Auto commit for release 'develop' on 2024-05-16

# Conflicts:
#	app/JsonApi/V3/Accounts/AccountRepository.php
#	app/JsonApi/V3/Accounts/AccountResource.php
#	app/JsonApi/V3/Accounts/Capabilities/AccountQuery.php
#	app/JsonApi/V3/Users/UserSchema.php

.ci/phpcs.sh

@@ -20,23 +20,8 @@
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 #
 
-# Install composer packages
-#composer install --no-scripts --no-ansi
-
 SCRIPT_DIR="$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
 
-# enable test .env file.
-# cp .ci/.env.ci .env
-
-OUTPUT_FORMAT=txt
-EXTRA_PARAMS=""
-
-if [[ $GITHUB_ACTIONS = "true" ]]
-then
-    OUTPUT_FORMAT=txt
-    EXTRA_PARAMS=""
-fi
-
 # clean up php code
 cd $SCRIPT_DIR/php-cs-fixer
 composer update --quiet
@@ -44,8 +29,8 @@ rm -f .php-cs-fixer.cache
 PHP_CS_FIXER_IGNORE_ENV=true
 ./vendor/bin/php-cs-fixer fix \
     --config $SCRIPT_DIR/php-cs-fixer/.php-cs-fixer.php \
-    --format=$OUTPUT_FORMAT \
-    --allow-risky=yes $EXTRA_PARAMS
+    --format=txt \
+    --allow-risky=yes
 
 EXIT_CODE=$?
 

.github/pull_request_template.md

@@ -1,13 +1,13 @@
 <!--
 Thank you for submitting new code to Firefly III, or any of the related projects. Please read the following rules carefully.
 
-- Do not submit solutions for problems that are not already reported in an issue
-- Firefly III can't be your learning experience. If you're new to all of this, please go be new somewhere else
-- Do not open PRs to "discuss" possible solutions or to "get feedback" on your code. I don't have time for that.
+- Please do not submit solutions for problems that are not already reported in an issue.
+- Unfortunately, Firefly III can't be your learning experience. If you're new to all of this, please open an issue first.
+- Please do not open PRs to "discuss" possible solutions or to "get feedback" on your code. I simply don't have time for that.
 - Pull requests for the MAIN branch will be closed.
 - DO NOT include translated strings in your PR.
 
-Perhaps open an issue first, before you open a PR?
+If it feels necessary to open an issue first, please do so, before you open a PR.
 
 See also: https://docs.firefly-iii.org/explanation/support/#contributing-code
 

.github/workflows/close-duplicates.yml

@@ -13,7 +13,7 @@ jobs:
   close_duplicates:
     runs-on: ubuntu-latest
     steps:
-      - uses: github/command@v1.1.0
+      - uses: github/command@v1.1.1
         id: command
         with:
           allowed_contexts: "issue"

.github/workflows/release.yml

@@ -51,7 +51,7 @@ jobs:
           CROWDIN_TOKEN: ${{ secrets.CROWDIN_TOKEN }}
       - name: Cleanup translations
         id: cleanup-transactions
-        uses: JC5/firefly-iii-dev@v38
+        uses: JC5/firefly-iii-dev@main
         with:
           action: 'ff3:crowdin-warning'
           output: ''
@@ -60,7 +60,7 @@ jobs:
           GH_TOKEN: ''
       - name: Cleanup changelog
         id: cleanup-changelog
-        uses: JC5/firefly-iii-dev@v38
+        uses: JC5/firefly-iii-dev@main
         with:
           action: 'ff3:changelog'
           output: ''
@@ -69,7 +69,7 @@ jobs:
           GH_TOKEN: ${{ secrets.CHANGELOG_TOKEN }}
       - name: Extract changelog
         id: extract-changelog
-        uses: JC5/firefly-iii-dev@v38
+        uses: JC5/firefly-iii-dev@main
         with:
           action: 'ff3:extract-changelog'
           output: 'output'
@@ -78,7 +78,7 @@ jobs:
           GH_TOKEN: ""
       - name: Replace version
         id: replace-version
-        uses: JC5/firefly-iii-dev@v38
+        uses: JC5/firefly-iii-dev@main
         with:
           action: 'ff3:version'
           output: ''
@@ -88,7 +88,7 @@ jobs:
           FF_III_VERSION: ${{ github.event_name == 'schedule' && 'develop' || github.event.inputs.version }}
       - name: Generate JSON v1
         id: json-v1
-        uses: JC5/firefly-iii-dev@v38
+        uses: JC5/firefly-iii-dev@main
         with:
           action: 'ff3:json-translations v1'
           output: ''
@@ -97,7 +97,7 @@ jobs:
           GH_TOKEN: ''
       - name: Generate JSON v2
         id: json-v2
-        uses: JC5/firefly-iii-dev@v38
+        uses: JC5/firefly-iii-dev@main
         with:
           action: 'ff3:json-translations v2'
           output: ''
@@ -106,7 +106,7 @@ jobs:
           GH_TOKEN: ''
       - name: Code cleanup
         id: code-cleanup
-        uses: JC5/firefly-iii-dev@v38
+        uses: JC5/firefly-iii-dev@main
         with:
           action: 'ff3:code'
           output: ''
@@ -122,10 +122,14 @@ jobs:
       - name: Run CI
         run: |
           rm -rf vendor composer.lock
-          composer validate --strict
           composer update --no-dev --no-scripts --no-plugins -q
           sudo chown -R runner:docker resources/lang
           .ci/phpcs.sh
+      - name: Import GPG key
+        uses: crazy-max/ghaction-import-gpg@v6
+        with:
+          gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
+          passphrase: ${{ secrets.PASSPHRASE }}
       - name: Release
         run: |
           # do some configuration
@@ -141,7 +145,6 @@ jobs:
           tarName=FireflyIII-$version.tar.gz
 
           # update composer (again)
-          composer validate --strict
           composer update --no-dev --no-scripts --no-plugins
           composer dump-autoload
 
@@ -191,6 +194,10 @@ jobs:
           sha256sum -b $zipName > $zipName.sha256
           sha256sum -b $tarName > $tarName.sha256
 
+          # add signatures:
+          gpg --armor --detach-sign $zipName
+          gpg --armor --detach-sign $tarName
+
           # create a development (nightly) release:
           if [[ "develop" == "$version" ]]; then
             echo 'Develop release.'
@@ -198,7 +205,7 @@ jobs:
             rm output.txt
             echo "Bi-weekly development release of Firefly III with the latest fixes, translations and features. Docker users can find this release under the \`develop\` tag." >> output.txt
             echo "" >> output.txt
-            echo "This release was created on **$(date +'%Y-%m-%d')** and may contain unexpected bugs. Data loss is rare but is not impossible." >> output.txt
+            echo "This release was created on **$(date +'%Y-%m-%d')** and may contain unexpected bugs. Data loss is rare but is not impossible. The releases are signed, and you can verify them using the [Firefly III releases PGP key](https://docs.firefly-iii.org/explanation/more-information/signatures/)." >> output.txt
             echo "" >> output.txt
             echo "* Please read the installation instructions for [Docker](https://docs.firefly-iii.org/how-to/firefly-iii/installation/docker/), [Portainer](https://docs.firefly-iii.org/how-to/firefly-iii/installation/portainer/), [Kubernetes](https://docs.firefly-iii.org/how-to/firefly-iii/installation/kubernetes/) or [self-managed servers](https://docs.firefly-iii.org/how-to/firefly-iii/installation/self-managed/)" >> output.txt
             echo "* Or read the upgrade instructions for [Docker](https://docs.firefly-iii.org/how-to/firefly-iii/upgrade/docker/), [Kubernetes](https://docs.firefly-iii.org/how-to/firefly-iii/upgrade/kubernetes/) or [self-managed servers](https://docs.firefly-iii.org/how-to/firefly-iii/upgrade/self-managed/)" >> output.txt
@@ -221,6 +228,10 @@ jobs:
             gh release upload $releaseName $zipName.sha256
             gh release upload $releaseName $tarName.sha256
 
+            # add signatures to release
+            gh release upload $releaseName $zipName.asc
+            gh release upload $releaseName $tarName.asc
+
             # get current HEAD and add as file to the release
             HEAD=$(git rev-parse HEAD)
             echo $HEAD > HEAD.txt
@@ -234,6 +245,7 @@ jobs:
             echo '' >> output.txt
             echo "* Installation instructions for [Docker](https://docs.firefly-iii.org/how-to/firefly-iii/installation/docker/), [Portainer](https://docs.firefly-iii.org/how-to/firefly-iii/installation/portainer/), [Kubernetes](https://docs.firefly-iii.org/how-to/firefly-iii/installation/kubernetes/) or [self-managed servers](https://docs.firefly-iii.org/how-to/firefly-iii/installation/self-managed/)" >> output.txt
             echo "* Or read the upgrade instructions for [Docker](https://docs.firefly-iii.org/how-to/firefly-iii/upgrade/docker/), [Kubernetes](https://docs.firefly-iii.org/how-to/firefly-iii/upgrade/kubernetes/) or [self-managed servers](https://docs.firefly-iii.org/how-to/firefly-iii/upgrade/self-managed/)" >> output.txt
+            echo "* The releases are signed, and you can verify them using the [Firefly III releases PGP key](https://docs.firefly-iii.org/explanation/more-information/signatures/)."
 
             echo "Create default release."
             git tag -a $releaseName -m "Here be changelog"
@@ -248,6 +260,10 @@ jobs:
             gh release upload $releaseName $zipName.sha256
             gh release upload $releaseName $tarName.sha256
 
+            # add signatures to release
+            gh release upload $releaseName $zipName.asc
+            gh release upload $releaseName $tarName.asc
+
             # get current HEAD and add as file to the release
             HEAD=$(git rev-parse HEAD)
             echo $HEAD > HEAD.txt

THANKS.md

@@ -0,0 +1,193 @@
+# Thank you! :tada: :heart: :tada:
+
+Over time, many people have contributed to Firefly III. Their efforts are not always visible, but always remembered and appreciated.
+Please find below all the people who contributed to the Firefly III code. Their names are mentioned in the year of their first contribution.
+
+## 2024
+- imlonghao
+- Rahman Yusuf
+- Michael Thomas
+- WardenJakx
+- kuilin
+- Stevie Robinson
+- luzpaz
+- Lemuel Roberto Bonifácio
+- maureenferreira
+
+## 2023
+- tieu1991
+- Maxco10
+- zqye
+- Mateus Pereira
+- josephbadow
+- Christian Desktop
+- Edgars
+- Hannah K
+- noxonad
+- Kaijia Feng
+- Marc Ordinas i Llopis
+- Kuba Turek
+- Julien Stébenne
+
+## 2022
+- Johannes Zellner
+- Janne Heß
+- charlesteets
+- Nathan PERIER
+- Jan Willhaus
+- canoine
+- Rick Cuddy
+- James
+- Hugo Meyronneinc
+- naveen
+- neilnaveen
+- naveensrinivasan
+- Federico Micelli
+- George Hahn
+
+## 2021
+- StillLoading
+- Igor Rzegocki
+- Lorenzo Breda
+- Hosh
+- Flightkick
+- alex6480
+- VREEdom
+- Hamza FADIL
+- Kasper Læssø Sørensen
+- Alex
+- Jeroen De Meerleer
+- Ruben van Erk
+- Fabian Zimmermann
+- Mirko Berger
+- KaihatsuOnline
+- MihataBG
+
+## 2020
+- Hannes Körber
+- Julien Cassagne
+- bu4ak
+- Viktor Yakovlev
+- Oliver Kaufmann
+- Arvind Chembarpu
+- GrayStrider
+- psychowood
+- Hosh Sadiq
+- emansih
+- Aniruddha Maru
+- johnny
+- sephrat
+- bpatath
+- Florian Dupret
+- Maxim Kurbatov
+- Lucas Guima
+- Sandro
+- Ruben Verhoef
+- Daniel Idzerda
+- Calum Smith
+- Agraphie
+- Tomer Shvueli
+- Tomer S
+
+## 2019
+- Pascal Jungblut
+- Justyn Shull
+- Timendum
+- Nicolas Lœuillet
+- Dominic Guhl
+- Melroy van den Berg
+- Henning Stein
+- Jan Klepek
+- Jonathan
+- Geoffrey “Frogeye” Preud'homme
+- Michael Fix
+- Juraj Mlich
+- Eddybrando Vásquez
+- hulloanson
+- Will Rouesnel
+- lastlink
+- Mr. Funk
+- Simon Taddiken
+- Joris
+- Bastiaan Nijkamp
+
+## 2018
+- a1ex4
+- Daniel Quah
+- Marco Lourenço
+- Dennis Enderink
+- Luca Bognolo
+- Mike Conway
+- Ben
+- Mathieu Post
+- George Hertz
+- HamuZ HamuZ
+- David Meiseles
+- Erik Gelderblom
+- Luca Vallerini
+- Clemens Wijnekus
+- Jacob Weisz
+- Mateusz Gozdek
+- anmol26s
+- Kevin Hellemun
+- Shashank M Chakravarthy
+- Nico Schreiner
+- Paul Sohier
+- Brenden Conte
+- Ben Yanke
+- Andrew Prokhorenkov
+- devlearner
+- Kelvin
+- J'informatique
+
+## 2017
+- Victor Mosin
+- Justin
+- Hugo van Duijn
+- Lukas Winkler
+- Marcin Szymanski
+- Jens Kat
+- koziolek
+- jleeong
+- Simon Hanna
+- richard & xeli.eu
+- Sergey Besedin
+- Welbert Serra
+- Joris de Vries
+- Patrick Kostjens
+- Enrico Lamperti
+- Christian Musa
+- Enno Lohmeier
+
+## 2016
+- Sander
+- Toon Schoenmakers
+- Telyn
+- Sander Kleykens
+- Tom van der Werf
+- Matthew Peck
+- Sander Mulders
+- Bonno Nachtegaal-Karels
+- Niek Haarman
+- Edwin
+- Thijs Alkemade
+- zjean
+- Graham Miller
+- Robert Horlings
+- leander091
+
+## 2015
+- Antonio Spinelli
+- Colin O'Dell
+- RonaldvanMeer
+- Richard Ebbers
+- Balazs Varkonyi
+- Niek van der Kooy
+- Ilya Kil
+
+## 2014
+- Stewart Malik
+- Graham Campbell
+
+
+Thank you for all your support!

app/Api/V1/Controllers/Models/Transaction/UpdateController.php

@@ -73,7 +73,8 @@ class UpdateController extends Controller
         $data             = $request->getAll();
 
         // Fixes 8750.
-        foreach ($data['transactions'] as $index => $info) {
+        $transactions     = $data['transactions'] ?? [];
+        foreach ($transactions as $index => $info) {
             unset($data['transactions'][$index]['type']);
         }
 

app/Api/V1/Controllers/User/PreferencesController.php

@@ -32,6 +32,7 @@ use FireflyIII\Models\Preference;
 use FireflyIII\Transformers\PreferenceTransformer;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Pagination\LengthAwarePaginator;
+use Illuminate\Support\Collection;
 use League\Fractal\Pagination\IlluminatePaginatorAdapter;
 use League\Fractal\Resource\Collection as FractalCollection;
 use League\Fractal\Resource\Item;
@@ -84,6 +85,10 @@ class PreferencesController extends Controller
     {
         $manager     = $this->getManager();
 
+        if ('currencyPreference' === $preference->name) {
+            throw new FireflyException('Please use api/v1/currencies/default instead.');
+        }
+
         /** @var PreferenceTransformer $transformer */
         $transformer = app(PreferenceTransformer::class);
         $transformer->setParameters($this->parameters);
@@ -93,6 +98,32 @@ class PreferencesController extends Controller
         return response()->json($manager->createData($resource)->toArray())->header('Content-Type', self::CONTENT_TYPE);
     }
 
+    /**
+     * TODO This endpoint is not documented.
+     *
+     * Return a single preference by name.
+     */
+    public function showList(Collection $collection): JsonResponse
+    {
+        $manager     = $this->getManager();
+        $count       = $collection->count();
+        $pageSize    = $this->parameters->get('limit');
+        $preferences = $collection->slice(($this->parameters->get('page') - 1) * $pageSize, $pageSize);
+
+        // make paginator:
+        $paginator   = new LengthAwarePaginator($preferences, $count, $pageSize, $this->parameters->get('page'));
+        $paginator->setPath(route('api.v1.preferences.show-list').$this->buildParams());
+
+        /** @var PreferenceTransformer $transformer */
+        $transformer = app(PreferenceTransformer::class);
+        $transformer->setParameters($this->parameters);
+
+        $resource    = new FractalCollection($preferences, $transformer, self::RESOURCE_KEY);
+        $resource->setPaginator(new IlluminatePaginatorAdapter($paginator));
+
+        return response()->json($manager->createData($resource)->toArray())->header('Content-Type', self::CONTENT_TYPE);
+    }
+
     /**
      * This endpoint is documented at:
      * https://api-docs.firefly-iii.org/?urls.primaryName=2.0.0%20(v1)#/preferences/storePreference
@@ -103,6 +134,11 @@ class PreferencesController extends Controller
     {
         $manager     = $this->getManager();
         $data        = $request->getAll();
+
+        if ('currencyPreference' === $data['name']) {
+            throw new FireflyException('Please use api/v1/currencies/default instead.');
+        }
+
         $pref        = app('preferences')->set($data['name'], $data['data']);
 
         /** @var PreferenceTransformer $transformer */
@@ -122,6 +158,10 @@ class PreferencesController extends Controller
      */
     public function update(PreferenceUpdateRequest $request, Preference $preference): JsonResponse
     {
+        if ('currencyPreference' === $preference->name) {
+            throw new FireflyException('Please use api/v1/currencies/default instead.');
+        }
+
         $manager     = $this->getManager();
         $data        = $request->getAll();
         $pref        = app('preferences')->set($preference->name, $data['data']);

app/Api/V1/Requests/Models/Rule/StoreRequest.php

@@ -71,8 +71,9 @@ class StoreRequest extends FormRequest
         if (is_array($triggers)) {
             foreach ($triggers as $trigger) {
                 $return[] = [
-                    'type'            => $trigger['type'],
-                    'value'           => $trigger['value'],
+                    'type'            => $trigger['type'] ?? '',
+                    'value'           => $trigger['value'] ?? null,
+                    'prohibited'      => $this->convertBoolean((string)($trigger['prohibited'] ?? 'false')),
                     'active'          => $this->convertBoolean((string)($trigger['active'] ?? 'true')),
                     'stop_processing' => $this->convertBoolean((string)($trigger['stop_processing'] ?? 'false')),
                 ];

app/Api/V1/Requests/Models/Rule/UpdateRequest.php

@@ -81,10 +81,12 @@ class UpdateRequest extends FormRequest
         if (is_array($triggers)) {
             foreach ($triggers as $trigger) {
                 $active         = array_key_exists('active', $trigger) ? $trigger['active'] : true;
+                $prohibited     = array_key_exists('prohibited', $trigger) ? $trigger['prohibited'] : false;
                 $stopProcessing = array_key_exists('stop_processing', $trigger) ? $trigger['stop_processing'] : false;
                 $return[]       = [
                     'type'            => $trigger['type'],
                     'value'           => $trigger['value'],
+                    'prohibited'      => $prohibited,
                     'active'          => $active,
                     'stop_processing' => $stopProcessing,
                 ];

app/Api/V2/Controllers/Autocomplete/AccountController.php

@@ -28,10 +28,11 @@ use FireflyIII\Api\V2\Controllers\Controller;
 use FireflyIII\Api\V2\Request\Autocomplete\AutocompleteRequest;
 use FireflyIII\Exceptions\FireflyException;
 use FireflyIII\Models\Account;
+use FireflyIII\Models\AccountBalance;
 use FireflyIII\Models\AccountType;
-use FireflyIII\Repositories\Account\AccountRepositoryInterface;
+use FireflyIII\Models\TransactionCurrency;
 use FireflyIII\Repositories\UserGroups\Account\AccountRepositoryInterface as AdminAccountRepositoryInterface;
-use FireflyIII\Support\Http\Api\AccountFilter;
+use FireflyIII\Support\Http\Api\ExchangeRateConverter;
 use Illuminate\Http\JsonResponse;
 
 /**
@@ -39,11 +40,13 @@ use Illuminate\Http\JsonResponse;
  */
 class AccountController extends Controller
 {
-    use AccountFilter;
-
+    //    use AccountFilter;
     private AdminAccountRepositoryInterface $adminRepository;
-    private array                           $balanceTypes;
-    private AccountRepositoryInterface      $repository;
+    private TransactionCurrency             $default;
+    private ExchangeRateConverter           $converter;
+
+    //    private array                           $balanceTypes;
+    //    private AccountRepositoryInterface      $repository;
 
     /**
      * AccountController constructor.
@@ -53,18 +56,20 @@ class AccountController extends Controller
         parent::__construct();
         $this->middleware(
             function ($request, $next) {
-                $this->repository      = app(AccountRepositoryInterface::class);
-                $this->adminRepository = app(AdminAccountRepositoryInterface::class);
-
+                // new way of user group validation
                 $userGroup             = $this->validateUserGroup($request);
-                if (null !== $userGroup) {
-                    $this->adminRepository->setUserGroup($userGroup);
-                }
+                $this->adminRepository = app(AdminAccountRepositoryInterface::class);
+                $this->adminRepository->setUserGroup($userGroup);
+                $this->default         = app('amount')->getDefaultCurrency();
+                $this->converter       = app(ExchangeRateConverter::class);
+
+                //                $this->repository      = app(AccountRepositoryInterface::class);
+                //                $this->adminRepository->setUserGroup($this->validateUserGroup($request));
 
                 return $next($request);
             }
         );
-        $this->balanceTypes = [AccountType::ASSET, AccountType::LOAN, AccountType::DEBT, AccountType::MORTGAGE];
+        //        $this->balanceTypes = [AccountType::ASSET, AccountType::LOAN, AccountType::DEBT, AccountType::MORTGAGE];
     }
 
     /**
@@ -77,59 +82,68 @@ class AccountController extends Controller
      * 5. Collector uses user_group_id
      *
      * @throws FireflyException
-     * @throws FireflyException
      */
     public function accounts(AutocompleteRequest $request): JsonResponse
     {
-        $data            = $request->getData();
-        $types           = $data['types'];
-        $query           = $data['query'];
-        $date            = $this->parameters->get('date') ?? today(config('app.timezone'));
-        $result          = $this->adminRepository->searchAccount((string)$query, $types, $data['limit']);
-        $defaultCurrency = app('amount')->getDefaultCurrency();
-        $groupedResult   = [];
-        $allItems        = [];
+        $queryParameters = $request->getParameters();
+        $result          = $this->adminRepository->searchAccount((string) $queryParameters['query'], $queryParameters['account_types'], $queryParameters['size']);
+        $return          = [];
 
         /** @var Account $account */
         foreach ($result as $account) {
-            $nameWithBalance = $account->name;
-            $currency        = $this->repository->getAccountCurrency($account) ?? $defaultCurrency;
-
-            if (in_array($account->accountType->type, $this->balanceTypes, true)) {
-                $balance         = app('steam')->balance($account, $date);
-                $nameWithBalance = sprintf('%s (%s)', $account->name, app('amount')->formatAnything($currency, $balance, false));
-            }
-            $type            = (string)trans(sprintf('firefly.%s', $account->accountType->type));
-            $groupedResult[$type] ??= [
-                'group ' => $type,
-                'items'  => [],
-            ];
-            $allItems[]      = [
-                'id'                      => (string)$account->id,
-                'value'                   => (string)$account->id,
-                'name'                    => $account->name,
-                'name_with_balance'       => $nameWithBalance,
-                'label'                   => $nameWithBalance,
-                'type'                    => $account->accountType->type,
-                'currency_id'             => (string)$currency->id,
-                'currency_name'           => $currency->name,
-                'currency_code'           => $currency->code,
-                'currency_symbol'         => $currency->symbol,
-                'currency_decimal_places' => $currency->decimal_places,
-            ];
+            $return[] = $this->parseAccount($account);
         }
 
-        usort(
-            $allItems,
-            static function (array $left, array $right): int {
-                $order    = [AccountType::ASSET, AccountType::REVENUE, AccountType::EXPENSE];
-                $posLeft  = (int)array_search($left['type'], $order, true);
-                $posRight = (int)array_search($right['type'], $order, true);
+        return response()->json($return);
+    }
 
-                return $posLeft - $posRight;
-            }
-        );
+    private function parseAccount(Account $account): array
+    {
+        $currency = $this->adminRepository->getAccountCurrency($account);
 
-        return response()->json($allItems);
+        return [
+            'id'    => (string) $account->id,
+            'title' => $account->name,
+            'meta'  => [
+                'type'             => $account->accountType->type,
+                'currency_id'      => null === $currency ? null : (string) $currency->id,
+                'currency_code'    => $currency?->code,
+                'currency_symbol'  => $currency?->symbol,
+                'currency_decimal' => $currency?->decimal_places,
+                'account_balances' => $this->getAccountBalances($account),
+            ],
+        ];
+    }
+
+    private function getAccountBalances(Account $account): array
+    {
+        $return   = [];
+        $balances = $this->adminRepository->getAccountBalances($account);
+
+        /** @var AccountBalance $balance */
+        foreach ($balances as $balance) {
+            $return[] = $this->parseAccountBalance($balance);
+        }
+
+        return $return;
+    }
+
+    private function parseAccountBalance(AccountBalance $balance): array
+    {
+        $currency = $balance->transactionCurrency;
+
+        return [
+            'title'                   => $balance->title,
+            'native_amount'           => $this->converter->convert($currency, $this->default, today(), $balance->balance),
+            'amount'                  => app('steam')->bcround($balance->balance, $currency->decimal_places),
+            'currency_id'             => (string) $currency->id,
+            'currency_code'           => $currency->code,
+            'currency_symbol'         => $currency->symbol,
+            'currency_decimal_places' => $currency->decimal_places,
+            'native_currency_id'      => (string) $this->default->id,
+            'native_currency_code'    => $this->default->code,
+            'native_currency_symbol'  => $this->default->symbol,
+            'native_currency_decimal' => $this->default->decimal_places,
+        ];
     }
 }

app/Api/V2/Controllers/Autocomplete/CategoryController.php

@@ -45,11 +45,7 @@ class CategoryController extends Controller
         $this->middleware(
             function ($request, $next) {
                 $this->repository = app(CategoryRepositoryInterface::class);
-
-                $userGroup        = $this->validateUserGroup($request);
-                if (null !== $userGroup) {
-                    $this->repository->setUserGroup($userGroup);
-                }
+                $this->repository->setUserGroup($this->validateUserGroup($request));
 
                 return $next($request);
             }

app/Api/V2/Controllers/Autocomplete/TagController.php

@@ -45,11 +45,7 @@ class TagController extends Controller
         $this->middleware(
             function ($request, $next) {
                 $this->repository = app(TagRepositoryInterface::class);
-
-                $userGroup        = $this->validateUserGroup($request);
-                if (null !== $userGroup) {
-                    $this->repository->setUserGroup($userGroup);
-                }
+                $this->repository->setUserGroup($this->validateUserGroup($request));
 
                 return $next($request);
             }

app/Api/V2/Controllers/Autocomplete/TransactionController.php

@@ -45,11 +45,7 @@ class TransactionController extends Controller
         $this->middleware(
             function ($request, $next) {
                 $this->repository = app(JournalRepositoryInterface::class);
-
-                $userGroup        = $this->validateUserGroup($request);
-                if (null !== $userGroup) {
-                    $this->repository->setUserGroup($userGroup);
-                }
+                $this->repository->setUserGroup($this->validateUserGroup($request));
 
                 return $next($request);
             }

app/Api/V2/Controllers/Chart/AccountController.php

@@ -55,8 +55,7 @@ class AccountController extends Controller
         $this->middleware(
             function ($request, $next) {
                 $this->repository = app(AccountRepositoryInterface::class);
-                $userGroup        = $this->validateUserGroup($request);
-                $this->repository->setUserGroup($userGroup);
+                $this->repository->setUserGroup($this->validateUserGroup($request));
 
                 return $next($request);
             }

app/Api/V2/Controllers/Chart/BalanceController.php

@@ -27,6 +27,7 @@ namespace FireflyIII\Api\V2\Controllers\Chart;
 use Carbon\Carbon;
 use FireflyIII\Api\V2\Controllers\Controller;
 use FireflyIII\Api\V2\Request\Chart\BalanceChartRequest;
+use FireflyIII\Enums\UserRoleEnum;
 use FireflyIII\Exceptions\FireflyException;
 use FireflyIII\Helpers\Collector\GroupCollectorInterface;
 use FireflyIII\Models\TransactionCurrency;
@@ -42,6 +43,7 @@ use Illuminate\Support\Collection;
 class BalanceController extends Controller
 {
     use CleansChartData;
+    protected array                    $acceptedRoles = [UserRoleEnum::READ_ONLY];
 
     /**
      * The code is practically a duplicate of ReportController::operations.

app/Api/V2/Controllers/Chart/BudgetController.php

@@ -64,12 +64,9 @@ class BudgetController extends Controller
                 $this->blRepository  = app(BudgetLimitRepositoryInterface::class);
                 $this->opsRepository = app(OperationsRepositoryInterface::class);
                 $this->currency      = app('amount')->getDefaultCurrency();
-
                 $userGroup           = $this->validateUserGroup($request);
-                if (null !== $userGroup) {
-                    $this->repository->setUserGroup($userGroup);
-                    $this->opsRepository->setUserGroup($userGroup);
-                }
+                $this->repository->setUserGroup($userGroup);
+                $this->opsRepository->setUserGroup($userGroup);
 
                 return $next($request);
             }
@@ -124,11 +121,11 @@ class BudgetController extends Controller
         foreach ($rows as $row) {
             $current  = [
                 'label'                          => $budget->name,
-                'currency_id'                    => (string)$row['currency_id'],
+                'currency_id'                    => (string) $row['currency_id'],
                 'currency_code'                  => $row['currency_code'],
                 'currency_name'                  => $row['currency_name'],
                 'currency_decimal_places'        => $row['currency_decimal_places'],
-                'native_currency_id'             => (string)$row['native_currency_id'],
+                'native_currency_id'             => (string) $row['native_currency_id'],
                 'native_currency_code'           => $row['native_currency_code'],
                 'native_currency_name'           => $row['native_currency_name'],
                 'native_currency_decimal_places' => $row['native_currency_decimal_places'],
@@ -189,12 +186,12 @@ class BudgetController extends Controller
         foreach ($array as $currencyId => $block) {
             $this->currencies[$currencyId] ??= TransactionCurrency::find($currencyId);
             $return[$currencyId]           ??= [
-                'currency_id'                    => (string)$currencyId,
+                'currency_id'                    => (string) $currencyId,
                 'currency_code'                  => $block['currency_code'],
                 'currency_name'                  => $block['currency_name'],
                 'currency_symbol'                => $block['currency_symbol'],
-                'currency_decimal_places'        => (int)$block['currency_decimal_places'],
-                'native_currency_id'             => (string)$this->currency->id,
+                'currency_decimal_places'        => (int) $block['currency_decimal_places'],
+                'native_currency_id'             => (string) $this->currency->id,
                 'native_currency_code'           => $this->currency->code,
                 'native_currency_name'           => $this->currency->name,
                 'native_currency_symbol'         => $this->currency->symbol,

app/Api/V2/Controllers/Chart/CategoryController.php

@@ -57,10 +57,7 @@ class CategoryController extends Controller
             function ($request, $next) {
                 $this->accountRepos  = app(AccountRepositoryInterface::class);
                 $this->currencyRepos = app(CurrencyRepositoryInterface::class);
-                $userGroup           = $this->validateUserGroup($request);
-                if (null !== $userGroup) {
-                    $this->accountRepos->setUserGroup($userGroup);
-                }
+                $this->accountRepos->setUserGroup($this->validateUserGroup($request));
 
                 return $next($request);
             }
@@ -100,25 +97,25 @@ class CategoryController extends Controller
 
         /** @var array $journal */
         foreach ($journals as $journal) {
-            $currencyId                    = (int)$journal['currency_id'];
+            $currencyId                    = (int) $journal['currency_id'];
             $currency                      = $currencies[$currencyId] ?? $this->currencyRepos->find($currencyId);
             $currencies[$currencyId]       = $currency;
-            $categoryName                  = null === $journal['category_name'] ? (string)trans('firefly.no_category') : $journal['category_name'];
+            $categoryName                  = null === $journal['category_name'] ? (string) trans('firefly.no_category') : $journal['category_name'];
             $amount                        = app('steam')->positive($journal['amount']);
             $nativeAmount                  = $converter->convert($default, $currency, $journal['date'], $amount);
             $key                           = sprintf('%s-%s', $categoryName, $currency->code);
-            if ((int)$journal['foreign_currency_id'] === $default->id) {
+            if ((int) $journal['foreign_currency_id'] === $default->id) {
                 $nativeAmount = app('steam')->positive($journal['foreign_amount']);
             }
             // create arrays
             $return[$key] ??= [
                 'label'                          => $categoryName,
-                'currency_id'                    => (string)$currency->id,
+                'currency_id'                    => (string) $currency->id,
                 'currency_code'                  => $currency->code,
                 'currency_name'                  => $currency->name,
                 'currency_symbol'                => $currency->symbol,
                 'currency_decimal_places'        => $currency->decimal_places,
-                'native_currency_id'             => (string)$default->id,
+                'native_currency_id'             => (string) $default->id,
                 'native_currency_code'           => $default->code,
                 'native_currency_name'           => $default->name,
                 'native_currency_symbol'         => $default->symbol,
@@ -138,7 +135,7 @@ class CategoryController extends Controller
 
         // order by native amount
         usort($return, static function (array $a, array $b) {
-            return (float)$a['native_amount'] < (float)$b['native_amount'] ? 1 : -1;
+            return (float) $a['native_amount'] < (float) $b['native_amount'] ? 1 : -1;
         });
         $converter->summarize();
 

app/Api/V2/Controllers/Controller.php

@@ -122,6 +122,9 @@ class Controller extends BaseController
                     $obj = null;
                 }
             }
+            if (null !== $date && 'end' === $field) {
+                $obj->endOfDay();
+            }
             $bag->set($field, $obj);
         }
 
@@ -154,6 +157,9 @@ class Controller extends BaseController
     {
         $manager  = new Manager();
         $baseUrl  = request()->getSchemeAndHttpHost().'/api/v2';
+
+        // TODO add stuff to path?
+
         $manager->setSerializer(new JsonApiSerializer($baseUrl));
 
         $objects  = $paginator->getCollection();

app/Api/V2/Controllers/Model/Account/IndexController.php

@@ -25,12 +25,12 @@ namespace FireflyIII\Api\V2\Controllers\Model\Account;
 
 use FireflyIII\Api\V2\Controllers\Controller;
 use FireflyIII\Api\V2\Request\Model\Account\IndexRequest;
-use FireflyIII\Api\V2\Request\Model\Transaction\InfiniteListRequest;
 use FireflyIII\Enums\UserRoleEnum;
 use FireflyIII\Repositories\UserGroups\Account\AccountRepositoryInterface;
 use FireflyIII\Transformers\V2\AccountTransformer;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Pagination\LengthAwarePaginator;
+use Illuminate\Support\Facades\Log;
 
 class IndexController extends Controller
 {
@@ -58,21 +58,35 @@ class IndexController extends Controller
     }
 
     /**
-     * TODO see autocomplete/accountcontroller for list.
+     * TODO the sort instructions need proper repeatable documentation.
+     * TODO see autocomplete/account controller for list.
      */
     public function index(IndexRequest $request): JsonResponse
     {
         $this->repository->resetAccountOrder();
-        $types        = $request->getAccountTypes();
-        $instructions = $request->getSortInstructions('accounts');
-        $accounts     = $this->repository->getAccountsByType($types, $instructions);
-        $pageSize     = $this->parameters->get('limit');
-        $count        = $accounts->count();
-        $accounts     = $accounts->slice(($this->parameters->get('page') - 1) * $pageSize, $pageSize);
-        $paginator    = new LengthAwarePaginator($accounts, $count, $pageSize, $this->parameters->get('page'));
-        $transformer  = new AccountTransformer();
+        $types             = $request->getAccountTypes();
+        $sorting           = $request->getSortInstructions('accounts');
+        $filters           = $request->getFilterInstructions('accounts');
+        $accounts          = $this->repository->getAccountsByType($types, $sorting, $filters);
+        $pageSize          = $this->parameters->get('limit');
+        $count             = $accounts->count();
 
-        $this->parameters->set('sort', $instructions);
+        // depending on the sort parameters, this list must not be split, because the
+        // order is calculated in the account transformer and by that time it's too late.
+        $first             = array_key_first($sorting);
+        $disablePagination = in_array($first, ['last_activity', 'balance', 'balance_difference'], true);
+        Log::debug(sprintf('Will disable pagination in account index v2? %s', var_export($disablePagination, true)));
+        if (!$disablePagination) {
+            $accounts = $accounts->slice(($this->parameters->get('page') - 1) * $pageSize, $pageSize);
+        }
+        $paginator         = new LengthAwarePaginator($accounts, $count, $pageSize, $this->parameters->get('page'));
+        $transformer       = new AccountTransformer();
+
+        $this->parameters->set('disablePagination', $disablePagination);
+        $this->parameters->set('pageSize', $pageSize);
+        $this->parameters->set('sort', $sorting);
+
+        $this->parameters->set('filters', $filters);
         $transformer->setParameters($this->parameters); // give params to transformer
 
         return response()
@@ -80,25 +94,4 @@ class IndexController extends Controller
             ->header('Content-Type', self::CONTENT_TYPE)
         ;
     }
-
-    public function infiniteList(InfiniteListRequest $request): JsonResponse
-    {
-        $this->repository->resetAccountOrder();
-
-        // get accounts of the specified type, and return.
-        $types       = $request->getAccountTypes();
-
-        // get from repository
-        $accounts    = $this->repository->getAccountsInOrder($types, $request->getSortInstructions('accounts'), $request->getStartRow(), $request->getEndRow());
-        $total       = $this->repository->countAccounts($types);
-        $count       = $request->getEndRow() - $request->getStartRow();
-        $paginator   = new LengthAwarePaginator($accounts, $total, $count, $this->parameters->get('page'));
-        $transformer = new AccountTransformer();
-        $transformer->setParameters($this->parameters); // give params to transformer
-
-        return response()
-            ->json($this->jsonApiList(self::RESOURCE_KEY, $paginator, $transformer))
-            ->header('Content-Type', self::CONTENT_TYPE)
-        ;
-    }
 }

app/Api/V2/Controllers/Model/Account/UpdateController.php

@@ -45,11 +45,7 @@ class UpdateController extends Controller
         $this->middleware(
             function ($request, $next) {
                 $this->repository = app(AccountRepositoryInterface::class);
-                // new way of user group validation
-                $userGroup        = $this->validateUserGroup($request);
-                if (null !== $userGroup) {
-                    $this->repository->setUserGroup($userGroup);
-                }
+                $this->repository->setUserGroup($this->validateUserGroup($request));
 
                 return $next($request);
             }

app/Api/V2/Controllers/Model/Bill/IndexController.php

@@ -46,12 +46,7 @@ class IndexController extends Controller
         $this->middleware(
             function ($request, $next) {
                 $this->repository = app(BillRepositoryInterface::class);
-
-                // new way of user group validation
-                $userGroup        = $this->validateUserGroup($request);
-                if (null !== $userGroup) {
-                    $this->repository->setUserGroup($userGroup);
-                }
+                $this->repository->setUserGroup($this->validateUserGroup($request));
 
                 return $next($request);
             }

app/Api/V2/Controllers/Model/Bill/ShowController.php

@@ -46,12 +46,7 @@ class ShowController extends Controller
         $this->middleware(
             function ($request, $next) {
                 $this->repository = app(BillRepositoryInterface::class);
-
-                // new way of user group validation
-                $userGroup        = $this->validateUserGroup($request);
-                if (null !== $userGroup) {
-                    $this->repository->setUserGroup($userGroup);
-                }
+                $this->repository->setUserGroup($this->validateUserGroup($request));
 
                 return $next($request);
             }

app/Api/V2/Controllers/Model/Bill/SumController.php

@@ -45,11 +45,7 @@ class SumController extends Controller
         $this->middleware(
             function ($request, $next) {
                 $this->repository = app(BillRepositoryInterface::class);
-
-                $userGroup        = $this->validateUserGroup($request);
-                if (null !== $userGroup) {
-                    $this->repository->setUserGroup($userGroup);
-                }
+                $this->repository->setUserGroup($this->validateUserGroup($request));
 
                 return $next($request);
             }

app/Api/V2/Controllers/Model/PiggyBank/IndexController.php

@@ -46,11 +46,7 @@ class IndexController extends Controller
         $this->middleware(
             function ($request, $next) {
                 $this->repository = app(PiggyBankRepositoryInterface::class);
-
-                $userGroup        = $this->validateUserGroup($request);
-                if (null !== $userGroup) {
-                    $this->repository->setUserGroup($userGroup);
-                }
+                $this->repository->setUserGroup($this->validateUserGroup($request));
 
                 return $next($request);
             }

app/Api/V2/Controllers/Summary/NetWorthController.php

@@ -52,10 +52,8 @@ class NetWorthController extends Controller
                 $this->repository = app(AccountRepositoryInterface::class);
                 // new way of user group validation
                 $userGroup        = $this->validateUserGroup($request);
-                if (null !== $userGroup) {
-                    $this->netWorth->setUserGroup($userGroup);
-                    $this->repository->setUserGroup($userGroup);
-                }
+                $this->netWorth->setUserGroup($userGroup);
+                $this->repository->setUserGroup($userGroup);
 
                 return $next($request);
             }

app/Api/V2/Request/Autocomplete/AutocompleteRequest.php

@@ -23,24 +23,59 @@ declare(strict_types=1);
 
 namespace FireflyIII\Api\V2\Request\Autocomplete;
 
-use FireflyIII\Enums\UserRoleEnum;
+use Carbon\Carbon;
+use Carbon\Exceptions\InvalidFormatException;
+use FireflyIII\JsonApi\Rules\IsValidFilter;
+use FireflyIII\JsonApi\Rules\IsValidPage;
 use FireflyIII\Models\AccountType;
+use FireflyIII\Support\Http\Api\AccountFilter;
 use FireflyIII\Support\Request\ChecksLogin;
 use FireflyIII\Support\Request\ConvertsDataTypes;
 use Illuminate\Foundation\Http\FormRequest;
+use LaravelJsonApi\Core\Query\QueryParameters;
+use LaravelJsonApi\Validation\Rule as JsonApiRule;
+use Illuminate\Support\Facades\Log;
 
 /**
  * Class AutocompleteRequest
  */
 class AutocompleteRequest extends FormRequest
 {
+    use AccountFilter;
     use ChecksLogin;
     use ConvertsDataTypes;
 
-    protected array $acceptedRoles = [UserRoleEnum::MANAGE_TRANSACTIONS];
+    /**
+     * Loops over all possible query parameters (these are shared over ALL auto complete requests)
+     * and returns a validated array of parameters.
+     *
+     * The advantage is a single class. But you may also submit "account types" to an endpoint that doesn't use these.
+     */
+    public function getParameters(): array
+    {
+        $queryParameters = QueryParameters::cast($this->all());
+
+        try {
+            $date = Carbon::createFromFormat('Y-m-d', $queryParameters->filter()?->value('date', date('Y-m-d')), config('app.timezone'));
+        } catch (InvalidFormatException $e) {
+            Log::debug(sprintf('Invalid date format in autocomplete request. Using today: %s', $e->getMessage()));
+            $date = today();
+        }
+        $query           = $queryParameters->filter()?->value('query', '') ?? '';
+        $size            = (int) ($queryParameters->page()['size'] ?? 50);
+        $accountTypes    = $this->getAccountTypeParameter($queryParameters->filter()?->value('account_types', '') ?? '');
+
+        return [
+            'date'          => $date,
+            'query'         => $query,
+            'size'          => $size,
+            'account_types' => $accountTypes,
+        ];
+    }
 
     public function getData(): array
     {
+        return [];
         $types = $this->convertString('types');
         $array = [];
         if ('' !== $types) {
@@ -63,7 +98,27 @@ class AutocompleteRequest extends FormRequest
     public function rules(): array
     {
         return [
-            'limit' => 'min:0|max:1337',
+            'fields'  => JsonApiRule::notSupported(),
+            'filter'  => ['nullable', 'array', new IsValidFilter(['query', 'date', 'account_types'])],
+            'include' => JsonApiRule::notSupported(),
+            'page'    => ['nullable', 'array', new IsValidPage(['size'])],
+            'sort'    => JsonApiRule::notSupported(),
         ];
     }
+
+    private function getAccountTypeParameter(mixed $types): array
+    {
+        if (is_string($types) && str_contains($types, ',')) {
+            $types = explode(',', $types);
+        }
+        if (!is_iterable($types)) {
+            $types = [$types];
+        }
+        $return = [];
+        foreach ($types as $type) {
+            $return = array_merge($return, $this->mapAccountTypes($type));
+        }
+
+        return array_unique($return);
+    }
 }

app/Api/V2/Request/Chart/BalanceChartRequest.php

@@ -24,6 +24,7 @@ declare(strict_types=1);
 
 namespace FireflyIII\Api\V2\Request\Chart;
 
+use FireflyIII\Enums\UserRoleEnum;
 use FireflyIII\Support\Http\Api\ValidatesUserGroupTrait;
 use FireflyIII\Support\Request\ChecksLogin;
 use FireflyIII\Support\Request\ConvertsDataTypes;
@@ -39,6 +40,7 @@ class BalanceChartRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
     use ValidatesUserGroupTrait;
+    protected array                    $acceptedRoles = [UserRoleEnum::READ_ONLY];
 
     /**
      * Get all data from the request.

app/Api/V2/Request/Model/Account/IndexRequest.php

@@ -27,6 +27,7 @@ use Carbon\Carbon;
 use FireflyIII\Support\Http\Api\AccountFilter;
 use FireflyIII\Support\Request\ChecksLogin;
 use FireflyIII\Support\Request\ConvertsDataTypes;
+use FireflyIII\Support\Request\GetFilterInstructions;
 use FireflyIII\Support\Request\GetSortInstructions;
 use Illuminate\Foundation\Http\FormRequest;
 
@@ -40,18 +41,16 @@ class IndexRequest extends FormRequest
     use AccountFilter;
     use ChecksLogin;
     use ConvertsDataTypes;
+    use GetFilterInstructions;
     use GetSortInstructions;
 
     public function getAccountTypes(): array
     {
-        $type = (string)$this->get('type', 'default');
+        $type = (string) $this->get('type', 'default');
 
         return $this->mapAccountTypes($type);
     }
 
-    /**
-     * Get all data from the request.
-     */
     public function getDate(): Carbon
     {
         return $this->getCarbonDate('date');
@@ -63,7 +62,9 @@ class IndexRequest extends FormRequest
     public function rules(): array
     {
         return [
-            'date' => 'date|after:1900-01-01|before:2099-12-31',
+            'date'  => 'date|after:1900-01-01|before:2099-12-31',
+            'start' => 'date|after:1900-01-01|before:2099-12-31|before:end|required_with:end',
+            'end'   => 'date|after:1900-01-01|before:2099-12-31|after:start|required_with:start',
         ];
     }
 }

app/Console/Commands/Correction/CorrectAccountBalance.php

@@ -0,0 +1,32 @@
+<?php
+
+declare(strict_types=1);
+
+namespace FireflyIII\Console\Commands\Correction;
+
+use FireflyIII\Console\Commands\ShowsFriendlyMessages;
+use FireflyIII\Support\Models\AccountBalanceCalculator;
+use Illuminate\Console\Command;
+
+/**
+ * Class CorrectionSkeleton
+ */
+class CorrectAccountBalance extends Command
+{
+    use ShowsFriendlyMessages;
+    protected $description = 'Recalculate all account balance amounts';
+
+    protected $signature   = 'firefly-iii:correct-account-balance';
+
+    public function handle(): int
+    {
+        $this->correctBalanceAmounts();
+
+        return 0;
+    }
+
+    private function correctBalanceAmounts(): void
+    {
+        AccountBalanceCalculator::recalculate(null, null);
+    }
+}

app/Console/Commands/Correction/CorrectDatabase.php

@@ -74,6 +74,7 @@ class CorrectDatabase extends Command
             'firefly-iii:unify-group-accounts',
             'firefly-iii:trigger-credit-recalculation',
             'firefly-iii:migrate-preferences',
+            'firefly-iii:correct-account-balance',
         ];
         foreach ($commands as $command) {
             $this->friendlyLine(sprintf('Now executing command "%s"', $command));

app/Console/Commands/Integrity/CreateGroupMemberships.php

@@ -80,7 +80,7 @@ class CreateGroupMemberships extends Command
         // check if membership exists
         $userGroup  = UserGroup::where('title', $user->email)->first();
         if (null === $userGroup) {
-            $userGroup = UserGroup::create(['title' => $user->email, 'default_administration' => true]);
+            $userGroup = UserGroup::create(['title' => $user->email]);
         }
 
         $userRole   = UserRole::where('title', UserRoleEnum::OWNER->value)->first();

app/Entities/AccountBalance.php

@@ -0,0 +1,49 @@
+<?php
+/*
+ * AccountBalance.php
+ * Copyright (c) 2024 james@firefly-iii.org.
+ *
+ * This file is part of Firefly III (https://github.com/firefly-iii).
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see https://www.gnu.org/licenses/.
+ */
+
+declare(strict_types=1);
+
+namespace FireflyIII\Entities;
+
+use FireflyIII\Models\Account;
+
+class AccountBalance
+{
+    public string $id;
+    public string $amount;
+    public string $currencyId;
+
+    public static function fromArray(): self
+    {
+        $balance             = new self();
+        $balance->id         = (string) random_int(1, 1000);
+        $balance->name       = (string) random_int(1, 1000);
+        $balance->amount     = (string) random_int(1, 1000);
+        $balance->currencyId = '1';
+
+        return $balance;
+    }
+
+    public function getAccount(): Account
+    {
+        return Account::inRandomOrder()->first();
+    }
+}

app/Exceptions/Handler.php

@@ -36,6 +36,7 @@ use Illuminate\Session\TokenMismatchException;
 use Illuminate\Support\Arr;
 use Illuminate\Validation\ValidationException as LaravelValidationException;
 use Laravel\Passport\Exceptions\OAuthServerException as LaravelOAuthException;
+use LaravelJsonApi\Core\Exceptions\JsonApiException;
 use League\OAuth2\Server\Exception\OAuthServerException;
 use Symfony\Component\HttpFoundation\Exception\SuspiciousOperationException;
 use Symfony\Component\HttpFoundation\Response;
@@ -63,6 +64,7 @@ class Handler extends ExceptionHandler
             HttpException::class,
             SuspiciousOperationException::class,
             BadHttpHeaderException::class,
+            JsonApiException::class,
         ];
 
     /**

app/Handlers/Observer/TransactionObserver.php

@@ -24,6 +24,7 @@ declare(strict_types=1);
 namespace FireflyIII\Handlers\Observer;
 
 use FireflyIII\Models\Transaction;
+use FireflyIII\Support\Models\AccountBalanceCalculator;
 
 /**
  * Class TransactionObserver
@@ -35,4 +36,16 @@ class TransactionObserver
         app('log')->debug('Observe "deleting" of a transaction.');
         $transaction?->transactionJournal?->delete();
     }
+
+    public function updated(Transaction $transaction): void
+    {
+        app('log')->debug('Observe "updated" of a transaction.');
+        AccountBalanceCalculator::recalculateForAccount($transaction->account);
+    }
+
+    public function created(Transaction $transaction): void
+    {
+        app('log')->debug('Observe "created" of a transaction.');
+        AccountBalanceCalculator::recalculateForAccount($transaction->account);
+    }
 }

app/Http/Controllers/Account/ShowController.php

@@ -106,7 +106,7 @@ class ShowController extends Controller
         $periods          = $this->getAccountPeriodOverview($account, $firstTransaction, $end);
 
         // if layout = v2, overrule the page title.
-        if ('v1' !== config('firefly.layout')) {
+        if ('v1' !== config('view.layout')) {
             $subTitle = (string)trans('firefly.all_journals_for_account', ['name' => $account->name]);
         }
 

app/Http/Controllers/Api/V3/Controllers/AccountController.php

@@ -0,0 +1,43 @@
+<?php
+
+declare(strict_types=1);
+
+namespace FireflyIII\Http\Controllers\Api\V3\Controllers;
+
+use FireflyIII\Http\Controllers\Controller;
+use FireflyIII\JsonApi\V3\AccountBalances\AccountBalanceSchema;
+use FireflyIII\Models\Account;
+use Illuminate\Contracts\Support\Responsable;
+use LaravelJsonApi\Core\Facades\JsonApi;
+use LaravelJsonApi\Core\Responses\DataResponse;
+use LaravelJsonApi\Laravel\Http\Controllers\Actions;
+use LaravelJsonApi\Laravel\Http\Requests\AnonymousQuery;
+
+class AccountController extends Controller
+{
+    use Actions\AttachRelationship;
+    use Actions\Destroy;
+    use Actions\DetachRelationship;
+    use Actions\FetchMany;
+    use Actions\FetchOne;
+    use Actions\FetchRelated;
+    use Actions\FetchRelationship;
+    use Actions\Store;
+    use Actions\Update;
+    use Actions\UpdateRelationship;
+
+    public function readAccountBalances(AnonymousQuery $query, AccountBalanceSchema $schema, Account $account): Responsable
+    {
+        $schema = JsonApi::server()->schemas()->schemaFor('account-balances');
+
+        $models = $schema
+            ->repository()
+            ->queryAll()
+            ->withRequest($query)
+            ->withAccount($account)
+            ->get()
+        ;
+
+        return DataResponse::make($models);
+    }
+}

app/Http/Controllers/Auth/ForgotPasswordController.php

@@ -31,6 +31,7 @@ use Illuminate\Contracts\View\Factory;
 use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
 use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Log;
 use Illuminate\View\View;
 
 /**
@@ -106,6 +107,8 @@ class ForgotPasswordController extends Controller
         }
         $host           = request()->host();
         if ($configuredHost !== $host) {
+            Log::error(sprintf('Host header is "%s", APP_URL is "%s".', $host, $configuredHost));
+
             throw new FireflyException('The Host-header does not match the host in the APP_URL environment variable. Please make sure these match. See also: https://bit.ly/FF3-host-header');
         }
     }

app/Http/Controllers/Controller.php

@@ -70,7 +70,7 @@ abstract class Controller extends BaseController
         $logoutUrl        = config('firefly.custom_logout_url');
 
         // overrule v2 layout back to v1.
-        if ('true' === request()->get('force_default_layout') && 'v2' === config('firefly.layout')) {
+        if ('true' === request()->get('force_default_layout') && 'v2' === config('view.layout')) {
             app('view')->getFinder()->setPaths([realpath(base_path('resources/views'))]); // @phpstan-ignore-line
         }
 

app/Http/Controllers/DebugController.php

@@ -86,14 +86,15 @@ class DebugController extends Controller
     {
         app('preferences')->mark();
         $request->session()->forget(['start', 'end', '_previous', 'viewRange', 'range', 'is_custom_range', 'temp-mfa-secret', 'temp-mfa-codes']);
-        app('log')->debug('Call cache:clear...');
 
         Artisan::call('cache:clear');
-        app('log')->debug('Call config:clear...');
         Artisan::call('config:clear');
-        app('log')->debug('Call route:clear...');
         Artisan::call('route:clear');
-        app('log')->debug('Call twig:clean...');
+        Artisan::call('view:clear');
+
+        // also do some recalculations.
+        Artisan::call('firefly-iii:correct-account-balance');
+        Artisan::call('firefly-iii:trigger-credit-recalculation');
 
         try {
             Artisan::call('twig:clean');
@@ -101,7 +102,6 @@ class DebugController extends Controller
             throw new FireflyException($e->getMessage(), 0, $e);
         }
 
-        app('log')->debug('Call view:clear...');
         Artisan::call('view:clear');
 
         return redirect(route('index'));

app/Http/Controllers/HomeController.php

@@ -151,8 +151,9 @@ class HomeController extends Controller
         }
 
         /** @var Carbon $start */
-        /** @var Carbon $end */
         $start          = session('start', today(config('app.timezone'))->startOfMonth());
+
+        /** @var Carbon $end */
         $end            = session('end', today(config('app.timezone'))->endOfMonth());
         $accounts       = $repository->getAccountsById($frontpageArray);
         $today          = today(config('app.timezone'));

app/Http/Middleware/SecureHeaders.php

@@ -25,6 +25,7 @@ namespace FireflyIII\Http\Middleware;
 
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Vite;
+use Barryvdh\Debugbar\Facades\Debugbar;
 
 /**
  * Class SecureHeaders
@@ -43,6 +44,9 @@ class SecureHeaders
         // generate and share nonce.
         $nonce              = base64_encode(random_bytes(16));
         Vite::useCspNonce($nonce);
+        if (class_exists('Barryvdh\Debugbar\Facades\Debugbar')) {
+            Debugbar::getJavascriptRenderer()->setCspNonce($nonce);
+        }
         app('view')->share('JS_NONCE', $nonce);
 
         $response           = $next($request);
@@ -55,14 +59,29 @@ class SecureHeaders
             "base-uri 'self'",
             "font-src 'self' data:",
             sprintf("connect-src 'self' %s", $trackingScriptSrc),
-            sprintf("img-src 'self' 'nonce-%1s'", $nonce),
+            sprintf("img-src 'self' data: 'nonce-%1s' ", $nonce),
             "manifest-src 'self'",
         ];
 
+        // overrule in development mode
+        if (true === env('IS_LOCAL_DEV')) {
+            $csp = [
+                "default-src 'none'",
+                "object-src 'none'",
+                sprintf("script-src 'unsafe-eval' 'strict-dynamic' 'nonce-%1s' https://firefly.sd.internal/_debugbar/assets", $nonce),
+                "style-src 'unsafe-inline' 'self' https://10.0.0.15:5173/",
+                "base-uri 'self'",
+                "font-src 'self' data: https://10.0.0.15:5173/",
+                sprintf("connect-src 'self' %s https://10.0.0.15:5173/ wss://10.0.0.15:5173/", $trackingScriptSrc),
+                sprintf("img-src 'self' data: 'nonce-%1s'", $nonce),
+                "manifest-src 'self'",
+            ];
+        }
+
         $route              = $request->route();
         $customUrl          = '';
-        $authGuard          = (string)config('firefly.authentication_guard');
-        $logoutUrl          = (string)config('firefly.custom_logout_url');
+        $authGuard          = (string) config('firefly.authentication_guard');
+        $logoutUrl          = (string) config('firefly.custom_logout_url');
         if ('remote_user_guard' === $authGuard && '' !== $logoutUrl) {
             $customUrl = $logoutUrl;
         }
@@ -110,8 +129,8 @@ class SecureHeaders
      */
     private function getTrackingScriptSource(): string
     {
-        if ('' !== (string)config('firefly.tracker_site_id') && '' !== (string)config('firefly.tracker_url')) {
-            return (string)config('firefly.tracker_url');
+        if ('' !== (string) config('firefly.tracker_site_id') && '' !== (string) config('firefly.tracker_url')) {
+            return (string) config('firefly.tracker_url');
         }
 
         return '';

app/Jobs/DownloadExchangeRates.php

@@ -29,6 +29,7 @@ use FireflyIII\Models\TransactionCurrency;
 use FireflyIII\Repositories\Currency\CurrencyRepositoryInterface;
 use FireflyIII\Repositories\User\UserRepositoryInterface;
 use GuzzleHttp\Client;
+use GuzzleHttp\Exception\ConnectException;
 use GuzzleHttp\Exception\GuzzleException;
 use GuzzleHttp\Exception\RequestException;
 use Illuminate\Bus\Queueable;
@@ -100,7 +101,7 @@ class DownloadExchangeRates implements ShouldQueue
 
         try {
             $res = $client->get($url);
-        } catch (RequestException $e) {
+        } catch (ConnectException|RequestException $e) {
             app('log')->warning(sprintf('Trying to grab "%s" resulted in error "%d".', $url, $e->getMessage()));
 
             return;

app/Jobs/MailError.php

@@ -27,6 +27,7 @@ use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Mail\Message;
 use Illuminate\Queue\InteractsWithQueue;
 use Illuminate\Queue\SerializesModels;
+use Illuminate\Support\Facades\Log;
 use Symfony\Component\Mailer\Exception\TransportException;
 
 /**
@@ -68,6 +69,14 @@ class MailError extends Job implements ShouldQueue
         $args['user']     = $this->userData;
         $args['ip']       = $this->ipAddress;
         $args['token']    = config('firefly.ipinfo_token');
+
+        // limit number of error mails that can be sent.
+        if ($this->reachedLimit()) {
+            Log::info('MailError: reached limit, not sending email.');
+
+            return;
+        }
+
         if ($this->attempts() < 3 && '' !== $email) {
             try {
                 \Mail::send(
@@ -96,4 +105,62 @@ class MailError extends Job implements ShouldQueue
             }
         }
     }
+
+    private function reachedLimit(): bool
+    {
+        Log::debug('reachedLimit()');
+        $types     = [
+            '5m'  => ['limit' => 5, 'reset' => 5 * 60],
+            '1h'  => ['limit' => 15, 'reset' => 60 * 60],
+            '24h' => ['limit' => 15, 'reset' => 24 * 60 * 60],
+        ];
+        $file      = storage_path('framework/cache/error-count.json');
+        $directory = storage_path('framework/cache');
+        $limits    = [];
+
+        if (!is_writable($directory)) {
+            Log::error(sprintf('MailError: cannot write to "%s", cannot rate limit errors!', $directory));
+
+            return false;
+        }
+
+        if (!file_exists($file)) {
+            Log::debug(sprintf('Wrote new file in "%s"', $file));
+            file_put_contents($file, json_encode($limits, JSON_PRETTY_PRINT));
+        }
+        if (file_exists($file)) {
+            Log::debug(sprintf('Read file in "%s"', $file));
+            $limits = json_decode((string)file_get_contents($file), true);
+        }
+        // limit reached?
+        foreach ($types as $type => $info) {
+            Log::debug(sprintf('Now checking limit "%s"', $type), $info);
+            if (!array_key_exists($type, $limits)) {
+                Log::debug(sprintf('Limit "%s" reset to zero, did not exist yet.', $type));
+                $limits[$type] = [
+                    'time' => time(),
+                    'sent' => 0,
+                ];
+            }
+
+            if (time() - $limits[$type]['time'] > $info['reset']) {
+                Log::debug(sprintf('Time past for this limit is %d seconds, exceeding %d seconds. Reset to zero.', time() - $limits[$type]['time'], $info['reset']));
+                $limits[$type] = [
+                    'time' => time(),
+                    'sent' => 0,
+                ];
+            }
+
+            if ($limits[$type]['sent'] > $info['limit']) {
+                Log::warning(sprintf('Sent %d emails in %s, return true.', $limits[$type]['sent'], $type));
+
+                return true;
+            }
+            ++$limits[$type]['sent'];
+        }
+        file_put_contents($file, json_encode($limits, JSON_PRETTY_PRINT));
+        Log::debug('No limits reached, return FALSE.');
+
+        return false;
+    }
 }

app/JsonApi/Rules/IsValidFilter.php

@@ -0,0 +1,52 @@
+<?php
+/*
+ * IsValidFilter.php
+ * Copyright (c) 2024 james@firefly-iii.org.
+ *
+ * This file is part of Firefly III (https://github.com/firefly-iii).
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see https://www.gnu.org/licenses/.
+ */
+
+declare(strict_types=1);
+
+namespace FireflyIII\JsonApi\Rules;
+
+use Illuminate\Contracts\Validation\ValidationRule;
+
+class IsValidFilter implements ValidationRule
+{
+    private array $allowed;
+
+    public function __construct(array $keys)
+    {
+        $this->allowed = $keys;
+    }
+
+    #[\Override]
+    public function validate(string $attribute, mixed $value, \Closure $fail): void
+    {
+        if ('filter' !== $attribute) {
+            $fail('validation.bad_api_filter')->translate();
+        }
+        if (!is_array($value)) {
+            $value = explode(',', $value);
+        }
+        foreach ($value as $key => $val) {
+            if (!in_array($key, $this->allowed, true)) {
+                $fail('validation.bad_api_filter')->translate();
+            }
+        }
+    }
+}

app/JsonApi/Rules/IsValidPage.php

@@ -0,0 +1,52 @@
+<?php
+/*
+ * IsValidFilter.php
+ * Copyright (c) 2024 james@firefly-iii.org.
+ *
+ * This file is part of Firefly III (https://github.com/firefly-iii).
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see https://www.gnu.org/licenses/.
+ */
+
+declare(strict_types=1);
+
+namespace FireflyIII\JsonApi\Rules;
+
+use Illuminate\Contracts\Validation\ValidationRule;
+
+class IsValidPage implements ValidationRule
+{
+    private array $allowed;
+
+    public function __construct(array $keys)
+    {
+        $this->allowed = $keys;
+    }
+
+    #[\Override]
+    public function validate(string $attribute, mixed $value, \Closure $fail): void
+    {
+        if ('page' !== $attribute) {
+            $fail('validation.bad_api_filter')->translate();
+        }
+        if (!is_array($value)) {
+            $value = explode(',', $value);
+        }
+        foreach ($value as $key => $val) {
+            if (!in_array($key, $this->allowed, true)) {
+                $fail('validation.bad_api_page')->translate();
+            }
+        }
+    }
+}

app/JsonApi/V3/AccountBalances/AccountBalanceRepository.php

@@ -0,0 +1,45 @@
+<?php
+/*
+ * AccountBalanceRepository.php
+ * Copyright (c) 2024 james@firefly-iii.org.
+ *
+ * This file is part of Firefly III (https://github.com/firefly-iii).
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see https://www.gnu.org/licenses/.
+ */
+
+declare(strict_types=1);
+
+namespace FireflyIII\JsonApi\V3\AccountBalances;
+
+use FireflyIII\Entities\AccountBalance;
+use LaravelJsonApi\Contracts\Store\QueriesAll;
+use LaravelJsonApi\NonEloquent\AbstractRepository;
+
+class AccountBalanceRepository extends AbstractRepository implements QueriesAll
+{
+    #[\Override]
+    public function find(string $resourceId): ?object
+    {
+        return AccountBalance::fromArray();
+    }
+
+    public function queryAll(): Capabilities\AccountBalanceQuery
+    {
+        return Capabilities\AccountBalanceQuery::make()
+            ->withServer($this->server)
+            ->withSchema($this->schema)
+        ;
+    }
+}

app/JsonApi/V3/AccountBalances/AccountBalanceResource.php

@@ -0,0 +1,44 @@
+<?php
+
+declare(strict_types=1);
+
+namespace FireflyIII\JsonApi\V3\AccountBalances;
+
+use Illuminate\Http\Request;
+use LaravelJsonApi\Core\Resources\JsonApiResource;
+
+class AccountBalanceResource extends JsonApiResource
+{
+    /**
+     * Get the resource id.
+     */
+    public function id(): string
+    {
+        return $this->resource->id;
+    }
+
+    /**
+     * Get the resource's attributes.
+     *
+     * @param null|Request $request
+     */
+    public function attributes($request): iterable
+    {
+        return [
+            'name'   => $this->resource->amount,
+            'amount' => $this->resource->amount,
+        ];
+    }
+
+    /**
+     * Get the resource's relationships.
+     *
+     * @param null|Request $request
+     */
+    public function relationships($request): iterable
+    {
+        return [
+            $this->relation('account')->withData($this->resource->getAccount()),
+        ];
+    }
+}

app/JsonApi/V3/AccountBalances/AccountBalanceSchema.php

@@ -0,0 +1,50 @@
+<?php
+
+declare(strict_types=1);
+
+namespace FireflyIII\JsonApi\V3\AccountBalances;
+
+use FireflyIII\Entities\AccountBalance;
+use LaravelJsonApi\Core\Schema\Schema;
+use LaravelJsonApi\Eloquent\Fields\Relations\HasOne;
+use LaravelJsonApi\NonEloquent\Fields\Attribute;
+use LaravelJsonApi\NonEloquent\Fields\ID;
+
+class AccountBalanceSchema extends Schema
+{
+    /**
+     * The model the schema corresponds to.
+     */
+    public static string $model = AccountBalance::class;
+
+    /**
+     * Get the resource fields.
+     */
+    public function fields(): array
+    {
+        return [
+            ID::make(),
+            Attribute::make('name'),
+            Attribute::make('amount'),
+            HasOne::make('account'),
+        ];
+    }
+
+    /**
+     * Get the resource filters.
+     */
+    public function filters(): array
+    {
+        return [
+            // Filter::make('id'),
+        ];
+    }
+
+    public function repository(): AccountBalanceRepository
+    {
+        return AccountBalanceRepository::make()
+            ->withServer($this->server)
+            ->withSchema($this)
+        ;
+    }
+}

app/JsonApi/V3/AccountBalances/Capabilities/AccountBalanceQuery.php

@@ -0,0 +1,58 @@
+<?php
+/*
+ * AccountBalanceQuery.php
+ * Copyright (c) 2024 james@firefly-iii.org.
+ *
+ * This file is part of Firefly III (https://github.com/firefly-iii).
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see https://www.gnu.org/licenses/.
+ */
+
+declare(strict_types=1);
+
+namespace FireflyIII\JsonApi\V3\AccountBalances\Capabilities;
+
+use FireflyIII\Entities\AccountBalance;
+use FireflyIII\Models\Account;
+use LaravelJsonApi\NonEloquent\Capabilities\QueryAll;
+
+class AccountBalanceQuery extends QueryAll
+{
+    private Account $account;
+
+    /**
+     * QuerySites constructor.
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    public function get(): iterable
+    {
+        return [
+            AccountBalance::fromArray(),
+            AccountBalance::fromArray(),
+            AccountBalance::fromArray(),
+            AccountBalance::fromArray(),
+        ];
+    }
+
+    public function withAccount(Account $account): self
+    {
+        $this->account = $account;
+
+        return $this;
+    }
+}

app/JsonApi/V3/Accounts/AccountRepository.php

@@ -0,0 +1,53 @@
+<?php
+/*
+ * AccountRepository.php
+ * Copyright (c) 2024 james@firefly-iii.org.
+ *
+ * This file is part of Firefly III (https://github.com/firefly-iii).
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see https://www.gnu.org/licenses/.
+ */
+
+declare(strict_types=1);
+
+namespace FireflyIII\JsonApi\V3\Accounts;
+
+use FireflyIII\Models\Account;
+use FireflyIII\Support\JsonApi\Concerns\UsergroupAware;
+use LaravelJsonApi\Contracts\Store\QueriesAll;
+use LaravelJsonApi\NonEloquent\AbstractRepository;
+
+class AccountRepository extends AbstractRepository implements QueriesAll
+{
+    use UsergroupAware;
+
+    /**
+     * SiteRepository constructor.
+     */
+    public function __construct() {}
+
+    public function find(string $resourceId): ?object
+    {
+        return Account::find((int) $resourceId);
+    }
+
+    public function queryAll(): Capabilities\AccountQuery
+    {
+        return Capabilities\AccountQuery::make()
+            ->withUserGroup($this->userGroup)
+            ->withServer($this->server)
+            ->withSchema($this->schema)
+        ;
+    }
+}

app/JsonApi/V3/Accounts/AccountResource.php

@@ -0,0 +1,129 @@
+<?php
+
+declare(strict_types=1);
+
+namespace FireflyIII\JsonApi\V3\Accounts;
+
+use FireflyIII\Models\Account;
+use Illuminate\Http\Request;
+use LaravelJsonApi\Core\Resources\JsonApiResource;
+
+/**
+ * @property Account $resource
+ */
+class AccountResource extends JsonApiResource
+{
+    /**
+     * Get the resource's attributes.
+     *
+     * @param null|Request $request
+     */
+    public function attributes($request): iterable
+    {
+        return [
+            'created_at'      => $this->resource->created_at,
+            'updated_at'      => $this->resource->updated_at,
+            'name'            => $this->resource->name,
+            'iban'            => '' === $this->resource->iban ? null : $this->resource->iban,
+            'active'          => $this->resource->active,
+            'last_activity'   => $this->resource->last_activity,
+            'type'            => $this->resource->type,
+            'account_role'    => $this->resource->account_role,
+
+            //            'virtual_balance' => $this->resource->virtual_balance,
+            //            'native_balance'  => $this->resource->native_balance,
+            // 'user' => $this->resource->user_array,
+            //            'balances' => []
+            //
+            // currency
+            //            'currency_id'             => $this->resource->currency_id,
+            //            'currency_code'           => $this->resource->currency_code,
+            //            'currency_symbol'         => $this->resource->currency_symbol,
+            //            'currency_decimal_places' => $this->resource->currency_decimal_places,
+
+            // balance (in currency, on date)
+            //            'current_balance'         => $this->resource->current_balance,
+
+            //            'current_balance'         => app('steam')->bcround(app('steam')->balance($account, $date), $decimalPlaces),
+            //            'current_balance_date'    => $date->toAtomString(),
+            //            'notes'                   => $this->repository->getNoteText($account),
+            //            'monthly_payment_date'    => $monthlyPaymentDate,
+            //            'credit_card_type'        => $creditCardType,
+            //            'account_number'          => $this->repository->getMetaValue($account, 'account_number'),
+            //            'bic'                     => $this->repository->getMetaValue($account, 'BIC'),
+            //            'opening_balance'         => $openingBalance,
+            //            'opening_balance_date'    => $openingBalanceDate,
+            //            'liability_type'          => $liabilityType,
+            //            'liability_direction'     => $liabilityDirection,
+            //            'interest'                => $interest,
+            //            'interest_period'         => $interestPeriod,
+            //            'current_debt'            => $this->repository->getMetaValue($account, 'current_debt'),
+            //            'include_net_worth'       => $includeNetWorth,
+            //            'longitude'               => $longitude,
+            //            'latitude'                => $latitude,
+            //            'zoom_level'              => $zoomLevel,
+
+            //            'order'                          => $order,
+
+            //            'currency_id'                    => (string) $currency->id,
+            //            'currency_code'                  => $currency->code,
+            //            'currency_symbol'                => $currency->symbol,
+            //            'currency_decimal_places'        => $currency->decimal_places,
+            //
+            //            'native_currency_id'             => (string) $this->default->id,
+            //            'native_currency_code'           => $this->default->code,
+            //            'native_currency_symbol'         => $this->default->symbol,
+            //            'native_currency_decimal_places' => $this->default->decimal_places,
+            //
+            //            // balance:
+            //            'current_balance'                => $balance,
+            //            'native_current_balance'         => $nativeBalance,
+            //            'current_balance_date'           => $this->getDate()->endOfDay()->toAtomString(),
+            //
+            //            // balance difference
+            //            'balance_difference'             => $balanceDiff,
+            //            'native_balance_difference'      => $nativeBalanceDiff,
+            //            'balance_difference_start'       => $diffStart,
+            //            'balance_difference_end'         => $diffEnd,
+            //
+            //            // more meta
+            //            'last_activity'                  => array_key_exists($id, $this->lastActivity) ? $this->lastActivity[$id]->toAtomString() : null,
+            //
+            //            // liability stuff
+            //            'liability_type'                 => $liabilityType,
+            //            'liability_direction'            => $liabilityDirection,
+            //            'interest'                       => $interest,
+            //            'interest_period'                => $interestPeriod,
+            //            'current_debt'                   => $currentDebt,
+            //
+            //            // object group
+            //            'object_group_id'                => null !== $objectGroupId ? (string) $objectGroupId : null,
+            //            'object_group_order'             => $objectGroupOrder,
+            //            'object_group_title'             => $objectGroupTitle,
+            //            'notes'                   => $this->repository->getNoteText($account),
+            //            'monthly_payment_date'    => $monthlyPaymentDate,
+            //            'credit_card_type'        => $creditCardType,
+            //            'bic'                     => $this->repository->getMetaValue($account, 'BIC'),
+            //            'virtual_balance'         => number_format((float) $account->virtual_balance, $decimalPlaces, '.', ''),
+            //            'opening_balance'         => $openingBalance,
+            //            'opening_balance_date'    => $openingBalanceDate,
+            //            'include_net_worth'       => $includeNetWorth,
+            //            'longitude'               => $longitude,
+            //            'latitude'                => $latitude,
+            //            'zoom_level'              => $zoomLevel,
+        ];
+    }
+
+    /**
+     * Get the resource's relationships.
+     *
+     * @param null|Request $request
+     */
+    public function relationships($request): iterable
+    {
+        return [
+            $this->relation('user')->withData($this->resource->user),
+            $this->relation('account_balances')->withData($this->resource->balances),
+        ];
+    }
+}

app/JsonApi/V3/Accounts/AccountSchema.php

@@ -0,0 +1,64 @@
+<?php
+
+declare(strict_types=1);
+
+namespace FireflyIII\JsonApi\V3\Accounts;
+
+use FireflyIII\Models\Account;
+use LaravelJsonApi\Eloquent\Contracts\Paginator;
+use LaravelJsonApi\Eloquent\Fields\Boolean;
+use LaravelJsonApi\Eloquent\Fields\DateTime;
+use LaravelJsonApi\Eloquent\Fields\ID;
+use LaravelJsonApi\Eloquent\Fields\Number;
+use LaravelJsonApi\Eloquent\Fields\Relations\HasMany;
+use LaravelJsonApi\Eloquent\Fields\Relations\HasOne;
+use LaravelJsonApi\Eloquent\Fields\Str;
+use LaravelJsonApi\Eloquent\Filters\WhereIdIn;
+use LaravelJsonApi\Eloquent\Pagination\PagePagination;
+use LaravelJsonApi\Eloquent\Schema;
+
+class AccountSchema extends Schema
+{
+    /**
+     * The model the schema corresponds to.
+     */
+    public static string $model = Account::class;
+
+    /**
+     * Get the resource fields.
+     */
+    public function fields(): array
+    {
+        return [
+            ID::make(),
+            DateTime::make('created_at')->sortable()->readOnly(),
+            DateTime::make('updated_at')->sortable()->readOnly(),
+            Str::make('name')->sortable(),
+            Str::make('account_type'),
+            Str::make('virtual_balance'),
+            Str::make('iban'),
+            Boolean::make('active'),
+            Number::make('order'),
+            HasOne::make('user'),
+            HasMany::make('account_balances'),
+        ];
+    }
+
+    /**
+     * Get the resource filters.
+     */
+    public function filters(): array
+    {
+        return [
+            WhereIdIn::make($this),
+        ];
+    }
+
+    /**
+     * Get the resource paginator.
+     */
+    public function pagination(): ?Paginator
+    {
+        return PagePagination::make();
+    }
+}

app/JsonApi/V3/Accounts/Capabilities/AccountQuery.php

@@ -0,0 +1,73 @@
+<?php
+/*
+ * AccountQuery.php
+ * Copyright (c) 2024 james@firefly-iii.org.
+ *
+ * This file is part of Firefly III (https://github.com/firefly-iii).
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see https://www.gnu.org/licenses/.
+ */
+
+declare(strict_types=1);
+
+namespace FireflyIII\JsonApi\V3\Accounts\Capabilities;
+
+use FireflyIII\Support\JsonApi\Concerns\UsergroupAware;
+use FireflyIII\Support\JsonApi\Enrichments\AccountEnrichment;
+use FireflyIII\Support\JsonApi\ExpandsQuery;
+use FireflyIII\Support\JsonApi\FiltersPagination;
+use FireflyIII\Support\JsonApi\SortsCollection;
+use FireflyIII\Support\JsonApi\ValidateSortParameters;
+use LaravelJsonApi\Contracts\Store\HasPagination;
+use LaravelJsonApi\NonEloquent\Capabilities\QueryAll;
+use LaravelJsonApi\NonEloquent\Concerns\PaginatesEnumerables;
+
+class AccountQuery extends QueryAll implements HasPagination
+{
+    use ExpandsQuery;
+    use FiltersPagination;
+    use PaginatesEnumerables;
+    use SortsCollection;
+    use UsergroupAware;
+    use ValidateSortParameters;
+
+    #[\Override]
+    public function get(): iterable
+    {
+        $filters    = $this->queryParameters->filter();
+        $sort       = $this->queryParameters->sortFields();
+        $pagination = $this->filtersPagination($this->queryParameters->page());
+        $needsAll   = $this->validateParams('account', $sort);
+        $query      = $this->userGroup->accounts();
+
+        if (!$needsAll) {
+            $query = $this->addPagination($query, $pagination);
+        }
+        $query      = $this->addSortParams($query, $sort);
+        $query      = $this->addFilterParams('account', $query, $filters);
+
+        $collection = $query->get(['accounts.*']);
+
+        // enrich data
+        $enrichment = new AccountEnrichment();
+        $collection = $enrichment->enrich($collection);
+
+        // add filters after the query
+
+        // add sort after the query
+        return $this->sortCollection($collection, $sort);
+        //        var_dump($filters->value('name'));
+        //        exit;
+    }
+}

app/JsonApi/V3/Server.php

@@ -0,0 +1,38 @@
+<?php
+
+declare(strict_types=1);
+
+namespace FireflyIII\JsonApi\V3;
+
+use FireflyIII\JsonApi\V3\Accounts\AccountSchema;
+use FireflyIII\JsonApi\V3\AccountBalances\AccountBalanceSchema;
+use FireflyIII\JsonApi\V3\Users\UserSchema;
+use LaravelJsonApi\Core\Server\Server as BaseServer;
+
+class Server extends BaseServer
+{
+    /**
+     * The base URI namespace for this server.
+     */
+    protected string $baseUri = '/api/v3';
+
+    /**
+     * Bootstrap the server when it is handling an HTTP request.
+     */
+    public function serving(): void
+    {
+        // no-op
+    }
+
+    /**
+     * Get the server's list of schemas.
+     */
+    protected function allSchemas(): array
+    {
+        return [
+            AccountSchema::class,
+            UserSchema::class,
+            AccountBalanceSchema::class,
+        ];
+    }
+}

app/JsonApi/V3/Users/UserResource.php

@@ -0,0 +1,41 @@
+<?php
+
+declare(strict_types=1);
+
+namespace FireflyIII\JsonApi\V3\Users;
+
+use FireflyIII\Models\User;
+use Illuminate\Http\Request;
+use LaravelJsonApi\Core\Resources\JsonApiResource;
+
+/**
+ * @property User $resource
+ */
+class UserResource extends JsonApiResource
+{
+    /**
+     * Get the resource's attributes.
+     *
+     * @param null|Request $request
+     */
+    public function attributes($request): iterable
+    {
+        return [
+            'created_at' => $this->resource->created_at,
+            'updated_at' => $this->resource->updated_at,
+            'email'      => $this->resource->email,
+        ];
+    }
+
+    /**
+     * Get the resource's relationships.
+     *
+     * @param null|Request $request
+     */
+    public function relationships($request): iterable
+    {
+        return [
+            // @TODO
+        ];
+    }
+}

app/JsonApi/V3/Users/UserSchema.php

@@ -0,0 +1,55 @@
+<?php
+
+declare(strict_types=1);
+
+namespace FireflyIII\JsonApi\V3\Users;
+
+use FireflyIII\User;
+use LaravelJsonApi\Eloquent\Contracts\Paginator;
+use LaravelJsonApi\Eloquent\Fields\DateTime;
+use LaravelJsonApi\Eloquent\Fields\ID;
+use LaravelJsonApi\Eloquent\Fields\Relations\HasMany;
+use LaravelJsonApi\Eloquent\Fields\Str;
+use LaravelJsonApi\Eloquent\Filters\WhereIdIn;
+use LaravelJsonApi\Eloquent\Pagination\PagePagination;
+use LaravelJsonApi\Eloquent\Schema;
+
+class UserSchema extends Schema
+{
+    /**
+     * The model the schema corresponds to.
+     */
+    public static string $model = User::class;
+
+    /**
+     * Get the resource fields.
+     */
+    public function fields(): array
+    {
+        return [
+            ID::make(),
+            DateTime::make('created_at')->sortable()->readOnly(),
+            DateTime::make('updated_at')->sortable()->readOnly(),
+            Str::make('email'),
+            HasMany::make('accounts'),
+        ];
+    }
+
+    /**
+     * Get the resource filters.
+     */
+    public function filters(): array
+    {
+        return [
+            WhereIdIn::make($this),
+        ];
+    }
+
+    /**
+     * Get the resource paginator.
+     */
+    public function pagination(): ?Paginator
+    {
+        return PagePagination::make();
+    }
+}

app/Models/Account.php

@@ -193,6 +193,11 @@ class Account extends Model
         return $this->hasMany(AccountMeta::class);
     }
 
+    public function accountBalances(): HasMany
+    {
+        return $this->hasMany(AccountBalance::class);
+    }
+
     public function getEditNameAttribute(): string
     {
         $name = $this->name;

app/Models/AccountBalance.php

@@ -0,0 +1,25 @@
+<?php
+
+declare(strict_types=1);
+
+namespace FireflyIII\Models;
+
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Database\Eloquent\Relations\BelongsTo;
+
+class AccountBalance extends Model
+{
+    use HasFactory;
+    protected $fillable = ['account_id', 'title', 'transaction_currency_id', 'balance'];
+
+    public function account(): BelongsTo
+    {
+        return $this->belongsTo(Account::class);
+    }
+
+    public function transactionCurrency(): BelongsTo
+    {
+        return $this->belongsTo(TransactionCurrency::class);
+    }
+}

app/Models/UserGroup.php

@@ -98,7 +98,7 @@ class UserGroup extends Model
 {
     use ReturnsIntegerIdTrait;
 
-    protected $fillable = ['title', 'default_administration'];
+    protected $fillable = ['title'];
 
     /**
      * Route binder. Converts the key in the URL to the specified object (or throw 404).

app/Policies/AccountBalancePolicy.php

@@ -0,0 +1,48 @@
+<?php
+/*
+ * AccountPolicy.php
+ * Copyright (c) 2024 james@firefly-iii.org.
+ *
+ * This file is part of Firefly III (https://github.com/firefly-iii).
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see https://www.gnu.org/licenses/.
+ */
+
+declare(strict_types=1);
+
+namespace FireflyIII\Policies;
+
+use FireflyIII\Entities\AccountBalance;
+use FireflyIII\User;
+
+class AccountBalancePolicy
+{
+    /**
+     * TODO needs better authentication.
+     */
+    public function view(User $user, AccountBalance $accountBalance): bool
+    {
+        return true;
+    }
+
+    /**
+     * Everybody can do this, but selection should limit to user.
+     *
+     * @return true
+     */
+    public function viewAny(): bool
+    {
+        return true;
+    }
+}

app/Policies/AccountPolicy.php

@@ -0,0 +1,67 @@
+<?php
+/*
+ * AccountPolicy.php
+ * Copyright (c) 2024 james@firefly-iii.org.
+ *
+ * This file is part of Firefly III (https://github.com/firefly-iii).
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see https://www.gnu.org/licenses/.
+ */
+
+declare(strict_types=1);
+
+namespace FireflyIII\Policies;
+
+use FireflyIII\Models\Account;
+use FireflyIII\User;
+
+class AccountPolicy
+{
+    /**
+     * TODO needs better authentication.
+     */
+    public function view(User $user, Account $account): bool
+    {
+        return true;
+
+        return auth()->check() && $user->id === $account->user_id;
+    }
+
+    /**
+     * Everybody can do this, but selection should limit to user.
+     *
+     * @return true
+     */
+    public function viewAny(): bool
+    {
+        return true;
+
+        return auth()->check();
+    }
+
+    /**
+     * Everybody can do this, but selection should limit to user.
+     *
+     * @return true
+     */
+    public function viewUser(User $user, Account $account): bool
+    {
+        return $this->view($user, $account);
+    }
+
+    public function viewAccountBalances(User $user, Account $account): bool
+    {
+        return $this->view($user, $account);
+    }
+}

app/Policies/BalancePolicy.php

@@ -0,0 +1,48 @@
+<?php
+/*
+ * BalancePolicy.php
+ * Copyright (c) 2024 james@firefly-iii.org.
+ *
+ * This file is part of Firefly III (https://github.com/firefly-iii).
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see https://www.gnu.org/licenses/.
+ */
+
+declare(strict_types=1);
+
+namespace FireflyIII\Policies;
+
+use FireflyIII\Models\Account;
+use FireflyIII\User;
+
+class BalancePolicy
+{
+    /**
+     * TODO needs better authentication.
+     */
+    public function view(User $user, Account $account): bool
+    {
+        return auth()->check() && $user->id === $account->user_id;
+    }
+
+    /**
+     * Everybody can do this, but selection should limit to user.
+     *
+     * @return true
+     */
+    public function viewAny(): bool
+    {
+        return auth()->check();
+    }
+}

app/Policies/UserPolicy.php

@@ -0,0 +1,58 @@
+<?php
+/*
+ * UserPolicy.php
+ * Copyright (c) 2024 james@firefly-iii.org.
+ *
+ * This file is part of Firefly III (https://github.com/firefly-iii).
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see https://www.gnu.org/licenses/.
+ */
+
+declare(strict_types=1);
+
+namespace FireflyIII\Policies;
+
+use FireflyIII\User;
+
+class UserPolicy
+{
+    /**
+     * TODO needs better authentication.
+     */
+    public function view(User $user, User $user1): bool
+    {
+        return true;
+
+        return auth()->check() && $user->id === $account->user_id;
+    }
+
+    /**
+     * Everybody can do this, but selection should limit to user.
+     *
+     * @return true
+     */
+    public function viewAny(): bool
+    {
+        return true;
+
+        return auth()->check();
+    }
+
+    public function viewAccounts(User $user): bool
+    {
+        return true;
+
+        return auth()->check();
+    }
+}

app/Repositories/UserGroup/UserGroupRepository.php

@@ -295,4 +295,16 @@ class UserGroupRepository implements UserGroupRepositoryInterface
         $this->user->user_group_id = $userGroup->id;
         $this->user->save();
     }
+
+    #[\Override]
+    public function getMembershipsFromGroupId(int $groupId): Collection
+    {
+        return $this->user->groupMemberships()->where('user_group_id', $groupId)->get();
+    }
+
+    #[\Override]
+    public function getById(int $id): ?UserGroup
+    {
+        return UserGroup::find($id);
+    }
 }

app/Repositories/UserGroup/UserGroupRepositoryInterface.php

@@ -36,8 +36,12 @@ interface UserGroupRepositoryInterface
 {
     public function destroy(UserGroup $userGroup): void;
 
+    public function getMembershipsFromGroupId(int $groupId): Collection;
+
     public function get(): Collection;
 
+    public function getById(int $id): ?UserGroup;
+
     public function getAll(): Collection;
 
     public function setUser(null|Authenticatable|User $user): void;

app/Repositories/UserGroups/Account/AccountRepository.php

@@ -27,11 +27,14 @@ namespace FireflyIII\Repositories\UserGroups\Account;
 use FireflyIII\Models\Account;
 use FireflyIII\Models\AccountMeta;
 use FireflyIII\Models\AccountType;
+use FireflyIII\Models\ObjectGroup;
+use FireflyIII\Models\Transaction;
 use FireflyIII\Models\TransactionCurrency;
 use FireflyIII\Services\Internal\Update\AccountUpdateService;
 use FireflyIII\Support\Repositories\UserGroup\UserGroupTrait;
 use Illuminate\Database\Eloquent\Builder as EloquentBuilder;
 use Illuminate\Support\Collection;
+use Illuminate\Support\Facades\DB;
 
 /**
  * Class AccountRepository
@@ -121,7 +124,7 @@ class AccountRepository implements AccountRepositoryInterface
         if (!in_array($type, $list, true)) {
             return null;
         }
-        $currencyId = (int)$this->getMetaValue($account, 'currency_id');
+        $currencyId = (int) $this->getMetaValue($account, 'currency_id');
         if ($currencyId > 0) {
             return TransactionCurrency::find($currencyId);
         }
@@ -143,7 +146,7 @@ class AccountRepository implements AccountRepositoryInterface
             return null;
         }
         if (1 === $result->count()) {
-            return (string)$result->first()->data;
+            return (string) $result->first()->data;
         }
 
         return null;
@@ -228,7 +231,7 @@ class AccountRepository implements AccountRepositoryInterface
 
                     continue;
                 }
-                if ($index !== (int)$account->order) {
+                if ($index !== (int) $account->order) {
                     app('log')->debug(sprintf('Account #%d ("%s"): order should %d be but is %d.', $account->id, $account->name, $index, $account->order));
                     $account->order = $index;
                     $account->save();
@@ -238,7 +241,7 @@ class AccountRepository implements AccountRepositoryInterface
         }
     }
 
-    public function getAccountsByType(array $types, ?array $sort = []): Collection
+    public function getAccountsByType(array $types, ?array $sort = [], ?array $filters = []): Collection
     {
         $sortable        = ['name', 'active']; // TODO yes this is a duplicate array.
         $res             = array_intersect([AccountType::ASSET, AccountType::MORTGAGE, AccountType::LOAN, AccountType::DEBT], $types);
@@ -247,6 +250,22 @@ class AccountRepository implements AccountRepositoryInterface
             $query->accountTypeIn($types);
         }
 
+        // process filters
+        // TODO this should be repeatable, it feels like a hack when you do it here.
+        // TODO some fields cannot be filtered using the query, and a second filter must be applied on the collection.
+        foreach ($filters as $column => $value) {
+            // filter on NULL values
+            if (null === $value) {
+                continue;
+            }
+            if ('active' === $column) {
+                $query->where('accounts.active', $value);
+            }
+            if ('name' === $column) {
+                $query->where('accounts.name', 'LIKE', sprintf('%%%s%%', $value));
+            }
+        }
+
         // add sort parameters. At this point they're filtered to allowed fields to sort by:
         $hasActiveColumn = array_key_exists('active', $sort);
         if (count($sort) > 0) {
@@ -283,6 +302,7 @@ class AccountRepository implements AccountRepositoryInterface
         ;
         if ('' !== $query) {
             // split query on spaces just in case:
+            // TODO this will always fail because it searches for AND.
             $parts = explode(' ', $query);
             foreach ($parts as $part) {
                 $search = sprintf('%%%s%%', $part);
@@ -305,4 +325,70 @@ class AccountRepository implements AccountRepositoryInterface
 
         return $service->update($account, $data);
     }
+
+    #[\Override]
+    public function getMetaValues(Collection $accounts, array $fields): Collection
+    {
+        $query = AccountMeta::whereIn('account_id', $accounts->pluck('id')->toArray());
+        if (count($fields) > 0) {
+            $query->whereIn('name', $fields);
+        }
+
+        return $query->get(['account_meta.id', 'account_meta.account_id', 'account_meta.name', 'account_meta.data']);
+    }
+
+    #[\Override]
+    public function getAccountTypes(Collection $accounts): Collection
+    {
+        return AccountType::leftJoin('accounts', 'accounts.account_type_id', '=', 'account_types.id')
+            ->whereIn('accounts.id', $accounts->pluck('id')->toArray())
+            ->get(['accounts.id', 'account_types.type'])
+        ;
+    }
+
+    #[\Override]
+    public function getLastActivity(Collection $accounts): array
+    {
+        return Transaction::whereIn('account_id', $accounts->pluck('id')->toArray())
+            ->leftJoin('transaction_journals', 'transaction_journals.id', 'transactions.transaction_journal_id')
+            ->groupBy('transactions.account_id')
+            ->get(['transactions.account_id', DB::raw('MAX(transaction_journals.date) as date_max')])->toArray() // @phpstan-ignore-line
+        ;
+    }
+
+    #[\Override]
+    public function getObjectGroups(Collection $accounts): array
+    {
+        $groupIds = [];
+        $return   = [];
+        $set      = DB::table('object_groupables')->where('object_groupable_type', Account::class)
+            ->whereIn('object_groupable_id', $accounts->pluck('id')->toArray())->get()
+        ;
+
+        /** @var \stdClass $row */
+        foreach ($set as $row) {
+            $groupIds[] = $row->object_group_id;
+        }
+        $groupIds = array_unique($groupIds);
+        $groups   = ObjectGroup::whereIn('id', $groupIds)->get();
+
+        /** @var \stdClass $row */
+        foreach ($set as $row) {
+            if (!array_key_exists($row->object_groupable_id, $return)) {
+                /** @var null|ObjectGroup $group */
+                $group = $groups->firstWhere('id', '=', $row->object_group_id);
+                if (null !== $group) {
+                    $return[$row->object_groupable_id] = ['title' => $group->title, 'order' => $group->order, 'id' => $group->id];
+                }
+            }
+        }
+
+        return $return;
+    }
+
+    #[\Override]
+    public function getAccountBalances(Account $account): Collection
+    {
+        return $account->accountBalances;
+    }
 }

app/Repositories/UserGroups/Account/AccountRepositoryInterface.php

@@ -37,6 +37,12 @@ interface AccountRepositoryInterface
 {
     public function countAccounts(array $types): int;
 
+    public function getAccountTypes(Collection $accounts): Collection;
+
+    public function getLastActivity(Collection $accounts): array;
+
+    public function getMetaValues(Collection $accounts, array $fields): Collection;
+
     public function find(int $accountId): ?Account;
 
     public function findByAccountNumber(string $number, array $types): ?Account;
@@ -47,9 +53,11 @@ interface AccountRepositoryInterface
 
     public function getAccountCurrency(Account $account): ?TransactionCurrency;
 
+    public function getAccountBalances(Account $account): Collection;
+
     public function getAccountsById(array $accountIds): Collection;
 
-    public function getAccountsByType(array $types, ?array $sort = []): Collection;
+    public function getAccountsByType(array $types, ?array $sort = [], ?array $filters = []): Collection;
 
     /**
      * Used in the infinite accounts list.
@@ -63,6 +71,8 @@ interface AccountRepositoryInterface
      */
     public function getMetaValue(Account $account, string $field): ?string;
 
+    public function getObjectGroups(Collection $accounts): array;
+
     public function getUserGroup(): UserGroup;
 
     /**

app/Support/Authentication/RemoteUserProvider.php

@@ -80,9 +80,10 @@ class RemoteUserProvider implements UserProvider
                 $roleObject = Role::where('name', 'owner')->first();
                 $user->roles()->attach($roleObject);
             }
-            // make sure the user gets an administration as well.
-            CreateGroupMemberships::createGroupMembership($user);
         }
+        // make sure the user gets an administration as well.
+        CreateGroupMemberships::createGroupMembership($user);
+
         app('log')->debug(sprintf('Going to return user #%d (%s)', $user->id, $user->email));
 
         return $user;

app/Support/Http/Api/ValidatesUserGroupTrait.php

@@ -24,12 +24,13 @@ declare(strict_types=1);
 namespace FireflyIII\Support\Http\Api;
 
 use FireflyIII\Enums\UserRoleEnum;
-use FireflyIII\Models\GroupMembership;
 use FireflyIII\Models\UserGroup;
+use FireflyIII\Repositories\UserGroup\UserGroupRepositoryInterface;
 use FireflyIII\User;
 use Illuminate\Auth\Access\AuthorizationException;
 use Illuminate\Auth\AuthenticationException;
 use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Log;
 
 /**
  * Trait ValidatesUserGroupTrait
@@ -42,63 +43,64 @@ trait ValidatesUserGroupTrait
      */
     protected function validateUserGroup(Request $request): UserGroup
     {
-        app('log')->debug(sprintf('validateUserGroup: %s', static::class));
+        Log::debug(sprintf('validateUserGroup: %s', static::class));
         if (!auth()->check()) {
-            app('log')->debug('validateUserGroup: user is not logged in, return NULL.');
+            Log::debug('validateUserGroup: user is not logged in, return NULL.');
 
             throw new AuthenticationException();
         }
 
         /** @var User $user */
-        $user       = auth()->user();
-        $groupId    = 0;
+        $user        = auth()->user();
+        $groupId     = 0;
         if (!$request->has('user_group_id')) {
             $groupId = $user->user_group_id;
-            app('log')->debug(sprintf('validateUserGroup: no user group submitted, use default group #%d.', $groupId));
+            Log::debug(sprintf('validateUserGroup: no user group submitted, use default group #%d.', $groupId));
         }
         if ($request->has('user_group_id')) {
-            $groupId = (int)$request->get('user_group_id');
-            app('log')->debug(sprintf('validateUserGroup: user group submitted, search for memberships in group #%d.', $groupId));
+            $groupId = (int) $request->get('user_group_id');
+            Log::debug(sprintf('validateUserGroup: user group submitted, search for memberships in group #%d.', $groupId));
         }
 
-        /** @var null|GroupMembership $membership */
-        $membership = $user->groupMemberships()->where('user_group_id', $groupId)->first();
+        /** @var UserGroupRepositoryInterface $repository */
+        $repository  = app(UserGroupRepositoryInterface::class);
+        $repository->setUser($user);
+        $memberships = $repository->getMembershipsFromGroupId($groupId);
 
-        if (null === $membership) {
-            app('log')->debug(sprintf('validateUserGroup: user has no access to group #%d.', $groupId));
+        if (0 === $memberships->count()) {
+            Log::debug(sprintf('validateUserGroup: user has no access to group #%d.', $groupId));
 
-            throw new AuthorizationException((string)trans('validation.no_access_group'));
+            throw new AuthorizationException((string) trans('validation.no_access_group'));
         }
 
         // need to get the group from the membership:
-        /** @var null|UserGroup $group */
-        $group      = $membership->userGroup;
+        $group       = $repository->getById($groupId);
         if (null === $group) {
-            app('log')->debug(sprintf('validateUserGroup: group #%d does not exist.', $groupId));
+            Log::debug(sprintf('validateUserGroup: group #%d does not exist.', $groupId));
 
-            throw new AuthorizationException((string)trans('validation.belongs_user_or_user_group'));
+            throw new AuthorizationException((string) trans('validation.belongs_user_or_user_group'));
         }
-        app('log')->debug(sprintf('validateUserGroup: validate access of user to group #%d ("%s").', $groupId, $group->title));
-        $roles      = property_exists($this, 'acceptedRoles') ? $this->acceptedRoles : [];
+        Log::debug(sprintf('validateUserGroup: validate access of user to group #%d ("%s").', $groupId, $group->title));
+        $roles       = property_exists($this, 'acceptedRoles') ? $this->acceptedRoles : []; // @phpstan-ignore-line
         if (0 === count($roles)) {
-            app('log')->debug('validateUserGroup: no roles defined, so no access.');
+            Log::debug('validateUserGroup: no roles defined, so no access.');
 
-            throw new AuthorizationException((string)trans('validation.no_accepted_roles_defined'));
+            throw new AuthorizationException((string) trans('validation.no_accepted_roles_defined'));
         }
-        app('log')->debug(sprintf('validateUserGroup: have %d roles to check.', count($roles)), $roles);
+        Log::debug(sprintf('validateUserGroup: have %d roles to check.', count($roles)), $roles);
 
         /** @var UserRoleEnum $role */
         foreach ($roles as $role) {
             if ($user->hasRoleInGroupOrOwner($group, $role)) {
-                app('log')->debug(sprintf('validateUserGroup: User has role "%s" in group #%d, return the group.', $role->value, $groupId));
+                Log::debug(sprintf('validateUserGroup: User has role "%s" in group #%d, return the group.', $role->value, $groupId));
 
                 return $group;
             }
-            app('log')->debug(sprintf('validateUserGroup: User does NOT have role "%s" in group #%d, continue searching.', $role->value, $groupId));
+            Log::debug(sprintf('validateUserGroup: User does NOT have role "%s" in group #%d, continue searching.', $role->value, $groupId));
         }
 
-        app('log')->debug('validateUserGroup: User does NOT have enough rights to access endpoint.');
+        Log::debug('validateUserGroup: User does NOT have enough rights to access endpoint.');
 
-        throw new AuthorizationException((string)trans('validation.belongs_user_or_user_group'));
+        throw new AuthorizationException((string) trans('validation.belongs_user_or_user_group'));
     }
 }

app/Support/JsonApi/Concerns/UsergroupAware.php

@@ -0,0 +1,48 @@
+<?php
+/*
+ * UsergroupAware.php
+ * Copyright (c) 2024 james@firefly-iii.org.
+ *
+ * This file is part of Firefly III (https://github.com/firefly-iii).
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see https://www.gnu.org/licenses/.
+ */
+
+declare(strict_types=1);
+
+namespace FireflyIII\Support\JsonApi\Concerns;
+
+use FireflyIII\Models\UserGroup;
+
+trait UsergroupAware
+{
+    protected UserGroup $userGroup;
+
+    public function getUserGroup(): UserGroup
+    {
+        return $this->userGroup;
+    }
+
+    public function setUserGroup(UserGroup $userGroup): void
+    {
+        $this->userGroup = $userGroup;
+    }
+
+    public function withUserGroup(UserGroup $userGroup): self
+    {
+        $this->userGroup = $userGroup;
+
+        return $this;
+    }
+}

app/Support/JsonApi/Enrichments/AccountEnrichment.php

@@ -0,0 +1,149 @@
+<?php
+/*
+ * AccountEnricher.php
+ * Copyright (c) 2024 james@firefly-iii.org.
+ *
+ * This file is part of Firefly III (https://github.com/firefly-iii).
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see https://www.gnu.org/licenses/.
+ */
+
+declare(strict_types=1);
+
+namespace FireflyIII\Support\JsonApi\Enrichments;
+
+use Carbon\Carbon;
+use FireflyIII\Exceptions\FireflyException;
+use FireflyIII\Models\Account;
+use FireflyIII\Models\AccountType;
+use FireflyIII\Repositories\UserGroups\Account\AccountRepositoryInterface;
+use FireflyIII\Repositories\UserGroups\Currency\CurrencyRepositoryInterface;
+use Illuminate\Support\Collection;
+use Illuminate\Support\Facades\Log;
+
+class AccountEnrichment implements EnrichmentInterface
+{
+    private Collection $collection;
+    private array      $currencies;
+
+    #[\Override]
+    public function enrich(Collection $collection): Collection
+    {
+        $this->collection = $collection;
+        $this->currencies = [];
+        // do everything here:
+        $this->getLastActivity();
+        // $this->getMetaBalances();
+        $this->collectAccountTypes();
+        $this->collectMetaData();
+
+        $this->collection->transform(function (Account $account) {
+            $account->user_array = ['id' => 1, 'bla bla' => 'bla'];
+            $account->balances   = collect([
+                ['balance_id' => 1, 'balance' => 5],
+                ['balance_id' => 2, 'balance' => 5],
+                ['balance_id' => 3, 'balance' => 5],
+            ]);
+
+            return $account;
+        });
+
+        return $this->collection;
+    }
+
+    /**
+     * TODO this method refers to a single-use method inside Steam that could be moved here.
+     */
+    private function getLastActivity(): void
+    {
+        /** @var AccountRepositoryInterface $accountRepository */
+        $accountRepository = app(AccountRepositoryInterface::class);
+        $lastActivity      = $accountRepository->getLastActivity($this->collection);
+        foreach ($lastActivity as $row) {
+            $this->collection->where('id', $row['account_id'])->first()->last_activity = Carbon::parse($row['date_max'], config('app.timezone'));
+        }
+    }
+
+    /**
+     * TODO this method refers to a single-use method inside Steam that could be moved here.
+     */
+    private function getMetaBalances(): void
+    {
+        try {
+            $array = app('steam')->balancesByAccountsConverted($this->collection, today());
+        } catch (FireflyException $e) {
+            Log::error(sprintf('Could not load balances: %s', $e->getMessage()));
+
+            return;
+        }
+        foreach ($array as $accountId => $row) {
+            $this->collection->where('id', $accountId)->first()->balance        = $row['balance'];
+            $this->collection->where('id', $accountId)->first()->native_balance = $row['native_balance'];
+        }
+    }
+
+    /**
+     * TODO this method refers to a single-use method inside Steam that could be moved here.
+     */
+    private function collectAccountTypes(): void
+    {
+        /** @var AccountRepositoryInterface $accountRepository */
+        $accountRepository = app(AccountRepositoryInterface::class);
+        $accountTypes      = $accountRepository->getAccountTypes($this->collection);
+        $types             = [];
+
+        /** @var AccountType $row */
+        foreach ($accountTypes as $row) {
+            $types[$row->id] = $row->type;
+        }
+        $this->collection->transform(function (Account $account) use ($types) {
+            $account->type = $types[$account->id];
+
+            return $account;
+        });
+    }
+
+    private function collectMetaData(): void
+    {
+        /** @var AccountRepositoryInterface $accountRepository */
+        $accountRepository = app(AccountRepositoryInterface::class);
+
+        /** @var CurrencyRepositoryInterface $repository */
+        $repository        = app(CurrencyRepositoryInterface::class);
+
+        $metaFields        = $accountRepository->getMetaValues($this->collection, ['currency_id', 'account_role', 'account_number', 'liability_direction', 'interest', 'interest_period', 'current_debt']);
+        $currencyIds       = $metaFields->where('name', 'currency_id')->pluck('data')->toArray();
+
+        $currencies        = [];
+        foreach ($repository->getByIds($currencyIds) as $currency) {
+            $id              = $currency->id;
+            $currencies[$id] = $currency;
+        }
+
+        $this->collection->transform(function (Account $account) use ($metaFields, $currencies) {
+            $set = $metaFields->where('account_id', $account->id);
+            foreach ($set as $entry) {
+                $account->{$entry->name} = $entry->data;
+                if ('currency_id' === $entry->name) {
+                    $id                               = (int) $entry->data;
+                    $account->currency_code           = $currencies[$id]?->code;
+                    $account->currency_symbol         = $currencies[$id]?->symbol;
+                    $account->currency_decimal_places = $currencies[$id]?->decimal_places;
+                }
+            }
+
+            return $account;
+        });
+    }
+}

app/Support/JsonApi/Enrichments/EnrichmentInterface.php

@@ -0,0 +1,31 @@
+<?php
+/*
+ * EnricherInterface.php
+ * Copyright (c) 2024 james@firefly-iii.org.
+ *
+ * This file is part of Firefly III (https://github.com/firefly-iii).
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see https://www.gnu.org/licenses/.
+ */
+
+declare(strict_types=1);
+
+namespace FireflyIII\Support\JsonApi\Enrichments;
+
+use Illuminate\Support\Collection;
+
+interface EnrichmentInterface
+{
+    public function enrich(Collection $collection): Collection;
+}

app/Support/JsonApi/ExpandsQuery.php

@@ -0,0 +1,85 @@
+<?php
+/*
+ * ExpandsQuery.php
+ * Copyright (c) 2024 james@firefly-iii.org.
+ *
+ * This file is part of Firefly III (https://github.com/firefly-iii).
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see https://www.gnu.org/licenses/.
+ */
+
+declare(strict_types=1);
+
+namespace FireflyIII\Support\JsonApi;
+
+use FireflyIII\Support\Http\Api\AccountFilter;
+use Illuminate\Contracts\Database\Eloquent\Builder;
+use LaravelJsonApi\Core\Query\FilterParameters;
+use LaravelJsonApi\Core\Query\SortFields;
+
+trait ExpandsQuery
+{
+    use AccountFilter;
+
+    final protected function addPagination(Builder $query, array $pagination): Builder
+    {
+        $skip = ($pagination['number'] - 1) * $pagination['size'];
+
+        return $query->skip($skip)->take($pagination['size']);
+    }
+
+    final protected function addSortParams(Builder $query, ?SortFields $sort): Builder
+    {
+        if (null === $sort) {
+            return $query;
+        }
+        foreach ($sort->all() as $sortField) {
+            $query->orderBy($sortField->name(), $sortField->isAscending() ? 'ASC' : 'DESC');
+        }
+
+        return $query;
+    }
+
+    final protected function addFilterParams(string $class, Builder $query, ?FilterParameters $filters): Builder
+    {
+        if (null === $filters) {
+            return $query;
+        }
+        $config      = config(sprintf('firefly.valid_query_filters.%s', $class)) ?? [];
+        if (0 === count($filters->all())) {
+            return $query;
+        }
+        $query->where(function (Builder $q) use ($config, $filters): void {
+            foreach ($filters->all() as $filter) {
+                if (in_array($filter->key(), $config, true)) {
+                    foreach ($filter->value() as $value) {
+                        $q->where($filter->key(), 'LIKE', sprintf('%%%s%%', $value));
+                    }
+                }
+            }
+        });
+
+        // some filters are special, i.e. the account type filter.
+        $typeFilters = $filters->value('type', false);
+        if (false !== $typeFilters && count($typeFilters) > 0) {
+            $query->leftJoin('account_types', 'accounts.account_type_id', '=', 'account_types.id');
+            foreach ($typeFilters as $typeFilter) {
+                $types = $this->mapAccountTypes($typeFilter);
+                $query->whereIn('account_types.type', $types);
+            }
+        }
+
+        return $query;
+    }
+}

app/Support/JsonApi/FiltersPagination.php

@@ -0,0 +1,55 @@
+<?php
+/*
+ * FiltersPagination.php
+ * Copyright (c) 2024 james@firefly-iii.org.
+ *
+ * This file is part of Firefly III (https://github.com/firefly-iii).
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see https://www.gnu.org/licenses/.
+ */
+
+declare(strict_types=1);
+
+namespace FireflyIII\Support\JsonApi;
+
+trait FiltersPagination
+{
+    protected function filtersPagination(?array $pagination): array
+    {
+        if (null === $pagination) {
+            return [
+                'number' => 1,
+                'size'   => $this->getPageSize(),
+            ];
+        }
+        // cleanup page number
+        $pagination['number'] = (int) ($pagination['number'] ?? 1);
+        $pagination['number'] = min(65536, max($pagination['number'], 1));
+
+        // clean up page size
+        $pagination['size']   = (int) ($pagination['size'] ?? $this->getPageSize());
+        $pagination['size']   = min(1337, max($pagination['size'], 1));
+
+        return $pagination;
+    }
+
+    private function getPageSize(): int
+    {
+        if (auth()->check()) {
+            return (int) app('preferences')->get('listPageSize', 50)->data;
+        }
+
+        return 50;
+    }
+}

app/Support/JsonApi/SortsCollection.php

@@ -0,0 +1,42 @@
+<?php
+/*
+ * SortsCollection.php
+ * Copyright (c) 2024 james@firefly-iii.org.
+ *
+ * This file is part of Firefly III (https://github.com/firefly-iii).
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see https://www.gnu.org/licenses/.
+ */
+
+declare(strict_types=1);
+
+namespace FireflyIII\Support\JsonApi;
+
+use Illuminate\Support\Collection;
+use LaravelJsonApi\Core\Query\SortFields;
+
+trait SortsCollection
+{
+    protected function sortCollection(Collection $collection, ?SortFields $sortFields): Collection
+    {
+        if (null === $sortFields) {
+            return $collection;
+        }
+        foreach ($sortFields->all() as $sortField) {
+            $collection = $sortField->isAscending() ? $collection->sortBy($sortField->name()) : $collection->sortByDesc($sortField->name());
+        }
+
+        return $collection;
+    }
+}

app/Support/JsonApi/ValidateSortParameters.php

@@ -0,0 +1,46 @@
+<?php
+/*
+ * ValidateSortParameters.php
+ * Copyright (c) 2024 james@firefly-iii.org.
+ *
+ * This file is part of Firefly III (https://github.com/firefly-iii).
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see https://www.gnu.org/licenses/.
+ */
+
+declare(strict_types=1);
+
+namespace FireflyIII\Support\JsonApi;
+
+use LaravelJsonApi\Core\Query\SortFields;
+
+trait ValidateSortParameters
+{
+    public function validateParams(string $class, ?SortFields $params): bool
+    {
+        if (null === $params) {
+            return false;
+        }
+
+        $config = config(sprintf('firefly.full_data_set.%s', $class)) ?? [];
+
+        foreach ($params->all() as $field) {
+            if (in_array($field->name(), $config, true)) {
+                return true;
+            }
+        }
+
+        return false;
+    }
+}

app/Support/Models/AccountBalanceCalculator.php

@@ -0,0 +1,208 @@
+<?php
+/*
+ * AccountBalanceCalculator.php
+ * Copyright (c) 2024 james@firefly-iii.org.
+ *
+ * This file is part of Firefly III (https://github.com/firefly-iii).
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see https://www.gnu.org/licenses/.
+ */
+
+declare(strict_types=1);
+
+namespace FireflyIII\Support\Models;
+
+use FireflyIII\Models\Account;
+use FireflyIII\Models\AccountBalance;
+use FireflyIII\Models\Transaction;
+use FireflyIII\Models\TransactionJournal;
+use Illuminate\Support\Facades\Log;
+
+class AccountBalanceCalculator
+{
+    /**
+     * Recalculate all balances for a given account.
+     *
+     * Je moet toch altijd wel alles doen want je weet niet waar een transaction journal invloed op heeft.
+     * Dus dit aantikken per transaction journal is zinloos, beide accounts moeten gedaan worden.
+     */
+    public static function recalculateForAccount(Account $account): void
+    {
+        self::recalculate($account);
+    }
+
+    public static function recalculateForTransactionJournal(TransactionJournal $transactionJournal): void
+    {
+        foreach ($transactionJournal->transactions as $transaction) {
+            self::recalculateForAccount($transaction->account);
+        }
+    }
+
+    /**
+     * select account_id, transaction_currency_id, foreign_currency_id, sum(amount), sum(foreign_amount) from
+     * transactions group by account_id, transaction_currency_id, foreign_currency_id
+     */
+    public static function recalculate(?Account $account): void
+    {
+        self::recalculateLatest($account);
+        // loop all transaction journals and set those amounts too.
+        self::recalculateJournals($account);
+
+        // loop all dates and set those amounts too.
+    }
+
+    private static function getAccountBalanceByAccount(int $account, int $currency): AccountBalance
+    {
+        $query                          = AccountBalance::where('title', 'balance')->where('account_id', $account)->where('transaction_currency_id', $currency);
+
+        $entry                          = $query->first();
+        if (null !== $entry) {
+            // Log::debug(sprintf('Found account balance "balance" for account #%d and currency #%d: %s', $account, $currency, $entry->balance));
+
+            return $entry;
+        }
+        $entry                          = new AccountBalance();
+        $entry->title                   = 'balance';
+        $entry->account_id              = $account;
+        $entry->transaction_currency_id = $currency;
+        $entry->balance                 = '0';
+        $entry->save();
+        // Log::debug(sprintf('Created new account balance for account #%d and currency #%d: %s', $account, $currency, $entry->balance));
+
+        return $entry;
+    }
+
+    private static function getAccountBalanceByJournal(string $title, int $account, int $journal, int $currency): AccountBalance
+    {
+        $query                          = AccountBalance::where('title', $title)->where('account_id', $account)->where('transaction_journal_id', $journal)->where('transaction_currency_id', $currency);
+
+        $entry                          = $query->first();
+        if (null !== $entry) {
+            return $entry;
+        }
+        $entry                          = new AccountBalance();
+        $entry->title                   = $title;
+        $entry->account_id              = $account;
+        $entry->transaction_journal_id  = $journal;
+        $entry->transaction_currency_id = $currency;
+        $entry->balance                 = '0';
+        $entry->save();
+
+        return $entry;
+    }
+
+    private static function recalculateLatest(?Account $account): void
+    {
+        $query  = Transaction::groupBy(['transactions.account_id', 'transactions.transaction_currency_id', 'transactions.foreign_currency_id']);
+
+        if (null !== $account) {
+            $query->where('transactions.account_id', $account->id);
+        }
+        $result = $query->get(['transactions.account_id', 'transactions.transaction_currency_id', 'transactions.foreign_currency_id', \DB::raw('SUM(transactions.amount) as sum_amount'), \DB::raw('SUM(transactions.foreign_amount) as sum_foreign_amount')]);
+
+        // reset account balances:
+        self::resetAccountBalancesByAccount('balance', $account);
+
+        /** @var \stdClass $row */
+        foreach ($result as $row) {
+            $account             = (int) $row->account_id;
+            $transactionCurrency = (int) $row->transaction_currency_id;
+            $foreignCurrency     = (int) $row->foreign_currency_id;
+            $sumAmount           = $row->sum_amount;
+            $sumForeignAmount    = $row->sum_foreign_amount;
+
+            // first create for normal currency:
+            $entry               = self::getAccountBalanceByAccount($account, $transactionCurrency);
+            $entry->balance      = bcadd($entry->balance, $sumAmount);
+            $entry->save();
+            //            Log::debug(sprintf('Set balance entry  #%d ("balance") to amount %s', $entry->id, $entry->balance));
+
+            // then do foreign amount, if present:
+            if ($foreignCurrency > 0) {
+                $entry          = self::getAccountBalanceByAccount($account, $foreignCurrency);
+                $entry->balance = bcadd($entry->balance, $sumForeignAmount);
+                $entry->save();
+                //                Log::debug(sprintf('Set balance entry  #%d ("balance") to amount %s', $entry->id, $entry->balance));
+            }
+        }
+    }
+
+    private static function resetAccountBalancesByAccount(string $title, ?Account $account): void
+    {
+        if (null === $account) {
+            AccountBalance::whereNotNull('updated_at')->where('title', $title)->update(['balance' => '0']);
+            Log::debug('Set ALL balances to zero.');
+
+            return;
+        }
+        AccountBalance::where('account_id', $account->id)->where('title', $title)->update(['balance' => '0']);
+        Log::debug(sprintf('Set balances of account #%d to zero.', $account->id));
+    }
+
+    public static function recalculateByJournal(TransactionJournal $transactionJournal): void
+    {
+        Log::debug(sprintf('Recalculate balance after journal #%d', $transactionJournal->id));
+        // update both account balances, but limit to this transaction or earlier.
+        foreach ($transactionJournal->transactions as $transaction) {
+            self::recalculate($transaction->account, $transactionJournal);
+        }
+    }
+
+    private static function recalculateJournals(?Account $account): void
+    {
+        $query   = Transaction::groupBy(['transactions.account_id', 'transaction_journals.id', 'transactions.transaction_currency_id', 'transactions.foreign_currency_id']);
+        $query->leftJoin('transaction_journals', 'transaction_journals.id', '=', 'transactions.transaction_journal_id');
+        $query->orderBy('transaction_journals.date', 'asc');
+        if (null !== $account) {
+            $query->where('transactions.account_id', $account->id);
+        }
+        $result  = $query->get(['transactions.account_id', 'transaction_journals.id', 'transactions.transaction_currency_id', 'transactions.foreign_currency_id', \DB::raw('SUM(transactions.amount) as sum_amount'), \DB::raw('SUM(transactions.foreign_amount) as sum_foreign_amount')]);
+        $amounts = [];
+
+        /** @var \stdClass $row */
+        foreach ($result as $row) {
+            $account                                 = (int) $row->account_id;
+            $transactionCurrency                     = (int) $row->transaction_currency_id;
+            $foreignCurrency                         = (int) $row->foreign_currency_id;
+            $sumAmount                               = $row->sum_amount;
+            $sumForeignAmount                        = $row->sum_foreign_amount;
+            $journalId                               = (int) $row->id;
+
+            // new amounts:
+            $amounts[$account][$transactionCurrency] = bcadd($amounts[$account][$transactionCurrency] ?? '0', $sumAmount ?? '0');
+            $amounts[$account][$foreignCurrency]     = bcadd($amounts[$account][$foreignCurrency] ?? '0', $sumForeignAmount ?? '0');
+
+            // first create for normal currency:
+            $entry                                   = self::getAccountBalanceByJournal('balance_after_journal', $account, $journalId, $transactionCurrency);
+            $entry->balance                          = $amounts[$account][$transactionCurrency];
+            $entry->save();
+
+            // then do foreign amount, if present:
+            if ($foreignCurrency > 0) {
+                $entry          = self::getAccountBalanceByJournal('balance_after_journal', $account, $journalId, $foreignCurrency);
+                $entry->balance = $amounts[$account][$foreignCurrency];
+                $entry->save();
+            }
+        }
+
+        // select transactions.account_id, transaction_journals.id, transactions.transaction_currency_id, transactions.foreign_currency_id, sum(transactions.amount), sum(transactions.foreign_amount)
+        //
+        // from transactions
+        //
+        // left join transaction_journals ON transaction_journals.id = transactions.transaction_journal_id
+        //
+        // group by account_id, transaction_journals.id, transaction_currency_id, foreign_currency_id
+        // order by transaction_journals.date desc
+    }
+}

app/Support/Navigation.php

@@ -464,14 +464,15 @@ class Navigation
         $increment     = 'addDay';
         $format        = $this->preferredCarbonFormat($start, $end);
         $displayFormat = (string)trans('config.month_and_day_js', [], $locale);
+        $diff          = $start->diffInMonths($end, true);
         // increment by month (for year)
-        if ($start->diffInMonths($end, true) > 1) {
+        if ($diff >= 1.0001) {
             $increment     = 'addMonth';
             $displayFormat = (string)trans('config.month_js');
         }
 
         // increment by year (for multi-year)
-        if ($start->diffInMonths($end, true) > 12) {
+        if ($diff >= 12.0001) {
             $increment     = 'addYear';
             $displayFormat = (string)trans('config.year_js');
         }
@@ -494,11 +495,15 @@ class Navigation
     public function preferredCarbonFormat(Carbon $start, Carbon $end): string
     {
         $format = 'Y-m-d';
-        if ((int)$start->diffInMonths($end, true) > 1) {
+        $diff   = $start->diffInMonths($end, true);
+        Log::debug(sprintf('preferredCarbonFormat(%s, %s) = %f', $start->format('Y-m-d'), $end->format('Y-m-d'), $diff));
+        if ($diff >= 1.001) {
+            Log::debug(sprintf('Return Y-m because %s', $diff));
             $format = 'Y-m';
         }
 
-        if ((int)$start->diffInMonths($end, true) > 12) {
+        if ($diff >= 12.001) {
+            Log::debug(sprintf('Return Y because %s', $diff));
             $format = 'Y';
         }
 

app/Support/Preferences.php

@@ -44,6 +44,7 @@ class Preferences
         }
 
         return Preference::where('user_id', $user->id)
+            ->where('name', '!=', 'currencyPreference')
             ->where(function (Builder $q) use ($user): void {
                 $q->whereNull('user_group_id');
                 $q->orWhere('user_group_id', $user->user_group_id);

app/Support/Request/ConvertsDataTypes.php

@@ -159,9 +159,7 @@ trait ConvertsDataTypes
 
         if (method_exists($this, 'validateUserGroup')) { // @phpstan-ignore-line
             $userGroup = $this->validateUserGroup($this);
-            if (null !== $userGroup) {
-                $repository->setUserGroup($userGroup);
-            }
+            $repository->setUserGroup($userGroup);
         }
 
         // set administration ID

app/Support/Request/GetFilterInstructions.php

@@ -0,0 +1,77 @@
+<?php
+/*
+ * GetFilterInstructions.php
+ * Copyright (c) 2024 james@firefly-iii.org.
+ *
+ * This file is part of Firefly III (https://github.com/firefly-iii).
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see https://www.gnu.org/licenses/.
+ */
+
+declare(strict_types=1);
+
+namespace FireflyIII\Support\Request;
+
+trait GetFilterInstructions
+{
+    private const string INVALID_FILTER = '%INVALID_JAMES_%';
+
+    final public function getFilterInstructions(string $key): array
+    {
+        $config  = config(sprintf('firefly.filters.allowed.%s', $key));
+        $allowed = array_keys($config);
+        $set     = $this->get('filters', []);
+        $result  = [];
+        if (0 === count($set)) {
+            return [];
+        }
+        foreach ($set as $info) {
+            $column          = $info['column'] ?? 'NOPE';
+            $filterValue     = (string) ($info['filter'] ?? self::INVALID_FILTER);
+            if (false === in_array($column, $allowed, true)) {
+                // skip invalid column
+                continue;
+            }
+            $filterType      = $config[$column] ?? false;
+
+            switch ($filterType) {
+                default:
+                    exit(sprintf('Do not support filter type "%s"', $filterType));
+
+                case 'boolean':
+                    $filterValue = $this->booleanInstruction($filterValue);
+
+                    break;
+
+                case 'string':
+                    break;
+            }
+            $result[$column] = $filterValue;
+        }
+
+        return $result;
+    }
+
+    public function booleanInstruction(string $filterValue): ?bool
+    {
+        if ('true' === $filterValue) {
+            return true;
+        }
+        if ('false' === $filterValue) {
+            return false;
+        }
+
+        return null;
+    }
+}

app/Support/Search/OperatorQuerySearch.php

@@ -159,6 +159,10 @@ class OperatorQuerySearch implements SearchInterface
         foreach ($query1->getNodes() as $searchNode) {
             $this->handleSearchNode($searchNode);
         }
+
+        // add missing information
+        $this->collector->withBillInformation();
+
         $this->collector->setSearchWords($this->words);
         $this->collector->excludeSearchWords($this->prohibitedWords);
     }

app/Support/Twig/Translation.php

@@ -49,6 +49,7 @@ class Translation extends AbstractExtension
     {
         return [
             $this->journalLinkTranslation(),
+            $this->laravelTranslation(),
         ];
     }
 
@@ -68,4 +69,19 @@ class Translation extends AbstractExtension
             ['is_safe' => ['html']]
         );
     }
+
+    public function laravelTranslation(): TwigFunction
+    {
+        return new TwigFunction(
+            '__',
+            static function (string $key) {
+                $translation = trans($key);
+                if ($key === $translation) {
+                    return $key;
+                }
+
+                return $translation;
+            }
+        );
+    }
 }

app/Transformers/RuleTransformer.php

@@ -34,8 +34,7 @@ use FireflyIII\Repositories\Rule\RuleRepositoryInterface;
  */
 class RuleTransformer extends AbstractTransformer
 {
-    /** @var RuleRepositoryInterface */
-    private $ruleRepository;
+    private RuleRepositoryInterface $ruleRepository;
 
     /**
      * CurrencyTransformer constructor.
@@ -109,8 +108,16 @@ class RuleTransformer extends AbstractTransformer
             if ('user_action' === $ruleTrigger->trigger_type) {
                 continue;
             }
+            $triggerType  = (string) $ruleTrigger->trigger_type;
             $triggerValue = (string)$ruleTrigger->trigger_value;
-            $needsContext = config(sprintf('search.operators.%s.needs_context', $ruleTrigger->trigger_type), true);
+            $prohibited   = false;
+
+            if (str_starts_with($triggerType, '-')) {
+                $prohibited  = true;
+                $triggerType = substr($triggerType, 1);
+            }
+
+            $needsContext = config(sprintf('search.operators.%s.needs_context', $triggerType), true);
             if (false === $needsContext) {
                 $triggerValue = 'true';
             }
@@ -119,8 +126,9 @@ class RuleTransformer extends AbstractTransformer
                 'id'              => (string)$ruleTrigger->id,
                 'created_at'      => $ruleTrigger->created_at->toAtomString(),
                 'updated_at'      => $ruleTrigger->updated_at->toAtomString(),
-                'type'            => $ruleTrigger->trigger_type,
+                'type'            => $triggerType,
                 'value'           => $triggerValue,
+                'prohibited'      => $prohibited,
                 'order'           => $ruleTrigger->order,
                 'active'          => $ruleTrigger->active,
                 'stop_processing' => $ruleTrigger->stop_processing,

app/Transformers/V2/AccountTransformer.php

@@ -27,13 +27,12 @@ namespace FireflyIII\Transformers\V2;
 use Carbon\Carbon;
 use FireflyIII\Exceptions\FireflyException;
 use FireflyIII\Models\Account;
-use FireflyIII\Models\AccountMeta;
 use FireflyIII\Models\AccountType;
-use FireflyIII\Models\Transaction;
 use FireflyIII\Models\TransactionCurrency;
+use FireflyIII\Repositories\UserGroups\Account\AccountRepositoryInterface;
 use FireflyIII\Repositories\UserGroups\Currency\CurrencyRepositoryInterface;
 use Illuminate\Support\Collection;
-use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Log;
 
 /**
  * Class AccountTransformer
@@ -42,117 +41,64 @@ class AccountTransformer extends AbstractTransformer
 {
     private array               $accountMeta;
     private array               $accountTypes;
-    private array               $balances;
+    private array               $fullTypes;
+    private array               $balanceDifferences;
     private array               $convertedBalances;
     private array               $currencies;
     private TransactionCurrency $default;
     private array               $lastActivity;
+    private array               $objectGroups;
 
     /**
-     * @throws FireflyException
+     * This method collects meta-data for one or all accounts in the transformer's collection.
      */
     public function collectMetaData(Collection $objects): Collection
     {
-        // TODO separate methods
-        $this->currencies        = [];
-        $this->accountMeta       = [];
-        $this->accountTypes      = [];
-        $this->lastActivity      = [];
-        $this->balances          = app('steam')->balancesByAccounts($objects, $this->getDate());
-        $this->convertedBalances = app('steam')->balancesByAccountsConverted($objects, $this->getDate());
+        $this->currencies         = [];
+        $this->accountMeta        = [];
+        $this->accountTypes       = [];
+        $this->fullTypes          = [];
+        $this->lastActivity       = [];
+        $this->objectGroups       = [];
+        $this->convertedBalances  = [];
+        $this->balanceDifferences = [];
 
-        /** @var CurrencyRepositoryInterface $repository */
-        $repository              = app(CurrencyRepositoryInterface::class);
-        $this->default           = app('amount')->getDefaultCurrency();
+        Log::debug(sprintf('collectMetaData on %d object(s)', $objects->count()));
 
-        // get currencies:
-        $accountIds              = $objects->pluck('id')->toArray();
-        // TODO move query to repository
-        $meta                    = AccountMeta::whereIn('account_id', $accountIds)
-            ->whereIn('name', ['currency_id', 'account_role', 'account_number'])
-            ->get(['account_meta.id', 'account_meta.account_id', 'account_meta.name', 'account_meta.data'])
-        ;
-        $currencyIds             = $meta->where('name', 'currency_id')->pluck('data')->toArray();
+        // first collect all the "heavy" stuff that relies on ALL data to be present.
+        // get last activity:
+        $this->getLastActivity($objects);
+
+        // get balances of all accounts
+        $this->getMetaBalances($objects);
+
+        // get default currency:
+        $this->getDefaultCurrency();
+
+        // collect currency and other meta-data:
+        $this->collectAccountMetaData($objects);
 
-        $currencies              = $repository->getByIds($currencyIds);
-        foreach ($currencies as $currency) {
-            $id                    = $currency->id;
-            $this->currencies[$id] = $currency;
-        }
-        foreach ($meta as $entry) {
-            $id                                   = $entry->account_id;
-            $this->accountMeta[$id][$entry->name] = $entry->data;
-        }
         // get account types:
-        // select accounts.id, account_types.type from account_types left join accounts on accounts.account_type_id = account_types.id;
-        // TODO move query to repository
-        $accountTypes            = AccountType::leftJoin('accounts', 'accounts.account_type_id', '=', 'account_types.id')
-            ->whereIn('accounts.id', $accountIds)
-            ->get(['accounts.id', 'account_types.type'])
-        ;
+        $this->collectAccountTypes($objects);
 
-        /** @var AccountType $row */
-        foreach ($accountTypes as $row) {
-            $this->accountTypes[$row->id] = (string)config(sprintf('firefly.shortNamesByFullName.%s', $row->type));
+        // add balance difference
+        if (null !== $this->parameters->get('start') && null !== $this->parameters->get('end')) {
+            $this->getBalanceDifference($objects, $this->parameters->get('start'), $this->parameters->get('end'));
         }
 
-        // get last activity
-        // TODO move query to repository
-        $array                   = Transaction::whereIn('account_id', $accountIds)
-            ->leftJoin('transaction_journals', 'transaction_journals.id', 'transactions.transaction_journal_id')
-            ->groupBy('transactions.account_id')
-            ->get(['transactions.account_id', DB::raw('MAX(transaction_journals.date) as date_max')])->toArray() // @phpstan-ignore-line
-        ;
-        foreach ($array as $row) {
-            $this->lastActivity[(int)$row['account_id']] = Carbon::parse($row['date_max'], config('app.timezone'));
+        // get object groups
+        $this->getObjectGroups($objects);
+
+        // sort:
+        $objects                  = $this->sortAccounts($objects);
+
+        // if pagination is disabled, do it now:
+        if (true === $this->parameters->get('disablePagination')) {
+            $page    = (int) $this->parameters->get('page');
+            $size    = (int) $this->parameters->get('pageSize');
+            $objects = $objects->slice(($page - 1) * $size, $size);
         }
 
-        // TODO needs separate method.
-        /** @var null|array $sort */
-        $sort                    = $this->parameters->get('sort');
-        if (null !== $sort && count($sort) > 0) {
-            foreach ($sort as $column => $direction) {
-                // account_number + iban
-                if ('iban' === $column) {
-                    $meta    = $this->accountMeta;
-                    $objects = $objects->sort(function (Account $left, Account $right) use ($meta, $direction) {
-                        $leftIban  = trim(sprintf('%s%s', $left->iban, $meta[$left->id]['account_number'] ?? ''));
-                        $rightIban = trim(sprintf('%s%s', $right->iban, $meta[$right->id]['account_number'] ?? ''));
-                        if ('asc' === $direction) {
-                            return strcasecmp($leftIban, $rightIban);
-                        }
-
-                        return strcasecmp($rightIban, $leftIban);
-                    });
-                }
-                if ('balance' === $column) {
-                    $balances = $this->convertedBalances;
-                    $objects  = $objects->sort(function (Account $left, Account $right) use ($balances, $direction) {
-                        $leftBalance  = (float)($balances[$left->id]['native_balance'] ?? 0);
-                        $rightBalance = (float)($balances[$right->id]['native_balance'] ?? 0);
-                        if ('asc' === $direction) {
-                            return $leftBalance <=> $rightBalance;
-                        }
-
-                        return $rightBalance <=> $leftBalance;
-                    });
-                }
-                if ('last_activity' === $column) {
-                    $dates   = $this->lastActivity;
-                    $objects = $objects->sort(function (Account $left, Account $right) use ($dates, $direction) {
-                        $leftDate  = $dates[$left->id] ?? Carbon::create(1900, 1, 1, 0, 0, 0);
-                        $rightDate = $dates[$right->id] ?? Carbon::create(1900, 1, 1, 0, 0, 0);
-                        if ('asc' === $direction) {
-                            return $leftDate->gt($rightDate) ? 1 : -1;
-                        }
-
-                        return $rightDate->gt($leftDate) ? 1 : -1;
-                    });
-                }
-            }
-        }
-
-        // $objects = $objects->sortByDesc('name');
         return $objects;
     }
 
@@ -171,44 +117,68 @@ class AccountTransformer extends AbstractTransformer
      */
     public function transform(Account $account): array
     {
-        $id            = $account->id;
+        $id                 = $account->id;
 
         // various meta
-        $accountRole   = $this->accountMeta[$id]['account_role'] ?? null;
-        $accountType   = $this->accountTypes[$id];
-        $order         = $account->order;
+        $accountRole        = $this->accountMeta[$id]['account_role'] ?? null;
+        $accountType        = $this->accountTypes[$id];
+        $order              = $account->order;
+
+        // liability type
+        $liabilityType      = 'liabilities' === $accountType ? $this->fullTypes[$id] : null;
+        $liabilityDirection = $this->accountMeta[$id]['liability_direction'] ?? null;
+        $interest           = $this->accountMeta[$id]['interest'] ?? null;
+        $interestPeriod     = $this->accountMeta[$id]['interest_period'] ?? null;
+        $currentDebt        = $this->accountMeta[$id]['current_debt'] ?? null;
 
         // no currency? use default
-        $currency      = $this->default;
-        if (array_key_exists($id, $this->accountMeta) && 0 !== (int)($this->accountMeta[$id]['currency_id'] ?? 0)) {
-            $currency = $this->currencies[(int)$this->accountMeta[$id]['currency_id']];
+        $currency           = $this->default;
+        if (array_key_exists($id, $this->accountMeta) && 0 !== (int) ($this->accountMeta[$id]['currency_id'] ?? 0)) {
+            $currency = $this->currencies[(int) $this->accountMeta[$id]['currency_id']];
         }
         // amounts and calculation.
-        $balance       = $this->balances[$id] ?? null;
-        $nativeBalance = $this->convertedBalances[$id]['native_balance'] ?? null;
+        $balance            = $this->balances[$id]['balance'] ?? null;
+        $nativeBalance      = $this->convertedBalances[$id]['native_balance'] ?? null;
 
         // no order for some accounts:
         if (!in_array(strtolower($accountType), ['liability', 'liabilities', 'asset'], true)) {
             $order = null;
         }
 
+        // object group
+        $objectGroupId      = $this->objectGroups[$id]['id'] ?? null;
+        $objectGroupOrder   = $this->objectGroups[$id]['order'] ?? null;
+        $objectGroupTitle   = $this->objectGroups[$id]['title'] ?? null;
+
+        // balance difference
+        $diffStart          = null;
+        $diffEnd            = null;
+        $balanceDiff        = null;
+        $nativeBalanceDiff  = null;
+        if (null !== $this->parameters->get('start') && null !== $this->parameters->get('end')) {
+            $diffStart         = $this->parameters->get('start')->toAtomString();
+            $diffEnd           = $this->parameters->get('end')->toAtomString();
+            $balanceDiff       = $this->balanceDifferences[$id]['balance'] ?? null;
+            $nativeBalanceDiff = $this->balanceDifferences[$id]['native_balance'] ?? null;
+        }
+
         return [
-            'id'                             => (string)$account->id,
+            'id'                             => (string) $account->id,
             'created_at'                     => $account->created_at->toAtomString(),
             'updated_at'                     => $account->updated_at->toAtomString(),
             'active'                         => $account->active,
             'order'                          => $order,
             'name'                           => $account->name,
-            'iban'                           => '' === (string)$account->iban ? null : $account->iban,
+            'iban'                           => '' === (string) $account->iban ? null : $account->iban,
             'account_number'                 => $this->accountMeta[$id]['account_number'] ?? null,
             'type'                           => strtolower($accountType),
             'account_role'                   => $accountRole,
-            'currency_id'                    => (string)$currency->id,
+            'currency_id'                    => (string) $currency->id,
             'currency_code'                  => $currency->code,
             'currency_symbol'                => $currency->symbol,
             'currency_decimal_places'        => $currency->decimal_places,
 
-            'native_currency_id'             => (string)$this->default->id,
+            'native_currency_id'             => (string) $this->default->id,
             'native_currency_code'           => $this->default->code,
             'native_currency_symbol'         => $this->default->symbol,
             'native_currency_decimal_places' => $this->default->decimal_places,
@@ -218,22 +188,34 @@ class AccountTransformer extends AbstractTransformer
             'native_current_balance'         => $nativeBalance,
             'current_balance_date'           => $this->getDate()->endOfDay()->toAtomString(),
 
+            // balance difference
+            'balance_difference'             => $balanceDiff,
+            'native_balance_difference'      => $nativeBalanceDiff,
+            'balance_difference_start'       => $diffStart,
+            'balance_difference_end'         => $diffEnd,
+
             // more meta
             'last_activity'                  => array_key_exists($id, $this->lastActivity) ? $this->lastActivity[$id]->toAtomString() : null,
 
+            // liability stuff
+            'liability_type'                 => $liabilityType,
+            'liability_direction'            => $liabilityDirection,
+            'interest'                       => $interest,
+            'interest_period'                => $interestPeriod,
+            'current_debt'                   => $currentDebt,
+
+            // object group
+            'object_group_id'                => null !== $objectGroupId ? (string) $objectGroupId : null,
+            'object_group_order'             => $objectGroupOrder,
+            'object_group_title'             => $objectGroupTitle,
+
             //            'notes'                   => $this->repository->getNoteText($account),
             //            'monthly_payment_date'    => $monthlyPaymentDate,
             //            'credit_card_type'        => $creditCardType,
-            //            'account_number'          => $this->repository->getMetaValue($account, 'account_number'),
             //            'bic'                     => $this->repository->getMetaValue($account, 'BIC'),
             //            'virtual_balance'         => number_format((float) $account->virtual_balance, $decimalPlaces, '.', ''),
             //            'opening_balance'         => $openingBalance,
             //            'opening_balance_date'    => $openingBalanceDate,
-            //            'liability_type'          => $liabilityType,
-            //            'liability_direction'     => $liabilityDirection,
-            //            'interest'                => $interest,
-            //            'interest_period'         => $interestPeriod,
-            //            'current_debt'            => $this->repository->getMetaValue($account, 'current_debt'),
             //            'include_net_worth'       => $includeNetWorth,
             //            'longitude'               => $longitude,
             //            'latitude'                => $latitude,
@@ -246,4 +228,205 @@ class AccountTransformer extends AbstractTransformer
             ],
         ];
     }
+
+    private function getMetaBalances(Collection $accounts): void
+    {
+        try {
+            $this->convertedBalances = app('steam')->balancesByAccountsConverted($accounts, $this->getDate());
+        } catch (FireflyException $e) {
+            Log::error($e->getMessage());
+        }
+    }
+
+    private function getDefaultCurrency(): void
+    {
+        $this->default = app('amount')->getDefaultCurrency();
+    }
+
+    private function collectAccountMetaData(Collection $accounts): void
+    {
+        /** @var CurrencyRepositoryInterface $repository */
+        $repository        = app(CurrencyRepositoryInterface::class);
+
+        /** @var AccountRepositoryInterface $accountRepository */
+        $accountRepository = app(AccountRepositoryInterface::class);
+        $metaFields        = $accountRepository->getMetaValues($accounts, ['currency_id', 'account_role', 'account_number', 'liability_direction', 'interest', 'interest_period', 'current_debt']);
+        $currencyIds       = $metaFields->where('name', 'currency_id')->pluck('data')->toArray();
+
+        $currencies        = $repository->getByIds($currencyIds);
+        foreach ($currencies as $currency) {
+            $id                    = $currency->id;
+            $this->currencies[$id] = $currency;
+        }
+        foreach ($metaFields as $entry) {
+            $id                                   = $entry->account_id;
+            $this->accountMeta[$id][$entry->name] = $entry->data;
+        }
+    }
+
+    private function collectAccountTypes(Collection $accounts): void
+    {
+        /** @var AccountRepositoryInterface $accountRepository */
+        $accountRepository = app(AccountRepositoryInterface::class);
+        $accountTypes      = $accountRepository->getAccountTypes($accounts);
+
+        /** @var AccountType $row */
+        foreach ($accountTypes as $row) {
+            $this->accountTypes[$row->id] = (string) config(sprintf('firefly.shortNamesByFullName.%s', $row->type));
+            $this->fullTypes[$row->id]    = $row->type;
+        }
+    }
+
+    private function getLastActivity(Collection $accounts): void
+    {
+        /** @var AccountRepositoryInterface $accountRepository */
+        $accountRepository = app(AccountRepositoryInterface::class);
+        $lastActivity      = $accountRepository->getLastActivity($accounts);
+        foreach ($lastActivity as $row) {
+            $this->lastActivity[(int) $row['account_id']] = Carbon::parse($row['date_max'], config('app.timezone'));
+        }
+    }
+
+    private function sortAccounts(Collection $accounts): Collection
+    {
+        /** @var null|array $sort */
+        $sort = $this->parameters->get('sort');
+
+        if (null === $sort || 0 === count($sort)) {
+            return $accounts;
+        }
+
+        /**
+         * @var string $column
+         * @var string $direction
+         */
+        foreach ($sort as $column => $direction) {
+            // account_number + iban
+            if ('iban' === $column) {
+                $accounts = $this->sortByIban($accounts, $direction);
+            }
+            if ('balance' === $column) {
+                $accounts = $this->sortByBalance($accounts, $direction);
+            }
+            if ('last_activity' === $column) {
+                $accounts = $this->sortByLastActivity($accounts, $direction);
+            }
+            if ('balance_difference' === $column) {
+                $accounts = $this->sortByBalanceDifference($accounts, $direction);
+            }
+            if ('current_debt' === $column) {
+                $accounts = $this->sortByCurrentDebt($accounts, $direction);
+            }
+        }
+
+        return $accounts;
+    }
+
+    private function sortByIban(Collection $accounts, string $direction): Collection
+    {
+        $meta = $this->accountMeta;
+
+        return $accounts->sort(function (Account $left, Account $right) use ($meta, $direction) {
+            $leftIban  = trim(sprintf('%s%s', $left->iban, $meta[$left->id]['account_number'] ?? ''));
+            $rightIban = trim(sprintf('%s%s', $right->iban, $meta[$right->id]['account_number'] ?? ''));
+            if ('asc' === $direction) {
+                return strcasecmp($leftIban, $rightIban);
+            }
+
+            return strcasecmp($rightIban, $leftIban);
+        });
+    }
+
+    private function sortByBalance(Collection $accounts, string $direction): Collection
+    {
+        $balances = $this->convertedBalances;
+
+        return $accounts->sort(function (Account $left, Account $right) use ($balances, $direction) {
+            $leftBalance  = (float) ($balances[$left->id]['native_balance'] ?? 0);
+            $rightBalance = (float) ($balances[$right->id]['native_balance'] ?? 0);
+            if ('asc' === $direction) {
+                return $leftBalance <=> $rightBalance;
+            }
+
+            return $rightBalance <=> $leftBalance;
+        });
+    }
+
+    private function sortByLastActivity(Collection $accounts, string $direction): Collection
+    {
+        $dates = $this->lastActivity;
+
+        return $accounts->sort(function (Account $left, Account $right) use ($dates, $direction) {
+            $leftDate  = $dates[$left->id] ?? Carbon::create(1900, 1, 1, 0, 0, 0);
+            $rightDate = $dates[$right->id] ?? Carbon::create(1900, 1, 1, 0, 0, 0);
+            if ('asc' === $direction) {
+                return $leftDate->gt($rightDate) ? 1 : -1;
+            }
+
+            return $rightDate->gt($leftDate) ? 1 : -1;
+        });
+    }
+
+    private function getBalanceDifference(Collection $accounts, Carbon $start, Carbon $end): void
+    {
+        // collect balances, start and end for both native and converted.
+        // yes the b is usually used for boolean by idiots but here it's for balance.
+        $bStart = [];
+        $bEnd   = [];
+
+        try {
+            $bStart = app('steam')->balancesByAccountsConverted($accounts, $start);
+            $bEnd   = app('steam')->balancesByAccountsConverted($accounts, $end);
+        } catch (FireflyException $e) {
+            Log::error($e->getMessage());
+        }
+
+        /** @var Account $account */
+        foreach ($accounts as $account) {
+            $id = $account->id;
+            if (array_key_exists($id, $bStart) && array_key_exists($id, $bEnd)) {
+                $this->balanceDifferences[$id] = [
+                    'balance'        => bcsub($bEnd[$id]['balance'], $bStart[$id]['balance']),
+                    'native_balance' => bcsub($bEnd[$id]['native_balance'], $bStart[$id]['native_balance']),
+                ];
+            }
+        }
+    }
+
+    private function sortByBalanceDifference(Collection $accounts, string $direction): Collection
+    {
+        $balances = $this->balanceDifferences;
+
+        return $accounts->sort(function (Account $left, Account $right) use ($balances, $direction) {
+            $leftBalance  = (float) ($balances[$left->id]['native_balance'] ?? 0);
+            $rightBalance = (float) ($balances[$right->id]['native_balance'] ?? 0);
+            if ('asc' === $direction) {
+                return $leftBalance <=> $rightBalance;
+            }
+
+            return $rightBalance <=> $leftBalance;
+        });
+    }
+
+    private function sortByCurrentDebt(Collection $accounts, string $direction): Collection
+    {
+        $amounts = $this->accountMeta;
+
+        return $accounts->sort(function (Account $left, Account $right) use ($amounts, $direction) {
+            $leftCurrent  = (float) ($amounts[$left->id]['current_debt'] ?? 0);
+            $rightCurrent = (float) ($amounts[$right->id]['current_debt'] ?? 0);
+            if ('asc' === $direction) {
+                return $leftCurrent <=> $rightCurrent;
+            }
+
+            return $rightCurrent <=> $leftCurrent;
+        });
+    }
+
+    private function getObjectGroups(Collection $accounts): void
+    {
+        /** @var AccountRepositoryInterface $accountRepository */
+        $accountRepository  = app(AccountRepositoryInterface::class);
+        $this->objectGroups = $accountRepository->getObjectGroups($accounts);
+    }
 }

app/User.php

@@ -381,10 +381,7 @@ class User extends Authenticatable
         $dbRolesTitles    = $dbRoles->pluck('title')->toArray();
 
         /** @var Collection $groupMemberships */
-        $groupMemberships = $this->groupMemberships()
-            ->whereIn('user_role_id', $dbRolesIds)
-            ->where('user_group_id', $userGroup->id)->get()
-        ;
+        $groupMemberships = $this->groupMemberships()->whereIn('user_role_id', $dbRolesIds)->where('user_group_id', $userGroup->id)->get();
         if (0 === $groupMemberships->count()) {
             app('log')->error(sprintf(
                 'User #%d "%s" does not have roles %s in user group #%d "%s"',

changelog.md

@@ -3,11 +3,33 @@
 All notable changes to this project will be documented in this file.
 This project adheres to [Semantic Versioning](http://semver.org/).
 
+## 6.1.15 - 2024-04-24
 
-## 6.1.14 - 2024-xx-xx
+### Fixed
+
+- [Issue 8812](https://github.com/firefly-iii/firefly-iii/issues/8812) (Login with `AUTHENTICATION_GUARD=remote_user_guard` fails due to missing UserGroup) reported by @nebulade
+
+## 6.1.14 - 2024-04-24
 
 ### Changed
-- You will have to define again which asset accounts you want to see on the dashboard. Sorry about that.
+- You may have to define again which asset accounts you want to see on the dashboard. Sorry about that.
+- Expanded some database models.
+- Limit the number of error messages Firefly III will send (so Mailgun keeps liking me).
+- [PR 8746](https://github.com/firefly-iii/firefly-iii/pull/8746) (Set date to now when cloning journal) reported by @imlonghao
+
+### Fixed
+
+- [Issue 8748](https://github.com/firefly-iii/firefly-iii/issues/8748) (Release tarballs mistakenly include the `.zip` artifact) reported by @sudoBash418
+- [Discussion 8750](https://github.com/orgs/firefly-iii/discussions/8750) (API To change  transaction fails to find destination_id) started by @soloam 
+- [Issue 8779](https://github.com/firefly-iii/firefly-iii/issues/8779) (Change Password Form not working ≥  6.1.11) reported by @jemtz-deleon
+- [Issue 8781](https://github.com/firefly-iii/firefly-iii/issues/8781) (Bill information missing in /api/v1/search/transactions responses) reported by @daanvanberkel
+- [Issue 8752](https://github.com/firefly-iii/firefly-iii/issues/8752) (Transactions reorder not work (error 404)) reported by @BoGnY
+- [Issue 8613](https://github.com/firefly-iii/firefly-iii/issues/8613) (Some minor color issues) reported by @rumpff
+- [Issue 8776](https://github.com/firefly-iii/firefly-iii/issues/8776) (report-data/category/expenses has wrong sums with specific date range) reported by @bouil
+
+### API
+
+- [Issue 8804](https://github.com/firefly-iii/firefly-iii/issues/8804) (Unable to create rules with negation via API) reported by @tailg8nj
 
 ## 6.1.13 - 2024-04-01
 

composer.json

@@ -87,6 +87,8 @@
         "guzzlehttp/guzzle": "^7.8",
         "jc5/google2fa-laravel": "^2.0",
         "jc5/recovery": "^2",
+        "laravel-json-api/laravel": "^4.0",
+        "laravel-json-api/non-eloquent": "^4.0",
         "laravel/framework": "^11",
         "laravel/passport": "^12",
         "laravel/sanctum": "^4",
@@ -106,7 +108,8 @@
         "spatie/period": "^2.4",
         "symfony/expression-language": "^7.0",
         "symfony/http-client": "^7.0",
-        "symfony/mailgun-mailer": "^7.0"
+        "symfony/mailgun-mailer": "^7.0",
+        "twig/twig": "3.8.0"
     },
     "require-dev": {
         "barryvdh/laravel-debugbar": "^3.9",
@@ -115,6 +118,7 @@
         "fakerphp/faker": "1.*",
         "filp/whoops": "2.*",
         "larastan/larastan": "^2",
+        "laravel-json-api/testing": "^3.0",
         "mockery/mockery": "1.*",
         "phpstan/extension-installer": "^1.3",
         "phpstan/phpstan": "^1.10",

config/debugbar.php

@@ -0,0 +1,326 @@
+<?php
+
+declare(strict_types=1);
+
+return [
+    /*
+     |--------------------------------------------------------------------------
+     | Debugbar Settings
+     |--------------------------------------------------------------------------
+     |
+     | Debugbar is enabled by default, when debug is set to true in app.php.
+     | You can override the value by setting enable to true or false instead of null.
+     |
+     | You can provide an array of URI's that must be ignored (eg. 'api/*')
+     |
+     */
+
+    'enabled'                 => env('DEBUGBAR_ENABLED', null),
+    'except'                  => [
+        'telescope*',
+        'horizon*',
+    ],
+
+    /*
+     |--------------------------------------------------------------------------
+     | Storage settings
+     |--------------------------------------------------------------------------
+     |
+     | DebugBar stores data for session/ajax requests.
+     | You can disable this, so the debugbar stores data in headers/session,
+     | but this can cause problems with large data collectors.
+     | By default, file storage (in the storage folder) is used. Redis and PDO
+     | can also be used. For PDO, run the package migrations first.
+     |
+     | Warning: Enabling storage.open will allow everyone to access previous
+     | request, do not enable open storage in publicly available environments!
+     | Specify a callback if you want to limit based on IP or authentication.
+     | Leaving it to null will allow localhost only.
+     */
+    'storage'                 => [
+        'enabled'    => true,
+        'open'       => env('DEBUGBAR_OPEN_STORAGE'), // bool/callback.
+        'driver'     => 'file', // redis, file, pdo, socket, custom
+        'path'       => storage_path('debugbar'), // For file driver
+        'connection' => null,   // Leave null for default connection (Redis/PDO)
+        'provider'   => '', // Instance of StorageInterface for custom driver
+        'hostname'   => '127.0.0.1', // Hostname to use with the "socket" driver
+        'port'       => 2304, // Port to use with the "socket" driver
+    ],
+
+    /*
+    |--------------------------------------------------------------------------
+    | Editor
+    |--------------------------------------------------------------------------
+    |
+    | Choose your preferred editor to use when clicking file name.
+    |
+    | Supported: "phpstorm", "vscode", "vscode-insiders", "vscode-remote",
+    |            "vscode-insiders-remote", "vscodium", "textmate", "emacs",
+    |            "sublime", "atom", "nova", "macvim", "idea", "netbeans",
+    |            "xdebug", "espresso"
+    |
+    */
+
+    'editor'                  => env('DEBUGBAR_EDITOR') ?? env('IGNITION_EDITOR', 'phpstorm'),
+
+    /*
+    |--------------------------------------------------------------------------
+    | Remote Path Mapping
+    |--------------------------------------------------------------------------
+    |
+    | If you are using a remote dev server, like Laravel Homestead, Docker, or
+    | even a remote VPS, it will be necessary to specify your path mapping.
+    |
+    | Leaving one, or both of these, empty or null will not trigger the remote
+    | URL changes and Debugbar will treat your editor links as local files.
+    |
+    | "remote_sites_path" is an absolute base path for your sites or projects
+    | in Homestead, Vagrant, Docker, or another remote development server.
+    |
+    | Example value: "/home/vagrant/Code"
+    |
+    | "local_sites_path" is an absolute base path for your sites or projects
+    | on your local computer where your IDE or code editor is running on.
+    |
+    | Example values: "/Users/<name>/Code", "C:\Users\<name>\Documents\Code"
+    |
+    */
+
+    'remote_sites_path'       => env('DEBUGBAR_REMOTE_SITES_PATH'),
+    'local_sites_path'        => env('DEBUGBAR_LOCAL_SITES_PATH', env('IGNITION_LOCAL_SITES_PATH')),
+
+    /*
+     |--------------------------------------------------------------------------
+     | Vendors
+     |--------------------------------------------------------------------------
+     |
+     | Vendor files are included by default, but can be set to false.
+     | This can also be set to 'js' or 'css', to only include javascript or css vendor files.
+     | Vendor files are for css: font-awesome (including fonts) and highlight.js (css files)
+     | and for js: jquery and highlight.js
+     | So if you want syntax highlighting, set it to true.
+     | jQuery is set to not conflict with existing jQuery scripts.
+     |
+     */
+
+    'include_vendors'         => true,
+
+    /*
+     |--------------------------------------------------------------------------
+     | Capture Ajax Requests
+     |--------------------------------------------------------------------------
+     |
+     | The Debugbar can capture Ajax requests and display them. If you don't want this (ie. because of errors),
+     | you can use this option to disable sending the data through the headers.
+     |
+     | Optionally, you can also send ServerTiming headers on ajax requests for the Chrome DevTools.
+     |
+     | Note for your request to be identified as ajax requests they must either send the header
+     | X-Requested-With with the value XMLHttpRequest (most JS libraries send this), or have application/json as a Accept header.
+     |
+     | By default `ajax_handler_auto_show` is set to true allowing ajax requests to be shown automatically in the Debugbar.
+     | Changing `ajax_handler_auto_show` to false will prevent the Debugbar from reloading.
+     */
+
+    'capture_ajax'            => true,
+    'add_ajax_timing'         => false,
+    'ajax_handler_auto_show'  => true,
+    'ajax_handler_enable_tab' => true,
+
+    /*
+     |--------------------------------------------------------------------------
+     | Custom Error Handler for Deprecated warnings
+     |--------------------------------------------------------------------------
+     |
+     | When enabled, the Debugbar shows deprecated warnings for Symfony components
+     | in the Messages tab.
+     |
+     */
+    'error_handler'           => false,
+
+    /*
+     |--------------------------------------------------------------------------
+     | Clockwork integration
+     |--------------------------------------------------------------------------
+     |
+     | The Debugbar can emulate the Clockwork headers, so you can use the Chrome
+     | Extension, without the server-side code. It uses Debugbar collectors instead.
+     |
+     */
+    'clockwork'               => false,
+
+    /*
+     |--------------------------------------------------------------------------
+     | DataCollectors
+     |--------------------------------------------------------------------------
+     |
+     | Enable/disable DataCollectors
+     |
+     */
+
+    'collectors'              => [
+        'phpinfo'         => true,  // Php version
+        'messages'        => true,  // Messages
+        'time'            => true,  // Time Datalogger
+        'memory'          => true,  // Memory usage
+        'exceptions'      => true,  // Exception displayer
+        'log'             => true,  // Logs from Monolog (merged in messages if enabled)
+        'db'              => true,  // Show database (PDO) queries and bindings
+        'views'           => true,  // Views with their data
+        'route'           => true,  // Current route information
+        'auth'            => false, // Display Laravel authentication status
+        'gate'            => true,  // Display Laravel Gate checks
+        'session'         => true,  // Display session data
+        'symfony_request' => true,  // Only one can be enabled..
+        'mail'            => true,  // Catch mail messages
+        'laravel'         => false, // Laravel version and environment
+        'events'          => false, // All events fired
+        'default_request' => false, // Regular or special Symfony request logger
+        'logs'            => false, // Add the latest log messages
+        'files'           => false, // Show the included files
+        'config'          => false, // Display config settings
+        'cache'           => false, // Display cache events
+        'models'          => true,  // Display models
+        'livewire'        => true,  // Display Livewire (when available)
+        'jobs'            => false, // Display dispatched jobs
+    ],
+
+    /*
+     |--------------------------------------------------------------------------
+     | Extra options
+     |--------------------------------------------------------------------------
+     |
+     | Configure some DataCollectors
+     |
+     */
+
+    'options'                 => [
+        'time'            => [
+            'memory_usage' => false,  // Calculated by subtracting memory start and end, it may be inaccurate
+        ],
+        'messages'        => [
+            'trace' => true,   // Trace the origin of the debug message
+        ],
+        'memory'          => [
+            'reset_peak'    => false,     // run memory_reset_peak_usage before collecting
+            'with_baseline' => false,  // Set boot memory usage as memory peak baseline
+            'precision'     => 0,          // Memory rounding precision
+        ],
+        'auth'            => [
+            'show_name'   => true,   // Also show the users name/email in the debugbar
+            'show_guards' => true, // Show the guards that are used
+        ],
+        'db'              => [
+            'with_params'             => true,   // Render SQL with the parameters substituted
+            'backtrace'               => true,   // Use a backtrace to find the origin of the query in your files.
+            'backtrace_exclude_paths' => [],   // Paths to exclude from backtrace. (in addition to defaults)
+            'timeline'                => false,  // Add the queries to the timeline
+            'duration_background'     => true,   // Show shaded background on each query relative to how long it took to execute.
+            'explain'                 => [                 // Show EXPLAIN output on queries
+                'enabled' => false,
+                'types'   => ['SELECT'],     // Deprecated setting, is always only SELECT
+            ],
+            'hints'                   => false,    // Show hints for common mistakes
+            'show_copy'               => false,    // Show copy button next to the query,
+            'slow_threshold'          => false,   // Only track queries that last longer than this time in ms
+            'memory_usage'            => false,   // Show queries memory usage
+            'soft_limit'              => 100,      // After the soft limit, no parameters/backtrace are captured
+            'hard_limit'              => 500,      // After the hard limit, queries are ignored
+        ],
+        'mail'            => [
+            'timeline'  => false,  // Add mails to the timeline
+            'show_body' => true,
+        ],
+        'views'           => [
+            'timeline'      => false,    // Add the views to the timeline (Experimental)
+            'data'          => false,        // true for all data, 'keys' for only names, false for no parameters.
+            'group'         => 50,          // Group duplicate views. Pass value to auto-group, or true/false to force
+            'exclude_paths' => [    // Add the paths which you don't want to appear in the views
+                'vendor/filament',   // Exclude Filament components by default
+            ],
+        ],
+        'route'           => [
+            'label' => true,  // show complete route on bar
+        ],
+        'session'         => [
+            'hiddens' => [], // hides sensitive values using array paths
+        ],
+        'symfony_request' => [
+            'hiddens' => [], // hides sensitive values using array paths, example: request_request.password
+        ],
+        'events'          => [
+            'data' => false, // collect events data, listeners
+        ],
+        'logs'            => [
+            'file' => null,
+        ],
+        'cache'           => [
+            'values' => true, // collect cache values
+        ],
+    ],
+
+    /*
+     |--------------------------------------------------------------------------
+     | Inject Debugbar in Response
+     |--------------------------------------------------------------------------
+     |
+     | Usually, the debugbar is added just before </body>, by listening to the
+     | Response after the App is done. If you disable this, you have to add them
+     | in your template yourself. See http://phpdebugbar.com/docs/rendering.html
+     |
+     */
+
+    'inject'                  => true,
+
+    /*
+     |--------------------------------------------------------------------------
+     | DebugBar route prefix
+     |--------------------------------------------------------------------------
+     |
+     | Sometimes you want to set route prefix to be used by DebugBar to load
+     | its resources from. Usually the need comes from misconfigured web server or
+     | from trying to overcome bugs like this: http://trac.nginx.org/nginx/ticket/97
+     |
+     */
+    'route_prefix'            => '_debugbar',
+
+    /*
+     |--------------------------------------------------------------------------
+     | DebugBar route middleware
+     |--------------------------------------------------------------------------
+     |
+     | Additional middleware to run on the Debugbar routes
+     */
+    'route_middleware'        => [],
+
+    /*
+     |--------------------------------------------------------------------------
+     | DebugBar route domain
+     |--------------------------------------------------------------------------
+     |
+     | By default DebugBar route served from the same domain that request served.
+     | To override default domain, specify it as a non-empty value.
+     */
+    'route_domain'            => null,
+
+    /*
+     |--------------------------------------------------------------------------
+     | DebugBar theme
+     |--------------------------------------------------------------------------
+     |
+     | Switches between light and dark theme. If set to auto it will respect system preferences
+     | Possible values: auto, light, dark
+     */
+    'theme'                   => env('DEBUGBAR_THEME', 'auto'),
+
+    /*
+     |--------------------------------------------------------------------------
+     | Backtrace stack limit
+     |--------------------------------------------------------------------------
+     |
+     | By default, the DebugBar limits the number of frames returned by the 'debug_backtrace()' function.
+     | If you need larger stacktraces, you can increase this number. Setting it to 0 will result in no limit.
+     */
+    'debug_backtrace_limit'   => 50,
+];

config/firefly.php

@@ -117,8 +117,8 @@ return [
         'expression_engine' => false,
         // see cer.php for exchange rates feature flag.
     ],
-    'version'                      => 'develop/2024-04-07',
-    'api_version'                  => '2.0.13',
+    'version'                      => 'develop/2024-05-16',
+    'api_version'                  => '2.0.14',
     'db_version'                   => 24,
 
     // generic settings
@@ -206,7 +206,6 @@ return [
 
     // web configuration:
     'trusted_proxies'              => env('TRUSTED_PROXIES', ''),
-    'layout'                       => envNonEmpty('FIREFLY_III_LAYOUT', 'v1'),
 
     // map configuration
     'default_location'             => [
@@ -921,11 +920,31 @@ return [
     // preselected account lists possibilities:
     'preselected_accounts'         => ['all', 'assets', 'liabilities'],
 
-    // allowed sort columns for API's
+    // allowed filters (search) for APIs
+    'filters'                      => [
+        'allowed' => [
+            'accounts' => [
+                'name'               => 'string',
+                'active'             => 'boolean',
+                'iban'               => 'iban',
+                'balance'            => 'numeric',
+                'last_activity'      => 'date',
+                'balance_difference' => 'numeric',
+            ],
+        ],
+    ],
+
+    // allowed sort columns for APIs
     'sorting'                      => [
         'allowed' => [
             'transactions' => ['description', 'amount'],
-            'accounts'     => ['name', 'active', 'iban', 'balance', 'last_activity'],
+            'accounts'     => ['name', 'active', 'iban', 'balance', 'last_activity', 'balance_difference', 'current_debt'],
         ],
     ],
+    'full_data_set'                => [
+        'account' => ['last_activity', 'balance_difference', 'current_balance', 'current_debt'],
+    ],
+    'valid_query_filters'          => [
+        'account' => ['name', 'iban', 'active'],
+    ],
 ];

config/jsonapi.php

@@ -0,0 +1,35 @@
+<?php
+
+declare(strict_types=1);
+
+use FireflyIII\JsonApi\V3\Server;
+
+return [
+    /*
+    |--------------------------------------------------------------------------
+    | Root Namespace
+    |--------------------------------------------------------------------------
+    |
+    | The root JSON:API namespace, within your application's namespace.
+    | This is used when generating any class that does not sit *within*
+    | a server's namespace. For example, new servers and filters.
+    |
+    | By default this is set to `JsonApi` which means the root namespace
+    | will be `\App\JsonApi`, if your application's namespace is `App`.
+    */
+    'namespace' => 'JsonApi',
+
+    /*
+    |--------------------------------------------------------------------------
+    | Servers
+    |--------------------------------------------------------------------------
+    |
+    | A list of the JSON:API compliant APIs in your application, referred to
+    | as "servers". They must be listed below, with the array key being the
+    | unique name for each server, and the value being the fully-qualified
+    | class name of the server class.
+    */
+    'servers'   => [
+        'v3' => Server::class,
+    ],
+];

config/translations.php

@@ -34,11 +34,33 @@ return [
             'form'       => [
                 'title',
             ],
+            'list'       => [
+                'drag_and_drop',
+                'active',
+                'name',
+                'type',
+                'number',
+                'liability_type',
+                'current_balance',
+                'last_activity',
+                'amount_due',
+                'balance_difference',
+                'menu',
+            ],
             'validation' => [
                 'bad_type_source',
                 'bad_type_destination',
             ],
             'firefly'    => [
+                'liability_direction_debit_short',
+                'liability_direction_credit_short',
+                'interest_calc_yearly',
+                'interest_calc_',
+                'interest_calc_daily',
+                'interest_calc_monthly',
+                'interest_calc_weekly',
+                'interest_calc_half-year',
+                'interest_calc_quarterly',
                 'spent',
                 'administration_owner',
                 'administration_you',
@@ -94,6 +116,19 @@ return [
                 'account_role_savingAsset',
                 'account_role_ccAsset',
                 'account_role_cashWalletAsset',
+                //                'account_column_opt_drag_and_drop',
+                //                'account_column_opt_active',
+                //                'account_column_opt_name',
+                //                'account_column_opt_type',
+                //                'account_column_opt_liability_type',
+                //                'account_column_opt_liability_direction',
+                //                'account_column_opt_liability_interest',
+                //                'account_column_opt_number',
+                //                'account_column_opt_current_balance',
+                //                'account_column_opt_amount_due',
+                //                'account_column_opt_last_activity',
+                //                'account_column_opt_balance_difference',
+                //                'account_column_opt_menu',
             ],
         ],
         'v1' => [

database/migrations/2016_06_16_000002_create_main_tables.php

@@ -284,7 +284,7 @@ class CreateMainTables extends Migration
                         $table->integer('budget_id', false, true);
                         $table->date('startdate');
                         $table->decimal('amount', 32, 12);
-                        $table->string('repeat_freq', 30);
+                        $table->string('repeat_freq', 30)->nullable();
                         $table->boolean('repeats')->default(0);
                         $table->foreign('budget_id')->references('id')->on('budgets')->onDelete('cascade');
                     }

database/migrations/2024_05_12_060551_create_account_balance_table.php

@@ -0,0 +1,41 @@
+<?php
+
+declare(strict_types=1);
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class () extends Migration {
+    /**
+     * Run the migrations.
+     */
+    public function up(): void
+    {
+        if (!Schema::hasTable('account_balances')) {
+            Schema::create('account_balances', function (Blueprint $table): void {
+                $table->id();
+                $table->timestamps();
+                $table->string('title', 100)->nullable();
+                $table->integer('account_id', false, true);
+                $table->integer('transaction_currency_id', false, true);
+                $table->date('date')->nullable();
+                $table->integer('transaction_journal_id', false, true)->nullable();
+                $table->decimal('balance', 32, 12);
+                $table->foreign('account_id')->references('id')->on('accounts')->onDelete('cascade');
+                $table->foreign('transaction_journal_id')->references('id')->on('transaction_journals')->onDelete('cascade');
+                $table->foreign('transaction_currency_id')->references('id')->on('transaction_currencies')->onDelete('cascade');
+
+                $table->unique(['account_id', 'transaction_currency_id', 'transaction_journal_id', 'date', 'title'], 'unique_account_currency');
+            });
+        }
+    }
+
+    /**
+     * Reverse the migrations.
+     */
+    public function down(): void
+    {
+        Schema::dropIfExists('account_balances');
+    }
+};

public/v1/js/ff/list/groups.js

@@ -22,95 +22,10 @@ var count = 0;
 
 $(document).ready(function () {
     updateListButtons();
-    addSort();
     $('.clone-transaction').click(cloneTransaction);
     $('.clone-transaction-and-edit').click(cloneTransactionAndEdit);
 });
 
-var fixHelper = function (e, tr) {
-    "use strict";
-    var $originals = tr.children();
-    var $helper = tr.clone();
-    $helper.children().each(function (index) {
-        // Set helper cell sizes to match the original sizes
-        $(this).width($originals.eq(index).width());
-    });
-    return $helper;
-};
-
-/**
- *
- */
-function addSort() {
-    if (typeof $(".table-sortable>tbody").sortable !== "undefined") {
-        $('.table-sortable>tbody').sortable(
-            {
-                items: "tr:not(.unsortable)",
-                handle: '.object-handle',
-                stop: sortStop,
-                start: function (event, ui) {
-                    // Build a placeholder cell that spans all the cells in the row
-                    var cellCount = 0;
-                    $('td, th', ui.helper).each(function () {
-                        // For each TD or TH try and get it's colspan attribute, and add that or 1 to the total
-                        var colspan = 1;
-                        var colspanAttr = $(this).attr('colspan');
-                        if (colspanAttr > 1) {
-                            colspan = colspanAttr;
-                        }
-                        cellCount += colspan;
-                    });
-
-                    // Add the placeholder UI - note that this is the item's content, so TD rather than TR
-                    ui.placeholder.html('<td colspan="' + cellCount + '">&nbsp;</td>');
-                }
-            }
-        );
-    }
-}
-
-/**
- *
- * @param event
- * @param ui
- * @returns {boolean|undefined}
- */
-function sortStop(event, ui) {
-    "use strict";
-    var current = $(ui.item);
-    var thisDate = current.data('date');
-    var originalBG = current.css('backgroundColor');
-
-
-    if (current.prev().data('date') !== thisDate && current.next().data('date') !== thisDate) {
-        // animate something with color:
-        current.animate({backgroundColor: "#d9534f"}, 200, function () {
-            $(this).animate({backgroundColor: originalBG}, 200);
-            return undefined;
-        });
-
-        return false;
-    }
-    //return false;
-    // do update
-    var list = $('tr[data-date="' + thisDate + '"]');
-    var submit = [];
-    $.each(list, function (i, v) {
-        var row = $(v);
-        var id = row.data('id');
-        submit.push(id);
-    });
-
-    // do extra animation when done?
-    $.post('transactions/reorder', {items: submit, date: thisDate, _token: token});
-
-    current.animate({backgroundColor: "#5cb85c"}, 200, function () {
-        $(this).animate({backgroundColor: originalBG}, 200);
-        return undefined;
-    });
-    return undefined;
-}
-
 
 /**
  *

public/v1/lib/adminlte/css/skins/skin-dark.css

@@ -103,6 +103,12 @@
 .skin-firefly-iii .btn-info {
   color: #fff;
 }
+.skin-firefly-iii .btn-danger {
+  color: #fff;
+}
+.skin-firefly-iii .btn-warning {
+  color: #fff;
+}
 .skin-firefly-iii .btn-default {
   background-color: #55606a;
   color: #bec5cb;
@@ -251,6 +257,11 @@
 }
 .skin-firefly-iii .table > thead > tr > th,
 .skin-firefly-iii .table > tbody > tr > th,
+.skin-firefly-iii .table > tfoot > tr > th {
+  border-bottom: 2px #c9d1d9 solid;
+}
+.skin-firefly-iii .table > thead > tr > th,
+.skin-firefly-iii .table > tbody > tr > th,
 .skin-firefly-iii .table > tfoot > tr > th,
 .skin-firefly-iii .table > thead > tr > td,
 .skin-firefly-iii .table > tbody > tr > td,
@@ -480,6 +491,7 @@
 .skin-firefly-iii .nav-tabs-custom > .nav-tabs > li.active > a {
   border-left-color: #353c42;
   border-right-color: #353c42;
+  color: #bec5cb;
 }
 .skin-firefly-iii .nav-tabs-custom > .nav-tabs.pull-right > li:first-of-type.active > a {
   border-left-color: #353c42;
@@ -511,7 +523,7 @@
   background-color: #272c30;
 }
 .skin-firefly-iii .input-group .input-group-addon {
-  border-right: 1px solid #272c30;
+  border: 1px solid #272c30;
 }
 .skin-firefly-iii .form-control {
   border-color: #272c30;