('membership.billable_rate')
+                    ->label('Billable rate')
+                    ->money(fn (Organization $resource) => $resource->currency, divideBy: 100),
            ])
            ->headerActions([
-                Tables\Actions\AttachAction::make()->form(fn (AttachAction $action): array => [
-                    $action->getRecordSelect(),
-                    Select::make('role')
-                        ->options(Role::class),
-                ]),
            ])
            ->actions([
                Action::make('view')
@@ -58,13 +53,48 @@ class OrganizationsRelationManager extends RelationManager
                    ->url(fn (Organization $record): string => OrganizationResource::getUrl('view', [
                        'record' => $record->getKey(),
                    ])),
-                Tables\Actions\EditAction::make(),
-                Tables\Actions\DetachAction::make(),
+                Tables\Actions\EditAction::make()
+                    ->using(function (Organization $record, array $data): Organization {
+                        /** @var Member $member */
+                        $member = $record->getRelation('membership');
+
+                        if ($data['role'] !== $member->role) {
+                            try {
+                                app(MemberService::class)->changeRole($member, $record, Role::from($data['role']), true);
+                            } catch (ApiException $exception) {
+                                Notification::make()
+                                    ->danger()
+                                    ->title('Update failed')
+                                    ->body($exception->getTranslatedMessage())
+                                    ->persistent()
+                                    ->send();
+                            }
+                        }
+                        $member->save();
+
+                        return $record;
+                    }),
+                Tables\Actions\DetachAction::make()
+                    ->using(function (Organization $record): void {
+                        /** @var User $user */
+                        $user = $this->getOwnerRecord();
+                        $member = Member::query()
+                            ->whereBelongsTo($user, 'user')
+                            ->whereBelongsTo($record, 'organization')
+                            ->firstOrFail();
+                        try {
+                            app(MemberService::class)->removeMember($member, $record);
+                        } catch (ApiException $exception) {
+                            Notification::make()
+                                ->danger()
+                                ->title('Delete failed')
+                                ->body($exception->getTranslatedMessage())
+                                ->persistent()
+                                ->send();
+                        }
+                    }),
            ])
            ->bulkActions([
-                Tables\Actions\BulkActionGroup::make([
-                    Tables\Actions\DetachBulkAction::make(),
-                ]),
            ]);
    }
 }
--- a/app/Filament/Widgets/ActiveUserOverview.php
+++ b/app/Filament/Widgets/ActiveUserOverview.php
@@ -14,7 +14,7 @@ class ActiveUserOverview extends BaseWidget
 {
    protected static ?int $sort = 1;

-    protected static ?string $heading = 'A Registrations';
+    protected ?string $heading = 'A Registrations';

    protected function getCards(): array
    {
--- a/app/Http/Controllers/Api/V1/ApiTokenController.php
+++ b/app/Http/Controllers/Api/V1/ApiTokenController.php
@@ -0,0 +1,114 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Controllers\Api\V1;
+
+use App\Exceptions\Api\PersonalAccessClientIsNotConfiguredException;
+use App\Http\Requests\V1\ApiToken\ApiTokenStoreRequest;
+use App\Http\Resources\V1\ApiToken\ApiTokenCollection;
+use App\Http\Resources\V1\ApiToken\ApiTokenWithAccessTokenResource;
+use App\Models\Passport\Token;
+use Illuminate\Auth\Access\AuthorizationException;
+use Illuminate\Http\JsonResponse;
+
+class ApiTokenController extends Controller
+{
+    /**
+     * List all api token of the currently authenticated user
+     *
+     * This endpoint is independent of organization.
+     *
+     * @operationId getApiTokens
+     *
+     * @throws AuthorizationException
+     */
+    public function index(): ApiTokenCollection
+    {
+        $user = $this->user();
+
+        $tokens = $user->tokens()
+            ->where('client_id', '=', config('passport.personal_access_client.id'))
+            ->get();
+
+        return new ApiTokenCollection($tokens);
+    }
+
+    /**
+     * Create a new api token for the currently authenticated user
+     *
+     * The response will contain the access token that can be used to send authenticated API requests.
+     * Please note that the access token is only shown in this response and cannot be retrieved later.
+     *
+     * @operationId createApiToken
+     *
+     * @throws AuthorizationException|PersonalAccessClientIsNotConfiguredException
+     */
+    public function store(ApiTokenStoreRequest $request): ApiTokenWithAccessTokenResource
+    {
+        $user = $this->user();
+
+        if (config('passport.personal_access_client.id') === null || config('passport.personal_access_client.secret') === null) {
+            throw new PersonalAccessClientIsNotConfiguredException;
+        }
+
+        $token = $user->createToken($request->getName(), ['*']);
+        /** @var Token $tokenModel */
+        $tokenModel = $token->token;
+
+        return new ApiTokenWithAccessTokenResource($tokenModel, $token->accessToken);
+    }
+
+    /**
+     * Revoke an api token
+     *
+     * @operationId revokeApiToken
+     *
+     * @throws AuthorizationException
+     * @throws PersonalAccessClientIsNotConfiguredException
+     */
+    public function revoke(Token $apiToken): JsonResponse
+    {
+        $user = $this->user();
+
+        if (config('passport.personal_access_client.id') === null || config('passport.personal_access_client.secret') === null) {
+            throw new PersonalAccessClientIsNotConfiguredException;
+        }
+        if ($apiToken->user_id !== $user->getKey()) {
+            throw new AuthorizationException('API token does not belong to user');
+        }
+        if ($apiToken->client_id !== config('passport.personal_access_client.id')) {
+            throw new AuthorizationException('API token is not a personal access token');
+        }
+
+        $apiToken->revoke();
+
+        return response()->json(null, 204);
+    }
+
+    /**
+     * Delete an api token
+     *
+     * @operationId deleteApiToken
+     *
+     * @throws AuthorizationException|PersonalAccessClientIsNotConfiguredException
+     */
+    public function destroy(Token $apiToken): JsonResponse
+    {
+        $user = $this->user();
+
+        if (config('passport.personal_access_client.id') === null || config('passport.personal_access_client.secret') === null) {
+            throw new PersonalAccessClientIsNotConfiguredException;
+        }
+        if ($apiToken->user_id !== $user->getKey()) {
+            throw new AuthorizationException('API token does not belong to user');
+        }
+        if ($apiToken->client_id !== config('passport.personal_access_client.id')) {
+            throw new AuthorizationException('API token is not a personal access token');
+        }
+
+        $apiToken->delete();
+
+        return response()->json(null, 204);
+    }
+}
--- a/app/Http/Controllers/Api/V1/ChartController.php
+++ b/app/Http/Controllers/Api/V1/ChartController.php
@@ -0,0 +1,172 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Controllers\Api\V1;
+
+use App\Enums\Role;
+use App\Models\Organization;
+use App\Service\DashboardService;
+use App\Service\PermissionStore;
+use Illuminate\Auth\Access\AuthorizationException;
+use Illuminate\Http\JsonResponse;
+
+class ChartController extends Controller
+{
+    /**
+     * @throws AuthorizationException
+     *
+     * @operationId weeklyProjectOverview
+     *
+     * @response array<int, array{value: int, name: string, color: string}>
+     */
+    public function weeklyProjectOverview(Organization $organization, DashboardService $dashboardService): JsonResponse
+    {
+        $this->checkPermission($organization, 'charts:view:own');
+        $user = $this->user();
+
+        $weeklyProjectOverview = $dashboardService->weeklyProjectOverview($user, $organization);
+
+        return response()->json($weeklyProjectOverview);
+    }
+
+    /**
+     * @throws AuthorizationException
+     *
+     * @operationId latestTasks
+     *
+     * @response array<int, array{task_id: string, name: string, description: string|null, status: bool, time_entry_id: string|null}>
+     */
+    public function latestTasks(Organization $organization, DashboardService $dashboardService): JsonResponse
+    {
+        $this->checkPermission($organization, 'charts:view:own');
+        $user = $this->user();
+
+        $latestTasks = $dashboardService->latestTasks($user, $organization);
+
+        return response()->json($latestTasks);
+    }
+
+    /**
+     * @throws AuthorizationException
+     *
+     * @operationId lastSevenDays
+     *
+     * @response array<int, array{ date: string, duration: int, history: array<int> }>
+     */
+    public function lastSevenDays(Organization $organization, DashboardService $dashboardService): JsonResponse
+    {
+        $this->checkPermission($organization, 'charts:view:own');
+        $user = $this->user();
+
+        $lastSevenDays = $dashboardService->lastSevenDays($user, $organization);
+
+        return response()->json($lastSevenDays);
+    }
+
+    /**
+     * @throws AuthorizationException
+     *
+     * @operationId latestTeamActivity
+     *
+     * @response array<int, array{member_id: string, name: string, description: string|null, time_entry_id: string, task_id: string|null, status: bool }>
+     */
+    public function latestTeamActivity(Organization $organization, DashboardService $dashboardService, PermissionStore $permissionStore): JsonResponse
+    {
+        $this->checkPermission($organization, 'charts:view:all');
+
+        $latestTeamActivity = $dashboardService->latestTeamActivity($organization);
+
+        return response()->json($latestTeamActivity);
+    }
+
+    /**
+     * @throws AuthorizationException
+     *
+     * @operationId dailyTrackedHours
+     *
+     * @response array<int, array{date: string, duration: int}>
+     */
+    public function dailyTrackedHours(Organization $organization, DashboardService $dashboardService): JsonResponse
+    {
+        $this->checkPermission($organization, 'charts:view:own');
+        $user = $this->user();
+
+        $dailyTrackedHours = $dashboardService->getDailyTrackedHours($user, $organization, 60);
+
+        return response()->json($dailyTrackedHours);
+    }
+
+    /**
+     * @throws AuthorizationException
+     *
+     * @operationId totalWeeklyTime
+     *
+     * @response int
+     */
+    public function totalWeeklyTime(Organization $organization, DashboardService $dashboardService): JsonResponse
+    {
+        $this->checkPermission($organization, 'charts:view:own');
+        $user = $this->user();
+
+        $totalWeeklyTime = $dashboardService->totalWeeklyTime($user, $organization);
+
+        return response()->json($totalWeeklyTime);
+    }
+
+    /**
+     * @throws AuthorizationException
+     *
+     * @operationId totalWeeklyBillableTime
+     *
+     * @response int
+     */
+    public function totalWeeklyBillableTime(Organization $organization, DashboardService $dashboardService): JsonResponse
+    {
+        $this->checkPermission($organization, 'charts:view:own');
+        $user = $this->user();
+
+        $totalWeeklyBillableTime = $dashboardService->totalWeeklyBillableTime($user, $organization);
+
+        return response()->json($totalWeeklyBillableTime);
+    }
+
+    /**
+     * @throws AuthorizationException
+     *
+     * @operationId totalWeeklyBillableAmount
+     *
+     * @response array{value: int, currency: string}
+     */
+    public function totalWeeklyBillableAmount(Organization $organization, DashboardService $dashboardService): JsonResponse
+    {
+        $this->checkPermission($organization, 'charts:view:own');
+        $user = $this->user();
+
+        $showBillableRate = $this->member($organization)->role !== Role::Employee->value || $organization->employees_can_see_billable_rates;
+        if (! $showBillableRate) {
+            throw new AuthorizationException('You do not have permission to view billable rates.');
+        }
+
+        $totalWeeklyBillableAmount = $dashboardService->totalWeeklyBillableAmount($user, $organization);
+
+        return response()->json($totalWeeklyBillableAmount);
+    }
+
+    /**
+     * @throws AuthorizationException
+     *
+     * @operationId weeklyHistory
+     *
+     * @response array<int, array{date: string, duration: int}>
+     */
+    public function weeklyHistory(Organization $organization, DashboardService $dashboardService): JsonResponse
+    {
+        $this->checkPermission($organization, 'charts:view:own');
+        $user = $this->user();
+
+        $weeklyHistory = $dashboardService->getWeeklyHistory($user, $organization);
+
+        return response()->json($weeklyHistory);
+    }
+}
--- a/app/Http/Controllers/Api/V1/CurrencyController.php
+++ b/app/Http/Controllers/Api/V1/CurrencyController.php
@@ -0,0 +1,37 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Controllers\Api\V1;
+
+use App\Http\Controllers\Controller;
+use App\Service\CurrencyService;
+use Brick\Money\Currency;
+use Brick\Money\ISOCurrencyProvider;
+use Illuminate\Http\JsonResponse;
+
+class CurrencyController extends Controller
+{
+    /**
+     * Get all currencies
+     *
+     * @response array{code: string, name: string, symbol: string}[]
+     *
+     * @operationId getCurrencies
+     */
+    public function index(): JsonResponse
+    {
+        $currencyService = app(CurrencyService::class);
+
+        $currencies = array_values(array_map(
+            fn (Currency $currency): array => [
+                'code' => $currency->getCurrencyCode(),
+                'name' => $currency->getName(),
+                'symbol' => $currencyService->getCurrencySymbol($currency->getCurrencyCode()),
+            ],
+            ISOCurrencyProvider::getInstance()->getAvailableCurrencies()
+        ));
+
+        return response()->json($currencies);
+    }
+}
--- a/app/Http/Controllers/Api/V1/InvitationController.php
+++ b/app/Http/Controllers/Api/V1/InvitationController.php
@@ -9,13 +9,12 @@ use App\Http\Requests\V1\Invitation\InvitationIndexRequest;
 use App\Http\Requests\V1\Invitation\InvitationStoreRequest;
 use App\Http\Resources\V1\Invitation\InvitationCollection;
 use App\Http\Resources\V1\Invitation\InvitationResource;
-use App\Mail\OrganizationInvitationMail;
 use App\Models\Organization;
 use App\Models\OrganizationInvitation;
 use App\Service\InvitationService;
+use App\Service\OrganizationInvitationService;
 use Illuminate\Auth\Access\AuthorizationException;
 use Illuminate\Http\JsonResponse;
-use Illuminate\Support\Facades\Mail;

 class InvitationController extends Controller
 {
@@ -73,12 +72,11 @@ class InvitationController extends Controller
     *
     * @operationId resendInvitationEmail
     */
-    public function resend(Organization $organization, OrganizationInvitation $invitation): JsonResponse
+    public function resend(Organization $organization, OrganizationInvitation $invitation, OrganizationInvitationService $organizationInvitationService): JsonResponse
    {
        $this->checkPermission($organization, 'invitations:resend', $invitation);

-        Mail::to($invitation->email)
-            ->queue(new OrganizationInvitationMail($invitation));
+        $organizationInvitationService->resend($invitation);

        return response()->json(null, 204);
    }
--- a/app/Http/Controllers/Api/V1/MemberController.php
+++ b/app/Http/Controllers/Api/V1/MemberController.php
@@ -6,27 +6,31 @@ namespace App\Http\Controllers\Api\V1;

 use App\Enums\Role;
 use App\Events\MemberMadeToPlaceholder;
-use App\Events\MemberRemoved;
 use App\Exceptions\Api\CanNotRemoveOwnerFromOrganization;
+use App\Exceptions\Api\ChangingRoleOfPlaceholderIsNotAllowed;
 use App\Exceptions\Api\ChangingRoleToPlaceholderIsNotAllowed;
 use App\Exceptions\Api\EntityStillInUseApiException;
 use App\Exceptions\Api\OnlyOwnerCanChangeOwnership;
+use App\Exceptions\Api\OnlyPlaceholdersCanBeMergedIntoAnotherMember;
 use App\Exceptions\Api\OrganizationNeedsAtLeastOneOwner;
+use App\Exceptions\Api\ThisPlaceholderCanNotBeInvitedUseTheMergeToolInsteadException;
+use App\Exceptions\Api\UserIsAlreadyMemberOfOrganizationApiException;
 use App\Exceptions\Api\UserNotPlaceholderApiException;
 use App\Http\Requests\V1\Member\MemberIndexRequest;
+use App\Http\Requests\V1\Member\MemberMergeIntoRequest;
 use App\Http\Requests\V1\Member\MemberUpdateRequest;
 use App\Http\Resources\V1\Member\MemberCollection;
 use App\Http\Resources\V1\Member\MemberResource;
 use App\Models\Member;
 use App\Models\Organization;
-use App\Models\ProjectMember;
-use App\Models\TimeEntry;
 use App\Service\BillableRateService;
 use App\Service\InvitationService;
 use App\Service\MemberService;
 use Illuminate\Auth\Access\AuthorizationException;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Resources\Json\JsonResource;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Str;

 class MemberController extends Controller
 {
@@ -66,6 +70,7 @@ class MemberController extends Controller
     * @throws OrganizationNeedsAtLeastOneOwner
     * @throws OnlyOwnerCanChangeOwnership
     * @throws ChangingRoleToPlaceholderIsNotAllowed
+     * @throws ChangingRoleOfPlaceholderIsNotAllowed
     *
     * @operationId updateMember
     */
@@ -80,22 +85,8 @@ class MemberController extends Controller
        }
        if ($request->has('role') && $member->role !== $request->getRole()->value) {
            $newRole = $request->getRole();
-            $oldRole = Role::from($member->role);
-            if ($oldRole === Role::Owner) {
-                throw new OrganizationNeedsAtLeastOneOwner;
-            }
-            if ($newRole === Role::Placeholder) {
-                throw new ChangingRoleToPlaceholderIsNotAllowed;
-            }
-            if ($newRole === Role::Owner) {
-                if ($this->hasPermission($organization, 'members:change-ownership')) {
-                    $memberService->changeOwnership($organization, $member);
-                } else {
-                    throw new OnlyOwnerCanChangeOwnership;
-                }
-            } else {
-                $member->role = $request->getRole()->value;
-            }
+            $allowOwnerChange = $this->hasPermission($organization, 'members:change-ownership');
+            $memberService->changeRole($member, $organization, $newRole, $allowOwnerChange);
        }
        $member->save();

@@ -109,29 +100,22 @@ class MemberController extends Controller
     *
     * @operationId removeMember
     */
-    public function destroy(Organization $organization, Member $member): JsonResponse
+    public function destroy(Organization $organization, Member $member, MemberService $memberService): JsonResponse
    {
        $this->checkPermission($organization, 'members:delete', $member);

-        if (TimeEntry::query()->where('user_id', $member->user_id)->whereBelongsTo($organization, 'organization')->exists()) {
-            throw new EntityStillInUseApiException('member', 'time_entry');
-        }
-        if (ProjectMember::query()->whereBelongsToOrganization($organization)->where('user_id', $member->user_id)->exists()) {
-            throw new EntityStillInUseApiException('member', 'project_member');
-        }
-        if ($member->role === Role::Owner->value) {
-            throw new CanNotRemoveOwnerFromOrganization;
-        }
-
-        $member->delete();
-        MemberRemoved::dispatch($member, $organization);
+        $memberService->removeMember($member, $organization);

        return response()
            ->json(null, 204);
    }

    /**
-     * @throws AuthorizationException|CanNotRemoveOwnerFromOrganization
+     * Make a member a placeholder member
+     *
+     * @throws AuthorizationException|CanNotRemoveOwnerFromOrganization|ChangingRoleOfPlaceholderIsNotAllowed
+     *
+     * @operationId makePlaceholder
     */
    public function makePlaceholder(Organization $organization, Member $member, MemberService $memberService): JsonResponse
    {
@@ -140,6 +124,9 @@ class MemberController extends Controller
        if ($member->role === Role::Owner->value) {
            throw new CanNotRemoveOwnerFromOrganization;
        }
+        if ($member->role === Role::Placeholder->value) {
+            throw new ChangingRoleOfPlaceholderIsNotAllowed;
+        }

        $memberService->makeMemberToPlaceholder($member);

@@ -148,10 +135,41 @@ class MemberController extends Controller
        return response()->json(null, 204);
    }

+    /**
+     * Merge one member into another
+     *
+     * @throws AuthorizationException
+     * @throws OnlyPlaceholdersCanBeMergedIntoAnotherMember
+     * @throws \Throwable
+     *
+     * @operationId mergeMember
+     */
+    public function mergeInto(Organization $organization, Member $member, MemberMergeIntoRequest $request, MemberService $memberService): JsonResponse
+    {
+        $this->checkPermission($organization, 'members:merge-into', $member);
+
+        $user = $member->user;
+        if ($member->role !== Role::Placeholder->value || ! $user->is_placeholder) {
+            throw new OnlyPlaceholdersCanBeMergedIntoAnotherMember;
+        }
+        $memberTo = Member::findOrFail($request->getMemberId());
+
+        DB::transaction(function () use ($organization, $member, $user, $memberTo, $memberService): void {
+            $memberService->assignOrganizationEntitiesToDifferentMember($organization, $member, $memberTo);
+            $member->delete();
+            $user->delete();
+        });
+
+        return response()->json(null, 204);
+    }
+
    /**
     * Invite a placeholder member to become a real member of the organization
     *
-     * @throws AuthorizationException|UserNotPlaceholderApiException
+     * @throws AuthorizationException
+     * @throws UserNotPlaceholderApiException
+     * @throws UserIsAlreadyMemberOfOrganizationApiException
+     * @throws ThisPlaceholderCanNotBeInvitedUseTheMergeToolInsteadException
     *
     * @operationId invitePlaceholder
     */
@@ -164,6 +182,10 @@ class MemberController extends Controller
            throw new UserNotPlaceholderApiException;
        }

+        if (Str::endsWith($user->email, '@solidtime-import.test')) {
+            throw new ThisPlaceholderCanNotBeInvitedUseTheMergeToolInsteadException;
+        }
+
        $invitationService->inviteUser($organization, $user->email, Role::Employee);

        return response()->json(null, 204);
--- a/app/Http/Controllers/Api/V1/OrganizationController.php
+++ b/app/Http/Controllers/Api/V1/OrganizationController.php
@@ -40,15 +40,35 @@ class OrganizationController extends Controller
    {
        $this->checkPermission($organization, 'organizations:update');

-        $organization->name = $request->input('name');
-        $oldBillableRate = $organization->billable_rate;
-        if ($request->has('employees_can_see_billable_rates')) {
-            $organization->employees_can_see_billable_rates = $request->validated('employees_can_see_billable_rates');
+        if ($request->getName() !== null) {
+            $organization->name = $request->getName();
+        }
+        if ($request->getEmployeesCanSeeBillableRates() !== null) {
+            $organization->employees_can_see_billable_rates = $request->getEmployeesCanSeeBillableRates();
+        }
+        if ($request->getNumberFormat() !== null) {
+            $organization->number_format = $request->getNumberFormat();
+        }
+        if ($request->getCurrencyFormat() !== null) {
+            $organization->currency_format = $request->getCurrencyFormat();
+        }
+        if ($request->getDateFormat() !== null) {
+            $organization->date_format = $request->getDateFormat();
+        }
+        if ($request->getIntervalFormat() !== null) {
+            $organization->interval_format = $request->getIntervalFormat();
+        }
+        if ($request->getTimeFormat() !== null) {
+            $organization->time_format = $request->getTimeFormat();
+        }
+        $hasBillableRate = $request->has('billable_rate');
+        if ($hasBillableRate) {
+            $oldBillableRate = $organization->billable_rate;
+            $organization->billable_rate = $request->getBillableRate();
        }
-        $organization->billable_rate = $request->getBillableRate();
        $organization->save();

-        if ($oldBillableRate !== $request->getBillableRate()) {
+        if ($hasBillableRate && $oldBillableRate !== $request->getBillableRate()) {
            $billableRateService->updateTimeEntriesBillableRateForOrganization($organization);
        }

--- a/app/Http/Controllers/Api/V1/ProjectController.php
+++ b/app/Http/Controllers/Api/V1/ProjectController.php
@@ -102,6 +102,7 @@ class ProjectController extends Controller
        $project->is_billable = (bool) $request->input('is_billable');
        $project->billable_rate = $request->getBillableRate();
        $project->client_id = $request->input('client_id');
+        $project->is_public = $request->getIsPublic();
        if ($this->canAccessPremiumFeatures($organization) && $request->has('estimated_time')) {
            $project->estimated_time = $request->getEstimatedTime();
        }
@@ -127,6 +128,9 @@ class ProjectController extends Controller
        if ($request->has('is_archived')) {
            $project->archived_at = $request->getIsArchived() ? Carbon::now() : null;
        }
+        if ($request->has('is_public')) {
+            $project->is_public = $request->boolean('is_public');
+        }
        if ($this->canAccessPremiumFeatures($organization) && $request->has('estimated_time')) {
            $project->estimated_time = $request->getEstimatedTime();
        }
--- a/app/Http/Controllers/Api/V1/Public/ReportController.php
+++ b/app/Http/Controllers/Api/V1/Public/ReportController.php
@@ -0,0 +1,92 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Controllers\Api\V1\Public;
+
+use App\Enums\TimeEntryAggregationType;
+use App\Http\Controllers\Api\V1\Controller;
+use App\Http\Resources\V1\Report\DetailedWithDataReportResource;
+use App\Models\Report;
+use App\Models\TimeEntry;
+use App\Service\Dto\ReportPropertiesDto;
+use App\Service\TimeEntryAggregationService;
+use App\Service\TimeEntryFilter;
+use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Database\Eloquent\ModelNotFoundException;
+use Illuminate\Http\Request;
+
+class ReportController extends Controller
+{
+    /**
+     * Get report by a share secret
+     *
+     * This endpoint is public and does not require authentication. The report must be public and not expired.
+     * The report is considered expired if the `public_until` field is set and the date is in the past.
+     * The report is considered public if the `is_public` field is set to `true`.
+     *
+     * @operationId getPublicReport
+     */
+    public function show(Request $request, TimeEntryAggregationService $timeEntryAggregationService): DetailedWithDataReportResource
+    {
+        $shareSecret = $request->header('X-Api-Key');
+        if (! is_string($shareSecret)) {
+            throw new ModelNotFoundException;
+        }
+
+        $report = Report::query()
+            ->with([
+                'organization',
+            ])
+            ->where('share_secret', '=', $shareSecret)
+            ->where('is_public', '=', true)
+            ->where(function (Builder $builder): void {
+                /** @var Builder<Report> $builder */
+                $builder->whereNull('public_until')
+                    ->orWhere('public_until', '>', now());
+            })
+            ->firstOrFail();
+        /** @var ReportPropertiesDto $properties */
+        $properties = $report->properties;
+
+        $timeEntriesQuery = TimeEntry::query()
+            ->whereBelongsTo($report->organization, 'organization');
+
+        $filter = new TimeEntryFilter($timeEntriesQuery);
+        $filter->addStart($properties->start);
+        $filter->addEnd($properties->end);
+        $filter->addActive($properties->active);
+        $filter->addBillable($properties->billable);
+        $filter->addMemberIdsFilter($properties->memberIds?->toArray());
+        $filter->addProjectIdsFilter($properties->projectIds?->toArray());
+        $filter->addTagIdsFilter($properties->tagIds?->toArray());
+        $filter->addTaskIdsFilter($properties->taskIds?->toArray());
+        $filter->addClientIdsFilter($properties->clientIds?->toArray());
+        $timeEntriesQuery = $filter->get();
+
+        $data = $timeEntryAggregationService->getAggregatedTimeEntriesWithDescriptions(
+            $timeEntriesQuery->clone(),
+            $report->properties->group,
+            $report->properties->subGroup,
+            $report->properties->timezone,
+            $report->properties->weekStart,
+            false,
+            $report->properties->start,
+            $report->properties->end,
+            true
+        );
+        $historyData = $timeEntryAggregationService->getAggregatedTimeEntriesWithDescriptions(
+            $timeEntriesQuery->clone(),
+            TimeEntryAggregationType::fromInterval($report->properties->historyGroup),
+            null,
+            $report->properties->timezone,
+            $report->properties->weekStart,
+            true,
+            $report->properties->start,
+            $report->properties->end,
+            true
+        );
+
+        return new DetailedWithDataReportResource($report, $data, $historyData);
+    }
+}
--- a/app/Http/Controllers/Api/V1/ReportController.php
+++ b/app/Http/Controllers/Api/V1/ReportController.php
@@ -0,0 +1,172 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Controllers\Api\V1;
+
+use App\Enums\Weekday;
+use App\Http\Requests\V1\Report\ReportStoreRequest;
+use App\Http\Requests\V1\Report\ReportUpdateRequest;
+use App\Http\Resources\V1\Report\DetailedReportResource;
+use App\Http\Resources\V1\Report\ReportCollection;
+use App\Http\Resources\V1\Report\ReportResource;
+use App\Models\Organization;
+use App\Models\Report;
+use App\Service\Dto\ReportPropertiesDto;
+use App\Service\ReportService;
+use App\Service\TimezoneService;
+use Illuminate\Auth\Access\AuthorizationException;
+use Illuminate\Http\JsonResponse;
+
+class ReportController extends Controller
+{
+    /**
+     * @throws AuthorizationException
+     */
+    protected function checkPermission(Organization $organization, string $permission, ?Report $report = null): void
+    {
+        parent::checkPermission($organization, $permission);
+        if ($report !== null && $report->organization_id !== $organization->id) {
+            throw new AuthorizationException('Report does not belong to organization');
+        }
+    }
+
+    /**
+     * Get reports
+     *
+     * @return ReportCollection<ReportResource>
+     *
+     * @throws AuthorizationException
+     *
+     * @operationId getReports
+     */
+    public function index(Organization $organization): ReportCollection
+    {
+        $this->checkPermission($organization, 'reports:view');
+
+        $reports = Report::query()
+            ->orderBy('created_at', 'desc')
+            ->whereBelongsTo($organization, 'organization')
+            ->paginate(config('app.pagination_per_page_default'));
+
+        return new ReportCollection($reports);
+    }
+
+    /**
+     * Get report
+     *
+     * @throws AuthorizationException
+     *
+     * @operationId getReport
+     */
+    public function show(Organization $organization, Report $report): DetailedReportResource
+    {
+        $this->checkPermission($organization, 'reports:view', $report);
+
+        return new DetailedReportResource($report);
+    }
+
+    /**
+     * Create report
+     *
+     * @throws AuthorizationException
+     *
+     * @operationId createReport
+     */
+    public function store(Organization $organization, ReportStoreRequest $request, TimezoneService $timezoneService, ReportService $reportService): DetailedReportResource
+    {
+        $this->checkPermission($organization, 'reports:create');
+        $user = $this->user();
+
+        $report = new Report;
+        $report->name = $request->getName();
+        $report->description = $request->getDescription();
+        $isPublic = $request->getIsPublic();
+        $report->is_public = $isPublic;
+        $properties = new ReportPropertiesDto;
+        $properties->group = $request->getPropertyGroup();
+        $properties->subGroup = $request->getPropertySubGroup();
+        $properties->historyGroup = $request->getPropertyHistoryGroup();
+        $properties->start = $request->getPropertyStart();
+        $properties->end = $request->getPropertyEnd();
+        $properties->active = $request->getPropertyActive();
+        $properties->setMemberIds($request->input('properties.member_ids', null));
+        $properties->billable = $request->getPropertyBillable();
+        $properties->setClientIds($request->input('properties.client_ids', null));
+        $properties->setProjectIds($request->input('properties.project_ids', null));
+        $properties->setTagIds($request->input('properties.tag_ids', null));
+        $properties->setTaskIds($request->input('properties.task_ids', null));
+        $properties->weekStart = $request->has('properties.week_start') ? Weekday::from($request->input('properties.week_start')) : $user->week_start;
+        $timezone = $user->timezone;
+        if ($request->has('properties.timezone')) {
+            if ($timezoneService->isValid($request->input('properties.timezone'))) {
+                $timezone = $request->input('properties.timezone');
+            }
+            if ($timezoneService->mapLegacyTimezone($request->input('properties.timezone')) !== null) {
+                $timezone = $timezoneService->mapLegacyTimezone($request->input('properties.timezone'));
+            }
+        }
+        $properties->timezone = $timezone;
+        $report->properties = $properties;
+        if ($isPublic) {
+            $report->share_secret = $reportService->generateSecret();
+            $report->public_until = $request->getPublicUntil();
+        } else {
+            $report->share_secret = null;
+            $report->public_until = null;
+        }
+        $report->organization()->associate($organization);
+        $report->save();
+
+        return new DetailedReportResource($report);
+    }
+
+    /**
+     * Update report
+     *
+     * @throws AuthorizationException
+     *
+     * @operationId updateReport
+     */
+    public function update(Organization $organization, Report $report, ReportUpdateRequest $request, ReportService $reportService): DetailedReportResource
+    {
+        $this->checkPermission($organization, 'reports:update', $report);
+
+        if ($request->has('name')) {
+            $report->name = $request->getName();
+        }
+        if ($request->has('description')) {
+            $report->description = $request->getDescription();
+        }
+        if ($request->has('is_public') && $request->getIsPublic() !== $report->is_public) {
+            $isPublic = $request->getIsPublic();
+            $report->is_public = $isPublic;
+            if ($isPublic) {
+                $report->share_secret = $reportService->generateSecret();
+                $report->public_until = $request->getPublicUntil();
+            } else {
+                $report->share_secret = null;
+                $report->public_until = null;
+            }
+        }
+        $report->save();
+
+        return new DetailedReportResource($report);
+    }
+
+    /**
+     * Delete report
+     *
+     * @throws AuthorizationException
+     *
+     * @operationId deleteReport
+     */
+    public function destroy(Organization $organization, Report $report): JsonResponse
+    {
+        $this->checkPermission($organization, 'reports:delete', $report);
+
+        $report->delete();
+
+        return response()->json(null, 204);
+    }
+}
--- a/app/Http/Controllers/Api/V1/TimeEntryController.php
+++ b/app/Http/Controllers/Api/V1/TimeEntryController.php
@@ -4,10 +4,16 @@ declare(strict_types=1);

 namespace App\Http\Controllers\Api\V1;

+use App\Enums\ExportFormat;
+use App\Enums\Role;
+use App\Exceptions\Api\FeatureIsNotAvailableInFreePlanApiException;
+use App\Exceptions\Api\PdfRendererIsNotConfiguredException;
 use App\Exceptions\Api\TimeEntryCanNotBeRestartedApiException;
 use App\Exceptions\Api\TimeEntryStillRunningApiException;
+use App\Http\Requests\V1\TimeEntry\TimeEntryAggregateExportRequest;
 use App\Http\Requests\V1\TimeEntry\TimeEntryAggregateRequest;
 use App\Http\Requests\V1\TimeEntry\TimeEntryDestroyMultipleRequest;
+use App\Http\Requests\V1\TimeEntry\TimeEntryIndexExportRequest;
 use App\Http\Requests\V1\TimeEntry\TimeEntryIndexRequest;
 use App\Http\Requests\V1\TimeEntry\TimeEntryStoreRequest;
 use App\Http\Requests\V1\TimeEntry\TimeEntryUpdateMultipleRequest;
@@ -21,15 +27,30 @@ use App\Models\Organization;
 use App\Models\Project;
 use App\Models\Task;
 use App\Models\TimeEntry;
+use App\Service\LocalizationService;
+use App\Service\ReportExport\TimeEntriesDetailedCsvExport;
+use App\Service\ReportExport\TimeEntriesDetailedExport;
+use App\Service\ReportExport\TimeEntriesReportExport;
 use App\Service\TimeEntryAggregationService;
 use App\Service\TimeEntryFilter;
 use App\Service\TimezoneService;
+use Gotenberg\Exceptions\GotenbergApiErrored;
+use Gotenberg\Exceptions\NoOutputFileInResponse;
+use Gotenberg\Gotenberg;
+use Gotenberg\Stream;
+use GuzzleHttp\Client;
 use Illuminate\Auth\Access\AuthorizationException;
+use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Http\File;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Resources\Json\JsonResource;
 use Illuminate\Support\Collection;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Blade;
 use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\Storage;
+use Maatwebsite\Excel\Facades\Excel;
+use Spatie\TemporaryDirectory\TemporaryDirectory;

 class TimeEntryController extends Controller
 {
@@ -42,7 +63,7 @@ class TimeEntryController extends Controller
    }

    /**
-     * Get all time entries in organization
+     * Get time entries in organization
     *
     * If you only need time entries for a specific user, you can filter by `user_id`.
     * Users with the permission `time-entries:view:own` can only use this endpoint with their own user ID in the user_id filter.
@@ -63,21 +84,7 @@ class TimeEntryController extends Controller
            $this->checkPermission($organization, 'time-entries:view:all');
        }

-        $timeEntriesQuery = TimeEntry::query()
-            ->whereBelongsTo($organization, 'organization')
-            ->orderBy('start', 'desc');
-
-        $filter = new TimeEntryFilter($timeEntriesQuery);
-        $filter->addStartFilter($request->input('start'));
-        $filter->addEndFilter($request->input('end'));
-        $filter->addActiveFilter($request->input('active'));
-        $filter->addMemberIdFilter($member);
-        $filter->addMemberIdsFilter($request->input('member_ids'));
-        $filter->addProjectIdsFilter($request->input('project_ids'));
-        $filter->addTagIdsFilter($request->input('tag_ids'));
-        $filter->addTaskIdsFilter($request->input('task_ids'));
-        $filter->addClientIdsFilter($request->input('client_ids'));
-        $filter->addBillableFilter($request->input('billable'));
+        $timeEntriesQuery = $this->getTimeEntriesQuery($organization, $request, $member);

        $totalCount = $timeEntriesQuery->count();

@@ -128,6 +135,147 @@ class TimeEntryController extends Controller
            ]);
    }

+    /**
+     * @return Builder<TimeEntry>
+     */
+    private function getTimeEntriesQuery(Organization $organization, TimeEntryIndexRequest|TimeEntryIndexExportRequest $request, ?Member $member): Builder
+    {
+        $timeEntriesQuery = TimeEntry::query()
+            ->whereBelongsTo($organization, 'organization')
+            ->orderBy('start', 'desc');
+
+        $filter = new TimeEntryFilter($timeEntriesQuery);
+        $filter->addStartFilter($request->input('start'));
+        $filter->addEndFilter($request->input('end'));
+        $filter->addActiveFilter($request->input('active'));
+        $filter->addMemberIdFilter($member);
+        $filter->addMemberIdsFilter($request->input('member_ids'));
+        $filter->addProjectIdsFilter($request->input('project_ids'));
+        $filter->addTagIdsFilter($request->input('tag_ids'));
+        $filter->addTaskIdsFilter($request->input('task_ids'));
+        $filter->addClientIdsFilter($request->input('client_ids'));
+        $filter->addBillableFilter($request->input('billable'));
+
+        return $filter->get();
+    }
+
+    /**
+     * Export time entries in organization
+     *
+     * @throws AuthorizationException|PdfRendererIsNotConfiguredException|FeatureIsNotAvailableInFreePlanApiException
+     *
+     * @operationId exportTimeEntries
+     */
+    public function indexExport(Organization $organization, TimeEntryIndexExportRequest $request, TimeEntryAggregationService $timeEntryAggregationService): JsonResponse
+    {
+        /** @var Member|null $member */
+        $member = $request->has('member_id') ? Member::query()->findOrFail($request->input('member_id')) : null;
+        if ($member !== null && $member->user_id === Auth::id()) {
+            $this->checkPermission($organization, 'time-entries:view:own');
+        } else {
+            $this->checkPermission($organization, 'time-entries:view:all');
+        }
+        $debug = $request->getDebug();
+        $format = $request->getFormatValue();
+        if ($format === ExportFormat::PDF && ! $this->canAccessPremiumFeatures($organization)) {
+            throw new FeatureIsNotAvailableInFreePlanApiException;
+        }
+        $user = $this->user();
+        $timezone = $user->timezone;
+        $showBillableRate = $this->member($organization)->role !== Role::Employee->value || $organization->employees_can_see_billable_rates;
+
+        $timeEntriesQuery = $this->getTimeEntriesQuery($organization, $request, $member);
+        $timeEntriesQuery->with([
+            'task',
+            'client',
+            'project',
+            'user',
+            'tagsRelation',
+        ]);
+        $filename = 'time-entries-export-'.now()->format('Y-m-d_H-i-s').'.'.$format->getFileExtension();
+        $folderPath = 'exports';
+        $path = $folderPath.'/'.$filename;
+        $localizationService = LocalizationService::forOrganization($organization);
+        if ($format === ExportFormat::CSV) {
+            $export = new TimeEntriesDetailedCsvExport(config('filesystems.private'), $folderPath, $filename, $timeEntriesQuery, 1000, $timezone);
+            $export->export();
+        } elseif ($format === ExportFormat::PDF) {
+            if (config('services.gotenberg.url') === null && ! $debug) {
+                throw new PdfRendererIsNotConfiguredException;
+            }
+            $viewFile = file_get_contents(resource_path('views/reports/time-entry-index/pdf.blade.php'));
+            if ($viewFile === false) {
+                throw new \LogicException('View file not found');
+            }
+            $aggregatedData = $timeEntryAggregationService->getAggregatedTimeEntries(
+                $timeEntriesQuery->clone()->reorder()->withOnly([]),
+                null,
+                null,
+                $user->timezone,
+                $user->week_start,
+                false,
+                null,
+                null,
+                $showBillableRate
+            );
+            $html = Blade::render($viewFile, [
+                'timeEntries' => $timeEntriesQuery->get(),
+                'aggregatedData' => $aggregatedData,
+                'timezone' => $timezone,
+                'currency' => $organization->currency,
+                'start' => $request->getStart()->timezone($timezone),
+                'end' => $request->getEnd()->timezone($timezone),
+                'localization' => $localizationService,
+            ]);
+            $footerViewFile = file_get_contents(resource_path('views/reports/time-entry-index/pdf-footer.blade.php'));
+            if ($footerViewFile === false) {
+                throw new \LogicException('View file not found');
+            }
+            $footerHtml = Blade::render($footerViewFile);
+            if ($debug) {
+                return response()->json([
+                    'html' => $html,
+                    'footer_html' => $footerHtml,
+                ]);
+            }
+
+            $client = new Client([
+                'auth' => config('services.gotenberg.basic_auth_username') !== null && config('services.gotenberg.basic_auth_password') !== null ? [
+                    config('services.gotenberg.basic_auth_username'),
+                    config('services.gotenberg.basic_auth_password'),
+                ] : null,
+            ]);
+            $request = Gotenberg::chromium(config('services.gotenberg.url'))
+                ->pdf()
+                ->assets(
+                    Stream::path(resource_path('pdf/Outfit-VariableFont_wght.ttf'), 'outfit.ttf'),
+                )
+                ->margins(0.39, 0.78, 0.39, 0.39)
+                ->paperSize('8.27', '11.7') // A4
+                ->footer(Stream::string('footer', $footerHtml))
+                ->html(Stream::string('body', $html));
+            $tempFolder = TemporaryDirectory::make();
+            $filenameTemp = Gotenberg::save($request, $tempFolder->path(), $client);
+            Storage::disk(config('filesystems.private'))
+                ->putFileAs($folderPath, new File($tempFolder->path($filenameTemp)), $filename);
+        } else {
+            Excel::store(
+                new TimeEntriesDetailedExport($timeEntriesQuery, $format, $timezone, $localizationService),
+                $path,
+                config('filesystems.private'),
+                $format->getExportPackageType(),
+                [
+                    'visibility' => 'private',
+                ]
+            );
+        }
+
+        return response()->json([
+            'download_url' => Storage::disk(config('filesystems.private'))
+                ->temporaryUrl($path, now()->addMinutes(5)),
+        ]);
+    }
+
    /**
     * Get aggregated time entries in organization
     *
@@ -143,24 +291,24 @@ class TimeEntryController extends Controller
     *          grouped_data: null|array<array{
     *              key: string|null,
     *              seconds: int,
-     *              cost: int,
+     *              cost: int|null,
     *              grouped_type: string|null,
     *              grouped_data: null|array<array{
     *                  key: string|null,
     *                  seconds: int,
-     *                  cost: int,
+     *                  cost: int|null,
     *                  grouped_type: null,
     *                  grouped_data: null
     *              }>
     *          }>,
     *          seconds: int,
-     *          cost: int
+     *          cost: int|null
     *      }
     * }
     *
     * @throws AuthorizationException
     */
-    public function aggregate(Organization $organization, TimeEntryAggregateRequest $request, TimeEntryAggregationService $aggregationService): array
+    public function aggregate(Organization $organization, TimeEntryAggregateRequest $request, TimeEntryAggregationService $timeEntryAggregationService): array
    {
        /** @var Member|null $member */
        $member = $request->has('member_id') ? Member::query()->findOrFail($request->input('member_id')) : null;
@@ -169,7 +317,166 @@ class TimeEntryController extends Controller
        } else {
            $this->checkPermission($organization, 'time-entries:view:all');
        }
+        $user = $this->user();
+        $showBillableRate = $this->member($organization)->role !== Role::Employee->value || $organization->employees_can_see_billable_rates;

+        $group1Type = $request->getGroup();
+        $group2Type = $request->getSubGroup();
+        $timeEntriesAggregateQuery = $this->getTimeEntriesAggregateQuery($organization, $request, $member);
+
+        $aggregatedData = $timeEntryAggregationService->getAggregatedTimeEntries(
+            $timeEntriesAggregateQuery,
+            $group1Type,
+            $group2Type,
+            $user->timezone,
+            $user->week_start,
+            $request->getFillGapsInTimeGroups(),
+            $request->getStart(),
+            $request->getEnd(),
+            $showBillableRate
+        );
+
+        return [
+            'data' => $aggregatedData,
+        ];
+    }
+
+    /**
+     * Export aggregated time entries in organization
+     *
+     * @operationId exportAggregatedTimeEntries
+     *
+     * @throws AuthorizationException
+     * @throws PdfRendererIsNotConfiguredException
+     * @throws GotenbergApiErrored
+     * @throws NoOutputFileInResponse
+     * @throws FeatureIsNotAvailableInFreePlanApiException
+     */
+    public function aggregateExport(Organization $organization, TimeEntryAggregateExportRequest $request, TimeEntryAggregationService $timeEntryAggregationService): JsonResponse
+    {
+        /** @var Member|null $member */
+        $member = $request->has('member_id') ? Member::query()->findOrFail($request->input('member_id')) : null;
+        if ($member !== null && $member->user_id === Auth::id()) {
+            $this->checkPermission($organization, 'time-entries:view:own');
+        } else {
+            $this->checkPermission($organization, 'time-entries:view:all');
+        }
+        $format = $request->getFormatValue();
+        if ($format === ExportFormat::PDF && ! $this->canAccessPremiumFeatures($organization)) {
+            throw new FeatureIsNotAvailableInFreePlanApiException;
+        }
+        $debug = $request->getDebug();
+        $user = $this->user();
+        $showBillableRate = $this->member($organization)->role !== Role::Employee->value || $organization->employees_can_see_billable_rates;
+
+        $group = $request->getGroup();
+        $subGroup = $request->getSubGroup();
+        $timeEntriesAggregateQuery = $this->getTimeEntriesAggregateQuery($organization, $request, $member);
+
+        $aggregatedData = $timeEntryAggregationService->getAggregatedTimeEntriesWithDescriptions(
+            $timeEntriesAggregateQuery->clone(),
+            $group,
+            $subGroup,
+            $user->timezone,
+            $user->week_start,
+            false,
+            $request->getStart(),
+            $request->getEnd(),
+            $showBillableRate
+        );
+        $dataHistoryChart = $timeEntryAggregationService->getAggregatedTimeEntries(
+            $timeEntriesAggregateQuery->clone(),
+            $request->getHistoryGroup(),
+            null,
+            $user->timezone,
+            $user->week_start,
+            true,
+            $request->getStart(),
+            $request->getEnd(),
+            $showBillableRate
+        );
+        $currency = $organization->currency;
+        $timezone = app(TimezoneService::class)->getTimezoneFromUser($this->user());
+        $localizationService = LocalizationService::forOrganization($organization);
+
+        $filename = 'time-entries-report-'.now()->format('Y-m-d_H-i-s').'.'.$format->getFileExtension();
+        $folderPath = 'exports';
+        $path = $folderPath.'/'.$filename;
+
+        if ($format === ExportFormat::PDF) {
+            if (config('services.gotenberg.url') === null && ! $debug) {
+                throw new PdfRendererIsNotConfiguredException;
+            }
+            $client = new Client([
+                'auth' => config('services.gotenberg.basic_auth_username') !== null && config('services.gotenberg.basic_auth_password') !== null ? [
+                    config('services.gotenberg.basic_auth_username'),
+                    config('services.gotenberg.basic_auth_password'),
+                ] : null,
+            ]);
+            $viewFile = file_get_contents(resource_path('views/reports/time-entry-aggregate/pdf.blade.php'));
+            if ($viewFile === false) {
+                throw new \LogicException('View file not found');
+            }
+            $html = Blade::render($viewFile, [
+                'aggregatedData' => $aggregatedData,
+                'dataHistoryChart' => $dataHistoryChart,
+                'currency' => $currency,
+                'group' => $group,
+                'subGroup' => $subGroup,
+                'timezone' => $timezone,
+                'start' => $request->getStart()->timezone($timezone),
+                'end' => $request->getEnd()->timezone($timezone),
+                'debug' => $debug,
+                'localization' => $localizationService,
+            ]);
+            $footerViewFile = file_get_contents(resource_path('views/reports/time-entry-aggregate/pdf-footer.blade.php'));
+            if ($footerViewFile === false) {
+                throw new \LogicException('View file not found');
+            }
+            $footerHtml = Blade::render($footerViewFile);
+            if ($debug) {
+                return response()->json([
+                    'html' => $html,
+                    'footer_html' => $footerHtml,
+                ]);
+            }
+            $request = Gotenberg::chromium(config('services.gotenberg.url'))
+                ->pdf()
+                ->waitForExpression("window.status === 'ready'")
+                ->margins(0.39, 0.78, 0.39, 0.39)
+                ->paperSize('8.27', '11.7') // A4
+                ->footer(Stream::string('footer', $footerHtml))
+                ->assets(Stream::path(resource_path('pdf/echarts.min.js'), 'echarts.min.js'),
+                    Stream::path(resource_path('pdf/Outfit-VariableFont_wght.ttf'), 'outfit.ttf'),
+                )
+                ->html(Stream::string('body', $html));
+            $tempFolder = TemporaryDirectory::make();
+            $filenameTemp = Gotenberg::save($request, $tempFolder->path(), $client);
+            Storage::disk(config('filesystems.private'))
+                ->putFileAs($folderPath, new File($tempFolder->path($filenameTemp)), $filename);
+        } else {
+            Excel::store(
+                new TimeEntriesReportExport($aggregatedData, $format, $currency, $group, $subGroup),
+                $path,
+                config('filesystems.private'),
+                $format->getExportPackageType(),
+                [
+                    'visibility' => 'private',
+                ]
+            );
+        }
+
+        return response()->json([
+            'download_url' => Storage::disk(config('filesystems.private'))
+                ->temporaryUrl($path, now()->addMinutes(5)),
+        ]);
+    }
+
+    /**
+     * @return Builder<TimeEntry>
+     */
+    private function getTimeEntriesAggregateQuery(Organization $organization, TimeEntryAggregateRequest|TimeEntryAggregateExportRequest $request, ?Member $member): Builder
+    {
        $timeEntriesQuery = TimeEntry::query()
            ->whereBelongsTo($organization, 'organization');

@@ -184,27 +491,8 @@ class TimeEntryController extends Controller
        $filter->addTaskIdsFilter($request->input('task_ids'));
        $filter->addClientIdsFilter($request->input('client_ids'));
        $filter->addBillableFilter($request->input('billable'));
-        $timeEntriesQuery = $filter->get();

-        $user = $this->user();
-
-        $group1Type = $request->getGroup();
-        $group2Type = $request->getSubGroup();
-
-        $aggregatedData = $aggregationService->getAggregatedTimeEntries(
-            $timeEntriesQuery,
-            $group1Type,
-            $group2Type,
-            $user->timezone,
-            $user->week_start,
-            $request->getFillGapsInTimeGroups(),
-            $request->getStart(),
-            $request->getEnd()
-        );
-
-        return [
-            'data' => $aggregatedData,
-        ];
+        return $filter->get();
    }

    /**
@@ -333,6 +621,10 @@ class TimeEntryController extends Controller

        $changes = $request->validated('changes');

+        if ($request->has('changes.description')) {
+            $changes['description'] = $request->input('changes.description') ?? '';
+        }
+
        if (isset($changes['member_id']) && ! $canAccessAll && $this->member($organization)->getKey() !== $changes['member_id']) {
            throw new AuthorizationException;
        }
--- a/app/Http/Controllers/Api/V1/UserController.php
+++ b/app/Http/Controllers/Api/V1/UserController.php
@@ -6,7 +6,6 @@ namespace App\Http\Controllers\Api\V1;

 use App\Http\Resources\V1\User\UserResource;
 use Illuminate\Auth\Access\AuthorizationException;
-use Illuminate\Http\Resources\Json\JsonResource;

 class UserController extends Controller
 {
@@ -19,7 +18,7 @@ class UserController extends Controller
     *
     * @throws AuthorizationException
     */
-    public function me(): JsonResource
+    public function me(): UserResource
    {
        $user = $this->user();

--- a/app/Http/Controllers/Web/DashboardController.php
+++ b/app/Http/Controllers/Web/DashboardController.php
@@ -4,6 +4,7 @@ declare(strict_types=1);

 namespace App\Http\Controllers\Web;

+use App\Enums\Role;
 use App\Service\DashboardService;
 use App\Service\PermissionStore;
 use Illuminate\Auth\Access\AuthorizationException;
@@ -19,30 +20,14 @@ class DashboardController extends Controller
    {
        $user = $this->user();
        $organization = $this->currentOrganization();
-        $dailyTrackedHours = $dashboardService->getDailyTrackedHours($user, $organization, 60);
-        $weeklyHistory = $dashboardService->getWeeklyHistory($user, $organization);
-        $totalWeeklyTime = $dashboardService->totalWeeklyTime($user, $organization);
-        $totalWeeklyBillableTime = $dashboardService->totalWeeklyBillableTime($user, $organization);
-        $totalWeeklyBillableAmount = $dashboardService->totalWeeklyBillableAmount($user, $organization);
-        $weeklyProjectOverview = $dashboardService->weeklyProjectOverview($user, $organization);
-        $latestTasks = $dashboardService->latestTasks($user, $organization);
-        $lastSevenDays = $dashboardService->lastSevenDays($user, $organization);

        $latestTeamActivity = null;
        if ($permissionStore->has($organization, 'time-entries:view:all')) {
            $latestTeamActivity = $dashboardService->latestTeamActivity($organization);
        }

-        return Inertia::render('Dashboard', [
-            'weeklyProjectOverview' => $weeklyProjectOverview,
-            'latestTasks' => $latestTasks,
-            'lastSevenDays' => $lastSevenDays,
-            'latestTeamActivity' => $latestTeamActivity,
-            'dailyTrackedHours' => $dailyTrackedHours,
-            'totalWeeklyTime' => $totalWeeklyTime,
-            'totalWeeklyBillableTime' => $totalWeeklyBillableTime,
-            'totalWeeklyBillableAmount' => $totalWeeklyBillableAmount,
-            'weeklyHistory' => $weeklyHistory,
-        ]);
+        $showBillableRate = $this->member($organization)->role !== Role::Employee->value || $organization->employees_can_see_billable_rates;
+
+        return Inertia::render('Dashboard');
    }
 }
--- a/app/Http/Controllers/Web/HealthCheckController.php
+++ b/app/Http/Controllers/Web/HealthCheckController.php
@@ -45,16 +45,35 @@ class HealthCheckController extends Controller

        $dbTimezone = DB::select('show timezone;');

+        $response = [
+            'ip_address' => $ipAddress,
+            'url' => $request->url(),
+            'path' => $request->path(),
+            'hostname' => $hostname,
+            'timestamp' => Carbon::now()->timestamp,
+            'date_time_utc' => Carbon::now('UTC')->toDateTimeString(),
+            'date_time_app' => Carbon::now()->toDateTimeString(),
+            'timezone' => $dbTimezone[0]->TimeZone,
+            'secure' => $secure,
+            'is_trusted_proxy' => $isTrustedProxy,
+        ];
+
+        if (app()->hasDebugModeEnabled()) {
+            $response['app_debug'] = true;
+            $response['app_url'] = config('app.url');
+            $response['app_env'] = app()->environment();
+            $response['app_timezone'] = config('app.timezone');
+            $response['app_force_https'] = config('app.force_https');
+            $response['session_secure'] = config('session.secure');
+            $response['trusted_proxies'] = config('trustedproxy.proxies');
+            $headers = $request->headers->all();
+            if (isset($headers['cookie'])) {
+                $headers['cookie'] = '***';
+            }
+            $response['headers'] = $headers;
+        }
+
        return response()
-            ->json([
-                'ip_address' => $ipAddress,
-                'hostname' => $hostname,
-                'timestamp' => Carbon::now()->timestamp,
-                'date_time_utc' => Carbon::now('UTC')->toDateTimeString(),
-                'date_time_app' => Carbon::now()->toDateTimeString(),
-                'timezone' => $dbTimezone[0]->TimeZone,
-                'secure' => $secure,
-                'is_trusted_proxy' => $isTrustedProxy,
-            ]);
+            ->json($response);
    }
 }
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@@ -18,7 +18,7 @@ class Kernel extends HttpKernel
     * @var array<int, class-string|string>
     */
    protected $middleware = [
-        // \App\Http\Middleware\TrustHosts::class,
+        \App\Http\Middleware\ForceHttps::class,
        \App\Http\Middleware\TrustProxies::class,
        \Illuminate\Http\Middleware\HandleCors::class,
        \App\Http\Middleware\PreventRequestsDuringMaintenance::class,
--- a/app/Http/Middleware/ForceHttps.php
+++ b/app/Http/Middleware/ForceHttps.php
@@ -0,0 +1,29 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\URL;
+use Symfony\Component\HttpFoundation\Response;
+
+class ForceHttps
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response)  $next
+     */
+    public function handle(Request $request, Closure $next, string ...$guards): Response
+    {
+        if (config('app.force_https', false)) {
+            URL::forceScheme('https');
+            $request->server->set('HTTPS', 'on');
+            $request->headers->set('X-Forwarded-Proto', 'https');
+        }
+
+        return $next($request);
+    }
+}
--- a/app/Http/Middleware/HandleInertiaRequests.php
+++ b/app/Http/Middleware/HandleInertiaRequests.php
@@ -40,6 +40,7 @@ class HandleInertiaRequests extends Middleware
    public function share(Request $request): array
    {
        $hasBilling = Module::has('Billing') && Module::isEnabled('Billing');
+        $hasInvoicing = Module::has('Invoicing') && Module::isEnabled('Invoicing');

        /** @var BillingContract $billing */
        $billing = app(BillingContract::class);
@@ -48,6 +49,7 @@ class HandleInertiaRequests extends Middleware

        return array_merge(parent::share($request), [
            'has_billing_extension' => $hasBilling,
+            'has_invoicing_extension' => $hasInvoicing,
            'billing' => $billing !== null && $currentOrganization !== null ? [
                'has_subscription' => $billing->hasSubscription($currentOrganization),
                'has_trial' => $billing->hasTrial($currentOrganization),
--- a/app/Http/Middleware/TrustHosts.php
+++ b/app/Http/Middleware/TrustHosts.php
@@ -1,22 +0,0 @@
-<?php
-
-declare(strict_types=1);
-
-namespace App\Http\Middleware;
-
-use Illuminate\Http\Middleware\TrustHosts as Middleware;
-
-class TrustHosts extends Middleware
-{
-    /**
-     * Get the host patterns that should be trusted.
-     *
-     * @return array<int, string|null>
-     */
-    public function hosts(): array
-    {
-        return [
-            $this->allSubdomainsOfApplicationUrl(),
-        ];
-    }
-}
--- a/app/Http/Requests/V1/ApiToken/ApiTokenStoreRequest.php
+++ b/app/Http/Requests/V1/ApiToken/ApiTokenStoreRequest.php
@@ -0,0 +1,32 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Requests\V1\ApiToken;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class ApiTokenStoreRequest extends FormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, array<string>>
+     */
+    public function rules(): array
+    {
+        return [
+            'name' => [
+                'required',
+                'string',
+                'min:1',
+                'max:255',
+            ],
+        ];
+    }
+
+    public function getName(): string
+    {
+        return $this->input('name');
+    }
+}
--- a/app/Http/Requests/V1/Member/MemberMergeIntoRequest.php
+++ b/app/Http/Requests/V1/Member/MemberMergeIntoRequest.php
@@ -0,0 +1,42 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Requests\V1\Member;
+
+use App\Models\Member;
+use App\Models\Organization;
+use Illuminate\Contracts\Validation\ValidationRule;
+use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Foundation\Http\FormRequest;
+use Korridor\LaravelModelValidationRules\Rules\ExistsEloquent;
+
+/**
+ * @property Organization $organization
+ */
+class MemberMergeIntoRequest extends FormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, array<string|ValidationRule|\Illuminate\Contracts\Validation\Rule>>
+     */
+    public function rules(): array
+    {
+        return [
+            // ID of the member to which the data should be transferred (destination)
+            'member_id' => [
+                'string',
+                ExistsEloquent::make(Member::class, null, function (Builder $builder): Builder {
+                    /** @var Builder<Member> $builder */
+                    return $builder->whereBelongsTo($this->organization, 'organization');
+                })->uuid(),
+            ],
+        ];
+    }
+
+    public function getMemberId(): string
+    {
+        return (string) $this->input('member_id');
+    }
+}
--- a/app/Http/Requests/V1/Organization/OrganizationUpdateRequest.php
+++ b/app/Http/Requests/V1/Organization/OrganizationUpdateRequest.php
@@ -4,9 +4,14 @@ declare(strict_types=1);

 namespace App\Http\Requests\V1\Organization;

+use App\Enums\CurrencyFormat;
+use App\Enums\DateFormat;
+use App\Enums\IntervalFormat;
+use App\Enums\NumberFormat;
+use App\Enums\TimeFormat;
 use App\Models\Organization;
-use Illuminate\Contracts\Validation\ValidationRule;
 use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Validation\Rule;

 /**
 * @property Organization $organization Organization from model binding
@@ -16,13 +21,12 @@ class OrganizationUpdateRequest extends FormRequest
    /**
     * Get the validation rules that apply to the request.
     *
-     * @return array<string, array<string|ValidationRule>>
+     * @return array<string, array<string|\Illuminate\Contracts\Validation\Rule>>
     */
    public function rules(): array
    {
        return [
            'name' => [
-                'required',
                'string',
                'max:255',
            ],
@@ -35,13 +39,63 @@ class OrganizationUpdateRequest extends FormRequest
            'employees_can_see_billable_rates' => [
                'boolean',
            ],
+            'number_format' => [
+                Rule::enum(NumberFormat::class),
+            ],
+            'currency_format' => [
+                Rule::enum(CurrencyFormat::class),
+            ],
+            'date_format' => [
+                Rule::enum(DateFormat::class),
+            ],
+            'interval_format' => [
+                Rule::enum(IntervalFormat::class),
+            ],
+            'time_format' => [
+                Rule::enum(TimeFormat::class),
+            ],
        ];
    }

+    public function getName(): ?string
+    {
+        return $this->has('name') ? (string) $this->input('name') : null;
+    }
+
+    public function getNumberFormat(): ?NumberFormat
+    {
+        return $this->has('number_format') ? NumberFormat::from($this->input('number_format')) : null;
+    }
+
+    public function getCurrencyFormat(): ?CurrencyFormat
+    {
+        return $this->has('currency_format') ? CurrencyFormat::from($this->input('currency_format')) : null;
+    }
+
+    public function getDateFormat(): ?DateFormat
+    {
+        return $this->has('date_format') ? DateFormat::from($this->input('date_format')) : null;
+    }
+
+    public function getIntervalFormat(): ?IntervalFormat
+    {
+        return $this->has('interval_format') ? IntervalFormat::from($this->input('interval_format')) : null;
+    }
+
+    public function getTimeFormat(): ?TimeFormat
+    {
+        return $this->has('time_format') ? TimeFormat::from($this->input('time_format')) : null;
+    }
+
    public function getBillableRate(): ?int
    {
        $input = $this->input('billable_rate');

        return $input !== null && $input !== 0 ? (int) $this->input('billable_rate') : null;
    }
+
+    public function getEmployeesCanSeeBillableRates(): ?bool
+    {
+        return $this->has('employees_can_see_billable_rates') ? $this->boolean('employees_can_see_billable_rates') : null;
+    }
 }
--- a/Show More
+++ b/Show More