Update 3rd Party Licenses

Signed-off-by: stirlingbot[bot] <stirlingbot[bot]@users.noreply.github.com>

.github/scripts/check_language_properties.py

@@ -196,7 +196,9 @@ def check_for_differences(reference_file, file_list, branch, actor):
 
     if len(file_list) == 1:
         file_arr = file_list[0].split()
-    base_dir = os.path.abspath(os.path.join(os.getcwd(), "src", "main", "resources"))
+    base_dir = os.path.abspath(
+        os.path.join(os.getcwd(), "stirling-pdf", "src", "main", "resources")
+    )
 
     for file_path in file_arr:
         file_normpath = os.path.normpath(file_path)
@@ -216,10 +218,19 @@ def check_for_differences(reference_file, file_list, branch, actor):
             or (
                 # only local windows command
                 not file_normpath.startswith(
-                    os.path.join("", "src", "main", "resources", "messages_")
+                    os.path.join(
+                        "", "stirling-pdf", "src", "main", "resources", "messages_"
+                    )
                 )
                 and not file_normpath.startswith(
-                    os.path.join(os.getcwd(), "src", "main", "resources", "messages_")
+                    os.path.join(
+                        os.getcwd(),
+                        "stirling-pdf",
+                        "src",
+                        "main",
+                        "resources",
+                        "messages_",
+                    )
                 )
             )
             or not file_normpath.endswith(".properties")
@@ -377,7 +388,12 @@ if __name__ == "__main__":
         else:
             file_list = glob.glob(
                 os.path.join(
-                    os.getcwd(), "src", "main", "resources", "messages_*.properties"
+                    os.getcwd(),
+                    "stirling-pdf",
+                    "src",
+                    "main",
+                    "resources",
+                    "messages_*.properties",
                 )
             )
         update_missing_keys(args.reference_file, file_list)

.github/workflows/build.yml

@@ -47,18 +47,56 @@ jobs:
         env:
           DISABLE_ADDITIONAL_FEATURES: false
 
-      - name: Upload Test Reports
+      - name: Check Test Reports Exist
+        id: check-reports
         if: always()
+        run: |
+          missing_reports=()
+          
+          # Check for required test report directories
+          if [ ! -d "stirling-pdf/build/reports/tests/" ]; then
+            missing_reports+=("stirling-pdf/build/reports/tests/")
+          fi
+          if [ ! -d "stirling-pdf/build/test-results/" ]; then
+            missing_reports+=("stirling-pdf/build/test-results/")
+          fi
+          if [ ! -d "common/build/reports/tests/" ]; then
+            missing_reports+=("common/build/reports/tests/")
+          fi
+          if [ ! -d "common/build/test-results/" ]; then
+            missing_reports+=("common/build/test-results/")
+          fi
+          if [ ! -d "proprietary/build/reports/tests/" ]; then
+            missing_reports+=("proprietary/build/reports/tests/")
+          fi
+          if [ ! -d "proprietary/build/test-results/" ]; then
+            missing_reports+=("proprietary/build/test-results/")
+          fi
+          
+          # Fail if any required reports are missing
+          if [ ${#missing_reports[@]} -gt 0 ]; then
+            echo "ERROR: The following required test report directories are missing:"
+            printf '%s\n' "${missing_reports[@]}"
+            exit 1
+          fi
+          
+          echo "All required test report directories are present"
+
+      - name: Upload Test Reports
+        if: steps.check-reports.outcome == 'success'
         uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
         with:
           name: test-reports-jdk-${{ matrix.jdk-version }}
           path: |
-            build/reports/tests/
-            build/test-results/
-            build/reports/problems/
-            /common/build/reports/tests/
-            /common/build/test-results/
-            /common/build/reports/problems/
+            stirling-pdf/build/reports/tests/
+            stirling-pdf/build/test-results/
+            stirling-pdf/build/reports/problems/
+            common/build/reports/tests/
+            common/build/test-results/
+            common/build/reports/problems/
+            proprietary/build/reports/tests/
+            proprietary/build/test-results/
+            proprietary/build/reports/problems/
           retention-days: 3
 
   check-licence:

.github/workflows/check_properties.yml

@@ -115,8 +115,11 @@ jobs:
 
             // Filter for relevant files based on the PR changes
             const changedFiles = files
-              .map(file => file.filename)
-              .filter(file => /^stirling-pdf\src\/main\/resources\/messages_[a-zA-Z_]{2}_[a-zA-Z_]{2,7}\.properties$/.test(file));
+              .filter(file => 
+                file.status !== "removed" &&
+                /^stirling-pdf\/src\/main\/resources\/messages_[a-zA-Z_]{2}_[a-zA-Z_]{2,7}\.properties$/.test(file.filename)
+              )
+              .map(file => file.filename);
 
             console.log("Changed files:", changedFiles);
 

.github/workflows/scorecards.yml

@@ -74,6 +74,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
+        uses: github/codeql-action/upload-sarif@ce28f5bb42b7a9f2c824e633a3f6ee835bab6858 # v3.29.0
         with:
           sarif_file: results.sarif

.vscode/settings.json

@@ -86,4 +86,9 @@
   "spring.initializr.defaultLanguage": "Java",
   "spring.initializr.defaultGroupId": "stirling.software.SPDF",
   "spring.initializr.defaultArtifactId": "SPDF",
+  "java.project.sourcePaths": [
+    "stirling-pdf/src/main/java",
+    "common/src/main/java",
+    "proprietary/src/main/java"
+  ],
 }

Dockerfile

@@ -5,8 +5,7 @@ FROM alpine:3.22.0@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be02
 COPY scripts /scripts
 COPY pipeline /pipeline
 COPY stirling-pdf/src/main/resources/static/fonts/*.ttf /usr/share/fonts/opentype/noto/
-#COPY src/main/resources/static/fonts/*.otf /usr/share/fonts/opentype/noto/
-COPY build/libs/*.jar app.jar
+COPY stirling-pdf/build/libs/*.jar app.jar
 
 ARG VERSION_TAG
 

Dockerfile.fat

@@ -5,6 +5,7 @@ COPY build.gradle .
 COPY settings.gradle .
 COPY gradlew .
 COPY gradle gradle/
+COPY stirling-pdf/build.gradle stirling-pdf/.
 COPY common/build.gradle common/.
 COPY proprietary/build.gradle proprietary/.
 RUN ./gradlew build -x spotlessApply -x spotlessCheck -x test -x sonarqube || return 0
@@ -27,7 +28,7 @@ FROM alpine:3.22.0@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be02
 COPY scripts /scripts
 COPY pipeline /pipeline
 COPY stirling-pdf/src/main/resources/static/fonts/*.ttf /usr/share/fonts/opentype/noto/
-COPY --from=build /app/build/libs/*.jar app.jar
+COPY --from=build /app/stirling-pdf/build/libs/*.jar app.jar
 
 ARG VERSION_TAG
 

Dockerfile.ultra-lite

@@ -18,7 +18,7 @@ COPY scripts/download-security-jar.sh /scripts/download-security-jar.sh
 COPY scripts/init-without-ocr.sh /scripts/init-without-ocr.sh
 COPY scripts/installFonts.sh /scripts/installFonts.sh
 COPY pipeline /pipeline
-COPY build/libs/*.jar app.jar
+COPY stirling-pdf/build/libs/*.jar app.jar
 
 # Set up necessary directories and permissions
 RUN echo "@testing https://dl-cdn.alpinelinux.org/alpine/edge/main" | tee -a /etc/apk/repositories && \

README.md

@@ -116,47 +116,47 @@ Stirling-PDF currently supports 40 languages!
 
 | Language                                     | Progress                               |
 | -------------------------------------------- | -------------------------------------- |
-| Arabic (العربية) (ar_AR)                        | ![71%](https://geps.dev/progress/71)   |
-| Azerbaijani (Azərbaycan Dili) (az_AZ)        | ![72%](https://geps.dev/progress/72)   |
-| Basque (Euskara) (eu_ES)                     | ![42%](https://geps.dev/progress/42)   |
-| Bulgarian (Български) (bg_BG)                | ![79%](https://geps.dev/progress/79)   |
-| Catalan (Català) (ca_CA)                     | ![78%](https://geps.dev/progress/78)   |
-| Croatian (Hrvatski) (hr_HR)                  | ![70%](https://geps.dev/progress/70)   |
-| Czech (Česky) (cs_CZ)                        | ![81%](https://geps.dev/progress/81)   |
-| Danish (Dansk) (da_DK)                       | ![71%](https://geps.dev/progress/71)   |
-| Dutch (Nederlands) (nl_NL)                   | ![69%](https://geps.dev/progress/69)   |
+| Arabic (العربية) (ar_AR)                        | ![68%](https://geps.dev/progress/68)   |
+| Azerbaijani (Azərbaycan Dili) (az_AZ)        | ![68%](https://geps.dev/progress/68)   |
+| Basque (Euskara) (eu_ES)                     | ![40%](https://geps.dev/progress/40)   |
+| Bulgarian (Български) (bg_BG)                | ![75%](https://geps.dev/progress/75)   |
+| Catalan (Català) (ca_CA)                     | ![75%](https://geps.dev/progress/75)   |
+| Croatian (Hrvatski) (hr_HR)                  | ![67%](https://geps.dev/progress/67)   |
+| Czech (Česky) (cs_CZ)                        | ![77%](https://geps.dev/progress/77)   |
+| Danish (Dansk) (da_DK)                       | ![68%](https://geps.dev/progress/68)   |
+| Dutch (Nederlands) (nl_NL)                   | ![66%](https://geps.dev/progress/66)   |
 | English (English) (en_GB)                    | ![100%](https://geps.dev/progress/100) |
 | English (US) (en_US)                         | ![100%](https://geps.dev/progress/100) |
-| French (Français) (fr_FR)                    | ![80%](https://geps.dev/progress/80)   |
-| German (Deutsch) (de_DE)                     | ![97%](https://geps.dev/progress/97)   |
-| Greek (Ελληνικά) (el_GR)                     | ![78%](https://geps.dev/progress/78)   |
-| Hindi (हिंदी) (hi_IN)                          | ![78%](https://geps.dev/progress/78)   |
-| Hungarian (Magyar) (hu_HU)                   | ![89%](https://geps.dev/progress/89)   |
-| Indonesian (Bahasa Indonesia) (id_ID)        | ![72%](https://geps.dev/progress/72)   |
-| Irish (Gaeilge) (ga_IE)                      | ![79%](https://geps.dev/progress/79)   |
-| Italian (Italiano) (it_IT)                   | ![97%](https://geps.dev/progress/97)   |
-| Japanese (日本語) (ja_JP)                    | ![79%](https://geps.dev/progress/79)   |
-| Korean (한국어) (ko_KR)                      | ![78%](https://geps.dev/progress/78)   |
-| Norwegian (Norsk) (no_NB)                    | ![76%](https://geps.dev/progress/76)   |
-| Persian (فارسی) (fa_IR)                      | ![74%](https://geps.dev/progress/74)   |
-| Polish (Polski) (pl_PL)                      | ![83%](https://geps.dev/progress/83)   |
-| Portuguese (Português) (pt_PT)               | ![79%](https://geps.dev/progress/79)   |
+| French (Français) (fr_FR)                    | ![76%](https://geps.dev/progress/76)   |
+| German (Deutsch) (de_DE)                     | ![96%](https://geps.dev/progress/96)   |
+| Greek (Ελληνικά) (el_GR)                     | ![74%](https://geps.dev/progress/74)   |
+| Hindi (हिंदी) (hi_IN)                          | ![74%](https://geps.dev/progress/74)   |
+| Hungarian (Magyar) (hu_HU)                   | ![97%](https://geps.dev/progress/97)   |
+| Indonesian (Bahasa Indonesia) (id_ID)        | ![68%](https://geps.dev/progress/68)   |
+| Irish (Gaeilge) (ga_IE)                      | ![75%](https://geps.dev/progress/75)   |
+| Italian (Italiano) (it_IT)                   | ![87%](https://geps.dev/progress/87)   |
+| Japanese (日本語) (ja_JP)                    | ![76%](https://geps.dev/progress/76)   |
+| Korean (한국어) (ko_KR)                      | ![75%](https://geps.dev/progress/75)   |
+| Norwegian (Norsk) (no_NB)                    | ![73%](https://geps.dev/progress/73)   |
+| Persian (فارسی) (fa_IR)                      | ![71%](https://geps.dev/progress/71)   |
+| Polish (Polski) (pl_PL)                      | ![79%](https://geps.dev/progress/79)   |
+| Portuguese (Português) (pt_PT)               | ![76%](https://geps.dev/progress/76)   |
 | Portuguese Brazilian (Português) (pt_BR)     | ![84%](https://geps.dev/progress/84)   |
-| Romanian (Română) (ro_RO)                    | ![66%](https://geps.dev/progress/66)   |
-| Russian (Русский) (ru_RU)                    | ![84%](https://geps.dev/progress/84)   |
-| Serbian Latin alphabet (Srpski) (sr_LATN_RS) | ![51%](https://geps.dev/progress/51)   |
-| Simplified Chinese (简体中文) (zh_CN)         | ![84%](https://geps.dev/progress/84)   |
-| Slovakian (Slovensky) (sk_SK)                | ![60%](https://geps.dev/progress/60)   |
-| Slovenian (Slovenščina) (sl_SI)              | ![82%](https://geps.dev/progress/82)   |
-| Spanish (Español) (es_ES)                    | ![86%](https://geps.dev/progress/86)   |
-| Swedish (Svenska) (sv_SE)                    | ![76%](https://geps.dev/progress/76)   |
-| Thai (ไทย) (th_TH)                           | ![68%](https://geps.dev/progress/68)   |
-| Tibetan (བོད་ཡིག་) (bo_CN)                     | ![75%](https://geps.dev/progress/75) |
-| Traditional Chinese (繁體中文) (zh_TW)        | ![85%](https://geps.dev/progress/85)   |
-| Turkish (Türkçe) (tr_TR)                     | ![85%](https://geps.dev/progress/85)   |
-| Ukrainian (Українська) (uk_UA)               | ![84%](https://geps.dev/progress/84)   |
-| Vietnamese (Tiếng Việt) (vi_VN)              | ![66%](https://geps.dev/progress/66)   |
-| Malayalam (മലയാളം) (ml_IN)              | ![85%](https://geps.dev/progress/85)   |
+| Romanian (Română) (ro_RO)                    | ![63%](https://geps.dev/progress/63)   |
+| Russian (Русский) (ru_RU)                    | ![76%](https://geps.dev/progress/76)   |
+| Serbian Latin alphabet (Srpski) (sr_LATN_RS) | ![48%](https://geps.dev/progress/48)   |
+| Simplified Chinese (简体中文) (zh_CN)         | ![98%](https://geps.dev/progress/98)   |
+| Slovakian (Slovensky) (sk_SK)                | ![57%](https://geps.dev/progress/57)   |
+| Slovenian (Slovenščina) (sl_SI)              | ![79%](https://geps.dev/progress/79)   |
+| Spanish (Español) (es_ES)                    | ![82%](https://geps.dev/progress/82)   |
+| Swedish (Svenska) (sv_SE)                    | ![72%](https://geps.dev/progress/72)   |
+| Thai (ไทย) (th_TH)                           | ![65%](https://geps.dev/progress/65)   |
+| Tibetan (བོད་ཡིག་) (bo_CN)                     | ![0%](https://geps.dev/progress/0) |
+| Traditional Chinese (繁體中文) (zh_TW)        | ![80%](https://geps.dev/progress/80)   |
+| Turkish (Türkçe) (tr_TR)                     | ![81%](https://geps.dev/progress/81)   |
+| Ukrainian (Українська) (uk_UA)               | ![78%](https://geps.dev/progress/78)   |
+| Vietnamese (Tiếng Việt) (vi_VN)              | ![63%](https://geps.dev/progress/63)   |
+| Malayalam (മലയാളം) (ml_IN)              | ![81%](https://geps.dev/progress/81)   |
 
 ## Stirling PDF Enterprise
 

build.gradle

@@ -1,8 +1,8 @@
 plugins {
     id "java"
     id "jacoco"
-    id "org.springframework.boot" version "3.5.0"
     id "io.spring.dependency-management" version "1.1.7"
+    id "org.springframework.boot" version "3.5.0"
     id "org.springdoc.openapi-gradle-plugin" version "1.9.0"
     id "io.swagger.swaggerhub" version "1.3.2"
     id "edu.sc.seis.launch4j" version "3.0.6"
@@ -23,10 +23,11 @@ ext {
     pdfboxVersion = "3.0.5"
     imageioVersion = "3.12.0"
     lombokVersion = "1.18.38"
-    bouncycastleVersion = "1.80"
+    bouncycastleVersion = "1.81"
     springSecuritySamlVersion = "6.5.0"
     openSamlVersion = "4.3.2"
     commonmarkVersion = "0.24.0"
+    googleJavaFormatVersion = "1.27.0"
     tempJrePath = null
 }
 
@@ -50,7 +51,6 @@ sourceSets {
                 && System.getProperty('DISABLE_ADDITIONAL_FEATURES') == 'true')) {
                 exclude 'stirling/software/proprietary/security/**'
             }
-
             if (System.getenv('STIRLING_PDF_DESKTOP_UI') == 'false') {
                 exclude 'stirling/software/SPDF/UI/impl/**'
             }
@@ -75,7 +75,7 @@ sourceSets {
 
 allprojects {
     group = 'stirling.software'
-    version = '0.46.2'
+    version = '1.0.0'
 
     configurations.configureEach {
         exclude group: 'commons-logging', module: 'commons-logging'
@@ -130,6 +130,7 @@ subprojects {
 
         testImplementation 'org.springframework.boot:spring-boot-starter-test'
         testRuntimeOnly 'org.mockito:mockito-inline:5.2.0'
+        testRuntimeOnly 'org.junit.platform:junit-platform-launcher:1.12.2'
     }
 
     tasks.withType(JavaCompile).configureEach {
@@ -146,6 +147,11 @@ subprojects {
     }
 }
 
+tasks.withType(JavaCompile).configureEach {
+    options.encoding = "UTF-8"
+    dependsOn "spotlessApply"
+}
+
 licenseReport {
     renderers = [new JsonReportRenderer()]
     allowedLicensesFile = new File("$projectDir/allowed-licenses.json")
@@ -468,8 +474,9 @@ spotless {
         target sourceSets.main.allJava
         target project(':common').sourceSets.main.allJava
         target project(':proprietary').sourceSets.main.allJava
+        target project(':stirling-pdf').sourceSets.main.allJava
 
-        googleJavaFormat("1.27.0").aosp().reorderImports(false)
+        googleJavaFormat(googleJavaFormatVersion).aosp().reorderImports(false)
 
         importOrder("java", "javax", "org", "com", "net", "io", "jakarta", "lombok", "me", "stirling")
         toggleOffOn()
@@ -500,12 +507,17 @@ swaggerhubUpload {
     oas = "3.0.0"  // The version of the OpenAPI Specification you"re using
 }
 
+dependencies {
+    testImplementation 'org.springframework.boot:spring-boot-starter-test'
+    testRuntimeOnly 'org.junit.platform:junit-platform-launcher:1.12.2'
+}
+
 tasks.named("test") {
     useJUnitPlatform()
 }
 
 tasks.register('writeVersion') {
-    def propsFile = file("$projectDir/stirling-pdf/src/main/resources/version.properties")
+    def propsFile = file("$projectDir/common/src/main/resources/version.properties")
     def propsDir = propsFile.parentFile
 
     doLast {
@@ -529,6 +541,7 @@ tasks.register('writeVersion') {
 }
 
 processResources.dependsOn(writeVersion)
+project(':stirling-pdf').tasks.bootJar.dependsOn(writeVersion)
 
 tasks.register('printVersion') {
     doLast {
@@ -545,3 +558,22 @@ tasks.register('printMacVersion') {
 tasks.named('generateOpenApiDocs') {
     doNotTrackState("Tracking state is not supported for this task")
 }
+tasks.named('bootRun') {
+    group = 'application'
+    description = 'Delegates to :stirling-pdf:bootRun'
+    dependsOn ':stirling-pdf:bootRun'
+
+    doFirst {
+        println "Delegating to :stirling-pdf:bootRun"
+    }
+}
+
+tasks.named('build') {
+    group = 'build'
+    description = 'Delegates to :stirling-pdf:bootJar'
+    dependsOn ':stirling-pdf:bootJar'
+
+    doFirst {
+        println "Delegating to :stirling-pdf:bootJar"
+    }
+}

common/build.gradle

@@ -1,3 +1,13 @@
+// Configure bootRun to disable it or point to a main class
+bootRun {
+    enabled = false
+}
+spotless {
+    java {
+        target sourceSets.main.allJava
+        googleJavaFormat(googleJavaFormatVersion).aosp()
+    }
+}
 dependencies {
     api 'org.springframework.boot:spring-boot-starter-web'
     api 'org.springframework.boot:spring-boot-starter-thymeleaf'

common/src/main/java/org/apache/pdfbox/examples/util/DeletingRandomAccessFile.java

@@ -4,10 +4,8 @@ import java.io.File;
 import java.io.IOException;
 import java.nio.file.Files;
 import java.nio.file.Path;
-
-import org.apache.pdfbox.io.RandomAccessReadBufferedFile;
-
 import lombok.extern.slf4j.Slf4j;
+import org.apache.pdfbox.io.RandomAccessReadBufferedFile;
 
 /** A custom RandomAccessRead implementation that deletes the file when closed */
 @Slf4j

common/src/main/java/stirling/software/common/configuration/AppConfig.java

@@ -1,7 +1,5 @@
 package stirling.software.common.configuration;
 
-import io.github.pixee.security.SystemCommand;
-import jakarta.annotation.PostConstruct;
 import java.io.IOException;
 import java.nio.file.Files;
 import java.nio.file.Path;
@@ -10,25 +8,22 @@ import java.util.List;
 import java.util.Locale;
 import java.util.Properties;
 import java.util.function.Predicate;
-
+import lombok.Getter;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Value;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingClass;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Lazy;
+import org.springframework.context.annotation.Profile;
 import org.springframework.context.annotation.Scope;
 import org.springframework.core.env.Environment;
 import org.springframework.core.io.ClassPathResource;
 import org.springframework.core.io.Resource;
 import org.springframework.core.io.ResourceLoader;
 import org.thymeleaf.spring6.SpringTemplateEngine;
-
-import lombok.Getter;
-import lombok.RequiredArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.model.ApplicationProperties;
 
 @Lazy
@@ -253,9 +248,33 @@ public class AppConfig {
         return applicationProperties.getSystem().getDatasource();
     }
 
+    @Bean(name = "runningProOrHigher")
+    @Profile("default")
+    public boolean runningProOrHigher() {
+        return false;
+    }
+
+    @Bean(name = "runningEE")
+    @Profile("default")
+    public boolean runningEnterprise() {
+        return false;
+    }
+
+    @Bean(name = "GoogleDriveEnabled")
+    @Profile("default")
+    public boolean googleDriveEnabled() {
+        return false;
+    }
+
+    @Bean(name = "license")
+    @Profile("default")
+    public String licenseType() {
+        return "NORMAL";
+    }
+
     @Bean(name = "disablePixel")
     public boolean disablePixel() {
-        return Boolean.getBoolean(env.getProperty("DISABLE_PIXEL"));
+        return Boolean.parseBoolean(env.getProperty("DISABLE_PIXEL", "false"));
     }
 
     @Bean(name = "machineType")

common/src/main/java/stirling/software/common/configuration/ConfigInitializer.java

@@ -10,9 +10,7 @@ import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.nio.file.StandardCopyOption;
 import java.util.List;
-
 import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.util.YamlHelper;
 
 /**

common/src/main/java/stirling/software/common/configuration/FileFallbackTemplateResolver.java

@@ -3,16 +3,13 @@ package stirling.software.common.configuration;
 import java.io.IOException;
 import java.io.InputStream;
 import java.util.Map;
-
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.core.io.Resource;
 import org.springframework.core.io.ResourceLoader;
 import org.thymeleaf.IEngineConfiguration;
 import org.thymeleaf.templateresolver.AbstractConfigurableTemplateResolver;
 import org.thymeleaf.templateresource.FileTemplateResource;
 import org.thymeleaf.templateresource.ITemplateResource;
-
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.model.InputStreamTemplateResource;
 
 @Slf4j

common/src/main/java/stirling/software/common/configuration/InstallationPathConfig.java

@@ -2,7 +2,6 @@ package stirling.software.common.configuration;
 
 import java.io.File;
 import java.nio.file.Paths;
-
 import lombok.extern.slf4j.Slf4j;
 
 @Slf4j

common/src/main/java/stirling/software/common/configuration/PostHogConfig.java

@@ -1,15 +1,12 @@
 package stirling.software.common.configuration;
 
+import com.posthog.java.PostHog;
+import jakarta.annotation.PreDestroy;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 
-import com.posthog.java.PostHog;
-
-import jakarta.annotation.PreDestroy;
-
-import lombok.extern.slf4j.Slf4j;
-
 @Configuration
 @Slf4j
 public class PostHogConfig {

common/src/main/java/stirling/software/common/configuration/PostHogLoggerImpl.java

@@ -1,10 +1,8 @@
 package stirling.software.common.configuration;
 
-import org.springframework.stereotype.Component;
-
 import com.posthog.java.PostHogLogger;
-
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.stereotype.Component;
 
 @Slf4j
 @Component

common/src/main/java/stirling/software/common/configuration/RuntimePathConfig.java

@@ -2,13 +2,10 @@ package stirling.software.common.configuration;
 
 import java.nio.file.Files;
 import java.nio.file.Path;
-
-import org.apache.commons.lang3.StringUtils;
-import org.springframework.context.annotation.Configuration;
-
 import lombok.Getter;
 import lombok.extern.slf4j.Slf4j;
-
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.context.annotation.Configuration;
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.ApplicationProperties.CustomPaths.Operations;
 import stirling.software.common.model.ApplicationProperties.CustomPaths.Pipeline;

common/src/main/java/stirling/software/common/configuration/YamlPropertySourceFactory.java

@@ -1,7 +1,6 @@
 package stirling.software.common.configuration;
 
 import java.util.Properties;
-
 import org.springframework.beans.factory.config.YamlPropertiesFactoryBean;
 import org.springframework.core.env.PropertiesPropertySource;
 import org.springframework.core.env.PropertySource;

common/src/main/java/stirling/software/common/model/ApplicationProperties.java

@@ -12,7 +12,11 @@ import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collection;
 import java.util.List;
-
+import lombok.Data;
+import lombok.Getter;
+import lombok.Setter;
+import lombok.ToString;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.core.Ordered;
@@ -24,13 +28,6 @@ import org.springframework.core.io.FileSystemResource;
 import org.springframework.core.io.Resource;
 import org.springframework.core.io.support.EncodedResource;
 import org.springframework.stereotype.Component;
-
-import lombok.Data;
-import lombok.Getter;
-import lombok.Setter;
-import lombok.ToString;
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.configuration.InstallationPathConfig;
 import stirling.software.common.configuration.YamlPropertySourceFactory;
 import stirling.software.common.model.exception.UnsupportedProviderException;

common/src/main/java/stirling/software/common/model/FileInfo.java

@@ -5,7 +5,6 @@ import java.nio.file.Paths;
 import java.time.LocalDateTime;
 import java.time.format.DateTimeFormatter;
 import java.util.Locale;
-
 import lombok.AllArgsConstructor;
 import lombok.Data;
 

common/src/main/java/stirling/software/common/model/InputStreamTemplateResource.java

@@ -4,7 +4,6 @@ import java.io.IOException;
 import java.io.InputStream;
 import java.io.InputStreamReader;
 import java.io.Reader;
-
 import org.thymeleaf.templateresource.ITemplateResource;
 
 public class InputStreamTemplateResource implements ITemplateResource {

common/src/main/java/stirling/software/common/model/PdfMetadata.java

@@ -1,7 +1,6 @@
 package stirling.software.common.model;
 
 import java.util.Calendar;
-
 import lombok.Builder;
 import lombok.Data;
 

common/src/main/java/stirling/software/common/model/api/GeneralFile.java

@@ -1,11 +1,9 @@
 package stirling.software.common.model.api;
 
-import org.springframework.web.multipart.MultipartFile;
-
 import io.swagger.v3.oas.annotations.media.Schema;
-
 import lombok.Data;
 import lombok.EqualsAndHashCode;
+import org.springframework.web.multipart.MultipartFile;
 
 @Data
 @EqualsAndHashCode

common/src/main/java/stirling/software/common/model/api/PDFFile.java

@@ -1,12 +1,10 @@
 package stirling.software.common.model.api;
 
-import org.springframework.web.multipart.MultipartFile;
-
 import io.swagger.v3.oas.annotations.media.Schema;
-
 import lombok.Data;
 import lombok.EqualsAndHashCode;
 import lombok.NoArgsConstructor;
+import org.springframework.web.multipart.MultipartFile;
 
 @Data
 @NoArgsConstructor

common/src/main/java/stirling/software/common/model/api/converters/HTMLToPdfRequest.java

@@ -1,10 +1,8 @@
 package stirling.software.common.model.api.converters;
 
 import io.swagger.v3.oas.annotations.media.Schema;
-
 import lombok.Data;
 import lombok.EqualsAndHashCode;
-
 import stirling.software.common.model.api.PDFFile;
 
 @Data

common/src/main/java/stirling/software/common/model/api/security/RedactionArea.java

@@ -1,7 +1,6 @@
 package stirling.software.common.model.api.security;
 
 import io.swagger.v3.oas.annotations.media.Schema;
-
 import lombok.Data;
 import lombok.EqualsAndHashCode;
 

common/src/main/java/stirling/software/common/model/enumeration/Role.java

@@ -2,7 +2,6 @@ package stirling.software.common.model.enumeration;
 
 import java.util.LinkedHashMap;
 import java.util.Map;
-
 import lombok.Getter;
 import lombok.RequiredArgsConstructor;
 

common/src/main/java/stirling/software/common/model/oauth2/GitHubProvider.java

@@ -2,9 +2,7 @@ package stirling.software.common.model.oauth2;
 
 import java.util.ArrayList;
 import java.util.Collection;
-
 import lombok.NoArgsConstructor;
-
 import stirling.software.common.model.enumeration.UsernameAttribute;
 
 @NoArgsConstructor

common/src/main/java/stirling/software/common/model/oauth2/GoogleProvider.java

@@ -2,9 +2,7 @@ package stirling.software.common.model.oauth2;
 
 import java.util.ArrayList;
 import java.util.Collection;
-
 import lombok.NoArgsConstructor;
-
 import stirling.software.common.model.enumeration.UsernameAttribute;
 
 @NoArgsConstructor

common/src/main/java/stirling/software/common/model/oauth2/KeycloakProvider.java

@@ -2,9 +2,7 @@ package stirling.software.common.model.oauth2;
 
 import java.util.ArrayList;
 import java.util.Collection;
-
 import lombok.NoArgsConstructor;
-
 import stirling.software.common.model.enumeration.UsernameAttribute;
 
 @NoArgsConstructor

common/src/main/java/stirling/software/common/model/oauth2/Provider.java

@@ -5,10 +5,8 @@ import static stirling.software.common.model.enumeration.UsernameAttribute.EMAIL
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collection;
-
 import lombok.Data;
 import lombok.NoArgsConstructor;
-
 import stirling.software.common.model.enumeration.UsernameAttribute;
 import stirling.software.common.model.exception.UnsupportedClaimException;
 

common/src/main/java/stirling/software/common/service/CustomPDFDocumentFactory.java

@@ -8,7 +8,8 @@ import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.StandardCopyOption;
 import java.util.concurrent.atomic.AtomicLong;
-
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.apache.pdfbox.Loader;
 import org.apache.pdfbox.examples.util.DeletingRandomAccessFile;
 import org.apache.pdfbox.io.IOUtils;
@@ -18,10 +19,6 @@ import org.apache.pdfbox.io.ScratchFile;
 import org.apache.pdfbox.pdmodel.PDDocument;
 import org.springframework.stereotype.Component;
 import org.springframework.web.multipart.MultipartFile;
-
-import lombok.RequiredArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.model.api.PDFFile;
 
 /**

common/src/main/java/stirling/software/common/service/PdfMetadataService.java

@@ -1,12 +1,10 @@
 package stirling.software.common.service;
 
 import java.util.Calendar;
-
 import org.apache.pdfbox.pdmodel.PDDocument;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.stereotype.Service;
-
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.PdfMetadata;
 

common/src/main/java/stirling/software/common/service/PostHogService.java

@@ -1,5 +1,6 @@
 package stirling.software.common.service;
 
+import com.posthog.java.PostHog;
 import java.io.File;
 import java.lang.management.GarbageCollectorMXBean;
 import java.lang.management.ManagementFactory;
@@ -16,15 +17,11 @@ import java.util.HashMap;
 import java.util.Locale;
 import java.util.Map;
 import java.util.TimeZone;
-
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.core.env.Environment;
 import org.springframework.stereotype.Service;
-
-import com.posthog.java.PostHog;
-
 import stirling.software.common.model.ApplicationProperties;
 
 @Service

common/src/main/java/stirling/software/common/util/CheckProgramInstall.java

@@ -3,7 +3,6 @@ package stirling.software.common.util;
 import java.io.IOException;
 import java.util.Arrays;
 import java.util.List;
-
 import stirling.software.common.util.ProcessExecutor.ProcessExecutorResult;
 
 public class CheckProgramInstall {

common/src/main/java/stirling/software/common/util/EmlToPdf.java

@@ -19,7 +19,10 @@ import java.util.Map;
 import java.util.Properties;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
-
+import lombok.Data;
+import lombok.Getter;
+import lombok.experimental.UtilityClass;
+import lombok.extern.slf4j.Slf4j;
 import org.apache.pdfbox.cos.COSDictionary;
 import org.apache.pdfbox.cos.COSName;
 import org.apache.pdfbox.pdmodel.PDDocument;
@@ -35,11 +38,6 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceDictionary;
 import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;
 import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;
-
-import lombok.Data;
-import lombok.Getter;
-import lombok.experimental.UtilityClass;
-import lombok.extern.slf4j.Slf4j;
 import stirling.software.common.model.api.converters.EmlToPdfRequest;
 
 @Slf4j
@@ -49,7 +47,8 @@ public class EmlToPdf {
     private static final class StyleConstants {
         // Font and layout constants
         static final int DEFAULT_FONT_SIZE = 12;
-        static final String DEFAULT_FONT_FAMILY = "-apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, 'Helvetica Neue', Arial, sans-serif";
+        static final String DEFAULT_FONT_FAMILY =
+                "-apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, 'Helvetica Neue', Arial, sans-serif";
         static final float DEFAULT_LINE_HEIGHT = 1.4f;
         static final String DEFAULT_ZOOM = "1.0";
 
@@ -76,7 +75,8 @@ public class EmlToPdf {
     }
 
     private static final class MimeConstants {
-        static final Pattern MIME_ENCODED_PATTERN = Pattern.compile("=\\?([^?]+)\\?([BbQq])\\?([^?]*)\\?=");
+        static final Pattern MIME_ENCODED_PATTERN =
+                Pattern.compile("=\\?([^?]+)\\?([BbQq])\\?([^?]*)\\?=");
         static final String PAPERCLIP_EMOJI = "\uD83D\uDCCE"; // 📎
         static final String ATTACHMENT_ICON_PLACEHOLDER = "icon";
 
@@ -113,7 +113,8 @@ public class EmlToPdf {
         return jakartaMailAvailable;
     }
 
-    public static String convertEmlToHtml(byte[] emlBytes, EmlToPdfRequest request) throws IOException {
+    public static String convertEmlToHtml(byte[] emlBytes, EmlToPdfRequest request)
+            throws IOException {
         validateEmlInput(emlBytes);
 
         if (isJakartaMailAvailable()) {
@@ -147,11 +148,14 @@ public class EmlToPdf {
             }
 
             // Convert HTML to PDF
-            byte[] pdfBytes = convertHtmlToPdf(weasyprintPath, request, htmlContent, disableSanitize);
+            byte[] pdfBytes =
+                    convertHtmlToPdf(weasyprintPath, request, htmlContent, disableSanitize);
 
             // Attach files if available and requested
             if (shouldAttachFiles(emailContent, request)) {
-                pdfBytes = attachFilesToPdf(pdfBytes, emailContent.getAttachments(), pdfDocumentFactory);
+                pdfBytes =
+                        attachFilesToPdf(
+                                pdfBytes, emailContent.getAttachments(), pdfDocumentFactory);
             }
 
             return pdfBytes;
@@ -177,16 +181,20 @@ public class EmlToPdf {
 
     private static boolean shouldAttachFiles(EmailContent emailContent, EmlToPdfRequest request) {
         return emailContent != null
-            && request != null
-            && request.isIncludeAttachments()
-            && !emailContent.getAttachments().isEmpty();
+                && request != null
+                && request.isIncludeAttachments()
+                && !emailContent.getAttachments().isEmpty();
     }
 
-    private static byte[] convertHtmlToPdf(String weasyprintPath, EmlToPdfRequest request,
-                                         String htmlContent, boolean disableSanitize)
+    private static byte[] convertHtmlToPdf(
+            String weasyprintPath,
+            EmlToPdfRequest request,
+            String htmlContent,
+            boolean disableSanitize)
             throws IOException, InterruptedException {
 
-        stirling.software.common.model.api.converters.HTMLToPdfRequest htmlRequest = createHtmlRequest(request);
+        stirling.software.common.model.api.converters.HTMLToPdfRequest htmlRequest =
+                createHtmlRequest(request);
 
         try {
             return FileToPdf.convertHtmlToPdf(
@@ -218,8 +226,7 @@ public class EmlToPdf {
         return "attachment_" + filename.hashCode() + "_" + System.nanoTime();
     }
 
-    private static String convertEmlToHtmlBasic(
-            byte[] emlBytes, EmlToPdfRequest request) {
+    private static String convertEmlToHtmlBasic(byte[] emlBytes, EmlToPdfRequest request) {
         if (emlBytes == null || emlBytes.length == 0) {
             throw new IllegalArgumentException("EML file is empty or null");
         }
@@ -335,7 +342,6 @@ public class EmlToPdf {
             Object message =
                     mimeMessageConstructor.newInstance(session, new ByteArrayInputStream(emlBytes));
 
-
             return extractEmailContentAdvanced(message, request);
 
         } catch (ReflectiveOperationException e) {
@@ -346,8 +352,7 @@ public class EmlToPdf {
         }
     }
 
-    private static String convertEmlToHtmlAdvanced(
-            byte[] emlBytes, EmlToPdfRequest request) {
+    private static String convertEmlToHtmlAdvanced(byte[] emlBytes, EmlToPdfRequest request) {
         EmailContent content = extractEmailContentAdvanced(emlBytes, request);
         return generateEnhancedEmailHtml(content, request);
     }
@@ -479,8 +484,12 @@ public class EmlToPdf {
         // Create attachment info with paperclip emoji before filename
         attachmentInfo
                 .append("<div class=\"attachment-item\">")
-                .append("<span class=\"attachment-icon\">").append(MimeConstants.ATTACHMENT_ICON_PLACEHOLDER).append("</span> ")
-                .append("<span class=\"attachment-name\">").append(escapeHtml(filename)).append("</span>");
+                .append("<span class=\"attachment-icon\">")
+                .append(MimeConstants.ATTACHMENT_ICON_PLACEHOLDER)
+                .append("</span> ")
+                .append("<span class=\"attachment-name\">")
+                .append(escapeHtml(filename))
+                .append("</span>");
 
         // Add content type and encoding info
         if (!contentType.isEmpty() || !encoding.isEmpty()) {
@@ -503,17 +512,20 @@ public class EmlToPdf {
             String content = new String(emlBytes, 0, checkLength, StandardCharsets.UTF_8);
             String lowerContent = content.toLowerCase();
 
-            boolean hasFrom = lowerContent.contains("from:") || lowerContent.contains("return-path:");
+            boolean hasFrom =
+                    lowerContent.contains("from:") || lowerContent.contains("return-path:");
             boolean hasSubject = lowerContent.contains("subject:");
             boolean hasMessageId = lowerContent.contains("message-id:");
             boolean hasDate = lowerContent.contains("date:");
-            boolean hasTo = lowerContent.contains("to:")
-                    || lowerContent.contains("cc:")
-                    || lowerContent.contains("bcc:");
-            boolean hasMimeStructure = lowerContent.contains("multipart/")
-                    || lowerContent.contains("text/plain")
-                    || lowerContent.contains("text/html")
-                    || lowerContent.contains("boundary=");
+            boolean hasTo =
+                    lowerContent.contains("to:")
+                            || lowerContent.contains("cc:")
+                            || lowerContent.contains("bcc:");
+            boolean hasMimeStructure =
+                    lowerContent.contains("multipart/")
+                            || lowerContent.contains("text/plain")
+                            || lowerContent.contains("text/html")
+                            || lowerContent.contains("boundary=");
 
             int headerCount = 0;
             if (hasFrom) headerCount++;
@@ -684,17 +696,19 @@ public class EmlToPdf {
         html.append("  font-size: ").append(fontSize - 1).append("px;\n");
         html.append("}\n\n");
 
-
         html.append(".email-body {\n");
         html.append("  word-wrap: break-word;\n");
         html.append("}\n\n");
 
-
         html.append(".attachment-section {\n");
         html.append("  margin-top: 15px;\n");
         html.append("  padding: 10px;\n");
-        html.append("  background-color: ").append(StyleConstants.ATTACHMENT_BACKGROUND_COLOR).append(";\n");
-        html.append("  border: 1px solid ").append(StyleConstants.ATTACHMENT_BORDER_COLOR).append(";\n");
+        html.append("  background-color: ")
+                .append(StyleConstants.ATTACHMENT_BACKGROUND_COLOR)
+                .append(";\n");
+        html.append("  border: 1px solid ")
+                .append(StyleConstants.ATTACHMENT_BORDER_COLOR)
+                .append(";\n");
         html.append("  border-radius: 3px;\n");
         html.append("}\n\n");
         html.append(".attachment-section h3 {\n");
@@ -746,7 +760,6 @@ public class EmlToPdf {
         html.append("  margin-left: 8px;\n");
         html.append("}\n\n");
 
-
         // Basic image styling: ensure images are responsive but not overly constrained.
         html.append("img {\n");
         html.append("  max-width: 100%;\n"); // Make images responsive to container width
@@ -801,7 +814,9 @@ public class EmlToPdf {
             java.lang.reflect.Method getAllRecipients = messageClass.getMethod("getAllRecipients");
             Object[] recipients = (Object[]) getAllRecipients.invoke(message);
             content.setTo(
-                    recipients != null && recipients.length > 0 ? safeMimeDecode(recipients[0].toString()) : "");
+                    recipients != null && recipients.length > 0
+                            ? safeMimeDecode(recipients[0].toString())
+                            : "");
 
             java.lang.reflect.Method getSentDate = messageClass.getMethod("getSentDate");
             content.setDate((Date) getSentDate.invoke(message));
@@ -908,13 +923,14 @@ public class EmlToPdf {
                                 try {
                                     attachmentData = inputStream.readAllBytes();
                                 } catch (IOException e) {
-                                    log.warn("Failed to read InputStream attachment: {}", e.getMessage());
+                                    log.warn(
+                                            "Failed to read InputStream attachment: {}",
+                                            e.getMessage());
                                 }
                             } else if (attachmentContent instanceof byte[] byteArray) {
                                 attachmentData = byteArray;
                             } else if (attachmentContent instanceof String stringContent) {
-                                attachmentData =
-                                        stringContent.getBytes(StandardCharsets.UTF_8);
+                                attachmentData = stringContent.getBytes(StandardCharsets.UTF_8);
                             }
 
                             if (attachmentData != null) {
@@ -974,7 +990,9 @@ public class EmlToPdf {
         html.append("<div><strong>From:</strong> ")
                 .append(escapeHtml(content.getFrom()))
                 .append("</div>\n");
-        html.append("<div><strong>To:</strong> ").append(escapeHtml(content.getTo())).append("</div>\n");
+        html.append("<div><strong>To:</strong> ")
+                .append(escapeHtml(content.getTo()))
+                .append("</div>\n");
 
         if (content.getDate() != null) {
             html.append("<div><strong>Date:</strong> ")
@@ -1014,15 +1032,20 @@ public class EmlToPdf {
                                     ? attachment.getEmbeddedFilename()
                                     : attachment.getFilename());
 
-                    html.append("<div class=\"attachment-item\" id=\"").append(uniqueId).append("\">")
-                            .append("<span class=\"attachment-icon\">").append(MimeConstants.PAPERCLIP_EMOJI).append("</span> ")
+                    html.append("<div class=\"attachment-item\" id=\"")
+                            .append(uniqueId)
+                            .append("\">")
+                            .append("<span class=\"attachment-icon\">")
+                            .append(MimeConstants.PAPERCLIP_EMOJI)
+                            .append("</span> ")
                             .append("<span class=\"attachment-name\">")
                             .append(escapeHtml(safeMimeDecode(attachment.getFilename())))
                             .append("</span>");
 
                     String sizeStr = formatFileSize(attachment.getSizeBytes());
                     html.append(" <span class=\"attachment-details\">(").append(sizeStr);
-                    if (attachment.getContentType() != null && !attachment.getContentType().isEmpty()) {
+                    if (attachment.getContentType() != null
+                            && !attachment.getContentType().isEmpty()) {
                         html.append(", ").append(escapeHtml(attachment.getContentType()));
                     }
                     html.append(")</span></div>\n");
@@ -1031,8 +1054,7 @@ public class EmlToPdf {
 
             if (request.isIncludeAttachments()) {
                 html.append("<div class=\"attachment-info-note\">\n");
-                html.append(
-                        "<p><em>Attachments are embedded in the file.</em></p>\n");
+                html.append("<p><em>Attachments are embedded in the file.</em></p>\n");
                 html.append("</div>\n");
             } else {
                 html.append("<div class=\"attachment-info-note\">\n");
@@ -1050,7 +1072,10 @@ public class EmlToPdf {
         return html.toString();
     }
 
-    private static byte[] attachFilesToPdf(byte[] pdfBytes, List<EmailAttachment> attachments, stirling.software.common.service.CustomPDFDocumentFactory pdfDocumentFactory)
+    private static byte[] attachFilesToPdf(
+            byte[] pdfBytes,
+            List<EmailAttachment> attachments,
+            stirling.software.common.service.CustomPDFDocumentFactory pdfDocumentFactory)
             throws IOException {
         try (PDDocument document = pdfDocumentFactory.load(pdfBytes);
                 ByteArrayOutputStream outputStream = new ByteArrayOutputStream()) {
@@ -1104,7 +1129,8 @@ public class EmlToPdf {
 
                     // Create embedded file
                     PDEmbeddedFile embeddedFile =
-                            new PDEmbeddedFile(document, new ByteArrayInputStream(attachment.getData()));
+                            new PDEmbeddedFile(
+                                    document, new ByteArrayInputStream(attachment.getData()));
                     embeddedFile.setSize(attachment.getData().length);
                     embeddedFile.setCreationDate(new GregorianCalendar());
                     if (attachment.getContentType() != null) {
@@ -1150,11 +1176,13 @@ public class EmlToPdf {
         }
     }
 
-    private static String getUniqueFilename(String filename, List<String> embeddedFiles, Map<String, PDComplexFileSpecification> efMap) {
+    private static String getUniqueFilename(
+            String filename,
+            List<String> embeddedFiles,
+            Map<String, PDComplexFileSpecification> efMap) {
         String uniqueFilename = filename;
         int counter = 1;
-        while (embeddedFiles.contains(uniqueFilename)
-                || efMap.containsKey(uniqueFilename)) {
+        while (embeddedFiles.contains(uniqueFilename) || efMap.containsKey(uniqueFilename)) {
             String extension = "";
             String baseName = filename;
             int lastDot = filename.lastIndexOf('.');
@@ -1203,8 +1231,8 @@ public class EmlToPdf {
     }
 
     private static void addAttachmentAnnotationToPage(
-        PDDocument document, PDPage page, EmailAttachment attachment, float x, float y)
-        throws IOException {
+            PDDocument document, PDPage page, EmailAttachment attachment, float x, float y)
+            throws IOException {
 
         PDAnnotationFileAttachment fileAnnotation = new PDAnnotationFileAttachment();
 
@@ -1226,11 +1254,12 @@ public class EmlToPdf {
 
         // Set invisibility flags but keep it functional
         fileAnnotation.setInvisible(true);
-        fileAnnotation.setHidden(false);  // Must be false to remain clickable
-        fileAnnotation.setNoView(false);  // Must be false to remain clickable
+        fileAnnotation.setHidden(false); // Must be false to remain clickable
+        fileAnnotation.setNoView(false); // Must be false to remain clickable
         fileAnnotation.setPrinted(false);
 
-        PDEmbeddedFilesNameTreeNode efTree = document.getDocumentCatalog().getNames().getEmbeddedFiles();
+        PDEmbeddedFilesNameTreeNode efTree =
+                document.getDocumentCatalog().getNames().getEmbeddedFiles();
         if (efTree != null) {
             Map<String, PDComplexFileSpecification> efMap = efTree.getNames();
             if (efMap != null) {
@@ -1246,24 +1275,27 @@ public class EmlToPdf {
 
         page.getAnnotations().add(fileAnnotation);
 
-        log.info("Added attachment annotation for '{}' on page {}",
-            attachment.getFilename(), document.getPages().indexOf(page) + 1);
+        log.info(
+                "Added attachment annotation for '{}' on page {}",
+                attachment.getFilename(),
+                document.getPages().indexOf(page) + 1);
     }
 
     private static @NotNull PDRectangle getPdRectangle(PDPage page, float x, float y) {
         PDRectangle mediaBox = page.getMediaBox();
         float pdfY = mediaBox.getHeight() - y;
 
-        float iconWidth = StyleConstants.ATTACHMENT_ICON_WIDTH;  // Keep original size for clickability
-        float iconHeight = StyleConstants.ATTACHMENT_ICON_HEIGHT; // Keep original size for clickability
+        float iconWidth =
+                StyleConstants.ATTACHMENT_ICON_WIDTH; // Keep original size for clickability
+        float iconHeight =
+                StyleConstants.ATTACHMENT_ICON_HEIGHT; // Keep original size for clickability
 
         // Keep the full-size rectangle so it remains clickable
         return new PDRectangle(
-            x + StyleConstants.ANNOTATION_X_OFFSET,
-            pdfY - iconHeight + StyleConstants.ANNOTATION_Y_OFFSET,
-            iconWidth,
-            iconHeight
-        );
+                x + StyleConstants.ANNOTATION_X_OFFSET,
+                pdfY - iconHeight + StyleConstants.ANNOTATION_Y_OFFSET,
+                iconWidth,
+                iconHeight);
     }
 
     private static String formatEmailDate(Date date) {
@@ -1293,23 +1325,27 @@ public class EmlToPdf {
                 COSDictionary catalogDict = catalog.getCOSObject();
 
                 // Set PageMode to UseAttachments - this is the standard PDF specification approach
-                // PageMode values: UseNone, UseOutlines, UseThumbs, FullScreen, UseOC, UseAttachments
+                // PageMode values: UseNone, UseOutlines, UseThumbs, FullScreen, UseOC,
+                // UseAttachments
                 catalogDict.setName(COSName.PAGE_MODE, "UseAttachments");
 
                 // Also set viewer preferences for better attachment viewing experience
-                COSDictionary viewerPrefs = (COSDictionary) catalogDict.getDictionaryObject(COSName.VIEWER_PREFERENCES);
+                COSDictionary viewerPrefs =
+                        (COSDictionary) catalogDict.getDictionaryObject(COSName.VIEWER_PREFERENCES);
                 if (viewerPrefs == null) {
                     viewerPrefs = new COSDictionary();
                     catalogDict.setItem(COSName.VIEWER_PREFERENCES, viewerPrefs);
                 }
 
-                // Set NonFullScreenPageMode to UseAttachments as fallback for viewers that support it
+                // Set NonFullScreenPageMode to UseAttachments as fallback for viewers that support
+                // it
                 viewerPrefs.setName(COSName.getPDFName("NonFullScreenPageMode"), "UseAttachments");
 
                 // Additional viewer preferences that may help with attachment display
                 viewerPrefs.setBoolean(COSName.getPDFName("DisplayDocTitle"), true);
 
-                log.info("Set PDF PageMode to UseAttachments to automatically show attachments pane");
+                log.info(
+                        "Set PDF PageMode to UseAttachments to automatically show attachments pane");
             }
         } catch (Exception e) {
             // Log warning but don't fail the entire operation for viewer preferences
@@ -1391,7 +1427,7 @@ public class EmlToPdf {
                     }
                 }
                 case '_' -> // In RFC 2047, underscore represents space
-                    result.append(' ');
+                        result.append(' ');
                 default -> result.append(c);
             }
         }
@@ -1464,8 +1500,7 @@ public class EmlToPdf {
         private float y;
         private String character;
 
-        public EmojiPosition() {
-        }
+        public EmojiPosition() {}
 
         public EmojiPosition(int pageIndex, float x, float y, String character) {
             this.pageIndex = pageIndex;
@@ -1475,9 +1510,8 @@ public class EmlToPdf {
         }
     }
 
-     public static class EmojiPositionFinder extends org.apache.pdfbox.text.PDFTextStripper {
-        @Getter
-        private final List<EmojiPosition> positions = new ArrayList<>();
+    public static class EmojiPositionFinder extends org.apache.pdfbox.text.PDFTextStripper {
+        @Getter private final List<EmojiPosition> positions = new ArrayList<>();
         private int currentPageIndex;
         private boolean sortByPosition;
         private boolean isInAttachmentSection;
@@ -1503,7 +1537,9 @@ public class EmlToPdf {
         }
 
         @Override
-        protected void writeString(String string, List<org.apache.pdfbox.text.TextPosition> textPositions) throws IOException {
+        protected void writeString(
+                String string, List<org.apache.pdfbox.text.TextPosition> textPositions)
+                throws IOException {
             // Check if we are entering or exiting the attachment section
             String lowerString = string.toLowerCase();
 
@@ -1513,10 +1549,14 @@ public class EmlToPdf {
                 attachmentSectionFound = true;
             }
 
-            // Look for attachment section end markers (common patterns that indicate end of attachments)
-            if (isInAttachmentSection && (lowerString.contains("</body>") ||
-                                         lowerString.contains("</html>") ||
-                                         (attachmentSectionFound && lowerString.trim().isEmpty() && string.length() > 50))) {
+            // Look for attachment section end markers (common patterns that indicate end of
+            // attachments)
+            if (isInAttachmentSection
+                    && (lowerString.contains("</body>")
+                            || lowerString.contains("</html>")
+                            || (attachmentSectionFound
+                                    && lowerString.trim().isEmpty()
+                                    && string.length() > 50))) {
                 isInAttachmentSection = false;
             }
 
@@ -1527,17 +1567,17 @@ public class EmlToPdf {
 
                 for (int i = 0; i < string.length(); i++) {
                     // Check if we have a complete paperclip emoji at this position
-                    if (i < string.length() - 1 &&
-                        string.substring(i, i + 2).equals(paperclipEmoji) &&
-                        i < textPositions.size()) {
+                    if (i < string.length() - 1
+                            && string.substring(i, i + 2).equals(paperclipEmoji)
+                            && i < textPositions.size()) {
 
                         org.apache.pdfbox.text.TextPosition textPosition = textPositions.get(i);
-                        EmojiPosition position = new EmojiPosition(
-                            currentPageIndex,
-                            textPosition.getXDirAdj(),
-                            textPosition.getYDirAdj(),
-                            paperclipEmoji
-                        );
+                        EmojiPosition position =
+                                new EmojiPosition(
+                                        currentPageIndex,
+                                        textPosition.getXDirAdj(),
+                                        textPosition.getYDirAdj(),
+                                        paperclipEmoji);
                         positions.add(position);
                     }
                 }
@@ -1554,7 +1594,6 @@ public class EmlToPdf {
             return sortByPosition;
         }
 
-
         public void reset() {
             positions.clear();
             currentPageIndex = 0;

common/src/main/java/stirling/software/common/util/ErrorUtils.java

@@ -2,7 +2,6 @@ package stirling.software.common.util;
 
 import java.io.PrintWriter;
 import java.io.StringWriter;
-
 import org.springframework.ui.Model;
 import org.springframework.web.servlet.ModelAndView;
 

common/src/main/java/stirling/software/common/util/FileMonitor.java

@@ -11,13 +11,10 @@ import java.util.*;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.function.Predicate;
 import java.util.stream.Stream;
-
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.scheduling.annotation.Scheduled;
 import org.springframework.stereotype.Component;
-
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.configuration.RuntimePathConfig;
 
 @Component

common/src/main/java/stirling/software/common/util/FileToPdf.java

@@ -1,5 +1,6 @@
 package stirling.software.common.util;
 
+import io.github.pixee.security.ZipSecurity;
 import java.io.*;
 import java.nio.charset.StandardCharsets;
 import java.nio.file.FileVisitResult;
@@ -13,9 +14,6 @@ import java.util.stream.Stream;
 import java.util.zip.ZipEntry;
 import java.util.zip.ZipInputStream;
 import java.util.zip.ZipOutputStream;
-
-import io.github.pixee.security.ZipSecurity;
-
 import stirling.software.common.model.api.converters.HTMLToPdfRequest;
 import stirling.software.common.util.ProcessExecutor.ProcessExecutorResult;
 

common/src/main/java/stirling/software/common/util/GeneralUtils.java

@@ -1,5 +1,8 @@
 package stirling.software.common.util;
 
+import com.fathzer.soft.javaluator.DoubleEvaluator;
+import io.github.pixee.security.HostValidator;
+import io.github.pixee.security.Urls;
 import java.io.File;
 import java.io.FileOutputStream;
 import java.io.IOException;
@@ -14,19 +17,11 @@ import java.util.Arrays;
 import java.util.Enumeration;
 import java.util.List;
 import java.util.UUID;
-
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.core.io.Resource;
 import org.springframework.core.io.ResourceLoader;
 import org.springframework.core.io.support.ResourcePatternUtils;
 import org.springframework.web.multipart.MultipartFile;
-
-import com.fathzer.soft.javaluator.DoubleEvaluator;
-
-import io.github.pixee.security.HostValidator;
-import io.github.pixee.security.Urls;
-
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.configuration.InstallationPathConfig;
 
 @Slf4j

common/src/main/java/stirling/software/common/util/ImageProcessingUtils.java

@@ -1,22 +1,18 @@
 package stirling.software.common.util;
 
-import java.awt.geom.AffineTransform;
-import java.awt.image.*;
-import java.io.IOException;
-import java.io.InputStream;
-import java.nio.ByteBuffer;
-
-import javax.imageio.ImageIO;
-
-import org.springframework.web.multipart.MultipartFile;
-
 import com.drew.imaging.ImageMetadataReader;
 import com.drew.imaging.ImageProcessingException;
 import com.drew.metadata.Metadata;
 import com.drew.metadata.MetadataException;
 import com.drew.metadata.exif.ExifSubIFDDirectory;
-
+import java.awt.geom.AffineTransform;
+import java.awt.image.*;
+import java.io.IOException;
+import java.io.InputStream;
+import java.nio.ByteBuffer;
+import javax.imageio.ImageIO;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.web.multipart.MultipartFile;
 
 @Slf4j
 public class ImageProcessingUtils {

common/src/main/java/stirling/software/common/util/PDFToFile.java

@@ -1,5 +1,8 @@
 package stirling.software.common.util;
 
+import com.vladsch.flexmark.html2md.converter.FlexmarkHtmlConverter;
+import com.vladsch.flexmark.util.data.MutableDataSet;
+import io.github.pixee.security.Filenames;
 import java.io.ByteArrayOutputStream;
 import java.io.File;
 import java.io.FileInputStream;
@@ -12,22 +15,14 @@ import java.util.List;
 import java.util.Objects;
 import java.util.zip.ZipEntry;
 import java.util.zip.ZipOutputStream;
-
+import lombok.NoArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.io.FileUtils;
 import org.apache.commons.io.IOUtils;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.multipart.MultipartFile;
-
-import com.vladsch.flexmark.html2md.converter.FlexmarkHtmlConverter;
-import com.vladsch.flexmark.util.data.MutableDataSet;
-
-import io.github.pixee.security.Filenames;
-
-import lombok.NoArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.util.ProcessExecutor.ProcessExecutorResult;
 
 @Slf4j

common/src/main/java/stirling/software/common/util/PdfUtils.java

@@ -1,5 +1,6 @@
 package stirling.software.common.util;
 
+import io.github.pixee.security.Filenames;
 import java.awt.*;
 import java.awt.image.BufferedImage;
 import java.awt.image.RenderedImage;
@@ -10,10 +11,9 @@ import java.util.HashMap;
 import java.util.List;
 import java.util.zip.ZipEntry;
 import java.util.zip.ZipOutputStream;
-
 import javax.imageio.*;
 import javax.imageio.stream.ImageOutputStream;
-
+import lombok.extern.slf4j.Slf4j;
 import org.apache.pdfbox.cos.COSName;
 import org.apache.pdfbox.pdmodel.PDDocument;
 import org.apache.pdfbox.pdmodel.PDPage;
@@ -30,11 +30,6 @@ import org.apache.pdfbox.rendering.ImageType;
 import org.apache.pdfbox.rendering.PDFRenderer;
 import org.apache.pdfbox.text.PDFTextStripper;
 import org.springframework.web.multipart.MultipartFile;
-
-import io.github.pixee.security.Filenames;
-
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.service.CustomPDFDocumentFactory;
 
 @Slf4j

common/src/main/java/stirling/software/common/util/ProcessExecutor.java

@@ -1,5 +1,6 @@
 package stirling.software.common.util;
 
+import io.github.pixee.security.BoundedLineReader;
 import java.io.BufferedReader;
 import java.io.File;
 import java.io.IOException;
@@ -12,11 +13,7 @@ import java.util.Map;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.Semaphore;
 import java.util.concurrent.TimeUnit;
-
-import io.github.pixee.security.BoundedLineReader;
-
 import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.model.ApplicationProperties;
 
 @Slf4j

common/src/main/java/stirling/software/common/util/UrlUtils.java

@@ -1,10 +1,9 @@
 package stirling.software.common.util;
 
+import jakarta.servlet.http.HttpServletRequest;
 import java.io.IOException;
 import java.net.ServerSocket;
 
-import jakarta.servlet.http.HttpServletRequest;
-
 public class UrlUtils {
 
     public static String getOrigin(HttpServletRequest request) {

common/src/main/java/stirling/software/common/util/WebResponseUtils.java

@@ -1,10 +1,10 @@
 package stirling.software.common.util;
 
+import io.github.pixee.security.Filenames;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.net.URLEncoder;
 import java.nio.charset.StandardCharsets;
-
 import org.apache.pdfbox.pdmodel.PDDocument;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
@@ -12,8 +12,6 @@ import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.multipart.MultipartFile;
 
-import io.github.pixee.security.Filenames;
-
 public class WebResponseUtils {
 
     public static ResponseEntity<byte[]> boasToWebResponse(

common/src/main/java/stirling/software/common/util/YamlHelper.java

@@ -13,7 +13,7 @@ import java.util.List;
 import java.util.Optional;
 import java.util.Set;
 import java.util.function.Function;
-
+import lombok.extern.slf4j.Slf4j;
 import org.snakeyaml.engine.v2.api.Dump;
 import org.snakeyaml.engine.v2.api.DumpSettings;
 import org.snakeyaml.engine.v2.api.LoadSettings;
@@ -30,8 +30,6 @@ import org.snakeyaml.engine.v2.nodes.Tag;
 import org.snakeyaml.engine.v2.parser.ParserImpl;
 import org.snakeyaml.engine.v2.scanner.StreamReader;
 
-import lombok.extern.slf4j.Slf4j;
-
 @Slf4j
 public class YamlHelper {
 

common/src/main/java/stirling/software/common/util/misc/CustomColorReplaceStrategy.java

@@ -8,7 +8,7 @@ import java.io.IOException;
 import java.nio.file.Files;
 import java.util.List;
 import java.util.Set;
-
+import lombok.extern.slf4j.Slf4j;
 import org.apache.pdfbox.Loader;
 import org.apache.pdfbox.pdmodel.PDDocument;
 import org.apache.pdfbox.pdmodel.PDPage;
@@ -21,9 +21,6 @@ import org.apache.pdfbox.pdmodel.font.Standard14Fonts;
 import org.apache.pdfbox.text.TextPosition;
 import org.springframework.core.io.InputStreamResource;
 import org.springframework.web.multipart.MultipartFile;
-
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.model.api.misc.HighContrastColorCombination;
 import stirling.software.common.model.api.misc.ReplaceAndInvert;
 

common/src/main/java/stirling/software/common/util/misc/InvertFullColorStrategy.java

@@ -7,9 +7,7 @@ import java.io.ByteArrayOutputStream;
 import java.io.File;
 import java.io.IOException;
 import java.nio.file.Files;
-
 import javax.imageio.ImageIO;
-
 import org.apache.pdfbox.Loader;
 import org.apache.pdfbox.pdmodel.PDDocument;
 import org.apache.pdfbox.pdmodel.PDPage;
@@ -18,7 +16,6 @@ import org.apache.pdfbox.pdmodel.graphics.image.PDImageXObject;
 import org.apache.pdfbox.rendering.PDFRenderer;
 import org.springframework.core.io.InputStreamResource;
 import org.springframework.web.multipart.MultipartFile;
-
 import stirling.software.common.model.api.misc.ReplaceAndInvert;
 
 public class InvertFullColorStrategy extends ReplaceAndInvertColorStrategy {

common/src/main/java/stirling/software/common/util/misc/PdfTextStripperCustom.java

@@ -3,7 +3,6 @@ package stirling.software.common.util.misc;
 import java.awt.geom.Rectangle2D;
 import java.io.IOException;
 import java.util.List;
-
 import org.apache.pdfbox.pdmodel.PDPage;
 import org.apache.pdfbox.text.PDFTextStripperByArea;
 import org.apache.pdfbox.text.TextPosition;

common/src/main/java/stirling/software/common/util/misc/ReplaceAndInvertColorStrategy.java

@@ -1,13 +1,10 @@
 package stirling.software.common.util.misc;
 
 import java.io.IOException;
-
-import org.springframework.core.io.InputStreamResource;
-import org.springframework.web.multipart.MultipartFile;
-
 import lombok.Data;
 import lombok.EqualsAndHashCode;
-
+import org.springframework.core.io.InputStreamResource;
+import org.springframework.web.multipart.MultipartFile;
 import stirling.software.common.model.api.PDFFile;
 import stirling.software.common.model.api.misc.ReplaceAndInvert;
 

common/src/main/java/stirling/software/common/util/propertyeditor/StringToArrayListPropertyEditor.java

@@ -1,15 +1,12 @@
 package stirling.software.common.util.propertyeditor;
 
-import java.beans.PropertyEditorSupport;
-import java.util.ArrayList;
-import java.util.List;
-
 import com.fasterxml.jackson.core.type.TypeReference;
 import com.fasterxml.jackson.databind.DeserializationFeature;
 import com.fasterxml.jackson.databind.ObjectMapper;
-
+import java.beans.PropertyEditorSupport;
+import java.util.ArrayList;
+import java.util.List;
 import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.model.api.security.RedactionArea;
 
 @Slf4j

common/src/main/java/stirling/software/common/util/propertyeditor/StringToMapPropertyEditor.java

@@ -1,11 +1,10 @@
 package stirling.software.common.util.propertyeditor;
 
-import java.beans.PropertyEditorSupport;
-import java.util.HashMap;
-import java.util.Map;
-
 import com.fasterxml.jackson.core.type.TypeReference;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import java.beans.PropertyEditorSupport;
+import java.util.HashMap;
+import java.util.Map;
 
 public class StringToMapPropertyEditor extends PropertyEditorSupport {
 

proprietary/build.gradle

@@ -1,7 +1,15 @@
 repositories {
     maven { url = "https://build.shibboleth.net/maven/releases" }
 }
-
+bootRun {
+    enabled = false
+}
+spotless {
+    java {
+        target sourceSets.main.allJava
+        googleJavaFormat(googleJavaFormatVersion).aosp()
+    }
+}
 dependencies {
     implementation project(':common')
 
@@ -15,17 +23,17 @@ dependencies {
     api 'org.springframework.boot:spring-boot-starter-data-jpa'
     api 'org.springframework.boot:spring-boot-starter-oauth2-client'
     api 'org.springframework.boot:spring-boot-starter-mail'
-    api 'io.swagger.core.v3:swagger-core-jakarta:2.2.30'
+    api 'io.swagger.core.v3:swagger-core-jakarta:2.2.32'
     implementation 'com.bucket4j:bucket4j_jdk17-core:8.14.0'
 
     // https://mvnrepository.com/artifact/com.bucket4j/bucket4j_jdk17
-    implementation 'org.bouncycastle:bcprov-jdk18on:1.80'
+    implementation 'org.bouncycastle:bcprov-jdk18on:1.81'
 
     implementation 'org.thymeleaf.extras:thymeleaf-extras-springsecurity5:3.1.3.RELEASE'
     api 'io.micrometer:micrometer-registry-prometheus'
     implementation 'com.unboundid.product.scim2:scim2-sdk-client:2.3.5'
     runtimeOnly 'com.h2database:h2:2.3.232' // Don't upgrade h2database
-    runtimeOnly 'org.postgresql:postgresql:42.7.5'
+    runtimeOnly 'org.postgresql:postgresql:42.7.7'
     constraints {
         implementation "org.opensaml:opensaml-core:$openSamlVersion"
         implementation "org.opensaml:opensaml-saml-api:$openSamlVersion"

proprietary/src/main/java/stirling/software/proprietary/model/Team.java

@@ -0,0 +1,41 @@
+package stirling.software.proprietary.model;
+
+import jakarta.persistence.*;
+import java.io.Serializable;
+import java.util.HashSet;
+import java.util.Set;
+import lombok.*;
+import stirling.software.proprietary.security.model.User;
+
+@Entity
+@Table(name = "teams")
+@NoArgsConstructor
+@Getter
+@Setter
+@EqualsAndHashCode(onlyExplicitlyIncluded = true)
+@ToString(onlyExplicitlyIncluded = true)
+public class Team implements Serializable {
+
+    private static final long serialVersionUID = 1L;
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    @Column(name = "team_id")
+    private Long id;
+
+    @Column(name = "name", unique = true, nullable = false)
+    private String name;
+
+    @OneToMany(mappedBy = "team", cascade = CascadeType.ALL, orphanRemoval = true)
+    private Set<User> users = new HashSet<>();
+
+    public void addUser(User user) {
+        users.add(user);
+        user.setTeam(this);
+    }
+
+    public void removeUser(User user) {
+        users.remove(user);
+        user.setTeam(null);
+    }
+}

proprietary/src/main/java/stirling/software/proprietary/model/dto/TeamWithUserCountDTO.java

@@ -0,0 +1,19 @@
+package stirling.software.proprietary.model.dto;
+
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@NoArgsConstructor
+public class TeamWithUserCountDTO {
+    private Long id;
+    private String name;
+    private Long userCount;
+
+    // Constructor for JPQL projection
+    public TeamWithUserCountDTO(Long id, String name, Long userCount) {
+        this.id = id;
+        this.name = name;
+        this.userCount = userCount;
+    }
+}

proprietary/src/main/java/stirling/software/proprietary/security/CustomAuthenticationFailureHandler.java

@@ -1,8 +1,11 @@
 package stirling.software.proprietary.security;
 
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.util.Optional;
-
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.DisabledException;
 import org.springframework.security.authentication.InternalAuthenticationServiceException;
@@ -10,13 +13,6 @@ import org.springframework.security.authentication.LockedException;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
-
-import jakarta.servlet.ServletException;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.proprietary.security.model.User;
 import stirling.software.proprietary.security.service.LoginAttemptService;
 import stirling.software.proprietary.security.service.UserService;

proprietary/src/main/java/stirling/software/proprietary/security/CustomAuthenticationSuccessHandler.java

@@ -1,18 +1,14 @@
 package stirling.software.proprietary.security;
 
-import java.io.IOException;
-
-import org.springframework.security.core.Authentication;
-import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
-import org.springframework.security.web.savedrequest.SavedRequest;
-
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import jakarta.servlet.http.HttpSession;
-
+import java.io.IOException;
 import lombok.extern.slf4j.Slf4j;
-
+import org.springframework.security.core.Authentication;
+import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
+import org.springframework.security.web.savedrequest.SavedRequest;
 import stirling.software.common.util.RequestUriUtils;
 import stirling.software.proprietary.security.service.LoginAttemptService;
 import stirling.software.proprietary.security.service.UserService;

proprietary/src/main/java/stirling/software/proprietary/security/CustomLogoutSuccessHandler.java

@@ -1,27 +1,22 @@
 package stirling.software.proprietary.security;
 
+import com.coveo.saml.SamlClient;
+import com.coveo.saml.SamlException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.security.cert.X509Certificate;
 import java.security.interfaces.RSAPrivateKey;
 import java.util.ArrayList;
 import java.util.List;
-
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.core.io.Resource;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
 import org.springframework.security.saml2.provider.service.authentication.Saml2Authentication;
 import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler;
-
-import com.coveo.saml.SamlClient;
-import com.coveo.saml.SamlException;
-
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-import lombok.RequiredArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.configuration.AppConfig;
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.ApplicationProperties.Security.OAUTH2;

proprietary/src/main/java/stirling/software/proprietary/security/InitialSecuritySetup.java

@@ -1,19 +1,20 @@
 package stirling.software.proprietary.security;
 
-import java.sql.SQLException;
-import java.util.UUID;
-
-import org.springframework.stereotype.Component;
-
 import jakarta.annotation.PostConstruct;
-
+import java.sql.SQLException;
+import java.util.List;
+import java.util.Optional;
+import java.util.UUID;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
-
+import org.springframework.stereotype.Component;
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.enumeration.Role;
 import stirling.software.common.model.exception.UnsupportedProviderException;
+import stirling.software.proprietary.model.Team;
+import stirling.software.proprietary.security.model.User;
 import stirling.software.proprietary.security.service.DatabaseServiceInterface;
+import stirling.software.proprietary.security.service.TeamService;
 import stirling.software.proprietary.security.service.UserService;
 
 @Slf4j
@@ -22,9 +23,8 @@ import stirling.software.proprietary.security.service.UserService;
 public class InitialSecuritySetup {
 
     private final UserService userService;
-
+    private final TeamService teamService;
     private final ApplicationProperties applicationProperties;
-
     private final DatabaseServiceInterface databaseService;
 
     @PostConstruct
@@ -40,6 +40,7 @@ public class InitialSecuritySetup {
             }
 
             userService.migrateOauth2ToSSO();
+            assignUsersToDefaultTeamIfMissing();
             initializeInternalApiUser();
         } catch (IllegalArgumentException | SQLException | UnsupportedProviderException e) {
             log.error("Failed to initialize security setup.", e);
@@ -47,6 +48,24 @@ public class InitialSecuritySetup {
         }
     }
 
+    private void assignUsersToDefaultTeamIfMissing() {
+        Team defaultTeam = teamService.getOrCreateDefaultTeam();
+        Team internalTeam = teamService.getOrCreateInternalTeam();
+        List<User> usersWithoutTeam = userService.getUsersWithoutTeam();
+
+        for (User user : usersWithoutTeam) {
+            if (user.getUsername().equalsIgnoreCase(Role.INTERNAL_API_USER.getRoleId())) {
+                user.setTeam(internalTeam);
+            } else {
+                user.setTeam(defaultTeam);
+            }
+        }
+
+        userService.saveAll(usersWithoutTeam); // batch save
+        log.info(
+                "Assigned {} user(s) without a team to the default team.", usersWithoutTeam.size());
+    }
+
     private void initializeAdminUser() throws SQLException, UnsupportedProviderException {
         String initialUsername =
                 applicationProperties.getSecurity().getInitialLogin().getUsername();
@@ -58,7 +77,9 @@ public class InitialSecuritySetup {
                 && !initialPassword.isEmpty()
                 && userService.findByUsernameIgnoreCase(initialUsername).isEmpty()) {
 
-            userService.saveUser(initialUsername, initialPassword, Role.ADMIN.getRoleId());
+            Team team = teamService.getOrCreateDefaultTeam();
+            userService.saveUser(
+                    initialUsername, initialPassword, team, Role.ADMIN.getRoleId(), false);
             log.info("Admin user created: {}", initialUsername);
         } else {
             createDefaultAdminUser();
@@ -70,7 +91,9 @@ public class InitialSecuritySetup {
         String defaultPassword = "stirling";
 
         if (userService.findByUsernameIgnoreCase(defaultUsername).isEmpty()) {
-            userService.saveUser(defaultUsername, defaultPassword, Role.ADMIN.getRoleId(), true);
+            Team team = teamService.getOrCreateDefaultTeam();
+            userService.saveUser(
+                    defaultUsername, defaultPassword, team, Role.ADMIN.getRoleId(), true);
             log.info("Default admin user created: {}", defaultUsername);
         }
     }
@@ -78,12 +101,29 @@ public class InitialSecuritySetup {
     private void initializeInternalApiUser()
             throws IllegalArgumentException, SQLException, UnsupportedProviderException {
         if (!userService.usernameExistsIgnoreCase(Role.INTERNAL_API_USER.getRoleId())) {
+            Team team = teamService.getOrCreateInternalTeam();
             userService.saveUser(
                     Role.INTERNAL_API_USER.getRoleId(),
                     UUID.randomUUID().toString(),
-                    Role.INTERNAL_API_USER.getRoleId());
+                    team,
+                    Role.INTERNAL_API_USER.getRoleId(),
+                    false);
             userService.addApiKeyToUser(Role.INTERNAL_API_USER.getRoleId());
             log.info("Internal API user created: {}", Role.INTERNAL_API_USER.getRoleId());
+        } else {
+            Optional<User> internalApiUserOpt =
+                    userService.findByUsernameIgnoreCase(Role.INTERNAL_API_USER.getRoleId());
+            if (internalApiUserOpt.isPresent()) {
+                User internalApiUser = internalApiUserOpt.get();
+                // move to team internal API user
+                if (!internalApiUser.getTeam().getName().equals(TeamService.INTERNAL_TEAM_NAME)) {
+                    log.info(
+                            "Moving internal API user to team: {}", TeamService.INTERNAL_TEAM_NAME);
+                    Team internalTeam = teamService.getOrCreateInternalTeam();
+
+                    userService.changeUserTeam(internalApiUser, internalTeam);
+                }
+            }
         }
         userService.syncCustomApiUser(applicationProperties.getSecurity().getCustomGlobalAPIKey());
     }

proprietary/src/main/java/stirling/software/proprietary/security/RateLimitResetScheduler.java

@@ -1,10 +1,8 @@
 package stirling.software.proprietary.security;
 
+import lombok.RequiredArgsConstructor;
 import org.springframework.scheduling.annotation.Scheduled;
 import org.springframework.stereotype.Component;
-
-import lombok.RequiredArgsConstructor;
-
 import stirling.software.proprietary.security.filter.IPRateLimitingFilter;
 
 @Component

proprietary/src/main/java/stirling/software/proprietary/security/config/AccountWebController.java

@@ -1,7 +1,11 @@
-package stirling.software.proprietary.security.controller.web;
+package stirling.software.proprietary.security.config;
 
 import static stirling.software.common.util.ProviderUtils.validateProvider;
 
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import io.swagger.v3.oas.annotations.tags.Tag;
+import jakarta.servlet.http.HttpServletRequest;
 import java.time.Instant;
 import java.time.temporal.ChronoUnit;
 import java.util.Date;
@@ -10,7 +14,7 @@ import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
 import java.util.Optional;
-
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.core.Authentication;
@@ -19,16 +23,6 @@ import org.springframework.security.oauth2.core.user.OAuth2User;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.GetMapping;
-
-import com.fasterxml.jackson.core.JsonProcessingException;
-import com.fasterxml.jackson.databind.ObjectMapper;
-
-import io.swagger.v3.oas.annotations.tags.Tag;
-
-import jakarta.servlet.http.HttpServletRequest;
-
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.ApplicationProperties.Security;
 import stirling.software.common.model.ApplicationProperties.Security.OAUTH2;
@@ -38,11 +32,14 @@ import stirling.software.common.model.enumeration.Role;
 import stirling.software.common.model.oauth2.GitHubProvider;
 import stirling.software.common.model.oauth2.GoogleProvider;
 import stirling.software.common.model.oauth2.KeycloakProvider;
+import stirling.software.proprietary.model.Team;
 import stirling.software.proprietary.security.database.repository.UserRepository;
 import stirling.software.proprietary.security.model.Authority;
 import stirling.software.proprietary.security.model.SessionEntity;
 import stirling.software.proprietary.security.model.User;
+import stirling.software.proprietary.security.repository.TeamRepository;
 import stirling.software.proprietary.security.saml2.CustomSaml2AuthenticatedPrincipal;
+import stirling.software.proprietary.security.service.TeamService;
 import stirling.software.proprietary.security.session.SessionPersistentRegistry;
 
 @Controller
@@ -57,16 +54,19 @@ public class AccountWebController {
     // Assuming you have a repository for user operations
     private final UserRepository userRepository;
     private final boolean runningEE;
+    private final TeamRepository teamRepository;
 
     public AccountWebController(
             ApplicationProperties applicationProperties,
             SessionPersistentRegistry sessionPersistentRegistry,
             UserRepository userRepository,
+            TeamRepository teamRepository,
             @Qualifier("runningEE") boolean runningEE) {
         this.applicationProperties = applicationProperties;
         this.sessionPersistentRegistry = sessionPersistentRegistry;
         this.userRepository = userRepository;
         this.runningEE = runningEE;
+        this.teamRepository = teamRepository;
     }
 
     @GetMapping("/login")
@@ -210,7 +210,7 @@ public class AccountWebController {
     @GetMapping("/adminSettings")
     public String showAddUserForm(
             HttpServletRequest request, Model model, Authentication authentication) {
-        List<User> allUsers = userRepository.findAll();
+        List<User> allUsers = userRepository.findAllWithTeam();
         Iterator<User> iterator = allUsers.iterator();
         Map<String, String> roleDetails = Role.getAllRoleDetails();
         // Map to store session information and user activity status
@@ -221,14 +221,28 @@ public class AccountWebController {
         while (iterator.hasNext()) {
             User user = iterator.next();
             if (user != null) {
+                boolean shouldRemove = false;
+
+                // Check if user is an INTERNAL_API_USER
                 for (Authority authority : user.getAuthorities()) {
                     if (authority.getAuthority().equals(Role.INTERNAL_API_USER.getRoleId())) {
-                        iterator.remove();
+                        shouldRemove = true;
                         roleDetails.remove(Role.INTERNAL_API_USER.getRoleId());
-                        // Break out of the inner loop once the user is removed
                         break;
                     }
                 }
+
+                // Also check if user is part of the Internal team
+                if (user.getTeam() != null
+                        && user.getTeam().getName().equals(TeamService.INTERNAL_TEAM_NAME)) {
+                    shouldRemove = true;
+                }
+
+                // Remove the user if either condition is true
+                if (shouldRemove) {
+                    iterator.remove();
+                    continue;
+                }
                 // Determine the user's session status and last request time
                 int maxInactiveInterval = sessionPersistentRegistry.getMaxInactiveInterval();
                 boolean hasActiveSession = false;
@@ -331,6 +345,19 @@ public class AccountWebController {
         model.addAttribute("activeUsers", activeUsers);
         model.addAttribute("disabledUsers", disabledUsers);
 
+        // Get all teams but filter out the Internal team
+        List<Team> allTeams =
+                teamRepository.findAll().stream()
+                        .filter(
+                                team ->
+                                        !team.getName()
+                                                .equals(
+                                                        stirling.software.proprietary.security
+                                                                .service.TeamService
+                                                                .INTERNAL_TEAM_NAME))
+                        .toList();
+        model.addAttribute("teams", allTeams);
+
         model.addAttribute("maxPaidUsers", applicationProperties.getPremium().getMaxUsers());
         return "adminSettings";
     }

proprietary/src/main/java/stirling/software/proprietary/security/config/PremiumEndpoint.java

@@ -0,0 +1,11 @@
+package stirling.software.proprietary.security.config;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/** Annotation to mark endpoints that require a Pro or higher license. */
+@Target({ElementType.METHOD, ElementType.TYPE})
+@Retention(RetentionPolicy.RUNTIME)
+public @interface PremiumEndpoint {}

proprietary/src/main/java/stirling/software/proprietary/security/config/PremiumEndpointAspect.java

@@ -0,0 +1,30 @@
+package stirling.software.proprietary.security.config;
+
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.http.HttpStatus;
+import org.springframework.stereotype.Component;
+import org.springframework.web.server.ResponseStatusException;
+
+@Aspect
+@Component
+public class PremiumEndpointAspect {
+
+    private final boolean runningProOrHigher;
+
+    public PremiumEndpointAspect(@Qualifier("runningProOrHigher") boolean runningProOrHigher) {
+        this.runningProOrHigher = runningProOrHigher;
+    }
+
+    @Around(
+            "@annotation(stirling.software.proprietary.security.config.PremiumEndpoint) || @within(stirling.software.proprietary.security.config.PremiumEndpoint)")
+    public Object checkPremiumAccess(ProceedingJoinPoint joinPoint) throws Throwable {
+        if (!runningProOrHigher) {
+            throw new ResponseStatusException(
+                    HttpStatus.FORBIDDEN, "This endpoint requires a Pro or higher license");
+        }
+        return joinPoint.proceed();
+    }
+}

proprietary/src/main/java/stirling/software/proprietary/security/configuration/DatabaseConfig.java

@@ -1,7 +1,8 @@
 package stirling.software.proprietary.security.configuration;
 
 import javax.sql.DataSource;
-
+import lombok.Getter;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnBooleanProperty;
 import org.springframework.boot.autoconfigure.domain.EntityScan;
@@ -9,11 +10,8 @@ import org.springframework.boot.jdbc.DataSourceBuilder;
 import org.springframework.boot.jdbc.DatabaseDriver;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Primary;
 import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
-
-import lombok.Getter;
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.configuration.InstallationPathConfig;
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.exception.UnsupportedProviderException;
@@ -21,8 +19,12 @@ import stirling.software.common.model.exception.UnsupportedProviderException;
 @Slf4j
 @Getter
 @Configuration
-@EnableJpaRepositories(basePackages = "stirling.software.proprietary.security.database.repository")
-@EntityScan({"stirling.software.proprietary.security.model"})
+@EnableJpaRepositories(
+        basePackages = {
+            "stirling.software.proprietary.security.database.repository",
+            "stirling.software.proprietary.security.repository"
+        })
+@EntityScan({"stirling.software.proprietary.security.model", "stirling.software.proprietary.model"})
 public class DatabaseConfig {
 
     public final String DATASOURCE_DEFAULT_URL;
@@ -55,6 +57,7 @@ public class DatabaseConfig {
      */
     @Bean
     @Qualifier("dataSource")
+    @Primary
     public DataSource dataSource() throws UnsupportedProviderException {
         DataSourceBuilder<?> dataSourceBuilder = DataSourceBuilder.create();
 

proprietary/src/main/java/stirling/software/proprietary/security/configuration/MailConfig.java

@@ -1,16 +1,13 @@
 package stirling.software.proprietary.security.configuration;
 
 import java.util.Properties;
-
+import lombok.AllArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.mail.javamail.JavaMailSender;
 import org.springframework.mail.javamail.JavaMailSenderImpl;
-
-import lombok.AllArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.model.ApplicationProperties;
 
 /**

proprietary/src/main/java/stirling/software/proprietary/security/configuration/SecurityConfiguration.java

@@ -1,7 +1,7 @@
 package stirling.software.proprietary.security.configuration;
 
 import java.util.Optional;
-
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.context.annotation.Bean;
@@ -27,9 +27,6 @@ import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
 import org.springframework.security.web.csrf.CsrfTokenRequestAttributeHandler;
 import org.springframework.security.web.savedrequest.NullRequestCache;
 import org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher;
-
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.configuration.AppConfig;
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.proprietary.security.CustomAuthenticationFailureHandler;

proprietary/src/main/java/stirling/software/proprietary/security/configuration/ee/EEAppConfig.java

@@ -2,12 +2,12 @@ package stirling.software.proprietary.security.configuration.ee;
 
 import static stirling.software.proprietary.security.configuration.ee.KeygenLicenseVerifier.License;
 
-import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Primary;
+import org.springframework.context.annotation.Profile;
 import org.springframework.core.Ordered;
 import org.springframework.core.annotation.Order;
-
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.ApplicationProperties.EnterpriseEdition;
 import stirling.software.common.model.ApplicationProperties.Premium;
@@ -28,18 +28,23 @@ public class EEAppConfig {
         migrateEnterpriseSettingsToPremium(this.applicationProperties);
     }
 
+    @Profile("security")
     @Bean(name = "runningProOrHigher")
-    @Qualifier("runningProOrHigher")
+    @Primary
     public boolean runningProOrHigher() {
         return licenseKeyChecker.getPremiumLicenseEnabledResult() != License.NORMAL;
     }
 
+    @Profile("security")
     @Bean(name = "license")
+    @Primary
     public String licenseType() {
         return licenseKeyChecker.getPremiumLicenseEnabledResult().name();
     }
 
+    @Profile("security")
     @Bean(name = "runningEE")
+    @Primary
     public boolean runningEnterprise() {
         return licenseKeyChecker.getPremiumLicenseEnabledResult() == License.ENTERPRISE;
     }
@@ -49,7 +54,9 @@ public class EEAppConfig {
         return applicationProperties.getPremium().getProFeatures().isSsoAutoLogin();
     }
 
+    @Profile("security")
     @Bean(name = "GoogleDriveEnabled")
+    @Primary
     public boolean googleDriveEnabled() {
         return runningProOrHigher()
                 && applicationProperties.getPremium().getProFeatures().getGoogleDrive().isEnabled();
@@ -73,9 +80,9 @@ public class EEAppConfig {
 
         // Copy the license key if it's set in enterprise but not in premium
         if (premium.getKey() == null
-                || premium.getKey().equals("00000000-0000-0000-0000-000000000000")) {
+                || "00000000-0000-0000-0000-000000000000".equals(premium.getKey())) {
             if (enterpriseEdition.getKey() != null
-                    && !enterpriseEdition.getKey().equals("00000000-0000-0000-0000-000000000000")) {
+                    && !"00000000-0000-0000-0000-000000000000".equals(enterpriseEdition.getKey())) {
                 premium.setKey(enterpriseEdition.getKey());
             }
         }

proprietary/src/main/java/stirling/software/proprietary/security/configuration/ee/KeygenLicenseVerifier.java

@@ -1,24 +1,20 @@
 package stirling.software.proprietary.security.configuration.ee;
 
-import java.net.URI;
-import java.net.http.HttpClient;
-import java.net.http.HttpRequest;
-import java.net.http.HttpResponse;
-import java.util.Base64;
-
-import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters;
-import org.bouncycastle.crypto.signers.Ed25519Signer;
-import org.bouncycastle.util.encoders.Hex;
-import org.springframework.stereotype.Service;
-
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.posthog.java.shaded.org.json.JSONException;
 import com.posthog.java.shaded.org.json.JSONObject;
-
+import java.net.URI;
+import java.net.http.HttpClient;
+import java.net.http.HttpRequest;
+import java.net.http.HttpResponse;
+import java.util.Base64;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
-
+import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters;
+import org.bouncycastle.crypto.signers.Ed25519Signer;
+import org.bouncycastle.util.encoders.Hex;
+import org.springframework.stereotype.Service;
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.util.GeneralUtils;
 

proprietary/src/main/java/stirling/software/proprietary/security/configuration/ee/LicenseKeyChecker.java

@@ -4,12 +4,9 @@ import java.io.IOException;
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;
-
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.scheduling.annotation.Scheduled;
 import org.springframework.stereotype.Component;
-
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.util.GeneralUtils;
 import stirling.software.proprietary.security.configuration.ee.KeygenLicenseVerifier.License;

proprietary/src/main/java/stirling/software/proprietary/security/controller/api/DatabaseController.java

@@ -1,12 +1,17 @@
 package stirling.software.proprietary.security.controller.api;
 
+import io.swagger.v3.oas.annotations.Hidden;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.Parameter;
+import io.swagger.v3.oas.annotations.tags.Tag;
 import java.io.IOException;
 import java.io.InputStream;
 import java.net.URI;
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.StandardCopyOption;
-
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.eclipse.jetty.http.HttpStatus;
 import org.springframework.context.annotation.Conditional;
 import org.springframework.core.io.InputStreamResource;
@@ -18,15 +23,6 @@ import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
 import org.springframework.web.servlet.mvc.support.RedirectAttributes;
-
-import io.swagger.v3.oas.annotations.Hidden;
-import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.v3.oas.annotations.Parameter;
-import io.swagger.v3.oas.annotations.tags.Tag;
-
-import lombok.RequiredArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.proprietary.security.database.H2SQLCondition;
 import stirling.software.proprietary.security.service.DatabaseService;
 

proprietary/src/main/java/stirling/software/proprietary/security/controller/api/EmailController.java

@@ -1,5 +1,11 @@
 package stirling.software.proprietary.security.controller.api;
 
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.tags.Tag;
+import jakarta.mail.MessagingException;
+import jakarta.validation.Valid;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
@@ -8,16 +14,6 @@ import org.springframework.web.bind.annotation.ModelAttribute;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
-
-import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.v3.oas.annotations.tags.Tag;
-
-import jakarta.mail.MessagingException;
-import jakarta.validation.Valid;
-
-import lombok.RequiredArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.proprietary.security.model.api.Email;
 import stirling.software.proprietary.security.service.EmailService;
 

proprietary/src/main/java/stirling/software/proprietary/security/controller/api/TeamController.java

@@ -0,0 +1,126 @@
+package stirling.software.proprietary.security.controller.api;
+
+import io.swagger.v3.oas.annotations.tags.Tag;
+import jakarta.transaction.Transactional;
+import java.util.Optional;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.*;
+import org.springframework.web.servlet.view.RedirectView;
+import stirling.software.proprietary.model.Team;
+import stirling.software.proprietary.security.config.PremiumEndpoint;
+import stirling.software.proprietary.security.database.repository.UserRepository;
+import stirling.software.proprietary.security.model.User;
+import stirling.software.proprietary.security.repository.TeamRepository;
+import stirling.software.proprietary.security.service.TeamService;
+
+@Controller
+@RequestMapping("/api/v1/team")
+@Tag(name = "Team", description = "Team Management APIs")
+@Slf4j
+@RequiredArgsConstructor
+@PremiumEndpoint
+public class TeamController {
+
+    private final TeamRepository teamRepository;
+    private final UserRepository userRepository;
+
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
+    @PostMapping("/create")
+    public RedirectView createTeam(@RequestParam("name") String name) {
+        if (teamRepository.existsByNameIgnoreCase(name)) {
+            return new RedirectView("/adminSettings?messageType=teamExists");
+        }
+        Team team = new Team();
+        team.setName(name);
+        teamRepository.save(team);
+        return new RedirectView("/adminSettings?messageType=teamCreated");
+    }
+
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
+    @PostMapping("/rename")
+    public RedirectView renameTeam(
+            @RequestParam("teamId") Long teamId, @RequestParam("newName") String newName) {
+        Optional<Team> existing = teamRepository.findById(teamId);
+        if (existing.isEmpty()) {
+            return new RedirectView("/adminSettings?messageType=teamNotFound");
+        }
+        if (teamRepository.existsByNameIgnoreCase(newName)) {
+            return new RedirectView("/adminSettings?messageType=teamNameExists");
+        }
+        Team team = existing.get();
+
+        // Prevent renaming the Internal team
+        if (team.getName().equals(TeamService.INTERNAL_TEAM_NAME)) {
+            return new RedirectView("/adminSettings?messageType=internalTeamNotAccessible");
+        }
+
+        team.setName(newName);
+        teamRepository.save(team);
+        return new RedirectView("/adminSettings?messageType=teamRenamed");
+    }
+
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
+    @PostMapping("/delete")
+    @Transactional
+    public RedirectView deleteTeam(@RequestParam("teamId") Long teamId) {
+        Optional<Team> teamOpt = teamRepository.findById(teamId);
+        if (teamOpt.isEmpty()) {
+            return new RedirectView("/adminSettings?messageType=teamNotFound");
+        }
+
+        Team team = teamOpt.get();
+
+        // Prevent deleting the Internal team
+        if (team.getName().equals(TeamService.INTERNAL_TEAM_NAME)) {
+            return new RedirectView("/adminSettings?messageType=internalTeamNotAccessible");
+        }
+
+        long memberCount = userRepository.countByTeam(team);
+        if (memberCount > 0) {
+            return new RedirectView("/adminSettings?messageType=teamHasUsers");
+        }
+
+        teamRepository.delete(team);
+        return new RedirectView("/adminSettings?messageType=teamDeleted");
+    }
+
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
+    @PostMapping("/addUser")
+    @Transactional
+    public RedirectView addUserToTeam(
+            @RequestParam("teamId") Long teamId, @RequestParam("userId") Long userId) {
+
+        // Find the team
+        Team team =
+                teamRepository
+                        .findById(teamId)
+                        .orElseThrow(() -> new RuntimeException("Team not found"));
+
+        // Prevent adding users to the Internal team
+        if (team.getName().equals(TeamService.INTERNAL_TEAM_NAME)) {
+            return new RedirectView("/teams?error=internalTeamNotAccessible");
+        }
+
+        // Find the user
+        User user =
+                userRepository
+                        .findById(userId)
+                        .orElseThrow(() -> new RuntimeException("User not found"));
+
+        // Check if user is in the Internal team - prevent moving them
+        if (user.getTeam() != null
+                && user.getTeam().getName().equals(TeamService.INTERNAL_TEAM_NAME)) {
+            return new RedirectView("/teams/" + teamId + "?error=cannotMoveInternalUsers");
+        }
+
+        // Assign user to team
+        user.setTeam(team);
+        userRepository.save(user);
+
+        // Redirect back to team details page
+        return new RedirectView("/teams/" + teamId + "?messageType=userAdded");
+    }
+}

proprietary/src/main/java/stirling/software/proprietary/security/controller/api/UserController.java

@@ -1,12 +1,17 @@
 package stirling.software.proprietary.security.controller.api;
 
+import io.swagger.v3.oas.annotations.tags.Tag;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import jakarta.transaction.Transactional;
 import java.io.IOException;
 import java.security.Principal;
 import java.sql.SQLException;
 import java.util.List;
 import java.util.Map;
 import java.util.Optional;
-
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
@@ -20,22 +25,17 @@ import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.servlet.mvc.support.RedirectAttributes;
 import org.springframework.web.servlet.view.RedirectView;
-
-import io.swagger.v3.oas.annotations.tags.Tag;
-
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-import lombok.RequiredArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.enumeration.Role;
 import stirling.software.common.model.exception.UnsupportedProviderException;
+import stirling.software.proprietary.model.Team;
+import stirling.software.proprietary.security.database.repository.UserRepository;
 import stirling.software.proprietary.security.model.AuthenticationType;
 import stirling.software.proprietary.security.model.User;
 import stirling.software.proprietary.security.model.api.user.UsernameAndPass;
+import stirling.software.proprietary.security.repository.TeamRepository;
 import stirling.software.proprietary.security.saml2.CustomSaml2AuthenticatedPrincipal;
+import stirling.software.proprietary.security.service.TeamService;
 import stirling.software.proprietary.security.service.UserService;
 import stirling.software.proprietary.security.session.SessionPersistentRegistry;
 
@@ -50,6 +50,8 @@ public class UserController {
     private final UserService userService;
     private final SessionPersistentRegistry sessionRegistry;
     private final ApplicationProperties applicationProperties;
+    private final TeamRepository teamRepository;
+    private final UserRepository userRepository;
 
     @PreAuthorize("!hasAuthority('ROLE_DEMO_USER')")
     @PostMapping("/register")
@@ -60,7 +62,13 @@ public class UserController {
             return "register";
         }
         try {
-            userService.saveUser(requestModel.getUsername(), requestModel.getPassword());
+            Team team = teamRepository.findByName(TeamService.DEFAULT_TEAM_NAME).orElse(null);
+            userService.saveUser(
+                    requestModel.getUsername(),
+                    requestModel.getPassword(),
+                    team,
+                    Role.USER.getRoleId(),
+                    false);
         } catch (IllegalArgumentException e) {
             return "redirect:/login?messageType=invalidUsername";
         }
@@ -200,6 +208,7 @@ public class UserController {
             @RequestParam(name = "username", required = true) String username,
             @RequestParam(name = "password", required = false) String password,
             @RequestParam(name = "role") String role,
+            @RequestParam(name = "teamId", required = false) Long teamId,
             @RequestParam(name = "authType") String authType,
             @RequestParam(name = "forceChange", required = false, defaultValue = "false")
                     boolean forceChange)
@@ -233,13 +242,32 @@ public class UserController {
             // If the role ID is not valid, redirect with an error message
             return new RedirectView("/adminSettings?messageType=invalidRole", true);
         }
+
+        // Use teamId if provided, otherwise use default team
+        Long effectiveTeamId = teamId;
+        if (effectiveTeamId == null) {
+            Team defaultTeam =
+                    teamRepository.findByName(TeamService.DEFAULT_TEAM_NAME).orElse(null);
+            if (defaultTeam != null) {
+                effectiveTeamId = defaultTeam.getId();
+            }
+        } else {
+            // Check if the selected team is Internal - prevent assigning to it
+            Team selectedTeam = teamRepository.findById(effectiveTeamId).orElse(null);
+            if (selectedTeam != null
+                    && TeamService.INTERNAL_TEAM_NAME.equals(selectedTeam.getName())) {
+                return new RedirectView(
+                        "/adminSettings?messageType=internalTeamNotAccessible", true);
+            }
+        }
+
         if (authType.equalsIgnoreCase(AuthenticationType.SSO.toString())) {
-            userService.saveUser(username, AuthenticationType.SSO, role);
+            userService.saveUser(username, AuthenticationType.SSO, effectiveTeamId, role);
         } else {
             if (password.isBlank()) {
                 return new RedirectView("/adminSettings?messageType=invalidPassword", true);
             }
-            userService.saveUser(username, password, role, forceChange);
+            userService.saveUser(username, password, effectiveTeamId, role, forceChange);
         }
         return new RedirectView(
                 "/adminSettings", // Redirect to account page after adding the user
@@ -248,9 +276,11 @@ public class UserController {
 
     @PreAuthorize("hasRole('ROLE_ADMIN')")
     @PostMapping("/admin/changeRole")
+    @Transactional
     public RedirectView changeRole(
             @RequestParam(name = "username") String username,
             @RequestParam(name = "role") String role,
+            @RequestParam(name = "teamId", required = false) Long teamId,
             Authentication authentication)
             throws SQLException, UnsupportedProviderException {
         Optional<User> userOpt = userService.findByUsernameIgnoreCase(username);
@@ -278,6 +308,29 @@ public class UserController {
             return new RedirectView("/adminSettings?messageType=invalidRole", true);
         }
         User user = userOpt.get();
+
+        // Update the team if a teamId is provided
+        if (teamId != null) {
+            Team team = teamRepository.findById(teamId).orElse(null);
+            if (team != null) {
+                // Prevent assigning to Internal team
+                if (TeamService.INTERNAL_TEAM_NAME.equals(team.getName())) {
+                    return new RedirectView(
+                            "/adminSettings?messageType=internalTeamNotAccessible", true);
+                }
+
+                // Prevent moving users from Internal team
+                if (user.getTeam() != null
+                        && TeamService.INTERNAL_TEAM_NAME.equals(user.getTeam().getName())) {
+                    return new RedirectView(
+                            "/adminSettings?messageType=cannotMoveInternalUsers", true);
+                }
+
+                user.setTeam(team);
+                userRepository.save(user);
+            }
+        }
+
         userService.changeRole(user, role);
         return new RedirectView(
                 "/adminSettings", // Redirect to account page after adding the user

proprietary/src/main/java/stirling/software/proprietary/security/controller/web/DatabaseWebController.java

@@ -1,19 +1,14 @@
 package stirling.software.proprietary.security.controller.web;
 
+import io.swagger.v3.oas.annotations.tags.Tag;
+import jakarta.servlet.http.HttpServletRequest;
 import java.util.List;
-
+import lombok.RequiredArgsConstructor;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.core.Authentication;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.GetMapping;
-
-import io.swagger.v3.oas.annotations.tags.Tag;
-
-import jakarta.servlet.http.HttpServletRequest;
-
-import lombok.RequiredArgsConstructor;
-
 import stirling.software.common.model.FileInfo;
 import stirling.software.proprietary.security.service.DatabaseService;
 

proprietary/src/main/java/stirling/software/proprietary/security/controller/web/TeamWebController.java

@@ -0,0 +1,114 @@
+package stirling.software.proprietary.security.controller.web;
+
+import java.util.Date;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
+import stirling.software.proprietary.model.Team;
+import stirling.software.proprietary.model.dto.TeamWithUserCountDTO;
+import stirling.software.proprietary.security.database.repository.SessionRepository;
+import stirling.software.proprietary.security.database.repository.UserRepository;
+import stirling.software.proprietary.security.model.User;
+import stirling.software.proprietary.security.repository.TeamRepository;
+import stirling.software.proprietary.security.service.TeamService;
+
+@Controller
+@RequestMapping("/teams")
+@RequiredArgsConstructor
+@Slf4j
+public class TeamWebController {
+
+    private final TeamRepository teamRepository;
+    private final SessionRepository sessionRepository;
+    private final UserRepository userRepository;
+
+    @GetMapping
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
+    public String listTeams(Model model) {
+        // Get teams with user counts using a DTO projection
+        List<TeamWithUserCountDTO> allTeamsWithCounts = teamRepository.findAllTeamsWithUserCount();
+
+        // Filter out the Internal team
+        List<TeamWithUserCountDTO> teamsWithCounts =
+                allTeamsWithCounts.stream()
+                        .filter(team -> !team.getName().equals(TeamService.INTERNAL_TEAM_NAME))
+                        .toList();
+
+        // Get the latest activity for each team
+        List<Object[]> teamActivities = sessionRepository.findLatestActivityByTeam();
+
+        // Convert the query results to a map for easy access in the view
+        Map<Long, Date> teamLastRequest = new HashMap<>();
+        for (Object[] result : teamActivities) {
+            Long teamId = (Long) result[0]; // teamId alias
+            Date lastActivity = (Date) result[1]; // lastActivity alias
+            teamLastRequest.put(teamId, lastActivity);
+        }
+
+        // Add data to the model
+        model.addAttribute("teamsWithCounts", teamsWithCounts);
+        model.addAttribute("teamLastRequest", teamLastRequest);
+
+        return "accounts/teams";
+    }
+
+    @GetMapping("/{id}")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
+    public String viewTeamDetails(@PathVariable("id") Long id, Model model) {
+        // Get the team
+        Team team =
+                teamRepository
+                        .findById(id)
+                        .orElseThrow(() -> new RuntimeException("Team not found"));
+
+        // Prevent access to Internal team
+        if (team.getName().equals(TeamService.INTERNAL_TEAM_NAME)) {
+            return "redirect:/teams?error=internalTeamNotAccessible";
+        }
+
+        // Get users for this team directly using the direct query
+        List<User> teamUsers = userRepository.findAllByTeamId(id);
+
+        // Get all users not in this team for the Add User to Team dropdown
+        // Exclude users that are in the Internal team
+        List<User> allUsers = userRepository.findAllWithTeam();
+        List<User> availableUsers =
+                allUsers.stream()
+                        .filter(
+                                user ->
+                                        (user.getTeam() == null
+                                                        || !user.getTeam().getId().equals(id))
+                                                && (user.getTeam() == null
+                                                        || !user.getTeam()
+                                                                .getName()
+                                                                .equals(
+                                                                        TeamService
+                                                                                .INTERNAL_TEAM_NAME)))
+                        .toList();
+
+        // Get the latest session for each user in the team
+        List<Object[]> userSessions = sessionRepository.findLatestSessionByTeamId(id);
+
+        // Create a map of username to last request date
+        Map<String, Date> userLastRequest = new HashMap<>();
+        for (Object[] result : userSessions) {
+            String username = (String) result[0]; // username alias
+            Date lastRequest = (Date) result[1]; // lastRequest alias
+            userLastRequest.put(username, lastRequest);
+        }
+
+        model.addAttribute("team", team);
+        model.addAttribute("teamUsers", teamUsers);
+        model.addAttribute("availableUsers", availableUsers);
+        model.addAttribute("userLastRequest", userLastRequest);
+        return "accounts/team-details";
+    }
+}

proprietary/src/main/java/stirling/software/proprietary/security/database/ScheduledTasks.java

@@ -1,13 +1,10 @@
 package stirling.software.proprietary.security.database;
 
 import java.sql.SQLException;
-
+import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Conditional;
 import org.springframework.scheduling.annotation.Scheduled;
 import org.springframework.stereotype.Component;
-
-import lombok.RequiredArgsConstructor;
-
 import stirling.software.common.model.exception.UnsupportedProviderException;
 import stirling.software.proprietary.security.service.DatabaseServiceInterface;
 

proprietary/src/main/java/stirling/software/proprietary/security/database/repository/AuthorityRepository.java

@@ -1,10 +1,8 @@
 package stirling.software.proprietary.security.database.repository;
 
 import java.util.Set;
-
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.stereotype.Repository;
-
 import stirling.software.proprietary.security.model.Authority;
 
 @Repository

proprietary/src/main/java/stirling/software/proprietary/security/database/repository/JPATokenRepositoryImpl.java

@@ -1,11 +1,9 @@
 package stirling.software.proprietary.security.database.repository;
 
 import java.util.Date;
-
 import org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken;
 import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;
 import org.springframework.transaction.annotation.Transactional;
-
 import stirling.software.proprietary.security.model.PersistentLogin;
 
 public class JPATokenRepositoryImpl implements PersistentTokenRepository {

proprietary/src/main/java/stirling/software/proprietary/security/database/repository/PersistentLoginRepository.java

@@ -2,7 +2,6 @@ package stirling.software.proprietary.security.database.repository;
 
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.stereotype.Repository;
-
 import stirling.software.proprietary.security.model.PersistentLogin;
 
 @Repository

proprietary/src/main/java/stirling/software/proprietary/security/database/repository/SessionRepository.java

@@ -1,16 +1,13 @@
 package stirling.software.proprietary.security.database.repository;
 
+import jakarta.transaction.Transactional;
 import java.util.Date;
 import java.util.List;
-
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.jpa.repository.Modifying;
 import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.repository.query.Param;
 import org.springframework.stereotype.Repository;
-
-import jakarta.transaction.Transactional;
-
 import stirling.software.proprietary.security.model.SessionEntity;
 
 @Repository
@@ -29,4 +26,20 @@ public interface SessionRepository extends JpaRepository<SessionEntity, String>
             @Param("expired") boolean expired,
             @Param("lastRequest") Date lastRequest,
             @Param("principalName") String principalName);
+
+    @Query(
+            "SELECT t.id as teamId, MAX(s.lastRequest) as lastActivity "
+                    + "FROM stirling.software.proprietary.model.Team t "
+                    + "LEFT JOIN t.users u "
+                    + "LEFT JOIN SessionEntity s ON u.username = s.principalName "
+                    + "GROUP BY t.id")
+    List<Object[]> findLatestActivityByTeam();
+
+    @Query(
+            "SELECT u.username as username, MAX(s.lastRequest) as lastRequest "
+                    + "FROM stirling.software.proprietary.security.model.User u "
+                    + "LEFT JOIN SessionEntity s ON u.username = s.principalName "
+                    + "WHERE u.team.id = :teamId "
+                    + "GROUP BY u.username")
+    List<Object[]> findLatestSessionByTeamId(@Param("teamId") Long teamId);
 }

proprietary/src/main/java/stirling/software/proprietary/security/database/repository/UserRepository.java

@@ -2,12 +2,11 @@ package stirling.software.proprietary.security.database.repository;
 
 import java.util.List;
 import java.util.Optional;
-
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.repository.query.Param;
 import org.springframework.stereotype.Repository;
-
+import stirling.software.proprietary.model.Team;
 import stirling.software.proprietary.security.model.User;
 
 @Repository
@@ -22,4 +21,18 @@ public interface UserRepository extends JpaRepository<User, Long> {
     Optional<User> findByApiKey(String apiKey);
 
     List<User> findByAuthenticationTypeIgnoreCase(String authenticationType);
+
+    @Query("SELECT u FROM User u WHERE u.team IS NULL")
+    List<User> findAllWithoutTeam();
+
+    @Query(value = "SELECT u FROM User u LEFT JOIN FETCH u.team")
+    List<User> findAllWithTeam();
+
+    @Query(
+            "SELECT u FROM User u JOIN FETCH u.authorities JOIN FETCH u.team WHERE u.team.id = :teamId")
+    List<User> findAllByTeamId(@Param("teamId") Long teamId);
+
+    long countByTeam(Team team);
+
+    List<User> findAllByTeam(Team team);
 }

proprietary/src/main/java/stirling/software/proprietary/security/filter/EnterpriseEndpointFilter.java

@@ -1,16 +1,14 @@
 package stirling.software.proprietary.security.filter;
 
-import java.io.IOException;
-
-import org.springframework.beans.factory.annotation.Qualifier;
-import org.springframework.http.HttpStatus;
-import org.springframework.stereotype.Component;
-import org.springframework.web.filter.OncePerRequestFilter;
-
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.http.HttpStatus;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
 
 @Component
 public class EnterpriseEndpointFilter extends OncePerRequestFilter {

proprietary/src/main/java/stirling/software/proprietary/security/filter/FirstLoginFilter.java

@@ -1,24 +1,20 @@
 package stirling.software.proprietary.security.filter;
 
-import java.io.IOException;
-import java.text.SimpleDateFormat;
-import java.util.Date;
-import java.util.Optional;
-
-import org.springframework.context.annotation.Lazy;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.stereotype.Component;
-import org.springframework.web.filter.OncePerRequestFilter;
-
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import jakarta.servlet.http.HttpSession;
-
+import java.io.IOException;
+import java.text.SimpleDateFormat;
+import java.util.Date;
+import java.util.Optional;
 import lombok.extern.slf4j.Slf4j;
-
+import org.springframework.context.annotation.Lazy;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
 import stirling.software.common.util.RequestUriUtils;
 import stirling.software.proprietary.security.model.User;
 import stirling.software.proprietary.security.service.UserService;

proprietary/src/main/java/stirling/software/proprietary/security/filter/IPRateLimitingFilter.java

@@ -1,18 +1,15 @@
 package stirling.software.proprietary.security.filter;
 
-import java.io.IOException;
-import java.util.concurrent.ConcurrentHashMap;
-import java.util.concurrent.atomic.AtomicInteger;
-
 import jakarta.servlet.Filter;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.ServletRequest;
 import jakarta.servlet.ServletResponse;
 import jakarta.servlet.http.HttpServletRequest;
-
+import java.io.IOException;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.atomic.AtomicInteger;
 import lombok.RequiredArgsConstructor;
-
 import stirling.software.common.util.RequestUriUtils;
 
 @RequiredArgsConstructor

proprietary/src/main/java/stirling/software/proprietary/security/filter/UserAuthenticationFilter.java

@@ -1,9 +1,13 @@
 package stirling.software.proprietary.security.filter;
 
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.util.List;
 import java.util.Optional;
-
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.http.HttpStatus;
@@ -16,14 +20,6 @@ import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.oauth2.core.user.OAuth2User;
 import org.springframework.stereotype.Component;
 import org.springframework.web.filter.OncePerRequestFilter;
-
-import jakarta.servlet.FilterChain;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.ApplicationProperties.Security.OAUTH2;
 import stirling.software.common.model.ApplicationProperties.Security.SAML2;

proprietary/src/main/java/stirling/software/proprietary/security/filter/UserBasedRateLimitingFilter.java

@@ -1,10 +1,17 @@
 package stirling.software.proprietary.security.filter;
 
+import io.github.bucket4j.Bandwidth;
+import io.github.bucket4j.Bucket;
+import io.github.bucket4j.ConsumptionProbe;
+import io.github.pixee.security.Newlines;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.time.Duration;
 import java.util.Map;
 import java.util.concurrent.ConcurrentHashMap;
-
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.http.HttpStatus;
 import org.springframework.security.core.Authentication;
@@ -13,17 +20,6 @@ import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.stereotype.Component;
 import org.springframework.web.filter.OncePerRequestFilter;
-
-import io.github.bucket4j.Bandwidth;
-import io.github.bucket4j.Bucket;
-import io.github.bucket4j.ConsumptionProbe;
-import io.github.pixee.security.Newlines;
-
-import jakarta.servlet.FilterChain;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
 import stirling.software.common.model.enumeration.Role;
 
 @Component

proprietary/src/main/java/stirling/software/proprietary/security/model/ApiKeyAuthenticationToken.java

@@ -1,7 +1,6 @@
 package stirling.software.proprietary.security.model;
 
 import java.util.Collection;
-
 import org.springframework.security.authentication.AbstractAuthenticationToken;
 import org.springframework.security.core.GrantedAuthority;
 

proprietary/src/main/java/stirling/software/proprietary/security/model/Authority.java

@@ -1,7 +1,5 @@
 package stirling.software.proprietary.security.model;
 
-import java.io.Serializable;
-
 import jakarta.persistence.Column;
 import jakarta.persistence.Entity;
 import jakarta.persistence.GeneratedValue;
@@ -10,7 +8,7 @@ import jakarta.persistence.Id;
 import jakarta.persistence.JoinColumn;
 import jakarta.persistence.ManyToOne;
 import jakarta.persistence.Table;
-
+import java.io.Serializable;
 import lombok.Getter;
 import lombok.Setter;
 

proprietary/src/main/java/stirling/software/proprietary/security/model/PersistentLogin.java

@@ -1,12 +1,10 @@
 package stirling.software.proprietary.security.model;
 
-import java.util.Date;
-
 import jakarta.persistence.Column;
 import jakarta.persistence.Entity;
 import jakarta.persistence.Id;
 import jakarta.persistence.Table;
-
+import java.util.Date;
 import lombok.Data;
 
 @Entity

proprietary/src/main/java/stirling/software/proprietary/security/model/SessionEntity.java

@@ -1,12 +1,10 @@
 package stirling.software.proprietary.security.model;
 
-import java.io.Serializable;
-import java.util.Date;
-
 import jakarta.persistence.Entity;
 import jakarta.persistence.Id;
 import jakarta.persistence.Table;
-
+import java.io.Serializable;
+import java.util.Date;
 import lombok.Data;
 
 @Entity

proprietary/src/main/java/stirling/software/proprietary/security/model/User.java

@@ -1,21 +1,19 @@
 package stirling.software.proprietary.security.model;
 
+import jakarta.persistence.*;
 import java.io.Serializable;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Map;
 import java.util.Set;
 import java.util.stream.Collectors;
-
-import jakarta.persistence.*;
-
 import lombok.EqualsAndHashCode;
 import lombok.Getter;
 import lombok.NoArgsConstructor;
 import lombok.Setter;
 import lombok.ToString;
-
 import stirling.software.common.model.enumeration.Role;
+import stirling.software.proprietary.model.Team;
 
 @Entity
 @Table(name = "users")
@@ -57,6 +55,10 @@ public class User implements Serializable {
     @OneToMany(fetch = FetchType.EAGER, cascade = CascadeType.ALL, mappedBy = "user")
     private Set<Authority> authorities = new HashSet<>();
 
+    @ManyToOne(fetch = FetchType.EAGER)
+    @JoinColumn(name = "team_id")
+    private Team team;
+
     @ElementCollection
     @MapKeyColumn(name = "setting_key")
     @Lob

proprietary/src/main/java/stirling/software/proprietary/security/model/api/Email.java

@@ -1,13 +1,10 @@
 package stirling.software.proprietary.security.model.api;
 
-import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
-
 import io.swagger.v3.oas.annotations.media.Schema;
-
 import lombok.Data;
 import lombok.EqualsAndHashCode;
 import lombok.NoArgsConstructor;
-
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import stirling.software.common.model.api.GeneralFile;
 
 @Data

proprietary/src/main/java/stirling/software/proprietary/security/model/api/user/UpdateUserDetails.java

@@ -1,7 +1,6 @@
 package stirling.software.proprietary.security.model.api.user;
 
 import io.swagger.v3.oas.annotations.media.Schema;
-
 import lombok.Data;
 import lombok.EqualsAndHashCode;
 

proprietary/src/main/java/stirling/software/proprietary/security/model/api/user/UpdateUserUsername.java

@@ -1,7 +1,6 @@
 package stirling.software.proprietary.security.model.api.user;
 
 import io.swagger.v3.oas.annotations.media.Schema;
-
 import lombok.Data;
 import lombok.EqualsAndHashCode;
 

proprietary/src/main/java/stirling/software/proprietary/security/model/api/user/Username.java

@@ -1,7 +1,6 @@
 package stirling.software.proprietary.security.model.api.user;
 
 import io.swagger.v3.oas.annotations.media.Schema;
-
 import lombok.Data;
 import lombok.EqualsAndHashCode;
 

proprietary/src/main/java/stirling/software/proprietary/security/model/api/user/UsernameAndPass.java

@@ -1,7 +1,6 @@
 package stirling.software.proprietary.security.model.api.user;
 
 import io.swagger.v3.oas.annotations.media.Schema;
-
 import lombok.Data;
 import lombok.EqualsAndHashCode;
 

proprietary/src/main/java/stirling/software/proprietary/security/oauth2/CustomOAuth2AuthenticationFailureHandler.java

@@ -1,7 +1,10 @@
 package stirling.software.proprietary.security.oauth2;
 
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 import java.io.IOException;
-
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.DisabledException;
 import org.springframework.security.authentication.LockedException;
@@ -10,12 +13,6 @@ import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
 import org.springframework.security.oauth2.core.OAuth2Error;
 import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
 
-import jakarta.servlet.ServletException;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-import lombok.extern.slf4j.Slf4j;
-
 @Slf4j
 public class CustomOAuth2AuthenticationFailureHandler
         extends SimpleUrlAuthenticationFailureHandler {