fix resize 3

fix nav resize 2
fix email restricted appearance
2026-03-03 20:07:01 +00:00 · 2015-08-28 14:30:17 +03:00 · 2015-08-28 14:24:27 +03:00 · 2015-08-27 17:12:42 +03:00 · 2015-08-27 15:29:30 +03:00 · 2015-08-27 12:16:53 +03:00
976 changed files with 22315 additions and 8128 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -9,8 +9,11 @@
 /client
 /test.php
 /main.html
-/frontend/client/css/bootstrap.css
+/frontend/client/css/espo.css
+/frontend/client/css/espo-vertical.css
+/frontend/client/css/sakura.css
+/frontend/client/css/sakura-vertical.css
 /tests/testData/cache/*
 composer.phar
 vendor/
-/custom/Espo/Custom/Resources/*
+/custom/Espo/Custom/*
--- a/.htaccess
+++ b/.htaccess
@@ -15,6 +15,7 @@ DirectoryIndex index.php index.html
  RewriteRule ^/?data/logs/ - [F]
  RewriteRule ^/?data/cache/ - [F]
  RewriteRule ^/?data/upload/ - [F]
+  RewriteRule ^/?data/\.backup/ - [F]
  RewriteRule ^/?application/ - [F]
  RewriteRule ^/?custom/ - [F]
  RewriteRule ^/?vendor/ - [F]
--- a/Gruntfile.js
+++ b/Gruntfile.js
@@ -21,7 +21,7 @@
 module.exports = function (grunt) {

    var jsFilesToMinify = [
-        'client/lib/jquery-2.0.2.min.js',
+        'client/lib/jquery-2.1.4.min.js',
        'client/lib/underscore-min.js',
        'client/lib/backbone-min.js',
        'client/lib/handlebars.js',
@@ -36,34 +36,8 @@ module.exports = function (grunt) {
        'client/lib/bull.min.js',
        'client/src/namespace.js',
        'client/src/exceptions.js',
-        'client/src/app.js',
-        'client/src/utils.js',
-        'client/src/storage.js',
        'client/src/loader.js',
-        'client/src/pre-loader.js',
-        'client/src/ui.js',
-        'client/src/acl.js',
-        'client/src/model.js',
-        'client/src/model-offline.js',
-        'client/src/metadata.js',
-        'client/src/language.js',
-        'client/src/cache.js',
-        'client/src/controller.js',
-        'client/src/router.js',
-        'client/src/date-time.js',
-        'client/src/field-manager.js',
-        'client/src/search-manager.js',
-        'client/src/collection.js',
-        'client/src/multi-collection.js',
-        'client/src/view-helper.js',
-        'client/src/layout-manager.js',
-        'client/src/model-factory.js',
-        'client/src/collection-factory.js',
-        'client/src/models/settings.js',
-        'client/src/models/user.js',
-        'client/src/models/preferences.js',
-        'client/src/controllers/base.js',
-        'client/src/view.js',
+        'client/src/utils.js'
    ];

    grunt.initConfig({
@@ -85,22 +59,44 @@ module.exports = function (grunt) {
            final: ['build/tmp'],
        },
        less: {
-            bootstrap: {
+            espo: {
                options: {
                    yuicompress: true,
                },
                files: {
-                    'frontend/client/css/bootstrap.css': 'frontend/less/espo/main.less',
+                    'frontend/client/css/espo.css': 'frontend/less/espo/main.less',
                },
            },
+            sakura: {
+                options: {
+                    yuicompress: true,
+                },
+                files: {
+                    'frontend/client/css/sakura.css': 'frontend/less/sakura/main.less',
+                },
+            },
+            espoVertical: {
+                options: {
+                    yuicompress: true,
+                },
+                files: {
+                    'frontend/client/css/espo-vertical.css': 'frontend/less/espo-vertical/main.less',
+                },
+            },
+            sakuraVertical: {
+                options: {
+                    yuicompress: true,
+                },
+                files: {
+                    'frontend/client/css/sakura-vertical.css': 'frontend/less/sakura-vertical/main.less',
+                },
+            }
        },
        cssmin: {
            minify: {
                files: {
-                    'build/tmp/client/css/espo.min.css': [
-                        'frontend/client/css/bootstrap.css',
-                        'frontend/client/css/datepicker.css',
-                        'frontend/client/css/jquery.timepicker.css',
+                    'build/tmp/client/css/espo.css': [
+                        'frontend/client/css/espo.css',
                    ]
                }
            },
@@ -157,6 +153,7 @@ module.exports = function (grunt) {
                    'rebuild.php',
                    'clear_cache.php',
                    'upgrade.php',
+                    'extension.php',
                    'index.php',
                    'LICENSE.txt',
                    '.htaccess',
--- a/README.md
+++ b/README.md
@@ -6,6 +6,13 @@ It's a web application with a frontend designed as a single page application bas

 Download the latest release from our [website](http://www.espocrm.com).

+### Requirements
+
+* PHP 5.4 or above (with pdo, json, gd, mcrypt extensions);
+* MySQL 5.1 or above.
+
+For more information about server configuration see [this article](http://blog.espocrm.com/administration/server-configuration-for-espocrm/).
+
 ### How to report bug

 Create an issue [here](https://github.com/espocrm/espocrm/issues) or post on our [forum](http://forum.espocrm.com/bug-reports?routestring=forum/bug-reports).
--- a/application/Espo/Acl/Email.php
+++ b/application/Espo/Acl/Email.php
@@ -0,0 +1,72 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ ************************************************************************/
+
+namespace Espo\Acl;
+
+use \Espo\Entities\User;
+use \Espo\ORM\Entity;
+
+class Email extends \Espo\Core\Acl\Base
+{
+
+    public function checkEntityRead(User $user, Entity $entity, $data)
+    {
+        if ($this->checkEntity($user, $entity, $data, 'read')) {
+            return true;
+        }
+
+        if ($data === false) {
+            return false;
+        }
+        if (is_array($data)) {
+            if (empty($data['read']) || $data['read'] == 'no') {
+                return false;
+            }
+        }
+
+        if (!$entity->has('usersIds')) {
+            $entity->loadLinkMultipleField('users');
+        }
+        $userIdList = $entity->get('usersIds');
+        if (is_array($userIdList) && in_array($user->id, $userIdList)) {
+            return true;
+        }
+        return false;
+    }
+
+    public function checkIsOwner(User $user, Entity $entity)
+    {
+        if ($entity->has('assignedUserId')) {
+            if ($user->id === $entity->get('assignedUserId')) {
+                return true;
+            }
+        }
+
+        if ($user->id === $entity->get('createdById')) {
+            return true;
+        }
+
+        return false;
+    }
+
+}
+
--- a/application/Espo/Controllers/Admin.php
+++ b/application/Espo/Controllers/Admin.php
@@ -22,8 +22,10 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Error,
-    \Espo\Core\Exceptions\Forbidden;
+use \Espo\Core\Exceptions\NotFound;
+use \Espo\Core\Exceptions\Error;
+use \Espo\Core\Exceptions\Forbidden;
+use \Espo\Core\Exceptions\BadRequest;

 class Admin extends \Espo\Core\Controllers\Base
 {
@@ -34,17 +36,19 @@ class Admin extends \Espo\Core\Controllers\Base
        }
    }

-    public function actionRebuild($params, $data)
+    public function postActionRebuild($params, $data, $request)
    {
+        if (!$request->isPost()) {
+            throw new BadRequest();
+        }
        $result = $this->getContainer()->get('dataManager')->rebuild();

        return $result;
    }

-    public function actionClearCache($params, $data)
+    public function postActionClearCache($params, $data)
    {
        $result = $this->getContainer()->get('dataManager')->clearCache();
-
        return $result;
    }

@@ -55,8 +59,13 @@ class Admin extends \Espo\Core\Controllers\Base
        return $scheduledJob->getAllNamesOnly();
    }

-    public function actionUploadUpgradePackage($params, $data)
+    public function postActionUploadUpgradePackage($params, $data)
    {
+        if ($this->getConfig()->get('restrictedMode')) {
+            if (!$this->getUser()->get('isSuperAdmin')) {
+                throw new Forbidden();
+            }
+        }
        $upgradeManager = new \Espo\Core\UpgradeManager($this->getContainer());

        $upgradeId = $upgradeManager->upload($data);
@@ -68,10 +77,15 @@ class Admin extends \Espo\Core\Controllers\Base
        );
    }

-    public function actionRunUpgrade($params, $data)
+    public function postActionRunUpgrade($params, $data)
    {
-        $upgradeManager = new \Espo\Core\UpgradeManager($this->getContainer());
+        if ($this->getConfig()->get('restrictedMode')) {
+            if (!$this->getUser()->get('isSuperAdmin')) {
+                throw new Forbidden();
+            }
+        }

+        $upgradeManager = new \Espo\Core\UpgradeManager($this->getContainer());
        $upgradeManager->install($data);

        return true;
--- a/application/Espo/Controllers/App.php
+++ b/application/Espo/Controllers/App.php
@@ -31,15 +31,20 @@ class App extends \Espo\Core\Controllers\Base
        $preferences = $this->getPreferences()->toArray();
        unset($preferences['smtpPassword']);

+        $user = $this->getUser();
+        if (!$user->has('teamsIds')) {
+            $user->loadLinkMultipleField('teams');
+        }
+
        return array(
-            'user' => $this->getUser()->toArray(),
-            'acl' => $this->getAcl()->toArray(),
+            'user' => $user->toArray(),
+            'acl' => $this->getAcl()->getMap(),
            'preferences' => $preferences,
            'token' => $this->getUser()->get('token')
        );
    }

-    public function actionDestroyAuthToken($params, $data)
+    public function postActionDestroyAuthToken($params, $data)
    {
        $token = $data['token'];
        if (empty($token)) {
--- a/application/Espo/Controllers/Attachment.php
+++ b/application/Espo/Controllers/Attachment.php
@@ -18,25 +18,32 @@
 *
 * You should have received a copy of the GNU General Public License
 * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
- ************************************************************************/ 
+ ************************************************************************/

 namespace Espo\Controllers;

+use \Espo\Core\Exceptions\Forbidden;
+use \Espo\Core\Exceptions\BadRequest;
+
 class Attachment extends \Espo\Core\Controllers\Record
 {

-    public function actionUpload($params, $data)
-    {        
+    public function actionUpload($params, $data, $request)
+    {
+        if (!$request->isPost()) {
+            throw new BadRequest();
+        }
+
        list($prefix, $contents) = explode(',', $data);
        $contents = base64_decode($contents);
-        
+
        $attachment = $this->getEntityManager()->getEntity('Attachment');
-        $this->getEntityManager()->saveEntity($attachment);        
+        $this->getEntityManager()->saveEntity($attachment);
        $this->getContainer()->get('fileManager')->putContents('data/upload/' . $attachment->id, $contents);
-        
+
        return array(
            'attachmentId' => $attachment->id
-        );    
+        );
    }

 }
--- a/application/Espo/Controllers/AuthToken.php
+++ b/application/Espo/Controllers/AuthToken.php
@@ -18,49 +18,49 @@
 *
 * You should have received a copy of the GNU General Public License
 * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
- ************************************************************************/ 
+ ************************************************************************/

 namespace Espo\Controllers;

 use \Espo\Core\Exceptions\Forbidden;

 class AuthToken extends \Espo\Core\Controllers\Record
-{    
+{
    protected function checkControllerAccess()
    {
        if (!$this->getUser()->isAdmin()) {
            throw new Forbidden();
        }
    }
-    
+
    public function actionUpdate($params, $data)
    {
        throw new Forbidden();
-    }    
-    
+    }
+
    public function actionCreate($params, $data)
    {
        throw new Forbidden();
    }
-    
+
    public function actionListLinked($params, $data)
    {
        throw new Forbidden();
    }
-    
+
    public function actionMassUpdate($params, $data)
    {
        throw new Forbidden();
    }
-    
+
    public function actionCreateLink($params, $data)
    {
        throw new Forbidden();
    }
-    
+
    public function actionRemoveLink($params, $data)
    {
        throw new Forbidden();
-    }    
+    }
 }

--- a/application/Espo/Controllers/EmailAccount.php
+++ b/application/Espo/Controllers/EmailAccount.php
@@ -23,6 +23,7 @@
 namespace Espo\Controllers;

 use \Espo\Core\Exceptions\Forbidden;
+use \Espo\Core\Exceptions\BadRequest;

 class EmailAccount extends \Espo\Core\Controllers\Record
 {
@@ -31,7 +32,7 @@ class EmailAccount extends \Espo\Core\Controllers\Record
        return $this->getRecordService()->getFolders(array(
            'host' => $request->get('host'),
            'port' => $request->get('port'),
-            'ssl' => $request->get('ssl'),
+            'ssl' => $request->get('ssl') === 'true',
            'username' => $request->get('username'),
            'password' => $request->get('password'),
            'id' => $request->get('id')
--- a/application/Espo/Controllers/EntityManager.php
+++ b/application/Espo/Controllers/EntityManager.php
@@ -62,6 +62,12 @@ class EntityManager extends \Espo\Core\Controllers\Base
        if (!empty($data['stream'])) {
            $params['stream'] = $data['stream'];
        }
+        if (!empty($data['sortBy'])) {
+            $params['sortBy'] = $data['sortBy'];
+        }
+        if (!empty($data['sortDirection'])) {
+            $params['asc'] = $data['sortDirection'] === 'asc';
+        }

        $result = $this->getContainer()->get('entityManagerUtil')->create($name, $type, $params);

@@ -90,6 +96,10 @@ class EntityManager extends \Espo\Core\Controllers\Base
        $name = $data['name'];
        $name = filter_var($name, \FILTER_SANITIZE_STRING);

+        if (!empty($data['sortDirection'])) {
+            $data['asc'] = $data['sortDirection'] === 'asc';
+        }
+
        $result = $this->getContainer()->get('entityManagerUtil')->update($name, $data);

        if ($result) {
--- a/application/Espo/Controllers/Extension.php
+++ b/application/Espo/Controllers/Extension.php
@@ -58,6 +58,11 @@ class Extension extends \Espo\Core\Controllers\Record
        if (!$request->isPost()) {
            throw new Forbidden();
        }
+        if ($this->getConfig()->get('restrictedMode')) {
+            if (!$this->getUser()->get('isSuperAdmin')) {
+                throw new Forbidden();
+            }
+        }

        $manager = new \Espo\Core\ExtensionManager($this->getContainer());

@@ -71,11 +76,14 @@ class Extension extends \Espo\Core\Controllers\Record
        if (!$request->isPost()) {
            throw new Forbidden();
        }
+        if ($this->getConfig()->get('restrictedMode')) {
+            if (!$this->getUser()->get('isSuperAdmin')) {
+                throw new Forbidden();
+            }
+        }

        $manager = new \Espo\Core\ExtensionManager($this->getContainer());
-
        $manager->uninstall($data);
-
        return true;
    }

@@ -99,12 +107,18 @@ class Extension extends \Espo\Core\Controllers\Record
        throw new Forbidden();
    }

-    public function actionDelete($params)
+    public function actionDelete($params, $data, $request)
    {
+        if (!$request->isDelete()) {
+            throw BadRequest();
+        }
+        if ($this->getConfig()->get('restrictedMode')) {
+            if (!$this->getUser()->get('isSuperAdmin')) {
+                throw new Forbidden();
+            }
+        }
        $manager = new \Espo\Core\ExtensionManager($this->getContainer());
-
        $manager->delete($params);
-
        return true;
    }

--- a/application/Espo/Controllers/ExternalAccount.php
+++ b/application/Espo/Controllers/ExternalAccount.php
@@ -18,12 +18,13 @@
 *
 * You should have received a copy of the GNU General Public License
 * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
- ************************************************************************/ 
+ ************************************************************************/

 namespace Espo\Controllers;

 use \Espo\Core\Exceptions\Error;
 use \Espo\Core\Exceptions\Forbidden;
+use \Espo\Core\Exceptions\BadRequest;

 class ExternalAccount extends \Espo\Core\Controllers\Record
 {
@@ -34,7 +35,7 @@ class ExternalAccount extends \Espo\Core\Controllers\Record
        $integrations = $this->getEntityManager()->getRepository('Integration')->find();
        $arr = array();
        foreach ($integrations as $entity) {
-            if ($entity->get('enabled') && $this->getMetadata()->get('integrations.' . $entity->id .'.allowUserAccounts')) {                
+            if ($entity->get('enabled') && $this->getMetadata()->get('integrations.' . $entity->id .'.allowUserAccounts')) {
                $arr[] = array(
                    'id' => $entity->id
                );
@@ -77,15 +78,18 @@ class ExternalAccount extends \Espo\Core\Controllers\Record
        return $entity->toArray();
    }

-    public function actionUpdate($params, $data)
+    public function actionUpdate($params, $data, $request)
    {
-        return $this->actionPatch($params, $data);
+        return $this->actionPatch($params, $data, $request);
    }

-    public function actionPatch($params, $data)
+    public function actionPatch($params, $data, $request)
    {
-        list($integration, $userId) = explode('__', $params['id']);
+        if (!$request->isPost() && !$request->isPatch()) {
+            throw new BadRequest();
+        }

+        list($integration, $userId) = explode('__', $params['id']);

        if ($this->getUser()->id != $userId) {
            throw new Forbidden();
--- a/application/Espo/Controllers/GlobalSearch.php
+++ b/application/Espo/Controllers/GlobalSearch.php
@@ -18,7 +18,7 @@
 *
 * You should have received a copy of the GNU General Public License
 * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
- ************************************************************************/ 
+ ************************************************************************/

 namespace Espo\Controllers;

@@ -30,10 +30,10 @@ class GlobalSearch extends \Espo\Core\Controllers\Base
    public function actionSearch($params, $data, $request)
    {
        $query = $params['query'];
-        
-        $offset = $request->get('offset');
-        $maxSize = $request->get('maxSize');        
-        
+
+        $offset = intval($request->get('offset'));
+        $maxSize = intval($request->get('maxSize'));
+
        return $this->getService('GlobalSearch')->find($query, $offset, $maxSize);
    }
 }
--- a/application/Espo/Controllers/Import.php
+++ b/application/Espo/Controllers/Import.php
@@ -71,10 +71,14 @@ class Import extends \Espo\Core\Controllers\Record
        return $this->getContainer()->get('entityManager');
    }

-    public function actionUploadFile($params, $data)
+    public function actionUploadFile($params, $data, $request)
    {
        $contents = $data;

+        if (!$request->isPost()) {
+            throw new BadRequest();
+        }
+
        $attachment = $this->getEntityManager()->getEntity('Attachment');
        $attachment->set('type', 'text/csv');
        $attachment->set('role', 'Import File');
@@ -88,24 +92,34 @@ class Import extends \Espo\Core\Controllers\Record
        );
    }

-    public function actionRevert($params, $data)
+    public function actionRevert($params, $data, $request)
    {
        if (empty($data['id'])) {
            throw new BadRequest();
        }
+        if (!$request->isPost()) {
+            throw new BadRequest();
+        }
        return $this->getService('Import')->revert($data['id']);
    }

-    public function actionRemoveDuplicates($params, $data)
+    public function actionRemoveDuplicates($params, $data, $request)
    {
        if (empty($data['id'])) {
            throw new BadRequest();
        }
+        if (!$request->isPost()) {
+            throw new BadRequest();
+        }
        return $this->getService('Import')->removeDuplicates($data['id']);
    }

-    public function actionCreate($params, $data)
+    public function actionCreate($params, $data, $request)
    {
+        if (!$request->isPost() && !$request->isPut()) {
+            throw new BadRequest();
+        }
+
        $importParams = array(
            'headerRow' => $data['headerRow'],
            'fieldDelimiter' => $data['fieldDelimiter'],
--- a/application/Espo/Modules/Crm/Controllers/InboundEmail.php
+++ b/application/Espo/Modules/Crm/Controllers/InboundEmail.php
@@ -20,7 +20,10 @@
 * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
 ************************************************************************/

-namespace Espo\Modules\Crm\Controllers;
+namespace Espo\Controllers;
+
+use \Espo\Core\Exceptions\Forbidden;
+use \Espo\Core\Exceptions\BadRequest;

 class InboundEmail extends \Espo\Core\Controllers\Record
 {
@@ -36,7 +39,7 @@ class InboundEmail extends \Espo\Core\Controllers\Record
        return $this->getRecordService()->getFolders(array(
            'host' => $request->get('host'),
            'port' => $request->get('port'),
-            'ssl' => $request->get('ssl'),
+            'ssl' => $request->get('ssl') === 'true',
            'username' => $request->get('username'),
            'password' => $request->get('password'),
            'id' => $request->get('id')
--- a/application/Espo/Controllers/Integration.php
+++ b/application/Espo/Controllers/Integration.php
@@ -18,21 +18,23 @@
 *
 * You should have received a copy of the GNU General Public License
 * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
- ************************************************************************/ 
+ ************************************************************************/

 namespace Espo\Controllers;

 use \Espo\Core\Exceptions\Error;
+use \Espo\Core\Exceptions\Forbidden;
+use \Espo\Core\Exceptions\BadRequest;

 class Integration extends \Espo\Core\Controllers\Record
-{    
+{
    protected function checkControllerAccess()
    {
        if (!$this->getUser()->isAdmin()) {
            throw new Forbidden();
        }
    }
-    
+
    public function actionIndex($params, $data, $request)
    {
        return false;
@@ -40,22 +42,25 @@ class Integration extends \Espo\Core\Controllers\Record

    public function actionRead($params, $data, $request)
    {
-        $entity = $this->getEntityManager()->getEntity('Integration', $params['id']);        
+        $entity = $this->getEntityManager()->getEntity('Integration', $params['id']);
        return $entity->toArray();
    }
-    
-    public function actionUpdate($params, $data)
+
+    public function actionUpdate($params, $data, $request)
    {
-        return $this->actionPatch($params, $data);
+        return $this->actionPatch($params, $data, $request);
    }
-    
-    public function actionPatch($params, $data)
+
+    public function actionPatch($params, $data, $request)
    {
+        if (!$request->isPut() && !$request->isPatch()) {
+            throw new BadRequest();
+        }
        $entity = $this->getEntityManager()->getEntity('Integration', $params['id']);
        $entity->set($data);
        $this->getEntityManager()->saveEntity($entity);
-        
-        return $entity->toArray();        
+
+        return $entity->toArray();
    }
 }

--- a/application/Espo/Controllers/Job.php
+++ b/application/Espo/Controllers/Job.php
@@ -0,0 +1,72 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ ************************************************************************/
+
+namespace Espo\Controllers;
+
+use \Espo\Core\Exceptions\Error;
+use \Espo\Core\Exceptions\Forbidden;
+
+class Job extends \Espo\Core\Controllers\Record
+{
+    protected function checkControllerAccess()
+    {
+        if (!$this->getUser()->isAdmin()) {
+            throw new Forbidden();
+        }
+    }
+
+    public function actionCreate($params, $data)
+    {
+        throw new Forbidden();
+    }
+
+    public function actionUpdate($params, $data)
+    {
+        throw new Forbidden();
+    }
+
+    public function actionPatch($params, $data)
+    {
+        throw new Forbidden();
+    }
+
+    public function actionListLinked($params, $data, $request)
+    {
+        throw new Forbidden();
+    }
+
+    public function actionMassUpdate($params, $data, $request)
+    {
+        throw new Forbidden();
+    }
+
+    public function actionCreateLink($params, $data)
+    {
+        throw new Forbidden();
+    }
+
+    public function actionRemoveLink($params, $data)
+    {
+        throw new Forbidden();
+    }
+}
+
--- a/application/Espo/Controllers/Layout.php
+++ b/application/Espo/Controllers/Layout.php
@@ -26,6 +26,7 @@ use Espo\Core\Utils as Utils;
 use \Espo\Core\Exceptions\NotFound;
 use \Espo\Core\Exceptions\Error;
 use \Espo\Core\Exceptions\Forbidden;
+use \Espo\Core\Exceptions\BadRequest;

 class Layout extends \Espo\Core\Controllers\Base
 {
@@ -38,12 +39,16 @@ class Layout extends \Espo\Core\Controllers\Base
        return $data;
    }

-    public function actionUpdate($params, $data)
+    public function actionUpdate($params, $data, $request)
    {
        if (!$this->getUser()->isAdmin()) {
            throw new Forbidden();
        }

+        if (!$request->isPut() && !$request->isPatch()) {
+            throw new BadRequest();
+        }
+
        $layoutManager = $this->getContainer()->get('layout');
        $layoutManager->set($data, $params['scope'], $params['name']);
        $result = $layoutManager->save();
@@ -57,8 +62,20 @@ class Layout extends \Espo\Core\Controllers\Base
        return $layoutManager->get($params['scope'], $params['name']);
    }

-    public function actionPatch($params, $data)
+    public function actionPatch($params, $data, $request)
    {
-        return $this->actionUpdate($params, $data);
+        return $this->actionUpdate($params, $data, $request);
+    }
+
+    public function actionResetToDefault($params, $data, $request)
+    {
+        if (!$request->isPost()) {
+            throw new BadRequest();
+        }
+        if (empty($data['scope']) || empty($data['name'])) {
+            throw new BadRequest();
+        }
+
+        return $this->getContainer()->get('layout')->resetToDefault($data['scope'], $data['name']);
    }
 }
--- a/application/Espo/Controllers/Notification.php
+++ b/application/Espo/Controllers/Notification.php
@@ -18,7 +18,7 @@
 *
 * You should have received a copy of the GNU General Public License
 * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
- ************************************************************************/ 
+ ************************************************************************/

 namespace Espo\Controllers;

@@ -32,32 +32,32 @@ class Notification extends \Espo\Core\Controllers\Base
    {
        $scope = $params['scope'];
        $id = $params['id'];
-        
+
        $userId = $this->getUser()->id;
-        
+
        $offset = intval($request->get('offset'));
-        $maxSize = intval($request->get('maxSize'));        
-        
+        $maxSize = intval($request->get('maxSize'));
+
        $params = array(
            'offset' => $offset,
            'maxSize' => $maxSize,
        );
-        
-        $result = $this->getService('Notification')->getList($userId, $params);    
-        
+
+        $result = $this->getService('Notification')->getList($userId, $params);
+
        return array(
            'total' => $result['total'],
            'list' => $result['collection']->toArray()
        );
    }
-    
+
    public function actionNotReadCount()
    {
        $userId = $this->getUser()->id;
        return $this->getService('Notification')->getNotReadCount($userId);
    }
-    
-    public function actionMarkAllRead($params, $data, $request)
+
+    public function postActionMarkAllRead($params, $data, $request)
    {
        $userId = $this->getUser()->id;
        return $this->getService('Notification')->markAllRead($userId);
--- a/application/Espo/Controllers/Preferences.php
+++ b/application/Espo/Controllers/Preferences.php
@@ -53,27 +53,34 @@ class Preferences extends \Espo\Core\Controllers\Base
        }
    }

-    public function actionDelete($params, $data)
+    public function actionDelete($params, $data, $request)
    {
        $userId = $params['id'];
        if (empty($userId)) {
            throw new BadRequest();
        }
+        if (!$request->isDelete()) {
+            throw new BadRequest();
+        }
        $this->handleUserAccess($userId);

        return $this->getEntityManager()->getRepository('Preferences')->resetToDefaults($userId);
    }

-    public function actionPatch($params, $data)
+    public function actionPatch($params, $data, $request)
    {
-        return $this->actionUpdate($params, $data);
+        return $this->actionUpdate($params, $data, $request);
    }

-    public function actionUpdate($params, $data)
+    public function actionUpdate($params, $data, $request)
    {
        $userId = $params['id'];
        $this->handleUserAccess($userId);

+        if (!$request->isPost() && !$request->isPatch()) {
+            throw new BadRequest();
+        }
+
        if (array_key_exists('smtpPassword', $data)) {
            $data['smtpPassword'] = $this->getCrypt()->encrypt($data['smtpPassword']);
        }
--- a/application/Espo/Controllers/Settings.php
+++ b/application/Espo/Controllers/Settings.php
@@ -24,6 +24,7 @@ namespace Espo\Controllers;

 use \Espo\Core\Exceptions\Error;
 use \Espo\Core\Exceptions\Forbidden;
+use \Espo\Core\Exceptions\BadRequest;

 class Settings extends \Espo\Core\Controllers\Base
 {
@@ -46,17 +47,21 @@ class Settings extends \Espo\Core\Controllers\Base
        return $this->getConfigData();
    }

-    public function actionUpdate($params, $data)
+    public function actionUpdate($params, $data, $request)
    {
-        return $this->actionPatch($params, $data);
+        return $this->actionPatch($params, $data, $request);
    }

-    public function actionPatch($params, $data)
+    public function actionPatch($params, $data, $request)
    {
        if (!$this->getUser()->isAdmin()) {
            throw new Forbidden();
        }

+        if (!$request->isPut() && !$request->isPatch()) {
+            throw new BadRequest();
+        }
+
        if (isset($data['useCache']) && $data['useCache'] != $this->getConfig()->get('useCache')) {
            $this->getContainer()->get('dataManager')->clearCache();
        }
--- a/application/Espo/Controllers/Stream.php
+++ b/application/Espo/Controllers/Stream.php
@@ -38,6 +38,7 @@ class Stream extends \Espo\Core\Controllers\Base
        $offset = intval($request->get('offset'));
        $maxSize = intval($request->get('maxSize'));
        $after = $request->get('after');
+        $filter = $request->get('filter');

        $service = $this->getService('Stream');

@@ -52,6 +53,7 @@ class Stream extends \Espo\Core\Controllers\Base
            'offset' => $offset,
            'maxSize' => $maxSize,
            'after' => $after,
+            'filter' => $filter
        ));

        return array(
--- a/application/Espo/Controllers/Team.php
+++ b/application/Espo/Controllers/Team.php
@@ -18,12 +18,12 @@
 *
 * You should have received a copy of the GNU General Public License
 * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
- ************************************************************************/ 
+ ************************************************************************/

 namespace Espo\Controllers;

 class Team extends \Espo\Core\Controllers\Record
 {
-    
+

 }
--- a/application/Espo/Controllers/Template.php
+++ b/application/Espo/Controllers/Template.php
@@ -0,0 +1,31 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ ************************************************************************/
+
+namespace Espo\Controllers;
+
+use \Espo\Core\Exceptions\Error;
+
+class Template extends \Espo\Core\Controllers\Record
+{
+
+}
+
--- a/application/Espo/Controllers/User.php
+++ b/application/Espo/Controllers/User.php
@@ -45,9 +45,7 @@ class User extends \Espo\Core\Controllers\Record
            throw new NotFound();
        }

-        $acl = new \Espo\Core\Acl($user, $this->getConfig(), $this->getContainer()->get('fileManager'), $this->getMetadata());
-
-        return $acl->toArray();
+        return $this->getAclManager()->getMap($user);
    }

    public function actionChangeOwnPassword($params, $data, $request)
@@ -55,7 +53,10 @@ class User extends \Espo\Core\Controllers\Record
        if (!$request->isPost()) {
            throw new BadRequest();
        }
-        return $this->getService('User')->changePassword($this->getUser()->id, $data['password']);
+        if (!array_key_exists('password', $data) || !array_key_exists('currentPassword', $data)) {
+            throw new BadRequest();
+        }
+        return $this->getService('User')->changePassword($this->getUser()->id, $data['password'], true, $data['currentPassword']);
    }

    public function actionChangePasswordByRequest($params, $data, $request)
@@ -89,7 +90,7 @@ class User extends \Espo\Core\Controllers\Record
        if (!$request->isPost()) {
            throw new Forbidden();
        }
-        
+
        if (empty($data['userName']) || empty($data['emailAddress'])) {
            throw new BadRequest();
        }
--- a/application/Espo/Core/Acl.php
+++ b/application/Espo/Core/Acl.php
@@ -22,305 +22,61 @@

 namespace Espo\Core;

-use \Espo\Core\Exceptions\Error;
-
-use \Espo\ORM\Entity;
-
 class Acl
 {
-    private $data = array(
-        'table' => array()
-    );
+    private $user;

-    private $cacheFile;
+    private $aclManager;

-    private $actionList = array('read', 'edit', 'delete');
-
-    private $levelList = array('all', 'team', 'own', 'no');
-
-    protected $fileManager;
-
-    protected $metadata;
-
-    public function __construct(\Espo\Entities\User $user, $config = null, $fileManager = null, $metadata = null)
+    public function __construct(AclManager $aclManager, \Espo\Entities\User $user)
    {
+        $this->aclManager = $aclManager;
        $this->user = $user;
-
-        $this->metadata = $metadata;
-
-        if (!$this->user->isFetched()) {
-            throw new Error();
-        }
-
-        $this->user->loadLinkMultipleField('teams');
-
-        if ($fileManager) {
-            $this->fileManager = $fileManager;
-        }
-
-        $this->cacheFile = 'data/cache/application/acl/' . $user->id . '.php';
-
-        if ($config && $config->get('useCache') && file_exists($this->cacheFile)) {
-            $cached = include $this->cacheFile;
-            $this->data = $cached;
-            $this->initSolid();
-        } else {
-            $this->load();
-            $this->initSolid();
-            if ($config && $fileManager && $config->get('useCache')) {
-                $this->buildCache();
-            }
-        }
-
    }

-    public function checkScope($scope, $action = null, $isOwner = null, $inTeam = null, $entity = null)
+    protected function getAclManager()
    {
-        if (array_key_exists($scope, $this->data['table'])) {
-            if ($this->data['table'][$scope] === false) {
-                return false;
-            }
-            if ($this->data['table'][$scope] === true) {
-                return true;
-            }
-            if (!is_null($action)) {
-                if (array_key_exists($action, $this->data['table'][$scope])) {
-                    $value = $this->data['table'][$scope][$action];
-
-                    if ($value === 'all' || $value === true) {
-                        return true;
-                    }
-
-                    if (!$value || $value === 'no') {
-                        return false;
-                    }
-
-                    if (is_null($isOwner)) {
-                        return true;
-                    }
-
-                    if ($isOwner) {
-                        if ($value === 'own' || $value === 'team') {
-                            return true;
-                        }
-                    }
-                    if ($inTeam === null && $entity) {
-                        $inTeam = $this->checkInTeam($entity);
-                    }
-
-                    if ($inTeam) {
-                        if ($value === 'team') {
-                            return true;
-                        }
-                    }
-
-                    return false;
-                }
-            }
-            return true;
-        }
-        return true;
+        return $this->aclManager;
    }

-    public function toArray()
+    protected function getUser()
    {
-        return $this->data;
+        return $this->user;
    }

-    public function get($permission)
+    public function getMap()
    {
-        if ($this->user->isAdmin()) {
-            return true;
-        }
-        if ($permission == 'table') {
-            return null;
-        }
-
-        if (array_key_exists($permission, $this->data)) {
-            return $this->data[$permission];
-        }
-        return null;
+        return $this->getAclManager()->getMap($this->getUser());
    }

    public function getLevel($scope, $action)
    {
-        if ($this->user->isAdmin()) {
-            return 'all';
-        }
-        if (array_key_exists($scope, $this->data['table'])) {
-            if (array_key_exists($action, $this->data['table'][$scope])) {
-                return $this->data['table'][$scope][$action];
-            }
-        }
-        return false;
+        return $this->getAclManager()->getLevel($this->getUser(), $scope, $action);
    }

-    public function check($subject, $action = null, $isOwner = null, $inTeam = null)
+    public function get($permission)
    {
-        if ($this->user->isAdmin()) {
-            return true;
-        }
-        if (is_string($subject)) {
-            return $this->checkScope($subject, $action, $isOwner, $inTeam);
-        } else {
-            $entity = $subject;
-            if ($entity instanceof Entity) {
-                $entityName = $entity->getEntityName();
-                return $this->checkScope($entityName, $action, $this->checkIsOwner($entity), $inTeam, $entity);
-            }
-        }
+        return $this->getAclManager()->get($this->getUser(), $permission);
    }

    public function checkReadOnlyTeam($scope)
    {
-        if (isset($this->data['table'][$scope]) && isset($this->data['table'][$scope]['read'])) {
-            return $this->data['table'][$scope]['read'] === 'team';
-        }
-        return false;
+        return $this->getAclManager()->checkReadOnlyTeam($this->getUser(), $scope);
    }

    public function checkReadOnlyOwn($scope)
    {
-        if ($this->user->isAdmin()) {
-            return false;
-        }
-        if (isset($this->data['table'][$scope]) && isset($this->data['table'][$scope]['read'])) {
-            return $this->data['table'][$scope]['read'] === 'own';
-        }
-        return false;
+        return $this->getAclManager()->checkReadOnlyOwn($this->getUser(), $scope);
    }

-    public function checkIsOwner($entity)
+    public function check($subject, $action = null, $isOwner = null, $inTeam = null)
    {
-        if ($this->user->isAdmin()) {
-            return false;
-        }
-        $userId = $this->user->id;
-        if ($userId === $entity->get('assignedUserId') || $userId === $entity->get('createdById')) {
-            return true;
-        }
-        return false;
+        return $this->getAclManager()->check($this->getUser(), $subject, $action, $isOwner, $inTeam) ;
    }

-    public function checkInTeam($entity)
+    public function checkScope($scope, $action = null, $isOwner = null, $inTeam = null, $entity = null)
    {
-        $userTeamIds = $this->user->get('teamsIds');
-
-        if (!$entity->hasRelation('teams') || !$entity->hasField('teamsIds')) {
-            return false;
-        }
-
-        if (!$entity->has('teamsIds')) {
-            $entity->loadLinkMultipleField('teams');
-        }
-
-        $teamIds = $entity->get('teamsIds');
-
-        if (empty($teamIds)) {
-            return false;
-        }
-
-        foreach ($userTeamIds as $id) {
-            if (in_array($id, $teamIds)) {
-                return true;
-            }
-        }
-        return false;
-    }
-
-    private function load()
-    {
-        $aclTables = [];
-        $assignmentPermissionList = [];
-
-        $userRoles = $this->user->get('roles');
-
-        foreach ($userRoles as $role) {
-            $aclTables[] = $role->get('data');
-            $assignmentPermissionList[] = $role->get('assignmentPermission');
-        }
-
-        $teams = $this->user->get('teams');
-        foreach ($teams as $team) {
-            $teamRoles = $team->get('roles');
-            foreach ($teamRoles as $role) {
-                $aclTables[] = $role->get('data');
-                $assignmentPermissionList[] = $role->get('assignmentPermission');
-            }
-        }
-
-        $this->data['table'] = $this->merge($aclTables);
-        $this->data['assignmentPermission'] = $this->mergeValues($assignmentPermissionList, 'all');
-    }
-
-    private function initSolid()
-    {
-        if (!$this->metadata) {
-            return;
-        }
-
-        $data = $this->metadata->get('app.acl.solid', array());
-
-        foreach ($data as $entityName => $item) {
-            $this->data['table'][$entityName] = $item;
-        }
-    }
-
-    private function mergeValues(array $list, $defaultValue)
-    {
-        $result = null;
-        foreach ($list as $level) {
-            if ($level != 'not-set') {
-                if (is_null($result)) {
-                    $result = $level;
-                    continue;
-                }
-                if (array_search($result, $this->levelList) > array_search($level, $this->levelList)) {
-                    $result = $level;
-                }
-            }
-        }
-        if (is_null($result)) {
-            $result = $defaultValue;
-        }
-        return $result;
-    }
-
-    private function merge($tables)
-    {
-        $data = array();
-        foreach ($tables as $table) {
-            foreach ($table as $scope => $row) {
-                if ($row == false) {
-                    if (!isset($data[$scope])) {
-                        $data[$scope] = false;
-                    }
-                } else {
-                    if (!isset($data[$scope])) {
-                        $data[$scope] = array();
-                    }
-                    if ($data[$scope] == false) {
-                        $data[$scope] = array();
-                    }
-                    foreach ($row as $action => $level) {
-                        if (!isset($data[$scope][$action])) {
-                            $data[$scope][$action] = $level;
-                        } else {
-                            if (array_search($data[$scope][$action], $this->levelList) > array_search($level, $this->levelList)) {
-                                $data[$scope][$action] = $level;
-                            }
-                        }
-                    }
-                }
-            }
-        }
-        return $data;
-    }
-
-    private function buildCache()
-    {
-        $contents = '<' . '?'. 'php return ' .  var_export($this->data, true)  . ';';
-        $this->fileManager->putContents($this->cacheFile, $contents);
+        return $this->getAclManager()->checkScope($this->getUser(), $scope, $action, $isOwner, $inTeam, $entity) ;
    }
 }

--- a/application/Espo/Core/Acl/Base.php
+++ b/application/Espo/Core/Acl/Base.php
@@ -0,0 +1,223 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ ************************************************************************/
+
+namespace Espo\Core\Acl;
+
+use \Espo\Core\Interfaces\Injectable;
+
+use \Espo\Entities\User;
+use \Espo\ORM\Entity;
+
+class Base implements Injectable
+{
+    protected $dependencies = array(
+        'config',
+        'entityManager',
+        'aclManager'
+    );
+
+    protected $injections = array();
+
+    public function inject($name, $object)
+    {
+        $this->injections[$name] = $object;
+    }
+
+    public function __construct()
+    {
+        $this->init();
+    }
+
+    protected function init()
+    {
+    }
+
+    protected function getInjection($name)
+    {
+        return $this->injections[$name];
+    }
+
+    protected function addDependency($name)
+    {
+        $this->dependencies[] = $name;
+    }
+
+    public function getDependencyList()
+    {
+        return $this->dependencies;
+    }
+
+    protected function getConfig()
+    {
+        return $this->getInjection('config');
+    }
+
+    protected function getEntityManager()
+    {
+        return $this->getInjection('entityManager');
+    }
+
+    protected function getAclManager()
+    {
+        return $this->getInjection('aclManager');
+    }
+
+    public function checkReadOnlyTeam(User $user, $scope, $data)
+    {
+        if (empty($data) || !is_array($data) || !isset($data['read'])) {
+            return false;
+        }
+        return $data['read'] === 'team';
+    }
+
+    public function checkReadOnlyOwn(User $user, $scope, $data)
+    {
+        if (empty($data) || !is_array($data) || !isset($data['read'])) {
+            return false;
+        }
+        return $data['read'] === 'own';
+    }
+
+    public function checkEntity(User $user, Entity $entity, $data, $action)
+    {
+        return $this->checkScope($user, $data, $entity->getEntityType(), $action, null, null, $entity);
+    }
+
+    public function checkScope(User $user, $data, $scope, $action = null, $isOwner = null, $inTeam = null, Entity $entity = null)
+    {
+        if (is_null($data)) {
+            return false;
+        }
+        if ($data === false) {
+            return false;
+        }
+        if ($data === true) {
+            return true;
+        }
+
+        if (!is_null($action)) {
+            if (array_key_exists($action, $data)) {
+                $value = $data[$action];
+
+                if ($value === 'all' || $value === true) {
+                    return true;
+                }
+
+                if (!$value || $value === 'no') {
+                    return false;
+                }
+
+                if (is_null($isOwner)) {
+                    if ($entity) {
+                        $isOwner = $this->checkIsOwner($user, $entity);
+                    } else {
+                        return true;
+                    }
+                }
+
+                if ($isOwner) {
+                    if ($value === 'own' || $value === 'team') {
+                        return true;
+                    }
+                }
+                if (is_null($inTeam) && $entity) {
+                    $inTeam = $this->checkInTeam($user, $entity);
+                }
+
+                if ($inTeam) {
+                    if ($value === 'team') {
+                        return true;
+                    }
+                }
+                return false;
+            }
+        }
+        return true;
+    }
+
+    public function checkIsOwner(User $user, Entity $entity)
+    {
+        if ($entity->has('assignedUserId')) {
+            if ($user->id === $entity->get('assignedUserId')) {
+                return true;
+            }
+        }
+        if ($entity->has('createdById')) {
+            if ($user->id === $entity->get('createdById')) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    public function checkInTeam(User $user, Entity $entity)
+    {
+        $userTeamIds = $user->get('teamsIds');
+
+        if (!$entity->hasRelation('teams') || !$entity->hasField('teamsIds')) {
+            return false;
+        }
+
+        if (!$entity->has('teamsIds')) {
+            $entity->loadLinkMultipleField('teams');
+        }
+
+        $teamIds = $entity->get('teamsIds');
+
+        if (empty($teamIds)) {
+            return false;
+        }
+
+        foreach ($userTeamIds as $id) {
+            if (in_array($id, $teamIds)) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    public function checkEntityDelete(User $user, Entity $entity, $data)
+    {
+        $result = $this->checkEntity($user, $entity, $data, 'delete');
+        if (!$result) {
+            if (is_array($data)) {
+                if ($data['edit'] != 'no') {
+                    if ($entity->has('createdById') && $entity->get('createdById') == $user->id) {
+                        if (!$entity->has('assignedUserId')) {
+                            return true;
+                        } else {
+                            if (!$entity->get('assignedUserId')) {
+                                return true;
+                            }
+                            if ($entity->get('assignedUserId') == $entity->get('createdById')) {
+                                return true;
+                            }
+                        }
+                    }
+                }
+            }
+        }
+
+        return $result;
+    }
+}
+
--- a/application/Espo/Core/Acl/Table.php
+++ b/application/Espo/Core/Acl/Table.php
@@ -0,0 +1,247 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ ************************************************************************/
+
+namespace Espo\Core\Acl;
+
+use \Espo\Core\Exceptions\Error;
+
+use \Espo\ORM\Entity;
+
+class Table
+{
+    private $data = array(
+        'table' => array()
+    );
+
+    private $cacheFile;
+
+    private $actionList = ['read', 'edit', 'delete'];
+
+    private $levelList = ['all', 'team', 'own', 'no'];
+
+    protected $fileManager;
+
+    protected $metadata;
+
+    public function __construct(\Espo\Entities\User $user, $config = null, $fileManager = null, $metadata = null)
+    {
+        $this->user = $user;
+
+        $this->metadata = $metadata;
+
+        if (!$this->user->isFetched()) {
+            throw new Error();
+        }
+
+        $this->user->loadLinkMultipleField('teams');
+
+        if ($fileManager) {
+            $this->fileManager = $fileManager;
+        }
+
+        $this->cacheFile = 'data/cache/application/acl/' . $user->id . '.php';
+
+        if ($config && $config->get('useCache') && file_exists($this->cacheFile)) {
+            $cached = include $this->cacheFile;
+            $this->data = $cached;
+            $this->initSolid();
+        } else {
+            $this->load();
+            $this->initSolid();
+            if ($config && $fileManager && $config->get('useCache')) {
+                $this->buildCache();
+            }
+        }
+    }
+
+    public function getMap()
+    {
+        return $this->data;
+    }
+
+    public function getScopeData($scope)
+    {
+        if (array_key_exists($scope, $this->data['table'])) {
+            return $this->data['table'][$scope];
+        }
+        return null;
+    }
+
+    public function get($permission)
+    {
+        if ($permission == 'table') {
+            return null;
+        }
+
+        if (array_key_exists($permission, $this->data)) {
+            return $this->data[$permission];
+        }
+        return null;
+    }
+
+    public function getLevel($scope, $action)
+    {
+        if (array_key_exists($scope, $this->data['table'])) {
+            if (array_key_exists($action, $this->data['table'][$scope])) {
+                return $this->data['table'][$scope][$action];
+            }
+        }
+        return false;
+    }
+
+    private function load()
+    {
+        $aclTables = [];
+        $assignmentPermissionList = [];
+        $userPermissionList = [];
+
+        $userRoles = $this->user->get('roles');
+
+        foreach ($userRoles as $role) {
+            $aclTables[] = $role->get('data');
+            $assignmentPermissionList[] = $role->get('assignmentPermission');
+            $userPermissionList[] = $role->get('userPermission');
+        }
+
+        $teams = $this->user->get('teams');
+        foreach ($teams as $team) {
+            $teamRoles = $team->get('roles');
+            foreach ($teamRoles as $role) {
+                $aclTables[] = $role->get('data');
+                $assignmentPermissionList[] = $role->get('assignmentPermission');
+                $userPermissionList[] = $role->get('userPermission');
+            }
+        }
+
+        $this->data['table'] = $this->merge($aclTables);
+
+        $this->data['assignmentPermission'] = $this->mergeValues($assignmentPermissionList, $this->metadata->get('app.acl.valueDefaults.assignmentPermission', 'all'));
+        $this->data['userPermission'] = $this->mergeValues($userPermissionList, $this->metadata->get('app.acl.valueDefaults.userPermission', 'no'));
+    }
+
+    private function initSolid()
+    {
+        if (!$this->metadata) {
+            return;
+        }
+
+        $data = $this->metadata->get('app.acl.solid', array());
+
+        foreach ($data as $entityType => $item) {
+            $this->data['table'][$entityType] = $item;
+        }
+    }
+
+    private function mergeValues(array $list, $defaultValue)
+    {
+        $result = null;
+        foreach ($list as $level) {
+            if ($level != 'not-set') {
+                if (is_null($result)) {
+                    $result = $level;
+                    continue;
+                }
+                if (array_search($result, $this->levelList) > array_search($level, $this->levelList)) {
+                    $result = $level;
+                }
+            }
+        }
+        if (is_null($result)) {
+            $result = $defaultValue;
+        }
+        return $result;
+    }
+
+    private function getScopeList()
+    {
+        $scopeList = [];
+        $scopes = $this->metadata->get('scopes');
+        foreach ($scopes as $scope => $d) {
+        	if (!empty($d['acl'])) {
+        		$scopeList[] = $scope;
+        	}
+        }
+        return $scopeList;
+    }
+
+    private function merge($tables)
+    {
+        $data = array();
+        $scopeList = $this->getScopeList();
+
+        foreach ($tables as $table) {
+            foreach ($scopeList as $scope) {
+            	if (!isset($table->$scope)) {
+            		continue;
+            	}
+            	$row = $table->$scope;
+
+                if ($row == false) {
+                    if (!isset($data[$scope])) {
+                        $data[$scope] = false;
+                    }
+                } else if ($row === true) {
+                    $data[$scope] = true;
+                } else {
+                    if (!isset($data[$scope])) {
+                        $data[$scope] = array();
+                    }
+                    if ($data[$scope] == false) {
+                        $data[$scope] = array();
+                    }
+
+                    if (is_array($row) || $row instanceof \stdClass) {
+                        foreach ($row as $action => $level) {
+                            if (!isset($data[$scope][$action])) {
+                                $data[$scope][$action] = $level;
+                            } else {
+                                if (array_search($data[$scope][$action], $this->levelList) > array_search($level, $this->levelList)) {
+                                    $data[$scope][$action] = $level;
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+        }
+
+        foreach ($scopeList as $scope) {
+        	if (!array_key_exists($scope, $data)) {
+        		$aclType = $this->metadata->get('scopes.' . $scope . '.acl');
+                if ($aclType === true) {
+                    $aclType = 'recordAllTeamOwnNo';
+                }
+        		if (!empty($aclType)) {
+	        		$data[$scope] = $this->metadata->get('app.acl.defaults.' . $aclType, true);
+        		}
+        	}
+        }
+        return $data;
+    }
+
+    private function buildCache()
+    {
+        $contents = '<' . '?'. 'php return ' .  var_export($this->data, true)  . ';';
+        $this->fileManager->putContents($this->cacheFile, $contents);
+    }
+}
+
--- a/application/Espo/Core/AclManager.php
+++ b/application/Espo/Core/AclManager.php
@@ -0,0 +1,181 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ ************************************************************************/
+
+namespace Espo\Core;
+
+use \Espo\Core\Exceptions\Error;
+
+use \Espo\ORM\Entity;
+use \Espo\Entities\User;
+use \Espo\Core\Utils\Util;
+
+class AclManager
+{
+    private $container;
+
+    private $metadata;
+
+    private $implementationHashMap = array();
+
+    private $tableHashMap = array();
+
+    public function __construct(Container $container)
+    {
+        $this->container = $container;
+        $this->metadata = $container->get('metadata');
+    }
+
+    protected function getContainer()
+    {
+        return $this->container;
+    }
+
+    public function getImplementation($scope)
+    {
+        if (empty($this->implementationHashMap[$scope])) {
+            $normalizedName = Util::normilizeClassName($scope);
+
+            $className = '\\Espo\\Custom\\Acl\\' . $normalizedName;
+            if (!class_exists($className)) {
+                $moduleName = $this->metadata->getScopeModuleName($scope);
+                if ($moduleName) {
+                    $className = '\\Espo\\Modules\\' . $moduleName . '\\Acl\\' . $normalizedName;
+                } else {
+                    $className = '\\Espo\\Acl\\' . $normalizedName;
+                }
+                if (!class_exists($className)) {
+                    $className = '\\Espo\\Core\\Acl\\Base';
+                }
+            }
+
+            if (class_exists($className)) {
+                $acl = new $className();
+                $dependencies = $acl->getDependencyList();
+                foreach ($dependencies as $name) {
+                    $acl->inject($name, $this->container->get($name));
+                }
+                $this->implementationHashMap[$scope] = $acl;
+            } else {
+                throw new Error();
+            }
+        }
+
+        return $this->implementationHashMap[$scope];
+    }
+
+    protected function getTable(User $user)
+    {
+        $key = spl_object_hash($user);
+
+        if (empty($this->tableHashMap[$key])) {
+            $config = $this->getContainer()->get('config');
+            $fileManager = $this->getContainer()->get('fileManager');
+            $metadata = $this->getContainer()->get('metadata');
+
+            $this->tableHashMap[$key] = new \Espo\Core\Acl\Table($user, $config, $fileManager, $metadata);
+        }
+
+        return $this->tableHashMap[$key];
+    }
+
+    public function getMap(User $user)
+    {
+        return $this->getTable($user)->getMap();
+    }
+
+    public function getLevel(User $user, $scope, $action)
+    {
+        if ($user->isAdmin()) {
+            return 'all';
+        }
+        return $this->getTable($user)->getLevel($scope, $action);
+    }
+
+    public function get(User $user, $permission)
+    {
+        if ($user->isAdmin()) {
+            return true;
+        }
+        return $this->getTable($user)->get($permission);
+    }
+
+    public function checkReadOnlyTeam(User $user, $scope)
+    {
+        if ($user->isAdmin()) {
+            return false;
+        }
+        $data = $this->getTable($user)->getScopeData($scope);
+        return $this->getImplementation($scope)->checkReadOnlyTeam($user, $scope, $data);
+    }
+
+    public function checkReadOnlyOwn(User $user, $scope)
+    {
+        if ($user->isAdmin()) {
+            return false;
+        }
+        $data = $this->getTable($user)->getScopeData($scope);
+        return $this->getImplementation($scope)->checkReadOnlyOwn($user, $scope, $data);
+    }
+
+    public function check(User $user, $subject, $action = null, $isOwner = null, $inTeam = null)
+    {
+        if ($user->isAdmin()) {
+            return true;
+        }
+        if (is_string($subject)) {
+            return $this->checkScope($user, $subject, $action, $isOwner, $inTeam);
+        } else {
+            $entity = $subject;
+            if ($entity instanceof Entity) {
+                $entityType = $entity->getEntityType();
+
+                $impl = $this->getImplementation($entityType);
+                $methodName = 'checkEntity' . ucfirst($action);
+                if (method_exists($impl, $methodName)) {
+                    $data = $this->getTable($user)->getScopeData($entityType);
+                    return $impl->$methodName($user, $entity, $data);
+                }
+
+                return $this->checkEntity($user, $entity, $action);
+            }
+        }
+    }
+
+    public function checkEntity(User $user, Entity $entity, $action)
+    {
+        if ($user->isAdmin()) {
+            return true;
+        }
+        $data = $this->getTable($user)->getScopeData($entity->getEntityType());
+        return $this->getImplementation($entity->getEntityType())->checkEntity($user, $entity, $data, $action);
+    }
+
+    public function checkScope(User $user, $scope, $action = null, $isOwner = null, $inTeam = null, $entity = null)
+    {
+        if ($user->isAdmin()) {
+            return true;
+        }
+        $data = $this->getTable($user)->getScopeData($scope);
+        return $this->getImplementation($scope)->checkScope($user, $data, $scope, $action, $isOwner, $inTeam, $entity);
+    }
+}
+
--- a/application/Espo/Core/Application.php
+++ b/application/Espo/Core/Application.php
@@ -86,10 +86,12 @@ class Application
    public function runClient()
    {
        $config = $this->getContainer()->get('config');
+        $themeManager = $this->getContainer()->get('themeManager');

        $html = file_get_contents('main.html');
        $html = str_replace('{{cacheTimestamp}}', $config->get('cacheTimestamp', 0), $html);
        $html = str_replace('{{useCache}}', $config->get('useCache') ? 'true' : 'false' , $html);
+        $html = str_replace('{{stylesheet}}', $themeManager->getStylesheet(), $html);
        $html = str_replace('{{runScript}}', 'app.start();' , $html);
        echo $html;
        exit;
@@ -105,22 +107,23 @@ class Application
        $container = $this->getContainer();

        $slim->get('/', function() {});
+        $slim->post('/', function() {});

        $entryPointManager = new \Espo\Core\EntryPointManager($container);

-        $auth = $this->getAuth();
-        $apiAuth = new \Espo\Core\Utils\Api\Auth($auth, $entryPointManager->checkAuthRequired($entryPoint), true);
-        $slim->add($apiAuth);
+        try {
+            $auth = $this->getAuth();
+            $apiAuth = new \Espo\Core\Utils\Api\Auth($auth, $entryPointManager->checkAuthRequired($entryPoint), true);
+            $slim->add($apiAuth);

-        $slim->hook('slim.before.dispatch', function () use ($entryPoint, $entryPointManager, $container) {
-            try {
+            $slim->hook('slim.before.dispatch', function () use ($entryPoint, $entryPointManager, $container) {
                $entryPointManager->run($entryPoint);
-            } catch (\Exception $e) {
-                $container->get('output')->processError($e->getMessage(), $e->getCode(), true);
-            }
-        });
+            });

-        $slim->run();
+            $slim->run();
+        } catch (\Exception $e) {
+            $container->get('output')->processError($e->getMessage(), $e->getCode(), true);
+        }
    }

    public function runCron()
--- a/application/Espo/Core/Container.php
+++ b/application/Espo/Core/Container.php
@@ -161,6 +161,14 @@ class Container
        );
    }

+    private function loadNumber()
+    {
+        return new \Espo\Core\Utils\Number(
+            $this->get('config')->get('decimalMark'),
+            $this->get('config')->get('thousandSeparator')
+        );
+    }
+
    private function loadServiceFactory()
    {
        return new \Espo\Core\ServiceFactory(
@@ -194,14 +202,20 @@ class Container
        );
    }

+    private function loadAclManager()
+    {
+        $className = $this->getServiceClassName('acl', '\\Espo\\Core\\AclManager');
+        return new $className(
+            $this->get('container')
+        );
+    }
+
    private function loadAcl()
    {
        $className = $this->getServiceClassName('acl', '\\Espo\\Core\\Acl');
        return new $className(
-            $this->get('user'),
-            $this->get('config'),
-            $this->get('fileManager'),
-            $this->get('metadata')
+            $this->get('aclManager'),
+            $this->get('user')
        );
    }

@@ -230,6 +244,7 @@ class Container
        return new \Espo\Core\Utils\Language(
            $this->get('fileManager'),
            $this->get('config'),
+            $this->get('metadata'),
            $this->get('preferences')
        );
    }
@@ -263,6 +278,14 @@ class Container
        );
    }

+    private function loadThemeManager()
+    {
+        return new \Espo\Core\Utils\ThemeManager(
+            $this->get('config'),
+            $this->get('metadata')
+        );
+    }
+
    public function setUser($user)
    {
        $this->data['user'] = $user;
--- a/application/Espo/Core/ControllerManager.php
+++ b/application/Espo/Core/ControllerManager.php
@@ -87,18 +87,27 @@ class ControllerManager
        $actionNameUcfirst = ucfirst($actionName);

        $beforeMethodName = 'before' . $actionNameUcfirst;
+        $actionMethodName = 'action' . $actionNameUcfirst;
+        $afterMethodName = 'after' . $actionNameUcfirst;
+
+        $fullActionMethodName = strtolower($request->getMethod()) . ucfirst($actionMethodName);
+
+        if (method_exists($controller, $fullActionMethodName)) {
+            $primaryActionMethodName = $fullActionMethodName;
+        } else {
+            $primaryActionMethodName = $actionMethodName;
+        }
+
+        if (!method_exists($controller, $primaryActionMethodName)) {
+            throw new NotFound("Action '$actionName' (".$request->getMethod().") does not exist in controller '$controller'");
+        }
+
        if (method_exists($controller, $beforeMethodName)) {
            $controller->$beforeMethodName($params, $data, $request);
        }
-        $actionMethodName = 'action' . $actionNameUcfirst;

-        if (!method_exists($controller, $actionMethodName)) {
-            throw new NotFound("Action '$actionMethodName' does not exist in controller '$controller'");
-        }
+        $result = $controller->$primaryActionMethodName($params, $data, $request);

-        $result = $controller->$actionMethodName($params, $data, $request);
-
-        $afterMethodName = 'after' . $actionNameUcfirst;
        if (method_exists($controller, $afterMethodName)) {
            $controller->$afterMethodName($params, $data, $request);
        }
--- a/application/Espo/Core/Controllers/Base.php
+++ b/application/Espo/Core/Controllers/Base.php
@@ -90,6 +90,11 @@ abstract class Base
        return $this->container->get('acl');
    }

+    protected function getAclManager()
+    {
+        return $this->container->get('aclManager');
+    }
+
    protected function getConfig()
    {
        return $this->container->get('config');
--- a/application/Espo/Core/Controllers/Record.php
+++ b/application/Espo/Core/Controllers/Record.php
@@ -34,6 +34,8 @@ class Record extends Base

    public static $defaultAction = 'list';

+    protected $defaultRecordServiceName = 'Record';
+
    protected function getEntityManager()
    {
        return $this->getContainer()->get('entityManager');
@@ -48,8 +50,8 @@ class Record extends Base
        if ($this->getServiceFactory()->checkExists($name)) {
            $service = $this->getServiceFactory()->create($name);
        } else {
-            $service = $this->getServiceFactory()->create('Record');
-            $service->setEntityName($name);
+            $service = $this->getServiceFactory()->create($this->defaultRecordServiceName);
+            $service->setEntityType($name);
        }

        return $service;
@@ -67,13 +69,17 @@ class Record extends Base
        return $entity->toArray();
    }

-    public function actionPatch($params, $data)
+    public function actionPatch($params, $data, $request)
    {
-        return $this->actionUpdate($params, $data);
+        return $this->actionUpdate($params, $data, $request);
    }

-    public function actionCreate($params, $data)
+    public function actionCreate($params, $data, $request)
    {
+        if (!$request->isPost()) {
+            throw new BadRequest();
+        }
+
        if (!$this->getAcl()->check($this->name, 'edit')) {
            throw new Forbidden();
        }
@@ -87,8 +93,12 @@ class Record extends Base
        throw new Error();
    }

-    public function actionUpdate($params, $data)
+    public function actionUpdate($params, $data, $request)
    {
+        if (!$request->isPut() && !$request->isPatch()) {
+            throw new BadRequest();
+        }
+
        if (!$this->getAcl()->check($this->name, 'edit')) {
            throw new Forbidden();
        }
@@ -119,7 +129,7 @@ class Record extends Base
            $maxSize = self::MAX_SIZE_LIMIT;
        }
        if (!empty($maxSize) && $maxSize > self::MAX_SIZE_LIMIT) {
-            throw new Forbidden();
+            throw new Forbidden("Max should should not exceed " . self::MAX_SIZE_LIMIT . ". Use pagination (offset, limit).");
        }

        $result = $this->getRecordService()->findEntities(array(
@@ -133,7 +143,7 @@ class Record extends Base

        return array(
            'total' => $result['total'],
-            'list' => $result['collection']->toArray()
+            'list' => isset($result['collection']) ? $result['collection']->toArray() : $result['list']
        );
    }

@@ -168,12 +178,16 @@ class Record extends Base

        return array(
            'total' => $result['total'],
-            'list' => $result['collection']->toArray()
+            'list' => isset($result['collection']) ? $result['collection']->toArray() : $result['list']
        );
    }

-    public function actionDelete($params)
+    public function actionDelete($params, $data, $request)
    {
+        if (!$request->isDelete()) {
+            throw new BadRequest();
+        }
+
        $id = $params['id'];

        if ($this->getRecordService()->deleteEntity($id)) {
@@ -184,7 +198,7 @@ class Record extends Base

    public function actionExport($params, $data, $request)
    {
-        if ($this->getConfig()->get('disableExport') && !$this->getUser()->isAdmin()) {
+        if ($this->getConfig()->get('exportDisabled') && !$this->getUser()->isAdmin()) {
            throw new Forbidden();
        }

@@ -210,6 +224,10 @@ class Record extends Base

    public function actionMassUpdate($params, $data, $request)
    {
+        if (!$request->isPut()) {
+            throw new BadRequest();
+        }
+
        if (!$this->getAcl()->check($this->name, 'edit')) {
            throw new Forbidden();
        }
@@ -233,6 +251,9 @@ class Record extends Base

    public function actionMassDelete($params, $data, $request)
    {
+        if (!$request->isPost()) {
+            throw new BadRequest();
+        }
        if (!$this->getAcl()->check($this->name, 'delete')) {
            throw new Forbidden();
        }
@@ -252,10 +273,14 @@ class Record extends Base
        return $idsRemoved;
    }

-    public function actionCreateLink($params, $data)
+    public function actionCreateLink($params, $data, $request)
    {
+        if (!$request->isPost()) {
+            throw new BadRequest();
+        }
+
        if (empty($params['id']) || empty($params['link'])) {
-            throw BadRequest();
+            throw new BadRequest();
        }

        $id = $params['id'];
@@ -292,13 +317,17 @@ class Record extends Base
        throw new Error();
    }

-    public function actionRemoveLink($params, $data)
+    public function actionRemoveLink($params, $data, $request)
    {
+        if (!$request->isDelete()) {
+            throw new BadRequest();
+        }
+
        $id = $params['id'];
        $link = $params['link'];

        if (empty($params['id']) || empty($params['link'])) {
-            throw BadRequest();
+            throw new BadRequest();
        }

        $foreignIds = array();
@@ -324,8 +353,11 @@ class Record extends Base
        throw new Error();
    }

-    public function actionFollow($params)
+    public function actionFollow($params, $data, $request)
    {
+        if (!$request->isPut()) {
+            throw new BadRequest();
+        }
        if (!$this->getAcl()->check($this->name, 'read')) {
            throw new Forbidden();
        }
@@ -333,8 +365,11 @@ class Record extends Base
        return $this->getRecordService()->follow($id);
    }

-    public function actionUnfollow($params)
+    public function actionUnfollow($params, $data, $request)
    {
+        if (!$request->isDelete()) {
+            throw new BadRequest();
+        }
        if (!$this->getAcl()->check($this->name, 'read')) {
            throw new Forbidden();
        }
--- a/application/Espo/Core/Controllers/RecordTree.php
+++ b/application/Espo/Core/Controllers/RecordTree.php
@@ -0,0 +1,57 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ ************************************************************************/
+
+namespace Espo\Core\Controllers;
+
+use \Espo\Core\Exceptions\Error;
+use \Espo\Core\Exceptions\Forbidden;
+use \Espo\Core\Exceptions\NotFound;
+use \Espo\Core\Exceptions\BadRequest;
+use \Espo\Core\Utils\Util;
+
+class RecordTree extends Record
+{
+
+    public static $defaultAction = 'list';
+
+    protected $defaultRecordServiceName = 'RecordTree';
+
+    public function actionListTree($params, $data, $request)
+    {
+        if (!$this->getAcl()->check($this->name, 'read')) {
+            throw new Forbidden();
+        }
+
+        $where = $request->get('where');
+        $parentId = $request->get('parentId');
+        $maxDepth = $request->get('maxDepth');
+
+        $collection = $this->getRecordService()->getTree($parentId, array(
+            'where' => $where
+        ), 0, $maxDepth);
+        return array(
+            'list' => $collection->toArray(),
+            'path' => $this->getRecordService()->getTreeItemPath($parentId)
+        );
+    }
+}
+
--- a/application/Espo/Core/Entities/CategoryTreeItem.php
+++ b/application/Espo/Core/Entities/CategoryTreeItem.php
@@ -0,0 +1,43 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ ************************************************************************/
+
+namespace Espo\Core\Entities;
+
+class CategoryTreeItem extends \Espo\Core\ORM\Entity
+{
+    public function toArray()
+    {
+        $data = parent::toArray();
+        $childList = $this->get('childList');
+        if (is_null($childList)) {
+            $data['childList'] = null;
+        } else {
+            $arr = [];
+            foreach ($childList as $entity) {
+                $arr[] = $entity->toArray();
+            }
+            $data['childList'] = $arr;
+        }
+        return $data;
+    }
+}
+
--- a/application/Espo/Core/EntryPointManager.php
+++ b/application/Espo/Core/EntryPointManager.php
@@ -28,9 +28,9 @@ use \Espo\Core\Exceptions\NotFound,

 class EntryPointManager
 {
-    private $container;    
-    
-    private $fileManager;    
+    private $container;
+
+    private $fileManager;

    protected $data = null;

@@ -38,7 +38,7 @@ class EntryPointManager

    protected $allowedMethods = array(
        'run',
-    );    
+    );

    /**
     * @var array - path to entryPoint files
@@ -46,14 +46,14 @@ class EntryPointManager
    private $paths = array(
        'corePath' => 'application/Espo/EntryPoints',
        'modulePath' => 'application/Espo/Modules/{*}/EntryPoints',
-        'customPath' => 'custom/Espo/Custom/EntryPoints',                                              
+        'customPath' => 'custom/Espo/Custom/EntryPoints',
    );


    public function __construct(\Espo\Core\Container $container)
    {
-        $this->container = $container;        
-        $this->fileManager = $container->get('fileManager');        
+        $this->container = $container;
+        $this->fileManager = $container->get('fileManager');
    }

    protected function getContainer()
@@ -69,16 +69,16 @@ class EntryPointManager
    public function checkAuthRequired($name)
    {
        $className = $this->getClassName($name);
-        if ($className === false) {
+        if (!$className) {
            throw new NotFound();
        }
-        return $className::$authRequired;        
+        return $className::$authRequired;
    }

-    public function run($name) 
+    public function run($name)
    {
        $className = $this->getClassName($name);
-        if ($className === false) {
+        if (!$className) {
            throw new NotFound();
        }
        $entryPoint = new $className($this->container);
@@ -89,7 +89,7 @@ class EntryPointManager
    protected function getClassName($name)
    {
        $name = Util::normilizeClassName($name);
-        
+
        if (!isset($this->data)) {
            $this->init();
        }
@@ -98,8 +98,8 @@ class EntryPointManager
        if (isset($this->data[$name])) {
            return $this->data[$name];
        }
-        
-        return false; 
+
+        return false;
    }


@@ -108,8 +108,7 @@ class EntryPointManager
        $classParser = $this->getContainer()->get('classParser');
        $classParser->setAllowedMethods($this->allowedMethods);
        $this->data = $classParser->getData($this->paths, $this->cacheFile);
-    }    
-     
+    }

 }

--- a/application/Espo/Core/EntryPoints/Base.php
+++ b/application/Espo/Core/EntryPoints/Base.php
@@ -18,7 +18,7 @@
 *
 * You should have received a copy of the GNU General Public License
 * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
- ************************************************************************/ 
+ ************************************************************************/

 namespace Espo\Core\EntryPoints;

@@ -29,50 +29,65 @@ use \Espo\Core\Exceptions\Forbidden;
 abstract class Base
 {
    private $container;
-    
+
    public static $authRequired = true;
-    
+
    protected function getContainer()
    {
        return $this->container;
    }
-    
+
    protected function getUser()
    {
        return $this->getContainer()->get('user');
    }
-    
+
    protected function getAcl()
    {
        return $this->getContainer()->get('acl');
    }
-    
+
    protected function getEntityManager()
    {
        return $this->getContainer()->get('entityManager');
    }
-    
+
    protected function getServiceFactory()
    {
        return $this->getContainer()->get('serviceFactory');
-    }    
-    
+    }
+
    protected function getConfig()
    {
        return $this->getContainer()->get('config');
    }
-    
+
    protected function getMetadata()
    {
        return $this->getContainer()->get('metadata');
-    }    
-    
+    }
+
+    protected function getDateTime()
+    {
+        return $this->getContainer()->get('dateTime');
+    }
+
+    protected function getNumber()
+    {
+        return $this->getContainer()->get('number');
+    }
+
+    protected function getFileManager()
+    {
+        return $this->getContainer()->get('fileManager');
+    }
+
    public function __construct(Container $container)
    {
        $this->container = $container;
    }
-    
-    abstract public function run();    
+
+    abstract public function run();

 }

--- a/application/Espo/Core/HookManager.php
+++ b/application/Espo/Core/HookManager.php
@@ -104,6 +104,9 @@ class HookManager
                foreach ($this->data[$scope][$hookName] as $className) {
                    if (empty($this->hooks[$className])) {
                        $this->hooks[$className] = $this->createHookByClassName($className);
+                        if (empty($this->hooks[$className])) {
+                            continue;
+                        }
                    }
                    $hook = $this->hooks[$className];
                    $hook->$hookName($injection, $options);
@@ -122,7 +125,7 @@ class HookManager
            }
            return $hook;
        }
-        throw new Error("Class '$className' does not exist");
+        $GLOBALS['log']->error("Hook class '{$name}' does not exist.");
    }

    /**
--- a/application/Espo/Core/Htmlizer/Htmlizer.php
+++ b/application/Espo/Core/Htmlizer/Htmlizer.php
@@ -0,0 +1,140 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ ************************************************************************/
+
+namespace Espo\Core\Htmlizer;
+
+use Espo\ORM\Entity;
+use Espo\Core\Exceptions\Error;
+
+use Espo\Core\Utils\File\Manager as FileManager;
+use Espo\Core\Utils\DateTime;
+use Espo\Core\Utils\Number;
+
+require('vendor/zordius/lightncandy/src/lightncandy.php');
+
+class Htmlizer
+{
+    protected $fileManager;
+
+    protected $dateTime;
+
+    protected $config;
+
+    public function __construct(FileManager $fileManager, DateTime $dateTime, Number $number)
+    {
+        $this->fileManager = $fileManager;
+        $this->dateTime = $dateTime;
+        $this->number = $number;
+    }
+
+    protected function formatNumber($value)
+    {
+        return $this->number->format($value);
+    }
+
+    protected function format($value)
+    {
+        if (is_float($value) || is_int($value)) {
+            $value = $this->formatNumber($value);
+        } else if (is_string($value)) {
+            $value = nl2br($value);
+        }
+        return $value;
+    }
+
+    protected function getDataFromEntity(Entity $entity)
+    {
+        $data = $entity->toArray();
+
+
+
+        $fieldDefs = $entity->getFields();
+        $fieldList = array_keys($fieldDefs);
+
+        foreach ($fieldList as $field) {
+            $type = null;
+            if (!empty($fieldDefs[$field]['type'])) {
+                $type = $fieldDefs[$field]['type'];
+            }
+            if ($type == Entity::DATETIME) {
+                if (!empty($data[$field])) {
+                    $data[$field] = $this->dateTime->convertSystemDateTime($data[$field]);
+                }
+            } else if ($type == Entity::DATE) {
+                if (!empty($data[$field])) {
+                    $data[$field] = $this->dateTime->convertSystemDate($data[$field]);
+                }
+            } else if ($type == Entity::JSON_ARRAY) {
+                if (!empty($data[$field])) {
+                    $list = $data[$field];
+                    $newList = [];
+                    foreach ($list as $item) {
+                        $v = $item;
+                        if ($item instanceof \StdClass) {
+                            $v = get_object_vars($v);
+                        }
+                        foreach ($v as $k => $w) {
+                            $v[$k] = $this->format($v[$k]);
+                        }
+                        $newList[] = $v;
+                    }
+                    $data[$field] = $newList;
+                }
+            } else if ($type == Entity::JSON_OBJECT) {
+                if (!empty($data[$field])) {
+                    $value = $data[$field];
+                    if ($value instanceof \StdClass) {
+                        $data[$field] = get_object_vars($value);
+                    }
+                    foreach ($data[$field] as $k => $w) {
+                        $data[$field][$k] = $this->format($data[$field][$k]);
+                    }
+                }
+            }
+
+            if (array_key_exists($field, $data)) {
+               $data[$field] = $this->format($data[$field]);
+            }
+        }
+
+        return $data;
+    }
+
+    public function render(Entity $entity, $template)
+    {
+        $code = \LightnCandy::compile($template);
+        $id = uniqid('', true);
+        $fileName = 'data/cache/template-' . $id;
+        $this->fileManager->putContents($fileName, $code);
+        $renderer = include($fileName);
+        $this->fileManager->removeFile($fileName);
+
+        $data = $this->getDataFromEntity($entity);
+
+        $html = $renderer($data);
+
+        $html = str_replace('?entryPoint=attachment&amp;', '?entryPoint=attachment&', $html);
+        $html = preg_replace('/\?entryPoint=attachment\&id=(.*)/', 'data/upload/$1', $html);
+
+        return $html;
+    }
+}
--- a/application/Espo/Core/Mail/Importer.php
+++ b/application/Espo/Core/Mail/Importer.php
@@ -95,7 +95,13 @@ class Importer
            }

            if ($duplicate = $this->findDuplicate($email)) {
-                $this->getEntityManager()->getRepository('Email')->relate($duplicate, 'users', $userId);
+            	$duplicate->loadLinkMultipleField('users');
+            	$usersIds = $duplicate->get('usersIds');
+            	$usersIds[] = $userId;
+            	$duplicate->set('usersIds', $usersIds);
+
+            	$this->getEntityManager()->saveEntity($duplicate);
+
                if (!empty($teamsIds)) {
                    foreach ($teamsIds as $teamId) {
                        $this->getEntityManager()->getRepository('Email')->relate($duplicate, 'teams', $teamId);
@@ -131,6 +137,10 @@ class Importer
                $this->importPartDataToEmail($email, $message, $inlineIds, 'text/plain');
            }

+            if (!$email->get('body') && $email->get('bodyPlain')) {
+                $email->set('body', $email->get('bodyPlain'));
+            }
+
            $body = $email->get('body');
            if (!empty($body)) {
                foreach ($inlineIds as $cid => $attachmentId) {
@@ -246,6 +256,15 @@ class Importer
                $type = strtok($part->contentType, ';');
            }

+            $contentDisposition = false;
+            if (isset($part->ContentDisposition)) {
+                if (strpos(strtolower($part->ContentDisposition), 'attachment') === 0) {
+                    $contentDisposition = 'attachment';
+                } else if (strpos(strtolower($part->ContentDisposition), 'inline') === 0) {
+                    $contentDisposition = 'inline';
+                }
+            }
+
            if (empty($type)) {
                if (!empty($defaultContentType)) {
                    $type = $defaultContentType;
@@ -255,28 +274,26 @@ class Importer
            }

            $encoding = null;
-
            $isAttachment = true;
-
            if ($type == 'text/plain' || $type == 'text/html') {
-
-                $isAttachment = false;
-                $content = $this->getContentFromPart($part);
-                if ($type == 'text/plain') {
-                    if ($email->get('bodyPlain')) {
-                        $isAttachment = true;
-                    } else {
-                        $email->set('bodyPlain', $content);
-                        if (!$email->get('body')) {
-                            $email->set('body', $content);
+                if ($contentDisposition !== 'inline' && $contentDisposition !== 'attachment') {
+                    $isAttachment = false;
+                    $content = $this->getContentFromPart($part);
+                    if ($type == 'text/plain') {
+                        $bodyPlain = '';
+                        if ($email->get('bodyPlain')) {
+                            $bodyPlain .= $email->get('bodyPlain') . "\n";
                        }
-                    }
-                } else if ($type == 'text/html') {
-                    if ($email->get('isHtml')) {
-                        $isAttachment = true;
-                    } else {
-                        $email->set('body', $content);
+                        $bodyPlain .= $content;
+                        $email->set('bodyPlain', $bodyPlain);
+                    } else if ($type == 'text/html') {
+                        $body = '';
+                        if ($email->get('body')) {
+                            $body .= $email->get('body') . "<br>";
+                        }
+                        $body .= $content;
                        $email->set('isHtml', true);
+                        $email->set('body', $body);
                    }
                }
            }
@@ -288,16 +305,26 @@ class Importer
                $fileName = null;
                $contentId = null;

-                if (isset($part->ContentDisposition)) {
-                    if (strpos($part->ContentDisposition, 'attachment') === 0) {
+                if ($contentDisposition) {
+                    if ($contentDisposition === 'attachment') {
                        if (preg_match('/filename="?([^"]+)"?/i', $part->ContentDisposition, $m)) {
                            $fileName = $m[1];
                            $disposition = 'attachment';
                        }
-                    } else if (strpos($part->ContentDisposition, 'inline') === 0) {
-                        $contentId = trim($part->contentID, '<>');
-                        $fileName = $contentId;
-                        $disposition = 'inline';
+                    } else if ($contentDisposition ===  'inline') {
+                        if (isset($part->contentID)) {
+                            $contentId = trim($part->contentID, '<>');
+                            $fileName = $contentId;
+                            $disposition = 'inline';
+                        } else {
+                            // hack for iOS not proper attachments
+                            if (empty($fileName)) {
+                                if (preg_match('/filename="?([^"]+)"?/i', $part->ContentDisposition, $m)) {
+                                    $fileName = $m[1];
+                                    $disposition = 'attachment';
+                                }
+                            }
+                        }
                    }
                }

--- a/application/Espo/Core/Mail/Mail/Headers.php
+++ b/application/Espo/Core/Mail/Mail/Headers.php
@@ -10,37 +10,5 @@ use Zend\Loader\PluginClassLocator;

 class Headers extends \Zend\Mail\Headers
 {
-    public static function fromString($string, $EOL = self::EOL)
-    {
-        $headers     = new static();
-        $currentLine = '';

-        // iterate the header lines, some might be continuations
-        foreach (explode($EOL, $string) as $line) {
-            // check if a header name is present
-            if (preg_match('/^(?P<name>[\x21-\x39\x3B-\x7E]+):.*$/', $line, $matches)) {
-                if ($currentLine) {
-                    // a header name was present, then store the current complete line
-                    $headers->addHeaderLine($currentLine);
-                }
-                $currentLine = trim($line);
-            } elseif (preg_match('/^\s+.*$/', $line, $matches)) {
-                // continuation: append to current line
-                $currentLine .= $line;
-            } elseif (preg_match('/^\s*$/', $line)) {
-                // empty line indicates end of headers
-                break;
-            } else {
-                // Line does not match header format!
-                throw new Exception\RuntimeException(sprintf(
-                    'Line "%s"does not match header format!',
-                    $line
-                ));
-            }
-        }
-        if ($currentLine) {
-            $headers->addHeaderLine($currentLine);
-        }
-        return $headers;
-    }
 }
--- a/application/Espo/Core/Mail/Sender.php
+++ b/application/Espo/Core/Mail/Sender.php
@@ -131,7 +131,7 @@ class Sender
        return $this;
    }

-    public function send(Email $email, $params = array())
+    public function send(Email $email, $params = array(), &$message = null)
    {
        $message = new Message();
        $config = $this->config;
@@ -164,6 +164,10 @@ class Sender
            $message->addFrom($fromAddress, $fromName);
        }

+        if (!$email->get('from')) {
+            $email->set('from', $fromAddress);
+        }
+
        if (!empty($params['replyToAddress'])) {
            $replyToName = null;
            if (!empty($params['replyToName'])) {
@@ -284,11 +288,18 @@ class Sender

        $message->setBody($body);

-        if (!$message->getHeaders()->has('content-type')) {
-            $contentTypeHeader = new \Zend\Mail\Header\ContentType();
-            $message->getHeaders()->addHeader($contentTypeHeader);
+        if ($messageType == 'text/plain') {
+            if ($message->getHeaders()->has('content-type')) {
+                $message->getHeaders()->removeHeader('content-type');
+            }
+            $message->getHeaders()->addHeaderLine('Content-Type', 'text/plain; charset=UTF-8');
+        } else {
+            if (!$message->getHeaders()->has('content-type')) {
+                $contentTypeHeader = new \Zend\Mail\Header\ContentType();
+                $message->getHeaders()->addHeader($contentTypeHeader);
+            }
+            $message->getHeaders()->get('content-type')->setType($messageType);
        }
-        $message->getHeaders()->get('content-type')->setType($messageType);

        $message->setEncoding('UTF-8');

--- a/application/Espo/Core/ORM/Entity.php
+++ b/application/Espo/Core/ORM/Entity.php
@@ -37,6 +37,7 @@ class Entity extends \Espo\ORM\Entity
            $collection = $this->get($field, $defs);
            $ids = array();
            $names = new \stdClass();
+            $types = new \stdClass();
            if (!empty($columns)) {
                $columnsData = new \stdClass();
            }
@@ -46,6 +47,7 @@ class Entity extends \Espo\ORM\Entity
                    $id = $e->id;
                    $ids[] = $id;
                    $names->$id = $e->get('name');
+                    $types->$id = $e->get('type');
                    if (!empty($columns)) {
                        $columnsData->$id = new \stdClass();
                        foreach ($columns as $column => $f) {
@@ -57,6 +59,7 @@ class Entity extends \Espo\ORM\Entity

            $this->set($field . 'Ids', $ids);
            $this->set($field . 'Names', $names);
+            $this->set($field . 'Types', $types);
            if (!empty($columns)) {
                $this->set($field . 'Columns', $columnsData);
            }
--- a/application/Espo/Core/ORM/Repositories/RDB.php
+++ b/application/Espo/Core/ORM/Repositories/RDB.php
@@ -162,8 +162,6 @@ class RDB extends \Espo\ORM\Repositories\RDB implements Injectable

    public function remove(Entity $entity, array $options = array())
    {
-        $this->getEntityManager()->getHookManager()->process($this->entityName, 'beforeRemove', $entity, $options);
-
        $result = parent::remove($entity, $options);
        if ($result) {
            $this->getEntityManager()->getHookManager()->process($this->entityName, 'afterRemove', $entity, $options);
--- a/application/Espo/Core/Pdf/Tcpdf.php
+++ b/application/Espo/Core/Pdf/Tcpdf.php
@@ -0,0 +1,50 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ ************************************************************************/
+
+namespace Espo\Core\Pdf;
+
+require "vendor/tecnick.com/tcpdf/tcpdf.php";
+
+class Tcpdf extends \TCPDF
+{
+    protected $footerHtml = '';
+
+    protected $footerPosition = 15;
+
+    public function setFooterHtml($html)
+    {
+        $this->footerHtml = $html;
+    }
+
+    public function setFooterPosition($position)
+    {
+        $this->footerPosition = $position;
+    }
+
+    public function Footer() {
+        $this->SetY((-1) * $this->footerPosition);
+
+        $html = str_replace('{pageNumber}', '{:pnp:}', $this->footerHtml);
+        $this->writeHTMLCell(0, 0, '', '', $html, 0, 1, 0, '', 0, false, 'T');
+    }
+
+}
--- a/application/Espo/Core/Repositories/CategoryTree.php
+++ b/application/Espo/Core/Repositories/CategoryTree.php
@@ -0,0 +1,95 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ ************************************************************************/
+
+namespace Espo\Core\Repositories;
+
+use \Espo\Core\Entities\CategoryTreeItem as Entity;
+
+class CategoryTree extends \Espo\Core\ORM\Repositories\RDB
+{
+	public function afterSave(Entity $entity, $options)
+	{
+		parent::afterSave($entity, $options);
+
+		$pdo = $this->getEntityManager()->getPDO();
+		$query = $this->getEntityManager()->getQuery();
+
+		$parentId = $entity->get('parentId');
+		$pathsTableName = $query->toDb($entity->getEntityType() . 'Path');
+
+		if ($entity->isNew()) {
+			if ($parentId) {
+				$sql = "
+					INSERT INTO `".$pathsTableName."` (ascendor_id, descendor_id)
+						SELECT ascendor_id, ".$pdo->quote($entity->id)."
+						FROM `".$pathsTableName."`
+						WHERE descendor_id = ".$pdo->quote($parentId)."
+						UNION ALL
+						SELECT ".$pdo->quote($entity->id).", ".$pdo->quote($entity->id)."
+				";
+			} else {
+				$sql = "
+					INSERT INTO `".$pathsTableName."` (ascendor_id, descendor_id)
+					VALUES
+					(".$pdo->quote($entity->id).", ".$pdo->quote($entity->id).")
+				";
+			}
+			$pdo->query($sql);
+		} else {
+			if ($entity->isFieldChanged('parentId')) {
+				$sql = "
+					DELETE a FROM `".$pathsTableName."` AS a
+					JOIN `".$pathsTableName."` AS d ON a.descendor_id = d.descendor_id
+					LEFT JOIN `".$pathsTableName."` AS x ON x.ascendor_id = d.ascendor_id AND x.descendor_id = a.ascendor_id
+					WHERE d.ascendor_id = ".$pdo->quote($entity->id)." AND x.ascendor_id IS NULL
+				";
+				$pdo->query($sql);
+				if (!empty($parentId)) {
+					$sql = "
+						INSERT INTO `".$pathsTableName."` (ascendor_id, descendor_id)
+							SELECT supertree.ascendor_id, subtree.descendor_id
+							FROM `".$pathsTableName."` AS supertree
+							JOIN `".$pathsTableName."` AS subtree
+							WHERE
+								subtree.ascendor_id = ".$pdo->quote($entity->id)." AND
+								supertree.descendor_id = ".$pdo->quote($parentId)."
+					";
+					$pdo->query($sql);
+				}
+			}
+		}
+	}
+
+	public function afterRemove(Entity $entity, $options)
+	{
+		parent::afterRemove($entity, $options);
+
+		$pdo = $this->getEntityManager()->getPDO();
+		$query = $this->getEntityManager()->getQuery();
+
+		$pathsTableName = $query->toDb($entity->getEntityType() . 'Path');
+
+		$sql = "DELETE FROM `".$pathsTableName."` WHERE descendor_id = ".$pdo->quote($entity->id)."";
+		$pdo->query($sql);
+	}
+}
+
--- a/application/Espo/Core/SelectManagerFactory.php
+++ b/application/Espo/Core/SelectManagerFactory.php
@@ -44,13 +44,13 @@ class SelectManagerFactory
        $this->metadata = $metadata;
    }

-    public function create($entityName)
+    public function create($entityType)
    {
-        $normalizedName = Util::normilizeClassName($entityName);
+        $normalizedName = Util::normilizeClassName($entityType);

        $className = '\\Espo\\Custom\\SelectManagers\\' . $normalizedName;
        if (!class_exists($className)) {
-            $moduleName = $this->metadata->getScopeModuleName($entityName);
+            $moduleName = $this->metadata->getScopeModuleName($entityType);
            if ($moduleName) {
                $className = '\\Espo\\Modules\\' . $moduleName . '\\SelectManagers\\' . $normalizedName;
            } else {
@@ -62,7 +62,7 @@ class SelectManagerFactory
        }

        $selectManager = new $className($this->entityManager, $this->user, $this->acl, $this->metadata);
-        $selectManager->setEntityName($entityName);
+        $selectManager->setEntityType($entityType);

        return $selectManager;
    }
--- a/application/Espo/Core/SelectManagers/Base.php
+++ b/application/Espo/Core/SelectManagers/Base.php
@@ -36,7 +36,7 @@ class Base

    protected $entityManager;

-    protected $entityName;
+    protected $entityType;

    protected $metadata;

@@ -65,9 +65,14 @@ class Base
        return $this->user;
    }

-    public function setEntityName($entityName)
+    public function setEntityType($entityType)
    {
-        $this->entityName = $entityName;
+        $this->entityType = $entityType;
+    }
+
+    protected function getEntityType()
+    {
+        return $this->entityType;
    }

    protected function limit($params, &$result)
@@ -84,7 +89,7 @@ class Base
    {
        if (!empty($params['sortBy'])) {
            $result['orderBy'] = $params['sortBy'];
-            $type = $this->metadata->get("entityDefs.{$this->entityName}.fields." . $result['orderBy'] . ".type");
+            $type = $this->metadata->get("entityDefs.{$this->entityType}.fields." . $result['orderBy'] . ".type");
            if ($type == 'link') {
                $result['orderBy'] .= 'Name';
            } else if ($type == 'linkParent') {
@@ -102,13 +107,13 @@ class Base

    protected function getTextFilterFields()
    {
-        return $this->metadata->get("entityDefs.{$this->entityName}.collection.textFilterFields", array('name'));
+        return $this->metadata->get("entityDefs.{$this->entityType}.collection.textFilterFields", array('name'));
    }

    protected function getSeed()
    {
        if (empty($this->seed)) {
-            $this->seed = $this->entityManager->getEntity($this->entityName);
+            $this->seed = $this->entityManager->getEntity($this->entityType);
        }
        return $this->seed;
    }
@@ -159,7 +164,9 @@ class Base
            }

            $linkedWith = array();
-            $ignoreList = array('linkedWith', 'bool', 'primary');
+            $inCategory = array();
+
+            $ignoreList = ['linkedWith', 'inCategory', 'bool', 'primary'];
            foreach ($params['where'] as $item) {
                if (!in_array($item['type'], $ignoreList)) {
                    $part = $this->getWherePart($item);
@@ -169,51 +176,117 @@ class Base
                } else {
                    if ($item['type'] == 'linkedWith' && !empty($item['value'])) {
                        $linkedWith[$item['field']] = $item['value'];
+                    } else if ($item['type'] == 'inCategory' && !empty($item['value'])) {
+                        $inCategory[$item['field']] = $item['value'];
                    }
                }
            }

-            if (!empty($linkedWith)) {
-                $joins = array();
-
-                $part = array();
-                foreach ($linkedWith as $link => $idsValue) {
-                    if (is_array($idsValue) && count($idsValue) == 1) {
-                        $idsValue = $idsValue[0];
-                    }
-
-                    $relDefs = $this->getSeed()->getRelations();
-
-                    if (!empty($relDefs[$link])) {
-                        $defs = $relDefs[$link];
-                        if ($defs['type'] == 'manyMany') {
-                            $joins[] = $link;
-                            if (!empty($defs['relationName']) && !empty($defs['midKeys'])) {
-                                $key = $defs['midKeys'][1];
-                                $relationName = lcfirst($defs['relationName']);
-                                $part[$relationName . '.' . $key] = $idsValue;
-                            }
-                        } else if ($defs['type'] == 'belongsTo') {
-                            if (!empty($defs['type']['key'])) {
-                                $key = $defs['type']['key'];
-                                $part[$key] = $idsValue;
-                            }
-                        }
-                    }
-                }
-
-                if (!empty($part)) {
-                    $where[] = $part;
-                }
-                $result['joins'] = $joins;
-                $result['distinct'] = true;
-
-            }
-
            $result['whereClause'] = array_merge($result['whereClause'], $where);
+
+            if (!empty($linkedWith)) {
+                $this->handleLinkedWith($linkedWith, $result);
+            }
+            if (!empty($inCategory)) {
+                $this->handleInCategory($inCategory, $result);
+            }
        }
    }

+    protected function handleLinkedWith($linkedWith, &$result)
+    {
+        $joins = [];
+
+        $part = array();
+        foreach ($linkedWith as $link => $idsValue) {
+            if (is_array($idsValue) && count($idsValue) == 1) {
+                $idsValue = $idsValue[0];
+            }
+
+            $relDefs = $this->getSeed()->getRelations();
+
+            if (!empty($relDefs[$link])) {
+                $defs = $relDefs[$link];
+                if ($defs['type'] == 'manyMany') {
+                    $joins[] = $link;
+                    if (!empty($defs['midKeys'])) {
+                        $key = $defs['midKeys'][1];
+                        $part[$link . 'Middle.' . $key] = $idsValue;
+                    }
+                } else if ($defs['type'] == 'belongsTo') {
+                    if (!empty($defs['key'])) {
+                        $key = $defs['key'];
+                        $part[$key] = $idsValue;
+                    }
+                }
+            }
+        }
+
+        if (!empty($part)) {
+            $result['whereClause'][] = $part;
+        }
+        $result['joins'] = array_merge($result['joins'], $joins);
+        $result['joins'] = array_unique($result['joins']);
+        $result['distinct'] = true;
+    }
+
+    protected function handleInCategory($inCategory, &$result)
+    {
+        $joins = [];
+
+        $part = array();
+
+        $query = $this->getEntityManager()->getQuery();
+
+        $tableName = $query->toDb($this->getSeed()->getEntityType());
+
+        foreach ($inCategory as $link => $val) {
+
+            $relDefs = $this->getSeed()->getRelations();
+
+            if (!empty($relDefs[$link])) {
+                $defs = $relDefs[$link];
+
+                $foreignEntity = $defs['entity'];
+                if (empty($foreignEntity)) {
+                    continue;
+                }
+
+                $pathName = lcfirst($query->sanitize($foreignEntity . 'Path'));
+
+                if ($defs['type'] == 'manyMany') {
+
+                    if (!empty($defs['relationName']) && !empty($defs['midKeys'])) {
+                        $result['distinct'] = true;
+                        $result['joins'][] = $link;
+                        $key = $defs['midKeys'][1];
+
+                        $relationName = lcfirst($defs['relationName']);
+
+                        $result['customJoin'] .= "
+                            JOIN " . $query->toDb($pathName) . " AS `{$pathName}` ON {$pathName}.descendor_id = ".$query->sanitize($relationName) . "." . $query->toDb($key) . "
+                        ";
+                        $part[$pathName . '.ascendorId'] = $val;
+                    }
+                } else if ($defs['type'] == 'belongsTo') {
+                    if (!empty($defs['key'])) {
+                        $key = $defs['key'];
+                        $result['customJoin'] .= "
+                            JOIN " . $query->toDb($pathName) . " AS `{$pathName}` ON {$pathName}.descendor_id = {$tableName}." . $query->toDb($key) . "
+                        ";
+                        $part[$pathName . '.ascendorId'] = $val;
+                    }
+                }
+            }
+        }
+
+
+        if (!empty($part)) {
+            $result['whereClause'][] = $part;
+        }
+
+    }
+
    protected function q($params, &$result)
    {
        if (!empty($params['q'])) {
@@ -241,12 +314,52 @@ class Base
        }
    }

+    public function manageAccess(&$result)
+    {
+        if (empty($result)) {
+            $result = array();
+        }
+        if (empty($result['joins'])) {
+            $result['joins'] = [];
+        }
+        if (empty($result['leftJoins'])) {
+            $result['leftJoins'] = [];
+        }
+        if (empty($result['whereClause'])) {
+            $result['whereClause'] = array();
+        }
+        if (empty($result['customJoin'])) {
+            $result['customJoin'] = [];
+        }
+        $this->access($result);
+    }
+
+    public function manageTextFilter($textFilter, &$result)
+    {
+        if (empty($result)) {
+            $result = array();
+        }
+        if (empty($result['joins'])) {
+            $result['joins'] = [];
+        }
+        if (empty($result['leftJoins'])) {
+            $result['leftJoins'] = [];
+        }
+        if (empty($result['whereClause'])) {
+            $result['whereClause'] = array();
+        }
+        if (empty($result['customJoin'])) {
+            $result['customJoin'] = [];
+        }
+        $this->q(array('q' => $textFilter), $result);
+    }
+
    protected function access(&$result)
    {
-        if ($this->acl->checkReadOnlyOwn($this->entityName)) {
+        if ($this->acl->checkReadOnlyOwn($this->entityType)) {
            $this->accessOnlyOwn($result);
        }
-        if (!$this->user->isAdmin() && $this->acl->checkReadOnlyTeam($this->entityName)) {
+        if (!$this->user->isAdmin() && $this->acl->checkReadOnlyTeam($this->entityType)) {
            $this->accessOnlyTeam($result);
        }
    }
@@ -288,9 +401,10 @@ class Base
    public function getSelectParams(array $params, $withAcl = false)
    {
        $result = array(
-            'joins' => array(),
-            'leftJoins' => array(),
-            'whereClause' => array()
+            'joins' => [],
+            'leftJoins' => [],
+            'whereClause' => [],
+            'customJoin' => ''
        );

        $this->order($params, $result);
@@ -366,6 +480,24 @@ class Base
                $where['type'] = 'after';
                $dt->setTimezone(new \DateTimeZone('UTC'));
                $where['value'] = $dt->format($format);
+                break;
+            case 'lastSevenDays':
+                $where['type'] = 'between';
+
+                $dtFrom = clone $dt;
+
+                $dt->setTimezone(new \DateTimeZone('UTC'));
+                $to = $dt->format($format);
+
+
+                $dtFrom->modify('-7 day');
+                $dtFrom->setTime(0, 0, 0);
+                $dtFrom->setTimezone(new \DateTimeZone('UTC'));
+
+                $from = $dtFrom->format($format);
+
+                $where['value'] = [$from, $to];
+
                break;
            case 'on':
                $where['type'] = 'between';
@@ -444,6 +576,12 @@ class Base
                case 'on':
                    $part[$item['field'] . '='] = $item['value'];
                    break;
+                case 'startsWith':
+                    $part[$item['field'] . '*'] = $item['value'] . '%';
+                    break;
+                case 'contains':
+                    $part[$item['field'] . '*'] = '%' . $item['value'] . '%';
+                    break;
                case 'notEquals':
                case 'notOn':
                    $part[$item['field'] . '!='] = $item['value'];
@@ -468,6 +606,12 @@ class Base
                case 'notIn':
                    $part[$item['field'] . '!='] = $item['value'];
                    break;
+                case 'isNull':
+                    $part[$item['field'] . '='] = null;
+                    break;
+                case 'isNotNull':
+                    $part[$item['field'] . '!='] = null;
+                    break;
                case 'isTrue':
                    $part[$item['field'] . '='] = true;
                    break;
@@ -483,6 +627,15 @@ class Base
                case 'future':
                    $part[$item['field'] . '>='] = date('Y-m-d');
                    break;
+                case 'lastSevenDays':
+                    $dt1 = new \DateTime();
+                    $dt2 = clone $dt1;
+                    $dt2->modify('-7 days');
+                    $part['AND'] = array(
+                        $item['field'] . '>=' => $dt2->format('Y-m-d'),
+                        $item['field'] . '<=' => $dt1->format('Y-m-d'),
+                    );
+                    break;
                case 'currentMonth':
                    $dt = new \DateTime();
                    $part['AND'] = array(
@@ -578,5 +731,21 @@ class Base
            'assignedUserId' => $this->getUser()->id
        );
    }
+
+    protected function filterFollowed(&$result)
+    {
+        $query = $this->getEntityManager()->getQuery();
+        $result['customJoin'] .= "
+            JOIN subscription ON
+                subscription.entity_type = ".$query->quote($this->getEntityType())." AND
+                subscription.entity_id = ".$query->toDb($this->getEntityType()).".id AND
+                subscription.user_id = ".$query->quote($this->getUser()->id)."
+        ";
+    }
+
+    protected function boolFilterFollowed(&$result)
+    {
+        $this->filterFollowed($result);
+    }
 }

--- a/application/Espo/Core/Templates/Controllers/CategoryTree.php
+++ b/application/Espo/Core/Templates/Controllers/CategoryTree.php
@@ -0,0 +1,30 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ ************************************************************************/
+
+namespace Espo\Core\Templates\Controllers;
+
+
+class CategoryTree extends \Espo\Core\Controllers\RecordTree
+{
+
+}
+
--- a/application/Espo/Core/Templates/Entities/CategoryTree.php
+++ b/application/Espo/Core/Templates/Entities/CategoryTree.php
@@ -0,0 +1,29 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ ************************************************************************/
+
+namespace Espo\Core\Templates\Entities;
+
+class CategoryTree extends \Espo\Core\Entities\CategoryTreeItem
+{
+
+}
+
--- a/application/Espo/Core/Templates/Layouts/CategoryTree/detail.json
+++ b/application/Espo/Core/Templates/Layouts/CategoryTree/detail.json
@@ -0,0 +1,21 @@
+[
+    {
+        "label": "Overview",
+        "rows": [
+            [
+                {
+                    "name": "name"
+                },
+                {
+                    "name": "order"
+                }
+            ],
+            [
+                false,
+                {
+                    "name": "parent"
+                }
+            ]
+        ]
+    }
+]
--- a/application/Espo/Core/Templates/Layouts/CategoryTree/detailSmall.json
+++ b/application/Espo/Core/Templates/Layouts/CategoryTree/detailSmall.json
@@ -0,0 +1,22 @@
+[
+    {
+        "label": "",
+        "rows": [
+            [
+                {
+                    "name": "name"
+                }
+            ],
+            [
+                {
+                    "name": "order"
+                }
+            ],
+            [
+                {
+                    "name": "parent"
+                }
+            ]
+        ]
+    }
+]
--- a/application/Espo/Core/Templates/Layouts/CategoryTree/filters.json
+++ b/application/Espo/Core/Templates/Layouts/CategoryTree/filters.json
@@ -0,0 +1,3 @@
+[
+    "parent"
+]
--- a/application/Espo/Core/Templates/Layouts/CategoryTree/list.json
+++ b/application/Espo/Core/Templates/Layouts/CategoryTree/list.json
@@ -0,0 +1,14 @@
+[
+    {
+        "name": "name",
+        "width": 40,
+        "link": true
+    },
+    {
+        "name": "order",
+        "width": 15
+    },
+    {
+        "name": "parent"
+    }
+]
--- a/application/Espo/Core/Templates/Layouts/CategoryTree/listSmall.json
+++ b/application/Espo/Core/Templates/Layouts/CategoryTree/listSmall.json
@@ -0,0 +1,14 @@
+[
+    {
+        "name": "name",
+        "width": 40,
+        "link": true
+    },
+    {
+        "name": "order",
+        "width": 15
+    },
+    {
+        "name": "parent"
+    }
+]
--- a/application/Espo/Core/Templates/Layouts/CategoryTree/massUpdate.json
+++ b/application/Espo/Core/Templates/Layouts/CategoryTree/massUpdate.json
@@ -0,0 +1,3 @@
+[
+
+]
--- a/application/Espo/Core/Templates/Layouts/CategoryTree/relationships.json
+++ b/application/Espo/Core/Templates/Layouts/CategoryTree/relationships.json
@@ -0,0 +1,3 @@
+[
+    "children"
+]
--- a/application/Espo/Core/Templates/Metadata/Base/scopes.json
+++ b/application/Espo/Core/Templates/Metadata/Base/scopes.json
@@ -0,0 +1,9 @@
+{
+    "entity": true,
+    "layouts": true,
+    "tab": true,
+    "acl": true,
+    "customizable": true,
+    "importable": true,
+    "notifications": true
+}
--- a/application/Espo/Core/Templates/Metadata/CategoryTree/clientDefs.json
+++ b/application/Espo/Core/Templates/Metadata/CategoryTree/clientDefs.json
@@ -0,0 +1,26 @@
+{
+    "controller": "Controllers.RecordTree",
+    "collection": "Collections.Tree",
+    "menu": {
+        "listTree": {
+            "buttons": [
+                {
+                    "label": "List View",
+                    "link": "#{entityType}/list",
+                    "acl": "read",
+                    "style": "default"
+                }
+            ]
+        },
+        "list": {
+            "buttons": [
+                {
+                    "label": "Tree View",
+                    "link": "#{entityType}",
+                    "acl": "read",
+                    "style": "default"
+                }
+            ]
+        }
+    }
+}
--- a/application/Espo/Core/Templates/Metadata/CategoryTree/entityDefs.json
+++ b/application/Espo/Core/Templates/Metadata/CategoryTree/entityDefs.json
@@ -0,0 +1,106 @@
+{
+    "fields": {
+        "name": {
+            "type": "varchar",
+            "required": true
+        },
+        "order": {
+            "type": "int",
+            "required": true,
+            "default": 1
+        },
+        "description": {
+            "type": "text"
+        },
+        "createdAt": {
+            "type": "datetime",
+            "readOnly": true
+        },
+        "modifiedAt": {
+            "type": "datetime",
+            "readOnly": true
+        },
+        "createdBy": {
+            "type": "link",
+            "readOnly": true
+        },
+        "modifiedBy": {
+            "type": "link",
+            "readOnly": true
+        },
+        "teams": {
+            "type": "linkMultiple"
+        },
+        "parent": {
+            "type": "link"
+        },
+        "childList": {
+            "type": "jsonArray",
+            "notStorable": true,
+            "disabled": true
+        }
+    },
+    "links": {
+        "createdBy": {
+            "type": "belongsTo",
+            "entity": "User"
+        },
+        "modifiedBy": {
+            "type": "belongsTo",
+            "entity": "User"
+        },
+        "teams": {
+            "type": "hasMany",
+            "entity": "Team",
+            "relationName": "EntityTeam",
+            "layoutRelationshipsDisabled": true
+        },
+        "parent": {
+            "type": "belongsTo",
+            "foreign": "children",
+            "entity": "{entityType}",
+            "isCustom": true
+        },
+        "children": {
+            "type": "hasMany",
+            "foreign": "parent",
+            "entity": "{entityType}",
+            "isCustom": true
+        }
+    },
+    "collection": {
+        "sortBy": "parent",
+        "asc": true
+    },
+    "indexes": {
+        "name": {
+            "columns": [
+                "name",
+                "deleted"
+            ]
+        }
+    },
+    "additionalTables": {
+        "{entityType}Path": {
+            "fields": {
+                "id": {
+                    "type": "id",
+                    "dbType": "int",
+                    "len": "11",
+                    "autoincrement": true,
+                    "unique" : true
+                },
+                "ascendorId": {
+                    "type": "varchar",
+                    "len": "100",
+                    "index": true
+                },
+                "descendorId": {
+                    "type": "varchar",
+                    "len": "24",
+                    "index": true
+                }
+            }
+        }
+    }
+}
--- a/application/Espo/Core/Templates/Metadata/CategoryTree/scopes.json
+++ b/application/Espo/Core/Templates/Metadata/CategoryTree/scopes.json
@@ -0,0 +1,9 @@
+{
+    "entity": true,
+    "layouts": true,
+    "tab": true,
+    "acl": true,
+    "customizable": true,
+    "importable": false,
+    "notifications": false
+}
--- a/application/Espo/Core/Templates/Metadata/Person/scopes.json
+++ b/application/Espo/Core/Templates/Metadata/Person/scopes.json
@@ -0,0 +1,9 @@
+{
+    "entity": true,
+    "layouts": true,
+    "tab": true,
+    "acl": true,
+    "customizable": true,
+    "importable": true,
+    "notifications": true
+}
--- a/application/Espo/Core/Templates/Repositories/CategoryTree.php
+++ b/application/Espo/Core/Templates/Repositories/CategoryTree.php
@@ -0,0 +1,30 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ ************************************************************************/
+
+namespace Espo\Core\Templates\Repositories;
+
+
+class CategoryTree extends \Espo\Core\Repositories\CategoryTree
+{
+
+}
+
--- a/application/Espo/Core/Templates/Services/CategoryTree.php
+++ b/application/Espo/Core/Templates/Services/CategoryTree.php
@@ -0,0 +1,30 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ ************************************************************************/
+
+namespace Espo\Core\Templates\Services;
+
+
+class CategoryTree extends \Espo\Services\RecordTree
+{
+
+}
+
--- a/application/Espo/Core/Upgrades/Actions/Base/Install.php
+++ b/application/Espo/Core/Upgrades/Actions/Base/Install.php
@@ -57,10 +57,10 @@ class Install extends \Espo\Core\Upgrades\Actions\Base
        //check permissions copied and deleted files
        $this->checkIsWritable();

-        $this->backupExistingFiles();
-
        $this->beforeRunAction();

+        $this->backupExistingFiles();
+
        /* run before install script */
        $this->runScript('before');

--- a/application/Espo/Core/Upgrades/Actions/Base/Uninstall.php
+++ b/application/Espo/Core/Upgrades/Actions/Base/Uninstall.php
@@ -56,17 +56,17 @@ class Uninstall extends \Espo\Core\Upgrades\Actions\Base

            /* copy core files */
            if (!$this->copyFiles()) {
-                throw new $this->throwErrorAndRemovePackage('Cannot copy files.');
+                $this->throwErrorAndRemovePackage('Cannot copy files.');
            }

            /* remove extension files, saved in fileList */
            if (!$this->deleteFiles(true)) {
-                throw new $this->throwErrorAndRemovePackage('Permission denied to delete files.');
+                $this->throwErrorAndRemovePackage('Permission denied to delete files.');
            }
        }

        if (!$this->systemRebuild()) {
-            throw new $this->throwErrorAndRemovePackage('Error occurred while EspoCRM rebuild.');
+            $this->throwErrorAndRemovePackage('Error occurred while EspoCRM rebuild.');
        }

        /* run after uninstall script */
--- a/application/Espo/Core/Utils/Cron/Job.php
+++ b/application/Espo/Core/Utils/Cron/Job.php
@@ -33,10 +33,14 @@ class Job

    private $entityManager;

+    private $cronScheduledJob;
+
    public function __construct(Config $config, EntityManager $entityManager)
    {
        $this->config = $config;
        $this->entityManager = $entityManager;
+
+        $this->cronScheduledJob = new ScheduledJob($this->config, $this->entityManager);
    }

    protected function getConfig()
@@ -49,6 +53,11 @@ class Job
        return $this->entityManager;
    }

+    protected function getCronScheduledJob()
+    {
+        return $this->cronScheduledJob;
+    }
+
    /**
     * Get Pending Jobs
     *
@@ -145,13 +154,30 @@ class Job
        $currentTime = time();
        $periodTime = $currentTime - intval($jobConfigs['jobPeriod']);

-        $update = "UPDATE job SET `status` = '" . CronManager::FAILED ."' WHERE
+        $pdo = $this->getEntityManager()->getPDO();
+
+        $select = "SELECT id, scheduled_job_id, execute_time FROM `job` WHERE
                    (`status` = '" . CronManager::RUNNING ."')
                    AND execute_time < '".date('Y-m-d H:i:s', $periodTime)."' ";
+        $sth = $pdo->prepare($select);
+        $sth->execute();

-        $pdo = $this->getEntityManager()->getPDO();
+        $jobData = array();
+        while ($row = $sth->fetch(PDO::FETCH_ASSOC)){
+           $jobData[$row['id']] = $row;
+        }
+
+        $update = "UPDATE job SET `status` = '". CronManager::FAILED ."' WHERE id IN ('".implode("', '", array_keys($jobData))."')";
        $sth = $pdo->prepare($update);
        $sth->execute();
+
+        //add status 'Failed' to SchediledJobLog
+        $cronScheduledJob = $this->getCronScheduledJob();
+        foreach ($jobData as $jobId => $job) {
+            if (!empty($job['scheduled_job_id'])) {
+                $cronScheduledJob->addLogRecord($job['scheduled_job_id'], CronManager::FAILED, $job['execute_time']);
+            }
+        }
    }

    /**
--- a/application/Espo/Core/Utils/Cron/ScheduledJob.php
+++ b/application/Espo/Core/Utils/Cron/ScheduledJob.php
@@ -81,14 +81,16 @@ class ScheduledJob
     *
     * @return string ID of created ScheduledJobLogRecord
     */
-    public function addLogRecord($scheduledJobId, $status)
+    public function addLogRecord($scheduledJobId, $status, $runTime = null)
    {
-        $lastRun = date('Y-m-d H:i:s');
+        if (!isset($runTime)) {
+            $runTime = date('Y-m-d H:i:s');
+        }

        $entityManager = $this->getEntityManager();

        $scheduledJob = $entityManager->getEntity('ScheduledJob', $scheduledJobId);
-        $scheduledJob->set('lastRun', $lastRun);
+        $scheduledJob->set('lastRun', $runTime);
        $entityManager->saveEntity($scheduledJob);

        $scheduledJobLog = $entityManager->getEntity('ScheduledJobLogRecord');
@@ -96,7 +98,7 @@ class ScheduledJob
            'scheduledJobId' => $scheduledJobId,
            'name' => $scheduledJob->get('name'),
            'status' => $status,
-            'executionTime' => $lastRun,
+            'executionTime' => $runTime,
        ));
        $scheduledJobLogId = $entityManager->saveEntity($scheduledJobLog);

--- a/application/Espo/Core/Utils/Crypt.php
+++ b/application/Espo/Core/Utils/Crypt.php
@@ -25,19 +25,19 @@ namespace Espo\Core\Utils;
 class Crypt
 {
    private $config;
-    
+
    private $key = null;
-    
+
    private $cryptKey = null;

    private $iv = null;
-    
+
    public function __construct($config)
    {
        $this->config = $config;
        $this->cryptKey = $config->get('cryptKey', '');
    }
-    
+
    protected function getKey()
    {
        if (empty($this->key)) {
@@ -53,13 +53,13 @@ class Crypt
        }
        return $this->iv;
    }
-    
+
    public function encrypt($string)
    {
        $iv = $this->getIv();
        return base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $this->getKey(), $string, MCRYPT_MODE_CBC, $iv) . $iv);
    }
-    
+
    public function decrypt($encryptedString)
    {
        $encryptedString = base64_decode($encryptedString);
@@ -68,7 +68,7 @@ class Crypt
        $iv = substr($encryptedString, -16);
        return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $this->getKey(), $string, MCRYPT_MODE_CBC, $iv));
    }
-    
+
    public function generateKey()
    {
        return md5(uniqid());
--- a/application/Espo/Core/Utils/Database/Converter.php
+++ b/application/Espo/Core/Utils/Database/Converter.php
@@ -33,16 +33,8 @@ class Converter

    private $schemaConverter;

-
-
    private $schemaFromMetadata = null;

-    /**
-    * @var array $meta - metadata array
-    */
-    //private $meta;
-
-
    public function __construct(\Espo\Core\Utils\Metadata $metadata, \Espo\Core\Utils\File\Manager $fileManager)
    {
        $this->metadata = $metadata;
@@ -53,7 +45,6 @@ class Converter
        $this->schemaConverter = new Schema\Converter($this->fileManager);
    }

-
    protected function getMetadata()
    {
        return $this->metadata;
@@ -69,13 +60,11 @@ class Converter
        return $this->schemaConverter;
    }

-
    public function getSchemaFromMetadata($entityList = null)
    {
        $ormMeta = $this->getMetadata()->getOrmMetadata();
-        $entityDefs = $this->getMetadata()->get('entityDefs');

-        $this->schemaFromMetadata = $this->getSchemaConverter()->process($ormMeta, $entityDefs, $entityList);
+        $this->schemaFromMetadata = $this->getSchemaConverter()->process($ormMeta, $entityList);

        return $this->schemaFromMetadata;
    }
@@ -98,11 +87,4 @@ class Converter

        return $result;
    }
-
-
-
-
-}
-
-
-?>
+}
--- a/application/Espo/Core/Utils/Database/DBAL/Platforms/MySqlPlatform.php
+++ b/application/Espo/Core/Utils/Database/DBAL/Platforms/MySqlPlatform.php
@@ -22,12 +22,13 @@

 namespace Espo\Core\Utils\Database\DBAL\Platforms;

-use Doctrine\DBAL\Schema\TableDiff,
-    Doctrine\DBAL\Schema\Index,
-    Doctrine\DBAL\Schema\Table,
-    Doctrine\DBAL\Schema\Constraint,
-    Doctrine\DBAL\Schema\ForeignKeyConstraint;
-
+use Doctrine\DBAL\Schema\TableDiff;
+use Doctrine\DBAL\Schema\Index;
+use Doctrine\DBAL\Schema\Table;
+use Doctrine\DBAL\Schema\Constraint;
+use Doctrine\DBAL\Schema\ForeignKeyConstraint;
+use Doctrine\DBAL\Schema\ColumnDiff;
+use Doctrine\DBAL\Schema\Column;

 class MySqlPlatform extends \Doctrine\DBAL\Platforms\MySqlPlatform
 {
@@ -39,21 +40,52 @@ class MySqlPlatform extends \Doctrine\DBAL\Platforms\MySqlPlatform
            $queryParts[] = 'RENAME TO ' . $diff->newName;
        }

-        foreach ($diff->addedColumns as $column) {
-            if ($this->onSchemaAlterTableAddColumn($column, $diff, $columnSql)) {
+        //espo: It works not correctly. It can rename some existing fields
+        foreach ($diff->renamedColumns as $oldColumnName => $column) {
+            if ($this->onSchemaAlterTableRenameColumn($oldColumnName, $column, $diff, $columnSql)) {
                continue;
            }

+            //espo: remaned autoincrement field
+            if ($column->getAutoincrement()) {
+                $diff->removedColumns[$oldColumnName] = new Column($oldColumnName, $column->getType(), $column->toArray());
+
+                $columnName = $column->getQuotedName($this);
+                $diff->addedColumns[$columnName] = $column;
+                continue;
+            }
+            //END espo
+
            $columnArray = $column->toArray();
            $columnArray['comment'] = $this->getColumnComment($column);
-            $queryParts[] = 'ADD ' . $this->getColumnDeclarationSQL($column->getQuotedName($this), $columnArray);
-        }
+            /*$queryParts[] =  'CHANGE ' . $oldColumnName . ' '
+                    . $this->getColumnDeclarationSQL($column->getQuotedName($this), $columnArray); */
+            $queryParts[] = 'ADD ' . $this->getColumnDeclarationSQL($column->getQuotedName($this), $columnArray); //espo: fixed the problem
+        } //espo: END

        foreach ($diff->removedColumns as $column) {
            if ($this->onSchemaAlterTableRemoveColumn($column, $diff, $columnSql)) {
                continue;
            }

+            //espo: remove autoincrement option
+            if ($column->getAutoincrement()) {
+
+                $columnName = $column->getQuotedName($this);
+
+                $changedColumn = clone $column;
+                $changedColumn->setNotNull(false);
+                $changedColumn->setAutoincrement(false);
+
+                $changedProperties = array(
+                    'notnull',
+                    'autoincrement',
+                );
+
+                $diff->changedColumns[$columnName] = new ColumnDiff($columnName, $changedColumn, $changedProperties, $column);
+            }
+            //END espo
+
            //$queryParts[] =  'DROP ' . $column->getQuotedName($this); //espo: no needs to remove columns
        }

@@ -71,19 +103,15 @@ class MySqlPlatform extends \Doctrine\DBAL\Platforms\MySqlPlatform
                    . $this->getColumnDeclarationSQL($column->getQuotedName($this), $columnArray);
        }

-        //espo: It works not correctly. It can rename some existing fields
-        foreach ($diff->renamedColumns as $oldColumnName => $column) {
-            if ($this->onSchemaAlterTableRenameColumn($oldColumnName, $column, $diff, $columnSql)) {
+        foreach ($diff->addedColumns as $column) {
+            if ($this->onSchemaAlterTableAddColumn($column, $diff, $columnSql)) {
                continue;
            }

            $columnArray = $column->toArray();
            $columnArray['comment'] = $this->getColumnComment($column);
-            /*$queryParts[] =  'CHANGE ' . $oldColumnName . ' '
-                    . $this->getColumnDeclarationSQL($column->getQuotedName($this), $columnArray); */
-            $queryParts[] = 'ADD ' . $this->getColumnDeclarationSQL($column->getQuotedName($this), $columnArray); //espo: fixed the problem
-        } //espo: END
-
+            $queryParts[] = 'ADD ' . $this->getColumnDeclarationSQL($column->getQuotedName($this), $columnArray);
+        }

        $sql = array();
        $tableSql = array();
--- a/application/Espo/Core/Utils/Database/Orm/Converter.php
+++ b/application/Espo/Core/Utils/Database/Orm/Converter.php
@@ -29,7 +29,7 @@ class Converter
 {
    private $metadata;
    private $fileManager;
-    private $metadataUtils;
+    private $metadataHelper;

    private $relationManager;

@@ -79,9 +79,18 @@ class Converter

    protected $idParams = array(
        'dbType' => 'varchar',
-        'len' => '24',
+        'len' => 24,
    );

+    /**
+     * Permitted Entity options which will be moved to ormMetadata
+     *
+     * @var array
+     */
+    protected $permittedEntityOptions = array(
+        'indexes',
+        'additionalTables',
+    );

    public function __construct(\Espo\Core\Utils\Metadata $metadata, \Espo\Core\Utils\File\Manager $fileManager)
    {
@@ -90,18 +99,17 @@ class Converter

        $this->relationManager = new RelationManager($this->metadata);

-        $this->metadataUtils = new \Espo\Core\Utils\Metadata\Utils($this->metadata);
+        $this->metadataHelper = new \Espo\Core\Utils\Metadata\Helper($this->metadata);
    }

-
    protected function getMetadata()
    {
        return $this->metadata;
    }

-    protected function getEntityDefs()
+    protected function getEntityDefs($reload = false)
    {
-        if (empty($this->entityDefs)) {
+        if (empty($this->entityDefs) || $reload) {
            $this->entityDefs = $this->getMetadata()->get('entityDefs');
        }

@@ -118,14 +126,19 @@ class Converter
        return $this->relationManager;
    }

-    protected function getMetadataUtils()
+    protected function getMetadataHelper()
    {
-        return $this->metadataUtils;
+        return $this->metadataHelper;
    }

+    /**
+     * Orm metadata convertation process
+     *
+     * @return array
+     */
    public function process()
    {
-        $entityDefs = $this->getEntityDefs();
+        $entityDefs = $this->getEntityDefs(true);

        $ormMeta = array();
        foreach($entityDefs as $entityName => $entityMeta) {
@@ -153,8 +166,10 @@ class Converter
            ),
        );

-        if (isset($entityMeta['indexes'])) {
-            $ormMeta[$entityName]['indexes'] = $entityMeta['indexes'];
+        foreach ($this->permittedEntityOptions as $optionName) {
+            if (isset($entityMeta[$optionName])) {
+                $ormMeta[$entityName][$optionName] = $entityMeta[$optionName];
+            }
        }

        $ormMeta[$entityName]['fields'] = $this->convertFields($entityName, $entityMeta);
@@ -175,12 +190,12 @@ class Converter
                switch ($fieldParams['type']) {
                    case 'id':
                        if ($fieldParams['dbType'] != 'int') {
-                            $fieldParams = array_merge($fieldParams, $this->idParams);
+                            $fieldParams = array_merge($this->idParams, $fieldParams);
                        }
                        break;

                    case 'foreignId':
-                        $fieldParams = array_merge($fieldParams, $this->idParams);
+                        $fieldParams = array_merge($this->idParams, $fieldParams);
                        $fieldParams['notNull'] = false;
                        break;

@@ -211,6 +226,11 @@ class Converter
     */
    protected function convertFields($entityName, &$entityMeta)
    {
+        //List of unmerged fields with default field defenitions in $outputMeta
+        $unmergedFields = array(
+            'name',
+        );
+
        $outputMeta = array(
            'id' => array(
                'type' => Entity::ID,
@@ -220,36 +240,31 @@ class Converter
                'type' => isset($entityMeta['fields']['name']['type']) ? $entityMeta['fields']['name']['type'] : Entity::VARCHAR,
                'notStorable' => true,
            ),
+            'deleted' => array(
+                'type' => Entity::BOOL,
+                'default' => false,
+            ),
        );

        foreach($entityMeta['fields'] as $fieldName => $fieldParams) {

            /** check if "fields" option exists in $fieldMeta */
-            $fieldTypeMeta = $this->getMetadataUtils()->getFieldDefsByType($fieldParams);
+            $fieldTypeMeta = $this->getMetadataHelper()->getFieldDefsByType($fieldParams);

-            if (isset($fieldTypeMeta['fields']) && is_array($fieldTypeMeta['fields'])) {
+            $fieldDefs = $this->convertField($entityName, $fieldName, $fieldParams, $fieldTypeMeta);

-                foreach($fieldTypeMeta['actualFields'] as $subFieldName) {
-
-                    $subField = $this->convertActualFields($entityName, $fieldName, $fieldParams, $subFieldName, $fieldTypeMeta);
-
-                    if (!isset($outputMeta[ $subField['naming'] ])) {
-                        $subFieldDefs = $this->convertField($entityName, $subField['name'], $subField['params']);
-                        if ($subFieldDefs !== false) {
-                            $outputMeta[ $subField['naming'] ] = $subFieldDefs; //push fieldDefs to the main array
-                        }
-                    }
-                }
-            } else {
-                $fieldDefs = $this->convertField($entityName, $fieldName, $fieldParams, $fieldTypeMeta);
-                if ($fieldDefs !== false) {
-                    $outputMeta[$fieldName] = $fieldDefs; //push fieldDefs to the main array
+            if ($fieldDefs !== false) {
+                //push fieldDefs to the ORM metadata array
+                if (isset($outputMeta[$fieldName]) && !in_array($fieldName, $unmergedFields)) {
+                    $outputMeta[$fieldName] = array_merge($outputMeta[$fieldName], $fieldDefs);
+                } else {
+                    $outputMeta[$fieldName] = $fieldDefs;
                }
            }

            /** check and set the linkDefs from 'fields' metadata */
            if (isset($fieldTypeMeta['linkDefs'])) {
-                $linkDefs = $this->getMetadataUtils()->getLinkDefsInFieldMeta($entityName, $fieldParams, $fieldTypeMeta['linkDefs']);
+                $linkDefs = $this->getMetadataHelper()->getLinkDefsInFieldMeta($entityName, $fieldParams, $fieldTypeMeta['linkDefs']);
                if (isset($linkDefs)) {
                    if (!isset($entityMeta['links'])) {
                        $entityMeta['links'] = array();
@@ -259,13 +274,6 @@ class Converter
            }
        }

-        if (!isset($outputMeta['deleted'])) {
-            $outputMeta['deleted'] = array(
-                'type' => Entity::BOOL,
-                'default' => false,
-            );
-        }
-
        return $outputMeta;
    }

@@ -313,6 +321,15 @@ class Converter
                    'type' => 'varchar',
                    'notStorable' => true,
                );
+
+                $ormMeta[$entityName]['fields']['followersIds'] = array(
+                    'type' => 'jsonArray',
+                    'notStorable' => true,
+                );
+                $ormMeta[$entityName]['fields']['followersNames'] = array(
+                    'type' => 'jsonObject',
+                    'notStorable' => true,
+                );
            }
        } //END: add a field 'isFollowed' for stream => true

@@ -321,23 +338,17 @@ class Converter

    protected function convertField($entityName, $fieldName, array $fieldParams, $fieldTypeMeta = null)
    {
-        /** set default type if exists */
-        if (!isset($fieldParams['type']) || empty($fieldParams['type'])) {
-            $GLOBALS['log']->debug('Field type does not exist for '.$entityName.':'.$fieldName.'. Use default type ['.$this->defaultFieldType.']');
-            $fieldParams['type'] = $this->defaultFieldType;
-        } /** END: set default type if exists */
-
        /** merge fieldDefs option from field definition */
        if (!isset($fieldTypeMeta)) {
-            $fieldTypeMeta = $this->getMetadataUtils()->getFieldDefsByType($fieldParams);
+            $fieldTypeMeta = $this->getMetadataHelper()->getFieldDefsByType($fieldParams);
        }

        if (isset($fieldTypeMeta['fieldDefs'])) {
            $fieldParams = Util::merge($fieldParams, $fieldTypeMeta['fieldDefs']);
        }

-        /** check if need to skip this field in ORM metadata */
-        if (isset($fieldParams['skip']) && $fieldParams['skip'] === true) {
+        /** check if need to skipOrmDefs this field in ORM metadata */
+        if (isset($fieldParams['skipOrmDefs']) && $fieldParams['skipOrmDefs'] === true) {
            return false;
        }

@@ -361,45 +372,12 @@ class Converter
        return $fieldDefs;
    }

-    protected function convertActualFields($entityName, $fieldName, $fieldParams, $subFieldName, $fieldTypeMeta)
-    {
-        $subField = array();
-
-        $subField['params'] = $this->getInitValues($fieldParams);
-
-        if (isset($fieldTypeMeta['fieldDefs'])) {
-            $subField['params'] = Util::merge($subField['params'], $fieldTypeMeta['fieldDefs']);
-        }
-
-        //if empty field name, then use the main field
-        if (trim($subFieldName) == '') {
-
-            $subField['name'] = $fieldName;
-            $subField['naming'] = $fieldName;
-
-        } else {
-
-            $namingType = isset($fieldTypeMeta['naming']) ? $fieldTypeMeta['naming'] : $this->defaultNaming;
-
-            $subField['name'] = $subFieldName;
-            $subField['naming'] = Util::getNaming($fieldName, $subFieldName, $namingType);
-            if (isset($fieldTypeMeta['fields'][$subFieldName])) {
-                $subField['params'] = Util::merge($subField['params'], $fieldTypeMeta['fields'][$subFieldName]);
-            }
-
-        }
-
-        return $subField;
-    }
-
    protected function convertLinks($entityName, $entityMeta, $ormMeta)
    {
        if (!isset($entityMeta['links'])) {
            return array();
        }

-        $entityDefs = $this->getEntityDefs();
-
        $relationships = array();
        foreach($entityMeta['links'] as $linkName => $linkParams) {

--- a/application/Espo/Core/Utils/Database/Orm/Fields/AttachmentMultiple.php
+++ b/application/Espo/Core/Utils/Database/Orm/Fields/AttachmentMultiple.php
@@ -0,0 +1,51 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ ************************************************************************/
+
+namespace Espo\Core\Utils\Database\Orm\Fields;
+
+class AttachmentMultiple extends Base
+{
+    protected function load($fieldName, $entityType)
+    {
+        $data = array(
+            $entityType => array (
+                'fields' => array(
+                    $fieldName.'Ids' => array(
+                        'type' => 'varchar',
+                        'notStorable' => true
+                    ),
+                    $fieldName.'Names' => array(
+                        'type' => 'varchar',
+                        'notStorable' => true
+                    ),
+                )
+            ),
+            'unset' => array(
+                $entityType => array(
+                    'fields.'.$fieldName,
+                ),
+            ),
+        );
+
+        return $data;
+    }
+}
--- a/application/Espo/Core/Utils/Database/Orm/RelationManager.php
+++ b/application/Espo/Core/Utils/Database/Orm/RelationManager.php
@@ -28,8 +28,6 @@ class RelationManager
 {
    private $metadata;

-    private $entityDefs;
-
    public function __construct(\Espo\Core\Utils\Metadata $metadata)
    {
        $this->metadata = $metadata;
@@ -40,16 +38,6 @@ class RelationManager
        return $this->metadata;
    }

-    protected function getEntityDefs()
-    {
-        if (empty($this->entityDefs)) {
-            $this->entityDefs = $this->getMetadata()->get('entityDefs');
-        }
-
-        return $this->entityDefs;
-    }
-
-
    public function getLinkEntityName($entityName, $linkParams)
    {
        return isset($linkParams['entity']) ? $linkParams['entity'] : $entityName;
@@ -110,7 +98,7 @@ class RelationManager

    public function convert($linkName, $linkParams, $entityName, $ormMeta)
    {
-        $entityDefs = $this->getEntityDefs();
+        $entityDefs = $this->getMetadata()->get('entityDefs');

        $foreignEntityName = $this->getLinkEntityName($entityName, $linkParams);
        $foreignLink = $this->getForeignLink($linkName, $linkParams, $entityDefs[$foreignEntityName]);
--- a/application/Espo/Core/Utils/Database/Orm/Relations/Attachments.php
+++ b/application/Espo/Core/Utils/Database/Orm/Relations/Attachments.php
@@ -32,7 +32,7 @@ class Attachments extends HasChildren
            $entityName => array (
                'fields' => array(
                    $linkName.'Types' => array(
-                        'type' => 'varchar',
+                        'type' => 'jsonObject',
                        'notStorable' => true,
                    ),
                ),
--- a/application/Espo/Core/Utils/Database/Orm/Relations/Base.php
+++ b/application/Espo/Core/Utils/Database/Orm/Relations/Base.php
@@ -22,6 +22,8 @@

 namespace Espo\Core\Utils\Database\Orm\Relations;

+use Espo\Core\Utils\Util;
+
 class Base extends \Espo\Core\Utils\Database\Orm\Base
 {
    private $params;
@@ -119,8 +121,11 @@ class Base extends \Espo\Core\Utils\Database\Orm\Base

                $additionalParrams = $this->getAllowedAdditionalParams($name);

-                if (isset($additionalParrams) && !isset($linkParams[$name])) {
+                if (isset($additionalParrams)) {
                    $linkParams[$name] = $additionalParrams;
+                    if (isset($linkParams[$name]) && is_array($linkParams[$name])) {
+                        $linkParams[$name] = Util::merge($linkParams[$name], $additionalParrams);
+                    }
                }
            }
        }
--- a/application/Espo/Core/Utils/Database/Schema/Converter.php
+++ b/application/Espo/Core/Utils/Database/Schema/Converter.php
@@ -47,11 +47,10 @@ class Converter
        'unique' => 'unique',
    );

-
    //todo: same array in Converters\Orm
    protected $idParams = array(
        'dbType' => 'varchar',
-        'len' => '24',
+        'len' => 24,
    );

    //todo: same array in Converters\Orm
@@ -68,8 +67,6 @@ class Converter
    {
        $this->fileManager = $fileManager;

-        $this->dbalSchema = new \Espo\Core\Utils\Database\DBAL\Schema\Schema();
-
        $this->typeList = array_keys(\Doctrine\DBAL\Types\Type::getTypesMap());
    }

@@ -78,18 +75,36 @@ class Converter
        return $this->fileManager;
    }

-    protected function getSchema()
+    /**
+     * Get schema
+     *
+     * @param  boolean $reload
+     *
+     * @return \Doctrine\DBAL\Schema\Schema
+     */
+    protected function getSchema($reload = false)
    {
+        if (!isset($this->dbalSchema) || $reload) {
+            $this->dbalSchema = new \Espo\Core\Utils\Database\DBAL\Schema\Schema();
+        }
+
        return $this->dbalSchema;
    }

-
-    public function process(array $ormMeta, $entityDefs, $entityList = null)
+    /**
+     * Schema convertation process
+     *
+     * @param  array  $ormMeta
+     * @param  array|null $entityList
+     *
+     * @return \Doctrine\DBAL\Schema\Schema
+     */
+    public function process(array $ormMeta, $entityList = null)
    {
        $GLOBALS['log']->debug('Schema\Converter - Start: building schema');

        //check if exist files in "Tables" directory and merge with ormMetadata
-        $ormMeta = Util::merge($ormMeta, $this->getCustomTables());
+        $ormMeta = Util::merge($ormMeta, $this->getCustomTables($ormMeta));

        //unset some keys in orm
        if (isset($ormMeta['unset'])) {
@@ -106,7 +121,7 @@ class Converter
            $ormMeta = array_intersect_key($ormMeta, array_flip($dependentEntities));
        }

-        $schema = $this->getSchema();
+        $schema = $this->getSchema(true);

        $tables = array();
        foreach ($ormMeta as $entityName => $entityParams) {
@@ -335,11 +350,14 @@ class Converter
        return $keyList;
    }

-
-    /*
-     * @return array - ormMeta
+    /**
+     * Get custom table defenition in "application/Espo/Core/Utils/Database/Schema/tables/" and in metadata 'additionalTables'
+     *
+     * @param  array  $ormMeta
+     *
+     * @return array
     */
-    protected function getCustomTables()
+    protected function getCustomTables(array $ormMeta)
    {
        $customTables = array();

@@ -352,6 +370,13 @@ class Converter
            }
        }

+        //get custom tables from metdata 'additionalTables'
+        foreach ($ormMeta as $entityName => $entityParams) {
+            if (isset($entityParams['additionalTables']) && is_array($entityParams['additionalTables'])) {
+                $customTables = Util::merge($customTables, $entityParams['additionalTables']);
+            }
+        }
+
        return $customTables;
    }

--- a/application/Espo/Core/Utils/EntityManager.php
+++ b/application/Espo/Core/Utils/EntityManager.php
@@ -35,7 +35,7 @@ class EntityManager

    private $fileManager;

-    private $metadataUtils;
+    private $metadataHelper;

    public function __construct(Metadata $metadata, Language $language, File\Manager $fileManager)
    {
@@ -43,7 +43,7 @@ class EntityManager
        $this->language = $language;
        $this->fileManager = $fileManager;

-        $this->metadataUtils = new \Espo\Core\Utils\Metadata\Utils($this->metadata);
+        $this->metadataHelper = new \Espo\Core\Utils\Metadata\Helper($this->metadata);
    }

    protected function getMetadata()
@@ -61,9 +61,9 @@ class EntityManager
        return $this->fileManager;
    }

-    protected function getMetadataUtils()
+    protected function getMetadataHelper()
    {
-        return $this->metadataUtils;
+        return $this->metadataHelper;
    }

    public function create($name, $type, $params = array())
@@ -77,8 +77,8 @@ class EntityManager

        $normalizedName = Util::normilizeClassName($name);

-        $contents = "<" . "?" . "php\n".
-            "namespace Espo\Custom\Entities;\n".
+        $contents = "<" . "?" . "php\n\n".
+            "namespace Espo\Custom\Entities;\n\n".
            "class {$normalizedName} extends \Espo\Core\Templates\Entities\\{$type}\n".
            "{\n".
            "    protected \$entityType = \"$name\";\n".
@@ -87,24 +87,24 @@ class EntityManager
        $filePath = "custom/Espo/Custom/Entities/{$normalizedName}.php";
        $this->getFileManager()->putContents($filePath, $contents);

-        $contents = "<" . "?" . "php\n".
-            "namespace Espo\Custom\Controllers;\n".
+        $contents = "<" . "?" . "php\n\n".
+            "namespace Espo\Custom\Controllers;\n\n".
            "class {$normalizedName} extends \Espo\Core\Templates\Controllers\\{$type}\n".
            "{\n".
            "}\n";
        $filePath = "custom/Espo/Custom/Controllers/{$normalizedName}.php";
        $this->getFileManager()->putContents($filePath, $contents);

-        $contents = "<" . "?" . "php\n".
-            "namespace Espo\Custom\Services;\n".
+        $contents = "<" . "?" . "php\n\n".
+            "namespace Espo\Custom\Services;\n\n".
            "class {$normalizedName} extends \Espo\Core\Templates\Services\\{$type}\n".
            "{\n".
            "}\n";
        $filePath = "custom/Espo/Custom/Services/{$normalizedName}.php";
        $this->getFileManager()->putContents($filePath, $contents);

-        $contents = "<" . "?" . "php\n".
-            "namespace Espo\Custom\Repositories;\n".
+        $contents = "<" . "?" . "php\n\n".
+            "namespace Espo\Custom\Repositories;\n\n".
            "class {$normalizedName} extends \Espo\Core\Templates\Repositories\\{$type}\n".
            "{\n".
            "}\n";
@@ -126,27 +126,29 @@ class EntityManager
        }
        $labelCreate = $this->getLanguage()->translate('Create') . ' ' . $labelSingular;

-        $scopeData = array(
-            'entity' => true,
-            'layouts' => true,
-            'tab' => true,
-            'acl' => true,
-            'module' => 'Custom',
-            'isCustom' => true,
-            'customizable' => true,
-            'importable' => true,
-            'type' => $type,
-            'stream' => $stream,
-            'notifications' => true
-        );
-        $this->getMetadata()->set('scopes', $name, $scopeData);
+        $filePath = "application/Espo/Core/Templates/Metadata/{$type}/scopes.json";
+        $scopesDataContents = $this->getFileManager()->getContents($filePath);
+        $scopesDataContents = str_replace('{entityType}', $name, $scopesDataContents);
+        $scopesData = Json::decode($scopesDataContents, true);
+
+        $scopesData['stream'] = $stream;
+        $scopesData['type'] = $type;
+        $scopesData['module'] = 'Custom';
+        $scopesData['object'] = true;
+        $scopesData['isCustom'] = true;
+
+        $this->getMetadata()->set('scopes', $name, $scopesData);

        $filePath = "application/Espo/Core/Templates/Metadata/{$type}/entityDefs.json";
-        $entityDefsData = Json::decode($this->getFileManager()->getContents($filePath), true);
+        $entityDefsDataContents = $this->getFileManager()->getContents($filePath);
+        $entityDefsDataContents = str_replace('{entityType}', $name, $entityDefsDataContents);
+        $entityDefsData = Json::decode($entityDefsDataContents, true);
        $this->getMetadata()->set('entityDefs', $name, $entityDefsData);

        $filePath = "application/Espo/Core/Templates/Metadata/{$type}/clientDefs.json";
-        $clientDefsData = Json::decode($this->getFileManager()->getContents($filePath), true);
+        $clientDefsContents = $this->getFileManager()->getContents($filePath);
+        $clientDefsContents = str_replace('{entityType}', $name, $clientDefsContents);
+        $clientDefsData = Json::decode($clientDefsContents, true);
        $this->getMetadata()->set('clientDefs', $name, $clientDefsData);

        $this->getLanguage()->set('Global', 'scopeNames', $name, $labelSingular);
@@ -156,6 +158,11 @@ class EntityManager
        $this->getMetadata()->save();
        $this->getLanguage()->save();

+        $layoutsPath = "application/Espo/Core/Templates/Layouts/{$type}";
+        if ($this->getFileManager()->isDir($layoutsPath)) {
+            $this->getFileManager()->copy($layoutsPath, 'custom/Espo/Custom/Resources/layouts/' . $name);
+        }
+
        return true;
    }

@@ -184,6 +191,16 @@ class EntityManager
            $this->getLanguage()->set('Global', 'scopeNamesPlural', $name, $labelPlural);
        }

+        if (isset($data['sortBy'])) {
+            $entityDefsData = array(
+                'collection' => array(
+                    'sortBy' => $data['sortBy'],
+                    'asc' => !empty($data['asc'])
+                )
+            );
+            $this->getMetadata()->set('entityDefs', $name, $entityDefsData);
+        }
+
        $this->getMetadata()->save();
        $this->getLanguage()->save();

@@ -261,6 +278,12 @@ class EntityManager
            throw new Conflict('Link ['.$entityForeign.'::'.$linkForeign.'] already exists.');
        }

+        if ($entity === $entityForeign) {
+            if ($link === ucfirst($entity) || $linkForeign === ucfirst($entity)) {
+                throw new Conflict();
+            }
+        }
+
        switch ($linkType) {
            case 'oneToMany':
                if ($this->getMetadata()->get('entityDefs.' . $entityForeign . '.field.' . $linkForeign)) {
@@ -343,6 +366,10 @@ class EntityManager
                        )
                    )
                );
+                if ($entityForeign == $entity) {
+                    $dataLeft['links'][$link]['midKeys'] = ['leftId', 'rightId'];
+                    $dataRight['links'][$linkForeign]['midKeys'] = ['rightId', 'leftId'];
+                }
                break;
        }

--- a/application/Espo/Core/Utils/FieldManager.php
+++ b/application/Espo/Core/Utils/FieldManager.php
@@ -31,7 +31,7 @@ class FieldManager

    private $language;

-    private $metadataUtils;
+    private $metadataHelper;

    protected $isChanged = null;

@@ -44,7 +44,7 @@ class FieldManager
        $this->metadata = $metadata;
        $this->language = $language;

-        $this->metadataUtils = new \Espo\Core\Utils\Metadata\Utils($this->metadata);
+        $this->metadataHelper = new \Espo\Core\Utils\Metadata\Helper($this->metadata);
    }

    protected function getMetadata()
@@ -57,9 +57,9 @@ class FieldManager
        return $this->language;
    }

-    protected function getMetadataUtils()
+    protected function getMetadataHelper()
    {
-        return $this->metadataUtils;
+        return $this->metadataHelper;
    }

    public function read($name, $scope)
@@ -187,11 +187,6 @@ class FieldManager
            }
        }

-        if (isset($fieldDef['linkDefs'])) {
-            $linkDefs = $fieldDef['linkDefs'];
-            unset($fieldDef['linkDefs']);
-        }
-
        $currentOptionList = array_keys((array) $this->getFieldDef($name, $scope));
        foreach ($fieldDef as $defName => $defValue) {
            if ( (!isset($defValue) || $defValue === '') && !in_array($defName, $currentOptionList) ) {
@@ -214,11 +209,16 @@ class FieldManager
    {
        $fieldDef = $this->prepareFieldDef($fieldName, $fieldDef, $scope);

-        $metaFieldDef = $this->getMetadataUtils()->getFieldDefsInFieldMeta($fieldDef);
+        $metaFieldDef = $this->getMetadataHelper()->getFieldDefsInFieldMeta($fieldDef);
        if (isset($metaFieldDef)) {
            $fieldDef = Util::merge($metaFieldDef, $fieldDef);
        }

+        if (isset($fieldDef['linkDefs'])) {
+            $linkDefs = $fieldDef['linkDefs'];
+            unset($fieldDef['linkDefs']);
+        }
+
        $defs = array(
            'fields' => array(
                $fieldName => $fieldDef,
@@ -226,7 +226,7 @@ class FieldManager
        );

        /** Save links for a field. */
-        $metaLinkDef = $this->getMetadataUtils()->getLinkDefsInFieldMeta($scope, $fieldDef);
+        $metaLinkDef = $this->getMetadataHelper()->getLinkDefsInFieldMeta($scope, $fieldDef);
        if (isset($linkDefs) || isset($metaLinkDef)) {
            $linkDefs = Util::merge((array) $metaLinkDef, (array) $linkDefs);
            $defs['links'] = array(
--- a/application/Espo/Core/Utils/File/FileUnifier.php
+++ b/application/Espo/Core/Utils/File/FileUnifier.php
@@ -28,10 +28,12 @@ use Espo\Core\Utils\Json;
 class FileUnifier
 {
    private $fileManager;
+    private $metadata;

-    public function __construct(\Espo\Core\Utils\File\Manager $fileManager)
+    public function __construct(\Espo\Core\Utils\File\Manager $fileManager, \Espo\Core\Utils\Metadata $metadata = null)
    {
        $this->fileManager = $fileManager;
+        $this->metadata = $metadata;
    }

    protected function getFileManager()
@@ -39,6 +41,11 @@ class FileUnifier
        return $this->fileManager;
    }

+    protected function getMetadata()
+    {
+        return $this->metadata;
+    }
+
    /**
     * Unite files content
     *
@@ -53,7 +60,7 @@ class FileUnifier

        if (!empty($paths['modulePath'])) {
            $moduleDir = strstr($paths['modulePath'], '{*}', true);
-            $moduleList = $this->getFileManager()->getFileList($moduleDir, false, '', false);
+            $moduleList = isset($this->metadata) ? $this->getMetadata()->getModuleList() : $this->getFileManager()->getFileList($moduleDir, false, '', false);

            foreach ($moduleList as $moduleName) {
                $moduleFilePath = str_replace('{*}', $moduleName, $paths['modulePath']);
--- a/application/Espo/Core/Utils/File/Manager.php
+++ b/application/Espo/Core/Utils/File/Manager.php
@@ -242,7 +242,7 @@ class Manager
    public function putContentsJson($path, $data)
    {
        if (!Utils\Json::isJSON($data)) {
-            $data = Utils\Json::encode($data, JSON_PRETTY_PRINT);
+            $data = Utils\Json::encode($data, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE);
        }

        return $this->putContents($path, $data, LOCK_EX);
@@ -283,7 +283,7 @@ class Manager
        $data = Utils\Util::merge($savedDataArray, $newDataArray);

        if ($isReturnJson) {
-            $data = Utils\Json::encode($data, JSON_PRETTY_PRINT);
+            $data = Utils\Json::encode($data, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE);
        }

        if ($isPhp) {
@@ -669,6 +669,17 @@ class Manager
        return (bool) $res;
    }

+    /**
+     * Check if $dirname is directory.
+     *
+     * @param  string  $dirname
+     * @return boolean
+     */
+    public function isDir($dirname)
+    {
+        return is_dir($dirname);
+    }
+
    /**
     * Check if $filename is file. If $filename doesn'ot exist, check by pathinfo
     *
--- a/application/Espo/Core/Utils/File/Unifier.php
+++ b/application/Espo/Core/Utils/File/Unifier.php
@@ -27,15 +27,17 @@ use Espo\Core\Utils;
 class Unifier
 {
    private $fileManager;
+    private $metadata;

    protected $params = array(
        'unsetFileName' => 'unset.json',
        'defaultsPath' => 'application/Espo/Core/defaults',
    );

-    public function __construct(\Espo\Core\Utils\File\Manager $fileManager)
+    public function __construct(\Espo\Core\Utils\File\Manager $fileManager, \Espo\Core\Utils\Metadata $metadata = null)
    {
        $this->fileManager = $fileManager;
+        $this->metadata = $metadata;
    }

    protected function getFileManager()
@@ -43,6 +45,11 @@ class Unifier
        return $this->fileManager;
    }

+    protected function getMetadata()
+    {
+        return $this->metadata;
+    }
+
    /**
     * Unite file content to the file
     *
@@ -58,11 +65,12 @@ class Unifier

        if (!empty($paths['modulePath'])) {
            $customDir = strstr($paths['modulePath'], '{*}', true);
-            $dirList = $this->getFileManager()->getFileList($customDir, false, '', false);

-            foreach ($dirList as $dirName) {
-                $curPath = str_replace('{*}', $dirName, $paths['modulePath']);
-                $content = Utils\Util::merge($content, $this->unifySingle($curPath, $name, $recursively, $dirName));
+            $moduleList = isset($this->metadata) ? $this->getMetadata()->getModuleList() : $this->getFileManager()->getFileList($customDir, false, '', false);
+
+            foreach ($moduleList as $moduleName) {
+                $curPath = str_replace('{*}', $moduleName, $paths['modulePath']);
+                $content = Utils\Util::merge($content, $this->unifySingle($curPath, $name, $recursively, $moduleName));
            }
        }

--- a/application/Espo/Core/Utils/Language.php
+++ b/application/Espo/Core/Utils/Language.php
@@ -30,6 +30,7 @@ class Language
 {
    private $fileManager;
    private $config;
+    private $metadata;
    private $preferences;
    private $unifier;

@@ -62,13 +63,14 @@ class Language
    );


-    public function __construct(\Espo\Core\Utils\File\Manager $fileManager, \Espo\Core\Utils\Config $config, \Espo\Entities\Preferences $preferences = null)
+    public function __construct(File\Manager $fileManager, Config $config, Metadata $metadata, \Espo\Entities\Preferences $preferences = null)
    {
        $this->fileManager = $fileManager;
        $this->config = $config;
+        $this->metadata = $metadata;
        $this->preferences = $preferences;

-        $this->unifier = new \Espo\Core\Utils\File\Unifier($this->fileManager);
+        $this->unifier = new \Espo\Core\Utils\File\Unifier($this->fileManager, $this->metadata);
    }

    protected function getFileManager()
@@ -81,6 +83,11 @@ class Language
        return $this->config;
    }

+    protected function getMetadata()
+    {
+        return $this->metadata;
+    }
+
    protected function getPreferences()
    {
        return $this->preferences;
@@ -163,7 +170,7 @@ class Language
        return $translated;
    }

-    public function translateOption($value, $field, $scope)
+    public function translateOption($value, $field, $scope = 'Global')
    {
        $options = $this->get($scope. '.options.' . $field);
        if (array_key_exists($value, $options)) {
--- a/application/Espo/Core/Utils/Layout.php
+++ b/application/Espo/Core/Utils/Layout.php
@@ -66,23 +66,31 @@ class Layout
        return $this->metadata;
    }

+    protected function sanitizeInput($name)
+    {
+        return preg_replace("([\.]{2,})", '', $name);
+    }
+
    /**
     * Get Layout context
     *
-     * @param $controller
+     * @param $scope
     * @param $name
     *
     * @return json
     */
-    public function get($controller, $name)
+    public function get($scope, $name)
    {
-        if (isset($this->changedData[$controller][$name])) {
-            return Json::encode($this->changedData[$controller][$name]);
+        $scope = $this->sanitizeInput($scope);
+        $name = $this->sanitizeInput($name);
+
+        if (isset($this->changedData[$scope][$name])) {
+            return Json::encode($this->changedData[$scope][$name]);
        }

-        $fileFullPath = Util::concatPath($this->getLayoutPath($controller, true), $name.'.json');
+        $fileFullPath = Util::concatPath($this->getLayoutPath($scope, true), $name.'.json');
        if (!file_exists($fileFullPath)) {
-            $fileFullPath = Util::concatPath($this->getLayoutPath($controller), $name.'.json');
+            $fileFullPath = Util::concatPath($this->getLayoutPath($scope), $name.'.json');
        }

        if (!file_exists($fileFullPath)) {
@@ -101,21 +109,39 @@ class Layout

    /**
     * Set Layout data
-     * Ex. $controller = Account, $name = detail then will be created a file layoutFolder/Account/detail.json
+     * Ex. $scope = Account, $name = detail then will be created a file layoutFolder/Account/detail.json
     *
     * @param array $data
-     * @param string $controller - ex. Account
+     * @param string $scope - ex. Account
     * @param string $name - detail
     *
     * @return void
     */
-    public function set($data, $controller, $name)
+    public function set($data, $scope, $name)
    {
-        if (empty($controller) || empty($name)) {
+        $scope = $this->sanitizeInput($scope);
+        $name = $this->sanitizeInput($name);
+
+        if (empty($scope) || empty($name)) {
            return false;
        }

-        $this->changedData[$controller][$name] = $data;
+        $this->changedData[$scope][$name] = $data;
+    }
+
+    public function resetToDefault($scope, $name)
+    {
+        $scope = $this->sanitizeInput($scope);
+        $name = $this->sanitizeInput($name);
+
+        $filePath = 'custom/Espo/Custom/Resources/layouts/' . $scope . '/' . $name . '.json';
+        if ($this->getFileManager()->isFile($filePath)) {
+            $this->getFileManager()->removeFile($filePath);
+        }
+        if (!empty($this->changedData[$scope]) && !empty($this->changedData[$scope][$name])) {
+            unset($this->changedData[$scope][$name]);
+        }
+        return $this->get($scope, $name);
    }

    /**
@@ -128,15 +154,15 @@ class Layout
        $result = true;

        if (!empty($this->changedData)) {
-            foreach ($this->changedData as $controllerName => $rowData) {
+            foreach ($this->changedData as $scope => $rowData) {
                foreach ($rowData as $layoutName => $layoutData) {

-                    if (empty($controllerName) || empty($layoutName)) {
+                    if (empty($scope) || empty($layoutName)) {
                        continue;
                    }

-                    $layoutPath = $this->getLayoutPath($controllerName, true);
-                    $data = Json::encode($layoutData, \JSON_PRETTY_PRINT);
+                    $layoutPath = $this->getLayoutPath($scope, true);
+                    $data = Json::encode($layoutData, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE);

                    $result &= $this->getFileManager()->putContents(array($layoutPath, $layoutName.'.json'), $data);
                }
@@ -162,17 +188,20 @@ class Layout

    /**
     * Merge layout data
-     * Ex. $controller= Account, $name= detail then will be created a file layoutFolder/Account/detail.json
+     * Ex. $scope= Account, $name= detail then will be created a file layoutFolder/Account/detail.json
     *
     * @param JSON string $data
-     * @param string $controller - ex. Account
+     * @param string $scope - ex. Account
     * @param string $name - detail
     *
     * @return bool
     */
-    public function merge($data, $controller, $name)
+    public function merge($data, $scope, $name)
    {
-        $prevData = $this->get($controller, $name);
+        $scope = $this->sanitizeInput($scope);
+        $name = $this->sanitizeInput($name);
+
+        $prevData = $this->get($scope, $name);

        $prevDataArray = Json::getArrayData($prevData);
        $dataArray = Json::getArrayData($data);
@@ -180,7 +209,7 @@ class Layout
        $data = Util::merge($prevDataArray, $dataArray);
        $data = Json::encode($data);

-        return $this->set($data, $controller, $name);
+        return $this->set($data, $scope, $name);
    }

    /**
@@ -208,9 +237,4 @@ class Layout

        return $path;
    }
-
-
 }
-
-
-?>
--- a/application/Espo/Core/Utils/Metadata.php
+++ b/application/Espo/Core/Utils/Metadata.php
@@ -28,13 +28,12 @@ class Metadata
 {
    protected $meta = null;

-    protected $scopes = array();
-
    private $config;
    private $unifier;
    private $fileManager;
    private $converter;
    private $moduleConfig;
+    private $metadataHelper;

    /**
     * @var string - uses for loading default values
@@ -76,12 +75,6 @@ class Metadata
    {
        $this->config = $config;
        $this->fileManager = $fileManager;
-
-        $this->unifier = new \Espo\Core\Utils\File\Unifier($this->fileManager);
-
-        $this->converter = new \Espo\Core\Utils\Database\Converter($this, $this->fileManager);
-
-        $this->moduleConfig = new \Espo\Core\Utils\Module($this->config, $this->fileManager);
    }

    protected function getConfig()
@@ -89,26 +82,47 @@ class Metadata
        return $this->config;
    }

-    protected function getUnifier()
-    {
-        return $this->unifier;
-    }
-
    protected function getFileManager()
    {
        return $this->fileManager;
    }

+    protected function getUnifier()
+    {
+        if (!isset($this->unifier)) {
+            $this->unifier = new \Espo\Core\Utils\File\Unifier($this->fileManager, $this);
+        }
+
+        return $this->unifier;
+    }
+
    protected function getConverter()
    {
+        if (!isset($this->converter)) {
+            $this->converter = new \Espo\Core\Utils\Database\Converter($this, $this->fileManager);
+        }
+
        return $this->converter;
    }

    protected function getModuleConfig()
    {
+        if (!isset($this->moduleConfig)) {
+            $this->moduleConfig = new \Espo\Core\Utils\Module($this->config, $this->fileManager);
+        }
+
        return $this->moduleConfig;
    }

+    protected function getMetadataHelper()
+    {
+        if (!isset($this->metadataHelper)) {
+            $this->metadataHelper = new Metadata\Helper($this);
+        }
+
+        return $this->metadataHelper;
+    }
+
    public function isCached()
    {
        if (!$this->getConfig()->get('useCache')) {
@@ -137,8 +151,10 @@ class Metadata
        if (file_exists($this->cacheFile) && !$reload) {
            $this->meta = $this->getFileManager()->getPhpContents($this->cacheFile);
        } else {
+            $this->clearVars();
            $this->meta = $this->getUnifier()->unify($this->name, $this->paths, true);
            $this->meta = $this->setLanguageFromConfig($this->meta);
+            $this->meta = $this->addAdditionalFields($this->meta);

            if ($this->getConfig()->get('useCache')) {
                $isSaved = $this->getFileManager()->putPhpContents($this->cacheFile, $this->meta);
@@ -197,6 +213,7 @@ class Metadata
    }

    /**
+     * todo: move to a separate file
     * Set language list and default for Settings, Preferences metadata
     *
     * @param array $data Meta
@@ -222,6 +239,37 @@ class Metadata
        return $data;
    }

+    /**
+     * todo: move to a separate file
+     * Add additional fields defined from metadata -> fields
+     *
+     * @param array $meta
+     */
+    protected function addAdditionalFields(array $meta)
+    {
+        $metaCopy = $meta;
+        $definitionList = $meta['fields'];
+
+        foreach ($metaCopy['entityDefs'] as $entityName => $entityParams) {
+            foreach ($entityParams['fields'] as $fieldName => $fieldParams) {
+
+                $additionalFields = $this->getMetadataHelper()->getAdditionalFieldList($fieldName, $fieldParams, $definitionList);
+                if (!empty($additionalFields)) {
+                    //merge or add to the end of meta array
+                    foreach ($additionalFields as $subFieldName => $subFieldParams) {
+                        if (isset($entityParams['fields'][$subFieldName])) {
+                            $meta['entityDefs'][$entityName]['fields'][$subFieldName] = Util::merge($subFieldParams, $entityParams['fields'][$subFieldName]);
+                        } else {
+                            $meta['entityDefs'][$entityName]['fields'][$subFieldName] = $subFieldParams;
+                        }
+                    }
+                }
+            }
+        }
+
+        return $meta;
+    }
+
    /**
    * Set Metadata data
    * Ex. $key1 = menu, $key2 = Account then will be created a file metadataFolder/menu/Account.json
@@ -430,8 +478,7 @@ class Metadata
            }
        }

-        krsort($modulesToSort);
-        asort($modulesToSort);
+        array_multisort(array_values($modulesToSort), SORT_ASC, array_keys($modulesToSort), SORT_ASC, $modulesToSort);

        $this->moduleList = array_keys($modulesToSort);
    }
@@ -482,4 +529,16 @@ class Metadata

        return $path;
    }
+
+    /**
+     * Clear metadata variables when reload meta
+     *
+     * @return void
+     */
+    protected function clearVars()
+    {
+        $this->meta = null;
+        $this->moduleList = null;
+        $this->ormMeta = null;
+    }
 }
--- a/application/Espo/Core/Utils/Metadata/Helper.php
+++ b/application/Espo/Core/Utils/Metadata/Helper.php
@@ -22,10 +22,26 @@

 namespace Espo\Core\Utils\Metadata;

-class Utils
+use Espo\Core\Utils\Util;
+
+class Helper
 {
    private $metadata;

+    protected $defaultNaming = 'postfix';
+
+    /**
+     * List of copied params for metadata -> 'fields' from parent items
+     */
+    protected $copiedDefParams = array(
+        'readOnly',
+        'notStorable',
+        'layoutListDisabled',
+        'layoutDetailDisabled',
+        'layoutMassUpdateDisabled',
+        'layoutFiltersDisabled',
+    );
+
    public function __construct(\Espo\Core\Utils\Metadata $metadata)
    {
        $this->metadata = $metadata;
@@ -102,7 +118,41 @@ class Utils
        return $linkFieldDefsByType;
    }

-}
+    /**
+     * Get additional field list based on field definition in metadata 'fields'
+     *
+     * @param  string     $fieldName
+     * @param  array     $fieldParams
+     * @param  array|null $definitionList
+     *
+     * @return array
+     */
+    public function getAdditionalFieldList($fieldName, array $fieldParams, array $definitionList = null)
+    {
+        if (empty($fieldParams['type'])) {
+            return;
+        }

+        $fieldType = $fieldParams['type'];
+        $fieldDefinition = isset($definitionList[$fieldType]) ? $definitionList[$fieldType] : $this->getMetadata()->get('fields.'.$fieldType);

-?>
+        if (!empty($fieldDefinition['fields']) && is_array($fieldDefinition['fields'])) {
+
+            $copiedParams = array_intersect_key($fieldParams, array_flip($this->copiedDefParams));
+
+            $additionalFields = array();
+
+            //add additional fields
+            foreach ($fieldDefinition['fields'] as $subFieldName => $subFieldParams) {
+                $namingType = isset($fieldDefinition['naming']) ? $fieldDefinition['naming'] : $this->defaultNaming;
+
+                $subFieldNaming = Util::getNaming($fieldName, $subFieldName, $namingType);
+                $additionalFields[$subFieldNaming] = array_merge($copiedParams, $subFieldParams);
+            }
+
+            return $additionalFields;
+        }
+
+    }
+
+}
--- a/application/Espo/Core/Utils/Number.php
+++ b/application/Espo/Core/Utils/Number.php
@@ -0,0 +1,60 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ ************************************************************************/
+
+namespace Espo\Core\Utils;
+
+class Number
+{
+    protected $decimalMark;
+
+    protected $thousandSeparator;
+
+    public function __construct($decimalMark = '.', $thousandSeparator = ',')
+    {
+        $this->decimalMark = $decimalMark;
+        $this->thousandSeparator = $thousandSeparator;
+    }
+
+    public function format($value, $decimals = null)
+    {
+        if (!is_null($decimals)) {
+             return number_format($value, $decimals, $this->decimalMark, $this->thousandSeparator);
+        } else {
+            $s = strval($value);
+            $arr = explode('.', $value);
+
+            $r = '0';
+            if (!empty($arr[0])) {
+                $r = number_format(intval($arr[0]), 0, '.', $this->thousandSeparator);
+            }
+
+            if (!empty($arr[1])) {
+                $r = $r . $this->decimalMark . $arr[1];
+            }
+
+            return $r;
+        }
+    }
+
+}
+
+
--- a/application/Espo/Core/Utils/ThemeManager.php
+++ b/application/Espo/Core/Utils/ThemeManager.php
@@ -0,0 +1,52 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ ************************************************************************/
+
+namespace Espo\Core\Utils;
+
+class ThemeManager
+{
+    protected $config;
+
+    protected $metadata;
+
+    private $defaultName = 'Espo';
+
+    private $defaultStylesheet = 'Espo';
+
+    public function __construct(Config $config, Metadata $metadata)
+    {
+        $this->config = $config;
+        $this->metadata = $metadata;
+    }
+
+    public function getName()
+    {
+        return $this->config->get('theme', $this->defaultName);
+    }
+
+    public function getStylesheet()
+    {
+        return $this->metadata->get('themes.' . $this->getName() . '.stylesheet', 'client/css/espo.css');
+    }
+}
+
+
--- a/application/Espo/Core/Utils/Util.php
+++ b/application/Espo/Core/Utils/Util.php
@@ -186,19 +186,25 @@ class Util
     */
    public static function unsetInArrayByValue($needle, array $haystack, $reIndex = true)
    {
+        $doReindex = false;
+
        foreach($haystack as $key => $value) {
            if (is_array($value)) {
                $haystack[$key] = static::unsetInArrayByValue($needle, $value);
            } else if ($needle === $value) {

+                unset($haystack[$key]);
+
                if ($reIndex) {
-                    array_splice($haystack, $key, 1);
-                } else {
-                    unset($haystack[$key]);
+                    $doReindex = true;
                }
            }
        }

+        if ($doReindex) {
+            $haystack = array_values($haystack);
+        }
+
        return $haystack;
    }

--- a/application/Espo/Core/defaults/config.php
+++ b/application/Espo/Core/defaults/config.php
@@ -91,7 +91,7 @@ return array (
    "tabList" => array("Account", "Contact", "Lead", "Opportunity", "Calendar", "Meeting", "Call", "Task", "Case", "Email", "Document", "Campaign"),
    "quickCreateList" => array("Account", "Contact", "Lead", "Opportunity", "Meeting", "Call", "Task", "Case"),
    'calendarDefaultEntity' => 'Meeting',
-    'disableExport' => false,
+    'exportDisabled' => false,
    'assignmentEmailNotifications' => false,
    'assignmentEmailNotificationsEntityList' => array('Lead', 'Opportunity', 'Task', 'Case'),
    'assignmentNotificationsEntityList' => array('Meeting', 'Call', 'Task', 'Email'),
@@ -100,6 +100,9 @@ return array (
    'disabledCountQueryEntityList' => array('Email'),
    'maxEmailAccountCount' => 2,
    'followCreatedEntities' => false,
+    'b2cMode' => false,
+    'restrictedMode' => false,
+    'theme' => 'Espo',
    'isInstalled' => false,
 );

--- a/application/Espo/Core/defaults/layout/detailSmall.json
+++ b/application/Espo/Core/defaults/layout/detailSmall.json
@@ -1,6 +1,6 @@
 [{
    "label":"",
    "rows": [
-        [{"name":"name"}]
+        [{"name":"name", "fullWidth": true}, false]
    ]
 }]
--- a/application/Espo/Core/defaults/systemConfig.php
+++ b/application/Espo/Core/defaults/systemConfig.php
@@ -84,14 +84,14 @@ return array (
        'permissionMap',
        'permissionRules',
        'passwordSalt',
-        'cryptKey'
+        'cryptKey',
+        'restrictedMode',
+        'userLimit',
+        'stylesheet'
    ),
    'adminItems' =>
    array (
        'devMode',
-        'outboundEmailIsShared',
-        'outboundEmailFromName',
-        'outboundEmailFromAddress',
        'smtpServer',
        'smtpPort',
        'smtpAuth',
--- a/application/Espo/Modules/Crm/Entities/InboundEmail.php
+++ b/application/Espo/Modules/Crm/Entities/InboundEmail.php
@@ -18,9 +18,9 @@
 *
 * You should have received a copy of the GNU General Public License
 * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
- ************************************************************************/ 
+ ************************************************************************/

-namespace Espo\Modules\Crm\Entities;
+namespace Espo\Entities;

 class InboundEmail extends \Espo\Core\ORM\Entity
 {
--- a/application/Espo/Entities/Template.php
+++ b/application/Espo/Entities/Template.php
@@ -0,0 +1,28 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ ************************************************************************/
+
+namespace Espo\Entities;
+
+class Template extends \Espo\Core\ORM\Entity
+{
+
+}
--- a/application/Espo/EntryPoints/ChangePassword.php
+++ b/application/Espo/EntryPoints/ChangePassword.php
@@ -18,7 +18,7 @@
 *
 * You should have received a copy of the GNU General Public License
 * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
- ************************************************************************/ 
+ ************************************************************************/

 namespace Espo\EntryPoints;

@@ -29,7 +29,7 @@ use \Espo\Core\Exceptions\BadRequest;
 class ChangePassword extends \Espo\Core\EntryPoints\Base
 {
    public static $authRequired = false;
-    
+
    public function run()
    {
        $requestId = $_GET['id'];
@@ -38,6 +38,7 @@ class ChangePassword extends \Espo\Core\EntryPoints\Base
        }

        $config = $this->getConfig();
+        $themeManager = $this->getThemeManager();

        $p = $this->getEntityManager()->getRepository('PasswordChangeRequest')->where(array(
            'requestId' => $requestId
@@ -56,9 +57,15 @@ class ChangePassword extends \Espo\Core\EntryPoints\Base
        $html = file_get_contents('main.html');
        $html = str_replace('{{cacheTimestamp}}', $config->get('cacheTimestamp', 0), $html);
        $html = str_replace('{{useCache}}', $config->get('useCache') ? 'true' : 'false' , $html);
+        $html = str_replace('{{stylesheet}}', $themeManager->getStylesheet(), $html);
        $html = str_replace('{{runScript}}', $runScript , $html);
        echo $html;
        exit;
    }
+
+    protected function getThemeManager()
+    {
+        return $this->getContainer()->get('themeManager');
+    }
 }

--- a/application/Espo/EntryPoints/Download.php
+++ b/application/Espo/EntryPoints/Download.php
@@ -43,10 +43,10 @@ class Download extends \Espo\Core\EntryPoints\Base

    public function run()
    {
-        $id = $_GET['id'];
-        if (empty($id)) {
+        if (empty($_GET['id'])) {
            throw new BadRequest();
        }
+        $id = $_GET['id'];

        $attachment = $this->getEntityManager()->getEntity('Attachment', $id);

--- a/application/Espo/EntryPoints/Image.php
+++ b/application/Espo/EntryPoints/Image.php
@@ -30,13 +30,13 @@ use \Espo\Core\Exceptions\Error;
 class Image extends \Espo\Core\EntryPoints\Base
 {
    public static $authRequired = true;
-    
+
    protected $allowedFileTypes = array(
        'image/jpeg',
        'image/png',
        'image/gif',
    );
-    
+
    protected $imageSizes = array(
        'xxx-small' => array(18, 18),
        'xx-small' => array(32, 32),
@@ -47,59 +47,58 @@ class Image extends \Espo\Core\EntryPoints\Base
        'x-large' => array(864, 864),
        'xx-large' => array(1024, 1024),
    );
-    
-    
+
+
    public function run()
    {
        if (empty($_GET['id'])) {
            throw new BadRequest();
        }
-
        $id = $_GET['id'];
-            
+
        $size = null;
        if (!empty($_GET['size'])) {
            $size = $_GET['size'];
        }
-        
+
        $this->show($id, $size);
    }
-    
+
    protected function show($id, $size)
    {
        $attachment = $this->getEntityManager()->getEntity('Attachment', $id);
-        
+
        if (!$attachment) {
            throw new NotFound();
        }
-        
+
        if ($attachment->get('parentId') && $attachment->get('parentType')) {
            $parent = $this->getEntityManager()->getEntity($attachment->get('parentType'), $attachment->get('parentId'));
            if ($parent && !$this->getAcl()->check($parent)) {
                throw new Forbidden();
            }
        }
-        
+
        $filePath = "data/upload/{$attachment->id}";
-        
+
        $fileType = $attachment->get('type');
-        
+
        if (!file_exists($filePath)) {
            throw new NotFound();
        }
-        
+
        if (!in_array($fileType, $this->allowedFileTypes)) {
            throw new Error();
        }
-        
+
        if (!empty($size)) {
            if (!empty($this->imageSizes[$size])) {
                $thumbFilePath = "data/upload/thumbs/{$attachment->id}_{$size}";
-                
+
                if (!file_exists($thumbFilePath)) {
                    $targetImage = $this->getThumbImage($filePath, $fileType, $size);
                    ob_start();
-                    
+
                    switch ($fileType) {
                        case 'image/jpeg':
                            imagejpeg($targetImage);
@@ -117,12 +116,12 @@ class Image extends \Espo\Core\EntryPoints\Base
                    $this->getContainer()->get('fileManager')->putContents($thumbFilePath, $contents);
                }
                $filePath = $thumbFilePath;
-        
+
            } else {
                throw new Error();
            }
        }
-        
+
        if (!empty($size)) {
            $fileName = $attachment->id . '_' . $size . '.jpg';
        } else {
@@ -143,12 +142,12 @@ class Image extends \Espo\Core\EntryPoints\Base
        readfile($filePath);
        exit;
    }
-    
+
    protected function getThumbImage($filePath, $fileType, $size)
    {
        list($originalWidth, $originalHeight) = getimagesize($filePath);
        list($width, $height) = $this->imageSizes[$size];
-    
+
        if ($originalWidth <= $width && $originalHeight <= $height) {
            $targetWidth = $originalWidth;
            $targetHeight = $originalHeight;
@@ -169,7 +168,7 @@ class Image extends \Espo\Core\EntryPoints\Base
                }
            }
        }
-                
+
        $targetImage = imagecreatetruecolor($targetWidth, $targetHeight);
        switch ($fileType) {
            case 'image/jpeg':
@@ -189,8 +188,8 @@ class Image extends \Espo\Core\EntryPoints\Base
                imagecopyresampled($targetImage, $sourceImage, 0, 0, 0, 0, $targetWidth, $targetHeight, $originalWidth, $originalHeight);
                break;
        }
-        
-        
+
+
        return $targetImage;
    }
 }
--- a/application/Espo/EntryPoints/Pdf.php
+++ b/application/Espo/EntryPoints/Pdf.php
@@ -0,0 +1,95 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ ************************************************************************/
+
+namespace Espo\EntryPoints;
+
+use \Espo\Core\Exceptions\NotFound;
+use \Espo\Core\Exceptions\Forbidden;
+use \Espo\Core\Exceptions\BadRequest;
+use \Espo\Core\Htmlizer\Htmlizer;
+
+
+class Pdf extends \Espo\Core\EntryPoints\Base
+{
+    public static $authRequired = true;
+
+    public function run()
+    {
+
+        if (empty($_GET['entityId']) || empty($_GET['entityType']) || empty($_GET['templateId'])) {
+            throw new BadRequest();
+        }
+        $entityId = $_GET['entityId'];
+        $entityType = $_GET['entityType'];
+        $templateId = $_GET['templateId'];
+
+        $entity = $this->getEntityManager()->getEntity($entityType, $entityId);
+        $template = $this->getEntityManager()->getEntity('Template', $templateId);
+
+        $this->getContainer()->get('serviceFactory')->create($entityType)->loadAdditionalFields($entity);
+
+        if (!$entity || !$template) {
+            throw new NotFound();
+        }
+
+        if ($template->get('entityType') !== $entityType) {
+            throw new Forbidden();
+        }
+
+        if (!$this->getAcl()->check($entity, 'read') || !$this->getAcl()->check($template, 'read')) {
+            throw new Forbidden();
+        }
+
+        $fileName = $entity->get('name') . '.pdf';
+
+        $htmlizer = new Htmlizer($this->getFileManager(), $this->getDateTime(), $this->getNumber());
+
+        $pdf = new \Espo\Core\Pdf\Tcpdf();
+        $pdf->setFont('freesans', '', 12, '', true);
+        $pdf->setPrintHeader(false);
+
+        $pdf->setAutoPageBreak(true, $template->get('bottomMargin'));
+        $pdf->setMargins($template->get('leftMargin'), $template->get('topMargin'), $template->get('rightMargin'));
+
+
+        if ($template->get('printFooter')) {
+            $htmlFooter = $htmlizer->render($entity, $template->get('footer'));
+            $pdf->setFooterPosition($template->get('footerPosition'));
+            $pdf->setFooterHtml($htmlFooter);
+        } else {
+            $pdf->setPrintFooter(false);
+        }
+
+        $pdf->addPage();
+
+        $htmlHeader = $htmlizer->render($entity, $template->get('header'));
+        $pdf->writeHTML($htmlHeader, true, false, true, false, '');
+
+        $htmlBody = $htmlizer->render($entity, $template->get('body'));
+        $pdf->writeHTML($htmlBody, true, false, true, false, '');
+
+        $pdf->output($fileName);
+
+        exit;
+    }
+}
+
--- a/Show More
+++ b/Show More