diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 00000000..04c2d7d8
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,81 @@
+# exclude unnecessary dirs/files
+projects
+web-app/node_modules
+server/pytest.ini
+server/test*
+server/coverage*
+server/celerybeat*
+
+.git
+.travis.yaml
+.swagger-codegen-ignore
+README.md
+tox.ini
+git_push.sh
+test-requirements.txt
+setup.py
+
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+env/
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+*.egg-info/
+.installed.cfg
+*.egg
+
+# PyInstaller
+#  Usually these files are written by a python script from a template
+#  before PyInstaller builds the exe, so as to inject date/other infos into it.
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*,cover
+.hypothesis/
+venv/
+.python-version
+
+# Translations
+*.mo
+*.pot
+
+# Django stuff:
+*.log
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+target/
+
+#Ipython Notebook
+.ipynb_checkpoints
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 00000000..f0057c6d
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,9 @@
+# demo data
+logs/
+projects/
+
+*.log
+.DS_Store
+.idea
+
+.mergin.env
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 00000000..ccb5dae5
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,64 @@
+# multistage build requires at least docker-ce 17.06
+FROM ubuntu:18.04 AS builder
+MAINTAINER Martin Varga "martin.varga@lutraconsulting.co.uk"
+
+# use some custom packages that are too obsolete in official repo
+# use node.js from nodesource PPA (for npm packages)
+RUN apt-get update -y && \
+    apt-get install -y --no-install-recommends\
+    python \
+    python-pip \
+    gnupg \
+    wget  && \
+    wget https://deb.nodesource.com/setup_10.x --no-check-certificate && \
+    bash setup_10.x && \
+    apt-get install -y --no-install-recommends\
+    nodejs && \
+    rm -rf /var/lib/apt/lists/*
+
+# server files will be merely copied from builder
+COPY ./server /mergin/server
+
+# build frontend app
+COPY ./web-app /mergin/web-app
+WORKDIR /mergin/web-app
+RUN npm install
+RUN npm run build
+
+CMD echo 'Build is finished.'
+
+FROM ubuntu:18.04
+MAINTAINER Martin Varga "martin.varga@lutraconsulting.co.uk"
+
+RUN apt-get update -y && \
+    apt-get install -y --no-install-recommends\
+    musl-dev \
+    python3 \
+    python3-pip \
+    python3-setuptools \
+    iputils-ping \
+    gcc build-essential binutils cmake extra-cmake-modules && \
+    rm -rf /var/lib/apt/lists/*
+
+
+# needed for geodiff
+RUN pip3 install --upgrade pip
+RUN ln -s /usr/lib/x86_64-linux-musl/libc.so /lib/libc.musl-x86_64.so.1
+
+# create mergin user to run container with
+RUN groupadd -r mergin -g 901
+RUN groupadd -r mergin-family -g 999
+RUN useradd -u 901 -r --home-dir /app --create-home -g mergin -G mergin-family -s /sbin/nologin  mergin
+
+WORKDIR /app
+COPY --from=builder /mergin/server .
+
+RUN pip3 install pipenv==2018.11.26
+# for locale check this http://click.pocoo.org/5/python3/
+ENV LC_ALL=C.UTF-8
+ENV LANG=C.UTF-8
+RUN pipenv install --system --deploy
+
+USER mergin
+COPY ./entrypoint.sh .
+ENTRYPOINT ["./entrypoint.sh"]
\ No newline at end of file
diff --git a/README.md b/README.md
index 7d1b5a78..f64acf47 100644
--- a/README.md
+++ b/README.md
@@ -5,5 +5,58 @@ https://public.cloudmergin.com/
 
 Store and track changes to your geo-data
 
-**This repository does not contain source code of Mergin project - it is used for tracking of feature requests and issues reported by Mergin users.**
+## Running with Docker
+Adjust configuration, e.g. replace 'fixme' entries:
+```shell
+$ cp mergin.env.template mergin.env
+```
 
+Run with docker compose:
+```shell
+$ export TAG=2021.6  # specify version
+$ docker-compose up
+$ docker exec -it mergin-server flask init-db
+$ docker exec -it mergin-server flask add-user admin topsecret --is-admin --email admin@example.com
+$ sudo chown -R  901:999 ./projects/
+$ sudo chmod g+s ./projects/
+```
+Projects are saved locally in `./projects` folder.
+
+## Running locally (for dev)
+Install dependencies and run services:
+
+```shell
+$ docker run -d --rm --name mergin_db -p 5002:5432 -e POSTGRES_PASSWORD=postgres postgres:10
+$ docker run -d --rm --name redis -p 6379:6379 redis
+```
+
+### Server
+```shell
+$ pip3 install pipenv
+$ cd server
+$ pipenv install --dev --three
+$ pipenv run flask init-db
+$ pipenv run flask add-user admin topsecret --is-admin --email admin@example.com
+$ pipenv run celery worker -A src.run_celery.celery --loglevel=info &
+$ pipenv run flask run # run dev server on port 5000
+```
+
+### Web app
+```shell
+$ sudo apt install nodejs
+$ cd web-app
+$ npm install
+$ npm run serve
+```
+and open your browser to here:
+```
+http://localhost:8080
+```
+
+## Running tests
+To launch the unit tests run:
+```shell
+$ docker run -d --rm --name testing_pg -p 5435:5432 -e POSTGRES_PASSWORD=postgres postgres:10
+$ cd server
+$ pipenv run pytest --cov-report html --cov=src test
+```
\ No newline at end of file
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 00000000..60ac4bbf
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,35 @@
+version: "3.7"
+
+services:
+  db:
+    image: postgres:10
+    container_name: mergin-db
+    ports:
+      - 5432:5432
+    environment:
+      - POSTGRES_USER=postgres
+      - POSTGRES_PASSWORD=postgres
+
+  server:
+    image: mergin:${TAG}
+    build:
+      context: .
+      dockerfile: Dockerfile
+    container_name: mergin-server
+    volumes:
+      - ./projects:/data  # map data dir to host
+    env_file:
+      - mergin.env
+    environment:
+      - VERSION=${TAG}
+    ports:
+      - 5000:5000
+    depends_on:
+      - db
+    links:
+      - db
+  redis:
+    image: redis
+    container_name: mergin-redis
+    ports:
+      - 6379:6379
diff --git a/entrypoint.sh b/entrypoint.sh
new file mode 100755
index 00000000..e7deb14f
--- /dev/null
+++ b/entrypoint.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+# make sure all files created by gunicorn (mergin server) have proper permissions
+umask 0027
+
+# We store a base config in config.py and override things as needed 
+# using the environment variable GUNICORN_CMD_ARGS.
+
+/bin/bash -c "celery beat -A src.celery --loglevel=info &"
+/bin/bash -c "celery worker -A src.run_celery.celery --loglevel=info &"
+/bin/bash -c "gunicorn --config config.py mergin:application"
+
diff --git a/mergin.env.template b/mergin.env.template
new file mode 100644
index 00000000..ce56f99e
--- /dev/null
+++ b/mergin.env.template
@@ -0,0 +1,35 @@
+SWAGGER_UI=0
+SECRET_KEY=fixme
+SECURITY_PASSWORD_SALT=fixme
+LOCAL_PROJECTS=/data
+MAINTENANCE_FILE=/data/MAINTENANCE
+USER_SELF_REGISTRATION=1
+USE_X_ACCEL=0
+GEODIFF_LOGGER_LEVEL=2
+TEMP_DIR=/data/tmp
+MERGIN_TESTING=0
+MAX_CHUNK_SIZE=10485760  # 10 MB
+TEMP_EXPIRATION=7
+DELETED_PROJECT_EXPIRATION=7
+CLOSED_ACCOUNT_EXPIRATION=1
+DEFAULT_STORAGE_SIZE=104857600 # 100 MB
+# database
+DB_USER=postgres
+DB_PASSWORD=postgres
+DB_HOST=172.17.0.1
+DB_PORT=5432
+DB_APPLICATION_NAME=mergin
+# SMTP settings
+MAIL_SUPPRESS_SEND=1  # set to 0 in production
+MAIL_SERVER=fixme
+MAIL_DEFAULT_SENDER=fixme
+MAIL_USERNAME=fixme
+# for email templates
+MERGIN_BASE_URL=your-server-url
+MERGIN_LOGO_URL=""
+CONTACT_EMAIL=fix-me
+# integration with slack
+SLACK_HOOK_URL=fixme
+# integration with celery and redis
+CELERY_BROKER_URL="redis://172.17.0.1:6379/0"
+CELERY_RESULT_BACKEND="redis://172.17.0.1:6379/0"
diff --git a/server/.coveragerc b/server/.coveragerc
new file mode 100644
index 00000000..fc5e49f0
--- /dev/null
+++ b/server/.coveragerc
@@ -0,0 +1,18 @@
+# .coveragerc to control coverage.py
+[run]
+omit =
+    # omit auto-generated files
+    src/models/base_model_.py
+    src/encoder.py
+    src/util.py
+    src/auth/commands.py
+    # omit test dir
+    src/test/*
+
+[report]
+exclude_lines =
+    pragma: no cover
+    raise NotImplementedError
+
+[html]
+directory = coverage_html_report
\ No newline at end of file
diff --git a/server/.env b/server/.env
new file mode 100644
index 00000000..2fd1681e
--- /dev/null
+++ b/server/.env
@@ -0,0 +1,2 @@
+FLASK_APP=commands.py
+GEODIFF_LOGGER_LEVEL="2"
diff --git a/server/.gitignore b/server/.gitignore
new file mode 100644
index 00000000..829c1dbc
--- /dev/null
+++ b/server/.gitignore
@@ -0,0 +1,80 @@
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+env/
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+*.egg-info/
+.installed.cfg
+*.egg
+
+# PyInstaller
+#  Usually these files are written by a python script from a template
+#  before PyInstaller builds the exe, so as to inject date/other infos into it.
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*,cover
+.hypothesis/
+venv/
+.python-version
+
+# Translations
+*.mo
+*.pot
+
+# Django stuff:
+*.log
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+target/
+
+#Ipython Notebook
+.ipynb_checkpoints
+
+.pytest_cache/
+
+# report from pytest, dir defined in .coveragerc
+coverage_html_report
+
+# autogenerated template from web-app
+src/templates/app.html
+
+pygeodiff
+
+# related to local deployment
+src/version.py
+deployment/grafana-database/
+celerybeat-schedule
+celerybeat.pid
diff --git a/server/.test.env b/server/.test.env
new file mode 100644
index 00000000..abee15b5
--- /dev/null
+++ b/server/.test.env
@@ -0,0 +1,15 @@
+DB_USER=postgres
+DB_PASSWORD=postgres
+DB_HOST=localhost
+DB_PORT=5435
+LOCAL_PROJECTS=/tmp
+TESTING=1
+MAIL_SUPPRESS_SEND=1
+WTF_CSRF_ENABLED=0
+CELERY_BROKER_URL='memory://'
+CELERY_RESULT_BACKEND=''
+MAIL_DEFAULT_SENDER='test@test.com'
+MERGIN_STAGING=0
+TEMP_DIR=/tmp/mergin_tmp
+MERGIN_SUBSCRIPTIONS=0
+MERGIN_TESTING=1
diff --git a/server/Pipfile b/server/Pipfile
new file mode 100644
index 00000000..4ab6a0af
--- /dev/null
+++ b/server/Pipfile
@@ -0,0 +1,51 @@
+[[source]]
+url = "https://pypi.org/simple"
+verify_ssl = true
+name = "pypi"
+
+[packages]
+connexion = {extras = ["swagger-ui"],version = "==2.7.0"}
+python-dateutil = "==2.6.0"
+flask-marshmallow = "==0.10.1"
+marshmallow-sqlalchemy = "==0.17.0"
+psycopg2-binary = "==2.8.6"
+itsdangerous = "==1.1.0"
+requests-toolbelt = "==0.8.0"
+Flask-SQLAlchemy = "==2.4.0"
+zipfly = "==6.0.3"
+gunicorn = {extras = ["gevent"],version = "==19.9"}
+python-dotenv = "==0.9.1"
+flask-login = "==0.4.0"
+bcrypt = "==3.1.3"
+wtforms = "==2.1"
+flask-wtf = "==0.14.2"
+flask-mail = "==0.9.1"
+safe = "==0.4"
+flask-migrate = "==2.6.0"
+wtforms-json = "==0.3.3"
+pytz = "==2019.1"
+scikit-build = "==0.10.0"
+pygeodiff = "==0.8.6"
+pathvalidate = "==0.29.0"
+werkzeug = "==0.16"
+celery= "==4.4.7"
+redis= "==3.4.1"
+result = "==0.5"
+jsons = "==1.1.2"
+binaryornot = "==0.4.4"
+python-decouple = "==3.4"
+
+
+[dev-packages]
+pytest = "==6.2.2"
+pytest-cov = "==2.6.1"
+pylint = "==2.3.1"
+responses = "==0.10.7"
+pytest-dotenv= "==0.4.0"
+pytest-selenium = "==2.0.1"
+# requirements for pytest running with python < py3.8
+importlib-metadata = "==3.4.0"
+typing-extensions = "==3.7.4"
+
+[requires]
+python_version = "3.6"
diff --git a/server/Pipfile.lock b/server/Pipfile.lock
new file mode 100644
index 00000000..38da6acc
--- /dev/null
+++ b/server/Pipfile.lock
@@ -0,0 +1,1205 @@
+{
+    "_meta": {
+        "hash": {
+            "sha256": "e042162203b7474d658b8c8dab4add5c562e3b9327cb73d9b828812573d66d52"
+        },
+        "pipfile-spec": 6,
+        "requires": {
+            "python_version": "3.6"
+        },
+        "sources": [
+            {
+                "name": "pypi",
+                "url": "https://pypi.org/simple",
+                "verify_ssl": true
+            }
+        ]
+    },
+    "default": {
+        "alembic": {
+            "hashes": [
+                "sha256:8a259f0a4c8b350b03579d77ce9e810b19c65bf0af05f84efb69af13ad50801e",
+                "sha256:e27fd67732c97a1c370c33169ef4578cf96436fa0e7dcfaeeef4a917d0737d56"
+            ],
+            "version": "==1.5.8"
+        },
+        "amqp": {
+            "hashes": [
+                "sha256:70cdb10628468ff14e57ec2f751c7aa9e48e7e3651cfd62d431213c0c4e58f21",
+                "sha256:aa7f313fb887c91f15474c1229907a04dac0b8135822d6603437803424c0aa59"
+            ],
+            "version": "==2.6.1"
+        },
+        "attrs": {
+            "hashes": [
+                "sha256:31b2eced602aa8423c2aea9c76a724617ed67cf9513173fd3a4f03e3a929c7e6",
+                "sha256:832aa3cde19744e49938b91fea06d69ecb9e649c93ba974535d08ad92164f700"
+            ],
+            "version": "==20.3.0"
+        },
+        "bcrypt": {
+            "hashes": [
+                "sha256:05b35b9842b009b44496fa5433ce462f69966291e50fbd471dbb427f399f748f",
+                "sha256:06280fe19ffbcf6cf904de25190dd6fcd313e30bc79da305f5642a8295d1616e",
+                "sha256:1f3054d4da7c4a84b797d9130c36425b6e28134e9e67cd47b393774ea7168a3d",
+                "sha256:329c547f5525808aecd77ccade9fd443e381f9d91fc8164da1dae9c195e1f1f5",
+                "sha256:35cfdfa3f64f8bad68d25f261bdc60fbb9e43f164881c496cb590bf8001aad83",
+                "sha256:4396a33e112907f5978d5c40ca858b79fb1f6afd1caf3f8721c1411593d83bc2",
+                "sha256:47d47df72e9f0462c8065a82da7b87f4b2577eb8a3fc855bcea165c2293beb84",
+                "sha256:4eb357ab2cd27f4c6151d33130c667e9245beb9d1e6779ccf7e196d4cc20ffa8",
+                "sha256:5129442f3f131c1210734699ffa2b7f956786e3e943d38a3158ce174708d0296",
+                "sha256:5817b2b70a074cdab74c3871a2018d6931f8ef5148844006b8868b2be26f5abe",
+                "sha256:5929214153af8e3e461777837e0de1a00f2ced48d921e55fb952b4d5702e1be2",
+                "sha256:5dce51509227741323469b5c5ac6c6ccb2b2380800acc72e60bdf1b3359a5deb",
+                "sha256:60c8aa69d18ee750d3678d67a265f1cf3559eabef98f90e3e646c3ff41e8795d",
+                "sha256:6645c8d0ad845308de3eb9be98b6fd22a46ec5412bfc664a423e411cdd8f5488",
+                "sha256:66e3e1c105c1b811cf25974ee1eff53f2ebf4203c2e2c90e4b1097a837ba4a66",
+                "sha256:69dc348c0b6b34b855f3f340756b35f0398e18f0637fc815be567c664cba7d1b",
+                "sha256:70b69c68aede91eb96df81227c0a060ead75a008c3d7e4858dc165265d125c44",
+                "sha256:73aabf7967c4dc319644c8bcfcbfe8106a475b16af481e0c12402dce2fbac44d",
+                "sha256:7f08048c4315f56f02dcef350c9b149a1b7a88c46d316e16a83f1f25a71323c6",
+                "sha256:81eb609e0e15336ce6d6acf37a2e4a89c5a2030b76bc7a907e7010d5b4332c38",
+                "sha256:84b65684f53c4b6b9d9f61d7f9306e286613187bdf46f30d9a0bbadccfde2205",
+                "sha256:8b32df00118b8e7de99eb5ca78374eff1a3934ca42972a54283ddcb85d77164d",
+                "sha256:9c3b27bcc772958a4a051ae333de802423ebe0a5dd4e58e642e6e9d641cd7f3c",
+                "sha256:9cdc6fcd0eda471b66aca565ce214639f1ad1c5f3a71a205c492d04d139bb75b",
+                "sha256:b67e222177bfd51532955307a1ec9afd5e9c90ba2ff9561acae562d1e75c6ac1",
+                "sha256:b7679e478041ad8eae3d70e73dc7f6a2e913142a5fc35a6cabfcb7af977559c1",
+                "sha256:b949fd8cab330cddb101d4d5fa1b02772b887c31280f10ee4530c2090c378b13",
+                "sha256:bebccf76fad01fe91426023b3a41ee991a3ab539f3d3d74b7acdb75baf111224",
+                "sha256:c22f3e2c29cb592b65020605649f6d3cd4cf626e6cf97ce1843547e5ea4d5f68",
+                "sha256:c68f89a235752c2c191f17ca9a5a2496cb278b57ceb3753621f502a3f576fec5",
+                "sha256:c8e236eabdaf230e5c49f26c28f95bc3788ba1296765a4e1b98143741fcd779c",
+                "sha256:cdbcff01afda970b8d8e57633204f4501eddbe2c03932f51e7030aebddaf72d5",
+                "sha256:e0d47491bd496f823c7fdfdd6154b3e68b8ddf07556210bc46d39af31035f90a",
+                "sha256:f05cf87b6787b19c0daf9a7b89ac98708e48903120ccc04e4120528daba280fb",
+                "sha256:f1255ae53392e6e3a40955fa363d9522c915d3245c83029fd7a8ef500cd5f3be",
+                "sha256:f2bfc588ff4e779e3659b8db348f5fb7b8192d63efc4bf15ecc50a72c820a221"
+            ],
+            "index": "pypi",
+            "version": "==3.1.3"
+        },
+        "billiard": {
+            "hashes": [
+                "sha256:299de5a8da28a783d51b197d496bef4f1595dd023a93a4f59dde1886ae905547",
+                "sha256:87103ea78fa6ab4d5c751c4909bcff74617d985de7fa8b672cf8618afd5a875b"
+            ],
+            "version": "==3.6.4.0"
+        },
+        "binaryornot": {
+            "hashes": [
+                "sha256:359501dfc9d40632edc9fac890e19542db1a287bbcfa58175b66658392018061",
+                "sha256:b8b71173c917bddcd2c16070412e369c3ed7f0528926f70cac18a6c97fd563e4"
+            ],
+            "index": "pypi",
+            "version": "==0.4.4"
+        },
+        "blinker": {
+            "hashes": [
+                "sha256:471aee25f3992bd325afa3772f1063dbdbbca947a041b8b89466dc00d606f8b6"
+            ],
+            "version": "==1.4"
+        },
+        "celery": {
+            "hashes": [
+                "sha256:a92e1d56e650781fb747032a3997d16236d037c8199eacd5217d1a72893bca45",
+                "sha256:d220b13a8ed57c78149acf82c006785356071844afe0b27012a4991d44026f9f"
+            ],
+            "index": "pypi",
+            "version": "==4.4.7"
+        },
+        "certifi": {
+            "hashes": [
+                "sha256:1a4995114262bffbc2413b159f2a1a480c969de6e6eb13ee966d470af86af59c",
+                "sha256:719a74fb9e33b9bd44cc7f3a8d94bc35e4049deebe19ba7d8e108280cfd59830"
+            ],
+            "version": "==2020.12.5"
+        },
+        "cffi": {
+            "hashes": [
+                "sha256:005a36f41773e148deac64b08f233873a4d0c18b053d37da83f6af4d9087b813",
+                "sha256:0857f0ae312d855239a55c81ef453ee8fd24136eaba8e87a2eceba644c0d4c06",
+                "sha256:1071534bbbf8cbb31b498d5d9db0f274f2f7a865adca4ae429e147ba40f73dea",
+                "sha256:158d0d15119b4b7ff6b926536763dc0714313aa59e320ddf787502c70c4d4bee",
+                "sha256:1f436816fc868b098b0d63b8920de7d208c90a67212546d02f84fe78a9c26396",
+                "sha256:2894f2df484ff56d717bead0a5c2abb6b9d2bf26d6960c4604d5c48bbc30ee73",
+                "sha256:29314480e958fd8aab22e4a58b355b629c59bf5f2ac2492b61e3dc06d8c7a315",
+                "sha256:34eff4b97f3d982fb93e2831e6750127d1355a923ebaeeb565407b3d2f8d41a1",
+                "sha256:35f27e6eb43380fa080dccf676dece30bef72e4a67617ffda586641cd4508d49",
+                "sha256:3d3dd4c9e559eb172ecf00a2a7517e97d1e96de2a5e610bd9b68cea3925b4892",
+                "sha256:43e0b9d9e2c9e5d152946b9c5fe062c151614b262fda2e7b201204de0b99e482",
+                "sha256:48e1c69bbacfc3d932221851b39d49e81567a4d4aac3b21258d9c24578280058",
+                "sha256:51182f8927c5af975fece87b1b369f722c570fe169f9880764b1ee3bca8347b5",
+                "sha256:58e3f59d583d413809d60779492342801d6e82fefb89c86a38e040c16883be53",
+                "sha256:5de7970188bb46b7bf9858eb6890aad302577a5f6f75091fd7cdd3ef13ef3045",
+                "sha256:65fa59693c62cf06e45ddbb822165394a288edce9e276647f0046e1ec26920f3",
+                "sha256:69e395c24fc60aad6bb4fa7e583698ea6cc684648e1ffb7fe85e3c1ca131a7d5",
+                "sha256:6c97d7350133666fbb5cf4abdc1178c812cb205dc6f41d174a7b0f18fb93337e",
+                "sha256:6e4714cc64f474e4d6e37cfff31a814b509a35cb17de4fb1999907575684479c",
+                "sha256:72d8d3ef52c208ee1c7b2e341f7d71c6fd3157138abf1a95166e6165dd5d4369",
+                "sha256:8ae6299f6c68de06f136f1f9e69458eae58f1dacf10af5c17353eae03aa0d827",
+                "sha256:8b198cec6c72df5289c05b05b8b0969819783f9418e0409865dac47288d2a053",
+                "sha256:99cd03ae7988a93dd00bcd9d0b75e1f6c426063d6f03d2f90b89e29b25b82dfa",
+                "sha256:9cf8022fb8d07a97c178b02327b284521c7708d7c71a9c9c355c178ac4bbd3d4",
+                "sha256:9de2e279153a443c656f2defd67769e6d1e4163952b3c622dcea5b08a6405322",
+                "sha256:9e93e79c2551ff263400e1e4be085a1210e12073a31c2011dbbda14bda0c6132",
+                "sha256:9ff227395193126d82e60319a673a037d5de84633f11279e336f9c0f189ecc62",
+                "sha256:a465da611f6fa124963b91bf432d960a555563efe4ed1cc403ba5077b15370aa",
+                "sha256:ad17025d226ee5beec591b52800c11680fca3df50b8b29fe51d882576e039ee0",
+                "sha256:afb29c1ba2e5a3736f1c301d9d0abe3ec8b86957d04ddfa9d7a6a42b9367e396",
+                "sha256:b85eb46a81787c50650f2392b9b4ef23e1f126313b9e0e9013b35c15e4288e2e",
+                "sha256:bb89f306e5da99f4d922728ddcd6f7fcebb3241fc40edebcb7284d7514741991",
+                "sha256:cbde590d4faaa07c72bf979734738f328d239913ba3e043b1e98fe9a39f8b2b6",
+                "sha256:cd2868886d547469123fadc46eac7ea5253ea7fcb139f12e1dfc2bbd406427d1",
+                "sha256:d42b11d692e11b6634f7613ad8df5d6d5f8875f5d48939520d351007b3c13406",
+                "sha256:f2d45f97ab6bb54753eab54fffe75aaf3de4ff2341c9daee1987ee1837636f1d",
+                "sha256:fd78e5fee591709f32ef6edb9a015b4aa1a5022598e36227500c8f4e02328d9c"
+            ],
+            "version": "==1.14.5"
+        },
+        "chardet": {
+            "hashes": [
+                "sha256:0d6f53a15db4120f2b08c94f11e7d93d2c911ee118b6b30a04ec3ee8310179fa",
+                "sha256:f864054d66fd9118f2e67044ac8981a54775ec5b67aed0441892edb553d21da5"
+            ],
+            "version": "==4.0.0"
+        },
+        "click": {
+            "hashes": [
+                "sha256:d2b5255c7c6349bc1bd1e59e08cd12acbbd63ce649f2588755783aa94dfb6b1a",
+                "sha256:dacca89f4bfadd5de3d7489b7c8a566eee0d3676333fbb50030263894c38c0dc"
+            ],
+            "version": "==7.1.2"
+        },
+        "clickclick": {
+            "hashes": [
+                "sha256:4efb13e62353e34c5eef7ed6582c4920b418d7dedc86d819e22ee089ba01802c",
+                "sha256:c8f33e6d9ec83f68416dd2136a7950125bd256ec39ccc9a85c6e280a16be2bb5"
+            ],
+            "version": "==20.10.2"
+        },
+        "connexion": {
+            "extras": [
+                "swagger-ui"
+            ],
+            "hashes": [
+                "sha256:1ccfac57d4bb7adf4295ba6f5e48f5a1f66057df6a0713417766c9b5235182ee",
+                "sha256:5439e9659a89c4380d93a07acfbf3380d70be4130574de8881e5f0dfec7ad0e2"
+            ],
+            "index": "pypi",
+            "version": "==2.7.0"
+        },
+        "flask": {
+            "hashes": [
+                "sha256:4efa1ae2d7c9865af48986de8aeb8504bf32c7f3d6fdc9353d34b21f4b127060",
+                "sha256:8a4fdd8936eba2512e9c85df320a37e694c93945b33ef33c89946a340a238557"
+            ],
+            "version": "==1.1.2"
+        },
+        "flask-login": {
+            "hashes": [
+                "sha256:d25e356b14a59f52da0ab30c31c2ad285fa23a840f0f6971df7ed247c77082a7",
+                "sha256:f9149b63ec6b32aec44acb061ad851eb4eb065e742341147d116d69f8e35ae2b"
+            ],
+            "index": "pypi",
+            "version": "==0.4.0"
+        },
+        "flask-mail": {
+            "hashes": [
+                "sha256:22e5eb9a940bf407bcf30410ecc3708f3c56cc44b29c34e1726fe85006935f41"
+            ],
+            "index": "pypi",
+            "version": "==0.9.1"
+        },
+        "flask-marshmallow": {
+            "hashes": [
+                "sha256:4f507f883838b397638a3a36c7d36ee146b255a49db952f5d9de3f6f4522e8a8",
+                "sha256:69e99e3a123393894884a032ae2d11e6bdf4519a505819b66cec7eda32057741"
+            ],
+            "index": "pypi",
+            "version": "==0.10.1"
+        },
+        "flask-migrate": {
+            "hashes": [
+                "sha256:8626af845e6071ef80c70b0dc16d373f761c981f0ad61bb143a529cab649e725",
+                "sha256:c1601dfd46b9204233935e5d73473cd7fa959db7a4b0e894c7aa7a9e8aeebf0e"
+            ],
+            "index": "pypi",
+            "version": "==2.6.0"
+        },
+        "flask-sqlalchemy": {
+            "hashes": [
+                "sha256:0c9609b0d72871c540a7945ea559c8fdf5455192d2db67219509aed680a3d45a",
+                "sha256:8631bbea987bc3eb0f72b1f691d47bd37ceb795e73b59ab48586d76d75a7c605"
+            ],
+            "index": "pypi",
+            "version": "==2.4.0"
+        },
+        "flask-wtf": {
+            "hashes": [
+                "sha256:5d14d55cfd35f613d99ee7cba0fc3fbbe63ba02f544d349158c14ca15561cc36",
+                "sha256:d9a9e366b32dcbb98ef17228e76be15702cd2600675668bca23f63a7947fd5ac"
+            ],
+            "index": "pypi",
+            "version": "==0.14.2"
+        },
+        "gevent": {
+            "hashes": [
+                "sha256:16574e4aa902ebc7bad564e25aa9740a82620fdeb61e0bbf5cbc32e84c13cb6a",
+                "sha256:188c3c6da67e17ffa28f960fc80f8b7e4ba0f4efdc7519822c9d3a1784ca78ea",
+                "sha256:1e5af63e452cc1758924528a2ba6d3e472f5338e1534b7233cd01d3429fc1082",
+                "sha256:242e32cc011ad7127525ca9181aef3379ce4ad9c733aefe311ecf90248ad9a6f",
+                "sha256:2a9ae0a0fd956cbbc9c326b8f290dcad2b58acfb2e2732855fe1155fb110a04d",
+                "sha256:33741e3cd51b90483b14f73b6a3b32b779acf965aeb91d22770c0c8e0c937b73",
+                "sha256:3694f393ab08372bd337b9bc8eebef3ccab3c1623ef94536762a1eee68821449",
+                "sha256:464ec84001ba5108a9022aded4c5e69ea4d13ef11a2386d3ec37c1d08f3074c9",
+                "sha256:520cc2a029a9eef436e4e56b007af7859315cafa21937d43c1d5269f12f2c981",
+                "sha256:77b65a68c83e1c680f52dc39d5e5406763dd10a18ce08420665504b6f047962e",
+                "sha256:7bdfee07be5eee4f687bf90c54c2a65c909bcf2b6c4878faee51218ffa5d5d3e",
+                "sha256:969743debf89d6409423aaeae978437cc042247f91f5801e946a07a0a3b59148",
+                "sha256:96f704561a9dd9a817c67f2e279e23bfad6166cf95d63d35c501317e17f68bcf",
+                "sha256:9f99c3ec61daed54dc074fbcf1a86bcf795b9dfac2f6d4cdae6dfdb8a9125692",
+                "sha256:a130a1885603eabd8cea11b3e1c3c7333d4341b537eca7f0c4794cb5c7120db1",
+                "sha256:a54b9c7516c211045d7897a73a4ccdc116b3720c9ad3c591ef9592b735202a3b",
+                "sha256:ac98570649d9c276e39501a1d1cbf6c652b78f57a0eb1445c5ff25ff80336b63",
+                "sha256:afaeda9a7e8e93d0d86bf1d65affe912366294913fe43f0d107145dc32cd9545",
+                "sha256:b6ffc1131e017aafa70d7ec19cc24010b19daa2f11d5dc2dc191a79c3c9ea147",
+                "sha256:ba0c6ad94614e9af4240affbe1b4839c54da5a0a7e60806c6f7f69c1a7f5426e",
+                "sha256:bdb3677e77ab4ebf20c4752ac49f3b1e47445678dd69f82f9905362c68196456",
+                "sha256:c2c4326bb507754ef354635c05f560a217c171d80f26ca65bea81aa59b1ac179",
+                "sha256:cfb2878c2ecf27baea436bb9c4d8ab8c2fa7763c3916386d5602992b6a056ff3",
+                "sha256:e370e0a861db6f63c75e74b6ee56a40f5cdac90212ec404621445afa12bfc94b",
+                "sha256:e8a5d9fcf5d031f2e4c499f5f4b53262face416e22e8769078354f641255a663",
+                "sha256:ecff28416c99e0f73137f35849c3027cc3edde9dc13b7707825ebbf728623928",
+                "sha256:f0498df97a303da77e180a9368c9228b0fc94d10dd2ce79fc5ebb63fec0d2fc9",
+                "sha256:f91fd07b9cf642f24e58ed381e19ec33e28b8eee8726c19b026ea24fcc9ff897"
+            ],
+            "version": "==21.1.2"
+        },
+        "greenlet": {
+            "hashes": [
+                "sha256:0a77691f0080c9da8dfc81e23f4e3cffa5accf0f5b56478951016d7cfead9196",
+                "sha256:0ddd77586553e3daf439aa88b6642c5f252f7ef79a39271c25b1d4bf1b7cbb85",
+                "sha256:111cfd92d78f2af0bc7317452bd93a477128af6327332ebf3c2be7df99566683",
+                "sha256:122c63ba795fdba4fc19c744df6277d9cfd913ed53d1a286f12189a0265316dd",
+                "sha256:181300f826625b7fd1182205b830642926f52bd8cdb08b34574c9d5b2b1813f7",
+                "sha256:1a1ada42a1fd2607d232ae11a7b3195735edaa49ea787a6d9e6a53afaf6f3476",
+                "sha256:1bb80c71de788b36cefb0c3bb6bfab306ba75073dbde2829c858dc3ad70f867c",
+                "sha256:1d1d4473ecb1c1d31ce8fd8d91e4da1b1f64d425c1dc965edc4ed2a63cfa67b2",
+                "sha256:292e801fcb3a0b3a12d8c603c7cf340659ea27fd73c98683e75800d9fd8f704c",
+                "sha256:2c65320774a8cd5fdb6e117c13afa91c4707548282464a18cf80243cf976b3e6",
+                "sha256:4365eccd68e72564c776418c53ce3c5af402bc526fe0653722bc89efd85bf12d",
+                "sha256:5352c15c1d91d22902582e891f27728d8dac3bd5e0ee565b6a9f575355e6d92f",
+                "sha256:58ca0f078d1c135ecf1879d50711f925ee238fe773dfe44e206d7d126f5bc664",
+                "sha256:5d4030b04061fdf4cbc446008e238e44936d77a04b2b32f804688ad64197953c",
+                "sha256:5d69bbd9547d3bc49f8a545db7a0bd69f407badd2ff0f6e1a163680b5841d2b0",
+                "sha256:5f297cb343114b33a13755032ecf7109b07b9a0020e841d1c3cedff6602cc139",
+                "sha256:62afad6e5fd70f34d773ffcbb7c22657e1d46d7fd7c95a43361de979f0a45aef",
+                "sha256:647ba1df86d025f5a34043451d7c4a9f05f240bee06277a524daad11f997d1e7",
+                "sha256:719e169c79255816cdcf6dccd9ed2d089a72a9f6c42273aae12d55e8d35bdcf8",
+                "sha256:7cd5a237f241f2764324396e06298b5dee0df580cf06ef4ada0ff9bff851286c",
+                "sha256:875d4c60a6299f55df1c3bb870ebe6dcb7db28c165ab9ea6cdc5d5af36bb33ce",
+                "sha256:90b6a25841488cf2cb1c8623a53e6879573010a669455046df5f029d93db51b7",
+                "sha256:94620ed996a7632723a424bccb84b07e7b861ab7bb06a5aeb041c111dd723d36",
+                "sha256:b5f1b333015d53d4b381745f5de842f19fe59728b65f0fbb662dafbe2018c3a5",
+                "sha256:c5b22b31c947ad8b6964d4ed66776bcae986f73669ba50620162ba7c832a6b6a",
+                "sha256:c93d1a71c3fe222308939b2e516c07f35a849c5047f0197442a4d6fbcb4128ee",
+                "sha256:cdb90267650c1edb54459cdb51dab865f6c6594c3a47ebd441bc493360c7af70",
+                "sha256:cfd06e0f0cc8db2a854137bd79154b61ecd940dce96fad0cba23fe31de0b793c",
+                "sha256:d3789c1c394944084b5e57c192889985a9f23bd985f6d15728c745d380318128",
+                "sha256:da7d09ad0f24270b20f77d56934e196e982af0d0a2446120cb772be4e060e1a2",
+                "sha256:df3e83323268594fa9755480a442cabfe8d82b21aba815a71acf1bb6c1776218",
+                "sha256:df8053867c831b2643b2c489fe1d62049a98566b1646b194cc815f13e27b90df",
+                "sha256:e1128e022d8dce375362e063754e129750323b67454cac5600008aad9f54139e",
+                "sha256:e6e9fdaf6c90d02b95e6b0709aeb1aba5affbbb9ccaea5502f8638e4323206be",
+                "sha256:eac8803c9ad1817ce3d8d15d1bb82c2da3feda6bee1153eec5c58fa6e5d3f770",
+                "sha256:eb333b90036358a0e2c57373f72e7648d7207b76ef0bd00a4f7daad1f79f5203",
+                "sha256:ed1d1351f05e795a527abc04a0d82e9aecd3bdf9f46662c36ff47b0b00ecaf06",
+                "sha256:f3dc68272990849132d6698f7dc6df2ab62a88b0d36e54702a8fd16c0490e44f",
+                "sha256:f59eded163d9752fd49978e0bab7a1ff21b1b8d25c05f0995d140cc08ac83379",
+                "sha256:f5e2d36c86c7b03c94b8459c3bd2c9fe2c7dab4b258b8885617d44a22e453fb7",
+                "sha256:f6f65bf54215e4ebf6b01e4bb94c49180a589573df643735107056f7a910275b",
+                "sha256:f8450d5ef759dbe59f84f2c9f77491bb3d3c44bc1a573746daf086e70b14c243",
+                "sha256:f97d83049715fd9dec7911860ecf0e17b48d8725de01e45de07d8ac0bd5bc378"
+            ],
+            "markers": "python_version >= '3'",
+            "version": "==1.0.0"
+        },
+        "gunicorn": {
+            "extras": [
+                "gevent"
+            ],
+            "hashes": [
+                "sha256:aa8e0b40b4157b36a5df5e599f45c9c76d6af43845ba3b3b0efe2c70473c2471",
+                "sha256:fa2662097c66f920f53f70621c6c58ca4a3c4d3434205e608e121b5b3b71f4f3"
+            ],
+            "index": "pypi",
+            "version": "==19.9"
+        },
+        "idna": {
+            "hashes": [
+                "sha256:b307872f855b18632ce0c21c5e45be78c0ea7ae4c15c828c20788b26921eb3f6",
+                "sha256:b97d804b1e9b523befed77c48dacec60e6dcb0b5391d57af6a65a312a90648c0"
+            ],
+            "version": "==2.10"
+        },
+        "inflection": {
+            "hashes": [
+                "sha256:1a29730d366e996aaacffb2f1f1cb9593dc38e2ddd30c91250c6dde09ea9b417",
+                "sha256:f38b2b640938a4f35ade69ac3d053042959b62a0f1076a5bbaa1b9526605a8a2"
+            ],
+            "version": "==0.5.1"
+        },
+        "isodate": {
+            "hashes": [
+                "sha256:2e364a3d5759479cdb2d37cce6b9376ea504db2ff90252a2e5b7cc89cc9ff2d8",
+                "sha256:aa4d33c06640f5352aca96e4b81afd8ab3b47337cc12089822d6f322ac772c81"
+            ],
+            "version": "==0.6.0"
+        },
+        "itsdangerous": {
+            "hashes": [
+                "sha256:321b033d07f2a4136d3ec762eac9f16a10ccd60f53c0c91af90217ace7ba1f19",
+                "sha256:b12271b2047cb23eeb98c8b5622e2e5c5e9abd9784a153e9d8ef9cb4dd09d749"
+            ],
+            "index": "pypi",
+            "version": "==1.1.0"
+        },
+        "jinja2": {
+            "hashes": [
+                "sha256:03e47ad063331dd6a3f04a43eddca8a966a26ba0c5b7207a9a9e4e08f1b29419",
+                "sha256:a6d58433de0ae800347cab1fa3043cebbabe8baa9d29e668f1c768cb87a333c6"
+            ],
+            "version": "==2.11.3"
+        },
+        "jsons": {
+            "hashes": [
+                "sha256:7b813225eb4b13b85faa6d911f390f1823b2b94b4bf91598ff056fe21adb25e5"
+            ],
+            "index": "pypi",
+            "version": "==1.1.2"
+        },
+        "jsonschema": {
+            "hashes": [
+                "sha256:4e5b3cf8216f577bee9ce139cbe72eca3ea4f292ec60928ff24758ce626cd163",
+                "sha256:c8a85b28d377cc7737e46e2d9f2b4f44ee3c0e1deac6bf46ddefc7187d30797a"
+            ],
+            "version": "==3.2.0"
+        },
+        "kombu": {
+            "hashes": [
+                "sha256:be48cdffb54a2194d93ad6533d73f69408486483d189fe9f5990ee24255b0e0a",
+                "sha256:ca1b45faac8c0b18493d02a8571792f3c40291cf2bcf1f55afed3d8f3aa7ba74"
+            ],
+            "version": "==4.6.11"
+        },
+        "mako": {
+            "hashes": [
+                "sha256:17831f0b7087c313c0ffae2bcbbd3c1d5ba9eeac9c38f2eb7b50e8c99fe9d5ab",
+                "sha256:aea166356da44b9b830c8023cd9b557fa856bd8b4035d6de771ca027dfc5cc6e"
+            ],
+            "version": "==1.1.4"
+        },
+        "markupsafe": {
+            "hashes": [
+                "sha256:00bc623926325b26bb9605ae9eae8a215691f33cae5df11ca5424f06f2d1f473",
+                "sha256:09027a7803a62ca78792ad89403b1b7a73a01c8cb65909cd876f7fcebd79b161",
+                "sha256:09c4b7f37d6c648cb13f9230d847adf22f8171b1ccc4d5682398e77f40309235",
+                "sha256:1027c282dad077d0bae18be6794e6b6b8c91d58ed8a8d89a89d59693b9131db5",
+                "sha256:13d3144e1e340870b25e7b10b98d779608c02016d5184cfb9927a9f10c689f42",
+                "sha256:195d7d2c4fbb0ee8139a6cf67194f3973a6b3042d742ebe0a9ed36d8b6f0c07f",
+                "sha256:22c178a091fc6630d0d045bdb5992d2dfe14e3259760e713c490da5323866c39",
+                "sha256:24982cc2533820871eba85ba648cd53d8623687ff11cbb805be4ff7b4c971aff",
+                "sha256:29872e92839765e546828bb7754a68c418d927cd064fd4708fab9fe9c8bb116b",
+                "sha256:2beec1e0de6924ea551859edb9e7679da6e4870d32cb766240ce17e0a0ba2014",
+                "sha256:3b8a6499709d29c2e2399569d96719a1b21dcd94410a586a18526b143ec8470f",
+                "sha256:43a55c2930bbc139570ac2452adf3d70cdbb3cfe5912c71cdce1c2c6bbd9c5d1",
+                "sha256:46c99d2de99945ec5cb54f23c8cd5689f6d7177305ebff350a58ce5f8de1669e",
+                "sha256:500d4957e52ddc3351cabf489e79c91c17f6e0899158447047588650b5e69183",
+                "sha256:535f6fc4d397c1563d08b88e485c3496cf5784e927af890fb3c3aac7f933ec66",
+                "sha256:596510de112c685489095da617b5bcbbac7dd6384aeebeda4df6025d0256a81b",
+                "sha256:62fe6c95e3ec8a7fad637b7f3d372c15ec1caa01ab47926cfdf7a75b40e0eac1",
+                "sha256:6788b695d50a51edb699cb55e35487e430fa21f1ed838122d722e0ff0ac5ba15",
+                "sha256:6dd73240d2af64df90aa7c4e7481e23825ea70af4b4922f8ede5b9e35f78a3b1",
+                "sha256:6f1e273a344928347c1290119b493a1f0303c52f5a5eae5f16d74f48c15d4a85",
+                "sha256:6fffc775d90dcc9aed1b89219549b329a9250d918fd0b8fa8d93d154918422e1",
+                "sha256:717ba8fe3ae9cc0006d7c451f0bb265ee07739daf76355d06366154ee68d221e",
+                "sha256:79855e1c5b8da654cf486b830bd42c06e8780cea587384cf6545b7d9ac013a0b",
+                "sha256:7c1699dfe0cf8ff607dbdcc1e9b9af1755371f92a68f706051cc8c37d447c905",
+                "sha256:7fed13866cf14bba33e7176717346713881f56d9d2bcebab207f7a036f41b850",
+                "sha256:84dee80c15f1b560d55bcfe6d47b27d070b4681c699c572af2e3c7cc90a3b8e0",
+                "sha256:88e5fcfb52ee7b911e8bb6d6aa2fd21fbecc674eadd44118a9cc3863f938e735",
+                "sha256:8defac2f2ccd6805ebf65f5eeb132adcf2ab57aa11fdf4c0dd5169a004710e7d",
+                "sha256:98bae9582248d6cf62321dcb52aaf5d9adf0bad3b40582925ef7c7f0ed85fceb",
+                "sha256:98c7086708b163d425c67c7a91bad6e466bb99d797aa64f965e9d25c12111a5e",
+                "sha256:9add70b36c5666a2ed02b43b335fe19002ee5235efd4b8a89bfcf9005bebac0d",
+                "sha256:9bf40443012702a1d2070043cb6291650a0841ece432556f784f004937f0f32c",
+                "sha256:a6a744282b7718a2a62d2ed9d993cad6f5f585605ad352c11de459f4108df0a1",
+                "sha256:acf08ac40292838b3cbbb06cfe9b2cb9ec78fce8baca31ddb87aaac2e2dc3bc2",
+                "sha256:ade5e387d2ad0d7ebf59146cc00c8044acbd863725f887353a10df825fc8ae21",
+                "sha256:b00c1de48212e4cc9603895652c5c410df699856a2853135b3967591e4beebc2",
+                "sha256:b1282f8c00509d99fef04d8ba936b156d419be841854fe901d8ae224c59f0be5",
+                "sha256:b1dba4527182c95a0db8b6060cc98ac49b9e2f5e64320e2b56e47cb2831978c7",
+                "sha256:b2051432115498d3562c084a49bba65d97cf251f5a331c64a12ee7e04dacc51b",
+                "sha256:b7d644ddb4dbd407d31ffb699f1d140bc35478da613b441c582aeb7c43838dd8",
+                "sha256:ba59edeaa2fc6114428f1637ffff42da1e311e29382d81b339c1817d37ec93c6",
+                "sha256:bf5aa3cbcfdf57fa2ee9cd1822c862ef23037f5c832ad09cfea57fa846dec193",
+                "sha256:c8716a48d94b06bb3b2524c2b77e055fb313aeb4ea620c8dd03a105574ba704f",
+                "sha256:caabedc8323f1e93231b52fc32bdcde6db817623d33e100708d9a68e1f53b26b",
+                "sha256:cd5df75523866410809ca100dc9681e301e3c27567cf498077e8551b6d20e42f",
+                "sha256:cdb132fc825c38e1aeec2c8aa9338310d29d337bebbd7baa06889d09a60a1fa2",
+                "sha256:d53bc011414228441014aa71dbec320c66468c1030aae3a6e29778a3382d96e5",
+                "sha256:d73a845f227b0bfe8a7455ee623525ee656a9e2e749e4742706d80a6065d5e2c",
+                "sha256:d9be0ba6c527163cbed5e0857c451fcd092ce83947944d6c14bc95441203f032",
+                "sha256:e249096428b3ae81b08327a63a485ad0878de3fb939049038579ac0ef61e17e7",
+                "sha256:e8313f01ba26fbbe36c7be1966a7b7424942f670f38e666995b88d012765b9be",
+                "sha256:feb7b34d6325451ef96bc0e36e1a6c0c1c64bc1fbec4b854f4529e51887b1621"
+            ],
+            "version": "==1.1.1"
+        },
+        "marshmallow": {
+            "hashes": [
+                "sha256:0dd42891a5ef288217ed6410917f3c6048f585f8692075a0052c24f9bfff9dfd",
+                "sha256:16e99cb7f630c0ef4d7d364ed0109ac194268dde123966076ab3dafb9ae3906b"
+            ],
+            "version": "==3.11.1"
+        },
+        "marshmallow-sqlalchemy": {
+            "hashes": [
+                "sha256:d662fc8103a06b59aafbc33c8ab4f1318799d66aae4f660c1e7e278bc45ef69e",
+                "sha256:f69e740ea8d3b678fd712263e5dd739c94482cd8840e2f6cf4314919e6547cee"
+            ],
+            "index": "pypi",
+            "version": "==0.17.0"
+        },
+        "openapi-schema-validator": {
+            "hashes": [
+                "sha256:215b516d0942f4e8e2446cf3f7d4ff2ed71d102ebddcc30526d8a3f706ab1df6",
+                "sha256:a4b2712020284cee880b4c55faa513fbc2f8f07f365deda6098f8ab943c9f0df",
+                "sha256:b65d6c2242620bfe76d4c749b61cd9657e4528895a8f4fb6f916085b508ebd24"
+            ],
+            "version": "==0.1.5"
+        },
+        "openapi-spec-validator": {
+            "hashes": [
+                "sha256:4083fc5aac3e9f751c2a82d4ec5cf3adad5f967d0faf31495d8b56a0b0f9705c",
+                "sha256:53ba3d884e98ff2062d5ada025aa590541dcd665b8f81067dc82dd61c0923759",
+                "sha256:e11df7c559339027bd04f2399bc82474983129a6a7a6a0421eaa95e2c844d686"
+            ],
+            "version": "==0.3.0"
+        },
+        "packaging": {
+            "hashes": [
+                "sha256:5b327ac1320dc863dca72f4514ecc086f31186744b84a230374cc1fd776feae5",
+                "sha256:67714da7f7bc052e064859c05c595155bd1ee9f69f76557e21f051443c20947a"
+            ],
+            "version": "==20.9"
+        },
+        "pathvalidate": {
+            "hashes": [
+                "sha256:6d18aac8478ac97456b7fb639dc456429863fefd0f75e77d33b3166bca7c5651",
+                "sha256:bf250828f40d94881df764950cffca14bb3fa83783d9f239125a6b5e23a5646e"
+            ],
+            "index": "pypi",
+            "version": "==0.29.0"
+        },
+        "psycopg2-binary": {
+            "hashes": [
+                "sha256:0deac2af1a587ae12836aa07970f5cb91964f05a7c6cdb69d8425ff4c15d4e2c",
+                "sha256:0e4dc3d5996760104746e6cfcdb519d9d2cd27c738296525d5867ea695774e67",
+                "sha256:11b9c0ebce097180129e422379b824ae21c8f2a6596b159c7659e2e5a00e1aa0",
+                "sha256:15978a1fbd225583dd8cdaf37e67ccc278b5abecb4caf6b2d6b8e2b948e953f6",
+                "sha256:1fabed9ea2acc4efe4671b92c669a213db744d2af8a9fc5d69a8e9bc14b7a9db",
+                "sha256:2dac98e85565d5688e8ab7bdea5446674a83a3945a8f416ad0110018d1501b94",
+                "sha256:42ec1035841b389e8cc3692277a0bd81cdfe0b65d575a2c8862cec7a80e62e52",
+                "sha256:6422f2ff0919fd720195f64ffd8f924c1395d30f9a495f31e2392c2efafb5056",
+                "sha256:6a32f3a4cb2f6e1a0b15215f448e8ce2da192fd4ff35084d80d5e39da683e79b",
+                "sha256:7312e931b90fe14f925729cde58022f5d034241918a5c4f9797cac62f6b3a9dd",
+                "sha256:7d92a09b788cbb1aec325af5fcba9fed7203897bbd9269d5691bb1e3bce29550",
+                "sha256:833709a5c66ca52f1d21d41865a637223b368c0ee76ea54ca5bad6f2526c7679",
+                "sha256:89705f45ce07b2dfa806ee84439ec67c5d9a0ef20154e0e475e2b2ed392a5b83",
+                "sha256:8cd0fb36c7412996859cb4606a35969dd01f4ea34d9812a141cd920c3b18be77",
+                "sha256:950bc22bb56ee6ff142a2cb9ee980b571dd0912b0334aa3fe0fe3788d860bea2",
+                "sha256:a0c50db33c32594305b0ef9abc0cb7db13de7621d2cadf8392a1d9b3c437ef77",
+                "sha256:a0eb43a07386c3f1f1ebb4dc7aafb13f67188eab896e7397aa1ee95a9c884eb2",
+                "sha256:aaa4213c862f0ef00022751161df35804127b78adf4a2755b9f991a507e425fd",
+                "sha256:ac0c682111fbf404525dfc0f18a8b5f11be52657d4f96e9fcb75daf4f3984859",
+                "sha256:ad20d2eb875aaa1ea6d0f2916949f5c08a19c74d05b16ce6ebf6d24f2c9f75d1",
+                "sha256:b4afc542c0ac0db720cf516dd20c0846f71c248d2b3d21013aa0d4ef9c71ca25",
+                "sha256:b8a3715b3c4e604bcc94c90a825cd7f5635417453b253499664f784fc4da0152",
+                "sha256:ba28584e6bca48c59eecbf7efb1576ca214b47f05194646b081717fa628dfddf",
+                "sha256:ba381aec3a5dc29634f20692349d73f2d21f17653bda1decf0b52b11d694541f",
+                "sha256:bd1be66dde2b82f80afb9459fc618216753f67109b859a361cf7def5c7968729",
+                "sha256:c2507d796fca339c8fb03216364cca68d87e037c1f774977c8fc377627d01c71",
+                "sha256:cec7e622ebc545dbb4564e483dd20e4e404da17ae07e06f3e780b2dacd5cee66",
+                "sha256:d14b140a4439d816e3b1229a4a525df917d6ea22a0771a2a78332273fd9528a4",
+                "sha256:d1b4ab59e02d9008efe10ceabd0b31e79519da6fb67f7d8e8977118832d0f449",
+                "sha256:d5227b229005a696cc67676e24c214740efd90b148de5733419ac9aaba3773da",
+                "sha256:e1f57aa70d3f7cc6947fd88636a481638263ba04a742b4a37dd25c373e41491a",
+                "sha256:e74a55f6bad0e7d3968399deb50f61f4db1926acf4a6d83beaaa7df986f48b1c",
+                "sha256:e82aba2188b9ba309fd8e271702bd0d0fc9148ae3150532bbb474f4590039ffb",
+                "sha256:ee69dad2c7155756ad114c02db06002f4cded41132cc51378e57aad79cc8e4f4",
+                "sha256:f5ab93a2cb2d8338b1674be43b442a7f544a0971da062a5da774ed40587f18f5"
+            ],
+            "index": "pypi",
+            "version": "==2.8.6"
+        },
+        "pycparser": {
+            "hashes": [
+                "sha256:2d475327684562c3a96cc71adf7dc8c4f0565175cf86b6d7a404ff4c771f15f0",
+                "sha256:7582ad22678f0fcd81102833f60ef8d0e57288b6b5fb00323d101be910e35705"
+            ],
+            "version": "==2.20"
+        },
+        "pygeodiff": {
+            "hashes": [
+                "sha256:015554b1849f98233e4edf4bb2fafa003f6f5443d9a2447fb894f943ca7e2137",
+                "sha256:025ac9d8db9d144ffbf20dadc15e429e8cb526fc14277c7072cc9802fdf878a5",
+                "sha256:0df51544a5133e608a5541ac8b904058f1c511828f08441291ffccab96e9f132",
+                "sha256:4da89ba9d9836e708819343cefe383b77a9d61808fac58b4cb0b3a157c03671a",
+                "sha256:87614130d5762ec90cf2d55b9634d15a85d67febd352066cf4fac91f33aad19d",
+                "sha256:950f0eef75869dbe6dc987b6a858cdc54dcd9fab3cc300528ad529c41abcdbfc",
+                "sha256:9c6b10c6fc0d490ce7ecd65ff1828d775065ac67382faa739dbb0f14dec0bea6",
+                "sha256:b0d05552df55da1a619bf694a99ad7602b83195a0a2157434604fe8c1eced632",
+                "sha256:b60f3ed72779600d3a93e2709211dedc2ab76f79f200091b827cf7d785871300",
+                "sha256:d69085feddac198206eaa877755e601b67935a1eff2dde7f3701084c665d04bb",
+                "sha256:dcf550e3492a3de4652737ecf4f43b6ed418b1f7f2f4f607fbc0a2a62177777c"
+            ],
+            "index": "pypi",
+            "version": "==0.8.6"
+        },
+        "pyparsing": {
+            "hashes": [
+                "sha256:c203ec8783bf771a155b207279b9bccb8dea02d8f0c9e5f8ead507bc3246ecc1",
+                "sha256:ef9d7589ef3c200abe66653d3f1ab1033c3c419ae9b9bdb1240a85b024efc88b"
+            ],
+            "version": "==2.4.7"
+        },
+        "pyrsistent": {
+            "hashes": [
+                "sha256:2e636185d9eb976a18a8a8e96efce62f2905fea90041958d8cc2a189756ebf3e"
+            ],
+            "version": "==0.17.3"
+        },
+        "python-dateutil": {
+            "hashes": [
+                "sha256:3acbef017340600e9ff8f2994d8f7afd6eacb295383f286466a6df3961e486f0",
+                "sha256:537bf2a8f8ce6f6862ad705cd68f9e405c0b5db014aa40fa29eab4335d4b1716",
+                "sha256:62a2f8df3d66f878373fd0072eacf4ee52194ba302e00082828e0d263b0418d2"
+            ],
+            "index": "pypi",
+            "version": "==2.6.0"
+        },
+        "python-decouple": {
+            "hashes": [
+                "sha256:2e5adb0263a4f963b58d7407c4760a2465d464ee212d733e2a2c179e54c08d8f",
+                "sha256:a8268466e6389a639a20deab9d880faee186eb1eb6a05e54375bdf158d691981"
+            ],
+            "index": "pypi",
+            "version": "==3.4"
+        },
+        "python-dotenv": {
+            "hashes": [
+                "sha256:122290a38ece9fe4f162dc7c95cae3357b983505830a154d3c98ef7f6c6cea77",
+                "sha256:4a205787bc829233de2a823aa328e44fd9996fedb954989a21f1fc67c13d7a77"
+            ],
+            "index": "pypi",
+            "version": "==0.9.1"
+        },
+        "python-editor": {
+            "hashes": [
+                "sha256:1bf6e860a8ad52a14c3ee1252d5dc25b2030618ed80c022598f00176adc8367d",
+                "sha256:51fda6bcc5ddbbb7063b2af7509e43bd84bfc32a4ff71349ec7847713882327b",
+                "sha256:5f98b069316ea1c2ed3f67e7f5df6c0d8f10b689964a4a811ff64f0106819ec8"
+            ],
+            "version": "==1.0.4"
+        },
+        "pytz": {
+            "hashes": [
+                "sha256:303879e36b721603cc54604edcac9d20401bdbe31e1e4fdee5b9f98d5d31dfda",
+                "sha256:d747dd3d23d77ef44c6a3526e274af6efeb0a6f1afd5a69ba4d5be4098c8e141"
+            ],
+            "index": "pypi",
+            "version": "==2019.1"
+        },
+        "pyyaml": {
+            "hashes": [
+                "sha256:08682f6b72c722394747bddaf0aa62277e02557c0fd1c42cb853016a38f8dedf",
+                "sha256:0f5f5786c0e09baddcd8b4b45f20a7b5d61a7e7e99846e3c799b05c7c53fa696",
+                "sha256:129def1b7c1bf22faffd67b8f3724645203b79d8f4cc81f674654d9902cb4393",
+                "sha256:294db365efa064d00b8d1ef65d8ea2c3426ac366c0c4368d930bf1c5fb497f77",
+                "sha256:3b2b1824fe7112845700f815ff6a489360226a5609b96ec2190a45e62a9fc922",
+                "sha256:3bd0e463264cf257d1ffd2e40223b197271046d09dadf73a0fe82b9c1fc385a5",
+                "sha256:4465124ef1b18d9ace298060f4eccc64b0850899ac4ac53294547536533800c8",
+                "sha256:49d4cdd9065b9b6e206d0595fee27a96b5dd22618e7520c33204a4a3239d5b10",
+                "sha256:4e0583d24c881e14342eaf4ec5fbc97f934b999a6828693a99157fde912540cc",
+                "sha256:5accb17103e43963b80e6f837831f38d314a0495500067cb25afab2e8d7a4018",
+                "sha256:607774cbba28732bfa802b54baa7484215f530991055bb562efbed5b2f20a45e",
+                "sha256:6c78645d400265a062508ae399b60b8c167bf003db364ecb26dcab2bda048253",
+                "sha256:72a01f726a9c7851ca9bfad6fd09ca4e090a023c00945ea05ba1638c09dc3347",
+                "sha256:74c1485f7707cf707a7aef42ef6322b8f97921bd89be2ab6317fd782c2d53183",
+                "sha256:895f61ef02e8fed38159bb70f7e100e00f471eae2bc838cd0f4ebb21e28f8541",
+                "sha256:8c1be557ee92a20f184922c7b6424e8ab6691788e6d86137c5d93c1a6ec1b8fb",
+                "sha256:bb4191dfc9306777bc594117aee052446b3fa88737cd13b7188d0e7aa8162185",
+                "sha256:bfb51918d4ff3d77c1c856a9699f8492c612cde32fd3bcd344af9be34999bfdc",
+                "sha256:c20cfa2d49991c8b4147af39859b167664f2ad4561704ee74c1de03318e898db",
+                "sha256:cb333c16912324fd5f769fff6bc5de372e9e7a202247b48870bc251ed40239aa",
+                "sha256:d2d9808ea7b4af864f35ea216be506ecec180628aced0704e34aca0b040ffe46",
+                "sha256:d483ad4e639292c90170eb6f7783ad19490e7a8defb3e46f97dfe4bacae89122",
+                "sha256:dd5de0646207f053eb0d6c74ae45ba98c3395a571a2891858e87df7c9b9bd51b",
+                "sha256:e1d4970ea66be07ae37a3c2e48b5ec63f7ba6804bdddfdbd3cfd954d25a82e63",
+                "sha256:e4fac90784481d221a8e4b1162afa7c47ed953be40d31ab4629ae917510051df",
+                "sha256:fa5ae20527d8e831e8230cbffd9f8fe952815b2b7dae6ffec25318803a7528fc",
+                "sha256:fd7f6999a8070df521b6384004ef42833b9bd62cfee11a09bda1079b4b704247",
+                "sha256:fdc842473cd33f45ff6bce46aea678a54e3d21f1b61a7750ce3c498eedfe25d6",
+                "sha256:fe69978f3f768926cfa37b867e3843918e012cf83f680806599ddce33c2c68b0"
+            ],
+            "version": "==5.4.1"
+        },
+        "redis": {
+            "hashes": [
+                "sha256:0dcfb335921b88a850d461dc255ff4708294943322bd55de6cfd68972490ca1f",
+                "sha256:b205cffd05ebfd0a468db74f0eedbff8df1a7bfc47521516ade4692991bb0833"
+            ],
+            "index": "pypi",
+            "version": "==3.4.1"
+        },
+        "requests": {
+            "hashes": [
+                "sha256:27973dd4a904a4f13b263a19c866c13b92a39ed1c964655f025f3f8d3d75b804",
+                "sha256:c210084e36a42ae6b9219e00e48287def368a26d03a048ddad7bfee44f75871e"
+            ],
+            "version": "==2.25.1"
+        },
+        "requests-toolbelt": {
+            "hashes": [
+                "sha256:42c9c170abc2cacb78b8ab23ac957945c7716249206f90874651971a4acff237",
+                "sha256:f6a531936c6fa4c6cfce1b9c10d5c4f498d16528d2a54a22ca00011205a187b5"
+            ],
+            "index": "pypi",
+            "version": "==0.8.0"
+        },
+        "result": {
+            "hashes": [
+                "sha256:46f039a2d17e47709c13e29af359c3fa91fd5cacddba2a8109fdcb514e6ff471",
+                "sha256:f4563ff615b1147822d13eb363fbda202511fcbf281b3cf7acf0723ca7cb612b"
+            ],
+            "index": "pypi",
+            "version": "==0.5"
+        },
+        "safe": {
+            "hashes": [
+                "sha256:4e7315087d80fdbbc781362a656376cfa273c5c68a8abc0412e159bf541fcbda",
+                "sha256:a2fdac9fe8a9dcf02b438201d6ce0b7be78f85dc6492d03edfb89be2adf489de"
+            ],
+            "index": "pypi",
+            "version": "==0.4"
+        },
+        "scikit-build": {
+            "hashes": [
+                "sha256:7342017cc82dd6178e3b19377389b8a8d1f8b429d9cdb315cfb1094e34a0f526",
+                "sha256:e343cd0f012e4cc282132324223a15e6bae23c77f9c3e7f3b3b067a0db08d3b2"
+            ],
+            "index": "pypi",
+            "version": "==0.10.0"
+        },
+        "six": {
+            "hashes": [
+                "sha256:30639c035cdb23534cd4aa2dd52c3bf48f06e5f4a941509c8bafd8ce11080259",
+                "sha256:8b74bedcbbbaca38ff6d7491d76f2b06b3592611af620f8426e82dddb04a5ced"
+            ],
+            "version": "==1.15.0"
+        },
+        "sqlalchemy": {
+            "hashes": [
+                "sha256:0140f6dac2659fa6783e7029085ab0447d8eb23cf4d831fb907588d27ba158f7",
+                "sha256:034b42a6a59bf4ddc57e5a38a9dbac83ccd94c0b565ba91dba4ff58149706028",
+                "sha256:03a503ecff0cc2be3ad4dafd220eaff13721edb11c191670b7662932fb0a5c3a",
+                "sha256:069de3a701d33709236efe0d06f38846b738b19c63d45cc47f54590982ba7802",
+                "sha256:1735e06a3d5b0793d5ee2d952df8a5c63edaff6383c2210c9b5c93dc2ea4c315",
+                "sha256:19633df6be629200ff3c026f2837e1dd17908fb1bcea860290a5a45e6fa5148e",
+                "sha256:1e14fa32969badef9c309f55352e5c46f321bd29f7c600556caacdaa3eddfcf6",
+                "sha256:31e941d6db8b026bc63e46ef71e877913f128bd44260b90c645432626b7f9a47",
+                "sha256:452c4e002be727cb6f929dbd32bbc666a0921b86555b8af09709060ed3954bd3",
+                "sha256:45a720029756800628359192630fffdc9660ab6f27f0409bd24d9e09d75d6c18",
+                "sha256:4a2e7f037d3ca818d6d0490e3323fd451545f580df30d62b698da2f247015a34",
+                "sha256:4a7d4da2acf6d5d068fb41c48950827c49c3c68bfb46a1da45ea8fbf7ed4b471",
+                "sha256:4ad4044eb86fbcbdff2106e44f479fbdac703d77860b3e19988c8a8786e73061",
+                "sha256:4f631edf45a943738fa77612e85fc5c5d3fb637c4f5a530f7eedd1a7cd7a70a7",
+                "sha256:6389b10e23329dc8b5600c1a84e3da2628d0f437d8a5cd05aefd1470ec571dd1",
+                "sha256:6ebd58e73b7bd902688c0bb8dbabb0c36b756f02cc7b27ad5efa2f380c611f95",
+                "sha256:7180830ea1082b96b94884bc352b274e29b45151b6ee911bf1fd79cba2de659b",
+                "sha256:789be639501445d85fd4ca41d04f0f5c6cbb6deb0c6826aaa6f22774fe84ef94",
+                "sha256:7d89add44938ea4f52c7641d5805c9e154fed4381e874ef3221483eeb191a96d",
+                "sha256:842b0d4698381aac047f8ae57409c90b7e63ebabf5bc02814ddc8eaefd13499e",
+                "sha256:8f96d4b6a49d3f0f109365bb6303ae5d266d3f90280ca68cf8b2c46032491038",
+                "sha256:961b089e64c2ad29ad367487dd3ba1aa3eeba56bc82037ce91732baaa0f6ca90",
+                "sha256:96de1d4a2e05d4a017087cb29cd6a8ebfeecfd0e9f872880b1a589f011c1c02e",
+                "sha256:98214f04802a3fc740038744d8981a8f2fdca710f791ca125fc4792737d9f3a7",
+                "sha256:9cf94161cb55507cee147bf8abcfd3c076b353ad18743296764dd81108ea74f8",
+                "sha256:9fdf0713166f33e5e6ea98cf59deb305cb323131277f6880de6c509f468076f8",
+                "sha256:a41ab83ecfadf38a47bdfaf4e488f71579df47a711e1ab1dce30d34c7c25bd00",
+                "sha256:ac14fee167653ec6dee32d6aa4d501d90ae1bfbbc3eb5816940bccf227f0d617",
+                "sha256:b8b7d66ee8b8ac272adce0af1342a60854f0d89686e6d3318127a6a82a2f765c",
+                "sha256:bb1072fdf48ba870c0fe81bee8babe4ba2f096fb56bb4f3e0c2386a7626e405c",
+                "sha256:cd823071b97c1a6ac3af9e43b5d861126a1304033dcd18dfe354a02ec45642fe",
+                "sha256:d08173144aebdf30c21a331b532db16535cfa83deed12e8703fa6c67c0894ffc",
+                "sha256:e7d76312e904aa4ea221a92c0bc2e299ad46e4580e2d72ca1f7e6d31dce5bfab",
+                "sha256:f772e4428d413c0affe2a34836278fbe9df9a9c0940705860c2d3a4b50af1a66"
+            ],
+            "version": "==1.4.11"
+        },
+        "swagger-ui-bundle": {
+            "hashes": [
+                "sha256:f5255f786cde67a2638111f4a7d04355836743198a83c4ecbe815d9fc384b0c8",
+                "sha256:f5691167f2e9f73ecbe8229a89454ae5ea958f90bb0d4583ed7adaae598c4122"
+            ],
+            "version": "==0.0.8"
+        },
+        "typish": {
+            "hashes": [
+                "sha256:36f940e39d0f4d2bd4c524d167936024308bc52ef22ec718ce5c4e38a3ba5a95"
+            ],
+            "version": "==1.9.2"
+        },
+        "urllib3": {
+            "hashes": [
+                "sha256:2f4da4594db7e1e110a944bb1b551fdf4e6c136ad42e4234131391e21eb5b0df",
+                "sha256:e7b021f7241115872f92f43c6508082facffbd1c048e3c6e2bb9c2a157e28937"
+            ],
+            "version": "==1.26.4"
+        },
+        "vine": {
+            "hashes": [
+                "sha256:133ee6d7a9016f177ddeaf191c1f58421a1dcc6ee9a42c58b34bed40e1d2cd87",
+                "sha256:ea4947cc56d1fd6f2095c8d543ee25dad966f78692528e68b4fada11ba3f98af"
+            ],
+            "version": "==1.3.0"
+        },
+        "werkzeug": {
+            "hashes": [
+                "sha256:7280924747b5733b246fe23972186c6b348f9ae29724135a6dfc1e53cea433e7",
+                "sha256:e5f4a1f98b52b18a93da705a7458e55afb26f32bff83ff5d19189f92462d65c4"
+            ],
+            "index": "pypi",
+            "version": "==0.16.0"
+        },
+        "wheel": {
+            "hashes": [
+                "sha256:78b5b185f0e5763c26ca1e324373aadd49182ca90e825f7853f4b2509215dc0e",
+                "sha256:e11eefd162658ea59a60a0f6c7d493a7190ea4b9a85e335b33489d9f17e0245e"
+            ],
+            "version": "==0.36.2"
+        },
+        "wtforms": {
+            "hashes": [
+                "sha256:ffdf10bd1fa565b8233380cb77a304cd36fd55c73023e91d4b803c96bc11d46f"
+            ],
+            "index": "pypi",
+            "version": "==2.1"
+        },
+        "wtforms-json": {
+            "hashes": [
+                "sha256:3d3193819a83daa14b3cb5e029fe807fb4a70172ec299abc07d9d58d51b2ecc4"
+            ],
+            "index": "pypi",
+            "version": "==0.3.3"
+        },
+        "zipfly": {
+            "hashes": [
+                "sha256:ac78c6feb76313548b8e0256df5bbb13611ab7a9983b64ef3d1d76570d11ad71"
+            ],
+            "index": "pypi",
+            "version": "==6.0.3"
+        },
+        "zope.event": {
+            "hashes": [
+                "sha256:2666401939cdaa5f4e0c08cf7f20c9b21423b95e88f4675b1443973bdb080c42",
+                "sha256:5e76517f5b9b119acf37ca8819781db6c16ea433f7e2062c4afc2b6fbedb1330"
+            ],
+            "version": "==4.5.0"
+        },
+        "zope.interface": {
+            "hashes": [
+                "sha256:08f9636e99a9d5410181ba0729e0408d3d8748026ea938f3b970a0249daa8192",
+                "sha256:0b465ae0962d49c68aa9733ba92a001b2a0933c317780435f00be7ecb959c702",
+                "sha256:0cba8477e300d64a11a9789ed40ee8932b59f9ee05f85276dbb4b59acee5dd09",
+                "sha256:0cee5187b60ed26d56eb2960136288ce91bcf61e2a9405660d271d1f122a69a4",
+                "sha256:0ea1d73b7c9dcbc5080bb8aaffb776f1c68e807767069b9ccdd06f27a161914a",
+                "sha256:0f91b5b948686659a8e28b728ff5e74b1be6bf40cb04704453617e5f1e945ef3",
+                "sha256:15e7d1f7a6ee16572e21e3576d2012b2778cbacf75eb4b7400be37455f5ca8bf",
+                "sha256:17776ecd3a1fdd2b2cd5373e5ef8b307162f581c693575ec62e7c5399d80794c",
+                "sha256:194d0bcb1374ac3e1e023961610dc8f2c78a0f5f634d0c737691e215569e640d",
+                "sha256:1c0e316c9add0db48a5b703833881351444398b04111188069a26a61cfb4df78",
+                "sha256:205e40ccde0f37496904572035deea747390a8b7dc65146d30b96e2dd1359a83",
+                "sha256:273f158fabc5ea33cbc936da0ab3d4ba80ede5351babc4f577d768e057651531",
+                "sha256:2876246527c91e101184f63ccd1d716ec9c46519cc5f3d5375a3351c46467c46",
+                "sha256:2c98384b254b37ce50eddd55db8d381a5c53b4c10ee66e1e7fe749824f894021",
+                "sha256:2e5a26f16503be6c826abca904e45f1a44ff275fdb7e9d1b75c10671c26f8b94",
+                "sha256:334701327f37c47fa628fc8b8d28c7d7730ce7daaf4bda1efb741679c2b087fc",
+                "sha256:3748fac0d0f6a304e674955ab1365d515993b3a0a865e16a11ec9d86fb307f63",
+                "sha256:3c02411a3b62668200910090a0dff17c0b25aaa36145082a5a6adf08fa281e54",
+                "sha256:3dd4952748521205697bc2802e4afac5ed4b02909bb799ba1fe239f77fd4e117",
+                "sha256:3f24df7124c323fceb53ff6168da70dbfbae1442b4f3da439cd441681f54fe25",
+                "sha256:469e2407e0fe9880ac690a3666f03eb4c3c444411a5a5fddfdabc5d184a79f05",
+                "sha256:4de4bc9b6d35c5af65b454d3e9bc98c50eb3960d5a3762c9438df57427134b8e",
+                "sha256:5208ebd5152e040640518a77827bdfcc73773a15a33d6644015b763b9c9febc1",
+                "sha256:52de7fc6c21b419078008f697fd4103dbc763288b1406b4562554bd47514c004",
+                "sha256:5bb3489b4558e49ad2c5118137cfeaf59434f9737fa9c5deefc72d22c23822e2",
+                "sha256:5dba5f530fec3f0988d83b78cc591b58c0b6eb8431a85edd1569a0539a8a5a0e",
+                "sha256:5dd9ca406499444f4c8299f803d4a14edf7890ecc595c8b1c7115c2342cadc5f",
+                "sha256:5f931a1c21dfa7a9c573ec1f50a31135ccce84e32507c54e1ea404894c5eb96f",
+                "sha256:63b82bb63de7c821428d513607e84c6d97d58afd1fe2eb645030bdc185440120",
+                "sha256:66c0061c91b3b9cf542131148ef7ecbecb2690d48d1612ec386de9d36766058f",
+                "sha256:6f0c02cbb9691b7c91d5009108f975f8ffeab5dff8f26d62e21c493060eff2a1",
+                "sha256:71aace0c42d53abe6fc7f726c5d3b60d90f3c5c055a447950ad6ea9cec2e37d9",
+                "sha256:7d97a4306898b05404a0dcdc32d9709b7d8832c0c542b861d9a826301719794e",
+                "sha256:7df1e1c05304f26faa49fa752a8c690126cf98b40b91d54e6e9cc3b7d6ffe8b7",
+                "sha256:8270252effc60b9642b423189a2fe90eb6b59e87cbee54549db3f5562ff8d1b8",
+                "sha256:867a5ad16892bf20e6c4ea2aab1971f45645ff3102ad29bd84c86027fa99997b",
+                "sha256:877473e675fdcc113c138813a5dd440da0769a2d81f4d86614e5d62b69497155",
+                "sha256:8892f89999ffd992208754851e5a052f6b5db70a1e3f7d54b17c5211e37a98c7",
+                "sha256:9a9845c4c6bb56e508651f005c4aeb0404e518c6f000d5a1123ab077ab769f5c",
+                "sha256:a1e6e96217a0f72e2b8629e271e1b280c6fa3fe6e59fa8f6701bec14e3354325",
+                "sha256:a8156e6a7f5e2a0ff0c5b21d6bcb45145efece1909efcbbbf48c56f8da68221d",
+                "sha256:a9506a7e80bcf6eacfff7f804c0ad5350c8c95b9010e4356a4b36f5322f09abb",
+                "sha256:af310ec8335016b5e52cae60cda4a4f2a60a788cbb949a4fbea13d441aa5a09e",
+                "sha256:b0297b1e05fd128d26cc2460c810d42e205d16d76799526dfa8c8ccd50e74959",
+                "sha256:bf68f4b2b6683e52bec69273562df15af352e5ed25d1b6641e7efddc5951d1a7",
+                "sha256:d0c1bc2fa9a7285719e5678584f6b92572a5b639d0e471bb8d4b650a1a910920",
+                "sha256:d4d9d6c1a455d4babd320203b918ccc7fcbefe308615c521062bc2ba1aa4d26e",
+                "sha256:db1fa631737dab9fa0b37f3979d8d2631e348c3b4e8325d6873c2541d0ae5a48",
+                "sha256:dd93ea5c0c7f3e25335ab7d22a507b1dc43976e1345508f845efc573d3d779d8",
+                "sha256:f44e517131a98f7a76696a7b21b164bcb85291cee106a23beccce454e1f433a4",
+                "sha256:f7ee479e96f7ee350db1cf24afa5685a5899e2b34992fb99e1f7c1b0b758d263"
+            ],
+            "version": "==5.4.0"
+        }
+    },
+    "develop": {
+        "astroid": {
+            "hashes": [
+                "sha256:4db03ab5fc3340cf619dbc25e42c2cc3755154ce6009469766d7143d1fc2ee4e",
+                "sha256:8a398dfce302c13f14bab13e2b14fe385d32b73f4e4853b9bdfb64598baa1975"
+            ],
+            "version": "==2.5.6"
+        },
+        "attrs": {
+            "hashes": [
+                "sha256:31b2eced602aa8423c2aea9c76a724617ed67cf9513173fd3a4f03e3a929c7e6",
+                "sha256:832aa3cde19744e49938b91fea06d69ecb9e649c93ba974535d08ad92164f700"
+            ],
+            "version": "==20.3.0"
+        },
+        "certifi": {
+            "hashes": [
+                "sha256:1a4995114262bffbc2413b159f2a1a480c969de6e6eb13ee966d470af86af59c",
+                "sha256:719a74fb9e33b9bd44cc7f3a8d94bc35e4049deebe19ba7d8e108280cfd59830"
+            ],
+            "version": "==2020.12.5"
+        },
+        "chardet": {
+            "hashes": [
+                "sha256:0d6f53a15db4120f2b08c94f11e7d93d2c911ee118b6b30a04ec3ee8310179fa",
+                "sha256:f864054d66fd9118f2e67044ac8981a54775ec5b67aed0441892edb553d21da5"
+            ],
+            "version": "==4.0.0"
+        },
+        "coverage": {
+            "hashes": [
+                "sha256:004d1880bed2d97151facef49f08e255a20ceb6f9432df75f4eef018fdd5a78c",
+                "sha256:01d84219b5cdbfc8122223b39a954820929497a1cb1422824bb86b07b74594b6",
+                "sha256:040af6c32813fa3eae5305d53f18875bedd079960822ef8ec067a66dd8afcd45",
+                "sha256:06191eb60f8d8a5bc046f3799f8a07a2d7aefb9504b0209aff0b47298333302a",
+                "sha256:13034c4409db851670bc9acd836243aeee299949bd5673e11844befcb0149f03",
+                "sha256:13c4ee887eca0f4c5a247b75398d4114c37882658300e153113dafb1d76de529",
+                "sha256:184a47bbe0aa6400ed2d41d8e9ed868b8205046518c52464fde713ea06e3a74a",
+                "sha256:18ba8bbede96a2c3dde7b868de9dcbd55670690af0988713f0603f037848418a",
+                "sha256:1aa846f56c3d49205c952d8318e76ccc2ae23303351d9270ab220004c580cfe2",
+                "sha256:217658ec7187497e3f3ebd901afdca1af062b42cfe3e0dafea4cced3983739f6",
+                "sha256:24d4a7de75446be83244eabbff746d66b9240ae020ced65d060815fac3423759",
+                "sha256:2910f4d36a6a9b4214bb7038d537f015346f413a975d57ca6b43bf23d6563b53",
+                "sha256:2949cad1c5208b8298d5686d5a85b66aae46d73eec2c3e08c817dd3513e5848a",
+                "sha256:2a3859cb82dcbda1cfd3e6f71c27081d18aa251d20a17d87d26d4cd216fb0af4",
+                "sha256:2cafbbb3af0733db200c9b5f798d18953b1a304d3f86a938367de1567f4b5bff",
+                "sha256:2e0d881ad471768bf6e6c2bf905d183543f10098e3b3640fc029509530091502",
+                "sha256:30c77c1dc9f253283e34c27935fded5015f7d1abe83bc7821680ac444eaf7793",
+                "sha256:3487286bc29a5aa4b93a072e9592f22254291ce96a9fbc5251f566b6b7343cdb",
+                "sha256:372da284cfd642d8e08ef606917846fa2ee350f64994bebfbd3afb0040436905",
+                "sha256:41179b8a845742d1eb60449bdb2992196e211341818565abded11cfa90efb821",
+                "sha256:44d654437b8ddd9eee7d1eaee28b7219bec228520ff809af170488fd2fed3e2b",
+                "sha256:4a7697d8cb0f27399b0e393c0b90f0f1e40c82023ea4d45d22bce7032a5d7b81",
+                "sha256:51cb9476a3987c8967ebab3f0fe144819781fca264f57f89760037a2ea191cb0",
+                "sha256:52596d3d0e8bdf3af43db3e9ba8dcdaac724ba7b5ca3f6358529d56f7a166f8b",
+                "sha256:53194af30d5bad77fcba80e23a1441c71abfb3e01192034f8246e0d8f99528f3",
+                "sha256:5fec2d43a2cc6965edc0bb9e83e1e4b557f76f843a77a2496cbe719583ce8184",
+                "sha256:6c90e11318f0d3c436a42409f2749ee1a115cd8b067d7f14c148f1ce5574d701",
+                "sha256:74d881fc777ebb11c63736622b60cb9e4aee5cace591ce274fb69e582a12a61a",
+                "sha256:7501140f755b725495941b43347ba8a2777407fc7f250d4f5a7d2a1050ba8e82",
+                "sha256:796c9c3c79747146ebd278dbe1e5c5c05dd6b10cc3bcb8389dfdf844f3ead638",
+                "sha256:869a64f53488f40fa5b5b9dcb9e9b2962a66a87dab37790f3fcfb5144b996ef5",
+                "sha256:8963a499849a1fc54b35b1c9f162f4108017b2e6db2c46c1bed93a72262ed083",
+                "sha256:8d0a0725ad7c1a0bcd8d1b437e191107d457e2ec1084b9f190630a4fb1af78e6",
+                "sha256:900fbf7759501bc7807fd6638c947d7a831fc9fdf742dc10f02956ff7220fa90",
+                "sha256:92b017ce34b68a7d67bd6d117e6d443a9bf63a2ecf8567bb3d8c6c7bc5014465",
+                "sha256:970284a88b99673ccb2e4e334cfb38a10aab7cd44f7457564d11898a74b62d0a",
+                "sha256:972c85d205b51e30e59525694670de6a8a89691186012535f9d7dbaa230e42c3",
+                "sha256:9a1ef3b66e38ef8618ce5fdc7bea3d9f45f3624e2a66295eea5e57966c85909e",
+                "sha256:af0e781009aaf59e25c5a678122391cb0f345ac0ec272c7961dc5455e1c40066",
+                "sha256:b6d534e4b2ab35c9f93f46229363e17f63c53ad01330df9f2d6bd1187e5eaacf",
+                "sha256:b7895207b4c843c76a25ab8c1e866261bcfe27bfaa20c192de5190121770672b",
+                "sha256:c0891a6a97b09c1f3e073a890514d5012eb256845c451bd48f7968ef939bf4ae",
+                "sha256:c2723d347ab06e7ddad1a58b2a821218239249a9e4365eaff6649d31180c1669",
+                "sha256:d1f8bf7b90ba55699b3a5e44930e93ff0189aa27186e96071fac7dd0d06a1873",
+                "sha256:d1f9ce122f83b2305592c11d64f181b87153fc2c2bbd3bb4a3dde8303cfb1a6b",
+                "sha256:d314ed732c25d29775e84a960c3c60808b682c08d86602ec2c3008e1202e3bb6",
+                "sha256:d636598c8305e1f90b439dbf4f66437de4a5e3c31fdf47ad29542478c8508bbb",
+                "sha256:deee1077aae10d8fa88cb02c845cfba9b62c55e1183f52f6ae6a2df6a2187160",
+                "sha256:ebe78fe9a0e874362175b02371bdfbee64d8edc42a044253ddf4ee7d3c15212c",
+                "sha256:f030f8873312a16414c0d8e1a1ddff2d3235655a2174e3648b4fa66b3f2f1079",
+                "sha256:f0b278ce10936db1a37e6954e15a3730bea96a0997c26d7fee88e6c396c2086d",
+                "sha256:f11642dddbb0253cc8853254301b51390ba0081750a8ac03f20ea8103f0c56b6"
+            ],
+            "version": "==5.5"
+        },
+        "idna": {
+            "hashes": [
+                "sha256:b307872f855b18632ce0c21c5e45be78c0ea7ae4c15c828c20788b26921eb3f6",
+                "sha256:b97d804b1e9b523befed77c48dacec60e6dcb0b5391d57af6a65a312a90648c0"
+            ],
+            "version": "==2.10"
+        },
+        "importlib-metadata": {
+            "hashes": [
+                "sha256:ace61d5fc652dc280e7b6b4ff732a9c2d40db2c0f92bc6cb74e07b73d53a1771",
+                "sha256:fa5daa4477a7414ae34e95942e4dd07f62adf589143c875c133c1e53c4eff38d"
+            ],
+            "index": "pypi",
+            "version": "==3.4.0"
+        },
+        "iniconfig": {
+            "hashes": [
+                "sha256:011e24c64b7f47f6ebd835bb12a743f2fbe9a26d4cecaa7f53bc4f35ee9da8b3",
+                "sha256:bc3af051d7d14b2ee5ef9969666def0cd1a000e121eaea580d4a313df4b37f32"
+            ],
+            "version": "==1.1.1"
+        },
+        "isort": {
+            "hashes": [
+                "sha256:54da7e92468955c4fceacd0c86bd0ec997b0e1ee80d97f67c35a78b719dccab1",
+                "sha256:6e811fcb295968434526407adb8796944f1988c5b65e8139058f2014cbe100fd"
+            ],
+            "version": "==4.3.21"
+        },
+        "lazy-object-proxy": {
+            "hashes": [
+                "sha256:17e0967ba374fc24141738c69736da90e94419338fd4c7c7bef01ee26b339653",
+                "sha256:1fee665d2638491f4d6e55bd483e15ef21f6c8c2095f235fef72601021e64f61",
+                "sha256:22ddd618cefe54305df49e4c069fa65715be4ad0e78e8d252a33debf00f6ede2",
+                "sha256:24a5045889cc2729033b3e604d496c2b6f588c754f7a62027ad4437a7ecc4837",
+                "sha256:410283732af311b51b837894fa2f24f2c0039aa7f220135192b38fcc42bd43d3",
+                "sha256:4732c765372bd78a2d6b2150a6e99d00a78ec963375f236979c0626b97ed8e43",
+                "sha256:489000d368377571c6f982fba6497f2aa13c6d1facc40660963da62f5c379726",
+                "sha256:4f60460e9f1eb632584c9685bccea152f4ac2130e299784dbaf9fae9f49891b3",
+                "sha256:5743a5ab42ae40caa8421b320ebf3a998f89c85cdc8376d6b2e00bd12bd1b587",
+                "sha256:85fb7608121fd5621cc4377a8961d0b32ccf84a7285b4f1d21988b2eae2868e8",
+                "sha256:9698110e36e2df951c7c36b6729e96429c9c32b3331989ef19976592c5f3c77a",
+                "sha256:9d397bf41caad3f489e10774667310d73cb9c4258e9aed94b9ec734b34b495fd",
+                "sha256:b579f8acbf2bdd9ea200b1d5dea36abd93cabf56cf626ab9c744a432e15c815f",
+                "sha256:b865b01a2e7f96db0c5d12cfea590f98d8c5ba64ad222300d93ce6ff9138bcad",
+                "sha256:bf34e368e8dd976423396555078def5cfc3039ebc6fc06d1ae2c5a65eebbcde4",
+                "sha256:c6938967f8528b3668622a9ed3b31d145fab161a32f5891ea7b84f6b790be05b",
+                "sha256:d1c2676e3d840852a2de7c7d5d76407c772927addff8d742b9808fe0afccebdf",
+                "sha256:d7124f52f3bd259f510651450e18e0fd081ed82f3c08541dffc7b94b883aa981",
+                "sha256:d900d949b707778696fdf01036f58c9876a0d8bfe116e8d220cfd4b15f14e741",
+                "sha256:ebfd274dcd5133e0afae738e6d9da4323c3eb021b3e13052d8cbd0e457b1256e",
+                "sha256:ed361bb83436f117f9917d282a456f9e5009ea12fd6de8742d1a4752c3017e93",
+                "sha256:f5144c75445ae3ca2057faac03fda5a902eff196702b0a24daf1d6ce0650514b"
+            ],
+            "version": "==1.6.0"
+        },
+        "mccabe": {
+            "hashes": [
+                "sha256:ab8a6258860da4b6677da4bd2fe5dc2c659cff31b3ee4f7f5d64e79735b80d42",
+                "sha256:dd8d182285a0fe56bace7f45b5e7d1a6ebcbf524e8f3bd87eb0f125271b8831f"
+            ],
+            "version": "==0.6.1"
+        },
+        "packaging": {
+            "hashes": [
+                "sha256:5b327ac1320dc863dca72f4514ecc086f31186744b84a230374cc1fd776feae5",
+                "sha256:67714da7f7bc052e064859c05c595155bd1ee9f69f76557e21f051443c20947a"
+            ],
+            "version": "==20.9"
+        },
+        "pluggy": {
+            "hashes": [
+                "sha256:15b2acde666561e1298d71b523007ed7364de07029219b604cf808bfa1c765b0",
+                "sha256:966c145cd83c96502c3c3868f50408687b38434af77734af1e9ca461a4081d2d"
+            ],
+            "version": "==0.13.1"
+        },
+        "py": {
+            "hashes": [
+                "sha256:21b81bda15b66ef5e1a777a21c4dcd9c20ad3efd0b3f817e7a809035269e1bd3",
+                "sha256:3b80836aa6d1feeaa108e046da6423ab8f6ceda6468545ae8d02d9d58d18818a"
+            ],
+            "version": "==1.10.0"
+        },
+        "pylint": {
+            "hashes": [
+                "sha256:5d77031694a5fb97ea95e828c8d10fc770a1df6eb3906067aaed42201a8a6a09",
+                "sha256:723e3db49555abaf9bf79dc474c6b9e2935ad82230b10c1138a71ea41ac0fff1"
+            ],
+            "index": "pypi",
+            "version": "==2.3.1"
+        },
+        "pyparsing": {
+            "hashes": [
+                "sha256:c203ec8783bf771a155b207279b9bccb8dea02d8f0c9e5f8ead507bc3246ecc1",
+                "sha256:ef9d7589ef3c200abe66653d3f1ab1033c3c419ae9b9bdb1240a85b024efc88b"
+            ],
+            "version": "==2.4.7"
+        },
+        "pytest": {
+            "hashes": [
+                "sha256:9d1edf9e7d0b84d72ea3dbcdfd22b35fb543a5e8f2a60092dd578936bf63d7f9",
+                "sha256:b574b57423e818210672e07ca1fa90aaf194a4f63f3ab909a2c67ebb22913839"
+            ],
+            "index": "pypi",
+            "version": "==6.2.2"
+        },
+        "pytest-base-url": {
+            "hashes": [
+                "sha256:7f1f32e08c2ee751e59e7f5880235b46e83496adc5cba5a01ca218c6fe81333d",
+                "sha256:8b6523a1a3af73c317bdae97b722dfb55a7336733d1ad411eb4a4931347ba77a"
+            ],
+            "version": "==1.4.2"
+        },
+        "pytest-cov": {
+            "hashes": [
+                "sha256:0ab664b25c6aa9716cbf203b17ddb301932383046082c081b9848a0edf5add33",
+                "sha256:230ef817450ab0699c6cc3c9c8f7a829c34674456f2ed8df1fe1d39780f7c87f"
+            ],
+            "index": "pypi",
+            "version": "==2.6.1"
+        },
+        "pytest-dotenv": {
+            "hashes": [
+                "sha256:12ff70de238cdc2c8d838ef92b720325ceb6ae2c9967be5f4e606a36de48345c",
+                "sha256:a3a0adf9e17cf7c9e38ec597a74cc902ac76baa1cc5a9bd7581a3711930ad057"
+            ],
+            "index": "pypi",
+            "version": "==0.4.0"
+        },
+        "pytest-html": {
+            "hashes": [
+                "sha256:3ee1cf319c913d19fe53aeb0bc400e7b0bc2dbeb477553733db1dad12eb75ee3",
+                "sha256:b7f82f123936a3f4d2950bc993c2c1ca09ce262c9ae12f9ac763a2401380b455"
+            ],
+            "version": "==3.1.1"
+        },
+        "pytest-metadata": {
+            "hashes": [
+                "sha256:576055b8336dd4a9006dd2a47615f76f2f8c30ab12b1b1c039d99e834583523f",
+                "sha256:71b506d49d34e539cc3cfdb7ce2c5f072bea5c953320002c95968e0238f8ecf1"
+            ],
+            "version": "==1.11.0"
+        },
+        "pytest-selenium": {
+            "hashes": [
+                "sha256:a0008e6dce7c68501369c1c543420f5906ffada493d4ff0c5d9d5ccdf4022203",
+                "sha256:fd632e0b657be6360f6319445eb0f475872d488b67634f791561851d55e390b1"
+            ],
+            "index": "pypi",
+            "version": "==2.0.1"
+        },
+        "pytest-variables": {
+            "hashes": [
+                "sha256:ccf4afcd70de1f5f18b4463758a19f24647a9def1805f675e80db851c9e00ac0",
+                "sha256:f79851e4c92a94c93d3f1d02377b5ac97cc8800392e87d108d2cbfda774ecc2a"
+            ],
+            "version": "==1.9.0"
+        },
+        "python-dotenv": {
+            "hashes": [
+                "sha256:122290a38ece9fe4f162dc7c95cae3357b983505830a154d3c98ef7f6c6cea77",
+                "sha256:4a205787bc829233de2a823aa328e44fd9996fedb954989a21f1fc67c13d7a77"
+            ],
+            "index": "pypi",
+            "version": "==0.9.1"
+        },
+        "requests": {
+            "hashes": [
+                "sha256:27973dd4a904a4f13b263a19c866c13b92a39ed1c964655f025f3f8d3d75b804",
+                "sha256:c210084e36a42ae6b9219e00e48287def368a26d03a048ddad7bfee44f75871e"
+            ],
+            "version": "==2.25.1"
+        },
+        "responses": {
+            "hashes": [
+                "sha256:46d4e546a19fc6106bc7e804edd4551ef04690405e41e7e750ebc295d042623b",
+                "sha256:93b1e0f2f960c0f3304ca4436856241d64c33683ef441431b9caf1d05d9d9e23"
+            ],
+            "index": "pypi",
+            "version": "==0.10.7"
+        },
+        "selenium": {
+            "hashes": [
+                "sha256:2d7131d7bc5a5b99a2d9b04aaf2612c411b03b8ca1b1ee8d3de5845a9be2cb3c",
+                "sha256:deaf32b60ad91a4611b98d8002757f29e6f2c2d5fcaf202e1c9ad06d6772300d"
+            ],
+            "version": "==3.141.0"
+        },
+        "six": {
+            "hashes": [
+                "sha256:30639c035cdb23534cd4aa2dd52c3bf48f06e5f4a941509c8bafd8ce11080259",
+                "sha256:8b74bedcbbbaca38ff6d7491d76f2b06b3592611af620f8426e82dddb04a5ced"
+            ],
+            "version": "==1.15.0"
+        },
+        "tenacity": {
+            "hashes": [
+                "sha256:baed357d9f35ec64264d8a4bbf004c35058fad8795c5b0d8a7dc77ecdcbb8f39",
+                "sha256:e14d191fb0a309b563904bbc336582efe2037de437e543b38da749769b544d7f"
+            ],
+            "version": "==6.3.1"
+        },
+        "toml": {
+            "hashes": [
+                "sha256:806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b",
+                "sha256:b3bda1d108d5dd99f4a20d24d9c348e91c4db7ab1b749200bded2f839ccbe68f"
+            ],
+            "version": "==0.10.2"
+        },
+        "typing-extensions": {
+            "hashes": [
+                "sha256:2ed632b30bb54fc3941c382decfd0ee4148f5c591651c9272473fea2c6397d95",
+                "sha256:b1edbbf0652660e32ae780ac9433f4231e7339c7f9a8057d0f042fcbcea49b87",
+                "sha256:d8179012ec2c620d3791ca6fe2bf7979d979acdbef1fca0bc56b37411db682ed"
+            ],
+            "index": "pypi",
+            "version": "==3.7.4"
+        },
+        "urllib3": {
+            "hashes": [
+                "sha256:2f4da4594db7e1e110a944bb1b551fdf4e6c136ad42e4234131391e21eb5b0df",
+                "sha256:e7b021f7241115872f92f43c6508082facffbd1c048e3c6e2bb9c2a157e28937"
+            ],
+            "version": "==1.26.4"
+        },
+        "wrapt": {
+            "hashes": [
+                "sha256:b62ffa81fb85f4332a4f609cab4ac40709470da05643a082ec1eb88e6d9b97d7"
+            ],
+            "version": "==1.12.1"
+        },
+        "zipp": {
+            "hashes": [
+                "sha256:3607921face881ba3e026887d8150cca609d517579abe052ac81fc5aeffdbd76",
+                "sha256:51cb66cc54621609dd593d1787f286ee42a5c0adbb4b29abea5a63edc3e03098"
+            ],
+            "version": "==3.4.1"
+        }
+    }
+}
diff --git a/server/commands.py b/server/commands.py
new file mode 100644
index 00000000..1b14babd
--- /dev/null
+++ b/server/commands.py
@@ -0,0 +1,187 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+import os
+import json
+import shutil
+import click
+from datetime import datetime
+from sqlalchemy.schema import MetaData
+from marshmallow import ValidationError
+from wtforms.validators import ValidationError
+
+from src import create_app, db
+from src.forms import namespace_validation
+from src.auth.models import User, UserProfile
+from src.models.db_models import Project
+from src.util import is_name_allowed, mergin_secure_filename
+
+app = create_app()
+
+
+@app.cli.command()
+def init_db():
+    """Re-creates app's database"""
+    print('Database initialization ...')
+    db.drop_all(bind=None)
+    db.create_all(bind=None)
+    print('Done. Tables created.')
+    db.session.commit()
+    print('Done.')
+
+
+class JsonEncoder(json.JSONEncoder):
+    def default(self, o):
+        if isinstance(o, datetime):
+            return o.isoformat()
+
+
+@app.cli.command()
+def dump_db():
+    """Dumps data from database in JSON format (to stdout)"""
+    metadata = MetaData()
+    metadata.reflect(bind=db.engine)
+
+    result = {}
+    for table in metadata.sorted_tables:
+        result[table.name] = [dict(row) for row in db.engine.execute(table.select())]
+
+    print(json.dumps(result, cls=JsonEncoder, indent=2))
+
+
+@app.cli.command()
+@click.argument('input-file')
+def load_db(input_file):
+    """Load data from JSON file into the database"""
+    with open(input_file) as json_file:
+        data = json.load(json_file)
+
+    connection = db.engine.connect()
+    trans = connection.begin()
+    metadata = MetaData()
+    metadata.reflect(bind=db.engine)
+
+    try:
+        for table in metadata.sorted_tables:
+            items = data.get(table.name, [])
+            for item in items:
+                connection.execute(table.insert(), **item)
+        trans.commit()
+    except:
+        trans.rollback()
+        raise
+
+
+@app.cli.command()
+def check_location_file():
+    """ Return log for checking files for every version """
+    # Checking every files
+    # check every project
+    for project in Project.query.all():
+
+        # check every version of project
+        for version in project.versions.all():
+
+            # check every file of version
+            for _file in version.files:
+
+                location = os.path.join(project.storage.project_dir, _file['location'])
+                if os.path.join(project.storage.project_dir, version.name) not in location:
+                    continue
+
+                location_after_sanitized = os.path.join(
+                    project.storage.project_dir, version.name, mergin_secure_filename(_file['path']))
+                if location != location_after_sanitized:
+                    print(
+                        f'- files not same between original and sanitized `{location}` - `{location_after_sanitized}`')
+                    if os.path.exists(location):
+                        print(f'- but location found `{location}`')
+                else:
+                    if not os.path.exists(location):
+                        print(f'- location not found : `{location}`')
+
+
+@app.cli.command()
+def check_broken_username():
+    """ Return log for broken username """
+
+    # Checking every user
+    class UserField(object):
+        def __init__(self, data):
+            self.data = data
+
+    for user in User.query.all():
+        try:
+            namespace_validation(
+                None, UserField(user.username))
+        except ValidationError as e:
+            print(f'{user.username} - {e}')
+
+
+@app.cli.command()
+def check_broken_project_name():
+    """ Return log for broken project name"""
+    for project in Project.query.all():
+        if not is_name_allowed(project.name):
+            print(f'{project.name}')
+
+
+@app.cli.command()
+def find_projects_with_missing_dirs():
+    """ Return broken projects with missing associated projects directories on file system """
+    print("Missing project directories: ")
+    for project in Project.query.all():
+        if not os.path.exists(project.storage.project_dir):
+            print(f"{project.namespace}/{project.name}: {project.storage.project_dir}")
+
+
+@app.cli.command()
+@click.argument('username')
+@click.argument('password')
+@click.option('--is-admin', is_flag=True)
+@click.option('--email',  required=True)
+def add_user(username, password, is_admin, email):  # pylint: disable=W0612
+    """Create user account"""
+    create_user(username, password, is_admin, email)
+
+
+def create_user(username, password, is_admin, email):
+    user = User.query.filter_by(username=username).first()
+    if user:
+        print("ERROR: User {} already exists!\n".format(user.username))
+
+    user = User(username=username, passwd=password, is_admin=is_admin, email=email)
+    user.profile = UserProfile()
+    user.active = True
+    db.session.add(user)
+    db.session.commit()
+
+
+@app.cli.command()
+@click.argument('project-name')
+@click.option('--version', required=True)
+@click.option('--directory', type=click.Path(), required=True)
+def download_project(project_name, version, directory):  # pylint: disable=W0612
+    """ Download files for project at particular version """
+    ns, name = project_name.split('/')
+    project = Project.query.filter_by(namespace=ns, name=name).first()
+    if not project:
+        print("ERROR: Project does not exist")
+        return
+    pv = next((v for v in project.versions if v.name == version), None)
+    if not pv:
+        print("ERROR:Project version does not exist")
+        return
+    if os.path.exists(directory):
+        print(f"ERROR: Destination directory {directory} already exist")
+        return
+
+    os.mkdir(directory)
+    files = pv.files
+    for f in files:
+        project.storage.restore_versioned_file(f['path'], version)
+        f_dir = os.path.dirname(f["path"])
+        if f_dir:
+            os.makedirs(os.path.join(directory, f_dir), exist_ok=True)
+        shutil.copy(os.path.join(project.storage.project_dir, f["location"]), os.path.join(directory, f["path"]))
+    print("Project downloaded successfully")
diff --git a/server/config.py b/server/config.py
new file mode 100644
index 00000000..25f8d355
--- /dev/null
+++ b/server/config.py
@@ -0,0 +1,73 @@
+"""
+  
+  Common gunicorn configuration
+  
+  Gunicorn uses the following order of precidence for configuration 
+  values:
+  
+  1. Command-line (highest)
+  2. Environment variable
+  3. File referenced by --config (lowest)
+  
+  Put configuration common across all deployment environments here and 
+  add environment-specific items to the GUNICORN_CMD_ARGS env var.
+
+=======
+  WARNING: You may be tempted to *pythonise* the command-line arguments 
+  - instead, make sure you look at this page: the headings are the 
+  names the variables should have:
+  
+    https://docs.gunicorn.org/en/stable/settings.html#settings
+"""
+
+bind = '0.0.0.0:5000'
+
+worker_class = 'gevent'
+
+workers = 2
+
+worker_connections = 1000
+
+backlog = 480
+
+keepalive = 30
+
+accesslog = '-'
+
+errorlog = '-'
+
+access_log_format = '[ACCESS] %({x-forwarded-for}i)s %(m)s %(U)s %(q)s %(H)s %(s)s %(B)s %(f)s "%(a)s" %(D)s %(p)s'
+
+logconfig = 'gunicorn-logging.conf'
+
+max_requests = 20000
+
+max_requests_jitter = 5000
+
+"""
+  The following server hook is executed when a worker times-out. It 
+  allows us to print a traceback which may well indicate where in the 
+  code we stopped telling the master process we were still alive.
+  
+  This function was lifted directly from here:
+  https://github.com/benoitc/gunicorn/blob/master/examples/example_config.py
+  
+"""
+
+
+def worker_abort(worker):
+    worker.log.info("worker received SIGABRT signal")
+
+    ## get traceback info
+    import threading, sys, traceback
+    id2name = {th.ident: th.name for th in threading.enumerate()}
+    code = []
+    for threadId, stack in sys._current_frames().items():
+        code.append("\n# Thread: %s(%d)" % (id2name.get(threadId,""),
+            threadId))
+        for filename, lineno, name, line in traceback.extract_stack(stack):
+            code.append('File: "%s", line %d, in %s' % (filename,
+                lineno, name))
+            if line:
+                code.append("  %s" % (line.strip()))
+    worker.log.info("\n".join(code))
\ No newline at end of file
diff --git a/server/gunicorn-logging.conf b/server/gunicorn-logging.conf
new file mode 100644
index 00000000..ebb44b0a
--- /dev/null
+++ b/server/gunicorn-logging.conf
@@ -0,0 +1,42 @@
+[loggers]
+keys=root, gunicorn.error, gunicorn.access
+
+[handlers]
+keys=console_stdout, console_stdout, console_stderr
+
+[formatters]
+keys=errors, access
+
+[logger_root]
+level=INFO
+handlers=console_stderr
+
+[logger_gunicorn.error]
+level=INFO
+handlers=console_stderr
+propagate=0
+qualname=gunicorn.error
+
+[logger_gunicorn.access]
+level=INFO
+handlers=console_stdout
+propagate=0
+qualname=gunicorn.access
+
+[handler_console_stdout]
+class=StreamHandler
+formatter=access
+args=(sys.stdout, )
+
+[handler_console_stderr]
+class=StreamHandler
+formatter=errors
+args=(sys.stderr, )
+
+[formatter_errors]
+format=[%(levelname)s] [%(process)d] %(message)s
+class=mergin.OneLineExceptionFormatter
+
+[formatter_access]
+format=%(message)s
+class=mergin.OneLineExceptionFormatter
diff --git a/server/mergin.py b/server/mergin.py
new file mode 100644
index 00000000..47dfdd5a
--- /dev/null
+++ b/server/mergin.py
@@ -0,0 +1,36 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+# we need to monkey patch before app is loaded resolve this:
+# "gunicorn/workers/ggevent.py:65: MonkeyPatchWarning: Monkey-patching ssl after ssl has already been imported may lead
+# to errors, including RecursionError on Python 3.6. It may also silently lead to incorrect behaviour on Python 3.7.
+# Please monkey-patch earlier. See https://github.com/gevent/gevent/issues/1016.
+# Modules that had direct imports (NOT patched): ['urllib3.util, 'urllib3.util.ssl']"
+# which comes from using requests (its deps) lib in webhooks
+
+import os
+if not os.getenv("NO_MONKEY_PATCH", False):
+    import gevent.monkey
+    gevent.monkey.patch_all(subprocess=True)
+
+import logging
+from src import create_app
+
+application = create_app()
+
+
+class OneLineExceptionFormatter(logging.Formatter):
+    """
+    Reformat Exceptions with traceback to be single line.
+    Please note that for custom flask/logging you need to exc_info=True for non-exception levels
+
+    :Example:
+        >>> application.logger.error("Crazy long \\n exception msg", exc_info=True)
+        [2019-11-20 16:49:09 +0100] [17950] [ERROR] Crazy long || exception msg ||Traceback (most recent call last):||
+        File "/__init__.py", line 163, in ping||    x = 1 / 0||ZeroDivisionError: division by zero
+    """
+    def format(self, record):
+        msg = super().format(record)  # format message according to formatter class passed
+        if record.exc_text:
+            msg = msg.replace('\n', '||')
+        return msg
diff --git a/server/pytest.ini b/server/pytest.ini
new file mode 100644
index 00000000..2b8f6c0c
--- /dev/null
+++ b/server/pytest.ini
@@ -0,0 +1,4 @@
+[pytest]
+env_files =
+    .env
+    .test.env
\ No newline at end of file
diff --git a/server/src/.env b/server/src/.env
new file mode 100644
index 00000000..1c0f22bf
--- /dev/null
+++ b/server/src/.env
@@ -0,0 +1,7 @@
+# only for dev
+SECRET_KEY='top-secret'
+SECURITY_PASSWORD_SALT='top-secret'
+MAIL_DEFAULT_SENDER=''
+MAIL_USERNAME=''
+MAIL_PASSWORD=''
+FLASK_DEBUG=1
diff --git a/server/src/__init__.py b/server/src/__init__.py
new file mode 100644
index 00000000..8cfba0e9
--- /dev/null
+++ b/server/src/__init__.py
@@ -0,0 +1,466 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+import logging
+import os
+from operator import and_
+
+import connexion
+from sqlalchemy.schema import MetaData
+from flask_sqlalchemy import SQLAlchemy
+from flask_marshmallow import Marshmallow
+from flask import json, jsonify, render_template, send_from_directory, request, abort, url_for, current_app
+from flask_login import current_user
+from flask_wtf.csrf import generate_csrf
+from flask_migrate import Migrate
+from flask_mail import Mail
+import wtforms_json
+from sqlalchemy import desc, asc, or_
+
+from . import encoder
+from .forms import SendEmailForm, AccessPermissionForm
+from .mergin_utils import get_blacklisted_dirs, get_blacklisted_files
+from .webhooks import WebhookManager, Webhook
+
+
+class PostgresAlchemy(SQLAlchemy):
+    def apply_driver_hacks(self, app, info, options):
+        options.update({
+            'json_serializer': json.dumps
+        })
+        super(PostgresAlchemy, self).apply_driver_hacks(app, info, options)
+
+
+convention = {
+    "ix": "ix_%(column_0_label)s",
+    "uq": "uq_%(table_name)s_%(column_0_name)s",
+    "ck": "ck_%(table_name)s_%(constraint_name)s",
+    "fk": "fk_%(table_name)s_%(column_0_name)s_%(referred_table_name)s",
+    "pk": "pk_%(table_name)s"
+}
+
+wtforms_json.init()
+metadata = MetaData(naming_convention=convention)
+db = PostgresAlchemy(metadata=metadata)
+ma = Marshmallow()
+mail = Mail()
+wm = WebhookManager()
+
+# signals
+SIG_NEW_PROJECT = 'new-project'
+SIG_NEW_USER = 'new-user'
+SIG_DELETED_USER = 'deleted-user'
+SIG_PROJECT_TRANSFERED = 'project-transferred'
+SIG_NEW_ORGANISATION = 'new-organisation'
+SIG_DELETED_ORGANISATION = 'deleted-organisation'
+
+
+class SlackWebhook(Webhook):
+    """ Class for sending notifications to Slack """
+
+    def __init__(self):
+        slack_url = os.environ.get('SLACK_HOOK_URL', '')
+        super().__init__('Slack', slack_url)
+
+    def format_data(self, data):
+        # check this for reference https://api.slack.com/messaging/composing/formatting#basics
+        return {'text': data}
+
+
+this_dir = os.path.dirname(os.path.realpath(__file__))
+
+class InitDBError(Exception):
+    pass
+
+
+def create_app():
+    from .permissions import require_project, ProjectPermissions
+    from .models.db_models import Project, ProjectAccess, ProjectVersion, Namespace, ProjectTransfer, Upload, Account, RemovedProject
+    from .models.schemas import ProjectSchema, ProjectListSchema, RemovedProjectSchema
+    from .config import Configuration
+    from .auth import auth_required, init_app
+    from .auth.models import User, UserProfile
+    from .auth.schemas import UserSchema
+    from .controllers import project_controller
+    from .celery import celery, send_email_async
+    from .organisation import init_app
+    from .organisation.models import Organisation, OrganisationInvitation
+    from .db_events import register_events
+    from .storages.disk import move_to_tmp
+
+    app = connexion.FlaskApp(__name__, specification_dir=os.path.join(this_dir, os.pardir))
+    app.app.json_encoder = encoder.JSONEncoder
+
+    api_options = {"swagger_ui": Configuration}
+    app.add_api('swagger.yaml', arguments={'title': 'Mergin'}, options=api_options)
+
+    app.app.config.from_object(Configuration)
+
+    db.init_app(app.app)
+    ma.init_app(app.app)
+    auth.init_app(app.app)
+    Migrate(app.app, db)
+    mail.init_app(app.app)
+    organisation.init_app(app.app)
+
+    slack = SlackWebhook()
+    # register and connect some basic signals
+    signals = [SIG_NEW_USER, SIG_DELETED_USER, SIG_NEW_PROJECT]
+    for signal in signals:
+        wm.register_signal(signal)
+        wm.connect_handler(signal, slack)
+
+    # Adjust CSRF policy for API
+    csrf = app.app.extensions['csrf']
+
+    @app.app.before_request
+    def check_maintenance():
+        allowed_endpoinds = ["/project/by_names", "/auth/login"]
+        if request.method in ['POST', 'PUT', 'PATCH', 'DELETE'] and os.path.isfile(current_app.config['MAINTENANCE_FILE']) and all(path not in request.path for path in allowed_endpoinds):
+            abort(503, "Service unavailable due to maintenance, please try later")
+
+    def custom_protect():
+        if request.path.startswith('/v1/') and 'session' not in request.cookies:
+            # Disable csrf for non-web clients
+            return
+        return csrf._protect()
+
+    csrf._protect = csrf.protect
+    csrf.protect = custom_protect
+
+    # Cannot read csrf token from data (can be large stream)!
+    # Read csrf token only from headers for API endpoints
+    _get_csrf_token = csrf._get_csrf_token
+
+    def get_csrf_token():
+        if request.path.startswith('/v1/'):
+            for header_name in app.app.config['WTF_CSRF_HEADERS']:
+                csrf_token = request.headers.get(header_name)
+                if csrf_token:
+                    return csrf_token
+        return _get_csrf_token()
+
+    csrf._get_csrf_token = get_csrf_token
+
+    def get_startup_data():
+        from .organisation import find_organisations_by_username, OrganisationSchema
+
+        data = {
+            "version": app.app.config['VERSION']
+        }
+        if current_user.is_authenticated and current_user.active:
+            schema = UserSchema()
+            data["user"] = schema.dump(current_user)
+            organisations = find_organisations_by_username(current_user.username)
+            data['organisations'] = OrganisationSchema(many=True, context={"user": current_user}).dump(organisations)
+            projects_count = Project.query.filter(Project.creator_id == current_user.id).filter_by(namespace=current_user.username).count()
+            data["user"]["has_project"] = True if projects_count > 0 else False
+        if app.app.config["USER_SELF_REGISTRATION"]:
+            data["registration"] = url_for('auth.self_register_user')
+        return data
+
+    # update celery config with flask app config
+    celery.conf.update(app.app.config)
+
+    @app.route("/assets/<path:filename>")
+    def send_asset(filename):  # pylint: disable=W0612
+        return send_from_directory(app.app.config["PUBLIC_DIR"], filename)  # pragma: no cover
+
+    def web_app(path=None):  # pylint: disable=W0613,W0612  # pragma: no cover
+        """ Default view function to render vue application """
+        data = get_startup_data()
+        data['csrf'] = generate_csrf()
+        return render_template("app.html", data=data)
+
+    # register frontend routes as flask default view endpoint
+    rules = [
+        '/', '/signup', '/login', '/login/<path:path>', '/users', '/users/<path:path>', '/projects',
+        '/projects/<path:path>', '/organisations', '/organisations/<path:path>', '/profile', '/dashboard'
+    ]
+    for rule in rules:
+        app.add_url_rule(rule, 'web_app', web_app, methods=["GET"])
+
+    @app.route('/admin', methods=['GET'])
+    @app.route('/admin/<path:path>', methods=['GET'])
+    @auth_required(permissions=['admin'])
+    def admin_web_app(path=None):  # pylint: disable=W0613,W0612  # pragma: no cover
+        data = get_startup_data()
+        data['csrf'] = generate_csrf()
+        return render_template("app.html", data=data)
+
+    @app.route('/ping', methods=['GET'])
+    def ping():  # pylint: disable=W0612
+        """ healthcheck and basic service info endpoint """
+        supported_endpoints = {
+            "project": {
+                "GET": [
+                    "/project", "/project/{namespace}/{project_name}",
+                    "/project/version/{namespace}/{project_name}"
+                ],
+                "POST": [
+                    "/project/{namespace}",
+                    "/project/clone/{namespace}/{project_name}"
+                ],
+                "DELETE": [
+                    "/project/{namespace}/{project_name}"
+                ],
+                "PUT": [
+                    "/project/{namespace}/{project_name}"
+                ]
+            },
+            "data_sync": {
+                "GET": [
+                    "/project/download/{namespace}/{project_name}",
+                    "/project/raw/{namespace}/{project_name}",
+                    "/resource/history/{namespace}/{project_name}/{file}"
+                ],
+                "POST": [
+                    "/project/push/cancel/{transaction_id}",
+                    "/project/push/finish/{transaction_id}",
+                    "/project/push/{namespace}/{project_name}",
+                    "/project/push/chunk/{transaction_id}/{chunk_id}"
+                ]
+            },
+            "user": {
+                "GET": [
+                    "/user/{username}"
+                ],
+                "POST": [
+                    "/auth/login",
+                    "/auth/register"
+                ]
+            }
+        }
+        status = json.dumps({
+            "service": "Mergin",
+            "status": "online",
+            "base_url": "v1",
+            "endpoints": supported_endpoints,
+            "version": app.app.config['VERSION'],
+            "blacklist_dirs": get_blacklisted_dirs(app.app.config['BLACKLIST']),
+            "blacklist_files": get_blacklisted_files(app.app.config['BLACKLIST']),
+            "maintenance": os.path.isfile(app.app.config['MAINTENANCE_FILE']),
+            "subscriptions_enabled": app.app.config["MERGIN_SUBSCRIPTIONS"]
+        })
+        return status, 200
+
+    # reading raw input stream not supported in connexion so far
+    # https://github.com/zalando/connexion/issues/592
+    # and as workaround we use custom Flask endpoint in create_app function
+    @app.route('/v1/project/push/chunk/<transaction_id>/<chunk_id>', methods=['POST'])
+    @auth_required
+    def chunk_upload(transaction_id, chunk_id):
+        return project_controller.chunk_upload(transaction_id, chunk_id)
+
+    @app.route('/app/project/access_request/<namespace>/<project_name>', methods=['POST'])
+    @auth_required
+    def create_project_access_request(namespace, project_name):  # noqa: E501
+        from src.models.db_models import AccessRequest
+        if not current_user.active:
+            return "You are not active anymore", 409
+
+        project = Project.query.filter(Project.name == project_name, Project.namespace == namespace).first_or_404()
+        if current_user.id in project.access.readers:
+            return "You already have access to project", 409
+
+        access_request = AccessRequest.query.filter_by(namespace=namespace, project_id=project.id, user_id=current_user.id).first()
+        if access_request:
+            return "Project access request already exists", 409
+
+        access_request = AccessRequest(project, current_user.id)
+        db.session.add(access_request)
+        db.session.commit()
+        # notify project owners
+        owners = User.query.join(UserProfile)\
+            .filter(User.verified_email, User.id.in_(project.access.owners))\
+            .filter(UserProfile.receive_notifications)\
+            .all()
+        for owner in owners:
+            email_data = {
+                "subject": "Project access requested",
+                "html": render_template(
+                    "email/project_access_request.html",
+                    expire=access_request.expire,
+                    link=f"{request.url_root.rstrip('/')}/projects/{project.namespace}/{project.name}/settings",
+                    user=current_user.username, username=owner.username,
+                    project_name=f"{project.namespace}/{project.name}"
+                ),
+                "recipients": [owner.email],
+                "sender": app.app.config['MAIL_DEFAULT_SENDER']
+            }
+            send_email_async.delay(**email_data)
+        return "", 200
+
+    @app.route('/app/project/access_request/<request_id>', methods=['DELETE'])
+    @auth_required
+    def delete_project_access_request(request_id):  # noqa: E501
+        from .models.db_models import AccessRequest
+        access_request = AccessRequest.query.get_or_404(request_id)
+        if current_user.id in access_request.project.access.owners \
+                or current_user.id == access_request.project.creator \
+                or current_user.id == access_request.user_id:
+            AccessRequest.query.filter(AccessRequest.id == request_id).delete()
+            db.session.commit()
+            return "", 200
+        else:
+            return "You don't have permissions to remove project access request", 403
+
+    @app.route('/app/project/accept/request/<request_id>', methods=['POST'])
+    @auth_required
+    def accept_project_access_request(request_id):
+        from .models.db_models import AccessRequest
+
+        form = AccessPermissionForm()
+        if form.validate():
+            permission = form.permissions.data
+            access_request = AccessRequest.query.get_or_404(request_id)
+            if current_user.id in access_request.project.access.owners or current_user.id == access_request.project.creator:
+                access_request.accept(permission)
+                return "", 200
+            else:
+                return "You don't have permissions to accept project access request", 403
+        else:
+            return jsonify(form.errors), 400
+
+    @app.route('/app/project/access_requests', methods=['GET'])
+    @auth_required
+    def get_project_access_requests():
+        from .models.db_models import AccessRequest
+        from .models.schemas import ProjectAccessRequestSchema
+
+        access_requests = AccessRequest.query.filter((AccessRequest.user_id == current_user.id) | (AccessRequest.namespace == current_user.username)).all()
+        return jsonify(ProjectAccessRequestSchema(many=True).dump(access_requests)), 200
+
+    @app.route('/app/removed-project', methods=['GET'])
+    @auth_required(permissions=['admin'])
+    def paginate_removed_projects():  # noqa: E501
+        page = int(request.args.get('page', 1))
+        per_page = int(request.args.get('per_page', 25))
+        order_by = request.args.get('order_by', None)
+        descending = str(request.args.get('descending', 'false')) == 'true'
+
+        projects = RemovedProject.query
+        if descending and order_by:
+            projects = projects.order_by(desc(RemovedProject.__table__.c[order_by]))
+        elif not descending and order_by:
+            projects = projects.order_by(asc(RemovedProject.__table__.c[order_by]))
+        result = projects.paginate(page, per_page).items
+        total = projects.paginate(page, per_page).total
+        data = RemovedProjectSchema(many=True).dump(result)
+        data = {'projects': data, 'count': total}
+        return data, 200
+
+    @app.route('/app/removed-project/restore/<id>', methods=['POST'])
+    @auth_required(permissions=['admin'])
+    def restore_project(id):  # noqa: E501
+        rp = RemovedProject.query.get_or_404(id)
+        project_name = f"{rp.namespace}/{rp.name}"
+        project = Project.query.filter(or_(and_(Project.name == rp.name, Project.namespace == rp.namespace), Project.id == rp.properties["id"] )).first()
+        if project:
+            abort(409, f"Failed to restore: project {project_name} already exists")
+
+        creator = User.query.get(rp.properties['creator_id'])
+        if not (creator and creator.active):
+            abort(400, f"Failed to restore: creator of project {project_name} is not available")
+
+        # create new project, restore metadata and recreate project versions
+        p = Project(rp.name, rp.properties["storage_params"], creator, rp.namespace)
+        for attr in ("id", "created", "updated", "files", "tags", "disk_usage", "latest_version"):
+            setattr(p, attr, rp.properties.get(attr))
+        p.access = ProjectAccess(p, public=False)
+        db.session.add(p)
+        for version in rp.properties["versions"]:
+            pv = ProjectVersion(p, version["name"], version["author"], version["changes"],
+                                version["files"], version["ip_address"], version["user_agent"])
+            pv.created = version["created"]
+            pv.ip_geolocation_country = version["ip_geolocation_country"]
+            db.session.add(pv)
+        db.session.delete(rp)
+        db.session.commit()
+        return "", 201
+
+    @app.route('/app/removed-project/<id>', methods=['DELETE'])
+    @auth_required(permissions=['admin'])
+    def retire_removed_project(id):  # noqa: E501
+        rp = RemovedProject.query.get_or_404(id)
+        db.session.add(rp)
+        db.session.delete(rp)
+        db.session.commit()
+        rp_dir = os.path.abspath(os.path.join(current_app.config['LOCAL_PROJECTS'], rp.properties["storage_params"]["location"]))
+        if os.path.exists(rp_dir):
+            move_to_tmp(rp_dir)
+        return "", 204
+
+    @app.route('/app/templates', methods=['GET'])
+    @auth_required
+    def template_projects():  # pylint: disable=W0612
+        projects = Project.query.filter(Project.creator.has(username='TEMPLATES')).all()
+        project_schema = ProjectListSchema(many=True)
+        return jsonify(project_schema.dump(projects)), 200
+
+    @app.route('/app/email_notification', methods=['POST'])
+    @auth_required(permissions=['admin'])
+    def send_email_notification():
+        """
+        Send email composed in web UI to all selected users as BCC.
+        """
+        form = SendEmailForm()
+        if form.validate():
+            users = User.query.join(
+                UserProfile).filter(User.verified_email,
+                User.username.in_(form.users.data)).filter(
+                UserProfile.receive_notifications).all()
+            if not users:
+                return jsonify({"success": True})
+
+            email_data = {
+                'subject': form.subject.data,
+                'html': form.message.data,
+                'recipients': [app.app.config['MAIL_DEFAULT_SENDER']],
+                'bcc': [user.email for user in users],
+                'sender': app.app.config['MAIL_DEFAULT_SENDER']
+            }
+            send_email_async.delay(**email_data)
+            return jsonify({"success": True})
+        return jsonify(form.errors), 404
+
+    if app.app.config['DEBUG']:  # pragma: no cover
+        @app.route("/dev/init")  # pylint: disable=W0613,W0612
+        def init():  # pylint: disable=W0612
+            response = jsonify(get_startup_data())
+            response.headers.set('X-CSRF-Token', generate_csrf())
+            return response
+
+        # Enable SQL debugging
+        # logging.basicConfig()
+        # logging.getLogger('sqlalchemy.engine').setLevel(logging.INFO)
+
+    register_events()
+    application = app.app
+
+    # REGISTER BLUEPRINTS
+    from .controllers.account_controller import account
+    application.register_blueprint(account, url_prefix='/app')
+
+    @application.after_request
+    def log_bad_request(response):
+        """ Log bad requests for easier debugging """
+        if response.status_code == 400:
+            if response.json.get("detail"):
+                # default response from connexion (check against swagger.yaml)
+                logging.warning(f'HTTP 400: {response.json["detail"]}')
+            else:
+                # either WTF form validation error or custom validation with abort(400)
+                logging.warning(f'HTTP 400: {response.data}')
+        elif response.status_code == 409:
+            # request which would result in conflict, e.g. creating the same project again
+            logging.warning(f'HTTP 409: {response.data}')
+        elif response.status_code == 422:
+            # request was valid but still could not be processed, e.g. geodiff error
+            logging.error(f'HTTP 422: {response.data}', exc_info=True)
+        else:
+            # ignore other errors
+            pass
+
+        return response
+
+    return application
diff --git a/server/src/auth/__init__.py b/server/src/auth/__init__.py
new file mode 100644
index 00000000..10c68ed8
--- /dev/null
+++ b/server/src/auth/__init__.py
@@ -0,0 +1,404 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+import functools
+import os
+from datetime import datetime, timedelta
+
+from flask import request, current_app, jsonify, url_for, render_template, redirect, abort, Blueprint
+from flask_login import LoginManager, login_user, logout_user, current_user
+from itsdangerous import URLSafeTimedSerializer, BadSignature, BadTimeSignature
+from flask_mail import Mail
+from flask_wtf.csrf import CSRFProtect
+from sqlalchemy import func
+
+from .models import User, UserProfile, LoginHistory
+from .schemas import UserSchema, UserSearchSchema, AccountSearchSchema
+from .forms import (LoginForm, RegisterUserForm, UserPasswordForm, ResetPasswordForm,
+                    UserRegistrationForm, UserForm, UserProfileDataForm, UserChangePasswordForm)
+from .bearer import decode_token
+from .. import db, wm, SIG_NEW_USER, SIG_DELETED_USER
+
+_permissions = {}
+def register_permission(name, fn):
+    _permissions[name] = fn
+
+register_permission('admin', lambda user: user.is_admin)
+
+
+def auth_required(f=None, permissions=None):
+    if f is None:
+        if permissions:
+            permissions_fn = []
+            for name in permissions:
+                if name not in _permissions:
+                    raise KeyError('Unknown permission: {}'.format(name))
+                permissions_fn.append(_permissions[name])
+        return functools.partial(auth_required, permissions=permissions_fn)
+
+    @functools.wraps(f)
+    def wrapped_func(*args, **kwargs):
+        if not current_user or not current_user.is_authenticated:
+            return 'Authentication information is missing or invalid.', 401
+        if permissions:
+            for check_permission in permissions:
+                if not check_permission(current_user):
+                    return 'Permission denied.', 403
+        return f(*args, **kwargs)
+    return wrapped_func
+
+
+def authenticate(login, password):
+    if '@' in login:
+        query = {"email": login}
+    else:
+        query = {"username": login}
+    user = User.query.filter_by(**query).one_or_none()
+    if user and user.check_password(password):
+        return user
+
+
+def generate_confirmation_token(app, email):
+    serializer = URLSafeTimedSerializer(app.config['SECRET_KEY'])
+    return serializer.dumps(email, salt=app.config['SECURITY_PASSWORD_SALT'])
+
+
+def send_confirmation_email(app, user, url, template, header):
+    from ..celery import send_email_async
+    token = generate_confirmation_token(app, user.email)
+    confirm_url = url_for(url, token=token, _external=True)
+    html = render_template(template, subject=header, confirm_url=confirm_url, user=user)
+    email_data = {
+        'subject': header,
+        'html': html,
+        'recipients': [user.email],
+        'sender': app.config['MAIL_DEFAULT_SENDER']
+    }
+    send_email_async.delay(**email_data)
+
+
+def do_register_user(username, email, password):
+    user = User(username.strip(), email.strip(), password, False)
+    user.profile = UserProfile()
+    db.session.add(user)
+    db.session.commit()
+    wm.emit_signal(SIG_NEW_USER, request.path, msg=f'New user *{username}* has been registered')
+
+
+def init_app(app):
+    csrf = CSRFProtect(app)  # pylint: disable=W0612
+    login_manager = LoginManager(app)
+    mail = Mail(app)
+    app.mail = mail
+    auth = Blueprint('auth', __name__, template_folder='templates')
+
+    @login_manager.user_loader
+    def load_user(user_id):   # pylint: disable=W0613,W0612
+        return User.query.get(user_id)
+
+    @login_manager.header_loader
+    def load_user_from_header(header_val):   # pylint: disable=W0613,W0612
+        if header_val.startswith('Bearer'):
+            header_val = header_val.replace('Bearer ', '', 1)
+            try:
+                data = decode_token(app.config['SECRET_KEY'], header_val, app.config['BEARER_TOKEN_EXPIRATION'])
+                user = User.query.filter_by(id=data['user_id'], username=data['username'], email=data['email']).one_or_none()
+                if user and user.active:
+                    return user
+            except (BadSignature, BadTimeSignature, KeyError):
+                pass
+
+    @auth.route('/login', methods=['POST'])
+    def login():  # pylint: disable=W0613,W0612
+        form = LoginForm()
+        if form.validate():
+            user = authenticate(form.login.data, form.password.data)
+            if user and user.active:
+                login_user(user)
+                if not os.path.isfile(current_app.config['MAINTENANCE_FILE']):
+                    LoginHistory.add_record(user.username, request)
+                schema = UserSchema()
+                return jsonify(schema.dump(user))
+            elif not user:
+                abort(401, 'Invalid username or password')
+            elif not user.active:
+                abort(401, 'Account is not active, please contact administrators')
+        return jsonify(form.errors), 401
+
+    @auth.route('/change_password', methods=['POST'])
+    @auth_required
+    def change_password():  # pylint: disable=W0613,W0612
+        form = UserChangePasswordForm()
+        if form.validate_on_submit():
+            if not current_user.check_password(form.old_password.data):
+                form.errors['old_password'] = ['The old password is incorrect']
+                return jsonify(form.errors), 400
+            current_user.assign_password(form.password.data)
+            db.session.add(current_user)
+            db.session.commit()
+            return jsonify({"success": True})
+        return jsonify(form.errors), 400
+
+    @auth.route('/user_profile_by_name/<string:username>', methods=['GET'])
+    @auth_required(permissions=['admin'])
+    def get_user_profile_by_username(username):
+        user = User.query.filter(User.username == username).first_or_404()
+        data = UserSchema().dumps(user)
+        return data, 200
+
+    @auth.route('/delete_account', methods=['DELETE'])
+    @auth_required
+    def delete_account():  # pylint: disable=W0613,W0612
+        """ Delete user account.
+         User and all its references are permanently removed from db and disk.
+         """
+        from ..models.db_models import Account
+        from ..celery import send_email_async
+
+        username = current_user.username
+        recipient = current_app.config['MAIL_DEFAULT_SENDER']
+        account = Account.query.filter_by(type="user", owner_id=current_user.id).first()
+        db.session.delete(account)
+        db.session.commit()
+        db.session.delete(current_user)
+        db.session.commit()
+
+        # send email into admin
+        # TODO: this is just notification for mergin admin, we might want to do something better for statistics
+        # TODO: also it might be cleaner to do it outside of auth module, e.g. on delete signal
+        email_data = {
+            'subject': f'{username} has been deleted',
+            'html': f'user {username} has deleted their account',
+            'recipients': [recipient],
+            'sender': current_app.config['MAIL_DEFAULT_SENDER']
+        }
+        send_email_async.delay(**email_data)
+
+        wm.emit_signal(SIG_DELETED_USER, request.path, msg=f'User *{username}* has been deleted')
+        return jsonify({"success": True})
+
+    @auth.route('/logout')
+    @auth_required
+    def logout():  # pylint: disable=W0613,W0612
+        logout_user()
+        return jsonify({"success": True})
+
+    @auth.route('/resend_confirm_email')
+    @auth_required
+    def resend_confirm_email():  # pylint: disable=W0613,W0612
+        send_confirmation_email(
+            app,
+            current_user,
+            'auth.confirm_email',
+            'email/email_confirmation.html',
+            'Email confirmation'
+        )
+        return jsonify({"success": True})
+
+    def confirm_token(token, expiration=3600*24*3):
+        serializer = URLSafeTimedSerializer(app.config['SECRET_KEY'])
+        try:
+            email = serializer.loads(
+                token,
+                salt=app.config['SECURITY_PASSWORD_SALT'],
+                max_age=expiration
+            )
+        except:
+            return
+        return email
+
+    @auth.route('/user', methods=['POST'])
+    @auth_required(permissions=['admin'])
+    def register_user():  # pylint: disable=W0613,W0612
+        form = RegisterUserForm()
+        if form.validate():
+            do_register_user(form.username.data, form.email.data, '')
+            return jsonify({"success": True}), 200
+        return jsonify(form.errors), 400
+
+    @auth.route('/confirm/<token>', methods=['GET'])
+    def confirm_email(token):  # pylint: disable=W0613,W0612
+        from ..celery import send_email_async
+
+        email = confirm_token(token)
+        if not email:
+            abort(400, "Invalid token")
+
+        user = User.query.filter_by(email=email).first_or_404()
+        if user.verified_email:
+            return render_template('email_verified.html')
+
+        if not user.check_password(''):
+            user.verified_email = True
+            db.session.add(user)
+            db.session.commit()
+            # send welcome email if user is freshly registered
+            if user.profile.registration_date and user.profile.registration_date > datetime.utcnow() - timedelta(hours=1):
+                html = render_template('email/welcome_email.html', subject="Welcome to Mergin!")
+                email_data = {
+                    'subject': "Welcome to Mergin",
+                    'html': html,
+                    'recipients': [user.email],
+                    'sender': app.config['MAIL_DEFAULT_SENDER']
+                }
+                send_email_async.delay(**email_data)
+
+        return render_template('email_verified.html')
+
+    @auth.route('/password_changed', methods=['GET'])
+    def password_changed():  # pylint: disable=W0613,W0612
+        return render_template('password_reset_complete.html')  # pragma: no cover
+
+    @auth.route('/confirm_password/<token>', methods=['GET', 'POST'])
+    def confirm_new_password(token):  # pylint: disable=W0613,W0612
+        email = confirm_token(token)
+        if not email:
+            abort(400, "Invalid token")
+
+        user = User.query.filter_by(email=email).first_or_404()
+        # user should confirm email first
+        if not user.active:
+            abort(400, "Account is not active")
+
+        form = UserPasswordForm(request.form)
+        if request.method == 'POST':
+            form = UserPasswordForm()
+            if form.validate():
+                user.assign_password(form.password.data)
+                db.session.add(user)
+                db.session.commit()
+                return redirect(url_for('auth.password_changed'))
+
+        return render_template('change_password_form.html', form=form)
+
+    @auth.route('/password_reset', methods=['POST'])
+    def password_reset():  # pylint: disable=W0613,W0612
+        form = ResetPasswordForm()
+        if not form.validate():
+            return jsonify(form.errors), 404
+
+        user = User.query.filter(func.lower(User.email) == func.lower(form.email.data.strip())).one_or_none()
+        if not user:
+            return jsonify({"email": ["Account with given email does not exists"]}), 404
+        if not user.active:
+            # user should confirm email first
+            return jsonify({"email": ["Account is not active"]}), 400
+
+        send_confirmation_email(
+            app,
+            user,
+            '.confirm_new_password',
+            'email/password_reset.html',
+            'Password reset'
+        )
+        return jsonify({"success": True})
+
+    if app.config['USER_SELF_REGISTRATION']:
+        @auth.route('/signup', methods=['POST'])
+        def self_register_user():  # pylint: disable=W0613,W0612
+            form = UserRegistrationForm()
+            if form.validate_on_submit():
+                do_register_user(form.username.data, form.email.data, form.password.data)
+                user = User.query.filter(User.username == form.username.data).first()
+                send_confirmation_email(
+                    app,
+                    user,
+                    'auth.confirm_email',
+                    'email/user_registration.html',
+                    'Email confirmation'
+                )
+                login_user(user)
+                LoginHistory.add_record(user.username, request)
+                schema = UserSchema()
+                return jsonify(schema.dump(user))
+            return jsonify(form.errors), 400
+
+    @auth.route('/user/<string:username>', methods=['DELETE'])
+    @auth_required(permissions=['admin'])
+    def delete_user(username):  # pylint: disable=W0613,W0612
+        from ..models.db_models import Account
+
+        user = User.query.filter_by(username=username).first_or_404("User not found")
+        account = Account.query.filter_by(type="user", owner_id=user.id).first()
+        db.session.delete(account)
+        db.session.commit()
+        db.session.delete(user)
+        db.session.commit()
+        return jsonify({"success": True})
+
+    @auth.route('/user/profile', methods=['POST'])
+    @auth_required
+    def update_user_profile():  # pylint: disable=W0613,W0612
+        form = UserProfileDataForm.from_json(request.json)
+        email_changed = current_user.email != form.email.data.strip()
+        if not form.validate_on_submit():
+            return jsonify(form.errors), 400
+        if email_changed:
+            user = User.query.filter(func.lower(User.email) == func.lower(form.email.data.strip())).first()
+            if user:
+                form.email.errors.append("Email already exists")
+                return jsonify(form.errors), 400
+            current_user.verified_email = False
+
+        form.update_obj(current_user.profile)
+        form.update_obj(current_user)
+        db.session.add(current_user)
+        db.session.commit()
+        if email_changed:
+            resend_confirm_email()
+
+        return jsonify({"success": True})
+
+    @auth.route('/user/<string:username>', methods=['POST'])
+    @auth_required(permissions=['admin'])
+    def update_user(username):  # pylint: disable=W0613,W0612
+        form = UserForm.from_json(request.json)
+        if not form.validate_on_submit():
+            return jsonify(form.errors), 400
+
+        user = User.query.filter_by(username=username).first_or_404("User not found")
+        form.update_obj(user)
+        db.session.add(user)
+        db.session.commit()
+        return jsonify(UserSchema().dump(user))
+
+    @auth.route('/user/search', methods=['GET'])
+    @auth_required
+    def search_users():  # pylint: disable=W0613,W0612
+        """
+        search by like param returns results in order: 1.) match is on start of words - ordered by id
+                                                       2.) match is anywhere - ordered by id
+        """
+        query = None
+        ids = request.args.get('id')
+        names = request.args.get('names')
+        like = request.args.get('like')
+        users = User.query.filter_by(active=True)
+        schema = UserSearchSchema(many=True)
+        if ids:
+            ids = request.args.get('id')
+            try:
+                ids = map(int, ids.split(','))
+                query = User.id.in_(ids)
+            except (ValueError, AttributeError):
+                pass
+        elif names:
+            names = names.split(",")
+            query = User.username.in_(names)
+        elif like:
+            ilike = "{}%".format(like)
+            # match on start of words
+            query_username_prioritized = User.username.ilike(ilike) | User.username.op("~")(f'[\\.|\\-|_| ]{like}.*')
+            users1 = users.filter(query_username_prioritized).order_by(User.username).limit(10).all()
+            if len(users1) < 10:
+                # match anywhere except the previous results
+                query_match_anywhere = User.username.ilike(f"%{ilike}") & User.id.notin_([usr.id for usr in users1])
+                users2 = users.filter(query_match_anywhere).order_by(User.username).limit(10 - len(users1)).all()
+                users1.extend(users2)
+            return jsonify(schema.dump(users1))
+        if query is not None:
+            users = users.filter(query).order_by(User.username)
+
+        return jsonify(schema.dump(users.limit(10).all()))
+
+    app.register_blueprint(auth, url_prefix='/auth')
diff --git a/server/src/auth/bearer.py b/server/src/auth/bearer.py
new file mode 100644
index 00000000..72bb79b5
--- /dev/null
+++ b/server/src/auth/bearer.py
@@ -0,0 +1,28 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+import hashlib
+from itsdangerous import URLSafeTimedSerializer
+from flask.sessions import TaggedJSONSerializer
+
+
+def decode_token(secret_key, token, max_age=None):
+    salt = 'bearer-session'
+    serializer = TaggedJSONSerializer()
+    signer_kwargs = {
+        'key_derivation': 'hmac',
+        'digest_method': hashlib.sha1
+    }
+    s = URLSafeTimedSerializer(secret_key, salt=salt, serializer=serializer, signer_kwargs=signer_kwargs)
+    return s.loads(token, max_age=max_age)
+
+
+def encode_token(secret_key, data):
+    salt = 'bearer-session'
+    serializer = TaggedJSONSerializer()
+    signer_kwargs = {
+        'key_derivation': 'hmac',
+        'digest_method': hashlib.sha1
+    }
+    s = URLSafeTimedSerializer(secret_key, salt=salt, serializer=serializer, signer_kwargs=signer_kwargs)
+    return s.dumps(data)
diff --git a/server/src/auth/forms.py b/server/src/auth/forms.py
new file mode 100644
index 00000000..35f26d83
--- /dev/null
+++ b/server/src/auth/forms.py
@@ -0,0 +1,121 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+import safe
+from flask_wtf import FlaskForm
+from sqlalchemy import func
+from wtforms import StringField, PasswordField, BooleanField, FormField, validators, IntegerField, SelectField
+from wtforms.validators import DataRequired, Optional, Length, ValidationError, Email, EqualTo
+from wtforms.compat import iteritems
+
+from ..forms import namespace_validation
+from .models import User
+
+
+def whitespace_filter(obj):
+    return obj.strip() if isinstance(obj, str) else obj
+
+
+class UpdateForm(FlaskForm):
+    """
+    Base class for forms with reasonable update strategy.
+    Doesn't overwrite optional fields which was not passed in data!
+    """
+    def update_obj(self, obj):
+        for name, field in iteritems(self._fields):
+            is_optional = any((isinstance(v, Optional) for v in field.validators))
+            # update only required fields or passed optional fields
+            if not is_optional or (field.data or field.raw_data != []):
+                field.populate_obj(obj, name)
+
+
+class PasswordValidator():
+
+    def __init__(self, min_length=8):
+        self.min_length = min_length
+
+    def __call__(self, form, field):
+        if len(field.data) < self.min_length:
+            raise ValidationError("Passwords must be at least {} characters long.".format(self.min_length))
+
+        strength = safe.check(field.data, self.min_length)
+        if not bool(strength):
+            raise ValidationError('Password is not strong enough')
+
+
+class LoginForm(FlaskForm):
+    """ Form with username and password fields for user to sign in. """
+    login = StringField(validators=[DataRequired(), Length(max=80)])
+    password = PasswordField(validators=[DataRequired()])
+
+
+class RegisterUserForm(FlaskForm):
+    username = StringField(
+        'Username',
+        validators=[validators.Length(min=4, max=25), namespace_validation],
+        filters=(whitespace_filter, )
+    )
+    email = StringField(
+        'Email Address',
+        validators=[DataRequired(), Email()],
+        filters=(whitespace_filter, )
+    )
+
+    def validate(self):
+        if not super().validate():
+            return False
+
+        # check for existence in Namespace table
+        from ..models.db_models import Namespace
+        ns = Namespace.query.filter(func.lower(Namespace.name) == func.lower(self.username.data.strip())).first()
+        if ns:
+            self.username.errors.append("Already exists")
+            return False
+        user = User.query.filter(
+            (func.lower(User.username) == func.lower(self.username.data.strip())) |
+            (func.lower(User.email) == func.lower(self.email.data.strip()))).first()
+        if user:
+            if user.username.lower() == self.username.data.lower().strip():
+                self.username.errors.append("Already exists")
+            if user.email.lower() == self.email.data.lower().strip():
+                self.email.errors.append("Already exists")
+            return False
+        return True
+
+
+class ResetPasswordForm(FlaskForm):
+    email = StringField('Email Address', [DataRequired(), Email()], filters=(whitespace_filter, ))
+
+
+class UserPasswordForm(FlaskForm):
+    password = PasswordField(
+        'Password',
+        [DataRequired(), PasswordValidator(min_length=8)]
+    )
+    confirm = PasswordField('Confirm password', [
+        DataRequired(),
+        EqualTo('password', message='Passwords must match')
+    ])
+
+
+class UserRegistrationForm(RegisterUserForm, UserPasswordForm):
+    pass
+
+
+class UserChangePasswordForm(UserPasswordForm):
+    old_password = StringField(
+        'Old Password', [DataRequired()])
+
+
+class UserForm(UpdateForm):
+    is_admin = BooleanField('Admin', [Optional()])
+    active = BooleanField('Active', [Optional()])
+
+
+class UserProfileDataForm(UpdateForm):
+    """ This form is for user profile update """
+    receive_notifications = BooleanField(
+        'Receive notifications', [Optional()])
+    first_name = StringField('First Name', [Optional()], filters=(whitespace_filter, ))
+    last_name = StringField('Last Name', [Optional()], filters=(whitespace_filter, ))
+    email = StringField('Email', [Optional(), Email()], filters=(whitespace_filter, ))
diff --git a/server/src/auth/models.py b/server/src/auth/models.py
new file mode 100644
index 00000000..a94538a1
--- /dev/null
+++ b/server/src/auth/models.py
@@ -0,0 +1,97 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+import datetime
+import bcrypt
+from .. import db
+from ..mergin_utils import get_user_agent, get_ip
+
+
+class User(db.Model):
+    id = db.Column(db.Integer, primary_key=True)
+
+    username = db.Column(db.String(80), unique=True, info={'label': 'Username'})
+    email = db.Column(db.String(120), unique=True)
+
+    passwd = db.Column(db.String(80), info={'label': 'Password'}) #salted + hashed
+
+    active = db.Column(db.Boolean, default=True)
+    is_admin = db.Column(db.Boolean)
+    verified_email = db.Column(db.Boolean, default=False)
+    inactive_since = db.Column(db.DateTime(), nullable=True, index=True)
+
+    def __init__(self, username, email, passwd, is_admin=False):
+
+        self.username = username
+        self.email = email
+        self.assign_password(passwd)
+        self.is_admin = is_admin
+
+    def __repr__(self):
+        return '<User %r>' % self.username
+
+    def check_password(self, password):
+        if isinstance(password, str):
+            password = password.encode('utf-8')
+        return bcrypt.checkpw(password, self.passwd.encode('utf-8'))
+
+    def assign_password(self, password):
+        if isinstance(password, str):
+            password = password.encode('utf-8')
+        self.passwd = bcrypt.hashpw(password, bcrypt.gensalt()).decode('utf-8')
+
+    @property
+    def is_authenticated(self):
+        """ For Flask-Login """
+        return True
+
+    @property
+    def is_active(self):
+        """ For Flask-Login """
+        return self.active
+
+    @property
+    def is_anonymous(self):
+        """ For Flask-Login """
+        return False
+
+    def get_id(self):
+        """ For Flask-Login ... must return unicode user ID"""
+        return str(self.id)
+
+
+class UserProfile(db.Model):
+    user_id = db.Column(db.Integer, db.ForeignKey("user.id", ondelete="CASCADE"), primary_key=True)
+    receive_notifications = db.Column(db.Boolean, default=True, index=True)
+    first_name = db.Column(db.String(256), nullable=True, info={'label': 'First name'})
+    last_name = db.Column(db.String(256), nullable=True, info={'label': 'Last name'})
+    registration_date = db.Column(db.DateTime(), nullable=True, info={'label': 'Date of creation of user account'}, default=datetime.datetime.utcnow)
+
+    user = db.relationship("User",
+                           uselist=False,
+                           backref=db.backref("profile", single_parent=True, uselist=False, cascade="all,delete"))
+
+
+class LoginHistory(db.Model):
+    id = db.Column(db.Integer, primary_key=True)
+    timestamp = db.Column(db.DateTime(), default=datetime.datetime.utcnow, index=True)
+    username = db.Column(db.String, index=True)
+    user_agent = db.Column(db.String, index=True)
+    ip_address = db.Column(db.String, index=True)
+    ip_geolocation_country = db.Column(db.String, index=True)
+
+    def __init__(self, username, ua, ip):
+        self.username = username
+        self.user_agent = ua
+        self.ip_address = ip
+
+    @staticmethod
+    def add_record(username, request):
+        ua = get_user_agent(request)
+        ip = get_ip(request)
+        # ignore login attempts coming from urllib - related to db sync tool
+        if "DB-sync" in ua:
+            return
+        lh = LoginHistory(username, ua, ip)
+        db.session.add(lh)
+        db.session.commit()
+
diff --git a/server/src/auth/schemas.py b/server/src/auth/schemas.py
new file mode 100644
index 00000000..ba7f531d
--- /dev/null
+++ b/server/src/auth/schemas.py
@@ -0,0 +1,86 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+from marshmallow import fields
+
+from .. import ma
+from .models import User, UserProfile
+
+
+class UserProfileSchema(ma.ModelSchema):
+    name = ma.Function(
+        lambda obj:
+        f'{obj.first_name if obj.first_name else ""} {obj.last_name if obj.last_name else ""}'.strip(), dump_only=True)
+    storage = fields.Method("get_storage", dump_only=True)
+    disk_usage = fields.Method("get_disk_usage", dump_only=True)
+    organisations = fields.Method("get_user_organisations", dump_only=True)
+    has_project = fields.Method("_has_project", dump_only=True)
+
+    def get_storage(self, obj):
+        from ..models.db_models import Namespace
+
+        ns = Namespace.query.filter_by(name=obj.user.username).first()
+        return ns.storage
+
+    def get_disk_usage(self, obj):
+        from ..models.db_models import Namespace
+
+        ns = Namespace.query.filter_by(name=obj.user.username).first()
+        return ns.disk_usage()
+
+    def get_user_organisations(self, obj):
+        """ Return dictionary of organisation name: role for organisations user is member of """
+        from ..organisation.models import Organisation
+        org_map = {}
+        organisations = Organisation.find_by_member_id(obj.user_id)
+        for org in organisations:
+            org_map[org.name] = org.get_member_role(obj.user_id)
+        return org_map
+
+    def _has_project(self, obj):
+        from ..models.db_models import Project
+
+        projects_count = Project.query.filter(Project.creator_id == obj.user.id).filter_by(
+            namespace=obj.user.username).count()
+        return projects_count > 0
+
+    class Meta:
+        model = UserProfile
+
+
+class UserSchema(ma.ModelSchema):
+    profile = fields.Nested(UserProfileSchema, exclude=("user", ))
+    account = fields.Method("get_account", dump_only=True)
+
+    def get_account(self, obj):
+        from ..models.schemas import AccountSchema
+        from ..models.db_models import Namespace, Account, Project
+
+        account = Account.query.filter_by(type='user', owner_id=obj.id).first()
+        return AccountSchema().dump(account)
+
+    class Meta:
+        model = User
+        fields = ('id', 'username', 'email', 'active', 'is_admin', 'profile', 'account', 'verified_email')
+
+
+class UserSearchSchema(ma.ModelSchema):
+    profile = fields.Nested(UserProfileSchema, only=(
+        'first_name', 'last_name'))
+
+    class Meta:
+        model = User
+        fields = ('id', 'username', 'profile')
+
+
+class AccountSearchSchema(ma.ModelSchema):
+    id = fields.Integer()
+    type = fields.String()
+    name = fields.Method("get_name")
+
+    def get_name(self, obj):
+        if obj.type == "user":
+            return obj.username
+        else:
+            return obj.name
+
diff --git a/server/src/auth/templates/_formhelpers.html b/server/src/auth/templates/_formhelpers.html
new file mode 100644
index 00000000..9c033d40
--- /dev/null
+++ b/server/src/auth/templates/_formhelpers.html
@@ -0,0 +1,17 @@
+{% macro render_field(field) %}
+  <div class="md-input-container">
+    {{ field.label }}
+    {{ field(**kwargs)|safe }}
+    {% if field.description %}
+      <span class="info">i</span>
+      <div class="description">{{ field.description|safe }}</div>
+    {% endif %}
+  </div>
+  {% if field.errors %}
+    <ul class="errorlist">
+    {% for error in field.errors %}
+      <li>{{ error }}</li>
+    {% endfor %}
+    </ul>
+  {% endif %}
+{% endmacro %}
\ No newline at end of file
diff --git a/server/src/auth/templates/base.css b/server/src/auth/templates/base.css
new file mode 100644
index 00000000..09ed6ad3
--- /dev/null
+++ b/server/src/auth/templates/base.css
@@ -0,0 +1,47 @@
+body {
+  padding: 1em;
+  margin: 0;
+  font-family: Helvetica;
+  font-family: "Roboto","Helvetica","Lucida Grande","DejaVu Sans","Bitstream Vera Sans",Verdana,Arial;
+}
+.container {
+  max-width: 550px;
+  margin: 0 auto;
+}
+.center {
+  text-align: center;
+}
+.note {
+  font-weight: normal;
+  opacity: 0.5;
+  padding: 6px 0;
+  font-size: 15px;
+}
+.error {
+  color: #F4511E;
+}
+.md-button {
+  display: inline-block;
+  height: 36px;
+  line-height: 36px;
+  border: none;
+  padding: 0 16px;
+  text-transform: uppercase;
+  text-decoration: none;
+  font-size: 14px;
+  font-weight: 500;
+  border-radius: 2px;
+  cursor: pointer;
+  white-space: nowrap;
+  margin: 4px 8px;
+}
+.md-button.md-raised:not([disabled]) {
+  box-shadow: 0 1px 5px rgba(0,0,0,.2),0 2px 2px rgba(0,0,0,.14),0 3px 1px -2px rgba(0,0,0,.12);
+}
+.md-button.md-primary:not([disabled]) {
+  background-color: #2196f3;
+  color: rgba(255, 255, 255, .87);
+}
+.md-button.md-primary:not([disabled]):hover {
+  background-color: #1e88e5;
+}
diff --git a/server/src/auth/templates/base.html b/server/src/auth/templates/base.html
new file mode 100644
index 00000000..808f558c
--- /dev/null
+++ b/server/src/auth/templates/base.html
@@ -0,0 +1,27 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <link rel=icon href="/assets/favicon.ico">
+
+    {% block header %}
+    <title>{{ title }}</title>
+    {% endblock %}
+
+    <style>
+    {% include 'base.css' %}
+    </style>
+    {% block extrastyle %}
+    {% endblock %}
+
+  </head>
+
+  <body>
+    {% block content %}
+    <div id="header-div" class="clearfix with-margins">
+    </div>
+    {% endblock %}
+  </body>
+</html>
\ No newline at end of file
diff --git a/server/src/auth/templates/change_password_form.html b/server/src/auth/templates/change_password_form.html
new file mode 100644
index 00000000..3ed8c02a
--- /dev/null
+++ b/server/src/auth/templates/change_password_form.html
@@ -0,0 +1,35 @@
+{% extends 'base.html' %}
+{% from "_formhelpers.html" import render_field %}
+
+{% block header %}
+  <title>Activate account</title>
+{% endblock %}
+
+{% block extrastyle %}
+<style>
+{% include 'form.css' %}
+</style>
+{% endblock %}
+
+{% block content %}
+<div class="container">
+  <h2>{{ title }}</h2>
+
+  <p class="note">Please enter your password.</p>
+
+  <form method="post">
+    <input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
+
+    {{ render_field(form.password) }}
+    {{ render_field(form.confirm) }}
+
+    <p class="center">
+      <input
+        class="md-button md-raised md-primary"
+        type="submit"
+        value="Submit" />
+    </p>
+  </form>
+
+</div>
+{% endblock %}
diff --git a/server/src/auth/templates/email_verified.html b/server/src/auth/templates/email_verified.html
new file mode 100644
index 00000000..d489da89
--- /dev/null
+++ b/server/src/auth/templates/email_verified.html
@@ -0,0 +1,15 @@
+{% extends 'base.html' %}
+
+{% block title %} Email address verified {% endblock %}
+
+{% block content %}
+<div class="container center">
+  <p>
+    Your email address has been verified.
+  </p>
+  <br />
+  <p>
+    <a class="md-button md-raised md-primary" href="/">Continue</a>
+  </p>
+</div>
+{% endblock %}
diff --git a/server/src/auth/templates/form.css b/server/src/auth/templates/form.css
new file mode 100644
index 00000000..f7f94f7e
--- /dev/null
+++ b/server/src/auth/templates/form.css
@@ -0,0 +1,94 @@
+form {
+  padding: 16px 16px 16px 0;
+  display: flex;
+  flex-direction: column;
+}
+.md-input-container {
+  /*margin: 24px 0;*/
+  margin-top: 24px;
+  display: flex;
+  justify-content: space-between;
+  align-items: center;
+  position: relative;
+}
+
+.md-input-container label {
+  min-width: 140px;
+  display: inline-block;
+  font-size: 15px;
+  opacity: 0.75;
+  line-height: 32px;
+}
+input {
+  display: inline-block;
+  border-color: #ccc;
+  border-width: 0 0 1px 0;
+  font-size: 17px;
+  outline: none;
+  height: 32px;
+  transition: all .4s cubic-bezier(.25,.8,.25,1);
+  transition-property: border-color;
+  padding-bottom: 1px;
+  box-sizing: border-box;
+  background-color: transparent;
+  flex: 1;
+  max-width: 360px;
+  background-color: #f9f9f9;
+}
+input:focus {
+  border-color: #1e88e5;
+  padding-bottom: 0;
+  border-width: 0 0 2px 0;
+}
+.md-button[type="submit"] {
+  margin: 12px;
+  float: right;
+}
+ul.errorlist {
+  color: #F4511E;
+  padding-left: 0;
+  list-style: none;
+  font-size: 14px;
+  margin: 4px 0;
+}
+.info {
+  position: absolute;
+  display: block;
+  width: 16px;
+  height: 16px;
+  font-size: 14px;
+  line-height: 16px;
+  border-radius: 50%;
+  right: -24px;
+  bottom: 6px;
+  color: orange;
+  border: 1px solid currentColor;
+  text-align: center;
+  user-select: none;
+}
+.description {
+  position: absolute;
+  background-color: #fff;
+  border: 1px solid #aaa;
+  z-index: 100;
+  right: -20px;
+  bottom: 32px;
+  max-width: 300px;
+  min-width: 300px;
+  border-radius: 3px;
+}
+.info:not(:hover) + .description {
+  display: none;
+}
+
+@media (max-width: 500px) {
+  .md-input-container {
+    flex-direction: column;
+    justify-content: flex-end;
+    align-items: flex-start;
+  }
+  .md-input-container input {
+    width: 100%;
+    max-width: initial;
+  }
+}
\ No newline at end of file
diff --git a/server/src/auth/templates/password_reset_complete.html b/server/src/auth/templates/password_reset_complete.html
new file mode 100644
index 00000000..622aa855
--- /dev/null
+++ b/server/src/auth/templates/password_reset_complete.html
@@ -0,0 +1,16 @@
+{% extends 'base.html' %}
+
+{% block title %} Password Changed {% endblock %}
+
+{% block content %}
+<div class="container center">
+  <h2>Password Changed!</h2>
+  <p>
+    Your password was changed. You can now Sign In
+  </p>
+  <br />
+  <p>
+    <a class="md-button md-raised md-primary" href="/login">Continue</a>
+  </p>
+</div>
+{% endblock %}
diff --git a/server/src/auth/templates/user_registration_form.html b/server/src/auth/templates/user_registration_form.html
new file mode 100644
index 00000000..6ef418d5
--- /dev/null
+++ b/server/src/auth/templates/user_registration_form.html
@@ -0,0 +1,52 @@
+{% extends 'base.html' %}
+{% from "_formhelpers.html" import render_field %}
+
+{% block header %}
+  <title>Activate account</title>
+{% endblock %}
+
+{% block extrastyle %}
+<style>
+{% include 'form.css' %}
+</style>
+{% endblock %}
+
+{% block content %}
+<div class="container">
+  <h2>{{ title }}</h2>
+
+  <p class="note">Please complete the registration form:</p>
+
+  <form method="post">
+    <input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
+
+    {{ render_field(form.username) }}
+    {{ render_field(form.email) }}
+    {{ render_field(form.password) }}
+    {{ render_field(form.confirm) }}
+
+  <br>
+  <small>
+    By registering you agree to the <a href="/assets/EULA.pdf">Mergin Terms of Service</a>.
+  </small>
+
+    <p class="center">
+      <input
+        class="md-button md-raised md-primary"
+        type="submit"
+        value="Create Account" />
+    </p>
+  </form>
+
+
+
+  {% if error %}
+  <p class="error">{{ error }}</p>
+  {% endif %}
+
+  {% if msg %}
+  <p>{{ msg }}</p>
+  {% endif %}
+
+</div>
+{% endblock %}
diff --git a/server/src/celery.py b/server/src/celery.py
new file mode 100644
index 00000000..ddcff993
--- /dev/null
+++ b/server/src/celery.py
@@ -0,0 +1,139 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+import shutil
+import os
+from datetime import datetime, timedelta
+from celery import Celery
+from flask_mail import Message
+from smtplib import SMTPException, SMTPServerDisconnected
+from celery.schedules import crontab
+from sqlalchemy import  and_, false
+
+from .organisation import Organisation
+from .auth import User
+from .models.db_models import RemovedProject, Account, Project
+from .config import Configuration
+from . import mail, db
+from .storages.disk import move_to_tmp
+
+
+# create on flask app independent object
+# we need this for defining tasks, and celery is then configured in run_celery.py
+celery = Celery(__name__, broker=Configuration.CELERY_BROKER_URL, backend=Configuration.CELERY_RESULT_BACKEND)
+
+
+@celery.on_after_configure.connect
+def setup_periodic_tasks(sender, **kwargs):
+    sender.add_periodic_task(crontab(hour=2, minute=0), remove_temp_files, name='clean temp files')
+    sender.add_periodic_task(crontab(hour=2, minute=0), remove_projects_backups, name='remove old project backups')
+    sender.add_periodic_task(crontab(hour=1, minute=0), remove_accounts_data, name='remove personal data of inactive users')
+
+
+@celery.task(
+    autoretry_for=(SMTPException, SMTPServerDisconnected, ),
+    retry_kwargs={'max_retries': 3, 'default_retry_delay': 300},
+    ignore_result=True)
+def send_email_async(**kwargs):
+    """
+    Send flask mail (application context needed).
+
+    :param email_data: content for flask mail Message
+    :param email_data: dict
+    """
+    return send_email(**kwargs)
+
+
+def send_email(**kwargs):
+    """
+    Send flask mail (application context needed).
+
+    :param email_data: content for flask mail Message
+    :param email_data: dict
+    """
+    msg = Message(**kwargs)
+    # let's add default sender to BCC on production/staging server to make sure emails are in inbox
+    if not Configuration.MERGIN_TESTING:
+        msg.bcc.append(Configuration.MAIL_DEFAULT_SENDER)
+    mail.send(msg)
+
+
+@celery.task
+def remove_temp_files():
+    """ Remove old temp folders in mergin temp directory.
+    This is clean up for storages.disk.move_to_tmp() function.
+    """
+    for dir in os.listdir(Configuration.TEMP_DIR):
+        # ignore folder with apple notifications receipts which we want (temporarily) to maintain
+        if dir == 'notifications':
+            continue
+        path = os.path.join(Configuration.TEMP_DIR, dir)
+        if datetime.fromtimestamp(os.path.getmtime(path)) < datetime.utcnow() - timedelta(days=Configuration.TEMP_EXPIRATION):
+            try:
+                shutil.rmtree(path)
+            except OSError as e:
+                print(f"Unable to remove {path}: {str(e)}")
+
+
+@celery.task
+def remove_projects_backups():
+    """ Permanently remove deleted projects. All data is lost, and project could not be restored anymore """
+    projects = RemovedProject.query.filter(
+        RemovedProject.timestamp < datetime.utcnow() - timedelta(days=Configuration.DELETED_PROJECT_EXPIRATION)
+    ).all()
+
+    for p in projects:
+        p_dir = os.path.abspath(os.path.join(Configuration.LOCAL_PROJECTS, p.properties["storage_params"]["location"]))
+        if os.path.exists(p_dir):
+            move_to_tmp(p_dir)
+        db.session.delete(p)
+    db.session.commit()
+
+
+@celery.task
+def remove_accounts_data():
+    before_expiration = datetime.today() - timedelta(days=Configuration.CLOSED_ACCOUNT_EXPIRATION)
+
+    # regex condition to account name to avoid process deleted accounts multiple times
+    subquery = db.session.query(User.id).filter(User.active == false(), User.inactive_since <= before_expiration, User.username.op("~")('^(?!deleted_\d{13})')).subquery()
+    subquery2 = db.session.query(Organisation.id).filter(Organisation.active == false(), Organisation.inactive_since <= before_expiration, Organisation.name.op("~")('^(?!deleted_\d{13})')).subquery()
+    accounts = Account.query.filter(and_(Account.owner_id.in_(subquery), Account.type == "user") | and_(Account.owner_id.in_(subquery2), Account.type == "organisation"))
+
+    for account in accounts:
+        timestamp = round(datetime.now().timestamp() * 1000)
+        user = None
+        organisation = None
+        if account.type == 'user':
+            user = User.query.get(account.owner_id)
+
+            user.username = f"deleted_{timestamp}"
+            user.email = f"deleted_{timestamp}"
+            user.verified_email = False
+            user.assign_password(f"deleted_{timestamp}")
+            user.profile.firs_name = ""
+            user.profile.last_name = ""
+
+        else:
+            organisation = Organisation.query.get(account.owner_id)
+            organisation.name = f"deleted_{timestamp}"
+            organisation.description = ""
+
+        # delete account's projects
+        projects = Project.query.filter_by(namespace=account.namespace.name).all()
+        for p in projects:
+            p_dir = p.storage.project_dir
+            if os.path.exists(p_dir):
+                move_to_tmp(p_dir)
+            db.session.delete(p)
+
+        # delete account's removed projects
+        projects = RemovedProject.query.filter_by(namespace=account.namespace.name).all()
+        for p in projects:
+            p_dir = os.path.abspath(os.path.join(Configuration.LOCAL_PROJECTS, p.properties["storage_params"]["location"]))
+            if os.path.exists(p_dir):
+                move_to_tmp(p_dir)
+            db.session.delete(p)
+
+        db.session.commit()
+        account.namespace.name = f"deleted_{timestamp}"
+
+    db.session.commit()
diff --git a/server/src/config.py b/server/src/config.py
new file mode 100644
index 00000000..7b739d9f
--- /dev/null
+++ b/server/src/config.py
@@ -0,0 +1,88 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+import os
+from tempfile import tempdir
+from .version import get_version
+from decouple import config, Csv
+
+config_dir = os.path.abspath(os.path.dirname(__file__))
+
+
+class Configuration(object):
+    DEBUG = config('FLASK_DEBUG', default=False, cast=bool)
+    TESTING = config('TESTING', default=False, cast=bool)
+    SECRET_KEY = config('SECRET_KEY')
+    PROXY_FIX = config('PROXY_FIX', default=True, cast=bool)
+    SWAGGER_UI = config('SWAGGER_UI', default=False, cast=bool)  # to enable swagger UI console (for test only)
+    VERSION = config('VERSION', default=get_version())
+    PUBLIC_DIR = config('PUBLIC_DIR', default=os.path.join(config_dir, os.pardir, 'build', 'static'))
+    # for local storage type
+    LOCAL_PROJECTS = config('LOCAL_PROJECTS', default=os.path.join(config_dir, os.pardir, os.pardir, 'projects'))
+
+    # Mergin DB related
+    SQLALCHEMY_TRACK_MODIFICATIONS = config('SQLALCHEMY_TRACK_MODIFICATIONS', default=False, cast=bool)
+    SQLALCHEMY_ENGINE_OPTIONS = {
+        'pool_size': 2,
+        'pool_timeout': 300
+    }
+    DB_USER = config('DB_USER', default='postgres')
+    DB_PASSWORD = config('DB_PASSWORD', default='postgres')
+    DB_HOST = config('DB_HOST', default='localhost')
+    DB_PORT = config('DB_PORT', default=5002, cast=int)
+    DB_DATABASE = config('DB_DATABASE', default='postgres')
+    DB_APPLICATION_NAME = config('DB_APPLICATION_NAME', default='mergin')
+    SQLALCHEMY_DATABASE_URI = os.getenv('SQLALCHEMY_DATABASE_URI', f'postgresql://{DB_USER}:{DB_PASSWORD}@{DB_HOST}:{DB_PORT}/{DB_DATABASE}?application_name={DB_APPLICATION_NAME}')
+
+    # auth related
+    SECURITY_PASSWORD_SALT = config('SECURITY_PASSWORD_SALT')
+    WTF_CSRF_TIME_LIMIT = config('WTF_CSRF_TIME_LIMIT', default=3600 * 24, cast=int)  # in seconds
+    BEARER_TOKEN_EXPIRATION = config('BEARER_TOKEN_EXPIRATION', default=3600 * 12, cast=int)  # in seconds
+    WTF_CSRF_ENABLED = config('WTF_CSRF_ENABLED', default=True, cast=bool)
+
+    # for flask mail
+    MAIL_SERVER = config('MAIL_SERVER', default='localhost')
+    MAIL_PORT = config('MAIL_PORT', default=587, cast=int)
+    MAIL_USE_TLS = config('MAIL_USE_TLS', default=True, cast=bool)
+    MAIL_DEFAULT_SENDER = config('MAIL_DEFAULT_SENDER')
+    MAIL_USERNAME = config('MAIL_USERNAME')
+    MAIL_PASSWORD = config('MAIL_PASSWORD')
+    MAIL_DEBUG = config('MAIL_SUPPRESS_SEND', default=False, cast=bool)
+    MAIL_SUPPRESS_SEND = config('MAIL_SUPPRESS_SEND', default=True, cast=bool)
+
+    USER_SELF_REGISTRATION = config('USER_SELF_REGISTRATION', default=True, cast=bool)
+
+    # locking file when backups are created
+    MAINTENANCE_FILE = config('MAINTENANCE_FILE', default=os.path.join(LOCAL_PROJECTS, 'MAINTENANCE'))
+
+    # data sync
+    LOCKFILE_EXPIRATION = config('LOCKFILE_EXPIRATION', default=300, cast=int)  # in seconds
+    MAX_CHUNK_SIZE = config('MAX_CHUNK_SIZE', default=10 * 1024 * 1024, cast=int)  # in bytes
+    USE_X_ACCEL = config('USE_X_ACCEL', default=False, cast=bool)  # use nginx (in front of gunicorn) to serve files (https://www.nginx.com/resources/wiki/start/topics/examples/x-accel/)
+    FILE_EXPIRATION = config('FILE_EXPIRATION', default=48 * 3600, cast=int)  # for clean up of old files where diffs were applied, in seconds
+    BLACKLIST = config('BLACKLIST', default='.mergin/, .DS_Store, .directory', cast=Csv())
+
+    # celery
+    CELERY_IMPORTS = config('CELERY_IMPORTS', default="src.celery")
+    CELERY_BROKER_URL = config('CELERY_BROKER_URL', default='redis://172.17.0.1:6379/0')
+    CELERY_RESULT_BACKEND = config('CELERY_RESULT_BACKEND', default='redis://172.17.0.1:6379/0')
+
+    # various life times
+    TRANSFER_EXPIRATION = config('TRANSFER_EXPIRATION', default=7 * 24 * 3600, cast=int)  # in seconds
+    ORGANISATION_INVITATION_EXPIRATION = config('ORGANISATION_INVITATION_EXPIRATION', default=7 * 24 * 3600, cast=int)  # in seconds
+    PROJECT_ACCESS_REQUEST = config('PROJECT_ACCESS_REQUEST', default=7 * 24 * 3600, cast=int)
+
+    TEMP_EXPIRATION = config('TEMP_EXPIRATION', default=7, cast=int)  # time in days after files are permanently deleted
+    CLOSED_ACCOUNT_EXPIRATION = config('CLOSED_ACCOUNT_EXPIRATION', default=5, cast=int) # time in days after user closed his account to all projects and files are permanently deleted
+    DELETED_PROJECT_EXPIRATION = config('DELETED_PROJECT_EXPIRATION', default=7, cast=int)  # lifetime of deleted project, expired project are removed permanently without restore possibility, in days
+
+    # trash dir for temp files being cleaned regularly
+    TEMP_DIR = config('TEMP_DIR', default=tempdir)
+
+    # for links generated in emails
+    MERGIN_BASE_URL = config('MERGIN_BASE_URL', default="http://localhost:5000")
+    # for link to logo in emails
+    MERGIN_LOGO_URL = config('MERGIN_LOGO_URL', default="")
+
+    MERGIN_SUBSCRIPTIONS = config('MERGIN_SUBSCRIPTIONS', default=False, cast=bool)
+    MERGIN_TESTING = config('MERGIN_TESTING', default=False, cast=bool)
diff --git a/server/src/controllers/__init__.py b/server/src/controllers/__init__.py
new file mode 100644
index 00000000..5bb08739
--- /dev/null
+++ b/server/src/controllers/__init__.py
@@ -0,0 +1,2 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
\ No newline at end of file
diff --git a/server/src/controllers/account_controller.py b/server/src/controllers/account_controller.py
new file mode 100644
index 00000000..da58090b
--- /dev/null
+++ b/server/src/controllers/account_controller.py
@@ -0,0 +1,257 @@
+# Copyright (C) 2021 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+from datetime import datetime
+from operator import and_
+
+from flask import Blueprint, abort, jsonify, request
+from flask_login import current_user
+from sqlalchemy import or_, desc, asc, true
+
+from src.auth import AccountSearchSchema
+from .. import db
+from ..auth import auth_required
+from ..models.db_models import Account, Namespace
+from ..models.schemas import AccountSchema, AccountExtendedSchema
+from ..auth.models import User
+from ..models.db_models import Project, ProjectAccess, ProjectTransfer
+from ..organisation.models import OrganisationInvitation, Organisation
+
+account = Blueprint("account", __name__)
+
+
+@account.route('/accounts/<int:account_id>', methods=['GET'])
+@auth_required(permissions=['admin'])
+def get_account_by_id(account_id):  # pylint: disable=W0613,W0612
+    """ get account by id
+    :rtype: Account
+    """
+    accounts = Account.query.get(account_id)
+    data = AccountSchema().dump(accounts)
+    return jsonify(data), 200
+
+
+@account.route('/accounts/<path:type>', methods=['GET'])
+@auth_required(permissions=['admin'])
+def list_accounts(type):  # pylint: disable=W0613,W0612
+    """ List of either user or organisation paginated accounts with optional filters and sort.
+
+    :param type: account type, either 'user' or 'organisation'
+    :type type: str
+    :returns: Total number of accounts and paginated results for accounts
+    :rtype: dict(total: int, accounts: List[Account])
+    """
+    try:
+        page = int(request.args.get('page', 1))
+        per_page = int(request.args.get('per_page', 10))
+    except ValueError:
+        abort(400, "Invalid query format")
+    order_by = request.args.get('order_by')
+    descending = str(request.args.get('descending', 'false')) == 'true'
+    name = str(request.args.get('name', ''))
+    if type == "user":
+        model = User
+        name_col = User.username
+        active_col = User.active
+    elif type == "organisation":
+        model = Organisation
+        name_col = Organisation.name
+        active_col = Organisation.active
+    else:
+        abort(400, 'Invalid account type')
+
+    query = db.session.query(
+        Account.id,
+        Account.type,
+        name_col.label("name"),
+        active_col.label("active"),
+        Namespace.storage
+    )\
+        .join(model,  Account.owner_id == model.id) \
+        .join(Namespace, Namespace.account_id == Account.id) \
+        .filter(Account.type == type)
+
+    if name:
+        query = query.filter(name_col.ilike(f'%{name}%'))
+
+    # sort by some column
+    col = None
+    if order_by:
+        if order_by == 'name':
+            col = name_col
+
+    if col:
+        query = query.order_by(desc(col)) if descending else query.order_by(asc(col))
+
+    paginate = query.paginate(page, per_page, max_per_page=100)
+    result = paginate.items
+    total = paginate.total
+    accounts = AccountExtendedSchema(many=True).dump(result)
+    return jsonify(accounts=accounts, total=total), 200
+
+
+@account.route('/change_account_status/<int:account_id>', methods=['PATCH'])
+@auth_required(permissions=['admin'])
+def change_account_status(account_id):
+    """
+    Change account active status to true or false
+
+    :param account_id:
+    :return changed status:
+    """
+    if request.json.get("status") is None:
+        abort(400, "Status is empty")
+    account = Account.query.get_or_404(account_id, "Account not found")
+    owner = account.owner()
+    owner.active = request.json.get("status")
+    owner.inactive_since = datetime.utcnow() if not owner.active else None
+    if request.json.get("status") is False:
+        account.inactivated("deactivate")
+    db.session.commit()
+
+    return jsonify({'status': request.json.get("status")}), 200
+
+
+@account.route('/account/<int:id>', methods=['DELETE'])
+@auth_required
+def close_account(id):  # pylint: disable=W0613,W0612
+    """ Close account.
+    All related objects remain (temporarily) in database and files on disk, following actions are done:
+
+    - account holder is turned to inactive
+    - users's reference from 3rd parties integration is removed (e.g. Stripe)
+    - all references in projects' permissions are removed
+    - all pending project transfers related to account namespace are removed
+    - all membership in organisations and pending invitations are removed
+
+    For permanent delete, account holder object needs to be deleted.
+    """
+    account = Account.query.get_or_404(id, f'Account {id} not found')
+    if not account.can_edit(current_user.id) and not current_user.is_admin:
+        abort(403)
+
+    user = None
+    organisation = None
+    if account.type == 'user':
+        user = User.query.get(account.owner_id)
+        # remove membership in organisations
+        organisations = Organisation.query.filter(or_(
+            Organisation.owners.contains([user.id]),
+            Organisation.admins.contains([user.id]),
+            Organisation.writers.contains([user.id]),
+            Organisation.readers.contains([user.id])
+        )).all()
+
+        user_organisation = next((o for o in organisations if o.owners == [user.id]), None)
+        if user_organisation:
+            abort(400, f"Can not close account because user is the only owner of organisation {user_organisation.name}")
+
+        for org in organisations:
+            for key in ('owners', 'admins', 'writers', 'readers'):
+                value = set(getattr(org, key))
+                if user.id in value:
+                    value.remove(user.id)
+                setattr(org, key, list(value))
+            db.session.add(org)
+
+        # remove user reference from shared projects
+        shared_projects = Project.query \
+            .filter(Project.namespace != account.namespace.name) \
+            .filter(or_(
+            Project.access.has(ProjectAccess.owners.contains([user.id])),
+            Project.access.has(ProjectAccess.writers.contains([user.id])),
+            Project.access.has(ProjectAccess.readers.contains([user.id]))
+        )).all()
+
+        for p in shared_projects:
+            for key in ('owners', 'writers', 'readers'):
+                value = set(getattr(p.access, key))
+                if user.id in value:
+                    value.remove(user.id)
+                setattr(p.access, key, list(value))
+            db.session.add(p)
+
+        # remove pending invitations
+        invitations = OrganisationInvitation.query.filter_by(username=user.username).all()
+        for i in invitations:
+            db.session.delete(i)
+
+    else:
+        organisation = Organisation.query.get(account.owner_id)
+        invitations = OrganisationInvitation.query.filter_by(org_name=account.name()).all()
+        for i in invitations:
+            db.session.delete(i)
+
+    # reset permissions for namespace's projects
+    projects = Project.query.filter_by(namespace=account.namespace.name).all()
+    for p in projects:
+        p.access.owners = []
+        p.access.writers = []
+        p.access.readers = []
+        db.session.add(p)
+
+    # remove pending project transfers (both directions)
+    transfers = ProjectTransfer.query.filter(or_(
+        ProjectTransfer.from_ns_name == account.namespace.name,
+        ProjectTransfer.to_ns_name == account.namespace.name
+    )).all()
+    for t in transfers:
+        db.session.delete(t)
+
+    account.inactivated("delete")
+
+    # inactivate account
+    owner = account.owner()
+    owner.active = False
+    owner.inactive_since = datetime.utcnow()
+
+    db.session.add(account)
+    db.session.commit()
+    return '', 200
+
+@account.route('/account/change_storage/<int:account_id>', methods=['POST'])
+@auth_required(permissions=['admin'])
+def change_storage(account_id):  # pylint: disable=W0613,W0612
+    """ Change storage.
+    Change account storage with new value
+    - account_id account id
+    - storage: new storage value in bytes
+    """
+    namespace = Namespace.query.filter(Namespace.account_id == account_id).first_or_404(f'Namespace for accountId: {account_id} not found')
+    if not request.json.get("storage"):
+        abort(400, "Storage is empty")
+    try:
+        storage = int(request.json.get("storage"))
+    except Exception as e:
+        abort(400, "Storage is not a number")
+    namespace.storage = storage
+    db.session.commit()
+    return '', 200
+
+
+@account.route('/accounts/search', methods=['GET'])
+@auth_required(permissions=['admin'])
+def search_accounts_by_name():  # pylint: disable=W0613,W0612
+    """
+    search by like param returns results in order: 1.) match is on start of words - ordered by id
+                                                   2.) match is anywhere - ordered by id
+    """
+    from src.models.db_models import Account
+    from src.organisation import Organisation
+
+    query = db.session.query(
+        Account.id,
+        Account.type,
+        Organisation.name,
+        User.username
+    ) \
+        .outerjoin(Organisation, and_(Account.owner_id == Organisation.id, Account.type == "organisation")) \
+        .outerjoin(User, and_(Account.owner_id == User.id, Account.type == "user")) \
+
+    like = request.args.get('like')
+    schema = AccountSearchSchema(many=True)
+    if like:
+        ilike = "{}%".format(like)
+        accounts = query.filter(and_(User.active == true(), (User.username.ilike(ilike) | User.username.op("~")(f'[\\.|\\-|_| ]{like}.*'))) |
+                                and_(Organisation.active == true(), Organisation.name.ilike(ilike))).limit(10).all()
+    return jsonify(schema.dump(accounts))
diff --git a/server/src/controllers/forms.py b/server/src/controllers/forms.py
new file mode 100644
index 00000000..63f3147c
--- /dev/null
+++ b/server/src/controllers/forms.py
@@ -0,0 +1,10 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+from ..auth.forms import LoginForm
+
+
+class ApiLoginForm(LoginForm):
+    class Meta:
+        csrf = False
+
diff --git a/server/src/controllers/namespace_controller.py b/server/src/controllers/namespace_controller.py
new file mode 100644
index 00000000..e5eb945f
--- /dev/null
+++ b/server/src/controllers/namespace_controller.py
@@ -0,0 +1,29 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+from flask import jsonify, abort
+
+from ..auth import auth_required
+from ..auth.models import User
+from ..models.db_models import Namespace, Account
+from ..models.schemas import NamespaceSchema
+from ..organisation.models import Organisation
+
+
+def check_access_to_namespace(namespace, user):
+    Namespace.query.filter_by(name=namespace).first_or_404()
+    org = Organisation.query.filter_by(name=namespace).first()
+    if user.username != namespace and not (org and user.id in org.writers):
+        abort(403, "Permission denied.")
+
+
+@auth_required
+def search_namespace(namespace_type, q=None):  # pylint: disable=W0613,W0612
+    """ Search namespace by query """
+    namespaces = []
+    if namespace_type == "user":
+        namespaces = Namespace.query.join(Namespace.account).join(User, User.username == Namespace.name).filter(User.active, Account.type == "user", Namespace.name.ilike(f"{q}%")).limit(5).all() if q else []
+    elif namespace_type == "organisation":
+        namespaces = Namespace.query.join(Namespace.account).join(Organisation, Organisation.name == Namespace.name).filter(Organisation.active, Account.type == "organisation", Namespace.name.ilike(f"{q}%")).limit(5).all() if q else []
+    data = NamespaceSchema(many=True).dump(namespaces)
+    return jsonify(data)
diff --git a/server/src/controllers/project_controller.py b/server/src/controllers/project_controller.py
new file mode 100644
index 00000000..583adb77
--- /dev/null
+++ b/server/src/controllers/project_controller.py
@@ -0,0 +1,929 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+import json
+import mimetypes
+import os
+import logging
+import copy
+from urllib.parse import quote
+import uuid
+from time import time
+from datetime import datetime, timedelta
+import psycopg2
+from connexion import NoContent, request
+from flask import abort, render_template, current_app, send_from_directory, jsonify, make_response
+from pygeodiff import GeoDiffLibError
+from sqlalchemy.orm import joinedload
+from flask_login import current_user
+from sqlalchemy.types import String
+from sqlalchemy.dialects.postgresql import ARRAY
+from sqlalchemy import cast, and_, or_, desc, asc
+from sqlalchemy.exc import IntegrityError
+from sqlalchemy.orm.attributes import flag_modified
+from binaryornot.check import is_binary
+from gevent import sleep
+
+from .. import db, wm, SIG_NEW_PROJECT
+from ..auth import auth_required
+from ..auth.models import User, UserProfile
+from ..models.db_models import Project, ProjectAccess, ProjectVersion, Namespace, Upload, RemovedProject
+from ..models.schemas import ProjectSchema, ProjectListSchema, ProjectVersionSchema, FileInfoSchema, ProjectSchemaForVersion
+from ..organisation.models import Organisation
+from ..storages.storage import FileNotFound, DataSyncError, InitializationError
+from ..storages.disk import save_to_file, move_to_tmp
+from ..permissions import require_project, projects_query, ProjectPermissions, get_upload
+from ..mergin_utils import generate_checksum, Toucher, int_version, is_file_name_blacklisted, get_ip, get_user_agent, \
+    generate_location, is_valid_uuid
+from ..util import is_name_allowed, mergin_secure_filename, get_path_from_files
+from ..celery import send_email_async
+from .namespace_controller import check_access_to_namespace
+
+
+def _project_version_files(project, version=None):
+    if version:
+        pv = next((v for v in project.versions if v.name == version), None)
+        if not pv:
+            abort(404, "Project version does not exist")
+        return pv.files
+    return project.files
+
+
+@auth_required
+def add_project(namespace, project):  # noqa: E501
+    """Add a new mergin project.
+
+     # noqa: E501
+
+    :param project: Project object that needs to be added to the database.
+    :type project: dict | bytes
+
+    :rtype: None
+    """
+    if not is_name_allowed(project['name']):
+        abort(400, "Please use only alphanumeric or these -._~()'!*:@,; characters in project name.")
+
+    project['name'] = project['name'].strip()
+    if request.is_json:
+        ua = get_user_agent(request)
+        check_access_to_namespace(namespace, current_user)
+
+        proj = Project.query.filter_by(name=project['name'], namespace=namespace).first()
+        if proj:
+            abort(409, "Project {} already exists!".format(project['name']))
+
+        project['storage_params'] = {"type": "local", "location": generate_location()}
+
+        p = Project(**project, creator=current_user, namespace=namespace)
+        p.updated = datetime.utcnow()
+        pa = ProjectAccess(p, public=project.get('public', False))
+
+        template = project.get('template', None)
+        ip = get_ip(request)
+        if template:
+            template = Project.query.\
+                filter(Project.creator.has(username='TEMPLATES')).\
+                filter(Project.name == template)\
+                .first_or_404()
+            # create mutable object
+            temp_copy = copy.deepcopy(template)
+            temp_files = ProjectSchema(only=('files',)).dump(temp_copy)
+            changes = {"added": temp_files['files'], "renamed": [], "updated": [], "removed": []}
+            version = ProjectVersion(p, 'v1', current_user.username, changes, template.files, ip, ua)
+            p.latest_version = 'v1'
+        else:
+            changes = {"added": [], "renamed": [], "updated": [], "removed": []}
+            version = ProjectVersion(p, 'v0', current_user.username, changes, [], ip, ua)
+            p.latest_version = 'v0'
+        try:
+            p.storage.initialize(template_project=template)
+        except Exception as exc:
+            abort(400, f"Failed to initialize project: {str(exc)}")
+
+        p.versions.append(version)
+        db.session.add(p)
+        db.session.add(pa)
+        db.session.commit()
+
+        wm.emit_signal(SIG_NEW_PROJECT, request.path, msg=f'New project *{namespace}/{project["name"]}* has been created')
+        return NoContent, 200
+
+
+@auth_required
+def delete_project(namespace, project_name):  # noqa: E501
+    """Delete a project.
+
+     # noqa: E501
+
+    :param project_name: name of project to delete.
+    :type project_name: str
+
+    :rtype: None
+    """
+    project = require_project(namespace, project_name, ProjectPermissions.Delete)
+    rm_project = RemovedProject(project, current_user.username)
+    db.session.add(rm_project)
+    db.session.delete(project)
+    db.session.commit()
+    return NoContent, 200
+
+
+def download_project(namespace, project_name, format=None, version=None):  # noqa: E501 # pylint: disable=W0622
+    """Download dir for single project.
+
+     # noqa: E501
+
+    :param project_name: name of project to return.
+    :type project_name: str
+    :param format: output format
+    :type format: str [zip]
+    :param version: version tag name
+    :type version: str
+
+    :rtype: None
+    """
+    project = require_project(namespace, project_name, ProjectPermissions.Read)
+    files = _project_version_files(project, version)
+    try:
+        return project.storage.download_files(files, format, version=version)
+    except FileNotFound as e:
+        abort(404, str(e))
+
+
+def download_project_file(project_name, namespace, file, version=None, diff=None):  # noqa: E501
+    """Download project file
+
+    Download individual file or it's diff file from project. # noqa: E501
+
+    :param project_name: Project name.
+    :type project_name: str
+    :param namespace: Namespace for project to look into.
+    :type namespace: str
+    :param file: Path to file.
+    :type file: str
+    :param version: Version tag.
+    :type version: str
+    :param diff: Ask for diff file instead of full one.
+    :type diff: bool
+
+    :rtype: None
+    """
+    project = require_project(namespace, project_name, ProjectPermissions.Read)
+    files = _project_version_files(project, version)
+
+    if diff and version:
+        # get specific version of geodiff file modified in requested version
+        file_obj = next((f for f in files if f['location'] == os.path.join(version, file)), None)
+        if not file_obj:
+            abort(404, file)
+        if 'diff' not in file_obj:
+            abort(404, f"No diff in particular file {file} version")
+        file_path = file_obj['diff']['location']
+    elif diff:
+        abort(400, f"Changeset must be requested for particular file version")
+    else:
+        # get latest version of file
+        file_path = next((f['location'] for f in files if f['path'] == file), None)
+
+    if not file_path:
+        abort(404, file)
+
+    if version and not diff:
+        project.storage.restore_versioned_file(file, version)
+
+    if current_app.config['USE_X_ACCEL']:
+        # encoding for nginx to be able to download file with non-ascii chars
+        encoded_file_path = quote(file_path.encode("utf-8"))
+        resp = make_response()
+        resp.headers['X-Accel-Redirect'] = f"/download/{project.storage_params['location']}/{encoded_file_path}"
+        resp.headers['X-Accel-Buffering'] = True
+        resp.headers['X-Accel-Expires'] = 'off'
+    else:
+        resp = send_from_directory(project.storage.project_dir, file_path)
+    abs_path = os.path.join(project.storage.project_dir, file_path)
+    if not is_binary(abs_path):
+        mime_type = "text/plain"
+    else:
+        mime_type = mimetypes.guess_type(abs_path)[0]
+    resp.headers['Content-Type'] = mime_type
+    resp.headers['Content-Disposition'] = 'attachment; filename={}'.format(quote(os.path.basename(file).encode("utf-8")))
+    return resp
+
+
+def get_project(project_name, namespace, since='', version=None):  # noqa: E501
+    """Find project by name.
+
+    Returns a single project with details about files including history for versioned files (diffs) if needed. # noqa: E501
+
+    :param project_name: Name of project to return.
+    :type project_name: str
+    :param namespace: Namespace for project to look into.
+    :type namespace: str
+    :param since: Version to look up diff files history from.
+    :type since: str
+    :param version: Version to return files details for.
+    :type version: str
+
+    :rtype: ProjectDetail
+    """
+    project = require_project(namespace, project_name, ProjectPermissions.Read)
+
+    if since and version:
+        abort(400, "Parameters 'since' and 'version' are mutually exclusive")
+    elif since:
+        # append history for versioned files
+        last_version = ProjectVersion.query.filter_by(project_id=project.id).order_by(
+            ProjectVersion.created.desc()).first()
+        for f in project.files:
+            f['history'] = project.file_history(f['path'], since, last_version.name)
+        data = ProjectSchema(exclude=['storage_params']).dump(project)
+    elif version:
+        # return project info at requested version
+        version_obj = next((v for v in project.versions if v.name == version), None)
+        if not version_obj:
+            abort(404, "Project at requested version does not exist")
+        data = ProjectSchemaForVersion().dump(version_obj)
+    else:
+        # return current project info
+        data = ProjectSchema(exclude=['storage_params']).dump(project)
+    return data, 200
+
+
+def get_project_versions(namespace, project_name, version_id=None):  # noqa: E501
+    """Get versions (history) of project.
+
+    Returns a list of project versions with changes information. # noqa: E501
+
+    :param project_name: Name of project to return versions for.
+    :type project_name: str
+    :param version_id:
+    :type version_id: str
+
+    :rtype: List[ProjectVersion]
+    """
+    project = require_project(namespace, project_name, ProjectPermissions.Read)
+    query = ProjectVersion.query.filter(and_(ProjectVersion.project_id == project.id, ProjectVersion.name != "v0"))
+    if version_id:
+        query = ProjectVersion.query.filter_by(project_id=project.id).filter_by(name=version_id)
+    versions = query.order_by(ProjectVersion.created.desc()).all()
+    data = ProjectVersionSchema(exclude=['files'], many=True).dump(versions)
+    return data, 200
+
+
+def get_projects_by_names(data):  # noqa: E501
+    """List mergin projects by list of  projects namespace and name.
+    Returns limited list of projects
+    :rtype: Dict{namespace/projectName: Project]
+    """
+
+    list_of_projects = data.get('projects', [])
+    if len(list_of_projects) > 50:
+        abort(400, "Too many projects")
+    results = {}
+    for project in list_of_projects:
+        projects = projects_query(ProjectPermissions.Read, as_admin=False)
+        splitted = project.split("/")
+        if len(splitted) != 2:
+            results[project] = {"error": 404}
+            continue
+        namespace = splitted[0]
+        name = splitted[1]
+        result = projects.filter(Project.namespace == namespace, Project.name == name).first()
+        if result:
+            user_ids = result.access.owners + result.access.writers + result.access.readers
+            users_map = {u.id: u.username for u in User.query.filter(User.id.in_(set(user_ids))).all()}
+            results[project] = ProjectListSchema(context={'users_map': users_map}).dump(result)
+        else:
+            if not current_user or not current_user.is_authenticated:
+                results[project] = {"error": 401}
+            else:
+                results[project] = {"error": 403}
+    return results, 200
+
+
+def get_projects_by_uuids(uuids):  # noqa: E501
+    """Get mergin projects by list of projects ids
+
+    Returns a list of projects filtered by ids # noqa: E501
+    :rtype: dict{project.id: project}
+    """
+    proj_ids = [uuid for uuid in uuids.split(',') if is_valid_uuid(uuid)]
+    if len(proj_ids) > 10:
+        abort(400, "Too many projects")
+
+    user_ids = []
+    projects = projects_query(ProjectPermissions.Read, as_admin=False).filter(Project.id.in_(proj_ids)).all()
+    for p in projects:
+        user_ids.extend(p.access.owners+p.access.writers+p.access.readers)
+    users_map = {u.id: u.username for u in User.query.filter(User.id.in_(set(user_ids))).all()}
+    data = ProjectListSchema(many=True, context={'users_map': users_map}).dump(projects)
+    return data, 200
+
+
+def get_projects(tags=None, q=None, user=None, flag=None, limit=None):  # noqa: E501
+    """List mergin projects.
+
+    Returns limited list of projects, optionally filtered by tags, search query, username.
+
+    :rtype: List[Project]
+    """
+    projects = projects_query(ProjectPermissions.Read)
+
+    if flag:
+        user = User.query.filter_by(username=user).first_or_404() if user else current_user
+        if not user.is_anonymous:
+            orgs = Organisation.query.with_entities(Organisation.name).filter(
+                or_(Organisation.admins.contains([user.id]), Organisation.readers.contains([user.id]),
+                    Organisation.writers.contains([user.id]), Organisation.owners.contains([user.id])))
+            if flag == 'created':
+                projects = projects.filter(Project.creator_id == user.id).filter_by(namespace=user.username)
+            if flag == 'shared':
+                projects = projects.filter(or_(and_(Project.creator_id != user.id,
+                                               Project.access.has(ProjectAccess.readers.contains([user.id]))),  Project.namespace.in_(orgs)))
+        else:
+            abort(401)
+    if tags:
+        projects = projects.filter(Project.tags.contains(cast(tags, ARRAY(String))))
+
+    if q:
+        projects = projects.filter(Project.name.ilike('%{}%'.format(q)))
+
+    proj_limit = limit if limit and limit < 100 else 100
+    projects = projects.options(joinedload(Project.access)).order_by(Project.namespace, Project.name).limit(proj_limit).all()
+    # create user map id:username passed to project schema to minimize queries to db
+    user_ids = []
+    for p in projects:
+        user_ids.extend(p.access.owners+p.access.writers+p.access.readers)
+    users_map = {u.id: u.username for u in User.query.filter(User.id.in_(set(user_ids))).all()}
+    sleep(0)  # temporary yield to gevent hub until serialization is fully resolved (#317)
+    data = ProjectListSchema(many=True, context={'users_map': users_map}).dump(projects)
+    return data, 200
+
+
+def get_paginated_projects(page, per_page, order_params=None, order_by=None, descending=False, name=None, namespace=None, user=None, flag=None, last_updated_in=None, only_namespace=None, as_admin=False, public=True, only_public=False):  # noqa: E501
+    """List mergin projects.
+
+    Returns dictionary with paginated list of projects, optionally filtered by tags, project name, username, namespace, updated date.
+    and number of total filtered projects
+
+    :param page:page number
+    :param per_page results per page
+    :param order_by order by field name -deprecated
+    :param descending order of sort -deprecated
+    :param order_params fields to sort e.g. name_asc, updated_desc
+    :param name filter by project name
+    :param namespace filter by project namespace
+    :param user Username for 'flag' filter. If not provided, in case that is not provided uses logged user
+    :param flag created or shared
+    :param: last_updated_in for filter projects by days from last update
+    :param only_namespace Filter namespace equality to in contrast with namespace attribute which is determinated to search (like)
+    :param as_admin User access as admin
+    :param public should return any public project, if false filter only projects where user has explicit read permission to project
+    :param only_public should return only public projects
+
+    :rtype: Dictionary{
+    projects: List[Project],
+    count: Integer
+    """
+    if only_public:
+        projects = Project.query.filter(Project.access.has(public=only_public))
+    else:
+        projects = projects_query(ProjectPermissions.Read, as_admin=as_admin, public=public)
+
+    if flag:
+        user = User.query.filter_by(username=user).first_or_404() if user else current_user
+        if not user.is_anonymous:
+            if flag == 'created':
+                projects = projects.filter(Project.creator_id == user.id).filter_by(namespace=user.username)
+            if flag == 'shared':
+                orgs = Organisation.query.with_entities(Organisation.name).filter(
+                    or_(Organisation.admins.contains([user.id]), Organisation.readers.contains([user.id]),
+                        Organisation.writers.contains([user.id]), Organisation.owners.contains([user.id])))
+                projects = projects.filter(or_(and_(Project.creator_id != user.id,
+                                               Project.access.has(ProjectAccess.readers.contains([user.id]))),  Project.namespace.in_(orgs)))
+        else:
+            abort(401)
+
+    if name:
+        projects = projects.filter(Project.name.ilike('%{}%'.format(name)) | Project.namespace.ilike('%{}%'.format(name)))
+
+    if namespace:
+        projects = projects.filter(Project.namespace.ilike('%{}%'.format(namespace)))
+
+    if only_namespace:
+        projects = projects.filter(Project.namespace == only_namespace)
+
+    if last_updated_in:
+        projects = projects.filter(Project.updated >= datetime.utcnow() - timedelta(days=last_updated_in))
+
+    projects = projects.options(joinedload(Project.access))
+
+    if order_params:
+        order_by_params = []
+        for p in order_params.split(","):
+            string_param = p.strip()
+            if "_asc" in string_param:
+                string_param = string_param.replace("_asc", "")
+                order_by_params.append(Project.__table__.c[string_param].asc())
+            elif "_desc" in string_param:
+                string_param = string_param.replace("_desc", "")
+                order_by_params.append(Project.__table__.c[string_param].desc())
+        projects = projects.order_by(*order_by_params)
+    elif descending and order_by:
+        projects = projects.order_by(desc(Project.__table__.c[order_by]))
+    elif not descending and order_by:
+        projects = projects.order_by(asc(Project.__table__.c[order_by]))
+
+    result = projects.paginate(page, per_page).items
+    total = projects.paginate(page, per_page).total
+
+    # create user map id:username passed to project schema to minimize queries to db
+    user_ids = []
+    for p in result:
+        user_ids.extend(p.access.owners+p.access.writers+p.access.readers)
+
+    users_map = {u.id: u.username for u in User.query.filter(User.id.in_(set(user_ids))).all()}
+    sleep(0)  # temporary yield to gevent hub until serialization is fully resolved (#317)
+    data = ProjectListSchema(many=True, context={'users_map': users_map}).dump(result)
+    data = {'projects': data,
+            'count': total}
+    return data, 200
+
+@auth_required
+def update_project(namespace, project_name, data):  # noqa: E501  # pylint: disable=W0613
+    """Update an existing project.
+
+     # noqa: E501
+
+    :param project_name: Name of project that need to be updated.
+    :type project_name: str
+    :param data: Data to be updated.
+    :type data: dict | bytes
+
+    :rtype: Project
+    """
+    project = require_project(namespace, project_name, ProjectPermissions.Update)
+    access = data.get('access', {})
+    id_diffs = []
+
+    #transform usernames from client to ids
+    if "ownersnames" in access:
+        owners = User.query.with_entities(User.id).filter(User.username.in_(access['ownersnames'])).all()
+        access["owners"] = [w.id for w in owners]
+    if "readersnames" in access:
+        readers = User.query.with_entities(User.id).filter(User.username.in_(access['readersnames'])).all()
+        access["readers"] = [w.id for w in readers]
+    if "writersnames" in access:
+        writers = User.query.with_entities(User.id).filter(User.username.in_(access['writersnames'])).all()
+        access["writers"] = [w.id for w in writers]
+
+    # prevent to remove ownership of project creator
+    if 'owners' in access:
+        if project.creator_id not in access['owners']:
+            abort(400, str('Ownership of project creator cannot be removed.'))
+
+    for key, value in access.items():
+        if not hasattr(project.access, key):
+            continue
+        if isinstance(value, list):
+            id_diffs.append(set(value) ^ set(getattr(project.access, key)))
+        setattr(project.access, key, value)
+
+    db.session.add(project)
+    db.session.commit()
+
+    users_ids = set().union(*id_diffs)
+    user_profiles = UserProfile.query.filter(UserProfile.user_id.in_(users_ids)).all()
+    project_path = '/'.join([namespace, project.name])
+    web_link = f"{request.url_root.strip('/')}/projects/{project_path}"
+    for user_profile in user_profiles:
+        privileges = []
+        if user_profile.user.id in project.access.owners:
+            privileges += ['edit', 'remove']
+        if user_profile.user.id in project.access.writers:
+            privileges.append('upload')
+        if user_profile.user.id in project.access.readers:
+            privileges.append('download')
+        subject = "Project access modified"
+        if len(privileges):
+            html = render_template('email/modified_project_access.html', subject=subject, project=project, user=user_profile.user,
+                                   privileges=privileges, link=web_link)
+        else:
+            html = render_template('email/removed_project_access.html', subject=subject, project=project, user=user_profile.user)
+
+        if not (user_profile.receive_notifications and user_profile.user.verified_email):
+            continue
+        email_data = {
+            'subject': f'Access to mergin project {project_path} has been modified',
+            'html': html,
+            'recipients': [user_profile.user.email],
+            'sender': current_app.config['MAIL_DEFAULT_SENDER']
+        }
+        send_email_async.delay(**email_data)
+
+    return ProjectSchema().dump(project), 200
+
+
+@auth_required
+def project_push(namespace, project_name, data):
+    """
+    Synchronize project data.
+
+    Apply changes in project if no uploads required. Creates upload transaction for added/modified files. # noqa: E501
+
+    :param namespace: Namespace for project to look into.
+    :type namespace: str
+    :param project_name: Project name.
+    :type project_name: str
+    :param data: Description of project changes.
+    :type data: dict | bytes
+
+    :rtype: None
+    """
+    version = data.get('version')
+    changes = data['changes']
+    project = require_project(namespace, project_name, ProjectPermissions.Upload)
+    pv = project.versions[0] if project.versions else None
+    if pv and pv.name != version:
+        abort(400, 'Version mismatch')
+    if not pv and version != 'v0':
+        abort(400, 'First push should be with v0')
+
+    if all(len(changes[key]) == 0 for key in changes.keys()):
+        abort(400, 'No changes')
+
+    # check if same file is not already uploaded
+    for item in changes["added"]:
+        if not all(ele['path'] != item['path'] for ele in project.files):
+            abort(400, 'File {} has been already uploaded'.format(item["path"]))
+
+    # changes' files must be unique
+    changes_files = []
+    sanitized_files = []
+    blacklisted_files = []
+    for change in changes.values():
+        for f in change:
+            if is_file_name_blacklisted(f['path'], current_app.config['BLACKLIST']):
+                blacklisted_files.append(f)
+            # all file need to be unique after sanitized
+            f['sanitized_path'] = mergin_secure_filename(f['path'])
+            if f['sanitized_path'] in sanitized_files:
+                filename, file_extension = os.path.splitext(f['sanitized_path'])
+                f['sanitized_path'] = filename + f'.{str(uuid.uuid4())}' + file_extension
+            sanitized_files.append(f['sanitized_path'])
+            if 'diff' in f:
+                f['diff']['sanitized_path'] = mergin_secure_filename(f['diff']['path'])
+                if f['diff']['sanitized_path'] in sanitized_files:
+                    filename, file_extension = os.path.splitext(f['diff']['sanitized_path'])
+                    f['diff']['sanitized_path'] = filename + f'.{str(uuid.uuid4())}' + file_extension
+            changes_files.append(f['path'])
+    if len(set(changes_files)) != len(changes_files):
+        abort(400, 'Not unique changes')
+
+    # remove blacklisted files from changes
+    for key, change in changes.items():
+        files_to_upload = [f for f in change if f not in blacklisted_files]
+        changes[key] = files_to_upload
+
+    # Convert datetimes to UTC
+    for key in changes.keys():
+        for f in changes[key]:
+            f['mtime'] = datetime.utcnow()
+
+    num_version = int_version(version)
+
+    # Check user data limit
+    updates = [f['path'] for f in changes['updated']]
+    updated_files = list(filter(lambda i: i['path'] in updates, project.files))
+    additional_disk_usage = sum(file['size'] for file in changes['added'] + changes['updated']) - \
+                            sum(file['size'] for file in updated_files) - sum(file['size'] for file in changes["removed"])
+    ns = Namespace.query.filter_by(name=project.namespace).first()
+    if ns.disk_usage() + additional_disk_usage > ns.storage:
+        abort(400, 'You have reached a data limit')
+
+    upload = Upload(project, num_version, changes, current_user.id)
+    db.session.add(upload)
+    try:
+        # Creating upload transaction with different project's version is possible.
+        db.session.commit()
+    except IntegrityError:
+        db.session.rollback()
+        # check and clean dangling uploads or abort
+        for current_upload in project.uploads.all():
+            upload_dir = os.path.join(project.storage.project_dir, 'tmp', current_upload.id)
+            upload_lockfile = os.path.join(upload_dir, 'lockfile')
+            if os.path.exists(upload_lockfile):
+                if time() - os.path.getmtime(upload_lockfile) < current_app.config['LOCKFILE_EXPIRATION']:
+                    abort(400, 'Another process is running. Please try later.')
+            db.session.delete(current_upload)
+            db.session.commit()
+
+
+        # Try again after cleanup
+        db.session.add(upload)
+        try:
+            db.session.commit()
+            move_to_tmp(upload_dir)
+        except IntegrityError:
+            abort(422, 'Failed to create upload session. Please try later.')
+
+    # Create transaction folder and lockfile
+    folder = os.path.join(project.storage.project_dir, "tmp", upload.id)
+    os.makedirs(folder)
+    open(os.path.join(folder, 'lockfile'), 'w').close()
+
+    # Update immediately without uploading of new/modified files, and remove transaction/lockfile
+    if not(changes['added'] or changes['updated']):
+        next_version = "v{}".format(num_version + 1)
+        project.storage.apply_changes(changes, next_version, upload.id)
+        flag_modified(project, 'files')
+        project.disk_usage = sum(file['size'] for file in project.files)
+        user_agent = get_user_agent(request)
+        pv = ProjectVersion(project, next_version, current_user.username, changes, project.files, get_ip(request), user_agent)
+        project.latest_version = next_version
+        db.session.add(pv)
+        db.session.add(project)
+        db.session.delete(upload)
+        db.session.commit()
+        move_to_tmp(folder)
+        return jsonify(ProjectSchema().dump(project)), 200
+
+    return {'transaction': upload.id}
+
+
+@auth_required
+def chunk_upload(transaction_id, chunk_id):
+    """Upload file chunk as defined in upload transaction.
+
+     # noqa: E501
+
+    :param transaction_id: Transaction id.
+    :type transaction_id: str
+    :param chunk_id: Chunk id.
+    :type chunk_id: str
+
+    :rtype: None
+    """
+    upload, upload_dir = get_upload(transaction_id)
+    for f in upload.changes["added"] + upload.changes["updated"]:
+        if "chunks" in f and chunk_id in f["chunks"]:
+            dest = os.path.join(upload_dir, "chunks", chunk_id)
+            lockfile = os.path.join(upload_dir, "lockfile")
+            with Toucher(lockfile, 30):
+                try:
+                    # we could have used request.data here but it could eventually cause OOM issue
+                    save_to_file(request.stream, dest, current_app.config['MAX_CHUNK_SIZE'])
+                except IOError:
+                    move_to_tmp(dest, transaction_id)
+                    abort(400, "Too big chunk")
+                if os.path.exists(dest):
+                    checksum = generate_checksum(dest)
+                    size = os.path.getsize(dest)
+                    return jsonify({
+                        "checksum": checksum,
+                        "size": size
+                    }), 200
+                else:
+                    abort(400, 'Upload was probably canceled')
+    abort(404)
+
+
+@auth_required
+def push_finish(transaction_id):
+    """Finalize project data upload.
+
+    Steps involved in finalization:
+     - merge chunks together (if there are some)
+     - do integrity check comparing uploaded file sizes with what was expected
+     - move uploaded files to new version dir and applying sync changes (e.g. geodiff apply_changeset)
+     - bump up version in database
+     - remove artifacts (chunks, lockfile) by moving them to tmp directory
+
+    # noqa: E501
+
+    :param transaction_id: Transaction id.
+    :type transaction_id: str
+
+    :rtype: None
+    """
+    upload, upload_dir = get_upload(transaction_id)
+    changes = upload.changes
+    upload_files = changes["added"] + changes["updated"]
+    project = upload.project
+    project_path = os.path.join(project.namespace, project.name)
+    corrupted_files = []
+
+    for f in upload_files:
+        if "diff" in f:
+            dest_file = os.path.join(
+                upload_dir, "files", get_path_from_files(
+                    upload_files, f["diff"]["path"], is_diff=True))
+            expected_size = f["diff"]["size"]
+        else:
+            dest_file = os.path.join(
+                upload_dir, "files",  get_path_from_files(upload_files, f["path"]))
+            expected_size = f["size"]
+        if "chunks" in f:
+            # Concatenate chunks into single file
+            # TODO we need to move this elsewhere since it can fail for large files (and slow FS)
+            os.makedirs(os.path.dirname(dest_file), exist_ok=True)
+            with open(dest_file, "wb") as dest:
+                try:
+                    for chunk_id in f["chunks"]:
+                        sleep(0)  # to unblock greenlet
+                        chunk_file = os.path.join(upload_dir, "chunks", chunk_id)
+                        with open(chunk_file, "rb") as src:
+                            data = src.read(8192)
+                            while data:
+                                dest.write(data)
+                                data = src.read(8192)
+                except IOError:
+                    logging.exception("Failed to process chunk: %s in project %s" % (chunk_id, project_path))
+                    corrupted_files.append(f["path"])
+                    continue
+
+        if expected_size != os.path.getsize(dest_file):
+            logging.error("Data integrity check has failed on file %s in project %s" % (f["path"], project_path), exc_info=True)
+            corrupted_files.append(f["path"])
+
+    if corrupted_files:
+        move_to_tmp(upload_dir)
+        abort(422, {"corrupted_files": corrupted_files})
+
+    next_version = "v{}".format(upload.version + 1)
+    files_dir = os.path.join(upload_dir, "files")
+    target_dir = os.path.join(project.storage.project_dir, next_version)
+    if os.path.exists(target_dir):
+        pv = project.versions[0] if project.versions else None
+        if pv and pv.name == next_version:
+            abort(409, {"There is already version with this name %s" % next_version})
+        logging.info("Upload transaction: Target directory already exists. Overwriting %s" % target_dir)
+        move_to_tmp(target_dir)
+
+    try:
+        # let's move uploaded files where they are expected to be
+        os.renames(files_dir, target_dir)
+        project.storage.apply_changes(changes, next_version, transaction_id)
+        flag_modified(project, "files")
+        project.disk_usage = sum(file['size'] for file in project.files)
+
+        user_agent = get_user_agent(request)
+        pv = ProjectVersion(project, next_version, current_user.username, changes, project.files, get_ip(request), user_agent)
+        project.latest_version = next_version
+        db.session.add(pv)
+        db.session.add(project)
+        db.session.delete(upload)
+        db.session.commit()
+        # remove artifacts
+        move_to_tmp(upload_dir, transaction_id)
+    except (psycopg2.Error, FileNotFoundError, DataSyncError) as err:
+        move_to_tmp(upload_dir)
+        abort(422, "Failed to create new version: {}".format(str(err)))
+
+    project.storage.optimize_storage()
+    return jsonify(ProjectSchema().dump(project)), 200
+
+
+@auth_required
+def push_cancel(transaction_id):
+    """Cancel upload transaction.
+
+    # noqa: E501
+
+    :param transaction_id: Transaction id.
+    :type transaction_id: str
+
+    :rtype: None
+    """
+    upload, upload_dir = get_upload(transaction_id)
+    db.session.delete(upload)
+    db.session.commit()
+    move_to_tmp(upload_dir)
+    return jsonify({"success": True}), 200
+
+
+@auth_required
+def clone_project(namespace, project_name, destination=None):  # noqa: E501
+    """Clone project.
+
+    Clone project to another namespace. Only recent version is copied over and history is lost.
+    Destination namespace and project name are optionally set in query parameters
+    otherwise request user is used with the same project name as cloned project. # noqa: E501
+
+    :param namespace: Namespace for project to look into.
+    :type namespace: str
+    :param project_name: Project name.
+    :type project_name: str
+    :param destination: Destination (namespace and project name) where project should be cloned.
+    :type destination: dict | bytes
+
+    :rtype: None
+    """
+    cloned_project = require_project(namespace, project_name, ProjectPermissions.Read)
+    dest_ns = destination.get('namespace', current_user.username).strip()
+    dest_project = destination.get('project', cloned_project.name).strip()
+
+    check_access_to_namespace(dest_ns, current_user)
+
+    _project = Project.query.filter_by(name=dest_project, namespace=dest_ns).first()
+    if _project:
+        abort(409, "Project {}/{} already exists!".format(dest_ns, dest_project))
+
+    p = Project(
+        name=dest_project,
+        storage_params={"type": "local", "location": generate_location()},
+        creator=current_user,
+        namespace=dest_ns
+    )
+    p.updated = datetime.utcnow()
+    pa = ProjectAccess(p, public=False)
+
+    try:
+        p.storage.initialize(template_project=cloned_project)
+    except InitializationError as e:
+        abort(400, f"Failed to clone project: {str(e)}")
+
+    version = "v1" if p.files else "v0"
+    changes = {"added": p.files, "renamed": [], "updated": [], "removed": []}
+    user_agent = get_user_agent(request)
+    p.latest_version = version
+    version = ProjectVersion(p, version, current_user.username, changes, p.files, get_ip(request), user_agent)
+    p.versions.append(version)
+    db.session.add(p)
+    db.session.add(pa)
+    db.session.commit()
+    wm.emit_signal(SIG_NEW_PROJECT, request.path, msg=f'New project *{dest_ns}/{dest_project}* has been cloned')
+    return NoContent, 200
+
+
+def get_resource_history(project_name, namespace, path):  # noqa: E501
+    """History of project resource (file)
+
+    Lookup in project versions to get history of changes for particular file # noqa: E501
+
+    :param project_name: Project name.
+    :type project_name: str
+    :param namespace: Namespace project belong to.
+    :type namespace: str
+    :param path: Path to file in project.
+    :type path: str
+
+    :rtype: FileInfo
+    """
+    project = require_project(namespace, project_name, ProjectPermissions.Read)
+    file = next((f for f in project.files if f['path'] == path), None)
+    if not file:
+        abort(404, path)
+
+    last_version = ProjectVersion.query.filter_by(project_id=project.id).order_by(
+        ProjectVersion.created.desc()).first_or_404()
+    file['history'] = project.file_history(file['path'], 'v1', last_version.name)
+    file_info = FileInfoSchema(context={'project_dir': project.storage.project_dir}).dump(file)
+    return file_info, 200
+
+
+def get_resource_changeset(project_name, namespace, version_id, path):  # noqa: E501
+    """ Changeset of the resource (file)
+
+    Calculate geodiff changeset for particular file and particular project version # noqa: E501
+
+    :param project_name: Project name.
+    :type project_name: str
+    :param namespace: Namespace project belong to.
+    :type namespace: str
+    :param version_id: Version id of the file.
+    :type version_id: str
+    :param path: Path to file in project.
+    :type path: str
+
+    :rtype: [GeodiffChangeset]
+    """
+    project = require_project(namespace, project_name, ProjectPermissions.Read)
+    if not project:
+        abort(404, f"Project {namespace}/{project_name} not found")
+
+    version = ProjectVersion.query.filter_by(project_id=project.id, name=version_id).first()
+    if not version:
+        abort(404, f"Version {version_id} in project {namespace}/{project_name} not found")
+
+    file = next((f for f in version.files if f['location'] == os.path.join(version_id, path)), None)
+    if not file:
+        abort(404, f"File {path} not found")
+
+    if 'diff' not in file:
+        abort(404, "Diff not found")
+
+    changeset = os.path.join(version.project.storage.project_dir, file['diff']['location'])
+    json_file = os.path.join(version.project.storage.project_dir, file['location'] + '-diff-changeset')
+    if not os.path.exists(json_file):
+        try:
+            version.project.storage.geodiff.list_changes(changeset, json_file)
+        except GeoDiffLibError as e:
+            abort(422, f"Change set could not be calculated: {str(e)}")
+
+    with open(json_file, 'r') as jf:
+        content = json.load(jf)
+        if 'geodiff' not in content:
+            abort(422, "Expected format does not match response from Geodiff")
+
+    return content['geodiff'], 200
diff --git a/server/src/controllers/project_transfer_controller.py b/server/src/controllers/project_transfer_controller.py
new file mode 100644
index 00000000..fde405f0
--- /dev/null
+++ b/server/src/controllers/project_transfer_controller.py
@@ -0,0 +1,208 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+from datetime import datetime, timedelta
+from connexion import NoContent, request
+from flask import abort, render_template, current_app
+from flask_login import current_user
+from sqlalchemy.orm.attributes import flag_modified
+from sqlalchemy.orm.session import make_transient
+from sqlalchemy import or_
+
+from .. import db
+from ..models.db_models import Project, ProjectTransfer, Namespace, Account, AccessRequest
+from ..models.schemas import ProjectTransferSchema
+
+from ..auth import auth_required
+from ..auth.models import User
+from ..permissions import require_project, ProjectPermissions, check_namespace_permissions
+from .. import wm, SIG_PROJECT_TRANSFERED
+from ..organisation.models import Organisation
+
+
+@auth_required
+def get_project_transfers(namespace):  # noqa: E501
+    """List project transfers.
+
+    :rtype: List[ProjectTransfer]
+    """
+    if not (check_namespace_permissions(namespace, current_user, 'admin') or current_user.is_admin):
+        abort(403)
+    transfers = ProjectTransfer.query.filter(or_(
+        ProjectTransfer.to_ns_name == namespace,
+        ProjectTransfer.from_ns_name == namespace)
+    ).all()
+    data = ProjectTransferSchema(many=True).dump(transfers)
+    return data, 200
+
+
+@auth_required
+def request_transfer(namespace, project_name, data=None):
+    """ Request transfer project.
+
+    Request transfer project to another namespace.
+
+    :param namespace: Namespace for project to look into.
+    :type namespace: str
+    :param project_name: Project name.
+    :type project_name: str
+    :param data: Request payload - destination namespace.
+    :type data: dict | bytes
+    :rtype: None
+    """
+    from ..celery import send_email_async
+
+    project = require_project(namespace, project_name, ProjectPermissions.All)
+    dest_ns = data.get('namespace', None)
+    if not dest_ns:
+        abort(400, "Missing destination namespace")
+    to_ns = Namespace.query.filter_by(name=dest_ns).first_or_404(f"{dest_ns} namespace not found")
+    pt = ProjectTransfer.query.filter_by(project_id=project.id, from_ns_name=project.namespace).first()
+    if pt:
+        abort(409, f"The project {project.namespace}/{project.name} is already in a transfer process")
+    try:
+        transfer = ProjectTransfer(project, to_ns, current_user.id)
+        db.session.add(transfer)
+        db.session.commit()
+
+        if to_ns.account.type == "user":
+            user = User.query.get(to_ns.account.owner_id)
+            users = [user]
+            link = f"{request.url_root.rstrip('/')}/users/{user.username}/projects"
+        else:
+            org = Organisation.query.get(to_ns.account.owner_id)
+            users = User.query.filter(User.id.in_(org.admins)).all()
+            link = f"{request.url_root.rstrip('/')}/organisations/{org.name}/projects"
+        for user in users:
+            body = render_template(
+                'email/project_transfer_request.html',
+                subject="Project transfer requested",
+                username=user.username,
+                project_name=project_name,
+                namescape_to=dest_ns,
+                namespace_from=namespace,
+                link=link,
+                expire=datetime.utcnow() + timedelta(seconds=current_app.config['TRANSFER_EXPIRATION'])
+            )
+            email_data = {
+                'subject': 'Mergin project transfer request',
+                'html': body,
+                'recipients': [user.email],
+                'sender': current_app.config['MAIL_DEFAULT_SENDER']
+            }
+            send_email_async.delay(**email_data)
+
+        return NoContent, 201
+    except ProjectTransfer.TransferError as e:
+        abort(400, str(e))
+
+
+@auth_required
+def delete_transfer_project(id):
+    """ Delete transfer project of Project Transfer data.
+
+    Delete transfer project on the project transfer data
+
+    :param id: project transfer id.
+    :type id: str
+
+    :rtype: None
+    """
+    project_transfer = ProjectTransfer.query.filter_by(id=id).first_or_404("Project transfer is not found")
+    if not check_namespace_permissions(project_transfer.from_ns_name, current_user, 'admin') and not check_namespace_permissions(project_transfer.to_ns_name, current_user, 'admin'):
+        abort(403, "You don't have access for transferring this project")
+    db.session.delete(project_transfer)
+    db.session.commit()
+    return NoContent, 200
+
+
+@auth_required
+def execute_transfer_project(id, data=None):
+    """ Execute transfer project of Project Transfer data.
+
+    Only project namespace/name is modified. Files are saved on disk independently on project owner, hence not touched.
+
+    :param id: project transfer id.
+    :type id: str
+    :param data: payload of post request
+    :type data: dict
+    :rtype: None
+    """
+    project_transfer = ProjectTransfer.query.filter_by(id=id).first_or_404("Project transfer not found")
+    if not check_namespace_permissions(project_transfer.to_ns_name, current_user, 'admin'):
+        abort(403, "You don't have access for transferring this project")
+
+    # we check if user use new project name
+    old_project_name = project_transfer.project.name
+    old_project_id = project_transfer.project.id
+    old_namespace = project_transfer.from_ns_name
+    new_project_name = data.get('name', project_transfer.project.name)
+    new_namespace = project_transfer.to_ns_name
+    transfer_permission = data.get('transfer_permissions', True)
+
+    # we validate if the project already exist in new namespace
+    if Project.query.filter_by(name=new_project_name, namespace=project_transfer.to_ns.name).first():
+        abort(409, f"Project {project_transfer.to_ns.name}/{new_project_name} already exists")
+
+    # check if there is ongoing upload
+    if project_transfer.project.uploads.first():
+        abort(400, f"There is ongoing upload for {project_transfer.from_ns_name}/{project_transfer.project.name}. "
+                   f"Please try later")
+
+    # check if expired
+    if project_transfer.is_expired():
+        abort(400, "The request is already expired")
+
+    # check if new owner has enough disk space to host new project
+    new_ns = Namespace.query.filter_by(name=project_transfer.to_ns_name).first()
+    if new_ns.disk_usage() + project_transfer.project.disk_usage > new_ns.storage:
+        abort(400, "Disk quota reached")
+
+    new_owner = new_ns.account.owner()
+    if isinstance(new_owner, User):
+        new_owner_id = new_owner.id
+    elif isinstance(new_owner, Organisation):
+        owner_user = User.query.filter_by(id=new_owner.owners[0]).first()
+        if not owner_user:
+            abort(400, "Target organisation does not have an owner to accept transfer")
+        new_owner_id = owner_user.id
+    else:
+        assert False
+
+    # all checks passed - let's transfer it
+    # delete ongoing project access requests
+    AccessRequest.query.filter(AccessRequest.namespace == old_namespace, AccessRequest.project_id == old_project_id).delete()
+    db.session.commit()
+
+    # change namespace/name
+    project = project_transfer.project
+    project.name = new_project_name
+    project.namespace = project_transfer.to_ns.name
+
+    # we change creator id to the new owner, either new user or first owner of organisation
+    project.creator_id = new_owner_id
+
+    # clean permissions if new owner decided for it or just append new owner
+    if not transfer_permission:
+        project.access.owners = [new_owner_id]
+        project.access.readers = [new_owner_id]
+        project.access.writers = [new_owner_id]
+    else:
+        if new_owner_id not in project.access.owners:
+            project.access.owners.append(new_owner_id)
+        if new_owner_id not in project.access.readers:
+            project.access.readers.append(new_owner_id)
+        if new_owner_id not in project.access.writers:
+            project.access.writers.append(new_owner_id)
+
+    db.session.add(project)
+    flag_modified(project.access, "owners")
+    flag_modified(project.access, "writers")
+    flag_modified(project.access, "readers")
+    db.session.commit()
+
+    wm.emit_signal(
+        SIG_PROJECT_TRANSFERED,
+        request.path,
+        msg=f'Project *{old_namespace}/{old_project_name}* has been transferred to *{new_namespace}/{new_project_name}*')
+    return NoContent, 200
diff --git a/server/src/controllers/user_controller.py b/server/src/controllers/user_controller.py
new file mode 100644
index 00000000..fec7e729
--- /dev/null
+++ b/server/src/controllers/user_controller.py
@@ -0,0 +1,103 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+import pytz
+from datetime import datetime, timedelta
+from flask_login import current_user
+from flask import current_app, abort, request
+
+from .forms import ApiLoginForm
+from ..models.db_models import Namespace
+from ..auth import auth_required, authenticate
+from ..auth.bearer import encode_token
+from ..auth.models import User, LoginHistory
+from ..auth.schemas import UserProfileSchema
+
+
+def user_profile(user, return_all=True):
+    """ Return user profile in json format
+
+    Will return just some public profile if not return_all
+
+    :param user: User data that will be returned
+    :type user: User
+
+    :return: extended user profile with mergin service info
+    :rtype: dict
+    """
+    data = UserProfileSchema().dump(user.profile)
+    data['username'] = user.username
+    data['id'] = user.id
+
+    if return_all:
+        ns = Namespace.query.filter_by(name=user.username).first()
+        user_disk_space = ns.disk_usage()
+        data.update({
+            "email": user.email,
+            "disk_usage": user_disk_space,
+            "storage_limit": ns.storage,
+            "receive_notifications": user.profile.receive_notifications,
+            "verified_email": user.verified_email,
+            "tier": "free",
+            "registration_date": user.profile.registration_date
+        })
+    return data
+
+
+@auth_required
+def get_user(username=None):  # noqa: E501
+    """ Return user profile """
+    return user_profile(current_user, return_all=True)
+
+
+def _extract_first_error(errors):
+    """
+    For now, if the response is plain string,
+    InputApp displays it in the nice
+    notification window. Extract first error
+    and just send that one to client
+    """
+    for key, value in errors.items():
+        val = str(value[0])
+        if key.lower() in val.lower():
+            # e.g. Passwords must contain special character.
+            # in this case we do not need to add key "password"
+            # since it is obvious from where it comes from
+            return val
+        elif val.startswith("Field"):
+            # e.g. Field must be longer than 4 characters
+            # In this case the generic validator use Field
+            # replace with the key (e.g. "Username")
+            return val.replace("Field", key.capitalize())
+        else:
+            # show both key and value
+            return val + "(" + key + ")"
+
+    return "Unknown error in input fields"
+
+
+def login():  # noqa: E501
+    form = ApiLoginForm()
+    if form.validate():
+        user = authenticate(form.login.data, form.password.data)
+        if user and user.active:
+            expire = datetime.now(pytz.utc) + timedelta(seconds=current_app.config['BEARER_TOKEN_EXPIRATION'])
+            token_data = {
+                "user_id": user.id,
+                "username": user.username,
+                "email": user.email,
+                "expire": str(expire)
+            }
+            token = encode_token(current_app.config['SECRET_KEY'], token_data)
+
+            data = user_profile(user)
+            data["session"] = {
+                "token": token,
+                "expire": expire
+            }
+            LoginHistory.add_record(user.username, request)
+            return data
+        elif not user:
+            abort(401, 'Invalid username or password')
+        elif not user.active:
+            abort(401, 'Account is not activated')
+    abort(400, _extract_first_error(form.errors))
diff --git a/server/src/db_events.py b/server/src/db_events.py
new file mode 100644
index 00000000..6a30ba96
--- /dev/null
+++ b/server/src/db_events.py
@@ -0,0 +1,191 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+import os
+from flask import render_template, current_app, abort
+from sqlalchemy import event
+
+from . import db
+from .auth.models import User, UserProfile
+from .models.db_models import Namespace, Project, ProjectAccess, Account, RemovedProject
+from .organisation import Organisation, OrganisationInvitation
+from .celery import send_email_async
+from .storages.disk import move_to_tmp
+
+
+def before_namespace_delete(mapper, connection, namespace):  # pylint: disable=W0612
+    """ Remove namespace projects including project files on disk. Also remove project backups for restore """
+    projects = Project.query.filter_by(namespace=namespace.name).all()
+    for project in projects:
+        if os.path.exists(project.storage.project_dir):
+            project.storage.delete()
+
+    removed_projects = RemovedProject.query.filter_by(namespace=namespace.name).all()
+    rp_table = RemovedProject.__table__
+    for rp in removed_projects:
+        rp_dir = os.path.abspath(os.path.join(current_app.config['LOCAL_PROJECTS'], rp.properties["storage_params"]["location"]))
+        if os.path.exists(rp_dir):
+            move_to_tmp(rp_dir)
+        connection.execute(removed_projects.delete().where(rp_table.c.id == rp.id))
+
+
+def add_user_namespace(mapper, connection, user):  # pylint: disable=W0612
+    ns = Namespace.query.filter_by(name=user.username).first()
+    if ns:
+        abort(400, "Namespace already exists")
+    account_table = Account.__table__
+    connection.execute(account_table.insert().values(owner_id=user.id, type="user"))
+    account = Account.query.filter_by(type='user', owner_id=user.id).first()
+    ns_table = Namespace.__table__
+    connection.execute(ns_table.insert().values(name=user.username, account_id=account.id))
+    # emit signal that account has been created
+    account.created(connection)
+
+
+def remove_user_references(mapper, connection, user):  # pylint: disable=W0612
+    q = Project.access.has(ProjectAccess.owners.contains([user.id])) \
+        | Project.access.has(ProjectAccess.readers.contains([user.id])) \
+        | Project.access.has(ProjectAccess.readers.contains([user.id]))
+    projects = Project.query.filter(q).all()
+
+    def filter_user(ids):
+        return filter(lambda i: i != user.id, ids)
+
+    if projects:
+        pa_table = ProjectAccess.__table__
+        for p in projects:
+            pa = p.access
+            connection.execute(
+                pa_table.update().where(pa_table.c.project_id == p.id),
+                owners=filter_user(pa.owners),
+                writers=filter_user(pa.writers),
+                readers=filter_user(pa.readers)
+            )
+
+    # remove pending invitations for user
+    inv_table = OrganisationInvitation.__table__
+    connection.execute(inv_table.delete().where(inv_table.c.username == user.username))
+
+    # remove from organisations
+    q = Organisation.owners.contains([user.id]) \
+        | Organisation.readers.contains([user.id]) \
+        | Organisation.admins.contains([user.id]) \
+        | Organisation.writers.contains([user.id])
+    organisations = Organisation.query.filter(q).all()
+
+    if organisations:
+        o_table = Organisation.__table__
+        for o in organisations:
+            # in case of user is the only owner, remove also whole organisation
+            if o.owners == [user.id]:
+                connection.execute(inv_table.delete().where(inv_table.c.org_name == o.name))
+                connection.execute(o_table.delete().where(o_table.c.name == o.name))
+
+            connection.execute(
+                o_table.update().where(o_table.c.name == o.name),
+                owners=filter_user(o.owners),
+                writers=filter_user(o.writers),
+                readers=filter_user(o.readers),
+                admins=filter_user(o.admins)
+            )
+
+
+def project_post_delete_actions(mapper, connection, project):  # pylint: disable=W0612
+    """
+    After project is deleted inform users by sending email.
+
+    :param project: Project object
+    """
+    if not project.access:
+        return
+
+    users_ids = list(set(project.access.owners + project.access.writers + project.access.readers))
+    users_profiles = UserProfile.query.filter(UserProfile.user_id.in_(users_ids)).all()
+    for profile in users_profiles:
+        if not (profile.receive_notifications and profile.user.verified_email):
+            continue
+
+        email_data = {
+            'subject': f'Mergin project {"/".join([project.namespace, project.name])} has been deleted',
+            'html': render_template('email/removed_project.html', subject="Project deleted", project=project, username=profile.user.username),
+            'recipients': [profile.user.email],
+            'sender': current_app.config['MAIL_DEFAULT_SENDER']
+        }
+        send_email_async.delay(**email_data)
+
+
+def check(session):
+    if os.path.isfile(current_app.config['MAINTENANCE_FILE']):
+        abort(503, "Service unavailable due to maintenance, please try later")
+
+
+def before_user_profile_updated(mapper, connection, target):
+    """
+    Before profile updated, inform user by sending email about that profile that changed
+    Just send email if user want to receive notifications
+    """
+    if target.receive_notifications and target.user.verified_email:
+        state = db.inspect(target)
+        changes = {}
+
+        for attr in state.attrs:
+            hist = attr.load_history()
+            if not hist.has_changes():
+                continue
+
+            before = hist.deleted[0]
+            after = hist.added[0]
+            field = attr.key
+
+            # if boolean, show Yes or No
+            if before is not None and isinstance(before, bool):
+                before = 'Yes' if before is True else 'No'
+            if after is not None and isinstance(after, bool):
+                after = 'Yes' if after is True else 'No'
+
+            profile_key = field.title().replace('_', ' ')
+            changes[profile_key] = {
+                'before': before,
+                'after': after
+            }
+
+        # inform user
+        if changes:
+            email_data = {
+                'subject': 'Profile has been changed',
+                'html': render_template('email/profile_changed.html', subject="Profile update", user=target.user, changes=changes),
+                'recipients': [target.user.email],
+                'sender': current_app.config['MAIL_DEFAULT_SENDER']
+            }
+            send_email_async.delay(**email_data)
+
+
+def add_org_namespace(mapper, connection, organisation):  # pylint: disable=W0612
+    ns = Namespace.query.filter_by(name=organisation.name).first()
+    if ns:
+        abort(400, "Namespace already exists")
+    account_table = Account.__table__
+    connection.execute(account_table.insert().values(owner_id=organisation.id, type="organisation"))
+    account = Account.query.filter_by(type='organisation', owner_id=organisation.id).first()
+    ns_table = Namespace.__table__
+    connection.execute(ns_table.insert().values(name=organisation.name, account_id=account.id))
+    account.created(connection)
+
+
+def register_events():
+    event.listen(User, "after_insert", add_user_namespace)
+    event.listen(User, "before_delete", remove_user_references)
+    event.listen(Project, "after_delete", project_post_delete_actions)
+    event.listen(db.session, 'before_commit', check)
+    event.listen(UserProfile, 'after_update', before_user_profile_updated)
+    event.listen(Namespace, "before_delete", before_namespace_delete)
+    event.listen(Organisation, "after_insert", add_org_namespace)
+
+
+def remove_events():
+    event.remove(User, "after_insert", add_user_namespace)
+    event.remove(User, "before_delete", remove_user_references)
+    event.remove(Project, "after_delete", project_post_delete_actions)
+    event.remove(db.session, 'before_commit', check)
+    event.remove(UserProfile, 'after_update', before_user_profile_updated)
+    event.remove(Namespace, "before_delete", before_namespace_delete)
+    event.remove(Organisation, "after_insert", add_org_namespace)
diff --git a/server/src/encoder.py b/server/src/encoder.py
new file mode 100644
index 00000000..67d3c698
--- /dev/null
+++ b/server/src/encoder.py
@@ -0,0 +1,20 @@
+from connexion.apps.flask_app import FlaskJSONEncoder
+import six
+
+from .models.base_model_ import Model
+
+
+class JSONEncoder(FlaskJSONEncoder):
+    include_nulls = False
+
+    def default(self, o):
+        if isinstance(o, Model):
+            dikt = {}
+            for attr, _ in six.iteritems(o.swagger_types):
+                value = getattr(o, attr)
+                if value is None and not self.include_nulls:
+                    continue
+                attr = o.attribute_map[attr]
+                dikt[attr] = value
+            return dikt
+        return FlaskJSONEncoder.default(self, o)
diff --git a/server/src/forms.py b/server/src/forms.py
new file mode 100644
index 00000000..e479a8ee
--- /dev/null
+++ b/server/src/forms.py
@@ -0,0 +1,31 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+from wtforms import StringField, Field, SelectField
+from wtforms.validators import DataRequired, Length, ValidationError
+from flask_wtf import FlaskForm
+from .util import is_name_allowed
+
+
+def namespace_validation(form, field):
+    if field.data and (not is_name_allowed(field.data) or '@' in field.data):
+        raise ValidationError("Please use only alphanumeric or these -._~()'!*:,; characters in {}.".format(field.name))
+
+
+class IntegerListField(Field):
+    def _value(self):
+        return self.data
+
+    def process_formdata(self, valuelist):
+        self.data = valuelist
+
+
+class SendEmailForm(FlaskForm):
+    users = IntegerListField()  # FieldList(IntegerField()) was not working
+    subject = StringField(validators=[DataRequired(), Length(max=50)])
+    message = StringField(validators=[DataRequired()])
+
+
+class AccessPermissionForm(FlaskForm):
+    permissions = SelectField("permissions", [DataRequired()], choices=[
+        ('read', 'read'), ('write', 'write'), ('owner', 'owner')])
diff --git a/server/src/mergin_utils.py b/server/src/mergin_utils.py
new file mode 100644
index 00000000..5d6b1d08
--- /dev/null
+++ b/server/src/mergin_utils.py
@@ -0,0 +1,166 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+import os
+import hashlib
+import re
+import secrets
+from threading import Timer
+from uuid import UUID
+
+from gevent import sleep
+
+
+def generate_checksum(file, chunk_size=4096):
+    """
+    Generate checksum for file from chunks.
+
+    :param file: file to calculate checksum
+    :param chunk_size: size of chunk
+    :return: sha1 checksum
+    """
+    checksum = hashlib.sha1()
+    with open(file, 'rb') as f:
+        while True:
+            chunk = f.read(chunk_size)
+            sleep(0)  # to unblock greenlet
+            if not chunk:
+                return checksum.hexdigest()
+            checksum.update(chunk)
+
+
+class Toucher:
+    """
+    Helper class to periodically update modification time of file during
+    execution of longer lasting task.
+
+    Example of usage:
+    -----------------
+    with Toucher(file, interval):
+        do_something_slow
+
+    """
+    def __init__(self, lockfile, interval):
+        self.lockfile = lockfile
+        self.interval = interval
+        self.running = False
+        self.timer = None
+
+    def __enter__(self):
+        self.acquire()
+
+    def __exit__(self, type, value, tb):  # pylint: disable=W0612,W0622
+        self.release()
+
+    def release(self):
+        self.running = False
+        if self.timer:
+            self.timer.cancel()
+            self.timer = None
+
+    def acquire(self):
+        self.running = True
+        self.touch_lockfile()
+
+    def touch_lockfile(self):
+        # do an NFS ACCESS procedure request to clear the attribute cache (for various pods to actually see the file)
+        # https://docs.aws.amazon.com/efs/latest/ug/troubleshooting-efs-general.html#custom-nfs-settings-write-delays
+        os.access(self.lockfile, os.W_OK)
+        with open(self.lockfile, 'a'):
+            os.utime(self.lockfile, None)
+        if self.running:
+            self.timer = Timer(self.interval, self.touch_lockfile)
+            self.timer.start()
+
+
+def resolve_tags(files):
+    def _is_qgis(filename):
+        _, ext = os.path.splitext(filename)
+        return ext in ['.qgs', '.qgz']
+
+    tags = []
+    qgis_count = 0
+    for f in files:
+        if _is_qgis(f['path']):
+            qgis_count += 1
+    #TODO add some rules for intput validity and mappin validity
+    if qgis_count == 1:
+        tags.extend(['valid_qgis', 'input_use'])
+    return tags
+
+
+def int_version(version):
+    """ Convert v<n> format of version to integer representation. """
+    return int(version.lstrip('v')) if re.match(r'v\d', version) else None
+
+
+def is_versioned_file(file):
+    """ Check if file is compatible with geodiff lib and hence suitable for versioning. """
+    diff_extensions = ['.gpkg', '.sqlite']
+    f_extension = os.path.splitext(file)[1]
+    return f_extension in diff_extensions
+
+
+def is_file_name_blacklisted(path, blacklist):
+    blacklisted_dirs = get_blacklisted_dirs(blacklist)
+    blacklisted_files = get_blacklisted_files(blacklist)
+    if blacklisted_dirs:
+        regexp_dirs = re.compile(r'({})'.format('|'.join(".*" + re.escape(x) + ".*" for x in blacklisted_dirs)))
+        if regexp_dirs.search(os.path.dirname(path)):
+            return True
+    if blacklisted_files:
+        regexp_files = re.compile(r'({})'.format('|'.join(".*" + re.escape(x) + ".*" for x in blacklisted_files)))
+        if regexp_files.search(os.path.basename(path)):
+            return True
+
+    return False
+
+
+def get_blacklisted_dirs(blacklist):
+    return [p.replace("/", "") for p in blacklist if p.endswith("/")]
+
+
+def get_blacklisted_files(blacklist):
+    return [p for p in blacklist if not p.endswith("/")]
+
+
+def get_user_agent(request):
+    """ Return user agent from request headers
+
+    In case of browser client a parsed version from werkzeug utils is returned else raw value of header.
+    """
+    if request.user_agent.browser and request.user_agent.platform:
+        client = request.user_agent.browser.capitalize()
+        version = request.user_agent.version
+        system = request.user_agent.platform.capitalize()
+        return f"{client}/{version} ({system})"
+    else:
+        return request.user_agent.string
+
+
+def get_ip(request):
+    """ Returns request's IP address based on X_FORWARDED_FOR header
+    from proxy webserver (which should always be the case)
+    """
+    forwarded_ips = request.environ.get('HTTP_X_FORWARDED_FOR', request.environ.get('REMOTE_ADDR', 'untrackable'))
+    # seems like we get list of IP addresses from AWS infra (beginning with external IP address of client, followed by some internal IP)
+    ip = forwarded_ips.split(",")[0]
+    return ip
+
+
+def generate_location():
+    """ Return random location where project is saved on disk
+
+    Example:
+        >>> generate_location()
+        '1c/624c6af4d6d2710bbfe1c128e8ca267b'
+    """
+    return os.path.join(secrets.token_hex(1), secrets.token_hex(16))
+
+
+def is_valid_uuid(uuid):
+    """ Check object can be parse as valid UUID """
+    try:
+        UUID(uuid)
+        return True
+    except (ValueError, AttributeError):
+        return False
diff --git a/server/src/models/__init__.py b/server/src/models/__init__.py
new file mode 100644
index 00000000..9bba2f8f
--- /dev/null
+++ b/server/src/models/__init__.py
@@ -0,0 +1,4 @@
+# coding: utf-8
+
+# flake8: noqa
+from __future__ import absolute_import
diff --git a/server/src/models/base_model_.py b/server/src/models/base_model_.py
new file mode 100644
index 00000000..a61cf285
--- /dev/null
+++ b/server/src/models/base_model_.py
@@ -0,0 +1,68 @@
+import pprint
+import typing
+import six
+
+from .. import util
+
+T = typing.TypeVar('T')
+
+
+class Model(object):
+    # swaggerTypes: The key is attribute name and the
+    # value is attribute type.
+    swagger_types = {}
+
+    # attributeMap: The key is attribute name and the
+    # value is json key in definition.
+    attribute_map = {}
+
+    @classmethod
+    def from_dict(cls: typing.Type[T], dikt) -> T:
+        """Returns the dict as a model"""
+        return util.deserialize_model(dikt, cls)
+
+    def to_dict(self):
+        """Returns the model properties as a dict
+
+        :rtype: dict
+        """
+        result = {}
+
+        for attr, _ in six.iteritems(self.swagger_types):
+            value = getattr(self, attr)
+            if isinstance(value, list):
+                result[attr] = list(map(
+                    lambda x: x.to_dict() if hasattr(x, "to_dict") else x,
+                    value
+                ))
+            elif hasattr(value, "to_dict"):
+                result[attr] = value.to_dict()
+            elif isinstance(value, dict):
+                result[attr] = dict(map(
+                    lambda item: (item[0], item[1].to_dict())
+                    if hasattr(item[1], "to_dict") else item,
+                    value.items()
+                ))
+            else:
+                result[attr] = value
+
+        return result
+
+    def to_str(self):
+        """Returns the string representation of the model
+
+        :rtype: str
+        """
+        return pprint.pformat(self.to_dict())
+
+    def __repr__(self):
+        """For `print` and `pprint`"""
+        return self.to_str()
+
+    def __eq__(self, other):
+        """Returns true if both objects are equal"""
+        return self.__dict__ == other.__dict__
+
+    def __ne__(self, other):
+        """Returns true if both objects are not equal"""
+        return not self == other
diff --git a/server/src/models/db_models.py b/server/src/models/db_models.py
new file mode 100644
index 00000000..6d890548
--- /dev/null
+++ b/server/src/models/db_models.py
@@ -0,0 +1,465 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+import json
+import os
+import uuid
+from datetime import datetime, timedelta
+from blinker import signal
+from sqlalchemy.dialects.postgresql import ARRAY, BIGINT, ENUM, UUID
+from sqlalchemy.types import String
+from collections import OrderedDict
+from pygeodiff.geodifflib import GeoDiffLibError
+
+from .. import current_app, db
+from ..storages import DiskStorage
+from ..auth.models import User  # pylint: disable=W0611
+from ..mergin_utils import int_version, is_versioned_file
+
+Storages = {
+    "local": DiskStorage
+}
+
+account_created = signal('account_created')
+account_inactivated = signal('account_inactivated')
+
+
+class Project(db.Model):
+    id = db.Column(UUID(as_uuid=True), primary_key=True, default=uuid.uuid4)
+    name = db.Column(db.String, index=True)
+    storage_params = db.Column(db.JSON)
+    created = db.Column(db.DateTime, default=datetime.utcnow, index=True)
+    creator_id = db.Column(db.Integer, db.ForeignKey("user.id"), nullable=True, index=True)
+    updated = db.Column(db.DateTime, onupdate=datetime.utcnow)
+    # metadata for project files (see also FileInfoSchema)
+    files = db.Column(db.JSON, default=[])
+    tags = db.Column(ARRAY(String), server_default="{}")
+    disk_usage = db.Column(BIGINT, nullable=False, default=0)
+    latest_version = db.Column(db.String, index=True)
+
+    creator = db.relationship("User", uselist=False, backref=db.backref("projects", cascade="all,delete"))
+    namespace = db.Column(db.String, db.ForeignKey("namespace.name", ondelete="CASCADE"), index=True)
+    __table_args__ = (db.UniqueConstraint('name', 'namespace'),)
+
+    def __init__(self, name, storage_params, creator, namespace, **kwargs):  # pylint: disable=W0613
+        self.name = name
+        self.storage_params = storage_params
+        self.creator = creator
+        self.namespace = namespace
+        self.latest_version = "v0"
+
+    @property
+    def storage(self):
+        if not hasattr(self, '_storage'):  # best approach, seriously
+            StorageBackend = Storages[self.storage_params['type']]
+            self._storage = StorageBackend(self)  # pylint: disable=W0201
+        return self._storage
+
+    def file_history(self, file, since, to):
+        """
+        Look up in project versions for history of versioned file.
+        Returns ordered (from latest) dict with versions where some change happened and corresponding metadata.
+
+        :Example:
+
+        >>> self.file_history('mergin/base.gpkg', 'v1', 'v2')
+        {'v2': {'checksum': '08b0e8caddafe74bf5c11a45f65cedf974210fed', 'location': 'v2/base.gpkg', 'path': 'base.gpkg',
+        'size': 2793, 'change': 'updated'}, 'v1': {checksum': '89469a6482267de394c7c7270cb7ffafe694ea76',
+        'location': 'v1/base.gpkg', 'mtime': '2019-07-18T07:52:38.770113Z', 'path': 'base.gpkg', 'size': 98304,
+        'change': 'added'}}
+
+        :param file: file path
+        :type file: str
+        :param since: start version for history (e.g. v1)
+        :type since: str
+        :param to: end version for history (e.g. v2)
+        :type to: str
+        :returns: changes metadata for versions where some file change happened
+        :rtype: dict
+        """
+        since = int_version(since)
+        to = int_version(to)
+        if not (is_versioned_file(file) and since is not None and to is not None):
+            return {}
+
+        history = OrderedDict()
+        versions = sorted(self.versions, key=lambda v: int_version(v.name))
+        # version v0 was added as initial version later and some older projects may not have it
+        if versions[0].name == "v0":
+            to = to + 1
+            since = since + 1
+
+        for version in reversed(versions[since-1:to]):
+            f_change = version.find_file_change(file)
+            if not f_change:
+                continue
+            # make sure we find with correct filename next time
+            if f_change['change'] == 'renamed':
+                file = f_change['path']
+            history[version.name] = f_change
+            # end of file history
+            if f_change['change'] in ['added', 'removed']:
+                break
+
+        return history
+
+
+class ProjectAccess(db.Model):
+    project_id = db.Column(UUID(as_uuid=True), db.ForeignKey("project.id", ondelete="CASCADE"), primary_key=True, index=True)
+    public = db.Column(db.Boolean, default=False, index=True)
+    owners = db.Column(ARRAY(db.Integer), server_default="{}")
+    readers = db.Column(ARRAY(db.Integer), server_default="{}")
+    writers = db.Column(ARRAY(db.Integer), server_default="{}")
+
+    project = db.relationship("Project",
+                              uselist=False,
+                              backref=db.backref("access", single_parent=True, uselist=False, cascade="all,delete", lazy='joined'))
+
+    __table_args__ = (db.Index('ix_project_access_owners', owners, postgresql_using="gin"),
+                      db.Index('ix_project_access_readers', readers, postgresql_using="gin"),
+                      db.Index('ix_project_access_writers', writers, postgresql_using="gin"),)
+
+    def __init__(self, project, public=False):
+        self.project = project
+        self.owners = [project.creator.id]
+        self.writers = [project.creator.id]
+        self.readers = [project.creator.id]
+        self.project_id = project.id
+        self.public = public
+
+
+class ProjectVersion(db.Model):
+    id = db.Column(db.Integer, primary_key=True, autoincrement=True)
+    name = db.Column(db.String, index=True)
+    project_id = db.Column(UUID(as_uuid=True), db.ForeignKey("project.id", ondelete="CASCADE"), index=True)
+    created = db.Column(db.DateTime, default=datetime.utcnow, index=True)
+    author = db.Column(db.String, index=True)
+    # metadata with files changes
+    # {"added": [{"checksum": "c9a4fd2afd513a97aba19d450396a4c9df8b2ba4", "path": "test.qgs", "size": 31980}],
+    # "removed": [], "renamed": [], "updated": []}
+    changes = db.Column(db.JSON)
+    # metadata (see also FileInfoSchema) for files in actual version
+    files = db.Column(db.JSON)
+    user_agent = db.Column(db.String, index=True)
+    ip_address = db.Column(db.String, index=True)
+    ip_geolocation_country = db.Column(db.String, index=True)  # geolocation country derived from IP (with celery job)
+    project_size = db.Column(BIGINT, nullable=False, default=0, index=True)  # size of project at current version (incl. files from older versions)
+
+    project = db.relationship(
+        "Project",
+        uselist=False,
+        backref=db.backref("versions", single_parent=True, lazy='subquery', cascade="all,delete", order_by="desc(ProjectVersion.created)")
+    )
+
+    def __init__(self, project, name, author, changes, files, ip, user_agent=None):
+        self.project_id = project.id
+        self.name = name
+        self.author = author
+        self.changes = changes
+        self.files = files
+        self.user_agent = user_agent
+        self.ip_address = ip
+        self.project_size = sum(f["size"] for f in self.files) if self.files else 0
+
+    def find_file_change(self, file):
+        """
+        Browse version changes and return requested file change metadata (if any). Append type of change.
+
+        :Example:
+
+        >>> self.find_file_change('data/test.gpkg')
+        {'checksum': '89469a6482267de394c7c7270cb7ffafe694ea76', 'location': 'v1/data/test.gpkg',
+        'mtime': '2019-07-18T07:52:38.770113Z', 'path': 'base.gpkg', 'size': 98304, 'change': 'added'}
+
+        :param file: file path
+        :type file: str
+        :returns: change metadata
+        :rtype: dict
+        """
+        for k, v in self.changes.items():
+            match_key = 'new_path' if k == 'renamed' else 'path'
+            changed_item = next((item for item in v if item.get(match_key) == file), None)
+            if changed_item:
+                changed_item['change'] = k
+                changed_item['location'] = next((f['location'] for f in self.files if f['path'] == changed_item[match_key]), None)
+                # append location of diff file
+                if 'diff' in changed_item:
+                    changed_item['diff']['location'] = next(
+                        (f['diff']['location'] for f in self.files if f['path'] == changed_item[match_key]), None)
+                return changed_item
+
+    def diff_summary(self):
+        """ Calculate diff summary for versioned files updated with geodiff
+
+        :Example:
+
+        >>> self.diff_summary()
+        {
+          'base.gpkg': {
+            'summary': [
+              {'table': 'gpkg_contents', 'insert': 0, 'update': 1, 'delete': 0},
+              {'table': 'simple', 'insert': 2, 'update': 0, 'delete': 0}
+            ],
+            'size': 278
+          },
+          'fail.gpkg': {
+            'error': 'some geodiff error',
+            'size': 278
+          }
+        }
+
+        :return: diffs' summaries for all updated files
+        :rtype: dict
+        """
+        output = {}
+        for f in self.changes["updated"]:
+            if 'diff' not in f:
+                continue
+            json_file = os.path.join(self.project.storage.project_dir, f['location'] + '-diff-summary')
+            changeset = os.path.join(self.project.storage.project_dir, f['diff']['location'])
+            if not os.path.exists(json_file):
+                try:
+                    self.project.storage.geodiff.list_changes_summary(changeset, json_file)
+                except GeoDiffLibError as e:
+                    output[f['path']] = {
+                        "error": str(e),
+                        "size": f['diff']['size']
+                    }
+                    continue
+
+            with open(json_file, 'r') as jf:
+                content = json.load(jf)
+                if 'geodiff_summary' not in content:
+                    continue
+
+                output[f['path']] = {
+                    "summary": content["geodiff_summary"],
+                    "size": f['diff']['size']
+                }
+
+        return output
+
+
+class Namespace(db.Model):
+    name = db.Column(db.String, primary_key=True)
+    account_id = db.Column(db.Integer, db.ForeignKey("account.id", ondelete="CASCADE"))
+    storage = db.Column(BIGINT, nullable=False, default=os.environ.get('DEFAULT_STORAGE_SIZE', 100 * 1024 * 1024))
+
+    account = db.relationship("Account", uselist=False, backref=db.backref("namespace", single_parent=True, uselist=False, cascade="all,delete"))
+
+    def __init__(self, name, account_id):
+        self.name = name
+        self.account_id = account_id
+
+    def projects(self):
+        return Project.query.filter_by(namespace=self.name).all()
+
+    def owner(self):
+        self.account.owner()
+
+    def disk_usage(self):
+        return sum(p.disk_usage for p in self.projects())
+
+
+class Upload(db.Model):
+    id = db.Column(db.String, primary_key=True)
+    project_id = db.Column(UUID(as_uuid=True), db.ForeignKey("project.id", ondelete="CASCADE"), index=True)
+    version = db.Column(db.Integer, index=True)
+    changes = db.Column(db.JSON)
+    user_id = db.Column(db.Integer, db.ForeignKey("user.id", ondelete="CASCADE"), nullable=True)
+    created = db.Column(db.DateTime, default=datetime.utcnow)
+
+    user = db.relationship("User")
+    project = db.relationship(
+        "Project",
+        uselist=False,
+        backref=db.backref("uploads", single_parent=True, lazy='dynamic', cascade="all,delete")
+    )
+    __table_args__ = (
+        db.UniqueConstraint('project_id', 'version'),
+    )
+
+    def __init__(self, project, version, changes, user_id):
+        self.id = str(uuid.uuid4())
+        self.project_id = project.id
+        self.version = version
+        self.changes = changes
+        self.user_id = user_id
+
+
+class ProjectTransfer(db.Model):
+    id = db.Column(db.String, primary_key=True)
+    project_id = db.Column(UUID(as_uuid=True), db.ForeignKey("project.id", ondelete="CASCADE"), index=True)
+    from_ns_name = db.Column(db.String, nullable=False, index=True)  # cached value for easier lookups
+    to_ns_name = db.Column(db.String, db.ForeignKey("namespace.name", ondelete="CASCADE"), nullable=False, index=True)
+    requested_by = db.Column(db.Integer, db.ForeignKey("user.id", ondelete="CASCADE"), nullable=True)
+    expire = db.Column(db.DateTime)
+
+    project = db.relationship(
+        "Project",
+        uselist=False,
+        backref=db.backref("transfers", single_parent=True, lazy='dynamic', cascade="all,delete")
+    )
+    to_ns = db.relationship(
+        "Namespace",
+        backref=db.backref("transfers", single_parent=True, lazy='dynamic', cascade="all,delete")
+    )
+    user = db.relationship("User")
+
+    __table_args__ = (db.UniqueConstraint('project_id'),)
+
+    class TransferError(Exception):
+        def __init__(self, reason=None):
+            error = 'Project transfer failed'
+            if reason:
+                error = '{} : {}'.format(error, reason)
+            self.errors = error
+
+    def __init__(self, project, to_namespace, requested_by):
+        """ Initiate project transfer to different namespace
+
+        :param project: project to be transferred
+        :type project: Project
+
+        :param to_namespace: the namespace for project to be transferred
+        :type to_namespace: Namespace
+
+        :param requested_by: requested by
+        :type requested_by: User.id
+        """
+        self.id = str(uuid.uuid4())
+        self.project_id = project.id
+        self.from_ns_name = project.namespace
+        self.to_ns_name = to_namespace.name
+        self.requested_by = requested_by
+        self.expire = datetime.utcnow() + timedelta(seconds=current_app.config['TRANSFER_EXPIRATION'])
+
+        if to_namespace.name == project.namespace:
+            raise self.TransferError('origin and destination namespaces are the same')
+
+    def is_expired(self):
+        """ Check if transfer request is expired
+        :rtype: bool
+        """
+        return datetime.utcnow() > self.expire
+
+
+class Account(db.Model):
+    """ Reference class to claim service ownership either by user or organisation """
+    id = db.Column(db.Integer, primary_key=True, autoincrement=True)
+    type = db.Column(ENUM("user", "organisation", name="account_type"), nullable=False, index=True)
+    owner_id = db.Column(db.Integer, nullable=False, index=True)
+
+    def __init__(self, type, owner_id):
+        self.type = type
+        self.owner_id = owner_id
+
+    def owner(self):
+        from ..organisation.models import Organisation
+
+        if self.type == 'organisation':
+            return Organisation.query.get(self.owner_id)
+        elif self.type == 'user':
+            return User.query.get(self.owner_id)
+        else:
+            return
+
+    def can_edit(self, user_id):
+        from ..organisation.models import Organisation
+        owner = self.owner()
+        if isinstance(owner, User):
+            return owner.id == user_id
+        elif isinstance(owner, Organisation):
+            return user_id in owner.owners
+        else:
+            return False
+
+    def email(self):
+        from ..organisation.models import Organisation
+        owner = self.owner()
+
+        if isinstance(owner, User):
+            return owner.email
+        elif isinstance(owner, Organisation):
+            owner_id = owner.owners[0]
+            user = User.query.get(owner_id)
+            return user.email
+        else:
+            return ''
+
+    def name(self):
+        from ..organisation.models import Organisation
+
+        owner = self.owner()
+        if isinstance(owner, User):
+            return owner.username
+        elif isinstance(owner, Organisation):
+            return owner.name
+        else:
+            return ''
+
+    def created(self, connection=None):
+        """ Emit blinker.signal event that account has been created """
+        account_created.send(self, connection=connection)
+
+    def inactivated(self, action):
+        account_inactivated.send(self, action=action)
+
+
+class AccessRequest(db.Model):
+    id = db.Column(db.Integer, primary_key=True, autoincrement=True)
+    user_id = db.Column(db.Integer, db.ForeignKey("user.id", ondelete="CASCADE"), index=True)
+    project_id = db.Column(UUID(as_uuid=True), db.ForeignKey("project.id", ondelete="CASCADE"), index=True)
+    namespace = db.Column(db.String, nullable=False, index=True)  # cached value for easier lookups
+    expire = db.Column(db.DateTime)
+
+    user = db.relationship("User", uselist=False)
+
+    project = db.relationship(
+        "Project",
+        uselist=False,
+        backref=db.backref("access_requests", single_parent=True, cascade="all,delete")
+    )
+
+    def __init__(self, project, user_id):
+        self.project_id = project.id
+        self.namespace = project.namespace
+        self.user_id = user_id
+        self.expire = datetime.utcnow() + timedelta(seconds=current_app.config['PROJECT_ACCESS_REQUEST'])
+
+    def accept(self, permissions):
+        """ The accept to project access request
+        """
+        # user = User.query.filter(User.username == self.username)
+        project_access = self.project.access
+        readers = project_access.readers.copy()
+        writers = project_access.writers.copy()
+        owners = project_access.owners.copy()
+        readers.append(self.user_id)
+        project_access.readers = readers
+        if permissions == "write" or permissions == "owner":
+            writers.append(self.user_id)
+            project_access.writers = writers
+        if permissions == "owner":
+            owners.append(self.user_id)
+            project_access.owners = owners
+
+        db.session.delete(self)
+        db.session.commit()
+
+
+class RemovedProject(db.Model):
+    id = db.Column(db.Integer, primary_key=True, autoincrement=True)
+    name = db.Column(db.String, nullable=False, index=True)
+    namespace = db.Column(db.String, nullable=False, index=True)
+    properties = db.Column(db.JSON, nullable=False)
+    timestamp = db.Column(db.DateTime, default=datetime.utcnow, index=True)
+    removed_by = db.Column(db.String, nullable=False)
+
+    def __init__(self, project, removed_by):
+        from .schemas import ProjectSchemaForDelete
+
+        self.name = project.name
+        self.namespace = project.namespace
+        self.properties = ProjectSchemaForDelete().dump(project)
+        self.removed_by = removed_by
diff --git a/server/src/models/schemas.py b/server/src/models/schemas.py
new file mode 100644
index 00000000..655d7dac
--- /dev/null
+++ b/server/src/models/schemas.py
@@ -0,0 +1,267 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+import copy
+import os
+import re
+from datetime import datetime
+from marshmallow import fields, pre_dump, post_dump
+from flask_login import current_user
+from flask import current_app
+
+from ..auth.schemas import UserSchema
+from .. import ma
+from ..mergin_utils import resolve_tags
+from ..permissions import ProjectPermissions
+from .db_models import Project, ProjectVersion, ProjectTransfer, Namespace, Account, AccessRequest, RemovedProject
+from ..auth.models import User
+
+
+class DateTimeWithZ(fields.DateTime):
+    def __init__(self, **kwargs):
+        super(DateTimeWithZ, self).__init__('%Y-%m-%dT%H:%M:%S%zZ', **kwargs)
+
+
+class ProjectAccessSchema(ma.ModelSchema):
+    owners = fields.List(fields.Integer())
+    writers = fields.List(fields.Integer())
+    readers = fields.List(fields.Integer())
+    public = fields.Boolean()
+
+    @post_dump
+    def insert_usernames(self, data, **kwargs):
+        """ Convert list of user ids in access levels to corresponding usernames
+        Adds fields 'ownersnames', 'writersnames' and 'readersnames' to serialized data
+        """
+        if 'users_map' in self.context:
+            # user map can be pass as context to save db query
+            users_map = self.context['users_map']
+        else:
+            user_ids = data['owners'] + data['writers'] + data['readers']
+            users_map = {u.id: u.username for u in User.query.filter(User.id.in_(set(user_ids))).all()}
+
+        for field in ('owners', 'writers', 'readers'):
+            new_key = field + 'names'
+            data[new_key] = []
+            users_ids = data[field]
+            for uid in users_ids:
+                if uid not in users_map:
+                    continue
+                username = users_map[uid]
+                data[new_key].append(username)
+        return data
+
+
+def project_user_permissions(project):
+    return {
+        "upload": ProjectPermissions.Upload.check(project, current_user),
+        "update": ProjectPermissions.Update.check(project, current_user),
+        "delete": ProjectPermissions.Delete.check(project, current_user)
+    }
+
+class FileInfoSchema(ma.ModelSchema):
+    path = fields.String()
+    size = fields.Integer()
+    checksum = fields.String()
+    location = fields.String(load_only=True)
+    mtime = fields.String()
+    diff = fields.Nested('self', required=False, missing={})
+    history = fields.Dict(required=False, dump_only=True, missing={})
+
+    @pre_dump
+    def patch_history_field(self, data, **kwargs):
+        """
+        Append expiration to materialized versioned files and remove internal server metadata from final response.
+        This is because history is general dict with yet unknown structure.
+        #TODO resolve once marshmallow 3.0 is released.
+        history = fields.Dict(keys=fields.String(), values=fields.Nested('self', exclude=['location', 'chunks']))
+        """
+        # diff field (self-nested does not contain history)
+        if 'history' not in data:
+            return data
+
+        _data = copy.deepcopy(data)  # create deep copy to avoid messing around with original object
+        for item in _data['history'].values():
+            if 'diff' in item:
+                item['diff'].pop('location', None)
+                item['diff'].pop('sanitized_path', None)
+                if self.context and 'project_dir' in self.context:
+                    abs_path = os.path.join(self.context['project_dir'], item['location'])
+                    if os.path.exists(abs_path):
+                        expiration = os.path.getmtime(abs_path) + current_app.config['FILE_EXPIRATION']
+                        item.update(expiration=datetime.utcfromtimestamp(expiration))
+            item.pop('location', None)
+            item.pop('chunks', None)
+            item.pop('sanitized_path', None)
+        return _data
+
+
+class ProjectSchemaForVersion(ma.ModelSchema):
+    """ Equivalent of ProjectSchema when version object is serialized """
+    id = fields.UUID()
+    created = DateTimeWithZ(attribute="project.created")
+    creator = fields.Int(attribute="project.creator_id")
+    uploads = fields.Function(lambda obj: obj.project.uploads.all())
+    name = fields.Function(lambda obj: obj.project.name)
+    namespace = fields.Function(lambda obj: obj.project.namespace)
+    access = fields.Method("_access")
+    permissions = fields.Method("_permissions")
+    disk_usage = fields.Method("_disk_usage")
+    files = fields.Nested(FileInfoSchema(), many=True)
+    tags = fields.Method("_tags")
+    updated = DateTimeWithZ(attribute="created")
+    version = fields.Function(lambda obj: obj.name)
+
+    def _access(self, obj):
+        return ProjectAccessSchema().dump(obj.project.access)
+
+    def _permissions(self, obj):
+        return project_user_permissions(obj.project)
+
+    def _disk_usage(self, obj):
+        return sum(f["size"] for f in obj.files)
+
+    def _tags(self, obj):
+        return resolve_tags(obj.files)
+
+
+class ProjectAccessRequestSchema(ma.ModelSchema):
+    user = fields.Nested(UserSchema(), exclude=['profile', 'is_admin', 'email', 'id', 'is_admin', 'verified_email'])
+    project_name = fields.Function(lambda obj: obj.project.name)
+    namespace = fields.Str()
+    expire = DateTimeWithZ()
+
+    class Meta:
+        model = AccessRequest
+
+
+class ProjectSchema(ma.ModelSchema):
+    id = fields.UUID()
+    files = fields.Nested(FileInfoSchema(), many=True)
+    access = fields.Nested(ProjectAccessSchema())
+    access_requests = fields.Nested(ProjectAccessRequestSchema(), many=True, exclude=['project'])
+    permissions = fields.Function(project_user_permissions)
+    version = fields.String(attribute='latest_version')
+    namespace = fields.Str()
+    created = DateTimeWithZ()
+
+    class Meta:
+        model = Project
+        exclude = ['versions', 'transfers', 'latest_version', 'storage_params']
+
+
+class ProjectListSchema(ma.ModelSchema):
+    id = fields.UUID()
+    name = fields.Str()
+    namespace = fields.Str()
+    access = fields.Nested(ProjectAccessSchema())
+    permissions = fields.Function(project_user_permissions)
+    version = fields.String(attribute='latest_version')
+    updated = fields.Method("get_updated")
+    created = DateTimeWithZ()
+    creator = fields.Integer(attribute='creator_id')
+    disk_usage = fields.Integer()
+    tags = fields.List(fields.Str())
+    has_conflict = fields.Method("get_has_conflict")
+
+
+    def get_updated(self, obj):
+        return obj.updated if obj.updated else obj.created
+
+
+    def get_has_conflict(self, obj):
+        # check if there is any conflict file in project
+        files = obj.files
+        for file in [f for f in files if '_conflict' in f.get('path')]:
+            if len([f for f in files if f.get('path') == re.sub(r"(\.gpkg)(.*conflict.*)", r"\1", file.get('path'))]):
+                return True
+        return False
+
+
+class ProjectVersionSchema(ma.ModelSchema):
+    project_name = fields.Function(lambda obj: obj.project.name)
+    namespace = fields.Function(lambda obj: obj.project.namespace)
+    author = fields.String()
+    project = fields.Nested(ProjectSchema())
+    changesets = fields.Method("get_diff_summary")
+    files = fields.String()
+    created = DateTimeWithZ()
+
+    def get_diff_summary(self, obj):
+        return obj.diff_summary()
+
+    class Meta:
+        model = ProjectVersion
+        exclude = ['id', 'ip_address', 'ip_geolocation_country']
+
+
+class NamespaceSchema(ma.ModelSchema):
+    type = fields.Method("namespace_type")
+
+    class Meta:
+        model = Namespace
+        fields = ('name', 'type')
+
+    def namespace_type(self, obj):
+        return obj.account.type
+
+
+class ProjectTransferSchema(ma.ModelSchema):
+    requested_by = fields.Method("requested_by_username")
+    project = fields.Nested(ProjectSchema())
+    project_name = fields.Function(lambda obj: obj.project.name)
+
+    class Meta:
+        model = ProjectTransfer
+        fields = ('id', 'project_name', 'from_ns_name', 'to_ns_name', 'requested_by', 'requested_at', 'project', 'expire')
+
+    def requested_by_username(self, obj):
+        return obj.user.username
+
+
+class AccountSchema(ma.ModelSchema):
+    name = fields.Method('get_owner_name')
+    email = fields.Method('get_owner_email')
+
+    def get_owner_name(self, obj):
+        return obj.name()
+
+    def get_owner_email(self, obj):
+        return obj.email()
+
+    class Meta:
+        model = Account
+        fields = ('id', 'type', 'owner_id', 'name', 'email', )
+
+
+class AccountExtendedSchema(ma.ModelSchema):
+    id = fields.Integer()
+    name = fields.String()
+    type = fields.String()
+    active = fields.Boolean()
+    storage = fields.Integer()
+
+
+class FullVersionSchema(ma.ModelSchema):
+    project_name = fields.Function(lambda obj: obj.project.name)
+    namespace = fields.Function(lambda obj: obj.project.namespace)
+
+    class Meta:
+        model = ProjectVersion
+        exclude = ['id']
+
+
+class ProjectSchemaForDelete(ma.ModelSchema):
+    versions = fields.Nested(FullVersionSchema(), many=True)
+    creator_id = fields.Method("_creator_id")
+
+    def _creator_id(self, obj):
+        return obj.creator_id
+
+    class Meta:
+        model = Project
+        exclude = ['transfers', 'uploads', 'access_requests', 'access']  # these fields will be lost
+
+
+class RemovedProjectSchema(ma.ModelSchema):
+    class Meta:
+        model = RemovedProject
diff --git a/server/src/organisation/__init__.py b/server/src/organisation/__init__.py
new file mode 100644
index 00000000..ea0b05b0
--- /dev/null
+++ b/server/src/organisation/__init__.py
@@ -0,0 +1,325 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+from flask import Blueprint, jsonify, request, abort, render_template, current_app
+from flask_login import current_user
+from sqlalchemy import or_, func
+
+from ..auth import auth_required
+from ..auth.models import User
+from .forms import UpdateOrganisationForm, AccessForm, CreateOrganisationForm, OwnerAccessForm, OrganisationInvitationForm
+from .models import Organisation, OrganisationInvitation
+from ..models.db_models import Namespace, Account
+from .schemas import OrganisationSchema, OrganisationInvitationSchema
+from .. import db, wm, SIG_NEW_ORGANISATION, SIG_DELETED_ORGANISATION
+
+
+def find_organisations_by_username(username):
+    user = User.query.filter_by(username=username).first_or_404()
+
+    organisations = Organisation.query.filter(
+        or_(
+            Organisation.owners.contains([user.id]),
+            Organisation.admins.contains([user.id]),
+            Organisation.writers.contains([user.id]),
+            Organisation.readers.contains([user.id])
+        )
+    ).filter_by(active=True).all()
+
+    return organisations
+
+
+def init_app(app):
+    organisation = Blueprint("organisation", __name__, template_folder='templates')
+
+    def get_org_by_name(name, only_active=True):
+        query = Organisation.query.filter_by(name=name)
+        if only_active:
+            query = query.filter_by(active=True)
+        return query.first_or_404(f"Organisation {name} not found")
+
+    @organisation.route('/', methods=['GET'])
+    @auth_required
+    def get_organisations():  # noqa: E501
+        """List mergin organisations a current user has (at least read) access to.
+
+        :rtype: List[Organisation]
+        """
+        organisations = find_organisations_by_username(current_user.username)
+        data = OrganisationSchema(many=True, context={'user': current_user}).dump(organisations)
+        return jsonify(data), 200
+
+    @organisation.route('/', methods=['POST'])
+    @auth_required
+    def create_organisation():  # noqa: E501
+        """ Create a new organisation.
+        :rtype: None
+        """
+        free_orgs = Organisation.query.join(Account, Account.owner_id == Organisation.id).join(Namespace, Namespace.account_id == Account.id)\
+            .filter(Organisation.owners.contains([current_user.id]))\
+            .filter((Namespace.storage == 0))\
+            .filter(Organisation.active)\
+            .count()
+        if free_orgs > 2:
+            abort(400, "Too many free organisations")
+
+        form = CreateOrganisationForm.from_json(request.json)
+        if not form.validate_on_submit():
+            return jsonify(form.errors), 400
+
+        name = form.name.data
+        ns = Namespace.query.filter(func.lower(Organisation.name) == func.lower(name)).first()
+        if ns:
+            abort(409, f"Namespace {name} already exist, please choose another name.")
+
+        org = Organisation(creator_id=current_user.id, **form.data)
+        db.session.add(org)
+        db.session.commit()
+        wm.emit_signal(SIG_NEW_ORGANISATION, request.path, msg=f'New organisation *{name}* has been created')
+        return jsonify({"success": True}), 201
+
+    @organisation.route('/<name>', methods=['GET'])
+    @auth_required
+    def get_organisation_by_name(name):  # noqa: E501
+        """ Return organisation by name.
+
+        :param name: name of organisation
+        :type name: str
+        :rtype: Organisation
+        """
+        org = get_org_by_name(name, only_active=not current_user.is_admin)
+        if current_user.id not in org.readers and not current_user.is_admin:
+            abort(403, "You do not have permissions to get organisation")
+        data = OrganisationSchema(context={'user': current_user}).dump(org)
+        return data, 200
+
+    @organisation.route('/<name>', methods=['PATCH'])
+    @auth_required
+    def update_organisation(name):  # noqa: E501
+        """ Update organisation.
+
+        Information fields (name, description) and owners to be updated only by organisation owners.
+
+        :param name: name of organisation
+        :type name: str
+        :rtype: Organisation
+        """
+        org = get_org_by_name(name)
+        if current_user.id not in org.owners and not current_user.is_admin:
+            abort(403, "You do not have permissions to update organisation")
+
+        form = UpdateOrganisationForm.from_json(request.json)
+        if not form.validate_on_submit():
+            return jsonify(form.errors), 400
+
+        form.populate_obj(org)
+        db.session.add(org)
+        db.session.commit()
+        data = OrganisationSchema(context={'user': current_user}).dump(org)
+        return data, 200
+
+    @organisation.route('/<name>/access', methods=['PATCH'])
+    @auth_required
+    def update_access(name):  # noqa: E501
+        """ Update access fields of organisation.
+
+        Access fields: admins, writers, readers to be amended by organisation admins.
+
+        :param name: name of organisation
+        :type name: str
+        :rtype: Organisation
+        """
+        if not request.is_json:
+            abort(400, "Payload format should be json")
+
+        org = get_org_by_name(name)
+        usernames = list(
+            set(request.json['owners']) |
+            set(request.json['admins']) |
+            set(request.json['writers']) |
+            set(request.json['readers'])
+        )
+        users = User.query.with_entities(User.username, User.id).filter(User.username.in_(usernames)).all()
+        users_map = {u.username: u.id for u in users}
+        access = {}
+        for key in ('owners', 'admins', 'writers', 'readers'):
+            access[key] = []
+            for username in request.json[key]:
+                if username not in users_map:
+                    continue
+                access[key].append(users_map[username])
+
+        if current_user.id in org.owners or current_user.is_admin:
+            form = OwnerAccessForm().from_json(access)
+        elif current_user.id in org.admins:
+            form = AccessForm().from_json(access)
+        else:
+            abort(403, "You do not have permissions to update organisation members")
+
+        if not form.validate_on_submit():
+            return jsonify(form.errors), 400
+
+        form.populate_obj(org)
+        db.session.add(org)
+        db.session.commit()
+        data = OrganisationSchema(context={"user": current_user}).dump(org)
+        return data, 200
+
+    @organisation.route('/<name>', methods=['DELETE'])
+    @auth_required
+    def delete_organisation(name):  # noqa: E501
+        """ Delete organisation.
+
+        :param name: name of organisation
+        :type name: str
+        :rtype: None
+        """
+        org = Organisation.query.filter_by(name=name).first_or_404()
+        if not current_user.is_admin and current_user.id not in org.owners:
+            abort(403, "You do not have permissions to delete organisation")
+
+        account = Account.query.filter_by(type='organisation', owner_id=org.id).first()
+        db.session.delete(account)
+        db.session.commit()
+        db.session.delete(org)  # make sure to delete namespace and all projects
+        db.session.commit()
+        wm.emit_signal(SIG_DELETED_ORGANISATION, request.path, msg=f'Organisation *{name}* has been deleted')
+        return jsonify({"success": True}), 200
+
+    @organisation.route('/invitation/create', methods=['POST'])
+    @auth_required
+    def create_invitation():  # noqa: E501
+        """ Create invitation to organisation.
+        """
+        from ..celery import send_email_async
+
+        if not request.is_json:
+            abort(400, "Payload format should be json")
+
+        form = OrganisationInvitationForm.from_json(request.json)
+        if not form.validate_on_submit():
+            return jsonify(form.errors), 400
+
+        username = form.data.get('username')
+        org_name = form.data.get('org_name')
+        invitation = OrganisationInvitation.query.filter_by(username=username, org_name=org_name).first()
+        if invitation:
+            abort(409, "Invitation already exist.")
+
+        user = User.query.filter_by(username=username).first_or_404(f"User {username} not found")
+        organisation = get_org_by_name(org_name)
+        if current_user.id not in organisation.admins and current_user.id not in organisation.owners:
+            abort(403, "You do not have permissions to create an invitation.")
+
+        invitation = OrganisationInvitation(org_name=org_name, username=username, role=form.data.get('role'))
+        db.session.add(invitation)
+        db.session.commit()
+        body = render_template(
+            'email/organisation_invitation.html',
+            subject='Organisation invitation',
+            username=username,
+            invitation=invitation,
+            link=f"{request.url_root.rstrip('/')}/users/{username}/organisations"
+        )
+        email_data = {
+            'subject': 'Organisation invitation',
+            'html': body,
+            'recipients': [user.email],
+            'sender': current_app.config['MAIL_DEFAULT_SENDER']
+        }
+        send_email_async.delay(**email_data)
+        return jsonify(OrganisationInvitationSchema().dump(invitation)), 201
+
+    @organisation.route('/invitations/<type>/<name>', methods=['GET'])
+    @auth_required
+    def get_invitations(type, name):  # noqa: E501
+        """ Get invitations of user.
+        :param name: username or organisation name
+        :type name: str
+        :param type: type of subject user or org
+        :type type: enumerate
+        """
+        data = None
+        if type == "user":
+            if current_user.username != name and not current_user.is_admin:
+                abort(403, "You do not have permissions to list invitations")
+            data = OrganisationInvitationSchema(many=True).dump(OrganisationInvitation.query.filter_by(username=name).all())
+            if not data:
+                User.query.filter_by(username=name).first_or_404(f"User {name} not found")
+        elif type == "org":
+            organisation = get_org_by_name(name)
+            if (current_user.id not in organisation.admins and current_user.id not in organisation.owners) and not current_user.is_admin:
+                abort(403, "You do not have permissions to list invitations.")
+            data = OrganisationInvitationSchema(many=True).dump(OrganisationInvitation.query.filter_by(org_name=name))
+        else:
+            abort(400, "Invalid account type")
+
+        return jsonify(data), 200
+
+    @organisation.route('/invitation/<id>', methods=['GET'])
+    @auth_required
+    def get_invitation(id):  # noqa: E501
+        """ Get invitation detail.
+        :param id: invitation id
+        :type id: int
+        """
+        invitation = OrganisationInvitation.query.filter_by(id=id).first_or_404(f"Invitation {id} not found")
+        if invitation.username != current_user.username and \
+                current_user.id not in invitation.organisation.owners and \
+                current_user.id not in invitation.organisation.admins:
+            abort(403, "You do not have permissions to access invitation")
+
+        data = OrganisationInvitationSchema().dump(invitation)
+        return jsonify(data), 200
+
+    @organisation.route('/invitation/confirm/<int:id>', methods=['POST'])
+    @auth_required
+    def accept_invitation(id):  # noqa: E501
+        """ Accept invitation.
+        :param id: invitation id
+        :type id: int
+        """
+        invitation = OrganisationInvitation.query.get_or_404(id, "Invitation does not exist")
+        if invitation.username != current_user.username:
+            abort(403, "You do not have permissions to accept invitation")
+        if invitation.is_expired():
+            abort(400, "This invitation is already expired.")
+
+        invitation.accept()
+        org = OrganisationSchema(context={"user": current_user}).dump(invitation.organisation)
+        return jsonify(org), 200
+
+    @organisation.route('/invitation/<int:id>', methods=['DELETE'])
+    @auth_required
+    def delete_invitation(id):  # noqa: E501
+        """ Delete/reject organisation invitation.
+        :param id: invitation id
+        :type id: int
+        """
+        from ..celery import send_email_async
+
+        invitation = OrganisationInvitation.query.get_or_404(id, "Invitation does not exist")
+        if invitation.username != current_user.username and \
+                current_user.id not in invitation.organisation.owners + invitation.organisation.admins:
+            abort(403, "You do not have permissions to delete invitation")
+
+        db.session.delete(invitation)
+        db.session.commit()
+        user = User.query.filter(User.username == invitation.username).first()
+
+        body = render_template(
+            'email/organisation_invitation_revoke.html',
+            subject='Organisation invitation revoked',
+            username=invitation.username,
+            org_name=invitation.org_name
+        )
+        email_data = {
+            'subject': 'Your organisation invitation has been revoked',
+            'html': body,
+            'recipients': [user.email],
+            'sender': current_app.config['MAIL_DEFAULT_SENDER']
+        }
+        send_email_async.delay(**email_data)
+        return '', 200
+
+    app.register_blueprint(organisation, url_prefix='/orgs')
diff --git a/server/src/organisation/forms.py b/server/src/organisation/forms.py
new file mode 100644
index 00000000..4eff9930
--- /dev/null
+++ b/server/src/organisation/forms.py
@@ -0,0 +1,39 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+from flask_wtf import FlaskForm
+from wtforms import StringField, validators, IntegerField, SelectField, BooleanField
+from wtforms.validators import Optional, DataRequired
+from ..forms import namespace_validation
+from ..forms import IntegerListField
+
+
+class CreateOrganisationForm(FlaskForm):
+    """ This form is for create/update organisation """
+    name = StringField('Name', [validators.Length(min=4, max=25), namespace_validation])
+    description = StringField('Description', [validators.Length(max=256), Optional()])
+
+
+class AccessForm(FlaskForm):
+    """ Form to update access to organisation up to admin level. """
+    admins = IntegerListField("Admins", [DataRequired()])
+    writers = IntegerListField("Writers", [DataRequired()])
+    readers = IntegerListField("Readers", [DataRequired()])
+
+
+class OwnerAccessForm(AccessForm):
+    owners = IntegerListField("Owners", [DataRequired()])
+
+
+class UpdateOrganisationForm(FlaskForm):
+    """ Form to update of organisation by owner """
+    description = StringField('Description', [validators.Length(max=256), Optional()])
+
+
+class OrganisationInvitationForm(FlaskForm):
+    """ Form to create/update organisation invitation. """
+    org_name = StringField('Organisation name', validators=[DataRequired()])
+    username = StringField('Username', validators=[DataRequired()])
+    role = SelectField('role', choices=[
+        ('reader', 'reader'), ('writer', 'writer'), ('admin', 'admin'), ('owner', 'owner')])
+
diff --git a/server/src/organisation/models.py b/server/src/organisation/models.py
new file mode 100644
index 00000000..2ef2b27e
--- /dev/null
+++ b/server/src/organisation/models.py
@@ -0,0 +1,112 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+from datetime import datetime, timedelta
+
+from sqlalchemy import or_
+from sqlalchemy.dialects.postgresql import ARRAY, BIGINT, ENUM
+from .. import db, current_app
+
+
+class Organisation(db.Model):
+    """ Organization db class.
+
+    Organisation is one-to-one with Mergin namespace (which is unique).
+
+    Organization supports tiers, with default 'free' which means organisation is not ready to use.
+
+    Organization access is managed by access list control:
+    Owners: users who are allowed remove organisation or change billing
+    Admins: users who can administer users for organisation (except owners)
+    Writers: writers have read-write access to organisation namespace
+    Readers: reader have read-only access to organisation namespace
+
+    """
+    id = db.Column(db.Integer, primary_key=True, autoincrement=True)
+    # modified only by owners
+    name = db.Column(db.String, nullable=False, index=True)
+    description = db.Column(db.String, nullable=True)
+    owners = db.Column(ARRAY(db.Integer), server_default="{}")
+    # access modified also by admins
+    admins = db.Column(ARRAY(db.Integer), server_default="{}")
+    writers = db.Column(ARRAY(db.Integer), server_default="{}")
+    readers = db.Column(ARRAY(db.Integer), server_default="{}")
+    registration_date = db.Column(db.DateTime(), nullable=True, default=datetime.utcnow)
+    active = db.Column(db.Boolean, default=True)
+    inactive_since = db.Column(db.DateTime(), nullable=True, index=True)
+
+    __table_args__ = (db.UniqueConstraint('name'),
+                      db.Index('ix_org_owners', owners, postgresql_using="gin"),
+                      db.Index('ix_org_readers', readers, postgresql_using="gin"),
+                      db.Index('ix_org_writers', writers, postgresql_using="gin"),
+                      db.Index('ix_org_admins', admins, postgresql_using="gin"),)
+
+    def __init__(self, creator_id, name, **kwargs):
+        self.name = name
+        self.owners = [creator_id]
+        self.admins = [creator_id]
+        self.writers = [creator_id]
+        self.readers = [creator_id]
+        self.description = kwargs.get('description', None)
+        self.active = True
+
+    @staticmethod
+    def find_by_member_id(user_id):
+        return Organisation.query.filter(
+            or_(
+                Organisation.owners.contains([user_id]),
+                Organisation.admins.contains([user_id]),
+                Organisation.writers.contains([user_id]),
+                Organisation.readers.contains([user_id])
+            )
+        ).filter_by(active=True).all()
+
+    def get_member_role(self, user_id):
+        for role in ('owners', 'admins', 'writers', 'readers'):
+            if user_id not in getattr(self, role):
+                continue
+            return role.rstrip('s')
+
+
+class OrganisationInvitation(db.Model):
+    """ Organization Invitations db class.
+
+    Adding new users to Organization is invitation based with required confirmation.
+    """
+    id = db.Column(db.Integer, primary_key=True)
+    org_name = db.Column(db.String, db.ForeignKey("organisation.name", ondelete="CASCADE"))
+    username = db.Column(db.String, db.ForeignKey("user.username", ondelete="CASCADE"))
+    role = db.Column(ENUM('reader', 'writer', 'admin', 'owner', name='role'), nullable=False)
+    expire = db.Column(db.DateTime)
+
+    organisation = db.relationship(
+        "Organisation",
+        uselist=False,
+        backref=db.backref("invitations", single_parent=True, uselist=False, cascade="all,delete")
+    )
+
+    user = db.relationship("User", uselist=False)
+
+    def __init__(self, org_name, username, role):
+        self.org_name = org_name
+        self.username = username
+        self.role = role
+        self.expire = datetime.utcnow() + timedelta(seconds=current_app.config['ORGANISATION_INVITATION_EXPIRATION'])
+
+    def accept(self):
+        """ The invitation accepted
+        """
+        attribute = self.role + 's'
+        roles = getattr(self.organisation, attribute)
+        roles.append(self.user.id)
+        db.session.refresh(self.organisation)
+        setattr(self.organisation, attribute, roles)
+        db.session.add(self.organisation)
+        db.session.delete(self)
+        db.session.commit()
+
+    def is_expired(self):
+        """ Check if invitation is expired
+        :rtype: bool
+        """
+        return datetime.utcnow() > self.expire
diff --git a/server/src/organisation/permission.py b/server/src/organisation/permission.py
new file mode 100644
index 00000000..fa4821f2
--- /dev/null
+++ b/server/src/organisation/permission.py
@@ -0,0 +1,42 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+from flask_login import current_user
+from ..organisation import Organisation
+
+
+class OrganisationPermissions:
+    """ Get or check organisation by permission """
+
+    @staticmethod
+    def _query(user, field):
+        """ return query of organisation """
+        if user.is_authenticated and user.is_admin:
+            return Organisation.query
+        if not user.is_authenticated:
+            return Organisation.query.filter(False)
+        return Organisation.query.filter(field.any(user.id))
+
+    class Owner:
+        @staticmethod
+        def query(user):
+            return OrganisationPermissions._query(user, Organisation.owners)
+
+    class Admin:
+        @staticmethod
+        def query(user):
+            return OrganisationPermissions._query(user, Organisation.admins)
+
+    class Writer:
+        @staticmethod
+        def query(user):
+            return OrganisationPermissions._query(user, Organisation.writers)
+
+    class Reader:
+        @staticmethod
+        def query(user):
+            return OrganisationPermissions._query(user, Organisation.readers)
+
+
+def organisations_query(permission):
+    return permission.query(current_user)
diff --git a/server/src/organisation/schemas.py b/server/src/organisation/schemas.py
new file mode 100644
index 00000000..2d115eb7
--- /dev/null
+++ b/server/src/organisation/schemas.py
@@ -0,0 +1,80 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+from marshmallow import fields
+from .. import ma
+from ..models.db_models import Project, Namespace
+from ..auth.models import User
+from .models import Organisation, OrganisationInvitation
+
+
+class OrganisationSchema(ma.ModelSchema):
+    name = fields.Str()
+    disk_usage = fields.Method("get_disk_usage")
+    project_count = fields.Method("get_project_count")
+    owners = fields.Method("get_owners")
+    admins = fields.Method("get_admins")
+    writers = fields.Method("get_writers")
+    readers = fields.Method("get_readers")
+    storage = fields.Method("get_storage")
+    role = fields.Method("get_role", dump_only=True)
+    account = fields.Method("get_account", dump_only=True)
+
+    def get_owners(self, obj):
+        return self.get_access_usernames(obj, 'owners')
+
+    def get_admins(self, obj):
+        return self.get_access_usernames(obj, 'admins')
+
+    def get_writers(self, obj):
+        return self.get_access_usernames(obj, 'writers')
+
+    def get_readers(self, obj):
+        return self.get_access_usernames(obj, 'readers')
+
+    def get_access_usernames(self, obj, role):
+        users = User.query.filter(User.id.in_(getattr(obj, role))).all()
+        return [u.username for u in users]
+
+    def get_disk_usage(self, obj):
+        return sum([p.disk_usage for p in Project.query.filter_by(namespace=obj.name)])
+
+    def get_project_count(self, obj):
+        return Project.query.filter_by(namespace=obj.name).count()
+
+    def get_storage(self, obj):
+        ns = Namespace.query.filter_by(name=obj.name).first()
+        return ns.storage
+
+    def get_role(self, obj):
+        if self.context and 'user' in self.context:
+            return obj.get_member_role(self.context['user'].id)
+        else:
+            return "unknown"
+
+    def _is_owner(self, obj):
+        return self.context and 'user' in self.context and obj.get_member_role(self.context['user'].id) == "owner"
+
+    def _is_mergin_admin(self, obj):
+        return self.context and 'user' in self.context and self.context['user'].is_admin
+
+    def get_account(self, obj):
+        from ..models.db_models import Account
+        from ..models.schemas import AccountSchema
+        account = Account.query.filter_by(type='organisation', owner_id=obj.id).first()
+        if self._is_owner(obj) or self._is_mergin_admin(obj):
+            return AccountSchema().dump(account)
+        else:
+            return AccountSchema(only=('email',)).dump(account)  # do not send private information
+
+    class Meta:
+        model = Organisation
+        exclude = ('invitations', )
+
+
+class OrganisationInvitationSchema(ma.ModelSchema):
+    org_name = fields.Str()
+    username = fields.Str()
+
+    class Meta:
+        model = OrganisationInvitation
diff --git a/server/src/permissions.py b/server/src/permissions.py
new file mode 100644
index 00000000..be2cf065
--- /dev/null
+++ b/server/src/permissions.py
@@ -0,0 +1,146 @@
+# Copyright (C) 2019 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+import os
+from flask import abort
+from flask_login import current_user
+from sqlalchemy import or_
+
+from .auth.models import User
+from .organisation import Organisation
+from .organisation.permission import organisations_query, OrganisationPermissions
+from .models.db_models import ProjectAccess, Project, Upload, Namespace
+
+
+class ProjectPermissions:
+    class Read:
+        @staticmethod
+        def check(project, user):
+            pa = project.access
+            return pa.public or (user.is_authenticated and (user.is_admin or user.id in pa.readers)) or (check_namespace_permissions(project.namespace, user, "read"))
+
+        @staticmethod
+        def query(user, as_admin=True, public=True):
+            if user.is_authenticated and user.is_admin and as_admin:
+                return Project.query
+            query = Project.access.has(public=public)
+            if user.is_authenticated:
+                orgs = Organisation.query.with_entities(Organisation.name).filter(
+                    or_(Organisation.admins.contains([user.id]), Organisation.readers.contains([user.id]),
+                        Organisation.writers.contains([user.id]), Organisation.owners.contains([user.id])))
+                if public:
+                    query = query | Project.access.has(ProjectAccess.readers.contains([user.id]) | Project.namespace.in_(orgs))
+                else:
+                    query = Project.access.has(ProjectAccess.readers.contains([user.id]) | Project.namespace.in_(orgs))
+            return Project.query.filter(query)
+
+    class Upload:
+        @staticmethod
+        def check(project, user):
+            return user.is_authenticated and (user.id in project.access.writers or check_namespace_permissions(project.namespace, user, "write"))
+
+    class Update:
+        @staticmethod
+        def check(project, user):
+            return user.is_authenticated and (user.is_admin or user.id in project.access.owners or user.username in project.access.owners or check_namespace_permissions(project.namespace, user, "write"))
+
+    class Delete:
+        @staticmethod
+        def check(project, user):
+            return user.is_authenticated and (user.is_admin or user.id in project.access.owners or check_namespace_permissions(project.namespace, user, "write"))
+
+    class All:
+        @staticmethod
+        def check(project, user):
+            return user.is_authenticated and (user.is_admin or user.id in project.access.owners or check_namespace_permissions(project.namespace, user, "admin"))
+
+
+def require_project(ns, project_name, permission):
+    project = Project.query.filter_by(name=project_name, namespace=ns).first_or_404()
+    if not permission.check(project, current_user):
+        abort(403, "You do not have permissions for this project")
+    return project
+
+
+def get_upload(transaction_id):
+    upload = Upload.query.get_or_404(transaction_id)
+    if upload.user_id != current_user.id:
+        abort(403, "You do not have permissions for ongoing upload")
+
+    upload_dir = os.path.join(upload.project.storage.project_dir, "tmp", transaction_id)
+    return upload, upload_dir
+
+
+def projects_query(permission, as_admin=True, public=True):
+    return permission.query(current_user, as_admin, public)
+
+
+def check_namespace_permissions(ns, user, permissions):
+    """ check if user has permission to namespace granted from organisation or by itself
+
+    :param ns: namespace
+    :type ns: str
+
+    :param user: user
+    :type user: User
+
+    :param permissions: permissions to access to namespace
+    :type permissions: str
+
+    :return: true if user has same username with namespace, otherwise check for organisation
+    :rtype: bool
+    """
+    if user.is_anonymous:
+        return False
+    if user.username == ns:
+        return True
+    organisation = Organisation.query.filter_by(name=ns).first()
+    if not organisation:
+        return False
+    if permissions == "read":
+        return user.id in organisation.readers
+    elif permissions == "write":
+        return user.id in organisation.writers
+    elif permissions == "admin":
+        return user.id in organisation.admins
+    else:
+        return False
+
+
+def namespaces_query(permission):
+    return permission.query(current_user)
+
+
+class NamespacePermissions:
+    """ Get or check namespace by permission """
+
+    @staticmethod
+    def _query(user, permission):
+        """ return query of organisation """
+        if current_user.is_authenticated and current_user.is_admin:
+            return Namespace.query
+        if not current_user.is_authenticated:
+            return Namespace.query.filter(False)
+        namespaces = [org.name for org in organisations_query(permission)]
+        namespaces.append(user.username)
+        return Namespace.query.filter(Namespace.name.in_(namespaces)).all()
+
+    class Owner:
+        @staticmethod
+        def query(user):
+            return NamespacePermissions._query(user, OrganisationPermissions.Owner)
+
+    class Admin:
+        @staticmethod
+        def query(user):
+            return NamespacePermissions._query(user, OrganisationPermissions.Admin)
+
+    class Writer:
+        @staticmethod
+        def query(user):
+            return NamespacePermissions._query(user, OrganisationPermissions.Writer)
+
+    class Reader:
+        @staticmethod
+        def query(user):
+            return NamespacePermissions._query(user, OrganisationPermissions.Reader)
\ No newline at end of file
diff --git a/server/src/run_celery.py b/server/src/run_celery.py
new file mode 100644
index 00000000..35ab2ffe
--- /dev/null
+++ b/server/src/run_celery.py
@@ -0,0 +1,20 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+from . import create_app
+from .celery import celery
+
+app = create_app()
+celery.conf.update(app.config)
+
+
+# configure celery with flask context https://flask.palletsprojects.com/en/1.1.x/patterns/celery/
+# e.g. for using flask-mail
+class ContextTask(celery.Task):
+    """ Attach flask app context to celery task """
+    def __call__(self, *args, **kwargs):
+        with app.app_context():
+            return self.run(*args, **kwargs)
+
+
+celery.Task = ContextTask
diff --git a/server/src/storages/__init__.py b/server/src/storages/__init__.py
new file mode 100644
index 00000000..c18440bb
--- /dev/null
+++ b/server/src/storages/__init__.py
@@ -0,0 +1,5 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+from .disk import DiskStorage
+from .storage import InvalidProject, FileNotFound
diff --git a/server/src/storages/disk.py b/server/src/storages/disk.py
new file mode 100644
index 00000000..ad45d2d4
--- /dev/null
+++ b/server/src/storages/disk.py
@@ -0,0 +1,357 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+import os
+import io
+import time
+import uuid
+import logging
+from datetime import datetime
+from flask import current_app
+from pygeodiff import GeoDiff, GeoDiffLibError
+from pygeodiff.geodifflib import GeoDiffLibConflictError
+from gevent import sleep
+from .storage import ProjectStorage, FileNotFound, DataSyncError, InitializationError
+from ..mergin_utils import resolve_tags, generate_checksum, int_version, is_versioned_file
+from ..util import mergin_secure_filename
+
+
+def save_to_file(stream, path, max_size=None):
+    """ Save readable object in file while yielding to gevent hub.
+
+    :param stream: object implementing readable interface
+    :param path: destination file path
+    :param max_size: limit for file size
+    """
+    directory = os.path.abspath(os.path.dirname(path))
+    os.makedirs(directory, exist_ok=True)
+    with open(path, 'wb') as output:
+        writer = io.BufferedWriter(output, buffer_size=32768)
+        size = 0
+        while True:
+            part = stream.read(4096)
+            sleep(0)  # to unblock greenlet
+            if part:
+                size += len(part)
+                if max_size and size > max_size:
+                    raise IOError()
+                writer.write(part)
+            else:
+                writer.flush()
+                break
+
+
+def copy_file(src, dest):
+    """ Custom implementation of copying file by chunk with yielding to gevent hub.
+
+    see save_to_file
+
+    :params src: abs path to file
+    :type src: str, path-like object
+    :params dest: abs path to destination file
+    :type dest: str, path-like object
+    """
+    if not os.path.isfile(src):
+        raise FileNotFoundError(src)
+    directory = os.path.abspath(os.path.dirname(dest))
+    os.makedirs(directory, exist_ok=True)
+    with open(src, 'rb') as input:
+        save_to_file(input, dest)
+
+
+def copy_dir(src, dest):
+    """ Custom implementation of recursive copy of directory with yielding to gevent hub.
+
+    :params src: abs path to dir
+    :type src: str, path-like object
+    :params dest: destination folder
+    :type dest: str, path-like object
+    """
+    if not os.path.isdir(src):
+        raise NotADirectoryError(src)
+    for root, dirs, files in os.walk(src):
+        for file in files:
+            abs_path = os.path.abspath(os.path.join(root, file))
+            rel_path = os.path.relpath(abs_path, start=src)
+            copy_file(abs_path, os.path.join(dest, rel_path))
+
+
+def move_to_tmp(src, dest=None):
+    """ Custom handling of file/directory removal by moving it to regularly cleaned tmp folder.
+    This is mainly to avoid using standard tools which could cause blocking gevent hub for large files.
+
+    :params src: abs path to file/directory
+    :type src: str, path-like object
+    :params dest: subdir in temp folder (e.g. transaction_id), defaults to None
+    :type dest: str, path-like object
+    :returns: path where file is moved to
+    :rtype: str, path-like object
+    """
+    if not os.path.exists(src):
+        return
+    dest = dest if dest else str(uuid.uuid4())
+    rel_path = os.path.relpath(src, start=current_app.config['LOCAL_PROJECTS']) # take relative path from parent of all project files
+    temp_path = os.path.join(current_app.config['TEMP_DIR'], dest, rel_path)
+    os.renames(src, temp_path)
+    return temp_path
+
+
+class DiskStorage(ProjectStorage):
+
+    def __init__(self, project):
+        super(DiskStorage, self).__init__(project)
+        self.projects_dir = current_app.config['LOCAL_PROJECTS']
+        self.project_dir = self._project_dir()
+        self.geodiff = GeoDiff()
+
+    def _project_dir(self):
+        project_dir = os.path.abspath(
+            os.path.join(self.projects_dir, self.project.storage_params["location"])
+        )
+        return project_dir
+
+    def initialize(self, template_project=None):
+        if os.path.exists(self.project_dir):
+            raise InitializationError("Project directory already exists: {}".format(self.project_dir))
+
+        os.makedirs(self.project_dir)
+
+        if template_project:
+            from ..models.db_models import Namespace
+            ns = Namespace.query.filter_by(name=self.project.namespace).first()
+            if ns.disk_usage() + template_project.disk_usage > ns.storage:
+                self.delete()
+                raise InitializationError("Disk quota reached")
+            forked_files = []
+
+            for file in template_project.files:
+                forked_file = dict(file)
+                forked_file['location'] = os.path.join('v1/', file['path'])
+                forked_file['mtime'] = datetime.utcnow()
+                forked_files.append(forked_file)
+
+                src = os.path.join(template_project.storage.project_dir, file['location'])
+                dest = os.path.join(self.project_dir, forked_file['location'])
+                try:
+                    copy_file(src, dest)
+                except (FileNotFoundError, IOError):
+                    self.delete()
+                    raise InitializationError("IOError: failed to copy '{}' to '{}'", src, dest)
+                except Exception as e:
+                    self.delete()
+                    raise InitializationError(str(e))
+
+            self.project.files = forked_files
+            self.project.tags = template_project.tags
+            self.project.disk_usage = sum([f['size'] for f in self.project.files])
+
+    def file_size(self, file):
+        file_path = os.path.join(self.project_dir, file)
+        if not os.path.exists(file_path):
+            raise FileNotFound("File {} not found.".format(file))
+        return os.path.getsize(file_path)
+
+    def file_path(self, file):
+        path = os.path.join(self.project_dir, file)
+        if not os.path.exists(path):
+            raise FileNotFound("File {} not found.".format(file))
+        return path
+
+    def read_file(self, path, block_size=4096):
+        file_path = os.path.join(self.project_dir, path)
+
+        # do input validation outside generator to execute immediately
+        if not os.path.exists(file_path):
+            raise FileNotFound("File {} not found.".format(path))
+
+        def _generator():
+            with open(file_path, 'rb') as f:
+                while True:
+                    data = f.read(block_size)
+                    sleep(0)
+                    if data:
+                        yield data
+                    else:
+                        break
+
+        return _generator()
+
+    def apply_changes(self, changes, version, transaction_id):
+        sync_errors = {}
+        modified_files = []
+
+        to_remove = [i['path'] for i in changes['removed']]
+        files = list(filter(lambda i: i['path'] not in to_remove, self.project.files))
+        for item in changes['renamed']:
+            renamed = next((i for i in files if i['path'] == item['path']), None)
+            if renamed:
+                renamed['path'] = item['new_path']
+            else:
+                sync_errors[item['new_path']] = "renaming error"
+                continue
+
+        for f in changes['updated']:
+            sleep(0)  # yield to gevent hub since geodiff action can take some time to prevent worker timeout
+            old_item = next((i for i in files if i["path"] == f["path"]), None)
+            if not old_item:
+                sync_errors[f['path']] = "file does not found on server "
+                continue
+            if 'diff' in f:
+                basefile = os.path.join(self.project_dir, old_item["location"])
+                changeset = os.path.join(self.project_dir, version, f['diff']['path'])
+                patchedfile = os.path.join(self.project_dir, version, f['path'])
+                modified_files.append(changeset)
+                modified_files.append(patchedfile)
+                # create copy of basefile which will be updated in next version
+                # TODO this can potentially fail for large files
+                logging.info(f"Apply changes: copying {basefile} to {patchedfile}")
+                start = time.time()
+                copy_file(basefile, patchedfile)
+                logging.info(f"Copying finished in {time.time()-start} s")
+                try:
+                    logging.info(f"Geodiff: apply changeset {changeset} of size {os.path.getsize(changeset)} to {patchedfile}")
+                    start = time.time()
+                    self.geodiff.apply_changeset(patchedfile, changeset)
+                    logging.info(f"Changeset applied in {time.time() - start} s")
+                except (GeoDiffLibError, GeoDiffLibConflictError) as err:
+                    sync_errors[f["path"]] = f"project: {self.project.namespace}/{self.project.name}, geodiff error {str(err)}"
+                    continue
+
+                f["diff"]["location"] = os.path.join(
+                    version, f['diff']['sanitized_path'] if 'sanitized_path' in f['diff'] else mergin_secure_filename(f['diff']['path']))
+
+                # we can now replace old basefile metadata with the new one (patchedfile)
+                # TODO this can potentially fail for large files
+                logging.info(f"Apply changes: calculating checksum of {patchedfile}")
+                start = time.time()
+                f['checksum'] = generate_checksum(patchedfile)
+                logging.info(f"Checksum calculated in {time.time() - start} s")
+                f['size'] = os.path.getsize(patchedfile)
+            else:
+                old_item.pop("diff", None)
+
+            if 'chunks' in f:
+                f.pop("chunks")
+            f['location'] = os.path.join(
+                version,
+                f['sanitized_path'] if 'sanitized_path' in f else mergin_secure_filename(f['path']))
+            if not sync_errors:
+                old_item.update(f)
+
+        if sync_errors:
+            for file in modified_files:
+                move_to_tmp(file, transaction_id)
+            msg = ""
+            for key, value in sync_errors.items():
+                msg += key + " error=" + value + "\n"
+            raise DataSyncError(msg)
+
+        for item in changes['added']:
+            files.append({
+                'path': item['path'],
+                'size': item['size'],
+                'checksum': item['checksum'],
+                'mtime': item['mtime'],
+                'location': os.path.join(
+                    version,
+                    item['sanitized_path'] if 'sanitized_path' in item else mergin_secure_filename(item['path']))
+            })
+
+        self.project.files = files
+        self.project.tags = resolve_tags(files)
+
+    def delete(self):
+        move_to_tmp(self.project_dir)
+
+    def optimize_storage(self):
+        """ Optimize disk storage for project.
+
+        Clean up for recently updated versioned files. Removes expired file versions.
+        It applies only on files that can be recreated when needed.
+        """
+        files = [f for f in self.project.files if 'diff' in f.keys()]
+        last_version = sorted(self.project.versions, key=lambda ver: int_version(ver.name))[-1]
+        for f in files:
+            f_history = self.project.file_history(f['path'], 'v1', last_version.name)
+            if not f_history:
+                continue
+            for item in f_history.values():
+                if 'diff' in item:
+                    if item['location'] == f['location']:
+                        continue  # skip latest file version
+                    abs_path = os.path.join(self.project_dir, item['location'])
+                    if not os.path.exists(abs_path):
+                        continue  # already removed
+                    age = time.time() - os.path.getmtime(abs_path)
+                    if age > current_app.config['FILE_EXPIRATION']:
+                        move_to_tmp(abs_path)
+
+    def restore_versioned_file(self, file, version):
+        """
+        For removed versioned files tries to restore full file in particular project version
+        using file diffs history (latest basefile and sequence of diffs).
+
+        :param file: path of file in project to recover
+        :type file: str
+        :param version: project version (e.g. v2)
+        :type version: str
+        """
+        if not is_versioned_file(file):
+            return
+
+        # if project version is not found, return it
+        project_version = next((v for v in self.project.versions if v.name == version), None)
+        if not project_version:
+            return
+
+        # check actual file from the version files
+        file_found = next((i for i in project_version.files if i['path'] == file), None)
+
+        # check the location that we found on the file
+        if not file_found or os.path.exists(os.path.join(self.project_dir, file_found['location'])):
+            return
+
+        basefile_meta = {}
+        diffs = []
+        f_history = self.project.file_history(file, 'v1', version)
+        if not f_history:
+            return
+        # history starts from the latest change, we stop when reaching basefile
+        for item in f_history.values():
+            if item['change'] in ['added', 'updated']:
+                if 'diff' in item:
+                    diffs.append(item['diff'])
+                else:
+                    basefile_meta = item
+                    break
+            else:
+                continue
+
+        if not (basefile_meta and diffs):
+            return
+
+        basefile = os.path.join(self.project_dir, basefile_meta['location'])
+        tmp_dir = os.path.join(current_app.config['TEMP_DIR'], str(uuid.uuid4()))
+        os.mkdir(tmp_dir)
+        restored_file = os.path.join(tmp_dir, os.path.basename(basefile))  # this is final restored file
+        logging.info(f"Restore file: copying {basefile} to {restored_file}")
+        start = time.time()
+        copy_file(basefile, restored_file)
+        logging.info(f"File copied in {time.time() - start} s")
+        logging.info(f"Restoring gpkg file with {len(diffs)} diffs")
+        for diff in reversed(diffs):
+            sleep(0)  # yield to gevent hub since geodiff action can take some time, and in case of a lot of diffs it could time out
+            changeset = os.path.join(self.project_dir, diff['location'])
+            try:
+                logging.info(f"Geodiff: apply changeset {changeset} of size {os.path.getsize(changeset)}")
+                start = time.time()
+                self.geodiff.apply_changeset(restored_file, changeset)
+                logging.info(f"Changeset applied in {time.time() - start} s")
+            except (GeoDiffLibError, GeoDiffLibConflictError) as e:
+                logging.exception(f"Failed to restore file: {str(e)} from project {self.project.namespace}/{self.project.name}")
+                return
+        # move final restored file to place where it is expected (only after it is successfully created)
+        logging.info(f"Copying restored file to expected location {file_found['location']}")
+        start = time.time()
+        copy_file(restored_file, os.path.join(self.project_dir, file_found['location']))
+        logging.info(f"File copied in {time.time() - start} s")
diff --git a/server/src/storages/storage.py b/server/src/storages/storage.py
new file mode 100644
index 00000000..3dd9b5c2
--- /dev/null
+++ b/server/src/storages/storage.py
@@ -0,0 +1,108 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+from urllib.parse import quote
+
+from flask import Response
+from requests_toolbelt import MultipartEncoder
+from gevent import sleep
+import zipfly
+
+
+class InvalidProject(Exception):
+    pass
+
+
+class FileNotFound(Exception):
+    pass
+
+
+class DataSyncError(Exception):
+    pass
+
+
+class InitializationError(Exception):
+    pass
+
+
+class StorageFile(object):
+    def __init__(self, storage, file):
+        self.storage = storage
+        self.file = file
+        self.fp = 0
+        self._stream = None
+
+    @property
+    def len(self):
+        if not hasattr(self, '_total_len'):
+            self._total_len = self.storage.file_size(self.file)
+        return self._total_len - self.fp
+
+    def read(self, chunk_size):
+        if not self._stream:
+            self._preload = b''
+            self._stream = self.storage.read_file(self.file, chunk_size)
+
+        data = self._preload
+        while len(data) < chunk_size:
+            try:
+                chunk = next(self._stream)
+            except StopIteration:
+                chunk = None
+            if not chunk:
+                self._preload = b''
+                self.fp += len(data)
+                return data
+            data += chunk
+
+        self._preload = data[chunk_size:]
+        data = data[:chunk_size]
+        self.fp += len(data)
+        return data
+
+
+class ProjectStorage:
+
+    def __init__(self, project):
+        self.project = project
+
+    def read_file(self, path, block_size=4096):
+        raise NotImplementedError
+
+    def file_size(self, file):
+        raise NotImplementedError
+
+    def file_path(self, file):
+        raise NotImplementedError
+
+    def restore_versioned_file(self, file, version):
+        raise NotImplementedError
+
+    def download_files(self, files, files_format=None, version=None):
+        """ Download files
+        :type files: list of dict
+        """
+        if version:
+            for f in files:
+                self.restore_versioned_file(f['path'], version)
+        if files_format == 'zip':
+            paths = [{'fs': self.file_path(f['location']), 'n': f['path']} for f in files]
+            z = zipfly.ZipFly(mode='w', paths=paths)
+            response = Response(z.generator(), mimetype='application/zip')
+            response.headers['Content-Disposition'] = 'attachment; filename={}{}.zip'.format(
+                quote(self.project.name.encode("utf-8")), '-' + version if version else '')
+            return response
+        files_dict = {}
+        for f in files:
+            path = f['path']
+            files_dict[path] = (path, StorageFile(self, f['location']))
+        encoder = MultipartEncoder(files_dict)
+
+        def _generator():
+            while True:
+                data = encoder.read(4096)
+                sleep(0)
+                if data:
+                    yield data
+                else:
+                    break
+        return Response(_generator(), mimetype=encoder.content_type)
diff --git a/server/src/templates/email/account_has_been_closed_warning.html b/server/src/templates/email/account_has_been_closed_warning.html
new file mode 100644
index 00000000..f28a90bd
--- /dev/null
+++ b/server/src/templates/email/account_has_been_closed_warning.html
@@ -0,0 +1,8 @@
+{% extends "email/components/content.html" %}
+{% block html %}
+  <p>Dear {{ account_name }},</p> <br>
+  <p>{% if account_type == "user" %} We're sorry you're leaving us. {% endif %} Your account has now been deactivated and will be permanently deleted in {{ days }} days.
+    Should you change your mind in the meantime, please contact us at <a href="mailto:{{ contact_email  }}">{{ contact_email  }} </a> and we can reactivate your account for you.
+    After {{ days }} days your account will have been deleted and will not be recoverable.</p>
+
+{% endblock %}
\ No newline at end of file
diff --git a/server/src/templates/email/components/base.html b/server/src/templates/email/components/base.html
new file mode 100644
index 00000000..fd97a251
--- /dev/null
+++ b/server/src/templates/email/components/base.html
@@ -0,0 +1,258 @@
+{% set base_url = config['MERGIN_BASE_URL'] or "https://public.cloudmergin.com" %}
+{% set logo_url = config['MERGIN_LOGO_URL'] %}
+<!doctype html>
+<html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office">
+  <head>
+    <title></title>
+    <!--[if !mso]><!-- -->
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <!--<![endif]-->
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <style type="text/css">
+      #outlook a { padding:0; }
+      .ReadMsgBody { width:100%; }
+      .ExternalClass { width:100%; }
+      .ExternalClass * { line-height:100%; }
+      body { margin:0;padding:0;-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%; }
+      table, td { border-collapse:collapse;mso-table-lspace:0pt;mso-table-rspace:0pt; }
+      img { border:0;height:auto;line-height:100%; outline:none;text-decoration:none;-ms-interpolation-mode:bicubic; }
+      p { display:block;margin:13px 0; }
+      a { color: #e67e23;}
+    </style>
+    <!--[if !mso]><!-->
+    <style type="text/css">
+      @media only screen and (max-width:480px) {
+        @-ms-viewport { width:320px; }
+        @viewport { width:320px; }
+      }
+    </style>
+    <!--<![endif]-->
+    <!--[if mso]>
+    <xml>
+      <o:OfficeDocumentSettings>
+        <o:AllowPNG/>
+        <o:PixelsPerInch>96</o:PixelsPerInch>
+      </o:OfficeDocumentSettings>
+    </xml>
+    <![endif]-->
+    <!--[if lte mso 11]>
+    <style type="text/css">
+      .outlook-group-fix { width:100% !important; }
+    </style>
+    <![endif]-->
+
+    <!--[if !mso]><!-->
+    <link href="https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700" rel="stylesheet" type="text/css">
+    <link href="https://fonts.googleapis.com/css?family=Cabin:400,700" rel="stylesheet" type="text/css">
+    <style type="text/css">
+      @import url(https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700);
+      @import url(https://fonts.googleapis.com/css?family=Cabin:400,700);
+    </style>
+    <!--<![endif]-->
+
+    <style type="text/css">
+      @media only screen and (min-width:480px) {
+        .mj-column-per-100 { width:100% !important; max-width: 100%; }
+      }
+    </style>
+    <style type="text/css">
+      @media only screen and (max-width:480px) {
+        table.full-width-mobile { width: 100% !important; }
+        td.full-width-mobile { width: auto !important; }
+      }
+    </style>
+    <style type="text/css">.hide_on_mobile { display: none !important;}
+      @media only screen and (min-width: 480px) { .hide_on_mobile { display: block !important;} }
+      .hide_section_on_mobile { display: none !important;}
+      @media only screen and (min-width: 480px) { .hide_section_on_mobile { display: table !important;} }
+      .hide_on_desktop { display: block !important;}
+      @media only screen and (min-width: 480px) { .hide_on_desktop { display: none !important;} }
+      .hide_section_on_desktop { display: table !important;}
+      @media only screen and (min-width: 480px) { .hide_section_on_desktop { display: none !important;} }
+      [owa] .mj-column-per-100 {
+          width: 100%!important;
+        }
+        [owa] .mj-column-per-50 {
+          width: 50%!important;
+        }
+        [owa] .mj-column-per-33 {
+          width: 33.333333333333336%!important;
+        }
+        p {
+            margin: 0px;
+        }
+        @media only print and (min-width:480px) {
+          .mj-column-per-100 { width:100%!important; }
+          .mj-column-per-40 { width:40%!important; }
+          .mj-column-per-60 { width:60%!important; }
+          .mj-column-per-50 { width: 50%!important; }
+          mj-column-per-33 { width: 33.333333333333336%!important; }
+          }
+    </style>
+
+  </head>
+  <body style="background-color:#eaedf2;">
+    <div style="background-color:#eaedf2;">
+      <!--[if mso | IE]>
+      <table align="center" border="0" cellpadding="0" cellspacing="0" class="" style="width:600px;" width="600">
+        <tr>
+          <td style="line-height:0px;font-size:0px;mso-line-height-rule:exactly;">
+      <![endif]-->
+
+  <div style="background:#eaedf2;background-color:#eaedf2;Margin:0px auto;max-width:600px;">
+    <table align="center" border="0" cellpadding="0" cellspacing="0" role="presentation" style="background:#eaedf2;background-color:#eaedf2;width:100%;">
+      <tbody>
+        <tr>
+          <td style="direction:ltr;font-size:0px;padding:40px 0px 40px 0px;text-align:center;vertical-align:top;">
+            <!--[if mso | IE]>
+            <table role="presentation" border="0" cellpadding="0" cellspacing="0">
+              <tr>
+                <td class="" style="vertical-align:top;width:600px;">
+            <![endif]-->
+
+  <div class="mj-column-per-100 outlook-group-fix" style="font-size:13px;text-align:left;direction:ltr;display:inline-block;vertical-align:top;width:100%;">
+
+    <table border="0" cellpadding="0" cellspacing="0" role="presentation" width="100%">
+      <tbody>
+        <tr>
+          <td style="background-color:#FFFFFF;border-radius:0px;vertical-align:top;padding:10px 15px 10px 15px;">
+
+    <table border="0" cellpadding="0" cellspacing="0" role="presentation" style width="100%">
+      <tr>
+        <td align="center" style="font-size:0px;padding:0px 0px 0px 0px;word-break:break-word;">
+          <table border="0" cellpadding="0" cellspacing="0" role="presentation" style="border-collapse:collapse;border-spacing:0px;">
+            <tbody>
+              <tr>
+                <td style="width:108px;">
+                  <img height="auto" alt="Mergin" src="{{ logo_url }}" style="border:0;display:block;outline:none;text-decoration:none;height:auto;width:100%;font-size:13px;" width="108">
+{#                  {% include 'email/components/logo.html' %}#}
+                </td>
+              </tr>
+            </tbody>
+          </table>
+        </td>
+      </tr>
+
+      {% if subject is defined %}
+      <!-- HEADLINE -->
+      <tr>
+        <td align="left" style="font-size:0px;padding:15px 15px 15px 15px;word-break:break-word;">
+          <div style="font-family:Ubuntu, Helvetica, Arial, sans-serif;font-size:11px;line-height:1.5;text-align:left;color:#000000;">
+            <h1 style="font-family: 'Cabin', sans-serif;">
+              <span style="font-size: 18px; color: #2d4470; background-color: #ffffff;">
+                <strong>{{ subject }}</strong>
+              </span>
+            </h1>
+          </div>
+        </td>
+      </tr>
+      {% endif %}
+
+      <!-- CONTENT, just an example, should be overwritten by child templates, e.g. using content_row.html -->
+      {% block content %}
+      <!-- main email body -->
+      <tr>
+        <td align="left" style="font-size:0px;padding:15px 15px 15px 15px;word-break:break-word;">
+          <div style="font-family:Ubuntu, Helvetica, Arial, sans-serif;font-size:11px;line-height:1.5;text-align:left;color:#000000;">
+            <p><span style="color: #2d4470; font-size: 13px;">Dear user,</span></p>
+            <p> </p>
+            <p style="text-align: justify;"><span style="color: #2d4470; font-size: 13px;">Lorem ipsum dolor sit amet, <strong>consectetur adipiscing elit</strong>, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.</span></p>
+          </div>
+        </td>
+      </tr>
+
+      <!-- some additional action -->
+      <tr>
+        <td align="left" style="font-size:0px;padding:15px 15px 15px 15px;word-break:break-word;">
+          <div style="font-family:Ubuntu, Helvetica, Arial, sans-serif;font-size:11px;line-height:1.5;text-align:left;color:#000000;">
+            <p><span style="font-size: 13px; color: #2d4470;">  Lorem ipsum dolor sit <span style="color: #e67e23;"><a style="color: #e67e23;" href="https://public.cloudmergin.com/">amet</a></span>.</span></p>
+          </div>
+        </td>
+      </tr>
+      {% endblock %}
+
+      <!-- footer -->
+      <tr>
+        <td align="left" style="font-size:0px;padding:15px 15px 15px 15px;word-break:break-word;">
+          <div style="font-family:Ubuntu, Helvetica, Arial, sans-serif;font-size:11px;line-height:1.5;text-align:left;color:#000000;">
+            <p><span style="color: #2d4470; font-family: arial, helvetica, sans-serif; font-size: 13px;">Let us know if you have more questions.</span></p>
+            <p> </p>
+            <p><span style="color: #2d4470; font-family: arial, helvetica, sans-serif; font-size: 13px;">Kind regards,</span></p>
+            <p><span style="color: #2d4470; font-family: arial, helvetica, sans-serif; font-size: 13px;">The Mergin team</span></p>
+          </div>
+        </td>
+      </tr>
+
+      <tr>
+        <td class="hide_on_mobile" style="background:#FFFFFF;font-size:0px;word-break:break-word;">
+        <!--[if mso | IE]>
+          <table role="presentation" border="0" cellpadding="0" cellspacing="0"><tr><td height="50" style="vertical-align:top;height:50px;">
+        <![endif]-->
+          <div style="height:50px;">&nbsp;</div>
+        <!--[if mso | IE]>
+            </td>
+          </tr>
+        </table>
+
+      <![endif]-->
+        </td>
+      </tr>
+
+      <tr>
+        <td style="font-size:0px;padding:10px 25px;padding-top:10px;padding-right:10px;padding-bottom:10px;padding-left:10px;word-break:break-word;">
+          <p style="border-top:solid 1px #2D4470;font-size:1;margin:0px auto;width:100%;">
+          </p>
+          <!--[if mso | IE]>
+            <table align="center" border="0" cellpadding="0" cellspacing="0" style="border-top:solid 1px #2D4470;font-size:1;margin:0px auto;width:550px;" role="presentation" width="550px">
+              <tr>
+                <td style="height:0;line-height:0;">
+                  &nbsp;
+                </td>
+              </tr>
+            </table>
+          <![endif]-->
+        </td>
+      </tr>
+
+      <tr>
+        <td align="left" style="font-size:0px;padding:0px 15px 15px 15px;word-break:break-word;">
+          <div style="font-family:Ubuntu, Helvetica, Arial, sans-serif;font-size:11px;line-height:1.5;text-align:left;color:#000000;">
+            <p style="text-align: left;"><span style="font-family: arial, helvetica, sans-serif;"><span style="color: #2d4470;">You can disable notifications </span><span style="color: #e67e23;">
+              <a style="color: #e67e23;" href="{{ base_url }}/profile">in your profile</a></span>.</span></p>
+          </div>
+        </td>
+      </tr>
+  </table>
+
+        </td>
+      </tr>
+    </tbody>
+  </table>
+
+  </div>
+
+      <!--[if mso | IE]>
+        </td>
+
+    </tr>
+
+              </table>
+            <![endif]-->
+          </td>
+        </tr>
+      </tbody>
+    </table>
+
+  </div>
+
+
+  <!--[if mso | IE]>
+      </td>
+    </tr>
+  </table>
+  <![endif]-->
+
+  </div>
+  </body>
+</html>
\ No newline at end of file
diff --git a/server/src/templates/email/components/content.html b/server/src/templates/email/components/content.html
new file mode 100644
index 00000000..50faf29c
--- /dev/null
+++ b/server/src/templates/email/components/content.html
@@ -0,0 +1,8 @@
+{% extends "email/components/base.html" %}
+{% import "email/components/content_row.html" as content_row with context %}
+
+{% block content %}
+  {% call content_row.content() %}
+    {% block html %} {% endblock %}
+  {% endcall %}
+{% endblock %}
\ No newline at end of file
diff --git a/server/src/templates/email/components/content_row.html b/server/src/templates/email/components/content_row.html
new file mode 100644
index 00000000..0a283eee
--- /dev/null
+++ b/server/src/templates/email/components/content_row.html
@@ -0,0 +1,9 @@
+{% macro content() -%}
+<tr>
+  <td align="left" style="font-size:0px;padding:15px 15px 15px 15px;word-break:break-word;">
+    <div style="font-family:Ubuntu, Helvetica, Arial, sans-serif;font-size:13px;line-height:1.5;text-align:left;color: #2d4470;">
+      {{ caller() }}
+    </div>
+  </td>
+</tr>
+{%- endmacro %}
\ No newline at end of file
diff --git a/server/src/templates/email/components/logo.html b/server/src/templates/email/components/logo.html
new file mode 100644
index 00000000..d65966a1
--- /dev/null
+++ b/server/src/templates/email/components/logo.html
@@ -0,0 +1,470 @@
+<img height="auto" alt="Mergin" src="data:image/jpg;base64,/9j/4AAQSkZJRgABAQIAJQAlAAD/4RAcRXhpZgAASUkqAAgAAAAFABoBBQABAAAASgAAABsBBQAB
+AAAAUgAAACgBAwABAAAAAwAAADEBAgAMAAAAWgAAADIBAgAUAAAAZgAAAHoAAAC9AAAABQAAAL0A
+AAAFAAAAR0lNUCAyLjEwLjgAMjAyMDoxMToxMiAwOToyOTo1MwAIAAABBAABAAAAAAEAAAEBBAAB
+AAAAaAAAAAIBAwADAAAA4AAAAAMBAwABAAAABgAAAAYBAwABAAAABgAAABUBAwABAAAAAwAAAAEC
+BAABAAAA5gAAAAICBAABAAAALQ8AAAAAAAAIAAgACAD/2P/gABBKRklGAAEBAAABAAEAAP/bAEMA
+CAYGBwYFCAcHBwkJCAoMFA0MCwsMGRITDxQdGh8eHRocHCAkLicgIiwjHBwoNyksMDE0NDQfJzk9
+ODI8LjM0Mv/bAEMBCQkJDAsMGA0NGDIhHCEyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIy
+MjIyMjIyMjIyMjIyMjIyMjIyMv/AABEIAGgBAAMBIgACEQEDEQH/xAAfAAABBQEBAQEBAQAAAAAA
+AAAAAQIDBAUGBwgJCgv/xAC1EAACAQMDAgQDBQUEBAAAAX0BAgMABBEFEiExQQYTUWEHInEUMoGR
+oQgjQrHBFVLR8CQzYnKCCQoWFxgZGiUmJygpKjQ1Njc4OTpDREVGR0hJSlNUVVZXWFlaY2RlZmdo
+aWpzdHV2d3h5eoOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU
+1dbX2Nna4eLj5OXm5+jp6vHy8/T19vf4+fr/xAAfAQADAQEBAQEBAQEBAAAAAAAAAQIDBAUGBwgJ
+Cgv/xAC1EQACAQIEBAMEBwUEBAABAncAAQIDEQQFITEGEkFRB2FxEyIygQgUQpGhscEJIzNS8BVi
+ctEKFiQ04SXxFxgZGiYnKCkqNTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqC
+g4SFhoeIiYqSk5SVlpeYmZqio6Slpqeoqaqys7S1tre4ubrCw8TFxsfIycrS09TV1tfY2dri4+Tl
+5ufo6ery8/T19vf4+fr/2gAMAwEAAhEDEQA/APn+iiigAooooAKKKKACiiigAooooAKKKKACiiig
+AooooAKKKKACiiigAooooAKKKKACiiigAqe0s7m+uFt7SCSeZzhUjUsTUFe3+DtMfw94atL2Gza4
++0RiS4VVHnLnqR/eA9OtceNxX1aCaV29jqwuH9vOzdktzF8OfCgALca7Lk9RbRHj/gTf0Fek2+m2
+VpZ/ZILWFLfGDGEGD9fWn2l7b30IltpVkTocdQfQjqDU9fKYnFVq0v3j+R9JQw9KlH92jgfEnww0
+/Ut1xpbCyucfcA/dsfp2/CvJ9Z0DU9BufI1G1aInlWHKsM9QR/8Arr6RnuYbWPzJ5FjX1Y9ax722
+k8SWcltLbG3sZARvmUea3uq87fqefau3B5nWpaT1j5nJisvpVNYaSPnSiiivqj5wKKKKACiiigAo
+oooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiphaXBiMohk2eu2oabTQBRRRSAK+l9B/5A
+Fh/1wX+VfNFfSPha4+1eFtMmC7d9upxnOOK8LPF7kH5nsZO/fkvIsXOlRSzm5gdrW7IA86Lv7MOj
+Dr19eMVnDVdVOpf2ObeAXgj843O4mPy8kbtvXdkfd6e9dBWJ5Lr458442PpuwfUS5P8A6EK8KnK9
+1LWy0PZnGzTjpdl6302OKXz5ne4uP+eknOP90dB+FXaKQkKCSQAOSTWLbe5oklsfLFFFFfoB8UFF
+FFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUVb0+xe/uRGvCjlm9BTSbdkJu2rKlWLCNJ
+b+BHGVLgGunXQLAR7TGzN/e3nNc1e25sL940Y/Icq2ea1lSlTtKRKmpaI7fAAxgY9K4zV40i1SZY
+1CrnOB9KuDxJciHb5Ue/GN3P8qx5JHlkaR2LMxySe9XXqxmkkRTg4u7G0UUVzGwV1nhTx5qHhtkt
+5P8ASdPz80LfeX/dPb6HiuTorOrRhWjyTV0aU6s6UuaDsz6S0PxJpniG3EthcB2A+aM8Mv1FPf8A
+5GiD/ryk/wDQ0r5vt7me0mE1tNJDIOjxsVI/EV0C+PfEKz/aBeL9p8j7P5xjUtt3bvTGe2cdPfmv
+CqZLJSbpS08z14ZsnG1Ra+R7drXiLTNAgMl/cqhxlYwcs30FeQ+J/iPqOupJaWqCzsmOMKf3jj/a
+P9B+dcfc3M93O01zM8srHJd2yTUVduEyqlQ96XvSOXE5jUre7HRHXroFgrZ8tz7Fqstp1obd4Vgj
+RXXBIUZ+v1rJ8OzTzyzmWZ3CgYDsT61vscKT7V9NTUJRukeJK6dmyrb6ZZ2wHlwIWH8TDJ/OpZbW
+CaMpJCjL6FRXEtdTtceeZW8zOd2eldtaSme0hlPV0DVNKpGd0kOcXHVsz4NAtIpWdwZAT8qt0A/r
+WklvDGu1IY1X0CgCsjxHJLHbxeXIyBmIYA4zWboFw8eorFuOyQEbe2etLnjCfIkHK5R5rm3qGjwX
+cTGONI5uSGUYyfeuQIKkgggjgg16DXGz2xl154Ou+bnHoTk1GIprRoqlLdMs6Tov2tBPcZER6L0L
+e/0re8qw0+LcUhiXpkgZP+NWkVUQIowoGAKxdW0q81C6Do8QjUYUMx/HtWih7OPuq7I5uZ6s0FWw
+1CPKpDMo46Dj/CsLV9GFqn2i3z5f8S+lXtI0q7sLlnkeMxsuCFJ/DtWvNGJoXjYAhgRzRye0h7ys
+x83LLR6GDpWj2l1YxzShi5JzhsDrWvDp1nb8x28YP94jJ/WuUsLieO+t4VmkEfmqNoY46+ldrSoc
+sltsFS6e5mRaJardSTPGrAtlUx8oH0q89tBJGUeFCp7FRWBrupyC4+yxMVCEFiO560J4lcRYaAF8
+cEHij2lOLcQ5JNXKU+mM2rvaW/TOcn+EV0Npo1naoMxrI/dnGaq+H2a4+1XUp3SuwBPoPb8/0q9q
+rsmmTspwdvWlThFRc7DlJt8oR3FhcStAjRO2OVxkVNFbQ25YwxIhbrtGK4aKRoZUkQ4ZSCK75TuR
+W9Rmqo1PaXuthTjynONr13aySQzwq0ise+MVcg0u2v4Y7u4DNLKAzYbArP8AEiAXsbAcsnNQ6Pcz
+tqVvGZ5DHkjaXOOh7Vlz2nyT1L5fd5lodLBYWlv/AKqBAemcZP51y15Gr668ZHyNMFIHpmuyrh79
+mGpTsCQwckEHmqxCSiiaWrZ0qaDYK2fLZvYtViXTbWS2aBYURW7qozWd4dmmmWcyyySAEYLMTitW
+9kaKymkQ4ZUJBrWHI4cyRMuZO1xkGm2dvjy7dMj+IjJ/OpJrS3nQrJDGw91HH0rh2uJnlErSuZB0
+YtyK7axlaexhlb7zICamlUjO6SHOLjrc5TVrD7BdbVyY3GVz/KqFdL4mQG2gf+IOR+Y/+tXNVyVo
+qM2kbQd4hRRRWRZv+GPv3P0X+tb83+ok/wB01i+G4JYxPI6FVbAGRjPWtuYEwuB12mvRoq1NHLU+
+I4Cu403/AJBlt/1yX+Vca9rPHIsbxOHbouOTXa2UbRWMEbjDKgB/KscMmpM0rPRGV4m/49Yf9/8A
+pWRov/IXt/qf5GtvxBBLcW8KxRs5D5OPpWTolvKdUjfYwWMncSOnGMUqiftl8gi/cOurmYsDxZz0
+3n/0GumrlL1Li11d7wRsI0kB3Y4xwK2r6WfmRT6nV1gX+t3NpeyQiJNqngnuK3Y5FljV0OVYZBrH
+1rSZLt1ntwC4GGU96qrzct4Ewtf3jPfxHdkDaka/hmm/8JFff9Mv++arJpN87bRbuPc8CtiDw/FH
+ZyC5ceaR94dErmj7aXU2fIjH0399q8BcDmTdxxz1rta5DR7aRtVjZQWjRjlwOOK6+tsMnyu5FV6n
+Gaz/AMhe4+o/kKoVqa1bT/2hcT+U3lZHzY46AVl1x1FabNofCjb8PXyQSvbyEASHKn39K6K4hW5t
+5IW6OuM1zOh6ct5K00vMcZ6eprob26e0hDRWzzH0U4xXZRb9n72xhU+LQ5uHQbx7ry5E2Rg8vkdP
+aut4UdgB+lYcniGRFydPkBxzuYjH6Vl3us3N6uwkRxnqq9/rURnTpJ8pTjOb1DWb1b29Jj5jQbVP
+r70miDdq8H4n9DWfWtoFvK2pRzBD5ahstjjoRWEG5VE/M0aUY2OsrhtQ/wCQhP8A75rua4zUrSdb
+ueUxMIy/3scV04lNxVjKluavhj/UXH+8P5Vqaj/yDbj/AK5ms/w5DJFbTM6FQzDGRjNaV+rPYTqo
+JYoQAKumv3RMvjOFrttK/wCQXbf7grjpLaaJwjxMrHoMcmux0uJ4dOhSRSrBeQawwyakzSq9Ch4m
+/wCPOH/rp/Q1zFdX4gglntYliRnIfJA+lcs6NE5R1KsOoPaoxCfPcqk/dG0UUVgaHWJr9gqKu9+B
+j7ppf+EgsP7z/wDfJrkqK6PrMzL2UToJdWtH1aC5DN5ccZB+Xuau/wDCQWH95/8Avk1yVFJYiaG6
+UWdb/wAJBYf3n/75NVLDWLS3NzvZvnmZ1wvY1ztFDxE27h7NWsdb/wAJBYf3n/75NU9V1e0u9Pkh
+iZt5Ixlcd656ih4ibVmCpJO5p6brMtj+7ceZD6dx9K34tasJVB88L7NxXG0UoV5RVglTTOyl1qwi
+GfPDeyjNYOo61LegxRr5cPpnk/WsuiideclYI00jf0jVrWzsfKmZg24nhc1e/wCEgsP7z/8AfJrk
+qKccROKsgdNN3Oi1PWLS606WGJmLtjGVx0INc7RRWc5ubuyoxUVZG54dvBFI9swOHO5SB0PvXTVk
++H7eNNOWYKPMkJ3N34JFQ+Ibm4gWAQs6IScspxz2FdsG4UrswkuadkbZUHqAahls7acYlgRvqtcg
+uqXynIupPxOf51s6Jql1dzmGbDqFzvxgilGvCb5bA6birlTWNHW0j+0W+fKzhlJztqfStXtbTT0h
+lZg4Jzhc961NXKDSrjfjG3Az69v1riqyqP2U7xLh78bM63/hILD+8/8A3yarX+s2dxa+XGzFt6nl
+fQg1zdFQ8RNqxSpRR1o8QWAAG5/++TR/wkFh/ef/AL5NclRT+szF7KJvT6rayaxbXILeVGrBvl9Q
+av8A/CQWH95/++TXJUUliJq43TTOt/4SCw/vP/3ya5u/mS4vppo87GbIzVaipnWlNWY4wUXdBRRR
+WRYUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAG9omrxwRC1nIVQfkf69jW8wt7yEqfLl
+jb6EUUV24ebkuVnPVSTuiodD0/OfJ46/eNON1p2mxFFaNAP4U5JoorSdqavFEx952Zz2qas9+Qij
+bCpyB3P1rNoorglJyd2dKSSsgoooqRhRRRQAUUUUAFFFFABRRRQB/9kA/9sAQwADAgIDAgIDAwMD
+BAMDBAUIBQUEBAUKBwcGCAwKDAwLCgsLDQ4SEA0OEQ4LCxAWEBETFBUVFQwPFxgWFBgSFBUU/9sA
+QwEDBAQFBAUJBQUJFA0LDRQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQU
+FBQUFBQUFBQU/8IAEQgA7gJJAwERAAIRAQMRAf/EABwAAQADAQEBAQEAAAAAAAAAAAAGBwgFBAMB
+Av/EABsBAQADAQEBAQAAAAAAAAAAAAADBAUCAQYH/9oADAMBAAIQAxAAAAHVIAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAB+eIr87vQj5H6fraefPPsflehdqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+DgY2rX/xP1vKzL4H998zD6n56c/YfLeiaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeeGWufhPsoz
+8/tPAAA9NiGwvufkJT9DhgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAARnB2/FUswX436j4QSgAf115L
+/qfnuheqcPH07P8A0H4gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAVR+b/e+KpZnn2fysdwtiK/N7rw
+JFvZEk38WI/MfQcfJ0Ren7F+XAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACpvzX77iY+n++pV9LgyDc
+yYv87tyTex4/ia0Y+d23gC9P2L8uAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFS/mn3/FyNID6y8Wt+
+k/B1T+bfefKLsAenQhuv9S/NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABU/wCa/fcPH0wBY/6B8bXH
+5/8AZAAd76nKtb7n4MAAAAAAAAAAAAAAAAAAAAAAAAD8P0AAAAFW/nn3MdwNgAT77f5SA/EfVgB6
+s39L+Jk+tiAAAAAAAAAAAAAAAAAAAAAAAAChdCtQmjVtylPpnLuAAAAcXK0qy/PvtvFTsgTn7H5e
+DfHfUAfaaOf/AG3ycv8ApvngAAAAAAAAAAAAAAAAAAAAAAAAMKb+bzu+Ruf5/T6vPoAAAHwhlgXx
+v1cQ+X+g/OfZz9j8vBvjvqP31KvpcGffZ/KeuzXAAAAAAAAAAAAAAAAAAAAAAAAAGS9ijW9qGSxd
+7UwtH+wAAAADlZ1+v/ivrJBuZMewtef/AGnyfX088AAAAAAAAAAAAAAAAAAAAAAACHTR5s1Knn98
+1Bk3ZZF35PfK/sRTmCXpc+gAAAAAAAAAAAAfI8/vnt89AHnPx56XoAAA53vn9Hv89AAAAHyPH150
+efQAPH75/B7/AD3l9c4t3c/k98jQubbvfPsgfM+gAAAPN758j3eegAAAAU5dr8vryD2Iq8tRaUyr
+lV3IK7sw/H1JYu9UZF2KS8UXoVolPH+Ezgk1Fk3ZPF2B8yj79alb9fgycCSxd3ln2blpWBVVuCPy
+cw6eOt7UOm8m7ye+c+6dTn9eXNQs6VzLYrO1DQWjVhs8f4dmPrvx9/2Xfn2a5tQ2vTnjMvEbl4rO
+3D5/fNv4Olye+avtQ8WTmvLMUYl409lXKL0K0GsRfwTWvLqLJuSWPsAAADAf0WWAB0Offl68nvg+
+p8jp8deTrzz++CUQ97Tw9H9PmZS2KNaWofX57dFCx+vaRv1fj6v/ADbV+59rEu7nR2XgCYwSQ+eP
+9P5P03p87qU3er5v1KYu2hZkEXeeNOp8PfJjBJsTFv8A389o2/Wzrp1AO/H1t3B0oJPHj7bzwAOp
+x14uvPh74JXDJs/D0P6AAABDpuKF0KtXXIBcdGxpfLucjvnFu7nc7rwaeybtu05+N3zi/dzub14N
+rYOjJo+6QvVs5alQahybtt05xmbUp05er/bxt/B0uZ15Sl+vTF6sPoaox70fk4ztqVLSpz6Sy7eI
+N/O8/vll1JtY5F4Zy06lIX6w0rlXLnpWOP3zHe+ce7meJDH3tvB0fJ75GZecq69GPS8DWuNfsatL
+xe+cY7mfzO+RszD0JhDIAAABmLVpVBdgGmcq5cdKwMoa9GsrcI13i37BryjJOxRrm1CNd4t+wa8u
+Jd3OjsvA0fl3PR4EDsRVJdgGo8i7bNSegtGrQGjVF5Z9nRWbbHyPqVnahyfsURfGda0JnWhWVqHK
+GxRFy0bGl8u4PB75hL6HMEmh72th6IGJt3OjkvA3387qfoMoa9GsrcI1tjX7GrSgAAAZg1qVRXIB
+qHJu23TnGX9alUdyAa2xr9jVpRlXWpVbcgGtca9MoJMMfQZoAA+vnvp89+3i+861dtGxQOjVoHRq
+jTuVct+lYAFZ2ocn7FEXLRsaXy7grG1DlHYoi9s+1obNtDldeYY+gzBKoZNpYegBiHezeDJyN9/O
+6n6DLetSqe5ANZ416ya0wAAAGXdalUtyAaqx71pVZhmDWpVFcgGtMa9ZFaYZX1qVV3IBrPGvSaLv
+E29nDr8dbSwtH1cvs9/sAAoDRq0Fo1Rp3KuW/SsADxe+Ys3c7hyc9bjrauFo9Hn3L2rTqS7X/s2V
+h6EvhkHBk5xDvZolkEm0MTQAxBvZvCk5G+/ndT9Bl/WpVHcgGsca9ZdaYAAADLetSqe5ANYY16zK
+0wy7rUqluQDWeNesmtMMr61Kq7kA1njXp/Xlwh9Dmfwf0bm+f0+pz6AABn7Rq0Jo1Rp3KuW/SsAA
+ReXjHe3n8/ryQR99mPqDWIvv40nlXbipzgRyTjE29nCXwSbNxNADD29m8STkb7+d1P0GYdWlUN2A
+axxr1l1pgAAAMp69Kr7cA1pjXrIrTDK+tSqu5ANZ416ya0wylr0qwtwDWeNesmtNj7aoQSxENGZl
+u8KFkD4vM+aVa7qFjt8dZw06lJX6w07lXLfpWAAM8aNWi9GrOK8vr899PKYQyW9SsSGPoARSXjF2
+7nCYwSbLxNADDe/m8fvkb7+d1P0GaNSnTV6uNY416y60wAAAj0nGRNqjH5OBoTNt2rTm+/nuQNuh
+HpOBoHNt2xTm+/nuP9uhH5OBoDNt2xTmjcvOTNmh+H28Xjn2pVF3y++aguwRSaPVuPel8EmTtmjE
+ZoxeOfZt+lYlkXYEGnjx5t5/r890/kXZdD324+vS9AA+LyjNCvnzSqCSxd6Qy7k+ryRGbjIe1Q83
+vg1pjX5tB3/T3JexRg9iIX/m27QqSy2KQAADGO3nxGeMAX9nWofNxWNuAAX9nWuJ3zTl6uAL+zrV
+/Z1qlL1fO2nU8/vgA6vHWmcq5Z1WbI+zRruzCALepT6eyroEBsRZB2qAAHT46k8XdhVpbpo2Ovx1
+Bp48ebeeABsTE0Md7eeABrzFv0VoVq4tQgC3qU+nsq6AABXliLze+ACTR98zrzmdcgCTR9+b3zhd
+8gCTR9yaLscXvmprkEYm49XPs1gktCpN6/PRB54+X1yAO5x1MIZABnLSqUhoVgAAOvx1svD0PR57
+BZ4gAJ1BLBZ4gAJzBJGpeeX1yAO5x1MIZAAAAAAAAAAAAAAAAAAAAABF5eMlbNHhycaNy7fp895v
+XnFk5gNiKITxjQubbvfPsgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZd1aVS3YJfBJs3E0AB/JjDcz
+opNxe+da0LnWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMra1KrLkHp891zi351BIBWlmHK2xS/l5s
+fE0JfDIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7EWTdij4evP0kEXfQ5940nPH7578femcm5Yle
+UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADj981Jcgr2xHC54+7F1P4ZLBrS2PVl+r0AAAAAAAAAAA
+AAf/xAAwEAABAwQBAgQFBAMBAQAAAAAFAgMEAAEGBxAXIBEwNTYSExQVUCUmMWAWIUAiI//aAAgB
+AQABBQL+g3v4Wmn2mKkkZEpUI88xUSezNT/RJxlmHUwk/NvylV0KhZCpFMSG5KP6A+8mO1POOyvI
+YkORlizP1ivz8oxaJOlhmZqHmHI6+1KbqvCx9S6fLRh6P8gl/nzd/wBTiTnYS2ZkQw3PAuR+yEFf
+l1d2EEtNKPzf6Ca9T4gn3GKdhwzCPsMr56IcIOicddk/0Mz6ny24ppVpKvtLjinl9nwfnzXqfYm/
+7c7fkflPHyz6fAl2JV+2e36C/wCTzjMno0hTzi3cRzaRFleSSGIIIlRHYbnNvbHLTK31jQVmL/ky
+K1OEOBLqnxXkvMIkIn4+tqr2um9W9sV/NQQDr9RorURH5TOQSxRisfCOniKEWbR5cwYxNtMCyItJ
+R+2oYaRLqELYhfkskyaPjsYhmZcguFlxeCvGTychGVKiMzmL68DXcgDYwtj/AK1uoapM2Oq/YuQ0
+1SJLLnkukojFNT4z/luOIaSySiSFdr02PHpshFe4JkGxUAoSeLzuNV2X8jn5ifHyHZLTFNz4z1/L
+VtAdT+027UR2EVnWelPSHBuZQxuMFs+JkruvLfXQnIp4VeOZJHyGGf2DEG3I5WUKK/ngRlpIO4Ay
+CPkEPlxxLSD2yUMqnnSBS/A/JCQu+PbEZnK4n7FgQJb+02rVP2OUlWlTpE1WuJHzsdybYKIKpxGS
+SdrDMzfjyuMizqIFUTy8qUv/ADxCMzh1zGYTzcDDQdjhnJsFYNKj6wIKdW+OwIS5tGBapW0pCrFc
+jIGrgfXKKkmw49W0IFSdp3olmhYnUSc7FmnM9HiqKZsVJ3Uq61UGy8kGWBPxsgh+dGHyplSIj8NX
+CHVtcMDJkpD8d2MvjGzSwRW17KtS1paRl+XOHX6ixXZr8DV7ziCGr3W2nWlsO1r7KVKVWRev8w8i
+dH4/V7XTev4pi97s53lyoHIDXC5bRXWcZTD7C4z1YsfVjxNh9Elmtpr8InID16s59q9rIuZJQ8w5
+GXxjJtYIra9lW8j/AA8NWwBsUWT412BYJyEpsixYTHMwyEJY2dxheLDki/4osIjGYhGCsbO4xmRe
+Vj9bJO3jsca8BJgjONljbRitMuqYdET7FBj2LCZD2xA8MVbhCFOrxHDWgrWeYi7OcWhTasPxCQSm
+FZyRg6Q+uU/WvxiSB/jZomzMrjWRNUgdRAPDK1JxIOiPxjtvE/UuIzOj/wCHhqyBhuMb4BYNAEW/
+ii4eKaik4Cxc/jEJX1mN+Ts+/wCvcavT+i8bEYszkvGBX8cV42A18rKOMCV8WK1kJD7oa4j7JGxo
+/VAfXVAfWX5dDyKBxrWTd4BW1f441qDRId4u0hV62I78GM8art/9eNis2dxrjV7l7GOCF/CBxjP+
+8h5yO/jkHFudiNWbybjX9/HFvJ2d6/xrJPhj/GzfX+Nf+1uNj+5ONfe1ysj6QX3JaWurQZN6sLm3
+rWbMiM1W1edYeg9mxGbu41xrGVZotxsV+zWNcati3vI4LX+EVxi3uPk/67xbnZdv3Dxr32x5OzPc
+HGuLeGN8bO9f4177X42T7j4177YyT/eP8B/guWbFw2rWjNWqyE27tq86w9B7JsRufEMiHwk+hRBY
+oiPIMlIlbCPoJzqQi7i8VC/Yg/B9XwguMT9ycnfXOLc7N9wca89seTsv3Dxru37Z42Zf9wca99sc
+bI9x8a99sSmfqYqk3QqrXum4uZYgO79q3/8AfGsPQe3IMfj5DDnwnRsyhJ6cEWSzQqUapllyS7h2
+E/ar85Jfwx/jEfcvJv1ri3OzvXuNee2fJ2Mr4sk4177X42Qr4sj4177Y42MrxyXjXvtis1GfbMg4
+1ueQ5F5ddQw2X2Q7YoILxzcKtpPWuQ41h6D25lnC1uVAwouRZXgBtNM67MuVA1dfxFAIIVHZlavg
+xzjD/c3Jn1fi3O0LfrHGvPbPkEsgHiaPFPvJfjEcvGCQQfIIR2iZuEHQfK/ei/GIZcMEAw+QQjtE
+zcIOg+U+9F+MPy4YIBh8ghHazjH7mxnDTq2HRGzVNNdTRXhK2jGSk3lM89dCLuKwnF1AYs86PGKy
+kzY6Z4wbKB4QUJykcbkc5qQWOx2oj/00qDsUTJSzkgp+m5LT3c88iO1nGXw5I3jHJrQ431BCVGkI
+lxz+WwgTMl+8qRx1BC0OIMlYcwhGHNZdkCchJ8YflwwQDE5SONyO/LXPm5J2aqrYrnx5L2aqraCv
+1vs1VxluB/XuPx3YrvYOFyiz+LYUyD4z9XjlPZrH1/nOIK5+OdrROZHqLm5mJcbtC/iNLRC7FZvf
+4cW7Yy7t4T24F7U2Cu6so7NY+v8AfJwQTLk9Ow1dOw1dOw1dOw1BcdhgKJYYMLTenYaunYaunYau
+nYag2OwwFGMVgHJPTsNXTsNXTsNXTsNQbHYYDkmGhGG52rmVqXrAlZTGrZaqH61GxrxYjEJrglho
+wtN6dhq6dhq6dhq6dhqEYqPByezMsJagI7xZSQHmByjZkcRHslIfTsNXTsNXTsNXTsNXTsNVh7Nh
+3TsNXTsNXTsNXTsNXTsNQ0cyJhE8NGlpnTsNXTsNXTsNXTsNQjFB4OT+MyE+zj0EwclnJKEXcXD1
+hD+nVq8dT2rGb0/q2UmxbFCYZPGrZl1M/n9lSVOnqxFpD2Sdik2VbKoTQ/IK1Yzf535/ZDfwZHUe
+QuJIx3LYZ1nnI84hiG333JT7LK5DuLA/sIj8/luMIyKJMhPj5HEfIScWr5gZvUkxOmWoUCmmncYw
+6Pj9v6CSEQy7U/VzK7zsFnQLrgOIVCxeVOqJq6Quw7XwmDdppDDf/Z//xAA3EQABAwIEBAQEAwkB
+AQAAAAABAAIDEBEEEzEyBRIgISIwQVFQYKHwFDSBFSU1QEJSYbHhI9H/2gAIAQMBAT8B+QddFhuE
+yS+KXwj6qHBwwCzGrE8Kil7x+E/RT4WXDG0g+RcLw6XE9z2asPgocNsHf36HNDhZyxPCGu8UHb/C
+lifC7lkFvkGKJ0zwxupWF4XFB4pPEfIlhZM3lkF1juHfhhmMPb5Ag4ccRh82M+JYfiUuGOViR/8A
+VHKyZvNGbjqJDRcrE8Wa3wQdyouH4jGOzMSbf7/4v2Thv8/H+GflGfr/ALWIwsWJbaQKTDYnhzsy
+M9vvVYXisc3hl8J+nRieJw4fs3xFCPF8TN3dm/T/AKsNgYcN3aLn3+QeG/lGffrXFcJjl8UXY/RR
+4nFcOdySDt96FftXD5fPf9E7EYviJ5IhZv3qVheFRQ+KTxH6fIfDvyrPv16HsbIOV4uEYG/jMn05
+kxjYxysFh083x/hv5Rn369JH7z/Xqzfj/CTfCj9elw/ev37dX4oe/wATkkt2Cuo5DofKweNfhHe7
+VBiI8Q3mjPQf4t9/29EkjIm8zzYLGcVMv/nD2HxR2tRp5Ucr4XczDYrC8WY/wz9j7+iBv3FD/Fvv
++2mixXFo4vDF4j9FNPJiHc0hv8VlbY3oxvMfNw2Nmw209vZYbiUM/Y9ii7963+9FiOJQYfte5WJx
+02J3Ht7fEnPDUZHFCRwTHcwvTVZTUABp8Mv5t/JJsLpx5jesOh/ms5qzh7IyuKuUJAGi6dKStaNe
+Wprg4J0obojI41bI5qa4OHbpdLbRF5OtQ9wTZQexqZQDZZwRmJ0RJOqiN2p8tuwRJOtI5PQ1dIGo
+yONQ4jROkLhZRt5inxhyEJ9V2jCzgjN7BOeXapu4UJsLrOajN7BGRxQNjdOkDUZHGrZHNTXBwuPP
+sToiCNenlKtarHcp6JJObsKAX0Qh90YfZaUif/SaP3HoD7NsOqR9uwq2H+5GEeiItRjuU1m06G7h
+STaerlKtarHcp8rkb7KUAHtWJt+5oRzdiiLG1Y2C16EB2qIsbVbtFJXW7VibYXrMO96aIG4uuVvs
+pQBa3QyPlUjL9xSOMk3KJsLom9Ihd1Zm+tYTcWoQDquRvtVm4U1XI32T+zqtjDaEB3Ypw5TarDdo
+8qbdWHbWbdWLbWXdWPbR5u6uc1ZzVnNUkgcKwnw0m9Kwt/q6ZdtYPWsu2sOvUzcOh+49U26sW3yp
+t1YdtZt1YttZt1YtqPYddlylcp9lDca0n9Kw7emXbWE97Vl21h9TU6Vj3DoduPVNurFt8qbdWLbW
+bdWLbWbdWLanbTVuoVvIn9Kw7eki6c3lNqNPKboG/cUldc2qxvKLVdoax7h0O3Hqm3Vi2+VNurFt
+rNurFtrNurFt6Qbi/kT+lYdvU5ocERY2o1xbojI401UcfL3PQ7aax7h0O3Hqm3Vi2+VNurFtrNur
+FtrNurFtpILOrE7ty9Lpu/ZAhwuKTelYdvVJJ6CgjcVlOWS5CH3QaG6dL9prHuHQ7ceqbWsW3yS4
+DVOdzG9WPaG2Ka4O0RcG6p7uY3qx7Q2xTXB2iLg3VOdzG9WPaG2Ka4O0UjeYV0TZvdZzUZh6Jzy6
+kbOUIuA1T3cxrG8NHdB4dp0SGzaDsUJWlczffyJHi1hVhs65Wa1apzw1Hv3rmtQN+4RNtVI/mNWP
+aG2KDw7TyJNx6YPVTbumD1U2vTB60fHfuERbpDS7RMjDaS7umHd0SC7ermPuhK4ITe6BB0pJtPUN
+nVFsCl3dMO7yMtpWU1ZTVlNWU1NaG6Isae5WU1ZTVlNWU1NaG6IsDtVlNWU1ZTVlNTWhulSAdUYR
+6LJKyT7oRNC0qWNPcrKaspqymrKagwN06ZI7dx5DXFpuEDzC6Iv2WU1ZTVlNWU1ZTVbtZZTVlNWU
+1ZTVlNQFuwRY13crKaspqymrKagwN0+Gudyi6c4u1oIR6rJaskLJ/wAp0bm1hPp8gTa0j3DqeLOp
+D6/IE26gNu6a8O6HyBqJutUxvKLfID2c4RBGtedw9VmO90XE0a0u0TGBvyEQDqjCPRZRXIUIyUIf
+coRNH89//8QAPBEAAQIEAgkCAwYEBwEAAAAAAQIDAAQQERJRBRMUICEiMTIzMEFCYKFQUmGBseEV
+NNHwIyU1QHGRwYL/2gAIAQIBAT8B+QekTemmWeVrmP0h+fmJg3Ur/qJTTTzPK9zD6xLzbM0LtH5F
+nNKMSnL1VlE1pB+b4LPDLcSpSDiSbGJTTik8syL/AIw082+nG2bj5BddSyguL6CJzTDr/K1yp+vo
+MvuS6sbRtGjtKbWdWtPN9P2+QJjSiZWZ1Lg5YmtFMzY10qbfpDzLjCsDgsd5KSo2SIlNCKVzzPAZ
+Q9pOWkU6qVFz9P3j+OTf4f8AX2/pg3nV/l+kSs49Jqu2fyhmalNKI1bg45f0ic0M4zzscw+u5KaI
+emOZfKmC5JaIGFPFX1/aJvST83wJsnL5B0t/Oufl+gp04iJPTTjXI/zD6/vDsrKaUTrGzxz/AKiP
+4LNazB7ZwiVktFp1jpur++gic0y6/wArPKPr8h6W/nXPy/Qbjbi2lYmzYwH17Dr/AHw3/O0OOLdV
+jcNzu6v7f0v/ADq/y/QboP8AlP8A872o+39NptNk5gbqFf5Nf8P/AHe2b7Tl2AoY1RYdIeYBGJPp
+T0gidTx4KHvEzKuyqsLo3B/ov9/e3GmXH1YGxcxIaHSwQ4/xV9PtRHaKqFlEek60h5OBwXETmhFo
+55fiMveCCk2NB/ov9/eoBfgIk9CuO8z/ACj6/tDEu1LJwNC32rLuYk2yo64G039WakGJsc445+8T
+WiJiX4p5h+H9IS2f4PhOX/t4ldEzEzxIwj8YlNHsSnYOOf2k00XDwhLDafaFMNq9odb1arUBI4iN
+pczhSio3P+9sfXwkxYj1CkjrvWJixolJUbCEICBYVm7XHq2ix9TZF5wJQ+5hMshPXjASB0hTKlOE
+JhEshPXjAAHSi2kL6w40WzYw3LKXxPCEsoT7VWwhcONls2O63Kk8VwltCOgqppCuohyWKeKapllK
+F4EofcwmVQOsBIT0ETIs5DUsVcVQlCUdtH2BbEmrbCnOPtCWEJ9qqbSrqIQwltWIQ+5q08IafLfA
+wZtPsIsuYVGyLzgSg9zCGkI6Q52GiU4zhEbIvOBKZmEsNp9oUkFOGG5dS/whEuhMdKLYQuHGy2bH
+1ypKepgKCulbXoVpHUwCD0q63rE23GWdXxPWhISLmFTf3RCZv7wgG/EUmWbc6aNdg3FNYnMR3pdn
+FzKq5NW4IhE0r4oBBFxR5vWJgi3Ckp3Hcc7DRjyDeK0jqYBB6Vdb1ibelrnM4llKUk3rMuFNkiiV
+FBuISrGMQq+6sqKaJWUG4hKsacVXBZZFJVu5xmsy5iVhyrKqunDQi4sYWnCoiA6scAYllqVfEa9I
+eeLnAdIl3gnlVHWH3wkYU9YSnEQIAsLCkyrCi2dZRfAprNJsrFnRK1J7TGtczq72GgJBuI1zmcNE
+lAJq4+pdELKDcQhWNOKrwwuEelKdhrN94rKm7dZjyGssbt1mPIaNJwIAqZVZ43jZF5xsi84ZZU2q
+5rNCy6SnvWactybst5BWb9qyx/xKzY5QajrV7xnca7BvSvjrMeQ+lKdlZrvrKdlZjyGsr2VmPIYS
+LqA37gRjTnGNOcTRBIINJP4qzffuy3krNjlBrLC7lZs9BVPUVe8Z3G+wb0r2VmfIfSleysz5KynZ
+WY8hrK9lZnyGG+8VX2G0YifQk/irN9+6DhNxDaw4Lii040lMKSUmxpLN4RiNXV6xV6t94q/4zuN9
+g3pTsrM+Q+lK9lZnyGsr2VmPIayvZWZ8hgcDHWqhhJHoSfxVm+/ebcLZuISoLGIUW2lzuhLCE8aE
+gcTD7+PlT03Gu8Vf8Z3G+wb0p2VmfIfSlfHWY8hrK9lZnyGsr46zPkNJdeJFZpuxxjc6wiV5ebrC
+0FBsaSg4E1m+/eYY+JdFTDaeEbS3nBmm4VN/dELcUvu3Wu8Vf8Z3G+wb0p2msz5D6KW1L6CG0YEh
+NXmVrWSBC21N90JQpfaIbRq04avMrWu4ELbU33QlCl9ohtGrThq8yta7gQttTfdDDmrVx6VIvwML
+lPuGNlXAlFe5htlLfSj7usPDpCUKV0EMo1aLVmGlrVdMLaWgXVuMJxOAGihcWhUs4OkatY9t/rEu
+yoKxKq6kqQQI2dzKCLGxhtlThgCwtXZ3MoUkoNjASVcBDDerTxq8yta7gQtpaBdXoMeMbs58MSvj
+3Zz4YlO07s58NGZjDyqgEK4jdUtKBdUOvlzgOlJbxjdm+zcYVhcF97Ak+0GXbPtCpT7phSCg2VRj
+yDeV5fz3pjymJbx7s32egJhwCwjaXM42lzONpczjaXM4W4pzuhLy0CwjaXM42lzONpczjaXM4W4p
+zuhDq2xZMbS5nG0uZxtLmcbS5nC3FOd1UrUjthM2fiEbWn3EGbHsIVNLPSCSeJql5aBYRtLmcbS5
+nG0uZxtLmcLdWsWVusPk8ivQWgLFjC0lCsJhKik3EbS5nG0uZxtLmcbS5nG0uZxiN8UbS5nG0uZx
+tLmcbS5nG0uZwpRWbmEvLQLCNpczjaXM42lzONpczhbq1iyvs1tsuGwhDaWxYR0gzar8BG1rygTZ
+9xAmx7iEPIX0rNjiD8gSo5L0fNmzvMqKkAmk2eg+QJXsoRiFjDjKm/8AjcaYUvr0gAAWEE24mHV6
+xV/kBl3VH8ISoKFxUtIPtGobygNoT0FFuJb6w68XP+PkJK1I4phM2fiECZSY1ggvpEGbHsIVMOKj
+r/vf/8QATBAAAQIDAgUOCAwGAwEAAAAAAQIDAAQREBITITFBUQUgIiMzUmFxcpOxssHRFDAyQnSB
+kaFDUFNgYmNzg6LC4fAkNDWCkvEVQGSj/9oACAEBAAY/AvmDjgpZ21enNFVuHiGICAl3bkcOWKtr
+qd6cvzFKRtjm9EbNVEbwZNYFJJSRnEBMwL434yxfbUFp4PmCpxfkp0QUt7U3wZT4i82soPBGDWgh
+zfJGL5gFlxNW6DGM0YaUUkE5vNMXHElCuHXUAqdAi/MnBp3ueMFKICjwZP1jKj/H4/e9XRF5tXGn
+MYwbqQHN6eyCpnbW9GcawKVtTekxdQMI974oo3UbxPzBe9XRaEvbajTnjCNKCXNI7RFygu7+uKAt
+5V9zh7BBS1tTfvPzDf4+zWXkKKVaRGHrs8FWvDSCpaipRzn5iPero1v3fzFVwga31fm12T4zVqfI
+rwak7q6MvEIwilqLmW+TjhuUnnS9LLN0LXjUg8ejxW9cGRUXXU04cx1h/fn6y42kqVoEBx/ZrzJz
+D40mVL8suqJ9tsm4vy1soUeOnirjiQpPDBXL7Yne54ocRsP78+0Ke2pGjPF1pF0fGrjwT/DTCr6V
+cOcWNy7YNzK4vepgJTiSBQeM2aaL34yxUDCo3yYpwV/FFaYJG+VFUi8vfq+Mry9sfXubIz/pBJm1
+sJ3jGwp2wFJnnXBvXjfB9sJmLtxwG44jQbFMzDSXmlZUrFYvYJwDehw0jAyrKWW9Cc//AHNmoJ4z
+FA+2eJY1uzcQnjMbB1CuJXidsmmW+U4BG1zDTnJWD4u8tQQnSo0i61NMuq0IcB122vtt8tYEbXMt
+L5KwbHpp7yG014+CHJp9VVrPsGi3VEnc7yKceOvZrKXh7fE7Y6hvlKpFG5hpZ+isHxmxlpo8YT3x
+tMgpXLcpBS2pEoj6oY/bF915bi98tVTEi5NPF2ZKKYJONZoSOyClpfgTO9a8r/KCtxanFnzlGpsB
+ln1XB8ErGg+qMIja3kbo0T5P6QpmTAnHxnrsE+vPBws2tKPk2tim0XH1OtZ2nTUfpGGZ2KxiW0cq
+TrFLWoIQnGVHIIUzqYgOn5dzyfUIPhM244D5taJ9lo8Hm3AkeYo3k+wwljVBIlnjkdHkHutflzLz
+KltLKDQJpUeuNpkFq5blIKWA3KJ0oFVe0xemH3Hj9YqsUJqW3lJx+o9sKltTrrzwxKePkp4tMYSa
+fW+v6Rsakp1wuy7huoWvKg91qmWR4VNDKkHYp4zBwk0ppHybOxFo8GmnWqZgrF7IblZi5dSq8VIF
+CvjhKHBWXaGEc4eCA9LKTKTAFPJ2Koo9My7belFVHohlspcLalZUiqlK0mNhKTCuVQdsHweRbb4X
+F3u6P4qYKkZm04k+yNTvSG+sLHZt4KU23SoRly0jYysyeO73wcBqf63HOyKKmSwjeMbH9YbmQ4rC
+JUFXq4zBbZPhkxvWzsRxmCPCDLt7xjY+/LBUolROc2C48Xmc7LpqP0jDMYlDEts5Unx+0Szr/wBm
+gqi6+y4yrQ4kptVcWpN4XTQ5RZeZlH3U6UNkxcebW0verTQ2tTAO11uup0pgEYwbFLWQlKRUk5oL
+DBKJBBxD5ThNiGWGy66vEEpgKm5xLKt42m974UqTnA6ofBuJu19cLbcSULQaKScxsTqXNLr8gs9W
+zVL0hzrHWP6nsVQt928pz6NBisoRQjNa2VeVdFYOp0mu6+Rtrg8waBw2pf1RcUwlWMMo8r16IKpB
+5aHhkQ6apMLadSUOINFJOawPUvML2DqeCEOtKC21i8lQziyQTpWo+7Wam+kt9YWT3EnrDXXmZR91
+OlDZMXHW1NL3qxQ2tP1OCOxdTpTAIxg+J/p7US7cqylhJZvEJ4zbMTM00HUM0CEqyEn9++KJAA0C
+Fy8wi8k5DnSdIh+Vc8tpRSbZaeW0JmYcF685jCeIWKl5lsKByKzpOkQ/KueW0op47ZBwmpwKQTxY
+rEamtKop0X3ab3RaJ5xP8RMZCfNRazNpFBMJ2XKH6UsQ42bq0G8k6DEtNJ+FQCRoOeFuuSLa3Fm8
+pRzmJDwSXSxfv3rufybUoQCpSjQAZ4TMTKQ5PH1hvgEf8hJN33aUdbTlVwwUrSUqGUGGpmZaLUm2
+b2zG6cAiYmlYw0gqpphx51V5xZvKPDYlbibzcunC+vN++C1ifQKYbYOcYye7otfk1muAVVPEf16b
+EeFy6X7lbt7NDqhINAhJNupvpLfWFimH0BxpWVJzx/T2onmmk3G0OqSlIzWpW4nwuZ37gxDiFimJ
+lsKGZWdJ0iH5Vzy2lXa6eG2QcOMhFz2YuzxUv6MOsq2ZP/oPVFrih8I2lZ6Oy2T4L/XNsyd+lKvw
+2yfBfH4zZNzNapUuieSMQtbZRKTIQ2kJGJPfH8rM/h74/lZn8PfDTTLLzbjbl6q6ZKcdqmj8C8QO
+LL32amfefltc1Tc2WCVg20/SpjPvtqUgnTSxwb9xKffXst1ROeiO21xRytuJUPbTttmkZixX8Q77
+Zk/Vq6LdTvt0dOs1S9IX1tc4R57aVH2U7LZblL6x8Uz6MnrKtdOmYV0JtZ9HT1lWy3KX1jafsk2y
+/KX1onHvk2VK92v2KCriEYpd0/2GMUo/zZifbfYcZFUKThEkVy2al/e/ltf9JPVTrXCPg3Eq7O22
+YYPwrVRxg/ratJyuOJSOnstnpimIJDYPv7LZw6GV9Fup32ydZql6S51jrkfYJ6Tazy19Pim/R09K
+rRwuqtZ9HT1lWy/KX02/cp7bWOWvpjVL0dfRbJYVIW1hkXkqyEVjYSjCOS2BGJpA/tjEka7Uz7z8
+tr/pJ6qda9LuirbqSkw5KvjGPJVmUNNkvNt41NKrTSM4huZl132lixEowq8xL5VDIpdgSkFSiaAD
+PDTCt2Vs3OVbqif/ADudU26n/ajWaoekOdY65r0dPWVazy19Pik/YJ6Ta19orptb9HT0qtY5a+m3
+7lPbaxy19MPNHI4gp9sFKhRQxEWVGIiJaZHwrYV4jU0cDn5bX/ST1U67BO7Fwbm6MqTDss8KONmh
+pYVSj5QD5SDjSfVBacmMG2cqWhdrYltpCnHFYglIqTCZ2eAM35jfyf66zVL0dfRbqf8Aaayf9Ic6
+x1zHow6yrWeWvp8UoaGki1jlL6baaGUjptY5a+m1XA0m1nlr6bJgUo28cKj15ffW06mOqo4iqmuE
+ZxrFOOKCEJFSpRxCG/AADJtHZXhuvdCZmWVVJypOVJ0GySazpaKvaf0tf9JPVTrlyOpzl1AxOPpy
+ngFgeblrjasYLigmsYpQL4nU98bJtprlud0Azs5/YwO090UlGAg51nGo+vW6on6ki3U/7Ts1k99u
+vra6VP1H5jazy19PiVeEzTaFgVwdar9kTE5duBw4knMMgtYlpl5SHklVQEE54d8DcLmCpeqkjL/q
+L03MIaNKhFdkeIRMTd0pSs7FJzAYha1LTLykOpUokBBOeHfA3C5gqXqpIy/6i9NvpaqKhOc8QiYn
+LpQlw7FJzAYha3LTLykOhSjQIJzw74G4XMFS9VJGX/UX2U1mpfZI+kM4tS42ooWk1Ck5RARqhLl1
+Q+FZyn1RXBTXFcHfH8NJOrV9aQnvij7l1nMy3iTASkFSjiAGeFPPk+FPDZIriSNHHBTMzbbSwK3C
+cfsh2ZRia8huugWusTbpQ4p4rACCcVB3QpiUdUtxKb5BQRi/Z1kyts3XF0bB4/0sZeKA4G1hVxWR
+VM0DDFyUVoWmo90bDVCW4i4BGwdQvkqrrlOOrDbaRUqUaAQuQk3MOpwi+tPkgZbZSYfN1ptVVGlY
+/mF80qGn2zVtxIWk8BhVVpfmfNZQcfr0Q68rEpxRUacNv8wvmlQial1XmV1oSKZ6QXZl5DKBnUYw
+raLjLYuIrlPDa3LTLykOhSjQIJzwpiUdUtwJvkFBGL9nxGqB+tKfZi1uqn3X5ocG8bSnt7dbqp91
++aJZOYS4P4la3VT7r81i5zU6iXzjWzkC+EcMKaebU04nKlQodbgpVlTq+DIOMwJh+j87p81HF32T
+fAEdUa1/0ZXWTrJgNi8tujlOLL7tdtU2+3yHCIFJwugZnQFQEz8ri+UY7jGFlHkupz0yjjFk/wAS
+esNc2sYinU8H/wCeukv7+uYmAfNSgD/HWv8AoyusnxDr7jbhcdUVq2w5TG5O84Y3J3nDG5O84Y3J
+3nDD3giVJwtL15Vcn+4cmphCy6ulaLpmpG5O84Y3J3nDG5O84Y3J3nDD3giVJwtL15Vcn+4S/NIW
+pxKbguqpi/ZjcnecMbk7zhjcnecMbk7zhh7wRKk4Wl68quT/AHbcm5dLug5x64rKTimhvXU3vfGw
+mJVQ4SodkbdOso5AKu6AqYW5Nq0HYp90BqXaQy2PNQKWrmphCy6ulaLpmpG5O84Y3J3nDG5O84Y3
+J3nDCn5VC0uKTcN5dcX7Gtd1QlHENM5VMLNP8e7xCJiWXcWMozKGgwzNtYgsYxoOcQ5KvglpzLQ0
+z1jcnecMbk7zhjcnecMbk7zhjcnecMeA0OAwWBpXHdpSNyd5wxuTvOGNyd5wxuTvOGNyd5ww3Ky4
+IaRWlTXPWFzUwhZdXStF0jcnecMbk7zhjcnecMbk7zhhT8qhaXFJubJdcX7HxaX3dms4m2x5xjCz
+Tld6geSnihKEiqlGgEI8KmXy9TZYIgDojFMzQ4ynujatUFp5bde2NpnWXD9NJT3wVvy9Wh8K3sk2
+z0qciSlwevEegfMBLVdg00KDjs1PSvycJX2YxrSCKg5jE4wwKNJViGiorSyfd826lPT8wK79pJsb
+ebN1xtQUk8MJF8MzfnMqPRp1im5daZqcyBKTVKeMwt51V9xZvKUc5hLbaStxRoEjPDbBoXlbN0jf
+fMAXSETbW5rOTiMKYmGlNOpypVbtc/MJGjCEiP6g7BD84+6k+apwkWXJVgrGdeRI9cYVZD84fhMy
+eL5hYObYS8MxOUcRisnOKa+g6m974N96XVxKPdBSSnFAuOMiu+J7oBmJ1pv7NJV3QFOIXNr+uOL2
+QENoS2gZEpFAP+7/AP/EACsQAQABAgQFBAIDAQEAAAAAAAERACEQMUFRYXGBkaEgscHwMNFg4fFQ
+QP/aAAgBAQABPyH+AgygDNajgdp661kPGR+wrqoFb1161BFqWB0/gsmOO5c3SlXDLP8Ab0ZeEkhK
+8eyuZrQFY10fwGfiCWEtJLdtd5/AF3x1c6Yo41D57fwDm+kpcNSs8VIfQpmMaeoDc9gJWijUMXy2
+peD6+6/wBCbhR8atdDmeQo11yZ4qua4T/assYwcLu8intg3hnrdKVdi2Drv/AAFTzfYwGGSzUW0e
+n+6dasZ9A9n7J70aTTTLRdhwnzadKz/gXgPZ6B5lksNdvK6nes+MiS/wQY5/s+nNcR5j1cn/AFIT
+E32/HJd94j49N48R/wBm3fljL11tOLV0XXFnvNG68nJZcXNl+IJLH/reFSivT2D6PK9AulaFQzjc
+fJv/ANTWeV3VOIToEu4r+JutaUkg5s8vLelAIWR0w8rACgCV0KkG95/VQmajq83/AKrb5x8h358y
+8nCOioPLWee1BNBBsH5GTsVn+1MvBrfqUs0Xl7lIC4V9jWhTdtx6bf8ASDWcyIeN24qUQWyQ6j3N
+SMhKngM3igiHgZDtwRHDTgQhqPPvUz80WzeQut1zXi/+wiR9yKkT9kfNDPoYhXhlKwvsT+FKEtve
+mm4e+5D+DLFUOaAVxGpPw+pGE/oTTEJ/UvWdPtnpqtBxWCtGVmmkOBjchMOl7Xobp7fhF9ovdXC5
+znh/IHwiqdfty8QaeGul5p8RQ4nyT3GlSJKZ0HY3NT2ywuTjm7RWZCBSdXAbrMV+xtenUVleFvxW
+9W0BJuvpl3p4RakXCDPrNKqW7g4m27OcJv0VNnMr/eNn0ByCVgN1oQLsh/Y5vmnL/LM28YtX+uAC
+rXzE3+M/1oZJMsErO8okMbbUFddy9o06DfTB4q5j5lffSMuYVwoDbqQNtueOdL94Jg5GR0oYZLND
+3w1Lsr66L5YlEtoZfc4HipWDq+3d6rSqVZXVwRR8j/1NI3fEoC2aOxVqUBsG3U+JqWdbFmZSGTxo
+1qk3SEPenw4IUFLcDSgL19eagZnRniFLRJsPoz61fhUc30EXIslN6P4QPlS4EbTvA+alkHg+/wC1
+TOrA7Dq1ZKrZg+uU0mk8rT5O9X8JKSuACNzJzhr0UQbPv/m2fzgqUWWM7FGXokaPRxzgLLEmY7mA
+xz0/3CtRlSu04pLnAZPn2zOVOVAkTXByLFoAZrWyNwqPFsfOC9qhpWltDOeOpPahCNJ2YH4p0hCb
+hmYK2tub21/Hbb1aJxgC0jI4sdudBLBdpy5EKLmAqEYTWszgnNFawTO6dhb6HhZZbtBLBdoaWWW3
+ifCO1C66w8DMSc6TKwm6MHEiQM2eZxKDaHIEycP8HYfv0X/gGLlmnI/3CnopeT2nEGzUTJM+pmcq
+dsBImp+H6D+6OubJlinxjHMfczUqawBQaV2AgKBsHJ4JNGs+EreMnrnjYEDsmcsi0Z50AICCgUNl
+c8aNXuUr4PUvjII0GqJe2CmpYWUrdSeOOI0YZJfQDnn22xnlGQNknu7MF6mhzBkahyAE6DoyU6qc
+hKMrnV7653JZ7uJkWHypyCgN/Mv9k3aBRqLZWR3YtHAp2jwOEeVGmrlFFwNt2hegDc0OrBS4G06p
+lwnwDBLMw82cUH8LW1dzZGJBCKfSe3QODnepzRPsUPEY3tbnjAuJgQK308GTyV9B/dE3y0AHLEup
+Xb67Jzu0AILFKyBbOeNKu9pQ0adRDiihkS53v4qQNsXg1aHb9uJwR1pGJfl5DFED+qHxism8sBe9
+JUy/QhiWgLLAEFP8mj/JojWknC4Jbk7Y++IYHufSvCKG2UD0ARzcSZ7kguDF61iC2w/OMapRNn9C
+x1it8wfljwIbyxP12T0Tzh+WOQxIaHjRxER2D8QsYOLU8XxiY42MOcUDHE+fFTw/eVEOYccG+vzJ
+DXhQ/RWavl+ulyRjJQYk4H4pbgdMnynEtnfELsu2LbQLbo4zBXHwrL2d8eKS88TP0r+hzjNkMYON
+jP2m/wDE54eJTjd+3qUKfpX45H1vi+430GB9XiCkhEmDkTlQYMMj4avBgKyEcj1Z/wAHb22gvZKv
+sGYeDGBsQPaOoKUVCSEzHUdkwF3NmXGccsurgE8wUqcgqJRmZu06EHTGL8xsQT6Gc4sZDExxfyxI
+p4eIwcRcU3DxL7jfj9nji+430dxI+iKfw1Ro4GUUSJpWQ4mbKXO/4ORk/CbuTu0H9o3KM9d9I8Tg
+4OyeQdSvfOoqGjva5+cHCDdw4FWkFOYcbv7PR9E58RPJ+z6HK4hkMTD7/lfT7pUvziI4vvcfuKlf
+OP1G/GC7Xwvzj9pvwca9LhjBDHy9e/MGXk8PRb9+QG600WQonfxG3nasvTOcwb4Axvg6H4bdlj1m
+7quhx191llu1EYFnDcG9J/Su4rwqr8qhFjWjGzeR3SV+np+qJtiJ+jN6FLfWWOQxj3BPyOh4tOZG
+1t6ipCzLiEnQxSoIbXaXDauTya3RnzVmUAJD3GmiShFxHgMbZIgMpLhXJ5Nboz5qLpkXePYu1CQD
+IuI8BigoxYzIuFcnk1ujPmrPMwGf9DJxONJDDZwPf5yE3KE9MWjmuCeT0oW0PM1e7HhPFImiZsHn
+u86S+YHKnICoCbRcG2PF247JbF+S9GAiACHeebL1xu2cgI9DdUhFtgJDNNx6FTwHYScKcbsAcMeo
+Jlwa0ySp6TO3OKhBS5LOzXgoPUsbJMG60SfTjSQnVUMuOLXYUKBDoV9I+Kn5eBEhJ71YpFlU+xQU
+AKyCpxIfsdqWVesTCVniNEZGWH2NaMcA+ZWX6xYEcsZkXCkIvsBIZpwfgu/MfQcvVN3Z6Nb1Eo6A
+HX9HrmM02+43NPB93YFCwdPSd16h1cg61P2PYn+v6jBDOQDvfP4YbnECNRfs9RgAmXwzXGlqnNSf
+NR07l+3ettVrF2zDB1FrXc/UisIJuesejknBBB+X8sF1UQAKS+/pSSSS4k7k7o91XAvriwFuQelJ
+JJLjTuTuj3UOoKKYK/L0pJJJcadyd0e7GyB2Ujli5STbyDoI+a54S52nUF9Ps6AjmaTdLvNZLFBj
+xjfE+uLAW5HpSSSSdsFEEkfh6EkhuVMT2Qrx6/Rt+B8qfIA1K1rGczt0GonTRmWAvzPUkkkkkTEH
+3A+XqSSSSStRHZl0r81qD3xMLAFuR6UkkkmbBSgkj8P+aVEuah+M3aZMjsx2HznTYjAZq5FThiEB
+XYlUjzgqL2N9opu7Q9hooLPJBzi51jFIPHZ/gAP9QuiMlfbtgBIw37h8gekGxoQkSg3Gp5QEOSxg
+mOxl6Kq+PP8AAEVlh/J8YcKeChkq2tcsV32scq1HAMdy9s+VOJXzBM6Ceo2VOlFMy0JWnIIOn8Ah
+aRc434T4rLVIPJuccBhkzoYDGTA6NqAjsR+qz9udkJjAtK0OdXk6Z0ZI0LOgfnP+BQE3IRyy5SUk
+3sHZHzUMAa1crEosv6pMcJKhYR0tvWggBefZoO80M4YCBwD/ANv/2gAMAwEAAgADAAAAEJJJJJJJ
+JJJJJJJJJJJJJJJJJJJJJJJJJJ8J5JJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJO/+0ZJJJJJJJJJ
+JJJJJJJJJJJJJJJJJJJJJJOr/wD/AL8kkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkC3/wD005JJJJJJ
+JJJJJJJJJJJJJJJJJJJJJJJJIWZ+mf5JJJJJJJJJJJJJJJJJJJJJJJJJJJJJJD1hVJ/5JJJJJJJJ
+JJJJJJJJJJJJJJJJJJJJJJN/wh/+ZJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJF/wD3/wD/AJJJJJJJ
+JJJJJJJJJJJJJJJJJJJJJJJJP/8A7/8AtkkkkkkkkkkkkkkkkkkkkkkkkkiMkkkkx/5/+Ekkkkkk
+kkkkkkkkkkkkkkkkkkkWykkkkiV56ykkkkkkkkkkkkkkkkkkkkkkkkkkGokkkkkg+bkkkkkkkkkk
+kkkkkkkkkkkkkkhS0fUkkkkkkgkkkkgk1EkzkkkgXkkkgkwkkhY62kg0kkElckkkkk+8Nep+Wtkm
+42tEar3qUhKzQXKZ8PORhyckkkk22xm1223ExwcecW2qWWiVWzsO2c222W2Ekkkkn2Yp2sp2cexk
+eZM2L9r28l2cP2kce0i2xkkkkn2cn2Ui2w2y/wDt5dvJodtIdvI9vJNtJHtJJJJIdhJdpJtv9ttt
+AJNrJIdjINhINhJPtJLs5JJJJdtIdvJtu9oOJJJtrJIvoAtTINtJHtJDt5JJJIdnJdnItmTlJJJI
+trJJAdJnpI9nJHtJPt5JJJJNnItvJNnJsZJxpNrJJEoOZJItrJLtJLt5JJJCNg8Ng1Np4s9DCUNm
+pIME/JJHNjDBtPJtvJJJFtthtsltsoNttrBtt5JdtspTFttptttNtnJJJO23Q22S22ZDxC5A23ZI
+HtttpY22w223G27JJJJJJJJJJJJJJJJJJJJJIJW9FsJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJI9p
+JJ9pJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJsFIGvZJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJIXlic
+NJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJLUeK5JJJJJJJJJJJJJP/8QAKhEBAAEDAwIGAgMBAQAA
+AAAAAQAQETEhQWEgcTBRgaGxwWDwUJHRQOH/2gAIAQMBAT8Q/AQVYXZauybvTb1/qWPOV1X1fjEu
+/wB69NvT+ppwmzkfX9fwWzFzO/Y3+OYTe55mr/56dCYhHZ1Jf0u82PR29ztFzVz9efp+A+oGNoQe
+o4Ox9vt4FjUc/Xl6Q0G+VbPp5/P4AMtLnRw28nZ9u0uPIb7P9P27ChE8v3TqcLYN2Oo823oZfjvA
+Dxz8DA/bTj/t/PkP0ZTIps7nZ+sRup85j0fpzLR9y9dvX+5mt4bhMHd/y7Aj+36DPc/3DTkLPp5e
+n9/gIt6nyoglmXF+Pd/nppxADnyuP09OInqL8Nb/AB63jnzRbH6be0sP0r039f6Jj8C9s/LoWgTZ
+mDbVuL4/qDSBsfgh39T5dOLx+L/guyfJHvf76dGcj8/5kMt+XXvfWCR9PCdAXMn2c/M1NPM3O50Y
+OgqMG7CnVcu728j37fymXvV3C+EQcHl+6y2/NHfy+O0AiXGmChQXcS4d12f76aczXjex2Nv5VbbD
+RbW3iq2veZj/AM9IOJxv04fZ4h2B3D4whHDPtwfPEdtY8rHr5+v8kTdm+2m5wKRAWZwwGw/7bnVf
+wUGWCOPEA4epQzLjQmUVFW/g8W4S4+JxMdqMZpFG6xOWswehFVdaYJl9E0jUzMtUM3JdXQxD0a5m
+1cazaVquQ6R2ieVJlV6AG9Y7dXolyvppqzebdq5dLkTO4Jqpoy71RTm042LDJJ7wobKcTBhvtu0U
+LpoxqzfbRV1abhc/4BBiLzALVFMUFLgxWhLVQ3boRbFEdhF3Tz8RVml32Ke46EbM0S2j0c+reLww
+2sRWaa84giXKPSdHvDwELqDFKyVc3bwuBDQLVNIYoYg7LaoTZdaGWh2W1XdHypbW71G+y1sgb0FV
+yWobxZuwbYtUFbEI3cx/PxEbMABoS9LaIlaa47VsIa3VbUwq8fIV1dyiAszgQiBXWstDIKi2reHh
+Yu1c3eotVhqbOus0uzUAsDOJnEyxgrcs8qfdUG66ctfoqLur1FXHXnfudQtVh8LB2qLequLtXD+7
+1+CuGO49YnBOFnO/qAEFqfZXN3/zpF3W0qnZlTUyda949WDtXD4WDtXHXF2rhrg7Vwz2jWxvecAY
+Jbr+z6rm7/50gEY15SyiAaB2uCgXbEsdSs3HWvePVg7Vw+Fg7Vw1wdq4a4O1cMS5aJZs0xLB5vA+
+yubv/nVbTHZUy6G2vagKsTkHR7R697x6sXauHwvgrhrg7Vw1+CuGl+5rfuZOhQ1ZY8muB6iubv8A
+51Lembe0T2gkHdCrDp9h173j1Yq4fBzaXmo0msu10zCXOo0msu10IupeajSay7XTD5Kiq5LBYzQ3
+llomnuIF9Cak5Zk1prZirUW8asuhGSisPlMs2g2BLnUoF2Our3qRYJy/MEAkJ1zFc+avL8wDsQBd
+QNLBU0msasvAV+m+j7i9nT9H3HpOOn6PunPYisnSxYTUXVo9fTm7f50IwdQOFNym2YbdeAnYPH11
+fo7x36ebt/ngLlScM4Zwzhl3sjtjWcM4Zwzhl3sjVxOGcM4Zwy72VNsIrK0dtIb0ZzWACwVdsazh
+nDOGcMauOkQtbwQBgIBuxOGcM4Zwzhlh5E4ZwzhnDOGGdiOWNZwzhnDOGNXH8ad5FbwCtiWepvOZ
+jtMXtGoJpW8P4ASk4oBvdRMFDl+AfBRECG6Z6ALGrEV2AqxLH+AC5IrYVMCjZZovomq5fwI2wisr
+RPciGkwyRYbReBbH/b//xAArEQABAgMHBAIDAQEAAAAAAAABABEQITEgQVFhcbHwgaHB0TCRUGDh
+8UD/2gAIAQIBAT8Q/QSQDlOPR6Ot/T7Cf/DUEgH1uXKZAZ9zrf1nmp/pvFCNRwfooAuyl2pu3yR8
+sMKQ649bA2UChEimxowV6i/oxyKEQyYecDkf0GlwOWD7I+X+41N2g+z8D/Jb6ih6oryAXgE9XtLO
+79ANZoAXFQTiLxpPVMskZyq+qHjXovLzPBoRpaBjCTQCZTaXKV6mg6T0TVoMKDmalp1K5f6/PkAN
+3gVMY1Kh6eRNBQwxqviXqeIT+5g3PfSeSIILGLfqhEzoPJbqj0OjMtTQMpZBHTlhTqanbL9BngAE
+kCMQgoBm3OMWOZR+GMKvDFjgUDSxqybSr5N1vQ2FiGZfsa3XlO2s3ut3SeaJJLn9GACjQXgtzRTU
+cd1N0VEkvPO1lv58Gs6fdmHi0z8/mYPHizPFiHeLTsPybAZXBAQYJI8CxF3xD4wDwOIUn3A3HQ8O
+IsVbERLJcOS1KLEBTAuez23/ACgACGAiIBQE/EXgkuPO6fS5yjTHfVHA2IqDWFWEhgDkpnPk3uMZ
+5JkkO51NT+VEMzPZAiKtyr8lJdwJfa/QujJHmhPrV9OE+gm496HBnmroKnqwzQF3MaZ/nT8kxqLy
+ht45z/iATZpJEe9IFXGKktsCcy5/7ACaJi6yATREEVHwiiBRrB8YBNFQhFoUARFUQE6xQHG1mfN7
+DfCCNAiKo+TId/SL4+lPpiBMAAQVGD9FMZmfpAWBhALLPG9XXLiroXdD5O1nEBRjiLJ0AksEAcbK
+9USj/jiFmeO8Q0SGOvpF0efSmJk85eqdBU68BCRLGF6AMDQIIbEVEZ4klLcc5qkKHFGn+KNijIK/
+gIUTieaoETfsELwO/pDeMKi543rtztA4ahWQ7+kX+ax0c5/xFTFMjJn6Vxuc0AAYQE0Y4j/gLnGE
+NSp0YOkSDHECbAHVBXJ4iLeu1iASWCGF+7QOCsEAFvsQCW+hAEUDAElr7h2YsAFTA7wBBDiFUaoM
+tK7P+RATD5oIsLjugIjgwkwqKIhEqiAzMrHbnaHPpaLMAdQgrk8RFvXfFmUdDecRJLPWA6eaEG8i
+EBYCD20IAXxEKxMHKgKaxIyMt0TkK7zABqBRDNyBAlgjM4zeYkgHKKUNyCvSuKBAODJEpHLsjDb0
+MVAQKwrJ0iQk3TERiD/Qg4yHQMRPEm0zB9DFZlEcctGTgsMBBzaCAL46pbz+IJmfgR7DyYkYNxMR
+bpbCLCMHiDdPYWUSRIJ6+lkO/pZDv6R0QEERmuI/kK+nzEwAL5mLmAP1to09fiJAIF7x6kjSj2Ng
+W0xaIlmBMdtsPiq6+BE3EZDzGrr4EdtsI19T4jttlnQRbNYVkPtZf7CBqNaQ8HmNHTybJMObxdwJ
+3/yJAkXPEba5jMLOPa2O3G1qvr4Edlt8VfXwI19BGrr4EdttGvr6jstl343iZBamOyNUSnNvweY0
+dPJsnBWCCYQyF6IhsRA56h2gSAHKfbt2kQcOY3j2djtxtaq6+BHZbfFX18COy2jX18CO22jX19R2
+WyJg4IEA4gQ4Yo5W4/B4PMaOnk2vs4EI0DAdIj7A5zgBJGC4w9juxvbfYja1V18COy2+IO4x220a
++vqOy2iHcY7LaDHiJc6RJchrrYAJMEIlfdkTjgYZ4Ro6eTaCwFoPcCLi5yQLVnQoCjnoi0+znlE3
+J7IvriPPrY7EbWikZx2W3w31bfaysjLrSvGCZmM6OM4mmI9fCV4wTMxnRxnE04Inr4SvCZmM6z0r
+EAkDhOF+gVPaX3/EYZQ0n6UyBziiQA5QW6CDuYooDrUxCwOGyxKZQw6WAUhX6g5uZwisj8zRrj+k
+QRUWgCTATQQJgI1myuYhENUClAMMUIQ3R5iEQjmEYZcorRTMTV8JXhMoYdPgBh2fJ4QM7Emz5PCC
+dn4s+TxBiKOOCGOOLLyGV0G7WAN1t7NHXwbAiKKWjXD9BYW0V993tNQYwB7WDmDw9ra7BCwamzR1
+8H4BIkhkFxALiAXEAuIBNjnZDp5DJcQC4gFxALiATY52ToJLiAXEAuIBcQCbHO0TDkyBDOdkGZnb
+2g6vPtSFgRVxzEdPLRcQC4gFxALiATqJWSoA5x9+/gJxoquEB1wuIBcQC4gFxALiARJjO64gFxAL
+iAXEAuIBGNcp8ctFxALiAXEAuIBOol+N+5yaD1RIAkp4abP/AFZDv7QdHn2izNHX/EVYp4GIxi5f
+X6AMFeJgQsWqjEBfd+gG56+oDJSKMzD4rBVwbiiEgSCAJJIJ9u3afoBZsyqnMuI1MVzuqQjpAM59
+L0famD3+hGHGQMnOyu89vaBA7Kvg86obz8KlgLaIkk5/7f/EACsQAQABAgUDBAIDAQEBAAAAAAER
+ACEQMUFRYXGBkSAwocGx8FBg0fHhQP/aAAgBAQABPxD+ghEaUQButQDK0WH/AEytzQAMkUjSBqbs
+vNLhRtYHx+jcqAIE+Y/sSc/0UoE5I0PxdF3ijhJJsXqauWfQsIpeRuJlU2NsAD4jsh61qQ4LrZMx
+4f6CqxvF8R/ylgS2QODLoeX2DTXNLDYZJw0CcSlA3/1tyZf0CXqtHLCWegyv1qBIbu7xGfjLgrNM
+mWZuOSclvUmqZAjYDOk2mWKZyyPl6VYT85R3zV371/xn+/z7T2SBTPCrU/uZl6VzCzwN1ueme5FS
+SJdFlyGTk8UikSEzHGcNbyo/K9WDrWTzEBnxng8NX2fddGWa622D+gyPiw0JEGRG40FZUJW+rbvv
+zTnCSOC7Wp62eaUMC87u43cR/tQBpJCvw9XLcq9JWm0cj4eTSqVZXNf6EY9Ar+dlUO5Swylzi50M
+t0UsQpWT09H8/EeX0s6n/wCv6nW8fyiBYFlK/t2bjudnpInNz549XJ/kwHAbgIeEEgvLAkMvEuZA
+5LM8zTwRupISryMJKFxAR9lWBQIm2xr+HkVzHMVw31PzvHo/Q4ejLEfKersctqWlkvD6K1Hjrn/K
+Sz7pJrNyuOegJQlzuvtZtxyydxzHkvSJRlZT+H560xsUOFbJh+hwwcs6AJV2qZC3I2+j+d+KHaDF
+33S7/KqGigr6h0CA2IyYoMEqLVuOUiQaqaShKSlyBAeD3CRwxBDadnD8Uiw7iEHlO0nNPWTixoMf
+BTj0usFPL8DmrTGgB9IdO6/yRvZoNGveJzhfIFqdi58Ww8u5RgsRraoaB5DslITGVRhlN0A2mJUc
+AAAQMLJhyRuJc0q9aZ8TlWg7ATIAiXMLUX349pQQWJxCt+jflocq6g8FAAiI3E9HAAn/AJaOsOS9
+8PsKAqwGrSk5zSHgoUpZDb5PYUzMdcc0jhB3WKbFDDKPRH1cEeR+RQ5MtD3wqEAjI5JUFxQUMnM1
+AcpT7mkLbZfQLHllVxHnSzKNhzKfbFYJcqtrixYmdo9UkxN9sZYfnP5sVfWcXk2hPcmv0zyVRJ9p
+w8v5KQc6Q84ZLoeSqQFkiZ3EWpiHQUbK3tSTpLajESUglvF+d475V83HLRFcHstZQm4tgneGxpCR
+QYq0trBjgjCUttmPcwXZtbnY2p4eqLJyRHWuacIoyqyrWVDpRuriSTlnM5UHY8EKjJ3IULIOSIYq
+liDJJUWANWk52vII8bruBwKtLeU+zCcULkCeoaWjaQHml4yOMhBIqeV5FigJBRImuBtjuGbJkyUK
+DGhT8e5AztL8lZRm4GalzuC0tkJZJdpMdqaZCQoRiXSKPMVD34DK3yPUCVKqPk5mU8AKQkQZEzKY
+o8FlBXdFILMIgJjwpHGiHNm0toWgYlSMM2ZQ1HLOlSVd3Bq6zLPVr0kaLUE0QERYJWAJhixTb39O
+QO85PCFAACNjoMVIgiNgEYIBEH51ovcVMR2v94SkBmAAaUzdJkJ7lL7PaKjfNO73q9nFETeiZM5P
+NCHvhkE2RoRAGZzS00OzOn1NQC3F9u5Hats9rT3yqOFnFDUwSACkkohCOdQMzYc210mdAt4rN4u0
+idQ8DMHalpFLkbq3XBHagAG0NZYykE5jlSM2ASUZMZq6Fk2RD3lv3AZbM1RWPCLcEYxOJJG25hNy
+CRtYwnSpDnGdwUuKCQIbwDiBiRBkAmavlDdokYj0gSRMDgkWFShyAFmotYSVhYc7rrlZdlXvuVP6
+AlVsAqgUJWJQ2okTvCOWrjRrDMxQl0EE5pnUfcqDEIbiOEvBd+EJUcyBZ5Q7Hq9LCx7CySMixXSR
+wQgUYAJVp1DFQhmI5ODlkSBhHegpScc5ifmaObDbVkjGQRcyEXZojIoyrm0hAowASrRmUBCaETIn
+mb3VapxW0nNgK9RwZ1Fb2o1CJgB4eZAPXyTcktMjUHRkCQ6jgcjeJ6X0TA39iDRxMlQnCCgjwIYH
+JgHEDQ6zLQovPVphktGRI9IhIns/8eqd9ZMuclbwDtjFE5edEbWQNs0SEE8WFA2AsUl68YtOEPDk
+yKUEJHAgms8CBwmIFpwMoJ1iswZCiFqMAAgAgCl5EgFhbNB4cmRSoXgzIANk0IBwmLH2kSyg8y8C
+nshiKO/F4I2xMkOIIW80tnGYlxEjNVhlE7o+9wyNp9iByINDchTJDEvD2KNoXk1I3KrT4v5s2Vy+
+bFopBFUALqqAUdeUUAnR4vIWuxIwDw5GZdzMkEwynjDc7MVcetXSlIaSC62LMJISthdJqxCZ/J3K
+z6j9tJ5cJFxBkoTO0HnEctxiAkX37AOKPV/cyeE+zD/BjTYTP4qI8GSaGj4Y8deE31gb/wATogmh
+GwPav+PVP3sOSgJ0tiX6gK2WdMCWXUMqMAAQAQBStFRhGtm0eHJEYprwoEGcRoIBs4z2SzKZ19o2
+gp7v+BiOqp7vFM2RjUKfg4udKu7pIfnFY2EzZlx8++JMlTTsIfDWVLwpQnQHfdVxP2jQDgHEMWrU
+1rZvqVIyq8sSu5HnReCVrnHKFgl7xTcTkmYY5RXCHRTBHoAm4fYMVuyN0ZfwYhbT7NJU7LviK54y
+hGJoh8VjQnk8N6Is08MfrH4RiE1iGhc8A7Y/qFN9+1IewY80f5uMGo1T4frGAbDjGw1T5P1jGdj8
+v3TSrdZJUdz1jSVv+MK+b70+UVUN2xlbZVMXY3MFYew3HOCCkwr3k4uJmZcwNnU4urfehfDxOaZJ
+ZMTkFejG8MXLo+MN5PEvRMt0xPhGM1jO/H9YueP2oiOzxv0oI/WKnjxuAbFjiObGFPHRCWafsO4j
+PDS0bFkZCNmhiVAAHanx/X6r4Q09St8ex3EDGOxEEjomY6IUgGyyFr06FzREbmE+QicTTI0ujmgv
+Ye4T1EiaJSwS5UvBIk2CQzCQd9GHBNimlUALqqAFXeM3cRJlqFLrdrimQHdbWMV5fE+iY7rjfCMZ
+RuPh+sVP6l/tQvZ/N94zb9ofWMV2fzffqJOen0RIPoATkir80bQIYSYR5EwAeRaFFxHerJezwVOS
+R29iT/1E/wCfZuBfKOLz5YN02QRVly30JqCJrCSGWACNBHmoEmLQiGtDghrEagyx1LHUwlPtRsAX
+aOxONJxdC0LFrXQrcxmG5eT+8Yhz+g5ITG+EYvCWu8T9Rv8AaIZleNrYiW7r4/rE4Tdz1ByKTzP0
+h4blmUhRR2IjQjEVZw4nIN1wa2c3odqw8WSosFIBwQxyuSy03mENNOAuAnCCeiQiiOAbXYeRnvLx
+7NyGk50dhsnJN1lBeiMijKrKtG5NVjZJW6igIiTUcCnMZSXL1wVcZKOds8DlS/hshdpUOEHHpJRg
+ZHR/rGIdfoebmxfhGP8AwcE+8f1G/wBkHYkMjokv0UDmKe9NlAxC0wqFpXPEdMcUX8BuK/Gck/Em
+dHKOafJDMDMWdS0hG6UK5LOAhiwoKFpXPPEplJEuwDJK/Cck/EmdHKKZOhCOA3FxCxF6chAkgIYt
+MKhaVzzxExOxFXAZNfhGSfiTOjlFDd4NEIt1BwBqpGBBhEhHB0JDSWRC4lCGyEiNWchA4UxULM53
+Gn5qUwWhflmnpbrVqczLJsiVLdMaRSWVsuoAuqoAUGjLnDugMCWbolLJaAn6ws8wkimGIL1ma75N
+AaKRaWaYj6rnJdljYcUTYCcN2EbDn0E4dKuRC4LKZMOmGVrCoF9Ah4aHUqBw2yXcHQUvaTQ7tKNH
+Ce5M14X1PUoaDzRYKmwu1s8ZSDMBczbFi62xBSArdMsKKH0uWK6NyQWanDHHwLJ51u6DR37/AGYs
+JliXEoGwUdq3yUgCWV9qiNcAnjMToArpSK5Ey1g6KttBE3xBVBxFJIMqIsJOG7CM7HPsOqnOLOQh
+2t9Uu7AUTqcPy7+nNRXSwRNhE/h6c2BBFVEZqqs2owl5GaTMoLHlE+lV2ScQOos2bo4vU74zpKXA
+kuhQMWALNNUo8uR95ezYN6byslAM0Tjj1ZUAQJ0grXAoyf1IGpF6syJfNZm2cabFFxCBitqIXqX0
+nB41M0Ysh8L6lp5iwCidz1fOovFGzqQzu3f3VT9S/BXAyJVvTBBBB+GCMecqb4r2W0BY9Kgggg/H
+BGPOVAZlowuQazc9MEEEH44Ix5yxBo8K7tt0hh1p1kVjqchLA5FzTY0f3uAfNdQXZfCgGdIdRr+K
+srXcEr1YF13buJr+CltAWLPpggggcWVDNyHWbnoBgEIRyam0iZD6JaTlnzk2HrENaRWZyhtpmQgg
+9suqVJHQSdSHWhb0XFIgLln1QQQQQCyxcmya53+qCCCCC6D9o3grtIePJtI0LFj0wQQQMBK5m5Dr
+Nz+NXqlbCTE6JfQN1BDKpJim5typUErQ8UPlaAN1QoTnpXyWToZSpMTBlU9+6+Qq4J2oyVF5Hnv9
+FI3qA+QrHk4p6xTOT+gNX+gKPaki6skezA2wAZH00ZO0DCBCI5jtT/Fd7LgSDQDB7EIZcgDuAno3
+/oDpBIdQcOwMwNKTyZUrziBayjmZ2uahrgoFWAurSfII7IZSLbWTZgyZyrNAlPdyKkeTOVADdaky
+AxIIIdRC63a/0BTnYAFhg3tEOavckW5PEAxomSaBR0cEJEDImZQNqAGDZkeKSox3F8lLHIW6bTsc
+RgRaTFkZnsszCVoNLaZCRS7stl3XyGP6FG8Teg5sBeiUjxECOcgVgci5okkpJVOiIe9OIzDAo7oy
+/VOk3IK4eq29nvTnXgBDG2hxVxIDdAAA6f8A2//Z" style="border:0;display:block;outline:none;text-decoration:none;height:auto;width:100%;font-size:13px;" width="108">
\ No newline at end of file
diff --git a/server/src/templates/email/email_confirmation.html b/server/src/templates/email/email_confirmation.html
new file mode 100644
index 00000000..74cbc154
--- /dev/null
+++ b/server/src/templates/email/email_confirmation.html
@@ -0,0 +1,6 @@
+{% extends "email/components/content.html" %}
+{% block html %}
+  <p>Dear {{ user.username }}, </p> <br>
+  <p>To verify your email address please follow this link:</p>
+  <p><a href="{{ confirm_url }}">{{ confirm_url }}</a></p>
+{% endblock %}
diff --git a/server/src/templates/email/modified_project_access.html b/server/src/templates/email/modified_project_access.html
new file mode 100644
index 00000000..32e46d92
--- /dev/null
+++ b/server/src/templates/email/modified_project_access.html
@@ -0,0 +1,11 @@
+{% extends "email/components/content.html" %}
+{% block html %}
+  <p>Dear {{ user.username }},</p> <br>
+  <p>Your access privileges to Mergin project <b><a href="{{ link }}"> {{ project.namespace }}/{{ project.name }}</a></b> have been modified.</p>
+  <p>You can now
+    {% for item in privileges %}
+    <b>{{ item }}</b>{% if not loop.last %}, {% endif %}
+    {% endfor %}
+    the project.
+  </p>
+{% endblock %}
diff --git a/server/src/templates/email/notification_error.html b/server/src/templates/email/notification_error.html
new file mode 100644
index 00000000..5985b944
--- /dev/null
+++ b/server/src/templates/email/notification_error.html
@@ -0,0 +1,18 @@
+{% extends "email/components/content.html" %}
+{% block html %}
+  <p>Inconsistent webhook event detected.</p>
+  <p>Event ID: {{ event.id }}
+  <p>Event type: {{ event.type }}
+  <p>Status: {{ event.status }}
+  <p>Reason: {{ event.msg }}
+  <p>Account: {{ account }}</p>
+
+  <br>
+  {% if event.source == 'stripe' %}
+    <p>Please check both Stripe and Mergin dashboards to resolve the issue.</p>
+  {% else %}
+    <p> Receipt original transaction id: {{ original_id }} </p>
+    <p>Please check the Mergin dashboard and contact the user to resolve the issue.</p>
+  {% endif %}
+{% endblock %}
+
diff --git a/server/src/templates/email/organisation_invitation.html b/server/src/templates/email/organisation_invitation.html
new file mode 100644
index 00000000..2b735477
--- /dev/null
+++ b/server/src/templates/email/organisation_invitation.html
@@ -0,0 +1,15 @@
+{% extends "email/components/content.html" %}
+{% block html %}
+    <p>Dear {{ username }},</p>
+    <br>
+    <p>You have been invited to join the organisation <b>{{ invitation.org_name }}</b> as
+    {% if invitation.role in ['owner', 'admin'] %}
+      an {{ invitation.role }}.
+    {% else %}
+      a {{ invitation.role }}.
+    {% endif %}
+
+      The invitation will expire on {{ invitation.expire.strftime('%Y-%m-%d %H:%M') }}.
+      You can manage your invitations <a href="{{ link }}">here</a>.
+    </p>
+{% endblock %}
diff --git a/server/src/templates/email/organisation_invitation_revoke.html b/server/src/templates/email/organisation_invitation_revoke.html
new file mode 100644
index 00000000..1e6ae237
--- /dev/null
+++ b/server/src/templates/email/organisation_invitation_revoke.html
@@ -0,0 +1,6 @@
+{% extends "email/components/content.html" %}
+{% block html %}
+  <p>Dear {{ username }},</p>
+  <br>
+  <p>Your invitation to organisation <b>{{ org_name }}</b> has been revoked by its sender.</p>
+{% endblock %}
diff --git a/server/src/templates/email/password_reset.html b/server/src/templates/email/password_reset.html
new file mode 100644
index 00000000..4dba00e2
--- /dev/null
+++ b/server/src/templates/email/password_reset.html
@@ -0,0 +1,6 @@
+{% extends "email/components/content.html" %}
+{% block html %}
+  <p>Dear {{ user.username }},</p> <br>
+  <p>Please follow this link to reset your password:</p>
+  <p><a href="{{ confirm_url }}">{{ confirm_url }}</a></p>
+{% endblock %}
diff --git a/server/src/templates/email/profile_changed.html b/server/src/templates/email/profile_changed.html
new file mode 100644
index 00000000..8307eab8
--- /dev/null
+++ b/server/src/templates/email/profile_changed.html
@@ -0,0 +1,20 @@
+{% extends "email/components/content.html" %}
+{% block html %}
+  <p>Dear {{ user.username }},</p> <br>
+  <p>Your profile has been updated as follows:</p>
+  <p>
+      <ul>
+          {% for key, value in changes.items() %}
+              <li>
+                  <b>{{ key }}</b> :
+                  {{ value['before'] }} &#8594;
+                  {% if value['after'] == None %}
+                      <i>N/A</i>
+                  {% else %}
+                      {{ value['after'] }}
+                  {% endif %}
+              </li>
+          {% endfor %}
+      </ul>
+  </p>
+{% endblock %}
diff --git a/server/src/templates/email/project_access_request.html b/server/src/templates/email/project_access_request.html
new file mode 100644
index 00000000..68ee8fbd
--- /dev/null
+++ b/server/src/templates/email/project_access_request.html
@@ -0,0 +1,7 @@
+{% extends "email/components/content.html" %}
+{% block html %}
+  <p>Dear {{ username }},</p> <br>
+  <p>A user <b>{{ user }}</b> has requested access to the project <b>{{ project_name }}</b>.
+  This request will expire on {{ expire.strftime('%Y-%m-%d %H:%M') }}. You can manage your access requests <a href="{{ link }}">here</a>.
+  </p>
+{% endblock %}
diff --git a/server/src/templates/email/project_transfer_request.html b/server/src/templates/email/project_transfer_request.html
new file mode 100644
index 00000000..6bfb1445
--- /dev/null
+++ b/server/src/templates/email/project_transfer_request.html
@@ -0,0 +1,7 @@
+{% extends "email/components/content.html" %}
+{% block html %}
+  <p>Dear {{ username }},</p> <br>
+  <p>A request has been made to transfer the project <b>{{ project_name }}</b> from namespace {{ namespace_from }} to namespace {{ namescape_to }}.
+  This project transfer request will expire on {{ expire.strftime('%Y-%m-%d %H:%M') }}. You can manage your projects transfers <a href="{{ link }}">here</a>.
+  </p>
+{% endblock %}
diff --git a/server/src/templates/email/removed_project.html b/server/src/templates/email/removed_project.html
new file mode 100644
index 00000000..d230a692
--- /dev/null
+++ b/server/src/templates/email/removed_project.html
@@ -0,0 +1,5 @@
+{% extends "email/components/content.html" %}
+{% block html %}
+  <p>Dear {{ username }},</p> <br>
+  <p>Project <b>{{ project.namespace }}/{{ project.name }}</b> which you had access to has now been removed.</p>
+{% endblock %}
diff --git a/server/src/templates/email/removed_project_access.html b/server/src/templates/email/removed_project_access.html
new file mode 100644
index 00000000..deb8731b
--- /dev/null
+++ b/server/src/templates/email/removed_project_access.html
@@ -0,0 +1,5 @@
+{% extends "email/components/content.html" %}
+{% block html %}
+  <p>Dear {{ user.username }},</p> <br>
+  <p>Your access to the Mergin project <b>{{ project.namespace }}/{{ project.name }}</b> has been removed.</p>
+{% endblock %}
diff --git a/server/src/templates/email/simple_template.html b/server/src/templates/email/simple_template.html
new file mode 100644
index 00000000..08c3a1ad
--- /dev/null
+++ b/server/src/templates/email/simple_template.html
@@ -0,0 +1,5 @@
+{% extends "email/components/content.html" %}
+{% block html %}
+  <p>Dear {{ username }},</p> <br>
+  <p>{{ message }}</p>
+{% endblock %}
diff --git a/server/src/templates/email/user_registration.html b/server/src/templates/email/user_registration.html
new file mode 100644
index 00000000..67aad4b1
--- /dev/null
+++ b/server/src/templates/email/user_registration.html
@@ -0,0 +1,6 @@
+{% extends "email/components/content.html" %}
+{% block html %}
+  <p>Dear {{ user.username }}, </p> <br>
+  <p>Thank you! You have successfully registered with Mergin. To verify your email address please follow this link:</p>
+  <p><a href="{{ confirm_url }}">{{ confirm_url }}</a></p>
+{% endblock %}
diff --git a/server/src/templates/email/welcome_email.html b/server/src/templates/email/welcome_email.html
new file mode 100644
index 00000000..7b024a0b
--- /dev/null
+++ b/server/src/templates/email/welcome_email.html
@@ -0,0 +1,16 @@
+{% extends "email/components/content.html" %}
+{% block html %}
+  <p>
+    Not sure where to start? Have a look on our quick start guide:
+    <a href="https://help.cloudmergin.com/quick-start.html"> https://help.cloudmergin.com/quick-start.html</a>
+  </p> <br>
+  <p>
+    <a href="https://help.cloudmergin.com/faq.html">
+      https://help.cloudmergin.com/faq.html
+    </a> <br>
+    For some of the common questions, see: <br>
+    <a href="https://help.inputapp.io/faq">
+      https://help.inputapp.io/faq
+    </a>
+  </p>
+{% endblock %}
\ No newline at end of file
diff --git a/server/src/util.py b/server/src/util.py
new file mode 100644
index 00000000..eb3e861b
--- /dev/null
+++ b/server/src/util.py
@@ -0,0 +1,236 @@
+import datetime
+import math
+import os
+import re
+import six
+import typing
+from pathvalidate import sanitize_filename
+
+
+def _deserialize(data, klass):
+    """Deserializes dict, list, str into an object.
+
+    :param data: dict, list or str.
+    :param klass: class literal, or string of class name.
+
+    :return: object.
+    """
+    if data is None:
+        return None
+
+    if klass in six.integer_types or klass in (float, str, bool):
+        return _deserialize_primitive(data, klass)
+    elif klass == object:
+        return _deserialize_object(data)
+    elif klass == datetime.date:
+        return deserialize_date(data)
+    elif klass == datetime.datetime:
+        return deserialize_datetime(data)
+    elif type(klass) == typing.GenericMeta:
+        if klass.__extra__ == list:
+            return _deserialize_list(data, klass.__args__[0])
+        if klass.__extra__ == dict:
+            return _deserialize_dict(data, klass.__args__[1])
+    else:
+        return deserialize_model(data, klass)
+
+
+def _deserialize_primitive(data, klass):
+    """Deserializes to primitive type.
+
+    :param data: data to deserialize.
+    :param klass: class literal.
+
+    :return: int, long, float, str, bool.
+    :rtype: int | long | float | str | bool
+    """
+    try:
+        value = klass(data)
+    except UnicodeEncodeError:
+        value = six.u(data)
+    except TypeError:
+        value = data
+    return value
+
+
+def _deserialize_object(value):
+    """Return a original value.
+
+    :return: object.
+    """
+    return value
+
+
+def deserialize_date(string):
+    """Deserializes string to date.
+
+    :param string: str.
+    :type string: str
+    :return: date.
+    :rtype: date
+    """
+    try:
+        from dateutil.parser import parse
+        return parse(string).date()
+    except ImportError:
+        return string
+
+
+def deserialize_datetime(string):
+    """Deserializes string to datetime.
+
+    The string should be in iso8601 datetime format.
+
+    :param string: str.
+    :type string: str
+    :return: datetime.
+    :rtype: datetime
+    """
+    try:
+        from dateutil.parser import parse
+        return parse(string)
+    except ImportError:
+        return string
+
+
+def deserialize_model(data, klass):
+    """Deserializes list or dict to model.
+
+    :param data: dict, list.
+    :type data: dict | list
+    :param klass: class literal.
+    :return: model object.
+    """
+    instance = klass()
+
+    if not instance.swagger_types:
+        return data
+
+    for attr, attr_type in six.iteritems(instance.swagger_types):
+        if data is not None \
+                and instance.attribute_map[attr] in data \
+                and isinstance(data, (list, dict)):
+            value = data[instance.attribute_map[attr]]
+            setattr(instance, attr, _deserialize(value, attr_type))
+
+    return instance
+
+
+def _deserialize_list(data, boxed_type):
+    """Deserializes a list and its elements.
+
+    :param data: list to deserialize.
+    :type data: list
+    :param boxed_type: class literal.
+
+    :return: deserialized list.
+    :rtype: list
+    """
+    return [_deserialize(sub_data, boxed_type)
+            for sub_data in data]
+
+
+def _deserialize_dict(data, boxed_type):
+    """Deserializes a dict and its elements.
+
+    :param data: dict to deserialize.
+    :type data: dict
+    :param boxed_type: class literal.
+
+    :return: deserialized dict.
+    :rtype: dict
+    """
+    return {k: _deserialize(v, boxed_type)
+            for k, v in six.iteritems(data)}
+
+
+def get_byte_string(size_bytes):
+    """ Return string of size_bytes in string
+
+    :param size_bytes: size_bytes to string.
+    :type size_bytes: int
+
+    :return: size bytes in string.
+    :rtype: str
+    """
+
+    if size_bytes == 0:
+        return "0B"
+    size_name = ("B", "KB", "MB", "GB", "TB", "PB", "EB", "ZB", "YB")
+    i = int(math.floor(math.log(size_bytes, 1024)))
+    power = math.pow(1024, i)
+    size = round(size_bytes / power, 2)
+    return "%s %s" % (size, size_name[i])
+
+
+def convert_byte(size_bytes, unit):
+    """ Convert byte into other unit
+
+    :param size_bytes: size_bytes to target.
+    :type size_bytes: int
+
+    :param unit: target unit .
+    :type unit: str
+
+    :return: size in target unit.
+    :rtype: float
+    """
+
+    if size_bytes == 0:
+        return "0B"
+    units = ["B", "KB", "MB", "GB", "TB", "PB", "EB", "ZB", "YB"]
+    i = 0
+    try:
+        i = units.index(unit.upper())
+    except ValueError:
+        pass
+    if i > 0:
+        power = math.pow(1024, i)
+        size_bytes = round(size_bytes / power, 2)
+    return size_bytes
+
+
+def is_name_allowed(string):
+    """ Check if string is just has whitelisted character
+
+    :param string: string to be checked.
+    :type string: str
+
+    :return: boolean of has just whitelisted character
+    :rtype: bool
+    """
+    return re.match('^[\w ._\-~()\'!*:@,;]+$', string)
+
+
+def mergin_secure_filename(filename):
+    """ Change filename to be secured filename
+
+    :param filename: string to be checked.
+    :type filename: str
+
+    :return: secured filename
+    :rtype: str
+    """
+    filename = os.path.normpath(filename)
+    return os.path.join(*[sanitize_filename(path, replacement_text="_") for path in filename.split(os.sep)])
+
+
+def get_path_from_files(files, path, is_diff=False):
+    """ Get path from files between getting sanitized or mergin_secure_filename
+
+    :param files: list of files
+    :type files: list
+
+    :param path: path that will be checked
+    :type path: str
+
+    :return: secured filename
+    :rtype: str
+    """
+    for file in files:
+        if file['path'] == path:
+            if is_diff:
+                return file['diff']['sanitized_path'] if 'sanitized_path' in file else file['diff']['path']
+            else:
+                return file['sanitized_path'] if 'sanitized_path' in file else file['path']
+    return mergin_secure_filename(path)
diff --git a/server/src/webhooks/__init__.py b/server/src/webhooks/__init__.py
new file mode 100644
index 00000000..13b28cd2
--- /dev/null
+++ b/server/src/webhooks/__init__.py
@@ -0,0 +1,4 @@
+# Copyright (C) 2019 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+from .webhook import Webhook, WebhookManager
\ No newline at end of file
diff --git a/server/src/webhooks/webhook.py b/server/src/webhooks/webhook.py
new file mode 100644
index 00000000..d73dd61e
--- /dev/null
+++ b/server/src/webhooks/webhook.py
@@ -0,0 +1,82 @@
+# Copyright (C) 2019 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+import requests
+import logging
+from urllib.parse import urlparse
+import json
+import functools
+from blinker import Namespace
+import concurrent.futures
+
+
+def is_valid_url(url):
+    parsed = urlparse(url)
+    return parsed.scheme and parsed.netloc
+
+
+class Webhook:
+    """
+    Base class for using web hook.
+
+    Please note you want either subclass and override data format as desired
+    by target service or make sure you pass them correctly.
+    """
+    def __init__(self, name, url):
+        self.name = name
+        self.url = url
+
+    def format_data(self, data):
+        return data  # to be overwritten
+
+    def request(self, data):
+        return requests.post(self.url, data=json.dumps(data), headers={'Content-Type': 'application/json'})
+
+    def send(self, sender, **kwargs):
+        if not is_valid_url(self.url):
+            logging.warning(f'Invalid url {self.url}, webhook {self.name} from sender {sender} failed: {str(kwargs)}')
+            return
+        data = kwargs.get('msg', '')
+        msg = self.format_data(data)
+        with concurrent.futures.ThreadPoolExecutor() as executor:
+            future = executor.submit(self.request, msg)
+            resp = future.result()
+            if not resp.ok:
+                logging.warning(f'Webhook {self.name} from sender {sender} failed: {resp.text}')
+            return resp
+
+
+class WebhookManager:
+    """ Base class to handle (blinker) signals connected to Webhook handlers. """
+    def __init__(self):
+        self.signals = Namespace()
+
+    def check_signal(func):
+        @functools.wraps(func)
+        def wrapper(self, *args, **kwargs):
+            if args[0] not in self.signals:
+                return
+            return func(self, *args, **kwargs)
+        return wrapper
+
+    def register_signal(self, signal):
+        self.signals.signal(signal)
+
+    @check_signal
+    def remove_signal(self, signal):
+        self.signals.pop(signal)
+
+    @check_signal
+    def connect_handler(self, signal, handler):
+        if isinstance(handler, Webhook):
+            self.signals[signal].connect(handler.send, weak=False)
+
+    @check_signal
+    def disconnect_handler(self, signal, handler):
+        self.signals[signal].disconnect(handler.send)
+
+    @check_signal
+    def emit_signal(self, signal, sender, **kwargs):
+        return self.signals[signal].send(sender, **kwargs)
+
+    check_signal = staticmethod(check_signal)
diff --git a/server/swagger.yaml b/server/swagger.yaml
new file mode 100644
index 00000000..68896e33
--- /dev/null
+++ b/server/swagger.yaml
@@ -0,0 +1,1372 @@
+swagger: '2.0'
+info:
+  description: Mergin API to synchronize your GIS data.
+  version: '0.6'
+  title: Mergin API
+basePath: /v1
+tags:
+  - name: project
+    description: Mergin project
+schemes:
+  - https
+  - http
+
+definitions:
+  Project:
+    type: object
+    required:
+      - name
+    properties:
+      name:
+        type: string
+        example: mergin
+      created:
+        type: string
+        format: date-time
+        example: '2018-11-30T08:47:58.636074Z'
+  FileInfo:
+    type: object
+    required:
+      - path
+      - size
+      - checksum
+    properties:
+      path:
+        type: string
+        example: media/favicon.ico
+      checksum:
+        description: sha1 hash
+        type: string
+        example: '9adb76bf81a34880209040ffe5ee262a090b62ab'
+      # will be removed in future
+      mtime:
+        type: string
+        format: date-time
+        example: '2018-11-30T08:47:58.636074Z'
+      size:
+        type: integer
+        format: int64
+        example: 1024
+  HistoryFileInfo:
+    type: object
+    properties:
+      path:
+        type: string
+        example: data/survey.gpkg
+      checksum:
+        description: sha1 hash
+        type: string
+        example: '9adb76bf81a34880209040ffe5ee262a090b62ab'
+      mtime:
+        type: string
+        format: date-time
+        example: '2019-01-30T08:47:58.636074Z'
+      size:
+        type: integer
+        format: int64
+        example: 102450086
+      history:
+        type: object
+        additionalProperties:
+          type: object
+          $ref: '#/definitions/UpdateFileInfo'
+  UploadFileInfo:
+      allOf:
+        - $ref: '#/definitions/FileInfo'
+        - type: object
+          properties:
+            chunks:
+              type: array
+              items:
+                type: string
+                example: "d17a60eb-6581-431c-adfc-3451231455bb"
+  UpdateFileInfo:
+    allOf:
+      - $ref: '#/definitions/UploadFileInfo'
+      - type: object
+        properties:
+          diff:
+            type: object
+            required:
+              - path
+              - checksum
+            properties:
+              path:
+                type: string
+                description: unique diff filename
+                example: 'survey.gpkg-diff-15eqn2q'
+              checksum:
+                type: string
+                example: '45dfdfbf81a34asdf209040ffe5fasdf2a090bfa'
+              size:
+                type: integer
+                example: 512
+  ProjectListItem:
+    allOf:
+      - $ref: '#/definitions/Project'
+      - type: object
+        properties:
+          name:
+            type: string
+            example: mergin
+          namespace:
+            type: string
+            example: mergin
+          creator:
+            type: integer
+            example: 1
+            description: project creator ID
+          disk_usage:
+            type: integer
+            example: 25324373
+            description: project size in bytes
+          permissions:
+            type: object
+            properties:
+              delete:
+                type: boolean
+                example: false
+              update:
+                type: boolean
+                example: false
+              upload:
+                type: boolean
+                example: true
+          tags:
+            type: array
+            items:
+              $ref: '#/definitions/MerginTag'
+          updated:
+            type: string
+            format: date-time
+            example: '2018-11-30T08:47:58.636074Z'
+            description: last modified
+          version:
+            type: string
+            example: 'v2'
+            description: last project version
+          uploads:
+            type: array
+            items:
+              type: string
+              example: "669b838e-a30b-4338-b2b6-3da144742a82"
+              description: uuid for ongoing upload
+          access:
+            $ref: '#/definitions/Access'
+  ProjectDetail:
+    allOf:
+      - $ref: '#/definitions/ProjectListItem'
+      - type: object
+        properties:
+          files:
+            type: array
+            items:
+              allOf:
+                - $ref: '#/definitions/FileInfo'
+                - $ref: '#/definitions/HistoryFileInfo'
+  MerginTag:
+    type: string
+    enum: &MERGIN_TAG
+      - valid_qgis
+      - mappin_use
+      - input_use
+  PaginatedProjects:
+    type: object
+    properties:
+      projects:
+        type: array
+        items:
+          $ref: '#/definitions/ProjectListItem'
+      count:
+        type: integer
+  Access:
+    type: object
+    properties:
+      owners:
+        type: array
+        items:
+          type: integer
+        example: []
+      writers:
+        type: array
+        items:
+          type: integer
+        example: []
+      readers:
+        type: array
+        items:
+          type: integer
+      ownersnames:
+        type: array
+        items:
+          type: string
+        example: []
+      writersnames:
+        type: array
+        items:
+          type: string
+        example: []
+      readersnames:
+        type: array
+        items:
+          type: string
+        example: []
+      public:
+        type: boolean
+        example: true
+  ProjectVersion:
+    type: object
+    properties:
+      name:
+        type: string
+        example: 'v_1'
+      author:
+        type: string
+        example: 'mergin'
+      created:
+        type: string
+        format: date-time
+        example: '2018-11-30T08:47:58.636074Z'
+      changes:
+        type: object
+        properties:
+          added:
+            type: array
+            items:
+              type: string
+              example: media/favicon.ico
+          removed:
+            type: array
+            items:
+              type: string
+            example: []
+          updated:
+            type: array
+            items:
+              type: string
+            example: []
+          renamed:
+            type: array
+            items:
+              type: string
+            example: []
+      project:
+        type: object
+        properties:
+          name:
+            type: string
+            example: 'test'
+          namespace:
+            type: string
+            example: 'mergin'
+      user_agent:
+        type: string
+        example: 'Python-client/0.5.3 Plugin/2020.5.2 QGIS/3.14.0 (Linux/Ubuntu)'
+      changesets:
+        type: object
+        additionalProperties:
+          type: object
+          properties:
+            sumamary:
+              type: object
+            size:
+              type: integer
+  UserDetail:
+    type: object
+    properties:
+      id:
+        type: integer
+        format: int64
+        example: 1
+      username:
+        type: string
+        example: 'johnny'
+      disk_usage:
+        type: integer
+        format: int64
+        example: 64052
+      storage_limit:
+        type: integer
+        format: int64
+        example: 104857600
+
+  LoginResponse:
+    allOf:
+      - $ref: '#/definitions/UserDetail'
+      - type: object
+        properties:
+          token:
+            type: string
+            example: '.eJyrVkrNTczMUbJSyk0sSk7NccgpLSlKTM7PKy7NKcnMS9dLztcrzVbSUSotTi2Kz0xRsjKCsPMSc1PhupRqAbKNGXw.XMvndw.XeJ1F7ch2zQvNVEz_zvIPgj4iWY'
+          exipre:
+            type: string
+            format: date-time
+            example: '2019-05-04T14:21:56.695035Z'
+  GeodiffChangeset:
+    type: object
+    properties:
+      changes:
+        type: array
+        items:
+          type: object
+          properties:
+            column:
+             type: integer
+            new:
+              type: string
+            old:
+              type: string
+          example:
+            column: 1
+            new: 'Point (-0.5031055901 0.1639751553)'
+            old: 'null'
+      table:
+        type: string
+        example: trees
+      type:
+        type: string
+        example: 'insert'
+paths:
+  /project/paginated:
+    get:
+      tags:
+        - project
+      summary: List mergin projects.
+      description: Returns limited list of projects, optionally filtered by tags, search query, username.
+      operationId: get_paginated_projects
+      produces:
+        - application/json
+      parameters:
+        - name: page
+          in: query
+          description: page number
+          required: true
+          type: integer
+          format: int64
+        - name: order_params
+          in: query
+          description: sorting fields e.g. name_asc,updated_desc
+          required: false
+          type: string
+        - name: order_by
+          in: query
+          description: order by field
+          required: false
+          type: string
+        - name: descending
+          in: query
+          description: order of sorting
+          required: false
+          type: boolean
+        - name: per_page
+          in: query
+          description: number of results per page
+          required: true
+          type: integer
+          maximum: 100
+          format: int64
+        - name: namespace
+          in: query
+          description: filter projects with namespaces like a namespace
+          required: false
+          type: string
+        - name: only_namespace
+          in: query
+          description: Filter namespace equality to in contrast with namespace attribute which is determinated to search (like)
+          required: false
+          type: string
+        - name: name
+          in: query
+          description: filter projects with names like a name or namespaces like a name
+          required: false
+          type: string
+        - name: user
+          in: query
+          description: Username for 'flag' filter. If not provided, it means user executing request.
+          required: false
+          type: string
+        - name: last_updated_in
+          in: query
+          description: for filter projects by days from last update
+          required: false
+          type: integer
+        - name: flag
+          in: query
+          description: Predefined filter flag.
+          required: false
+          type: string
+          enum:
+            - created
+            - shared
+        - name: as_admin
+          in: query
+          description: User access as admin
+          required: false
+          type: boolean
+        - name: public
+          in: query
+          description: should return any public project
+          required: false
+          type: boolean
+        - name: only_public
+          in: query
+          description: should return only public projects
+          required: false
+          type: boolean
+      responses:
+        '200':
+          description: Success.
+          schema:
+            type: object
+            $ref: '#/definitions/PaginatedProjects'
+        '400':
+          $ref: '#/responses/BadStatusResp'
+        '401':
+          $ref: '#/responses/UnauthorizedError'
+        '404':
+          $ref: '#/responses/NotFoundResp'
+      x-swagger-router-controller: src.controllers.project_controller
+  /project:
+    get:
+      tags:
+        - project
+      summary: List mergin projects.
+      description: Returns limited list of projects, optionally filtered by tags, search query, username.
+      operationId: get_projects
+      produces:
+        - application/json
+      parameters:
+        - name: tags
+          in: query
+          description: Filter by mergin tags.
+          required: false
+          type: array
+          items:
+            type: string
+            enum: *MERGIN_TAG
+        - name: q
+          in: query
+          description: Search query string.
+          required: false
+          type: string
+        - name: user
+          in: query
+          description: Username for 'flag' filter. If not provided, it means user executing request.
+          required: false
+          type: string
+        - name: flag
+          in: query
+          description: Predefined filter flag.
+          required: false
+          type: string
+          enum:
+            - created
+            - shared
+        - name: limit
+          in: query
+          description: Maximum number of returned projects.
+          required: false
+          type: integer
+          minimum: 1
+      responses:
+        '200':
+          description: Success.
+          schema:
+            type: array
+            items:
+              $ref: '#/definitions/ProjectListItem'
+        '400':
+          $ref: '#/responses/BadStatusResp'
+        '401':
+          $ref: '#/responses/UnauthorizedError'
+        '404':
+          $ref: '#/responses/NotFoundResp'
+      x-swagger-router-controller: src.controllers.project_controller
+  '/project/{namespace}':
+    post:
+      tags:
+        - project
+      summary: Add a new mergin project.
+      description: Add new project to database and create empty project directory. Project name is project dir at the same time.
+      operationId: add_project
+      consumes:
+        - application/json
+      produces:
+        - application/json
+      parameters:
+        - name: namespace
+          in: path
+          description: Namespace for project to look into.
+          required: true
+          type: string
+        - in: body
+          name: project
+          description: Project object that needs to be added to the database.
+          required: true
+          schema:
+            type: object
+            required:
+              - name
+            properties:
+              name:
+                type: string
+                example: mergin
+              public:
+                type: boolean
+                example: true
+              template:
+                type: string
+                example: Template
+      responses:
+        '200':
+          $ref: '#/responses/Success'
+        '401':
+          $ref: '#/responses/UnauthorizedError'
+        '405':
+          description: Invalid input
+        '422':
+          $ref: '#/responses/InvalidDataResp'
+      x-swagger-router-controller: src.controllers.project_controller
+  '/project/{namespace}/{project_name}':
+    get:
+      tags:
+        - project
+      summary: Find project by name.
+      description: Returns a single project of specified version with details about files including history for versioned files (diffs) if needed.
+      operationId: get_project
+      produces:
+        - application/json
+      parameters:
+        - name: project_name
+          in: path
+          description: Name of project to return.
+          required: true
+          type: string
+        - name: namespace
+          in: path
+          description: Namespace for project to look into.
+          required: true
+          type: string
+        - name: since
+          in: query
+          description: Version to look up diff files history from.
+          required: false
+          type: string
+        - name: version
+          in: query
+          description: Project version.
+          required: false
+          type: string
+      responses:
+        '200':
+          description: Success.
+          schema:
+            $ref: '#/definitions/ProjectDetail'
+        '400':
+          $ref: '#/responses/BadStatusResp'
+        '401':
+          $ref: '#/responses/UnauthorizedError'
+        '404':
+          $ref: '#/responses/NotFoundResp'
+      x-swagger-router-controller: src.controllers.project_controller
+    put:
+     tags:
+       - project
+     summary: Update an existing project.
+     description: Updates 'public' flag and access list for project.
+     operationId: update_project
+     consumes:
+       - application/json
+     produces:
+       - application/json
+     parameters:
+       - name: project_name
+         in: path
+         description: Name of project that need to be updated.
+         required: true
+         type: string
+       - name: namespace
+         in: path
+         description: Namespace for project to look into.
+         required: true
+         type: string
+       - in: body
+         name: data
+         description: Data to be updated.
+         required: true
+         schema:
+           type: object
+           properties:
+             access:
+               type: object
+               $ref: '#/definitions/Access'
+     responses:
+       '200':
+         $ref: '#/responses/Success'
+       '400':
+         $ref: '#/responses/BadStatusResp'
+       '403':
+         $ref: '#/responses/Forbidden'
+       '404':
+         $ref: '#/responses/NotFoundResp'
+       '405':
+         description: Validation exception.
+     x-swagger-router-controller: src.controllers.project_controller
+    delete:
+      tags:
+        - project
+      summary: Delete a project.
+      description: Remove project from database and project directory with all files.
+      operationId: delete_project
+      produces:
+        - application/json
+      parameters:
+        - name: project_name
+          in: path
+          description: Name of project to delete.
+          required: true
+          type: string
+        - name: namespace
+          in: path
+          description: Namespace for project to look into.
+          required: true
+          type: string
+      responses:
+        '200':
+          $ref: '#/responses/Success'
+        '400':
+          $ref: '#/responses/BadStatusResp'
+        '401':
+          $ref: '#/responses/UnauthorizedError'
+        '404':
+          $ref: '#/responses/NotFoundResp'
+      x-swagger-router-controller: src.controllers.project_controller
+  '/project/by_names':
+    post:
+      tags:
+        - project
+      summary: Find projects by name.
+      description: Returns list of requested projects
+      operationId: get_projects_by_names
+      produces:
+        - application/json
+      parameters:
+        - in: body
+          name: data
+          description: List of requested projects.
+          required: false
+          schema:
+            type: object
+            properties:
+              projects:
+                type: array
+                items:
+                  type: string
+            example:
+              projects: [mergin_namespace/project_name]
+      responses:
+        '200':
+          description: Success.
+          schema:
+            type: object
+            additionalProperties:
+                type: object
+                $ref: '#/definitions/ProjectListItem'
+        '400':
+          $ref: '#/responses/BadStatusResp'
+        '404':
+          $ref: '#/responses/NotFoundResp'
+      x-swagger-router-controller: src.controllers.project_controller
+  '/project/by_uuids':
+    get:
+      tags:
+        - project
+      summary: Find projects by ids.
+      description: Returns list of requested projects
+      operationId: get_projects_by_uuids
+      produces:
+        - application/json
+      parameters:
+        - in: query
+          name: uuids
+          description: List of requested projects uuids.
+          required: true
+          type: string
+      responses:
+        '200':
+          description: Success.
+          schema:
+            type: object
+            additionalProperties:
+              type: object
+              $ref: '#/definitions/ProjectListItem'
+        '400':
+          $ref: '#/responses/BadStatusResp'
+      x-swagger-router-controller: src.controllers.project_controller
+  '/project/version/{namespace}/{project_name}':
+    get:
+      tags:
+        - project
+      summary: Get versions (history) of project.
+      description: Returns a list of project versions with changes information.
+      operationId: get_project_versions
+      produces:
+        - application/json
+      parameters:
+        - name: project_name
+          in: path
+          description: Name of project to return versions for.
+          required: true
+          type: string
+        - name: namespace
+          in: path
+          description: Namespace for project to look into.
+          required: true
+          type: string
+        - name: version_id
+          in: query
+          required: false
+          type: string
+      responses:
+        '200':
+          description: Success.
+          schema:
+            type: array
+            items:
+              $ref: '#/definitions/ProjectVersion'
+        '400':
+          $ref: '#/responses/BadStatusResp'
+        '403':
+          $ref: '#/responses/Forbidden'
+        '404':
+          $ref: '#/responses/NotFoundResp'
+      x-swagger-router-controller: src.controllers.project_controller
+  '/project/download/{namespace}/{project_name}':
+    get:
+      tags:
+        - project
+      summary: Download dir for single project.
+      description: Download whole project folder as zip file or produces stream to parse.
+      operationId: download_project
+      produces:
+        - application/zip
+        - multipart/form-data
+      parameters:
+        - name: project_name
+          in: path
+          description: Name of project to download.
+          required: true
+          type: string
+        - name: namespace
+          in: path
+          description: Namespace for project to look into.
+          required: true
+          type: string
+        - name: format
+          in: query
+          description: Output format (only zip available).
+          required: false
+          type: string
+          enum:
+            - zip
+        - name: version
+          in: query
+          description: Version tag.
+          required: false
+          type: string
+      responses:
+        '200':
+          $ref: '#/responses/Success'
+        '400':
+          $ref: '#/responses/BadStatusResp'
+        '401':
+          $ref: '#/responses/UnauthorizedError'
+        '404':
+          $ref: '#/responses/NotFoundResp'
+        '422':
+          $ref: '#/responses/InvalidDataResp'
+      x-swagger-router-controller: src.controllers.project_controller
+  '/project/raw/{namespace}/{project_name}':
+    get:
+      tags:
+        - project
+      summary: Download project file
+      description: Download individual file or it's diff file from project.
+      operationId: download_project_file
+      produces:
+        - application/octet-stream
+      parameters:
+        - name: project_name
+          in: path
+          description: Project name.
+          required: true
+          type: string
+        - name: namespace
+          in: path
+          description: Namespace for project to look into.
+          required: true
+          type: string
+        - name: file
+          in: query
+          description: Path to file.
+          required: true
+          type: string
+        - name: version
+          in: query
+          description: Version tag.
+          required: false
+          type: string
+        - name: diff
+          in: query
+          description: Ask for diff file instead of full one.
+          required: false
+          type: boolean
+      responses:
+        '200':
+          $ref: '#/responses/Success'
+        '400':
+          $ref: '#/responses/BadStatusResp'
+        '401':
+          $ref: '#/responses/UnauthorizedError'
+        '404':
+          $ref: '#/responses/NotFoundResp'
+        '422':
+          $ref: '#/responses/InvalidDataResp'
+      x-swagger-router-controller: src.controllers.project_controller
+  /project/push/{namespace}/{project_name}:
+    post:
+      tags:
+       - project
+      summary: Synchronize project data.
+      description: Apply changes in project if no uploads required. Creates upload transaction for added/modified files.
+      operationId: project_push
+      consumes:
+       - application/json
+      produces:
+       - application/json
+      parameters:
+        - name: namespace
+          in: path
+          description: Namespace for project to look into.
+          required: true
+          type: string
+        - name: project_name
+          in: path
+          description: Project name.
+          required: true
+          type: string
+        - in: body
+          name: data
+          required: true
+          description: Description of project changes.
+          schema:
+            type: object
+            required:
+              - version
+              - changes
+            properties:
+              version:
+                type: string
+                example: v1
+              changes:
+                type: object
+                required:
+                  - added
+                  - updated
+                  - renamed
+                  - removed
+                properties:
+                  added:
+                    type: array
+                    items:
+                      $ref: '#/definitions/UploadFileInfo'
+                  updated:
+                    type: array
+                    items:
+                      $ref: '#/definitions/UpdateFileInfo'
+                  renamed:
+                    type: array
+                    items:
+                      $ref: '#/definitions/FileInfo'
+                  removed:
+                    type: array
+                    items:
+                      $ref: '#/definitions/FileInfo'
+      responses:
+        '200':
+          $ref: '#/responses/Success'
+        '400':
+          $ref: '#/responses/BadStatusResp'
+        '401':
+          $ref: '#/responses/UnauthorizedError'
+        '404':
+          $ref: '#/responses/NotFoundResp'
+      x-swagger-router-controller: src.controllers.project_controller
+  /project/clone/{namespace}/{project_name}:
+    post:
+      tags:
+       - project
+      summary: Clone project.
+      description: Clone project to another namespace. Only recent version is copied over and history is lost. Destination namespace and project name are optionally set in query parameters othewise request user is used with the same project name as cloned project.
+      operationId: clone_project
+      consumes:
+        - application/json
+      parameters:
+        - name: namespace
+          in: path
+          description: Namespace for project to look into.
+          required: true
+          type: string
+        - name: project_name
+          in: path
+          description: Project name.
+          required: true
+          type: string
+        - in: body
+          name: destination
+          description: Destination (namespace and project name) where project should be cloned.
+          required: false
+          schema:
+            type: object
+            properties:
+              namespace:
+                type: string
+                example: mergin
+              project:
+                type: string
+                example: mergin
+      responses:
+        '200':
+          $ref: '#/responses/Success'
+        '400':
+          $ref: '#/responses/BadStatusResp'
+        '401':
+          $ref: '#/responses/UnauthorizedError'
+        '403':
+          $ref: '#/responses/Forbidden'
+        '404':
+          $ref: '#/responses/NotFoundResp'
+      x-swagger-router-controller: src.controllers.project_controller
+
+  #not implemented in connexion, going directly to flask endpoint
+#  /project/push/chunk/{transaction_id}/{chunk_id}:
+#    post:
+#      tags:
+#         - project
+#      summary: Upload file chunk as defined in upload transaction.
+#      operationId: chunk_upload
+#      consumes:
+#        - application/octet-stream
+#      produces:
+#        - application/json
+#      parameters:
+#        - name: transaction_id
+#          in: path
+#          description: Transaction id.
+#          required: true
+#          type: string
+#        - name: chunk_id
+#          in: path
+#          description: Chunk id.
+#          required: true
+#          type: string
+#      responses:
+#        '200':
+#          $ref: '#/responses/Success'
+#        '400':
+#          $ref: '#/responses/BadStatusResp'
+#        '401':
+#          $ref: '#/responses/UnauthorizedError'
+#        '403':
+#          $ref: '#/responses/Forbidden'
+#        '404':
+#          $ref: '#/responses/NotFoundResp'
+#      x-swagger-router-controller: src.controllers.project_controller
+
+  /project/push/finish/{transaction_id}:
+    post:
+      tags:
+       - project
+      summary: Finalize project data upload.
+      operationId: push_finish
+      parameters:
+        - name: transaction_id
+          in: path
+          description: Transaction id.
+          required: true
+          type: string
+      responses:
+        '200':
+          $ref: '#/responses/Success'
+        '400':
+          $ref: '#/responses/BadStatusResp'
+        '401':
+          $ref: '#/responses/UnauthorizedError'
+        '403':
+          $ref: '#/responses/Forbidden'
+        '404':
+          $ref: '#/responses/NotFoundResp'
+      x-swagger-router-controller: src.controllers.project_controller
+  /project/push/cancel/{transaction_id}:
+    post:
+      tags:
+       - project
+      summary: Cancel upload transaction.
+      operationId: push_cancel
+      parameters:
+        - name: transaction_id
+          in: path
+          description: Transaction id.
+          required: true
+          type: string
+      responses:
+        '200':
+          $ref: '#/responses/Success'
+        '400':
+          $ref: '#/responses/BadStatusResp'
+        '401':
+          $ref: '#/responses/UnauthorizedError'
+        '403':
+          $ref: '#/responses/Forbidden'
+        '404':
+          $ref: '#/responses/NotFoundResp'
+      x-swagger-router-controller: src.controllers.project_controller
+  /project/transfer/{namespace}:
+    get:
+      tags:
+        - Project transfers for namespace
+      summary: List of incoming/outcoming project transfers for namespace.
+      operationId: get_project_transfers
+      produces:
+        - application/json
+      parameters:
+        - name: namespace
+          in: path
+          description: mergin namespace to filter transfers for
+          required: true
+          type: string
+      responses:
+        '200':
+          $ref: '#/responses/Success'
+        '400':
+          $ref: '#/responses/BadStatusResp'
+        '401':
+          $ref: '#/responses/UnauthorizedError'
+        '403':
+          $ref: '#/responses/Forbidden'
+      x-swagger-router-controller: src.controllers.project_transfer_controller
+  /project/transfer/{namespace}/{project_name}:
+    post:
+      tags:
+        - project transfer
+      summary: Transfer project.
+      description: Transfer project to another namespace.
+      operationId: request_transfer
+      consumes:
+        - application/json
+      parameters:
+        - name: namespace
+          in: path
+          description: Namespace for project to look into.
+          required: true
+          type: string
+        - name: project_name
+          in: path
+          description: Project name.
+          required: true
+          type: string
+        - in: body
+          name: data
+          description: Request payload - destination namespace.
+          required: true
+          schema:
+            type: object
+            properties:
+              namespace:
+                type: string
+                example: mergin
+      responses:
+        '200':
+          $ref: '#/responses/Success'
+        '400':
+          $ref: '#/responses/BadStatusResp'
+        '401':
+          $ref: '#/responses/UnauthorizedError'
+        '403':
+          $ref: '#/responses/Forbidden'
+        '404':
+          $ref: '#/responses/NotFoundResp'
+      x-swagger-router-controller: src.controllers.project_transfer_controller
+  /project/transfer/{id}:
+    post:
+      tags:
+        - project transfer
+      summary: Execute transfer project.
+      description: Execute transfer project
+      operationId: execute_transfer_project
+      consumes:
+        - application/json
+      parameters:
+        - name: id
+          in: path
+          description: ID of transfer project data.
+          required: true
+          type: string
+        - in: body
+          name: data
+          description: Destination project name and whether to keep permissions.
+          required: false
+          schema:
+            type: object
+            properties:
+              name:
+                type: string
+                example: mergin
+              transfer_permission:
+                type: boolean
+                example: True
+      responses:
+        '200':
+          $ref: '#/responses/Success'
+        '400':
+          $ref: '#/responses/BadStatusResp'
+        '401':
+          $ref: '#/responses/UnauthorizedError'
+        '403':
+          $ref: '#/responses/Forbidden'
+        '404':
+          $ref: '#/responses/NotFoundResp'
+      x-swagger-router-controller: src.controllers.project_transfer_controller
+    delete:
+      tags:
+        - project transfer
+      summary: Delete transfer project.
+      description: Remove transfer project from database.
+      operationId: delete_transfer_project
+      produces:
+        - application/json
+      parameters:
+        - name: id
+          in: path
+          description: ID of transfer project data.
+          required: true
+          type: string
+      responses:
+        '200':
+          $ref: '#/responses/Success'
+        '400':
+          $ref: '#/responses/BadStatusResp'
+        '401':
+          $ref: '#/responses/UnauthorizedError'
+        '404':
+          $ref: '#/responses/NotFoundResp'
+      x-swagger-router-controller: src.controllers.project_transfer_controller
+
+  /user/{username}:
+    get:
+      deprecated: true
+      tags:
+        - user
+      summary: User profile info.
+      description: Returns user profile info.
+      operationId: get_user
+      parameters:
+        - name: username
+          in: path
+          description: Username.
+          required: true
+          type: string
+      produces:
+        - application/json
+      responses:
+        '200':
+          description: Success.
+        '400':
+          $ref: '#/responses/BadStatusResp'
+        '401':
+          $ref: '#/responses/UnauthorizedError'
+        '404':
+          $ref: '#/responses/NotFoundResp'
+      x-swagger-router-controller: src.controllers.user_controller
+  /auth/login:
+    post:
+      deprecated: true
+      tags:
+        - login
+      summary: Login user.
+      description: Returns session token, expiration time and user profile info.
+      operationId: login
+      parameters:
+        - name: credentials
+          in: body
+          description: User credentials.
+          required: true
+          schema:
+            type: object
+            required:
+              - login
+              - password
+            properties:
+              login:
+                type: string
+                example: johnny
+              password:
+                type: string
+                example: pass123
+      consumes:
+        - application/json
+      produces:
+        - application/json
+      responses:
+        '200':
+          description: Success.
+          schema:
+            $ref: '#/definitions/LoginResponse'
+        '400':
+          $ref: '#/responses/BadStatusResp'
+        '401':
+          $ref: '#/responses/UnauthorizedError'
+        '404':
+          $ref: '#/responses/NotFoundResp'
+        '415':
+          $ref: '#/responses/UnsupportedMediaType'
+      x-swagger-router-controller: src.controllers.user_controller
+  /resource/history/{namespace}/{project_name}:
+    get:
+      tags:
+        - resource
+      summary: History of project resource (file)
+      description: Lookup in project versions to get history of changes for particular file
+      operationId: get_resource_history
+      produces:
+        - application/json
+      parameters:
+        - name: project_name
+          in: path
+          description: Project name.
+          required: true
+          type: string
+        - name: namespace
+          in: path
+          description: Namespace project belong to.
+          required: true
+          type: string
+        - name: path
+          in: query
+          description: Path to file in project.
+          required: true
+          type: string
+      responses:
+        '200':
+          $ref: '#/responses/Success'
+          #$ref: '#/definitions/HistoryFileInfo' need upgrade to OpenAPI v3?
+        '400':
+          $ref: '#/responses/BadStatusResp'
+        '403':
+          $ref: '#/responses/Forbidden'
+        '404':
+          $ref: '#/responses/NotFoundResp'
+        '422':
+          $ref: '#/responses/InvalidDataResp'
+      x-swagger-router-controller: src.controllers.project_controller
+  /resource/changesets/{namespace}/{project_name}/{version_id}:
+    get:
+      tags:
+        - resource
+      summary: Changeset of the resource (file)
+      description: Calculate geodiff changeset for particular file and particular project version
+      operationId: get_resource_changeset
+      produces:
+        - application/json
+      parameters:
+        - name: project_name
+          in: path
+          description: Project name.
+          required: true
+          type: string
+        - name: namespace
+          in: path
+          description: Namespace project belong to.
+          required: true
+          type: string
+        - name: version_id
+          in: path
+          description: Version id of the file.
+          required: true
+          type: string
+        - name: path
+          in: query
+          description: Path to file in project.
+          required: true
+          type: string
+      responses:
+        '200':
+          description: A list of geodiff changesets for versioned file
+          schema:
+            type: array
+            items:
+              $ref: '#/definitions/GeodiffChangeset'
+        '400':
+          $ref: '#/responses/BadStatusResp'
+        '403':
+          $ref: '#/responses/Forbidden'
+        '404':
+          $ref: '#/responses/NotFoundResp'
+        '422':
+          $ref: '#/responses/InvalidDataResp'
+      x-swagger-router-controller: src.controllers.project_controller
+  '/namespaces/{namespace_type}':
+    get:
+      tags:
+        - namespace
+      summary: Find namespace by query.
+      description: Returns list of namespaces.
+      operationId: search_namespace
+      produces:
+        - application/json
+      parameters:
+        - name: namespace_type
+          in: path
+          description: Type of namespace (organisation or user)
+          required: true
+          type: string
+          enum:
+            - user
+            - organisation
+        - name: q
+          in: query
+          description: Search query string.
+          required: false
+          type: string
+      responses:
+        '200':
+          description: Success.
+          schema:
+            $ref: '#/responses/Success'
+        '400':
+          $ref: '#/responses/BadStatusResp'
+        '401':
+          $ref: '#/responses/UnauthorizedError'
+        '404':
+          $ref: '#/responses/NotFoundResp'
+        '422':
+          $ref: '#/responses/InvalidDataResp'
+      x-swagger-router-controller: src.controllers.namespace_controller
+responses:
+  UnauthorizedError:
+    description: Authentication information is missing or invalid.
+    headers:
+      WWW_Authenticate:
+        type: string
+  NotFoundResp:
+    description: Project not found.
+  BadStatusResp:
+    description: Invalid request.
+  InvalidDataResp:
+    description: Invalid/unprocessable data.
+  Success:
+    description: Success.
+  Forbidden:
+    description: Access is denied.
+  UnsupportedMediaType:
+    description: Payload format is in an unsupported format.
diff --git a/server/test/__init__.py b/server/test/__init__.py
new file mode 100644
index 00000000..c5a7ce94
--- /dev/null
+++ b/server/test/__init__.py
@@ -0,0 +1,14 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+import os
+import tempfile
+
+# constants
+test_namespace = 'mergin'
+test_project = 'test'
+test_project_dir = os.path.join(os.path.dirname(os.path.realpath(__file__)), 'test_projects', test_project)
+json_headers = {'Content-Type': 'application/json', 'Accept': 'application/json'}
+DEFAULT_USER = ('mergin', 'ilovemergin')  # username, password - is a super user
+TMP_DIR = tempfile.gettempdir()
+TEST_ORG = "mergin.org"
diff --git a/server/test/conftest.py b/server/test/conftest.py
new file mode 100644
index 00000000..48d5a07d
--- /dev/null
+++ b/server/test/conftest.py
@@ -0,0 +1 @@
+pytest_plugins = ["test.fixtures"]
diff --git a/server/test/fixtures.py b/server/test/fixtures.py
new file mode 100644
index 00000000..652ff6bb
--- /dev/null
+++ b/server/test/fixtures.py
@@ -0,0 +1,189 @@
+import os
+import sys
+from shutil import copy, move
+from sqlalchemy.orm.attributes import flag_modified
+from pygeodiff import GeoDiff
+import pytest
+
+
+from src import db, create_app
+from src.db_events import remove_events
+from src.models.db_models import (Project, Upload, ProjectVersion, ProjectAccess, ProjectTransfer,
+                                  Namespace, Account, RemovedProject)
+from src.mergin_utils import generate_checksum, is_versioned_file, resolve_tags
+from src.auth.models import User, UserProfile
+from src.organisation.models import Organisation
+
+from . import test_project, test_namespace, test_project_dir, TMP_DIR, TEST_ORG, DEFAULT_USER
+from .test_project_controller import _file_info, create_diff_meta
+from .utils import login_as_admin, add_user, initialize, cleanup
+
+thisdir = os.path.dirname(os.path.realpath(__file__))
+sys.path.append(os.path.join(thisdir, os.pardir))
+
+
+@pytest.fixture(scope='function')
+def flask_app(request):
+    """ Flask app with fresh db and initialized empty tables """
+    application = create_app()
+    application.config['TEST_DIR'] = os.path.join(thisdir, 'test_projects')
+    application.config['SERVER_NAME'] = 'localhost.localdomain'
+    app_context = application.app_context()
+    app_context.push()
+
+    with app_context:
+        db.create_all()
+
+    def teardown():
+        # clean up db
+        db.session.remove()
+        db.drop_all()
+        db.engine.dispose()
+
+        app_context.pop()
+        # detach db hooks
+        remove_events()
+
+    request.addfinalizer(teardown)
+    return application
+
+
+@pytest.fixture(scope='function')
+def app(flask_app, request):
+    """ Flask app with testing objects created """
+    with flask_app.app_context():
+        initialize()
+
+    def teardown():
+        # remove all project files
+        with flask_app.app_context():
+            dirs = [p.storage.project_dir for p in Project.query.all()]
+            print(dirs)
+            cleanup(flask_app.test_client(), dirs)
+
+    request.addfinalizer(teardown)
+    return flask_app
+
+
+@pytest.fixture(scope='function')
+def client(app):
+    """ Flask app test client with already logged-in superuser """
+    client = app.test_client()
+    login_as_admin(client)
+    return client
+
+
+@pytest.fixture(scope='function')
+def diff_project(app):
+    """ Modify testing project to contain some history with diffs. Geodiff lib is used to handle changes.
+    Files are copied to location where server would expect it. Corresponding changes metadata and project versions
+    are created and stored in db.
+
+    Following changes are applied to base.gpkg in test project (v1):
+    v2: removed file -> previous version is lost (unless requested explicitly)
+    v3: uploaded again
+    v4: patched with changes from inserted_1_A.gpkg (1 inserted feature)
+    v5: replaced with original file base.gpkg (mimic of force update)
+    v6: patched with changes from modified_1_geom.gpkg (translated feature)
+    v7: renamed to test.gpkg
+    v8: nothing happened (although officially forbidden here it mimics no changes to file of interest)
+    v9: test.gpkg is patched with changes from inserted_1_B.gpkg (1 inserted feature), final state is modified_1_geom.gpkg + inserted_1_B.gpkg
+    v10: nothing happened, just to ensure last diff is not last version of project file
+    """
+    geodiff = GeoDiff()
+    project = Project.query.filter_by(name=test_project, namespace=test_namespace).first()
+    update_meta = _file_info(test_project_dir, 'base.gpkg')
+    diff_meta_A = create_diff_meta('base.gpkg', 'inserted_1_A.gpkg', test_project_dir)
+    diff_meta_mod = create_diff_meta('base.gpkg', 'modified_1_geom.gpkg', test_project_dir)
+    rename_meta = {
+        **_file_info(test_project_dir, 'base.gpkg'),
+        'new_path': 'test.gpkg',
+    }
+    patch = os.path.join(TMP_DIR, 'patch')
+    basefile = os.path.join(test_project_dir, 'base.gpkg')
+    copy(basefile, patch)
+    geodiff.apply_changeset(patch, os.path.join(TMP_DIR, diff_meta_mod['diff']['path']))
+    diff_meta_B = create_diff_meta(patch, 'inserted_1_B.gpkg', test_project_dir)
+    diff_meta_B['path'] = 'test.gpkg'
+
+    # construct project versions
+    changes = [
+        {'added': [], 'removed': [_file_info(test_project_dir, 'base.gpkg')], 'renamed': [], 'updated': []},
+        {'added': [_file_info(test_project_dir, 'base.gpkg')], 'removed': [], 'renamed': [], 'updated': []},
+        {'added': [], 'removed': [], 'renamed': [], 'updated': [diff_meta_A]},
+        {'added': [], 'removed': [], 'renamed': [], 'updated': [update_meta]},  # force update with full file
+        {'added': [], 'removed': [], 'renamed': [], 'updated': [diff_meta_mod]},
+        {'added': [], 'removed': [], 'renamed': [rename_meta], 'updated': []},  # file renamed, will be tracked with different name
+        {'added': [], 'removed': [], 'renamed': [], 'updated': []},
+        {'added': [], 'removed': [], 'renamed': [], 'updated': [diff_meta_B]},
+        {'added': [], 'removed': [], 'renamed': [], 'updated': []},
+    ]
+    version_files = project.files
+    for i, change in enumerate(changes):
+        ver = 'v{}'.format(i + 2)
+        if change['added']:
+            meta = change['added'][0]
+            meta['location'] = os.path.join(ver, meta['path'])
+            new_file = os.path.join(project.storage.project_dir, meta['location'])
+            os.makedirs(os.path.dirname(new_file), exist_ok=True)
+            copy(os.path.join(test_project_dir, meta['path']), new_file)
+            version_files.append(meta)
+        elif change['updated']:
+            meta = change['updated'][0]
+            f_updated = next(f for f in version_files if f['path'] == meta['path'])
+            new_location = os.path.join(ver, f_updated['path'])
+            patchedfile = os.path.join(project.storage.project_dir, new_location)
+            os.makedirs(os.path.dirname(patchedfile), exist_ok=True)
+            if 'diff' in meta.keys():
+                basefile = os.path.join(project.storage.project_dir, f_updated['location'])
+                changefile = os.path.join(TMP_DIR, meta['diff']['path'])
+                copy(basefile, patchedfile)
+                geodiff.apply_changeset(patchedfile, changefile)
+                meta['diff']['location'] = os.path.join(ver, meta['diff']['path'])
+                move(changefile, os.path.join(project.storage.project_dir, meta['diff']['location']))
+            else:
+                copy(os.path.join(test_project_dir, f_updated['path']), patchedfile)
+                f_updated.pop('diff', None)
+            meta['location'] = new_location
+            f_updated.update(meta)
+        elif change['renamed']:
+            f_renamed = next(f for f in version_files if f['path'] == change['renamed'][0]['path'])
+            f_renamed['path'] = change['renamed'][0]['new_path']
+        elif change['removed']:
+            f_removed = next(f for f in version_files if f['path'] == change['removed'][0]['path'])
+            version_files.remove(f_removed)
+        else:
+            pass
+
+        pv = ProjectVersion(project, ver, project.creator.username, change, version_files, '127.0.0.1')
+        db.session.add(pv)
+        db.session.commit()
+        version_files = pv.files
+        assert pv.project_size == sum(file['size'] for file in version_files)
+
+    project.files = version_files
+    project.disk_usage = sum(file['size'] for file in project.files)
+    project.tags = resolve_tags(version_files)
+    project.latest_version = project.versions[0].name
+    db.session.add(project)
+    flag_modified(project, "files")
+    db.session.commit()
+    return project
+
+
+@pytest.fixture(scope='function')
+def test_organisation(client):
+    """ Test organisation """
+    user = User.query.filter_by(username=DEFAULT_USER[0]).first()
+    org = Organisation(name=TEST_ORG, creator_id=user.id)
+    org_owner = add_user("owner", "owner")
+    org.owners.append(org_owner.id)
+    org_admin = add_user("admin", "admin")
+    org.admins.extend([org_owner.id, org_admin.id])
+    db.session.add(org)
+    db.session.commit()
+    # create a free organisation -> assign zero storage
+    account = Account.query.filter_by(type="organisation", owner_id=org.id).first()
+    account.namespace.storage = 0
+    db.session.commit()
+    return org
diff --git a/server/test/test_auth.py b/server/test/test_auth.py
new file mode 100644
index 00000000..41a83c14
--- /dev/null
+++ b/server/test/test_auth.py
@@ -0,0 +1,522 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+from datetime import datetime, timedelta
+import pytest
+import json
+from flask import url_for
+from itsdangerous import URLSafeTimedSerializer
+from sqlalchemy import desc
+from sqlalchemy.orm.attributes import flag_modified
+from unittest.mock import patch
+
+from src.auth.models import User, UserProfile, LoginHistory
+from src import db
+from src.models.db_models import Namespace, Account, Project
+from . import json_headers
+from .utils import add_user, login_as_admin, login
+
+
+@pytest.fixture(scope='function')
+def client(app):
+    client = app.test_client()
+    return client
+
+
+# login test: success, success with email login, invalid password, missing password, wrong headers
+test_login_data = [
+    ({'login': 'mergin', 'password': 'ilovemergin'}, json_headers, 200),
+    ({'login': 'mergin@mergin.com', 'password': 'ilovemergin'}, json_headers, 200),
+    ({'login': 'mergin', 'password': 'ilovemergi'}, json_headers, 401),
+    ({'login': 'mergin'}, json_headers, 401),
+    ({'login': 'mergin', 'password': 'ilovemergin'}, {}, 401),
+]
+
+
+@pytest.mark.parametrize("data,headers,expected", test_login_data)
+def test_login(client, data, headers, expected):
+    resp = client.post(url_for('auth.login'), data=json.dumps(data), headers=headers)
+    assert resp.status_code == expected
+    if expected == 200:
+        login_history = LoginHistory.query.filter_by(username='mergin').order_by(desc(LoginHistory.timestamp)).first()
+        assert login_history
+
+
+def test_logout(client):
+    login_as_admin(client)
+    resp = client.get(url_for('auth.logout'))
+    assert resp.status_code == 200
+
+
+# user registration test
+test_user_reg_data = [
+    ('test', 'test@test.com', 200),  # success
+    ('TesTUser', 'test@test.com', 200),  # test with upper case, but user is not exist
+    ('TesTUser2', 'test2@test.com', 200),  # test with upper case, but user is not exist
+    ('bob', 'test@test.com', 400),  # invalid (short) username
+    ('test', 'test.com', 400),  # invalid email
+    ('mergin', 'test@test.com', 400), # existing user
+    ('MerGin', 'test@test.com', 400),  # test with upper case but mergin already exist
+    ('  mergin  ', 'test@test.com', 400),  # test with blank spaces, but mergin user already exists
+    ('XmerginX', ' test@test.com  ', 200),  # test with blank spaces, whitespace to be removed
+    ('XmerginX', ' mergin@mergin.com  ', 400)  # test with blank spaces, but email already exists
+]
+
+
+@pytest.mark.parametrize("username,email,expected", test_user_reg_data)
+def test_user_register(client, username, email, expected):
+    login_as_admin(client)
+    url = url_for('auth.register_user')
+    resp = client.post(url, data=json.dumps({'username': username, 'email': email}), headers=json_headers)
+    assert resp.status_code == expected
+    if expected == 200:
+        user = User.query.filter_by(username=username).first()
+        assert user
+        assert user.active
+        assert not user.verified_email
+        ns = Namespace.query.filter_by(name=username).first()
+        assert ns
+        account = Account.query.filter_by(type='user', owner_id=user.id).first()
+        assert account
+
+
+@patch('src.celery.send_email_async.apply_async')
+def test_confirm_email(send_email_mock, app, client):
+    serializer = URLSafeTimedSerializer(app.config['SECRET_KEY'])
+    token = serializer.dumps('mergin@mergin.com', salt=app.config['SECURITY_PASSWORD_SALT'])
+    resp = client.get(url_for('auth.confirm_email', token=token))
+    assert resp.status_code == 200
+    assert b'Your email address has been verified.' in resp.data
+    assert not send_email_mock.called
+
+    user = User.query.filter_by(username='mergin').first()
+    # test with old registered user
+    user.verified_email = False
+    user.profile.registration_date = datetime.utcnow() - timedelta(days=1)
+    db.session.commit()
+    resp = client.get(url_for('auth.confirm_email', token=token))
+    assert resp.status_code == 200
+    assert b'Your email address has been verified.' in resp.data
+    assert not send_email_mock.called
+
+    # try again with freshly registered user
+    user.verified_email = False
+    user.profile.registration_date = datetime.utcnow()
+    db.session.add(user)
+    db.session.commit()
+    resp = client.get(url_for('auth.confirm_email', token=token))
+    assert resp.status_code == 200
+    assert b'Your email address has been verified.' in resp.data
+    assert send_email_mock.called
+
+    # try again
+    resp = client.get(url_for('auth.confirm_email', token=token))
+    assert resp.status_code == 200
+    assert b'Your email address has been verified.' in resp.data
+
+    # invalid token
+    resp = client.get(url_for('auth.confirm_email', token='token'))
+    assert resp.status_code == 400
+
+    # not-existing user
+    resp = client.get(url_for('auth.confirm_email',
+                              token=serializer.dumps('test@mergin.com', salt=app.config['SECURITY_PASSWORD_SALT'])))
+    assert resp.status_code == 404
+
+
+def test_confirm_password(app, client):
+    serializer = URLSafeTimedSerializer(app.config['SECRET_KEY'])
+    token = serializer.dumps('mergin@mergin.com', salt=app.config['SECURITY_PASSWORD_SALT'])
+
+    resp = client.get(url_for('auth.confirm_new_password', token=token))
+    assert resp.status_code == 200
+    assert b'Activate account' in resp.data
+
+    form_data = {'password': 'ilovemergin#0', 'confirm': 'ilovemergin#0'}
+    resp = client.post(url_for('auth.confirm_new_password', token=token), data=json.dumps(form_data), headers=json_headers)
+    assert resp.status_code == 302
+
+    # invalid token
+    resp = client.get(url_for('auth.confirm_new_password', token='token'))
+    assert resp.status_code == 400
+
+    # not-existing user
+    resp = client.get(url_for('auth.confirm_new_password',
+                              token=serializer.dumps('test@mergin.com', salt=app.config['SECURITY_PASSWORD_SALT'])))
+    assert resp.status_code == 404
+
+    # add inactive user
+    user = User(username='test', passwd='testuser', is_admin=True, email='test@mergin.com')
+    user.active = False
+    db.session.add(user)
+    db.session.commit()
+    resp = client.get(url_for('auth.confirm_new_password',
+                              token=serializer.dumps('test@mergin.com', salt=app.config['SECURITY_PASSWORD_SALT'])))
+    assert resp.status_code == 400
+
+
+# reset password test: success, no email, not-existing user
+test_reset_data = [
+    ({'email': 'mergin@mergin.com'}, 200),
+    ({'email': 'Mergin@mergin.com'}, 200),  # case insensitive
+    ({}, 404),
+    ({'email': 'test@mergin.com'}, 404)
+]
+
+
+@pytest.mark.parametrize("data,expected", test_reset_data)
+def test_reset_password(client, data, expected):
+    resp = client.post(url_for('auth.password_reset'), data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == expected
+    if expected == 200:
+        assert resp.json['success']
+
+
+def test_change_password(client):
+    username = 'user_test'
+    old_password = 'user_password'
+    new_password = 'Test#test'
+
+    user = User(username=username, passwd=old_password, is_admin=True, email='user_test@mergin.com')
+    user.active = True
+    user.profile = UserProfile()
+    db.session.add(user)
+    db.session.commit()
+
+    resp = client.post(
+        url_for('auth.login'),
+        data=json.dumps({'login': username, 'password': old_password}),
+        headers=json_headers
+    )
+    assert resp.status_code == 200
+
+    # test old password incorrect
+    resp = client.post(
+        url_for('auth.change_password'),
+        data=json.dumps(
+            {'old_password': 'old_password_incorrect', 'password': new_password, 'confirm': new_password}),
+        headers=json_headers
+    )
+    assert resp.status_code == 400
+
+    # test correct old password
+    resp = client.post(
+        url_for('auth.change_password'),
+        data=json.dumps(
+            {'old_password': old_password, 'password': new_password, 'confirm': new_password}),
+        headers=json_headers
+    )
+    assert resp.status_code == 200
+
+    # test login with old password
+    resp = client.post(
+        url_for('auth.login'),
+        data=json.dumps({'login': username, 'password': old_password}),
+        headers=json_headers
+    )
+    assert resp.status_code == 401
+
+    # test login with new password
+    resp = client.post(
+        url_for('auth.login'),
+        data=json.dumps({'login': username, 'password': new_password}),
+        headers=json_headers
+    )
+    assert resp.status_code == 200
+
+
+def test_remove_user(client):
+    login_as_admin(client)
+    user = add_user('test', 'test')
+
+    resp = client.delete(url_for('auth.delete_user', username=user.username))
+    assert resp.status_code == 200
+    assert resp.json['success']
+    assert not User.query.filter_by(username='test').count()
+    assert not Namespace.query.filter_by(name='test').count()
+
+    resp = client.delete(url_for('auth.delete_user', username=user.username))
+    assert resp.status_code == 404
+
+
+def test_delete_account(client):
+    username = 'user_test'
+    password = 'user_password'
+    user = add_user(username, password)
+    ns = Namespace.query.filter_by(name=username).first()
+    user_id = user.id
+
+    # share project of default user
+    project = Project.query.filter_by(namespace='mergin', name='test').first()
+    assert project
+    project.access.owners.append(user_id)
+    project.access.writers.append(user_id)
+    project.access.readers.append(user_id)
+    db.session.add(project)
+    flag_modified(project.access, 'owners')
+    flag_modified(project.access, 'writers')
+    flag_modified(project.access, 'readers')
+    db.session.commit()
+    assert user_id in project.access.owners
+
+    login(client, username, password)
+
+    # delete account
+    resp = client.delete(url_for('auth.delete_account'))
+    assert resp.status_code == 200
+    assert resp.json['success']
+    # check nothing is left in database
+    user = User.query.filter_by(username=username).first()
+    account = Account.query.filter_by(type='user', owner_id=user_id).first()
+    assert not account
+    assert not user
+    ns = Namespace.query.filter_by(name=username).first()
+    assert not ns
+    assert user_id not in project.access.owners
+    assert user_id not in project.access.writers
+    assert user_id not in project.access.readers
+
+    # try relogin but should be not found
+    resp = client.post(
+        url_for('auth.login'),
+        data=json.dumps({'login': username, 'password': password}),
+        headers=json_headers
+    )
+    assert resp.status_code == 401
+
+
+def test_self_registration(client):
+    resp = client.get(url_for('auth.self_register_user'))
+    assert resp.status_code == 405
+
+    form_data = {'username': 'test', 'email': 'test@test.com', 'password': 'Test#test', 'confirm': 'Test#test'}
+    resp = client.post(url_for('auth.self_register_user'), data=json.dumps(form_data), headers=json_headers)
+    assert resp.status_code == 200
+    assert resp.json['username'] == 'test'
+
+
+# self registrations: success, invalid username
+test_self_registration_validation_data = [
+    ({'username': 'test', 'email': 'test@test.com', 'password': 'Test#test', 'confirm': 'Test#test'}, json_headers, 200),
+    ({'username': 'test!@%$', 'email': 'test@test.com', 'password': 'Test#test', 'confirm': 'Test#test'}, json_headers, 400)
+]
+
+
+@pytest.mark.parametrize("data,headers,expected", test_self_registration_validation_data)
+def test_self_registration_validation(client, data, headers, expected):
+    resp = client.post(url_for(
+        'auth.self_register_user'), data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == expected
+
+
+# login test: success, success with email login, invalid password, missing password, wrong headers
+test_api_login_data = [
+    ({'login': 'mergin', 'password': 'ilovemergin'}, json_headers, 200),
+    ({'login': 'mergin@mergin.com', 'password': 'ilovemergin'}, json_headers, 200),
+    ({'login': 'mergin', 'password': 'ilovemergi'}, json_headers, 401),
+    ({'login': 'mergin'}, json_headers, 400),
+    ({'login': 'mergin', 'password': 'ilovemergin'}, {}, 415),
+]
+
+
+@pytest.mark.parametrize("data,headers,expected", test_api_login_data)
+def test_api_login(client, data, headers, expected):
+    resp = client.post('/v1/auth/login', data=json.dumps(data), headers=headers)
+    assert resp.status_code == expected
+    if expected == 200:
+        login_history = LoginHistory.query.filter_by(username='mergin').order_by(desc(LoginHistory.timestamp)).first()
+        assert login_history
+
+
+def test_api_login_from_urllib(client):
+    with patch('src.auth.models.get_user_agent') as mock:
+        mock.return_value = "DB-sync/0.1"
+        resp = client.post('/v1/auth/login', data=json.dumps({'login': 'mergin', 'password': 'ilovemergin'}), headers=json_headers)
+        assert resp.status_code == 200
+        login_history = LoginHistory.query.filter_by(username='mergin').order_by(desc(LoginHistory.timestamp)).first()
+        assert not login_history
+
+
+def test_api_user_profile(client):
+    """ test public API endpoint to get user details """
+    resp = client.get('/v1/user/mergin')
+    assert resp.status_code == 401
+
+    login_as_admin(client)
+    user = User.query.filter_by(username="mergin").first()
+    resp = client.get('/v1/user/mergin')
+    assert resp.status_code == 200
+    assert resp.json['username'] == 'mergin'
+    assert resp.json['email'] == user.email
+    assert resp.json['disk_usage'] == 0
+    assert resp.json['storage_limit'] == 104857600
+
+    # now check the profile of someone else
+    resp = client.get('/v1/user/somebody_else')
+    assert resp.status_code == 200
+    assert resp.json['username'] == 'mergin'
+
+
+# test_seeing_other_profile, invalid username
+test_other_user_profile_data = [
+    ({'username': 'test1', 'email': 'test@test.com', 'passwd': 'Test#test', 'is_admin': True}, True),
+    ({'username': 'test2', 'email': 'test@test.com', 'passwd': 'Test#test', 'is_admin': False}, False)
+]
+
+
+def test_update_user(client):
+    login_as_admin(client)
+    user = User.query.filter_by(username='mergin').first()
+    data = {"active": False}
+    resp = client.post('/auth/user/{}'.format(user.username), data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == 200
+    assert not user.active
+
+    user.is_admin = False
+    db.session.add(user)
+    db.session.commit()
+    resp = client.post('/auth/user/{}'.format(user.id), data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == 403
+
+
+def test_update_user_profile(client):
+    login_as_admin(client)
+    user = User.query.filter_by(username='mergin').first()
+    user.verified_email = True
+
+    user2 = User("test", "m@m.com", "testspass", False)
+    db.session.add(user2)
+    db.session.commit()
+    assert user.profile.receive_notifications
+    assert user.verified_email
+
+    # update profile
+    resp = client.post(
+        url_for('auth.update_user_profile'),
+        data=json.dumps(
+            {
+                'email': 'm@m.com'
+            }
+        ),
+        headers=json_headers
+    )
+    assert resp.status_code == 400
+    assert "Email already exists" in resp.json.get("email")
+
+    # update profile
+    resp = client.post(
+        url_for('auth.update_user_profile'),
+        data=json.dumps({
+            'first_name': '  John',
+            'last_name': 'Doe ',
+            'email': 'john@doe.com '
+        }),
+        headers=json_headers
+    )
+    assert resp.status_code == 200
+    assert user.email == 'john@doe.com'
+    assert user.profile.first_name == 'John'
+    assert user.profile.last_name == 'Doe'
+
+    # update profile
+    resp = client.post(
+        url_for('auth.update_user_profile'),
+        data=json.dumps(
+            {
+                'receive_notifications': False,
+                'email': 'changed_email@mergin.co.uk'
+            }
+        ),
+        headers=json_headers
+    )
+    assert resp.status_code == 200
+
+    user = User.query.filter_by(username='mergin').first()
+    assert not user.profile.receive_notifications
+    assert not user.verified_email
+    assert user.email == 'changed_email@mergin.co.uk'
+
+
+def test_search_user(client):
+    user = User.query.filter_by(username='mergin').first()
+
+    resp = client.get('/auth/user/search')
+    assert resp.status_code == 401
+
+    login_as_admin(client)
+    resp = client.get('/auth/user/search')
+    assert resp.status_code == 200
+    assert list(resp.json[0].keys()) == ['id', 'profile', 'username']
+
+    add_user('fero.mrkva', 'test')
+    add_user('palomrmrkva', 'test')
+    add_user('mrkvajozef', 'test')
+    resp = client.get('/auth/user/search?like=erg')
+    assert 'mer' in resp.json[0]['username']
+
+    resp = client.get('/auth/user/search?like=mrk')
+    assert 'palomrmrkva' in resp.json[2]['username']
+    assert 'mrkvajozef' in resp.json[1]['username']
+    assert 'fero.mrkva' in resp.json[0]['username']
+    assert 3 == len(resp.json)
+
+    resp = client.get('/auth/user/search?like=.mrk')
+    assert 'fero.mrkva' in resp.json[0]['username']
+    assert 1 == len(resp.json)
+
+
+    resp = client.get('/auth/user/search?id={}'.format(user.id))
+    assert resp.json[0]['username'] == user.username
+
+    resp = client.get('/auth/user/search?names={}'.format(user.username))
+    assert resp.json[0]['username'] == user.username
+
+    # no such user
+    resp = client.get('/auth/user/search?like=test')
+    assert not resp.json
+
+    # invalid query par
+    resp = client.get('/auth/user/search?id=1,a')
+    assert resp.json
+
+
+def test_get_accounts(client):
+    resp = client.get(url_for('account.list_accounts', type='user'))
+    assert resp.status_code == 401
+
+    login_as_admin(client)
+    resp = client.get(url_for('account.list_accounts', type='user'))
+
+    assert resp.status_code == 200
+    assert resp.json['total'] == 1
+    account = resp.json['accounts'][0]
+    assert account['type'] == 'user'
+    assert account['name'] == 'mergin'
+
+    # filter by type
+    resp = client.get(url_for('account.list_accounts', type='foo'))
+    assert resp.status_code == 400
+
+    resp = client.get(url_for('account.list_accounts', type='organisation'))
+    assert resp.status_code == 200
+    assert resp.json['total'] == 0
+
+    resp = client.get(url_for('account.list_accounts', type='user', page=2))
+    assert resp.status_code == 404
+
+    resp = client.get(url_for('account.list_accounts', type='user', name='merg'))
+    assert resp.status_code == 200
+    assert resp.json['total'] == 1
+
+    resp = client.get(url_for('account.list_accounts', type='user', name='foo'))
+    assert resp.status_code == 200
+    assert resp.json['total'] == 0
+
+    add_user('foo', 'bar')
+    resp = client.get(url_for('account.list_accounts', type='user', name='foo'))
+    assert resp.status_code == 200
+    assert resp.json['total'] == 1
+
+    resp = client.get(url_for('account.list_accounts', type='user', order_by='name', descending='true'))
+    assert resp.status_code == 200
+    assert resp.json['accounts'][0]['name'] == 'mergin'
+    assert resp.json['accounts'][1]['name'] == 'foo'
diff --git a/server/test/test_celery.py b/server/test/test_celery.py
new file mode 100644
index 00000000..78ce4e9f
--- /dev/null
+++ b/server/test/test_celery.py
@@ -0,0 +1,154 @@
+import os
+from datetime import datetime, timedelta
+from flask import current_app
+from flask_mail import Mail
+from unittest.mock import patch
+from sqlalchemy.orm.attributes import flag_modified
+
+from src import db
+from src.config import Configuration
+from src.organisation import Organisation
+from src.auth.models import User, LoginHistory
+from src.models.db_models import Project, RemovedProject, Namespace
+from src.celery import send_email_async, remove_temp_files, remove_projects_backups, remove_accounts_data
+from src.celery import remove_temp_files, remove_projects_backups
+from src.storages.disk import move_to_tmp
+from . import test_project, test_namespace
+from .utils import create_project, cleanup, add_user, create_organisation
+
+
+def test_send_email(app):
+    """ Test celery is actually sending emails. """
+    mail = Mail()
+    email_data = {
+        'subject': 'test',
+        'html': 'test',
+        'recipients': ['foo@bar.com'],
+        'sender': 'no_reply@cloudmergin.com'
+    }
+    with mail.record_messages() as outbox:
+        Configuration.MERGIN_TESTING = True
+        task = send_email_async.s(**email_data).apply()
+        assert len(outbox) == 1
+        assert task.status == 'SUCCESS'
+        assert outbox[0].sender == 'no_reply@cloudmergin.com'
+        assert outbox[0].html == 'test'
+        assert outbox[0].subject == 'test'
+        assert current_app.config['MAIL_DEFAULT_SENDER'] not in outbox[0].bcc
+        assert 'foo@bar.com' in outbox[0].send_to
+
+        # turn off testing mode
+        Configuration.MERGIN_TESTING = False
+        task = send_email_async.s(**email_data).apply()
+        assert len(outbox) == 2
+        assert task.status == 'SUCCESS'
+        assert current_app.config['MAIL_DEFAULT_SENDER'] in outbox[1].bcc
+
+    Configuration.MERGIN_TESTING = True
+    del email_data['recipients']
+    task = send_email_async.s(**email_data).apply()
+    assert task.status == 'FAILURE'
+    assert 'No recipients have been added' in task.traceback
+
+
+@patch('src.celery.send_email_async.apply_async')
+def test_send_email_from_flask(send_email_mock, client):
+    """ Test correct data are passed to celery task which is called from endpoint. """
+    project = Project.query.filter_by(namespace='mergin', name='test').first()
+    email_data = {
+        'subject': 'Mergin project mergin/test has been deleted',
+        'recipients': [project.creator.email],
+        'sender': current_app.config['MAIL_DEFAULT_SENDER']
+    }
+    resp = client.delete('/v1/project/{}/{}'.format('mergin', 'test'))
+    assert resp.status_code == 200
+    # cleanup files
+    cleanup(client, [project.storage.project_dir])
+    assert send_email_mock.called
+    call_args, _ = send_email_mock.call_args
+    _, kwargs = call_args
+    del kwargs['html']
+    assert email_data == kwargs
+
+
+def test_clean_temp_files(app):
+    project = Project.query.filter_by(name=test_project, namespace=test_namespace).first()
+    # pretend project has been removed
+    path = move_to_tmp(project.storage.project_dir)
+    assert os.path.exists(path)
+    # try with default value, dir is still not marked for removal
+    remove_temp_files()
+    assert os.path.exists(path)
+    # patch modification time of parent dir
+    t = datetime.utcnow() - timedelta(days=(app.config['TEMP_EXPIRATION']+1))
+    parent_dir = os.path.dirname(os.path.dirname(path))
+    os.utime(parent_dir, (datetime.timestamp(t), datetime.timestamp(t)))
+    remove_temp_files()
+    assert not os.path.exists(path)
+
+
+def test_remove_deleted_project_backups(client):
+    resp = client.delete('/v1/project/{}/{}'.format(test_namespace, test_project))
+    assert resp.status_code == 200
+    rp = RemovedProject.query.filter_by(namespace=test_namespace, name=test_project).first()
+    rp.timestamp = datetime.utcnow() - timedelta(days=(client.application.config['DELETED_PROJECT_EXPIRATION']+1))
+    rp_dir = os.path.abspath(
+        os.path.join(client.application.config["LOCAL_PROJECTS"], rp.properties["storage_params"]["location"]))
+    assert os.path.exists(rp_dir)
+    remove_projects_backups()
+    assert not RemovedProject.query.filter_by(namespace=test_namespace, name=test_project).count()
+    assert not os.path.exists(rp_dir)
+
+
+def test_remove_accounts_data(client):
+    usr = add_user("test1", "test")
+    usr2 = add_user("test2", "test")
+    usr2_id = usr2.id
+    org = create_organisation("test_organisation", usr)
+    org_id = org.id
+    p = create_project("test1", "test1", usr)
+    p3 = create_project("test_delete", "test1", usr)
+    p2 = create_project("test_organisation_project", "test_organisation", usr)
+    project_location = p.storage.project_dir
+    project2_location = p2.storage.project_dir
+    project3_location = p3.storage.project_dir
+
+    resp = client.delete('/v1/project/{}/{}'.format("test1", "test_delete"))
+    assert resp.status_code == 200
+    assert 1 == RemovedProject.query.filter_by(namespace="test1", name="test_delete").count()
+    assert os.path.exists(project3_location)
+
+    usr.inactive_since = datetime.today() - timedelta(days=Configuration.CLOSED_ACCOUNT_EXPIRATION + 0.5)
+    usr.active = False
+    usr_id = usr.id
+    org.owners.append(usr2.id)
+    flag_modified(org, "owners")
+    db.session.add(org)
+    db.session.commit()
+
+    remove_accounts_data()
+
+    usr = User.query.get(usr_id)
+    assert "deleted" in usr.username
+    assert not os.path.exists(project_location)
+    namespace = Namespace.query.filter(Namespace.name == usr.username).first()
+    assert namespace
+    assert 0 == RemovedProject.query.filter_by(namespace="test1", name="test_delete").count()
+    assert not os.path.exists(project3_location)
+
+    org = Organisation.query.get(org_id)
+    org.inactive_since = datetime.today() - timedelta(days=Configuration.CLOSED_ACCOUNT_EXPIRATION + 0.5)
+    org.active = False
+    db.session.commit()
+
+    remove_accounts_data()
+    org = Organisation.query.get(org_id)
+    assert "deleted" in org.name
+    namespace = Namespace.query.filter(Namespace.name == org.name).first()
+    assert namespace
+    usr2 = User.query.get(usr2_id)
+    assert usr2.username == "test2"
+    assert "test1" not in org.owners
+    assert not os.path.exists(project2_location)
+    project = Project.query.filter(Project.name == "test_organisation_project").first()
+    assert not project
diff --git a/server/test/test_db_hooks.py b/server/test/test_db_hooks.py
new file mode 100644
index 00000000..c1581080
--- /dev/null
+++ b/server/test/test_db_hooks.py
@@ -0,0 +1,153 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+import os
+from pathlib import Path
+
+from src.organisation.models import Organisation, OrganisationInvitation
+from src.models.db_models import Namespace, ProjectTransfer, Project, ProjectVersion, Upload, ProjectAccess, Account
+from src.auth.models import User, UserProfile
+from src import db
+from . import DEFAULT_USER, TEST_ORG
+from .utils import add_user, create_project, cleanup
+
+
+def test_remove_organisation(client, diff_project):
+    """ Test fully set up organisation is successfully removed incl:
+    - organisation project
+    - pending transfer
+    - pending invitation
+    - namespace
+    - associated files
+    """
+    org_project = 'test'
+    cleanup(client, [os.path.join(TEST_ORG, org_project)])
+
+    # set up
+    user = User.query.filter_by(username=DEFAULT_USER[0]).first()
+    org = Organisation(name=TEST_ORG, creator_id=user.id)
+    add_user('user', 'user')
+    invitation = OrganisationInvitation(TEST_ORG, 'user', 'reader')
+    db.session.add(org)
+    db.session.add(invitation)
+    db.session.commit()
+    project = create_project(org_project, TEST_ORG, user)
+    proj_dir = Path(project.storage.project_dir)
+    ns = Namespace.query.filter_by(name=org.name).first()
+    project_transfer = ProjectTransfer(diff_project, ns, user.id)
+    db.session.add(project_transfer)
+
+    # delete organisation and thus associated projects and other objects
+    account = Account.query.filter_by(type='organisation', owner_id=org.id).first()
+    db.session.delete(account)
+    db.session.commit()
+    db.session.delete(org)
+    db.session.commit()
+    assert not Organisation.query.filter_by(name=TEST_ORG).count()
+    assert not Namespace.query.filter_by(name=TEST_ORG).count()
+    assert not Project.query.filter_by(name=org_project, namespace=TEST_ORG).count()
+    assert not OrganisationInvitation.query.filter_by(org_name=TEST_ORG).count()  # handled as backreference
+    assert not ProjectTransfer.query.filter_by(to_ns_name=TEST_ORG).count()
+    assert not proj_dir.exists()
+
+
+def test_close_user_account(client, diff_project, test_organisation):
+    """ Test fully set up and active user is successfully removed incl:
+        - user profile
+        - user project
+        - pending transfer
+        - pending invitation
+        - namespace
+        - associated files
+        - membership in organisation
+        - project access to foreign projects
+    """
+    user_project = 'user_proj'
+    cleanup(client, [os.path.join('user', user_project)])
+    # set up
+    mergin_user = User.query.filter_by(username=DEFAULT_USER[0]).first()
+    user = add_user('user', 'user')
+    user_id = user.id
+    user_ns = Namespace.query.filter_by(name=user.username).first()
+    # user invited to TEST_ORG
+    invitation = OrganisationInvitation(test_organisation.name, 'user', 'reader')
+    db.session.add(invitation)
+    # user is member of another organisation
+    test_org = TEST_ORG + '2'
+    org = Organisation(name=test_org, creator_id=mergin_user.id)
+    org.owners.append(user.id)
+    db.session.add(org)
+    # user has access to mergin user diff_project
+    diff_project.access.writers.append(user.id)
+    # user contributed to another user project so he is listed in projects history
+    change = {'added': [], 'removed': [], 'renamed': [], 'updated': []}
+    pv = ProjectVersion(diff_project, 'v11', user.username, change, diff_project.files, '127.0.0.1')
+    db.session.add(pv)
+    db.session.add(diff_project)
+    # user has it's own project
+    p = create_project(user_project, user_ns.name, user)
+    # user requested transfer of his project to org
+    org_ns = Namespace.query.filter_by(name=org.name).first()
+    project_transfer_out = ProjectTransfer(p, org_ns, user.id)
+    db.session.add(project_transfer_out)
+    # create pending transfer to user's namespace
+    project_transfer_in = ProjectTransfer(diff_project, user_ns, mergin_user.id)
+    db.session.add(project_transfer_in)
+    # create user's own organisation to be closed with his account (since he is the only owner)
+    user_org = Organisation(name='user.org', creator_id=user.id)
+    org.owners.append(user.id)
+    db.session.add(user_org)
+    db.session.commit()
+
+    # now remove user
+    account = Account.query.filter_by(type="user", owner_id=user.id).first()
+    db.session.delete(account)
+    db.session.commit()
+    db.session.delete(user)
+    db.session.commit()
+    assert not User.query.filter_by(username='user').count()
+    assert not UserProfile.query.filter_by(user_id=user_id).count()  # handled as backreference
+    assert not Namespace.query.filter_by(name='user').count()
+    assert not Project.query.filter_by(name=user_project, namespace='user').count()
+    assert not OrganisationInvitation.query.filter_by(username='user').count()
+    assert not ProjectTransfer.query.filter_by(requested_by=user_id).count()
+    assert not ProjectTransfer.query.filter_by(to_ns_name='user').count()
+    assert user_id not in org.owners
+    assert user_id not in diff_project.access.writers
+    assert not Organisation.query.filter_by(name='user.org').count()
+    # user remains referenced in existing project version he created (as read-only ref)
+    assert diff_project.versions[0].author == 'user'
+
+
+def test_remove_project(client, diff_project, test_organisation):
+    """ Test active project is successfully removed incl:
+        - pending transfer
+        - pending upload
+        - project access
+        - project versions
+        - associated files
+    """
+    # set up
+    mergin_user = User.query.filter_by(username=DEFAULT_USER[0]).first()
+    project_dir = Path(diff_project.storage.project_dir)
+    project_name = diff_project.name
+    ns = Namespace.query.filter_by(name=test_organisation.name).first()
+    project_transfer = ProjectTransfer(diff_project, ns, mergin_user.id)
+    changes = {'added': [], 'removed': [], 'renamed': [], 'updated': []}
+    upload = Upload(diff_project, 10, changes, mergin_user.id)
+    db.session.add(project_transfer)
+    db.session.add(upload)
+    db.session.commit()
+    project_id = diff_project.id
+
+    # remove project
+    db.session.delete(diff_project)
+    db.session.commit()
+    assert not Project.query.filter_by(id=project_id).count()
+    assert not Upload.query.filter_by(project_id=project_id).count()
+    assert not ProjectVersion.query.filter_by(project_id=project_id).count()
+    assert not ProjectAccess.query.filter_by(project_id=project_id).count()
+    assert not ProjectTransfer.query.filter_by(project_id=project_id).count()
+    # files need to be deleted manually
+    assert project_dir.exists()
+    cleanup(client, [project_dir])
+
diff --git a/server/test/test_disk_utils.py b/server/test/test_disk_utils.py
new file mode 100644
index 00000000..f4c5f573
--- /dev/null
+++ b/server/test/test_disk_utils.py
@@ -0,0 +1,77 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+import os
+import tempfile
+import shutil
+import pytest
+from src.storages.disk import copy_file, copy_dir, move_to_tmp
+from src.mergin_utils import generate_checksum
+from . import test_project_dir
+
+
+def test_copy_remove_file(app):
+    f_old = os.path.join(test_project_dir, 'base.gpkg')
+    f_new = os.path.join(tempfile.gettempdir(), 'base.gpkg')
+    # clean up
+    if os.path.exists(f_new):
+        os.remove(f_new)
+
+    copy_file(f_old, f_new)
+    assert os.path.exists(f_new)
+    f_new_hash = generate_checksum(f_new)
+    assert f_new_hash == generate_checksum(f_old)
+
+    f_temp = move_to_tmp(f_new)
+    assert not os.path.exists(f_new)
+    assert os.path.exists(f_temp)
+    assert generate_checksum(f_temp) == f_new_hash
+
+
+def test_copy_remove_dir(app):
+    d_old = test_project_dir
+    d_new = os.path.join(tempfile.gettempdir(), 'new_dir')
+    # clean up
+    if os.path.exists(d_new):
+        shutil.rmtree(d_new)
+
+    copy_dir(d_old, d_new)
+    assert os.path.exists(d_new)
+    copied_files = []
+    for root, dirs, files in os.walk(d_old):
+        for file in files:
+            abs_path = os.path.abspath(os.path.join(root, file))
+            rel_path = os.path.relpath(abs_path, start=d_old)
+            f_copy = os.path.join(d_new, rel_path)
+            assert os.path.exists(f_copy)
+            assert generate_checksum(abs_path) == generate_checksum(f_copy)
+            copied_files.append(rel_path)
+
+    d_temp = move_to_tmp(d_new)
+    assert not os.path.exists(d_new)
+    assert os.path.exists(d_temp)
+    for f in copied_files:
+        assert os.path.exists(os.path.join(d_temp, f))
+
+    # try again to remove
+    assert not move_to_tmp(d_new)
+
+
+def test_failures():
+    # file copy source/destination is not a file type
+    with pytest.raises(IsADirectoryError):
+        copy_file(os.path.join(test_project_dir, 'base.gpkg'), tempfile.gettempdir())
+
+    with pytest.raises(FileNotFoundError):
+        copy_file(test_project_dir, os.path.join(tempfile.gettempdir(), 'base.gpkg'))
+
+    # src file does not exist
+    with pytest.raises(FileNotFoundError):
+        copy_file(os.path.join(test_project_dir, 'not-found.gpkg'), os.path.join(tempfile.gettempdir(), 'base.gpkg'))
+
+    # src directory is not valid
+    with pytest.raises(NotADirectoryError):
+        copy_dir(os.path.join(test_project_dir, 'base.gpkg'), os.path.join(tempfile.gettempdir(), 'new_dir'))
+
+    with pytest.raises(NotADirectoryError):
+        copy_dir(os.path.join(test_project_dir, 'not_found'), os.path.join(tempfile.gettempdir(), 'new_dir'))
diff --git a/server/test/test_namespace_controller.py b/server/test/test_namespace_controller.py
new file mode 100644
index 00000000..c5226269
--- /dev/null
+++ b/server/test/test_namespace_controller.py
@@ -0,0 +1,28 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+import pytest
+from .utils import add_user
+from . import json_headers, TEST_ORG
+
+
+@pytest.fixture(scope='function')
+def test_namespace(client):
+    add_user('user', 'user')
+    add_user('user2', 'user2')
+
+
+namespace_data = [
+    ('user', 'user', 2),  # if query=user
+    ('user', 'user2', 1),  # if query=user2
+    ('organisation', TEST_ORG, 1),  # if query=TEST_ORG
+    ('user', 'user3', 0),  # if query=user3, no namespace found
+]
+
+
+@pytest.mark.parametrize("namespace_type, query, expected", namespace_data)
+def test_get_namespaces(client, test_organisation, test_namespace, namespace_type, query, expected):
+    resp = client.get(f'/v1/namespaces/{namespace_type}?q={query}', headers=json_headers)
+    assert len(resp.json) == expected
+    if expected == 1:
+        assert resp.json[0]['name'] == query
diff --git a/server/test/test_organisations.py b/server/test/test_organisations.py
new file mode 100644
index 00000000..3cbf8275
--- /dev/null
+++ b/server/test/test_organisations.py
@@ -0,0 +1,339 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+import json
+import os
+import shutil
+import pytest
+from datetime import timedelta
+from flask import url_for
+from src.models.db_models import Namespace, Project, Account
+from src.organisation import Organisation, OrganisationInvitation
+from src.auth.models import User
+from src import db
+
+from .utils import add_user, create_project, DateTimeEncoder, login
+from .test_project_controller import _get_changes
+from . import json_headers, TEST_ORG, test_project_dir, DEFAULT_USER
+
+add_organisation_data = [
+    ({"name": TEST_ORG}, 201),
+    ({"name": TEST_ORG, "description": "test"}, 201),
+    ({"description": "test"}, 400),  # missing required field
+    ({"name": "#$&^*"}, 400)  # invalid field
+]
+
+
+@pytest.mark.parametrize("data,expected", add_organisation_data)
+def test_create_organisation(client, data, expected):
+    owner = User.query.filter_by(username='mergin').first()
+    resp = client.post(url_for('organisation.create_organisation'), data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == expected
+    if expected == 201:
+        assert Organisation.query.filter_by(name=TEST_ORG).count() == 1
+        assert Namespace.query.filter_by(name=TEST_ORG).count() == 1
+        org = Organisation.query.filter_by(name=TEST_ORG).first()
+        assert org.owners == [owner.id]
+        # call user profile endpoint to check its organisations
+        resp = client.get('/v1/user/owner')
+        assert resp.json['organisations'][org.name] == 'owner'
+
+
+def test_add_existing_org(client, test_organisation):
+    resp = client.post(url_for('organisation.create_organisation'), data=json.dumps({"name": TEST_ORG}), headers=json_headers)
+    assert resp.status_code == 409
+    resp = client.post(url_for('organisation.create_organisation'), data=json.dumps({"name": TEST_ORG.upper()}), headers=json_headers)
+    assert resp.status_code == 409
+
+    # test user with the same name as organisation can not be created
+    resp = client.post(
+        url_for('auth.register_user'),
+        data=json.dumps({'username': TEST_ORG, 'email': 'test@test.com'}),
+        headers=json_headers
+    )
+    assert resp.status_code == 400
+
+
+def test_free_orgs_limit(client, test_organisation):
+    url = url_for('organisation.create_organisation')
+    client.post(url, data=json.dumps({"name": "org2"}), headers=json_headers)
+    Namespace.query.filter_by(name="org2").update({"storage": 0})
+    client.post(url, data=json.dumps({"name": "org3"}), headers=json_headers)
+    Namespace.query.filter_by(name="org3").update({"storage": 0})
+    db.session.commit()
+    resp = client.post(url, data=json.dumps({"name": "org4"}), headers=json_headers)
+    assert resp.status_code == 400
+    assert resp.json["detail"] == "Too many free organisations"
+
+
+test_organisation_data = [
+    ('foo', 404),
+    (TEST_ORG, 200),
+]
+
+
+def test_list_organisations(client, test_organisation):
+    user = add_user('bob', 'foo')
+    login(client, 'bob', 'foo')
+    resp = client.get(url_for('organisation.get_organisations'))
+    assert resp.status_code == 200
+    assert len(json.loads(resp.data)) == 0
+
+    org = Organisation(name='bob-org', creator_id=user.id)
+    db.session.add(org)
+    db.session.commit()
+
+    resp = client.get(url_for('organisation.get_organisations'))
+    assert resp.status_code == 200
+    resp_data = json.loads(resp.data)
+    assert len(resp_data) == 1
+    assert resp_data[0]["name"] == 'bob-org'
+
+    # login as someone else (even admin)
+    login(client, 'mergin', 'ilovemergin')
+    resp = client.get(url_for('organisation.get_organisations'))
+    assert resp.status_code == 200
+    assert len(json.loads(resp.data)) == 1
+    assert json.loads(resp.data)[0]["name"] != 'bob-org'
+
+
+@pytest.mark.parametrize("name, status_code", test_organisation_data)
+def test_get_organisation(client, test_organisation, name, status_code):
+    resp = client.get(url_for('organisation.get_organisation_by_name', name=name))
+    assert resp.status_code == status_code
+    if resp.status_code == 200:
+        resp_data = json.loads(resp.data)
+        assert resp_data["name"] == name
+        assert DEFAULT_USER[0] in resp_data["owners"]
+
+
+def test_get_org_by_non_member(client, test_organisation):
+    add_user("test", "test")
+    login(client, "test", "test")
+    resp = client.get(url_for('organisation.get_organisation_by_name', name=TEST_ORG))
+    assert resp.status_code == 403
+
+
+def test_delete_organisation(client, test_organisation):
+    url = url_for('organisation.delete_organisation', name=TEST_ORG)
+    login(client, "admin", "admin")
+    resp = client.delete(url)
+    assert resp.status_code == 403
+
+    # create some project
+    owner = User.query.filter_by(username="owner").first()
+    project = create_project("test1", test_organisation.name, owner)
+    project_dir = project.storage.project_dir
+    assert os.path.exists(project_dir)
+
+    login(client, "owner", "owner")
+    resp = client.delete(url)
+    assert resp.status_code == 200
+    assert not Organisation.query.filter_by(name=TEST_ORG).count()
+    assert not Namespace.query.filter_by(name=TEST_ORG).count()
+    assert not Project.query.filter_by(namespace=TEST_ORG).count()
+    assert not os.path.exists(project_dir)
+
+
+def test_update_org(client, test_organisation):
+    url = url_for('organisation.update_organisation', name=TEST_ORG)
+    # login as owner
+    login(client, "owner", "owner")
+    data = {"description": "Foo"}
+
+    resp = client.patch(url, data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == 200
+    org = Organisation.query.filter_by(name=TEST_ORG).first()
+    assert org.description == "Foo"
+
+    # login with not-privileged user
+    login(client, "admin", "admin")
+    resp = client.patch(url, data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == 403
+
+
+def test_update_members(client, test_organisation):
+    url = url_for('organisation.update_access', name=TEST_ORG)
+    new_writer = add_user("writer", "writer")
+    login(client, "writer", "writer")
+    # check no access
+    resp = client.get(url_for('organisation.get_organisations', username='writer'))
+    assert not json.loads(resp.data)
+
+    # login with as admin
+    login(client, "admin", "admin")
+    data = {
+        "owners": ["owner"],
+        "admins": ["admin", "owner"],
+        "writers": ["admin", "writer"],
+        "readers": ["admin", "writer"]
+    }
+
+    resp = client.patch(url, data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == 200
+    org = Organisation.query.filter_by(name=TEST_ORG).first()
+    assert new_writer.id in org.writers
+    assert new_writer.id in org.readers
+
+    # login with not-privileged user
+    login(client, "writer", "writer")
+    resp = client.patch(url, data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == 403
+
+    # try to remove all members
+    login(client, "owner", "owner")
+    data = {"owners": [], "admins": [], "writers": [], "readers": []}
+    resp = client.patch(url, data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == 400
+
+
+@pytest.fixture(scope='function')
+def test_invitation(test_organisation):
+    # default organisation
+    add_user("user", "user")
+    add_user("user1", "user1")
+
+    invitation = OrganisationInvitation(TEST_ORG, 'user', 'admin')
+    db.session.add(invitation)
+    db.session.commit()
+
+
+create_invitation_data = [
+    ({"username": 'user1', "org_name": TEST_ORG, "role": 'admin'}, 'admin', 'admin', 201),  # admin create invitation
+    ({"username": 'user1', "org_name": TEST_ORG, "role": 'admin'}, 'owner', 'owner', 201),  # owner create invitation
+    ({"username": 'user1', "org_name": TEST_ORG, "role": 'admin'}, 'user', 'user', 403),  # user can't create invitation
+    ({"username": 'user', "org_name": TEST_ORG, "role": 'admin'}, 'admin', 'admin', 409),  # already exist
+    ({"username": 'user', "org_name": "org", "role": 'admin'}, 'admin', 'admin', 404),  # organisation not found
+    ({"username": 'user_test', "org_name": TEST_ORG, "role": 'admin'}, 'admin', 'admin', 404),  # user not found
+    ({"username": 'user', "org_name": TEST_ORG, "role": 'test'}, 'admin', 'admin', 400),  # wrong role
+]
+
+
+@pytest.mark.parametrize("data, username, password, expected", create_invitation_data)
+def test_create_invitation(client, test_invitation, data, username, password, expected):
+    login(client, username, password)
+    url = url_for('organisation.create_invitation')
+    resp = client.post(url, data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == expected
+    if expected == 201:
+        login(client, "user1", "user1")
+        url = url_for('organisation.get_invitations', type="user", name="user1")
+        resp = client.get(url, headers=json_headers)
+        assert resp.status_code == 200
+        assert len(resp.json) == 1
+        invitation = resp.json[0]
+        for key, value in data.items():
+            assert key in invitation.keys()
+            assert value == invitation[key]
+
+
+get_invitation_data = [
+    ('user', 1, 200),  # user can see invitation 1 (target)
+    ('admin', 1, 200),  # admin can see invitation 1 (admin of org)
+    ('user1', 1, 403),  # user1 can't see invitation 1
+    ('user', 2, 404),  # invitation 1 is not exist
+]
+
+
+@pytest.mark.parametrize("user, id, expected", get_invitation_data)
+def test_get_invitation(client, test_invitation, user, id, expected):
+    url = url_for('organisation.get_invitation', id=id)
+    login(client, user, user)
+    resp = client.get(url, headers=json_headers)
+    assert resp.status_code == expected
+
+
+@pytest.mark.parametrize("user, id, expected", get_invitation_data)
+def test_delete_invitation(client, test_invitation, user, id, expected):
+    url = url_for('organisation.delete_invitation', id=id)
+    login(client, user, user)
+    resp = client.delete(url, headers=json_headers)
+    assert resp.status_code == expected
+    if expected == 200:
+        url = url_for('organisation.get_invitation', id=id)
+        resp = client.get(url, headers=json_headers)
+        assert resp.status_code == 404
+
+
+test_accept_invitation_data = [
+    ('user', 1, False, 200),  # user can accept 1 (target)
+    ('user', 1, True, 400),  # user can accept 1 (target) but already expired
+    ('admin', 1, False, 403),  # admin can see invitation 1 (admin of org) but not the target
+    ('user1', 1, False, 403),  # user1 can't accept invitation 1
+    ('user', 2, False, 404),  # invitation 1 is not exist
+]
+
+
+@pytest.mark.parametrize("user, id, expired, expected", test_accept_invitation_data)
+def test_accept_invitation(client, test_invitation, user, id, expired, expected):
+    # if expired:
+    if expired:
+        invitation = OrganisationInvitation.query.first()
+        invitation.expire = invitation.expire - timedelta(
+            seconds=client.application.config['ORGANISATION_INVITATION_EXPIRATION'])
+        db.session.add(invitation)
+        db.session.commit()
+
+    url = url_for('organisation.accept_invitation', id=id)
+    login(client, user, user)
+    resp = client.post(url, headers=json_headers)
+    assert resp.status_code == expected
+    if expected == 200:
+        organisation = Organisation.query.first()
+        user = User.query.filter_by(username=user).first()
+        assert user.id in organisation.admins
+
+
+def test_upload_to_free_org(client, diff_project, test_organisation):
+    # clean up
+    proj_data = os.path.join(client.application.config['LOCAL_PROJECTS'], TEST_ORG, 'empty')
+    if os.path.exists(proj_data):
+        shutil.rmtree(proj_data)
+
+    login(client, 'mergin', 'ilovemergin')
+    # try clone to free organisation
+    data = {
+        'namespace': TEST_ORG,
+        'project': 'clone'
+    }
+    resp = client.post(f'/v1/project/clone/{DEFAULT_USER[0]}/test', data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == 400
+    assert 'Disk quota reached' in resp.json['detail']
+
+    # create empty project and then push to
+    data = {'name': 'empty'}
+    resp = client.post(f'/v1/project/{TEST_ORG}', data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == 200
+
+    data = {'version': 'v0', 'changes': _get_changes(test_project_dir)}
+    resp = client.post(f'/v1/project/push/{TEST_ORG}/empty', data=json.dumps(data, cls=DateTimeEncoder).encode("utf-8"), headers=json_headers)
+    assert resp.status_code == 400
+    assert 'You have reached a data limit' in resp.json['detail']
+
+
+def test_fetch_organisation_projects(client, test_organisation):
+    login(client, 'mergin', 'ilovemergin')
+    resp = client.post(f'/v1/project/{TEST_ORG}', data=json.dumps({"name": "org_project"}), headers=json_headers)
+    assert resp.status_code == 200
+    resp = client.post(f'/v1/project/{DEFAULT_USER[0]}', data=json.dumps({"name": "usr_project"}), headers=json_headers)
+    assert resp.status_code == 200
+    url = '/v1/project?flag=shared'
+    resp = client.get(url, headers=json_headers)
+    assert resp.status_code == 200
+    resp_data = json.loads(resp.data)
+    assert len(resp_data) == 1
+
+    login(client, "admin", "admin")
+    url = '/v1/project?flag=shared'
+    resp = client.get(url, headers=json_headers)
+    assert resp.status_code == 200
+    resp_data = json.loads(resp.data)
+    assert len(resp_data) == 1
+
+    add_user("random", "random")
+    login(client, "random", "random")
+    url = '/v1/project?flag=shared'
+    resp = client.get(url, headers=json_headers)
+    assert resp.status_code == 200
+    resp_data = json.loads(resp.data)
+    assert not len(resp_data)
diff --git a/server/test/test_permissions.py b/server/test/test_permissions.py
new file mode 100644
index 00000000..1035c6ee
--- /dev/null
+++ b/server/test/test_permissions.py
@@ -0,0 +1,120 @@
+import json
+from flask import url_for
+from flask_login import AnonymousUserMixin
+from sqlalchemy.orm.attributes import flag_modified
+
+from src.permissions import require_project, ProjectPermissions
+from src.models.db_models import Namespace, Project, ProjectAccess
+from src.auth.models import User
+from src import db
+from .utils import login, add_user, create_project
+from . import json_headers, TEST_ORG, DEFAULT_USER
+
+
+def test_organisation_permissions(client, test_organisation):
+    user = add_user("random", "random")
+    admin = User.query.filter_by(username=DEFAULT_USER[0]).first()
+    project = create_project("foo", TEST_ORG, admin)
+
+    assert not ProjectPermissions.Upload.check(project,  user)
+    assert not ProjectPermissions.Delete.check(project, user)
+    assert not ProjectPermissions.Read.check(project, user)
+    assert not ProjectPermissions.Update.check(project,  user)
+
+    test_organisation.readers.append(user.id)
+    flag_modified(test_organisation, "readers")
+    db.session.commit()
+
+    assert ProjectPermissions.Read.check(project, user)
+    assert not ProjectPermissions.Upload.check(project, user)
+    assert not ProjectPermissions.Delete.check(project, user)
+    assert not ProjectPermissions.Update.check(project, user)
+
+    test_organisation.writers.append(user.id)
+    flag_modified(test_organisation, "writers")
+    db.session.commit()
+
+    assert ProjectPermissions.Read.check(project, user)
+    assert ProjectPermissions.Upload.check(project, user)
+    assert ProjectPermissions.Delete.check(project, user)
+    assert ProjectPermissions.Update.check(project, user)
+
+
+def test_project_permissions(client):
+    data = {"name": 'foo'}
+    resp = client.post('/v1/project/{}'.format("mergin"), data=json.dumps(data), headers=json_headers)
+
+    user = add_user("random", "random")
+    project = Project.query.filter_by(name="foo", namespace="mergin").first()
+
+    assert not ProjectPermissions.Upload.check(project, user)
+    assert not ProjectPermissions.Delete.check(project, user)
+    assert not ProjectPermissions.Read.check(project, user)
+    assert not ProjectPermissions.Update.check(project, user)
+
+    pa = project.access
+    pa.readers.append(user.id)
+    flag_modified(pa, "readers")
+    db.session.commit()
+
+    assert ProjectPermissions.Read.check(project, user)
+    assert not ProjectPermissions.Upload.check(project, user)
+    assert not ProjectPermissions.Delete.check(project, user)
+    assert not ProjectPermissions.Update.check(project, user)
+
+    pa.writers.append(user.id)
+    flag_modified(pa, "writers")
+    db.session.commit()
+
+    assert ProjectPermissions.Read.check(project, user)
+    assert ProjectPermissions.Upload.check(project, user)
+    assert not ProjectPermissions.Delete.check(project, user)
+    assert not ProjectPermissions.Update.check(project, user)
+
+    # when users is removed from readers can not read a project anymore but still can write into it
+    pa.readers.clear()
+    flag_modified(pa, "readers")
+    db.session.commit()
+
+    assert not ProjectPermissions.Read.check(project, user)
+    assert ProjectPermissions.Upload.check(project, user)
+
+    # testing owner permissions
+    user = User.query.filter_by(username='mergin').first()
+
+    assert ProjectPermissions.Read.check(project, user)
+    assert ProjectPermissions.Upload.check(project, user)
+    assert ProjectPermissions.Delete.check(project, user)
+    assert ProjectPermissions.Update.check(project, user)
+
+    # test AnonymousUserMixin
+    client.get(url_for('auth.logout'))
+    user = AnonymousUserMixin()
+    assert not ProjectPermissions.Read.check(project, user)
+    project.access.public = True
+    db.session.commit()
+    assert ProjectPermissions.Read.check(project, user)
+    assert not ProjectPermissions.Update.check(project, user)
+    assert not ProjectPermissions.Upload.check(project, user)
+
+
+def test_permission_to_create_project(client, test_organisation):
+    user = add_user("random", "random")
+    login(client, "random", "random")
+    resp = client.post('/v1/project/{}'.format(TEST_ORG), data=json.dumps({"name": "foo"}), headers=json_headers)
+    assert resp.status_code == 403
+
+    test_organisation.readers.append(user.id)
+    flag_modified(test_organisation, "readers")
+    db.session.commit()
+    resp = client.post('/v1/project/{}'.format(TEST_ORG), data=json.dumps({"name": "foo"}), headers=json_headers)
+    assert resp.status_code == 403
+
+    test_organisation.writers.append(user.id)
+    flag_modified(test_organisation, "writers")
+    db.session.commit()
+    resp = client.post('/v1/project/{}'.format(TEST_ORG), data=json.dumps({"name": "foo"}), headers=json_headers)
+    assert resp.status_code == 200
+
+    resp = client.post('/v1/project/{}'.format("mergin"), data=json.dumps({"name": "foo"}), headers=json_headers)
+    assert resp.status_code == 403
diff --git a/server/test/test_project_controller.py b/server/test/test_project_controller.py
new file mode 100644
index 00000000..6ee719f1
--- /dev/null
+++ b/server/test/test_project_controller.py
@@ -0,0 +1,1191 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+import os
+import pytest
+import json
+import uuid
+import math
+import time
+import hashlib
+import shutil
+from datetime import datetime
+from dateutil.tz import tzlocal
+from pygeodiff import GeoDiff
+from flask import url_for, current_app
+
+from src import db
+from src.models.db_models import (Project, Upload, ProjectVersion, ProjectAccess, ProjectTransfer,
+                                  Namespace, Account, RemovedProject)
+from src.models.schemas import ProjectSchema
+from src.mergin_utils import generate_checksum, is_versioned_file, resolve_tags
+from src.auth.models import User, UserProfile
+
+from . import test_project, test_namespace, test_project_dir, json_headers, TMP_DIR
+from .utils import add_user, create_project, DateTimeEncoder, initialize
+
+CHUNK_SIZE = 1024
+
+
+def test_file_history(client, diff_project):
+    resp = client.get('/v1/resource/history/{}/{}?path={}'.format(test_namespace, test_project, 'test.gpkg'))
+    history = resp.json['history']
+    assert resp.status_code == 200
+    assert 'v2' not in history
+    assert 'v8' not in history
+    assert history['v3']['change'] == 'added'
+    assert history['v9']['change'] == 'updated'
+    assert 'location' not in history['v9']
+    assert 'expiration' in history['v9']
+
+    resp = client.get('/v1/project/{}/{}?since=v1'.format(test_namespace, test_project))
+    files = resp.json["files"]
+    history = files[-1]["history"]
+    assert files[-1]["path"] == 'test.gpkg'
+    assert resp.status_code == 200
+    assert 'v2' not in history
+    assert 'v8' not in history
+    assert history['v3']['change'] == 'added'
+    assert history['v9']['change'] == 'updated'
+
+    resp = client.get('/v1/project/{}/{}?since=v4'.format(test_namespace, test_project))
+    files = resp.json["files"]
+    history = files[-1]["history"]
+    assert files[-1]["path"] == 'test.gpkg'
+    assert resp.status_code == 200
+    assert 'v3' not in history
+    assert history['v9']['change'] == 'updated'
+
+    # check geodiff changeset in project version object
+    resp = client.get('/v1/project/version/{}/{}?version_id=v9'.format(test_namespace, test_project))
+    version_info = resp.json[0]
+    assert "changesets" in version_info
+    # the only diff update in version v9 is test.gpkg
+    assert len(version_info["changesets"].keys()) == 1
+    assert "test.gpkg" in version_info["changesets"]
+    assert "summary" in version_info["changesets"]["test.gpkg"]
+    assert "size" in version_info["changesets"]["test.gpkg"]
+    # test when no diffs were applied
+    resp = client.get('/v1/project/version/{}/{}?version_id=v10'.format(test_namespace, test_project))
+    assert not resp.json[0]["changesets"]
+
+    # not geodiff file -> empty history
+    resp = client.get('/v1/resource/history/{}/{}?path={}'.format(test_namespace, test_project, 'test_dir/test2.txt'))
+    assert resp.status_code == 200
+    assert not resp.json['history']
+
+    # not existing file
+    resp = client.get('/v1/resource/history/{}/{}?path={}'.format(test_namespace, test_project, 'not_existing.txt'))
+    assert resp.status_code == 404
+
+    # test to delete user and account with all of depended entries
+    # user delete -> profile  + do account delete -> namespace -> project -> (version, upload, transfer, access)
+    account = Account.query.filter_by(type="user", owner_id=1).first()
+    db.session.delete(account)
+    User.query.filter_by(username="mergin").delete()
+    db.session.commit()
+    project = Project.query.first()
+    upload = Upload.query.first()
+    ns = Namespace.query.first()
+    assert not project
+    assert not upload
+    assert not ns
+
+
+def test_get_projects(app):
+    app.config['BEARER_TOKEN_EXPIRATION'] = 4
+    client = app.test_client()
+    response = client.post("/v1/auth/login", data=json.dumps({'login': 'mergin', 'password': 'ilovemergin'}),
+                headers=json_headers)
+    data = json.loads(response.data)
+    session = data["session"]
+    token = session["token"]
+    resp = client.get('/v1/project')
+    assert resp.status_code == 200
+    resp_data = json.loads(resp.data)
+    assert len(resp_data)
+    assert test_project in resp_data[0]["name"]
+    time.sleep(5)
+    url = '/v1/project?flag=created'
+    resp = client.get(url, headers={"Authorization": f"Bearer {token}"})
+    assert resp.status_code == 401
+
+
+def test_get_paginated_projects(client):
+    user = User.query.filter_by(username="mergin").first()
+    for i in range(14):
+        create_project('foo' + str(i), test_namespace, user)
+
+    resp = client.get('/v1/project/paginated?page=1&per_page=10&as_admin=true')
+    assert resp.status_code == 200
+    resp_data = json.loads(resp.data)
+    assert len(resp_data.get("projects")) == 10
+    assert resp_data.get("count") == 15
+    assert "foo8" in resp_data.get("projects")[9]["name"]
+    assert "v0" == resp_data.get("projects")[9]["version"]
+
+    resp = client.get('/v1/project/paginated?page=1&per_page=10&order_params=updated_desc')
+    resp_data = json.loads(resp.data)
+    assert test_project in resp_data.get("projects")[0]["name"]
+
+    resp = client.get('/v1/project/paginated?page=2&per_page=10&order_params=namespace_asc,updated_desc')
+    resp_data = json.loads(resp.data)
+    assert len(resp_data.get("projects")) == 5
+    assert resp_data.get("count") == 15
+    assert "foo0" in resp_data.get("projects")[4]["name"]
+
+    resp = client.get('/v1/project/paginated?page=1&per_page=10&order_params=updated_desc&namespace=foo1')
+    resp_data = json.loads(resp.data)
+    assert resp_data.get("count") == 0
+
+    resp = client.get('/v1/project/paginated?page=1&per_page=10&name=foo1')
+    resp_data = json.loads(resp.data)
+    assert resp_data.get("count") == 5
+
+    resp = client.get('/v1/project/paginated?page=1&per_page=101&name=foo1')
+    assert resp.status_code == 400
+    assert '101 is greater than the maximum of 100' in resp.json.get('detail')
+
+    add_user('user2', 'ilovemergin')
+    user2 = User.query.filter_by(username="user2").first()
+    create_project('foo_a', 'user2', user2)
+
+    resp = client.get('/v1/project/paginated?page=1&per_page=10&only_namespace=user2&as_admin=true')
+    resp_data = json.loads(resp.data)
+    assert resp.status_code == 200
+    assert len(resp_data.get("projects")) == 1
+    assert resp_data.get("count") == 1
+    assert "foo_a" in resp_data.get("projects")[0]["name"]
+
+    resp = client.get('/v1/project/paginated?page=1&per_page=10&only_namespace=user2')
+    resp_data = json.loads(resp.data)
+    assert resp.status_code == 200
+    assert len(resp_data.get("projects")) == 0
+    assert resp_data.get("count") == 0
+
+    project = Project.query.filter(Project.name == "foo_a").first()
+    readers = project.access.readers.copy()
+    readers.append(user.id)
+    project.access.readers = readers
+    # flag_modified(project.access, "owners")
+    db.session.commit()
+
+    resp = client.get('/v1/project/paginated?page=1&per_page=10&only_namespace=user2')
+    resp_data = json.loads(resp.data)
+    assert resp.status_code == 200
+    assert len(resp_data.get("projects")) == 1
+    assert resp_data.get("count") == 1
+
+    project = Project.query.filter(Project.name == "foo_a").first()
+    readers = project.access.readers.copy()
+    readers.remove(user.id)
+    project.access.readers = readers
+    project.access.public = True
+    project.updated = datetime.utcnow()
+    db.session.commit()
+
+    resp = client.get('/v1/project/paginated?page=1&per_page=10&name=foo_a')
+    resp_data = json.loads(resp.data)
+    assert resp.status_code == 200
+    assert resp_data.get("projects")[0]["name"] == "foo_a"
+
+    # searching also in namespace
+    resp = client.get('/v1/project/paginated?page=1&per_page=10&name=user')
+    resp_data = json.loads(resp.data)
+    assert resp.status_code == 200
+    assert resp_data.get("count") == 1
+
+    resp = client.get('/v1/project/paginated?page=1&per_page=10&only_public=true')
+    resp_data = json.loads(resp.data)
+    assert resp.status_code == 200
+    assert resp_data.get("count") == 2
+
+    resp = client.get('/v1/project/paginated?page=1&per_page=10&name=foo_a&public=false')
+    resp_data = json.loads(resp.data)
+    assert resp.status_code == 200
+    assert len(resp_data.get("projects")) == 0
+
+    resp = client.get('/v1/project/paginated?page=1&per_page=15&name=test')
+    resp_data = json.loads(resp.data)
+    assert resp.status_code == 200
+    assert resp_data.get("count") == 1
+    assert not resp_data.get("projects")[0].get("has_conflict")
+
+    # tests if project contains conflict files
+    project = Project.query.filter(Project.name == "test").first()
+    files = project.files.copy()
+    files.append({
+        'checksum': '89469a6482267de394c7c7270cb7ffafe694ea76',
+        'location': 'v1/base.gpkg_rebase_conflicts',
+        'mtime': '2021-04-14T17:33:32.766731Z',
+        'path': 'base.gpkg_rebase_conflicts',
+        'size': 98304
+    })
+    project.files = files
+    db.session.commit()
+
+    resp = client.get('/v1/project/paginated?page=1&per_page=15&name=test')
+    resp_data = json.loads(resp.data)
+    assert resp.status_code == 200
+    assert resp_data.get("count") == 1
+    assert resp_data.get("projects")[0].get("has_conflict")
+
+    files = project.files.copy()
+    files.remove([f for f in files if f.get('path') == 'base.gpkg'][0])
+    project.files = files
+    db.session.commit()
+
+    resp = client.get('/v1/project/paginated?page=1&per_page=15&name=test')
+    resp_data = json.loads(resp.data)
+    assert resp.status_code == 200
+    assert resp_data.get("count") == 1
+    assert not resp_data.get("projects")[0].get("has_conflict")
+
+
+def test_get_projects_by_names(client):
+    user = User.query.filter_by(username="mergin").first()
+    create_project('foo', test_namespace, user)
+    add_user('user2', 'ilovemergin')
+    user2 = User.query.filter_by(username="user2").first()
+    create_project('foo', 'user2', user2)
+    create_project('other', 'user2', user2)
+
+    data = {"projects": [
+        "mergin/foo",
+        "user2/foo",
+        "user2/other",
+        "something"
+    ]}
+    resp = client.post('/v1/project/by_names', data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == 200
+    resp_data = json.loads(resp.data)
+    assert resp_data.get("mergin/foo").get("name") == "foo"
+    assert resp_data.get("user2/foo").get("error") == 403
+    assert resp_data.get("user2/other").get("error") == 403
+    assert resp_data.get("something").get("error") == 404
+
+
+add_project_data = [
+    ({"name": ' foo ', "template": test_project}, 200),  # valid project name, whitespace will be removed
+    ({"name": 'foo/bar', "template": test_project}, 400),  # invalid project name
+    ({"name": 'ba%r', "template": test_project}, 400),  # invalid project name
+    ({"name": 'bar*', "template": test_project}, 200),  # valid project name
+    ({"name": test_project}, 409),
+]
+
+
+@pytest.mark.parametrize("data,expected", add_project_data)
+def test_add_project(client, app, data, expected):
+    # add TEMPLATES user and make him creator of test_project (to become template)
+    user = User(username='TEMPLATES', passwd='templates', is_admin=False, email='templates@mergin.com')
+    user.active = True
+    db.session.add(user)
+    template = Project.query.filter_by(name=test_project, namespace=test_namespace).first()
+    template.creator = user
+    db.session.commit()
+
+    resp = client.post('/v1/project/{}'.format(test_namespace), data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == expected
+    if expected == 200:
+        project = Project.query.filter_by(name=data['name'].strip(), namespace=test_namespace).first()
+        assert not any(x['checksum'] != y['checksum'] and x['path'] != y['path'] for x, y in zip(project.files, template.files))
+        assert project.versions[0].user_agent is not None
+        shutil.rmtree(os.path.join(app.config['LOCAL_PROJECTS'], project.storage.project_dir)) # cleanup
+
+
+def test_versioning(client):
+    # test if blank project has version set up to v0
+    resp = client.post('/v1/project/{}'.format(test_namespace), data=json.dumps({"name": "version_test"}), headers=json_headers)
+    assert resp.status_code == 200
+    project = Project.query.filter_by(name="version_test", namespace=test_namespace).first()
+    assert project.versions[0].name == "v0"
+    assert project.versions[0].project_size == 0
+
+    # testing if versions related to same project name and different namespace is not deleted
+    user = User(username='version', passwd='version', is_admin=True, email='version@mergin.com')
+    user.active = True
+    db.session.add(user)
+    db.session.commit()
+    client.get(url_for('auth.logout'))
+    client.post(url_for('auth.login'), data=json.dumps({'login': "version", 'password': 'version'}),
+                headers=json_headers)
+
+    resp = client.post('/v1/project/{}'.format("version"), data=json.dumps({"name": "version_test"}),
+                       headers=json_headers)
+    client.delete('/v1/project/{}/{}'.format("version", "version_test"))
+    assert resp.status_code == 200
+    project = Project.query.filter_by(name="version_test", namespace=test_namespace).first()
+    assert len(project.versions) == 1
+
+
+def test_delete_project(client):
+    project = Project.query.filter_by(namespace=test_namespace, name=test_project).first()
+    creator_id = project.creator_id
+    files = project.files
+    changes = project.versions[0].changes
+    project_dir = project.storage.project_dir
+    assert os.path.exists(project_dir)
+    assert not RemovedProject.query.filter_by(namespace=test_namespace, name=test_project).count()
+    resp = client.delete('/v1/project/{}/{}'.format(test_namespace, test_project))
+    assert resp.status_code == 200
+    assert not Project.query.filter_by(namespace=test_namespace, name=test_project).count()
+    rp = RemovedProject.query.filter_by(namespace=test_namespace, name=test_project).first()
+    assert rp.properties["creator_id"] == creator_id
+    assert rp.properties["files"] == files
+    assert rp.properties["versions"][0]["changes"] == changes
+    assert os.path.exists(project_dir)  # files not deleted yet, since there is possibility of restore
+
+    # do permanent delete by removing backup
+    resp = client.delete(url_for('retire_removed_project', id=rp.id))
+    assert resp.status_code == 204
+    assert not RemovedProject.query.filter_by(namespace=test_namespace, name=test_project).count()
+    assert not os.path.exists(project_dir)
+
+
+def test_restore_project(client):
+    project = Project.query.filter_by(namespace=test_namespace, name=test_project).first()
+    creator_id = project.creator_id
+    files = project.files
+    changes = project.versions[0].changes
+    project_dir = project.storage.project_dir
+    project_info = ProjectSchema(exclude=("permissions", "access", )).dump(project)
+    client.delete(f"/v1/project/{test_namespace}/{test_project}")
+
+    # test listing
+    resp = client.get(url_for("paginate_removed_projects"))
+    assert resp.json["count"] == 1
+    rp = resp.json["projects"][0]
+    resp = client.post(url_for("restore_project", id=rp["id"]))
+    assert resp.status_code == 201
+
+    restored_project = Project.query.filter_by(namespace=test_namespace, name=test_project).first()
+    assert restored_project.creator_id == creator_id
+    assert restored_project.files == files
+    assert restored_project.versions[0].changes == changes
+    assert restored_project.access.owners[0] == creator_id
+    assert os.path.exists(project_dir)
+    assert ProjectSchema(exclude=("permissions", "access", )).dump(restored_project) == project_info
+
+
+test_project_data = [
+    ({"storage_params": {"type": "local", "location": "some_test"}, "name": test_project}, 200),
+    ({"storage_params": {"type": "local", "location": 'foo'}, "name": 'bar'}, 404),
+]
+
+
+@pytest.mark.parametrize("data,expected", test_project_data)
+def test_get_project(client, data, expected):
+    resp = client.get('/v1/project/{}/{}'.format(test_namespace, data["name"]))
+    assert resp.status_code == expected
+    if expected == 200:
+        resp_data = json.loads(resp.data)
+        assert test_project in resp_data["name"]
+        assert len(resp_data["access"]["owners"])
+        owner = User.query.get(resp_data["access"]["owners"][0])
+        assert resp_data["access"]["ownersnames"][0] == owner.username
+
+
+test_history_data = [
+    ('v9', {'basefile': {}, 'versions': ['v9']}),
+    ('v5', {'basefile': {}, 'versions': ['v9', 'v7', 'v6', 'v5']}),
+    ('v4', {'basefile': {'path': 'base.gpkg', 'version': 'v5'}, 'versions': ['v9', 'v7', 'v6', 'v5', 'v4']}),
+    ('v1', {'basefile': {'path': 'base.gpkg', 'version': 'v5'}, 'versions': ['v9', 'v7', 'v6', 'v5', 'v4', 'v3']})  # after remove we can't go any further in history
+]
+
+
+@pytest.mark.parametrize("version,expected", test_history_data)
+def test_get_project_with_history(client, diff_project, version, expected):
+    resp = client.get('/v1/project/{}/{}?since={}'.format(test_namespace, test_project, version))
+    assert resp.status_code == 200
+    history = next(item['history'] for item in resp.json['files'] if item['path'] == 'test.gpkg')
+    assert set(expected['versions']) == set(history.keys())
+    if expected['basefile']:
+        ver = expected['basefile']['version']
+        assert history[ver]['path'] == expected['basefile']['path']
+        assert 'diff' not in history[ver]
+
+
+def test_get_project_at_version(client, diff_project):
+    resp = client.get(f'/v1/project/{test_namespace}/{test_project}')
+    latest_project = resp.json
+    version = 'v5'
+    resp2 = client.get(f'/v1/project/{test_namespace}/{test_project}?version={version}')
+    info = resp2.json
+    # check version non-specific data
+    for key in ['created', 'creator', 'uploads', 'name', 'namespace', 'access', 'permissions']:
+        assert info[key] == latest_project[key]
+    assert info['version'] == version
+    version_obj = next(v for v in diff_project.versions if v.name == version)
+    assert len(info['files']) == len(version_obj.files)
+    assert info['updated'] == version_obj.created.strftime('%Y-%m-%dT%H:%M:%S%zZ')
+    assert info['tags'] == ['valid_qgis', 'input_use']
+    assert info['disk_usage'] == sum(f["size"] for f in version_obj.files)
+
+    # compare with most recent version
+    version = 'v10'
+    resp3 = client.get(f'/v1/project/{test_namespace}/{test_project}?version={version}')
+    for key, value in latest_project.items():
+        # skip updated column as that one would differ slightly due to delay between project and version object update
+        if key == 'updated' or key == 'access_requests' or 'latest_version':
+            continue
+        assert value == resp3.json[key]
+
+    resp4 = client.get(f'/v1/project/{test_namespace}/{test_project}?version=v100')
+    assert resp4.status_code == 404
+
+    resp5 = client.get(f'/v1/project/{test_namespace}/{test_project}?version=v1&since=v1')
+    assert resp5.status_code == 400
+
+
+def test_update_project(client):
+    project = Project.query.filter_by(name=test_project, namespace=test_namespace).first()
+    # need for private project
+    project.access.public = False
+    db.session.add(project)
+    # add some tester
+    test_user = User(username='tester', passwd='tester', is_admin=False, email='tester@mergin.com')
+    test_user.active = True
+    test_user.profile = UserProfile()
+    db.session.add(test_user)
+    db.session.commit()
+
+    # add test user as reader to project
+    data = {"access": {"readers": project.access.readers + [test_user.id]}}
+    resp = client.put('/v1/project/{}/{}'.format(test_namespace, test_project), data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == 200
+    assert test_user.id in project.access.readers
+
+    # try to remove project creator from owners
+    data = {"access": {"owners": [test_user.id]}}
+    resp = client.put('/v1/project/{}/{}'.format(test_namespace, test_project), data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == 400
+
+
+test_download_proj_data = [
+    (test_project, None, 200, None),
+    (test_project, "zip", 200, None),
+    (test_project, "foo", 400, None),
+    ('bar', None, 404, None),
+    (test_project, None, 200, 'v1'),
+    (test_project, "zip", 200, 'v1'),
+    (test_project, "foo", 400, 'v1'),
+    ('bar', None, 404, 'v99'),
+    (test_project, None, 404, 'v100'),
+    (test_project, "zip", 404, 'v100'),
+    (test_project, "foo", 400, 'v100'),
+    ('bar', None, 404, 'v100')
+]
+
+
+@pytest.mark.parametrize("proj_name,out_format,expected,version", test_download_proj_data)
+def test_download_project(client, proj_name, out_format, expected, version):
+    if out_format:
+        resp = client.get('/v1/project/download/{}/{}?{}format={}'.format(
+            test_namespace, proj_name,
+            'version={}&'.format(version) if version else '',
+            out_format
+        ))
+        if expected == 200:
+            header = 'attachment; filename={}{}.zip'.format(
+                proj_name, '-' + version if version else '')
+            assert header in resp.headers[1][1]
+    else:
+        resp = client.get('/v1/project/download/{}/{}{}'.format(
+            test_namespace, proj_name,
+            '?version={}'.format(version) if version else ''))
+        if expected == 200:
+            assert 'multipart/form-data' in resp.headers[0][1]
+
+    assert resp.status_code == expected
+
+
+test_download_file_data = [
+    (test_project, 'test.txt', 'text/plain', 200),
+    (test_project, 'logo.pdf', 'application/pdf', 200),
+    (test_project, 'logo.jpeg', 'image/jpeg', 200),
+    (test_project, 'base.gpkg', 'None', 200),
+    (test_project, 'json.json', 'text/plain', 200),
+    (test_project, 'foo.txt', None, 404),
+    ('bar', 'test.txt', None, 404)
+]
+
+
+@pytest.mark.parametrize("proj_name,file_path,mimetype,expected", test_download_file_data)
+def test_download_file(client, proj_name, file_path, mimetype, expected):
+    resp = client.get('/v1/project/raw/{}/{}?file={}'.format(test_namespace, proj_name, file_path))
+    assert resp.status_code == expected
+    if resp.status_code == 200:
+        assert resp.headers["content-type"] == mimetype
+
+
+test_download_file_version_data = [
+    (test_project, 'v8', 'base.gpkg', 404),  # version does not has base.gpkg (but test.gpkg)
+    (test_project, 'v8', 'test.gpkg', 200),  # version has test.gpkg because renamed but nothing uploaded
+    (test_project, 'v9', 'test.gpkg', 200),  # actual changed happened (update with diff)
+    (test_project, 'v10', 'test.gpkg', 200),  # again, file as not changed
+    (test_project, 'v1', 'test.txt', 200),  # initial file (ordinary text file)
+    (test_project, 'v10', 'test.txt', 200),  # unmodified file (ordinary text file)
+]
+
+
+@pytest.mark.parametrize("proj_name,version,file_path,expected", test_download_file_version_data)
+def test_download_file_by_version(client, diff_project, proj_name, version, file_path, expected):
+    project = diff_project
+
+    project_version = next((v for v in project.versions if v.name == version), None)
+    for file in project_version.files:
+        if not is_versioned_file(file['path']):
+            continue
+
+        # let's delete the file, so it can be restored
+        if file['path'] == file_path:
+            file_location = os.path.join(project.storage.project_dir, file['location'])
+            os.remove(file_location)
+
+    # download whole files, no diffs
+    resp = client.get('/v1/project/raw/{}/{}?file={}&version={}'.format(test_namespace, proj_name, file_path, version))
+    assert resp.status_code == expected
+
+test_download_file_diffs_data = [
+    (test_project, '', 'base.gpkg', 400),  # no version specified
+    (test_project, 'v3', 'base.gpkg', 404),  # upload
+    (test_project, 'v4', 'base.gpkg', 200),  # update with diff
+    (test_project, 'v5', 'base.gpkg', 404),  # forced update without diff
+    (test_project, 'v10', 'test.gpkg', 404),  # nothing changed
+    (test_project, 'v1', 'test.txt', 404),  # ordinary text file
+]
+
+@pytest.mark.parametrize("proj_name,version,file_path,expected", test_download_file_diffs_data)
+def test_download_file_version_diffs(client, diff_project, proj_name, version, file_path, expected):
+    # download only diffs
+    resp = client.get(f'/v1/project/raw/{test_namespace}/{proj_name}?file={file_path}&version={version}&diff=True')
+    assert resp.status_code == expected
+
+
+def test_download_diff_file(client, diff_project):
+    test_file = 'base.gpkg'
+    # download version of file with force update (no diff)
+    resp = client.get('/v1/project/raw/{}/{}?file={}&diff=true&version=v5'.format(test_namespace, test_project, test_file))
+    assert resp.status_code == 404
+
+    # updated with diff based on 'inserted_1_A.gpkg'
+    pv_2 = next((v for v in diff_project.versions if v.name == 'v4'), None)
+    file_meta = pv_2.changes['updated'][0]
+    resp = client.get('/v1/project/raw/{}/{}?file={}&diff=true&version=v4'.format(test_namespace, test_project, test_file))
+    assert resp.status_code == 200
+    # check we get the same file with diff that we created (uploaded)
+    downloaded_file = os.path.join(TMP_DIR, 'download' + str(uuid.uuid4()))
+    with open(downloaded_file, 'wb') as f:
+        f.write(resp.data)
+    assert file_meta['diff']['checksum'] == generate_checksum(downloaded_file)
+    patched_file = os.path.join(TMP_DIR, 'patched' + str(uuid.uuid4()))
+    geodiff = GeoDiff()
+    basefile = os.path.join(test_project_dir, test_file)
+    shutil.copy(basefile, patched_file)
+    geodiff.apply_changeset(patched_file, downloaded_file)
+    changes = os.path.join(TMP_DIR, 'changeset' + str(uuid.uuid4()))
+    geodiff.create_changeset(patched_file, os.path.join(test_project_dir, 'inserted_1_A.gpkg'), changes)
+    assert not geodiff.has_changes(changes)
+
+    # download full version after file was removed
+    os.remove(os.path.join(diff_project.storage.project_dir, file_meta['location']))
+    resp = client.get('/v1/project/raw/{}/{}?file={}&version=v4'.format(test_namespace, test_project, test_file))
+    assert resp.status_code == 200
+
+
+def test_download_fail(app, client):
+    # remove project files to mimic mismatch with db
+    os.remove(os.path.join(app.config['LOCAL_PROJECTS'], test_namespace, test_project, 'v1', 'test.txt'))
+    resp = client.get('/v1/project/raw/{}/{}?file={}'.format(test_namespace, test_project, 'test.txt'))
+    assert resp.status_code == 404
+
+    shutil.rmtree(os.path.join(app.config['LOCAL_PROJECTS'], test_namespace, test_project))
+
+    resp = client.get('/v1/project/download/{}/{}'.format(test_namespace, test_project))
+    assert resp.status_code == 404
+
+    resp = client.get('/v1/project/raw/{}/{}?file={}'.format(test_namespace, test_project, 'test.txt'))
+    assert resp.status_code == 404
+
+    p = Project.query.filter_by(name=test_project, namespace=test_namespace).first()
+    db.session.delete(p)
+    db.session.commit()
+    resp = client.get('/v1/project/raw/{}/{}?file={}'.format(test_namespace, test_project, 'test.txt'))
+    assert resp.status_code == 404
+
+
+def _file_info(project_dir, path):
+    abs_path = os.path.join(project_dir, path)
+    f_size = os.path.getsize(abs_path)
+    return {
+        "path": path,
+        "checksum": generate_checksum(abs_path),
+        "size": f_size,
+        "mtime": datetime.fromtimestamp(os.path.getmtime(abs_path), tzlocal()),
+        "chunks": [str(uuid.uuid4()) for i in range(math.ceil(f_size / CHUNK_SIZE))],
+    }
+
+
+def create_diff_meta(base, modified, project_dir):
+    """Create diff metadata for updating files."""
+    geodiff = GeoDiff()
+    diff_id = str(uuid.uuid4())
+    diff_name = base + '-diff-' + diff_id
+    basefile = os.path.join(project_dir, base)
+    modfile = os.path.join(project_dir, modified)
+    changeset = os.path.join(TMP_DIR, diff_name)
+    geodiff.create_changeset(basefile, modfile, changeset)
+
+    diff_meta = {
+        **_file_info(project_dir, base),
+        "chunks": [str(uuid.uuid4()) for i in range(math.ceil(_file_info(TMP_DIR, diff_name)["size"] / CHUNK_SIZE))],
+        "diff": {
+            "path": diff_name,
+            "checksum": generate_checksum(changeset),
+            "size": os.path.getsize(changeset)
+        }
+    }
+    diff_meta["path"] = base
+    return diff_meta
+
+
+def _get_changes(project_dir, diff=False):
+    changes = {
+        "added": [
+            {
+                **_file_info(project_dir, "test_dir/test4.txt"),
+                "chunks": [str(uuid.uuid4()) for i in range(math.ceil(_file_info(project_dir, "test_dir/test4.txt")["size"] / CHUNK_SIZE))]
+            }
+        ],
+        "renamed": [
+            {
+                **_file_info(project_dir, "test_dir/test2.txt"),
+                "new_path": "test_dir/renamed.txt",
+            }
+        ],
+        "updated": [
+            {
+                **_file_info(project_dir, "test.txt"),
+                "chunks": [str(uuid.uuid4()) for i in
+                           range(math.ceil(_file_info(project_dir, "test.txt")["size"] / CHUNK_SIZE))]
+            }
+        ],
+        "removed": [
+            _file_info(project_dir, "test3.txt")
+        ]
+    }
+    return changes
+
+
+def _get_changes_without_added(project_dir):
+    changes = _get_changes(project_dir)
+    changes["added"] = []
+    return changes
+
+
+def _get_changes_without_mtime(project_dir):
+    changes = _get_changes_without_added(project_dir)
+    del changes['updated'][0]['mtime']
+    return changes
+
+
+def _get_changes_with_broken_mtime(project_dir):
+    changes = _get_changes_without_added(project_dir)
+    changes["renamed"] = []
+    changes["removed"] = []
+    changes['updated'][0]['mtime'] = "frfr"
+    return changes
+
+
+def _get_changes_with_diff(project_dir):
+    changes = _get_changes_without_added(project_dir)
+    # add some updates using diff file
+    diff_meta = create_diff_meta('base.gpkg', 'inserted_1_A.gpkg', project_dir)
+    changes['updated'].append(diff_meta)
+    return changes
+
+test_push_data = [
+    ({'version': 'v1', 'changes': _get_changes_without_added(test_project_dir)}, 200),  # success
+    ({'version': 'v1', 'changes': _get_changes_with_diff(test_project_dir)}, 200),  # with diff, success
+    ({'version': 'v1', 'changes': _get_changes(test_project_dir)}, 400),  # contains already uploaded file
+    ({'version': 'v0', 'changes': _get_changes_without_added(test_project_dir)}, 400),  # version mismatch
+    ({'version': 'v1', 'changes': {}}, 400),  # wrong changes format
+    ({'version': 'v1', 'changes': {'added': [], 'removed': [], 'updated': [], 'renamed': []}}, 400),  # no changes requested
+    ({'version': 'v1', 'changes': {'added': [{'path': 'test.txt'}], 'removed': [], 'updated': [{'path': 'test.txt'}], 'renamed': []}}, 400),  # inconsistent changes
+    ({'changes': _get_changes_without_added(test_project_dir)}, 400)  # missing version (required parameter)
+]
+
+
+@pytest.mark.parametrize("data,expected", test_push_data)
+def test_push_project_start(client, data, expected):
+    url = '/v1/project/push/{}/{}'.format(test_namespace, test_project)
+    resp = client.post(url, data=json.dumps(data, cls=DateTimeEncoder).encode("utf-8"), headers=json_headers)
+    assert resp.status_code == expected
+    if expected == 200:
+        assert 'transaction' in resp.json.keys()
+
+
+def test_push_to_new_project(client):
+    # create blank project
+    p = Project.query.filter_by(name=test_project, namespace=test_namespace).first()
+    project = Project('blank', p.storage_params, p.creator, p.namespace, files=[])
+    db.session.add(project)
+    pa = ProjectAccess(project, True)
+    db.session.add(pa)
+    db.session.commit()
+
+    current_app.config['BLACKLIST'] = ["test4"]
+    url = '/v1/project/push/{}/{}'.format(test_namespace, 'blank')
+    data = {'version': 'v0', 'changes': _get_changes(test_project_dir)}
+    resp = client.post(url, data=json.dumps(data, cls=DateTimeEncoder).encode("utf-8"), headers=json_headers)
+    assert resp.status_code == 200
+
+    upload_id = resp.json['transaction']
+    upload = Upload.query.filter_by(id=upload_id).first()
+    blacklisted_file = all(added['path'] != 'test_dir/test4.txt' for added in upload.changes['added'])
+    assert blacklisted_file
+
+    data = {'version': 'v1', 'changes': _get_changes(test_project_dir)}
+    resp = client.post(url, data=json.dumps(data, cls=DateTimeEncoder).encode("utf-8"), headers=json_headers)
+    assert resp.status_code == 400
+
+    data = {'version': 'v100', 'changes': _get_changes(test_project_dir)}
+    resp = client.post(url, data=json.dumps(data, cls=DateTimeEncoder).encode("utf-8"), headers=json_headers)
+    assert resp.status_code == 400
+    assert resp.json['detail'] == 'First push should be with v0'
+
+
+def test_sync_no_upload(client):
+    # test project sync that does not require data upload (e.g. renaming)
+    url = '/v1/project/push/{}/{}'.format(test_namespace, test_project)
+    changes = _get_changes(test_project_dir)
+    changes['added'] = changes['removed'] = changes['updated'] = []
+    data = {'version': 'v1', 'changes': changes}
+    resp = client.post(url, data=json.dumps(data, cls=DateTimeEncoder).encode("utf-8"), headers=json_headers)
+    project = Project.query.filter_by(name=test_project, namespace=test_namespace).first()
+    renamed = next((i for i in project.files if i['path'] == 'test_dir/renamed.txt'), None)
+    assert resp.status_code == 200
+    assert renamed is not None
+    assert not project.uploads.all()
+
+    # check project version update after successful sync
+    resp_2 = client.get('/v1/project/version/{}/{}'.format(test_namespace, test_project))
+    assert resp_2.status_code == 200
+    assert len(resp_2.json) == 2
+    assert resp_2.json[0]['name'] == 'v2'
+    assert resp_2.json[0]['author'] == 'mergin'
+    assert resp_2.json[0]['changes']['renamed'][0]['new_path'] == changes['renamed'][0]['new_path']
+
+
+def test_push_integrity_error(client, app):
+    app.config['LOCKFILE_EXPIRATION'] = 5
+    url = '/v1/project/push/{}/{}'.format(test_namespace, test_project)
+    changes = _get_changes_without_added(test_project_dir)
+    data = {'version': 'v1', 'changes': changes}
+    resp = client.post(url, data=json.dumps(data, cls=DateTimeEncoder).encode("utf-8"), headers=json_headers)
+    assert resp.status_code == 200
+
+    # try another request for transaction
+    resp2 = client.post(url, data=json.dumps(data, cls=DateTimeEncoder).encode("utf-8"), headers=json_headers)
+    assert resp2.status_code == 400
+    assert resp2.json['detail'] == 'Another process is running. Please try later.'
+
+    # try immediate project sync without transaction (no upload)
+    changes['added'] = changes['removed'] = changes['updated'] = []
+    data = {'version': 'v1', 'changes': changes}
+    resp3 = client.post(url, data=json.dumps(data, cls=DateTimeEncoder).encode("utf-8"), headers=json_headers)
+    assert resp3.status_code == 400
+
+    time.sleep(5)
+    # try another request for transaction
+    resp4 = client.post(url, data=json.dumps(data, cls=DateTimeEncoder).encode("utf-8"), headers=json_headers)
+    assert resp4.status_code == 200
+
+
+def test_exceed_data_limit(client):
+    project = Project.query.filter_by(name=test_project, namespace=test_namespace).first()
+    user_disk_space = sum(p.disk_usage for p in project.creator.projects)
+    ns = Namespace.query.filter_by(name=project.creator.username).first()
+    # set basic storage that it is fully used
+    ns.storage = user_disk_space
+    db.session.add(ns)
+    db.session.commit()
+
+    url = '/v1/project/push/{}/{}'.format(test_namespace, test_project)
+    changes = _get_changes(test_project_dir)
+    changes['renamed'] = changes['removed'] = changes['updated'] = []
+    changes["added"][0]["path"] = "xxx.txt"
+    data = {'version': 'v1', 'changes': changes}
+    resp = client.post(url, data=json.dumps(data, cls=DateTimeEncoder).encode("utf-8"), headers=json_headers)
+    assert resp.status_code == 400
+    assert resp.json['detail'] == 'You have reached a data limit'
+
+    # try to make some space only by removing file
+    changes["added"] = []
+    changes["removed"] = [project.files[0]]
+    data = {'version': 'v1', 'changes': changes}
+    resp = client.post(url, data=json.dumps(data, cls=DateTimeEncoder).encode("utf-8"), headers=json_headers)
+    assert resp.status_code == 200
+
+    # tight limit again
+    ns.storage = sum(p.disk_usage for p in project.creator.projects)
+    db.session.commit()
+
+    changes['renamed'] = changes['removed'] = changes['updated'] = []
+    changes['added'] = [{
+        **_file_info(test_project_dir, "test_dir/test2.txt"),
+        "chunks": [str(uuid.uuid4()) for i in range(math.ceil(_file_info(test_project_dir, "test_dir/test2.txt")["size"] / CHUNK_SIZE))]
+    }]
+    changes["added"][0]["path"] = "xxx.txt"
+    data = {'version': 'v2', 'changes': changes}
+    resp = client.post(url, data=json.dumps(data, cls=DateTimeEncoder).encode("utf-8"), headers=json_headers)
+    assert resp.status_code == 400
+    assert resp.json['detail'] == 'You have reached a data limit'
+
+    # try to upload while removing some other files, test4.txt being larger than test2.txt
+    changes["removed"] = [{**_file_info(test_project_dir, "test_dir/test4.txt")}]
+    data = {'version': 'v2', 'changes': changes}
+    resp = client.post(url, data=json.dumps(data, cls=DateTimeEncoder).encode("utf-8"), headers=json_headers)
+    assert resp.status_code == 200
+
+
+def create_transaction(username, changes, version=1):
+    """Create transaction in mergin/test project for update to particular version by specified user."""
+    user = User.query.filter_by(username=username).first()
+    project = Project.query.filter_by(name=test_project, namespace='mergin').first()
+    upload = Upload(project, version, changes, user.id)
+    db.session.add(upload)
+    db.session.commit()
+    upload_dir = os.path.join(upload.project.storage.project_dir, "tmp", upload.id)
+    os.makedirs(upload_dir)
+    open(os.path.join(upload_dir, 'lockfile'), 'w').close()
+    return upload, upload_dir
+
+
+def remove_transaction(transaction_id):
+    """Remove transaction from db and related files, use to clean after upload failure."""
+    upload = Upload.query.get(transaction_id)
+    upload_dir = os.path.join(upload.project.storage.project_dir, "tmp", transaction_id)
+    db.session.delete(upload)
+    db.session.commit()
+    shutil.rmtree(upload_dir, ignore_errors=True)
+
+
+def test_chunk_upload(client, app):
+    changes = _get_changes(test_project_dir)
+    upload, upload_dir = create_transaction('mergin', changes)
+    chunk_id = upload.changes['added'][0]['chunks'][0]
+    url = '/v1/project/push/chunk/{}/{}'.format(upload.id, chunk_id)
+    with open(os.path.join(test_project_dir, 'test_dir', 'test4.txt'), 'rb') as file:
+        data = file.read(CHUNK_SIZE)
+        checksum = hashlib.sha1()
+        checksum.update(data)
+    headers = {"Content-Type": "application/octet-stream"}
+    resp = client.post(url, data=data, headers=headers)
+    assert resp.status_code == 200
+    assert resp.json['checksum'] == checksum.hexdigest()
+
+    # test to send bigger chunk than allowed
+    app.config['MAX_CHUNK_SIZE'] = 10 * CHUNK_SIZE
+    with open(os.path.join(test_project_dir, 'test_dir', 'test4.txt'), 'rb') as file:
+        data = file.read(11 * CHUNK_SIZE)
+    headers = {"Content-Type": "application/octet-stream"}
+    resp = client.post(url, data=data, headers=headers)
+    assert resp.status_code == 400
+    assert resp.json['detail'] == 'Too big chunk'
+
+    # test with transaction with no uploads expected
+    changes = _get_changes(test_project_dir)
+    changes['added'] = changes['removed'] = changes['updated'] = []
+    upload.changes = changes
+    db.session.add(upload)
+    db.session.commit()
+    resp2 = client.post(url, data=data, headers=headers)
+    assert resp2.status_code == 404
+
+    # cleanup
+    shutil.rmtree(upload_dir)
+
+
+def upload_chunks(upload_dir, changes):
+    """Mimic chunks for upload to finish were already uploaded."""
+    os.makedirs(os.path.join(upload_dir, 'chunks'))
+    for f in changes['added'] + changes['updated']:
+        source = os.path.join(TMP_DIR, f["diff"]["path"]) if "diff" in f else os.path.join(test_project_dir, f["path"])
+        with open(source, 'rb') as in_file:
+            for chunk in f["chunks"]:
+                with open(os.path.join(upload_dir, 'chunks', chunk), 'wb') as out_file:
+                    out_file.write(in_file.read(CHUNK_SIZE))
+
+
+def test_push_finish(client):
+    changes = _get_changes(test_project_dir)
+    upload, upload_dir = create_transaction('mergin', changes)
+    url = '/v1/project/push/finish/{}'.format(upload.id)
+
+    resp = client.post(url)
+    assert resp.status_code == 422
+    assert 'corrupted_files' in resp.json['detail'].keys()
+    assert not os.path.exists(os.path.join(upload_dir, "files", "test.txt"))
+
+    os.mkdir(os.path.join(upload.project.storage.project_dir, 'v2'))
+    # mimic chunks were uploaded
+    os.makedirs(os.path.join(upload_dir, 'chunks'))
+    for f in upload.changes['added'] + upload.changes['updated']:
+        with open(os.path.join(test_project_dir, f["path"]), 'rb') as in_file:
+            for chunk in f["chunks"]:
+                with open(os.path.join(upload_dir, 'chunks', chunk), 'wb') as out_file:
+                    out_file.write(in_file.read(CHUNK_SIZE))
+
+    resp2 = client.post(url)
+    assert resp2.status_code == 200
+    assert not os.path.exists(upload_dir)
+    assert upload.project.versions[0].user_agent is not None
+
+    # test basic failures
+    resp3 = client.post('/v1/project/push/finish/not-existing')
+    assert resp3.status_code == 404
+
+    # create new user with permission to do uploads
+    user = User(username='tester', passwd='test', is_admin=False, email='tester@mergin.com')
+    user.active = True
+    db.session.add(user)
+    project = Project.query.filter_by(name=test_project, namespace=test_namespace).first()
+    project.access.owners.append(user.id)
+    db.session.commit()
+
+    upload, upload_dir = create_transaction(user.username, changes)
+    url = '/v1/project/push/finish/{}'.format(upload.id)
+    db.session.add(upload)
+    db.session.commit()
+    # still log in as mergin user
+    resp4 = client.post(url)
+    assert resp4.status_code == 403
+
+
+def test_push_close(client):
+    changes = _get_changes(test_project_dir)
+    upload, upload_dir = create_transaction('mergin', changes)
+    url = '/v1/project/push/cancel/{}'.format(upload.id)
+    resp = client.post(url)
+    assert resp.status_code == 200
+
+
+def test_whole_push_process(client):
+    """ Test whole transactional upload from start, through uploading chunks to finish.
+    Uploaded files contains also non-ascii chars to test.
+    """
+    test_dir = os.path.join(TMP_DIR, 'test_uploaded_files')
+    if os.path.exists(test_dir):
+        shutil.rmtree(test_dir)
+    uploaded_files = ['テスト.txt', '£¥§.txt', 'name_1_1.txt', 'name\\1\\1.txt']
+    # prepare dummy files
+    os.mkdir(test_dir)
+    for file in uploaded_files:
+        with open(os.path.join(test_dir, file), 'w') as f:
+            f.write("Hello Mergin")
+
+    # push start: create upload transaction
+    changes = {
+        "added": [_file_info(test_dir, filename) for filename in uploaded_files],
+        "renamed": [],
+        "updated": [],
+        "removed": []
+    }
+    resp = client.post(f'/v1/project/push/{test_namespace}/{test_project}', data=json.dumps({
+        'version': 'v1',
+        'changes': changes
+    }, cls=DateTimeEncoder).encode("utf-8"), headers=json_headers)
+
+    assert resp.status_code == 200
+    assert 'transaction' in resp.json.keys()
+    upload = Upload.query.get(resp.json['transaction'])
+    assert upload
+
+    # push upload: upload file chunks
+    for file in changes["added"]:
+        for chunk_id in file["chunks"]:
+            url = '/v1/project/push/chunk/{}/{}'.format(upload.id, chunk_id)
+            with open(os.path.join(test_dir, file['path']), 'rb') as f:
+                data = f.read(CHUNK_SIZE)
+                checksum = hashlib.sha1()
+                checksum.update(data)
+            resp = client.post(url, data=data, headers={"Content-Type": "application/octet-stream"})
+            assert resp.status_code == 200
+            assert resp.json['checksum'] == checksum.hexdigest()
+
+    # push finish: call server to concatenate chunks and finish upload
+    resp = client.post(f'/v1/project/push/finish/{upload.id}')
+    assert resp.status_code == 200
+    project = Project.query.filter_by(name=test_project, namespace=test_namespace).first()
+    for file in project.files:
+        if file['path'] not in uploaded_files:
+            continue
+        file_location = os.path.join(project.storage.project_dir, file['location'])
+        file_before_upload = os.path.join(test_dir, file['path'])
+        assert os.path.exists(file_location)
+        assert open(file_before_upload, 'r').read() == open(file_location, 'r').read()
+
+
+def test_push_diff_finish(client):
+    # success
+    changes = _get_changes_with_diff(test_project_dir)
+    upload, upload_dir = create_transaction('mergin', changes)
+    upload_chunks(upload_dir, upload.changes)
+    resp = client.post('/v1/project/push/finish/{}'.format(upload.id))
+    assert resp.status_code == 200
+    # check there are not any changes between local modified file and server patched file (using geodiff)
+    geodiff = GeoDiff()
+    changeset = os.path.join(TMP_DIR, 'test_changeset')
+    modfile = os.path.join(test_project_dir, 'inserted_1_A.gpkg')
+    patchedfile = os.path.join(upload.project.storage.project_dir, 'v2', 'base.gpkg')
+    geodiff.create_changeset(patchedfile, modfile, changeset)
+    assert not geodiff.has_changes(changeset)
+    os.remove(changeset)
+
+    # try with valid update metadata but with conflicting diff (rebase was not done)
+    upload, upload_dir = create_transaction('mergin', changes, 2)
+    upload_chunks(upload_dir, upload.changes)
+
+    resp = client.post('/v1/project/push/finish/{}'.format(upload.id))
+    assert resp.status_code == 422
+    assert 'base.gpkg error=project: mergin/test, geodiff error' in resp.json['detail']
+
+
+clone_project_data = [
+    ({"project": " clone "}, 'mergin', 200),  # clone own project
+    ({}, 'mergin', 409),  # fail to clone own project into the same one
+    ({"namespace": "foo"}, 'foo', 200),  # public project cloned by another user
+    ({"namespace": "foo"}, 'foo', 403),  # fail to clone private project with no permissions granted
+]
+
+
+@pytest.mark.parametrize("data,username,expected", clone_project_data)
+def test_clone_project(client, data, username, expected):
+    endpoint = '/v1/project/clone/{}/{}'.format(test_namespace, test_project)
+    # need for private project
+    if expected == 403:
+        p = Project.query.filter_by(name=test_project, namespace=test_namespace).first()
+        p.access.public = False
+        db.session.add(p)
+        db.session.commit()
+    # add some user to test clone across namespaces
+    if username != 'mergin':
+        user = add_user(username, 'bar')
+        # switch default user
+        client.get(url_for('auth.logout'))
+        client.post(url_for('auth.login'), data=json.dumps({'login': user.username, 'password': 'bar'}), headers=json_headers)
+
+    resp = client.post(endpoint, data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == expected
+    if expected == 200:
+        ns = data.get('namespace', test_namespace)
+        proj = data.get('project', test_project).strip()
+        template = Project.query.filter_by(name=test_project, namespace=test_namespace).first()
+        project = Project.query.filter_by(name=proj, namespace=ns).first()
+        assert not any(x['checksum'] != y['checksum'] and x['path'] != y['path'] for x, y in zip(project.files, template.files))
+        assert os.path.exists(os.path.join(project.storage.project_dir, project.files[0]['location']))
+        assert not project.access.public
+        # cleanup
+        shutil.rmtree(project.storage.project_dir)
+
+
+def test_optimize_storage(app, diff_project):
+    file_v2_base = os.path.join(diff_project.storage.project_dir, 'v4', 'base.gpkg')
+    file_v4_base = os.path.join(diff_project.storage.project_dir, 'v6', 'base.gpkg')
+    basefile_v1 = os.path.join(diff_project.storage.project_dir, 'v3', 'base.gpkg')
+    basefile_v3 = os.path.join(diff_project.storage.project_dir, 'v5', 'base.gpkg')
+    latest = os.path.join(diff_project.storage.project_dir, 'v9', 'test.gpkg')
+
+    diff_project.storage.optimize_storage()
+    # nothing removed since created recently
+    assert os.path.exists(file_v2_base) and os.path.exists(file_v4_base)
+
+    app.config['FILE_EXPIRATION'] = 0
+    diff_project.storage.optimize_storage()
+    assert not (os.path.exists(file_v2_base) and os.path.exists(file_v4_base))
+    # we keep latest file, basefiles must stay (either very first one, or any other with forced update)
+    assert os.path.exists(latest) and os.path.exists(basefile_v1) and os.path.exists(basefile_v3)
+
+    # try again, nothing expected if files already removed
+    diff_project.storage.optimize_storage()
+    assert not os.path.exists(file_v2_base)
+
+
+def test_version_file_restore(diff_project):
+    test_file = os.path.join(diff_project.storage.project_dir, 'v4', 'base.gpkg')
+    os.remove(test_file)
+    diff_project.storage.restore_versioned_file('base.gpkg', 'v4')
+    assert os.path.exists(test_file)
+
+    # we can restore latest version (composed from multiple diffs)
+    test_file = os.path.join(diff_project.storage.project_dir, 'v9', 'test.gpkg')
+    os.remove(test_file)
+    diff_project.storage.restore_versioned_file('test.gpkg', 'v9')
+    assert os.path.exists(test_file)
+
+    # basefile can not be restored
+    test_file = os.path.join(diff_project.storage.project_dir, 'v5', 'base.gpkg')
+    os.remove(test_file)
+    diff_project.storage.restore_versioned_file('base.gpkg', 'v5')
+    assert not os.path.exists(test_file)
+
+    # no geodiff file can not be restored
+    test_file = os.path.join(diff_project.storage.project_dir, 'v1', 'test.txt')
+    os.remove(test_file)
+    diff_project.storage.restore_versioned_file('test.txt', 'v1')
+    assert not os.path.exists(test_file)
+
+
+changeset_data = [
+    ('v1', 'test.gpkg', 404),
+    ('v1', 'test.txt', 404),
+    ('v9', 'test.gpkg', 200),  # diff update in v9 version
+    ('v10', 'test.gpkg', 404),  # no change of the file in v10 version
+]
+
+
+@pytest.mark.parametrize("version, path, expected", changeset_data)
+def test_changeset_file(client, diff_project, version, path, expected):
+    url = '/v1/resource/changesets/{}/{}/{}?path={}'.format(
+        test_namespace, test_project, version, path)
+    resp = client.get(url)
+    assert resp.status_code == expected
+
+    if resp.status_code == 200:
+        version = ProjectVersion.query.filter_by(project_id=diff_project.id, name=version).first()
+        file = next((f for f in version.files if f['path'] == path), None)
+        changeset = os.path.join(version.project.storage.project_dir, file['diff']['location'])
+        json_file = 'changeset'
+
+        # create manually list changes
+        version.project.storage.geodiff.list_changes(
+            changeset, json_file
+        )
+        list_changes = json.loads(open(json_file, 'r').read())
+        os.remove(json_file)
+
+        # compare manually created with data from request
+        assert json.loads(resp.data) == list_changes['geodiff']
+
+
+def test_get_projects_by_uuids(client):
+    user = User.query.filter_by(username="mergin").first()
+    p1 = create_project('foo', test_namespace, user)
+    user2 = add_user('user2', 'ilovemergin')
+    p2 = create_project('foo', 'user2', user2)
+    uuids = ",".join([str(p1.id), str(p2.id), "1234"])
+
+    resp = client.get(f'/v1/project/by_uuids?uuids={uuids}')
+    assert resp.status_code == 200
+    resp_data = [str(project["id"]) for project in json.loads(resp.data)]
+    assert str(p1.id) in resp_data  # user has access to
+    assert str(p2.id) not in resp_data  # belongs to user2, and user does not have access
+    assert "1234" not in resp_data  # invalid id
+
+    uuids = ",".join([str(uuid.uuid4()) for _ in range(0, 11)])
+    resp = client.get(f'/v1/project/by_uuids?uuids={uuids}')
+    assert resp.status_code == 400
+
+    resp = client.get(f'/v1/project/by_uuids')
+    assert resp.status_code == 400
diff --git a/server/test/test_project_transfer_controller.py b/server/test/test_project_transfer_controller.py
new file mode 100644
index 00000000..53062e9e
--- /dev/null
+++ b/server/test/test_project_transfer_controller.py
@@ -0,0 +1,261 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+import os
+import shutil
+import pytest
+import json
+from datetime import timedelta
+from flask import current_app, url_for
+from src import db
+from src.auth.models import User
+from src.models.db_models import (
+    Project,
+    ProjectTransfer,
+    Namespace,
+    Upload,
+    ProjectAccess,
+    ProjectVersion,
+    AccessRequest)
+
+from . import test_project, test_namespace, json_headers, TMP_DIR, DEFAULT_USER, test_project_dir, TEST_ORG
+from .utils import add_user, login, create_project
+
+
+test_uploaded_file_dir = os.path.join(os.path.dirname(os.path.realpath(__file__)), 'test_uploaded_files')
+CHUNK_SIZE = 1024
+
+add_project_transfer_data = [
+    (DEFAULT_USER, test_namespace, test_project, {'namespace': 'user'}, 201),  # success
+    (DEFAULT_USER, test_namespace, test_project, {'namespace': 'user'}, 409),  # try to transfer project already on transfer
+    (DEFAULT_USER, test_namespace, test_project, {'namespace': test_namespace}, 400),  # origin and destination namespaces are the same
+    (DEFAULT_USER, test_namespace, test_project, {'namespace': 'user2'}, 404),  # destination namespace does not exist
+    (DEFAULT_USER, test_namespace, 'test_error', {'namespace': 'user'}, 404),  # source project does not exist
+    (DEFAULT_USER, test_namespace, test_project, {'user': 'user'}, 400),  # missing data['namespace']
+    (('user', 'user'), test_namespace, test_project, {'namespace': 'user'}, 403),  # try with unprivileged user
+]
+
+
+@pytest.mark.parametrize("user, namespace, project_name, data, expected", add_project_transfer_data)
+def test_create_transfer_project(client, user, namespace, project_name, data, expected):
+    """ Test create project transfer from mergin namespace to different namespace """
+    add_user('user', 'user')
+    login(client, user[0], user[1])
+    url = '/v1/project/transfer/{}/{}'.format(namespace, project_name)
+    resp = client.post(url, data=json.dumps(data), headers=json_headers)
+    if expected == 409:
+        resp = client.post(url, data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == expected
+    if resp.status_code == 201:
+        u = User.query.filter_by(username=user[0]).first()
+        project = Project.query.filter_by(name=project_name, namespace=namespace).first()
+        transfer = ProjectTransfer.query.first()
+        assert transfer.project_id == project.id
+        assert transfer.from_ns_name == namespace
+        assert transfer.to_ns_name == data['namespace']
+        assert transfer.requested_by == u.id
+
+
+@pytest.fixture(scope='function')
+def project_transfer_init(diff_project):
+    """ Creates testing fixture of ProjectTransfer of mergin/test with history (diff_project) to user namespace """
+    user = add_user('user', 'user')
+    add_user('user2', 'user2')  # dummy user to permission checks
+    namespace = Namespace.query.filter_by(name='user').first()
+    mergin_user = User.query.filter_by(username='mergin').first()
+    project_transfer = ProjectTransfer(diff_project, namespace, mergin_user.id)
+    db.session.add(project_transfer)
+    return project_transfer
+
+
+test_get_transfer_project_data = [
+    (('user', 'user'), 'user', 'incoming', 1, 200),  # user has 1 transfer request (target)
+    (DEFAULT_USER, 'mergin', 'outcoming', 1, 200),  # mergin has 1 transfer request (creator)
+    (('user2', 'user2'), 'user2', 'incoming', 0, 200),  # user2 doesn't have any transfer request
+    (('user2', 'user2'), 'user', 'incoming', 0, 403),  # user2 can not check others users transfers
+]
+
+
+@pytest.mark.parametrize("user, namespace, direction, count, expected", test_get_transfer_project_data)
+def test_get_transfer_project(client, project_transfer_init, user, namespace, direction, count, expected):
+    """ Test list of existing project transfer """
+    login(client, user[0], user[1])
+    resp = client.get(f'/v1/project/transfer/{namespace}', headers=json_headers)
+    assert resp.status_code == expected
+    if expected == 200:
+        assert len(resp.json) == count
+        if count:
+            key = 'to_ns_name' if direction == 'incoming' else 'from_ns_name'
+            assert resp.json[0][key] == namespace
+
+
+test_delete_transfer_project_data = [
+    (None, DEFAULT_USER, 200),  # success for creator
+    (None, ('user', 'user'), 200),  # accepting user can also remove a transfer
+    (None, ('user2', 'user2'), 403),  # unrelated user can not remove transfer
+    (1, DEFAULT_USER, 404)  # the id of transfer project does not exist
+]
+
+
+@pytest.mark.parametrize("id, user, expected", test_delete_transfer_project_data)
+def test_delete_transfer_project(client, project_transfer_init, id, user, expected):
+    """ Testing delete project transfer for mergin for different namespace """
+    login(client, user[0], user[1])
+    id = id if id else project_transfer_init.id
+    resp = client.delete(f'/v1/project/transfer/{id}', headers=json_headers)
+    assert resp.status_code == expected
+    if resp.status_code == 200:
+        assert not ProjectTransfer.query.count()
+
+
+test_execute_transfer_project_data = [
+    (None, ('user2', 'user2'), 'Test', True, 403),  # unprivileged user
+    (None, DEFAULT_USER, 'Test', True,  403),  # creator of transfer can not accept it
+    (1, ('user', 'user'), 'Test', True, 404),  # transfer project does not exist
+    (None, ('user', 'user'), 'Test', True, 200),  # transfer project with using original name
+    (None, ('user', 'user'), 'Test', False, 200),  # transfer project with using original name and no permissions transferred
+    (None, ('user', 'user'), 'My Test', True, 200),  # transfer project with using new name
+]
+
+
+@pytest.mark.parametrize("id, user, project_name, transfer_permission, expected", test_execute_transfer_project_data)
+def test_execute_transfer_project_to_user(client, project_transfer_init, id, user, project_name, transfer_permission, expected):
+    """ Test acceptance of project transfer """
+    # cleanup after previous tests
+    transferred_data = os.path.join(current_app.config['LOCAL_PROJECTS'], 'user', project_name)
+    if os.path.exists(transferred_data):
+        shutil.rmtree(transferred_data)
+
+    id = id if id else project_transfer_init.id
+    # keep information before original project gets deleted
+    original_project = Project.query.filter_by(namespace=test_namespace, name=test_project).first()
+    original_proj_id = original_project.id
+    original_owner_id = original_project.creator.id
+    original_data_dir = original_project.storage.project_dir
+
+    login(client, user[0], user[1])
+
+    # test if all project access requests are deleted during project transfer
+    if expected == 200:
+        url = url_for('create_project_access_request', namespace=test_namespace, project_name=test_project)
+        resp = client.post(url, headers=json_headers)
+        assert resp.status_code == 200
+        access_request = AccessRequest.query.filter(AccessRequest.namespace == test_namespace,
+                                                    AccessRequest.project_id == original_project.id).first()
+        assert access_request
+
+    data = {
+        'name': project_name,
+        'transfer_permissions': transfer_permission
+    }
+    resp = client.post(f'/v1/project/transfer/{id}', data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == expected
+    if resp.status_code == 200:
+        transferred_project = Project.query.filter_by(namespace=user[0], name=project_name).first()
+        assert transferred_project
+        assert transferred_project.creator.username == user[0]
+        # check original project has been modified (changed namespace) and files on disk were not touched
+        assert os.path.exists(original_data_dir)
+        assert Project.query.filter_by(id=original_proj_id).first().id == transferred_project.id
+        assert not Project.query.filter_by(namespace=test_namespace, name=test_project).first()
+        assert not AccessRequest.query.filter(AccessRequest.namespace == test_namespace,
+                                              AccessRequest.project_id == original_proj_id).first()
+
+        # check the permission transfer
+        for key in ['owners', 'readers', 'writers']:
+            attr = getattr(transferred_project.access, key)
+            if transfer_permission:
+                assert len(attr) == 2 and original_owner_id in attr
+            else:
+                assert len(attr) == 1 and attr[0] == transferred_project.creator.id
+
+
+def test_transfer_failures(client, project_transfer_init):
+    """ Test failing scenarios for accepting project transfer """
+    # cleanup after previous tests
+    proj_data = os.path.join(current_app.config['LOCAL_PROJECTS'], 'user', 'foo')
+    if os.path.exists(proj_data):
+        shutil.rmtree(proj_data)
+
+    login(client, 'user', 'user')
+    data = {'name': 'Test', 'transfer_permissions': True}
+    user = User.query.filter_by(username='user').first()
+
+    # decrease limit
+    ns = Namespace.query.filter_by(name=user.username).first()
+    ns.storage = 0
+    db.session.add(ns)
+    db.session.commit()
+    resp = client.post(f'/v1/project/transfer/{project_transfer_init.id}', data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == 400
+    assert resp.json['detail'] == 'Disk quota reached'
+
+    # create upload for project in transfer
+    ns.storage = 100000
+    db.session.add(ns)
+    upload = Upload(
+        project_transfer_init.project,
+        10,
+        {},
+        project_transfer_init.project.creator_id
+    )
+    db.session.add(upload)
+    db.session.commit()
+    resp = client.post(f'/v1/project/transfer/{project_transfer_init.id}', data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == 400
+    assert 'There is ongoing upload' in resp.json['detail']
+
+    # make transfer expired
+    db.session.delete(upload)
+    project_transfer_init.expire = project_transfer_init.expire - timedelta(seconds=client.application.config['TRANSFER_EXPIRATION'])
+    db.session.add(project_transfer_init)
+    db.session.commit()
+    resp = client.post(f'/v1/project/transfer/{project_transfer_init.id}', data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == 400
+    assert resp.json['detail'] == 'The request is already expired'
+
+    project_transfer_init.expire = project_transfer_init.expire + timedelta(seconds=client.application.config['TRANSFER_EXPIRATION'])
+    db.session.add(project_transfer_init)
+    db.session.commit()
+
+    # create conflict project
+    create_project('foo', 'user', user)
+    data = {'name': 'foo', 'transfer_permissions': True}
+    resp = client.post(f'/v1/project/transfer/{project_transfer_init.id}', data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == 409
+    assert resp.json['detail'] == "Project user/foo already exists"
+
+
+def test_transfer_to_org(client, test_organisation):
+    """ Test project transfer from user namespace to organisation (with him as owner) """
+    # clean up
+    proj_data = os.path.join(current_app.config['LOCAL_PROJECTS'], TEST_ORG, test_project)
+    if os.path.exists(proj_data):
+        shutil.rmtree(proj_data)
+
+    namespace = Namespace.query.filter_by(name=TEST_ORG).first()
+    mergin_user = User.query.filter_by(username=DEFAULT_USER[0]).first()
+    proj = Project.query.filter_by(namespace=DEFAULT_USER[0], name=test_project).first()
+    project_transfer = ProjectTransfer(proj, namespace, mergin_user.id)
+    db.session.add(project_transfer)
+
+    org_reader = add_user('reader', 'reader')
+    test_organisation.readers.append(org_reader.id)
+    db.session.add(test_organisation)
+    db.session.commit()
+
+    login(client, 'reader', 'reader')
+    data = {'name': test_project, 'transfer_permissions': True}
+    resp = client.post(f'/v1/project/transfer/{project_transfer.id}', data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == 403
+
+    login(client, DEFAULT_USER[0], DEFAULT_USER[1])
+    resp = client.post(f'/v1/project/transfer/{project_transfer.id}', data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == 200
+    transferred_project = Project.query.filter_by(namespace=TEST_ORG, name=test_project).first()
+    assert transferred_project
+    assert transferred_project.creator.username == DEFAULT_USER[0]
+    # mergin was owner even of original project
+    for key in ['owners', 'readers', 'writers']:
+        attr = getattr(transferred_project.access, key)
+        assert len(attr) == 1 and attr[0] == transferred_project.creator.id
diff --git a/server/test/test_projects/test/base.gpkg b/server/test/test_projects/test/base.gpkg
new file mode 100644
index 00000000..a152f6d4
Binary files /dev/null and b/server/test/test_projects/test/base.gpkg differ
diff --git a/server/test/test_projects/test/inserted_1_A.gpkg b/server/test/test_projects/test/inserted_1_A.gpkg
new file mode 100644
index 00000000..7b23f56d
Binary files /dev/null and b/server/test/test_projects/test/inserted_1_A.gpkg differ
diff --git a/server/test/test_projects/test/inserted_1_B.gpkg b/server/test/test_projects/test/inserted_1_B.gpkg
new file mode 100644
index 00000000..08e0a743
Binary files /dev/null and b/server/test/test_projects/test/inserted_1_B.gpkg differ
diff --git a/server/test/test_projects/test/json.json b/server/test/test_projects/test/json.json
new file mode 100644
index 00000000..d5ca56d1
--- /dev/null
+++ b/server/test/test_projects/test/json.json
@@ -0,0 +1,22 @@
+{
+    "glossary": {
+        "title": "example glossary",
+		"GlossDiv": {
+            "title": "S",
+			"GlossList": {
+                "GlossEntry": {
+                    "ID": "SGML",
+					"SortAs": "SGML",
+					"GlossTerm": "Standard Generalized Markup Language",
+					"Acronym": "SGML",
+					"Abbrev": "ISO 8879:1986",
+					"GlossDef": {
+                        "para": "A meta-markup language, used to create markup languages such as DocBook.",
+						"GlossSeeAlso": ["GML", "XML"]
+                    },
+					"GlossSee": "markup"
+                }
+            }
+        }
+    }
+}
\ No newline at end of file
diff --git a/server/test/test_projects/test/logo.jpeg b/server/test/test_projects/test/logo.jpeg
new file mode 100644
index 00000000..03effbef
Binary files /dev/null and b/server/test/test_projects/test/logo.jpeg differ
diff --git a/server/test/test_projects/test/logo.pdf b/server/test/test_projects/test/logo.pdf
new file mode 100644
index 00000000..bdd80949
Binary files /dev/null and b/server/test/test_projects/test/logo.pdf differ
diff --git a/server/test/test_projects/test/modified_1_geom.gpkg b/server/test/test_projects/test/modified_1_geom.gpkg
new file mode 100644
index 00000000..705d8cc4
Binary files /dev/null and b/server/test/test_projects/test/modified_1_geom.gpkg differ
diff --git a/server/test/test_projects/test/test.qgs b/server/test/test_projects/test/test.qgs
new file mode 100644
index 00000000..e69de29b
diff --git a/server/test/test_projects/test/test.txt b/server/test/test_projects/test/test.txt
new file mode 100644
index 00000000..fe1b5438
--- /dev/null
+++ b/server/test/test_projects/test/test.txt
@@ -0,0 +1 @@
+Some content.
\ No newline at end of file
diff --git a/server/test/test_projects/test/test3.txt b/server/test/test_projects/test/test3.txt
new file mode 100644
index 00000000..fe1b5438
--- /dev/null
+++ b/server/test/test_projects/test/test3.txt
@@ -0,0 +1 @@
+Some content.
\ No newline at end of file
diff --git a/server/test/test_projects/test/test_dir/test2.txt b/server/test/test_projects/test/test_dir/test2.txt
new file mode 100644
index 00000000..ed82dfec
--- /dev/null
+++ b/server/test/test_projects/test/test_dir/test2.txt
@@ -0,0 +1 @@
+To be renamed.
\ No newline at end of file
diff --git a/server/test/test_projects/test/test_dir/test4.txt b/server/test/test_projects/test/test_dir/test4.txt
new file mode 100644
index 00000000..b870d87a
--- /dev/null
+++ b/server/test/test_projects/test/test_dir/test4.txt
@@ -0,0 +1,604 @@
+<!DOCTYPE qgis PUBLIC 'http://mrcc.com/qgis.dtd' 'SYSTEM'>
+<qgis projectname="" version="3.7.0-Master">
+  <homePath path=""/>
+  <title></title>
+  <autotransaction active="0"/>
+  <evaluateDefaultValues active="0"/>
+  <trust active="0"/>
+  <projectCrs>
+    <spatialrefsys>
+      <proj4>+proj=tmerc +lat_0=49 +lon_0=-2 +k=0.9996012717 +x_0=400000 +y_0=-100000 +ellps=airy +towgs84=446.448,-125.157,542.06,0.15,0.247,0.842,-20.489 +units=m +no_defs</proj4>
+      <srsid>2437</srsid>
+      <srid>27700</srid>
+      <authid>EPSG:27700</authid>
+      <description>OSGB 1936 / British National Grid</description>
+      <projectionacronym>tmerc</projectionacronym>
+      <ellipsoidacronym>airy</ellipsoidacronym>
+      <geographicflag>false</geographicflag>
+    </spatialrefsys>
+  </projectCrs>
+  <layer-tree-group>
+    <customproperties/>
+    <layer-tree-layer source="./polygon.shp" name="polygon" expanded="1" id="polygon_77fbe60b_69aa_4d89_acf0_e6bf94188aeb" providerKey="ogr" checked="Qt::Checked">
+      <customproperties/>
+    </layer-tree-layer>
+    <layer-tree-layer source="./test.shp" name="test" expanded="1" id="test_cb445cf1_520a_45a2_a417_47db296d5715" providerKey="ogr" checked="Qt::Checked">
+      <customproperties/>
+    </layer-tree-layer>
+    <custom-order enabled="0">
+      <item>test_cb445cf1_520a_45a2_a417_47db296d5715</item>
+      <item>polygon_77fbe60b_69aa_4d89_acf0_e6bf94188aeb</item>
+    </custom-order>
+  </layer-tree-group>
+  <snapping-settings type="1" intersection-snapping="0" tolerance="12" unit="1" mode="2" enabled="0">
+    <individual-layer-settings>
+      <layer-setting type="1" units="1" id="test_cb445cf1_520a_45a2_a417_47db296d5715" tolerance="12" enabled="0"/>
+      <layer-setting type="1" units="1" id="polygon_77fbe60b_69aa_4d89_acf0_e6bf94188aeb" tolerance="12" enabled="0"/>
+    </individual-layer-settings>
+  </snapping-settings>
+  <relations/>
+  <mapcanvas name="theMapCanvas" annotationsVisible="1">
+    <units>meters</units>
+    <extent>
+      <xmin>318174.66713497589807957</xmin>
+      <ymin>485002.82415033015422523</ymin>
+      <xmax>319096.42773780913557857</xmax>
+      <ymax>486714.66526987764518708</ymax>
+    </extent>
+    <rotation>0</rotation>
+    <destinationsrs>
+      <spatialrefsys>
+        <proj4>+proj=tmerc +lat_0=49 +lon_0=-2 +k=0.9996012717 +x_0=400000 +y_0=-100000 +ellps=airy +towgs84=446.448,-125.157,542.06,0.15,0.247,0.842,-20.489 +units=m +no_defs</proj4>
+        <srsid>2437</srsid>
+        <srid>27700</srid>
+        <authid>EPSG:27700</authid>
+        <description>OSGB 1936 / British National Grid</description>
+        <projectionacronym>tmerc</projectionacronym>
+        <ellipsoidacronym>airy</ellipsoidacronym>
+        <geographicflag>false</geographicflag>
+      </spatialrefsys>
+    </destinationsrs>
+    <rendermaptile>0</rendermaptile>
+    <expressionContextScope/>
+  </mapcanvas>
+  <projectModels/>
+  <legend updateDrawingOrder="true">
+    <legendlayer name="polygon" drawingOrder="-1" open="true" checked="Qt::Checked" showFeatureCount="0">
+      <filegroup hidden="false" open="true">
+        <legendlayerfile layerid="polygon_77fbe60b_69aa_4d89_acf0_e6bf94188aeb" isInOverview="0" visible="1"/>
+      </filegroup>
+    </legendlayer>
+    <legendlayer name="test" drawingOrder="-1" open="true" checked="Qt::Checked" showFeatureCount="0">
+      <filegroup hidden="false" open="true">
+        <legendlayerfile layerid="test_cb445cf1_520a_45a2_a417_47db296d5715" isInOverview="0" visible="1"/>
+      </filegroup>
+    </legendlayer>
+  </legend>
+  <mapViewDocks/>
+  <mapViewDocks3D/>
+  <projectlayers>
+    <maplayer simplifyMaxScale="1" readOnly="0" simplifyAlgorithm="0" simplifyDrawingTol="1" refreshOnNotifyMessage="" minScale="1e+8" simplifyDrawingHints="1" wkbType="MultiPolygon" hasScaleBasedVisibilityFlag="0" type="vector" geometry="Polygon" simplifyLocal="1" autoRefreshEnabled="0" labelsEnabled="0" refreshOnNotifyEnabled="0" autoRefreshTime="0" styleCategories="AllStyleCategories" maxScale="0">
+      <extent>
+        <xmin>318018.93311925540911034</xmin>
+        <ymin>485586.37552858324488625</ymin>
+        <xmax>318769.45369502302492037</xmax>
+        <ymax>486169.70992282393854111</ymax>
+      </extent>
+      <id>polygon_77fbe60b_69aa_4d89_acf0_e6bf94188aeb</id>
+      <datasource>./polygon.shp</datasource>
+      <keywordList>
+        <value></value>
+      </keywordList>
+      <layername>polygon</layername>
+      <srs>
+        <spatialrefsys>
+          <proj4>+proj=tmerc +lat_0=49 +lon_0=-2 +k=0.9996012717 +x_0=400000 +y_0=-100000 +ellps=airy +towgs84=446.448,-125.157,542.06,0.15,0.247,0.842,-20.489 +units=m +no_defs</proj4>
+          <srsid>2437</srsid>
+          <srid>27700</srid>
+          <authid>EPSG:27700</authid>
+          <description>OSGB 1936 / British National Grid</description>
+          <projectionacronym>tmerc</projectionacronym>
+          <ellipsoidacronym>airy</ellipsoidacronym>
+          <geographicflag>false</geographicflag>
+        </spatialrefsys>
+      </srs>
+      <resourceMetadata>
+        <identifier></identifier>
+        <parentidentifier></parentidentifier>
+        <language></language>
+        <type></type>
+        <title></title>
+        <abstract></abstract>
+        <links/>
+        <fees></fees>
+        <encoding></encoding>
+        <crs>
+          <spatialrefsys>
+            <proj4></proj4>
+            <srsid>0</srsid>
+            <srid>0</srid>
+            <authid></authid>
+            <description></description>
+            <projectionacronym></projectionacronym>
+            <ellipsoidacronym></ellipsoidacronym>
+            <geographicflag>true</geographicflag>
+          </spatialrefsys>
+        </crs>
+        <extent/>
+      </resourceMetadata>
+      <provider encoding="UTF-8">ogr</provider>
+      <vectorjoins/>
+      <layerDependencies/>
+      <dataDependencies/>
+      <legend type="default-vector"/>
+      <expressionfields/>
+      <map-layer-style-manager current="default">
+        <map-layer-style name="default"/>
+      </map-layer-style-manager>
+      <auxiliaryLayer/>
+      <flags>
+        <Identifiable>1</Identifiable>
+        <Removable>1</Removable>
+        <Searchable>1</Searchable>
+      </flags>
+      <renderer-v2 type="singleSymbol" forceraster="0" enableorderby="0" symbollevels="0">
+        <symbols>
+          <symbol type="fill" name="0" force_rhr="0" alpha="1" clip_to_extent="1">
+            <layer class="SimpleFill" locked="0" pass="0" enabled="1">
+              <prop k="border_width_map_unit_scale" v="3x:0,0,0,0,0,0"/>
+              <prop k="color" v="195,76,227,255"/>
+              <prop k="joinstyle" v="bevel"/>
+              <prop k="offset" v="0,0"/>
+              <prop k="offset_map_unit_scale" v="3x:0,0,0,0,0,0"/>
+              <prop k="offset_unit" v="MM"/>
+              <prop k="outline_color" v="35,35,35,255"/>
+              <prop k="outline_style" v="solid"/>
+              <prop k="outline_width" v="0.26"/>
+              <prop k="outline_width_unit" v="MM"/>
+              <prop k="style" v="solid"/>
+              <data_defined_properties>
+                <Option type="Map">
+                  <Option type="QString" name="name" value=""/>
+                  <Option name="properties"/>
+                  <Option type="QString" name="type" value="collection"/>
+                </Option>
+              </data_defined_properties>
+            </layer>
+          </symbol>
+        </symbols>
+        <rotation/>
+        <sizescale/>
+      </renderer-v2>
+      <customproperties/>
+      <blendMode>0</blendMode>
+      <featureBlendMode>0</featureBlendMode>
+      <layerOpacity>1</layerOpacity>
+      <geometryOptions removeDuplicateNodes="0" geometryPrecision="0">
+        <activeChecks/>
+        <checkConfiguration/>
+      </geometryOptions>
+      <fieldConfiguration>
+        <field name="id">
+          <editWidget type="">
+            <config>
+              <Option/>
+            </config>
+          </editWidget>
+        </field>
+      </fieldConfiguration>
+      <aliases>
+        <alias name="" index="0" field="id"/>
+      </aliases>
+      <excludeAttributesWMS/>
+      <excludeAttributesWFS/>
+      <defaults>
+        <default expression="" applyOnUpdate="0" field="id"/>
+      </defaults>
+      <constraints>
+        <constraint field="id" constraints="0" unique_strength="0" exp_strength="0" notnull_strength="0"/>
+      </constraints>
+      <constraintExpressions>
+        <constraint field="id" exp="" desc=""/>
+      </constraintExpressions>
+      <expressionfields/>
+      <attributeactions>
+        <defaultAction key="Canvas" value="{00000000-0000-0000-0000-000000000000}"/>
+      </attributeactions>
+      <attributetableconfig sortExpression="" sortOrder="0" actionWidgetStyle="dropDown">
+        <columns/>
+      </attributetableconfig>
+      <conditionalstyles>
+        <rowstyles/>
+        <fieldstyles/>
+      </conditionalstyles>
+      <editform tolerant="1"></editform>
+      <editforminit/>
+      <editforminitcodesource>0</editforminitcodesource>
+      <editforminitfilepath></editforminitfilepath>
+      <editforminitcode><![CDATA[]]></editforminitcode>
+      <featformsuppress>0</featformsuppress>
+      <editorlayout>generatedlayout</editorlayout>
+      <editable/>
+      <labelOnTop/>
+      <widgets/>
+      <previewExpression></previewExpression>
+      <mapTip></mapTip>
+    </maplayer>
+    <maplayer simplifyMaxScale="1" readOnly="0" simplifyAlgorithm="0" simplifyDrawingTol="1" refreshOnNotifyMessage="" minScale="1e+8" simplifyDrawingHints="0" wkbType="Point" hasScaleBasedVisibilityFlag="0" type="vector" geometry="Point" simplifyLocal="1" autoRefreshEnabled="0" labelsEnabled="0" refreshOnNotifyEnabled="0" autoRefreshTime="0" styleCategories="AllStyleCategories" maxScale="0">
+      <extent>
+        <xmin>318256.99170382093871012</xmin>
+        <ymin>485555.48242982279043645</ymin>
+        <xmax>318389.65030438033863902</xmax>
+        <ymax>485659.06517272535711527</ymax>
+      </extent>
+      <id>test_cb445cf1_520a_45a2_a417_47db296d5715</id>
+      <datasource>./test.shp</datasource>
+      <keywordList>
+        <value></value>
+      </keywordList>
+      <layername>test</layername>
+      <srs>
+        <spatialrefsys>
+          <proj4>+proj=tmerc +lat_0=49 +lon_0=-2 +k=0.9996012717 +x_0=400000 +y_0=-100000 +ellps=airy +towgs84=446.448,-125.157,542.06,0.15,0.247,0.842,-20.489 +units=m +no_defs</proj4>
+          <srsid>2437</srsid>
+          <srid>27700</srid>
+          <authid>EPSG:27700</authid>
+          <description>OSGB 1936 / British National Grid</description>
+          <projectionacronym>tmerc</projectionacronym>
+          <ellipsoidacronym>airy</ellipsoidacronym>
+          <geographicflag>false</geographicflag>
+        </spatialrefsys>
+      </srs>
+      <resourceMetadata>
+        <identifier></identifier>
+        <parentidentifier></parentidentifier>
+        <language></language>
+        <type></type>
+        <title></title>
+        <abstract></abstract>
+        <contact>
+          <name></name>
+          <organization></organization>
+          <position></position>
+          <voice></voice>
+          <fax></fax>
+          <email></email>
+          <role></role>
+        </contact>
+        <links/>
+        <fees></fees>
+        <encoding></encoding>
+        <crs>
+          <spatialrefsys>
+            <proj4></proj4>
+            <srsid>0</srsid>
+            <srid>0</srid>
+            <authid></authid>
+            <description></description>
+            <projectionacronym></projectionacronym>
+            <ellipsoidacronym></ellipsoidacronym>
+            <geographicflag>true</geographicflag>
+          </spatialrefsys>
+        </crs>
+        <extent>
+          <spatial maxz="0" miny="0" minx="0" crs="" maxy="0" minz="0" dimensions="2" maxx="0"/>
+          <temporal>
+            <period>
+              <start></start>
+              <end></end>
+            </period>
+          </temporal>
+        </extent>
+      </resourceMetadata>
+      <provider encoding="UTF-8">ogr</provider>
+      <vectorjoins/>
+      <layerDependencies/>
+      <dataDependencies/>
+      <legend type="default-vector"/>
+      <expressionfields/>
+      <map-layer-style-manager current="default">
+        <map-layer-style name="default"/>
+      </map-layer-style-manager>
+      <auxiliaryLayer/>
+      <flags>
+        <Identifiable>1</Identifiable>
+        <Removable>1</Removable>
+        <Searchable>1</Searchable>
+      </flags>
+      <renderer-v2 type="singleSymbol" forceraster="0" enableorderby="0" symbollevels="0">
+        <symbols>
+          <symbol type="marker" name="0" force_rhr="0" alpha="1" clip_to_extent="1">
+            <layer class="SimpleMarker" locked="0" pass="0" enabled="1">
+              <prop k="angle" v="0"/>
+              <prop k="color" v="237,70,157,255"/>
+              <prop k="horizontal_anchor_point" v="1"/>
+              <prop k="joinstyle" v="bevel"/>
+              <prop k="name" v="circle"/>
+              <prop k="offset" v="0,0"/>
+              <prop k="offset_map_unit_scale" v="3x:0,0,0,0,0,0"/>
+              <prop k="offset_unit" v="MM"/>
+              <prop k="outline_color" v="35,35,35,255"/>
+              <prop k="outline_style" v="solid"/>
+              <prop k="outline_width" v="0"/>
+              <prop k="outline_width_map_unit_scale" v="3x:0,0,0,0,0,0"/>
+              <prop k="outline_width_unit" v="MM"/>
+              <prop k="scale_method" v="diameter"/>
+              <prop k="size" v="2"/>
+              <prop k="size_map_unit_scale" v="3x:0,0,0,0,0,0"/>
+              <prop k="size_unit" v="MM"/>
+              <prop k="vertical_anchor_point" v="1"/>
+              <data_defined_properties>
+                <Option type="Map">
+                  <Option type="QString" name="name" value=""/>
+                  <Option name="properties"/>
+                  <Option type="QString" name="type" value="collection"/>
+                </Option>
+              </data_defined_properties>
+            </layer>
+          </symbol>
+        </symbols>
+        <rotation/>
+        <sizescale/>
+      </renderer-v2>
+      <customproperties>
+        <property key="embeddedWidgets/count" value="0"/>
+        <property key="variableNames"/>
+        <property key="variableValues"/>
+      </customproperties>
+      <blendMode>0</blendMode>
+      <featureBlendMode>0</featureBlendMode>
+      <layerOpacity>1</layerOpacity>
+      <SingleCategoryDiagramRenderer diagramType="Histogram" attributeLegend="1">
+        <DiagramCategory height="15" backgroundColor="#ffffff" lineSizeType="MM" maxScaleDenominator="1e+8" labelPlacementMethod="XHeight" rotationOffset="270" penWidth="0" enabled="0" lineSizeScale="3x:0,0,0,0,0,0" sizeType="MM" penAlpha="255" width="15" minimumSize="0" scaleDependency="Area" scaleBasedVisibility="0" opacity="1" barWidth="5" penColor="#000000" sizeScale="3x:0,0,0,0,0,0" backgroundAlpha="255" minScaleDenominator="0" diagramOrientation="Up">
+          <fontProperties description="MS Shell Dlg 2,8.25,-1,5,50,0,0,0,0,0" style=""/>
+          <attribute label="" color="#000000" field=""/>
+        </DiagramCategory>
+      </SingleCategoryDiagramRenderer>
+      <DiagramLayerSettings priority="0" zIndex="0" showAll="1" placement="0" obstacle="0" linePlacementFlags="18" dist="0">
+        <properties>
+          <Option type="Map">
+            <Option type="QString" name="name" value=""/>
+            <Option name="properties"/>
+            <Option type="QString" name="type" value="collection"/>
+          </Option>
+        </properties>
+      </DiagramLayerSettings>
+      <geometryOptions removeDuplicateNodes="0" geometryPrecision="0">
+        <activeChecks/>
+        <checkConfiguration/>
+      </geometryOptions>
+      <fieldConfiguration>
+        <field name="id">
+          <editWidget type="TextEdit">
+            <config>
+              <Option/>
+            </config>
+          </editWidget>
+        </field>
+        <field name="Desc">
+          <editWidget type="TextEdit">
+            <config>
+              <Option/>
+            </config>
+          </editWidget>
+        </field>
+        <field name="Date">
+          <editWidget type="DateTime">
+            <config>
+              <Option/>
+            </config>
+          </editWidget>
+        </field>
+        <field name="Image">
+          <editWidget type="ExternalResource">
+            <config>
+              <Option type="Map">
+                <Option type="int" name="DocumentViewer" value="0"/>
+                <Option type="int" name="DocumentViewerHeight" value="0"/>
+                <Option type="int" name="DocumentViewerWidth" value="0"/>
+                <Option type="bool" name="FileWidget" value="true"/>
+                <Option type="bool" name="FileWidgetButton" value="true"/>
+                <Option type="QString" name="FileWidgetFilter" value=""/>
+                <Option type="Map" name="PropertyCollection">
+                  <Option type="QString" name="name" value=""/>
+                  <Option type="invalid" name="properties"/>
+                  <Option type="QString" name="type" value="collection"/>
+                </Option>
+                <Option type="int" name="RelativeStorage" value="1"/>
+                <Option type="int" name="StorageMode" value="0"/>
+              </Option>
+            </config>
+          </editWidget>
+        </field>
+      </fieldConfiguration>
+      <aliases>
+        <alias name="" index="0" field="id"/>
+        <alias name="" index="1" field="Desc"/>
+        <alias name="" index="2" field="Date"/>
+        <alias name="" index="3" field="Image"/>
+      </aliases>
+      <excludeAttributesWMS/>
+      <excludeAttributesWFS/>
+      <defaults>
+        <default expression="" applyOnUpdate="0" field="id"/>
+        <default expression="" applyOnUpdate="0" field="Desc"/>
+        <default expression="" applyOnUpdate="0" field="Date"/>
+        <default expression="" applyOnUpdate="0" field="Image"/>
+      </defaults>
+      <constraints>
+        <constraint field="id" constraints="0" unique_strength="0" exp_strength="0" notnull_strength="0"/>
+        <constraint field="Desc" constraints="0" unique_strength="0" exp_strength="0" notnull_strength="0"/>
+        <constraint field="Date" constraints="0" unique_strength="0" exp_strength="0" notnull_strength="0"/>
+        <constraint field="Image" constraints="0" unique_strength="0" exp_strength="0" notnull_strength="0"/>
+      </constraints>
+      <constraintExpressions>
+        <constraint field="id" exp="" desc=""/>
+        <constraint field="Desc" exp="" desc=""/>
+        <constraint field="Date" exp="" desc=""/>
+        <constraint field="Image" exp="" desc=""/>
+      </constraintExpressions>
+      <expressionfields/>
+      <attributeactions>
+        <defaultAction key="Canvas" value="{00000000-0000-0000-0000-000000000000}"/>
+      </attributeactions>
+      <attributetableconfig sortExpression="" sortOrder="0" actionWidgetStyle="dropDown">
+        <columns>
+          <column type="field" hidden="0" name="id" width="-1"/>
+          <column type="field" hidden="0" name="Desc" width="-1"/>
+          <column type="field" hidden="0" name="Date" width="-1"/>
+          <column type="field" hidden="0" name="Image" width="-1"/>
+          <column type="actions" hidden="1" width="-1"/>
+        </columns>
+      </attributetableconfig>
+      <conditionalstyles>
+        <rowstyles/>
+        <fieldstyles/>
+      </conditionalstyles>
+      <editform tolerant="1"></editform>
+      <editforminit/>
+      <editforminitcodesource>0</editforminitcodesource>
+      <editforminitfilepath></editforminitfilepath>
+      <editforminitcode><![CDATA[# -*- coding: utf-8 -*-
+"""
+QGIS forms can have a Python function that is called when the form is
+opened.
+
+Use this function to add extra logic to your forms.
+
+Enter the name of the function in the "Python Init function"
+field.
+An example follows:
+"""
+from qgis.PyQt.QtWidgets import QWidget
+
+def my_form_open(dialog, layer, feature):
+	geom = feature.geometry()
+	control = dialog.findChild(QWidget, "MyLineEdit")
+]]></editforminitcode>
+      <featformsuppress>0</featformsuppress>
+      <editorlayout>generatedlayout</editorlayout>
+      <editable>
+        <field name="Date" editable="1"/>
+        <field name="Desc" editable="1"/>
+        <field name="Image" editable="1"/>
+        <field name="id" editable="1"/>
+      </editable>
+      <labelOnTop>
+        <field name="Date" labelOnTop="0"/>
+        <field name="Desc" labelOnTop="0"/>
+        <field name="Image" labelOnTop="0"/>
+        <field name="id" labelOnTop="0"/>
+      </labelOnTop>
+      <widgets/>
+      <previewExpression> "id" || ' ' ||  "Desc" || ' surevyed on ' ||  "Date" </previewExpression>
+      <mapTip></mapTip>
+    </maplayer>
+  </projectlayers>
+  <layerorder>
+    <layer id="test_cb445cf1_520a_45a2_a417_47db296d5715"/>
+    <layer id="polygon_77fbe60b_69aa_4d89_acf0_e6bf94188aeb"/>
+  </layerorder>
+  <properties>
+    <DefaultStyles>
+      <ColorRamp type="QString"></ColorRamp>
+      <Fill type="QString"></Fill>
+      <Line type="QString"></Line>
+      <Marker type="QString"></Marker>
+      <Opacity type="double">1</Opacity>
+      <RandomColors type="bool">true</RandomColors>
+    </DefaultStyles>
+    <Gui>
+      <CanvasColorBluePart type="int">255</CanvasColorBluePart>
+      <CanvasColorGreenPart type="int">255</CanvasColorGreenPart>
+      <CanvasColorRedPart type="int">255</CanvasColorRedPart>
+      <SelectionColorAlphaPart type="int">255</SelectionColorAlphaPart>
+      <SelectionColorBluePart type="int">0</SelectionColorBluePart>
+      <SelectionColorGreenPart type="int">255</SelectionColorGreenPart>
+      <SelectionColorRedPart type="int">255</SelectionColorRedPart>
+    </Gui>
+    <Identify>
+      <disabledLayers type="QStringList"/>
+    </Identify>
+    <Legend>
+      <filterByMap type="bool">false</filterByMap>
+    </Legend>
+    <Macros>
+      <pythonCode type="QString"></pythonCode>
+    </Macros>
+    <Measure>
+      <Ellipsoid type="QString">WGS84</Ellipsoid>
+    </Measure>
+    <Measurement>
+      <AreaUnits type="QString">m2</AreaUnits>
+      <DistanceUnits type="QString">meters</DistanceUnits>
+    </Measurement>
+    <PAL>
+      <CandidatesLine type="int">50</CandidatesLine>
+      <CandidatesPoint type="int">16</CandidatesPoint>
+      <CandidatesPolygon type="int">30</CandidatesPolygon>
+      <DrawOutlineLabels type="bool">true</DrawOutlineLabels>
+      <DrawRectOnly type="bool">false</DrawRectOnly>
+      <SearchMethod type="int">0</SearchMethod>
+      <ShowingAllLabels type="bool">false</ShowingAllLabels>
+      <ShowingCandidates type="bool">false</ShowingCandidates>
+      <ShowingPartialsLabels type="bool">true</ShowingPartialsLabels>
+      <TextFormat type="int">0</TextFormat>
+    </PAL>
+    <Paths>
+      <Absolute type="bool">false</Absolute>
+    </Paths>
+    <PositionPrecision>
+      <Automatic type="bool">true</Automatic>
+      <DecimalPlaces type="int">2</DecimalPlaces>
+      <DegreeFormat type="QString">MU</DegreeFormat>
+    </PositionPrecision>
+    <SpatialRefSys>
+      <ProjectionsEnabled type="int">1</ProjectionsEnabled>
+    </SpatialRefSys>
+    <WCSLayers type="QStringList"/>
+    <WCSUrl type="QString"></WCSUrl>
+    <WFSLayers type="QStringList"/>
+    <WFSTLayers>
+      <Delete type="QStringList"/>
+      <Insert type="QStringList"/>
+      <Update type="QStringList"/>
+    </WFSTLayers>
+    <WFSUrl type="QString"></WFSUrl>
+    <WMSAccessConstraints type="QString">None</WMSAccessConstraints>
+    <WMSAddWktGeometry type="bool">false</WMSAddWktGeometry>
+    <WMSContactMail type="QString"></WMSContactMail>
+    <WMSContactOrganization type="QString"></WMSContactOrganization>
+    <WMSContactPerson type="QString"></WMSContactPerson>
+    <WMSContactPhone type="QString"></WMSContactPhone>
+    <WMSContactPosition type="QString"></WMSContactPosition>
+    <WMSFees type="QString">conditions unknown</WMSFees>
+    <WMSImageQuality type="int">90</WMSImageQuality>
+    <WMSKeywordList type="QStringList">
+      <value></value>
+    </WMSKeywordList>
+    <WMSOnlineResource type="QString"></WMSOnlineResource>
+    <WMSPrecision type="QString">8</WMSPrecision>
+    <WMSRequestDefinedDataSources type="bool">false</WMSRequestDefinedDataSources>
+    <WMSSegmentizeFeatureInfoGeometry type="bool">false</WMSSegmentizeFeatureInfoGeometry>
+    <WMSServiceAbstract type="QString"></WMSServiceAbstract>
+    <WMSServiceCapabilities type="bool">false</WMSServiceCapabilities>
+    <WMSServiceTitle type="QString"></WMSServiceTitle>
+    <WMSUrl type="QString"></WMSUrl>
+    <WMSUseLayerIDs type="bool">false</WMSUseLayerIDs>
+  </properties>
+  <visibility-presets/>
+  <transformContext/>
+  <projectMetadata>
+    <identifier></identifier>
+    <parentidentifier></parentidentifier>
+    <language></language>
+    <type></type>
+    <title></title>
+    <abstract></abstract>
+    <links/>
+    <author></author>
+    <creation></creation>
+  </projectMetadata>
+  <Annotations/>
+  <Layouts/>
+</qgis>
\ No newline at end of file
diff --git a/server/test/test_user.py b/server/test/test_user.py
new file mode 100644
index 00000000..6948920c
--- /dev/null
+++ b/server/test/test_user.py
@@ -0,0 +1,50 @@
+import json
+from unittest.mock import patch
+
+from src.auth.models import User, UserProfile
+from src.models.db_models import Project
+from src import db
+from src.celery import send_email_async
+from . import test_project, test_namespace, json_headers
+
+
+@patch('src.celery.send_email_async.apply_async')
+def test_mail_notifications(send_email_mock, client):
+    project = Project.query.filter_by(name=test_project, namespace=test_namespace).first()
+    # need for private project
+    project.access.public = False
+    db.session.add(project)
+    # add some tester
+    test_user = User(username='tester', passwd='tester', is_admin=False, email='tester@mergin.com')
+    test_user.verified_email = True
+    test_user.profile = UserProfile()
+    db.session.add(test_user)
+    test_user2 = User(username='tester2', passwd='tester2', is_admin=False, email='tester2@mergin.com')
+    test_user2.active = True
+    test_user2.verified_email = True
+    test_user2.profile = UserProfile()
+    db.session.add(test_user2)
+    db.session.commit()
+
+    # add test user as reader to project
+    data = {"access": {"readers": project.access.readers + [test_user.id]}}
+    resp = client.put('/v1/project/{}/{}'.format(test_namespace, test_project), data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == 200
+    assert test_user.id in project.access.readers
+    call_args, _ = send_email_mock.call_args
+    _, email_data = call_args
+    assert test_user.email in email_data['recipients']
+
+    # disable notifications for test_user, and promote test_user and test_user2 to writers
+    user_profile = UserProfile.query.filter_by(user_id=test_user.id).first()
+    user_profile.receive_notifications = False
+    data = {"access": {"writers": project.access.readers + [test_user2.id]}}
+    resp = client.put('/v1/project/{}/{}'.format(test_namespace, test_project), data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == 200
+    assert test_user.id in project.access.writers
+    assert test_user2.id in project.access.writers
+    call_args, _ = send_email_mock.call_args
+    _, email_data = call_args
+    # only test_user2 receives notification
+    assert test_user.email not in email_data['recipients']
+    assert test_user2.email in email_data['recipients']
diff --git a/server/test/test_utils.py b/server/test/test_utils.py
new file mode 100644
index 00000000..f9386968
--- /dev/null
+++ b/server/test/test_utils.py
@@ -0,0 +1,52 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+import json
+import os
+import pytest
+from flask import url_for, current_app
+from sqlalchemy import desc
+
+from src.auth.models import LoginHistory
+from . import json_headers
+from .utils import login
+
+
+@pytest.fixture(scope='function')
+def client(app):
+    client = app.test_client()
+    return client
+
+
+def test_maintenance_mode(client):
+    main_file = current_app.config['MAINTENANCE_FILE']
+    try:
+        # create maintenance file
+        file = open(main_file, 'w+')
+        login(client, "mergin", "ilovemergin")
+
+        login_history = LoginHistory.query.filter_by(username='mergin').order_by(
+            desc(LoginHistory.timestamp)).first()
+        # no login history was created because server is in maintenance mode
+        assert not login_history
+
+        resp = client.post('/v1/project/{}'.format('mergin'), data=json.dumps({"name": ' foo '}), headers=json_headers)
+        assert resp.status_code == 503
+
+        resp = client.get(url_for('auth.logout'))
+        assert resp.status_code == 200
+
+        # delete maintenance file
+        os.remove(main_file)
+
+        login(client, "mergin", "ilovemergin")
+        login_history = LoginHistory.query.filter_by(username='mergin').order_by(
+            desc(LoginHistory.timestamp)).first()
+        assert login_history
+
+        resp = client.post('/v1/project/{}'.format('mergin'), data=json.dumps({"name": ' foo '}), headers=json_headers)
+        assert resp.status_code == 200
+    finally:
+        # delete maintenance file if test failed
+        if os.path.isfile(main_file):
+            os.remove(main_file)
+
diff --git a/server/test/test_web.py b/server/test/test_web.py
new file mode 100644
index 00000000..19d7ab2f
--- /dev/null
+++ b/server/test/test_web.py
@@ -0,0 +1,97 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+import json
+from flask import url_for
+from unittest.mock import patch
+
+from src.models.db_models import AccessRequest, Project
+from src import db
+from src.auth.models import User
+from .utils import login, create_project, add_user
+from . import json_headers
+
+
+@patch('src.celery.send_email_async.apply_async')
+def test_email_notifications(send_email_mock, client):
+    url = url_for('send_email_notification')
+    users = User.query.all()
+    for user in users:
+        user.verified_email = True
+        db.session.add(user)
+    db.session.commit()
+    data = {
+        'users': [u.username for u in users],
+        'subject': 'Test',
+        'message': '<p><h1>Greeting,</h1> this is a <b>test message</b></p>'
+    }
+    resp = client.post(url, data=json.dumps(data), headers=json_headers)
+    assert resp.status_code == 200
+    call_args, _ = send_email_mock.call_args
+    _, email_data = call_args
+    assert data['subject'] == email_data['subject']
+    assert data['message'] == email_data['html']
+    assert [u.email for u in users] == email_data['bcc']
+
+
+def test_project_access_request(client):
+    user = User.query.filter(User.username == 'mergin').first()
+    p = create_project("testx", "mergin", user)
+
+    user2 = add_user("test_user", "ilovemergin")
+    login(client, 'test_user', 'ilovemergin')
+
+    url = url_for('create_project_access_request', namespace="mergin", project_name="testx")
+
+    user2.active = False
+    db.session.commit()
+
+    # inactive user
+    resp = client.post(url, headers=json_headers)
+    assert resp.status_code == 409
+
+    user2.active = True
+    db.session.commit()
+
+    resp = client.post(url, headers=json_headers)
+    access_request = AccessRequest.query.filter(AccessRequest.namespace == "mergin", AccessRequest.project_id == p.id).first()
+    assert resp.status_code == 200
+    assert access_request.user.username == "test_user"
+
+    # already exists
+    resp = client.post(url, headers=json_headers)
+    assert resp.status_code == 409
+
+    url2 = url_for('get_project_access_requests')
+    resp = client.get(url2, headers=json_headers)
+    assert resp.status_code == 200
+    resp_data = json.loads(resp.data)
+    assert resp_data[0]['user']["username"] == "test_user"
+
+    url2 = url_for('delete_project_access_request', request_id=access_request.id)
+    resp = client.delete(url2, headers=json_headers)
+    assert resp.status_code == 200
+    access_request = AccessRequest.query.filter(AccessRequest.namespace == "mergin", AccessRequest.project_id == p.id).first()
+    assert access_request is None
+
+    resp = client.post(url, headers=json_headers)
+    assert resp.status_code == 200
+    access_request = AccessRequest.query.filter(AccessRequest.namespace == "mergin",
+                                                AccessRequest.project_id == p.id).first()
+    assert access_request.user.username == "test_user"
+
+
+    url = url_for('accept_project_access_request', request_id=access_request.id)
+    data = {"permissions": "write"}
+    resp = client.post(url, headers=json_headers, data=json.dumps(data))
+    assert resp.status_code == 403
+
+    login(client, 'mergin', 'ilovemergin')
+    resp = client.post(url, headers=json_headers, data=json.dumps(data))
+    assert resp.status_code == 200
+    access_request = AccessRequest.query.filter(AccessRequest.namespace == "mergin", AccessRequest.project_id == p.id).first()
+    assert access_request is None
+    project = Project.query.filter(Project.name == "testx", Project.namespace == "mergin").first()
+    assert user2.id in project.access.readers
+    assert user2.id in project.access.writers
+    assert user2.id not in project.access.owners
diff --git a/server/test/test_webhook.py b/server/test/test_webhook.py
new file mode 100644
index 00000000..2daa90da
--- /dev/null
+++ b/server/test/test_webhook.py
@@ -0,0 +1,41 @@
+# Copyright (C) 2019 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+import pytest
+import responses
+from blinker.base import NamedSignal
+from src.webhooks import WebhookManager, Webhook
+
+
+@pytest.fixture
+def mocked_resp():
+    with responses.RequestsMock() as resp:
+        yield resp
+
+
+def test_webhook_manager(mocked_resp, caplog):
+    wm = WebhookManager()
+    wm.register_signal('test')
+    assert 'test' in wm.signals
+    assert isinstance(wm.signals['test'], NamedSignal)
+
+    wm.connect_handler('test', 'handler')
+    assert not wm.signals['test'].receivers
+    handler = Webhook('Handler', 'unknown_url')
+    wm.connect_handler('test', handler)
+    assert wm.signals['test'].receivers
+
+    wm.emit_signal('test', 'Sender', foo='bar')
+    assert caplog.record_tuples[0][2] == 'Invalid url unknown_url, webhook Handler from sender Sender failed: {\'foo\': \'bar\'}'
+
+    wm.disconnect_handler('test', handler)
+    assert not wm.signals['test'].receivers
+
+    mocked_resp.add(responses.POST, 'http://webhook-test.com', body='{}', status=200, content_type='application/json')
+    handler = Webhook('Handler', 'http://webhook-test.com')
+    wm.connect_handler('test', handler)
+    resp = wm.emit_signal('test', 'Sender', foo='bar')[0][1]
+    assert resp.ok
+
+    wm.remove_signal('test')
+    assert not wm.signals
diff --git a/server/test/utils.py b/server/test/utils.py
new file mode 100644
index 00000000..820e0776
--- /dev/null
+++ b/server/test/utils.py
@@ -0,0 +1,182 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+import json
+import shutil
+from datetime import datetime
+from flask import url_for, current_app
+import os
+from sqlalchemy import or_
+from sqlalchemy.orm.attributes import flag_modified
+
+from src.auth.models import User, UserProfile
+from src.mergin_utils import generate_location, generate_checksum
+from src.models.db_models import Project, ProjectAccess, ProjectVersion, Namespace, ProjectTransfer, Account
+from src.organisation.models import Organisation
+from src import db
+from . import json_headers, DEFAULT_USER, test_project, test_project_dir
+
+
+def add_user(username, password, is_admin=False):
+    """ Helper function to create not-privileged user.
+    Associated user namespace is created with db hook.
+
+    :param username: username
+    :type username: str
+    :param password: password
+    :type password: str
+    :param is_admin: whether user is mergin admin
+    :type is_admin: bool
+    :returns: User
+    """
+    user = User(username=username, passwd=password, is_admin=is_admin, email=f"{username}@mergin.com")
+    user.active = True
+    user.verified_email = True
+    user.profile = UserProfile()
+    db.session.add(user)
+    db.session.commit()
+    return user
+
+
+def login(client, username, password):
+    resp = client.post(
+        url_for('auth.login'),
+        data=json.dumps({'login': username, 'password': password}),
+        headers=json_headers
+    )
+    assert resp.status_code == 200
+
+
+def create_project(name, namespace, user, **kwargs):
+    default_project = {"storage_params": {"type": "local", "location": generate_location()}, "name": name}
+    project_params = dict(default_project)
+    project_params['creator'] = user
+    project_params['namespace'] = namespace
+
+    p = Project(**project_params, **kwargs)
+    p.updated = datetime.utcnow()
+    db.session.add(p)
+
+    public = kwargs.get("public", False)
+    pa = ProjectAccess(p, public)
+    db.session.add(pa)
+
+    changes = {"added": [], "renamed": [], "updated": [], "removed": []}
+    pv = ProjectVersion(p, 'v0', user.username, changes, p.files, '127.0.0.1')
+    p.versions.append(pv)
+    db.session.commit()
+
+    os.makedirs(p.storage.project_dir, exist_ok=True)
+    return p
+
+
+def cleanup(client, projects_dirs):
+    """ Clean up project files created at various test scenarios """
+    for d in projects_dirs:
+        path = os.path.join(client.application.config['LOCAL_PROJECTS'], d)
+        if os.path.exists(path):
+            shutil.rmtree(path)
+
+
+def login_as_admin(client):
+    login(client, 'mergin', 'ilovemergin')
+
+
+def share_project(project, user):
+    project.access.owners.append(user.id)
+    project.access.writers.append(user.id)
+    project.access.readers.append(user.id)
+    flag_modified(project.access, "owners")
+    flag_modified(project.access, "writers")
+    flag_modified(project.access, "readers")
+    db.session.add(project)
+    db.session.commit()
+
+
+def transfer_project(project, to_namespace):
+    project_transfer = ProjectTransfer(project, to_namespace, project.creator_id)
+    db.session.add(project_transfer)
+    db.session.commit()
+    return project_transfer
+
+
+def get_shared_projects(user):
+    projects = Project.query.filter(Project.namespace != user.username).filter(
+        or_(Project.access.has(ProjectAccess.owners.contains([user.id])),
+            Project.access.has(ProjectAccess.writers.contains([user.id])),
+            Project.access.has(ProjectAccess.readers.contains([user.id])))
+    ).all()
+    return projects
+
+
+def create_organisation(name, owner):
+    org = Organisation(name=name, creator_id=owner.id)
+    db.session.add(org)
+    db.session.commit()
+    return org
+
+
+class Response:
+    """ Simple mock of requests.response object. """
+    def __init__(self, ok, json):
+        self.ok = ok
+        self._json = json
+        self.text = f'{json}'
+
+    def json(self):
+        return self._json
+
+
+class DateTimeEncoder(json.JSONEncoder):
+    def default(self, obj):
+        if isinstance(obj, datetime):
+            return obj.isoformat()
+
+        return super().default(obj)
+
+
+def initialize():
+    # clean up (in case of previous failures)
+    proj_dir = os.path.join(current_app.config['LOCAL_PROJECTS'], DEFAULT_USER[0])
+    if os.path.exists(proj_dir):
+        shutil.rmtree(proj_dir)
+
+    # add default user/super admin
+    user = add_user(DEFAULT_USER[0], DEFAULT_USER[1], is_admin=True)
+
+    # add default test project for later use
+    project_params = {
+        "storage_params": {"type": "local", "location": os.path.join(DEFAULT_USER[0], test_project)},
+        "name": test_project,
+        "creator": user,
+        "namespace": user.username
+    }
+
+    p = Project(**project_params)
+    p.files = []
+    for root, dirs, files in os.walk(test_project_dir, topdown=True):  # pylint: disable=W0612
+        for f in files:
+            abs_path = os.path.join(root, f)
+            p.files.append({
+                'path': abs_path.replace(test_project_dir, '').lstrip('/'),
+                'location': os.path.join('v1', abs_path.replace(test_project_dir, '').lstrip('/')),
+                'size': os.path.getsize(abs_path),
+                'checksum': generate_checksum(abs_path),
+                'mtime': datetime.fromtimestamp(os.path.getmtime(abs_path))
+            })
+    p.latest_version = "v1"
+    db.session.add(p)
+
+    # add default project permissions
+    pa = ProjectAccess(p, True)
+    db.session.add(pa)
+    db.session.commit()
+
+    changes = {"added": p.files, "renamed": [], "updated": [], "removed": []}
+    pv = ProjectVersion(p, 'v1', user.username, changes, p.files, '127.0.0.1')
+    db.session.add(pv)
+    db.session.commit()
+
+    # mimic files were uploaded
+    shutil.copytree(os.path.join(current_app.config['TEST_DIR'], test_project),
+                    os.path.join(proj_dir, test_project, 'v1'))
diff --git a/web-app/.browserslistrc b/web-app/.browserslistrc
new file mode 100644
index 00000000..9dee6464
--- /dev/null
+++ b/web-app/.browserslistrc
@@ -0,0 +1,3 @@
+> 1%
+last 2 versions
+not ie <= 8
diff --git a/web-app/.eslintrc.js b/web-app/.eslintrc.js
new file mode 100644
index 00000000..6c7acb98
--- /dev/null
+++ b/web-app/.eslintrc.js
@@ -0,0 +1,18 @@
+module.exports = {
+  root: true,
+  env: {
+    node: true
+  },
+  extends: [
+    'plugin:vue/essential',
+    '@vue/standard'
+  ],
+  rules: {
+    'no-console': process.env.NODE_ENV === 'production' ? 'error' : 'off',
+    'no-debugger': process.env.NODE_ENV === 'production' ? 'error' : 'off',
+    'no-multiple-empty-lines': ['warn', { max: 2 }]
+  },
+  parserOptions: {
+    parser: 'babel-eslint'
+  }
+}
diff --git a/web-app/.gitignore b/web-app/.gitignore
new file mode 100644
index 00000000..ea575e25
--- /dev/null
+++ b/web-app/.gitignore
@@ -0,0 +1,23 @@
+.DS_Store
+node_modules
+/dist
+package-lock.json
+
+# local env files
+.env.local
+.env.*.local
+
+# Log files
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+*.log
+
+# Editor directories and files
+.idea
+.vscode
+*.suo
+*.ntvs*
+*.njsproj
+*.sln
+*.sw*
diff --git a/web-app/babel.config.js b/web-app/babel.config.js
new file mode 100644
index 00000000..ba179669
--- /dev/null
+++ b/web-app/babel.config.js
@@ -0,0 +1,5 @@
+module.exports = {
+  presets: [
+    '@vue/app'
+  ]
+}
diff --git a/web-app/package.json b/web-app/package.json
new file mode 100644
index 00000000..1246c586
--- /dev/null
+++ b/web-app/package.json
@@ -0,0 +1,68 @@
+{
+  "name": "mergin",
+  "version": "0.1.0",
+  "private": true,
+  "scripts": {
+    "serve": "vue-cli-service serve",
+    "build": "vue-cli-service build",
+    "lint": "vue-cli-service lint --fix",
+    "i18n:report": "vue-cli-service i18n:report --src './src/admin/**/*.?(js|vue)' --locales './src/admin/locales/**/*.json'"
+  },
+  "dependencies": {
+    "@gtm-support/vue2-gtm": "^1.0.0",
+    "@mdi/font": "^5.3.45",
+    "axios": "^0.21.1",
+    "axios-retry": "^3.1.2",
+    "core-js": "^3.6.5",
+    "country-region-data": "^1.6.0",
+    "crypto-js": "^3.1.9-1",
+    "date-fns": "^1.29.0",
+    "file-saver": "^2.0.5",
+    "lodash": "^4.17.15",
+    "material-icons": "^0.2.3",
+    "mdi-vue": "^1.6.3",
+    "node-sass": "^4.9.4",
+    "pdfjs-dist": "2.5.207",
+    "portal-vue": "^2.1.7",
+    "sass-loader": "^8.0.0",
+    "stylus-loader": "^3.0.2",
+    "tiptap": "^1.19.2",
+    "tiptap-extensions": "^1.19.2",
+    "vue": "^2.6.11",
+    "vue-country-region-select": "^2.0.14",
+    "vue-i18n": "^8.15.3",
+    "vue-material-design-icons": "^4.7.1",
+    "vue-meta": "^2.4.0",
+    "vue-pdf": "^4.1.0",
+    "vue-router": "^3.5.1",
+    "vue-tel-input": "~4.3.0",
+    "vue-wysiwyg": "^1.7.2",
+    "vuetify": "2.2.11",
+    "vuex": "^3.1.2"
+  },
+  "devDependencies": {
+    "@vue/cli-plugin-babel": "^4.1.2",
+    "@vue/cli-plugin-e2e-cypress": "^4.1.2",
+    "@vue/cli-plugin-eslint": "^4.1.2",
+    "@vue/cli-plugin-unit-jest": "^4.1.2",
+    "@vue/cli-service": "^4.1.2",
+    "@vue/eslint-config-standard": "^5.0.1",
+    "@vue/test-utils": "1.0.0-beta.30",
+    "babel-core": "7.0.0-bridge.0",
+    "babel-eslint": "^10.0.3",
+    "babel-jest": "^24.9.0",
+    "eslint": "^6.8.0",
+    "eslint-config-vuetify": "^0.4.1",
+    "eslint-plugin-vue": "^6.1.2",
+    "@fortawesome/fontawesome-free": "^5.9.0",
+    "svg-inline-loader": "^0.8.0",
+    "vue-template-compiler": "^2.5.17",
+    "sass": "^1.24.3",
+    "vee-validate": "^3.2.2",
+    "vue-chartist": "^2.2.1",
+    "vue-cli-plugin-i18n": "^0.6.0",
+    "vue-cli-plugin-vuetify": "^2.0.3",
+    "vue-world-map": "^0.1.1",
+    "vuetify-loader": "^1.4.3"
+  }
+}
diff --git a/web-app/postcss.config.js b/web-app/postcss.config.js
new file mode 100644
index 00000000..961986e2
--- /dev/null
+++ b/web-app/postcss.config.js
@@ -0,0 +1,5 @@
+module.exports = {
+  plugins: {
+    autoprefixer: {}
+  }
+}
diff --git a/web-app/public/favicon.ico b/web-app/public/favicon.ico
new file mode 100644
index 00000000..5204da91
Binary files /dev/null and b/web-app/public/favicon.ico differ
diff --git a/web-app/public/index.html b/web-app/public/index.html
new file mode 100644
index 00000000..05bb1ebd
--- /dev/null
+++ b/web-app/public/index.html
@@ -0,0 +1,19 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width,initial-scale=1.0">
+    <link rel="icon" href="<%= BASE_URL %>favicon.ico">
+    <script src="https://js.stripe.com/v3/"></script>
+    <title>Mergin</title>
+  </head>
+  <body>
+    <noscript>
+      <strong>We're sorry but web-app doesn't work properly without JavaScript enabled. Please enable it to continue.</strong>
+    </noscript>
+    <div id="app"></div>
+    <!-- built files will be auto injected -->
+
+  </body>
+</html>
diff --git a/web-app/public/index_main.html b/web-app/public/index_main.html
new file mode 100644
index 00000000..fa2ca8ef
--- /dev/null
+++ b/web-app/public/index_main.html
@@ -0,0 +1,20 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width,initial-scale=1.0">
+    <link rel="icon" href="<%= BASE_URL %>favicon.ico">
+    <title>Mergin</title>
+  </head>
+  <body>
+    <noscript>
+      <strong>We're sorry but web-app doesn't work properly without JavaScript enabled. Please enable it to continue.</strong>
+    </noscript>
+    <div id="app"></div>
+    <!-- built files will be auto injected -->
+    <script type="text/javascript">
+      window.app = {{ data | tojson | safe }}
+    </script>
+  </body>
+</html>
diff --git a/web-app/src/App.vue b/web-app/src/App.vue
new file mode 100644
index 00000000..1becd266
--- /dev/null
+++ b/web-app/src/App.vue
@@ -0,0 +1,254 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-app>
+    <dialog-windows/>
+    <v-layout column fill-height>
+      <transition name="fade">
+        <router-view name="header"/>
+      </transition>
+      <transition name="fade">
+        <router-view :key="$route.fullPath" name="sidebar"/>
+      </transition>
+      <v-card v-if="pingData && pingData.maintenance"
+              outlined
+              class="maintenance_warning">
+        <v-card-text>
+          <b>The service is currently in read-only mode for maintenance. Upload and update functions are not available at this time. Please try again later.</b>
+        </v-card-text>
+      </v-card>
+      <v-layout
+        column fill-height
+        class="app-content"
+      >
+        <transition name="fade">
+          <router-view  class="page"/>
+        </transition>
+      </v-layout>
+
+    </v-layout>
+    <upload-progress/>
+    <notifications/>
+  </v-app>
+</template>
+
+<script>
+import Notifications from '@/components/Notifications'
+import DialogWindows from '@/components/DialogWindows'
+import UploadProgress from '@/components/UploadProgress'
+import { CustomError } from './util'
+
+export default {
+  name: 'app',
+  components: { UploadProgress, Notifications, DialogWindows },
+  metaInfo () {
+    return {
+      title: 'Mergin',
+      meta: [
+        { name: 'description', content: 'Store and track changes to your geo-data. Mergin is a repository of geo-data for collaborative work.' },
+        { property: 'og:title', content: 'Store and track changes to your geo-data. Mergin is a repository of geo-data for collaborative work.' },
+        { property: 'og:site_name', content: 'Mergin' }
+      ]
+    }
+  },
+  data () {
+    return {
+      pingData: null
+    }
+  },
+  computed: {
+    app () {
+      return this.$store.state.app
+    },
+    showLogin () {
+      return !this.app.user
+    },
+    error () {
+      return this.$store.state.serverError
+    }
+  },
+  watch: {
+    error () {
+      if (!this.error) return
+      this.$notification.error(this.error)
+      this.$store.commit('serverError', null) // reset error so it is displayed just once
+    }
+  },
+  created () {
+    this.getPingData()
+    this.$http.interceptors.request.use(
+      request => {
+        if (this.pingData && this.pingData.maintenance && request.method !== 'get' && !request.url.includes('/project/by_names') && !request.url.includes('/auth/login')) {
+          // mimic regular response object, server will not be called
+          const custError = new CustomError('reason', { data: { detail: 'The service is currently in read-only mode for maintenance. Upload and update functions are not available at this time. Please try again later.' }, status: 503 })
+          return Promise.reject(custError)
+        }
+        return request
+      },
+      error => {
+        return Promise.reject(error)
+      }
+    )
+    this.$http.interceptors.response.use(
+      response => response,
+      error => {
+        if (error.response) {
+          const { status } = error.response
+          if (status === 401 && this.app.user) {
+            this.$store.commit('user', null)
+          }
+        }
+        return Promise.reject(error)
+      }
+    )
+  },
+  methods: {
+    getPingData () {
+      this.$http.get('/ping')
+        .then(resp => {
+          this.pingData = resp.data
+        })
+        .catch(() => {
+          this.$notification.error('Failed to ping server')
+        })
+    }
+  }
+}
+</script>
+
+<style lang="scss">
+html, body, .v-application {
+  height: 100%;
+  overflow: hidden!important;
+  font-size: 14px;
+}
+.app-content {
+  position: relative;
+}
+a {
+  outline: none;
+}
+
+h3 {
+  color: #2d4470;
+}
+
+.fade-leave-active {
+  position: absolute;
+  top: 0;
+  left: 0;
+  right: 0;
+  bottom: 0;
+}
+.fade-enter-active, .fade-leave-active {
+  transition: opacity 0.25s;
+}
+.fade-enter, .fade-leave-to {
+  opacity: 0;
+}
+.v-data-table {
+  tbody {
+    td {
+      font-size: 13px
+    }
+  }
+}
+.maintenance_warning {
+  margin: auto;
+  width: 100%;
+  background-color: orange !important;
+  color: rgba(0,0,0,.87) !important;
+  padding-left: 400px;
+  text-align: center;
+  @media (max-width: 960px) {
+    padding-left: 40px;
+  }
+}
+
+.v-data-table  {
+  table {
+    thead {
+      tr {
+        th {
+          font-weight: 500;
+          font-size: 12px;
+        }
+      }
+    }
+  }
+}
+
+.v-btn.v-size--default {
+  font-size: 14px;
+  font-weight: 400;
+}
+
+.theme--light.v-data-table {
+  margin: .5em 0;
+  border: 1px solid #ddd;
+  border-radius: 3px;
+  padding: .5em;
+  background-color: #f9f9f9;
+}
+
+.v-card__subtitle, .v-card__text {
+  font-size: 13px;
+}
+
+.v-btn {
+  margin: 6px 8px 6px 8px;
+  text-transform: capitalize;
+}
+
+.v-list-item--link::before {
+  background-color: transparent;
+}
+
+.v-list-item--link:hover {
+    background: rgba(0,0,0,.04);
+}
+
+.v-list-item--active {
+  color: #2d4470 !important;
+}
+
+.v-list--dense .v-list-item {
+    min-height: 20px;
+}
+
+.v-list-item.v-list-item__content.v-list-item__title {
+    font-weight: 300;
+}
+
+.theme--light.v-btn:not(.v-btn--flat):not(.v-btn--text):not(.v-btn--outlined){
+    background-color: #f5f5f5;
+}
+
+.theme--light.v-btn:not(.v-btn--flat):not(.v-btn--text):not(.v-btn--outlined):hover {
+    background-color: #999;
+}
+
+.theme--light.v-input:not(.v-input--is-disabled) input, .theme--light.v-input:not(.v-input--is-disabled) textarea {
+    color: rgba(0,0,0,.87);
+}
+
+.v-table tr {
+    color: #555;
+}
+
+.v-label::first-letter {
+  text-transform: uppercase;
+}
+
+.v-label {
+  min-width: 50px;
+}
+</style>
+
+<style lang="scss" scoped>
+.layout.fill-height {
+  overflow: hidden;
+  min-height: 0;
+}
+</style>
diff --git a/web-app/src/admin/components/base/Card.vue b/web-app/src/admin/components/base/Card.vue
new file mode 100644
index 00000000..16ec4919
--- /dev/null
+++ b/web-app/src/admin/components/base/Card.vue
@@ -0,0 +1,9 @@
+<script>
+import { VCard } from 'vuetify/lib'
+
+export default {
+  name: 'Card',
+
+  extends: VCard
+}
+</script>
diff --git a/web-app/src/admin/components/base/Item.vue b/web-app/src/admin/components/base/Item.vue
new file mode 100644
index 00000000..1d86be28
--- /dev/null
+++ b/web-app/src/admin/components/base/Item.vue
@@ -0,0 +1,77 @@
+<template>
+  <v-list-item
+    :href="href"
+    :rel="href && href !== '#' ? 'noopener' : undefined"
+    :target="href && href !== '#' ? '_blank' : undefined"
+    :to="item.to"
+    active-class="grey"
+  >
+    <v-list-item-icon
+      v-if="text"
+      class="v-list-item__icon--text"
+      v-text="computedText"
+      :class="`${color}--text`"
+    />
+
+    <v-list-item-icon v-else-if="item.icon">
+      <v-icon
+        :class="`${color}--text`"
+        v-text="item.icon"
+      />
+    </v-list-item-icon>
+
+    <v-list-item-content v-if="item.title || item.subtitle" :class="`${color}--text`">
+      <v-list-item-title v-text="item.title" />
+
+      <v-list-item-subtitle v-text="item.subtitle" />
+    </v-list-item-content>
+  </v-list-item>
+</template>
+
+<script>
+import Themeable from 'vuetify/lib/mixins/themeable'
+
+export default {
+  name: 'Item',
+
+  mixins: [Themeable],
+
+  props: {
+    color: {
+      type: String,
+      default: 'white'
+    },
+    item: {
+      type: Object,
+      default: () => ({
+        href: undefined,
+        icon: undefined,
+        subtitle: undefined,
+        title: undefined,
+        to: undefined
+      })
+    },
+    text: {
+      type: Boolean,
+      default: false
+    }
+  },
+
+  computed: {
+    computedText () {
+      if (!this.item || !this.item.title) return ''
+
+      let text = ''
+
+      this.item.title.split(' ').forEach(val => {
+        text += val.substring(0, 1)
+      })
+
+      return text
+    },
+    href () {
+      return this.item.href || (!this.item.to ? '#' : undefined)
+    }
+  }
+}
+</script>
diff --git a/web-app/src/admin/components/base/ItemGroup.vue b/web-app/src/admin/components/base/ItemGroup.vue
new file mode 100644
index 00000000..10183154
--- /dev/null
+++ b/web-app/src/admin/components/base/ItemGroup.vue
@@ -0,0 +1,134 @@
+<template>
+  <v-list-group
+    :group="group"
+    :sub-group="subGroup"
+    :color="barColor !== 'rgba(255, 255, 255, 1), rgba(255, 255, 255, 0.7)' ? 'white' : 'grey darken-1'"
+    disabled
+    :value="true">
+    <template v-slot:activator>
+      <v-list-item-icon
+        v-if="text"
+        class="v-list-item__icon--text"
+        v-text="computedText"
+        :class="`${color}--text`"
+      />
+      <v-list-item-icon v-else-if="item.icon">
+      <v-icon
+        :class="`${color}--text`"
+        v-text="item.icon"
+      />
+    </v-list-item-icon>
+      <v-list-item-avatar
+        v-else-if="item.avatar"
+        class="align-self-center"
+        color="white"
+        :class="`${color}--text`"
+        contain
+      >
+        <v-img src="https://demos.creative-tim.com/vuetify-material-dashboard/favicon.ico" />
+      </v-list-item-avatar>
+
+      <v-list-item-content>
+        <v-list-item-title v-text="item.title" :class="`${color}--text`"/>
+      </v-list-item-content>
+    </template>
+
+    <template v-for="(child, i) in children">
+      <base-item-sub-group
+        v-if="child.children"
+        :key="`sub-group-${i}`"
+        :item="child"
+      />
+
+      <base-item
+        v-else
+        :key="`item-${i}`"
+        :item="child"
+        :color="color"
+      />
+    </template>
+  </v-list-group>
+</template>
+
+<script>
+// Utilities
+import kebabCase from 'lodash/kebabCase'
+import { mapState } from 'vuex'
+
+export default {
+  name: 'ItemGroup',
+
+  inheritAttrs: false,
+
+  props: {
+    item: {
+      type: Object,
+      default: () => ({
+        avatar: undefined,
+        group: undefined,
+        title: undefined,
+        children: []
+      })
+    },
+    subGroup: {
+      type: Boolean,
+      default: false
+    },
+    text: {
+      type: Boolean,
+      default: false
+    },
+    color: {
+      type: String,
+      default: 'white'
+    }
+  },
+
+  computed: {
+    ...mapState(['barColor']),
+    children () {
+      return this.item.children.map(item => ({
+        ...item,
+        to: !item.to ? undefined : `${this.item.group}/${item.to}`
+      }))
+    },
+    computedText () {
+      if (!this.item || !this.item.title) return ''
+
+      let text = ''
+
+      this.item.title.split(' ').forEach(val => {
+        text += val.substring(0, 1)
+      })
+
+      return text
+    },
+    group () {
+      return this.genGroup(this.item.children)
+    }
+  },
+
+  methods: {
+    genGroup (children) {
+      return children
+        .filter(item => item.to)
+        .map(item => {
+          const parent = item.group || this.item.group
+          let group = `${parent}/${kebabCase(item.to)}`
+
+          if (item.children) {
+            group = `${group}|${this.genGroup(item.children)}`
+          }
+
+          return group
+        }).join('|')
+    }
+  }
+}
+</script>
+
+<style>
+.v-list-group__activator p {
+  margin-bottom: 0;
+}
+</style>
diff --git a/web-app/src/admin/components/base/ItemSubGroup.vue b/web-app/src/admin/components/base/ItemSubGroup.vue
new file mode 100644
index 00000000..6feadc39
--- /dev/null
+++ b/web-app/src/admin/components/base/ItemSubGroup.vue
@@ -0,0 +1,25 @@
+<template>
+  <base-item-group
+    :item="item"
+    text
+    sub-group
+  />
+</template>
+
+<script>
+export default {
+  name: 'ItemSubGroup',
+
+  props: {
+    item: {
+      type: Object,
+      default: () => ({
+        avatar: undefined,
+        group: undefined,
+        title: undefined,
+        children: []
+      })
+    }
+  }
+}
+</script>
diff --git a/web-app/src/admin/components/base/MaterialAlert.vue b/web-app/src/admin/components/base/MaterialAlert.vue
new file mode 100644
index 00000000..694c372e
--- /dev/null
+++ b/web-app/src/admin/components/base/MaterialAlert.vue
@@ -0,0 +1,60 @@
+<template>
+  <v-alert
+    v-bind="$attrs"
+    class="v-alert--material"
+    dark
+    v-on="$listeners"
+  >
+    <template
+      v-if="$attrs.icon"
+      v-slot:prepend
+    >
+      <v-icon
+        class="v-alert__icon elevation-6 white"
+        light
+        :color="$attrs.color"
+      >
+        {{ $attrs.icon }}
+      </v-icon>
+    </template>
+
+    <slot />
+
+    <template
+      v-if="$attrs.dismissible"
+      v-slot:close="{ toggle }"
+    >
+      <v-btn
+        :aria-label="$vuetify.lang.t('$vuetify.close')"
+        color
+        icon
+        small
+        @click="toggle"
+      >
+        <v-icon>
+          $vuetify.icons.cancel
+        </v-icon>
+      </v-btn>
+    </template>
+  </v-alert>
+</template>
+
+<script>
+export default {
+  name: 'MaterialAlert'
+}
+</script>
+
+<style lang="sass">
+
+  .v-alert--material
+    margin-top: 32px
+
+    .v-alert__icon
+      top: -36px
+
+    .v-alert__dismissible
+      align-self: flex-start
+      margin: 0 !important
+      padding: 0 !important
+</style>
diff --git a/web-app/src/admin/components/base/MaterialCard.vue b/web-app/src/admin/components/base/MaterialCard.vue
new file mode 100644
index 00000000..8e7f8f6d
--- /dev/null
+++ b/web-app/src/admin/components/base/MaterialCard.vue
@@ -0,0 +1,148 @@
+<template>
+  <v-card
+    v-bind="$attrs"
+    :class="classes"
+    class="v-card--material pa-3"
+  >
+    <div class="d-flex grow flex-wrap">
+      <v-avatar
+        v-if="avatar"
+        size="128"
+        class="mx-auto v-card--material__avatar elevation-6"
+        color="grey"
+      >
+        <v-img :src="avatar" />
+      </v-avatar>
+
+      <v-sheet
+        v-else
+        :class="{
+          'pa-7': !$slots.image
+        }"
+        :color="color"
+        :max-height="icon ? 90 : undefined"
+        :width="icon ? 'auto' : '100%'"
+        elevation="6"
+        class="text-start v-card--material__heading mb-n6"
+        dark
+      >
+        <slot
+          v-if="$slots.heading"
+          name="heading"
+        />
+
+        <slot
+          v-else-if="$slots.image"
+          name="image"
+        />
+
+        <div
+          v-else-if="title && !icon"
+          class="display-1 font-weight-light"
+          v-text="title"
+        />
+
+        <v-icon
+          v-else-if="icon"
+          size="32"
+          v-text="icon"
+        />
+
+        <div
+          v-if="text"
+          class="headline font-weight-thin"
+          v-text="text"
+        />
+      </v-sheet>
+
+      <div
+        v-if="$slots['after-heading']"
+        class="ml-6"
+      >
+        <slot name="after-heading" />
+      </div>
+
+      <div
+        v-else-if="icon && title"
+        class="ml-4"
+      >
+        <div
+
+          class="card-title font-weight-light"
+          v-text="title"
+        />
+      </div>
+    </div>
+
+    <slot />
+
+    <template v-if="$slots.actions">
+      <v-divider class="mt-2" />
+
+      <v-card-actions class="pb-0">
+        <slot name="actions" />
+      </v-card-actions>
+    </template>
+  </v-card>
+</template>
+
+<script>
+export default {
+  name: 'MaterialCard',
+
+  props: {
+    avatar: {
+      type: String,
+      default: ''
+    },
+    color: {
+      type: String,
+      default: 'success'
+    },
+    icon: {
+      type: String,
+      default: undefined
+    },
+    image: {
+      type: Boolean,
+      default: false
+    },
+    text: {
+      type: String,
+      default: ''
+    },
+    title: {
+      type: String,
+      default: ''
+    }
+  },
+
+  computed: {
+    classes () {
+      return {
+        'v-card--material--has-heading': this.hasHeading
+      }
+    },
+    hasHeading () {
+      return Boolean(this.$slots.heading || this.title || this.icon)
+    },
+    hasAltHeading () {
+      return Boolean(this.$slots.heading || (this.title && this.icon))
+    }
+  }
+}
+</script>
+
+<style lang="sass">
+  .v-card--material
+    &__avatar
+      position: relative
+      top: -64px
+      margin-bottom: -32px
+
+    &__heading
+      position: relative
+      top: -40px
+      transition: .3s ease
+      z-index: 1
+</style>
diff --git a/web-app/src/admin/components/base/MaterialChartCard.vue b/web-app/src/admin/components/base/MaterialChartCard.vue
new file mode 100644
index 00000000..56344d25
--- /dev/null
+++ b/web-app/src/admin/components/base/MaterialChartCard.vue
@@ -0,0 +1,95 @@
+<template>
+  <base-material-card
+    class="v-card--material-chart"
+    v-bind="$attrs"
+    v-on="$listeners"
+  >
+    <template v-slot:heading>
+      <chartist
+        :data="data"
+        :event-handlers="eventHandlers"
+        :options="options"
+        :ratio="ratio"
+        :responsive-options="responsiveOptions"
+        :type="type"
+        style="max-height: 150px;"
+      />
+    </template>
+
+    <slot
+      slot="reveal-actions"
+      name="reveal-actions"
+    />
+
+    <slot />
+
+    <slot
+      slot="actions"
+      name="actions"
+    />
+  </base-material-card>
+</template>
+
+<script>
+export default {
+  name: 'MaterialChartCard',
+
+  inheritAttrs: false,
+
+  props: {
+    data: {
+      type: Object,
+      default: () => ({})
+    },
+    eventHandlers: {
+      type: Array,
+      default: () => ([])
+    },
+    options: {
+      type: Object,
+      default: () => ({})
+    },
+    ratio: {
+      type: String,
+      default: undefined
+    },
+    responsiveOptions: {
+      type: Array,
+      default: () => ([])
+    },
+    type: {
+      type: String,
+      required: true,
+      validator: v => ['Bar', 'Line', 'Pie'].includes(v)
+    }
+  }
+}
+</script>
+
+<style lang="sass">
+  .v-card--material-chart
+    p
+      color: #999
+
+    .v-card--material__heading
+      max-height: 185px
+
+      .ct-label
+        color: inherit
+        opacity: .7
+        font-size: 0.975rem
+        font-weight: 100
+
+      .ct-grid
+        stroke: rgba(255, 255, 255, 0.2)
+
+      .ct-series-a .ct-point,
+      .ct-series-a .ct-line,
+      .ct-series-a .ct-bar,
+      .ct-series-a .ct-slice-donut
+          stroke: rgba(255,255,255,.8)
+
+      .ct-series-a .ct-slice-pie,
+      .ct-series-a .ct-area
+          fill: rgba(255,255,255,.4)
+</style>
diff --git a/web-app/src/admin/components/base/MaterialSnackbar.vue b/web-app/src/admin/components/base/MaterialSnackbar.vue
new file mode 100644
index 00000000..b5712ab9
--- /dev/null
+++ b/web-app/src/admin/components/base/MaterialSnackbar.vue
@@ -0,0 +1,71 @@
+<template>
+  <v-snackbar
+    v-model="internalValue"
+    class="v-snackbar--material"
+    v-bind="{
+      ...$attrs,
+      'color': 'transparent'
+    }"
+  >
+    <base-material-alert
+      v-model="internalValue"
+      :color="$attrs.color"
+      :dismissible="dismissible"
+      :type="type"
+      class="ma-0"
+      dark
+    >
+      <slot />
+    </base-material-alert>
+  </v-snackbar>
+</template>
+<script>
+export default {
+  name: 'BaseMaterialSnackbar',
+
+  props: {
+    dismissible: {
+      type: Boolean,
+      default: true
+    },
+    type: {
+      type: String,
+      default: ''
+    },
+    value: Boolean
+  },
+
+  data () {
+    return {
+      internalValue: this.value
+    }
+  },
+
+  watch: {
+    internalValue (val, oldVal) {
+      if (val === oldVal) return
+
+      this.$emit('input', val)
+    },
+    value (val, oldVal) {
+      if (val === oldVal) return
+
+      this.internalValue = val
+    }
+  }
+}
+</script>
+
+<style lang="sass">
+  .v-snackbar--material
+    margin-top: 32px
+    margin-bottom: 32px
+
+    .v-alert--material,
+    .v-snack__wrapper
+      border-radius: 4px
+
+    .v-snack__content
+      overflow: visible
+      padding: 0
+</style>
diff --git a/web-app/src/admin/components/base/MaterialStatsCard.vue b/web-app/src/admin/components/base/MaterialStatsCard.vue
new file mode 100644
index 00000000..85c3f319
--- /dev/null
+++ b/web-app/src/admin/components/base/MaterialStatsCard.vue
@@ -0,0 +1,113 @@
+<template>
+  <base-material-card
+    :icon="icon"
+    class="v-card--material-stats"
+    v-bind="$attrs"
+    v-on="$listeners"
+  >
+    <template v-slot:after-heading>
+      <div class="ml-auto text-right">
+        <div
+          class="body-3 grey--text font-weight-light"
+          v-text="title"
+        />
+
+        <h3 class="display-2 font-weight-light text--primary">
+          {{ value }} <small>{{ smallValue }}</small>
+        </h3>
+      </div>
+    </template>
+
+    <v-col
+      cols="12"
+      class="px-0"
+    >
+      <v-divider />
+    </v-col>
+
+    <v-icon
+      :color="subIconColor"
+      size="16"
+      class="ml-2 mr-1"
+    >
+      {{ subIcon }}
+    </v-icon>
+
+    <span
+      :class="subTextColor"
+      class="caption grey--text font-weight-light"
+      v-text="subText"
+    />
+  </base-material-card>
+</template>
+
+<script>
+import Card from './Card'
+
+export default {
+  name: 'MaterialStatsCard',
+
+  inheritAttrs: false,
+
+  props: {
+    ...Card.props,
+    icon: {
+      type: String,
+      required: true
+    },
+    subIcon: {
+      type: String,
+      default: undefined
+    },
+    subIconColor: {
+      type: String,
+      default: undefined
+    },
+    subTextColor: {
+      type: String,
+      default: undefined
+    },
+    subText: {
+      type: String,
+      default: undefined
+    },
+    title: {
+      type: String,
+      default: undefined
+    },
+    value: {
+      type: String,
+      default: undefined
+    },
+    smallValue: {
+      type: String,
+      default: undefined
+    }
+  }
+}
+</script>
+
+<style lang="sass">
+.v-card--material-stats
+  display: flex
+  flex-wrap: wrap
+  position: relative
+
+  > div:first-child
+    justify-content: space-between
+
+  .v-card
+    border-radius: 4px
+    flex: 0 1 auto
+
+  .v-card__text
+    display: inline-block
+    flex: 1 0 calc(100% - 120px)
+    position: absolute
+    top: 0
+    right: 0
+    width: 100%
+
+  .v-card__actions
+    flex: 1 0 100%
+</style>
diff --git a/web-app/src/admin/components/base/MaterialTabs.vue b/web-app/src/admin/components/base/MaterialTabs.vue
new file mode 100644
index 00000000..de7d7d93
--- /dev/null
+++ b/web-app/src/admin/components/base/MaterialTabs.vue
@@ -0,0 +1,43 @@
+<template>
+  <v-tabs
+    v-model="internalValue"
+    :active-class="`${color} ${$vuetify.theme.dark ? 'black' : 'white'}--text`"
+    class="v-tabs--pill"
+    hide-slider
+    v-bind="$attrs"
+  >
+    <slot />
+
+    <slot name="items" />
+  </v-tabs>
+</template>
+
+<script>
+// Mixins
+import Proxyable from 'vuetify/lib/mixins/proxyable'
+
+export default {
+  name: 'MaterialTabs',
+
+  mixins: [Proxyable],
+
+  props: {
+    color: {
+      type: String,
+      default: 'primary'
+    }
+  }
+}
+</script>
+
+<style lang="sass">
+  .v-tabs--pill
+    .v-tab,
+    .v-tab:before
+      border-radius: 24px
+
+    &.v-tabs--icons-and-text
+      .v-tab,
+      .v-tab:before
+        border-radius: 4px
+</style>
diff --git a/web-app/src/admin/components/base/MaterialTestimony.vue b/web-app/src/admin/components/base/MaterialTestimony.vue
new file mode 100644
index 00000000..6c0cc410
--- /dev/null
+++ b/web-app/src/admin/components/base/MaterialTestimony.vue
@@ -0,0 +1,76 @@
+<template>
+  <v-card class="text-center v-card--testimony">
+    <div class="pt-6">
+      <v-icon
+        color="black"
+        x-large
+      >
+        mdi-format-quote-close
+      </v-icon>
+    </div>
+
+    <v-card-text
+      class="display-1 font-weight-light font-italic mb-3"
+      v-text="blurb"
+    />
+
+    <div
+      class="display-2 font-weight-light mb-2"
+      v-text="author"
+    />
+
+    <div
+      class="body-2 text-uppercase grey--text"
+      v-text="handle"
+    />
+
+    <v-avatar
+      class="elevation-12"
+      color="grey"
+      size="100"
+    >
+      <v-img
+        :alt="`${author} Testimonial`"
+        :src="avatar"
+      />
+    </v-avatar>
+
+    <div />
+  </v-card>
+</template>
+
+<script>
+export default {
+  name: 'BaseMaterialTestimony',
+
+  props: {
+    author: {
+      type: String,
+      default: ''
+    },
+    avatar: {
+      type: String,
+      default: 'https://demos.creative-tim.com/material-dashboard/assets/img/faces/card-profile1-square.jpg'
+    },
+    blurb: {
+      type: String,
+      default: ''
+    },
+    handle: {
+      type: String,
+      default: ''
+    }
+  }
+}
+</script>
+
+<style lang="sass">
+  .v-card--testimony
+    padding-bottom: 72px
+    margin-bottom: 64px
+
+    .v-avatar
+      position: absolute
+      left: calc(50% - 64px)
+      top: calc(100% - 64px)
+</style>
diff --git a/web-app/src/admin/components/base/Subheading.vue b/web-app/src/admin/components/base/Subheading.vue
new file mode 100644
index 00000000..34fcba8d
--- /dev/null
+++ b/web-app/src/admin/components/base/Subheading.vue
@@ -0,0 +1,34 @@
+<template>
+  <div class="display-2 font-weight-light col col-12 text-left text--primary pa-0 mb-8">
+    <h5 class="font-weight-light">
+      {{ subheading }}
+      <template v-if="text">
+        <span
+          class="subtitle-1"
+          v-text="text"
+        />
+      </template>
+    </h5>
+
+    <div class="pt-2">
+      <slot />
+    </div>
+  </div>
+</template>
+
+<script>
+export default {
+  name: 'Subheading',
+
+  props: {
+    subheading: {
+      type: String,
+      default: ''
+    },
+    text: {
+      type: String,
+      default: ''
+    }
+  }
+}
+</script>
diff --git a/web-app/src/admin/components/base/VComponent.vue b/web-app/src/admin/components/base/VComponent.vue
new file mode 100644
index 00000000..d3eafc56
--- /dev/null
+++ b/web-app/src/admin/components/base/VComponent.vue
@@ -0,0 +1,40 @@
+<template>
+  <section class="mb-12 text-center">
+    <h1
+      class="font-weight-light mb-2 headline"
+      v-text="`Vuetify ${heading}`"
+    />
+
+    <span
+      class="font-weight-light subtitle-1"
+    >
+      Please checkout the
+      <a
+        :href="`https://vuetifyjs.com/${link}`"
+        rel="noopener"
+        target="_blank"
+        class="secondary--text"
+        style="text-decoration:none;"
+      >
+        full documentation
+      </a>
+    </span>
+  </section>
+</template>
+
+<script>
+export default {
+  name: 'VComponent',
+
+  props: {
+    heading: {
+      type: String,
+      default: ''
+    },
+    link: {
+      type: String,
+      default: ''
+    }
+  }
+}
+</script>
diff --git a/web-app/src/admin/i18n.js b/web-app/src/admin/i18n.js
new file mode 100644
index 00000000..0abbb339
--- /dev/null
+++ b/web-app/src/admin/i18n.js
@@ -0,0 +1,19 @@
+import Vue from 'vue'
+import VueI18n from 'vue-i18n'
+
+import en from 'vuetify/lib/locale/en'
+
+Vue.use(VueI18n)
+
+const messages = {
+  en: {
+    ...require('./locales/en.json'),
+    $vuetify: en
+  }
+}
+
+export default new VueI18n({
+  locale: process.env.VUE_APP_I18N_LOCALE || 'en',
+  fallbackLocale: process.env.VUE_APP_I18N_FALLBACK_LOCALE || 'en',
+  messages
+})
diff --git a/web-app/src/admin/locales/en.json b/web-app/src/admin/locales/en.json
new file mode 100644
index 00000000..2a8e7309
--- /dev/null
+++ b/web-app/src/admin/locales/en.json
@@ -0,0 +1,45 @@
+{
+  "avatar": "Vuetify MD",
+  "buttons": "Buttons",
+  "calendar": "Calendar",
+  "charts": "Charts",
+  "components": "Components",
+  "ct": "CT",
+  "dashboard": "Dashboard",
+  "dtables": "Data Tables",
+  "eforms": "Extended Forms",
+  "error": "Error Page",
+  "etables": "Extended Tables",
+  "example": "Example",
+  "forms": "Forms",
+  "fullscreen": "Full Screen Map",
+  "google": "Google Maps",
+  "grid": "Grid System",
+  "icons": "Icons",
+  "lock": "Lock Screen Page",
+  "login": "Login Page",
+  "maps": "Maps",
+  "multi": "Multi Level Collapse",
+  "notifications": "Notifications",
+  "pages": "Pages",
+  "plan": "Choose Plan",
+  "pricing": "Pricing",
+  "my-profile": "My Profile",
+  "edit-profile": "Edit Profile",
+  "register": "Register Page",
+  "rforms": "Regular Forms",
+  "rtables": "Regular Tables",
+  "rtl": "RTL Support",
+  "search": "Search",
+  "settings": "Settings",
+  "tables": "Tables",
+  "tabs": "Tabs",
+  "tim": "Creative Tim",
+  "timeline": "Timeline",
+  "typography": "Typography",
+  "upgrade": "Upgrade To PRO",
+  "user": "User Profile",
+  "vforms": "Validation Forms",
+  "widgets": "Widgets",
+  "wizard": "Wizard"
+}
diff --git a/web-app/src/admin/mixins/CommonAPI.js b/web-app/src/admin/mixins/CommonAPI.js
new file mode 100644
index 00000000..3a9e041d
--- /dev/null
+++ b/web-app/src/admin/mixins/CommonAPI.js
@@ -0,0 +1,97 @@
+// Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+// Do not distribute without the express permission of the author.
+
+import { waitCursor } from '../../util'
+import http from '@/http'
+
+export default {
+  methods: {
+    fetchUserProfileByName (username) {
+      waitCursor(true)
+      this.$http.get(`/auth/user_profile_by_name/${username}?random=${Math.random()}`)
+        .then(resp => {
+          this.$store.commit('admin/userAdminProfile', resp.data)
+        })
+        .catch(() => this.$notification.error('Failed to fetch user profile'))
+        .finally(() => {
+          waitCursor(false)
+        })
+    },
+    closeAccount (accountId) {
+      waitCursor(true)
+      const promise = this.$http.delete(`/app/account/${accountId}`, { 'axios-retry': { retries: 5 } })
+      Promise.resolve(promise).then(() => {
+        location.href = '/admin/accounts'
+        this.$router.push({ name: 'Accounts' })
+      }).catch(err => {
+        const msg = (err.response && err.response.data.detail) ? err.response.data.detail : 'Unable to close account'
+        this.$notification.error(msg)
+      }).finally(() => { waitCursor(false) })
+    },
+    /**
+     * Fetch a list of removed projects based on pagination params
+     * @param params (Object) pagination parameters
+     * @return Result promise with either data or error
+     */
+    async fetchRemovedProjects (params) {
+      let result = {}
+      try {
+        const resp = await http.get('/app/removed-project', { params })
+        result = { ...resp.data, success: true }
+      } catch (e) {
+        result.success = false
+        result.message = e.response.data.detail || 'Failed to fetch list of removed projects'
+      }
+      return new Promise((resolve) => { resolve(result) })
+    },
+    /**
+    * Permanently remove project
+    * @param id (Int) removed project id
+    * @return Result promise
+    */
+    async removeProject (id) {
+      const result = {}
+      try {
+        await this.$http.delete(`/app/removed-project/${id}`, { 'axios-retry': { retries: 5 } })
+        result.success = true
+      } catch (e) {
+        result.success = false
+        result.message = e.response.data.detail || 'Unable to remove project'
+      }
+      return new Promise((resolve) => { resolve(result) })
+    },
+    /**
+    * Restore removed project
+    * @param id (Int) removed project id
+    * @return Result promise
+    */
+    async restoreProject (id) {
+      const result = {}
+      try {
+        await this.$http.post(`/app/removed-project/restore/${id}`, null, { 'axios-retry': { retries: 5 } })
+        result.success = true
+      } catch (e) {
+        result.success = false
+        result.message = e.response.data.detail || 'Unable to restore project'
+      }
+      return new Promise((resolve) => { resolve(result) })
+    },
+    /**
+    * Update account storage
+    * @param accountId (Int) edited account
+    * @param storage (Int) new storage
+    * @return Result promise
+    */
+    async updateAccountStorage (accountId, storage) {
+      const result = {}
+      try {
+        await this.$http.post(`/app/account/change_storage/${accountId}`, { storage: storage }, { 'axios-retry': { retries: 5 } })
+        result.success = true
+      } catch (e) {
+        result.success = false
+        result.message = e.response.data.detail || 'Unable to update storage'
+      }
+      return new Promise((resolve) => { resolve(result) })
+    }
+  }
+}
diff --git a/web-app/src/admin/module.js b/web-app/src/admin/module.js
new file mode 100644
index 00000000..4ba1a91f
--- /dev/null
+++ b/web-app/src/admin/module.js
@@ -0,0 +1,16 @@
+// Copyright (C) 2021 Lutra Consulting Limited. All rights reserved.
+import routes from './module/routes'
+import store from './module/store'
+import router from '@/router'
+export default {
+  name: 'admin',
+  routes: routes,
+  store: store,
+  addRoutes: () => {
+    // add routes to router
+    routes.forEach(route => {
+      router.addRoute(route)
+    })
+  }
+
+}
diff --git a/web-app/src/admin/module/routes.js b/web-app/src/admin/module/routes.js
new file mode 100644
index 00000000..3905e873
--- /dev/null
+++ b/web-app/src/admin/module/routes.js
@@ -0,0 +1,195 @@
+// Copyright (C) 2021 Lutra Consulting Limited. All rights reserved.
+import store from '../../store'
+import Index from '../views/dashboard/Index'
+import Account from '../views/dashboard/pages/Account'
+import AdminProfile from '../views/dashboard/pages/Profile'
+import AdminOrganisationProfile from '../views/dashboard/pages/OrganisationProfile'
+import Projects from '../views/dashboard/pages/Projects'
+import Project from '@/views/Project'
+import AppHeader from '@/components/AppHeader'
+import FileBrowser from '@/views/FileBrowser'
+import FileDetail from '@/views/FileDetail'
+import ProjectSettings from '@/views/ProjectSettings'
+import FileVersionDetail from '@/views/FileVersionDetail'
+import VersionDetail from '@/views/VersionDetail'
+import ProjectVersions from '@/views/ProjectVersions'
+import { parseError } from '@/mergin'
+
+
+import HTTP from '@/http'
+
+
+export default [
+  {
+    path: '/admin',
+    name: 'admin',
+    components: {
+      default: Index
+    },
+    beforeEnter: (to, from, next) => {
+      if (store.state.app.user && store.state.app.user.is_admin) next()
+      else next('/')
+    },
+    props: {
+      default: true
+    },
+    children: [
+      {
+        path: 'accounts',
+        name: 'accounts',
+        component: Account,
+        props: true
+      },
+      {
+        path: 'accounts/:account_id',
+        name: 'account',
+        component: Account,
+        props: true,
+        beforeEnter: (to, from, next) => {
+          HTTP.get(`/app/accounts/${to.params.account_id}`)
+            .then(resp => {
+              if (resp.data.type === 'user') {
+                next({ name: 'admin-profile', params: { username: resp.data.name } })
+              } else {
+                next({ name: 'admin-organisation', params: { username: resp.data.name } })
+              }
+            })
+            .catch(() => next(from))
+        }
+      },
+      {
+        path: 'user/:username',
+        name: 'admin-profile',
+        component: AdminProfile,
+        props: true,
+        beforeEnter: (to, from, next) => {
+          store.commit('admin/userAdminProfile', null)
+          store.dispatch('admin/fetchUserAdminProfile', to.params.username)
+            .then(next())
+            .catch((e) => { next(Error(parseError(e, 'Failed to fetch user profile'))) })
+        }
+      },
+      {
+        path: 'organisation/:name',
+        name: 'admin-organisation',
+        component: AdminOrganisationProfile,
+        props: true,
+        beforeEnter: (to, from, next) => {
+          store.commit('organisation', null)
+          store.dispatch('setOrganisation', to.params.name)
+            .then(next())
+            .catch((e) => { next(Error(parseError(e, 'Failed to get organisation'))) })
+        }
+      },
+      {
+        path: 'projects',
+        name: 'admin-projects',
+        component: Projects,
+        props: true,
+        children: [
+          {
+            path: ':namespace',
+            name: 'admin-namespace-projects',
+            component: Projects,
+            props: true
+          }
+        ]
+      },
+      {
+        path: 'projects/:namespace/:projectName',
+        name: 'admin-project',
+        components: {
+          default: Project,
+          header: AppHeader
+        },
+        props: {
+          default: route => ({
+            namespace: route.params.namespace,
+            projectName: route.params.projectName,
+            asAdmin: true
+          })
+        },
+        redirect: { name: 'admin-project-tree' },
+        children: [
+          {
+            path: 'blob/:location*',
+            name: 'admin-blob',
+            component: FileDetail,
+            props (route) {
+              return {
+                asAdmin: true,
+                namespace: route.params.namespace,
+                projectName: route.params.projectName,
+                location: route.params.location
+              }
+            }
+          },
+          {
+            path: 'tree/:location*',
+            name: 'admin-project-tree',
+            component: FileBrowser,
+            props (route) {
+              return {
+                asAdmin: true,
+                namespace: route.params.namespace,
+                projectName: route.params.projectName,
+                location: route.params.location
+              }
+            }
+          },
+          {
+            path: 'settings',
+            name: 'admin-project-settings',
+            component: ProjectSettings,
+            props (route) {
+              return {
+                asAdmin: true,
+                namespace: route.params.namespace,
+                projectName: route.params.projectName
+              }
+            }
+          },
+          {
+            path: 'history',
+            name: 'admin-project-versions',
+            component: ProjectVersions,
+            props (route) {
+              return {
+                asAdmin: true,
+                namespace: route.params.namespace,
+                projectName: route.params.projectName
+              }
+            }
+          },
+          {
+            path: 'history/:version_id',
+            name: 'admin-project-versions-detail',
+            component: VersionDetail,
+            props (route) {
+              return {
+                asAdmin: true,
+                namespace: route.params.namespace,
+                projectName: route.params.projectName,
+                version_id: route.params.version_id
+              }
+            }
+          },
+          {
+            path: 'history/:version_id/:path',
+            name: 'admin-file-version-detail',
+            component: FileVersionDetail,
+            props (route) {
+              return {
+                asAdmin: true,
+                namespace: route.params.namespace,
+                projectName: route.params.projectName,
+                version_id: route.params.version_id,
+                path: route.params.path
+              }
+            }
+          }
+        ]
+      }
+    ]
+  }
+]
diff --git a/web-app/src/admin/module/store.js b/web-app/src/admin/module/store.js
new file mode 100644
index 00000000..ce7819e5
--- /dev/null
+++ b/web-app/src/admin/module/store.js
@@ -0,0 +1,48 @@
+// Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+import http from '@/http'
+
+export default {
+  namespaced: true,
+  state: {
+    loading: false,
+    error: '',
+    accounts: {
+      items: [],
+      count: 0
+    },
+    userAdminProfile: null
+  },
+  mutations: {
+    loading (state, value) {
+      state.loading = value
+    },
+    error (state, message) {
+      state.error = message
+    },
+    accounts (state, data) {
+      state.accounts.count = data.total
+      state.accounts.items = data.accounts
+    },
+    userAdminProfile (state, userAdminProfile) {
+      state.userAdminProfile = userAdminProfile
+    }
+  },
+  actions: {
+    fetchAccounts ({ commit }, { type, params }) {
+      commit('loading', true)
+      http.get(`/app/accounts/${type}`, { params })
+        .then(resp => {
+          commit('accounts', resp.data)
+          commit('error', '')
+        })
+        .catch((e) => {
+          commit('error', e.response.data.detail || e.message)
+        })
+        .finally(() => commit('loading', false))
+    },
+    async fetchUserAdminProfile ({ commit }, username) {
+      const resp = await http.get(`/auth/user_profile_by_name/${username}?random=${Math.random()}`)
+      commit('userAdminProfile', resp.data)
+    }
+  }
+}
diff --git a/web-app/src/admin/plugins/base.js b/web-app/src/admin/plugins/base.js
new file mode 100644
index 00000000..72aea18d
--- /dev/null
+++ b/web-app/src/admin/plugins/base.js
@@ -0,0 +1,17 @@
+import Vue from 'vue'
+import upperFirst from 'lodash/upperFirst'
+import camelCase from 'lodash/camelCase'
+
+const requireComponent = require.context(
+  '@/admin/components/base', true, /\.vue$/
+)
+
+requireComponent.keys().forEach(fileName => {
+  const componentConfig = requireComponent(fileName)
+
+  const componentName = upperFirst(
+    camelCase(fileName.replace(/^\.\//, '').replace(/\.\w+$/, ''))
+  )
+
+  Vue.component(`Base${componentName}`, componentConfig.default || componentConfig)
+})
diff --git a/web-app/src/admin/plugins/chartist.js b/web-app/src/admin/plugins/chartist.js
new file mode 100644
index 00000000..2c8bb2d9
--- /dev/null
+++ b/web-app/src/admin/plugins/chartist.js
@@ -0,0 +1,4 @@
+import Vue from 'vue'
+import 'chartist/dist/chartist.min.css'
+
+Vue.use(require('vue-chartist'))
diff --git a/web-app/src/admin/plugins/vee-validate.js b/web-app/src/admin/plugins/vee-validate.js
new file mode 100644
index 00000000..555a404e
--- /dev/null
+++ b/web-app/src/admin/plugins/vee-validate.js
@@ -0,0 +1,22 @@
+import Vue from 'vue'
+import {
+  extend,
+  ValidationObserver,
+  ValidationProvider
+} from 'vee-validate'
+import {
+  email,
+  max,
+  min,
+  numeric,
+  required
+} from 'vee-validate/dist/rules'
+
+extend('email', email)
+extend('max', max)
+extend('min', min)
+extend('numeric', numeric)
+extend('required', required)
+
+Vue.component('validation-provider', ValidationProvider)
+Vue.component('validation-observer', ValidationObserver)
diff --git a/web-app/src/admin/plugins/vuetify.js b/web-app/src/admin/plugins/vuetify.js
new file mode 100644
index 00000000..10f60cbf
--- /dev/null
+++ b/web-app/src/admin/plugins/vuetify.js
@@ -0,0 +1,26 @@
+import Vue from 'vue'
+import Vuetify from 'vuetify/lib'
+import i18n from '../i18n'
+// import '../sass/overrides.sass'
+
+Vue.use(Vuetify)
+
+const theme = {
+  // primary: '#4CAF50',
+  primary: '#2d4470',
+  secondary: '#9C27b0',
+  accent: '#9C27b0',
+  info: '#00CAE3'
+}
+
+export default new Vuetify({
+  lang: {
+    t: (key, ...params) => i18n.t(key, params)
+  },
+  theme: {
+    themes: {
+      dark: theme,
+      light: theme
+    }
+  }
+})
diff --git a/web-app/src/admin/sass/overrides.sass b/web-app/src/admin/sass/overrides.sass
new file mode 100644
index 00000000..8df80789
--- /dev/null
+++ b/web-app/src/admin/sass/overrides.sass
@@ -0,0 +1,49 @@
+// =========================================================
+// * Vuetify Material Dashboard - v2.1.0
+// =========================================================
+//
+// * Product Page: https://www.creative-tim.com/product/vuetify-material-dashboard
+// * Copyright 2019 Creative Tim (https://www.creative-tim.com)
+//
+// * Coded by Creative Tim
+//
+// =========================================================
+//
+// * The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+// Creative Tim refine style code
+@import vuetify-material/sidebar
+@import vuetify-material/appbar
+@import vuetify-material/buttons
+@import vuetify-material/pagination
+@import vuetify-material/footer
+@import vuetify-material/view
+@import vuetify-material/settings
+@import vuetify-material/card
+@import vuetify-material/table
+@import vuetify-material/tab
+@import vuetify-material/notification
+@import vuetify-material/modal
+@import vuetify-material/map
+@import vuetify-material/chip
+@import 'variables.scss'
+
+
+//.v-btn.v-size--default,
+//.v-btn.v-size--large
+//  &:not(.v-btn--icon):not(.v-btn--fab)
+//    padding: 0 30px !important
+
+.theme--light.v-list-item .v-list-item__action-text,
+.theme--light.v-list-item .v-list-item__subtitle
+  color: #999
+
+.theme--light.v-text-field>.v-input__control>.v-input__slot:before
+  border-color: #d2d2d2
+
+.v-label.v-label,
+.v-alert.v-alert
+  font-size: $font-size-root
+
+.theme--light .v-content
+  background-color: #eee
diff --git a/web-app/src/admin/sass/variables.scss b/web-app/src/admin/sass/variables.scss
new file mode 100644
index 00000000..052be8cd
--- /dev/null
+++ b/web-app/src/admin/sass/variables.scss
@@ -0,0 +1,34 @@
+$font-size-root: 12px;
+$sheet-border-radius: 4px;
+$list-item-title-font-size: 0.929rem;
+$list-item-dense-title-font-size: 0.929rem;
+$list-item-dense-title-font-weight: initial;
+$fab-icon-sizes: ( small: 20 );
+$btn-font-sizes: ( default: 1rem, large: 1rem );
+$btn-sizes: ( default: 41, large: 54 );
+$btn-letter-spacing: 0;
+$btn-font-weight: 400;
+$card-text-font-size: 12px;
+
+$headings: (
+  //'h1': (
+  //  'size': 3.3125rem,
+  //  'line-height': 1.15em
+  //),
+  //'h2': (
+  //  'size': 2.25rem,
+  //  'line-height': 1.5em
+  //),
+  //'h3': (
+  //  'size': 1.5625rem,
+  //  'line-height': 1.4em
+  //),
+  //'h4': (
+  //  'size': 1.125rem,
+  //  'line-height': 1.4em
+  //),
+  //'h5': ( 'size': 1.0625rem ),
+  //'h6': ( 'size': .75rem ),
+  'subtitle-2': ( 'size': 1rem ),
+  'overline': ( 'letter-spacing': 0 )
+);
diff --git a/web-app/src/admin/sass/vuetify-material/_appbar.sass b/web-app/src/admin/sass/vuetify-material/_appbar.sass
new file mode 100644
index 00000000..f94ad7c8
--- /dev/null
+++ b/web-app/src/admin/sass/vuetify-material/_appbar.sass
@@ -0,0 +1,54 @@
+#app-bar
+  .v-badge__badge
+    font-size: 9px
+    padding: 5px 6px
+
+// -----------------------
+.v-toolbar__content,
+.v-toolbar__extension
+  padding: 0px 15px 0 31px
+
+.v-sheet
+  .v-toolbar__content
+    .v-btn.v-size--default:not(.v-btn--icon):not(.v-btn--fab),
+    .v-btn.v-size--large:not(.v-btn--icon):not(.v-btn--fab)
+      margin-bottom: 5px
+      padding: 10px 15px !important
+    .theme--light.v-btn:not(.v-btn--flat):not(.v-btn--text):not(.v-btn--outlined)
+      background-color: #fff
+      .v-icon
+        color: #999
+
+.theme--light.v-btn:not(.v-btn--flat):not(.v-btn--text):not(.v-btn--outlined)
+  background-color: #fff
+  margin-right: 17px
+  margin-bottom: 2px
+
+.theme--light.v-btn:not(.v-btn--flat):not(.v-btn--text):not(.v-btn--outlined):hover
+  background-color: #fff
+
+.v-toolbar__content
+  height: 75px
+
+.v-toolbar__content .v-btn--flat
+  .v-icon
+    margin-right: 3px
+
+.theme--light.v-label
+  color: rgba(0, 0, 0, 0.3)
+
+.v-menu__content .v-list--nav
+  padding: .3125rem 0
+  border-radius: 4px
+  .v-list-item
+    padding: 10px 20px
+    margin: 0 .3125rem
+    margin-bottom: 0px !important
+    min-height: 40px
+    border-radius: 2px
+    .v-list-item__title
+      font-weight: 400
+      font-size: 13px
+
+.v-navigation-drawer .v-icon.v-icon
+  font-size: 24px
diff --git a/web-app/src/admin/sass/vuetify-material/_buttons.sass b/web-app/src/admin/sass/vuetify-material/_buttons.sass
new file mode 100644
index 00000000..ce29f477
--- /dev/null
+++ b/web-app/src/admin/sass/vuetify-material/_buttons.sass
@@ -0,0 +1,65 @@
+.v-btn.v-size--default
+  font-size: .85rem
+
+.v-icon.v-icon
+  font-size: 20px
+
+.v-btn__content .v-icon--left
+  margin-right: 4px
+
+.v-sheet button.v-btn.v-size--default:not(.v-btn--icon):not(.v-btn--fab)
+  padding: 12px 30px !important
+
+.theme--light.v-btn:not(.v-btn--flat):not(.v-btn--text):not(.v-btn--outlined)
+  background-color: #999
+  &:hover
+    background-color: #999
+
+.v-btn.white
+  .v-btn__content
+    color: #999
+
+.v-sheet .v-btn.v-size--large:not(.v-btn--icon):not(.v-btn--fab)
+  padding: 18px 36px !important
+
+.v-btn--fab.v-size--small
+  height: 41px
+  width: 41px
+
+.v-btn:not(.v-btn--text):not(.v-btn--outlined):hover:before
+  opacity: 0
+
+.v-btn:not(.v-btn--text):not(.v-btn--outlined):focus:before
+    opacity: 0
+
+.v-btn.v-size--default:not(.v-btn--icon):not(.v-btn--fab),
+.v-btn.v-size--large:not(.v-btn--icon):not(.v-btn--fab)
+  padding: 10px 15px !important
+
+// Button group
+
+.v-item-group
+  .v-btn:not(.v-btn--flat):not(.v-btn--text):not(.v-btn--outlined)
+    margin-right: 0
+
+.v-btn-toggle
+  .v-btn
+    opacity: 1
+
+.v-btn-toggle > .v-btn.v-size--default
+   height: inherit
+
+.theme--light.v-btn-toggle .v-btn.v-btn
+  border-color: #999 !important
+  &.primary
+    border-color: #e91e63 !important
+  &.secondary
+    border-color: #9c27b0 !important
+  &.success
+    border-color: #4caf50 !important
+  &.warning
+    border-color: #fb8c00 !important
+  &.error
+    border-color: #ff5252 !important
+  &.info
+    border-color: #00cae3 !important
diff --git a/web-app/src/admin/sass/vuetify-material/_card.sass b/web-app/src/admin/sass/vuetify-material/_card.sass
new file mode 100644
index 00000000..b1b40671
--- /dev/null
+++ b/web-app/src/admin/sass/vuetify-material/_card.sass
@@ -0,0 +1,107 @@
+.v-card
+  border-radius: 6px
+  margin-top: 30px
+  margin-bottom: 15px
+
+  .card-title
+    font-size: 18px
+
+  .v-card--material__heading
+    top: -30px
+
+    .subtitle-1
+      color: hsla(0,0%,100%,.8)
+
+    .display-2
+      font-size: 18px !important
+
+  .caption
+    font-size: 12px !important
+    letter-spacing: 0 !important
+
+  .v-card__actions
+    padding-top: 15px
+    .display-2
+      font-size: 18px !important
+
+  .v-divider
+    border-color: #eee
+
+  .ct-label
+    font-size: 14px
+
+.v-card--material-chart .v-card--material__heading .ct-label
+  font-weight: 300
+
+
+.v-btn--icon.v-size--default .v-icon,
+.v-btn--fab.v-size--default .v-icon
+  font-size: 18px
+
+.v-card--material .v-image
+  .v-image__image
+    border-radius: 6px
+
+.v-card__title
+  font-size: 18px
+  padding-top: 7px
+  padding-bottom: 2px
+
+.theme--light
+  .v-card > .v-card__text
+    color: #333
+  .card-title
+    color: #3c4858
+
+.theme--dark
+  .card-title
+    color: #fff
+
+
+.v-timeline-item .v-card
+  margin-top: 0
+
+.v-card--wizard
+  .v-tabs-bar
+    height: 42px
+  .v-card__actions
+    .v-btn
+      margin-right: 0 !important
+  .v-tabs .v-tab--active:hover::before, .theme--light.v-tabs .v-tab--active::before
+    opacity: 0
+  .v-tabs .v-tab:hover::before
+    opacity: 0
+
+.v-card--plan
+  .body-2
+    font-weight: 500
+    letter-spacing: 0 !important
+    margin-top: 10px
+    margin-bottom: 8px
+  .display-2
+    margin-top: 30px
+
+  .v-card__text
+    color: #999
+    margin-bottom: 16px
+  .v-btn
+    margin-right: 0 !important
+  .v-avatar
+    margin-top: 10px
+
+.v-card--testimony
+  .v-card__text
+    color: #999 !important
+
+  .display-2
+    font-size: 18px !important
+
+  .body-2
+    font-weight: 500
+    font-size: 12px !important
+
+  .v-avatar
+    left: calc(50% - 50px)
+
+.ct-square:before
+  float: none
diff --git a/web-app/src/admin/sass/vuetify-material/_chip.sass b/web-app/src/admin/sass/vuetify-material/_chip.sass
new file mode 100644
index 00000000..b5926ef5
--- /dev/null
+++ b/web-app/src/admin/sass/vuetify-material/_chip.sass
@@ -0,0 +1,9 @@
+.v-chip.v-size--small
+  height: 20px
+
+.v-chip__content
+  font-size: 10px
+  font-weight: 500
+  .v-chip__close
+    font-size: 15px
+    margin-top: -1px
diff --git a/web-app/src/admin/sass/vuetify-material/_footer.sass b/web-app/src/admin/sass/vuetify-material/_footer.sass
new file mode 100644
index 00000000..9cc178a7
--- /dev/null
+++ b/web-app/src/admin/sass/vuetify-material/_footer.sass
@@ -0,0 +1,29 @@
+.v-footer
+  padding: 20px 0 20px 4px
+  border-top: 1px solid #e7e7e7 !important
+  position: relative
+  a
+    padding: 15px 18px 15px 16px
+    font-size: 12px !important
+  .body-1
+    font-size: 16px !important
+    padding-right: 18px
+    letter-spacing: 0px !important
+    a
+      color: #9c27b0 !important
+      padding: 0
+      text-transform: inherit !important
+      font-size: 16px !important
+      font-weight: 300 !important
+  .v-icon
+    margin-top: -3px
+
+  &.v-footer--absolute
+    position: absolute !important
+
+.theme--light.v-footer
+  background-color: transparent
+  .body-1
+    color: #3c4858
+  .v-icon
+    color: #3c4858
diff --git a/web-app/src/admin/sass/vuetify-material/_map.sass b/web-app/src/admin/sass/vuetify-material/_map.sass
new file mode 100644
index 00000000..a8a90f53
--- /dev/null
+++ b/web-app/src/admin/sass/vuetify-material/_map.sass
@@ -0,0 +1,3 @@
+.mapouter
+  position: relative !important
+  height: 100vh !important
diff --git a/web-app/src/admin/sass/vuetify-material/_modal.sass b/web-app/src/admin/sass/vuetify-material/_modal.sass
new file mode 100644
index 00000000..cf81cd89
--- /dev/null
+++ b/web-app/src/admin/sass/vuetify-material/_modal.sass
@@ -0,0 +1,25 @@
+.v-dialog
+  .v-card
+    margin: 0
+    .v-card__title
+      font-weight: 300
+      font-size: 18px
+      display: inline-block
+      text-align: center
+      width: 100%
+      padding: 24px 24px 0
+      .v-icon
+        position: absolute
+        top: 15px
+        right: 20px
+        color: #999
+        opacity: .5
+        font-size: 16px
+        &:hover
+          opacity: 1
+
+.v-dialog > .v-card > .v-card__text
+     padding-top: 24px
+     font-weight: 300
+     line-height: 1.75em
+     letter-spacing: 0
diff --git a/web-app/src/admin/sass/vuetify-material/_notification.sass b/web-app/src/admin/sass/vuetify-material/_notification.sass
new file mode 100644
index 00000000..f687f620
--- /dev/null
+++ b/web-app/src/admin/sass/vuetify-material/_notification.sass
@@ -0,0 +1,12 @@
+.v-alert
+  padding: 20px 15px
+
+  .v-alert__wrapper
+    .v-alert__icon
+      height: 38px
+      min-width: 38px
+    .v-alert__content
+      font-weight: 300
+      span
+        font-size: 12px
+        font-weight: 500
diff --git a/web-app/src/admin/sass/vuetify-material/_pagination.sass b/web-app/src/admin/sass/vuetify-material/_pagination.sass
new file mode 100644
index 00000000..f84bdd5c
--- /dev/null
+++ b/web-app/src/admin/sass/vuetify-material/_pagination.sass
@@ -0,0 +1,5 @@
+.v-pagination
+  .v-pagination__item,
+  .v-pagination__navigation
+    &:focus
+      outline: none
diff --git a/web-app/src/admin/sass/vuetify-material/_settings.sass b/web-app/src/admin/sass/vuetify-material/_settings.sass
new file mode 100644
index 00000000..9bb030ee
--- /dev/null
+++ b/web-app/src/admin/sass/vuetify-material/_settings.sass
@@ -0,0 +1,36 @@
+#settings
+  z-index: 200
+
+.v-settings
+  border-radius: 10px
+  .v-card
+    margin-top: 0
+  .v-card__text
+    strong
+      height: 30px
+      line-height: 25px
+      font-size: 12px
+      font-weight: 600
+      text-transform: uppercase
+      text-align: center
+  .v-avatar
+    border-color: #fff
+    border-radius: 50% !important
+    cursor: pointer
+    display: inline-block
+    height: 23px
+    margin-right: 12px
+    position: relative
+    width: 23px
+    padding: 8px
+
+  .v-settings__item
+    border-radius: 10px
+    .v-image
+      border-radius: 7px !important
+
+  .v-settings__item:not(.v-settings__item--active)
+    border-color: #fff !important
+
+  .v-divider.secondary
+    border-color: rgb(221, 221, 221) !important
diff --git a/web-app/src/admin/sass/vuetify-material/_sidebar.sass b/web-app/src/admin/sass/vuetify-material/_sidebar.sass
new file mode 100644
index 00000000..0acbd4ec
--- /dev/null
+++ b/web-app/src/admin/sass/vuetify-material/_sidebar.sass
@@ -0,0 +1,68 @@
+.v-application .v-navigation-drawer .v-navigation-drawer__content .v-list-item .v-list-item__content .v-list-item__title.display-2
+  font-size: 18px !important
+  margin-top: 12px
+  margin-bottom: 12px
+
+.v-application .v-navigation-drawer .v-navigation-drawer__content .v-list .v-list-group .v-list-group__header .v-list-item__content .v-list-item__title
+  font-size: 14px
+  font-weight: 300
+
+.v-application--is-ltr .v-list-item__avatar:first-child
+  margin-right: 11px
+
+.v-application .v-navigation-drawer .v-navigation-drawer__content .v-list-item__icon.v-list-group__header__append-icon .v-icon
+  font-size: 19px
+
+.v-application--is-ltr #core-navigation-drawer div.v-list-item__icon--text,
+.v-application--is-ltr #core-navigation-drawer div.v-list-item__icon:first-child
+  margin-left: 5px !important
+  margin-right: 18px
+  opacity: .8
+
+.v-application--is-ltr .v-list-item__action:last-of-type:not(:only-child),
+.v-application--is-ltr .v-list-item__avatar:last-of-type:not(:only-child),
+.v-application--is-ltr .v-list-item__icon:last-of-type:not(:only-child)
+  margin-right: 2px
+
+.v-list--nav.v-list--dense .v-list-item:not(:last-child):not(:only-child),
+.v-list--nav .v-list-item--dense:not(:last-child):not(:only-child),
+.v-list--rounded.v-list--dense .v-list-item:not(:last-child):not(:only-child),
+.v-list--rounded .v-list-item--dense:not(:last-child):not(:only-child)
+  margin-bottom: 3px
+
+.v-list-item .v-list-item__title, .v-list-item .v-list-item__subtitle
+    line-height: 1.2
+    font-weight: 300
+    font-size: 14px
+
+.v-list-group__items .v-list-item
+    font-size: 13px
+    margin-bottom: 5px !important
+    .v-list-item__title
+      font-size: 13px
+    .v-list-item__icon
+      margin-top: 14px
+
+.v-list-group__items .v-list-group--sub-group .v-list-group__header .v-list-item__icon--text
+    margin-top: 15px !important
+
+
+.v-list-item__icon
+  margin: 12px 0
+
+.theme--dark.v-list-item--active:hover::before, .theme--dark.v-list-item--active::before
+    opacity: 0
+
+.v-navigation-drawer
+  .v-list-item__content
+    transition: all 0.3s linear 0s
+
+.v-list--nav
+  padding-left: 15px
+  padding-right: 15px
+
+.theme--dark.v-navigation-drawer .v-divider
+  background-color: rgba(181, 181, 181, 0.2)
+  border-color: rgba(181, 181, 181, 0.1)
+  width: calc(100% - 30px)
+  margin-left: 15px
diff --git a/web-app/src/admin/sass/vuetify-material/_tab.sass b/web-app/src/admin/sass/vuetify-material/_tab.sass
new file mode 100644
index 00000000..fd08bd23
--- /dev/null
+++ b/web-app/src/admin/sass/vuetify-material/_tab.sass
@@ -0,0 +1,12 @@
+.v-card--wizard
+  .v-tabs-bar
+    .v-slide-group__wrapper
+      overflow: visible
+      display: -webkit-inline-box
+      contain: inherit
+
+      .v-slide-group__content
+        z-index: 2
+
+    .v-tab:not(:first-child)
+        margin-left: 5px
diff --git a/web-app/src/admin/sass/vuetify-material/_table.sass b/web-app/src/admin/sass/vuetify-material/_table.sass
new file mode 100644
index 00000000..31ca1624
--- /dev/null
+++ b/web-app/src/admin/sass/vuetify-material/_table.sass
@@ -0,0 +1,22 @@
+.v-data-table td
+  font-weight: 300
+  padding: 12px 8px
+
+.v-data-table table thead tr th
+  font-weight: 300
+  font-size: 17px
+  padding: 0px 8px
+
+.v-data-table table tbody tr td .v-btn
+  margin-right: 0px !important
+
+.v-data-table .v-data-table-header__sort-badge
+  font-size: 10px
+
+.v-data-table.theme--dark
+  tr th
+    color: #fff !important
+
+.theme--light
+  .v-data-table table thead tr th
+    color: #333
diff --git a/web-app/src/admin/sass/vuetify-material/_view.sass b/web-app/src/admin/sass/vuetify-material/_view.sass
new file mode 100644
index 00000000..0cf65b1d
--- /dev/null
+++ b/web-app/src/admin/sass/vuetify-material/_view.sass
@@ -0,0 +1,23 @@
+.v-content__wrap
+  .container--fluid
+    padding-left: 30px
+    padding-right: 30px
+
+.v-application .headline
+  font-size: 25px !important
+  padding-bottom: 0
+
+.v-application .black--text
+  color: #333 !important
+
+.v-application .small
+  font-weight: 300
+  line-height: 2rem
+  small
+    font-weight: 400
+
+@media(max-width: 960px)
+  .v-content__wrap
+    .container--fluid
+      padding-left: 15px
+      padding-right: 15px
diff --git a/web-app/src/admin/views/dashboard/Dashboard.vue b/web-app/src/admin/views/dashboard/Dashboard.vue
new file mode 100644
index 00000000..43cee7c1
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/Dashboard.vue
@@ -0,0 +1,601 @@
+<template>
+  <v-container
+    id="dashboard"
+    fluid
+    tag="section"
+  >
+    <v-row>
+      <v-col
+        cols="12"
+        lg="4"
+      >
+        <base-material-chart-card
+          :data="emailsSubscriptionChart.data"
+          :options="emailsSubscriptionChart.options"
+          :responsive-options="emailsSubscriptionChart.responsiveOptions"
+          color="#E91E63"
+          hover-reveal
+          type="Bar"
+        >
+          <template v-slot:reveal-actions>
+            <v-tooltip bottom>
+              <template v-slot:activator="{ attrs, on }">
+                <v-btn
+                  v-bind="attrs"
+                  color="info"
+                  icon
+                  v-on="on"
+                >
+                  <v-icon
+                    color="info"
+                  >
+                    mdi-refresh
+                  </v-icon>
+                </v-btn>
+              </template>
+
+              <span>Refresh</span>
+            </v-tooltip>
+
+            <v-tooltip bottom>
+              <template v-slot:activator="{ attrs, on }">
+                <v-btn
+                  v-bind="attrs"
+                  light
+                  icon
+                  v-on="on"
+                >
+                  <v-icon>mdi-pencil</v-icon>
+                </v-btn>
+              </template>
+
+              <span>Change Date</span>
+            </v-tooltip>
+          </template>
+
+          <h4 class="card-title font-weight-light mt-2 ml-2">
+            Website Views
+          </h4>
+
+          <p class="d-inline-flex font-weight-light ml-2 mt-1">
+            Last Campaign Performance
+          </p>
+
+          <template v-slot:actions>
+            <v-icon
+              class="mr-1"
+              small
+            >
+              mdi-clock-outline
+            </v-icon>
+            <span class="caption grey--text font-weight-light">updated 10 minutes ago</span>
+          </template>
+        </base-material-chart-card>
+      </v-col>
+
+      <v-col
+        cols="12"
+        lg="4"
+      >
+        <base-material-chart-card
+          :data="dailySalesChart.data"
+          :options="dailySalesChart.options"
+          color="success"
+          hover-reveal
+          type="Line"
+        >
+          <template v-slot:reveal-actions>
+            <v-tooltip bottom>
+              <template v-slot:activator="{ attrs, on }">
+                <v-btn
+                  v-bind="attrs"
+                  color="info"
+                  icon
+                  v-on="on"
+                >
+                  <v-icon
+                    color="info"
+                  >
+                    mdi-refresh
+                  </v-icon>
+                </v-btn>
+              </template>
+
+              <span>Refresh</span>
+            </v-tooltip>
+
+            <v-tooltip bottom>
+              <template v-slot:activator="{ attrs, on }">
+                <v-btn
+                  v-bind="attrs"
+                  light
+                  icon
+                  v-on="on"
+                >
+                  <v-icon>mdi-pencil</v-icon>
+                </v-btn>
+              </template>
+
+              <span>Change Date</span>
+            </v-tooltip>
+          </template>
+
+          <h4 class="card-title font-weight-light mt-2 ml-2">
+            Daily Sales
+          </h4>
+
+          <p class="d-inline-flex font-weight-light ml-2 mt-1">
+            <v-icon
+              color="green"
+              small
+            >
+              mdi-arrow-up
+            </v-icon>
+            <span class="green--text">55%</span>&nbsp;
+            increase in today's sales
+          </p>
+
+          <template v-slot:actions>
+            <v-icon
+              class="mr-1"
+              small
+            >
+              mdi-clock-outline
+            </v-icon>
+            <span class="caption grey--text font-weight-light">updated 4 minutes ago</span>
+          </template>
+        </base-material-chart-card>
+      </v-col>
+
+      <v-col
+        cols="12"
+        lg="4"
+      >
+        <base-material-chart-card
+          :data="dataCompletedTasksChart.data"
+          :options="dataCompletedTasksChart.options"
+          hover-reveal
+          color="info"
+          type="Line"
+        >
+          <template v-slot:reveal-actions>
+            <v-tooltip bottom>
+              <template v-slot:activator="{ attrs, on }">
+                <v-btn
+                  v-bind="attrs"
+                  color="info"
+                  icon
+                  v-on="on"
+                >
+                  <v-icon
+                    color="info"
+                  >
+                    mdi-refresh
+                  </v-icon>
+                </v-btn>
+              </template>
+
+              <span>Refresh</span>
+            </v-tooltip>
+
+            <v-tooltip bottom>
+              <template v-slot:activator="{ attrs, on }">
+                <v-btn
+                  v-bind="attrs"
+                  light
+                  icon
+                  v-on="on"
+                >
+                  <v-icon>mdi-pencil</v-icon>
+                </v-btn>
+              </template>
+
+              <span>Change Date</span>
+            </v-tooltip>
+          </template>
+
+          <h3 class="card-title font-weight-light mt-2 ml-2">
+            Completed Tasks
+          </h3>
+
+          <p class="d-inline-flex font-weight-light ml-2 mt-1">
+            Last Last Campaign Performance
+          </p>
+
+          <template v-slot:actions>
+            <v-icon
+              class="mr-1"
+              small
+            >
+              mdi-clock-outline
+            </v-icon>
+            <span class="caption grey--text font-weight-light">campaign sent 26 minutes ago</span>
+          </template>
+        </base-material-chart-card>
+      </v-col>
+
+      <v-col
+        cols="12"
+        sm="6"
+        lg="3"
+      >
+        <base-material-stats-card
+          color="info"
+          icon="mdi-twitter"
+          title="Followers"
+          value="+245"
+          sub-icon="mdi-clock"
+          sub-text="Just Updated"
+        />
+      </v-col>
+
+      <v-col
+        cols="12"
+        sm="6"
+        lg="3"
+      >
+        <base-material-stats-card
+          color="primary"
+          icon="mdi-poll"
+          title="Website Visits"
+          value="75.521"
+          sub-icon="mdi-tag"
+          sub-text="Tracked from Google Analytics"
+        />
+      </v-col>
+
+      <v-col
+        cols="12"
+        sm="6"
+        lg="3"
+      >
+        <base-material-stats-card
+          color="success"
+          icon="mdi-store"
+          title="Revenue"
+          value="$ 34,245"
+          sub-icon="mdi-calendar"
+          sub-text="Last 24 Hours"
+        />
+      </v-col>
+
+      <v-col
+        cols="12"
+        sm="6"
+        lg="3"
+      >
+        <base-material-stats-card
+          color="orange"
+          icon="mdi-sofa"
+          title="Bookings"
+          value="184"
+          sub-icon="mdi-alert"
+          sub-icon-color="red"
+          sub-text="Get More Space..."
+        />
+      </v-col>
+
+      <v-col
+        cols="12"
+        md="6"
+      >
+        <base-material-card
+          color="warning"
+          class="px-5 py-3"
+        >
+          <template v-slot:heading>
+            <div class="display-2 font-weight-light">
+              Employees Stats
+            </div>
+
+            <div class="subtitle-1 font-weight-light">
+              New employees on 15th September, 2016
+            </div>
+          </template>
+          <v-card-text>
+            <v-data-table
+              :headers="headers"
+              :items="items"
+            />
+          </v-card-text>
+        </base-material-card>
+      </v-col>
+
+      <v-col
+        cols="12"
+        md="6"
+      >
+        <base-material-card class="px-5 py-3">
+          <template v-slot:heading>
+            <v-tabs
+              v-model="tabs"
+              background-color="transparent"
+              slider-color="white"
+            >
+              <span
+                class="subheading font-weight-light mx-3"
+                style="align-self: center"
+              >Tasks:</span>
+              <v-tab class="mr-3">
+                <v-icon class="mr-2">
+                  mdi-bug
+                </v-icon>
+                Bugs
+              </v-tab>
+              <v-tab class="mr-3">
+                <v-icon class="mr-2">
+                  mdi-code-tags
+                </v-icon>
+                Website
+              </v-tab>
+              <v-tab>
+                <v-icon class="mr-2">
+                  mdi-cloud
+                </v-icon>
+                Server
+              </v-tab>
+            </v-tabs>
+          </template>
+
+          <v-tabs-items
+            v-model="tabs"
+            class="transparent"
+          >
+            <v-tab-item
+              v-for="n in 3"
+              :key="n"
+            >
+              <v-card-text>
+                <template v-for="(task, i) in tasks[tabs]">
+                  <v-row
+                    :key="i"
+                    align="center"
+                  >
+                    <v-col cols="1">
+                      <v-list-item-action>
+                        <v-checkbox
+                          v-model="task.value"
+                          color="secondary"
+                        />
+                      </v-list-item-action>
+                    </v-col>
+
+                    <v-col cols="9">
+                      <div
+                        class="font-weight-light"
+                        v-text="task.text"
+                      />
+                    </v-col>
+
+                    <v-col
+                      cols="2"
+                      class="text-right"
+                    >
+                      <v-icon class="mx-1">
+                        mdi-pencil
+                      </v-icon>
+                      <v-icon
+                        color="error"
+                        class="mx-1"
+                      >
+                        mdi-close
+                      </v-icon>
+                    </v-col>
+                  </v-row>
+                </template>
+              </v-card-text>
+            </v-tab-item>
+          </v-tabs-items>
+        </base-material-card>
+      </v-col>
+    </v-row>
+  </v-container>
+</template>
+
+<script>
+export default {
+  name: 'DashboardDashboard',
+
+  data () {
+    return {
+      dailySalesChart: {
+        data: {
+          labels: ['M', 'T', 'W', 'T', 'F', 'S', 'S'],
+          series: [
+            [12, 17, 7, 17, 23, 18, 38]
+          ]
+        },
+        options: {
+          lineSmooth: this.$chartist.Interpolation.cardinal({
+            tension: 0
+          }),
+          low: 0,
+          high: 50, // creative tim: we recommend you to set the high sa the biggest value + something for a better look
+          chartPadding: {
+            top: 0,
+            right: 0,
+            bottom: 0,
+            left: 0
+          }
+        }
+      },
+      dataCompletedTasksChart: {
+        data: {
+          labels: ['12am', '3pm', '6pm', '9pm', '12pm', '3am', '6am', '9am'],
+          series: [
+            [230, 750, 450, 300, 280, 240, 200, 190]
+          ]
+        },
+        options: {
+          lineSmooth: this.$chartist.Interpolation.cardinal({
+            tension: 0
+          }),
+          low: 0,
+          high: 1000, // creative tim: we recommend you to set the high sa the biggest value + something for a better look
+          chartPadding: {
+            top: 0,
+            right: 0,
+            bottom: 0,
+            left: 0
+          }
+        }
+      },
+      emailsSubscriptionChart: {
+        data: {
+          labels: ['Ja', 'Fe', 'Ma', 'Ap', 'Mai', 'Ju', 'Jul', 'Au', 'Se', 'Oc', 'No', 'De'],
+          series: [
+            [542, 443, 320, 780, 553, 453, 326, 434, 568, 610, 756, 895]
+
+          ]
+        },
+        options: {
+          axisX: {
+            showGrid: false
+          },
+          low: 0,
+          high: 1000,
+          chartPadding: {
+            top: 0,
+            right: 5,
+            bottom: 0,
+            left: 0
+          }
+        },
+        responsiveOptions: [
+          ['screen and (max-width: 640px)', {
+            seriesBarDistance: 5,
+            axisX: {
+              labelInterpolationFnc: function (value) {
+                return value[0]
+              }
+            }
+          }]
+        ]
+      },
+      headers: [
+        {
+          sortable: false,
+          text: 'ID',
+          value: 'id'
+        },
+        {
+          sortable: false,
+          text: 'Name',
+          value: 'name'
+        },
+        {
+          sortable: false,
+          text: 'Salary',
+          value: 'salary',
+          align: 'right'
+        },
+        {
+          sortable: false,
+          text: 'Country',
+          value: 'country',
+          align: 'right'
+        },
+        {
+          sortable: false,
+          text: 'City',
+          value: 'city',
+          align: 'right'
+        }
+      ],
+      items: [
+        {
+          id: 1,
+          name: 'Dakota Rice',
+          country: 'Niger',
+          city: 'Oud-Tunrhout',
+          salary: '$35,738'
+        },
+        {
+          id: 2,
+          name: 'Minerva Hooper',
+          country: 'Curaçao',
+          city: 'Sinaai-Waas',
+          salary: '$23,738'
+        },
+        {
+          id: 3,
+          name: 'Sage Rodriguez',
+          country: 'Netherlands',
+          city: 'Overland Park',
+          salary: '$56,142'
+        },
+        {
+          id: 4,
+          name: 'Philip Chanley',
+          country: 'Korea, South',
+          city: 'Gloucester',
+          salary: '$38,735'
+        },
+        {
+          id: 5,
+          name: 'Doris Greene',
+          country: 'Malawi',
+          city: 'Feldkirchen in Kārnten',
+          salary: '$63,542'
+        }
+      ],
+      tabs: 0,
+      tasks: {
+        0: [
+          {
+            text: 'Sign contract for "What are conference organizers afraid of?"',
+            value: true
+          },
+          {
+            text: 'Lines From Great Russian Literature? Or E-mails From My Boss?',
+            value: false
+          },
+          {
+            text: 'Flooded: One year later, assessing what was lost and what was found when a ravaging rain swept through metro Detroit',
+            value: false
+          },
+          {
+            text: 'Create 4 Invisible User Experiences you Never Knew About',
+            value: true
+          }
+        ],
+        1: [
+          {
+            text: 'Flooded: One year later, assessing what was lost and what was found when a ravaging rain swept through metro Detroit',
+            value: true
+          },
+          {
+            text: 'Sign contract for "What are conference organizers afraid of?"',
+            value: false
+          }
+        ],
+        2: [
+          {
+            text: 'Lines From Great Russian Literature? Or E-mails From My Boss?',
+            value: false
+          },
+          {
+            text: 'Flooded: One year later, assessing what was lost and what was found when a ravaging rain swept through metro Detroit',
+            value: true
+          },
+          {
+            text: 'Sign contract for "What are conference organizers afraid of?"',
+            value: true
+          }
+        ]
+      },
+      list: {
+        0: false,
+        1: false,
+        2: false
+      }
+    }
+  },
+
+  methods: {
+    complete (index) {
+      this.list[index] = !this.list[index]
+    }
+  }
+}
+</script>
diff --git a/web-app/src/admin/views/dashboard/Index.vue b/web-app/src/admin/views/dashboard/Index.vue
new file mode 100644
index 00000000..104ff8aa
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/Index.vue
@@ -0,0 +1,33 @@
+<template>
+  <v-app>
+    <dashboard-core-app-bar />
+
+    <dashboard-core-drawer />
+
+    <dashboard-core-view />
+
+<!--    <dashboard-core-settings />-->
+  </v-app>
+</template>
+
+<script>
+export default {
+  name: 'DashboardIndex',
+
+  components: {
+    DashboardCoreAppBar: () => import('./components/core/AppBar'),
+    DashboardCoreDrawer: () => import('./components/core/Drawer'),
+    // DashboardCoreSettings: () => import('./components/core/Settings'),
+    DashboardCoreView: () => import('./components/core/View')
+  },
+
+  data: () => ({
+    expandOnHover: false
+  })
+}
+</script>
+<style lang="scss" scoped>
+  ::v-deep .v-application--wrap {
+    overflow-y: auto;
+  }
+</style>
diff --git a/web-app/src/admin/views/dashboard/Upgrade.vue b/web-app/src/admin/views/dashboard/Upgrade.vue
new file mode 100644
index 00000000..981f362d
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/Upgrade.vue
@@ -0,0 +1,131 @@
+<template>
+  <v-container
+    id="upgrade"
+    fluid
+    tag="section"
+  >
+    <v-row justify="center">
+      <v-col
+        cols="12"
+        md="8"
+      >
+        <base-material-card color="primary">
+          <template v-slot:heading>
+            <div class="display-2 font-weight-light">
+              Vuetify Material Dashboard
+            </div>
+
+            <div class="subtitle-1 font-weight-light">
+              Are you looking for more components? Please check our Premium Version of Vuetify Material Dashboard
+            </div>
+          </template>
+
+          <v-simple-table>
+            <thead>
+              <tr>
+                <th />
+                <th class="subheading font-weight-light text-center">
+                  Free
+                </th>
+                <th class="subheading font-weight-light text-center">
+                  PRO
+                </th>
+              </tr>
+            </thead>
+            <tbody class="text-center">
+              <tr>
+                <th class="text-left font-weight-light subtitle-1">
+                  Components
+                </th>
+                <td>60</td>
+                <td>200</td>
+              </tr>
+              <tr>
+                <th class="text-left font-weight-light subtitle-1">
+                  Plugins
+                </th>
+                <td>2</td>
+                <td>4</td>
+              </tr>
+              <tr>
+                <th class="text-left font-weight-light subtitle-1">
+                  Example Pages
+                </th>
+                <td>3</td>
+                <td>8</td>
+              </tr>
+              <tr>
+                <th class="text-left font-weight-light subtitle-1">
+                  Login, Register, Pricing, Lock Pages
+                </th>
+                <td>
+                  <v-icon color="error">
+                    mdi-close
+                  </v-icon>
+                </td>
+                <td>
+                  <v-icon color="success">
+                    mdi-check
+                  </v-icon>
+                </td>
+              </tr>
+              <tr>
+                <th class="text-left font-weight-light subtitle-1">
+                  Premium Support
+                </th>
+                <td>
+                  <v-icon color="error">
+                    mdi-close
+                  </v-icon>
+                </td>
+                <td>
+                  <v-icon color="success">
+                    mdi-check
+                  </v-icon>
+                </td>
+              </tr>
+              <tr>
+                <th />
+                <td>Free</td>
+                <td>Just for <b class="subheading">$79</b></td>
+              </tr>
+              <tr>
+                <th />
+                <td>
+                  <v-btn
+                    color="grey"
+                    disabled
+                  >
+                    Current Version
+                  </v-btn>
+                </td>
+                <td>
+                  <v-btn
+                    color="success"
+                    target="_blank"
+                    href="https://www.creative-tim.com/product/vuetify-material-dashboard-pro?ref=vtymd-upgrade-page"
+                  >
+                    Upgrade to Pro
+                  </v-btn>
+                </td>
+              </tr>
+            </tbody>
+          </v-simple-table>
+        </base-material-card>
+      </v-col>
+    </v-row>
+  </v-container>
+</template>
+
+<script>
+export default {
+  name: 'DashboardDashboard'
+}
+</script>
+
+<style lang="sass">
+  #upgrade
+    .v-data-table
+      th, td
+        border: none !important
+</style>
diff --git a/web-app/src/admin/views/dashboard/component/Buttons.vue b/web-app/src/admin/views/dashboard/component/Buttons.vue
new file mode 100644
index 00000000..6f469e8c
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/component/Buttons.vue
@@ -0,0 +1,432 @@
+<template>
+  <v-container
+    id="buttons"
+    fluid
+    tag="section"
+  >
+    <base-v-component
+      heading="Buttons"
+      link="components/buttons"
+    />
+
+    <v-card>
+      <v-card-text class="pt-0">
+        <v-row>
+          <v-col
+            cols="12"
+            md="6"
+          >
+            <base-subheading>
+              <h5 class="font-weight-light">
+                Pick your Color
+              </h5>
+            </base-subheading>
+
+            <div>
+              <v-btn
+                v-for="(color, i) in colors"
+                :key="i"
+                elevation="1"
+                :color="color === 'default' ? undefined : color"
+                class="ma-1"
+              >
+                {{ color }}
+              </v-btn>
+            </div>
+          </v-col>
+
+          <v-col
+            class="pt-0"
+            cols="12"
+            md="6"
+          >
+            <base-subheading>
+              <h5 class="font-weight-light">
+                Buttons with Label
+              </h5>
+            </base-subheading>
+
+            <div>
+              <v-btn
+                v-for="(dir, i) in ['left', 'right']"
+                :key="i"
+                elevation="1"
+                class="ma-1"
+              >
+                <v-icon
+                  :left="dir === 'left'"
+                  :right="dir === 'right'"
+                  :class="dir === 'right' && 'order-last'"
+                  v-text="icons[dir]"
+                />
+                {{ dir }}
+              </v-btn>
+
+              <v-btn
+                v-for="(color, i) in colors.slice(2)"
+                :key="`btn-${i}`"
+                elevation="1"
+                :color="color === 'default' ? undefined : color"
+                class="ma-1"
+              >
+                <v-icon
+                  left
+                  v-text="icons[color]"
+                />
+                {{ color }}
+              </v-btn>
+            </div>
+          </v-col>
+
+          <v-col
+            cols="12"
+            md="6"
+          >
+            <base-subheading>
+              <h5 class="font-weight-light">
+                Pick your Size
+              </h5>
+            </base-subheading>
+
+            <v-btn
+              v-for="n in 3"
+              :key="n"
+              elevation="1"
+              :small="n === 1"
+              :large="n === 3"
+              class="ma-1"
+              color="secondary"
+            >
+              {{ n === 1 ? 'small' : n === 2 ? 'regular' : 'large' }}
+            </v-btn>
+          </v-col>
+
+          <v-col
+            cols="12"
+            md="6"
+          >
+            <base-subheading>
+              <h5 class="font-weight-light">
+                Pick your Style
+              </h5>
+            </base-subheading>
+
+            <v-btn
+              class="ma-1"
+              color="secondary"
+            >
+              Default
+            </v-btn>
+
+            <v-btn
+              class="ma-1"
+              elevation="1"
+              color="secondary"
+              rounded
+            >
+              Rounded
+            </v-btn>
+
+            <v-btn
+              class="ma-1"
+              color="secondary"
+              elevation="1"
+              rounded
+            >
+              <v-icon left>
+                mdi-heart
+              </v-icon>
+              With Icon
+            </v-btn>
+
+            <v-btn
+              class="ma-1"
+              color="secondary"
+              elevation="1"
+              fab
+              small
+            >
+              <v-icon>
+                mdi-heart
+              </v-icon>
+            </v-btn>
+
+            <v-btn
+              class="ma-1"
+              color="secondary"
+              text
+            >
+              Simple
+            </v-btn>
+          </v-col>
+
+          <v-col
+            cols="12"
+            md="6"
+          >
+            <base-subheading>
+              <h5 class="font-weight-light">
+                Pagination
+              </h5>
+            </base-subheading>
+
+            <v-pagination
+              :length="5"
+              :value="1"
+              circle
+              class="justify-start"
+            />
+
+            <v-pagination
+              :length="3"
+              :value="2"
+              circle
+              class="justify-start"
+              next-icon="mdi-menu-right"
+              prev-icon="mdi-menu-left"
+            />
+          </v-col>
+
+          <v-col
+            cols="12"
+            md="6"
+          >
+            <base-subheading>
+              <h5 class="font-weight-light">
+                Button Group
+              </h5>
+            </base-subheading>
+
+            <v-sheet>
+              <v-btn-toggle color="teal">
+                <v-btn
+                  v-for="dir in ['left', 'middle', 'right']"
+                  :key="dir"
+                >
+                  {{ dir }}
+                </v-btn>
+              </v-btn-toggle>
+            </v-sheet>
+
+            <div class="my-6" />
+
+            <v-btn-toggle
+              color="teal"
+              rounded
+            >
+              <v-btn
+                v-for="n in 4"
+                :key="n"
+              >
+                {{ n }}
+              </v-btn>
+            </v-btn-toggle>
+
+            <div class="my-2" />
+
+            <v-btn-toggle
+              color="teal"
+              rounded
+            >
+              <v-btn
+                v-for="n in 3"
+                :key="n"
+              >
+                {{ n + 4 }}
+              </v-btn>
+            </v-btn-toggle>
+          </v-col>
+
+          <template v-for="(s, i) in social">
+            <v-col
+              :key="i"
+              cols="12"
+              class="py-1"
+            >
+              <base-subheading
+                v-if="i === 0"
+                :key="`heading-${i}`"
+              >
+                <h5 class="font-weight-light">
+                  Social buttons
+                </h5>
+              </base-subheading>
+
+              <v-row dense>
+                <v-col
+                  cols="auto"
+                  md="4"
+                  sm="5"
+                >
+                  <v-btn
+                    elevation="1"
+                    :color="s.color"
+                    dark
+                  >
+                    <v-icon
+                      left
+                      v-text="s.icon"
+                    />
+                    {{ s.text }}
+                  </v-btn>
+                </v-col>
+
+                <v-col
+                  cols="auto"
+                  md="1"
+                  sm="1"
+                >
+                  <v-btn
+                    elevation="1"
+                    :color="s.color"
+                    dark
+                    min-width="0"
+                    max-width="41"
+                  >
+                    <v-icon v-text="s.icon" />
+                  </v-btn>
+                </v-col>
+
+                <v-col
+                  cols="auto"
+                  md="1"
+                  sm="1"
+                >
+                  <v-btn
+                    elevation="1"
+                    :color="s.color"
+                    dark
+                    fab
+                    min-width="0"
+                    small
+                  >
+                    <v-icon v-text="s.icon" />
+                  </v-btn>
+                </v-col>
+
+                <v-col
+                  cols="auto"
+                  md="1"
+                  sm="1"
+                >
+                  <v-btn
+                    :color="s.color"
+                    dark
+                    icon
+                    min-width="0"
+                  >
+                    <v-icon
+                      :color="s.color"
+                      v-text="s.icon"
+                    />
+                  </v-btn>
+                </v-col>
+
+                <v-col
+                  cols="auto"
+                  md="3"
+                  sm="4"
+                >
+                  <v-btn
+                    :color="s.color"
+                    dark
+                    text
+                  >
+                    <v-icon
+                      left
+                      :color="s.color"
+                      v-text="s.icon"
+                    />
+                    {{ s.text }}
+                  </v-btn>
+                </v-col>
+              </v-row>
+            </v-col>
+          </template>
+        </v-row>
+      </v-card-text>
+    </v-card>
+  </v-container>
+</template>
+
+<script>
+export default {
+  name: 'DashboardButtons',
+
+  data: () => ({
+    colors: [
+      'default',
+      'secondary',
+      'info',
+      'success',
+      'warning',
+      'error'
+    ],
+    icons: {
+      left: 'mdi-chevron-left',
+      right: 'mdi-chevron-right',
+      info: 'mdi-exclamation',
+      success: 'mdi-check',
+      warning: 'mdi-alert',
+      error: 'mdi-close'
+    },
+    social: [
+      {
+        color: '#55ACEE',
+        icon: 'mdi-twitter',
+        text: 'Connect with Twitter'
+      },
+      {
+        color: '#3B5998',
+        icon: 'mdi-facebook',
+        text: 'Share - 2.2K'
+      },
+      {
+        color: '#DD4b39',
+        icon: 'mdi-google-plus',
+        text: 'Share on Google+'
+      },
+      {
+        color: '#0976B4',
+        icon: 'mdi-linkedin',
+        text: 'Connect with LinkedIn'
+      },
+      {
+        color: '#CC2127',
+        icon: 'mdi-pinterest',
+        text: 'Pint It - 212'
+      },
+      {
+        color: '#E52D27',
+        icon: 'mdi-youtube',
+        text: 'View on Youtube'
+      },
+      {
+        color: '#35465C',
+        icon: 'mdi-tumblr',
+        text: 'Repost'
+      },
+      {
+        color: '#333333',
+        icon: 'mdi-github-circle',
+        text: 'Connect with Github'
+      },
+      {
+        color: '#1769FF',
+        icon: 'mdi-behance',
+        text: 'Follow Us'
+      },
+      {
+        color: '#EA4C89',
+        icon: 'mdi-dribbble',
+        text: 'Follow us on Dribbble'
+      },
+      {
+        color: '#FF4500',
+        icon: 'mdi-reddit',
+        text: 'Repost - 232'
+      }
+    ]
+  })
+}
+</script>
diff --git a/web-app/src/admin/views/dashboard/component/Grid.vue b/web-app/src/admin/views/dashboard/component/Grid.vue
new file mode 100644
index 00000000..5dcb0c71
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/component/Grid.vue
@@ -0,0 +1,300 @@
+<template>
+  <v-container
+    id="grid"
+    fluid
+    tag="section"
+  >
+    <base-v-component
+      heading="Grid System"
+      link="components/grid"
+    />
+
+    <v-row class="text-center">
+      <base-subheading
+        subheading="XS Grid"
+        text="Always Horizontal"
+        class="pb-0 pl-3 mt-5"
+      />
+
+      <v-col
+        v-for="n in 3"
+        :key="`cols-${n}`"
+        cols="4"
+        class="pt-0"
+      >
+        <v-card class="mt-0">
+          <v-card-text class="red--text text--darken-4">
+            col-4
+          </v-card-text>
+        </v-card>
+      </v-col>
+
+      <base-subheading
+        subheading="SM Grid"
+        text="Collapsed at 600px"
+        class="pb-0 pl-3 mt-5"
+      />
+
+      <v-col
+        v-for="n in 3"
+        :key="`sm-${n}`"
+        cols="12"
+        sm="4"
+        class="pt-0"
+      >
+        <v-card class="mt-0">
+          <v-card-text class="red--text text--darken-4">
+            col-sm-4
+          </v-card-text>
+        </v-card>
+      </v-col>
+
+      <base-subheading
+        subheading="MD Grid"
+        text="Collapsed at 960px"
+        class="pb-0 pl-3 mt-5"
+      />
+
+      <v-col
+        v-for="n in 3"
+        :key="`md-${n}`"
+        cols="12"
+        md="4"
+        class="pt-0"
+      >
+        <v-card class="mt-0">
+          <v-card-text class="red--text text--darken-4">
+            col-md-4
+          </v-card-text>
+        </v-card>
+      </v-col>
+
+      <base-subheading
+        subheading="LG Grid"
+        text="Collapsed at 1280px"
+        class="pb-0 pl-3 mt-5"
+      />
+
+      <v-col
+        v-for="n in 3"
+        :key="`lg-${n}`"
+        cols="12"
+        lg="4"
+        class="pt-0"
+      >
+        <v-card class="mt-0">
+          <v-card-text class="red--text text--darken-4">
+            col-lg-4
+          </v-card-text>
+        </v-card>
+      </v-col>
+
+      <base-subheading
+        subheading="XL Grid"
+        text="Collapsed at 1920px"
+        class="pb-0 pl-3 mt-5"
+      />
+
+      <v-col
+        v-for="n in 3"
+        :key="`xl-${n}`"
+        cols="12"
+        xl="4"
+        class="pt-0"
+      >
+        <v-card class="mt-0">
+          <v-card-text class="red--text text--darken-4">
+            col-xl-4
+          </v-card-text>
+        </v-card>
+      </v-col>
+
+      <base-subheading
+        subheading="Mixed Grid"
+        text="Showing different sizes on different screens"
+        class="pb-0 pl-3 mt-5"
+      />
+
+      <v-col
+        v-for="n in 4 "
+        :key="`mixed-${n}`"
+        sm="6"
+        lg="3"
+        class="pt-0"
+      >
+        <v-card class="mt-0">
+          <v-card-text class="red--text text--darken-4">
+            col-xl-4
+          </v-card-text>
+        </v-card>
+      </v-col>
+    </v-row>
+
+    <v-row class="text-center">
+      <base-subheading
+        subheading="Offset Grid"
+        text="Adding some space when neede"
+        class="pb-0 pl-3 mt-5"
+      />
+
+      <v-col
+        md="3"
+        class="pt-0"
+      >
+        <v-card class="mt-0">
+          <v-card-text class="red--text text--darken-4">
+            col-md-3
+          </v-card-text>
+        </v-card>
+      </v-col>
+
+      <v-col
+        md="3"
+        class="ml-auto"
+      >
+        <v-card class="mt-0">
+          <v-card-text class="red--text text--darken-4">
+            col-md-4 ml-auto mr-auto
+          </v-card-text>
+        </v-card>
+      </v-col>
+    </v-row>
+
+    <v-row class="text-center">
+      <v-col
+        v-for="n in 2"
+        :key="`offset-${n}`"
+        class="ml-auto mr-auto"
+        md="4"
+      >
+        <v-card class="mt-0">
+          <v-card-text class="red--text text--darken-4">
+            col-md-4 ml-auto mr-auto
+          </v-card-text>
+        </v-card>
+      </v-col>
+    </v-row>
+
+    <v-row class="text-center mb-12">
+      <v-col
+        class="ml-auto mr-auto"
+        md="6"
+      >
+        <v-card class="mt-0">
+          <v-card-text class="red--text text--darken-4">
+            col-md-6 ml-auto mr-auto
+          </v-card-text>
+        </v-card>
+      </v-col>
+    </v-row>
+
+    <v-row>
+      <paragraph-heading class="text-center pb-0">
+        <h4 class="font-weight-light">
+          Paragraphs
+        </h4>
+      </paragraph-heading>
+
+      <v-col cols="12 pt-0">
+        <v-card>
+          <v-container fluid>
+            <v-row>
+              <v-col
+                cols="12"
+                md="6"
+              >
+                <paragraph-heading>Some Title Here</paragraph-heading>
+
+                <v-card-text class="font-weight-light">
+                  One morning, when Gregor Samsa woke from troubled dreams, he found himself transformed in his bed into a horrible vermin. He lay on his armour-like back, and if he lifted his head a little he could see his brown belly, slightly domed and divided by arches into stiff sections. The bedding was hardly able to cover it and seemed ready to slide off any moment. His many legs, pitifully thin compared with the size of the rest of him, waved about helplessly as he looked. "What's happened to me?" he thought.
+                </v-card-text>
+              </v-col>
+
+              <v-col
+                cols="12"
+                md="6"
+              >
+                <paragraph-heading>Another Title Here</paragraph-heading>
+
+                <v-card-text class="font-weight-light">
+                  One morning, when Gregor Samsa woke from troubled dreams, he found himself transformed in his bed into a horrible vermin. He lay on his armour-like back, and if he lifted his head a little he could see his brown belly, slightly domed and divided by arches into stiff sections. The bedding was hardly able to cover it and seemed ready to slide off any moment. His many legs, pitifully thin compared with the size of the rest of him, waved about helplessly as he looked. "What's happened to me?" he thought.
+                </v-card-text>
+              </v-col>
+
+              <v-col
+                cols="12"
+                md="4"
+              >
+                <paragraph-heading>Some Title Here</paragraph-heading>
+
+                <v-card-text class="font-weight-light">
+                  One morning, when Gregor Samsa woke from troubled dreams, he found himself transformed in his bed into a horrible vermin. He lay on his armour-like back, and if he lifted his head a little he could see his brown belly, slightly domed and divided by arches into stiff sections. The bedding was hardly able to cover it and seemed ready to slide off any moment.
+                </v-card-text>
+              </v-col>
+
+              <v-col
+                cols="12"
+                md="4"
+              >
+                <paragraph-heading>Another Title Here</paragraph-heading>
+
+                <v-card-text class="font-weight-light">
+                  One morning, when Gregor Samsa woke from troubled dreams, he found himself transformed in his bed into a horrible vermin. He lay on his armour-like back, and if he lifted his head a little he could see his brown belly, slightly domed and divided by arches into stiff sections. The bedding was hardly able to cover it and seemed ready to slide off any moment.
+                </v-card-text>
+              </v-col>
+
+              <v-col
+                cols="12"
+                md="4"
+              >
+                <paragraph-heading>Another Title Here</paragraph-heading>
+
+                <v-card-text class="font-weight-light">
+                  One morning, when Gregor Samsa woke from troubled dreams, he found himself transformed in his bed into a horrible vermin. He lay on his armour-like back, and if he lifted his head a little he could see his brown belly, slightly domed and divided by arches into stiff sections. The bedding was hardly able to cover it and seemed ready to slide off any moment.
+                </v-card-text>
+              </v-col>
+
+              <v-col
+                cols="12"
+                md="4"
+              >
+                <paragraph-heading>Some Title Here</paragraph-heading>
+
+                <v-card-text class="font-weight-light">
+                  One morning, when Gregor Samsa woke from troubled dreams, he found himself transformed in his bed into a horrible vermin. He lay on his armour-like back, and if he lifted his head a little he could see his brown belly, slightly domed and divided by arches into stiff sections. The bedding was hardly able to cover it and seemed ready to slide off any moment.
+                </v-card-text>
+              </v-col>
+
+              <v-col
+                cols="12"
+                md="8"
+              >
+                <paragraph-heading>Another Title Here</paragraph-heading>
+
+                <v-card-text class="font-weight-light">
+                  One morning, when Gregor Samsa woke from troubled dreams, he found himself transformed in his bed into a horrible vermin. He lay on his armour-like back, and if he lifted his head a little he could see his brown belly, slightly domed and divided by arches into stiff sections. The bedding was hardly able to cover it and seemed ready to slide off any moment. One morning, when Gregor Samsa woke from troubled dreams, he found himself transformed in his bed into a horrible vermin. He lay on his armour-like back, and if he lifted his head a little he could see his brown belly, slightly domed and divided by arches into stiff sections. The bedding was hardly able to cover it and seemed ready to slide off any moment.
+                </v-card-text>
+              </v-col>
+            </v-row>
+          </v-container>
+        </v-card>
+      </v-col>
+    </v-row>
+  </v-container>
+</template>
+
+<script>
+export default {
+  name: 'DashboardGrid',
+
+  components: {
+    ParagraphHeading: {
+      render (h) {
+        return h('div', {
+          class: 'headline font-weight-light col cols-12'
+        }, this.$slots.default)
+      }
+    }
+  }
+}
+</script>
diff --git a/web-app/src/admin/views/dashboard/component/Icons.vue b/web-app/src/admin/views/dashboard/component/Icons.vue
new file mode 100644
index 00000000..e4cc1cbb
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/component/Icons.vue
@@ -0,0 +1,301 @@
+<template>
+  <v-container
+    id="icons"
+    fluid
+    tag="section"
+  >
+    <base-v-component
+      heading="Icons"
+      link="components/icons"
+    />
+
+    <v-row>
+      <v-col cols="12">
+        <base-material-card color="green">
+          <template v-slot:heading>
+            <div class="display-2 font-weight-light">
+              Material Design Icons
+            </div>
+
+            <div class="subtitle-1 font-weight-light">
+              See all available
+              <a
+                class="white--text"
+                href="https://materialdesignicons.com/"
+                target="_blank"
+              >
+                Icons
+              </a>
+            </div>
+          </template>
+
+          <v-row
+            align="center"
+            justify="center"
+          >
+            <v-col
+              v-for="icon in icons"
+              :key="icon"
+              class="ma-2"
+            >
+              <v-tooltip
+                content-class="top"
+                top
+              >
+                <template v-slot:activator="{ attrs, on }">
+                  <v-icon
+                    v-bind="attrs"
+                    v-on="on"
+                  >
+                    {{ icon }}
+                  </v-icon>
+                </template>
+                <span>{{ icon }}</span>
+              </v-tooltip>
+            </v-col>
+          </v-row>
+        </base-material-card>
+      </v-col>
+
+      <v-col
+        class="mx-auto"
+        cols="auto"
+      >
+        <v-btn
+          color="success"
+          href="https://materialdesignicons.com/"
+          large
+          target="_blank"
+        >
+          <v-icon left>
+            mdi-material-design
+          </v-icon>
+          <span>See all icons</span>
+        </v-btn>
+      </v-col>
+    </v-row>
+  </v-container>
+</template>
+
+<script>
+export default {
+  name: 'DashboardIcons',
+
+  data: () => ({
+    icons: [
+      'mdi-access-point',
+      'mdi-access-point-network',
+      'mdi-account',
+      'mdi-account-alert',
+      'mdi-account-box',
+      'mdi-account-box-multiple',
+      'mdi-account-box-outline',
+      'mdi-account-card-details',
+      'mdi-account-check',
+      'mdi-account-circle',
+      'mdi-account-convert',
+      'mdi-account-edit',
+      'mdi-account-group',
+      'mdi-account-heart',
+      'mdi-account-key',
+      'mdi-account-location',
+      'mdi-account-minus',
+      'mdi-account-multiple',
+      'mdi-account-multiple-check',
+      'mdi-account-multiple-minus',
+      'mdi-account-multiple-outline',
+      'mdi-account-multiple-plus',
+      'mdi-account-multiple-plus-outline',
+      'mdi-account-network',
+      'mdi-account-off',
+      'mdi-account-outline',
+      'mdi-account-plus',
+      'mdi-account-plus-outline',
+      'mdi-account-remove',
+      'mdi-account-search',
+      'mdi-account-search-outline',
+      'mdi-account-settings',
+      'mdi-account-settings-variant',
+      'mdi-account-star',
+      'mdi-account-switch',
+      'mdi-accusoft',
+      'mdi-adjust',
+      'mdi-adobe',
+      'mdi-air-conditioner',
+      'mdi-airballoon',
+      'mdi-airplane',
+      'mdi-airplane-landing',
+      'mdi-airplane-off',
+      'mdi-airplane-takeoff',
+      'mdi-airplay',
+      'mdi-airport',
+      'mdi-alarm',
+      'mdi-alarm-bell',
+      'mdi-alarm-check',
+      'mdi-alarm-light',
+      'mdi-alarm-multiple',
+      'mdi-alarm-off',
+      'mdi-alarm-plus',
+      'mdi-alarm-snooze',
+      'mdi-album',
+      'mdi-alert',
+      'mdi-alert-box',
+      'mdi-alert-circle',
+      'mdi-alert-circle-outline',
+      'mdi-alert-decagram',
+      'mdi-alert-octagon',
+      'mdi-alert-octagram',
+      'mdi-alert-outline',
+      'mdi-alien',
+      'mdi-all-inclusive',
+      'mdi-alpha',
+      'mdi-alphabetical',
+      'mdi-altimeter',
+      'mdi-amazon',
+      'mdi-amazon-alexa',
+      'mdi-amazon-drive',
+      'mdi-ambulance',
+      'mdi-amplifier',
+      'mdi-anchor',
+      'mdi-android',
+      'mdi-android-debug-bridge',
+      'mdi-android-head',
+      'mdi-android-studio',
+      'mdi-angle-acute',
+      'mdi-angle-obtuse',
+      'mdi-angle-right',
+      'mdi-angular',
+      'mdi-angularjs',
+      'mdi-animation',
+      'mdi-animation-play',
+      'mdi-anvil',
+      'mdi-apple',
+      'mdi-apple-finder',
+      'mdi-apple-icloud',
+      'mdi-apple-ios',
+      'mdi-apple-keyboard-caps',
+      'mdi-apple-keyboard-command',
+      'mdi-apple-keyboard-control',
+      'mdi-apple-keyboard-option',
+      'mdi-apple-keyboard-shift',
+      'mdi-apple-safari',
+      'mdi-application',
+      'mdi-approval',
+      'mdi-apps',
+      'mdi-arch',
+      'mdi-archive',
+      'mdi-arrange-bring-forward',
+      'mdi-arrange-bring-to-front',
+      'mdi-arrange-send-backward',
+      'mdi-arrange-send-to-back',
+      'mdi-arrow-all',
+      'mdi-arrow-bottom-left',
+      'mdi-arrow-bottom-left-bold-outline',
+      'mdi-arrow-bottom-left-thick',
+      'mdi-arrow-bottom-right',
+      'mdi-arrow-bottom-right-bold-outline',
+      'mdi-arrow-bottom-right-thick',
+      'mdi-arrow-collapse',
+      'mdi-arrow-collapse-all',
+      'mdi-arrow-collapse-down',
+      'mdi-arrow-collapse-horizontal',
+      'mdi-arrow-collapse-left',
+      'mdi-arrow-collapse-right',
+      'mdi-arrow-collapse-up',
+      'mdi-arrow-collapse-vertical',
+      'mdi-arrow-decision',
+      'mdi-arrow-decision-auto',
+      'mdi-arrow-decision-auto-outline',
+      'mdi-arrow-decision-outline',
+      'mdi-arrow-down',
+      'mdi-arrow-down-bold',
+      'mdi-arrow-down-bold-box',
+      'mdi-arrow-down-bold-box-outline',
+      'mdi-arrow-down-bold-circle',
+      'mdi-arrow-down-bold-circle-outline',
+      'mdi-arrow-down-bold-hexagon-outline',
+      'mdi-arrow-down-bold-outline',
+      'mdi-arrow-down-box',
+      'mdi-arrow-down-drop-circle',
+      'mdi-arrow-down-drop-circle-outline',
+      'mdi-arrow-down-thick',
+      'mdi-arrow-expand',
+      'mdi-arrow-expand-all',
+      'mdi-arrow-expand-down',
+      'mdi-arrow-expand-horizontal',
+      'mdi-arrow-expand-left',
+      'mdi-arrow-expand-right',
+      'mdi-arrow-expand-up',
+      'mdi-arrow-expand-vertical',
+      'mdi-arrow-left',
+      'mdi-arrow-left-bold',
+      'mdi-arrow-left-bold-box',
+      'mdi-arrow-left-bold-box-outline',
+      'mdi-arrow-left-bold-circle',
+      'mdi-arrow-left-bold-circle-outline',
+      'mdi-arrow-left-bold-hexagon-outline',
+      'mdi-arrow-left-bold-outline',
+      'mdi-arrow-left-box',
+      'mdi-arrow-left-drop-circle',
+      'mdi-arrow-left-drop-circle-outline',
+      'mdi-arrow-left-right-bold-outline',
+      'mdi-arrow-left-thick',
+      'mdi-arrow-right',
+      'mdi-arrow-right-bold',
+      'mdi-arrow-right-bold-box',
+      'mdi-arrow-right-bold-box-outline',
+      'mdi-arrow-right-bold-circle',
+      'mdi-arrow-right-bold-circle-outline',
+      'mdi-arrow-right-bold-hexagon-outline',
+      'mdi-arrow-right-bold-outline',
+      'mdi-arrow-right-box',
+      'mdi-arrow-right-drop-circle',
+      'mdi-arrow-right-drop-circle-outline',
+      'mdi-arrow-right-thick',
+      'mdi-arrow-split-horizontal',
+      'mdi-arrow-split-vertical',
+      'mdi-arrow-top-left',
+      'mdi-arrow-top-left-bold-outline',
+      'mdi-arrow-top-left-thick',
+      'mdi-arrow-top-right',
+      'mdi-arrow-top-right-bold-outline',
+      'mdi-arrow-top-right-thick',
+      'mdi-arrow-up',
+      'mdi-arrow-up-bold',
+      'mdi-arrow-up-bold-box',
+      'mdi-arrow-up-bold-box-outline',
+      'mdi-arrow-up-bold-circle',
+      'mdi-arrow-up-bold-circle-outline',
+      'mdi-arrow-up-bold-hexagon-outline',
+      'mdi-arrow-up-bold-outline',
+      'mdi-arrow-up-box',
+      'mdi-arrow-up-down-bold-outline',
+      'mdi-arrow-up-drop-circle',
+      'mdi-arrow-up-drop-circle-outline',
+      'mdi-arrow-up-thick',
+      'mdi-artist',
+      'mdi-assistant',
+      'mdi-asterisk',
+      'mdi-at',
+      'mdi-atlassian',
+      'mdi-atom',
+      'mdi-attachment',
+      'mdi-audio-video',
+      'mdi-audiobook',
+      'mdi-augmented-reality',
+      'mdi-auto-fix',
+      'mdi-auto-upload',
+      'mdi-autorenew',
+      'mdi-av-timer',
+      'mdi-axe',
+      'mdi-azure',
+      'mdi-baby',
+      'mdi-baby-buggy',
+      'mdi-backburger',
+      'mdi-backspace',
+      'mdi-backup-restore',
+      'mdi-badminton'
+    ]
+  })
+}
+</script>
diff --git a/web-app/src/admin/views/dashboard/component/Notifications.vue b/web-app/src/admin/views/dashboard/component/Notifications.vue
new file mode 100644
index 00000000..4cd3a9da
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/component/Notifications.vue
@@ -0,0 +1,406 @@
+<template>
+  <v-container
+    id="alerts"
+    fluid
+    tag="section"
+  >
+    <base-v-component
+      heading="Alerts"
+      link="components/alerts"
+    />
+
+    <v-row>
+      <v-col
+        cols="12"
+        md="6"
+      >
+        <v-card>
+          <v-card-text>
+            <base-subheading subheading="Notification Style" />
+
+            <base-material-alert
+              color="info"
+              dark
+            >
+              This is a plain notification.
+            </base-material-alert>
+
+            <base-material-alert
+              color="info"
+              dark
+              dismissible
+            >
+              This is a notification with close button.
+            </base-material-alert>
+
+            <base-material-alert
+              color="info"
+              dark
+              dismissible
+              icon="mdi-bell"
+            >
+              This is a notification with close button and icon and have many lines. You can see that the icon and the close button are always vertically aligned. This is a beautiful notification. So you don't have to worry about the style.
+            </base-material-alert>
+
+            <base-material-alert
+              color="primary"
+              dark
+              dismissible
+              icon="mdi-bell"
+            >
+              You can see that the icon and the close button are always vertically aligned. This is a beautiful notification. So you don't have to worry about the style.
+            </base-material-alert>
+          </v-card-text>
+        </v-card>
+      </v-col>
+
+      <v-col
+        cols="12"
+        md="6"
+      >
+        <v-card>
+          <v-card-text>
+            <base-subheading subheading="Notification states" />
+
+            <base-material-alert
+              v-for="color in colors"
+              :key="color"
+              :color="color"
+              dark
+              dismissible
+            >
+              <span
+                class="text-uppercase"
+                v-text="color"
+              /> — This is a regular alert made with the color of "{{ color }}"
+            </base-material-alert>
+
+            <base-material-alert
+              color="secondary"
+              dark
+              dismissible
+            >
+              <span>PRIMARY</span> — This is a regular alert made with the color "secondary"
+            </base-material-alert>
+
+            <base-material-alert
+              color="pink darken-1"
+              dark
+              dismissible
+            >
+              <span>PINK DARKEN-1</span> — This is a regular alert made with the color "pink darken-1"
+            </base-material-alert>
+          </v-card-text>
+        </v-card>
+      </v-col>
+
+      <v-col cols="12">
+        <v-card>
+          <v-card-text class="text-center">
+            <base-subheading
+              class="text-center"
+              subheading="Snackbar Locations"
+            />
+
+            <v-row
+              class="mt-n12"
+              justify="center"
+            >
+              <v-col
+                cols="10"
+                lg="8"
+              >
+                <v-row>
+                  <v-col
+                    v-for="dir in directions"
+                    :key="dir"
+                    cols="4"
+                  >
+                    <v-btn
+                      color="secondary"
+                      default
+                      class="v-btn--block"
+                      @click="randomColor(), direction = dir, snackbar = true"
+                    >
+                      {{ dir }}
+                    </v-btn>
+                  </v-col>
+                </v-row>
+              </v-col>
+            </v-row>
+
+            <base-subheading
+              class="text-center"
+              subheading="Dialogs"
+            />
+
+            <v-row
+              class="mt-n12"
+              justify="center"
+            >
+              <v-col
+                cols="10"
+                lg="8"
+              >
+                <v-row>
+                  <v-col cols="4">
+                    <v-btn
+                      color="secondary"
+                      default
+                      rounded
+                      @click="dialog = true"
+                    >
+                      Classic Dialog
+                    </v-btn>
+                  </v-col>
+                  <v-col cols="4">
+                    <v-btn
+                      color="info"
+                      default
+                      rounded
+                      @click="dialog2 = true"
+                    >
+                      Notice Modal
+                    </v-btn>
+                  </v-col>
+                  <v-col cols="4">
+                    <v-btn
+                      color="pink darken-1"
+                      dark
+                      default
+                      rounded
+                      @click="dialog3 = true"
+                    >
+                      Small Alert Modal
+                    </v-btn>
+                  </v-col>
+                </v-row>
+              </v-col>
+            </v-row>
+          </v-card-text>
+        </v-card>
+      </v-col>
+    </v-row>
+
+    <base-material-snackbar
+      v-model="snackbar"
+      :type="color"
+      v-bind="{
+        [parsedDirection[0]]: true,
+        [parsedDirection[1]]: true
+      }"
+    >
+      Welcome to <span class="font-weight-bold">&nbsp;MATERIAL DASHBOARD&nbsp;</span> — a beautiful admin panel for every web developer.
+    </base-material-snackbar>
+
+    <v-dialog
+      v-model="dialog"
+      max-width="500"
+    >
+      <v-card class="text-center">
+        <v-card-title>
+          Dialog Title
+
+          <v-spacer />
+
+          <v-icon
+            aria-label="Close"
+            @click="dialog = false"
+          >
+            mdi-close
+          </v-icon>
+        </v-card-title>
+
+        <v-card-text>
+          Far far away, behind the word mountains, far from the countries Vokalia and Consonantia, there live the blind texts. Separated they live in Bookmarksgrove right at the coast of the Semantics, a large language ocean. A small river named Duden flows by their place and supplies it with the necessary regelialia. It is a paradisematic country, in which roasted parts of sentences fly into your mouth. Even the all-powerful Pointing has no control about the blind texts it is an almost unorthographic life One day however a small line of blind text by the name of Lorem Ipsum decided to leave for the far World of Grammar.
+        </v-card-text>
+
+        <v-card-actions>
+          <v-spacer />
+
+          <v-btn
+            color="error"
+            text
+            @click="dialog = false"
+          >
+            Close
+          </v-btn>
+        </v-card-actions>
+      </v-card>
+    </v-dialog>
+
+    <v-dialog
+      v-model="dialog2"
+      max-width="500"
+    >
+      <v-card>
+        <v-card-title>
+          How do you become an affiliate?
+
+          <v-spacer />
+
+          <v-icon
+            aria-label="Close"
+            @click="dialog2 = false"
+          >
+            mdi-close
+          </v-icon>
+        </v-card-title>
+
+        <v-card-text class="body-1 text-center">
+          <v-row>
+            <v-col
+              cols="12"
+              md="8"
+            >
+              <div>
+                <div>
+                  <strong>1. Register</strong>
+                </div>
+
+                <div class="grey--text">
+                  The first step is to create an account at Creative Tim. You can choose a social network or go for the classic version, whatever works best for you.
+                </div>
+              </div>
+            </v-col>
+
+            <v-col
+              class="hidden-sm-and-down"
+              md="4"
+            >
+              <v-sheet>
+                <v-img
+                  src="https://demos.creative-tim.com/material-dashboard/assets/img/card-1.jpg"
+                  height="100"
+                  width="200"
+                />
+              </v-sheet>
+            </v-col>
+
+            <v-col
+              cols="12"
+              md="8"
+            >
+              <div>
+                <div>
+                  <strong>2. Apply</strong>
+                </div>
+
+                <div class="grey--text">
+                  The first step is to create an account at <a href="http://www.creative-tim.com/">Creative Tim</a>. You can choose a social network or go for the classic version, whatever works best for you.
+                </div>
+              </div>
+            </v-col>
+
+            <v-col
+              class="hidden-sm-and-down"
+              md="4"
+            >
+              <v-sheet>
+                <v-img
+                  src="https://demos.creative-tim.com/material-dashboard/assets/img/card-2.jpg"
+                  height="100"
+                  width="200"
+                />
+              </v-sheet>
+            </v-col>
+
+            <v-col cols="12">
+              If you have more questions, don't hesitate to contact us or send us a tweet @creativetim. We're here to help!
+            </v-col>
+          </v-row>
+
+          <v-btn
+            class="mt-6"
+            color="info"
+            depressed
+            default
+            rounded
+            @click="dialog2 = false"
+          >
+            Sounds good
+          </v-btn>
+        </v-card-text>
+      </v-card>
+    </v-dialog>
+
+    <v-dialog
+      v-model="dialog3"
+      max-width="300"
+    >
+      <v-card>
+        <v-card-title>
+          Are you sure?
+
+          <v-spacer />
+
+          <v-icon
+            aria-label="Close"
+            @click="dialog3 = false"
+          >
+            mdi-close
+          </v-icon>
+        </v-card-title>
+
+        <v-card-text class="pb-6 pt-12 text-center">
+          <v-btn
+            class="mr-3"
+            text
+            @click="dialog3 = false"
+          >
+            Nevermind
+          </v-btn>
+
+          <v-btn
+            color="success"
+            text
+            @click="dialog3 = false"
+          >
+            Yes
+          </v-btn>
+        </v-card-text>
+      </v-card>
+    </v-dialog>
+  </v-container>
+</template>
+
+<script>
+export default {
+  name: 'DashboardNotifications',
+
+  data: () => ({
+    color: 'info',
+    colors: [
+      'info',
+      'success',
+      'warning',
+      'error'
+    ],
+    dialog: false,
+    dialog2: false,
+    dialog3: false,
+    direction: 'top center',
+    directions: [
+      'top left',
+      'top center',
+      'top right',
+      'bottom left',
+      'bottom center',
+      'bottom right'
+    ],
+    snackbar: false
+  }),
+
+  computed: {
+    parsedDirection () {
+      return this.direction.split(' ')
+    }
+  },
+
+  methods: {
+    randomColor () {
+      this.color = this.colors[Math.floor(Math.random() * this.colors.length)]
+    }
+  }
+}
+</script>
diff --git a/web-app/src/admin/views/dashboard/component/Tabs.vue b/web-app/src/admin/views/dashboard/component/Tabs.vue
new file mode 100644
index 00000000..fa990a60
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/component/Tabs.vue
@@ -0,0 +1,418 @@
+<template>
+  <v-container
+    id="panels"
+    fluid
+    tag="section"
+  >
+    <base-v-component
+      heading="Tabs"
+      link="components/tabs"
+    />
+
+    <v-row>
+      <v-col
+        cols="12"
+        md="6"
+      >
+        <v-card class="my-0">
+          <v-card-text>
+            <base-subheading
+              subheading="Navigation Pills"
+              text="Horizontal Tabs"
+            />
+
+            <base-material-tabs color="warning">
+              <v-tab
+                v-for="(tab, i) in tabs"
+                :key="i"
+              >
+                {{ tab }}
+              </v-tab>
+
+              <v-tab-item>
+                <v-card
+                  text
+                  class="my-0"
+                >
+                  <v-card-text>
+                    <p>
+                      Collaboratively administrate empowered markets via plug-and-play networks. Dynamically procrastinate B2C users after installed base benefits.
+                    </p>
+
+                    <p>
+                      Dramatically visualize customer directed convergence without revolutionary ROI. Collaboratively administrate empowered markets via plug-and-play networks. Dynamically procrastinate B2C users after installed base benefits.
+                    </p>
+
+                    <div>This is very nice.</div>
+                  </v-card-text>
+                </v-card>
+              </v-tab-item>
+
+              <v-tab-item>
+                <v-card
+                  text
+                  class="my-0"
+                >
+                  <v-card-text>
+                    <p>
+                      Efficiently unleash cross-media information without cross-media value. Quickly maximize timely deliverables for real-time schemas.
+                    </p>
+
+                    <div>
+                      Dramatically maintain clicks-and-mortar solutions without functional solutions.
+                    </div>
+                  </v-card-text>
+                </v-card>
+              </v-tab-item>
+
+              <v-tab-item>
+                <v-card
+                  text
+                  class="my-0"
+                >
+                  <v-card-text>
+                    <p>
+                      Completely synergize resource taxing relationships via premier niche markets. Professionally cultivate one-to-one customer service with robust ideas.
+                    </p>
+
+                    <div>
+                      Dynamically innovate resource-leveling customer service for state of the art customer service.
+                    </div>
+                  </v-card-text>
+                </v-card>
+              </v-tab-item>
+            </base-material-tabs>
+          </v-card-text>
+        </v-card>
+      </v-col>
+
+      <v-col
+        cols="12"
+        md="6"
+      >
+        <v-card class="mt-0">
+          <v-card-text>
+            <base-subheading
+              subheading="Navigation Pills"
+              text="Vertical Tabs"
+            />
+
+            <base-material-tabs
+              color="success"
+              vertical
+            >
+              <v-tab
+                v-for="(tab, i) in tabs"
+                :key="i"
+                class="mb-1"
+              >
+                {{ tab }}
+              </v-tab>
+
+              <v-tab-item>
+                <v-card
+                  text
+                  class="my-0"
+                >
+                  <v-card-text class="pt-0">
+                    <p>
+                      Collaboratively administrate empowered markets via plug-and-play networks. Dynamically procrastinate B2C users after installed base benefits.
+                    </p>
+
+                    <p>
+                      Dramatically visualize customer directed convergence without revolutionary ROI. Collaboratively administrate empowered markets via plug-and-play networks. Dynamically procrastinate B2C users after installed base benefits.
+                    </p>
+
+                    <div>This is very nice.</div>
+                  </v-card-text>
+                </v-card>
+              </v-tab-item>
+
+              <v-tab-item>
+                <v-card
+                  text
+                  class="my-0"
+                >
+                  <v-card-text class="pt-0">
+                    <p>
+                      Efficiently unleash cross-media information without cross-media value. Quickly maximize timely deliverables for real-time schemas.
+                    </p>
+
+                    <div>
+                      Dramatically maintain clicks-and-mortar solutions without functional solutions.
+                    </div>
+                  </v-card-text>
+                </v-card>
+              </v-tab-item>
+
+              <v-tab-item>
+                <v-card
+                  text
+                  class="my-0"
+                >
+                  <v-card-text class="pt-0">
+                    <p>
+                      Completely synergize resource taxing relationships via premier niche markets. Professionally cultivate one-to-one customer service with robust ideas.
+                    </p>
+
+                    <div>
+                      Dynamically innovate resource-leveling customer service for state of the art customer service.
+                    </div>
+                  </v-card-text>
+                </v-card>
+              </v-tab-item>
+            </base-material-tabs>
+          </v-card-text>
+        </v-card>
+      </v-col>
+
+      <v-col
+        cols="12"
+        md="6"
+      >
+        <v-card>
+          <v-card-text>
+            <base-subheading subheading="Collapsible Accordion" />
+
+            <v-expansion-panels>
+              <v-expansion-panel
+                v-for="n in 5"
+                :key="n"
+              >
+                <v-expansion-panel-header>
+                  Collapsible Group Item #{{ n }}
+                </v-expansion-panel-header>
+
+                <v-expansion-panel-content>
+                  Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor, sunt aliqua put a bird on it squid single-origin coffee nulla assumenda shoreditch et. Nihil anim keffiyeh helvetica, craft beer labore wes anderson cred nesciunt sapiente ea proident. Ad vegan excepteur butcher vice lomo. Leggings occaecat craft beer farm-to-table, raw denim aesthetic synth nesciunt you probably haven't heard of them accusamus labore sustainable VHS.
+                </v-expansion-panel-content>
+              </v-expansion-panel>
+            </v-expansion-panels>
+          </v-card-text>
+        </v-card>
+      </v-col>
+
+      <v-col
+        class="mb-12"
+        cols="12"
+        md="6"
+      >
+        <v-card>
+          <v-card-text>
+            <base-subheading
+              subheading="Navigation Pills"
+              text="Vertical Tabs"
+            />
+
+            <base-material-tabs
+              color="success"
+              icons-and-text
+              vertical
+            >
+              <v-tab
+                v-for="(tab, i) in tabs2"
+                :key="i"
+                class="mb-5"
+              >
+                {{ tab.text }}
+                <v-icon v-text="tab.icon" />
+              </v-tab>
+
+              <v-tab-item>
+                <v-card
+                  text
+                  class="my-0"
+                >
+                  <v-card-text class="pt-0">
+                    <p>
+                      Collaboratively administrate empowered markets via plug-and-play networks. Dynamically procrastinate B2C users after installed base benefits.
+                    </p>
+
+                    <p>
+                      Dramatically visualize customer directed convergence without revolutionary ROI. Collaboratively administrate empowered markets via plug-and-play networks. Dynamically procrastinate B2C users after installed base benefits.
+                    </p>
+
+                    <div>
+                      Dramatically visualize customer directed convergence without revolutionary ROI. Collaboratively administrate empowered markets via plug-and-play networks. Dynamically procrastinate B2C users after installed base benefits.
+                    </div>
+                  </v-card-text>
+                </v-card>
+              </v-tab-item>
+
+              <v-tab-item>
+                <v-card
+                  text
+                  class="my-0"
+                >
+                  <v-card-text class="pt-0">
+                    <p>
+                      Efficiently unleash cross-media information without cross-media value. Quickly maximize timely deliverables for real-time schemas.
+                    </p>
+
+                    <div>
+                      Dramatically maintain clicks-and-mortar solutions without functional solutions.
+                    </div>
+                  </v-card-text>
+                </v-card>
+              </v-tab-item>
+            </base-material-tabs>
+          </v-card-text>
+        </v-card>
+      </v-col>
+
+      <v-col
+        class="mx-auto"
+        cols="12"
+        md="8"
+      >
+        <div class="text-center headline font-weight-light mb-12 pl-0">
+          Page Subcategories
+        </div>
+
+        <base-material-tabs
+          v-model="tab"
+          background-color="transparent"
+          centered
+          color="warning"
+          icons-and-text
+        >
+          <v-tab
+            v-for="(tab, i) in tabs3"
+            :key="i"
+          >
+            {{ tab.text }}
+            <v-icon v-text="tab.icon" />
+          </v-tab>
+
+          <v-tabs-items
+            v-model="tab"
+            class="pt-12 transparent"
+          >
+            <v-tab-item>
+              <v-card class="mt-0 px-5">
+                <v-card-text>
+                  <base-subheading subheading="Description about product">
+                    <p class="grey--text body-2 font-weight-light">
+                      More Information here
+                    </p>
+                  </base-subheading>
+
+                  <p>
+                    Collaboratively administrate empowered markets via plug-and-play networks. Dynamically procrastinate B2C users after installed base benefits.
+                  </p>
+
+                  <div>
+                    Dramatically visualize customer directed convergence without revolutionary ROI. Collaboratively administrate empowered markets via plug-and-play networks. Dynamically procrastinate B2C users after installed base benefits.
+                  </div>
+                </v-card-text>
+              </v-card>
+            </v-tab-item>
+
+            <v-tab-item>
+              <v-card class="mt-0 px-5">
+                <v-card-text>
+                  <base-subheading subheading="Location of the product product">
+                    <p class="grey--text body-2 font-weight-light">
+                      More Information here
+                    </p>
+                  </base-subheading>
+
+                  <p>
+                    Efficiently unleash cross-media information without cross-media value. Quickly maximize timely deliverables for real-time schemas.
+                  </p>
+
+                  <div>
+                    Dramatically maintain clicks-and-mortar solutions without functional solutions
+                  </div>
+                </v-card-text>
+              </v-card>
+            </v-tab-item>
+
+            <v-tab-item>
+              <v-card class="mt-0 px-5">
+                <v-card-text>
+                  <base-subheading subheading="Legal info of the product product">
+                    <p class="grey--text body-2 font-weight-light">
+                      More Information here
+                    </p>
+                  </base-subheading>
+
+                  <p>
+                    Completely synergize resource taxing relationships via premier niche markets. Professionally cultivate one-to-one customer service with robust ideas.
+                  </p>
+
+                  <div>
+                    Dynamically innovate resource-leveling customer service for state of the art customer service.
+                  </div>
+                </v-card-text>
+              </v-card>
+            </v-tab-item>
+
+            <v-tab-item>
+              <v-card class="mt-0 px-5">
+                <v-card-text>
+                  <base-subheading heading="Help center">
+                    <p class="grey--text body-2 font-weight-light">
+                      More Information here
+                    </p>
+                  </base-subheading>
+
+                  <p>
+                    From the seamless transition of glass and metal to the streamlined profile, every detail was carefully considered to enhance your experience. So while its display is larger, the phone feels just right.
+                  </p>
+
+                  <div>
+                    Another Text. The first thing you notice when you hold the phone is how great it feels in your hand. The cover glass curves down around the sides to meet the anodized aluminum enclosure in a remarkable, simplified design.
+                  </div>
+                </v-card-text>
+              </v-card>
+            </v-tab-item>
+          </v-tabs-items>
+        </base-material-tabs>
+      </v-col>
+    </v-row>
+  </v-container>
+</template>
+
+<script>
+export default {
+  name: 'DashboardPanels',
+
+  data: () => ({
+    tab: 0,
+    tabs: [
+      'Profile',
+      'Settings',
+      'Options'
+    ],
+    tabs2: [
+      {
+        text: 'Home',
+        icon: 'mdi-view-dashboard'
+      },
+      {
+        text: 'Settings',
+        icon: 'mdi-clock-outline'
+      }
+    ],
+    tabs3: [
+      {
+        text: 'Description',
+        icon: 'mdi-information'
+      },
+      {
+        text: 'Location',
+        icon: 'mdi-map-marker'
+      },
+      {
+        text: 'Legal Info',
+        icon: 'mdi-gavel'
+      },
+      {
+        text: 'Help Center',
+        icon: 'mdi-help-circle-outline'
+      }
+    ]
+  })
+}
+</script>
diff --git a/web-app/src/admin/views/dashboard/component/Typography.vue b/web-app/src/admin/views/dashboard/component/Typography.vue
new file mode 100644
index 00000000..d0883c2d
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/component/Typography.vue
@@ -0,0 +1,120 @@
+<template>
+  <v-container
+    id="typography"
+    fluid
+    tag="section"
+  >
+    <base-v-component
+      heading="Typography"
+      link="styles/typography"
+    />
+
+    <v-row
+      align="center"
+      justify="center"
+    >
+      <v-col cols="12">
+        <base-material-card
+          color="green"
+        >
+          <template v-slot:heading>
+            <div class="display-2 font-weight-light">
+              Material Dashboard Heading
+            </div>
+
+            <div class="subtitle-1 font-weight-light">
+              Created using Roboto Font Family
+            </div>
+          </template>
+
+          <v-card-text>
+            <v-container
+              class="pa-0"
+              fluid
+            >
+              <v-row
+                v-for="(t, i) in typography"
+                :key="i"
+                align="center"
+              >
+                <v-col
+                  cols="1"
+                  md="3"
+                >
+                  <span
+                    class="tim-note"
+                    v-text="t[0]"
+                  />
+                </v-col>
+
+                <v-col cols="8">
+                  <component
+                    :is="t[2]"
+                    :class="i"
+                  >
+                    <template v-if="i !== 'quote'">
+                      {{ t[1] }}
+                    </template>
+
+                    <p v-if="i === 'quote'">
+                      {{ t[1] }}
+                    </p>
+                    <small v-if="i === 'quote'">Kanye West, Musician</small>
+
+                    <template v-if="i === 'small'">
+                      <br>
+                      <small>Use 'small' tag for the headers</small>
+                    </template>
+                  </component>
+                </v-col>
+              </v-row>
+            </v-container>
+          </v-card-text>
+        </base-material-card>
+      </v-col>
+    </v-row>
+  </v-container>
+</template>
+
+<script>
+const leader = 'I will be the leader of a company that ends up being worth billions of dollars, because I got the answers. I understand culture. I am the nucleus. I think that’s a responsibility that I have, to push possibilities, to show people, this is the level that things could be at.'
+const leaderShort = leader.slice(0, 105) + '...'
+const material = 'The Life of Material Dashboard'
+const small = 'Header with small subtitle'
+
+export default {
+  data: () => ({
+    typography: {
+      'display-4': ['Display 4', material, 'h1'],
+      'display-3': ['Display 3', material, 'h2'],
+      'display-2': ['Display 2', material, 'h3'],
+      'display-1': ['Display 1', material, 'h4'],
+      headline: ['Headline', material, 'h5'],
+      'title text-uppercase': ['Title', material, 'h6'],
+      '': ['Paragraph', leader, 'p'],
+      blockquote: ['Quote', leader, 'blockquote'],
+      'text--disabled': ['Muted Text', leaderShort, 'p'],
+      'primary--text': ['Primary Text', leaderShort, 'p'],
+      'info--text': ['Info Text', leaderShort, 'p'],
+      'success--text': ['Success Text', leaderShort, 'p'],
+      'warning--text': ['Warning Text', leaderShort, 'p'],
+      'danger--text': ['Danger Text', leaderShort, 'p'],
+      small: ['Small Tag', small, 'h2']
+    }
+  })
+}
+</script>
+
+<style lang="scss">
+  .tim-note {
+    bottom: 10px;
+    color: #c0c1c2;
+    display: block;
+    font-weight: 400;
+    font-size: 13px;
+    line-height: 13px;
+    left: 0;
+    margin-left: 20px;
+    width: 260px;
+  }
+</style>
diff --git a/web-app/src/admin/views/dashboard/components/AccountDetail.vue b/web-app/src/admin/views/dashboard/components/AccountDetail.vue
new file mode 100644
index 00000000..c10f8e8f
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/components/AccountDetail.vue
@@ -0,0 +1,64 @@
+# Copyright (C) 2021 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+<template>
+  <div
+        style="padding-top: 5px;">
+    <v-chip
+        @click="changeStorageDialog"
+        class="primary--text"
+        small
+    >
+      <v-icon class="mr-2">edit</v-icon>
+      change storage
+    </v-chip>
+  </div>
+</template>
+
+<script>
+import ChangeStorageDialog from '../components/ChangeStorageDialog'
+import CommonAPI from '../../../mixins/CommonAPI'
+import OrganisationMixin from '@/mixins/Organisation'
+import { mapState } from 'vuex'
+
+export default {
+  name: 'AccountDetail',
+  mixins: [CommonAPI, OrganisationMixin],
+  props: {
+    type: String
+  },
+  computed: {
+    ...mapState('admin', ['userAdminProfile']),
+    ...mapState(['organisation']),
+    account () {
+      if (this.type === 'user' && this.userAdminProfile) {
+        return this.userAdminProfile.account
+      } else if (this.organisation) {
+        return this.organisation.account
+      }
+      return null
+    }
+  },
+  methods: {
+    changeStorageDialog () {
+      const props = { rawStorage: this.type === 'user' ? this.userAdminProfile.profile.storage : this.organisation.storage, accountId: this.account.id }
+      const dialog = { maxWidth: 500, persistent: true }
+      const listeners = {
+        success: () => this.type === 'user' ? this.fetchUserProfileByName(this.userAdminProfile.username) : this.getOrganisation(this.organisation.name)
+      }
+      this.$dialog.show(ChangeStorageDialog, { props, listeners, dialog })
+    }
+  }
+}
+</script>
+
+<style lang="scss"  scoped>
+button {
+  padding-left: 10px;
+  height: 35px;
+  padding-right: 10px;
+  width: 100%;
+  i {
+    font-size: 13px;
+  }
+}
+</style>
diff --git a/web-app/src/admin/views/dashboard/components/AdminProjectPermissions.vue b/web-app/src/admin/views/dashboard/components/AdminProjectPermissions.vue
new file mode 100644
index 00000000..15a4545b
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/components/AdminProjectPermissions.vue
@@ -0,0 +1,184 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-layout class="no-shrink column">
+    <v-layout class="public-private-zone">
+      <span class="private-public-text" v-if="value.public">
+          <b>This is public project</b><br>
+      </span>
+      <span class="private-public-text" v-else>
+          <b>This is private project</b><br>
+      </span>
+      <v-spacer/>
+    </v-layout>
+    <label class="mt-4 grey--text text--darken-1">Members:</label>
+    <v-data-table
+        :headers="header"
+        :items="displayedValues"
+        no-data-text="No users"
+        hide-default-header
+        :hide-default-footer="displayedValues.length <= 10"
+    >
+      <template v-slot:header="{ props: { headers } }">
+        <thead>
+        <tr>
+          <th v-bind:key="header.text" v-for="header in headers" :style="`width: ${header.width}px`">
+            <span>
+              {{ header.text }}
+            </span>
+          </th>
+        </tr>
+        </thead>
+      </template>
+
+      <template v-slot:item="{ item }">
+        <tr>
+          <td>
+            <v-tooltip top v-if="item.user.profile.first_name || item.user.profile.last_name">
+              <template v-slot:activator="{ on }">
+              <b v-on="on">
+                {{ item.user.username }}
+              </b>
+              </template>
+              <span>
+              <span v-if="item.user.profile.first_name">{{ item.user.profile.first_name }}</span>
+              <span v-if="item.user.profile.last_name"> {{ item.user.profile.last_name }}</span>
+            </span>
+            </v-tooltip>
+            <b v-else>
+              {{ item.user.username }}
+            </b>
+          </td>
+          <td>
+              <b >{{ item.permissions }}</b>
+          </td>
+        </tr>
+      </template>
+    </v-data-table>
+  </v-layout>
+</template>
+
+<script>
+import sortBy from 'lodash/sortBy'
+import toLower from 'lodash/toLower'
+import { mapState } from 'vuex'
+import union from 'lodash/union'
+import chunk from 'lodash/chunk'
+
+export default {
+  name: 'AdminProjectPermissions',
+  props: {
+    value: Object
+  },
+  data () {
+    return {
+      // search data
+      userQuery: '',
+      isLoading: false,
+      searchResults: [],
+      user: null,
+      users: [],
+      header: [
+        {
+          text: 'User',
+          align: 'left',
+          sortable: false
+        }, {
+          text: 'Permissions',
+          sortable: false
+        }
+      ],
+      originalValue: null
+    }
+  },
+  computed: {
+    ...mapState(['project', 'app']),
+    displayedValues () {
+      const { ownersnames, writersnames } = this.value
+      const users = this.users.map(user => ({
+        username: toLower(user.username),
+        user,
+        permissions: ownersnames.includes(user.username) ? 'owner' : writersnames.includes(user.username) ? 'writer' : 'reader'
+      }))
+      return sortBy(users, 'username')
+    }
+  },
+  created () {
+    this.originalValue = JSON.parse(JSON.stringify(this.value))
+  },
+  watch: {
+    users: {
+      immediate: true,
+      deep: true,
+      handler (access) {
+        const { ownersnames, readersnames, writersnames } = this.value
+        const names = union(ownersnames, readersnames, writersnames)
+        // server returns only 5 entries from db for single call
+        const chunks = chunk(names, 5)
+        Promise.all(chunks.map(async (item) => {
+          const params = { names: item.join(',') }
+          await this.$http.get('/auth/user/search', { params }).then(resp => {
+            resp.data
+              .filter(i => !this.users.map(u => u.username).includes(i.username))
+              .map(i => (this.users.push(i)))
+          })
+        }))
+      }
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.no-shrink {
+  flex: 0 0 auto;
+}
+label {
+  font-weight: 500;
+}
+::v-deep {
+  .v-data-table__overflow {
+    margin: 0.5em 0;
+    border: 1px solid #ddd;
+    border-radius: 3px;
+    padding: 0.5em;
+    background-color: #f9f9f9;
+    .v-datatable {
+      background-color: transparent;
+    }
+  }
+}
+
+.v-list-item-content{
+  b {
+    margin-right: 10px;
+  }
+  span {
+    margin-right: 3px;
+    font-size: 12px;
+  }
+}
+
+.private-public-btn {
+  font-size: 12px;
+  padding-left: 20px;
+  padding-right: 20px;
+  span {
+      font-weight: 700;
+  }
+}
+
+.private-public-text {
+  font-size: 14px;
+}
+
+.public-private-zone {
+  margin-top: 20px;
+  margin-bottom: 20px;
+  button {
+    margin-right: 20px;
+    margin-top: 1px;
+  }
+}
+</style>
diff --git a/web-app/src/admin/views/dashboard/components/ChangeStorageDialog.vue b/web-app/src/admin/views/dashboard/components/ChangeStorageDialog.vue
new file mode 100644
index 00000000..72356fb6
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/components/ChangeStorageDialog.vue
@@ -0,0 +1,85 @@
+# Copyright (C) 2021 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+<template>
+  <v-form ref="form">
+  <v-card v-on:keyup.enter="submit" v-on:keyup.esc="closeIt">
+    <v-card-title>
+      <span class="headline">
+        <span>Change storage</span>
+      </span>
+    </v-card-title>
+    <v-card-text>
+      <p
+        v-if="errorMsg"
+        class="text-xs-center red--text"
+        v-text="errorMsg"
+      />
+
+      <v-text-field
+          autofocus
+          type="number"
+          label="storage"
+          v-model="storage"
+          suffix="MB"
+          :min="1"
+        />
+
+        <v-card-actions>
+          <v-spacer/>
+          <v-btn class="black--text" @click="$dialog.close">
+            Close
+          </v-btn>
+          <v-btn
+            class="orange white--text"
+            @click="submit"
+          >
+            Save
+          </v-btn>
+        </v-card-actions>
+    </v-card-text>
+  </v-card>
+</v-form>
+</template>
+
+<script>
+import FormMixin from '@/mixins/Form'
+import CommonAPI from '@/admin/mixins/CommonAPI'
+
+export default {
+  name: 'ChangeStorageDialog',
+  mixins: [FormMixin, CommonAPI],
+  props: {
+    rawStorage: Number,
+    accountId: Number
+  },
+  data () {
+    return {
+      storage: null
+    }
+  },
+  created () {
+    this.storage = parseInt(this.rawStorage / (1024 * 1024))
+  },
+  methods: {
+    submit () {
+      this.clearErrors()
+      const storage = this.storage * 1024 * 1024
+      const promise = this.updateAccountStorage(this.accountId, storage)
+      const errMessage = 'Failed to update account\'s storage'
+      Promise.resolve(promise).then(() => {
+        this.$dialog.close()
+        this.$emit('success')
+      }).catch(err => {
+        this.handleError(err, errMessage)
+      })
+    },
+    closeIt () {
+      this.$dialog.close()
+    }
+  }
+}
+</script>
+
+<style scoped>
+
+</style>
diff --git a/web-app/src/admin/views/dashboard/components/OrganisationPermissions.vue b/web-app/src/admin/views/dashboard/components/OrganisationPermissions.vue
new file mode 100644
index 00000000..1f9a5049
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/components/OrganisationPermissions.vue
@@ -0,0 +1,125 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+    <v-layout class="no-shrink column">
+  <v-data-table
+      :headers="header"
+      :items="organisation.readers"
+      no-data-text="No users"
+      hide-default-footer
+      hide-default-header
+    >
+      <template v-slot:header="{ props: { headers } }">
+        <thead class="v-data-table-header">
+        <tr>
+          <th v-bind:key="header.value" v-for="header in headers">
+        <v-tooltip v-if="header.tooltip" top>
+          <template v-slot:activator="{ on }">
+          <span v-on="on">
+            {{ header.text }}
+          </span>
+          </template>
+          <span>
+            {{ header.tooltip }}
+          </span>
+        </v-tooltip>
+        <span v-else>
+          {{ header.text }}
+        </span>
+        </th>
+        </tr>
+        </thead>
+      </template>
+
+      <template v-slot:item="{ item }">
+      <tr>
+        <td>
+          <b>
+            {{ item }}
+          </b>
+        </td>
+        <td>
+            {{ rights(item) }}
+        </td>
+      </tr>
+      </template>
+    </v-data-table>
+    </v-layout>
+</template>
+
+<script>
+import { mapState } from 'vuex'
+import OrganisationMixin from '@/mixins/Organisation'
+export default {
+  name: 'OrganisationPermissions',
+  mixins: [OrganisationMixin],
+  props: {
+    name: String
+  },
+  computed: {
+    ...mapState(['organisation'])
+  },
+  data () {
+    return {
+      header: [
+        {
+          text: 'User',
+          align: 'left',
+          sortable: false
+        },
+        {
+          text: 'Permission',
+          align: 'left',
+          sortable: false,
+          width: '180',
+          tooltip: 'Permission selection for the user'
+        }
+      ]
+    }
+  },
+  created () {
+    if (!this.organisation || this.organisation.name !== this.name) {
+      this.getOrganisation(this.name)
+    }
+  },
+  methods: {
+    rights (username) {
+      if (this.organisation.owners.includes(username)) {
+        return 'owner'
+      } else if (this.organisation.admins.includes(username)) {
+        return 'admin'
+      } else if (this.organisation.writers.includes(username)) {
+        return 'writer'
+      } else {
+        return 'reader'
+      }
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.no-shrink {
+  flex: 0 0 auto;
+}
+label {
+  font-weight: 500;
+}
+::v-deep {
+  .v-data-table__overflow {
+    margin: 0.5em 0;
+    border: 1px solid #ddd;
+    border-radius: 3px;
+    padding: 0.5em;
+    background-color: #f9f9f9;
+    .v-datatable {
+      background-color: transparent;
+    }
+  }
+}
+.input-selection{
+  padding: 0;
+  font-size: 12px;
+}
+</style>
diff --git a/web-app/src/admin/views/dashboard/components/ProjectsTable.vue b/web-app/src/admin/views/dashboard/components/ProjectsTable.vue
new file mode 100644
index 00000000..e2e1f59f
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/components/ProjectsTable.vue
@@ -0,0 +1,501 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <div>
+    <portal to="additional-action" class="xxx">
+        <v-menu
+          class="filter-menu"
+          :close-on-content-click="false">
+          <template v-slot:activator="{ on: menu, attrs }">
+             <v-tooltip
+              top>
+          <template v-slot:activator="{ on: tooltip }">
+          <v-btn
+            :class="(searchFilterByNamespace || searchFilterByProjectName || searchFilterByDay) ? 'activate': ''"
+            v-bind="attrs"
+            v-on="{ ...tooltip, ...menu }"
+            icon small
+          >
+            Filter <v-icon>filter_list</v-icon>
+          </v-btn>
+          </template>
+        <span>Filter data</span>
+      </v-tooltip>
+    </template>
+          <v-list dense>
+            <v-list-item > <!-- v-if="showNamespace" -->
+              <v-list-item-title>Namespace</v-list-item-title>
+              <v-list-item-action>
+                <v-text-field
+                  class="search"
+                  placeholder="Filter by owner"
+                  append-icon="search"
+                  v-model="searchFilterByNamespace"
+                  @input="filterData"
+                  hide-details
+                />
+              </v-list-item-action>
+            </v-list-item>
+            <v-list-item>
+              <v-list-item-title>Project name</v-list-item-title>
+              <v-list-item-action>
+                <v-text-field
+                  class="search"
+                  placeholder="Filter by project name"
+                  append-icon="search"
+                  v-model="searchFilterByProjectName"
+                  @input="filterData"
+                  hide-details
+                />
+              </v-list-item-action>
+            </v-list-item>
+            <v-list-item>
+              <v-list-item-title>Last update in</v-list-item-title>
+              <v-list-item-action>
+                <v-text-field
+                  type="number"
+                  min="0"
+                  class="search"
+                  placeholder="Filter by XX days old"
+                  append-icon="search"
+                  v-model="searchFilterByDay"
+                  @input="filterData"
+                  hide-details
+                />
+              </v-list-item-action>
+            </v-list-item>
+          </v-list>
+        </v-menu>
+    </portal>
+    <portal to="delete-button">
+      <v-btn
+        :disabled="!selected.length"
+        @click="confirmDelete"
+        class="error--text"
+        rounded
+      >
+        <v-icon class="mr-2">remove_circle</v-icon>
+        Delete
+      </v-btn>
+    </portal>
+    <portal to="accept-request-button">
+      <v-btn
+        :disabled="!selected.length"
+        @click="confirmAcceptRequest"
+        class="success--text"
+        rounded
+      >
+        Accept request
+      </v-btn>
+    </portal>
+    <v-data-table
+      :headers="header"
+      :items="projects"
+      ref="table"
+      no-data-text="No projects"
+      color="primary"
+      footer-props.items-per-page-options='[10, 25, {"text": "$vuetify.dataIterator.rowsPerPageAll","value": -1}]'
+      :hide-default-footer="numberOfItems <= 10 || !showFooter"
+      v-model="selected"
+      item-key="updated"
+      :options="options"
+      :server-items-length="numberOfItems"
+      v-on:update:options="paginating"
+      :loading="loading"
+      loading-text="Loading... Please wait"
+    >
+      <template v-slot:item="{ item }">
+        <tr>
+        <td v-if="showNamespace">
+          <router-link :to="{name: `${asAdmin ? 'admin-': ''}namespace-projects`, params: {namespace: item.namespace}}">
+            <strong>{{ item.namespace }}</strong>
+          </router-link>
+        </td>
+        <td>
+          <router-link :to="{name: `${asAdmin ? 'admin-': ''}project`, params: {namespace: item.namespace, projectName: item.name}}">
+            <strong>{{ item.name }}</strong>
+          </router-link>
+        </td>
+        <td class="flags">
+          <v-tooltip bottom
+            v-if="!item.access.public">
+            <template v-slot:activator="{ on }">
+            <v-icon
+              v-text="'lock'"
+              small
+              v-on="on"
+            />
+            </template>
+            <span>Private project</span>
+          </v-tooltip>
+          <v-tooltip bottom :class="{ hidden: !item.permissions.upload }">
+            <template v-slot:activator="{ on }">
+            <v-icon
+              v-text="'cloud_upload'"
+              small
+              v-on="on"
+            />
+            </template>
+            <span>Can upload</span>
+          </v-tooltip>
+        </td>
+        <td>
+          <v-tooltip bottom>
+            <template v-slot:activator="{ on }">
+            <span v-on="on">{{ item.updated | timediff }}</span>
+            </template>
+            <span>{{ item.updated | datetime }}</span>
+          </v-tooltip>
+        </td>
+        <td>
+            {{ item.disk_usage | filesize('MB') }}
+        </td>
+        <td v-if="isRequest()">
+          <strong>{{ item.transfers[0].to_ns_name }}</strong>
+        </td>
+        </tr>
+      </template>
+    </v-data-table>
+  </div>
+</template>
+
+<script>
+import { waitCursor, removeAccents } from '@/util'
+import { mapState } from 'vuex'
+
+import pickBy from 'lodash/pickBy'
+import mapValues from 'lodash/mapValues'
+import debounce from 'debounce'
+
+
+const TagsLabels = {
+  valid_qgis: 'QGIS',
+  input_use: 'Input',
+  mappin_use: 'Mappin'
+}
+
+export default {
+  name: 'projects-table',
+  props: {
+    showNamespace: Boolean,
+    onlyPublic: {
+      type: Boolean,
+      default: false
+    },
+    namespace: String,
+    sortable: {
+      type: Boolean,
+      default: true
+    },
+    asAdmin: {
+      type: Boolean,
+      default: false
+    },
+    public: {
+      type: Boolean,
+      default: true
+    },
+    showFooter: {
+      type: Boolean,
+      default: true
+    },
+    initialOptions: {
+      type: Object,
+      default: () => ({
+        sortBy: ['updated'],
+        sortDesc: [true],
+        itemsPerPage: 10,
+        page: 1
+      })
+    }
+  },
+  data () {
+    return {
+      options: Object.assign({}, this.initialOptions),
+      activeTags: [],
+      selected: [],
+      searchFilterByProjectName: '',
+      searchFilterByNamespace: '',
+      searchFilterByDay: '',
+      numberOfItems: 0,
+      loading: false,
+      projects: []
+    }
+  },
+  computed: {
+    ...mapState(['app']),
+    header () {
+      let header = []
+      if (this.showNamespace) {
+        header.push({ text: 'Namespace', value: 'namespace', sortable: this.sortable })
+      }
+      header = header.concat(
+        { text: 'Name', value: 'name', sortable: this.sortable },
+        { text: '', width: 90, sortable: false },
+        { text: 'Last Update', value: 'updated', sortable: this.sortable },
+        { text: 'Size', value: 'meta.size', sortable: this.sortable }
+      )
+      if (this.isRequest()) {
+        header.push({ text: 'Transferred to', value: 'transfers[0].to_ns_name', sortable: false })
+      }
+      return header
+    },
+    tags () {
+      return mapValues(TagsLabels, (v, k) => ({
+        label: TagsLabels[k],
+        active: this.activeTags.includes(k)
+      }))
+    }
+  },
+  watch: {
+    $route: {
+      immediate: true,
+      handler: 'changedRoute'
+    }
+  },
+  created () {
+    this.filterData = debounce(this.filterData, 3000)
+  },
+  methods: {
+    paginating (options) {
+      this.options = options
+      this.fetchProjects()
+    },
+    changedRoute () {
+      this.options.page = 1
+      this.fetchProjects()
+    },
+    fetchProjects () {
+      this.loading = true
+      this.tagsFromQuery()
+      let params = {}
+      params = (this.$route.name === 'shared_projects' || this.$route.name === 'my_projects') ? { flag: this.$route.meta.flag } : {}
+      params.page = this.options.page
+      params.per_page = this.options.itemsPerPage
+      if (this.options.sortBy[0]) {
+        let orderParam = ''
+        if (this.options.sortBy[0] === 'meta.size') {
+          orderParam = 'disk_usage'
+        } else {
+          orderParam = this.options.sortBy[0] === 'owner' ? 'namespace' : this.options.sortBy[0]
+        }
+        params.order_params = orderParam + (this.options.sortDesc[0] ? '_desc' : '_asc')
+      }
+      if (this.searchFilterByProjectName) {
+        params.name = removeAccents(this.searchFilterByProjectName.trim())
+      }
+      if (this.searchFilterByNamespace) {
+        params.namespace = removeAccents(this.searchFilterByNamespace.trim())
+      }
+      if (this.activeTags.length) {
+        params.tags = this.activeTags
+      }
+      if (this.namespace) {
+        params.only_namespace = this.namespace
+      }
+      if (this.asAdmin) {
+        params.as_admin = true
+      }
+      if (!this.public) {
+        params.public = false
+      }
+      if (this.onlyPublic) {
+        params.only_public = true
+      }
+      if (this.searchFilterByDay && this.searchFilterByDay >= 0) {
+        params.last_updated_in = this.searchFilterByDay
+      }
+      this.$http('/v1/project/paginated', { params })
+        .then(resp => {
+          this.projects = resp.data.projects
+          this.numberOfItems = resp.data.count
+          this.loading = false
+        })
+        .catch(() => {
+          this.$notification.error('Failed to fetch list of projects')
+        })
+    },
+    isRequest () {
+      return this.$route.meta.flag === 'request'
+    },
+    tagsFromQuery () {
+      const tags = this.$route.query.tags
+      this.activeTags = tags ? tags.split(',') : []
+    },
+    toggleTag (tag) {
+      if (this.activeTags.includes(tag)) {
+        this.activeTags = this.activeTags.filter(t => t !== tag)
+      } else {
+        this.activeTags.push(tag)
+      }
+
+      let { path, query } = this.$route
+      query = {
+        ...query,
+        tags: Object.keys(pickBy(this.tags, t => t.active)).join(',')
+      }
+      // clean from empty parameters
+      query = pickBy(query, param => param && param.length)
+      this.$router.push({ path, query })
+    },
+    addTag (tag) {
+      if (!this.tags[tag].active) {
+        this.toggleTag(tag)
+      }
+    },
+    selectedShowedProjects () {
+      const selected = []
+      const that = this
+      this.$refs.table.filteredItems.forEach(function (project) {
+        const identifier = that.projectIdentifier(project)
+        if (that.selected.includes(identifier)) {
+          selected.push(identifier)
+        }
+      })
+      return selected
+    },
+    deleteProjects (selectedProjects) {
+      waitCursor(true)
+      const promises = selectedProjects.map(id => {
+        const params = {
+          'axios-retry': { retries: 5 }
+        }
+        return this.$http.delete(`/v1/project/${id}`, params)
+      })
+
+      Promise.all(promises).then(() => {
+        this.selected = []
+        this.fetchProjects()
+        waitCursor(false)
+      }).catch(err => {
+        const msg = (err.response && err.response.status === 503) ? err.response.data.detail : 'Unable to remove projects'
+        this.$notification.error(msg)
+        waitCursor(false)
+      })
+    },
+    confirmDelete () {
+      const selected = this.selectedShowedProjects()
+      if (selected.length === 0) {
+        return
+      }
+      const props = {
+        text: 'Are you sure to delete project ' + selected.join(', ') + '?',
+        confirmText: 'Delete'
+      }
+      const listeners = {
+        confirm: () => this.deleteProjects(selected)
+      }
+      this.$dialog.prompt({ props, listeners, dialog: { maxWidth: 500 } })
+    },
+    acceptProjectRequests (selectedProjects) {
+      waitCursor(true)
+      const promises = selectedProjects.map(id => {
+        const params = {
+          'axios-retry': { retries: 5 }
+        }
+        return this.$http.post(`/v1/project/transfer/${id}`, params)
+      })
+
+      Promise.all(promises).then(() => {
+        this.selected = []
+        this.fetchProjects()
+        waitCursor(false)
+      }).catch(err => {
+        const msg = (err.response && err.response.status === 503) ? err.response.data.detail : 'Unable to remove projects'
+        this.$notification.error(msg)
+        waitCursor(false)
+      })
+    },
+    confirmAcceptRequest () {
+      let selected = this.selectedShowedProjects()
+      if (selected.length === 0) {
+        return
+      }
+      const props = {
+        text: 'Are you sure to accept the projects ' + selected.join(', ') + '?',
+        confirmText: 'Accept'
+      }
+
+      // get the transfer id
+      selected = []
+      const that = this
+      this.$refs.table.filteredItems.forEach(function (project) {
+        const identifier = that.projectIdentifier(project)
+        if (that.selected.includes(identifier)) {
+          selected.push(project.transfer)
+        }
+      })
+      const listeners = {
+        confirm: () => {
+          this.acceptProjectRequests(selected)
+        }
+      }
+      this.$dialog.prompt({ props, listeners, dialog: { maxWidth: 500 } })
+    },
+    projectIdentifier (project) {
+      return project.namespace + '/' + project.name
+    },
+    changeSort (column) {
+      if (this.pagination.sortBy === column) {
+        this.pagination.descending = !this.pagination.descending
+      } else {
+        this.pagination.sortBy = column
+        this.pagination.descending = false
+      }
+    },
+    filterData () {
+      this.options.page = 1
+      this.fetchProjects()
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.v-data-table {
+  td {
+    text-align: left;
+    &.flags {
+      .v-icon {
+        margin: 0 1px;
+        cursor: default;
+      }
+    }
+  }
+  a {
+    text-decoration: none;
+  }
+  .v-chip {
+    margin: 0;
+    margin-right: 0.5em;
+    height: 1.6em;
+    ::v-deep .v-chip__content {
+      cursor: pointer;
+      padding: 0 0.5em;
+      font-size: 85%;
+    }
+  }
+  .hidden {
+    opacity: 0;
+    pointer-events: none;
+  }
+}
+.v-input {
+  padding-top: 0!important;
+  margin-top: 0!important;
+}
+
+.v-list__tile__title{
+  width: 110px;
+  font-weight: 800;
+}
+
+.filter-menu {
+  .activate {
+    border: 1px solid black;
+    border-radius: 5px;
+  }
+}
+
+</style>
diff --git a/web-app/src/admin/views/dashboard/components/RemovedProjectsTable.vue b/web-app/src/admin/views/dashboard/components/RemovedProjectsTable.vue
new file mode 100644
index 00000000..a0a4a55b
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/components/RemovedProjectsTable.vue
@@ -0,0 +1,236 @@
+# Copyright (C) 2021 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+    <v-data-table
+      :headers="header"
+      :items="projects"
+      ref="table"
+      no-data-text="No removed projects"
+      color="primary"
+      footer-props.items-per-page-options='[10, 25, {"text": "$vuetify.dataIterator.rowsPerPageAll","value": -1}]'
+      :hide-default-footer="count <= 10"
+      item-key="updated"
+      :options="options"
+      :server-items-length="count"
+      v-on:update:options="paginating"
+      :loading="loading"
+      loading-text="Loading... Please wait"
+    >
+      <template v-slot:item="{ item }">
+        <tr>
+          <td>
+            {{ item.namespace }}
+          </td>
+          <td>
+            {{ item.name }}
+          </td>
+          <td>
+            {{ item.properties.disk_usage | filesize('MB')}}
+          </td>
+          <td>
+            {{ item.properties.latest_version }}
+          </td>
+          <td>
+            <v-tooltip bottom>
+              <template v-slot:activator="{ on }">
+              <span v-on="on">{{ item.timestamp | timediff }}</span>
+              </template>
+              <span>{{ item.timestamp | datetime }}</span>
+            </v-tooltip>
+          </td>
+          <td>
+              {{ item.removed_by }}
+          </td>
+          <td class="justify-center px-0">
+            <div style="text-align: end">
+              <v-chip
+              @click="restoreProjectConfirmation(item)"
+              elevation="0"
+              color="green"
+              class="white--text"
+            >
+              restore
+            </v-chip>
+            <v-chip
+              @click="removeProjectConfirmation(item)"
+              elevation="0"
+              color="red"
+              class="white--text"
+            >
+              remove
+            </v-chip>
+            </div>
+          </td>
+        </tr>
+      </template>
+    </v-data-table>
+</template>
+
+<script>
+import { waitCursor } from '@/util'
+import debounce from 'debounce'
+import CommonAPI from '@/admin/mixins/CommonAPI'
+
+
+export default {
+  name: 'removed-projects-table',
+  mixins: [CommonAPI],
+  data () {
+    return {
+      options: {
+        sortBy: ['timestamp'],
+        sortDesc: [true],
+        itemsPerPage: 25,
+        page: 1
+      },
+      loading: false,
+      header: [
+        { text: 'Owner', value: 'namespace', sortable: true },
+        { text: 'Name', value: 'name', sortable: true },
+        { text: 'Size', value: 'properties.disk_usage', sortable: false },
+        { text: 'Version', value: 'properties.latest_version', sortable: false },
+        { text: 'Removed', value: 'timestamp', sortable: true },
+        { text: 'Removed by', value: 'removed_by', sortable: false },
+        { text: '', sortable: false }
+      ],
+      projects: [],
+      count: 0
+    }
+  },
+  created () {
+    this.filterData = debounce(this.filterData, 3000)
+  },
+  methods: {
+    paginating (options) {
+      this.options = options
+      this.fetchProjects()
+    },
+    async fetchProjects () {
+      this.loading = true
+      const params = {
+        page: this.options.page,
+        per_page: this.options.itemsPerPage
+      }
+      if (this.options.sortBy[0]) {
+        params.descending = this.options.sortDesc[0]
+        params.order_by = this.options.sortBy[0]
+      }
+      const result = await this.fetchRemovedProjects(params)
+      if (result.success) {
+        this.projects = result.projects
+        this.count = result.count
+      } else {
+        this.$notification.error(result.message)
+      }
+      this.loading = false
+    },
+    async deleteProject (id) {
+      waitCursor(true)
+      const result = await this.removeProject(id)
+      if (result.success) {
+        const index = this.projects.findIndex(i => i.id === id)
+        this.projects.splice(index, 1)
+        this.$notification.show('Project removed successfully')
+      } else {
+        this.$notification.error(result.message)
+      }
+      waitCursor(false)
+    },
+    restoreProjectConfirmation (item) {
+      const props = {
+        text: `Are you sure to restore project <strong>${item.namespace}/${item.name}?</strong>`,
+        confirmText: 'Restore'
+      }
+      const listeners = {
+        confirm: async () => {
+          waitCursor(true)
+          const result = await this.restoreProject(item.id)
+          if (result.success) {
+            const index = this.projects.findIndex(i => i.id === item.id)
+            this.projects.splice(index, 1)
+            this.$notification.show('Project restored successfully')
+          } else {
+            this.$notification.error(result.message)
+          }
+          waitCursor(false)
+        }
+      }
+      this.$dialog.prompt({ props, listeners, dialog: { maxWidth: 500 } })
+    },
+    removeProjectConfirmation (item) {
+      const props = {
+        text: `Are you sure to remove project <strong>${item.namespace}/${item.name}</strong>?
+        <br> All files will be <strong>permanently deleted</strong> and project won't be able to be restored anymore.`,
+        confirmText: 'Delete'
+      }
+      const listeners = {
+        confirm: () => {
+          this.deleteProject(item.id)
+        }
+      }
+      this.$dialog.prompt({ props, listeners, dialog: { maxWidth: 500 } })
+    },
+    changeSort (column) {
+      if (this.pagination.sortBy === column) {
+        this.pagination.descending = !this.pagination.descending
+      } else {
+        this.pagination.sortBy = column
+        this.pagination.descending = false
+      }
+    },
+    filterData () {
+      this.options.page = 1
+      this.fetchProjects()
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.v-data-table {
+  td {
+    text-align: left;
+    &.flags {
+      .v-icon {
+        margin: 0 1px;
+        cursor: default;
+      }
+    }
+  }
+  a {
+    text-decoration: none;
+  }
+  .v-chip {
+    margin: 0;
+    margin-right: 0.3em;
+    height: 1.6em;
+    ::v-deep .v-chip__content {
+      cursor: pointer;
+      padding: 0 0.5em;
+      font-size: 85%;
+    }
+  }
+  .hidden {
+    opacity: 0;
+    pointer-events: none;
+  }
+}
+.v-input {
+  padding-top: 0!important;
+  margin-top: 0!important;
+}
+
+.v-list__tile__title{
+  width: 110px;
+  font-weight: 800;
+}
+
+.filter-menu {
+  .activate {
+    border: 1px solid black;
+    border-radius: 5px;
+  }
+}
+
+</style>
diff --git a/web-app/src/admin/views/dashboard/components/core/AppBar.vue b/web-app/src/admin/views/dashboard/components/core/AppBar.vue
new file mode 100644
index 00000000..f68cca2e
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/components/core/AppBar.vue
@@ -0,0 +1,156 @@
+<template>
+  <v-app-bar
+    id="app-bar"
+    absolute
+    app
+    color="transparent"
+    text
+    height="75"
+  >
+<!--    <v-btn-->
+<!--      class="mr-3"-->
+<!--      elevation="1"-->
+<!--      fab-->
+<!--      small-->
+<!--      @click="setDrawer(!drawer)"-->
+<!--    >-->
+<!--      <v-icon v-if="value">-->
+<!--        mdi-view-quilt-->
+<!--      </v-icon>-->
+
+<!--      <v-icon v-else>-->
+<!--        mdi-dots-vertical-->
+<!--      </v-icon>-->
+<!--    </v-btn>-->
+
+    <v-toolbar-title
+      class="hidden-sm-and-down font-weight-light"
+      v-text="$route.name"
+    />
+
+    <v-spacer />
+
+    <div class="mx-3" />
+
+<!--    <v-btn-->
+<!--      class="ml-2"-->
+<!--      min-width="0"-->
+<!--      text-->
+<!--      to="/"-->
+<!--    >-->
+<!--      <v-icon>mdi-view-dashboard</v-icon>-->
+<!--    </v-btn>-->
+
+    <v-menu
+      bottom
+      left
+      offset-y
+      origin="top right"
+      transition="scale-transition"
+    >
+<!--      <template v-slot:activator="{ attrs, on }">-->
+<!--        <v-btn-->
+<!--          class="ml-2"-->
+<!--          min-width="0"-->
+<!--          text-->
+<!--          v-bind="attrs"-->
+<!--          v-on="on"-->
+<!--        >-->
+<!--          <v-badge-->
+<!--            color="red"-->
+<!--            overlap-->
+<!--            bordered-->
+<!--          >-->
+<!--            <template v-slot:badge>-->
+<!--              <span>5</span>-->
+<!--            </template>-->
+
+<!--            <v-icon>mdi-bell</v-icon>-->
+<!--          </v-badge>-->
+<!--        </v-btn>-->
+<!--      </template>-->
+
+<!--      <v-list-->
+<!--        :tile="false"-->
+<!--        nav-->
+<!--      >-->
+<!--        <div>-->
+<!--          <app-bar-item-->
+<!--            v-for="(n, i) in notifications"-->
+<!--            :key="`item-${i}`"-->
+<!--          >-->
+<!--            <v-list-item-title v-text="n" />-->
+<!--          </app-bar-item>-->
+<!--        </div>-->
+<!--      </v-list>-->
+    </v-menu>
+
+<!--    <v-btn-->
+<!--      class="ml-2"-->
+<!--      min-width="0"-->
+<!--      text-->
+<!--      to="/pages/user"-->
+<!--    >-->
+<!--      <v-icon>mdi-account</v-icon>-->
+<!--    </v-btn>-->
+  </v-app-bar>
+</template>
+
+<script>
+// Components
+// import { VHover, VListItem } from 'vuetify/lib'
+
+// Utilities
+import { mapState, mapMutations } from 'vuex'
+
+export default {
+  name: 'DashboardCoreAppBar',
+
+  // components: {
+  //   AppBarItem: {
+  //     render (h) {
+  //       return h(VHover, {
+  //         scopedSlots: {
+  //           default: ({ hover }) => {
+  //             return h(VListItem, {
+  //               attrs: this.$attrs,
+  //               class: {
+  //                 'black--text': !hover,
+  //                 'white--text secondary elevation-12': hover
+  //               },
+  //               props: {
+  //                 activeClass: '',
+  //                 dark: hover,
+  //                 link: true,
+  //                 ...this.$attrs
+  //               }
+  //             }, this.$slots.default)
+  //           }
+  //         }
+  //       })
+  //     }
+  //   }
+  // },
+
+  props: {
+    value: {
+      type: Boolean,
+      default: false
+    }
+  },
+
+  data: () => ({
+    notifications: []
+  }),
+
+  computed: {
+    ...mapState(['drawer'])
+  },
+
+  methods: {
+    ...mapMutations({
+      setDrawer: 'SET_DRAWER'
+    })
+  }
+}
+</script>
diff --git a/web-app/src/admin/views/dashboard/components/core/Drawer.vue b/web-app/src/admin/views/dashboard/components/core/Drawer.vue
new file mode 100644
index 00000000..7da578f0
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/components/core/Drawer.vue
@@ -0,0 +1,204 @@
+<template>
+  <v-navigation-drawer
+    id="core-navigation-drawer"
+    v-model="drawer"
+    :dark="barColor !== 'rgba(228, 226, 226, 1), rgba(255, 255, 255, 0.7)'"
+    :expand-on-hover="expandOnHover"
+    :right="$vuetify.rtl"
+    :src="barImage"
+    mobile-break-point="960"
+    app
+    width="260"
+    v-bind="$attrs"
+  >
+    <template v-slot:img="props">
+      <v-img
+        :gradient="`to bottom, ${barColor}`"
+        v-bind="props"
+      />
+    </template>
+
+    <v-divider class="mb-1" />
+
+    <v-list
+      dense
+      nav
+    >
+      <v-list-item>
+        <v-list-item-avatar
+          class="align-self-center"
+          contain
+          >
+         <v-img src="@/assets/favicon.png"
+            max-height="40"/>
+        </v-list-item-avatar>
+
+        <v-list-item-content>
+          <v-list-item-title
+            class="display-1"
+            v-text="profile.title"
+            style="height: 35px; line-height: unset;"
+          />
+        </v-list-item-content>
+      </v-list-item>
+    </v-list>
+
+    <v-divider class="mb-2" />
+
+    <v-list
+      expand
+      nav
+    >
+      <!-- Style cascading bug  -->
+      <!-- https://github.com/vuetifyjs/vuetify/pull/8574 -->
+      <div />
+
+      <template v-for="(item, i) in computedItems">
+        <base-item-group
+          v-if="item.children"
+          :key="`group-${i}`"
+          :item="item"
+        >
+          <!--  -->
+        </base-item-group>
+
+        <base-item
+          v-else
+          :key="`item-${i}`"
+          :item="item"
+        />
+      </template>
+
+      <!-- Style cascading bug  -->
+      <!-- https://github.com/vuetifyjs/vuetify/pull/8574 -->
+      <div />
+    </v-list>
+  </v-navigation-drawer>
+</template>
+
+<script>
+// Utilities
+import { mapState } from 'vuex'
+
+export default {
+  name: 'DashboardCoreDrawer',
+
+  props: {
+    expandOnHover: {
+      type: Boolean,
+      default: false
+    }
+  },
+
+  computed: {
+    ...mapState(['barColor', 'barImage']),
+    drawer: {
+      get () {
+        return this.$store.state.drawer
+      },
+      set (val) {
+        this.$store.commit('SET_DRAWER', val)
+      }
+    },
+    items () {
+      const items = [
+        {
+          title: 'accounts',
+          icon: 'mdi-account-multiple',
+          to: '/admin/accounts'
+        },
+        {
+          title: 'projects',
+          icon: 'mdi-book-multiple',
+          to: '/admin/projects'
+        }
+      ]
+      this.$router.getRoutes().filter(route => route.path.includes('/admin/') && route.meta.toSidebar).forEach(item => {
+        items.push(
+          {
+            title: item.meta.name,
+            to: item.path,
+            icon: item.meta.icon
+          })
+      })
+      return items
+    },
+    computedItems () {
+      return this.items.map(this.mapItem)
+    },
+    profile () {
+      return {
+        avatar: false,
+        title: 'Admin'
+      }
+    }
+  },
+
+  methods: {
+    mapItem (item) {
+      return {
+        ...item,
+        children: item.children ? item.children.map(this.mapItem) : undefined
+        // title: this.$t(item.title)
+      }
+    }
+  }
+}
+</script>
+
+<style lang="sass">
+  @import '~vuetify/src/styles/tools/_rtl.sass'
+
+  #core-navigation-drawer
+    .v-list-group__header.v-list-item--active:before
+      opacity: .24
+
+    .v-list-item
+      &__icon--text,
+      &__icon:first-child
+        justify-content: center
+        text-align: center
+        width: 20px
+
+        +ltr()
+          margin-right: 24px
+          margin-left: 12px !important
+
+        +rtl()
+          margin-left: 24px
+          margin-right: 12px !important
+
+    .v-list--dense
+      .v-list-item
+        &__icon--text,
+        &__icon:first-child
+          margin-top: 10px
+
+    .v-list-group--sub-group
+      .v-list-item
+        +ltr()
+          padding-left: 8px
+
+        +rtl()
+          padding-right: 8px
+
+      .v-list-group__header
+        +ltr()
+          padding-right: 0
+
+        +rtl()
+          padding-right: 0
+
+        .v-list-item__icon--text
+          margin-top: 19px
+          order: 0
+
+        .v-list-group__header__prepend-icon
+          order: 2
+
+          +ltr()
+            margin-right: 8px
+
+          +rtl()
+            margin-left: 8px
+</style>
diff --git a/web-app/src/admin/views/dashboard/components/core/Footer.vue b/web-app/src/admin/views/dashboard/components/core/Footer.vue
new file mode 100644
index 00000000..cdb7cbfe
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/components/core/Footer.vue
@@ -0,0 +1,78 @@
+<template>
+  <v-footer
+    id="dashboard-core-footer"
+  >
+    <v-container>
+      <v-row
+        align="center"
+        no-gutters
+      >
+        <v-col
+          v-for="(link, i) in links"
+          :key="i"
+          class="text-center mb-sm-0 mb-5"
+          cols="auto"
+        >
+          <a
+            :href="link.href"
+            class="mr-0 grey--text text--darken-3"
+            rel="noopener"
+            target="_blank"
+            v-text="link.text"
+          />
+        </v-col>
+
+        <v-spacer class="hidden-sm-and-down" />
+
+        <v-col
+          cols="12"
+          md="auto"
+        >
+          <div class="body-1 font-weight-light pt-6 pt-md-0 text-center">
+            &copy; 2019, made with
+            <v-icon size="18">
+              mdi-heart
+            </v-icon>
+            by <a href="https://www.creative-tim.com">Creative Tim</a> for a better web.
+          </div>
+        </v-col>
+      </v-row>
+    </v-container>
+  </v-footer>
+</template>
+
+<script>
+export default {
+  name: 'DashboardCoreFooter',
+
+  data: () => ({
+    links: [
+      {
+        href: '#',
+        text: 'Creative Tim'
+      },
+      {
+        href: '#',
+        text: 'About Us'
+      },
+      {
+        href: '#',
+        text: 'Blog'
+      },
+      {
+        href: '#',
+        text: 'Licenses'
+      }
+    ]
+  })
+}
+</script>
+
+<style lang="sass">
+  #dashboard-core-footer
+    a
+      font-size: .825rem
+      font-weight: 500
+      text-decoration: none
+      text-transform: uppercase
+</style>
diff --git a/web-app/src/admin/views/dashboard/components/core/Settings.vue b/web-app/src/admin/views/dashboard/components/core/Settings.vue
new file mode 100644
index 00000000..93636da3
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/components/core/Settings.vue
@@ -0,0 +1,263 @@
+<template>
+  <div id="settings-wrapper">
+    <v-card
+      id="settings"
+      class="py-2 px-4"
+      color="rgba(0, 0, 0, .3)"
+      dark
+      text
+      link
+      min-width="100"
+      style="position: fixed; top: 115px; right: -35px; border-radius: 8px;"
+    >
+      <v-icon large>
+        mdi-settings
+      </v-icon>
+    </v-card>
+
+    <v-menu
+      v-model="menu"
+      :close-on-content-click="false"
+      activator="#settings"
+      bottom
+      content-class="v-settings"
+      left
+      nudge-left="8"
+      offset-x
+      origin="top right"
+      transition="scale-transition"
+    >
+      <v-card
+        class="text-center mb-0"
+        width="300"
+      >
+        <v-card-text>
+          <strong class="mb-3 d-inline-block">SIDEBAR FILTERS</strong>
+
+          <v-item-group v-model="color">
+            <v-item
+              v-for="color in colors"
+              :key="color"
+              :value="color"
+            >
+              <template v-slot="{ active, toggle }">
+                <v-avatar
+                  :class="active && 'v-settings__item--active'"
+                  :color="color"
+                  class="v-settings__item"
+                  size="25"
+                  @click="toggle"
+                />
+              </template>
+            </v-item>
+          </v-item-group>
+
+          <v-divider class="my-4 secondary" />
+
+          <v-row
+            align="center"
+            no-gutters
+          >
+            <v-col cols="auto">
+              Dark Mode
+            </v-col>
+
+            <v-spacer />
+
+            <v-col cols="auto">
+              <v-switch
+                v-model="$vuetify.theme.dark"
+                class="ma-0 pa-0"
+                color="secondary"
+                hide-details
+              />
+            </v-col>
+          </v-row>
+
+          <v-divider class="my-4 secondary" />
+
+          <v-row
+            align="center"
+            no-gutters
+          >
+            <v-col cols="auto">
+              Sidebar Image
+            </v-col>
+
+            <v-spacer />
+
+            <v-col cols="auto">
+              <v-switch
+                v-model="showImg"
+                class="ma-0 pa-0"
+                color="secondary"
+                hide-details
+              />
+            </v-col>
+          </v-row>
+
+          <v-divider class="my-4 secondary" />
+
+          <strong class="mb-3 d-inline-block">IMAGES</strong>
+
+          <v-item-group
+            v-model="image"
+            class="d-flex justify-space-between mb-3"
+          >
+            <v-item
+              v-for="image in images"
+              :key="image"
+              :value="image"
+              class="mx-1"
+            >
+              <template v-slot="{ active, toggle }">
+                <v-sheet
+                  :class="active && 'v-settings__item--active'"
+                  class="d-inline-block v-settings__item"
+                  @click="toggle"
+                >
+                  <v-img
+                    :src="image"
+                    height="100"
+                    width="50"
+                  />
+                </v-sheet>
+              </template>
+            </v-item>
+          </v-item-group>
+
+          <v-btn
+            block
+            class="mb-3"
+            color="success"
+            href="https://www.creative-tim.com/product/vuetify-material-dashboard"
+            default
+            rel="noopener"
+            target="_blank"
+          >
+            Free Download
+          </v-btn>
+
+          <v-btn
+            block
+            class="mb-3"
+            color="grey darken-1"
+            dark
+            href="https://vuetifyjs.com/components/api-explorer"
+            default
+            rel="noopener"
+            target="_blank"
+          >
+            Documentation
+          </v-btn>
+
+          <div class="my-12" />
+
+          <div>
+            <strong class="mb-3 d-inline-block">THANK YOU FOR SHARING!</strong>
+          </div>
+
+          <v-btn
+            class="ma-1"
+            color="#55acee"
+            dark
+            default
+            rounded
+          >
+            <v-icon>mdi-twitter</v-icon>
+            - 45
+          </v-btn>
+
+          <v-btn
+            class="ma-1"
+            color="#3b5998"
+            dark
+            default
+            rounded
+          >
+            <v-icon>mdi-facebook</v-icon>
+            - 50
+          </v-btn>
+        </v-card-text>
+      </v-card>
+    </v-menu>
+  </div>
+</template>
+
+<script>
+// Mixins
+import Proxyable from 'vuetify/lib/mixins/proxyable'
+import { mapMutations, mapState } from 'vuex'
+
+export default {
+  name: 'DashboardCoreSettings',
+
+  mixins: [Proxyable],
+
+  data: () => ({
+    color: '#E91E63',
+    colors: [
+      '#9C27b0',
+      '#00CAE3',
+      '#4CAF50',
+      '#ff9800',
+      '#E91E63',
+      '#FF5252'
+    ],
+    image: 'https://demos.creative-tim.com/material-dashboard/assets/img/sidebar-1.jpg',
+    images: [
+      'https://demos.creative-tim.com/material-dashboard/assets/img/sidebar-1.jpg',
+      'https://demos.creative-tim.com/material-dashboard/assets/img/sidebar-2.jpg',
+      'https://demos.creative-tim.com/material-dashboard/assets/img/sidebar-3.jpg',
+      'https://demos.creative-tim.com/material-dashboard/assets/img/sidebar-4.jpg'
+    ],
+    menu: false,
+    saveImage: '',
+    showImg: true
+  }),
+
+  computed: {
+    ...mapState(['barImage'])
+  },
+
+  watch: {
+    color (val) {
+      this.$vuetify.theme.themes[this.isDark ? 'dark' : 'light'].primary = val
+    },
+    showImg (val) {
+      if (!val) {
+        this.saveImage = this.barImage
+        this.setBarImage('')
+      } else if (this.saveImage) {
+        this.setBarImage(this.saveImage)
+        this.saveImage = ''
+      } else {
+        this.setBarImage(val)
+      }
+    },
+    image (val) {
+      this.setBarImage(val)
+    }
+  },
+
+  methods: {
+    ...mapMutations({
+      setBarImage: 'SET_BAR_IMAGE'
+    })
+  }
+}
+</script>
+
+<style lang="sass">
+  .v-settings
+    .v-item-group > *
+      cursor: pointer
+
+    &__item
+      border-width: 3px
+      border-style: solid
+      border-color: transparent !important
+
+      &--active
+        border-color: #00cae3 !important
+</style>
diff --git a/web-app/src/admin/views/dashboard/components/core/View.vue b/web-app/src/admin/views/dashboard/components/core/View.vue
new file mode 100644
index 00000000..4bf3e959
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/components/core/View.vue
@@ -0,0 +1,17 @@
+<template>
+  <v-content>
+    <router-view />
+
+<!--    <dashboard-core-footer />-->
+  </v-content>
+</template>
+
+<script>
+export default {
+  name: 'DashboardCoreView',
+
+  components: {
+    // DashboardCoreFooter: () => import('./Footer')
+  }
+}
+</script>
diff --git a/web-app/src/admin/views/dashboard/maps/GoogleMaps.vue b/web-app/src/admin/views/dashboard/maps/GoogleMaps.vue
new file mode 100644
index 00000000..5b02446f
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/maps/GoogleMaps.vue
@@ -0,0 +1,78 @@
+<template>
+  <v-container
+    id="google-maps"
+    fluid
+    tag="section"
+  >
+    <v-row>
+      <v-col cols="12">
+        <base-material-card
+          color="success"
+          title="Satellite Map"
+          class="px-5 py-3"
+        >
+          <v-card-text class="px-0 pb-0">
+            <v-sheet>
+              <iframe
+                src="https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d26356315.701909266!2d-113.65984645545673!3d36.25591957613731!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x54eab584e432360b%3A0x1c3bb99243deb742!2sUnited+States!5e0!3m2!1sen!2sus!4v1566158729223!5m2!1sen!2sus"
+                width="100%"
+                height="450"
+                frameborder="0"
+                style="border:0"
+                allowfullscreen
+              />
+            </v-sheet>
+          </v-card-text>
+        </base-material-card>
+      </v-col>
+
+      <v-col
+        cols="12"
+        md="6"
+      >
+        <base-material-card
+          color="success"
+          title="Satellite Map"
+          class="px-5 py-3"
+        >
+          <v-card-text class="px-0 pb-0">
+            <v-sheet>
+              <iframe
+                src="https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d193595.15831228695!2d-74.11976206978034!3d40.697663747508045!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x89c24fa5d33f083b%3A0xc80b8f06e177fe62!2sNew+York%2C+NY!5e0!3m2!1sen!2sus!4v1566158235149!5m2!1sen!2sus"
+                width="100%"
+                height="450"
+                frameborder="0"
+                style="border:0"
+                allowfullscreen
+              />
+            </v-sheet>
+          </v-card-text>
+        </base-material-card>
+      </v-col>
+
+      <v-col
+        cols="12"
+        md="6"
+      >
+        <base-material-card
+          color="success"
+          title="Custom Skin & Settings Map"
+          class="px-5 py-3"
+        >
+          <v-card-text class="px-0 pb-0">
+            <v-sheet>
+              <iframe
+                src="https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d193595.15831228695!2d-74.11976206978034!3d40.697663747508045!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x89c24fa5d33f083b%3A0xc80b8f06e177fe62!2sNew+York%2C+NY!5e0!3m2!1sen!2sus!4v1566158235149!5m2!1sen!2sus"
+                width="100%"
+                height="450"
+                frameborder="0"
+                style="border:0"
+                allowfullscreen
+              />
+            </v-sheet>
+          </v-card-text>
+        </base-material-card>
+      </v-col>
+    </v-row>
+  </v-container>
+</template>
diff --git a/web-app/src/admin/views/dashboard/pages/Account.vue b/web-app/src/admin/views/dashboard/pages/Account.vue
new file mode 100644
index 00000000..17ebc41f
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/pages/Account.vue
@@ -0,0 +1,194 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <div>
+    <v-card color="transparent" outlined style="margin: 10px">
+      <v-card-text>
+        <v-layout row style="padding: 5px">
+          <v-radio-group
+          v-model="type"
+          row
+          style="max-width: 500px; padding-left: 10px"
+          @change="resetPaging"
+          >
+            <v-radio
+              label="User"
+              value="user"
+            ></v-radio>
+            <v-radio
+              label="Organisation"
+              value="organisation"
+            ></v-radio>
+          </v-radio-group>
+          <v-spacer></v-spacer>
+          <v-text-field
+          :label="$t('search')"
+          color="secondary"
+          hide-details
+          style="max-width: 250px; padding-right: 10px"
+          v-model="searchByName"
+          @input="resetPaging"
+          >
+            <template
+              v-if="$vuetify.breakpoint.mdAndUp"
+              v-slot:prepend-inner
+            >
+              <v-icon elevation="1">mdi-magnify
+              </v-icon>
+            </template>
+            <template v-slot:append>
+              <v-icon elevation="1" @click="resetSearch">cancel</v-icon>
+            </template>
+          </v-text-field>
+        </v-layout>
+      </v-card-text>
+    </v-card>
+    <v-data-table
+      height="70vh"
+      :headers="headers"
+      :items="accounts.items"
+      :loading="loading"
+      :no-data-text="(error) ? error : 'No accounts'"
+      color="primary"
+      :hide-default-footer="true"
+      :options="options"
+      :server-items-length="accounts.count"
+      v-on:update:options="paginate"
+  >
+      <template v-slot:top="{ pagination, options, updateOptions }">
+        <v-data-footer
+          :pagination="pagination"
+          :options="options"
+          show-current-page
+          show-first-last-page
+          :items-per-page-options="[5,10,50]"
+          @update:options="updateOptions"
+        />
+      </template>
+    <template v-slot:item.name="{ item }">
+       <span>
+        <router-link :to="item.type === 'user' ? { name: 'admin-profile', params: { username: item.name }} : { name: 'admin-organisation', params: { name: item.name }}">
+          {{ item.name }}
+        </router-link>
+       </span>
+     </template>
+    <template v-slot:item.storage="{ item }">
+      {{  item.storage  | filesize("", 0) }}
+    </template>
+    <template v-slot:item.received="{ item }">
+       <span>
+         <v-tooltip bottom>
+        <template v-slot:activator="{ on }">
+        <span v-on="on">{{ item.received | timediff }}</span>
+        </template>
+        <span>{{ item.received | datetime }}</span>
+      </v-tooltip>
+       </span>
+     </template>
+    <template v-slot:item.msg="{ item }">
+       <span>
+         <v-tooltip bottom>
+        <template v-slot:activator="{ on }">
+        <span v-on="on">{{ item.msg.substring(0, 9) }}</span>
+        </template>
+        <span>{{ item.msg }}</span>
+      </v-tooltip>
+       </span>
+     </template>
+    <template v-slot:item.active="{ item }">
+     <span>
+      <span style="display: inline-block; width: 120px">
+       <v-icon v-if="item.active" color="green">check</v-icon>
+       <v-icon v-else color="red">clear</v-icon>
+      </span>
+     </span>
+   </template>
+    </v-data-table>
+  </div>
+</template>
+
+<script>
+import { mapState } from 'vuex'
+import { removeAccents } from '@/util'
+import debounce from 'debounce'
+
+
+export default {
+  name: 'Account',
+  data () {
+    return {
+      options: {
+        sortBy: ['name'],
+        sortDesc: [false],
+        itemsPerPage: 10,
+        page: 1
+      },
+      headers: [
+        { text: 'Name', value: 'name', filterable: true, sortable: true },
+        { text: 'Storage', value: 'storage', filterable: true, sortable: false },
+        { text: 'Active', value: 'active', filterable: false, sortable: false, width: 15 }
+      ],
+      type: 'user',
+      searchByName: ''
+    }
+  },
+  props: {
+    account_id: {
+      type: Number,
+      default: null
+    }
+  },
+  computed: {
+    ...mapState({
+      accounts: state => state.admin.accounts,
+      error: state => state.admin.error,
+      loading: state => state.admin.loading
+    })
+  },
+  created () {
+    this.resetPaging = debounce(this.resetPaging, 1000)
+    if (this.account_id !== null) {
+      this.fetchAccount(this.account_id)
+    }
+  },
+  watch: {
+    error () {
+      if (this.error) this.$notification.error(`Failed to fetch accounts. \n Reason: ${this.error}`)
+    }
+  },
+  methods: {
+    resetPaging () {
+      this.options.page = 1
+      this.paginate(this.options)
+    },
+    resetSearch () {
+      this.searchByName = ''
+      this.resetPaging()
+    },
+    paginate (options) {
+      this.options = options
+      const params = {
+        page: options.page,
+        per_page: options.itemsPerPage
+      }
+      if (options.sortBy[0]) {
+        params.descending = options.sortDesc[0]
+        params.order_by = options.sortBy[0]
+      }
+      if (this.searchByName) {
+        params.name = removeAccents(this.searchByName.trim())
+      }
+      this.$store.dispatch('admin/fetchAccounts', { type: this.type, params: params })
+    }
+  }
+}
+</script>
+
+<style scoped>
+
+.theme--light.v-data-table, .theme--light.v-data-table .v-data-footer {
+  border: none;
+}
+
+</style>
diff --git a/web-app/src/admin/views/dashboard/pages/OrganisationProfile.vue b/web-app/src/admin/views/dashboard/pages/OrganisationProfile.vue
new file mode 100644
index 00000000..0ba97a8d
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/pages/OrganisationProfile.vue
@@ -0,0 +1,190 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <page-view :style="`padding-left: ${drawer ? 260 : 20}px; overflow-y: auto; padding-right:20px; margin-right: 0px;`">
+    <v-card class="layout column main-content fill-height" flat>
+      <v-card-text>
+        <div class="profile">
+          <h1 class="primary--text"> Profile </h1>
+          <br>
+          <v-divider/>
+          <v-layout>
+            <!-- Render profile -->
+            <div class="section">
+              <ul v-if="organisation">
+                <li> <b> Name: </b>{{ organisation.name }} </li>
+                <li> <b> Account active: </b>
+                  <v-icon v-if="organisation.active" color="green">check</v-icon>
+                  <v-icon v-else color="red">clear</v-icon>
+                </li>
+                <li> <b> Description: </b>{{ organisation.description }} </li>
+                <li> <b> Contact Email: </b>{{ organisation.account.email }} </li>
+                <br>
+                <li> <b> Data Usage: </b>
+                 <template v-if="organisation.disk_usage !== undefined && organisation.storage !== undefined">
+                   {{ organisation.disk_usage | filesize }} / {{ organisation.storage | filesize }}
+                    <v-progress-circular
+                      :size="55"
+                      :width="8"
+                      :value="usage * 100"
+                      color="primary"
+                      class="mx-3"
+                    >
+                      {{ Math.floor(usage * 100) }}%
+                    </v-progress-circular>
+                  </template>
+                </li>
+                <li> <b> Registered: </b>{{ organisation.registration_date | date }} </li>
+              </ul>
+            </div>
+            <v-spacer/>
+            <!-- actions -->
+            <div v-if="organisation">
+              <div>
+                <v-tooltip top>
+                    <template v-slot:activator="{ on }">
+                      <span v-on="on">
+                        <v-btn
+                          @click="changeStatusDialog"
+                          class="primary--text" >
+                        <v-icon class="mr-2">edit</v-icon>
+                        {{organisation.active ? 'deactivate account' : 'activate account'}}
+                        </v-btn>
+                      </span>
+                    </template>
+                    <span v-if="organisation.active">Deactivate account</span>
+                    <span v-else >Activate account</span>
+                  </v-tooltip>
+              </div>
+              <div>
+                <v-tooltip top >
+                    <template v-slot:activator="{ on }">
+                      <span v-on="on">
+                        <v-btn
+                          @click="confirmDeleteAccount"
+                          class="white--text"
+                          depressed
+                          color="red"
+                          v-if="organisation.active" >
+                          <v-icon class="mr-2">remove_circle</v-icon>
+                          close account
+                        </v-btn>
+                      </span>
+                    </template>
+                    <span v-if="organisation.active">Delete account</span>
+                  </v-tooltip>
+              </div>
+            </div>
+          </v-layout>
+          <account-detail :key="name" v-if="organisation"  type="organisation"></account-detail>
+        </div>
+        <v-divider/>
+        <br>
+        <h2>Members</h2>
+        <organisation-permissions v-if="organisation" :name="organisation.name"></organisation-permissions>
+        </v-card-text>
+    </v-card>
+  </page-view>
+</template>
+
+<script>
+import { mapState } from 'vuex'
+import OrganisationMixin from '@/mixins/Organisation'
+import PageView from '@/views/PageView'
+import MerginAPIMixin from '@/mixins/MerginAPI'
+import OrganisationPermissions from '../components/OrganisationPermissions'
+import ConfirmDialog from '@/components/ConfirmDialog'
+import CommonMixin from '../../../mixins/CommonAPI'
+import { waitCursor } from '@/util'
+import AccountDetail from '../components/AccountDetail'
+
+export default {
+  name: 'AdminOrganisationView',
+  mixins: [OrganisationMixin, MerginAPIMixin, CommonMixin],
+  components: { OrganisationPermissions, PageView, AccountDetail },
+  props: { name: String },
+  computed: {
+    ...mapState(['organisation', 'drawer']),
+    usage () {
+      if (this.organisation) {
+        return (this.organisation.storage) ? this.organisation.disk_usage / this.organisation.storage : 0
+      }
+      return null
+    }
+  },
+  methods: {
+    changeStatusDialog () {
+      const props = { text: this.organisation.active ? 'Do you really want deactivate this account?' : 'Do you really want activate this account?' }
+      const dialog = { maxWidth: 500, persistent: true }
+      const listeners = {
+        confirm: async () => {
+          waitCursor(true)
+          await this.changeAccountStatus(this.organisation.account.id, !this.organisation.active)
+          await this.getOrganisation(this.name)
+          waitCursor(false)
+        }
+      }
+      this.$dialog.show(ConfirmDialog, { props, listeners, dialog })
+    },
+    confirmDeleteAccount () {
+      const props = {
+        text: 'Are you sure to close account? All projects will be removed <br>  <br> Type in organisation name to confirm:',
+        confirmText: 'Delete',
+        confirmField: {
+          label: 'Organisation name',
+          expected: this.organisation.name
+        }
+      }
+      const listeners = {
+        confirm: () => this.closeAccount(this.organisation.account.id)
+      }
+      this.$dialog.prompt({ props, listeners, dialog: { maxWidth: 500 } })
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.main-content {
+  overflow: auto;
+}
+.profile{
+  margin-bottom: 20px;
+  h2 {
+    color: #2D4470;
+    margin-bottom: 10px;
+  }
+  button {
+    padding-left: 10px;
+    height: 35px;
+    padding-right: 10px;
+    width: 100%;
+    i {
+      font-size: 13px;
+    }
+  }
+  .align-center{
+    padding-top: 10px;
+    padding-bottom: 10px;
+    align-items: flex-start;
+    padding-right: 10px;
+  }
+  .section{
+    margin-right: 10px;
+    ul {
+      padding-left: 0;
+    }
+    li {
+      list-style: none;
+      b {
+        width: 150px;
+        display: inline-block;
+      }
+    }
+    .v-icon {
+      font-size: 18px;
+    }
+  }
+}
+</style>
diff --git a/web-app/src/admin/views/dashboard/pages/Profile.vue b/web-app/src/admin/views/dashboard/pages/Profile.vue
new file mode 100644
index 00000000..601e869a
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/pages/Profile.vue
@@ -0,0 +1,213 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+    <page-view>
+   <v-card class="layout column main-content fill-height" flat>
+      <v-card-text>
+        <div class="profile">
+          <h1 class="primary--text"> Profile </h1>
+          <br>
+          <v-divider/>
+          <v-layout>
+            <!-- Render profile -->
+            <div class="section">
+              <ul v-if="profile">
+                <li> <b> Username: </b>{{ userAdminProfile.username }} </li>
+                <li> <b> Name: </b>{{ profile.first_name }} </li>
+                <li> <b> Last name: </b>{{ profile.last_name }} </li>
+                <li> <b> Account active: </b>
+                  <v-icon v-if="userAdminProfile.active" color="green">check</v-icon>
+                  <v-icon v-else color="red">clear</v-icon>
+                </li>
+                <li> <b> Email: </b>{{ userAdminProfile.email }}
+                  <v-tooltip top >
+                    <template v-slot:activator="{ on }">
+                    <span
+                      v-on="on"
+                    >
+                      <v-icon v-if="userAdminProfile.verified_email" color="green">check</v-icon>
+                      <v-icon v-else color="red">clear</v-icon>
+                    </span>
+                    </template>
+                    <span>Email verification status</span>
+                  </v-tooltip>
+                </li>
+                <li> <b> Receive notifications: </b>
+                  <v-icon v-if="profile.receive_notifications" color="green">check</v-icon>
+                  <v-icon v-else color="red">clear</v-icon>
+                </li>
+                <br>
+                <li> <b> Data Usage: </b>
+                 <template v-if="profile.disk_usage !== undefined && profile.storage !== undefined">
+                   {{ profile.disk_usage | filesize }} / {{ profile.storage | filesize }}
+                    <v-progress-circular
+                      :size="55"
+                      :width="8"
+                      :value="usage * 100"
+                      color="primary"
+                      class="mx-3"
+                    >
+                      {{ Math.floor(usage * 100) }}%
+                    </v-progress-circular>
+                  </template>
+                </li>
+                <li> <b> Registered: </b>{{ profile.registration_date | date }} </li>
+              </ul>
+            </div>
+            <v-spacer/>
+            <!-- actions -->
+            <div v-if="profile">
+              <div>
+               <v-tooltip top >
+                    <template v-slot:activator="{ on }">
+                      <span v-on="on">
+                        <v-btn
+                          @click="changeStatusDialog"
+                          class="primary--text" >
+                        <v-icon class="mr-2">edit</v-icon>
+                        {{userAdminProfile.active ? 'deactivate account' : 'activate account'}}
+                        </v-btn>
+                      </span>
+                    </template>
+                    <span v-if="userAdminProfile.active">Deactivate account</span>
+                    <span v-else >Activate account</span>
+                  </v-tooltip>
+              </div>
+              <div>
+                <v-tooltip top >
+                    <template v-slot:activator="{ on }">
+                      <span v-on="on">
+                        <v-btn
+                          @click="confirmDeleteUser"
+                          class="white--text"
+                          depressed
+                          color="red"
+                          v-if="userAdminProfile.active" >
+                          <v-icon class="mr-2">remove_circle</v-icon>
+                          close account
+                        </v-btn>
+                      </span>
+                    </template>
+                    <span>Delete account</span>
+                  </v-tooltip>
+              </div>
+            </div>
+          </v-layout>
+            <account-detail :key="username" v-if="profile" type="user"></account-detail>
+        </div>
+        </v-card-text>
+    </v-card>
+    </page-view>
+</template>
+
+<script>
+import { mapState } from 'vuex'
+import CommonMixin from '../../../mixins/CommonAPI'
+import PageView from '@/views/PageView'
+import ConfirmDialog from '@/components/ConfirmDialog'
+import MerginAPIMixin from '@/mixins/MerginAPI'
+import { waitCursor } from '@/util'
+import AccountDetail from '../components/AccountDetail'
+
+
+export default {
+  name: 'AdminUserView',
+  mixins: [CommonMixin, MerginAPIMixin],
+  components: { PageView, AccountDetail },
+  props: {
+    username: String
+  },
+  data () {
+    return {
+      dialog: false
+    }
+  },
+  computed: {
+    ...mapState('admin', ['userAdminProfile']),
+    usage () {
+      return this.profile.disk_usage / this.profile.storage
+    },
+    profile () {
+      if (this.userAdminProfile !== null) {
+        return this.userAdminProfile.profile
+      } else {
+        return null
+      }
+    }
+  },
+  methods: {
+    changeStatusDialog () {
+      const props = { text: this.userAdminProfile.active ? 'Do you really want deactivate this account?' : 'Do you really want activate this account?' }
+      const dialog = { maxWidth: 500, persistent: true }
+      const listeners = {
+        confirm: async () => {
+          waitCursor(true)
+          await this.changeAccountStatus(this.userAdminProfile.account.id, !this.userAdminProfile.active)
+          await this.fetchUserProfileByName(this.username)
+          waitCursor(false)
+        }
+      }
+      this.$dialog.show(ConfirmDialog, { props, listeners, dialog })
+    },
+    confirmDeleteUser () {
+      const props = {
+        text: 'Are you sure to close account? All projects will be removed <br>  <br> Type in username to confirm:',
+        confirmText: 'Delete',
+        confirmField: {
+          label: 'Username',
+          expected: this.userAdminProfile.username
+        }
+      }
+      const listeners = {
+        confirm: () => this.closeAccount(this.userAdminProfile.account.id)
+      }
+      this.$dialog.prompt({ props, listeners, dialog: { maxWidth: 500 } })
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.main-content {
+  overflow: auto;
+}
+.profile{
+  margin-bottom: 20px;
+  h2 {
+    color: #2D4470;
+    margin-bottom: 10px;
+  }
+  button {
+    padding-left: 10px;
+    height: 35px;
+    padding-right: 10px;
+    width: 100%;
+    i {
+      font-size: 13px;
+    }
+  }
+  .align-center{
+    padding-top: 10px;
+    padding-bottom: 10px;
+    align-items: flex-start;
+    padding-right: 10px;
+  }
+  .section{
+    margin-right: 10px;
+    ul {
+      padding-left: 0;
+    }
+    li {
+      list-style: none;
+      b {
+        width: 150px;
+        display: inline-block;
+      }
+    }
+    .v-icon {
+      font-size: 18px;
+    }
+  }
+}
+</style>
diff --git a/web-app/src/admin/views/dashboard/pages/Projects.vue b/web-app/src/admin/views/dashboard/pages/Projects.vue
new file mode 100644
index 00000000..dcc98fa7
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/pages/Projects.vue
@@ -0,0 +1,104 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <page-view>
+    <v-layout class="column fill-height ml-10">
+      <v-row>
+        <v-layout align-center shrink>
+          <h3 class="ml-1 my-2">
+            <span v-if="namespace"> <v-icon class="arrow">chevron_right</v-icon> {{ namespace }}</span>
+          </h3>
+          <v-spacer/>
+          <portal-target name="additional-action"/>
+          <div v-if="this.$route.meta.flag !== 'request'">
+          </div>
+          <div v-else>
+            <portal-target name="accept-request-button"/>
+          </div>
+        </v-layout>
+      </v-row>
+      <v-row>
+        <v-col>
+          <v-card class="table">
+            <v-card-title>
+              Active Projects
+            </v-card-title>
+            <v-card-text>
+              <projects-table
+                :key="namespace"
+                :show-namespace="true"
+                :namespace="namespace"
+                :asAdmin="true"
+                show-tags
+                />
+            </v-card-text>
+          </v-card>
+        </v-col>
+      </v-row>
+      <v-row>
+        <v-col>
+          <v-card class="table">
+            <v-card-title>
+              Removed Projects
+            </v-card-title>
+            <v-card-text>
+              <removed-projects-table/>
+            </v-card-text>
+          </v-card>
+        </v-col>
+      </v-row>
+    </v-layout>
+  </page-view>
+</template>
+
+<script>
+import { mapState } from 'vuex'
+
+import PageView from '@/views/PageView'
+import ProjectsTable from '@/admin/views/dashboard/components/ProjectsTable'
+import RemovedProjectsTable from '@/admin/views/dashboard/components/RemovedProjectsTable'
+
+export default {
+  name: 'admin-projects-list',
+  components: { PageView, ProjectsTable, RemovedProjectsTable },
+  props: {
+    namespace: String
+  },
+  data () {
+    return {
+      asAdmin: true
+    }
+  },
+  computed: {
+    ...mapState(['app'])
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+h3 a {
+  text-decoration: none;
+}
+.v-card.table {
+  min-height: unset;
+  overflow: unset;
+}
+
+.arrow {
+  color: black;
+  font-size: large;
+}
+
+@media (max-width : 400px) {
+  .action-button {
+    width: 135px;
+  }
+}
+
+.action-button {
+  div {
+    display: inline-block;
+  }
+}
+</style>
diff --git a/web-app/src/admin/views/dashboard/pages/Rtl.vue b/web-app/src/admin/views/dashboard/pages/Rtl.vue
new file mode 100644
index 00000000..65625356
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/pages/Rtl.vue
@@ -0,0 +1,409 @@
+<template>
+  <v-container
+    id="rtl"
+    fluid
+    tag="section"
+  >
+    <v-row class="mb-10">
+      <v-col
+        cols="12"
+        md="6"
+      >
+        <base-material-card
+          color="warning"
+          text="بالإنزال وفي. خيار ومضى العمليات تم ذلك, تم معقل مرمى"
+          title="لتكاليف يبق"
+        >
+          <v-card-text>
+            <v-data-table
+              :headers="headers"
+              :items="items"
+            />
+          </v-card-text>
+        </base-material-card>
+      </v-col>
+
+      <v-col
+        cols="12"
+        md="6"
+      >
+        <base-material-card>
+          <template v-slot:heading>
+            <v-tabs
+              v-model="tabs"
+              background-color="transparent"
+              slider-color="white"
+            >
+              <span
+                class="subheading font-weight-light mx-3"
+                style="align-self: center"
+              >
+                منتصف:
+              </span>
+
+              <v-tab class="mr-3">
+                <v-icon class="me-2">
+                  mdi-bug
+                </v-icon>
+
+                ضرب
+              </v-tab>
+
+              <v-tab class="mr-3">
+                <v-icon class="me-2">
+                  mdi-code-tags
+                </v-icon>
+
+                السفن
+              </v-tab>
+
+              <v-tab>
+                <v-icon class="me-2">
+                  mdi-cloud
+                </v-icon>
+
+                فصل.
+              </v-tab>
+            </v-tabs>
+          </template>
+
+          <v-tabs-items
+            v-model="tabs"
+            class="transparent"
+          >
+            <v-tab-item
+              v-for="n in 3"
+              :key="n"
+            >
+              <v-card-text>
+                <template v-for="(task, i) in tasks[tabs]">
+                  <v-row
+                    :key="i"
+                    align="center"
+                  >
+                    <v-col cols="1">
+                      <v-list-item-action>
+                        <v-checkbox
+                          v-model="task.value"
+                          color="secondary"
+                        />
+                      </v-list-item-action>
+                    </v-col>
+
+                    <v-col cols="9">
+                      <div v-text="task.text" />
+                    </v-col>
+
+                    <v-col
+                      cols="2"
+                      class="text-right"
+                    >
+                      <v-icon class="mx-1">
+                        mdi-pencil
+                      </v-icon>
+                      <v-icon
+                        color="error"
+                        class="mx-1"
+                      >
+                        mdi-close
+                      </v-icon>
+                    </v-col>
+                  </v-row>
+                </template>
+              </v-card-text>
+            </v-tab-item>
+          </v-tabs-items>
+        </base-material-card>
+      </v-col>
+
+      <v-col
+        cols="12"
+        md="6"
+      >
+        <v-row>
+          <template v-for="(plan, i) in plans">
+            <v-col
+              :key="i"
+              cols="12"
+              md="6"
+            >
+              <pages-plan-card :plan="plan" />
+            </v-col>
+          </template>
+
+          <v-col cols="12">
+            <base-material-testimony
+              blurb="بعد و وسوء الأحمر, دون عقبت الهادي أم, قد حول قادة حكومة يتعلّق. أخذ حصدت اوروبا أن, كلا مهمّات اسبوعين التخطيط عل. وإيطالي الأوروبي و نفس. صفحة احداث أضف ان, هو مرجع نهاية لهيمنة كما. تم مايو لفشل المدن دول, جعل أن عسكرياً التّحول استرجاع."
+              author="أليك طومسون"
+              handle="@أليك طومسون"
+            />
+          </v-col>
+        </v-row>
+      </v-col>
+
+      <v-col
+        cols="12"
+        md="6"
+      >
+        <v-timeline
+          align-top
+          dense
+        >
+          <v-timeline-item
+            v-for="(timeline, i) in timelines"
+            :key="i"
+            :color="timeline.color"
+            :icon="timeline.icon"
+            fill-dot
+            large
+          >
+            <v-card class="pa-6">
+              <v-chip
+                :color="timeline.color"
+                class="overline mb-3"
+                small
+              >
+                {{ timeline.chip }}
+              </v-chip>
+
+              <p
+                class="subtitle-1"
+                v-text="timeline.text"
+              />
+
+              <div
+                class="text-uppercase body-2"
+                v-text="timeline.subtext"
+              />
+
+              <template v-if="timeline.action">
+                <v-divider class="mb-3" />
+
+                <v-menu
+                  v-model="menu"
+                  bottom
+                  offset-y
+                  origin=" top left"
+                  right
+                  transition="scale-transition"
+                >
+                  <template v-slot:activator="{ attrs, on }">
+                    <v-btn
+                      v-bind="attrs"
+                      :color="timeline.action"
+                      large
+                      rounded
+                      v-on="on"
+                    >
+                      <v-icon
+                        left
+                        v-text="timeline.actionIcon"
+                      />
+                      <v-icon right>
+                        {{ menu ? 'mdi-menu-up' : 'mdi-menu-down' }}
+                      </v-icon>
+                    </v-btn>
+                  </template>
+
+                  <v-sheet>
+                    <v-list>
+                      <v-list-item
+                        v-for="a in timeline.actions"
+                        :key="a"
+                        link
+                      >
+                        <v-list-item-title v-text="a" />
+                      </v-list-item>
+                    </v-list>
+                  </v-sheet>
+                </v-menu>
+              </template>
+            </v-card>
+          </v-timeline-item>
+        </v-timeline>
+      </v-col>
+    </v-row>
+  </v-container>
+</template>
+
+<script>
+// Components
+import PagesPlanCard from '@/views/pages/components/PlanCard'
+
+export default {
+  name: 'Widgets',
+
+  components: {
+    PagesPlanCard
+  },
+
+  data: () => ({
+    headers: [
+      {
+        sortable: false,
+        text: 'هوية شخصية',
+        value: 'id'
+      },
+      {
+        sortable: false,
+        text: 'اسم',
+        value: 'name'
+      },
+      {
+        sortable: false,
+        text: 'راتب',
+        value: 'salary',
+        align: 'right'
+      },
+      {
+        sortable: false,
+        text: 'بلد',
+        value: 'country',
+        align: 'right'
+      },
+      {
+        sortable: false,
+        text: 'مدينة',
+        value: 'city',
+        align: 'right'
+      }
+    ],
+    items: [
+      {
+        id: 1,
+        name: 'داكوتا رايس',
+        country: 'النيجر',
+        city: 'العود-تورنهاوت',
+        salary: '$35,738'
+      },
+      {
+        id: 2,
+        name: 'مينيرفا هوبر',
+        country: 'كوراساو',
+        city: 'Sinaai-واس',
+        salary: '$23,738'
+      },
+      {
+        id: 3,
+        name: 'سيج رودريجيز',
+        country: 'هولندا',
+        city: 'أوفرلاند بارك',
+        salary: '$56,142'
+      },
+      {
+        id: 4,
+        name: 'فيليب شانلي',
+        country: 'كوريا، جنوب',
+        city: 'غلوستر',
+        salary: '$38,735'
+      },
+      {
+        id: 5,
+        name: 'دوريس جرين',
+        country: 'مالاوي',
+        city: 'فيلدكيرشن في كارنتن',
+        salary: '$63,542'
+      }
+    ],
+    menu: false,
+    plans: [
+      {
+        best: true,
+        heading: 'جيوب سليمان، الإنزال',
+        icon: 'mdi-home',
+        title: '29$',
+        text: 'الأجل المتساقطة، من. عرض بسبب وأكثرها الاندونيسية بـ.'
+      },
+      {
+        heading: 'المتحدة لتقليعة',
+        icon: 'mdi-sofa',
+        title: 'قائمة',
+        text: 'الأجل المتساقطة، من. عرض بسبب وأكثرها الاندونيسية بـ.'
+      }
+    ],
+    tabs: 0,
+    tasks: {
+      0: [
+        {
+          text: 'فقد لمحاكم الاندونيسية, بلاده بالتوقيع تم يبق. جعل السبب وفرنسا الصينية أي.',
+          value: true
+        },
+        {
+          text: 'خطوط من الأدب الروسي العظيم؟ أو رسائل البريد الإلكتروني من بوسي؟',
+          value: false
+        },
+        {
+          text: 'بحث. كل مما ٢٠٠٤ شاسعة العسكري جعل السبب وفرنسا الصينية أي.',
+          value: false
+        },
+        {
+          text: 'قم بإنشاء 4 تجارب مستخدم غير مرئية لم تعرف عنها أبدًا',
+          value: true
+        }
+      ],
+      1: [
+        {
+          text: 'بحث. كل مما ٢٠٠٤ شاسعة العسكري جعل السبب وفرنسا الصينية أي.',
+          value: true
+        },
+        {
+          text: 'فقد لمحاكم الاندونيسية, بلاده بالتوقيع تم يبق. جعل السبب وفرنسا الصينية أي.',
+          value: false
+        }
+      ],
+      2: [
+        {
+          text: 'خطوط من الأدب الروسي العظيم؟ أو رسائل البريد الإلكتروني من بوسي؟',
+          value: false
+        },
+        {
+          text: 'بحث. كل مما ٢٠٠٤ شاسعة العسكري جعل السبب وفرنسا الصينية أي.',
+          value: true
+        },
+        {
+          text: 'فقد لمحاكم الاندونيسية, بلاده بالتوقيع تم يبق. جعل السبب وفرنسا الصينية أي.',
+          value: true
+        }
+      ]
+    },
+    timelines: [
+      {
+        chip: 'جهة أي',
+        color: 'error',
+        icon: 'mdi-briefcase',
+        text: 'قام كل ماذا العصبة اوروبا. أي جورج العالمي أخر, كان تم أطراف القوى استبدال. أسر ميناء تكتيكاً الجديدة، كل. جُل اللا التكاليف بـ, عرفها النزاع لليابان بـ أضف. انتهت المدن الثالث من وقد.وقبل قادة إحتار عن أخر. حين ونتج أخرى قد. بالعمل بالمطالبة فقد قد. عن جنوب ومضى الشتاء.',
+        subtext: 'مدن أن هُزم سكان, مكن.'
+      },
+      {
+        chip: 'جُل حكومة',
+        color: 'success',
+        icon: 'mdi-puzzle',
+        text: 'عل فكانت الثقيلة بلا. شيء بخطوط بالرّغم التبرعات عن, يطول بأيدي لم كلّ. معقل الغالي واتّجه لم وتم, أن الصفحة بالمحور حول, بال مرمى الصفحات قُدُماً و. الأخذ سبتمبر العالم من ذلك. ان يبق شدّت الأبرياء, الى الربيع، والمانيا كل.ودول الأهداف التقليدي عل أضف, كلا يقوم الأخذ الآلاف بل.'
+      },
+      {
+        chip: 'هذا غينيا',
+        color: 'info',
+        icon: 'mdi-fingerprint',
+        text: 'جهة المارق والديون التقليدية في, هو وترك المجتمع بريطانيا ذلك, لمّ ما العالم، اليابان،. ٣٠ فقامت أوروبا مشاركة بعد, ٢٠٠٤ الجو مساعدة ما حدى. في عليها وبحلول معارضة بعض. عن الأرض وبداية العمليات ولم. الجو جديداً الأوروبيّون أم به،. ثم التي نتيجة الآلاف جعل, عن المارق السادس قام. ما أخر فقامت الأجل الشرق،, فصل كل وسوء الأرواح. ثم بعد وشعار بأيدي. قبل وكسبت الغالي الولايات بل, ٣٠ أمّا أخرى لأداء أضف. هو منتصف معزّزة على. بـ أفريقيا التغييرات مما, أثره،.',
+        action: 'info',
+        actionIcon: 'mdi-wrench',
+        actions: [
+          'عمل',
+          'عمل آخر',
+          'شيء آخر هنا'
+        ]
+      }
+    ]
+  }),
+
+  created () {
+    this.$vuetify.rtl = true
+    this.$i18n.locale = 'ar'
+  },
+
+  beforeDestroy () {
+    this.$vuetify.rtl = false
+    this.$i18n.locale = 'en'
+  }
+}
+</script>
diff --git a/web-app/src/admin/views/dashboard/pages/Timeline.vue b/web-app/src/admin/views/dashboard/pages/Timeline.vue
new file mode 100644
index 00000000..c21fe487
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/pages/Timeline.vue
@@ -0,0 +1,134 @@
+<template>
+  <v-container
+    id="timeline"
+    fluid
+    tag="section"
+  >
+    <base-v-component
+      heading="Timelines"
+      link="components/timelines"
+    />
+
+    <v-row>
+      <v-col>
+        <v-timeline align-top>
+          <v-timeline-item
+            v-for="(timeline, i) in timelines"
+            :key="i"
+            :color="timeline.color"
+            :icon="timeline.icon"
+            fill-dot
+            large
+          >
+            <v-card class="pa-6">
+              <v-chip
+                :color="timeline.color"
+                class="overline mb-3"
+                small
+              >
+                {{ timeline.chip }}
+              </v-chip>
+
+              <p
+                class="subtitle-1 font-weight-light"
+                v-text="timeline.text"
+              />
+
+              <div
+                class="text-uppercase body-2"
+                v-text="timeline.subtext"
+              />
+
+              <template v-if="timeline.action">
+                <v-divider class="mb-3" />
+
+                <v-menu
+                  v-model="menu"
+                  bottom
+                  offset-y
+                  origin="top left"
+                  right
+                  transition="scale-transition"
+                >
+                  <template v-slot:activator="{ attrs, on }">
+                    <v-btn
+                      v-bind="attrs"
+                      :color="timeline.action"
+                      large
+                      rounded
+                      v-on="on"
+                    >
+                      <v-icon
+                        left
+                        v-text="timeline.actionIcon"
+                      />
+                      <v-icon right>
+                        {{ menu ? 'mdi-menu-up' : 'mdi-menu-down' }}
+                      </v-icon>
+                    </v-btn>
+                  </template>
+
+                  <v-sheet>
+                    <v-list>
+                      <v-list-item
+                        v-for="a in timeline.actions"
+                        :key="a"
+                        link
+                      >
+                        <v-list-item-title v-text="a" />
+                      </v-list-item>
+                    </v-list>
+                  </v-sheet>
+                </v-menu>
+              </template>
+            </v-card>
+          </v-timeline-item>
+        </v-timeline>
+      </v-col>
+    </v-row>
+  </v-container>
+</template>
+
+<script>
+export default {
+  name: 'DashboardPagesTimeline',
+
+  data: () => ({
+    menu: false,
+    timelines: [
+      {
+        chip: 'Some title',
+        color: 'error',
+        icon: 'mdi-briefcase',
+        text: 'Wifey made the best Father\'s Day meal ever. So thankful so happy so blessed. Thank you for making my family We just had fun with the “future” theme !!! It was a fun night all together ... The always rude Kanye Show at 2am Sold Out Famous viewing @ Figueroa and 12th in downtown.',
+        subtext: '11 hours ago via twitter'
+      },
+      {
+        chip: 'Another one',
+        color: 'success',
+        icon: 'mdi-puzzle',
+        text: 'Thank God for the support of my wife and real friends. I also wanted to point out that it’s the first album to go number 1 off of streaming!!! I love you Ellen and also my number one design rule of anything I do from shoes to music to homes is that Kim has to like it....'
+      },
+      {
+        chip: 'Another title',
+        color: 'info',
+        icon: 'mdi-fingerprint',
+        text: 'Called I Miss the Old Kanye That’s all it was Kanye And I love you like Kanye loves Kanye Famous viewing @ Figueroa and 12th in downtown LA 11:10PM. What if Kanye made a song about Kanye Royère doesn\'t make a Polar bear bed but the Polar bear couch is my favorite piece of furniture we own It wasn’t any Kanyes Set on his goals Kanye',
+        action: 'info',
+        actionIcon: 'mdi-wrench',
+        actions: [
+          'Action',
+          'Another Action',
+          'Something else here'
+        ]
+      },
+      {
+        chip: 'Another one',
+        color: 'warning',
+        icon: 'mdi-airplane-landing',
+        text: 'Tune into Big Boy\'s 92.3 I\'m about to play the first single from Cruel Winter also to Kim’s hair and makeup Lorraine jewelry and the whole style squad at Balmain and the Yeezy team. Thank you Anna for the invite thank you to the whole Vogue team'
+      }
+    ]
+  })
+}
+</script>
diff --git a/web-app/src/admin/views/dashboard/pages/UserProfile.vue b/web-app/src/admin/views/dashboard/pages/UserProfile.vue
new file mode 100644
index 00000000..db08b8c6
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/pages/UserProfile.vue
@@ -0,0 +1,178 @@
+<template>
+  <v-container
+    id="user-profile"
+    fluid
+    tag="section"
+  >
+    <v-row justify="center">
+      <v-col
+        cols="12"
+        md="8"
+      >
+        <base-material-card>
+          <template v-slot:heading>
+            <div class="display-2 font-weight-light">
+              Edit Profile
+            </div>
+
+            <div class="subtitle-1 font-weight-light">
+              Complete your profile
+            </div>
+          </template>
+
+          <v-form>
+            <v-container class="py-0">
+              <v-row>
+                <v-col
+                  cols="12"
+                  md="4"
+                >
+                  <v-text-field
+                    label="Company (disabled)"
+                    disabled
+                  />
+                </v-col>
+
+                <v-col
+                  cols="12"
+                  md="4"
+                >
+                  <v-text-field
+                    class="purple-input"
+                    label="User Name"
+                  />
+                </v-col>
+
+                <v-col
+                  cols="12"
+                  md="4"
+                >
+                  <v-text-field
+                    label="Email Address"
+                    class="purple-input"
+                  />
+                </v-col>
+
+                <v-col
+                  cols="12"
+                  md="6"
+                >
+                  <v-text-field
+                    label="First Name"
+                    class="purple-input"
+                  />
+                </v-col>
+
+                <v-col
+                  cols="12"
+                  md="6"
+                >
+                  <v-text-field
+                    label="Last Name"
+                    class="purple-input"
+                  />
+                </v-col>
+
+                <v-col cols="12">
+                  <v-text-field
+                    label="Adress"
+                    class="purple-input"
+                  />
+                </v-col>
+
+                <v-col
+                  cols="12"
+                  md="4"
+                >
+                  <v-text-field
+                    label="City"
+                    class="purple-input"
+                  />
+                </v-col>
+
+                <v-col
+                  cols="12"
+                  md="4"
+                >
+                  <v-text-field
+                    label="Country"
+                    class="purple-input"
+                  />
+                </v-col>
+
+                <v-col
+                  cols="12"
+                  md="4"
+                >
+                  <v-text-field
+                    class="purple-input"
+                    label="Postal Code"
+                    type="number"
+                  />
+                </v-col>
+
+                <v-col cols="12">
+                  <v-textarea
+                    class="purple-input"
+                    label="About Me"
+                    value="Lorem ipsum dolor sit amet, consectetur adipiscing elit."
+                  />
+                </v-col>
+
+                <v-col
+                  cols="12"
+                  class="text-right"
+                >
+                  <v-btn
+                    color="success"
+                    class="mr-0"
+                  >
+                    Update Profile
+                  </v-btn>
+                </v-col>
+              </v-row>
+            </v-container>
+          </v-form>
+        </base-material-card>
+      </v-col>
+
+      <v-col
+        cols="12"
+        md="4"
+      >
+        <base-material-card
+          class="v-card-profile"
+          avatar="https://demos.creative-tim.com/vue-material-dashboard/img/marc.aba54d65.jpg"
+        >
+          <v-card-text class="text-center">
+            <h6 class="display-1 mb-1 grey--text">
+              CEO / CO-FOUNDER
+            </h6>
+
+            <h4 class="display-2 font-weight-light mb-3 black--text">
+              Alec Thompson
+            </h4>
+
+            <p class="font-weight-light grey--text">
+              Don't be scared of the truth because we need to restart the human foundation in truth And I love you like Kanye loves Kanye I love Rick Owens’ bed design but the back is...
+            </p>
+
+            <v-btn
+              color="success"
+              rounded
+              class="mr-0"
+            >
+              Follow
+            </v-btn>
+          </v-card-text>
+        </base-material-card>
+      </v-col>
+    </v-row>
+  </v-container>
+</template>
+
+<script>
+export default {
+  //
+}
+</script>
diff --git a/web-app/src/admin/views/dashboard/tables/RegularTables.vue b/web-app/src/admin/views/dashboard/tables/RegularTables.vue
new file mode 100644
index 00000000..17928428
--- /dev/null
+++ b/web-app/src/admin/views/dashboard/tables/RegularTables.vue
@@ -0,0 +1,188 @@
+<template>
+  <v-container
+    id="regular-tables"
+    fluid
+    tag="section"
+  >
+    <base-v-component
+      heading="Simple Tables"
+      link="components/simple-tables"
+    />
+
+    <base-material-card
+      icon="mdi-clipboard-text"
+      title="Simple Table"
+      class="px-5 py-3"
+    >
+      <v-simple-table>
+        <thead>
+          <tr>
+            <th class="primary--text">
+              ID
+            </th>
+            <th class="primary--text">
+              Name
+            </th>
+            <th class="primary--text">
+              Country
+            </th>
+            <th class="primary--text">
+              City
+            </th>
+            <th class="text-right primary--text">
+              Salary
+            </th>
+          </tr>
+        </thead>
+
+        <tbody>
+          <tr>
+            <td>1</td>
+            <td>Dakota Rice</td>
+            <td>Niger</td>
+            <td>Oud-Turnhout</td>
+            <td class="text-right">
+              $36,738
+            </td>
+          </tr>
+
+          <tr>
+            <td>2</td>
+            <td>Minverva Hooper</td>
+            <td>Curaçao</td>
+            <td>Sinaas-Waas</td>
+            <td class="text-right">
+              $23,789
+            </td>
+          </tr>
+
+          <tr>
+            <td>3</td>
+            <td>Sage Rodriguez</td>
+            <td>Netherlands</td>
+            <td>Baileux</td>
+            <td class="text-right">
+              $56,142
+            </td>
+          </tr>
+
+          <tr>
+            <td>4</td>
+            <td>Philip Chaney</td>
+            <td>Korea, South</td>
+            <td>Overland Park</td>
+            <td class="text-right">
+              $38,735
+            </td>
+          </tr>
+
+          <tr>
+            <td>5</td>
+            <td>Doris Greene</td>
+            <td>Malawi</td>
+            <td>Feldkirchen in Kärnten</td>
+            <td class="text-right">
+              $63,542
+            </td>
+          </tr>
+
+          <tr>
+            <td>6</td>
+            <td>Mason Porter</td>
+            <td>Chile</td>
+            <td>Gloucester</td>
+            <td class="text-right">
+              $78,615
+            </td>
+          </tr>
+        </tbody>
+      </v-simple-table>
+    </base-material-card>
+
+    <div class="py-3" />
+
+    <base-material-card
+      color="success"
+      dark
+      icon="mdi-clipboard-plus"
+      title="Table on Dark Background"
+      class="px-5 py-3"
+    >
+      <v-simple-table>
+        <thead>
+          <tr>
+            <th>ID</th>
+            <th>Name</th>
+            <th>Country</th>
+            <th>City</th>
+            <th class="text-right">
+              Salary
+            </th>
+          </tr>
+        </thead>
+
+        <tbody>
+          <tr>
+            <td>1</td>
+            <td>Dakota Rice</td>
+            <td>Niger</td>
+            <td>Oud-Turnhout</td>
+            <td class="text-right">
+              $36,738
+            </td>
+          </tr>
+
+          <tr>
+            <td>2</td>
+            <td>Minverva Hooper</td>
+            <td>Curaçao</td>
+            <td>Sinaas-Waas</td>
+            <td class="text-right">
+              $23,789
+            </td>
+          </tr>
+
+          <tr>
+            <td>3</td>
+            <td>Sage Rodriguez</td>
+            <td>Netherlands</td>
+            <td>Baileux</td>
+            <td class="text-right">
+              $56,142
+            </td>
+          </tr>
+
+          <tr>
+            <td>4</td>
+            <td>Philip Chaney</td>
+            <td>Korea, South</td>
+            <td>Overland Park</td>
+            <td class="text-right">
+              $38,735
+            </td>
+          </tr>
+
+          <tr>
+            <td>5</td>
+            <td>Doris Greene</td>
+            <td>Malawi</td>
+            <td>Feldkirchen in Kärnten</td>
+            <td class="text-right">
+              $63,542
+            </td>
+          </tr>
+
+          <tr>
+            <td>6</td>
+            <td>Mason Porter</td>
+            <td>Chile</td>
+            <td>Gloucester</td>
+            <td class="text-right">
+              $78,615
+            </td>
+          </tr>
+        </tbody>
+      </v-simple-table>
+    </base-material-card>
+  </v-container>
+</template>
diff --git a/web-app/src/app.js b/web-app/src/app.js
new file mode 100644
index 00000000..7b9eefae
--- /dev/null
+++ b/web-app/src/app.js
@@ -0,0 +1,67 @@
+// Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+// Do not distribute without the express permission of the author.
+
+import Vue from 'vue'
+import PortalVue from 'portal-vue'
+import vuetify from './admin/plugins/vuetify'
+import 'vuetify/dist/vuetify.min.css'
+import 'material-icons/iconfont/material-icons.scss'
+import '@fortawesome/fontawesome-free/css/all.css'
+import '@mdi/font/css/materialdesignicons.css'
+import 'vue-wysiwyg/dist/vueWysiwyg.css'
+
+import App from './App.vue'
+import router from './router'
+import store from './store'
+import http from './http'
+import * as util from './util'
+import wysiwyg from 'vue-wysiwyg'
+
+import './admin/plugins/base'
+import './admin/plugins/chartist'
+import './admin/plugins/vee-validate'
+import i18n from './admin/i18n'
+import VueMeta from 'vue-meta'
+
+import admin from './admin/module'
+store.registerModule('admin', admin.store)
+admin.addRoutes()
+
+const initializeModule = (module) => {
+  store.registerModule(module.name, module.store)
+  module.addRoutes()
+  store.dispatch(module.name + '/initialize', null, { root: true })
+}
+
+Vue.config.productionTip = false
+Vue.use(PortalVue)
+Vue.use(wysiwyg, {})
+Vue.use(VueMeta)
+Vue.prototype.$http = http
+
+Vue.filter('filesize', (value, unit, digits = 2, minUnit = 'B') => { return util.formatFileSize(value, unit, digits, minUnit) })
+Vue.filter('datetime', util.formatDateTime)
+Vue.filter('date', util.formatDate)
+Vue.filter('timediff', util.formatTimeDiff)
+Vue.filter('remainingtime', util.formatRemainingTime)
+Vue.filter('totitle', util.formatToTitle)
+Vue.filter('currency', util.formatToCurrency)
+
+if (process.env.NODE_ENV === 'development') {
+  var initialize = require('./dev').default
+} else {
+  initialize = require('./prod').default
+}
+
+const createApp = () => {
+  router.onError((e) => { store.commit('serverError', e.message) })
+  return new Vue({
+    router,
+    store,
+    vuetify,
+    i18n,
+    render: h => h(App)
+  })
+}
+
+export { createApp, initialize, initializeModule }
diff --git a/web-app/src/assets/App_Store.svg b/web-app/src/assets/App_Store.svg
new file mode 100644
index 00000000..072b425a
--- /dev/null
+++ b/web-app/src/assets/App_Store.svg
@@ -0,0 +1,46 @@
+<svg id="livetype" xmlns="http://www.w3.org/2000/svg" width="119.66407" height="40" viewBox="0 0 119.66407 40">
+  <title>Download_on_the_App_Store_Badge_US-UK_RGB_blk_4SVG_092917</title>
+  <g>
+    <g>
+      <g>
+        <path d="M110.13477,0H9.53468c-.3667,0-.729,0-1.09473.002-.30615.002-.60986.00781-.91895.0127A13.21476,13.21476,0,0,0,5.5171.19141a6.66509,6.66509,0,0,0-1.90088.627A6.43779,6.43779,0,0,0,1.99757,1.99707,6.25844,6.25844,0,0,0,.81935,3.61816a6.60119,6.60119,0,0,0-.625,1.90332,12.993,12.993,0,0,0-.1792,2.002C.00587,7.83008.00489,8.1377,0,8.44434V31.5586c.00489.3105.00587.6113.01515.9219a12.99232,12.99232,0,0,0,.1792,2.0019,6.58756,6.58756,0,0,0,.625,1.9043A6.20778,6.20778,0,0,0,1.99757,38.001a6.27445,6.27445,0,0,0,1.61865,1.1787,6.70082,6.70082,0,0,0,1.90088.6308,13.45514,13.45514,0,0,0,2.0039.1768c.30909.0068.6128.0107.91895.0107C8.80567,40,9.168,40,9.53468,40H110.13477c.3594,0,.7246,0,1.084-.002.3047,0,.6172-.0039.9219-.0107a13.279,13.279,0,0,0,2-.1768,6.80432,6.80432,0,0,0,1.9082-.6308,6.27742,6.27742,0,0,0,1.6172-1.1787,6.39482,6.39482,0,0,0,1.1816-1.6143,6.60413,6.60413,0,0,0,.6191-1.9043,13.50643,13.50643,0,0,0,.1856-2.0019c.0039-.3106.0039-.6114.0039-.9219.0078-.3633.0078-.7246.0078-1.0938V9.53613c0-.36621,0-.72949-.0078-1.09179,0-.30664,0-.61426-.0039-.9209a13.5071,13.5071,0,0,0-.1856-2.002,6.6177,6.6177,0,0,0-.6191-1.90332,6.46619,6.46619,0,0,0-2.7988-2.7998,6.76754,6.76754,0,0,0-1.9082-.627,13.04394,13.04394,0,0,0-2-.17676c-.3047-.00488-.6172-.01074-.9219-.01269-.3594-.002-.7246-.002-1.084-.002Z" style="fill: #a6a6a6"/>
+        <path d="M8.44483,39.125c-.30468,0-.602-.0039-.90429-.0107a12.68714,12.68714,0,0,1-1.86914-.1631,5.88381,5.88381,0,0,1-1.65674-.5479,5.40573,5.40573,0,0,1-1.397-1.0166,5.32082,5.32082,0,0,1-1.02051-1.3965,5.72186,5.72186,0,0,1-.543-1.6572,12.41351,12.41351,0,0,1-.1665-1.875c-.00634-.2109-.01464-.9131-.01464-.9131V8.44434S.88185,7.75293.8877,7.5498a12.37039,12.37039,0,0,1,.16553-1.87207,5.7555,5.7555,0,0,1,.54346-1.6621A5.37349,5.37349,0,0,1,2.61183,2.61768,5.56543,5.56543,0,0,1,4.01417,1.59521a5.82309,5.82309,0,0,1,1.65332-.54394A12.58589,12.58589,0,0,1,7.543.88721L8.44532.875H111.21387l.9131.0127a12.38493,12.38493,0,0,1,1.8584.16259,5.93833,5.93833,0,0,1,1.6709.54785,5.59374,5.59374,0,0,1,2.415,2.41993,5.76267,5.76267,0,0,1,.5352,1.64892,12.995,12.995,0,0,1,.1738,1.88721c.0029.2832.0029.5874.0029.89014.0079.375.0079.73193.0079,1.09179V30.4648c0,.3633,0,.7178-.0079,1.0752,0,.3252,0,.6231-.0039.9297a12.73126,12.73126,0,0,1-.1709,1.8535,5.739,5.739,0,0,1-.54,1.67,5.48029,5.48029,0,0,1-1.0156,1.3857,5.4129,5.4129,0,0,1-1.3994,1.0225,5.86168,5.86168,0,0,1-1.668.5498,12.54218,12.54218,0,0,1-1.8692.1631c-.2929.0068-.5996.0107-.8974.0107l-1.084.002Z"/>
+      </g>
+      <g id="_Group_" data-name="&lt;Group&gt;">
+        <g id="_Group_2" data-name="&lt;Group&gt;">
+          <g id="_Group_3" data-name="&lt;Group&gt;">
+            <path id="_Path_" data-name="&lt;Path&gt;" d="M24.76888,20.30068a4.94881,4.94881,0,0,1,2.35656-4.15206,5.06566,5.06566,0,0,0-3.99116-2.15768c-1.67924-.17626-3.30719,1.00483-4.1629,1.00483-.87227,0-2.18977-.98733-3.6085-.95814a5.31529,5.31529,0,0,0-4.47292,2.72787c-1.934,3.34842-.49141,8.26947,1.3612,10.97608.9269,1.32535,2.01018,2.8058,3.42763,2.7533,1.38706-.05753,1.9051-.88448,3.5794-.88448,1.65876,0,2.14479.88448,3.591.8511,1.48838-.02416,2.42613-1.33124,3.32051-2.66914a10.962,10.962,0,0,0,1.51842-3.09251A4.78205,4.78205,0,0,1,24.76888,20.30068Z" style="fill: #fff"/>
+            <path id="_Path_2" data-name="&lt;Path&gt;" d="M22.03725,12.21089a4.87248,4.87248,0,0,0,1.11452-3.49062,4.95746,4.95746,0,0,0-3.20758,1.65961,4.63634,4.63634,0,0,0-1.14371,3.36139A4.09905,4.09905,0,0,0,22.03725,12.21089Z" style="fill: #fff"/>
+          </g>
+        </g>
+        <g>
+          <path d="M42.30227,27.13965h-4.7334l-1.13672,3.35645H34.42727l4.4834-12.418h2.083l4.4834,12.418H43.438ZM38.0591,25.59082h3.752l-1.84961-5.44727h-.05176Z" style="fill: #fff"/>
+          <path d="M55.15969,25.96973c0,2.81348-1.50586,4.62109-3.77832,4.62109a3.0693,3.0693,0,0,1-2.84863-1.584h-.043v4.48438h-1.8584V21.44238H48.4302v1.50586h.03418a3.21162,3.21162,0,0,1,2.88281-1.60059C53.645,21.34766,55.15969,23.16406,55.15969,25.96973Zm-1.91016,0c0-1.833-.94727-3.03809-2.39258-3.03809-1.41992,0-2.375,1.23047-2.375,3.03809,0,1.82422.95508,3.0459,2.375,3.0459C52.30227,29.01563,53.24953,27.81934,53.24953,25.96973Z" style="fill: #fff"/>
+          <path d="M65.12453,25.96973c0,2.81348-1.50586,4.62109-3.77832,4.62109a3.0693,3.0693,0,0,1-2.84863-1.584h-.043v4.48438h-1.8584V21.44238H58.395v1.50586h.03418A3.21162,3.21162,0,0,1,61.312,21.34766C63.60988,21.34766,65.12453,23.16406,65.12453,25.96973Zm-1.91016,0c0-1.833-.94727-3.03809-2.39258-3.03809-1.41992,0-2.375,1.23047-2.375,3.03809,0,1.82422.95508,3.0459,2.375,3.0459C62.26711,29.01563,63.21438,27.81934,63.21438,25.96973Z" style="fill: #fff"/>
+          <path d="M71.71047,27.03613c.1377,1.23145,1.334,2.04,2.96875,2.04,1.56641,0,2.69336-.80859,2.69336-1.91895,0-.96387-.67969-1.541-2.28906-1.93652l-1.60937-.3877c-2.28027-.55078-3.33887-1.61719-3.33887-3.34766,0-2.14258,1.86719-3.61426,4.51855-3.61426,2.624,0,4.42285,1.47168,4.4834,3.61426h-1.876c-.1123-1.23926-1.13672-1.9873-2.63379-1.9873s-2.52148.75684-2.52148,1.8584c0,.87793.6543,1.39453,2.25488,1.79l1.36816.33594c2.54785.60254,3.60645,1.626,3.60645,3.44238,0,2.32324-1.85059,3.77832-4.79395,3.77832-2.75391,0-4.61328-1.4209-4.7334-3.667Z" style="fill: #fff"/>
+          <path d="M83.34621,19.2998v2.14258h1.72168v1.47168H83.34621v4.99121c0,.77539.34473,1.13672,1.10156,1.13672a5.80752,5.80752,0,0,0,.61133-.043v1.46289a5.10351,5.10351,0,0,1-1.03223.08594c-1.833,0-2.54785-.68848-2.54785-2.44434V22.91406H80.16262V21.44238H81.479V19.2998Z" style="fill: #fff"/>
+          <path d="M86.065,25.96973c0-2.84863,1.67773-4.63867,4.29395-4.63867,2.625,0,4.29492,1.79,4.29492,4.63867,0,2.85645-1.66113,4.63867-4.29492,4.63867C87.72609,30.6084,86.065,28.82617,86.065,25.96973Zm6.69531,0c0-1.9541-.89551-3.10742-2.40137-3.10742s-2.40039,1.16211-2.40039,3.10742c0,1.96191.89453,3.10645,2.40039,3.10645S92.76027,27.93164,92.76027,25.96973Z" style="fill: #fff"/>
+          <path d="M96.18606,21.44238h1.77246v1.541h.043a2.1594,2.1594,0,0,1,2.17773-1.63574,2.86616,2.86616,0,0,1,.63672.06934v1.73828a2.59794,2.59794,0,0,0-.835-.1123,1.87264,1.87264,0,0,0-1.93652,2.083v5.37012h-1.8584Z" style="fill: #fff"/>
+          <path d="M109.3843,27.83691c-.25,1.64355-1.85059,2.77148-3.89844,2.77148-2.63379,0-4.26855-1.76465-4.26855-4.5957,0-2.83984,1.64355-4.68164,4.19043-4.68164,2.50488,0,4.08008,1.7207,4.08008,4.46582v.63672h-6.39453v.1123a2.358,2.358,0,0,0,2.43555,2.56445,2.04834,2.04834,0,0,0,2.09082-1.27344Zm-6.28223-2.70215h4.52637a2.1773,2.1773,0,0,0-2.2207-2.29785A2.292,2.292,0,0,0,103.10207,25.13477Z" style="fill: #fff"/>
+        </g>
+      </g>
+    </g>
+    <g id="_Group_4" data-name="&lt;Group&gt;">
+      <g>
+        <path d="M37.82619,8.731a2.63964,2.63964,0,0,1,2.80762,2.96484c0,1.90625-1.03027,3.002-2.80762,3.002H35.67092V8.731Zm-1.22852,5.123h1.125a1.87588,1.87588,0,0,0,1.96777-2.146,1.881,1.881,0,0,0-1.96777-2.13379h-1.125Z" style="fill: #fff"/>
+        <path d="M41.68068,12.44434a2.13323,2.13323,0,1,1,4.24707,0,2.13358,2.13358,0,1,1-4.24707,0Zm3.333,0c0-.97607-.43848-1.54687-1.208-1.54687-.77246,0-1.207.5708-1.207,1.54688,0,.98389.43457,1.55029,1.207,1.55029C44.57522,13.99463,45.01369,13.42432,45.01369,12.44434Z" style="fill: #fff"/>
+        <path d="M51.57326,14.69775h-.92187l-.93066-3.31641h-.07031l-.92676,3.31641h-.91309l-1.24121-4.50293h.90137l.80664,3.436h.06641l.92578-3.436h.85254l.92578,3.436h.07031l.80273-3.436h.88867Z" style="fill: #fff"/>
+        <path d="M53.85354,10.19482H54.709v.71533h.06641a1.348,1.348,0,0,1,1.34375-.80225,1.46456,1.46456,0,0,1,1.55859,1.6748v2.915h-.88867V12.00586c0-.72363-.31445-1.0835-.97168-1.0835a1.03294,1.03294,0,0,0-1.0752,1.14111v2.63428h-.88867Z" style="fill: #fff"/>
+        <path d="M59.09377,8.437h.88867v6.26074h-.88867Z" style="fill: #fff"/>
+        <path d="M61.21779,12.44434a2.13346,2.13346,0,1,1,4.24756,0,2.1338,2.1338,0,1,1-4.24756,0Zm3.333,0c0-.97607-.43848-1.54687-1.208-1.54687-.77246,0-1.207.5708-1.207,1.54688,0,.98389.43457,1.55029,1.207,1.55029C64.11232,13.99463,64.5508,13.42432,64.5508,12.44434Z" style="fill: #fff"/>
+        <path d="M66.4009,13.42432c0-.81055.60352-1.27783,1.6748-1.34424l1.21973-.07031v-.38867c0-.47559-.31445-.74414-.92187-.74414-.49609,0-.83984.18213-.93848.50049h-.86035c.09082-.77344.81836-1.26953,1.83984-1.26953,1.12891,0,1.76563.562,1.76563,1.51318v3.07666h-.85547v-.63281h-.07031a1.515,1.515,0,0,1-1.35254.707A1.36026,1.36026,0,0,1,66.4009,13.42432Zm2.89453-.38477v-.37646l-1.09961.07031c-.62012.0415-.90137.25244-.90137.64941,0,.40527.35156.64111.835.64111A1.0615,1.0615,0,0,0,69.29543,13.03955Z" style="fill: #fff"/>
+        <path d="M71.34816,12.44434c0-1.42285.73145-2.32422,1.86914-2.32422a1.484,1.484,0,0,1,1.38086.79h.06641V8.437h.88867v6.26074h-.85156v-.71143h-.07031a1.56284,1.56284,0,0,1-1.41406.78564C72.0718,14.772,71.34816,13.87061,71.34816,12.44434Zm.918,0c0,.95508.4502,1.52979,1.20313,1.52979.749,0,1.21191-.583,1.21191-1.52588,0-.93848-.46777-1.52979-1.21191-1.52979C72.72121,10.91846,72.26613,11.49707,72.26613,12.44434Z" style="fill: #fff"/>
+        <path d="M79.23,12.44434a2.13323,2.13323,0,1,1,4.24707,0,2.13358,2.13358,0,1,1-4.24707,0Zm3.333,0c0-.97607-.43848-1.54687-1.208-1.54687-.77246,0-1.207.5708-1.207,1.54688,0,.98389.43457,1.55029,1.207,1.55029C82.12453,13.99463,82.563,13.42432,82.563,12.44434Z" style="fill: #fff"/>
+        <path d="M84.66945,10.19482h.85547v.71533h.06641a1.348,1.348,0,0,1,1.34375-.80225,1.46456,1.46456,0,0,1,1.55859,1.6748v2.915H87.605V12.00586c0-.72363-.31445-1.0835-.97168-1.0835a1.03294,1.03294,0,0,0-1.0752,1.14111v2.63428h-.88867Z" style="fill: #fff"/>
+        <path d="M93.51516,9.07373v1.1416h.97559v.74854h-.97559V13.2793c0,.47168.19434.67822.63672.67822a2.96657,2.96657,0,0,0,.33887-.02051v.74023a2.9155,2.9155,0,0,1-.4834.04541c-.98828,0-1.38184-.34766-1.38184-1.21582v-2.543h-.71484v-.74854h.71484V9.07373Z" style="fill: #fff"/>
+        <path d="M95.70461,8.437h.88086v2.48145h.07031a1.3856,1.3856,0,0,1,1.373-.80664,1.48339,1.48339,0,0,1,1.55078,1.67871v2.90723H98.69v-2.688c0-.71924-.335-1.0835-.96289-1.0835a1.05194,1.05194,0,0,0-1.13379,1.1416v2.62988h-.88867Z" style="fill: #fff"/>
+        <path d="M104.76125,13.48193a1.828,1.828,0,0,1-1.95117,1.30273A2.04531,2.04531,0,0,1,100.73,12.46045a2.07685,2.07685,0,0,1,2.07617-2.35254c1.25293,0,2.00879.856,2.00879,2.27V12.688h-3.17969v.0498a1.1902,1.1902,0,0,0,1.19922,1.29,1.07934,1.07934,0,0,0,1.07129-.5459Zm-3.126-1.45117h2.27441a1.08647,1.08647,0,0,0-1.1084-1.1665A1.15162,1.15162,0,0,0,101.63527,12.03076Z" style="fill: #fff"/>
+      </g>
+    </g>
+  </g>
+</svg>
diff --git a/web-app/src/assets/bg_grid.svg b/web-app/src/assets/bg_grid.svg
new file mode 100644
index 00000000..fcbeb931
--- /dev/null
+++ b/web-app/src/assets/bg_grid.svg
@@ -0,0 +1,91 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Generator: Adobe Illustrator 16.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+
+<svg
+   xmlns:dc="http://purl.org/dc/elements/1.1/"
+   xmlns:cc="http://creativecommons.org/ns#"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   version="1.1"
+   id="Layer_1"
+   x="0px"
+   y="0px"
+   width="700"
+   height="400"
+   viewBox="0 0 700 400.00001"
+   enable-background="new 0 0 338.595 184.111"
+   xml:space="preserve"
+   sodipodi:docname="bg_overlay.svg"
+   inkscape:version="0.92.3 (2405546, 2018-03-11)"><metadata
+   id="metadata97"><rdf:RDF><cc:Work
+       rdf:about=""><dc:format>image/svg+xml</dc:format><dc:type
+         rdf:resource="http://purl.org/dc/dcmitype/StillImage" /><dc:title /></cc:Work></rdf:RDF></metadata><defs
+   id="defs95" /><sodipodi:namedview
+   pagecolor="#ffffff"
+   bordercolor="#666666"
+   borderopacity="1"
+   objecttolerance="10"
+   gridtolerance="10"
+   guidetolerance="10"
+   inkscape:pageopacity="0"
+   inkscape:pageshadow="2"
+   inkscape:window-width="3114"
+   inkscape:window-height="1722"
+   id="namedview93"
+   showgrid="false"
+   inkscape:zoom="2.4139538"
+   inkscape:cx="294.42027"
+   inkscape:cy="98.49512"
+   inkscape:window-x="726"
+   inkscape:window-y="366"
+   inkscape:window-maximized="0"
+   inkscape:current-layer="Layer_1" />
+
+
+
+
+
+
+
+
+
+<path
+   inkscape:connector-curvature="0"
+   id="use872"
+   d="M 100.25001,0 V 400"
+   style="fill:none;stroke:#ffffff;stroke-width:0.50001317;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:0.05882353" /><path
+   style="fill:none;stroke:#ffffff;stroke-width:0.50001317;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:0.05882353"
+   d="M 200.25001,0 V 400"
+   id="path888"
+   inkscape:connector-curvature="0" /><path
+   inkscape:connector-curvature="0"
+   id="path890"
+   d="M 300.25001,0 V 400"
+   style="fill:none;stroke:#ffffff;stroke-width:0.50001317;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:0.05882353" /><path
+   style="fill:none;stroke:#ffffff;stroke-width:0.50001317;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:0.05882353"
+   d="M 400.25001,0 V 400"
+   id="path892"
+   inkscape:connector-curvature="0" /><path
+   inkscape:connector-curvature="0"
+   id="path894"
+   d="M 500.25001,0 V 400"
+   style="fill:none;stroke:#ffffff;stroke-width:0.50001317;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:0.05882353" /><path
+   style="fill:none;stroke:#ffffff;stroke-width:0.50001317;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:0.05882353"
+   d="M 600.25001,0 V 400"
+   id="path896"
+   inkscape:connector-curvature="0" /><path
+   style="fill:none;stroke:#ffffff;stroke-width:0.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:0.05882353"
+   d="M 700,299.75 H 0"
+   id="path898"
+   inkscape:connector-curvature="0" /><path
+   inkscape:connector-curvature="0"
+   id="path900"
+   d="M 700,199.75 H 0"
+   style="fill:none;stroke:#ffffff;stroke-width:0.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:0.05882353" /><path
+   style="fill:none;stroke:#ffffff;stroke-width:0.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:0.05882353"
+   d="M 700,99.75 H 0"
+   id="path902"
+   inkscape:connector-curvature="0" /></svg>
\ No newline at end of file
diff --git a/web-app/src/assets/favicon.png b/web-app/src/assets/favicon.png
new file mode 100644
index 00000000..5204da91
Binary files /dev/null and b/web-app/src/assets/favicon.png differ
diff --git a/web-app/src/assets/img1.png b/web-app/src/assets/img1.png
new file mode 100644
index 00000000..8f9fcf3d
Binary files /dev/null and b/web-app/src/assets/img1.png differ
diff --git a/web-app/src/assets/img2.jpg b/web-app/src/assets/img2.jpg
new file mode 100644
index 00000000..160ed354
Binary files /dev/null and b/web-app/src/assets/img2.jpg differ
diff --git a/web-app/src/assets/img3.svg b/web-app/src/assets/img3.svg
new file mode 100644
index 00000000..c296b7b3
--- /dev/null
+++ b/web-app/src/assets/img3.svg
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Generator: Adobe Illustrator 16.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
+<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
+	 width="125.178px" height="114.667px" viewBox="0 0 125.178 114.667" enable-background="new 0 0 125.178 114.667"
+	 xml:space="preserve">
+<g>
+	<g>
+		<path fill="#FFC80F" d="M60.921,95.213c-8.506,0-15.403-2.301-15.403-5.134c0-1.55,0-3.245,0-5.136
+			c0-0.446,0.223-0.869,0.544-1.283c1.717,2.211,7.689,3.85,14.859,3.85c7.171,0,13.144-1.639,14.862-3.85
+			c0.32,0.414,0.543,0.837,0.543,1.283c0,1.487,0,3.064,0,5.136C76.326,92.913,69.426,95.213,60.921,95.213z"/>
+		<path fill="#27B899" d="M60.921,84.944c-8.506,0-15.403-2.302-15.403-5.135c0-1.551,0-3.242,0-5.134
+			c0-0.272,0.103-0.538,0.241-0.8l0,0c0.077-0.164,0.181-0.326,0.303-0.484c1.717,2.209,7.689,3.852,14.859,3.852
+			c7.171,0,13.144-1.643,14.862-3.852c0.122,0.158,0.227,0.32,0.303,0.484l0,0c0.139,0.262,0.24,0.527,0.24,0.8
+			c0,1.487,0,3.062,0,5.134C76.326,82.642,69.426,84.944,60.921,84.944z"/>
+		<g>
+			<path fill="#2D4470" d="M60.921,59.27c-8.506,0-15.403,2.301-15.403,5.134c0,0.904,0,1.752,0,2.567c0,0.898,0,1.758,0,2.568
+				c0,2.834,6.897,5.136,15.403,5.136c8.505,0,15.405-2.302,15.405-5.136c0-0.953,0-1.782,0-2.568c0-0.916,0-1.767,0-2.567
+				C76.326,61.571,69.426,59.27,60.921,59.27z M60.921,66.971c-5.671,0-10.269-1.146-10.269-2.567c0-1.419,4.598-2.567,10.269-2.567
+				c5.672,0,10.271,1.148,10.271,2.567C71.191,65.825,66.593,66.971,60.921,66.971z"/>
+		</g>
+	</g>
+	<g>
+		<g>
+			<path fill="none" stroke="#2C4168" stroke-miterlimit="10" d="M60.921,80.882c-17.614,0-22.701-7.491-22.701-18.193V54.74
+				c0,0,0-27.721,0-32.058"/>
+			<path fill="none" stroke="#2C4168" stroke-miterlimit="10" d="M60.921,91.882c19.481,0,22.704-6.485,22.704-23.67V27.36
+				c0,0,0-0.341,0-4.678"/>
+			<path fill="#FFC80F" d="M86.848,71.539c0.051-1.78-1.342-3.271-3.131-3.324c-1.773-0.053-3.264,1.349-3.314,3.127
+				c-0.057,1.777,1.346,3.265,3.123,3.327C85.305,74.715,86.793,73.318,86.848,71.539z"/>
+			<path fill="#27B899" d="M41.442,22.78c0.053-1.78-1.343-3.272-3.131-3.325c-1.773-0.053-3.263,1.351-3.313,3.126
+				c-0.057,1.78,1.347,3.268,3.122,3.328C39.9,25.958,41.39,24.56,41.442,22.78z"/>
+			<path fill="#27B899" d="M41.442,52.974c0.053-1.779-1.343-3.271-3.131-3.323c-1.773-0.053-3.263,1.349-3.313,3.126
+				c-0.057,1.778,1.347,3.266,3.122,3.328C39.9,56.152,41.39,54.754,41.442,52.974z"/>
+			<path fill="#FFC80F" d="M86.847,43.56c0.053-1.78-1.342-3.272-3.13-3.325c-1.774-0.053-3.263,1.351-3.313,3.126
+				c-0.057,1.78,1.346,3.268,3.122,3.328C85.304,46.738,86.794,45.34,86.847,43.56z"/>
+		</g>
+	</g>
+</g>
+</svg>
diff --git a/web-app/src/assets/img4.svg b/web-app/src/assets/img4.svg
new file mode 100644
index 00000000..d987a921
--- /dev/null
+++ b/web-app/src/assets/img4.svg
@@ -0,0 +1,34 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Generator: Adobe Illustrator 16.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
+<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
+	 width="125.178px" height="114.667px" viewBox="0 0 125.178 114.667" enable-background="new 0 0 125.178 114.667"
+	 xml:space="preserve">
+<g>
+	<g>
+		<line fill="none" stroke="#2C4168" stroke-miterlimit="10" x1="23.337" y1="57.334" x2="102.841" y2="57.334"/>
+		<path fill="none" stroke="#2C4168" stroke-miterlimit="10" d="M81.729,57.334c-13.79,0-5.815,22.701-23,22.701h-7.948
+			c0,0-27.722,0-32.059,0"/>
+		<path fill="none" stroke="#2C4168" stroke-miterlimit="10" d="M54.35,57.334c-13.79,0-5.815-22.704-23-22.704H23.4
+			c0,0-0.341,0-4.678,0"/>
+		<path fill="#FFC80F" d="M18.82,54.11c-1.779-0.051-3.272,1.343-3.325,3.131c-0.053,1.773,1.351,3.265,3.126,3.315
+			c1.78,0.057,3.268-1.347,3.328-3.124C21.998,55.653,20.601,54.165,18.82,54.11z"/>
+		<path fill="#FFC80F" d="M64.351,54.11c-1.78-0.051-3.271,1.343-3.323,3.131c-0.053,1.773,1.348,3.265,3.126,3.315
+			c1.778,0.057,3.265-1.347,3.327-3.124C67.527,55.653,66.131,54.165,64.351,54.11z"/>
+		<path fill="#27B899" d="M18.82,76.813c-1.779-0.053-3.272,1.343-3.325,3.131c-0.053,1.773,1.351,3.263,3.126,3.313
+			c1.78,0.057,3.268-1.347,3.328-3.122C21.998,78.355,20.601,76.866,18.82,76.813z"/>
+		<path fill="#27B899" d="M55.805,76.813c-1.78-0.053-3.271,1.343-3.324,3.131c-0.053,1.773,1.349,3.263,3.127,3.313
+			c1.777,0.057,3.265-1.347,3.327-3.122C58.981,78.355,57.584,76.866,55.805,76.813z"/>
+		<path fill="#FFC80F" d="M18.82,31.409c-1.779-0.053-3.272,1.342-3.325,3.13c-0.053,1.774,1.351,3.263,3.126,3.313
+			c1.78,0.057,3.268-1.346,3.328-3.122C21.998,32.952,20.601,31.461,18.82,31.409z"/>
+		<path fill="#FFC80F" d="M103.045,50.5c-3.773-0.109-6.936,2.846-7.045,6.639c-0.113,3.76,2.861,6.916,6.628,7.025
+			c3.772,0.121,6.921-2.855,7.054-6.622C109.783,53.772,106.82,50.614,103.045,50.5z"/>
+		<path fill="#27B899" d="M102.937,54.11c-1.782-0.051-3.275,1.343-3.325,3.131c-0.051,1.773,1.35,3.265,3.126,3.315
+			c1.78,0.057,3.267-1.347,3.329-3.124C106.113,55.653,104.717,54.165,102.937,54.11z"/>
+		<g>
+			<polygon fill="#2C4168" points="21.383,46.467 18.881,48.965 17.273,47.355 16.506,48.122 18.879,50.499 21.383,48.002 
+				22.929,46.459 23.744,45.643 22.979,44.876 22.931,44.925 			"/>
+		</g>
+	</g>
+</g>
+</svg>
diff --git a/web-app/src/assets/img5.svg b/web-app/src/assets/img5.svg
new file mode 100644
index 00000000..f18ab497
--- /dev/null
+++ b/web-app/src/assets/img5.svg
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Generator: Adobe Illustrator 16.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
+<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
+	 width="125.178px" height="114.667px" viewBox="0 0 125.178 114.667" enable-background="new 0 0 125.178 114.667"
+	 xml:space="preserve">
+<g>
+	<g>
+		<g>
+			<rect x="53.515" y="85.95" fill="#2D4470" width="7.829" height="0.418"/>
+			<path fill="#2D4470" d="M91.335,85.447c0-0.021-0.004-0.044-0.014-0.063c-0.004-0.017-0.011-0.027-0.017-0.033l-0.004-0.003
+				c-0.017-0.023-0.042-0.047-0.077-0.073l-6.692-4.697c-0.325-0.228-1.877-0.409-3.476-0.409h0.553
+				c0.957,0,1.732-0.775,1.732-1.732V49.622c0-0.955-0.775-1.729-1.732-1.729H33.566c-0.957,0-1.731,0.774-1.731,1.729v28.813
+				c0,0.957,0.774,1.732,1.731,1.732h0.556c-1.597,0-3.151,0.182-3.48,0.409l-6.688,4.697c-0.045,0.031-0.074,0.063-0.09,0.093
+				l-0.028,0.015c-0.087,0.062-0.006,1.057,0.001,1.112c0.031,0.286,1.203,0.498,2.954,0.498h61.593
+				c1.768,0,2.947-0.217,2.956-0.507C91.341,86.441,91.372,85.716,91.335,85.447z M33.611,78.335V49.723h47.825v28.612H33.611z
+				 M47.534,84.987l1.997-1.877c0.101-0.089,0.565-0.164,1.042-0.164h14.029c0.477,0,0.943,0.075,1.039,0.164l1.998,1.877
+				c0.157,0.148-0.219,0.271-0.848,0.271H48.383C47.755,85.257,47.378,85.135,47.534,84.987z M53.515,86.368V85.95h7.829v0.418
+				H53.515z"/>
+		</g>
+		<g>
+			<path fill="#2D4470" d="M65.853,65.328c0,0.033-0.003,0.056-0.01,0.068c-0.418,1.751-1.293,3.169-2.625,4.257
+				c-1.332,1.087-2.893,1.631-4.682,1.631c-0.954,0-1.877-0.18-2.768-0.539c-0.892-0.359-1.687-0.871-2.385-1.538L52.12,70.47
+				c-0.125,0.124-0.271,0.187-0.441,0.187s-0.316-0.062-0.441-0.187c-0.123-0.124-0.186-0.271-0.186-0.44v-4.389
+				c0-0.17,0.062-0.316,0.186-0.44c0.125-0.124,0.271-0.187,0.441-0.187h4.389c0.17,0,0.316,0.062,0.44,0.187
+				s0.187,0.271,0.187,0.44s-0.062,0.317-0.187,0.441l-1.342,1.342c0.464,0.431,0.989,0.764,1.577,0.999s1.198,0.353,1.832,0.353
+				c0.875,0,1.691-0.212,2.448-0.637c0.758-0.425,1.365-1.009,1.822-1.753c0.071-0.111,0.245-0.493,0.519-1.146
+				c0.053-0.15,0.15-0.226,0.295-0.226h1.881c0.084,0,0.158,0.031,0.22,0.094C65.821,65.169,65.853,65.243,65.853,65.328z
+				 M66.098,57.492v4.388c0,0.17-0.062,0.317-0.187,0.441c-0.123,0.124-0.271,0.186-0.44,0.186h-4.388
+				c-0.17,0-0.317-0.062-0.441-0.186s-0.186-0.271-0.186-0.441c0-0.169,0.062-0.316,0.186-0.44l1.352-1.352
+				c-0.967-0.895-2.105-1.342-3.418-1.342c-0.875,0-1.691,0.212-2.449,0.637c-0.758,0.424-1.365,1.009-1.822,1.753
+				c-0.072,0.111-0.244,0.493-0.52,1.146c-0.052,0.15-0.15,0.225-0.293,0.225h-1.949c-0.086,0-0.158-0.03-0.221-0.093
+				c-0.062-0.062-0.094-0.136-0.094-0.221v-0.068c0.425-1.75,1.307-3.169,2.646-4.256c1.339-1.088,2.905-1.631,4.702-1.631
+				c0.953,0,1.881,0.181,2.781,0.543c0.901,0.363,1.701,0.874,2.4,1.533l1.273-1.264c0.124-0.124,0.271-0.186,0.44-0.186
+				s0.317,0.062,0.44,0.186C66.036,57.174,66.098,57.322,66.098,57.492z"/>
+		</g>
+	</g>
+	<g>
+		<g>
+			<path fill="#2D4470" d="M27.078,35.35H14.013c-0.805,0-1.459,0.653-1.459,1.458v26.227c0,0.805,0.654,1.457,1.459,1.457h13.065
+				c0.805,0,1.458-0.652,1.458-1.457V36.808C28.536,36.003,27.883,35.35,27.078,35.35z M20.546,63.537
+				c-0.571,0-1.033-0.463-1.033-1.037c0-0.569,0.462-1.032,1.033-1.032c0.57,0,1.033,0.463,1.033,1.032
+				C21.579,63.074,21.116,63.537,20.546,63.537z M27.593,60.725H13.499V37.167h14.094V60.725z"/>
+		</g>
+		<path fill="#FFC80F" d="M20.656,45.779c-2.034-0.059-3.737,1.532-3.796,3.574c-0.061,2.025,1.542,3.727,3.57,3.784
+			c2.03,0.065,3.728-1.537,3.798-3.565C24.284,47.541,22.688,45.84,20.656,45.779z"/>
+		<path fill="#FFC80F" d="M42.472,60.813c-2.035-0.059-3.738,1.532-3.796,3.574c-0.061,2.025,1.542,3.727,3.569,3.784
+			c2.031,0.065,3.729-1.537,3.799-3.565C46.099,62.575,44.504,60.875,42.472,60.813z"/>
+	</g>
+	<g>
+		<path fill="#2D4470" d="M86.413,29.073v31.022c0,0.771,0.627,1.396,1.398,1.396h23.414c0.771,0,1.398-0.625,1.398-1.396V29.073
+			c0-0.771-0.627-1.398-1.398-1.398H87.812C87.04,27.674,86.413,28.301,86.413,29.073z M88.317,29.705h22.4v29.661h-22.4V29.705z"/>
+	</g>
+	<path fill="#27B899" d="M96.218,44.694c-0.059-2.033,1.531-3.736,3.574-3.795c2.025-0.061,3.727,1.541,3.783,3.569
+		c0.066,2.03-1.537,3.728-3.564,3.798C97.979,48.322,96.278,46.727,96.218,44.694z"/>
+	<path fill="#27B899" d="M73.679,60.813c2.033-0.059,3.736,1.532,3.795,3.574c0.061,2.025-1.541,3.727-3.569,3.784
+		c-2.03,0.065-3.728-1.537-3.798-3.565C70.051,62.575,71.646,60.875,73.679,60.813z"/>
+</g>
+</svg>
diff --git a/web-app/src/assets/img6.png b/web-app/src/assets/img6.png
new file mode 100644
index 00000000..a6a36bec
Binary files /dev/null and b/web-app/src/assets/img6.png differ
diff --git a/web-app/src/assets/img7.svg b/web-app/src/assets/img7.svg
new file mode 100644
index 00000000..8445139e
--- /dev/null
+++ b/web-app/src/assets/img7.svg
@@ -0,0 +1,312 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Generator: Adobe Illustrator 16.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+
+<svg
+   xmlns:dc="http://purl.org/dc/elements/1.1/"
+   xmlns:cc="http://creativecommons.org/ns#"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   version="1.1"
+   id="Layer_1"
+   x="0px"
+   y="0px"
+   width="600"
+   height="240"
+   viewBox="0 0 600 240"
+   enable-background="new 0 0 338.595 184.111"
+   xml:space="preserve"
+   sodipodi:docname="img7.svg"
+   inkscape:version="0.92.3 (2405546, 2018-03-11)"><metadata
+   id="metadata97"><rdf:RDF><cc:Work
+       rdf:about=""><dc:format>image/svg+xml</dc:format><dc:type
+         rdf:resource="http://purl.org/dc/dcmitype/StillImage" /><dc:title></dc:title></cc:Work></rdf:RDF></metadata><defs
+   id="defs95" /><sodipodi:namedview
+   pagecolor="#ffffff"
+   bordercolor="#666666"
+   borderopacity="1"
+   objecttolerance="10"
+   gridtolerance="10"
+   guidetolerance="10"
+   inkscape:pageopacity="0"
+   inkscape:pageshadow="2"
+   inkscape:window-width="3114"
+   inkscape:window-height="1722"
+   id="namedview93"
+   showgrid="false"
+   inkscape:zoom="19.31163"
+   inkscape:cx="40.922818"
+   inkscape:cy="-7.1183461"
+   inkscape:window-x="1730"
+   inkscape:window-y="409"
+   inkscape:window-maximized="0"
+   inkscape:current-layer="Layer_1" />
+<g
+   id="g6"
+   transform="matrix(2.175361,0,0,2.1651401,-86.939793,-67.075322)">
+	<path
+   d="m 242.475,38.741 c -0.051,1.771 1.333,3.252 3.109,3.304 1.768,0.052 3.248,-1.343 3.299,-3.108 0.057,-1.768 -1.34,-3.246 -3.108,-3.307 -1.767,-0.047 -3.247,1.34 -3.3,3.111 z"
+   id="path2"
+   inkscape:connector-curvature="0"
+   style="fill:#ffc70a" />
+	
+		<line
+   stroke-miterlimit="10"
+   x1="245.679"
+   y1="42.046001"
+   x2="245.679"
+   y2="142.401"
+   id="line4"
+   style="fill:none;stroke:#ffffff;stroke-miterlimit:10;stroke-dasharray:2, 2" />
+</g>
+<g
+   id="g12"
+   transform="matrix(2.175361,0,0,2.1651401,-86.939793,-67.075322)">
+	<path
+   d="m 90.024,62.694 c -0.051,1.772 1.333,3.255 3.111,3.304 1.767,0.055 3.247,-1.34 3.298,-3.106 0.056,-1.769 -1.34,-3.247 -3.109,-3.308 -1.766,-0.049 -3.247,1.34 -3.3,3.11 z"
+   id="path8"
+   inkscape:connector-curvature="0"
+   style="fill:#ffc70a" />
+	<line
+   stroke-miterlimit="10"
+   x1="93.228996"
+   y1="66"
+   x2="93.228996"
+   y2="141.814"
+   id="line10"
+   style="fill:none;stroke:#ffffff;stroke-miterlimit:10;stroke-dasharray:2, 2" />
+</g>
+<g
+   id="g18"
+   transform="matrix(2.175361,0,0,2.1651401,-86.939793,-67.075322)">
+	<path
+   d="m 191.755,62.694 c -0.051,1.772 1.333,3.255 3.111,3.304 1.767,0.055 3.248,-1.34 3.298,-3.106 0.057,-1.769 -1.34,-3.247 -3.109,-3.308 -1.765,-0.049 -3.246,1.34 -3.3,3.11 z"
+   id="path14"
+   inkscape:connector-curvature="0"
+   style="fill:#ffc70a" />
+	<line
+   stroke-miterlimit="10"
+   x1="194.96001"
+   y1="66"
+   x2="194.96001"
+   y2="141.814"
+   id="line16"
+   style="fill:none;stroke:#ffffff;stroke-miterlimit:10;stroke-dasharray:2, 2" />
+</g>
+<g
+   id="g24"
+   transform="matrix(2.175361,0,0,2.1651401,-86.939793,-67.075322)">
+	<path
+   d="m 293.197,72.322 c -0.051,1.77 1.334,3.25 3.112,3.303 1.765,0.052 3.247,-1.343 3.298,-3.109 0.056,-1.766 -1.34,-3.245 -3.108,-3.306 -1.767,-0.048 -3.247,1.339 -3.302,3.112 z"
+   id="path20"
+   inkscape:connector-curvature="0"
+   style="fill:#26b89a" />
+	
+		<line
+   stroke-miterlimit="10"
+   x1="296.40201"
+   y1="75.625"
+   x2="296.40201"
+   y2="141.814"
+   id="line22"
+   style="fill:none;stroke:#ffffff;stroke-miterlimit:10;stroke-dasharray:2, 2" />
+</g>
+<g
+   id="g38"
+   transform="matrix(2.175361,0,0,2.1651401,-86.939793,-67.075322)">
+	<path
+   d="m 39.967,92.705 c -0.05,1.771 1.333,3.254 3.111,3.304 1.767,0.055 3.248,-1.34 3.298,-3.106 0.057,-1.769 -1.34,-3.247 -3.109,-3.308 -1.766,-0.05 -3.246,1.339 -3.3,3.11 z"
+   id="path26"
+   inkscape:connector-curvature="0"
+   style="fill:#ffc70a" />
+	
+		<line
+   stroke-miterlimit="10"
+   x1="43.077999"
+   y1="97.163002"
+   x2="43.077999"
+   y2="141.814"
+   id="line28"
+   style="fill:none;stroke:#ffffff;stroke-miterlimit:10;stroke-dasharray:2, 2" />
+	<g
+   id="g36">
+		<line
+   stroke-miterlimit="10"
+   x1="50.061001"
+   y1="89.467003"
+   x2="61.603001"
+   y2="89.467003"
+   id="line30"
+   style="fill:none;stroke:#ffffff;stroke-miterlimit:10" />
+		<line
+   stroke-miterlimit="10"
+   x1="50.061001"
+   y1="92.801003"
+   x2="61.603001"
+   y2="92.801003"
+   id="line32"
+   style="fill:none;stroke:#ffffff;stroke-miterlimit:10" />
+		<line
+   stroke-miterlimit="10"
+   x1="50.061001"
+   y1="96.136002"
+   x2="58.782001"
+   y2="96.136002"
+   id="line34"
+   style="fill:none;stroke:#ffffff;stroke-miterlimit:10" />
+	</g>
+</g>
+<g
+   id="g48"
+   transform="matrix(2.175361,0,0,2.1651401,-86.939793,-67.075322)">
+	<g
+   id="g46">
+		<line
+   stroke-miterlimit="10"
+   x1="100.118"
+   y1="59.583"
+   x2="105.66"
+   y2="59.583"
+   id="line40"
+   style="fill:none;stroke:#ffffff;stroke-miterlimit:10" />
+		<line
+   stroke-miterlimit="10"
+   x1="100.118"
+   y1="62.917"
+   x2="111.66"
+   y2="62.917"
+   id="line42"
+   style="fill:none;stroke:#ffffff;stroke-miterlimit:10" />
+		<line
+   stroke-miterlimit="10"
+   x1="100.118"
+   y1="66.250999"
+   x2="108.838"
+   y2="66.250999"
+   id="line44"
+   style="fill:none;stroke:#ffffff;stroke-miterlimit:10" />
+	</g>
+</g>
+<g
+   id="g58"
+   transform="matrix(2.175361,0,0,2.1651401,-86.939793,-67.075322)">
+	<g
+   id="g56">
+		<line
+   stroke-miterlimit="10"
+   x1="201.672"
+   y1="59.583"
+   x2="213.213"
+   y2="59.583"
+   id="line50"
+   style="fill:none;stroke:#ffffff;stroke-miterlimit:10" />
+		<line
+   stroke-miterlimit="10"
+   x1="201.672"
+   y1="62.917"
+   x2="206.213"
+   y2="62.917"
+   id="line52"
+   style="fill:none;stroke:#ffffff;stroke-miterlimit:10" />
+		<line
+   stroke-miterlimit="10"
+   x1="201.672"
+   y1="66.250999"
+   x2="210.39301"
+   y2="66.250999"
+   id="line54"
+   style="fill:none;stroke:#ffffff;stroke-miterlimit:10" />
+	</g>
+</g>
+<g
+   id="g68"
+   transform="matrix(2.175361,0,0,2.1651401,-86.939793,-67.075322)">
+	<g
+   id="g66">
+		<line
+   stroke-miterlimit="10"
+   x1="251.698"
+   y1="35.502998"
+   x2="263.23901"
+   y2="35.502998"
+   id="line60"
+   style="fill:none;stroke:#ffffff;stroke-miterlimit:10" />
+		<line
+   stroke-miterlimit="10"
+   x1="251.698"
+   y1="38.837002"
+   x2="259.23901"
+   y2="38.837002"
+   id="line62"
+   style="fill:none;stroke:#ffffff;stroke-miterlimit:10" />
+		<line
+   stroke-miterlimit="10"
+   x1="251.698"
+   y1="42.172001"
+   x2="256.418"
+   y2="42.172001"
+   id="line64"
+   style="fill:none;stroke:#ffffff;stroke-miterlimit:10" />
+	</g>
+</g>
+<g
+   id="g90"
+   transform="matrix(2.175361,0,0,2.1651401,-86.939793,-67.075322)">
+	<path
+   d="m 141.238,92.011 c -0.051,1.77 1.334,3.25 3.112,3.303 1.765,0.052 3.247,-1.343 3.297,-3.109 0.056,-1.766 -1.339,-3.245 -3.108,-3.306 -1.766,-0.048 -3.246,1.34 -3.301,3.112 z"
+   id="path70"
+   inkscape:connector-curvature="0"
+   style="fill:#26b89a" />
+	
+		<line
+   stroke-miterlimit="10"
+   x1="144.44299"
+   y1="95.315002"
+   x2="144.44299"
+   y2="141.814"
+   id="line72"
+   style="fill:none;stroke:#ffffff;stroke-miterlimit:10;stroke-dasharray:2, 2" />
+	<g
+   id="g80">
+		<rect
+   x="150.855"
+   y="87.209999"
+   stroke-miterlimit="10"
+   width="11.542"
+   height="9.7919998"
+   id="rect74"
+   style="fill:none;stroke:#ffffff;stroke-miterlimit:10" />
+		<path
+   d="m 154.357,89.633 c 0.225,0.226 0.338,0.499 0.338,0.82 0,0.323 -0.113,0.597 -0.338,0.821 -0.227,0.226 -0.499,0.339 -0.821,0.339 -0.322,0 -0.596,-0.113 -0.821,-0.339 -0.225,-0.225 -0.338,-0.498 -0.338,-0.821 0,-0.321 0.113,-0.595 0.338,-0.82 0.226,-0.225 0.499,-0.338 0.821,-0.338 0.322,0 0.594,0.114 0.821,0.338 z"
+   id="path76"
+   inkscape:connector-curvature="0"
+   style="fill:#ffffff" />
+		<polygon
+   points="160.876,95.476 152.376,95.476 152.376,94.318 154.309,92.385 155.274,93.351 158.365,90.261 160.876,92.772 "
+   id="polygon78"
+   style="fill:#ffffff" />
+	</g>
+	<g
+   id="g88">
+		<rect
+   x="303.741"
+   y="67.521004"
+   stroke-miterlimit="10"
+   width="11.541"
+   height="9.7919998"
+   id="rect82"
+   style="fill:none;stroke:#ffffff;stroke-miterlimit:10" />
+		<path
+   d="m 307.243,69.944 c 0.225,0.226 0.338,0.499 0.338,0.82 0,0.323 -0.113,0.597 -0.338,0.821 -0.227,0.226 -0.5,0.339 -0.822,0.339 -0.322,0 -0.596,-0.113 -0.82,-0.339 -0.226,-0.225 -0.338,-0.498 -0.338,-0.821 0,-0.321 0.112,-0.595 0.338,-0.82 0.225,-0.225 0.498,-0.338 0.82,-0.338 0.322,0 0.595,0.113 0.822,0.338 z"
+   id="path84"
+   inkscape:connector-curvature="0"
+   style="fill:#ffffff" />
+		<polygon
+   points="313.761,75.787 305.262,75.787 305.262,74.628 307.194,72.696 308.16,73.662 311.25,70.572 313.761,73.083 "
+   id="polygon86"
+   style="fill:#ffffff" />
+	</g>
+</g>
+</svg>
\ No newline at end of file
diff --git a/web-app/src/assets/logo.svg b/web-app/src/assets/logo.svg
new file mode 100644
index 00000000..26666396
--- /dev/null
+++ b/web-app/src/assets/logo.svg
@@ -0,0 +1,68 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Created with Inkscape (http://www.inkscape.org/) -->
+
+<svg
+   xmlns:dc="http://purl.org/dc/elements/1.1/"
+   xmlns:cc="http://creativecommons.org/ns#"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   width="160mm"
+   height="76mm"
+   viewBox="0 0 160 76"
+   version="1.1"
+   id="svg8"
+   inkscape:version="0.92.3 (2405546, 2018-03-11)"
+   sodipodi:docname="logo.svg">
+  <defs
+     id="defs2" />
+  <sodipodi:namedview
+     id="base"
+     pagecolor="#ffffff"
+     bordercolor="#666666"
+     borderopacity="1.0"
+     inkscape:pageopacity="0.0"
+     inkscape:pageshadow="2"
+     inkscape:zoom="3.959798"
+     inkscape:cx="249.99423"
+     inkscape:cy="226.02463"
+     inkscape:document-units="mm"
+     inkscape:current-layer="layer1"
+     showgrid="false"
+     inkscape:window-width="3840"
+     inkscape:window-height="2028"
+     inkscape:window-x="0"
+     inkscape:window-y="68"
+     inkscape:window-maximized="1" />
+  <metadata
+     id="metadata5">
+    <rdf:RDF>
+      <cc:Work
+         rdf:about="">
+        <dc:format>image/svg+xml</dc:format>
+        <dc:type
+           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+        <dc:title></dc:title>
+      </cc:Work>
+    </rdf:RDF>
+  </metadata>
+  <g
+     inkscape:label="Layer 1"
+     inkscape:groupmode="layer"
+     id="layer1"
+     transform="translate(0,-221)">
+    <path
+       style="fill:#ffffff;stroke-width:0.26458332;fill-opacity:1"
+       d="m 88.474622,290.41604 c -2.58339,-0.29471 -4.58106,-1.11288 -5.823201,-2.38495 -0.97101,-0.9944 -1.044942,-1.18097 -1.127779,-2.84597 -0.106211,-2.13478 0.359265,-3.06238 2.18111,-4.34654 l 1.18526,-0.83545 -0.789801,-0.4803 c -1.63513,-0.99438 -2.248881,-2.9729 -1.486869,-4.79312 0.40963,-0.97847 2.35505,-2.83577 2.97032,-2.83577 0.241,0 -0.249391,-0.63747 -1.170331,-1.52136 -1.85789,-1.78313 -2.283629,-2.93769 -2.090329,-5.66874 0.27614,-3.90129 3.730279,-7.12784 8.29309,-7.74666 1.49053,-0.20215 4.30248,0.21443 5.448809,0.80722 0.71981,0.37223 0.74125,0.36103 1.14133,-0.59651 0.59652,-1.42766 2.08381,-3.12713 3.200439,-3.65701 1.42691,-0.67711 3.4477,-0.4377 4.25811,0.50446 0.66263,0.77035 0.83001,2.42269 0.33846,3.34117 -0.75018,1.40172 -3.201,1.62455 -4.17994,0.38003 -0.47618,-0.60536 -0.53128,-0.61664 -0.919088,-0.18812 -0.2269,0.25072 -0.540711,0.79295 -0.69735,1.20496 -0.254711,0.66991 -0.191221,0.85842 0.60056,1.78344 1.091608,1.27531 1.500268,2.5784 1.496908,4.77323 -0.008,5.09459 -4.929758,8.70445 -11.242209,8.24523 -1.5717,-0.11434 -1.94888,-0.0563 -2.49151,0.38367 -1.45465,1.1793 -0.175889,1.73902 4.98031,2.17988 7.25413,0.62024 9.914769,2.01911 10.649899,5.59931 0.57891,2.81942 -0.75865,5.19363 -3.878279,6.88406 -2.90245,1.57274 -6.98197,2.25487 -10.847919,1.81384 z m 7.10348,-3.60035 c 2.44997,-0.83479 3.5429,-2.7969 2.22309,-3.99106 -0.93999,-0.85051 -2.14874,-1.1291 -6.13486,-1.41397 -4.17584,-0.29843 -4.103011,-0.32393 -4.69236,1.64314 -0.50305,1.67903 0.37238,3.09981 2.34303,3.80264 1.39927,0.49904 4.74072,0.47729 6.2611,-0.0408 z m -2.18749,-16.84659 c 3.08115,-2.0764 1.8305,-9.9853 -1.57823,-9.98042 -0.98084,0.001 -2.310141,0.88719 -2.82472,1.88229 -1.017021,1.9667 -0.722881,5.6024 0.59301,7.3298 1.12175,1.47256 2.38646,1.7276 3.80994,0.76833 z m -44.425078,9.59633 c -1.930156,-0.28799 -4.551005,-1.63368 -5.735761,-2.94506 -2.846512,-3.15074 -3.678238,-8.62785 -1.968852,-12.96533 1.886614,-4.78721 6.789763,-7.50295 11.879783,-6.57996 4.506669,0.81722 7.132938,3.82832 7.585429,8.69694 l 0.167507,1.80232 -6.950272,0.16845 c -3.822653,0.0926 -7.016649,0.23482 -7.097773,0.31594 -0.271653,0.27166 0.431987,3.55589 1.023736,4.77828 0.361275,0.74629 0.995458,1.48012 1.658133,1.91865 0.927044,0.6135 1.345822,0.71015 3.0768,0.71015 2.32106,0 3.826568,-0.59869 5.435933,-2.16168 l 0.983631,-0.9553 1.052758,1.05276 1.052759,1.05276 -1.328537,1.45363 c -2.614292,2.86046 -6.771626,4.26377 -10.835274,3.65745 z m 5.644538,-15.67514 c -0.559273,-2.79234 -1.322226,-3.63862 -3.278938,-3.63703 -2.064658,0.002 -3.513727,1.33419 -4.099002,3.76932 l -0.174876,0.72761 h 3.86252 3.862522 z M 2.9348645,277.51633 c 0.07431,-1.42472 0.12382,-1.5265 0.779449,-1.60242 0.385055,-0.0446 0.920836,-0.32473 1.190625,-0.62254 0.444187,-0.49033 0.498383,-1.15127 0.573706,-6.99654 l 0.08318,-6.45506 h -1.472243 -1.472243 v -1.6825 -1.68249 l 2.189349,-0.13659 c 1.407701,-0.0878 2.671755,-0.34412 3.540537,-0.71786 0.770888,-0.33162 1.7339505,-0.54465 2.2424215,-0.49602 0.819628,0.0784 0.8978,0.16444 0.972963,1.07092 l 0.08173,0.98567 0.976605,-0.61172 c 1.787492,-1.11963 3.509408,-1.62523 5.474521,-1.60744 2.067001,0.0187 3.203951,0.4738 4.368177,1.74846 l 0.716251,0.78419 1.266463,-0.80316 c 1.951699,-1.23773 3.700269,-1.74266 5.952233,-1.71881 2.312834,0.0245 3.678359,0.59354 4.978939,2.07482 1.503714,1.71263 1.758672,3.19692 1.763578,10.26701 l 0.0044,6.28386 1.256771,-1e-5 h 1.256771 v 1.71979 1.7198 H 34.23509 28.811132 v -1.5875 c 0,-1.36666 0.06791,-1.5875 0.488159,-1.5875 0.268488,0 0.714973,-0.25074 0.992187,-0.55719 0.461378,-0.51004 0.504029,-1.01938 0.504029,-6.01927 0,-4.59229 -0.07222,-5.6216 -0.453499,-6.4638 -0.821094,-1.81367 -2.879243,-2.1845 -5.292153,-0.95352 -0.906555,0.46248 -0.98751,0.58649 -0.806058,1.23468 0.110939,0.3963 0.199252,3.3697 0.196249,6.60753 l -0.0054,5.88698 h 1.262231 1.262232 v 1.71979 1.7198 h -5.569453 -5.569454 l 0.07935,-1.52136 c 0.06907,-1.32433 0.152866,-1.53183 0.647032,-1.60228 0.312225,-0.0445 0.788475,-0.32464 1.058333,-0.62251 0.427643,-0.47204 0.502186,-1.1057 0.580483,-4.93443 0.107164,-5.2403 -0.06379,-6.88281 -0.834806,-8.02057 -0.754528,-1.11343 -1.750022,-1.43856 -3.17933,-1.03838 -2.304493,0.64522 -2.217526,0.35993 -2.362974,7.75151 l -0.128857,6.54843 h 1.289838 1.289839 v 1.71979 1.7198 H 8.5573645 2.8556195 l 0.07935,-1.52136 z m 59.4783045,-0.0661 c 0,-1.4819 0.04063,-1.5875 0.610888,-1.5875 1.749013,0 2.020464,-1.12408 2.028632,-8.40052 l 0.0063,-5.6224 h -1.455207 -1.455208 v -1.68049 -1.68049 l 2.233596,-0.15763 c 1.379217,-0.0973 2.733516,-0.37269 3.540538,-0.71986 0.735708,-0.31649 1.696476,-0.52497 2.198173,-0.47698 l 0.891233,0.0853 0.132292,1.71979 0.132292,1.71979 0.59581,-0.83529 c 0.746863,-1.04706 2.752254,-2.39134 4.114686,-2.7582 2.248193,-0.60538 4.42527,0.46607 4.956632,2.4394 0.74322,2.76011 -1.799314,5.00465 -4.316182,3.81032 -0.547105,-0.25962 -1.070012,-0.76672 -1.257593,-1.21958 -0.176602,-0.42636 -0.476107,-0.77519 -0.66557,-0.77519 -0.556107,0 -2.002064,1.35104 -2.810801,2.62629 l -0.749274,1.18148 v 5.23986 5.23987 h 1.322917 1.322917 v 1.71979 1.71979 h -5.688542 -5.688541 z m 43.391661,0 c 0,-1.48897 0.0385,-1.5875 0.62045,-1.5875 0.34125,0 0.84727,-0.25031 1.12448,-0.55625 0.45823,-0.5057 0.51605,-1.14285 0.63632,-7.01182 l 0.13229,-6.45557 -1.53398,3.7e-4 -1.53398,3.7e-4 0.0788,-1.65365 0.0788,-1.65364 2.00571,-0.16314 c 1.99655,-0.16238 3.85223,-0.61632 4.33106,-1.05945 0.13824,-0.12796 0.82988,-0.23264 1.53697,-0.23264 h 1.28563 l -0.0818,9.26059 -0.0818,9.26059 1.38906,-1.7e-4 1.38906,-1.7e-4 v 1.71979 1.71979 h -5.68854 -5.68854 z m 12.96458,0.13229 c 0,-1.2649 0.0673,-1.45521 0.51442,-1.45521 0.28292,0 0.84847,-0.28715 1.25677,-0.63813 l 0.74235,-0.63812 0.0832,-6.50562 0.0832,-6.50563 h -1.47225 -1.47224 v -1.68249 -1.6825 l 2.18935,-0.13659 c 1.4077,-0.0878 2.67175,-0.34411 3.54054,-0.71785 0.77088,-0.33163 1.73395,-0.54466 2.24242,-0.49602 0.81462,0.0779 0.89812,0.1677 0.97138,1.0444 l 0.0802,0.95916 1.37506,-0.73897 c 5.15891,-2.77242 9.89424,-1.54845 11.46609,2.9637 0.42762,1.22754 0.4923,2.25606 0.4923,7.82883 v 6.41563 l 1.38906,5.2e-4 1.38906,5.3e-4 v 1.7198 1.71979 h -5.68854 -5.68854 v -1.45521 c 0,-1.2896 0.0616,-1.45521 0.54119,-1.45521 0.29766,0 0.84188,-0.30068 1.20938,-0.66818 l 0.66818,-0.66819 -0.0849,-5.61567 c -0.077,-5.09141 -0.13547,-5.70214 -0.62658,-6.54173 -1.02232,-1.74773 -3.28669,-1.9642 -5.60988,-0.53629 l -0.8599,0.52852 v 6.48618 6.48618 h 1.32292 1.32292 v 1.71979 1.71979 h -5.68855 -5.68854 z m -8.45872,-24.28327 c -1.60878,-0.81405 -2.33662,-3.26408 -1.46844,-4.94296 1.67585,-3.24074 6.223,-1.99156 6.223,1.70957 0,2.62722 -2.5395,4.35423 -4.75456,3.23339 z"
+       id="path855"
+       inkscape:connector-curvature="0" />
+    <path
+       style="fill:#fe9627;fill-opacity:1;stroke-width:0.26458335"
+       d="m 146.11409,227.45227 c -0.69264,0 -10.83831,5.68821 -10.83831,6.08166 2.7676,1.91654 4.84445,3.08477 7.81938,4.92646 1.23693,0.76341 2.28246,1.39685 2.32337,1.40766 0.0717,0.0189 11.2301,-6.30539 11.37243,-6.4456 0.15475,-0.15244 -10.24951,-5.97018 -10.67687,-5.97018 z m 11.26857,6.92361 -5.35523,3.04064 c -2.9453,1.67238 -5.4966,3.15878 -5.66994,3.30264 -0.34578,0.28698 -0.52282,11.87435 -0.18655,12.21063 0.1,0.1 0.97527,-0.26351 1.9451,-0.8077 6.69279,-3.75552 8.72724,-5.01609 8.98343,-5.56607 0.17392,-0.37337 0.28319,-2.83929 0.28319,-6.39393 z m -22.87148,0.0501 c -0.11189,1.06738 -0.21333,3.00696 -0.2253,5.73609 -0.012,2.72912 0.10875,6.02055 0.28267,6.39392 0.25618,0.54999 1.62246,1.81056 8.31525,5.56607 0.96983,0.54419 1.8451,0.90771 1.9451,0.8077 0.33627,-0.33628 0.15975,-11.92365 -0.18603,-12.21062 -0.17334,-0.14386 -2.85708,-1.41677 -5.67046,-3.30264 z"
+       id="path891"
+       inkscape:connector-curvature="0"
+       sodipodi:nodetypes="sccccsccccccsccccccccc" />
+  </g>
+</svg>
diff --git a/web-app/src/assets/logo_color.svg b/web-app/src/assets/logo_color.svg
new file mode 100644
index 00000000..f0abf037
--- /dev/null
+++ b/web-app/src/assets/logo_color.svg
@@ -0,0 +1,68 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Created with Inkscape (http://www.inkscape.org/) -->
+
+<svg
+   xmlns:dc="http://purl.org/dc/elements/1.1/"
+   xmlns:cc="http://creativecommons.org/ns#"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   width="160mm"
+   height="76mm"
+   viewBox="0 0 160 76"
+   version="1.1"
+   id="svg8"
+   inkscape:version="0.92.3 (2405546, 2018-03-11)"
+   sodipodi:docname="logo_color.svg">
+  <defs
+     id="defs2" />
+  <sodipodi:namedview
+     id="base"
+     pagecolor="#ffffff"
+     bordercolor="#666666"
+     borderopacity="1.0"
+     inkscape:pageopacity="0.0"
+     inkscape:pageshadow="2"
+     inkscape:zoom="0.70000001"
+     inkscape:cx="-447.66477"
+     inkscape:cy="445.1272"
+     inkscape:document-units="mm"
+     inkscape:current-layer="layer1"
+     showgrid="false"
+     inkscape:window-width="3840"
+     inkscape:window-height="2020"
+     inkscape:window-x="0"
+     inkscape:window-y="68"
+     inkscape:window-maximized="1" />
+  <metadata
+     id="metadata5">
+    <rdf:RDF>
+      <cc:Work
+         rdf:about="">
+        <dc:format>image/svg+xml</dc:format>
+        <dc:type
+           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+        <dc:title />
+      </cc:Work>
+    </rdf:RDF>
+  </metadata>
+  <g
+     inkscape:label="Layer 1"
+     inkscape:groupmode="layer"
+     id="layer1"
+     transform="translate(0,-221)">
+    <path
+       style="fill:#2d4470;stroke-width:0.26458332;fill-opacity:1"
+       d="m 88.474622,290.41604 c -2.58339,-0.29471 -4.58106,-1.11288 -5.823201,-2.38495 -0.97101,-0.9944 -1.044942,-1.18097 -1.127779,-2.84597 -0.106211,-2.13478 0.359265,-3.06238 2.18111,-4.34654 l 1.18526,-0.83545 -0.789801,-0.4803 c -1.63513,-0.99438 -2.248881,-2.9729 -1.486869,-4.79312 0.40963,-0.97847 2.35505,-2.83577 2.97032,-2.83577 0.241,0 -0.249391,-0.63747 -1.170331,-1.52136 -1.85789,-1.78313 -2.283629,-2.93769 -2.090329,-5.66874 0.27614,-3.90129 3.730279,-7.12784 8.29309,-7.74666 1.49053,-0.20215 4.30248,0.21443 5.448809,0.80722 0.71981,0.37223 0.74125,0.36103 1.14133,-0.59651 0.59652,-1.42766 2.08381,-3.12713 3.200439,-3.65701 1.42691,-0.67711 3.4477,-0.4377 4.25811,0.50446 0.66263,0.77035 0.83001,2.42269 0.33846,3.34117 -0.75018,1.40172 -3.201,1.62455 -4.17994,0.38003 -0.47618,-0.60536 -0.53128,-0.61664 -0.919088,-0.18812 -0.2269,0.25072 -0.540711,0.79295 -0.69735,1.20496 -0.254711,0.66991 -0.191221,0.85842 0.60056,1.78344 1.091608,1.27531 1.500268,2.5784 1.496908,4.77323 -0.008,5.09459 -4.929758,8.70445 -11.242209,8.24523 -1.5717,-0.11434 -1.94888,-0.0563 -2.49151,0.38367 -1.45465,1.1793 -0.175889,1.73902 4.98031,2.17988 7.25413,0.62024 9.914769,2.01911 10.649899,5.59931 0.57891,2.81942 -0.75865,5.19363 -3.878279,6.88406 -2.90245,1.57274 -6.98197,2.25487 -10.847919,1.81384 z m 7.10348,-3.60035 c 2.44997,-0.83479 3.5429,-2.7969 2.22309,-3.99106 -0.93999,-0.85051 -2.14874,-1.1291 -6.13486,-1.41397 -4.17584,-0.29843 -4.103011,-0.32393 -4.69236,1.64314 -0.50305,1.67903 0.37238,3.09981 2.34303,3.80264 1.39927,0.49904 4.74072,0.47729 6.2611,-0.0408 z m -2.18749,-16.84659 c 3.08115,-2.0764 1.8305,-9.9853 -1.57823,-9.98042 -0.98084,0.001 -2.310141,0.88719 -2.82472,1.88229 -1.017021,1.9667 -0.722881,5.6024 0.59301,7.3298 1.12175,1.47256 2.38646,1.7276 3.80994,0.76833 z m -44.425078,9.59633 c -1.930156,-0.28799 -4.551005,-1.63368 -5.735761,-2.94506 -2.846512,-3.15074 -3.678238,-8.62785 -1.968852,-12.96533 1.886614,-4.78721 6.789763,-7.50295 11.879783,-6.57996 4.506669,0.81722 7.132938,3.82832 7.585429,8.69694 l 0.167507,1.80232 -6.950272,0.16845 c -3.822653,0.0926 -7.016649,0.23482 -7.097773,0.31594 -0.271653,0.27166 0.431987,3.55589 1.023736,4.77828 0.361275,0.74629 0.995458,1.48012 1.658133,1.91865 0.927044,0.6135 1.345822,0.71015 3.0768,0.71015 2.32106,0 3.826568,-0.59869 5.435933,-2.16168 l 0.983631,-0.9553 1.052758,1.05276 1.052759,1.05276 -1.328537,1.45363 c -2.614292,2.86046 -6.771626,4.26377 -10.835274,3.65745 z m 5.644538,-15.67514 c -0.559273,-2.79234 -1.322226,-3.63862 -3.278938,-3.63703 -2.064658,0.002 -3.513727,1.33419 -4.099002,3.76932 l -0.174876,0.72761 h 3.86252 3.862522 z M 2.9348645,277.51633 c 0.07431,-1.42472 0.12382,-1.5265 0.779449,-1.60242 0.385055,-0.0446 0.920836,-0.32473 1.190625,-0.62254 0.444187,-0.49033 0.498383,-1.15127 0.573706,-6.99654 l 0.08318,-6.45506 h -1.472243 -1.472243 v -1.6825 -1.68249 l 2.189349,-0.13659 c 1.407701,-0.0878 2.671755,-0.34412 3.540537,-0.71786 0.770888,-0.33162 1.7339505,-0.54465 2.2424215,-0.49602 0.819628,0.0784 0.8978,0.16444 0.972963,1.07092 l 0.08173,0.98567 0.976605,-0.61172 c 1.787492,-1.11963 3.509408,-1.62523 5.474521,-1.60744 2.067001,0.0187 3.203951,0.4738 4.368177,1.74846 l 0.716251,0.78419 1.266463,-0.80316 c 1.951699,-1.23773 3.700269,-1.74266 5.952233,-1.71881 2.312834,0.0245 3.678359,0.59354 4.978939,2.07482 1.503714,1.71263 1.758672,3.19692 1.763578,10.26701 l 0.0044,6.28386 1.256771,-1e-5 h 1.256771 v 1.71979 1.7198 H 34.23509 28.811132 v -1.5875 c 0,-1.36666 0.06791,-1.5875 0.488159,-1.5875 0.268488,0 0.714973,-0.25074 0.992187,-0.55719 0.461378,-0.51004 0.504029,-1.01938 0.504029,-6.01927 0,-4.59229 -0.07222,-5.6216 -0.453499,-6.4638 -0.821094,-1.81367 -2.879243,-2.1845 -5.292153,-0.95352 -0.906555,0.46248 -0.98751,0.58649 -0.806058,1.23468 0.110939,0.3963 0.199252,3.3697 0.196249,6.60753 l -0.0054,5.88698 h 1.262231 1.262232 v 1.71979 1.7198 h -5.569453 -5.569454 l 0.07935,-1.52136 c 0.06907,-1.32433 0.152866,-1.53183 0.647032,-1.60228 0.312225,-0.0445 0.788475,-0.32464 1.058333,-0.62251 0.427643,-0.47204 0.502186,-1.1057 0.580483,-4.93443 0.107164,-5.2403 -0.06379,-6.88281 -0.834806,-8.02057 -0.754528,-1.11343 -1.750022,-1.43856 -3.17933,-1.03838 -2.304493,0.64522 -2.217526,0.35993 -2.362974,7.75151 l -0.128857,6.54843 h 1.289838 1.289839 v 1.71979 1.7198 H 8.5573645 2.8556195 l 0.07935,-1.52136 z m 59.4783045,-0.0661 c 0,-1.4819 0.04063,-1.5875 0.610888,-1.5875 1.749013,0 2.020464,-1.12408 2.028632,-8.40052 l 0.0063,-5.6224 h -1.455207 -1.455208 v -1.68049 -1.68049 l 2.233596,-0.15763 c 1.379217,-0.0973 2.733516,-0.37269 3.540538,-0.71986 0.735708,-0.31649 1.696476,-0.52497 2.198173,-0.47698 l 0.891233,0.0853 0.132292,1.71979 0.132292,1.71979 0.59581,-0.83529 c 0.746863,-1.04706 2.752254,-2.39134 4.114686,-2.7582 2.248193,-0.60538 4.42527,0.46607 4.956632,2.4394 0.74322,2.76011 -1.799314,5.00465 -4.316182,3.81032 -0.547105,-0.25962 -1.070012,-0.76672 -1.257593,-1.21958 -0.176602,-0.42636 -0.476107,-0.77519 -0.66557,-0.77519 -0.556107,0 -2.002064,1.35104 -2.810801,2.62629 l -0.749274,1.18148 v 5.23986 5.23987 h 1.322917 1.322917 v 1.71979 1.71979 h -5.688542 -5.688541 z m 43.391661,0 c 0,-1.48897 0.0385,-1.5875 0.62045,-1.5875 0.34125,0 0.84727,-0.25031 1.12448,-0.55625 0.45823,-0.5057 0.51605,-1.14285 0.63632,-7.01182 l 0.13229,-6.45557 -1.53398,3.7e-4 -1.53398,3.7e-4 0.0788,-1.65365 0.0788,-1.65364 2.00571,-0.16314 c 1.99655,-0.16238 3.85223,-0.61632 4.33106,-1.05945 0.13824,-0.12796 0.82988,-0.23264 1.53697,-0.23264 h 1.28563 l -0.0818,9.26059 -0.0818,9.26059 1.38906,-1.7e-4 1.38906,-1.7e-4 v 1.71979 1.71979 h -5.68854 -5.68854 z m 12.96458,0.13229 c 0,-1.2649 0.0673,-1.45521 0.51442,-1.45521 0.28292,0 0.84847,-0.28715 1.25677,-0.63813 l 0.74235,-0.63812 0.0832,-6.50562 0.0832,-6.50563 h -1.47225 -1.47224 v -1.68249 -1.6825 l 2.18935,-0.13659 c 1.4077,-0.0878 2.67175,-0.34411 3.54054,-0.71785 0.77088,-0.33163 1.73395,-0.54466 2.24242,-0.49602 0.81462,0.0779 0.89812,0.1677 0.97138,1.0444 l 0.0802,0.95916 1.37506,-0.73897 c 5.15891,-2.77242 9.89424,-1.54845 11.46609,2.9637 0.42762,1.22754 0.4923,2.25606 0.4923,7.82883 v 6.41563 l 1.38906,5.2e-4 1.38906,5.3e-4 v 1.7198 1.71979 h -5.68854 -5.68854 v -1.45521 c 0,-1.2896 0.0616,-1.45521 0.54119,-1.45521 0.29766,0 0.84188,-0.30068 1.20938,-0.66818 l 0.66818,-0.66819 -0.0849,-5.61567 c -0.077,-5.09141 -0.13547,-5.70214 -0.62658,-6.54173 -1.02232,-1.74773 -3.28669,-1.9642 -5.60988,-0.53629 l -0.8599,0.52852 v 6.48618 6.48618 h 1.32292 1.32292 v 1.71979 1.71979 h -5.68855 -5.68854 z m -8.45872,-24.28327 c -1.60878,-0.81405 -2.33662,-3.26408 -1.46844,-4.94296 1.67585,-3.24074 6.223,-1.99156 6.223,1.70957 0,2.62722 -2.5395,4.35423 -4.75456,3.23339 z"
+       id="path855"
+       inkscape:connector-curvature="0" />
+    <path
+       style="fill:#fe9627;fill-opacity:1;stroke-width:0.26458335"
+       d="m 146.11409,227.45227 c -0.69264,0 -10.83831,5.68821 -10.83831,6.08166 2.7676,1.91654 4.84445,3.08477 7.81938,4.92646 1.23693,0.76341 2.28246,1.39685 2.32337,1.40766 0.0717,0.0189 11.2301,-6.30539 11.37243,-6.4456 0.15475,-0.15244 -10.24951,-5.97018 -10.67687,-5.97018 z m 11.26857,6.92361 -5.35523,3.04064 c -2.9453,1.67238 -5.4966,3.15878 -5.66994,3.30264 -0.34578,0.28698 -0.52282,11.87435 -0.18655,12.21063 0.1,0.1 0.97527,-0.26351 1.9451,-0.8077 6.69279,-3.75552 8.72724,-5.01609 8.98343,-5.56607 0.17392,-0.37337 0.28319,-2.83929 0.28319,-6.39393 z m -22.87148,0.0501 c -0.11189,1.06738 -0.21333,3.00696 -0.2253,5.73609 -0.012,2.72912 0.10875,6.02055 0.28267,6.39392 0.25618,0.54999 1.62246,1.81056 8.31525,5.56607 0.96983,0.54419 1.8451,0.90771 1.9451,0.8077 0.33627,-0.33628 0.15975,-11.92365 -0.18603,-12.21062 -0.17334,-0.14386 -2.85708,-1.41677 -5.67046,-3.30264 z"
+       id="path891"
+       inkscape:connector-curvature="0"
+       sodipodi:nodetypes="sccccsccccccsccccccccc" />
+  </g>
+</svg>
diff --git a/web-app/src/assets/plugin.png b/web-app/src/assets/plugin.png
new file mode 100644
index 00000000..ff33c4d5
Binary files /dev/null and b/web-app/src/assets/plugin.png differ
diff --git a/web-app/src/assets/qgis-icons/mGeoPackage.svg b/web-app/src/assets/qgis-icons/mGeoPackage.svg
new file mode 100644
index 00000000..f6be7b8d
--- /dev/null
+++ b/web-app/src/assets/qgis-icons/mGeoPackage.svg
@@ -0,0 +1 @@
+<svg height="24" width="24" xmlns="http://www.w3.org/2000/svg"><g fill="none" fill-rule="evenodd" stroke-width=".934"><g transform="matrix(-1.07085 0 0 -1.07027 22.8 15.3)"><path d="m10.142 13.944-10.142-6.052v-7.764l10.142 6.052z" fill="#806600" height="100%" width="100%"/><path d="m.25.569v7.18l9.642 5.754v-7.18z" stroke="#000" stroke-width=".467"/><g transform="matrix(-1 0 0 1 30.425 0)"><path d="m20.283 13.944-10.141-6.052v-7.764l10.141 6.052z" fill="#806600" height="100%" width="100%"/><path d="m10.392.569v7.18l9.641 5.754v-7.18z" stroke="#000" stroke-width=".467"/></g></g><g transform="matrix(1.07085 0 0 1.07027 3.867 -.293)"><circle cx="7.627" cy="7.876" fill="#6e96c4" r="7.599"/><g transform="translate(.95 1.199)"><circle cx="6.73" cy="6.598" fill="#2e4e72" r="6.536"/><path d="m12.463 4.246-.17-.188-.033-.301-.175.095-.094.37-.253-.27-.01-.254-.244-.21-.09-.09h-.284l.09.253.34.19.06.063-.074.037.003.2-.166.069-.141-.031-.09-.126.23.013.063-.084-.51-.344-.04-.148-.207.188-.21-.043-.32.416-.063.163-.205.019-.303.001-.181-.084-.053-.36.064-.171.309-.068.336.068.04-.186-.142-.034.05-.29.337-.052.237-.335.243-.04.221.032h.081l-.044-.314-.268.108-.094-.234-.156-.022-.03-.161.128-.139.301-.118.078-.138a6.525 6.525 0 0 0 -3.077-1.514l-.079-.014c-.12-.022-.242-.038-.365-.052a6.557 6.557 0 0 0 -.797-.054 6.504 6.504 0 0 0 -3.842 1.252h.056l.274-.002.147.081.277.06.021.109.44.016-.06-.141-.39-.011.092-.087-.033-.103h-.353l.386-.289h.37l.173.24.289.016.173-.169.13.066-.238.233-.316.006c.017 0 .028.228.028.228l.402-.01.043-.11.277-.016.033-.162-.163-.028.054-.147.125-.038.435.021-.24.218.039.169.25.038-.017-.304.24-.125.424-.05.614.272v.234l.195.049-.098.185h-.276l-.083.211-.634-.149.498-.265-.19-.161-.429.054-.038.039h-.001l-.006.008-.124.128-.204.017.017.102.071.03-.003.033-.166.024-.012.097-.16.008-.028-.192-.286.087-.582.342.064.24.163.106.326.045v.37l.15-.024.14-.29.347-.109v-.445l.192-.145.467.11-.034.294h.126l.342-.169.017.386.25.152-.011.229-.24.08.017.077.288.13-.006.158-.083.007-.001-.004-.364-.112-.015-.117.106-.073v-.106l-.114-.029-.028.098-.201.031-.02-.007v.01l-.07.011-.056-.114-.065-.029h-.144l-.065.054v.118l.122.04.121.017-.027.012-.11.122-.048-.06-.107-.029-.29.273.039.03-.428.237-.403.419-.027.186-.403.265-.2.201.023.402-.278-.13.002-.234h-.77l-.4.202-.174.32-.069.254.113.246.314.038.5-.335.044.166-.152.288.38.065.039.588.048.008h.004l.47.08.33-.382.403.081.141.197.386-.023.01-.114.213.103.24.374.412.006.153.267.021.325.457.174.576.006.168.277.256.082-.05.228-.28.356-.08.787-.254.2-.374-.012-.126.218.093.408-.407.522-.131.24-.389.186-.255.039-.01.108.179.052-.023.116-.16.155.098.123.193.006-.011.149-.051.147-.017.12.286.24-.038.125-.39-.007-.387-.338-.3-.531.042-.512-.228-.304.092-.516-.135-.039v-1.119s-.381-.288-.403-.288-.201-.048-.201-.048l-.038-.212-.495-.62.05-.222.016-.364.342-.24-.049-.408-.5-.037-.391-.446-.277-.076-.18-.033.022-.163-.229-.032v.092l-.57-.141-.23-.352.08-.144-.095-.001-.028-.092.067-.034-.292-.426-.062-.386h-.148l.05.373.25.386-.028.153-.212-.033-.26-.444v-.518l-.272-.13v-.373a6.472 6.472 0 0 0 -.36 1.124l.014-.003.09-.018.053.255.112.181.075.085.135.053-.127.152-.247.024h-.186l.02-.22.155-.032-.013-.104-.128-.08-.01-.008a6.55 6.55 0 0 0 -.104 1.15v.035a6.547 6.547 0 0 0 6.54 6.505 6.53 6.53 0 0 0 5.072-2.417h-.215v-.435l-.25-.336v-.522l-.191-.19-.016-.217.24-.463-.458-.81.054-.548-.412-.043-.153-.152h-.277l-.141.13h-.49l-.017.044h-.272l-.624-.712.005-.555.103-.038.039-.212h-.147l-.06-.223.723-.522v-.37l.354-.196.143.015h.29l.23-.123.733-.057v.375l.58.147.113.082h.106v-.204l.335-.033.317.237h.522l.036-.034a6.44 6.44 0 0 0 -.176-.518z" fill="#aec7e2" fill-rule="nonzero"/></g></g><g><path d="m11.942 13.8v9.093l-10.708-6.896v-8.845z" fill="#d4aa00"/><path d="m11.942 13.793v9.1l10.709-6.896v-8.845z" fill="#ffff7a"/><g stroke="#000" stroke-width=".467" transform="matrix(1.07085 0 0 1.07027 1.234 7.006)"><path d="m10 6.75v7.77" stroke-linecap="square"/><path d="m.015.232v8.171l10.022 6.266 10.041-6.266v-8.171l-10.031 6.107z"/></g></g></g></svg>
\ No newline at end of file
diff --git a/web-app/src/assets/qgis-icons/mIconDbSchema.svg b/web-app/src/assets/qgis-icons/mIconDbSchema.svg
new file mode 100644
index 00000000..c10de98a
--- /dev/null
+++ b/web-app/src/assets/qgis-icons/mIconDbSchema.svg
@@ -0,0 +1 @@
+<svg height="16" width="16" xmlns="http://www.w3.org/2000/svg"><g stroke="#888a85"><path d="m8 2.34c-2.87.015-5.51.594-5.5 1.69v7.95c-.025 2.2 11 2.31 11 0v-7.95c.006-1.16-2.64-1.71-5.5-1.69z" fill="#eee"/><path d="m2.5 7.91c-.025 2.2 11 2.31 11 0m-11-3.97c-.025 2.2 11 2.31 11 0" fill="none"/></g></svg>
\ No newline at end of file
diff --git a/web-app/src/assets/qgis-icons/mIconFile.svg b/web-app/src/assets/qgis-icons/mIconFile.svg
new file mode 100644
index 00000000..a1029d1d
--- /dev/null
+++ b/web-app/src/assets/qgis-icons/mIconFile.svg
@@ -0,0 +1 @@
+<svg height="16" width="16" xmlns="http://www.w3.org/2000/svg"><g fill-rule="evenodd" stroke="#888a85" stroke-linejoin="round"><path d="m2.5 14.5v-13h8l3 3v10z" fill="#fff"/><path d="m10.5 1.5v3h3z" fill="#eee"/></g></svg>
\ No newline at end of file
diff --git a/web-app/src/assets/qgis-icons/mIconFolder.svg b/web-app/src/assets/qgis-icons/mIconFolder.svg
new file mode 100644
index 00000000..5d27bac2
--- /dev/null
+++ b/web-app/src/assets/qgis-icons/mIconFolder.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16"><path d="M1.5 2.501V13.75s.019.75.75.75h11.5s.749 0 .749-.75L14.5 4.5H9.2l-2-2H1.5z" fill="#eee" stroke="#888a85"/></svg>
diff --git a/web-app/src/assets/qgis-icons/mIconPolygonLayer.svg b/web-app/src/assets/qgis-icons/mIconPolygonLayer.svg
new file mode 100644
index 00000000..ebcdaddf
--- /dev/null
+++ b/web-app/src/assets/qgis-icons/mIconPolygonLayer.svg
@@ -0,0 +1 @@
+<svg height="16" width="16" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><linearGradient id="a" gradientUnits="userSpaceOnUse" x1="4.5" x2="6.5" y1="3.5" y2="10.5"><stop offset="0" stop-color="#eee"/><stop offset="1" stop-color="#cfcfcf"/></linearGradient><path d="m.5 6.5c0 12 6 2 9 2 2 0 6 4 6-1 0-8-4.398262-3.1905055-7-4-1.9423402-.604332-8-4-8 3z" fill="url(#a)" fill-rule="evenodd" stroke="#888a85" stroke-linecap="round" stroke-linejoin="round"/></svg>
\ No newline at end of file
diff --git a/web-app/src/assets/qgis-icons/mIconRaster.svg b/web-app/src/assets/qgis-icons/mIconRaster.svg
new file mode 100644
index 00000000..673f25f7
--- /dev/null
+++ b/web-app/src/assets/qgis-icons/mIconRaster.svg
@@ -0,0 +1 @@
+<svg height="16" width="16" xmlns="http://www.w3.org/2000/svg"><path d="m6.333 2h4.334v4.333h-4.334z" fill="#aec7e2"/><path d="m2 2h4.333v4.333h-4.333zm4.333 4.333h4.334v4.334h-4.334zm4.334-4.333h4.333v4.333h-4.333z" fill="#2b3b4d"/><path d="m2 6.333h4.333v4.334h-4.333zm8.667 0h4.333v4.334h-4.333zm-4.334 4.334h4.334v4.333h-4.334z" fill="#aec7e2"/><path d="m2 10.667h4.333v4.333h-4.333z" fill="#2b3b4d"/></svg>
\ No newline at end of file
diff --git a/web-app/src/assets/qgis-icons/mIconTableLayer.svg b/web-app/src/assets/qgis-icons/mIconTableLayer.svg
new file mode 100644
index 00000000..04721728
--- /dev/null
+++ b/web-app/src/assets/qgis-icons/mIconTableLayer.svg
@@ -0,0 +1 @@
+<svg height="16" width="16" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><linearGradient id="a" gradientUnits="userSpaceOnUse" x1="4.5" x2="9.5" y1="2.5" y2="14.5"><stop offset="0" stop-color="#f1f1f1"/><stop offset="1" stop-color="#d6d6d6"/></linearGradient><g fill-rule="evenodd" stroke="#888a85" stroke-linecap="round" stroke-linejoin="round" transform="translate(0 -16)"><rect fill="url(#a)" height="15" rx="1" transform="translate(0 16)" width="13" x="1.5" y=".5"/><g fill="#eeeeec"><path d="m1.5 4.5h13" transform="translate(0 16)"/><path d="m3.5 23.5h2"/><path d="m3.5 26.5h2"/><path d="m3.5 29.5h2"/><path d="m8.5 23.5h4"/><path d="m8.4378776 26.458275 4.0621224.041725"/><path d="m8.5 29.5h4"/><path d="m3.5710868 2.5057164 1.9289132-.0057164" transform="translate(0 16)"/><path d="m8.5 2.5h4" transform="translate(0 16)"/></g></g></svg>
\ No newline at end of file
diff --git a/web-app/src/assets/qgis-icons/mIconZip.svg b/web-app/src/assets/qgis-icons/mIconZip.svg
new file mode 100644
index 00000000..4fa1fa5e
--- /dev/null
+++ b/web-app/src/assets/qgis-icons/mIconZip.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16"><path fill="#eeeeec" stroke="#888a85" d="M1.5 1.5h13v13h-13z"/><path d="M5 2v4c0 1.1.895 2 2 2s2-.9 2-2V2z" fill="#888a85"/><path d="M7 2v1h1V2zm0 1H6v1h1zm0 1v1h1V4zm0 1H6v1h1zm0 1v1c.552 0 1-.5 1-1z" fill="#555"/><path d="M6 2v1h1V2zm0 2v1h1V4zm0 2c0 .5.448 1 1 1V6z" fill="#ddd"/><path d="M7 3h1v1H7zm0 2h1v1H7z" fill="#cfcfcf"/><path d="M7 7c-1.105 0-2 .9-2 2v4c0 1.1.895 2 2 2s2-.9 2-2V9c0-1.1-.895-2-2-2zm0 1c.552 0 1 .4 1 1 0 .5-.448 1-1 1s-1-.5-1-1c0-.6.448-1 1-1zm0 3c.552 0 1 .4 1 1v1c0 .5-.448 1-1 1s-1-.5-1-1v-1c0-.6.448-1 1-1zM6 1h1v1H6z" fill="#555"/><path fill="#cfcfcf" d="M7 1h1v1H7z"/></svg>
diff --git a/web-app/src/assets/qgis-icons/providerQgis.svg b/web-app/src/assets/qgis-icons/providerQgis.svg
new file mode 100644
index 00000000..315de6be
--- /dev/null
+++ b/web-app/src/assets/qgis-icons/providerQgis.svg
@@ -0,0 +1 @@
+<svg height="16" viewBox="0 0 66.666 66.667" width="16" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><linearGradient id="a"><stop offset="0" stop-color="#589632"/><stop offset="1" stop-color="#93b023"/></linearGradient><linearGradient id="b" gradientUnits="userSpaceOnUse" x1="45.722" x2="44.919" xlink:href="#a" y1="55.358" y2="2.524"/><linearGradient id="c" gradientUnits="userSpaceOnUse" x1="30.064" x2="29.267" xlink:href="#a" y1="57.105" y2="4.712"/><path d="m35.527 34.956h8.19l-6.931-6.853h-8.492v8.16l7.233 7.21z" fill="#ee7913"/><path d="m61.796 51.022-14.613-14.446h-8.23v8.504l14.003 13.957h8.84z" fill="url(#b)" transform="translate(0 1.806)"/><path d="m38.953 38.381h8.23l-3.466-3.425h-8.19v8.516l3.426 3.415z" fill="#f0e64a"/><path d="m37.335 48.978a17.173 17.173 0 0 1 -3.862.44c-9.52 0-17.616-7.828-17.616-17.977 0-10.15 8.007-17.805 17.616-17.805 9.608 0 17.259 7.655 17.259 17.805a19.351 19.351 0 0 1 -.586 4.744l8.811 8.809c2.272-3.98 3.543-8.608 3.543-13.621 0-15.643-12.484-27.356-29.206-27.356-16.645 0-29.128 11.636-29.128 27.356 0 15.798 12.484 27.664 29.128 27.664 4.298 0 8.314-.79 11.91-2.228z" fill="url(#c)" transform="translate(0 1.806)"/><path d="m28.294 28.103 33.502 32.74v-8.016l-14.613-14.444-3.466-3.426-6.931-6.853z" fill="#fff" fill-opacity=".172"/></svg>
\ No newline at end of file
diff --git a/web-app/src/assets/web.gif b/web-app/src/assets/web.gif
new file mode 100644
index 00000000..12d82e10
Binary files /dev/null and b/web-app/src/assets/web.gif differ
diff --git a/web-app/src/components/AcceptProjectTransferForm.vue b/web-app/src/components/AcceptProjectTransferForm.vue
new file mode 100644
index 00000000..4537b596
--- /dev/null
+++ b/web-app/src/components/AcceptProjectTransferForm.vue
@@ -0,0 +1,98 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-card v-on:keyup.enter="accept()">
+    <v-card-title>
+      <span class="headline">Accept project transfer</span>
+      <span class="note flex-auto-l transfer">
+        This will move project to your namespace. You may want to change name and decide whether to keep original project permissions.
+      </span>
+    </v-card-title>
+    <v-card-text>
+      <v-text-field
+        disabled
+        label="Original owner"
+        v-model="transfer.from_ns_name"
+      />
+     <v-text-field
+        disabled
+        label="Target owner"
+        v-model="transfer.to_ns_name"
+      >
+     </v-text-field>
+      <v-text-field
+        label="Project name"
+        v-model="projectName"
+        :error-messages="errors.project"
+      />
+      <v-checkbox
+        label="Keep permissions"
+        color="primary"
+        v-model="transferPermissions"
+      />
+
+    </v-card-text>
+    <v-card-actions>
+      <v-spacer/>
+      <v-btn @click="$dialog.close">
+        Close
+      </v-btn>
+      <v-btn
+        class="primary"
+        :disabled="!projectName"
+        @click="accept"
+      >
+        Accept transfer
+      </v-btn>
+    </v-card-actions>
+  </v-card>
+</template>
+
+<script>
+import FormMixin from '@/mixins/Form'
+import MerginAPIMixin from '@/mixins/MerginAPI'
+
+export default {
+  mixins: [FormMixin, MerginAPIMixin],
+  props: {
+    transfer: Object
+  },
+  data () {
+    return {
+      projectName: '',
+      transferPermissions: true
+    }
+  },
+  created () {
+    this.projectName = this.transfer.project_name
+  },
+  methods: {
+    async accept () {
+      const props = {
+        name: this.projectName,
+        transfer_permissions: this.transferPermissions
+      }
+      const success = await this.acceptTransfer(this.transfer, props)
+      if (success) { this.$dialog.close() }
+    }
+  }
+}
+</script>
+<style lang="scss" scoped>
+  .note{
+    color: #616161;
+    margin-top: 10px;
+  }
+  .transfer{
+    margin-top: 10px;
+    display: block;
+    font-size: 14px;
+  }
+  .v-card__title{
+    word-break: normal;
+  }
+  .headline{
+    font-size: 24px !important;
+  }
+</style>
diff --git a/web-app/src/components/AppHeader.vue b/web-app/src/components/AppHeader.vue
new file mode 100644
index 00000000..987257fa
--- /dev/null
+++ b/web-app/src/components/AppHeader.vue
@@ -0,0 +1,198 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-layout class="row shrink align-end justify-center header" v-bind:class="{ primary: isPrimary }">
+    <v-layout class="content">
+      <router-link
+        class="logo"
+        :to="{name: 'about'}">
+        <img src="@/assets/logo.svg">
+        <div class="banner" v-if="app.in_beta">BETA</div>
+      </router-link>
+
+      <slot name="menu">
+         <v-btn
+        class="mr-3 toggle-toolbar small-screen"
+        elevation="1"
+        fab
+        small
+        @click="setDrawer(!drawer)"
+      >
+        <v-icon v-if="drawer" class="primary--text">
+          fa-angle-double-left
+        </v-icon>
+        <v-icon v-else class="primary--text">
+          fa-angle-double-right
+        </v-icon>
+      </v-btn>
+        <v-spacer/>
+      </slot>
+      <v-menu
+        v-if="app.user && app.user.email"
+        :min-width="150"
+        bottom
+        left
+        offset-y
+        origin="top right"
+        transition="scale-transition"
+        id="user-menu"
+      >
+        <template v-slot:activator="{ on }">
+        <v-btn v-on="on" text dark :ripple="false" class="icon-btn">
+          <v-icon class="mr-2">account_circle</v-icon><v-icon >arrow_drop_down</v-icon>
+        </v-btn>
+                  </template>
+
+        <v-list dense>
+          <v-list-item>
+            <strong> {{ app.user.username }} </strong>
+          </v-list-item>
+          <v-divider></v-divider>
+          <v-list-item :to="{ name: 'profile', params: { name: app.user.username }}">
+            Your Profile
+          </v-list-item>
+          <v-divider ></v-divider>
+          <v-list-item @click="logout">
+            Sign Out
+          </v-list-item>
+        </v-list>
+      </v-menu>
+    </v-layout>
+  </v-layout>
+</template>
+
+<script>
+import OrganisationMixin from '../mixins/Organisation'
+import { mapState, mapMutations } from 'vuex'
+
+export default {
+  name: 'app-header',
+  props: {
+    isPrimary: {
+      type: Boolean,
+      default: true
+    }
+  },
+  mixins: [OrganisationMixin],
+  computed: {
+    ...mapState(['organisations', 'drawer']),
+    app () {
+      return this.$store.state.app
+    },
+    organisations () {
+      return this.$store.state.organisations
+    },
+    namespace () {
+      return this.$store.state.namespace
+    },
+    profileUrl () {
+      return { name: 'user', params: { username: this.app.user.username } }
+    }
+  },
+  created () {
+    if (this.app.user) {
+      // to have all available namespace for project creation
+      this.getUserOrganisations()
+    }
+  },
+  methods: {
+    ...mapMutations({
+      setDrawer: 'SET_DRAWER'
+    }),
+    logout () {
+      this.$http.get('/auth/logout').then(() => {
+        if (this.$route.path === '/') {
+          location.reload()
+        } else {
+          location.href = '/'
+        }
+      })
+    },
+    clearUserData () {
+      this.$store.dispatch('clearUserData')
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.header {
+  padding: 0 0.5em;
+  position: relative;
+  min-height: 50px;
+  flex-shrink: 0;
+  z-index: 7;
+  .content {
+    height: 50px;
+    align-items: flex-end;
+  }
+  .v-btn:hover:before {
+    background-color: #fff;
+  }
+  .v-btn:before {
+    background-color: transparent;
+  }
+  .v-btn {
+    letter-spacing: normal;
+  }
+
+  a {
+    color: #fff;
+    min-width: 2em;
+    margin: 0.35em 0.25em;
+    padding: 0.35em 0.75em;
+    text-decoration: none;
+    font-weight: 500;
+    /*font-size: 110%;*/
+    font-size: 15.4px;
+    &.active {
+      color: orange;
+    }
+    &.logo {
+      padding: 0;
+      margin: 0 1em;
+      height: inherit;
+      position: relative;
+      img {
+        height: inherit;
+        width: auto;
+        padding: 0.25em 0;
+      }
+      .banner {
+        position: absolute;
+        top: 7px;
+        left: 2px;
+        color: orange;
+        font-size: 10px;
+        font-weight: 600;
+      }
+    }
+  }
+}
+@media (min-width : 960px) {
+  .small-screen {
+    display: none;
+  }
+}
+.v-btn {
+  text-transform: none;
+}
+.menu-sub-title {
+  font-weight: 700 !important;
+}
+.menu-sub-content {
+  padding-left: 16px;
+  cursor: pointer;
+  width: 100%;
+}
+.menu-sub-content:hover,.pointer:hover {
+  opacity: 0.5;
+}
+.pointer {
+  cursor: pointer;
+}
+  .icon-btn:before {
+    display: none;
+  }
+</style>
diff --git a/web-app/src/components/CloneDialog.vue b/web-app/src/components/CloneDialog.vue
new file mode 100644
index 00000000..09e5e232
--- /dev/null
+++ b/web-app/src/components/CloneDialog.vue
@@ -0,0 +1,107 @@
+# Copyright (C) 2019 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-card v-on:keyup.enter="createProject">
+    <v-card-title>
+      <span class="headline">Clone Project</span>
+    </v-card-title>
+    <v-card-text>
+      <p
+        class="text-xs-center red--text"
+        v-text="error"
+      />
+      <v-text-field
+        autofocus
+        label="new project"
+        v-model="name"
+      />
+       <v-select
+        label="Project owner"
+        v-model="newNamespace"
+        :items="namespaces"
+        item-text="name"
+        item-value="name"
+        clearable
+      />
+    </v-card-text>
+    <v-card-actions>
+      <v-spacer/>
+      <v-btn @click="$dialog.close">
+        Close
+      </v-btn>
+      <v-btn
+        id="clone-project-btn"
+        class="primary"
+        :disabled="!name || !newNamespace"
+        @click="cloneProject"
+      >
+        Clone
+      </v-btn>
+    </v-card-actions>
+  </v-card>
+</template>
+
+<script>
+import { waitCursor } from '../util'
+import { postRetryCond } from '../http'
+
+export default {
+  name: 'clone-project',
+  props: {
+    namespace: String,
+    project: String
+  },
+  data () {
+    return {
+      name: '',
+      error: null,
+      namespaces: [],
+      newNamespace: null
+    }
+  },
+  created () {
+    this.fetchNamespaces()
+    this.newNamespace = this.app.user.username
+    this.name = this.project
+  },
+  computed: {
+    app () {
+      return this.$store.state.app
+    }
+  },
+  methods: {
+    cloneProject () {
+      const data = {
+        project: this.name.trim(),
+        namespace: this.newNamespace
+      }
+      waitCursor(true)
+      const params = {
+        'axios-retry': {
+          retries: 5,
+          retryCondition: error => postRetryCond(error)
+        }
+      }
+      this.$http.post(`/v1/project/clone/${this.namespace}/${this.project}`, data, params)
+        .then(() => {
+          waitCursor(false)
+          this.$dialog.close()
+          this.$store.commit('project', null)
+          this.$router.push({ name: 'project', params: { namespace: this.newNamespace, projectName: this.name.trim() } })
+        })
+        .catch(err => {
+          this.error = (err.response && err.response.data.detail) || 'Error'
+          waitCursor(false)
+        })
+    },
+    async fetchNamespaces () {
+      const username = this.$store.state.app.user.username
+      this.namespaces.push(username)
+      this.namespaces = this.namespaces.concat(this.$store.state.organisations.filter(function (item) {
+        return item.writers.includes(username)
+      }))
+    }
+  }
+}
+</script>
diff --git a/web-app/src/components/ConfirmDialog.vue b/web-app/src/components/ConfirmDialog.vue
new file mode 100644
index 00000000..3180426c
--- /dev/null
+++ b/web-app/src/components/ConfirmDialog.vue
@@ -0,0 +1,69 @@
+# Copyright (C) 2019 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-card>
+    <v-card-title class="headline">{{ headline }}</v-card-title>
+    <v-card-text v-html="text"/>
+    <v-card-actions>
+      <v-text-field
+        v-if="confirmField"
+        autofocus
+        :label="confirmField.label"
+        v-model="confirmValue"
+        style="margin-left: 15px"
+      />
+      <v-spacer/>
+      <v-btn
+        text
+        @click="$dialog.close"
+      >
+        {{ cancelText }}
+      </v-btn>
+      <v-btn
+        :disabled="!isConfirmed"
+        color="primary"
+        @click="confirm"
+      >
+        {{ confirmText }}
+      </v-btn>
+    </v-card-actions>
+  </v-card>
+</template>
+
+<script>
+export default {
+  props: {
+    text: String,
+    confirmField: Object,
+    confirmText: {
+      type: String,
+      default: 'Ok'
+    },
+    cancelText: {
+      type: String,
+      default: 'Cancel'
+    },
+    headline: {
+      type: String,
+      default: 'Confirm'
+    }
+  },
+  data () {
+    return {
+      confirmValue: ''
+    }
+  },
+  computed: {
+    isConfirmed () {
+      return (this.confirmField) ? this.confirmField.expected === this.confirmValue : true
+    }
+  },
+  methods: {
+    confirm () {
+      this.$dialog.close()
+      this.$emit('confirm')
+    }
+  }
+}
+</script>
diff --git a/web-app/src/components/DialogWindows.vue b/web-app/src/components/DialogWindows.vue
new file mode 100644
index 00000000..8db35859
--- /dev/null
+++ b/web-app/src/components/DialogWindows.vue
@@ -0,0 +1,59 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-dialog
+    :value="open"
+    v-bind="dialogProps"
+    @input="close"
+  >
+    <div
+      v-if="params"
+      :is="params.component"
+      v-bind="params.props"
+      v-on="params.listeners"
+    />
+  </v-dialog>
+</template>
+
+<script>
+import Vue from 'vue'
+import ConfirmDialog from '@/components/ConfirmDialog'
+
+export default {
+  data () {
+    return {
+      open: false,
+      params: null
+    }
+  },
+  computed: {
+    dialogProps () {
+      return this.params ? this.params.dialog : {}
+    }
+  },
+  created () {
+    Vue.prototype.$dialog = this
+  },
+  methods: {
+    _open (params) {
+      this.params = params
+      this.open = true
+    },
+    show (component, params) {
+      this._open({ component, ...params })
+    },
+    prompt (params) {
+      this._open({ component: ConfirmDialog, ...params })
+    },
+    close () {
+      this.open = false
+      if (this.params.dialog && !this.params.dialog.keepAlive) {
+        setTimeout(() => {
+          this.params = null
+        }, 300)
+      }
+    }
+  }
+}
+</script>
diff --git a/web-app/src/components/DropArea.vue b/web-app/src/components/DropArea.vue
new file mode 100644
index 00000000..86faa6e5
--- /dev/null
+++ b/web-app/src/components/DropArea.vue
@@ -0,0 +1,237 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <div
+    class="drop-area"
+    :class="{ active: dragOver }"
+    @dragover.prevent="onDragOver"
+    @dragleave.capture="setOver(false)"
+    @drop.prevent="onDrop"
+  >
+    <div
+      v-show="dragOver"
+      class="drop-highlight lighten-3"
+      :class="canDropFiles ? 'primary' : 'red'"
+    />
+    <div
+      class="file-input"
+      :class="canDropFiles ? '' : 'disabled'"
+      @click="selectFiles()">
+      <input
+        ref="selectFilesInput"
+        @change="onFileSelected"
+        type="file" name="files" multiple>
+    </div>
+    <slot/>
+  </div>
+</template>
+
+<script>
+import { mapState } from 'vuex'
+import debounce from 'lodash/debounce'
+import pickBy from 'lodash/pickBy'
+import keyBy from 'lodash/keyBy'
+import Path from 'path'
+
+import { getFiles, checksum } from '@/mergin'
+
+
+export default {
+  props: ['location'],
+  data () {
+    return {
+      dragOver: false,
+      pingData: null
+    }
+  },
+  computed: {
+    ...mapState(['project', 'uploads']),
+    upload () {
+      return this.project && this.uploads[this.project.name]
+    },
+    canDragOver () {
+      return this.project && this.$route.name === 'project-tree'
+    },
+    canDropFiles () {
+      const isUploadRunning = this.upload && this.upload.running
+      return this.canDragOver && !isUploadRunning && this.project.permissions.upload
+    }
+  },
+  created () {
+    this.getPingData()
+  },
+  methods: {
+    getPingData () {
+      this.$http.get('/ping')
+        .then(resp => {
+          this.pingData = resp.data
+        })
+        .catch(() => {
+          this.$notification.error('Failed to ping server')
+        })
+    },
+    setOver: debounce(function (isOver) {
+      this.dragOver = isOver
+    }, 30),
+    onDragOver () {
+      if (!this.dragOver && this.canDragOver) {
+        this.setOver(true)
+      }
+    },
+    onDrop (evt) {
+      this.setOver(false)
+      if (!this.dragOver || !this.canDropFiles) {
+        return
+      }
+      if (this.upload && this.upload.running) {
+        return this.$notification.error('You cannot update files during upload')
+      }
+      // prepare all entries cause they will be not accessible after this callback ends (after 'await')
+      const entries = Array.from(evt.dataTransfer.items).map(i => i.webkitGetAsEntry())
+      if (entries.some(e => e === null)) {
+        return this.$notification.error('Drop only files or folders')
+      }
+      this.createUpload(entries)
+    },
+    selectFiles () {
+      if (this.canDropFiles) {
+        this.$refs.selectFilesInput.click()
+      }
+    },
+    onFileSelected (evt) {
+      // prepare all entries cause they will be not accessible after this callback ends (after 'await')
+      const entries = Array.from(evt.target.files).map(i => {
+        i.isFile = true
+        return i
+      })
+      this.partialDrop(this.location, entries)
+      this.createUpload(entries)
+    },
+
+    async createUpload (entries) {
+      let partial = true
+      if (entries.length === 1) {
+        const item = entries[0]
+        if (item && item.isDirectory && item.name === this.project.name) {
+          // whole project folder was dropped
+          partial = false
+        }
+      }
+
+      if (!this.upload) {
+        // initialize new upload data
+        this.$store.commit('upload', partial ? this.project.files : {})
+      } else {
+        partial = true
+      }
+
+      if (partial) {
+        this.partialDrop(this.location, entries)
+      } else {
+        // TODO: check if upload already exists?
+        const files = await getFiles(entries[0], this.pingData)
+        this.$store.commit('analysingFiles', files.map(f => f.path))
+        await this.analyzeFiles(files)
+        this.$store.commit('uploadFiles', files)
+      }
+    },
+
+    async analyzeFiles (files) {
+      // or compute checksums sequentially?
+      // for (let file of files) {
+      //   const hash = await checksum(file.file)
+      //   file.checksum = hash
+      //   this.$store.commit('finishFileAnalysis', file.path)
+      // }
+      // return files
+
+      return Promise.all(files.map(async (file) => {
+        const hash = await checksum(file.file)
+        file.checksum = hash
+        this.$store.commit('finishFileAnalysis', file.path)
+      }))
+    },
+    async partialDrop (location, entries) {
+      let uploadFiles
+      if (!this.upload) {
+        // this.$store.commit('upload')
+        uploadFiles = { ...this.project.files }
+      } else {
+        uploadFiles = this.upload.files
+      }
+
+      const items = []
+      for (const entry of entries) {
+        items.push({
+          name: entry.name,
+          isDirectory: entry.isDirectory,
+          files: await getFiles(entry, this.pingData)
+        })
+      }
+
+      const allFiles = items.reduce((list, item) => list.concat(item.files), [])
+      this.$store.commit('analysingFiles', allFiles.map(f => f.path))
+      await this.analyzeFiles(allFiles)
+
+      items.forEach(entry => {
+        if (entry.isDirectory) {
+          const directory = Path.join(location, entry.name)
+          const pathPrefix = directory + '/'
+          uploadFiles = {
+            // filter all files in directory
+            ...pickBy(uploadFiles, file => !file.path.startsWith(pathPrefix)),
+            // new directory files
+            ...keyBy(entry.files.map(f => ({ ...f, path: Path.join(directory, f.path) })), 'path')
+          }
+        } else {
+          const file = entry.files[0]
+          file.path = Path.join(location, file.path)
+          uploadFiles = {
+            ...uploadFiles,
+            [file.path]: file
+          }
+        }
+      })
+      this.$store.commit('uploadFiles', uploadFiles)
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.drop-area {
+  position: relative;
+  .drop-highlight {
+    position: absolute;
+    top: 0;
+    left: 0;
+    right: 0;
+    bottom: 0;
+    border-radius: 2px;
+    z-index: 0;
+    border: 2px solid currentColor;
+  }
+  .file-input {
+    position: absolute;
+    top: 0;
+    left: 0;
+    right: 0;
+    bottom: 0;
+    opacity: 0;
+    width: 100%;
+    height: 100%;
+    z-index: 1;
+    cursor: pointer;
+
+    input[type=file] {
+      opacity: 0;
+      max-width: 0;
+      width: 0;
+    }
+  }
+  .file-input.disabled {
+    cursor: not-allowed;
+  }
+}
+</style>
diff --git a/web-app/src/components/EmailEditor.vue b/web-app/src/components/EmailEditor.vue
new file mode 100644
index 00000000..8da39cbb
--- /dev/null
+++ b/web-app/src/components/EmailEditor.vue
@@ -0,0 +1,62 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-card>
+    <v-card-text>
+      <v-text-field
+        label="Subject"
+        v-model="subject"
+        single-line
+        hide-details
+      />
+      <wysiwyg v-model="html" />
+    </v-card-text>
+
+    <v-card-actions>
+      <v-spacer/>
+      <v-btn @click="$dialog.close">Close</v-btn>
+      <v-btn
+        color="primary"
+        @click="sendEmails"
+        :disabled="!subject"
+      >
+        Send
+      </v-btn>
+    </v-card-actions>
+  </v-card>
+</template>
+
+<script>
+
+export default {
+  props: {
+    users: Array
+  },
+  data () {
+    return {
+      subject: ''
+    }
+  },
+  methods: {
+    sendEmails () {
+      const data = {
+        users: this.users,
+        subject: this.subject,
+        html: ''
+      }
+      this.$http.post('/app/email_notification', data)
+        .then(() => {
+          this.$notification.show('Email was successfully sent')
+          this.$dialog.close()
+        })
+        .catch(err => {
+          this.handleError(err, 'Failed to send notification email')
+        })
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+</style>
diff --git a/web-app/src/components/FileChangesetSummaryTable.vue b/web-app/src/components/FileChangesetSummaryTable.vue
new file mode 100644
index 00000000..5e40a551
--- /dev/null
+++ b/web-app/src/components/FileChangesetSummaryTable.vue
@@ -0,0 +1,68 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <div>
+    <v-data-table
+        :headers="headers"
+        :items="displayedChangeset"
+        footer-props.items-per-page-options='[10, 25, {"text": "$vuetify.dataIterator.rowsPerPageAll","value": -1}]'
+        :hide-default-footer="displayedChangeset.length <= 10"
+      >
+      <!-- headers -->
+      <template v-slot:header.insert="{ header }">
+        <v-tooltip bottom>
+          <template v-slot:activator="{ on }">
+             <v-icon v-on="on" small :color="header.color">{{ header.icon }}</v-icon>
+          </template>
+          <span>Added</span>
+        </v-tooltip>
+      </template>
+      <template v-slot:header.delete="{ header }">
+        <v-tooltip bottom>
+          <template v-slot:activator="{ on }">
+             <v-icon v-on="on" small :color="header.color">{{ header.icon }}</v-icon>
+          </template>
+          <span>Deleted</span>
+        </v-tooltip>
+      </template>
+      <template v-slot:header.update="{ header }">
+        <v-tooltip bottom>
+          <template v-slot:activator="{ on }">
+             <v-icon v-on="on" small :color="header.color">{{ header.icon }}</v-icon>
+          </template>
+          <span>Modified</span>
+        </v-tooltip>
+      </template>
+    </v-data-table>
+  </div>
+</template>
+
+<script>
+
+export default {
+  name: 'file-changeset-summary-table',
+  props: {
+    changesets: Array
+  },
+  data () {
+    return {
+      headers: [
+        { text: 'Table', value: 'table' },
+        { text: 'Inserts', icon: 'add_circle', color: 'green', value: 'insert' },
+        { text: 'Updates', icon: 'edit', color: 'orange', value: 'update' },
+        { text: 'Deletes', icon: 'delete', color: 'red', value: 'delete' }
+      ]
+    }
+  },
+  computed: {
+    displayedChangeset () {
+      // Displayed changesets data into table data
+      return this.changesets.filter(p => p.table !== 'gpkg_contents')
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+</style>
diff --git a/web-app/src/components/FileIcon.vue b/web-app/src/components/FileIcon.vue
new file mode 100644
index 00000000..9724e3cf
--- /dev/null
+++ b/web-app/src/components/FileIcon.vue
@@ -0,0 +1,96 @@
+# Copyright (C) 2019 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <div>
+    <template v-if="icon">
+      <span>
+        <img :src="icon" />
+      </span>
+    </template>
+    <template v-else>
+      <v-icon>{{ mdi }}</v-icon>
+    </template>
+  </div>
+</template>
+
+<script>
+import mIconDbSchema from '../assets/qgis-icons/mIconDbSchema.svg'
+import mIconFolder from '../assets/qgis-icons/mIconFolder.svg'
+import mIconRaster from '../assets/qgis-icons/mIconRaster.svg'
+import mIconTableLayer from '../assets/qgis-icons/mIconTableLayer.svg'
+import mIconZip from '../assets/qgis-icons/mIconZip.svg'
+import providerQgis from '../assets/qgis-icons/providerQgis.svg'
+
+const mdiByExtensionDict = {
+  jpg: 'image',
+  jpeg: 'image',
+  png: 'image'
+}
+
+const iconByExtensionDict = {
+  folder: mIconFolder,
+  gpkg: mIconDbSchema,
+  qgs: providerQgis,
+  qgz: providerQgis,
+  rar: mIconZip,
+  sql: mIconDbSchema,
+  tif: mIconRaster,
+  tiff: mIconRaster,
+  xls: mIconTableLayer,
+  xlsx: mIconTableLayer
+}
+
+export default {
+  props: {
+    file: Object
+  },
+  computed: {
+    icon: function () {
+      const file = this.file
+      const splittedName = file.name.split('.')
+      let ext = (splittedName[splittedName.length - 1]).toLowerCase()
+      if (file.type === 'folder') {
+        if (file.name !== '..') {
+          ext = 'folder'
+        } else {
+          return null
+        }
+      }
+      return iconByExtensionDict[ext] ? iconByExtensionDict[ext] : null
+    },
+    mdi: function () {
+      const file = this.file
+      let mdi
+      if (file.type === 'folder') {
+        if (file.name !== '..') {
+          mdi = 'folder'
+        }
+      } else {
+        const splittedName = file.name.split('.')
+        const ext = (splittedName[splittedName.length - 1]).toLowerCase()
+        mdi = mdiByExtensionDict[ext] ? mdiByExtensionDict[ext] : 'description'
+      }
+      return mdi
+    }
+  }
+}
+</script>
+<style lang="scss" scoped>
+div {
+  display: inline-block;
+}
+span {
+  position: relative;
+  display: inline-block;
+  margin-right: 5px;
+  height: 18px;
+  width: 23px;
+}
+img {
+  height: 100%;
+  position: absolute;
+  top: 3px;
+  left: 2px;
+}
+</style>
diff --git a/web-app/src/components/FileMenu.vue b/web-app/src/components/FileMenu.vue
new file mode 100644
index 00000000..20538794
--- /dev/null
+++ b/web-app/src/components/FileMenu.vue
@@ -0,0 +1,43 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-menu
+    v-model="showMenu"
+    :position-x="x"
+    :position-y="y"
+    absolute
+    offset-y
+    :min-width="150"
+  >
+    <v-list>
+      <v-list-item @click="deleteFile">
+        <v-list-item-title>Delete</v-list-item-title>
+      </v-list-item>
+    </v-list>
+  </v-menu>
+</template>
+
+<script>
+export default {
+  data () {
+    return {
+      showMenu: false,
+      x: 0,
+      y: 0,
+      file: null
+    }
+  },
+  methods: {
+    open (evt, file) {
+      this.showMenu = true
+      this.x = evt.clientX
+      this.y = evt.clientY
+      this.file = file
+    },
+    deleteFile () {
+      this.$store.commit('deleteFiles', [this.file.path])
+    }
+  }
+}
+</script>
diff --git a/web-app/src/components/FolderDiff.vue b/web-app/src/components/FolderDiff.vue
new file mode 100644
index 00000000..edf06ed2
--- /dev/null
+++ b/web-app/src/components/FolderDiff.vue
@@ -0,0 +1,45 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template functional>
+  <span class="diff">
+    <span v-if="props.added" class="added">{{ props.added }}</span>
+    <span v-if="props.removed" class="removed">{{ props.removed }}</span>
+    <span v-if="props.updated" class="updated">{{ props.updated }}</span>
+    <span v-if="props.added + props.removed + props.updated > 0"> / {{ props.count }}</span>
+  </span>
+</template>
+
+<script>
+export default {
+  functional: true,
+  props: {
+    added: Number,
+    removed: Number,
+    updated: Number,
+    count: Number
+  }
+}
+</script>
+<style lang="scss" scoped>
+.added {
+  color: green;
+}
+.removed {
+  color: red;
+}
+.updated {
+  color: orange;
+}
+.diff {
+  // color: #777;
+}
+.diff > span {
+  &:not(:first-child):not(:last-child) {
+    &:before {
+      content: " + ";
+      color: #777;
+    }
+  }
+}
+</style>
diff --git a/web-app/src/components/Footer.vue b/web-app/src/components/Footer.vue
new file mode 100644
index 00000000..db116bf0
--- /dev/null
+++ b/web-app/src/components/Footer.vue
@@ -0,0 +1,59 @@
+# Copyright (C) 2021 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <section class="footer py-4">
+      <v-layout row wrap align-center>
+        <v-row>
+        <v-col xs12 sm6 px-4 text-xs-center text-sm-left>
+          <span>&copy; 2019-{{ new Date().getFullYear() }} <a href="https://www.lutraconsulting.co.uk/">Lutra Consulting Limited</a>. All rights reserved.</span>
+        </v-col>
+        <v-col
+            style="text-align: right;"
+          sm6
+          text-sm-right
+          xs12
+          px-4
+          :class="{
+            'justify-center': $vuetify.breakpoint.xs,
+            'justify-end': $vuetify.breakpoint.smAndUp
+          }"
+        >
+          <a class="icon" href="https://github.com/lutraconsulting/"><v-icon>fab fa-github</v-icon></a>
+          <a class="icon" href="https://twitter.com/lutraconsulting/"><v-icon>fab fa-twitter</v-icon></a>
+          <a class="icon" href="https://www.linkedin.com/company/lutra-consulting"><v-icon>fab fa-linkedin</v-icon></a>
+          </v-col>
+               </v-row>
+
+      </v-layout>
+    </section>
+</template>
+
+<script>
+export default {
+  name: 'Footer'
+}
+</script>
+
+<style lang="scss" scoped>
+     .layout {
+     width: 100%;
+     max-width: 1140px;
+   }
+   .footer {
+    background-color: #eaebef;
+     max-height: 70px;
+    a {
+      text-decoration: none;
+      &.icon:hover > i {
+        color: #555;
+      }
+    }
+     .icon {
+    width: 1.5em;
+    height: 1.5em;
+    margin: 0.5em;
+    color: grey;
+  }
+  }
+</style>
diff --git a/web-app/src/components/InvitationsTable.vue b/web-app/src/components/InvitationsTable.vue
new file mode 100644
index 00000000..0f7d2294
--- /dev/null
+++ b/web-app/src/components/InvitationsTable.vue
@@ -0,0 +1,156 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <div>
+     <v-data-table
+      :headers="headerInvitations"
+      :items="invitations"
+      no-data-text="No invitations"
+      hide-default-footer
+      hide-default-header
+      fixed-header
+    >
+      <template v-slot:header="{ props: { headers } }">
+        <thead>
+        <tr>
+          <th v-bind:key="header.value" v-for="header in headers">
+        <v-tooltip v-if="header.tooltip" top>
+          <template v-slot:activator="{ on }">
+          <span v-on="on">
+            {{ header.text }}
+          </span>
+            </template>
+          <span>
+            {{ header.tooltip }}
+          </span>
+        </v-tooltip>
+        <span v-else>
+          {{ header.text }}
+        </span>
+        </th>
+        </tr>
+        </thead>
+      </template>
+
+      <template v-slot:item="{ item }">
+        <tr>
+        <td>
+          <b>
+            {{ item.org_name }}
+          </b>
+        </td>
+        <td>
+           <v-tooltip bottom>
+            <template v-slot:activator="{ on }">
+            <span v-on="on">{{ item.expire | remainingtime }}</span>
+            </template>
+            <span>{{ item.expire | datetime }}</span>
+          </v-tooltip>
+        </td>
+        <td>
+          <div v-if="!expired(item.expire)" style="text-align: end">
+            <v-chip
+              @click="acceptInvitation(item)"
+              elevation="0"
+              color="green"
+              class="white--text"
+            >
+              accept
+            </v-chip>
+            <v-chip
+              @click="removeInvitation(item)"
+              elevation="0"
+              color="red"
+              class="white--text"
+            >
+              reject
+            </v-chip>
+          </div>
+        </td>
+      </tr>
+      </template>
+    </v-data-table>
+  </div>
+</template>
+
+<script>
+import OrganisationMixin from '../mixins/Organisation'
+
+
+import { mapState } from 'vuex'
+
+
+export default {
+  name: 'invitations-table',
+  mixins: [
+    OrganisationMixin
+  ],
+  props: {
+    username: String
+  },
+  data () {
+    return {
+      headerInvitations: [
+        {
+          text: 'Organisation',
+          align: 'start',
+          sortable: false
+        },
+        {
+          text: 'Expire in',
+          align: 'start',
+          sortable: false,
+          tooltip: 'Invitation expiration'
+        },
+        {
+          text: '',
+          align: 'end',
+          sortable: false
+        }
+      ]
+    }
+  },
+  computed: {
+    ...mapState(['invitations'])
+  },
+  created () {
+    this.getInvitations('user', this.username)
+  },
+  methods: {
+    expired (expire) {
+      return Date.parse(expire) < Date.now()
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.v-data-table {
+  td {
+    &.flags {
+      .v-icon {
+        margin: 0 1px;
+        cursor: default;
+      }
+    }
+  }
+  a {
+    text-decoration: none;
+  }
+  .v-chip {
+    margin: 0;
+    margin-right: 0.5em;
+    height: 1.6em;
+    ::v-deep .v-chip__content {
+      cursor: pointer;
+      padding: 0 0.5em;
+      font-size: 85%;
+    }
+  }
+  .hidden {
+    opacity: 0;
+    pointer-events: none;
+  }
+}
+</style>
diff --git a/web-app/src/components/LoginDialog.vue b/web-app/src/components/LoginDialog.vue
new file mode 100644
index 00000000..dbd0d85f
--- /dev/null
+++ b/web-app/src/components/LoginDialog.vue
@@ -0,0 +1,285 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <div class="login-window">
+    <img class="bg" :src="require('@/assets/bg_grid.svg')"/>
+    <v-spacer/>
+    <v-layout justify-center align-end shrink>
+      <v-img
+        contain
+        max-width="300"
+        position="center bottom"
+        :transition="false"
+        :src="require('@/assets/img6.png')"
+      />
+    </v-layout>
+    <v-container class="py-1">
+      <v-card>
+        <v-responsive class="mt-2">
+          <img src="../assets/logo_color.svg" @click="home">
+        </v-responsive>
+        <v-card-text>
+          <p
+            v-if="errorMsg"
+            class="text-xs-center red--text"
+            v-text="errorMsg"
+          />
+          <v-form class="login-form">
+            <template v-if="forgotPassword">
+              <v-text-field
+                placeholder="Email"
+                name="email"
+                color="orange"
+                v-model="email"
+                :error-messages="errors.email"
+                @keyup.enter="reset"
+              />
+              <v-btn
+                :dark="email !== ''"
+                color="orange"
+                :disabled="!email"
+                @click="reset"
+              >
+                Reset Password
+              </v-btn>
+            </template>
+            <template v-else>
+              <v-text-field
+                placeholder="Username or email"
+                name="login"
+                color="orange"
+                v-model="login"
+                :error-messages="errors.login"
+                @keyup.enter="loginUser"
+              />
+              <v-text-field
+                placeholder="Password"
+                name="password"
+                color="orange"
+                v-model="password"
+                :append-icon="passwordVisible ? 'visibility_off' : 'visibility'"
+                @click:append="passwordVisible = !passwordVisible"
+                :type="passwordVisible ? 'text' : 'password'"
+                :error-messages="errors.password"
+                @keyup.enter="loginUser"
+              />
+              <v-btn
+                :dark="Boolean(login && password)"
+                :disabled="!login || !password"
+                color="orange"
+                class="mx-0 mt-3"
+                id="login-btn"
+                @click="loginUser"
+              >
+                Sign In
+              </v-btn>
+            </template>
+          </v-form>
+          <div class="d-flex justify-space-between">
+            <v-btn
+            v-if="!forgotPassword"
+            text small
+            color="primary"
+            class="reset"
+            :to="{name: 'login', params:{reset: 'reset'}}"
+            >Forgot password?
+          </v-btn>
+            <v-btn
+            v-if="!forgotPassword && app.registration"
+            text small
+            color="primary"
+            class="reset"
+            @click="toRegister"
+            >Register
+          </v-btn>
+          </div>
+        </v-card-text>
+        <p class="cookies">This website uses cookies. By continuing to use this website you consent to their use.</p>
+      </v-card>
+    </v-container>
+    <v-spacer/>
+    <v-spacer/>
+  </div>
+</template>
+
+<script>
+import FormMixin from '@/mixins/Form'
+import VueRouter from 'vue-router'
+import MerginAPI from '@/mixins/MerginAPI'
+const { isNavigationFailure, NavigationFailureType } = VueRouter
+
+export default {
+  mixins: [FormMixin, MerginAPI],
+  data () {
+    return {
+      valid: true,
+      login: '',
+      password: '',
+      email: '',
+      passwordVisible: false
+    }
+  },
+  created () {
+    this.$store.commit('user', null) // clear current user to prevent commit to store (and thus reload)
+  },
+  computed: {
+    app () {
+      return this.$store.state.app
+    },
+    forgotPassword () {
+      return this.$route.params.reset === 'reset'
+    }
+  },
+  methods: {
+    loginUser () {
+      this.clearErrors()
+      const data = {
+        login: this.login.trim(),
+        password: this.password.trim()
+      }
+      this.$http.post('/auth/login', data)
+        .then((resp) => {
+          this.$store.commit('user', resp.data)
+          this.$emit('login')
+          if (this.$route.query.redirect) {
+            this.$router.push(this.$route.query.redirect).catch(e => {
+              if (isNavigationFailure(e, NavigationFailureType.redirected)) {
+                // expected redirect
+                //   https://router.vuejs.org/guide/advanced/navigation-failures.html#detecting-navigation-failures
+              } else {
+                this.$notification.error(e)
+              }
+            })
+          }
+          if (this.$route.path === '/login') {
+            this.$router.push({ name: 'dashboard' })
+          }
+        })
+        .catch((err) => {
+          this.handleError(err)
+          this.errors.password = err.response.data.detail
+        })
+    },
+    reset () {
+      this.clearErrors()
+      this.$http.post('/auth/password_reset', { email: this.email })
+        .then(() => {
+          this.forgotPassword = false
+          this.$notification.show('Email with password reset link was sent to your email address', { timeout: 3000 })
+        })
+        .catch(err => this.handleError(err, 'Failed to send confirmation email'))
+    },
+    home () {
+      this.$router.push('/')
+    },
+    toRegister () {
+      if (!this.app.user) {
+        this.$store.commit('guestUser')
+      }
+      this.$router.push('/register')
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.login-window {
+  position: fixed;
+  top: 0;
+  left: 0;
+  height: 100%;
+  width: 100%;
+
+  background-image: linear-gradient(#172238, #2c436f);
+  display: flex;
+  flex-direction: column;
+  z-index: 100;
+  overflow: auto;
+
+  .bg {
+    position: absolute;
+    left: 0;
+    top: 0;
+    height: 100%;
+    width: 100%;
+    object-fit: cover;
+  }
+  .container {
+    display: flex;
+    align-items: center;
+    justify-content: center;
+    flex: 0 0 auto;
+  }
+
+  ::v-deep .v-card {
+    max-width: 400px;
+    flex: 1;
+    opacity: 0.9;
+
+    .v-responsive__content {
+      display: flex;
+      flex-direction: row;
+      justify-content: center;
+      margin-top: 0.25em;
+      cursor: pointer;
+      img {
+        height: 4em;
+        width: auto;
+      }
+    }
+
+    .v-card__text {
+      display: flex;
+      flex-direction: column;
+    }
+    form {
+      display: flex;
+      flex-direction: column;
+      input {
+        padding-left: 0.25em;
+      }
+      .input-group label:after {
+        /* Remove asterics from required fields */
+        display: none;
+      }
+      .v-input__append-inner {
+        position: absolute;
+        right: 0.25em;
+        .v-icon {
+          color: #ccc!important;
+        }
+      }
+    }
+    .cookies {
+      margin: 0.5em;
+      text-align: center;
+    }
+    .version {
+      margin: 1em 0 0.5em 0;
+      text-align: center;
+      opacity: 0.6;
+      font-size: 90%;
+    }
+  }
+  .copyright {
+    position: absolute;
+    right: -1em;
+    bottom: 0.25em;
+    padding: 0 2em 0 2em;
+    color: #fff;
+    text-shadow: 1px 1px 3px #333;
+    opacity: 0.7;
+    user-select: none;
+    b {
+      font-weight: 500;
+    }
+  }
+  ::v-deep .v-btn {
+    text-transform: none;
+    &.reset {
+      align-self: center;
+    }
+  }
+}
+</style>
diff --git a/web-app/src/components/Notifications.vue b/web-app/src/components/Notifications.vue
new file mode 100644
index 00000000..626f2eda
--- /dev/null
+++ b/web-app/src/components/Notifications.vue
@@ -0,0 +1,94 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-snackbar
+    :value="open"
+    v-bind="params"
+    @input="_close"
+    :timeout="timeout"
+  >
+    <template v-if="params">
+      <span v-text="params.text"/>
+      <v-btn
+        v-if="params.action"
+        text
+        color="yellow"
+        @click="params.action.handler"
+      >
+        {{ params.action.text }}
+      </v-btn>
+      <v-btn
+        v-else
+        text
+        :color="contrastColor"
+        @click="_close"
+      >
+        Close
+      </v-btn>
+    </template>
+  </v-snackbar>
+</template>
+
+<script>
+import Vue from 'vue'
+
+export default {
+  data () {
+    return {
+      params: null,
+      action: null,
+      timeout: 3000
+    }
+  },
+  computed: {
+    open () {
+      return Boolean(this.params)
+    },
+    contrastColor () {
+      return (this.params && this.params.contrastColor) || 'yellow'
+    }
+  },
+  mounted () {
+    Vue.prototype.$notification = this
+  },
+  methods: {
+    _close () {
+      this.params = null
+      this.action = null
+      this.timeout = 3000
+    },
+    _open (params) {
+      if (this.open) {
+        if (this.params.text === params.text) {
+          // ignore same notifications
+          return
+        }
+        this._close()
+        setTimeout(() => {
+          this._open(params)
+        }, 300)
+      } else {
+        this.params = params
+        if (params.timeout) this.timeout = params.timeout
+      }
+    },
+    show (text, opts = {}) {
+      this._open({ ...opts, text })
+    },
+    warn (text, opts = {}) {
+      this._open({ ...opts, text, color: 'orange', contrastColor: 'black' })
+    },
+    error (text, opts = {}) {
+      this._open({ ...opts, text, color: 'red darken-4' })
+    },
+    displayResult (result) {
+      if (result.success) {
+        this.show(result.message)
+      } else {
+        this.error(result.message, { timeout: 5000 })
+      }
+    }
+  }
+}
+</script>
diff --git a/web-app/src/components/OrganisationsTable.vue b/web-app/src/components/OrganisationsTable.vue
new file mode 100644
index 00000000..65634f94
--- /dev/null
+++ b/web-app/src/components/OrganisationsTable.vue
@@ -0,0 +1,137 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+    <v-data-table
+      :headers="header"
+      :items="displayedOrganisations"
+      no-data-text="No organisations"
+      color="primary"
+      footer-props.items-per-page-options='[10, 25, {"text": "$vuetify.dataIterator.rowsPerPageAll","value": -1}]'
+      :hide-default-footer="displayedOrganisations.length <= 10"
+      :options="options"
+      v-model="selected"
+      item-key="name"
+    >
+            <template v-slot:item="{ item }">
+      <tr>
+
+        <td>
+          <router-link :to="{ name: 'org_profile', params: { name: item.name }}">
+              {{ item.name }}
+          </router-link>
+        </td>
+        <td>
+          <v-icon v-if="item.active" color="green">check</v-icon>
+          <v-icon v-else color="red">remove</v-icon>
+        </td>
+        <td>{{ item.description }}</td>
+        <td>
+          <router-link :to="{ name: 'namespace-projects', params: { namespace: item.name }}">
+            {{ item.project_count }}
+          </router-link>
+        </td>
+        <td>{{ item.disk_usage | filesize }}</td>
+        <td>{{ item.storage | filesize }}</td>
+        <td>{{ item.role }}</td>
+      </tr>
+            </template>
+    </v-data-table>
+</template>
+
+<script>
+import escapeRegExp from 'lodash/escapeRegExp'
+import { removeAccents, downloadJsonList } from '../util'
+import OrganisationMixin from '../mixins/Organisation'
+import { mapState } from 'vuex'
+
+
+export default {
+  name: 'organisations-table',
+  mixins: [
+    OrganisationMixin
+  ],
+  props: {
+    username: String
+  },
+  data () {
+    return {
+      options: {
+        'sort-by': 'name'
+      },
+      selected: [],
+      header: [
+        { text: 'Name', value: 'name' },
+        { text: 'Active', value: 'active' },
+        { text: 'Description', value: 'description' },
+        { text: 'Projects', value: 'project_count' },
+        { text: 'Usage', value: 'disk_usage' },
+        { text: 'Storage', value: 'storage' },
+        { text: 'Role', value: 'role' }
+      ],
+      searchFilter: ''
+    }
+  },
+  computed: {
+    ...mapState(['organisations', 'app']),
+    displayedOrganisations () {
+      let organisations = this.organisations
+      if (this.searchFilter) {
+        const regex = new RegExp(escapeRegExp(removeAccents(this.searchFilter.trim())), 'i')
+        organisations = organisations.filter(
+          o => (o.name.search(regex) !== -1)
+        )
+      }
+      return organisations
+    }
+  },
+  created () {
+    this.getUserOrganisations()
+  },
+  methods: {
+    exportList () {
+      downloadJsonList(this.selected, this.header, 'organisations')
+    },
+    removeSelected () {
+      const promises = this.selected.map(org => { return this.deleteOrganisation(org.name) })
+      Promise.all(promises)
+        .then()
+        .catch(err => {
+          const msg = (err.response && err.response.status === 503) ? err.response.data.detail : 'Unable to remove organisations'
+          this.$notification.error(msg)
+        })
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.v-data-table {
+  td {
+    text-align: left;
+    &.flags {
+      .v-icon {
+        margin: 0 1px;
+        cursor: default;
+      }
+    }
+  }
+  a {
+    text-decoration: none;
+  }
+  .v-chip {
+    margin: 0;
+    margin-right: 0.5em;
+    height: 1.6em;
+    ::v-deep .v-chip__content {
+      cursor: pointer;
+      padding: 0 0.5em;
+      font-size: 85%;
+    }
+  }
+  .hidden {
+    opacity: 0;
+    pointer-events: none;
+  }
+}
+</style>
diff --git a/web-app/src/components/ProgressSpinner.vue b/web-app/src/components/ProgressSpinner.vue
new file mode 100644
index 00000000..275640f0
--- /dev/null
+++ b/web-app/src/components/ProgressSpinner.vue
@@ -0,0 +1,16 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-progress-circular class="mx-2" :size="22" :width="3" indeterminate/>
+</template>
+
+<script>
+export default {
+  name: 'ProgressSpinner'
+}
+</script>
+
+<style scoped>
+
+</style>
diff --git a/web-app/src/components/ProjectAccessRequest.vue b/web-app/src/components/ProjectAccessRequest.vue
new file mode 100644
index 00000000..ae1a4764
--- /dev/null
+++ b/web-app/src/components/ProjectAccessRequest.vue
@@ -0,0 +1,257 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-layout class="no-shrink column">
+    <label class="mt-4 grey--text text--darken-1">Access requests:</label>
+    <v-data-table
+        :headers="tableHeaders"
+        :items="project.access_requests"
+        no-data-text="No access requests"
+        hide-default-header
+        :hide-default-footer="project.access_requests.length <= 10"
+    >
+      <template v-slot:header="{ props: { headers } }">
+        <thead>
+        <tr>
+          <th v-bind:key="header.text" v-for="header in headers" :style="`width: ${header.width}px`">
+            <v-tooltip v-if="header.tooltip" top>
+              <template v-slot:activator="{ on }">
+          <span v-on="on">
+            {{ header.text }}
+          </span>
+              </template>
+              <span>
+            {{ header.tooltip }}
+          </span>
+            </v-tooltip>
+            <span v-else>
+          {{ header.text }}
+        </span>
+          </th>
+        </tr>
+        </thead>
+      </template>
+
+      <template v-slot:item="{ item }">
+        <tr>
+          <td>
+            <v-tooltip top v-if="item.user.profile && (item.user.profile.first_name || item.user.profile.last_name)">
+              <template v-slot:activator="{ on }">
+              <b v-on="on">
+                {{ item.user.username }}
+              </b>
+              </template>
+              <span>
+              <span v-if="item.user.profile && item.user.profile.first_name">{{ item.user.profile.first_name }}</span>
+              <span v-if="item.user.profile && item.user.profile.last_name"> {{ item.user.profile.last_name }}</span>
+            </span>
+            </v-tooltip>
+            <b v-else>
+              {{ item.user.username }}
+            </b>
+          </td>
+          <td>
+           <v-tooltip bottom>
+           <template v-slot:activator="{ on }">
+            <span v-on="on">{{ item.expire | remainingtime }}</span>
+           </template>
+            <span>{{ item.expire | datetime }}</span>
+          </v-tooltip>
+        </td>
+          <td>
+            <v-select
+              :items="['read', 'write', 'owner']"
+              v-model="permissions[item.id]"
+              return-object
+              >
+            </v-select>
+          </td>
+          <td class="justify-center px-0">
+            <v-tooltip bottom>
+            <template v-slot:activator="{ on }">
+              <span v-on="on">
+                <v-chip
+                  :disabled="expired(item.expire) || (project.creator === item.user.id || !project.access.owners.includes(app.user.id))"
+                  @click="acceptRequest(item)"
+                  elevation="0"
+                  color="green"
+                  class="white--text"
+                >
+                  accept
+                </v-chip>
+              </span>
+            </template>
+              <span>Accept request</span>
+            </v-tooltip>
+          </td>
+          <td class="justify-center ">
+            <v-tooltip bottom>
+              <template v-slot:activator="{ on }">
+              <span v-on="on">
+                <v-chip
+                  :disabled="project.creator === item.user.id || !project.access.owners.includes(app.user.id)"
+                  @click="cancelRequest(item)"
+                  elevation="0"
+                  color="red"
+                  class="white--text"
+                >
+                  cancel
+                </v-chip>
+              </span>
+              </template>
+              <span>Cancel access request</span>
+            </v-tooltip>
+          </td>
+        </tr>
+      </template>
+    </v-data-table>
+    <button ref="hidden-btn" id="accept-request-access-btn" style="visibility: hidden"/>
+  </v-layout>
+</template>
+
+<script>
+import { mapState } from 'vuex'
+import MerginAPIMixin from '../mixins/MerginAPI'
+import { postRetryCond } from '../http'
+
+export default {
+  mixins: [MerginAPIMixin],
+  data () {
+    return {
+      permissions: {},
+      tableHeaders: [
+        {
+          text: 'User',
+          align: 'left',
+          sortable: false,
+          tooltip: 'Request from user'
+        }, {
+          text: 'Expire',
+          align: 'left',
+          sortable: false,
+          tooltip: 'Project access request expiration date'
+        }, {
+          text: 'Permissions',
+          align: 'right',
+          sortable: false,
+          width: 60
+        }, {
+          text: ' ',
+          align: 'right',
+          sortable: false,
+          width: 60
+        }, {
+          text: '',
+          align: 'right',
+          sortable: false,
+          width: 60
+        }
+      ],
+      originalValue: null
+    }
+  },
+  computed: {
+    ...mapState(['project', 'app'])
+  },
+  created () {
+    this.project.access_requests.forEach(request => {
+      this.permissions[request.id] = 'read'
+    })
+  },
+  methods: {
+    acceptRequest (request) {
+      const el = this.$refs['hidden-btn']
+      el.value = this.permissions[request.id]
+      el.dispatchEvent(new Event('click', {}))
+      const data = {
+        permissions: this.permissions[request.id]
+      }
+      const params = {
+        'axios-retry': {
+          retries: 5,
+          retryCondition: error => postRetryCond(error)
+        }
+      }
+      this.$http.post(`/app/project/accept/request/${request.id}`, data, params)
+        .then(resp => {
+          this.fetchProject(function () {})
+        })
+    },
+    fetchProject () {
+      this.$http(`/v1/project/${this.project.namespace}/${this.project.name}`)
+        .then(resp => {
+          this.$store.commit('project', resp.data)
+        })
+        .catch(resp => {
+          this.$notification.error('Failed to load project data')
+        })
+    },
+    expired (expire) {
+      return Date.parse(expire) < Date.now()
+    },
+    cancelRequest (request) {
+      this.cancelProjectAccessRequest(request)
+      const accessRequests = [...this.project.access_requests]
+      const index = this.project.access_requests.indexOf(request)
+      if (index > -1) {
+        accessRequests.splice(index, 1)
+        this.project.access_requests = accessRequests
+      }
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.no-shrink {
+  flex: 0 0 auto;
+}
+label {
+  font-weight: 500;
+}
+::v-deep {
+  .v-data-table__overflow {
+    margin: 0.5em 0;
+    border: 1px solid #ddd;
+    border-radius: 3px;
+    padding: 0.5em;
+    background-color: #f9f9f9;
+    .v-datatable {
+      background-color: transparent;
+    }
+  }
+}
+
+.v-list-item-content{
+  b {
+    margin-right: 10px;
+  }
+  span {
+    margin-right: 3px;
+    font-size: 12px;
+  }
+}
+
+.private-public-btn {
+  font-size: 12px;
+  padding-left: 20px;
+  padding-right: 20px;
+  span {
+      font-weight: 700;
+  }
+}
+
+.private-public-text {
+  font-size: 14px;
+}
+
+.public-private-zone {
+  margin-top: 20px;
+  margin-bottom: 20px;
+  button {
+    margin-right: 20px;
+    margin-top: 1px;
+  }
+}
+</style>
diff --git a/web-app/src/components/ProjectAccessRequestTable.vue b/web-app/src/components/ProjectAccessRequestTable.vue
new file mode 100644
index 00000000..de1d4ba9
--- /dev/null
+++ b/web-app/src/components/ProjectAccessRequestTable.vue
@@ -0,0 +1,185 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <div>
+    <v-data-table
+      :headers="header"
+      :items="accessRequests"
+      ref="table"
+      no-data-text="No access requests"
+      color="primary"
+      footer-props.items-per-page-options='[10, 25, {"text": "$vuetify.dataIterator.rowsPerPageAll","value": -1}]'
+      :hide-default-footer="accessRequests.length <= 10"
+      :options="options"
+    >
+      <template v-slot:item="{ item }">
+        <tr>
+          <td>
+          {{ item.user.username }}
+        </td>
+        <td>
+          {{ item.project_name }}
+        </td>
+        <td>
+           <v-tooltip bottom>
+           <template v-slot:activator="{ on }">
+            <span v-on="on">{{ item.expire | remainingtime }}</span>
+           </template>
+            <span>{{ item.expire | datetime }}</span>
+          </v-tooltip>
+        </td>
+          <td>
+            <v-select
+              :items="['read', 'write', 'owner']"
+              v-model="permissions[item.id]"
+              return-object
+              :disabled="item.namespace !== app.user.username"
+              >
+            </v-select>
+          </td>
+          <td class="justify-center ">
+          <div style="text-align: end">
+            <v-tooltip bottom v-if="item.namespace === app.user.username">
+            <template v-slot:activator="{ on }">
+              <span v-on="on">
+                <v-chip
+                  :disabled="expired(item.expire)"
+                  @click="acceptRequest(item)"
+                  elevation="0"
+                  color="green"
+                  class="white--text"
+                  :value="permissions[item.id]"
+                >
+                  accept
+                </v-chip>
+              </span>
+            </template>
+              <span>Accept request</span>
+            </v-tooltip>
+            <v-tooltip bottom>
+              <template v-slot:activator="{ on }">
+              <span v-on="on">
+                <v-chip
+                  @click="cancelRequest(item)"
+                  elevation="0"
+                  color="red"
+                  class="white--text"
+                >
+                  cancel
+                </v-chip>
+              </span>
+              </template>
+              <span>Cancel request</span>
+            </v-tooltip>
+          </div>
+        </td>
+      </tr>
+      </template>
+    </v-data-table>
+    <button ref="hidden-btn" id="accept-request-access-btn" style="visibility: hidden"/>
+  </div>
+</template>
+
+<script>
+import { mapState } from 'vuex'
+import MerginAPIMixin from '../mixins/MerginAPI'
+import { postRetryCond } from '../http'
+
+
+export default {
+  name: 'access-request-table',
+  components: { },
+  mixins: [MerginAPIMixin],
+  data () {
+    return {
+      options: {
+        'sort-by': 'name'
+      },
+      projectAccessRequests: [],
+      permissions: {}
+    }
+  },
+  computed: {
+    ...mapState(['app', 'transfers', 'accessRequests']),
+    header () {
+      return [
+        { text: 'Requester', value: 'user.username', sortable: true },
+        { text: 'Name', value: 'project_name', sortable: true },
+        { text: 'Expire in', value: 'expire', sortable: true },
+        { text: 'Permissions', width: 120, sortable: false },
+        { text: '', width: 190, sortable: false }
+      ]
+    }
+  },
+  created () {
+    this.fetchAccessRequests()
+    this.accessRequests.forEach(request => {
+      this.permissions[request.id] = 'read'
+    })
+  },
+  methods: {
+    acceptRequest (request) {
+      const el = this.$refs['hidden-btn']
+      el.value = this.permissions[request.id]
+      el.dispatchEvent(new Event('click', {}))
+
+      const data = {
+        permissions: this.permissions[request.id]
+      }
+      const params = {
+        'axios-retry': {
+          retries: 5,
+          retryCondition: error => postRetryCond(error)
+        }
+      }
+      this.$http.post(`/app/project/accept/request/${request.id}`, data, params)
+        .then(resp => {
+          this.fetchAccessRequests()
+        })
+    },
+    changeSort (column) {
+      if (this.options.sortBy === column) {
+        this.options.descending = !this.options.descending
+      } else {
+        this.options.sortBy = column
+        this.options.descending = false
+      }
+    },
+    expired (expire) {
+      return Date.parse(expire) < Date.now()
+    },
+    cancelRequest (request) {
+      this.cancelProjectAccessRequest(request)
+      this.fetchAccessRequests()
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.v-data-table {
+  td {
+    text-align: left;
+    &.flags {
+      .v-icon {
+        margin: 0 1px;
+        cursor: default;
+      }
+    }
+  }
+  a {
+    text-decoration: none;
+  }
+   .v-chip {
+    margin: 0;
+    margin-right: 0.5em;
+    height: 1.6em;
+    ::v-deep .v-chip__content {
+      cursor: pointer;
+      padding: 0 0.5em;
+      font-size: 85%;
+    }
+  }
+}
+</style>
diff --git a/web-app/src/components/ProjectForm.vue b/web-app/src/components/ProjectForm.vue
new file mode 100644
index 00000000..eb228a0d
--- /dev/null
+++ b/web-app/src/components/ProjectForm.vue
@@ -0,0 +1,123 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-card v-on:keyup.enter="createProject">
+    <v-card-title>
+      <span class="headline">New project</span>
+    </v-card-title>
+    <v-card-text>
+      <p
+        class="text-xs-center red--text"
+        v-text="error"
+      />
+      <v-text-field
+        autofocus
+        label="name"
+        v-model="name"
+      />
+      <v-select
+        label="Template project"
+        v-model="template"
+        :items="templates"
+        item-text="name"
+        item-value="name"
+        clearable
+      />
+      <input type="hidden" id="template-input" :value="template"/>
+      <v-select
+        label="Project owner"
+        v-model="namespace"
+        :items="namespaces"
+        item-text="name"
+        item-value="name"
+        clearable
+      />
+      <v-checkbox
+        label="Public"
+        color="primary"
+        v-model="isPublic"
+      />
+    </v-card-text>
+    <v-card-actions>
+      <v-spacer/>
+      <v-btn @click="$dialog.close" class="black--text">
+        Close
+      </v-btn>
+      <v-btn
+        id="create-project-btn"
+        class="primary"
+        :disabled="!name || !namespace"
+        @click="createProject"
+      >
+        Create
+      </v-btn>
+    </v-card-actions>
+  </v-card>
+</template>
+
+<script>
+import { waitCursor } from '../util'
+import { postRetryCond } from '../http'
+
+export default {
+  name: 'new-project',
+  data () {
+    return {
+      name: '',
+      isPublic: false,
+      templates: [],
+      template: null,
+      namespaces: [],
+      namespace: null,
+      error: null
+    }
+  },
+  created () {
+    this.fetchTemplates()
+    this.fetchNamespaces()
+    this.namespace = this.$store.state.app.user.username
+  },
+  methods: {
+    async fetchTemplates () {
+      const resp = await this.$http.get('/app/templates')
+      this.templates = resp.data
+    },
+    async fetchNamespaces () {
+      const username = this.$store.state.app.user.username
+      this.namespaces.push(username)
+      const writableOrgNamespaces = this.$store.state.organisations.filter(
+        o => (o.writers.includes(username) || o.admins.includes(username) || o.owners.includes(username)) && o.active
+      )
+      this.namespaces = this.namespaces.concat(writableOrgNamespaces)
+    },
+    createProject () {
+      const data = {
+        name: this.name.trim(),
+        public: this.isPublic
+      }
+      if (this.template) {
+        data.template = this.template
+      }
+      waitCursor(true)
+      const params = {
+        'axios-retry': {
+          retries: 5,
+          retryCondition: error => postRetryCond(error)
+        }
+      }
+      this.$http.post(`/v1/project/${this.namespace}`, data, params)
+        .then(() => {
+          waitCursor(false)
+          this.$store.commit('project', null)
+          this.$router.push({ name: 'project', params: { namespace: this.namespace, projectName: this.name.trim() } })
+          this.$dialog.close()
+        })
+        .catch(err => {
+          this.error = (err.response && err.response.data.detail) || 'Error'
+          waitCursor(false)
+        })
+    }
+  }
+}
+</script>
diff --git a/web-app/src/components/ProjectPermissions.vue b/web-app/src/components/ProjectPermissions.vue
new file mode 100644
index 00000000..f979bac6
--- /dev/null
+++ b/web-app/src/components/ProjectPermissions.vue
@@ -0,0 +1,366 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-layout class="no-shrink column">
+    <label class="mt-4 grey--text text--darken-1">Manage Access:</label>
+    <v-data-table
+        :headers="header"
+        :items="displayedValues"
+        no-data-text="No users"
+        hide-default-header
+        :hide-default-footer="displayedValues.length <= 10"
+    >
+      <template v-slot:header="{ props: { headers } }">
+        <thead>
+        <tr>
+          <th v-bind:key="header.text" v-for="header in headers" :style="`width: ${header.width}px`">
+            <v-tooltip v-if="header.tooltip" top>
+              <template v-slot:activator="{ on }">
+          <span v-on="on">
+            {{ header.text }}
+          </span>
+              </template>
+              <span>
+            {{ header.tooltip }}
+          </span>
+            </v-tooltip>
+            <span v-else>
+          {{ header.text }}
+        </span>
+          </th>
+        </tr>
+        </thead>
+      </template>
+
+      <template v-slot:item="{ item }">
+        <tr>
+          <td>
+            <v-tooltip top v-if="item.user.profile.first_name || item.user.profile.last_name">
+              <template v-slot:activator="{ on }">
+              <b v-on="on">
+                {{ item.user.username }}
+              </b>
+              </template>
+              <span>
+              <span v-if="item.user.profile.first_name">{{ item.user.profile.first_name }}</span>
+              <span v-if="item.user.profile.last_name"> {{ item.user.profile.last_name }}</span>
+            </span>
+            </v-tooltip>
+            <b v-else>
+              {{ item.user.username }}
+            </b>
+          </td>
+          <td>
+            <v-select
+            :value="actualPermissions(item)"
+            :items="permissionStates"
+            @input="e => valueChanged(item, e)"
+            :disabled="project.creator === item.user.id || !project.access.owners.includes(app.user.id)"
+            hide-details
+            label="reader"
+            single-line
+            class="input-selection"
+            style="width: 120px"
+          >
+          </v-select>
+          </td>
+          <td class="justify-center px-0">
+            <v-btn
+                :disabled="project.creator === item.user.id || !project.access.owners.includes(app.user.id)"
+                @click="removeUser(item.user)"
+                icon
+            >
+              <v-icon color="red darken-3">delete</v-icon>
+            </v-btn>
+          </td>
+        </tr>
+      </template>
+    </v-data-table>
+    <label class="mt-4 grey--text text--darken-1">Invite collaborators:</label>
+    <v-layout mx-3 my-2 align-end>
+      <v-autocomplete
+        placeholder="Find user"
+        v-model="user"
+        :loading="isLoading"
+        :items="searchResults"
+        :search-input.sync="userQuery"
+        clearable
+        return-object
+        no-data-text="Type more letters"
+        :hide-no-data="userQuery && userQuery.length > 2"
+        hide-details
+      >
+        <template v-slot:item="{ item }">
+            <v-list-item-content style="padding-bottom: 6px; padding-top: 6px;">
+              <div v-html="`${emphasizeMatch(item.value.username, userQuery)}  ${getUserProfileName(item.value)}`" class="v-list-item-content">
+              </div>
+            </v-list-item-content>
+      </template>
+      </v-autocomplete>
+      <v-btn
+        id="invite-collaborator-btn"
+        class="ml-4 my-0"
+        :disabled="!user || !project.access.owners.includes(app.user.id)"
+        @click="addUser"
+      >
+        <v-icon class="mr-2">add_circle</v-icon>
+        Add
+      </v-btn>
+    </v-layout>
+    <br>
+    <button ref="hidden-input" id="change-permissions-input" style="visibility: hidden"/>
+  </v-layout>
+</template>
+
+<script>
+import debounce from 'lodash/debounce'
+import union from 'lodash/union'
+import difference from 'lodash/difference'
+import chunk from 'lodash/chunk'
+import pick from 'lodash/pick'
+import isEqual from 'lodash/isEqual'
+import sortBy from 'lodash/sortBy'
+import toLower from 'lodash/toLower'
+import { mapState } from 'vuex'
+
+export default {
+  props: {
+    value: Object
+  },
+  data () {
+    return {
+      // search data
+      userQuery: '',
+      isLoading: false,
+      searchResults: [],
+      user: null,
+      users: [],
+      header: [
+        {
+          text: 'User',
+          align: 'left',
+          sortable: false
+        }, {
+          text: 'Permissions',
+          width: 60,
+          align: 'left',
+          sortable: false,
+          tooltip: 'Has permission to change project settings'
+        }, {
+          text: 'Remove',
+          align: 'right',
+          sortable: false,
+          width: 60
+        }
+      ],
+      originalValue: null
+    }
+  },
+  computed: {
+    ...mapState(['project', 'app']),
+    permissionStates () {
+      return ['owner', 'writer', 'reader']
+    },
+    displayedValues () {
+      const { ownersnames, readersnames, writersnames } = this.value
+      const users = this.users.map(user => ({
+        username: user.username,
+        user,
+        owner: ownersnames.includes(user.username),
+        read: readersnames.includes(user.username),
+        write: writersnames.includes(user.username)
+      }))
+      return sortBy(users, [u => { return toLower(u.username) }])
+    }
+  },
+  created () {
+    this.originalValue = JSON.parse(JSON.stringify(this.value))
+  },
+  watch: {
+    userQuery: 'search',
+    value: {
+      deep: true,
+      handler () {
+        this.emit()
+      }
+    },
+    users: {
+      immediate: true,
+      deep: true,
+      handler (access) {
+        const { ownersnames, readersnames, writersnames } = this.value
+        const names = union(ownersnames, readersnames, writersnames)
+        // server returns only 5 entries from db for single call
+        const chunks = chunk(names, 5)
+        Promise.all(chunks.map(async (item) => {
+          const params = { names: item.join(',') }
+          await this.$http.get('/auth/user/search', { params }).then(resp => {
+            resp.data
+              .filter(i => !this.users.map(u => u.username).includes(i.username))
+              .map(i => (this.users.push(i)))
+          })
+        }))
+      }
+    }
+  },
+  methods: {
+    search: debounce(function () {
+      if (this.user && this.userQuery === this.user.text) {
+        return
+      }
+      if (!this.userQuery || this.userQuery.length < 3) {
+        this.searchResults = []
+        return
+      }
+      this.isLoading = true
+      const params = { like: this.userQuery }
+      this.$http.get('/auth/user/search', { params })
+        .then(resp => {
+          const omitUsers = this.displayedValues.map(i => i.user.username)
+          this.searchResults = resp.data
+            .filter(u => !omitUsers.includes(u.username))
+            .map(u => ({
+              value: u,
+              text: u.username
+            }))
+          this.isLoading = false
+        })
+        .catch(() => {
+          this.isLoading = false
+        })
+    }, 300),
+    addUser () {
+      const user = this.user.value
+      this.value.readersnames.push(user.username)
+      this.users.push(user)
+      this.user = null
+      this.searchResults = []
+    },
+    valueChanged (user, permission) {
+      const el = this.$refs['hidden-input']
+      el.value = permission
+      el.dispatchEvent(new Event('click', {}))
+
+      if (permission === 'owner') {
+        this.setOwnerPermission(user)
+      } else if (permission === 'writer') {
+        this.setWritePermission(user)
+      } else if (permission === 'reader') {
+        this.setReadPermission(user)
+      }
+    },
+    actualPermissions (item) {
+      if (this.project.access.owners.includes(item.user.id)) {
+        return 'owner'
+      } else if (this.project.access.writers.includes(item.user.id)) {
+        return 'writer'
+      } else if (this.project.access.readers.includes(item.user.id)) {
+        return 'reader'
+      }
+      return ''
+    },
+    removeUser (user) {
+      // remove user.username from owners, writers and readers
+      ['ownersnames', 'writersnames', 'readersnames'].forEach(key => {
+        this.value[key] = difference(this.value[key], [user.username])
+      })
+
+      this.users.splice(this.users.indexOf(user), 1)
+    },
+    setWritePermission (user) {
+      this.value.ownersnames = difference(this.value.ownersnames, [user.username])
+      this.value.writersnames = union(this.value.writersnames, [user.username])
+      this.value.readersnames = union(this.value.readersnames, [user.username])
+    },
+    setOwnerPermission (user) {
+      this.value.ownersnames = union(this.value.ownersnames, [user.username])
+      this.value.writersnames = union(this.value.writersnames, [user.username])
+      this.value.readersnames = union(this.value.readersnames, [user.username])
+    },
+    emphasizeMatch (string, reg) {
+      const res = string.replace(new RegExp(reg, 'i'), function (str) { return '<b>' + str + '</b>' })
+      return res
+    },
+    setReadPermission (user) {
+      this.value.ownersnames = difference(this.value.ownersnames, [user.username])
+      this.value.writersnames = difference(this.value.writersnames, [user.username])
+      this.value.readersnames = union(this.value.readersnames, [user.username])
+    },
+    getUserProfileName (user) {
+      const firstName = user.profile.first_name ? user.profile.first_name : ''
+      const lastName = user.profile.last_name ? user.profile.last_name : ''
+      return firstName || lastName ? `(${firstName} ${lastName})` : ''
+    },
+    emit: debounce(function () {
+      const current = pick(this.value, ['ownersnames', 'writersnames', 'readersnames', 'public'])
+      const original = pick(this.originalValue, ['ownersnames', 'writersnames', 'readersnames', 'public'])
+      // check if there is actual change (e.g. after refresh from previous server response)
+      if (isEqual(original, current)) { return }
+      this.$emit('save-project')
+      this.originalValue = JSON.parse(JSON.stringify(this.value))
+    }, 2000)
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.no-shrink {
+  flex: 0 0 auto;
+}
+label {
+  font-weight: 500;
+}
+::v-deep {
+  .v-data-table__overflow {
+    margin: 0.5em 0;
+    border: 1px solid #ddd;
+    border-radius: 3px;
+    padding: 0.5em;
+    background-color: #f9f9f9;
+    .v-datatable {
+      background-color: transparent;
+    }
+  }
+}
+.v-list {
+  ::v-deep .v-list-item {
+    min-height: unset;
+  }
+}
+
+  .v-list-item-content {
+    b {
+      margin-right: 10px;
+    }
+
+    span {
+      margin-right: 3px;
+      font-size: 12px;
+    }
+  }
+
+  .private-public-btn {
+    font-size: 12px;
+    padding-left: 20px;
+    padding-right: 20px;
+
+    span {
+      font-weight: 700;
+    }
+  }
+
+  .private-public-text {
+    font-size: 14px;
+  }
+
+  .public-private-zone {
+    margin-top: 20px;
+    margin-bottom: 20px;
+
+    button {
+      margin-right: 20px;
+      margin-top: 1px;
+    }
+  }
+</style>
diff --git a/web-app/src/components/ProjectTransferForm.vue b/web-app/src/components/ProjectTransferForm.vue
new file mode 100644
index 00000000..5d05418f
--- /dev/null
+++ b/web-app/src/components/ProjectTransferForm.vue
@@ -0,0 +1,163 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-card v-on:keyup.enter="requestTransfer">
+    <v-card-title>
+      <span class="headline">Transfer project</span>
+      <span class="transfer-zone-warning">
+        It will move all files into new namespace once new owner accepts the request. You may lose access to it.
+      </span>
+    </v-card-title>
+    <v-card-text>
+      <v-text-field
+        disabled
+        label="project"
+        v-model="project"
+        :error-messages="errors.project"
+      />
+      <v-text-field
+        disabled
+        label="original owner"
+        v-model="from_namespace"
+        :error-messages="errors.from_namespace"
+      />
+      <v-radio-group
+          v-model="type"
+          row
+          style="max-width: 500px; padding-left: 10px"
+          >
+            <v-radio
+              label="User"
+              value="user"
+            ></v-radio>
+            <v-radio
+              label="Organisation"
+              value="organisation"
+            ></v-radio>
+          </v-radio-group>
+     <v-autocomplete
+        placeholder="target owner"
+        v-model="to_namespace"
+        :loading="isLoading"
+        :items="searchResults"
+        :search-input.sync="query"
+        clearable
+        return-object
+        no-data-text="Type more letters"
+        :hide-no-data="query && query.length > 2"
+        hide-details
+      >
+        <template slot="item" slot-scope="{ item }">
+          <v-list-item-content>
+            <div class="v-list-item-content">
+              <b>{{ item.text }} </b>
+            </div>
+          </v-list-item-content>
+        </template>
+      </v-autocomplete>
+    </v-card-text>
+    <v-card-actions>
+      <v-spacer/>
+      <v-btn @click="$dialog.close">
+        Close
+      </v-btn>
+      <v-btn
+        class="primary"
+        :disabled="!project || !from_namespace || !to_namespace"
+        @click="requestTransfer"
+      >
+        Request transfer
+      </v-btn>
+    </v-card-actions>
+  </v-card>
+</template>
+
+<script>
+import debounce from 'lodash/debounce'
+import FormMixin from '@/mixins/Form'
+import { waitCursor } from '../util'
+import { postRetryCond } from '../http'
+
+export default {
+  mixins: [FormMixin],
+  props: {
+    project: String,
+    from_namespace: String
+  },
+  data () {
+    return {
+      to_namespace: '',
+      // search data
+      isLoading: false,
+      query: '',
+      searchResults: [],
+      type: 'user'
+    }
+  },
+  watch: {
+    query: 'search'
+  },
+  methods: {
+    requestTransfer () {
+      this.clearErrors()
+      const data = {
+        namespace: this.to_namespace.value
+      }
+      waitCursor(true)
+      this.$http.post(`/v1/project/transfer/${this.from_namespace}/${this.project}`, data, { 'axios-retry': { retries: 5, retryCondition: error => postRetryCond(error) } })
+        .then((resp) => {
+          waitCursor(false)
+          this.$dialog.close()
+          this.$emit('submit')
+        })
+        .catch(err => {
+          waitCursor(false)
+          this.$dialog.close()
+          const msg = (err.response) ? err.response.data.detail : 'Failed to create project transfer'
+          this.$notification.error(msg)
+        })
+    },
+
+    search: debounce(function () {
+      if (this.namespace && this.query === this.namespace.text) {
+        return
+      }
+      if (!this.query || this.query.length < 3) {
+        this.searchResults = []
+        return
+      }
+      this.isLoading = true
+      const params = { q: this.query }
+      this.$http.get(`/v1/namespaces/${this.type}`, { params })
+        .then(resp => {
+          this.searchResults = resp.data
+            .filter(u => u.name !== this.from_namespace)
+            .map(u => ({
+              value: u.name,
+              text: u.name,
+              fullText: `${u.name} (${u.type})`
+            }))
+          this.isLoading = false
+        })
+        .catch(() => {
+          this.isLoading = false
+        })
+    }, 300)
+  }
+}
+</script>
+<style lang="scss" scoped>
+  .transfer-zone-warning{
+    color: red;
+    margin-top: 10px;
+    display: block;
+    font-size: 14px;
+  }
+  .v-card__title{
+    word-break: normal;
+  }
+  .headline{
+    font-size: 24px !important;
+  }
+</style>
diff --git a/web-app/src/components/ProjectsTable.vue b/web-app/src/components/ProjectsTable.vue
new file mode 100644
index 00000000..61de8e0f
--- /dev/null
+++ b/web-app/src/components/ProjectsTable.vue
@@ -0,0 +1,544 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <div>
+    <portal to="delete-button">
+      <v-btn
+        :disabled="!selected.length"
+        @click="confirmDelete"
+        class="error--text"
+        rounded
+      >
+        <v-icon class="mr-2">remove_circle</v-icon>
+        Delete
+      </v-btn>
+    </portal>
+    <portal to="accept-request-button">
+      <v-btn
+        :disabled="!selected.length"
+        @click="confirmAcceptRequest"
+        class="success--text"
+        rounded
+      >
+        Accept request
+      </v-btn>
+    </portal>
+    <v-data-iterator
+    :options="options"
+    :items="projects"
+    :server-items-length="numberOfItems"
+    v-on:update:options="paginating"
+    item-key="updated"
+    :loading="loading"
+    :hide-default-footer="true"
+    style="background-color: #ffffff"
+    flat
+    no-data-text="No projects found"
+    >
+      <template v-slot:header>
+        <v-toolbar
+          color=""
+          class="mb-1"
+          flat
+          v-if="showHeader"
+        >
+          <v-text-field
+            v-model="searchFilterByProjectName"
+            clearable
+            flat
+            hide-details
+            prepend-inner-icon="mdi-magnify"
+            label="Search projects"
+            @input="filterData"
+            style="margin-right:8px;"
+          >
+          </v-text-field>
+          <template v-if="$vuetify.breakpoint.smAndUp">
+            <v-select
+              v-model="options.sortBy[0]"
+              @change="paginating(options)"
+              flat
+              hide-details
+              :items="selectKeys"
+              prepend-inner-icon="sort_by_alpha"
+            ></v-select>
+            <v-spacer></v-spacer>
+            <v-btn-toggle
+              v-model="options.sortDesc[0]"
+              @change="paginating(options)"
+              mandatory
+            >
+              <v-btn
+                large
+                depressed
+                color="#ffffff"
+                :value="false"
+              >
+                <v-icon>mdi-arrow-up</v-icon>
+              </v-btn>
+              <v-btn
+                large
+                depressed
+                color="#ffffff"
+                :value="true"
+              >
+                <v-icon>mdi-arrow-down</v-icon>
+              </v-btn>
+            </v-btn-toggle>
+          </template>
+        </v-toolbar>
+      </template>
+      <template v-slot:item="{ item }">
+    <v-card :outlined="false"
+            class="mx-auto"
+            flat>
+      <v-list-item three-line>
+      <v-list-item-content>
+        <v-list-item-title class="headline mb-1">
+          <router-link :to="{ name: 'project', params: { namespace: item.namespace, projectName: item.name }}"><b><span v-if="showNamespace">{{item.namespace}} /</span> {{item.name}}</b></router-link>
+              <v-chip
+              elevation="0"
+              v-if="item.access.public"
+              style="margin-left: 8px;"
+              outlined
+              color="primary"
+            >
+              Public
+            </v-chip>
+        </v-list-item-title>
+        <v-list-item-subtitle>{{item.description}}</v-list-item-subtitle>
+        <div style="font-size: smaller">
+          <v-tooltip bottom>
+            <template v-slot:activator="{ on }">
+            <span v-on="on" style="margin-right: 20px;"><v-icon class="icon" size="20">share</v-icon>{{ item.access.readers.length }}</span>
+            </template>
+            <span>collaborators</span>
+          </v-tooltip>
+          <v-tooltip bottom
+                      v-if="item.version">
+            <template v-slot:activator="{ on }">
+            <span v-on="on" style=" margin-right: 20px;">
+              <router-link :to="{ name: 'project-versions', params: { namespace: item.namespace, projectName: item.name }}">
+                <span style="font-size: smaller"><v-icon class="icon" size="20">history</v-icon>{{ item.version.substr(1) }}</span>
+              </router-link>
+            </span>
+            </template>
+            <span>versions</span>
+          </v-tooltip>
+          <v-tooltip bottom>
+            <template v-slot:activator="{ on }">
+            <span v-on="on" style="margin-right: 20px;"><v-icon class="icon" size="20">folder</v-icon>{{ item.disk_usage | filesize('MB', 1) }}</span>
+            </template>
+            <span>project size</span>
+          </v-tooltip>
+          <v-tooltip bottom>
+            <template v-slot:activator="{ on }">
+            <span v-on="on" style=" margin-right: 20px;">Updated {{ item.updated | timediff }}</span>
+            </template>
+            <span >{{ item.updated | datetime }}</span>
+          </v-tooltip>
+          <v-tooltip bottom>
+            <template v-slot:activator="{ on }">
+            <span v-if="!item.tags.includes('valid_qgis')" v-on="on" style=" margin-right: 20px;"><v-icon color="#fb8c0087" size="20">warning</v-icon></span>
+            </template>
+            <span>Missing QGIS project file</span>
+          </v-tooltip>
+          <v-tooltip bottom>
+            <template v-slot:activator="{ on }">
+            <span v-if="item.has_conflict" v-on="on" style=" margin-right: 20px;"><v-icon color="#fb8c0087" size="20">error</v-icon></span>
+            </template>
+            <span>There is conflict file in project</span>
+          </v-tooltip>
+        </div>
+      </v-list-item-content>
+      </v-list-item>
+      <v-divider
+      style="color:black"/>
+
+    </v-card>
+      </template>
+      <template  v-slot:footer="{ pagination, options }">
+        <div class="text-center">
+          <v-pagination
+            v-if="showFooter && numberOfItems > options.itemsPerPage"
+            v-model="options.page"
+            :length="Math.ceil(numberOfItems / options.itemsPerPage)"
+            :total-visible="7"
+            circle
+            color="primary"
+            @input="fetchPage"
+          ></v-pagination>
+        </div>
+      </template>
+    </v-data-iterator>
+  </div>
+</template>
+
+<script>
+import { waitCursor, removeAccents, formatToTitle } from '../util'
+import { mapState } from 'vuex'
+
+import pickBy from 'lodash/pickBy'
+import mapValues from 'lodash/mapValues'
+import debounce from 'debounce'
+
+
+const TagsLabels = {
+  valid_qgis: 'QGIS',
+  input_use: 'Input',
+  mappin_use: 'Mappin'
+}
+
+export default {
+  name: 'projects-table',
+  props: {
+    showNamespace: Boolean,
+    onlyPublic: {
+      type: Boolean,
+      default: false
+    },
+    namespace: String,
+    sortable: {
+      type: Boolean,
+      default: true
+    },
+    asAdmin: {
+      type: Boolean,
+      default: false
+    },
+    public: {
+      type: Boolean,
+      default: true
+    },
+    showHeader: {
+      type: Boolean,
+      default: true
+    },
+    showFooter: {
+      type: Boolean,
+      default: true
+    },
+    initialOptions: {
+      type: Object,
+      default: () => ({
+        sortBy: ['updated'],
+        sortDesc: [true],
+        itemsPerPage: 25,
+        page: 1
+      })
+    }
+  },
+  data () {
+    return {
+      options: Object.assign({}, this.initialOptions),
+      activeTags: [],
+      selected: [],
+      searchFilterByProjectName: '',
+      searchFilterByNamespace: '',
+      searchFilterByDay: '',
+      numberOfItems: 0,
+      loading: false,
+      projects: [],
+      keys: ['name', 'owner', 'updated', 'disk_usage'],
+      sortBy: ''
+    }
+  },
+  computed: {
+    ...mapState(['app']),
+    header () {
+      let header = []
+      if (this.showNamespace) {
+        header.push({ text: 'Owner', value: 'namespace', sortable: this.sortable })
+      }
+      header = header.concat(
+        { text: 'Name', value: 'name', sortable: this.sortable },
+        { text: '', width: 90, sortable: false },
+        { text: 'Last Update', value: 'updated', sortable: this.sortable },
+        { text: 'Size', value: 'meta.size', sortable: this.sortable }
+      )
+      if (this.isRequest()) {
+        header.push({ text: 'Transferred to', value: 'transfers[0].to_ns_name', sortable: false })
+      }
+      return header
+    },
+    selectKeys () {
+      return this.keys.map(i => {
+        return { text: formatToTitle(i), value: i }
+      })
+    },
+    tags () {
+      return mapValues(TagsLabels, (v, k) => ({
+        label: TagsLabels[k],
+        active: this.activeTags.includes(k)
+      }))
+    }
+  },
+  watch: {
+    $route: {
+      immediate: true,
+      handler: 'changedRoute'
+    }
+  },
+  created () {
+    this.filterData = debounce(this.filterData, 3000)
+  },
+  methods: {
+    paginating (options) {
+      this.options = options
+      this.fetchProjects()
+    },
+    fetchPage (number) {
+      this.options.page = number
+      this.fetchProjects()
+    },
+    changedRoute () {
+      this.options.page = 1
+      this.fetchProjects()
+    },
+    fetchProjects () {
+      this.loading = true
+      this.tagsFromQuery()
+      let params = {}
+      params = (this.$route.name === 'shared_projects' || this.$route.name === 'my_projects') ? { flag: this.$route.meta.flag } : {}
+      params.page = this.options.page
+      params.per_page = this.options.itemsPerPage
+      if (this.options.sortBy[0]) {
+        let orderParam = ''
+        if (this.options.sortBy[0] === 'meta.size') {
+          orderParam = 'disk_usage'
+        } else {
+          orderParam = this.options.sortBy[0] === 'owner' ? 'namespace' : this.options.sortBy[0]
+        }
+        params.order_params = orderParam + (this.options.sortDesc[0] ? '_desc' : '_asc')
+      }
+      if (this.searchFilterByProjectName) {
+        params.name = this.searchFilterByProjectName.trim()
+      }
+      if (this.searchFilterByNamespace) {
+        params.namespace = removeAccents(this.searchFilterByNamespace.trim())
+      }
+      if (this.activeTags.length) {
+        params.tags = this.activeTags
+      }
+      if (this.namespace) {
+        params.only_namespace = this.namespace
+      }
+      if (this.asAdmin) {
+        params.as_admin = true
+      }
+      if (!this.public) {
+        params.public = false
+      }
+      if (this.onlyPublic) {
+        params.only_public = true
+      }
+      if (this.searchFilterByDay && this.searchFilterByDay >= 0) {
+        params.last_updated_in = this.searchFilterByDay
+      }
+      this.$http('/v1/project/paginated', { params })
+        .then(resp => {
+          this.projects = resp.data.projects
+          this.numberOfItems = resp.data.count
+          this.loading = false
+        })
+        .catch(() => {
+          this.$notification.error('Failed to fetch list of projects')
+        })
+    },
+    isRequest () {
+      return this.$route.meta.flag === 'request'
+    },
+    tagsFromQuery () {
+      const tags = this.$route.query.tags
+      this.activeTags = tags ? tags.split(',') : []
+    },
+    toggleTag (tag) {
+      if (this.activeTags.includes(tag)) {
+        this.activeTags = this.activeTags.filter(t => t !== tag)
+      } else {
+        this.activeTags.push(tag)
+      }
+
+      let { path, query } = this.$route
+      query = {
+        ...query,
+        tags: Object.keys(pickBy(this.tags, t => t.active)).join(',')
+      }
+      // clean from empty parameters
+      query = pickBy(query, param => param && param.length)
+      this.$router.push({ path, query })
+    },
+    addTag (tag) {
+      if (!this.tags[tag].active) {
+        this.toggleTag(tag)
+      }
+    },
+    selectedShowedProjects () {
+      const selected = []
+      const that = this
+      this.$refs.table.filteredItems.forEach(function (project) {
+        const identifier = that.projectIdentifier(project)
+        if (that.selected.includes(identifier)) {
+          selected.push(identifier)
+        }
+      })
+      return selected
+    },
+    deleteProjects (selectedProjects) {
+      waitCursor(true)
+      const promises = selectedProjects.map(id => {
+        const params = {
+          'axios-retry': { retries: 5 }
+        }
+        return this.$http.delete(`/v1/project/${id}`, params)
+      })
+
+      Promise.all(promises).then(() => {
+        this.selected = []
+        this.fetchProjects()
+        waitCursor(false)
+      }).catch(err => {
+        const msg = (err.response && err.response.status === 503) ? err.response.data.detail : 'Unable to remove projects'
+        this.$notification.error(msg)
+        waitCursor(false)
+      })
+    },
+    confirmDelete () {
+      const selected = this.selectedShowedProjects()
+      if (selected.length === 0) {
+        return
+      }
+      const props = {
+        text: 'Are you sure to delete project ' + selected.join(', ') + '?',
+        confirmText: 'Delete'
+      }
+      const listeners = {
+        confirm: () => this.deleteProjects(selected)
+      }
+      this.$dialog.prompt({ props, listeners, dialog: { maxWidth: 500 } })
+    },
+    acceptProjectRequests (selectedProjects) {
+      waitCursor(true)
+      const promises = selectedProjects.map(id => {
+        const params = {
+          'axios-retry': { retries: 5 }
+        }
+        return this.$http.post(`/v1/project/transfer/${id}`, params)
+      })
+
+      Promise.all(promises).then(() => {
+        this.selected = []
+        this.fetchProjects()
+        waitCursor(false)
+      }).catch(err => {
+        const msg = (err.response && err.response.status === 503) ? err.response.data.detail : 'Unable to remove projects'
+        this.$notification.error(msg)
+        waitCursor(false)
+      })
+    },
+    confirmAcceptRequest () {
+      let selected = this.selectedShowedProjects()
+      if (selected.length === 0) {
+        return
+      }
+      const props = {
+        text: 'Are you sure to accept the projects ' + selected.join(', ') + '?',
+        confirmText: 'Accept'
+      }
+
+      // get the transfer id
+      selected = []
+      const that = this
+      this.$refs.table.filteredItems.forEach(function (project) {
+        const identifier = that.projectIdentifier(project)
+        if (that.selected.includes(identifier)) {
+          selected.push(project.transfer)
+        }
+      })
+      const listeners = {
+        confirm: () => {
+          this.acceptProjectRequests(selected)
+        }
+      }
+      this.$dialog.prompt({ props, listeners, dialog: { maxWidth: 500 } })
+    },
+    projectIdentifier (project) {
+      return project.namespace + '/' + project.name
+    },
+    changeSort (column) {
+      if (this.pagination.sortBy === column) {
+        this.pagination.descending = !this.pagination.descending
+      } else {
+        this.pagination.sortBy = column
+        this.pagination.descending = false
+      }
+    },
+    filterData () {
+      this.options.page = 1
+      this.fetchProjects()
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.v-data-iterator {
+  td {
+    text-align: left;
+    &.flags {
+      .v-icon {
+        margin: 0 1px;
+        cursor: default;
+      }
+    }
+  }
+  a {
+    text-decoration: none;
+    font-size: 1rem;
+  }
+  .v-chip {
+    margin: 0;
+    margin-right: 0.5em;
+    height: 1.3em;
+    ::v-deep .v-chip__content {
+      padding: 0 0.2em;
+      font-size: 85%;
+    }
+  }
+  .hidden {
+    opacity: 0;
+    pointer-events: none;
+  }
+}
+.icon {
+  margin-right: 5px;
+}
+.v-input {
+  padding-top: 0!important;
+  margin-top: 0!important;
+}
+
+.v-toolbar {
+  ::v-deep .v-toolbar__content {
+     padding-left: 0px;
+  }
+}
+
+.v-list-item {
+  padding-left: 0px;
+}
+
+.v-list__tile__title{
+  width: 110px;
+  font-weight: 800;
+}
+
+.filter-menu {
+  .activate {
+    border: 1px solid black;
+    border-radius: 5px;
+  }
+}
+
+</style>
diff --git a/web-app/src/components/SideBar.vue b/web-app/src/components/SideBar.vue
new file mode 100644
index 00000000..8e8dd312
--- /dev/null
+++ b/web-app/src/components/SideBar.vue
@@ -0,0 +1,327 @@
+# Copyright (C) 2021 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-navigation-drawer
+    class="user-side-bar d-flex align-start flex-column mb-6"
+    id="core-navigation-drawer-user"
+    v-model="drawer"
+    :expand-on-hover="expandOnHover"
+    :right="$vuetify.rtl"
+    mobile-break-point="960"
+    :dark="barColor !== 'rgba(228, 226, 226, 1), rgba(255, 255, 255, 0.7)'"
+    app
+    width="260"
+    v-bind="$attrs"
+    v-if="app.user"
+  >
+
+    <div style="height:100%;">
+    <v-card
+      class="d-flex flex-column"
+      flat
+      tile
+      style="height:100%; width: 260px"
+      :outlined="true"
+    >
+      <v-card
+        class="pa-2"
+        tile
+        :outlined="true"
+        style="margin-top: 40px;"
+      >
+
+        <v-menu
+        v-if="app.user && app.user.email"
+        :min-width="150"
+        bottom
+        left
+        offset-y
+        origin="top right"
+        transition="scale-transition"
+      >
+        <template v-slot:activator="{ on }">
+        <v-btn id="login_btn" v-on="on" text dark :ripple="false" class="icon-btn" style="padding-top: 20px; text-transform: none;">
+          <v-icon class="mr-2 primary--text">account_circle</v-icon> <h2 class="primary--text" style="text-align: center">{{profile.username}}</h2><v-icon class="primary--text" >arrow_drop_down</v-icon>
+        </v-btn>
+                  </template>
+
+        <v-list dense>
+          <v-list-item :to="{name: 'dashboard'}">
+            <strong> {{ app.user.username }} </strong>
+          </v-list-item>
+          <v-divider></v-divider>
+
+          <v-list-item v-for="(item, i) in computedOrganisationItems" :key="i" :to="{ name: 'org_projects', params: { name: item.title }}" >
+            {{item.title}}
+          </v-list-item>
+        </v-list>
+      </v-menu>
+
+        <v-list nav flat>
+          <base-item
+              id="item-home"
+              key="item-home"
+              :item="{title: 'Home',
+                      to: '/dashboard'}"
+              color="primary"
+          />
+      </v-list>
+
+      <v-divider style="width: 90%; margin: 5px 0px 5px 0px"/>
+        <span style="color: #8c8c8c; font-size: larger">
+          <v-icon color="#8c8c8c">folder</v-icon>
+          Projects
+        </span>
+        <v-btn x-small
+               color="#ff9800"
+               rounded
+               style="float: right;"
+               @click="newProjectDialog">+ create</v-btn>
+      <v-list :expand="true" nav>
+
+        <template v-for="(item, i) in computedItems">
+          <base-item
+              :id="`item-${i}`"
+              :key="`item-${i}`"
+              :item="item"
+              color="primary"
+              class="ma-0"
+          />
+        </template>
+      </v-list>
+        <v-divider style="width: 90%; margin: 5px 0px 5px 0px"/>
+        <span style="color: #8c8c8c; font-size: larger">
+          <v-icon color="#8c8c8c">group</v-icon>
+          Organisations
+        </span>
+        <v-btn x-small
+               color="#ff9800"
+               rounded
+               style="float: right;"
+               id="create_org_btn"
+        @click="newOrganisationDialog">+ create</v-btn>
+        <v-list :expand="true" nav>
+
+        <template  v-for="(item, i) in computedOrganisationItems">
+          <base-item
+              :id="`item-${i}`"
+              :key="`item-${i}`"
+              :item="item"
+              color="primary"
+              class="ma-0"
+          />
+        </template>
+      </v-list>
+        <span v-if="organisationItems.length === 0" style="font-size: 1rem; font-weight: 400; line-height: 1rem; color: #2d4470; padding-left: 18px;">No organisations yet</span>
+        <v-divider style="width: 90%; margin: 5px 0px 5px 0px"/>
+        <span style="color: #8c8c8c; font-size: larger">
+          <v-icon color="#8c8c8c">settings</v-icon>
+          Settings
+        </span>
+        <v-list  nav>
+        <template  v-for="(item, i) in computedSettingsItems">
+          <base-item
+              :id="`menu-item-${item.title.toLowerCase()}`"
+              :key="`item-${i}`"
+              :item="item"
+              color="primary"
+              class="ma-0"
+              value="user_context"
+          />
+        </template>
+      </v-list>
+      </v-card>
+      <v-card
+        :class="'mt-auto'"
+        class="pa-2"
+        :outlined="true"
+        tile>
+        <sidebar-footer sidebarType="user" />
+      </v-card>
+    </v-card>
+  </div>
+  </v-navigation-drawer>
+</template>
+
+<script>
+import Item from '@/admin/components/base/Item'
+import { mapState } from 'vuex'
+import OrganisationForm from '@/organisation/components/OrganisationForm'
+import ProjectForm from '@/components/ProjectForm'
+import SideBarFooter from '@/components/SideBarFooter'
+import OrganisationsMixin from '@/mixins/Organisation'
+import MerginAPI from '@/mixins/MerginAPI'
+
+export default {
+  name: 'SideBar',
+  components: {
+    'base-item': Item,
+    'sidebar-footer': SideBarFooter
+  },
+  mixins: [OrganisationsMixin, MerginAPI],
+  props: {
+    expandOnHover: {
+      type: Boolean,
+      default: false
+    }
+  },
+
+  data () {
+    return {
+      items: [
+        {
+          title: 'My projects',
+          to: '/projects/created'
+        },
+        {
+          title: 'Shared with me',
+          to: '/projects/shared'
+        },
+        {
+          title: 'Explore',
+          to: '/projects/explore'
+        }
+      ]
+    }
+  },
+  computed: {
+    ...mapState(['app', 'barColor', 'barImage', 'organisations']),
+    username () {
+      return this.$route.params.name
+    },
+    drawer: {
+      get () {
+        return this.$store.state.drawer
+      },
+      set (val) {
+        this.$store.commit('SET_DRAWER', val)
+      }
+    },
+    computedItems () {
+      return this.items.map(this.mapItem)
+    },
+    computedOrganisationItems () {
+      return this.organisationItems.map(this.mapItem)
+    },
+    computedSettingsItems () {
+      return this.settingItems.map(this.mapItem)
+    },
+    profile () {
+      return {
+        avatar: true,
+        title: this.$t('avatar'),
+        username: this.app.user.username
+      }
+    },
+    settingItems () {
+      const items = []
+      this.$router.getRoutes().filter(route => route.path.includes('/users/') && route.meta.toSidebar).forEach(item => {
+        items.push(
+          {
+            title: item.meta.name,
+            to: item.path.replace(':name', this.app.user.username)
+          })
+      })
+      return items
+    },
+    organisationItems () {
+      const userOrgs = []
+      if (this.app.user.profile && this.app.user.profile.organisations) {
+        Object.keys(this.app.user.profile.organisations).forEach(organisation => {
+          const org = {
+            title: organisation,
+            to: `/organisations/${organisation}/projects`
+          }
+          userOrgs.push(org)
+        })
+      }
+      return userOrgs
+    },
+    userProfile () {
+      return this.app.user.profile
+    },
+    usage () {
+      return this.userProfile.disk_usage / this.userProfile.storage
+    }
+  },
+  methods: {
+    mapItem (item) {
+      return {
+        ...item,
+        children: item.children ? item.children.map(this.mapItem) : undefined
+      }
+    },
+    newOrganisationDialog () {
+      const props = { organisation: {} }
+      const dialog = { maxWidth: 500, persistent: true }
+      const listeners = {
+        success: () => {
+          this.getUserOrganisations()
+          this.fetchUserProfile(this.app.user.username) // we load orgs in sidebar from user.profile
+          this.$router.push({ name: 'user_organisations', params: { name: this.app.user.username } })
+        }
+      }
+      this.$dialog.show(OrganisationForm, { props, listeners, dialog })
+    },
+    newProjectDialog () {
+      // this.$gtm.trackEvent({
+      //   event: null, // Event type [default = 'interaction'] (Optional)
+      //   category: 'Test',
+      //   action: 'click',
+      //   label: 'new_project',
+      //   noninteraction: false // Optional
+      // })
+      const dialog = { maxWidth: 500, persistent: true }
+      this.$dialog.show(ProjectForm, { dialog })
+    }
+  }
+}
+</script>
+
+<style lang="sass" scoped>
+  @import '~vuetify/src/styles/tools/_rtl.sass'
+  .primary.v-list-item--active.v-list-item
+    background-color: #b0b1b5 !important
+
+  .theme--dark.v-navigation-drawer
+    background-color: #eaebef !important
+
+  .theme--dark.v-navigation-drawer .v-divider
+    border-color: hsl(240, 2%, 55%)
+
+  .theme--dark.v-card
+    background-color: #eaebef !important
+
+  .v-application .white--text
+    color: #2D4470 !important
+    caret-color: #2D4470 !important
+
+  .theme--dark.v-list-item:not(.v-list-item--active):not(.v-list-item--disabled)
+     color: #2D4470 !important
+
+  .v-list-item--link:hover
+    background: rgba(0, 0, 0, 0.04) !important
+
+  .theme--dark.v-card.v-list-item.v-list-item--link
+      min-height: 20px !important
+      padding: 5px 0px 5px 0px !important
+
+  .truncate
+    width: 100px
+    white-space: nowrap
+    overflow: hidden
+    text-overflow: ellipsis
+
+  .v-list
+  ::v-deep .v-list-item
+    font-size: 14px
+    color: #444
+    min-height: 32px
+    .v-list-item__content
+      padding: 0px 0px 0px 0px
+
+  a
+    text-decoration: none
+    margin-top: 5px
+</style>
diff --git a/web-app/src/components/SideBarFooter.vue b/web-app/src/components/SideBarFooter.vue
new file mode 100644
index 00000000..0981ea4a
--- /dev/null
+++ b/web-app/src/components/SideBarFooter.vue
@@ -0,0 +1,88 @@
+# Copyright (C) 2021 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <div>
+    <v-list>
+      <div style="color: #2d4470;">
+        <span style="color: #8c8c8c"><v-icon style="color: #8c8c8c; margin: 0px 5px 5px 10px;">storage</v-icon>Storage</span>
+        <v-spacer/>
+        <template
+            v-if="this.diskUsage !== undefined && this.storage !== undefined"
+        >
+          <span style="margin-left: 10px;">{{ this.diskUsage | filesize(null, 0, 'MB') }} of {{ this.storage | filesize(null, 0) }} </span>
+          <br/>
+          <v-progress-linear
+              id="progress"
+              :size="55"
+              height="15"
+              :width="8"
+              :value="usage * 100"
+              color="primary"
+              class="mx-3"
+              style="max-width: 80%;"
+          >
+            {{ Math.ceil(usage * 100) }}%
+          </v-progress-linear>
+        </template>
+      </div>
+    </v-list>
+  </div>
+</template>
+
+<script>
+import { mapState } from 'vuex'
+
+export default {
+  name: 'SideBarFooter',
+  props: {
+    sidebarType: String
+  },
+  computed: {
+    ...mapState(['app', 'organisation']),
+    usage () {
+      if (this.sidebarType === 'user') {
+        return this.userProfile.disk_usage / this.userProfile.storage
+      } else {
+        if (this.organisation) {
+          return (this.organisation.storage) ? this.organisation.disk_usage / this.organisation.storage : 0
+        }
+        return null
+      }
+    },
+    diskUsage () {
+      if (this.sidebarType === 'user') {
+        return this.userProfile.disk_usage
+      } else {
+        if (this.organisation) {
+          return (this.organisation.disk_usage) ? this.organisation.disk_usage : 0
+        }
+        return null
+      }
+    },
+    storage () {
+      if (this.sidebarType === 'user') {
+        return this.userProfile.storage
+      } else {
+        if (this.organisation) {
+          return this.organisation.storage
+        }
+        return null
+      }
+    },
+    userProfile () {
+      return this.app.user.profile
+    }
+  }
+}
+</script>
+
+<style lang="sass" scoped>
+@import '~vuetify/src/styles/tools/_rtl.sass'
+
+a
+  text-decoration: none
+
+.theme--dark.v-navigation-drawer .v-divider
+    border-color: hsl(240, 2%, 55%)
+</style>
diff --git a/web-app/src/components/SignUpForm.vue b/web-app/src/components/SignUpForm.vue
new file mode 100644
index 00000000..30fc9bfa
--- /dev/null
+++ b/web-app/src/components/SignUpForm.vue
@@ -0,0 +1,164 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-card-text class="pb-1">
+    <p
+      v-if="errorMsg"
+      class="text-xs-center red--text"
+      v-text="errorMsg"
+    />
+    <v-form class="layout column sign-up-form">
+      <v-text-field
+        placeholder="Username"
+        name="username"
+        color="orange"
+        v-model="username"
+        :error-messages="errors.username"
+      />
+     <v-text-field
+        placeholder="Email"
+        name="email"
+        color="orange"
+        v-model="email"
+        :error-messages="errors.email"
+      />
+        <v-layout align-center>
+          <v-text-field
+              placeholder="Password"
+              name="password"
+              color="orange"
+              v-model="password"
+              :append-icon="passwordVisible ? 'visibility_off' : 'visibility'"
+              @click:append="passwordVisible = !passwordVisible"
+              :type="passwordVisible ? 'text' : 'password'"
+              :error-messages="errors.password"
+          />
+          <v-tooltip
+              top
+              color="orange"
+              max-width="350"
+              content-class="form-tooltip"
+          >
+            <template v-slot:activator="{ on }">
+            <v-icon v-on="on" class="ml-1 mb-1">info</v-icon>
+              </template>
+            <ul>
+              <li>Password must be at least 8 characters long.</li>
+              <li>Password must contain at least 3 character categories among the following:
+                <ul>
+                  <li>Lowercase characters (a-z)</li>
+                  <li>Uppercase characters (A-Z)</li>
+                  <li>Digits (0-9)</li>
+                  <li>Special characters</li>
+                </ul>
+              </li>
+            </ul>
+          </v-tooltip>
+        </v-layout>
+      <v-text-field
+        placeholder="Confirm password"
+        name="confirm"
+        color="orange"
+        v-model="confirm"
+        :type="passwordVisible ? 'text' : 'password'"
+        :error-messages="errors.confirm"
+      />
+      <slot />
+      <v-btn
+        color="orange"
+        :disabled="invalidInput"
+        class="mx-0 white--text"
+        id="sign-up-btn"
+        @click="signUp"
+      >
+        Sign Up
+      </v-btn>
+      <p class="cookies">
+        This website uses cookies. By continuing to use this website you consent to their use.
+      </p>
+    </v-form>
+  </v-card-text>
+</template>
+
+<script>
+import FormMixin from '@/mixins/Form'
+import { waitCursor } from '@/util'
+import { postRetryCond } from '@/http'
+
+export default {
+  mixins: [FormMixin],
+  props: {
+    isValid: {
+      type: Boolean,
+      default: null
+    }
+  },
+  data () {
+    return {
+      username: '',
+      email: '',
+      password: '',
+      confirm: '',
+      passwordVisible: false
+    }
+  },
+  computed: {
+    app () {
+      return this.$store.state.app
+    },
+    invalidInput () {
+      return (this.isValid === null) ? this.validateInput(this.$data) : !this.isValid
+    }
+  },
+  methods: {
+    validateInput (data) {
+      return ['username', 'email', 'password', 'confirm'].some(k => data[k] === '')
+    },
+    signUp () {
+      this.clearErrors()
+      waitCursor(true)
+      const data = {
+        username: this.username.trim(),
+        email: this.email.trim(),
+        password: this.password,
+        confirm: this.confirm
+      }
+      this.$http.post('/auth/signup', data, { 'axios-retry': { retries: 5, retryCondition: error => postRetryCond(error) } })
+        .then((resp) => {
+          this.$notification.show('Confirmation email was sent to your email address')
+          this.$store.dispatch('clearUserData')
+          this.$store.commit('user', resp.data)
+          this.$emit('success')
+          waitCursor(false)
+        })
+        .catch(err => {
+          this.handleError(err, 'Failed to send confirmation email')
+          waitCursor(false)
+        })
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+
+.v-tooltip {
+  cursor: default;
+}
+.cookies {
+  text-align: center;
+  color: #777;
+  margin-top: 1em;
+  font-size: 0.875em;
+}
+</style>
+
+<style lang="scss">
+.form-tooltip {
+  opacity: 0.95!important;
+  ul {
+    padding-left: 1em;
+  }
+}
+</style>
diff --git a/web-app/src/components/StorageForm.vue b/web-app/src/components/StorageForm.vue
new file mode 100644
index 00000000..1da4a765
--- /dev/null
+++ b/web-app/src/components/StorageForm.vue
@@ -0,0 +1,75 @@
+# Copyright (C) 2019 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-card v-on:keyup.enter="confirm">
+    <v-card-title>
+      <span class="headline">Edit User's Storage</span>
+    </v-card-title>
+    <v-card-text>
+      <p
+        class="text-xs-center red--text"
+        v-text="error"
+      />
+      <v-text-field
+        autofocus
+        type="number"
+        label="storage"
+        v-model="storage"
+        suffix="MB"
+        :min="1"
+      />
+    </v-card-text>
+    <v-card-actions>
+      <v-spacer/>
+      <v-btn class="black--text" @click="$dialog.close">
+        Close
+      </v-btn>
+      <v-btn
+        class="primary"
+        @click="confirm"
+      >
+        Submit
+      </v-btn>
+    </v-card-actions>
+  </v-card>
+</template>
+
+<script>
+import { waitCursor } from '../util'
+import { postRetryCond } from '../http'
+
+export default {
+  name: 'edit-storage',
+  props: {
+    userInfo: Object
+  },
+  data () {
+    return {
+      storage: null,
+      error: null
+    }
+  },
+  created () {
+    this.storage = parseInt(this.userInfo.storage_limit / (1024 * 1024))
+  },
+  methods: {
+    confirm () {
+      const profile = {
+        storage: parseInt(this.storage * 1024 * 1024)
+      }
+      waitCursor(true)
+      this.$http.post(`/auth/user/${this.userInfo.username}`, { profile }, { 'axios-retry': { retries: 5, retryCondition: error => postRetryCond(error) } })
+        .then(resp => {
+          waitCursor(false)
+          this.$dialog.close()
+          this.$router.go()
+        })
+        .catch((err) => {
+          waitCursor(false)
+          this.$notification.error(err.response.data.detail || 'Failed to update user storage')
+        })
+    }
+  }
+}
+</script>
diff --git a/web-app/src/components/TransfersTable.vue b/web-app/src/components/TransfersTable.vue
new file mode 100644
index 00000000..3fa3708b
--- /dev/null
+++ b/web-app/src/components/TransfersTable.vue
@@ -0,0 +1,168 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <div>
+    <v-data-table
+      :headers="header"
+      :items="transfers"
+      ref="table"
+      no-data-text="No transfers"
+      color="primary"
+      footer-props.items-per-page-options='[10, 25, {"text": "$vuetify.dataIterator.rowsPerPageAll","value": -1}]'
+      :hide-default-footer="transfers.length <= 10"
+      :options="options"
+    >
+      <template v-slot:item="{ item }">
+        <tr>
+        <td>
+          <router-link :to="{name: 'project', params: {namespace: item.project.namespace, projectName: item.project.name}}">
+            <strong>{{ item.project_name }}</strong>
+          </router-link>
+        </td>
+        <td>
+          {{ item.from_ns_name }}
+        </td>
+        <td>
+          {{ item.to_ns_name }}
+        </td>
+        <td>
+          {{ item.requested_by }}
+        </td>
+        <td>
+           <v-tooltip bottom>
+           <template v-slot:activator="{ on }">
+            <span v-on="on">{{ item.expire | remainingtime }}</span>
+           </template>
+            <span>{{ item.expire | datetime }}</span>
+          </v-tooltip>
+        </td>
+        <td>
+          <div style="text-align: end">
+            <v-tooltip bottom>
+            <template v-slot:activator="{ on }">
+              <span v-on="on">
+                <v-chip
+                  v-if="!expired(item.expire) && incoming(item)"
+                  @click="acceptTransferDialog(item)"
+                  elevation="0"
+                  color="green"
+                  class="white--text"
+                >
+                  accept
+                </v-chip>
+              </span>
+            </template>
+              <span>Accept transfer</span>
+            </v-tooltip>
+            <v-tooltip bottom>
+              <template v-slot:activator="{ on }">
+              <span v-on="on">
+                <v-chip
+                  @click="cancelTransfer(item)"
+                  elevation="0"
+                  color="red"
+                  class="white--text"
+                >
+                  cancel
+                </v-chip>
+              </span>
+              </template>
+              <span>Cancel transfer</span>
+            </v-tooltip>
+          </div>
+        </td>
+      </tr>
+      </template>
+    </v-data-table>
+  </div>
+</template>
+
+<script>
+import { mapState } from 'vuex'
+import MerginAPIMixin from '../mixins/MerginAPI'
+import AcceptProjectTransferForm from '@/components/AcceptProjectTransferForm'
+
+export default {
+  name: 'transfers-table',
+  components: { },
+  mixins: [MerginAPIMixin],
+  props: {
+    namespace: String
+  },
+  data () {
+    return {
+      options: {
+        'sort-by': 'name'
+      }
+    }
+  },
+  computed: {
+    ...mapState(['transfers']),
+    header () {
+      return [
+        { text: 'Name', value: 'project_name', sortable: true },
+        { text: 'From owner', value: 'from_ns_name', sortable: true },
+        { text: 'To owner', value: 'to_ns_name', sortable: true },
+        { text: 'Requested by', value: 'requested_by', sortable: false },
+        { text: 'Expire in', value: 'expire', sortable: true },
+        { text: '', width: 190, sortable: false }
+      ]
+    }
+  },
+  created () {
+    this.fetchTransfers(this.namespace)
+  },
+  methods: {
+    changeSort (column) {
+      if (this.options.sortBy === column) {
+        this.options.descending = !this.options.descending
+      } else {
+        this.options.sortBy = column
+        this.options.descending = false
+      }
+    },
+    incoming (transfer) {
+      return transfer.to_ns_name === this.namespace
+    },
+    outcoming (transfer) {
+      return transfer.from_ns_name === this.namespace
+    },
+    expired (expire) {
+      return Date.parse(expire) < Date.now()
+    },
+    acceptTransferDialog (transfer) {
+      const dialog = { maxWidth: 500, persistent: true }
+      const props = { transfer: transfer }
+      this.$dialog.show(AcceptProjectTransferForm, { props, dialog })
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.v-data-table {
+  td {
+    text-align: left;
+    &.flags {
+      .v-icon {
+        margin: 0 1px;
+        cursor: default;
+      }
+    }
+  }
+  a {
+    text-decoration: none;
+  }
+   .v-chip {
+    margin: 0;
+    margin-right: 0.5em;
+    height: 1.6em;
+    ::v-deep .v-chip__content {
+      cursor: pointer;
+      padding: 0 0.5em;
+      font-size: 85%;
+    }
+  }
+}
+</style>
diff --git a/web-app/src/components/UploadPanel.vue b/web-app/src/components/UploadPanel.vue
new file mode 100644
index 00000000..4f941f72
--- /dev/null
+++ b/web-app/src/components/UploadPanel.vue
@@ -0,0 +1,242 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-card>
+    <v-toolbar dense text dark color="primary">
+      <v-toolbar-title>Data Sync</v-toolbar-title>
+      <v-spacer/>
+      <v-btn icon @click="resetUpload">
+        <v-icon>close</v-icon>
+      </v-btn>
+    </v-toolbar>
+
+    <v-card-text v-if="upload.diff && upload.diff.changes">
+      <v-layout class="stats-line">
+        <label>Removed files:</label>
+        <v-spacer/>
+        <span class="red--text">{{ upload.diff.removed.length }}</span>
+        <v-icon small color="red">delete</v-icon>
+      </v-layout>
+      <v-layout class="stats-line">
+        <label>Added files:</label>
+        <v-spacer/>
+        <span class="green--text">{{ upload.diff.added.length }}</span>
+        <v-icon small color="green">add_circle</v-icon>
+      </v-layout>
+      <v-layout class="stats-line">
+        <label>Modified files:</label>
+        <v-spacer/>
+        <span class="orange--text">{{ upload.diff.updated.length }}</span>
+        <v-icon small color="orange">edit</v-icon>
+      </v-layout>
+      <v-layout class="stats-line">
+        <label>Renamed files:</label>
+        <v-spacer/>
+        <span class="grey--text">{{ upload.diff.moved.length }}</span>
+        <v-icon small color="grey">shuffle</v-icon>
+      </v-layout>
+      <v-layout class="stats-line">
+        <label>Upload data size:</label>
+        <v-spacer/>
+        <span>{{ uploadSize | filesize }}</span>
+      </v-layout>
+    </v-card-text>
+    <v-card-text v-else-if="upload.diff">
+      All files are up to date!
+    </v-card-text>
+
+    <v-card-text v-if="remainingAnalyzingFiles">
+      <v-layout row>
+        <v-progress-circular
+          :size="30"
+          :width="3"
+          color="primary"
+          indeterminate
+        />
+        <v-spacer/>
+        <span style="padding-right: 30px;">Remaining files: {{ remainingAnalyzingFiles }}</span>
+      </v-layout>
+    </v-card-text>
+
+    <v-card-actions v-if="upload.diff && upload.diff.changes">
+      <v-spacer/>
+      <v-btn
+        id="update-files-btn"
+        @click="confirmUpload"
+        :disabled="upload.running || remainingAnalyzingFiles > 0"
+      >
+        <v-icon class="mr-2">cloud_upload</v-icon>
+        Update
+      </v-btn>
+      <v-spacer/>
+    </v-card-actions>
+
+  </v-card>
+</template>
+
+<script>
+import { mapState } from 'vuex'
+import pick from 'lodash/pick'
+import axios from 'axios'
+import { waitCursor } from '../util'
+import { isVersionedFile, CHUNK_SIZE } from '../mergin'
+import MerginAPIMixin from '@/mixins/MerginAPI'
+import OrganisationsMixin from '@/mixins/Organisation'
+
+
+export default {
+  data () {
+    return {
+      source: null
+    }
+  },
+  props: {
+    namespace: String
+  },
+  mixins: [MerginAPIMixin, OrganisationsMixin],
+  computed: {
+    ...mapState(['project', 'uploads', 'app']),
+    upload () {
+      return this.uploads[this.project.path]
+    },
+    uploadSize () {
+      if (this.upload) {
+        const { added, updated } = this.upload.diff
+        return added.concat(updated).reduce((sum, path) => {
+          return sum + this.upload.files[path].size
+        }, 0)
+      }
+      return 0
+    },
+    remainingAnalyzingFiles () {
+      const list = (this.upload && this.upload.analysingFiles) || []
+      return list.length
+    }
+  },
+  methods: {
+    resetUpload () {
+      this.$store.commit('discardUpload', this.project.path)
+      if (this.source) {
+        this.source.cancel('Operation canceled by the user.')
+        delete this.source
+      }
+    },
+    async uploadChanges () {
+      const { added, removed, updated, moved } = this.upload.diff
+      const fileInfoFields = ['path', 'checksum', 'size', 'mtime', 'chunks']
+      const changes = {
+        removed: removed.map(path => pick(this.project.files[path], fileInfoFields)),
+        added: added.map(path => pick(this.upload.files[path], fileInfoFields)),
+        updated: updated.map(path => pick(this.upload.files[path], fileInfoFields)),
+        renamed: moved
+      }
+
+      const projectPath = this.project.path
+      const version = this.project.version || 'v0'
+      let resp
+      try {
+        resp = await this.$http.post(`/v1/project/push/${projectPath}`, { version: version, changes })
+      } catch (err) {
+        const msg = (err.response && err.response.data.detail) || 'Error'
+        this.$notification.error(msg)
+        return
+      }
+      const { transaction } = resp.data
+      if (!transaction) {
+        this.$store.commit('discardUpload', projectPath)
+        this.$notification.show('Project updated')
+        this.$store.commit('project', resp.data)
+        return
+      }
+
+      this.source = axios.CancelToken.source()
+      const promises = []
+      added.concat(updated).forEach(path => {
+        this.upload.files[path].chunks.forEach((chunk, index) => {
+          const file = this.upload.files[path].file
+          const offset = index * CHUNK_SIZE
+          const data = file.slice(offset, offset + CHUNK_SIZE)
+          const p = new Promise((resolve) => {
+            const p = this.$http.post(`/v1/project/push/chunk/${transaction}/${chunk}`, data, { cancelToken: this.source.token, 'axios-retry': { retries: 5 } })
+            p.then(() => {
+              // attach commits to upload object to monitor progress
+              this.$store.commit('chunkUploaded', projectPath)
+            }).catch(() => {})
+            resolve(p)
+          })
+          promises.push(p)
+        })
+      })
+
+      // fire up chunks uploads
+      this.$store.commit('startUpload')
+      Promise.all(promises)
+        .then(() => {
+          // call server to finish upload transaction
+          this.$http.post(`/v1/project/push/finish/${transaction}`, { cancelToken: this.source.token, 'axios-retry': { retries: 5 } }).then(resp => {
+            this.$store.commit('discardUpload', projectPath)
+            this.$notification.show(`Upload finished: ${projectPath}`)
+            this.$store.commit('project', resp.data)
+            if (this.namespace in this.app.user.profile.organisations) {
+              this.getOrganisation(this.namespace)
+            } else {
+              this.fetchUserProfile(this.app.user.username)
+            }
+            waitCursor(false)
+          }).catch(err => {
+            this.$store.commit('cancelUpload', projectPath)
+            const msg = (err.__CANCEL__) ? err.message : (err.response && err.response.data.detail) || 'Error'
+            this.$notification.error(msg)
+            this.$http.post(`/v1/project/push/cancel/${transaction}`)
+            waitCursor(false)
+          })
+        })
+        .catch(err => {
+          this.$store.commit('cancelUpload', projectPath)
+          const msg = (err.__CANCEL__) ? err.message : (err.response && err.response.data.detail) || 'Error'
+          this.$notification.error(msg)
+          this.$http.post(`/v1/project/push/cancel/${transaction}`)
+          waitCursor(false)
+        })
+    },
+    confirmUpload () {
+      const props = {
+        text: 'This update contains also changes in versioned files whose history will be lost. Are you sure to update project?',
+        confirmText: 'Update'
+      }
+      const listeners = {
+        confirm: () => this.uploadChanges()
+      }
+
+      if (this.upload.diff.updated.filter(i => isVersionedFile(i)).length) {
+        this.$dialog.prompt({ props, listeners, dialog: { maxWidth: 500 } })
+      } else {
+        this.uploadChanges()
+      }
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.v-card {
+  min-width: 240px;
+}
+.stats-line {
+  align-items: center;
+  margin: 0.75em 0;
+  label {
+    font-weight: 500;
+    color: #555;
+  }
+  .spacer {
+    height: 1em;
+    border-bottom: 1px dotted #ccc;
+    margin: 0 0.5em;
+  }
+  .v-icon {
+    margin: 0 0.25em;
+  }
+}
+</style>
diff --git a/web-app/src/components/UploadProgress.vue b/web-app/src/components/UploadProgress.vue
new file mode 100644
index 00000000..3c2138c4
--- /dev/null
+++ b/web-app/src/components/UploadProgress.vue
@@ -0,0 +1,76 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-snackbar
+    v-if="list.length"
+    bottom
+    right
+    auto-height
+    :timeout="0"
+    :value="visible"
+  >
+    <v-layout column>
+      <v-layout
+        class="py-1 row align-center justify-space-between"
+        v-for="(upload, project) in uploads"
+        :key="project"
+      >
+        <span>{{ project }}</span>
+        <v-progress-circular
+          :size="55"
+          :width="8"
+          :value="upload.loaded/upload.total * 100"
+          color="teal"
+        >
+          {{ Math.floor(upload.loaded/upload.total * 100) }}%
+        </v-progress-circular>
+      </v-layout>
+    </v-layout>
+  </v-snackbar>
+</template>
+
+<script>
+import { mapState } from 'vuex'
+import debounce from 'lodash/debounce'
+
+export default {
+  name: 'upload-progress',
+  data () {
+    return {
+      visible: false
+    }
+  },
+  computed: {
+    ...mapState(['uploads']),
+    list () {
+      return Object.values(this.uploads)
+    },
+    uploading () {
+      return this.list.some(u => u.running)
+    }
+  },
+  watch: {
+    uploading: 'updateVisibility'
+  },
+  methods: {
+    updateVisibility: debounce(function (value) {
+      this.visible = value
+    }, 500)
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+::v-deep {
+  .v-snack__content {
+    padding: 0.75em 1em;
+  }
+  .v-progress-circular__overlay {
+    transition-duration: 0.2s;
+  }
+}
+.row:not(:last-child) {
+  border-bottom: 1px solid #444;
+}
+</style>
diff --git a/web-app/src/components/UserForm.vue b/web-app/src/components/UserForm.vue
new file mode 100644
index 00000000..bccb6868
--- /dev/null
+++ b/web-app/src/components/UserForm.vue
@@ -0,0 +1,77 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-card v-on:keyup.enter="createUser">
+    <v-card-title>
+      <span class="headline">New user</span>
+    </v-card-title>
+    <v-card-text>
+      <v-text-field
+        autofocus
+        label="username"
+        v-model="username"
+        :error-messages="errors.username"
+      />
+      <v-text-field
+        label="email"
+        v-model="email"
+        :error-messages="errors.email"
+      />
+      <p
+        v-if="errorMsg"
+        class="text-xs-center red--text"
+        v-text="errorMsg"
+      />
+    </v-card-text>
+    <v-card-actions>
+      <v-spacer/>
+      <v-btn @click="$dialog.close">
+        Close
+      </v-btn>
+      <v-btn
+        class="primary"
+        :disabled="!username || !email"
+        @click="createUser"
+      >
+        Register
+      </v-btn>
+    </v-card-actions>
+  </v-card>
+</template>
+
+<script>
+import FormMixin from '@/mixins/Form'
+import { postRetryCond } from '../http'
+import { waitCursor } from '../util'
+
+export default {
+  mixins: [FormMixin],
+  data () {
+    return {
+      username: '',
+      email: ''
+    }
+  },
+  methods: {
+    createUser () {
+      this.clearErrors()
+      const data = {
+        username: this.username,
+        email: this.email
+      }
+      waitCursor(true)
+      this.$http.post('/auth/user', data, { 'axios-retry': { retries: 5, retryCondition: error => postRetryCond(error) } })
+        .then(() => {
+          waitCursor(false)
+          this.$dialog.close()
+          this.$emit('submit')
+        })
+        .catch(err => {
+          waitCursor(false)
+          this.handleError(err, 'Failed to send confirmation email')
+        })
+    }
+  }
+}
+</script>
diff --git a/web-app/src/components/WarningMessage.vue b/web-app/src/components/WarningMessage.vue
new file mode 100644
index 00000000..b41e71ef
--- /dev/null
+++ b/web-app/src/components/WarningMessage.vue
@@ -0,0 +1,21 @@
+<template>
+  <v-card
+    class="bubble mt-3"
+      style="background-color: orange; color: rgba(0,0,0,.87);"
+      outlined
+      v-if="text">
+    <span style="margin-left: 10px;"> {{text}}</span>
+  </v-card>
+</template>
+
+<script>
+export default {
+  name: 'WarningMessage',
+  props: {
+    text: null
+  }
+}
+</script>
+
+<style scoped>
+</style>
diff --git a/web-app/src/dev.js b/web-app/src/dev.js
new file mode 100644
index 00000000..17fe8dfd
--- /dev/null
+++ b/web-app/src/dev.js
@@ -0,0 +1,16 @@
+// Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+// Do not distribute without the express permission of the author.
+
+import http from './http'
+
+const initialize = new Promise((resolve, reject) => {
+  http.get('/dev/init')
+    .then(resp => {
+      http.defaults.headers.common['X-CSRF-Token'] = resp.headers['x-csrf-token']
+      // eslint-disable-next-line no-undef
+      resolve(resp.data)
+    })
+    .catch(reject)
+})
+
+export default () => initialize
diff --git a/web-app/src/http.js b/web-app/src/http.js
new file mode 100644
index 00000000..38ccdf2e
--- /dev/null
+++ b/web-app/src/http.js
@@ -0,0 +1,42 @@
+// Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+// Do not distribute without the express permission of the author.
+
+import axios from 'axios'
+import https from 'https'
+import axiosRetry, { isNetworkError, isRetryableError } from 'axios-retry'
+
+
+const HTTP = axios.create({
+  baseURL: '',
+  withCredentials: true,
+  httpsAgent: new https.Agent({
+    rejectUnauthorized: false
+  }),
+  headers: { 'X-Client': 'vue' },
+  maxContentLength: 4 * 1024 * 1024 * 1024
+})
+
+HTTP.absUrl = function (url) {
+  return HTTP.defaults.baseURL + url
+}
+
+HTTP.appendParams = function (url, params) {
+  const u = new URL(url)
+  for (const key in params) {
+    if (params[key] !== undefined) {
+      u.searchParams.append(key, params[key])
+    }
+  }
+  return u.href
+}
+
+axiosRetry(HTTP, { retries: 0, retryDelay: () => { return 60 * 1000 } })
+
+export default HTTP
+
+export function postRetryCond (error) {
+  if (!error.config) {
+    return false
+  }
+  return isNetworkError(error) || isRetryableError(error)
+}
diff --git a/web-app/src/main.js b/web-app/src/main.js
new file mode 100644
index 00000000..3b55def6
--- /dev/null
+++ b/web-app/src/main.js
@@ -0,0 +1,35 @@
+// Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+// Do not distribute without the express permission of the author.
+
+import { createApp, initialize } from './app'
+import router from './router'
+import store from './store'
+import Registration from '@/views/Registration'
+
+
+initialize().then((appData) => {
+  // add default home root
+  router.addRoute({
+    path: '/',
+    name: 'home',
+    meta: { public: true },
+    beforeEnter: (to, from, next) => {
+      if (store.state.app.user !== null && store.state.app.user.username !== null) next('/dashboard')
+      else next('/login')
+    }
+  })
+  router.addRoute({
+    beforeEnter: (to, from, next) => {
+      if (store.state.app.user && store.state.app.user.username !== null) next('/dashboard')
+      else if (!store.state.app.registration) next('/login')
+      else next()
+    },
+    path: '/register',
+    name: 'register',
+    meta: { public: true },
+    component: Registration
+  }
+  )
+  store.commit('app', appData)
+  createApp().$mount('#app')
+})
diff --git a/web-app/src/mergin.js b/web-app/src/mergin.js
new file mode 100644
index 00000000..3c361249
--- /dev/null
+++ b/web-app/src/mergin.js
@@ -0,0 +1,155 @@
+// Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+// Do not distribute without the express permission of the author.
+
+import CryptoJS from 'crypto-js/core'
+import 'crypto-js/sha1'
+import difference from 'lodash/difference'
+
+export const CHUNK_SIZE = 10 * 1024 * 1024
+
+function arrayBufferToWordArray (ab) {
+  const i8a = new Uint8Array(ab)
+  const a = []
+  for (let i = 0; i < i8a.length; i += 4) {
+    a.push(i8a[i] << 24 | i8a[i + 1] << 16 | i8a[i + 2] << 8 | i8a[i + 3])
+  }
+  return CryptoJS.lib.WordArray.create(a, i8a.length)
+}
+
+export async function getFiles (rootEntry, pingData) {
+  const files = []
+
+  async function traverseFileTree (item, pingData, path = null) {
+    if (item.isFile && !pingData.blacklist_files.includes(item.name)) {
+      let file
+      if (item.constructor === File) {
+        file = item
+      } else {
+        file = await new Promise(resolve => item.file(resolve))
+      }
+      const fileInfo = {
+        path: (path || '') + file.name, // save full path
+        size: file.size,
+        mtime: new Date(file.lastModified),
+        file,
+        chunks: calculateChunks(file.size)
+      }
+      files.push(fileInfo)
+    } else if (item.isDirectory) {
+      const dirReader = item.createReader()
+      let entries
+      do {
+        entries = await new Promise(resolve => dirReader.readEntries(resolve))
+        for (const entry of entries) {
+          if (pingData.blacklist_dirs.includes(item.name)) {
+            continue
+          }
+          await traverseFileTree(entry, pingData, path === null ? '' : path + item.name + '/')
+        }
+      } while (entries.length)
+    }
+  }
+
+  await traverseFileTree(rootEntry, pingData)
+  return files
+}
+
+export function checksum (file) {
+  return new Promise(resolve => {
+    const fileSize = file.size
+    const chunkSize = 256 * 1024
+    let offset = 0
+    const hash = CryptoJS.algo.SHA1.create()
+
+    const readEventHandler = e => {
+      // offset += e.target.result.length
+      offset += e.target.result.byteLength
+
+      // hash.update(e.target.result)
+      hash.update(arrayBufferToWordArray(e.target.result))
+      if (offset >= fileSize) {
+        const h = hash.finalize()
+        resolve(CryptoJS.enc.Hex.stringify(h))
+      } else {
+        chunkReaderBlock(offset, chunkSize, file)
+      }
+    }
+
+    const chunkReaderBlock = (_offset, length, _file) => {
+      const r = new FileReader()
+      const blob = _file.slice(_offset, length + _offset)
+      r.onload = readEventHandler
+      r.readAsArrayBuffer(blob)
+      // r.readAsText(blob)
+    }
+    chunkReaderBlock(offset, chunkSize, file)
+  })
+}
+
+export function filesDiff (oldFiles, newFiles) {
+  const oFilesPaths = Object.keys(oldFiles).filter(path => !ignoreFile(path))
+  const nFilesPaths = Object.keys(newFiles).filter(path => !ignoreFile(path))
+
+  const updated = Object.keys(oldFiles).filter(path => {
+    const f2 = newFiles[path]
+    return f2 && f2.checksum !== oldFiles[path].checksum
+  })
+  const added = difference(nFilesPaths, oFilesPaths)
+  const removed = difference(oFilesPaths, nFilesPaths)
+
+  // const moved = removed.filter(path => oldFiles[path].checksum)
+
+  const moved = []
+  removed.forEach(path => {
+    const rf = oldFiles[path]
+    const sameFile = Object.values(newFiles).find(
+      f => f.checksum === rf.checksum && f.size === rf.size && !moved.find(f2 => f.path === f2.new_path)
+    )
+    if (sameFile) {
+      moved.push({
+        path,
+        new_path: sameFile.path,
+        checksum: sameFile.checksum,
+        size: sameFile.size
+      })
+    }
+  })
+  const diff = {
+    added: difference(added, moved.map(f => f.new_path)),
+    removed: difference(removed, moved.map(f => f.path)),
+    updated,
+    moved
+  }
+  diff.changes = Object.values(diff).reduce((sum, list) => sum + list.length, 0)
+  // return Object.values(diff).reduce((sum, list) => sum + list.length, 0) ? diff : null
+  return diff
+}
+
+function splitFilePath (filePath) {
+  const filename = filePath.replace(/^.*\//, '')
+  const extension = filename.lastIndexOf('.') > 0 ? filename.split('.').pop() : ''
+  return { filename, extension }
+}
+
+function ignoreFile (filePath) {
+  const ignoreExt = ['-shm', '-wal', '~', 'pyc', 'swap']
+  const { extension } = splitFilePath(filePath)
+  return new RegExp(`(${ignoreExt.join('|')})$`, 'g').test(extension)
+}
+
+export function isVersionedFile (filePath) {
+  const { extension } = splitFilePath(filePath)
+  return ['gpkg', 'sqlite'].includes(extension)
+}
+
+export function calculateChunks (fileSize) {
+  const chunks = []
+  for (let i = 0; i < Math.ceil(fileSize / CHUNK_SIZE); i++) {
+    chunks.push(Math.random().toString(36).substring(2))
+  }
+  return chunks
+}
+
+export function parseError (error, msg = '') {
+  return (error.response && error.response.data && error.response.data.detail) ? error.response.data.detail : msg
+}
diff --git a/web-app/src/mixins/Form.js b/web-app/src/mixins/Form.js
new file mode 100644
index 00000000..364f2a92
--- /dev/null
+++ b/web-app/src/mixins/Form.js
@@ -0,0 +1,24 @@
+// Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+// Do not distribute without the express permission of the author.
+
+export default {
+  data () {
+    return {
+      errors: {},
+      errorMsg: null
+    }
+  },
+  methods: {
+    clearErrors () {
+      this.errors = {}
+      this.errorMsg = null
+    },
+    handleError (err, generalMsg = 'Error') {
+      if (typeof err.response.data === 'object') {
+        this.errors = err.response.data
+      } else {
+        this.errorMsg = err.response.data || generalMsg
+      }
+    }
+  }
+}
diff --git a/web-app/src/mixins/MerginAPI.js b/web-app/src/mixins/MerginAPI.js
new file mode 100644
index 00000000..e5aa5964
--- /dev/null
+++ b/web-app/src/mixins/MerginAPI.js
@@ -0,0 +1,136 @@
+// Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+// Do not distribute without the express permission of the author.
+
+import { waitCursor } from '../util'
+import { postRetryCond } from '../http'
+
+const API_PREFIX = '/v1'
+const PROJECT_URL = `${API_PREFIX}/project`
+
+export default {
+  methods: {
+    /**
+     * Fetch project transfers from server
+     */
+    fetchTransfers (namespace) {
+      waitCursor(true)
+      this.$http.get(`${PROJECT_URL}/transfer/${namespace}`)
+        .then(resp => {
+          this.$store.commit('transfers', resp.data)
+        })
+        .catch(() => this.$notification.error('Failed to fetch projects transfer requests'))
+        .finally(() => { waitCursor(false) })
+    },
+    /**
+     * Fetch access requests from server
+     */
+    fetchAccessRequests () {
+      this.$http.get('/app/project/access_requests')
+        .then(resp => {
+          this.$store.commit('accessRequests', resp.data)
+        })
+        .catch(() => this.$notification.error('Failed to fetch project access requests'))
+    },
+    /**
+     * Cancel project transfer
+     * @param id
+     */
+    cancelTransfer (item) {
+      waitCursor(true)
+      this.$http.delete(`${PROJECT_URL}/transfer/${item.id}`, { 'axios-retry': { retries: 5 } })
+        .then(() => {
+          this.$store.commit('deleteTransfer', item)
+        })
+        .catch(err => {
+          const msg = (err.response) ? err.response.data.detail : 'Failed to cancel transfer'
+          this.$notification.error(msg)
+        })
+        .finally(() => { waitCursor(false) })
+    },
+    /**
+     * Accept project transfer
+     * @param id
+     * @param props
+     * @return success
+     */
+    async acceptTransfer (transfer, props) {
+      let success = false
+      waitCursor(true)
+      await this.$http.post(`${PROJECT_URL}/transfer/${transfer.id}`, props, { 'axios-retry': { retries: 5 } })
+        .then((resp) => {
+          this.$store.commit('deleteTransfer', transfer)
+          success = true
+        })
+        .catch(err => {
+          const msg = (err.response) ? err.response.data.detail : 'Failed to accept transfer'
+          this.$notification.error(msg)
+          success = false
+        })
+        .finally(() => {
+          waitCursor(false)
+        })
+      return success
+    },
+    /**
+     * send confirmation email to user
+     * @param email
+     * @return success
+     */
+    sendConfirmationEmail (email) {
+      // todo logic
+      this.$http.get('/auth/resend_confirm_email')
+        .then(() => {
+          this.$notification.show(`Email was sent to address: ${email}`)
+        })
+        .catch(err => this.handleError(err, 'Failed to send confirmation email, please check your address in user profile settings'))
+    },
+    /**
+     * fetch logged user profile
+     * @return user's profile
+     */
+    async fetchUserProfile (username) {
+      await this.$http.get(`/v1/user/${username}`)
+        .then(resp => {
+          this.$store.commit('updateUserProfile', resp.data)
+          this.$store.commit('updateVerifiedEmailFlag', resp.data.verified_email)
+        })
+        .catch(() => this.$notification.error("Failed to fetch user's profile"))
+    },
+    /**
+     * change account status
+     * @param status
+     * @param accountId
+     * @return success
+     */
+    changeAccountStatus (accountId, status) {
+      this.$http.patch(`/app/change_account_status/${accountId}`, { status: status }, { 'axios-retry': { retries: 5, retryCondition: error => postRetryCond(error) } })
+        .then(resp => {
+        })
+        .catch(() => this.$notification.error('Failed to change account status'))
+    },
+    /**
+     * Cancel project access request
+     * @param item
+     */
+    cancelProjectAccessRequest (item) {
+      waitCursor(true)
+      this.$http.delete(`/app/project/access_request/${item.id}`, { 'axios-retry': { retries: 5 } })
+        .then(() => {
+        })
+        .catch(err => {
+          const msg = (err.response) ? err.response.data.detail : 'Failed to cancel access request'
+          this.$notification.error(msg)
+        })
+        .finally(() => { waitCursor(false) })
+    },
+    async fetchProject (callback) {
+      this.$http(`/v1/project/${this.namespace}/${this.projectName}`)
+        .then(resp => {
+          this.$store.commit('project', resp.data)
+        })
+        .catch(resp => {
+          callback(resp.response.status)
+        })
+    }
+  }
+}
diff --git a/web-app/src/mixins/Organisation.js b/web-app/src/mixins/Organisation.js
new file mode 100644
index 00000000..120b9a7b
--- /dev/null
+++ b/web-app/src/mixins/Organisation.js
@@ -0,0 +1,177 @@
+// Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+// Do not distribute without the express permission of the author.
+
+import { waitCursor } from '../util'
+import { postRetryCond } from '../http'
+
+const URL_PREFIX = '/orgs'
+
+export default {
+  methods: {
+    getUserOrganisations () {
+      this.$http.get(`${URL_PREFIX}/?random=${Math.random()}`)
+        .then(resp => {
+          this.$store.commit('organisations', resp.data)
+        })
+        .catch(() => {
+          this.$notification.error('Failed to load organisations')
+        })
+    },
+    /**
+     * Get organisation by name
+     * @param name
+     */
+    async getOrganisation (name) {
+      await this.$http.get(`${URL_PREFIX}/${name}`)
+        .then(resp => {
+          this.$store.commit('organisation', resp.data)
+        })
+        .catch(() => {
+          this.$notification.error('Failed to load organisation')
+        })
+    },
+    /**
+     * Delete organisation
+     * @param name
+     */
+    deleteOrganisation (name) {
+      waitCursor(true)
+      this.$http.delete(`${URL_PREFIX}/${name}`, { 'axios-retry': { retries: 5 } })
+        .then(() => {
+          this.getUserOrganisations()
+        }).catch(err => {
+          const msg = (err.response && err.response.status === 503) ? err.response.data.detail : 'Unable to remove organisation'
+          this.$notification.error(msg)
+        }).finally(() => { waitCursor(false) })
+    },
+    /**
+     * Update organisation members' access lists
+     * @param name
+     * @param access
+     */
+    updateMembers (name, access) {
+      // TODO: we need some force reload in case of failure (new values already commited in store)
+      waitCursor(true)
+      this.$http.patch(`${URL_PREFIX}/${name}/access`, access, { 'axios-retry': { retries: 5 } })
+        .then(
+          this.$store.commit('updateOrganisationMembers', {
+            owners: access.owners,
+            admins: access.admins,
+            writers: access.writers,
+            readers: access.readers
+          })
+        )
+        .catch(err => {
+          const msg = (err.response && err.response.status === 503) ? err.response.data.detail : 'Failed to save changes'
+          this.$notification.error(msg)
+        })
+        .finally(() => { waitCursor(false) })
+    },
+    /**
+     * Create a new organisation.
+     * Should be called from Form as Promise.
+     * @param data
+     */
+    createOrganisation (data) {
+      waitCursor(true)
+      this.$http.post(`${URL_PREFIX}/`, data, { 'axios-retry': { retries: 5, retryCondition: error => postRetryCond(error) } })
+        .then(() => {
+          this.$notification.show('Organisation has been created')
+        })
+        .catch((err) => {
+          const msg = (err.response) ? err.response.data.detail : 'Failed to create organisation'
+          this.$notification.error(msg)
+        })
+        .finally(() => { waitCursor(false) })
+    },
+    /**
+     * Edit organisation (for owner only).
+     * Should be called from Form as Promise.
+     * @param name
+     * @param data
+     */
+    updateOrganisation (name, data) {
+      this.$http.patch(`${URL_PREFIX}/${name}`, data, { 'axios-retry': { retries: 5, retryCondition: error => postRetryCond(error) } })
+    },
+    /**
+     * Edit organisation plan (for mergin admin only).
+     * Should be called from Form as Promise.
+     * @param name
+     * @param data
+     */
+    updateOrganisationPlan (name, data) {
+      this.$http.patch(`${URL_PREFIX}/${name}/plan`, data, { 'axios-retry': { retries: 5, retryCondition: error => postRetryCond(error) } })
+    },
+    /**
+     * get invitations.
+     * @param name subject name
+     * @param type type of subject user/org
+     */
+    getInvitations (type, name) {
+      this.$http.get(`${URL_PREFIX}/invitations/${type}/${name}`)
+        .then(resp => {
+          if (resp.data.length) {
+            if (type === 'user') {
+              this.$store.commit('invitations', resp.data)
+            } else {
+              this.$store.commit('orgInvitations', resp.data)
+            }
+          }
+        })
+        .catch(() => {
+          this.$notification.error('Failed to get invitations')
+        })
+    },
+    /**
+     * delete invitation.
+     * @param invitation
+     */
+    removeInvitation (invitation) {
+      this.$http.delete(`${URL_PREFIX}/invitation/${invitation.id}`, { 'axios-retry': { retries: 5 } })
+        .then(() => {
+          this.$store.commit('deleteInvitation', invitation)
+        })
+        .catch(err => {
+          const msg = (err.response) ? err.response.data.detail : 'Failed to cancel invitation'
+          this.$notification.error(msg)
+        })
+    },
+    /**
+     * accept invitation.
+     * @param invitation
+     */
+    acceptInvitation (invitation) {
+      this.$http.post(`${URL_PREFIX}/invitation/confirm/${invitation.id}`, { 'axios-retry': { retries: 5 } })
+        .then((response) => {
+          this.$store.commit('deleteInvitation', invitation)
+          this.$store.commit('addOrganisation', response.data)
+          this.$router.push({ name: 'org_profile', params: { name: invitation.org_name } })
+        })
+        .catch(err => {
+          const msg = (err.response) ? err.response.data.detail : 'Failed to accept invitation'
+          this.$notification.error(msg)
+        })
+    },
+    /**
+     * create invitation.
+     * @param orgName
+     * @param username
+     */
+    inviteUser (orgName, username) {
+      const data = {
+        org_name: orgName,
+        username: username,
+        role: 'reader'
+      }
+      this.$http.post(`${URL_PREFIX}/invitation/create`, data, { 'axios-retry': { retries: 5 } })
+        .then(resp => {
+          this.$notification.show('Invitation has been sent to user')
+          this.$store.commit('addInvitation', resp.data)
+        })
+        .catch(err => {
+          const msg = (err.response) ? err.response.data.detail : 'Failed to send invitation'
+          this.$notification.error(msg)
+        })
+    }
+  }
+}
diff --git a/web-app/src/organisation/components/OrganisationForm.vue b/web-app/src/organisation/components/OrganisationForm.vue
new file mode 100644
index 00000000..719d89e2
--- /dev/null
+++ b/web-app/src/organisation/components/OrganisationForm.vue
@@ -0,0 +1,120 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-form ref="form" v-model="valid" class="new-org-form">
+  <v-card v-on:keyup.enter="submit">
+    <v-card-title>
+      <span class="headline">
+        <span v-if="!editMode">Create organisation</span>
+        <span v-else>Edit organisation</span>
+      </span>
+    </v-card-title>
+    <v-card-text>
+      <p
+        v-if="errorMsg"
+        class="text-xs-center red--text"
+        v-text="errorMsg"
+      />
+        <v-text-field
+          label="Organisation name"
+          counter
+          :rules="rules"
+          maxlength="25"
+          v-model="editedOrganisation.name"
+          :error-messages="errors.name"
+          @keyup.enter="submit"
+          :disabled="editMode"
+          hint="Only alphanumeric and hyphens characters are allowed. <br> Spaces are replaced with hyphens."
+          @input="v => updateName(v)"
+        >
+          <template v-slot:message="{ message }">
+            <div v-html="message"></div>
+          </template>
+        </v-text-field>
+
+
+        <v-textarea
+          label="Description"
+          counter
+          maxlength="256"
+          v-model="editedOrganisation.description"
+          :error-messages="errors.description"
+          @keyup.enter="submit"
+        />
+
+        <v-card-actions>
+          <v-spacer/>
+          <v-btn
+              class="text--primary"
+              @click="$dialog.close"
+          >
+            Close
+          </v-btn>
+          <v-btn
+            :disabled="!valid"
+            class="primary white--text"
+            @click="submit"
+          >
+            Save
+          </v-btn>
+        </v-card-actions>
+    </v-card-text>
+  </v-card>
+</v-form>
+</template>
+
+<script>
+import FormMixin from '@/mixins/Form'
+import OrganisationMixin from '../../mixins/Organisation'
+import { waitCursor } from '../../util'
+
+export default {
+  props: {
+    organisation: Object
+  },
+  mixins: [FormMixin, OrganisationMixin],
+  data () {
+    return {
+      editedOrganisation: Object.assign({}, this.organisation),
+      valid: false,
+      rules: [
+        v => (v !== undefined && !v.startsWith('-') && !v.endsWith('-')) || 'Name cannot start/end with -',
+        v => (v !== undefined && (v.length <= 25 && v.length >= 4)) || 'Min 4 characters',
+        v => /^[a-z\d\-\s]+$/i.test(v) || 'Name cannot contain invalid characters'
+      ]
+    }
+  },
+  computed: {
+    editMode () {
+      return Boolean(this.organisation.name)
+    }
+  },
+  methods: {
+    submit () {
+      this.clearErrors()
+      let errMessage, promise
+      waitCursor(true)
+      if (this.editMode) {
+        promise = this.updateOrganisation(this.organisation.name, this.editedOrganisation)
+        errMessage = 'Failed to update organisation'
+      } else {
+        promise = this.createOrganisation(this.editedOrganisation)
+        errMessage = 'Failed to create organisation'
+      }
+      Promise.resolve(promise).then(() => {
+        this.$dialog.close()
+        this.$emit('success')
+      }).catch(err => {
+        this.handleError(err, errMessage)
+      })
+      waitCursor(false)
+    },
+    updateName (value) {
+      // replace spaces with hyphens according internal rules
+      this.editedOrganisation.name = value.replace(/ /g, '-')
+      this.valid = this.$refs.form.validate()
+    }
+  }
+}
+</script>
diff --git a/web-app/src/organisation/components/OrganisationPermissions.vue b/web-app/src/organisation/components/OrganisationPermissions.vue
new file mode 100644
index 00000000..a93f3d49
--- /dev/null
+++ b/web-app/src/organisation/components/OrganisationPermissions.vue
@@ -0,0 +1,391 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-layout class="no-shrink column">
+    <v-data-table
+      :headers="header"
+      :items="users"
+      no-data-text="No users"
+      :hide-default-footer="users.length < 10"
+      hide-default-header
+      :footer-props="{
+        itemsPerPageOptions: [10],
+      }"
+    >
+      <template v-slot:header="{ props: { headers } }">
+        <thead class="v-data-table-header">
+        <tr>
+          <th v-bind:key="header.value" v-for="header in headers">
+        <v-tooltip v-if="header.tooltip" top>
+          <template v-slot:activator="{ on }">
+          <span v-on="on">
+            {{ header.text }}
+          </span>
+          </template>
+          <span>
+            {{ header.tooltip }}
+          </span>
+        </v-tooltip>
+        <span v-else>
+          {{ header.text }}
+        </span>
+        </th>
+        </tr>
+        </thead>
+      </template>
+
+      <template v-slot:item="{ item }">
+      <tr>
+        <td>
+          <v-tooltip top v-if="item.profile.first_name || item.profile.last_name">
+            <template v-slot:activator="{ on }">
+            <b v-on="on">
+              {{ item.username }}
+            </b>
+            </template>
+            <span>
+              <span v-if="item.profile.first_name">{{ item.profile.first_name }}</span>
+              <span v-if="item.profile.last_name"> {{ item.profile.last_name }}</span>
+            </span>
+          </v-tooltip>
+          <b v-else>
+            {{ item.username }}
+          </b>
+        </td>
+        <td>
+          <v-select
+            v-if="editable(item)"
+            :value="item.permission"
+            :items="permissionStates"
+            @input="e => valueChanged(item, e)"
+            hide-details
+            label="Select"
+            single-line
+            class="input-selection"
+            style="width: 120px"
+          >
+          </v-select>
+          <span v-else>
+            {{ item.permission }}
+          </span>
+        </td>
+        <td class="justify-center layout px-0">
+          <v-btn
+            :disabled="!editable(item)"
+            @click="removeUser(item)"
+            icon
+          >
+            <v-icon color="red darken-3">delete</v-icon>
+          </v-btn>
+        </td>
+      </tr>
+      </template>
+    </v-data-table>
+    <br>
+    <div v-if="isAdmin">
+      <h3>Invitations</h3>
+      <v-data-table
+        :headers="headerInvitations"
+        :items="invitations"
+        no-data-text="No users"
+        hide-default-footer
+        hide-default-header
+      >
+        <template v-slot:header="{ props: { headers } }">
+          <thead>
+          <tr>
+            <th v-bind:key="header.value" v-for="header in headers" >
+          <v-tooltip v-if="header.tooltip" top>
+            <template v-slot:activator="{ on }">
+            <span v-on="on">
+              {{ header.text }}
+            </span>
+            </template>
+            <span>
+              {{ header.tooltip }}
+            </span>
+          </v-tooltip>
+          <span v-else>
+            {{ header.text }}
+          </span>
+          </th>
+          </tr>
+          </thead>
+        </template>
+
+      <template v-slot:item="{ item }">
+        <tr>
+        <td>
+          <b>
+            {{ item.username }}
+          </b>
+        </td>
+        <td>
+          <v-tooltip bottom>
+            <template v-slot:activator="{ on }">
+            <span v-on="on">{{ item.expire | remainingtime }}</span>
+            </template>
+            <span>{{ item.expire | datetime }}</span>
+          </v-tooltip>
+        </td>
+        <td style="text-align: end;">
+          <v-chip
+            @click="removeInvitation(item)"
+            elevation="0"
+            color="red"
+            small
+            class="white--text"
+          >
+            remove
+          </v-chip>
+        </td>
+      </tr>
+      </template>
+    </v-data-table>
+
+      <v-layout mx-3 my-2 align-end>
+        <v-autocomplete
+          placeholder="Find user"
+          v-model="user"
+          :loading="isLoading"
+          :items="searchResults"
+          :search-input.sync="userQuery"
+          clearable
+          return-object
+          no-data-text="Type more letters"
+          :hide-no-data="userQuery && userQuery.length > 2"
+          hide-details
+        >
+          <template v-slot:item="{ item }">
+            <v-list-item-content style="padding-bottom: 6px; padding-top: 6px;">
+              <div v-html="`${emphasizeMatch(item.value.username, userQuery)}  ${getUserProfileName(item.value)}`" class="v-list-item-content">
+              </div>
+            </v-list-item-content>
+      </template>
+        </v-autocomplete>
+        <v-btn
+            class="primary white--text"
+          :disabled="!user"
+          @click="createInvitation"
+        >
+          <v-icon class="mr-2">add_circle</v-icon>
+          Invite
+        </v-btn>
+      </v-layout>
+    </div>
+  </v-layout>
+</template>
+
+<script>
+import debounce from 'lodash/debounce'
+import union from 'lodash/union'
+import difference from 'lodash/difference'
+import concat from 'lodash/concat'
+import chunk from 'lodash/chunk'
+import OrganisationMixin from '../../mixins/Organisation'
+import { mapState } from 'vuex'
+
+export default {
+  mixins: [OrganisationMixin],
+  props: {
+    organisation: Object,
+    appUser: Object
+  },
+  data () {
+    return {
+      // search data
+      userQuery: '',
+      isLoading: false,
+      searchResults: [],
+      user: null,
+      users: [],
+      header: [
+        {
+          text: 'User',
+          align: 'start',
+          sortable: false
+        },
+        {
+          text: 'Permission',
+          align: 'end',
+          sortable: false,
+          width: '60',
+          tooltip: 'Permission selection for the user'
+        },
+        {
+          text: '',
+          align: 'end',
+          sortable: false
+        }
+      ],
+      isOwner: false,
+      isAdmin: false,
+      headerInvitations: [
+        {
+          text: 'User',
+          align: 'start',
+          sortable: false
+        },
+        {
+          text: 'Expire in',
+          align: 'start',
+          sortable: false,
+          width: '180',
+          tooltip: 'Invitation expiration'
+        },
+        {
+          text: '',
+          align: 'end',
+          sortable: false
+        }
+      ]
+      // invitations: []
+    }
+  },
+  computed: {
+    ...mapState({ invitations: 'orgInvitations' }),
+    permissionStates () {
+      const states = ['owner', 'admin', 'writer', 'reader']
+      if (!this.isOwner) { states.splice(0, 1) }
+      return states
+    }
+  },
+  watch: {
+    userQuery: 'search',
+    organisation: {
+      deep: true,
+      immediate: true,
+      handler () {
+      // computed props are evaluated before we get organisation prop, thus we need to watcher instead
+        const access = {
+          owner: this.organisation.owners,
+          admin: difference(this.organisation.admins, this.organisation.owners),
+          writer: difference(this.organisation.writers, concat(this.organisation.owners, this.organisation.admins)),
+          reader: difference(this.organisation.readers, concat(this.organisation.owners, this.organisation.admins, this.organisation.writers))
+        }
+        for (const [permission, names] of Object.entries(access)) {
+        // server returns only 5 entries from db for single call
+          const chunks = chunk(names, 5)
+          Promise.all(chunks.map(async (item) => {
+            const params = { names: item.join(',') }
+            await this.$http.get('/auth/user/search', { params }).then(resp => {
+              resp.data
+                .filter(i => !this.users.map(u => u.username).includes(i.username))
+                .map(i => {
+                  i.permission = permission
+                  this.users.push(i)
+                })
+            })
+          }))
+        }
+        this.isOwner = this.organisation.owners.includes(this.appUser.username)
+        this.isAdmin = this.isOwner || this.organisation.admins.includes(this.appUser.username)
+      }
+    }
+
+  },
+  created () {
+    if (this.isAdmin) { this.getInvitations('org', this.organisation.name) }
+  },
+  methods: {
+    search: debounce(function () {
+      if (this.user && this.userQuery === this.user.text) {
+        return
+      }
+      if (!this.userQuery || this.userQuery.length < 3) {
+        this.searchResults = []
+        return
+      }
+      this.isLoading = true
+      const params = { like: this.userQuery }
+      this.$http.get('/auth/user/search', { params })
+        .then(resp => {
+          const omitUsers = this.users.map(i => i.username)
+          this.searchResults = resp.data
+            .filter(u => !omitUsers.includes(u.username))
+            .map(u => ({
+              value: u,
+              text: u.username
+            }))
+          this.isLoading = false
+        })
+        .catch(() => {
+          this.isLoading = false
+        })
+    }, 300),
+    createInvitation () {
+      this.searchResults = []
+      this.inviteUser(this.organisation.name, this.user.value.username)
+    },
+    removeUser (user) {
+      this.users.splice(this.users.indexOf(user), 1)
+      this.valueChanged()
+    },
+    emphasizeMatch (string, reg) {
+      const res = string.replace(new RegExp(reg, 'i'), function (str) { return '<b>' + str + '</b>' })
+      return res
+    },
+    valueChanged (user, permission) {
+      if (user && permission) {
+        this.users[this.users.indexOf(user)].permission = permission
+      }
+      const access = {}
+      const permissions = ['owner', 'admin', 'writer', 'reader']
+      permissions.forEach(p => {
+        access[p] = this.users.filter(u => u.permission === p).map(u => u.username)
+      })
+      // server requires explicit permissions lists
+      this.$emit('save-organisation', {
+        owners: access.owner,
+        admins: union(access.owner, access.admin),
+        writers: union(access.owner, access.admin, access.writer),
+        readers: union(access.owner, access.admin, access.writer, access.reader)
+      })
+    },
+    editable (user) {
+      if (user.permission === 'owner') {
+        // allow edit/remove owner only if there are more than one
+        return this.isOwner && this.organisation.owners.length > 1
+      } else {
+        return this.isAdmin
+      }
+    },
+    getUserProfileName (user) {
+      const firstName = user.profile.first_name ? user.profile.first_name : ''
+      const lastName = user.profile.last_name ? user.profile.last_name : ''
+      return firstName || lastName ? `(${firstName} ${lastName})` : ''
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.no-shrink {
+  flex: 0 0 auto;
+}
+label {
+  font-weight: 500;
+}
+::v-deep {
+  .v-data-table__overflow {
+    margin: 0.5em 0;
+    border: 1px solid #ddd;
+    border-radius: 3px;
+    padding: 0.5em;
+    background-color: #f9f9f9;
+    .v-datatable {
+      background-color: transparent;
+    }
+  }
+}
+.v-list {
+  ::v-deep .v-list-item {
+    min-height: unset;
+  }
+}
+.input-selection{
+  padding: 0;
+  font-size: 12px;
+}
+</style>
diff --git a/web-app/src/organisation/components/OrganisationSideBar.vue b/web-app/src/organisation/components/OrganisationSideBar.vue
new file mode 100644
index 00000000..5936e2cb
--- /dev/null
+++ b/web-app/src/organisation/components/OrganisationSideBar.vue
@@ -0,0 +1,285 @@
+# Copyright (C) 2021 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-navigation-drawer
+      class="user-side-bar d-flex align-start flex-column mb-6"
+      id="core-navigation-drawer-org"
+      v-model="drawer"
+      :expand-on-hover="expandOnHover"
+      :right="$vuetify.rtl"
+      mobile-break-point="960"
+      :dark="barColor !== 'rgba(228, 226, 226, 1), rgba(255, 255, 255, 0.7)'"
+      app
+      width="260"
+      v-bind="$attrs"
+  >
+
+    <div style="height:100%;">
+      <v-card
+          class="d-flex flex-column"
+          flat
+          tile
+          style="height:100%; width: 260px"
+          :outlined="true"
+          v-if="organisation"
+      >
+        <v-card
+            class="pa-2"
+            tile
+            :outlined="true"
+            style="margin-top: 40px;"
+        >
+          <v-menu
+        v-if="app.user && app.user.email"
+        :min-width="150"
+        bottom
+        left
+        offset-y
+        origin="top right"
+        transition="scale-transition"
+      >
+        <template v-slot:activator="{ on }">
+        <v-btn v-on="on" text dark :ripple="false" class="icon-btn" style="padding-top: 20px; text-transform: none;">
+          <v-icon class="mr-2 primary--text">group</v-icon> <h2 class="primary--text truncate" style="text-align: center">{{organisation.name}}</h2><v-icon class="primary--text" >arrow_drop_down</v-icon>
+        </v-btn>
+                  </template>
+
+        <v-list dense>
+          <v-list-item :to="{name: 'dashboard'}">
+            <strong> {{ app.user.username }} </strong>
+          </v-list-item>
+          <v-divider></v-divider>
+
+          <v-list-item v-for="(item, i) in computedOrganisationItems" :key="i" :to="{ name: 'org_projects', params: { name: item.title }}" >
+            {{item.title}}
+          </v-list-item>
+        </v-list>
+      </v-menu>
+
+          <v-list nav flat>
+            <base-item
+                id="item-home"
+                key="item-home"
+                :item="{title: `Back to ${app.user.username} profile`,
+                      to: '/dashboard'}"
+                color="primary"
+            />
+          </v-list>
+
+          <v-divider style="width: 90%; margin: 5px 0px 5px 0px"/>
+          <span style="color: #8c8c8c; font-size: larger">
+          <v-icon color="#8c8c8c">folder</v-icon>
+          Projects
+        </span>
+          <v-btn x-small
+               color="#ff9800"
+               rounded
+               style="float: right;"
+               @click="newProjectDialog">+ create</v-btn>
+          <v-list :expand="true" nav>
+
+            <template v-for="(item, i) in computedItems">
+              <base-item
+                  :id="`item-${i}`"
+                  :key="`item-${i}`"
+                  :item="item"
+                  color="primary"
+                  class="ma-0"
+              />
+            </template>
+          </v-list>
+          <v-divider style="width: 90%; margin: 5px 0px 5px 0px"/>
+          <span style="color: #8c8c8c; font-size: larger">
+            <v-icon color="#8c8c8c">settings</v-icon>
+            Settings
+          </span>
+          <v-list nav >
+
+            <template v-for="(item, i) in computedSetingsItems">
+              <base-item
+                  :id="`menu-item-${item.title.toLowerCase()}`"
+                  :key="`item-${i}`"
+                  :item="item"
+                  color="primary"
+                  class="ma-0"
+                  value="org_context"
+              />
+            </template>
+          </v-list>
+        </v-card>
+        <v-card
+            :class="'mt-auto'"
+            class="pa-2"
+            :outlined="true"
+            tile>
+          <sidebar-footer sidebarType="organisation"/>
+        </v-card>
+      </v-card>
+    </div>
+  </v-navigation-drawer>
+</template>
+
+<script>
+import Item from '@/admin/components/base/Item'
+import { mapState } from 'vuex'
+import ProjectForm from '@/components/ProjectForm'
+import OrganisationsMixin from '@/mixins/Organisation'
+import SideBarFooter from '@/components/SideBarFooter'
+
+export default {
+  name: 'SideBar',
+  components: {
+    'base-item': Item,
+    'sidebar-footer': SideBarFooter
+  },
+  mixins: [OrganisationsMixin],
+  props: {
+    expandOnHover: {
+      type: Boolean,
+      default: false
+    }
+  },
+
+  data: () => ({}),
+
+  computed: {
+    ...mapState(['app', 'barColor', 'barImage', 'organisations', 'organisation']),
+    drawer: {
+      get () {
+        return this.$store.state.drawer
+      },
+      set (val) {
+        this.$store.commit('SET_DRAWER', val)
+      }
+    },
+    computedItems () {
+      return this.items.map(this.mapItem)
+    },
+    computedOrganisationItems () {
+      return this.organisationItems.map(this.mapItem)
+    },
+    computedSetingsItems () {
+      return this.settingItems.map(this.mapItem)
+    },
+    profile () {
+      return {
+        avatar: true,
+        title: this.$t('avatar'),
+        username: this.app.user.username
+      }
+    },
+    items () {
+      return [
+        {
+          title: 'Organisation\'s projects',
+          to: `/organisations/${this.organisation.name}/projects`
+        }
+      ]
+    },
+    settingItems () {
+      const items = []
+      this.$router.getRoutes().filter(route => route.path.includes('/organisations/') && route.meta.toSidebar).forEach(item => {
+        if (!this.organisation.owners.includes(this.app.user.username) && item.meta.name === 'Subscriptions') {
+          return
+        }
+        items.push(
+          {
+            title: item.meta.name,
+            to: item.path.replace(':name', this.organisation.name)
+          })
+      })
+      return items
+    },
+    organisationItems () {
+      const userOrgs = []
+      if (this.app.user.profile && this.app.user.profile.organisations) {
+        Object.keys(this.app.user.profile.organisations).forEach(organisation => {
+          const org = {
+            title: organisation,
+            to: `/organisations/${organisation}/projects`
+          }
+          userOrgs.push(org)
+        })
+      }
+      return userOrgs
+    },
+    userProfile () {
+      return this.app.user.profile
+    },
+    usage () {
+      if (this.organisation) {
+        return (this.organisation.storage) ? this.organisation.disk_usage / this.organisation.storage : 0
+      }
+      return null
+    }
+  },
+  created () {
+    if (!this.organisation || this.organisation.name !== this.$route.params.name) {
+      this.getOrganisation(this.$route.params.name)
+    }
+  },
+  methods: {
+    mapItem (item) {
+      return {
+        ...item,
+        children: item.children ? item.children.map(this.mapItem) : undefined
+      }
+    },
+    newProjectDialog () {
+      const dialog = { maxWidth: 500, persistent: true }
+      this.$dialog.show(ProjectForm, { dialog })
+    }
+  }
+}
+</script>
+
+<style lang="sass" scoped>
+  @import '~vuetify/src/styles/tools/_rtl.sass'
+  .primary.v-list-item--active.v-list-item
+    background-color: #b0b1b5 !important
+
+  .theme--dark.v-navigation-drawer
+    background-color: #eaebef !important
+
+  .theme--dark.v-navigation-drawer .v-divider
+    border-color: hsl(240, 2%, 55%)
+
+  .theme--dark.v-card
+    background-color: #eaebef !important
+
+  .v-application .white--text
+    color: #2D4470 !important
+    caret-color: #2D4470 !important
+
+  .theme--dark.v-list-item:not(.v-list-item--active):not(.v-list-item--disabled)
+    color: #2D4470 !important
+
+  .v-list-item--link:hover
+    background: rgba(0, 0, 0, 0.04) !important
+
+  .theme--dark.v-card.v-list-item.v-list-item--link
+    min-height: 20px !important
+    padding: 5px 0px 5px 0px !important
+
+  .truncate
+    width: 100px
+    white-space: nowrap
+    overflow: hidden
+    text-overflow: ellipsis
+
+  div.v-navigation-drawer__content
+    width: 100%
+
+  .v-list
+  ::v-deep .v-list-item
+    font-size: 14px
+    color: #444
+    min-height: 32px
+    .v-list-item__content
+      padding: 0px 0px 0px 0px
+
+  a
+    text-decoration: none
+    margin-top: 5px
+</style>
diff --git a/web-app/src/organisation/views/Organisation.vue b/web-app/src/organisation/views/Organisation.vue
new file mode 100644
index 00000000..0cfdb7ce
--- /dev/null
+++ b/web-app/src/organisation/views/Organisation.vue
@@ -0,0 +1,37 @@
+<template>
+  <page-view :style="`padding-left: ${drawer ? 260 : 20}px; overflow-y: auto; padding:right: 20px; margin-right: 0px`">
+      <router-view></router-view>
+  </page-view>
+</template>
+
+<script>
+import PageView from '@/views/PageView'
+import { mapMutations, mapState } from 'vuex'
+
+export default {
+  name: 'organisation-page',
+  components: { PageView },
+  computed: {
+    ...mapState(['drawer', 'app']),
+    name () {
+      return this.$route.params.name
+    }
+  },
+  methods: {
+    ...mapMutations({
+      setDrawer: 'SET_DRAWER'
+    })
+  }
+}
+</script>
+
+<style scoped>
+
+.toggle-toolbar {
+  position: fixed;
+  left: 5px;
+  z-index: 100;
+  bottom: 20px;
+}
+
+</style>
diff --git a/web-app/src/organisation/views/OrganisationMembers.vue b/web-app/src/organisation/views/OrganisationMembers.vue
new file mode 100644
index 00000000..f45c53a8
--- /dev/null
+++ b/web-app/src/organisation/views/OrganisationMembers.vue
@@ -0,0 +1,112 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <page-view>
+    <v-card class="layout column main-content fill-height" flat v-if="isMember">
+      <v-card-text>
+          <h1 class="primary--text"> Members </h1>
+          <br>
+          <v-divider/>
+          <div class="py-2"/>
+            <organisation-permissions
+              :organisation="organisation"
+              :appUser="app.user"
+              @save-organisation="saveSettings(...arguments)"
+            />
+          <div class="py-2"/>
+        <v-divider/>
+      </v-card-text>
+    </v-card>
+  </page-view>
+</template>
+
+<script>
+import union from 'lodash/union'
+import { mapState } from 'vuex'
+import OrganisationMixin from '../../mixins/Organisation'
+import PageView from '@/views/PageView'
+import OrganisationPermissions from '@/organisation/components/OrganisationPermissions'
+import MerginAPIMixin from '@/mixins/MerginAPI'
+
+export default {
+  name: 'organisation-members',
+  mixins: [OrganisationMixin, MerginAPIMixin],
+  components: { PageView, OrganisationPermissions },
+  props: { name: String },
+  computed: {
+    ...mapState(['app', 'organisation']),
+    isMember () {
+      if (this.organisation && this.app.user) {
+        return this.isAdmin || union(this.organisation.writers, this.organisation.readers).includes(this.app.user.username)
+      }
+      return null
+    }
+  },
+  methods: {
+    saveSettings (access) {
+      // check access obj is valid
+      const empty = (element) => !element.length
+      const invalidKey = Object.values(access).some(empty)
+      if (invalidKey) {
+        this.$notification.error('Failed to save: Invalid update of permissions')
+        return
+      }
+      this.updateMembers(this.name, access)
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.profile{
+  margin-bottom: 20px;
+  h2 {
+    color: #2D4470;
+    margin-bottom: 10px;
+  }
+  button {
+    padding-left: 10px;
+    height: 35px;
+    padding-right: 10px;
+    width: 100%;
+    i {
+      font-size: 13px;
+    }
+  }
+  .align-center{
+    padding-top: 10px;
+    padding-bottom: 10px;
+    align-items: flex-start;
+    padding-right: 10px;
+  }
+  .section{
+    margin-right: 10px;
+    ul {
+      padding-left: 0;
+    }
+    li {
+      list-style: none;
+      b {
+        width: 150px;
+        display: inline-block;
+      }
+    }
+    .v-icon {
+      font-size: 18px;
+    }
+  }
+}
+
+@media (max-width : 480px) {
+  .action-button {
+    width: 135px;
+  }
+}
+
+.action-button {
+  div {
+    display: inline-block;
+  }
+}
+</style>
diff --git a/web-app/src/organisation/views/OrganisationProfile.vue b/web-app/src/organisation/views/OrganisationProfile.vue
new file mode 100644
index 00000000..da994556
--- /dev/null
+++ b/web-app/src/organisation/views/OrganisationProfile.vue
@@ -0,0 +1,216 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <page-view>
+    <v-layout class="layout column main-content fill-height" flat v-if="isMember">
+      <warning-message  v-if="isAdmin || isOwner"/>
+      <v-card-text>
+        <div class="profile">
+          <h1 class="primary--text"> Profile </h1>
+          <br>
+          <v-divider/>
+          <v-row>
+          <v-col lg="8" md="7" sm="9" cols="12" style="color: rgba(0,0,0,.6);">
+            <!-- Render profile -->
+            <div class="section">
+              <ul v-if="organisation">
+                <li> <b> Name: </b>{{ organisation.name }} </li>
+                <li> <b> Description: </b>{{ organisation.description }} </li>
+                <li> <b> Contact Email: </b>{{ organisation.account.email }} </li>
+                <li> <b> Registered: </b>{{ organisation.registration_date | date }} </li>
+                <br>
+              </ul>
+            </div>
+            <v-spacer/>
+            </v-col>
+            <!-- actions -->
+            <v-col lg="3" offset-lg="1" md="3" offset-md="1" sm="5" offset-sm="4" cols="5" offset="3">
+            <div v-if="isOwner">
+              <div>
+                <v-btn
+                  @click="editOrganisationDialog"
+                  class="primary--text"
+                >
+                <v-icon class="mr-2">edit</v-icon>
+                edit profile
+                </v-btn>
+              </div>
+              <div>
+                <v-btn
+                  @click="confirmDeleteOrganisation"
+                  class="white--text"
+                  depressed
+                  color="red"
+                >
+                  <v-icon class="mr-2">remove_circle</v-icon>
+                  close organisation
+                </v-btn>
+              </div>
+            </div>
+          </v-col>
+          </v-row>
+        </div>
+        <v-divider/>
+      </v-card-text>
+      <v-card class="table" flat
+              v-if="isWriter">
+        <v-card-text>
+      <h3>Project transfers</h3>
+      <transfers-table :namespace="organisation.name"/>
+        </v-card-text>
+        </v-card>
+      </v-layout>
+  </page-view>
+</template>
+
+<script>
+import union from 'lodash/union'
+import { mapState } from 'vuex'
+import OrganisationMixin from '../../mixins/Organisation'
+import PageView from '@/views/PageView'
+import OrganisationForm from '@/organisation/components/OrganisationForm'
+import MerginAPIMixin from '@/mixins/MerginAPI'
+import { waitCursor } from '@/util'
+import TransfersTable from '@/components/TransfersTable'
+import WarningMessage from '@/components/WarningMessage'
+
+
+export default {
+  name: 'organisation-profile',
+  mixins: [OrganisationMixin, MerginAPIMixin],
+  components: { PageView, TransfersTable, WarningMessage },
+  props: { name: String },
+  computed: {
+    ...mapState(['app', 'organisation']),
+    usage () {
+      if (this.organisation) {
+        return (this.organisation.storage) ? this.organisation.disk_usage / this.organisation.storage : 0
+      }
+      return null
+    },
+    isOwner () {
+      if (this.organisation && this.app.user) {
+        return this.organisation.owners.includes(this.app.user.username)
+      }
+      return null
+    },
+    isAdmin () {
+      if (this.organisation && this.app.user) {
+        return this.isOwner || this.organisation.admins.includes(this.app.user.username)
+      }
+      return null
+    },
+    isMember () {
+      if (this.organisation && this.app.user) {
+        return this.isAdmin || union(this.organisation.writers, this.organisation.readers).includes(this.app.user.username)
+      }
+      return null
+    },
+    isWriter () {
+      if (this.organisation && this.app.user) {
+        return this.isAdmin || this.organisation.writers.includes(this.app.user.username)
+      }
+      return null
+    }
+  },
+  methods: {
+    confirmDeleteOrganisation () {
+      const props = {
+        text: 'Are you sure to close this organisation? All projects under this organisation will be removed. <br> <br> Type in organisation name to confirm:',
+        confirmText: 'Delete',
+        confirmField: {
+          label: 'Organisation name',
+          expected: this.name
+        }
+      }
+      const listeners = {
+        confirm: () => {
+          this.closeAccount()
+        }
+      }
+      this.$dialog.prompt({ props, listeners, dialog: { maxWidth: 500 } })
+    },
+    closeAccount () {
+      waitCursor(true)
+      const promise = this.$http.delete(`/app/account/${this.organisation.account.id}`, { 'axios-retry': { retries: 5 } })
+      Promise.resolve(promise).then(() => {
+        location.href = '/'
+      }).catch(err => {
+        const msg = (err.response) ? err.response.data.detail : 'Unable to close account'
+        this.$notification.error(msg)
+      }).finally(() => { waitCursor(false) })
+    },
+    editOrganisationDialog () {
+      const props = { organisation: this.organisation }
+      const dialog = { maxWidth: 500, persistent: true }
+      const listeners = {
+        success: () => {
+          this.getOrganisation(this.name)
+          this.$notification.show('Updated successfully')
+        }
+      }
+      this.$dialog.show(OrganisationForm, { props, listeners, dialog })
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.main-content {
+  overflow: auto;
+}
+.col-5 {
+  max-width: 100%;
+}
+.profile{
+  margin-bottom: 20px;
+  h2 {
+    color: #2D4470;
+    margin-bottom: 10px;
+  }
+  button {
+    padding-left: 10px;
+    height: 35px;
+    padding-right: 10px;
+    width: 100%;
+    i {
+      font-size: 13px;
+    }
+  }
+  .align-center{
+    padding-top: 10px;
+    padding-bottom: 10px;
+    align-items: flex-start;
+    padding-right: 10px;
+  }
+  .section{
+    margin-right: 10px;
+    ul {
+      padding-left: 0;
+    }
+    li {
+      list-style: none;
+      b {
+        width: 150px;
+        display: inline-block;
+      }
+    }
+    .v-icon {
+      font-size: 18px;
+    }
+  }
+}
+
+@media (max-width : 480px) {
+  .action-button {
+    width: 135px;
+  }
+}
+
+.action-button {
+  div {
+    display: inline-block;
+  }
+}
+</style>
diff --git a/web-app/src/organisation/views/OrganisationProjects.vue b/web-app/src/organisation/views/OrganisationProjects.vue
new file mode 100644
index 00000000..2afff5af
--- /dev/null
+++ b/web-app/src/organisation/views/OrganisationProjects.vue
@@ -0,0 +1,112 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-card class="layout column main-content fill-height" flat>
+    <v-card-title>
+      <h2 class="primary--text"> Projects </h2>
+      </v-card-title>
+    <warning-message v-if="isAdmin || isOwner"/>
+
+    <v-card-text>
+      <v-divider/>
+      <div class="py-2"/>
+      <projects-table :key="key" :namespace="name" :show-namespace="false" :show-tags="false"></projects-table>
+      <div class="py-2"/>
+    </v-card-text>
+
+    <v-card text flat class="table" v-if="isAdmin">
+      <v-card-title>
+        <h3>Projects transfer request</h3>
+      </v-card-title>
+      <v-card-text>
+        <transfers-table :namespace="name" />
+      </v-card-text>
+    </v-card>
+
+  </v-card>
+</template>
+
+<script>
+import { mapState } from 'vuex'
+import TransfersTable from '@/components/TransfersTable'
+import ProjectsTable from '@/components/ProjectsTable'
+import MerginAPIMixin from '@/mixins/MerginAPI'
+import OrganisationMixin from '@/mixins/Organisation'
+import WarningMessage from '@/components/WarningMessage'
+
+export default {
+  name: 'organisations-projects',
+  mixins: [OrganisationMixin, MerginAPIMixin],
+  components: { TransfersTable, ProjectsTable, WarningMessage },
+  props: {
+    name: String
+  },
+  data () {
+    return {
+      projects: [],
+      dialog: false,
+      key: 0
+    }
+  },
+  computed: {
+    ...mapState(['app', 'organisation', 'transfers']),
+    isOwner () {
+      if (this.organisation && this.app.user) {
+        return this.organisation.owners.includes(this.app.user.username)
+      }
+      return null
+    },
+    isAdmin () {
+      if (this.organisation && this.app.user) {
+        return this.isOwner || this.organisation.admins.includes(this.app.user.username)
+      }
+      return null
+    }
+  },
+  watch: {
+    transfers: function () {
+      this.key += 1
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.main-content {
+  overflow: unset;
+}
+.profile {
+  margin-bottom: 20px;
+
+h2 {
+    color: #2D4470;
+    margin-bottom: 10px;
+  }
+}
+.table{
+  margin-top: 0px;
+  padding-right: 10px;
+  button {
+    padding-left: 10px;
+    height: 35px;
+    padding-right: 10px;
+    width: 100%;
+    i {
+      font-size: 13px;
+    }
+  }
+}
+
+@media (max-width : 480px) {
+  .action-button {
+    width: 135px;
+  }
+}
+
+.action-button {
+  div {
+    display: inline-block;
+  }
+}
+</style>
diff --git a/web-app/src/prod.js b/web-app/src/prod.js
new file mode 100644
index 00000000..b94b1b35
--- /dev/null
+++ b/web-app/src/prod.js
@@ -0,0 +1,15 @@
+// Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+// Do not distribute without the express permission of the author.
+
+import http from './http'
+
+const initialize = new Promise(resolve => {
+  const data = window.app
+  // eslint-disable-next-line no-undef
+  http.defaults.headers.common['X-CSRF-Token'] = data.csrf
+  delete data.csrf
+  delete window.app
+  resolve(data)
+})
+
+export default () => initialize
diff --git a/web-app/src/router.js b/web-app/src/router.js
new file mode 100644
index 00000000..d0c910e3
--- /dev/null
+++ b/web-app/src/router.js
@@ -0,0 +1,261 @@
+// Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+// Do not distribute without the express permission of the author.
+
+import Vue from 'vue'
+import Router from 'vue-router'
+import AppHeader from '@/components/AppHeader'
+import ProjectsList from '@/views/ProjectsList'
+import Project from '@/views/Project'
+import FileBrowser from '@/views/FileBrowser'
+import FileDetail from '@/views/FileDetail'
+import ProjectSettings from '@/views/ProjectSettings'
+import ProjectVersions from '@/views/ProjectVersions'
+import VersionDetail from '@/views/VersionDetail'
+import FileVersionDetail from '@/views/FileVersionDetail'
+import store from './store'
+import UserProjects from '@/user/views/UserProjects'
+import Profile from '@/user/views/Profile'
+import Organisations from '@/user/views/Organisations'
+import Root from '@/user/views/Root'
+import OrganisationProfile from '@/organisation/views/OrganisationProfile'
+import OrganisationProjects from '@/organisation/views/OrganisationProjects'
+import OrganisationMembers from '@/organisation/views/OrganisationMembers'
+import Organisation from '@/organisation/views/Organisation'
+import LoginDialog from '@/components/LoginDialog'
+import Dashboard from './views/Dashboard'
+import SideBar from '@/components/SideBar'
+import OrganisationSideBar from './organisation/components/OrganisationSideBar'
+import { parseError } from '@/mergin'
+
+Vue.use(Router)
+
+const router = new Router({
+  mode: 'history',
+  routes: [
+    {
+      beforeEnter: (to, from, next) => {
+        if (store.state.app.user) next('/dashboard')
+        else next()
+      },
+      path: '/login/:reset?',
+      name: 'login',
+      component: LoginDialog,
+      props: true,
+      meta: { public: true }
+    },
+    {
+      path: '/dashboard',
+      name: 'dashboard',
+      components: {
+        default: Dashboard,
+        header: AppHeader,
+        sidebar: SideBar
+      },
+      props: {
+        default: true
+      }
+    },
+    {
+      path: '/profile',
+      name: 'user_profile',
+      beforeEnter: (to, from, next) => {
+        next(`users/${store.state.app.user.username}/profile`)
+      }
+    },
+    {
+      path: '/projects',
+      name: 'projects',
+      meta: { public: true },
+      components: {
+        default: ProjectsList,
+        header: AppHeader,
+        sidebar: SideBar
+      },
+      props: {
+        default: true
+      },
+      children: [
+        {
+          path: 'shared',
+          name: 'shared_projects',
+          component: ProjectsList,
+          props: true,
+          meta: { flag: 'shared', header: 'Shared with me' }
+        },
+        {
+          path: 'created',
+          name: 'my_projects',
+          component: ProjectsList,
+          props: true,
+          meta: { flag: 'created', header: 'My projects' }
+        },
+        {
+          path: 'explore',
+          name: 'explore',
+          component: ProjectsList,
+          props: true,
+          meta: { flag: 'explore', header: 'Explore projects' }
+        },
+        {
+          path: 'request',
+          name: 'request_projects',
+          component: ProjectsList,
+          props: true,
+          meta: { flag: 'request', header: 'Projects to be transferred' }
+        },
+        {
+          path: ':namespace',
+          name: 'namespace-projects',
+          component: ProjectsList,
+          props: true
+        }
+      ]
+    },
+    {
+      path: '/projects/:namespace/:projectName',
+      name: 'project',
+      components: {
+        default: Project,
+        header: AppHeader,
+        sidebar: SideBar
+      },
+      props: {
+        default: true
+      },
+      redirect: { name: 'project-tree' },
+      children: [
+        {
+          path: 'blob/:location*',
+          name: 'blob',
+          component: FileDetail,
+          props: true
+        },
+        {
+          path: 'tree/:location*',
+          name: 'project-tree',
+          component: FileBrowser,
+          props: true
+        },
+        {
+          path: 'settings',
+          name: 'project-settings',
+          component: ProjectSettings,
+          props: true
+        },
+        {
+          path: 'history',
+          name: 'project-versions',
+          component: ProjectVersions,
+          props: true
+        },
+        {
+          path: 'history/:version_id',
+          name: 'project-versions-detail',
+          component: VersionDetail,
+          props: true
+        },
+        {
+          path: 'history/:version_id/:path',
+          name: 'file-version-detail',
+          component: FileVersionDetail,
+          props: true
+        }
+      ]
+    },
+    {
+      path: '/users/:name',
+      name: 'user',
+      components: {
+        default: Root,
+        header: AppHeader,
+        sidebar: SideBar
+      },
+      beforeEnter: (to, from, next) => {
+        if (store.state.app.user.username === to.params.name) next()
+        else next({ name: 'user', params: { name: store.state.app.user.username } })
+      },
+      props: {
+        default: true
+      },
+      children: [
+        {
+          path: 'profile',
+          name: 'profile',
+          component: Profile,
+          props: true,
+          meta: {
+            toSidebar: true,
+            name: 'Profile'
+          }
+        },
+        {
+          path: 'projects',
+          name: 'user_projects',
+          component: UserProjects,
+          props: true
+        },
+        {
+          path: 'organisations',
+          name: 'user_organisations',
+          components: {
+            default: Organisations
+          },
+          props: true
+        }
+      ]
+    },
+    {
+      path: '/organisations/:name',
+      name: 'organisation',
+      components: {
+        default: Organisation,
+        header: AppHeader,
+        sidebar: OrganisationSideBar
+      },
+      beforeEnter: (to, from, next) => {
+        if (store.getters.isUserMemberOfOrganisation(to.params.name)) {
+          store.dispatch('setOrganisation', to.params.name)
+            .then(next)
+            .catch((e) => { next(Error(parseError(e, 'Failed to get organisation'))) })
+        } else next(from)
+      },
+      props: {
+        default: true
+      },
+      children: [
+        {
+          path: 'profile',
+          name: 'org_profile',
+          component: OrganisationProfile,
+          props: true,
+          meta: {
+            toSidebar: true,
+            name: 'Profile'
+          }
+        },
+        {
+          path: 'members',
+          name: 'org_members',
+          component: OrganisationMembers,
+          props: true,
+          meta: {
+            toSidebar: true,
+            name: 'Members'
+          }
+        },
+        {
+          path: 'projects',
+          name: 'org_projects',
+          component: OrganisationProjects,
+          props: true
+        }
+      ]
+    }
+  ]
+})
+
+router.beforeEach((to, from, next) => {
+  if (to.meta.public || store.state.app.user) next()
+  else next(`/login?redirect=${to.fullPath}`)
+})
+export default router
diff --git a/web-app/src/store.js b/web-app/src/store.js
new file mode 100644
index 00000000..e8038dcb
--- /dev/null
+++ b/web-app/src/store.js
@@ -0,0 +1,238 @@
+// Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+// Do not distribute without the express permission of the author.
+
+import Vue from 'vue'
+import Vuex from 'vuex'
+import keyBy from 'lodash/keyBy'
+import omit from 'lodash/omit'
+
+import { filesDiff } from '@/mergin'
+import http from '@/http'
+
+Vue.use(Vuex)
+
+
+export default new Vuex.Store({
+  strict: process.env.NODE_ENV === 'development',
+  state: {
+    app: null,
+    projects: [],
+    project: null,
+    uploads: {},
+    users: [],
+    namespace: '',
+    organisation: null,
+    organisations: [],
+    invitations: [],
+    orgInvitations: [],
+    transfers: [],
+    accessRequests: [],
+    barColor: 'rgba(176, 177, 181 1), rgba(176, 177, 181 1)',
+    barImage: 'https://demos.creative-tim.com/material-dashboard/assets/img/sidebar-1.jpg',
+    drawer: null,
+    account: null, // account object inc. service details currently browsed, e.g. user, organisation
+    serverError: null
+  },
+  mutations: {
+    app (state, app) {
+      if (!app.user) {
+        app.user = null
+      }
+      state.app = app
+      state.namespace = app.user ? app.user.username : null
+      state.organisations = app.organisations
+    },
+    user (state, user) {
+      Vue.set(state.app, 'user', user)
+      if (user) {
+        state.namespace = user.username
+      }
+    },
+    updateUserProfile (state, profile) {
+      Vue.set(state.app.user, 'profile', profile)
+    },
+    updateVerifiedEmailFlag (state, verifiedEmail) {
+      Vue.set(state.app.user, 'verified_email', verifiedEmail)
+    },
+    projects (state, projects) {
+      state.projects = projects
+    },
+    users (state, users) {
+      state.users = users
+    },
+    project (state, project) {
+      if (project) {
+        project.files = keyBy(project.files, 'path')
+        project.path = [project.namespace, project.name].join('/')
+        const upload = state.uploads[project.path]
+        if (upload) {
+          upload.diff = filesDiff(project.files, upload.files)
+        }
+      }
+      state.project = project
+    },
+    upload (state, files = {}) {
+      const upload = {
+        files,
+        diff: null,
+        analysingFiles: []
+      }
+      // Object.defineProperty(upload)
+      Vue.set(state.uploads, state.project.path, upload)
+    },
+    analysingFiles (state, files) {
+      const upload = state.uploads[state.project.path]
+      Vue.set(upload, 'analysingFiles', files)
+    },
+    finishFileAnalysis (state, path) {
+      const upload = state.uploads[state.project.path]
+      if (upload.analysingFiles) {
+        // upload.analysingFiles = upload.analysingFiles.filter(p => p !== path)
+        Vue.set(upload, 'analysingFiles', upload.analysingFiles.filter(p => p !== path))
+      }
+    },
+
+    uploadFiles (state, files) {
+      files = keyBy(files, 'path')
+      const chunks = Object.values(files).filter(f => f.chunks !== undefined).map(f => f.chunks.length).reduce((sum, item) => sum + item)
+      const upload = {
+        files,
+        diff: filesDiff(state.project.files, files),
+        running: false,
+        progress: 0,
+        loaded: 0,
+        total: chunks
+      }
+      Vue.set(state.uploads, state.project.path, upload)
+    },
+    discardUpload (state, project) {
+      Vue.delete(state.uploads, project)
+    },
+    startUpload (state) {
+      const upload = state.uploads[state.project.path]
+      if (upload) {
+        upload.running = true
+        upload.progress = 0
+      }
+    },
+    chunkUploaded (state, project) {
+      const upload = state.uploads[project]
+      if (upload) {
+        upload.loaded++
+        if (upload.loaded === upload.total) {
+          upload.running = false
+        }
+      }
+    },
+    cancelUpload (state, project) {
+      const upload = state.uploads[state.project.path]
+      if (upload) {
+        upload.running = false
+        upload.progress = 0
+      }
+    },
+    deleteFiles (state, files) {
+      let upload = state.uploads[state.project.path]
+      if (!upload) {
+        upload = {
+          files: { ...state.project.files },
+          diff: filesDiff({}, {})
+        }
+        Vue.set(state.uploads, state.project.path, upload)
+      }
+
+      files.forEach(path => {
+        if (upload.files[path]) {
+          Vue.delete(upload.files, path)
+        } else { // should be folder
+          const dirPrefix = path + '/'
+          const removed = Object.keys(upload.files).filter(path => path.startsWith(dirPrefix))
+          upload.files = omit(upload.files, removed)
+        }
+      })
+      upload.diff = filesDiff(state.project.files, upload.files)
+    },
+    projectVersions (state, { project, versions }) {
+      state.project.versions = versions
+    },
+    organisations (state, organisations) {
+      state.organisations = organisations
+    },
+    organisation (state, organisation) {
+      state.organisation = organisation
+    },
+    addOrganisation (state, organisation) {
+      state.organisations.push(organisation)
+    },
+    invitations (state, invitations) {
+      state.invitations = invitations
+    },
+    orgInvitations (state, invitations) {
+      state.orgInvitations = invitations
+    },
+    addInvitation (state, invitation) {
+      state.orgInvitations.push(invitation)
+    },
+    deleteInvitation (state, invitation) {
+      const index = state.invitations.indexOf(invitation)
+      state.invitations.splice(index, 1)
+      const orgIndex = state.orgInvitations.indexOf(invitation)
+      state.orgInvitations.splice(orgIndex, 1)
+    },
+    updateOrganisationMembers (state, access) {
+      Object.entries(access).forEach(([key, value]) => {
+        state.organisation[key] = value
+      })
+    },
+    namespace (state, namespace) {
+      state.namespace = namespace
+    },
+    transfers (state, transfers) {
+      state.transfers = transfers
+    },
+    accessRequests (state, accessRequests) {
+      state.accessRequests = accessRequests
+    },
+    deleteTransfer (state, item) {
+      const index = state.transfers.indexOf(item)
+      state.transfers.splice(index, 1)
+    },
+    SET_BAR_IMAGE (state, payload) {
+      state.barImage = payload
+    },
+    SET_DRAWER (state, payload) {
+      state.drawer = payload
+    },
+    serverError (state, msg) {
+      state.serverError = msg
+    }
+  },
+  getters: {
+    isUserOwnerOfOrganisation: (state) => (name) => {
+      const role = (state.app.user.profile && state.app.user.profile.organisations) ? state.app.user.profile.organisations[name] : null
+      return (role) ? role === 'owner' : false
+    },
+    isUserMemberOfOrganisation: (state) => (name) => {
+      if (state.app.user.profile === undefined) return false
+      return name in state.app.user.profile.organisations
+    },
+    isProjectOwner: (state) => {
+      return state.project.access.owners.includes(state.app.user.id)
+    }
+  },
+  actions: {
+    clearUserData (context) {
+      context.commit('projects', [])
+      context.commit('project', null)
+      context.commit('user', null)
+      context.commit('organisation', null)
+      context.commit('organisations', [])
+      context.commit('invitations', [])
+    },
+    async setOrganisation ({ commit, state }, name) {
+      if (state.organisation && state.organisation.name === name) return
+      const resp = await http.get(`/orgs/${name}`)
+      commit('organisation', resp.data)
+    }
+  }
+})
diff --git a/web-app/src/user/components/ChangePasswordForm.vue b/web-app/src/user/components/ChangePasswordForm.vue
new file mode 100644
index 00000000..75586881
--- /dev/null
+++ b/web-app/src/user/components/ChangePasswordForm.vue
@@ -0,0 +1,127 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-card v-on:keyup.enter="createProject">
+    <v-card-title>
+      <span class="headline">Change password</span>
+    </v-card-title>
+    <v-card-text>
+      <p
+        v-if="errorMsg"
+        class="text-xs-center red--text"
+        v-text="errorMsg"
+      />
+      <v-form class="layout column">
+        <v-text-field
+            label="Old Password"
+            name="oldPassword"
+            color="orange"
+            v-model="oldPassword"
+            :append-icon="passwordVisible ? 'visibility_off' : 'visibility'"
+            @click:append="passwordVisible = !passwordVisible"
+            :type="passwordVisible ? 'text' : 'password'"
+            :error-messages="errors.old_password"
+            v-on="on"
+          />
+        <v-text-field
+          label="New Password"
+          name="password"
+          color="orange"
+          v-model="password"
+          :type="passwordVisible ? 'text' : 'password'"
+          :error-messages="errors.password"
+          @keyup.enter="changePassword"
+        />
+        <v-text-field
+          label="Confirm New Password"
+          name="confirm"
+          color="orange"
+          v-model="confirm"
+          :type="passwordVisible ? 'text' : 'password'"
+          :error-messages="errors.confirm"
+          @keyup.enter="changePassword"
+        />
+        <v-layout row class="d-flex flex-row-reverse">
+          <v-tooltip
+            top
+            color="orange"
+            max-width="350"
+            content-class="form-tooltip"
+          >
+          <template v-slot:activator="{ on }">
+            <v-icon v-on="on" class="ml-1 mb-1" style="margin-right: 1rem;">info</v-icon>
+          </template>
+            <ul>
+              <li>Password must be at least 8 characters long.</li>
+              <li>Password must contain at least 3 character categories among the following:
+                <ul>
+                  <li>Lowercase characters (a-z)</li>
+                  <li>Uppercase characters (A-Z)</li>
+                  <li>Digits (0-9)</li>
+                  <li>Special characters</li>
+                </ul>
+              </li>
+            </ul>
+          </v-tooltip>
+        </v-layout>
+
+        <v-card-actions>
+          <v-spacer/>
+          <v-btn
+              class="text--primary"
+              @click="$dialog.close"
+          >
+            Close
+          </v-btn>
+          <v-btn
+            class="primary text--white"
+            :disabled="!password || !oldPassword || !confirm"
+            @click="changePassword"
+          >
+            Change
+          </v-btn>
+        </v-card-actions>
+      </v-form>
+    </v-card-text>
+  </v-card>
+</template>
+
+<script>
+import FormMixin from '@/mixins/Form'
+import { waitCursor } from '../../util'
+import { postRetryCond } from '../../http'
+
+export default {
+  mixins: [FormMixin],
+  data () {
+    return {
+      oldPassword: '',
+      password: '',
+      confirm: '',
+      passwordVisible: false
+    }
+  },
+  methods: {
+    changePassword () {
+      this.clearErrors()
+      const data = {
+        old_password: this.oldPassword,
+        password: this.password,
+        confirm: this.confirm
+      }
+      waitCursor(true)
+      this.$http.post('/auth/change_password', data, { 'axios-retry': { retries: 5, retryCondition: error => postRetryCond(error) } })
+        .then(() => {
+          this.$dialog.close()
+          waitCursor(false)
+          this.$notification.show('Password has been changed')
+        })
+        .catch(err => {
+          this.handleError(err, 'Failed to change password')
+          waitCursor(false)
+        })
+    }
+  }
+}
+</script>
diff --git a/web-app/src/user/components/EditProfileForm.vue b/web-app/src/user/components/EditProfileForm.vue
new file mode 100644
index 00000000..ccbdc598
--- /dev/null
+++ b/web-app/src/user/components/EditProfileForm.vue
@@ -0,0 +1,96 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-card v-on:keyup.enter="submit">
+    <v-card-title>
+      <span class="headline">Edit profile</span>
+    </v-card-title>
+    <v-card-text>
+      <p
+        v-if="errorMsg"
+        class="text-xs-center red--text"
+        v-text="errorMsg"
+      />
+      <v-form class="layout column">
+        <v-text-field
+          label="First name"
+          v-model="editedProfile.first_name"
+          :error-messages="errors.first_name"
+          @keyup.enter="submit"
+        />
+        <v-text-field
+          label="Last name"
+          v-model="editedProfile.last_name"
+          :error-messages="errors.last_name"
+          @keyup.enter="submit"
+        />
+        <v-text-field
+          label="Email address"
+          v-model="editedProfile.email"
+          :error-messages="errors.email"
+          @keyup.enter="submit"
+        />
+        <v-checkbox
+          label="Receive notifications"
+          color="orange"
+          v-model="editedProfile.receive_notifications"
+          :error-messages="errors.receive_notifications"
+        />
+
+        <v-card-actions>
+          <v-spacer/>
+          <v-btn
+              class="text--primary"
+              @click="$dialog.close"
+          >
+            Close
+          </v-btn>
+          <v-btn
+            class="primary white--text"
+            @click="submit"
+          >
+            Save
+          </v-btn>
+        </v-card-actions>
+      </v-form>
+    </v-card-text>
+  </v-card>
+</template>
+
+<script>
+import FormMixin from '@/mixins/Form'
+import { waitCursor } from '../../util'
+import { postRetryCond } from '../../http'
+
+export default {
+  props: {
+    profile: Object
+  },
+  mixins: [FormMixin],
+  data () {
+    return {
+      editedProfile: Object.assign({}, this.profile)
+    }
+  },
+  methods: {
+    submit () {
+      this.clearErrors()
+      const keys = ['first_name', 'last_name', 'email']
+      keys.forEach(key => { this.editedProfile[key] = this.editedProfile[key].trim() })
+      waitCursor(true)
+      this.$http.post('/auth/user/profile', this.editedProfile, { 'axios-retry': { retries: 5, retryCondition: error => postRetryCond(error) } })
+        .then(() => {
+          this.$dialog.close()
+          waitCursor(false)
+          this.$emit('success')
+          this.$notification.show('Profile has been changed')
+        })
+        .catch(err => {
+          this.handleError(err, 'Failed to change profile')
+          waitCursor(false)
+        })
+    }
+  }
+}
+</script>
diff --git a/web-app/src/user/views/Organisations.vue b/web-app/src/user/views/Organisations.vue
new file mode 100644
index 00000000..0a6b2abb
--- /dev/null
+++ b/web-app/src/user/views/Organisations.vue
@@ -0,0 +1,120 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+    <v-card class="layout column main-content fill-height" flat>
+      <v-card-title>
+        <h2 class="primary--text"> Organisations </h2>
+        <v-spacer/>
+        <v-card-actions>
+          <v-layout align-center shrink>
+            <v-text-field
+              class="search"
+              placeholder="Find organisation"
+              append-icon="search"
+              v-model="searchFilter"
+              hide-details
+            />
+            <div>
+              <v-btn
+                @click="createOrganisationDialog"
+                outlined
+                icon
+                color="primary"
+              >
+                <v-icon >add</v-icon>
+              </v-btn>
+            </div>
+          </v-layout>
+        </v-card-actions>
+      </v-card-title>
+
+      <v-card-text>
+        <v-divider/>
+        <br>
+        <organisations-table ref="organisationsTable"/>
+      </v-card-text>
+
+      <v-card text class="table" flat>
+        <v-card-title>
+          <h3>Pending Invitations</h3>
+        </v-card-title>
+        <v-card-text>
+          <invitations-table :username="app.user.username" />
+        </v-card-text>
+      </v-card>
+
+    </v-card>
+</template>
+
+<script>
+import OrganisationsTable from '@/components/OrganisationsTable'
+import InvitationsTable from '@/components/InvitationsTable'
+import OrganisationForm from '@/organisation/components/OrganisationForm'
+import OrganisationMixin from '@/mixins/Organisation'
+import { mapState } from 'vuex'
+
+export default {
+  name: 'organisations',
+  mixins: [OrganisationMixin],
+  components: { OrganisationsTable, InvitationsTable },
+  data () {
+    return {
+      searchFilter: ''
+    }
+  },
+  computed: {
+    ...mapState(['app'])
+  },
+  watch: {
+    searchFilter: function () {
+      this.$refs.organisationsTable.searchFilter = this.searchFilter
+    }
+  },
+  methods: {
+    confirmDeleteOrgs () {
+      const props = {
+        text: 'Are you sure to delete selected organisations with their projects?',
+        confirmText: 'Delete'
+      }
+      const listeners = {
+        confirm: () => this.$refs.organisationsTable.removeSelected()
+      }
+      this.$dialog.prompt({ props, listeners, dialog: { maxWidth: 500 } })
+    },
+    createOrganisationDialog () {
+      const props = { organisation: {} }
+      const dialog = { maxWidth: 500, persistent: true }
+      const listeners = {
+        success: () => setTimeout(() => { this.getUserOrganisations() }, 1000)
+      }
+      this.$dialog.show(OrganisationForm, { props, listeners, dialog })
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.v-card.table {
+  min-height: unset;
+  overflow: unset;
+  margin-top: 0px;
+}
+.v-data-table {
+  td {
+    text-align: left;
+  }
+  a {
+    text-decoration: none;
+  }
+  .v-chip {
+    ::v-deep .v-chip__content {
+      cursor: pointer;
+    }
+  }
+}
+.v-input {
+  padding-top: 0!important;
+  width: 150px;
+}
+</style>
diff --git a/web-app/src/user/views/Profile.vue b/web-app/src/user/views/Profile.vue
new file mode 100644
index 00000000..4529ebd2
--- /dev/null
+++ b/web-app/src/user/views/Profile.vue
@@ -0,0 +1,265 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-layout class="column main-content fill-height">
+    <v-card  flat>
+      <v-card-text>
+        <div class="profile">
+          <h1 class="primary--text"> Profile </h1>
+          <br>
+          <v-divider/>
+          <v-layout
+            align-center>
+            <v-row>
+              <v-col>
+            <!-- Render profile -->
+            <div class="section">
+              <ul v-if="profile">
+                <li><b> Username: </b>{{ profile.username }}</li>
+                <li><b> Name: </b>{{ profile.name }}</li>
+                <li><b> Email: </b>{{ profile.email }}
+                  <v-tooltip top v-if="'project-versions' !== $route.name && 'project-versions-detail' !== $route.name">
+                    <template v-slot:activator="{ on }">
+                    <span
+                        v-on="on"
+                    >
+                      <v-icon v-if="app.user.verified_email" color="green">check</v-icon>
+                      <v-icon v-else color="red">clear</v-icon>
+                    </span>
+                    </template>
+                    <span>Email verification status</span>
+                  </v-tooltip>
+                </li>
+                <li><b> Receive notifications: </b>
+                  <v-icon v-if="profile.receive_notifications" color="green">check</v-icon>
+                  <v-icon v-else color="red">clear</v-icon>
+                </li>
+                <li><b> Registered: </b>{{ profile.registration_date | date }}</li>
+                <br>
+              </ul>
+            </div>
+            <v-spacer/>
+                </v-col>
+            <!-- actions -->
+              <v-col>
+            <div>
+              <div>
+                <v-btn
+                    @click="changePasswordDialog"
+                    class="primary--text"
+                >
+                  <v-icon class="mr-2">edit</v-icon>
+                  Change password
+                </v-btn>
+              </div>
+              <div>
+                <v-btn
+                    @click="editProfileDialog"
+                    class="primary--text"
+                >
+                  <v-icon class="mr-2">edit</v-icon>
+                  Edit profile
+                </v-btn>
+              </div>
+              <div>
+                <v-btn
+                    @click="showConfirmationDialog"
+                    class="primary--text"
+                    :disabled="app.user.verified_profile"
+                >
+                  <v-icon class="mr-2">edit</v-icon>
+                  Verify email
+                </v-btn>
+              </div>
+              <div>
+                <v-btn
+                    @click="confirmDeleteUser"
+                    class="white--text"
+                    depressed
+                    color="red"
+                >
+                  <v-icon class="mr-2">remove_circle</v-icon>
+                  Close my account
+                </v-btn>
+              </div>
+            </div>
+                </v-col>
+            </v-row>
+          </v-layout>
+      </div>
+        <v-divider/>
+      </v-card-text>
+      <v-card class="table" flat>
+        <v-card-text>
+          <h3>Organisations</h3>
+          <organisations-table ref="organisationsTable"/>
+        </v-card-text>
+      </v-card>
+      <v-card class="table" flat>
+        <v-card-title>
+        </v-card-title>
+        <v-card-text>
+          <h3>Pending Invitations</h3>
+          <invitations-table :username="app.user.username"/>
+        </v-card-text>
+      </v-card>
+    </v-card>
+  </v-layout>
+</template>
+
+<script>
+import { mapState } from 'vuex'
+import ChangePasswordForm from '@/user/components/ChangePasswordForm'
+import EditProfileForm from '@/user/components/EditProfileForm'
+import MerginAPIMixin from '@/mixins/MerginAPI'
+import OrganisationsTable from '@/components/OrganisationsTable'
+import InvitationsTable from '@/components/InvitationsTable'
+import { waitCursor } from '@/util'
+
+
+export default {
+  name: 'profile',
+  mixins: [MerginAPIMixin],
+  components: { OrganisationsTable, InvitationsTable },
+  props: {
+    name: String
+  },
+  data () {
+    return {
+      dialog: false
+    }
+  },
+  computed: {
+    ...mapState(['app', 'users', 'transfers']),
+    usage () {
+      return this.profile.disk_usage / this.profile.storage
+    },
+    profile () {
+      return this.app.user.profile
+    }
+  },
+  created () {
+    this.fetchUserProfile(this.app.user.username)
+  },
+  watch: {
+    name: function () {
+      this.fetchUserProfile(this.app.user.username)
+    }
+  },
+  methods: {
+    closeUserAccount () {
+      waitCursor(true)
+      const promise = this.$http.delete(`/app/account/${this.app.user.account.id}`, { 'axios-retry': { retries: 5 } })
+      Promise.resolve(promise).then(() => {
+        location.href = '/'
+      }).catch(err => {
+        const msg = (err.response && err.response.data.detail) ? err.response.data.detail : 'Unable to close account'
+        this.$notification.error(msg)
+      }).finally(() => { waitCursor(false) })
+    },
+    showConfirmationDialog (email) {
+      const props = {
+        text: 'Do you want send confirmation email?',
+        confirmText: 'Send email'
+      }
+      const listeners = {
+        confirm: () => this.sendConfirmationEmail(this.app.user.email)
+      }
+      this.$dialog.prompt({ props, listeners, dialog: { maxWidth: 500, persistent: true } })
+    },
+    confirmDeleteUser () {
+      const props = {
+        text: 'Are you sure to close your account? All your projects will be removed <br>  <br> Type in username to confirm:',
+        confirmText: 'Delete',
+        confirmField: {
+          label: 'Username',
+          expected: this.app.user.username
+        }
+      }
+      const listeners = {
+        confirm: () => this.closeUserAccount()
+      }
+      this.$dialog.prompt({ props, listeners, dialog: { maxWidth: 500 } })
+    },
+    changePasswordDialog () {
+      const props = {}
+      const dialog = { maxWidth: 500, persistent: true }
+      this.$dialog.show(ChangePasswordForm, { props, dialog })
+    },
+    editProfileDialog () {
+      const props = { profile: this.app.user.profile }
+      const dialog = { maxWidth: 500, persistent: true }
+      const listeners = {
+        success: () => { this.fetchUserProfile(this.app.user.username) }
+      }
+      this.$dialog.show(EditProfileForm, { props, listeners, dialog })
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.main-content {
+  overflow: unset;
+}
+.col-5 {
+  max-width: 100%;
+}
+.profile{
+  margin-bottom: 20px;
+  h2 {
+    color: #2D4470;
+    margin-bottom: 10px;
+  }
+  button {
+    padding-left: 10px;
+    height: 35px;
+    padding-right: 10px;
+    float: right;
+    @media (max-width: 770px) {
+      width: 100%;
+    }
+    @media (min-width: 771px) {
+      width: 50%;
+    }
+    i {
+      font-size: 13px;
+    }
+  }
+  .align-center{
+    padding-top: 10px;
+    padding-bottom: 10px;
+    align-items: flex-start;
+    padding-right: 10px;
+  }
+  .section{
+    margin-right: 10px;
+    ul {
+      padding-left: 0;
+    }
+    li {
+      list-style: none;
+      b {
+        width: 150px;
+        display: inline-block;
+      }
+    }
+    .v-icon {
+      font-size: 18px;
+    }
+  }
+}
+
+@media (max-width : 480px) {
+  .action-button {
+    width: 135px;
+  }
+}
+
+.action-button {
+  div {
+    display: inline-block;
+  }
+}
+</style>
diff --git a/web-app/src/user/views/Root.vue b/web-app/src/user/views/Root.vue
new file mode 100644
index 00000000..9f3752cf
--- /dev/null
+++ b/web-app/src/user/views/Root.vue
@@ -0,0 +1,38 @@
+# Copyright (C) 2020 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+   <page-view v-if="app.user.username === name"
+      :style="`padding-left: ${drawer ? 260 : 20}px; overflow-y: auto; padding-right:20px; margin-right: 0px;`">
+      <router-view></router-view>
+  </page-view>
+</template>
+
+<script>
+import PageView from '@/views/PageView'
+import { mapState } from 'vuex'
+
+export default {
+  name: 'user-page',
+  components: {
+    PageView
+  },
+  computed: {
+    ...mapState(['drawer', 'app']),
+    name () {
+      return this.$route.params.name
+    }
+  }
+}
+</script>
+
+<style scoped>
+
+.toggle-toolbar {
+  position: fixed;
+  left: 5px;
+  z-index: 100;
+  bottom: 20px;
+}
+
+</style>
diff --git a/web-app/src/user/views/UserProjects.vue b/web-app/src/user/views/UserProjects.vue
new file mode 100644
index 00000000..0b67ced5
--- /dev/null
+++ b/web-app/src/user/views/UserProjects.vue
@@ -0,0 +1,150 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-card class="layout column main-content fill-height" flat>
+    <v-card-title>
+      <h2 class="primary--text"> Projects </h2>
+      </v-card-title>
+
+    <v-card-text>
+      <v-divider/>
+      <div class="py-2"/>
+      <b>
+        My projects
+        <span v-if="userProjects">
+           (<router-link :to="{name: 'my_projects'}">{{ userProjects.count }}</router-link>)
+        </span>
+        <progress-spinner v-else/>
+        <v-spacer/>
+        Projects shared with me
+        <span v-if="sharedProjects">
+           (<router-link :to="{name: 'shared_projects'}">{{ sharedProjects.count }}</router-link>)
+        </span>
+        <progress-spinner v-else/>
+        <v-spacer/>
+      </b>
+      <portal-target name="additional-action"/>
+      <div class="py-2"/>
+      <v-divider/>
+    </v-card-text>
+
+    <v-card text flat class="table">
+      <v-card-title>
+        <h3>Projects transfer requests</h3>
+      </v-card-title>
+      <v-card-text>
+        <transfers-table :namespace="name" />
+      </v-card-text>
+    </v-card>
+    <v-card text flat class="table">
+      <v-card-title>
+        <h3>Projects access requests</h3>
+      </v-card-title>
+      <v-card-text>
+        <project-access-table/>
+      </v-card-text>
+    </v-card>
+
+  </v-card>
+</template>
+
+<script>
+import { mapState } from 'vuex'
+import ProgressSpinner from '@/components/ProgressSpinner'
+import TransfersTable from '@/components/TransfersTable'
+import ProjectAccessTable from '@/components/ProjectAccessRequestTable'
+import MerginAPIMixin from '@/mixins/MerginAPI'
+
+export default {
+  name: 'user-projects',
+  mixins: [MerginAPIMixin],
+  components: { ProgressSpinner, TransfersTable, ProjectAccessTable },
+  props: {
+    name: String
+  },
+  data () {
+    return {
+      userInfo: null,
+      userProjects: null,
+      sharedProjects: null,
+      dialog: false,
+      ignored_profile: ['active', 'disk_usage', 'is_admin', 'storage_limit', 'id']
+    }
+  },
+  computed: {
+    ...mapState(['app', 'users', 'transfers'])
+  },
+  created () {
+    this.fetchUserProjects()
+    this.fetchSharedProjects()
+  },
+  watch: {
+    name: function () {
+      this.fetchUserProjects()
+      this.fetchSharedProjects()
+    },
+    transfers: function () {
+      this.fetchUserProjects()
+      this.fetchSharedProjects()
+    }
+  },
+  methods: {
+    fetchUserProjects () {
+      const params = { user: this.name, flag: 'created', page: 1, per_page: 1 }
+      this.$http.get('/v1/project/paginated', { params })
+        .then(resp => {
+          this.userProjects = resp.data
+        })
+        .catch(() => this.$notification.error("Failed to fetch user's project"))
+    },
+    fetchSharedProjects () {
+      const params = { user: this.name, flag: 'shared', page: 1, per_page: 1 }
+      this.$http.get('/v1/project/paginated', { params })
+        .then(resp => {
+          this.sharedProjects = resp.data
+        })
+        .catch(() => this.$notification.error('Failed to fetch shared projects with user'))
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.main-content {
+  overflow: auto;
+}
+.profile {
+  margin-bottom: 20px;
+
+h2 {
+    color: #2D4470;
+    margin-bottom: 10px;
+  }
+}
+.table{
+  margin-top: 0px;
+  padding-right: 10px;
+  button {
+    padding-left: 10px;
+    height: 35px;
+    padding-right: 10px;
+    width: 100%;
+    i {
+      font-size: 13px;
+    }
+  }
+}
+
+@media (max-width : 480px) {
+  .action-button {
+    width: 135px;
+  }
+}
+
+.action-button {
+  div {
+    display: inline-block;
+  }
+}
+</style>
diff --git a/web-app/src/util.js b/web-app/src/util.js
new file mode 100644
index 00000000..58ee42c5
--- /dev/null
+++ b/web-app/src/util.js
@@ -0,0 +1,185 @@
+// Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+// Do not distribute without the express permission of the author.
+
+import Path from 'path'
+import diffInYears from 'date-fns/difference_in_years'
+import diffInMonths from 'date-fns/difference_in_months'
+import diffInWeeks from 'date-fns/difference_in_weeks'
+import diffInDays from 'date-fns/difference_in_days'
+import diffInHours from 'date-fns/difference_in_hours'
+import diffInMinutes from 'date-fns/difference_in_minutes'
+
+
+export function dirname (path) {
+  const dir = Path.dirname(path).replace(/\/$/, '')
+  return dir === '.' ? '' : dir
+}
+
+export function removeAccents (text) {
+  return text.normalize('NFD').replace(/[\u0300-\u036f]/g, '')
+}
+
+const SizeUnits = {
+  GB: value => (value / 1073741824).toFixed(2),
+  MB: value => (value / 1048576).toFixed(2),
+  kB: value => (value / 1024).toFixed(0),
+  B: value => Math.round(value)
+}
+
+export function formatFileSize (value, unit, digits = 2, minUnit = 'B') {
+  if (!value) {
+    return `${value} MB`
+  }
+  if (!unit) {
+    if (value >= 1073741824 || minUnit === 'GB') {
+      unit = 'GB'
+    } else if (value >= 1048576 || minUnit === 'MB') {
+      unit = 'MB'
+    } else if (value >= 1024 || minUnit === 'kB') {
+      unit = 'kB'
+    } else {
+      unit = 'B'
+    }
+  }
+  let unitsValue = parseFloat(SizeUnits[unit](value))
+  unitsValue = unitsValue === 0 ? Math.pow(10, -digits) : unitsValue
+  return `${unitsValue.toFixed(digits)} ${unit}`
+}
+
+export function formatDateTime (isoString) {
+  return isoString ? new Date(isoString).toUTCString() : ''
+}
+
+export function formatDate (isoString) {
+  return isoString ? new Date(isoString).toDateString() : ''
+}
+
+const DurationKeys = {
+  years: ['year', 'years'],
+  months: ['month', 'months'],
+  weeks: ['week', 'weeks'],
+  days: ['day', 'days'],
+  hours: ['hour', 'hours'],
+  minutes: ['minute', 'minutes']
+}
+
+function formatDuration (num, unit) {
+  return `${num} ${DurationKeys[unit][num === 1 ? 0 : 1]} ago`
+}
+
+function remainingFormatDuration (num, unit) {
+  return `${num} ${DurationKeys[unit][num === 1 ? 0 : 1]}`
+}
+
+export function formatTimeDiff (t1, t2 = new Date()) {
+  if (!t1) {
+    return '-'
+  }
+  const days = diffInDays(t2, t1)
+  if (days > 365) {
+    return formatDuration(diffInYears(t2, t1), 'years')
+  }
+  if (days > 31) {
+    return formatDuration(diffInMonths(t2, t1), 'months')
+  }
+  if (days > 6) {
+    return formatDuration(diffInWeeks(t2, t1), 'weeks')
+  }
+  if (days < 1) {
+    const hours = diffInHours(t2, t1)
+    if (hours < 1) {
+      const minutes = diffInMinutes(t2, t1)
+      if (minutes < 0) {
+        return 'N/A'
+      }
+      return formatDuration(minutes, 'minutes')
+    }
+    return formatDuration(hours, 'hours')
+  }
+  return formatDuration(days, 'days')
+}
+
+export function formatRemainingTime (t2, t1 = new Date()) {
+  if (!t1) {
+    return '-'
+  }
+  const days = diffInDays(t2, t1)
+  const hours = diffInHours(t2, t1)
+  switch (true) {
+    case (days > 365):
+      return remainingFormatDuration(diffInYears(t2, t1), 'years')
+    case (days > 31):
+      return remainingFormatDuration(diffInMonths(t2, t1), 'months')
+    case (days > 6):
+      return remainingFormatDuration(diffInWeeks(t2, t1), 'weeks')
+    case (days < 1):
+      if (days < 0) { return 'expired' }
+      if (hours < 1) {
+        const minutes = diffInMinutes(t2, t1)
+        return remainingFormatDuration(minutes, 'minutes')
+      }
+      return remainingFormatDuration(hours, 'hours')
+    default:
+      return remainingFormatDuration(days, 'days')
+  }
+}
+
+export function waitCursor (on) {
+  document.body.style.cursor = (on) ? 'wait' : 'default'
+}
+
+export function downloadJsonList (jsonList, headers, filename, output = 'csv') {
+  /** download json as csv, but we need to put it in one level
+   :param jsonList: dict **/
+  if (!jsonList || !headers) {
+    return
+  }
+  headers = headers.filter(h => h.value)
+  const headerTexts = Object.keys(headers).map(function (key) {
+    return headers[key].text
+  })
+  const headerValues = Object.keys(headers).map(function (key) {
+    return headers[key].value
+  })
+  if (output === 'csv') {
+    let content = headerTexts.join(';') + '\n'
+    jsonList.forEach(function (row) {
+      let currentContent = ''
+      headerValues.forEach(function (header) {
+        const headerSplit = header.split('.')
+        if (headerSplit.length > 1) {
+          currentContent += (row[headerSplit[0]][headerSplit[1]] !== null ? row[headerSplit[0]][headerSplit[1]] : '') + ';'
+        } else {
+          currentContent += (row[header] !== null ? row[header] : '') + ';'
+        }
+      })
+      content += currentContent + '\n'
+    })
+    const hiddenElement = document.createElement('a')
+    hiddenElement.href = 'data:text/csv;charset=utf-8,' + encodeURI(content)
+    hiddenElement.target = '_blank'
+    hiddenElement.download = filename + '.csv'
+    hiddenElement.click()
+    document.removeChild(hiddenElement)
+  }
+}
+
+export function formatToTitle (string) {
+  string = string.replace(/_/g, ' ')
+  return string.charAt(0).toUpperCase() + string.slice(1)
+}
+
+export function formatToCurrency (value, currency) {
+  return value.toLocaleString('en-UK', {
+    style: 'currency',
+    currency: currency,
+    currencySign: 'accounting'
+  })
+}
+
+export class CustomError extends Error {
+  constructor (message, response) {
+    super(message)
+    this.response = response
+  }
+}
diff --git a/web-app/src/views/Dashboard.vue b/web-app/src/views/Dashboard.vue
new file mode 100644
index 00000000..d8586ca8
--- /dev/null
+++ b/web-app/src/views/Dashboard.vue
@@ -0,0 +1,233 @@
+# Copyright (C) 2021 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <page-view :style="`padding-left: ${drawer ? 280 : 20}px; overflow-y: auto; padding-right:20px; margin-right: 0px;`">
+    <v-layout class="column fill-height main-content">
+      <v-container>
+          <v-row >
+            <v-card v-if="!app.user.verified_email"
+                    outlined
+                    class="bubble mt-3"
+                    style="background-color: orange; color: rgba(0,0,0,.87);">
+              Your email hasn't been confirmed yet
+              <v-btn color="#ecf3ff"
+                     @click="sendConfirmationEmail(app.user.email)"
+                     style="float:right;"
+              >Send confirmation email
+              </v-btn>
+            </v-card>
+          </v-row>
+          <v-row v-if="usage > 90"
+                 >
+            <v-card
+                class="bubble mt-3"
+                style="background-color: orange; color: rgba(0,0,0,.87);"
+                outlined
+            >
+              <span> Your storage is almost full ({{usage}}%). Soon you will not able to sync your projects.</span>
+            </v-card>
+          </v-row>
+          <v-row v-if="!app.user.profile.has_project"
+          >
+            <v-card
+                outlined
+                class="bubble mt-3"              >
+              <h3>Welcome {{app.user.username}}, are you ready to start?</h3>
+              <p>First create new project, add people to your organisation or explore public project for more
+                inspiration</p>
+              <v-btn color="#ff9800"
+                     @click="newProjectDialog(app.user.email)"
+              ><span style="color: white;">New project</span>
+              </v-btn>
+            </v-card>
+          </v-row>
+          <v-row >
+            <v-card
+                class="bubble mt-3"
+                outlined>
+              <h3>Download Input app</h3>
+              <p>Capture geo-info easily through your mobile/tablet with the Input app.
+                Designed to be compatible with all mobile devices - even those with small screens.</p>
+              <v-row>
+                <v-col cols="6"
+                       md="3"
+                       sm="3"
+                >
+                  <a href='https://play.google.com/store/apps/details?id=uk.co.lutraconsulting&ah=GSqwibzO2n63iMlCjHmMuBk89t4&pcampaignid=MKT-Other-global-all-co-prtnr-py-PartBadge-Mar2515-1'
+                     target="_blank">
+                    <img alt='Get it on Google Play'
+                         src='https://play.google.com/intl/en_us/badges/images/generic/en_badge_web_generic.png'
+                         width="180px"
+                          />
+                  </a>
+                </v-col>
+                <v-col cols="7"
+                       md="3"
+                       sm="3"
+                >
+                  <div class="app-store-button">
+                    <a href='https://apps.apple.com/us/app/input/id1478603559?ls=1' target="_blank">
+                      <img alt='Get it on Apple store' src="../assets/App_Store.svg" width="138px"
+                      />
+                    </a>
+                  </div>
+                </v-col>
+              </v-row>
+            </v-card>
+          </v-row>
+        <v-row v-if="transfers && transfers.length > 0">
+            <v-card class="bubble mt-3">
+              <h3>Project transfers</h3>
+              <v-card-text>
+                <transfers-table :namespace="app.user.username"/>
+              </v-card-text>
+            </v-card>
+          </v-row>
+          <v-row v-if="accessRequests && accessRequests.length > 0">
+            <v-card class="bubble mt-3">
+              <h3>Project access requests</h3>
+              <v-card-text>
+                <project-access-request-table/>
+              </v-card-text>
+            </v-card>
+          </v-row>
+          <v-row>
+            <v-card class="bubble mt-3"
+            :outlined="true"
+            color="white">
+              <h3>Recent active projects</h3>
+              <v-card-text style="padding-left: 0px">
+                <projects-table
+                    :show-namespace="true"
+                    :showFooter="false"
+                    :showHeader="false"
+                    :sortable="false"
+                    :public="false"
+                    :initialOptions="{
+              sortBy: ['updated'],
+              sortDesc: [true],
+              itemsPerPage: 5,
+              page: 1
+            }"
+                    show-tags
+                />
+              </v-card-text>
+            </v-card>
+          </v-row>
+        </v-container>
+    </v-layout>
+  </page-view>
+</template>
+
+<script>
+import MerginAPI from '../mixins/MerginAPI'
+import { mapState } from 'vuex'
+import PageView from '@/views/PageView'
+import OrganisationForm from '@/organisation/components/OrganisationForm'
+import ProjectForm from '@/components/ProjectForm'
+import OrganisationsMixin from '@/mixins/Organisation'
+import ProjectsTable from '@/components/ProjectsTable'
+import ProjectAccessRequestTable from '@/components/ProjectAccessRequestTable'
+import TransfersTable from '@/components/TransfersTable'
+
+
+export default {
+  mixins: [MerginAPI, OrganisationsMixin],
+  name: 'dashboard',
+  components: { PageView, ProjectsTable, ProjectAccessRequestTable, TransfersTable },
+  computed: {
+    ...mapState(['app', 'drawer', 'transfers', 'accessRequests']),
+    userProfile () {
+      return this.app.user.profile
+    },
+    usage () {
+      return Math.floor((this.userProfile.disk_usage / this.userProfile.storage) * 100)
+    }
+  },
+  created () {
+    this.fetchAccessRequests()
+    this.fetchTransfers(this.app.user.username)
+  },
+  methods: {
+    newOrganisationDialog () {
+      const props = { organisation: {} }
+      const dialog = { maxWidth: 500, persistent: true }
+      const listeners = {
+        success: () => {
+          this.getUserOrganisations()
+          this.$router.push({ name: 'user_organisations', params: { username: this.app.user.username } })
+        }
+      }
+      this.$dialog.show(OrganisationForm, { props, listeners, dialog })
+    },
+    newProjectDialog () {
+      const dialog = { maxWidth: 500, persistent: true }
+      this.$dialog.show(ProjectForm, { dialog })
+    }
+  }
+}
+</script>
+
+<style scoped lang="scss">
+  .sidebar {
+    height: 100vh;
+    background-color: #4caf50;
+    top: 0px;
+    max-height: calc(100% + 0px);
+    transform: translateX(0%);
+    width: 260px;
+  }
+
+  .v-navigation-drawer {
+    -webkit-overflow-scrolling: touch;
+    display: -webkit-box;
+    display: -ms-flexbox;
+    display: flex;
+    -webkit-box-orient: vertical;
+    -webkit-box-direction: normal;
+    -ms-flex-direction: column;
+    flex-direction: column;
+    left: 0;
+    max-width: 100%;
+    overflow: hidden;
+    pointer-events: auto;
+    top: 0;
+    -webkit-transition-duration: .2s;
+    transition-duration: .2s;
+    -webkit-transition-timing-function: cubic-bezier(.4, 0, .2, 1);
+    transition-timing-function: cubic-bezier(.4, 0, .2, 1);
+    will-change: transform;
+    -webkit-transition-property: width, -webkit-transform;
+    transition-property: width, -webkit-transform;
+    transition-property: transform, width;
+    transition-property: transform, width, -webkit-transform;
+  }
+
+  .bubble {
+    width: 800px;
+    background-color: #eaebef;
+    padding: 20px 25px 15px 15px;
+  }
+
+  .app-store-button {
+      padding-top: 12px;
+    }
+
+  @media only screen and (max-width: 599px) {
+    .app-store-button {
+      padding-left: 12px;
+      padding-top: 0px;
+    }
+  }
+
+  @media only screen and (min-width: 600px) and (max-width: 960px) {
+    .app-store-button {
+      margin-left: 20%;
+    }
+  }
+
+  h3 {
+    color: #2d4470;
+  }
+</style>
diff --git a/web-app/src/views/FileBrowser.vue b/web-app/src/views/FileBrowser.vue
new file mode 100644
index 00000000..bb4ea864
--- /dev/null
+++ b/web-app/src/views/FileBrowser.vue
@@ -0,0 +1,387 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <div>
+    <v-layout class="column">
+      <v-row>
+       <v-text-field
+        class="search"
+        placeholder="Find file"
+        append-icon="search"
+        v-model="searchFilter"
+        hide-details
+        style="padding-left: 7px; padding-bottom: 10px;"
+        v-if="items.length > 0"
+      />
+        </v-row>
+      <v-data-table
+        v-if="items.length  || !project.permissions.upload || filter !== ''"
+        class="file-table"
+        :headers="header"
+        :items="items"
+        color="primary"
+        no-data-text="Empty project."
+        :items-per-page="itemPerPage"
+        :hide-default-footer="items.length <= itemPerPage"
+        :options="options"
+        v-model="selected"
+        item-key="path"
+      >
+        <template v-slot:item="{ item }">
+        <tr >
+          <td>
+            <router-link :to="item.link">
+              <file-icon :file="item"/>
+              <span>{{ item.name }}</span>
+              <small
+                v-if="item.flags && (item.flags.rmoved || item.flags.nmoved)"
+                class="ml-1"
+              >
+                [renamed]
+              </small>
+            </router-link>
+            <v-spacer/>
+            <folder-diff
+              v-if="item.diffStats"
+              v-bind="item.diffStats"
+            />
+          </td>
+          <td>
+            <v-tooltip bottom>
+              <template v-slot:activator="{ on }">
+                <span v-on="on">
+                  <template v-if="item.mtime">
+                    {{ item.mtime | timediff }}
+                  </template>
+                </span>
+              </template>
+              <span>
+                  <template v-if="item.mtime">
+                    {{ item.mtime | datetime }}
+                  </template>
+              </span>
+            </v-tooltip>
+          </td>
+          <td>
+            <template v-if="item.size !== undefined">
+              {{ item.size | filesize }}
+            </template>
+          </td>
+        </tr>
+        </template>
+      </v-data-table>
+      <v-card v-else
+      style="-webkit-box-shadow: none; box-shadow: none;">
+        <v-card-title style="padding-left: 0px;"><strong> Well done! The next step is adding some data. </strong></v-card-title>
+        <v-card-text style="padding-left: 0px;">
+          There are two options: <br> <br>
+          1. Use the Mergin plugin for QGIS to upload data. This is the easiest and <strong>recommended</strong> way. See the documentation on <a target="_blank" href="https://help.cloudmergin.com/working-with-qgis-plugin">how to install and use the plugin</a>. <br> <br>
+          2. Drag and drop files from your computer to the lower part of this page. This option is convenient if your project files are already fully prepared and only need uploading.
+        </v-card-text>
+      </v-card>
+      <v-spacer/>
+      <file-menu ref="menu"/>
+    </v-layout>
+  </div>
+</template>
+
+<script>
+import { mapState } from 'vuex'
+import Path from 'path'
+import escapeRegExp from 'lodash/escapeRegExp'
+import orderBy from 'lodash/orderBy'
+import max from 'lodash/max'
+import union from 'lodash/union'
+import difference from 'lodash/difference'
+
+import { dirname, formatDateTime, removeAccents } from '@/util'
+import FolderDiff from '@/components/FolderDiff'
+import FileMenu from '@/components/FileMenu'
+import FileIcon from '@/components/FileIcon'
+
+export default {
+  name: 'file-browser',
+  components: { FileIcon, FolderDiff, FileMenu },
+  props: {
+    namespace: String,
+    projectName: String,
+    location: {
+      type: String,
+      default: ''
+    },
+    asAdmin: {
+      type: Boolean,
+      default: false
+    }
+  },
+  data () {
+    return {
+      options: {
+        rowsPerPage: -1
+      },
+      itemPerPage: 50,
+      sortBy: 'name',
+      searchFilter: '',
+      filter: '',
+      selected: [],
+      header: [{ text: 'Name', value: 'name' },
+        { text: 'Modified', value: 'mtime' },
+        { text: 'Size', value: 'size' }]
+    }
+  },
+  computed: {
+    ...mapState(['project', 'uploads']),
+    upload () {
+      return this.uploads[this.project.path]
+    },
+    projectFiles () {
+      let files = this.project.files
+      if (this.upload && this.diff) {
+        files = { ...files, ...this.upload.files }
+      }
+      return Object.values(files).map(this.fileTreeView)
+    },
+    directoryFiles () {
+      return this.projectFiles.filter(file => dirname(file.path) === this.location)
+    },
+    folders () {
+      const folders = {}
+      const prefix = this.location ? escapeRegExp(this.location + '/') : ''
+      const regex = new RegExp(`^${prefix}([^/]+)/`)
+      this.projectFiles.forEach(f => {
+        const m = f.path.match(regex)
+        if (m) {
+          const name = m[1]
+          if (folders[name]) {
+            folders[name].push(f)
+          } else {
+            folders[name] = [f]
+          }
+        }
+      })
+      return Object.keys(folders).sort().map(name => {
+        const path = Path.join(this.location, name)
+        const files = folders[name]
+        return {
+          name,
+          path,
+          files,
+          type: 'folder',
+          link: this.folderLink(path),
+          size: files.reduce((sum, f) => sum + f.size, 0),
+          mtime: max(files, f => f.mtime).mtime, // new Date(f.mtime).getTime(),
+          flags: this.folderFlags(files),
+          diffStats: this.diff ? this.folderDiffStats(files) : null
+        }
+      })
+    },
+    diffsList () {
+      const list = []
+      if (this.diff) {
+        const { added, removed, updated, moved } = this.diff
+        list.push(...orderBy(moved.map(item => this.project.files[item.path]).map(this.fullPathView), this.sortBy, this.options.descending ? 'desc' : 'asc'))
+        list.push(...orderBy(moved.map(item => this.upload.files[item.new_path]).map(this.fullPathView), this.sortBy, this.options.descending ? 'desc' : 'asc'))
+        list.push(...orderBy(removed.map(path => this.project.files[path]).map(this.fullPathView), this.sortBy, this.options.descending ? 'desc' : 'asc'))
+        list.push(...orderBy(added.map(path => this.upload.files[path]).map(this.fullPathView), this.sortBy, this.options.descending ? 'desc' : 'asc'))
+        list.push(...orderBy(updated.map(path => this.upload.files[path]).map(this.fullPathView), this.sortBy, this.options.descending ? 'desc' : 'asc'))
+      }
+      return list
+    },
+    items () {
+      if (this.filter === 'diff') {
+        const changedFiles = this.filterByLocation(this.diffsList)
+        if (this.searchFilter) {
+          const regex = new RegExp(escapeRegExp(removeAccents(this.searchFilter)), 'i')
+          return changedFiles.filter(f => f.path.search(regex) !== -1)
+        }
+        return changedFiles
+      }
+      if (this.searchFilter) {
+        const regex = new RegExp(escapeRegExp(removeAccents(this.searchFilter)), 'i')
+        return orderBy(this.filterByLocation(this.projectFiles).filter(f => f.path.search(regex) !== -1), this.sortBy, this.options.descending ? 'desc' : 'asc')
+      }
+      const items = []
+      if (this.location) {
+        items.push({
+          name: '..',
+          type: 'folder',
+          link: Path.normalize(Path.join(this.$route.path, '../')),
+          mtime: ''
+        })
+      }
+      items.push(...orderBy(this.folders, this.sortBy, this.options.descending ? 'desc' : 'asc'))
+      items.push(...orderBy(this.directoryFiles, this.sortBy, this.options.descending ? 'desc' : 'asc'))
+      return items
+    },
+    diff () {
+      const diff = this.upload && this.upload.diff
+      if (diff && diff.changes) {
+        return {
+          ...diff,
+          renamedOriginal: diff.moved.map(f => f.path),
+          renamedNew: diff.moved.map(f => f.new_path)
+        }
+      }
+      return null
+    },
+    allSelected () {
+      return this.items.every(i => this.selected.includes(i.path))
+    }
+  },
+  methods: {
+    fileFlags (file) {
+      return this.diff && {
+        added: this.diff.added.includes(file.path),
+        updated: this.diff.updated.includes(file.path),
+        removed: this.diff.removed.includes(file.path),
+        rmoved: this.diff.renamedOriginal.includes(file.path), // this.diff.moved.find(f => f.path === file.path),
+        nmoved: this.diff.renamedNew.includes(file.path) // this.diff.moved.find(f => f.new_path === file.path)
+      }
+    },
+    folderFlags (files) {
+      // TODO: or use file.flags ?
+      return this.diff && {
+        added: files.every(f => this.diff.added.includes(f.path)),
+        removed: files.every(f => this.diff.removed.includes(f.path)),
+        // updated: files.some(f => updated.includes(f.path) || removed.includes(f.path) || added.includes(f.path))
+        rmoved: files.every(f => this.diff.renamedOriginal.includes(f.path)),
+        nmoved: files.every(f => this.diff.renamedNew.includes(f.path))
+      }
+    },
+    folderDiffStats (files) {
+      const { added, removed, updated, moved } = this.diff
+      return {
+        added: files.filter(f => added.includes(f.path)).length,
+        removed: files.filter(f => removed.includes(f.path)).length,
+        updated: files.filter(f => updated.includes(f.path) || moved.find(f2 => f2.path === f.path || f2.new_path === f.path)).length,
+        count: files.length
+      }
+    },
+    fullPathView (file) {
+      return {
+        ...file,
+        name: file.path,
+        link: this.fileLink(file),
+        mtime: formatDateTime(file.mtime),
+        flags: this.fileFlags(file)
+      }
+    },
+    fileTreeView (file) {
+      const filename = Path.basename(file.path)
+      return {
+        ...file,
+        type: 'file',
+        name: filename,
+        link: this.fileLink(file),
+        mtime: formatDateTime(file.mtime),
+        flags: this.fileFlags(file)
+      }
+    },
+    fileLink (file) {
+      return `${this.asAdmin ? '/admin' : ''}/projects/${this.namespace}/${this.projectName}/blob/${encodeURIComponent(file.path)}`
+    },
+    folderLink (path) {
+      return `/projects/${this.namespace}/${this.projectName}/tree/${path}`
+    },
+    filterByLocation (files) {
+      let dirPrefix = ''
+      if (this.location) {
+        dirPrefix = this.location.replace(/\/$/, '') + '/'
+        files = files.filter(file => (dirname(file.path) + '/').startsWith(dirPrefix))
+      }
+      return files.map(f => ({ ...f, name: f.path.slice(dirPrefix.length) }))
+    },
+    openMenu (evt, file) {
+      // TODO: highlight
+      this.$refs.menu.open(evt, file)
+    },
+    toggleAll (selected) {
+      const fn = selected ? union : difference
+      this.selected = fn(this.selected, this.items.map(i => i.path))
+    },
+    changeSort (column) {
+      if (this.sortBy === column) {
+        this.options.descending = !this.options.descending
+      } else {
+        this.sortBy = column
+        this.options.descending = false
+      }
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.search {
+  max-width: 260px;
+  margin: 0 0.25em;
+}
+.v-menu__content {
+  .v-list__tile__title {
+    text-align: right;
+  }
+}
+::v-deep .v-data-table {
+  tr {
+    color: #555;
+
+    &.updated {
+      color: orange;
+    }
+
+    &.removed, &.rmoved {
+      color: red;
+    }
+
+    &.added, &.nmoved {
+      color: green;
+    }
+
+    a, .v-icon {
+      color: inherit;
+    }
+
+    .v-icon {
+      opacity: 0.75;
+    }
+  }
+
+  td {
+    text-align: left;
+
+    a {
+      text-decoration: none;
+
+      .v-icon {
+        line-height: 18px;
+        margin-right: 4px;
+      }
+    }
+  }
+  th, tr {
+    min-width: 0;
+    .v-input--checkbox {
+      opacity: 0.75;
+      align-items: flex-end;
+      justify-content: flex-end;
+      .v-input--selection-controls__input {
+        margin: 0;
+      }
+
+      .v-icon {
+        pointer-events: none;
+      }
+    }
+  }
+}
+.v-speed-dial {
+  position: absolute;
+}
+
+.v-data-table {
+  ::v-deep .v-data-footer__select {
+    display: none;
+  }
+}
+</style>
diff --git a/web-app/src/views/FileDetail.vue b/web-app/src/views/FileDetail.vue
new file mode 100644
index 00000000..1f25dda3
--- /dev/null
+++ b/web-app/src/views/FileDetail.vue
@@ -0,0 +1,208 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <div>
+    <div
+      v-if="state"
+      v-text="stateText"
+      :class="['status', colors[state]]"
+    />
+    <v-btn v-if="project.permissions.upload && this.state !== 'removed'"
+           @click="removeSelected"
+           style="background-color: #f44336; float: right; color: white">
+      <v-icon>delete</v-icon>
+        Remove file
+    </v-btn>
+    <v-btn
+          :disabled="state === 'added'"
+          :href="downloadLink"
+          style="float: right;">
+          <v-icon>get_app</v-icon>
+          Download File
+        </v-btn>
+
+    <v-list two-line subheader>
+      <v-list-item>
+        <v-list-item-content>
+          <v-list-item-title>Name</v-list-item-title>
+          <v-list-item-subtitle>{{ filename }}</v-list-item-subtitle>
+        </v-list-item-content>
+      </v-list-item>
+      <v-list-item>
+        <v-list-item-content>
+          <v-list-item-title>Size</v-list-item-title>
+          <v-list-item-subtitle>
+            {{ file.size | filesize }}
+            <span v-if="state === 'updated'">(new: {{ upload.files[file.path].size | filesize }})</span>
+          </v-list-item-subtitle>
+        </v-list-item-content>
+      </v-list-item>
+      <v-list-item>
+        <v-list-item-content>
+          <v-list-item-title>Last update</v-list-item-title>
+          <v-list-item-subtitle>{{ file.mtime | datetime }} ({{ file.mtime | timediff }})</v-list-item-subtitle>
+        </v-list-item-content>
+      </v-list-item>
+    </v-list>
+
+    <!--     render only if file is smaller than 100MB-->
+     <div class="container" v-if="mimetype && file.size < 104857600">
+       <output>
+         <pdf
+            :src="downloadLink"
+            @num-pages="pageCount = $event"
+            @page-loaded="currentPage = $event"
+            v-if="mimetype.match('pdf')"
+        ></pdf>
+      <img :src="downloadLink" v-else-if="mimetype.match('image')">
+      <v-textarea
+              v-else-if="mimetype.match('text')"
+             :auto-grow="true"
+             :readonly="true"
+             :value="content"
+             :box="true"
+             solo
+          >
+      </v-textarea>
+    </output>
+  </div>
+  </div>
+</template>
+
+<script>
+import { mapState } from 'vuex'
+import Path from 'path'
+import pdf from 'vue-pdf'
+
+const Colors = {
+  added: 'green',
+  removed: 'red',
+  updated: 'orange',
+  rmoved: 'red',
+  nmoved: 'green'
+}
+
+export default {
+  name: 'file-info',
+  props: {
+    namespace: String,
+    projectName: String,
+    location: {
+      type: String,
+      default: ''
+    }
+  },
+  components: {
+    pdf
+  },
+  computed: {
+    ...mapState(['project', 'uploads']),
+    upload () {
+      return this.uploads[this.project.path]
+    },
+    file () {
+      if (!this.project.files[this.location]) {
+        this.$router.replace({ name: 'project', namespace: this.namespace, projectName: this.projectName })
+      }
+      return this.project.files[this.location] || this.upload.files[this.location]
+    },
+    filename () {
+      return Path.basename(this.file.path)
+    },
+    downloadLink () {
+      // added random number to request avoid to browser caching files
+      return this.$http.absUrl(`/v1/project/raw/${this.namespace}/${this.projectName}?file=${encodeURIComponent(this.file.path)}&random=${Math.random()}`)
+    },
+    state () {
+      const diff = this.upload && this.upload.diff
+      if (diff) {
+        const path = this.file.path
+        if (diff.added.includes(path)) {
+          return 'added'
+        } else if (diff.removed.includes(path)) {
+          return 'removed'
+        } else if (diff.updated.includes(path)) {
+          return 'updated'
+        } else if (diff.moved.find(f => f.path === path)) {
+          return 'rmoved'
+        } else if (diff.moved.find(f => f.new_path === path)) {
+          return 'nmoved'
+        }
+      }
+      return null
+    },
+    stateText () {
+      return {
+        added: 'New file',
+        removed: 'Deleted file',
+        updated: 'Modified file'
+      }[this.state] || this.state
+    },
+    colors () {
+      return Colors
+    }
+  },
+  data () {
+    return {
+      previewUrl: '',
+      pageCount: 0,
+      currentPage: 0,
+      content: null,
+      mimetype: null
+    }
+  },
+  created () {
+    this.txtPreview()
+  },
+  methods: {
+    txtPreview () {
+      this.$http.get(this.downloadLink)
+        .then(resp => {
+          this.mimetype = resp.headers['content-type']
+          if (resp.headers['content-type'].match('text')) {
+            if (resp.data.constructor === Object) {
+              resp.data = JSON.stringify(resp.data)
+            }
+            this.content = resp.data.match(/^.*([^\n]*\n){0,50}/gi)[0]
+            if (!this.content) {
+              this.content = ''
+              return
+            }
+            if (this.content.length > 10000) {
+              this.content = this.content.substring(0, 10000)
+            }
+          } else {
+            this.content = null
+          }
+        })
+    },
+    removeSelected () {
+      this.$store.commit('deleteFiles', [this.file.path])
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.status {
+  margin: 0.5em auto;
+  padding: 0 1em;
+  text-align: center;
+  color: #fff;
+  height: 2em;
+  line-height: 2em;
+}
+.v-list {
+  ::v-deep .v-list__tile {
+    font-size: 14px;
+    color: #444;
+    .v-list__tile__title {
+      font-weight: 500;
+    }
+  }
+}
+output img {
+  max-width: 100%;
+}
+</style>
diff --git a/web-app/src/views/FileVersionDetail.vue b/web-app/src/views/FileVersionDetail.vue
new file mode 100644
index 00000000..9f7970fc
--- /dev/null
+++ b/web-app/src/views/FileVersionDetail.vue
@@ -0,0 +1,83 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+    <div>
+      <v-data-table
+        :headers="headers"
+        :items="changesets"
+        no-data-text="No changeset"
+        color="primary"
+        footer-props.items-per-page-options='[10, 25, {"text": "$vuetify.dataIterator.rowsPerPageAll","value": -1}]'
+        :hide-default-footer="changesets.length <= 10"
+      >
+        <tr
+          slot="items"
+          slot-scope="{ item }"
+        >
+          <template v-for="header in headers">
+            <td v-bind:key="header.value" v-if="header">{{ item[header['value']]}}</td>
+          </template>
+        </tr>
+      </v-data-table>
+    </div>
+</template>
+
+<script>
+
+export default {
+  props: {
+    namespace: String,
+    projectName: String,
+    version_id: String,
+    path: String,
+    asAdmin: {
+      type: Boolean,
+      default: false
+    }
+  },
+  data () {
+    return {
+      headers: [],
+      changesets: []
+    }
+  },
+  created () {
+    this.getChangeset()
+  },
+  methods: {
+    getChangeset () {
+      this.$http.get(`/v1/resource/changesets/${this.namespace}/${this.projectName}/${this.version_id}?path=${this.path}`)
+        .then(resp => {
+          if (resp.data.length) {
+            this.headers = [
+              { text: 'Table', value: 'table' },
+              { text: 'type', value: 'type' }
+            ]
+
+            // format the data
+            const that = this
+            const output = []
+            resp.data.forEach(function (data) {
+              if (data.table === 'gpkg_contents') {
+                return
+              }
+              data.changes.forEach(function (row) {
+                const columnIdentifier = 'Column ' + row.column
+                data[columnIdentifier] =
+                    (row.old ? row.old : 'N/A') + ' -> ' + (row.new ? row.new : 'N/A')
+                that.headers[row.column + 2] = { text: columnIdentifier, value: columnIdentifier }
+              })
+              output.push(data)
+            })
+            this.changesets = output
+          }
+        })
+        .catch(err => {
+          const msg = (err.response) ? err.response.data.detail : 'Failed to display changeset of file'
+          this.$notification.error(msg)
+        })
+    }
+  }
+}
+</script>
diff --git a/web-app/src/views/PageView.vue b/web-app/src/views/PageView.vue
new file mode 100644
index 00000000..3933617a
--- /dev/null
+++ b/web-app/src/views/PageView.vue
@@ -0,0 +1,48 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-layout row justify-center align-start fill-height my-1>
+    <slot name="left">
+      <v-spacer class="hidden-md-and-down"/>
+    </slot>
+    <slot/>
+    <slot name="right">
+      <v-spacer class="hidden-md-and-down"/>
+    </slot>
+    <p class="version hidden-md-and-down">
+      Version: {{ app.version }}
+    </p>
+  </v-layout>
+</template>
+
+<script>
+
+export default {
+  components: { },
+  computed: {
+    app () {
+      return this.$store.state.app
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.version {
+  position: absolute;
+  right: 0;
+  bottom: 0;
+  margin: 0.25em 0.5em;
+  opacity: 0.75;
+  font-size: 12px;
+}
+
+::v-deep .main-content {
+  width: 800px;
+  margin: 0 1em;
+  @media (max-width: 1264px) {
+    width: 100%;
+  }
+}
+</style>
diff --git a/web-app/src/views/Project.vue b/web-app/src/views/Project.vue
new file mode 100644
index 00000000..56623ae1
--- /dev/null
+++ b/web-app/src/views/Project.vue
@@ -0,0 +1,354 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <page-view :style="`padding-left: ${drawer ? 260 : 20}px; overflow-y: auto; padding-right:20px; margin-right: 0px;`">
+    <div slot="left" class="panel"/>
+    <v-layout class="column fill-height project-page main-content">
+      <v-card
+        v-if="this.project"
+        style="margin-bottom: 0"
+      outlined>
+        <!-- Toolbar -->
+        <v-layout class="row align-center toolbar">
+          <div class="breadcrumbs" style="font-size: 20px;">
+            <v-icon color="primary">map</v-icon>
+            <router-link
+              :to="{name: `${asAdmin ? 'admin-' : ''}namespace-projects`, namespace: project.namespace}"
+              v-text="project.namespace"
+            />
+            <span>/</span>
+            <router-link
+              :to="{name: `${asAdmin ? 'admin-' : ''}project`, project: project}"
+            > <b>{{project.name}}</b></router-link>
+
+            <router-link
+              :to="{name: `${asAdmin ? 'admin-' : ''}project-versions-detail`}"
+              v-slot="{ href, route, navigate}">
+              <span
+                v-if="route.params.version_id">
+                &gt;
+                <a
+                  :href="href"
+                  @click="navigate"
+                >
+                  {{ route.params.version_id }}
+                </a>
+              </span>
+            </router-link>
+            <router-link
+              :to="{name: `${asAdmin ? 'admin-' : ''}file-version-detail`}"
+              v-slot="{ href, route, navigate}">
+              <span
+                v-if="route.params.path">
+                &gt;
+                <a
+                  :href="href"
+                  @click="navigate"
+                >
+                  {{ route.params.path }}
+                </a>
+              </span>
+            </router-link>
+          </div>
+          <v-spacer/>
+          <portal-target name="project-toolbar" class="layout row shrink"/>
+            <v-btn
+              :href="downloadUrl"
+            >
+              <v-icon>archive</v-icon>
+              Download
+            </v-btn>
+            <v-btn
+              @click="cloneDialog"
+            >
+              <v-icon class="pr-1">fa-clone</v-icon>
+              Clone
+            </v-btn>
+        </v-layout>
+
+        <v-card class="layout column  fill-height" flat>
+          <v-card-title>
+            <v-tabs left-active v-model="tab" show-arrows>
+              <v-tabs-slider color="primary"></v-tabs-slider>
+              <v-tab key="files" :to="{ name: `${asAdmin ? 'admin-' : ''}project-tree`, params: { namespace: namespace, projectName: project.name }}">Files</v-tab>
+              <v-tab key="history" :to="{ name: `${asAdmin ? 'admin-' : ''}project-versions`, params: { namespace: namespace, projectName: project.name }}">History</v-tab>
+              <v-tab key="settings" :to="{ name: `${asAdmin ? 'admin-' : ''}project-settings`, params: { namespace: namespace, projectName: project.name }}" v-if="this.app.user && this.$store.getters.isProjectOwner">Settings</v-tab>
+            </v-tabs>
+          </v-card-title>
+          <v-divider></v-divider>
+            <router-view v-if="project" class="content-container"/>
+        </v-card>
+      </v-card>
+      <v-card v-else-if="fetchProjectsResponseStatus === 403">
+        <v-layout class="public-private-zone" style="padding-top: 25px; padding-left: 25px ;">
+      <v-btn id="request-access-btn"
+              @click="createAccessRequest">Request access</v-btn>
+      <span class="private-public-text">
+          <b>This is a private project</b><br>
+          You don't have permissions to access this project.
+      </span>
+    </v-layout>
+      </v-card>
+      <v-card v-else-if="fetchProjectsResponseStatus === 404">
+       <span class="private-public-text" style="padding-top: 25px; padding-left: 25px  ">
+          <b>Project not found</b><br>
+          Please check if address is written correctly
+      </span>
+      </v-card>
+      <v-card v-else-if="fetchProjectsResponseStatus === 409">
+       <span class="private-public-text" style="padding-top: 25px; padding-left: 25px  ">
+          <b>You don't have permission to access this project</b><br>
+          You already requested access
+      </span>
+      </v-card>
+      <drop-area
+        v-if="project && $route.name === 'project-tree' && project.permissions.upload"
+        class="drop-area"
+        :location="location"
+      >
+         <v-layout
+           row wrap align-center
+           class="drag-drop-text">
+           <span>
+             <v-icon>publish</v-icon> Drag & drop here or click and select file(s) to upload
+           </span>
+        </v-layout>
+      </drop-area>
+    </v-layout>
+    <div slot="right" class="panel">
+      <upload-panel v-if="upload" :namespace="namespace" class="my-1 mr-1"/>
+    </div>
+  </page-view>
+</template>
+
+<script>
+import { mapState, mapMutations } from 'vuex'
+
+import PageView from '@/views/PageView'
+import UploadPanel from '@/components/UploadPanel'
+import DropArea from '@/components/DropArea'
+import CloneDialog from '@/components/CloneDialog'
+import MerginAPIMixin from '@/mixins/MerginAPI'
+import { waitCursor } from '../util'
+import { postRetryCond } from '../http'
+
+export default {
+  name: 'project',
+  mixins: [MerginAPIMixin],
+  components: { PageView, UploadPanel, DropArea },
+  props: {
+    namespace: String,
+    projectName: String,
+    asAdmin: {
+      type: Boolean,
+      default: false
+    },
+    location: {
+      type: String,
+      default: ''
+    }
+  },
+  data () {
+    return {
+      fetchProjectsResponseStatus: null,
+      tab: null
+    }
+  },
+  computed: {
+    ...mapState(['app', 'project', 'uploads', 'transfers', 'drawer']),
+    upload () {
+      return this.project && this.uploads[this.project.path]
+    },
+    transfer () {
+      return this.project && this.transfers.find(i => i.project.name === this.projectName) !== undefined
+    },
+    breadcrumbs () {
+      if (this.location) {
+        const folders = this.location.replace(/\/$/, '').split('/')
+
+        return folders.map((folder, index) => ({
+          name: folder,
+          link: `/projects/${this.namespace}/${this.projectName}/tree/${folders.slice(0, index + 1).join('/')}`
+        }))
+      }
+      return null
+    },
+    downloadUrl () {
+      if (this.$route.name !== 'project-versions-detail') {
+        return this.$http.absUrl(`/v1/project/download/${this.namespace}/${this.projectName}?format=zip`)
+      } else {
+        return this.$http.absUrl(`/v1/project/download/${this.namespace}/${this.projectName}?version=${this.$route.params.version_id}&format=zip`)
+      }
+    },
+    isProjectCreator () {
+      if (this.project) {
+        return this.app.username === this.namespace ? true : this.project.creator === this.app.user.id
+      }
+      return null
+    }
+  },
+  created () {
+    if (!this.project || this.project.name !== this.projectName) {
+      this.$store.commit('project', null)
+      this.getProject()
+      if (this.isProjectCreator) { this.fetchTransfers(this.namespace) }
+    }
+  },
+  watch: {
+    project () {
+      if (!this.project || this.project.name !== this.projectName) {
+        this.$store.commit('project', null)
+        this.getProject()
+        if (this.isProjectCreator) { this.fetchTransfers(this.namespace) }
+      }
+    }
+  },
+  methods: {
+    async getProject () {
+      await new Promise((resolve) => { resolve(this.fetchProject(this.process_error)) })
+    },
+    ...mapMutations({
+      setDrawer: 'SET_DRAWER'
+    }),
+    process_error (status) {
+      this.fetchProjectsResponseStatus = status
+      if (status !== 404 && status !== 403) {
+        this.$notification.error('Failed to load project data')
+      } else if (status === 403 && !this.app.user) {
+        this.$router.push(`/login?redirect=/projects/${this.namespace}/${this.projectName}`)
+      } else if (status === 403) {
+        this.$http('/app/project/access_requests')
+          .then(resp => {
+            for (const ar of resp.data) {
+              if (ar.namespace === this.namespace && ar.project_name === this.projectName) {
+                this.fetchProjectsResponseStatus = 409
+              }
+            }
+          })
+          .catch(resp => {
+            this.$notification.error('Failed to load project access requests data')
+          })
+      }
+    },
+    cloneDialog () {
+      const props = { namespace: this.namespace, project: this.projectName }
+      const dialog = { maxWidth: 500, persistent: true }
+      this.$dialog.show(CloneDialog, { props, dialog })
+    },
+    toSetting () {
+      this.$router.replace({ name: `${this.asAdmin ? 'admin-' : ''}project-settings` })
+    },
+    createAccessRequest () {
+      waitCursor(true)
+      const params = {
+        'axios-retry': {
+          retries: 5,
+          retryCondition: error => postRetryCond(error)
+        }
+      }
+      this.$http.post(`/app/project/access_request/${this.namespace}/${this.projectName}`, { }, params)
+        .then(() => {
+          waitCursor(false)
+          this.$notification.show('Access has been requested')
+          this.$router.push({ name: 'user_projects', params: { username: this.app.user.username } })
+        })
+        .catch(() => {
+          this.$notification.error('Failed to request')
+          waitCursor(false)
+        })
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.project-page {
+  .drop-area {
+    max-height: 100%;
+    display: flex;
+    flex-grow: 1;
+    flex-direction: column;
+  }
+  .v-card {
+    display: flex;
+    flex-direction: column;
+    margin: 0.25em;
+    overflow: unset;
+    flex-grow: 0;
+
+    .content-container {
+      padding: 0.25em 0em;
+      background-color: #fff;
+      flex: 1;
+    }
+  }
+  small {
+    opacity: 0.6;
+    margin-bottom: 2px;
+  }
+}
+.theme--light.v-card.v-card--outlined {
+    border: none;
+}
+.panel {
+  flex: 1 1;
+  box-sizing: border-box;
+  position: relative;
+}
+.v-card__subtitle, .v-card__text, .v-card__title {
+    padding: 16px 0px 16px 0px
+}
+.toolbar {
+  max-width: 100%;
+  margin-right: 0px;
+  margin-left: 0px;
+  flex-shrink: 0;
+  flex-grow: 0;
+  padding: 0.5em 1em;
+  background-color: #fafafa;
+  border: solid #eee;
+  border-width: 1px 0;
+  ::v-deep {
+    .v-text-field {
+      padding-top: 0;
+      margin-top: 0;
+      font-size: 15px;
+    }
+    .v-btn {
+      padding: 0 0.5em;
+      margin: 0.25em;
+      min-width: 2em;
+
+      .v-icon {
+    color: black;
+  }
+    }
+  }
+}
+.breadcrumbs {
+  color: #777;
+  a {
+    text-decoration: none;
+    margin: 0 0.25em;
+  }
+}
+
+.drop-area{
+  margin-top: 5px;
+  padding-left: 5px;
+  .drag-drop-text{
+    border: 1px dashed rgba(0, 0, 0, 0.6);
+    opacity: 0.6;
+    margin: 0.25em 0.25em 0.25em 0.25em;
+    span {
+      width: 100%;
+      text-align: center;
+      margin: 20px;
+    }
+    i {
+      transform: rotate(180deg);
+    }
+  }
+}
+</style>
diff --git a/web-app/src/views/ProjectSettings.vue b/web-app/src/views/ProjectSettings.vue
new file mode 100644
index 00000000..469985d1
--- /dev/null
+++ b/web-app/src/views/ProjectSettings.vue
@@ -0,0 +1,263 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <v-layout class="settings column">
+    <admin-project-permissions v-if="asAdmin"
+        v-model="settings.access"
+    />
+    <project-permissions v-else
+      v-model="settings.access"
+      :key="key"
+      @save-project="saveSettings()"
+    />
+    <project-access-requests
+    />
+    <small
+      v-for="(error, index) in errors"
+      :key="index"
+      class="my-1 red--text"
+    >
+      {{ error }}
+    </small>
+    <v-layout class="public-private-zone">
+      <v-container>
+        <!--      <v-divider/>-->
+        <v-row>
+          <v-col>
+      <span class="private-public-text" v-if="settings.access.public">
+          <b>This is public project</b><br>
+          <span class="description-text">Hide this project from everyone.</span>
+      </span>
+            <span class="private-public-text" v-else>
+          <b>This is private project</b><br>
+              <span class="description-text">Make this project visible to anyone.</span>
+      </span>
+          </v-col>
+          <v-col>
+            <v-btn
+                @click="confirmPublicPrivate()"
+                :disabled="!project.access.owners.includes(app.user.id)"
+                class="private-public-btn"
+                outlined>
+              <span v-if="settings.access.public">Make private</span>
+              <span v-else>Make public</span>
+            </v-btn>
+          </v-col>
+        </v-row>
+        <v-row
+            v-if="(project.permissions.update || project.permissions.delete) && !upload && !transfer && isProjectCreator">
+          <v-col>
+            <span class="private-public-text">
+              <b>Transfer project</b><br>
+            <span class="description-text">Transfer this project to another user or organisation</span></span>
+          </v-col>
+          <v-col>
+            <v-btn
+                @click="transferDialog"
+                class="private-public-btn"
+                outlined
+            >
+              <span>Transfer</span>
+            </v-btn>
+          </v-col>
+        </v-row>
+        <v-row v-if="project.permissions.delete"
+        >
+          <v-col>
+            <span class="private-public-text">
+              <b>Delete project</b><br>
+            <span class="description-text">All data will be lost</span></span>
+          </v-col>
+          <v-col self-align="end">
+            <v-btn
+                @click="confirmDelete"
+                class="private-public-btn"
+                outlined
+            >
+              <span>Delete</span>
+            </v-btn>
+          </v-col>
+        </v-row>
+      </v-container>
+    </v-layout>
+  </v-layout>
+</template>
+
+<script>
+import { mapState } from 'vuex'
+import ProjectPermissions from '@/components/ProjectPermissions'
+import ProjectAccessRequests from '@/components/ProjectAccessRequest'
+import AdminProjectPermissions from '../admin/views/dashboard/components/AdminProjectPermissions'
+import ProjectTransferForm from '@/components/ProjectTransferForm'
+import { waitCursor } from '@/util'
+import MerginAPIMixin from '@/mixins/MerginAPI'
+import OrganisationsMixin from '@/mixins/Organisation'
+
+export default {
+  name: 'project-settings',
+  mixins: [MerginAPIMixin, OrganisationsMixin],
+  components: { AdminProjectPermissions, ProjectPermissions, ProjectAccessRequests },
+  props: {
+    namespace: String,
+    projectName: String,
+    asAdmin: {
+      type: Boolean,
+      default: false
+    }
+  },
+  data () {
+    return {
+      settings: {},
+      key: 0
+    }
+  },
+  computed: {
+    ...mapState(['app', 'project', 'uploads', 'transfers']),
+    errors () {
+      const errors = []
+      if (this.settings.access.ownersnames.length < 1) {
+        errors.push("Project doesn't have owner")
+      }
+      return errors
+    },
+    isProjectCreator () {
+      if (this.project) {
+        return this.app.username === this.namespace ? true : this.project.creator === this.app.user.id
+      }
+      return null
+    },
+    upload () {
+      return this.project && this.uploads[this.project.path]
+    },
+    transfer () {
+      return this.project && this.transfers.find(i => i.project.name === this.projectName) !== undefined
+    }
+  },
+  watch: {
+    project: {
+      immediate: true,
+      handler (project) {
+        if (JSON.stringify(this.settings.access) !== JSON.stringify(this.project.access)) {
+          this.settings = {
+            access: JSON.parse(JSON.stringify(project.access))
+          }
+        }
+        this.key++
+      }
+    }
+  },
+  created () {
+    if (!this.$store.getters.isProjectOwner && !this.asAdmin) {
+      this.$router.push('/projects')
+    }
+    this.settings = {
+      access: JSON.parse(JSON.stringify(this.project.access))
+    }
+  },
+  methods: {
+    saveSettings () {
+      waitCursor(true)
+      this.$http.put(`/v1/project/${this.namespace}/${this.projectName}`, this.settings, { 'axios-retry': { retries: 5 } })
+        .then(resp => {
+          this.$store.commit('project', resp.data)
+          waitCursor(false)
+        })
+        .catch((err) => {
+          this.$notification.error(err.response.data.detail || 'Failed to save project settings')
+          waitCursor(false)
+        })
+    },
+    togglePublicPrivate () {
+      this.settings.access.public = !this.settings.access.public
+    },
+    confirmDelete () {
+      const props = {
+        text: `Are you sure to delete project: ${this.projectName}? All files will be lost. <br> <br> Type in project name to confirm:`,
+        confirmText: 'Delete',
+        confirmField: {
+          label: 'Project name',
+          expected: this.projectName
+        }
+      }
+      const listeners = {
+        confirm: () => this.deleteProject()
+      }
+      this.$dialog.prompt({ props, listeners, dialog: { maxWidth: 500 } })
+    },
+    transferDialog () {
+      const dialog = { maxWidth: 500, persistent: true }
+      const props = {
+        project: this.projectName,
+        from_namespace: this.namespace
+      }
+      const listeners = {
+        submit: () => {
+          this.fetchTransfers(this.namespace)
+        }
+      }
+      this.$dialog.show(ProjectTransferForm, { props, listeners, dialog })
+    },
+    confirmPublicPrivate () {
+      const props = {
+        text: `Do you really want to make this project ${this.settings.access.public ? 'private' : 'public'}?`,
+        confirmText: 'Yes'
+      }
+      const listeners = {
+        confirm: () => this.togglePublicPrivate()
+      }
+      this.$dialog.prompt({ props, listeners, dialog: { maxWidth: 500 } })
+    },
+    deleteProject () {
+      waitCursor(true)
+      this.$http.delete(`/v1/project/${this.namespace}/${this.projectName}`, { 'axios-retry': { retries: 5 } })
+        .then(() => {
+          this.$store.commit('project', null)
+          if (this.namespace in this.app.user.profile.organisations) {
+            this.getOrganisation(this.namespace)
+          } else {
+            this.fetchUserProfile(this.app.user.username)
+          }
+          waitCursor(false)
+          this.$router.replace({ name: 'my_projects' })
+        })
+        .catch(err => {
+          this.$notification.error(err.response.data.detail || 'Failed to remove project')
+          waitCursor(false)
+        })
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.settings {
+  display: flex;
+  flex-direction: column;
+  flex: 1 0 auto;
+}
+.actions {
+  flex: 0 0 auto;
+}
+.private-public-btn {
+  font-size: 12px;
+  padding-left: 20px;
+  padding-right: 20px;
+  background-color: #f3f5f7;
+  color: #2d4470;
+  text-transform: none;
+  min-width: 116px !important;
+  float: right;
+  border-color: #e0e0e0;
+  span {
+      font-weight: 700;
+  }
+}
+.private-public-text {
+  font-size: 14px;
+  color: black;
+}
+.description-text {
+  color: #757575;
+}
+</style>
diff --git a/web-app/src/views/ProjectVersions.vue b/web-app/src/views/ProjectVersions.vue
new file mode 100644
index 00000000..5dcdf206
--- /dev/null
+++ b/web-app/src/views/ProjectVersions.vue
@@ -0,0 +1,163 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <div>
+    <v-layout align-center shrink>
+      <v-spacer/>
+    </v-layout>
+    <v-data-table
+      :headers="headers"
+      :items="versions"
+      no-data-text="No project history"
+      color="primary"
+      footer-props.items-per-page-options='[10, 25, {"text": "$vuetify.dataIterator.rowsPerPageAll","value": -1}]'
+      :hide-default-footer="versions.length <= 10"
+      :options="options"
+    >
+      <!-- headers -->
+      <template v-slot:header.changes.added="{ header }">
+        <v-tooltip bottom>
+          <template v-slot:activator="{ on }">
+             <v-icon v-on="on" small :color="header.color">{{ header.icon }}</v-icon>
+          </template>
+          <span>Added</span>
+        </v-tooltip>
+      </template>
+      <template v-slot:header.changes.removed="{ header }">
+        <v-tooltip bottom>
+          <template v-slot:activator="{ on }">
+             <v-icon v-on="on" small :color="header.color">{{ header.icon }}</v-icon>
+          </template>
+          <span>Deleted</span>
+        </v-tooltip>
+      </template>
+      <template v-slot:header.changes.updated="{ header }">
+        <v-tooltip bottom>
+          <template v-slot:activator="{ on }">
+             <v-icon v-on="on" small :color="header.color">{{ header.icon }}</v-icon>
+          </template>
+          <span>Modified</span>
+        </v-tooltip>
+      </template>
+      <!-- data -->
+      <template v-slot:item.created="{ item }">
+           <span>
+             <v-tooltip bottom>
+            <template v-slot:activator="{ on }">
+            <span v-on="on">{{ item.created | timediff }}</span>
+            </template>
+            <span>{{ item.created | datetime }}</span>
+          </v-tooltip>
+           </span>
+     </template>
+    <template v-slot:item.name="{ item }">
+           <span>
+             <router-link :to="{name: `${asAdmin ? 'admin-' : ''}project-versions-detail`, params: {version_id: item.name, version: item}}">
+            {{ item.name }}
+          </router-link>
+           </span>
+     </template>
+      <template v-slot:item.changes.added="{ item }">
+           <span>
+             <span class="green--text">{{ item.changes.added.length }}</span>
+           </span>
+     </template>
+      <template v-slot:item.changes.removed="{ item }">
+           <span>
+             <span class="red--text">{{ item.changes.removed.length }}</span>
+           </span>
+     </template>
+      <template v-slot:item.changes.updated="{ item }">
+           <span>
+             <span class="orange--text">{{ item.changes.updated.length }}</span>
+           </span>
+     </template>
+      <template v-slot:item.project_size="{ item }">
+        {{ item.project_size | filesize }}
+     </template>
+      <template v-slot:item.archived="{ item }">
+           <v-tooltip top>
+            <template v-slot:activator="{ on }">
+          <v-btn
+            icon
+            v-on="on"
+            :href="'/v1/project/download/' + namespace + '/'+ projectName +'?version=' + item.name + '&format=zip'"
+          >
+            <v-icon>archive</v-icon>
+          </v-btn>
+            </template>
+          <span>Download Project Version {{ item.name }} (ZIP)</span>
+        </v-tooltip>
+     </template>
+    </v-data-table>
+  </div>
+</template>
+
+<script>
+import { mapState } from 'vuex'
+
+export default {
+  name: 'project-versions',
+  props: {
+    projectName: String,
+    namespace: String,
+    asAdmin: {
+      type: Boolean,
+      default: false
+    }
+  },
+  data () {
+    return {
+      dialog: false,
+      versions: [],
+      options: {
+        'sort-by': 'version'
+      }
+    }
+  },
+  computed: {
+    ...mapState(['project']),
+    headers () {
+      return [
+        { text: 'Version', value: 'name' },
+        { text: 'Created', value: 'created' },
+        { text: 'Author', value: 'author' },
+        { text: 'Added', value: 'changes.added', icon: 'add_circle', color: 'green' },
+        { text: 'Removed', value: 'changes.removed', icon: 'delete', color: 'red' },
+        { text: 'Modified', value: 'changes.updated', icon: 'edit', color: 'orange' },
+        { text: 'Size', value: 'project_size' },
+        { text: '', value: 'archived' }
+      ]
+    }
+  },
+  created () {
+    this.fetchVersions()
+  },
+  watch: {
+    $route: 'fetchVersions'
+  },
+  methods: {
+    fetchVersions () {
+      this.$http.get(`/v1/project/version/${this.namespace}/${this.projectName}`)
+        .then(resp => {
+          this.versions = resp.data
+          this.$store.commit('projectVersions', { project: this.project, versions: this.versions })
+        })
+        .catch(() => {
+          this.$notification.error('Failed to fetch project versions')
+        })
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+  .v-card.table {
+    min-height: unset;
+    overflow: unset;
+  }
+  .changes {
+    flex: 0.3 1 auto;
+  }
+</style>
diff --git a/web-app/src/views/ProjectsList.vue b/web-app/src/views/ProjectsList.vue
new file mode 100644
index 00000000..9e42dee3
--- /dev/null
+++ b/web-app/src/views/ProjectsList.vue
@@ -0,0 +1,118 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <page-view :style="`padding-left: ${drawer ? 260 : 20}px; overflow-y: auto; padding-right:20px; margin-right: 0px;`">
+    <v-layout class="column fill-height main-content">
+      <v-layout align-center shrink>
+        <h3 class="ml-1 my-2 pl-3">
+          {{ header }}
+          <span v-if="namespace"> <v-icon class="arrow">chevron_right</v-icon> {{ namespace }}</span>
+        </h3>
+        <v-spacer/>
+        <portal-target name="additional-action"/>
+        <div v-if="this.$route.meta.flag !== 'request'">
+          <div class="action-button">
+            <div>
+              <v-btn
+                v-if="app.user && app.user.email"
+                @click="newProjectDialog"
+                class="primary--text"
+                rounded
+              >
+                <v-icon class="mr-2">add_circle</v-icon>
+                Create
+              </v-btn>
+            </div>
+          </div>
+        </div>
+        <div v-else>
+          <portal-target name="accept-request-button"/>
+        </div>
+
+      </v-layout>
+      <v-card class="table"
+      style="-webkit-box-shadow: none; box-shadow: none;">
+        <v-card-text >
+          <projects-table
+            :key="namespace + $route.name"
+            :show-namespace="showNamespace"
+            :namespace="namespace"
+            :onlyPublic="onlyPublic"
+            />
+        </v-card-text>
+      </v-card>
+    </v-layout>
+  </page-view>
+</template>
+
+<script>
+import { mapMutations, mapState } from 'vuex'
+
+import PageView from '@/views/PageView'
+import ProjectForm from '@/components/ProjectForm'
+import ProjectsTable from '@/components/ProjectsTable'
+
+export default {
+  name: 'projects-list',
+  components: { PageView, ProjectsTable },
+  props: {
+    namespace: String
+  },
+  computed: {
+    ...mapState(['app', 'drawer']),
+    header () {
+      return (this.$route.meta.header !== undefined) ? this.$route.meta.header : 'Projects'
+    },
+    showNamespace () {
+      return this.$route.name !== 'my_projects' && this.namespace === undefined
+    },
+    onlyPublic () {
+      return this.$route.name === 'explore' || !this.app.user
+    }
+  },
+  methods: {
+    newProjectDialog () {
+      const dialog = { maxWidth: 500, persistent: true }
+      this.$dialog.show(ProjectForm, { dialog })
+    },
+    ...mapMutations({
+      setDrawer: 'SET_DRAWER'
+    })
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+h3 a {
+  text-decoration: none;
+}
+.v-card.table {
+  min-height: unset;
+  overflow: unset;
+}
+
+.arrow {
+  color: black;
+  font-size: large;
+}
+
+@media (max-width : 400px) {
+  .action-button {
+    width: 135px;
+  }
+}
+
+.action-button {
+  div {
+    display: inline-block;
+  }
+}
+
+.toggle-toolbar {
+  position: fixed;
+  left: 5px;
+  z-index: 100;
+  bottom: 20px;
+}
+</style>
diff --git a/web-app/src/views/Registration.vue b/web-app/src/views/Registration.vue
new file mode 100644
index 00000000..11738d6f
--- /dev/null
+++ b/web-app/src/views/Registration.vue
@@ -0,0 +1,130 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <div class="registration-window">
+    <img class="bg" :src="require('@/assets/bg_grid.svg')"/>
+    <v-spacer/>
+    <v-layout justify-center align-end shrink>
+      <v-img
+        contain
+        max-width="300"
+        position="center bottom"
+        :transition="false"
+        :src="require('@/assets/img6.png')"
+      />
+    </v-layout>
+    <v-container class="py-1">
+      <v-card>
+        <v-responsive class="mt-2">
+          <img src="../assets/logo_color.svg" @click="$router.push('/login')">
+        </v-responsive>
+        <v-card-title class="primary--text font-weight-bold pb-0 ml-3">
+          <h3> Create your account</h3>
+          <v-spacer/>
+            <v-btn
+            text
+            color="primary"
+            class="reset"
+            :to="{name: 'login'}"
+            >Sign in
+          </v-btn>
+        </v-card-title>
+        <v-card-text>
+          <sign-up-form class="sign-up layout column" @success="redirect" />
+        </v-card-text>
+      </v-card>
+    </v-container>
+    <v-spacer/>
+    <v-spacer/>
+  </div>
+</template>
+
+<script>
+import SignUpForm from '@/components/SignUpForm'
+import VueRouter from 'vue-router'
+const { isNavigationFailure, NavigationFailureType } = VueRouter
+
+
+export default {
+  name: 'Registration',
+  components: { SignUpForm },
+  methods: {
+    redirect () {
+      if (this.$route.query.redirect) {
+        this.$router.push(this.$route.query.redirect).catch(e => {
+          if (isNavigationFailure(e, NavigationFailureType.redirected)) {
+            // expected redirect
+            //   https://router.vuejs.org/guide/advanced/navigation-failures.html#detecting-navigation-failures
+          } else {
+            this.$notification.error(e)
+          }
+        })
+      } else {
+        this.$router.push({ name: 'my_projects' })
+      }
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.registration-window {
+  position: fixed;
+  top: 0;
+  left: 0;
+  height: 100%;
+  width: 100%;
+
+  background-image: linear-gradient(#172238, #2c436f);
+  display: flex;
+  flex-direction: column;
+  z-index: 100;
+  overflow: auto;
+
+  .bg {
+    position: absolute;
+    left: 0;
+    top: 0;
+    height: 100%;
+    width: 100%;
+    object-fit: cover;
+  }
+  .container {
+    display: flex;
+    align-items: center;
+    justify-content: center;
+    flex: 0 0 auto;
+  }
+
+  ::v-deep .v-card {
+    max-width: 500px;
+    flex: 1;
+    opacity: 0.9;
+
+    .v-responsive__content {
+      display: flex;
+      flex-direction: row;
+      justify-content: center;
+      margin-top: 0.25em;
+      cursor: pointer;
+      img {
+        height: 4em;
+        width: auto;
+      }
+    }
+
+    .v-card__text {
+      display: flex;
+      flex-direction: column;
+    }
+
+  }
+  ::v-deep .v-btn {
+    text-transform: none;
+    &.reset {
+      align-self: center;
+    }
+  }
+}
+</style>
diff --git a/web-app/src/views/VersionDetail.vue b/web-app/src/views/VersionDetail.vue
new file mode 100644
index 00000000..31e16185
--- /dev/null
+++ b/web-app/src/views/VersionDetail.vue
@@ -0,0 +1,227 @@
+# Copyright (C) 2018 Lutra Consulting Limited. All rights reserved.
+# Do not distribute without the express permission of the author.
+
+<template>
+  <div v-if="version">
+    <portal to="download-button">
+      <v-tooltip top>
+        <template v-slot:activator="{ on }">
+        <v-btn
+          icon
+          v-on="on"
+          :href="downloadUrl"
+        >
+          <v-icon>archive</v-icon>
+        </v-btn>
+        </template>
+        <span>Download Project Version {{ version.name }} (ZIP)</span>
+      </v-tooltip>
+    </portal>
+    <v-list two-line subheader>
+      <v-list-item>
+        <v-list-item-content>
+          <v-list-item-title>Version</v-list-item-title>
+          <v-list-item-subtitle>{{ version.name }}</v-list-item-subtitle>
+        </v-list-item-content>
+      </v-list-item>
+      <v-list-item>
+        <v-list-item-content>
+          <v-list-item-title>Author</v-list-item-title>
+          <v-list-item-subtitle>{{ version.author }}</v-list-item-subtitle>
+        </v-list-item-content>
+      </v-list-item>
+      <v-list-item>
+        <v-list-item-content>
+          <v-list-item-title>Project Size</v-list-item-title>
+          <v-list-item-subtitle>{{ version.project_size | filesize }}</v-list-item-subtitle>
+        </v-list-item-content>
+      </v-list-item>
+      <v-list-item>
+        <v-list-item-content>
+          <v-list-item-title>Created</v-list-item-title>
+          <v-list-item-subtitle>{{ version.created | datetime }}</v-list-item-subtitle>
+        </v-list-item-content>
+      </v-list-item>
+      <v-list-item>
+        <v-list-item-content>
+          <v-list-item-title>User Agent</v-list-item-title>
+          <v-list-item-subtitle>{{ version.user_agent }}</v-list-item-subtitle>
+        </v-list-item-content>
+      </v-list-item>
+    </v-list>
+    <v-list class="files" expand>
+      <v-list-item>
+        <v-list-item-content>
+          <v-list-item-title>Files changes:</v-list-item-title>
+        </v-list-item-content>
+      </v-list-item>
+      <v-list-group
+        v-for="{ key, text, icon } in changeHeader"
+        :key="key"
+        no-action
+      >
+<!--                v-if="changes[key].length"-->
+<template v-slot:activator>
+        <v-list-item-content>
+          <v-list-item-title>
+            <v-icon small v-text="icon" class="mr-2"/>
+            <span>{{ text }} ({{ changes[key].length }})</span>
+          </v-list-item-title>
+        </v-list-item-content>
+</template>
+
+        <div
+          class="v-list__tile v-list-item-file"
+          v-for="item in changes[key]"
+          :key="item.path"
+          no-action
+        >
+          <div :class="colors[key]">
+            {{ item.path }}: {{ version.changesets[item.path] ? version.changesets[item.path]['size'] : item.size | filesize }}
+            <template
+              v-if="version.changesets[item.path]">
+              <div v-if="!version.changesets[item.path].error">
+                <router-link
+                class="show-advanced"
+                :to="{
+                  name: `${asAdmin ? 'admin-' : ''}file-version-detail`,
+                  params: {
+                    namespace: version.namespace,
+                    projectName: version.project_name,
+                    version_id: version.name,
+                    path: item.path }}">
+                <v-btn>
+                  <span>Show advanced</span>
+                </v-btn>
+                </router-link>
+                <file-changeset-summary-table :changesets="version.changesets[item.path]['summary']"/>
+              </div>
+              <div v-else class="text--primary">
+                Details not available: {{ version.changesets[item.path].error }}
+              </div>
+            </template>
+          </div>
+        </div>
+      </v-list-group>
+    </v-list>
+  </div>
+</template>
+
+<script>
+import { mapState } from 'vuex'
+import FileChangesetSummaryTable from '../components/FileChangesetSummaryTable'
+
+const Colors = {
+  added: 'green--text',
+  removed: 'red--text',
+  updated: 'orange--text'
+}
+
+export default {
+  name: 'project-version',
+  components: { FileChangesetSummaryTable },
+  props: {
+    version_id: {
+      type: String,
+      default: ''
+    },
+    asAdmin: {
+      type: Boolean,
+      default: false
+    }
+  },
+  data () {
+    return {
+      version: null
+    }
+  },
+  created () {
+    this.getVersion()
+  },
+  computed: {
+    ...mapState(['project']),
+    colors () {
+      return Colors
+    },
+    changeHeader () {
+      return [
+        { key: 'added', text: 'Added', icon: 'add_circle' },
+        { key: 'removed', text: 'Removed', icon: 'delete' },
+        { key: 'updated', text: 'Modified', icon: 'edit' }
+      ]
+    },
+    changes () {
+      return this.version && this.version.changes
+    },
+    downloadUrl () {
+      return this.$http.absUrl(`/v1/project/download/${this.project.namespace}/${this.project.name}?version=${this.version_id}&format=zip`)
+    }
+  },
+  watch: {
+    $route: 'getVersion'
+  },
+  methods: {
+    getVersion () {
+      if (!this.project.versions) {
+        this.$http.get(`/v1/project/version/${this.project.namespace}/${this.project.name}?version_id=${this.version_id}`)
+          .then(resp => {
+            if (resp.data.length) {
+              const version = resp.data[0]
+              version.changes = resp.data[0].changes
+              this.version = version
+            }
+          })
+          .catch(err => {
+            const msg = (err.response) ? err.response.data.detail : 'Failed to fetch project version'
+            this.$notification.error(msg)
+          })
+      } else {
+        this.version = this.project.versions.find(v => v.name === this.version_id)
+      }
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.status {
+  margin: 0.5em auto;
+  padding: 0 1em;
+  text-align: center;
+  color: #fff;
+  height: 2em;
+  line-height: 2em;
+  border-radius: 1em;
+  float: right;
+}
+
+.v-list-item-file {
+  min-height: 48px;
+  height: auto;
+}
+
+.v-list {
+  ::v-deep .v-list-item {
+    font-size: 14px;
+    color: #444;
+    .v-list-item__title {
+      font-weight: 500;
+    }
+  }
+
+  &.files {
+    ::v-deep .v-list-group__items {
+      .v-list-item {
+        padding-left: 20px;
+      }
+    }
+  }
+}
+.show-advanced {
+  font-style: unset;
+  button {
+    font-size: 12px;
+    margin-left: 30px;
+  }
+}
+</style>
diff --git a/web-app/vue.config.js b/web-app/vue.config.js
new file mode 100644
index 00000000..a760cd2c
--- /dev/null
+++ b/web-app/vue.config.js
@@ -0,0 +1,51 @@
+const main = process.env.MAIN_FILE || 'main'
+
+module.exports = {
+  outputDir: '../server/build/static',
+  publicPath: process.env.NODE_ENV === 'production' ? '/assets/' : '/',
+  pages: process.env.NODE_ENV === 'production'
+    ? {
+      index: {
+        entry: `src/${main}.js`,
+        template: `public/index_${main}.html`,
+        filename: '../../src/templates/app.html'
+      }
+    }
+    : undefined,
+  configureWebpack: config => {
+    // to enable swich in development server
+    if (process.env.NODE_ENV !== 'production') {
+      config.entry = `./src/${main}.js`
+    }
+  },
+  devServer: {
+    proxy: {
+      '/dev/init': {
+        target: 'http://localhost:5000'
+      },
+      '/v1': {
+        target: 'http://localhost:5000'
+      },
+      '/app': {
+        target: 'http://localhost:5000'
+      },
+      '/auth': {
+        target: 'http://localhost:5000'
+      },
+      '/ping': {
+        target: 'http://localhost:5000'
+      },
+      '/orgs': {
+        target: 'http://localhost:5000'
+      }
+    }
+  },
+  pluginOptions: {
+    i18n: {
+      locale: 'en',
+      fallbackLocale: 'en',
+      localeDir: 'locales',
+      enableInSFC: false
+    }
+  }
+}