🔥 Remove unused stacktrace.

🐛 Fix problems with empty paths and shortcuts
🐛 Fixes problem with edition state and paths
2026-01-01 19:08:41 -05:00 · 2021-05-07 13:15:48 +02:00 · 2021-05-07 13:13:58 +02:00 · 2021-05-07 13:13:58 +02:00 · 2021-05-07 13:13:58 +02:00 · 2021-05-07 13:13:58 +02:00
799 changed files with 38689 additions and 47600 deletions
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -13,7 +13,7 @@ jobs:
        environment:
          POSTGRES_USER: penpot_test
          POSTGRES_PASSWORD: penpot_test
-          POSTGRES_DB: penpot
+          POSTGRES_DB: penpot_test

      - image: circleci/redis:6.0.8

@@ -45,10 +45,10 @@ jobs:
          name: backend test
          command: "clojure -M:dev:tests"
          environment:
-            PENPOT_DATABASE_URI: "postgresql://localhost/penpot"
-            PENPOT_DATABASE_USERNAME: penpot_test
-            PENPOT_DATABASE_PASSWORD: penpot_test
-            PENPOT_REDIS_URI: "redis://localhost/1"
+            PENPOT_TEST_DATABASE_URI: "postgresql://localhost/penpot_test"
+            PENPOT_TEST_DATABASE_USERNAME: penpot_test
+            PENPOT_TEST_DATABASE_PASSWORD: penpot_test
+            PENPOT_TEST_REDIS_URI: "redis://localhost/1"

      - run:
          working_directory: "./frontend"
@@ -57,7 +57,8 @@ jobs:
            yarn install
            npx shadow-cljs compile tests
          environment:
-            PATH: /usr/local/nodejs/bin/:/usr/local/bin:/bin:/usr/bin
+            JAVA_HOME: /usr/lib/jvm/openjdk16
+            PATH: /usr/local/nodejs/bin/:/usr/local/bin:/bin:/usr/bin:/usr/lib/jvm/openjdk16/bin

      - save_cache:
         paths:
--- a/.gitignore
+++ b/.gitignore
@@ -15,9 +15,11 @@ node_modules
 /backend/target/
 /backend/resources/public/media
 /backend/resources/public/assets
+/backend/assets/
 /backend/dist/
 /backend/logs/
 /backend/-
+/telemetry/
 /frontend/npm-debug.log
 /frontend/target/
 /frontend/dist/
@@ -26,7 +28,7 @@ node_modules
 /frontend/resources/public/*
 /exporter/target
 /exporter/.shadow-cljs
-/docker/images/bundle
+/docker/images/bundle*
 /.clj-kondo/.cache
 /bundle*
 /media
--- a/.gitpod.yml
+++ b/.gitpod.yml
@@ -0,0 +1,105 @@
+image:
+  file: docker/gitpod/Dockerfile
+
+ports:
+  # nginx
+  - port: 3449
+    onOpen: open-preview
+
+  # frontend nREPL
+  - port: 3447
+    onOpen: ignore
+    visibility: private
+
+  # frontend shadow server
+  - port: 3448
+    onOpen: ignore
+    visibility: private
+
+  # backend
+  - port: 6060
+    onOpen: ignore
+
+  # exporter shadow server
+  - port: 9630
+    onOpen: ignore
+    visibility: private
+
+  # exporter http server
+  - port: 6061
+    onOpen: ignore
+
+  # mailhog web interface
+  - port: 8025
+    onOpen: ignore
+
+  # mailhog postfix
+  - port: 1025
+    onOpen: ignore
+
+  # postgres
+  - port: 5432
+    onOpen: ignore
+
+  # redis
+  - port: 6379
+    onOpen: ignore
+
+  # openldap
+  - port: 389
+    onOpen: ignore
+
+tasks:
+  # https://github.com/gitpod-io/gitpod/issues/666#issuecomment-534347856
+  - name: gulp
+    command: >
+      cd $GITPOD_REPO_ROOT/frontend/;
+      yarn && gp sync-done 'frontend-yarn';
+      npx gulp --theme=${PENPOT_THEME} watch
+
+  - name: frontend shadow watch
+    command: >
+      cd $GITPOD_REPO_ROOT/frontend/;
+      gp sync-await 'frontend-yarn';
+      npx shadow-cljs watch main
+
+  - init: gp await-port 5432 && psql -f $GITPOD_REPO_ROOT/docker/gitpod/files/postgresql_init.sql
+    name: backend
+    command: >
+      cd $GITPOD_REPO_ROOT/backend/;
+      ./scripts/start-dev
+
+  - name: exporter shadow watch
+    command:
+      cd $GITPOD_REPO_ROOT/exporter/;
+      gp sync-await 'frontend-yarn';
+      yarn && npx shadow-cljs watch main
+
+  - name: exporter web server
+    command: >
+      cd $GITPOD_REPO_ROOT/exporter/;
+      ./scripts/wait-and-start.sh
+
+  - name: signed terminal
+    before: >
+      [[ ! -z ${GNUGPG}  ]] &&
+      cd ~ &&
+      rm -rf .gnupg &&
+      echo ${GNUGPG} | base64 -d | tar --no-same-owner -xzvf -
+    init: >
+      [[ ! -z ${GNUGPG_KEY}  ]] &&
+      git config --global commit.gpgsign true &&
+      git config --global user.signingkey ${GNUGPG_KEY}
+    command: cd $GITPOD_REPO_ROOT
+
+  - name: redis
+    command: redis-server
+
+  - before: go get github.com/mailhog/MailHog
+    name: mailhog
+    command: MailHog
+
+  - name: Nginx
+    command: >
+      nginx &&
+      multitail /var/log/nginx/access.log -I /var/log/nginx/error.log
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -3,11 +3,166 @@
 ## :rocket: Next

 ### :sparkles: New features
+### :bug: Bugs fixed
+### :arrow_up: Deps updates
+### :boom: Breaking changes
+### :heart: Community contributions by (Thank you!)
+
+## 1.5.2-alpha

 ### :bug: Bugs fixed

+- Fix problem with `close-path` command [#917](https://github.com/penpot/penpot/issues/917)
+- Fix wrong query for obtain the profile default project-id
+- Fix problems with empty paths and shortcuts [#923](https://github.com/penpot/penpot/issues/923)
+
+## 1.5.1-alpha
+
+### :bug: Bugs fixed
+
+- Fix issue with bitmap image clipboard.
+- Fix issue when removing all path points.
+- Increase default team invitation token expiration to 48h.
+- Fix wrong error message when an expired token is used.
+
+
+## 1.5.0-alpha
+
+### :sparkles: New features
+
+- Add integration with gitpod.io (an online IDE) [#807](https://github.com/penpot/penpot/pull/807)
+- Allow basic math operations in inputs [Taiga 1383](https://tree.taiga.io/project/penpot/us/1383)
+- Autocomplete color names in hex inputs [Taiga 1596](https://tree.taiga.io/project/penpot/us/1596)
+- Allow to group assets (components and graphics) [Taiga #1289](https://tree.taiga.io/project/penpot/us/1289)
+- Change icon of pinned projects [Taiga 1298](https://tree.taiga.io/project/penpot/us/1298)
+- Internal: refactor of http client, replace internal xhr usage with more modern Fetch API.
+- New features for paths: snap points on edition, add/remove nodes, merge/join/split nodes. [Taiga #907](https://tree.taiga.io/project/penpot/us/907)
+- Add OpenID-Connect support.
+- Reimplement social auth providers on top of the generic openid impl.
+
+### :bug: Bugs fixed
+
+- Fix problem with pan and space [#811](https://github.com/penpot/penpot/issues/811)
+- Fix issue when parsing exponential numbers in paths
+- Remove legacy system user and team [#843](https://github.com/penpot/penpot/issues/843)
+- Fix ordering of copy pasted objects [Taiga #1618](https://tree.taiga.io/project/penpot/issue/1617)
+- Fix problems with blending modes [#837](https://github.com/penpot/penpot/issues/837)
+- Fix problem with zoom an selection rect [#845](https://github.com/penpot/penpot/issues/845)
+- Fix problem displaying team statistics [#859](https://github.com/penpot/penpot/issues/859)
+- Fix problems with text editor selection [Taiga #1546](https://tree.taiga.io/project/penpot/issue/1546)
+- Fix problem when opening the context menu in dashboard at the bottom [#856](https://github.com/penpot/penpot/issues/856)
+- Fix problem when clicking an interactive group in view mode [#863](https://github.com/penpot/penpot/issues/863)
+- Fix visibility of pages in sitemap when changing page [Taiga #1618](https://tree.taiga.io/project/penpot/issue/1618)
+- Fix visual problem with group invite [Taiga #1290](https://tree.taiga.io/project/penpot/issue/1290)
+- Fix issues with promote owner panel [Taiga #763](https://tree.taiga.io/project/penpot/issue/763)
+- Allow use library colors when defining gradients [Taiga #1614](https://tree.taiga.io/project/penpot/issue/1614)
+- Fix group selrect not updating after alignment [#895](https://github.com/penpot/penpot/issues/895)
+
+### :arrow_up: Deps updates
+
+### :boom: Breaking changes
+
+- Translations refactor: now penpot uses gettext instead of a custom
+  JSON, and each locale has its own separated file. All translations
+  should be contributed via the weblate.org service.
+
 ### :heart: Community contributions by (Thank you!)

+- madmath03 (by [Monogramm](https://github.com/Monogramm)) [#807](https://github.com/penpot/penpot/pull/807)
+- zzkt [#814](https://github.com/penpot/penpot/pull/814)
+
+
+## 1.4.1-alpha
+
+### :bug: Bugs fixed
+
+- Fix typography unlinking.
+- Fix incorrect measures on shapes outside artboard.
+- Fix issues on svg parsing related to numbers with exponents.
+- Fix some race conditions on removing shape from workspace.
+- Fix incorrect state management of user lang selection.
+- Fix email validation usability issue on team invitation lightbox.
+
+
+## 1.4.0-alpha
+
+### :sparkles: New features
+
+- Add blob-encoding v3 (uses ZSTD+transit) [#738](https://github.com/penpot/penpot/pull/738)
+- Add http caching layer on top of Query RPC.
+- Add layer opacity and blend mode to shapes [Taiga #937](https://tree.taiga.io/project/penpot/us/937)
+- Add more chinese translations [#726](https://github.com/penpot/penpot/pull/726)
+- Add native support for text-direction (RTL, LTR & auto).
+- Add several enhancements in shape selection [Taiga #1195](https://tree.taiga.io/project/penpot/us/1195)
+- Add thumbnail in memory caching mechanism.
+- Add turkish translation strings [#759](https://github.com/penpot/penpot/pull/759), [#794](https://github.com/penpot/penpot/pull/794)
+- Duplicate and move files and projects [Taiga #267](https://tree.taiga.io/project/penpot/us/267)
+- Hide viewer navbar on fullscreen [Taiga 1375](https://tree.taiga.io/project/penpot/us/1375)
+- Import SVG will create Penpot's shapes [Taiga #1006](https://tree.taiga.io/project/penpot/us/1066)
+- Improve french translations [#731](https://github.com/penpot/penpot/pull/731)
+- Reimplement workspace presence (remove database state).
+- Remember last visited team when you re-enter the application [Taiga #1376](https://tree.taiga.io/project/penpot/us/1376)
+- Rename artboard with double click on the title [Taiga #1392](https://tree.taiga.io/project/penpot/us/1392)
+- Replace Slate-Editor with DraftJS [Taiga #1346](https://tree.taiga.io/project/penpot/us/1346)
+- Set proper page title [Taiga #1377](https://tree.taiga.io/project/penpot/us/1377)
+
+
+### :bug: Bugs fixed
+
+- Disable buttons in view mode for users without permissions [Taiga #1328](https://tree.taiga.io/project/penpot/issue/1328)
+- Fix broken profile and profile options form.
+- Fix calculate size of some animated gifs [Taiga #1487](https://tree.taiga.io/project/penpot/issue/1487)
+- Fix error with the "Navigate to" button on prototypes [Taiga #1268](https://tree.taiga.io/project/penpot/issue/1268)
+- Fix issue when undo after changing the artboard of a shape [Taiga #1304](https://tree.taiga.io/project/penpot/issue/1304)
+- Fix issue with Alt key in distance measurement [#672](https://github.com/penpot/penpot/issues/672)
+- Fix issue with blending modes in masks [Taiga #1476](https://tree.taiga.io/project/penpot/issue/1476)
+- Fix issue with blocked shapes [Taiga #1480](https://tree.taiga.io/project/penpot/issue/1480)
+- Fix issue with comments styles on dashboard [Taiga #1405](https://tree.taiga.io/project/penpot/issue/1405)
+- Fix issue with default square grid [Taiga #1344](https://tree.taiga.io/project/penpot/issue/1344)
+- Fix issue with enter key shortcut [#775](https://github.com/penpot/penpot/issues/775)
+- Fix issue with enter to edit paths [Taiga #1481](https://tree.taiga.io/project/penpot/issue/1481)
+- Fix issue with mask and flip [#715](https://github.com/penpot/penpot/issues/715)
+- Fix issue with masks interactions outside bounds [#718](https://github.com/penpot/penpot/issues/718)
+- Fix issue with middle mouse button press moving the canvas when not moving mouse [#717](https://github.com/penpot/penpot/issues/717)
+- Fix issue with resolved comments [Taiga #1406](https://tree.taiga.io/project/penpot/issue/1406)
+- Fix issue with rotated blur [Taiga #1370](https://tree.taiga.io/project/penpot/issue/1370)
+- Fix issue with rotation degree input [#741](https://github.com/penpot/penpot/issues/741)
+- Fix issue with system shortcuts and application [#737](https://github.com/penpot/penpot/issues/737)
+- Fix issue with team management in dashboard [Taiga #1475](https://tree.taiga.io/project/penpot/issue/1475)
+- Fix issue with typographies panel cannot be collapsed [#707](https://github.com/penpot/penpot/issues/707)
+- Fix text selection in comments [#745](https://github.com/penpot/penpot/issues/745)
+- Update Work-Sans font [#744](https://github.com/penpot/penpot/issues/744)
+- Fix issue with recent files not showing [Taiga #1493](https://tree.taiga.io/project/penpot/issue/1493)
+- Fix issue when promoting to owner [Taiga #1494](https://tree.taiga.io/project/penpot/issue/1494)
+- Fix cannot click on blocked elements in viewer [Taiga #1430](https://tree.taiga.io/project/penpot/issue/1430)
+- Fix SVG not showing properties at code [Taiga #1437](https://tree.taiga.io/project/penpot/issue/1437)
+- Fix shadows when exporting groups [Taiga #1495](https://tree.taiga.io/project/penpot/issue/1495)
+- Fix drag-select when renaming layer text [Taiga #1307](https://tree.taiga.io/project/penpot/issue/1307)
+- Fix layout problem for editable selects [Taiga #1488](https://tree.taiga.io/project/penpot/issue/1488)
+- Fix artboard title wasn't move when resizing [Taiga #1479](https://tree.taiga.io/project/penpot/issue/1479)
+- Fix titles in viewer thumbnails too long [Taiga #1474](https://tree.taiga.io/project/penpot/issue/1474)
+- Fix when right click on a selected text shows artboard contextual menu [Taiga #1226](https://tree.taiga.io/project/penpot/issue/1226)
+
+### :boom: Breaking changes
+
+- The LDAP configuration variables interpolation starts using `:`
+  (example `:username`) instead of `$`. The main reason is avoid
+  unnecesary conflict with bash interpolation.
+
+
+### :arrow_up: Deps updates
+
+- Update backend to JDK16.
+- Update exporter nodejs to v14.16.0
+
+
+### :heart: Community contributions by (Thank you!)
+
+- iblueer [#726](https://github.com/penpot/penpot/pull/726)
+- gizembln [#759](https://github.com/penpot/penpot/pull/759)
+- girafic [#748](https://github.com/penpot/penpot/pull/748)
+- mbrksntrk [#794](https://github.com/penpot/penpot/pull/794)
+

 ## 1.3.0-alpha

@@ -29,7 +184,7 @@

 - Add more improvements to french translation strings [#591](https://github.com/penpot/penpot/pull/591)
 - Add some missing database indexes (mainly improves performance on large databases on file-update rpc method, and some background tasks).
- Disables filters in masking elements (problem with Firefox rendering)
+- Disables filters in masking elements (issue with Firefox rendering)
 - Drawing tool will have priority over resize/rotate handlers [Taiga #1225](https://tree.taiga.io/project/penpot/issue/1225)
 - Fix broken bounding box on editing paths [Taiga #1254](https://tree.taiga.io/project/penpot/issue/1254)
 - Fix corner cases on invitation/signup flows.
@@ -37,8 +192,8 @@
 - Fix infinite recursion on logout.
 - Fix issues with frame selection [Taiga #1300](https://tree.taiga.io/project/penpot/issue/1300), [Taiga #1255](https://tree.taiga.io/project/penpot/issue/1255)
 - Fix local fonts error [#691](https://github.com/penpot/penpot/issues/691)
- Fix problem width handoff code generation [Taiga #1204](https://tree.taiga.io/project/penpot/issue/1204)
- Fix problem with indices refreshing on page changes [#646](https://github.com/penpot/penpot/issues/646)
+- Fix issue width handoff code generation [Taiga #1204](https://tree.taiga.io/project/penpot/issue/1204)
+- Fix issue with indices refreshing on page changes [#646](https://github.com/penpot/penpot/issues/646)
 - Have language change notification written in the new language [Taiga #1205](https://tree.taiga.io/project/penpot/issue/1205)
 - Hide register screen when registration is disabled [#598](https://github.com/penpot/penpot/issues/598)
 - Properly handle errors on github, gitlab and ldap auth backends.
@@ -71,16 +226,16 @@

 - Fix 404 when access shared link [#615](https://github.com/penpot/penpot/issues/615)
 - Fix 500 when requestion password reset
- Fix Problems when transforming path shapes [Taiga #1170](https://tree.taiga.io/project/penpot/issue/1170)
+- Fix issue when transforming path shapes [Taiga #1170](https://tree.taiga.io/project/penpot/issue/1170)
 - Fix apply a color to a text selection from color palette was not working [Taiga #1189](https://tree.taiga.io/project/penpot/issue/1189)
 - Fix issues when moving shapes outside groups [Taiga #1138](https://tree.taiga.io/project/penpot/issue/1138)
 - Fix ldap function called on login click
 - Fix logo icon in viewer should go to dashboard [Taiga #1149](https://tree.taiga.io/project/penpot/issue/1149)
 - Fix ordering when restoring deleted shapes in sync [Taiga #1163](https://tree.taiga.io/project/penpot/issue/1163)
- Fix problem when editing text immediately after creating [Taiga #1207](https://tree.taiga.io/project/penpot/issue/1207)
- Fix problem when pasting URL's copied from the browser url bar [Taiga #1187](https://tree.taiga.io/project/penpot/issue/1187)
- Fix problem with multiple selection and groups [Taiga #1128](https://tree.taiga.io/project/penpot/issue/1128)
- Fix problem with red handler indicator on resize [Taiga #1188](https://tree.taiga.io/project/penpot/issue/1188)
+- Fix issue when editing text immediately after creating [Taiga #1207](https://tree.taiga.io/project/penpot/issue/1207)
+- Fix issue when pasting URL's copied from the browser url bar [Taiga #1187](https://tree.taiga.io/project/penpot/issue/1187)
+- Fix issue with multiple selection and groups [Taiga #1128](https://tree.taiga.io/project/penpot/issue/1128)
+- Fix issue with red handler indicator on resize [Taiga #1188](https://tree.taiga.io/project/penpot/issue/1188)
 - Fix show correct error when google auth is disabled [Taiga #1119](https://tree.taiga.io/project/penpot/issue/1119)
 - Fix text alignment in preview [#594](https://github.com/penpot/penpot/issues/594)
 - Fix unexpected exception when uploading image [Taiga #1120](https://tree.taiga.io/project/penpot/issue/1120)
--- a/README.md
+++ b/README.md
@@ -5,31 +5,19 @@
 [![License: MPL-2.0][uri_license_image]][uri_license]
 [![Gitter](https://badges.gitter.im/sereno-xyz/community.svg)](https://gitter.im/penpot/community)
 [![Managed with Taiga.io](https://img.shields.io/badge/managed%20with-TAIGA.io-709f14.svg)](https://tree.taiga.io/project/penpot/ "Managed with Taiga.io")
+[![Gitpod ready-to-code](https://img.shields.io/badge/Gitpod-ready--to--code-blue?logo=gitpod)](https://gitpod.io/#https://github.com/penpot/penpot)


 # PENPOT #

-We’re excited to share that Uxbox is now Penpot! We’re changing the name, but keeping the same project essence. Stay in the loop for more news coming early 2021. Alpha release is close!
+Penpot is the first Open Source design and prototyping platform meant
+for cross-domain teams. Non dependent on operating systems, Penpot is
+web based and works with open web standards (SVG). For all and
+empowered by the community.

-![PENPOT](https://raw.githubusercontent.com/penpot/penpot/develop/docs/screenshot.png)
+![PENPOT](https://penpot.app/images/workspace-ui.jpg)


-## Introduction ##
-
-The open-source solution for design and prototyping. PENPOT is
-currently at an early development stage but we are working hard to
-bring you the beta version as soon as possible. Follow the project
-progress in Twitter or Github and stay tuned!
-
-
-## SVG based ##
-
-Penpot works with SVG, a standard format, for all your designs and
-prototypes . This means that all your stuff in Penpot is portable and
-editable in many other vector tools and easy to use on the web.
-
-[See SVG specification](https://www.w3.org/Graphics/SVG/)
-
 ## Contributing ##

 **Open to you!**
@@ -43,7 +31,7 @@ Please refer to the [Contributing Guide](./CONTRIBUTING.md)

 ## Documentation ##

-Please refer to [docs/ directory](./docs/).
+Please refer to the [help center](https://help.penpot.app).


 ## License ##
@@ -52,4 +40,6 @@ Please refer to [docs/ directory](./docs/).
 This Source Code Form is subject to the terms of the Mozilla Public
 License, v. 2.0. If a copy of the MPL was not distributed with this
 file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+Copyright (c) UXBOX Labs SL
 ```
--- a/backend/deps.edn
+++ b/backend/deps.edn
@@ -3,27 +3,28 @@
  "clojars" {:url "https://clojars.org/repo"}
  "jcenter" {:url "https://jcenter.bintray.com/"}}
 :deps
- {org.clojure/clojure {:mvn/version "1.10.2"}
-  org.clojure/clojurescript {:mvn/version "1.10.773"}
-  org.clojure/data.json {:mvn/version "1.0.0"}
+ {org.clojure/clojure {:mvn/version "1.10.3"}
+  org.clojure/data.json {:mvn/version "2.2.1"}
  org.clojure/core.async {:mvn/version "1.3.610"}
-  org.clojure/tools.cli {:mvn/version "1.0.194"}
+  org.clojure/tools.cli {:mvn/version "1.0.206"}
+  org.clojure/clojurescript {:mvn/version "1.10.844"}

  ;; Logging
  org.clojure/tools.logging {:mvn/version "1.1.0"}
-  org.apache.logging.log4j/log4j-api {:mvn/version "2.14.0"}
-  org.apache.logging.log4j/log4j-core {:mvn/version "2.14.0"}
-  org.apache.logging.log4j/log4j-web {:mvn/version "2.14.0"}
-  org.apache.logging.log4j/log4j-jul {:mvn/version "2.14.0"}
-  org.apache.logging.log4j/log4j-slf4j-impl {:mvn/version "2.14.0"}
-  org.slf4j/slf4j-api {:mvn/version "1.7.30"}
+  org.apache.logging.log4j/log4j-api {:mvn/version "2.14.1"}
+  org.apache.logging.log4j/log4j-core {:mvn/version "2.14.1"}
+  org.apache.logging.log4j/log4j-web {:mvn/version "2.14.1"}
+  org.apache.logging.log4j/log4j-jul {:mvn/version "2.14.1"}
+  org.apache.logging.log4j/log4j-slf4j18-impl {:mvn/version "2.14.1"}
+  org.slf4j/slf4j-api {:mvn/version "2.0.0-alpha1"}
  org.zeromq/jeromq {:mvn/version "0.5.2"}

-
-  org.graalvm.js/js {:mvn/version "20.3.0"}
  com.taoensso/nippy {:mvn/version "3.1.1"}
-  com.github.luben/zstd-jni {:mvn/version "1.4.8-3"}
+  com.github.luben/zstd-jni {:mvn/version "1.4.9-5"}

+  ;; NOTE: don't upgrade to latest version, breaking change is
+  ;; introduced on 0.10.0 that suffixes counters with _total if they
+  ;; are not already has this suffix.
  io.prometheus/simpleclient {:mvn/version "0.9.0"}
  io.prometheus/simpleclient_hotspot {:mvn/version "0.9.0"}
  io.prometheus/simpleclient_jetty {:mvn/version "0.9.0"
@@ -32,19 +33,19 @@
  io.prometheus/simpleclient_httpserver {:mvn/version "0.9.0"}

  selmer/selmer {:mvn/version "1.12.33"}
-  expound/expound {:mvn/version "0.8.7"}
+  expound/expound {:mvn/version "0.8.9"}
  com.cognitect/transit-clj {:mvn/version "1.0.324"}

-  io.lettuce/lettuce-core {:mvn/version "6.0.2.RELEASE"}
-  java-http-clj/java-http-clj {:mvn/version "0.4.1"}
+  io.lettuce/lettuce-core {:mvn/version "6.1.1.RELEASE"}
+  java-http-clj/java-http-clj {:mvn/version "0.4.2"}

-  info.sunng/ring-jetty9-adapter {:mvn/version "0.14.2"}
-  seancorfield/next.jdbc {:mvn/version "1.1.613"}
-  metosin/reitit-ring {:mvn/version "0.5.11"}
+  info.sunng/ring-jetty9-adapter {:mvn/version "0.15.1"}
+  com.github.seancorfield/next.jdbc {:mvn/version "1.1.646"}
+  metosin/reitit-ring {:mvn/version "0.5.12"}
  metosin/jsonista {:mvn/version "0.3.1"}

-  org.postgresql/postgresql {:mvn/version "42.2.18"}
-  com.zaxxer/HikariCP {:mvn/version "3.4.5"}
+  org.postgresql/postgresql {:mvn/version "42.2.19"}
+  com.zaxxer/HikariCP {:mvn/version "4.0.3"}

  funcool/datoteka {:mvn/version "1.2.0"}
  funcool/promesa {:mvn/version "6.0.0"}
@@ -63,13 +64,12 @@
  org.im4java/im4java {:mvn/version "1.4.0"}
  org.lz4/lz4-java {:mvn/version "1.7.1"}
  commons-io/commons-io {:mvn/version "2.8.0"}
-  org.apache.commons/commons-pool2 {:mvn/version "2.9.0"}
-  com.sun.mail/jakarta.mail {:mvn/version "2.0.0"}
+  com.sun.mail/jakarta.mail {:mvn/version "2.0.1"}

-  puppetlabs/clj-ldap {:mvn/version"0.3.0"}
+  org.clojars.pntblnk/clj-ldap {:mvn/version "0.0.17"}
  integrant/integrant {:mvn/version "0.8.0"}

-  software.amazon.awssdk/s3 {:mvn/version "2.15.73"}
+  software.amazon.awssdk/s3 {:mvn/version "2.16.44"}

  ;; exception printing
  io.aviso/pretty {:mvn/version "0.1.37"}
@@ -92,11 +92,11 @@
   :args {}}

  :tests
-  {:extra-deps {lambdaisland/kaocha {:mvn/version "1.0.732"}}
+  {:extra-deps {lambdaisland/kaocha {:mvn/version "1.0.829"}}
   :main-opts ["-m" "kaocha.runner"]}

  :outdated
-  {:extra-deps {antq/antq {:mvn/version "RELEASE"}}
+  {:extra-deps {com.github.liquidz/antq {:mvn/version "RELEASE"}}
   :main-opts ["-m" "antq.core"]}

  :jmx-remote
--- a/backend/dev/user.clj
+++ b/backend/dev/user.clj
@@ -2,21 +2,19 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2016-2020 Andrey Antukh <niwi@niwi.nz>
+;; Copyright (c) UXBOX Labs SL

 (ns user
  (:require
   [app.common.exceptions :as ex]
   [app.config :as cfg]
   [app.main :as main]
+   [app.util.blob :as blob]
+   [app.util.json :as json]
   [app.util.time :as dt]
   [app.util.transit :as t]
-   [app.util.json :as json]
   [clojure.java.io :as io]
-   [clojure.pprint :refer [pprint]]
+   [clojure.pprint :refer [pprint print-table]]
   [clojure.repl :refer :all]
   [clojure.spec.alpha :as s]
   [clojure.spec.gen.alpha :as sgen]
@@ -25,8 +23,7 @@
   [clojure.tools.namespace.repl :as repl]
   [clojure.walk :refer [macroexpand-all]]
   [criterium.core :refer [quick-bench bench with-progress-reporting]]
-   [integrant.core :as ig]
-   [taoensso.nippy :as nippy]))
+   [integrant.core :as ig]))

 (repl/disable-reload! (find-ns 'integrant.core))

@@ -70,7 +67,7 @@
  []
  (alter-var-root #'system (fn [sys]
                             (when sys (ig/halt! sys))
-                             (-> (main/build-system-config cfg/config)
+                             (-> main/system-config
                                 (ig/prep)
                                 (ig/init))))
  :started)
@@ -91,3 +88,10 @@
  []
  (stop)
  (repl/refresh-all :after 'user/start))
+
+(defn compression-bench
+  [data]
+  (print-table
+   [{:v1 (alength (blob/encode data {:version 1}))
+     :v2 (alength (blob/encode data {:version 2}))
+     :v3 (alength (blob/encode data {:version 3}))}]))
--- a/backend/resources/builtin.edn
+++ b/backend/resources/builtin.edn
@@ -1,11 +0,0 @@
-{:icons
- [{:name "Material Design (Action)"
-   :path "./material/action/svg/production"
-   :regex #"^.*_48px\.svg$"}]
-
- :images
- [{:name "Generic Collection 1"
-   :path "./my-images/collection1/"
-   :regex #"^.*\.(png|jpg|webp)$"}]}
-
-
--- a/backend/resources/config/default.edn
+++ b/backend/resources/config/default.edn
@@ -1,44 +0,0 @@
-{;; A secret key used for create tokens
- ;; WARNING: this is a default secret key and
- ;; it should be overwritten in production env.
- :secret "5qjiAn-QUpawUNqGP10UZKklSqbLKcdGY3sJpq0UUACpVXGg2HOFJCBejDWVHskhRyp7iHb4rjOLXX2ZjF-5cw"
- 
- :registration
- {
-  :enabled true}
- 
- :smtp
- {:host "localhost" ;; Hostname of the desired SMTP server.
-  :port 25          ;; Port of SMTP server.
-  :user nil         ;; Username to authenticate with (if authenticating).
-  :pass nil         ;; Password to authenticate with (if authenticating).
-  :ssl false        ;; Enables SSL encryption if value is truthy.
-  :tls false        ;; Enables TLS encryption if value is truthy.
-  :enabled false    ;; Enables SMTP if value is truthy.
-  :noop true}
-
- :auth-options {:alg :a256kw :enc :a128cbc-hs256}
-
- :email {:reply-to "no-reply@uxbox.io"
-         :from "no-reply@uxbox.io"
-         :support "support@uxbox.io"}
-
- :http {:port 6060
-        :max-body-size 52428800
-        :debug true}
-
- :media
- {:directory "resources/public/media"
-  :uri "http://localhost:6060/media/"}
-
- :static
- {:directory "resources/public/static"
-  :uri "http://localhost:6060/static/"}
-
- :database
- {:adapter "postgresql"
-  :username nil
-  :password nil
-  :database-name "uxbox"
-  :server-name "localhost"
-  :port-number 5432}}
--- a/backend/resources/config/test.edn
+++ b/backend/resources/config/test.edn
@@ -1,18 +0,0 @@
-{:migrations
- {:verbose false}
-
- :media
- {:directory "/tmp/uxbox/media"
-  :uri "http://localhost:6060/media/"}
-
- :static
- {:directory "/tmp/uxbox/static"
-  :uri "http://localhost:6060/static/"}
-
- :database
- {:adapter "postgresql"
-  :username nil
-  :password nil
-  :database-name "test"
-  :server-name "localhost"
-  :port-number 5432}}
--- a/backend/resources/emails/feedback/en.html
+++ b/backend/resources/emails/feedback/en.html
@@ -0,0 +1,45 @@
+<!doctype html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+  <head>
+    <title></title>
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+  </head>
+  <body>
+    <p>
+      <strong>Feedback from:</strong><br />
+      {% if profile %}
+        <span>
+          <span>Name: </span>
+          <span><code>{{profile.fullname}}</code></span>
+        </span>
+        <br />
+
+        <span>
+          <span>Email: </span>
+          <span>{{profile.email}}</span>
+        </span>
+        <br />
+
+        <span>
+          <span>ID: </span>
+          <span><code>{{profile.id}}</code></span>
+        </span>
+      {% else %}
+        <span>
+          <span>Email: </span>
+          <span>{{profile.email}}</span>
+        </span>
+      {% endif %}
+    </p>
+    <p>
+      <strong>Subject:</strong><br />
+      <span>{{subject}}</span>
+    </p>
+
+    <p>
+      <strong>Message:</strong><br />
+      {{content|linebreaks-br|safe}}
+    </p>
+  </body>
+</html>
--- a/backend/resources/emails/invite-to-team/en.subj
+++ b/backend/resources/emails/invite-to-team/en.subj
@@ -1 +1 @@
-Inviation to join {{team}}
+Invitation to join {{team}}
--- a/backend/resources/log4j2-bundle.xml
+++ b/backend/resources/log4j2-bundle.xml
@@ -1,21 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<Configuration status="info" monitorInterval="60">
-  <Appenders>
-    <Console name="console" target="SYSTEM_OUT">
-      <PatternLayout pattern="[%t] %level{length=1} %logger{36} - %msg%n"/>
-    </Console>
-  </Appenders>
-
-  <Loggers>
-    <Logger name="com.zaxxer.hikari" level="error" />
-    <Logger name="org.eclipse.jetty" level="error" />
-
-    <Logger name="app" level="debug" additivity="false">
-      <AppenderRef ref="console" />
-    </Logger>
-
-    <Root level="info">
-      <AppenderRef ref="console" />
-    </Root>
-  </Loggers>
-</Configuration>
--- a/backend/resources/log4j2-devenv.xml
+++ b/backend/resources/log4j2-devenv.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Configuration status="info" monitorInterval="30">
+  <Appenders>
+    <Console name="console" target="SYSTEM_OUT">
+      <PatternLayout pattern="[%d{YYYY-MM-dd HH:mm:ss.SSS}] [%t] %level{length=1} %logger{36} - %msg%n"/>
+    </Console>
+
+    <RollingFile name="main" fileName="logs/main.log" filePattern="logs/main-%i.log">
+      <PatternLayout pattern="[%d{YYYY-MM-dd HH:mm:ss.SSS}] %level{length=1} %logger{36} - %msg%n"/>
+      <Policies>
+        <SizeBasedTriggeringPolicy size="50M"/>
+      </Policies>
+      <DefaultRolloverStrategy max="9"/>
+    </RollingFile>
+  </Appenders>
+
+  <Loggers>
+    <Logger name="com.zaxxer.hikari" level="error"/>
+    <Logger name="io.lettuce" level="error" />
+    <Logger name="org.eclipse.jetty" level="error" />
+    <Logger name="org.postgresql" level="error" />
+
+    <Logger name="app.cli" level="debug" additivity="false">
+      <AppenderRef ref="console"/>
+    </Logger>
+
+    <Logger name="app.loggers" level="debug" additivity="false">
+      <AppenderRef ref="main" level="debug" />
+    </Logger>
+
+    <Logger name="app" level="all" additivity="false">
+      <AppenderRef ref="main" level="trace" />
+    </Logger>
+
+    <Logger name="penpot" level="fatal" additivity="false">
+      <AppenderRef ref="main" level="fatal" />
+    </Logger>
+
+    <Logger name="user" level="trace" additivity="false">
+      <AppenderRef ref="main" level="trace" />
+    </Logger>
+
+    <Root level="info">
+      <AppenderRef ref="main" />
+    </Root>
+  </Loggers>
+</Configuration>
--- a/backend/resources/log4j2.xml
+++ b/backend/resources/log4j2.xml
@@ -1,49 +1,25 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<Configuration status="info" monitorInterval="30">
+<Configuration status="info" monitorInterval="60">
  <Appenders>
    <Console name="console" target="SYSTEM_OUT">
      <PatternLayout pattern="[%d{YYYY-MM-dd HH:mm:ss.SSS}] [%t] %level{length=1} %logger{36} - %msg%n"/>
    </Console>
-
-    <RollingFile name="main" fileName="logs/main.log" filePattern="logs/main-%i.log">
-      <PatternLayout pattern="[%d{YYYY-MM-dd HH:mm:ss.SSS}] [%t] %level{length=1} %logger{36} - %msg%n"/>
-      <Policies>
-        <SizeBasedTriggeringPolicy size="50M"/>
-      </Policies>
-      <DefaultRolloverStrategy max="9"/>
-    </RollingFile>
-
-    <JeroMQ name="zmq">
-      <Property name="endpoint">tcp://localhost:45556</Property>
-      <JsonLayout complete="false" compact="true" includeTimeMillis="true" stacktraceAsString="true" properties="true" />
-    </JeroMQ>
  </Appenders>

  <Loggers>
-    <Logger name="com.zaxxer.hikari" level="error"/>
-    <Logger name="io.lettuce" level="error" />
+    <Logger name="com.zaxxer.hikari" level="error" />
    <Logger name="org.eclipse.jetty" level="error" />

-    <Logger name="app.cli" level="debug" additivity="false">
-      <AppenderRef ref="console"/>
-    </Logger>
-
-    <Logger name="app.loggers" level="debug" additivity="false">
-      <AppenderRef ref="main" level="debug" />
-    </Logger>
-
    <Logger name="app" level="debug" additivity="false">
-      <AppenderRef ref="main" level="trace" />
-      <AppenderRef ref="zmq" level="debug" />
+      <AppenderRef ref="console" />
    </Logger>

-    <Logger name="user" level="trace" additivity="false">
-      <AppenderRef ref="main" level="trace" />
-      <AppenderRef ref="zmq" level="debug" />
+    <Logger name="penpot" level="fatal" additivity="false">
+      <AppenderRef ref="console" />
    </Logger>

    <Root level="info">
-      <AppenderRef ref="main" />
+      <AppenderRef ref="console" />
    </Root>
  </Loggers>
 </Configuration>
--- a/backend/resources/svgclean.js
+++ b/backend/resources/svgclean.js
--- a/backend/scripts/build
+++ b/backend/scripts/build
@@ -0,0 +1,78 @@
+#!/usr/bin/env bb
+
+;; This Source Code Form is subject to the terms of the Mozilla Public
+;; License, v. 2.0. If a copy of the MPL was not distributed with this
+;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
+;;
+;; Copyright (c) UXBOX Labs SL
+
+(ns build
+  (:require
+   [clojure.string :as str]
+   [clojure.java.io :as io]
+   [clojure.pprint :refer [pprint]]
+   [babashka.fs :as fs]
+   [babashka.process :refer [$ check]]))
+
+(defn split-cp
+  [data]
+  (str/split data #":"))
+
+(def classpath
+  (->> ($ clojure -Spath)
+       (check)
+       (:out)
+       (slurp)
+       (split-cp)
+       (map str/trim)))
+
+(def classpath-jars
+  (let [xfm (filter #(str/ends-with? % ".jar"))]
+    (into #{} xfm classpath)))
+
+(def classpath-paths
+  (let [xfm (comp (remove #(str/ends-with? % ".jar"))
+                  (filter #(.isDirectory (io/file %))))]
+    (into #{} xfm classpath)))
+
+(def version
+  (or (first *command-line-args*) "%version%"))
+
+;; Clean previous dist
+(-> ($ rm -rf "./target/dist") check)
+
+;; Create a new dist
+(-> ($ mkdir -p "./target/dist/deps") check)
+
+;; Copy all jar deps into dist
+(run! (fn [item] (-> ($ cp ~item "./target/dist/deps/") check)) classpath-jars)
+
+;; Create the application jar
+(spit "./target/dist/version.txt" version)
+(-> ($ jar cvf "./target/dist/deps/app.jar" -C ~(first classpath-paths) ".") check)
+(-> ($ jar uvf "./target/dist/deps/app.jar" -C "./target/dist" "version.txt") check)
+(run! (fn [item]
+        (-> ($ jar uvf "./target/dist/deps/app.jar" -C ~item ".")  check))
+      (rest classpath-paths))
+
+;; Copy logging configuration
+(-> ($ cp "./resources/log4j2.xml" "./target/dist/") check)
+
+;; Create classpath file
+(let [jars (->> (into ["app.jar"] classpath-jars)
+                (map fs/file-name)
+                (map #(fs/path "deps" %))
+                (map str))]
+  (spit "./target/dist/classpath" (str/join ":" jars)))
+
+;; Copy run script template
+(-> ($ cp "./scripts/run.template.sh" "./target/dist/run.sh") check)
+
+;; Copy run script template
+(-> ($ cp "./scripts/manage.template.sh" "./target/dist/manage.sh") check)
+
+;; Add exec permisions to scripts.
+(-> ($ chmod +x "./target/dist/run.sh") check)
+(-> ($ chmod +x "./target/dist/manage.sh") check)
+
+nil
--- a/backend/scripts/build.sh
+++ b/backend/scripts/build.sh
@@ -1,77 +0,0 @@
-#!/usr/bin/env bash
-
-CLASSPATH=`(clojure -Spath)`
-NEWCP="./main:./common"
-
-rm -rf ./target/dist
-mkdir -p ./target/dist/deps
-
-for item in $(echo $CLASSPATH | tr ":" "\n"); do
-    if [ "${item: -4}" == ".jar" ]; then
-        cp $item ./target/dist/deps/;
-        BN="$(basename -- $item)"
-        NEWCP+=":./deps/$BN"
-    fi
-done
-
-cp ./resources/log4j2-bundle.xml ./target/dist/log4j2.xml
-cp -r ./src ./target/dist/main
-cp -r ./resources/emails ./target/dist/main/
-cp -r ./resources/svgclean.js ./target/dist/main/
-cp -r ./resources/error-report.tmpl ./target/dist/main/
-cp -r ../common ./target/dist/common
-
-echo $NEWCP > ./target/dist/classpath;
-
-tee -a ./target/dist/run.sh  >> /dev/null <<EOF
-#!/usr/bin/env bash
-CP="$NEWCP"
-
-set +e
-JAVA_CMD=\$(type -p java)
-
-set -e
-if [[ ! -n "\$JAVA_CMD" ]]; then
-  if [[ -n "\$JAVA_HOME" ]] && [[ -x "\$JAVA_HOME/bin/java" ]]; then
-    JAVA_CMD="\$JAVA_HOME/bin/java"
-  else
-    >&2 echo "Couldn't find 'java'. Please set JAVA_HOME."
-    exit 1
-  fi
-fi
-
-if [ -f ./environ ]; then
-   source ./environ
-fi
-
-set -x
-exec \$JAVA_CMD \$JVM_OPTS -classpath \$CP -Dlog4j.configurationFile=./log4j2.xml "\$@" clojure.main -m app.main
-EOF
-
-tee -a ./target/dist/manage.sh  >> /dev/null <<EOF
-#!/usr/bin/env bash
-CP="$NEWCP"
-
-set +e
-JAVA_CMD=\$(type -p java)
-
-set -e
-if [[ ! -n "\$JAVA_CMD" ]]; then
-  if [[ -n "\$JAVA_HOME" ]] && [[ -x "\$JAVA_HOME/bin/java" ]]; then
-    JAVA_CMD="\$JAVA_HOME/bin/java"
-  else
-    >&2 echo "Couldn't find 'java'. Please set JAVA_HOME."
-    exit 1
-  fi
-fi
-
-if [ -f ./environ ]; then
-   source ./environ
-fi
-
-exec \$JAVA_CMD \$JVM_OPTS -classpath \$CP -Dlog4j.configurationFile=./log4j2.xml clojure.main -m app.cli.manage "\$@"
-EOF
-
-chmod +x ./target/dist/run.sh
-chmod +x ./target/dist/manage.sh
-
--- a/backend/scripts/import-generic-collections.sh
+++ b/backend/scripts/import-generic-collections.sh
@@ -1,4 +0,0 @@
-#!/usr/bin/env bash
-
-clojure -Adev -m app.cli.collimp $@
-
--- a/backend/scripts/manage.template.sh
+++ b/backend/scripts/manage.template.sh
@@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+set +e
+JAVA_CMD=$(type -p java)
+
+set -e
+if [[ ! -n "$JAVA_CMD" ]]; then
+  if [[ -n "$JAVA_HOME" ]] && [[ -x "$JAVA_HOME/bin/java" ]]; then
+    JAVA_CMD="$JAVA_HOME/bin/java"
+  else
+    >&2 echo "Couldn't find 'java'. Please set JAVA_HOME."
+    exit 1
+  fi
+fi
+
+if [ -f ./environ ]; then
+   source ./environ
+fi
+
+exec $JAVA_CMD $JVM_OPTS -classpath $(cat classpath) -Dlog4j2.configurationFile=./log4j2.xml clojure.main -m app.cli.manage "$@"
--- a/backend/scripts/prepare-release.sh
+++ b/backend/scripts/prepare-release.sh
@@ -1,16 +0,0 @@
-#!/usr/bin/env bash
-
-if [ "$#" -e 0 ]; then
-    echo "Expecting parameters: 1=path to backend; 2=destination directory"
-    exit 1
-fi
-
-rm -rf $2 || exit 1;
-
-rsync -avr \
-      --exclude="/test" \
-      --exclude="/resources/public/media" \
-      --exclude="/target" \
-      --exclude="/scripts" \
-      --exclude="/.*" \
-      $1 $2;
--- a/backend/scripts/psql.sh
+++ b/backend/scripts/psql.sh
@@ -1,2 +0,0 @@
-#!/usr/bin/env bash
-PGPASSWORD=$PENPOT_DATABASE_PASSWORD psql $PENPOT_DATABASE_URI -U $PENPOT_DATABASE_USERNAME
--- a/backend/scripts/repl
+++ b/backend/scripts/repl
@@ -2,7 +2,8 @@

 export PENPOT_ASSERTS_ENABLED=true

-export OPTIONS="-A:jmx-remote:dev -J-Dclojure.tools.logging.factory=clojure.tools.logging.impl/log4j2-factory -J-Xms512m -J-Xmx512m"
+export OPTIONS="-A:jmx-remote:dev -J-Djava.util.logging.manager=org.apache.logging.log4j.jul.LogManager -J-Xms512m -J-Xmx512m -J-Dlog4j2.configurationFile=log4j2-devenv.xml"
+
 export OPTIONS_EVAL="nil"
 # export OPTIONS_EVAL="(set! *warn-on-reflection* true)"

--- a/backend/scripts/run-tests-in-docker.sh
+++ b/backend/scripts/run-tests-in-docker.sh
@@ -1,4 +0,0 @@
-#!/usr/bin/env bash
-
-set -xe
-clojure -Adev -m app.tests.main;
--- a/backend/scripts/run.template.sh
+++ b/backend/scripts/run.template.sh
@@ -0,0 +1,20 @@
+#!/usr/bin/env bash
+set +e
+JAVA_CMD=$(type -p java)
+
+set -e
+if [[ ! -n "$JAVA_CMD" ]]; then
+  if [[ -n "$JAVA_HOME" ]] && [[ -x "$JAVA_HOME/bin/java" ]]; then
+    JAVA_CMD="$JAVA_HOME/bin/java"
+  else
+    >&2 echo "Couldn't find 'java'. Please set JAVA_HOME."
+    exit 1
+  fi
+fi
+
+if [ -f ./environ ]; then
+   source ./environ
+fi
+
+set -x
+exec $JAVA_CMD $JVM_OPTS -classpath "$(cat classpath)" -Dlog4j2.configurationFile=./log4j2.xml "$@" clojure.main -m app.main
--- a/backend/scripts/smtpd.sh
+++ b/backend/scripts/smtpd.sh
@@ -1,2 +0,0 @@
-#!/usr/bin/env bash
-python -m smtpd -n -c DebuggingServer localhost:25
--- a/backend/scripts/tests.sh
+++ b/backend/scripts/tests.sh
@@ -1,2 +0,0 @@
-#!/usr/bin/env sh
-exec clojure -M:dev:tests "$@"
--- a/backend/src/app/cli/fixtures.clj
+++ b/backend/src/app/cli/fixtures.clj
@@ -2,23 +2,19 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.cli.fixtures
  "A initial fixtures."
  (:require
   [app.common.pages :as cp]
   [app.common.uuid :as uuid]
-   [app.config :as cfg]
   [app.db :as db]
   [app.main :as main]
   [app.rpc.mutations.profile :as profile]
   [app.util.blob :as blob]
+   [app.util.logging :as l]
   [buddy.hashers :as hashers]
-   [clojure.tools.logging :as log]
   [integrant.core :as ig]))

 (defn- mk-uuid
@@ -75,7 +71,9 @@
  (let [rng (java.util.Random. 1)]
    (letfn [(create-profile [conn index]
              (let [id   (mk-uuid "profile" index)
-                    _    (log/info "create profile" index id)
+                    _    (l/info :action "create profile"
+                                 :index index
+                                 :id id)

                    prof (register-profile conn
                                           {:id id
@@ -91,20 +89,22 @@
                prof))

            (create-profiles [conn]
-              (log/info "create profiles")
+              (l/info :action "create profiles")
              (collect (partial create-profile conn)
                       (range (:num-profiles opts))))

            (create-team [conn index]
              (let [id (mk-uuid "team" index)
                    name (str "Team" index)]
-                (log/info "create team" index id)
+                (l/info :action "create team"
+                        :index index
+                        :id id)
                (db/insert! conn :team {:id id
                                        :name name})
                id))

            (create-teams [conn]
-              (log/info "create teams")
+              (l/info :action "create teams")
              (collect (partial create-team conn)
                       (range (:num-teams opts))))

@@ -112,7 +112,9 @@
              (let [id (mk-uuid "file" project-id index)
                    name (str "file" index)
                    data (cp/make-file-data id)]
-                (log/info "create file" index id)
+                (l/info :action "create file"
+                        :index index
+                        :id id)
                (db/insert! conn :file
                            {:id id
                             :data (blob/encode data)
@@ -127,17 +129,25 @@
                id))

            (create-files [conn owner-id project-id]
-              (log/info "create files")
+              (l/info :action "create files")
              (run! (partial create-file conn owner-id project-id)
                    (range (:num-files-per-project opts))))

            (create-project [conn team-id owner-id index]
-              (let [id (mk-uuid "project" team-id index)
-                    name (str "project " index)]
-                (log/info "create project" index id)
+              (let [id        (if index
+                                (mk-uuid "project" team-id index)
+                                (mk-uuid "project" team-id))
+                    name      (if index
+                                (str "project " index)
+                                "Drafts")
+                    is-default (nil? index)]
+                (l/info :action "create project"
+                        :index index
+                        :id id)
                (db/insert! conn :project
                            {:id id
                             :team-id team-id
+                             :is-default is-default
                             :name name})
                (db/insert! conn :project-profile-rel
                            {:project-id id
@@ -148,10 +158,12 @@
                id))

            (create-projects [conn team-id profile-ids]
-              (log/info "create projects")
+              (l/info :action "create projects")
              (let [owner-id (rng-nth rng profile-ids)
-                    project-ids (collect (partial create-project conn team-id owner-id)
-                                         (range (:num-projects-per-team opts)))]
+                    project-ids (conj
+                                  (collect (partial create-project conn team-id owner-id)
+                                         (range (:num-projects-per-team opts)))
+                                  (create-project conn team-id owner-id nil))]
                (run! (partial create-files conn owner-id) project-ids)))

            (assign-profile-to-team [conn team-id owner? profile-id]
@@ -163,14 +175,16 @@
                           :can-edit true}))

            (setup-team [conn team-id profile-ids]
-              (log/info "setup team" team-id profile-ids)
+              (l/info :action "setup team"
+                      :team-id team-id
+                      :profile-ids (pr-str profile-ids))
              (assign-profile-to-team conn team-id true (first profile-ids))
              (run! (partial assign-profile-to-team conn team-id false)
                    (rest profile-ids))
              (create-projects conn team-id profile-ids))

            (assign-teams-and-profiles [conn teams profiles]
-              (log/info "assign teams and profiles")
+              (l/info :action "assign teams and profiles")
              (loop [team-id (first teams)
                     teams (rest teams)]
                (when-not (nil? team-id)
@@ -187,7 +201,9 @@
                    project-id (:default-project-id owner)
                    data       (cp/make-file-data id)]

-                (log/info "create draft file" index id)
+                (l/info :action "create draft file"
+                        :index index
+                        :id id)
                (db/insert! conn :file
                            {:id id
                             :data (blob/encode data)
@@ -225,7 +241,7 @@

 (defn run
  [{:keys [preset] :or {preset :small}}]
-  (let [config (select-keys (main/build-system-config cfg/config)
+  (let [config (select-keys main/system-config
                            [:app.db/pool
                             :app.telemetry/migrations
                             :app.migrations/migrations
@@ -237,6 +253,6 @@
    (try
      (run-in-system system preset)
      (catch Exception e
-        (log/errorf e "unhandled exception"))
+        (l/error :hint "unhandled exception" :cause e))
      (finally
        (ig/halt! system)))))
--- a/backend/src/app/cli/manage.clj
+++ b/backend/src/app/cli/manage.clj
@@ -2,22 +2,18 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.cli.manage
  "A manage cli api."
  (:require
-   [app.config :as cfg]
   [app.db :as db]
   [app.main :as main]
   [app.rpc.mutations.profile :as profile]
   [app.rpc.queries.profile :refer [retrieve-profile-data-by-email]]
+   [app.util.logging :as l]
   [clojure.string :as str]
   [clojure.tools.cli :refer [parse-opts]]
-   [clojure.tools.logging :as log]
   [integrant.core :as ig])
  (:import
   java.io.Console))
@@ -26,7 +22,7 @@

 (defn init-system
  []
-  (let [data (-> (main/build-system-config cfg/config)
+  (let [data (-> main/system-config
                 (select-keys [:app.db/pool :app.metrics/metrics])
                 (assoc :app.migrations/all {}))]
    (-> data ig/prep ig/init)))
@@ -35,7 +31,7 @@
  [{:keys [label type] :or {type :text}}]
  (let [^Console console (System/console)]
    (when-not console
-      (log/error "no console found, can proceed")
+      (l/error :hint "no console found, can proceed")
      (System/exit 1))

    (binding [*out* (.writer console)]
--- a/backend/src/app/cli/migrate_media.clj
+++ b/backend/src/app/cli/migrate_media.clj
@@ -2,19 +2,16 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.cli.migrate-media
  (:require
   [app.common.media :as cm]
-   [app.config :as cfg]
+   [app.config :as cf]
   [app.db :as db]
   [app.main :as main]
   [app.storage :as sto]
-   [clojure.tools.logging :as log]
+   [app.util.logging :as l]
   [cuerdas.core :as str]
   [datoteka.core :as fs]
   [integrant.core :as ig]))
@@ -34,7 +31,7 @@

 (defn run
  []
-  (let [config (select-keys (main/build-system-config cfg/config)
+  (let [config (select-keys main/system-config
                            [:app.db/pool
                             :app.migrations/migrations
                             :app.metrics/metrics
@@ -49,7 +46,7 @@
          (run-in-system)
          (ig/halt!))
      (catch Exception e
-        (log/errorf e "Unhandled exception.")))))
+        (l/error :hint "unhandled exception" :cause e)))))


 ;; --- IMPL
@@ -60,7 +57,7 @@
            (->> (db/exec! conn ["select * from profile"])
                 (filter #(not (str/empty? (:photo %))))
                 (seq)))]
-    (let [base    (fs/path (:storage-fs-old-directory cfg/config))
+    (let [base    (fs/path (cf/get :storage-fs-old-directory))
          storage (-> (:app.storage/storage system)
                      (assoc :conn conn))]
      (doseq [profile (retrieve-profiles conn)]
@@ -81,7 +78,7 @@
            (->> (db/exec! conn ["select * from team"])
                 (filter #(not (str/empty? (:photo %))))
                 (seq)))]
-    (let [base    (fs/path (:storage-fs-old-directory cfg/config))
+    (let [base    (fs/path (cf/get :storage-fs-old-directory))
          storage (-> (:app.storage/storage system)
                      (assoc :conn conn))]
      (doseq [team (retrieve-teams conn)]
@@ -105,7 +102,7 @@
                                    from file_media_object as fmo
                                    join file_media_thumbnail as fth on (fth.media_object_id = fmo.id)"])
                 (seq)))]
-    (let [base    (fs/path (:storage-fs-old-directory cfg/config))
+    (let [base    (fs/path (cf/get :storage-fs-old-directory))
          storage (-> (:app.storage/storage system)
                      (assoc :conn conn))]
      (doseq [mobj (retrieve-media-objects conn)]
--- a/backend/src/app/config.clj
+++ b/backend/src/app/config.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.config
  "A configuration management."
@@ -15,15 +12,25 @@
   [app.common.version :as v]
   [app.util.time :as dt]
   [clojure.core :as c]
+   [clojure.java.io :as io]
+   [clojure.pprint :as pprint]
   [clojure.spec.alpha :as s]
   [cuerdas.core :as str]
   [environ.core :refer [env]]))

+(prefer-method print-method
+               clojure.lang.IRecord
+               clojure.lang.IDeref)
+
+(prefer-method pprint/simple-dispatch
+               clojure.lang.IPersistentMap
+               clojure.lang.IDeref)
+
 (def defaults
  {:http-server-port 6060
   :host "devenv"
   :tenant "dev"
-   :database-uri "postgresql://127.0.0.1/penpot"
+   :database-uri "postgresql://postgres/penpot"
   :database-username "penpot"
   :database-password "penpot"

@@ -34,14 +41,14 @@
   :asserts-enabled false

   :public-uri "http://localhost:3449"
-   :redis-uri "redis://localhost/0"
+   :redis-uri "redis://redis/0"

   :srepl-host "127.0.0.1"
   :srepl-port 6062

   :storage-backend :fs

-   :storage-fs-directory "resources/public/assets"
+   :storage-fs-directory "assets"
   :storage-s3-region :eu-central-1
   :storage-s3-bucket "penpot-devenv-assets-pre"

@@ -70,7 +77,7 @@
   :telemetry-enabled false
   :telemetry-uri "https://telemetry.penpot.app/"

-   :ldap-user-query "(|(uid=$username)(mail=$username))"
+   :ldap-user-query "(|(uid=:username)(mail=:username))"
   :ldap-attrs-username "uid"
   :ldap-attrs-email "mail"
   :ldap-attrs-fullname "cn"
@@ -90,7 +97,6 @@
 (s/def ::error-report-webhook ::us/string)
 (s/def ::feedback-destination ::us/string)
 (s/def ::feedback-enabled ::us/boolean)
-(s/def ::feedback-reply-to ::us/email)
 (s/def ::feedback-token ::us/string)
 (s/def ::github-client-id ::us/string)
 (s/def ::github-client-secret ::us/string)
@@ -99,9 +105,17 @@
 (s/def ::gitlab-client-secret ::us/string)
 (s/def ::google-client-id ::us/string)
 (s/def ::google-client-secret ::us/string)
+(s/def ::oidc-client-id ::us/string)
+(s/def ::oidc-client-secret ::us/string)
+(s/def ::oidc-base-uri ::us/string)
+(s/def ::oidc-token-uri ::us/string)
+(s/def ::oidc-auth-uri ::us/string)
+(s/def ::oidc-user-uri ::us/string)
+(s/def ::oidc-scopes ::us/set-of-str)
+(s/def ::oidc-roles ::us/set-of-str)
+(s/def ::oidc-roles-attr ::us/keyword)
 (s/def ::host ::us/string)
 (s/def ::http-server-port ::us/integer)
-(s/def ::http-session-cookie-name ::us/string)
 (s/def ::http-session-idle-max-age ::dt/duration)
 (s/def ::http-session-updater-batch-max-age ::dt/duration)
 (s/def ::http-session-updater-batch-max-size ::us/integer)
@@ -164,7 +178,6 @@
                   ::error-report-webhook
                   ::feedback-destination
                   ::feedback-enabled
-                   ::feedback-reply-to
                   ::feedback-token
                   ::github-client-id
                   ::github-client-secret
@@ -173,6 +186,15 @@
                   ::gitlab-client-secret
                   ::google-client-id
                   ::google-client-secret
+                   ::oidc-client-id
+                   ::oidc-client-secret
+                   ::oidc-base-uri
+                   ::oidc-token-uri
+                   ::oidc-auth-uri
+                   ::oidc-user-uri
+                   ::oidc-scopes
+                   ::oidc-roles-attr
+                   ::oidc-roles
                   ::host
                   ::http-server-port
                   ::http-session-idle-max-age
@@ -223,39 +245,33 @@
                   ::telemetry-server-enabled
                   ::telemetry-server-port
                   ::telemetry-uri
+                   ::telemetry-referer
                   ::telemetry-with-taiga
                   ::tenant]))

-(defn- env->config
-  [env]
-  (reduce-kv
-   (fn [acc k v]
-     (cond-> acc
-       (str/starts-with? (name k) "penpot-")
-       (assoc (keyword (subs (name k) 7)) v)
-
-       (str/starts-with? (name k) "app-")
-       (assoc (keyword (subs (name k) 4)) v)))
-   {}
-   env))
+(defn read-env
+  [prefix]
+  (let [prefix (str prefix "-")
+        len    (count prefix)]
+    (reduce-kv
+     (fn [acc k v]
+       (cond-> acc
+         (str/starts-with? (name k) prefix)
+         (assoc (keyword (subs (name k) len)) v)))
+     {}
+     env)))

 (defn- read-config
-  [env]
-  (->> (env->config env)
+  []
+  (->> (read-env "penpot")
       (merge defaults)
       (us/conform ::config)))

-(defn- read-test-config
-  [env]
-  (merge {:redis-uri "redis://redis/1"
-          :database-uri "postgresql://postgres/penpot_test"
-          :storage-fs-directory "/tmp/app/storage"
-          :migrations-verbose false}
-         (read-config env)))
-
-(def version (v/parse "%version%"))
-(def config (read-config env))
-(def test-config (read-test-config env))
+(def version (v/parse (or (some-> (io/resource "version.txt")
+                                  (slurp)
+                                  (str/trim))
+                          "%version%")))
+(def config (atom (read-config)))

 (def deletion-delay
  (dt/duration {:days 7}))
@@ -263,6 +279,9 @@
 (defn get
  "A configuration getter. Helps code be more testable."
  ([key]
-   (c/get config key))
+   (c/get @config key))
  ([key default]
-   (c/get config key default)))
+   (c/get @config key default)))
+
+;; Set value for all new threads bindings.
+(alter-var-root #'*assert* (constantly (get :asserts-enabled)))
--- a/backend/src/app/db.clj
+++ b/backend/src/app/db.clj
@@ -2,25 +2,23 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.db
  (:require
+   [app.common.data :as d]
   [app.common.exceptions :as ex]
   [app.common.geom.point :as gpt]
   [app.common.spec :as us]
   [app.db.sql :as sql]
   [app.metrics :as mtx]
   [app.util.json :as json]
+   [app.util.logging :as l]
   [app.util.migrations :as mg]
   [app.util.time :as dt]
   [app.util.transit :as t]
   [clojure.java.io :as io]
   [clojure.spec.alpha :as s]
-   [clojure.tools.logging :as log]
   [integrant.core :as ig]
   [next.jdbc :as jdbc]
   [next.jdbc.date-time :as jdbc-dt])
@@ -48,8 +46,8 @@

 (declare instrument-jdbc!)

+(s/def ::name keyword?)
 (s/def ::uri ::us/not-empty-string)
-(s/def ::name ::us/not-empty-string)
 (s/def ::min-pool-size ::us/integer)
 (s/def ::max-pool-size ::us/integer)
 (s/def ::migrations map?)
@@ -59,14 +57,16 @@

 (defmethod ig/init-key ::pool
  [_ {:keys [migrations metrics] :as cfg}]
-  (log/infof "initialize connection pool '%s' with uri '%s'" (:name cfg) (:uri cfg))
+  (l/info :action "initialize connection pool"
+          :name (d/name (:name cfg))
+          :uri (:uri cfg))
  (instrument-jdbc! (:registry metrics))
  (let [pool (create-pool cfg)]
    (when (seq migrations)
      (with-open [conn ^AutoCloseable (open pool)]
        (mg/setup! conn)
-        (doseq [[mname steps] migrations]
-          (mg/migrate! conn {:name (name mname) :steps steps}))))
+        (doseq [[name steps] migrations]
+          (mg/migrate! conn {:name (d/name name) :steps steps}))))
    pool))

 (defmethod ig/halt-key! ::pool
@@ -80,7 +80,7 @@
    #'next.jdbc/execute!]
   {:registry registry
    :type :counter
-    :name "database_query_count"
+    :name "database_query_total"
    :help "An absolute counter of database queries."}))

 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
@@ -100,7 +100,7 @@
        mtf      (PrometheusMetricsTrackerFactory. (:registry metrics))]
    (doto config
      (.setJdbcUrl (str "jdbc:" dburi))
-      (.setPoolName (:name cfg "default"))
+      (.setPoolName (d/name (:name cfg)))
      (.setAutoCommit true)
      (.setReadOnly false)
      (.setConnectionTimeout 8000)  ;; 8seg
@@ -217,9 +217,10 @@
 (defn get-by-params
  ([ds table params]
   (get-by-params ds table params nil))
-  ([ds table params opts]
+  ([ds table params {:keys [uncheked] :or {uncheked false} :as opts}]
   (let [res (exec-one! ds (sql/select table params opts))]
-     (when (or (:deleted-at res) (not res))
+     (when (and (not uncheked)
+                (or (:deleted-at res) (not res)))
       (ex/raise :type :not-found
                 :hint "database object not found"))
     res)))
@@ -261,9 +262,12 @@
  (PGpoint. (:x p) (:y p)))

 (defn create-array
-  [conn type aobjects]
+  [conn type objects]
  (let [^PGConnection conn (unwrap conn org.postgresql.PGConnection)]
-    (.createArrayOf conn ^String type aobjects)))
+    (if (coll? objects)
+      (.createArrayOf conn ^String type (into-array Object objects))
+      (.createArrayOf conn ^String type objects))))
+

 (defn decode-pgpoint
  [^PGpoint v]
--- a/backend/src/app/db/sql.clj
+++ b/backend/src/app/db/sql.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.db.sql
  (:refer-clojure :exclude [update])
@@ -58,4 +55,3 @@
  ([table where-params opts]
   (let [opts (merge default-opts opts)]
     (sql/for-delete table where-params opts))))
-
--- a/backend/src/app/emails.clj
+++ b/backend/src/app/emails.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.emails
  "Main api for send emails."
@@ -14,18 +11,13 @@
   [app.config :as cfg]
   [app.db :as db]
   [app.db.sql :as sql]
-   [app.tasks :as tasks]
   [app.util.emails :as emails]
-   [clojure.spec.alpha :as s]))
+   [app.util.logging :as l]
+   [app.worker :as wrk]
+   [clojure.spec.alpha :as s]
+   [integrant.core :as ig]))

-;; --- Defaults
-
-(defn default-context
-  []
-  {:assets-uri (:assets-uri cfg/config)
-   :public-uri (:public-uri cfg/config)})
-
-;; --- Public API
+;; --- PUBLIC API

 (defn render
  [email-factory context]
@@ -33,17 +25,20 @@

 (defn send!
  "Schedule the email for sending."
-  [conn email-factory context]
-  (us/verify fn? email-factory)
-  (us/verify map? context)
-  (let [email (email-factory context)]
-    (tasks/submit! conn {:name "sendmail"
-                         :delay 0
-                         :max-retries 1
-                         :priority 200
-                         :props email})))
+  [{:keys [::conn ::factory] :as context}]
+  (us/verify fn? factory)
+  (us/verify some? conn)
+  (let [email (factory context)]
+    (wrk/submit! (assoc email
+                        ::wrk/task :sendmail
+                        ::wrk/delay 0
+                        ::wrk/max-retries 1
+                        ::wrk/priority 200
+                        ::wrk/conn conn))))


+;; --- BOUNCE/COMPLAINS HANDLING
+
 (def sql:profile-complaint-report
  "select (select count(*)
             from profile_complaint_report
@@ -91,7 +86,7 @@
     (>= (count reports) threshold))))


-;; --- Emails
+;; --- EMAIL FACTORIES

 (s/def ::subject ::us/string)
 (s/def ::content ::us/string)
@@ -101,7 +96,7 @@

 (def feedback
  "A profile feedback email."
-  (emails/template-factory ::feedback default-context))
+  (emails/template-factory ::feedback))

 (s/def ::name ::us/string)
 (s/def ::register
@@ -109,7 +104,7 @@

 (def register
  "A new profile registration welcome email."
-  (emails/template-factory ::register default-context))
+  (emails/template-factory ::register))

 (s/def ::token ::us/string)
 (s/def ::password-recovery
@@ -117,7 +112,7 @@

 (def password-recovery
  "A password recovery notification email."
-  (emails/template-factory ::password-recovery default-context))
+  (emails/template-factory ::password-recovery))

 (s/def ::pending-email ::us/email)
 (s/def ::change-email
@@ -125,7 +120,7 @@

 (def change-email
  "Password change confirmation email"
-  (emails/template-factory ::change-email default-context))
+  (emails/template-factory ::change-email))

 (s/def :internal.emails.invite-to-team/invited-by ::us/string)
 (s/def :internal.emails.invite-to-team/team ::us/string)
@@ -138,4 +133,50 @@

 (def invite-to-team
  "Teams member invitation email."
-  (emails/template-factory ::invite-to-team default-context))
+  (emails/template-factory ::invite-to-team))
+
+
+;; --- SENDMAIL TASK
+
+(declare send-console!)
+
+(s/def ::username ::cfg/smtp-username)
+(s/def ::password ::cfg/smtp-password)
+(s/def ::tls ::cfg/smtp-tls)
+(s/def ::ssl ::cfg/smtp-ssl)
+(s/def ::host ::cfg/smtp-host)
+(s/def ::port ::cfg/smtp-port)
+(s/def ::default-reply-to ::cfg/smtp-default-reply-to)
+(s/def ::default-from ::cfg/smtp-default-from)
+(s/def ::enabled ::cfg/smtp-enabled)
+
+(defmethod ig/pre-init-spec ::sendmail-handler [_]
+  (s/keys :req-un [::enabled]
+          :opt-un [::username
+                   ::password
+                   ::tls
+                   ::ssl
+                   ::host
+                   ::port
+                   ::default-from
+                   ::default-reply-to]))
+
+(defmethod ig/init-key ::sendmail-handler
+  [_ cfg]
+  (fn [{:keys [props] :as task}]
+    (if (:enabled cfg)
+      (emails/send! cfg props)
+      (send-console! cfg props))))
+
+(defn- send-console!
+  [cfg email]
+  (let [baos (java.io.ByteArrayOutputStream.)
+        mesg (emails/smtp-message cfg email)]
+    (.writeTo mesg baos)
+    (let [out (with-out-str
+                (println "email console dump:")
+                (println "******** start email" (:id email) "**********")
+                (println (.toString baos))
+                (println "******** end email "(:id email) "**********"))]
+      (l/info :email out))))
+
--- a/backend/src/app/http.clj
+++ b/backend/src/app/http.clj
@@ -2,22 +2,18 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.http
  (:require
   [app.common.data :as d]
+   [app.common.exceptions :as ex]
   [app.common.spec :as us]
-   [app.config :as cfg]
   [app.http.errors :as errors]
   [app.http.middleware :as middleware]
   [app.metrics :as mtx]
-   [app.util.log4j :refer [update-thread-context!]]
+   [app.util.logging :as l]
   [clojure.spec.alpha :as s]
-   [clojure.tools.logging :as log]
   [integrant.core :as ig]
   [reitit.ring :as rr]
   [ring.adapter.jetty9 :as jetty])
@@ -26,30 +22,32 @@
   org.eclipse.jetty.server.handler.ErrorHandler
   org.eclipse.jetty.server.handler.StatisticsHandler))

+(declare router-handler)
+
 (s/def ::handler fn?)
+(s/def ::router some?)
 (s/def ::ws (s/map-of ::us/string fn?))
-(s/def ::port ::cfg/http-server-port)
+(s/def ::port ::us/integer)
 (s/def ::name ::us/string)

 (defmethod ig/pre-init-spec ::server [_]
-  (s/keys :req-un [::handler ::port]
-          :opt-un [::ws ::name ::mtx/metrics]))
+  (s/keys :req-un [::port]
+          :opt-un [::ws ::name ::mtx/metrics ::router ::handler]))

 (defmethod ig/prep-key ::server
  [_ cfg]
-  (merge {:name "http"}
-         (d/without-nils cfg)))
+  (merge {:name "http"} (d/without-nils cfg)))

 (defmethod ig/init-key ::server
-  [_ {:keys [handler ws port name metrics] :as opts}]
-  (log/infof "starting '%s' server on port %s." name port)
+  [_ {:keys [handler router ws port name metrics] :as opts}]
+  (l/info :msg "starting http server" :port port :name name)
  (let [pre-start (fn [^Server server]
                    (let [handler (doto (ErrorHandler.)
                                    (.setShowStacks true)
                                    (.setServer server))]
                      (.setErrorHandler server ^ErrorHandler handler)
                      (when metrics
-                        (let [stats (new StatisticsHandler)]
+                        (let [stats (StatisticsHandler.)]
                          (.setHandler ^StatisticsHandler stats (.getHandler server))
                          (.setHandler server stats)
                          (mtx/instrument-jetty! (:registry metrics) stats)))))
@@ -63,61 +61,71 @@
                   (when (seq ws)
                     {:websockets ws}))

+        handler   (cond
+                    (fn? handler)  handler
+                    (some? router) (router-handler router)
+                    :else (ex/raise :type :internal
+                                    :code :invalid-argument
+                                    :hint "Missing `handler` or `router` option."))
+
        server    (jetty/run-jetty handler options)]
    (assoc opts :server server)))

 (defmethod ig/halt-key! ::server
  [_ {:keys [server name port] :as opts}]
-  (log/infof "stoping '%s' server on port %s." name port)
+  (l/info :msg "stoping http server"
+          :name name
+          :port port)
  (jetty/stop-server server))

-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;; Http Main Handler (Router)
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-
-(declare create-router)
-
-(s/def ::rpc map?)
-(s/def ::session map?)
-(s/def ::metrics map?)
-(s/def ::oauth map?)
-(s/def ::storage map?)
-(s/def ::assets map?)
-(s/def ::feedback fn?)
-
-(defmethod ig/pre-init-spec ::router [_]
-  (s/keys :req-un [::rpc ::session ::metrics ::oauth ::storage ::assets ::feedback]))
-
-(defmethod ig/init-key ::router
-  [_ cfg]
-  (let [handler (rr/ring-handler
-                 (create-router cfg)
-                 (rr/routes
-                  (rr/create-resource-handler {:path "/"})
-                  (rr/create-default-handler))
-                 {:middleware [middleware/server-timing]})]
+(defn- router-handler
+  [router]
+  (let [handler (rr/ring-handler router
+                                 (rr/routes
+                                  (rr/create-resource-handler {:path "/"})
+                                  (rr/create-default-handler))
+                                 {:middleware [middleware/server-timing]})]
    (fn [request]
      (try
        (handler request)
        (catch Throwable e
          (try
            (let [cdata (errors/get-error-context request e)]
-              (update-thread-context! cdata)
-              (log/errorf e "unhandled exception: %s (id: %s)" (ex-message e) (str (:id cdata)))
-              {:status 500
-               :body "internal server error"})
+              (l/update-thread-context! cdata)
+              (l/error :hint "unhandled exception"
+                       :message (ex-message e)
+                       :error-id (str (:id cdata))
+                       :cause e))
+            {:status 500 :body "internal server error"}
            (catch Throwable e
-              (log/errorf e "unhandled exception: %s" (ex-message e))
-              {:status 500
-               :body "internal server error"})))))))
+              (l/error :hint "unhandled exception"
+                       :message (ex-message e)
+                       :cause e)
+              {:status 500 :body "internal server error"})))))))

-(defn- create-router
-  [{:keys [session rpc oauth metrics svgparse assets feedback] :as cfg}]
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;; Http Main Handler (Router)
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+(s/def ::rpc map?)
+(s/def ::session map?)
+(s/def ::oauth map?)
+(s/def ::storage map?)
+(s/def ::assets map?)
+(s/def ::feedback fn?)
+
+(defmethod ig/pre-init-spec ::router [_]
+  (s/keys :req-un [::rpc ::session ::mtx/metrics ::oauth ::storage ::assets ::feedback]))
+
+(defmethod ig/init-key ::router
+  [_ {:keys [session rpc oauth metrics assets feedback] :as cfg}]
  (rr/router
   [["/metrics" {:get (:handler metrics)}]
-
    ["/assets" {:middleware [[middleware/format-response-body]
-                             [middleware/errors errors/handle]]}
+                             [middleware/errors errors/handle]
+                             [middleware/cookies]
+                             (:middleware session)]}
     ["/by-id/:id" {:get (:objects-handler assets)}]
     ["/by-file-media-id/:id" {:get (:file-objects-handler assets)}]
     ["/by-file-media-id/:id/thumbnail" {:get (:file-thumbnails-handler assets)}]]
@@ -128,7 +136,8 @@
    ["/webhooks"
     ["/sns" {:post (:sns-webhook cfg)}]]

-    ["/api" {:middleware [[middleware/format-response-body]
+    ["/api" {:middleware [[middleware/etag]
+                          [middleware/format-response-body]
                          [middleware/params]
                          [middleware/multipart-params]
                          [middleware/keyword-params]
@@ -136,20 +145,13 @@
                          [middleware/errors errors/handle]
                          [middleware/cookies]]}

-     ["/svg" {:post svgparse}]
     ["/feedback" {:middleware [(:middleware session)]
                   :post feedback}]

-     ["/oauth"
-      ["/google" {:post (get-in oauth [:google :handler])}]
-      ["/google/callback" {:get (get-in oauth [:google :callback-handler])}]
-
-      ["/gitlab" {:post (get-in oauth [:gitlab :handler])}]
-      ["/gitlab/callback" {:get (get-in oauth [:gitlab :callback-handler])}]
-
-      ["/github" {:post (get-in oauth [:github :handler])}]
-      ["/github/callback" {:get (get-in oauth [:github :callback-handler])}]]
+     ["/auth/oauth/:provider" {:post (:handler oauth)}]
+     ["/auth/oauth/:provider/callback" {:get (:callback-handler oauth)}]

     ["/rpc" {:middleware [(:middleware session)]}
-      ["/query/:type" {:get (:query-handler rpc)}]
+      ["/query/:type" {:get (:query-handler rpc)
+                       :post (:query-handler rpc)}]
      ["/mutation/:type" {:post (:mutation-handler rpc)}]]]]))
--- a/backend/src/app/http/assets.clj
+++ b/backend/src/app/http/assets.clj
@@ -2,23 +2,20 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.http.assets
  "Assets related handlers."
  (:require
   [app.common.exceptions :as ex]
   [app.common.spec :as us]
+   [app.common.uri :as u]
   [app.db :as db]
   [app.metrics :as mtx]
   [app.storage :as sto]
   [app.util.time :as dt]
   [clojure.spec.alpha :as s]
-   [integrant.core :as ig]
-   [lambdaisland.uri :as u]))
+   [integrant.core :as ig]))

 (def ^:private cache-max-age
  (dt/duration {:hours 24}))
--- a/backend/src/app/http/awsns.clj
+++ b/backend/src/app/http/awsns.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 Andrey Antukh <niwi@niwi.nz>
+;; Copyright (c) UXBOX Labs SL

 (ns app.http.awsns
  "AWS SNS webhook handler for bounces."
@@ -14,9 +11,8 @@
   [app.db :as db]
   [app.db.sql :as sql]
   [app.util.http :as http]
-   [clojure.pprint :refer [pprint]]
+   [app.util.logging :as l]
   [clojure.spec.alpha :as s]
-   [clojure.tools.logging :as log]
   [cuerdas.core :as str]
   [integrant.core :as ig]
   [jsonista.core :as j]))
@@ -25,11 +21,6 @@
 (declare parse-notification)
 (declare process-report)

-(defn- pprint-report
-  [message]
-  (binding [clojure.pprint/*print-right-margin* 120]
-    (with-out-str (pprint message))))
-
 (defmethod ig/pre-init-spec ::handler [_]
  (s/keys :req-un [::db/pool]))

@@ -42,19 +33,17 @@
        (= mtype "SubscriptionConfirmation")
        (let [surl   (get body "SubscribeURL")
              stopic (get body "TopicArn")]
-          (log/infof "subscription received (topic=%s, url=%s)" stopic surl)
+          (l/info :action "subscription received" :topic stopic :url surl)
          (http/send! {:uri surl :method :post :timeout 10000}))

        (= mtype "Notification")
        (when-let [message (parse-json (get body "Message"))]
-          ;; (log/infof "Received: %s" (pr-str message))
          (let [notification (parse-notification cfg message)]
            (process-report cfg notification)))

        :else
-        (log/warn (str "unexpected data received\n"
-                       (pprint-report body))))
-
+        (l/warn :hint "unexpected data received"
+                :report (pr-str body)))
      {:status 200 :body ""})))

 (defn- parse-bounce
@@ -184,15 +173,15 @@

 (defn- process-report
  [cfg {:keys [type profile-id] :as report}]
-  (log/trace (str "procesing report:\n" (pprint-report report)))
+  (l/trace :action "procesing report" :report (pr-str report))
  (cond
    ;; In this case we receive a bounce/complaint notification without
    ;; confirmed identity, we just emit a warning but do nothing about
    ;; it because this is not a normal case. All notifications should
    ;; come with profile identity.
    (nil? profile-id)
-    (log/warn (str "a notification without identity recevied from AWS\n"
-                   (pprint-report report)))
+    (l/warn :msg "a notification without identity recevied from AWS"
+            :report (pr-str report))

    (= "bounce" type)
    (register-bounce-for-profile cfg report)
@@ -201,7 +190,7 @@
    (register-complaint-for-profile cfg report)

    :else
-    (log/warn (str "unrecognized report received from AWS\n"
-                   (pprint-report report)))))
+    (l/warn :msg "unrecognized report received from AWS"
+            :report (pr-str report))))


--- a/backend/src/app/http/errors.clj
+++ b/backend/src/app/http/errors.clj
@@ -2,17 +2,14 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.http.errors
  "A errors handling for the http server."
  (:require
+   [app.common.exceptions :as ex]
   [app.common.uuid :as uuid]
-   [app.util.log4j :refer [update-thread-context!]]
-   [clojure.tools.logging :as log]
+   [app.util.logging :as l]
   [cuerdas.core :as str]
   [expound.alpha :as expound]))

@@ -72,8 +69,11 @@
  [error request]
  (let [edata (ex-data error)
        cdata (get-error-context request error)]
-    (update-thread-context! cdata)
-    (log/errorf error "internal error: assertion (id: %s)" (str (:id cdata)))
+    (l/update-thread-context! cdata)
+    (l/error :hint "internal error: assertion"
+             :error-id (str (:id cdata))
+             :cause error)
+
    {:status 500
     :body {:type :server-error
            :data (-> edata
@@ -86,15 +86,55 @@

 (defmethod handle-exception :default
  [error request]
-  (let [cdata (get-error-context request error)]
-    (update-thread-context! cdata)
-    (log/errorf error "internal error: %s (id: %s)"
-                (ex-message error)
-                (str (:id cdata)))
-    {:status 500
-     :body {:type :server-error
-            :hint (ex-message error)
-            :data (ex-data error)}}))
+  (let [edata (ex-data error)]
+    ;; NOTE: this is a special case for the idle-in-transaction error;
+    ;; when it happens, the connection is automatically closed and
+    ;; next-jdbc combines the two errors in a single ex-info. We only
+    ;; need the :handling error, because the :rollback error will be
+    ;; always "connection closed".
+    (if (and (ex/exception? (:rollback edata))
+             (ex/exception? (:handling edata)))
+      (handle-exception (:handling edata) request)
+      (let [cdata (get-error-context request error)]
+        (l/update-thread-context! cdata)
+        (l/error :hint "internal error"
+                 :error-message (ex-message error)
+                 :error-id (str (:id cdata))
+                 :cause error)
+        {:status 500
+         :body {:type :server-error
+                :hint (ex-message error)
+                :data edata}}))))
+
+(defmethod handle-exception org.postgresql.util.PSQLException
+  [error request]
+  (let [cdata (get-error-context request error)
+        state (.getSQLState ^java.sql.SQLException error)]
+
+    (l/update-thread-context! cdata)
+    (l/error :hint "psql exception"
+             :error-message (ex-message error)
+             :error-id (str (:id cdata))
+             :sql-state state)
+
+    (cond
+      (= state "57014")
+      {:status 504
+       :body {:type :server-timeout
+              :code :statement-timeout
+              :hint (ex-message error)}}
+
+      (= state "25P03")
+      {:status 504
+       :body {:type :server-timeout
+              :code :idle-in-transaction-timeout
+              :hint (ex-message error)}}
+
+      :else
+      {:status 500
+       :body {:type :server-timeout
+              :hint (ex-message error)
+              :state state}})))

 (defn handle
  [error req]
--- a/backend/src/app/http/feedback.clj
+++ b/backend/src/app/http/feedback.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.http.feedback
  "A general purpose feedback module."
@@ -15,7 +12,7 @@
   [app.common.spec :as us]
   [app.config :as cfg]
   [app.db :as db]
-   [app.emails :as emails]
+   [app.emails :as eml]
   [app.rpc.queries.profile :as profile]
   [clojure.spec.alpha :as s]
   [integrant.core :as ig]))
@@ -61,13 +58,13 @@
 (defn send-feedback
  [pool profile params]
  (let [params      (us/conform ::feedback params)
-        destination (cfg/get :feedback-destination)
-        reply-to    (cfg/get :feedback-reply-to)]
-    (emails/send! pool emails/feedback
-                  {:to       destination
-                   :profile  profile
-                   :reply-to (:from params)
-                   :email    (:from params)
-                   :subject  (:subject params)
-                   :content  (:content params)})
+        destination (cfg/get :feedback-destination)]
+    (eml/send! {::eml/conn pool
+                ::eml/factory eml/feedback
+                :to       destination
+                :profile  profile
+                :reply-to (:from params)
+                :email    (:from params)
+                :subject  (:subject params)
+                :content  (:content params)})
    nil))
--- a/backend/src/app/http/middleware.clj
+++ b/backend/src/app/http/middleware.clj
@@ -2,16 +2,16 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.http.middleware
  (:require
   [app.metrics :as mtx]
   [app.util.json :as json]
+   [app.util.logging :as l]
   [app.util.transit :as t]
+   [buddy.core.codecs :as bc]
+   [buddy.core.hash :as bh]
   [clojure.java.io :as io]
   [ring.middleware.cookies :refer [wrap-cookies]]
   [ring.middleware.keyword-params :refer [wrap-keyword-params]]
@@ -119,8 +119,6 @@
   :wrap (fn [handler]
           (mtx/wrap-counter handler {:id "http__requests_counter"
                                      :help "Absolute http requests counter."}))})
-
-
 (def cookies
  {:name ::cookies
   :compile (constantly wrap-cookies)})
@@ -140,3 +138,43 @@
 (def server-timing
  {:name ::server-timing
   :compile (constantly wrap-server-timing)})
+
+(defn wrap-etag
+  [handler]
+  (letfn [(generate-etag [{:keys [body] :as response}]
+            (str "W/\"" (-> body bh/blake2b-128 bc/bytes->hex) "\""))
+          (get-match [{:keys [headers] :as request}]
+            (get headers "if-none-match"))]
+    (fn [request]
+      (let [response (handler request)]
+        (if (= :get (:request-method request))
+          (let [etag     (generate-etag response)
+                match    (get-match request)
+                response (update response :headers #(assoc % "ETag" etag))]
+            (cond-> response
+              (and (string? match)
+                   (= :get (:request-method request))
+                   (= etag match))
+              (-> response
+                  (assoc :body "")
+                  (assoc :status 304))))
+          response)))))
+
+(def etag
+  {:name ::etag
+   :compile (constantly wrap-etag)})
+
+(defn activity-logger
+  [handler]
+  (let [logger "penpot.profile-activity"]
+    (fn [{:keys [headers] :as request}]
+      (let [ip-addr    (get headers "x-forwarded-for")
+            profile-id (:profile-id request)
+            qstring    (:query-string request)]
+        (l/info ::l/async true
+                ::l/logger logger
+                :ip-addr ip-addr
+                :profile-id profile-id
+                :uri (str (:uri request) (when qstring (str "?" qstring)))
+                :method (name (:request-method request)))
+        (handler request)))))
--- a/backend/src/app/http/oauth.clj
+++ b/backend/src/app/http/oauth.clj
@@ -0,0 +1,298 @@
+;; This Source Code Form is subject to the terms of the Mozilla Public
+;; License, v. 2.0. If a copy of the MPL was not distributed with this
+;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
+;;
+;; Copyright (c) UXBOX Labs SL
+
+(ns app.http.oauth
+  (:require
+   [app.common.exceptions :as ex]
+   [app.common.spec :as us]
+   [app.common.uri :as u]
+   [app.config :as cf]
+   [app.util.http :as http]
+   [app.util.logging :as l]
+   [app.util.time :as dt]
+   [clojure.data.json :as json]
+   [clojure.set :as set]
+   [clojure.spec.alpha :as s]
+   [cuerdas.core :as str]
+   [integrant.core :as ig]))
+
+(defn redirect-response
+  [uri]
+  {:status 302
+   :headers {"location" (str uri)}
+   :body ""})
+
+(defn generate-error-redirect-uri
+  [cfg]
+  (-> (u/uri (:public-uri cfg))
+      (assoc :path "/#/auth/login")
+      (assoc :query (u/map->query-string {:error "unable-to-auth"}))))
+
+(defn register-profile
+  [{:keys [rpc] :as cfg} info]
+  (let [method-fn (get-in rpc [:methods :mutation :login-or-register])
+        profile   (method-fn info)]
+    (cond-> profile
+      (some? (:invitation-token info))
+      (assoc :invitation-token (:invitation-token info)))))
+
+(defn generate-redirect-uri
+  [{:keys [tokens] :as cfg} profile]
+  (let [token (or (:invitation-token profile)
+                  (tokens :generate {:iss :auth
+                                     :exp (dt/in-future "15m")
+                                     :profile-id (:id profile)}))]
+    (-> (u/uri (:public-uri cfg))
+        (assoc :path "/#/auth/verify-token")
+        (assoc :query (u/map->query-string {:token token})))))
+
+(defn- build-redirect-uri
+  [{:keys [provider] :as cfg}]
+  (let [public (u/uri (:public-uri cfg))]
+    (str (assoc public :path (str "/api/auth/oauth/" (:name provider) "/callback")))))
+
+(defn- build-auth-uri
+  [{:keys [provider] :as cfg} state]
+  (let [params {:client_id (:client-id provider)
+                :redirect_uri (build-redirect-uri cfg)
+                :response_type "code"
+                :state state
+                :scope (str/join " " (:scopes provider []))}
+        query  (u/map->query-string params)]
+    (-> (u/uri (:auth-uri provider))
+        (assoc :query query)
+        (str))))
+
+(defn retrieve-access-token
+  [{:keys [provider] :as cfg} code]
+  (try
+    (let [params {:client_id (:client-id provider)
+                  :client_secret (:client-secret provider)
+                  :code code
+                  :grant_type "authorization_code"
+                  :redirect_uri (build-redirect-uri cfg)}
+          req    {:method :post
+                  :headers {"content-type" "application/x-www-form-urlencoded"}
+                  :uri (:token-uri provider)
+                  :body (u/map->query-string params)}
+          res    (http/send! req)]
+      (when (= 200 (:status res))
+        (let [data (json/read-str (:body res))]
+          {:token (get data "access_token")
+           :type  (get data "token_type")})))
+    (catch Exception e
+      (l/error :hint "unexpected error on retrieve-access-token"
+               :cause e)
+      nil)))
+
+(defn- retrieve-user-info
+  [{:keys [provider] :as cfg} tdata]
+  (try
+    (let [req {:uri (:user-uri provider)
+               :headers {"Authorization" (str (:type tdata) " " (:token tdata))}
+               :timeout 6000
+               :method :get}
+          res (http/send! req)]
+
+      (when (= 200 (:status res))
+        (let [{:keys [name] :as data} (json/read-str (:body res) :key-fn keyword)]
+          (-> data
+              (assoc :backend (:name provider))
+              (assoc :fullname name)))))
+
+    (catch Exception e
+      (l/error :hint "unexpected exception on retrieve-user-info"
+               :cause e)
+      nil)))
+
+(defn retrieve-info
+  [{:keys [tokens provider] :as cfg} request]
+  (let [state  (get-in request [:params :state])
+        state  (tokens :verify {:token state :iss :oauth})
+        info   (some->> (get-in request [:params :code])
+                        (retrieve-access-token cfg)
+                        (retrieve-user-info cfg))]
+    (when-not info
+      (ex/raise :type :internal
+                :code :unable-to-auth))
+
+    ;; If the provider is OIDC, we can proceed to check
+    ;; roles if they are defined.
+    (when (and (= "oidc" (:name provider))
+               (seq (:roles provider)))
+      (let [provider-roles (into #{} (:roles provider))
+            profile-roles  (let [attr  (cf/get :oidc-roles-attr :roles)
+                                 roles (get info attr)]
+                             (cond
+                               (string? roles) (into #{} (str/words roles))
+                               (vector? roles) (into #{} roles)
+                               :else #{}))]
+        ;; check if profile has a configured set of roles
+        (when-not (set/subset? provider-roles profile-roles)
+          (ex/raise :type :internal
+                    :code :unable-to-auth
+                    :hint "not enought permissions"))))
+
+    (cond-> info
+      (some? (:invitation-token state))
+      (assoc :invitation-token (:invitation-token state)))))
+
+;; --- HTTP HANDLERS
+
+(defn- auth-handler
+  [{:keys [tokens] :as cfg} request]
+  (let [invitation (get-in request [:params :invitation-token])
+        state      (tokens :generate
+                           {:iss :oauth
+                            :invitation-token invitation
+                            :exp (dt/in-future "15m")})
+        uri        (build-auth-uri cfg state)]
+    {:status 200
+     :body {:redirect-uri uri}}))
+
+(defn- callback-handler
+  [{:keys [session] :as cfg} request]
+  (try
+    (let [info    (retrieve-info cfg request)
+          profile (register-profile cfg info)
+          uri     (generate-redirect-uri cfg profile)
+          sxf     ((:create session) (:id profile))]
+      (->> (redirect-response uri)
+           (sxf request)))
+    (catch Exception _e
+      (-> (generate-error-redirect-uri cfg)
+          (redirect-response)))))
+
+;; --- INIT
+
+(declare initialize)
+
+(s/def ::public-uri ::us/not-empty-string)
+(s/def ::session map?)
+(s/def ::tokens fn?)
+(s/def ::rpc map?)
+
+(defmethod ig/pre-init-spec :app.http.oauth/handlers [_]
+  (s/keys :req-un [::public-uri ::session ::tokens ::rpc]))
+
+(defn wrap-handler
+  [cfg handler]
+  (fn [request]
+    (let [provider (get-in request [:path-params :provider])
+          provider (get-in @cfg [:providers provider])]
+      (when-not provider
+        (ex/raise :type :not-found
+                  :context {:provider provider}
+                  :hint "provider not configured"))
+      (-> (assoc @cfg :provider provider)
+          (handler request)))))
+
+(defmethod ig/init-key :app.http.oauth/handlers
+  [_ cfg]
+  (let [cfg (initialize cfg)]
+    {:handler (wrap-handler cfg auth-handler)
+     :callback-handler (wrap-handler cfg callback-handler)}))
+
+(defn- discover-oidc-config
+  [{:keys [base-uri] :as opts}]
+  (let [discovery-uri (u/join base-uri ".well-known/openid-configuration")
+        response      (http/send! {:method :get :uri (str discovery-uri)})]
+    (when (= 200 (:status response))
+      (let [data (json/read-str (:body response))]
+        (assoc opts
+               :token-uri (get data "token_endpoint")
+               :auth-uri (get data "authorization_endpoint")
+               :user-uri (get data "userinfo_endpoint"))))))
+
+(defn- initialize-oidc-provider
+  [cfg]
+  (let [opts {:base-uri      (cf/get :oidc-base-uri)
+              :client-id     (cf/get :oidc-client-id)
+              :client-secret (cf/get :oidc-client-secret)
+              :token-uri     (cf/get :oidc-token-uri)
+              :auth-uri      (cf/get :oidc-auth-uri)
+              :user-uri      (cf/get :oidc-user-uri)
+              :scopes        (into #{"openid" "profile" "email" "name"}
+                                   (cf/get :oidc-scopes #{}))
+              :roles-attr    (cf/get :oidc-roles-attr)
+              :roles         (cf/get :oidc-roles)
+              :name          "oidc"}]
+    (if (and (string? (:base-uri opts))
+             (string? (:client-id opts))
+             (string? (:client-secret opts)))
+      (if (and (string? (:token-uri opts))
+               (string? (:user-uri opts))
+               (string? (:auth-uri opts)))
+        (do
+          (l/info :action "initialize" :provider "oid" :method "static")
+          (assoc-in cfg [:providers "oidc"] opts))
+        (let [opts (discover-oidc-config opts)]
+          (l/info :action "initialize" :provider "oid" :method "discover")
+          (assoc-in cfg [:providers "oidc"] opts)))
+      cfg)))
+
+(defn- initialize-google-provider
+  [cfg]
+  (let [opts {:client-id     (cf/get :google-client-id)
+              :client-secret (cf/get :google-client-secret)
+              :scopes        #{"email" "profile" "openid"
+                               "https://www.googleapis.com/auth/userinfo.email"
+                               "https://www.googleapis.com/auth/userinfo.profile"}
+              :auth-uri      "https://accounts.google.com/o/oauth2/v2/auth"
+              :token-uri     "https://oauth2.googleapis.com/token"
+              :user-uri      "https://openidconnect.googleapis.com/v1/userinfo"
+              :name          "google"}]
+    (if (and (string? (:client-id opts))
+             (string? (:client-secret opts)))
+      (do
+        (l/info :action "initialize" :provider "google")
+        (assoc-in cfg [:providers "google"] opts))
+      cfg)))
+
+(defn- initialize-github-provider
+  [cfg]
+  (let [opts {:client-id     (cf/get :github-client-id)
+              :client-secret (cf/get :github-client-secret)
+              :scopes        #{"read:user"
+                               "user:email"}
+              :auth-uri      "https://github.com/login/oauth/authorize"
+              :token-uri     "https://github.com/login/oauth/access_token"
+              :user-uri      "https://api.github.com/user"
+              :name          "github"}]
+    (if (and (string? (:client-id opts))
+             (string? (:client-secret opts)))
+      (do
+        (l/info :action "initialize" :provider "github")
+        (assoc-in cfg [:providers "github"] opts))
+      cfg)))
+
+
+(defn- initialize-gitlab-provider
+  [cfg]
+  (let [base (cf/get :gitlab-base-uri "https://gitlab.com")
+        opts {:base-uri      base
+              :client-id     (cf/get :gitlab-client-id)
+              :client-secret (cf/get :gitlab-client-secret)
+              :scopes        #{"read_user"}
+              :auth-uri      (str base "/oauth/authorize")
+              :token-uri     (str base "/oauth/token")
+              :user-uri      (str base "/api/v4/user")
+              :name          "gitlab"}]
+    (if (and (string? (:client-id opts))
+             (string? (:client-secret opts)))
+      (do
+        (l/info :action "initialize" :provider "gitlab")
+        (assoc-in cfg [:providers "gitlab"] opts))
+      cfg)))
+
+(defn- initialize
+  [cfg]
+  (let [cfg (agent cfg :error-mode :continue)]
+    (send-off cfg initialize-google-provider)
+    (send-off cfg initialize-gitlab-provider)
+    (send-off cfg initialize-github-provider)
+    (send-off cfg initialize-oidc-provider)
+    cfg))
--- a/backend/src/app/http/oauth/github.clj
+++ b/backend/src/app/http/oauth/github.clj
@@ -1,159 +0,0 @@
-;; This Source Code Form is subject to the terms of the Mozilla Public
-;; License, v. 2.0. If a copy of the MPL was not distributed with this
-;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
-;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
-
-(ns app.http.oauth.github
-  (:require
-   [app.common.exceptions :as ex]
-   [app.common.spec :as us]
-   [app.config :as cfg]
-   [app.http.oauth.google :as gg]
-   [app.util.http :as http]
-   [app.util.time :as dt]
-   [clojure.data.json :as json]
-   [clojure.spec.alpha :as s]
-   [clojure.tools.logging :as log]
-   [integrant.core :as ig]
-   [lambdaisland.uri :as u]))
-
-(def base-github-uri
-  (u/uri "https://github.com"))
-
-(def base-api-github-uri
-  (u/uri "https://api.github.com"))
-
-(def authorize-uri
-  (assoc base-github-uri :path "/login/oauth/authorize"))
-
-(def token-url
-  (assoc base-github-uri :path "/login/oauth/access_token"))
-
-(def user-info-url
-  (assoc base-api-github-uri :path "/user"))
-
-(def scope "user:email")
-
-(defn- build-redirect-url
-  [cfg]
-  (let [public (u/uri (:public-uri cfg))]
-    (str (assoc public :path "/api/oauth/github/callback"))))
-
-(defn- get-access-token
-  [cfg state code]
-  (try
-    (let [params {:client_id (:client-id cfg)
-                  :client_secret (:client-secret cfg)
-                  :code code
-                  :state state
-                  :redirect_uri (build-redirect-url cfg)}
-          req    {:method :post
-                  :headers {"content-type" "application/x-www-form-urlencoded"
-                            "accept" "application/json"}
-                  :uri  (str token-url)
-                  :timeout 6000
-                  :body (u/map->query-string params)}
-          res    (http/send! req)]
-
-      (when (= 200 (:status res))
-        (-> (json/read-str (:body res))
-            (get "access_token"))))
-
-    (catch Exception e
-      (log/error e "unexpected error on get-access-token")
-      nil)))
-
-(defn- get-user-info
-  [_ token]
-  (try
-    (let [req {:uri (str user-info-url)
-               :headers {"authorization" (str "token " token)}
-               :timeout 6000
-               :method :get}
-          res (http/send! req)]
-      (when (= 200 (:status res))
-        (let [data (json/read-str (:body res))]
-          {:email (get data "email")
-           :backend "github"
-           :fullname (get data "name")})))
-    (catch Exception e
-      (log/error e "unexpected exception on get-user-info")
-      nil)))
-
-(defn- retrieve-info
-  [{:keys [tokens] :as cfg} request]
-  (let [token (get-in request [:params :state])
-        state (tokens :verify {:token token :iss :github-oauth})
-        info  (some->> (get-in request [:params :code])
-                       (get-access-token cfg state)
-                       (get-user-info cfg))]
-    (when-not info
-      (ex/raise :type :internal
-                :code :unable-to-auth))
-
-    (cond-> info
-      (some? (:invitation-token state))
-      (assoc :invitation-token (:invitation-token state)))))
-
-(defn auth-handler
-  [{:keys [tokens] :as cfg} request]
-  (let [invitation (get-in request [:params :invitation-token])
-        state      (tokens :generate {:iss :github-oauth
-                                      :invitation-token invitation
-                                      :exp (dt/in-future "15m")})
-        params     {:client_id (:client-id cfg/config)
-                    :redirect_uri (build-redirect-url cfg)
-                    :state state
-                    :scope scope}
-        query      (u/map->query-string params)
-        uri        (-> authorize-uri
-                       (assoc :query query))]
-    {:status 200
-     :body {:redirect-uri (str uri)}}))
-
-(defn- callback-handler
-  [{:keys [session] :as cfg} request]
-  (try
-    (let [info    (retrieve-info cfg request)
-          profile (gg/register-profile cfg info)
-          uri     (gg/generate-redirect-uri cfg profile)
-          sxf     ((:create session) (:id profile))]
-      (->> (gg/redirect-response uri)
-           (sxf request)))
-    (catch Exception _e
-      (-> (gg/generate-error-redirect-uri cfg)
-          (gg/redirect-response)))))
-
-
-;; --- ENTRY POINT
-
-(s/def ::client-id ::us/not-empty-string)
-(s/def ::client-secret ::us/not-empty-string)
-(s/def ::public-uri ::us/not-empty-string)
-(s/def ::session map?)
-(s/def ::tokens fn?)
-
-(defmethod ig/pre-init-spec :app.http.oauth/github [_]
-  (s/keys :req-un [::public-uri
-                   ::session
-                   ::tokens]
-          :opt-un [::client-id
-                   ::client-secret]))
-
-(defn- default-handler
-  [_]
-  (ex/raise :type :not-found))
-
-(defmethod ig/init-key :app.http.oauth/github
-  [_ cfg]
-  (if (and (:client-id cfg)
-           (:client-secret cfg))
-    {:handler #(auth-handler cfg %)
-     :callback-handler #(callback-handler cfg %)}
-    {:handler default-handler
-     :callback-handler default-handler}))
-
--- a/backend/src/app/http/oauth/gitlab.clj
+++ b/backend/src/app/http/oauth/gitlab.clj
@@ -1,167 +0,0 @@
-;; This Source Code Form is subject to the terms of the Mozilla Public
-;; License, v. 2.0. If a copy of the MPL was not distributed with this
-;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
-;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
-
-(ns app.http.oauth.gitlab
-  (:require
-   [app.common.data :as d]
-   [app.common.exceptions :as ex]
-   [app.common.spec :as us]
-   [app.http.oauth.google :as gg]
-   [app.util.http :as http]
-   [app.util.time :as dt]
-   [clojure.data.json :as json]
-   [clojure.spec.alpha :as s]
-   [clojure.tools.logging :as log]
-   [integrant.core :as ig]
-   [lambdaisland.uri :as u]))
-
-(def scope "read_user")
-
-(defn- build-redirect-url
-  [cfg]
-  (let [public (u/uri (:public-uri cfg))]
-    (str (assoc public :path "/api/oauth/gitlab/callback"))))
-
-(defn- build-oauth-uri
-  [cfg]
-  (let [base-uri (u/uri (:base-uri cfg))]
-    (assoc base-uri :path "/oauth/authorize")))
-
-(defn- build-token-url
-  [cfg]
-  (let [base-uri (u/uri (:base-uri cfg))]
-    (str (assoc base-uri :path "/oauth/token"))))
-
-(defn- build-user-info-url
-  [cfg]
-  (let [base-uri (u/uri (:base-uri cfg))]
-    (str (assoc base-uri :path "/api/v4/user"))))
-
-(defn- get-access-token
-  [cfg code]
-  (try
-    (let [params {:client_id (:client-id cfg)
-                  :client_secret (:client-secret cfg)
-                  :code code
-                  :grant_type "authorization_code"
-                  :redirect_uri (build-redirect-url cfg)}
-          req    {:method :post
-                  :headers {"content-type" "application/x-www-form-urlencoded"}
-                  :uri (build-token-url cfg)
-                  :body (u/map->query-string params)}
-        res    (http/send! req)]
-
-      (when (= 200 (:status res))
-        (-> (json/read-str (:body res))
-            (get "access_token"))))
-
-    (catch Exception e
-      (log/error e "unexpected error on get-access-token")
-      nil)))
-
-(defn- get-user-info
-  [cfg token]
-  (try
-    (let [req {:uri (build-user-info-url cfg)
-               :headers {"Authorization" (str "Bearer " token)}
-               :timeout 6000
-               :method :get}
-          res (http/send! req)]
-
-      (when (= 200 (:status res))
-        (let [data (json/read-str (:body res))]
-          {:email (get data "email")
-           :backend "gitlab"
-           :fullname (get data "name")})))
-
-    (catch Exception e
-      (log/error e "unexpected exception on get-user-info")
-      nil)))
-
-
-(defn- retrieve-info
-  [{:keys [tokens] :as cfg} request]
-  (let [token (get-in request [:params :state])
-        state (tokens :verify {:token token :iss :gitlab-oauth})
-        info  (some->> (get-in request [:params :code])
-                       (get-access-token cfg)
-                       (get-user-info cfg))]
-    (when-not info
-      (ex/raise :type :internal
-                :code :unable-to-auth))
-
-    (cond-> info
-      (some? (:invitation-token state))
-      (assoc :invitation-token (:invitation-token state)))))
-
-
-(defn- auth-handler
-  [{:keys [tokens] :as cfg} request]
-  (let [invitation (get-in request [:params :invitation-token])
-        state      (tokens :generate
-                           {:iss :gitlab-oauth
-                            :invitation-token invitation
-                            :exp (dt/in-future "15m")})
-
-        params     {:client_id (:client-id cfg)
-                    :redirect_uri (build-redirect-url cfg)
-                    :response_type "code"
-                    :state state
-                    :scope scope}
-        query      (u/map->query-string params)
-        uri        (-> (build-oauth-uri cfg)
-                       (assoc :query query))]
-    {:status 200
-     :body {:redirect-uri (str uri)}}))
-
-(defn- callback-handler
-  [{:keys [session] :as cfg} request]
-  (try
-    (let [info    (retrieve-info cfg request)
-          profile (gg/register-profile cfg info)
-          uri     (gg/generate-redirect-uri cfg profile)
-          sxf     ((:create session) (:id profile))]
-      (->> (gg/redirect-response uri)
-           (sxf request)))
-    (catch Exception _e
-      (-> (gg/generate-error-redirect-uri cfg)
-          (gg/redirect-response)))))
-
-(s/def ::client-id ::us/not-empty-string)
-(s/def ::client-secret ::us/not-empty-string)
-(s/def ::base-uri ::us/not-empty-string)
-(s/def ::public-uri ::us/not-empty-string)
-(s/def ::session map?)
-(s/def ::tokens fn?)
-
-(defmethod ig/pre-init-spec :app.http.oauth/gitlab [_]
-  (s/keys :req-un [::public-uri
-                   ::session
-                   ::tokens]
-          :opt-un [::base-uri
-                   ::client-id
-                   ::client-secret]))
-
-(defmethod ig/prep-key :app.http.oauth/gitlab
-  [_ cfg]
-  (d/merge {:base-uri "https://gitlab.com"}
-           (d/without-nils cfg)))
-
-(defn- default-handler
-  [_]
-  (ex/raise :type :not-found))
-
-(defmethod ig/init-key :app.http.oauth/gitlab
-  [_ cfg]
-  (if (and (:client-id cfg)
-           (:client-secret cfg))
-    {:handler #(auth-handler cfg %)
-     :callback-handler #(callback-handler cfg %)}
-    {:handler default-handler
-     :callback-handler default-handler}))
--- a/backend/src/app/http/oauth/google.clj
+++ b/backend/src/app/http/oauth/google.clj
@@ -1,182 +0,0 @@
-;; This Source Code Form is subject to the terms of the Mozilla Public
-;; License, v. 2.0. If a copy of the MPL was not distributed with this
-;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
-;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
-
-(ns app.http.oauth.google
-  (:require
-   [app.common.exceptions :as ex]
-   [app.common.spec :as us]
-   [app.util.http :as http]
-   [app.util.time :as dt]
-   [clojure.data.json :as json]
-   [clojure.spec.alpha :as s]
-   [clojure.tools.logging :as log]
-   [integrant.core :as ig]
-   [lambdaisland.uri :as u]))
-
-(def base-goauth-uri "https://accounts.google.com/o/oauth2/v2/auth")
-
-(def scope
-  (str "email profile "
-       "https://www.googleapis.com/auth/userinfo.email "
-       "https://www.googleapis.com/auth/userinfo.profile "
-       "openid"))
-
-(defn- build-redirect-url
-  [cfg]
-  (let [public (u/uri (:public-uri cfg))]
-    (str (assoc public :path "/api/oauth/google/callback"))))
-
-(defn- get-access-token
-  [cfg code]
-  (try
-    (let [params {:code code
-                  :client_id (:client-id cfg)
-                  :client_secret (:client-secret cfg)
-                  :redirect_uri (build-redirect-url cfg)
-                  :grant_type "authorization_code"}
-          req    {:method :post
-                  :headers {"content-type" "application/x-www-form-urlencoded"}
-                  :uri "https://oauth2.googleapis.com/token"
-                  :timeout 6000
-                  :body (u/map->query-string params)}
-          res    (http/send! req)]
-
-      (when (= 200 (:status res))
-        (-> (json/read-str (:body res))
-            (get "access_token"))))
-    (catch Exception e
-      (log/error e "unexpected error on get-access-token")
-      nil)))
-
-(defn- get-user-info
-  [_ token]
-  (try
-    (let [req {:uri "https://openidconnect.googleapis.com/v1/userinfo"
-               :headers {"Authorization" (str "Bearer " token)}
-               :timeout 6000
-               :method :get}
-          res (http/send! req)]
-
-      (when (= 200 (:status res))
-        (let [data (json/read-str (:body res))]
-          {:email (get data "email")
-           :backend "google"
-           :fullname (get data "name")})))
-    (catch Exception e
-      (log/error e "unexpected exception on get-user-info")
-      nil)))
-
-(defn- retrieve-info
-  [{:keys [tokens] :as cfg} request]
-  (let [token (get-in request [:params :state])
-        state (tokens :verify {:token token :iss :google-oauth})
-        info  (some->> (get-in request [:params :code])
-                       (get-access-token cfg)
-                       (get-user-info cfg))]
-
-
-    (when-not info
-      (ex/raise :type :internal
-                :code :unable-to-auth))
-
-    (cond-> info
-      (some? (:invitation-token state))
-      (assoc :invitation-token (:invitation-token state)))))
-
-(defn register-profile
-  [{:keys [rpc] :as cfg} info]
-  (let [method-fn (get-in rpc [:methods :mutation :login-or-register])
-        profile   (method-fn {:email (:email info)
-                              :backend (:backend info)
-                              :fullname (:fullname info)})]
-    (cond-> profile
-      (some? (:invitation-token info))
-      (assoc :invitation-token (:invitation-token info)))))
-
-(defn generate-redirect-uri
-  [{:keys [tokens] :as cfg} profile]
-  (let [token (or (:invitation-token profile)
-                  (tokens :generate {:iss :auth
-                                     :exp (dt/in-future "15m")
-                                     :profile-id (:id profile)}))]
-    (-> (u/uri (:public-uri cfg))
-        (assoc :path "/#/auth/verify-token")
-        (assoc :query (u/map->query-string {:token token})))))
-
-(defn generate-error-redirect-uri
-  [cfg]
-  (-> (u/uri (:public-uri cfg))
-      (assoc :path "/#/auth/login")
-      (assoc :query (u/map->query-string {:error "unable-to-auth"}))))
-
-(defn redirect-response
-  [uri]
-  {:status 302
-   :headers {"location" (str uri)}
-   :body ""})
-
-(defn- auth-handler
-  [{:keys [tokens] :as cfg} request]
-  (let [invitation (get-in request [:params :invitation-token])
-        state      (tokens :generate
-                           {:iss :google-oauth
-                            :invitation-token invitation
-                            :exp (dt/in-future "15m")})
-        params     {:scope scope
-                    :access_type "offline"
-                    :include_granted_scopes true
-                    :state state
-                    :response_type "code"
-                    :redirect_uri (build-redirect-url cfg)
-                    :client_id (:client-id cfg)}
-        query      (u/map->query-string params)
-        uri        (-> (u/uri base-goauth-uri)
-                       (assoc :query query))]
-
-    {:status 200
-     :body {:redirect-uri (str uri)}}))
-
-(defn- callback-handler
-  [{:keys [session] :as cfg} request]
-  (try
-    (let [info    (retrieve-info cfg request)
-          profile (register-profile cfg info)
-          uri     (generate-redirect-uri cfg profile)
-          sxf     ((:create session) (:id profile))]
-      (->> (redirect-response uri)
-           (sxf request)))
-    (catch Exception _e
-      (-> (generate-error-redirect-uri cfg)
-          (redirect-response)))))
-
-(s/def ::client-id ::us/not-empty-string)
-(s/def ::client-secret ::us/not-empty-string)
-(s/def ::public-uri ::us/not-empty-string)
-(s/def ::session map?)
-(s/def ::tokens fn?)
-
-(defmethod ig/pre-init-spec :app.http.oauth/google [_]
-  (s/keys :req-un [::public-uri
-                   ::session
-                   ::tokens]
-          :opt-un [::client-id
-                   ::client-secret]))
-
-(defn- default-handler
-  [_]
-  (ex/raise :type :not-found))
-
-(defmethod ig/init-key :app.http.oauth/google
-  [_ cfg]
-  (if (and (:client-id cfg)
-           (:client-secret cfg))
-    {:handler #(auth-handler cfg %)
-     :callback-handler #(callback-handler cfg %)}
-    {:handler default-handler
-     :callback-handler default-handler}))
--- a/backend/src/app/http/session.clj
+++ b/backend/src/app/http/session.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.http.session
  (:require
@@ -15,101 +12,98 @@
   [app.db :as db]
   [app.metrics :as mtx]
   [app.util.async :as aa]
-   [app.util.log4j :refer [update-thread-context!]]
+   [app.util.logging :as l]
   [app.util.time :as dt]
   [app.worker :as wrk]
-   [buddy.core.codecs :as bc]
-   [buddy.core.nonce :as bn]
   [clojure.core.async :as a]
   [clojure.spec.alpha :as s]
-   [clojure.tools.logging :as log]
   [integrant.core :as ig]))

+;; A default cookie name for storing the session. We don't allow
+;; configure it.
+(def cookie-name "auth-token")
+
 ;; --- IMPL

-(defn- next-session-id
-  ([] (next-session-id 96))
-  ([n]
-   (-> (bn/random-nonce n)
-       (bc/bytes->b64u)
-       (bc/bytes->str))))
+(defn- create-session
+  [{:keys [conn tokens] :as cfg} {:keys [profile-id headers] :as request}]
+  (let [token  (tokens :generate {:iss "authentication"
+                                  :iat (dt/now)
+                                  :uid profile-id})
+        params {:user-agent (get headers "user-agent")
+                :profile-id profile-id
+                :id token}]
+    (db/insert! conn :http-session params)))

-(defn- create
-  [{:keys [conn] :as cfg} {:keys [profile-id user-agent]}]
-  (let [id (next-session-id)]
-    (db/insert! conn :http-session {:id id
-                                    :profile-id profile-id
-                                    :user-agent user-agent})
-    id))
-
-(defn- delete
-  [{:keys [conn cookie-name] :as cfg} {:keys [cookies] :as request}]
+(defn- delete-session
+  [{:keys [conn] :as cfg} {:keys [cookies] :as request}]
  (when-let [token (get-in cookies [cookie-name :value])]
    (db/delete! conn :http-session {:id token}))
  nil)

-(defn- retrieve
-  [{:keys [conn] :as cfg} token]
-  (when token
-    (db/exec-one! conn ["select id, profile_id from http_session where id = ?" token])))
+(defn- retrieve-session
+  [{:keys [conn] :as cfg} id]
+  (when id
+    (db/exec-one! conn ["select id, profile_id from http_session where id = ?" id])))

 (defn- retrieve-from-request
-  [{:keys [cookie-name] :as cfg} {:keys [cookies] :as request}]
+  [cfg {:keys [cookies] :as request}]
  (->> (get-in cookies [cookie-name :value])
-       (retrieve cfg)))
+       (retrieve-session cfg)))

-(defn- cookies
-  [{:keys [cookie-name] :as cfg} vals]
-  {cookie-name (merge vals {:path "/" :http-only true})})
+(defn- add-cookies
+  [response {:keys [id] :as session}]
+  (assoc response :cookies {cookie-name {:path "/" :http-only true :value id}}))
+
+(defn- clear-cookies
+  [response]
+  (assoc response :cookies {cookie-name {:value "" :max-age -1}}))

 (defn- middleware
  [cfg handler]
  (fn [request]
    (if-let [{:keys [id profile-id] :as session} (retrieve-from-request cfg request)]
-      (let [ech (::events-ch cfg)]
-        (a/>!! ech id)
-        (update-thread-context! {:profile-id profile-id})
+      (do
+        (a/>!! (::events-ch cfg) id)
+        (l/update-thread-context! {:profile-id profile-id})
        (handler (assoc request :profile-id profile-id)))
      (handler request))))

 ;; --- STATE INIT: SESSION

-(s/def ::cookie-name ::cfg/http-session-cookie-name)
-
 (defmethod ig/pre-init-spec ::session [_]
-  (s/keys :req-un [::db/pool]
-          :opt-un [::cookie-name]))
+  (s/keys :req-un [::db/pool]))

 (defmethod ig/prep-key ::session
  [_ cfg]
-  (merge {:cookie-name "auth-token"
-          :buffer-size 64}
-         (d/without-nils cfg)))
+  (d/merge {:buffer-size 64}
+           (d/without-nils cfg)))

 (defmethod ig/init-key ::session
  [_ {:keys [pool] :as cfg}]
  (let [events (a/chan (a/dropping-buffer (:buffer-size cfg)))
-        cfg    (assoc cfg
-                      :conn pool
-                      ::events-ch events)]
+        cfg    (-> cfg
+                   (assoc :conn pool)
+                   (assoc ::events-ch events))]
    (-> cfg
        (assoc :middleware #(middleware cfg %))
        (assoc :create (fn [profile-id]
                         (fn [request response]
-                           (let [uagent (get-in request [:headers "user-agent"])
-                                 value  (create cfg {:profile-id profile-id :user-agent uagent})]
-                             (assoc response :cookies (cookies cfg {:value value}))))))
+                           (let [request (assoc request :profile-id profile-id)
+                                 session (create-session cfg request)]
+                             (add-cookies response session)))))
        (assoc :delete (fn [request response]
-                         (delete cfg request)
-                         (assoc response
-                                :status 204
-                                :body ""
-                                :cookies (cookies cfg {:value "" :max-age -1})))))))
+                         (delete-session cfg request)
+                         (-> response
+                             (assoc :status 204)
+                             (assoc :body "")
+                             (clear-cookies)))))))

 (defmethod ig/halt-key! ::session
  [_ data]
  (a/close! (::events-ch data)))

+
 ;; --- STATE INIT: SESSION UPDATER

 (declare batch-events)
@@ -132,12 +126,12 @@

 (defmethod ig/init-key ::updater
  [_ {:keys [session metrics] :as cfg}]
-  (log/infof "initialize session updater (max-batch-age=%s, max-batch-size=%s)"
-             (str (:max-batch-age cfg))
-             (str (:max-batch-size cfg)))
+  (l/info :action "initialize session updater"
+          :max-batch-age (str (:max-batch-age cfg))
+          :max-batch-size (str (:max-batch-size cfg)))
  (let [input (batch-events cfg (::events-ch session))
        mcnt  (mtx/create
-               {:name "http_session_updater_count"
+               {:name "http_session_update_total"
                :help "A counter of session update batch events."
                :registry (:registry metrics)
                :type :counter})]
@@ -146,8 +140,13 @@
        (let [result (a/<! (update-sessions cfg batch))]
          (mcnt :inc)
          (if (ex/exception? result)
-            (log/error result "updater: unexpected error on update sessions")
-            (log/tracef "updater: updated %s sessions (reason: %s)." result (name reason)))
+            (l/error :task "updater"
+                     :hint "unexpected error on update sessions"
+                     :cause result)
+            (l/debug :task "updater"
+                     :action "update sessions"
+                     :reason (name reason)
+                     :count result))
          (recur))))))

 (defn- timeout-chan
@@ -209,7 +208,9 @@
      (let [interval (db/interval max-age)
            result   (db/exec-one! conn [sql:delete-expired interval])
            result   (:next.jdbc/update-count result)]
-        (log/debugf "gc-task: removed %s rows from http-session table" result)
+        (l/debug :task "gc"
+                 :action "clean http sessions"
+                 :count result)
        result))))

 (def ^:private
--- a/backend/src/app/loggers/loki.clj
+++ b/backend/src/app/loggers/loki.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.loggers.loki
  "A Loki integration."
@@ -15,10 +12,10 @@
   [app.util.async :as aa]
   [app.util.http :as http]
   [app.util.json :as json]
+   [app.util.logging :as l]
   [app.worker :as wrk]
   [clojure.core.async :as a]
   [clojure.spec.alpha :as s]
-   [clojure.tools.logging :as log]
   [integrant.core :as ig]))

 (declare handle-event)
@@ -33,13 +30,13 @@
 (defmethod ig/init-key ::reporter
  [_ {:keys [receiver uri] :as cfg}]
  (when uri
-    (log/info "intializing loki reporter")
+    (l/info :msg "intializing loki reporter" :uri uri)
    (let [output (a/chan (a/sliding-buffer 1024))]
      (receiver :sub output)
      (a/go-loop []
        (let [msg (a/<! output)]
          (if (nil? msg)
-            (log/info "stoping error reporting loop")
+            (l/info :msg "stoping error reporting loop")
            (do
              (a/<! (handle-event cfg msg))
              (recur)))))
@@ -75,10 +72,14 @@
      (if (= (:status response) 204)
        true
        (do
-          (log/errorf "error on sending log to loki (try %s)\n%s" i (pr-str response))
+          (l/error :hint "error on sending log to loki"
+                   :try i
+                   :rsp (pr-str response))
          false)))
    (catch Exception e
-      (log/errorf e "error on sending message to loki (try %s)" i)
+      (l/error :hint "error on sending message to loki"
+               :cause e
+               :try i)
      false)))

 (defn- handle-event
--- a/backend/src/app/loggers/mattermost.clj
+++ b/backend/src/app/loggers/mattermost.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.loggers.mattermost
  "A mattermost integration for error reporting."
@@ -18,12 +15,12 @@
   [app.util.async :as aa]
   [app.util.http :as http]
   [app.util.json :as json]
+   [app.util.logging :as l]
   [app.util.template :as tmpl]
   [app.worker :as wrk]
   [clojure.core.async :as a]
   [clojure.java.io :as io]
   [clojure.spec.alpha :as s]
-   [clojure.tools.logging :as log]
   [cuerdas.core :as str]
   [integrant.core :as ig]))

@@ -42,15 +39,15 @@
          :opt-un [::uri]))

 (defmethod ig/init-key ::reporter
-  [_ {:keys [receiver] :as cfg}]
-  (log/info "intializing mattermost error reporter")
+  [_ {:keys [receiver uri] :as cfg}]
+  (l/info :msg "intializing mattermost error reporter" :uri uri)
  (let [output (a/chan (a/sliding-buffer 128)
                       (filter #(= (:level %) "error")))]
    (receiver :sub output)
    (a/go-loop []
      (let [msg (a/<! output)]
        (if (nil? msg)
-          (log/info "stoping error reporting loop")
+          (l/info :msg "stoping error reporting loop")
          (do
            (a/<! (handle-event cfg msg))
            (recur)))))
@@ -65,20 +62,21 @@
  (try
    (let [uri  (:uri cfg)
          text (str "Unhandled exception (@channel):\n"
-                    "- detail: " (:public-uri cfg/config) "/dbg/error-by-id/" id "\n"
+                    "- detail: " (cfg/get :public-uri) "/dbg/error-by-id/" id "\n"
+                    "- profile-id: `" (:profile-id cdata) "`\n"
                    "- host: `" host "`\n"
-                    "- version: `" version "`\n"
-                    (when error
-                      (str "```\n" (:trace error)  "\n```")))
+                    "- version: `" version "`\n")
          rsp    (http/send! {:uri uri
                              :method :post
                              :headers {"content-type" "application/json"}
                              :body (json/encode-str {:text text})})]
      (when (not= (:status rsp) 200)
-        (log/errorf "error on sending data to mattermost\n%s" (pr-str rsp))))
+        (l/error :hint "error on sending data to mattermost"
+                 :response (pr-str rsp))))

    (catch Exception e
-      (log/error e "unexpected exception on error reporter"))))
+      (l/error :hint "unexpected exception on error reporter"
+               :cause e))))

 (defn- persist-on-database!
  [{:keys [pool] :as cfg} {:keys [id] :as cdata}]
@@ -116,7 +114,8 @@
          (send-mattermost-notification! cfg cdata))
        (persist-on-database! cfg cdata))
      (catch Exception e
-        (log/error e "unexpected exception on error reporter")))))
+        (l/error :hint "unexpected exception on error reporter"
+                 :cause e)))))

 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;; Http Handler
--- a/backend/src/app/loggers/zmq.clj
+++ b/backend/src/app/loggers/zmq.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.loggers.zmq
  "A generic ZMQ listener."
@@ -13,10 +10,10 @@
   [app.common.data :as d]
   [app.common.spec :as us]
   [app.util.json :as json]
+   [app.util.logging :as l]
   [app.util.time :as dt]
   [clojure.core.async :as a]
   [clojure.spec.alpha :as s]
-   [clojure.tools.logging :as log]
   [cuerdas.core :as str]
   [integrant.core :as ig])
  (:import
@@ -34,7 +31,7 @@

 (defmethod ig/init-key ::receiver
  [_ {:keys [endpoint] :as cfg}]
-  (log/infof "intializing ZMQ receiver on '%s'" endpoint)
+  (l/info :msg "intializing ZMQ receiver" :bind endpoint)
  (let [buffer (a/chan 1)
        output (a/chan 1 (comp (filter map?)
                               (map prepare)))
--- a/backend/src/app/main.clj
+++ b/backend/src/app/main.clj
@@ -2,360 +2,296 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.main
  (:require
   [app.common.data :as d]
-   [app.config :as cfg]
+   [app.config :as cf]
+   [app.util.logging :as l]
   [app.util.time :as dt]
-   [clojure.pprint :as pprint]
-   [clojure.tools.logging :as log]
   [integrant.core :as ig]))

-;; Set value for all new threads bindings.
-(alter-var-root #'*assert* (constantly (:asserts-enabled cfg/config)))
+(def system-config
+  {:app.db/pool
+   {:uri        (cf/get :database-uri)
+    :username   (cf/get :database-username)
+    :password   (cf/get :database-password)
+    :metrics    (ig/ref :app.metrics/metrics)
+    :migrations (ig/ref :app.migrations/all)
+    :name :main
+    :min-pool-size 0
+    :max-pool-size 20}

-(derive :app.telemetry/server :app.http/server)
+   :app.metrics/metrics
+   {:definitions
+    {:profile-register
+     {:name "actions_profile_register_count"
+      :help "A global counter of user registrations."
+      :type :counter}
+     :profile-activation
+     {:name "actions_profile_activation_count"
+      :help "A global counter of profile activations"
+      :type :counter}}}

-;; --- Entry point
+   :app.migrations/all
+   {:main (ig/ref :app.migrations/migrations)}

-(defn build-system-config
-  [config]
-  (d/deep-merge
-   {:app.db/pool
-    {:uri        (:database-uri config)
-     :username   (:database-username config)
-     :password   (:database-password config)
-     :metrics    (ig/ref :app.metrics/metrics)
-     :migrations (ig/ref :app.migrations/all)
-     :name "main"
-     :min-pool-size 0
-     :max-pool-size 20}
+   :app.migrations/migrations
+   {}

-    :app.metrics/metrics
-    {:definitions
-     {:profile-register
-      {:name "actions_profile_register_count"
-       :help "A global counter of user registrations."
-       :type :counter}
-      :profile-activation
-      {:name "actions_profile_activation_count"
-       :help "A global counter of profile activations"
-       :type :counter}}}
+   :app.msgbus/msgbus
+   {:backend   (cf/get :msgbus-backend :redis)
+    :redis-uri (cf/get :redis-uri)}

-    :app.migrations/all
-    {:main      (ig/ref :app.migrations/migrations)
-     :telemetry (ig/ref :app.telemetry/migrations)}
+   :app.tokens/tokens
+   {:sprops (ig/ref :app.setup/props)}

-    :app.migrations/migrations
-    {}
+   :app.storage/gc-deleted-task
+   {:pool     (ig/ref :app.db/pool)
+    :storage  (ig/ref :app.storage/storage)
+    :min-age  (dt/duration {:hours 2})}

-    :app.telemetry/migrations
-    {}
+   :app.storage/gc-touched-task
+   {:pool     (ig/ref :app.db/pool)}

-    :app.msgbus/msgbus
-    {:uri (:redis-uri config)}
+   :app.storage/recheck-task
+   {:pool     (ig/ref :app.db/pool)
+    :storage  (ig/ref :app.storage/storage)}

-    :app.tokens/tokens
-    {:sprops (ig/ref :app.setup/props)}
+   :app.http.session/session
+   {:pool   (ig/ref :app.db/pool)
+    :tokens (ig/ref :app.tokens/tokens)}

-    :app.storage/gc-deleted-task
-    {:pool     (ig/ref :app.db/pool)
-     :storage  (ig/ref :app.storage/storage)
-     :min-age  (dt/duration {:hours 2})}
+   :app.http.session/gc-task
+   {:pool        (ig/ref :app.db/pool)
+    :max-age     (cf/get :http-session-idle-max-age)}

-    :app.storage/gc-touched-task
-    {:pool     (ig/ref :app.db/pool)}
+   :app.http.session/updater
+   {:pool           (ig/ref :app.db/pool)
+    :metrics        (ig/ref :app.metrics/metrics)
+    :executor       (ig/ref :app.worker/executor)
+    :session        (ig/ref :app.http.session/session)
+    :max-batch-age  (cf/get :http-session-updater-batch-max-age)
+    :max-batch-size (cf/get :http-session-updater-batch-max-size)}

-    :app.storage/recheck-task
-    {:pool     (ig/ref :app.db/pool)
-     :storage  (ig/ref :app.storage/storage)}
+   :app.http.awsns/handler
+   {:tokens  (ig/ref :app.tokens/tokens)
+    :pool    (ig/ref :app.db/pool)}

-    :app.http.session/session
-    {:pool        (ig/ref :app.db/pool)
-     :cookie-name (:http-session-cookie-name config)}
+   :app.http/server
+   {:port    (cf/get :http-server-port)
+    :router  (ig/ref :app.http/router)
+    :metrics (ig/ref :app.metrics/metrics)
+    :ws      {"/ws/notifications" (ig/ref :app.notifications/handler)}}

-    :app.http.session/gc-task
-    {:pool        (ig/ref :app.db/pool)
-     :max-age     (:http-session-idle-max-age config)}
+   :app.http/router
+   {:rpc         (ig/ref :app.rpc/rpc)
+    :session     (ig/ref :app.http.session/session)
+    :tokens      (ig/ref :app.tokens/tokens)
+    :public-uri  (cf/get :public-uri)
+    :metrics     (ig/ref :app.metrics/metrics)
+    :oauth       (ig/ref :app.http.oauth/handlers)
+    :assets      (ig/ref :app.http.assets/handlers)
+    :storage     (ig/ref :app.storage/storage)
+    :sns-webhook (ig/ref :app.http.awsns/handler)
+    :feedback    (ig/ref :app.http.feedback/handler)
+    :error-report-handler (ig/ref :app.loggers.mattermost/handler)}

-    :app.http.session/updater
-    {:pool           (ig/ref :app.db/pool)
-     :metrics        (ig/ref :app.metrics/metrics)
-     :executor       (ig/ref :app.worker/executor)
-     :session        (ig/ref :app.http.session/session)
-     :max-batch-age  (:http-session-updater-batch-max-age config)
-     :max-batch-size (:http-session-updater-batch-max-size config)}
+   :app.http.assets/handlers
+   {:metrics           (ig/ref :app.metrics/metrics)
+    :assets-path       (cf/get :assets-path)
+    :storage           (ig/ref :app.storage/storage)
+    :cache-max-age     (dt/duration {:hours 24})
+    :signature-max-age (dt/duration {:hours 24 :minutes 5})}

-    :app.http.awsns/handler
-    {:tokens  (ig/ref :app.tokens/tokens)
-     :pool    (ig/ref :app.db/pool)}
+   :app.http.feedback/handler
+   {:pool (ig/ref :app.db/pool)}

-    :app.http/server
-    {:port    (:http-server-port config)
-     :handler (ig/ref :app.http/router)
-     :metrics (ig/ref :app.metrics/metrics)
-     :ws      {"/ws/notifications" (ig/ref :app.notifications/handler)}}
+   :app.http.oauth/handlers
+   {:rpc           (ig/ref :app.rpc/rpc)
+    :session       (ig/ref :app.http.session/session)
+    :tokens        (ig/ref :app.tokens/tokens)
+    :public-uri    (cf/get :public-uri)}

-    :app.http/router
-    {:rpc         (ig/ref :app.rpc/rpc)
-     :session     (ig/ref :app.http.session/session)
-     :tokens      (ig/ref :app.tokens/tokens)
-     :public-uri  (:public-uri config)
-     :metrics     (ig/ref :app.metrics/metrics)
-     :oauth       (ig/ref :app.http.oauth/all)
-     :assets      (ig/ref :app.http.assets/handlers)
-     :svgparse    (ig/ref :app.svgparse/handler)
-     :storage     (ig/ref :app.storage/storage)
-     :sns-webhook (ig/ref :app.http.awsns/handler)
-     :feedback    (ig/ref :app.http.feedback/handler)
-     :error-report-handler (ig/ref :app.loggers.mattermost/handler)}
+   ;; RLimit definition for password hashing
+   :app.rlimits/password
+   (cf/get :rlimits-password)

-    :app.http.assets/handlers
-    {:metrics           (ig/ref :app.metrics/metrics)
-     :assets-path       (:assets-path config)
-     :storage           (ig/ref :app.storage/storage)
-     :cache-max-age     (dt/duration {:hours 24})
-     :signature-max-age (dt/duration {:hours 24 :minutes 5})}
+   ;; RLimit definition for image processing
+   :app.rlimits/image
+   (cf/get :rlimits-image)

-    :app.http.feedback/handler
-    {:pool (ig/ref :app.db/pool)}
+   ;; A collection of rlimits as hash-map.
+   :app.rlimits/all
+   {:password (ig/ref :app.rlimits/password)
+    :image    (ig/ref :app.rlimits/image)}

-    :app.http.oauth/all
-    {:google (ig/ref :app.http.oauth/google)
-     :gitlab (ig/ref :app.http.oauth/gitlab)
-     :github (ig/ref :app.http.oauth/github)}
+   :app.rpc/rpc
+   {:pool       (ig/ref :app.db/pool)
+    :session    (ig/ref :app.http.session/session)
+    :tokens     (ig/ref :app.tokens/tokens)
+    :metrics    (ig/ref :app.metrics/metrics)
+    :storage    (ig/ref :app.storage/storage)
+    :msgbus     (ig/ref :app.msgbus/msgbus)
+    :rlimits    (ig/ref :app.rlimits/all)
+    :public-uri (cf/get :public-uri)}

-    :app.http.oauth/google
-    {:rpc           (ig/ref :app.rpc/rpc)
-     :session       (ig/ref :app.http.session/session)
-     :tokens        (ig/ref :app.tokens/tokens)
-     :public-uri    (:public-uri config)
-     :client-id     (:google-client-id config)
-     :client-secret (:google-client-secret config)}
+   :app.notifications/handler
+   {:msgbus   (ig/ref :app.msgbus/msgbus)
+    :pool     (ig/ref :app.db/pool)
+    :session  (ig/ref :app.http.session/session)
+    :metrics  (ig/ref :app.metrics/metrics)
+    :executor (ig/ref :app.worker/executor)}

-    :app.http.oauth/github
-    {:rpc           (ig/ref :app.rpc/rpc)
-     :session       (ig/ref :app.http.session/session)
-     :tokens        (ig/ref :app.tokens/tokens)
-     :public-uri    (:public-uri config)
-     :client-id     (:github-client-id config)
-     :client-secret (:github-client-secret config)}
+   :app.worker/executor
+   {:min-threads 0
+    :max-threads 256
+    :idle-timeout 60000
+    :name :worker}

-    :app.http.oauth/gitlab
-    {:rpc           (ig/ref :app.rpc/rpc)
-     :session       (ig/ref :app.http.session/session)
-     :tokens        (ig/ref :app.tokens/tokens)
-     :public-uri    (:public-uri config)
-     :base-uri      (:gitlab-base-uri config)
-     :client-id     (:gitlab-client-id config)
-     :client-secret (:gitlab-client-secret config)}
+   :app.worker/worker
+   {:executor (ig/ref :app.worker/executor)
+    :tasks    (ig/ref :app.worker/registry)
+    :metrics  (ig/ref :app.metrics/metrics)
+    :pool     (ig/ref :app.db/pool)}

-    :app.svgparse/svgc
-    {:metrics (ig/ref :app.metrics/metrics)}
+   :app.worker/scheduler
+   {:executor   (ig/ref :app.worker/executor)
+    :tasks      (ig/ref :app.worker/registry)
+    :pool       (ig/ref :app.db/pool)
+    :schedule
+    [{:cron #app/cron "0 0 0 */1 * ? *" ;; daily
+      :task :file-media-gc}

-    ;; HTTP Handler for SVG parsing
-    :app.svgparse/handler
-    {:metrics (ig/ref :app.metrics/metrics)
-     :svgc    (ig/ref :app.svgparse/svgc)}
+     {:cron #app/cron "0 0 */1 * * ?"  ;; hourly
+      :task :file-xlog-gc}

-    ;; RLimit definition for password hashing
-    :app.rlimits/password
-    (:rlimits-password config)
+     {:cron #app/cron "0 0 1 */1 * ?"  ;; daily (1 hour shift)
+      :task :storage-deleted-gc}

-    ;; RLimit definition for image processing
-    :app.rlimits/image
-    (:rlimits-image config)
+     {:cron #app/cron "0 0 2 */1 * ?"  ;; daily (2 hour shift)
+      :task :storage-touched-gc}

-    ;; A collection of rlimits as hash-map.
-    :app.rlimits/all
-    {:password (ig/ref :app.rlimits/password)
-     :image    (ig/ref :app.rlimits/image)}
+     {:cron #app/cron "0 0 3 */1 * ?"  ;; daily (3 hour shift)
+      :task :session-gc}

-    :app.rpc/rpc
-    {:pool    (ig/ref :app.db/pool)
-     :session (ig/ref :app.http.session/session)
-     :tokens  (ig/ref :app.tokens/tokens)
-     :metrics (ig/ref :app.metrics/metrics)
-     :storage (ig/ref :app.storage/storage)
-     :msgbus  (ig/ref :app.msgbus/msgbus)
-     :rlimits (ig/ref :app.rlimits/all)
-     :svgc    (ig/ref :app.svgparse/svgc)}
+     {:cron #app/cron "0 0 */1 * * ?"  ;; hourly
+      :task :storage-recheck}

-    :app.notifications/handler
-    {:msgbus   (ig/ref :app.msgbus/msgbus)
-     :pool     (ig/ref :app.db/pool)
-     :session  (ig/ref :app.http.session/session)
-     :metrics  (ig/ref :app.metrics/metrics)
-     :executor (ig/ref :app.worker/executor)}
+     {:cron #app/cron "0 0 0 */1 * ?"  ;; daily
+      :task :tasks-gc}

-    :app.worker/executor
-    {:name "worker"}
+     (when (cf/get :telemetry-enabled)
+       {:cron #app/cron "0 0 */6 * * ?" ;; every 6h
+        :task :telemetry})]}

-    :app.worker/worker
-    {:executor   (ig/ref :app.worker/executor)
-     :pool       (ig/ref :app.db/pool)
-     :tasks      (ig/ref :app.tasks/registry)}
+   :app.worker/registry
+   {:metrics (ig/ref :app.metrics/metrics)
+    :tasks
+    {:sendmail           (ig/ref :app.emails/sendmail-handler)
+     :delete-object      (ig/ref :app.tasks.delete-object/handler)
+     :delete-profile     (ig/ref :app.tasks.delete-profile/handler)
+     :file-media-gc      (ig/ref :app.tasks.file-media-gc/handler)
+     :file-xlog-gc       (ig/ref :app.tasks.file-xlog-gc/handler)
+     :storage-deleted-gc (ig/ref :app.storage/gc-deleted-task)
+     :storage-touched-gc (ig/ref :app.storage/gc-touched-task)
+     :storage-recheck    (ig/ref :app.storage/recheck-task)
+     :tasks-gc           (ig/ref :app.tasks.tasks-gc/handler)
+     :telemetry          (ig/ref :app.tasks.telemetry/handler)
+     :session-gc         (ig/ref :app.http.session/gc-task)}}

-    :app.worker/scheduler
-    {:executor   (ig/ref :app.worker/executor)
-     :pool       (ig/ref :app.db/pool)
-     :tasks      (ig/ref :app.tasks/registry)
-     :schedule
-     [{:id "file-media-gc"
-       :cron #app/cron "0 0 0 */1 * ? *" ;; daily
-       :task :file-media-gc}
+   :app.emails/sendmail-handler
+   {:host             (cf/get :smtp-host)
+    :port             (cf/get :smtp-port)
+    :ssl              (cf/get :smtp-ssl)
+    :tls              (cf/get :smtp-tls)
+    :enabled          (cf/get :smtp-enabled)
+    :username         (cf/get :smtp-username)
+    :password         (cf/get :smtp-password)
+    :metrics          (ig/ref :app.metrics/metrics)
+    :default-reply-to (cf/get :smtp-default-reply-to)
+    :default-from     (cf/get :smtp-default-from)}

-      {:id "file-xlog-gc"
-       :cron #app/cron "0 0 */1 * * ?"  ;; hourly
-       :task :file-xlog-gc}
+   :app.tasks.tasks-gc/handler
+   {:pool    (ig/ref :app.db/pool)
+    :max-age (dt/duration {:hours 24})
+    :metrics (ig/ref :app.metrics/metrics)}

-      {:id "storage-deleted-gc"
-       :cron #app/cron "0 0 1 */1 * ?"  ;; daily (1 hour shift)
-       :task :storage-deleted-gc}
+   :app.tasks.delete-object/handler
+   {:pool    (ig/ref :app.db/pool)
+    :metrics (ig/ref :app.metrics/metrics)}

-      {:id "storage-touched-gc"
-       :cron #app/cron "0 0 2 */1 * ?"  ;; daily (2 hour shift)
-       :task :storage-touched-gc}
+   :app.tasks.delete-storage-object/handler
+   {:pool    (ig/ref :app.db/pool)
+    :storage (ig/ref :app.storage/storage)
+    :metrics (ig/ref :app.metrics/metrics)}

-      {:id "session-gc"
-       :cron #app/cron "0 0 3 */1 * ?"  ;; daily (3 hour shift)
-       :task :session-gc}
+   :app.tasks.delete-profile/handler
+   {:pool    (ig/ref :app.db/pool)
+    :metrics (ig/ref :app.metrics/metrics)}

-      {:id "storage-recheck"
-       :cron #app/cron "0 0 */1 * * ?"  ;; hourly
-       :task :storage-recheck}
+   :app.tasks.file-media-gc/handler
+   {:pool    (ig/ref :app.db/pool)
+    :metrics (ig/ref :app.metrics/metrics)
+    :max-age (dt/duration {:hours 48})}

-      {:id "tasks-gc"
-       :cron #app/cron "0 0 0 */1 * ?"  ;; daily
-       :task :tasks-gc}
+   :app.tasks.file-xlog-gc/handler
+   {:pool    (ig/ref :app.db/pool)
+    :metrics (ig/ref :app.metrics/metrics)
+    :max-age (dt/duration {:hours 48})}

-      (when (:telemetry-enabled config)
-        {:id   "telemetry"
-         :cron #app/cron "0 0 */6 * * ?" ;; every 6h
-         :uri  (:telemetry-uri config)
-         :task :telemetry})]}
+   :app.tasks.telemetry/handler
+   {:pool        (ig/ref :app.db/pool)
+    :version     (:full cf/version)
+    :uri         (cf/get :telemetry-uri)
+    :sprops      (ig/ref :app.setup/props)}

-    :app.tasks/registry
-    {:metrics (ig/ref :app.metrics/metrics)
-     :tasks
-     {:sendmail           (ig/ref :app.tasks.sendmail/handler)
-      :delete-object      (ig/ref :app.tasks.delete-object/handler)
-      :delete-profile     (ig/ref :app.tasks.delete-profile/handler)
-      :file-media-gc      (ig/ref :app.tasks.file-media-gc/handler)
-      :file-xlog-gc       (ig/ref :app.tasks.file-xlog-gc/handler)
-      :storage-deleted-gc (ig/ref :app.storage/gc-deleted-task)
-      :storage-touched-gc (ig/ref :app.storage/gc-touched-task)
-      :storage-recheck    (ig/ref :app.storage/recheck-task)
-      :tasks-gc           (ig/ref :app.tasks.tasks-gc/handler)
-      :telemetry          (ig/ref :app.tasks.telemetry/handler)
-      :session-gc         (ig/ref :app.http.session/gc-task)}}
+   :app.srepl/server
+   {:port (cf/get :srepl-port)
+    :host (cf/get :srepl-host)}

-    :app.tasks.sendmail/handler
-    {:host             (:smtp-host config)
-     :port             (:smtp-port config)
-     :ssl              (:smtp-ssl config)
-     :tls              (:smtp-tls config)
-     :enabled          (:smtp-enabled config)
-     :username         (:smtp-username config)
-     :password         (:smtp-password config)
-     :metrics          (ig/ref :app.metrics/metrics)
-     :default-reply-to (:smtp-default-reply-to config)
-     :default-from     (:smtp-default-from config)}
+   :app.setup/props
+   {:pool (ig/ref :app.db/pool)}

-    :app.tasks.tasks-gc/handler
-    {:pool    (ig/ref :app.db/pool)
-     :max-age (dt/duration {:hours 24})
-     :metrics (ig/ref :app.metrics/metrics)}
+   :app.loggers.zmq/receiver
+   {:endpoint (cf/get :loggers-zmq-uri)}

-    :app.tasks.delete-object/handler
-    {:pool    (ig/ref :app.db/pool)
-     :metrics (ig/ref :app.metrics/metrics)}
+   :app.loggers.loki/reporter
+   {:uri      (cf/get :loggers-loki-uri)
+    :receiver (ig/ref :app.loggers.zmq/receiver)
+    :executor (ig/ref :app.worker/executor)}

-    :app.tasks.delete-storage-object/handler
-    {:pool    (ig/ref :app.db/pool)
-     :storage (ig/ref :app.storage/storage)
-     :metrics (ig/ref :app.metrics/metrics)}
+   :app.loggers.mattermost/reporter
+   {:uri      (cf/get :error-report-webhook)
+    :receiver (ig/ref :app.loggers.zmq/receiver)
+    :pool     (ig/ref :app.db/pool)
+    :executor (ig/ref :app.worker/executor)}

-    :app.tasks.delete-profile/handler
-    {:pool    (ig/ref :app.db/pool)
-     :metrics (ig/ref :app.metrics/metrics)}
+   :app.loggers.mattermost/handler
+   {:pool (ig/ref :app.db/pool)}

-    :app.tasks.file-media-gc/handler
-    {:pool    (ig/ref :app.db/pool)
-     :metrics (ig/ref :app.metrics/metrics)
-     :max-age (dt/duration {:hours 48})}
+   :app.storage/storage
+   {:pool     (ig/ref :app.db/pool)
+    :executor (ig/ref :app.worker/executor)
+    :backend  (cf/get :storage-backend :fs)
+    :backends {:s3  (ig/ref [::main :app.storage.s3/backend])
+               :db  (ig/ref [::main :app.storage.db/backend])
+               :fs  (ig/ref [::main :app.storage.fs/backend])
+               :tmp (ig/ref [::tmp  :app.storage.fs/backend])}}

-    :app.tasks.file-xlog-gc/handler
-    {:pool    (ig/ref :app.db/pool)
-     :metrics (ig/ref :app.metrics/metrics)
-     :max-age (dt/duration {:hours 48})}
+   [::main :app.storage.s3/backend]
+   {:region (cf/get :storage-s3-region)
+    :bucket (cf/get :storage-s3-bucket)}

-    :app.tasks.telemetry/handler
-    {:pool        (ig/ref :app.db/pool)
-     :version     (:full cfg/version)
-     :uri         (:telemetry-uri config)
-     :sprops      (ig/ref :app.setup/props)}
+   [::main :app.storage.fs/backend]
+   {:directory (cf/get :storage-fs-directory)}

-    :app.srepl/server
-    {:port (:srepl-port config)
-     :host (:srepl-host config)}
+   [::tmp :app.storage.fs/backend]
+   {:directory "/tmp/penpot"}

-    :app.setup/props
-    {:pool (ig/ref :app.db/pool)}
-
-    :app.loggers.zmq/receiver
-    {:endpoint (:loggers-zmq-uri config)}
-
-    :app.loggers.loki/reporter
-    {:uri      (:loggers-loki-uri config)
-     :receiver (ig/ref :app.loggers.zmq/receiver)
-     :executor (ig/ref :app.worker/executor)}
-
-    :app.loggers.mattermost/reporter
-    {:uri      (:error-report-webhook config)
-     :receiver (ig/ref :app.loggers.zmq/receiver)
-     :pool     (ig/ref :app.db/pool)
-     :executor (ig/ref :app.worker/executor)}
-
-    :app.loggers.mattermost/handler
-    {:pool (ig/ref :app.db/pool)}
-
-    :app.storage/storage
-    {:pool     (ig/ref :app.db/pool)
-     :executor (ig/ref :app.worker/executor)
-     :backend  (:storage-backend config :fs)
-     :backends {:s3  (ig/ref [::main :app.storage.s3/backend])
-                :db  (ig/ref [::main :app.storage.db/backend])
-                :fs  (ig/ref [::main :app.storage.fs/backend])
-                :tmp (ig/ref [::tmp  :app.storage.fs/backend])}}
-
-    [::main :app.storage.s3/backend]
-    {:region (:storage-s3-region config)
-     :bucket (:storage-s3-bucket config)}
-
-    [::main :app.storage.fs/backend]
-    {:directory (:storage-fs-directory config)}
-
-    [::tmp :app.storage.fs/backend]
-    {:directory "/tmp/penpot"}
-
-    [::main :app.storage.db/backend]
-    {:pool (ig/ref :app.db/pool)}}
-
-   (when (:telemetry-server-enabled config)
-     {:app.telemetry/handler
-      {:pool     (ig/ref :app.db/pool)
-       :executor (ig/ref :app.worker/executor)}
-
-      :app.telemetry/server
-      {:port    (:telemetry-server-port config 6063)
-       :handler (ig/ref :app.telemetry/handler)
-       :name    "telemetry"}})))
+   [::main :app.storage.db/backend]
+   {:pool (ig/ref :app.db/pool)}})

 (defmethod ig/init-key :default [_ data] data)
 (defmethod ig/prep-key :default
@@ -368,15 +304,14 @@

 (defn start
  []
-  (let [system-config (build-system-config cfg/config)]
-    (ig/load-namespaces system-config)
-    (alter-var-root #'system (fn [sys]
-                               (when sys (ig/halt! sys))
-                               (-> system-config
-                                   (ig/prep)
-                                   (ig/init))))
-    (log/infof "welcome to penpot (version: '%s')"
-               (:full cfg/version))))
+  (ig/load-namespaces system-config)
+  (alter-var-root #'system (fn [sys]
+                             (when sys (ig/halt! sys))
+                             (-> system-config
+                                 (ig/prep)
+                                 (ig/init))))
+  (l/info :msg "welcome to penpot"
+          :version (:full cf/version)))

 (defn stop
  []
@@ -384,14 +319,6 @@
                             (when sys (ig/halt! sys))
                             nil)))

-(prefer-method print-method
-               clojure.lang.IRecord
-               clojure.lang.IDeref)
-
-(prefer-method pprint/simple-dispatch
-               clojure.lang.IPersistentMap
-               clojure.lang.IDeref)
-
 (defn -main
  [& _args]
  (start))
--- a/backend/src/app/media.clj
+++ b/backend/src/app/media.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.media
  "Media postprocessing."
@@ -15,7 +12,7 @@
   [app.common.media :as cm]
   [app.common.spec :as us]
   [app.rlimits :as rlm]
-   [app.svgparse :as svg]
+   [app.rpc.queries.svg :as svg]
   [clojure.spec.alpha :as s]
   [cuerdas.core :as str]
   [datoteka.core :as fs])
@@ -157,8 +154,11 @@
                    :code :media-type-mismatch
                    :hint (str "Seems like you are uploading a file whose content does not match the extension."
                               "Expected: " mtype ". Got: " mtype')))
-        {:width  (.getImageWidth instance)
-         :height (.getImageHeight instance)
+        ;; For an animated GIF, getImageWidth/Height returns the delta size of one frame (if no frame given
+        ;; it returns size of the last one), whereas getPageWidth/Height always return the full size of
+        ;; any frame.
+        {:width  (.getPageWidth instance)
+         :height (.getPageHeight instance)
         :mtype  mtype}))))

 (defmethod process :default
@@ -185,8 +185,9 @@
 ;; --- Utility functions

 (defn validate-media-type
-  [media-type]
-  (when-not (cm/valid-media-types media-type)
-    (ex/raise :type :validation
-              :code :media-type-not-allowed
-              :hint "Seems like you are uploading an invalid media object")))
+  ([mtype] (validate-media-type mtype cm/valid-media-types))
+  ([mtype allowed]
+   (when-not (contains? allowed mtype)
+     (ex/raise :type :validation
+               :code :media-type-not-allowed
+               :hint "Seems like you are uploading an invalid media object"))))
--- a/backend/src/app/metrics.clj
+++ b/backend/src/app/metrics.clj
@@ -2,16 +2,13 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.metrics
  (:require
   [app.common.exceptions :as ex]
+   [app.util.logging :as l]
   [clojure.spec.alpha :as s]
-   [clojure.tools.logging :as log]
   [integrant.core :as ig])
  (:import
   io.prometheus.client.CollectorRegistry
@@ -50,7 +47,7 @@

 (defmethod ig/init-key ::metrics
  [_ {:keys [definitions] :as cfg}]
-  (log/infof "Initializing prometheus registry and instrumentation.")
+  (l/info :action "initialize metrics")
  (let [registry    (create-registry)
        definitions (reduce-kv (fn [res k v]
                                 (->> (assoc v :registry registry)
--- a/backend/src/app/migrations.clj
+++ b/backend/src/app/migrations.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.migrations
  (:require
@@ -163,6 +160,12 @@

   {:name "0050-mod-server-prop-table"
    :fn (mg/resource "app/migrations/sql/0050-mod-server-prop-table.sql")}
+
+   {:name "0051-mod-file-library-rel-table"
+    :fn (mg/resource "app/migrations/sql/0051-mod-file-library-rel-table.sql")}
+
+   {:name "0052-del-legacy-user-and-team"
+    :fn (mg/resource "app/migrations/sql/0052-del-legacy-user-and-team.sql")}
   ])


--- a/backend/src/app/migrations/migration_0023.clj
+++ b/backend/src/app/migrations/migration_0023.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.migrations.migration-0023
  (:require
--- a/backend/src/app/migrations/sql/0051-mod-file-library-rel-table.sql
+++ b/backend/src/app/migrations/sql/0051-mod-file-library-rel-table.sql
@@ -0,0 +1,4 @@
+ALTER TABLE file_library_rel
+ DROP CONSTRAINT file_library_rel_library_file_id_fkey,
+  ADD CONSTRAINT file_library_rel_library_file_id_fkey
+         FOREIGN KEY (library_file_id) REFERENCES file(id) ON DELETE CASCADE DEFERRABLE;
--- a/backend/src/app/migrations/sql/0052-del-legacy-user-and-team.sql
+++ b/backend/src/app/migrations/sql/0052-del-legacy-user-and-team.sql
@@ -0,0 +1,2 @@
+DELETE FROM team WHERE id = '00000000-0000-0000-0000-000000000000';
+DELETE FROM profile WHERE id = '00000000-0000-0000-0000-000000000000';
--- a/backend/src/app/msgbus.clj
+++ b/backend/src/app/msgbus.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.msgbus
  "The msgbus abstraction implemented using redis as underlying backend."
@@ -14,10 +11,10 @@
   [app.common.spec :as us]
   [app.config :as cfg]
   [app.util.blob :as blob]
+   [app.util.logging :as l]
   [app.util.time :as dt]
   [clojure.core.async :as a]
   [clojure.spec.alpha :as s]
-   [clojure.tools.logging :as log]
   [integrant.core :as ig]
   [promesa.core :as p])
  (:import
@@ -33,56 +30,50 @@
   io.lettuce.core.pubsub.StatefulRedisPubSubConnection
   io.lettuce.core.pubsub.api.async.RedisPubSubAsyncCommands))

-(declare impl-publish-loop)
-(declare impl-redis-pub)
-(declare impl-redis-sub)
-(declare impl-redis-unsub)
-(declare impl-subscribe-loop)
+(def ^:private prefix (cfg/get :tenant))

+(defn- prefix-topic
+  [topic]
+  (str prefix "." topic))

-;; --- STATE INIT: Publisher
+(def xform-prefix (map prefix-topic))
+(def xform-topics (map (fn [m] (update m :topics #(into #{} xform-prefix %)))))
+(def xform-topic  (map (fn [m] (update m :topic prefix-topic))))

-(s/def ::uri ::us/string)
+(s/def ::redis-uri ::us/string)
 (s/def ::buffer-size ::us/integer)

+(defmulti init-backend :backend)
+(defmulti stop-backend :backend)
+(defmulti init-pub-loop :backend)
+(defmulti init-sub-loop :backend)
+
 (defmethod ig/pre-init-spec ::msgbus [_]
-  (s/keys :req-un [::uri]
-          :opt-un [::buffer-size]))
+  (s/keys :opt-un [::buffer-size ::redis-uri]))

 (defmethod ig/prep-key ::msgbus
  [_ cfg]
  (merge {:buffer-size 128} cfg))

 (defmethod ig/init-key ::msgbus
-  [_ {:keys [uri buffer-size] :as cfg}]
-  (let [codec    (RedisCodec/of StringCodec/UTF8 ByteArrayCodec/INSTANCE)
-
-        uri      (RedisURI/create uri)
-        rclient  (RedisClient/create ^RedisURI uri)
-
-        snd-conn (.connect ^RedisClient rclient ^RedisCodec codec)
-        rcv-conn (.connectPubSub ^RedisClient rclient ^RedisCodec codec)
+  [_ {:keys [backend buffer-size] :as cfg}]
+  (l/debug :action "initialize msgbus"
+           :backend (name backend))
+  (let [cfg     (init-backend cfg)

        ;; Channel used for receive publications from the application.
-        pub-chan (a/chan (a/dropping-buffer buffer-size))
-
-        ;; Channel used for receive data from redis
-        rcv-chan (a/chan (a/dropping-buffer buffer-size))
+        pub-ch  (-> (a/dropping-buffer buffer-size)
+                    (a/chan xform-topic))

        ;; Channel used for receive subscription requests.
-        sub-chan (a/chan)
-        cch      (a/chan 1)]
+        sub-ch  (a/chan 1 xform-topics)

-    (.setTimeout ^StatefulRedisConnection snd-conn ^Duration (dt/duration {:seconds 10}))
-    (.setTimeout ^StatefulRedisPubSubConnection rcv-conn ^Duration (dt/duration {:seconds 10}))
+        cfg     (-> cfg
+                    (assoc ::pub-ch pub-ch)
+                    (assoc ::sub-ch sub-ch))]

-    (log/debugf "initializing msgbus (uri: '%s')" (str uri))
-
-    ;; Start the sending (publishing) loop
-    (impl-publish-loop snd-conn pub-chan cch)
-
-    ;; Start the receiving (subscribing) loop
-    (impl-subscribe-loop rcv-conn rcv-chan sub-chan cch)
+    (init-pub-loop cfg)
+    (init-sub-loop cfg)

    (with-meta
      (fn run
@@ -90,159 +81,213 @@
        ([command params]
         (a/go
           (case command
-             :pub (a/>! pub-chan params)
-             :sub (a/>! sub-chan params)))))
-
-      {::snd-conn snd-conn
-       ::rcv-conn rcv-conn
-       ::cch cch
-       ::pub-chan pub-chan
-       ::rcv-chan rcv-chan})))
+             :pub (a/>! pub-ch params)
+             :sub (a/>! sub-ch params)))))
+      cfg)))

 (defmethod ig/halt-key! ::msgbus
  [_ f]
  (let [mdata (meta f)]
-    (.close ^StatefulRedisConnection (::snd-conn mdata))
-    (.close ^StatefulRedisPubSubConnection (::rcv-conn mdata))
-    (a/close! (::cch mdata))
-    (a/close! (::pub-chan mdata))
-    (a/close! (::rcv-chan mdata))))
+    (stop-backend mdata)
+    (a/close! (::pub-ch mdata))
+    (a/close! (::sub-ch mdata))))

-(defn- impl-publish-loop
-  [conn pub-chan cch]
-  (let [rac (.async ^StatefulRedisConnection conn)]
+;; --- IN-MEMORY BACKEND IMPL
+
+(defmethod init-backend :memory [cfg] cfg)
+(defmethod stop-backend :memory [_])
+(defmethod init-pub-loop :memory [_])
+
+(defmethod init-sub-loop :memory
+  [{:keys [::sub-ch ::pub-ch]}]
+  (a/go-loop [state {}]
+    (let [[val port] (a/alts! [pub-ch sub-ch])]
+      (cond
+        (and (= port sub-ch) (some? val))
+        (let [{:keys [topics chan]} val]
+          (recur (reduce #(update %1 %2 (fnil conj #{}) chan) state topics)))
+
+        (and (= port pub-ch) (some? val))
+        (let [topic   (:topic val)
+              message (:message val)
+              state   (loop [state state
+                             chans (get state topic)]
+                        (if-let [c (first chans)]
+                          (if (a/>! c message)
+                            (recur state (rest chans))
+                            (recur (update state topic disj c)
+                                   (rest chans)))
+                          state))]
+          (recur state))
+
+        :else
+        (->> (vals state)
+             (mapcat identity)
+             (run! a/close!))))))
+
+
+;; Add a unique listener to connection
+
+;; --- REDIS BACKEND IMPL
+
+(declare impl-redis-pub)
+(declare impl-redis-sub)
+(declare impl-redis-unsub)
+
+(defmethod init-backend :redis
+  [{:keys [redis-uri] :as cfg}]
+  (let [codec    (RedisCodec/of StringCodec/UTF8 ByteArrayCodec/INSTANCE)
+
+        uri      (RedisURI/create redis-uri)
+        rclient  (RedisClient/create ^RedisURI uri)
+
+        pub-conn (.connect ^RedisClient rclient ^RedisCodec codec)
+        sub-conn (.connectPubSub ^RedisClient rclient ^RedisCodec codec)]
+
+    (.setTimeout ^StatefulRedisConnection pub-conn ^Duration (dt/duration {:seconds 10}))
+    (.setTimeout ^StatefulRedisPubSubConnection sub-conn ^Duration (dt/duration {:seconds 10}))
+
+    (-> cfg
+        (assoc ::pub-conn pub-conn)
+        (assoc ::sub-conn sub-conn))))
+
+(defmethod stop-backend :redis
+  [{:keys [::pub-conn ::sub-conn] :as cfg}]
+  (.close ^StatefulRedisConnection pub-conn)
+  (.close ^StatefulRedisPubSubConnection sub-conn))
+
+(defmethod init-pub-loop :redis
+  [{:keys [::pub-conn ::pub-ch]}]
+  (let [rac (.async ^StatefulRedisConnection pub-conn)]
    (a/go-loop []
-      (let [[val _] (a/alts! [cch pub-chan] :priority true)]
-        (when (some? val)
-          (let [result (a/<! (impl-redis-pub rac val))]
-            (when (ex/exception? result)
-              (log/error result "unexpected error on publish message to redis")))
-          (recur))))))
+      (when-let [val (a/<! pub-ch)]
+        (let [result (a/<! (impl-redis-pub rac val))]
+          (when (ex/exception? result)
+            (l/error :cause result
+                     :hint "unexpected error on publish message to redis")))
+        (recur)))))

-(defn- impl-subscribe-loop
-  [conn rcv-chan sub-chan cch]
-  ;; Add a unique listener to connection
-  (.addListener conn (reify RedisPubSubListener
-                       (message [it pattern topic message])
-                       (message [it topic message]
-                         ;; There are no back pressure, so we use a slidding
-                         ;; buffer for cases when the pubsub broker sends
-                         ;; more messages that we can process.
-                         (let [val {:topic topic :message (blob/decode message)}]
-                           (when-not (a/offer! rcv-chan val)
-                             (log/warn "dropping message on subscription loop"))))
-                       (psubscribed [it pattern count])
-                       (punsubscribed [it pattern count])
-                       (subscribed [it topic count])
-                       (unsubscribed [it topic count])))
+(defmethod init-sub-loop :redis
+  [{:keys [::sub-conn ::sub-ch buffer-size]}]
+  (let [rcv-ch  (a/chan (a/dropping-buffer buffer-size))
+        chans   (agent {} :error-handler #(l/error :cause % :hint "unexpected error on agent"))
+        rac     (.async ^StatefulRedisPubSubConnection sub-conn)]

-  (let [chans   (agent {} :error-handler #(log/error % "unexpected error on agent"))
-        tprefix (str (cfg/get :tenant) ".")
+    ;; Add a unique listener to connection
+    (.addListener sub-conn
+                  (reify RedisPubSubListener
+                    (message [it pattern topic message])
+                    (message [it topic message]
+                      ;; There are no back pressure, so we use a slidding
+                      ;; buffer for cases when the pubsub broker sends
+                      ;; more messages that we can process.
+                      (let [val {:topic topic :message (blob/decode message)}]
+                        (when-not (a/offer! rcv-ch val)
+                          (l/warn :msg "dropping message on subscription loop"))))
+                    (psubscribed [it pattern count])
+                    (punsubscribed [it pattern count])
+                    (subscribed [it topic count])
+                    (unsubscribed [it topic count])))

-        subscribe-to-single-topic
-        (fn [nsubs topic chan]
-          (let [nsubs (if (nil? nsubs) #{chan} (conj nsubs chan))]
-            (when (= 1 (count nsubs))
-              (let [result (a/<!! (impl-redis-sub conn topic))]
-                (log/tracef "opening subscription to %s" topic)
-                (when (ex/exception? result)
-                  (log/errorf result "unexpected exception on subscribing to '%s'" topic))))
-            nsubs))
+    (letfn [(subscribe-to-single-topic [nsubs topic chan]
+              (let [nsubs (if (nil? nsubs) #{chan} (conj nsubs chan))]
+                (when (= 1 (count nsubs))
+                  (let [result (a/<!! (impl-redis-sub rac topic))]
+                    (l/trace :action "open subscription"
+                             :topic topic)
+                    (when (ex/exception? result)
+                      (l/error :cause result
+                               :hint "unexpected exception on subscribing"
+                               :topic topic))))
+                nsubs))

-        subscribe-to-topics
-        (fn [state topics chan]
-          (let [state  (update state :chans assoc chan topics)]
-            (reduce (fn [state topic]
-                      (update-in state [:topics topic] subscribe-to-single-topic topic chan))
-                    state
-                    topics)))
+            (subscribe-to-topics [state topics chan]
+              (let [state  (update state :chans assoc chan topics)]
+                (reduce (fn [state topic]
+                          (update-in state [:topics topic] subscribe-to-single-topic topic chan))
+                        state
+                        topics)))

-        unsubscribe-from-single-topic
-        (fn [nsubs topic chan]
-          (let [nsubs (disj nsubs chan)]
-            (when (empty? nsubs)
-              (let [result (a/<!! (impl-redis-unsub conn topic))]
-                (log/tracef "closing subscription to %s" topic)
-                (when (ex/exception? result)
-                  (log/errorf result "unexpected exception on unsubscribing from '%s'" topic))))
-            nsubs))
+            (unsubscribe-from-single-topic [nsubs topic chan]
+              (let [nsubs (disj nsubs chan)]
+                (when (empty? nsubs)
+                  (let [result (a/<!! (impl-redis-unsub rac topic))]
+                    (l/trace :action "close subscription"
+                             :topic topic)
+                    (when (ex/exception? result)
+                      (l/error :cause result
+                               :hint "unexpected exception on unsubscribing"
+                               :topic topic))))
+                nsubs))

-        unsubscribe-channels
-        (fn [state pending]
-          (reduce (fn [state ch]
-                    (let [topics (get-in state [:chans ch])
-                          state  (update state :chans dissoc ch)]
-                      (reduce (fn [state topic]
-                                (update-in state [:topics topic] unsubscribe-from-single-topic topic ch))
-                              state
-                              topics)))
-                  state
-                  pending))]
+            (unsubscribe-channels [state pending]
+              (reduce (fn [state ch]
+                        (let [topics (get-in state [:chans ch])
+                              state  (update state :chans dissoc ch)]
+                          (reduce (fn [state topic]
+                                    (update-in state [:topics topic] unsubscribe-from-single-topic topic ch))
+                                  state
+                                  topics)))
+                      state
+                      pending))]

-    ;; Asynchronous subscription loop; terminates when sub-chan is
-    ;; closed.
-    (a/go-loop []
-      (when-let [{:keys [topics chan]} (a/<! sub-chan)]
-        (let [topics (into #{} (map #(str tprefix %)) topics)]
-          (send-off chans subscribe-to-topics topics chan)
-          (recur))))
-
-    (a/go-loop []
-      (let [[val port] (a/alts! [cch rcv-chan])]
-        (cond
-          ;; Stop condition; close all underlying subscriptions and
-          ;; exit. The close operation is performed asynchronously.
-          (= port cch)
-          (send-off chans (fn [state]
-                            (log/tracef "close")
-                            (->> (vals state)
-                                 (mapcat identity)
-                                 (filter some?)
-                                 (run! a/close!))))
+      ;; Asynchronous subscription loop;
+      (a/go-loop []
+        (if-let [{:keys [topics chan]} (a/<! sub-ch)]
+          (do
+            (send-off chans subscribe-to-topics topics chan)
+            (recur))
+          (a/close! rcv-ch)))

+      ;; Asyncrhonous message processing loop;x
+      (a/go-loop []
+        (if-let [{:keys [topic message]} (a/<! rcv-ch)]
          ;; This means we receive data from redis and we need to
          ;; forward it to the underlying subscriptions.
-          (= port rcv-chan)
-          (let [topic   (:topic val)    ; topic is already string
-                pending (loop [chans   (seq (get-in @chans [:topics topic]))
+          (let [pending (loop [chans   (seq (get-in @chans [:topics topic]))
                               pending #{}]
                          (if-let [ch (first chans)]
-                            (if (a/>! ch (:message val))
+                            (if (a/>! ch message)
                              (recur (rest chans) pending)
                              (recur (rest chans) (conj pending ch)))
                            pending))]
-            ;; (log/tracef "received message => pending: %s" (pr-str pending))
            (some->> (seq pending)
                     (send-off chans unsubscribe-channels))

-            (recur)))))))
+            (recur))
+
+          ;; Stop condition; close all underlying subscriptions and
+          ;; exit. The close operation is performed asynchronously.
+          (send-off chans (fn [state]
+                            (->> (vals state)
+                                 (mapcat identity)
+                                 (filter some?)
+                                 (run! a/close!)))))))))
+

 (defn- impl-redis-pub
-  [rac {:keys [topic message]}]
-  (let [topic   (str (cfg/get :tenant) "." topic)
-        message (blob/encode message)
+  [^RedisAsyncCommands rac {:keys [topic message]}]
+  (let [message (blob/encode message)
        res     (a/chan 1)]
-    (-> (.publish ^RedisAsyncCommands rac ^String topic ^bytes message)
+    (-> (.publish rac ^String topic ^bytes message)
        (p/finally (fn [_ e]
                     (when e (a/>!! res e))
                     (a/close! res))))
    res))

 (defn impl-redis-sub
-  [conn topic]
-  (let [^RedisPubSubAsyncCommands cmd (.async ^StatefulRedisPubSubConnection conn)
-        res (a/chan 1)]
-    (-> (.subscribe cmd (into-array String [topic]))
+  [^RedisPubSubAsyncCommands rac topic]
+  (let [res (a/chan 1)]
+    (-> (.subscribe rac (into-array String [topic]))
        (p/finally (fn [_ e]
                     (when e (a/>!! res e))
                     (a/close! res))))
    res))

 (defn impl-redis-unsub
-  [conn topic]
-  (let [^RedisPubSubAsyncCommands cmd (.async ^StatefulRedisPubSubConnection conn)
-        res (a/chan 1)]
-    (-> (.unsubscribe cmd (into-array String [topic]))
+  [rac topic]
+  (let [res (a/chan 1)]
+    (-> (.unsubscribe rac (into-array String [topic]))
        (p/finally (fn [_ e]
                     (when e (a/>!! res e))
                     (a/close! res))))
--- a/backend/src/app/notifications.clj
+++ b/backend/src/app/notifications.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.notifications
  "A websocket based notifications mechanism."
@@ -14,19 +11,17 @@
   [app.db :as db]
   [app.metrics :as mtx]
   [app.util.async :as aa]
+   [app.util.logging :as l]
   [app.util.time :as dt]
   [app.util.transit :as t]
   [app.worker :as wrk]
   [clojure.core.async :as a]
   [clojure.spec.alpha :as s]
-   [clojure.tools.logging :as log]
   [integrant.core :as ig]
   [ring.adapter.jetty9 :as jetty]
   [ring.middleware.cookies :refer [wrap-cookies]]
   [ring.middleware.keyword-params :refer [wrap-keyword-params]]
-   [ring.middleware.params :refer [wrap-params]])
-  (:import
-   org.eclipse.jetty.websocket.api.WebSocketAdapter))
+   [ring.middleware.params :refer [wrap-params]]))

 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;; Http Handler
@@ -55,7 +50,7 @@

        mtx-messages
        (mtx/create
-         {:name "websocket_message_count"
+         {:name "websocket_message_total"
          :registry (:registry metrics)
          :labels ["op"]
          :type :counter
@@ -151,7 +146,7 @@
                                  :out-ch out-ch
                                  :sub-ch sub-ch)]

-                (log/tracef "on-connect %s" (:session-id cfg))
+                (l/trace :event "connect" :session (:session-id cfg))

                ;; Forward all messages from out-ch to the websocket
                ;; connection
@@ -165,26 +160,30 @@
                  ;; Subscribe to corresponding topics
                  (a/<! (msgbus :sub {:topics [file-id team-id] :chan sub-ch}))
                  (a/<! (handle-connect cfg))
+
+                  ;; when connection is closed
+                  (mtx-aconn :dec)
+                  (mtx-sessions :observe (/ (inst-ms (dt/duration-between created-at (dt/now))) 1000.0))
+
+                  ;; close subscription
                  (a/close! sub-ch))))

-            (on-error [_conn e]
-              (mtx-aconn :dec)
-              (mtx-sessions :observe (/ (inst-ms (dt/duration-between created-at (dt/now))) 1000.0))
-              (log/tracef "on-error %s (%s)" (:session-id cfg) (ex-message e))
+            (on-error [_conn _e]
+              (l/trace :event "error" :session (:session-id cfg))
+
              (a/close! out-ch)
              (a/close! rcv-ch))

            (on-close [_conn _status _reason]
-              (mtx-aconn :dec)
-              (mtx-sessions :observe (/ (inst-ms (dt/duration-between created-at (dt/now))) 1000.0))
-              (log/tracef "on-close %s" (:session-id cfg))
+              (l/trace :event "close" :session (:session-id cfg))
+
              (a/close! out-ch)
              (a/close! rcv-ch))

            (on-message [_ws message]
              (let [message (t/decode-str message)]
                (when-not (a/offer! rcv-ch message)
-                  (log/warn "droping ws input message, channe full"))))]
+                  (l/warn :msg "drop messages"))))]

      {:on-connect on-connect
       :on-error on-error
@@ -194,100 +193,58 @@

 ;; --- CONNECTION INIT

+(declare send-presence)
 (declare handle-message)
 (declare start-loop!)

 (defn- handle-connect
-  [{:keys [conn] :as cfg}]
+  [cfg]
  (a/go
-    (try
-      (aa/<? (handle-message cfg {:type :connect}))
-      (aa/<? (start-loop! cfg))
-      (aa/<? (handle-message cfg {:type :disconnect}))
-      (catch Throwable err
-        (log/errorf err "unexpected exception on websocket handler")
-        (let [session (.getSession ^WebSocketAdapter conn)]
-          (when session
-            (.disconnect session)))))))
+    (a/<! (handle-message cfg {:type :connect}))
+    (a/<! (start-loop! cfg))
+    (a/<! (handle-message cfg {:type :disconnect}))))

 (defn- start-loop!
  [{:keys [rcv-ch out-ch sub-ch session-id] :as cfg}]
-  (aa/go-try
-   (loop []
-     (let [timeout    (a/timeout 30000)
-           [val port] (a/alts! [rcv-ch sub-ch timeout])]
+  (a/go-loop []
+    (let [timeout    (a/timeout 30000)
+          [val port] (a/alts! [rcv-ch sub-ch timeout])]
+      (cond
+        ;; Process message coming from connected client
+        (and (= port rcv-ch) (some? val))
+        (do
+          (a/<! (handle-message cfg val))
+          (recur))

-       (cond
-         ;; Process message coming from connected client
-         (and (= port rcv-ch) (some? val))
-         (do
-           (aa/<? (handle-message cfg val))
-           (recur))
+        ;; Process message coming from pubsub.
+        (and (= port sub-ch) (some? val))
+        (do
+          (when-not (= (:session-id val) session-id)
+            ;; If we receive a connect message of other user, we need
+            ;; to send an update presence to all participants.
+            (when (= :connect (:type val))
+              (a/<! (send-presence cfg :presence)))

-         ;; If message comes from subscription channel; we just need
-         ;; to foreward it to the output channel.
-         (and (= port sub-ch) (some? val))
-         (do
-           (when-not (= (:session-id val) session-id)
-             (a/>! out-ch val))
-           (recur))
+            ;; Then, just forward the message
+            (a/>! out-ch val))
+          (recur))

-         ;; When timeout channel is signaled, we need to send a ping
-         ;; message to the output channel. TODO: we need to make this
-         ;; more smart.
-         (= port timeout)
-         (do
-           (a/>! out-ch {:type :ping})
-           (recur))
+        ;; When timeout channel is signaled, we need to send a ping
+        ;; message to the output channel. TODO: we need to make this
+        ;; more smart.
+        (= port timeout)
+        (do
+          (a/>! out-ch {:type :ping})
+          (recur))))))

-         :else
-         nil)))))
-
-;; --- PRESENCE HANDLING API
-
-(def ^:private
-  sql:retrieve-presence
-  "select * from presence
-    where file_id=?
-      and (clock_timestamp() - updated_at) < '5 min'::interval")
-
-(def ^:private
-  sql:update-presence
-  "insert into presence (file_id, session_id, profile_id, updated_at)
-   values (?, ?, ?, clock_timestamp())
-       on conflict (file_id, session_id, profile_id)
-       do update set updated_at=clock_timestamp()")
-
-(defn- retrieve-presence
-  [{:keys [pool file-id] :as cfg}]
-  (let [rows (db/exec! pool [sql:retrieve-presence file-id])]
-    (mapv (juxt :session-id :profile-id) rows)))
-
-(defn- retrieve-presence*
-  [{:keys [executor] :as cfg}]
-  (aa/with-thread executor
-    (retrieve-presence cfg)))
-
-(defn- update-presence
-  [{:keys [pool file-id session-id profile-id] :as cfg}]
-  (let [sql [sql:update-presence file-id session-id profile-id]]
-    (db/exec-one! pool sql)))
-
-(defn- update-presence*
-  [{:keys [executor] :as cfg}]
-  (aa/with-thread executor
-    (update-presence cfg)))
-
-(defn- delete-presence
-  [{:keys [pool file-id session-id profile-id] :as cfg}]
-  (db/delete! pool :presence {:file-id file-id
-                              :profile-id profile-id
-                              :session-id session-id}))
-
-(defn- delete-presence*
-  [{:keys [executor] :as cfg}]
-  (aa/with-thread executor
-    (delete-presence cfg)))
+(defn send-presence
+  ([cfg] (send-presence cfg :presence))
+  ([{:keys [msgbus session-id profile-id file-id]} type]
+   (a/go
+     (a/<! (msgbus :pub {:topic file-id
+                         :message {:type type
+                                   :session-id session-id
+                                   :profile-id profile-id}})))))

 ;; --- INCOMING MSG PROCESSING

@@ -295,26 +252,16 @@
  (fn [_ message] (:type message)))

 (defmethod handle-message :connect
-  [{:keys [file-id msgbus] :as cfg} _message]
-  ;; (log/debugf "profile '%s' is connected to file '%s'" profile-id file-id)
-  (aa/go-try
-   (aa/<? (update-presence* cfg))
-   (let [members (aa/<? (retrieve-presence* cfg))
-         val     {:topic file-id :message {:type :presence :sessions members}}]
-     (a/<! (msgbus :pub val)))))
+  [cfg _]
+  (send-presence cfg :connect))

 (defmethod handle-message :disconnect
-  [{:keys [file-id msgbus] :as cfg} _message]
-  ;; (log/debugf "profile '%s' is disconnected from '%s'" profile-id file-id)
-  (aa/go-try
-   (aa/<? (delete-presence* cfg))
-   (let [members (aa/<? (retrieve-presence* cfg))
-         val     {:topic file-id :message {:type :presence :sessions members}}]
-     (a/<! (msgbus :pub val)))))
+  [cfg _]
+  (send-presence cfg :disconnect))

 (defmethod handle-message :keepalive
-  [cfg _message]
-  (update-presence* cfg))
+  [_ _]
+  (a/go :nothing))

 (defmethod handle-message :pointer-update
  [{:keys [profile-id file-id session-id msgbus] :as cfg} message]
@@ -327,5 +274,7 @@
 (defmethod handle-message :default
  [_ws message]
  (a/go
-    (log/warnf "received unexpected message: %s" message)))
+    (l/log :level :warn
+           :msg "received unexpected message"
+           :message message)))

--- a/backend/src/app/rlimits.clj
+++ b/backend/src/app/rlimits.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.rlimits
  "Resource usage limits (in other words: semaphores)."
--- a/backend/src/app/rpc.clj
+++ b/backend/src/app/rpc.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.rpc
  (:require
@@ -15,9 +12,9 @@
   [app.db :as db]
   [app.metrics :as mtx]
   [app.rlimits :as rlm]
+   [app.util.logging :as l]
   [app.util.services :as sv]
   [clojure.spec.alpha :as s]
-   [clojure.tools.logging :as log]
   [cuerdas.core :as str]
   [integrant.core :as ig]))

@@ -33,15 +30,21 @@
 (defn- rpc-query-handler
  [methods {:keys [profile-id] :as request}]
  (let [type   (keyword (get-in request [:path-params :type]))
-        data   (assoc (:params request) ::type type)
+
+        data   (d/merge (:params request)
+                        (:body-params request)
+                        (:uploads request))
+
        data   (if profile-id
                 (assoc data :profile-id profile-id)
                 (dissoc data :profile-id))
+
        result ((get methods type default-handler) data)
        mdata  (meta result)]

    (cond->> {:status 200 :body result}
-      (fn? (:transform-response mdata)) ((:transform-response mdata) request))))
+      (fn? (:transform-response mdata))
+      ((:transform-response mdata) request))))

 (defn- rpc-mutation-handler
  [methods {:keys [profile-id] :as request}]
@@ -75,7 +78,8 @@
        (ex/raise :type :internal
                  :code :rlimit-not-configured
                  :hint (str/fmt "%s rlimit not configured" key)))
-      (log/tracef "adding rlimit to '%s' rpc handler" (::sv/name mdata))
+      (l/trace :action "add rlimit"
+               :handler (::sv/name mdata))
      (fn [cfg params]
        (rlm/execute rlinst (f cfg params))))
    f))
@@ -85,7 +89,8 @@
  (let [f     (wrap-with-rlimits cfg f mdata)
        f     (wrap-with-metrics cfg f mdata)
        spec  (or (::sv/spec mdata) (s/spec any?))]
-    (log/tracef "registering '%s' command to rpc service" (::sv/name mdata))
+    (l/trace :action "register"
+             :name (::sv/name mdata))
    (fn [params]
      (when (and (:auth mdata true) (not (uuid? (:profile-id params))))
        (ex/raise :type :authentication
@@ -114,7 +119,8 @@
                     'app.rpc.queries.comments
                     'app.rpc.queries.profile
                     'app.rpc.queries.recent-files
-                     'app.rpc.queries.viewer)
+                     'app.rpc.queries.viewer
+                     'app.rpc.queries.svg)
         (map (partial process-method cfg))
         (into {}))))

@@ -135,6 +141,7 @@
                     'app.rpc.mutations.projects
                     'app.rpc.mutations.viewer
                     'app.rpc.mutations.teams
+                     'app.rpc.mutations.management
                     'app.rpc.mutations.ldap
                     'app.rpc.mutations.verify-token)
         (map (partial process-method cfg))
--- a/backend/src/app/rpc/mutations/comments.clj
+++ b/backend/src/app/rpc/mutations/comments.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.rpc.mutations.comments
  (:require
@@ -146,14 +143,14 @@
  (db/with-atomic [conn pool]
    (let [thread (db/get-by-id conn :comment-thread id {:for-update true})]
      (when-not thread
-        (ex/raise :type :not-found)
+        (ex/raise :type :not-found))

      (files/check-read-permissions! conn profile-id (:file-id thread))

      (db/update! conn :comment-thread
                  {:is-resolved is-resolved}
                  {:id id})
-      nil))))
+      nil)))


 ;; --- Mutation: Add Comment
--- a/backend/src/app/rpc/mutations/demo.clj
+++ b/backend/src/app/rpc/mutations/demo.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.rpc.mutations.demo
  "A demo specific mutations."
@@ -16,8 +13,8 @@
   [app.db :as db]
   [app.rpc.mutations.profile :as profile]
   [app.setup.initial-data :as sid]
-   [app.tasks :as tasks]
   [app.util.services :as sv]
+   [app.worker :as wrk]
   [buddy.core.codecs :as bc]
   [buddy.core.nonce :as bn]
   [clojure.spec.alpha :as s]))
@@ -40,7 +37,7 @@
                  :password password
                  :props {:onboarding-viewed true}}]

-    (when-not (:allow-demo-users cfg/config)
+    (when-not (cfg/get :allow-demo-users)
      (ex/raise :type :validation
                :code :demo-users-not-allowed
                :hint "Demo users are disabled by config."))
@@ -51,9 +48,10 @@
           (sid/load-initial-project! conn))

      ;; Schedule deletion of the demo profile
-      (tasks/submit! conn {:name "delete-profile"
-                           :delay cfg/deletion-delay
-                           :props {:profile-id id}})
+      (wrk/submit! {::wrk/task :delete-profile
+                    ::wrk/delay cfg/deletion-delay
+                    ::wrk/conn conn
+                    :profile-id id})

      {:email email
       :password password})))
--- a/backend/src/app/rpc/mutations/files.clj
+++ b/backend/src/app/rpc/mutations/files.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.rpc.mutations.files
  (:require
@@ -16,12 +13,13 @@
   [app.common.uuid :as uuid]
   [app.config :as cfg]
   [app.db :as db]
+   [app.rpc.permissions :as perms]
   [app.rpc.queries.files :as files]
   [app.rpc.queries.projects :as proj]
-   [app.tasks :as tasks]
   [app.util.blob :as blob]
   [app.util.services :as sv]
   [app.util.time :as dt]
+   [app.worker :as wrk]
   [clojure.spec.alpha :as s]))

 ;; --- Helpers & Specs
@@ -47,14 +45,13 @@
    (proj/check-edition-permissions! conn profile-id project-id)
    (create-file conn params)))

-(defn- create-file-profile
-  [conn {:keys [profile-id file-id] :as params}]
-  (db/insert! conn :file-profile-rel
-              {:profile-id profile-id
-               :file-id file-id
-               :is-owner true
-               :is-admin true
-               :can-edit true}))
+
+(defn create-file-role
+  [conn {:keys [file-id profile-id role]}]
+  (let [params {:file-id file-id
+                :profile-id profile-id}]
+    (->> (perms/assign-role-flags params role)
+         (db/insert! conn :file-profile-rel))))

 (defn create-file
  [conn {:keys [id name project-id is-shared]
@@ -68,8 +65,8 @@
                          :name name
                          :is-shared is-shared
                          :data (blob/encode data)})]
-    (->> (assoc params :file-id id)
-         (create-file-profile conn))
+    (->> (assoc params :file-id id :role :owner)
+         (create-file-role conn))
    (assoc file :data data)))


@@ -126,9 +123,11 @@
    (files/check-edition-permissions! conn profile-id id)

    ;; Schedule object deletion
-    (tasks/submit! conn {:name "delete-object"
-                         :delay cfg/deletion-delay
-                         :props {:id id :type :file}})
+    (wrk/submit! {::wrk/task :delete-object
+                  ::wrk/delay cfg/deletion-delay
+                  ::wrk/conn conn
+                  :id id
+                  :type :file})

    (mark-file-deleted conn params)))

--- a/backend/src/app/rpc/mutations/ldap.clj
+++ b/backend/src/app/rpc/mutations/ldap.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.rpc.mutations.ldap
  (:require
@@ -16,23 +13,23 @@
   [app.util.services :as sv]
   [clj-ldap.client :as ldap]
   [clojure.spec.alpha :as s]
-   [clojure.string]
-   [clojure.tools.logging :as log]))
+   [clojure.string]))

-(def cpool
-  (delay
-    (let [params {:ssl?      (cfg/get :ldap-ssl)
-                  :startTLS? (cfg/get :ldap-starttls)
-                  :bind-dn   (cfg/get :ldap-bind-dn)
-                  :password  (cfg/get :ldap-bind-password)
-                  :host      {:address (cfg/get :ldap-host)
-                              :port    (cfg/get :ldap-port)}}]
-      (try
-        (ldap/connect params)
-        (catch Exception e
-          (log/errorf e "cannot connect to LDAP %s:%s"
-                      (get-in params [:host :address])
-                      (get-in params [:host :port])))))))
+(defn ^java.lang.AutoCloseable connect
+  []
+  (let [params {:ssl?      (cfg/get :ldap-ssl)
+                :startTLS? (cfg/get :ldap-starttls)
+                :bind-dn   (cfg/get :ldap-bind-dn)
+                :password  (cfg/get :ldap-bind-password)
+                :host      {:address (cfg/get :ldap-host)
+                            :port    (cfg/get :ldap-port)}}]
+    (try
+      (ldap/connect params)
+      (catch Exception e
+        (ex/raise :type :restriction
+                  :code :ldap-disabled
+                  :hint "ldap disabled or unable to connect"
+                  :cause e)))))

 ;; --- Mutation: login-with-ldap

@@ -48,12 +45,7 @@

 (sv/defmethod ::login-with-ldap {:auth false :rlimit :password}
  [{:keys [pool session tokens] :as cfg} {:keys [email password invitation-token] :as params}]
-  (when-not @cpool
-    (ex/raise :type :restriction
-              :code :ldap-disabled
-              :hint "ldap disabled or unable to connect"))
-
-  (let [info (authenticate @cpool params)
+  (let [info (authenticate params)
        cfg  (assoc cfg :conn pool)]
    (when-not info
      (ex/raise :type :validation
@@ -84,7 +76,7 @@
 (defn- get-ldap-user
  [cpool {:keys [email] :as params}]
  (let [query   (-> (cfg/get :ldap-user-query)
-                    (replace-several "$username" email))
+                    (replace-several ":username" email))

        attrs   [(cfg/get :ldap-attrs-username)
                 (cfg/get :ldap-attrs-email)
@@ -96,10 +88,11 @@
    (first (ldap/search cpool base-dn params))))

 (defn- authenticate
-  [cpool {:keys [password] :as params}]
-  (when-let [{:keys [dn] :as luser} (get-ldap-user cpool params)]
-    (when (ldap/bind? cpool dn password)
-      {:photo    (get luser (keyword (cfg/get :ldap-attrs-photo)))
-       :fullname (get luser (keyword (cfg/get :ldap-attrs-fullname)))
-       :email    (get luser (keyword (cfg/get :ldap-attrs-email)))
-       :backend  "ldap"})))
+  [{:keys [password] :as params}]
+  (with-open [conn (connect)]
+    (when-let [{:keys [dn] :as luser} (get-ldap-user conn params)]
+      (when (ldap/bind? conn dn password)
+        {:photo    (get luser (keyword (cfg/get :ldap-attrs-photo)))
+         :fullname (get luser (keyword (cfg/get :ldap-attrs-fullname)))
+         :email    (get luser (keyword (cfg/get :ldap-attrs-email)))
+         :backend  "ldap"}))))
--- a/backend/src/app/rpc/mutations/management.clj
+++ b/backend/src/app/rpc/mutations/management.clj
@@ -0,0 +1,322 @@
+;; This Source Code Form is subject to the terms of the Mozilla Public
+;; License, v. 2.0. If a copy of the MPL was not distributed with this
+;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
+;;
+;; Copyright (c) UXBOX Labs SL
+
+(ns app.rpc.mutations.management
+  "Move & Duplicate RPC methods for files and projects."
+  (:require
+   [app.common.data :as d]
+   [app.common.exceptions :as ex]
+   [app.common.pages.migrations :as pmg]
+   [app.common.spec :as us]
+   [app.common.uuid :as uuid]
+   [app.db :as db]
+   [app.rpc.mutations.projects :refer [create-project-role create-project]]
+   [app.rpc.queries.projects :as proj]
+   [app.rpc.queries.teams :as teams]
+   [app.util.blob :as blob]
+   [app.util.services :as sv]
+   [app.util.time :as dt]
+   [clojure.spec.alpha :as s]
+   [clojure.walk :as walk]))
+
+(s/def ::id ::us/uuid)
+(s/def ::profile-id ::us/uuid)
+(s/def ::project-id ::us/uuid)
+(s/def ::file-id ::us/uuid)
+(s/def ::team-id ::us/uuid)
+(s/def ::name ::us/string)
+
+(defn- remap-id
+  [item index key]
+  (cond-> item
+    (contains? item key)
+    (assoc key (get index (get item key) (get item key)))))
+
+(defn- process-file
+  [file index]
+  (letfn [(process-form [form]
+            (cond-> form
+              ;; Relink Components
+              (and (map? form)
+                   (uuid? (:component-file form)))
+              (update :component-file #(get index % %))
+
+              ;; Relink Image Shapes
+              (and (map? form)
+                   (map? (:metadata form))
+                   (= :image (:type form)))
+              (update-in [:metadata :id] #(get index % %))))
+
+          ;; A function responsible to analize all file data and
+          ;; replace the old :component-file reference with the new
+          ;; ones, using the provided file-index
+          (relink-shapes [data]
+            (walk/postwalk process-form data))
+
+          ;; A function responsible of process the :media attr of file
+          ;; data and remap the old ids with the new ones.
+          (relink-media [media]
+            (reduce-kv (fn [res k v]
+                         (let [id (get index k)]
+                           (if (uuid? id)
+                             (-> res
+                                 (assoc id (assoc v :id id))
+                                 (dissoc k))
+                             res)))
+                       media
+                       media))]
+
+    (update file :data
+            (fn [data]
+              (-> data
+                  (blob/decode)
+                  (assoc :id (:id file))
+                  (pmg/migrate-data)
+                  (update :pages-index relink-shapes)
+                  (update :components relink-shapes)
+                  (update :media relink-media)
+                  (d/without-nils)
+                  (blob/encode))))))
+
+(def sql:retrieve-used-libraries
+  "select flr.*
+     from file_library_rel as flr
+    inner join file as l on (flr.library_file_id = l.id)
+    where flr.file_id = ?
+      and l.deleted_at is null")
+
+(def sql:retrieve-used-media-objects
+  "select fmo.*
+     from file_media_object as fmo
+    inner join storage_object as o on (fmo.media_id = o.id)
+    where fmo.file_id = ?
+      and o.deleted_at is null")
+
+(defn duplicate-file
+  [conn {:keys [profile-id file index project-id name]} {:keys [reset-shared-flag] :as opts}]
+  (let [flibs    (db/exec! conn [sql:retrieve-used-libraries (:id file)])
+        fmeds    (db/exec! conn [sql:retrieve-used-media-objects (:id file)])
+
+        ;; memo uniform creation/modification date
+        now      (dt/now)
+        ignore   (dt/plus now (dt/duration {:seconds 5}))
+
+        ;; add to the index all file media objects.
+        index  (reduce #(assoc %1 (:id %2) (uuid/next)) index fmeds)
+
+        flibs-xf (comp
+                  (map #(remap-id % index :file-id))
+                  (map #(remap-id % index :library-file-id))
+                  (map #(assoc % :synced-at now))
+                  (map #(assoc % :created-at now)))
+
+        ;; remap all file-library-rel row
+        flibs    (sequence flibs-xf flibs)
+
+        fmeds-xf (comp
+                  (map #(assoc % :id (get index (:id %))))
+                  (map #(assoc % :created-at now))
+                  (map #(remap-id % index :file-id)))
+
+        ;; remap all file-media-object rows
+        fmeds   (sequence fmeds-xf fmeds)
+
+        file    (cond-> file
+                  (some? project-id)
+                  (assoc :project-id project-id)
+
+                  (some? name)
+                  (assoc :name name)
+
+                  (true? reset-shared-flag)
+                  (assoc :is-shared false))
+
+        file    (-> file
+                    (assoc :created-at now)
+                    (assoc :modified-at now)
+                    (assoc :ignore-sync-until ignore)
+                    (update :id #(get index %))
+                    (process-file index))]
+
+    (db/insert! conn :file file)
+    (db/insert! conn :file-profile-rel
+                {:file-id (:id file)
+                 :profile-id profile-id
+                 :is-owner true
+                 :is-admin true
+                 :can-edit true})
+
+    (doseq [params flibs]
+      (db/insert! conn :file-library-rel params))
+
+    (doseq [params fmeds]
+      (db/insert! conn :file-media-object params))
+
+    file))
+
+
+;; --- MUTATION: Duplicate File
+
+(declare duplicate-file)
+
+(s/def ::duplicate-file
+  (s/keys :req-un [::profile-id ::file-id]
+          :opt-un [::name]))
+
+(sv/defmethod ::duplicate-file
+  [{:keys [pool] :as cfg} {:keys [profile-id file-id name] :as params}]
+  (db/with-atomic [conn pool]
+    (let [file   (db/get-by-id conn :file file-id)
+          index  {file-id (uuid/next)}
+          params (assoc params :index index :file file)]
+      (proj/check-edition-permissions! conn profile-id (:project-id file))
+
+      (-> (duplicate-file conn params {:reset-shared-flag true})
+          (update :data blob/decode)))))
+
+
+;; --- MUTATION: Duplicate Project
+
+(declare duplicate-project)
+
+(s/def ::duplicate-project
+  (s/keys :req-un [::profile-id ::project-id]
+          :opt-un [::name]))
+
+(sv/defmethod ::duplicate-project
+  [{:keys [pool] :as cfg} {:keys [profile-id project-id name] :as params}]
+  (db/with-atomic [conn pool]
+    (let [project (db/get-by-id conn :project project-id)]
+      (teams/check-edition-permissions! conn profile-id (:team-id project))
+      (duplicate-project conn (assoc params :project project)))))
+
+(defn duplicate-project
+  [conn {:keys [profile-id project name] :as params}]
+  (let [files   (db/query conn :file
+                          {:project-id (:id project)
+                           :deleted-at nil}
+                          {:columns [:id]})
+
+        project (cond-> project
+                  (string? name)
+                  (assoc :name name)
+
+                  :always
+                  (assoc :id (uuid/next)))]
+
+    ;; create the duplicated project and assign the current profile as
+    ;; a project owner
+    (create-project conn project)
+    (create-project-role conn {:project-id (:id project)
+                               :profile-id profile-id
+                               :role :owner})
+
+    ;; duplicate all files
+    (let [index  (reduce #(assoc %1 (:id %2) (uuid/next)) {} files)
+          params (-> params
+                     (dissoc :name)
+                     (assoc :project-id (:id project))
+                     (assoc :index index))]
+      (doseq [{:keys [id]} files]
+        (let [file   (db/get-by-id conn :file id)
+              params (assoc params :file file)
+              opts   {:reset-shared-flag false}]
+          (duplicate-file conn params opts))))
+
+    ;; return the created project
+    project))
+
+
+;; --- MUTATION: Move file
+
+(def sql:retrieve-files
+  "select id, project_id from file where id = ANY(?)")
+
+(def sql:move-files
+  "update file set project_id = ? where id = ANY(?)")
+
+(def sql:delete-broken-relations
+  "with broken as (
+     (select * from file_library_rel as flr
+       inner join file as f on (flr.file_id = f.id)
+       inner join project as p on (f.project_id = p.id)
+       inner join file as lf on (flr.library_file_id = lf.id)
+       inner join project as lp on (lf.project_id = lp.id)
+       where p.id = ANY(?)
+         and lp.team_id != p.team_id)
+   )
+   delete from file_library_rel as rel
+    using broken as br
+    where rel.file_id = br.file_id
+      and rel.library_file_id = br.library_file_id")
+
+(s/def ::ids (s/every ::us/uuid :kind set?))
+(s/def ::move-files
+  (s/keys :req-un [::profile-id ::ids ::project-id]))
+
+(sv/defmethod ::move-files
+  [{:keys [pool] :as cfg} {:keys [profile-id ids project-id] :as params}]
+  (db/with-atomic [conn pool]
+    (let [fids    (db/create-array conn "uuid" ids)
+          files   (db/exec! conn [sql:retrieve-files fids])
+          source  (into #{} (map :project-id) files)
+          pids    (->> (conj source project-id)
+                       (db/create-array conn "uuid"))]
+
+      ;; Check if we have permissions on the destination project
+      (proj/check-edition-permissions! conn profile-id project-id)
+
+      ;; Check if we have permissions on all source projects
+      (doseq [project-id source]
+        (proj/check-edition-permissions! conn profile-id project-id))
+
+      (when (contains? source project-id)
+        (ex/raise :type :validation
+                  :code :cant-move-to-same-project
+                  :hint "Unable to move a file to the same project"))
+
+      ;; move all files to the project
+      (db/exec-one! conn [sql:move-files project-id fids])
+
+      ;; delete posible broken relations on moved files
+      (db/exec-one! conn [sql:delete-broken-relations pids])
+
+      nil)))
+
+
+;; --- MUTATION: Move project
+
+(declare move-project)
+
+(s/def ::move-project
+  (s/keys :req-un [::profile-id ::team-id ::project-id]))
+
+(sv/defmethod ::move-project
+  [{:keys [pool] :as cfg} {:keys [profile-id team-id project-id] :as params}]
+  (db/with-atomic [conn pool]
+    (let [project (db/get-by-id conn :project project-id {:columns [:id :team-id]})
+
+          pids    (->> (db/query conn :project {:team-id (:team-id project)} {:columns [:id]})
+                       (map :id)
+                       (db/create-array conn "uuid"))]
+
+      (teams/check-edition-permissions! conn profile-id (:team-id project))
+      (teams/check-edition-permissions! conn profile-id team-id)
+
+      (when (= team-id (:team-id project))
+        (ex/raise :type :validation
+                  :code :cant-move-to-same-team
+                  :hint "Unable to move a project to same team"))
+
+      ;; move project to the destination team
+      (db/update! conn :project
+                  {:team-id team-id}
+                  {:id project-id})
+
+      ;; delete posible broken relations on moved files
+      (db/exec-one! conn [sql:delete-broken-relations pids])
+
+      nil)))
--- a/backend/src/app/rpc/mutations/media.clj
+++ b/backend/src/app/rpc/mutations/media.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.rpc.mutations.media
  (:require
@@ -92,7 +89,7 @@


 (defn create-file-media-object
-  [{:keys [conn storage svgc] :as cfg} {:keys [file-id is-local name content] :as params}]
+  [{:keys [conn storage] :as cfg} {:keys [file-id is-local name content] :as params}]
  (media/validate-media-type (:content-type content))
  (let [storage      (assoc storage :conn conn)
        source-path  (fs/path (:tempfile content))
@@ -108,7 +105,7 @@
                                                     :path source-path})))

        image        (if (= (:mtype source-info) "image/svg+xml")
-                       (let [data (svgc (slurp source-path))]
+                       (let [data (slurp source-path)]
                         (sto/put-object storage {:content (sto/content data)
                                                  :content-type (:mtype source-info)}))
                       (sto/put-object storage {:content (sto/content source-path)
--- a/backend/src/app/rpc/mutations/profile.clj
+++ b/backend/src/app/rpc/mutations/profile.clj
@@ -2,28 +2,26 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.rpc.mutations.profile
  (:require
+   [app.common.data :as d]
   [app.common.exceptions :as ex]
   [app.common.spec :as us]
   [app.common.uuid :as uuid]
   [app.config :as cfg]
   [app.db :as db]
-   [app.emails :as emails]
+   [app.emails :as eml]
   [app.media :as media]
   [app.rpc.mutations.projects :as projects]
   [app.rpc.mutations.teams :as teams]
   [app.rpc.queries.profile :as profile]
   [app.setup.initial-data :as sid]
   [app.storage :as sto]
-   [app.tasks :as tasks]
   [app.util.services :as sv]
   [app.util.time :as dt]
+   [app.worker :as wrk]
   [buddy.hashers :as hashers]
   [clojure.spec.alpha :as s]
   [cuerdas.core :as str]))
@@ -49,8 +47,10 @@
 (declare register-profile)

 (s/def ::invitation-token ::us/not-empty-string)
+(s/def ::terms-privacy ::us/boolean)
+
 (s/def ::register-profile
-  (s/keys :req-un [::email ::password ::fullname]
+  (s/keys :req-un [::email ::password ::fullname ::terms-privacy]
          :opt-un [::invitation-token]))

 (sv/defmethod ::register-profile {:auth false :rlimit :password}
@@ -63,6 +63,10 @@
    (ex/raise :type :validation
              :code :email-domain-is-not-allowed))

+  (when-not (:terms-privacy params)
+    (ex/raise :type :validation
+              :code :invalid-terms-and-privacy))
+
  (db/with-atomic [conn pool]
    (let [cfg     (assoc cfg :conn conn)]
      (register-profile cfg params))))
@@ -111,16 +115,19 @@

        ;; Don't allow proceed in register page if the email is
        ;; already reported as permanent bounced
-        (when (emails/has-bounce-reports? conn (:email profile))
+        (when (eml/has-bounce-reports? conn (:email profile))
          (ex/raise :type :validation
                    :code :email-has-permanent-bounces
                    :hint "looks like the email has one or many bounces reported"))

-        (emails/send! conn emails/register
-                      {:to (:email profile)
-                       :name (:fullname profile)
-                       :token vtoken
-                       :extra-data ptoken})
+        (eml/send! {::eml/conn conn
+                    ::eml/factory eml/register
+                    :public-uri (:public-uri cfg)
+                    :to (:email profile)
+                    :name (:fullname profile)
+                    :token vtoken
+                    :extra-data ptoken})
+
        (with-meta profile
          {:before-complete (annotate-profile-register metrics profile)})))))

@@ -128,11 +135,11 @@
  "Returns true if email's domain is in the given whitelist or if given
  whitelist is an empty string."
  [whitelist email]
-  (if (str/blank? whitelist)
+  (if (str/empty-or-nil? whitelist)
    true
    (let [domains (str/split whitelist #",\s*")
-          email-domain (second (str/split email #"@"))]
-      (contains? (set domains) email-domain))))
+          domain  (second (str/split email #"@" 2))]
+      (contains? (set domains) domain))))

 (def ^:private sql:profile-existence
  "select exists (select * from profile
@@ -196,21 +203,25 @@

 (defn create-profile-relations
  [conn profile]
-  (let [team (teams/create-team conn {:profile-id (:id profile)
-                                      :name "Default"
-                                      :default? true})
-        proj (projects/create-project conn {:profile-id (:id profile)
-                                            :team-id (:id team)
-                                            :name "Drafts"
-                                            :default? true})]
-    (teams/create-team-profile conn {:team-id (:id team)
-                                     :profile-id (:id profile)})
-    (projects/create-project-profile conn {:project-id (:id proj)
-                                           :profile-id (:id profile)})
+  (let [team    (teams/create-team conn {:profile-id (:id profile)
+                                         :name "Default"
+                                         :is-default true})
+        project (projects/create-project conn {:profile-id (:id profile)
+                                               :team-id (:id team)
+                                               :name "Drafts"
+                                               :is-default true})
+        params  {:team-id (:id team)
+                 :profile-id (:id profile)
+                 :project-id (:id project)
+                 :role :owner}]

-    (merge (profile/strip-private-attrs profile)
-           {:default-team-id (:id team)
-            :default-project-id (:id proj)})))
+    (teams/create-team-role conn params)
+    (projects/create-project-role conn params)
+
+    (-> profile
+        (profile/strip-private-attrs)
+        (assoc :default-team-id (:id team))
+        (assoc :default-project-id (:id project)))))

 ;; --- Mutation: Login

@@ -293,16 +304,35 @@

 (defn login-or-register
  [{:keys [conn] :as cfg} {:keys [email backend] :as params}]
-  (letfn [(create-profile [conn {:keys [fullname email]}]
+  (letfn [(info->props [info]
+            (dissoc info :name :fullname :email :backend))
+
+          (info->lang [{:keys [locale] :as info}]
+            (when (and (string? locale)
+                       (not (str/blank? locale)))
+              locale))
+
+          (create-profile [conn {:keys [email] :as info}]
            (db/insert! conn :profile
                        {:id (uuid/next)
-                         :fullname fullname
+                         :fullname (:fullname info)
                         :email (str/lower email)
+                         :lang (info->lang info)
                         :auth-backend backend
                         :is-active true
                         :password "!"
+                         :props (db/tjson (info->props info))
                         :is-demo false}))

+          (update-profile [conn info profile]
+            (let [props (d/merge (:props profile)
+                                 (info->props info))]
+              (db/update! conn :profile
+                          {:props (db/tjson props)
+                           :modified-at (dt/now)}
+                          {:id (:id profile)})
+              (assoc profile :props props)))
+
          (register-profile [conn params]
            (let [profile (->> (create-profile conn params)
                               (create-profile-relations conn))]
@@ -311,7 +341,9 @@

    (let [profile (profile/retrieve-profile-data-by-email conn email)
          profile (if profile
-                    (profile/populate-additional-data conn profile)
+                    (->> profile
+                         (update-profile conn params)
+                         (profile/populate-additional-data conn))
                    (register-profile conn params))]
      (profile/strip-private-attrs profile))))

@@ -327,7 +359,8 @@
              {:id id}))

 (s/def ::update-profile
-  (s/keys :req-un [::id ::fullname ::lang ::theme]))
+  (s/keys :req-un [::id ::fullname]
+          :opt-un [::lang ::theme]))

 (sv/defmethod ::update-profile
  [{:keys [pool] :as cfg} params]
@@ -335,7 +368,6 @@
    (update-profile conn params)
    nil))

-
 ;; --- Mutation: Update Password

 (declare validate-password!)
@@ -375,8 +407,8 @@

 (sv/defmethod ::update-profile-photo
  [{:keys [pool storage] :as cfg} {:keys [profile-id file] :as params}]
-  (media/validate-media-type (:content-type file))
  (db/with-atomic [conn pool]
+    (media/validate-media-type (:content-type file) #{"image/jpeg" "image/png" "image/webp"})
    (let [profile (db/get-by-id conn :profile profile-id)
          _       (media/run cfg {:cmd :info :input {:path (:tempfile file)
                                                     :mtype (:content-type file)}})
@@ -428,7 +460,7 @@
  {:changed true})

 (defn- request-email-change
-  [{:keys [conn tokens]} {:keys [profile email] :as params}]
+  [{:keys [conn tokens] :as cfg} {:keys [profile email] :as params}]
  (let [token   (tokens :generate
                        {:iss :change-email
                         :exp (dt/in-future "15m")
@@ -441,22 +473,24 @@
    (when (not= email (:email profile))
      (check-profile-existence! conn params))

-    (when-not (emails/allow-send-emails? conn profile)
+    (when-not (eml/allow-send-emails? conn profile)
      (ex/raise :type :validation
                :code :profile-is-muted
                :hint "looks like the profile has reported repeatedly as spam or has permanent bounces."))

-    (when (emails/has-bounce-reports? conn email)
+    (when (eml/has-bounce-reports? conn email)
      (ex/raise :type :validation
                :code :email-has-permanent-bounces
                :hint "looks like the email you invite has been repeatedly reported as spam or permanent bounce"))

-    (emails/send! conn emails/change-email
-                  {:to (:email profile)
-                   :name (:fullname profile)
-                   :pending-email email
-                   :token token
-                   :extra-data ptoken})
+    (eml/send! {::eml/conn conn
+                ::eml/factory eml/change-email
+                :public-uri (:public-uri cfg)
+                :to (:email profile)
+                :name (:fullname profile)
+                :pending-email email
+                :token token
+                :extra-data ptoken})
    nil))


@@ -482,16 +516,18 @@
            (let [ptoken (tokens :generate-predefined
                                 {:iss :profile-identity
                                  :profile-id (:id profile)})]
-              (emails/send! conn emails/password-recovery
-                            {:to (:email profile)
-                             :token (:token profile)
-                             :name (:fullname profile)
-                             :extra-data ptoken})
+              (eml/send! {::eml/conn conn
+                          ::eml/factory eml/password-recovery
+                          :public-uri (:public-uri cfg)
+                          :to (:email profile)
+                          :token (:token profile)
+                          :name (:fullname profile)
+                          :extra-data ptoken})
              nil))]

    (db/with-atomic [conn pool]
      (when-let [profile (profile/retrieve-profile-data-by-email conn email)]
-        (when-not (emails/allow-send-emails? conn profile)
+        (when-not (eml/allow-send-emails? conn profile)
          (ex/raise :type :validation
                    :code :profile-is-muted
                    :hint "looks like the profile has reported repeatedly as spam or has permanent bounces."))
@@ -501,7 +537,7 @@
                    :code :profile-not-verified
                    :hint "the user need to validate profile before recover password"))

-        (when (emails/has-bounce-reports? conn (:email profile))
+        (when (eml/has-bounce-reports? conn (:email profile))
          (ex/raise :type :validation
                    :code :email-has-permanent-bounces
                    :hint "looks like the email you invite has been repeatedly reported as spam or permanent bounce"))
@@ -568,9 +604,10 @@
    (check-can-delete-profile! conn profile-id)

    ;; Schedule a complete deletion of profile
-    (tasks/submit! conn {:name "delete-profile"
-                         :delay cfg/deletion-delay
-                         :props {:profile-id profile-id}})
+    (wrk/submit! {::wrk/task :delete-profile
+                  ::wrk/dalay cfg/deletion-delay
+                  ::wrk/conn conn
+                  :profile-id profile-id})

    (db/update! conn :profile
                {:deleted-at (dt/now)}
--- a/backend/src/app/rpc/mutations/projects.clj
+++ b/backend/src/app/rpc/mutations/projects.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.rpc.mutations.projects
  (:require
@@ -13,11 +10,12 @@
   [app.common.uuid :as uuid]
   [app.config :as cfg]
   [app.db :as db]
+   [app.rpc.permissions :as perms]
   [app.rpc.queries.projects :as proj]
   [app.rpc.queries.teams :as teams]
-   [app.tasks :as tasks]
   [app.util.services :as sv]
   [app.util.time :as dt]
+   [app.worker :as wrk]
   [clojure.spec.alpha :as s]))

 ;; --- Helpers & Specs
@@ -30,7 +28,7 @@
 ;; --- Mutation: Create Project

 (declare create-project)
-(declare create-project-profile)
+(declare create-project-role)
 (declare create-team-project-profile)

 (s/def ::team-id ::us/uuid)
@@ -43,30 +41,31 @@
  (db/with-atomic [conn pool]
    (teams/check-edition-permissions! conn profile-id team-id)
    (let [project (create-project conn params)
-          params  (assoc params :project-id (:id project))]
-      (create-project-profile conn params)
+          params  (assoc params
+                         :project-id (:id project)
+                         :role :owner)]
+      (create-project-role conn params)
      (create-team-project-profile conn params)
      (assoc project :is-pinned true))))

 (defn create-project
-  [conn {:keys [id team-id name default?] :as params}]
-  (let [id (or id (uuid/next))
-        default? (if (boolean? default?) default? false)]
+  [conn {:keys [id team-id name is-default] :as params}]
+  (let [id         (or id (uuid/next))
+        is-default (if (boolean? is-default) is-default false)]
    (db/insert! conn :project
                {:id id
-                 :team-id team-id
                 :name name
-                 :is-default default?})))
+                 :team-id team-id
+                 :is-default is-default})))

-(defn create-project-profile
-  [conn {:keys [project-id profile-id] :as params}]
-  (db/insert! conn :project-profile-rel
-              {:project-id project-id
-               :profile-id profile-id
-               :is-owner true
-               :is-admin true
-               :can-edit true}))
+(defn create-project-role
+  [conn {:keys [project-id profile-id role]}]
+  (let [params {:project-id project-id
+                :profile-id profile-id}]
+    (->> (perms/assign-role-flags params role)
+         (db/insert! conn :project-profile-rel))))

+;; TODO: pending to be refactored
 (defn create-team-project-profile
  [conn {:keys [team-id project-id profile-id] :as params}]
  (db/insert! conn :team-project-profile-rel
@@ -126,9 +125,11 @@
    (proj/check-edition-permissions! conn profile-id id)

    ;; Schedule object deletion
-    (tasks/submit! conn {:name "delete-object"
-                         :delay cfg/deletion-delay
-                         :props {:id id :type :project}})
+    (wrk/submit! {::wrk/task :delete-object
+                  ::wrk/delay cfg/deletion-delay
+                  ::wrk/conn conn
+                  :id id
+                  :type :project})

    (db/update! conn :project
                {:deleted-at (dt/now)}
--- a/backend/src/app/rpc/mutations/teams.clj
+++ b/backend/src/app/rpc/mutations/teams.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.rpc.mutations.teams
  (:require
@@ -15,15 +12,16 @@
   [app.common.uuid :as uuid]
   [app.config :as cfg]
   [app.db :as db]
-   [app.emails :as emails]
+   [app.emails :as eml]
   [app.media :as media]
   [app.rpc.mutations.projects :as projects]
+   [app.rpc.permissions :as perms]
   [app.rpc.queries.profile :as profile]
   [app.rpc.queries.teams :as teams]
   [app.storage :as sto]
-   [app.tasks :as tasks]
   [app.util.services :as sv]
   [app.util.time :as dt]
+   [app.worker :as wrk]
   [clojure.spec.alpha :as s]
   [datoteka.core :as fs]))

@@ -36,7 +34,7 @@
 ;; --- Mutation: Create Team

 (declare create-team)
-(declare create-team-profile)
+(declare create-team-role)
 (declare create-team-default-project)

 (s/def ::create-team
@@ -47,37 +45,39 @@
  [{:keys [pool] :as cfg} params]
  (db/with-atomic [conn pool]
    (let [team   (create-team conn params)
-          params (assoc params :team-id (:id team))]
-      (create-team-profile conn params)
+          params (assoc params
+                        :team-id (:id team)
+                        :role :owner)]
+      (create-team-role conn params)
      (create-team-default-project conn params)
      team)))

 (defn create-team
-  [conn {:keys [id name default?] :as params}]
-  (let [id (or id (uuid/next))
-        default? (if (boolean? default?) default? false)]
+  [conn {:keys [id name is-default] :as params}]
+  (let [id         (or id (uuid/next))
+        is-default (if (boolean? is-default) is-default false)]
    (db/insert! conn :team
                {:id id
                 :name name
-                 :is-default default?})))
+                 :is-default is-default})))

-(defn create-team-profile
-  [conn {:keys [team-id profile-id] :as params}]
-  (db/insert! conn :team-profile-rel
-              {:team-id team-id
-               :profile-id profile-id
-               :is-owner true
-               :is-admin true
-               :can-edit true}))
+(defn create-team-role
+  [conn {:keys [team-id profile-id role] :as params}]
+  (let [params {:team-id team-id
+                :profile-id profile-id}]
+    (->> (perms/assign-role-flags params role)
+         (db/insert! conn :team-profile-rel))))

 (defn create-team-default-project
  [conn {:keys [team-id profile-id] :as params}]
-  (let [proj (projects/create-project conn {:team-id team-id
-                                            :name "Drafts"
-                                            :default? true})]
-    (projects/create-project-profile conn {:project-id (:id proj)
-                                           :profile-id profile-id})))
-
+  (let [project {:id (uuid/next)
+                 :team-id team-id
+                 :name "Drafts"
+                 :is-default true}]
+    (projects/create-project conn project)
+    (projects/create-project-role conn {:project-id (:id project)
+                                        :profile-id profile-id
+                                        :role :owner})))

 ;; --- Mutation: Update Team

@@ -136,9 +136,11 @@
                  :code :only-owner-can-delete-team))

      ;; Schedule object deletion
-      (tasks/submit! conn {:name "delete-object"
-                           :delay cfg/deletion-delay
-                           :props {:id id :type :team}})
+      (wrk/submit! {::wrk/task :delete-object
+                    ::wrk/delay cfg/deletion-delay
+                    ::wrk/conn conn
+                    :id id
+                    :type :team})

      (db/update! conn :team
                  {:deleted-at (dt/now)}
@@ -171,7 +173,10 @@
          ;; convenience, if this bocomes a bottleneck or problematic,
          ;; we will change it to more efficient fetch mechanims.
          members (teams/retrieve-team-members conn team-id)
-          member  (d/seek #(= member-id (:id %)) members)]
+          member  (d/seek #(= member-id (:id %)) members)
+
+          is-owner? (some :is-owner perms)
+          is-admin? (some :is-admin perms)]

      ;; If no member is found, just 404
      (when-not member
@@ -179,8 +184,7 @@
                  :code :member-does-not-exist))

      ;; First check if we have permissions to change roles
-      (when-not (or (some :is-owner perms)
-                    (some :is-admin perms))
+      (when-not (or is-owner? is-admin?)
        (ex/raise :type :validation
                  :code :insufficient-permissions))

@@ -190,21 +194,20 @@
                  :code :cant-change-role-to-owner))

      ;; Don't allow promote to owner to admin users.
-      (when (and (= role :owner)
-                 (not (:is-owner perms)))
+      (when (and (not is-owner?) (= role :owner))
        (ex/raise :type :validation
                  :code :cant-promote-to-owner))

      (let [params (role->params role)]
        ;; Only allow single owner on team
-        (when (and (= role :owner)
-                   (:is-owner perms))
+        (when (= role :owner)
          (db/update! conn :team-profile-rel
                      {:is-owner false}
                      {:team-id team-id
                       :profile-id profile-id}))

-        (db/update! conn :team-profile-rel params
+        (db/update! conn :team-profile-rel
+                    params
                    {:team-id team-id
                     :profile-id member-id})
        nil))))
@@ -252,9 +255,10 @@

 (sv/defmethod ::update-team-photo
  [{:keys [pool storage] :as cfg} {:keys [profile-id file team-id] :as params}]
-  (media/validate-media-type (:content-type file))
  (db/with-atomic [conn pool]
    (teams/check-edition-permissions! conn profile-id team-id)
+    (media/validate-media-type (:content-type file) #{"image/jpeg" "image/png" "image/webp"})
+
    (let [team    (teams/retrieve-team conn profile-id team-id)
          _       (media/run cfg {:cmd :info :input {:path (:tempfile file)
                                                     :mtype (:content-type file)}})
@@ -303,7 +307,7 @@
          team     (db/get-by-id conn :team team-id)
          itoken   (tokens :generate
                           {:iss :team-invitation
-                            :exp (dt/in-future "6h")
+                            :exp (dt/in-future "48h")
                            :profile-id (:id profile)
                            :role role
                            :team-id team-id
@@ -318,27 +322,29 @@
                  :code :insufficient-permissions))

      ;; First check if the current profile is allowed to send emails.
-      (when-not (emails/allow-send-emails? conn profile)
+      (when-not (eml/allow-send-emails? conn profile)
        (ex/raise :type :validation
                  :code :profile-is-muted
                  :hint "looks like the profile has reported repeatedly as spam or has permanent bounces"))

-      (when (and member (not (emails/allow-send-emails? conn member)))
+      (when (and member (not (eml/allow-send-emails? conn member)))
        (ex/raise :type :validation
                  :code :member-is-muted
                  :hint "looks like the profile has reported repeatedly as spam or has permanent bounces"))

      ;; Secondly check if the invited member email is part of the
      ;; global spam/bounce report.
-      (when (emails/has-bounce-reports? conn email)
+      (when (eml/has-bounce-reports? conn email)
        (ex/raise :type :validation
                  :code :email-has-permanent-bounces
                  :hint "looks like the email you invite has been repeatedly reported as spam or permanent bounce"))

-      (emails/send! conn emails/invite-to-team
-                    {:to email
-                     :invited-by (:fullname profile)
-                     :team (:name team)
-                     :token itoken
-                     :extra-data ptoken})
+      (eml/send! {::eml/conn conn
+                  ::eml/factory eml/invite-to-team
+                  :public-uri (:public-uri cfg)
+                  :to email
+                  :invited-by (:fullname profile)
+                  :team (:name team)
+                  :token itoken
+                  :extra-data ptoken})
      nil)))
--- a/backend/src/app/rpc/mutations/verify_token.clj
+++ b/backend/src/app/rpc/mutations/verify_token.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.rpc.mutations.verify-token
  (:require
--- a/backend/src/app/rpc/mutations/viewer.clj
+++ b/backend/src/app/rpc/mutations/viewer.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.rpc.mutations.viewer
  (:require
--- a/backend/src/app/rpc/permissions.clj
+++ b/backend/src/app/rpc/permissions.clj
@@ -2,16 +2,40 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.rpc.permissions
  "A permission checking helper factories."
  (:require
   [app.common.exceptions :as ex]
-   [app.common.spec :as us]))
+   [app.common.spec :as us]
+   [clojure.spec.alpha :as s]))
+
+(s/def ::role #{:admin :owner :editor :viewer})
+
+(defn assign-role-flags
+  [params role]
+  (us/verify ::role role)
+  (cond-> params
+    (= role :owner)
+    (assoc :is-owner true
+           :is-admin true
+           :can-edit true)
+
+    (= role :admin)
+    (assoc :is-owner false
+           :is-admin true
+           :can-edit true)
+
+    (= role :editor)
+    (assoc :is-owner false
+           :is-admin false
+           :can-edit true)
+
+    (= role :viewer)
+    (assoc :is-owner false
+           :is-admin false
+           :can-edit false)))

 (defn make-edition-check-fn
  "A simple factory for edition permission check functions."
--- a/backend/src/app/rpc/queries/comments.clj
+++ b/backend/src/app/rpc/queries/comments.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.rpc.queries.comments
  (:require
@@ -131,7 +128,6 @@
      (-> (db/exec-one! conn [sql profile-id file-id id])
          (decode-row)))))

-
 ;; --- Query: Comments

 (declare retrieve-comments)
--- a/backend/src/app/rpc/queries/files.clj
+++ b/backend/src/app/rpc/queries/files.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.rpc.queries.files
  (:require
@@ -166,7 +163,6 @@
    (let [file (retrieve-file conn file-id)]
      (get-in file [:data :pages-index id]))))

-
 ;; --- Query: Shared Library Files

 (def ^:private sql:shared-files
--- a/backend/src/app/rpc/queries/profile.clj
+++ b/backend/src/app/rpc/queries/profile.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.rpc.queries.profile
  (:require
@@ -13,10 +10,8 @@
   [app.common.spec :as us]
   [app.common.uuid :as uuid]
   [app.db :as db]
-   [app.db.sql :as sql]
   [app.util.services :as sv]
-   [clojure.spec.alpha :as s]
-   [cuerdas.core :as str]))
+   [clojure.spec.alpha :as s]))

 ;; --- Helpers & Specs

@@ -46,29 +41,27 @@
    {:id uuid/zero
     :fullname "Anonymous User"}))

-;; NOTE: this query make the assumption that union all preserves the
-;; order so the first id will always be the team id and the second the
-;; project_id; this is a postgresql behavior because UNION ALL works
-;; like APPEND operation.
-
-(def ^:private sql:default-team-and-project
-  "select t.id
+(def ^:private sql:default-profile-team
+  "select t.id, name
     from team as t
    inner join team_profile_rel as tp on (tp.team_id = t.id)
    where tp.profile_id = ?
      and tp.is_owner is true
-      and t.is_default is true
-    union all
-   select p.id
+      and t.is_default is true")
+
+(def ^:private sql:default-profile-project
+  "select p.id, name
     from project as p
    inner join project_profile_rel as tp on (tp.project_id = p.id)
    where tp.profile_id = ?
      and tp.is_owner is true
-      and p.is_default is true")
+      and p.is_default is true
+      and p.team_id = ?")

 (defn retrieve-additional-data
  [conn id]
-  (let [[team project] (db/exec! conn [sql:default-team-and-project id id])]
+  (let [team    (db/exec-one! conn [sql:default-profile-team id])
+        project (db/exec-one! conn [sql:default-profile-project id (:id team)])]
    {:default-team-id (:id team)
     :default-project-id (:id project)}))

@@ -97,12 +90,16 @@

    profile))

+(def sql:retrieve-profile-by-email
+  "select p.* from profile as p
+    where p.email = lower(?)
+      and p.deleted_at is null")
+
 (defn retrieve-profile-data-by-email
  [conn email]
-  (let [sql  (sql/select :profile {:email (str/lower email)})
-        data (db/exec-one! conn sql)]
-    (when (and data (nil? (:deleted-at data)))
-      (decode-profile-row data))))
+  (let [sql  [sql:retrieve-profile-by-email email]]
+    (some-> (db/exec-one! conn sql)
+            (decode-profile-row))))

 ;; --- Attrs Helpers

--- a/backend/src/app/rpc/queries/projects.clj
+++ b/backend/src/app/rpc/queries/projects.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.rpc.queries.projects
  (:require
@@ -82,6 +79,50 @@
  (db/exec! conn [sql:projects profile-id team-id]))


+;; --- Query: All projects
+
+(declare retrieve-all-projects)
+
+(s/def ::profile-id ::us/uuid)
+(s/def ::all-projects
+  (s/keys :req-un [::profile-id]))
+
+(sv/defmethod ::all-projects
+  [{:keys [pool]} {:keys [profile-id]}]
+  (with-open [conn (db/open pool)]
+    (retrieve-all-projects conn profile-id)))
+
+(def sql:all-projects
+  "select p1.*, t.name as team_name, t.is_default as is_default_team
+     from project as p1
+    inner join team as t
+            on t.id = p1.team_id
+    where t.id in (select team_id
+                     from team_profile_rel as tpr
+                    where tpr.profile_id = ?
+                      and (tpr.can_edit = true or
+                           tpr.is_owner = true or
+                           tpr.is_admin = true))
+      and p1.deleted_at is null
+   union
+   select p2.*, t.name as team_name, t.is_default as is_default_team
+     from project as p2
+    inner join team as t
+              on t.id = p2.team_id
+    where p2.id in (select project_id
+                     from project_profile_rel as ppr
+                    where ppr.profile_id = ?
+                      and (ppr.can_edit = true or
+                           ppr.is_owner = true or
+                           ppr.is_admin = true))
+      and p2.deleted_at is null
+    order by team_name, name;")
+
+(defn retrieve-all-projects
+  [conn profile-id]
+  (db/exec! conn [sql:all-projects profile-id profile-id]))
+
+
 ;; --- Query: Project

 (s/def ::id ::us/uuid)
@@ -94,3 +135,4 @@
    (let [project (db/get-by-id conn :project id)]
      (check-read-permissions! conn profile-id id)
      project)))
+
--- a/backend/src/app/rpc/queries/recent_files.clj
+++ b/backend/src/app/rpc/queries/recent_files.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.rpc.queries.recent-files
  (:require
@@ -27,7 +24,7 @@
     window w as (partition by f.project_id order by f.modified_at desc)
      order by f.modified_at desc
   )
-   select * from recent_files where row_num <= 6;")
+   select * from recent_files where row_num <= 10;")

 (s/def ::team-id ::us/uuid)
 (s/def ::profile-id ::us/uuid)
--- a/backend/src/app/rpc/queries/svg.clj
+++ b/backend/src/app/rpc/queries/svg.clj
@@ -0,0 +1,58 @@
+;; This Source Code Form is subject to the terms of the Mozilla Public
+;; License, v. 2.0. If a copy of the MPL was not distributed with this
+;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
+;;
+;; Copyright (c) UXBOX Labs SL
+
+(ns app.rpc.queries.svg
+  (:require
+   [app.common.exceptions :as ex]
+   [app.common.spec :as us]
+   [app.util.logging :as l]
+   [app.util.services :as sv]
+   [clojure.spec.alpha :as s]
+   [clojure.xml :as xml]
+   [cuerdas.core :as str])
+  (:import
+   javax.xml.XMLConstants
+   javax.xml.parsers.SAXParserFactory
+   org.apache.commons.io.IOUtils))
+
+(defn- secure-parser-factory
+  [s ch]
+  (.. (doto (SAXParserFactory/newInstance)
+        (.setFeature XMLConstants/FEATURE_SECURE_PROCESSING true)
+        (.setFeature "http://apache.org/xml/features/disallow-doctype-decl" true))
+      (newSAXParser)
+      (parse s ch)))
+
+(defn parse
+  [data]
+  (try
+    (with-open [istream (IOUtils/toInputStream data "UTF-8")]
+      (xml/parse istream secure-parser-factory))
+    (catch Exception e
+      (l/warn :hint "error on processing svg"
+              :message (ex-message e))
+      (ex/raise :type :validation
+                :code :invalid-svg-file
+                :cause e))))
+
+(declare pre-process)
+
+(s/def ::data ::us/string)
+(s/def ::parsed-svg (s/keys :req-un [::data]))
+
+(sv/defmethod ::parsed-svg
+  [_ {:keys [data] :as params}]
+  (->> data pre-process parse))
+
+;; --- PROCESSORS
+
+(defn strip-doctype
+  [data]
+  (cond-> data
+    (str/includes? data "<!DOCTYPE")
+    (str/replace #"<\!DOCTYPE[^>]+>" "")))
+
+(def pre-process strip-doctype)
--- a/backend/src/app/rpc/queries/teams.clj
+++ b/backend/src/app/rpc/queries/teams.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.rpc.queries.teams
  (:require
--- a/backend/src/app/rpc/queries/viewer.clj
+++ b/backend/src/app/rpc/queries/viewer.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.rpc.queries.viewer
  (:require
--- a/backend/src/app/setup.clj
+++ b/backend/src/app/setup.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.setup
  "Initial data setup of instance."
--- a/backend/src/app/setup/initial_data.clj
+++ b/backend/src/app/setup/initial_data.clj
@@ -2,24 +2,17 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.setup.initial-data
  (:refer-clojure :exclude [load])
  (:require
-   [app.common.data :as d]
-   [app.common.pages.migrations :as pmg]
   [app.common.uuid :as uuid]
   [app.config :as cfg]
   [app.db :as db]
-   [app.rpc.mutations.projects :as projects]
-   [app.rpc.queries.profile :as profile]
-   [app.util.blob :as blob]
-   [app.util.time :as dt]
-   [clojure.walk :as walk]))
+   [app.rpc.mutations.management :refer [duplicate-file]]
+   [app.rpc.mutations.projects :refer [create-project create-project-role]]
+   [app.rpc.queries.profile :as profile]))

 ;; --- DUMP GENERATION

@@ -62,58 +55,6 @@

 ;; --- DUMP LOADING

-(defn- process-file
-  [file index]
-  (letfn [(process-form [form]
-            (cond-> form
-              ;; Relink Components
-              (and (map? form)
-                   (uuid? (:component-file form)))
-              (update :component-file #(get index % %))
-
-              ;; Relink Image Shapes
-              (and (map? form)
-                   (map? (:metadata form))
-                   (= :image (:type form)))
-              (update-in [:metadata :id] #(get index % %))))
-
-          ;; A function responsible to analize all file data and
-          ;; replace the old :component-file reference with the new
-          ;; ones, using the provided file-index
-          (relink-shapes [data]
-            (walk/postwalk process-form data))
-
-          ;; A function responsible of process the :media attr of file
-          ;; data and remap the old ids with the new ones.
-          (relink-media [media]
-            (reduce-kv (fn [res k v]
-                         (let [id (get index k)]
-                           (if (uuid? id)
-                             (-> res
-                                 (assoc id (assoc v :id id))
-                                 (dissoc k))
-                             res)))
-                       media
-                       media))]
-
-    (update file :data
-            (fn [data]
-              (-> data
-                  (blob/decode)
-                  (assoc :id (:id file))
-                  (pmg/migrate-data)
-                  (update :pages-index relink-shapes)
-                  (update :components relink-shapes)
-                  (update :media relink-media)
-                  (d/without-nils)
-                  (blob/encode))))))
-
-(defn- remap-id
-  [item index key]
-  (cond-> item
-    (contains? item key)
-    (assoc key (get index (get item key) (get item key)))))
-
 (defn- retrieve-data
  [conn skey]
  (when-let [row (db/exec-one! conn ["select content from server_prop where id = ?" skey])]
@@ -127,60 +68,26 @@
   (let [skey (or (:skey opts) (cfg/get :initial-project-skey))
         data (retrieve-data conn skey)]
     (when data
-       (let [project (projects/create-project conn {:profile-id (:id profile)
-                                                    :team-id (:default-team-id profile)
-                                                    :name (:project-name data)})
+       (let [index   (reduce #(assoc %1 (:id %2) (uuid/next)) {} (:files data))
+             project {:id (uuid/next)
+                      :profile-id (:id profile)
+                      :team-id (:default-team-id profile)
+                      :name (:project-name data)}]

-             now     (dt/now)
-             ignore  (dt/plus now (dt/duration {:seconds 5}))
-             index   (as-> {} index
-                       (reduce #(assoc %1 (:id %2) (uuid/next)) index (:files data))
-                       (reduce #(assoc %1 (:id %2) (uuid/next)) index (:fmeds data)))
+         (db/exec-one! conn ["SET CONSTRAINTS ALL DEFERRED"])

-             flibs   (->> (:flibs data)
-                          (map #(remap-id % index :file-id))
-                          (map #(remap-id % index :library-file-id))
-                          (map #(assoc % :synced-at now))
-                          (map #(assoc % :created-at now)))
+         (create-project conn project)
+         (create-project-role conn {:project-id (:id project)
+                                    :profile-id (:id profile)
+                                    :role :owner})

-             files   (->> (:files data)
-                          (map #(assoc % :id (get index (:id %))))
-                          (map #(assoc % :project-id (:id project)))
-                          (map #(assoc % :created-at now))
-                          (map #(assoc % :modified-at now))
-                          (map #(assoc % :ignore-sync-until ignore))
-                          (map #(process-file % index)))
-
-             fmeds   (->> (:fmeds data)
-                          (map #(assoc % :id (get index (:id %))))
-                          (map #(assoc % :created-at now))
-                          (map #(remap-id % index :file-id)))
-
-             fprofs  (map #(array-map :file-id (:id %)
-                                      :profile-id (:id profile)
-                                      :is-owner true
-                                      :is-admin true
-                                      :can-edit true) files)]
-
-       (projects/create-project-profile conn {:project-id (:id project)
-                                              :profile-id (:id profile)})
-
-       (projects/create-team-project-profile conn {:team-id (:default-team-id profile)
-                                                   :project-id (:id project)
-                                                   :profile-id (:id profile)})
-
-       ;; Re-insert into the database
-       (doseq [params files]
-         (db/insert! conn :file params))
-
-       (doseq [params fprofs]
-         (db/insert! conn :file-profile-rel params))
-
-       (doseq [params flibs]
-         (db/insert! conn :file-library-rel params))
-
-       (doseq [params fmeds]
-         (db/insert! conn :file-media-object params)))))))
+         (doseq [file (:files data)]
+           (let [params {:profile-id (:id profile)
+                         :project-id (:id project)
+                         :file file
+                         :index index}
+                 opts   {:reset-shared-flag false}]
+             (duplicate-file conn params opts))))))))

 (defn load
  [system {:keys [email] :as opts}]
--- a/backend/src/app/srepl.clj
+++ b/backend/src/app/srepl.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.srepl
  "Server Repl."
--- a/backend/src/app/storage.clj
+++ b/backend/src/app/storage.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.storage
  "File Storage abstraction layer."
@@ -19,10 +16,10 @@
   [app.storage.fs :as sfs]
   [app.storage.impl :as impl]
   [app.storage.s3 :as ss3]
+   [app.util.logging :as l]
   [app.util.time :as dt]
   [app.worker :as wrk]
   [clojure.spec.alpha :as s]
-   [clojure.tools.logging :as log]
   [cuerdas.core :as str]
   [datoteka.core :as fs]
   [integrant.core :as ig]
@@ -310,7 +307,9 @@
              (run! (partial delete-in-bulk conn) groups)
              (recur (+ n ^long total)))
            (do
-              (log/infof "gc-deleted: processed %s items" n)
+              (l/info :task "gc-deleted"
+                      :action "permanently delete items"
+                      :count n)
              {:deleted n})))))))

 (def sql:retrieve-deleted-objects
@@ -382,7 +381,12 @@
              (recur (+ cntf (count to-freeze))
                     (+ cntd (count to-delete))))
            (do
-              (log/infof "gc-touched: %s objects marked as freeze and %s marked to be deleted" cntf cntd)
+              (l/info :task "gc-touched"
+                      :action "mark freeze"
+                      :count cntf)
+              (l/info :task "gc-touched"
+                      :action "mark for deletion"
+                      :count cntd)
              {:freeze cntf :delete cntd})))))))

 (def sql:retrieve-touched-objects
@@ -459,7 +463,10 @@
              (recur (+ n (count all))
                     (+ d (count to-delete))))
            (do
-              (log/infof "recheck: processed %s items, %s deleted" n d)
+              (l/info :task "recheck"
+                      :action "recheck items"
+                      :processed n
+                      :deleted n)
              {:processed n :deleted d})))))))

 (def sql:retrieve-pending-to-recheck
--- a/backend/src/app/storage/db.clj
+++ b/backend/src/app/storage/db.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.storage.db
  (:require
--- a/backend/src/app/storage/fs.clj
+++ b/backend/src/app/storage/fs.clj
@@ -2,22 +2,19 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.storage.fs
  (:require
   [app.common.exceptions :as ex]
   [app.common.spec :as us]
+   [app.common.uri :as u]
   [app.storage.impl :as impl]
   [clojure.java.io :as io]
   [clojure.spec.alpha :as s]
   [cuerdas.core :as str]
   [datoteka.core :as fs]
-   [integrant.core :as ig]
-   [lambdaisland.uri :as u])
+   [integrant.core :as ig])
  (:import
   java.io.InputStream
   java.io.OutputStream
@@ -43,7 +40,7 @@
             :uri (u/uri (str "file://" dir))))))

 (s/def ::type ::us/keyword)
-(s/def ::uri #(instance? lambdaisland.uri.URI %))
+(s/def ::uri u/uri?)
 (s/def ::backend
  (s/keys :req-un [::type ::directory ::uri]))

--- a/backend/src/app/storage/impl.clj
+++ b/backend/src/app/storage/impl.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.storage.impl
  "Storage backends abstraction layer."
--- a/backend/src/app/storage/s3.clj
+++ b/backend/src/app/storage/s3.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.storage.s3
  "Storage backends abstraction layer."
@@ -13,12 +10,12 @@
   [app.common.data :as d]
   [app.common.exceptions :as ex]
   [app.common.spec :as us]
+   [app.common.uri :as u]
   [app.storage.impl :as impl]
   [app.util.time :as dt]
   [clojure.java.io :as io]
   [clojure.spec.alpha :as s]
-   [integrant.core :as ig]
-   [lambdaisland.uri :as u])
+   [integrant.core :as ig])
  (:import
   java.time.Duration
   java.util.Collection
--- a/backend/src/app/svgparse.clj
+++ b/backend/src/app/svgparse.clj
@@ -1,136 +0,0 @@
-;; This Source Code Form is subject to the terms of the Mozilla Public
-;; License, v. 2.0. If a copy of the MPL was not distributed with this
-;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
-;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
-
-(ns app.svgparse
-  (:require
-   [app.common.exceptions :as ex]
-   [app.metrics :as mtx]
-   [app.util.graal :as graal]
-   [app.util.pool :as pool]
-   [clojure.java.io :as io]
-   [clojure.spec.alpha :as s]
-   [clojure.xml :as xml]
-   [integrant.core :as ig])
-  (:import
-   java.util.function.Consumer
-   org.apache.commons.io.IOUtils))
-
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;; SVG Clean
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-
-(declare clean-svg)
-(declare prepare-context-pool)
-
-(defmethod ig/pre-init-spec ::svgc [_]
-  (s/keys :req-un [::mtx/metrics]))
-
-(defmethod ig/init-key ::svgc
-  [_ {:keys [metrics] :as cfg}]
-  (let [pool    (prepare-context-pool cfg)
-        cfg     (assoc cfg :pool pool)
-        handler #(clean-svg cfg %)
-        handler (->> {:registry (:registry metrics)
-                      :type :summary
-                      :name "svgc_timing"
-                      :help "svg optimization function timing"}
-                     (mtx/instrument handler))]
-    (with-meta handler {::pool pool})))
-
-(defmethod ig/halt-key! ::svgc
-  [_ f]
-  (let [{:keys [::pool]} (meta f)]
-    (pool/clear! pool)
-    (pool/close! pool)))
-
-(defn- prepare-context-pool
-  [cfg]
-  (pool/create
-   {:min-idle  (:min-idle cfg 0)
-    :max-idle  (:max-idle cfg 3)
-    :max-total (:max-total cfg 3)
-    :create
-    (fn []
-      (let [ctx (graal/context "js")]
-        (->> (graal/source "js" (io/resource "svgclean.js"))
-             (graal/eval! ctx))
-        ctx))
-    :destroy
-    (fn [ctx]
-      (graal/close! ctx))}))
-
-(defn- clean-svg
-  [{:keys [pool]} data]
-  (with-open [ctx (pool/acquire pool)]
-    (let [res      (promise)
-          optimize (-> (graal/get-bindings @ctx "js")
-                       (graal/get-member "svgc")
-                       (graal/get-member "optimize"))
-          resultp (graal/invoke optimize data)]
-
-      (graal/invoke-member resultp "then"
-                           (reify Consumer
-                             (accept [_ val]
-                               (deliver res val))))
-
-      (graal/invoke-member resultp "catch"
-                           (reify Consumer
-                             (accept [_ err]
-                               (deliver res err))))
-
-      (let [result (deref res)]
-        (if (instance? Throwable result)
-          (throw result)
-          result)))))
-
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;; Handler
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-
-(declare handler)
-(declare process-request)
-
-(s/def ::svgc fn?)
-
-(defmethod ig/pre-init-spec ::handler [_]
-  (s/keys :req-un [::mtx/metrics ::svgc]))
-
-(defmethod ig/init-key ::handler
-  [_ {:keys [metrics] :as cfg}]
-  (let [handler #(handler cfg %)]
-    (->> {:registry (:registry metrics)
-          :type :summary
-          :name "http_handler_svgparse_timing"
-          :help "svg parse timings"}
-         (mtx/instrument handler))))
-
-(defn- handler
-  [cfg {:keys [headers body] :as request}]
-  (when (not= "image/svg+xml" (get headers "content-type"))
-    (ex/raise :type :validation
-              :code :unsupported-mime-type
-              :mime (get headers "content-type")))
-  {:status 200
-   :body (process-request cfg body)})
-
-(defn parse
-  [data]
-  (try
-    (with-open [istream (IOUtils/toInputStream data "UTF-8")]
-      (xml/parse istream))
-    (catch Exception _e
-      (ex/raise :type :validation
-                :code :invalid-svg-file))))
-
-(defn process-request
-  [{:keys [svgc] :as cfg} body]
-  (let [data (slurp body)
-        data (svgc data)]
-    (parse data)))
-
--- a/backend/src/app/tasks.clj
+++ b/backend/src/app/tasks.clj
@@ -1,110 +0,0 @@
-;; This Source Code Form is subject to the terms of the Mozilla Public
-;; License, v. 2.0. If a copy of the MPL was not distributed with this
-;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
-;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
-
-(ns app.tasks
-  (:require
-   [app.common.spec :as us]
-   [app.common.uuid :as uuid]
-   [app.db :as db]
-   [app.metrics :as mtx]
-   [app.util.time :as dt]
-   [app.worker]
-   [clojure.spec.alpha :as s]
-   [clojure.tools.logging :as log]
-   [integrant.core :as ig]))
-
-(s/def ::name ::us/string)
-(s/def ::delay
-  (s/or :int ::us/integer
-        :duration dt/duration?))
-(s/def ::queue ::us/string)
-
-(s/def ::task-options
-  (s/keys :req-un [::name]
-          :opt-un [::delay ::props ::queue]))
-
-(def ^:private sql:insert-new-task
-  "insert into task (id, name, props, queue, priority, max_retries, scheduled_at)
-   values (?, ?, ?, ?, ?, ?, clock_timestamp() + ?)
-   returning id")
-
-(defn submit!
-  [conn {:keys [name delay props queue priority max-retries]
-         :or {delay 0 props {} queue "default" priority 100 max-retries 3}
-         :as options}]
-  (us/verify ::task-options options)
-  (let [duration  (dt/duration delay)
-        interval  (db/interval duration)
-        props     (db/tjson props)
-        id        (uuid/next)]
-    (log/debugf "submit task '%s' to be executed in '%s'" name (str duration))
-    (db/exec-one! conn [sql:insert-new-task id name props queue priority max-retries interval])
-    id))
-
-(defn- instrument!
-  [registry]
-  (mtx/instrument-vars!
-   [#'submit!]
-   {:registry registry
-    :type :counter
-    :labels ["name"]
-    :name "tasks_submit_counter"
-    :help "An absolute counter of task submissions."
-    :wrap (fn [rootf mobj]
-            (let [mdata (meta rootf)
-                  origf (::original mdata rootf)]
-              (with-meta
-                (fn [conn params]
-                  (let [tname (:name params)]
-                    (mobj :inc [tname])
-                    (origf conn params)))
-                {::original origf})))})
-
-  (mtx/instrument-vars!
-   [#'app.worker/run-task]
-   {:registry registry
-    :type :summary
-    :quantiles []
-    :name "tasks_checkout_timing"
-    :help "Latency measured between scheduld_at and execution time."
-    :wrap (fn [rootf mobj]
-            (let [mdata (meta rootf)
-                  origf (::original mdata rootf)]
-              (with-meta
-                (fn [tasks item]
-                  (let [now (inst-ms (dt/now))
-                        sat (inst-ms (:scheduled-at item))]
-                    (mobj :observe (- now sat))
-                    (origf tasks item)))
-                {::original origf})))}))
-
-;; --- STATE INIT: REGISTRY
-
-(s/def ::tasks
-  (s/map-of keyword? fn?))
-
-(defmethod ig/pre-init-spec ::registry [_]
-  (s/keys :req-un [::mtx/metrics ::tasks]))
-
-(defmethod ig/init-key ::registry
-  [_ {:keys [metrics tasks]}]
-  (instrument! (:registry metrics))
-  (let [mobj (mtx/create
-              {:registry (:registry metrics)
-               :type :summary
-               :labels ["name"]
-               :quantiles []
-               :name "tasks_timing"
-               :help "Background task execution timing."})]
-    (reduce-kv (fn [res k v]
-                 (let [tname (name k)]
-                   (log/debugf "registring task '%s'" tname)
-                   (assoc res tname (mtx/wrap-summary v mobj [tname]))))
-               {}
-               tasks)))
--- a/backend/src/app/tasks/delete_object.clj
+++ b/backend/src/app/tasks/delete_object.clj
@@ -2,18 +2,16 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.tasks.delete-object
  "Generic task for permanent deletion of objects."
  (:require
+   [app.common.data :as d]
   [app.common.spec :as us]
   [app.db :as db]
+   [app.util.logging :as l]
   [clojure.spec.alpha :as s]
-   [clojure.tools.logging :as log]
   [integrant.core :as ig]))

 (declare handle-deletion)
@@ -37,7 +35,8 @@

 (defmethod handle-deletion :default
  [_conn {:keys [type]}]
-  (log/warnf "no handler found for '%s'" type))
+  (l/warn :hint "no handler found"
+          :type (d/name type)))

 (defmethod handle-deletion :file
  [conn {:keys [id] :as props}]
--- a/backend/src/app/tasks/delete_profile.clj
+++ b/backend/src/app/tasks/delete_profile.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.tasks.delete-profile
  "Task for permanent deletion of profiles."
@@ -13,8 +10,8 @@
   [app.common.spec :as us]
   [app.db :as db]
   [app.db.sql :as sql]
+   [app.util.logging :as l]
   [clojure.spec.alpha :as s]
-   [clojure.tools.logging :as log]
   [integrant.core :as ig]))

 (declare delete-profile-data)
@@ -47,7 +44,8 @@
        (if (or (:is-demo profile)
                (:deleted-at profile))
          (delete-profile-data conn id)
-          (log/warnf "profile '%s' does not match constraints for deletion" id))))))
+          (l/warn :hint "profile does not match constraints for deletion"
+                  :profile-id id))))))

 ;; --- IMPL

@@ -70,7 +68,8 @@

 (defn- delete-profile-data
  [conn profile-id]
-  (log/debugf "proceding to delete all data related to profile '%s'" profile-id)
+  (l/debug :action "delete profile"
+           :profile-id profile-id)
  (delete-teams conn profile-id)
  (delete-profile conn profile-id)
  true)
--- a/backend/src/app/tasks/file_media_gc.clj
+++ b/backend/src/app/tasks/file_media_gc.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.tasks.file-media-gc
  "A maintenance task that is responsible to purge the unused media
@@ -15,9 +12,9 @@
   [app.common.pages.migrations :as pmg]
   [app.db :as db]
   [app.util.blob :as blob]
+   [app.util.logging :as l]
   [app.util.time :as dt]
   [clojure.spec.alpha :as s]
-   [clojure.tools.logging :as log]
   [integrant.core :as ig]))

 (declare process-file)
@@ -40,7 +37,7 @@
                (run! (partial process-file cfg) files)
                (recur (+ n (count files))))
              (do
-                (log/debugf "finalized with total of %s processed files" n)
+                (l/debug :msg "finished processing files" :processed n)
                {:processed n}))))))))

 (def ^:private
@@ -88,7 +85,10 @@
        unused (->> (db/query conn :file-media-object {:file-id id})
                    (remove #(contains? used (:id %))))]

-    (log/debugf "processing file: id='%s' age='%s' to-delete=%s" id age (count unused))
+    (l/debug :action "processing file"
+             :id id
+             :age age
+             :to-delete (count unused))

    ;; Mark file as trimmed
    (db/update! conn :file
@@ -96,8 +96,10 @@
                {:id id})

    (doseq [mobj unused]
-      (log/debugf "deleting media object: id='%s' media-id='%s' thumb-id='%s'"
-                  (:id mobj) (:media-id mobj) (:thumbnail-id mobj))
+      (l/debug :action "deleting media object"
+               :id (:id mobj)
+               :media-id (:media-id mobj)
+               :thumbnail-id (:thumbnail-id mobj))
      ;; NOTE: deleting the file-media-object in the database
      ;; automatically marks as toched the referenced storage objects.
      (db/delete! conn :file-media-object {:id (:id mobj)}))
--- a/backend/src/app/tasks/file_xlog_gc.clj
+++ b/backend/src/app/tasks/file_xlog_gc.clj
@@ -2,19 +2,16 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.tasks.file-xlog-gc
  "A maintenance task that performs a garbage collection of the file
  change (transaction) log."
  (:require
   [app.db :as db]
+   [app.util.logging :as l]
   [app.util.time :as dt]
   [clojure.spec.alpha :as s]
-   [clojure.tools.logging :as log]
   [integrant.core :as ig]))

 (declare sql:delete-files-xlog)
@@ -31,7 +28,7 @@
      (let [interval (db/interval max-age)
            result   (db/exec-one! conn [sql:delete-files-xlog interval])
            result   (:next.jdbc/update-count result)]
-        (log/debugf "removed %s rows from file-change table" result)
+        (l/debug :action "trim file-change table" :removed result)
        result))))

 (def ^:private
--- a/backend/src/app/tasks/sendmail.clj
+++ b/backend/src/app/tasks/sendmail.clj
@@ -1,58 +0,0 @@
-;; This Source Code Form is subject to the terms of the Mozilla Public
-;; License, v. 2.0. If a copy of the MPL was not distributed with this
-;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
-;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
-
-(ns app.tasks.sendmail
-  (:require
-   [app.config :as cfg]
-   [app.util.emails :as emails]
-   [clojure.spec.alpha :as s]
-   [clojure.tools.logging :as log]
-   [integrant.core :as ig]))
-
-(declare send-console!)
-
-(s/def ::username ::cfg/smtp-username)
-(s/def ::password ::cfg/smtp-password)
-(s/def ::tls ::cfg/smtp-tls)
-(s/def ::ssl ::cfg/smtp-ssl)
-(s/def ::host ::cfg/smtp-host)
-(s/def ::port ::cfg/smtp-port)
-(s/def ::default-reply-to ::cfg/smtp-default-reply-to)
-(s/def ::default-from ::cfg/smtp-default-from)
-(s/def ::enabled ::cfg/smtp-enabled)
-
-(defmethod ig/pre-init-spec ::handler [_]
-  (s/keys :req-un [::enabled]
-          :opt-un [::username
-                   ::password
-                   ::tls
-                   ::ssl
-                   ::host
-                   ::port
-                   ::default-from
-                   ::default-reply-to]))
-
-(defmethod ig/init-key ::handler
-  [_ cfg]
-  (fn [{:keys [props] :as task}]
-    (if (:enabled cfg)
-      (emails/send! cfg props)
-      (send-console! cfg props))))
-
-(defn- send-console!
-  [cfg email]
-  (let [baos (java.io.ByteArrayOutputStream.)
-        mesg (emails/smtp-message cfg email)]
-    (.writeTo mesg baos)
-    (let [out (with-out-str
-                (println "email console dump:")
-                (println "******** start email" (:id email) "**********")
-                (println (.toString baos))
-                (println "******** end email "(:id email) "**********"))]
-      (log/info out))))
--- a/backend/src/app/tasks/tasks_gc.clj
+++ b/backend/src/app/tasks/tasks_gc.clj
@@ -2,19 +2,16 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.tasks.tasks-gc
  "A maintenance task that performs a cleanup of already executed tasks
  from the database table."
  (:require
   [app.db :as db]
+   [app.util.logging :as l]
   [app.util.time :as dt]
   [clojure.spec.alpha :as s]
-   [clojure.tools.logging :as log]
   [integrant.core :as ig]))

 (declare sql:delete-completed-tasks)
@@ -31,7 +28,7 @@
      (let [interval (db/interval max-age)
            result   (db/exec-one! conn [sql:delete-completed-tasks interval])
            result   (:next.jdbc/update-count result)]
-        (log/debugf "removed %s rows from tasks-completed table" result)
+        (l/debug :action "trim completed tasks table" :removed result)
        result))))

 (def ^:private
--- a/backend/src/app/tasks/telemetry.clj
+++ b/backend/src/app/tasks/telemetry.clj
@@ -2,16 +2,14 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.tasks.telemetry
  "A task that is reponsible to collect anonymous statistical
  information about the current instance and send it to the telemetry
  server."
  (:require
+   [app.common.data :as d]
   [app.common.exceptions :as ex]
   [app.common.spec :as us]
   [app.config :as cfg]
@@ -32,7 +30,6 @@
 (s/def ::sprops
  (s/keys :req-un [::instance-id]))

-
 (defmethod ig/pre-init-spec ::handler [_]
  (s/keys :req-un [::db/pool ::version ::uri ::sprops]))

@@ -128,11 +125,16 @@

 (defn- retrieve-stats
  [{:keys [conn version]}]
-  (merge
-   {:version version
-    :with-taiga  (:telemetry-with-taiga cfg/config false)
-    :total-teams (retrieve-num-teams conn)
-    :total-projects (retrieve-num-projects conn)
-    :total-files (retrieve-num-files conn)}
-   (retrieve-team-averages conn)
-   (retrieve-jvm-stats)))
+  (let [referer (if (cfg/get :telemetry-with-taiga)
+                  "taiga"
+                  (cfg/get :telemetry-referer))]
+    (-> {:version        version
+         :referer        referer
+         :total-teams    (retrieve-num-teams conn)
+         :total-projects (retrieve-num-projects conn)
+         :total-files    (retrieve-num-files conn)}
+        (d/merge
+         (retrieve-team-averages conn)
+         (retrieve-jvm-stats))
+        (d/without-nils))))
+
--- a/backend/src/app/telemetry.clj
+++ b/backend/src/app/telemetry.clj
@@ -1,121 +0,0 @@
-;; This Source Code Form is subject to the terms of the Mozilla Public
-;; License, v. 2.0. If a copy of the MPL was not distributed with this
-;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
-;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
-
-(ns app.telemetry
-  (:require
-   [app.common.spec :as us]
-   [app.db :as db]
-   [app.http.middleware :refer [wrap-parse-request-body]]
-   [clojure.pprint :refer [pprint]]
-   [clojure.spec.alpha :as s]
-   [clojure.tools.logging :as log]
-   [integrant.core :as ig]
-   [promesa.exec :as px]
-   [ring.middleware.keyword-params :refer [wrap-keyword-params]]
-   [ring.middleware.params :refer [wrap-params]]))
-
-
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;; Migrations
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-
-(def sql:create-instance-table
-  "CREATE TABLE IF NOT EXISTS telemetry.instance (
-    id uuid PRIMARY KEY,
-    created_at timestamptz NOT NULL DEFAULT now()
-  );")
-
-(def sql:create-info-table
-  "CREATE TABLE telemetry.info (
-     instance_id uuid,
-     created_at timestamptz NOT NULL DEFAULT clock_timestamp(),
-     data jsonb NOT NULL,
-
-     PRIMARY KEY (instance_id, created_at)
-  ) PARTITION BY RANGE(created_at);
-
-  CREATE TABLE telemetry.info_default (LIKE telemetry.info INCLUDING ALL);
-
-  ALTER TABLE telemetry.info
-    ATTACH PARTITION telemetry.info_default DEFAULT;")
-
-(def migrations
-  [{:name "0001-add-telemetry-schema"
-    :fn #(db/exec! % ["CREATE SCHEMA IF NOT EXISTS telemetry;"])}
-
-   {:name "0002-add-instance-table"
-    :fn #(db/exec! % [sql:create-instance-table])}
-
-   {:name "0003-add-info-table"
-    :fn #(db/exec! % [sql:create-info-table])}
-
-   {:name "0004-del-instance-table"
-    :fn #(db/exec! % ["DROP TABLE telemetry.instance;"])}])
-
-(defmethod ig/init-key ::migrations [_ _] migrations)
-
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;; Router Handler
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-
-(declare handler)
-(declare process-request)
-
-(defmethod ig/init-key ::handler
-  [_ cfg]
-  (-> (partial handler cfg)
-      (wrap-keyword-params)
-      (wrap-params)
-      (wrap-parse-request-body)))
-
-(s/def ::instance-id ::us/uuid)
-(s/def ::params (s/keys :req-un [::instance-id]))
-
-(defn handler
-  [{:keys [executor] :as cfg} {:keys [params] :as request}]
-  (try
-    (let [params (us/conform ::params params)
-          cfg    (assoc cfg
-                        :instance-id (:instance-id params)
-                        :data (dissoc params :instance-id))]
-      (px/run! executor (partial process-request cfg)))
-    (catch Exception e
-      ;; We don't want notify user of a error, just log it for posible
-      ;; future investigation.
-      (log/warn e (str "unexpected error on telemetry:\n"
-                       (when-let [edata (ex-data e)]
-                         (str "ex-data: \n"
-                              (with-out-str (pprint edata))))
-                       (str "params: \n"
-                            (with-out-str (pprint params)))))))
-  {:status 200
-   :body "OK\n"})
-
-
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;; Request Processing
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-
-(def sql:insert-instance-info
-  "insert into telemetry.info (instance_id, data, created_at)
-   values (?, ?, date_trunc('day', now()))
-       on conflict (instance_id, created_at)
-       do update set data = ?")
-
-(defn- process-request
-  [{:keys [pool instance-id data]}]
-  (try
-    (db/with-atomic [conn pool]
-      (let [data (db/json data)]
-        (db/exec! conn [sql:insert-instance-info
-                        instance-id
-                        data
-                        data])))
-    (catch Exception e
-      (log/errorf e "error on procesing request"))))
--- a/backend/src/app/tokens.clj
+++ b/backend/src/app/tokens.clj
@@ -2,10 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2020-2021 UXBOX Labs SL
+;; Copyright (c) UXBOX Labs SL

 (ns app.tokens
  "Tokens generation service."
--- a/backend/src/app/util/async.clj
+++ b/backend/src/app/util/async.clj
@@ -2,7 +2,7 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; Copyright (c) 2020 Andrey Antukh <niwi@niwi.nz>
+;; Copyright (c) UXBOX Labs SL

 (ns app.util.async
  (:require
--- a/backend/src/app/util/blob.clj
+++ b/backend/src/app/util/blob.clj
@@ -2,16 +2,13 @@
 ;; License, v. 2.0. If a copy of the MPL was not distributed with this
 ;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ;;
-;; This Source Code Form is "Incompatible With Secondary Licenses", as
-;; defined by the Mozilla Public License, v. 2.0.
-;;
-;; Copyright (c) 2016-2020 Andrey Antukh <niwi@niwi.nz>
+;; Copyright (c) UXBOX Labs SL

 (ns app.util.blob
-  "A generic blob storage encoding. Mainly used for
-  page data, page options and txlog payload storage."
+  "A generic blob storage encoding. Mainly used for page data, page
+  options and txlog payload storage."
  (:require
-   [app.config :as cfg]
+   [app.config :as cf]
   [app.util.transit :as t]
   [taoensso.nippy :as n])
  (:import
@@ -28,19 +25,20 @@

 (declare decode-v1)
 (declare decode-v2)
+(declare decode-v3)
 (declare encode-v1)
 (declare encode-v2)
-
-(def default-version
-  (:default-blob-version cfg/config 1))
+(declare encode-v3)

 (defn encode
  ([data] (encode data nil))
-  ([data {:keys [version] :or {version default-version}}]
-   (case  (long version)
-     1 (encode-v1 data)
-     2 (encode-v2 data)
-     (throw (ex-info "unsupported version" {:version version})))))
+  ([data {:keys [version]}]
+   (let [version (or version (cf/get :default-blob-version 1))]
+     (case (long version)
+       1 (encode-v1 data)
+       2 (encode-v2 data)
+       3 (encode-v3 data)
+       (throw (ex-info "unsupported version" {:version version}))))))

 (defn decode
  "A function used for decode persisted blobs in the database."
@@ -52,6 +50,7 @@
      (case version
        1 (decode-v1 data ulen)
        2 (decode-v2 data ulen)
+        3 (decode-v3 data ulen)
        (throw (ex-info "unsupported version" {:version version}))))))

 ;; --- IMPL
@@ -100,3 +99,26 @@
    (Zstd/decompressByteArray ^bytes udata 0 ulen
                              ^bytes cdata 6 (- (alength cdata) 6))
    (n/fast-thaw udata)))
+
+(defn- encode-v3
+  [data]
+  (let [data  (t/encode data {:type :json})
+        dlen  (alength ^bytes data)
+        mlen  (Zstd/compressBound dlen)
+        cdata (byte-array mlen)
+        clen  (Zstd/compressByteArray ^bytes cdata 0 mlen
+                                      ^bytes data 0 dlen
+                                      4)]
+    (with-open [^ByteArrayOutputStream baos (ByteArrayOutputStream. (+ (alength cdata) 2 4))
+                ^DataOutputStream dos (DataOutputStream. baos)]
+      (.writeShort dos (short 3)) ;; version number
+      (.writeInt dos (int dlen))
+      (.write dos ^bytes cdata (int 0) clen)
+      (.toByteArray baos))))
+
+(defn- decode-v3
+  [^bytes cdata ^long ulen]
+  (let [udata (byte-array ulen)]
+    (Zstd/decompressByteArray ^bytes udata 0 ulen
+                              ^bytes cdata 6 (- (alength cdata) 6))
+    (t/decode udata {:type :json})))
--- a/Show More
+++ b/Show More