Don't enforce barcodes to be unique (fixes #1205)

(Error page was not shown properly)

.devtools/create_release_package.bat

@@ -10,7 +10,9 @@ for /f "tokens=*" %%a in ('jq .Version versiontemp.json --raw-output') do set ve
 del versiontemp.json
 
 del "%releasePath%\grocy_%version%.zip"
-7za a -r "%releasePath%\grocy_%version%.zip" "%projectPath%\*" -xr!.* -xr!build.bat -xr!composer.json -xr!composer.lock -xr!package.json -xr!yarn.lock -xr!publication_assets
+7za a -r "%releasePath%\grocy_%version%.zip" "%projectPath%\*" -xr!.* -xr!build.bat -xr!composer.json -xr!composer.lock -xr!package.json -xr!yarn.lock
 7za a "%releasePath%\grocy_%version%.zip" "%projectPath%\public\.htaccess"
 7za rn "%releasePath%\grocy_%version%.zip" .htaccess public\.htaccess
 7za d "%releasePath%\grocy_%version%.zip" data\*.* data\storage data\viewcache\*
+7za a "%releasePath%\grocy_%version%.zip" "%projectPath%\data\.htaccess"
+7za rn "%releasePath%\grocy_%version%.zip" .htaccess data\.htaccess

.devtools/transifex_download.bat

@@ -1,4 +1,11 @@
 pushd ..
-tx pull --all --minimum-perc=90
+tx pull --all --minimum-perc=70
 tx pull --language en_GB
+copy /Y localization\en\userfield_types.po localization\en_GB\userfield_types.po
+copy /Y localization\en\stock_transaction_types.po localization\en_GB\stock_transaction_types.po
+copy /Y localization\en\component_translations.po localization\en_GB\component_translations.po
+copy /Y localization\en\chore_period_types.po localization\en_GB\chore_period_types.po
+copy /Y localization\en\chore_assignment_types.po localization\en_GB\chore_assignment_types.po
+copy /Y localization\en\permissions.po localization\en_GB\permissions.po
+copy /Y localization\en\locales.po localization\en_GB\locales.po
 popd

.editorconfig

@@ -0,0 +1,8 @@
+root = true
+
+[*]
+indent_style = tab
+indent_size = 4
+charset = utf-8
+trim_trailing_whitespace = true
+insert_final_newline = true

.gitattributes

@@ -0,0 +1,2 @@
+* text=auto
+*.sh text eol=lf

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,10 @@
+---
+name: Bug report
+about: If you've found something that does not work, please report it to help improve grocy
+title: 'Bug: '
+labels: bug, ui-bug
+assignees: ''
+
+---
+
+Please describe the bug as detailed as possible, provide the steps how to reproduce it and maybe attach screenshots where useful.

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,5 @@
+blank_issues_enabled: false
+contact_links:
+    - name: Question / Help
+      url: https://www.reddit.com/r/grocy
+      about: Please use the r/grocy subreddit for general questions / help

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,10 @@
+---
+name: Feature request
+about: Ideas for improvements or new things which you would find useful are always welcome
+title: 'Feature request: '
+labels: enhancement
+assignees: ''
+
+---
+
+Please describe what you would find useful and please also check (by searching open requests here) if that was maybe already requested.

.php_cs

@@ -0,0 +1,97 @@
+<?php
+
+return PhpCsFixer\Config::create()
+    ->setRules(array(
+        '@PSR2' => true,
+        'array_indentation' => true,
+        'array_syntax' => array('syntax' => 'short'),
+        'combine_consecutive_unsets' => true,
+        'method_separation' => true,
+        'no_multiline_whitespace_before_semicolons' => true,
+        'single_quote' => true,
+
+        'binary_operator_spaces' => array(
+            'align_double_arrow' => false,
+            'align_equals' => false,
+        ),
+        // 'blank_line_after_opening_tag' => true,
+        // 'blank_line_before_return' => true,
+        'braces' => array(
+            'allow_single_line_closure' => true,
+			'position_after_anonymous_constructs' => 'same',
+			'position_after_control_structures' => 'next',
+			'position_after_functions_and_oop_constructs' => 'next',
+        ),
+        // 'cast_spaces' => true,
+        // 'class_definition' => array('singleLine' => true),
+        'concat_space' => array('spacing' => 'one'),
+        'declare_equal_normalize' => true,
+        'function_typehint_space' => true,
+        'hash_to_slash_comment' => true,
+        'include' => true,
+        'lowercase_cast' => true,
+        // 'native_function_casing' => true,
+        // 'new_with_braces' => true,
+        // 'no_blank_lines_after_class_opening' => true,
+        // 'no_blank_lines_after_phpdoc' => true,
+        // 'no_empty_comment' => true,
+        // 'no_empty_phpdoc' => true,
+        // 'no_empty_statement' => true,
+        'no_extra_consecutive_blank_lines' => array(
+            'extra',
+            'parenthesis_brace_block',
+            'square_brace_block',
+            'throw',
+            'use',
+        ),
+        'no_leading_import_slash' => true,
+        'no_leading_namespace_whitespace' => true,
+        // 'no_mixed_echo_print' => array('use' => 'echo'),
+        'no_multiline_whitespace_around_double_arrow' => true,
+        // 'no_short_bool_cast' => true,
+        // 'no_singleline_whitespace_before_semicolons' => true,
+        'no_spaces_around_offset' => true,
+        // 'no_trailing_comma_in_list_call' => true,
+        // 'no_trailing_comma_in_singleline_array' => true,
+        // 'no_unneeded_control_parentheses' => true,
+        // 'no_unused_imports' => true,
+        'no_whitespace_before_comma_in_array' => true,
+        'no_whitespace_in_blank_line' => true,
+        // 'normalize_index_brace' => true,
+        'object_operator_without_whitespace' => true,
+        // 'php_unit_fqcn_annotation' => true,
+        // 'phpdoc_align' => true,
+        // 'phpdoc_annotation_without_dot' => true,
+        // 'phpdoc_indent' => true,
+        // 'phpdoc_inline_tag' => true,
+        // 'phpdoc_no_access' => true,
+        // 'phpdoc_no_alias_tag' => true,
+        // 'phpdoc_no_empty_return' => true,
+        // 'phpdoc_no_package' => true,
+        // 'phpdoc_no_useless_inheritdoc' => true,
+        // 'phpdoc_return_self_reference' => true,
+        // 'phpdoc_scalar' => true,
+        // 'phpdoc_separation' => true,
+        // 'phpdoc_single_line_var_spacing' => true,
+        // 'phpdoc_summary' => true,
+        // 'phpdoc_to_comment' => true,
+        // 'phpdoc_trim' => true,
+        // 'phpdoc_types' => true,
+        // 'phpdoc_var_without_name' => true,
+        // 'pre_increment' => true,
+        // 'return_type_declaration' => true,
+        // 'self_accessor' => true,
+        // 'short_scalar_cast' => true,
+        'single_blank_line_before_namespace' => true,
+        // 'single_class_element_per_statement' => true,
+        // 'space_after_semicolon' => true,
+        // 'standardize_not_equals' => true,
+        'ternary_operator_spaces' => true,
+        // 'trailing_comma_in_multiline_array' => true,
+        'trim_array_spaces' => true,
+        'unary_operator_spaces' => true,
+        'whitespace_after_comma_in_array' => true,
+    ))
+    ->setIndent("\t")
+    ->setLineEnding("\n")
+;

.tx/config

@@ -42,3 +42,15 @@ file_filter = localization/<lang>/userfield_types.po
 source_file = localization/userfield_types.pot
 source_lang = en
 type = PO
+
+[grocy.permissions]
+file_filter = localization/<lang>/permissions.po
+source_file = localization/permissions.pot
+source_lang = en
+type = PO
+
+[grocy.locales]
+file_filter = localization/<lang>/locales.po
+source_file = localization/locales.pot
+source_lang = en
+type = PO

.vscode/settings.json

@@ -1,3 +1,17 @@
 {
-	"phpserver.relativePath": "public"
+	"phpserver.relativePath": "public",
+	"editor.formatOnType": true,
+	"editor.formatOnPaste": true,
+	"editor.formatOnSave": true,
+	"editor.insertSpaces": false,
+	"javascript.format.placeOpenBraceOnNewLineForControlBlocks": true,
+	"javascript.format.placeOpenBraceOnNewLineForFunctions": true,
+	"javascript.format.insertSpaceAfterFunctionKeywordForAnonymousFunctions": false,
+	"javascript.preferences.quoteStyle": "double",
+	"blade.format.enable": true,
+	"html.format.wrapAttributes": "force",
+	"html.format.wrapLineLength": 0,
+	"php-cs-fixer.formatHtml": true,
+	"php-cs-fixer.autoFixBySemicolon": true,
+	"php-cs-fixer.onsave": true,
 }

README.md

@@ -1,33 +1,46 @@
-# grocy
-ERP beyond your fridge
+<div align="center">
+<img alt="Logo" height="50" src="https://raw.githubusercontent.com/grocy/grocy/master/public/img/grocy_logo.svg?sanitize=true"/>
+<h3>ERP beyond your fridge</h3>
+<h5> grocy is a web-based self-hosted groceries & household management solution for your home</h5>
+</div>
+
+-----
 
 ## Give it a try
-- Public demo of the latest stable version &rarr; [https://demo.grocy.info](https://demo.grocy.info)
-- Public demo of the latest pre-release version (current master branch) &rarr; [https://demo-prerelease.grocy.info](https://demo-prerelease.grocy.info)
+- Public demo of the latest stable version (`release` branch) &rarr; [https://demo.grocy.info](https://demo.grocy.info)
+- Public demo of the current development version (`master` branch) &rarr; [https://demo-prerelease.grocy.info](https://demo-prerelease.grocy.info)
 
-## Getting in touch
-There is the [r/grocy subreddit](https://www.reddit.com/r/grocy) to connect with other grocy users. If you've found something that does not work or if you have an idea for an improvement or new things which you would find useful, feel free to open an issue in the [issue tracker](https://github.com/grocy/grocy/issues) here.
+## Questions / Help / Bug reporting / Feature requests
+There is the [r/grocy subreddit](https://www.reddit.com/r/grocy) to connect with other grocy users and getting help.
+
+If you've found something that does not work or if you have an idea for an improvement or new things which you would find useful, feel free to open a request on the [issue tracker](https://github.com/grocy/grocy/issues) here.
+
+Please don't send me private messages regarding grocy help. I check the issue tracker and the subreddit pretty much daily, but don't provide grocy support beyond that.
 
 ## Community contributions
-See the website for a list of community contributed Add-ons / Tools: [https://grocy.info/#addons](https://grocy.info/#addons)
+See the website for a list of community contributed Add-ons / Tools: [https://grocy.info/addons](https://grocy.info/addons)
 
 ## Motivation
 A household needs to be managed. I did this so far (almost 10 years) with my first self written software (a C# windows forms application) and with a bunch of Excel sheets. The software is a pain to use and Excel is Excel. So I searched for and tried different things for a (very) long time, nothing 100 % fitted, so this is my aim for a "complete household management"-thing. ERP your fridge!
 
 ## How to install
-> Checkout grocy-desktop, if you want to run grocy without a webserver just like a normal (windows) desktop application.
+> Checkout [grocy-desktop](https://github.com/grocy/grocy-desktop), if you want to run grocy without having to manage a webserver just like a normal ("indows) desktop application.
 >
-> See https://github.com/grocy/grocy-desktop or directly download the [latest release](https://releases.grocy.info/latest-desktop) - the installation is nothing more than just clicking 2 times "next"...
+> Directly download the [latest release](https://releases.grocy.info/latest-desktop) - the installation is nothing more than just clicking 2 times "next".
 
-Just unpack the [latest release](https://releases.grocy.info/latest) on your PHP (SQLite (3.8.3 or higher) extension required, currently only tested with PHP 7.3) enabled webserver (webservers root should point to the `public` directory), copy `config-dist.php` to `data/config.php`, edit it to your needs, ensure that the `data` directory is writable and you're ready to go, (to make it writable, maybe use `chown -R www-data:www-data data/`). Default login is user `admin` with password `admin`, please change the password immediately (see user menu).
+See [https://grocy.info/links](https://grocy.info/links) for some installation guides and troubleshooting help.
 
-Alternatively clone this repository and install Composer and Yarn dependencies manually.
+grocy is technically a pretty simple PHP application, so the basic notes to get it running are:
+- Unpack the [latest release](https://releases.grocy.info/latest)
+- Copy `config-dist.php` to `data/config.php` + edit to your needs
+- Ensure that the `data` directory is writable
+- The webserver root should point to the `public` directory
+- Include `try_files $uri /index.php$is_args$query_string;` in your location block if you use nginx
+  - Or disable URL rewriting (see the option `DISABLE_URL_REWRITING` in `data/config.php`)
+- SQLite 3.8.3 or higher is required and everything is currently only tested against PHP 7.4
+- &rarr; Default login is user `admin` with password `admin`, please change the password immediately (user menu at the top right corner)
 
-If you use nginx as your webserver, please include `try_files $uri /index.php;` in your location block.
-
-If, however, your webserver does not support URL rewriting, set `DISABLE_URL_REWRITING` in `data/config.php` (`Setting('DISABLE_URL_REWRITING', true);`).
-
-See the website for further installation guides and troubleshooting help: https://grocy.info/links
+Alternatively clone this repository (the `release` branch always references the latest released version, or checkout the latest tagged revision) and install Composer and Yarn dependencies manually.
 
 ## How to run using Docker
 
@@ -41,9 +54,13 @@ If you run grocy on Linux, there is also `update.sh` (remember to make the scrip
 ## Localization
 grocy is fully localizable - the default language is English (integrated into code), a German localization is always maintained by me.
 You can easily help translating grocy at https://www.transifex.com/grocy/grocy, if your language is incomplete or not available yet.
-(Language can be changed in `data/config.php`, e. g. `Setting('CULTURE', 'it');`)
+(The default language can be set in `data/config.php`, e. g. `Setting('DEFAULT_LOCALE', 'it');` and there is also a user setting (see the user settings page) to set a different language per user).
 
-The [pre-release demo](https://demo-prerelease.grocy.info) is available for any translation which is at least 80 % complete and will pull the translations from Transifex 10 minutes past every hour, so you can have a kind of instant preview of your contributed translations. Thank you!
+The [pre-release demo](https://demo-prerelease.grocy.info) is available for any translation which is at least 70 % complete and will pull the translations from Transifex 10 minutes past every hour, so you can have a kind of instant preview of your contributed translations. Thank you!
+
+Also any translation which once reached a completion level of 70 % will be included in releases.
+
+_RTL languages are unfortunately not yet supported._
 
 ## Things worth to know
 
@@ -51,12 +68,14 @@ The [pre-release demo](https://demo-prerelease.grocy.info) is available for any
 See the integrated Swagger UI instance on [/api](https://demo.grocy.info/api).
 
 ### Barcode readers & camera scanning
-Some fields also allow to select a value by scanning a barcode. It works best when your barcode reader prefixes every barcode with a letter which is normally not part of a item name (I use a `$`) and sends a `TAB` after a scan.
+Some fields (with a barcode icon above) also allow to select a value by scanning a barcode. It works best when your barcode reader prefixes every barcode with a letter which is normally not part of a item name (I use a `$`) and sends a `TAB` after a scan.
 
-Additionally it's also possible to use your device camera to scan a barcode by using the camera button on the right side of the corresponding field (powered by [QuaggaJS](https://github.com/serratus/quaggaJS), totally offline / client-side camera stream processing). Quick video demo: https://www.youtube.com/watch?v=Y5YH6IJFnfc
+Additionally it's also possible to use your device camera to scan a barcode by using the camera button on the right side of the corresponding field (powered by [Quagga2](https://github.com/ericblade/quagga2), totally offline / client-side camera stream processing, please note due to browser security restrictions, this only works when serving grocy via a secure connection (`https://`)). Quick video demo: https://www.youtube.com/watch?v=Y5YH6IJFnfc
+
+_My personal recommendation: Use a USB barcode laser scanner. They are cheap and work 1000 % better, faster, under any lighting condition and from any angle._
 
 ### Input shorthands for date fields
-For (productivity) reasons all date (and time) input fields use the ISO-8601 format regardless of localization.
+For (productivity) reasons all date (and time) input (and display) fields use the ISO-8601 format regardless of localization.
 The following shorthands are available:
 - `MMDD` gets expanded to the given day on the current year, if > today, or to the given day next year, if < today, in proper notation
   - Example: `0517` will be converted to `2018-05-17`
@@ -64,13 +83,15 @@ The following shorthands are available:
   - Example: `20190417` will be converted to `2019-04-17`
 - `YYYYMMe` or `YYYYMM+` gets expanded to the end of the given month in the given year in proper notation
   - Example: `201807e` will be converted to `2018-07-31`
-- `x` gets expanded to `2999-12-31` (which I use for products which never expire)
-- Down/up arrow keys will increase/decrease the date by one day
+- `x` gets expanded to `2999-12-31` (which I use for products which are never overdue)
+- Down/up arrow keys will increase/decrease the date by 1 day
 - Right/left arrow keys will increase/decrease the date by 1 week
+- Shift + down/up arrow keys will increase/decrease the date by 1 month
+- Shift + right/left arrow keys will increase/decrease the date by 1 year
 
 ### Keyboard shorthands for buttons
 Wherever a button contains a bold highlighted letter, this is a shortcut key.
-Example: Button "Add as new **p**roduct" can be "pressed" by using the `P` key on your keyboard.
+Example: Button "**P** Add as new product" can be "pressed" by using the `P` key on your keyboard.
 
 ### Barcode lookup via external services
 Products can be directly added to the database via looking them up against external services by a barcode.
@@ -80,6 +101,8 @@ There is no plugin included for any service, see the reference implementation in
 ### Database migrations
 Database schema migration is automatically done when visiting the root (`/`) route (click on the logo in the left upper edge).
 
+_Please note: Database migrations are supposed to work between releases, not between every commit. If you want to run the current `master` branch (which is the development version), however, you need to handle that (and maybe more) yourself._
+
 ### Disable certain features
 If you don't use certain feature sets of grocy (for example if you don't need "Chores"), there are feature flags per major feature set to hide/disable the related UI elements (see `config-dist.php`)
 
@@ -88,7 +111,7 @@ If you don't use certain feature sets of grocy (for example if you don't need "C
 - When the file `data/custom_css.html` exists, the contents of the file will be added just before `</head>` (end of head) on every page
 
 ### Demo mode
-When the file `data/demo.txt` exists, the application will work in a demo mode which means authentication is disabled and some demo data will be generated during the database schema migration.
+When the `MODE` setting is set to `dev`, `demo` or `prerelease`, the application will work in a demo mode which means authentication is disabled and some demo data will be generated during the database schema migration.
 
 ### Embedded mode
 When the file `embedded.txt` exists, it must contain a valid and writable path which will be used as the data directory instead of `data` and authentication will be disabled (used in [grocy-desktop](https://github.com/grocy/grocy-desktop)).
@@ -100,15 +123,21 @@ Any help is more than appreciated. Feel free to pick any open unassigned issue a
 
 See https://grocy.info/#say-thanks for more ideas if you just want to say thanks.
 
+## Roadmap
+There is none. The progress of a specific bug/enhancement is always tracked in the corresponding issue, at least by commit comment references.
+
 ## Screenshots
-#### Dashboard
-![Dashboard](https://github.com/grocy/grocy/raw/master/publication_assets/dashboard.png "Dashboard")
+#### Stock overview
+![Stock overview](https://github.com/grocy/grocy/raw/master/.github/publication_assets/stock.png "Stock overview")
 
-#### Purchase - with barcode scan
-![Purchase - with barcode scan](https://github.com/grocy/grocy/raw/master/publication_assets/purchase-with-barcode.gif "purchase-with-barcode")
+#### Shopping List
+![Shopping List](https://github.com/grocy/grocy/raw/master/.github/publication_assets/shoppinglist.png "Shopping List")
 
-#### Consume - with manual search
-![Consume - with manual search](https://github.com/grocy/grocy/raw/master/publication_assets/consume.gif "consume")
+#### Meal Plan
+![Meal Plan](https://github.com/grocy/grocy/raw/master/.github/publication_assets/mealplan.png "Meal Plan")
+
+#### Chores overview
+![Chores overview](https://github.com/grocy/grocy/raw/master/.github/publication_assets/chores.png "Chores overview")
 
 ## License
 The MIT License (MIT)

app.php

@@ -1,37 +1,10 @@
 <?php
 
-use \Psr\Http\Message\ServerRequestInterface as Request;
-use \Psr\Http\Message\ResponseInterface as Response;
-
-use \Grocy\Helpers\UrlManager;
-use \Grocy\Controllers\LoginController;
-
-// Definitions for embedded mode
-if (file_exists(__DIR__ . '/embedded.txt'))
-{
-	define('GROCY_IS_EMBEDDED_INSTALL', true);
-	define('GROCY_DATAPATH', file_get_contents(__DIR__ . '/embedded.txt'));
-	define('GROCY_USER_ID', 1);
-}
-else
-{
-	define('GROCY_IS_EMBEDDED_INSTALL', false);
-	define('GROCY_DATAPATH', __DIR__ . '/data');
-}
-
-// Definitions for demo mode
-if (file_exists(GROCY_DATAPATH . '/demo.txt'))
-{
-	define('GROCY_IS_DEMO_INSTALL', true);
-	if (!defined('GROCY_USER_ID'))
-	{
-		define('GROCY_USER_ID', 1);
-	}
-}
-else
-{
-	define('GROCY_IS_DEMO_INSTALL', false);
-}
+use Grocy\Controllers\LoginController;
+use Grocy\Helpers\UrlManager;
+use Grocy\Middleware\CorsMiddleware;
+use Psr\Container\ContainerInterface as Container;
+use Slim\Factory\AppFactory;
 
 // Load composer dependencies
 require_once __DIR__ . '/vendor/autoload.php';
@@ -40,6 +13,13 @@ require_once __DIR__ . '/vendor/autoload.php';
 require_once GROCY_DATAPATH . '/config.php';
 require_once __DIR__ . '/config-dist.php'; // For not in own config defined values we use the default ones
 
+// Definitions for dev/demo/prerelease mode
+if ((GROCY_MODE === 'dev' || GROCY_MODE === 'demo' || GROCY_MODE === 'prerelease') && !defined('GROCY_USER_ID'))
+{
+	define('GROCY_USER_ID', 1);
+	define('GROCY_SHOW_AUTH_VIEWS', true);
+}
+
 // Definitions for disabled authentication mode
 if (GROCY_DISABLE_AUTH === true)
 {
@@ -47,34 +27,51 @@ if (GROCY_DISABLE_AUTH === true)
 	{
 		define('GROCY_USER_ID', 1);
 	}
+
+	define('GROCY_SHOW_AUTH_VIEWS', false);
 }
 
 // Setup base application
-$appContainer = new \Slim\Container([
-	'settings' => [
-		'displayErrorDetails' => true,
-		'determineRouteBeforeAppMiddleware' => true
-	],
-	'view' => function($container)
-	{
-		return new \Slim\Views\Blade(__DIR__ . '/views', GROCY_DATAPATH . '/viewcache');
-	},
-	'LoginControllerInstance' => function($container)
-	{
-		return new LoginController($container, 'grocy_session');
-	},
-	'UrlManager' => function($container)
-	{
-		return new UrlManager(GROCY_BASE_URL);
-	},
-	'ApiKeyHeaderName' => function($container)
-	{
-		return 'GROCY-API-KEY';
-	}
-]);
-$app = new \Slim\App($appContainer);
+AppFactory::setContainer(new DI\Container());
+$app = AppFactory::create();
+
+$container = $app->getContainer();
+$container->set('view', function (Container $container) {
+	return new Slim\Views\Blade(__DIR__ . '/views', GROCY_DATAPATH . '/viewcache');
+});
+$container->set('UrlManager', function (Container $container) {
+	return new UrlManager(GROCY_BASE_URL);
+});
+$container->set('ApiKeyHeaderName', function (Container $container) {
+	return 'GROCY-API-KEY';
+});
 
 // Load routes from separate file
 require_once __DIR__ . '/routes.php';
 
+// Set base path if defined
+if (!empty(GROCY_BASE_PATH))
+{
+	$app->setBasePath(GROCY_BASE_PATH);
+}
+
+if (GROCY_MODE === 'production' || GROCY_MODE === 'dev')
+{
+	$app->add(new \Grocy\Middleware\LocaleMiddleware($container));
+}
+else
+{
+	define('GROCY_LOCALE', GROCY_DEFAULT_LOCALE);
+}
+
+$authMiddlewareClass = GROCY_AUTH_CLASS;
+$app->add(new $authMiddlewareClass($container, $app->getResponseFactory()));
+// Add default middleware
+$app->addRoutingMiddleware();
+$errorMiddleware = $app->addErrorMiddleware(true, false, false);
+$errorMiddleware->setDefaultErrorHandler(
+	new \Grocy\Controllers\ExceptionController($app, $container)
+);
+
+$app->add(new CorsMiddleware($app->getResponseFactory()));
 $app->run();

changelog/54_2.5.2_2019-10-05.md

@@ -0,0 +1,15 @@
+### Stock fixes
+- Fixed that product specific quantity unit conversions (product overrides) were also displayed on the product edit page of other products with the same stock quantity unit
+
+### Recipe fixes
+- Fixed that recipes were displayed without ingredients if the total recipe count was > 100
+
+### Shopping list improvements
+- Added a new sub feature flag `FEATURE_FLAG_SHOPPINGLIST_MULTIPLE_LISTS` to disable multiple shopping lists if you only need one (defaults to `true`, so no changed behavior when not configured)
+
+### Chores improvements
+- Added a new period type "yearly" (for yearly schedules)
+- Added a "period interval" option per chore to have more flexible schedules (possible for the daily/weekly/monthly/yearly schedules, means "schedule this chore only every x days/weeks/months" to have for example biweekly schedules)
+
+### General & other improvements
+- New Input shorthands for date fields to increase/decrease the date by 1 month/year (shift + arrow keys, see the full list [here](https://github.com/grocy/grocy#input-shorthands-for-date-fields))

changelog/55_2.6.0_2020-01-31.md

@@ -0,0 +1,85 @@
+### New feature: Transfer products between locations and edit stock entries
+- New menu entry in the sidebar to transfer products (or as a shortcut in the more/context menu per line on the stock overview page)
+- New button "Stock entries" in the header of the stock overview page (or as a shortcut in the more/context menu per line) to show the detail stock entries behind each product
+  - From there you can also edit the stock entries
+- (A huge THANK YOU goes to @kriddles for the work on this feature)
+
+### New feature: Scan mode
+- Just scan one product after another, no manual input required and audio feedback is provided
+- New switch-button on the purchase and consume page
+- When enabled
+  - The amount will always be filled with `1` after changing/scanning a product
+  - If all fields could be automatically populated (means for purchase the product has a default best before date set), the transaction is automatically submitted
+    - If not, a warning is displayed and you can fill in the missing information
+  - Audio feedback is provided after scanning and on success/error of the transaction
+- => Quick video demo: https://www.youtube.com/watch?v=83dm9iD718k
+
+### New feature: Self produced products
+- To a recipe a product can be attached
+  - This products needs a "Default best before date"
+- On using "Consume all ingredients needed by this recipe" and when it has a product attached, one unit of that product (per serving in purchase quantity unit) will be added to stock (with the proper price based on the recipe ingredients)
+- (Thanks @kriddles for the initial work on this)
+
+### New feature: Freeze/Thaw products
+- New product options "Default best before days after freezing/thawing" to set how the best before date should be changed on freezing/thawing
+- New location option "Is freezer" to indicate if the location is a freezer
+- => When moving a product from/to a freezer location, the best before date is changed accordingly
+- There is also a new sub feature flag `FEATURE_FLAG_STOCK_PRODUCT_FREEZING` to disable this if you don't need it (defaults to `true`)
+
+### Stock improvements/fixes
+- The productcard gets now also refreshed after a transaction was posted (purchase/consume/etc.) (thanks @kriddles)
+- The product field calories (kcal) now also allows decimal numbers
+- On the inventory page, "New amount" is now prefilled with the current stock amount of the selected product
+- Fixed that entering partial amounts was not possible on the inventory page (only applies if the product option "Allow partial units in stock" is enabled)
+- Fixed that on purchase a wrong minimum amount was enforced for products with enabled tare weight handling in combination with different purchase/stock quantity units
+- Fixed that the productcard did not load correctly when `FEATURE_FLAG_STOCK_LOCATION_TRACKING` was set to `false` (thanks @kriddles)
+- Fixed that the "Add as barcode to existing product" workflow did not work twice when not switching the page inbetween
+
+### Shopping list improvements/fixes
+- Added a compact view to have a better shopping list for shopping trips (new button "Compact view" in the header, additionally this is automatically enabled on mobile devices / when screen width is < 768 px)
+- It's now possible to filter for only undone (not striked through) items (new option in the "Filter by status" dropdown)
+- Fixed that when `FEATURE_FLAG_SHOPPINGLIST_MULTIPLE_LISTS` was set to `false`, the shopping list appeared empty after some actions
+
+### Recipe improvements
+- When consuming a recipe and if an ingredient is not in stock, but that product has any subproduct which is in stock, this gets now consumed (before consuming was not possible in that case)
+- When adding or editing a recipe ingredient, a dialog is now used instead of switching between pages (thanks @kriddles)
+
+### Meal plan improvements/fixes
+- It's now possible to add notes per day (in the dropdown of the add button in the header of each day column)
+- It's now possible to products directly (also in the dropdown of the add button in the header of each day column, maybe useful in combination with the new "Self produced products" feature)
+- Added that the calories per serving are now also shown
+- Added that the total costs and calories per day are displayed in the header of each day column
+- Added a new `config.php` setting `MEAL_PLAN_FIRST_DAY_OF_WEEK` which can be used to start the meal plan on a different day (defaults to `CALENDAR_FIRST_DAY_OF_WEEK`, so no changed behavior when not configured)
+- Fixed that when `FEATURE_FLAG_STOCK_PRICE_TRACKING` was set to `false`, prices were still shown (thanks @kriddles)
+- Fixed that the week costs were missing for the weeks 1 - 9 of a year
+
+### Calendar improvements
+- Improved that meal plan events in the iCal calendar export now contain a link to the appropriate meal plan week in the body of the event (thanks @kriddles)
+
+### Task fixes
+- Fixed that a due date was required when editing an existing task
+
+### API improvements/fixes
+- The endpoint `/stock` now includes also the product object itself (new field/property `product`) (thanks @gsacre)
+- The endpoint `/stock/products/{productId}/entries` can now include stock entries of child products (if the given product is a parent product and in addition to the ones of the given product) - new query parameter `include_sub_products` (defaults to `false` so no changed behavior when not supplied)
+- New endpoints for the new stock transfer & stock entry edit capabilities
+- Fixed that the route `/stock/barcodes/external-lookup/{barcode}` did not work, because the `barcode` argument was expected as a route argument but the route was missing it (thanks @Mikhail5555 and @beetle442002)
+- Fixed the response type description of the `/stock/volatile` endpoint
+
+### General & other improvements/fixes
+- It's now possible to keep the screen on always or when a "fullscreen-card" (e. g. used for recipes) is displayed
+  - New user options in the display settings menu in the top right corner (defaults to disabled)
+- Slightly optimized table loading & search performance (thanks @lwis)
+- Added that the currently active sidebar menu item is always in view
+- Reordered the sidebar menu items a little bit, grouped them by borders and made them a little smaller to waste less space
+- Changed/removed some animations (and replaced jQuery UI by [Animate.css](https://daneden.github.io/animate.css/)) to improve responsiveness
+- Fixed that also the first column (where in most tables only buttons/menus are displayed) in tables was searched when using the general search field
+- Fixed that the meal plan menu entry (sidebar) was not visible when the calendar was disabled (`FEATURE_FLAG_CALENDAR`) (thanks @lwis)
+- For integration: If a `GET` parameter `closeAfterCreation` is passed to the product edit page, the window will be closed on save (due to Browser restrictions, this only works when the window was opened from JavaScript) (thanks @Forceu)
+- Fixed that the `update.sh` file had wrong line endings (DOS instead of Unix)
+- Internal change: Demo mode is now handled via the setting `MODE` instead of checking the existence of the file `data/demo.txt`
+- There is now a RSS feed for the changelog, subscribe to get notified about new releases: https://grocy.info/changelog/feed
+- New translations: (thanks all the translators)
+  - Hungarian (demo available at https://hu.demo.grocy.info)
+  - Portuguese (Brazil) (demo available at https://pt-br.demo.grocy.info)
+  - Slovak (demo available at https://sk.demo.grocy.info)

changelog/56_2.6.1_2020-03-06.md

@@ -0,0 +1,49 @@
+## !! Important notice
+If you run grocy in a subdirectory, you need to set a new `config.php` setting (`BASE_PATH`, see `config-dist.php`)
+
+### Stock fixes
+- Fixed purchase/consume/inventory problems when `FEATURE_FLAG_STOCK_LOCATION_TRACKING` was set to `false`
+- Fixed that products on the Location Content Sheet were not ordered by the product name
+
+### Shopping list improvements/fixes
+- Added an option to hide the month-calendar (in the shopping list settings / top right corner settings menu) (defaults to disabled, so please enable this option if you still want to have the month-calendar on the shopping list)
+- Optimized the new compact view (there was a little too much white space at the sides of the page)
+- Added an option to not switch to the new compact view on mobile devices automatically (in the shopping list settings / top right corner settings menu) (defaults to `false`, so no changed behavior when not configured) (thanks @Forceu)
+- Fixed that the "Shopping list to stock workflow" did not work when `FEATURE_FLAG_STOCK_BEST_BEFORE_DATE_TRACKING` was set to `false`
+
+### Recipe improvements/fixes
+- Optimized the ordering of the inputs on the recipe ingredient edit page (moved "Only check if a single unit is in stock" before the amount)
+- Variable ingredient amounts are now marked accordingly on the renedered recipe
+- After selecting a recipe on mobile devices, the page now automatically scrolls to the recipe card
+- Added the recipes base servings to be displayed on the recipe card and properly named the servings column in the recipes list/table (thanks @kriddles)
+- Added that recipe ingredients can now also be displayed grouped by the products product group (additionally to the ingredient group, new option in the recipes settings / top right corner settings menu) (defaults to `false`, so no changed behavior when not configured) (thanks @kriddles)
+- Fixed that when editing a recipe ingredient which had "Only check if a single unit is in stock" set, not any quantity unit could be picked and the amount stayed empty
+- Fixed that when reloading the "new recipe"-page (or when it gets auto-reloaded due to "Auto reload on external changes" is enabled), for each reload a new recipe was created
+- Fixed that the recipe "fullscreen card" was not correctly displayed
+- Fixed that nested recipes showed all ingredients of the nested recipes twice
+- Fixed that when displaying or consuming a recipe from the meal plan the serving amount was maybe wrong (was the one from the recipe instead the one from the meal plan entry) (thanks @kriddles)
+- Fixed that the stock fulfillment counts on the recipe card were maybe wrong if that recipe was also added to the meal plan (thanks @kriddles)
+- Fixed that the recipe page was reloaded when expanding a collapsed row on mobile (thanks @Mikhail5555)
+
+### Meal plan improvements
+- Improved that all add-dialogs can be submitted by using `ENTER` and that the next input is automatically selected after selecting a recipe/product
+- Added an edit button to all types of meal plan entries
+- When adding a recipe, the serving amount is now prefilled with the one of the selected recipe (thanks @kriddles)
+- Fixed that the meal plan not used the full height on mobile devices
+
+### Calendar fixes
+- Fixed to only include events when the corresponding feature flag is enabled (e. g. don't show expiring products when `FEATURE_FLAG_STOCK_BEST_BEFORE_DATE_TRACKING` is set to `false`) (thanks @kriddles)
+- Fixed that the calendar not used the full height on mobile devices
+
+### API improvements/fixes
+- The endpoint `/chores` now also includes the chore name (new field `chore_name`) (thanks @DarienFord)
+
+### General & other improvements/fixes
+- Big backend performance improvements (thanks @zebardy)
+- Added a button to enable the device flash light on the camera barcode scanner popup (thanks @radim-ek)
+- Optimized the top navbar height and overall spacing to waste less space
+- Replaced the scan-mode-switch-button by a native button because it's less disturbing
+- Fixed that the "contextual time ago" of date/time pickers was not displayed
+- New translations: (thanks all the translators)
+  - Czech (demo available at https://cs.demo.grocy.info)
+  - Portuguese (Portugal) (demo available at https://pt-pt.demo.grocy.info)

changelog/57_2.6.2_2020-04-03.md

@@ -0,0 +1 @@
+Security fix (see [#696](https://github.com/grocy/grocy/issues/696))

changelog/58_2.7.0_2020-04-16.md

@@ -0,0 +1,66 @@
+### New feature: Price history per store
+- Define stores under master data
+- New product option to set the default store
+- Track on purchase/inventory in which store you bought the product (gets prefilled by the last store you purchased the product, or the default store of the product if you never bought it)
+- => The price history chart on the product card shows a line per store
+- (Thanks @immae and @kriddles)
+
+### Stock improvements/fixes
+- When creating a new product, the "QU id stock" is now preset by the "QU id purchase" (because most of the time that's most probably the same) (thanks @Mik-)
+- Clarified the row-button colors and toolips on the stock entries page
+- Added a camera-barcode-scanning-button to the barcode(s) field on the product edit page to be able to also scan barcodes by the device camera there
+- Added a new option (stock settings / top right corner settings menu) to show an icon on the stock overview if the product is already on the shopping list (next to the amount) (defaults to enabled)
+- Fixed that the aggregated parent product amount (displayed on the stock overview page and on the product card) did not respect quantity unit conversions when the parent/sub products had different stock quantity units (the unit conversion needs to be globally defined, or as an override on the sub product)
+- Fixed the conversion factor hint to display also decimal places on the purchase page (only displayed when the product has a different purchase/stock quantity unit)
+- Fixed that the stock entries page was broken when there were product userfields defined with enabled "Show as column in tables"
+- Fixed that best before dates were displayed on the stock overview and stock entries page even with disabled `FEATURE_FLAG_STOCK_BEST_BEFORE_DATE_TRACKING`
+- Fixed that when editing a stock entry and setting a decimal amount, the decimal part was ignored (only possible when the product option "Allow partial units in stock" is enabled)
+- Fixed that "Default best before days" and "Default best before days after opened" on the product edit page were always shown regardless of the feature flags `FEATURE_FLAG_STOCK_BEST_BEFORE_DATE_TRACKING` and `FEATURE_FLAG_STOCK_PRODUCT_OPENED_TRACKING`
+- Fixed that the form validation limits for the amount input and products with enabled tare weight handling were wrong
+- Fixed that the price was saved wrong for products with a different purchase/stock quantity unit when using "Total price" on purchase (resulted for example in wrong recipe costs)
+- Fixed that undoing "product-opened"-actions was not possible
+- Fixed/improved consuming from the stock overview page for products with enabled tare weight handling ("consume 1" button is now disabled for such products, "consume all" works again)
+
+### Shopping list improvements/fixes
+- It's now possible to collapse/expand the product group sections (by clicking on the grey group header)
+- Fixed that the "shopping list to stock workflow"-dialog was not visible in compact view
+- Fixed that when printing the shopping list, configured userfields were not included
+
+### Recipe fixes
+- Fixed that when editing an ingredient with "Only check if a single unit is in stock" set, the quantity unit was always set to the products stock quantity unit regardless if a different one was selected for that ingredient
+- Fixed a PHP notice on the recipes page when there are no recipes (thanks @mrunkel)
+
+### Chores fixes
+- Fixed that weekly chores, where the next execution should be in the same week, were scheduled always for the next week only
+
+### Calendar fixes
+- Fixed that the "Share/Integrate calendar (iCal)" button did not work (thanks @tsia)
+
+### API improvements/fixes
+- New endpoint `/user/settings` to get all user settings of the currently logged in user (key/value pairs)
+- New endpoint `/system/config` to get all config settings (`config.php`) (key/value pairs)
+- The endpoint `/stock/products/{productId}/locations` now also returns the current stock amount of the product in that loctation (new field/property `amount`) (thanks @Forceu)
+- The endpoints `/objects/{entity}` and `/objects/{entity}/{objectId}` now also include/return userfields of the object(s) (new field/property `userfields` per object, key/value pairs or `null`, when the object has no userfields)
+- Fixed that CORS was broken (there was no response to preflight OPTIONS requests)
+
+### General & other improvements/fixes
+- Optimized that sometimes the corresponding form was not validated when selecting a date from the datetimepicker
+- New `config.php` setting `FEATURE_FLAG_STOCK_BEST_BEFORE_DATE_FIELD_NUMBER_PAD` which activates the number pad for best-before-date fields on (supported) mobile browsers (useful because of [shorthands](https://github.com/grocy/grocy#input-shorthands-for-date-fields)) (defaults to `true`) (thanks @Mik-)
+- Enhancements for the camera barcode scanner
+  - Torch / light improvements (thanks @Mik-)
+    - The light button is only displayed when the device has a flash light
+    - New `config.php` setting `FEATURE_FLAG_AUTO_TORCH_ON_WITH_CAMERA` to always enable the flash light automatically
+  - It's now possible to change the camera when the device has more than one (dropdown in the camera scanning dialog, only visible if there is more than one camera available) (thanks @MichaelMadsen)
+  - Replaced [QuaggaJS](https://github.com/serratus/quaggaJS) (seems to be unmaintained) by [Quagga2](https://github.com/ericblade/quagga2)
+  - New user setting `quagga2_numofworkers` (`config.php`) to make the Quagga2 setting "numOfWorkers" adjustable (defaults to `4`)
+  - Various display/CSS improvements (thanks @Mik-)
+- Prerequisites (PHP extensions, critical files/folders) will now be checked and properly reported if there are problems (thanks @Forceu)
+- Improved the the overview pages on mobile devices (main column was hidden) (thanks @Mik-)
+- The general search field now searches accent insensitive (and table sorting is also accent insensitive)
+- Fixed that all number inputs are always prefilled in the browser locale number format
+- Optimized the handling of settings provided by `data/settingoverrides` files (thanks @dacto)
+- Optimized the update script (`update.sh`) to create the backup tar archive before writing to it (was a problem on Btrfs file systems) (thanks @shane-kerr)
+- Fixed (again) that the `update.sh` file had wrong line endings (DOS instead of Unix)
+- New translations: (thanks all the translators)
+  - Japanese (demo available at https://ja.demo.grocy.info)
+  - Chinese (Taiwan) (demo available at https://zh-tw.demo.grocy.info)

changelog/59_2.7.1_2020-04-17.md

@@ -0,0 +1,2 @@
+- Fixed that camera barcode scanning was broken
+- Fixed that the new prerequisites check handled things incorrectly in Docker images and in embedded mode

changelog/60_3.0.0_2020-12-22.md

@@ -0,0 +1,271 @@
+> ⚠️ The major version bump is due to breaking API changes, please see below if you use the API
+
+### New feature: Use any product related quantity unit anywhere
+- Finally it's possible to use any product related quantity unit on any page
+- Products still have one quantity unit stock and one (default) quantity unit purchase, but any QU, which has a direct or indirect conversion for that product, can be used to pick an amount
+  - Because the stock quantity unit is now the base for everything, it cannot be changed after the product was once added to stock (for now, maybe there will be a possibilty to change it in a future release)
+
+### New feature: Prefill purchase data by barcodes
+- Imagine you buy for example eggs in different pack sizes and they have different barcodes
+- Each product barcode can be assigned an amount, quantity unit and store (on the product edit page), which is then automatically prefilled on the purchase page
+- Additionally, the last price per barcode will be tracked and prefilled as a "Total price" on purchase
+- (Thanks @kriddles for the initial work on this)
+
+### New feature: User permissions
+- Users can now have permissions, can be configured per user on the "Manage users" page (lock icon)
+- Default permissions for new users can be set via a new `config.php` setting `DEFAULT_PERMISSIONS` (defaults to `ADMIN`, so no changed behavior when not configured)
+- All currently existing users will get all permissions (`ADMIN`) during the update/migration
+- Creating API keys on the "Manage API keys"-page (top right corner settings menu) now requires the `ADMIN` permission
+  - Other users only see their API keys on that page
+- (Thanks @fipwmaqzufheoxq92ebc for the initial work on this)
+
+### New feature: External authentication support
+- New `config.php` setting `AUTH_CLASS` to change the used authentication provider
+- Via LDAP
+  - New `config.php` settings `LDAP_DOMAIN`, `LDAP_ADDRESS` and `LDAP_BASE_DN`
+  - If you set `AUTH_CLASS` to `Grocy\Middleware\LdapAuthMiddleware`, users will be authenticated against your directory (and will also be created (in grocy), if not already present)
+- Via a reverse proxy
+  - New `config.php` setting `REVERSE_PROXY_AUTH_HEADER`
+  - If you set `AUTH_CLASS` to `Grocy\Middleware\ReverseProxyAuthMiddleware` and your reverse proxy sends a username in the HTTP header `REMOTE_USER` (header name can be changed by the setting `REVERSE_PROXY_AUTH_HEADER`), the user is automatically authenticated (and will also be created (in grocy), if not already present)
+  - (Thanks @fipwmaqzufheoxq92ebc for the initial work on this)
+
+### Stock improvements/fixes
+- Changes about best before dates: It's now possible to distinguish between best before dates and expiration dates:
+  - New product option "Due date type" (defaults to "Best before date")
+  - Wording changes:
+    - All current places where "Best before date" was used now use "Due date"
+    - Products with `Due date type = Best before date` (so all existing products) are "due" or "overdue" (they don't "expire" or are "expired")
+    - Products with `Due date type = Expiration date` (new option) can "expire" or are "expired"
+  - Color changes:
+    - Products which are due soon or expire soon are (still) highlighted in yellow
+    - Products which are overdue are highlighted in grey (there is also a new filter button on the stock overview page for them)
+    - Products which are expired (new option) are highlighted in red
+- When creating a quantity unit conversion it's now possible to automatically create the inverse conversion (thanks @kriddles)
+- The product option "Allow partial units in stock" was removed, partial amounts are now possible by default for all products
+- On purchase there is now a warning shown, when the due date of the purchased product is earlier than the next due date in stock (enabled by default, can be disabled by a new stock setting (top right corner settings menu))
+- The amount to be used for the "quick consume/open buttons" on the stock overview page can now be configured per product (new product option "Quick consume amount", defaults to 1)
+  - This "Quick consume amount" can optionally also be used as the default on the consume page (new stock setting / top right corner settings menu)
+- Products can now be duplicated (new dropdown menu item on the products list page, all fields will be preset from the copied product, except the name)
+- Products can now be merged (new dropdown menu item on the products list page)
+  - Useful if you have two products which are basically the same and want to replace all occurrences of one with the other one
+- When consuming or opening a parent product, which is currently not in stock, any in-stock sub product will now be consumed/opened (like already automatically done when consuming recipes)
+- Opened stock entries get now consumed first by default when no specific stock entry is used/selected
+  - So the default consume rule is now "Opened first, then first due first, then first in first out"
+- Optimized/clarified what the total/unit price on the purchase page is (thanks @kriddles)
+- On the purchase page the amount field is now displayed above/before the due date for better `TAB` handling (thanks @kriddles)
+- Changed that when `FEATURE_FLAG_STOCK_BEST_BEFORE_DATE_TRACKING` is disabled, products now get internally a due date of "never overdue" (aka `2999-12-31`) instead of today (thanks @kriddles)
+- Products can now be disabled to keep the history/journal, but hide it everywhere, without deleting it (new product option "Active", deleting a product now explicitly also deletes its journal and all other references) (thanks @kriddles for the initial work on this)
+- Products can now be hidden from the stock overview page, even if they are in-stock (new product option "Never show on stock overview", disabled by default, so no changed behavior when not configured)
+  - That's maybe useful for parent products you only use as a kind of "container"
+- The due date is now also prefilled on the inventory page based on the products "Default due days" (was only done on the purchase page before)
+- On the stock journal page, it's now visible if a consume-booking was spoiled
+- It's now tracked who made a stock change (currently logged in user, visible on the stock journal page) (thanks @fipwmaqzufheoxq92ebc)
+- Product edit page improvements ("Save & continue" button, deleting and adding a product picuture is now possible in one go) (thanks @Ma27)
+- For products with tare weight handling enabled, it's now optionally possible to consume a fixed/exact amount (just like for "normal" products) in case you don't want to weigh the whole container this time (new checkbox on the consume page) (thanks @fipwmaqzufheoxq92ebc)
+- The stock overview page now also shows the value - new column and also the total value in the header (thanks @kriddles)
+- It's now possible to set a custom purchased date on purchase (new field on the purchase and inventory page, hidden by default - enable it by a new stock setting (top right corner settings menu)) (thanks @kriddles)
+- The decimal places for all amount and price inputs can now be configured (stock settings / top right corner settings menu, default for amounts is `4`, for prices `2`)
+- When clicking the product name on the shopping list, the product card will now be displayed (like on the stock overview page) (thanks @kriddles)
+- On the product card there is now also a button to jump directly to the stock entries of the corresponding product (thanks @kriddles)
+- The product picker workflows can now also be started by `ENTER` (additionally to `TAB`)
+- Added a "retry camera barcode scan" button (button with camera icon, shortcut `C`) to the product picker workflow dialog
+- Added more filters on the stock journal page
+- Added a grouped/summarized stock journal (new button "Journal summary" at the top of the stock journal page) (thanks @fipwmaqzufheoxq92ebc)
+  - Provides an overview of summarized transactions per product, transaction type and user + summarized amount
+- The product option "Default due days after freezing" now also supports `-1` (like the option "Default due days") to set the product to "never due" on freezing
+- Fixed that changing the products "Factor purchase to stock quantity unit" not longer messes up historical prices (which results for example in wrong recipe costs) (thanks @kriddles)
+- Fixed that when adding products through a product picker workflow and when the created products contains special characters, the product was not preselected on the previous page (thanks @Forceu)
+- Fixed that when editing a product the default store was not visible / always empty regardless if the product had one set (thanks @kriddles)
+- Fixed that `FEATURE_SETTING_STOCK_COUNT_OPENED_PRODUCTS_AGAINST_MINIMUM_STOCK_AMOUNT` (option to configure if opened products should be considered for minimum stock amounts) was not handled correctly (thanks @teddybeermaniac)
+- Fixed that the "Due soon" sum (yellow filter button) on the stock overview page didn't include products which are due today (thanks @fipwmaqzufheoxq92ebc)
+- Fixed that the shopping cart icon on the stock overview page was also shown if the product was on an already deleted shopping list (if enabled) (thanks @fipwmaqzufheoxq92ebc)
+- Fixed that when editing a stock entry without a price, the price field was prefilled with `1`
+- Fixed that the location & product groups filter on the stock overview page used a contains search instead of an exact search
+- Fixed that the amount on the success popup was wrong when consuming a product with "Tare weight handling" enabled
+- Fixed that the aggregated amount of parent products was wrong on the stock overview page when the child products had not the same stock quantity units
+- Fixed that edited stock entries were not considered for the price history chart on the product card
+- Fixed that `FEATURE_FLAG_STOCK_BEST_BEFORE_DATE_TRACKING` is set to `false`, the purchase page validation failed (thanks @fipwmaqzufheoxq92ebc)
+- Fixed that consuming (and editing the amount of) products with enabled tare weight handling did not work on the stock entries page
+- Fixed that the recipes dropdown on the consume page also displayed internal recipes (thanks @kriddles)
+- Fixed that opening tare weight handling enabled products is prevented via the UI and the API (as this makes no sense)
+- Fixed that undoing a consume transaction of an opened item added it back to stock unopened
+- Fixed that a "Total price" on purchase was not handled correctly for tare weight handling enabled products (the total price was wrongly related to the amount including the tare weight)
+
+### Shopping list improvements
+- Added a button to add all currently in-stock but overdue and expired products to the shopping list (thanks @m-byte)
+- Improved that when `FEATURE_FLAG_STOCK` is disabled, all product/stock related inputs and buttons are now hidden on the shopping list page (thanks @fipwmaqzufheoxq92ebc)
+- Shopping list items can now have their own Userfields (entity `shopping_list`), on the shopping list table those fields are rendered additionally to the product Userfields
+- The print view is now configurable (new dialog before printing - option to hide header, group products by their product group, alternative list layout)
+- Fixed that "Add products that are below defined min. stock amount" always rounded up the missing amount to an integral number, this now allows decimal numbers
+
+### Recipe improvements/fixes
+- It's now possible to print recipes (button next to the recipe title) (thanks @zsarnett)
+- Changed that recipe costs are now based on the costs of the products picked by the default consume rule ("Opened first, then first due first, then first in first out") (thanks @kriddles)
+  - Recipe costs were based on the last purchase price per product before, so this now better reflects the current real costs
+- Improved the recipe add workflow (a recipe called "New recipe" is now not automatically created when starting to add a recipe) (thanks @zsarnett)
+- On the recipe page, the calories and costs per ingredient are now shown to get a better overview of how much each ingredient contributed
+- Fixed that images on the recipe gallery view were not scaled correctly on larger screens (thanks @zsarnett)
+- Fixed that decimal ingredient amounts maybe resulted in wrong conversions or truncated decimal places if your locale does not use a dot as the decimal separator (thanks @m-byte)
+- Fixed that a recipe cannot be included in itself (because this will cause an infinite loop) (thanks @fipwmaqzufheoxq92ebc)
+- Fixed that when editing a recipe ingredient the checkbox "Disable stock fulfillment checking for this ingredient" was not initaliased with the saved value
+- Fixed that the status filter ("Enough in stock", etc.) on the recipes page did not filter recipes on the gallery tab (thanks @fipwmaqzufheoxq92ebc)
+- Fixed that consuming a recipe ingredient with tare weight handling enabled consumed a wrong amount (thanks @fipwmaqzufheoxq92ebc)
+- Fixed that consuming a parent product recipe ingredient did not consider quantity unit conversion when effectively consuming a child product
+
+### Meal plan fixes
+- Fixed that for products the quantity unit purchase was displayed instead of the products quantity unit stock (thanks @BenoitAnastay)
+
+### Chores improvements/fixes
+- Chores can now be disabled to keep the history/journal, but hide it everywhere, without deleting it (new chore option "Active", deleting a chore now explicitly also deletes its journal and all other references)
+- Changed that not assigned chores on the chores overview page display now just a dash instead of an ellipsis in the "Assigned to" column to make this more clear (thanks @Germs2004)
+- The assignment type "Random" now don't prevents anymore that the last user will be assigned next
+- Fixed (again) that weekly chores, where the next execution should be in the same week, were scheduled (not) always (but sometimes) for the next week only (thanks @shadow7412)
+- Fixed that the assignment type "In alphabetic order" did not work correctly (the last person in the list was always assigned next once reached) (thanks @fipwmaqzufheoxq92ebc)
+
+### Equipment improvements
+- There is now a button to download the instruction manual (next to the "expand to fullscreen"-button)
+
+### Calendar improvements/fixes
+- Events are now links to the corresponding page (thanks @zsarnett)
+- Fixed a PHP warning when using the "Share/Integrate calendar (iCal)" button (thanks @tsia)
+- Fixed that "Track date only"-chores were always displayed at 12am (are now displayed as all-day events)
+- Fixed that it was not possible to switch to an other view than the default one on mobile (thanks @PhyberApex)
+
+### Tasks improvements
+- Tasks don't need to unique anymore (name field)
+
+### Batteries improvements
+- Batteries can now be disabled to keep the history/journal, but hide it everywhere, without deleting it (new battery option "Active", deleting a battery now explicitly also deletes its journal and all other references)
+
+### Userfield improvements/fixes
+- New Userfield type "File" to attach any file, will be rendered as a link to the file in tables (if enabled) (thanks @fipwmaqzufheoxq92ebc)
+- New Userfield type "Picture" to attach a picture, the picture will be rendered (small) in tables (if enabled) (thanks @fipwmaqzufheoxq92ebc)
+- New Userfield type "Link (with title)" - a link with a title (two input fields), so that the title is rendered in tables (if enabled) instead of the link itself
+- Userfields can now be reordered on the input form (new field "Sort number" per Userfield, fields will be ordered by that number, if any)
+- Users can now also have Userfields
+
+### General & other improvements/fixes
+- UI refresh / style improvements (thanks @zsarnett for the idea and initial work on this)
+- Improved mobile views (thanks @4lloyd for the idea and initial work on this)
+  - The buttons on the top of each page and the filter row is now collapsed (use the ellipsis/filter button to show them, this also superseded the shopping list compact view)
+  - Tables are horizontally scrollable (instead of collapsing columns which don't fit)
+- All tables are now customizable (new little eye icon on the top left corner on each table)
+  - Table columns be shown/hidden
+    - There are also new columns on some pages, hidden by default
+      - Stock overview: Value, Product group, Calories, Last purchased, Last price, Min. stock amount
+      - Products list: Default store
+      - Shopping list: Last price (Unit), Last price (Total), Default store, Barcodes (as scannable code-image)
+  - Row grouping can be customized to use any available column (thanks @edenhaus)
+- Table states (visible columns, sorting, column order and so on) are now saved server side (in user settings) means that this stays the same when using different browsers
+- Dialogs are now used everywhere where appropriate instead of jumping between pages (for example when adding/editing shopping list items)
+- Added a "Clear filter"-button on all pages (with filters) to quickly reset applied filters
+- Users can now have a picture (will then be shown next to the current user name instead of the generic user icon)
+- Prefilled number inputs now use sensible decimal places (max. the configured decimals while hiding trailing zeros where appropriate, means if you never use partial amounts for a product, you'll never see decimals for it)
+- Improved / more precise validation messages for number inputs
+- Optimized what's hidden when `GROCY_FEATURE_FLAG_STOCK` is disabled
+  - Products, quantity units and product groups are possible to use now
+  - Means you can use for example the shopping list, recipes and the meal plan with products while the "stock handling part" is hidden
+- Ordering now happens case-insensitive
+- The data path (previously fixed to the `data` folder) is now configurable, making it possible to run multiple grocy instances from the same directory (with different `config.php` files / different database, etc.) (thanks @fgrsnau)
+  - Via an environment variable `GROCY_DATAPATH` (higher priority)
+  - Via an FastCGI parameter `GROCY_DATAPATH` (lower priority)
+- The language can now be set per user (see the new user settings page / top right corner settings menu) (thanks @fipwmaqzufheoxq92ebc)
+  - Additionally, the language is now also auto-guessed based on the browser locale (HTTP-Header `Accept-Language`)
+  - The `config.php` option `CULTURE` was renamed to `DEFAULT_LOCALE`
+  - So the used language is based on (in that order)
+    - The user setting
+    - If not set, then based on browser locale
+    - If no matching localizaton was found, `DEFAULT_LOCALE` from `config.php` is used
+- Performance improvements (page loading time) of the stock overview page (thanks @fipwmaqzufheoxq92ebc)
+- The prerequisites checker now also checks for the minimum required SQLite version (thanks @Forceu)
+- Replaced (again, added before in v2.7.0, then reverted in v2.7.1 due to some problems) [QuaggaJS](https://github.com/serratus/quaggaJS) (seems to be unmaintained) by [Quagga2](https://github.com/ericblade/quagga2)
+- More `config.php` settings (see the section `Component configuration for Quagga2`) to tweak Quagga2 (this is the component used for device camera for barcode scanning) (thanks @andrelam)
+- Some localization string fixes (thanks @duckfullstop)
+- Better error pages
+- Fixed that numeric and date-time sorting of table columns did not work correctly
+- Fixed that XSS / HTML injection was possible through some user input fields (low severity / not really a problem as this could not be abused unauthenticated)
+- New translations: (thanks all the translators)
+  - Greek (demo available at https://el.demo.grocy.info)
+  - Korean (demo available at https://ko.demo.grocy.info)
+  - Chinese (China) (demo available at https://zh-cn.demo.grocy.info)
+  - Tamil (demo available at https://ta.demo.grocy.info)
+  - Finnish (demo available at https://fi.demo.grocy.info)
+
+### API improvements/fixes
+- ⚠️ **Breaking changes**:
+  - All prices are now related to the products stock quantity unit (instead of the products purchase QU)
+  - All (product) amounts are now related to the products stock quantity unit (was related to the products purchase QU for the shopping list before)
+  - The product object no longer has a field `barcodes` with a comma separated barcode list, instead barcodes are now stored in a separate table/entity `product_barcodes` (use the existing "Generic entity interactions" endpoints to access them)
+  - The endpoint `/objects/{entity}/search` was removed (use the existing `/objects/{entity}` endpoint with new new filter capabilities mentioned below)
+  - The output / field names of `ProductDetailsResponse` have slightly changed (endpoint `/stock/products/{productId}`)
+  - Endpoint `/stock/volatile`
+    - The query parameter `expring_days` was renamed to `due_soon_days`
+    - The field `expiring_products` was renamed to `due_products`
+    - The field `expired_products` now only contains expired products (so them with `Due date type = Expiration date`)
+    - The new field `overdue_products` contains only overdue products (so them with `Due date type = Best before date`)
+  - The following endpoints now return all bookings of the transaction (so the response is now an array, was before a single stock booking - and a random one if the transaction affected multiple stock entries)
+    - PUT `/stock/entry/{entryId}`
+    - POST `/stock/products/{productId}/add`
+    - POST `/stock/products/{productId}/consume`
+    - POST `/stock/products/{productId}/transfer`
+    - POST `/stock/products/{productId}/inventory`
+    - POST `/stock/products/{productId}/open`
+    - POST `/stock/products/by-barcode/{barcode}/add`
+    - POST `/stock/products/by-barcode/{barcode}/consume`
+    - POST `/stock/products/by-barcode/{barcode}/transfer`
+    - POST `/stock/products/by-barcode/{barcode}/inventory`
+    - POST `/stock/products/by-barcode/{barcode}/open`
+    - (The response is the same as if you would fetch the stock transaction via `/stock/transactions/{transactionId}`)
+- For better integration (apps), it's now possible to show a QR-Code for API keys (thanks @fipwmaqzufheoxq92ebc)
+  - New QR-Code button on the "Manage API keys"-page (top right corner settings menu), the QR-Codes contains `<API-Url>|<API-Key>`
+  - And on the calendar page when using the button "Share/Integrate calendar (iCal)", there the QR-Codes contains the Share-URL (which is displayed in the textbox above)
+- The output of the following endpoints can now be filtered (by any field), ordered and paginated (thanks for the initial work on this @fipwmaqzufheoxq92ebc)
+  - `/objects/{entity}`
+  - `/stock/products/{productId}/entries`
+  - `/stock/products/{productId}/locations`
+  - `/recipes/fulfillment`
+  - `/users`
+  - `/tasks`
+  - `/chores`
+  - `/batteries`
+  - There are 4 new (optional) query parameters to utilize that
+    - `order` The field to order by (use the separator `:` to specify the sort order - `asc` or `desc`, defaults to `asc` when omitted)
+    - `limit` The maximum number of objects to return
+    - `offset` The number of objects to skip
+    - `query[]` An array of conditions, each of them is a string in the form of `<field><condition><value>`, where
+      - `<field>` is a field name
+      - `<condition>` is a comparison operator, one of
+        - `=` equal
+		- `!=` not equal
+        - `~` LIKE
+        - `!~` not LIKE
+        - `<` less
+        - `>` greater
+        - `<=` less or equal
+        - `>=` greater or equal
+        - `§` regular expression
+      - `<value>` is the value to search for
+- New endpoint `/stock/shoppinglist/add-overdue-products` to add all currently in-stock but overdue products to a shopping list (thanks @m-byte)
+- New endpoint `/stock/shoppinglist/add-expired-products` to add all currently in-stock but expired products to a shopping list
+- New endpoints GET/POST/PUT `/users/{userId}/permissions` for the new user permissions feature mentioned above
+- New endpoint `/user` to get the currently authenticated user
+- New endpoint DELETE `/user/settings/{settingKey}` to delete a user setting
+- New endpoint POST `/stock/products/{productIdToKeep}/merge/{productIdToRemove}` for the new product merging feature mentioned above
+- The following entities are now also available via the endpoint `/objects/{entity}` (only listing, no edit)
+  - `stock_log` (the stock journal)
+  - `stock` (the "raw" stock entries)
+  - `stock_current_locations` (info how much of each product is currently stored at which location)
+- Performance improvements of the `/stock/products/*` endpoints (thanks @fipwmaqzufheoxq92ebc)
+- The endpoint `/stock/products/{productId}/locations` now also has an optional query parameter `include_sub_products` to optionally also return locations of sub products of the given product
+- The following endpoints  now have an optional request body parameter `allow_subproduct_substitution` to consume/open any child product when the given product is a parent product and currently not in stock
+  - `/stock/products/{productId}/consume`
+  - `/stock/products/by-barcode/{barcode}/consume`
+  - `/stock/products/{productId}/open`
+  - `/stock/products/by-barcode/{barcode}/open`
+- Fixed that the endpoint `/objects/{entity}/{objectId}` always returned successfully, even when the given object not exists (now returns `404` when the object is not found) (thanks @fipwmaqzufheoxq92ebc)
+- Fixed that the endpoint `/stock/volatile` didn't include products which are due today (thanks @fipwmaqzufheoxq92ebc)
+- Fixed that the endpoint `/objects/{entity}` did not include Userfields for Userentities (so the effective endpoint `/objects/userobjects`)
+- Fixed that the endpoint `/stock/consume` returned the response code `200` and an empty response body when `stock_entry_id` was set (consuming a specific stock entry) but invalid (now returns the response code `400`) (thanks @fipwmaqzufheoxq92ebc)
+- Fixed that the endpoint `/user/settings/{settingKey}` didn't return the default setting if it was not configured for the current user (same behavior as the endpoint `/user/settings` now)
+- Endpoint `/calendar/ical`: Fixed that "Track date only"-chores were always set to happen at 12am (are treated as all-day events now)
+- Fixed (again) that CORS was broken

composer.json

@@ -1,14 +1,17 @@
 {
 	"require": {
 		"php": ">=7.2",
-		"slim/slim": "^3.12.2",
-		"morris/lessql": "^0.4.1",
+		"slim/slim": "^4.0",
+		"slim/psr7": "^1.0",
+		"slim/http": "^1.0",
+		"php-di/php-di": "^6.0",
 		"rubellum/slim-blade-view": "^0.1.1",
-		"tuupola/cors-middleware": "^1.0.0",
-		"eluceo/ical": "^0.15.1",
-		"erusev/parsedown": "^1.7.3",
-		"gettext/gettext": "^4.6.3",
-		"gumlet/php-image-resize": "^1.9.2"
+		"morris/lessql": "^0.4.1",
+		"gettext/gettext": "^4.8",
+		"eluceo/ical": "^0.16.0",
+		"erusev/parsedown": "^1.7",
+		"gumlet/php-image-resize": "^1.9",
+		"ezyang/htmlpurifier": "^4.13"
 	},
 	"autoload": {
 		"psr-4": {

config-dist.php

@@ -1,114 +1,169 @@
 <?php
 
-# Settings can also be overwritten in two ways
-#
-# First priority
-# A .txt file with the same name as the setting in /data/settingoverrides
-# the content of the file is used as the setting value
-#
-# Second priority
-# An environment variable with the same name as the setting and prefix "GROCY_"
-# so for example "GROCY_BASE_URL"
-#
-# Third priority
-# The settings defined here below
+// Settings can also be overwritten in two ways
+//
+// First priority
+// A .txt file with the same name as the setting in /data/settingoverrides
+// the content of the file is used as the setting value
+//
+// Second priority
+// An environment variable with the same name as the setting and prefix "GROCY_"
+// so for example "GROCY_BASE_URL"
+//
+// Third priority
+// The settings defined here below
 
-
-# Either "production", "dev", "demo" or "prerelease"
-# ("demo" and "prerelease" is reserved to be used only on the offical demo instances)
+// Either "production", "dev", "demo" or "prerelease"
+// When not "production", authentication will be disabled and
+// demo data will be populated during database migrations
 Setting('MODE', 'production');
 
-# Either "en" or "de" or the directory name of
-# one of the other available localization folders in the "/localization" directory
-Setting('CULTURE', 'en');
+// Either "en" or "de" or the directory name of
+// one of the other available localization folders in the "/localization" directory
+Setting('DEFAULT_LOCALE', 'en');
 
-# This is used to define the first day of a week for calendar views in the frontend,
-# leave empty to use the locale default
-# Needs to be a number where Sunday = 0, Monday = 1 and so forth
+// This is used to define the first day of a week for calendar views in the frontend,
+// leave empty to use the locale default
+// Needs to be a number where Sunday = 0, Monday = 1 and so forth
 Setting('CALENDAR_FIRST_DAY_OF_WEEK', '');
 
-# If calendars should show week numbers
+// If calendars should show week numbers
 Setting('CALENDAR_SHOW_WEEK_OF_YEAR', true);
 
-# To keep it simple: grocy does not handle any currency conversions,
-# this here is used to format all money values,
-# so doesn't matter really matter, but should be the
-# ISO 4217 code of the currency ("USD", "EUR", "GBP", etc.)
+// To keep it simple: grocy does not handle any currency conversions,
+// this here is used to format all money values,
+// so doesn't really matter, but should be the
+// ISO 4217 code of the currency ("USD", "EUR", "GBP", etc.)
 Setting('CURRENCY', 'USD');
 
-# The base url of your installation,
-# should be just "/" when running directly under the root of a (sub)domain
-# or for example "https://example.com/grocy" when using a subdirectory
+// When running grocy in a subdirectory, this should be set to the relative path, otherwise empty
+// It needs to be set to the part (of the URL) after the document root,
+// if URL rewriting is disabled, including index.php
+// Example with URL Rewriting support:
+//  Root URL = https://example.com/grocy
+//  => BASE_PATH = /grocy
+// Example without URL Rewriting support:
+//  Root URL = https://example.com/grocy/public/index.php/
+//  => BASE_PATH = /grocy/public/index.php
+Setting('BASE_PATH', '');
+
+// The base URL of your installation,
+// should be just "/" when running directly under the root of a (sub)domain
+// or for example "https://example.com/grocy" when using a subdirectory
 Setting('BASE_URL', '/');
 
-# The plugin to use for external barcode lookups,
-# must be the filename without .php extension and must be located in /data/plugins,
-# see /data/plugins/DemoBarcodeLookupPlugin.php for an example implementation
+// The plugin to use for external barcode lookups,
+// must be the filename without .php extension and must be located in /data/plugins,
+// see /data/plugins/DemoBarcodeLookupPlugin.php for an example implementation
 Setting('STOCK_BARCODE_LOOKUP_PLUGIN', 'DemoBarcodeLookupPlugin');
 
-# If, however, your webserver does not support URL rewriting, set this to true
+// If, however, your webserver does not support URL rewriting, set this to true
 Setting('DISABLE_URL_REWRITING', false);
 
-# Specify an custom homepage if desired - by default the homepage will be set to the stock overview,
-# this needs to be one of the following values:
-# stock, shoppinglist, recipes, chores, tasks, batteries, equipment, calendar, mealplan
+// Specify an custom homepage if desired - by default the homepage will be set to the stock overview page,
+// this needs to be one of the following values:
+// stock, shoppinglist, recipes, chores, tasks, batteries, equipment, calendar, mealplan
 Setting('ENTRY_PAGE', 'stock');
 
-# Set this to true if you want to disable authentication / the login screen,
-# places where user context is needed will then use the default (first existing) user
+// Set this to true if you want to disable authentication / the login screen,
+// places where user context is needed will then use the default (first existing) user
 Setting('DISABLE_AUTH', false);
 
-# Set this to true if you want to disable the ability to scan a barcode via the device camera (Browser API)
+// Either "Grocy\Middleware\DefaultAuthMiddleware", "Grocy\Middleware\ReverseProxyAuthMiddleware"
+// or any class that implements Grocy\Middleware\AuthMiddleware
+Setting('AUTH_CLASS', 'Grocy\Middleware\DefaultAuthMiddleware');
+
+// When using ReverseProxyAuthMiddleware,
+// the name of the HTTP header which your reverse proxy uses to pass the username (on successful authentication)
+Setting('REVERSE_PROXY_AUTH_HEADER', 'REMOTE_USER');
+
+// When using LdapAuthMiddleware
+Setting('LDAP_DOMAIN', ''); // Example value "local"
+Setting('LDAP_ADDRESS', ''); // Example value "ldap://vm-dc2019.local.berrnd.net"
+Setting('LDAP_BASE_DN', ''); // Example value "OU=OU_Users,DC=local,DC=berrnd,DC=net"
+
+// Set this to true if you want to disable the ability to scan a barcode via the device camera (Browser API)
 Setting('DISABLE_BROWSER_BARCODE_CAMERA_SCANNING', false);
 
+// Set this if you want to have a different start day for the weekly meal plan view,
+// leave empty to use CALENDAR_FIRST_DAY_OF_WEEK (see above)
+// Needs to be a number where Sunday = 0, Monday = 1 and so forth
+Setting('MEAL_PLAN_FIRST_DAY_OF_WEEK', '');
 
-# Default user settings
-# These settings can be changed per user, here the defaults
-# are defined which are used when the user has not changed the setting so far
+// Default permissions for new users
+// the array needs to contain the technical/constant names
+// see the file controllers/Users/User.php for possible values
+Setting('DEFAULT_PERMISSIONS', ['ADMIN']);
 
-# Night mode related
+// Default user settings
+// These settings can be changed per user, here the defaults
+// are defined which are used when the user has not changed the setting so far
+
+// Night mode related
 DefaultUserSetting('night_mode_enabled', false); // If night mode is enabled always
 DefaultUserSetting('auto_night_mode_enabled', false); // If night mode is enabled automatically when inside a given time range (see the two settings below)
-DefaultUserSetting('auto_night_mode_time_range_from', "20:00"); // Format HH:mm
-DefaultUserSetting('auto_night_mode_time_range_to', "07:00"); // Format HH:mm
+DefaultUserSetting('auto_night_mode_time_range_from', '20:00'); // Format HH:mm
+DefaultUserSetting('auto_night_mode_time_range_to', '07:00'); // Format HH:mm
 DefaultUserSetting('auto_night_mode_time_range_goes_over_midnight', true); // If the time range above goes over midnight
 DefaultUserSetting('currently_inside_night_mode_range', false); // If we're currently inside of night mode time range (this is not user configurable, but stored as a user setting because it's evaluated client side to be able to use the client time instead of the maybe different server time)
 
-# Stock settings
+// Keep screen on settings
+DefaultUserSetting('keep_screen_on', false); // Keep the screen always on
+DefaultUserSetting('keep_screen_on_when_fullscreen_card', false); // Keep the screen on when a "fullscreen-card" is displayed
+
+// Stock settings
 DefaultUserSetting('product_presets_location_id', -1); // Default location id for new products (-1 means no location is preset)
 DefaultUserSetting('product_presets_product_group_id', -1); // Default product group id for new products (-1 means no product group is preset)
 DefaultUserSetting('product_presets_qu_id', -1); // Default quantity unit id for new products (-1 means no quantity unit is preset)
-DefaultUserSetting('stock_expring_soon_days', 5);
+DefaultUserSetting('stock_decimal_places_amounts', 4); // Default decimal places allowed for amounts
+DefaultUserSetting('stock_decimal_places_prices', 2); // Default decimal places allowed for prices
+DefaultUserSetting('stock_due_soon_days', 5);
 DefaultUserSetting('stock_default_purchase_amount', 0);
 DefaultUserSetting('stock_default_consume_amount', 1);
+DefaultUserSetting('stock_default_consume_amount_use_quick_consume_amount', false);
+DefaultUserSetting('scan_mode_consume_enabled', false);
+DefaultUserSetting('scan_mode_purchase_enabled', false);
+DefaultUserSetting('show_icon_on_stock_overview_page_when_product_is_on_shopping_list', true);
+DefaultUserSetting('show_purchased_date_on_purchase', false); // Wheter the purchased date should be editable on purchase (defaults to today otherwise)
+DefaultUserSetting('show_warning_on_purchase_when_due_date_is_earlier_than_next', true); // Show a warning on purchase when the due date of the purchased product is earlier than the next due date in stock
 
-# Chores settings
+// Shopping list settings
+DefaultUserSetting('shopping_list_to_stock_workflow_auto_submit_when_prefilled', false); // Automatically do the booking using the last price and the amount of the shopping list item, if the product has "Default due days" set
+DefaultUserSetting('shopping_list_show_calendar', false);
+
+// Recipe settings
+DefaultUserSetting('recipe_ingredients_group_by_product_group', false); // Group recipe ingredients by their product group
+
+// Chores settings
 DefaultUserSetting('chores_due_soon_days', 5);
 
-# Batteries settings
+// Batteries settings
 DefaultUserSetting('batteries_due_soon_days', 5);
 
-# Tasks settings
+// Tasks settings
 DefaultUserSetting('tasks_due_soon_days', 5);
 
-# If the page should be automatically reloaded when there was
-# an external change
+// If the page should be automatically reloaded when there was
+// an external change
 DefaultUserSetting('auto_reload_on_db_change', true);
 
-# Show a clock in the header next to the logo or not
+// Show a clock in the header next to the logo or not
 DefaultUserSetting('show_clock_in_header', false);
 
-# Shopping list to stock workflow:
-# Automatically do the booking using the last price and the amount
-# of the shopping list item, if the product has "Default best before days" set
-DefaultUserSetting('shopping_list_to_stock_workflow_auto_submit_when_prefilled', false);
+// Component configuration for Quagga2 - read https://github.com/ericblade/quagga2#configobject for details
+// Below is a generic good configuration,
+// for an iPhone 7 Plus, halfsample = true, patchsize = small, frequency = 5 yields very good results
+DefaultUserSetting('quagga2_numofworkers', 4);
+DefaultUserSetting('quagga2_halfsample', false);
+DefaultUserSetting('quagga2_patchsize', 'medium');
+DefaultUserSetting('quagga2_frequency', 10);
+DefaultUserSetting('quagga2_debug', true);
 
-
-# Feature flags
-# grocy was initially about "stock management for your household", many other things
-# came and still come by, because they are useful - here you can disable the parts
-# which you don't need to have a less cluttered UI
-# (set the setting to "false" to disable the corresponding part, which should be self explanatory)
+// Feature flags
+// grocy was initially about "stock management for your household", many other things
+// came and still come by, because they are useful - here you can disable the parts
+// which you don't need to have a less cluttered UI
+// (set the setting to "false" to disable the corresponding part, which should be self explanatory)
 Setting('FEATURE_FLAG_STOCK', true);
 Setting('FEATURE_FLAG_SHOPPINGLIST', true);
 Setting('FEATURE_FLAG_RECIPES', true);
@@ -118,14 +173,16 @@ Setting('FEATURE_FLAG_BATTERIES', true);
 Setting('FEATURE_FLAG_EQUIPMENT', true);
 Setting('FEATURE_FLAG_CALENDAR', true);
 
-
-# Sub feature flags
+// Sub feature flags
 Setting('FEATURE_FLAG_STOCK_PRICE_TRACKING', true);
 Setting('FEATURE_FLAG_STOCK_LOCATION_TRACKING', true);
 Setting('FEATURE_FLAG_STOCK_BEST_BEFORE_DATE_TRACKING', true);
 Setting('FEATURE_FLAG_STOCK_PRODUCT_OPENED_TRACKING', true);
+Setting('FEATURE_FLAG_STOCK_PRODUCT_FREEZING', true);
+Setting('FEATURE_FLAG_STOCK_BEST_BEFORE_DATE_FIELD_NUMBER_PAD', true); // Activate the number pad in due date fields on (supported) mobile browsers
+Setting('FEATURE_FLAG_SHOPPINGLIST_MULTIPLE_LISTS', true);
 Setting('FEATURE_FLAG_CHORES_ASSIGNMENTS', true);
 
-
-# Feature settings
-Setting('FEATURE_SETTING_STOCK_COUNT_OPENED_PRODUCTS_AGAINST_MINIMUM_STOCK_AMOUNT', true); // When set to false, opened products will not be considered for minimum stock amounts
+// Feature settings
+Setting('FEATURE_SETTING_STOCK_COUNT_OPENED_PRODUCTS_AGAINST_MINIMUM_STOCK_AMOUNT', true); // When set to true, opened items will be counted as missing for calculating if a product is below its minimum stock amount
+Setting('FEATURE_FLAG_AUTO_TORCH_ON_WITH_CAMERA', true); // Enables the torch automaticaly (if the device has one)

controllers/BaseApiController.php

@@ -2,31 +2,145 @@
 
 namespace Grocy\Controllers;
 
+use LessQL\Result;
+
 class BaseApiController extends BaseController
 {
+	protected $OpenApiSpec = null;
 
-	public function __construct(\Slim\Container $container)
+	const PATTERN_FIELD = '[A-Za-z_][A-Za-z0-9_]+';
+	const PATTERN_OPERATOR = '!?(=|~|<|>|(>=)|(<=)|(§))';
+	const PATTERN_VALUE = '[A-Za-z_0-9.$#^|]+';
+
+	public function __construct(\DI\Container $container)
 	{
 		parent::__construct($container);
-		$this->OpenApiSpec = json_decode(file_get_contents(__DIR__ . '/../grocy.openapi.json'));
 	}
 
-	protected $OpenApiSpec;
-
-	protected function ApiResponse($data)
+	protected function ApiResponse(\Psr\Http\Message\ResponseInterface $response, $data)
 	{
-		return json_encode($data);
+		$response->getBody()->write(json_encode($data));
+		return $response;
 	}
 
-	protected function EmptyApiResponse($response, $status = 204)
+	protected function EmptyApiResponse(\Psr\Http\Message\ResponseInterface $response, $status = 204)
 	{
 		return $response->withStatus($status);
 	}
 
-	protected function GenericErrorResponse($response, $errorMessage, $status = 400)
+	protected function GenericErrorResponse(\Psr\Http\Message\ResponseInterface $response, $errorMessage, $status = 400)
 	{
-		return $response->withStatus($status)->withJson(array(
+		return $response->withStatus($status)->withJson([
 			'error_message' => $errorMessage
-		));
+		]);
+	}
+
+	public function FilteredApiResponse(\Psr\Http\Message\ResponseInterface $response, Result $data, array $query)
+	{
+		$data = $this->queryData($data, $query);
+		return $this->ApiResponse($response, $data);
+	}
+
+	protected function queryData(Result $data, array $query)
+	{
+		if (isset($query['query']))
+		{
+			$data = $this->filter($data, $query['query']);
+		}
+
+		if (isset($query['limit']))
+		{
+			$data = $data->limit(intval($query['limit']), intval($query['offset'] ?? 0));
+		}
+
+		if (isset($query['order']))
+		{
+			$parts = explode(':', $query['order']);
+
+			if (count($parts) == 1)
+			{
+				$data = $data->orderBy($parts[0]);
+			}
+			else
+			{
+				if ($parts[1] != 'asc' && $parts[1] != 'desc')
+				{
+					throw new \Exception('Invalid sort order ' . $parts[1]);
+				}
+
+				$data = $data->orderBy($parts[0], $parts[1]);
+			}
+		}
+
+		return $data;
+	}
+
+	protected function filter(Result $data, array $query): Result
+	{
+		foreach ($query as $q)
+		{
+			$matches = [];
+			preg_match(
+				'/(?P<field>' . self::PATTERN_FIELD . ')'
+				. '(?P<op>' . self::PATTERN_OPERATOR . ')'
+				. '(?P<value>' . self::PATTERN_VALUE . ')/',
+				$q,
+				$matches
+			);
+
+			if (!array_key_exists('field', $matches) || !array_key_exists('op', $matches) || !array_key_exists('value', $matches))
+			{
+				throw new \Exception('Invalid query');
+			}
+
+			$sqlOrNull = '';
+			if (strtolower($matches['value']) == 'null')
+			{
+				$sqlOrNull = ' OR ' . $matches['field'] . ' IS NULL';
+			}
+
+			switch ($matches['op']) {
+				case '=':
+					$data = $data->where($matches['field'] . ' = ?' . $sqlOrNull, $matches['value']);
+					break;
+				case '!=':
+					$data = $data->where($matches['field'] . ' != ?' . $sqlOrNull, $matches['value']);
+					break;
+				case '~':
+					$data = $data->where($matches['field'] . ' LIKE ?', '%' . $matches['value'] . '%');
+					break;
+				case '!~':
+					$data = $data->where($matches['field'] . ' NOT LIKE ?', '%' . $matches['value'] . '%');
+					break;
+				case '<':
+					$data = $data->where($matches['field'] . ' < ?', $matches['value']);
+					break;
+				case '>':
+					$data = $data->where($matches['field'] . ' > ?', $matches['value']);
+					break;
+				case '>=':
+					$data = $data->where($matches['field'] . ' >= ?', $matches['value']);
+					break;
+				case '<=':
+					$data = $data->where($matches['field'] . ' <= ?', $matches['value']);
+					break;
+				case '§':
+					$data = $data->where($matches['field'] . ' REGEXP ?', $matches['value']);
+					break;
+
+			}
+		}
+
+		return $data;
+	}
+
+	protected function getOpenApispec()
+	{
+		if ($this->OpenApiSpec == null)
+		{
+			$this->OpenApiSpec = json_decode(file_get_contents(__DIR__ . '/../grocy.openapi.json'));
+		}
+
+		return $this->OpenApiSpec;
 	}
 }

controllers/BaseController.php

@@ -2,46 +2,147 @@
 
 namespace Grocy\Controllers;
 
-use \Grocy\Services\DatabaseService;
-use \Grocy\Services\ApplicationService;
-use \Grocy\Services\LocalizationService;
-use \Grocy\Services\UsersService;
+use Grocy\Controllers\Users\User;
+use Grocy\Services\ApiKeyService;
+use Grocy\Services\ApplicationService;
+use Grocy\Services\BatteriesService;
+use Grocy\Services\CalendarService;
+use Grocy\Services\ChoresService;
+use Grocy\Services\DatabaseService;
+use Grocy\Services\FilesService;
+use Grocy\Services\LocalizationService;
+use Grocy\Services\RecipesService;
+use Grocy\Services\SessionService;
+use Grocy\Services\StockService;
+use Grocy\Services\TasksService;
+use Grocy\Services\UserfieldsService;
+use Grocy\Services\UsersService;
 
 class BaseController
 {
-	public function __construct(\Slim\Container $container) {
-		$databaseService = new DatabaseService();
-		$this->Database = $databaseService->GetDbConnection();
-		
-		$localizationService = new LocalizationService(GROCY_CULTURE);
-		$this->LocalizationService = $localizationService;
+	protected $AppContainer;
 
-		$applicationService = new ApplicationService();
-		$versionInfo = $applicationService->GetInstalledVersion();
-		$container->view->set('version', $versionInfo->Version);
-		$container->view->set('releaseDate', $versionInfo->ReleaseDate);
+	public function __construct(\DI\Container $container)
+	{
+		$this->AppContainer = $container;
+		$this->View = $container->get('view');
+	}
 
-		$container->view->set('__t', function(string $text, ...$placeholderValues) use($localizationService)
+	protected function getApiKeyService()
+	{
+		return ApiKeyService::getInstance();
+	}
+
+	protected function getApplicationservice()
+	{
+		return ApplicationService::getInstance();
+	}
+
+	protected function getBatteriesService()
+	{
+		return BatteriesService::getInstance();
+	}
+
+	protected function getCalendarService()
+	{
+		return CalendarService::getInstance();
+	}
+
+	protected function getChoresService()
+	{
+		return ChoresService::getInstance();
+	}
+
+	protected function getDatabase()
+	{
+		return $this->getDatabaseService()->GetDbConnection();
+	}
+
+	protected function getDatabaseService()
+	{
+		return DatabaseService::getInstance();
+	}
+
+	protected function getFilesService()
+	{
+		return FilesService::getInstance();
+	}
+
+	protected function getLocalizationService()
+	{
+		if (!defined('GROCY_LOCALE'))
 		{
+			define('GROCY_LOCALE', GROCY_DEFAULT_LOCALE);
+		}
+
+		return LocalizationService::getInstance(GROCY_LOCALE);
+	}
+
+	protected function getRecipesService()
+	{
+		return RecipesService::getInstance();
+	}
+
+	protected function getSessionService()
+	{
+		return SessionService::getInstance();
+	}
+
+	protected function getStockService()
+	{
+		return StockService::getInstance();
+	}
+
+	protected function getTasksService()
+	{
+		return TasksService::getInstance();
+	}
+
+	protected function getUserfieldsService()
+	{
+		return UserfieldsService::getInstance();
+	}
+
+	protected function getUsersService()
+	{
+		return UsersService::getInstance();
+	}
+
+	protected function render($response, $page, $data = [])
+	{
+		$container = $this->AppContainer;
+
+		$versionInfo = $this->getApplicationService()->GetInstalledVersion();
+		$this->View->set('version', $versionInfo->Version);
+		$this->View->set('releaseDate', $versionInfo->ReleaseDate);
+
+		$localizationService = $this->getLocalizationService();
+		$this->View->set('__t', function (string $text, ...$placeholderValues) use ($localizationService) {
 			return $localizationService->__t($text, $placeholderValues);
 		});
-		$container->view->set('__n', function($number, $singularForm, $pluralForm) use($localizationService)
-		{
+		$this->View->set('__n', function ($number, $singularForm, $pluralForm) use ($localizationService) {
 			return $localizationService->__n($number, $singularForm, $pluralForm);
 		});
-		$container->view->set('GettextPo', $localizationService->GetPoAsJsonString());
+		$this->View->set('GettextPo', $localizationService->GetPoAsJsonString());
 
-		$container->view->set('U', function($relativePath, $isResource = false) use($container)
+		// TODO: Better handle this generically based on the current language (header in .po file?)
+		$dir = 'ltr';
+		if (GROCY_LOCALE == 'he_IL')
 		{
-			return $container->UrlManager->ConstructUrl($relativePath, $isResource);
+			$dir = 'rtl';
+		}
+		$this->View->set('dir', $dir);
+
+		$this->View->set('U', function ($relativePath, $isResource = false) use ($container) {
+			return $container->get('UrlManager')->ConstructUrl($relativePath, $isResource);
 		});
 
 		$embedded = false;
-		if (isset($container->request->getQueryParams()['embedded']))
+		if (isset($_GET['embedded']))
 		{
 			$embedded = true;
 		}
-		$container->view->set('embedded', $embedded);
+		$this->View->set('embedded', $embedded);
 
 		$constants = get_defined_constants();
 		foreach ($constants as $constant => $value)
@@ -51,20 +152,30 @@ class BaseController
 				unset($constants[$constant]);
 			}
 		}
-		$container->view->set('featureFlags', $constants);
 
-		$container->view->set('userentitiesForSidebar', $this->Database->userentities()->where('show_in_sidebar_menu = 1')->orderBy('name'));
+		$this->View->set('featureFlags', $constants);
+		if (GROCY_AUTHENTICATED)
+		{
+			$this->View->set('permissions', User::PermissionList());
+		}
 
+		return $this->View->render($response, $page, $data);
+	}
+
+	protected function renderPage($response, $page, $data = [])
+	{
+		$this->View->set('userentitiesForSidebar', $this->getDatabase()->userentities()->where('show_in_sidebar_menu = 1')->orderBy('name'));
 		try
 		{
-			$usersService = new UsersService();
+			$usersService = $this->getUsersService();
+
 			if (defined('GROCY_USER_ID'))
 			{
-				$container->view->set('userSettings', $usersService->GetUserSettings(GROCY_USER_ID));
+				$this->View->set('userSettings', $usersService->GetUserSettings(GROCY_USER_ID));
 			}
 			else
 			{
-				$container->view->set('userSettings', null);
+				$this->View->set('userSettings', null);
 			}
 		}
 		catch (\Exception $ex)
@@ -72,10 +183,29 @@ class BaseController
 			// Happens when database is not initialised or migrated...
 		}
 
-		$this->AppContainer = $container;
+		return $this->render($response, $page, $data);
 	}
 
-	protected $AppContainer;
-	protected $Database;
-	protected $LocalizationService;
+	private static $htmlPurifierInstance = null;
+
+	protected function GetParsedAndFilteredRequestBody($request)
+	{
+		if (self::$htmlPurifierInstance == null)
+		{
+			self::$htmlPurifierInstance = new \HTMLPurifier(\HTMLPurifier_Config::createDefault());
+		}
+
+		$requestBody = $request->getParsedBody();
+		foreach ($requestBody as $key => &$value)
+		{
+			// HTMLPurifier removes boolean values (true/false), so explicitly keep them
+			// Maybe also possible through HTMLPurifier config (http://htmlpurifier.org/live/configdoc/plain.html)
+			if (!is_bool($value))
+			{
+				$value = self::$htmlPurifierInstance->purify($value);
+			}
+		}
+
+		return $requestBody;
+	}
 }

controllers/BatteriesApiController.php

@@ -2,32 +2,44 @@
 
 namespace Grocy\Controllers;
 
-use \Grocy\Services\BatteriesService;
+use Grocy\Controllers\Users\User;
 
 class BatteriesApiController extends BaseApiController
 {
-	public function __construct(\Slim\Container $container)
+	public function BatteryDetails(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		parent::__construct($container);
-		$this->BatteriesService = new BatteriesService();
+		try
+		{
+			return $this->ApiResponse($response, $this->getBatteriesService()->GetBatteryDetails($args['batteryId']));
+		}
+		catch (\Exception $ex)
+		{
+			return $this->GenericErrorResponse($response, $ex->getMessage());
+		}
 	}
 
-	protected $BatteriesService;
-
-	public function TrackChargeCycle(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function Current(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		$requestBody = $request->getParsedBody();
+		return $this->FilteredApiResponse($response, $this->getBatteriesService()->GetCurrent(), $request->getQueryParams());
+	}
+
+	public function TrackChargeCycle(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		User::checkPermission($request, User::PERMISSION_BATTERIES_TRACK_CHARGE_CYCLE);
+
+		$requestBody = $this->GetParsedAndFilteredRequestBody($request);
 
 		try
 		{
 			$trackedTime = date('Y-m-d H:i:s');
+
 			if (array_key_exists('tracked_time', $requestBody) && IsIsoDateTime($requestBody['tracked_time']))
 			{
 				$trackedTime = $requestBody['tracked_time'];
 			}
 
-			$chargeCycleId = $this->BatteriesService->TrackChargeCycle($args['batteryId'], $trackedTime);
-			return $this->ApiResponse($this->Database->battery_charge_cycles($chargeCycleId));
+			$chargeCycleId = $this->getBatteriesService()->TrackChargeCycle($args['batteryId'], $trackedTime);
+			return $this->ApiResponse($response, $this->getDatabase()->battery_charge_cycles($chargeCycleId));
 		}
 		catch (\Exception $ex)
 		{
@@ -35,28 +47,13 @@ class BatteriesApiController extends BaseApiController
 		}
 	}
 
-	public function BatteryDetails(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function UndoChargeCycle(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
+		User::checkPermission($request, User::PERMISSION_BATTERIES_UNDO_CHARGE_CYCLE);
+
 		try
 		{
-			return $this->ApiResponse($this->BatteriesService->GetBatteryDetails($args['batteryId']));
-		}
-		catch (\Exception $ex)
-		{
-			return $this->GenericErrorResponse($response, $ex->getMessage());
-		}
-	}
-
-	public function Current(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		return $this->ApiResponse($this->BatteriesService->GetCurrent());
-	}
-
-	public function UndoChargeCycle(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		try
-		{
-			$this->ApiResponse($this->BatteriesService->UndoChargeCycle($args['chargeCycleId']));
+			$this->ApiResponse($response, $this->getBatteriesService()->UndoChargeCycle($args['chargeCycleId']));
 			return $this->EmptyApiResponse($response);
 		}
 		catch (\Exception $ex)
@@ -64,4 +61,9 @@ class BatteriesApiController extends BaseApiController
 			return $this->GenericErrorResponse($response, $ex->getMessage());
 		}
 	}
+
+	public function __construct(\DI\Container $container)
+	{
+		parent::__construct($container);
+	}
 }

controllers/BatteriesController.php

@@ -2,81 +2,81 @@
 
 namespace Grocy\Controllers;
 
-use \Grocy\Services\BatteriesService;
-use \Grocy\Services\UsersService;
-use \Grocy\Services\UserfieldsService;
-
 class BatteriesController extends BaseController
 {
-	public function __construct(\Slim\Container $container)
+	public function BatteriesList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		parent::__construct($container);
-		$this->BatteriesService = new BatteriesService();
-		$this->UserfieldsService = new UserfieldsService();
-	}
+		if (isset($request->getQueryParams()['include_disabled']))
+		{
+			$batteries = $this->getDatabase()->batteries()->orderBy('name', 'COLLATE NOCASE');
+		}
+		else
+		{
+			$batteries = $this->getDatabase()->batteries()->where('active = 1')->orderBy('name', 'COLLATE NOCASE');
+		}
 
-	protected $BatteriesService;
-	protected $UserfieldsService;
-
-	public function Overview(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		$usersService = new UsersService();
-		$nextXDays = $usersService->GetUserSettings(GROCY_USER_ID)['batteries_due_soon_days'];
-
-		return $this->AppContainer->view->render($response, 'batteriesoverview', [
-			'batteries' => $this->Database->batteries()->orderBy('name'),
-			'current' => $this->BatteriesService->GetCurrent(),
-			'nextXDays' => $nextXDays,
-			'userfields' => $this->UserfieldsService->GetFields('batteries'),
-			'userfieldValues' => $this->UserfieldsService->GetAllValues('batteries')
+		return $this->renderPage($response, 'batteries', [
+			'batteries' => $batteries,
+			'userfields' => $this->getUserfieldsService()->GetFields('batteries'),
+			'userfieldValues' => $this->getUserfieldsService()->GetAllValues('batteries')
 		]);
 	}
 
-	public function TrackChargeCycle(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function BatteriesSettings(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		return $this->AppContainer->view->render($response, 'batterytracking', [
-			'batteries' =>  $this->Database->batteries()->orderBy('name')
-		]);
+		return $this->renderPage($response, 'batteriessettings');
 	}
 
-	public function BatteriesList(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		return $this->AppContainer->view->render($response, 'batteries', [
-			'batteries' => $this->Database->batteries()->orderBy('name'),
-			'userfields' => $this->UserfieldsService->GetFields('batteries'),
-			'userfieldValues' => $this->UserfieldsService->GetAllValues('batteries')
-		]);
-	}
-
-	public function BatteryEditForm(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function BatteryEditForm(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		if ($args['batteryId'] == 'new')
 		{
-			return $this->AppContainer->view->render($response, 'batteryform', [
+			return $this->renderPage($response, 'batteryform', [
 				'mode' => 'create',
-				'userfields' => $this->UserfieldsService->GetFields('batteries')
+				'userfields' => $this->getUserfieldsService()->GetFields('batteries')
 			]);
 		}
 		else
 		{
-			return $this->AppContainer->view->render($response, 'batteryform', [
-				'battery' =>  $this->Database->batteries($args['batteryId']),
+			return $this->renderPage($response, 'batteryform', [
+				'battery' => $this->getDatabase()->batteries($args['batteryId']),
 				'mode' => 'edit',
-				'userfields' => $this->UserfieldsService->GetFields('batteries')
+				'userfields' => $this->getUserfieldsService()->GetFields('batteries')
 			]);
 		}
 	}
 
-	public function Journal(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function Journal(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		return $this->AppContainer->view->render($response, 'batteriesjournal', [
-			'chargeCycles' => $this->Database->battery_charge_cycles()->orderBy('tracked_time', 'DESC'),
-			'batteries' => $this->Database->batteries()->orderBy('name')
+		return $this->renderPage($response, 'batteriesjournal', [
+			'chargeCycles' => $this->getDatabase()->battery_charge_cycles()->orderBy('tracked_time', 'DESC'),
+			'batteries' => $this->getDatabase()->batteries()->where('active = 1')->orderBy('name', 'COLLATE NOCASE')
 		]);
 	}
 
-	public function BatteriesSettings(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function Overview(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		return $this->AppContainer->view->render($response, 'batteriessettings');
+		$usersService = $this->getUsersService();
+		$nextXDays = $usersService->GetUserSettings(GROCY_USER_ID)['batteries_due_soon_days'];
+
+		return $this->renderPage($response, 'batteriesoverview', [
+			'batteries' => $this->getDatabase()->batteries()->where('active = 1')->orderBy('name', 'COLLATE NOCASE'),
+			'current' => $this->getBatteriesService()->GetCurrent(),
+			'nextXDays' => $nextXDays,
+			'userfields' => $this->getUserfieldsService()->GetFields('batteries'),
+			'userfieldValues' => $this->getUserfieldsService()->GetAllValues('batteries')
+		]);
+	}
+
+	public function TrackChargeCycle(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		return $this->renderPage($response, 'batterytracking', [
+			'batteries' => $this->getDatabase()->batteries()->where('active = 1')->orderBy('name', 'COLLATE NOCASE')
+		]);
+	}
+
+	public function __construct(\DI\Container $container)
+	{
+		parent::__construct($container);
 	}
 }

controllers/CalendarApiController.php

@@ -2,45 +2,40 @@
 
 namespace Grocy\Controllers;
 
-use \Grocy\Services\CalendarService;
-use \Grocy\Services\ApiKeyService;
-
 class CalendarApiController extends BaseApiController
 {
-	public function __construct(\Slim\Container $container)
-	{
-		parent::__construct($container);
-		$this->CalendarService = new CalendarService();
-		$this->ApiKeyService = new ApiKeyService();
-	}
-
-	protected $CalendarService;
-	protected $ApiKeyService;
-
-	public function Ical(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function Ical(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		try
 		{
 			$vCalendar = new \Eluceo\iCal\Component\Calendar('grocy');
 
-			$events = $this->CalendarService->GetEvents();
-			foreach($events as $event)
+			$events = $this->getCalendarService()->GetEvents();
+
+			foreach ($events as $event)
 			{
 				$date = new \DateTime($event['start']);
-				$date->setTimezone(date_default_timezone_get());
-				
+				$date->setTimezone(new \DateTimeZone(date_default_timezone_get()));
+
 				if ($event['date_format'] === 'date')
 				{
 					$date->setTime(23, 59, 59);
 				}
 
+				$description = '';
+				if (isset($event['description']))
+				{
+					$description = $event['description'];
+				}
+
 				$vEvent = new \Eluceo\iCal\Component\Event();
 				$vEvent->setDtStart($date)
 					->setDtEnd($date)
 					->setSummary($event['title'])
-					->setNoTime($event['date_format'] === 'date')
+					->setDescription($description)
+					->setNoTime($event['date_format'] === 'date' || (isset($event['allDay']) && $event['allDay']))
 					->setUseTimezone(true);
-				
+
 				$vCalendar->addComponent($vEvent);
 			}
 
@@ -54,17 +49,22 @@ class CalendarApiController extends BaseApiController
 		}
 	}
 
-	public function IcalSharingLink(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function IcalSharingLink(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		try
 		{
-			return $this->ApiResponse(array(
-				'url' => $this->AppContainer->UrlManager->ConstructUrl('/api/calendar/ical?secret=' . $this->ApiKeyService->GetOrCreateApiKey(ApiKeyService::API_KEY_TYPE_SPECIAL_PURPOSE_CALENDAR_ICAL))
-			));
+			return $this->ApiResponse($response, [
+				'url' => $this->AppContainer->get('UrlManager')->ConstructUrl('/api/calendar/ical?secret=' . $this->getApiKeyService()->GetOrCreateApiKey(\Grocy\Services\ApiKeyService::API_KEY_TYPE_SPECIAL_PURPOSE_CALENDAR_ICAL))
+			]);
 		}
 		catch (\Exception $ex)
 		{
 			return $this->GenericErrorResponse($response, $ex->getMessage());
 		}
 	}
+
+	public function __construct(\DI\Container $container)
+	{
+		parent::__construct($container);
+	}
 }

controllers/CalendarController.php

@@ -2,22 +2,17 @@
 
 namespace Grocy\Controllers;
 
-use \Grocy\Services\CalendarService;
-
 class CalendarController extends BaseController
 {
-	public function __construct(\Slim\Container $container)
+	public function Overview(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		parent::__construct($container);
-		$this->CalendarService = new CalendarService();
-	}
-
-	protected $CalendarService;
-
-	public function Overview(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		return $this->AppContainer->view->render($response, 'calendar', [
-			'fullcalendarEventSources' => $this->CalendarService->GetEvents()
+		return $this->renderPage($response, 'calendar', [
+			'fullcalendarEventSources' => $this->getCalendarService()->GetEvents()
 		]);
 	}
+
+	public function __construct(\DI\Container $container)
+	{
+		parent::__construct($container);
+	}
 }

controllers/ChoresApiController.php

@@ -2,82 +2,18 @@
 
 namespace Grocy\Controllers;
 
-use \Grocy\Services\ChoresService;
+use Grocy\Controllers\Users\User;
 
 class ChoresApiController extends BaseApiController
 {
-	public function __construct(\Slim\Container $container)
-	{
-		parent::__construct($container);
-		$this->ChoresService = new ChoresService();
-	}
-
-	protected $ChoresService;
-
-	public function TrackChoreExecution(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		$requestBody = $request->getParsedBody();
-
-		try
-		{
-			$trackedTime = date('Y-m-d H:i:s');
-			if (array_key_exists('tracked_time', $requestBody) && (IsIsoDateTime($requestBody['tracked_time']) || IsIsoDate($requestBody['tracked_time'])))
-			{
-				$trackedTime = $requestBody['tracked_time'];
-			}
-
-			$doneBy = GROCY_USER_ID;
-			if (array_key_exists('done_by', $requestBody) && !empty($requestBody['done_by']))
-			{
-				$doneBy = $requestBody['done_by'];
-			}
-
-			$choreExecutionId = $this->ChoresService->TrackChore($args['choreId'], $trackedTime, $doneBy);
-			return $this->ApiResponse($this->Database->chores_log($choreExecutionId));
-		}
-		catch (\Exception $ex)
-		{
-			return $this->GenericErrorResponse($response, $ex->getMessage());
-		}
-	}
-
-	public function ChoreDetails(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function CalculateNextExecutionAssignments(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		try
 		{
-			return $this->ApiResponse($this->ChoresService->GetChoreDetails($args['choreId']));
-		}
-		catch (\Exception $ex)
-		{
-			return $this->GenericErrorResponse($response, $ex->getMessage());
-		}
-	}
-
-	public function Current(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		return $this->ApiResponse($this->ChoresService->GetCurrent());
-	}
-
-	public function UndoChoreExecution(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		try
-		{
-			$this->ApiResponse($this->ChoresService->UndoChoreExecution($args['executionId']));
-			return $this->EmptyApiResponse($response);
-		}
-		catch (\Exception $ex)
-		{
-			return $this->GenericErrorResponse($response, $ex->getMessage());
-		}
-	}
-
-	public function CalculateNextExecutionAssignments(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		try
-		{
-			$requestBody = $request->getParsedBody();
+			$requestBody = $this->GetParsedAndFilteredRequestBody($request);
 
 			$choreId = null;
+
 			if (array_key_exists('chore_id', $requestBody) && !empty($requestBody['chore_id']) && is_numeric($requestBody['chore_id']))
 			{
 				$choreId = intval($requestBody['chore_id']);
@@ -85,15 +21,15 @@ class ChoresApiController extends BaseApiController
 
 			if ($choreId === null)
 			{
-				$chores = $this->Database->chores();
+				$chores = $this->getDatabase()->chores();
 				foreach ($chores as $chore)
 				{
-					$this->ChoresService->CalculateNextExecutionAssignment($chore->id);
+					$this->getChoresService()->CalculateNextExecutionAssignment($chore->id);
 				}
 			}
 			else
 			{
-				$this->ChoresService->CalculateNextExecutionAssignment($choreId);
+				$this->getChoresService()->CalculateNextExecutionAssignment($choreId);
 			}
 
 			return $this->EmptyApiResponse($response);
@@ -103,4 +39,77 @@ class ChoresApiController extends BaseApiController
 			return $this->GenericErrorResponse($response, $ex->getMessage());
 		}
 	}
+
+	public function ChoreDetails(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		try
+		{
+			return $this->ApiResponse($response, $this->getChoresService()->GetChoreDetails($args['choreId']));
+		}
+		catch (\Exception $ex)
+		{
+			return $this->GenericErrorResponse($response, $ex->getMessage());
+		}
+	}
+
+	public function Current(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		return $this->FilteredApiResponse($response, $this->getChoresService()->GetCurrent(), $request->getQueryParams());
+	}
+
+	public function TrackChoreExecution(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		$requestBody = $this->GetParsedAndFilteredRequestBody($request);
+
+		try
+		{
+			User::checkPermission($request, User::PERMISSION_CHORE_TRACK_EXECUTION);
+
+			$trackedTime = date('Y-m-d H:i:s');
+
+			if (array_key_exists('tracked_time', $requestBody) && (IsIsoDateTime($requestBody['tracked_time']) || IsIsoDate($requestBody['tracked_time'])))
+			{
+				$trackedTime = $requestBody['tracked_time'];
+			}
+
+			$doneBy = GROCY_USER_ID;
+
+			if (array_key_exists('done_by', $requestBody) && !empty($requestBody['done_by']))
+			{
+				$doneBy = $requestBody['done_by'];
+			}
+
+			if ($doneBy != GROCY_USER_ID)
+			{
+				User::checkPermission($request, User::PERMISSION_CHORE_TRACK_EXECUTION_EXECUTION);
+			}
+
+			$choreExecutionId = $this->getChoresService()->TrackChore($args['choreId'], $trackedTime, $doneBy);
+			return $this->ApiResponse($response, $this->getDatabase()->chores_log($choreExecutionId));
+		}
+		catch (\Exception $ex)
+		{
+			return $this->GenericErrorResponse($response, $ex->getMessage());
+		}
+	}
+
+	public function UndoChoreExecution(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		try
+		{
+			User::checkPermission($request, User::PERMISSION_CHORE_UNDO_EXECUTION);
+
+			$this->ApiResponse($response, $this->getChoresService()->UndoChoreExecution($args['executionId']));
+			return $this->EmptyApiResponse($response);
+		}
+		catch (\Exception $ex)
+		{
+			return $this->GenericErrorResponse($response, $ex->getMessage());
+		}
+	}
+
+	public function __construct(\DI\Container $container)
+	{
+		parent::__construct($container);
+	}
 }

controllers/ChoresController.php

@@ -2,95 +2,95 @@
 
 namespace Grocy\Controllers;
 
-use \Grocy\Services\ChoresService;
-use \Grocy\Services\UsersService;
-use \Grocy\Services\UserfieldsService;
-
 class ChoresController extends BaseController
 {
-	public function __construct(\Slim\Container $container)
+	public function ChoreEditForm(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		parent::__construct($container);
-		$this->ChoresService = new ChoresService();
-		$this->UserfieldsService = new UserfieldsService();
-	}
-
-	protected $ChoresService;
-	protected $UserfieldsService;
-
-	public function Overview(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		$usersService = new UsersService();
-		$nextXDays = $usersService->GetUserSettings(GROCY_USER_ID)['chores_due_soon_days'];
-
-		return $this->AppContainer->view->render($response, 'choresoverview', [
-			'chores' => $this->Database->chores()->orderBy('name'),
-			'currentChores' => $this->ChoresService->GetCurrent(),
-			'nextXDays' => $nextXDays,
-			'userfields' => $this->UserfieldsService->GetFields('chores'),
-			'userfieldValues' => $this->UserfieldsService->GetAllValues('chores'),
-			'users' => $usersService->GetUsersAsDto()
-		]);
-	}
-
-	public function TrackChoreExecution(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		return $this->AppContainer->view->render($response, 'choretracking', [
-			'chores' => $this->Database->chores()->orderBy('name'),
-			'users' => $this->Database->users()->orderBy('username')
-		]);
-	}
-
-	public function ChoresList(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		return $this->AppContainer->view->render($response, 'chores', [
-			'chores' => $this->Database->chores()->orderBy('name'),
-			'userfields' => $this->UserfieldsService->GetFields('chores'),
-			'userfieldValues' => $this->UserfieldsService->GetAllValues('chores')
-		]);
-	}
-
-	public function Journal(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		return $this->AppContainer->view->render($response, 'choresjournal', [
-			'choresLog' => $this->Database->chores_log()->orderBy('tracked_time', 'DESC'),
-			'chores' => $this->Database->chores()->orderBy('name'),
-			'users' => $this->Database->users()->orderBy('username')
-		]);
-	}
-
-	public function ChoreEditForm(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		$usersService = new UsersService();
+		$usersService = $this->getUsersService();
 		$users = $usersService->GetUsersAsDto();
 
 		if ($args['choreId'] == 'new')
 		{
-			return $this->AppContainer->view->render($response, 'choreform', [
+			return $this->renderPage($response, 'choreform', [
 				'periodTypes' => GetClassConstants('\Grocy\Services\ChoresService', 'CHORE_PERIOD_TYPE_'),
 				'mode' => 'create',
-				'userfields' => $this->UserfieldsService->GetFields('chores'),
+				'userfields' => $this->getUserfieldsService()->GetFields('chores'),
 				'assignmentTypes' => GetClassConstants('\Grocy\Services\ChoresService', 'CHORE_ASSIGNMENT_TYPE_'),
 				'users' => $users,
-				'products' => $this->Database->products()->orderBy('name')
+				'products' => $this->getDatabase()->products()->orderBy('name', 'COLLATE NOCASE')
 			]);
 		}
 		else
 		{
-			return $this->AppContainer->view->render($response, 'choreform', [
-				'chore' =>  $this->Database->chores($args['choreId']),
+			return $this->renderPage($response, 'choreform', [
+				'chore' => $this->getDatabase()->chores($args['choreId']),
 				'periodTypes' => GetClassConstants('\Grocy\Services\ChoresService', 'CHORE_PERIOD_TYPE_'),
 				'mode' => 'edit',
-				'userfields' => $this->UserfieldsService->GetFields('chores'),
+				'userfields' => $this->getUserfieldsService()->GetFields('chores'),
 				'assignmentTypes' => GetClassConstants('\Grocy\Services\ChoresService', 'CHORE_ASSIGNMENT_TYPE_'),
 				'users' => $users,
-				'products' => $this->Database->products()->orderBy('name')
+				'products' => $this->getDatabase()->products()->orderBy('name', 'COLLATE NOCASE')
 			]);
 		}
 	}
 
-	public function ChoresSettings(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function ChoresList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		return $this->AppContainer->view->render($response, 'choressettings');
+		if (isset($request->getQueryParams()['include_disabled']))
+		{
+			$chores = $this->getDatabase()->chores()->orderBy('name', 'COLLATE NOCASE');
+		}
+		else
+		{
+			$chores = $this->getDatabase()->chores()->where('active = 1')->orderBy('name', 'COLLATE NOCASE');
+		}
+
+		return $this->renderPage($response, 'chores', [
+			'chores' => $chores,
+			'userfields' => $this->getUserfieldsService()->GetFields('chores'),
+			'userfieldValues' => $this->getUserfieldsService()->GetAllValues('chores')
+		]);
+	}
+
+	public function ChoresSettings(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		return $this->renderPage($response, 'choressettings');
+	}
+
+	public function Journal(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		return $this->renderPage($response, 'choresjournal', [
+			'choresLog' => $this->getDatabase()->chores_log()->orderBy('tracked_time', 'DESC'),
+			'chores' => $this->getDatabase()->chores()->where('active = 1')->orderBy('name', 'COLLATE NOCASE'),
+			'users' => $this->getDatabase()->users()->orderBy('username')
+		]);
+	}
+
+	public function Overview(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		$usersService = $this->getUsersService();
+		$nextXDays = $usersService->GetUserSettings(GROCY_USER_ID)['chores_due_soon_days'];
+
+		return $this->renderPage($response, 'choresoverview', [
+			'chores' => $this->getDatabase()->chores()->orderBy('name', 'COLLATE NOCASE'),
+			'currentChores' => $this->getChoresService()->GetCurrent(),
+			'nextXDays' => $nextXDays,
+			'userfields' => $this->getUserfieldsService()->GetFields('chores'),
+			'userfieldValues' => $this->getUserfieldsService()->GetAllValues('chores'),
+			'users' => $usersService->GetUsersAsDto()
+		]);
+	}
+
+	public function TrackChoreExecution(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		return $this->renderPage($response, 'choretracking', [
+			'chores' => $this->getDatabase()->chores()->where('active = 1')->orderBy('name', 'COLLATE NOCASE'),
+			'users' => $this->getDatabase()->users()->orderBy('username')
+		]);
+	}
+
+	public function __construct(\DI\Container $container)
+	{
+		parent::__construct($container);
 	}
 }

controllers/EquipmentController.php

@@ -2,43 +2,40 @@
 
 namespace Grocy\Controllers;
 
-use \Grocy\Services\UserfieldsService;
-
 class EquipmentController extends BaseController
 {
-	public function __construct(\Slim\Container $container)
-	{
-		parent::__construct($container);
-		$this->UserfieldsService = new UserfieldsService();
-	}
-
 	protected $UserfieldsService;
 
-	public function Overview(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		return $this->AppContainer->view->render($response, 'equipment', [
-			'equipment' => $this->Database->equipment()->orderBy('name'),
-			'userfields' => $this->UserfieldsService->GetFields('equipment'),
-			'userfieldValues' => $this->UserfieldsService->GetAllValues('equipment')
-		]);
-	}
-
-	public function EditForm(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function EditForm(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		if ($args['equipmentId'] == 'new')
 		{
-			return $this->AppContainer->view->render($response, 'equipmentform', [
+			return $this->renderPage($response, 'equipmentform', [
 				'mode' => 'create',
-				'userfields' => $this->UserfieldsService->GetFields('equipment')
+				'userfields' => $this->getUserfieldsService()->GetFields('equipment')
 			]);
 		}
 		else
 		{
-			return $this->AppContainer->view->render($response, 'equipmentform', [
-				'equipment' =>  $this->Database->equipment($args['equipmentId']),
+			return $this->renderPage($response, 'equipmentform', [
+				'equipment' => $this->getDatabase()->equipment($args['equipmentId']),
 				'mode' => 'edit',
-				'userfields' => $this->UserfieldsService->GetFields('equipment')
+				'userfields' => $this->getUserfieldsService()->GetFields('equipment')
 			]);
 		}
 	}
+
+	public function Overview(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		return $this->renderPage($response, 'equipment', [
+			'equipment' => $this->getDatabase()->equipment()->orderBy('name', 'COLLATE NOCASE'),
+			'userfields' => $this->getUserfieldsService()->GetFields('equipment'),
+			'userfieldValues' => $this->getUserfieldsService()->GetAllValues('equipment')
+		]);
+	}
+
+	public function __construct(\DI\Container $container)
+	{
+		parent::__construct($container);
+	}
 }

controllers/ExceptionController.php

@@ -0,0 +1,80 @@
+<?php
+
+namespace Grocy\Controllers;
+
+use Psr\Http\Message\ServerRequestInterface;
+use Psr\Log\LoggerInterface;
+use Slim\Exception\HttpException;
+use Slim\Exception\HttpForbiddenException;
+use Slim\Exception\HttpNotFoundException;
+use Throwable;
+
+class ExceptionController extends BaseApiController
+{
+	/**
+	 * @var \Slim\App
+	 */
+	private $app;
+
+	public function __construct(\Slim\App $app, \DI\Container $container)
+	{
+		parent::__construct($container);
+		$this->app = $app;
+	}
+
+	public function __invoke(ServerRequestInterface $request, Throwable $exception, bool $displayErrorDetails, bool $logErrors, bool $logErrorDetails, ?LoggerInterface $logger = null)
+	{
+		$response = $this->app->getResponseFactory()->createResponse();
+		$isApiRoute = string_starts_with($request->getUri()->getPath(), '/api/');
+
+		if (!defined('GROCY_AUTHENTICATED'))
+		{
+			define('GROCY_AUTHENTICATED', false);
+		}
+
+		if ($isApiRoute)
+		{
+			$status = 500;
+
+			if ($exception instanceof HttpException)
+			{
+				$status = $exception->getCode();
+			}
+
+			$data = [
+				'error_message' => $exception->getMessage()
+			];
+
+			if ($displayErrorDetails)
+			{
+				$data['error_details'] = [
+					'stack_trace' => $exception->getTraceAsString(),
+					'file' => $exception->getFile(),
+					'line' => $exception->getLine()
+				];
+			}
+
+			return $this->ApiResponse($response->withStatus($status)->withHeader('Content-Type', 'application/json'), $data);
+		}
+
+		if ($exception instanceof HttpNotFoundException)
+		{
+			define('GROCY_AUTHENTICATED', false);
+
+			return $this->renderPage($response->withStatus(404), 'errors/404', [
+				'exception' => $exception
+			]);
+		}
+
+		if ($exception instanceof HttpForbiddenException)
+		{
+			return $this->renderPage($response->withStatus(403), 'errors/403', [
+				'exception' => $exception
+			]);
+		}
+
+		return $this->renderPage($response->withStatus(500), 'errors/500', [
+			'exception' => $exception
+		]);
+	}
+}

controllers/FilesApiController.php

@@ -2,19 +2,12 @@
 
 namespace Grocy\Controllers;
 
-use \Grocy\Services\FilesService;
+use Grocy\Services\FilesService;
+use Slim\Exception\HttpNotFoundException;
 
 class FilesApiController extends BaseApiController
 {
-	public function __construct(\Slim\Container $container)
-	{
-		parent::__construct($container);
-		$this->FilesService = new FilesService();
-	}
-
-	protected $FilesService;
-
-	public function UploadFile(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function DeleteFile(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		try
 		{
@@ -27,89 +20,8 @@ class FilesApiController extends BaseApiController
 				throw new \Exception('Invalid filename');
 			}
 
-			$data = $request->getBody()->getContents();
-			file_put_contents($this->FilesService->GetFilePath($args['group'], $fileName), $data);
+			$filePath = $this->getFilesService()->GetFilePath($args['group'], $fileName);
 
-			return $this->EmptyApiResponse($response);
-		}
-		catch (\Exception $ex)
-		{
-			return $this->GenericErrorResponse($response, $ex->getMessage());
-		}
-	}
-
-	public function ServeFile(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		try
-		{
-			if (IsValidFileName(base64_decode($args['fileName'])))
-			{
-				$fileName = base64_decode($args['fileName']);
-			}
-			else
-			{
-				throw new \Exception('Invalid filename');
-			}
-
-			$forceServeAs = null;
-			if (isset($request->getQueryParams()['force_serve_as']) && !empty($request->getQueryParams()['force_serve_as']))
-			{
-				$forceServeAs = $request->getQueryParams()['force_serve_as'];
-			}
-
-			if ($forceServeAs == FilesService::FILE_SERVE_TYPE_PICTURE)
-			{
-				$bestFitHeight = null;
-				if (isset($request->getQueryParams()['best_fit_height']) && !empty($request->getQueryParams()['best_fit_height']) && is_numeric($request->getQueryParams()['best_fit_height']))
-				{
-					$bestFitHeight = $request->getQueryParams()['best_fit_height'];
-				}
-
-				$bestFitWidth = null;
-				if (isset($request->getQueryParams()['best_fit_width']) && !empty($request->getQueryParams()['best_fit_width']) && is_numeric($request->getQueryParams()['best_fit_width']))
-				{
-					$bestFitWidth = $request->getQueryParams()['best_fit_width'];
-				}
-
-				$filePath = $this->FilesService->DownscaleImage($args['group'], $fileName, $bestFitHeight, $bestFitWidth);
-			}
-			else
-			{
-				$filePath = $this->FilesService->GetFilePath($args['group'], $fileName);
-			}
-
-			if (file_exists($filePath))
-			{
-				$response->write(file_get_contents($filePath));
-				$response = $response->withHeader('Cache-Control', 'max-age=2592000');
-				$response = $response->withHeader('Content-Type', mime_content_type($filePath));
-				return $response->withHeader('Content-Disposition', 'inline; filename="' . $fileName . '"');
-			}
-			else
-			{
-				return $this->GenericErrorResponse($response, 'File not found', 404);
-			}
-		}
-		catch (\Exception $ex)
-		{
-			return $this->GenericErrorResponse($response, $ex->getMessage());
-		}
-	}
-
-	public function DeleteFile(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		try
-		{
-			if (IsValidFileName(base64_decode($args['fileName'])))
-			{
-				$fileName = base64_decode($args['fileName']);
-			}
-			else
-			{
-				throw new \Exception('Invalid filename');
-			}
-
-			$filePath = $this->FilesService->GetFilePath($args['group'], $fileName);
 			if (file_exists($filePath))
 			{
 				unlink($filePath);
@@ -122,4 +34,139 @@ class FilesApiController extends BaseApiController
 			return $this->GenericErrorResponse($response, $ex->getMessage());
 		}
 	}
+
+	public function ServeFile(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		try
+		{
+			$fileName = $this->checkFileName($args['fileName']);
+
+			$filePath = $this->getFilePath($args['group'], $fileName, $request->getQueryParams());
+
+			if (file_exists($filePath))
+			{
+				$response->write(file_get_contents($filePath));
+				$response = $response->withHeader('Cache-Control', 'max-age=2592000');
+				$response = $response->withHeader('Content-Type', mime_content_type($filePath));
+				return $response->withHeader('Content-Disposition', 'inline; filename="' . $fileName . '"');
+			}
+			else
+			{
+				throw new HttpNotFoundException($request, 'File not found');
+			}
+		}
+		catch (\Exception $ex)
+		{
+			throw new HttpNotFoundException($request, $ex->getMessage(), $ex);
+		}
+	}
+
+	public function ShowFile(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		try
+		{
+			$fileInfo = explode('_', $args['fileName']);
+			$fileName = $this->checkFileName($fileInfo[1]);
+
+			$filePath = $this->getFilePath($args['group'], base64_decode($fileInfo[0]), $request->getQueryParams());
+
+			if (file_exists($filePath))
+			{
+				$response->write(file_get_contents($filePath));
+				$response = $response->withHeader('Cache-Control', 'max-age=2592000');
+				$response = $response->withHeader('Content-Type', mime_content_type($filePath));
+				return $response->withHeader('Content-Disposition', 'inline; filename="' . $fileName . '"');
+			}
+			else
+			{
+				throw new HttpNotFoundException($request, 'File not found');
+			}
+		}
+		catch (\Exception $ex)
+		{
+			throw new HttpNotFoundException($request, $ex->getMessage(), $ex);
+		}
+	}
+
+	public function UploadFile(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		try
+		{
+			$fileName = $this->checkFileName($args['fileName']);
+
+			$data = $request->getBody()->getContents();
+			file_put_contents($this->getFilesService()->GetFilePath($args['group'], $fileName), $data);
+
+			return $this->EmptyApiResponse($response);
+		}
+		catch (\Exception $ex)
+		{
+			return $this->GenericErrorResponse($response, $ex->getMessage());
+		}
+	}
+
+	public function __construct(\DI\Container $container)
+	{
+		parent::__construct($container);
+	}
+
+	/**
+	 * @param string $fileName base64-encoded file-name
+	 * @return false|string the decoded file-name
+	 * @throws \Exception if the file-name is invalid.
+	 */
+	protected function checkFileName(string $fileName)
+	{
+		if (IsValidFileName(base64_decode($fileName)))
+		{
+			$fileName = base64_decode($fileName);
+		}
+		else
+		{
+			throw new \Exception('Invalid filename');
+		}
+
+		return $fileName;
+	}
+
+	/**
+	 * @param string $group The group the requested files belongs to.
+	 * @param string $fileName The name of the requested file.
+	 * @param array $queryParams Parameter, e.g. for scaling. Optional.
+	 * @return string
+	 */
+	protected function getFilePath(string $group, string $fileName, array $queryParams = [])
+	{
+		$forceServeAs = null;
+
+		if (isset($queryParams['force_serve_as']) && !empty($queryParams['force_serve_as']))
+		{
+			$forceServeAs = $queryParams['force_serve_as'];
+		}
+
+		if ($forceServeAs == FilesService::FILE_SERVE_TYPE_PICTURE)
+		{
+			$bestFitHeight = null;
+
+			if (isset($queryParams['best_fit_height']) && !empty($queryParams['best_fit_height']) && is_numeric($queryParams['best_fit_height']))
+			{
+				$bestFitHeight = $queryParams['best_fit_height'];
+			}
+
+			$bestFitWidth = null;
+
+			if (isset($queryParams['best_fit_width']) && !empty($queryParams['best_fit_width']) && is_numeric($queryParams['best_fit_width']))
+			{
+				$bestFitWidth = $queryParams['best_fit_width'];
+			}
+
+			$filePath = $this->getFilesService()->DownscaleImage($group, $fileName, $bestFitHeight, $bestFitWidth);
+		}
+		else
+		{
+			$filePath = $this->getFilesService()->GetFilePath($group, $fileName);
+		}
+
+		return $filePath;
+	}
 }

controllers/GenericEntityApiController.php

@@ -2,47 +2,23 @@
 
 namespace Grocy\Controllers;
 
-use \Grocy\Services\UserfieldsService;
+use Grocy\Controllers\Users\User;
+use Slim\Exception\HttpBadRequestException;
 
 class GenericEntityApiController extends BaseApiController
 {
-	public function __construct(\Slim\Container $container)
+	public function AddObject(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		parent::__construct($container);
-		$this->UserfieldsService = new UserfieldsService();
-	}
+		User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT);
 
-	protected $UserfieldsService;
+		if ($this->IsValidExposedEntity($args['entity']) && !$this->IsEntityWithNoEdit($args['entity']))
+		{
+			if ($this->IsEntityWithEditRequiresAdmin($args['entity']))
+			{
+				User::checkPermission($request, User::PERMISSION_ADMIN);
+			}
 
-	public function GetObjects(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		if ($this->IsValidEntity($args['entity']) && !$this->IsEntityWithPreventedListing($args['entity']))
-		{
-			return $this->ApiResponse($this->Database->{$args['entity']}());
-		}
-		else
-		{
-			return $this->GenericErrorResponse($response, 'Entity does not exist or is not exposed');
-		}
-	}
-
-	public function GetObject(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		if ($this->IsValidEntity($args['entity']) && !$this->IsEntityWithPreventedListing($args['entity']))
-		{
-			return $this->ApiResponse($this->Database->{$args['entity']}($args['objectId']));
-		}
-		else
-		{
-			return $this->GenericErrorResponse($response, 'Entity does not exist or is not exposed');
-		}
-	}
-
-	public function AddObject(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		if ($this->IsValidEntity($args['entity']))
-		{
-			$requestBody = $request->getParsedBody();
+			$requestBody = $this->GetParsedAndFilteredRequestBody($request);
 
 			try
 			{
@@ -51,12 +27,13 @@ class GenericEntityApiController extends BaseApiController
 					throw new \Exception('Request body could not be parsed (probably invalid JSON format or missing/wrong Content-Type header)');
 				}
 
-				$newRow = $this->Database->{$args['entity']}()->createRow($requestBody);
+				$newRow = $this->getDatabase()->{$args['entity']}()->createRow($requestBody);
 				$newRow->save();
 				$success = $newRow->isClean();
-				return $this->ApiResponse(array(
-					'created_object_id' => $this->Database->lastInsertId()
-				));
+
+				return $this->ApiResponse($response, [
+					'created_object_id' => $this->getDatabase()->lastInsertId()
+				]);
 			}
 			catch (\Exception $ex)
 			{
@@ -69,11 +46,41 @@ class GenericEntityApiController extends BaseApiController
 		}
 	}
 
-	public function EditObject(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function DeleteObject(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		if ($this->IsValidEntity($args['entity']))
+		User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT);
+
+		if ($this->IsValidExposedEntity($args['entity']) && !$this->IsEntityWithNoDelete($args['entity']))
 		{
-			$requestBody = $request->getParsedBody();
+			if ($this->IsEntityWithEditRequiresAdmin($args['entity']))
+			{
+				User::checkPermission($request, User::PERMISSION_ADMIN);
+			}
+
+			$row = $this->getDatabase()->{$args['entity']}($args['objectId']);
+			$row->delete();
+			$success = $row->isClean();
+
+			return $this->EmptyApiResponse($response);
+		}
+		else
+		{
+			return $this->GenericErrorResponse($response, 'Invalid entity');
+		}
+	}
+
+	public function EditObject(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT);
+
+		if ($this->IsValidExposedEntity($args['entity']) && !$this->IsEntityWithNoEdit($args['entity']))
+		{
+			if ($this->IsEntityWithEditRequiresAdmin($args['entity']))
+			{
+				User::checkPermission($request, User::PERMISSION_ADMIN);
+			}
+
+			$requestBody = $this->GetParsedAndFilteredRequestBody($request);
 
 			try
 			{
@@ -82,9 +89,10 @@ class GenericEntityApiController extends BaseApiController
 					throw new \Exception('Request body could not be parsed (probably invalid JSON format or missing/wrong Content-Type header)');
 				}
 
-				$row = $this->Database->{$args['entity']}($args['objectId']);
+				$row = $this->getDatabase()->{$args['entity']}($args['objectId']);
 				$row->update($requestBody);
 				$success = $row->isClean();
+
 				return $this->EmptyApiResponse($response);
 			}
 			catch (\Exception $ex)
@@ -98,33 +106,27 @@ class GenericEntityApiController extends BaseApiController
 		}
 	}
 
-	public function DeleteObject(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function GetObject(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		if ($this->IsValidEntity($args['entity']))
+		if ($this->IsValidExposedEntity($args['entity']) && !$this->IsEntityWithNoListing($args['entity']))
 		{
-			$row = $this->Database->{$args['entity']}($args['objectId']);
-			$row->delete();
-			$success = $row->isClean();
-			return $this->EmptyApiResponse($response);
-		}
-		else
-		{
-			return $this->GenericErrorResponse($response, $ex->getMessage());
-		}
-	}
+			$userfields = $this->getUserfieldsService()->GetValues($args['entity'], $args['objectId']);
 
-	public function SearchObjects(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		if ($this->IsValidEntity($args['entity']) && !$this->IsEntityWithPreventedListing($args['entity']))
-		{
-			try
+			if (count($userfields) === 0)
 			{
-				return $this->ApiResponse($this->Database->{$args['entity']}()->where('name LIKE ?', '%' . $args['searchString'] . '%'));
+				$userfields = null;
 			}
-			catch (\PDOException $ex)
+
+			$object = $this->getDatabase()->{$args['entity']}($args['objectId']);
+
+			if ($object == null)
 			{
-				return $this->GenericErrorResponse($response, 'The given entity has no field "name"');
+				return $this->GenericErrorResponse($response, 'Object not found', 404);
 			}
+
+			$object['userfields'] = $userfields;
+
+			return $this->ApiResponse($response, $object);
 		}
 		else
 		{
@@ -132,11 +134,42 @@ class GenericEntityApiController extends BaseApiController
 		}
 	}
 
-	public function GetUserfields(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function GetObjects(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		$objects = $this->queryData($this->getDatabase()->{$args['entity']}(), $request->getQueryParams());
+		$allUserfields = $this->getUserfieldsService()->GetAllValues($args['entity']);
+
+		foreach ($objects as $object)
+		{
+			$userfields = FindAllObjectsInArrayByPropertyValue($allUserfields, 'object_id', $object->id);
+			$userfieldKeyValuePairs = null;
+
+			if (count($userfields) > 0)
+			{
+				foreach ($userfields as $userfield)
+				{
+					$userfieldKeyValuePairs[$userfield->name] = $userfield->value;
+				}
+			}
+
+			$object->userfields = $userfieldKeyValuePairs;
+		}
+
+		if ($this->IsValidExposedEntity($args['entity']) && !$this->IsEntityWithNoListing($args['entity']))
+		{
+			return $this->ApiResponse($response, $objects);
+		}
+		else
+		{
+			return $this->GenericErrorResponse($response, 'Entity does not exist or is not exposed');
+		}
+	}
+
+	public function GetUserfields(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		try
 		{
-			return $this->ApiResponse($this->UserfieldsService->GetValues($args['entity'], $args['objectId']));
+			return $this->ApiResponse($response, $this->getUserfieldsService()->GetValues($args['entity'], $args['objectId']));
 		}
 		catch (\Exception $ex)
 		{
@@ -144,9 +177,11 @@ class GenericEntityApiController extends BaseApiController
 		}
 	}
 
-	public function SetUserfields(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function SetUserfields(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		$requestBody = $request->getParsedBody();
+		User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT);
+
+		$requestBody = $this->GetParsedAndFilteredRequestBody($request);
 
 		try
 		{
@@ -155,7 +190,7 @@ class GenericEntityApiController extends BaseApiController
 				throw new \Exception('Request body could not be parsed (probably invalid JSON format or missing/wrong Content-Type header)');
 			}
 
-			$this->UserfieldsService->SetValues($args['entity'], $args['objectId'], $requestBody);
+			$this->getUserfieldsService()->SetValues($args['entity'], $args['objectId'], $requestBody);
 			return $this->EmptyApiResponse($response);
 		}
 		catch (\Exception $ex)
@@ -164,13 +199,33 @@ class GenericEntityApiController extends BaseApiController
 		}
 	}
 
-	private function IsValidEntity($entity)
+	public function __construct(\DI\Container $container)
 	{
-		return in_array($entity, $this->OpenApiSpec->components->internalSchemas->ExposedEntity->enum);
+		parent::__construct($container);
 	}
 
-	private function IsEntityWithPreventedListing($entity)
+	private function IsEntityWithEditRequiresAdmin($entity)
 	{
-		return in_array($entity, $this->OpenApiSpec->components->internalSchemas->ExposedEntitiesPreventListing->enum);
+		return in_array($entity, $this->getOpenApiSpec()->components->internalSchemas->ExposedEntityEditRequiresAdmin->enum);
+	}
+
+	private function IsEntityWithNoListing($entity)
+	{
+		return in_array($entity, $this->getOpenApiSpec()->components->internalSchemas->ExposedEntityNoListing->enum);
+	}
+
+	private function IsEntityWithNoEdit($entity)
+	{
+		return in_array($entity, $this->getOpenApiSpec()->components->internalSchemas->ExposedEntityNoEdit->enum);
+	}
+
+	private function IsEntityWithNoDelete($entity)
+	{
+		return in_array($entity, $this->getOpenApiSpec()->components->internalSchemas->ExposedEntityNoDelete->enum);
+	}
+
+	private function IsValidExposedEntity($entity)
+	{
+		return in_array($entity, $this->getOpenApiSpec()->components->internalSchemas->ExposedEntity->enum);
 	}
 }

controllers/GenericEntityController.php

@@ -2,103 +2,98 @@
 
 namespace Grocy\Controllers;
 
-use \Grocy\Services\UserfieldsService;
-
 class GenericEntityController extends BaseController
 {
-	public function __construct(\Slim\Container $container)
+	public function UserentitiesList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		parent::__construct($container);
-		$this->UserfieldsService = new UserfieldsService();
-	}
-
-	protected $UserfieldsService;
-
-	public function UserfieldsList(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		return $this->AppContainer->view->render($response, 'userfields', [
-			'userfields' => $this->UserfieldsService->GetAllFields(),
-			'entities' => $this->UserfieldsService->GetEntities()
+		return $this->renderPage($response, 'userentities', [
+			'userentities' => $this->getDatabase()->userentities()->orderBy('name', 'COLLATE NOCASE')
 		]);
 	}
 
-	public function UserentitiesList(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		return $this->AppContainer->view->render($response, 'userentities', [
-			'userentities' => $this->Database->userentities()->orderBy('name')
-		]);
-	}
-
-	public function UserobjectsList(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		$userentity = $this->Database->userentities()->where('name = :1', $args['userentityName'])->fetch();
-
-		return $this->AppContainer->view->render($response, 'userobjects', [
-			'userentity' => $userentity,
-			'userobjects' => $this->Database->userobjects()->where('userentity_id = :1', $userentity->id),
-			'userfields' => $this->UserfieldsService->GetFields('userentity-' . $args['userentityName']),
-			'userfieldValues' => $this->UserfieldsService->GetAllValues('userentity-' . $args['userentityName'])
-		]);
-	}
-
-	public function UserfieldEditForm(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		if ($args['userfieldId'] == 'new')
-		{
-			return $this->AppContainer->view->render($response, 'userfieldform', [
-				'mode' => 'create',
-				'userfieldTypes' => $this->UserfieldsService->GetFieldTypes(),
-				'entities' => $this->UserfieldsService->GetEntities()
-			]);
-		}
-		else
-		{
-			return $this->AppContainer->view->render($response, 'userfieldform', [
-				'mode' => 'edit',
-				'userfield' =>  $this->UserfieldsService->GetField($args['userfieldId']),
-				'userfieldTypes' => $this->UserfieldsService->GetFieldTypes(),
-				'entities' => $this->UserfieldsService->GetEntities()
-			]);
-		}
-	}
-
-	public function UserentityEditForm(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function UserentityEditForm(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		if ($args['userentityId'] == 'new')
 		{
-			return $this->AppContainer->view->render($response, 'userentityform', [
+			return $this->renderPage($response, 'userentityform', [
 				'mode' => 'create'
 			]);
 		}
 		else
 		{
-			return $this->AppContainer->view->render($response, 'userentityform', [
+			return $this->renderPage($response, 'userentityform', [
 				'mode' => 'edit',
-				'userentity' =>  $this->Database->userentities($args['userentityId'])
+				'userentity' => $this->getDatabase()->userentities($args['userentityId'])
 			]);
 		}
 	}
 
-	public function UserobjectEditForm(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function UserfieldEditForm(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		$userentity = $this->Database->userentities()->where('name = :1', $args['userentityName'])->fetch();
-
-		if ($args['userobjectId'] == 'new')
+		if ($args['userfieldId'] == 'new')
 		{
-			return $this->AppContainer->view->render($response, 'userobjectform', [
-				'userentity' => $userentity,
+			return $this->renderPage($response, 'userfieldform', [
 				'mode' => 'create',
-				'userfields' => $this->UserfieldsService->GetFields('userentity-' . $args['userentityName'])
+				'userfieldTypes' => $this->getUserfieldsService()->GetFieldTypes(),
+				'entities' => $this->getUserfieldsService()->GetEntities()
 			]);
 		}
 		else
 		{
-			return $this->AppContainer->view->render($response, 'userobjectform', [
-				'userentity' => $userentity,
+			return $this->renderPage($response, 'userfieldform', [
 				'mode' => 'edit',
-				'userobject' =>  $this->Database->userobjects($args['userobjectId']),
-				'userfields' => $this->UserfieldsService->GetFields('userentity-' . $args['userentityName'])
+				'userfield' => $this->getUserfieldsService()->GetField($args['userfieldId']),
+				'userfieldTypes' => $this->getUserfieldsService()->GetFieldTypes(),
+				'entities' => $this->getUserfieldsService()->GetEntities()
 			]);
 		}
 	}
+
+	public function UserfieldsList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		return $this->renderPage($response, 'userfields', [
+			'userfields' => $this->getUserfieldsService()->GetAllFields(),
+			'entities' => $this->getUserfieldsService()->GetEntities()
+		]);
+	}
+
+	public function UserobjectEditForm(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		$userentity = $this->getDatabase()->userentities()->where('name = :1', $args['userentityName'])->fetch();
+
+		if ($args['userobjectId'] == 'new')
+		{
+			return $this->renderPage($response, 'userobjectform', [
+				'userentity' => $userentity,
+				'mode' => 'create',
+				'userfields' => $this->getUserfieldsService()->GetFields('userentity-' . $args['userentityName'])
+			]);
+		}
+		else
+		{
+			return $this->renderPage($response, 'userobjectform', [
+				'userentity' => $userentity,
+				'mode' => 'edit',
+				'userobject' => $this->getDatabase()->userobjects($args['userobjectId']),
+				'userfields' => $this->getUserfieldsService()->GetFields('userentity-' . $args['userentityName'])
+			]);
+		}
+	}
+
+	public function UserobjectsList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		$userentity = $this->getDatabase()->userentities()->where('name = :1', $args['userentityName'])->fetch();
+
+		return $this->renderPage($response, 'userobjects', [
+			'userentity' => $userentity,
+			'userobjects' => $this->getDatabase()->userobjects()->where('userentity_id = :1', $userentity->id),
+			'userfields' => $this->getUserfieldsService()->GetFields('userentity-' . $args['userentityName']),
+			'userfieldValues' => $this->getUserfieldsService()->GetAllValues('userentity-' . $args['userentityName'])
+		]);
+	}
+
+	public function __construct(\DI\Container $container)
+	{
+		parent::__construct($container);
+	}
 }

controllers/LoginController.php

@@ -2,69 +2,36 @@
 
 namespace Grocy\Controllers;
 
-use \Grocy\Services\SessionService;
-use \Grocy\Services\DatabaseMigrationService;
-use \Grocy\Services\DemoDataGeneratorService;
+use Grocy\Services\SessionService;
 
 class LoginController extends BaseController
 {
-	public function __construct(\Slim\Container $container, string $sessionCookieName)
+	public function __construct(\DI\Container $container)
 	{
 		parent::__construct($container);
-		$this->SessionService = new SessionService();
-		$this->SessionCookieName = $sessionCookieName;
 	}
 
-	protected $SessionService;
-	protected $SessionCookieName;
-
-	public function ProcessLogin(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function LoginPage(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		$postParams = $request->getParsedBody();
-		if (isset($postParams['username']) && isset($postParams['password']))
+		return $this->renderPage($response, 'login');
+	}
+
+	public function Logout(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		$this->getSessionService()->RemoveSession($_COOKIE[SessionService::SESSION_COOKIE_NAME]);
+		return $response->withRedirect($this->AppContainer->get('UrlManager')->ConstructUrl('/'));
+	}
+
+	public function ProcessLogin(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		$authMiddlewareClass = GROCY_AUTH_CLASS;
+		if ($authMiddlewareClass::ProcessLogin($this->GetParsedAndFilteredRequestBody($request)))
 		{
-			$user = $this->Database->users()->where('username', $postParams['username'])->fetch();
-			$inputPassword = $postParams['password'];
-			$stayLoggedInPermanently = $postParams['stay_logged_in'] == 'on';
-
-			if ($user !== null && password_verify($inputPassword, $user->password))
-			{
-				$sessionKey = $this->SessionService->CreateSession($user->id, $stayLoggedInPermanently);
-				setcookie($this->SessionCookieName, $sessionKey, PHP_INT_SIZE == 4 ? PHP_INT_MAX : PHP_INT_MAX>>32); // Cookie expires never, but session validity is up to SessionService
-
-				if (password_needs_rehash($user->password, PASSWORD_DEFAULT))
-				{
-					$user->update(array(
-						'password' => password_hash($inputPassword, PASSWORD_DEFAULT)
-					));
-				}
-
-				return $response->withRedirect($this->AppContainer->UrlManager->ConstructUrl('/'));
-			}
-			else
-			{
-				return $response->withRedirect($this->AppContainer->UrlManager->ConstructUrl('/login?invalid=true'));
-			}
+			return $response->withRedirect($this->AppContainer->get('UrlManager')->ConstructUrl('/'));
 		}
 		else
 		{
-			return $response->withRedirect($this->AppContainer->UrlManager->ConstructUrl('/login?invalid=true'));
+			return $response->withRedirect($this->AppContainer->get('UrlManager')->ConstructUrl('/login?invalid=true'));
 		}
 	}
-
-	public function LoginPage(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		return $this->AppContainer->view->render($response, 'login');
-	}
-
-	public function Logout(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		$this->SessionService->RemoveSession($_COOKIE[$this->SessionCookieName]);
-		return $response->withRedirect($this->AppContainer->UrlManager->ConstructUrl('/'));
-	}
-
-	public function GetSessionCookieName()
-	{
-		return $this->SessionCookieName;
-	}
 }

controllers/OpenApiController.php

@@ -2,48 +2,77 @@
 
 namespace Grocy\Controllers;
 
-use \Grocy\Services\ApplicationService;
-use \Grocy\Services\ApiKeyService;
+use Grocy\Controllers\Users\User;
 
 class OpenApiController extends BaseApiController
 {
-	public function __construct(\Slim\Container $container)
+	public function ApiKeysList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		parent::__construct($container);
-		$this->ApiKeyService = new ApiKeyService();
-	}
-
-	protected $ApiKeyService;
-
-	public function DocumentationUi(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		return $this->AppContainer->view->render($response, 'openapiui');
-	}
-
-	public function DocumentationSpec(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		$applicationService = new ApplicationService();
-
-		$versionInfo = $applicationService->GetInstalledVersion();
-		$this->OpenApiSpec->info->version = $versionInfo->Version;
-		$this->OpenApiSpec->info->description = str_replace('PlaceHolderManageApiKeysUrl', $this->AppContainer->UrlManager->ConstructUrl('/manageapikeys'), $this->OpenApiSpec->info->description);
-		$this->OpenApiSpec->servers[0]->url = $this->AppContainer->UrlManager->ConstructUrl('/api');
-
-		return $this->ApiResponse($this->OpenApiSpec);
-	}
-
-	public function ApiKeysList(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		return $this->AppContainer->view->render($response, 'manageapikeys', [
-			'apiKeys' => $this->Database->api_keys(),
-			'users' => $this->Database->users()
+		$apiKeys = $this->getDatabase()->api_keys();
+		if (!User::hasPermissions(User::PERMISSION_ADMIN))
+		{
+			$apiKeys = $apiKeys->where('user_id', GROCY_USER_ID);
+		}
+		return $this->renderPage($response, 'manageapikeys', [
+			'apiKeys' => $apiKeys,
+			'users' => $this->getDatabase()->users()
 		]);
 	}
 
-	public function CreateNewApiKey(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function CreateNewApiKey(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		$newApiKey = $this->ApiKeyService->CreateApiKey();
-		$newApiKeyId = $this->ApiKeyService->GetApiKeyId($newApiKey);
-		return $response->withRedirect($this->AppContainer->UrlManager->ConstructUrl("/manageapikeys?CreatedApiKeyId=$newApiKeyId"));
+		$newApiKey = $this->getApiKeyService()->CreateApiKey();
+		$newApiKeyId = $this->getApiKeyService()->GetApiKeyId($newApiKey);
+		return $response->withRedirect($this->AppContainer->get('UrlManager')->ConstructUrl("/manageapikeys?CreatedApiKeyId=$newApiKeyId"));
+	}
+
+	public function DocumentationSpec(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		$spec = $this->getOpenApiSpec();
+
+		$applicationService = $this->getApplicationService();
+		$versionInfo = $applicationService->GetInstalledVersion();
+		$spec->info->version = $versionInfo->Version;
+		$spec->info->description = str_replace('PlaceHolderManageApiKeysUrl', $this->AppContainer->get('UrlManager')->ConstructUrl('/manageapikeys'), $spec->info->description);
+		$spec->servers[0]->url = $this->AppContainer->get('UrlManager')->ConstructUrl('/api');
+
+		$spec->components->internalSchemas->ExposedEntity_NotIncludingNotEditable = clone $spec->components->internalSchemas->StringEnumTemplate;
+		foreach ($spec->components->internalSchemas->ExposedEntity->enum as $value)
+		{
+			if (!in_array($value, $spec->components->internalSchemas->ExposedEntityNoEdit->enum))
+			{
+				array_push($spec->components->internalSchemas->ExposedEntity_NotIncludingNotEditable->enum, $value);
+			}
+		}
+
+		$spec->components->internalSchemas->ExposedEntity_NotIncludingNotDeletable = clone $spec->components->internalSchemas->StringEnumTemplate;
+		foreach ($spec->components->internalSchemas->ExposedEntity->enum as $value)
+		{
+			if (!in_array($value, $spec->components->internalSchemas->ExposedEntityNoDelete->enum))
+			{
+				array_push($spec->components->internalSchemas->ExposedEntity_NotIncludingNotDeletable->enum, $value);
+			}
+		}
+
+		$spec->components->internalSchemas->ExposedEntity_NotIncludingNotListable = clone $spec->components->internalSchemas->StringEnumTemplate;
+		foreach ($spec->components->internalSchemas->ExposedEntity->enum as $value)
+		{
+			if (!in_array($value, $spec->components->internalSchemas->ExposedEntityNoListing->enum))
+			{
+				array_push($spec->components->internalSchemas->ExposedEntity_NotIncludingNotListable->enum, $value);
+			}
+		}
+
+		return $this->ApiResponse($response, $spec);
+	}
+
+	public function DocumentationUi(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		return $this->render($response, 'openapiui');
+	}
+
+	public function __construct(\DI\Container $container)
+	{
+		parent::__construct($container);
 	}
 }

controllers/RecipesApiController.php

@@ -2,37 +2,33 @@
 
 namespace Grocy\Controllers;
 
-use \Grocy\Services\RecipesService;
+use Grocy\Controllers\Users\User;
 
 class RecipesApiController extends BaseApiController
 {
-	public function __construct(\Slim\Container $container)
+	public function AddNotFulfilledProductsToShoppingList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		parent::__construct($container);
-		$this->RecipesService = new RecipesService();
-	}
+		User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_ADD);
 
-	protected $RecipesService;
-
-	public function AddNotFulfilledProductsToShoppingList(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		$requestBody = $request->getParsedBody();
+		$requestBody = $this->GetParsedAndFilteredRequestBody($request);
 		$excludedProductIds = null;
 
 		if ($requestBody !== null && array_key_exists('excludedProductIds', $requestBody))
 		{
 			$excludedProductIds = $requestBody['excludedProductIds'];
 		}
-		
-		$this->RecipesService->AddNotFulfilledProductsToShoppingList($args['recipeId'], $excludedProductIds);
+
+		$this->getRecipesService()->AddNotFulfilledProductsToShoppingList($args['recipeId'], $excludedProductIds);
 		return $this->EmptyApiResponse($response);
 	}
 
-	public function ConsumeRecipe(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function ConsumeRecipe(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
+		User::checkPermission($request, User::PERMISSION_STOCK_CONSUME);
+
 		try
 		{
-			$this->RecipesService->ConsumeRecipe($args['recipeId']);
+			$this->getRecipesService()->ConsumeRecipe($args['recipeId']);
 			return $this->EmptyApiResponse($response);
 		}
 		catch (\Exception $ex)
@@ -41,28 +37,34 @@ class RecipesApiController extends BaseApiController
 		}
 	}
 
-	public function GetRecipeFulfillment(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function GetRecipeFulfillment(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		try
-		{ 
-			if(!isset($args['recipeId']))
+		{
+			if (!isset($args['recipeId']))
 			{
-				return $this->ApiResponse($this->RecipesService->GetRecipesResolved());
+				return $this->FilteredApiResponse($response, $this->getRecipesService()->GetRecipesResolved(), $request->getQueryParams());
 			}
 
-			$recipeResolved = FindObjectInArrayByPropertyValue($this->RecipesService->GetRecipesResolved(), 'recipe_id', $args['recipeId']);
-			if(!$recipeResolved)
+			$recipeResolved = FindObjectInArrayByPropertyValue($this->getRecipesService()->GetRecipesResolved(), 'recipe_id', $args['recipeId']);
+
+			if (!$recipeResolved)
 			{
 				throw new \Exception('Recipe does not exist');
 			}
 			else
 			{
-				return $this->ApiResponse($recipeResolved);
+				return $this->ApiResponse($response, $recipeResolved);
 			}
-		} 
+		}
 		catch (\Exception $ex)
 		{
 			return $this->GenericErrorResponse($response, $ex->getMessage());
 		}
 	}
+
+	public function __construct(\DI\Container $container)
+	{
+		parent::__construct($container);
+	}
 }

controllers/RecipesController.php

@@ -2,162 +2,180 @@
 
 namespace Grocy\Controllers;
 
-use \Grocy\Services\RecipesService;
-use \Grocy\Services\UserfieldsService;
+use Grocy\Services\RecipesService;
 
 class RecipesController extends BaseController
 {
-	public function __construct(\Slim\Container $container)
+	public function MealPlan(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		parent::__construct($container);
-		$this->RecipesService = new RecipesService();
-		$this->UserfieldsService = new UserfieldsService();
+		$recipes = $this->getDatabase()->recipes()->where('type', RecipesService::RECIPE_TYPE_NORMAL)->fetchAll();
+
+		$events = [];
+
+		foreach ($this->getDatabase()->meal_plan() as $mealPlanEntry)
+		{
+			$recipe = FindObjectInArrayByPropertyValue($recipes, 'id', $mealPlanEntry['recipe_id']);
+			$title = '';
+
+			if ($recipe !== null)
+			{
+				$title = $recipe->name;
+			}
+
+			$productDetails = null;
+
+			if ($mealPlanEntry['product_id'] !== null)
+			{
+				$productDetails = $this->getStockService()->GetProductDetails($mealPlanEntry['product_id']);
+			}
+
+			$events[] = [
+				'id' => $mealPlanEntry['id'],
+				'title' => $title,
+				'start' => $mealPlanEntry['day'],
+				'date_format' => 'date',
+				'recipe' => json_encode($recipe),
+				'mealPlanEntry' => json_encode($mealPlanEntry),
+				'type' => $mealPlanEntry['type'],
+				'productDetails' => json_encode($productDetails)
+			];
+		}
+
+		return $this->renderPage($response, 'mealplan', [
+			'fullcalendarEventSources' => $events,
+			'recipes' => $recipes,
+			'internalRecipes' => $this->getDatabase()->recipes()->whereNot('type', RecipesService::RECIPE_TYPE_NORMAL)->fetchAll(),
+			'recipesResolved' => $this->getRecipesService()->GetRecipesResolved(),
+			'products' => $this->getDatabase()->products()->orderBy('name', 'COLLATE NOCASE'),
+			'quantityUnits' => $this->getDatabase()->quantity_units()->orderBy('name', 'COLLATE NOCASE'),
+			'quantityUnitConversionsResolved' => $this->getDatabase()->quantity_unit_conversions_resolved()
+		]);
 	}
 
-	protected $RecipesService;
-	protected $UserfieldsService;
-
-	public function Overview(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function Overview(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		if (isset($request->getQueryParams()['include-internal']))
-		{
-			$recipes = $this->Database->recipes()->orderBy('name');
-		}
-		else
-		{
-			$recipes = $this->Database->recipes()->where('type', RecipesService::RECIPE_TYPE_NORMAL)->orderBy('name');
-		}
-		$recipesResolved = $this->RecipesService->GetRecipesResolved();
+		$recipes = $this->getDatabase()->recipes()->where('type', RecipesService::RECIPE_TYPE_NORMAL)->orderBy('name', 'COLLATE NOCASE');
+		$recipesResolved = $this->getRecipesService()->GetRecipesResolved();
 
 		$selectedRecipe = null;
-		$selectedRecipePositionsResolved = null;
+
 		if (isset($request->getQueryParams()['recipe']))
 		{
-			$selectedRecipe = $this->Database->recipes($request->getQueryParams()['recipe']);
-			$selectedRecipePositionsResolved = $this->Database->recipes_pos_resolved()->where('recipe_id', $request->getQueryParams()['recipe'])->orderBy('ingredient_group');
+			$selectedRecipe = $this->getDatabase()->recipes($request->getQueryParams()['recipe']);
 		}
 		else
 		{
 			foreach ($recipes as $recipe)
 			{
 				$selectedRecipe = $recipe;
-				$selectedRecipePositionsResolved = $this->Database->recipes_pos_resolved()->where('recipe_id', $recipe->id)->orderBy('ingredient_group');
 				break;
 			}
 		}
 
-		$selectedRecipeSubRecipes = $this->Database->recipes()->where('id IN (SELECT includes_recipe_id FROM recipes_nestings_resolved WHERE recipe_id = :1 AND includes_recipe_id != :1)', $selectedRecipe->id)->orderBy('name')->fetchAll();
-		$selectedRecipeSubRecipesPositions = $this->Database->recipes_pos_resolved()->where('recipe_id = :1', $selectedRecipe->id)->orderBy('ingredient_group')->fetchAll();
-
-		$includedRecipeIdsAbsolute = array();
-		$includedRecipeIdsAbsolute[] = $selectedRecipe->id;
-		foreach($selectedRecipeSubRecipes as $subRecipe)
+		$selectedRecipePositionsResolved = null;
+		$totalCosts = null;
+		$totalCalories = null;
+		if ($selectedRecipe)
 		{
-			$includedRecipeIdsAbsolute[] = $subRecipe->id;
+			$selectedRecipePositionsResolved = $this->getDatabase()->recipes_pos_resolved()->where('recipe_id = :1 AND is_nested_recipe_pos = 0', $selectedRecipe->id)->orderBy('ingredient_group', 'ASC', 'product_group', 'ASC');
+			$totalCosts = FindObjectInArrayByPropertyValue($recipesResolved, 'recipe_id', $selectedRecipe->id)->costs;
+			$totalCalories = FindObjectInArrayByPropertyValue($recipesResolved, 'recipe_id', $selectedRecipe->id)->calories;
 		}
 
-		return $this->AppContainer->view->render($response, 'recipes', [
+		$renderArray = [
 			'recipes' => $recipes,
 			'recipesResolved' => $recipesResolved,
-			'recipePositionsResolved' => $this->Database->recipes_pos_resolved(),
+			'recipePositionsResolved' => $this->getDatabase()->recipes_pos_resolved()->where('recipe_type', RecipesService::RECIPE_TYPE_NORMAL),
 			'selectedRecipe' => $selectedRecipe,
 			'selectedRecipePositionsResolved' => $selectedRecipePositionsResolved,
-			'products' => $this->Database->products(),
-			'quantityUnits' => $this->Database->quantity_units(),
-			'selectedRecipeSubRecipes' => $selectedRecipeSubRecipes,
-			'selectedRecipeSubRecipesPositions' => $selectedRecipeSubRecipesPositions,
-			'includedRecipeIdsAbsolute' => $includedRecipeIdsAbsolute,
-			'selectedRecipeTotalCosts' => FindObjectInArrayByPropertyValue($recipesResolved, 'recipe_id', $selectedRecipe->id)->costs,
-			'selectedRecipeTotalCalories' => FindObjectInArrayByPropertyValue($recipesResolved, 'recipe_id', $selectedRecipe->id)->calories,
-			'userfields' => $this->UserfieldsService->GetFields('recipes'),
-			'userfieldValues' => $this->UserfieldsService->GetAllValues('recipes'),
-			'quantityUnitConversionsResolved' => $this->Database->quantity_unit_conversions_resolved()
-		]);
+			'products' => $this->getDatabase()->products(),
+			'quantityUnits' => $this->getDatabase()->quantity_units(),
+			'userfields' => $this->getUserfieldsService()->GetFields('recipes'),
+			'userfieldValues' => $this->getUserfieldsService()->GetAllValues('recipes'),
+			'quantityUnitConversionsResolved' => $this->getDatabase()->quantity_unit_conversions_resolved(),
+			'selectedRecipeTotalCosts' => $totalCosts,
+			'selectedRecipeTotalCalories' => $totalCalories
+		];
+
+		if ($selectedRecipe)
+		{
+			$selectedRecipeSubRecipes = $this->getDatabase()->recipes()->where('id IN (SELECT includes_recipe_id FROM recipes_nestings_resolved WHERE recipe_id = :1 AND includes_recipe_id != :1)', $selectedRecipe->id)->orderBy('name', 'COLLATE NOCASE')->fetchAll();
+
+			$includedRecipeIdsAbsolute = [];
+			$includedRecipeIdsAbsolute[] = $selectedRecipe->id;
+
+			foreach ($selectedRecipeSubRecipes as $subRecipe)
+			{
+				$includedRecipeIdsAbsolute[] = $subRecipe->id;
+			}
+
+			$allRecipePositions = [];
+
+			foreach ($includedRecipeIdsAbsolute as $id)
+			{
+				$allRecipePositions[$id] = $this->getDatabase()->recipes_pos_resolved()->where('recipe_id = :1 AND is_nested_recipe_pos = 0', $id)->orderBy('ingredient_group', 'ASC', 'product_group', 'ASC');
+			}
+
+			$renderArray['selectedRecipeSubRecipes'] = $selectedRecipeSubRecipes;
+			$renderArray['includedRecipeIdsAbsolute'] = $includedRecipeIdsAbsolute;
+			$renderArray['allRecipePositions'] = $allRecipePositions;
+		}
+
+		return $this->renderPage($response, 'recipes', $renderArray);
 	}
 
-	public function RecipeEditForm(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function RecipeEditForm(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		$recipeId = $args['recipeId'];
-		if ($recipeId  == 'new')
-		{
-			$newRecipe = $this->Database->recipes()->where('type', RecipesService::RECIPE_TYPE_NORMAL)->createRow(array(
-				'name' => $this->LocalizationService->__t('New recipe')
-			));
-			$newRecipe->save();
 
-			$recipeId = $this->Database->lastInsertId();
-		}
-		
-		return $this->AppContainer->view->render($response, 'recipeform', [
-			'recipe' =>  $this->Database->recipes($recipeId),
-			'recipePositions' =>  $this->Database->recipes_pos()->where('recipe_id', $recipeId),
-			'mode' => 'edit',
-			'products' => $this->Database->products(),
-			'quantityunits' => $this->Database->quantity_units(),
-			'recipePositionsResolved' => $this->RecipesService->GetRecipesPosResolved(),
-			'recipesResolved' => $this->RecipesService->GetRecipesResolved(),
-			'recipes' =>  $this->Database->recipes()->where('type', RecipesService::RECIPE_TYPE_NORMAL)->orderBy('name'),
-			'recipeNestings' =>  $this->Database->recipes_nestings()->where('recipe_id', $recipeId),
-			'userfields' => $this->UserfieldsService->GetFields('recipes'),
-			'quantityUnitConversionsResolved' => $this->Database->quantity_unit_conversions_resolved()
+		return $this->renderPage($response, 'recipeform', [
+			'recipe' => $this->getDatabase()->recipes($recipeId),
+			'recipePositions' => $this->getDatabase()->recipes_pos()->where('recipe_id', $recipeId),
+			'mode' => $recipeId == 'new' ? 'create' : 'edit',
+			'products' => $this->getDatabase()->products()->orderBy('name', 'COLLATE NOCASE'),
+			'quantityunits' => $this->getDatabase()->quantity_units(),
+			'recipePositionsResolved' => $this->getRecipesService()->GetRecipesPosResolved(),
+			'recipesResolved' => $this->getRecipesService()->GetRecipesResolved(),
+			'recipes' => $this->getDatabase()->recipes()->where('type', RecipesService::RECIPE_TYPE_NORMAL)->orderBy('name', 'COLLATE NOCASE'),
+			'recipeNestings' => $this->getDatabase()->recipes_nestings()->where('recipe_id', $recipeId),
+			'userfields' => $this->getUserfieldsService()->GetFields('recipes'),
+			'quantityUnitConversionsResolved' => $this->getDatabase()->quantity_unit_conversions_resolved()
 		]);
 	}
 
-	public function RecipePosEditForm(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function RecipePosEditForm(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		if ($args['recipePosId'] == 'new')
 		{
-			return $this->AppContainer->view->render($response, 'recipeposform', [
+			return $this->renderPage($response, 'recipeposform', [
 				'mode' => 'create',
-				'recipe' => $this->Database->recipes($args['recipeId']),
+				'recipe' => $this->getDatabase()->recipes($args['recipeId']),
 				'recipePos' => new \stdClass(),
-				'products' => $this->Database->products()->orderBy('name'),
-				'quantityUnits' => $this->Database->quantity_units()->orderBy('name'),
-				'quantityUnitConversionsResolved' => $this->Database->quantity_unit_conversions_resolved()
+				'products' => $this->getDatabase()->products()->orderBy('name', 'COLLATE NOCASE'),
+				'quantityUnits' => $this->getDatabase()->quantity_units()->orderBy('name', 'COLLATE NOCASE'),
+				'quantityUnitConversionsResolved' => $this->getDatabase()->quantity_unit_conversions_resolved()
 			]);
 		}
 		else
 		{
-			return $this->AppContainer->view->render($response, 'recipeposform', [
+			return $this->renderPage($response, 'recipeposform', [
 				'mode' => 'edit',
-				'recipe' =>  $this->Database->recipes($args['recipeId']),
-				'recipePos' => $this->Database->recipes_pos($args['recipePosId']),
-				'products' => $this->Database->products()->orderBy('name'),
-				'quantityUnits' => $this->Database->quantity_units()->orderBy('name'),
-				'quantityUnitConversionsResolved' => $this->Database->quantity_unit_conversions_resolved()
+				'recipe' => $this->getDatabase()->recipes($args['recipeId']),
+				'recipePos' => $this->getDatabase()->recipes_pos($args['recipePosId']),
+				'products' => $this->getDatabase()->products()->orderBy('name', 'COLLATE NOCASE'),
+				'quantityUnits' => $this->getDatabase()->quantity_units()->orderBy('name', 'COLLATE NOCASE'),
+				'quantityUnitConversionsResolved' => $this->getDatabase()->quantity_unit_conversions_resolved()
 			]);
 		}
 	}
 
-	public function MealPlan(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function RecipesSettings(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		$recipes = $this->Database->recipes()->where('type', RecipesService::RECIPE_TYPE_NORMAL)->fetchAll();
+		return $this->renderPage($response, 'recipessettings');
+	}
 
-		$events = array();
-		foreach($this->Database->meal_plan() as $mealPlanEntry)
-		{
-			$recipe = FindObjectInArrayByPropertyValue($recipes, 'id', $mealPlanEntry['recipe_id']);
-			$title = '';
-			if ($recipe !== null)
-			{
-				$title = $recipe->name;
-			}
-
-			$events[] = array(
-				'id' => $mealPlanEntry['id'],
-				'title' => $title,
-				'start' => $mealPlanEntry['day'],
-				'date_format' => 'date',
-				'recipe' => json_encode($recipe),
-				'mealPlanEntry' => json_encode($mealPlanEntry)
-			);
-		}
-
-		return $this->AppContainer->view->render($response, 'mealplan', [
-			'fullcalendarEventSources' => $events,
-			'recipes' => $recipes,
-			'internalRecipes' => $this->Database->recipes()->whereNot('type', RecipesService::RECIPE_TYPE_NORMAL)->fetchAll(),
-			'recipesResolved' => $this->RecipesService->GetRecipesResolved()
-		]);
+	public function __construct(\DI\Container $container)
+	{
+		parent::__construct($container);
 	}
 }

controllers/StockApiController.php

@@ -2,23 +2,28 @@
 
 namespace Grocy\Controllers;
 
-use \Grocy\Services\StockService;
+use Grocy\Controllers\Users\User;
+use Grocy\Services\StockService;
 
 class StockApiController extends BaseApiController
 {
-	public function __construct(\Slim\Container $container)
+	public function AddMissingProductsToShoppingList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		parent::__construct($container);
-		$this->StockService = new StockService();
-	}
+		User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_ADD);
 
-	protected $StockService;
-
-	public function ProductDetails(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
 		try
 		{
-			return $this->ApiResponse($this->StockService->GetProductDetails($args['productId']));
+			$requestBody = $this->GetParsedAndFilteredRequestBody($request);
+
+			$listId = 1;
+
+			if (array_key_exists('list_id', $requestBody) && !empty($requestBody['list_id']) && is_numeric($requestBody['list_id']))
+			{
+				$listId = intval($requestBody['list_id']);
+			}
+
+			$this->getStockService()->AddMissingProductsToShoppingList($listId);
+			return $this->EmptyApiResponse($response);
 		}
 		catch (\Exception $ex)
 		{
@@ -26,12 +31,23 @@ class StockApiController extends BaseApiController
 		}
 	}
 
-	public function ProductDetailsByBarcode(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function AddOverdueProductsToShoppingList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
+		User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_ADD);
+
 		try
 		{
-			$productId = $this->StockService->GetProductIdFromBarcode($args['barcode']);
-			return $this->ApiResponse($this->StockService->GetProductDetails($productId));
+			$requestBody = $this->GetParsedAndFilteredRequestBody($request);
+
+			$listId = 1;
+
+			if (array_key_exists('list_id', $requestBody) && !empty($requestBody['list_id']) && is_numeric($requestBody['list_id']))
+			{
+				$listId = intval($requestBody['list_id']);
+			}
+
+			$this->getStockService()->AddOverdueProductsToShoppingList($listId);
+			return $this->EmptyApiResponse($response);
 		}
 		catch (\Exception $ex)
 		{
@@ -39,11 +55,23 @@ class StockApiController extends BaseApiController
 		}
 	}
 
-	public function ProductPriceHistory(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function AddExpiredProductsToShoppingList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
+		User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_ADD);
+
 		try
 		{
-			return $this->ApiResponse($this->StockService->GetProductPriceHistory($args['productId']));
+			$requestBody = $this->GetParsedAndFilteredRequestBody($request);
+
+			$listId = 1;
+
+			if (array_key_exists('list_id', $requestBody) && !empty($requestBody['list_id']) && is_numeric($requestBody['list_id']))
+			{
+				$listId = intval($requestBody['list_id']);
+			}
+
+			$this->getStockService()->AddExpiredProductsToShoppingList($listId);
+			return $this->EmptyApiResponse($response);
 		}
 		catch (\Exception $ex)
 		{
@@ -51,9 +79,11 @@ class StockApiController extends BaseApiController
 		}
 	}
 
-	public function AddProduct(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function AddProduct(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		$requestBody = $request->getParsedBody();
+		User::checkPermission($request, User::PERMISSION_STOCK_PURCHASE);
+
+		$requestBody = $this->GetParsedAndFilteredRequestBody($request);
 
 		try
 		{
@@ -68,31 +98,50 @@ class StockApiController extends BaseApiController
 			}
 
 			$bestBeforeDate = null;
+
 			if (array_key_exists('best_before_date', $requestBody) && IsIsoDate($requestBody['best_before_date']))
 			{
 				$bestBeforeDate = $requestBody['best_before_date'];
 			}
 
+			$purchasedDate = date('Y-m-d');
+
+			if (array_key_exists('purchased_date', $requestBody) && IsIsoDate($requestBody['purchased_date']))
+			{
+				$purchasedDate = $requestBody['purchased_date'];
+			}
+
 			$price = null;
+
 			if (array_key_exists('price', $requestBody) && is_numeric($requestBody['price']))
 			{
 				$price = $requestBody['price'];
 			}
 
 			$locationId = null;
+
 			if (array_key_exists('location_id', $requestBody) && is_numeric($requestBody['location_id']))
 			{
 				$locationId = $requestBody['location_id'];
 			}
 
+			$shoppingLocationId = null;
+
+			if (array_key_exists('shopping_location_id', $requestBody) && is_numeric($requestBody['shopping_location_id']))
+			{
+				$shoppingLocationId = $requestBody['shopping_location_id'];
+			}
+
 			$transactionType = StockService::TRANSACTION_TYPE_PURCHASE;
-			if (array_key_exists('transaction_type', $requestBody)  && !empty($requestBody['transactiontype']))
+
+			if (array_key_exists('transaction_type', $requestBody) && !empty($requestBody['transactiontype']))
 			{
 				$transactionType = $requestBody['transactiontype'];
 			}
 
-			$bookingId = $this->StockService->AddProduct($args['productId'], $requestBody['amount'], $bestBeforeDate, $transactionType, date('Y-m-d'), $price, $locationId);
-			return $this->ApiResponse($this->Database->stock_log($bookingId));
+			$transactionId = $this->getStockService()->AddProduct($args['productId'], $requestBody['amount'], $bestBeforeDate, $transactionType, $purchasedDate, $price, $locationId, $shoppingLocationId);
+			$args['transactionId'] = $transactionId;
+			return $this->StockTransactions($request, $response, $args);
 		}
 		catch (\Exception $ex)
 		{
@@ -100,11 +149,11 @@ class StockApiController extends BaseApiController
 		}
 	}
 
-	public function AddProductByBarcode(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function AddProductByBarcode(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		try
 		{
-			$args['productId'] = $this->StockService->GetProductIdFromBarcode($args['barcode']);
+			$args['productId'] = $this->getStockService()->GetProductIdFromBarcode($args['barcode']);
 			return $this->AddProduct($request, $response, $args);
 		}
 		catch (\Exception $ex)
@@ -113,9 +162,82 @@ class StockApiController extends BaseApiController
 		}
 	}
 
-	public function ConsumeProduct(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function AddProductToShoppingList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		$requestBody = $request->getParsedBody();
+		User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_ADD);
+
+		try
+		{
+			$requestBody = $this->GetParsedAndFilteredRequestBody($request);
+
+			$listId = 1;
+			$amount = 1;
+			$productId = null;
+			$note = null;
+
+			if (array_key_exists('list_id', $requestBody) && !empty($requestBody['list_id']) && is_numeric($requestBody['list_id']))
+			{
+				$listId = intval($requestBody['list_id']);
+			}
+
+			if (array_key_exists('product_amount', $requestBody) && !empty($requestBody['product_amount']) && is_numeric($requestBody['product_amount']))
+			{
+				$amount = intval($requestBody['product_amount']);
+			}
+
+			if (array_key_exists('product_id', $requestBody) && !empty($requestBody['product_id']) && is_numeric($requestBody['product_id']))
+			{
+				$productId = intval($requestBody['product_id']);
+			}
+
+			if (array_key_exists('note', $requestBody) && !empty($requestBody['note']))
+			{
+				$note = $requestBody['note'];
+			}
+
+			if ($productId == null)
+			{
+				throw new \Exception('No product id was supplied');
+			}
+
+			$this->getStockService()->AddProductToShoppingList($productId, $amount, $note, $listId);
+			return $this->EmptyApiResponse($response);
+		}
+		catch (\Exception $ex)
+		{
+			return $this->GenericErrorResponse($response, $ex->getMessage());
+		}
+	}
+
+	public function ClearShoppingList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_DELETE);
+
+		try
+		{
+			$requestBody = $this->GetParsedAndFilteredRequestBody($request);
+
+			$listId = 1;
+
+			if (array_key_exists('list_id', $requestBody) && !empty($requestBody['list_id']) && is_numeric($requestBody['list_id']))
+			{
+				$listId = intval($requestBody['list_id']);
+			}
+
+			$this->getStockService()->ClearShoppingList($listId);
+			return $this->EmptyApiResponse($response);
+		}
+		catch (\Exception $ex)
+		{
+			return $this->GenericErrorResponse($response, $ex->getMessage());
+		}
+	}
+
+	public function ConsumeProduct(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		User::checkPermission($request, User::PERMISSION_STOCK_CONSUME);
+
+		$requestBody = $this->GetParsedAndFilteredRequestBody($request);
 
 		try
 		{
@@ -136,7 +258,7 @@ class StockApiController extends BaseApiController
 			}
 
 			$transactionType = StockService::TRANSACTION_TYPE_CONSUME;
-			if (array_key_exists('transaction_type', $requestBody)  && !empty($requestBody['transactiontype']))
+			if (array_key_exists('transaction_type', $requestBody) && !empty($requestBody['transactiontype']))
 			{
 				$transactionType = $requestBody['transactiontype'];
 			}
@@ -147,14 +269,34 @@ class StockApiController extends BaseApiController
 				$specificStockEntryId = $requestBody['stock_entry_id'];
 			}
 
+			$locationId = null;
+			if (array_key_exists('location_id', $requestBody) && !empty($requestBody['location_id']) && is_numeric($requestBody['location_id']))
+			{
+				$locationId = $requestBody['location_id'];
+			}
+
 			$recipeId = null;
 			if (array_key_exists('recipe_id', $requestBody) && is_numeric($requestBody['recipe_id']))
 			{
 				$recipeId = $requestBody['recipe_id'];
 			}
 
-			$bookingId = $this->StockService->ConsumeProduct($args['productId'], $requestBody['amount'], $spoiled, $transactionType, $specificStockEntryId, $recipeId);
-			return $this->ApiResponse($this->Database->stock_log($bookingId));
+			$consumeExact = false;
+			if (array_key_exists('exact_amount', $requestBody))
+			{
+				$consumeExact = $requestBody['exact_amount'];
+			}
+
+			$allowSubproductSubstitution = false;
+			if (array_key_exists('allow_subproduct_substitution', $requestBody))
+			{
+				$allowSubproductSubstitution = $requestBody['allow_subproduct_substitution'];
+			}
+
+			$transactionId = null;
+			$transactionId = $this->getStockService()->ConsumeProduct($args['productId'], $requestBody['amount'], $spoiled, $transactionType, $specificStockEntryId, $recipeId, $locationId, $transactionId, $allowSubproductSubstitution, $consumeExact);
+			$args['transactionId'] = $transactionId;
+			return $this->StockTransactions($request, $response, $args);
 		}
 		catch (\Exception $ex)
 		{
@@ -162,11 +304,11 @@ class StockApiController extends BaseApiController
 		}
 	}
 
-	public function ConsumeProductByBarcode(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function ConsumeProductByBarcode(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		try
 		{
-			$args['productId'] = $this->StockService->GetProductIdFromBarcode($args['barcode']);
+			$args['productId'] = $this->getStockService()->GetProductIdFromBarcode($args['barcode']);
 			return $this->ConsumeProduct($request, $response, $args);
 		}
 		catch (\Exception $ex)
@@ -175,9 +317,114 @@ class StockApiController extends BaseApiController
 		}
 	}
 
-	public function InventoryProduct(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function CurrentStock(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		$requestBody = $request->getParsedBody();
+		return $this->ApiResponse($response, $this->getStockService()->GetCurrentStock());
+	}
+
+	public function CurrentVolatileStock(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		$nextXDays = 5;
+
+		if (isset($request->getQueryParams()['due_soon_days']) && !empty($request->getQueryParams()['due_soon_days']) && is_numeric($request->getQueryParams()['due_soon_days']))
+		{
+			$nextXDays = $request->getQueryParams()['due_soon_days'];
+		}
+
+		$dueProducts = $this->getStockService()->GetDueProducts($nextXDays, true);
+		$overdueProducts = $this->getStockService()->GetDueProducts(-1);
+		$expiredProducts = $this->getStockService()->GetExpiredProducts();
+		$missingProducts = $this->getStockService()->GetMissingProducts();
+		return $this->ApiResponse($response, [
+			'due_products' => $dueProducts,
+			'overdue_products' => $overdueProducts,
+			'expired_products' => $expiredProducts,
+			'missing_products' => $missingProducts
+		]);
+	}
+
+	public function EditStockEntry(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		User::checkPermission($request, User::PERMISSION_STOCK_EDIT);
+
+		$requestBody = $this->GetParsedAndFilteredRequestBody($request);
+
+		try
+		{
+			if ($requestBody === null)
+			{
+				throw new \Exception('Request body could not be parsed (probably invalid JSON format or missing/wrong Content-Type header)');
+			}
+
+			if (!array_key_exists('amount', $requestBody))
+			{
+				throw new \Exception('An amount is required');
+			}
+
+			$bestBeforeDate = null;
+
+			if (array_key_exists('best_before_date', $requestBody) && IsIsoDate($requestBody['best_before_date']))
+			{
+				$bestBeforeDate = $requestBody['best_before_date'];
+			}
+
+			$price = null;
+
+			if (array_key_exists('price', $requestBody) && is_numeric($requestBody['price']))
+			{
+				$price = $requestBody['price'];
+			}
+
+			$locationId = null;
+
+			if (array_key_exists('location_id', $requestBody) && is_numeric($requestBody['location_id']))
+			{
+				$locationId = $requestBody['location_id'];
+			}
+
+			$shoppingLocationId = null;
+
+			if (array_key_exists('shopping_location_id', $requestBody) && is_numeric($requestBody['shopping_location_id']))
+			{
+				$shoppingLocationId = $requestBody['shopping_location_id'];
+			}
+
+			$transactionId = $this->getStockService()->EditStockEntry($args['entryId'], $requestBody['amount'], $bestBeforeDate, $locationId, $shoppingLocationId, $price, $requestBody['open'], $requestBody['purchased_date']);
+			$args['transactionId'] = $transactionId;
+			return $this->StockTransactions($request, $response, $args);
+		}
+		catch (\Exception $ex)
+		{
+			return $this->GenericErrorResponse($response, $ex->getMessage());
+		}
+	}
+
+	public function ExternalBarcodeLookup(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT);
+
+		try
+		{
+			$addFoundProduct = false;
+
+			if (isset($request->getQueryParams()['add']) && ($request->getQueryParams()['add'] === 'true' || $request->getQueryParams()['add'] === 1))
+			{
+				$addFoundProduct = true;
+			}
+
+			return $this->ApiResponse($response, $this->getStockService()->ExternalBarcodeLookup($args['barcode'], $addFoundProduct));
+		}
+		catch (\Exception $ex)
+		{
+			return $this->GenericErrorResponse($response, $ex->getMessage());
+		}
+	}
+
+	public function InventoryProduct(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		User::checkPermission($request, User::PERMISSION_STOCK_INVENTORY);
+
+		$requestBody = $this->GetParsedAndFilteredRequestBody($request);
 
 		try
 		{
@@ -197,6 +444,12 @@ class StockApiController extends BaseApiController
 				$bestBeforeDate = $requestBody['best_before_date'];
 			}
 
+			$purchasedDate = null;
+			if (array_key_exists('purchased_date', $requestBody) && IsIsoDate($requestBody['purchased_date']))
+			{
+				$purchasedDate = $requestBody['purchased_date'];
+			}
+
 			$locationId = null;
 			if (array_key_exists('location_id', $requestBody) && is_numeric($requestBody['location_id']))
 			{
@@ -209,8 +462,15 @@ class StockApiController extends BaseApiController
 				$price = $requestBody['price'];
 			}
 
-			$bookingId = $this->StockService->InventoryProduct($args['productId'], $requestBody['new_amount'], $bestBeforeDate, $locationId, $price);
-			return $this->ApiResponse($this->Database->stock_log($bookingId));
+			$shoppingLocationId = null;
+			if (array_key_exists('shopping_location_id', $requestBody) && is_numeric($requestBody['shopping_location_id']))
+			{
+				$shoppingLocationId = $requestBody['shopping_location_id'];
+			}
+
+			$transactionId = $this->getStockService()->InventoryProduct($args['productId'], $requestBody['new_amount'], $bestBeforeDate, $locationId, $price, $shoppingLocationId, $purchasedDate);
+			$args['transactionId'] = $transactionId;
+			return $this->StockTransactions($request, $response, $args);
 		}
 		catch (\Exception $ex)
 		{
@@ -218,11 +478,11 @@ class StockApiController extends BaseApiController
 		}
 	}
 
-	public function InventoryProductByBarcode(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function InventoryProductByBarcode(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		try
 		{
-			$args['productId'] = $this->StockService->GetProductIdFromBarcode($args['barcode']);
+			$args['productId'] = $this->getStockService()->GetProductIdFromBarcode($args['barcode']);
 			return $this->InventoryProduct($request, $response, $args);
 		}
 		catch (\Exception $ex)
@@ -231,9 +491,11 @@ class StockApiController extends BaseApiController
 		}
 	}
 
-	public function OpenProduct(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function OpenProduct(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		$requestBody = $request->getParsedBody();
+		User::checkPermission($request, User::PERMISSION_STOCK_OPEN);
+
+		$requestBody = $this->GetParsedAndFilteredRequestBody($request);
 
 		try
 		{
@@ -253,8 +515,16 @@ class StockApiController extends BaseApiController
 				$specificStockEntryId = $requestBody['stock_entry_id'];
 			}
 
-			$bookingId = $this->StockService->OpenProduct($args['productId'], $requestBody['amount'], $specificStockEntryId);
-			return $this->ApiResponse($this->Database->stock_log($bookingId));
+			$allowSubproductSubstitution = false;
+			if (array_key_exists('allow_subproduct_substitution', $requestBody))
+			{
+				$allowSubproductSubstitution = $requestBody['allow_subproduct_substitution'];
+			}
+
+			$transactionId = null;
+			$transactionId = $this->getStockService()->OpenProduct($args['productId'], $requestBody['amount'], $specificStockEntryId, $transactionId, $allowSubproductSubstitution);
+			$args['transactionId'] = $transactionId;
+			return $this->StockTransactions($request, $response, $args);
 		}
 		catch (\Exception $ex)
 		{
@@ -262,11 +532,11 @@ class StockApiController extends BaseApiController
 		}
 	}
 
-	public function OpenProductByBarcode(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function OpenProductByBarcode(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		try
 		{
-			$args['productId'] = $this->StockService->GetProductIdFromBarcode($args['barcode']);
+			$args['productId'] = $this->getStockService()->GetProductIdFromBarcode($args['barcode']);
 			return $this->OpenProduct($request, $response, $args);
 		}
 		catch (\Exception $ex)
@@ -275,43 +545,11 @@ class StockApiController extends BaseApiController
 		}
 	}
 
-	public function CurrentStock(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		return $this->ApiResponse($this->StockService->GetCurrentStock());
-	}
-
-	public function CurrentVolatilStock(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		$nextXDays = 5;
-		if (isset($request->getQueryParams()['expiring_days']) && !empty($request->getQueryParams()['expiring_days']) && is_numeric($request->getQueryParams()['expiring_days']))
-		{
-			$nextXDays = $request->getQueryParams()['expiring_days'];
-		}
-
-		$expiringProducts = $this->StockService->GetExpiringProducts($nextXDays, true);
-		$expiredProducts = $this->StockService->GetExpiringProducts(-1);
-		$missingProducts = $this->StockService->GetMissingProducts();
-		return $this->ApiResponse(array(
-			 'expiring_products' => $expiringProducts,
-			 'expired_products' => $expiredProducts,
-			 'missing_products' => $missingProducts
-		));
-	}
-
-	public function AddMissingProductsToShoppingList(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function ProductDetails(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		try
 		{
-			$requestBody = $request->getParsedBody();
-
-			$listId = 1;
-			if (array_key_exists('list_id', $requestBody) && !empty($requestBody['list_id']) && is_numeric($requestBody['list_id']))
-			{
-				$listId = intval($requestBody['list_id']);
-			}
-
-			$this->StockService->AddMissingProductsToShoppingList($listId);
-			return $this->EmptyApiResponse($response);
+			return $this->ApiResponse($response, $this->getStockService()->GetProductDetails($args['productId']));
 		}
 		catch (\Exception $ex)
 		{
@@ -319,20 +557,12 @@ class StockApiController extends BaseApiController
 		}
 	}
 
-	public function ClearShoppingList(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function ProductDetailsByBarcode(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		try
 		{
-			$requestBody = $request->getParsedBody();
-
-			$listId = 1;
-			if (array_key_exists('list_id', $requestBody) && !empty($requestBody['list_id']) && is_numeric($requestBody['list_id']))
-			{
-				$listId = intval($requestBody['list_id']);
-			}
-
-			$this->StockService->ClearShoppingList($listId);
-			return $this->EmptyApiResponse($response);
+			$productId = $this->getStockService()->GetProductIdFromBarcode($args['barcode']);
+			return $this->ApiResponse($response, $this->getStockService()->GetProductDetails($productId));
 		}
 		catch (\Exception $ex)
 		{
@@ -340,65 +570,62 @@ class StockApiController extends BaseApiController
 		}
 	}
 
-
-	public function AddProductToShoppingList(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function ProductPriceHistory(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		try
 		{
-			$requestBody = $request->getParsedBody();
+			return $this->ApiResponse($response, $this->getStockService()->GetProductPriceHistory($args['productId']));
+		}
+		catch (\Exception $ex)
+		{
+			return $this->GenericErrorResponse($response, $ex->getMessage());
+		}
+	}
+
+	public function ProductStockEntries(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		$allowSubproductSubstitution = false;
+		if (isset($request->getQueryParams()['include_sub_products']) && filter_var($request->getQueryParams()['include_sub_products'], FILTER_VALIDATE_BOOLEAN))
+		{
+			$allowSubproductSubstitution = true;
+		}
+
+		return $this->FilteredApiResponse($response, $this->getStockService()->GetProductStockEntries($args['productId'], false, $allowSubproductSubstitution, true), $request->getQueryParams());
+	}
+
+	public function ProductStockLocations(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		$allowSubproductSubstitution = false;
+		if (isset($request->getQueryParams()['include_sub_products']) && filter_var($request->getQueryParams()['include_sub_products'], FILTER_VALIDATE_BOOLEAN))
+		{
+			$allowSubproductSubstitution = true;
+		}
+
+		return $this->FilteredApiResponse($response, $this->getStockService()->GetProductStockLocations($args['productId'], $allowSubproductSubstitution), $request->getQueryParams());
+	}
+
+	public function RemoveProductFromShoppingList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_DELETE);
+
+		try
+		{
+			$requestBody = $this->GetParsedAndFilteredRequestBody($request);
 
 			$listId = 1;
 			$amount = 1;
 			$productId = null;
-			$note = null;
+
 			if (array_key_exists('list_id', $requestBody) && !empty($requestBody['list_id']) && is_numeric($requestBody['list_id']))
 			{
 				$listId = intval($requestBody['list_id']);
 			}
+
 			if (array_key_exists('product_amount', $requestBody) && !empty($requestBody['product_amount']) && is_numeric($requestBody['product_amount']))
 			{
 				$amount = intval($requestBody['product_amount']);
 			}
-			if (array_key_exists('product_id', $requestBody) && !empty($requestBody['product_id']) && is_numeric($requestBody['product_id']))
-			{
-				$productId = intval($requestBody['product_id']);
-			}
-			if (array_key_exists('note', $requestBody) && !empty($requestBody['note']))
-			{
-				$note = $requestBody['note'];
-			}
 
-			if ($productId == null)
-			{
-				throw new \Exception("No product id was supplied");
-			}
-
-			$this->StockService->AddProductToShoppingList($productId, $amount, $note, $listId);
-			return $this->EmptyApiResponse($response);
-		}
-		catch (\Exception $ex)
-		{
-			return $this->GenericErrorResponse($response, $ex->getMessage());
-		}
-	}
-
-	public function RemoveProductFromShoppingList(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		try
-		{
-			$requestBody = $request->getParsedBody();
-
-			$listId = 1;
-			$amount = 1;
-			$productId = null;
-			if (array_key_exists('list_id', $requestBody) && !empty($requestBody['list_id']) && is_numeric($requestBody['list_id']))
-			{
-				$listId = intval($requestBody['list_id']);
-			}
-			if (array_key_exists('product_amount', $requestBody) && !empty($requestBody['product_amount']) && is_numeric($requestBody['product_amount']))
-			{
-				$amount = intval($requestBody['product_amount']);
-			}
 			if (array_key_exists('product_id', $requestBody) && !empty($requestBody['product_id']) && is_numeric($requestBody['product_id']))
 			{
 				$productId = intval($requestBody['product_id']);
@@ -406,10 +633,10 @@ class StockApiController extends BaseApiController
 
 			if ($productId == null)
 			{
-				throw new \Exception("No product id was supplied");
+				throw new \Exception('No product id was supplied');
 			}
 
-			$this->StockService->RemoveProductFromShoppingList($productId, $amount, $listId);
+			$this->getStockService()->RemoveProductFromShoppingList($productId, $amount, $listId);
 			return $this->EmptyApiResponse($response);
 		}
 		catch (\Exception $ex)
@@ -418,58 +645,158 @@ class StockApiController extends BaseApiController
 		}
 	}
 
-	public function ExternalBarcodeLookup(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function StockBooking(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		try
 		{
-			$addFoundProduct = false;
-			if (isset($request->getQueryParams()['add']) && ($request->getQueryParams()['add'] === 'true' || $request->getQueryParams()['add'] === 1))
-			{
-				$addFoundProduct = true;
-			}
-			
-			return $this->ApiResponse($this->StockService->ExternalBarcodeLookup($args['barcode'], $addFoundProduct));
-		}
-		catch (\Exception $ex)
-		{
-			return $this->GenericErrorResponse($response, $ex->getMessage());
-		}
-	}
-
-	public function UndoBooking(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		try
-		{
-			$this->ApiResponse($this->StockService->UndoBooking($args['bookingId']));
-			return $this->EmptyApiResponse($response);
-		}
-		catch (\Exception $ex)
-		{
-			return $this->GenericErrorResponse($response, $ex->getMessage());
-		}
-	}
-
-	public function ProductStockEntries(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		return $this->ApiResponse($this->StockService->GetProductStockEntries($args['productId']));
-	}
-
-	public function StockBooking(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		try
-		{
-			$stockLogRow = $this->Database->stock_log($args['bookingId']);
+			$stockLogRow = $this->getDatabase()->stock_log($args['bookingId']);
 
 			if ($stockLogRow === null)
 			{
 				throw new \Exception('Stock booking does not exist');
 			}
-			
-			return $this->ApiResponse($stockLogRow);
+
+			return $this->ApiResponse($response, $stockLogRow);
 		}
 		catch (\Exception $ex)
 		{
 			return $this->GenericErrorResponse($response, $ex->getMessage());
 		}
 	}
+
+	public function StockEntry(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		return $this->ApiResponse($response, $this->getStockService()->GetStockEntry($args['entryId']));
+	}
+
+	public function StockTransactions(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		try
+		{
+			$transactionRows = $this->getDatabase()->stock_log()->where('transaction_id = :1', $args['transactionId'])->fetchAll();
+			if (count($transactionRows) === 0)
+			{
+				throw new \Exception('No transaction was found by the given transaction id');
+			}
+
+			return $this->ApiResponse($response, $transactionRows);
+		}
+		catch (\Exception $ex)
+		{
+			return $this->GenericErrorResponse($response, $ex->getMessage());
+		}
+	}
+
+	public function TransferProduct(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		User::checkPermission($request, User::PERMISSION_STOCK_TRANSFER);
+
+		$requestBody = $this->GetParsedAndFilteredRequestBody($request);
+
+		try
+		{
+			if ($requestBody === null)
+			{
+				throw new \Exception('Request body could not be parsed (probably invalid JSON format or missing/wrong Content-Type header)');
+			}
+
+			if (!array_key_exists('amount', $requestBody))
+			{
+				throw new \Exception('An amount is required');
+			}
+
+			if (!array_key_exists('location_id_from', $requestBody))
+			{
+				throw new \Exception('A transfer from location is required');
+			}
+
+			if (!array_key_exists('location_id_to', $requestBody))
+			{
+				throw new \Exception('A transfer to location is required');
+			}
+
+			$specificStockEntryId = 'default';
+
+			if (array_key_exists('stock_entry_id', $requestBody) && !empty($requestBody['stock_entry_id']))
+			{
+				$specificStockEntryId = $requestBody['stock_entry_id'];
+			}
+
+			$transactionId = $this->getStockService()->TransferProduct($args['productId'], $requestBody['amount'], $requestBody['location_id_from'], $requestBody['location_id_to'], $specificStockEntryId);
+			$args['transactionId'] = $transactionId;
+			return $this->StockTransactions($request, $response, $args);
+		}
+		catch (\Exception $ex)
+		{
+			return $this->GenericErrorResponse($response, $ex->getMessage());
+		}
+	}
+
+	public function TransferProductByBarcode(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		try
+		{
+			$args['productId'] = $this->getStockService()->GetProductIdFromBarcode($args['barcode']);
+			return $this->TransferProduct($request, $response, $args);
+		}
+		catch (\Exception $ex)
+		{
+			return $this->GenericErrorResponse($response, $ex->getMessage());
+		}
+	}
+
+	public function UndoBooking(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		User::checkPermission($request, User::PERMISSION_STOCK_EDIT);
+
+		try
+		{
+			$this->ApiResponse($response, $this->getStockService()->UndoBooking($args['bookingId']));
+			return $this->EmptyApiResponse($response);
+		}
+		catch (\Exception $ex)
+		{
+			return $this->GenericErrorResponse($response, $ex->getMessage());
+		}
+	}
+
+	public function UndoTransaction(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		User::checkPermission($request, User::PERMISSION_STOCK_EDIT);
+
+		try
+		{
+			$this->ApiResponse($response, $this->getStockService()->UndoTransaction($args['transactionId']));
+			return $this->EmptyApiResponse($response);
+		}
+		catch (\Exception $ex)
+		{
+			return $this->GenericErrorResponse($response, $ex->getMessage());
+		}
+	}
+
+	public function MergeProducts(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		User::checkPermission($request, User::PERMISSION_STOCK_EDIT);
+
+		try
+		{
+			if (!filter_var($args['productIdToKeep'], FILTER_VALIDATE_INT) || !filter_var($args['productIdToRemove'], FILTER_VALIDATE_INT))
+			{
+				throw new \Exception('Provided {productIdToKeep} or {productIdToRemove} is not a valid integer');
+			}
+
+			$this->ApiResponse($response, $this->getStockService()->MergeProducts($args['productIdToKeep'], $args['productIdToRemove']));
+			return $this->EmptyApiResponse($response);
+		}
+		catch (\Exception $ex)
+		{
+			return $this->GenericErrorResponse($response, $ex->getMessage());
+		}
+	}
+
+	public function __construct(\DI\Container $container)
+	{
+		parent::__construct($container);
+	}
 }

controllers/StockController.php

@@ -2,331 +2,497 @@
 
 namespace Grocy\Controllers;
 
-use \Grocy\Services\StockService;
-use \Grocy\Services\UsersService;
-use \Grocy\Services\UserfieldsService;
+use Grocy\Services\RecipesService;
 
 class StockController extends BaseController
 {
-
-	public function __construct(\Slim\Container $container)
+	public function Consume(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		parent::__construct($container);
-		$this->StockService = new StockService();
-		$this->UserfieldsService = new UserfieldsService();
-	}
-
-	protected $StockService;
-	protected $UserfieldsService;
-
-	public function Overview(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		$usersService = new UsersService();
-		$nextXDays = $usersService->GetUserSettings(GROCY_USER_ID)['stock_expring_soon_days'];
-
-		return $this->AppContainer->view->render($response, 'stockoverview', [
-			'products' => $this->Database->products()->orderBy('name'),
-			'quantityunits' => $this->Database->quantity_units()->orderBy('name'),
-			'locations' => $this->Database->locations()->orderBy('name'),
-			'currentStock' => $this->StockService->GetCurrentStock(true),
-			'currentStockLocations' => $this->StockService->GetCurrentStockLocations(),
-			'missingProducts' => $this->StockService->GetMissingProducts(),
-			'nextXDays' => $nextXDays,
-			'productGroups' => $this->Database->product_groups()->orderBy('name'),
-			'userfields' => $this->UserfieldsService->GetFields('products'),
-			'userfieldValues' => $this->UserfieldsService->GetAllValues('products')
+		return $this->renderPage($response, 'consume', [
+			'products' => $this->getDatabase()->products()->where('active = 1')->orderBy('name'),
+			'barcodes' => $this->getDatabase()->product_barcodes_comma_separated(),
+			'recipes' => $this->getDatabase()->recipes()->where('type', RecipesService::RECIPE_TYPE_NORMAL)->orderBy('name', 'COLLATE NOCASE'),
+			'locations' => $this->getDatabase()->locations()->orderBy('name', 'COLLATE NOCASE'),
+			'quantityUnits' => $this->getDatabase()->quantity_units()->orderBy('name', 'COLLATE NOCASE'),
+			'quantityUnitConversionsResolved' => $this->getDatabase()->quantity_unit_conversions_resolved()
 		]);
 	}
 
-	public function Purchase(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function Inventory(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		return $this->AppContainer->view->render($response, 'purchase', [
-			'products' => $this->Database->products()->orderBy('name'),
-			'locations' => $this->Database->locations()->orderBy('name')
+		return $this->renderPage($response, 'inventory', [
+			'products' => $this->getDatabase()->products()->where('active = 1')->orderBy('name', 'COLLATE NOCASE'),
+			'barcodes' => $this->getDatabase()->product_barcodes_comma_separated(),
+			'shoppinglocations' => $this->getDatabase()->shopping_locations()->orderBy('name', 'COLLATE NOCASE'),
+			'locations' => $this->getDatabase()->locations()->orderBy('name', 'COLLATE NOCASE'),
+			'quantityUnits' => $this->getDatabase()->quantity_units()->orderBy('name', 'COLLATE NOCASE'),
+			'quantityUnitConversionsResolved' => $this->getDatabase()->quantity_unit_conversions_resolved()
 		]);
 	}
 
-	public function Consume(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function Journal(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		return $this->AppContainer->view->render($response, 'consume', [
-			'products' => $this->Database->products()->orderBy('name'),
-			'recipes' => $this->Database->recipes()->orderBy('name')
+		$usersService = $this->getUsersService();
+
+		return $this->renderPage($response, 'stockjournal', [
+			'stockLog' => $this->getDatabase()->uihelper_stock_journal()->orderBy('row_created_timestamp', 'DESC'),
+			'products' => $this->getDatabase()->products()->where('active = 1')->orderBy('name', 'COLLATE NOCASE'),
+			'locations' => $this->getDatabase()->locations()->orderBy('name', 'COLLATE NOCASE'),
+			'users' => $usersService->GetUsersAsDto(),
+			'transactionTypes' => GetClassConstants('\Grocy\Services\StockService', 'TRANSACTION_TYPE_'),
 		]);
 	}
 
-	public function Inventory(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function LocationContentSheet(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		return $this->AppContainer->view->render($response, 'inventory', [
-			'products' => $this->Database->products()->orderBy('name'),
-			'locations' => $this->Database->locations()->orderBy('name')
+		return $this->renderPage($response, 'locationcontentsheet', [
+			'products' => $this->getDatabase()->products()->where('active = 1')->orderBy('name', 'COLLATE NOCASE'),
+			'quantityunits' => $this->getDatabase()->quantity_units()->orderBy('name', 'COLLATE NOCASE'),
+			'locations' => $this->getDatabase()->locations()->orderBy('name', 'COLLATE NOCASE'),
+			'currentStockLocationContent' => $this->getStockService()->GetCurrentStockLocationContent()
 		]);
 	}
 
-	public function ShoppingList(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function LocationEditForm(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		$listId = 1;
-		if (isset($request->getQueryParams()['list']))
+		if ($args['locationId'] == 'new')
 		{
-			$listId = $request->getQueryParams()['list'];
+			return $this->renderPage($response, 'locationform', [
+				'mode' => 'create',
+				'userfields' => $this->getUserfieldsService()->GetFields('locations')
+			]);
+		}
+		else
+		{
+			return $this->renderPage($response, 'locationform', [
+				'location' => $this->getDatabase()->locations($args['locationId']),
+				'mode' => 'edit',
+				'userfields' => $this->getUserfieldsService()->GetFields('locations')
+			]);
+		}
+	}
+
+	public function LocationsList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		return $this->renderPage($response, 'locations', [
+			'locations' => $this->getDatabase()->locations()->orderBy('name', 'COLLATE NOCASE'),
+			'userfields' => $this->getUserfieldsService()->GetFields('locations'),
+			'userfieldValues' => $this->getUserfieldsService()->GetAllValues('locations')
+		]);
+	}
+
+	public function Overview(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		$usersService = $this->getUsersService();
+		$nextXDays = $usersService->GetUserSettings(GROCY_USER_ID)['stock_due_soon_days'];
+
+		return $this->renderPage($response, 'stockoverview', [
+			'currentStock' => $this->getStockService()->GetCurrentStockOverview(),
+			'locations' => $this->getDatabase()->locations()->orderBy('name', 'COLLATE NOCASE'),
+			'currentStockLocations' => $this->getStockService()->GetCurrentStockLocations(),
+			'nextXDays' => $nextXDays,
+			'productGroups' => $this->getDatabase()->product_groups()->orderBy('name', 'COLLATE NOCASE'),
+			'userfields' => $this->getUserfieldsService()->GetFields('products'),
+			'userfieldValues' => $this->getUserfieldsService()->GetAllValues('products')
+		]);
+	}
+
+	public function ProductBarcodesEditForm(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		$product = null;
+
+		if (isset($request->getQueryParams()['product']))
+		{
+			$product = $this->getDatabase()->products($request->getQueryParams()['product']);
 		}
 
-		return $this->AppContainer->view->render($response, 'shoppinglist', [
-			'listItems' => $this->Database->shopping_list()->where('shopping_list_id = :1', $listId),
-			'products' => $this->Database->products()->orderBy('name'),
-			'quantityunits' => $this->Database->quantity_units()->orderBy('name'),
-			'missingProducts' => $this->StockService->GetMissingProducts(),
-			'productGroups' => $this->Database->product_groups()->orderBy('name'),
-			'shoppingLists' => $this->Database->shopping_lists()->orderBy('name'),
-			'selectedShoppingListId' => $listId,
-			'userfields' => $this->UserfieldsService->GetFields('products'),
-			'userfieldValues' => $this->UserfieldsService->GetAllValues('products')
-		]);
+		if ($args['productBarcodeId'] == 'new')
+		{
+			return $this->renderPage($response, 'productbarcodeform', [
+				'mode' => 'create',
+				'barcodes' => $this->getDatabase()->product_barcodes()->orderBy('barcode'),
+				'product' => $product,
+				'shoppinglocations' => $this->getDatabase()->shopping_locations()->orderBy('name', 'COLLATE NOCASE'),
+				'quantityUnits' => $this->getDatabase()->quantity_units()->orderBy('name', 'COLLATE NOCASE'),
+				'quantityUnitConversionsResolved' => $this->getDatabase()->quantity_unit_conversions_resolved(),
+				'userfields' => $this->getUserfieldsService()->GetFields('product_barcodes')
+			]);
+		}
+		else
+		{
+			return $this->renderPage($response, 'productbarcodeform', [
+				'mode' => 'edit',
+				'barcode' => $this->getDatabase()->product_barcodes($args['productBarcodeId']),
+				'product' => $product,
+				'shoppinglocations' => $this->getDatabase()->shopping_locations()->orderBy('name', 'COLLATE NOCASE'),
+				'quantityUnits' => $this->getDatabase()->quantity_units()->orderBy('name', 'COLLATE NOCASE'),
+				'quantityUnitConversionsResolved' => $this->getDatabase()->quantity_unit_conversions_resolved(),
+				'userfields' => $this->getUserfieldsService()->GetFields('product_barcodes')
+			]);
+		}
 	}
 
-	public function ProductsList(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		return $this->AppContainer->view->render($response, 'products', [
-			'products' => $this->Database->products()->orderBy('name'),
-			'locations' => $this->Database->locations()->orderBy('name'),
-			'quantityunits' => $this->Database->quantity_units()->orderBy('name'),
-			'productGroups' => $this->Database->product_groups()->orderBy('name'),
-			'userfields' => $this->UserfieldsService->GetFields('products'),
-			'userfieldValues' => $this->UserfieldsService->GetAllValues('products')
-		]);
-	}
-
-	public function StockSettings(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		return $this->AppContainer->view->render($response, 'stocksettings', [
-			'locations' => $this->Database->locations()->orderBy('name'),
-			'quantityunits' => $this->Database->quantity_units()->orderBy('name'),
-			'productGroups' => $this->Database->product_groups()->orderBy('name')
-		]);
-	}
-
-	public function LocationsList(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		return $this->AppContainer->view->render($response, 'locations', [
-			'locations' => $this->Database->locations()->orderBy('name'),
-			'userfields' => $this->UserfieldsService->GetFields('locations'),
-			'userfieldValues' => $this->UserfieldsService->GetAllValues('locations')
-		]);
-	}
-
-	public function ProductGroupsList(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		return $this->AppContainer->view->render($response, 'productgroups', [
-			'productGroups' => $this->Database->product_groups()->orderBy('name'),
-			'products' => $this->Database->products()->orderBy('name'),
-			'userfields' => $this->UserfieldsService->GetFields('product_groups'),
-			'userfieldValues' => $this->UserfieldsService->GetAllValues('product_groups')
-		]);
-	}
-
-	public function QuantityUnitsList(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		return $this->AppContainer->view->render($response, 'quantityunits', [
-			'quantityunits' => $this->Database->quantity_units()->orderBy('name'),
-			'userfields' => $this->UserfieldsService->GetFields('quantity_units'),
-			'userfieldValues' => $this->UserfieldsService->GetAllValues('quantity_units')
-		]);
-	}
-
-	public function ProductEditForm(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function ProductEditForm(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		if ($args['productId'] == 'new')
 		{
-			return $this->AppContainer->view->render($response, 'productform', [
-				'locations' =>  $this->Database->locations()->orderBy('name'),
-				'quantityunits' =>  $this->Database->quantity_units()->orderBy('name'),
-				'productgroups' => $this->Database->product_groups()->orderBy('name'),
-				'userfields' => $this->UserfieldsService->GetFields('products'),
-				'products' => $this->Database->products()->where('parent_product_id IS NULL')->orderBy('name'),
+			return $this->renderPage($response, 'productform', [
+				'locations' => $this->getDatabase()->locations()->orderBy('name'),
+				'barcodes' => $this->getDatabase()->product_barcodes()->orderBy('barcode'),
+				'quantityunits' => $this->getDatabase()->quantity_units()->orderBy('name', 'COLLATE NOCASE'),
+				'shoppinglocations' => $this->getDatabase()->shopping_locations()->orderBy('name', 'COLLATE NOCASE'),
+				'productgroups' => $this->getDatabase()->product_groups()->orderBy('name', 'COLLATE NOCASE'),
+				'userfields' => $this->getUserfieldsService()->GetFields('products'),
+				'products' => $this->getDatabase()->products()->where('parent_product_id IS NULL and active = 1')->orderBy('name', 'COLLATE NOCASE'),
 				'isSubProductOfOthers' => false,
 				'mode' => 'create'
 			]);
 		}
 		else
 		{
-			$product = $this->Database->products($args['productId']);
+			$product = $this->getDatabase()->products($args['productId']);
 
-			return $this->AppContainer->view->render($response, 'productform', [
-				'product' =>  $product,
-				'locations' =>  $this->Database->locations()->orderBy('name'),
-				'quantityunits' =>  $this->Database->quantity_units()->orderBy('name'),
-				'productgroups' => $this->Database->product_groups()->orderBy('name'),
-				'userfields' => $this->UserfieldsService->GetFields('products'),
-				'products' => $this->Database->products()->where('id != :1 AND parent_product_id IS NULL', $product->id)->orderBy('name'),
-				'isSubProductOfOthers' => $this->Database->products()->where('parent_product_id = :1', $product->id)->count() !== 0,
+			return $this->renderPage($response, 'productform', [
+				'product' => $product,
+				'locations' => $this->getDatabase()->locations()->orderBy('name', 'COLLATE NOCASE'),
+				'barcodes' => $this->getDatabase()->product_barcodes()->orderBy('barcode'),
+				'quantityunits' => $this->getDatabase()->quantity_units()->orderBy('name', 'COLLATE NOCASE'),
+				'shoppinglocations' => $this->getDatabase()->shopping_locations()->orderBy('name', 'COLLATE NOCASE'),
+				'productgroups' => $this->getDatabase()->product_groups()->orderBy('name', 'COLLATE NOCASE'),
+				'userfields' => $this->getUserfieldsService()->GetFields('products'),
+				'products' => $this->getDatabase()->products()->where('id != :1 AND parent_product_id IS NULL and active = 1', $product->id)->orderBy('name', 'COLLATE NOCASE'),
+				'isSubProductOfOthers' => $this->getDatabase()->products()->where('parent_product_id = :1', $product->id)->count() !== 0,
 				'mode' => 'edit',
-				'quConversions' => $this->Database->quantity_unit_conversions()
+				'quConversions' => $this->getDatabase()->quantity_unit_conversions(),
+				'productBarcodeUserfields' => $this->getUserfieldsService()->GetFields('product_barcodes'),
+				'productBarcodeUserfieldValues' => $this->getUserfieldsService()->GetAllValues('product_barcodes')
 			]);
 		}
 	}
 
-	public function LocationEditForm(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		if ($args['locationId'] == 'new')
-		{
-			return $this->AppContainer->view->render($response, 'locationform', [
-				'mode' => 'create',
-				'userfields' => $this->UserfieldsService->GetFields('locations')
-			]);
-		}
-		else
-		{
-			return $this->AppContainer->view->render($response, 'locationform', [
-				'location' =>  $this->Database->locations($args['locationId']),
-				'mode' => 'edit',
-				'userfields' => $this->UserfieldsService->GetFields('locations')
-			]);
-		}
-	}
-
-	public function ProductGroupEditForm(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function ProductGroupEditForm(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		if ($args['productGroupId'] == 'new')
 		{
-			return $this->AppContainer->view->render($response, 'productgroupform', [
+			return $this->renderPage($response, 'productgroupform', [
 				'mode' => 'create',
-				'userfields' => $this->UserfieldsService->GetFields('product_groups')
+				'userfields' => $this->getUserfieldsService()->GetFields('product_groups')
 			]);
 		}
 		else
 		{
-			return $this->AppContainer->view->render($response, 'productgroupform', [
-				'group' =>  $this->Database->product_groups($args['productGroupId']),
+			return $this->renderPage($response, 'productgroupform', [
+				'group' => $this->getDatabase()->product_groups($args['productGroupId']),
 				'mode' => 'edit',
-				'userfields' => $this->UserfieldsService->GetFields('product_groups')
+				'userfields' => $this->getUserfieldsService()->GetFields('product_groups')
 			]);
 		}
 	}
 
-	public function QuantityUnitEditForm(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function ProductGroupsList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		if ($args['quantityunitId'] == 'new')
-		{
-			return $this->AppContainer->view->render($response, 'quantityunitform', [
-				'mode' => 'create',
-				'userfields' => $this->UserfieldsService->GetFields('quantity_units'),
-				'pluralCount' => $this->LocalizationService->GetPluralCount(),
-				'pluralRule' => $this->LocalizationService->GetPluralDefinition()
-			]);
-		}
-		else
-		{
-			$quantityUnit = $this->Database->quantity_units($args['quantityunitId']);
-
-			return $this->AppContainer->view->render($response, 'quantityunitform', [
-				'quantityUnit' =>  $quantityUnit,
-				'mode' => 'edit',
-				'userfields' => $this->UserfieldsService->GetFields('quantity_units'),
-				'pluralCount' => $this->LocalizationService->GetPluralCount(),
-				'pluralRule' => $this->LocalizationService->GetPluralDefinition(),
-				'defaultQuConversions' => $this->Database->quantity_unit_conversions()->where('from_qu_id = :1 AND product_id IS NULL', $quantityUnit->id),
-				'quantityUnits' => $this->Database->quantity_units()
-			]);
-		}
-	}
-
-	public function ShoppingListItemEditForm(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		if ($args['itemId'] == 'new')
-		{
-			return $this->AppContainer->view->render($response, 'shoppinglistitemform', [
-				'products' =>  $this->Database->products()->orderBy('name'),
-				'shoppingLists' => $this->Database->shopping_lists()->orderBy('name'),
-				'mode' => 'create'
-			]);
-		}
-		else
-		{
-			return $this->AppContainer->view->render($response, 'shoppinglistitemform', [
-				'listItem' =>  $this->Database->shopping_list($args['itemId']),
-				'products' =>  $this->Database->products()->orderBy('name'),
-				'shoppingLists' => $this->Database->shopping_lists()->orderBy('name'),
-				'mode' => 'edit'
-			]);
-		}
-	}
-
-	public function ShoppingListEditForm(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		if ($args['listId'] == 'new')
-		{
-			return $this->AppContainer->view->render($response, 'shoppinglistform', [
-				'mode' => 'create'
-			]);
-		}
-		else
-		{
-			return $this->AppContainer->view->render($response, 'shoppinglistform', [
-				'shoppingList' =>  $this->Database->shopping_lists($args['listId']),
-				'mode' => 'edit'
-			]);
-		}
-	}
-
-	public function Journal(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		return $this->AppContainer->view->render($response, 'stockjournal', [
-			'stockLog' => $this->Database->stock_log()->orderBy('row_created_timestamp', 'DESC'),
-			'products' => $this->Database->products()->orderBy('name'),
-			'quantityunits' => $this->Database->quantity_units()->orderBy('name')
+		return $this->renderPage($response, 'productgroups', [
+			'productGroups' => $this->getDatabase()->product_groups()->orderBy('name', 'COLLATE NOCASE'),
+			'products' => $this->getDatabase()->products()->where('active = 1')->orderBy('name', 'COLLATE NOCASE'),
+			'userfields' => $this->getUserfieldsService()->GetFields('product_groups'),
+			'userfieldValues' => $this->getUserfieldsService()->GetAllValues('product_groups')
 		]);
 	}
 
-	public function LocationContentSheet(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function ProductsList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		return $this->AppContainer->view->render($response, 'locationcontentsheet', [
-			'products' => $this->Database->products()->orderBy('name'),
-			'quantityunits' => $this->Database->quantity_units()->orderBy('name'),
-			'locations' => $this->Database->locations()->orderBy('name'),
-			'currentStockLocationContent' => $this->StockService->GetCurrentStockLocationContent()
+		if (isset($request->getQueryParams()['include_disabled']))
+		{
+			$products = $this->getDatabase()->products()->orderBy('name', 'COLLATE NOCASE');
+		}
+		else
+		{
+			$products = $this->getDatabase()->products()->where('active = 1')->orderBy('name', 'COLLATE NOCASE');
+		}
+
+		return $this->renderPage($response, 'products', [
+			'products' => $products,
+			'locations' => $this->getDatabase()->locations()->orderBy('name', 'COLLATE NOCASE'),
+			'quantityunits' => $this->getDatabase()->quantity_units()->orderBy('name', 'COLLATE NOCASE'),
+			'productGroups' => $this->getDatabase()->product_groups()->orderBy('name', 'COLLATE NOCASE'),
+			'shoppingLocations' => $this->getDatabase()->shopping_locations()->orderBy('name', 'COLLATE NOCASE'),
+			'userfields' => $this->getUserfieldsService()->GetFields('products'),
+			'userfieldValues' => $this->getUserfieldsService()->GetAllValues('products')
 		]);
 	}
 
-	public function QuantityUnitConversionEditForm(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function Purchase(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		return $this->renderPage($response, 'purchase', [
+			'products' => $this->getDatabase()->products()->where('active = 1')->orderBy('name', 'COLLATE NOCASE'),
+			'barcodes' => $this->getDatabase()->product_barcodes_comma_separated(),
+			'shoppinglocations' => $this->getDatabase()->shopping_locations()->orderBy('name', 'COLLATE NOCASE'),
+			'locations' => $this->getDatabase()->locations()->orderBy('name', 'COLLATE NOCASE'),
+			'quantityUnits' => $this->getDatabase()->quantity_units()->orderBy('name', 'COLLATE NOCASE'),
+			'quantityUnitConversionsResolved' => $this->getDatabase()->quantity_unit_conversions_resolved()
+		]);
+	}
+
+	public function QuantityUnitConversionEditForm(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		$product = null;
+
 		if (isset($request->getQueryParams()['product']))
 		{
-			$product = $this->Database->products($request->getQueryParams()['product']);
+			$product = $this->getDatabase()->products($request->getQueryParams()['product']);
 		}
 
 		$defaultQuUnit = null;
+
 		if (isset($request->getQueryParams()['qu-unit']))
 		{
-			$defaultQuUnit = $this->Database->quantity_units($request->getQueryParams()['qu-unit']);
+			$defaultQuUnit = $this->getDatabase()->quantity_units($request->getQueryParams()['qu-unit']);
 		}
 
 		if ($args['quConversionId'] == 'new')
 		{
-			return $this->AppContainer->view->render($response, 'quantityunitconversionform', [
+			return $this->renderPage($response, 'quantityunitconversionform', [
 				'mode' => 'create',
-				'userfields' => $this->UserfieldsService->GetFields('quantity_unit_conversions'),
-				'quantityunits' => $this->Database->quantity_units()->orderBy('name'),
+				'userfields' => $this->getUserfieldsService()->GetFields('quantity_unit_conversions'),
+				'quantityunits' => $this->getDatabase()->quantity_units()->orderBy('name', 'COLLATE NOCASE'),
 				'product' => $product,
 				'defaultQuUnit' => $defaultQuUnit
 			]);
 		}
 		else
 		{
-			return $this->AppContainer->view->render($response, 'quantityunitconversionform', [
-				'quConversion' =>  $this->Database->quantity_unit_conversions($args['quConversionId']),
+			return $this->renderPage($response, 'quantityunitconversionform', [
+				'quConversion' => $this->getDatabase()->quantity_unit_conversions($args['quConversionId']),
 				'mode' => 'edit',
-				'userfields' => $this->UserfieldsService->GetFields('quantity_unit_conversions'),
-				'quantityunits' => $this->Database->quantity_units()->orderBy('name'),
+				'userfields' => $this->getUserfieldsService()->GetFields('quantity_unit_conversions'),
+				'quantityunits' => $this->getDatabase()->quantity_units()->orderBy('name', 'COLLATE NOCASE'),
 				'product' => $product,
 				'defaultQuUnit' => $defaultQuUnit
 			]);
 		}
 	}
 
-	public function QuantityUnitPluralFormTesting(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function QuantityUnitEditForm(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		return $this->AppContainer->view->render($response, 'quantityunitpluraltesting', [
-			'quantityUnits' => $this->Database->quantity_units()->orderBy('name')
+		if ($args['quantityunitId'] == 'new')
+		{
+			return $this->renderPage($response, 'quantityunitform', [
+				'mode' => 'create',
+				'userfields' => $this->getUserfieldsService()->GetFields('quantity_units'),
+				'pluralCount' => $this->getLocalizationService()->GetPluralCount(),
+				'pluralRule' => $this->getLocalizationService()->GetPluralDefinition()
+			]);
+		}
+		else
+		{
+			$quantityUnit = $this->getDatabase()->quantity_units($args['quantityunitId']);
+
+			return $this->renderPage($response, 'quantityunitform', [
+				'quantityUnit' => $quantityUnit,
+				'mode' => 'edit',
+				'userfields' => $this->getUserfieldsService()->GetFields('quantity_units'),
+				'pluralCount' => $this->getLocalizationService()->GetPluralCount(),
+				'pluralRule' => $this->getLocalizationService()->GetPluralDefinition(),
+				'defaultQuConversions' => $this->getDatabase()->quantity_unit_conversions()->where('from_qu_id = :1 AND product_id IS NULL', $quantityUnit->id),
+				'quantityUnits' => $this->getDatabase()->quantity_units()
+			]);
+		}
+	}
+
+	public function QuantityUnitPluralFormTesting(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		return $this->renderPage($response, 'quantityunitpluraltesting', [
+			'quantityUnits' => $this->getDatabase()->quantity_units()->orderBy('name', 'COLLATE NOCASE')
+		]);
+	}
+
+	public function QuantityUnitsList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		return $this->renderPage($response, 'quantityunits', [
+			'quantityunits' => $this->getDatabase()->quantity_units()->orderBy('name', 'COLLATE NOCASE'),
+			'userfields' => $this->getUserfieldsService()->GetFields('quantity_units'),
+			'userfieldValues' => $this->getUserfieldsService()->GetAllValues('quantity_units')
+		]);
+	}
+
+	public function ShoppingList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		$listId = 1;
+
+		if (isset($request->getQueryParams()['list']))
+		{
+			$listId = $request->getQueryParams()['list'];
+		}
+
+		return $this->renderPage($response, 'shoppinglist', [
+			'listItems' => $this->getDatabase()->uihelper_shopping_list()->where('shopping_list_id = :1', $listId),
+			'products' => $this->getDatabase()->products()->where('active = 1')->orderBy('name', 'COLLATE NOCASE'),
+			'quantityunits' => $this->getDatabase()->quantity_units()->orderBy('name', 'COLLATE NOCASE'),
+			'missingProducts' => $this->getStockService()->GetMissingProducts(),
+			'shoppingLists' => $this->getDatabase()->shopping_lists()->orderBy('name', 'COLLATE NOCASE'),
+			'selectedShoppingListId' => $listId,
+			'quantityUnitConversionsResolved' => $this->getDatabase()->quantity_unit_conversions_resolved(),
+			'productUserfields' => $this->getUserfieldsService()->GetFields('products'),
+			'productUserfieldValues' => $this->getUserfieldsService()->GetAllValues('products'),
+			'userfields' => $this->getUserfieldsService()->GetFields('shopping_list'),
+			'userfieldValues' => $this->getUserfieldsService()->GetAllValues('shopping_list')
+		]);
+	}
+
+	public function ShoppingListEditForm(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		if ($args['listId'] == 'new')
+		{
+			return $this->renderPage($response, 'shoppinglistform', [
+				'mode' => 'create',
+				'userfields' => $this->getUserfieldsService()->GetFields('shopping_lists')
+			]);
+		}
+		else
+		{
+			return $this->renderPage($response, 'shoppinglistform', [
+				'shoppingList' => $this->getDatabase()->shopping_lists($args['listId']),
+				'mode' => 'edit',
+				'userfields' => $this->getUserfieldsService()->GetFields('shopping_lists')
+			]);
+		}
+	}
+
+	public function ShoppingListItemEditForm(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		if ($args['itemId'] == 'new')
+		{
+			return $this->renderPage($response, 'shoppinglistitemform', [
+				'products' => $this->getDatabase()->products()->where('active = 1')->orderBy('name', 'COLLATE NOCASE'),
+				'shoppingLists' => $this->getDatabase()->shopping_lists()->orderBy('name', 'COLLATE NOCASE'),
+				'mode' => 'create',
+				'quantityUnits' => $this->getDatabase()->quantity_units()->orderBy('name', 'COLLATE NOCASE'),
+				'quantityUnitConversionsResolved' => $this->getDatabase()->quantity_unit_conversions_resolved(),
+				'userfields' => $this->getUserfieldsService()->GetFields('shopping_list')
+			]);
+		}
+		else
+		{
+			return $this->renderPage($response, 'shoppinglistitemform', [
+				'listItem' => $this->getDatabase()->shopping_list($args['itemId']),
+				'products' => $this->getDatabase()->products()->where('active = 1')->orderBy('name', 'COLLATE NOCASE'),
+				'shoppingLists' => $this->getDatabase()->shopping_lists()->orderBy('name', 'COLLATE NOCASE'),
+				'mode' => 'edit',
+				'quantityUnits' => $this->getDatabase()->quantity_units()->orderBy('name', 'COLLATE NOCASE'),
+				'quantityUnitConversionsResolved' => $this->getDatabase()->quantity_unit_conversions_resolved(),
+				'userfields' => $this->getUserfieldsService()->GetFields('shopping_list')
+			]);
+		}
+	}
+
+	public function ShoppingListSettings(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		return $this->renderPage($response, 'shoppinglistsettings');
+	}
+
+	public function ShoppingLocationEditForm(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		if ($args['shoppingLocationId'] == 'new')
+		{
+			return $this->renderPage($response, 'shoppinglocationform', [
+				'mode' => 'create',
+				'userfields' => $this->getUserfieldsService()->GetFields('shopping_locations')
+			]);
+		}
+		else
+		{
+			return $this->renderPage($response, 'shoppinglocationform', [
+				'shoppinglocation' => $this->getDatabase()->shopping_locations($args['shoppingLocationId']),
+				'mode' => 'edit',
+				'userfields' => $this->getUserfieldsService()->GetFields('shopping_locations')
+			]);
+		}
+	}
+
+	public function ShoppingLocationsList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		return $this->renderPage($response, 'shoppinglocations', [
+			'shoppinglocations' => $this->getDatabase()->shopping_locations()->orderBy('name', 'COLLATE NOCASE'),
+			'userfields' => $this->getUserfieldsService()->GetFields('shopping_locations'),
+			'userfieldValues' => $this->getUserfieldsService()->GetAllValues('shopping_locations')
+		]);
+	}
+
+	public function StockEntryEditForm(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		return $this->renderPage($response, 'stockentryform', [
+			'stockEntry' => $this->getDatabase()->stock()->where('id', $args['entryId'])->fetch(),
+			'products' => $this->getDatabase()->products()->where('active = 1')->orderBy('name', 'COLLATE NOCASE'),
+			'shoppinglocations' => $this->getDatabase()->shopping_locations()->orderBy('name', 'COLLATE NOCASE'),
+			'locations' => $this->getDatabase()->locations()->orderBy('name', 'COLLATE NOCASE')
+		]);
+	}
+
+	public function StockSettings(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		return $this->renderPage($response, 'stocksettings', [
+			'locations' => $this->getDatabase()->locations()->orderBy('name', 'COLLATE NOCASE'),
+			'quantityunits' => $this->getDatabase()->quantity_units()->orderBy('name', 'COLLATE NOCASE'),
+			'productGroups' => $this->getDatabase()->product_groups()->orderBy('name', 'COLLATE NOCASE')
+		]);
+	}
+
+	public function Stockentries(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		$usersService = $this->getUsersService();
+		$nextXDays = $usersService->GetUserSettings(GROCY_USER_ID)['stock_due_soon_days'];
+
+		return $this->renderPage($response, 'stockentries', [
+			'products' => $this->getDatabase()->products()->where('active = 1')->orderBy('name', 'COLLATE NOCASE'),
+			'quantityunits' => $this->getDatabase()->quantity_units()->orderBy('name', 'COLLATE NOCASE'),
+			'locations' => $this->getDatabase()->locations()->orderBy('name', 'COLLATE NOCASE'),
+			'shoppinglocations' => $this->getDatabase()->shopping_locations()->orderBy('name', 'COLLATE NOCASE'),
+			'stockEntries' => $this->getDatabase()->stock()->orderBy('product_id'),
+			'currentStockLocations' => $this->getStockService()->GetCurrentStockLocations(),
+			'nextXDays' => $nextXDays,
+			'userfields' => $this->getUserfieldsService()->GetFields('products'),
+			'userfieldValues' => $this->getUserfieldsService()->GetAllValues('products')
+		]);
+	}
+
+	public function Transfer(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		return $this->renderPage($response, 'transfer', [
+			'products' => $this->getDatabase()->products()->where('active = 1')->orderBy('name', 'COLLATE NOCASE'),
+			'barcodes' => $this->getDatabase()->product_barcodes_comma_separated(),
+			'locations' => $this->getDatabase()->locations()->orderBy('name', 'COLLATE NOCASE'),
+			'quantityUnits' => $this->getDatabase()->quantity_units()->orderBy('name', 'COLLATE NOCASE'),
+			'quantityUnitConversionsResolved' => $this->getDatabase()->quantity_unit_conversions_resolved()
+		]);
+	}
+
+	public function __construct(\DI\Container $container)
+	{
+		parent::__construct($container);
+	}
+
+	public function JournalSummary(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		$entries = $this->getDatabase()->uihelper_stock_journal_summary();
+		if (isset($request->getQueryParams()['product_id']))
+		{
+			$entries = $entries->where('product_id', $request->getQueryParams()['product_id']);
+		}
+		if (isset($request->getQueryParams()['user_id']))
+		{
+			$entries = $entries->where('user_id', $request->getQueryParams()['user_id']);
+		}
+		if (isset($request->getQueryParams()['transaction_type']))
+		{
+			$entries = $entries->where('transaction_type', $request->getQueryParams()['transaction_type']);
+		}
+
+		$usersService = $this->getUsersService();
+		return $this->renderPage($response, 'stockjournalsummary', [
+			'entries' => $entries,
+			'products' => $this->getDatabase()->products()->where('active = 1')->orderBy('name', 'COLLATE NOCASE'),
+			'users' => $usersService->GetUsersAsDto(),
+			'transactionTypes' => GetClassConstants('\Grocy\Services\StockService', 'TRANSACTION_TYPE_')
 		]);
 	}
 }

controllers/SystemApiController.php

@@ -2,48 +2,67 @@
 
 namespace Grocy\Controllers;
 
-use \Grocy\Services\DatabaseService;
-use \Grocy\Services\ApplicationService;
-
 class SystemApiController extends BaseApiController
 {
-	public function __construct(\Slim\Container $container)
+	public function GetConfig(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		parent::__construct($container);
-		$this->DatabaseService = new DatabaseService();
-		$this->ApplicationService = new ApplicationService();
+		try
+		{
+			$constants = get_defined_constants();
+
+			// Some GROCY_* constants are not really config settings and therefore should not be exposed
+			unset($constants['GROCY_AUTHENTICATED'], $constants['GROCY_DATAPATH'], $constants['GROCY_IS_EMBEDDED_INSTALL'], $constants['GROCY_USER_ID']);
+
+			$returnArray = [];
+
+			foreach ($constants as $constant => $value)
+			{
+				if (substr($constant, 0, 6) === 'GROCY_')
+				{
+					$returnArray[substr($constant, 6)] = $value;
+				}
+			}
+
+			return $this->ApiResponse($response, $returnArray);
+		}
+		catch (\Exception $ex)
+		{
+			return $this->GenericErrorResponse($response, $ex->getMessage());
+		}
 	}
 
-	protected $DatabaseService;
-	protected $ApplicationService;
-
-	public function GetDbChangedTime(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function GetDbChangedTime(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		return $this->ApiResponse(array(
-			'changed_time' => $this->DatabaseService->GetDbChangedTime()
-		));
+		return $this->ApiResponse($response, [
+			'changed_time' => $this->getDatabaseService()->GetDbChangedTime()
+		]);
 	}
 
-	public function LogMissingLocalization(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function GetSystemInfo(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		return $this->ApiResponse($response, $this->getApplicationService()->GetSystemInfo());
+	}
+
+	public function LogMissingLocalization(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		if (GROCY_MODE === 'dev')
 		{
 			try
 			{
-				$requestBody = $request->getParsedBody();
+				$requestBody = $this->GetParsedAndFilteredRequestBody($request);
 
-				$this->LocalizationService->CheckAndAddMissingTranslationToPot($requestBody['text']);
+				$this->getLocalizationService()->CheckAndAddMissingTranslationToPot($requestBody['text']);
 				return $this->EmptyApiResponse($response);
 			}
 			catch (\Exception $ex)
 			{
 				return $this->GenericErrorResponse($response, $ex->getMessage());
 			}
-		}	
+		}
 	}
 
-	public function GetSystemInfo(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function __construct(\DI\Container $container)
 	{
-		return $this->ApiResponse($this->ApplicationService->GetSystemInfo());
+		parent::__construct($container);
 	}
 }

controllers/SystemController.php

@@ -2,33 +2,42 @@
 
 namespace Grocy\Controllers;
 
-use \Grocy\Services\ApplicationService;
-use \Grocy\Services\DatabaseMigrationService;
-use \Grocy\Services\DemoDataGeneratorService;
+use Grocy\Services\DatabaseMigrationService;
+use Grocy\Services\DemoDataGeneratorService;
 
 class SystemController extends BaseController
 {
-	protected $ApplicationService;
-
-	public function __construct(\Slim\Container $container)
+	public function About(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		parent::__construct($container);
-		$this->ApplicationService = new ApplicationService();
+		return $this->renderPage($response, 'about', [
+			'system_info' => $this->getApplicationService()->GetSystemInfo(),
+			'changelog' => $this->getApplicationService()->GetChangelog()
+		]);
 	}
 
-	public function Root(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function BarcodeScannerTesting(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		return $this->renderPage($response, 'barcodescannertesting');
+	}
+
+	public function Root(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		// Schema migration is done here
-		$databaseMigrationService = new DatabaseMigrationService();
+		$databaseMigrationService = DatabaseMigrationService::getInstance();
 		$databaseMigrationService->MigrateDatabase();
 
-		if (GROCY_IS_DEMO_INSTALL)
+		if (GROCY_MODE === 'dev' || GROCY_MODE === 'demo' || GROCY_MODE === 'prerelease')
 		{
-			$demoDataGeneratorService = new DemoDataGeneratorService();
+			$demoDataGeneratorService = DemoDataGeneratorService::getInstance();
 			$demoDataGeneratorService->PopulateDemoData();
 		}
 
-		return $response->withRedirect($this->AppContainer->UrlManager->ConstructUrl($this->GetEntryPageRelative()));
+		return $response->withRedirect($this->AppContainer->get('UrlManager')->ConstructUrl($this->GetEntryPageRelative()));
+	}
+
+	public function __construct(\DI\Container $container)
+	{
+		parent::__construct($container);
 	}
 
 	/**
@@ -41,69 +50,68 @@ class SystemController extends BaseController
 	 */
 	private function GetEntryPageRelative()
 	{
-		if (defined('GROCY_ENTRY_PAGE')) {
+		if (defined('GROCY_ENTRY_PAGE'))
+		{
 			$entryPage = constant('GROCY_ENTRY_PAGE');
-		} else {
+		}
+		else
+		{
 			$entryPage = 'stock';
 		}
 
 		// Stock
-		if ($entryPage === 'stock' && constant('GROCY_FEATURE_FLAG_STOCK')) {
+		if ($entryPage === 'stock' && constant('GROCY_FEATURE_FLAG_STOCK'))
+		{
 			return '/stockoverview';
 		}
 
 		// Shoppinglist
-		if ($entryPage === 'shoppinglist' && constant('GROCY_FEATURE_FLAG_SHOPPINGLIST')) {
+		if ($entryPage === 'shoppinglist' && constant('GROCY_FEATURE_FLAG_SHOPPINGLIST'))
+		{
 			return '/shoppinglist';
 		}
 
 		// Recipes
-		if ($entryPage === 'recipes' && constant('GROCY_FEATURE_FLAG_RECIPES')) {
+		if ($entryPage === 'recipes' && constant('GROCY_FEATURE_FLAG_RECIPES'))
+		{
 			return '/recipes';
 		}
 
 		// Chores
-		if ($entryPage === 'chores' && constant('GROCY_FEATURE_FLAG_CHORES')) {
+		if ($entryPage === 'chores' && constant('GROCY_FEATURE_FLAG_CHORES'))
+		{
 			return '/choresoverview';
 		}
 
 		// Tasks
-		if ($entryPage === 'tasks' && constant('GROCY_FEATURE_FLAG_TASKS')) {
+		if ($entryPage === 'tasks' && constant('GROCY_FEATURE_FLAG_TASKS'))
+		{
 			return '/tasks';
 		}
 
 		// Batteries
-		if ($entryPage === 'batteries' && constant('GROCY_FEATURE_FLAG_BATTERIES')) {
+		if ($entryPage === 'batteries' && constant('GROCY_FEATURE_FLAG_BATTERIES'))
+		{
 			return '/batteriesoverview';
 		}
 
-		if ($entryPage === 'equipment' && constant('GROCY_FEATURE_FLAG_EQUIPMENT')) {
+		if ($entryPage === 'equipment' && constant('GROCY_FEATURE_FLAG_EQUIPMENT'))
+		{
 			return '/equipment';
 		}
 
 		// Calendar
-		if ($entryPage === 'calendar' && constant('GROCY_FEATURE_FLAG_CALENDAR')) {
+		if ($entryPage === 'calendar' && constant('GROCY_FEATURE_FLAG_CALENDAR'))
+		{
 			return '/calendar';
 		}
-		
+
 		// Meal Plan
-		if ($entryPage === 'mealplan' && constant('GROCY_FEATURE_FLAG_RECIPES')) {
+		if ($entryPage === 'mealplan' && constant('GROCY_FEATURE_FLAG_RECIPES'))
+		{
 			return '/mealplan';
 		}
 
 		return '/about';
 	}
-
-	public function About(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		return $this->AppContainer->view->render($response, 'about', [
-			'system_info' => $this->ApplicationService->GetSystemInfo(),
-			'changelog' => $this->ApplicationService->GetChangelog()
-		]);
-	}
-
-	public function BarcodeScannerTesting(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		return $this->AppContainer->view->render($response, 'barcodescannertesting');
-	}
 }

controllers/TasksApiController.php

@@ -2,36 +2,31 @@
 
 namespace Grocy\Controllers;
 
-use \Grocy\Services\TasksService;
+use Grocy\Controllers\Users\User;
 
 class TasksApiController extends BaseApiController
 {
-	public function __construct(\Slim\Container $container)
+	public function Current(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		parent::__construct($container);
-		$this->TasksService = new TasksService();
+		return $this->FilteredApiResponse($response, $this->getTasksService()->GetCurrent(), $request->getQueryParams());
 	}
 
-	protected $TasksService;
-
-	public function Current(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function MarkTaskAsCompleted(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		return $this->ApiResponse($this->TasksService->GetCurrent());
-	}
+		User::checkPermission($request, User::PERMISSION_TASKS_MARK_COMPLETED);
 
-	public function MarkTaskAsCompleted(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		$requestBody = $request->getParsedBody();
+		$requestBody = $this->GetParsedAndFilteredRequestBody($request);
 
 		try
 		{
 			$doneTime = date('Y-m-d H:i:s');
+
 			if (array_key_exists('done_time', $requestBody) && IsIsoDateTime($requestBody['done_time']))
 			{
 				$doneTime = $requestBody['done_time'];
 			}
 
-			$this->TasksService->MarkTaskAsCompleted($args['taskId'], $doneTime);
+			$this->getTasksService()->MarkTaskAsCompleted($args['taskId'], $doneTime);
 			return $this->EmptyApiResponse($response);
 		}
 		catch (\Exception $ex)
@@ -40,11 +35,13 @@ class TasksApiController extends BaseApiController
 		}
 	}
 
-	public function UndoTask(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function UndoTask(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
+		User::checkPermission($request, User::PERMISSION_TASKS_UNDO_EXECUTION);
+
 		try
 		{
-			$this->TasksService->UndoTask($args['taskId']);
+			$this->getTasksService()->UndoTask($args['taskId']);
 			return $this->EmptyApiResponse($response);
 		}
 		catch (\Exception $ex)
@@ -52,4 +49,9 @@ class TasksApiController extends BaseApiController
 			return $this->GenericErrorResponse($response, $ex->getMessage());
 		}
 	}
+
+	public function __construct(\DI\Container $container)
+	{
+		parent::__construct($container);
+	}
 }

controllers/TasksController.php

@@ -2,99 +2,90 @@
 
 namespace Grocy\Controllers;
 
-use \Grocy\Services\TasksService;
-use \Grocy\Services\UsersService;
-use \Grocy\Services\UserfieldsService;
-
 class TasksController extends BaseController
 {
-	public function __construct(\Slim\Container $container)
-	{
-		parent::__construct($container);
-		$this->TasksService = new TasksService();
-		$this->UserfieldsService = new UserfieldsService();
-	}
-
-	protected $TasksService;
-	protected $UserfieldsService;
-
-	public function Overview(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function Overview(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		if (isset($request->getQueryParams()['include_done']))
 		{
-			$tasks = $this->Database->tasks()->orderBy('name');
+			$tasks = $this->getDatabase()->tasks()->orderBy('name', 'COLLATE NOCASE');
 		}
 		else
 		{
-			$tasks = $this->TasksService->GetCurrent();
+			$tasks = $this->getTasksService()->GetCurrent();
 		}
 
-		$usersService = new UsersService();
+		$usersService = $this->getUsersService();
 		$nextXDays = $usersService->GetUserSettings(GROCY_USER_ID)['tasks_due_soon_days'];
 
-		return $this->AppContainer->view->render($response, 'tasks', [
+		return $this->renderPage($response, 'tasks', [
 			'tasks' => $tasks,
 			'nextXDays' => $nextXDays,
-			'taskCategories' => $this->Database->task_categories()->orderBy('name'),
-			'users' => $this->Database->users(),
-			'userfields' => $this->UserfieldsService->GetFields('tasks'),
-			'userfieldValues' => $this->UserfieldsService->GetAllValues('tasks')
+			'taskCategories' => $this->getDatabase()->task_categories()->orderBy('name', 'COLLATE NOCASE'),
+			'users' => $this->getDatabase()->users(),
+			'userfields' => $this->getUserfieldsService()->GetFields('tasks'),
+			'userfieldValues' => $this->getUserfieldsService()->GetAllValues('tasks')
 		]);
 	}
 
-	public function TaskEditForm(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function TaskCategoriesList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		if ($args['taskId'] == 'new')
-		{
-			return $this->AppContainer->view->render($response, 'taskform', [
-				'mode' => 'create',
-				'taskCategories' => $this->Database->task_categories()->orderBy('name'),
-				'users' => $this->Database->users()->orderBy('username'),
-				'userfields' => $this->UserfieldsService->GetFields('tasks')
-			]);
-		}
-		else
-		{
-			return $this->AppContainer->view->render($response, 'taskform', [
-				'task' =>  $this->Database->tasks($args['taskId']),
-				'mode' => 'edit',
-				'taskCategories' => $this->Database->task_categories()->orderBy('name'),
-				'users' => $this->Database->users()->orderBy('username'),
-				'userfields' => $this->UserfieldsService->GetFields('tasks')
-			]);
-		}
-	}
-
-	public function TaskCategoriesList(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
-	{
-		return $this->AppContainer->view->render($response, 'taskcategories', [
-			'taskCategories' => $this->Database->task_categories()->orderBy('name'),
-			'userfields' => $this->UserfieldsService->GetFields('task_categories'),
-			'userfieldValues' => $this->UserfieldsService->GetAllValues('task_categories')
+		return $this->renderPage($response, 'taskcategories', [
+			'taskCategories' => $this->getDatabase()->task_categories()->orderBy('name', 'COLLATE NOCASE'),
+			'userfields' => $this->getUserfieldsService()->GetFields('task_categories'),
+			'userfieldValues' => $this->getUserfieldsService()->GetAllValues('task_categories')
 		]);
 	}
 
-	public function TaskCategoryEditForm(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function TaskCategoryEditForm(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		if ($args['categoryId'] == 'new')
 		{
-			return $this->AppContainer->view->render($response, 'taskcategoryform', [
+			return $this->renderPage($response, 'taskcategoryform', [
 				'mode' => 'create',
-				'userfields' => $this->UserfieldsService->GetFields('task_categories')
+				'userfields' => $this->getUserfieldsService()->GetFields('task_categories')
 			]);
 		}
 		else
 		{
-			return $this->AppContainer->view->render($response, 'taskcategoryform', [
-				'category' =>  $this->Database->task_categories($args['categoryId']),
+			return $this->renderPage($response, 'taskcategoryform', [
+				'category' => $this->getDatabase()->task_categories($args['categoryId']),
 				'mode' => 'edit',
-				'userfields' => $this->UserfieldsService->GetFields('task_categories')
+				'userfields' => $this->getUserfieldsService()->GetFields('task_categories')
 			]);
 		}
 	}
 
-	public function TasksSettings(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function TaskEditForm(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		return $this->AppContainer->view->render($response, 'taskssettings');
+		if ($args['taskId'] == 'new')
+		{
+			return $this->renderPage($response, 'taskform', [
+				'mode' => 'create',
+				'taskCategories' => $this->getDatabase()->task_categories()->orderBy('name', 'COLLATE NOCASE'),
+				'users' => $this->getDatabase()->users()->orderBy('username'),
+				'userfields' => $this->getUserfieldsService()->GetFields('tasks')
+			]);
+		}
+		else
+		{
+			return $this->renderPage($response, 'taskform', [
+				'task' => $this->getDatabase()->tasks($args['taskId']),
+				'mode' => 'edit',
+				'taskCategories' => $this->getDatabase()->task_categories()->orderBy('name', 'COLLATE NOCASE'),
+				'users' => $this->getDatabase()->users()->orderBy('username'),
+				'userfields' => $this->getUserfieldsService()->GetFields('tasks')
+			]);
+		}
+	}
+
+	public function TasksSettings(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		return $this->renderPage($response, 'taskssettings');
+	}
+
+	public function __construct(\DI\Container $container)
+	{
+		parent::__construct($container);
 	}
 }

controllers/Users/PermissionMissingException.php

@@ -0,0 +1,15 @@
+<?php
+
+namespace Grocy\Controllers\Users;
+
+use Psr\Http\Message\ServerRequestInterface;
+use Slim\Exception\HttpForbiddenException;
+use Throwable;
+
+class PermissionMissingException extends HttpForbiddenException
+{
+	public function __construct(ServerRequestInterface $request, string $permission, ?Throwable $previous = null)
+	{
+		parent::__construct($request, 'Permission missing: ' . $permission, $previous);
+	}
+}

controllers/Users/User.php

@@ -0,0 +1,109 @@
+<?php
+
+namespace Grocy\Controllers\Users;
+
+use Grocy\Services\DatabaseService;
+use LessQL\Result;
+
+class User
+{
+	const PERMISSION_ADMIN = 'ADMIN';
+
+	const PERMISSION_BATTERIES = 'BATTERIES';
+	const PERMISSION_BATTERIES_TRACK_CHARGE_CYCLE = 'BATTERIES_TRACK_CHARGE_CYCLE';
+	const PERMISSION_BATTERIES_UNDO_CHARGE_CYCLE = 'BATTERIES_UNDO_CHARGE_CYCLE';
+
+	const PERMISSION_CALENDAR = 'CALENDAR';
+
+	const PERMISSION_CHORES = 'CHORES';
+	const PERMISSION_CHORE_TRACK_EXECUTION = 'CHORE_TRACK_EXECUTION';
+	const PERMISSION_CHORE_UNDO_EXECUTION = 'CHORE_UNDO_EXECUTION';
+
+	const PERMISSION_EQUIPMENT = 'EQUIPMENT';
+
+	const PERMISSION_MASTER_DATA_EDIT = 'MASTER_DATA_EDIT';
+
+	const PERMISSION_RECIPES = 'RECIPES';
+	const PERMISSION_RECIPES_MEALPLAN = 'RECIPES_MEALPLAN';
+
+	const PERMISSION_SHOPPINGLIST = 'SHOPPINGLIST';
+	const PERMISSION_SHOPPINGLIST_ITEMS_ADD = 'SHOPPINGLIST_ITEMS_ADD';
+	const PERMISSION_SHOPPINGLIST_ITEMS_DELETE = 'SHOPPINGLIST_ITEMS_DELETE';
+
+	const PERMISSION_STOCK = 'STOCK';
+	const PERMISSION_STOCK_CONSUME = 'STOCK_CONSUME';
+	const PERMISSION_STOCK_EDIT = 'STOCK_EDIT';
+	const PERMISSION_STOCK_INVENTORY = 'STOCK_INVENTORY';
+	const PERMISSION_STOCK_OPEN = 'STOCK_OPEN';
+	const PERMISSION_STOCK_PURCHASE = 'STOCK_PURCHASE';
+	const PERMISSION_STOCK_TRANSFER = 'STOCK_TRANSFER';
+
+	const PERMISSION_TASKS = 'TASKS';
+	const PERMISSION_TASKS_MARK_COMPLETED = 'TASKS_MARK_COMPLETED';
+	const PERMISSION_TASKS_UNDO_EXECUTION = 'TASKS_UNDO_EXECUTION';
+
+	const PERMISSION_USERS = 'USERS';
+	const PERMISSION_USERS_CREATE = 'USERS_CREATE';
+	const PERMISSION_USERS_EDIT = 'USERS_EDIT';
+	const PERMISSION_USERS_EDIT_SELF = 'USERS_EDIT_SELF';
+	const PERMISSION_USERS_READ = 'USERS_READ';
+
+	/**
+	 * @var \LessQL\Database|null
+	 */
+	protected $db;
+
+	public static function PermissionList()
+	{
+		$user = new self();
+		return $user->getPermissionList();
+	}
+
+	public function __construct()
+	{
+		$this->db = DatabaseService::getInstance()->GetDbConnection();
+	}
+
+	public static function checkPermission($request, string ...$permissions): void
+	{
+		$user = new self();
+
+		foreach ($permissions as $permission)
+		{
+			if (!$user->hasPermission($permission))
+			{
+				throw new PermissionMissingException($request, $permission);
+			}
+		}
+	}
+
+	public function getPermissionList()
+	{
+		return $this->db->uihelper_user_permissions()->where('user_id', GROCY_USER_ID);
+	}
+
+	public function hasPermission(string $permission): bool
+	{
+		return $this->getPermissions()->where('permission_name', $permission)->fetch() !== null;
+	}
+
+	public static function hasPermissions(string ...$permissions)
+	{
+		$user = new self();
+
+		foreach ($permissions as $permission)
+		{
+			if (!$user->hasPermission($permission))
+			{
+				return false;
+			}
+		}
+
+		return true;
+	}
+
+	protected function getPermissions(): Result
+	{
+		return $this->db->user_permissions_resolved()->where('user_id', GROCY_USER_ID);
+	}
+}

controllers/UsersApiController.php

@@ -2,23 +2,26 @@
 
 namespace Grocy\Controllers;
 
-use \Grocy\Services\UsersService;
+use Grocy\Controllers\Users\User;
 
 class UsersApiController extends BaseApiController
 {
-	public function __construct(\Slim\Container $container)
-	{
-		parent::__construct($container);
-		$this->UsersService = new UsersService();
-	}
-
-	protected $UsersService;
-
-	public function GetUsers(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function AddPermission(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		try
 		{
-			return $this->ApiResponse($this->UsersService->GetUsersAsDto());
+			User::checkPermission($request, User::PERMISSION_ADMIN);
+			$requestBody = $this->GetParsedAndFilteredRequestBody($request);
+
+			$this->getDatabase()->user_permissions()->createRow([
+				'user_id' => $args['userId'],
+				'permission_id' => $requestBody['permission_id']
+			])->save();
+			return $this->EmptyApiResponse($response);
+		}
+		catch (\Slim\Exception\HttpSpecializedException $ex)
+		{
+			return $this->GenericErrorResponse($response, $ex->getMessage(), $ex->getCode());
 		}
 		catch (\Exception $ex)
 		{
@@ -26,9 +29,10 @@ class UsersApiController extends BaseApiController
 		}
 	}
 
-	public function CreateUser(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function CreateUser(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		$requestBody = $request->getParsedBody();
+		User::checkPermission($request, User::PERMISSION_USERS_CREATE);
+		$requestBody = $this->GetParsedAndFilteredRequestBody($request);
 
 		try
 		{
@@ -37,7 +41,7 @@ class UsersApiController extends BaseApiController
 				throw new \Exception('Request body could not be parsed (probably invalid JSON format or missing/wrong Content-Type header)');
 			}
 
-			$this->UsersService->CreateUser($requestBody['username'], $requestBody['first_name'], $requestBody['last_name'], $requestBody['password']);
+			$this->getUsersService()->CreateUser($requestBody['username'], $requestBody['first_name'], $requestBody['last_name'], $requestBody['password'], $requestBody['picture_file_name']);
 			return $this->EmptyApiResponse($response);
 		}
 		catch (\Exception $ex)
@@ -46,11 +50,12 @@ class UsersApiController extends BaseApiController
 		}
 	}
 
-	public function DeleteUser(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function DeleteUser(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
+		User::checkPermission($request, User::PERMISSION_USERS_EDIT);
 		try
 		{
-			$this->UsersService->DeleteUser($args['userId']);
+			$this->getUsersService()->DeleteUser($args['userId']);
 			return $this->EmptyApiResponse($response);
 		}
 		catch (\Exception $ex)
@@ -59,13 +64,22 @@ class UsersApiController extends BaseApiController
 		}
 	}
 
-	public function EditUser(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function EditUser(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		$requestBody = $request->getParsedBody();
+		if ($args['userId'] == GROCY_USER_ID)
+		{
+			User::checkPermission($request, User::PERMISSION_USERS_EDIT_SELF);
+		}
+		else
+		{
+			User::checkPermission($request, User::PERMISSION_USERS_EDIT);
+		}
+
+		$requestBody = $this->GetParsedAndFilteredRequestBody($request);
 
 		try
 		{
-			$this->UsersService->EditUser($args['userId'], $requestBody['username'], $requestBody['first_name'], $requestBody['last_name'], $requestBody['password']);
+			$this->getUsersService()->EditUser($args['userId'], $requestBody['username'], $requestBody['first_name'], $requestBody['last_name'], $requestBody['password'], $requestBody['picture_file_name']);
 			return $this->EmptyApiResponse($response);
 		}
 		catch (\Exception $ex)
@@ -74,12 +88,12 @@ class UsersApiController extends BaseApiController
 		}
 	}
 
-	public function GetUserSetting(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function GetUserSetting(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		try
 		{
-			$value = $this->UsersService->GetUserSetting(GROCY_USER_ID, $args['settingKey']);
-			return $this->ApiResponse(array('value' => $value));
+			$value = $this->getUsersService()->GetUserSetting(GROCY_USER_ID, $args['settingKey']);
+			return $this->ApiResponse($response, ['value' => $value]);
 		}
 		catch (\Exception $ex)
 		{
@@ -87,13 +101,116 @@ class UsersApiController extends BaseApiController
 		}
 	}
 
-	public function SetUserSetting(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function GetUserSettings(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		try
 		{
+			return $this->ApiResponse($response, $this->getUsersService()->GetUserSettings(GROCY_USER_ID));
+		}
+		catch (\Exception $ex)
+		{
+			return $this->GenericErrorResponse($response, $ex->getMessage());
+		}
+	}
+
+	public function GetUsers(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		User::checkPermission($request, User::PERMISSION_USERS_READ);
+		try
+		{
+			return $this->FilteredApiResponse($response, $this->getUsersService()->GetUsersAsDto(), $request->getQueryParams());
+		}
+		catch (\Exception $ex)
+		{
+			return $this->GenericErrorResponse($response, $ex->getMessage());
+		}
+	}
+
+	public function CurrentUser(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		try
+		{
+			return $this->ApiResponse($response, $this->getUsersService()->GetUsersAsDto()->where('id', GROCY_USER_ID));
+		}
+		catch (\Exception $ex)
+		{
+			return $this->GenericErrorResponse($response, $ex->getMessage());
+		}
+	}
+
+	public function ListPermissions(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		try
+		{
+			User::checkPermission($request, User::PERMISSION_ADMIN);
+
+			return $this->ApiResponse(
+				$response,
+				$this->getDatabase()->user_permissions()->where('user_id', $args['userId'])
+			);
+		}
+		catch (\Slim\Exception\HttpSpecializedException $ex)
+		{
+			return $this->GenericErrorResponse($response, $ex->getMessage(), $ex->getCode());
+		}
+		catch (\Exception $ex)
+		{
+			return $this->GenericErrorResponse($response, $ex->getMessage());
+		}
+	}
+
+	public function SetPermissions(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		try
+		{
+			User::checkPermission($request, User::PERMISSION_ADMIN);
+
 			$requestBody = $request->getParsedBody();
+			$db = $this->getDatabase();
+			$db->user_permissions()
+				->where('user_id', $args['userId'])
+				->delete();
 
-			$value = $this->UsersService->SetUserSetting(GROCY_USER_ID, $args['settingKey'], $requestBody['value']);
+			$perms = [];
+			if (GROCY_MODE === 'demo' || GROCY_MODE === 'prerelease')
+			{
+				// For demo mode always all users have and keep the ADMIN permission
+				$perms[] = [
+					'user_id' => $args['userId'],
+					'permission_id' => 1
+				];
+			}
+			else
+			{
+				foreach ($requestBody['permissions'] as $perm_id)
+				{
+					$perms[] = [
+						'user_id' => $args['userId'],
+						'permission_id' => $perm_id
+					];
+				}
+			}
+			$db->insert('user_permissions', $perms, 'batch');
+
+			return $this->EmptyApiResponse($response);
+		}
+		catch (\Slim\Exception\HttpSpecializedException $ex)
+		{
+			return $this->GenericErrorResponse($response, $ex->getMessage(), $ex->getCode());
+		}
+		catch (\Exception $ex)
+		{
+			return $this->GenericErrorResponse($response, $ex->getMessage());
+		}
+	}
+
+	public function SetUserSetting(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		try
+		{
+			$requestBody = $this->GetParsedAndFilteredRequestBody($request);
+
+			$value = $this->getUsersService()->SetUserSetting(GROCY_USER_ID, $args['settingKey'], $requestBody['value']);
 			return $this->EmptyApiResponse($response);
 		}
 		catch (\Exception $ex)
@@ -101,4 +218,22 @@ class UsersApiController extends BaseApiController
 			return $this->GenericErrorResponse($response, $ex->getMessage());
 		}
 	}
+
+	public function DeleteUserSetting(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		try
+		{
+			$value = $this->getUsersService()->DeleteUserSetting(GROCY_USER_ID, $args['settingKey']);
+			return $this->EmptyApiResponse($response);
+		}
+		catch (\Exception $ex)
+		{
+			return $this->GenericErrorResponse($response, $ex->getMessage());
+		}
+	}
+
+	public function __construct(\DI\Container $container)
+	{
+		parent::__construct($container);
+	}
 }

controllers/UsersController.php

@@ -2,29 +2,71 @@
 
 namespace Grocy\Controllers;
 
+use Grocy\Controllers\Users\User;
+
 class UsersController extends BaseController
 {
-	public function UsersList(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function PermissionList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		return $this->AppContainer->view->render($response, 'users', [
-			'users' => $this->Database->users()->orderBy('username')
+		User::checkPermission($request, User::PERMISSION_USERS_READ);
+		return $this->renderPage($response, 'userpermissions', [
+			'user' => $this->getDatabase()->users($args['userId']),
+			'permissions' => $this->getDatabase()->uihelper_user_permissions()
+				->where('parent IS NULL')->where('user_id', $args['userId'])
 		]);
 	}
 
-	public function UserEditForm(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
+	public function UserEditForm(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		if ($args['userId'] == 'new')
 		{
-			return $this->AppContainer->view->render($response, 'userform', [
-				'mode' => 'create'
+			User::checkPermission($request, User::PERMISSION_USERS_CREATE);
+			return $this->renderPage($response, 'userform', [
+				'mode' => 'create',
+				'userfields' => $this->getUserfieldsService()->GetFields('users')
 			]);
 		}
 		else
 		{
-			return $this->AppContainer->view->render($response, 'userform', [
-				'user' =>  $this->Database->users($args['userId']),
-				'mode' => 'edit'
+			if ($args['userId'] == GROCY_USER_ID)
+			{
+				User::checkPermission($request, User::PERMISSION_USERS_EDIT_SELF);
+			}
+			else
+			{
+				User::checkPermission($request, User::PERMISSION_USERS_EDIT);
+			}
+
+			return $this->renderPage($response, 'userform', [
+				'user' => $this->getDatabase()->users($args['userId']),
+				'mode' => 'edit',
+				'userfields' => $this->getUserfieldsService()->GetFields('users'),
+				'userfieldValues' => $this->getUserfieldsService()->GetAllValues('users')
 			]);
 		}
 	}
+
+	public function UserSettings(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		return $this->renderPage($response, 'usersettings', [
+			'languages' => array_filter(scandir(__DIR__ . '/../localization'), function ($item) {
+				if ($item == '.' || $item == '..')
+				{
+					return false;
+				}
+
+				return is_dir(__DIR__ . '/../localization/' . $item);
+			})
+		]);
+	}
+
+	public function UsersList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
+	{
+		User::checkPermission($request, User::PERMISSION_USERS_READ);
+		return $this->renderPage($response, 'users', [
+			'users' => $this->getDatabase()->users()->orderBy('username'),
+			'userfields' => $this->getUserfieldsService()->GetFields('users'),
+			'userfieldValues' => $this->getUserfieldsService()->GetAllValues('users')
+		]);
+	}
 }

data/.htaccess

@@ -0,0 +1 @@
+Deny from all

data/plugins/DemoBarcodeLookupPlugin.php

@@ -1,6 +1,6 @@
 <?php
 
-use \Grocy\Helpers\BaseBarcodeLookupPlugin;
+use Grocy\Helpers\BaseBarcodeLookupPlugin;
 
 /*
 	This class must extend BaseBarcodeLookupPlugin (in namespace \Grocy\Helpers)
@@ -14,7 +14,7 @@ class DemoBarcodeLookupPlugin extends BaseBarcodeLookupPlugin
 
 	/*
 		To try it:
-		Call the API function at /api/stock/external-barcode-lookup/{barcode}
+		Call the API function at /api/stock/barcodes/external-lookup/{barcode}
 
 		When you also add ?add=true as a query parameter to the API call,
 		on a successful lookup the product is added to the database and in the output
@@ -55,24 +55,24 @@ class DemoBarcodeLookupPlugin extends BaseBarcodeLookupPlugin
 	*/
 	protected function ExecuteLookup($barcode)
 	{
-		if ($barcode === 'x') // Demonstration when nothing is found
-		{
+		if ($barcode === 'x')
+		{ // Demonstration when nothing is found
 			return null;
 		}
-		elseif ($barcode === 'e') // Demonstration when an error occurred
-		{
+		elseif ($barcode === 'e')
+		{ // Demonstration when an error occurred
 			throw new \Exception('This is the error message from the plugin...');
 		}
 		else
 		{
-			return array(
+			return [
 				'name' => 'LookedUpProduct_' . RandomString(5),
 				'location_id' => $this->Locations[0]->id,
 				'qu_id_purchase' => $this->QuantityUnits[0]->id,
 				'qu_id_stock' => $this->QuantityUnits[0]->id,
 				'qu_factor_purchase_to_stock' => 1,
 				'barcode' => $barcode
-			);
+			];
 		}
 	}
 }

helpers/BaseBarcodeLookupPlugin.php

@@ -4,16 +4,9 @@ namespace Grocy\Helpers;
 
 abstract class BaseBarcodeLookupPlugin
 {
-	final public function __construct($locations, $quantityUnits)
-	{
-		$this->Locations = $locations;
-		$this->QuantityUnits = $quantityUnits;
-	}
-
 	protected $Locations;
-	protected $QuantityUnits;
 
-	abstract protected function ExecuteLookup($barcode);
+	protected $QuantityUnits;
 
 	final public function Lookup($barcode)
 	{
@@ -29,20 +22,22 @@ abstract class BaseBarcodeLookupPlugin
 		{
 			throw new \Exception('Plugin output must be an associative array');
 		}
-		if (!IsAssociativeArray($pluginOutput)) // $pluginOutput is at least an indexed array here
-		{
+
+		if (!IsAssociativeArray($pluginOutput))
+		{ // $pluginOutput is at least an indexed array here
 			throw new \Exception('Plugin output must be an associative array');
 		}
 
 		// Check for minimum needed properties
-		$minimunNeededProperties = array(
+		$minimunNeededProperties = [
 			'name',
 			'location_id',
 			'qu_id_purchase',
 			'qu_id_stock',
 			'qu_factor_purchase_to_stock',
 			'barcode'
-		);
+		];
+
 		foreach ($minimunNeededProperties as $prop)
 		{
 			if (!array_key_exists($prop, $pluginOutput))
@@ -55,21 +50,28 @@ abstract class BaseBarcodeLookupPlugin
 
 		// Check referenced entity ids are valid
 		$locationId = $pluginOutput['location_id'];
+
 		if (FindObjectInArrayByPropertyValue($this->Locations, 'id', $locationId) === null)
 		{
 			throw new \Exception("Location $locationId is not a valid location id");
 		}
+
 		$quIdPurchase = $pluginOutput['qu_id_purchase'];
+
 		if (FindObjectInArrayByPropertyValue($this->QuantityUnits, 'id', $quIdPurchase) === null)
 		{
 			throw new \Exception("Location $quIdPurchase is not a valid quantity unit id");
 		}
+
 		$quIdStock = $pluginOutput['qu_id_stock'];
+
 		if (FindObjectInArrayByPropertyValue($this->QuantityUnits, 'id', $quIdStock) === null)
 		{
 			throw new \Exception("Location $quIdStock is not a valid quantity unit id");
 		}
+
 		$quFactor = $pluginOutput['qu_factor_purchase_to_stock'];
+
 		if (empty($quFactor) || !is_numeric($quFactor))
 		{
 			throw new \Exception('Quantity unit factor is empty or not a number');
@@ -77,4 +79,12 @@ abstract class BaseBarcodeLookupPlugin
 
 		return $pluginOutput;
 	}
+
+	final public function __construct($locations, $quantityUnits)
+	{
+		$this->Locations = $locations;
+		$this->QuantityUnits = $quantityUnits;
+	}
+
+	abstract protected function ExecuteLookup($barcode);
 }

helpers/PrerequisiteChecker.php

@@ -0,0 +1,73 @@
+<?php
+
+class ERequirementNotMet extends Exception
+{
+}
+
+const REQUIRED_PHP_EXTENSIONS = ['fileinfo', 'pdo_sqlite', 'gd'];
+const REQUIRED_SQLITE_VERSION = '3.8.3';
+
+class PrerequisiteChecker
+{
+	public function checkRequirements()
+	{
+		self::checkForConfigFile();
+		self::checkForConfigDistFile();
+		self::checkForComposer();
+		self::checkForPhpExtensions();
+		self::checkForSqliteVersion();
+	}
+
+	private function checkForComposer()
+	{
+		if (!file_exists(__DIR__ . '/../vendor/autoload.php'))
+		{
+			throw new ERequirementNotMet('/vendor/autoload.php not found. Have you run Composer?');
+		}
+	}
+
+	private function checkForConfigDistFile()
+	{
+		if (!file_exists(__DIR__ . '/../config-dist.php'))
+		{
+			throw new ERequirementNotMet('config-dist.php not found. Please do not remove this file.');
+		}
+	}
+
+	private function checkForConfigFile()
+	{
+		if (!file_exists(GROCY_DATAPATH . '/config.php'))
+		{
+			throw new ERequirementNotMet('config.php in data directory (' . GROCY_DATAPATH . ') not found. Have you copied config-dist.php to the data directory and renamed it to config.php?');
+		}
+	}
+
+	private function checkForPhpExtensions()
+	{
+		$loadedExtensions = get_loaded_extensions();
+
+		foreach (REQUIRED_PHP_EXTENSIONS as $extension)
+		{
+			if (!in_array($extension, $loadedExtensions))
+			{
+				throw new ERequirementNotMet("PHP module '{$extension}' not installed, but required.");
+			}
+		}
+	}
+
+	private function checkForSqliteVersion()
+	{
+		$sqliteVersion = self::getSqlVersionAsString();
+
+		if (version_compare($sqliteVersion, REQUIRED_SQLITE_VERSION, '<'))
+		{
+			throw new ERequirementNotMet('SQLite ' . REQUIRED_SQLITE_VERSION . ' is required, however you are running ' . $sqliteVersion);
+		}
+	}
+
+	private function getSqlVersionAsString()
+	{
+		$dbh = new PDO('sqlite::memory:');
+		return $dbh->query('select sqlite_version()')->fetch()[0];
+	}
+}

helpers/UrlManager.php

@@ -4,6 +4,20 @@ namespace Grocy\Helpers;
 
 class UrlManager
 {
+	protected $BasePath;
+
+	public function ConstructUrl($relativePath, $isResource = false)
+	{
+		if (GROCY_DISABLE_URL_REWRITING === false || $isResource === true)
+		{
+			return rtrim($this->BasePath, '/') . $relativePath;
+		}
+		else
+		{ // Is not a resource and URL rewriting is disabled
+			return rtrim($this->BasePath, '/') . '/index.php' . $relativePath;
+		}
+	}
+
 	public function __construct(string $basePath)
 	{
 		if ($basePath === '/')
@@ -16,20 +30,6 @@ class UrlManager
 		}
 	}
 
-	protected $BasePath;
-
-	public function ConstructUrl($relativePath, $isResource = false)
-	{
-		if (GROCY_DISABLE_URL_REWRITING === false || $isResource === true)
-		{
-			return rtrim($this->BasePath, '/') . $relativePath;
-		}
-		else // Is not a resource and URL rewriting is disabled
-		{
-			return rtrim($this->BasePath, '/') . '/index.php' . $relativePath;
-		}
-	}
-
 	private function GetBaseUrl()
 	{
 		if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false)
@@ -37,6 +37,6 @@ class UrlManager
 			$_SERVER['HTTPS'] = 'on';
 		}
 
-		return (isset($_SERVER['HTTPS']) ? "https" : "http") . "://$_SERVER[HTTP_HOST]";
+		return (isset($_SERVER['HTTPS']) ? 'https' : 'http') . "://$_SERVER[HTTP_HOST]";
 	}
 }

helpers/extensions.php

@@ -2,9 +2,10 @@
 
 function FindObjectInArrayByPropertyValue($array, $propertyName, $propertyValue)
 {
-	foreach($array as $object)
+	foreach ($array as $object)
 	{
-		if($object->{$propertyName} == $propertyValue)
+		if ($object->{$propertyName}
+			== $propertyValue)
 		{
 			return $object;
 		}
@@ -15,29 +16,38 @@ function FindObjectInArrayByPropertyValue($array, $propertyName, $propertyValue)
 
 function FindAllObjectsInArrayByPropertyValue($array, $propertyName, $propertyValue, $operator = '==')
 {
-	$returnArray = array();
+	$returnArray = [];
 
-	foreach($array as $object)
+	foreach ($array as $object)
 	{
-		switch($operator)
+		switch ($operator)
 		{
 			case '==':
-				if($object->{$propertyName} == $propertyValue)
+
+				if ($object->{$propertyName}
+					== $propertyValue)
 				{
 					$returnArray[] = $object;
 				}
+
 				break;
 			case '>':
-				if($object->{$propertyName} > $propertyValue)
+
+				if ($object->{$propertyName}
+					> $propertyValue)
 				{
 					$returnArray[] = $object;
 				}
+
 				break;
 			case '<':
-				if($object->{$propertyName} < $propertyValue)
+
+				if ($object->{$propertyName}
+					< $propertyValue)
 				{
 					$returnArray[] = $object;
 				}
+
 				break;
 		}
 	}
@@ -47,29 +57,35 @@ function FindAllObjectsInArrayByPropertyValue($array, $propertyName, $propertyVa
 
 function FindAllItemsInArrayByValue($array, $value, $operator = '==')
 {
-	$returnArray = array();
+	$returnArray = [];
 
-	foreach($array as $item)
+	foreach ($array as $item)
 	{
-		switch($operator)
+		switch ($operator)
 		{
 			case '==':
-				if($item == $value)
+
+				if ($item == $value)
 				{
 					$returnArray[] = $item;
 				}
+
 				break;
 			case '>':
-				if($item > $value)
+
+				if ($item > $value)
 				{
 					$returnArray[] = $item;
 				}
+
 				break;
 			case '<':
-				if($item < $value)
+
+				if ($item < $value)
 				{
 					$returnArray[] = $item;
 				}
+
 				break;
 		}
 	}
@@ -80,9 +96,10 @@ function FindAllItemsInArrayByValue($array, $value, $operator = '==')
 function SumArrayValue($array, $propertyName)
 {
 	$sum = 0;
-	foreach($array as $object)
+
+	foreach ($array as $object)
 	{
-		$sum += $object->{$propertyName};
+		$sum += floatval($object->{$propertyName});
 	}
 
 	return $sum;
@@ -107,6 +124,7 @@ function GetClassConstants($className, $prefix = null)
 function RandomString($length, $allowedChars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ')
 {
 	$randomString = '';
+
 	for ($i = 0; $i < $length; $i++)
 	{
 		$randomString .= $allowedChars[rand(0, strlen($allowedChars) - 1)];
@@ -138,30 +156,37 @@ function BoolToString(bool $bool)
 	return $bool ? 'true' : 'false';
 }
 
+function ExternalSettingValue(string $value)
+{
+	$tvalue = rtrim($value, "\r\n");
+	$lvalue = strtolower($tvalue);
+
+	if ($lvalue === 'true')
+	{
+		return true;
+	}
+	elseif ($lvalue === 'false')
+	{
+		return false;
+	}
+
+	return $tvalue;
+}
+
 function Setting(string $name, $value)
 {
 	if (!defined('GROCY_' . $name))
 	{
 		// The content of a $name.txt file in /data/settingoverrides can overwrite the given setting (for embedded mode)
 		$settingOverrideFile = GROCY_DATAPATH . '/settingoverrides/' . $name . '.txt';
+
 		if (file_exists($settingOverrideFile))
 		{
-			define('GROCY_' . $name, file_get_contents($settingOverrideFile));
+			define('GROCY_' . $name, ExternalSettingValue(file_get_contents($settingOverrideFile)));
 		}
-		elseif (getenv('GROCY_' . $name) !== false) // An environment variable with the same name and prefix GROCY_ overwrites the given setting
-		{
-			if (strtolower(getenv('GROCY_' . $name)) === "true")
-			{
-				define('GROCY_' . $name, true);
-			}
-			elseif (strtolower(getenv('GROCY_' . $name)) === "false")
-			{
-				define('GROCY_' . $name, false);
-			}
-			else
-			{
-				define('GROCY_' . $name, getenv('GROCY_' . $name));
-			}
+		elseif (getenv('GROCY_' . $name) !== false)
+		{ // An environment variable with the same name and prefix GROCY_ overwrites the given setting
+			define('GROCY_' . $name, ExternalSettingValue(getenv('GROCY_' . $name)));
 		}
 		else
 		{
@@ -171,10 +196,11 @@ function Setting(string $name, $value)
 }
 
 global $GROCY_DEFAULT_USER_SETTINGS;
-$GROCY_DEFAULT_USER_SETTINGS = array();
+$GROCY_DEFAULT_USER_SETTINGS = [];
 function DefaultUserSetting(string $name, $value)
 {
 	global $GROCY_DEFAULT_USER_SETTINGS;
+
 	if (!array_key_exists($name, $GROCY_DEFAULT_USER_SETTINGS))
 	{
 		$GROCY_DEFAULT_USER_SETTINGS[$name] = $value;
@@ -207,7 +233,7 @@ function GetUserDisplayName($user)
 
 function IsValidFileName($fileName)
 {
-	if(preg_match('=^[^/?*;:{}\\\\]+\.[^/?*;:{}\\\\]+$=', $fileName))
+	if (preg_match('=^[^/?*;:{}\\\\]+\.[^/?*;:{}\\\\]+$=', $fileName))
 	{
 		return true;
 	}
@@ -229,6 +255,7 @@ function string_starts_with($haystack, $needle)
 function string_ends_with($haystack, $needle)
 {
 	$length = strlen($needle);
+
 	if ($length == 0)
 	{
 		return true;

localization/chore_period_types.pot

@@ -26,3 +26,6 @@ msgstr ""
 
 msgid "monthly"
 msgstr ""
+
+msgid "yearly"
+msgstr ""

localization/cs/chore_assignment_types.po

@@ -0,0 +1,29 @@
+# Translators:
+# Radim Kabeláč <radim.ekk@gmail.com>, 2020
+# 
+msgid ""
+msgstr ""
+"Project-Id-Version: \n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
+"PO-Revision-Date: 2019-09-17 10:45+0000\n"
+"Last-Translator: Radim Kabeláč <radim.ekk@gmail.com>, 2020\n"
+"Language-Team: Czech (https://www.transifex.com/grocy/teams/93189/cs/)\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Language: cs\n"
+"Plural-Forms: nplurals=4; plural=(n == 1 && n % 1 == 0) ? 0 : (n >= 2 && n <= 4 && n % 1 == 0) ? 1: (n % 1 != 0 ) ? 2 : 3;\n"
+"X-Domain: grocy/chore_assignment_types\n"
+
+msgid "no-assignment"
+msgstr "bez-přiřazení"
+
+msgid "who-least-did-first"
+msgstr "poslední-je-první"
+
+msgid "random"
+msgstr "náhodně"
+
+msgid "in-alphabetical-order"
+msgstr "řazení-podle-abecedy"

localization/cs/chore_period_types.po

@@ -0,0 +1,36 @@
+# Translators:
+# Tomas Reznicek <tomas.reznicek@gmail.com>, 2019
+# Michal Petříček <michal@petricek.org>, 2019
+# 
+msgid ""
+msgstr ""
+"Project-Id-Version: \n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
+"PO-Revision-Date: 2019-05-01 17:42+0000\n"
+"Last-Translator: Michal Petříček <michal@petricek.org>, 2019\n"
+"Language-Team: Czech (https://www.transifex.com/grocy/teams/93189/cs/)\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Language: cs\n"
+"Plural-Forms: nplurals=4; plural=(n == 1 && n % 1 == 0) ? 0 : (n >= 2 && n <= 4 && n % 1 == 0) ? 1: (n % 1 != 0 ) ? 2 : 3;\n"
+"X-Domain: grocy/chore_types\n"
+
+msgid "manually"
+msgstr "Manuální"
+
+msgid "dynamic-regular"
+msgstr "Dynamický"
+
+msgid "daily"
+msgstr "Denní"
+
+msgid "weekly"
+msgstr "Týdně"
+
+msgid "monthly"
+msgstr "Měsíčně"
+
+msgid "yearly"
+msgstr "Ročně"

localization/cs/component_translations.po

@@ -0,0 +1,50 @@
+# Translators:
+# Tomas Reznicek <tomas.reznicek@gmail.com>, 2019
+# Radim Kabeláč <radim.ekk@gmail.com>, 2020
+# Bernd Bestel <bernd@berrnd.de>, 2020
+# 
+msgid ""
+msgstr ""
+"Project-Id-Version: \n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
+"PO-Revision-Date: 2019-05-01 17:42+0000\n"
+"Last-Translator: Bernd Bestel <bernd@berrnd.de>, 2020\n"
+"Language-Team: Czech (https://www.transifex.com/grocy/teams/93189/cs/)\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Language: cs\n"
+"Plural-Forms: nplurals=4; plural=(n == 1 && n % 1 == 0) ? 0 : (n >= 2 && n <= 4 && n % 1 == 0) ? 1: (n % 1 != 0 ) ? 2 : 3;\n"
+"X-Domain: grocy/component_translations\n"
+
+msgid "timeago_locale"
+msgstr "cs"
+
+msgid "timeago_nan"
+msgstr "před NaN lety"
+
+msgid "moment_locale"
+msgstr "cs"
+
+msgid "datatables_localization"
+msgstr ""
+"{\"sEmptyTable\":\"Tabulka neobsahuje žádná data\",\"sInfo\":\"Zobrazuji "
+"_START_ až _END_ z celkem _TOTAL_ záznamů\",\"sInfoEmpty\":\"Zobrazuji 0 až "
+"0 z 0 záznamů\",\"sInfoFiltered\":\"(filtrováno z celkem _MAX_ "
+"záznamů)\",\"sInfoPostFix\":\"\",\"sInfoThousands\":\" "
+"\",\"sLengthMenu\":\"Zobraz záznamů "
+"_MENU_\",\"sLoadingRecords\":\"Načítám...\",\"sProcessing\":\"Provádím...\",\"sSearch\":\"Hledat:\",\"sZeroRecords\":\"Žádné"
+" záznamy nebyly "
+"nalezeny\",\"oPaginate\":{\"sFirst\":\"První\",\"sLast\":\"Poslední\",\"sNext\":\"Další\",\"sPrevious\":\"Předchozí\"},\"oAria\":{\"sSortAscending\":\":"
+" aktivujte pro řazení sloupce vzestupně\",\"sSortDescending\":\": aktivujte "
+"pro řazení sloupce sestupně\"}}"
+
+msgid "summernote_locale"
+msgstr "cs-CZ"
+
+msgid "fullcalendar_locale"
+msgstr "cs"
+
+msgid "bootstrap-select_locale"
+msgstr "cs_CZ"

localization/cs/demo_data.po

@@ -0,0 +1,402 @@
+# 
+# Translators:
+# Michal Petříček <michal@petricek.org>, 2019
+# Ondřej Suk <ondra.suk.55@gmail.com>, 2020
+# Radim Kabeláč <radim.ekk@gmail.com>, 2020
+# 
+msgid ""
+msgstr ""
+"Project-Id-Version: \n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
+"PO-Revision-Date: 2019-05-01 17:42+0000\n"
+"Last-Translator: Radim Kabeláč <radim.ekk@gmail.com>, 2020\n"
+"Language-Team: Czech (https://www.transifex.com/grocy/teams/93189/cs/)\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Language: cs\n"
+"Plural-Forms: nplurals=4; plural=(n == 1 && n % 1 == 0) ? 0 : (n >= 2 && n <= 4 && n % 1 == 0) ? 1: (n % 1 != 0 ) ? 2 : 3;\n"
+"X-Domain: grocy/demo_data\n"
+
+msgid "Cookies"
+msgstr "Sušenky"
+
+msgid "Chocolate"
+msgstr "Čokoláda"
+
+msgid "Pantry"
+msgstr "Spíž"
+
+msgid "Candy cupboard"
+msgstr "Skříňka s cukrovím"
+
+msgid "Tinned food cupboard"
+msgstr "Skříňka s konzervami"
+
+msgid "Fridge"
+msgstr "Lednička"
+
+msgid "Piece"
+msgid_plural "Pieces"
+msgstr[0] "Kus"
+msgstr[1] "Kusů"
+msgstr[2] "Kusů"
+msgstr[3] "Kusů"
+
+msgid "Pack"
+msgid_plural "Packs"
+msgstr[0] "Balení"
+msgstr[1] "Balení"
+msgstr[2] "Balení"
+msgstr[3] "Balení"
+
+msgid "Glass"
+msgid_plural "Glasses"
+msgstr[0] "Sklenice"
+msgstr[1] "Sklenic"
+msgstr[2] "Sklenic"
+msgstr[3] "Sklenic"
+
+msgid "Tin"
+msgid_plural "Tins"
+msgstr[0] "Plechovka"
+msgstr[1] "Plechovek"
+msgstr[2] "Plechovek"
+msgstr[3] "Plechovek"
+
+msgid "Can"
+msgid_plural "Cans"
+msgstr[0] "Konzerva"
+msgstr[1] "Konzerv"
+msgstr[2] "Konzerv"
+msgstr[3] "Konzerv"
+
+msgid "Bunch"
+msgid_plural "Bunches"
+msgstr[0] "Svazek"
+msgstr[1] "Svazky"
+msgstr[2] "Svazků"
+msgstr[3] "Svazků"
+
+msgid "Gummy bears"
+msgstr "Gumoví medvídci"
+
+msgid "Crisps"
+msgstr "Brambůrky"
+
+msgid "Eggs"
+msgstr "Vajíčka"
+
+msgid "Noodles"
+msgstr "Nudle"
+
+msgid "Pickles"
+msgstr "Kyselé okurky"
+
+msgid "Gulash soup"
+msgstr "Gulášová polévka"
+
+msgid "Yogurt"
+msgstr "Jogurt"
+
+msgid "Cheese"
+msgstr "Sýr"
+
+msgid "Cold cuts"
+msgstr "Uzeniny"
+
+msgid "Paprika"
+msgstr "Paprika"
+
+msgid "Cucumber"
+msgstr "Okurka"
+
+msgid "Radish"
+msgstr "Ředkev"
+
+msgid "Tomato"
+msgstr "Rajče"
+
+msgid "Changed towels in the bathroom"
+msgstr "Vyměněny ručníky v koupeně"
+
+msgid "Cleaned the kitchen floor"
+msgstr "Vytřena podlaha v kuchyni"
+
+msgid "Warranty ends"
+msgstr "Záruka končí"
+
+msgid "TV remote control"
+msgstr "Dálkový ovladač k TV"
+
+msgid "Alarm clock"
+msgstr "Budík"
+
+msgid "Heat remote control"
+msgstr "Dálkové ovládání k topení"
+
+msgid "Lawn mowed in the garden"
+msgstr "Posekán trávník na zahradě"
+
+msgid "Some good snacks"
+msgstr "Nějaké dobroty"
+
+msgid "Pizza dough"
+msgstr "Těsto na pizzu"
+
+msgid "Sieved tomatoes"
+msgstr "Drcená rajčata"
+
+msgid "Salami"
+msgstr "Salám"
+
+msgid "Toast"
+msgstr "Toust"
+
+msgid "Minced meat"
+msgstr "Mleté maso"
+
+msgid "Pizza"
+msgstr "Pizza"
+
+msgid "Spaghetti bolognese"
+msgstr "Boloňské špagety"
+
+msgid "Sandwiches"
+msgstr "Sendviče"
+
+msgid "English"
+msgstr "Angličtina"
+
+msgid "German"
+msgstr "Němčina"
+
+msgid "Italian"
+msgstr "Italština"
+
+msgid "This is the note content of the recipe ingredient"
+msgstr "Toto je poznámka u suroviny receptu"
+
+msgid "Demo User"
+msgstr "Demo uživatel"
+
+msgid "Gram"
+msgid_plural "Grams"
+msgstr[0] "Gram"
+msgstr[1] "Gramů"
+msgstr[2] "Gramů"
+msgstr[3] "Gramů"
+
+msgid "Flour"
+msgstr "Mouka"
+
+msgid "Pancakes"
+msgstr "Palačinky"
+
+msgid "Sugar"
+msgstr "Cukr"
+
+msgid "Home"
+msgstr "Domov"
+
+msgid "Life"
+msgstr "Život"
+
+msgid "Projects"
+msgstr "Projekty"
+
+msgid "Repair the garage door"
+msgstr "Opravit garážová vrata"
+
+msgid "Fork and improve grocy"
+msgstr "Forknout a vylepšit grocy"
+
+msgid "Find a solution for what to do when I forget the door keys"
+msgstr "Najít řešení situace, když si zapomenu klíče od domova"
+
+msgid "Sweets"
+msgstr "Sladkosti"
+
+msgid "Bakery products"
+msgstr "Pečivo"
+
+msgid "Tinned food"
+msgstr "Konzervované potraviny"
+
+msgid "Butchery products"
+msgstr "Maso a uzeniny"
+
+msgid "Vegetables/Fruits"
+msgstr "Ovoce a zelenina"
+
+msgid "Refrigerated products"
+msgstr "Chlazené potraviny"
+
+msgid "Coffee machine"
+msgstr "Kávovar"
+
+msgid "Dishwasher"
+msgstr "Myčka nádobí"
+
+msgid "Liter"
+msgstr "Litr"
+
+msgid "Liters"
+msgstr "Litry"
+
+msgid "Bottle"
+msgstr "Láhev"
+
+msgid "Bottles"
+msgstr "Láhve"
+
+msgid "Milk"
+msgstr "Mléko"
+
+msgid "Chocolate sauce"
+msgstr "Čokoládová poleva"
+
+msgid "Milliliters"
+msgstr "Mililitry"
+
+msgid "Milliliter"
+msgstr "Mililitr"
+
+msgid "Bottom"
+msgstr "Dno"
+
+msgid "Topping"
+msgstr "Poleva"
+
+msgid "French"
+msgstr "Francouzština"
+
+msgid "Turkish"
+msgstr "Turečtina"
+
+msgid "Spanish"
+msgstr "Španělština"
+
+msgid "Russian"
+msgstr "Ruština"
+
+msgid "The thing which happens on the 5th of every month"
+msgstr "Událost opakující se 5. den každý měsíc"
+
+msgid "The thing which happens daily"
+msgstr "Událost opakující se každý den"
+
+msgid "The thing which happens on Mondays and Wednesdays"
+msgstr "Událost opakující se každé pondělí a středu"
+
+msgid "Swedish"
+msgstr "Švédština"
+
+msgid "Polish"
+msgstr "Polština"
+
+msgid "Milk Chocolate"
+msgstr "Mléčná čokoláda"
+
+msgid "Dark Chocolate"
+msgstr "Hořká čokoláda"
+
+msgid "Slice"
+msgid_plural "Slices"
+msgstr[0] "Plátek"
+msgstr[1] "Plátky"
+msgstr[2] "Plátky"
+msgstr[3] "Plátky"
+
+msgid "Example userentity"
+msgstr "Příklad uživatelské entity"
+
+msgid "This is an example user entity..."
+msgstr "Toto je ukázková položka uživatelské entity"
+
+msgid "Custom field"
+msgstr "Vlastní pole"
+
+msgid "Example field value..."
+msgstr "Příklad hodnoty pole..."
+
+msgid "Waffle rolls"
+msgstr "Oplatky"
+
+msgid "Danish"
+msgstr "Dánština"
+
+msgid "Dutch"
+msgstr "Holandština"
+
+msgid "Norwegian"
+msgstr "Norština"
+
+msgid "Demo"
+msgstr "Demo"
+
+msgid "Stable version"
+msgstr "Stabilní verze"
+
+msgid "Preview version"
+msgstr "Preview verze"
+
+msgid "current release"
+msgstr "aktuální vydání"
+
+msgid "not yet released"
+msgstr "zatím nevydáno"
+
+msgid "Portuguese (Brazil)"
+msgstr "Portugalština (Brazílie)"
+
+msgid "This is a note"
+msgstr "Toto je poznámka"
+
+msgid "Freezer"
+msgstr "Mrazák"
+
+msgid "Hungarian"
+msgstr "Maďarština"
+
+msgid "Slovak"
+msgstr "Slovenština"
+
+msgid "Czech"
+msgstr "Čeština"
+
+msgid "Portuguese (Portugal)"
+msgstr "Portugalština (Portugalsko)"
+
+# Use a in your country well known supermarket name
+msgid "DemoSupermarket1"
+msgstr "UkazkovyObchod1"
+
+# Use a in your country well known supermarket name
+msgid "DemoSupermarket2"
+msgstr "UkazkovyObchod2"
+
+msgid "Japanese"
+msgstr "Japonština"
+
+msgid "Chinese (Taiwan)"
+msgstr "Čínština (Tchaj-wan)"
+
+msgid "Greek"
+msgstr "Řečtina"
+
+msgid "Korean"
+msgstr "Korejština"
+
+msgid "Chinese (China)"
+msgstr ""
+
+msgid "Hebrew (Israel)"
+msgstr ""
+
+msgid "Tamil"
+msgstr ""
+
+msgid "Finnish"
+msgstr ""

localization/cs/locales.po

@@ -0,0 +1,122 @@
+# 
+# Translators:
+# Radim Kabeláč <radim.ekk@gmail.com>, 2020
+# 
+msgid ""
+msgstr ""
+"Project-Id-Version: \n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
+"PO-Revision-Date: 2020-08-31 19:11+0000\n"
+"Last-Translator: Radim Kabeláč <radim.ekk@gmail.com>, 2020\n"
+"Language-Team: Czech (https://www.transifex.com/grocy/teams/93189/cs/)\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Language: cs\n"
+"Plural-Forms: nplurals=4; plural=(n == 1 && n % 1 == 0) ? 0 : (n >= 2 && n <= 4 && n % 1 == 0) ? 1: (n % 1 != 0 ) ? 2 : 3;\n"
+"X-Domain: grocy/locales\n"
+
+# Czech
+msgid "cs"
+msgstr "Čeština"
+
+# Danish
+msgid "da"
+msgstr "Dánština"
+
+# German
+msgid "de"
+msgstr "Němčina"
+
+# Greek
+msgid "el_GR"
+msgstr "Řečtina"
+
+# English
+msgid "en"
+msgstr "Angličtina"
+
+# English (Great Britain)
+msgid "en_GB"
+msgstr "Angličtina (Britská)"
+
+# Spanish
+msgid "es"
+msgstr "Španělština"
+
+# French
+msgid "fr"
+msgstr "Francouzština"
+
+# Hungarian
+msgid "hu"
+msgstr "Maďarština"
+
+# Italian
+msgid "it"
+msgstr "Italština"
+
+# Japanese
+msgid "ja"
+msgstr "Japonština"
+
+# Korean
+msgid "ko_KR"
+msgstr "Korejština"
+
+# Dutch
+msgid "nl"
+msgstr "Nizozemština"
+
+# Norwegian
+msgid "no"
+msgstr "Norština"
+
+# Polish
+msgid "pl"
+msgstr "Polština"
+
+# Portuguese (Brazil)
+msgid "pt_BR"
+msgstr "Portugalština (Brazílie)"
+
+# Portuguese (Portugal)
+msgid "pt_PT"
+msgstr "Portugalština (Portugalsko)"
+
+# Russian
+msgid "ru"
+msgstr "Ruština"
+
+# Slovak
+msgid "sk_SK"
+msgstr "Slovenština"
+
+# Swedish
+msgid "sv_SE"
+msgstr "Švédština"
+
+# Turkish
+msgid "tr"
+msgstr "Turečtina"
+
+# Chinese (Taiwan)
+msgid "zh_TW"
+msgstr "Čínština (Tradiční)"
+
+# Chinese (China)
+msgid "zh_CN"
+msgstr ""
+
+# Hebrew (Israel)
+msgid "he_IL"
+msgstr ""
+
+# Tamil
+msgid "ta"
+msgstr ""
+
+# Finnish
+msgid "fi"
+msgstr ""

localization/cs/permissions.po

@@ -0,0 +1,138 @@
+# 
+# Translators:
+# Radim Kabeláč <radim.ekk@gmail.com>, 2020
+# 
+msgid ""
+msgstr ""
+"Project-Id-Version: \n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
+"PO-Revision-Date: 2020-08-29 16:33+0000\n"
+"Last-Translator: Radim Kabeláč <radim.ekk@gmail.com>, 2020\n"
+"Language-Team: Czech (https://www.transifex.com/grocy/teams/93189/cs/)\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Language: cs\n"
+"Plural-Forms: nplurals=4; plural=(n == 1 && n % 1 == 0) ? 0 : (n >= 2 && n <= 4 && n % 1 == 0) ? 1: (n % 1 != 0 ) ? 2 : 3;\n"
+"X-Domain: grocy/permissions\n"
+
+# All permissions
+msgid "ADMIN"
+msgstr "ADMINISTRATOR"
+
+# Create users
+msgid "USERS_CREATE"
+msgstr "UZIVATELE_VYTVORIT"
+
+# Edit users (including passwords)
+msgid "USERS_EDIT"
+msgstr "UZIVATELE_EDITACE"
+
+# Show users
+msgid "USERS_READ"
+msgstr "UZIVATEL_CTENI"
+
+# Edit own user data / change own password
+msgid "USERS_EDIT_SELF"
+msgstr "UZIVATELE_EDITOVAT_SEBE"
+
+# Undo charge cycle
+msgid "BATTERIES_UNDO_CHARGE_CYCLE"
+msgstr "BATERIE_VRACENI_NABIJECI_CYKLUS"
+
+# Track charge cycle
+msgid "BATTERIES_TRACK_CHARGE_CYCLE"
+msgstr ""
+
+# Track execution
+msgid "CHORE_TRACK_EXECUTION"
+msgstr ""
+
+# Undo execution
+msgid "CHORE_UNDO_EXECUTION"
+msgstr "POVINNOST_VYKONANI_VRACENI"
+
+# Edit master data
+msgid "MASTER_DATA_EDIT"
+msgstr "ZAKLADNI_DATA_EDIT"
+
+# Undo execution
+msgid "TASKS_UNDO_EXECUTION"
+msgstr "UKOL_VYKONANI_VRACENI"
+
+# Mark completed
+msgid "TASKS_MARK_COMPLETED"
+msgstr "UKOLY_OZNACIT_HOTOVO"
+
+# Edit stock entries
+msgid "STOCK_EDIT"
+msgstr "ZASOBY_EDITACE"
+
+# Transfer
+msgid "STOCK_TRANSFER"
+msgstr "PREVOD_ZASOB"
+
+# Inventory
+msgid "STOCK_INVENTORY"
+msgstr "ZASOBA_INVENTAR"
+
+# Consume
+msgid "STOCK_CONSUME"
+msgstr "ZASOBY_SPOTREBOVAT"
+
+# Open products
+msgid "STOCK_OPEN"
+msgstr "ZASOBY_OTEVRIT"
+
+# Purchase
+msgid "STOCK_PURCHASE"
+msgstr "ZASOBA_NAKUP"
+
+# Add items
+msgid "SHOPPINGLIST_ITEMS_ADD"
+msgstr "NAKUPNISEZNAM_POLOZKA_PRIDANO"
+
+# Remove items
+msgid "SHOPPINGLIST_ITEMS_DELETE"
+msgstr "NAKUPNISEZNAM_POLOZKA_SMAZANO"
+
+# User management
+msgid "USERS"
+msgstr "UZIVATEL"
+
+# Stock
+msgid "STOCK"
+msgstr "ZASOBA"
+
+# Shopping list
+msgid "SHOPPINGLIST"
+msgstr "NAKUPNISEZNAM"
+
+# Chores
+msgid "CHORES"
+msgstr "POVINOSTI"
+
+# Batteries
+msgid "BATTERIES"
+msgstr "BATERIE"
+
+# Tasks
+msgid "TASKS"
+msgstr "UKOL"
+
+# Recipes
+msgid "RECIPES"
+msgstr "RECEPTY"
+
+# Equipment
+msgid "EQUIPMENT"
+msgstr "VYBAVENI"
+
+# Calendar
+msgid "CALENDAR"
+msgstr "KALENDAR"
+
+# Meal plan
+msgid "RECIPES_MEALPLAN"
+msgstr "RECEPTY_STRAVOVACIPLANY"

localization/cs/stock_transaction_types.po

@@ -0,0 +1,48 @@
+# 
+# Translators:
+# Tomas Reznicek <tomas.reznicek@gmail.com>, 2019
+# Michal Franc, 2020
+# Ondřej Suk <ondra.suk.55@gmail.com>, 2020
+# Radim Kabeláč <radim.ekk@gmail.com>, 2020
+# 
+msgid ""
+msgstr ""
+"Project-Id-Version: \n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
+"PO-Revision-Date: 2019-05-01 17:42+0000\n"
+"Last-Translator: Radim Kabeláč <radim.ekk@gmail.com>, 2020\n"
+"Language-Team: Czech (https://www.transifex.com/grocy/teams/93189/cs/)\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Language: cs\n"
+"Plural-Forms: nplurals=4; plural=(n == 1 && n % 1 == 0) ? 0 : (n >= 2 && n <= 4 && n % 1 == 0) ? 1: (n % 1 != 0 ) ? 2 : 3;\n"
+"X-Domain: grocy/stock_transaction_types\n"
+
+msgid "purchase"
+msgstr "Nákup"
+
+msgid "transfer_from"
+msgstr "Převod z"
+
+msgid "transfer_to"
+msgstr "Převod do"
+
+msgid "consume"
+msgstr "Spotřeba"
+
+msgid "inventory-correction"
+msgstr "Úprava zásoby"
+
+msgid "product-opened"
+msgstr "Otevření balení"
+
+msgid "stock-edit-old"
+msgstr "zasoba-editace-stary"
+
+msgid "stock-edit-new"
+msgstr "zasoba-editace-novy"
+
+msgid "self-production"
+msgstr "vlastni-produkce"

localization/cs/userfield_types.po

@@ -0,0 +1,72 @@
+# 
+# Translators:
+# Tomas Reznicek <tomas.reznicek@gmail.com>, 2019
+# Michal Franc, 2020
+# Radim Kabeláč <radim.ekk@gmail.com>, 2020
+# 
+msgid ""
+msgstr ""
+"Project-Id-Version: \n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
+"PO-Revision-Date: 2019-05-01 17:43+0000\n"
+"Last-Translator: Radim Kabeláč <radim.ekk@gmail.com>, 2020\n"
+"Language-Team: Czech (https://www.transifex.com/grocy/teams/93189/cs/)\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Language: cs\n"
+"Plural-Forms: nplurals=4; plural=(n == 1 && n % 1 == 0) ? 0 : (n >= 2 && n <= 4 && n % 1 == 0) ? 1: (n % 1 != 0 ) ? 2 : 3;\n"
+"X-Domain: grocy/userfield_types\n"
+
+# Text (single line)
+msgid "text-single-line"
+msgstr "Text (jeden řádek)"
+
+# Text (multi line)
+msgid "text-multi-line"
+msgstr "Text (více řádků)"
+
+# Number (integral)
+msgid "number-integral"
+msgstr "Celé číslo"
+
+# Number (decimal)
+msgid "number-decimal"
+msgstr "Číslo s desetinami"
+
+# Date (without time)
+msgid "date"
+msgstr "Datum"
+
+# Date & time
+msgid "datetime"
+msgstr "Datum a čas"
+
+# Checkbox
+msgid "checkbox"
+msgstr "Zaškrtávací políčko"
+
+# Select list (a single item can be selected)
+msgid "preset-list"
+msgstr "Seznam"
+
+# Select list (multiple items can be selected)
+msgid "preset-checklist"
+msgstr "Zaškrtávací seznam"
+
+# Link
+msgid "link"
+msgstr "Odkaz"
+
+# Link (with title)
+msgid "link-with-title"
+msgstr ""
+
+# File
+msgid "file"
+msgstr "soubor"
+
+# Image
+msgid "image"
+msgstr "obrazek"

localization/da/chore_period_types.po

@@ -1,5 +1,7 @@
 # Translators:
 # Troels Siggaard <troels@siggaard.com>, 2019
+# Rasmus Bojsen <rasmus@bojsen.cn>, 2019
+# Brian Moos Lindberg <brian@blueeel.dk>, 2019
 # 
 msgid ""
 msgstr ""
@@ -7,7 +9,7 @@ msgstr ""
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
 "PO-Revision-Date: 2019-05-01 17:42+0000\n"
-"Last-Translator: Troels Siggaard <troels@siggaard.com>, 2019\n"
+"Last-Translator: Brian Moos Lindberg <brian@blueeel.dk>, 2019\n"
 "Language-Team: Danish (https://www.transifex.com/grocy/teams/93189/da/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -20,7 +22,7 @@ msgid "manually"
 msgstr "manuelt"
 
 msgid "dynamic-regular"
-msgstr "gentagende-dynamisk"
+msgstr "dynamisk-regelmæssig"
 
 msgid "daily"
 msgstr "daglig"
@@ -30,3 +32,6 @@ msgstr "ugentlig"
 
 msgid "monthly"
 msgstr "månedlig"
+
+msgid "yearly"
+msgstr "årlig"

localization/da/demo_data.po

@@ -1,6 +1,10 @@
+# 
 # Translators:
 # dark159123 <r.j.hansen@protonmail.com>, 2019
 # Troels Siggaard <troels@siggaard.com>, 2019
+# Rasmus Bojsen <rasmus@bojsen.cn>, 2019
+# Brian Moos Lindberg <brian@blueeel.dk>, 2019
+# Mihai Marinescu <mihai@marinescu.dk>, 2020
 # 
 msgid ""
 msgstr ""
@@ -8,7 +12,7 @@ msgstr ""
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
 "PO-Revision-Date: 2019-05-01 17:42+0000\n"
-"Last-Translator: Troels Siggaard <troels@siggaard.com>, 2019\n"
+"Last-Translator: Mihai Marinescu <mihai@marinescu.dk>, 2020\n"
 "Language-Team: Danish (https://www.transifex.com/grocy/teams/93189/da/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -37,8 +41,8 @@ msgstr "Køleskab"
 
 msgid "Piece"
 msgid_plural "Pieces"
-msgstr[0] "Styk"
-msgstr[1] "Stykker"
+msgstr[0] "stk"
+msgstr[1] "stk"
 
 msgid "Pack"
 msgid_plural "Packs"
@@ -81,7 +85,7 @@ msgid "Pickles"
 msgstr "Syltede agurker"
 
 msgid "Gulash soup"
-msgstr "Gulash"
+msgstr "Gullashsuppe"
 
 msgid "Yogurt"
 msgstr "Yoghurt"
@@ -161,14 +165,11 @@ msgstr "Tysk"
 msgid "Italian"
 msgstr "Italiensk"
 
-msgid "Demo in different language"
-msgstr "Demo på et andet sprog"
-
 msgid "This is the note content of the recipe ingredient"
 msgstr "Dette er indholdet af opskrift-ingrediensens notefeltet"
 
 msgid "Demo User"
-msgstr "Demo Bruger"
+msgstr "Demo bruger"
 
 msgid "Gram"
 msgid_plural "Grams"
@@ -218,7 +219,7 @@ msgid "Vegetables/Fruits"
 msgstr "Frugt og grønt"
 
 msgid "Refrigerated products"
-msgstr "Køleskabsprodukter"
+msgstr "Køleskabsvarer"
 
 msgid "Coffee machine"
 msgstr "Kaffemaskine"
@@ -284,27 +285,104 @@ msgid "Polish"
 msgstr "Polsk"
 
 msgid "Milk Chocolate"
-msgstr ""
+msgstr "Mælkechokolade"
 
 msgid "Dark Chocolate"
-msgstr ""
+msgstr "Mørk chokolade"
 
 msgid "Slice"
 msgid_plural "Slices"
-msgstr[0] ""
-msgstr[1] ""
+msgstr[0] "Skive"
+msgstr[1] "Skiver"
 
 msgid "Example userentity"
-msgstr ""
+msgstr "Eksempel-brugerenhed"
 
 msgid "This is an example user entity..."
-msgstr ""
+msgstr "Dette er en eksempel-brugerenhed..."
 
 msgid "Custom field"
-msgstr ""
+msgstr "Brugerdefineret felt"
 
 msgid "Example field value..."
-msgstr ""
+msgstr "Eksempel-feltværdi..."
 
 msgid "Waffle rolls"
+msgstr "Vaffelruller"
+
+msgid "Danish"
+msgstr "Dansk"
+
+msgid "Dutch"
+msgstr "Hollandsk"
+
+msgid "Norwegian"
+msgstr "Norsk"
+
+msgid "Demo"
+msgstr "Demo"
+
+msgid "Stable version"
+msgstr "Stabil version"
+
+msgid "Preview version"
+msgstr "Forhåndsvisningsversion"
+
+msgid "current release"
+msgstr "aktuel udgivelse"
+
+msgid "not yet released"
+msgstr "Ikke frigivet endnu"
+
+msgid "Portuguese (Brazil)"
+msgstr "Portugisisk (Brasilien)"
+
+msgid "This is a note"
+msgstr "Denne er en note"
+
+msgid "Freezer"
+msgstr "Fryser"
+
+msgid "Hungarian"
+msgstr "Ungarsk"
+
+msgid "Slovak"
+msgstr "Slovakisk"
+
+msgid "Czech"
+msgstr "Tjekkisk"
+
+msgid "Portuguese (Portugal)"
+msgstr "Portugisisk (Portugal)"
+
+# Use a in your country well known supermarket name
+msgid "DemoSupermarket1"
+msgstr "Netto"
+
+# Use a in your country well known supermarket name
+msgid "DemoSupermarket2"
+msgstr "Fakta"
+
+msgid "Japanese"
+msgstr "Japansk"
+
+msgid "Chinese (Taiwan)"
+msgstr "Kinesisk (Taiwan)"
+
+msgid "Greek"
+msgstr "Græsk"
+
+msgid "Korean"
+msgstr "Koreansk"
+
+msgid "Chinese (China)"
+msgstr ""
+
+msgid "Hebrew (Israel)"
+msgstr ""
+
+msgid "Tamil"
+msgstr ""
+
+msgid "Finnish"
 msgstr ""

localization/da/stock_transaction_types.po

@@ -1,5 +1,8 @@
+# 
 # Translators:
 # Troels Siggaard <troels@siggaard.com>, 2019
+# Brian Moos Lindberg <brian@blueeel.dk>, 2019
+# Mihai Marinescu <mihai@marinescu.dk>, 2020
 # 
 msgid ""
 msgstr ""
@@ -7,7 +10,7 @@ msgstr ""
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
 "PO-Revision-Date: 2019-05-01 17:42+0000\n"
-"Last-Translator: Troels Siggaard <troels@siggaard.com>, 2019\n"
+"Last-Translator: Mihai Marinescu <mihai@marinescu.dk>, 2020\n"
 "Language-Team: Danish (https://www.transifex.com/grocy/teams/93189/da/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -19,6 +22,12 @@ msgstr ""
 msgid "purchase"
 msgstr "køb"
 
+msgid "transfer_from"
+msgstr "flyt_fra"
+
+msgid "transfer_to"
+msgstr "flyt_til"
+
 msgid "consume"
 msgstr "forbrug"
 
@@ -27,3 +36,12 @@ msgstr "beholdningsrettelse"
 
 msgid "product-opened"
 msgstr "produkt-åbnet"
+
+msgid "stock-edit-old"
+msgstr "lager-redigering-gammel"
+
+msgid "stock-edit-new"
+msgstr "lager-redigering-ny"
+
+msgid "self-production"
+msgstr "selvproduktion"

localization/da/userfield_types.po

@@ -1,10 +1,15 @@
 # 
+# Translators:
+# Brian Moos Lindberg <brian@blueeel.dk>, 2019
+# Mihai Marinescu <mihai@marinescu.dk>, 2020
+# 
 msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
 "PO-Revision-Date: 2019-05-01 17:43+0000\n"
+"Last-Translator: Mihai Marinescu <mihai@marinescu.dk>, 2020\n"
 "Language-Team: Danish (https://www.transifex.com/grocy/teams/93189/da/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -13,23 +18,54 @@ msgstr ""
 "Plural-Forms: nplurals=2; plural=(n != 1);\n"
 "X-Domain: grocy/userfield_types\n"
 
+# Text (single line)
 msgid "text-single-line"
-msgstr ""
+msgstr "tekst-enkelt-linje"
 
+# Text (multi line)
 msgid "text-multi-line"
-msgstr ""
+msgstr "tekst-flere-linjer"
 
+# Number (integral)
 msgid "number-integral"
-msgstr ""
+msgstr "tal-heltal"
 
+# Number (decimal)
 msgid "number-decimal"
-msgstr ""
+msgstr "tal-decimal"
 
+# Date (without time)
 msgid "date"
-msgstr ""
+msgstr "dato"
 
+# Date & time
 msgid "datetime"
+msgstr "datotid"
+
+# Checkbox
+msgid "checkbox"
+msgstr "afkrydsningsfelt"
+
+# Select list (a single item can be selected)
+msgid "preset-list"
+msgstr "forudindstillet-liste"
+
+# Select list (multiple items can be selected)
+msgid "preset-checklist"
+msgstr "forudindstillet-tjekliste"
+
+# Link
+msgid "link"
+msgstr "link"
+
+# Link (with title)
+msgid "link-with-title"
 msgstr ""
 
-msgid "checkbox"
-msgstr ""
+# File
+msgid "file"
+msgstr "fil"
+
+# Image
+msgid "image"
+msgstr "billede"

localization/de/chore_period_types.po

@@ -30,3 +30,6 @@ msgstr "Wöchentlich"
 
 msgid "monthly"
 msgstr "Monatlich"
+
+msgid "yearly"
+msgstr "Jährlich"

localization/de/demo_data.po

@@ -1,5 +1,6 @@
+# 
 # Translators:
-# Bernd Bestel <bernd@berrnd.de>, 2019
+# Bernd Bestel <bernd@berrnd.de>, 2020
 # 
 msgid ""
 msgstr ""
@@ -7,7 +8,7 @@ msgstr ""
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
 "PO-Revision-Date: 2019-05-01 17:42+0000\n"
-"Last-Translator: Bernd Bestel <bernd@berrnd.de>, 2019\n"
+"Last-Translator: Bernd Bestel <bernd@berrnd.de>, 2020\n"
 "Language-Team: German (https://www.transifex.com/grocy/teams/93189/de/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -328,3 +329,56 @@ msgstr "aktuelles Release"
 
 msgid "not yet released"
 msgstr "noch nicht freigegeben"
+
+msgid "Portuguese (Brazil)"
+msgstr "Portugiesisch (Brasilien)"
+
+msgid "This is a note"
+msgstr "Dies ist eine Notiz"
+
+msgid "Freezer"
+msgstr "Gefrierschrank"
+
+msgid "Hungarian"
+msgstr "Ungarisch"
+
+msgid "Slovak"
+msgstr "Slowakisch"
+
+msgid "Czech"
+msgstr "Tschechisch"
+
+msgid "Portuguese (Portugal)"
+msgstr "Portugiesisch (Portugal)"
+
+# Use a in your country well known supermarket name
+msgid "DemoSupermarket1"
+msgstr "Aldi"
+
+# Use a in your country well known supermarket name
+msgid "DemoSupermarket2"
+msgstr "Rewe"
+
+msgid "Japanese"
+msgstr "Japanisch"
+
+msgid "Chinese (Taiwan)"
+msgstr "Chinesisch (Taiwan)"
+
+msgid "Greek"
+msgstr "Griechisch"
+
+msgid "Korean"
+msgstr "Koreanisch"
+
+msgid "Chinese (China)"
+msgstr "Chinesisch (China)"
+
+msgid "Hebrew (Israel)"
+msgstr "Hebräisch (Israel)"
+
+msgid "Tamil"
+msgstr "Tamil"
+
+msgid "Finnish"
+msgstr "Finnisch"

localization/de/locales.po

@@ -0,0 +1,122 @@
+# 
+# Translators:
+# Bernd Bestel <bernd@berrnd.de>, 2020
+# 
+msgid ""
+msgstr ""
+"Project-Id-Version: \n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
+"PO-Revision-Date: 2020-08-31 19:11+0000\n"
+"Last-Translator: Bernd Bestel <bernd@berrnd.de>, 2020\n"
+"Language-Team: German (https://www.transifex.com/grocy/teams/93189/de/)\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Language: de\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Domain: grocy/locales\n"
+
+# Czech
+msgid "cs"
+msgstr "Tschechisch"
+
+# Danish
+msgid "da"
+msgstr "Dänisch"
+
+# German
+msgid "de"
+msgstr "de"
+
+# Greek
+msgid "el_GR"
+msgstr "Griechisch"
+
+# English
+msgid "en"
+msgstr "de"
+
+# English (Great Britain)
+msgid "en_GB"
+msgstr "Englisch (Großbritannien)"
+
+# Spanish
+msgid "es"
+msgstr "Spanisch"
+
+# French
+msgid "fr"
+msgstr "Französisch"
+
+# Hungarian
+msgid "hu"
+msgstr "Ungarisch "
+
+# Italian
+msgid "it"
+msgstr "Italienisch"
+
+# Japanese
+msgid "ja"
+msgstr "Japanisch"
+
+# Korean
+msgid "ko_KR"
+msgstr "Koreanisch"
+
+# Dutch
+msgid "nl"
+msgstr "Niederländisch"
+
+# Norwegian
+msgid "no"
+msgstr "Norwegisch"
+
+# Polish
+msgid "pl"
+msgstr "Polnisch"
+
+# Portuguese (Brazil)
+msgid "pt_BR"
+msgstr "Portugiesisch (Brasilien)"
+
+# Portuguese (Portugal)
+msgid "pt_PT"
+msgstr "Portugiesisch (Portugal)"
+
+# Russian
+msgid "ru"
+msgstr "Russisch"
+
+# Slovak
+msgid "sk_SK"
+msgstr "Slowakisch"
+
+# Swedish
+msgid "sv_SE"
+msgstr "Schwedisch"
+
+# Turkish
+msgid "tr"
+msgstr "Türkisch"
+
+# Chinese (Taiwan)
+msgid "zh_TW"
+msgstr "Chinesisch (Taiwan)"
+
+# Chinese (China)
+msgid "zh_CN"
+msgstr "Chinesisch (China)"
+
+# Hebrew (Israel)
+msgid "he_IL"
+msgstr "Hebräisch (Israel)"
+
+# Tamil
+msgid "ta"
+msgstr "Tamil"
+
+# Finnish
+msgid "fi"
+msgstr "Finnisch"

localization/de/permissions.po

@@ -0,0 +1,138 @@
+# 
+# Translators:
+# Bernd Bestel <bernd@berrnd.de>, 2020
+# 
+msgid ""
+msgstr ""
+"Project-Id-Version: \n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
+"PO-Revision-Date: 2020-08-29 16:33+0000\n"
+"Last-Translator: Bernd Bestel <bernd@berrnd.de>, 2020\n"
+"Language-Team: German (https://www.transifex.com/grocy/teams/93189/de/)\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Language: de\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Domain: grocy/permissions\n"
+
+# All permissions
+msgid "ADMIN"
+msgstr "Alle Berechtigungen"
+
+# Create users
+msgid "USERS_CREATE"
+msgstr "Benutzer erstellen"
+
+# Edit users (including passwords)
+msgid "USERS_EDIT"
+msgstr "Benutzer bearbeiten (inklusive Passwörter)"
+
+# Show users
+msgid "USERS_READ"
+msgstr "Benutzer anzeigen"
+
+# Edit own user data / change own password
+msgid "USERS_EDIT_SELF"
+msgstr "Eigene Benutzerdaten bearbeiten / eigenes Passwort ändern"
+
+# Undo charge cycle
+msgid "BATTERIES_UNDO_CHARGE_CYCLE"
+msgstr "Ladezyklus rückgängig machen"
+
+# Track charge cycle
+msgid "BATTERIES_TRACK_CHARGE_CYCLE"
+msgstr "Ladezyklus erfassen"
+
+# Track execution
+msgid "CHORE_TRACK_EXECUTION"
+msgstr "Ausführung erfassen"
+
+# Undo execution
+msgid "CHORE_UNDO_EXECUTION"
+msgstr "Ausführung rückgängig machen"
+
+# Edit master data
+msgid "MASTER_DATA_EDIT"
+msgstr "Stammdaten bearbeiten"
+
+# Undo execution
+msgid "TASKS_UNDO_EXECUTION"
+msgstr "Ausführung rückgängig machen"
+
+# Mark completed
+msgid "TASKS_MARK_COMPLETED"
+msgstr "Als erledigt markieren"
+
+# Edit stock entries
+msgid "STOCK_EDIT"
+msgstr "Bestandseinträge bearbeiten"
+
+# Transfer
+msgid "STOCK_TRANSFER"
+msgstr "Umlagern"
+
+# Inventory
+msgid "STOCK_INVENTORY"
+msgstr "Inventur"
+
+# Consume
+msgid "STOCK_CONSUME"
+msgstr "Verbrauch"
+
+# Open products
+msgid "STOCK_OPEN"
+msgstr "Produkt als geöffnet markieren"
+
+# Purchase
+msgid "STOCK_PURCHASE"
+msgstr "Einkauf"
+
+# Add items
+msgid "SHOPPINGLIST_ITEMS_ADD"
+msgstr "Eintrag hinzufügen"
+
+# Remove items
+msgid "SHOPPINGLIST_ITEMS_DELETE"
+msgstr "Eintrag entfernen"
+
+# User management
+msgid "USERS"
+msgstr "Benutzerverwaltung"
+
+# Stock
+msgid "STOCK"
+msgstr "Bestand"
+
+# Shopping list
+msgid "SHOPPINGLIST"
+msgstr "Einkaufszettel"
+
+# Chores
+msgid "CHORES"
+msgstr "Hausarbeiten"
+
+# Batteries
+msgid "BATTERIES"
+msgstr "Batterien"
+
+# Tasks
+msgid "TASKS"
+msgstr "Aufgaben"
+
+# Recipes
+msgid "RECIPES"
+msgstr "Rezepte"
+
+# Equipment
+msgid "EQUIPMENT"
+msgstr "Ausstattung"
+
+# Calendar
+msgid "CALENDAR"
+msgstr "Kalender"
+
+# Meal plan
+msgid "RECIPES_MEALPLAN"
+msgstr "Speiseplan"

localization/de/stock_transaction_types.po

@@ -1,5 +1,5 @@
 # Translators:
-# Bernd Bestel <bernd@berrnd.de>, 2019
+# Bernd Bestel <bernd@berrnd.de>, 2020
 # 
 msgid ""
 msgstr ""
@@ -7,7 +7,7 @@ msgstr ""
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
 "PO-Revision-Date: 2019-05-01 17:42+0000\n"
-"Last-Translator: Bernd Bestel <bernd@berrnd.de>, 2019\n"
+"Last-Translator: Bernd Bestel <bernd@berrnd.de>, 2020\n"
 "Language-Team: German (https://www.transifex.com/grocy/teams/93189/de/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -19,6 +19,12 @@ msgstr ""
 msgid "purchase"
 msgstr "Einkauf"
 
+msgid "transfer_from"
+msgstr "Umlagerung von"
+
+msgid "transfer_to"
+msgstr "Umlagerung nach"
+
 msgid "consume"
 msgstr "Verbrauch"
 
@@ -27,3 +33,12 @@ msgstr "Inventur-Korrektur"
 
 msgid "product-opened"
 msgstr "Produkt geöffnet"
+
+msgid "stock-edit-old"
+msgstr "Bestandseintrag bearbeitet (alte Werte)"
+
+msgid "stock-edit-new"
+msgstr "Bestandseintrag bearbeitet (neue Werte)"
+
+msgid "self-production"
+msgstr "Eigenproduktion"

localization/de/userfield_types.po

@@ -1,5 +1,6 @@
+# 
 # Translators:
-# Bernd Bestel <bernd@berrnd.de>, 2019
+# Bernd Bestel <bernd@berrnd.de>, 2020
 # 
 msgid ""
 msgstr ""
@@ -7,7 +8,7 @@ msgstr ""
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
 "PO-Revision-Date: 2019-05-01 17:43+0000\n"
-"Last-Translator: Bernd Bestel <bernd@berrnd.de>, 2019\n"
+"Last-Translator: Bernd Bestel <bernd@berrnd.de>, 2020\n"
 "Language-Team: German (https://www.transifex.com/grocy/teams/93189/de/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -16,32 +17,54 @@ msgstr ""
 "Plural-Forms: nplurals=2; plural=(n != 1);\n"
 "X-Domain: grocy/userfield_types\n"
 
+# Text (single line)
 msgid "text-single-line"
 msgstr "Text (einzeilig)"
 
+# Text (multi line)
 msgid "text-multi-line"
 msgstr "Text (mehrzeilig)"
 
+# Number (integral)
 msgid "number-integral"
 msgstr "Zahl (Ganzzahl)"
 
+# Number (decimal)
 msgid "number-decimal"
 msgstr "Zahl (mit Dezimalstellen)"
 
+# Date (without time)
 msgid "date"
 msgstr "Datum (ohne Zeitanteil)"
 
+# Date & time
 msgid "datetime"
 msgstr "Datum & Zeit"
 
+# Checkbox
 msgid "checkbox"
 msgstr "Kontrollkästchen"
 
+# Select list (a single item can be selected)
 msgid "preset-list"
 msgstr "Auswahlliste (feste Werte, einzelner Wert kann ausgewählt werden)"
 
+# Select list (multiple items can be selected)
 msgid "preset-checklist"
 msgstr "Auswahlliste (feste Werte, mehrere Werte können ausgewählt werden)"
 
+# Link
 msgid "link"
 msgstr "Link"
+
+# Link (with title)
+msgid "link-with-title"
+msgstr "Link (mit Titel)"
+
+# File
+msgid "file"
+msgstr "Datei"
+
+# Image
+msgid "image"
+msgstr "Bild"

localization/demo_data.pot

@@ -325,3 +325,55 @@ msgstr ""
 msgid "not yet released"
 msgstr ""
 
+msgid "Portuguese (Brazil)"
+msgstr ""
+
+msgid "This is a note"
+msgstr ""
+
+msgid "Freezer"
+msgstr ""
+
+msgid "Hungarian"
+msgstr ""
+
+msgid "Slovak"
+msgstr ""
+
+msgid "Czech"
+msgstr ""
+
+msgid "Portuguese (Portugal)"
+msgstr ""
+
+# Use a in your country well known supermarket name
+msgid "DemoSupermarket1"
+msgstr ""
+
+# Use a in your country well known supermarket name
+msgid "DemoSupermarket2"
+msgstr ""
+
+msgid "Japanese"
+msgstr ""
+
+msgid "Chinese (Taiwan)"
+msgstr ""
+
+msgid "Greek"
+msgstr ""
+
+msgid "Korean"
+msgstr ""
+
+msgid "Chinese (China)"
+msgstr ""
+
+msgid "Hebrew (Israel)"
+msgstr ""
+
+msgid "Tamil"
+msgstr ""
+
+msgid "Finnish"
+msgstr ""

localization/el_GR/chore_assignment_types.po

@@ -0,0 +1,30 @@
+# 
+# Translators:
+# Dionysios Gkotsis <bloodsak4@yahoo.gr>, 2020
+# 
+msgid ""
+msgstr ""
+"Project-Id-Version: \n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
+"PO-Revision-Date: 2019-09-17 10:45+0000\n"
+"Last-Translator: Dionysios Gkotsis <bloodsak4@yahoo.gr>, 2020\n"
+"Language-Team: Greek (Greece) (https://www.transifex.com/grocy/teams/93189/el_GR/)\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Language: el_GR\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Domain: grocy/chore_assignment_types\n"
+
+msgid "no-assignment"
+msgstr "χωρίς ανάθεση"
+
+msgid "who-least-did-first"
+msgstr "όποιος το έκανε πρώτα"
+
+msgid "random"
+msgstr "τυχαία"
+
+msgid "in-alphabetical-order"
+msgstr "με αλφαβητική σειρά"

localization/el_GR/chore_period_types.po

@@ -0,0 +1,36 @@
+# 
+# Translators:
+# Anastasis Gryponisiotis <plant7@gmail.com>, 2019
+# 
+msgid ""
+msgstr ""
+"Project-Id-Version: \n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
+"PO-Revision-Date: 2019-05-01 17:42+0000\n"
+"Last-Translator: Anastasis Gryponisiotis <plant7@gmail.com>, 2019\n"
+"Language-Team: Greek (Greece) (https://www.transifex.com/grocy/teams/93189/el_GR/)\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Language: el_GR\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Domain: grocy/chore_types\n"
+
+msgid "manually"
+msgstr "χρειροκίνητα"
+
+msgid "dynamic-regular"
+msgstr "δυναμικό-κανονικό"
+
+msgid "daily"
+msgstr "ημερήσιο"
+
+msgid "weekly"
+msgstr "εβδομαδιαίο"
+
+msgid "monthly"
+msgstr "μηνιαίο"
+
+msgid "yearly"
+msgstr "ετήσιο"

localization/el_GR/component_translations.po

@@ -0,0 +1,50 @@
+# 
+# Translators:
+# Bernd Bestel <bernd@berrnd.de>, 2020
+# 
+msgid ""
+msgstr ""
+"Project-Id-Version: \n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
+"PO-Revision-Date: 2019-05-01 17:42+0000\n"
+"Last-Translator: Bernd Bestel <bernd@berrnd.de>, 2020\n"
+"Language-Team: Greek (Greece) (https://www.transifex.com/grocy/teams/93189/el_GR/)\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Language: el_GR\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Domain: grocy/component_translations\n"
+
+msgid "timeago_locale"
+msgstr "el"
+
+msgid "timeago_nan"
+msgstr "NaN χρόνια"
+
+msgid "moment_locale"
+msgstr "el"
+
+msgid "datatables_localization"
+msgstr ""
+"{\"sDecimal\":\",\",\"sEmptyTable\":\"Δεν υπάρχουν δεδομένα στον "
+"πίνακα\",\"sInfo\":\"Εμφανίζονται _START_ έως _END_ από _TOTAL_ "
+"εγγραφές\",\"sInfoEmpty\":\"Εμφανίζονται 0 έως 0 από 0 "
+"εγγραφές\",\"sInfoFiltered\":\"(φιλτραρισμένες από _MAX_ συνολικά "
+"εγγραφές)\",\"sInfoPostFix\":\"\",\"sInfoThousands\":\".\",\"sLengthMenu\":\"Δείξε"
+" _MENU_ "
+"εγγραφές\",\"sLoadingRecords\":\"Φόρτωση...\",\"sProcessing\":\"Επεξεργασία...\",\"sSearch\":\"Αναζήτηση:\",\"sSearchPlaceholder\":\"Αναζήτηση\",\"sThousands\":\".\",\"sUrl\":\"\",\"sZeroRecords\":\"Δεν"
+" βρέθηκαν εγγραφές που να "
+"ταιριάζουν\",\"oPaginate\":{\"sFirst\":\"Πρώτη\",\"sPrevious\":\"Προηγούμενη\",\"sNext\":\"Επόμενη\",\"sLast\":\"Τελευταία\"},\"oAria\":{\"sSortAscending\":\":"
+" ενεργοποιήστε για αύξουσα ταξινόμηση της στήλης\",\"sSortDescending\":\": "
+"ενεργοποιήστε για φθίνουσα ταξινόμηση της στήλης\"}}"
+
+msgid "summernote_locale"
+msgstr "el-GR"
+
+msgid "fullcalendar_locale"
+msgstr "el"
+
+msgid "bootstrap-select_locale"
+msgstr "en_US"

localization/el_GR/demo_data.po

@@ -0,0 +1,386 @@
+# 
+# Translators:
+# datablitz7 <plant7@gmail.com>, 2019
+# ByteGet, 2020
+# 
+msgid ""
+msgstr ""
+"Project-Id-Version: \n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
+"PO-Revision-Date: 2019-05-01 17:42+0000\n"
+"Last-Translator: ByteGet, 2020\n"
+"Language-Team: Greek (Greece) (https://www.transifex.com/grocy/teams/93189/el_GR/)\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Language: el_GR\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Domain: grocy/demo_data\n"
+
+msgid "Cookies"
+msgstr "Μπισκότα"
+
+msgid "Chocolate"
+msgstr "Σοκολάτα"
+
+msgid "Pantry"
+msgstr "Τροφοθήκη"
+
+msgid "Candy cupboard"
+msgstr "Ντουλάπι γλυκών"
+
+msgid "Tinned food cupboard"
+msgstr "Ντουλάπι κονσερβών"
+
+msgid "Fridge"
+msgstr "Ψυγείο"
+
+msgid "Piece"
+msgid_plural "Pieces"
+msgstr[0] "Τεμάχιο"
+msgstr[1] "Τεμάχια"
+
+msgid "Pack"
+msgid_plural "Packs"
+msgstr[0] "Πακέτο"
+msgstr[1] "Πακέτα"
+
+msgid "Glass"
+msgid_plural "Glasses"
+msgstr[0] "Ποτήρι"
+msgstr[1] "Ποτήρια"
+
+msgid "Tin"
+msgid_plural "Tins"
+msgstr[0] "Κουτάκι"
+msgstr[1] "Κουτάκια"
+
+msgid "Can"
+msgid_plural "Cans"
+msgstr[0] "Κουτάκι"
+msgstr[1] "Κουτάκια"
+
+msgid "Bunch"
+msgid_plural "Bunches"
+msgstr[0] "Ματσάκι"
+msgstr[1] "Ματσάκια"
+
+msgid "Gummy bears"
+msgstr "Gummy bears"
+
+msgid "Crisps"
+msgstr "Πατατάκια"
+
+msgid "Eggs"
+msgstr "Αυγά"
+
+msgid "Noodles"
+msgstr "Νούντλς"
+
+msgid "Pickles"
+msgstr "Πίκλες"
+
+msgid "Gulash soup"
+msgstr "Σούπα Γκούλας"
+
+msgid "Yogurt"
+msgstr "Γιαούρτι"
+
+msgid "Cheese"
+msgstr "Τυρί"
+
+msgid "Cold cuts"
+msgstr "Αλλαντικά"
+
+msgid "Paprika"
+msgstr "Πάπρικα"
+
+msgid "Cucumber"
+msgstr "Αγγούρι"
+
+msgid "Radish"
+msgstr "Ραδίκι"
+
+msgid "Tomato"
+msgstr "Τομάτα"
+
+msgid "Changed towels in the bathroom"
+msgstr "Άλλαγμα πετσετών στο μπάνιο"
+
+msgid "Cleaned the kitchen floor"
+msgstr "Καθάρισμα πατώματος κουζίνας"
+
+msgid "Warranty ends"
+msgstr "Λήξη εγγύησης"
+
+msgid "TV remote control"
+msgstr "Τηλεκοντρόλ τηλεόρασης"
+
+msgid "Alarm clock"
+msgstr "Ξυπνητήρι"
+
+msgid "Heat remote control"
+msgstr "Τηλεκοντρόλ θέρμανσης"
+
+msgid "Lawn mowed in the garden"
+msgstr "Κούρεμα γρασιδιού στον κήπο"
+
+msgid "Some good snacks"
+msgstr "Μερικά καλά σνακ"
+
+msgid "Pizza dough"
+msgstr "Ζυμάρι πίτσας"
+
+msgid "Sieved tomatoes"
+msgstr "Πασάτα"
+
+msgid "Salami"
+msgstr "Σαλάμι"
+
+msgid "Toast"
+msgstr "Τοστ"
+
+msgid "Minced meat"
+msgstr "Κιμάς"
+
+msgid "Pizza"
+msgstr "Πίτσα"
+
+msgid "Spaghetti bolognese"
+msgstr "Μακαρόνια Μπολονέζ"
+
+msgid "Sandwiches"
+msgstr "Σάντουιτς"
+
+msgid "English"
+msgstr "Αγγλικά"
+
+msgid "German"
+msgstr "Γερμανικά"
+
+msgid "Italian"
+msgstr "Ιταλικά"
+
+msgid "This is the note content of the recipe ingredient"
+msgstr "Αυτό είναι το περιεχόμενο της σημείωσης του υλικού της συνταγής"
+
+msgid "Demo User"
+msgstr "Δοκιμαστικός Χρήστης"
+
+msgid "Gram"
+msgid_plural "Grams"
+msgstr[0] "Γραμμάριο"
+msgstr[1] "Γραμμάρια"
+
+msgid "Flour"
+msgstr "Αλεύρι"
+
+msgid "Pancakes"
+msgstr "Τηγανήτες"
+
+msgid "Sugar"
+msgstr "Ζάχαρη"
+
+msgid "Home"
+msgstr "Σπίτι"
+
+msgid "Life"
+msgstr "Ζωή"
+
+msgid "Projects"
+msgstr "Σχέδιο"
+
+msgid "Repair the garage door"
+msgstr "Επισκευάστε την πόρτα του γκαράζ"
+
+msgid "Fork and improve grocy"
+msgstr "Fork και Βελτιώστε το grocy"
+
+msgid "Find a solution for what to do when I forget the door keys"
+msgstr ""
+"Βρείτε μια λύση για το τι πρέπει να κάνω όταν ξεχάσω τα κλειδιά της πόρτας"
+
+msgid "Sweets"
+msgstr "Γλυκά"
+
+msgid "Bakery products"
+msgstr "Προϊόντα αρτοποιίας"
+
+msgid "Tinned food"
+msgstr "Κονσερβοποιημένα τρόφιμα"
+
+msgid "Butchery products"
+msgstr "Προϊόντα κρεοπωλείου"
+
+msgid "Vegetables/Fruits"
+msgstr "Λαχανικά / Φρούτα"
+
+msgid "Refrigerated products"
+msgstr "Προϊόντα Ψυγείου "
+
+msgid "Coffee machine"
+msgstr "Μηχανή καφέ"
+
+msgid "Dishwasher"
+msgstr "Πλυντήριο πιάτων"
+
+msgid "Liter"
+msgstr "Λίτρο"
+
+msgid "Liters"
+msgstr "Λίτρα"
+
+msgid "Bottle"
+msgstr "Μπουκάλι"
+
+msgid "Bottles"
+msgstr "Μπουκάλια"
+
+msgid "Milk"
+msgstr "Γάλα"
+
+msgid "Chocolate sauce"
+msgstr "Σάλτσα σοκολάτας"
+
+msgid "Milliliters"
+msgstr "Χιλιοστόλιτρα"
+
+msgid "Milliliter"
+msgstr "Χιλιοστόλιτρο"
+
+msgid "Bottom"
+msgstr "Κάτω μέρος"
+
+msgid "Topping"
+msgstr "Επικάλυψη"
+
+msgid "French"
+msgstr "Γαλλικά"
+
+msgid "Turkish"
+msgstr "Turkish"
+
+msgid "Spanish"
+msgstr "Ισπανικά"
+
+msgid "Russian"
+msgstr "Ρώσικα"
+
+msgid "The thing which happens on the 5th of every month"
+msgstr "Το πράγμα που συμβαίνει στις 5 κάθε μήνα"
+
+msgid "The thing which happens daily"
+msgstr "Το πράγμα που συμβαίνει καθημερινά"
+
+msgid "The thing which happens on Mondays and Wednesdays"
+msgstr "Αυτό που συμβαίνει Δευτέρα και Τετάρτη"
+
+msgid "Swedish"
+msgstr "Σουηδικά"
+
+msgid "Polish"
+msgstr "Πολωνικά"
+
+msgid "Milk Chocolate"
+msgstr "Σοκολάτα γάλακτος"
+
+msgid "Dark Chocolate"
+msgstr "Μαύρη σοκολάτα"
+
+msgid "Slice"
+msgid_plural "Slices"
+msgstr[0] "Φέτα"
+msgstr[1] "Φέτες"
+
+msgid "Example userentity"
+msgstr "Παράδειγμα χρήστη"
+
+msgid "This is an example user entity..."
+msgstr "Αυτό είναι ένα παράδειγμα οντότητας χρήστη ..."
+
+msgid "Custom field"
+msgstr "Προσαρμοσμένο πεδίο"
+
+msgid "Example field value..."
+msgstr "Παράδειγμα τιμής πεδίου ..."
+
+msgid "Waffle rolls"
+msgstr "Βάφλες"
+
+msgid "Danish"
+msgstr "Δανέζικα"
+
+msgid "Dutch"
+msgstr "Ολλανδικά"
+
+msgid "Norwegian"
+msgstr "Νορβηγικά"
+
+msgid "Demo"
+msgstr "Δοκιμή "
+
+msgid "Stable version"
+msgstr "Σταθερή έκδοση"
+
+msgid "Preview version"
+msgstr "Έκδοση προεπισκόπησης"
+
+msgid "current release"
+msgstr "τρέχουσα κυκλοφορία"
+
+msgid "not yet released"
+msgstr "δεν έχει κυκλοφορήσει ακόμη"
+
+msgid "Portuguese (Brazil)"
+msgstr "Πορτογαλικά (Βραζιλία)"
+
+msgid "This is a note"
+msgstr "Αυτή είναι μια σημείωση"
+
+msgid "Freezer"
+msgstr "Καταψύκτης"
+
+msgid "Hungarian"
+msgstr "Ουγγρικά"
+
+msgid "Slovak"
+msgstr "Σλοβάκος"
+
+msgid "Czech"
+msgstr "Τσέχικα"
+
+msgid "Portuguese (Portugal)"
+msgstr "Πορτογαλικά (Πορτογαλία)"
+
+# Use a in your country well known supermarket name
+msgid "DemoSupermarket1"
+msgstr "Επίδειξη σούπερ μάρκετ1"
+
+# Use a in your country well known supermarket name
+msgid "DemoSupermarket2"
+msgstr "Επίδειξη σούπερ μάρκετ2"
+
+msgid "Japanese"
+msgstr "Ιαπωνικά"
+
+msgid "Chinese (Taiwan)"
+msgstr "Κινέζικα (Ταϊβάν)"
+
+msgid "Greek"
+msgstr "Ελληνικά"
+
+msgid "Korean"
+msgstr "Κορεάτικα"
+
+msgid "Chinese (China)"
+msgstr ""
+
+msgid "Hebrew (Israel)"
+msgstr ""
+
+msgid "Tamil"
+msgstr ""
+
+msgid "Finnish"
+msgstr ""

localization/el_GR/locales.po

@@ -0,0 +1,122 @@
+# 
+# Translators:
+# ByteGet, 2020
+# 
+msgid ""
+msgstr ""
+"Project-Id-Version: \n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
+"PO-Revision-Date: 2020-08-31 19:11+0000\n"
+"Last-Translator: ByteGet, 2020\n"
+"Language-Team: Greek (Greece) (https://www.transifex.com/grocy/teams/93189/el_GR/)\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Language: el_GR\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Domain: grocy/locales\n"
+
+# Czech
+msgid "cs"
+msgstr "cs"
+
+# Danish
+msgid "da"
+msgstr "da"
+
+# German
+msgid "de"
+msgstr "de"
+
+# Greek
+msgid "el_GR"
+msgstr "el_GR"
+
+# English
+msgid "en"
+msgstr "en"
+
+# English (Great Britain)
+msgid "en_GB"
+msgstr "en_GB"
+
+# Spanish
+msgid "es"
+msgstr "es"
+
+# French
+msgid "fr"
+msgstr "fr"
+
+# Hungarian
+msgid "hu"
+msgstr "hu"
+
+# Italian
+msgid "it"
+msgstr "it"
+
+# Japanese
+msgid "ja"
+msgstr "ja"
+
+# Korean
+msgid "ko_KR"
+msgstr "ko_KR"
+
+# Dutch
+msgid "nl"
+msgstr "nl"
+
+# Norwegian
+msgid "no"
+msgstr "no"
+
+# Polish
+msgid "pl"
+msgstr "pl"
+
+# Portuguese (Brazil)
+msgid "pt_BR"
+msgstr "pt_BR"
+
+# Portuguese (Portugal)
+msgid "pt_PT"
+msgstr "pt_PT"
+
+# Russian
+msgid "ru"
+msgstr "ru"
+
+# Slovak
+msgid "sk_SK"
+msgstr "sk_SK"
+
+# Swedish
+msgid "sv_SE"
+msgstr "sv_SE"
+
+# Turkish
+msgid "tr"
+msgstr "tr"
+
+# Chinese (Taiwan)
+msgid "zh_TW"
+msgstr "zh_TW"
+
+# Chinese (China)
+msgid "zh_CN"
+msgstr ""
+
+# Hebrew (Israel)
+msgid "he_IL"
+msgstr ""
+
+# Tamil
+msgid "ta"
+msgstr ""
+
+# Finnish
+msgid "fi"
+msgstr ""

localization/el_GR/permissions.po

@@ -0,0 +1,139 @@
+# 
+# Translators:
+# datablitz7 <plant7@gmail.com>, 2020
+# ByteGet, 2020
+# 
+msgid ""
+msgstr ""
+"Project-Id-Version: \n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
+"PO-Revision-Date: 2020-08-29 16:33+0000\n"
+"Last-Translator: ByteGet, 2020\n"
+"Language-Team: Greek (Greece) (https://www.transifex.com/grocy/teams/93189/el_GR/)\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Language: el_GR\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Domain: grocy/permissions\n"
+
+# All permissions
+msgid "ADMIN"
+msgstr "ΔΙΑΧΕΙΡΙΣΤΗΣ"
+
+# Create users
+msgid "USERS_CREATE"
+msgstr "ΔΗΜΙΟΥΡΓΙΑ_ΧΡΗΣΤΩΝ"
+
+# Edit users (including passwords)
+msgid "USERS_EDIT"
+msgstr "ΕΠΕΞΕΡΓΑΣΙΑ_ΧΡΗΣΤΩΝ"
+
+# Show users
+msgid "USERS_READ"
+msgstr "ΠΡΟΒΟΛΗ_ΧΡΗΣΤΩΝ"
+
+# Edit own user data / change own password
+msgid "USERS_EDIT_SELF"
+msgstr "ΕΠΕΞΕΡΓΑΣΙΑ_ΙΔΙΟΥ_ΧΡΗΣΤΗ"
+
+# Undo charge cycle
+msgid "BATTERIES_UNDO_CHARGE_CYCLE"
+msgstr "ΔΙΑΧΕΙΡΙΣΤΗΣ"
+
+# Track charge cycle
+msgid "BATTERIES_TRACK_CHARGE_CYCLE"
+msgstr "USERS_CREATE"
+
+# Track execution
+msgid "CHORE_TRACK_EXECUTION"
+msgstr "ΧΡΗΣΤΕΣ_EDIT"
+
+# Undo execution
+msgid "CHORE_UNDO_EXECUTION"
+msgstr "USERS_READ"
+
+# Edit master data
+msgid "MASTER_DATA_EDIT"
+msgstr "USERS_EDIT_SELF"
+
+# Undo execution
+msgid "TASKS_UNDO_EXECUTION"
+msgstr "ΜΠΑΤΑΡΙΕΣ_UNDO_CHARGE_CYCLE"
+
+# Mark completed
+msgid "TASKS_MARK_COMPLETED"
+msgstr "ΜΠΑΤΑΡΙΑ_TRACK_CHARGE_CYCLE"
+
+# Edit stock entries
+msgid "STOCK_EDIT"
+msgstr "CHORE_TRACK_EXECUTION"
+
+# Transfer
+msgid "STOCK_TRANSFER"
+msgstr "CHORE_UNDO_EXECUTION"
+
+# Inventory
+msgid "STOCK_INVENTORY"
+msgstr "MASTER_DATA_EDIT"
+
+# Consume
+msgid "STOCK_CONSUME"
+msgstr "ΚΑΘΗΚΟΝΤΑ_UNDO_EXECUTION"
+
+# Open products
+msgid "STOCK_OPEN"
+msgstr "ΚΑΘΗΚΟΝΤΑ_MARK_COMPLETED"
+
+# Purchase
+msgid "STOCK_PURCHASE"
+msgstr "STOCK_EDIT"
+
+# Add items
+msgid "SHOPPINGLIST_ITEMS_ADD"
+msgstr "STOCK_TRANSFER"
+
+# Remove items
+msgid "SHOPPINGLIST_ITEMS_DELETE"
+msgstr "STOCK_INVENTORY"
+
+# User management
+msgid "USERS"
+msgstr "STOCK_CONSUME"
+
+# Stock
+msgid "STOCK"
+msgstr "STOCK_OPEN"
+
+# Shopping list
+msgid "SHOPPINGLIST"
+msgstr "STOCK_PURCHASE"
+
+# Chores
+msgid "CHORES"
+msgstr "ΑΓΟΡΑ ΛΙΣΤΑ_ITEMS_ADD"
+
+# Batteries
+msgid "BATTERIES"
+msgstr "ΑΓΟΡΑ ΛΙΣΤΑ_ITEMS_DELETE"
+
+# Tasks
+msgid "TASKS"
+msgstr "ΧΡΗΣΤΕΣ"
+
+# Recipes
+msgid "RECIPES"
+msgstr "ΣΤΟΚ"
+
+# Equipment
+msgid "EQUIPMENT"
+msgstr "ΛΙΣΤΑ ΜΕ ΤΑ ΨΩΝΙΑ"
+
+# Calendar
+msgid "CALENDAR"
+msgstr "ΜΙΚΡΟΔΟΥΛΕΙΕΣ"
+
+# Meal plan
+msgid "RECIPES_MEALPLAN"
+msgstr "ΜΠΑΤΑΡΙΕΣ"

localization/el_GR/stock_transaction_types.po

@@ -0,0 +1,46 @@
+# 
+# Translators:
+# Dionysios Gkotsis <bloodsak4@yahoo.gr>, 2020
+# ByteGet, 2020
+# 
+msgid ""
+msgstr ""
+"Project-Id-Version: \n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
+"PO-Revision-Date: 2019-05-01 17:42+0000\n"
+"Last-Translator: ByteGet, 2020\n"
+"Language-Team: Greek (Greece) (https://www.transifex.com/grocy/teams/93189/el_GR/)\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Language: el_GR\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Domain: grocy/stock_transaction_types\n"
+
+msgid "purchase"
+msgstr "Αγορά"
+
+msgid "transfer_from"
+msgstr "μεταφορά απο"
+
+msgid "transfer_to"
+msgstr "μεταφορά στο"
+
+msgid "consume"
+msgstr "καταναλώνω"
+
+msgid "inventory-correction"
+msgstr "διόρθωση αποθέματος"
+
+msgid "product-opened"
+msgstr "το προϊόν είναι ανοιχτό"
+
+msgid "stock-edit-old"
+msgstr "απόθεμα-επεξεργασία-παλιά"
+
+msgid "stock-edit-new"
+msgstr "απόθεμα-επεξεργασία-νέο"
+
+msgid "self-production"
+msgstr "αυτοπαραγωγή"

localization/el_GR/userfield_types.po

@@ -0,0 +1,71 @@
+# 
+# Translators:
+# Dionysios Gkotsis <bloodsak4@yahoo.gr>, 2020
+# ByteGet, 2020
+# 
+msgid ""
+msgstr ""
+"Project-Id-Version: \n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
+"PO-Revision-Date: 2019-05-01 17:43+0000\n"
+"Last-Translator: ByteGet, 2020\n"
+"Language-Team: Greek (Greece) (https://www.transifex.com/grocy/teams/93189/el_GR/)\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Language: el_GR\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Domain: grocy/userfield_types\n"
+
+# Text (single line)
+msgid "text-single-line"
+msgstr "κείμενο-μονή γραμμή"
+
+# Text (multi line)
+msgid "text-multi-line"
+msgstr "κείμενο-πολλαπλών γραμμών"
+
+# Number (integral)
+msgid "number-integral"
+msgstr "αριθμός-ακέραιο"
+
+# Number (decimal)
+msgid "number-decimal"
+msgstr "αριθμός-δεκαδικός"
+
+# Date (without time)
+msgid "date"
+msgstr "ημερομηνία"
+
+# Date & time
+msgid "datetime"
+msgstr "ημερομηνία ώρα"
+
+# Checkbox
+msgid "checkbox"
+msgstr "πλαίσιο ελέγχου"
+
+# Select list (a single item can be selected)
+msgid "preset-list"
+msgstr "προκαθορισμένη λίστα"
+
+# Select list (multiple items can be selected)
+msgid "preset-checklist"
+msgstr "προκαθορισμένη λίστα ελέγχου"
+
+# Link
+msgid "link"
+msgstr "σύνδεσμος"
+
+# Link (with title)
+msgid "link-with-title"
+msgstr ""
+
+# File
+msgid "file"
+msgstr ""
+
+# Image
+msgid "image"
+msgstr ""

localization/en/chore_period_types.po

@@ -27,3 +27,6 @@ msgstr "Weekly"
 
 msgid "monthly"
 msgstr "Monthly"
+
+msgid "yearly"
+msgstr "Yearly"

localization/en/demo_data.po

@@ -284,3 +284,9 @@ msgstr "Swedish"
 
 msgid "Polish"
 msgstr "Polish"
+
+msgid "DemoSupermarket1"
+msgstr "Walmart"
+
+msgid "DemoSupermarket2"
+msgstr "Kroger"

localization/en/locales.po

@@ -0,0 +1,91 @@
+msgid ""
+msgstr ""
+"Project-Id-Version: \n"
+"Report-Msgid-Bugs-To: \n"
+"Last-Translator: \n"
+"Language-Team: http://www.transifex.com/grocy/grocy/language/en\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
+"PO-Revision-Date: 2019-05-01T17:59:17+00:00\n"
+"Language: en\n"
+"X-Domain: grocy/locales\n"
+
+msgid "cs"
+msgstr "Czech"
+
+msgid "da"
+msgstr "Danish"
+
+msgid "de"
+msgstr "German"
+
+msgid "el_GR"
+msgstr "Greek"
+
+msgid "en"
+msgstr "English"
+
+msgid "en_GB"
+msgstr "English (Great Britain)"
+
+msgid "es"
+msgstr "Spanish"
+
+msgid "fr"
+msgstr "French"
+
+msgid "hu"
+msgstr "Hungarian"
+
+msgid "it"
+msgstr "Italian"
+
+msgid "ja"
+msgstr "Japanese"
+
+msgid "ko_KR"
+msgstr "Korean"
+
+msgid "nl"
+msgstr "Dutch"
+
+msgid "no"
+msgstr "Norwegian"
+
+msgid "pl"
+msgstr "Polish"
+
+msgid "pt_BR"
+msgstr "Portuguese (Brazil)"
+
+msgid "pt_PT"
+msgstr "Portuguese (Portugal)"
+
+msgid "ru"
+msgstr "Russian"
+
+msgid "sk_SK"
+msgstr "Slovak"
+
+msgid "sv_SE"
+msgstr "Swedish"
+
+msgid "tr"
+msgstr "Turkish"
+
+msgid "zh_TW"
+msgstr "Chinese (Taiwan)"
+
+msgid "zh_CN"
+msgstr "Chinese (China)"
+
+msgid "he_IL"
+msgstr "Hebrew (Israel)"
+
+msgid "ta"
+msgstr "Tamil"
+
+msgid "fi"
+msgstr "Finnish"

localization/en/permissions.po

@@ -0,0 +1,103 @@
+msgid ""
+msgstr ""
+"Project-Id-Version: \n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
+"PO-Revision-Date: 2019-05-01T17:59:17+00:00\n"
+"Last-Translator: \n"
+"Language-Team: http://www.transifex.com/grocy/grocy/language/en\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Language: en\n"
+"X-Domain: grocy/permissions\n"
+
+msgid "ADMIN"
+msgstr "All permissions"
+
+msgid "USERS_CREATE"
+msgstr "Create users"
+
+msgid "USERS_EDIT"
+msgstr "Edit users (including passwords)"
+
+msgid "USERS_READ"
+msgstr "Show users"
+
+msgid "USERS_EDIT_SELF"
+msgstr "Edit own user data / change own password"
+
+msgid "BATTERIES_UNDO_CHARGE_CYCLE"
+msgstr "Undo charge cycle"
+
+msgid "BATTERIES_TRACK_CHARGE_CYCLE"
+msgstr "Track charge cycle"
+
+msgid "CHORE_TRACK_EXECUTION"
+msgstr "Track execution"
+
+msgid "CHORE_UNDO_EXECUTION"
+msgstr "Undo execution"
+
+msgid "MASTER_DATA_EDIT"
+msgstr "Edit master data"
+
+msgid "TASKS_UNDO_EXECUTION"
+msgstr "Undo execution"
+
+msgid "TASKS_MARK_COMPLETED"
+msgstr "Mark completed"
+
+msgid "STOCK_EDIT"
+msgstr "Edit stock entries"
+
+msgid "STOCK_TRANSFER"
+msgstr "Transfer"
+
+msgid "STOCK_INVENTORY"
+msgstr "Inventory"
+
+msgid "STOCK_CONSUME"
+msgstr "Consume"
+
+msgid "STOCK_OPEN"
+msgstr "Open products"
+
+msgid "STOCK_PURCHASE"
+msgstr "Purchase"
+
+msgid "SHOPPINGLIST_ITEMS_ADD"
+msgstr "Add items"
+
+msgid "SHOPPINGLIST_ITEMS_DELETE"
+msgstr "Remove items"
+
+msgid "USERS"
+msgstr "User management"
+
+msgid "STOCK"
+msgstr "Stock"
+
+msgid "SHOPPINGLIST"
+msgstr "Shopping list"
+
+msgid "CHORES"
+msgstr "Chores"
+
+msgid "BATTERIES"
+msgstr "Batteries"
+
+msgid "TASKS"
+msgstr "Tasks"
+
+msgid "RECIPES"
+msgstr "Recipes"
+
+msgid "EQUIPMENT"
+msgstr "Equipment"
+
+msgid "CALENDAR"
+msgstr "Calendar"
+
+msgid "RECIPES_MEALPLAN"
+msgstr "Meal plan"

localization/en/stock_transaction_types.po

@@ -15,6 +15,12 @@ msgstr ""
 msgid "purchase"
 msgstr "Purchase"
 
+msgid "transfer_to"
+msgstr "Transfer To"
+
+msgid "transfer_from"
+msgstr "Transfer From"
+
 msgid "consume"
 msgstr "Consume"
 
@@ -23,3 +29,12 @@ msgstr "Inventory correction"
 
 msgid "product-opened"
 msgstr "Product opened"
+
+msgid "stock-edit-old"
+msgstr "Stock entry edited (old values)"
+
+msgid "stock-edit-new"
+msgstr "Stock entry edited (new values)"
+
+msgid "self-production"
+msgstr "Self-production"

localization/en/strings.po

@@ -66,6 +66,9 @@ msgstr "Products"
 msgid "Locations"
 msgstr "Locations"
 
+msgid "Shopping locations"
+msgstr "Shopping locations"
+
 msgid "Quantity units"
 msgstr "Quantity units"
 
@@ -162,6 +165,9 @@ msgstr "Name"
 msgid "Location"
 msgstr "Location"
 
+msgid "Shopping location"
+msgstr "Shopping location"
+
 msgid "Min. stock amount"
 msgstr "Min. stock amount"
 
@@ -201,6 +207,9 @@ msgstr "Factor purchase to stock quantity unit"
 msgid "Create location"
 msgstr "Create location"
 
+msgid "Create shopping location"
+msgstr "Create shopping location"
+
 msgid "Create quantity unit"
 msgstr "Create quantity unit"
 
@@ -234,6 +243,9 @@ msgstr "Edit product"
 msgid "Edit location"
 msgstr "Edit location"
 
+msgid "Edit shopping location"
+msgstr "Edit shopping location"
+
 msgid "Record data"
 msgstr "Record data"
 
@@ -306,6 +318,9 @@ msgstr "Are you sure to delete product \"%s\"?"
 msgid "Are you sure to delete location \"%s\"?"
 msgstr "Are you sure to delete location \"%s\"?"
 
+msgid "Are you sure to delete shopping location \"%s\"?"
+msgstr "Are you sure to delete shopping location \"%s\"?"
+
 msgid "Manage API keys"
 msgstr "Manage API keys"
 
@@ -1035,6 +1050,9 @@ msgstr "Tare weight handling enabled - please weigh the whole container, the amo
 msgid "You have to select a location"
 msgstr "You have to select a location"
 
+msgid "You have to select a shopping location"
+msgstr "You have to select a shopping location"
+
 msgid "List"
 msgstr "List"
 

localization/en/userfield_types.po

@@ -41,3 +41,12 @@ msgstr "Select list (multiple items can be selected)"
 
 msgid "link"
 msgstr "Link"
+
+msgid "link-with-title"
+msgstr "Link (with title)"
+
+msgid "file"
+msgstr "File"
+
+msgid "image"
+msgstr "Image"

localization/en_GB/chore_assignment_types.po

@@ -1,26 +1,25 @@
-# 
 msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
-"PO-Revision-Date: 2019-09-17 10:45+0000\n"
-"Language-Team: English (United Kingdom) (https://www.transifex.com/grocy/teams/93189/en_GB/)\n"
+"Last-Translator: Translation migration from old PHP array files\n"
+"Language-Team: http://www.transifex.com/grocy/grocy/language/en\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
-"Language: en_GB\n"
-"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"POT-Creation-Date: 2019-05-01T17:59:17+00:00\n"
+"PO-Revision-Date: 2019-05-01T17:59:17+00:00\n"
+"Language: en\n"
 "X-Domain: grocy/chore_assignment_types\n"
 
 msgid "no-assignment"
-msgstr ""
+msgstr "No assignment"
 
 msgid "who-least-did-first"
-msgstr ""
+msgstr "Who least did first"
 
 msgid "random"
-msgstr ""
+msgstr "Random"
 
 msgid "in-alphabetical-order"
-msgstr ""
+msgstr "In alphabetical order"