Release 2.63.1 (#3135 )

* Release 2.63.1
Release 2.63.0 (#3134 )
2024-03-11 21:35:43 +01:00 · 2024-03-11 20:19:23 +01:00 · 2024-03-11 20:17:47 +01:00 · 2024-03-11 20:16:56 +01:00 · 2024-03-11 20:15:55 +01:00 · 2024-03-11 20:15:32 +01:00
908 changed files with 161853 additions and 33005 deletions
--- a/.env.example
+++ b/.env.example
@ -11,6 +11,5 @@ POSTGRES_USER=user
 POSTGRES_PASSWORD=<INSERT_POSTGRES_PASSWORD>

 ACCESS_TOKEN_SALT=<INSERT_RANDOM_STRING>
-ALPHA_VANTAGE_API_KEY=
-DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@localhost:5432/${POSTGRES_DB}?sslmode=prefer
+DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@localhost:5432/${POSTGRES_DB}?connect_timeout=300&sslmode=prefer
 JWT_SECRET_KEY=<INSERT_RANDOM_STRING>
--- a/.eslintrc.json
+++ b/.eslintrc.json
@ -1,12 +1,12 @@
 {
  "root": true,
  "ignorePatterns": ["**/*"],
-  "plugins": ["@nrwl/nx"],
+  "plugins": ["@nx"],
  "overrides": [
    {
      "files": ["*.ts", "*.tsx", "*.js", "*.jsx"],
      "rules": {
-        "@nrwl/nx/enforce-module-boundaries": [
+        "@nx/enforce-module-boundaries": [
          "error",
          {
            "enforceBuildableLibDependency": true,
@ -23,12 +23,12 @@
    },
    {
      "files": ["*.ts", "*.tsx"],
-      "extends": ["plugin:@nrwl/nx/typescript"],
+      "extends": ["plugin:@nx/typescript"],
      "rules": {}
    },
    {
      "files": ["*.js", "*.jsx"],
-      "extends": ["plugin:@nrwl/nx/javascript"],
+      "extends": ["plugin:@nx/javascript"],
      "rules": {}
    },
    {
@ -113,5 +113,6 @@
        "radix": "error"
      }
    }
-  ]
+  ],
+  "extends": [null, "plugin:storybook/recommended"]
 }
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@ -6,7 +6,13 @@ labels: ''
 assignees: ''
 ---

-The Issue tracker is **ONLY** used for reporting bugs. New features should be discussed on our [Slack channel](https://ghostfolio.slack.com) or in [Discussions](https://github.com/ghostfolio/ghostfolio/discussions).
+**Important Notice**
+
+The issue tracker is **ONLY** used for reporting bugs. New features should be discussed in our [Slack](https://join.slack.com/t/ghostfolio/shared_invite/zt-vsaan64h-F_I0fEo5M0P88lP9ibCxFg) community or in [Discussions](https://github.com/ghostfolio/ghostfolio/discussions).
+
+Incomplete or non-reproducible issues may be closed, but we are here to help! If you encounter difficulties reproducing the bug or need assistance, please reach out to our community channels mentioned above.
+
+Thank you for your understanding and cooperation!

 **Bug Description**

@ -37,6 +43,8 @@ The Issue tracker is **ONLY** used for reporting bugs. New features should be di
 <!-- Please complete the following information -->

 - Ghostfolio Version X.Y.Z
+- Cloud or Self-hosted
+- Experimental Features enabled or disabled
 - Browser
 - OS

--- a/.github/workflows/build-code.yml
+++ b/.github/workflows/build-code.yml
@ -4,21 +4,24 @@ on:
  pull_request:
  workflow_dispatch:

+permissions:
+  contents: read
+
 jobs:
  build:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        node_version:
-          - 16
+          - 18
    steps:
      - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Use Node.js ${{ matrix.node_version }}
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
        with:
          node-version: ${{ matrix.node_version }}
          cache: 'yarn'
@ -33,4 +36,4 @@ jobs:
        run: yarn test

      - name: Build application
-        run: yarn build:all
+        run: yarn build:production
--- a/.github/workflows/docker-image.yml
+++ b/.github/workflows/docker-image.yml
@ -13,7 +13,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4

      - name: Docker metadata
        id: meta
@ -21,6 +21,7 @@ jobs:
        with:
          images: ghostfolio/ghostfolio
          tags: |
+            type=semver,pattern={{major}}
            type=semver,pattern={{version}}

      - name: Set up QEMU
--- a/.gitignore
+++ b/.gitignore
@ -27,6 +27,7 @@
 /.angular/cache
 .env
 .env.prod
+.nx/cache
 /.sass-cache
 /connect.lock
 /coverage
--- a/.nvmrc
+++ b/.nvmrc
@ -1 +1 @@
-v16
+v18
--- a/.prettierignore
+++ b/.prettierignore
@ -1,2 +1,4 @@
+/.nx/cache
+/apps/client/src/polyfills.ts
 /dist
 /test/import
--- a/.prettierrc
+++ b/.prettierrc
@ -9,6 +9,26 @@
  ],
  "attributeSort": "ASC",
  "endOfLine": "auto",
+  "importOrder": ["^@ghostfolio/(.*)$", "<THIRD_PARTY_MODULES>", "^[./]"],
+  "importOrderSeparation": true,
+  "overrides": [
+    {
+      "files": "*.html",
+      "options": {
+        "parser": "angular"
+      }
+    },
+    {
+      "files": "*.ts",
+      "options": {
+        "importOrderParserPlugins": ["decorators-legacy", "typescript"]
+      }
+    }
+  ],
+  "plugins": [
+    "prettier-plugin-organize-attributes",
+    "@trivago/prettier-plugin-sort-imports"
+  ],
  "printWidth": 80,
  "singleQuote": true,
  "tabWidth": 2,
--- a/.storybook/main.js
+++ b/.storybook/main.js
@ -1,8 +0,0 @@
-module.exports = {
-  // uncomment the property below if you want to apply some webpack config globally
-  // webpackFinal: async (config, { configType }) => {
-  //   // Make whatever fine-grained changes you need that should apply to all storybook configs
-  //   // Return the altered config
-  //   return config;
-  // },
-};
--- a/.storybook/tsconfig.json
+++ b/.storybook/tsconfig.json
@ -1,10 +0,0 @@
-{
-  "extends": "../tsconfig.base.json",
-  "exclude": [
-    "../**/*.spec.js",
-    "../**/*.spec.ts",
-    "../**/*.spec.tsx",
-    "../**/*.spec.jsx"
-  ],
-  "include": ["../**/*"]
-}
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@ -2,32 +2,33 @@
  "version": "0.2.0",
  "configurations": [
    {
-      "name": "Debug Jest File",
-      "type": "node",
-      "request": "launch",
-      "program": "${workspaceFolder}/node_modules/@nrwl/cli/bin/nx",
      "args": [
        "test",
        "--codeCoverage=false",
        "--testFile=${workspaceFolder}/apps/api/src/app/portfolio/portfolio-calculator-novn-buy-and-sell.spec.ts"
      ],
+      "console": "internalConsole",
      "cwd": "${workspaceFolder}",
-      "console": "internalConsole"
+      "name": "Debug Jest",
+      "program": "${workspaceFolder}/node_modules/@nrwl/cli/bin/nx",
+      "request": "launch",
+      "type": "node"
    },
    {
-      "envFile": "${workspaceFolder}/.env",
-      "type": "node",
-      "request": "launch",
-      "name": "Launch Program",
-      "program": "${workspaceFolder}/apps/api/src/main.ts",
-      "runtimeArgs": ["--nolazy", "-r", "ts-node/register"],
-      "outFiles": ["${workspaceFolder}/dist/apps/api/**/*.js"],
      "autoAttachChildProcesses": true,
+      "console": "integratedTerminal",
+      "cwd": "${workspaceFolder}/apps/api",
+      "envFile": "${workspaceFolder}/.env",
+      "name": "Debug API",
+      "outFiles": ["${workspaceFolder}/dist/apps/api/**/*.js"],
+      "program": "${workspaceFolder}/apps/api/src/main.ts",
+      "request": "launch",
+      "runtimeArgs": ["--nolazy", "-r", "ts-node/register"],
      "skipFiles": [
        "${workspaceFolder}/node_modules/**/*.js",
        "<node_internals>/**/*.js"
      ],
-      "console": "integratedTerminal"
+      "type": "node"
    }
  ]
 }
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
--- a/DEVELOPMENT.md
+++ b/DEVELOPMENT.md
@ -1,5 +1,17 @@
 # Ghostfolio Development Guide

+## Experimental Features
+
+New functionality can be enabled using a feature flag switch from the user settings.
+
+### Backend
+
+Remove permission in `UserService` using `without()`
+
+### Frontend
+
+Use `*ngIf="user?.settings?.isExperimentalFeatures"` in HTML template
+
 ## Git

 ### Rebase
@ -8,16 +20,28 @@

 ## Dependencies

+### Angular
+
+#### Upgrade (minor versions)
+
+1. Run `npx npm-check-updates --upgrade --target "minor" --filter "/@angular.*/"`
+
 ### Nx

 #### Upgrade

 1. Run `yarn nx migrate latest`
 1. Make sure `package.json` changes make sense and then run `yarn install`
-1. Run `yarn nx migrate --run-migrations`
+1. Run `yarn nx migrate --run-migrations` (Run `YARN_NODE_LINKER="node-modules" NX_MIGRATE_SKIP_INSTALL=1 yarn nx migrate --run-migrations` due to https://github.com/nrwl/nx/issues/16338)

 ### Prisma

+#### Access database via GUI
+
+Run `yarn database:gui`
+
+https://www.prisma.io/studio
+
 #### Synchronize schema with database for prototyping

 Run `yarn database:push`
--- a/11
+++ b/11
@ -1,4 +1,4 @@
-FROM --platform=$BUILDPLATFORM node:16-slim as builder
+FROM --platform=$BUILDPLATFORM node:18-slim as builder

 # Build application and add additional files
 WORKDIR /ghostfolio
@ -13,8 +13,8 @@ COPY ./.yarnrc .yarnrc
 COPY ./prisma/schema.prisma prisma/schema.prisma

 RUN apt update && apt install -y \
-    git \
    g++ \
+    git \
    make \
    openssl \
    python3 \
@ -33,7 +33,7 @@ COPY ./tsconfig.base.json tsconfig.base.json
 COPY ./libs libs
 COPY ./apps apps

-RUN yarn build:all
+RUN yarn build:production

 # Prepare the dist image with additional node_modules
 WORKDIR /ghostfolio/dist/apps/api
@ -50,12 +50,13 @@ COPY package.json /ghostfolio/dist/apps/api
 RUN yarn database:generate-typings

 # Image to run, copy everything needed from builder
-FROM node:16-slim
+FROM node:18-slim
 RUN apt update && apt install -y \
+    curl \
    openssl \
    && rm -rf /var/lib/apt/lists/*

 COPY --from=builder /ghostfolio/dist/apps /ghostfolio/apps
 WORKDIR /ghostfolio/apps/api
 EXPOSE ${PORT:-3333}
-CMD [  "yarn", "start:prod" ]
+CMD [ "yarn", "start:production" ]
--- a/README.md
+++ b/README.md
@ -13,6 +13,8 @@
 [![Shield: Contributions Welcome](https://img.shields.io/badge/Contributions-Welcome-orange.svg)](#contributing)
 [![Shield: License: AGPL v3](https://img.shields.io/badge/License-AGPL%20v3-blue.svg)](https://www.gnu.org/licenses/agpl-3.0)

+New: [Ghostfolio 2.0](https://ghostfol.io/en/blog/2023/09/ghostfolio-2)
+
 </div>

 **Ghostfolio** is an open source wealth management software built with web technology. The application empowers busy people to keep track of stocks, ETFs or cryptocurrencies and make solid, data-driven investment decisions. The software is designed for personal use in continuous operation.
@ -25,7 +27,7 @@

 ## Ghostfolio Premium

-Our official **[Ghostfolio Premium](https://ghostfol.io/en/pricing)** cloud offering is the easiest way to get started. Due to the time it saves, this will be the best option for most people. The revenue is used for covering the hosting costs.
+Our official **[Ghostfolio Premium](https://ghostfol.io/en/pricing)** cloud offering is the easiest way to get started. Due to the time it saves, this will be the best option for most people. Revenue is used to cover the costs of the hosting infrastructure and to fund ongoing development.

 If you prefer to run Ghostfolio on your own infrastructure, please find further instructions in the [Self-hosting](#self-hosting) section.

@ -47,7 +49,7 @@ Ghostfolio is for you if you are...

 - ✅ Create, update and delete transactions
 - ✅ Multi account management
- ✅ Portfolio performance for `Today`, `YTD`, `1Y`, `5Y`, `Max`
+- ✅ Portfolio performance: Time-weighted rate of return (TWR) for `Today`, `YTD`, `1Y`, `5Y`, `Max`
 - ✅ Various charts
 - ✅ Static analysis to identify potential risks in your portfolio
 - ✅ Import and export transactions
@ -85,19 +87,23 @@ We provide official container images hosted on [Docker Hub](https://hub.docker.c

 ### Supported Environment Variables

-| Name                | Default Value | Description                                                                                                                         |
-| ------------------- | ------------- | ----------------------------------------------------------------------------------------------------------------------------------- |
-| `ACCESS_TOKEN_SALT` |               | A random string used as salt for access tokens                                                                                      |
-| `DATABASE_URL`      |               | The database connection URL, e.g. `postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@localhost:5432/${POSTGRES_DB}?sslmode=prefer` |
-| `HOST`              | `0.0.0.0`     | The host where the Ghostfolio application will run on                                                                               |
-| `JWT_SECRET_KEY`    |               | A random string used for _JSON Web Tokens_ (JWT)                                                                                    |
-| `PORT`              | `3333`        | The port where the Ghostfolio application will run on                                                                               |
-| `POSTGRES_DB`       |               | The name of the _PostgreSQL_ database                                                                                               |
-| `POSTGRES_PASSWORD` |               | The password of the _PostgreSQL_ database                                                                                           |
-| `POSTGRES_USER`     |               | The user of the _PostgreSQL_ database                                                                                               |
-| `REDIS_HOST`        |               | The host where _Redis_ is running                                                                                                   |
-| `REDIS_PASSWORD`    |               | The password of _Redis_                                                                                                             |
-| `REDIS_PORT`        |               | The port where _Redis_ is running                                                                                                   |
+| Name                     | Default Value | Description                                                                                                                         |
+| ------------------------ | ------------- | ----------------------------------------------------------------------------------------------------------------------------------- |
+| `ACCESS_TOKEN_SALT`      |               | A random string used as salt for access tokens                                                                                      |
+| `API_KEY_COINGECKO_DEMO` |               | The _CoinGecko_ Demo API key                                                                                                        |
+| `API_KEY_COINGECKO_PRO`  |               | The _CoinGecko_ Pro API                                                                                                             |
+| `DATABASE_URL`           |               | The database connection URL, e.g. `postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@localhost:5432/${POSTGRES_DB}?sslmode=prefer` |
+| `HOST`                   | `0.0.0.0`     | The host where the Ghostfolio application will run on                                                                               |
+| `JWT_SECRET_KEY`         |               | A random string used for _JSON Web Tokens_ (JWT)                                                                                    |
+| `PORT`                   | `3333`        | The port where the Ghostfolio application will run on                                                                               |
+| `POSTGRES_DB`            |               | The name of the _PostgreSQL_ database                                                                                               |
+| `POSTGRES_PASSWORD`      |               | The password of the _PostgreSQL_ database                                                                                           |
+| `POSTGRES_USER`          |               | The user of the _PostgreSQL_ database                                                                                               |
+| `REDIS_DB`               | `0`           | The database index of _Redis_                                                                                                       |
+| `REDIS_HOST`             |               | The host where _Redis_ is running                                                                                                   |
+| `REDIS_PASSWORD`         |               | The password of _Redis_                                                                                                             |
+| `REDIS_PORT`             |               | The port where _Redis_ is running                                                                                                   |
+| `REQUEST_TIMEOUT`        | `2000`        | The timeout of network requests to data providers in milliseconds                                                                   |

 ### Run with Docker Compose

@ -113,7 +119,7 @@ We provide official container images hosted on [Docker Hub](https://hub.docker.c
 Run the following command to start the Docker images from [Docker Hub](https://hub.docker.com/r/ghostfolio/ghostfolio):

 ```bash
-docker-compose --env-file ./.env -f docker/docker-compose.yml up -d
+docker compose --env-file ./.env -f docker/docker-compose.yml up -d
 ```

 #### b. Build and run environment
@ -121,8 +127,8 @@ docker-compose --env-file ./.env -f docker/docker-compose.yml up -d
 Run the following commands to build and start the Docker images:

 ```bash
-docker-compose --env-file ./.env -f docker/docker-compose.build.yml build
-docker-compose --env-file ./.env -f docker/docker-compose.build.yml up -d
+docker compose --env-file ./.env -f docker/docker-compose.build.yml build
+docker compose --env-file ./.env -f docker/docker-compose.build.yml up -d
 ```

 #### Setup
@ -133,19 +139,19 @@ docker-compose --env-file ./.env -f docker/docker-compose.build.yml up -d
 #### Upgrade Version

 1. Increase the version of the `ghostfolio/ghostfolio` Docker image in `docker/docker-compose.yml`
-1. Run the following command to start the new Docker image: `docker-compose --env-file ./.env -f docker/docker-compose.yml up -d`  
+1. Run the following command to start the new Docker image: `docker compose --env-file ./.env -f docker/docker-compose.yml up -d`  
   At each start, the container will automatically apply the database schema migrations if needed.

-### Run with _Unraid_ (Community)
+### Home Server Systems (Community)

-Please follow the instructions of the Ghostfolio [Unraid Community App](https://unraid.net/community/apps?q=ghostfolio).
+Ghostfolio is available for various home server systems, including [CasaOS](https://github.com/bigbeartechworld/big-bear-casaos), [Runtipi](https://www.runtipi.io/docs/apps-available), [TrueCharts](https://truecharts.org/charts/stable/ghostfolio), [Umbrel](https://apps.umbrel.com/app/ghostfolio), and [Unraid](https://unraid.net/community/apps?q=ghostfolio).

 ## Development

 ### Prerequisites

 - [Docker](https://www.docker.com/products/docker-desktop)
- [Node.js](https://nodejs.org/en/download) (version 16)
+- [Node.js](https://nodejs.org/en/download) (version 18+)
 - [Yarn](https://yarnpkg.com/en/docs/install)
 - Create a local copy of this Git repository (clone)
 - Copy the file `.env.example` to `.env` and populate it with your data (`cp .env.example .env`)
@ -153,9 +159,9 @@ Please follow the instructions of the Ghostfolio [Unraid Community App](https://
 ### Setup

 1. Run `yarn install`
-1. Run `yarn build:dev` to build the source code including the assets
-1. Run `docker-compose --env-file ./.env -f docker/docker-compose.dev.yml up -d` to start [PostgreSQL](https://www.postgresql.org) and [Redis](https://redis.io)
+1. Run `docker compose --env-file ./.env -f docker/docker-compose.dev.yml up -d` to start [PostgreSQL](https://www.postgresql.org) and [Redis](https://redis.io)
 1. Run `yarn database:setup` to initialize the database schema
+1. Run `git config core.hooksPath ./git-hooks/` to setup git hooks
 1. Start the server and the client (see [_Development_](#Development))
 1. Open http://localhost:4200/en in your browser
 1. Create a new user via _Get Started_ (this first user will get the role `ADMIN`)
@ -164,7 +170,7 @@ Please follow the instructions of the Ghostfolio [Unraid Community App](https://

 #### Debug

-Run `yarn watch:server` and click _Launch Program_ in [Visual Studio Code](https://code.visualstudio.com)
+Run `yarn watch:server` and click _Debug API_ in [Visual Studio Code](https://code.visualstudio.com)

 #### Serve

@ -229,17 +235,18 @@ Deprecated: `GET http://localhost:3333/api/v1/auth/anonymous/<INSERT_SECURITY_TO
 }
 ```

-| Field      | Type                | Description                                        |
-| ---------- | ------------------- | -------------------------------------------------- |
-| accountId  | string (`optional`) | Id of the account                                  |
-| currency   | string              | `CHF` \| `EUR` \| `USD` etc.                       |
-| dataSource | string              | `MANUAL` (for type `ITEM`) \| `YAHOO`              |
-| date       | string              | Date in the format `ISO-8601`                      |
-| fee        | number              | Fee of the activity                                |
-| quantity   | number              | Quantity of the activity                           |
-| symbol     | string              | Symbol of the activity (suitable for `dataSource`) |
-| type       | string              | `BUY` \| `DIVIDEND` \| `ITEM` \| `SELL`            |
-| unitPrice  | number              | Price per unit of the activity                     |
+| Field      | Type                | Description                                                                   |
+| ---------- | ------------------- | ----------------------------------------------------------------------------- |
+| accountId  | string (`optional`) | Id of the account                                                             |
+| comment    | string (`optional`) | Comment of the activity                                                       |
+| currency   | string              | `CHF` \| `EUR` \| `USD` etc.                                                  |
+| dataSource | string              | `COINGECKO` \| `MANUAL` (for type `ITEM`) \| `YAHOO`                          |
+| date       | string              | Date in the format `ISO-8601`                                                 |
+| fee        | number              | Fee of the activity                                                           |
+| quantity   | number              | Quantity of the activity                                                      |
+| symbol     | string              | Symbol of the activity (suitable for `dataSource`)                            |
+| type       | string              | `BUY` \| `DIVIDEND` \| `FEE` \| `INTEREST` \| `ITEM` \| `LIABILITY` \| `SELL` |
+| unitPrice  | number              | Price per unit of the activity                                                |

 #### Response

@ -262,18 +269,24 @@ Deprecated: `GET http://localhost:3333/api/v1/auth/anonymous/<INSERT_SECURITY_TO

 ## Community Projects

- [ghostfolio-cli](https://github.com/DerAndereJohannes/ghostfolio-cli): Command-line interface to access your portfolio
+Discover a variety of community projects for Ghostfolio: https://github.com/topics/ghostfolio
+
+Are you building your own project? Add the `ghostfolio` topic to your _GitHub_ repository to get listed as well. [Learn more →](https://docs.github.com/en/articles/classifying-your-repository-with-topics)

 ## Contributing

 Ghostfolio is **100% free** and **open source**. We encourage and support an active and healthy community that accepts contributions from the public - including you.

-Not sure what to work on? We have got some ideas. Please join the Ghostfolio [Slack channel](https://join.slack.com/t/ghostfolio/shared_invite/zt-vsaan64h-F_I0fEo5M0P88lP9ibCxFg) or tweet to [@ghostfolio\_](https://twitter.com/ghostfolio_). We would love to hear from you.
+Not sure what to work on? We have got some ideas. Please join the Ghostfolio [Slack](https://join.slack.com/t/ghostfolio/shared_invite/zt-vsaan64h-F_I0fEo5M0P88lP9ibCxFg) channel or post to [@ghostfolio\_](https://twitter.com/ghostfolio_) on _X_. We would love to hear from you.

 If you like to support this project, get [**Ghostfolio Premium**](https://ghostfol.io/en/pricing) or [**Buy me a coffee**](https://www.buymeacoffee.com/ghostfolio).

+## Analytics
+
+![Alt](https://repobeats.axiom.co/api/embed/281a80b2d0c4af1162866c24c803f1f18e5ed60e.svg 'Repobeats analytics image')
+
 ## License

-© 2021 - 2023 [Ghostfolio](https://ghostfol.io)
+© 2021 - 2024 [Ghostfolio](https://ghostfol.io)

 Licensed under the [AGPLv3 License](https://www.gnu.org/licenses/agpl-3.0.html).
--- a/apps/api/jest.config.ts
+++ b/apps/api/jest.config.ts
@ -13,7 +13,6 @@ export default {
  },
  moduleFileExtensions: ['ts', 'js', 'html'],
  coverageDirectory: '../../coverage/apps/api',
-  testTimeout: 10000,
  testEnvironment: 'node',
  preset: '../../jest.preset.js'
 };
--- a/apps/api/project.json
+++ b/apps/api/project.json
@ -7,14 +7,16 @@
  "generators": {},
  "targets": {
    "build": {
-      "executor": "@nrwl/webpack:webpack",
+      "executor": "@nx/webpack:webpack",
      "options": {
-        "outputPath": "dist/apps/api",
+        "compiler": "tsc",
+        "deleteOutputPath": false,
        "main": "apps/api/src/main.ts",
-        "tsConfig": "apps/api/tsconfig.app.json",
-        "assets": ["apps/api/src/assets"],
+        "outputPath": "dist/apps/api",
+        "sourceMap": true,
        "target": "node",
-        "compiler": "tsc"
+        "tsConfig": "apps/api/tsconfig.app.json",
+        "webpackConfig": "apps/api/webpack.config.js"
      },
      "configurations": {
        "production": {
@ -32,23 +34,42 @@
      },
      "outputs": ["{options.outputPath}"]
    },
+    "copy-assets": {
+      "executor": "nx:run-commands",
+      "options": {
+        "commands": [
+          {
+            "command": "shx rm -rf dist/apps/api"
+          },
+          {
+            "command": "shx mkdir -p dist/apps/api/assets/locales"
+          },
+          {
+            "command": "shx cp -r apps/api/src/assets/* dist/apps/api/assets"
+          },
+          {
+            "command": "shx cp -r apps/client/src/locales/* dist/apps/api/assets/locales"
+          }
+        ],
+        "parallel": false
+      }
+    },
    "serve": {
-      "executor": "@nrwl/node:node",
+      "executor": "@nx/js:node",
      "options": {
        "buildTarget": "api:build"
      }
    },
    "lint": {
-      "executor": "@nrwl/linter:eslint",
+      "executor": "@nx/eslint:lint",
      "options": {
        "lintFilePatterns": ["apps/api/**/*.ts"]
      }
    },
    "test": {
-      "executor": "@nrwl/jest:jest",
+      "executor": "@nx/jest:jest",
      "options": {
-        "jestConfig": "apps/api/jest.config.ts",
-        "passWithNoTests": true
+        "jestConfig": "apps/api/jest.config.ts"
      },
      "outputs": ["{workspaceRoot}/coverage/apps/api"]
    }
--- a/apps/api/src/app/access/access.controller.ts
+++ b/apps/api/src/app/access/access.controller.ts
@ -1,6 +1,10 @@
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
 import { Access } from '@ghostfolio/common/interfaces';
-import { hasPermission, permissions } from '@ghostfolio/common/permissions';
+import { permissions } from '@ghostfolio/common/permissions';
 import type { RequestWithUser } from '@ghostfolio/common/types';
+
 import {
  Body,
  Controller,
@ -17,7 +21,6 @@ import { AuthGuard } from '@nestjs/passport';
 import { Access as AccessModel } from '@prisma/client';
 import { StatusCodes, getReasonPhrase } from 'http-status-codes';

-import { AccessModule } from './access.module';
 import { AccessService } from './access.service';
 import { CreateAccessDto } from './create-access.dto';

@ -25,11 +28,12 @@ import { CreateAccessDto } from './create-access.dto';
 export class AccessController {
  public constructor(
    private readonly accessService: AccessService,
+    private readonly configurationService: ConfigurationService,
    @Inject(REQUEST) private readonly request: RequestWithUser
  ) {}

  @Get()
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async getAllAccesses(): Promise<Access[]> {
    const accessesWithGranteeUser = await this.accessService.accesses({
      include: {
@ -39,32 +43,38 @@ export class AccessController {
      where: { userId: this.request.user.id }
    });

-    return accessesWithGranteeUser.map((access) => {
-      if (access.GranteeUser) {
+    return accessesWithGranteeUser.map(
+      ({ alias, GranteeUser, id, permissions }) => {
+        if (GranteeUser) {
+          return {
+            alias,
+            id,
+            permissions,
+            grantee: GranteeUser?.id,
+            type: 'PRIVATE'
+          };
+        }
+
        return {
-          alias: access.alias,
-          grantee: access.GranteeUser?.id,
-          id: access.id,
-          type: 'RESTRICTED_VIEW'
+          alias,
+          id,
+          permissions,
+          grantee: 'Public',
+          type: 'PUBLIC'
        };
      }
-
-      return {
-        alias: access.alias,
-        grantee: 'Public',
-        id: access.id,
-        type: 'PUBLIC'
-      };
-    });
+    );
  }

+  @HasPermission(permissions.createAccess)
  @Post()
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async createAccess(
    @Body() data: CreateAccessDto
  ): Promise<AccessModel> {
    if (
-      !hasPermission(this.request.user.permissions, permissions.createAccess)
+      this.configurationService.get('ENABLE_FEATURE_SUBSCRIPTION') &&
+      this.request.user.subscription.type === 'Basic'
    ) {
      throw new HttpException(
        getReasonPhrase(StatusCodes.FORBIDDEN),
@ -72,25 +82,30 @@ export class AccessController {
      );
    }

-    return this.accessService.createAccess({
-      alias: data.alias || undefined,
-      GranteeUser: data.granteeUserId
-        ? { connect: { id: data.granteeUserId } }
-        : undefined,
-      User: { connect: { id: this.request.user.id } }
-    });
+    try {
+      return await this.accessService.createAccess({
+        alias: data.alias || undefined,
+        GranteeUser: data.granteeUserId
+          ? { connect: { id: data.granteeUserId } }
+          : undefined,
+        permissions: data.permissions,
+        User: { connect: { id: this.request.user.id } }
+      });
+    } catch {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.BAD_REQUEST),
+        StatusCodes.BAD_REQUEST
+      );
+    }
  }

  @Delete(':id')
-  @UseGuards(AuthGuard('jwt'))
-  public async deleteAccess(@Param('id') id: string): Promise<AccessModule> {
+  @HasPermission(permissions.deleteAccess)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async deleteAccess(@Param('id') id: string): Promise<AccessModel> {
    const access = await this.accessService.access({ id });

-    if (
-      !hasPermission(this.request.user.permissions, permissions.deleteAccess) ||
-      !access ||
-      access.userId !== this.request.user.id
-    ) {
+    if (!access || access.userId !== this.request.user.id) {
      throw new HttpException(
        getReasonPhrase(StatusCodes.FORBIDDEN),
        StatusCodes.FORBIDDEN
--- a/apps/api/src/app/access/access.module.ts
+++ b/apps/api/src/app/access/access.module.ts
@ -1,4 +1,6 @@
+import { ConfigurationModule } from '@ghostfolio/api/services/configuration/configuration.module';
 import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
+
 import { Module } from '@nestjs/common';

 import { AccessController } from './access.controller';
@ -7,7 +9,7 @@ import { AccessService } from './access.service';
@Module({
  controllers: [AccessController],
  exports: [AccessService],
-  imports: [PrismaModule],
+  imports: [ConfigurationModule, PrismaModule],
  providers: [AccessService]
 })
 export class AccessModule {}
--- a/apps/api/src/app/access/access.service.ts
+++ b/apps/api/src/app/access/access.service.ts
@ -1,5 +1,6 @@
 import { PrismaService } from '@ghostfolio/api/services/prisma/prisma.service';
 import { AccessWithGranteeUser } from '@ghostfolio/common/types';
+
 import { Injectable } from '@nestjs/common';
 import { Access, Prisma } from '@prisma/client';

--- a/apps/api/src/app/access/create-access.dto.ts
+++ b/apps/api/src/app/access/create-access.dto.ts
@ -1,4 +1,5 @@
-import { IsOptional, IsString } from 'class-validator';
+import { AccessPermission } from '@prisma/client';
+import { IsEnum, IsOptional, IsString, IsUUID } from 'class-validator';

 export class CreateAccessDto {
  @IsOptional()
@ -6,6 +7,10 @@ export class CreateAccessDto {
  alias?: string;

  @IsOptional()
-  @IsString()
+  @IsUUID()
  granteeUserId?: string;
+
+  @IsEnum(AccessPermission, { each: true })
+  @IsOptional()
+  permissions?: AccessPermission[];
 }
--- a/apps/api/src/app/account-balance/account-balance.controller.ts
+++ b/apps/api/src/app/account-balance/account-balance.controller.ts
@ -0,0 +1,49 @@
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import { permissions } from '@ghostfolio/common/permissions';
+import type { RequestWithUser } from '@ghostfolio/common/types';
+
+import {
+  Controller,
+  Delete,
+  HttpException,
+  Inject,
+  Param,
+  UseGuards
+} from '@nestjs/common';
+import { REQUEST } from '@nestjs/core';
+import { AuthGuard } from '@nestjs/passport';
+import { AccountBalance } from '@prisma/client';
+import { StatusCodes, getReasonPhrase } from 'http-status-codes';
+
+import { AccountBalanceService } from './account-balance.service';
+
+@Controller('account-balance')
+export class AccountBalanceController {
+  public constructor(
+    private readonly accountBalanceService: AccountBalanceService,
+    @Inject(REQUEST) private readonly request: RequestWithUser
+  ) {}
+
+  @HasPermission(permissions.deleteAccountBalance)
+  @Delete(':id')
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async deleteAccountBalance(
+    @Param('id') id: string
+  ): Promise<AccountBalance> {
+    const accountBalance = await this.accountBalanceService.accountBalance({
+      id
+    });
+
+    if (!accountBalance || accountBalance.userId !== this.request.user.id) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.FORBIDDEN),
+        StatusCodes.FORBIDDEN
+      );
+    }
+
+    return this.accountBalanceService.deleteAccountBalance({
+      id
+    });
+  }
+}
--- a/apps/api/src/app/account-balance/account-balance.module.ts
+++ b/apps/api/src/app/account-balance/account-balance.module.ts
@ -0,0 +1,15 @@
+import { ExchangeRateDataModule } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.module';
+import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
+
+import { Module } from '@nestjs/common';
+
+import { AccountBalanceController } from './account-balance.controller';
+import { AccountBalanceService } from './account-balance.service';
+
+@Module({
+  controllers: [AccountBalanceController],
+  exports: [AccountBalanceService],
+  imports: [ExchangeRateDataModule, PrismaModule],
+  providers: [AccountBalanceService]
+})
+export class AccountBalanceModule {}
--- a/apps/api/src/app/account-balance/account-balance.service.ts
+++ b/apps/api/src/app/account-balance/account-balance.service.ts
@ -0,0 +1,92 @@
+import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
+import { PrismaService } from '@ghostfolio/api/services/prisma/prisma.service';
+import { AccountBalancesResponse, Filter } from '@ghostfolio/common/interfaces';
+import { UserWithSettings } from '@ghostfolio/common/types';
+
+import { Injectable } from '@nestjs/common';
+import { AccountBalance, Prisma } from '@prisma/client';
+
+@Injectable()
+export class AccountBalanceService {
+  public constructor(
+    private readonly exchangeRateDataService: ExchangeRateDataService,
+    private readonly prismaService: PrismaService
+  ) {}
+
+  public async accountBalance(
+    accountBalanceWhereInput: Prisma.AccountBalanceWhereInput
+  ): Promise<AccountBalance | null> {
+    return this.prismaService.accountBalance.findFirst({
+      include: {
+        Account: true
+      },
+      where: accountBalanceWhereInput
+    });
+  }
+
+  public async createAccountBalance(
+    data: Prisma.AccountBalanceCreateInput
+  ): Promise<AccountBalance> {
+    return this.prismaService.accountBalance.create({
+      data
+    });
+  }
+
+  public async deleteAccountBalance(
+    where: Prisma.AccountBalanceWhereUniqueInput
+  ): Promise<AccountBalance> {
+    return this.prismaService.accountBalance.delete({
+      where
+    });
+  }
+
+  public async getAccountBalances({
+    filters,
+    user,
+    withExcludedAccounts
+  }: {
+    filters?: Filter[];
+    user: UserWithSettings;
+    withExcludedAccounts?: boolean;
+  }): Promise<AccountBalancesResponse> {
+    const where: Prisma.AccountBalanceWhereInput = { userId: user.id };
+
+    const accountFilter = filters?.find(({ type }) => {
+      return type === 'ACCOUNT';
+    });
+
+    if (accountFilter) {
+      where.accountId = accountFilter.id;
+    }
+
+    if (withExcludedAccounts === false) {
+      where.Account = { isExcluded: false };
+    }
+
+    const balances = await this.prismaService.accountBalance.findMany({
+      where,
+      orderBy: {
+        date: 'asc'
+      },
+      select: {
+        Account: true,
+        date: true,
+        id: true,
+        value: true
+      }
+    });
+
+    return {
+      balances: balances.map((balance) => {
+        return {
+          ...balance,
+          valueInBaseCurrency: this.exchangeRateDataService.toCurrency(
+            balance.value,
+            balance.Account.currency,
+            user.Settings.settings.baseCurrency
+          )
+        };
+      })
+    };
+  }
+}
--- a/apps/api/src/app/account/account.controller.ts
+++ b/apps/api/src/app/account/account.controller.ts
@ -1,13 +1,20 @@
+import { AccountBalanceService } from '@ghostfolio/api/app/account-balance/account-balance.service';
 import { PortfolioService } from '@ghostfolio/api/app/portfolio/portfolio.service';
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
 import { RedactValuesInResponseInterceptor } from '@ghostfolio/api/interceptors/redact-values-in-response.interceptor';
 import { ImpersonationService } from '@ghostfolio/api/services/impersonation/impersonation.service';
 import { HEADER_KEY_IMPERSONATION } from '@ghostfolio/common/config';
-import { Accounts } from '@ghostfolio/common/interfaces';
-import { hasPermission, permissions } from '@ghostfolio/common/permissions';
+import {
+  AccountBalancesResponse,
+  Accounts
+} from '@ghostfolio/common/interfaces';
+import { permissions } from '@ghostfolio/common/permissions';
 import type {
  AccountWithValue,
  RequestWithUser
 } from '@ghostfolio/common/types';
+
 import {
  Body,
  Controller,
@ -29,11 +36,13 @@ import { StatusCodes, getReasonPhrase } from 'http-status-codes';

 import { AccountService } from './account.service';
 import { CreateAccountDto } from './create-account.dto';
+import { TransferBalanceDto } from './transfer-balance.dto';
 import { UpdateAccountDto } from './update-account.dto';

@Controller('account')
 export class AccountController {
  public constructor(
+    private readonly accountBalanceService: AccountBalanceService,
    private readonly accountService: AccountService,
    private readonly impersonationService: ImpersonationService,
    private readonly portfolioService: PortfolioService,
@ -41,17 +50,9 @@ export class AccountController {
  ) {}

  @Delete(':id')
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.deleteAccount)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async deleteAccount(@Param('id') id: string): Promise<AccountModel> {
-    if (
-      !hasPermission(this.request.user.permissions, permissions.deleteAccount)
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    const account = await this.accountService.accountWithOrders(
      {
        id_userId: {
@ -62,7 +63,7 @@ export class AccountController {
      { Order: true }
    );

-    if (account?.isDefault || account?.Order.length > 0) {
+    if (!account || account?.Order.length > 0) {
      throw new HttpException(
        getReasonPhrase(StatusCodes.FORBIDDEN),
        StatusCodes.FORBIDDEN
@ -81,7 +82,7 @@ export class AccountController {
  }

  @Get()
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  @UseInterceptors(RedactValuesInResponseInterceptor)
  public async getAllAccounts(
    @Headers(HEADER_KEY_IMPERSONATION.toLowerCase()) impersonationId
@ -96,7 +97,7 @@ export class AccountController {
  }

  @Get(':id')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  @UseInterceptors(RedactValuesInResponseInterceptor)
  public async getAccountById(
    @Headers(HEADER_KEY_IMPERSONATION.toLowerCase()) impersonationId,
@ -115,20 +116,24 @@ export class AccountController {
    return accountsWithAggregations.accounts[0];
  }

+  @Get(':id/balances')
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  @UseInterceptors(RedactValuesInResponseInterceptor)
+  public async getAccountBalancesById(
+    @Param('id') id: string
+  ): Promise<AccountBalancesResponse> {
+    return this.accountBalanceService.getAccountBalances({
+      filters: [{ id, type: 'ACCOUNT' }],
+      user: this.request.user
+    });
+  }
+
+  @HasPermission(permissions.createAccount)
  @Post()
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async createAccount(
    @Body() data: CreateAccountDto
  ): Promise<AccountModel> {
-    if (
-      !hasPermission(this.request.user.permissions, permissions.createAccount)
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    if (data.platformId) {
      const platformId = data.platformId;
      delete data.platformId;
@ -154,18 +159,64 @@ export class AccountController {
    }
  }

-  @Put(':id')
-  @UseGuards(AuthGuard('jwt'))
-  public async update(@Param('id') id: string, @Body() data: UpdateAccountDto) {
-    if (
-      !hasPermission(this.request.user.permissions, permissions.updateAccount)
-    ) {
+  @HasPermission(permissions.updateAccount)
+  @Post('transfer-balance')
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async transferAccountBalance(
+    @Body() { accountIdFrom, accountIdTo, balance }: TransferBalanceDto
+  ) {
+    const accountsOfUser = await this.accountService.getAccounts(
+      this.request.user.id
+    );
+
+    const accountFrom = accountsOfUser.find(({ id }) => {
+      return id === accountIdFrom;
+    });
+
+    const accountTo = accountsOfUser.find(({ id }) => {
+      return id === accountIdTo;
+    });
+
+    if (!accountFrom || !accountTo) {
      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
+        getReasonPhrase(StatusCodes.NOT_FOUND),
+        StatusCodes.NOT_FOUND
      );
    }

+    if (accountFrom.id === accountTo.id) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.BAD_REQUEST),
+        StatusCodes.BAD_REQUEST
+      );
+    }
+
+    if (accountFrom.balance < balance) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.BAD_REQUEST),
+        StatusCodes.BAD_REQUEST
+      );
+    }
+
+    await this.accountService.updateAccountBalance({
+      accountId: accountFrom.id,
+      amount: -balance,
+      currency: accountFrom.currency,
+      userId: this.request.user.id
+    });
+
+    await this.accountService.updateAccountBalance({
+      accountId: accountTo.id,
+      amount: balance,
+      currency: accountFrom.currency,
+      userId: this.request.user.id
+    });
+  }
+
+  @HasPermission(permissions.updateAccount)
+  @Put(':id')
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async update(@Param('id') id: string, @Body() data: UpdateAccountDto) {
    const originalAccount = await this.accountService.account({
      id_userId: {
        id,
--- a/apps/api/src/app/account/account.module.ts
+++ b/apps/api/src/app/account/account.module.ts
@ -1,3 +1,4 @@
+import { AccountBalanceModule } from '@ghostfolio/api/app/account-balance/account-balance.module';
 import { PortfolioModule } from '@ghostfolio/api/app/portfolio/portfolio.module';
 import { RedisCacheModule } from '@ghostfolio/api/app/redis-cache/redis-cache.module';
 import { UserModule } from '@ghostfolio/api/app/user/user.module';
@ -6,6 +7,7 @@ import { DataProviderModule } from '@ghostfolio/api/services/data-provider/data-
 import { ExchangeRateDataModule } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.module';
 import { ImpersonationModule } from '@ghostfolio/api/services/impersonation/impersonation.module';
 import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
+
 import { Module } from '@nestjs/common';

 import { AccountController } from './account.controller';
@ -15,6 +17,7 @@ import { AccountService } from './account.service';
  controllers: [AccountController],
  exports: [AccountService],
  imports: [
+    AccountBalanceModule,
    ConfigurationModule,
    DataProviderModule,
    ExchangeRateDataModule,
--- a/apps/api/src/app/account/account.service.ts
+++ b/apps/api/src/app/account/account.service.ts
@ -1,6 +1,8 @@
+import { AccountBalanceService } from '@ghostfolio/api/app/account-balance/account-balance.service';
 import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
 import { PrismaService } from '@ghostfolio/api/services/prisma/prisma.service';
 import { Filter } from '@ghostfolio/common/interfaces';
+
 import { Injectable } from '@nestjs/common';
 import { Account, Order, Platform, Prisma } from '@prisma/client';
 import Big from 'big.js';
@ -11,16 +13,19 @@ import { CashDetails } from './interfaces/cash-details.interface';
@Injectable()
 export class AccountService {
  public constructor(
+    private readonly accountBalanceService: AccountBalanceService,
    private readonly exchangeRateDataService: ExchangeRateDataService,
    private readonly prismaService: PrismaService
  ) {}

-  public async account(
-    accountWhereUniqueInput: Prisma.AccountWhereUniqueInput
-  ): Promise<Account | null> {
-    return this.prismaService.account.findUnique({
-      where: accountWhereUniqueInput
+  public async account({
+    id_userId
+  }: Prisma.AccountWhereUniqueInput): Promise<Account | null> {
+    const [account] = await this.accounts({
+      where: id_userId
    });
+
+    return account;
  }

  public async accountWithOrders(
@ -50,9 +55,11 @@ export class AccountService {
      Platform?: Platform;
    })[]
  > {
-    const { include, skip, take, cursor, where, orderBy } = params;
+    const { include = {}, skip, take, cursor, where, orderBy } = params;

-    return this.prismaService.account.findMany({
+    include.balances = { orderBy: { date: 'desc' }, take: 1 };
+
+    const accounts = await this.prismaService.account.findMany({
      cursor,
      include,
      orderBy,
@ -60,15 +67,36 @@ export class AccountService {
      take,
      where
    });
+
+    return accounts.map((account) => {
+      account = { ...account, balance: account.balances[0]?.value ?? 0 };
+
+      delete account.balances;
+
+      return account;
+    });
  }

  public async createAccount(
    data: Prisma.AccountCreateInput,
    aUserId: string
  ): Promise<Account> {
-    return this.prismaService.account.create({
+    const account = await this.prismaService.account.create({
      data
    });
+
+    await this.prismaService.accountBalance.create({
+      data: {
+        Account: {
+          connect: {
+            id_userId: { id: account.id, userId: aUserId }
+          }
+        },
+        value: data.balance
+      }
+    });
+
+    return account;
  }

  public async deleteAccount(
@ -80,7 +108,7 @@ export class AccountService {
    });
  }

-  public async getAccounts(aUserId: string) {
+  public async getAccounts(aUserId: string): Promise<Account[]> {
    const accounts = await this.accounts({
      include: { Order: true, Platform: true },
      orderBy: { name: 'asc' },
@ -167,6 +195,18 @@ export class AccountService {
    aUserId: string
  ): Promise<Account> {
    const { data, where } = params;
+
+    await this.prismaService.accountBalance.create({
+      data: {
+        Account: {
+          connect: {
+            id_userId: where.id_userId
+          }
+        },
+        value: <number>data.balance
+      }
+    });
+
    return this.prismaService.account.update({
      data,
      where
@ -177,13 +217,13 @@ export class AccountService {
    accountId,
    amount,
    currency,
-    date,
+    date = new Date(),
    userId
  }: {
    accountId: string;
    amount: number;
    currency: string;
-    date: Date;
+    date?: Date;
    userId: string;
  }) {
    const { balance, currency: currencyOfAccount } = await this.account({
@ -202,16 +242,17 @@ export class AccountService {
      );

    if (amountInCurrencyOfAccount) {
-      await this.prismaService.account.update({
-        data: {
-          balance: new Big(balance).plus(amountInCurrencyOfAccount).toNumber()
-        },
-        where: {
-          id_userId: {
-            userId,
-            id: accountId
+      await this.accountBalanceService.createAccountBalance({
+        date,
+        Account: {
+          connect: {
+            id_userId: {
+              userId,
+              id: accountId
+            }
          }
-        }
+        },
+        value: new Big(balance).plus(amountInCurrencyOfAccount).toNumber()
      });
    }
  }
--- a/apps/api/src/app/account/create-account.dto.ts
+++ b/apps/api/src/app/account/create-account.dto.ts
@ -1,20 +1,26 @@
-import { AccountType } from '@prisma/client';
+import { Transform, TransformFnParams } from 'class-transformer';
 import {
  IsBoolean,
+  IsISO4217CurrencyCode,
  IsNumber,
  IsOptional,
  IsString,
  ValidateIf
 } from 'class-validator';
+import { isString } from 'lodash';

 export class CreateAccountDto {
-  @IsString()
-  accountType: AccountType;
-
  @IsNumber()
  balance: number;

+  @IsOptional()
  @IsString()
+  @Transform(({ value }: TransformFnParams) =>
+    isString(value) ? value.trim() : value
+  )
+  comment?: string;
+
+  @IsISO4217CurrencyCode()
  currency: string;

  @IsOptional()
--- a/apps/api/src/app/account/transfer-balance.dto.ts
+++ b/apps/api/src/app/account/transfer-balance.dto.ts
@ -0,0 +1,13 @@
+import { IsNumber, IsPositive, IsString } from 'class-validator';
+
+export class TransferBalanceDto {
+  @IsString()
+  accountIdFrom: string;
+
+  @IsString()
+  accountIdTo: string;
+
+  @IsNumber()
+  @IsPositive()
+  balance: number;
+}
--- a/apps/api/src/app/account/update-account.dto.ts
+++ b/apps/api/src/app/account/update-account.dto.ts
@ -1,20 +1,26 @@
-import { AccountType } from '@prisma/client';
+import { Transform, TransformFnParams } from 'class-transformer';
 import {
  IsBoolean,
+  IsISO4217CurrencyCode,
  IsNumber,
  IsOptional,
  IsString,
  ValidateIf
 } from 'class-validator';
+import { isString } from 'lodash';

 export class UpdateAccountDto {
-  @IsString()
-  accountType: AccountType;
-
  @IsNumber()
  balance: number;

+  @IsOptional()
  @IsString()
+  @Transform(({ value }: TransformFnParams) =>
+    isString(value) ? value.trim() : value
+  )
+  comment?: string;
+
+  @IsISO4217CurrencyCode()
  currency: string;

  @IsString()
--- a/apps/api/src/app/admin/admin.controller.ts
+++ b/apps/api/src/app/admin/admin.controller.ts
@ -1,19 +1,31 @@
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import { TransformDataSourceInRequestInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-request.interceptor';
+import { ApiService } from '@ghostfolio/api/services/api/api.service';
 import { DataGatheringService } from '@ghostfolio/api/services/data-gathering/data-gathering.service';
+import { ManualService } from '@ghostfolio/api/services/data-provider/manual/manual.service';
 import { MarketDataService } from '@ghostfolio/api/services/market-data/market-data.service';
 import { PropertyDto } from '@ghostfolio/api/services/property/property.dto';
 import {
  GATHER_ASSET_PROFILE_PROCESS,
  GATHER_ASSET_PROFILE_PROCESS_OPTIONS
 } from '@ghostfolio/common/config';
+import {
+  getAssetProfileIdentifier,
+  resetHours
+} from '@ghostfolio/common/helper';
 import {
  AdminData,
  AdminMarketData,
  AdminMarketDataDetails,
-  EnhancedSymbolProfile,
-  Filter
+  EnhancedSymbolProfile
 } from '@ghostfolio/common/interfaces';
-import { hasPermission, permissions } from '@ghostfolio/common/permissions';
-import type { RequestWithUser } from '@ghostfolio/common/types';
+import { permissions } from '@ghostfolio/common/permissions';
+import type {
+  MarketDataPreset,
+  RequestWithUser
+} from '@ghostfolio/common/types';
+
 import {
  Body,
  Controller,
@ -21,83 +33,55 @@ import {
  Get,
  HttpException,
  Inject,
+  Logger,
  Param,
  Patch,
  Post,
  Put,
  Query,
-  UseGuards
+  UseGuards,
+  UseInterceptors
 } from '@nestjs/common';
 import { REQUEST } from '@nestjs/core';
 import { AuthGuard } from '@nestjs/passport';
-import { DataSource, MarketData } from '@prisma/client';
-import { isDate } from 'date-fns';
+import { DataSource, MarketData, Prisma, SymbolProfile } from '@prisma/client';
+import { isDate, parseISO } from 'date-fns';
 import { StatusCodes, getReasonPhrase } from 'http-status-codes';

 import { AdminService } from './admin.service';
 import { UpdateAssetProfileDto } from './update-asset-profile.dto';
+import { UpdateBulkMarketDataDto } from './update-bulk-market-data.dto';
 import { UpdateMarketDataDto } from './update-market-data.dto';

@Controller('admin')
 export class AdminController {
  public constructor(
    private readonly adminService: AdminService,
+    private readonly apiService: ApiService,
    private readonly dataGatheringService: DataGatheringService,
+    private readonly manualService: ManualService,
    private readonly marketDataService: MarketDataService,
    @Inject(REQUEST) private readonly request: RequestWithUser
  ) {}

  @Get()
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.accessAdminControl)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async getAdminData(): Promise<AdminData> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    return this.adminService.get();
  }

+  @HasPermission(permissions.accessAdminControl)
  @Post('gather')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async gather7Days(): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    this.dataGatheringService.gather7Days();
  }

+  @HasPermission(permissions.accessAdminControl)
  @Post('gather/max')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async gatherMax(): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    const uniqueAssets = await this.dataGatheringService.getUniqueAssets();

    await this.dataGatheringService.addJobsToQueue(
@ -110,7 +94,7 @@ export class AdminController {
          name: GATHER_ASSET_PROFILE_PROCESS,
          opts: {
            ...GATHER_ASSET_PROFILE_PROCESS_OPTIONS,
-            jobId: `${dataSource}-${symbol}`
+            jobId: getAssetProfileIdentifier({ dataSource, symbol })
          }
        };
      })
@ -119,21 +103,10 @@ export class AdminController {
    this.dataGatheringService.gatherMax();
  }

+  @HasPermission(permissions.accessAdminControl)
  @Post('gather/profile-data')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async gatherProfileData(): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    const uniqueAssets = await this.dataGatheringService.getUniqueAssets();

    await this.dataGatheringService.addJobsToQueue(
@ -146,31 +119,20 @@ export class AdminController {
          name: GATHER_ASSET_PROFILE_PROCESS,
          opts: {
            ...GATHER_ASSET_PROFILE_PROCESS_OPTIONS,
-            jobId: `${dataSource}-${symbol}`
+            jobId: getAssetProfileIdentifier({ dataSource, symbol })
          }
        };
      })
    );
  }

+  @HasPermission(permissions.accessAdminControl)
  @Post('gather/profile-data/:dataSource/:symbol')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async gatherProfileDataForSymbol(
    @Param('dataSource') dataSource: DataSource,
    @Param('symbol') symbol: string
  ): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    await this.dataGatheringService.addJobToQueue({
      data: {
        dataSource,
@ -179,54 +141,32 @@ export class AdminController {
      name: GATHER_ASSET_PROFILE_PROCESS,
      opts: {
        ...GATHER_ASSET_PROFILE_PROCESS_OPTIONS,
-        jobId: `${dataSource}-${symbol}`
+        jobId: getAssetProfileIdentifier({ dataSource, symbol })
      }
    });
  }

  @Post('gather/:dataSource/:symbol')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  @HasPermission(permissions.accessAdminControl)
  public async gatherSymbol(
    @Param('dataSource') dataSource: DataSource,
    @Param('symbol') symbol: string
  ): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    this.dataGatheringService.gatherSymbol({ dataSource, symbol });

    return;
  }

+  @HasPermission(permissions.accessAdminControl)
  @Post('gather/:dataSource/:symbol/:dateString')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async gatherSymbolForDate(
    @Param('dataSource') dataSource: DataSource,
    @Param('dateString') dateString: string,
    @Param('symbol') symbol: string
  ): Promise<MarketData> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
-    const date = new Date(dateString);
+    const date = parseISO(dateString);

    if (!isDate(date)) {
      throw new HttpException(
@ -243,78 +183,102 @@ export class AdminController {
  }

  @Get('market-data')
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.accessAdminControl)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async getMarketData(
-    @Query('assetSubClasses') filterByAssetSubClasses?: string
+    @Query('assetSubClasses') filterByAssetSubClasses?: string,
+    @Query('presetId') presetId?: MarketDataPreset,
+    @Query('query') filterBySearchQuery?: string,
+    @Query('skip') skip?: number,
+    @Query('sortColumn') sortColumn?: string,
+    @Query('sortDirection') sortDirection?: Prisma.SortOrder,
+    @Query('take') take?: number
  ): Promise<AdminMarketData> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
+    const filters = this.apiService.buildFiltersFromQueryParams({
+      filterByAssetSubClasses,
+      filterBySearchQuery
+    });

-    const assetSubClasses = filterByAssetSubClasses?.split(',') ?? [];
-
-    const filters: Filter[] = [
-      ...assetSubClasses.map((assetSubClass) => {
-        return <Filter>{
-          id: assetSubClass,
-          type: 'ASSET_SUB_CLASS'
-        };
-      })
-    ];
-
-    return this.adminService.getMarketData(filters);
+    return this.adminService.getMarketData({
+      filters,
+      presetId,
+      sortColumn,
+      sortDirection,
+      skip: isNaN(skip) ? undefined : skip,
+      take: isNaN(take) ? undefined : take
+    });
  }

  @Get('market-data/:dataSource/:symbol')
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.accessAdminControl)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async getMarketDataBySymbol(
    @Param('dataSource') dataSource: DataSource,
    @Param('symbol') symbol: string
  ): Promise<AdminMarketDataDetails> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    return this.adminService.getMarketDataBySymbol({ dataSource, symbol });
  }

+  @HasPermission(permissions.accessAdminControl)
+  @Post('market-data/:dataSource/:symbol/test')
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async testMarketData(
+    @Body() data: { scraperConfiguration: string },
+    @Param('dataSource') dataSource: DataSource,
+    @Param('symbol') symbol: string
+  ): Promise<{ price: number }> {
+    try {
+      const scraperConfiguration = JSON.parse(data.scraperConfiguration);
+      const price = await this.manualService.test(scraperConfiguration);
+
+      if (price) {
+        return { price };
+      }
+
+      throw new Error('Could not parse the current market price');
+    } catch (error) {
+      Logger.error(error);
+
+      throw new HttpException(error.message, StatusCodes.BAD_REQUEST);
+    }
+  }
+
+  @HasPermission(permissions.accessAdminControl)
+  @Post('market-data/:dataSource/:symbol')
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async updateMarketData(
+    @Body() data: UpdateBulkMarketDataDto,
+    @Param('dataSource') dataSource: DataSource,
+    @Param('symbol') symbol: string
+  ) {
+    const dataBulkUpdate: Prisma.MarketDataUpdateInput[] = data.marketData.map(
+      ({ date, marketPrice }) => ({
+        dataSource,
+        marketPrice,
+        symbol,
+        date: parseISO(date),
+        state: 'CLOSE'
+      })
+    );
+
+    return this.marketDataService.updateMany({
+      data: dataBulkUpdate
+    });
+  }
+
+  /**
+   * @deprecated
+   */
+  @HasPermission(permissions.accessAdminControl)
  @Put('market-data/:dataSource/:symbol/:dateString')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async update(
    @Param('dataSource') dataSource: DataSource,
    @Param('dateString') dateString: string,
    @Param('symbol') symbol: string,
    @Body() data: UpdateMarketDataDto
  ) {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
-    const date = new Date(dateString);
+    const date = parseISO(dateString);

    return this.marketDataService.updateMarketData({
      data: { marketPrice: data.marketPrice, state: 'CLOSE' },
@ -328,46 +292,39 @@ export class AdminController {
    });
  }

+  @HasPermission(permissions.accessAdminControl)
+  @Post('profile-data/:dataSource/:symbol')
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  @UseInterceptors(TransformDataSourceInRequestInterceptor)
+  public async addProfileData(
+    @Param('dataSource') dataSource: DataSource,
+    @Param('symbol') symbol: string
+  ): Promise<SymbolProfile | never> {
+    return this.adminService.addAssetProfile({
+      dataSource,
+      symbol,
+      currency: this.request.user.Settings.settings.baseCurrency
+    });
+  }
+
  @Delete('profile-data/:dataSource/:symbol')
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.accessAdminControl)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async deleteProfileData(
    @Param('dataSource') dataSource: DataSource,
    @Param('symbol') symbol: string
  ): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    return this.adminService.deleteProfileData({ dataSource, symbol });
  }

+  @HasPermission(permissions.accessAdminControl)
  @Patch('profile-data/:dataSource/:symbol')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async patchAssetProfileData(
    @Body() assetProfileData: UpdateAssetProfileDto,
    @Param('dataSource') dataSource: DataSource,
    @Param('symbol') symbol: string
  ): Promise<EnhancedSymbolProfile> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    return this.adminService.patchAssetProfileData({
      ...assetProfileData,
      dataSource,
@ -375,24 +332,13 @@ export class AdminController {
    });
  }

+  @HasPermission(permissions.accessAdminControl)
  @Put('settings/:key')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async updateProperty(
    @Param('key') key: string,
    @Body() data: PropertyDto
  ) {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    return await this.adminService.putSetting(key, data.value);
  }
 }
--- a/apps/api/src/app/admin/admin.module.ts
+++ b/apps/api/src/app/admin/admin.module.ts
@ -1,4 +1,5 @@
 import { SubscriptionModule } from '@ghostfolio/api/app/subscription/subscription.module';
+import { ApiModule } from '@ghostfolio/api/services/api/api.module';
 import { ConfigurationModule } from '@ghostfolio/api/services/configuration/configuration.module';
 import { DataGatheringModule } from '@ghostfolio/api/services/data-gathering/data-gathering.module';
 import { DataProviderModule } from '@ghostfolio/api/services/data-provider/data-provider.module';
@ -7,6 +8,7 @@ import { MarketDataModule } from '@ghostfolio/api/services/market-data/market-da
 import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
 import { PropertyModule } from '@ghostfolio/api/services/property/property.module';
 import { SymbolProfileModule } from '@ghostfolio/api/services/symbol-profile/symbol-profile.module';
+
 import { Module } from '@nestjs/common';

 import { AdminController } from './admin.controller';
@ -15,6 +17,7 @@ import { QueueModule } from './queue/queue.module';

@Module({
  imports: [
+    ApiModule,
    ConfigurationModule,
    DataGatheringModule,
    DataProviderModule,
--- a/apps/api/src/app/admin/admin.service.ts
+++ b/apps/api/src/app/admin/admin.service.ts
@ -1,11 +1,18 @@
 import { SubscriptionService } from '@ghostfolio/api/app/subscription/subscription.service';
+import { environment } from '@ghostfolio/api/environments/environment';
 import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
+import { DataProviderService } from '@ghostfolio/api/services/data-provider/data-provider.service';
 import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
 import { MarketDataService } from '@ghostfolio/api/services/market-data/market-data.service';
 import { PrismaService } from '@ghostfolio/api/services/prisma/prisma.service';
 import { PropertyService } from '@ghostfolio/api/services/property/property.service';
 import { SymbolProfileService } from '@ghostfolio/api/services/symbol-profile/symbol-profile.service';
-import { PROPERTY_CURRENCIES } from '@ghostfolio/common/config';
+import {
+  DEFAULT_CURRENCY,
+  PROPERTY_CURRENCIES,
+  PROPERTY_IS_READ_ONLY_MODE,
+  PROPERTY_IS_USER_SIGNUP_ENABLED
+} from '@ghostfolio/common/config';
 import {
  AdminData,
  AdminMarketData,
@ -14,25 +21,71 @@ import {
  Filter,
  UniqueAsset
 } from '@ghostfolio/common/interfaces';
-import { Injectable } from '@nestjs/common';
-import { AssetSubClass, Prisma, Property } from '@prisma/client';
+import { MarketDataPreset } from '@ghostfolio/common/types';
+
+import { BadRequestException, Injectable } from '@nestjs/common';
+import {
+  AssetSubClass,
+  DataSource,
+  Prisma,
+  Property,
+  SymbolProfile
+} from '@prisma/client';
 import { differenceInDays } from 'date-fns';
 import { groupBy } from 'lodash';

@Injectable()
 export class AdminService {
-  private baseCurrency: string;
-
  public constructor(
    private readonly configurationService: ConfigurationService,
+    private readonly dataProviderService: DataProviderService,
    private readonly exchangeRateDataService: ExchangeRateDataService,
    private readonly marketDataService: MarketDataService,
    private readonly prismaService: PrismaService,
    private readonly propertyService: PropertyService,
    private readonly subscriptionService: SubscriptionService,
    private readonly symbolProfileService: SymbolProfileService
-  ) {
-    this.baseCurrency = this.configurationService.get('BASE_CURRENCY');
+  ) {}
+
+  public async addAssetProfile({
+    currency,
+    dataSource,
+    symbol
+  }: UniqueAsset & { currency?: string }): Promise<SymbolProfile | never> {
+    try {
+      if (dataSource === 'MANUAL') {
+        return this.symbolProfileService.add({
+          currency,
+          dataSource,
+          symbol
+        });
+      }
+
+      const assetProfiles = await this.dataProviderService.getAssetProfiles([
+        { dataSource, symbol }
+      ]);
+
+      if (!assetProfiles[symbol]?.currency) {
+        throw new BadRequestException(
+          `Asset profile not found for ${symbol} (${dataSource})`
+        );
+      }
+
+      return await this.symbolProfileService.add(
+        assetProfiles[symbol] as Prisma.SymbolProfileCreateInput
+      );
+    } catch (error) {
+      if (
+        error instanceof Prisma.PrismaClientKnownRequestError &&
+        error.code === 'P2002'
+      ) {
+        throw new BadRequestException(
+          `Asset profile of ${symbol} (${dataSource}) already exists`
+        );
+      }
+
+      throw error;
+    }
  }

  public async deleteProfileData({ dataSource, symbol }: UniqueAsset) {
@ -45,15 +98,23 @@ export class AdminService {
      exchangeRates: this.exchangeRateDataService
        .getCurrencies()
        .filter((currency) => {
-          return currency !== this.baseCurrency;
+          return currency !== DEFAULT_CURRENCY;
        })
        .map((currency) => {
+          const label1 = DEFAULT_CURRENCY;
+          const label2 = currency;
+
          return {
-            label1: this.baseCurrency,
-            label2: currency,
+            label1,
+            label2,
+            dataSource:
+              DataSource[
+                this.configurationService.get('DATA_SOURCE_EXCHANGE_RATES')
+              ],
+            symbol: `${label1}${label2}`,
            value: this.exchangeRateDataService.toCurrency(
              1,
-              this.baseCurrency,
+              DEFAULT_CURRENCY,
              currency
            )
          };
@ -61,56 +122,86 @@ export class AdminService {
      settings: await this.propertyService.get(),
      transactionCount: await this.prismaService.order.count(),
      userCount: await this.prismaService.user.count(),
-      users: await this.getUsersWithAnalytics()
+      users: await this.getUsersWithAnalytics(),
+      version: environment.version
    };
  }

-  public async getMarketData(filters?: Filter[]): Promise<AdminMarketData> {
+  public async getMarketData({
+    filters,
+    presetId,
+    sortColumn,
+    sortDirection,
+    skip,
+    take = Number.MAX_SAFE_INTEGER
+  }: {
+    filters?: Filter[];
+    presetId?: MarketDataPreset;
+    skip?: number;
+    sortColumn?: string;
+    sortDirection?: Prisma.SortOrder;
+    take?: number;
+  }): Promise<AdminMarketData> {
+    let orderBy: Prisma.Enumerable<Prisma.SymbolProfileOrderByWithRelationInput> =
+      [{ symbol: 'asc' }];
    const where: Prisma.SymbolProfileWhereInput = {};

+    if (presetId === 'CURRENCIES') {
+      return this.getMarketDataForCurrencies();
+    } else if (
+      presetId === 'ETF_WITHOUT_COUNTRIES' ||
+      presetId === 'ETF_WITHOUT_SECTORS'
+    ) {
+      filters = [{ id: 'ETF', type: 'ASSET_SUB_CLASS' }];
+    }
+
+    const searchQuery = filters.find(({ type }) => {
+      return type === 'SEARCH_QUERY';
+    })?.id;
+
    const { ASSET_SUB_CLASS: filtersByAssetSubClass } = groupBy(
      filters,
-      (filter) => {
-        return filter.type;
+      ({ type }) => {
+        return type;
      }
    );

-    const marketData = await this.prismaService.marketData.groupBy({
+    const marketDataItems = await this.prismaService.marketData.groupBy({
      _count: true,
      by: ['dataSource', 'symbol']
    });

-    let currencyPairsToGather: AdminMarketDataItem[] = [];
-
    if (filtersByAssetSubClass) {
      where.assetSubClass = AssetSubClass[filtersByAssetSubClass[0].id];
-    } else {
-      currencyPairsToGather = this.exchangeRateDataService
-        .getCurrencyPairs()
-        .map(({ dataSource, symbol }) => {
-          const marketDataItemCount =
-            marketData.find((marketDataItem) => {
-              return (
-                marketDataItem.dataSource === dataSource &&
-                marketDataItem.symbol === symbol
-              );
-            })?._count ?? 0;
-
-          return {
-            dataSource,
-            marketDataItemCount,
-            symbol,
-            assetClass: 'CASH',
-            countriesCount: 0,
-            sectorsCount: 0
-          };
-        });
    }

-    const symbolProfilesToGather: AdminMarketDataItem[] = (
-      await this.prismaService.symbolProfile.findMany({
+    if (searchQuery) {
+      where.OR = [
+        { id: { mode: 'insensitive', startsWith: searchQuery } },
+        { isin: { mode: 'insensitive', startsWith: searchQuery } },
+        { name: { mode: 'insensitive', startsWith: searchQuery } },
+        { symbol: { mode: 'insensitive', startsWith: searchQuery } }
+      ];
+    }
+
+    if (sortColumn) {
+      orderBy = [{ [sortColumn]: sortDirection }];
+
+      if (sortColumn === 'activitiesCount') {
+        orderBy = {
+          Order: {
+            _count: sortDirection
+          }
+        };
+      }
+    }
+
+    let [assetProfiles, count] = await Promise.all([
+      this.prismaService.symbolProfile.findMany({
+        orderBy,
+        skip,
+        take,
        where,
-        orderBy: [{ symbol: 'asc' }],
        select: {
          _count: {
            select: { Order: true }
@ -119,7 +210,9 @@ export class AdminService {
          assetSubClass: true,
          comment: true,
          countries: true,
+          currency: true,
          dataSource: true,
+          name: true,
          Order: {
            orderBy: [{ date: 'asc' }],
            select: { date: true },
@ -129,38 +222,68 @@ export class AdminService {
          sectors: true,
          symbol: true
        }
-      })
-    ).map((symbolProfile) => {
-      const countriesCount = symbolProfile.countries
-        ? Object.keys(symbolProfile.countries).length
-        : 0;
-      const marketDataItemCount =
-        marketData.find((marketDataItem) => {
-          return (
-            marketDataItem.dataSource === symbolProfile.dataSource &&
-            marketDataItem.symbol === symbolProfile.symbol
-          );
-        })?._count ?? 0;
-      const sectorsCount = symbolProfile.sectors
-        ? Object.keys(symbolProfile.sectors).length
-        : 0;
+      }),
+      this.prismaService.symbolProfile.count({ where })
+    ]);

-      return {
-        countriesCount,
-        marketDataItemCount,
-        sectorsCount,
-        activitiesCount: symbolProfile._count.Order,
-        assetClass: symbolProfile.assetClass,
-        assetSubClass: symbolProfile.assetSubClass,
-        comment: symbolProfile.comment,
-        dataSource: symbolProfile.dataSource,
-        date: symbolProfile.Order?.[0]?.date,
-        symbol: symbolProfile.symbol
-      };
-    });
+    let marketData: AdminMarketDataItem[] = assetProfiles.map(
+      ({
+        _count,
+        assetClass,
+        assetSubClass,
+        comment,
+        countries,
+        currency,
+        dataSource,
+        name,
+        Order,
+        sectors,
+        symbol
+      }) => {
+        const countriesCount = countries ? Object.keys(countries).length : 0;
+        const marketDataItemCount =
+          marketDataItems.find((marketDataItem) => {
+            return (
+              marketDataItem.dataSource === dataSource &&
+              marketDataItem.symbol === symbol
+            );
+          })?._count ?? 0;
+        const sectorsCount = sectors ? Object.keys(sectors).length : 0;
+
+        return {
+          assetClass,
+          assetSubClass,
+          comment,
+          currency,
+          countriesCount,
+          dataSource,
+          name,
+          symbol,
+          marketDataItemCount,
+          sectorsCount,
+          activitiesCount: _count.Order,
+          date: Order?.[0]?.date
+        };
+      }
+    );
+
+    if (presetId) {
+      if (presetId === 'ETF_WITHOUT_COUNTRIES') {
+        marketData = marketData.filter(({ countriesCount }) => {
+          return countriesCount === 0;
+        });
+      } else if (presetId === 'ETF_WITHOUT_SECTORS') {
+        marketData = marketData.filter(({ sectorsCount }) => {
+          return sectorsCount === 0;
+        });
+      }
+
+      count = marketData.length;
+    }

    return {
-      marketData: [...currencyPairsToGather, ...symbolProfilesToGather]
+      count,
+      marketData
    };
  }

@ -196,14 +319,28 @@ export class AdminService {
  }

  public async patchAssetProfileData({
+    assetClass,
+    assetSubClass,
    comment,
+    countries,
+    currency,
    dataSource,
+    name,
+    scraperConfiguration,
+    sectors,
    symbol,
    symbolMapping
  }: Prisma.SymbolProfileUpdateInput & UniqueAsset) {
    await this.symbolProfileService.updateSymbolProfile({
+      assetClass,
+      assetSubClass,
      comment,
+      countries,
+      currency,
      dataSource,
+      name,
+      scraperConfiguration,
+      sectors,
      symbol,
      symbolMapping
    });
@ -227,13 +364,47 @@ export class AdminService {
      response = await this.propertyService.delete({ key });
    }

-    if (key === PROPERTY_CURRENCIES) {
+    if (key === PROPERTY_IS_READ_ONLY_MODE && value === 'true') {
+      await this.putSetting(PROPERTY_IS_USER_SIGNUP_ENABLED, 'false');
+    } else if (key === PROPERTY_CURRENCIES) {
      await this.exchangeRateDataService.initialize();
    }

    return response;
  }

+  private async getMarketDataForCurrencies(): Promise<AdminMarketData> {
+    const marketDataItems = await this.prismaService.marketData.groupBy({
+      _count: true,
+      by: ['dataSource', 'symbol']
+    });
+
+    const marketData: AdminMarketDataItem[] = this.exchangeRateDataService
+      .getCurrencyPairs()
+      .map(({ dataSource, symbol }) => {
+        const marketDataItemCount =
+          marketDataItems.find((marketDataItem) => {
+            return (
+              marketDataItem.dataSource === dataSource &&
+              marketDataItem.symbol === symbol
+            );
+          })?._count ?? 0;
+
+        return {
+          dataSource,
+          marketDataItemCount,
+          symbol,
+          assetClass: 'CASH',
+          countriesCount: 0,
+          currency: symbol.replace(DEFAULT_CURRENCY, ''),
+          name: symbol,
+          sectorsCount: 0
+        };
+      });
+
+    return { marketData, count: marketData.length };
+  }
+
  private async getUsersWithAnalytics(): Promise<AdminData['users']> {
    let orderBy: any = {
      createdAt: 'desc'
@ -269,13 +440,14 @@ export class AdminService {
        },
        createdAt: true,
        id: true,
+        role: true,
        Subscription: true
      },
      take: 30
    });

    return usersWithAnalytics.map(
-      ({ _count, Analytics, createdAt, id, Subscription }) => {
+      ({ _count, Analytics, createdAt, id, role, Subscription }) => {
        const daysSinceRegistration =
          differenceInDays(new Date(), createdAt) + 1;
        const engagement = Analytics
@ -285,13 +457,17 @@ export class AdminService {
        const subscription = this.configurationService.get(
          'ENABLE_FEATURE_SUBSCRIPTION'
        )
-          ? this.subscriptionService.getSubscription(Subscription)
+          ? this.subscriptionService.getSubscription({
+              createdAt,
+              subscriptions: Subscription
+            })
          : undefined;

        return {
          createdAt,
          engagement,
          id,
+          role,
          subscription,
          accountCount: _count.Account || 0,
          country: Analytics?.country,
--- a/apps/api/src/app/admin/queue/queue.controller.ts
+++ b/apps/api/src/app/admin/queue/queue.controller.ts
@ -1,87 +1,49 @@
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
 import { AdminJobs } from '@ghostfolio/common/interfaces';
-import { hasPermission, permissions } from '@ghostfolio/common/permissions';
-import type { RequestWithUser } from '@ghostfolio/common/types';
+import { permissions } from '@ghostfolio/common/permissions';
+
 import {
  Controller,
  Delete,
  Get,
-  HttpException,
-  Inject,
  Param,
  Query,
  UseGuards
 } from '@nestjs/common';
-import { REQUEST } from '@nestjs/core';
 import { AuthGuard } from '@nestjs/passport';
 import { JobStatus } from 'bull';
-import { StatusCodes, getReasonPhrase } from 'http-status-codes';

 import { QueueService } from './queue.service';

@Controller('admin/queue')
 export class QueueController {
-  public constructor(
-    private readonly queueService: QueueService,
-    @Inject(REQUEST) private readonly request: RequestWithUser
-  ) {}
+  public constructor(private readonly queueService: QueueService) {}

  @Delete('job')
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.accessAdminControl)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async deleteJobs(
    @Query('status') filterByStatus?: string
  ): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    const status = <JobStatus[]>filterByStatus?.split(',') ?? undefined;
    return this.queueService.deleteJobs({ status });
  }

  @Get('job')
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.accessAdminControl)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async getJobs(
    @Query('status') filterByStatus?: string
  ): Promise<AdminJobs> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    const status = <JobStatus[]>filterByStatus?.split(',') ?? undefined;
    return this.queueService.getJobs({ status });
  }

  @Delete('job/:id')
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.accessAdminControl)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async deleteJob(@Param('id') id: string): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    return this.queueService.deleteJob(id);
  }
 }
--- a/apps/api/src/app/admin/queue/queue.module.ts
+++ b/apps/api/src/app/admin/queue/queue.module.ts
@ -1,4 +1,5 @@
 import { DataGatheringModule } from '@ghostfolio/api/services/data-gathering/data-gathering.module';
+
 import { Module } from '@nestjs/common';

 import { QueueController } from './queue.controller';
--- a/apps/api/src/app/admin/queue/queue.service.ts
+++ b/apps/api/src/app/admin/queue/queue.service.ts
@ -3,6 +3,7 @@ import {
  QUEUE_JOB_STATUS_LIST
 } from '@ghostfolio/common/config';
 import { AdminJobs } from '@ghostfolio/common/interfaces';
+
 import { InjectQueue } from '@nestjs/bull';
 import { Injectable } from '@nestjs/common';
 import { JobStatus, Queue } from 'bull';
--- a/apps/api/src/app/admin/update-asset-profile.dto.ts
+++ b/apps/api/src/app/admin/update-asset-profile.dto.ts
@ -1,10 +1,46 @@
-import { IsObject, IsOptional, IsString } from 'class-validator';
+import { AssetClass, AssetSubClass, Prisma } from '@prisma/client';
+import {
+  IsArray,
+  IsEnum,
+  IsISO4217CurrencyCode,
+  IsObject,
+  IsOptional,
+  IsString
+} from 'class-validator';

 export class UpdateAssetProfileDto {
+  @IsEnum(AssetClass, { each: true })
+  @IsOptional()
+  assetClass?: AssetClass;
+
+  @IsEnum(AssetSubClass, { each: true })
+  @IsOptional()
+  assetSubClass?: AssetSubClass;
+
  @IsString()
  @IsOptional()
  comment?: string;

+  @IsArray()
+  @IsOptional()
+  countries?: Prisma.InputJsonArray;
+
+  @IsISO4217CurrencyCode()
+  @IsOptional()
+  currency?: string;
+
+  @IsString()
+  @IsOptional()
+  name?: string;
+
+  @IsObject()
+  @IsOptional()
+  scraperConfiguration?: Prisma.InputJsonObject;
+
+  @IsArray()
+  @IsOptional()
+  sectors?: Prisma.InputJsonArray;
+
  @IsObject()
  @IsOptional()
  symbolMapping?: {
--- a/apps/api/src/app/admin/update-bulk-market-data.dto.ts
+++ b/apps/api/src/app/admin/update-bulk-market-data.dto.ts
@ -0,0 +1,11 @@
+import { Type } from 'class-transformer';
+import { ArrayNotEmpty, IsArray, isNotEmptyObject } from 'class-validator';
+
+import { UpdateMarketDataDto } from './update-market-data.dto';
+
+export class UpdateBulkMarketDataDto {
+  @ArrayNotEmpty()
+  @IsArray()
+  @Type(() => UpdateMarketDataDto)
+  marketData: UpdateMarketDataDto[];
+}
--- a/apps/api/src/app/admin/update-market-data.dto.ts
+++ b/apps/api/src/app/admin/update-market-data.dto.ts
@ -1,6 +1,10 @@
-import { IsNumber } from 'class-validator';
+import { IsISO8601, IsNumber, IsOptional } from 'class-validator';

 export class UpdateMarketDataDto {
+  @IsISO8601()
+  @IsOptional()
+  date?: string;
+
  @IsNumber()
  marketPrice: number;
 }
--- a/apps/api/src/app/app.controller.ts
+++ b/apps/api/src/app/app.controller.ts
@ -1,4 +1,5 @@
 import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
+
 import { Controller } from '@nestjs/common';

@Controller()
--- a/apps/api/src/app/app.module.ts
+++ b/apps/api/src/app/app.module.ts
@ -1,17 +1,23 @@
-import { join } from 'path';
-
 import { ConfigurationModule } from '@ghostfolio/api/services/configuration/configuration.module';
 import { CronService } from '@ghostfolio/api/services/cron.service';
 import { DataGatheringModule } from '@ghostfolio/api/services/data-gathering/data-gathering.module';
 import { DataProviderModule } from '@ghostfolio/api/services/data-provider/data-provider.module';
 import { ExchangeRateDataModule } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.module';
 import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
+import { PropertyModule } from '@ghostfolio/api/services/property/property.module';
 import { TwitterBotModule } from '@ghostfolio/api/services/twitter-bot/twitter-bot.module';
+import {
+  DEFAULT_LANGUAGE_CODE,
+  SUPPORTED_LANGUAGE_CODES
+} from '@ghostfolio/common/config';
+
 import { BullModule } from '@nestjs/bull';
-import { MiddlewareConsumer, Module, RequestMethod } from '@nestjs/common';
+import { Module } from '@nestjs/common';
 import { ConfigModule } from '@nestjs/config';
 import { ScheduleModule } from '@nestjs/schedule';
 import { ServeStaticModule } from '@nestjs/serve-static';
+import { StatusCodes } from 'http-status-codes';
+import { join } from 'path';

 import { AccessModule } from './access/access.module';
 import { AccountModule } from './account/account.module';
@ -23,7 +29,6 @@ import { BenchmarkModule } from './benchmark/benchmark.module';
 import { CacheModule } from './cache/cache.module';
 import { ExchangeRateModule } from './exchange-rate/exchange-rate.module';
 import { ExportModule } from './export/export.module';
-import { FrontendMiddleware } from './frontend.middleware';
 import { HealthModule } from './health/health.module';
 import { ImportModule } from './import/import.module';
 import { InfoModule } from './info/info.module';
@ -32,8 +37,10 @@ import { OrderModule } from './order/order.module';
 import { PlatformModule } from './platform/platform.module';
 import { PortfolioModule } from './portfolio/portfolio.module';
 import { RedisCacheModule } from './redis-cache/redis-cache.module';
+import { SitemapModule } from './sitemap/sitemap.module';
 import { SubscriptionModule } from './subscription/subscription.module';
 import { SymbolModule } from './symbol/symbol.module';
+import { TagModule } from './tag/tag.module';
 import { UserModule } from './user/user.module';

@Module({
@ -46,6 +53,7 @@ import { UserModule } from './user/user.module';
    BenchmarkModule,
    BullModule.forRoot({
      redis: {
+        db: parseInt(process.env.REDIS_DB ?? '0', 10),
        host: process.env.REDIS_HOST,
        port: parseInt(process.env.REDIS_PORT ?? '6379', 10),
        password: process.env.REDIS_PASSWORD
@ -67,34 +75,41 @@ import { UserModule } from './user/user.module';
    PlatformModule,
    PortfolioModule,
    PrismaModule,
+    PropertyModule,
    RedisCacheModule,
    ScheduleModule.forRoot(),
    ServeStaticModule.forRoot({
-      serveStaticOptions: {
-        /*etag: false // Disable etag header to fix PWA
-        setHeaders: (res, path) => {
-          if (path.includes('ngsw.json')) {
-            // Disable cache (https://stackoverflow.com/questions/22632593/how-to-disable-webpage-caching-in-expressjs-nodejs/39775595)
-            // https://gertjans.home.xs4all.nl/javascript/cache-control.html#no-cache
-            res.set('Cache-Control', 'no-cache, no-store, must-revalidate');
-          }
-        }*/
-      },
+      exclude: ['/api*', '/sitemap.xml'],
      rootPath: join(__dirname, '..', 'client'),
-      exclude: ['/api*']
+      serveStaticOptions: {
+        setHeaders: (res) => {
+          if (res.req?.path === '/') {
+            let languageCode = DEFAULT_LANGUAGE_CODE;
+
+            try {
+              const code = res.req.headers['accept-language']
+                .split(',')[0]
+                .split('-')[0];
+
+              if (SUPPORTED_LANGUAGE_CODES.includes(code)) {
+                languageCode = code;
+              }
+            } catch {}
+
+            res.set('Location', `/${languageCode}`);
+            res.statusCode = StatusCodes.MOVED_PERMANENTLY;
+          }
+        }
+      }
    }),
+    SitemapModule,
    SubscriptionModule,
    SymbolModule,
+    TagModule,
    TwitterBotModule,
    UserModule
  ],
  controllers: [AppController],
  providers: [CronService]
 })
-export class AppModule {
-  configure(consumer: MiddlewareConsumer) {
-    consumer
-      .apply(FrontendMiddleware)
-      .forRoutes({ path: '*', method: RequestMethod.ALL });
-  }
-}
+export class AppModule {}
--- a/apps/api/src/app/auth-device/auth-device.controller.ts
+++ b/apps/api/src/app/auth-device/auth-device.controller.ts
@ -1,40 +1,19 @@
 import { AuthDeviceService } from '@ghostfolio/api/app/auth-device/auth-device.service';
-import { hasPermission, permissions } from '@ghostfolio/common/permissions';
-import type { RequestWithUser } from '@ghostfolio/common/types';
-import {
-  Controller,
-  Delete,
-  HttpException,
-  Inject,
-  Param,
-  UseGuards
-} from '@nestjs/common';
-import { REQUEST } from '@nestjs/core';
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import { permissions } from '@ghostfolio/common/permissions';
+
+import { Controller, Delete, Param, UseGuards } from '@nestjs/common';
 import { AuthGuard } from '@nestjs/passport';
-import { StatusCodes, getReasonPhrase } from 'http-status-codes';

@Controller('auth-device')
 export class AuthDeviceController {
-  public constructor(
-    private readonly authDeviceService: AuthDeviceService,
-    @Inject(REQUEST) private readonly request: RequestWithUser
-  ) {}
+  public constructor(private readonly authDeviceService: AuthDeviceService) {}

  @Delete(':id')
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.deleteAuthDevice)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async deleteAuthDevice(@Param('id') id: string): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.deleteAuthDevice
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    await this.authDeviceService.deleteAuthDevice({ id });
  }
 }
--- a/apps/api/src/app/auth-device/auth-device.module.ts
+++ b/apps/api/src/app/auth-device/auth-device.module.ts
@ -2,6 +2,7 @@ import { AuthDeviceController } from '@ghostfolio/api/app/auth-device/auth-devic
 import { AuthDeviceService } from '@ghostfolio/api/app/auth-device/auth-device.service';
 import { ConfigurationModule } from '@ghostfolio/api/services/configuration/configuration.module';
 import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
+
 import { Module } from '@nestjs/common';
 import { JwtModule } from '@nestjs/jwt';

--- a/apps/api/src/app/auth-device/auth-device.service.ts
+++ b/apps/api/src/app/auth-device/auth-device.service.ts
@ -1,5 +1,6 @@
 import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
 import { PrismaService } from '@ghostfolio/api/services/prisma/prisma.service';
+
 import { Injectable } from '@nestjs/common';
 import { AuthDevice, Prisma } from '@prisma/client';

--- a/apps/api/src/app/auth/auth.controller.ts
+++ b/apps/api/src/app/auth/auth.controller.ts
@ -1,7 +1,9 @@
 import { WebAuthService } from '@ghostfolio/api/app/auth/web-auth.service';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
 import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
 import { DEFAULT_LANGUAGE_CODE } from '@ghostfolio/common/config';
 import { OAuthResponse } from '@ghostfolio/common/interfaces';
+
 import {
  Body,
  Controller,
@ -41,9 +43,8 @@ export class AuthController {
    @Param('accessToken') accessToken: string
  ): Promise<OAuthResponse> {
    try {
-      const authToken = await this.authService.validateAnonymousLogin(
-        accessToken
-      );
+      const authToken =
+        await this.authService.validateAnonymousLogin(accessToken);
      return { authToken };
    } catch {
      throw new HttpException(
@ -119,13 +120,13 @@ export class AuthController {
  }

  @Get('webauthn/generate-registration-options')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async generateRegistrationOptions() {
    return this.webAuthService.generateRegistrationOptions();
  }

  @Post('webauthn/verify-attestation')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async verifyAttestation(
    @Body() body: { deviceName: string; credential: AttestationCredentialJSON }
  ) {
--- a/apps/api/src/app/auth/auth.module.ts
+++ b/apps/api/src/app/auth/auth.module.ts
@ -5,6 +5,7 @@ import { UserModule } from '@ghostfolio/api/app/user/user.module';
 import { ConfigurationModule } from '@ghostfolio/api/services/configuration/configuration.module';
 import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
 import { PropertyModule } from '@ghostfolio/api/services/property/property.module';
+
 import { Module } from '@nestjs/common';
 import { JwtModule } from '@nestjs/jwt';

--- a/apps/api/src/app/auth/auth.service.ts
+++ b/apps/api/src/app/auth/auth.service.ts
@ -1,6 +1,7 @@
 import { UserService } from '@ghostfolio/api/app/user/user.service';
 import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
 import { PropertyService } from '@ghostfolio/api/services/property/property.service';
+
 import { Injectable, InternalServerErrorException } from '@nestjs/common';
 import { JwtService } from '@nestjs/jwt';
 import { Provider } from '@prisma/client';
@ -55,7 +56,7 @@ export class AuthService {
        const isUserSignupEnabled =
          await this.propertyService.isUserSignupEnabled();

-        if (!isUserSignupEnabled) {
+        if (!isUserSignupEnabled || true) {
          throw new Error('Sign up forbidden');
        }

--- a/apps/api/src/app/auth/google.strategy.ts
+++ b/apps/api/src/app/auth/google.strategy.ts
@ -1,4 +1,5 @@
 import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
+
 import { Injectable, Logger } from '@nestjs/common';
 import { PassportStrategy } from '@nestjs/passport';
 import { Provider } from '@prisma/client';
--- a/apps/api/src/app/auth/interfaces/interfaces.ts
+++ b/apps/api/src/app/auth/interfaces/interfaces.ts
@ -1,4 +1,5 @@
 import { AuthDeviceDto } from '@ghostfolio/api/app/auth-device/auth-device.dto';
+
 import { Provider } from '@prisma/client';

 export interface AuthDeviceDialogParams {
--- a/apps/api/src/app/auth/jwt.strategy.ts
+++ b/apps/api/src/app/auth/jwt.strategy.ts
@ -2,6 +2,7 @@ import { UserService } from '@ghostfolio/api/app/user/user.service';
 import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
 import { PrismaService } from '@ghostfolio/api/services/prisma/prisma.service';
 import { HEADER_KEY_TIMEZONE } from '@ghostfolio/common/config';
+
 import { Injectable, UnauthorizedException } from '@nestjs/common';
 import { PassportStrategy } from '@nestjs/passport';
 import * as countriesAndTimezones from 'countries-and-timezones';
--- a/apps/api/src/app/auth/web-auth.service.ts
+++ b/apps/api/src/app/auth/web-auth.service.ts
@ -3,6 +3,7 @@ import { AuthDeviceService } from '@ghostfolio/api/app/auth-device/auth-device.s
 import { UserService } from '@ghostfolio/api/app/user/user.service';
 import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
 import type { RequestWithUser } from '@ghostfolio/common/types';
+
 import {
  Inject,
  Injectable,
@ -40,7 +41,7 @@ export class WebAuthService {
  ) {}

  get rpID() {
-    return this.configurationService.get('WEB_AUTH_RP_ID');
+    return new URL(this.configurationService.get('ROOT_URL')).hostname;
  }

  get expectedOrigin() {
@ -64,7 +65,7 @@ export class WebAuthService {
      }
    };

-    const options = generateRegistrationOptions(opts);
+    const options = await generateRegistrationOptions(opts);

    await this.userService.updateUser({
      data: {
@ -88,10 +89,16 @@ export class WebAuthService {
    let verification: VerifiedRegistrationResponse;
    try {
      const opts: VerifyRegistrationResponseOpts = {
-        credential,
        expectedChallenge,
        expectedOrigin: this.expectedOrigin,
-        expectedRPID: this.rpID
+        expectedRPID: this.rpID,
+        response: {
+          clientExtensionResults: credential.clientExtensionResults,
+          id: credential.id,
+          rawId: credential.rawId,
+          response: credential.response,
+          type: 'public-key'
+        }
      };
      verification = await verifyRegistrationResponse(opts);
    } catch (error) {
@ -117,8 +124,8 @@ export class WebAuthService {
         */
        existingDevice = await this.deviceService.createAuthDevice({
          counter,
-          credentialPublicKey,
-          credentialId: credentialID,
+          credentialId: Buffer.from(credentialID),
+          credentialPublicKey: Buffer.from(credentialPublicKey),
          User: { connect: { id: user.id } }
        });
      }
@ -152,7 +159,7 @@ export class WebAuthService {
      userVerification: 'preferred'
    };

-    const options = generateAuthenticationOptions(opts);
+    const options = await generateAuthenticationOptions(opts);

    await this.userService.updateUser({
      data: {
@ -181,7 +188,6 @@ export class WebAuthService {
    let verification: VerifiedAuthenticationResponse;
    try {
      const opts: VerifyAuthenticationResponseOpts = {
-        credential,
        authenticator: {
          credentialID: device.credentialId,
          credentialPublicKey: device.credentialPublicKey,
@ -189,9 +195,16 @@ export class WebAuthService {
        },
        expectedChallenge: `${user.authChallenge}`,
        expectedOrigin: this.expectedOrigin,
-        expectedRPID: this.rpID
+        expectedRPID: this.rpID,
+        response: {
+          clientExtensionResults: credential.clientExtensionResults,
+          id: credential.id,
+          rawId: credential.rawId,
+          response: credential.response,
+          type: 'public-key'
+        }
      };
-      verification = verifyAuthenticationResponse(opts);
+      verification = await verifyAuthenticationResponse(opts);
    } catch (error) {
      Logger.error(error, 'WebAuthService');
      throw new InternalServerErrorException({ error: error.message });
--- a/apps/api/src/app/benchmark/benchmark.controller.ts
+++ b/apps/api/src/app/benchmark/benchmark.controller.ts
@ -1,24 +1,95 @@
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
 import { TransformDataSourceInRequestInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-request.interceptor';
 import { TransformDataSourceInResponseInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-response.interceptor';
-import {
+import type {
  BenchmarkMarketDataDetails,
-  BenchmarkResponse
+  BenchmarkResponse,
+  UniqueAsset
 } from '@ghostfolio/common/interfaces';
+import { permissions } from '@ghostfolio/common/permissions';
+import type { RequestWithUser } from '@ghostfolio/common/types';
+
 import {
+  Body,
  Controller,
+  Delete,
  Get,
+  HttpException,
+  Inject,
  Param,
+  Post,
  UseGuards,
  UseInterceptors
 } from '@nestjs/common';
+import { REQUEST } from '@nestjs/core';
 import { AuthGuard } from '@nestjs/passport';
 import { DataSource } from '@prisma/client';
+import { StatusCodes, getReasonPhrase } from 'http-status-codes';

 import { BenchmarkService } from './benchmark.service';

@Controller('benchmark')
 export class BenchmarkController {
-  public constructor(private readonly benchmarkService: BenchmarkService) {}
+  public constructor(
+    private readonly benchmarkService: BenchmarkService,
+    @Inject(REQUEST) private readonly request: RequestWithUser
+  ) {}
+
+  @HasPermission(permissions.accessAdminControl)
+  @Post()
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async addBenchmark(@Body() { dataSource, symbol }: UniqueAsset) {
+    try {
+      const benchmark = await this.benchmarkService.addBenchmark({
+        dataSource,
+        symbol
+      });
+
+      if (!benchmark) {
+        throw new HttpException(
+          getReasonPhrase(StatusCodes.NOT_FOUND),
+          StatusCodes.NOT_FOUND
+        );
+      }
+
+      return benchmark;
+    } catch {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.INTERNAL_SERVER_ERROR),
+        StatusCodes.INTERNAL_SERVER_ERROR
+      );
+    }
+  }
+
+  @Delete(':dataSource/:symbol')
+  @HasPermission(permissions.accessAdminControl)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async deleteBenchmark(
+    @Param('dataSource') dataSource: DataSource,
+    @Param('symbol') symbol: string
+  ) {
+    try {
+      const benchmark = await this.benchmarkService.deleteBenchmark({
+        dataSource,
+        symbol
+      });
+
+      if (!benchmark) {
+        throw new HttpException(
+          getReasonPhrase(StatusCodes.NOT_FOUND),
+          StatusCodes.NOT_FOUND
+        );
+      }
+
+      return benchmark;
+    } catch {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.INTERNAL_SERVER_ERROR),
+        StatusCodes.INTERNAL_SERVER_ERROR
+      );
+    }
+  }

  @Get()
  @UseInterceptors(TransformDataSourceInRequestInterceptor)
@ -30,7 +101,7 @@ export class BenchmarkController {
  }

  @Get(':dataSource/:symbol/:startDateString')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  @UseInterceptors(TransformDataSourceInRequestInterceptor)
  public async getBenchmarkMarketDataBySymbol(
    @Param('dataSource') dataSource: DataSource,
@ -38,11 +109,13 @@ export class BenchmarkController {
    @Param('symbol') symbol: string
  ): Promise<BenchmarkMarketDataDetails> {
    const startDate = new Date(startDateString);
+    const userCurrency = this.request.user.Settings.settings.baseCurrency;

    return this.benchmarkService.getMarketDataBySymbol({
      dataSource,
      startDate,
-      symbol
+      symbol,
+      userCurrency
    });
  }
 }
--- a/apps/api/src/app/benchmark/benchmark.module.ts
+++ b/apps/api/src/app/benchmark/benchmark.module.ts
@ -2,9 +2,12 @@ import { RedisCacheModule } from '@ghostfolio/api/app/redis-cache/redis-cache.mo
 import { SymbolModule } from '@ghostfolio/api/app/symbol/symbol.module';
 import { ConfigurationModule } from '@ghostfolio/api/services/configuration/configuration.module';
 import { DataProviderModule } from '@ghostfolio/api/services/data-provider/data-provider.module';
+import { ExchangeRateDataModule } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.module';
 import { MarketDataModule } from '@ghostfolio/api/services/market-data/market-data.module';
+import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
 import { PropertyModule } from '@ghostfolio/api/services/property/property.module';
 import { SymbolProfileModule } from '@ghostfolio/api/services/symbol-profile/symbol-profile.module';
+
 import { Module } from '@nestjs/common';

 import { BenchmarkController } from './benchmark.controller';
@ -16,7 +19,9 @@ import { BenchmarkService } from './benchmark.service';
  imports: [
    ConfigurationModule,
    DataProviderModule,
+    ExchangeRateDataModule,
    MarketDataModule,
+    PrismaModule,
    PropertyModule,
    RedisCacheModule,
    SymbolModule,
--- a/apps/api/src/app/benchmark/benchmark.service.spec.ts
+++ b/apps/api/src/app/benchmark/benchmark.service.spec.ts
@ -4,7 +4,16 @@ describe('BenchmarkService', () => {
  let benchmarkService: BenchmarkService;

  beforeAll(async () => {
-    benchmarkService = new BenchmarkService(null, null, null, null, null, null);
+    benchmarkService = new BenchmarkService(
+      null,
+      null,
+      null,
+      null,
+      null,
+      null,
+      null,
+      null
+    );
  });

  it('calculateChangeInPercentage', async () => {
--- a/apps/api/src/app/benchmark/benchmark.service.ts
+++ b/apps/api/src/app/benchmark/benchmark.service.ts
@ -1,23 +1,34 @@
 import { RedisCacheService } from '@ghostfolio/api/app/redis-cache/redis-cache.service';
 import { SymbolService } from '@ghostfolio/api/app/symbol/symbol.service';
 import { DataProviderService } from '@ghostfolio/api/services/data-provider/data-provider.service';
+import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
 import { MarketDataService } from '@ghostfolio/api/services/market-data/market-data.service';
+import { PrismaService } from '@ghostfolio/api/services/prisma/prisma.service';
 import { PropertyService } from '@ghostfolio/api/services/property/property.service';
 import { SymbolProfileService } from '@ghostfolio/api/services/symbol-profile/symbol-profile.service';
 import {
  MAX_CHART_ITEMS,
  PROPERTY_BENCHMARKS
 } from '@ghostfolio/common/config';
-import { DATE_FORMAT } from '@ghostfolio/common/helper';
 import {
+  DATE_FORMAT,
+  calculateBenchmarkTrend,
+  parseDate
+} from '@ghostfolio/common/helper';
+import {
+  Benchmark,
  BenchmarkMarketDataDetails,
+  BenchmarkProperty,
  BenchmarkResponse,
  UniqueAsset
 } from '@ghostfolio/common/interfaces';
-import { Injectable } from '@nestjs/common';
+import { BenchmarkTrend } from '@ghostfolio/common/types';
+
+import { Injectable, Logger } from '@nestjs/common';
 import { SymbolProfile } from '@prisma/client';
 import Big from 'big.js';
-import { format } from 'date-fns';
+import { format, isSameDay, subDays } from 'date-fns';
+import { isNumber, last, uniqBy } from 'lodash';
 import ms from 'ms';

@Injectable()
@ -26,7 +37,9 @@ export class BenchmarkService {

  public constructor(
    private readonly dataProviderService: DataProviderService,
+    private readonly exchangeRateDataService: ExchangeRateDataService,
    private readonly marketDataService: MarketDataService,
+    private readonly prismaService: PrismaService,
    private readonly propertyService: PropertyService,
    private readonly redisCacheService: RedisCacheService,
    private readonly symbolProfileService: SymbolProfileService,
@ -41,9 +54,34 @@ export class BenchmarkService {
    return 0;
  }

-  public async getBenchmarks({ useCache = true } = {}): Promise<
-    BenchmarkResponse['benchmarks']
-  > {
+  public async getBenchmarkTrends({ dataSource, symbol }: UniqueAsset) {
+    const historicalData = await this.marketDataService.marketDataItems({
+      orderBy: {
+        date: 'desc'
+      },
+      where: {
+        dataSource,
+        symbol,
+        date: { gte: subDays(new Date(), 400) }
+      }
+    });
+
+    const fiftyDayAverage = calculateBenchmarkTrend({
+      historicalData,
+      days: 50
+    });
+    const twoHundredDayAverage = calculateBenchmarkTrend({
+      historicalData,
+      days: 200
+    });
+
+    return { trend50d: fiftyDayAverage, trend200d: twoHundredDayAverage };
+  }
+
+  public async getBenchmarks({
+    enableSharing = false,
+    useCache = true
+  } = {}): Promise<BenchmarkResponse['benchmarks']> {
    let benchmarks: BenchmarkResponse['benchmarks'];

    if (useCache) {
@ -58,21 +96,36 @@ export class BenchmarkService {
      } catch {}
    }

-    const benchmarkAssetProfiles = await this.getBenchmarkAssetProfiles();
+    const benchmarkAssetProfiles = await this.getBenchmarkAssetProfiles({
+      enableSharing
+    });

-    const promises: Promise<number>[] = [];
+    const promisesAllTimeHighs: Promise<{ date: Date; marketPrice: number }>[] =
+      [];
+    const promisesBenchmarkTrends: Promise<{
+      trend50d: BenchmarkTrend;
+      trend200d: BenchmarkTrend;
+    }>[] = [];

-    const quotes = await this.dataProviderService.getQuotes(
-      benchmarkAssetProfiles.map(({ dataSource, symbol }) => {
+    const quotes = await this.dataProviderService.getQuotes({
+      items: benchmarkAssetProfiles.map(({ dataSource, symbol }) => {
        return { dataSource, symbol };
      })
-    );
+    });

    for (const { dataSource, symbol } of benchmarkAssetProfiles) {
-      promises.push(this.marketDataService.getMax({ dataSource, symbol }));
+      promisesAllTimeHighs.push(
+        this.marketDataService.getMax({ dataSource, symbol })
+      );
+      promisesBenchmarkTrends.push(
+        this.getBenchmarkTrends({ dataSource, symbol })
+      );
    }

-    const allTimeHighs = await Promise.all(promises);
+    const [allTimeHighs, benchmarkTrends] = await Promise.all([
+      Promise.all(promisesAllTimeHighs),
+      Promise.all(promisesBenchmarkTrends)
+    ]);
    let storeInCache = true;

    benchmarks = allTimeHighs.map((allTimeHigh, index) => {
@ -81,9 +134,9 @@ export class BenchmarkService {

      let performancePercentFromAllTimeHigh = 0;

-      if (allTimeHigh && marketPrice) {
+      if (allTimeHigh?.marketPrice && marketPrice) {
        performancePercentFromAllTimeHigh = this.calculateChangeInPercentage(
-          allTimeHigh,
+          allTimeHigh.marketPrice,
          marketPrice
        );
      } else {
@ -97,9 +150,12 @@ export class BenchmarkService {
        name: benchmarkAssetProfiles[index].name,
        performances: {
          allTimeHigh: {
+            date: allTimeHigh?.date,
            performancePercent: performancePercentFromAllTimeHigh
          }
-        }
+        },
+        trend50d: benchmarkTrends[index].trend50d,
+        trend200d: benchmarkTrends[index].trend200d
      };
    });

@ -114,14 +170,24 @@ export class BenchmarkService {
    return benchmarks;
  }

-  public async getBenchmarkAssetProfiles(): Promise<Partial<SymbolProfile>[]> {
+  public async getBenchmarkAssetProfiles({
+    enableSharing = false
+  } = {}): Promise<Partial<SymbolProfile>[]> {
    const symbolProfileIds: string[] = (
-      ((await this.propertyService.getByKey(PROPERTY_BENCHMARKS)) as {
-        symbolProfileId: string;
-      }[]) ?? []
-    ).map(({ symbolProfileId }) => {
-      return symbolProfileId;
-    });
+      ((await this.propertyService.getByKey(
+        PROPERTY_BENCHMARKS
+      )) as BenchmarkProperty[]) ?? []
+    )
+      .filter((benchmark) => {
+        if (enableSharing) {
+          return benchmark.enableSharing;
+        }
+
+        return true;
+      })
+      .map(({ symbolProfileId }) => {
+        return symbolProfileId;
+      });

    const assetProfiles =
      await this.symbolProfileService.getSymbolProfilesByIds(symbolProfileIds);
@ -141,8 +207,14 @@ export class BenchmarkService {
  public async getMarketDataBySymbol({
    dataSource,
    startDate,
-    symbol
-  }: { startDate: Date } & UniqueAsset): Promise<BenchmarkMarketDataDetails> {
+    symbol,
+    userCurrency
+  }: {
+    startDate: Date;
+    userCurrency: string;
+  } & UniqueAsset): Promise<BenchmarkMarketDataDetails> {
+    const marketData: { date: string; value: number }[] = [];
+
    const [currentSymbolItem, marketDataItems] = await Promise.all([
      this.symbolService.get({
        dataGatheringItem: {
@ -164,47 +236,181 @@ export class BenchmarkService {
      })
    ]);

+    const exchangeRates =
+      await this.exchangeRateDataService.getExchangeRatesByCurrency({
+        startDate,
+        currencies: [currentSymbolItem.currency],
+        targetCurrency: userCurrency
+      });
+
+    const exchangeRateAtStartDate =
+      exchangeRates[`${currentSymbolItem.currency}${userCurrency}`]?.[
+        format(startDate, DATE_FORMAT)
+      ];
+
+    const marketPriceAtStartDate = marketDataItems?.find(({ date }) => {
+      return isSameDay(date, startDate);
+    })?.marketPrice;
+
+    if (!marketPriceAtStartDate) {
+      Logger.error(
+        `No historical market data has been found for ${symbol} (${dataSource}) at ${format(
+          startDate,
+          DATE_FORMAT
+        )}`,
+        'BenchmarkService'
+      );
+
+      return { marketData };
+    }
+
    const step = Math.round(
      marketDataItems.length / Math.min(marketDataItems.length, MAX_CHART_ITEMS)
    );

-    const marketPriceAtStartDate = marketDataItems?.[0]?.marketPrice ?? 0;
-    const response = {
-      marketData: [
-        ...marketDataItems
-          .filter((marketDataItem, index) => {
-            return index % step === 0;
-          })
-          .map((marketDataItem) => {
-            return {
-              date: format(marketDataItem.date, DATE_FORMAT),
-              value:
-                marketPriceAtStartDate === 0
-                  ? 0
-                  : this.calculateChangeInPercentage(
-                      marketPriceAtStartDate,
-                      marketDataItem.marketPrice
-                    ) * 100
-            };
-          })
-      ]
-    };
+    let i = 0;

-    if (currentSymbolItem?.marketPrice) {
-      response.marketData.push({
+    for (let marketDataItem of marketDataItems) {
+      if (i % step !== 0) {
+        continue;
+      }
+
+      const exchangeRate =
+        exchangeRates[`${currentSymbolItem.currency}${userCurrency}`]?.[
+          format(marketDataItem.date, DATE_FORMAT)
+        ];
+
+      const exchangeRateFactor =
+        isNumber(exchangeRateAtStartDate) && isNumber(exchangeRate)
+          ? exchangeRate / exchangeRateAtStartDate
+          : 1;
+
+      marketData.push({
+        date: format(marketDataItem.date, DATE_FORMAT),
+        value:
+          marketPriceAtStartDate === 0
+            ? 0
+            : this.calculateChangeInPercentage(
+                marketPriceAtStartDate,
+                marketDataItem.marketPrice * exchangeRateFactor
+              ) * 100
+      });
+    }
+
+    const includesToday = isSameDay(
+      parseDate(last(marketData).date),
+      new Date()
+    );
+
+    if (currentSymbolItem?.marketPrice && !includesToday) {
+      const exchangeRate =
+        exchangeRates[`${currentSymbolItem.currency}${userCurrency}`]?.[
+          format(new Date(), DATE_FORMAT)
+        ];
+
+      const exchangeRateFactor =
+        isNumber(exchangeRateAtStartDate) && isNumber(exchangeRate)
+          ? exchangeRate / exchangeRateAtStartDate
+          : 1;
+
+      marketData.push({
        date: format(new Date(), DATE_FORMAT),
        value:
          this.calculateChangeInPercentage(
            marketPriceAtStartDate,
-            currentSymbolItem.marketPrice
+            currentSymbolItem.marketPrice * exchangeRateFactor
          ) * 100
      });
    }

-    return response;
+    return {
+      marketData
+    };
  }

-  private getMarketCondition(aPerformanceInPercent: number) {
-    return aPerformanceInPercent <= -0.2 ? 'BEAR_MARKET' : 'NEUTRAL_MARKET';
+  public async addBenchmark({
+    dataSource,
+    symbol
+  }: UniqueAsset): Promise<Partial<SymbolProfile>> {
+    const assetProfile = await this.prismaService.symbolProfile.findFirst({
+      where: {
+        dataSource,
+        symbol
+      }
+    });
+
+    if (!assetProfile) {
+      return;
+    }
+
+    let benchmarks =
+      ((await this.propertyService.getByKey(
+        PROPERTY_BENCHMARKS
+      )) as BenchmarkProperty[]) ?? [];
+
+    benchmarks.push({ symbolProfileId: assetProfile.id });
+
+    benchmarks = uniqBy(benchmarks, 'symbolProfileId');
+
+    await this.propertyService.put({
+      key: PROPERTY_BENCHMARKS,
+      value: JSON.stringify(benchmarks)
+    });
+
+    return {
+      dataSource,
+      symbol,
+      id: assetProfile.id,
+      name: assetProfile.name
+    };
+  }
+
+  public async deleteBenchmark({
+    dataSource,
+    symbol
+  }: UniqueAsset): Promise<Partial<SymbolProfile>> {
+    const assetProfile = await this.prismaService.symbolProfile.findFirst({
+      where: {
+        dataSource,
+        symbol
+      }
+    });
+
+    if (!assetProfile) {
+      return null;
+    }
+
+    let benchmarks =
+      ((await this.propertyService.getByKey(
+        PROPERTY_BENCHMARKS
+      )) as BenchmarkProperty[]) ?? [];
+
+    benchmarks = benchmarks.filter(({ symbolProfileId }) => {
+      return symbolProfileId !== assetProfile.id;
+    });
+
+    await this.propertyService.put({
+      key: PROPERTY_BENCHMARKS,
+      value: JSON.stringify(benchmarks)
+    });
+
+    return {
+      dataSource,
+      symbol,
+      id: assetProfile.id,
+      name: assetProfile.name
+    };
+  }
+
+  private getMarketCondition(
+    aPerformanceInPercent: number
+  ): Benchmark['marketCondition'] {
+    if (aPerformanceInPercent === 0) {
+      return 'ALL_TIME_HIGH';
+    } else if (aPerformanceInPercent <= -0.2) {
+      return 'BEAR_MARKET';
+    } else {
+      return 'NEUTRAL_MARKET';
+    }
  }
 }
--- a/apps/api/src/app/cache/cache.controller.ts
+++ b/apps/api/src/app/cache/cache.controller.ts
@ -1,39 +1,19 @@
 import { RedisCacheService } from '@ghostfolio/api/app/redis-cache/redis-cache.service';
-import { hasPermission, permissions } from '@ghostfolio/common/permissions';
-import type { RequestWithUser } from '@ghostfolio/common/types';
-import {
-  Controller,
-  HttpException,
-  Inject,
-  Post,
-  UseGuards
-} from '@nestjs/common';
-import { REQUEST } from '@nestjs/core';
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import { permissions } from '@ghostfolio/common/permissions';
+
+import { Controller, Post, UseGuards } from '@nestjs/common';
 import { AuthGuard } from '@nestjs/passport';
-import { StatusCodes, getReasonPhrase } from 'http-status-codes';

@Controller('cache')
 export class CacheController {
-  public constructor(
-    private readonly redisCacheService: RedisCacheService,
-    @Inject(REQUEST) private readonly request: RequestWithUser
-  ) {}
+  public constructor(private readonly redisCacheService: RedisCacheService) {}

+  @HasPermission(permissions.accessAdminControl)
  @Post('flush')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async flushCache(): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    return this.redisCacheService.reset();
  }
 }
--- a/apps/api/src/app/cache/cache.module.ts
+++ b/apps/api/src/app/cache/cache.module.ts
@ -5,6 +5,7 @@ import { DataProviderModule } from '@ghostfolio/api/services/data-provider/data-
 import { ExchangeRateDataModule } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.module';
 import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
 import { SymbolProfileModule } from '@ghostfolio/api/services/symbol-profile/symbol-profile.module';
+
 import { Module } from '@nestjs/common';

 import { CacheController } from './cache.controller';
--- a/apps/api/src/app/exchange-rate/exchange-rate.controller.ts
+++ b/apps/api/src/app/exchange-rate/exchange-rate.controller.ts
@ -1,4 +1,6 @@
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
 import { IDataProviderHistoricalResponse } from '@ghostfolio/api/services/interfaces/interfaces';
+
 import {
  Controller,
  Get,
@ -7,6 +9,7 @@ import {
  UseGuards
 } from '@nestjs/common';
 import { AuthGuard } from '@nestjs/passport';
+import { parseISO } from 'date-fns';
 import { StatusCodes, getReasonPhrase } from 'http-status-codes';

 import { ExchangeRateService } from './exchange-rate.service';
@ -18,12 +21,12 @@ export class ExchangeRateController {
  ) {}

  @Get(':symbol/:dateString')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async getExchangeRate(
    @Param('dateString') dateString: string,
    @Param('symbol') symbol: string
  ): Promise<IDataProviderHistoricalResponse> {
-    const date = new Date(dateString);
+    const date = parseISO(dateString);

    const exchangeRate = await this.exchangeRateService.getExchangeRate({
      date,
--- a/apps/api/src/app/exchange-rate/exchange-rate.module.ts
+++ b/apps/api/src/app/exchange-rate/exchange-rate.module.ts
@ -1,4 +1,5 @@
 import { ExchangeRateDataModule } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.module';
+
 import { Module } from '@nestjs/common';

 import { ExchangeRateController } from './exchange-rate.controller';
--- a/apps/api/src/app/exchange-rate/exchange-rate.service.ts
+++ b/apps/api/src/app/exchange-rate/exchange-rate.service.ts
@ -1,4 +1,5 @@
 import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
+
 import { Injectable } from '@nestjs/common';

@Injectable()
--- a/apps/api/src/app/export/export.controller.ts
+++ b/apps/api/src/app/export/export.controller.ts
@ -1,5 +1,8 @@
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import { ApiService } from '@ghostfolio/api/services/api/api.service';
 import { Export } from '@ghostfolio/common/interfaces';
 import type { RequestWithUser } from '@ghostfolio/common/types';
+
 import { Controller, Get, Inject, Query, UseGuards } from '@nestjs/common';
 import { REQUEST } from '@nestjs/core';
 import { AuthGuard } from '@nestjs/passport';
@ -9,17 +12,29 @@ import { ExportService } from './export.service';
@Controller('export')
 export class ExportController {
  public constructor(
+    private readonly apiService: ApiService,
    private readonly exportService: ExportService,
    @Inject(REQUEST) private readonly request: RequestWithUser
  ) {}

  @Get()
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async export(
-    @Query('activityIds') activityIds?: string[]
+    @Query('accounts') filterByAccounts?: string,
+    @Query('activityIds') activityIds?: string[],
+    @Query('assetClasses') filterByAssetClasses?: string,
+    @Query('tags') filterByTags?: string
  ): Promise<Export> {
+    const filters = this.apiService.buildFiltersFromQueryParams({
+      filterByAccounts,
+      filterByAssetClasses,
+      filterByTags
+    });
+
    return this.exportService.export({
      activityIds,
+      filters,
+      userCurrency: this.request.user.Settings.settings.baseCurrency,
      userId: this.request.user.id
    });
  }
--- a/apps/api/src/app/export/export.module.ts
+++ b/apps/api/src/app/export/export.module.ts
@ -1,8 +1,11 @@
+import { AccountModule } from '@ghostfolio/api/app/account/account.module';
+import { OrderModule } from '@ghostfolio/api/app/order/order.module';
 import { RedisCacheModule } from '@ghostfolio/api/app/redis-cache/redis-cache.module';
+import { ApiModule } from '@ghostfolio/api/services/api/api.module';
 import { ConfigurationModule } from '@ghostfolio/api/services/configuration/configuration.module';
 import { DataGatheringModule } from '@ghostfolio/api/services/data-gathering/data-gathering.module';
 import { DataProviderModule } from '@ghostfolio/api/services/data-provider/data-provider.module';
-import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
+
 import { Module } from '@nestjs/common';

 import { ExportController } from './export.controller';
@ -10,10 +13,12 @@ import { ExportService } from './export.service';

@Module({
  imports: [
+    AccountModule,
+    ApiModule,
    ConfigurationModule,
    DataGatheringModule,
    DataProviderModule,
-    PrismaModule,
+    OrderModule,
    RedisCacheModule
  ],
  controllers: [ExportController],
--- a/apps/api/src/app/export/export.service.ts
+++ b/apps/api/src/app/export/export.service.ts
@ -1,49 +1,57 @@
+import { AccountService } from '@ghostfolio/api/app/account/account.service';
+import { OrderService } from '@ghostfolio/api/app/order/order.service';
 import { environment } from '@ghostfolio/api/environments/environment';
-import { PrismaService } from '@ghostfolio/api/services/prisma/prisma.service';
-import { Export } from '@ghostfolio/common/interfaces';
+import { Filter, Export } from '@ghostfolio/common/interfaces';
+
 import { Injectable } from '@nestjs/common';

@Injectable()
 export class ExportService {
-  public constructor(private readonly prismaService: PrismaService) {}
+  public constructor(
+    private readonly accountService: AccountService,
+    private readonly orderService: OrderService
+  ) {}

  public async export({
    activityIds,
+    filters,
+    userCurrency,
    userId
  }: {
    activityIds?: string[];
+    filters?: Filter[];
+    userCurrency: string;
    userId: string;
  }): Promise<Export> {
-    const accounts = await this.prismaService.account.findMany({
-      orderBy: {
-        name: 'asc'
-      },
-      select: {
-        accountType: true,
-        balance: true,
-        currency: true,
-        id: true,
-        isExcluded: true,
-        name: true,
-        platformId: true
-      },
-      where: { userId }
-    });
+    const accounts = (
+      await this.accountService.accounts({
+        orderBy: {
+          name: 'asc'
+        },
+        where: { userId }
+      })
+    ).map(
+      ({ balance, comment, currency, id, isExcluded, name, platformId }) => {
+        return {
+          balance,
+          comment,
+          currency,
+          id,
+          isExcluded,
+          name,
+          platformId
+        };
+      }
+    );

-    let activities = await this.prismaService.order.findMany({
-      orderBy: { date: 'desc' },
-      select: {
-        accountId: true,
-        comment: true,
-        date: true,
-        fee: true,
-        id: true,
-        quantity: true,
-        SymbolProfile: true,
-        type: true,
-        unitPrice: true
-      },
-      where: { userId }
+    let { activities } = await this.orderService.getOrders({
+      filters,
+      userCurrency,
+      userId,
+      includeDrafts: true,
+      sortColumn: 'date',
+      sortDirection: 'asc',
+      withExcludedAccounts: true
    });

    if (activityIds) {
@ -78,7 +86,13 @@ export class ExportService {
            currency: SymbolProfile.currency,
            dataSource: SymbolProfile.dataSource,
            date: date.toISOString(),
-            symbol: type === 'ITEM' ? SymbolProfile.name : SymbolProfile.symbol
+            symbol:
+              type === 'FEE' ||
+              type === 'INTEREST' ||
+              type === 'ITEM' ||
+              type === 'LIABILITY'
+                ? SymbolProfile.name
+                : SymbolProfile.symbol
          };
        }
      )
--- a/apps/api/src/app/frontend.middleware.ts
+++ b/apps/api/src/app/frontend.middleware.ts
@ -1,205 +0,0 @@
-import * as fs from 'fs';
-import * as path from 'path';
-
-import { environment } from '@ghostfolio/api/environments/environment';
-import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
-import { DEFAULT_LANGUAGE_CODE } from '@ghostfolio/common/config';
-import { DATE_FORMAT } from '@ghostfolio/common/helper';
-import { Injectable, NestMiddleware } from '@nestjs/common';
-import { format } from 'date-fns';
-import { NextFunction, Request, Response } from 'express';
-
-@Injectable()
-export class FrontendMiddleware implements NestMiddleware {
-  public indexHtmlDe = '';
-  public indexHtmlEn = '';
-  public indexHtmlEs = '';
-  public indexHtmlFr = '';
-  public indexHtmlIt = '';
-  public indexHtmlNl = '';
-  public indexHtmlPt = '';
-
-  public constructor(
-    private readonly configurationService: ConfigurationService
-  ) {
-    try {
-      this.indexHtmlDe = fs.readFileSync(
-        this.getPathOfIndexHtmlFile('de'),
-        'utf8'
-      );
-      this.indexHtmlEn = fs.readFileSync(
-        this.getPathOfIndexHtmlFile(DEFAULT_LANGUAGE_CODE),
-        'utf8'
-      );
-      this.indexHtmlEs = fs.readFileSync(
-        this.getPathOfIndexHtmlFile('es'),
-        'utf8'
-      );
-      this.indexHtmlFr = fs.readFileSync(
-        this.getPathOfIndexHtmlFile('fr'),
-        'utf8'
-      );
-      this.indexHtmlIt = fs.readFileSync(
-        this.getPathOfIndexHtmlFile('it'),
-        'utf8'
-      );
-      this.indexHtmlNl = fs.readFileSync(
-        this.getPathOfIndexHtmlFile('nl'),
-        'utf8'
-      );
-      this.indexHtmlPt = fs.readFileSync(
-        this.getPathOfIndexHtmlFile('pt'),
-        'utf8'
-      );
-    } catch {}
-  }
-
-  public use(request: Request, response: Response, next: NextFunction) {
-    const currentDate = format(new Date(), DATE_FORMAT);
-    let featureGraphicPath = 'assets/cover.png';
-    let title = 'Ghostfolio – Open Source Wealth Management Software';
-
-    if (request.path.startsWith('/en/blog/2022/08/500-stars-on-github')) {
-      featureGraphicPath = 'assets/images/blog/500-stars-on-github.jpg';
-      title = `500 Stars - ${title}`;
-    } else if (request.path.startsWith('/en/blog/2022/10/hacktoberfest-2022')) {
-      featureGraphicPath = 'assets/images/blog/hacktoberfest-2022.png';
-      title = `Hacktoberfest 2022 - ${title}`;
-    } else if (request.path.startsWith('/en/blog/2022/11/black-friday-2022')) {
-      featureGraphicPath = 'assets/images/blog/black-friday-2022.jpg';
-      title = `Black Friday 2022 - ${title}`;
-    } else if (
-      request.path.startsWith(
-        '/en/blog/2022/12/the-importance-of-tracking-your-personal-finances'
-      )
-    ) {
-      featureGraphicPath = 'assets/images/blog/20221226.jpg';
-      title = `The importance of tracking your personal finances - ${title}`;
-    } else if (
-      request.path.startsWith(
-        '/de/blog/2023/01/ghostfolio-auf-sackgeld-vorgestellt'
-      )
-    ) {
-      featureGraphicPath = 'assets/images/blog/ghostfolio-x-sackgeld.png';
-      title = `Ghostfolio auf Sackgeld.com vorgestellt - ${title}`;
-    } else if (
-      request.path.startsWith('/en/blog/2023/02/ghostfolio-meets-umbrel')
-    ) {
-      featureGraphicPath = 'assets/images/blog/ghostfolio-x-umbrel.png';
-      title = `Ghostfolio meets Umbrel - ${title}`;
-    } else if (
-      request.path.startsWith(
-        '/en/blog/2023/03/ghostfolio-reaches-1000-stars-on-github'
-      )
-    ) {
-      featureGraphicPath = 'assets/images/blog/1000-stars-on-github.jpg';
-      title = `Ghostfolio reaches 1’000 Stars on GitHub - ${title}`;
-    }
-
-    if (
-      request.path.startsWith('/api/') ||
-      this.isFileRequest(request.url) ||
-      !environment.production
-    ) {
-      // Skip
-      next();
-    } else if (request.path === '/de' || request.path.startsWith('/de/')) {
-      response.send(
-        this.interpolate(this.indexHtmlDe, {
-          currentDate,
-          featureGraphicPath,
-          title,
-          languageCode: 'de',
-          path: request.path,
-          rootUrl: this.configurationService.get('ROOT_URL')
-        })
-      );
-    } else if (request.path === '/es' || request.path.startsWith('/es/')) {
-      response.send(
-        this.interpolate(this.indexHtmlEs, {
-          currentDate,
-          featureGraphicPath,
-          title,
-          languageCode: 'es',
-          path: request.path,
-          rootUrl: this.configurationService.get('ROOT_URL')
-        })
-      );
-    } else if (request.path === '/fr' || request.path.startsWith('/fr/')) {
-      response.send(
-        this.interpolate(this.indexHtmlFr, {
-          featureGraphicPath,
-          languageCode: 'fr',
-          path: request.path,
-          rootUrl: this.configurationService.get('ROOT_URL')
-        })
-      );
-    } else if (request.path === '/it' || request.path.startsWith('/it/')) {
-      response.send(
-        this.interpolate(this.indexHtmlIt, {
-          currentDate,
-          featureGraphicPath,
-          title,
-          languageCode: 'it',
-          path: request.path,
-          rootUrl: this.configurationService.get('ROOT_URL')
-        })
-      );
-    } else if (request.path === '/nl' || request.path.startsWith('/nl/')) {
-      response.send(
-        this.interpolate(this.indexHtmlNl, {
-          currentDate,
-          featureGraphicPath,
-          title,
-          languageCode: 'nl',
-          path: request.path,
-          rootUrl: this.configurationService.get('ROOT_URL')
-        })
-      );
-    } else if (request.path === '/pt' || request.path.startsWith('/pt/')) {
-      response.send(
-        this.interpolate(this.indexHtmlPt, {
-          featureGraphicPath,
-          languageCode: 'pt',
-          path: request.path,
-          rootUrl: this.configurationService.get('ROOT_URL')
-        })
-      );
-    } else {
-      response.send(
-        this.interpolate(this.indexHtmlEn, {
-          currentDate,
-          featureGraphicPath,
-          title,
-          languageCode: DEFAULT_LANGUAGE_CODE,
-          path: request.path,
-          rootUrl: this.configurationService.get('ROOT_URL')
-        })
-      );
-    }
-  }
-
-  private getPathOfIndexHtmlFile(aLocale: string) {
-    return path.join(__dirname, '..', 'client', aLocale, 'index.html');
-  }
-
-  private interpolate(template: string, context: any) {
-    return template.replace(/[$]{([^}]+)}/g, (_, objectPath) => {
-      const properties = objectPath.split('.');
-      return properties.reduce(
-        (previous, current) => previous?.[current],
-        context
-      );
-    });
-  }
-
-  private isFileRequest(filename: string) {
-    if (filename === '/assets/LICENSE') {
-      return true;
-    } else if (filename.includes('auth/ey')) {
-      return false;
-    }
-
-    return filename.split('.').pop() !== filename;
-  }
-}
--- a/apps/api/src/app/health/health.controller.ts
+++ b/apps/api/src/app/health/health.controller.ts
@ -1,4 +1,5 @@
 import { TransformDataSourceInRequestInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-request.interceptor';
+
 import {
  Controller,
  Get,
@ -18,6 +19,19 @@ export class HealthController {
  @Get()
  public async getHealth() {}

+  @Get('data-enhancer/:name')
+  public async getHealthOfDataEnhancer(@Param('name') name: string) {
+    const hasResponse =
+      await this.healthService.hasResponseFromDataEnhancer(name);
+
+    if (hasResponse !== true) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.SERVICE_UNAVAILABLE),
+        StatusCodes.SERVICE_UNAVAILABLE
+      );
+    }
+  }
+
  @Get('data-provider/:dataSource')
  @UseInterceptors(TransformDataSourceInRequestInterceptor)
  public async getHealthOfDataProvider(
@ -30,9 +44,8 @@ export class HealthController {
      );
    }

-    const hasResponse = await this.healthService.hasResponseFromDataProvider(
-      dataSource
-    );
+    const hasResponse =
+      await this.healthService.hasResponseFromDataProvider(dataSource);

    if (hasResponse !== true) {
      throw new HttpException(
--- a/apps/api/src/app/health/health.module.ts
+++ b/apps/api/src/app/health/health.module.ts
@ -1,5 +1,7 @@
 import { ConfigurationModule } from '@ghostfolio/api/services/configuration/configuration.module';
+import { DataEnhancerModule } from '@ghostfolio/api/services/data-provider/data-enhancer/data-enhancer.module';
 import { DataProviderModule } from '@ghostfolio/api/services/data-provider/data-provider.module';
+
 import { Module } from '@nestjs/common';

 import { HealthController } from './health.controller';
@ -7,7 +9,7 @@ import { HealthService } from './health.service';

@Module({
  controllers: [HealthController],
-  imports: [ConfigurationModule, DataProviderModule],
+  imports: [ConfigurationModule, DataEnhancerModule, DataProviderModule],
  providers: [HealthService]
 })
 export class HealthModule {}
--- a/apps/api/src/app/health/health.service.ts
+++ b/apps/api/src/app/health/health.service.ts
@ -1,13 +1,20 @@
+import { DataEnhancerService } from '@ghostfolio/api/services/data-provider/data-enhancer/data-enhancer.service';
 import { DataProviderService } from '@ghostfolio/api/services/data-provider/data-provider.service';
+
 import { Injectable } from '@nestjs/common';
 import { DataSource } from '@prisma/client';

@Injectable()
 export class HealthService {
  public constructor(
+    private readonly dataEnhancerService: DataEnhancerService,
    private readonly dataProviderService: DataProviderService
  ) {}

+  public async hasResponseFromDataEnhancer(aName: string) {
+    return this.dataEnhancerService.enhance(aName);
+  }
+
  public async hasResponseFromDataProvider(aDataSource: DataSource) {
    return this.dataProviderService.checkQuote(aDataSource);
  }
--- a/apps/api/src/app/import/import-data.dto.ts
+++ b/apps/api/src/app/import/import-data.dto.ts
@ -1,5 +1,6 @@
 import { CreateAccountDto } from '@ghostfolio/api/app/account/create-account.dto';
 import { CreateOrderDto } from '@ghostfolio/api/app/order/create-order.dto';
+
 import { Type } from 'class-transformer';
 import { IsArray, IsOptional, ValidateNested } from 'class-validator';

--- a/apps/api/src/app/import/import.controller.ts
+++ b/apps/api/src/app/import/import.controller.ts
@ -1,9 +1,12 @@
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
 import { TransformDataSourceInRequestInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-request.interceptor';
 import { TransformDataSourceInResponseInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-response.interceptor';
 import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
 import { ImportResponse } from '@ghostfolio/common/interfaces';
 import { hasPermission, permissions } from '@ghostfolio/common/permissions';
 import type { RequestWithUser } from '@ghostfolio/common/types';
+
 import {
  Body,
  Controller,
@ -34,17 +37,18 @@ export class ImportController {
  ) {}

  @Post()
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  @HasPermission(permissions.createOrder)
+  @UseInterceptors(TransformDataSourceInRequestInterceptor)
+  @UseInterceptors(TransformDataSourceInResponseInterceptor)
  public async import(
    @Body() importData: ImportDataDto,
-    @Query('dryRun') isDryRun?: boolean
+    @Query('dryRun') isDryRunParam = 'false'
  ): Promise<ImportResponse> {
+    const isDryRun = isDryRunParam === 'true';
+
    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.createAccount
-      ) ||
-      !hasPermission(this.request.user.permissions, permissions.createOrder)
+      !hasPermission(this.request.user.permissions, permissions.createAccount)
    ) {
      throw new HttpException(
        getReasonPhrase(StatusCodes.FORBIDDEN),
@ -63,16 +67,13 @@ export class ImportController {
      maxActivitiesToImport = Number.MAX_SAFE_INTEGER;
    }

-    const userCurrency = this.request.user.Settings.settings.baseCurrency;
-
    try {
      const activities = await this.importService.import({
        isDryRun,
        maxActivitiesToImport,
-        userCurrency,
        accountsDto: importData.accounts ?? [],
        activitiesDto: importData.activities,
-        userId: this.request.user.id
+        user: this.request.user
      });

      return { activities };
@ -90,7 +91,7 @@ export class ImportController {
  }

  @Get('dividends/:dataSource/:symbol')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  @UseInterceptors(TransformDataSourceInRequestInterceptor)
  @UseInterceptors(TransformDataSourceInResponseInterceptor)
  public async gatherDividends(
--- a/apps/api/src/app/import/import.module.ts
+++ b/apps/api/src/app/import/import.module.ts
@ -10,6 +10,7 @@ import { DataProviderModule } from '@ghostfolio/api/services/data-provider/data-
 import { ExchangeRateDataModule } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.module';
 import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
 import { SymbolProfileModule } from '@ghostfolio/api/services/symbol-profile/symbol-profile.module';
+
 import { Module } from '@nestjs/common';

 import { ImportController } from './import.controller';
--- a/apps/api/src/app/import/import.service.ts
+++ b/apps/api/src/app/import/import.service.ts
@ -1,29 +1,43 @@
 import { AccountService } from '@ghostfolio/api/app/account/account.service';
 import { CreateAccountDto } from '@ghostfolio/api/app/account/create-account.dto';
 import { CreateOrderDto } from '@ghostfolio/api/app/order/create-order.dto';
-import { Activity } from '@ghostfolio/api/app/order/interfaces/activities.interface';
+import {
+  Activity,
+  ActivityError
+} from '@ghostfolio/api/app/order/interfaces/activities.interface';
 import { OrderService } from '@ghostfolio/api/app/order/order.service';
 import { PlatformService } from '@ghostfolio/api/app/platform/platform.service';
 import { PortfolioService } from '@ghostfolio/api/app/portfolio/portfolio.service';
+import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
+import { DataGatheringService } from '@ghostfolio/api/services/data-gathering/data-gathering.service';
 import { DataProviderService } from '@ghostfolio/api/services/data-provider/data-provider.service';
 import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
 import { SymbolProfileService } from '@ghostfolio/api/services/symbol-profile/symbol-profile.service';
-import { parseDate } from '@ghostfolio/common/helper';
+import {
+  DATE_FORMAT,
+  getAssetProfileIdentifier,
+  parseDate
+} from '@ghostfolio/common/helper';
 import { UniqueAsset } from '@ghostfolio/common/interfaces';
 import {
  AccountWithPlatform,
-  OrderWithAccount
+  OrderWithAccount,
+  UserWithSettings
 } from '@ghostfolio/common/types';
+
 import { Injectable } from '@nestjs/common';
 import { DataSource, Prisma, SymbolProfile } from '@prisma/client';
 import Big from 'big.js';
-import { endOfToday, isAfter, isSameDay, parseISO } from 'date-fns';
+import { endOfToday, format, isAfter, isSameSecond, parseISO } from 'date-fns';
+import { uniqBy } from 'lodash';
 import { v4 as uuidv4 } from 'uuid';

@Injectable()
 export class ImportService {
  public constructor(
    private readonly accountService: AccountService,
+    private readonly configurationService: ConfigurationService,
+    private readonly dataGatheringService: DataGatheringService,
    private readonly dataProviderService: DataProviderService,
    private readonly exchangeRateDataService: ExchangeRateDataService,
    private readonly orderService: OrderService,
@ -71,15 +85,34 @@ export class ImportService {

        const value = new Big(quantity).mul(marketPrice).toNumber();

+        const date = parseDate(dateString);
+        const isDuplicate = orders.some((activity) => {
+          return (
+            activity.accountId === Account?.id &&
+            activity.SymbolProfile.currency === assetProfile.currency &&
+            activity.SymbolProfile.dataSource === assetProfile.dataSource &&
+            isSameSecond(activity.date, date) &&
+            activity.quantity === quantity &&
+            activity.SymbolProfile.symbol === assetProfile.symbol &&
+            activity.type === 'DIVIDEND' &&
+            activity.unitPrice === marketPrice
+          );
+        });
+
+        const error: ActivityError = isDuplicate
+          ? { code: 'IS_DUPLICATE' }
+          : undefined;
+
        return {
          Account,
+          date,
+          error,
          quantity,
          value,
          accountId: Account?.id,
          accountUserId: undefined,
          comment: undefined,
          createdAt: undefined,
-          date: parseDate(dateString),
          fee: 0,
          feeInBaseCurrency: 0,
          id: assetProfile.id,
@ -107,17 +140,16 @@ export class ImportService {
    activitiesDto,
    isDryRun = false,
    maxActivitiesToImport,
-    userCurrency,
-    userId
+    user
  }: {
    accountsDto: Partial<CreateAccountDto>[];
    activitiesDto: Partial<CreateOrderDto>[];
    isDryRun?: boolean;
    maxActivitiesToImport: number;
-    userCurrency: string;
-    userId: string;
+    user: UserWithSettings;
  }): Promise<Activity[]> {
    const accountIdMapping: { [oldAccountId: string]: string } = {};
+    const userCurrency = user.Settings.settings.baseCurrency;

    if (!isDryRun && accountsDto?.length) {
      const [existingAccounts, existingPlatforms] = await Promise.all([
@ -140,7 +172,7 @@ export class ImportService {
        );

        // If there is no account or if the account belongs to a different user then create a new account
-        if (!accountWithSameId || accountWithSameId.userId !== userId) {
+        if (!accountWithSameId || accountWithSameId.userId !== user.id) {
          let oldAccountId: string;
          const platformId = account.platformId;

@ -153,7 +185,7 @@ export class ImportService {

          let accountObject: Prisma.AccountCreateInput = {
            ...account,
-            User: { connect: { id: userId } }
+            User: { connect: { id: user.id } }
          };

          if (
@ -169,7 +201,7 @@ export class ImportService {

          const newAccount = await this.accountService.createAccount(
            accountObject,
-            userId
+            user.id
          );

          // Store the new to old account ID mappings for updating activities
@ -182,7 +214,7 @@ export class ImportService {

    for (const activity of activitiesDto) {
      if (!activity.dataSource) {
-        if (activity.type === 'ITEM') {
+        if (activity.type === 'ITEM' || activity.type === 'LIABILITY') {
          activity.dataSource = DataSource.MANUAL;
        } else {
          activity.dataSource =
@ -201,12 +233,18 @@ export class ImportService {
    const assetProfiles = await this.validateActivities({
      activitiesDto,
      maxActivitiesToImport,
-      userId
+      user
    });

-    const accounts = (await this.accountService.getAccounts(userId)).map(
-      (account) => {
-        return { id: account.id, name: account.name };
+    const activitiesExtendedWithErrors = await this.extendActivitiesWithErrors({
+      activitiesDto,
+      userCurrency,
+      userId: user.id
+    });
+
+    const accounts = (await this.accountService.getAccounts(user.id)).map(
+      ({ id, name }) => {
+        return { id, name };
      }
    );

@ -218,19 +256,50 @@ export class ImportService {

    const activities: Activity[] = [];

-    for (const {
-      accountId,
-      comment,
-      currency,
-      dataSource,
-      date: dateString,
-      fee,
-      quantity,
-      symbol,
-      type,
-      unitPrice
-    } of activitiesDto) {
-      const date = parseISO(<string>(<unknown>dateString));
+    for (let [
+      index,
+      {
+        accountId,
+        comment,
+        date,
+        error,
+        fee,
+        quantity,
+        SymbolProfile,
+        type,
+        unitPrice
+      }
+    ] of activitiesExtendedWithErrors.entries()) {
+      const assetProfile = assetProfiles[
+        getAssetProfileIdentifier({
+          dataSource: SymbolProfile.dataSource,
+          symbol: SymbolProfile.symbol
+        })
+      ] ?? {
+        currency: SymbolProfile.currency,
+        dataSource: SymbolProfile.dataSource,
+        symbol: SymbolProfile.symbol
+      };
+      const {
+        assetClass,
+        assetSubClass,
+        countries,
+        createdAt,
+        currency,
+        dataSource,
+        figi,
+        figiComposite,
+        figiShareClass,
+        id,
+        isin,
+        name,
+        scraperConfiguration,
+        sectors,
+        symbol,
+        symbolMapping,
+        url,
+        updatedAt
+      } = assetProfile;
      const validatedAccount = accounts.find(({ id }) => {
        return id === accountId;
      });
@ -241,6 +310,35 @@ export class ImportService {
            Account?: { id: string; name: string };
          });

+      if (SymbolProfile.currency !== assetProfile.currency) {
+        // Convert the unit price and fee to the asset currency if the imported
+        // activity is in a different currency
+        unitPrice = await this.exchangeRateDataService.toCurrencyAtDate(
+          unitPrice,
+          SymbolProfile.currency,
+          assetProfile.currency,
+          date
+        );
+
+        if (!unitPrice) {
+          throw new Error(
+            `activities.${index} historical exchange rate at ${format(
+              date,
+              DATE_FORMAT
+            )} is not available from "${SymbolProfile.currency}" to "${
+              assetProfile.currency
+            }"`
+          );
+        }
+
+        fee = await this.exchangeRateDataService.toCurrencyAtDate(
+          fee,
+          SymbolProfile.currency,
+          assetProfile.currency,
+          date
+        );
+      }
+
      if (isDryRun) {
        order = {
          comment,
@ -249,36 +347,42 @@ export class ImportService {
          quantity,
          type,
          unitPrice,
-          userId,
          accountId: validatedAccount?.id,
          accountUserId: undefined,
          createdAt: new Date(),
          id: uuidv4(),
          isDraft: isAfter(date, endOfToday()),
          SymbolProfile: {
+            assetClass,
+            assetSubClass,
+            countries,
+            createdAt,
            currency,
            dataSource,
+            figi,
+            figiComposite,
+            figiShareClass,
+            id,
+            isin,
+            name,
+            scraperConfiguration,
+            sectors,
            symbol,
-            assetClass: null,
-            assetSubClass: null,
-            comment: null,
-            countries: null,
-            createdAt: undefined,
-            id: undefined,
-            isin: null,
-            name: null,
-            scraperConfiguration: null,
-            sectors: null,
-            symbolMapping: null,
-            updatedAt: undefined,
-            url: null,
-            ...assetProfiles[symbol]
+            symbolMapping,
+            updatedAt,
+            url,
+            comment: assetProfile.comment
          },
          Account: validatedAccount,
          symbolProfileId: undefined,
-          updatedAt: new Date()
+          updatedAt: new Date(),
+          userId: user.id
        };
      } else {
+        if (error) {
+          continue;
+        }
+
        order = await this.orderService.createOrder({
          comment,
          date,
@ -286,7 +390,6 @@ export class ImportService {
          quantity,
          type,
          unitPrice,
-          userId,
          accountId: validatedAccount?.id,
          SymbolProfile: {
            connectOrCreate: {
@ -304,21 +407,24 @@ export class ImportService {
            }
          },
          updateAccountBalance: false,
-          User: { connect: { id: userId } }
+          User: { connect: { id: user.id } },
+          userId: user.id
        });
      }

      const value = new Big(quantity).mul(unitPrice).toNumber();

-      //@ts-ignore
      activities.push({
        ...order,
+        error,
        value,
        feeInBaseCurrency: this.exchangeRateDataService.toCurrency(
          fee,
          currency,
          userCurrency
        ),
+        // @ts-ignore
+        SymbolProfile: assetProfile,
        valueInBaseCurrency: this.exchangeRateDataService.toCurrency(
          value,
          currency,
@ -327,9 +433,116 @@ export class ImportService {
      });
    }

+    activities.sort((activity1, activity2) => {
+      return Number(activity1.date) - Number(activity2.date);
+    });
+
+    if (!isDryRun) {
+      // Gather symbol data in the background, if not dry run
+      const uniqueActivities = uniqBy(activities, ({ SymbolProfile }) => {
+        return getAssetProfileIdentifier({
+          dataSource: SymbolProfile.dataSource,
+          symbol: SymbolProfile.symbol
+        });
+      });
+
+      this.dataGatheringService.gatherSymbols(
+        uniqueActivities.map(({ date, SymbolProfile }) => {
+          return {
+            date,
+            dataSource: SymbolProfile.dataSource,
+            symbol: SymbolProfile.symbol
+          };
+        })
+      );
+    }
+
    return activities;
  }

+  private async extendActivitiesWithErrors({
+    activitiesDto,
+    userCurrency,
+    userId
+  }: {
+    activitiesDto: Partial<CreateOrderDto>[];
+    userCurrency: string;
+    userId: string;
+  }): Promise<Partial<Activity>[]> {
+    let { activities: existingActivities } = await this.orderService.getOrders({
+      userCurrency,
+      userId,
+      includeDrafts: true,
+      withExcludedAccounts: true
+    });
+
+    return activitiesDto.map(
+      ({
+        accountId,
+        comment,
+        currency,
+        dataSource,
+        date: dateString,
+        fee,
+        quantity,
+        symbol,
+        type,
+        unitPrice
+      }) => {
+        const date = parseISO(dateString);
+        const isDuplicate = existingActivities.some((activity) => {
+          return (
+            activity.accountId === accountId &&
+            activity.SymbolProfile.currency === currency &&
+            activity.SymbolProfile.dataSource === dataSource &&
+            isSameSecond(activity.date, date) &&
+            activity.fee === fee &&
+            activity.quantity === quantity &&
+            activity.SymbolProfile.symbol === symbol &&
+            activity.type === type &&
+            activity.unitPrice === unitPrice
+          );
+        });
+
+        const error: ActivityError = isDuplicate
+          ? { code: 'IS_DUPLICATE' }
+          : undefined;
+
+        return {
+          accountId,
+          comment,
+          date,
+          error,
+          fee,
+          quantity,
+          type,
+          unitPrice,
+          SymbolProfile: {
+            currency,
+            dataSource,
+            symbol,
+            assetClass: null,
+            assetSubClass: null,
+            comment: null,
+            countries: null,
+            createdAt: undefined,
+            figi: null,
+            figiComposite: null,
+            figiShareClass: null,
+            id: undefined,
+            isin: null,
+            name: null,
+            scraperConfiguration: null,
+            sectors: null,
+            symbolMapping: null,
+            updatedAt: undefined,
+            url: null
+          }
+        };
+      }
+    );
+  }
+
  private isUniqueAccount(accounts: AccountWithPlatform[]) {
    const uniqueAccountIds = new Set<string>();

@ -343,66 +556,71 @@ export class ImportService {
  private async validateActivities({
    activitiesDto,
    maxActivitiesToImport,
-    userId
+    user
  }: {
    activitiesDto: Partial<CreateOrderDto>[];
    maxActivitiesToImport: number;
-    userId: string;
+    user: UserWithSettings;
  }) {
    if (activitiesDto?.length > maxActivitiesToImport) {
      throw new Error(`Too many activities (${maxActivitiesToImport} at most)`);
    }

    const assetProfiles: {
-      [symbol: string]: Partial<SymbolProfile>;
+      [assetProfileIdentifier: string]: Partial<SymbolProfile>;
    } = {};
-    const existingActivities = await this.orderService.orders({
-      include: { SymbolProfile: true },
-      orderBy: { date: 'desc' },
-      where: { userId }
-    });

    for (const [
      index,
-      { currency, dataSource, date, fee, quantity, symbol, type, unitPrice }
+      { currency, dataSource, symbol, type }
    ] of activitiesDto.entries()) {
-      const duplicateActivity = existingActivities.find((activity) => {
-        return (
-          activity.SymbolProfile.currency === currency &&
-          activity.SymbolProfile.dataSource === dataSource &&
-          isSameDay(activity.date, parseISO(<string>(<unknown>date))) &&
-          activity.fee === fee &&
-          activity.quantity === quantity &&
-          activity.SymbolProfile.symbol === symbol &&
-          activity.type === type &&
-          activity.unitPrice === unitPrice
+      if (!this.configurationService.get('DATA_SOURCES').includes(dataSource)) {
+        throw new Error(
+          `activities.${index}.dataSource ("${dataSource}") is not valid`
        );
-      });
-
-      if (duplicateActivity) {
-        throw new Error(`activities.${index} is a duplicate activity`);
      }

-      if (dataSource !== 'MANUAL') {
-        const assetProfile = (
-          await this.dataProviderService.getAssetProfiles([
-            { dataSource, symbol }
-          ])
-        )?.[symbol];
+      if (
+        this.configurationService.get('ENABLE_FEATURE_SUBSCRIPTION') &&
+        user.subscription.type === 'Basic'
+      ) {
+        const dataProvider = this.dataProviderService.getDataProvider(
+          DataSource[dataSource]
+        );

-        if (assetProfile === undefined) {
+        if (dataProvider.getDataProviderInfo().isPremium) {
          throw new Error(
-            `activities.${index}.symbol ("${symbol}") is not valid for the specified data source ("${dataSource}")`
+            `activities.${index}.dataSource ("${dataSource}") is not valid`
          );
        }
+      }

-        if (assetProfile.currency !== currency) {
-          throw new Error(
-            `activities.${index}.currency ("${currency}") does not match with "${assetProfile.currency}"`
-          );
+      if (!assetProfiles[getAssetProfileIdentifier({ dataSource, symbol })]) {
+        const assetProfile = {
+          currency,
+          ...(
+            await this.dataProviderService.getAssetProfiles([
+              { dataSource, symbol }
+            ])
+          )?.[symbol]
+        };
+
+        if (type === 'BUY' || type === 'DIVIDEND' || type === 'SELL') {
+          if (!assetProfile?.name) {
+            throw new Error(
+              `activities.${index}.symbol ("${symbol}") is not valid for the specified data source ("${dataSource}")`
+            );
+          }
+
+          if (assetProfile.currency !== currency) {
+            throw new Error(
+              `activities.${index}.currency ("${currency}") does not match with currency of ${assetProfile.symbol} ("${assetProfile.currency}")`
+            );
+          }
        }

-        assetProfiles[symbol] = assetProfile;
+        assetProfiles[getAssetProfileIdentifier({ dataSource, symbol })] =
+          assetProfile;
      }
    }

--- a/apps/api/src/app/info/info.controller.ts
+++ b/apps/api/src/app/info/info.controller.ts
@ -1,5 +1,6 @@
 import { TransformDataSourceInResponseInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-response.interceptor';
 import { InfoItem } from '@ghostfolio/common/interfaces';
+
 import { Controller, Get, UseInterceptors } from '@nestjs/common';

 import { InfoService } from './info.service';
--- a/apps/api/src/app/info/info.module.ts
+++ b/apps/api/src/app/info/info.module.ts
@ -1,5 +1,7 @@
 import { BenchmarkModule } from '@ghostfolio/api/app/benchmark/benchmark.module';
+import { PlatformModule } from '@ghostfolio/api/app/platform/platform.module';
 import { RedisCacheModule } from '@ghostfolio/api/app/redis-cache/redis-cache.module';
+import { UserModule } from '@ghostfolio/api/app/user/user.module';
 import { ConfigurationModule } from '@ghostfolio/api/services/configuration/configuration.module';
 import { DataGatheringModule } from '@ghostfolio/api/services/data-gathering/data-gathering.module';
 import { DataProviderModule } from '@ghostfolio/api/services/data-provider/data-provider.module';
@ -8,6 +10,7 @@ import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
 import { PropertyModule } from '@ghostfolio/api/services/property/property.module';
 import { SymbolProfileModule } from '@ghostfolio/api/services/symbol-profile/symbol-profile.module';
 import { TagModule } from '@ghostfolio/api/services/tag/tag.module';
+
 import { Module } from '@nestjs/common';
 import { JwtModule } from '@nestjs/jwt';

@ -26,11 +29,12 @@ import { InfoService } from './info.service';
      secret: process.env.JWT_SECRET_KEY,
      signOptions: { expiresIn: '30 days' }
    }),
-    PrismaModule,
+    PlatformModule,
    PropertyModule,
    RedisCacheModule,
    SymbolProfileModule,
-    TagModule
+    TagModule,
+    UserModule
  ],
  providers: [InfoService]
 })
--- a/apps/api/src/app/info/info.service.ts
+++ b/apps/api/src/app/info/info.service.ts
@ -1,33 +1,39 @@
 import { BenchmarkService } from '@ghostfolio/api/app/benchmark/benchmark.service';
+import { PlatformService } from '@ghostfolio/api/app/platform/platform.service';
 import { RedisCacheService } from '@ghostfolio/api/app/redis-cache/redis-cache.service';
+import { UserService } from '@ghostfolio/api/app/user/user.service';
 import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
 import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
-import { PrismaService } from '@ghostfolio/api/services/prisma/prisma.service';
 import { PropertyService } from '@ghostfolio/api/services/property/property.service';
 import { TagService } from '@ghostfolio/api/services/tag/tag.service';
 import {
+  DEFAULT_CURRENCY,
+  PROPERTY_BETTER_UPTIME_MONITOR_ID,
  PROPERTY_COUNTRIES_OF_SUBSCRIBERS,
  PROPERTY_DEMO_USER_ID,
  PROPERTY_IS_READ_ONLY_MODE,
  PROPERTY_SLACK_COMMUNITY_USERS,
  PROPERTY_STRIPE_CONFIG,
-  PROPERTY_SYSTEM_MESSAGE,
  ghostfolioFearAndGreedIndexDataSource
 } from '@ghostfolio/common/config';
 import {
+  DATE_FORMAT,
  encodeDataSource,
  extractNumberFromString
 } from '@ghostfolio/common/helper';
-import { InfoItem } from '@ghostfolio/common/interfaces';
-import { Statistics } from '@ghostfolio/common/interfaces/statistics.interface';
-import { Subscription } from '@ghostfolio/common/interfaces/subscription.interface';
+import {
+  InfoItem,
+  Statistics,
+  Subscription
+} from '@ghostfolio/common/interfaces';
 import { permissions } from '@ghostfolio/common/permissions';
 import { SubscriptionOffer } from '@ghostfolio/common/types';
+
 import { Injectable, Logger } from '@nestjs/common';
 import { JwtService } from '@nestjs/jwt';
-import * as bent from 'bent';
 import * as cheerio from 'cheerio';
-import { subDays } from 'date-fns';
+import { format, subDays } from 'date-fns';
+import got from 'got';

@Injectable()
 export class InfoService {
@ -38,27 +44,22 @@ export class InfoService {
    private readonly configurationService: ConfigurationService,
    private readonly exchangeRateDataService: ExchangeRateDataService,
    private readonly jwtService: JwtService,
-    private readonly prismaService: PrismaService,
+    private readonly platformService: PlatformService,
    private readonly propertyService: PropertyService,
    private readonly redisCacheService: RedisCacheService,
-    private readonly tagService: TagService
+    private readonly tagService: TagService,
+    private readonly userService: UserService
  ) {}

  public async get(): Promise<InfoItem> {
    const info: Partial<InfoItem> = {};
    let isReadOnlyMode: boolean;
-    const platforms = await this.prismaService.platform.findMany({
-      orderBy: { name: 'asc' },
-      select: { id: true, name: true }
+    const platforms = await this.platformService.getPlatforms({
+      orderBy: { name: 'asc' }
    });
-    let systemMessage: string;

    const globalPermissions: string[] = [];

-    if (this.configurationService.get('ENABLE_FEATURE_BLOG')) {
-      globalPermissions.push(permissions.enableBlog);
-    }
-
    if (this.configurationService.get('ENABLE_FEATURE_FEAR_AND_GREED_INDEX')) {
      if (this.configurationService.get('ENABLE_FEATURE_SUBSCRIPTION')) {
        info.fearAndGreedDataSource = encodeDataSource(
@ -97,10 +98,6 @@ export class InfoService {

    if (this.configurationService.get('ENABLE_FEATURE_SYSTEM_MESSAGE')) {
      globalPermissions.push(permissions.enableSystemMessage);
-
-      systemMessage = (await this.propertyService.getByKey(
-        PROPERTY_SYSTEM_MESSAGE
-      )) as string;
    }

    const isUserSignupEnabled =
@ -110,29 +107,32 @@ export class InfoService {
      globalPermissions.push(permissions.createUserAccount);
    }

+    const [benchmarks, demoAuthToken, statistics, subscriptions, tags] =
+      await Promise.all([
+        this.benchmarkService.getBenchmarkAssetProfiles(),
+        this.getDemoAuthToken(),
+        this.getStatistics(),
+        this.getSubscriptions(),
+        this.tagService.get()
+      ]);
+
    return {
      ...info,
+      benchmarks,
+      demoAuthToken,
      globalPermissions,
      isReadOnlyMode,
      platforms,
-      systemMessage,
-      baseCurrency: this.configurationService.get('BASE_CURRENCY'),
-      benchmarks: await this.benchmarkService.getBenchmarkAssetProfiles(),
-      currencies: this.exchangeRateDataService.getCurrencies(),
-      demoAuthToken: await this.getDemoAuthToken(),
-      statistics: await this.getStatistics(),
-      subscriptions: await this.getSubscriptions(),
-      tags: await this.tagService.get()
+      statistics,
+      subscriptions,
+      tags,
+      baseCurrency: DEFAULT_CURRENCY,
+      currencies: this.exchangeRateDataService.getCurrencies()
    };
  }

  private async countActiveUsers(aDays: number) {
-    return await this.prismaService.user.count({
-      orderBy: {
-        Analytics: {
-          updatedAt: 'desc'
-        }
-      },
+    return this.userService.count({
      where: {
        AND: [
          {
@ -154,20 +154,24 @@ export class InfoService {

  private async countDockerHubPulls(): Promise<number> {
    try {
-      const get = bent(
-        `https://hub.docker.com/v2/repositories/ghostfolio/ghostfolio`,
-        'GET',
-        'json',
-        200,
-        {
-          'User-Agent': 'request'
-        }
-      );
+      const abortController = new AbortController();
+
+      setTimeout(() => {
+        abortController.abort();
+      }, this.configurationService.get('REQUEST_TIMEOUT'));
+
+      const { pull_count } = await got(
+        `https://hub.docker.com/v2/repositories/ghostfolio/ghostfolio`,
+        {
+          headers: { 'User-Agent': 'request' },
+          // @ts-ignore
+          signal: abortController.signal
+        }
+      ).json<any>();

-      const { pull_count } = await get();
      return pull_count;
    } catch (error) {
-      Logger.error(error, 'InfoService');
+      Logger.error(error, 'InfoService - DockerHub');

      return undefined;
    }
@ -175,24 +179,26 @@ export class InfoService {

  private async countGitHubContributors(): Promise<number> {
    try {
-      const get = bent(
-        'https://github.com/ghostfolio/ghostfolio',
-        'GET',
-        'string',
-        200,
-        {}
-      );
+      const abortController = new AbortController();

-      const html = await get();
-      const $ = cheerio.load(html);
+      setTimeout(() => {
+        abortController.abort();
+      }, this.configurationService.get('REQUEST_TIMEOUT'));

-      return extractNumberFromString(
-        $(
+      const { body } = await got('https://github.com/ghostfolio/ghostfolio', {
+        // @ts-ignore
+        signal: abortController.signal
+      });
+
+      const $ = cheerio.load(body);
+
+      return extractNumberFromString({
+        value: $(
          `a[href="/ghostfolio/ghostfolio/graphs/contributors"] .Counter`
        ).text()
-      );
+      });
    } catch (error) {
-      Logger.error(error, 'InfoService');
+      Logger.error(error, 'InfoService - GitHub');

      return undefined;
    }
@ -200,30 +206,31 @@ export class InfoService {

  private async countGitHubStargazers(): Promise<number> {
    try {
-      const get = bent(
-        `https://api.github.com/repos/ghostfolio/ghostfolio`,
-        'GET',
-        'json',
-        200,
-        {
-          'User-Agent': 'request'
-        }
-      );
+      const abortController = new AbortController();
+
+      setTimeout(() => {
+        abortController.abort();
+      }, this.configurationService.get('REQUEST_TIMEOUT'));
+
+      const { stargazers_count } = await got(
+        `https://api.github.com/repos/ghostfolio/ghostfolio`,
+        {
+          headers: { 'User-Agent': 'request' },
+          // @ts-ignore
+          signal: abortController.signal
+        }
+      ).json<any>();

-      const { stargazers_count } = await get();
      return stargazers_count;
    } catch (error) {
-      Logger.error(error, 'InfoService');
+      Logger.error(error, 'InfoService - GitHub');

      return undefined;
    }
  }

  private async countNewUsers(aDays: number) {
-    return await this.prismaService.user.count({
-      orderBy: {
-        createdAt: 'desc'
-      },
+    return this.userService.count({
      where: {
        AND: [
          {
@ -286,6 +293,7 @@ export class InfoService {
    const gitHubContributors = await this.countGitHubContributors();
    const gitHubStargazers = await this.countGitHubStargazers();
    const slackCommunityUsers = await this.countSlackCommunityUsers();
+    const uptime = await this.getUptime();

    statistics = {
      activeUsers1d,
@ -294,7 +302,8 @@ export class InfoService {
      gitHubContributors,
      gitHubStargazers,
      newUsers30d,
-      slackCommunityUsers
+      slackCommunityUsers,
+      uptime
    };

    await this.redisCacheService.set(
@ -312,10 +321,47 @@ export class InfoService {
      return undefined;
    }

-    const stripeConfig = (await this.prismaService.property.findUnique({
-      where: { key: PROPERTY_STRIPE_CONFIG }
-    })) ?? { value: '{}' };
+    return (
+      ((await this.propertyService.getByKey(PROPERTY_STRIPE_CONFIG)) as any) ??
+      {}
+    );
+  }

-    return JSON.parse(stripeConfig.value);
+  private async getUptime(): Promise<number> {
+    {
+      try {
+        const monitorId = (await this.propertyService.getByKey(
+          PROPERTY_BETTER_UPTIME_MONITOR_ID
+        )) as string;
+
+        const abortController = new AbortController();
+
+        setTimeout(() => {
+          abortController.abort();
+        }, this.configurationService.get('REQUEST_TIMEOUT'));
+
+        const { data } = await got(
+          `https://uptime.betterstack.com/api/v2/monitors/${monitorId}/sla?from=${format(
+            subDays(new Date(), 90),
+            DATE_FORMAT
+          )}&to${format(new Date(), DATE_FORMAT)}`,
+          {
+            headers: {
+              Authorization: `Bearer ${this.configurationService.get(
+                'API_KEY_BETTER_UPTIME'
+              )}`
+            },
+            // @ts-ignore
+            signal: abortController.signal
+          }
+        ).json<any>();
+
+        return data.attributes.availability / 100;
+      } catch (error) {
+        Logger.error(error, 'InfoService - Better Stack');
+
+        return undefined;
+      }
+    }
  }
 }
--- a/apps/api/src/app/logo/logo.controller.ts
+++ b/apps/api/src/app/logo/logo.controller.ts
@ -1,4 +1,5 @@
 import { TransformDataSourceInRequestInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-request.interceptor';
+
 import {
  Controller,
  Get,
--- a/apps/api/src/app/logo/logo.module.ts
+++ b/apps/api/src/app/logo/logo.module.ts
@ -1,5 +1,6 @@
 import { ConfigurationModule } from '@ghostfolio/api/services/configuration/configuration.module';
 import { SymbolProfileModule } from '@ghostfolio/api/services/symbol-profile/symbol-profile.module';
+
 import { Module } from '@nestjs/common';

 import { LogoController } from './logo.controller';
--- a/apps/api/src/app/logo/logo.service.ts
+++ b/apps/api/src/app/logo/logo.service.ts
@ -1,13 +1,16 @@
+import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
 import { SymbolProfileService } from '@ghostfolio/api/services/symbol-profile/symbol-profile.service';
 import { UniqueAsset } from '@ghostfolio/common/interfaces';
+
 import { HttpException, Injectable } from '@nestjs/common';
 import { DataSource } from '@prisma/client';
-import * as bent from 'bent';
+import got from 'got';
 import { StatusCodes, getReasonPhrase } from 'http-status-codes';

@Injectable()
 export class LogoService {
  public constructor(
+    private readonly configurationService: ConfigurationService,
    private readonly symbolProfileService: SymbolProfileService
  ) {}

@ -41,15 +44,19 @@ export class LogoService {
  }

  private getBuffer(aUrl: string) {
-    const get = bent(
+    const abortController = new AbortController();
+
+    setTimeout(() => {
+      abortController.abort();
+    }, this.configurationService.get('REQUEST_TIMEOUT'));
+
+    return got(
      `https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=${aUrl}&size=64`,
-      'GET',
-      'buffer',
-      200,
      {
-        'User-Agent': 'request'
+        headers: { 'User-Agent': 'request' },
+        // @ts-ignore
+        signal: abortController.signal
      }
-    );
-    return get();
+    ).buffer();
  }
 }
--- a/apps/api/src/app/order/create-order.dto.ts
+++ b/apps/api/src/app/order/create-order.dto.ts
@ -10,10 +10,12 @@ import {
  IsArray,
  IsBoolean,
  IsEnum,
+  IsISO4217CurrencyCode,
  IsISO8601,
  IsNumber,
  IsOptional,
-  IsString
+  IsString,
+  Min
 } from 'class-validator';
 import { isString } from 'lodash';

@ -37,7 +39,7 @@ export class CreateOrderDto {
  )
  comment?: string;

-  @IsString()
+  @IsISO4217CurrencyCode()
  currency: string;

  @IsOptional()
@ -48,9 +50,11 @@ export class CreateOrderDto {
  date: string;

  @IsNumber()
+  @Min(0)
  fee: number;

  @IsNumber()
+  @Min(0)
  quantity: number;

  @IsString()
@ -64,9 +68,10 @@ export class CreateOrderDto {
  type: Type;

  @IsNumber()
+  @Min(0)
  unitPrice: number;

  @IsBoolean()
  @IsOptional()
-  updateAccountBalance: boolean;
+  updateAccountBalance?: boolean;
 }
--- a/apps/api/src/app/order/interfaces/activities.interface.ts
+++ b/apps/api/src/app/order/interfaces/activities.interface.ts
@ -2,11 +2,18 @@ import { OrderWithAccount } from '@ghostfolio/common/types';

 export interface Activities {
  activities: Activity[];
+  count: number;
 }

 export interface Activity extends OrderWithAccount {
+  error?: ActivityError;
  feeInBaseCurrency: number;
  updateAccountBalance?: boolean;
  value: number;
  valueInBaseCurrency: number;
 }
+
+export interface ActivityError {
+  code: 'IS_DUPLICATE';
+  message?: string;
+}
--- a/apps/api/src/app/order/order.controller.ts
+++ b/apps/api/src/app/order/order.controller.ts
@ -1,11 +1,15 @@
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
 import { RedactValuesInResponseInterceptor } from '@ghostfolio/api/interceptors/redact-values-in-response.interceptor';
 import { TransformDataSourceInRequestInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-request.interceptor';
 import { TransformDataSourceInResponseInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-response.interceptor';
 import { ApiService } from '@ghostfolio/api/services/api/api.service';
+import { DataGatheringService } from '@ghostfolio/api/services/data-gathering/data-gathering.service';
 import { ImpersonationService } from '@ghostfolio/api/services/impersonation/impersonation.service';
 import { HEADER_KEY_IMPERSONATION } from '@ghostfolio/common/config';
 import { hasPermission, permissions } from '@ghostfolio/common/permissions';
 import type { RequestWithUser } from '@ghostfolio/common/types';
+
 import {
  Body,
  Controller,
@ -23,7 +27,7 @@ import {
 } from '@nestjs/common';
 import { REQUEST } from '@nestjs/core';
 import { AuthGuard } from '@nestjs/passport';
-import { Order as OrderModel } from '@prisma/client';
+import { Order as OrderModel, Prisma } from '@prisma/client';
 import { parseISO } from 'date-fns';
 import { StatusCodes, getReasonPhrase } from 'http-status-codes';

@ -36,30 +40,23 @@ import { UpdateOrderDto } from './update-order.dto';
 export class OrderController {
  public constructor(
    private readonly apiService: ApiService,
+    private readonly dataGatheringService: DataGatheringService,
    private readonly impersonationService: ImpersonationService,
    private readonly orderService: OrderService,
    @Inject(REQUEST) private readonly request: RequestWithUser
  ) {}

  @Delete()
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.deleteOrder)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async deleteOrders(): Promise<number> {
-    if (
-      !hasPermission(this.request.user.permissions, permissions.deleteOrder)
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    return this.orderService.deleteOrders({
      userId: this.request.user.id
    });
  }

  @Delete(':id')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async deleteOrder(@Param('id') id: string): Promise<OrderModel> {
    const order = await this.orderService.order({ id });

@ -80,14 +77,18 @@ export class OrderController {
  }

  @Get()
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  @UseInterceptors(RedactValuesInResponseInterceptor)
  @UseInterceptors(TransformDataSourceInResponseInterceptor)
  public async getAllOrders(
    @Headers(HEADER_KEY_IMPERSONATION.toLowerCase()) impersonationId,
    @Query('accounts') filterByAccounts?: string,
    @Query('assetClasses') filterByAssetClasses?: string,
-    @Query('tags') filterByTags?: string
+    @Query('skip') skip?: number,
+    @Query('sortColumn') sortColumn?: string,
+    @Query('sortDirection') sortDirection?: Prisma.SortOrder,
+    @Query('tags') filterByTags?: string,
+    @Query('take') take?: number
  ): Promise<Activities> {
    const filters = this.apiService.buildFiltersFromQueryParams({
      filterByAccounts,
@ -99,31 +100,27 @@ export class OrderController {
      await this.impersonationService.validateImpersonationId(impersonationId);
    const userCurrency = this.request.user.Settings.settings.baseCurrency;

-    const activities = await this.orderService.getOrders({
+    const { activities, count } = await this.orderService.getOrders({
      filters,
+      sortColumn,
+      sortDirection,
      userCurrency,
      includeDrafts: true,
+      skip: isNaN(skip) ? undefined : skip,
+      take: isNaN(take) ? undefined : take,
      userId: impersonationUserId || this.request.user.id,
      withExcludedAccounts: true
    });

-    return { activities };
+    return { activities, count };
  }

+  @HasPermission(permissions.createOrder)
  @Post()
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  @UseInterceptors(TransformDataSourceInRequestInterceptor)
  public async createOrder(@Body() data: CreateOrderDto): Promise<OrderModel> {
-    if (
-      !hasPermission(this.request.user.permissions, permissions.createOrder)
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
-    return this.orderService.createOrder({
+    const order = await this.orderService.createOrder({
      ...data,
      date: parseISO(data.date),
      SymbolProfile: {
@ -144,21 +141,32 @@ export class OrderController {
      User: { connect: { id: this.request.user.id } },
      userId: this.request.user.id
    });
+
+    if (data.dataSource && !order.isDraft) {
+      // Gather symbol data in the background, if data source is set
+      // (not MANUAL) and not draft
+      this.dataGatheringService.gatherSymbols([
+        {
+          dataSource: data.dataSource,
+          date: order.date,
+          symbol: data.symbol
+        }
+      ]);
+    }
+
+    return order;
  }

+  @HasPermission(permissions.updateOrder)
  @Put(':id')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  @UseInterceptors(TransformDataSourceInRequestInterceptor)
  public async update(@Param('id') id: string, @Body() data: UpdateOrderDto) {
    const originalOrder = await this.orderService.order({
      id
    });

-    if (
-      !hasPermission(this.request.user.permissions, permissions.updateOrder) ||
-      !originalOrder ||
-      originalOrder.userId !== this.request.user.id
-    ) {
+    if (!originalOrder || originalOrder.userId !== this.request.user.id) {
      throw new HttpException(
        getReasonPhrase(StatusCodes.FORBIDDEN),
        StatusCodes.FORBIDDEN
--- a/apps/api/src/app/order/order.module.ts
+++ b/apps/api/src/app/order/order.module.ts
@ -1,3 +1,4 @@
+import { AccountBalanceService } from '@ghostfolio/api/app/account-balance/account-balance.service';
 import { AccountService } from '@ghostfolio/api/app/account/account.service';
 import { CacheModule } from '@ghostfolio/api/app/cache/cache.module';
 import { RedisCacheModule } from '@ghostfolio/api/app/redis-cache/redis-cache.module';
@ -10,6 +11,7 @@ import { ExchangeRateDataModule } from '@ghostfolio/api/services/exchange-rate-d
 import { ImpersonationModule } from '@ghostfolio/api/services/impersonation/impersonation.module';
 import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
 import { SymbolProfileModule } from '@ghostfolio/api/services/symbol-profile/symbol-profile.module';
+
 import { Module } from '@nestjs/common';

 import { OrderController } from './order.controller';
@ -31,6 +33,6 @@ import { OrderService } from './order.service';
    SymbolProfileModule,
    UserModule
  ],
-  providers: [AccountService, OrderService]
+  providers: [AccountBalanceService, AccountService, OrderService]
 })
 export class OrderModule {}
--- a/apps/api/src/app/order/order.service.ts
+++ b/apps/api/src/app/order/order.service.ts
@ -7,8 +7,10 @@ import {
  GATHER_ASSET_PROFILE_PROCESS,
  GATHER_ASSET_PROFILE_PROCESS_OPTIONS
 } from '@ghostfolio/common/config';
-import { Filter } from '@ghostfolio/common/interfaces';
+import { getAssetProfileIdentifier } from '@ghostfolio/common/helper';
+import { Filter, UniqueAsset } from '@ghostfolio/common/interfaces';
 import { OrderWithAccount } from '@ghostfolio/common/types';
+
 import { Injectable } from '@nestjs/common';
 import {
  AssetClass,
@ -17,14 +19,14 @@ import {
  Order,
  Prisma,
  Tag,
-  Type as TypeOfOrder
+  Type as ActivityType
 } from '@prisma/client';
 import Big from 'big.js';
 import { endOfToday, isAfter } from 'date-fns';
 import { groupBy } from 'lodash';
 import { v4 as uuidv4 } from 'uuid';

-import { Activity } from './interfaces/activities.interface';
+import { Activities } from './interfaces/activities.interface';

@Injectable()
 export class OrderService {
@ -36,34 +38,6 @@ export class OrderService {
    private readonly symbolProfileService: SymbolProfileService
  ) {}

-  public async order(
-    orderWhereUniqueInput: Prisma.OrderWhereUniqueInput
-  ): Promise<Order | null> {
-    return this.prismaService.order.findUnique({
-      where: orderWhereUniqueInput
-    });
-  }
-
-  public async orders(params: {
-    include?: Prisma.OrderInclude;
-    skip?: number;
-    take?: number;
-    cursor?: Prisma.OrderWhereUniqueInput;
-    where?: Prisma.OrderWhereInput;
-    orderBy?: Prisma.OrderOrderByWithRelationInput;
-  }): Promise<OrderWithAccount[]> {
-    const { include, skip, take, cursor, where, orderBy } = params;
-
-    return this.prismaService.order.findMany({
-      cursor,
-      include,
-      orderBy,
-      skip,
-      take,
-      where
-    });
-  }
-
  public async createOrder(
    data: Prisma.OrderCreateInput & {
      accountId?: string;
@ -96,7 +70,7 @@ export class OrderService {
    const updateAccountBalance = data.updateAccountBalance ?? false;
    const userId = data.userId;

-    if (data.type === 'ITEM') {
+    if (['FEE', 'INTEREST', 'ITEM', 'LIABILITY'].includes(data.type)) {
      const assetClass = data.assetClass;
      const assetSubClass = data.assetSubClass;
      currency = data.SymbolProfile.connectOrCreate.create.currency;
@ -117,29 +91,21 @@ export class OrderService {
      };
    }

-    await this.dataGatheringService.addJobToQueue({
-      data: {
-        dataSource: data.SymbolProfile.connectOrCreate.create.dataSource,
-        symbol: data.SymbolProfile.connectOrCreate.create.symbol
-      },
-      name: GATHER_ASSET_PROFILE_PROCESS,
-      opts: {
-        ...GATHER_ASSET_PROFILE_PROCESS_OPTIONS,
-        jobId: `${data.SymbolProfile.connectOrCreate.create.dataSource}-${data.SymbolProfile.connectOrCreate.create.symbol}`
-      }
-    });
-
-    const isDraft = isAfter(data.date as Date, endOfToday());
-
-    if (!isDraft) {
-      // Gather symbol data of order in the background, if not draft
-      this.dataGatheringService.gatherSymbols([
-        {
+    if (data.SymbolProfile.connectOrCreate.create.dataSource !== 'MANUAL') {
+      this.dataGatheringService.addJobToQueue({
+        data: {
          dataSource: data.SymbolProfile.connectOrCreate.create.dataSource,
-          date: <Date>data.date,
          symbol: data.SymbolProfile.connectOrCreate.create.symbol
+        },
+        name: GATHER_ASSET_PROFILE_PROCESS,
+        opts: {
+          ...GATHER_ASSET_PROFILE_PROCESS_OPTIONS,
+          jobId: getAssetProfileIdentifier({
+            dataSource: data.SymbolProfile.connectOrCreate.create.dataSource,
+            symbol: data.SymbolProfile.connectOrCreate.create.symbol
+          })
        }
-      ]);
+      });
    }

    delete data.accountId;
@ -159,6 +125,10 @@ export class OrderService {

    const orderData: Prisma.OrderCreateInput = data;

+    const isDraft = ['FEE', 'INTEREST', 'ITEM', 'LIABILITY'].includes(data.type)
+      ? false
+      : isAfter(data.date as Date, endOfToday());
+
    const order = await this.prismaService.order.create({
      data: {
        ...orderData,
@ -201,7 +171,7 @@ export class OrderService {
      where
    });

-    if (order.type === 'ITEM') {
+    if (['FEE', 'INTEREST', 'ITEM', 'LIABILITY'].includes(order.type)) {
      await this.symbolProfileService.deleteById(order.symbolProfileId);
    }

@ -216,9 +186,24 @@ export class OrderService {
    return count;
  }

+  public async getLatestOrder({ dataSource, symbol }: UniqueAsset) {
+    return this.prismaService.order.findFirst({
+      orderBy: {
+        date: 'desc'
+      },
+      where: {
+        SymbolProfile: { dataSource, symbol }
+      }
+    });
+  }
+
  public async getOrders({
    filters,
    includeDrafts = false,
+    skip,
+    sortColumn,
+    sortDirection,
+    take = Number.MAX_SAFE_INTEGER,
    types,
    userCurrency,
    userId,
@ -226,11 +211,18 @@ export class OrderService {
  }: {
    filters?: Filter[];
    includeDrafts?: boolean;
-    types?: TypeOfOrder[];
+    skip?: number;
+    sortColumn?: string;
+    sortDirection?: Prisma.SortOrder;
+    take?: number;
+    types?: ActivityType[];
    userCurrency: string;
    userId: string;
    withExcludedAccounts?: boolean;
-  }): Promise<Activity[]> {
+  }): Promise<Activities> {
+    let orderBy: Prisma.Enumerable<Prisma.OrderOrderByWithRelationInput> = [
+      { date: 'asc' }
+    ];
    const where: Prisma.OrderWhereInput = { userId };

    const {
@ -292,18 +284,26 @@ export class OrderService {
      };
    }

-    if (types) {
-      where.OR = types.map((type) => {
-        return {
-          type: {
-            equals: type
-          }
-        };
-      });
+    if (sortColumn) {
+      orderBy = [{ [sortColumn]: sortDirection }];
    }

-    return (
-      await this.orders({
+    if (types) {
+      where.type = { in: types };
+    }
+
+    if (withExcludedAccounts === false) {
+      where.OR = [
+        { Account: null },
+        { Account: { NOT: { isExcluded: true } } }
+      ];
+    }
+
+    const [orders, count] = await Promise.all([
+      this.orders({
+        orderBy,
+        skip,
+        take,
        where,
        include: {
          // eslint-disable-next-line @typescript-eslint/naming-convention
@ -315,31 +315,41 @@ export class OrderService {
          // eslint-disable-next-line @typescript-eslint/naming-convention
          SymbolProfile: true,
          tags: true
-        },
-        orderBy: { date: 'asc' }
-      })
-    )
-      .filter((order) => {
-        return withExcludedAccounts || order.Account?.isExcluded === false;
-      })
-      .map((order) => {
-        const value = new Big(order.quantity).mul(order.unitPrice).toNumber();
+        }
+      }),
+      this.prismaService.order.count({ where })
+    ]);

-        return {
-          ...order,
+    const activities = orders.map((order) => {
+      const value = new Big(order.quantity).mul(order.unitPrice).toNumber();
+
+      return {
+        ...order,
+        value,
+        // TODO: Use exchange rate of date
+        feeInBaseCurrency: this.exchangeRateDataService.toCurrency(
+          order.fee,
+          order.SymbolProfile.currency,
+          userCurrency
+        ),
+        // TODO: Use exchange rate of date
+        valueInBaseCurrency: this.exchangeRateDataService.toCurrency(
          value,
-          feeInBaseCurrency: this.exchangeRateDataService.toCurrency(
-            order.fee,
-            order.SymbolProfile.currency,
-            userCurrency
-          ),
-          valueInBaseCurrency: this.exchangeRateDataService.toCurrency(
-            value,
-            order.SymbolProfile.currency,
-            userCurrency
-          )
-        };
-      });
+          order.SymbolProfile.currency,
+          userCurrency
+        )
+      };
+    });
+
+    return { activities, count };
+  }
+
+  public async order(
+    orderWhereUniqueInput: Prisma.OrderWhereUniqueInput
+  ): Promise<Order | null> {
+    return this.prismaService.order.findUnique({
+      where: orderWhereUniqueInput
+    });
  }

  public async updateOrder({
@ -353,13 +363,10 @@ export class OrderService {
      dataSource?: DataSource;
      symbol?: string;
      tags?: Tag[];
+      type?: ActivityType;
    };
    where: Prisma.OrderWhereUniqueInput;
  }): Promise<Order> {
-    if (data.Account.connect.id_userId.id === null) {
-      delete data.Account;
-    }
-
    if (!data.comment) {
      data.comment = null;
    }
@ -368,8 +375,12 @@ export class OrderService {

    let isDraft = false;

-    if (data.type === 'ITEM') {
+    if (['FEE', 'INTEREST', 'ITEM', 'LIABILITY'].includes(data.type)) {
      delete data.SymbolProfile.connect;
+
+      if (data.Account?.connect?.id_userId?.id === null) {
+        data.Account = { disconnect: true };
+      }
    } else {
      delete data.SymbolProfile.update;

@ -413,4 +424,24 @@ export class OrderService {
      where
    });
  }
+
+  private async orders(params: {
+    include?: Prisma.OrderInclude;
+    skip?: number;
+    take?: number;
+    cursor?: Prisma.OrderWhereUniqueInput;
+    where?: Prisma.OrderWhereInput;
+    orderBy?: Prisma.Enumerable<Prisma.OrderOrderByWithRelationInput>;
+  }): Promise<OrderWithAccount[]> {
+    const { include, skip, take, cursor, where, orderBy } = params;
+
+    return this.prismaService.order.findMany({
+      cursor,
+      include,
+      orderBy,
+      skip,
+      take,
+      where
+    });
+  }
 }
--- a/apps/api/src/app/order/update-order.dto.ts
+++ b/apps/api/src/app/order/update-order.dto.ts
@ -8,12 +8,13 @@ import {
 import { Transform, TransformFnParams } from 'class-transformer';
 import {
  IsArray,
-  IsBoolean,
  IsEnum,
+  IsISO4217CurrencyCode,
  IsISO8601,
  IsNumber,
  IsOptional,
-  IsString
+  IsString,
+  Min
 } from 'class-validator';
 import { isString } from 'lodash';

@ -37,7 +38,7 @@ export class UpdateOrderDto {
  )
  comment?: string;

-  @IsString()
+  @IsISO4217CurrencyCode()
  currency: string;

  @IsString()
@ -47,12 +48,14 @@ export class UpdateOrderDto {
  date: string;

  @IsNumber()
+  @Min(0)
  fee: number;

  @IsString()
  id: string;

  @IsNumber()
+  @Min(0)
  quantity: number;

  @IsString()
@ -66,9 +69,6 @@ export class UpdateOrderDto {
  type: Type;

  @IsNumber()
+  @Min(0)
  unitPrice: number;
-
-  @IsBoolean()
-  @IsOptional()
-  updateAccountBalance: boolean;
 }
--- a/apps/api/src/app/platform/platform.controller.ts
+++ b/apps/api/src/app/platform/platform.controller.ts
@ -1,18 +1,18 @@
-import { hasPermission, permissions } from '@ghostfolio/common/permissions';
-import type { RequestWithUser } from '@ghostfolio/common/types';
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import { permissions } from '@ghostfolio/common/permissions';
+
 import {
  Body,
  Controller,
  Delete,
  Get,
  HttpException,
-  Inject,
  Param,
  Post,
  Put,
  UseGuards
 } from '@nestjs/common';
-import { REQUEST } from '@nestjs/core';
 import { AuthGuard } from '@nestjs/passport';
 import { Platform } from '@prisma/client';
 import { StatusCodes, getReasonPhrase } from 'http-status-codes';
@ -23,48 +23,30 @@ import { UpdatePlatformDto } from './update-platform.dto';

@Controller('platform')
 export class PlatformController {
-  public constructor(
-    private readonly platformService: PlatformService,
-    @Inject(REQUEST) private readonly request: RequestWithUser
-  ) {}
+  public constructor(private readonly platformService: PlatformService) {}

  @Get()
-  @UseGuards(AuthGuard('jwt'))
-  public async getPlatforms(): Promise<Platform[]> {
-    return this.platformService.getPlatforms();
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async getPlatforms() {
+    return this.platformService.getPlatformsWithAccountCount();
  }

+  @HasPermission(permissions.createPlatform)
  @Post()
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async createPlatform(
    @Body() data: CreatePlatformDto
  ): Promise<Platform> {
-    if (
-      !hasPermission(this.request.user.permissions, permissions.createPlatform)
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
    return this.platformService.createPlatform(data);
  }

+  @HasPermission(permissions.updatePlatform)
  @Put(':id')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async updatePlatform(
    @Param('id') id: string,
    @Body() data: UpdatePlatformDto
  ) {
-    if (
-      !hasPermission(this.request.user.permissions, permissions.updatePlatform)
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    const originalPlatform = await this.platformService.getPlatform({
      id
    });
@ -87,17 +69,9 @@ export class PlatformController {
  }

  @Delete(':id')
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.deletePlatform)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async deletePlatform(@Param('id') id: string) {
-    if (
-      !hasPermission(this.request.user.permissions, permissions.deletePlatform)
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    const originalPlatform = await this.platformService.getPlatform({
      id
    });
--- a/apps/api/src/app/platform/platform.module.ts
+++ b/apps/api/src/app/platform/platform.module.ts
@ -1,4 +1,5 @@
 import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
+
 import { Module } from '@nestjs/common';

 import { PlatformController } from './platform.controller';
--- a/apps/api/src/app/platform/platform.service.ts
+++ b/apps/api/src/app/platform/platform.service.ts
@ -1,4 +1,5 @@
 import { PrismaService } from '@ghostfolio/api/services/prisma/prisma.service';
+
 import { Injectable } from '@nestjs/common';
 import { Platform, Prisma } from '@prisma/client';

@ -6,8 +7,16 @@ import { Platform, Prisma } from '@prisma/client';
 export class PlatformService {
  public constructor(private readonly prismaService: PrismaService) {}

-  public async getPlatforms(): Promise<Platform[]> {
-    return this.prismaService.platform.findMany();
+  public async createPlatform(data: Prisma.PlatformCreateInput) {
+    return this.prismaService.platform.create({
+      data
+    });
+  }
+
+  public async deletePlatform(
+    where: Prisma.PlatformWhereUniqueInput
+  ): Promise<Platform> {
+    return this.prismaService.platform.delete({ where });
  }

  public async getPlatform(
@ -18,9 +27,45 @@ export class PlatformService {
    });
  }

-  public async createPlatform(data: Prisma.PlatformCreateInput) {
-    return this.prismaService.platform.create({
-      data
+  public async getPlatforms({
+    cursor,
+    orderBy,
+    skip,
+    take,
+    where
+  }: {
+    cursor?: Prisma.PlatformWhereUniqueInput;
+    orderBy?: Prisma.PlatformOrderByWithRelationInput;
+    skip?: number;
+    take?: number;
+    where?: Prisma.PlatformWhereInput;
+  } = {}) {
+    return this.prismaService.platform.findMany({
+      cursor,
+      orderBy,
+      skip,
+      take,
+      where
+    });
+  }
+
+  public async getPlatformsWithAccountCount() {
+    const platformsWithAccountCount =
+      await this.prismaService.platform.findMany({
+        include: {
+          _count: {
+            select: { Account: true }
+          }
+        }
+      });
+
+    return platformsWithAccountCount.map(({ _count, id, name, url }) => {
+      return {
+        id,
+        name,
+        url,
+        accountCount: _count.Account
+      };
    });
  }

@ -36,10 +81,4 @@ export class PlatformService {
      where
    });
  }
-
-  public async deletePlatform(
-    where: Prisma.PlatformWhereUniqueInput
-  ): Promise<Platform> {
-    return this.prismaService.platform.delete({ where });
-  }
 }
--- a/apps/api/src/app/portfolio/current-rate.service.mock.ts
+++ b/apps/api/src/app/portfolio/current-rate.service.mock.ts
@ -1,4 +1,5 @@
 import { parseDate, resetHours } from '@ghostfolio/common/helper';
+
 import { addDays, endOfDay, isBefore, isSameDay } from 'date-fns';

 import { GetValueObject } from './interfaces/get-value-object.interface';
@ -33,6 +34,26 @@ function mockGetValue(symbol: string, date: Date) {

      return { marketPrice: 0 };

+    case 'GOOGL':
+      if (isSameDay(parseDate('2023-01-03'), date)) {
+        return { marketPrice: 89.12 };
+      } else if (isSameDay(parseDate('2023-07-10'), date)) {
+        return { marketPrice: 116.45 };
+      }
+
+      return { marketPrice: 0 };
+
+    case 'MSFT':
+      if (isSameDay(parseDate('2021-09-16'), date)) {
+        return { marketPrice: 89.12 };
+      } else if (isSameDay(parseDate('2021-11-16'), date)) {
+        return { marketPrice: 339.51 };
+      } else if (isSameDay(parseDate('2023-07-10'), date)) {
+        return { marketPrice: 331.83 };
+      }
+
+      return { marketPrice: 0 };
+
    case 'NOVN.SW':
      if (isSameDay(parseDate('2022-04-11'), date)) {
        return { marketPrice: 87.8 };
@ -61,10 +82,9 @@ export const CurrentRateServiceMock = {
        for (const dataGatheringItem of dataGatheringItems) {
          values.push({
            date,
-            marketPriceInBaseCurrency: mockGetValue(
-              dataGatheringItem.symbol,
-              date
-            ).marketPrice,
+            dataSource: dataGatheringItem.dataSource,
+            marketPrice: mockGetValue(dataGatheringItem.symbol, date)
+              .marketPrice,
            symbol: dataGatheringItem.symbol
          });
        }
@ -74,10 +94,9 @@ export const CurrentRateServiceMock = {
        for (const dataGatheringItem of dataGatheringItems) {
          values.push({
            date,
-            marketPriceInBaseCurrency: mockGetValue(
-              dataGatheringItem.symbol,
-              date
-            ).marketPrice,
+            dataSource: dataGatheringItem.dataSource,
+            marketPrice: mockGetValue(dataGatheringItem.symbol, date)
+              .marketPrice,
            symbol: dataGatheringItem.symbol
          });
        }
--- a/apps/api/src/app/portfolio/current-rate.service.spec.ts
+++ b/apps/api/src/app/portfolio/current-rate.service.spec.ts
@ -1,7 +1,8 @@
 import { DataProviderService } from '@ghostfolio/api/services/data-provider/data-provider.service';
-import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
 import { MarketDataService } from '@ghostfolio/api/services/market-data/market-data.service';
 import { PropertyService } from '@ghostfolio/api/services/property/property.service';
+import { UniqueAsset } from '@ghostfolio/common/interfaces';
+
 import { DataSource, MarketData } from '@prisma/client';

 import { CurrentRateService } from './current-rate.service';
@ -25,30 +26,30 @@ jest.mock('@ghostfolio/api/services/market-data/market-data.service', () => {
        getRange: ({
          dateRangeEnd,
          dateRangeStart,
-          symbols
+          uniqueAssets
        }: {
          dateRangeEnd: Date;
          dateRangeStart: Date;
-          symbols: string[];
+          uniqueAssets: UniqueAsset[];
        }) => {
          return Promise.resolve<MarketData[]>([
            {
              createdAt: dateRangeStart,
-              dataSource: DataSource.YAHOO,
+              dataSource: uniqueAssets[0].dataSource,
              date: dateRangeStart,
              id: '8fa48fde-f397-4b0d-adbc-fb940e830e6d',
              marketPrice: 1841.823902,
              state: 'CLOSE',
-              symbol: symbols[0]
+              symbol: uniqueAssets[0].symbol
            },
            {
              createdAt: dateRangeEnd,
-              dataSource: DataSource.YAHOO,
+              dataSource: uniqueAssets[0].dataSource,
              date: dateRangeEnd,
              id: '082d6893-df27-4c91-8a5d-092e84315b56',
              marketPrice: 1847.839966,
              state: 'CLOSE',
-              symbol: symbols[0]
+              symbol: uniqueAssets[0].symbol
            }
          ]);
        }
@ -66,7 +67,8 @@ jest.mock(
          initialize: () => Promise.resolve(),
          toCurrency: (value: number) => {
            return 1 * value;
-          }
+          },
+          getExchangeRates: () => Promise.resolve()
        };
      })
    };
@ -86,7 +88,6 @@ jest.mock('@ghostfolio/api/services/property/property.service', () => {
 describe('CurrentRateService', () => {
  let currentRateService: CurrentRateService;
  let dataProviderService: DataProviderService;
-  let exchangeRateDataService: ExchangeRateDataService;
  let marketDataService: MarketDataService;
  let propertyService: PropertyService;

@ -98,44 +99,37 @@ describe('CurrentRateService', () => {
      [],
      null,
      null,
-      propertyService
-    );
-    exchangeRateDataService = new ExchangeRateDataService(
-      null,
-      null,
-      null,
-      null,
+      propertyService,
      null
    );
-    marketDataService = new MarketDataService(null);

-    await exchangeRateDataService.initialize();
+    marketDataService = new MarketDataService(null);

    currentRateService = new CurrentRateService(
      dataProviderService,
-      exchangeRateDataService,
-      marketDataService
+      marketDataService,
+      null,
+      null
    );
  });

  it('getValues', async () => {
    expect(
      await currentRateService.getValues({
-        currencies: { AMZN: 'USD' },
        dataGatheringItems: [{ dataSource: DataSource.YAHOO, symbol: 'AMZN' }],
        dateQuery: {
          lt: new Date(Date.UTC(2020, 0, 2, 0, 0, 0)),
          gte: new Date(Date.UTC(2020, 0, 1, 0, 0, 0))
-        },
-        userCurrency: 'CHF'
+        }
      })
    ).toMatchObject<GetValuesObject>({
      dataProviderInfos: [],
      errors: [],
      values: [
        {
+          dataSource: 'YAHOO',
          date: undefined,
-          marketPriceInBaseCurrency: 1841.823902,
+          marketPrice: 1841.823902,
          symbol: 'AMZN'
        }
      ]
--- a/apps/api/src/app/portfolio/current-rate.service.ts
+++ b/apps/api/src/app/portfolio/current-rate.service.ts
@ -1,9 +1,16 @@
+import { OrderService } from '@ghostfolio/api/app/order/order.service';
 import { DataProviderService } from '@ghostfolio/api/services/data-provider/data-provider.service';
-import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
 import { MarketDataService } from '@ghostfolio/api/services/market-data/market-data.service';
 import { resetHours } from '@ghostfolio/common/helper';
-import { DataProviderInfo, ResponseError } from '@ghostfolio/common/interfaces';
-import { Injectable } from '@nestjs/common';
+import {
+  DataProviderInfo,
+  ResponseError,
+  UniqueAsset
+} from '@ghostfolio/common/interfaces';
+import type { RequestWithUser } from '@ghostfolio/common/types';
+
+import { Inject, Injectable } from '@nestjs/common';
+import { REQUEST } from '@nestjs/core';
 import { isBefore, isToday } from 'date-fns';
 import { flatten, isEmpty, uniqBy } from 'lodash';

@ -15,17 +22,18 @@ import { GetValuesParams } from './interfaces/get-values-params.interface';
 export class CurrentRateService {
  public constructor(
    private readonly dataProviderService: DataProviderService,
-    private readonly exchangeRateDataService: ExchangeRateDataService,
-    private readonly marketDataService: MarketDataService
+    private readonly marketDataService: MarketDataService,
+    private readonly orderService: OrderService,
+    @Inject(REQUEST) private readonly request: RequestWithUser
  ) {}

+  // TODO: Pass user instead of using this.request.user
  public async getValues({
-    currencies,
    dataGatheringItems,
-    dateQuery,
-    userCurrency
+    dateQuery
  }: GetValuesParams): Promise<GetValuesObject> {
    const dataProviderInfos: DataProviderInfo[] = [];
+
    const includeToday =
      (!dateQuery.lt || isBefore(new Date(), dateQuery.lt)) &&
      (!dateQuery.gte || isBefore(dateQuery.gte, new Date())) &&
@ -38,9 +46,10 @@ export class CurrentRateService {
    if (includeToday) {
      promises.push(
        this.dataProviderService
-          .getQuotes(dataGatheringItems)
+          .getQuotes({ items: dataGatheringItems, user: this.request?.user })
          .then((dataResultProvider) => {
            const result: GetValueObject[] = [];
+
            for (const dataGatheringItem of dataGatheringItems) {
              if (
                dataResultProvider?.[dataGatheringItem.symbol]?.dataProviderInfo
@ -52,14 +61,10 @@ export class CurrentRateService {

              if (dataResultProvider?.[dataGatheringItem.symbol]?.marketPrice) {
                result.push({
+                  dataSource: dataGatheringItem.dataSource,
                  date: today,
-                  marketPriceInBaseCurrency:
-                    this.exchangeRateDataService.toCurrency(
-                      dataResultProvider?.[dataGatheringItem.symbol]
-                        ?.marketPrice,
-                      dataResultProvider?.[dataGatheringItem.symbol]?.currency,
-                      userCurrency
-                    ),
+                  marketPrice:
+                    dataResultProvider?.[dataGatheringItem.symbol]?.marketPrice,
                  symbol: dataGatheringItem.symbol
                });
              } else {
@ -75,27 +80,25 @@ export class CurrentRateService {
      );
    }

-    const symbols = dataGatheringItems.map((dataGatheringItem) => {
-      return dataGatheringItem.symbol;
-    });
+    const uniqueAssets: UniqueAsset[] = dataGatheringItems.map(
+      ({ dataSource, symbol }) => {
+        return { dataSource, symbol };
+      }
+    );

    promises.push(
      this.marketDataService
        .getRange({
          dateQuery,
-          symbols
+          uniqueAssets
        })
        .then((data) => {
-          return data.map((marketDataItem) => {
+          return data.map(({ dataSource, date, marketPrice, symbol }) => {
            return {
-              date: marketDataItem.date,
-              marketPriceInBaseCurrency:
-                this.exchangeRateDataService.toCurrency(
-                  marketDataItem.marketPrice,
-                  currencies[marketDataItem.symbol],
-                  userCurrency
-                ),
-              symbol: marketDataItem.symbol
+              dataSource,
+              date,
+              marketPrice,
+              symbol
            };
          });
        })
@ -112,7 +115,7 @@ export class CurrentRateService {
    };

    if (!isEmpty(quoteErrors)) {
-      for (const { symbol } of quoteErrors) {
+      for (const { dataSource, symbol } of quoteErrors) {
        try {
          // If missing quote, fallback to the latest available historical market price
          let value: GetValueObject = response.values.find((currentValue) => {
@ -120,10 +123,17 @@ export class CurrentRateService {
          });

          if (!value) {
+            // Fallback to unit price of latest activity
+            const latestActivity = await this.orderService.getLatestOrder({
+              dataSource,
+              symbol
+            });
+
            value = {
+              dataSource,
              symbol,
              date: today,
-              marketPriceInBaseCurrency: 0
+              marketPrice: latestActivity?.unitPrice ?? 0
            };

            response.values.push(value);
@ -131,10 +141,7 @@ export class CurrentRateService {

          const [latestValue] = response.values
            .filter((currentValue) => {
-              return (
-                currentValue.symbol === symbol &&
-                currentValue.marketPriceInBaseCurrency
-              );
+              return currentValue.symbol === symbol && currentValue.marketPrice;
            })
            .sort((a, b) => {
              if (a.date < b.date) {
@ -148,8 +155,7 @@ export class CurrentRateService {
              return 0;
            });

-          value.marketPriceInBaseCurrency =
-            latestValue.marketPriceInBaseCurrency;
+          value.marketPrice = latestValue.marketPrice;
        } catch {}
      }
    }
--- a/apps/api/src/app/portfolio/interfaces/current-positions.interface.ts
+++ b/apps/api/src/app/portfolio/interfaces/current-positions.interface.ts
@ -1,13 +1,19 @@
 import { ResponseError, TimelinePosition } from '@ghostfolio/common/interfaces';
+
 import Big from 'big.js';

 export interface CurrentPositions extends ResponseError {
-  positions: TimelinePosition[];
+  currentValueInBaseCurrency: Big;
  grossPerformance: Big;
+  grossPerformanceWithCurrencyEffect: Big;
  grossPerformancePercentage: Big;
+  grossPerformancePercentageWithCurrencyEffect: Big;
  netAnnualizedPerformance?: Big;
+  netAnnualizedPerformanceWithCurrencyEffect?: Big;
  netPerformance: Big;
+  netPerformanceWithCurrencyEffect: Big;
  netPerformancePercentage: Big;
-  currentValue: Big;
+  netPerformancePercentageWithCurrencyEffect: Big;
+  positions: TimelinePosition[];
  totalInvestment: Big;
 }
--- a/apps/api/src/app/portfolio/interfaces/get-value-object.interface.ts
+++ b/apps/api/src/app/portfolio/interfaces/get-value-object.interface.ts
@ -1,5 +1,6 @@
-export interface GetValueObject {
+import { UniqueAsset } from '@ghostfolio/common/interfaces';
+
+export interface GetValueObject extends UniqueAsset {
  date: Date;
-  marketPriceInBaseCurrency: number;
-  symbol: string;
+  marketPrice: number;
 }
--- a/apps/api/src/app/portfolio/interfaces/get-values-params.interface.ts
+++ b/apps/api/src/app/portfolio/interfaces/get-values-params.interface.ts
@ -3,8 +3,6 @@ import { IDataGatheringItem } from '@ghostfolio/api/services/interfaces/interfac
 import { DateQuery } from './date-query.interface';

 export interface GetValuesParams {
-  currencies: { [symbol: string]: string };
  dataGatheringItems: IDataGatheringItem[];
  dateQuery: DateQuery;
-  userCurrency: string;
 }
--- a/apps/api/src/app/portfolio/interfaces/portfolio-calculator.interface.ts
+++ b/apps/api/src/app/portfolio/interfaces/portfolio-calculator.interface.ts
@ -1,5 +1,11 @@
+import Big from 'big.js';
+
 import { PortfolioOrder } from './portfolio-order.interface';

 export interface PortfolioOrderItem extends PortfolioOrder {
-  itemType?: '' | 'start' | 'end';
+  feeInBaseCurrency?: Big;
+  feeInBaseCurrencyWithCurrencyEffect?: Big;
+  itemType?: 'end' | 'start';
+  unitPriceInBaseCurrency?: Big;
+  unitPriceInBaseCurrencyWithCurrencyEffect?: Big;
 }
--- a/apps/api/src/app/portfolio/interfaces/portfolio-order.interface.ts
+++ b/apps/api/src/app/portfolio/interfaces/portfolio-order.interface.ts
@ -1,4 +1,4 @@
-import { DataSource, Type as TypeOfOrder } from '@prisma/client';
+import { DataSource, Tag, Type as ActivityType } from '@prisma/client';
 import Big from 'big.js';

 export interface PortfolioOrder {
@ -9,6 +9,7 @@ export interface PortfolioOrder {
  name: string;
  quantity: Big;
  symbol: string;
-  type: TypeOfOrder;
+  tags?: Tag[];
+  type: ActivityType;
  unitPrice: Big;
 }
--- a/apps/api/src/app/portfolio/interfaces/portfolio-position-detail.interface.ts
+++ b/apps/api/src/app/portfolio/interfaces/portfolio-position-detail.interface.ts
@ -4,9 +4,11 @@ import {
  HistoricalDataItem
 } from '@ghostfolio/common/interfaces';
 import { OrderWithAccount } from '@ghostfolio/common/types';
-import { Tag } from '@prisma/client';
+
+import { Account, Tag } from '@prisma/client';

 export interface PortfolioPositionDetail {
+  accounts: Account[];
  averagePrice: number;
  dataProviderInfo: DataProviderInfo;
  dividendInBaseCurrency: number;
@ -14,6 +16,8 @@ export interface PortfolioPositionDetail {
  firstBuyDate: string;
  grossPerformance: number;
  grossPerformancePercent: number;
+  grossPerformancePercentWithCurrencyEffect: number;
+  grossPerformanceWithCurrencyEffect: number;
  historicalData: HistoricalDataItem[];
  investment: number;
  marketPrice: number;
@ -21,6 +25,8 @@ export interface PortfolioPositionDetail {
  minPrice: number;
  netPerformance: number;
  netPerformancePercent: number;
+  netPerformancePercentWithCurrencyEffect: number;
+  netPerformanceWithCurrencyEffect: number;
  orders: OrderWithAccount[];
  quantity: number;
  SymbolProfile: EnhancedSymbolProfile;
--- a/apps/api/src/app/portfolio/interfaces/timeline-info.interface.ts
+++ b/apps/api/src/app/portfolio/interfaces/timeline-info.interface.ts
@ -1,8 +0,0 @@
-import { TimelinePeriod } from '@ghostfolio/api/app/portfolio/interfaces/timeline-period.interface';
-import Big from 'big.js';
-
-export interface TimelineInfoInterface {
-  maxNetPerformance: Big;
-  minNetPerformance: Big;
-  timelinePeriods: TimelinePeriod[];
-}
--- a/apps/api/src/app/portfolio/interfaces/timeline-period.interface.ts
+++ b/apps/api/src/app/portfolio/interfaces/timeline-period.interface.ts
@ -1,9 +0,0 @@
-import Big from 'big.js';
-
-export interface TimelinePeriod {
-  date: string;
-  grossPerformance: Big;
-  investment: Big;
-  netPerformance: Big;
-  value: Big;
-}
--- a/apps/api/src/app/portfolio/interfaces/timeline-specification.interface.ts
+++ b/apps/api/src/app/portfolio/interfaces/timeline-specification.interface.ts
@ -1,6 +0,0 @@
-export type Accuracy = 'day' | 'month' | 'year';
-
-export interface TimelineSpecification {
-  accuracy: Accuracy;
-  start: string;
-}
--- a/apps/api/src/app/portfolio/interfaces/transaction-point-symbol.interface.ts
+++ b/apps/api/src/app/portfolio/interfaces/transaction-point-symbol.interface.ts
@ -1,13 +1,16 @@
-import { DataSource } from '@prisma/client';
+import { DataSource, Tag } from '@prisma/client';
 import Big from 'big.js';

 export interface TransactionPointSymbol {
+  averagePrice: Big;
  currency: string;
  dataSource: DataSource;
+  dividend: Big;
  fee: Big;
  firstBuyDate: string;
  investment: Big;
  quantity: Big;
  symbol: string;
+  tags?: Tag[];
  transactionCount: number;
 }
--- a/Show More
+++ b/Show More