v

fix upgrade script
Bug fixes
2026-03-09 13:37:00 +00:00 · 2020-10-22 12:14:40 +03:00 · 2020-10-22 11:47:59 +03:00 · 2020-10-22 11:30:00 +03:00 · 2020-10-21 15:33:42 +03:00 · 2020-10-21 12:00:47 +03:00
1397 changed files with 78439 additions and 36132 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -4,6 +4,7 @@
 /data/preferences/*
 /data/.backup/*
 /data/config.php
+/data/tmp/*
 /build
 /node_modules
 npm-debug.log
@@ -13,6 +14,7 @@ npm-debug.log
 /tests/unit/testData/cache/*
 !/tests/unit/testData/cache/.data
 /tests/integration/config.php
+.phpunit.result.cache
 composer.phar
 vendor/
 /custom/Espo/Custom/*
--- a/.htaccess
+++ b/.htaccess
@@ -20,5 +20,5 @@ DirectoryIndex index.php index.html

  RewriteRule .* - [E=HTTP_ESPO_CGI_AUTH:%{HTTP:Authorization}]

-  RewriteRule reset/?$ reset.html [QSA,L]
+  RewriteRule /?web\.config - [F]
 </IfModule>
--- a/Gruntfile.js
+++ b/Gruntfile.js
@@ -21,10 +21,11 @@

 /**
  * * `grunt` - full build
-  * * `grunt dev` - build only items needed for development
-  * * `grunt offline` - skips *composer install*
+  * * `grunt dev` - build only items needed for development (takes less time)
+  * * `grunt offline` - build but skip *composer install*
  * * `grant release` - full build plus upgrade packages`
-  * * `grant tests` - build and run tests
+  * * `grant test` - build for test running
+  * * `grant run-tests` - build and run unit and integratino tests
  */

 module.exports = function (grunt) {
@@ -48,6 +49,7 @@ module.exports = function (grunt) {
        'client/lib/bull.js',
        'client/lib/marked.min.js',
        'client/lib/autobahn.js',
+        'client/lib/gridstack.all.js',

        'client/src/namespace.js',
        'client/src/exceptions.js',
@@ -210,6 +212,7 @@ module.exports = function (grunt) {
                    'daemon.php',
                    'rebuild.php',
                    'clear_cache.php',
+                    'preload.php',
                    'upgrade.php',
                    'extension.php',
                    'websocket.php',
@@ -287,8 +290,8 @@ module.exports = function (grunt) {
                },
                files: [
                    {
-                        src: 'build/tmp/application/Espo/Core/defaults/config.php',
-                        dest: 'build/tmp/application/Espo/Core/defaults/config.php'
+                        src: 'build/tmp/application/Espo/Resources/defaults/config.php',
+                        dest: 'build/tmp/application/Espo/Resources/defaults/config.php'
                    }
                ]
            }
@@ -300,19 +303,23 @@ module.exports = function (grunt) {
    });

    grunt.registerTask("composer", function() {
-        cp.execSync("composer install", {stdio: 'ignore'});
+        cp.execSync("composer install --ignore-platform-reqs --no-dev", {stdio: 'ignore'});
+    });
+
+    grunt.registerTask("composer-dev", function() {
+        cp.execSync("composer install --ignore-platform-reqs", {stdio: 'ignore'});
    });

    grunt.registerTask("upgrade", function() {
        cp.execSync("node diff --all --vendor", {stdio: 'inherit'});
    });

-    grunt.registerTask("unit-tests", function() {
-        cp.execSync("phpunit --bootstrap=vendor/autoload.php tests/unit", {stdio: 'inherit'});
+    grunt.registerTask("unit-tests-run", function() {
+        cp.execSync("vendor/bin/phpunit --bootstrap=./vendor/autoload.php ./tests/unit", {stdio: 'inherit'});
    });

-    grunt.registerTask("integration-tests", function() {
-        cp.execSync("phpunit --bootstrap=vendor/autoload.php tests/integration", {stdio: 'inherit'});
+    grunt.registerTask("integration-tests-run", function() {
+        cp.execSync("vendor/bin/phpunit --bootstrap=./vendor/autoload.php ./tests/integration", {stdio: 'inherit'});
    });

    grunt.registerTask("zip", function() {
@@ -382,14 +389,29 @@ module.exports = function (grunt) {
        'clean:release',
    ]);

-    grunt.registerTask('tests', [
-        'default',
-        'unit-tests',
-        'integration-tests',
+    grunt.registerTask('run-tests', [
+        'test',
+        'unit-tests-run',
+        'integration-tests-run',
+    ]);
+
+    grunt.registerTask('run-unit-tests', [
+        'composer-dev',
+        'unit-tests-run',
+    ]);
+
+    grunt.registerTask('run-integration-tests', [
+        'test',
+        'integration-tests-run',
    ]);

    grunt.registerTask('dev', [
-        'composer',
+        'composer-dev',
        'less',
    ]);
+
+    grunt.registerTask('test', [
+        'composer-dev',
+        'offline',
+    ]);
 };
--- a/README.md
+++ b/README.md
@@ -1,21 +1,21 @@
 ## EspoCRM

-<a href='https://www.espocrm.com'>EspoCRM is an Open Source CRM</a> (Customer Relationship Management) software that allows you to see, enter and evaluate all your company relationships regardless of the type. People, companies or opportunities - all in an easy and intuitive interface.
+[EspoCRM is an Open Source CRM](https://www.espocrm.com) (Customer Relationship Management) software that allows you to see, enter and evaluate all your company relationships regardless of the type. People, companies or opportunities - all in an easy and intuitive interface.

-It's a web application with a frontend designed as a single page application based on backbone.js and a REST API backend written in PHP.
+It's a web application with a frontend designed as a single page application and REST API backend written in PHP.

-Download the latest release from our [website](https://www.espocrm.com).
+[Download](https://www.espocrm.com/download/) the latest release from our website.

 ### Requirements

 * PHP 7.2 and later (with pdo, json, gd, openssl, zip, imap, mbstring, curl extensions);
 * MySQL 5.7 (and later), or MariaDB 10.1 (and later).

-For more information about server configuration see [this article](https://www.espocrm.com/documentation/administration/server-configuration/).
+For more information about server configuration see [this article](https://docs.espocrm.com/administration/server-configuration/).

 ### Documentation

-Documentation for administrators, users and developers is available [here](https://www.espocrm.com/documentation/).
+Documentation for administrators, users and developers is available [here](https://docs.espocrm.com).

 ### How to report a bug

@@ -23,34 +23,15 @@ Create an issue [here](https://github.com/espocrm/espocrm/issues) or post on our

 ### How to install a stable version

-[Download](https://www.espocrm.com/download/) the latest version. See the [instructions](https://www.espocrm.com/documentation/administration/installation/) about installation.
+[Download](https://www.espocrm.com/download/) the latest version. See the [instructions](https://docs.espocrm.com/administration/installation/) about installation.

-### Getting started (for developers)
+### Development

-1. Clone repository to your local computer.
-2. Change to the project's root directory.
-3. Install [composer](https://getcomposer.org/doc/00-intro.md).
-4. Run `composer install` if composer is installed globally or `php composer.phar install` if locally.
+* [Getting started](https://docs.espocrm.com/development/how-to-start)
+* [Running tests](https://docs.espocrm.com/development/tests)
+* [Making translation](https://docs.espocrm.com/development/translation)

-Never update composer dependencies if you are going to contribute code back.
-
-Now you can build. Build will create compiled css files.
-
-To compose a proper config.php and populate database you can run install by opening `http(s)://{YOUR_CRM_URL}/install` location in a browser. Then open `data/config.php` file and add `isDeveloperMode => true`.
-
-### How to build (for developers)
-
-You need to have nodejs and Grunt CLI installed.
-
-1. Change to the project's root directory.
-2. Install project dependencies with `npm install`.
-3. Run Grunt with `grunt`.
-
-The build will be created in the `build` directory.
-
-Upgrade packages can be built with `grunt upgrade`.
-
-### How to contribute (for developers)
+### How to contribute

 Before we can merge your pull request you need to accept our CLA [here](https://github.com/espocrm/cla). It's very simple to do.

@@ -60,37 +41,6 @@ Branches:
 * *master* – develop branch; new features should be pushed to this branch;
 * *stable* – last stable release.

-### Running tests (for developers)
-
-You need to have *phpunit* installed.
-
-Unit tests:
-
-```
-phpunit --bootstrap=vendor/autoload.php tests/unit
-```
-
-Integration tests:
-
-```
-phpunit --bootstrap=vendor/autoload.php tests/integration
-```
-
-### How to make a translation
-
-Build po file with command:
-`node po.js en_EN`
-(specify needed language instead of en_EN)
-
-After that translate the generated po file.
-
-Build json files from the translated po file:
-
-1. Put your po file espocrm-en_EN.po into `build` directory
-2. Run `node lang.js en_EN`
-
-Json files will be created in build directory grouped by folders.
-
 ### License

 EspoCRM is published under the GNU GPLv3 [license](https://raw.githubusercontent.com/espocrm/espocrm/master/LICENSE.txt).
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -0,0 +1,9 @@
+# Security Policy
+
+## Reporting a vulnerability
+
+If you believe you have discovered a vulnerability in EspoCRM please contacts us via [this](https://www.espocrm.com/contacts/) or [this](https://www.espocrm.com/support/) forms.
+
+## Supported versions
+
+For severe vulnerabilities we provide fixes for 2 minor versions (the second number in the version string) back from the current stable version. Separate patches or manual fix guidelines will be provided for more old versions.
--- a/api/v1/.htaccess
+++ b/api/v1/.htaccess
@@ -9,4 +9,6 @@ RewriteEngine On
 RewriteRule .* - [E=HTTP_ESPO_CGI_AUTH:%{HTTP:Authorization}]

 RewriteCond %{REQUEST_FILENAME} !-f
-RewriteRule ^ index.php [QSA,L]
+RewriteRule ^ index.php [QSA,L]
+
+RewriteRule /?web\.config - [F]
--- a/api/v1/index.php
+++ b/api/v1/index.php
@@ -1,4 +1,4 @@
-<?php
+<?php
 /************************************************************************
 * This file is part of EspoCRM.
 *
@@ -29,5 +29,9 @@

 require_once('../../bootstrap.php');

-$app = new \Espo\Core\Application();
-$app->run();
+use Espo\Core\{
+    Application,
+    ApplicationRunners\Api,
+};
+
+(new Application())->run(Api::class);
--- a/api/v1/portal-access/.htaccess
+++ b/api/v1/portal-access/.htaccess
@@ -9,4 +9,6 @@ RewriteEngine On
 RewriteRule .* - [E=HTTP_ESPO_CGI_AUTH:%{HTTP:Authorization}]

 RewriteCond %{REQUEST_FILENAME} !-f
-RewriteRule ^ index.php [QSA,L]
+RewriteRule ^ index.php [QSA,L]
+
+RewriteRule /?web\.config - [F]
--- a/api/v1/portal-access/index.php
+++ b/api/v1/portal-access/index.php
@@ -29,11 +29,15 @@

 require_once('../../../bootstrap.php');

+use Espo\Core\{
+    Portal\Application,
+    Portal\ApplicationRunners\Api,
+};
+
 if (!empty($_GET['portalId'])) {
    $portalId = $_GET['portalId'];
 } else {
    $portalId = explode('/', $_SERVER['REQUEST_URI'])[count(explode('/', $_SERVER['SCRIPT_NAME'])) - 1];
 }

-$app = new \Espo\Core\Portal\Application($portalId);
-$app->run();
+(new Application($portalId))->run(Api::class);
--- a/application/Espo/Acl/ActionHistoryRecord.php
+++ b/application/Espo/Acl/ActionHistoryRecord.php
@@ -29,14 +29,13 @@

 namespace Espo\Acl;

-use \Espo\Entities\User as EntityUser;
-use \Espo\ORM\Entity;
+use Espo\Entities\User as EntityUser;
+use Espo\ORM\Entity;

-class ActionHistoryRecord extends \Espo\Core\Acl\Base
+class ActionHistoryRecord extends \Espo\Core\Acl\Acl
 {
    public function checkIsOwner(EntityUser $user, Entity $entity)
    {
        return $entity->get('userId') === $user->id;
    }
 }
-
--- a/application/Espo/Acl/Attachment.php
+++ b/application/Espo/Acl/Attachment.php
@@ -29,10 +29,10 @@

 namespace Espo\Acl;

-use \Espo\Entities\User as EntityUser;
-use \Espo\ORM\Entity;
+use Espo\Entities\User as EntityUser;
+use Espo\ORM\Entity;

-class Attachment extends \Espo\Core\Acl\Base
+class Attachment extends \Espo\Core\Acl\Acl
 {
    public function checkEntityRead(EntityUser $user, Entity $entity, $data)
    {
@@ -90,4 +90,3 @@ class Attachment extends \Espo\Core\Acl\Base
        return false;
    }
 }
-
--- a/application/Espo/Acl/Email.php
+++ b/application/Espo/Acl/Email.php
@@ -29,10 +29,10 @@

 namespace Espo\Acl;

-use \Espo\Entities\User as EntityUser;
-use \Espo\ORM\Entity;
+use Espo\Entities\User as EntityUser;
+use Espo\ORM\Entity;

-class Email extends \Espo\Core\Acl\Base
+class Email extends \Espo\Core\Acl\Acl
 {
    protected $ownerUserIdAttribute = 'usersIds';

--- a/application/Espo/Acl/EmailAddress.php
+++ b/application/Espo/Acl/EmailAddress.php
@@ -29,10 +29,10 @@

 namespace Espo\Acl;

-use \Espo\Entities\User as EntityUser;
-use \Espo\ORM\Entity;
+use Espo\Entities\User as EntityUser;
+use Espo\ORM\Entity;

-class EmailAddress extends \Espo\Core\Acl\Base
+class EmailAddress extends \Espo\Core\Acl\Acl
 {
    public function checkEditInEntity(EntityUser $user, Entity $entity, Entity $excludeEntity)
    {
@@ -62,4 +62,3 @@ class EmailAddress extends \Espo\Core\Acl\Base
        return !$isFobidden;
    }
 }
-
--- a/application/Espo/Acl/EmailFilter.php
+++ b/application/Espo/Acl/EmailFilter.php
@@ -29,10 +29,10 @@

 namespace Espo\Acl;

-use \Espo\Entities\User as EntityUser;
-use \Espo\ORM\Entity;
+use Espo\Entities\User as EntityUser;
+use Espo\ORM\Entity;

-class EmailFilter extends \Espo\Core\Acl\Base
+class EmailFilter extends \Espo\Core\Acl\Acl
 {
    public function checkIsOwner(EntityUser $user, Entity $entity)
    {
@@ -53,4 +53,3 @@ class EmailFilter extends \Espo\Core\Acl\Base
        return;
    }
 }
-
--- a/application/Espo/Acl/Import.php
+++ b/application/Espo/Acl/Import.php
@@ -29,12 +29,11 @@

 namespace Espo\Acl;

-use \Espo\Entities\User as EntityUser;
-use \Espo\ORM\Entity;
+use Espo\Entities\User as EntityUser;
+use Espo\ORM\Entity;

-class Import extends \Espo\Core\Acl\Base
+class Import extends \Espo\Core\Acl\Acl
 {
-
    public function checkEntityRead(EntityUser $user, Entity $entity, $data)
    {
        if ($user->isAdmin()) return true;
--- a/application/Espo/Acl/Note.php
+++ b/application/Espo/Acl/Note.php
@@ -29,10 +29,10 @@

 namespace Espo\Acl;

-use \Espo\Entities\User as EntityUser;
-use \Espo\ORM\Entity;
+use Espo\Entities\User as EntityUser;
+use Espo\ORM\Entity;

-class Note extends \Espo\Core\Acl\Base
+class Note extends \Espo\Core\Acl\Acl
 {
    protected $deleteThresholdPeriod = '1 month';

--- a/application/Espo/Acl/Notification.php
+++ b/application/Espo/Acl/Notification.php
@@ -29,10 +29,10 @@

 namespace Espo\Acl;

-use \Espo\Entities\User as EntityUser;
-use \Espo\ORM\Entity;
+use Espo\Entities\User as EntityUser;
+use Espo\ORM\Entity;

-class Notification extends \Espo\Core\Acl\Base
+class Notification extends \Espo\Core\Acl\Acl
 {
    public function checkIsOwner(EntityUser $user, Entity $entity)
    {
@@ -42,4 +42,3 @@ class Notification extends \Espo\Core\Acl\Base
        return false;
    }
 }
-
--- a/application/Espo/Acl/PhoneNumber.php
+++ b/application/Espo/Acl/PhoneNumber.php
@@ -29,10 +29,10 @@

 namespace Espo\Acl;

-use \Espo\Entities\User as EntityUser;
-use \Espo\ORM\Entity;
+use Espo\Entities\User as EntityUser;
+use Espo\ORM\Entity;

-class PhoneNumber extends \Espo\Core\Acl\Base
+class PhoneNumber extends \Espo\Core\Acl\Acl
 {
    public function checkEditInEntity(EntityUser $user, Entity $entity, Entity $excludeEntity)
    {
--- a/application/Espo/Acl/ScheduledJob.php
+++ b/application/Espo/Acl/ScheduledJob.php
@@ -29,10 +29,10 @@

 namespace Espo\Acl;

-use \Espo\Entities\User as EntityUser;
-use \Espo\ORM\Entity;
+use Espo\Entities\User as EntityUser;
+use Espo\ORM\Entity;

-class ScheduledJob extends \Espo\Core\Acl\Base
+class ScheduledJob extends \Espo\Core\Acl\Acl
 {
    public function checkEntityRead(EntityUser $user, Entity $entity, $data)
    {
@@ -58,4 +58,3 @@ class ScheduledJob extends \Espo\Core\Acl\Base
        return $this->checkEntity($user, $entity, $data, 'create');
    }
 }
-
--- a/application/Espo/Acl/Team.php
+++ b/application/Espo/Acl/Team.php
@@ -29,13 +29,15 @@

 namespace Espo\Acl;

-use \Espo\ORM\Entity;
+use Espo\ORM\Entity;

-class Team extends \Espo\Core\Acl\Base
+use Espo\Entities\User as UserEntity;
+
+class Team extends \Espo\Core\Acl\Acl
 {
-    public function checkInTeam(\Espo\Entities\User $user, Entity $entity)
+    public function checkInTeam(UserEntity $user, Entity $entity)
    {
        $userTeamIdList = $user->getLinkMultipleIdList('teams');
        return in_array($entity->id, $userTeamIdList);
    }
-}
+}
--- a/application/Espo/Acl/User.php
+++ b/application/Espo/Acl/User.php
@@ -29,12 +29,12 @@

 namespace Espo\Acl;

-use \Espo\ORM\Entity;
-use \Espo\Entities\User as EntityUser;
+use Espo\ORM\Entity;
+use Espo\Entities\User as EntityUser;

-class User extends \Espo\Core\Acl\Base
+class User extends \Espo\Core\Acl\Acl
 {
-    public function checkIsOwner(\Espo\Entities\User $user, Entity $entity)
+    public function checkIsOwner(EntityUser $user, Entity $entity)
    {
        return $user->id === $entity->id;
    }
--- a/application/Espo/Acl/Webhook.php
+++ b/application/Espo/Acl/Webhook.php
@@ -29,10 +29,10 @@

 namespace Espo\Acl;

-use \Espo\Entities\User as EntityUser;
-use \Espo\ORM\Entity;
+use Espo\Entities\User as EntityUser;
+use Espo\ORM\Entity;

-class Webhook extends \Espo\Core\Acl\Base
+class Webhook extends \Espo\Core\Acl\Acl
 {
    public function checkIsOwner(EntityUser $user, Entity $entity)
    {
--- a/application/Espo/Classes/AppParams/TemplateEntityTypeList.php
+++ b/application/Espo/Classes/AppParams/TemplateEntityTypeList.php
@@ -27,31 +27,44 @@
 * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
 ************************************************************************/

-namespace Espo\Core\AppParams;
+namespace Espo\Classes\AppParams;

-class TemplateEntityTypeList extends \Espo\Core\Injectable
+use Espo\Core\{
+    Acl,
+    Select\SelectManagerFactory,
+    ORM\EntityManager,
+};
+
+/**
+ * Returns a list of entity types for which a PDF template exists.
+ */
+class TemplateEntityTypeList
 {
-    protected function init()
+    protected $acl;
+    protected $selectManagerFactory;
+    protected $entityManager;
+
+    public function __construct(Acl $acl, SelectManagerFactory $selectManagerFactory, EntityManager $entityManager)
    {
-        $this->addDependency('acl');
-        $this->addDependency('selectManagerFactory');
-        $this->addDependency('entityManager');
+        $this->acl = $acl;
+        $this->selectManagerFactory = $selectManagerFactory;
+        $this->entityManager = $entityManager;
    }

    public function get()
    {
-        if (!$this->getInjection('acl')->checkScope('Template')) {
+        if (!$this->acl->checkScope('Template')) {
            return [];
        }

        $list = [];

-        $selectManager = $this->getInjection('selectManagerFactory')->create('Template');
+        $selectManager = $this->selectManagerFactory->create('Template');

        $selectParams = $selectManager->getEmptySelectParams();
        $selectManager->applyAccess($selectParams);

-        $templateList = $this->getInjection('entityManager')->getRepository('Template')
+        $templateList = $this->entityManager->getRepository('Template')
            ->select(['entityType'])
            ->groupBy(['entityType'])
            ->find($selectParams);
--- a/application/Espo/Core/Utils/Authentication/Base.php
+++ b/application/Espo/Core/Utils/Authentication/Base.php
@@ -27,42 +27,44 @@
 * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
 ************************************************************************/

-namespace Espo\Core\Utils\Authentication;
+namespace Espo\Classes\Cleanup;

-use \Espo\Core\Utils\Config;
-use \Espo\Core\ORM\EntityManager;
-use \Espo\Core\Utils\Auth;
+use Espo\Core\{
+    Utils\Config,
+    ORM\EntityManager,
+};

-abstract class Base
+use DateTime;
+
+class Reminders
 {
    protected $config;
-
    protected $entityManager;

-    private $passwordHash;
-
    public function __construct(Config $config, EntityManager $entityManager)
    {
        $this->config = $config;
        $this->entityManager = $entityManager;
    }

-    protected function getConfig()
-    {
-        return $this->config;
-    }
+    protected $cleanupRemindersPeriod = '15 days';

-    protected function getEntityManager()
+    public function process()
    {
-        return $this->entityManager;
-    }
+        $period = '-' . $this->config->get('cleanupRemindersPeriod', $this->cleanupRemindersPeriod);

-    protected function getPasswordHash()
-    {
-        if (!isset($this->passwordHash)) {
-            $this->passwordHash = new \Espo\Core\Utils\PasswordHash($this->config);
-        }
+        $dt = new DateTime();

-        return $this->passwordHash;
+        $dt->modify($period);
+
+        $delete = $this->entityManager->getQueryBuilder()
+            ->delete()
+            ->from('Reminder')
+            ->where([
+                'remindAt<' => $dt->format('Y-m-d'),
+            ])
+            ->build();
+
+        $this->entityManager->getQueryExecutor()->execute($delete);
    }
 }
--- a/application/Espo/Classes/Cleanup/WebhookQueue.php
+++ b/application/Espo/Classes/Cleanup/WebhookQueue.php
@@ -27,33 +27,63 @@
 * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
 ************************************************************************/

-namespace Espo\Core\Cleanup;
+namespace Espo\Classes\Cleanup;

-class WebhookQueue extends Base
+use Espo\Core\{
+    Utils\Config,
+    ORM\EntityManager,
+};
+
+use DateTime;
+
+class WebhookQueue
 {
    protected $cleanupWebhookQueuePeriod = '10 days';

+    protected $config;
+    protected $entityManager;
+
+    public function __construct(Config $config, EntityManager $entityManager)
+    {
+        $this->config = $config;
+        $this->entityManager = $entityManager;
+    }
+
    public function process()
    {
-        $pdo = $this->getEntityManager()->getPDO();
+        $period = '-' . $this->config->get('cleanupWebhookQueuePeriod', $this->cleanupWebhookQueuePeriod);
+
+        $datetime = new DateTime();

-        $period = '-' . $this->getConfig()->get('cleanupWebhookQueuePeriod', $this->cleanupWebhookQueuePeriod);
-        $datetime = new \DateTime();
        $datetime->modify($period);
        $from = $datetime->format('Y-m-d H:i:s');

-        $query = "
-            DELETE FROM `webhook_queue_item`
-            WHERE
-                DATE(created_at) < ".$pdo->quote($from)." AND
-                (status <> 'Pending' OR deleted = 1)
-        ";
-        $pdo->query($query);
+        $query = $this->entityManager->getQueryBuilder()
+            ->delete()
+            ->from('WebhookQueueItem')
+            ->where([
+                'DATE:(createdAt)<' => $from,
+                'OR' => [
+                    'status!=' => 'Pending',
+                    'deleted' => true,
+                ],
+            ])
+            ->build();

-        $query = "
-            DELETE FROM `webhook_event_queue_item`
-            WHERE DATE(created_at) < ".$pdo->quote($from)." AND (is_processed = 1 OR deleted = 1)
-        ";
-        $pdo->query($query);
+        $this->entityManager->getQueryExecutor()->execute($query);
+
+        $query = $this->entityManager->getQueryBuilder()
+            ->delete()
+            ->from('WebhookEventQueueItem')
+            ->where([
+                'DATE:(createdAt)<' => $from,
+                'OR' => [
+                    'isProcessed' => true,
+                    'deleted' => true,
+                ],
+            ])
+            ->build();
+
+        $this->entityManager->getQueryExecutor()->execute($query);
    }
 }
--- a/application/Espo/Classes/ConsoleCommands/Import.php
+++ b/application/Espo/Classes/ConsoleCommands/Import.php
@@ -0,0 +1,138 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2020 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: https://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ *
+ * The interactive user interfaces in modified source and object code versions
+ * of this program must display Appropriate Legal Notices, as required under
+ * Section 5 of the GNU General Public License version 3.
+ *
+ * In accordance with Section 7(b) of the GNU General Public License version 3,
+ * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
+ ************************************************************************/
+
+namespace Espo\Classes\ConsoleCommands;
+
+use Espo\Core\{
+    ServiceFactory,
+    Console\Commands\Command,
+};
+
+use Throwable;
+
+class Import implements Command
+{
+    protected $serviceFactory;
+
+    public function __construct(ServiceFactory $serviceFactory)
+    {
+        $this->serviceFactory = $serviceFactory;
+    }
+
+    public function run(array $options, array $flagList)
+    {
+        $id = $options['id'] ?? null;
+        $filePath = $options['file'] ?? null;
+        $paramsId = $options['paramsId'] ?? null;
+
+        $service = $this->serviceFactory->create('Import');
+
+        $forceResume = in_array('resume', $flagList);
+        $revert = in_array('revert', $flagList);
+
+        if (!$id && $filePath) {
+            if (!$paramsId) {
+                $this->out("You need to specify --params-id option.\n");
+
+                return;
+            }
+
+            if (!file_exists($filePath)) {
+                $this->out("File not found.\n");
+
+                return;
+            }
+
+            $contents = file_get_contents($filePath);
+
+            try {
+                $result = $service->importFileWithParamsId($contents, $paramsId);
+
+                $resultId = $result->id;
+                $countCreated = $result->countCreated;
+                $countUpdated = $result->countUpdated;
+            }
+            catch (Throwable $e) {
+                $this->out("Error occured: ".$e->getMessage()."\n");
+
+                return;
+            }
+
+            $this->out("Finished. Import ID: {$resultId}. Created: {$countCreated}. Updated: {$countUpdated}.\n");
+
+            return;
+        }
+
+        if ($id && $revert) {
+            $this->out("Reverting import...\n");
+
+            try {
+                $service->revert($id);
+            }
+            catch (Throwable $e) {
+                $this->out("Error occured: " . $e->getMessage() . "\n");
+
+                return;
+            }
+
+            $this->out("Finished.\n");
+
+            return;
+        }
+
+        if ($id) {
+            $this->out("Running import, this may take a while...\n");
+
+            try {
+                $result = $service->importById($id, true, $forceResume);
+            }
+            catch (Throwable $e) {
+                $this->out("Error occured: " . $e->getMessage() . "\n");
+
+                return;
+            }
+
+            $countCreated = $result->countCreated;
+            $countUpdated = $result->countUpdated;
+
+            $this->out("Finished. Created: {$countCreated}. Updated: {$countUpdated}.\n");
+
+            return;
+        }
+
+        $this->out("Not enough params passed.\n");
+
+        return;
+    }
+
+    protected function out($string)
+    {
+        fwrite(\STDOUT, $string);
+    }
+}
--- a/application/Espo/Core/Utils/Layout/Defaults/DefaultSidePanelType.php
+++ b/application/Espo/Core/Utils/Layout/Defaults/DefaultSidePanelType.php
@@ -27,13 +27,15 @@
 * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
 ************************************************************************/

-namespace Espo\Core\Utils\Layout\Defaults;
+namespace Espo\Classes\DefaultLayouts;
+
+use Espo\Core\Utils\Metadata;

 class DefaultSidePanelType
 {
    protected $metadata;

-    public function __construct(\Espo\Core\Utils\Metadata $metadata)
+    public function __construct(Metadata $metadata)
    {
        $this->metadata = $metadata;
    }
--- a/application/Espo/Classes/FieldValidators/ArrayIntType.php
+++ b/application/Espo/Classes/FieldValidators/ArrayIntType.php
@@ -27,7 +27,7 @@
 * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
 ************************************************************************/

-namespace Espo\Core\FieldValidators;
+namespace Espo\Classes\FieldValidators;

 class ArrayIntType extends ArrayType
 {
--- a/application/Espo/Classes/FieldValidators/ArrayType.php
+++ b/application/Espo/Classes/FieldValidators/ArrayType.php
@@ -27,16 +27,18 @@
 * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
 ************************************************************************/

-namespace Espo\Core\FieldValidators;
+namespace Espo\Classes\FieldValidators;
+
+use Espo\ORM\Entity;

 class ArrayType extends BaseType
 {
-    public function checkRequired(\Espo\ORM\Entity $entity, string $field, $validationValue, $data) : bool
+    public function checkRequired(Entity $entity, string $field, $validationValue, $data) : bool
    {
        return $this->isNotEmpty($entity, $field);
    }

-    public function checkMaxCount(\Espo\ORM\Entity $entity, string $field, $validationValue, $data) : bool
+    public function checkMaxCount(Entity $entity, string $field, $validationValue, $data) : bool
    {
        if (!$this->isNotEmpty($entity, $field)) return true;
        $list = $entity->get($field);
@@ -44,14 +46,16 @@ class ArrayType extends BaseType
        return true;
    }

-    public function checkArray(\Espo\ORM\Entity $entity, string $field, $validationValue, $data) : bool
+    public function checkArray(Entity $entity, string $field, $validationValue, $data) : bool
    {
-        if (!$entity->has($field) || $entity->get($field) === null) return true;
+        if (isset($data->$field) && $data->$field !== null && !is_array($data->$field)) {
+            return false;
+        }

-        return is_array($entity->get($field));
+        return true;
    }

-    protected function isNotEmpty(\Espo\ORM\Entity $entity, $field)
+    protected function isNotEmpty(Entity $entity, $field)
    {
        if (!$entity->has($field) || $entity->get($field) === null) return false;
        $list = $entity->get($field);
--- a/application/Espo/Classes/FieldValidators/BaseType.php
+++ b/application/Espo/Classes/FieldValidators/BaseType.php
@@ -27,33 +27,33 @@
 * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
 ************************************************************************/

-namespace Espo\Core\FieldValidators;
+namespace Espo\Classes\FieldValidators;

-use \Espo\ORM\Entity;
+use Espo\ORM\Entity;
+
+use Espo\Core\{
+    Utils\Metadata,
+    Utils\FieldUtil,
+};

 class BaseType
 {
-    private $metadata;
-    private $fieldManagerUtil;
+    protected $metadata;
+    protected $fieldUtil;

-    public function __construct(\Espo\Core\Utils\Metadata $metadata, \Espo\Core\Utils\FieldManagerUtil $fieldManagerUtil)
+    public function __construct(Metadata $metadata, FieldUtil $fieldUtil)
    {
        $this->metadata = $metadata;
-        $this->fieldManagerUtil = $fieldManagerUtil;
+        $this->fieldUtil = $fieldUtil;
    }

    protected function getActualAttributeList(Entity $entity, string $field) : array
    {
-        return $this->getFieldManagerUtil()->getActualAttributeList($entity->getEntityType(), $field);
+        return $this->fieldUtil->getActualAttributeList($entity->getEntityType(), $field);
    }

-    protected function getMetadata() : \Espo\Core\Utils\Metadata
+    protected function getMetadata() : Metadata
    {
        return $this->metadata;
    }
-
-    protected function getFieldManagerUtil() : \Espo\Core\Utils\FieldManagerUtil
-    {
-        return $this->fieldManagerUtil;
-    }
 }
--- a/application/Espo/Classes/FieldValidators/ChecklistType.php
+++ b/application/Espo/Classes/FieldValidators/ChecklistType.php
@@ -27,7 +27,7 @@
 * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
 ************************************************************************/

-namespace Espo\Core\FieldValidators;
+namespace Espo\Classes\FieldValidators;

 class ChecklistType extends ArrayType
 {
--- a/application/Espo/Classes/FieldValidators/CurrencyType.php
+++ b/application/Espo/Classes/FieldValidators/CurrencyType.php
@@ -27,11 +27,13 @@
 * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
 ************************************************************************/

-namespace Espo\Core\FieldValidators;
+namespace Espo\Classes\FieldValidators;
+
+use Espo\ORM\Entity;

 class CurrencyType extends FloatType
 {
-    protected function isNotEmpty(\Espo\ORM\Entity $entity, $field)
+    protected function isNotEmpty(Entity $entity, $field)
    {
        return
            $entity->has($field) && $entity->get($field) !== null &&
--- a/application/Espo/Classes/FieldValidators/DateType.php
+++ b/application/Espo/Classes/FieldValidators/DateType.php
@@ -27,16 +27,18 @@
 * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
 ************************************************************************/

-namespace Espo\Core\FieldValidators;
+namespace Espo\Classes\FieldValidators;
+
+use Espo\ORM\Entity;

 class DateType extends BaseType
 {
-    public function checkRequired(\Espo\ORM\Entity $entity, string $field, $validationValue, $data) : bool
+    public function checkRequired(Entity $entity, string $field, $validationValue, $data) : bool
    {
        return $this->isNotEmpty($entity, $field);
    }

-    protected function isNotEmpty(\Espo\ORM\Entity $entity, $field)
+    protected function isNotEmpty(Entity $entity, $field)
    {
        return $entity->has($field) && $entity->get($field) !== null;
    }
--- a/application/Espo/Classes/FieldValidators/DatetimeOptionalType.php
+++ b/application/Espo/Classes/FieldValidators/DatetimeOptionalType.php
@@ -27,16 +27,18 @@
 * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
 ************************************************************************/

-namespace Espo\Core\FieldValidators;
+namespace Espo\Classes\FieldValidators;
+
+use Espo\ORM\Entity;

 class DatetimeOptionalType extends DatetimeType
 {
-    public function checkRequired(\Espo\ORM\Entity $entity, string $field, $validationValue, $data) : bool
+    public function checkRequired(Entity $entity, string $field, $validationValue, $data) : bool
    {
        return $this->isNotEmpty($entity, $field);
    }

-    protected function isNotEmpty(\Espo\ORM\Entity $entity, $field)
+    protected function isNotEmpty(Entity $entity, $field)
    {
        if ($entity->has($field) && $entity->get($field) !== null) return true;
        if ($entity->has($field . 'Date') && $entity->get($field . 'Date') !== null) return true;
--- a/application/Espo/Classes/FieldValidators/DatetimeType.php
+++ b/application/Espo/Classes/FieldValidators/DatetimeType.php
@@ -27,7 +27,7 @@
 * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
 ************************************************************************/

-namespace Espo\Core\FieldValidators;
+namespace Espo\Classes\FieldValidators;

 class DatetimeType extends DateType
 {
--- a/application/Espo/Classes/FieldValidators/EmailType.php
+++ b/application/Espo/Classes/FieldValidators/EmailType.php
@@ -27,11 +27,13 @@
 * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
 ************************************************************************/

-namespace Espo\Core\FieldValidators;
+namespace Espo\Classes\FieldValidators;
+
+use Espo\ORM\Entity;

 class EmailType extends BaseType
 {
-    public function checkRequired(\Espo\ORM\Entity $entity, string $field, $validationValue, $data) : bool
+    public function checkRequired(Entity $entity, string $field, $validationValue, $data) : bool
    {
        if ($this->isNotEmpty($entity, $field)) return true;

@@ -45,7 +47,7 @@ class EmailType extends BaseType
        return false;
    }

-    public function checkEmailAddress(\Espo\ORM\Entity $entity, string $field, $validationValue, $data) : bool
+    public function checkEmailAddress(Entity $entity, string $field, $validationValue, $data) : bool
    {
        if ($this->isNotEmpty($entity, $field)) {
            $address = $entity->get($field);
@@ -68,7 +70,7 @@ class EmailType extends BaseType
        return true;
    }

-    protected function isNotEmpty(\Espo\ORM\Entity $entity, $field)
+    protected function isNotEmpty(Entity $entity, $field)
    {
        return $entity->has($field) && $entity->get($field) !== '' && $entity->get($field) !== null;
    }
--- a/application/Espo/Classes/FieldValidators/EnumType.php
+++ b/application/Espo/Classes/FieldValidators/EnumType.php
@@ -27,16 +27,18 @@
 * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
 ************************************************************************/

-namespace Espo\Core\FieldValidators;
+namespace Espo\Classes\FieldValidators;
+
+use Espo\ORM\Entity;

 class EnumType extends BaseType
 {
-    public function checkRequired(\Espo\ORM\Entity $entity, string $field, $validationValue, $data) : bool
+    public function checkRequired(Entity $entity, string $field, $validationValue, $data) : bool
    {
        return $this->isNotEmpty($entity, $field);
    }

-    protected function isNotEmpty(\Espo\ORM\Entity $entity, $field)
+    protected function isNotEmpty(Entity $entity, $field)
    {
        return $entity->has($field) && $entity->get($field) !== null;
    }
--- a/application/Espo/Classes/FieldValidators/FileType.php
+++ b/application/Espo/Classes/FieldValidators/FileType.php
@@ -27,7 +27,7 @@
 * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
 ************************************************************************/

-namespace Espo\Core\FieldValidators;
+namespace Espo\Classes\FieldValidators;

 class FileType extends LinkType
 {
--- a/application/Espo/Classes/FieldValidators/FloatType.php
+++ b/application/Espo/Classes/FieldValidators/FloatType.php
@@ -27,7 +27,7 @@
 * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
 ************************************************************************/

-namespace Espo\Core\FieldValidators;
+namespace Espo\Classes\FieldValidators;

 class FloatType extends IntType
 {
--- a/application/Espo/Classes/FieldValidators/ImageType.php
+++ b/application/Espo/Classes/FieldValidators/ImageType.php
@@ -27,7 +27,7 @@
 * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
 ************************************************************************/

-namespace Espo\Core\FieldValidators;
+namespace Espo\Classes\FieldValidators;

 class ImageType extends FileType
 {
--- a/application/Espo/Classes/FieldValidators/IntType.php
+++ b/application/Espo/Classes/FieldValidators/IntType.php
@@ -27,30 +27,32 @@
 * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
 ************************************************************************/

-namespace Espo\Core\FieldValidators;
+namespace Espo\Classes\FieldValidators;
+
+use Espo\ORM\Entity;

 class IntType extends BaseType
 {
-    public function checkRequired(\Espo\ORM\Entity $entity, string $field, $validationValue, $data) : bool
+    public function checkRequired(Entity $entity, string $field, $validationValue, $data) : bool
    {
        return $this->isNotEmpty($entity, $field);
    }

-    public function checkMax(\Espo\ORM\Entity $entity, string $field, $validationValue, $data) : bool
+    public function checkMax(Entity $entity, string $field, $validationValue, $data) : bool
    {
        if (!$this->isNotEmpty($entity, $field)) return true;
        if ($entity->get($field) > $validationValue) return false;
        return true;
    }

-    public function checkMin(\Espo\ORM\Entity $entity, string $field, $validationValue, $data) : bool
+    public function checkMin(Entity $entity, string $field, $validationValue, $data) : bool
    {
        if (!$this->isNotEmpty($entity, $field)) return true;
        if ($entity->get($field) < $validationValue) return false;
        return true;
    }

-    protected function isNotEmpty(\Espo\ORM\Entity $entity, $field)
+    protected function isNotEmpty(Entity $entity, $field)
    {
        return $entity->has($field) && $entity->get($field) !== null;
    }
--- a/application/Espo/Classes/FieldValidators/JsonArrayType.php
+++ b/application/Espo/Classes/FieldValidators/JsonArrayType.php
@@ -27,18 +27,20 @@
 * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
 ************************************************************************/

-namespace Espo\Core\FieldValidators;
+namespace Espo\Classes\FieldValidators;
+
+use Espo\ORM\Entity;

 class JsonArrayType extends BaseType
 {
-    public function checkArray(\Espo\ORM\Entity $entity, string $field, $validationValue, $data) : bool
+    public function checkArray(Entity $entity, string $field, $validationValue, $data) : bool
    {
        if (!$entity->has($field) || $entity->get($field) === null) return true;

        return is_array($entity->get($field));
    }

-    protected function isNotEmpty(\Espo\ORM\Entity $entity, $field)
+    protected function isNotEmpty(Entity $entity, $field)
    {
        if (!$entity->has($field) || $entity->get($field) === null) return false;
        $list = $entity->get($field);
--- a/application/Espo/Classes/FieldValidators/LinkMultipleType.php
+++ b/application/Espo/Classes/FieldValidators/LinkMultipleType.php
@@ -27,11 +27,13 @@
 * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
 ************************************************************************/

-namespace Espo\Core\FieldValidators;
+namespace Espo\Classes\FieldValidators;
+
+use Espo\ORM\Entity;

 class LinkMultipleType extends BaseType
 {
-    public function checkRequired(\Espo\ORM\Entity $entity, string $field, $validationValue, $data) : bool
+    public function checkRequired(Entity $entity, string $field, $validationValue, $data) : bool
    {
        return count($entity->getLinkMultipleIdList($field)) > 0;
    }
--- a/application/Espo/Classes/FieldValidators/LinkParentType.php
+++ b/application/Espo/Classes/FieldValidators/LinkParentType.php
@@ -27,11 +27,13 @@
 * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
 ************************************************************************/

-namespace Espo\Core\FieldValidators;
+namespace Espo\Classes\FieldValidators;
+
+use Espo\ORM\Entity;

 class LinkParentType extends BaseType
 {
-    public function checkRequired(\Espo\ORM\Entity $entity, string $field, $validationValue, $data) : bool
+    public function checkRequired(Entity $entity, string $field, $validationValue, $data) : bool
    {
        $idAttribute = $field . 'Id';
        $typeAttribute = $field . 'Type';
--- a/application/Espo/Classes/FieldValidators/LinkType.php
+++ b/application/Espo/Classes/FieldValidators/LinkType.php
@@ -27,11 +27,13 @@
 * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
 ************************************************************************/

-namespace Espo\Core\FieldValidators;
+namespace Espo\Classes\FieldValidators;
+
+use Espo\ORM\Entity;

 class LinkType extends BaseType
 {
-    public function checkRequired(\Espo\ORM\Entity $entity, string $field, $validationValue, $data) : bool
+    public function checkRequired(Entity $entity, string $field, $validationValue, $data) : bool
    {
        $idAttribute = $field . 'Id';

--- a/application/Espo/Classes/FieldValidators/MultiEnumType.php
+++ b/application/Espo/Classes/FieldValidators/MultiEnumType.php
@@ -27,7 +27,7 @@
 * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
 ************************************************************************/

-namespace Espo\Core\FieldValidators;
+namespace Espo\Classes\FieldValidators;

 class MultiEnumType extends ArrayType
 {
--- a/application/Espo/Classes/FieldValidators/PersonNameType.php
+++ b/application/Espo/Classes/FieldValidators/PersonNameType.php
@@ -27,11 +27,13 @@
 * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
 ************************************************************************/

-namespace Espo\Core\FieldValidators;
+namespace Espo\Classes\FieldValidators;
+
+use Espo\ORM\Entity;

 class PersonNameType extends BaseType
 {
-    public function checkRequired(\Espo\ORM\Entity $entity, string $field, $validationValue, $data) : bool
+    public function checkRequired(Entity $entity, string $field, $validationValue, $data) : bool
    {
        $isEmpty = true;
        foreach ($this->getActualAttributeList($entity, $field) as $attribute) {
--- a/application/Espo/Classes/FieldValidators/PhoneType.php
+++ b/application/Espo/Classes/FieldValidators/PhoneType.php
@@ -27,11 +27,13 @@
 * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
 ************************************************************************/

-namespace Espo\Core\FieldValidators;
+namespace Espo\Classes\FieldValidators;
+
+use Espo\ORM\Entity;

 class PhoneType extends BaseType
 {
-    public function checkRequired(\Espo\ORM\Entity $entity, string $field, $validationValue, $data) : bool
+    public function checkRequired(Entity $entity, string $field, $validationValue, $data) : bool
    {
        if ($this->isNotEmpty($entity, $field)) return true;

@@ -45,7 +47,7 @@ class PhoneType extends BaseType
        return false;
    }

-    protected function isNotEmpty(\Espo\ORM\Entity $entity, $field)
+    protected function isNotEmpty(Entity $entity, $field)
    {
        return $entity->has($field) && $entity->get($field) !== '' && $entity->get($field) !== null;
    }
--- a/application/Espo/Classes/FieldValidators/VarcharType.php
+++ b/application/Espo/Classes/FieldValidators/VarcharType.php
@@ -27,16 +27,18 @@
 * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
 ************************************************************************/

-namespace Espo\Core\FieldValidators;
+namespace Espo\Classes\FieldValidators;
+
+use Espo\ORM\Entity;

 class VarcharType extends BaseType
 {
-    public function checkRequired(\Espo\ORM\Entity $entity, string $field, $validationValue, $data) : bool
+    public function checkRequired(Entity $entity, string $field, $validationValue, $data) : bool
    {
        return $this->isNotEmpty($entity, $field);
    }

-    public function checkMaxLength(\Espo\ORM\Entity $entity, string $field, $validationValue, $data) : bool
+    public function checkMaxLength(Entity $entity, string $field, $validationValue, $data) : bool
    {
        if ($this->isNotEmpty($entity, $field)) {
            $value = $entity->get($field);
@@ -47,7 +49,7 @@ class VarcharType extends BaseType
        return true;
    }

-    protected function isNotEmpty(\Espo\ORM\Entity $entity, $field)
+    protected function isNotEmpty(Entity $entity, $field)
    {
        return $entity->has($field) && $entity->get($field) !== '' && $entity->get($field) !== null;
    }
--- a/application/Espo/Classes/TemplateHelpers/GoogleMaps.php
+++ b/application/Espo/Classes/TemplateHelpers/GoogleMaps.php
@@ -0,0 +1,194 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2020 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: https://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ *
+ * The interactive user interfaces in modified source and object code versions
+ * of this program must display Appropriate Legal Notices, as required under
+ * Section 5 of the GNU General Public License version 3.
+ *
+ * In accordance with Section 7(b) of the GNU General Public License version 3,
+ * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
+ ************************************************************************/
+
+namespace Espo\Classes\TemplateHelpers;
+
+class GoogleMaps
+{
+    public static function image()
+    {
+        $args = func_get_args();
+        $context = $args[count($args) - 1];
+        $hash = $context['hash'];
+        $data = $context['data']['root'];
+
+        $em = $data['__entityManager'];
+        $metadata = $data['__metadata'];
+        $config = $data['__config'];
+
+        $entityType = $data['__entityType'];
+
+        $field = $hash['field'] ?? null;
+
+        $size = $hash['size'] ?? '400x400';
+        $zoom = $hash['zoom'] ?? null;
+        $language = $hash['language'] ?? $config->get('language');
+
+        if (strpos($size, 'x') === false) {
+            $size = $size .'x' . $size;
+        }
+
+        if ($field && $metadata->get(['entityDefs', $entityType, 'fields', $field, 'type']) !== 'address') {
+            $GLOBALS['log']->warning("Template helper _googleMapsImage: Specified field is not of address type.");
+            return null;
+        }
+
+        if (
+            !$field &&
+            !array_key_exists('street', $hash) &&
+            !array_key_exists('city', $hash) &&
+            !array_key_exists('country', $hash) &&
+            !array_key_exists('state', $hash) &&
+            !array_key_exists('postalCode', $hash)
+        ) {
+            $field = ($entityType === 'Account') ? 'billingAddress' : 'address';
+        }
+
+        if ($field) {
+            $street = $data[$field . 'Street'] ?? null;
+            $city = $data[$field . 'City'] ?? null;
+            $country = $data[$field . 'Country'] ?? null;
+            $state = $data[$field . 'State'] ?? null;
+            $postalCode = $data[$field . 'postalCode'] ?? null;
+        } else {
+            $street = $hash['street'] ?? null;
+            $city = $hash['city'] ?? null;
+            $country = $hash['country'] ?? null;
+            $state = $hash['state'] ?? null;
+            $postalCode = $hash['postalCode'] ?? null;
+        }
+
+        $address = '';
+        if ($street) {
+            $address .= $street;
+        }
+        if ($city) {
+            if ($address != '') {
+                $address .= ', ';
+            }
+            $address .= $city;
+        }
+        if ($state) {
+            if ($address != '') {
+                $address .= ', ';
+            }
+            $address .= $state;
+        }
+        if ($postalCode) {
+            if ($state || $city) {
+                $address .= ' ';
+            } else {
+                if ($address) {
+                    $address .= ', ';
+                }
+            }
+            $address .= $postalCode;
+        }
+        if ($country) {
+            if ($address != '') {
+                $address .= ', ';
+            }
+            $address .= $country;
+        }
+
+        $address = urlencode($address);
+
+        $apiKey = $config->get('googleMapsApiKey');
+
+        if (!$apiKey) {
+            $GLOBALS['log']->error("Template helper _googleMapsImage: No Google Maps API key.");
+            return null;
+        }
+
+        if (!$address) {
+            $GLOBALS['log']->debug("Template helper _googleMapsImage: No address to display.");
+            return null;
+        }
+
+        $format = 'jpg;';
+
+        $url = "https://maps.googleapis.com/maps/api/staticmap?" .
+            'center=' . $address .
+            'format=' . $format .
+            '&size=' . $size .
+            '&key=' . $apiKey;
+
+        if ($zoom) {
+            $url .= '&zoom=' . $zoom;
+        }
+        if ($language) {
+            $url .= '&language=' . $language;
+        }
+
+        $GLOBALS['log']->debug("Template helper _googleMapsImage: URL: {$url}.");
+
+        $image = \Espo\Core\TemplateHelpers\GoogleMaps::getImage($url);
+
+        if (!$image) {
+            return null;
+        }
+
+
+
+        $filePath = tempnam(sys_get_temp_dir(), 'google_maps_image');
+        file_put_contents($filePath, $image);
+
+        list($width, $height) = explode('x', $size);
+
+        $tag = "<img src=\"{$filePath}\" width=\"{$width}\" height=\"{$height}\">";
+
+        return new LightnCandy\SafeString($tag);
+    }
+
+    public static function getImage(string $url)
+    {
+        $headers = [];
+        $headers[] = 'Accept: image/jpeg, image/pjpeg';
+        $headers[] = 'Connection: Keep-Alive';
+
+        $agent = 'Mozilla/5.0';
+
+        $c = curl_init();
+
+        curl_setopt($c, \CURLOPT_URL, $url);
+        curl_setopt($c, \CURLOPT_HTTPHEADER, $headers);
+        curl_setopt($c, \CURLOPT_HEADER, 0);
+        curl_setopt($c, \CURLOPT_USERAGENT, $agent);
+        curl_setopt($c, \CURLOPT_TIMEOUT, 10);
+        curl_setopt($c, \CURLOPT_RETURNTRANSFER, 1);
+        curl_setopt($c, \CURLOPT_FOLLOWLOCATION, 1);
+        curl_setopt($c, \CURLOPT_BINARYTRANSFER, 1);
+
+
+        $raw = curl_exec($c);
+        curl_close($c);
+
+        return $raw;
+    }
+}
--- a/application/Espo/Controllers/ActionHistoryRecord.php
+++ b/application/Espo/Controllers/ActionHistoryRecord.php
@@ -63,11 +63,6 @@ class ActionHistoryRecord extends \Espo\Core\Controllers\Record
        throw new Forbidden();
    }

-    public function beforeMassDelete()
-    {
-        throw new Forbidden();
-    }
-
    public function beforeMassConvertCurrency()
    {
        throw new Forbidden();
--- a/application/Espo/Controllers/Admin.php
+++ b/application/Espo/Controllers/Admin.php
@@ -29,10 +29,12 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\NotFound;
-use \Espo\Core\Exceptions\Error;
-use \Espo\Core\Exceptions\Forbidden;
-use \Espo\Core\Exceptions\BadRequest;
+use Espo\Core\Exceptions\Forbidden;
+use Espo\Core\Exceptions\BadRequest;
+
+use Espo\Core\UpgradeManager;
+use Espo\Core\Utils\AdminNotificationManager;
+use Espo\Core\Utils\SystemRequirements;

 class Admin extends \Espo\Core\Controllers\Base
 {
@@ -48,15 +50,17 @@ class Admin extends \Espo\Core\Controllers\Base
        if (!$request->isPost()) {
            throw new BadRequest();
        }
-        $result = $this->getContainer()->get('dataManager')->rebuild();

-        return $result;
+        $this->getContainer()->get('dataManager')->rebuild();
+
+        return true;
    }

    public function postActionClearCache($params)
    {
-        $result = $this->getContainer()->get('dataManager')->clearCache();
-        return $result;
+        $this->getContainer()->get('dataManager')->clearCache();
+
+        return true;
    }

    public function actionJobs()
@@ -73,15 +77,16 @@ class Admin extends \Espo\Core\Controllers\Base
                throw new Forbidden();
            }
        }
-        $upgradeManager = new \Espo\Core\UpgradeManager($this->getContainer());
+
+        $upgradeManager = new UpgradeManager($this->getContainer());

        $upgradeId = $upgradeManager->upload($data);
        $manifest = $upgradeManager->getManifest();

-        return array(
+        return [
            'id' => $upgradeId,
            'version' => $manifest['version'],
-        );
+        ];
    }

    public function postActionRunUpgrade($params, $data)
@@ -92,7 +97,7 @@ class Admin extends \Espo\Core\Controllers\Base
            }
        }

-        $upgradeManager = new \Espo\Core\UpgradeManager($this->getContainer());
+        $upgradeManager = new UpgradeManager($this->getContainer());
        $upgradeManager->install(get_object_vars($data));

        return true;
@@ -105,13 +110,15 @@ class Admin extends \Espo\Core\Controllers\Base

    public function actionAdminNotificationList($params)
    {
-        $adminNotificationManager = new \Espo\Core\Utils\AdminNotificationManager($this->getContainer());
+        $adminNotificationManager = new AdminNotificationManager($this->getContainer());
+
        return $adminNotificationManager->getNotificationList();
    }

    public function actionSystemRequirementList($params)
    {
-        $systemRequirementManager = new \Espo\Core\Utils\SystemRequirements($this->getContainer());
+        $systemRequirementManager = new SystemRequirements($this->getContainer());
+
        return $systemRequirementManager->getAllRequiredList();
    }
 }
--- a/application/Espo/Controllers/ApiIndex.php
+++ b/application/Espo/Controllers/ApiIndex.php
@@ -0,0 +1,38 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2020 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: https://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ *
+ * The interactive user interfaces in modified source and object code versions
+ * of this program must display Appropriate Legal Notices, as required under
+ * Section 5 of the GNU General Public License version 3.
+ *
+ * In accordance with Section 7(b) of the GNU General Public License version 3,
+ * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
+ ************************************************************************/
+
+namespace Espo\Controllers;
+
+class ApiIndex {
+
+    public function getActionIndex()
+    {
+        return "EspoCRM REST API";
+    }
+}
--- a/application/Espo/Controllers/App.php
+++ b/application/Espo/Controllers/App.php
@@ -29,22 +29,33 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\BadRequest;
+use Espo\Core\Exceptions\BadRequest;

-class App extends \Espo\Core\Controllers\Base
+use Espo\Core\Authentication\Authentication;
+use Espo\Core\Di;
+use Espo\Core\Api\Request;
+
+use StdClass;
+
+class App implements
+
+    Di\ServiceFactoryAware,
+    Di\InjectableFactoryAware
 {
+    use Di\ServiceFactorySetter;
+    use Di\InjectableFactorySetter;
+
    public function actionUser()
    {
-        return $this->getServiceFactory()->create('App')->getUserData();
+        return $this->serviceFactory->create('App')->getUserData();
    }

-    public function postActionDestroyAuthToken($params, $data)
+    public function postActionDestroyAuthToken(array $params, StdClass $data, Request $request)
    {
        if (empty($data->token)) {
            throw new BadRequest();
        }
-
-        $auth = new \Espo\Core\Utils\Auth($this->getContainer());
-        return $auth->destroyAuthToken($data->token);
+        $auth = $this->injectableFactory->create(Authentication::class);
+        return $auth->destroyAuthToken($data->token, $request);
    }
 }
--- a/application/Espo/Controllers/Attachment.php
+++ b/application/Espo/Controllers/Attachment.php
@@ -29,8 +29,8 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Forbidden;
-use \Espo\Core\Exceptions\BadRequest;
+use Espo\Core\Exceptions\Forbidden;
+use Espo\Core\Exceptions\BadRequest;

 class Attachment extends \Espo\Core\Controllers\Record
 {
@@ -57,4 +57,21 @@ class Attachment extends \Espo\Core\Controllers\Record

        return $this->getRecordService()->getCopiedAttachment($data)->getValueMap();
    }
+
+    public function getActionFile($params, $data, $request, $response)
+    {
+        $id = $params['id'] ?? null;
+
+        if (!$id) throw new BadRequest();
+
+        $fileData = $this->getRecordService()->getFileData($id);
+
+        $response->setHeader('Content-Type', $fileData->type);
+        $response->setHeader('Content-Disposition', 'Content-Disposition: attachment; filename="'.$fileData->name.'"');
+        if ($fileData->size) {
+            $response->setHeader('Content-Length', $fileData->size);
+        }
+
+        return $fileData->contents;
+    }
 }
--- a/application/Espo/Controllers/AuthLogRecord.php
+++ b/application/Espo/Controllers/AuthLogRecord.php
@@ -29,7 +29,7 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Forbidden;
+use Espo\Core\Exceptions\Forbidden;

 class AuthLogRecord extends \Espo\Core\Controllers\Record
 {
--- a/application/Espo/Controllers/AuthToken.php
+++ b/application/Espo/Controllers/AuthToken.php
@@ -29,7 +29,7 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Forbidden;
+use Espo\Core\Exceptions\Forbidden;

 class AuthToken extends \Espo\Core\Controllers\Record
 {
--- a/application/Espo/Controllers/CurrencyRate.php
+++ b/application/Espo/Controllers/CurrencyRate.php
@@ -29,31 +29,34 @@

 namespace Espo\Controllers;

-use Espo\Core\Exceptions\Forbidden;
-use Espo\Core\Exceptions\BadRequest;
+use Espo\Core\Exceptions\{
+    Forbidden,
+    BadRequest,
+};

-class CurrencyRate extends \Espo\Core\Controllers\Base
+use Espo\Core\{
+    ServiceFactory,
+    Api\Request,
+};
+
+class CurrencyRate
 {
-    protected function checkControllerAccess()
+    protected $serviceFactory;
+
+    public function __construct(ServiceFactory $serviceFactory)
    {
-        if (!$this->getAcl()->check('Currency')) {
-            throw new Forbidden();
-        }
+        $this->serviceFactory = $serviceFactory;
    }

-    public function getActionIndex()
+    public function getActionIndex(Request $request)
    {
-        if ($this->getAcl()->getLevel('Currency', 'read') !== 'yes') throw new Forbidden();
-
-        return $this->getService('CurrencyRate')->get();
+        return $this->serviceFactory->create('CurrencyRate')->get();
    }

-    public function putActionUpdate($params, $data)
+    public function putActionUpdate(Request $request)
    {
-        if ($this->getAcl()->getLevel('Currency', 'edit') !== 'yes') throw new Forbidden();
+        $data = $request->getParsedBody();

-        if (empty($data) || !is_object($data)) throw new BadRequest();
-
-        return $this->getService('CurrencyRate')->set($data);
+        return $this->serviceFactory->create('CurrencyRate')->set($data);
    }
 }
--- a/application/Espo/Controllers/DashboardTemplate.php
+++ b/application/Espo/Controllers/DashboardTemplate.php
@@ -29,8 +29,8 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Forbidden;
-use \Espo\Core\Exceptions\BadRequest;
+use Espo\Core\Exceptions\Forbidden;
+use Espo\Core\Exceptions\BadRequest;

 class DashboardTemplate extends \Espo\Core\Controllers\Record
 {
--- a/application/Espo/Controllers/DataPrivacy.php
+++ b/application/Espo/Controllers/DataPrivacy.php
@@ -29,27 +29,33 @@

 namespace Espo\Controllers;

-use Espo\Core\Exceptions\Error;
 use Espo\Core\Exceptions\Forbidden;
-use Espo\Core\Exceptions\NotFound;
 use Espo\Core\Exceptions\BadRequest;

-class DataPrivacy extends \Espo\Core\Controllers\Base
+use Espo\Core\ServiceFactory;
+use Espo\Core\Acl;
+
+class DataPrivacy
 {
-    protected function checkControllerAccess()
+    protected $serviceFactory;
+    protected $acl;
+
+    public function __construct(ServiceFactory $serviceFactory, Acl $acl)
    {
-        if ($this->getAcl()->get('dataPrivacyPermission') === 'no') {
+        $this->serviceFactory = $serviceFactory;
+        $this->acl = $acl;
+
+        if ($this->acl->get('dataPrivacyPermission') === 'no') {
            throw new Forbidden();
        }
    }

-    public function postActionErase($params, $data)
+    public function postActionErase($params, \StdClass $data)
    {
        if (empty($data->entityType) || empty($data->id) || empty($data->fieldList) || !is_array($data->fieldList)) {
            throw new BadRequest();
        }

-        return $this->getServiceFactory()->create('DataPrivacy')->erase($data->entityType, $data->id, $data->fieldList);
+        return $this->serviceFactory->create('DataPrivacy')->erase($data->entityType, $data->id, $data->fieldList);
    }
-
 }
--- a/application/Espo/Controllers/Email.php
+++ b/application/Espo/Controllers/Email.php
@@ -29,10 +29,9 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\BadRequest;
-use \Espo\Core\Exceptions\Forbidden;
-use \Espo\Core\Exceptions\Error;
-use \Espo\Core\Exceptions\NotFound;
+use Espo\Core\Exceptions\BadRequest;
+use Espo\Core\Exceptions\Forbidden;
+use Espo\Core\Exceptions\NotFound;

 class Email extends \Espo\Core\Controllers\Record
 {
@@ -230,4 +229,15 @@ class Email extends \Espo\Core\Controllers\Record
        }
        return $this->getRecordService()->moveToFolderByIdList($idList, $data->folderId);
    }
+
+    public function getActionGetInsertFieldData($params, $data, $request)
+    {
+        if (!$this->getAcl()->checkScope('Email', 'create')) throw new Forbidden();
+
+        return $this->getServiceFactory()->create('EmailTemplate')->getInsertFieldData([
+            'parentId' => $request->get('parentId'),
+            'parentType' => $request->get('parentType'),
+            'to' => $request->get('to'),
+        ]);
+    }
 }
--- a/application/Espo/Controllers/EmailAccount.php
+++ b/application/Espo/Controllers/EmailAccount.php
@@ -29,8 +29,8 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Forbidden;
-use \Espo\Core\Exceptions\BadRequest;
+use Espo\Core\Exceptions\Forbidden;
+use Espo\Core\Exceptions\Error;

 class EmailAccount extends \Espo\Core\Controllers\Record
 {
@@ -39,7 +39,7 @@ class EmailAccount extends \Espo\Core\Controllers\Record
        return $this->getRecordService()->getFolders([
            'host' => $data->host ?? null,
            'port' => $data->port ?? null,
-            'ssl' =>  $data->ssl ?? false,
+            'security' =>  $data->security ?? null,
            'username' => $data->username ?? null,
            'password' => $data->password ?? null,
            'id' => $data->id ?? null,
--- a/application/Espo/Controllers/EmailAddress.php
+++ b/application/Espo/Controllers/EmailAddress.php
@@ -29,7 +29,7 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Forbidden;
+use Espo\Core\Exceptions\Forbidden;

 class EmailAddress extends \Espo\Core\Controllers\Record
 {
--- a/application/Espo/Controllers/EmailFilter.php
+++ b/application/Espo/Controllers/EmailFilter.php
@@ -33,4 +33,3 @@ class EmailFilter extends \Espo\Core\Controllers\Record
 {

 }
-
--- a/application/Espo/Controllers/EmailFolder.php
+++ b/application/Espo/Controllers/EmailFolder.php
@@ -29,7 +29,7 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\BadRequest;
+use Espo\Core\Exceptions\BadRequest;

 class EmailFolder extends \Espo\Core\Controllers\Record
 {
--- a/application/Espo/Controllers/EmailTemplate.php
+++ b/application/Espo/Controllers/EmailTemplate.php
@@ -29,7 +29,7 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Error;
+use Espo\Core\Exceptions\Error;

 class EmailTemplate extends \Espo\Core\Controllers\Record
 {
@@ -49,6 +49,4 @@ class EmailTemplate extends \Espo\Core\Controllers\Record
            'relatedId' => $request->get('relatedId')
        ), true);
    }
-
 }
-
--- a/application/Espo/Controllers/EntityManager.php
+++ b/application/Espo/Controllers/EntityManager.php
@@ -29,26 +29,49 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\BadRequest;
-use \Espo\Core\Exceptions\Forbidden;
-use \Espo\Core\Exceptions\Error;
+use Espo\{
+    Entities\User,
+    Tools\EntityManager\EntityManager as EntityManagerTool,
+};

-class EntityManager extends \Espo\Core\Controllers\Base
+use Espo\Core\{
+    Exceptions\Error,
+    Exceptions\Forbidden,
+    Exceptions\BadRequest,
+    Api\Request,
+    DataManager,
+    Utils\Config,
+};
+
+class EntityManager
 {
+    protected $user;
+    protected $dataManager;
+    protected $config;
+    protected $entityManagerTool;
+
+    public function __construct(User $user, DataManager $dataManager, Config $config, EntityManagerTool $entityManagerTool)
+    {
+        $this->user = $user;
+        $this->dataManager = $dataManager;
+        $this->config = $config;
+        $this->entityManagerTool = $entityManagerTool;
+
+        $this->checkControllerAccess();
+    }
+
    protected function checkControllerAccess()
    {
-        if (!$this->getUser()->isAdmin()) {
+        if (!$this->user->isAdmin()) {
            throw new Forbidden();
        }
    }

-    public function actionCreateEntity($params, $data, $request)
+    public function postActionCreateEntity(Request $request)
    {
-        $data = get_object_vars($data);
+        $data = $request->getParsedBody();

-        if (!$request->isPost()) {
-            throw new BadRequest();
-        }
+        $data = get_object_vars($data);

        if (empty($data['name']) || empty($data['type'])) {
            throw new BadRequest();
@@ -101,18 +124,18 @@ class EntityManager extends \Espo\Core\Controllers\Base
            $params['kanbanStatusIgnoreList'] = $data['kanbanStatusIgnoreList'];
        }

-        $result = $this->getContainer()->get('entityManagerUtil')->create($name, $type, $params);
+        $result = $this->entityManagerTool->create($name, $type, $params);

        if ($result) {
-            $tabList = $this->getConfig()->get('tabList', []);
+            $tabList = $this->config->get('tabList', []);

            if (!in_array($name, $tabList)) {
                $tabList[] = $name;
-                $this->getConfig()->set('tabList', $tabList);
-                $this->getConfig()->save();
+                $this->config->set('tabList', $tabList);
+                $this->config->save();
            }

-            $this->getContainer()->get('dataManager')->rebuild();
+            $this->dataManager->rebuild();
        } else {
            throw new Error();
        }
@@ -120,23 +143,23 @@ class EntityManager extends \Espo\Core\Controllers\Base
        return true;
    }

-    public function actionUpdateEntity($params, $data, $request)
+    public function postActionUpdateEntity(Request $request)
    {
+        $data = $request->getParsedBody();
+
        $data = get_object_vars($data);

-        if (!$request->isPost()) {
-            throw new BadRequest();
-        }
        if (empty($data['name'])) {
            throw new BadRequest();
        }
+
        $name = $data['name'];
        $name = filter_var($name, \FILTER_SANITIZE_STRING);

-        $result = $this->getContainer()->get('entityManagerUtil')->update($name, $data);
+        $result = $this->entityManagerTool->update($name, $data);

        if ($result) {
-            $this->getContainer()->get('dataManager')->clearCache();
+            $this->dataManager->clearCache();
        } else {
            throw new Error();
        }
@@ -144,32 +167,31 @@ class EntityManager extends \Espo\Core\Controllers\Base
        return true;
    }

-    public function actionRemoveEntity($params, $data, $request)
+    public function postActionRemoveEntity(Request $request)
    {
-        $data = get_object_vars($data);
+        $data = $request->getParsedBody();

-        if (!$request->isPost()) {
-            throw new BadRequest();
-        }
+        $data = get_object_vars($data);

        if (empty($data['name'])) {
            throw new BadRequest();
        }
+
        $name = $data['name'];
        $name = filter_var($name, \FILTER_SANITIZE_STRING);

-        $result = $this->getContainer()->get('entityManagerUtil')->delete($name);
+        $result = $this->entityManagerTool->delete($name);

        if ($result) {
-            $tabList = $this->getConfig()->get('tabList', []);
+            $tabList = $this->config->get('tabList', []);
            if (($key = array_search($name, $tabList)) !== false) {
                unset($tabList[$key]);
                $tabList = array_values($tabList);
            }
-            $this->getConfig()->set('tabList', $tabList);
-            $this->getConfig()->save();
+            $this->config->set('tabList', $tabList);
+            $this->config->save();

-            $this->getContainer()->get('dataManager')->clearCache();
+            $this->dataManager->clearCache();
        } else {
            throw new Error();
        }
@@ -177,13 +199,11 @@ class EntityManager extends \Espo\Core\Controllers\Base
        return true;
    }

-    public function actionCreateLink($params, $data, $request)
+    public function postActionCreateLink(Request $request)
    {
-        $data = get_object_vars($data);
+        $data = $request->getParsedBody();

-        if (!$request->isPost()) {
-            throw new BadRequest();
-        }
+        $data = get_object_vars($data);

        $paramList = [
        	'entity',
@@ -234,10 +254,10 @@ class EntityManager extends \Espo\Core\Controllers\Base
            $params['foreignLinkEntityTypeList'] = $data['foreignLinkEntityTypeList'];
        }

-        $result = $this->getContainer()->get('entityManagerUtil')->createLink($params);
+        $result = $this->entityManagerTool->createLink($params);

        if ($result) {
-            $this->getContainer()->get('dataManager')->rebuild();
+            $this->dataManager->rebuild();
        } else {
            throw new Error();
        }
@@ -245,13 +265,11 @@ class EntityManager extends \Espo\Core\Controllers\Base
        return true;
    }

-    public function actionUpdateLink($params, $data, $request)
+    public function postActionUpdateLink(Request $request)
    {
-        $data = get_object_vars($data);
+        $data = $request->getParsedBody();

-        if (!$request->isPost()) {
-            throw new BadRequest();
-        }
+        $data = get_object_vars($data);

        $paramList = [
        	'entity',
@@ -295,10 +313,10 @@ class EntityManager extends \Espo\Core\Controllers\Base
            $params['foreignLinkEntityTypeList'] = $data['foreignLinkEntityTypeList'];
        }

-        $result = $this->getContainer()->get('entityManagerUtil')->updateLink($params);
+        $result = $this->entityManagerTool->updateLink($params);

        if ($result) {
-            $this->getContainer()->get('dataManager')->clearCache();
+            $this->dataManager->clearCache();
        } else {
            throw new Error();
        }
@@ -306,27 +324,27 @@ class EntityManager extends \Espo\Core\Controllers\Base
        return true;
    }

-    public function actionRemoveLink($params, $data, $request)
+    public function postActionRemoveLink(Request $request)
    {
-        $data = get_object_vars($data);
+        $data = $request->getParsedBody();

-        if (!$request->isPost()) {
-            throw new BadRequest();
-        }
+        $data = get_object_vars($data);

        $paramList = [
        	'entity',
        	'link',
        ];
-        $d = array();
+
+        $d = [];
+
        foreach ($paramList as $item) {
        	$d[$item] = filter_var($data[$item], \FILTER_SANITIZE_STRING);
        }

-        $result = $this->getContainer()->get('entityManagerUtil')->deleteLink($d);
+        $result = $this->entityManagerTool->deleteLink($d);

        if ($result) {
-            $this->getContainer()->get('dataManager')->clearCache();
+            $this->dataManager->clearCache();
        } else {
            throw new Error();
        }
@@ -334,32 +352,37 @@ class EntityManager extends \Espo\Core\Controllers\Base
        return true;
    }

-    public function postActionFormula($params, $data, $request)
+    public function postActionFormula(Request $request)
    {
+        $data = $request->getParsedBody();
+
        if (empty($data->scope)) {
            throw new BadRequest();
        }
+
        if (!property_exists($data, 'data')) {
            throw new BadRequest();
        }

        $formulaData = get_object_vars($data->data);

-        $this->getContainer()->get('entityManagerUtil')->setFormulaData($data->scope, $formulaData);
+        $this->entityManagerTool->setFormulaData($data->scope, $formulaData);

-        $this->getContainer()->get('dataManager')->clearCache();
+        $this->dataManager->clearCache();

        return true;
    }

-    public function postActionResetToDefault($params, $data, $request)
+    public function postActionResetToDefault(Request $request)
    {
+        $data = $request->getParsedBody();
+
        if (empty($data->scope)) {
            throw new BadRequest();
        }

-        $this->getContainer()->get('entityManagerUtil')->resetToDefaults($data->scope);
-        $this->getContainer()->get('dataManager')->clearCache();
+        $this->entityManagerTool->resetToDefaults($data->scope);
+        $this->dataManager->clearCache();

        return true;
    }
--- a/application/Espo/Controllers/Extension.php
+++ b/application/Espo/Controllers/Extension.php
@@ -29,8 +29,7 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Error;
-use \Espo\Core\Exceptions\Forbidden;
+use Espo\Core\Exceptions\Forbidden;

 class Extension extends \Espo\Core\Controllers\Record
 {
--- a/application/Espo/Controllers/ExternalAccount.php
+++ b/application/Espo/Controllers/ExternalAccount.php
@@ -29,9 +29,9 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Error;
-use \Espo\Core\Exceptions\Forbidden;
-use \Espo\Core\Exceptions\BadRequest;
+use Espo\Core\Exceptions\Error;
+use Espo\Core\Exceptions\Forbidden;
+use Espo\Core\Exceptions\BadRequest;

 class ExternalAccount extends \Espo\Core\Controllers\Record
 {
@@ -93,12 +93,7 @@ class ExternalAccount extends \Espo\Core\Controllers\Record
    {
        list($integration, $userId) = explode('__', $params['id']);

-        if ($this->getUser()->id != $userId && !$this->getUser()->isAdmin()) {
-            throw new Forbidden();
-        }
-
-        $entity = $this->getEntityManager()->getEntity('ExternalAccount', $params['id']);
-        return $entity->toArray();
+        return $this->getRecordService()->read($params['id'])->getValueMap();
    }

    public function actionUpdate($params, $data, $request)
--- a/application/Espo/Controllers/FieldManager.php
+++ b/application/Espo/Controllers/FieldManager.php
@@ -29,27 +29,52 @@

 namespace Espo\Controllers;

-use Espo\Core\Exceptions\Error;
-use Espo\Core\Exceptions\Forbidden;
-use Espo\Core\Exceptions\NotFound;
-use Espo\Core\Exceptions\BadRequest;
+use Espo\{
+    Entities\User,
+    Tools\FieldManager\FieldManager as FieldManagerTool,
+};

-class FieldManager extends \Espo\Core\Controllers\Base
+use Espo\Core\{
+    Exceptions\Error,
+    Exceptions\Forbidden,
+    Exceptions\NotFound,
+    Exceptions\BadRequest,
+    Api\Request,
+    DataManager,
+};
+
+class FieldManager
 {
+    protected $user;
+    protected $dataManager;
+    protected $fieldManagerTool;
+
+    public function __construct(User $user, DataManager $dataManager, FieldManagerTool $fieldManagerTool)
+    {
+        $this->user = $user;
+        $this->dataManager = $dataManager;
+        $this->fieldManagerTool = $fieldManagerTool;
+
+        $this->checkControllerAccess();
+    }
+
    protected function checkControllerAccess()
    {
-        if (!$this->getUser()->isAdmin()) {
+        if (!$this->user->isAdmin()) {
            throw new Forbidden();
        }
    }

-    public function actionRead($params, $data)
+    public function getActionRead(Request $request)
    {
-        if (empty($params['scope']) || empty($params['name'])) {
+        $scope = $request->getRouteParam('scope');
+        $name = $request->getRouteParam('name');
+
+        if (!$scope || !$name) {
            throw new BadRequest();
        }

-        $data = $this->getContainer()->get('fieldManager')->read($params['scope'], $params['name']);
+        $data = $this->fieldManagerTool->read($scope, $name);

        if (!isset($data)) {
            throw new BadRequest();
@@ -58,72 +83,91 @@ class FieldManager extends \Espo\Core\Controllers\Base
        return $data;
    }

-    public function postActionCreate($params, $data)
+    public function postActionCreate(Request $request)
    {
-        if (empty($params['scope']) || empty($data->name)) {
+        $data = $request->getParsedBody();
+
+        $scope = $request->getRouteParam('scope');
+        $name = $data->name ?? null;
+
+        if (!$scope || !$name) {
            throw new BadRequest();
        }

-        $fieldManager = $this->getContainer()->get('fieldManager');
-        $fieldManager->create($params['scope'], $data->name, get_object_vars($data));
+        $fieldManagerTool = $this->fieldManagerTool;
+
+        $fieldManagerTool->create($scope, $name, get_object_vars($data));

        try {
-            $this->getContainer()->get('dataManager')->rebuild($params['scope']);
-        } catch (Error $e) {
-            $fieldManager->delete($params['scope'], $data->name);
+            $this->dataManager->rebuild([$scope]);
+        }
+        catch (Error $e) {
+            $fieldManagerTool->delete($scope, $data->name);
+
            throw new Error($e->getMessage());
        }

-        return $fieldManager->read($params['scope'], $data->name);
+        return $fieldManagerTool->read($scope, $data->name);
    }

-    public function patchActionUpdate($params, $data)
+    public function patchActionUpdate(Request $request)
    {
-        return $this->putActionUpdate($params, $data);
+        return $this->putActionUpdate($request);
    }

-    public function putActionUpdate($params, $data)
+    public function putActionUpdate(Request $request)
    {
-        if (empty($params['scope']) || empty($params['name'])) {
+        $data = $request->getParsedBody();
+
+        $scope = $request->getRouteParam('scope');
+        $name = $request->getRouteParam('name');
+
+        if (!$scope || !$name) {
            throw new BadRequest();
        }

-        $fieldManager = $this->getContainer()->get('fieldManager');
-        $fieldManager->update($params['scope'], $params['name'], get_object_vars($data));
+        $fieldManagerTool = $this->fieldManagerTool;

-        if ($fieldManager->isChanged()) {
-            $this->getContainer()->get('dataManager')->rebuild($params['scope']);
+        $fieldManagerTool->update($scope, $name, get_object_vars($data));
+
+        if ($fieldManagerTool->isChanged()) {
+            $this->dataManager->rebuild([$scope]);
        } else {
-            $this->getContainer()->get('dataManager')->clearCache();
+            $this->dataManager->clearCache();
        }

-        return $fieldManager->read($params['scope'], $params['name']);
+        return $fieldManagerTool->read($scope, $name);
    }

-    public function deleteActionDelete($params, $data)
+    public function deleteActionDelete(Request $request)
    {
-        if (empty($params['scope']) || empty($params['name'])) {
+        $scope = $request->getRouteParam('scope');
+        $name = $request->getRouteParam('name');
+
+        if (!$scope || !$name) {
            throw new BadRequest();
        }

-        $result = $this->getContainer()->get('fieldManager')->delete($params['scope'], $params['name']);
+        $result = $this->fieldManagerTool->delete($scope, $name);

-        $this->getContainer()->get('dataManager')->rebuildMetadata();
+        $this->dataManager->rebuildMetadata();

        return $result;
    }

-    public function postActionResetToDefault($params, $data)
+    public function postActionResetToDefault(Request $request)
    {
+        $data = $request->getParsedBody();
+
        if (empty($data->scope) || empty($data->name)) {
            throw new BadRequest();
        }

-        $this->getContainer()->get('fieldManager')->resetToDefault($data->scope, $data->name);
+        $this->fieldManagerTool->resetToDefault($data->scope, $data->name);

-        $this->getContainer()->get('dataManager')->clearCache();
+        $this->dataManager->clearCache();

-        $this->getContainer()->get('dataManager')->rebuildMetadata();
+        $this->dataManager->rebuildMetadata();

        return true;
    }
--- a/application/Espo/Controllers/GlobalSearch.php
+++ b/application/Espo/Controllers/GlobalSearch.php
@@ -29,11 +29,17 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Error,
-    \Espo\Core\Exceptions\Forbidden;
+use Espo\Core\ServiceFactory;

-class GlobalSearch extends \Espo\Core\Controllers\Base
+class GlobalSearch
 {
+    protected $serviceFactory;
+
+    public function __construct(ServiceFactory $serviceFactory)
+    {
+        $this->serviceFactory = $serviceFactory;
+    }
+
    public function actionSearch($params, $data, $request)
    {
        $query = $request->get('q');
@@ -41,7 +47,6 @@ class GlobalSearch extends \Espo\Core\Controllers\Base
        $offset = intval($request->get('offset'));
        $maxSize = intval($request->get('maxSize'));

-        return $this->getService('GlobalSearch')->find($query, $offset, $maxSize);
+        return $this->serviceFactory->create('GlobalSearch')->find($query, $offset, $maxSize);
    }
 }
-
--- a/application/Espo/Controllers/I18n.php
+++ b/application/Espo/Controllers/I18n.php
@@ -29,17 +29,21 @@

 namespace Espo\Controllers;

-class I18n extends \Espo\Core\Controllers\Base
+use Espo\Core\ServiceFactory;
+
+class I18n
 {
+    protected $serviceFactory;
+
+    public function __construct(ServiceFactory $serviceFactory)
+    {
+        $this->serviceFactory = $serviceFactory;
+    }
+
    public function actionRead($params, $data, $request)
    {
        $default = $request->get('default') === 'true';

-        return $this->getServiceFactory()->create('Language')->getDataForFrontend($default);
-
-        /*if ($request->get('default')) {
-            return $this->getContainer()->get('defaultLanguage')->getAll();
-        }
-        return $this->getContainer()->get('language')->getAll();*/
+        return $this->serviceFactory->create('Language')->getDataForFrontend($default);
    }
 }
--- a/application/Espo/Controllers/Import.php
+++ b/application/Espo/Controllers/Import.php
@@ -30,9 +30,9 @@
 namespace Espo\Controllers;

 use Espo\Core\Utils as Utils;
-use \Espo\Core\Exceptions\Error;
-use \Espo\Core\Exceptions\Forbidden;
-use \Espo\Core\Exceptions\BadRequest;
+use Espo\Core\Exceptions\Error;
+use Espo\Core\Exceptions\Forbidden;
+use Espo\Core\Exceptions\BadRequest;

 class Import extends \Espo\Core\Controllers\Record
 {
@@ -78,24 +78,13 @@ class Import extends \Espo\Core\Controllers\Record
        return $this->getContainer()->get('entityManager');
    }

-    public function actionUploadFile($params, $data, $request)
+    public function postActionUploadFile($params, $data)
    {
        $contents = $data;

-        if (!$request->isPost()) {
-            throw new BadRequest();
-        }
+        $attachmentId = $this->getService('Import')->uploadFile($contents);

-        $attachment = $this->getEntityManager()->getEntity('Attachment');
-        $attachment->set('type', 'text/csv');
-        $attachment->set('role', 'Import File');
-        $attachment->set('name', 'import-file.csv');
-        $attachment->set('contents', $contents);
-        $this->getEntityManager()->saveEntity($attachment);
-
-        return [
-            'attachmentId' => $attachment->id
-        ];
+        return ['attachmentId' => $attachmentId];
    }

    public function actionRevert($params, $data, $request)
@@ -106,7 +95,9 @@ class Import extends \Espo\Core\Controllers\Record
        if (!$request->isPost()) {
            throw new BadRequest();
        }
-        return $this->getService('Import')->revert($data->id);
+        $this->getService('Import')->revert($data->id);
+
+        return true;
    }

    public function actionRemoveDuplicates($params, $data, $request)
@@ -117,7 +108,9 @@ class Import extends \Espo\Core\Controllers\Record
        if (!$request->isPost()) {
            throw new BadRequest();
        }
-        return $this->getService('Import')->removeDuplicates($data->id);
+        $this->getService('Import')->removeDuplicates($data->id);
+
+        return true;
    }

    public function actionCreate($params, $data, $request)
@@ -190,6 +183,8 @@ class Import extends \Espo\Core\Controllers\Record
            'skipDuplicateChecking' => !empty($data->skipDuplicateChecking),
            'idleMode' => !empty($data->idleMode),
            'silentMode' => !empty($data->silentMode),
+            'manualMode' => !empty($data->manualMode),
+            'defaultFieldList' => $data->defaultFieldList ?? [],
        ];

        if (property_exists($data, 'updateBy')) {
@@ -210,7 +205,9 @@ class Import extends \Espo\Core\Controllers\Record
        if (empty($data->id) || empty($data->entityType) || empty($data->entityId)) {
            throw new BadRequest();
        }
+
        $this->getService('Import')->unmarkAsDuplicate($data->id, $data->entityType, $data->entityId);
+
        return true;
    }
 }
--- a/application/Espo/Controllers/InboundEmail.php
+++ b/application/Espo/Controllers/InboundEmail.php
@@ -29,8 +29,7 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Forbidden;
-use \Espo\Core\Exceptions\BadRequest;
+use Espo\Core\Exceptions\Forbidden;

 class InboundEmail extends \Espo\Core\Controllers\Record
 {
@@ -46,7 +45,7 @@ class InboundEmail extends \Espo\Core\Controllers\Record
        return $this->getRecordService()->getFolders([
            'host' => $data->host ?? null,
            'port' => $data->port ?? null,
-            'ssl' =>  $data->ssl ?? false,
+            'security' =>  $data->security ?? null,
            'username' => $data->username ?? null,
            'password' => $data->password ?? null,
            'id' => $data->id ?? null,
--- a/application/Espo/Controllers/Integration.php
+++ b/application/Espo/Controllers/Integration.php
@@ -29,9 +29,8 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Error;
-use \Espo\Core\Exceptions\Forbidden;
-use \Espo\Core\Exceptions\BadRequest;
+use Espo\Core\Exceptions\Forbidden;
+use Espo\Core\Exceptions\BadRequest;

 class Integration extends \Espo\Core\Controllers\Record
 {
@@ -82,4 +81,3 @@ class Integration extends \Espo\Core\Controllers\Record
        return $entity->toArray();
    }
 }
-
--- a/application/Espo/Controllers/Job.php
+++ b/application/Espo/Controllers/Job.php
@@ -29,8 +29,7 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Error;
-use \Espo\Core\Exceptions\Forbidden;
+use Espo\Core\Exceptions\Forbidden;

 class Job extends \Espo\Core\Controllers\Record
 {
--- a/application/Espo/Controllers/LabelManager.php
+++ b/application/Espo/Controllers/LabelManager.php
@@ -29,49 +29,69 @@

 namespace Espo\Controllers;

-use Espo\Core\Utils as Utils;
-use \Espo\Core\Exceptions\NotFound;
-use \Espo\Core\Exceptions\Error;
-use \Espo\Core\Exceptions\Forbidden;
-use \Espo\Core\Exceptions\BadRequest;
+use Espo\Core\{
+    Exceptions\Forbidden,
+    Exceptions\BadRequest,
+    Api\Request,
+    DataManager,
+};

-class LabelManager extends \Espo\Core\Controllers\Base
+use Espo\{
+    Tools\LabelManager\LabelManager as LabelManagerTool,
+    Entities\User,
+};
+
+class LabelManager
 {
+    protected $user;
+    protected $dataManager;
+    protected $labelManagerTool;
+
+    public function __construct(User $user, DataManager $dataManager, LabelManagerTool $labelManagerTool)
+    {
+        $this->user = $user;
+        $this->dataManager = $dataManager;
+        $this->labelManagerTool = $labelManagerTool;
+
+        $this->checkControllerAccess();
+    }
+
    protected function checkControllerAccess()
    {
-        if (!$this->getUser()->isAdmin()) {
+        if (!$this->user->isAdmin()) {
            throw new Forbidden();
        }
    }

-    public function postActionGetScopeList($params)
+    public function postActionGetScopeList()
    {
-        $labelManager = $this->getContainer()->get('injectableFactory')->createByClassName('\\Espo\\Core\\Utils\\LabelManager');
-
-        return $labelManager->getScopeList();
+        return $this->labelManagerTool->getScopeList();
    }

-    public function postActionGetScopeData($params, $data, $request)
+    public function postActionGetScopeData(Request $request)
    {
+        $data = $request->getParsedBody();
+
        if (empty($data->scope) || empty($data->language)) {
            throw new BadRequest();
        }
-        $labelManager = $this->getContainer()->get('injectableFactory')->createByClassName('\\Espo\\Core\\Utils\\LabelManager');
-        return $labelManager->getScopeData($data->language, $data->scope);
+
+        return $this->labelManagerTool->getScopeData($data->language, $data->scope);
    }

-    public function postActionSaveLabels($params, $data)
+    public function postActionSaveLabels(Request $request)
    {
+        $data = $request->getParsedBody();
+
        if (empty($data->scope) || empty($data->language) || !isset($data->labels)) {
            throw new BadRequest();
        }

        $labels = get_object_vars($data->labels);

-        $labelManager = $this->getContainer()->get('injectableFactory')->createByClassName('\\Espo\\Core\\Utils\\LabelManager');
-        $returnData = $labelManager->saveLabels($data->language, $data->scope, $labels);
+        $returnData = $this->labelManagerTool->saveLabels($data->language, $data->scope, $labels);

-        $this->getContainer()->get('dataManager')->clearCache();
+        $this->dataManager->clearCache();

        return $returnData;
    }
--- a/application/Espo/Controllers/LastViewed.php
+++ b/application/Espo/Controllers/LastViewed.php
@@ -29,7 +29,7 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Forbidden;
+use Espo\Core\Exceptions\Forbidden;

 class LastViewed extends \Espo\Core\Controllers\Base
 {
--- a/application/Espo/Controllers/Layout.php
+++ b/application/Espo/Controllers/Layout.php
@@ -30,62 +30,51 @@
 namespace Espo\Controllers;

 use Espo\Core\Utils as Utils;
-use \Espo\Core\Exceptions\NotFound;
-use \Espo\Core\Exceptions\Error;
-use \Espo\Core\Exceptions\Forbidden;
-use \Espo\Core\Exceptions\BadRequest;
+use Espo\Core\Exceptions\NotFound;
+use Espo\Core\Exceptions\Error;
+use Espo\Core\Exceptions\Forbidden;
+use Espo\Core\Exceptions\BadRequest;

 class Layout extends \Espo\Core\Controllers\Base
 {
-    public function actionRead($params, $data)
+    public function getActionRead($params, $data)
    {
-        return $this->getServiceFactory()->create('Layout')->getForFrontend($params['scope'], $params['name']);
+        $scope = $params['scope'] ?? null;
+        $name = $params['name'] ?? null;
+
+        return $this->getServiceFactory()->create('Layout')->getForFrontend($scope, $name);
    }

-    public function actionUpdate($params, $data, $request)
+    public function putActionUpdate($params, $data, $request)
    {
-        if (is_object($data)) {
-            $data = get_object_vars($data);
-        }
+        $data = json_decode($request->getBodyContents());

-        if (!$this->getUser()->isAdmin()) {
-            throw new Forbidden();
-        }
+        if (is_object($data)) $data = get_object_vars($data);

-        if (!$request->isPut() && !$request->isPatch()) {
-            throw new BadRequest();
-        }
+        if (!$this->getUser()->isAdmin()) throw new Forbidden();

-        $layoutManager = $this->getContainer()->get('layout');
-        $layoutManager->set($data, $params['scope'], $params['name']);
-        $result = $layoutManager->save();
+        $scope = $params['scope'] ?? null;
+        $name = $params['name'] ?? null;
+        $setId = $params['setId'] ?? null;

-        if ($result === false) {
-            throw new Error("Error while saving layout.");
-        }
-
-        $this->getContainer()->get('dataManager')->updateCacheTimestamp();
-
-        return $layoutManager->get($params['scope'], $params['name']);
-    }
-
-    public function actionPatch($params, $data, $request)
-    {
-        return $this->actionUpdate($params, $data, $request);
+        return $this->getServiceFactory()->create('Layout')->update($scope, $name, $setId, $data);
    }

    public function postActionResetToDefault($params, $data, $request)
    {
-        if (!$this->getUser()->isAdmin()) {
-            throw new Forbidden();
-        }
+        if (!$this->getUser()->isAdmin()) throw new Forbidden();

-        if (empty($data->scope) || empty($data->name)) {
-            throw new BadRequest();
-        }
+        if (empty($data->scope) || empty($data->name)) throw new BadRequest();

-        $this->getContainer()->get('dataManager')->updateCacheTimestamp();
+        return $this->getServiceFactory()->create('Layout')->resetToDefault($data->scope, $data->name, $data->setId ?? null);
+    }

-        return $this->getContainer()->get('layout')->resetToDefault($data->scope, $data->name);
+    public function getActionGetOriginal($params, $data, $request)
+    {
+        if (!$this->getUser()->isAdmin()) throw new Forbidden();
+
+        return $this->getServiceFactory()->create('Layout')->getOriginal(
+            $request->get('scope'), $request->get('name'), $request->get('setId')
+        );
    }
 }
--- a/application/Espo/Controllers/LayoutSet.php
+++ b/application/Espo/Controllers/LayoutSet.php
@@ -0,0 +1,42 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2020 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: https://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ *
+ * The interactive user interfaces in modified source and object code versions
+ * of this program must display Appropriate Legal Notices, as required under
+ * Section 5 of the GNU General Public License version 3.
+ *
+ * In accordance with Section 7(b) of the GNU General Public License version 3,
+ * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
+ ************************************************************************/
+
+namespace Espo\Controllers;
+
+use Espo\Core\Exceptions\Forbidden;
+
+class LayoutSet extends \Espo\Core\Controllers\Record
+{
+    protected function checkControllerAccess()
+    {
+        if (!$this->getUser()->isAdmin()) {
+            throw new Forbidden();
+        }
+    }
+}
--- a/application/Espo/Controllers/LeadCapture.php
+++ b/application/Espo/Controllers/LeadCapture.php
@@ -29,26 +29,36 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Forbidden;
-use \Espo\Core\Exceptions\BadRequest;
-use \Espo\Core\Exceptions\NotFound;
+use Espo\Core\Exceptions\Forbidden;
+use Espo\Core\Exceptions\BadRequest;
+use Espo\Core\Exceptions\NotFound;

 class LeadCapture extends \Espo\Core\Controllers\Record
 {
    public function postActionLeadCapture($params, $data, $request, $response)
    {
-        if (empty($params['apiKey'])) throw new BadRequest('No API key provided.');
-        if (empty($data)) throw new BadRequest('No payload provided.');
+        if (empty($params['apiKey'])) {
+            throw new BadRequest('No API key provided.');
+        }
+
+        if (empty($data)) {
+            throw new BadRequest('No payload provided.');
+        }

        $allowOrigin = $this->getConfig()->get('leadCaptureAllowOrigin', '*');
-        $response->headers->set('Access-Control-Allow-Origin', $allowOrigin);

-        return $this->getRecordService()->leadCapture($params['apiKey'], $data);
+        $response->setHeader('Access-Control-Allow-Origin', $allowOrigin);
+
+        $this->getRecordService()->leadCapture($params['apiKey'], $data);
+
+        return true;
    }

    public function optionsActionLeadCapture($params, $data, $request, $response)
    {
-        if (empty($params['apiKey'])) throw new BadRequest('No API key provided.');
+        if (empty($params['apiKey'])) {
+            throw new BadRequest('No API key provided.');
+        }

        if (!$this->getRecordService()->isApiKeyValid($params['apiKey'])) {
            throw new NotFound();
@@ -56,23 +66,27 @@ class LeadCapture extends \Espo\Core\Controllers\Record

        $allowOrigin = $this->getConfig()->get('leadCaptureAllowOrigin', '*');

-        $response->headers->set('Access-Control-Allow-Headers', 'Content-Type, Accept');
-        $response->headers->set('Access-Control-Allow-Origin', $allowOrigin);
-        $response->headers->set('Access-Control-Allow-Methods', 'POST');
+        $response->setHeader('Access-Control-Allow-Headers', 'Content-Type, Accept');
+        $response->setHeader('Access-Control-Allow-Origin', $allowOrigin);
+        $response->setHeader('Access-Control-Allow-Methods', 'POST');

        return true;
    }

    public function postActionGenerateNewApiKey($params, $data, $request)
    {
-        if (empty($data->id)) throw new BadRequest();
+        if (empty($data->id)) {
+            throw new BadRequest();
+        }

        return $this->getRecordService()->generateNewApiKeyForEntity($data->id)->getValueMap();
    }

    public function getActionSmtpAccountDataList()
    {
-        if (!$this->getUser()->isAdmin()) throw new Forbidden();
+        if (!$this->getUser()->isAdmin()) {
+            throw new Forbidden();
+        }

        return $this->getServiceFactory()->create('LeadCapture')->getSmtpAccountDataList();
    }
--- a/application/Espo/Controllers/LeadCaptureLogRecord.php
+++ b/application/Espo/Controllers/LeadCaptureLogRecord.php
@@ -29,9 +29,6 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Forbidden;
-use \Espo\Core\Exceptions\BadRequest;
-
 class LeadCaptureLogRecord extends \Espo\Core\Controllers\Record
 {

--- a/application/Espo/Controllers/Metadata.php
+++ b/application/Espo/Controllers/Metadata.php
@@ -29,11 +29,10 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Forbidden;
+use Espo\Core\Exceptions\Forbidden;

 class Metadata extends \Espo\Core\Controllers\Base
 {
-
    public function actionRead($params, $data)
    {
        return $this->getServiceFactory()->create('Metadata')->getDataForFrontend();
--- a/application/Espo/Controllers/Notification.php
+++ b/application/Espo/Controllers/Notification.php
@@ -29,7 +29,7 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Error;
+use Espo\Core\Exceptions\Error;

 class Notification extends \Espo\Core\Controllers\Record
 {
@@ -47,18 +47,18 @@ class Notification extends \Espo\Core\Controllers\Record
            $maxSize = self::MAX_SIZE_LIMIT;
        }

-        $params = array(
+        $params = [
            'offset' => $offset,
            'maxSize' => $maxSize,
-            'after' => $after
-        );
+            'after' => $after,
+        ];

-        $result = $this->getService('Notification')->getList($userId, $params);
+        $recordCollection = $this->getService('Notification')->getList($userId, $params);

-        return array(
-            'total' => $result['total'],
-            'list' => $result['collection']->toArray()
-        );
+        return (object) [
+            'total' => $recordCollection->getTotal(),
+            'list' => $recordCollection->getValueMapList(),
+        ];
    }

    public function actionNotReadCount()
--- a/application/Espo/Controllers/Pdf.php
+++ b/application/Espo/Controllers/Pdf.php
@@ -29,9 +29,9 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Forbidden;
-use \Espo\Core\Exceptions\BadRequest;
-use \Espo\Core\Exceptions\Error;
+use Espo\Core\Exceptions\Forbidden;
+use Espo\Core\Exceptions\BadRequest;
+use Espo\Core\Exceptions\Error;

 class Pdf extends \Espo\Core\Controllers\Base
 {
--- a/application/Espo/Controllers/PhoneNumber.php
+++ b/application/Espo/Controllers/PhoneNumber.php
@@ -29,8 +29,6 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Forbidden;
-
 class PhoneNumber extends \Espo\Core\Controllers\Record
 {

--- a/application/Espo/Controllers/Portal.php
+++ b/application/Espo/Controllers/Portal.php
@@ -29,7 +29,7 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Forbidden;
+use Espo\Core\Exceptions\Forbidden;

 class Portal extends \Espo\Core\Controllers\Record
 {
--- a/application/Espo/Controllers/Preferences.php
+++ b/application/Espo/Controllers/Preferences.php
@@ -29,10 +29,10 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Error;
-use \Espo\Core\Exceptions\Forbidden;
-use \Espo\Core\Exceptions\BadRequest;
-use \Espo\Core\Exceptions\NotFound;
+use Espo\Core\Exceptions\Error;
+use Espo\Core\Exceptions\Forbidden;
+use Espo\Core\Exceptions\BadRequest;
+use Espo\Core\Exceptions\NotFound;

 class Preferences extends \Espo\Core\Controllers\Base
 {
--- a/application/Espo/Controllers/Settings.php
+++ b/application/Espo/Controllers/Settings.php
@@ -32,6 +32,11 @@ namespace Espo\Controllers;
 use Espo\Core\Exceptions\Forbidden;
 use Espo\Core\Exceptions\BadRequest;

+use Espo\Core\{
+    Authentication\LDAP\Utils as LDAPUtils,
+    Authentication\LDAP\Client as LDAPClient,
+};
+
 class Settings extends \Espo\Core\Controllers\Base
 {
    protected function getConfigData()
@@ -86,11 +91,14 @@ class Settings extends \Espo\Core\Controllers\Base

        $data = get_object_vars($data);

-        $ldapUtils = new \Espo\Core\Utils\Authentication\LDAP\Utils();
+        $ldapUtils = new LDAPUtils();
+
        $options = $ldapUtils->normalizeOptions($data);

-        $ldapClient = new \Espo\Core\Utils\Authentication\LDAP\Client($options);
-        $ldapClient->bind(); //an exception if no connection
+        $ldapClient = new LDAPClient($options);
+
+        //an exception if no connection
+        $ldapClient->bind();

        return true;
    }
--- a/application/Espo/Controllers/Stream.php
+++ b/application/Espo/Controllers/Stream.php
@@ -29,14 +29,26 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Error;
+use Espo\Core\Exceptions\Error;

-class Stream extends \Espo\Core\Controllers\Base
+use Espo\Core\ServiceFactory;
+use Espo\Core\Utils\Config;
+
+class Stream
 {
    const MAX_SIZE_LIMIT = 200;

    public static $defaultAction = 'list';

+    protected $serviceFactory;
+    protected $config;
+
+    public function __construct(ServiceFactory $serviceFactory, Config $config)
+    {
+        $this->serviceFactory = $serviceFactory;
+        $this->config = $config;
+    }
+
    public function actionList($params, $data, $request)
    {
        $scope = $params['scope'];
@@ -48,9 +60,7 @@ class Stream extends \Espo\Core\Controllers\Base
        $filter = $request->get('filter');
        $skipOwn = $request->get('skipOwn') === 'true';

-        $service = $this->getService('Stream');
-
-        $maxSizeLimit = $this->getConfig()->get('recordListMaxSizeLimit', self::MAX_SIZE_LIMIT);
+        $maxSizeLimit = $this->config->get('recordListMaxSizeLimit', self::MAX_SIZE_LIMIT);
        if (empty($maxSize)) {
            $maxSize = $maxSizeLimit;
        }
@@ -58,7 +68,7 @@ class Stream extends \Espo\Core\Controllers\Base
            throw new Forbidden("Max size should should not exceed " . $maxSizeLimit . ". Use offset and limit.");
        }

-        $result = $service->find($scope, $id, [
+        $result = $this->serviceFactory->create('Stream')->find($scope, $id, [
            'offset' => $offset,
            'maxSize' => $maxSize,
            'after' => $after,
@@ -83,9 +93,7 @@ class Stream extends \Espo\Core\Controllers\Base

        $where = $request->get('where');

-        $service = $this->getService('Stream');
-
-        $maxSizeLimit = $this->getConfig()->get('recordListMaxSizeLimit', self::MAX_SIZE_LIMIT);
+        $maxSizeLimit = $this->config->get('recordListMaxSizeLimit', self::MAX_SIZE_LIMIT);
        if (empty($maxSize)) {
            $maxSize = $maxSizeLimit;
        }
@@ -93,7 +101,7 @@ class Stream extends \Espo\Core\Controllers\Base
            throw new Forbidden("Max size should should not exceed " . $maxSizeLimit . ". Use offset and limit.");
        }

-        $result = $service->find($scope, $id, [
+        $result = $this->serviceFactory->create('Stream')->find($scope, $id, [
            'offset' => $offset,
            'maxSize' => $maxSize,
            'after' => $after,
--- a/application/Espo/Controllers/Template.php
+++ b/application/Espo/Controllers/Template.php
@@ -29,8 +29,6 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Error;
-
 class Template extends \Espo\Core\Controllers\Record
 {

--- a/application/Espo/Controllers/TemplateManager.php
+++ b/application/Espo/Controllers/TemplateManager.php
@@ -29,17 +29,26 @@

 namespace Espo\Controllers;

-use Espo\Core\Utils as Utils;
-use \Espo\Core\Exceptions\NotFound;
-use \Espo\Core\Exceptions\Error;
-use \Espo\Core\Exceptions\Forbidden;
-use \Espo\Core\Exceptions\BadRequest;
+use Espo\Core\Exceptions\Forbidden;
+use Espo\Core\Exceptions\BadRequest;

-class TemplateManager extends \Espo\Core\Controllers\Base
+use Espo\Core\Utils\Metadata;
+use Espo\Core\Utils\TemplateFileManager;
+use Espo\Core\ApplicationState;
+
+class TemplateManager
 {
-    protected function checkControllerAccess()
+    protected $metadata;
+    protected $templateFileManager;
+    protected $applicationState;
+
+    public function __construct(Metadata $metadata, TemplateFileManager $templateFileManager, ApplicationState $applicationState)
    {
-        if (!$this->getUser()->isAdmin()) {
+        $this->metadata = $metadata;
+        $this->templateFileManager = $templateFileManager;
+        $this->applicationState = $applicationState;
+
+        if (!$this->applicationState->isAdmin()) {
            throw new Forbidden();
        }
    }
@@ -50,10 +59,10 @@ class TemplateManager extends \Espo\Core\Controllers\Base
        if (empty($name)) throw new BadRequest();
        $scope = $request->get('scope');
        $module = null;
-        $module = $this->getMetadata()->get(['app', 'templates', $name, 'module']);
-        $hasSubject = !$this->getMetadata()->get(['app', 'templates', $name, 'noSubject']);
+        $module = $this->metadata->get(['app', 'templates', $name, 'module']);
+        $hasSubject = !$this->metadata->get(['app', 'templates', $name, 'noSubject']);

-        $templateFileManager = $this->getContainer()->get('templateFileManager');
+        $templateFileManager = $this->templateFileManager;

        $returnData = (object) [];
        $returnData->body = $templateFileManager->getTemplate($name, 'body', $scope, $module);
@@ -75,7 +84,7 @@ class TemplateManager extends \Espo\Core\Controllers\Base
            $scope = $data->scope;
        }

-        $templateFileManager = $this->getContainer()->get('templateFileManager');
+        $templateFileManager = $this->templateFileManager;

        if (isset($data->subject)) {
            $templateFileManager->saveTemplate($data->name, 'subject', $data->subject, $scope);
@@ -99,10 +108,10 @@ class TemplateManager extends \Espo\Core\Controllers\Base
        }

        $module = null;
-        $module = $this->getMetadata()->get(['app', 'templates', $data->name, 'module']);
-        $hasSubject = !$this->getMetadata()->get(['app', 'templates', $data->name, 'noSubject']);
+        $module = $this->metadata->get(['app', 'templates', $data->name, 'module']);
+        $hasSubject = !$this->metadata->get(['app', 'templates', $data->name, 'noSubject']);

-        $templateFileManager = $this->getContainer()->get('templateFileManager');
+        $templateFileManager = $this->templateFileManager;

        if ($hasSubject) {
            $templateFileManager->resetTemplate($data->name, 'subject', $scope);
--- a/application/Espo/Controllers/User.php
+++ b/application/Espo/Controllers/User.php
@@ -29,10 +29,10 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Error;
-use \Espo\Core\Exceptions\NotFound;
-use \Espo\Core\Exceptions\Forbidden;
-use \Espo\Core\Exceptions\BadRequest;
+use Espo\Core\Exceptions\Error;
+use Espo\Core\Exceptions\NotFound;
+use Espo\Core\Exceptions\Forbidden;
+use Espo\Core\Exceptions\BadRequest;

 class User extends \Espo\Core\Controllers\Record
 {
@@ -69,29 +69,7 @@ class User extends \Espo\Core\Controllers\Record
            throw new BadRequest();
        }

-        if ($this->getConfig()->get('passwordRecoveryDisabled')) {
-            throw new Forbidden("Password recovery disabled");
-        }
-
-        $request = $this->getEntityManager()->getRepository('PasswordChangeRequest')->where([
-            'requestId' => $data->requestId
-        ])->findOne();
-
-        if (!$request) {
-            throw new Forbidden();
-        }
-
-        $userId = $request->get('userId');
-        if (!$userId) {
-            throw new Error();
-        }
-
-        if ($this->getService('User')->changePassword($userId, $data->password)) {
-            $this->getEntityManager()->removeEntity($request);
-            return [
-                'url' => $request->get('url')
-            ];
-        }
+        return $this->getService('User')->changePasswordByRequest($data->requestId, $data->password);
    }

    public function postActionPasswordChangeRequest($params, $data, $request)
--- a/application/Espo/Controllers/UserSecurity.php
+++ b/application/Espo/Controllers/UserSecurity.php
@@ -29,10 +29,8 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Error;
-use \Espo\Core\Exceptions\Forbidden;
-use \Espo\Core\Exceptions\NotFound;
-use \Espo\Core\Exceptions\BadRequest;
+use Espo\Core\Exceptions\Forbidden;
+use Espo\Core\Exceptions\BadRequest;

 class UserSecurity extends \Espo\Core\Controllers\Base
 {
--- a/application/Espo/Controllers/Webhook.php
+++ b/application/Espo/Controllers/Webhook.php
@@ -29,8 +29,7 @@

 namespace Espo\Controllers;

-use \Espo\Core\Exceptions\Error;
-use \Espo\Core\Exceptions\Forbidden;
+use Espo\Core\Exceptions\Forbidden;

 class Webhook extends \Espo\Core\Controllers\Record
 {
--- a/application/Espo/Core/Acl.php
+++ b/application/Espo/Core/Acl.php
@@ -29,9 +29,12 @@

 namespace Espo\Core;

-use \Espo\ORM\Entity;
-use \Espo\Entities\User;
+use Espo\ORM\Entity;
+use Espo\Entities\User;

+/**
+ * A wrapper for AclManager. To check access for a current user.
+ */
 class Acl
 {
    private $user;
@@ -54,102 +57,154 @@ class Acl
        return $this->user;
    }

-    public function getMap()
+    public function getMap() : \StdClass
    {
        return $this->getAclManager()->getMap($this->getUser());
    }

-    public function getLevel($scope, $action)
+    /**
+     * Get an access level for a specific scope and action.
+     */
+    public function getLevel(string $scope, string $action) : string
    {
        return $this->getAclManager()->getLevel($this->getUser(), $scope, $action);
    }

-    public function get($permission)
+    /**
+     * Get a permission. E.g. 'assignment' permission.
+     */
+    public function get(string $permission) : ?string
    {
        return $this->getAclManager()->get($this->getUser(), $permission);
    }

-    public function checkReadNo($scope)
+    /**
+     * Whether there's no 'read' access for a specific scope.
+     */
+    public function checkReadNo(string $scope) : bool
    {
        return $this->getAclManager()->checkReadNo($this->getUser(), $scope);
    }

-    public function checkReadOnlyTeam($scope)
+    /**
+     * Whether 'read' access is set to 'team' for a specific scope.
+     */
+    public function checkReadOnlyTeam(string $scope) : bool
    {
        return $this->getAclManager()->checkReadOnlyTeam($this->getUser(), $scope);
    }

-    public function checkReadOnlyOwn($scope)
+    /**
+     * Whether 'read' access is set to 'own' for a specific scope.
+     */
+    public function checkReadOnlyOwn(string $scope) : bool
    {
        return $this->getAclManager()->checkReadOnlyOwn($this->getUser(), $scope);
    }

-    public function check($subject, $action = null)
+    /**
+     * Check a scope or entity. If $action is omitted, it will check whether a scope level is set to 'enabled'.
+     */
+    public function check($subject, ?string $action = null) : bool
    {
        return $this->getAclManager()->check($this->getUser(), $subject, $action);
    }

-    public function checkScope($scope, $action = null)
+    /**
+     * Check access to scope. If $action is omitted, it will check whether a scope level is set to 'enabled'.
+     */
+    public function checkScope(string $scope, ?string $action = null) : bool
    {
        return $this->getAclManager()->checkScope($this->getUser(), $scope, $action);
    }

-    public function checkEntity(Entity $entity, $action = 'read')
+    /**
+     * Check access to a specific entity (record).
+     */
+    public function checkEntity(Entity $entity, string $action = 'read') : bool
    {
        return $this->getAclManager()->checkEntity($this->getUser(), $entity, $action);
    }

-    public function checkUser($permission, User $entity)
+    /**
+     * @deprecated
+     */
+    public function checkUser(string $permission, User $entity) : bool
    {
        return $this->getAclManager()->checkUser($this->getUser(), $permission, $entity);
    }

-    public function checkIsOwner(Entity $entity)
+    /**
+     * Whether a user is owned of an entity (record). Usually 'assignedUser' field is used for checking.
+     */
+    public function checkIsOwner(Entity $entity) : bool
    {
        return $this->getAclManager()->checkIsOwner($this->getUser(), $entity);
    }

-    public function checkInTeam(Entity $entity)
+    /**
+     * Whether a user team list overlaps with teams set in an entity.
+     */
+    public function checkInTeam(Entity $entity) : bool
    {
        return $this->getAclManager()->checkInTeam($this->getUser(), $entity);
    }

-    public function getScopeForbiddenAttributeList($scope, $action = 'read', $thresholdLevel = 'no')
+    /**
+     * Get attributes forbidden for a user.
+     */
+    public function getScopeForbiddenAttributeList(string $scope, string $action = 'read', string $thresholdLevel = 'no') : array
    {
        return $this->getAclManager()->getScopeForbiddenAttributeList($this->getUser(), $scope, $action, $thresholdLevel);
    }

-    public function getScopeForbiddenFieldList($scope, $action = 'read', $thresholdLevel = 'no')
+    /**
+     * Get fields forbidden for a user.
+     */
+    public function getScopeForbiddenFieldList(string $scope, string $action = 'read', string $thresholdLevel = 'no') : array
    {
        return $this->getAclManager()->getScopeForbiddenFieldList($this->getUser(), $scope, $action, $thresholdLevel);
    }

-    public function getScopeForbiddenLinkList($scope, $action = 'read', $thresholdLevel = 'no')
+    /**
+     * Get links forbidden for a user.
+     */
+    public function getScopeForbiddenLinkList(string $scope, string $action = 'read', string $thresholdLevel = 'no') : array
    {
        return $this->getAclManager()->getScopeForbiddenLinkList($this->getUser(), $scope, $action, $thresholdLevel);
    }

-    public function checkUserPermission($target, $permissionType = 'userPermission')
+    /**
+     * Whether a user has an access to another user over a specific permission.
+     *
+     * @param $target User|string User entity or user ID.
+     */
+    public function checkUserPermission($target, string $permissionType = 'user') : bool
    {
        return $this->getAclManager()->checkUserPermission($this->getUser(), $target, $permissionType);
    }

-    public function checkAssignmentPermission($target)
+    /**
+     * Whether a user can assign to another user.
+     *
+     * @param $target User|string User entity or user ID.
+     */
+    public function checkAssignmentPermission($target) : bool
    {
        return $this->getAclManager()->checkAssignmentPermission($this->getUser(), $target);
    }

-    public function getScopeRestrictedFieldList($scope, $type)
+    public function getScopeRestrictedFieldList(string $scope, $type) : array
    {
        return $this->getAclManager()->getScopeRestrictedFieldList($scope, $type);
    }

-    public function getScopeRestrictedAttributeList($scope, $type)
+    public function getScopeRestrictedAttributeList(string $scope, $type) : array
    {
        return $this->getAclManager()->getScopeRestrictedAttributeList($scope, $type);
    }

-    public function getScopeRestrictedLinkList($scope, $type)
+    public function getScopeRestrictedLinkList(string $scope, $type) : array
    {
        return $this->getAclManager()->getScopeRestrictedLinkList($scope, $type);
    }
--- a/application/Espo/Core/Acl/Acl.php
+++ b/application/Espo/Core/Acl/Acl.php
@@ -0,0 +1,296 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2020 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: https://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ *
+ * The interactive user interfaces in modified source and object code versions
+ * of this program must display Appropriate Legal Notices, as required under
+ * Section 5 of the GNU General Public License version 3.
+ *
+ * In accordance with Section 7(b) of the GNU General Public License version 3,
+ * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
+ ************************************************************************/
+
+namespace Espo\Core\Acl;
+
+use Espo\Entities\User;
+use Espo\ORM\Entity;
+
+use Espo\Core\{
+    ORM\EntityManager,
+    AclManager,
+    Utils\Config,
+};
+
+/**
+ * An implementation for access checking for entities. Can be overriden in `Acl` namespece.
+ */
+class Acl implements ScopeAcl, EntityAcl
+{
+    protected $scope;
+
+    protected $ownerUserIdAttribute = null;
+
+    protected $allowDeleteCreatedThresholdPeriod = '24 hours';
+
+    protected $entityManager;
+    protected $aclManager;
+    protected $config;
+
+    public function __construct(string $scope, EntityManager $entityManager, AclManager $aclManager, Config $config)
+    {
+        $this->scope = $scope;
+
+        $this->entityManager = $entityManager;
+        $this->aclManager = $aclManager;
+        $this->config = $config;
+    }
+
+    protected function getConfig()
+    {
+        return $this->config;
+    }
+
+    protected function getEntityManager()
+    {
+        return $this->entityManager;
+    }
+
+    protected function getAclManager()
+    {
+        return $this->aclManager;
+    }
+
+    public function checkReadOnlyTeam(User $user, $data)
+    {
+        if (empty($data) || !is_object($data) || !isset($data->read)) {
+            return false;
+        }
+        return $data->read === 'team';
+    }
+
+    public function checkReadNo(User $user, $data)
+    {
+        if (empty($data) || !is_object($data) || !isset($data->read)) {
+            return false;
+        }
+        return $data->read === 'no';
+    }
+
+    public function checkReadOnlyOwn(User $user, $data)
+    {
+        if (empty($data) || !is_object($data) || !isset($data->read)) {
+            return false;
+        }
+        return $data->read === 'own';
+    }
+
+    public function checkEntity(User $user, Entity $entity, $data, $action)
+    {
+        if ($user->isAdmin()) {
+            return true;
+        }
+        return $this->checkScope($user, $data, $action, $entity);
+    }
+
+    public function checkScope(User $user, $data, $action = null, Entity $entity = null, $entityAccessData = [])
+    {
+        if ($user->isAdmin()) {
+            return true;
+        }
+
+        if (is_null($data)) {
+            return false;
+        }
+        if ($data === false) {
+            return false;
+        }
+        if ($data === true) {
+            return true;
+        }
+        if (is_string($data)) {
+            return true;
+        }
+
+        $isOwner = null;
+        if (isset($entityAccessData['isOwner'])) {
+            $isOwner = $entityAccessData['isOwner'];
+        }
+        $inTeam = null;
+        if (isset($entityAccessData['inTeam'])) {
+            $inTeam = $entityAccessData['inTeam'];
+        }
+
+        if (is_null($action)) {
+            return true;
+        }
+
+        if (!isset($data->$action)) {
+            return false;
+        }
+
+        $value = $data->$action;
+
+        if ($value === 'all' || $value === 'yes' || $value === true) {
+            return true;
+        }
+
+        if (!$value || $value === 'no') {
+            return false;
+        }
+
+        if (is_null($isOwner)) {
+            if ($entity) {
+                $isOwner = $this->checkIsOwner($user, $entity);
+            } else {
+                return true;
+            }
+        }
+
+        if ($isOwner) {
+            if ($value === 'own' || $value === 'team') {
+                return true;
+            }
+        }
+        if (is_null($inTeam) && $entity) {
+            $inTeam = $this->checkInTeam($user, $entity);
+        }
+
+        if ($inTeam) {
+            if ($value === 'team') {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    public function checkIsOwner(User $user, Entity $entity)
+    {
+        if ($entity->hasAttribute('assignedUserId')) {
+            if ($entity->has('assignedUserId')) {
+                if ($user->id === $entity->get('assignedUserId')) {
+                    return true;
+                }
+            }
+        } else if ($entity->hasAttribute('createdById')) {
+            if ($entity->has('createdById')) {
+                if ($user->id === $entity->get('createdById')) {
+                    return true;
+                }
+            }
+        }
+
+        if ($entity->hasLinkMultipleField('assignedUsers')) {
+            if ($entity->hasLinkMultipleId('assignedUsers', $user->id)) {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    public function checkInTeam(User $user, Entity $entity)
+    {
+        $userTeamIdList = $user->getLinkMultipleIdList('teams');
+
+        if (!$entity->hasRelation('teams') || !$entity->hasAttribute('teamsIds')) {
+            return false;
+        }
+
+        $entityTeamIdList = $entity->getLinkMultipleIdList('teams');
+
+        if (empty($entityTeamIdList)) {
+            return false;
+        }
+
+        foreach ($userTeamIdList as $id) {
+            if (in_array($id, $entityTeamIdList)) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    public function checkEntityDelete(User $user, Entity $entity, $data)
+    {
+        if ($user->isAdmin()) {
+            return true;
+        }
+
+        if ($this->checkEntity($user, $entity, $data, 'delete')) {
+            return true;
+        }
+
+        if (is_object($data)) {
+            if ($data->edit !== 'no' || $data->create !== 'no') {
+                if (
+                    $this->config->get('aclAllowDeleteCreated')
+                    &&
+                    $entity->has('createdById') && $entity->get('createdById') == $user->id
+                ) {
+                    $isDeletedAllowed = false;
+                    if (!$entity->has('assignedUserId')) {
+                        $isDeletedAllowed = true;
+                    } else {
+                        if (!$entity->get('assignedUserId')) {
+                            $isDeletedAllowed = true;
+                        } else if ($entity->get('assignedUserId') == $entity->get('createdById')) {
+                            $isDeletedAllowed = true;
+                        }
+                    }
+
+                    if ($isDeletedAllowed) {
+                        $createdAt = $entity->get('createdAt');
+                        if ($createdAt) {
+                            $deleteThresholdPeriod = $this->config->get(
+                                'aclAllowDeleteCreatedThresholdPeriod',
+                                $this->allowDeleteCreatedThresholdPeriod
+                            );
+                            if (\Espo\Core\Utils\DateTime::isAfterThreshold($createdAt, $deleteThresholdPeriod)) {
+                                return false;
+                            }
+                        }
+                        return true;
+                    }
+                }
+            }
+        }
+
+        return false;
+    }
+
+    public function getOwnerUserIdAttribute(Entity $entity)
+    {
+        if ($this->ownerUserIdAttribute) {
+            return $this->ownerUserIdAttribute;
+        }
+
+        if ($entity->hasLinkMultipleField('assignedUsers')) {
+            return 'assignedUsersIds';
+        }
+
+        if ($entity->hasAttribute('assignedUserId')) {
+            return 'assignedUserId';
+        }
+
+        if ($entity->hasAttribute('createdById')) {
+            return 'createdById';
+        }
+    }
+}
--- a/application/Espo/Core/Acl/Base.php
+++ b/application/Espo/Core/Acl/Base.php
@@ -29,39 +29,39 @@

 namespace Espo\Core\Acl;

-use \Espo\Core\Interfaces\Injectable;
+use Espo\Core\Interfaces\Injectable;

-use \Espo\Entities\User;
-use \Espo\ORM\Entity;
+use Espo\Entities\User;
+use Espo\ORM\Entity;

-class Base implements Injectable
+use Espo\Core\{
+    ORM\EntityManager,
+    AclManager,
+    Utils\Config,
+};
+
+/** @deprecated */
+class Base extends Acl implements Injectable
 {
-    protected $dependencyList = [
-        'config',
-        'entityManager',
-        'aclManager',
-    ];
+    protected $dependencyList = [];

-    protected $dependencies = []; // for backward compatibility
-
-    protected $scope;
+    protected $dependencies = [];

    protected $injections = [];

-    protected $ownerUserIdAttribute = null;
+    public function __construct(string $scope, EntityManager $entityManager, AclManager $aclManager, Config $config)
+    {
+        $this->scope = $scope;
+        parent::__construct($scope, $entityManager, $aclManager, $config);

-    protected $allowDeleteCreatedThresholdPeriod = '24 hours';
+        $this->init();
+    }

    public function inject($name, $object)
    {
        $this->injections[$name] = $object;
    }

-    public function __construct($scope)
-    {
-        $this->init();
-        $this->scope = $scope;
-    }

    protected function init()
    {
@@ -69,7 +69,7 @@ class Base implements Injectable

    protected function getInjection($name)
    {
-        return $this->injections[$name];
+        return $this->injections[$name] ?? $this->$name ?? null;
    }

    protected function addDependencyList(array $list)
@@ -88,233 +88,4 @@ class Base implements Injectable
    {
        return array_merge($this->dependencyList, $this->dependencies);
    }
-
-    protected function getConfig()
-    {
-        return $this->getInjection('config');
-    }
-
-    protected function getEntityManager()
-    {
-        return $this->getInjection('entityManager');
-    }
-
-    protected function getAclManager()
-    {
-        return $this->getInjection('aclManager');
-    }
-
-    public function checkReadOnlyTeam(User $user, $data)
-    {
-        if (empty($data) || !is_object($data) || !isset($data->read)) {
-            return false;
-        }
-        return $data->read === 'team';
-    }
-
-    public function checkReadNo(User $user, $data)
-    {
-        if (empty($data) || !is_object($data) || !isset($data->read)) {
-            return false;
-        }
-        return $data->read === 'no';
-    }
-
-    public function checkReadOnlyOwn(User $user, $data)
-    {
-        if (empty($data) || !is_object($data) || !isset($data->read)) {
-            return false;
-        }
-        return $data->read === 'own';
-    }
-
-    public function checkEntity(User $user, Entity $entity, $data, $action)
-    {
-        if ($user->isAdmin()) {
-            return true;
-        }
-        return $this->checkScope($user, $data, $action, $entity);
-    }
-
-    public function checkScope(User $user, $data, $action = null, Entity $entity = null, $entityAccessData = array())
-    {
-        if ($user->isAdmin()) {
-            return true;
-        }
-
-        if (is_null($data)) {
-            return false;
-        }
-        if ($data === false) {
-            return false;
-        }
-        if ($data === true) {
-            return true;
-        }
-        if (is_string($data)) {
-            return true;
-        }
-
-        $isOwner = null;
-        if (isset($entityAccessData['isOwner'])) {
-            $isOwner = $entityAccessData['isOwner'];
-        }
-        $inTeam = null;
-        if (isset($entityAccessData['inTeam'])) {
-            $inTeam = $entityAccessData['inTeam'];
-        }
-
-        if (is_null($action)) {
-            return true;
-        }
-
-        if (!isset($data->$action)) {
-            return false;
-        }
-
-        $value = $data->$action;
-
-        if ($value === 'all' || $value === 'yes' || $value === true) {
-            return true;
-        }
-
-        if (!$value || $value === 'no') {
-            return false;
-        }
-
-        if (is_null($isOwner)) {
-            if ($entity) {
-                $isOwner = $this->checkIsOwner($user, $entity);
-            } else {
-                return true;
-            }
-        }
-
-        if ($isOwner) {
-            if ($value === 'own' || $value === 'team') {
-                return true;
-            }
-        }
-        if (is_null($inTeam) && $entity) {
-            $inTeam = $this->checkInTeam($user, $entity);
-        }
-
-        if ($inTeam) {
-            if ($value === 'team') {
-                return true;
-            }
-        }
-        return false;
-    }
-
-    public function checkIsOwner(User $user, Entity $entity)
-    {
-        if ($entity->hasAttribute('assignedUserId')) {
-            if ($entity->has('assignedUserId')) {
-                if ($user->id === $entity->get('assignedUserId')) {
-                    return true;
-                }
-            }
-        } else if ($entity->hasAttribute('createdById')) {
-            if ($entity->has('createdById')) {
-                if ($user->id === $entity->get('createdById')) {
-                    return true;
-                }
-            }
-        }
-
-        if ($entity->hasLinkMultipleField('assignedUsers')) {
-            if ($entity->hasLinkMultipleId('assignedUsers', $user->id)) {
-                return true;
-            }
-        }
-
-        return false;
-    }
-
-    public function checkInTeam(User $user, Entity $entity)
-    {
-        $userTeamIdList = $user->getLinkMultipleIdList('teams');
-
-        if (!$entity->hasRelation('teams') || !$entity->hasAttribute('teamsIds')) {
-            return false;
-        }
-
-        $entityTeamIdList = $entity->getLinkMultipleIdList('teams');
-
-        if (empty($entityTeamIdList)) {
-            return false;
-        }
-
-        foreach ($userTeamIdList as $id) {
-            if (in_array($id, $entityTeamIdList)) {
-                return true;
-            }
-        }
-        return false;
-    }
-
-    public function checkEntityDelete(User $user, Entity $entity, $data)
-    {
-        if ($user->isAdmin()) {
-            return true;
-        }
-
-        if ($this->checkEntity($user, $entity, $data, 'delete')) {
-            return true;
-        }
-
-        if (is_object($data)) {
-            if ($data->edit !== 'no' || $data->create !== 'no') {
-                if (
-                    $this->getConfig()->get('aclAllowDeleteCreated')
-                    &&
-                    $entity->has('createdById') && $entity->get('createdById') == $user->id
-                ) {
-                    $isDeletedAllowed = false;
-                    if (!$entity->has('assignedUserId')) {
-                        $isDeletedAllowed = true;
-                    } else {
-                        if (!$entity->get('assignedUserId')) {
-                            $isDeletedAllowed = true;
-                        } else if ($entity->get('assignedUserId') == $entity->get('createdById')) {
-                            $isDeletedAllowed = true;
-                        }
-                    }
-
-                    if ($isDeletedAllowed) {
-                        $createdAt = $entity->get('createdAt');
-                        if ($createdAt) {
-                            $deleteThresholdPeriod = $this->getConfig()->get('aclAllowDeleteCreatedThresholdPeriod', $this->allowDeleteCreatedThresholdPeriod);
-                            if (\Espo\Core\Utils\DateTime::isAfterThreshold($createdAt, $deleteThresholdPeriod)) {
-                                return false;
-                            }
-                        }
-                        return true;
-                    }
-                }
-            }
-        }
-
-        return false;
-    }
-
-    public function getOwnerUserIdAttribute(Entity $entity)
-    {
-        if ($this->ownerUserIdAttribute) {
-            return $this->ownerUserIdAttribute;
-        }
-
-        if ($entity->hasLinkMultipleField('assignedUsers')) {
-            return 'assignedUsersIds';
-        }
-
-        if ($entity->hasAttribute('assignedUserId')) {
-            return 'assignedUserId';
-        }
-
-        if ($entity->hasAttribute('createdById')) {
-            return 'createdById';
-        }
-    }
 }
--- a/application/Espo/Core/Acl/EntityAcl.php
+++ b/application/Espo/Core/Acl/EntityAcl.php
@@ -0,0 +1,41 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2020 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: https://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ *
+ * The interactive user interfaces in modified source and object code versions
+ * of this program must display Appropriate Legal Notices, as required under
+ * Section 5 of the GNU General Public License version 3.
+ *
+ * In accordance with Section 7(b) of the GNU General Public License version 3,
+ * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
+ ************************************************************************/
+
+namespace Espo\Core\Acl;
+
+use Espo\Entities\User;
+use Espo\ORM\Entity;
+
+/**
+ * @todo Add methods.
+ */
+interface EntityAcl
+{
+
+}
--- a/application/Espo/Core/Acl/GlobalRestricton.php
+++ b/application/Espo/Core/Acl/GlobalRestricton.php
@@ -29,6 +29,17 @@

 namespace Espo\Core\Acl;

+use Espo\Core\{
+    Utils\Metadata,
+    Utils\DataCache,
+    Utils\FieldUtil,
+};
+
+use StdClass;
+
+/**
+ * Lists of restricted fields can be obtained from here. Restricted fields are specified in metadata > entityAcl.
+ */
 class GlobalRestricton
 {
    protected $fieldTypeList = [
@@ -47,36 +58,32 @@ class GlobalRestricton
        'nonAdminReadOnly' // read-only for non-admin users
    ];

-    protected $cacheFilePath = 'data/cache/application/entityAcl.php';
-
-    private $metadata;
-
-    private $fileManager;
-
-    private $fieldManagerUtil;
-
    private $data;

+    protected $cacheKey = 'entityAcl';
+
+    private $metadata;
+    private $dataCache;
+    private $fieldUtil;
+
    public function __construct(
-        \Espo\Core\Utils\Metadata $metadata,
-        \Espo\Core\Utils\File\Manager $fileManager,
-        \Espo\Core\Utils\FieldManagerUtil $fieldManagerUtil,
-        bool $useCache = true
-    )
-    {
+        Metadata $metadata, DataCache $dataCache, FieldUtil $fieldUtil, bool $useCache = true
+    ) {
        $this->metadata = $metadata;
-        $this->fileManager = $fileManager;
-        $this->fieldManagerUtil = $fieldManagerUtil;
+        $this->dataCache = $dataCache;
+        $this->fieldUtil = $fieldUtil;

        $isFromCache = false;

        if ($useCache) {
-            if (file_exists($this->cacheFilePath)) {
-                $this->data = include($this->cacheFilePath);
+            if ($this->dataCache->has($this->cacheKey)) {
+                $this->data = $this->dataCache->get($this->cacheKey);
+
                $isFromCache = true;

-                if (!($this->data instanceof \StdClass)) {
+                if (! $this->data instanceof StdClass) {
                    $GLOBALS['log']->error("ACL GlobalRestricton: Bad data fetched from cache.");
+
                    $this->data = null;
                }
            }
@@ -95,25 +102,25 @@ class GlobalRestricton

    protected function storeCacheFile()
    {
-        $this->getFileManager()->putPhpContents($this->cacheFilePath, $this->data, true);
+        $this->dataCache->store($this->cacheKey, $this->data, true);
    }

    protected function buildData()
    {
-        $scopeList = array_keys($this->getMetadata()->get(['entityDefs'], []));
+        $scopeList = array_keys($this->metadata->get(['entityDefs'], []));

        $data = (object) [];

        foreach ($scopeList as $scope) {
-            $fieldList = array_keys($this->getMetadata()->get(['entityDefs', $scope, 'fields'], []));
-            $linkList = array_keys($this->getMetadata()->get(['entityDefs', $scope, 'links'], []));
+            $fieldList = array_keys($this->metadata->get(['entityDefs', $scope, 'fields'], []));
+            $linkList = array_keys($this->metadata->get(['entityDefs', $scope, 'links'], []));

            $isNotEmpty = false;

            $scopeData = (object) [
                'fields' => (object) [],
                'attributes' => (object) [],
-                'links' => (object) []
+                'links' => (object) [],
            ];

            foreach ($this->fieldTypeList as $type) {
@@ -121,10 +128,13 @@ class GlobalRestricton
                $resultAttributeList = [];

                foreach ($fieldList as $field) {
-                    if ($this->getMetadata()->get(['entityAcl', $scope, 'fields', $field, $type])) {
+                    if ($this->metadata->get(['entityAcl', $scope, 'fields', $field, $type])) {
                        $isNotEmpty = true;
+
                        $resultFieldList[] = $field;
-                        $fieldAttributeList = $this->getFieldManagerUtil()->getAttributeList($scope, $field);
+
+                        $fieldAttributeList = $this->fieldUtil->getAttributeList($scope, $field);
+
                        foreach ($fieldAttributeList as $attribute) {
                            $resultAttributeList[] = $attribute;
                        }
@@ -136,9 +146,11 @@ class GlobalRestricton
            }
            foreach ($this->linkTypeList as $type) {
                $resultLinkList = [];
+
                foreach ($linkList as $link) {
-                    if ($this->getMetadata()->get(['entityAcl', $scope, 'links', $link, $type])) {
+                    if ($this->metadata->get(['entityAcl', $scope, 'links', $link, $type])) {
                        $isNotEmpty = true;
+
                        $resultLinkList[] = $link;
                    }
                }
@@ -153,44 +165,52 @@ class GlobalRestricton
        $this->data = $data;
    }

-    protected function getMetadata()
+    public function getScopeRestrictedFieldList(string $scope, string $type) : array
    {
-        return $this->metadata;
-    }
+        if (!property_exists($this->data, $scope)) {
+            return [];
+        }
+        if (!property_exists($this->data->$scope, 'fields')) {
+            return [];
+        }

-    protected function getFileManager()
-    {
-        return $this->fileManager;
-    }
-
-    protected function getFieldManagerUtil()
-    {
-        return $this->fieldManagerUtil;
-    }
-
-    public function getScopeRestrictedFieldList($scope, $type)
-    {
-        if (!property_exists($this->data, $scope)) return [];
-        if (!property_exists($this->data->$scope, 'fields')) return [];
-        if (!property_exists($this->data->$scope->fields, $type)) return [];
+        if (!property_exists($this->data->$scope->fields, $type)) {
+            return [];
+        }

        return $this->data->$scope->fields->$type;
    }

-    public function getScopeRestrictedAttributeList($scope, $type)
+    public function getScopeRestrictedAttributeList(string $scope, string $type) : array
    {
-        if (!property_exists($this->data, $scope)) return [];
-        if (!property_exists($this->data->$scope, 'attributes')) return [];
-        if (!property_exists($this->data->$scope->attributes, $type)) return [];
+        if (!property_exists($this->data, $scope)) {
+            return [];
+        }
+
+        if (!property_exists($this->data->$scope, 'attributes')) {
+            return [];
+        }
+
+        if (!property_exists($this->data->$scope->attributes, $type)) {
+            return [];
+        }

        return $this->data->$scope->attributes->$type;
    }

-    public function getScopeRestrictedLinkList($scope, $type)
+    public function getScopeRestrictedLinkList(string $scope, string $type) : array
    {
-        if (!property_exists($this->data, $scope)) return [];
-        if (!property_exists($this->data->$scope, 'links')) return [];
-        if (!property_exists($this->data->$scope->links, $type)) return [];
+        if (!property_exists($this->data, $scope)) {
+            return [];
+        }
+
+        if (!property_exists($this->data->$scope, 'links')) {
+            return [];
+        }
+
+        if (!property_exists($this->data->$scope->links, $type)) {
+            return [];
+        }

        return $this->data->$scope->links->$type;
    }
--- a/Show More
+++ b/Show More