Release 2.45.0 (#2931 )

Update translations (#2930 )
Feature/extend assistant by account selector (#2929 )
2024-01-27 10:54:35 +01:00 · 2024-01-27 10:53:19 +01:00 · 2024-01-27 10:48:46 +01:00 · 2024-01-27 09:44:13 +01:00 · 2024-01-27 08:46:27 +01:00 · 2024-01-27 08:45:55 +01:00
699 changed files with 145731 additions and 21628 deletions
--- a/.env.example
+++ b/.env.example
@ -11,6 +11,5 @@ POSTGRES_USER=user
 POSTGRES_PASSWORD=<INSERT_POSTGRES_PASSWORD>

 ACCESS_TOKEN_SALT=<INSERT_RANDOM_STRING>
-ALPHA_VANTAGE_API_KEY=
 DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@localhost:5432/${POSTGRES_DB}?connect_timeout=300&sslmode=prefer
 JWT_SECRET_KEY=<INSERT_RANDOM_STRING>
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@ -6,7 +6,13 @@ labels: ''
 assignees: ''
 ---

-The Issue tracker is **ONLY** used for reporting bugs. New features should be discussed on our [Slack channel](https://ghostfolio.slack.com) or in [Discussions](https://github.com/ghostfolio/ghostfolio/discussions).
+**Important Notice**
+
+The issue tracker is **ONLY** used for reporting bugs. New features should be discussed in our [Slack](https://join.slack.com/t/ghostfolio/shared_invite/zt-vsaan64h-F_I0fEo5M0P88lP9ibCxFg) community or in [Discussions](https://github.com/ghostfolio/ghostfolio/discussions).
+
+Incomplete or non-reproducible issues may be closed, but we are here to help! If you encounter difficulties reproducing the bug or need assistance, please reach out to our community channels mentioned above.
+
+Thank you for your understanding and cooperation!

 **Bug Description**

@ -36,10 +42,9 @@ The Issue tracker is **ONLY** used for reporting bugs. New features should be di

 <!-- Please complete the following information -->

- [ ] Cloud
- [ ] Self-hosted
-
 - Ghostfolio Version X.Y.Z
+- Cloud or Self-hosted
+- Experimental Features enabled or disabled
 - Browser
 - OS

--- a/.github/workflows/build-code.yml
+++ b/.github/workflows/build-code.yml
@ -4,6 +4,9 @@ on:
  pull_request:
  workflow_dispatch:

+permissions:
+  contents: read
+
 jobs:
  build:
    runs-on: ubuntu-latest
@ -13,12 +16,12 @@ jobs:
          - 18
    steps:
      - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Use Node.js ${{ matrix.node_version }}
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
        with:
          node-version: ${{ matrix.node_version }}
          cache: 'yarn'
@ -33,4 +36,4 @@ jobs:
        run: yarn test

      - name: Build application
-        run: yarn build:all
+        run: yarn build:production
--- a/.github/workflows/docker-image.yml
+++ b/.github/workflows/docker-image.yml
@ -13,7 +13,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4

      - name: Docker metadata
        id: meta
@ -21,6 +21,7 @@ jobs:
        with:
          images: ghostfolio/ghostfolio
          tags: |
+            type=semver,pattern={{major}}
            type=semver,pattern={{version}}

      - name: Set up QEMU
--- a/.gitignore
+++ b/.gitignore
@ -27,6 +27,7 @@
 /.angular/cache
 .env
 .env.prod
+.nx/cache
 /.sass-cache
 /connect.lock
 /coverage
--- a/.prettierignore
+++ b/.prettierignore
@ -1,2 +1,3 @@
+/.nx/cache
 /dist
 /test/import
--- a/.prettierrc
+++ b/.prettierrc
@ -9,6 +9,7 @@
  ],
  "attributeSort": "ASC",
  "endOfLine": "auto",
+  "plugins": ["prettier-plugin-organize-attributes"],
  "printWidth": 80,
  "singleQuote": true,
  "tabWidth": 2,
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
--- a/DEVELOPMENT.md
+++ b/DEVELOPMENT.md
@ -1,5 +1,17 @@
 # Ghostfolio Development Guide

+## Experimental Features
+
+New functionality can be enabled using a feature flag switch from the user settings.
+
+### Backend
+
+Remove permission in `UserService` using `without()`
+
+### Frontend
+
+Use `*ngIf="user?.settings?.isExperimentalFeatures"` in HTML template
+
 ## Git

 ### Rebase
@ -8,16 +20,28 @@

 ## Dependencies

+### Angular
+
+#### Upgrade (minor versions)
+
+1. Run `npx npm-check-updates --upgrade --target "minor" --filter "/@angular.*/"`
+
 ### Nx

 #### Upgrade

 1. Run `yarn nx migrate latest`
 1. Make sure `package.json` changes make sense and then run `yarn install`
-1. Run `yarn nx migrate --run-migrations`
+1. Run `yarn nx migrate --run-migrations` (Run `YARN_NODE_LINKER="node-modules" NX_MIGRATE_SKIP_INSTALL=1 yarn nx migrate --run-migrations` due to https://github.com/nrwl/nx/issues/16338)

 ### Prisma

+#### Access database via GUI
+
+Run `yarn database:gui`
+
+https://www.prisma.io/studio
+
 #### Synchronize schema with database for prototyping

 Run `yarn database:push`
--- a/7
+++ b/7
@ -13,8 +13,8 @@ COPY ./.yarnrc .yarnrc
 COPY ./prisma/schema.prisma prisma/schema.prisma

 RUN apt update && apt install -y \
-    git \
    g++ \
+    git \
    make \
    openssl \
    python3 \
@ -33,7 +33,7 @@ COPY ./tsconfig.base.json tsconfig.base.json
 COPY ./libs libs
 COPY ./apps apps

-RUN yarn build:all
+RUN yarn build:production

 # Prepare the dist image with additional node_modules
 WORKDIR /ghostfolio/dist/apps/api
@ -52,10 +52,11 @@ RUN yarn database:generate-typings
 # Image to run, copy everything needed from builder
 FROM node:18-slim
 RUN apt update && apt install -y \
+    curl \
    openssl \
    && rm -rf /var/lib/apt/lists/*

 COPY --from=builder /ghostfolio/dist/apps /ghostfolio/apps
 WORKDIR /ghostfolio/apps/api
 EXPOSE ${PORT:-3333}
-CMD [  "yarn", "start:prod" ]
+CMD [ "yarn", "start:production" ]
--- a/README.md
+++ b/README.md
@ -13,6 +13,8 @@
 [![Shield: Contributions Welcome](https://img.shields.io/badge/Contributions-Welcome-orange.svg)](#contributing)
 [![Shield: License: AGPL v3](https://img.shields.io/badge/License-AGPL%20v3-blue.svg)](https://www.gnu.org/licenses/agpl-3.0)

+New: [Ghostfolio 2.0](https://ghostfol.io/en/blog/2023/09/ghostfolio-2)
+
 </div>

 **Ghostfolio** is an open source wealth management software built with web technology. The application empowers busy people to keep track of stocks, ETFs or cryptocurrencies and make solid, data-driven investment decisions. The software is designed for personal use in continuous operation.
@ -25,7 +27,7 @@

 ## Ghostfolio Premium

-Our official **[Ghostfolio Premium](https://ghostfol.io/en/pricing)** cloud offering is the easiest way to get started. Due to the time it saves, this will be the best option for most people. The revenue is used for covering the hosting costs.
+Our official **[Ghostfolio Premium](https://ghostfol.io/en/pricing)** cloud offering is the easiest way to get started. Due to the time it saves, this will be the best option for most people. Revenue is used to cover the costs of the hosting infrastructure and to fund ongoing development.

 If you prefer to run Ghostfolio on your own infrastructure, please find further instructions in the [Self-hosting](#self-hosting) section.

@ -47,7 +49,7 @@ Ghostfolio is for you if you are...

 - ✅ Create, update and delete transactions
 - ✅ Multi account management
- ✅ Portfolio performance for `Today`, `YTD`, `1Y`, `5Y`, `Max`
+- ✅ Portfolio performance: Time-weighted rate of return (TWR) for `Today`, `YTD`, `1Y`, `5Y`, `Max`
 - ✅ Various charts
 - ✅ Static analysis to identify potential risks in your portfolio
 - ✅ Import and export transactions
@ -85,19 +87,22 @@ We provide official container images hosted on [Docker Hub](https://hub.docker.c

 ### Supported Environment Variables

-| Name                | Default Value | Description                                                                                                                         |
-| ------------------- | ------------- | ----------------------------------------------------------------------------------------------------------------------------------- |
-| `ACCESS_TOKEN_SALT` |               | A random string used as salt for access tokens                                                                                      |
-| `DATABASE_URL`      |               | The database connection URL, e.g. `postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@localhost:5432/${POSTGRES_DB}?sslmode=prefer` |
-| `HOST`              | `0.0.0.0`     | The host where the Ghostfolio application will run on                                                                               |
-| `JWT_SECRET_KEY`    |               | A random string used for _JSON Web Tokens_ (JWT)                                                                                    |
-| `PORT`              | `3333`        | The port where the Ghostfolio application will run on                                                                               |
-| `POSTGRES_DB`       |               | The name of the _PostgreSQL_ database                                                                                               |
-| `POSTGRES_PASSWORD` |               | The password of the _PostgreSQL_ database                                                                                           |
-| `POSTGRES_USER`     |               | The user of the _PostgreSQL_ database                                                                                               |
-| `REDIS_HOST`        |               | The host where _Redis_ is running                                                                                                   |
-| `REDIS_PASSWORD`    |               | The password of _Redis_                                                                                                             |
-| `REDIS_PORT`        |               | The port where _Redis_ is running                                                                                                   |
+| Name                     | Default Value | Description                                                                                                                         |
+| ------------------------ | ------------- | ----------------------------------------------------------------------------------------------------------------------------------- |
+| `ACCESS_TOKEN_SALT`      |               | A random string used as salt for access tokens                                                                                      |
+| `API_KEY_COINGECKO_DEMO` |               | The _CoinGecko_ Demo API key                                                                                                        |
+| `API_KEY_COINGECKO_PRO`  |               | The _CoinGecko_ Pro API                                                                                                             |
+| `DATABASE_URL`           |               | The database connection URL, e.g. `postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@localhost:5432/${POSTGRES_DB}?sslmode=prefer` |
+| `HOST`                   | `0.0.0.0`     | The host where the Ghostfolio application will run on                                                                               |
+| `JWT_SECRET_KEY`         |               | A random string used for _JSON Web Tokens_ (JWT)                                                                                    |
+| `PORT`                   | `3333`        | The port where the Ghostfolio application will run on                                                                               |
+| `POSTGRES_DB`            |               | The name of the _PostgreSQL_ database                                                                                               |
+| `POSTGRES_PASSWORD`      |               | The password of the _PostgreSQL_ database                                                                                           |
+| `POSTGRES_USER`          |               | The user of the _PostgreSQL_ database                                                                                               |
+| `REDIS_HOST`             |               | The host where _Redis_ is running                                                                                                   |
+| `REDIS_PASSWORD`         |               | The password of _Redis_                                                                                                             |
+| `REDIS_PORT`             |               | The port where _Redis_ is running                                                                                                   |
+| `REQUEST_TIMEOUT`        | `2000`        | The timeout of network requests to data providers in milliseconds                                                                   |

 ### Run with Docker Compose

@ -113,7 +118,7 @@ We provide official container images hosted on [Docker Hub](https://hub.docker.c
 Run the following command to start the Docker images from [Docker Hub](https://hub.docker.com/r/ghostfolio/ghostfolio):

 ```bash
-docker-compose --env-file ./.env -f docker/docker-compose.yml up -d
+docker compose --env-file ./.env -f docker/docker-compose.yml up -d
 ```

 #### b. Build and run environment
@ -121,8 +126,8 @@ docker-compose --env-file ./.env -f docker/docker-compose.yml up -d
 Run the following commands to build and start the Docker images:

 ```bash
-docker-compose --env-file ./.env -f docker/docker-compose.build.yml build
-docker-compose --env-file ./.env -f docker/docker-compose.build.yml up -d
+docker compose --env-file ./.env -f docker/docker-compose.build.yml build
+docker compose --env-file ./.env -f docker/docker-compose.build.yml up -d
 ```

 #### Setup
@ -133,12 +138,12 @@ docker-compose --env-file ./.env -f docker/docker-compose.build.yml up -d
 #### Upgrade Version

 1. Increase the version of the `ghostfolio/ghostfolio` Docker image in `docker/docker-compose.yml`
-1. Run the following command to start the new Docker image: `docker-compose --env-file ./.env -f docker/docker-compose.yml up -d`  
+1. Run the following command to start the new Docker image: `docker compose --env-file ./.env -f docker/docker-compose.yml up -d`  
   At each start, the container will automatically apply the database schema migrations if needed.

-### Run with _Unraid_ (Community)
+### Home Server Systems (Community)

-Please follow the instructions of the Ghostfolio [Unraid Community App](https://unraid.net/community/apps?q=ghostfolio).
+Ghostfolio is available for various home server systems, including [Runtipi](https://www.runtipi.io/docs/apps-available), [TrueCharts](https://truecharts.org/charts/stable/ghostfolio), [Umbrel](https://apps.umbrel.com/app/ghostfolio), and [Unraid](https://unraid.net/community/apps?q=ghostfolio).

 ## Development

@ -153,9 +158,9 @@ Please follow the instructions of the Ghostfolio [Unraid Community App](https://
 ### Setup

 1. Run `yarn install`
-1. Run `yarn build:dev` to build the source code including the assets
-1. Run `docker-compose --env-file ./.env -f docker/docker-compose.dev.yml up -d` to start [PostgreSQL](https://www.postgresql.org) and [Redis](https://redis.io)
+1. Run `docker compose --env-file ./.env -f docker/docker-compose.dev.yml up -d` to start [PostgreSQL](https://www.postgresql.org) and [Redis](https://redis.io)
 1. Run `yarn database:setup` to initialize the database schema
+1. Run `git config core.hooksPath ./git-hooks/` to setup git hooks
 1. Start the server and the client (see [_Development_](#Development))
 1. Open http://localhost:4200/en in your browser
 1. Create a new user via _Get Started_ (this first user will get the role `ADMIN`)
@ -164,7 +169,7 @@ Please follow the instructions of the Ghostfolio [Unraid Community App](https://

 #### Debug

-Run `yarn watch:server` and click _Launch Program_ in [Visual Studio Code](https://code.visualstudio.com)
+Run `yarn watch:server` and click _Debug API_ in [Visual Studio Code](https://code.visualstudio.com)

 #### Serve

@ -229,18 +234,18 @@ Deprecated: `GET http://localhost:3333/api/v1/auth/anonymous/<INSERT_SECURITY_TO
 }
 ```

-| Field      | Type                | Description                                        |
-| ---------- | ------------------- | -------------------------------------------------- |
-| accountId  | string (`optional`) | Id of the account                                  |
-| comment    | string (`optional`) | Comment of the activity                            |
-| currency   | string              | `CHF` \| `EUR` \| `USD` etc.                       |
-| dataSource | string              | `MANUAL` (for type `ITEM`) \| `YAHOO`              |
-| date       | string              | Date in the format `ISO-8601`                      |
-| fee        | number              | Fee of the activity                                |
-| quantity   | number              | Quantity of the activity                           |
-| symbol     | string              | Symbol of the activity (suitable for `dataSource`) |
-| type       | string              | `BUY` \| `DIVIDEND` \| `ITEM` \| `SELL`            |
-| unitPrice  | number              | Price per unit of the activity                     |
+| Field      | Type                | Description                                                                   |
+| ---------- | ------------------- | ----------------------------------------------------------------------------- |
+| accountId  | string (`optional`) | Id of the account                                                             |
+| comment    | string (`optional`) | Comment of the activity                                                       |
+| currency   | string              | `CHF` \| `EUR` \| `USD` etc.                                                  |
+| dataSource | string              | `COINGECKO` \| `MANUAL` (for type `ITEM`) \| `YAHOO`                          |
+| date       | string              | Date in the format `ISO-8601`                                                 |
+| fee        | number              | Fee of the activity                                                           |
+| quantity   | number              | Quantity of the activity                                                      |
+| symbol     | string              | Symbol of the activity (suitable for `dataSource`)                            |
+| type       | string              | `BUY` \| `DIVIDEND` \| `FEE` \| `INTEREST` \| `ITEM` \| `LIABILITY` \| `SELL` |
+| unitPrice  | number              | Price per unit of the activity                                                |

 #### Response

@ -263,18 +268,20 @@ Deprecated: `GET http://localhost:3333/api/v1/auth/anonymous/<INSERT_SECURITY_TO

 ## Community Projects

- [ghostfolio-cli](https://github.com/DerAndereJohannes/ghostfolio-cli): Command-line interface to access your portfolio
+Discover a variety of community projects for Ghostfolio: https://github.com/topics/ghostfolio
+
+Are you building your own project? Add the `ghostfolio` topic to your _GitHub_ repository to get listed as well. [Learn more →](https://docs.github.com/en/articles/classifying-your-repository-with-topics)

 ## Contributing

 Ghostfolio is **100% free** and **open source**. We encourage and support an active and healthy community that accepts contributions from the public - including you.

-Not sure what to work on? We have got some ideas. Please join the Ghostfolio [Slack](https://join.slack.com/t/ghostfolio/shared_invite/zt-vsaan64h-F_I0fEo5M0P88lP9ibCxFg) channel or tweet to [@ghostfolio\_](https://twitter.com/ghostfolio_). We would love to hear from you.
+Not sure what to work on? We have got some ideas. Please join the Ghostfolio [Slack](https://join.slack.com/t/ghostfolio/shared_invite/zt-vsaan64h-F_I0fEo5M0P88lP9ibCxFg) channel or post to [@ghostfolio\_](https://twitter.com/ghostfolio_) on _X_. We would love to hear from you.

 If you like to support this project, get [**Ghostfolio Premium**](https://ghostfol.io/en/pricing) or [**Buy me a coffee**](https://www.buymeacoffee.com/ghostfolio).

 ## License

-© 2021 - 2023 [Ghostfolio](https://ghostfol.io)
+© 2021 - 2024 [Ghostfolio](https://ghostfol.io)

 Licensed under the [AGPLv3 License](https://www.gnu.org/licenses/agpl-3.0.html).
--- a/apps/api/project.json
+++ b/apps/api/project.json
@ -7,14 +7,15 @@
  "generators": {},
  "targets": {
    "build": {
-      "executor": "@nrwl/webpack:webpack",
+      "executor": "@nx/webpack:webpack",
      "options": {
        "outputPath": "dist/apps/api",
        "main": "apps/api/src/main.ts",
        "tsConfig": "apps/api/tsconfig.app.json",
        "assets": ["apps/api/src/assets"],
        "target": "node",
-        "compiler": "tsc"
+        "compiler": "tsc",
+        "webpackConfig": "apps/api/webpack.config.js"
      },
      "configurations": {
        "production": {
@ -33,13 +34,13 @@
      "outputs": ["{options.outputPath}"]
    },
    "serve": {
-      "executor": "@nx/node:node",
+      "executor": "@nx/js:node",
      "options": {
        "buildTarget": "api:build"
      }
    },
    "lint": {
-      "executor": "@nrwl/linter:eslint",
+      "executor": "@nx/eslint:lint",
      "options": {
        "lintFilePatterns": ["apps/api/**/*.ts"]
      }
@ -47,8 +48,7 @@
    "test": {
      "executor": "@nx/jest:jest",
      "options": {
-        "jestConfig": "apps/api/jest.config.ts",
-        "passWithNoTests": true
+        "jestConfig": "apps/api/jest.config.ts"
      },
      "outputs": ["{workspaceRoot}/coverage/apps/api"]
    }
--- a/apps/api/src/app/access/access.controller.ts
+++ b/apps/api/src/app/access/access.controller.ts
@ -1,5 +1,8 @@
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
 import { Access } from '@ghostfolio/common/interfaces';
-import { hasPermission, permissions } from '@ghostfolio/common/permissions';
+import { permissions } from '@ghostfolio/common/permissions';
 import type { RequestWithUser } from '@ghostfolio/common/types';
 import {
  Body,
@ -17,7 +20,6 @@ import { AuthGuard } from '@nestjs/passport';
 import { Access as AccessModel } from '@prisma/client';
 import { StatusCodes, getReasonPhrase } from 'http-status-codes';

-import { AccessModule } from './access.module';
 import { AccessService } from './access.service';
 import { CreateAccessDto } from './create-access.dto';

@ -25,11 +27,12 @@ import { CreateAccessDto } from './create-access.dto';
 export class AccessController {
  public constructor(
    private readonly accessService: AccessService,
+    private readonly configurationService: ConfigurationService,
    @Inject(REQUEST) private readonly request: RequestWithUser
  ) {}

  @Get()
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async getAllAccesses(): Promise<Access[]> {
    const accessesWithGranteeUser = await this.accessService.accesses({
      include: {
@ -39,32 +42,38 @@ export class AccessController {
      where: { userId: this.request.user.id }
    });

-    return accessesWithGranteeUser.map((access) => {
-      if (access.GranteeUser) {
+    return accessesWithGranteeUser.map(
+      ({ alias, GranteeUser, id, permissions }) => {
+        if (GranteeUser) {
+          return {
+            alias,
+            id,
+            permissions,
+            grantee: GranteeUser?.id,
+            type: 'PRIVATE'
+          };
+        }
+
        return {
-          alias: access.alias,
-          grantee: access.GranteeUser?.id,
-          id: access.id,
-          type: 'RESTRICTED_VIEW'
+          alias,
+          id,
+          permissions,
+          grantee: 'Public',
+          type: 'PUBLIC'
        };
      }
-
-      return {
-        alias: access.alias,
-        grantee: 'Public',
-        id: access.id,
-        type: 'PUBLIC'
-      };
-    });
+    );
  }

+  @HasPermission(permissions.createAccess)
  @Post()
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async createAccess(
    @Body() data: CreateAccessDto
  ): Promise<AccessModel> {
    if (
-      !hasPermission(this.request.user.permissions, permissions.createAccess)
+      this.configurationService.get('ENABLE_FEATURE_SUBSCRIPTION') &&
+      this.request.user.subscription.type === 'Basic'
    ) {
      throw new HttpException(
        getReasonPhrase(StatusCodes.FORBIDDEN),
@ -72,25 +81,30 @@ export class AccessController {
      );
    }

-    return this.accessService.createAccess({
-      alias: data.alias || undefined,
-      GranteeUser: data.granteeUserId
-        ? { connect: { id: data.granteeUserId } }
-        : undefined,
-      User: { connect: { id: this.request.user.id } }
-    });
+    try {
+      return await this.accessService.createAccess({
+        alias: data.alias || undefined,
+        GranteeUser: data.granteeUserId
+          ? { connect: { id: data.granteeUserId } }
+          : undefined,
+        permissions: data.permissions,
+        User: { connect: { id: this.request.user.id } }
+      });
+    } catch {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.BAD_REQUEST),
+        StatusCodes.BAD_REQUEST
+      );
+    }
  }

  @Delete(':id')
-  @UseGuards(AuthGuard('jwt'))
-  public async deleteAccess(@Param('id') id: string): Promise<AccessModule> {
+  @HasPermission(permissions.deleteAccess)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async deleteAccess(@Param('id') id: string): Promise<AccessModel> {
    const access = await this.accessService.access({ id });

-    if (
-      !hasPermission(this.request.user.permissions, permissions.deleteAccess) ||
-      !access ||
-      access.userId !== this.request.user.id
-    ) {
+    if (!access || access.userId !== this.request.user.id) {
      throw new HttpException(
        getReasonPhrase(StatusCodes.FORBIDDEN),
        StatusCodes.FORBIDDEN
--- a/apps/api/src/app/access/access.module.ts
+++ b/apps/api/src/app/access/access.module.ts
@ -1,3 +1,4 @@
+import { ConfigurationModule } from '@ghostfolio/api/services/configuration/configuration.module';
 import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
 import { Module } from '@nestjs/common';

@ -7,7 +8,7 @@ import { AccessService } from './access.service';
@Module({
  controllers: [AccessController],
  exports: [AccessService],
-  imports: [PrismaModule],
+  imports: [ConfigurationModule, PrismaModule],
  providers: [AccessService]
 })
 export class AccessModule {}
--- a/apps/api/src/app/access/create-access.dto.ts
+++ b/apps/api/src/app/access/create-access.dto.ts
@ -1,4 +1,5 @@
-import { IsOptional, IsString } from 'class-validator';
+import { AccessPermission } from '@prisma/client';
+import { IsEnum, IsOptional, IsString, IsUUID } from 'class-validator';

 export class CreateAccessDto {
  @IsOptional()
@ -6,6 +7,10 @@ export class CreateAccessDto {
  alias?: string;

  @IsOptional()
-  @IsString()
+  @IsUUID()
  granteeUserId?: string;
+
+  @IsEnum(AccessPermission, { each: true })
+  @IsOptional()
+  permissions?: AccessPermission[];
 }
--- a/apps/api/src/app/account-balance/account-balance.controller.ts
+++ b/apps/api/src/app/account-balance/account-balance.controller.ts
@ -0,0 +1,48 @@
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import { permissions } from '@ghostfolio/common/permissions';
+import type { RequestWithUser } from '@ghostfolio/common/types';
+import {
+  Controller,
+  Delete,
+  HttpException,
+  Inject,
+  Param,
+  UseGuards
+} from '@nestjs/common';
+import { REQUEST } from '@nestjs/core';
+import { AuthGuard } from '@nestjs/passport';
+import { AccountBalance } from '@prisma/client';
+import { StatusCodes, getReasonPhrase } from 'http-status-codes';
+
+import { AccountBalanceService } from './account-balance.service';
+
+@Controller('account-balance')
+export class AccountBalanceController {
+  public constructor(
+    private readonly accountBalanceService: AccountBalanceService,
+    @Inject(REQUEST) private readonly request: RequestWithUser
+  ) {}
+
+  @HasPermission(permissions.deleteAccountBalance)
+  @Delete(':id')
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async deleteAccountBalance(
+    @Param('id') id: string
+  ): Promise<AccountBalance> {
+    const accountBalance = await this.accountBalanceService.accountBalance({
+      id
+    });
+
+    if (!accountBalance || accountBalance.userId !== this.request.user.id) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.FORBIDDEN),
+        StatusCodes.FORBIDDEN
+      );
+    }
+
+    return this.accountBalanceService.deleteAccountBalance({
+      id
+    });
+  }
+}
--- a/apps/api/src/app/account-balance/account-balance.module.ts
+++ b/apps/api/src/app/account-balance/account-balance.module.ts
@ -0,0 +1,14 @@
+import { ExchangeRateDataModule } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.module';
+import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
+import { Module } from '@nestjs/common';
+
+import { AccountBalanceController } from './account-balance.controller';
+import { AccountBalanceService } from './account-balance.service';
+
+@Module({
+  controllers: [AccountBalanceController],
+  exports: [AccountBalanceService],
+  imports: [ExchangeRateDataModule, PrismaModule],
+  providers: [AccountBalanceService]
+})
+export class AccountBalanceModule {}
--- a/apps/api/src/app/account-balance/account-balance.service.ts
+++ b/apps/api/src/app/account-balance/account-balance.service.ts
@ -0,0 +1,91 @@
+import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
+import { PrismaService } from '@ghostfolio/api/services/prisma/prisma.service';
+import { AccountBalancesResponse, Filter } from '@ghostfolio/common/interfaces';
+import { UserWithSettings } from '@ghostfolio/common/types';
+import { Injectable } from '@nestjs/common';
+import { AccountBalance, Prisma } from '@prisma/client';
+
+@Injectable()
+export class AccountBalanceService {
+  public constructor(
+    private readonly exchangeRateDataService: ExchangeRateDataService,
+    private readonly prismaService: PrismaService
+  ) {}
+
+  public async accountBalance(
+    accountBalanceWhereInput: Prisma.AccountBalanceWhereInput
+  ): Promise<AccountBalance | null> {
+    return this.prismaService.accountBalance.findFirst({
+      include: {
+        Account: true
+      },
+      where: accountBalanceWhereInput
+    });
+  }
+
+  public async createAccountBalance(
+    data: Prisma.AccountBalanceCreateInput
+  ): Promise<AccountBalance> {
+    return this.prismaService.accountBalance.create({
+      data
+    });
+  }
+
+  public async deleteAccountBalance(
+    where: Prisma.AccountBalanceWhereUniqueInput
+  ): Promise<AccountBalance> {
+    return this.prismaService.accountBalance.delete({
+      where
+    });
+  }
+
+  public async getAccountBalances({
+    filters,
+    user,
+    withExcludedAccounts
+  }: {
+    filters?: Filter[];
+    user: UserWithSettings;
+    withExcludedAccounts?: boolean;
+  }): Promise<AccountBalancesResponse> {
+    const where: Prisma.AccountBalanceWhereInput = { userId: user.id };
+
+    const accountFilter = filters?.find(({ type }) => {
+      return type === 'ACCOUNT';
+    });
+
+    if (accountFilter) {
+      where.accountId = accountFilter.id;
+    }
+
+    if (withExcludedAccounts === false) {
+      where.Account = { isExcluded: false };
+    }
+
+    const balances = await this.prismaService.accountBalance.findMany({
+      where,
+      orderBy: {
+        date: 'asc'
+      },
+      select: {
+        Account: true,
+        date: true,
+        id: true,
+        value: true
+      }
+    });
+
+    return {
+      balances: balances.map((balance) => {
+        return {
+          ...balance,
+          valueInBaseCurrency: this.exchangeRateDataService.toCurrency(
+            balance.value,
+            balance.Account.currency,
+            user.Settings.settings.baseCurrency
+          )
+        };
+      })
+    };
+  }
+}
--- a/apps/api/src/app/account/account.controller.ts
+++ b/apps/api/src/app/account/account.controller.ts
@ -1,9 +1,15 @@
+import { AccountBalanceService } from '@ghostfolio/api/app/account-balance/account-balance.service';
 import { PortfolioService } from '@ghostfolio/api/app/portfolio/portfolio.service';
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
 import { RedactValuesInResponseInterceptor } from '@ghostfolio/api/interceptors/redact-values-in-response.interceptor';
 import { ImpersonationService } from '@ghostfolio/api/services/impersonation/impersonation.service';
 import { HEADER_KEY_IMPERSONATION } from '@ghostfolio/common/config';
-import { Accounts } from '@ghostfolio/common/interfaces';
-import { hasPermission, permissions } from '@ghostfolio/common/permissions';
+import {
+  AccountBalancesResponse,
+  Accounts
+} from '@ghostfolio/common/interfaces';
+import { permissions } from '@ghostfolio/common/permissions';
 import type {
  AccountWithValue,
  RequestWithUser
@ -29,11 +35,13 @@ import { StatusCodes, getReasonPhrase } from 'http-status-codes';

 import { AccountService } from './account.service';
 import { CreateAccountDto } from './create-account.dto';
+import { TransferBalanceDto } from './transfer-balance.dto';
 import { UpdateAccountDto } from './update-account.dto';

@Controller('account')
 export class AccountController {
  public constructor(
+    private readonly accountBalanceService: AccountBalanceService,
    private readonly accountService: AccountService,
    private readonly impersonationService: ImpersonationService,
    private readonly portfolioService: PortfolioService,
@ -41,17 +49,9 @@ export class AccountController {
  ) {}

  @Delete(':id')
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.deleteAccount)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async deleteAccount(@Param('id') id: string): Promise<AccountModel> {
-    if (
-      !hasPermission(this.request.user.permissions, permissions.deleteAccount)
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    const account = await this.accountService.accountWithOrders(
      {
        id_userId: {
@ -81,7 +81,7 @@ export class AccountController {
  }

  @Get()
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  @UseInterceptors(RedactValuesInResponseInterceptor)
  public async getAllAccounts(
    @Headers(HEADER_KEY_IMPERSONATION.toLowerCase()) impersonationId
@ -96,7 +96,7 @@ export class AccountController {
  }

  @Get(':id')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  @UseInterceptors(RedactValuesInResponseInterceptor)
  public async getAccountById(
    @Headers(HEADER_KEY_IMPERSONATION.toLowerCase()) impersonationId,
@ -115,20 +115,24 @@ export class AccountController {
    return accountsWithAggregations.accounts[0];
  }

+  @Get(':id/balances')
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  @UseInterceptors(RedactValuesInResponseInterceptor)
+  public async getAccountBalancesById(
+    @Param('id') id: string
+  ): Promise<AccountBalancesResponse> {
+    return this.accountBalanceService.getAccountBalances({
+      filters: [{ id, type: 'ACCOUNT' }],
+      user: this.request.user
+    });
+  }
+
+  @HasPermission(permissions.createAccount)
  @Post()
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async createAccount(
    @Body() data: CreateAccountDto
  ): Promise<AccountModel> {
-    if (
-      !hasPermission(this.request.user.permissions, permissions.createAccount)
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    if (data.platformId) {
      const platformId = data.platformId;
      delete data.platformId;
@ -154,18 +158,64 @@ export class AccountController {
    }
  }

-  @Put(':id')
-  @UseGuards(AuthGuard('jwt'))
-  public async update(@Param('id') id: string, @Body() data: UpdateAccountDto) {
-    if (
-      !hasPermission(this.request.user.permissions, permissions.updateAccount)
-    ) {
+  @HasPermission(permissions.updateAccount)
+  @Post('transfer-balance')
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async transferAccountBalance(
+    @Body() { accountIdFrom, accountIdTo, balance }: TransferBalanceDto
+  ) {
+    const accountsOfUser = await this.accountService.getAccounts(
+      this.request.user.id
+    );
+
+    const accountFrom = accountsOfUser.find(({ id }) => {
+      return id === accountIdFrom;
+    });
+
+    const accountTo = accountsOfUser.find(({ id }) => {
+      return id === accountIdTo;
+    });
+
+    if (!accountFrom || !accountTo) {
      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
+        getReasonPhrase(StatusCodes.NOT_FOUND),
+        StatusCodes.NOT_FOUND
      );
    }

+    if (accountFrom.id === accountTo.id) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.BAD_REQUEST),
+        StatusCodes.BAD_REQUEST
+      );
+    }
+
+    if (accountFrom.balance < balance) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.BAD_REQUEST),
+        StatusCodes.BAD_REQUEST
+      );
+    }
+
+    await this.accountService.updateAccountBalance({
+      accountId: accountFrom.id,
+      amount: -balance,
+      currency: accountFrom.currency,
+      userId: this.request.user.id
+    });
+
+    await this.accountService.updateAccountBalance({
+      accountId: accountTo.id,
+      amount: balance,
+      currency: accountFrom.currency,
+      userId: this.request.user.id
+    });
+  }
+
+  @HasPermission(permissions.updateAccount)
+  @Put(':id')
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async update(@Param('id') id: string, @Body() data: UpdateAccountDto) {
    const originalAccount = await this.accountService.account({
      id_userId: {
        id,
--- a/apps/api/src/app/account/account.module.ts
+++ b/apps/api/src/app/account/account.module.ts
@ -1,3 +1,4 @@
+import { AccountBalanceModule } from '@ghostfolio/api/app/account-balance/account-balance.module';
 import { PortfolioModule } from '@ghostfolio/api/app/portfolio/portfolio.module';
 import { RedisCacheModule } from '@ghostfolio/api/app/redis-cache/redis-cache.module';
 import { UserModule } from '@ghostfolio/api/app/user/user.module';
@ -15,6 +16,7 @@ import { AccountService } from './account.service';
  controllers: [AccountController],
  exports: [AccountService],
  imports: [
+    AccountBalanceModule,
    ConfigurationModule,
    DataProviderModule,
    ExchangeRateDataModule,
--- a/apps/api/src/app/account/account.service.ts
+++ b/apps/api/src/app/account/account.service.ts
@ -1,3 +1,4 @@
+import { AccountBalanceService } from '@ghostfolio/api/app/account-balance/account-balance.service';
 import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
 import { PrismaService } from '@ghostfolio/api/services/prisma/prisma.service';
 import { Filter } from '@ghostfolio/common/interfaces';
@ -11,16 +12,21 @@ import { CashDetails } from './interfaces/cash-details.interface';
@Injectable()
 export class AccountService {
  public constructor(
+    private readonly accountBalanceService: AccountBalanceService,
    private readonly exchangeRateDataService: ExchangeRateDataService,
    private readonly prismaService: PrismaService
  ) {}

-  public async account(
-    accountWhereUniqueInput: Prisma.AccountWhereUniqueInput
-  ): Promise<Account | null> {
-    return this.prismaService.account.findUnique({
-      where: accountWhereUniqueInput
+  public async account({
+    id_userId
+  }: Prisma.AccountWhereUniqueInput): Promise<Account | null> {
+    const { id, userId } = id_userId;
+
+    const [account] = await this.accounts({
+      where: { id, userId }
    });
+
+    return account;
  }

  public async accountWithOrders(
@ -50,9 +56,11 @@ export class AccountService {
      Platform?: Platform;
    })[]
  > {
-    const { include, skip, take, cursor, where, orderBy } = params;
+    const { include = {}, skip, take, cursor, where, orderBy } = params;

-    return this.prismaService.account.findMany({
+    include.balances = { orderBy: { date: 'desc' }, take: 1 };
+
+    const accounts = await this.prismaService.account.findMany({
      cursor,
      include,
      orderBy,
@ -60,15 +68,36 @@ export class AccountService {
      take,
      where
    });
+
+    return accounts.map((account) => {
+      account = { ...account, balance: account.balances[0]?.value ?? 0 };
+
+      delete account.balances;
+
+      return account;
+    });
  }

  public async createAccount(
    data: Prisma.AccountCreateInput,
    aUserId: string
  ): Promise<Account> {
-    return this.prismaService.account.create({
+    const account = await this.prismaService.account.create({
      data
    });
+
+    await this.prismaService.accountBalance.create({
+      data: {
+        Account: {
+          connect: {
+            id_userId: { id: account.id, userId: aUserId }
+          }
+        },
+        value: data.balance
+      }
+    });
+
+    return account;
  }

  public async deleteAccount(
@ -80,7 +109,7 @@ export class AccountService {
    });
  }

-  public async getAccounts(aUserId: string) {
+  public async getAccounts(aUserId: string): Promise<Account[]> {
    const accounts = await this.accounts({
      include: { Order: true, Platform: true },
      orderBy: { name: 'asc' },
@ -167,6 +196,18 @@ export class AccountService {
    aUserId: string
  ): Promise<Account> {
    const { data, where } = params;
+
+    await this.prismaService.accountBalance.create({
+      data: {
+        Account: {
+          connect: {
+            id_userId: where.id_userId
+          }
+        },
+        value: <number>data.balance
+      }
+    });
+
    return this.prismaService.account.update({
      data,
      where
@ -177,13 +218,13 @@ export class AccountService {
    accountId,
    amount,
    currency,
-    date,
+    date = new Date(),
    userId
  }: {
    accountId: string;
    amount: number;
    currency: string;
-    date: Date;
+    date?: Date;
    userId: string;
  }) {
    const { balance, currency: currencyOfAccount } = await this.account({
@ -202,16 +243,17 @@ export class AccountService {
      );

    if (amountInCurrencyOfAccount) {
-      await this.prismaService.account.update({
-        data: {
-          balance: new Big(balance).plus(amountInCurrencyOfAccount).toNumber()
-        },
-        where: {
-          id_userId: {
-            userId,
-            id: accountId
+      await this.accountBalanceService.createAccountBalance({
+        date,
+        Account: {
+          connect: {
+            id_userId: {
+              userId,
+              id: accountId
+            }
          }
-        }
+        },
+        value: new Big(balance).plus(amountInCurrencyOfAccount).toNumber()
      });
    }
  }
--- a/apps/api/src/app/account/create-account.dto.ts
+++ b/apps/api/src/app/account/create-account.dto.ts
@ -1,4 +1,3 @@
-import { AccountType } from '@prisma/client';
 import { Transform, TransformFnParams } from 'class-transformer';
 import {
  IsBoolean,
@ -10,9 +9,6 @@ import {
 import { isString } from 'lodash';

 export class CreateAccountDto {
-  @IsString()
-  accountType: AccountType;
-
  @IsNumber()
  balance: number;

--- a/apps/api/src/app/account/transfer-balance.dto.ts
+++ b/apps/api/src/app/account/transfer-balance.dto.ts
@ -0,0 +1,13 @@
+import { IsNumber, IsPositive, IsString } from 'class-validator';
+
+export class TransferBalanceDto {
+  @IsString()
+  accountIdFrom: string;
+
+  @IsString()
+  accountIdTo: string;
+
+  @IsNumber()
+  @IsPositive()
+  balance: number;
+}
--- a/apps/api/src/app/account/update-account.dto.ts
+++ b/apps/api/src/app/account/update-account.dto.ts
@ -1,4 +1,3 @@
-import { AccountType } from '@prisma/client';
 import { Transform, TransformFnParams } from 'class-transformer';
 import {
  IsBoolean,
@ -10,9 +9,6 @@ import {
 import { isString } from 'lodash';

 export class UpdateAccountDto {
-  @IsString()
-  accountType: AccountType;
-
  @IsNumber()
  balance: number;

--- a/apps/api/src/app/admin/admin.controller.ts
+++ b/apps/api/src/app/admin/admin.controller.ts
@ -1,19 +1,30 @@
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import { TransformDataSourceInRequestInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-request.interceptor';
+import { ApiService } from '@ghostfolio/api/services/api/api.service';
 import { DataGatheringService } from '@ghostfolio/api/services/data-gathering/data-gathering.service';
+import { ManualService } from '@ghostfolio/api/services/data-provider/manual/manual.service';
 import { MarketDataService } from '@ghostfolio/api/services/market-data/market-data.service';
 import { PropertyDto } from '@ghostfolio/api/services/property/property.dto';
 import {
  GATHER_ASSET_PROFILE_PROCESS,
  GATHER_ASSET_PROFILE_PROCESS_OPTIONS
 } from '@ghostfolio/common/config';
+import {
+  getAssetProfileIdentifier,
+  resetHours
+} from '@ghostfolio/common/helper';
 import {
  AdminData,
  AdminMarketData,
  AdminMarketDataDetails,
-  EnhancedSymbolProfile,
-  Filter
+  EnhancedSymbolProfile
 } from '@ghostfolio/common/interfaces';
-import { hasPermission, permissions } from '@ghostfolio/common/permissions';
-import type { RequestWithUser } from '@ghostfolio/common/types';
+import { permissions } from '@ghostfolio/common/permissions';
+import type {
+  MarketDataPreset,
+  RequestWithUser
+} from '@ghostfolio/common/types';
 import {
  Body,
  Controller,
@ -21,83 +32,55 @@ import {
  Get,
  HttpException,
  Inject,
+  Logger,
  Param,
  Patch,
  Post,
  Put,
  Query,
-  UseGuards
+  UseGuards,
+  UseInterceptors
 } from '@nestjs/common';
 import { REQUEST } from '@nestjs/core';
 import { AuthGuard } from '@nestjs/passport';
-import { DataSource, MarketData } from '@prisma/client';
-import { isDate } from 'date-fns';
+import { DataSource, MarketData, Prisma, SymbolProfile } from '@prisma/client';
+import { isDate, parseISO } from 'date-fns';
 import { StatusCodes, getReasonPhrase } from 'http-status-codes';

 import { AdminService } from './admin.service';
 import { UpdateAssetProfileDto } from './update-asset-profile.dto';
+import { UpdateBulkMarketDataDto } from './update-bulk-market-data.dto';
 import { UpdateMarketDataDto } from './update-market-data.dto';

@Controller('admin')
 export class AdminController {
  public constructor(
    private readonly adminService: AdminService,
+    private readonly apiService: ApiService,
    private readonly dataGatheringService: DataGatheringService,
+    private readonly manualService: ManualService,
    private readonly marketDataService: MarketDataService,
    @Inject(REQUEST) private readonly request: RequestWithUser
  ) {}

  @Get()
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.accessAdminControl)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async getAdminData(): Promise<AdminData> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    return this.adminService.get();
  }

+  @HasPermission(permissions.accessAdminControl)
  @Post('gather')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async gather7Days(): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    this.dataGatheringService.gather7Days();
  }

+  @HasPermission(permissions.accessAdminControl)
  @Post('gather/max')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async gatherMax(): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    const uniqueAssets = await this.dataGatheringService.getUniqueAssets();

    await this.dataGatheringService.addJobsToQueue(
@ -110,7 +93,7 @@ export class AdminController {
          name: GATHER_ASSET_PROFILE_PROCESS,
          opts: {
            ...GATHER_ASSET_PROFILE_PROCESS_OPTIONS,
-            jobId: `${dataSource}-${symbol}`
+            jobId: getAssetProfileIdentifier({ dataSource, symbol })
          }
        };
      })
@ -119,21 +102,10 @@ export class AdminController {
    this.dataGatheringService.gatherMax();
  }

+  @HasPermission(permissions.accessAdminControl)
  @Post('gather/profile-data')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async gatherProfileData(): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    const uniqueAssets = await this.dataGatheringService.getUniqueAssets();

    await this.dataGatheringService.addJobsToQueue(
@ -146,31 +118,20 @@ export class AdminController {
          name: GATHER_ASSET_PROFILE_PROCESS,
          opts: {
            ...GATHER_ASSET_PROFILE_PROCESS_OPTIONS,
-            jobId: `${dataSource}-${symbol}`
+            jobId: getAssetProfileIdentifier({ dataSource, symbol })
          }
        };
      })
    );
  }

+  @HasPermission(permissions.accessAdminControl)
  @Post('gather/profile-data/:dataSource/:symbol')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async gatherProfileDataForSymbol(
    @Param('dataSource') dataSource: DataSource,
    @Param('symbol') symbol: string
  ): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    await this.dataGatheringService.addJobToQueue({
      data: {
        dataSource,
@ -179,54 +140,32 @@ export class AdminController {
      name: GATHER_ASSET_PROFILE_PROCESS,
      opts: {
        ...GATHER_ASSET_PROFILE_PROCESS_OPTIONS,
-        jobId: `${dataSource}-${symbol}`
+        jobId: getAssetProfileIdentifier({ dataSource, symbol })
      }
    });
  }

  @Post('gather/:dataSource/:symbol')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  @HasPermission(permissions.accessAdminControl)
  public async gatherSymbol(
    @Param('dataSource') dataSource: DataSource,
    @Param('symbol') symbol: string
  ): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    this.dataGatheringService.gatherSymbol({ dataSource, symbol });

    return;
  }

+  @HasPermission(permissions.accessAdminControl)
  @Post('gather/:dataSource/:symbol/:dateString')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async gatherSymbolForDate(
    @Param('dataSource') dataSource: DataSource,
    @Param('dateString') dateString: string,
    @Param('symbol') symbol: string
  ): Promise<MarketData> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
-    const date = new Date(dateString);
+    const date = parseISO(dateString);

    if (!isDate(date)) {
      throw new HttpException(
@ -243,78 +182,102 @@ export class AdminController {
  }

  @Get('market-data')
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.accessAdminControl)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async getMarketData(
-    @Query('assetSubClasses') filterByAssetSubClasses?: string
+    @Query('assetSubClasses') filterByAssetSubClasses?: string,
+    @Query('presetId') presetId?: MarketDataPreset,
+    @Query('query') filterBySearchQuery?: string,
+    @Query('skip') skip?: number,
+    @Query('sortColumn') sortColumn?: string,
+    @Query('sortDirection') sortDirection?: Prisma.SortOrder,
+    @Query('take') take?: number
  ): Promise<AdminMarketData> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
+    const filters = this.apiService.buildFiltersFromQueryParams({
+      filterByAssetSubClasses,
+      filterBySearchQuery
+    });

-    const assetSubClasses = filterByAssetSubClasses?.split(',') ?? [];
-
-    const filters: Filter[] = [
-      ...assetSubClasses.map((assetSubClass) => {
-        return <Filter>{
-          id: assetSubClass,
-          type: 'ASSET_SUB_CLASS'
-        };
-      })
-    ];
-
-    return this.adminService.getMarketData(filters);
+    return this.adminService.getMarketData({
+      filters,
+      presetId,
+      sortColumn,
+      sortDirection,
+      skip: isNaN(skip) ? undefined : skip,
+      take: isNaN(take) ? undefined : take
+    });
  }

  @Get('market-data/:dataSource/:symbol')
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.accessAdminControl)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async getMarketDataBySymbol(
    @Param('dataSource') dataSource: DataSource,
    @Param('symbol') symbol: string
  ): Promise<AdminMarketDataDetails> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    return this.adminService.getMarketDataBySymbol({ dataSource, symbol });
  }

+  @HasPermission(permissions.accessAdminControl)
+  @Post('market-data/:dataSource/:symbol/test')
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async testMarketData(
+    @Body() data: { scraperConfiguration: string },
+    @Param('dataSource') dataSource: DataSource,
+    @Param('symbol') symbol: string
+  ): Promise<{ price: number }> {
+    try {
+      const scraperConfiguration = JSON.parse(data.scraperConfiguration);
+      const price = await this.manualService.test(scraperConfiguration);
+
+      if (price) {
+        return { price };
+      }
+
+      throw new Error('Could not parse the current market price');
+    } catch (error) {
+      Logger.error(error);
+
+      throw new HttpException(error.message, StatusCodes.BAD_REQUEST);
+    }
+  }
+
+  @HasPermission(permissions.accessAdminControl)
+  @Post('market-data/:dataSource/:symbol')
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async updateMarketData(
+    @Body() data: UpdateBulkMarketDataDto,
+    @Param('dataSource') dataSource: DataSource,
+    @Param('symbol') symbol: string
+  ) {
+    const dataBulkUpdate: Prisma.MarketDataUpdateInput[] = data.marketData.map(
+      ({ date, marketPrice }) => ({
+        dataSource,
+        marketPrice,
+        symbol,
+        date: resetHours(parseISO(date)),
+        state: 'CLOSE'
+      })
+    );
+
+    return this.marketDataService.updateMany({
+      data: dataBulkUpdate
+    });
+  }
+
+  /**
+   * @deprecated
+   */
+  @HasPermission(permissions.accessAdminControl)
  @Put('market-data/:dataSource/:symbol/:dateString')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async update(
    @Param('dataSource') dataSource: DataSource,
    @Param('dateString') dateString: string,
    @Param('symbol') symbol: string,
    @Body() data: UpdateMarketDataDto
  ) {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
-    const date = new Date(dateString);
+    const date = parseISO(dateString);

    return this.marketDataService.updateMarketData({
      data: { marketPrice: data.marketPrice, state: 'CLOSE' },
@ -328,46 +291,39 @@ export class AdminController {
    });
  }

+  @HasPermission(permissions.accessAdminControl)
+  @Post('profile-data/:dataSource/:symbol')
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  @UseInterceptors(TransformDataSourceInRequestInterceptor)
+  public async addProfileData(
+    @Param('dataSource') dataSource: DataSource,
+    @Param('symbol') symbol: string
+  ): Promise<SymbolProfile | never> {
+    return this.adminService.addAssetProfile({
+      dataSource,
+      symbol,
+      currency: this.request.user.Settings.settings.baseCurrency
+    });
+  }
+
  @Delete('profile-data/:dataSource/:symbol')
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.accessAdminControl)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async deleteProfileData(
    @Param('dataSource') dataSource: DataSource,
    @Param('symbol') symbol: string
  ): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    return this.adminService.deleteProfileData({ dataSource, symbol });
  }

+  @HasPermission(permissions.accessAdminControl)
  @Patch('profile-data/:dataSource/:symbol')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async patchAssetProfileData(
    @Body() assetProfileData: UpdateAssetProfileDto,
    @Param('dataSource') dataSource: DataSource,
    @Param('symbol') symbol: string
  ): Promise<EnhancedSymbolProfile> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    return this.adminService.patchAssetProfileData({
      ...assetProfileData,
      dataSource,
@ -375,24 +331,13 @@ export class AdminController {
    });
  }

+  @HasPermission(permissions.accessAdminControl)
  @Put('settings/:key')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async updateProperty(
    @Param('key') key: string,
    @Body() data: PropertyDto
  ) {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    return await this.adminService.putSetting(key, data.value);
  }
 }
--- a/apps/api/src/app/admin/admin.module.ts
+++ b/apps/api/src/app/admin/admin.module.ts
@ -1,4 +1,5 @@
 import { SubscriptionModule } from '@ghostfolio/api/app/subscription/subscription.module';
+import { ApiModule } from '@ghostfolio/api/services/api/api.module';
 import { ConfigurationModule } from '@ghostfolio/api/services/configuration/configuration.module';
 import { DataGatheringModule } from '@ghostfolio/api/services/data-gathering/data-gathering.module';
 import { DataProviderModule } from '@ghostfolio/api/services/data-provider/data-provider.module';
@ -15,6 +16,7 @@ import { QueueModule } from './queue/queue.module';

@Module({
  imports: [
+    ApiModule,
    ConfigurationModule,
    DataGatheringModule,
    DataProviderModule,
--- a/apps/api/src/app/admin/admin.service.ts
+++ b/apps/api/src/app/admin/admin.service.ts
@ -1,11 +1,18 @@
 import { SubscriptionService } from '@ghostfolio/api/app/subscription/subscription.service';
+import { environment } from '@ghostfolio/api/environments/environment';
 import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
+import { DataProviderService } from '@ghostfolio/api/services/data-provider/data-provider.service';
 import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
 import { MarketDataService } from '@ghostfolio/api/services/market-data/market-data.service';
 import { PrismaService } from '@ghostfolio/api/services/prisma/prisma.service';
 import { PropertyService } from '@ghostfolio/api/services/property/property.service';
 import { SymbolProfileService } from '@ghostfolio/api/services/symbol-profile/symbol-profile.service';
-import { PROPERTY_CURRENCIES } from '@ghostfolio/common/config';
+import {
+  DEFAULT_CURRENCY,
+  PROPERTY_CURRENCIES,
+  PROPERTY_IS_READ_ONLY_MODE,
+  PROPERTY_IS_USER_SIGNUP_ENABLED
+} from '@ghostfolio/common/config';
 import {
  AdminData,
  AdminMarketData,
@ -14,25 +21,70 @@ import {
  Filter,
  UniqueAsset
 } from '@ghostfolio/common/interfaces';
-import { Injectable } from '@nestjs/common';
-import { AssetSubClass, Prisma, Property } from '@prisma/client';
+import { MarketDataPreset } from '@ghostfolio/common/types';
+import { BadRequestException, Injectable } from '@nestjs/common';
+import {
+  AssetSubClass,
+  DataSource,
+  Prisma,
+  Property,
+  SymbolProfile
+} from '@prisma/client';
 import { differenceInDays } from 'date-fns';
 import { groupBy } from 'lodash';

@Injectable()
 export class AdminService {
-  private baseCurrency: string;
-
  public constructor(
    private readonly configurationService: ConfigurationService,
+    private readonly dataProviderService: DataProviderService,
    private readonly exchangeRateDataService: ExchangeRateDataService,
    private readonly marketDataService: MarketDataService,
    private readonly prismaService: PrismaService,
    private readonly propertyService: PropertyService,
    private readonly subscriptionService: SubscriptionService,
    private readonly symbolProfileService: SymbolProfileService
-  ) {
-    this.baseCurrency = this.configurationService.get('BASE_CURRENCY');
+  ) {}
+
+  public async addAssetProfile({
+    currency,
+    dataSource,
+    symbol
+  }: UniqueAsset & { currency?: string }): Promise<SymbolProfile | never> {
+    try {
+      if (dataSource === 'MANUAL') {
+        return this.symbolProfileService.add({
+          currency,
+          dataSource,
+          symbol
+        });
+      }
+
+      const assetProfiles = await this.dataProviderService.getAssetProfiles([
+        { dataSource, symbol }
+      ]);
+
+      if (!assetProfiles[symbol]?.currency) {
+        throw new BadRequestException(
+          `Asset profile not found for ${symbol} (${dataSource})`
+        );
+      }
+
+      return await this.symbolProfileService.add(
+        assetProfiles[symbol] as Prisma.SymbolProfileCreateInput
+      );
+    } catch (error) {
+      if (
+        error instanceof Prisma.PrismaClientKnownRequestError &&
+        error.code === 'P2002'
+      ) {
+        throw new BadRequestException(
+          `Asset profile of ${symbol} (${dataSource}) already exists`
+        );
+      }
+
+      throw error;
+    }
  }

  public async deleteProfileData({ dataSource, symbol }: UniqueAsset) {
@ -45,15 +97,23 @@ export class AdminService {
      exchangeRates: this.exchangeRateDataService
        .getCurrencies()
        .filter((currency) => {
-          return currency !== this.baseCurrency;
+          return currency !== DEFAULT_CURRENCY;
        })
        .map((currency) => {
+          const label1 = DEFAULT_CURRENCY;
+          const label2 = currency;
+
          return {
-            label1: this.baseCurrency,
-            label2: currency,
+            label1,
+            label2,
+            dataSource:
+              DataSource[
+                this.configurationService.get('DATA_SOURCE_EXCHANGE_RATES')
+              ],
+            symbol: `${label1}${label2}`,
            value: this.exchangeRateDataService.toCurrency(
              1,
-              this.baseCurrency,
+              DEFAULT_CURRENCY,
              currency
            )
          };
@ -61,56 +121,86 @@ export class AdminService {
      settings: await this.propertyService.get(),
      transactionCount: await this.prismaService.order.count(),
      userCount: await this.prismaService.user.count(),
-      users: await this.getUsersWithAnalytics()
+      users: await this.getUsersWithAnalytics(),
+      version: environment.version
    };
  }

-  public async getMarketData(filters?: Filter[]): Promise<AdminMarketData> {
+  public async getMarketData({
+    filters,
+    presetId,
+    sortColumn,
+    sortDirection,
+    skip,
+    take = Number.MAX_SAFE_INTEGER
+  }: {
+    filters?: Filter[];
+    presetId?: MarketDataPreset;
+    skip?: number;
+    sortColumn?: string;
+    sortDirection?: Prisma.SortOrder;
+    take?: number;
+  }): Promise<AdminMarketData> {
+    let orderBy: Prisma.Enumerable<Prisma.SymbolProfileOrderByWithRelationInput> =
+      [{ symbol: 'asc' }];
    const where: Prisma.SymbolProfileWhereInput = {};

+    if (presetId === 'CURRENCIES') {
+      return this.getMarketDataForCurrencies();
+    } else if (
+      presetId === 'ETF_WITHOUT_COUNTRIES' ||
+      presetId === 'ETF_WITHOUT_SECTORS'
+    ) {
+      filters = [{ id: 'ETF', type: 'ASSET_SUB_CLASS' }];
+    }
+
+    const searchQuery = filters.find(({ type }) => {
+      return type === 'SEARCH_QUERY';
+    })?.id;
+
    const { ASSET_SUB_CLASS: filtersByAssetSubClass } = groupBy(
      filters,
-      (filter) => {
-        return filter.type;
+      ({ type }) => {
+        return type;
      }
    );

-    const marketData = await this.prismaService.marketData.groupBy({
+    const marketDataItems = await this.prismaService.marketData.groupBy({
      _count: true,
      by: ['dataSource', 'symbol']
    });

-    let currencyPairsToGather: AdminMarketDataItem[] = [];
-
    if (filtersByAssetSubClass) {
      where.assetSubClass = AssetSubClass[filtersByAssetSubClass[0].id];
-    } else {
-      currencyPairsToGather = this.exchangeRateDataService
-        .getCurrencyPairs()
-        .map(({ dataSource, symbol }) => {
-          const marketDataItemCount =
-            marketData.find((marketDataItem) => {
-              return (
-                marketDataItem.dataSource === dataSource &&
-                marketDataItem.symbol === symbol
-              );
-            })?._count ?? 0;
-
-          return {
-            dataSource,
-            marketDataItemCount,
-            symbol,
-            assetClass: 'CASH',
-            countriesCount: 0,
-            sectorsCount: 0
-          };
-        });
    }

-    const symbolProfilesToGather: AdminMarketDataItem[] = (
-      await this.prismaService.symbolProfile.findMany({
+    if (searchQuery) {
+      where.OR = [
+        { id: { mode: 'insensitive', startsWith: searchQuery } },
+        { isin: { mode: 'insensitive', startsWith: searchQuery } },
+        { name: { mode: 'insensitive', startsWith: searchQuery } },
+        { symbol: { mode: 'insensitive', startsWith: searchQuery } }
+      ];
+    }
+
+    if (sortColumn) {
+      orderBy = [{ [sortColumn]: sortDirection }];
+
+      if (sortColumn === 'activitiesCount') {
+        orderBy = {
+          Order: {
+            _count: sortDirection
+          }
+        };
+      }
+    }
+
+    let [assetProfiles, count] = await Promise.all([
+      this.prismaService.symbolProfile.findMany({
+        orderBy,
+        skip,
+        take,
        where,
-        orderBy: [{ symbol: 'asc' }],
        select: {
          _count: {
            select: { Order: true }
@ -119,7 +209,9 @@ export class AdminService {
          assetSubClass: true,
          comment: true,
          countries: true,
+          currency: true,
          dataSource: true,
+          name: true,
          Order: {
            orderBy: [{ date: 'asc' }],
            select: { date: true },
@ -129,38 +221,68 @@ export class AdminService {
          sectors: true,
          symbol: true
        }
-      })
-    ).map((symbolProfile) => {
-      const countriesCount = symbolProfile.countries
-        ? Object.keys(symbolProfile.countries).length
-        : 0;
-      const marketDataItemCount =
-        marketData.find((marketDataItem) => {
-          return (
-            marketDataItem.dataSource === symbolProfile.dataSource &&
-            marketDataItem.symbol === symbolProfile.symbol
-          );
-        })?._count ?? 0;
-      const sectorsCount = symbolProfile.sectors
-        ? Object.keys(symbolProfile.sectors).length
-        : 0;
+      }),
+      this.prismaService.symbolProfile.count({ where })
+    ]);

-      return {
-        countriesCount,
-        marketDataItemCount,
-        sectorsCount,
-        activitiesCount: symbolProfile._count.Order,
-        assetClass: symbolProfile.assetClass,
-        assetSubClass: symbolProfile.assetSubClass,
-        comment: symbolProfile.comment,
-        dataSource: symbolProfile.dataSource,
-        date: symbolProfile.Order?.[0]?.date,
-        symbol: symbolProfile.symbol
-      };
-    });
+    let marketData = assetProfiles.map(
+      ({
+        _count,
+        assetClass,
+        assetSubClass,
+        comment,
+        countries,
+        currency,
+        dataSource,
+        name,
+        Order,
+        sectors,
+        symbol
+      }) => {
+        const countriesCount = countries ? Object.keys(countries).length : 0;
+        const marketDataItemCount =
+          marketDataItems.find((marketDataItem) => {
+            return (
+              marketDataItem.dataSource === dataSource &&
+              marketDataItem.symbol === symbol
+            );
+          })?._count ?? 0;
+        const sectorsCount = sectors ? Object.keys(sectors).length : 0;
+
+        return {
+          assetClass,
+          assetSubClass,
+          comment,
+          currency,
+          countriesCount,
+          dataSource,
+          name,
+          symbol,
+          marketDataItemCount,
+          sectorsCount,
+          activitiesCount: _count.Order,
+          date: Order?.[0]?.date
+        };
+      }
+    );
+
+    if (presetId) {
+      if (presetId === 'ETF_WITHOUT_COUNTRIES') {
+        marketData = marketData.filter(({ countriesCount }) => {
+          return countriesCount === 0;
+        });
+      } else if (presetId === 'ETF_WITHOUT_SECTORS') {
+        marketData = marketData.filter(({ sectorsCount }) => {
+          return sectorsCount === 0;
+        });
+      }
+
+      count = marketData.length;
+    }

    return {
-      marketData: [...currencyPairsToGather, ...symbolProfilesToGather]
+      count,
+      marketData
    };
  }

@ -196,14 +318,28 @@ export class AdminService {
  }

  public async patchAssetProfileData({
+    assetClass,
+    assetSubClass,
    comment,
+    countries,
+    currency,
    dataSource,
+    name,
+    scraperConfiguration,
+    sectors,
    symbol,
    symbolMapping
  }: Prisma.SymbolProfileUpdateInput & UniqueAsset) {
    await this.symbolProfileService.updateSymbolProfile({
+      assetClass,
+      assetSubClass,
      comment,
+      countries,
+      currency,
      dataSource,
+      name,
+      scraperConfiguration,
+      sectors,
      symbol,
      symbolMapping
    });
@ -227,13 +363,47 @@ export class AdminService {
      response = await this.propertyService.delete({ key });
    }

-    if (key === PROPERTY_CURRENCIES) {
+    if (key === PROPERTY_IS_READ_ONLY_MODE && value === 'true') {
+      await this.putSetting(PROPERTY_IS_USER_SIGNUP_ENABLED, 'false');
+    } else if (key === PROPERTY_CURRENCIES) {
      await this.exchangeRateDataService.initialize();
    }

    return response;
  }

+  private async getMarketDataForCurrencies(): Promise<AdminMarketData> {
+    const marketDataItems = await this.prismaService.marketData.groupBy({
+      _count: true,
+      by: ['dataSource', 'symbol']
+    });
+
+    const marketData: AdminMarketDataItem[] = this.exchangeRateDataService
+      .getCurrencyPairs()
+      .map(({ dataSource, symbol }) => {
+        const marketDataItemCount =
+          marketDataItems.find((marketDataItem) => {
+            return (
+              marketDataItem.dataSource === dataSource &&
+              marketDataItem.symbol === symbol
+            );
+          })?._count ?? 0;
+
+        return {
+          dataSource,
+          marketDataItemCount,
+          symbol,
+          assetClass: 'CASH',
+          countriesCount: 0,
+          currency: symbol.replace(DEFAULT_CURRENCY, ''),
+          name: symbol,
+          sectorsCount: 0
+        };
+      });
+
+    return { marketData, count: marketData.length };
+  }
+
  private async getUsersWithAnalytics(): Promise<AdminData['users']> {
    let orderBy: any = {
      createdAt: 'desc'
--- a/apps/api/src/app/admin/queue/queue.controller.ts
+++ b/apps/api/src/app/admin/queue/queue.controller.ts
@ -1,87 +1,48 @@
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
 import { AdminJobs } from '@ghostfolio/common/interfaces';
-import { hasPermission, permissions } from '@ghostfolio/common/permissions';
-import type { RequestWithUser } from '@ghostfolio/common/types';
+import { permissions } from '@ghostfolio/common/permissions';
 import {
  Controller,
  Delete,
  Get,
-  HttpException,
-  Inject,
  Param,
  Query,
  UseGuards
 } from '@nestjs/common';
-import { REQUEST } from '@nestjs/core';
 import { AuthGuard } from '@nestjs/passport';
 import { JobStatus } from 'bull';
-import { StatusCodes, getReasonPhrase } from 'http-status-codes';

 import { QueueService } from './queue.service';

@Controller('admin/queue')
 export class QueueController {
-  public constructor(
-    private readonly queueService: QueueService,
-    @Inject(REQUEST) private readonly request: RequestWithUser
-  ) {}
+  public constructor(private readonly queueService: QueueService) {}

  @Delete('job')
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.accessAdminControl)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async deleteJobs(
    @Query('status') filterByStatus?: string
  ): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    const status = <JobStatus[]>filterByStatus?.split(',') ?? undefined;
    return this.queueService.deleteJobs({ status });
  }

  @Get('job')
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.accessAdminControl)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async getJobs(
    @Query('status') filterByStatus?: string
  ): Promise<AdminJobs> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    const status = <JobStatus[]>filterByStatus?.split(',') ?? undefined;
    return this.queueService.getJobs({ status });
  }

  @Delete('job/:id')
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.accessAdminControl)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async deleteJob(@Param('id') id: string): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    return this.queueService.deleteJob(id);
  }
 }
--- a/apps/api/src/app/admin/update-asset-profile.dto.ts
+++ b/apps/api/src/app/admin/update-asset-profile.dto.ts
@ -1,10 +1,45 @@
-import { IsObject, IsOptional, IsString } from 'class-validator';
+import { AssetClass, AssetSubClass, Prisma } from '@prisma/client';
+import {
+  IsArray,
+  IsEnum,
+  IsObject,
+  IsOptional,
+  IsString
+} from 'class-validator';

 export class UpdateAssetProfileDto {
+  @IsEnum(AssetClass, { each: true })
+  @IsOptional()
+  assetClass?: AssetClass;
+
+  @IsEnum(AssetSubClass, { each: true })
+  @IsOptional()
+  assetSubClass?: AssetSubClass;
+
  @IsString()
  @IsOptional()
  comment?: string;

+  @IsArray()
+  @IsOptional()
+  countries?: Prisma.InputJsonArray;
+
+  @IsString()
+  @IsOptional()
+  currency?: string;
+
+  @IsString()
+  @IsOptional()
+  name?: string;
+
+  @IsObject()
+  @IsOptional()
+  scraperConfiguration?: Prisma.InputJsonObject;
+
+  @IsArray()
+  @IsOptional()
+  sectors?: Prisma.InputJsonArray;
+
  @IsObject()
  @IsOptional()
  symbolMapping?: {
--- a/apps/api/src/app/admin/update-bulk-market-data.dto.ts
+++ b/apps/api/src/app/admin/update-bulk-market-data.dto.ts
@ -0,0 +1,11 @@
+import { Type } from 'class-transformer';
+import { ArrayNotEmpty, IsArray, isNotEmptyObject } from 'class-validator';
+
+import { UpdateMarketDataDto } from './update-market-data.dto';
+
+export class UpdateBulkMarketDataDto {
+  @ArrayNotEmpty()
+  @IsArray()
+  @Type(() => UpdateMarketDataDto)
+  marketData: UpdateMarketDataDto[];
+}
--- a/apps/api/src/app/admin/update-market-data.dto.ts
+++ b/apps/api/src/app/admin/update-market-data.dto.ts
@ -1,6 +1,10 @@
-import { IsNumber } from 'class-validator';
+import { IsISO8601, IsNumber, IsOptional } from 'class-validator';

 export class UpdateMarketDataDto {
+  @IsISO8601()
+  @IsOptional()
+  date?: string;
+
  @IsNumber()
  marketPrice: number;
 }
--- a/apps/api/src/app/app.module.ts
+++ b/apps/api/src/app/app.module.ts
@ -7,11 +7,16 @@ import { DataProviderModule } from '@ghostfolio/api/services/data-provider/data-
 import { ExchangeRateDataModule } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.module';
 import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
 import { TwitterBotModule } from '@ghostfolio/api/services/twitter-bot/twitter-bot.module';
+import {
+  DEFAULT_LANGUAGE_CODE,
+  SUPPORTED_LANGUAGE_CODES
+} from '@ghostfolio/common/config';
 import { BullModule } from '@nestjs/bull';
-import { MiddlewareConsumer, Module, RequestMethod } from '@nestjs/common';
+import { Module } from '@nestjs/common';
 import { ConfigModule } from '@nestjs/config';
 import { ScheduleModule } from '@nestjs/schedule';
 import { ServeStaticModule } from '@nestjs/serve-static';
+import { StatusCodes } from 'http-status-codes';

 import { AccessModule } from './access/access.module';
 import { AccountModule } from './account/account.module';
@ -23,7 +28,6 @@ import { BenchmarkModule } from './benchmark/benchmark.module';
 import { CacheModule } from './cache/cache.module';
 import { ExchangeRateModule } from './exchange-rate/exchange-rate.module';
 import { ExportModule } from './export/export.module';
-import { FrontendMiddleware } from './frontend.middleware';
 import { HealthModule } from './health/health.module';
 import { ImportModule } from './import/import.module';
 import { InfoModule } from './info/info.module';
@ -32,8 +36,10 @@ import { OrderModule } from './order/order.module';
 import { PlatformModule } from './platform/platform.module';
 import { PortfolioModule } from './portfolio/portfolio.module';
 import { RedisCacheModule } from './redis-cache/redis-cache.module';
+import { SitemapModule } from './sitemap/sitemap.module';
 import { SubscriptionModule } from './subscription/subscription.module';
 import { SymbolModule } from './symbol/symbol.module';
+import { TagModule } from './tag/tag.module';
 import { UserModule } from './user/user.module';

@Module({
@ -70,31 +76,37 @@ import { UserModule } from './user/user.module';
    RedisCacheModule,
    ScheduleModule.forRoot(),
    ServeStaticModule.forRoot({
-      serveStaticOptions: {
-        /*etag: false // Disable etag header to fix PWA
-        setHeaders: (res, path) => {
-          if (path.includes('ngsw.json')) {
-            // Disable cache (https://stackoverflow.com/questions/22632593/how-to-disable-webpage-caching-in-expressjs-nodejs/39775595)
-            // https://gertjans.home.xs4all.nl/javascript/cache-control.html#no-cache
-            res.set('Cache-Control', 'no-cache, no-store, must-revalidate');
-          }
-        }*/
-      },
+      exclude: ['/api*', '/sitemap.xml'],
      rootPath: join(__dirname, '..', 'client'),
-      exclude: ['/api*']
+      serveStaticOptions: {
+        setHeaders: (res) => {
+          if (res.req?.path === '/') {
+            let languageCode = DEFAULT_LANGUAGE_CODE;
+
+            try {
+              const code = res.req.headers['accept-language']
+                .split(',')[0]
+                .split('-')[0];
+
+              if (SUPPORTED_LANGUAGE_CODES.includes(code)) {
+                languageCode = code;
+              }
+            } catch {}
+
+            res.set('Location', `/${languageCode}`);
+            res.statusCode = StatusCodes.MOVED_PERMANENTLY;
+          }
+        }
+      }
    }),
+    SitemapModule,
    SubscriptionModule,
    SymbolModule,
+    TagModule,
    TwitterBotModule,
    UserModule
  ],
  controllers: [AppController],
  providers: [CronService]
 })
-export class AppModule {
-  configure(consumer: MiddlewareConsumer) {
-    consumer
-      .apply(FrontendMiddleware)
-      .forRoutes({ path: '*', method: RequestMethod.ALL });
-  }
-}
+export class AppModule {}
--- a/apps/api/src/app/auth-device/auth-device.controller.ts
+++ b/apps/api/src/app/auth-device/auth-device.controller.ts
@ -1,40 +1,18 @@
 import { AuthDeviceService } from '@ghostfolio/api/app/auth-device/auth-device.service';
-import { hasPermission, permissions } from '@ghostfolio/common/permissions';
-import type { RequestWithUser } from '@ghostfolio/common/types';
-import {
-  Controller,
-  Delete,
-  HttpException,
-  Inject,
-  Param,
-  UseGuards
-} from '@nestjs/common';
-import { REQUEST } from '@nestjs/core';
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import { permissions } from '@ghostfolio/common/permissions';
+import { Controller, Delete, Param, UseGuards } from '@nestjs/common';
 import { AuthGuard } from '@nestjs/passport';
-import { StatusCodes, getReasonPhrase } from 'http-status-codes';

@Controller('auth-device')
 export class AuthDeviceController {
-  public constructor(
-    private readonly authDeviceService: AuthDeviceService,
-    @Inject(REQUEST) private readonly request: RequestWithUser
-  ) {}
+  public constructor(private readonly authDeviceService: AuthDeviceService) {}

  @Delete(':id')
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.deleteAuthDevice)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async deleteAuthDevice(@Param('id') id: string): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.deleteAuthDevice
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    await this.authDeviceService.deleteAuthDevice({ id });
  }
 }
--- a/apps/api/src/app/auth/auth.controller.ts
+++ b/apps/api/src/app/auth/auth.controller.ts
@ -1,4 +1,5 @@
 import { WebAuthService } from '@ghostfolio/api/app/auth/web-auth.service';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
 import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
 import { DEFAULT_LANGUAGE_CODE } from '@ghostfolio/common/config';
 import { OAuthResponse } from '@ghostfolio/common/interfaces';
@ -41,9 +42,8 @@ export class AuthController {
    @Param('accessToken') accessToken: string
  ): Promise<OAuthResponse> {
    try {
-      const authToken = await this.authService.validateAnonymousLogin(
-        accessToken
-      );
+      const authToken =
+        await this.authService.validateAnonymousLogin(accessToken);
      return { authToken };
    } catch {
      throw new HttpException(
@ -119,13 +119,13 @@ export class AuthController {
  }

  @Get('webauthn/generate-registration-options')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async generateRegistrationOptions() {
    return this.webAuthService.generateRegistrationOptions();
  }

  @Post('webauthn/verify-attestation')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async verifyAttestation(
    @Body() body: { deviceName: string; credential: AttestationCredentialJSON }
  ) {
--- a/apps/api/src/app/auth/auth.service.ts
+++ b/apps/api/src/app/auth/auth.service.ts
@ -55,7 +55,7 @@ export class AuthService {
        const isUserSignupEnabled =
          await this.propertyService.isUserSignupEnabled();

-        if (!isUserSignupEnabled) {
+        if (!isUserSignupEnabled || true) {
          throw new Error('Sign up forbidden');
        }

--- a/apps/api/src/app/auth/web-auth.service.ts
+++ b/apps/api/src/app/auth/web-auth.service.ts
@ -64,7 +64,7 @@ export class WebAuthService {
      }
    };

-    const options = generateRegistrationOptions(opts);
+    const options = await generateRegistrationOptions(opts);

    await this.userService.updateUser({
      data: {
@ -88,10 +88,16 @@ export class WebAuthService {
    let verification: VerifiedRegistrationResponse;
    try {
      const opts: VerifyRegistrationResponseOpts = {
-        credential,
        expectedChallenge,
        expectedOrigin: this.expectedOrigin,
-        expectedRPID: this.rpID
+        expectedRPID: this.rpID,
+        response: {
+          clientExtensionResults: credential.clientExtensionResults,
+          id: credential.id,
+          rawId: credential.rawId,
+          response: credential.response,
+          type: 'public-key'
+        }
      };
      verification = await verifyRegistrationResponse(opts);
    } catch (error) {
@ -117,8 +123,8 @@ export class WebAuthService {
         */
        existingDevice = await this.deviceService.createAuthDevice({
          counter,
-          credentialPublicKey,
-          credentialId: credentialID,
+          credentialId: Buffer.from(credentialID),
+          credentialPublicKey: Buffer.from(credentialPublicKey),
          User: { connect: { id: user.id } }
        });
      }
@ -152,7 +158,7 @@ export class WebAuthService {
      userVerification: 'preferred'
    };

-    const options = generateAuthenticationOptions(opts);
+    const options = await generateAuthenticationOptions(opts);

    await this.userService.updateUser({
      data: {
@ -181,7 +187,6 @@ export class WebAuthService {
    let verification: VerifiedAuthenticationResponse;
    try {
      const opts: VerifyAuthenticationResponseOpts = {
-        credential,
        authenticator: {
          credentialID: device.credentialId,
          credentialPublicKey: device.credentialPublicKey,
@ -189,9 +194,16 @@ export class WebAuthService {
        },
        expectedChallenge: `${user.authChallenge}`,
        expectedOrigin: this.expectedOrigin,
-        expectedRPID: this.rpID
+        expectedRPID: this.rpID,
+        response: {
+          clientExtensionResults: credential.clientExtensionResults,
+          id: credential.id,
+          rawId: credential.rawId,
+          response: credential.response,
+          type: 'public-key'
+        }
      };
-      verification = verifyAuthenticationResponse(opts);
+      verification = await verifyAuthenticationResponse(opts);
    } catch (error) {
      Logger.error(error, 'WebAuthService');
      throw new InternalServerErrorException({ error: error.message });
--- a/apps/api/src/app/benchmark/benchmark.controller.ts
+++ b/apps/api/src/app/benchmark/benchmark.controller.ts
@ -1,3 +1,5 @@
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
 import { TransformDataSourceInRequestInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-request.interceptor';
 import { TransformDataSourceInResponseInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-response.interceptor';
 import type {
@ -5,11 +7,12 @@ import type {
  BenchmarkResponse,
  UniqueAsset
 } from '@ghostfolio/common/interfaces';
-import { hasPermission, permissions } from '@ghostfolio/common/permissions';
+import { permissions } from '@ghostfolio/common/permissions';
 import type { RequestWithUser } from '@ghostfolio/common/types';
 import {
  Body,
  Controller,
+  Delete,
  Get,
  HttpException,
  Inject,
@ -32,47 +35,10 @@ export class BenchmarkController {
    @Inject(REQUEST) private readonly request: RequestWithUser
  ) {}

-  @Get()
-  @UseInterceptors(TransformDataSourceInRequestInterceptor)
-  @UseInterceptors(TransformDataSourceInResponseInterceptor)
-  public async getBenchmark(): Promise<BenchmarkResponse> {
-    return {
-      benchmarks: await this.benchmarkService.getBenchmarks()
-    };
-  }
-
-  @Get(':dataSource/:symbol/:startDateString')
-  @UseGuards(AuthGuard('jwt'))
-  @UseInterceptors(TransformDataSourceInRequestInterceptor)
-  public async getBenchmarkMarketDataBySymbol(
-    @Param('dataSource') dataSource: DataSource,
-    @Param('startDateString') startDateString: string,
-    @Param('symbol') symbol: string
-  ): Promise<BenchmarkMarketDataDetails> {
-    const startDate = new Date(startDateString);
-
-    return this.benchmarkService.getMarketDataBySymbol({
-      dataSource,
-      startDate,
-      symbol
-    });
-  }
-
+  @HasPermission(permissions.accessAdminControl)
  @Post()
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async addBenchmark(@Body() { dataSource, symbol }: UniqueAsset) {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    try {
      const benchmark = await this.benchmarkService.addBenchmark({
        dataSource,
@ -94,4 +60,61 @@ export class BenchmarkController {
      );
    }
  }
+
+  @Delete(':dataSource/:symbol')
+  @HasPermission(permissions.accessAdminControl)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async deleteBenchmark(
+    @Param('dataSource') dataSource: DataSource,
+    @Param('symbol') symbol: string
+  ) {
+    try {
+      const benchmark = await this.benchmarkService.deleteBenchmark({
+        dataSource,
+        symbol
+      });
+
+      if (!benchmark) {
+        throw new HttpException(
+          getReasonPhrase(StatusCodes.NOT_FOUND),
+          StatusCodes.NOT_FOUND
+        );
+      }
+
+      return benchmark;
+    } catch {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.INTERNAL_SERVER_ERROR),
+        StatusCodes.INTERNAL_SERVER_ERROR
+      );
+    }
+  }
+
+  @Get()
+  @UseInterceptors(TransformDataSourceInRequestInterceptor)
+  @UseInterceptors(TransformDataSourceInResponseInterceptor)
+  public async getBenchmark(): Promise<BenchmarkResponse> {
+    return {
+      benchmarks: await this.benchmarkService.getBenchmarks()
+    };
+  }
+
+  @Get(':dataSource/:symbol/:startDateString')
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  @UseInterceptors(TransformDataSourceInRequestInterceptor)
+  public async getBenchmarkMarketDataBySymbol(
+    @Param('dataSource') dataSource: DataSource,
+    @Param('startDateString') startDateString: string,
+    @Param('symbol') symbol: string
+  ): Promise<BenchmarkMarketDataDetails> {
+    const startDate = new Date(startDateString);
+    const userCurrency = this.request.user.Settings.settings.baseCurrency;
+
+    return this.benchmarkService.getMarketDataBySymbol({
+      dataSource,
+      startDate,
+      symbol,
+      userCurrency
+    });
+  }
 }
--- a/apps/api/src/app/benchmark/benchmark.module.ts
+++ b/apps/api/src/app/benchmark/benchmark.module.ts
@ -2,6 +2,7 @@ import { RedisCacheModule } from '@ghostfolio/api/app/redis-cache/redis-cache.mo
 import { SymbolModule } from '@ghostfolio/api/app/symbol/symbol.module';
 import { ConfigurationModule } from '@ghostfolio/api/services/configuration/configuration.module';
 import { DataProviderModule } from '@ghostfolio/api/services/data-provider/data-provider.module';
+import { ExchangeRateDataModule } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.module';
 import { MarketDataModule } from '@ghostfolio/api/services/market-data/market-data.module';
 import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
 import { PropertyModule } from '@ghostfolio/api/services/property/property.module';
@ -17,6 +18,7 @@ import { BenchmarkService } from './benchmark.service';
  imports: [
    ConfigurationModule,
    DataProviderModule,
+    ExchangeRateDataModule,
    MarketDataModule,
    PrismaModule,
    PropertyModule,
--- a/apps/api/src/app/benchmark/benchmark.service.spec.ts
+++ b/apps/api/src/app/benchmark/benchmark.service.spec.ts
@ -11,6 +11,7 @@ describe('BenchmarkService', () => {
      null,
      null,
      null,
+      null,
      null
    );
  });
--- a/apps/api/src/app/benchmark/benchmark.service.ts
+++ b/apps/api/src/app/benchmark/benchmark.service.ts
@ -1,6 +1,7 @@
 import { RedisCacheService } from '@ghostfolio/api/app/redis-cache/redis-cache.service';
 import { SymbolService } from '@ghostfolio/api/app/symbol/symbol.service';
 import { DataProviderService } from '@ghostfolio/api/services/data-provider/data-provider.service';
+import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
 import { MarketDataService } from '@ghostfolio/api/services/market-data/market-data.service';
 import { PrismaService } from '@ghostfolio/api/services/prisma/prisma.service';
 import { PropertyService } from '@ghostfolio/api/services/property/property.service';
@ -9,18 +10,24 @@ import {
  MAX_CHART_ITEMS,
  PROPERTY_BENCHMARKS
 } from '@ghostfolio/common/config';
-import { DATE_FORMAT } from '@ghostfolio/common/helper';
 import {
+  DATE_FORMAT,
+  calculateBenchmarkTrend,
+  parseDate
+} from '@ghostfolio/common/helper';
+import {
+  Benchmark,
  BenchmarkMarketDataDetails,
  BenchmarkProperty,
  BenchmarkResponse,
  UniqueAsset
 } from '@ghostfolio/common/interfaces';
-import { Injectable } from '@nestjs/common';
+import { BenchmarkTrend } from '@ghostfolio/common/types';
+import { Injectable, Logger } from '@nestjs/common';
 import { SymbolProfile } from '@prisma/client';
 import Big from 'big.js';
-import { format } from 'date-fns';
-import { uniqBy } from 'lodash';
+import { format, isSameDay, subDays } from 'date-fns';
+import { isNumber, last, uniqBy } from 'lodash';
 import ms from 'ms';

@Injectable()
@ -29,6 +36,7 @@ export class BenchmarkService {

  public constructor(
    private readonly dataProviderService: DataProviderService,
+    private readonly exchangeRateDataService: ExchangeRateDataService,
    private readonly marketDataService: MarketDataService,
    private readonly prismaService: PrismaService,
    private readonly propertyService: PropertyService,
@ -45,9 +53,34 @@ export class BenchmarkService {
    return 0;
  }

-  public async getBenchmarks({ useCache = true } = {}): Promise<
-    BenchmarkResponse['benchmarks']
-  > {
+  public async getBenchmarkTrends({ dataSource, symbol }: UniqueAsset) {
+    const historicalData = await this.marketDataService.marketDataItems({
+      orderBy: {
+        date: 'desc'
+      },
+      where: {
+        dataSource,
+        symbol,
+        date: { gte: subDays(new Date(), 400) }
+      }
+    });
+
+    const fiftyDayAverage = calculateBenchmarkTrend({
+      historicalData,
+      days: 50
+    });
+    const twoHundredDayAverage = calculateBenchmarkTrend({
+      historicalData,
+      days: 200
+    });
+
+    return { trend50d: fiftyDayAverage, trend200d: twoHundredDayAverage };
+  }
+
+  public async getBenchmarks({
+    enableSharing = false,
+    useCache = true
+  } = {}): Promise<BenchmarkResponse['benchmarks']> {
    let benchmarks: BenchmarkResponse['benchmarks'];

    if (useCache) {
@ -62,21 +95,36 @@ export class BenchmarkService {
      } catch {}
    }

-    const benchmarkAssetProfiles = await this.getBenchmarkAssetProfiles();
+    const benchmarkAssetProfiles = await this.getBenchmarkAssetProfiles({
+      enableSharing
+    });

-    const promises: Promise<number>[] = [];
+    const promisesAllTimeHighs: Promise<{ date: Date; marketPrice: number }>[] =
+      [];
+    const promisesBenchmarkTrends: Promise<{
+      trend50d: BenchmarkTrend;
+      trend200d: BenchmarkTrend;
+    }>[] = [];

-    const quotes = await this.dataProviderService.getQuotes(
-      benchmarkAssetProfiles.map(({ dataSource, symbol }) => {
+    const quotes = await this.dataProviderService.getQuotes({
+      items: benchmarkAssetProfiles.map(({ dataSource, symbol }) => {
        return { dataSource, symbol };
      })
-    );
+    });

    for (const { dataSource, symbol } of benchmarkAssetProfiles) {
-      promises.push(this.marketDataService.getMax({ dataSource, symbol }));
+      promisesAllTimeHighs.push(
+        this.marketDataService.getMax({ dataSource, symbol })
+      );
+      promisesBenchmarkTrends.push(
+        this.getBenchmarkTrends({ dataSource, symbol })
+      );
    }

-    const allTimeHighs = await Promise.all(promises);
+    const [allTimeHighs, benchmarkTrends] = await Promise.all([
+      Promise.all(promisesAllTimeHighs),
+      Promise.all(promisesBenchmarkTrends)
+    ]);
    let storeInCache = true;

    benchmarks = allTimeHighs.map((allTimeHigh, index) => {
@ -85,9 +133,9 @@ export class BenchmarkService {

      let performancePercentFromAllTimeHigh = 0;

-      if (allTimeHigh && marketPrice) {
+      if (allTimeHigh?.marketPrice && marketPrice) {
        performancePercentFromAllTimeHigh = this.calculateChangeInPercentage(
-          allTimeHigh,
+          allTimeHigh.marketPrice,
          marketPrice
        );
      } else {
@ -101,9 +149,12 @@ export class BenchmarkService {
        name: benchmarkAssetProfiles[index].name,
        performances: {
          allTimeHigh: {
+            date: allTimeHigh?.date,
            performancePercent: performancePercentFromAllTimeHigh
          }
-        }
+        },
+        trend50d: benchmarkTrends[index].trend50d,
+        trend200d: benchmarkTrends[index].trend200d
      };
    });

@ -118,14 +169,24 @@ export class BenchmarkService {
    return benchmarks;
  }

-  public async getBenchmarkAssetProfiles(): Promise<Partial<SymbolProfile>[]> {
+  public async getBenchmarkAssetProfiles({
+    enableSharing = false
+  } = {}): Promise<Partial<SymbolProfile>[]> {
    const symbolProfileIds: string[] = (
      ((await this.propertyService.getByKey(
        PROPERTY_BENCHMARKS
      )) as BenchmarkProperty[]) ?? []
-    ).map(({ symbolProfileId }) => {
-      return symbolProfileId;
-    });
+    )
+      .filter((benchmark) => {
+        if (enableSharing) {
+          return benchmark.enableSharing;
+        }
+
+        return true;
+      })
+      .map(({ symbolProfileId }) => {
+        return symbolProfileId;
+      });

    const assetProfiles =
      await this.symbolProfileService.getSymbolProfilesByIds(symbolProfileIds);
@ -145,8 +206,14 @@ export class BenchmarkService {
  public async getMarketDataBySymbol({
    dataSource,
    startDate,
-    symbol
-  }: { startDate: Date } & UniqueAsset): Promise<BenchmarkMarketDataDetails> {
+    symbol,
+    userCurrency
+  }: {
+    startDate: Date;
+    userCurrency: string;
+  } & UniqueAsset): Promise<BenchmarkMarketDataDetails> {
+    const marketData: { date: string; value: number }[] = [];
+
    const [currentSymbolItem, marketDataItems] = await Promise.all([
      this.symbolService.get({
        dataGatheringItem: {
@ -168,44 +235,96 @@ export class BenchmarkService {
      })
    ]);

+    const exchangeRates =
+      await this.exchangeRateDataService.getExchangeRatesByCurrency({
+        startDate,
+        currencies: [currentSymbolItem.currency],
+        targetCurrency: userCurrency
+      });
+
+    const exchangeRateAtStartDate =
+      exchangeRates[`${currentSymbolItem.currency}${userCurrency}`]?.[
+        format(startDate, DATE_FORMAT)
+      ];
+
+    const marketPriceAtStartDate = marketDataItems?.find(({ date }) => {
+      return isSameDay(date, startDate);
+    })?.marketPrice;
+
+    if (!marketPriceAtStartDate) {
+      Logger.error(
+        `No historical market data has been found for ${symbol} (${dataSource}) at ${format(
+          startDate,
+          DATE_FORMAT
+        )}`,
+        'BenchmarkService'
+      );
+
+      return { marketData };
+    }
+
    const step = Math.round(
      marketDataItems.length / Math.min(marketDataItems.length, MAX_CHART_ITEMS)
    );

-    const marketPriceAtStartDate = marketDataItems?.[0]?.marketPrice ?? 0;
-    const response = {
-      marketData: [
-        ...marketDataItems
-          .filter((marketDataItem, index) => {
-            return index % step === 0;
-          })
-          .map((marketDataItem) => {
-            return {
-              date: format(marketDataItem.date, DATE_FORMAT),
-              value:
-                marketPriceAtStartDate === 0
-                  ? 0
-                  : this.calculateChangeInPercentage(
-                      marketPriceAtStartDate,
-                      marketDataItem.marketPrice
-                    ) * 100
-            };
-          })
-      ]
-    };
+    let i = 0;

-    if (currentSymbolItem?.marketPrice) {
-      response.marketData.push({
+    for (let marketDataItem of marketDataItems) {
+      if (i % step !== 0) {
+        continue;
+      }
+
+      const exchangeRate =
+        exchangeRates[`${currentSymbolItem.currency}${userCurrency}`]?.[
+          format(marketDataItem.date, DATE_FORMAT)
+        ];
+
+      const exchangeRateFactor =
+        isNumber(exchangeRateAtStartDate) && isNumber(exchangeRate)
+          ? exchangeRate / exchangeRateAtStartDate
+          : 1;
+
+      marketData.push({
+        date: format(marketDataItem.date, DATE_FORMAT),
+        value:
+          marketPriceAtStartDate === 0
+            ? 0
+            : this.calculateChangeInPercentage(
+                marketPriceAtStartDate,
+                marketDataItem.marketPrice * exchangeRateFactor
+              ) * 100
+      });
+    }
+
+    const includesToday = isSameDay(
+      parseDate(last(marketData).date),
+      new Date()
+    );
+
+    if (currentSymbolItem?.marketPrice && !includesToday) {
+      const exchangeRate =
+        exchangeRates[`${currentSymbolItem.currency}${userCurrency}`]?.[
+          format(new Date(), DATE_FORMAT)
+        ];
+
+      const exchangeRateFactor =
+        isNumber(exchangeRateAtStartDate) && isNumber(exchangeRate)
+          ? exchangeRate / exchangeRateAtStartDate
+          : 1;
+
+      marketData.push({
        date: format(new Date(), DATE_FORMAT),
        value:
          this.calculateChangeInPercentage(
            marketPriceAtStartDate,
-            currentSymbolItem.marketPrice
+            currentSymbolItem.marketPrice * exchangeRateFactor
          ) * 100
      });
    }

-    return response;
+    return {
+      marketData
+    };
  }

  public async addBenchmark({
@ -245,7 +364,52 @@ export class BenchmarkService {
    };
  }

-  private getMarketCondition(aPerformanceInPercent: number) {
-    return aPerformanceInPercent <= -0.2 ? 'BEAR_MARKET' : 'NEUTRAL_MARKET';
+  public async deleteBenchmark({
+    dataSource,
+    symbol
+  }: UniqueAsset): Promise<Partial<SymbolProfile>> {
+    const assetProfile = await this.prismaService.symbolProfile.findFirst({
+      where: {
+        dataSource,
+        symbol
+      }
+    });
+
+    if (!assetProfile) {
+      return null;
+    }
+
+    let benchmarks =
+      ((await this.propertyService.getByKey(
+        PROPERTY_BENCHMARKS
+      )) as BenchmarkProperty[]) ?? [];
+
+    benchmarks = benchmarks.filter(({ symbolProfileId }) => {
+      return symbolProfileId !== assetProfile.id;
+    });
+
+    await this.propertyService.put({
+      key: PROPERTY_BENCHMARKS,
+      value: JSON.stringify(benchmarks)
+    });
+
+    return {
+      dataSource,
+      symbol,
+      id: assetProfile.id,
+      name: assetProfile.name
+    };
+  }
+
+  private getMarketCondition(
+    aPerformanceInPercent: number
+  ): Benchmark['marketCondition'] {
+    if (aPerformanceInPercent === 0) {
+      return 'ALL_TIME_HIGH';
+    } else if (aPerformanceInPercent <= -0.2) {
+      return 'BEAR_MARKET';
+    } else {
+      return 'NEUTRAL_MARKET';
+    }
  }
 }
--- a/apps/api/src/app/cache/cache.controller.ts
+++ b/apps/api/src/app/cache/cache.controller.ts
@ -1,39 +1,18 @@
 import { RedisCacheService } from '@ghostfolio/api/app/redis-cache/redis-cache.service';
-import { hasPermission, permissions } from '@ghostfolio/common/permissions';
-import type { RequestWithUser } from '@ghostfolio/common/types';
-import {
-  Controller,
-  HttpException,
-  Inject,
-  Post,
-  UseGuards
-} from '@nestjs/common';
-import { REQUEST } from '@nestjs/core';
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import { permissions } from '@ghostfolio/common/permissions';
+import { Controller, Post, UseGuards } from '@nestjs/common';
 import { AuthGuard } from '@nestjs/passport';
-import { StatusCodes, getReasonPhrase } from 'http-status-codes';

@Controller('cache')
 export class CacheController {
-  public constructor(
-    private readonly redisCacheService: RedisCacheService,
-    @Inject(REQUEST) private readonly request: RequestWithUser
-  ) {}
+  public constructor(private readonly redisCacheService: RedisCacheService) {}

+  @HasPermission(permissions.accessAdminControl)
  @Post('flush')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async flushCache(): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    return this.redisCacheService.reset();
  }
 }
--- a/apps/api/src/app/exchange-rate/exchange-rate.controller.ts
+++ b/apps/api/src/app/exchange-rate/exchange-rate.controller.ts
@ -1,3 +1,4 @@
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
 import { IDataProviderHistoricalResponse } from '@ghostfolio/api/services/interfaces/interfaces';
 import {
  Controller,
@ -7,6 +8,7 @@ import {
  UseGuards
 } from '@nestjs/common';
 import { AuthGuard } from '@nestjs/passport';
+import { parseISO } from 'date-fns';
 import { StatusCodes, getReasonPhrase } from 'http-status-codes';

 import { ExchangeRateService } from './exchange-rate.service';
@ -18,12 +20,12 @@ export class ExchangeRateController {
  ) {}

  @Get(':symbol/:dateString')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async getExchangeRate(
    @Param('dateString') dateString: string,
    @Param('symbol') symbol: string
  ): Promise<IDataProviderHistoricalResponse> {
-    const date = new Date(dateString);
+    const date = parseISO(dateString);

    const exchangeRate = await this.exchangeRateService.getExchangeRate({
      date,
--- a/apps/api/src/app/export/export.controller.ts
+++ b/apps/api/src/app/export/export.controller.ts
@ -1,3 +1,4 @@
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
 import { Export } from '@ghostfolio/common/interfaces';
 import type { RequestWithUser } from '@ghostfolio/common/types';
 import { Controller, Get, Inject, Query, UseGuards } from '@nestjs/common';
@ -14,12 +15,13 @@ export class ExportController {
  ) {}

  @Get()
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async export(
    @Query('activityIds') activityIds?: string[]
  ): Promise<Export> {
    return this.exportService.export({
      activityIds,
+      userCurrency: this.request.user.Settings.settings.baseCurrency,
      userId: this.request.user.id
    });
  }
--- a/apps/api/src/app/export/export.module.ts
+++ b/apps/api/src/app/export/export.module.ts
@ -1,8 +1,9 @@
+import { AccountModule } from '@ghostfolio/api/app/account/account.module';
+import { OrderModule } from '@ghostfolio/api/app/order/order.module';
 import { RedisCacheModule } from '@ghostfolio/api/app/redis-cache/redis-cache.module';
 import { ConfigurationModule } from '@ghostfolio/api/services/configuration/configuration.module';
 import { DataGatheringModule } from '@ghostfolio/api/services/data-gathering/data-gathering.module';
 import { DataProviderModule } from '@ghostfolio/api/services/data-provider/data-provider.module';
-import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
 import { Module } from '@nestjs/common';

 import { ExportController } from './export.controller';
@ -10,10 +11,11 @@ import { ExportService } from './export.service';

@Module({
  imports: [
+    AccountModule,
    ConfigurationModule,
    DataGatheringModule,
    DataProviderModule,
-    PrismaModule,
+    OrderModule,
    RedisCacheModule
  ],
  controllers: [ExportController],
--- a/apps/api/src/app/export/export.service.ts
+++ b/apps/api/src/app/export/export.service.ts
@ -1,50 +1,53 @@
+import { AccountService } from '@ghostfolio/api/app/account/account.service';
+import { OrderService } from '@ghostfolio/api/app/order/order.service';
 import { environment } from '@ghostfolio/api/environments/environment';
-import { PrismaService } from '@ghostfolio/api/services/prisma/prisma.service';
 import { Export } from '@ghostfolio/common/interfaces';
 import { Injectable } from '@nestjs/common';

@Injectable()
 export class ExportService {
-  public constructor(private readonly prismaService: PrismaService) {}
+  public constructor(
+    private readonly accountService: AccountService,
+    private readonly orderService: OrderService
+  ) {}

  public async export({
    activityIds,
+    userCurrency,
    userId
  }: {
    activityIds?: string[];
+    userCurrency: string;
    userId: string;
  }): Promise<Export> {
-    const accounts = await this.prismaService.account.findMany({
-      orderBy: {
-        name: 'asc'
-      },
-      select: {
-        accountType: true,
-        balance: true,
-        comment: true,
-        currency: true,
-        id: true,
-        isExcluded: true,
-        name: true,
-        platformId: true
-      },
-      where: { userId }
-    });
+    const accounts = (
+      await this.accountService.accounts({
+        orderBy: {
+          name: 'asc'
+        },
+        where: { userId }
+      })
+    ).map(
+      ({ balance, comment, currency, id, isExcluded, name, platformId }) => {
+        return {
+          balance,
+          comment,
+          currency,
+          id,
+          isExcluded,
+          name,
+          platformId
+        };
+      }
+    );

-    let activities = await this.prismaService.order.findMany({
-      orderBy: { date: 'desc' },
-      select: {
-        accountId: true,
-        comment: true,
-        date: true,
-        fee: true,
-        id: true,
-        quantity: true,
-        SymbolProfile: true,
-        type: true,
-        unitPrice: true
-      },
-      where: { userId }
+    let { activities } = await this.orderService.getOrders({
+      userCurrency,
+      userId,
+      includeDrafts: true,
+      sortColumn: 'date',
+      sortDirection: 'asc',
+      withExcludedAccounts: true
    });

    if (activityIds) {
@ -79,7 +82,13 @@ export class ExportService {
            currency: SymbolProfile.currency,
            dataSource: SymbolProfile.dataSource,
            date: date.toISOString(),
-            symbol: type === 'ITEM' ? SymbolProfile.name : SymbolProfile.symbol
+            symbol:
+              type === 'FEE' ||
+              type === 'INTEREST' ||
+              type === 'ITEM' ||
+              type === 'LIABILITY'
+                ? SymbolProfile.name
+                : SymbolProfile.symbol
          };
        }
      )
--- a/apps/api/src/app/frontend.middleware.ts
+++ b/apps/api/src/app/frontend.middleware.ts
@ -1,232 +0,0 @@
-import * as fs from 'fs';
-import * as path from 'path';
-
-import { environment } from '@ghostfolio/api/environments/environment';
-import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
-import { DEFAULT_LANGUAGE_CODE } from '@ghostfolio/common/config';
-import { DATE_FORMAT } from '@ghostfolio/common/helper';
-import { Injectable, NestMiddleware } from '@nestjs/common';
-import { format } from 'date-fns';
-import { NextFunction, Request, Response } from 'express';
-
-@Injectable()
-export class FrontendMiddleware implements NestMiddleware {
-  public indexHtmlDe = '';
-  public indexHtmlEn = '';
-  public indexHtmlEs = '';
-  public indexHtmlFr = '';
-  public indexHtmlIt = '';
-  public indexHtmlNl = '';
-  public indexHtmlPt = '';
-
-  private static readonly DEFAULT_DESCRIPTION =
-    'Ghostfolio is a personal finance dashboard to keep track of your assets like stocks, ETFs or cryptocurrencies across multiple platforms.';
-
-  public constructor(
-    private readonly configurationService: ConfigurationService
-  ) {
-    try {
-      this.indexHtmlDe = fs.readFileSync(
-        this.getPathOfIndexHtmlFile('de'),
-        'utf8'
-      );
-      this.indexHtmlEn = fs.readFileSync(
-        this.getPathOfIndexHtmlFile(DEFAULT_LANGUAGE_CODE),
-        'utf8'
-      );
-      this.indexHtmlEs = fs.readFileSync(
-        this.getPathOfIndexHtmlFile('es'),
-        'utf8'
-      );
-      this.indexHtmlFr = fs.readFileSync(
-        this.getPathOfIndexHtmlFile('fr'),
-        'utf8'
-      );
-      this.indexHtmlIt = fs.readFileSync(
-        this.getPathOfIndexHtmlFile('it'),
-        'utf8'
-      );
-      this.indexHtmlNl = fs.readFileSync(
-        this.getPathOfIndexHtmlFile('nl'),
-        'utf8'
-      );
-      this.indexHtmlPt = fs.readFileSync(
-        this.getPathOfIndexHtmlFile('pt'),
-        'utf8'
-      );
-    } catch {}
-  }
-
-  public use(request: Request, response: Response, next: NextFunction) {
-    const currentDate = format(new Date(), DATE_FORMAT);
-    let featureGraphicPath = 'assets/cover.png';
-    let title = 'Ghostfolio – Open Source Wealth Management Software';
-
-    if (request.path.startsWith('/en/blog/2022/08/500-stars-on-github')) {
-      featureGraphicPath = 'assets/images/blog/500-stars-on-github.jpg';
-      title = `500 Stars - ${title}`;
-    } else if (request.path.startsWith('/en/blog/2022/10/hacktoberfest-2022')) {
-      featureGraphicPath = 'assets/images/blog/hacktoberfest-2022.png';
-      title = `Hacktoberfest 2022 - ${title}`;
-    } else if (request.path.startsWith('/en/blog/2022/11/black-friday-2022')) {
-      featureGraphicPath = 'assets/images/blog/black-friday-2022.jpg';
-      title = `Black Friday 2022 - ${title}`;
-    } else if (
-      request.path.startsWith(
-        '/en/blog/2022/12/the-importance-of-tracking-your-personal-finances'
-      )
-    ) {
-      featureGraphicPath = 'assets/images/blog/20221226.jpg';
-      title = `The importance of tracking your personal finances - ${title}`;
-    } else if (
-      request.path.startsWith(
-        '/de/blog/2023/01/ghostfolio-auf-sackgeld-vorgestellt'
-      )
-    ) {
-      featureGraphicPath = 'assets/images/blog/ghostfolio-x-sackgeld.png';
-      title = `Ghostfolio auf Sackgeld.com vorgestellt - ${title}`;
-    } else if (
-      request.path.startsWith('/en/blog/2023/02/ghostfolio-meets-umbrel')
-    ) {
-      featureGraphicPath = 'assets/images/blog/ghostfolio-x-umbrel.png';
-      title = `Ghostfolio meets Umbrel - ${title}`;
-    } else if (
-      request.path.startsWith(
-        '/en/blog/2023/03/ghostfolio-reaches-1000-stars-on-github'
-      )
-    ) {
-      featureGraphicPath = 'assets/images/blog/1000-stars-on-github.jpg';
-      title = `Ghostfolio reaches 1’000 Stars on GitHub - ${title}`;
-    } else if (
-      request.path.startsWith(
-        '/en/blog/2023/05/unlock-your-financial-potential-with-ghostfolio'
-      )
-    ) {
-      featureGraphicPath = 'assets/images/blog/20230520.jpg';
-      title = `Unlock your Financial Potential with Ghostfolio - ${title}`;
-    }
-
-    if (
-      request.path.startsWith('/api/') ||
-      this.isFileRequest(request.url) ||
-      !environment.production
-    ) {
-      // Skip
-      next();
-    } else if (request.path === '/de' || request.path.startsWith('/de/')) {
-      response.send(
-        this.interpolate(this.indexHtmlDe, {
-          currentDate,
-          featureGraphicPath,
-          title,
-          description:
-            'Mit dem Finanz-Dashboard Ghostfolio können Sie Ihr Vermögen in Form von Aktien, ETFs oder Kryptowährungen verteilt über mehrere Finanzinstitute überwachen.',
-          languageCode: 'de',
-          path: request.path,
-          rootUrl: this.configurationService.get('ROOT_URL')
-        })
-      );
-    } else if (request.path === '/es' || request.path.startsWith('/es/')) {
-      response.send(
-        this.interpolate(this.indexHtmlEs, {
-          currentDate,
-          featureGraphicPath,
-          title,
-          description:
-            'Ghostfolio es un dashboard de finanzas personales para hacer un seguimiento de tus activos como acciones, ETFs o criptodivisas a través de múltiples plataformas.',
-          languageCode: 'es',
-          path: request.path,
-          rootUrl: this.configurationService.get('ROOT_URL')
-        })
-      );
-    } else if (request.path === '/fr' || request.path.startsWith('/fr/')) {
-      response.send(
-        this.interpolate(this.indexHtmlFr, {
-          currentDate,
-          featureGraphicPath,
-          title,
-          description:
-            'Ghostfolio est un dashboard de finances personnelles qui permet de suivre vos actifs comme les actions, les ETF ou les crypto-monnaies sur plusieurs plateformes.',
-          languageCode: 'fr',
-          path: request.path,
-          rootUrl: this.configurationService.get('ROOT_URL')
-        })
-      );
-    } else if (request.path === '/it' || request.path.startsWith('/it/')) {
-      response.send(
-        this.interpolate(this.indexHtmlIt, {
-          currentDate,
-          featureGraphicPath,
-          title,
-          description:
-            'Ghostfolio è un dashboard di finanza personale per tenere traccia delle vostre attività come azioni, ETF o criptovalute su più piattaforme.',
-          languageCode: 'it',
-          path: request.path,
-          rootUrl: this.configurationService.get('ROOT_URL')
-        })
-      );
-    } else if (request.path === '/nl' || request.path.startsWith('/nl/')) {
-      response.send(
-        this.interpolate(this.indexHtmlNl, {
-          currentDate,
-          featureGraphicPath,
-          title,
-          description:
-            'Ghostfolio is een persoonlijk financieel dashboard om uw activa zoals aandelen, ETF’s of cryptocurrencies over meerdere platforms bij te houden.',
-          languageCode: 'nl',
-          path: request.path,
-          rootUrl: this.configurationService.get('ROOT_URL')
-        })
-      );
-    } else if (request.path === '/pt' || request.path.startsWith('/pt/')) {
-      response.send(
-        this.interpolate(this.indexHtmlPt, {
-          currentDate,
-          featureGraphicPath,
-          title,
-          description:
-            'Ghostfolio é um dashboard de finanças pessoais para acompanhar os seus activos como acções, ETFs ou criptomoedas em múltiplas plataformas.',
-          languageCode: 'pt',
-          path: request.path,
-          rootUrl: this.configurationService.get('ROOT_URL')
-        })
-      );
-    } else {
-      response.send(
-        this.interpolate(this.indexHtmlEn, {
-          currentDate,
-          featureGraphicPath,
-          title,
-          description: FrontendMiddleware.DEFAULT_DESCRIPTION,
-          languageCode: DEFAULT_LANGUAGE_CODE,
-          path: request.path,
-          rootUrl: this.configurationService.get('ROOT_URL')
-        })
-      );
-    }
-  }
-
-  private getPathOfIndexHtmlFile(aLocale: string) {
-    return path.join(__dirname, '..', 'client', aLocale, 'index.html');
-  }
-
-  private interpolate(template: string, context: any) {
-    return template.replace(/[$]{([^}]+)}/g, (_, objectPath) => {
-      const properties = objectPath.split('.');
-      return properties.reduce(
-        (previous, current) => previous?.[current],
-        context
-      );
-    });
-  }
-
-  private isFileRequest(filename: string) {
-    if (filename === '/assets/LICENSE') {
-      return true;
-    } else if (filename.includes('auth/ey')) {
-      return false;
-    }
-
-    return filename.split('.').pop() !== filename;
-  }
-}
--- a/apps/api/src/app/health/health.controller.ts
+++ b/apps/api/src/app/health/health.controller.ts
@ -18,6 +18,19 @@ export class HealthController {
  @Get()
  public async getHealth() {}

+  @Get('data-enhancer/:name')
+  public async getHealthOfDataEnhancer(@Param('name') name: string) {
+    const hasResponse =
+      await this.healthService.hasResponseFromDataEnhancer(name);
+
+    if (hasResponse !== true) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.SERVICE_UNAVAILABLE),
+        StatusCodes.SERVICE_UNAVAILABLE
+      );
+    }
+  }
+
  @Get('data-provider/:dataSource')
  @UseInterceptors(TransformDataSourceInRequestInterceptor)
  public async getHealthOfDataProvider(
@ -30,9 +43,8 @@ export class HealthController {
      );
    }

-    const hasResponse = await this.healthService.hasResponseFromDataProvider(
-      dataSource
-    );
+    const hasResponse =
+      await this.healthService.hasResponseFromDataProvider(dataSource);

    if (hasResponse !== true) {
      throw new HttpException(
--- a/apps/api/src/app/health/health.module.ts
+++ b/apps/api/src/app/health/health.module.ts
@ -1,4 +1,5 @@
 import { ConfigurationModule } from '@ghostfolio/api/services/configuration/configuration.module';
+import { DataEnhancerModule } from '@ghostfolio/api/services/data-provider/data-enhancer/data-enhancer.module';
 import { DataProviderModule } from '@ghostfolio/api/services/data-provider/data-provider.module';
 import { Module } from '@nestjs/common';

@ -7,7 +8,7 @@ import { HealthService } from './health.service';

@Module({
  controllers: [HealthController],
-  imports: [ConfigurationModule, DataProviderModule],
+  imports: [ConfigurationModule, DataEnhancerModule, DataProviderModule],
  providers: [HealthService]
 })
 export class HealthModule {}
--- a/apps/api/src/app/health/health.service.ts
+++ b/apps/api/src/app/health/health.service.ts
@ -1,3 +1,4 @@
+import { DataEnhancerService } from '@ghostfolio/api/services/data-provider/data-enhancer/data-enhancer.service';
 import { DataProviderService } from '@ghostfolio/api/services/data-provider/data-provider.service';
 import { Injectable } from '@nestjs/common';
 import { DataSource } from '@prisma/client';
@ -5,9 +6,14 @@ import { DataSource } from '@prisma/client';
@Injectable()
 export class HealthService {
  public constructor(
+    private readonly dataEnhancerService: DataEnhancerService,
    private readonly dataProviderService: DataProviderService
  ) {}

+  public async hasResponseFromDataEnhancer(aName: string) {
+    return this.dataEnhancerService.enhance(aName);
+  }
+
  public async hasResponseFromDataProvider(aDataSource: DataSource) {
    return this.dataProviderService.checkQuote(aDataSource);
  }
--- a/apps/api/src/app/import/import.controller.ts
+++ b/apps/api/src/app/import/import.controller.ts
@ -1,3 +1,5 @@
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
 import { TransformDataSourceInRequestInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-request.interceptor';
 import { TransformDataSourceInResponseInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-response.interceptor';
 import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
@ -34,7 +36,8 @@ export class ImportController {
  ) {}

  @Post()
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  @HasPermission(permissions.createOrder)
  @UseInterceptors(TransformDataSourceInRequestInterceptor)
  @UseInterceptors(TransformDataSourceInResponseInterceptor)
  public async import(
@ -42,11 +45,7 @@ export class ImportController {
    @Query('dryRun') isDryRun?: boolean
  ): Promise<ImportResponse> {
    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.createAccount
-      ) ||
-      !hasPermission(this.request.user.permissions, permissions.createOrder)
+      !hasPermission(this.request.user.permissions, permissions.createAccount)
    ) {
      throw new HttpException(
        getReasonPhrase(StatusCodes.FORBIDDEN),
@ -92,7 +91,7 @@ export class ImportController {
  }

  @Get('dividends/:dataSource/:symbol')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  @UseInterceptors(TransformDataSourceInRequestInterceptor)
  @UseInterceptors(TransformDataSourceInResponseInterceptor)
  public async gatherDividends(
--- a/apps/api/src/app/import/import.service.ts
+++ b/apps/api/src/app/import/import.service.ts
@ -8,10 +8,16 @@ import {
 import { OrderService } from '@ghostfolio/api/app/order/order.service';
 import { PlatformService } from '@ghostfolio/api/app/platform/platform.service';
 import { PortfolioService } from '@ghostfolio/api/app/portfolio/portfolio.service';
+import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
+import { DataGatheringService } from '@ghostfolio/api/services/data-gathering/data-gathering.service';
 import { DataProviderService } from '@ghostfolio/api/services/data-provider/data-provider.service';
 import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
 import { SymbolProfileService } from '@ghostfolio/api/services/symbol-profile/symbol-profile.service';
-import { parseDate } from '@ghostfolio/common/helper';
+import {
+  DATE_FORMAT,
+  getAssetProfileIdentifier,
+  parseDate
+} from '@ghostfolio/common/helper';
 import { UniqueAsset } from '@ghostfolio/common/interfaces';
 import {
  AccountWithPlatform,
@ -20,13 +26,16 @@ import {
 import { Injectable } from '@nestjs/common';
 import { DataSource, Prisma, SymbolProfile } from '@prisma/client';
 import Big from 'big.js';
-import { endOfToday, isAfter, isSameDay, parseISO } from 'date-fns';
+import { endOfToday, format, isAfter, isSameSecond, parseISO } from 'date-fns';
+import { uniqBy } from 'lodash';
 import { v4 as uuidv4 } from 'uuid';

@Injectable()
 export class ImportService {
  public constructor(
    private readonly accountService: AccountService,
+    private readonly configurationService: ConfigurationService,
+    private readonly dataGatheringService: DataGatheringService,
    private readonly dataProviderService: DataProviderService,
    private readonly exchangeRateDataService: ExchangeRateDataService,
    private readonly orderService: OrderService,
@ -74,11 +83,13 @@ export class ImportService {

        const value = new Big(quantity).mul(marketPrice).toNumber();

+        const date = parseDate(dateString);
        const isDuplicate = orders.some((activity) => {
          return (
+            activity.accountId === Account?.id &&
            activity.SymbolProfile.currency === assetProfile.currency &&
            activity.SymbolProfile.dataSource === assetProfile.dataSource &&
-            isSameDay(activity.date, parseDate(dateString)) &&
+            isSameSecond(activity.date, date) &&
            activity.quantity === quantity &&
            activity.SymbolProfile.symbol === assetProfile.symbol &&
            activity.type === 'DIVIDEND' &&
@ -92,6 +103,7 @@ export class ImportService {

        return {
          Account,
+          date,
          error,
          quantity,
          value,
@ -99,7 +111,6 @@ export class ImportService {
          accountUserId: undefined,
          comment: undefined,
          createdAt: undefined,
-          date: parseDate(dateString),
          fee: 0,
          feeInBaseCurrency: 0,
          id: assetProfile.id,
@ -220,12 +231,12 @@ export class ImportService {

    const assetProfiles = await this.validateActivities({
      activitiesDto,
-      maxActivitiesToImport,
-      userId
+      maxActivitiesToImport
    });

    const activitiesExtendedWithErrors = await this.extendActivitiesWithErrors({
      activitiesDto,
+      userCurrency,
      userId
    });

@ -243,17 +254,50 @@ export class ImportService {

    const activities: Activity[] = [];

-    for (const {
-      accountId,
-      comment,
-      date,
-      error,
-      fee,
-      quantity,
-      SymbolProfile: assetProfile,
-      type,
-      unitPrice
-    } of activitiesExtendedWithErrors) {
+    for (let [
+      index,
+      {
+        accountId,
+        comment,
+        date,
+        error,
+        fee,
+        quantity,
+        SymbolProfile,
+        type,
+        unitPrice
+      }
+    ] of activitiesExtendedWithErrors.entries()) {
+      const assetProfile = assetProfiles[
+        getAssetProfileIdentifier({
+          dataSource: SymbolProfile.dataSource,
+          symbol: SymbolProfile.symbol
+        })
+      ] ?? {
+        currency: SymbolProfile.currency,
+        dataSource: SymbolProfile.dataSource,
+        symbol: SymbolProfile.symbol
+      };
+      const {
+        assetClass,
+        assetSubClass,
+        countries,
+        createdAt,
+        currency,
+        dataSource,
+        figi,
+        figiComposite,
+        figiShareClass,
+        id,
+        isin,
+        name,
+        scraperConfiguration,
+        sectors,
+        symbol,
+        symbolMapping,
+        url,
+        updatedAt
+      } = assetProfile;
      const validatedAccount = accounts.find(({ id }) => {
        return id === accountId;
      });
@ -264,6 +308,35 @@ export class ImportService {
            Account?: { id: string; name: string };
          });

+      if (SymbolProfile.currency !== assetProfile.currency) {
+        // Convert the unit price and fee to the asset currency if the imported
+        // activity is in a different currency
+        unitPrice = await this.exchangeRateDataService.toCurrencyAtDate(
+          unitPrice,
+          SymbolProfile.currency,
+          assetProfile.currency,
+          date
+        );
+
+        if (!unitPrice) {
+          throw new Error(
+            `activities.${index} historical exchange rate at ${format(
+              date,
+              DATE_FORMAT
+            )} is not available from "${SymbolProfile.currency}" to "${
+              assetProfile.currency
+            }"`
+          );
+        }
+
+        fee = await this.exchangeRateDataService.toCurrencyAtDate(
+          fee,
+          SymbolProfile.currency,
+          assetProfile.currency,
+          date
+        );
+      }
+
      if (isDryRun) {
        order = {
          comment,
@ -279,23 +352,25 @@ export class ImportService {
          id: uuidv4(),
          isDraft: isAfter(date, endOfToday()),
          SymbolProfile: {
-            assetClass: assetProfile.assetClass,
-            assetSubClass: assetProfile.assetSubClass,
-            comment: assetProfile.comment,
-            countries: assetProfile.countries,
-            createdAt: assetProfile.createdAt,
-            currency: assetProfile.currency,
-            dataSource: assetProfile.dataSource,
-            id: assetProfile.id,
-            isin: assetProfile.isin,
-            name: assetProfile.name,
-            scraperConfiguration: assetProfile.scraperConfiguration,
-            sectors: assetProfile.sectors,
-            symbol: assetProfile.currency,
-            symbolMapping: assetProfile.symbolMapping,
-            updatedAt: assetProfile.updatedAt,
-            url: assetProfile.url,
-            ...assetProfiles[assetProfile.symbol]
+            assetClass,
+            assetSubClass,
+            countries,
+            createdAt,
+            currency,
+            dataSource,
+            figi,
+            figiComposite,
+            figiShareClass,
+            id,
+            isin,
+            name,
+            scraperConfiguration,
+            sectors,
+            symbol,
+            symbolMapping,
+            updatedAt,
+            url,
+            comment: assetProfile.comment
          },
          Account: validatedAccount,
          symbolProfileId: undefined,
@ -318,14 +393,14 @@ export class ImportService {
          SymbolProfile: {
            connectOrCreate: {
              create: {
-                currency: assetProfile.currency,
-                dataSource: assetProfile.dataSource,
-                symbol: assetProfile.symbol
+                currency,
+                dataSource,
+                symbol
              },
              where: {
                dataSource_symbol: {
-                  dataSource: assetProfile.dataSource,
-                  symbol: assetProfile.symbol
+                  dataSource,
+                  symbol
                }
              }
            }
@ -337,38 +412,66 @@ export class ImportService {

      const value = new Big(quantity).mul(unitPrice).toNumber();

-      //@ts-ignore
      activities.push({
        ...order,
        error,
        value,
        feeInBaseCurrency: this.exchangeRateDataService.toCurrency(
          fee,
-          assetProfile.currency,
+          currency,
          userCurrency
        ),
+        // @ts-ignore
+        SymbolProfile: assetProfile,
        valueInBaseCurrency: this.exchangeRateDataService.toCurrency(
          value,
-          assetProfile.currency,
+          currency,
          userCurrency
        )
      });
    }

+    activities.sort((activity1, activity2) => {
+      return Number(activity1.date) - Number(activity2.date);
+    });
+
+    if (!isDryRun) {
+      // Gather symbol data in the background, if not dry run
+      const uniqueActivities = uniqBy(activities, ({ SymbolProfile }) => {
+        return getAssetProfileIdentifier({
+          dataSource: SymbolProfile.dataSource,
+          symbol: SymbolProfile.symbol
+        });
+      });
+
+      this.dataGatheringService.gatherSymbols(
+        uniqueActivities.map(({ date, SymbolProfile }) => {
+          return {
+            date,
+            dataSource: SymbolProfile.dataSource,
+            symbol: SymbolProfile.symbol
+          };
+        })
+      );
+    }
+
    return activities;
  }

  private async extendActivitiesWithErrors({
    activitiesDto,
+    userCurrency,
    userId
  }: {
    activitiesDto: Partial<CreateOrderDto>[];
+    userCurrency: string;
    userId: string;
  }): Promise<Partial<Activity>[]> {
-    const existingActivities = await this.orderService.orders({
-      include: { SymbolProfile: true },
-      orderBy: { date: 'desc' },
-      where: { userId }
+    let { activities: existingActivities } = await this.orderService.getOrders({
+      userCurrency,
+      userId,
+      includeDrafts: true,
+      withExcludedAccounts: true
    });

    return activitiesDto.map(
@ -384,12 +487,13 @@ export class ImportService {
        type,
        unitPrice
      }) => {
-        const date = parseISO(<string>(<unknown>dateString));
+        const date = parseISO(dateString);
        const isDuplicate = existingActivities.some((activity) => {
          return (
+            activity.accountId === accountId &&
            activity.SymbolProfile.currency === currency &&
            activity.SymbolProfile.dataSource === dataSource &&
-            isSameDay(activity.date, date) &&
+            isSameSecond(activity.date, date) &&
            activity.fee === fee &&
            activity.quantity === quantity &&
            activity.SymbolProfile.symbol === symbol &&
@ -420,6 +524,9 @@ export class ImportService {
            comment: null,
            countries: null,
            createdAt: undefined,
+            figi: null,
+            figiComposite: null,
+            figiShareClass: null,
            id: undefined,
            isin: null,
            name: null,
@ -446,46 +553,67 @@ export class ImportService {

  private async validateActivities({
    activitiesDto,
-    maxActivitiesToImport,
-    userId
+    maxActivitiesToImport
  }: {
    activitiesDto: Partial<CreateOrderDto>[];
    maxActivitiesToImport: number;
-    userId: string;
  }) {
    if (activitiesDto?.length > maxActivitiesToImport) {
      throw new Error(`Too many activities (${maxActivitiesToImport} at most)`);
    }

    const assetProfiles: {
-      [symbol: string]: Partial<SymbolProfile>;
+      [assetProfileIdentifier: string]: Partial<SymbolProfile>;
    } = {};

+    const uniqueActivitiesDto = uniqBy(
+      activitiesDto,
+      ({ dataSource, symbol }) => {
+        return getAssetProfileIdentifier({ dataSource, symbol });
+      }
+    );
+
    for (const [
      index,
-      { currency, dataSource, symbol }
-    ] of activitiesDto.entries()) {
-      if (dataSource !== 'MANUAL') {
-        const assetProfile = (
+      { currency, dataSource, symbol, type }
+    ] of uniqueActivitiesDto.entries()) {
+      if (!this.configurationService.get('DATA_SOURCES').includes(dataSource)) {
+        throw new Error(
+          `activities.${index}.dataSource ("${dataSource}") is not valid`
+        );
+      }
+
+      const assetProfile = {
+        currency,
+        ...(
          await this.dataProviderService.getAssetProfiles([
            { dataSource, symbol }
          ])
-        )?.[symbol];
+        )?.[symbol]
+      };

-        if (assetProfile === undefined) {
+      if (type === 'BUY' || type === 'DIVIDEND' || type === 'SELL') {
+        if (!assetProfile?.name) {
          throw new Error(
            `activities.${index}.symbol ("${symbol}") is not valid for the specified data source ("${dataSource}")`
          );
        }

-        if (assetProfile.currency !== currency) {
+        if (
+          assetProfile.currency !== currency &&
+          !this.exchangeRateDataService.hasCurrencyPair(
+            currency,
+            assetProfile.currency
+          )
+        ) {
          throw new Error(
-            `activities.${index}.currency ("${currency}") does not match with "${assetProfile.currency}"`
+            `activities.${index}.currency ("${currency}") does not match with "${assetProfile.currency}" and no exchange rate is available from "${currency}" to "${assetProfile.currency}"`
          );
        }
-
-        assetProfiles[symbol] = assetProfile;
      }
+
+      assetProfiles[getAssetProfileIdentifier({ dataSource, symbol })] =
+        assetProfile;
    }

    return assetProfiles;
--- a/apps/api/src/app/info/info.module.ts
+++ b/apps/api/src/app/info/info.module.ts
@ -1,6 +1,7 @@
 import { BenchmarkModule } from '@ghostfolio/api/app/benchmark/benchmark.module';
 import { PlatformModule } from '@ghostfolio/api/app/platform/platform.module';
 import { RedisCacheModule } from '@ghostfolio/api/app/redis-cache/redis-cache.module';
+import { UserModule } from '@ghostfolio/api/app/user/user.module';
 import { ConfigurationModule } from '@ghostfolio/api/services/configuration/configuration.module';
 import { DataGatheringModule } from '@ghostfolio/api/services/data-gathering/data-gathering.module';
 import { DataProviderModule } from '@ghostfolio/api/services/data-provider/data-provider.module';
@ -28,11 +29,11 @@ import { InfoService } from './info.service';
      signOptions: { expiresIn: '30 days' }
    }),
    PlatformModule,
-    PrismaModule,
    PropertyModule,
    RedisCacheModule,
    SymbolProfileModule,
-    TagModule
+    TagModule,
+    UserModule
  ],
  providers: [InfoService]
 })
--- a/apps/api/src/app/info/info.service.ts
+++ b/apps/api/src/app/info/info.service.ts
@ -1,19 +1,19 @@
 import { BenchmarkService } from '@ghostfolio/api/app/benchmark/benchmark.service';
 import { PlatformService } from '@ghostfolio/api/app/platform/platform.service';
 import { RedisCacheService } from '@ghostfolio/api/app/redis-cache/redis-cache.service';
+import { UserService } from '@ghostfolio/api/app/user/user.service';
 import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
 import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
-import { PrismaService } from '@ghostfolio/api/services/prisma/prisma.service';
 import { PropertyService } from '@ghostfolio/api/services/property/property.service';
 import { TagService } from '@ghostfolio/api/services/tag/tag.service';
 import {
+  DEFAULT_CURRENCY,
  PROPERTY_BETTER_UPTIME_MONITOR_ID,
  PROPERTY_COUNTRIES_OF_SUBSCRIBERS,
  PROPERTY_DEMO_USER_ID,
  PROPERTY_IS_READ_ONLY_MODE,
  PROPERTY_SLACK_COMMUNITY_USERS,
  PROPERTY_STRIPE_CONFIG,
-  PROPERTY_SYSTEM_MESSAGE,
  ghostfolioFearAndGreedIndexDataSource
 } from '@ghostfolio/common/config';
 import {
@ -30,9 +30,9 @@ import { permissions } from '@ghostfolio/common/permissions';
 import { SubscriptionOffer } from '@ghostfolio/common/types';
 import { Injectable, Logger } from '@nestjs/common';
 import { JwtService } from '@nestjs/jwt';
-import * as bent from 'bent';
 import * as cheerio from 'cheerio';
 import { format, subDays } from 'date-fns';
+import got from 'got';

@Injectable()
 export class InfoService {
@ -44,23 +44,18 @@ export class InfoService {
    private readonly exchangeRateDataService: ExchangeRateDataService,
    private readonly jwtService: JwtService,
    private readonly platformService: PlatformService,
-    private readonly prismaService: PrismaService,
    private readonly propertyService: PropertyService,
    private readonly redisCacheService: RedisCacheService,
-    private readonly tagService: TagService
+    private readonly tagService: TagService,
+    private readonly userService: UserService
  ) {}

  public async get(): Promise<InfoItem> {
    const info: Partial<InfoItem> = {};
    let isReadOnlyMode: boolean;
-    const platforms = (
-      await this.platformService.getPlatforms({
-        orderBy: { name: 'asc' }
-      })
-    ).map(({ id, name }) => {
-      return { id, name };
+    const platforms = await this.platformService.getPlatforms({
+      orderBy: { name: 'asc' }
    });
-    let systemMessage: string;

    const globalPermissions: string[] = [];

@ -106,10 +101,6 @@ export class InfoService {

    if (this.configurationService.get('ENABLE_FEATURE_SYSTEM_MESSAGE')) {
      globalPermissions.push(permissions.enableSystemMessage);
-
-      systemMessage = (await this.propertyService.getByKey(
-        PROPERTY_SYSTEM_MESSAGE
-      )) as string;
    }

    const isUserSignupEnabled =
@ -137,20 +128,14 @@ export class InfoService {
      platforms,
      statistics,
      subscriptions,
-      systemMessage,
      tags,
-      baseCurrency: this.configurationService.get('BASE_CURRENCY'),
+      baseCurrency: DEFAULT_CURRENCY,
      currencies: this.exchangeRateDataService.getCurrencies()
    };
  }

  private async countActiveUsers(aDays: number) {
-    return await this.prismaService.user.count({
-      orderBy: {
-        Analytics: {
-          updatedAt: 'desc'
-        }
-      },
+    return this.userService.count({
      where: {
        AND: [
          {
@ -172,20 +157,24 @@ export class InfoService {

  private async countDockerHubPulls(): Promise<number> {
    try {
-      const get = bent(
-        `https://hub.docker.com/v2/repositories/ghostfolio/ghostfolio`,
-        'GET',
-        'json',
-        200,
-        {
-          'User-Agent': 'request'
-        }
-      );
+      const abortController = new AbortController();
+
+      setTimeout(() => {
+        abortController.abort();
+      }, this.configurationService.get('REQUEST_TIMEOUT'));
+
+      const { pull_count } = await got(
+        `https://hub.docker.com/v2/repositories/ghostfolio/ghostfolio`,
+        {
+          headers: { 'User-Agent': 'request' },
+          // @ts-ignore
+          signal: abortController.signal
+        }
+      ).json<any>();

-      const { pull_count } = await get();
      return pull_count;
    } catch (error) {
-      Logger.error(error, 'InfoService');
+      Logger.error(error, 'InfoService - DockerHub');

      return undefined;
    }
@ -193,24 +182,26 @@ export class InfoService {

  private async countGitHubContributors(): Promise<number> {
    try {
-      const get = bent(
-        'https://github.com/ghostfolio/ghostfolio',
-        'GET',
-        'string',
-        200,
-        {}
-      );
+      const abortController = new AbortController();

-      const html = await get();
-      const $ = cheerio.load(html);
+      setTimeout(() => {
+        abortController.abort();
+      }, this.configurationService.get('REQUEST_TIMEOUT'));

-      return extractNumberFromString(
-        $(
+      const { body } = await got('https://github.com/ghostfolio/ghostfolio', {
+        // @ts-ignore
+        signal: abortController.signal
+      });
+
+      const $ = cheerio.load(body);
+
+      return extractNumberFromString({
+        value: $(
          `a[href="/ghostfolio/ghostfolio/graphs/contributors"] .Counter`
        ).text()
-      );
+      });
    } catch (error) {
-      Logger.error(error, 'InfoService');
+      Logger.error(error, 'InfoService - GitHub');

      return undefined;
    }
@ -218,30 +209,31 @@ export class InfoService {

  private async countGitHubStargazers(): Promise<number> {
    try {
-      const get = bent(
-        `https://api.github.com/repos/ghostfolio/ghostfolio`,
-        'GET',
-        'json',
-        200,
-        {
-          'User-Agent': 'request'
-        }
-      );
+      const abortController = new AbortController();
+
+      setTimeout(() => {
+        abortController.abort();
+      }, this.configurationService.get('REQUEST_TIMEOUT'));
+
+      const { stargazers_count } = await got(
+        `https://api.github.com/repos/ghostfolio/ghostfolio`,
+        {
+          headers: { 'User-Agent': 'request' },
+          // @ts-ignore
+          signal: abortController.signal
+        }
+      ).json<any>();

-      const { stargazers_count } = await get();
      return stargazers_count;
    } catch (error) {
-      Logger.error(error, 'InfoService');
+      Logger.error(error, 'InfoService - GitHub');

      return undefined;
    }
  }

  private async countNewUsers(aDays: number) {
-    return await this.prismaService.user.count({
-      orderBy: {
-        createdAt: 'desc'
-      },
+    return this.userService.count({
      where: {
        AND: [
          {
@ -332,11 +324,10 @@ export class InfoService {
      return undefined;
    }

-    const stripeConfig = (await this.prismaService.property.findUnique({
-      where: { key: PROPERTY_STRIPE_CONFIG }
-    })) ?? { value: '{}' };
-
-    return JSON.parse(stripeConfig.value);
+    return (
+      ((await this.propertyService.getByKey(PROPERTY_STRIPE_CONFIG)) as any) ??
+      {}
+    );
  }

  private async getUptime(): Promise<number> {
@ -346,25 +337,31 @@ export class InfoService {
          PROPERTY_BETTER_UPTIME_MONITOR_ID
        )) as string;

-        const get = bent(
-          `https://betteruptime.com/api/v2/monitors/${monitorId}/sla?from=${format(
+        const abortController = new AbortController();
+
+        setTimeout(() => {
+          abortController.abort();
+        }, this.configurationService.get('REQUEST_TIMEOUT'));
+
+        const { data } = await got(
+          `https://uptime.betterstack.com/api/v2/monitors/${monitorId}/sla?from=${format(
            subDays(new Date(), 90),
            DATE_FORMAT
          )}&to${format(new Date(), DATE_FORMAT)}`,
-          'GET',
-          'json',
-          200,
          {
-            Authorization: `Bearer ${this.configurationService.get(
-              'BETTER_UPTIME_API_KEY'
-            )}`
+            headers: {
+              Authorization: `Bearer ${this.configurationService.get(
+                'BETTER_UPTIME_API_KEY'
+              )}`
+            },
+            // @ts-ignore
+            signal: abortController.signal
          }
-        );
+        ).json<any>();

-        const { data } = await get();
        return data.attributes.availability / 100;
      } catch (error) {
-        Logger.error(error, 'InfoService');
+        Logger.error(error, 'InfoService - Better Stack');

        return undefined;
      }
--- a/apps/api/src/app/logo/logo.service.ts
+++ b/apps/api/src/app/logo/logo.service.ts
@ -1,13 +1,15 @@
+import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
 import { SymbolProfileService } from '@ghostfolio/api/services/symbol-profile/symbol-profile.service';
 import { UniqueAsset } from '@ghostfolio/common/interfaces';
 import { HttpException, Injectable } from '@nestjs/common';
 import { DataSource } from '@prisma/client';
-import * as bent from 'bent';
+import got from 'got';
 import { StatusCodes, getReasonPhrase } from 'http-status-codes';

@Injectable()
 export class LogoService {
  public constructor(
+    private readonly configurationService: ConfigurationService,
    private readonly symbolProfileService: SymbolProfileService
  ) {}

@ -41,15 +43,19 @@ export class LogoService {
  }

  private getBuffer(aUrl: string) {
-    const get = bent(
+    const abortController = new AbortController();
+
+    setTimeout(() => {
+      abortController.abort();
+    }, this.configurationService.get('REQUEST_TIMEOUT'));
+
+    return got(
      `https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=${aUrl}&size=64`,
-      'GET',
-      'buffer',
-      200,
      {
-        'User-Agent': 'request'
+        headers: { 'User-Agent': 'request' },
+        // @ts-ignore
+        signal: abortController.signal
      }
-    );
-    return get();
+    ).buffer();
  }
 }
--- a/apps/api/src/app/order/create-order.dto.ts
+++ b/apps/api/src/app/order/create-order.dto.ts
@ -13,7 +13,8 @@ import {
  IsISO8601,
  IsNumber,
  IsOptional,
-  IsString
+  IsString,
+  Min
 } from 'class-validator';
 import { isString } from 'lodash';

@ -48,9 +49,11 @@ export class CreateOrderDto {
  date: string;

  @IsNumber()
+  @Min(0)
  fee: number;

  @IsNumber()
+  @Min(0)
  quantity: number;

  @IsString()
@ -64,6 +67,7 @@ export class CreateOrderDto {
  type: Type;

  @IsNumber()
+  @Min(0)
  unitPrice: number;

  @IsBoolean()
--- a/apps/api/src/app/order/interfaces/activities.interface.ts
+++ b/apps/api/src/app/order/interfaces/activities.interface.ts
@ -2,6 +2,7 @@ import { OrderWithAccount } from '@ghostfolio/common/types';

 export interface Activities {
  activities: Activity[];
+  count: number;
 }

 export interface Activity extends OrderWithAccount {
--- a/apps/api/src/app/order/order.controller.ts
+++ b/apps/api/src/app/order/order.controller.ts
@ -1,7 +1,10 @@
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
 import { RedactValuesInResponseInterceptor } from '@ghostfolio/api/interceptors/redact-values-in-response.interceptor';
 import { TransformDataSourceInRequestInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-request.interceptor';
 import { TransformDataSourceInResponseInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-response.interceptor';
 import { ApiService } from '@ghostfolio/api/services/api/api.service';
+import { DataGatheringService } from '@ghostfolio/api/services/data-gathering/data-gathering.service';
 import { ImpersonationService } from '@ghostfolio/api/services/impersonation/impersonation.service';
 import { HEADER_KEY_IMPERSONATION } from '@ghostfolio/common/config';
 import { hasPermission, permissions } from '@ghostfolio/common/permissions';
@ -23,7 +26,7 @@ import {
 } from '@nestjs/common';
 import { REQUEST } from '@nestjs/core';
 import { AuthGuard } from '@nestjs/passport';
-import { Order as OrderModel } from '@prisma/client';
+import { Order as OrderModel, Prisma } from '@prisma/client';
 import { parseISO } from 'date-fns';
 import { StatusCodes, getReasonPhrase } from 'http-status-codes';

@ -36,30 +39,23 @@ import { UpdateOrderDto } from './update-order.dto';
 export class OrderController {
  public constructor(
    private readonly apiService: ApiService,
+    private readonly dataGatheringService: DataGatheringService,
    private readonly impersonationService: ImpersonationService,
    private readonly orderService: OrderService,
    @Inject(REQUEST) private readonly request: RequestWithUser
  ) {}

  @Delete()
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.deleteOrder)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async deleteOrders(): Promise<number> {
-    if (
-      !hasPermission(this.request.user.permissions, permissions.deleteOrder)
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    return this.orderService.deleteOrders({
      userId: this.request.user.id
    });
  }

  @Delete(':id')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async deleteOrder(@Param('id') id: string): Promise<OrderModel> {
    const order = await this.orderService.order({ id });

@ -80,14 +76,18 @@ export class OrderController {
  }

  @Get()
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  @UseInterceptors(RedactValuesInResponseInterceptor)
  @UseInterceptors(TransformDataSourceInResponseInterceptor)
  public async getAllOrders(
    @Headers(HEADER_KEY_IMPERSONATION.toLowerCase()) impersonationId,
    @Query('accounts') filterByAccounts?: string,
    @Query('assetClasses') filterByAssetClasses?: string,
-    @Query('tags') filterByTags?: string
+    @Query('skip') skip?: number,
+    @Query('sortColumn') sortColumn?: string,
+    @Query('sortDirection') sortDirection?: Prisma.SortOrder,
+    @Query('tags') filterByTags?: string,
+    @Query('take') take?: number
  ): Promise<Activities> {
    const filters = this.apiService.buildFiltersFromQueryParams({
      filterByAccounts,
@ -99,31 +99,27 @@ export class OrderController {
      await this.impersonationService.validateImpersonationId(impersonationId);
    const userCurrency = this.request.user.Settings.settings.baseCurrency;

-    const activities = await this.orderService.getOrders({
+    const { activities, count } = await this.orderService.getOrders({
      filters,
+      sortColumn,
+      sortDirection,
      userCurrency,
      includeDrafts: true,
+      skip: isNaN(skip) ? undefined : skip,
+      take: isNaN(take) ? undefined : take,
      userId: impersonationUserId || this.request.user.id,
      withExcludedAccounts: true
    });

-    return { activities };
+    return { activities, count };
  }

+  @HasPermission(permissions.createOrder)
  @Post()
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  @UseInterceptors(TransformDataSourceInRequestInterceptor)
  public async createOrder(@Body() data: CreateOrderDto): Promise<OrderModel> {
-    if (
-      !hasPermission(this.request.user.permissions, permissions.createOrder)
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
-    return this.orderService.createOrder({
+    const order = await this.orderService.createOrder({
      ...data,
      date: parseISO(data.date),
      SymbolProfile: {
@ -144,21 +140,32 @@ export class OrderController {
      User: { connect: { id: this.request.user.id } },
      userId: this.request.user.id
    });
+
+    if (data.dataSource && !order.isDraft) {
+      // Gather symbol data in the background, if data source is set
+      // (not MANUAL) and not draft
+      this.dataGatheringService.gatherSymbols([
+        {
+          dataSource: data.dataSource,
+          date: order.date,
+          symbol: data.symbol
+        }
+      ]);
+    }
+
+    return order;
  }

+  @HasPermission(permissions.updateOrder)
  @Put(':id')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  @UseInterceptors(TransformDataSourceInRequestInterceptor)
  public async update(@Param('id') id: string, @Body() data: UpdateOrderDto) {
    const originalOrder = await this.orderService.order({
      id
    });

-    if (
-      !hasPermission(this.request.user.permissions, permissions.updateOrder) ||
-      !originalOrder ||
-      originalOrder.userId !== this.request.user.id
-    ) {
+    if (!originalOrder || originalOrder.userId !== this.request.user.id) {
      throw new HttpException(
        getReasonPhrase(StatusCodes.FORBIDDEN),
        StatusCodes.FORBIDDEN
--- a/apps/api/src/app/order/order.module.ts
+++ b/apps/api/src/app/order/order.module.ts
@ -1,3 +1,4 @@
+import { AccountBalanceService } from '@ghostfolio/api/app/account-balance/account-balance.service';
 import { AccountService } from '@ghostfolio/api/app/account/account.service';
 import { CacheModule } from '@ghostfolio/api/app/cache/cache.module';
 import { RedisCacheModule } from '@ghostfolio/api/app/redis-cache/redis-cache.module';
@ -31,6 +32,6 @@ import { OrderService } from './order.service';
    SymbolProfileModule,
    UserModule
  ],
-  providers: [AccountService, OrderService]
+  providers: [AccountBalanceService, AccountService, OrderService]
 })
 export class OrderModule {}
--- a/apps/api/src/app/order/order.service.ts
+++ b/apps/api/src/app/order/order.service.ts
@ -7,6 +7,7 @@ import {
  GATHER_ASSET_PROFILE_PROCESS,
  GATHER_ASSET_PROFILE_PROCESS_OPTIONS
 } from '@ghostfolio/common/config';
+import { getAssetProfileIdentifier } from '@ghostfolio/common/helper';
 import { Filter } from '@ghostfolio/common/interfaces';
 import { OrderWithAccount } from '@ghostfolio/common/types';
 import { Injectable } from '@nestjs/common';
@ -24,7 +25,7 @@ import { endOfToday, isAfter } from 'date-fns';
 import { groupBy } from 'lodash';
 import { v4 as uuidv4 } from 'uuid';

-import { Activity } from './interfaces/activities.interface';
+import { Activities } from './interfaces/activities.interface';

@Injectable()
 export class OrderService {
@ -36,34 +37,6 @@ export class OrderService {
    private readonly symbolProfileService: SymbolProfileService
  ) {}

-  public async order(
-    orderWhereUniqueInput: Prisma.OrderWhereUniqueInput
-  ): Promise<Order | null> {
-    return this.prismaService.order.findUnique({
-      where: orderWhereUniqueInput
-    });
-  }
-
-  public async orders(params: {
-    include?: Prisma.OrderInclude;
-    skip?: number;
-    take?: number;
-    cursor?: Prisma.OrderWhereUniqueInput;
-    where?: Prisma.OrderWhereInput;
-    orderBy?: Prisma.OrderOrderByWithRelationInput;
-  }): Promise<OrderWithAccount[]> {
-    const { include, skip, take, cursor, where, orderBy } = params;
-
-    return this.prismaService.order.findMany({
-      cursor,
-      include,
-      orderBy,
-      skip,
-      take,
-      where
-    });
-  }
-
  public async createOrder(
    data: Prisma.OrderCreateInput & {
      accountId?: string;
@ -96,7 +69,12 @@ export class OrderService {
    const updateAccountBalance = data.updateAccountBalance ?? false;
    const userId = data.userId;

-    if (data.type === 'ITEM' || data.type === 'LIABILITY') {
+    if (
+      data.type === 'FEE' ||
+      data.type === 'INTEREST' ||
+      data.type === 'ITEM' ||
+      data.type === 'LIABILITY'
+    ) {
      const assetClass = data.assetClass;
      const assetSubClass = data.assetSubClass;
      currency = data.SymbolProfile.connectOrCreate.create.currency;
@ -117,32 +95,21 @@ export class OrderService {
      };
    }

-    await this.dataGatheringService.addJobToQueue({
-      data: {
-        dataSource: data.SymbolProfile.connectOrCreate.create.dataSource,
-        symbol: data.SymbolProfile.connectOrCreate.create.symbol
-      },
-      name: GATHER_ASSET_PROFILE_PROCESS,
-      opts: {
-        ...GATHER_ASSET_PROFILE_PROCESS_OPTIONS,
-        jobId: `${data.SymbolProfile.connectOrCreate.create.dataSource}-${data.SymbolProfile.connectOrCreate.create.symbol}`
-      }
-    });
-
-    const isDraft =
-      data.type === 'LIABILITY'
-        ? false
-        : isAfter(data.date as Date, endOfToday());
-
-    if (!isDraft) {
-      // Gather symbol data of order in the background, if not draft
-      this.dataGatheringService.gatherSymbols([
-        {
+    if (data.SymbolProfile.connectOrCreate.create.dataSource !== 'MANUAL') {
+      this.dataGatheringService.addJobToQueue({
+        data: {
          dataSource: data.SymbolProfile.connectOrCreate.create.dataSource,
-          date: <Date>data.date,
          symbol: data.SymbolProfile.connectOrCreate.create.symbol
+        },
+        name: GATHER_ASSET_PROFILE_PROCESS,
+        opts: {
+          ...GATHER_ASSET_PROFILE_PROCESS_OPTIONS,
+          jobId: getAssetProfileIdentifier({
+            dataSource: data.SymbolProfile.connectOrCreate.create.dataSource,
+            symbol: data.SymbolProfile.connectOrCreate.create.symbol
+          })
        }
-      ]);
+      });
    }

    delete data.accountId;
@ -162,6 +129,14 @@ export class OrderService {

    const orderData: Prisma.OrderCreateInput = data;

+    const isDraft =
+      data.type === 'FEE' ||
+      data.type === 'INTEREST' ||
+      data.type === 'ITEM' ||
+      data.type === 'LIABILITY'
+        ? false
+        : isAfter(data.date as Date, endOfToday());
+
    const order = await this.prismaService.order.create({
      data: {
        ...orderData,
@ -204,7 +179,12 @@ export class OrderService {
      where
    });

-    if (order.type === 'ITEM' || order.type === 'LIABILITY') {
+    if (
+      order.type === 'FEE' ||
+      order.type === 'INTEREST' ||
+      order.type === 'ITEM' ||
+      order.type === 'LIABILITY'
+    ) {
      await this.symbolProfileService.deleteById(order.symbolProfileId);
    }

@ -222,6 +202,10 @@ export class OrderService {
  public async getOrders({
    filters,
    includeDrafts = false,
+    skip,
+    sortColumn,
+    sortDirection,
+    take = Number.MAX_SAFE_INTEGER,
    types,
    userCurrency,
    userId,
@ -229,11 +213,18 @@ export class OrderService {
  }: {
    filters?: Filter[];
    includeDrafts?: boolean;
+    skip?: number;
+    sortColumn?: string;
+    sortDirection?: Prisma.SortOrder;
+    take?: number;
    types?: TypeOfOrder[];
    userCurrency: string;
    userId: string;
    withExcludedAccounts?: boolean;
-  }): Promise<Activity[]> {
+  }): Promise<Activities> {
+    let orderBy: Prisma.Enumerable<Prisma.OrderOrderByWithRelationInput> = [
+      { date: 'asc' }
+    ];
    const where: Prisma.OrderWhereInput = { userId };

    const {
@ -295,6 +286,10 @@ export class OrderService {
      };
    }

+    if (sortColumn) {
+      orderBy = [{ [sortColumn]: sortDirection }];
+    }
+
    if (types) {
      where.OR = types.map((type) => {
        return {
@ -305,8 +300,11 @@ export class OrderService {
      });
    }

-    return (
-      await this.orders({
+    const [orders, count] = await Promise.all([
+      this.orders({
+        orderBy,
+        skip,
+        take,
        where,
        include: {
          // eslint-disable-next-line @typescript-eslint/naming-convention
@ -318,10 +316,12 @@ export class OrderService {
          // eslint-disable-next-line @typescript-eslint/naming-convention
          SymbolProfile: true,
          tags: true
-        },
-        orderBy: { date: 'asc' }
-      })
-    )
+        }
+      }),
+      this.prismaService.order.count({ where })
+    ]);
+
+    const activities = orders
      .filter((order) => {
        return (
          withExcludedAccounts ||
@ -347,6 +347,16 @@ export class OrderService {
          )
        };
      });
+
+    return { activities, count };
+  }
+
+  public async order(
+    orderWhereUniqueInput: Prisma.OrderWhereUniqueInput
+  ): Promise<Order | null> {
+    return this.prismaService.order.findUnique({
+      where: orderWhereUniqueInput
+    });
  }

  public async updateOrder({
@ -375,7 +385,12 @@ export class OrderService {

    let isDraft = false;

-    if (data.type === 'ITEM' || data.type === 'LIABILITY') {
+    if (
+      data.type === 'FEE' ||
+      data.type === 'INTEREST' ||
+      data.type === 'ITEM' ||
+      data.type === 'LIABILITY'
+    ) {
      delete data.SymbolProfile.connect;
    } else {
      delete data.SymbolProfile.update;
@ -420,4 +435,24 @@ export class OrderService {
      where
    });
  }
+
+  private async orders(params: {
+    include?: Prisma.OrderInclude;
+    skip?: number;
+    take?: number;
+    cursor?: Prisma.OrderWhereUniqueInput;
+    where?: Prisma.OrderWhereInput;
+    orderBy?: Prisma.Enumerable<Prisma.OrderOrderByWithRelationInput>;
+  }): Promise<OrderWithAccount[]> {
+    const { include, skip, take, cursor, where, orderBy } = params;
+
+    return this.prismaService.order.findMany({
+      cursor,
+      include,
+      orderBy,
+      skip,
+      take,
+      where
+    });
+  }
 }
--- a/apps/api/src/app/order/update-order.dto.ts
+++ b/apps/api/src/app/order/update-order.dto.ts
@ -8,12 +8,12 @@ import {
 import { Transform, TransformFnParams } from 'class-transformer';
 import {
  IsArray,
-  IsBoolean,
  IsEnum,
  IsISO8601,
  IsNumber,
  IsOptional,
-  IsString
+  IsString,
+  Min
 } from 'class-validator';
 import { isString } from 'lodash';

@ -47,12 +47,14 @@ export class UpdateOrderDto {
  date: string;

  @IsNumber()
+  @Min(0)
  fee: number;

  @IsString()
  id: string;

  @IsNumber()
+  @Min(0)
  quantity: number;

  @IsString()
@ -66,5 +68,6 @@ export class UpdateOrderDto {
  type: Type;

  @IsNumber()
+  @Min(0)
  unitPrice: number;
 }
--- a/apps/api/src/app/platform/platform.controller.ts
+++ b/apps/api/src/app/platform/platform.controller.ts
@ -1,18 +1,17 @@
-import { hasPermission, permissions } from '@ghostfolio/common/permissions';
-import type { RequestWithUser } from '@ghostfolio/common/types';
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import { permissions } from '@ghostfolio/common/permissions';
 import {
  Body,
  Controller,
  Delete,
  Get,
  HttpException,
-  Inject,
  Param,
  Post,
  Put,
  UseGuards
 } from '@nestjs/common';
-import { REQUEST } from '@nestjs/core';
 import { AuthGuard } from '@nestjs/passport';
 import { Platform } from '@prisma/client';
 import { StatusCodes, getReasonPhrase } from 'http-status-codes';
@ -23,48 +22,30 @@ import { UpdatePlatformDto } from './update-platform.dto';

@Controller('platform')
 export class PlatformController {
-  public constructor(
-    private readonly platformService: PlatformService,
-    @Inject(REQUEST) private readonly request: RequestWithUser
-  ) {}
+  public constructor(private readonly platformService: PlatformService) {}

  @Get()
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async getPlatforms() {
    return this.platformService.getPlatformsWithAccountCount();
  }

+  @HasPermission(permissions.createPlatform)
  @Post()
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async createPlatform(
    @Body() data: CreatePlatformDto
  ): Promise<Platform> {
-    if (
-      !hasPermission(this.request.user.permissions, permissions.createPlatform)
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
    return this.platformService.createPlatform(data);
  }

+  @HasPermission(permissions.updatePlatform)
  @Put(':id')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async updatePlatform(
    @Param('id') id: string,
    @Body() data: UpdatePlatformDto
  ) {
-    if (
-      !hasPermission(this.request.user.permissions, permissions.updatePlatform)
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    const originalPlatform = await this.platformService.getPlatform({
      id
    });
@ -87,17 +68,9 @@ export class PlatformController {
  }

  @Delete(':id')
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.deletePlatform)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async deletePlatform(@Param('id') id: string) {
-    if (
-      !hasPermission(this.request.user.permissions, permissions.deletePlatform)
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    const originalPlatform = await this.platformService.getPlatform({
      id
    });
--- a/apps/api/src/app/platform/platform.service.ts
+++ b/apps/api/src/app/platform/platform.service.ts
@ -6,6 +6,18 @@ import { Platform, Prisma } from '@prisma/client';
 export class PlatformService {
  public constructor(private readonly prismaService: PrismaService) {}

+  public async createPlatform(data: Prisma.PlatformCreateInput) {
+    return this.prismaService.platform.create({
+      data
+    });
+  }
+
+  public async deletePlatform(
+    where: Prisma.PlatformWhereUniqueInput
+  ): Promise<Platform> {
+    return this.prismaService.platform.delete({ where });
+  }
+
  public async getPlatform(
    platformWhereUniqueInput: Prisma.PlatformWhereUniqueInput
  ): Promise<Platform> {
@ -56,12 +68,6 @@ export class PlatformService {
    });
  }

-  public async createPlatform(data: Prisma.PlatformCreateInput) {
-    return this.prismaService.platform.create({
-      data
-    });
-  }
-
  public async updatePlatform({
    data,
    where
@ -74,10 +80,4 @@ export class PlatformService {
      where
    });
  }
-
-  public async deletePlatform(
-    where: Prisma.PlatformWhereUniqueInput
-  ): Promise<Platform> {
-    return this.prismaService.platform.delete({ where });
-  }
 }
--- a/apps/api/src/app/portfolio/current-rate.service.mock.ts
+++ b/apps/api/src/app/portfolio/current-rate.service.mock.ts
@ -33,6 +33,15 @@ function mockGetValue(symbol: string, date: Date) {

      return { marketPrice: 0 };

+    case 'GOOGL':
+      if (isSameDay(parseDate('2023-01-03'), date)) {
+        return { marketPrice: 89.12 };
+      } else if (isSameDay(parseDate('2023-07-10'), date)) {
+        return { marketPrice: 116.45 };
+      }
+
+      return { marketPrice: 0 };
+
    case 'NOVN.SW':
      if (isSameDay(parseDate('2022-04-11'), date)) {
        return { marketPrice: 87.8 };
@ -61,10 +70,9 @@ export const CurrentRateServiceMock = {
        for (const dataGatheringItem of dataGatheringItems) {
          values.push({
            date,
-            marketPriceInBaseCurrency: mockGetValue(
-              dataGatheringItem.symbol,
-              date
-            ).marketPrice,
+            dataSource: dataGatheringItem.dataSource,
+            marketPrice: mockGetValue(dataGatheringItem.symbol, date)
+              .marketPrice,
            symbol: dataGatheringItem.symbol
          });
        }
@ -74,10 +82,9 @@ export const CurrentRateServiceMock = {
        for (const dataGatheringItem of dataGatheringItems) {
          values.push({
            date,
-            marketPriceInBaseCurrency: mockGetValue(
-              dataGatheringItem.symbol,
-              date
-            ).marketPrice,
+            dataSource: dataGatheringItem.dataSource,
+            marketPrice: mockGetValue(dataGatheringItem.symbol, date)
+              .marketPrice,
            symbol: dataGatheringItem.symbol
          });
        }
--- a/apps/api/src/app/portfolio/current-rate.service.spec.ts
+++ b/apps/api/src/app/portfolio/current-rate.service.spec.ts
@ -1,7 +1,7 @@
 import { DataProviderService } from '@ghostfolio/api/services/data-provider/data-provider.service';
-import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
 import { MarketDataService } from '@ghostfolio/api/services/market-data/market-data.service';
 import { PropertyService } from '@ghostfolio/api/services/property/property.service';
+import { UniqueAsset } from '@ghostfolio/common/interfaces';
 import { DataSource, MarketData } from '@prisma/client';

 import { CurrentRateService } from './current-rate.service';
@ -25,30 +25,30 @@ jest.mock('@ghostfolio/api/services/market-data/market-data.service', () => {
        getRange: ({
          dateRangeEnd,
          dateRangeStart,
-          symbols
+          uniqueAssets
        }: {
          dateRangeEnd: Date;
          dateRangeStart: Date;
-          symbols: string[];
+          uniqueAssets: UniqueAsset[];
        }) => {
          return Promise.resolve<MarketData[]>([
            {
              createdAt: dateRangeStart,
-              dataSource: DataSource.YAHOO,
+              dataSource: uniqueAssets[0].dataSource,
              date: dateRangeStart,
              id: '8fa48fde-f397-4b0d-adbc-fb940e830e6d',
              marketPrice: 1841.823902,
              state: 'CLOSE',
-              symbol: symbols[0]
+              symbol: uniqueAssets[0].symbol
            },
            {
              createdAt: dateRangeEnd,
-              dataSource: DataSource.YAHOO,
+              dataSource: uniqueAssets[0].dataSource,
              date: dateRangeEnd,
              id: '082d6893-df27-4c91-8a5d-092e84315b56',
              marketPrice: 1847.839966,
              state: 'CLOSE',
-              symbol: symbols[0]
+              symbol: uniqueAssets[0].symbol
            }
          ]);
        }
@ -66,7 +66,8 @@ jest.mock(
          initialize: () => Promise.resolve(),
          toCurrency: (value: number) => {
            return 1 * value;
-          }
+          },
+          getExchangeRates: () => Promise.resolve()
        };
      })
    };
@ -86,7 +87,6 @@ jest.mock('@ghostfolio/api/services/property/property.service', () => {
 describe('CurrentRateService', () => {
  let currentRateService: CurrentRateService;
  let dataProviderService: DataProviderService;
-  let exchangeRateDataService: ExchangeRateDataService;
  let marketDataService: MarketDataService;
  let propertyService: PropertyService;

@ -98,22 +98,14 @@ describe('CurrentRateService', () => {
      [],
      null,
      null,
-      propertyService
-    );
-    exchangeRateDataService = new ExchangeRateDataService(
-      null,
-      null,
-      null,
-      null,
+      propertyService,
      null
    );
-    marketDataService = new MarketDataService(null);

-    await exchangeRateDataService.initialize();
+    marketDataService = new MarketDataService(null);

    currentRateService = new CurrentRateService(
      dataProviderService,
-      exchangeRateDataService,
      marketDataService
    );
  });
@ -121,21 +113,20 @@ describe('CurrentRateService', () => {
  it('getValues', async () => {
    expect(
      await currentRateService.getValues({
-        currencies: { AMZN: 'USD' },
        dataGatheringItems: [{ dataSource: DataSource.YAHOO, symbol: 'AMZN' }],
        dateQuery: {
          lt: new Date(Date.UTC(2020, 0, 2, 0, 0, 0)),
          gte: new Date(Date.UTC(2020, 0, 1, 0, 0, 0))
-        },
-        userCurrency: 'CHF'
+        }
      })
    ).toMatchObject<GetValuesObject>({
      dataProviderInfos: [],
      errors: [],
      values: [
        {
+          dataSource: 'YAHOO',
          date: undefined,
-          marketPriceInBaseCurrency: 1841.823902,
+          marketPrice: 1841.823902,
          symbol: 'AMZN'
        }
      ]
--- a/apps/api/src/app/portfolio/current-rate.service.ts
+++ b/apps/api/src/app/portfolio/current-rate.service.ts
@ -1,8 +1,11 @@
 import { DataProviderService } from '@ghostfolio/api/services/data-provider/data-provider.service';
-import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
 import { MarketDataService } from '@ghostfolio/api/services/market-data/market-data.service';
 import { resetHours } from '@ghostfolio/common/helper';
-import { DataProviderInfo, ResponseError } from '@ghostfolio/common/interfaces';
+import {
+  DataProviderInfo,
+  ResponseError,
+  UniqueAsset
+} from '@ghostfolio/common/interfaces';
 import { Injectable } from '@nestjs/common';
 import { isBefore, isToday } from 'date-fns';
 import { flatten, isEmpty, uniqBy } from 'lodash';
@ -15,17 +18,15 @@ import { GetValuesParams } from './interfaces/get-values-params.interface';
 export class CurrentRateService {
  public constructor(
    private readonly dataProviderService: DataProviderService,
-    private readonly exchangeRateDataService: ExchangeRateDataService,
    private readonly marketDataService: MarketDataService
  ) {}

  public async getValues({
-    currencies,
    dataGatheringItems,
-    dateQuery,
-    userCurrency
+    dateQuery
  }: GetValuesParams): Promise<GetValuesObject> {
    const dataProviderInfos: DataProviderInfo[] = [];
+
    const includeToday =
      (!dateQuery.lt || isBefore(new Date(), dateQuery.lt)) &&
      (!dateQuery.gte || isBefore(dateQuery.gte, new Date())) &&
@ -38,9 +39,10 @@ export class CurrentRateService {
    if (includeToday) {
      promises.push(
        this.dataProviderService
-          .getQuotes(dataGatheringItems)
+          .getQuotes({ items: dataGatheringItems })
          .then((dataResultProvider) => {
            const result: GetValueObject[] = [];
+
            for (const dataGatheringItem of dataGatheringItems) {
              if (
                dataResultProvider?.[dataGatheringItem.symbol]?.dataProviderInfo
@ -52,14 +54,10 @@ export class CurrentRateService {

              if (dataResultProvider?.[dataGatheringItem.symbol]?.marketPrice) {
                result.push({
+                  dataSource: dataGatheringItem.dataSource,
                  date: today,
-                  marketPriceInBaseCurrency:
-                    this.exchangeRateDataService.toCurrency(
-                      dataResultProvider?.[dataGatheringItem.symbol]
-                        ?.marketPrice,
-                      dataResultProvider?.[dataGatheringItem.symbol]?.currency,
-                      userCurrency
-                    ),
+                  marketPrice:
+                    dataResultProvider?.[dataGatheringItem.symbol]?.marketPrice,
                  symbol: dataGatheringItem.symbol
                });
              } else {
@ -75,27 +73,25 @@ export class CurrentRateService {
      );
    }

-    const symbols = dataGatheringItems.map((dataGatheringItem) => {
-      return dataGatheringItem.symbol;
-    });
+    const uniqueAssets: UniqueAsset[] = dataGatheringItems.map(
+      ({ dataSource, symbol }) => {
+        return { dataSource, symbol };
+      }
+    );

    promises.push(
      this.marketDataService
        .getRange({
          dateQuery,
-          symbols
+          uniqueAssets
        })
        .then((data) => {
-          return data.map((marketDataItem) => {
+          return data.map(({ dataSource, date, marketPrice, symbol }) => {
            return {
-              date: marketDataItem.date,
-              marketPriceInBaseCurrency:
-                this.exchangeRateDataService.toCurrency(
-                  marketDataItem.marketPrice,
-                  currencies[marketDataItem.symbol],
-                  userCurrency
-                ),
-              symbol: marketDataItem.symbol
+              dataSource,
+              date,
+              marketPrice,
+              symbol
            };
          });
        })
@ -112,7 +108,7 @@ export class CurrentRateService {
    };

    if (!isEmpty(quoteErrors)) {
-      for (const { symbol } of quoteErrors) {
+      for (const { dataSource, symbol } of quoteErrors) {
        try {
          // If missing quote, fallback to the latest available historical market price
          let value: GetValueObject = response.values.find((currentValue) => {
@ -121,9 +117,10 @@ export class CurrentRateService {

          if (!value) {
            value = {
+              dataSource,
              symbol,
              date: today,
-              marketPriceInBaseCurrency: 0
+              marketPrice: 0
            };

            response.values.push(value);
@ -131,10 +128,7 @@ export class CurrentRateService {

          const [latestValue] = response.values
            .filter((currentValue) => {
-              return (
-                currentValue.symbol === symbol &&
-                currentValue.marketPriceInBaseCurrency
-              );
+              return currentValue.symbol === symbol && currentValue.marketPrice;
            })
            .sort((a, b) => {
              if (a.date < b.date) {
@ -148,8 +142,7 @@ export class CurrentRateService {
              return 0;
            });

-          value.marketPriceInBaseCurrency =
-            latestValue.marketPriceInBaseCurrency;
+          value.marketPrice = latestValue.marketPrice;
        } catch {}
      }
    }
--- a/apps/api/src/app/portfolio/interfaces/current-positions.interface.ts
+++ b/apps/api/src/app/portfolio/interfaces/current-positions.interface.ts
@ -4,10 +4,15 @@ import Big from 'big.js';
 export interface CurrentPositions extends ResponseError {
  positions: TimelinePosition[];
  grossPerformance: Big;
+  grossPerformanceWithCurrencyEffect: Big;
  grossPerformancePercentage: Big;
+  grossPerformancePercentageWithCurrencyEffect: Big;
  netAnnualizedPerformance?: Big;
+  netAnnualizedPerformanceWithCurrencyEffect?: Big;
  netPerformance: Big;
+  netPerformanceWithCurrencyEffect: Big;
  netPerformancePercentage: Big;
+  netPerformancePercentageWithCurrencyEffect: Big;
  currentValue: Big;
  totalInvestment: Big;
 }
--- a/apps/api/src/app/portfolio/interfaces/get-value-object.interface.ts
+++ b/apps/api/src/app/portfolio/interfaces/get-value-object.interface.ts
@ -1,5 +1,6 @@
-export interface GetValueObject {
+import { UniqueAsset } from '@ghostfolio/common/interfaces';
+
+export interface GetValueObject extends UniqueAsset {
  date: Date;
-  marketPriceInBaseCurrency: number;
-  symbol: string;
+  marketPrice: number;
 }
--- a/apps/api/src/app/portfolio/interfaces/get-values-params.interface.ts
+++ b/apps/api/src/app/portfolio/interfaces/get-values-params.interface.ts
@ -3,8 +3,6 @@ import { IDataGatheringItem } from '@ghostfolio/api/services/interfaces/interfac
 import { DateQuery } from './date-query.interface';

 export interface GetValuesParams {
-  currencies: { [symbol: string]: string };
  dataGatheringItems: IDataGatheringItem[];
  dateQuery: DateQuery;
-  userCurrency: string;
 }
--- a/apps/api/src/app/portfolio/interfaces/portfolio-calculator.interface.ts
+++ b/apps/api/src/app/portfolio/interfaces/portfolio-calculator.interface.ts
@ -1,5 +1,11 @@
+import Big from 'big.js';
+
 import { PortfolioOrder } from './portfolio-order.interface';

 export interface PortfolioOrderItem extends PortfolioOrder {
+  feeInBaseCurrency?: Big;
+  feeInBaseCurrencyWithCurrencyEffect?: Big;
  itemType?: '' | 'start' | 'end';
+  unitPriceInBaseCurrency?: Big;
+  unitPriceInBaseCurrencyWithCurrencyEffect?: Big;
 }
--- a/apps/api/src/app/portfolio/interfaces/portfolio-order.interface.ts
+++ b/apps/api/src/app/portfolio/interfaces/portfolio-order.interface.ts
@ -1,4 +1,4 @@
-import { DataSource, Type as TypeOfOrder } from '@prisma/client';
+import { DataSource, Tag, Type as TypeOfOrder } from '@prisma/client';
 import Big from 'big.js';

 export interface PortfolioOrder {
@ -9,6 +9,7 @@ export interface PortfolioOrder {
  name: string;
  quantity: Big;
  symbol: string;
+  tags?: Tag[];
  type: TypeOfOrder;
  unitPrice: Big;
 }
--- a/apps/api/src/app/portfolio/interfaces/portfolio-position-detail.interface.ts
+++ b/apps/api/src/app/portfolio/interfaces/portfolio-position-detail.interface.ts
@ -14,6 +14,8 @@ export interface PortfolioPositionDetail {
  firstBuyDate: string;
  grossPerformance: number;
  grossPerformancePercent: number;
+  grossPerformancePercentWithCurrencyEffect: number;
+  grossPerformanceWithCurrencyEffect: number;
  historicalData: HistoricalDataItem[];
  investment: number;
  marketPrice: number;
@ -21,6 +23,8 @@ export interface PortfolioPositionDetail {
  minPrice: number;
  netPerformance: number;
  netPerformancePercent: number;
+  netPerformancePercentWithCurrencyEffect: number;
+  netPerformanceWithCurrencyEffect: number;
  orders: OrderWithAccount[];
  quantity: number;
  SymbolProfile: EnhancedSymbolProfile;
--- a/apps/api/src/app/portfolio/interfaces/transaction-point-symbol.interface.ts
+++ b/apps/api/src/app/portfolio/interfaces/transaction-point-symbol.interface.ts
@ -1,4 +1,4 @@
-import { DataSource } from '@prisma/client';
+import { DataSource, Tag } from '@prisma/client';
 import Big from 'big.js';

 export interface TransactionPointSymbol {
@ -9,5 +9,6 @@ export interface TransactionPointSymbol {
  investment: Big;
  quantity: Big;
  symbol: string;
+  tags?: Tag[];
  transactionCount: number;
 }
--- a/apps/api/src/app/portfolio/portfolio-calculator-baln-buy-and-sell.spec.ts
+++ b/apps/api/src/app/portfolio/portfolio-calculator-baln-buy-and-sell.spec.ts
@ -1,4 +1,5 @@
 import { CurrentRateService } from '@ghostfolio/api/app/portfolio/current-rate.service';
+import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
 import { parseDate } from '@ghostfolio/common/helper';
 import Big from 'big.js';

@ -16,15 +17,24 @@ jest.mock('@ghostfolio/api/app/portfolio/current-rate.service', () => {

 describe('PortfolioCalculator', () => {
  let currentRateService: CurrentRateService;
+  let exchangeRateDataService: ExchangeRateDataService;

  beforeEach(() => {
-    currentRateService = new CurrentRateService(null, null, null);
+    currentRateService = new CurrentRateService(null, null);
+
+    exchangeRateDataService = new ExchangeRateDataService(
+      null,
+      null,
+      null,
+      null
+    );
  });

  describe('get current positions', () => {
    it.only('with BALN.SW buy and sell', async () => {
      const portfolioCalculator = new PortfolioCalculator({
        currentRateService,
+        exchangeRateDataService,
        currency: 'CHF',
        orders: [
          {
@ -74,9 +84,17 @@ describe('PortfolioCalculator', () => {
        errors: [],
        grossPerformance: new Big('-12.6'),
        grossPerformancePercentage: new Big('-0.0440867739678096571'),
+        grossPerformancePercentageWithCurrencyEffect: new Big(
+          '-0.0440867739678096571'
+        ),
+        grossPerformanceWithCurrencyEffect: new Big('-12.6'),
        hasErrors: false,
        netPerformance: new Big('-15.8'),
        netPerformancePercentage: new Big('-0.0552834149755073478'),
+        netPerformancePercentageWithCurrencyEffect: new Big(
+          '-0.0552834149755073478'
+        ),
+        netPerformanceWithCurrencyEffect: new Big('-15.8'),
        positions: [
          {
            averagePrice: new Big('0'),
@ -86,16 +104,29 @@ describe('PortfolioCalculator', () => {
            firstBuyDate: '2021-11-22',
            grossPerformance: new Big('-12.6'),
            grossPerformancePercentage: new Big('-0.0440867739678096571'),
+            grossPerformancePercentageWithCurrencyEffect: new Big(
+              '-0.0440867739678096571'
+            ),
+            grossPerformanceWithCurrencyEffect: new Big('-12.6'),
            investment: new Big('0'),
+            investmentWithCurrencyEffect: new Big('0'),
            netPerformance: new Big('-15.8'),
            netPerformancePercentage: new Big('-0.0552834149755073478'),
+            netPerformancePercentageWithCurrencyEffect: new Big(
+              '-0.0552834149755073478'
+            ),
+            netPerformanceWithCurrencyEffect: new Big('-15.8'),
            marketPrice: 148.9,
+            marketPriceInBaseCurrency: 148.9,
            quantity: new Big('0'),
            symbol: 'BALN.SW',
+            timeWeightedInvestment: new Big('285.8'),
+            timeWeightedInvestmentWithCurrencyEffect: new Big('285.8'),
            transactionCount: 2
          }
        ],
-        totalInvestment: new Big('0')
+        totalInvestment: new Big('0'),
+        totalInvestmentWithCurrencyEffect: new Big('0')
      });

      expect(investments).toEqual([
--- a/apps/api/src/app/portfolio/portfolio-calculator-baln-buy.spec.ts
+++ b/apps/api/src/app/portfolio/portfolio-calculator-baln-buy.spec.ts
@ -1,4 +1,5 @@
 import { CurrentRateService } from '@ghostfolio/api/app/portfolio/current-rate.service';
+import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
 import { parseDate } from '@ghostfolio/common/helper';
 import Big from 'big.js';

@ -16,15 +17,24 @@ jest.mock('@ghostfolio/api/app/portfolio/current-rate.service', () => {

 describe('PortfolioCalculator', () => {
  let currentRateService: CurrentRateService;
+  let exchangeRateDataService: ExchangeRateDataService;

  beforeEach(() => {
-    currentRateService = new CurrentRateService(null, null, null);
+    currentRateService = new CurrentRateService(null, null);
+
+    exchangeRateDataService = new ExchangeRateDataService(
+      null,
+      null,
+      null,
+      null
+    );
  });

  describe('get current positions', () => {
    it.only('with BALN.SW buy', async () => {
      const portfolioCalculator = new PortfolioCalculator({
        currentRateService,
+        exchangeRateDataService,
        currency: 'CHF',
        orders: [
          {
@ -63,9 +73,17 @@ describe('PortfolioCalculator', () => {
        errors: [],
        grossPerformance: new Big('24.6'),
        grossPerformancePercentage: new Big('0.09004392386530014641'),
+        grossPerformancePercentageWithCurrencyEffect: new Big(
+          '0.09004392386530014641'
+        ),
+        grossPerformanceWithCurrencyEffect: new Big('24.6'),
        hasErrors: false,
        netPerformance: new Big('23.05'),
        netPerformancePercentage: new Big('0.08437042459736456808'),
+        netPerformancePercentageWithCurrencyEffect: new Big(
+          '0.08437042459736456808'
+        ),
+        netPerformanceWithCurrencyEffect: new Big('23.05'),
        positions: [
          {
            averagePrice: new Big('136.6'),
@ -75,16 +93,29 @@ describe('PortfolioCalculator', () => {
            firstBuyDate: '2021-11-30',
            grossPerformance: new Big('24.6'),
            grossPerformancePercentage: new Big('0.09004392386530014641'),
+            grossPerformancePercentageWithCurrencyEffect: new Big(
+              '0.09004392386530014641'
+            ),
+            grossPerformanceWithCurrencyEffect: new Big('24.6'),
            investment: new Big('273.2'),
+            investmentWithCurrencyEffect: new Big('273.2'),
            netPerformance: new Big('23.05'),
            netPerformancePercentage: new Big('0.08437042459736456808'),
+            netPerformancePercentageWithCurrencyEffect: new Big(
+              '0.08437042459736456808'
+            ),
+            netPerformanceWithCurrencyEffect: new Big('23.05'),
            marketPrice: 148.9,
+            marketPriceInBaseCurrency: 148.9,
            quantity: new Big('2'),
            symbol: 'BALN.SW',
+            timeWeightedInvestment: new Big('273.2'),
+            timeWeightedInvestmentWithCurrencyEffect: new Big('273.2'),
            transactionCount: 1
          }
        ],
-        totalInvestment: new Big('273.2')
+        totalInvestment: new Big('273.2'),
+        totalInvestmentWithCurrencyEffect: new Big('273.2')
      });

      expect(investments).toEqual([
--- a/apps/api/src/app/portfolio/portfolio-calculator-btcusd-buy-and-sell-partially.spec.ts
+++ b/apps/api/src/app/portfolio/portfolio-calculator-btcusd-buy-and-sell-partially.spec.ts
@ -1,4 +1,6 @@
 import { CurrentRateService } from '@ghostfolio/api/app/portfolio/current-rate.service';
+import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
+import { ExchangeRateDataServiceMock } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service.mock';
 import { parseDate } from '@ghostfolio/common/helper';
 import Big from 'big.js';

@ -14,21 +16,42 @@ jest.mock('@ghostfolio/api/app/portfolio/current-rate.service', () => {
  };
 });

+jest.mock(
+  '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service',
+  () => {
+    return {
+      // eslint-disable-next-line @typescript-eslint/naming-convention
+      ExchangeRateDataService: jest.fn().mockImplementation(() => {
+        return ExchangeRateDataServiceMock;
+      })
+    };
+  }
+);
+
 describe('PortfolioCalculator', () => {
  let currentRateService: CurrentRateService;
+  let exchangeRateDataService: ExchangeRateDataService;

  beforeEach(() => {
-    currentRateService = new CurrentRateService(null, null, null);
+    currentRateService = new CurrentRateService(null, null);
+
+    exchangeRateDataService = new ExchangeRateDataService(
+      null,
+      null,
+      null,
+      null
+    );
  });

  describe('get current positions', () => {
    it.only('with BTCUSD buy and sell partially', async () => {
      const portfolioCalculator = new PortfolioCalculator({
        currentRateService,
+        exchangeRateDataService,
        currency: 'CHF',
        orders: [
          {
-            currency: 'CHF',
+            currency: 'USD',
            date: '2015-01-01',
            dataSource: 'YAHOO',
            fee: new Big(0),
@ -39,7 +62,7 @@ describe('PortfolioCalculator', () => {
            unitPrice: new Big(320.43)
          },
          {
-            currency: 'CHF',
+            currency: 'USD',
            date: '2017-12-31',
            dataSource: 'YAHOO',
            fee: new Big(0),
@ -70,32 +93,60 @@ describe('PortfolioCalculator', () => {
      spy.mockRestore();

      expect(currentPositions).toEqual({
-        currentValue: new Big('13657.2'),
+        currentValue: new Big('13298.425356'),
        errors: [],
        grossPerformance: new Big('27172.74'),
-        grossPerformancePercentage: new Big('42.40043067128546016291'),
+        grossPerformancePercentage: new Big('42.41978276196153750666'),
+        grossPerformancePercentageWithCurrencyEffect: new Big(
+          '41.6401219622042072686'
+        ),
+        grossPerformanceWithCurrencyEffect: new Big('26516.208701400000064086'),
        hasErrors: false,
        netPerformance: new Big('27172.74'),
-        netPerformancePercentage: new Big('42.40043067128546016291'),
+        netPerformancePercentage: new Big('42.41978276196153750666'),
+        netPerformancePercentageWithCurrencyEffect: new Big(
+          '41.6401219622042072686'
+        ),
+        netPerformanceWithCurrencyEffect: new Big('26516.208701400000064086'),
        positions: [
          {
            averagePrice: new Big('320.43'),
-            currency: 'CHF',
+            currency: 'USD',
            dataSource: 'YAHOO',
            fee: new Big('0'),
            firstBuyDate: '2015-01-01',
            grossPerformance: new Big('27172.74'),
-            grossPerformancePercentage: new Big('42.40043067128546016291'),
+            grossPerformancePercentage: new Big('42.41978276196153750666'),
+            grossPerformancePercentageWithCurrencyEffect: new Big(
+              '41.6401219622042072686'
+            ),
+            grossPerformanceWithCurrencyEffect: new Big(
+              '26516.208701400000064086'
+            ),
            investment: new Big('320.43'),
-            netPerformance: new Big('27172.74'),
-            netPerformancePercentage: new Big('42.40043067128546016291'),
+            investmentWithCurrencyEffect: new Big('318.542667299999967957'),
            marketPrice: 13657.2,
+            marketPriceInBaseCurrency: 13298.425356,
+            netPerformance: new Big('27172.74'),
+            netPerformancePercentage: new Big('42.41978276196153750666'),
+            netPerformancePercentageWithCurrencyEffect: new Big(
+              '41.6401219622042072686'
+            ),
+            netPerformanceWithCurrencyEffect: new Big(
+              '26516.208701400000064086'
+            ),
            quantity: new Big('1'),
            symbol: 'BTCUSD',
+            tags: undefined,
+            timeWeightedInvestment: new Big('640.56763686131386861314'),
+            timeWeightedInvestmentWithCurrencyEffect: new Big(
+              '636.79469348020066587024'
+            ),
            transactionCount: 2
          }
        ],
-        totalInvestment: new Big('320.43')
+        totalInvestment: new Big('320.43'),
+        totalInvestmentWithCurrencyEffect: new Big('318.542667299999967957')
      });

      expect(investments).toEqual([
--- a/apps/api/src/app/portfolio/portfolio-calculator-googl-buy.spec.ts
+++ b/apps/api/src/app/portfolio/portfolio-calculator-googl-buy.spec.ts
@ -0,0 +1,144 @@
+import { CurrentRateService } from '@ghostfolio/api/app/portfolio/current-rate.service';
+import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
+import { ExchangeRateDataServiceMock } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service.mock';
+import { parseDate } from '@ghostfolio/common/helper';
+import Big from 'big.js';
+
+import { CurrentRateServiceMock } from './current-rate.service.mock';
+import { PortfolioCalculator } from './portfolio-calculator';
+
+jest.mock('@ghostfolio/api/app/portfolio/current-rate.service', () => {
+  return {
+    // eslint-disable-next-line @typescript-eslint/naming-convention
+    CurrentRateService: jest.fn().mockImplementation(() => {
+      return CurrentRateServiceMock;
+    })
+  };
+});
+
+jest.mock(
+  '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service',
+  () => {
+    return {
+      // eslint-disable-next-line @typescript-eslint/naming-convention
+      ExchangeRateDataService: jest.fn().mockImplementation(() => {
+        return ExchangeRateDataServiceMock;
+      })
+    };
+  }
+);
+
+describe('PortfolioCalculator', () => {
+  let currentRateService: CurrentRateService;
+  let exchangeRateDataService: ExchangeRateDataService;
+
+  beforeEach(() => {
+    currentRateService = new CurrentRateService(null, null);
+
+    exchangeRateDataService = new ExchangeRateDataService(
+      null,
+      null,
+      null,
+      null
+    );
+  });
+
+  describe('get current positions', () => {
+    it.only('with GOOGL buy', async () => {
+      const portfolioCalculator = new PortfolioCalculator({
+        currentRateService,
+        exchangeRateDataService,
+        currency: 'CHF',
+        orders: [
+          {
+            currency: 'USD',
+            date: '2023-01-03',
+            dataSource: 'YAHOO',
+            fee: new Big(1),
+            name: 'Alphabet Inc.',
+            quantity: new Big(1),
+            symbol: 'GOOGL',
+            type: 'BUY',
+            unitPrice: new Big(89.12)
+          }
+        ]
+      });
+
+      portfolioCalculator.computeTransactionPoints();
+
+      const spy = jest
+        .spyOn(Date, 'now')
+        .mockImplementation(() => parseDate('2023-07-10').getTime());
+
+      const currentPositions = await portfolioCalculator.getCurrentPositions(
+        parseDate('2023-01-03')
+      );
+
+      const investments = portfolioCalculator.getInvestments();
+
+      const investmentsByMonth =
+        portfolioCalculator.getInvestmentsByGroup('month');
+
+      spy.mockRestore();
+
+      expect(currentPositions).toEqual({
+        currentValue: new Big('103.10483'),
+        errors: [],
+        grossPerformance: new Big('27.33'),
+        grossPerformancePercentage: new Big('0.3066651705565529623'),
+        grossPerformancePercentageWithCurrencyEffect: new Big(
+          '0.25235044599563974109'
+        ),
+        grossPerformanceWithCurrencyEffect: new Big('20.775774'),
+        hasErrors: false,
+        netPerformance: new Big('26.33'),
+        netPerformancePercentage: new Big('0.29544434470377019749'),
+        netPerformancePercentageWithCurrencyEffect: new Big(
+          '0.24112962014285697628'
+        ),
+        netPerformanceWithCurrencyEffect: new Big('19.851974'),
+        positions: [
+          {
+            averagePrice: new Big('89.12'),
+            currency: 'USD',
+            dataSource: 'YAHOO',
+            fee: new Big('1'),
+            firstBuyDate: '2023-01-03',
+            grossPerformance: new Big('27.33'),
+            grossPerformancePercentage: new Big('0.3066651705565529623'),
+            grossPerformancePercentageWithCurrencyEffect: new Big(
+              '0.25235044599563974109'
+            ),
+            grossPerformanceWithCurrencyEffect: new Big('20.775774'),
+            investment: new Big('89.12'),
+            investmentWithCurrencyEffect: new Big('82.329056'),
+            netPerformance: new Big('26.33'),
+            netPerformancePercentage: new Big('0.29544434470377019749'),
+            netPerformancePercentageWithCurrencyEffect: new Big(
+              '0.24112962014285697628'
+            ),
+            netPerformanceWithCurrencyEffect: new Big('19.851974'),
+            marketPrice: 116.45,
+            marketPriceInBaseCurrency: 103.10483,
+            quantity: new Big('1'),
+            symbol: 'GOOGL',
+            tags: undefined,
+            timeWeightedInvestment: new Big('89.12'),
+            timeWeightedInvestmentWithCurrencyEffect: new Big('82.329056'),
+            transactionCount: 1
+          }
+        ],
+        totalInvestment: new Big('89.12'),
+        totalInvestmentWithCurrencyEffect: new Big('82.329056')
+      });
+
+      expect(investments).toEqual([
+        { date: '2023-01-03', investment: new Big('89.12') }
+      ]);
+
+      expect(investmentsByMonth).toEqual([
+        { date: '2023-01-01', investment: new Big('89.12') }
+      ]);
+    });
+  });
+});
--- a/apps/api/src/app/portfolio/portfolio-calculator-no-orders.spec.ts
+++ b/apps/api/src/app/portfolio/portfolio-calculator-no-orders.spec.ts
@ -1,4 +1,5 @@
 import { CurrentRateService } from '@ghostfolio/api/app/portfolio/current-rate.service';
+import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
 import { parseDate } from '@ghostfolio/common/helper';
 import Big from 'big.js';

@ -16,15 +17,24 @@ jest.mock('@ghostfolio/api/app/portfolio/current-rate.service', () => {

 describe('PortfolioCalculator', () => {
  let currentRateService: CurrentRateService;
+  let exchangeRateDataService: ExchangeRateDataService;

  beforeEach(() => {
-    currentRateService = new CurrentRateService(null, null, null);
+    currentRateService = new CurrentRateService(null, null);
+
+    exchangeRateDataService = new ExchangeRateDataService(
+      null,
+      null,
+      null,
+      null
+    );
  });

  describe('get current positions', () => {
    it('with no orders', async () => {
      const portfolioCalculator = new PortfolioCalculator({
        currentRateService,
+        exchangeRateDataService,
        currency: 'CHF',
        orders: []
      });
@ -50,9 +60,13 @@ describe('PortfolioCalculator', () => {
        currentValue: new Big(0),
        grossPerformance: new Big(0),
        grossPerformancePercentage: new Big(0),
+        grossPerformancePercentageWithCurrencyEffect: new Big(0),
+        grossPerformanceWithCurrencyEffect: new Big(0),
        hasErrors: false,
        netPerformance: new Big(0),
        netPerformancePercentage: new Big(0),
+        netPerformancePercentageWithCurrencyEffect: new Big(0),
+        netPerformanceWithCurrencyEffect: new Big(0),
        positions: [],
        totalInvestment: new Big(0)
      });
--- a/apps/api/src/app/portfolio/portfolio-calculator-novn-buy-and-sell-partially.spec.ts
+++ b/apps/api/src/app/portfolio/portfolio-calculator-novn-buy-and-sell-partially.spec.ts
@ -1,4 +1,5 @@
 import { CurrentRateService } from '@ghostfolio/api/app/portfolio/current-rate.service';
+import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
 import { parseDate } from '@ghostfolio/common/helper';
 import Big from 'big.js';

@ -16,15 +17,24 @@ jest.mock('@ghostfolio/api/app/portfolio/current-rate.service', () => {

 describe('PortfolioCalculator', () => {
  let currentRateService: CurrentRateService;
+  let exchangeRateDataService: ExchangeRateDataService;

  beforeEach(() => {
-    currentRateService = new CurrentRateService(null, null, null);
+    currentRateService = new CurrentRateService(null, null);
+
+    exchangeRateDataService = new ExchangeRateDataService(
+      null,
+      null,
+      null,
+      null
+    );
  });

  describe('get current positions', () => {
    it.only('with NOVN.SW buy and sell partially', async () => {
      const portfolioCalculator = new PortfolioCalculator({
        currentRateService,
+        exchangeRateDataService,
        currency: 'CHF',
        orders: [
          {
@ -73,10 +83,18 @@ describe('PortfolioCalculator', () => {
        currentValue: new Big('87.8'),
        errors: [],
        grossPerformance: new Big('21.93'),
-        grossPerformancePercentage: new Big('0.14465699208443271768'),
+        grossPerformancePercentage: new Big('0.15113417083448194384'),
+        grossPerformancePercentageWithCurrencyEffect: new Big(
+          '0.15113417083448194384'
+        ),
+        grossPerformanceWithCurrencyEffect: new Big('21.93'),
        hasErrors: false,
        netPerformance: new Big('17.68'),
-        netPerformancePercentage: new Big('0.11662269129287598945'),
+        netPerformancePercentage: new Big('0.12184460284330327256'),
+        netPerformancePercentageWithCurrencyEffect: new Big(
+          '0.12184460284330327256'
+        ),
+        netPerformanceWithCurrencyEffect: new Big('17.68'),
        positions: [
          {
            averagePrice: new Big('75.80'),
@ -85,17 +103,32 @@ describe('PortfolioCalculator', () => {
            fee: new Big('4.25'),
            firstBuyDate: '2022-03-07',
            grossPerformance: new Big('21.93'),
-            grossPerformancePercentage: new Big('0.14465699208443271768'),
+            grossPerformancePercentage: new Big('0.15113417083448194384'),
+            grossPerformancePercentageWithCurrencyEffect: new Big(
+              '0.15113417083448194384'
+            ),
+            grossPerformanceWithCurrencyEffect: new Big('21.93'),
            investment: new Big('75.80'),
+            investmentWithCurrencyEffect: new Big('75.80'),
            netPerformance: new Big('17.68'),
-            netPerformancePercentage: new Big('0.11662269129287598945'),
+            netPerformancePercentage: new Big('0.12184460284330327256'),
+            netPerformancePercentageWithCurrencyEffect: new Big(
+              '0.12184460284330327256'
+            ),
+            netPerformanceWithCurrencyEffect: new Big('17.68'),
            marketPrice: 87.8,
+            marketPriceInBaseCurrency: 87.8,
            quantity: new Big('1'),
            symbol: 'NOVN.SW',
+            timeWeightedInvestment: new Big('145.10285714285714285714'),
+            timeWeightedInvestmentWithCurrencyEffect: new Big(
+              '145.10285714285714285714'
+            ),
            transactionCount: 2
          }
        ],
-        totalInvestment: new Big('75.80')
+        totalInvestment: new Big('75.80'),
+        totalInvestmentWithCurrencyEffect: new Big('75.80')
      });

      expect(investments).toEqual([
--- a/apps/api/src/app/portfolio/portfolio-calculator-novn-buy-and-sell.spec.ts
+++ b/apps/api/src/app/portfolio/portfolio-calculator-novn-buy-and-sell.spec.ts
@ -1,4 +1,5 @@
 import { CurrentRateService } from '@ghostfolio/api/app/portfolio/current-rate.service';
+import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
 import { parseDate } from '@ghostfolio/common/helper';
 import Big from 'big.js';

@ -16,15 +17,24 @@ jest.mock('@ghostfolio/api/app/portfolio/current-rate.service', () => {

 describe('PortfolioCalculator', () => {
  let currentRateService: CurrentRateService;
+  let exchangeRateDataService: ExchangeRateDataService;

  beforeEach(() => {
-    currentRateService = new CurrentRateService(null, null, null);
+    currentRateService = new CurrentRateService(null, null);
+
+    exchangeRateDataService = new ExchangeRateDataService(
+      null,
+      null,
+      null,
+      null
+    );
  });

  describe('get current positions', () => {
    it.only('with NOVN.SW buy and sell', async () => {
      const portfolioCalculator = new PortfolioCalculator({
        currentRateService,
+        exchangeRateDataService,
        currency: 'CHF',
        orders: [
          {
@ -75,18 +85,26 @@ describe('PortfolioCalculator', () => {

      expect(chartData[0]).toEqual({
        date: '2022-03-07',
-        netPerformanceInPercentage: 0,
        netPerformance: 0,
+        netPerformanceInPercentage: 0,
+        netPerformanceInPercentageWithCurrencyEffect: 0,
+        netPerformanceWithCurrencyEffect: 0,
        totalInvestment: 151.6,
-        value: 151.6
+        totalInvestmentValueWithCurrencyEffect: 151.6,
+        value: 151.6,
+        valueWithCurrencyEffect: 151.6
      });

      expect(chartData[chartData.length - 1]).toEqual({
        date: '2022-04-11',
-        netPerformanceInPercentage: 13.100263852242744,
        netPerformance: 19.86,
+        netPerformanceInPercentage: 13.100263852242744,
+        netPerformanceInPercentageWithCurrencyEffect: 13.100263852242744,
+        netPerformanceWithCurrencyEffect: 19.86,
        totalInvestment: 0,
-        value: 0
+        totalInvestmentValueWithCurrencyEffect: 0,
+        value: 0,
+        valueWithCurrencyEffect: 0
      });

      expect(currentPositions).toEqual({
@ -94,9 +112,17 @@ describe('PortfolioCalculator', () => {
        errors: [],
        grossPerformance: new Big('19.86'),
        grossPerformancePercentage: new Big('0.13100263852242744063'),
+        grossPerformancePercentageWithCurrencyEffect: new Big(
+          '0.13100263852242744063'
+        ),
+        grossPerformanceWithCurrencyEffect: new Big('19.86'),
        hasErrors: false,
        netPerformance: new Big('19.86'),
        netPerformancePercentage: new Big('0.13100263852242744063'),
+        netPerformancePercentageWithCurrencyEffect: new Big(
+          '0.13100263852242744063'
+        ),
+        netPerformanceWithCurrencyEffect: new Big('19.86'),
        positions: [
          {
            averagePrice: new Big('0'),
@ -106,16 +132,29 @@ describe('PortfolioCalculator', () => {
            firstBuyDate: '2022-03-07',
            grossPerformance: new Big('19.86'),
            grossPerformancePercentage: new Big('0.13100263852242744063'),
+            grossPerformancePercentageWithCurrencyEffect: new Big(
+              '0.13100263852242744063'
+            ),
+            grossPerformanceWithCurrencyEffect: new Big('19.86'),
            investment: new Big('0'),
+            investmentWithCurrencyEffect: new Big('0'),
            netPerformance: new Big('19.86'),
            netPerformancePercentage: new Big('0.13100263852242744063'),
+            netPerformancePercentageWithCurrencyEffect: new Big(
+              '0.13100263852242744063'
+            ),
+            netPerformanceWithCurrencyEffect: new Big('19.86'),
            marketPrice: 87.8,
+            marketPriceInBaseCurrency: 87.8,
            quantity: new Big('0'),
            symbol: 'NOVN.SW',
+            timeWeightedInvestment: new Big('151.6'),
+            timeWeightedInvestmentWithCurrencyEffect: new Big('151.6'),
            transactionCount: 2
          }
        ],
-        totalInvestment: new Big('0')
+        totalInvestment: new Big('0'),
+        totalInvestmentWithCurrencyEffect: new Big('0')
      });

      expect(investments).toEqual([
--- a/apps/api/src/app/portfolio/portfolio-calculator.spec.ts
+++ b/apps/api/src/app/portfolio/portfolio-calculator.spec.ts
@ -1,3 +1,4 @@
+import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
 import Big from 'big.js';

 import { CurrentRateService } from './current-rate.service';
@ -5,14 +6,23 @@ import { PortfolioCalculator } from './portfolio-calculator';

 describe('PortfolioCalculator', () => {
  let currentRateService: CurrentRateService;
+  let exchangeRateDataService: ExchangeRateDataService;

  beforeEach(() => {
-    currentRateService = new CurrentRateService(null, null, null);
+    currentRateService = new CurrentRateService(null, null);
+
+    exchangeRateDataService = new ExchangeRateDataService(
+      null,
+      null,
+      null,
+      null
+    );
  });

  describe('annualized performance percentage', () => {
    const portfolioCalculator = new PortfolioCalculator({
      currentRateService,
+      exchangeRateDataService,
      currency: 'USD',
      orders: []
    });
--- a/apps/api/src/app/portfolio/portfolio-calculator.ts
+++ b/apps/api/src/app/portfolio/portfolio-calculator.ts
--- a/apps/api/src/app/portfolio/portfolio.controller.ts
+++ b/apps/api/src/app/portfolio/portfolio.controller.ts
@ -1,5 +1,6 @@
 import { AccessService } from '@ghostfolio/api/app/access/access.service';
 import { UserService } from '@ghostfolio/api/app/user/user.service';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
 import {
  hasNotDefinedValuesInObject,
  nullifyValuesInObject
@ -10,7 +11,10 @@ import { TransformDataSourceInResponseInterceptor } from '@ghostfolio/api/interc
 import { ApiService } from '@ghostfolio/api/services/api/api.service';
 import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
 import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
-import { HEADER_KEY_IMPERSONATION } from '@ghostfolio/common/config';
+import {
+  DEFAULT_CURRENCY,
+  HEADER_KEY_IMPERSONATION
+} from '@ghostfolio/common/config';
 import {
  PortfolioDetails,
  PortfolioDividends,
@ -47,8 +51,6 @@ import { PortfolioService } from './portfolio.service';

@Controller('portfolio')
 export class PortfolioController {
-  private baseCurrency: string;
-
  public constructor(
    private readonly accessService: AccessService,
    private readonly apiService: ApiService,
@ -57,12 +59,10 @@ export class PortfolioController {
    private readonly portfolioService: PortfolioService,
    @Inject(REQUEST) private readonly request: RequestWithUser,
    private readonly userService: UserService
-  ) {
-    this.baseCurrency = this.configurationService.get('BASE_CURRENCY');
-  }
+  ) {}

  @Get('details')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  @UseInterceptors(RedactValuesInResponseInterceptor)
  @UseInterceptors(TransformDataSourceInResponseInterceptor)
  public async getDetails(
@ -74,6 +74,11 @@ export class PortfolioController {
  ): Promise<PortfolioDetails & { hasError: boolean }> {
    let hasDetails = true;
    let hasError = false;
+    const hasReadRestrictedAccessPermission =
+      this.userService.hasReadRestrictedAccessPermission({
+        impersonationId,
+        user: this.request.user
+      });

    if (this.configurationService.get('ENABLE_FEATURE_SUBSCRIPTION')) {
      hasDetails = this.request.user.subscription.type === 'Premium';
@ -108,7 +113,7 @@ export class PortfolioController {
    let portfolioSummary = summary;

    if (
-      impersonationId ||
+      hasReadRestrictedAccessPermission ||
      this.userService.isRestrictedView(this.request.user)
    ) {
      const totalInvestment = Object.values(holdings)
@ -134,7 +139,7 @@ export class PortfolioController {
        portfolioPosition.netPerformance = null;
        portfolioPosition.quantity = null;
        portfolioPosition.valueInPercentage =
-          portfolioPosition.value / totalValue;
+          portfolioPosition.valueInBaseCurrency / totalValue;
      }

      for (const [name, { valueInBaseCurrency }] of Object.entries(accounts)) {
@ -148,23 +153,28 @@ export class PortfolioController {

    if (
      hasDetails === false ||
-      impersonationId ||
+      hasReadRestrictedAccessPermission ||
      this.userService.isRestrictedView(this.request.user)
    ) {
      portfolioSummary = nullifyValuesInObject(summary, [
        'cash',
        'committedFunds',
        'currentGrossPerformance',
+        'currentGrossPerformanceWithCurrencyEffect',
        'currentNetPerformance',
+        'currentNetPerformanceWithCurrencyEffect',
        'currentValue',
        'dividend',
        'emergencyFund',
        'excludedAccountsAndActivities',
        'fees',
+        'fireWealth',
+        'interest',
        'items',
        'liabilities',
        'netWorth',
        'totalBuy',
+        'totalInvestment',
        'totalSell'
      ]);
    }
@ -172,11 +182,20 @@ export class PortfolioController {
    for (const [symbol, portfolioPosition] of Object.entries(holdings)) {
      holdings[symbol] = {
        ...portfolioPosition,
-        assetClass: hasDetails ? portfolioPosition.assetClass : undefined,
-        assetSubClass: hasDetails ? portfolioPosition.assetSubClass : undefined,
+        assetClass:
+          hasDetails || portfolioPosition.assetClass === 'CASH'
+            ? portfolioPosition.assetClass
+            : undefined,
+        assetSubClass:
+          hasDetails || portfolioPosition.assetSubClass === 'CASH'
+            ? portfolioPosition.assetSubClass
+            : undefined,
        countries: hasDetails ? portfolioPosition.countries : [],
        currency: hasDetails ? portfolioPosition.currency : undefined,
        markets: hasDetails ? portfolioPosition.markets : undefined,
+        marketsAdvanced: hasDetails
+          ? portfolioPosition.marketsAdvanced
+          : undefined,
        sectors: hasDetails ? portfolioPosition.sectors : []
      };
    }
@ -194,7 +213,7 @@ export class PortfolioController {
  }

  @Get('dividends')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async getDividends(
    @Headers(HEADER_KEY_IMPERSONATION.toLowerCase()) impersonationId: string,
    @Query('accounts') filterByAccounts?: string,
@ -203,6 +222,12 @@ export class PortfolioController {
    @Query('range') dateRange: DateRange = 'max',
    @Query('tags') filterByTags?: string
  ): Promise<PortfolioDividends> {
+    const hasReadRestrictedAccessPermission =
+      this.userService.hasReadRestrictedAccessPermission({
+        impersonationId,
+        user: this.request.user
+      });
+
    const filters = this.apiService.buildFiltersFromQueryParams({
      filterByAccounts,
      filterByAssetClasses,
@ -217,7 +242,7 @@ export class PortfolioController {
    });

    if (
-      impersonationId ||
+      hasReadRestrictedAccessPermission ||
      this.userService.isRestrictedView(this.request.user)
    ) {
      const maxDividend = dividends.reduce(
@ -244,7 +269,7 @@ export class PortfolioController {
  }

  @Get('investments')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async getInvestments(
    @Headers(HEADER_KEY_IMPERSONATION.toLowerCase()) impersonationId: string,
    @Query('accounts') filterByAccounts?: string,
@ -253,6 +278,12 @@ export class PortfolioController {
    @Query('range') dateRange: DateRange = 'max',
    @Query('tags') filterByTags?: string
  ): Promise<PortfolioInvestments> {
+    const hasReadRestrictedAccessPermission =
+      this.userService.hasReadRestrictedAccessPermission({
+        impersonationId,
+        user: this.request.user
+      });
+
    const filters = this.apiService.buildFiltersFromQueryParams({
      filterByAccounts,
      filterByAssetClasses,
@ -268,7 +299,7 @@ export class PortfolioController {
    });

    if (
-      impersonationId ||
+      hasReadRestrictedAccessPermission ||
      this.userService.isRestrictedView(this.request.user)
    ) {
      const maxInvestment = investments.reduce(
@ -305,7 +336,7 @@ export class PortfolioController {
  }

  @Get('performance')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  @UseInterceptors(TransformDataSourceInResponseInterceptor)
  @Version('2')
  public async getPerformanceV2(
@ -313,8 +344,15 @@ export class PortfolioController {
    @Query('accounts') filterByAccounts?: string,
    @Query('assetClasses') filterByAssetClasses?: string,
    @Query('range') dateRange: DateRange = 'max',
-    @Query('tags') filterByTags?: string
+    @Query('tags') filterByTags?: string,
+    @Query('withExcludedAccounts') withExcludedAccounts = false
  ): Promise<PortfolioPerformanceResponse> {
+    const hasReadRestrictedAccessPermission =
+      this.userService.hasReadRestrictedAccessPermission({
+        impersonationId,
+        user: this.request.user
+      });
+
    const filters = this.apiService.buildFiltersFromQueryParams({
      filterByAccounts,
      filterByAssetClasses,
@ -325,25 +363,44 @@ export class PortfolioController {
      dateRange,
      filters,
      impersonationId,
+      withExcludedAccounts,
      userId: this.request.user.id
    });

    if (
-      impersonationId ||
+      hasReadRestrictedAccessPermission ||
      this.request.user.Settings.settings.viewMode === 'ZEN' ||
      this.userService.isRestrictedView(this.request.user)
    ) {
      performanceInformation.chart = performanceInformation.chart.map(
-        ({ date, netPerformanceInPercentage, totalInvestment, value }) => {
+        ({
+          date,
+          netPerformanceInPercentage,
+          netWorth,
+          totalInvestment,
+          value
+        }) => {
          return {
            date,
            netPerformanceInPercentage,
-            totalInvestment: new Big(totalInvestment)
-              .div(performanceInformation.performance.totalInvestment)
-              .toNumber(),
-            valueInPercentage: new Big(value)
-              .div(performanceInformation.performance.currentValue)
-              .toNumber()
+            netWorthInPercentage:
+              performanceInformation.performance.currentNetWorth === 0
+                ? 0
+                : new Big(netWorth)
+                    .div(performanceInformation.performance.currentNetWorth)
+                    .toNumber(),
+            totalInvestment:
+              performanceInformation.performance.totalInvestment === 0
+                ? 0
+                : new Big(totalInvestment)
+                    .div(performanceInformation.performance.totalInvestment)
+                    .toNumber(),
+            valueInPercentage:
+              performanceInformation.performance.currentValue === 0
+                ? 0
+                : new Big(value)
+                    .div(performanceInformation.performance.currentValue)
+                    .toNumber()
          };
        }
      );
@ -352,7 +409,10 @@ export class PortfolioController {
        performanceInformation.performance,
        [
          'currentGrossPerformance',
+          'currentGrossPerformanceWithCurrencyEffect',
          'currentNetPerformance',
+          'currentNetPerformanceWithCurrencyEffect',
+          'currentNetWorth',
          'currentValue',
          'totalInvestment'
        ]
@ -374,19 +434,21 @@ export class PortfolioController {
  }

  @Get('positions')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  @UseInterceptors(RedactValuesInResponseInterceptor)
  @UseInterceptors(TransformDataSourceInResponseInterceptor)
  public async getPositions(
    @Headers(HEADER_KEY_IMPERSONATION.toLowerCase()) impersonationId: string,
    @Query('accounts') filterByAccounts?: string,
    @Query('assetClasses') filterByAssetClasses?: string,
+    @Query('query') filterBySearchQuery?: string,
    @Query('range') dateRange: DateRange = 'max',
    @Query('tags') filterByTags?: string
  ): Promise<PortfolioPositions> {
    const filters = this.apiService.buildFiltersFromQueryParams({
      filterByAccounts,
      filterByAssetClasses,
+      filterBySearchQuery,
      filterByTags
    });

@ -437,15 +499,15 @@ export class PortfolioController {
        return this.exchangeRateDataService.toCurrency(
          portfolioPosition.quantity * portfolioPosition.marketPrice,
          portfolioPosition.currency,
-          this.request.user?.Settings?.settings.baseCurrency ??
-            this.baseCurrency
+          this.request.user?.Settings?.settings.baseCurrency ?? DEFAULT_CURRENCY
        );
      })
      .reduce((a, b) => a + b, 0);

    for (const [symbol, portfolioPosition] of Object.entries(holdings)) {
      portfolioPublicDetails.holdings[symbol] = {
-        allocationInPercentage: portfolioPosition.value / totalValue,
+        allocationInPercentage:
+          portfolioPosition.valueInBaseCurrency / totalValue,
        countries: hasDetails ? portfolioPosition.countries : [],
        currency: hasDetails ? portfolioPosition.currency : undefined,
        dataSource: portfolioPosition.dataSource,
@ -456,7 +518,7 @@ export class PortfolioController {
        sectors: hasDetails ? portfolioPosition.sectors : [],
        symbol: portfolioPosition.symbol,
        url: portfolioPosition.url,
-        valueInPercentage: portfolioPosition.value / totalValue
+        valueInPercentage: portfolioPosition.valueInBaseCurrency / totalValue
      };
    }

@ -467,7 +529,7 @@ export class PortfolioController {
  @UseInterceptors(RedactValuesInResponseInterceptor)
  @UseInterceptors(TransformDataSourceInRequestInterceptor)
  @UseInterceptors(TransformDataSourceInResponseInterceptor)
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async getPosition(
    @Headers(HEADER_KEY_IMPERSONATION.toLowerCase()) impersonationId: string,
    @Param('dataSource') dataSource,
@ -490,7 +552,7 @@ export class PortfolioController {
  }

  @Get('report')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async getReport(
    @Headers(HEADER_KEY_IMPERSONATION.toLowerCase()) impersonationId: string
  ): Promise<PortfolioReport> {
--- a/apps/api/src/app/portfolio/portfolio.module.ts
+++ b/apps/api/src/app/portfolio/portfolio.module.ts
@ -1,4 +1,5 @@
 import { AccessModule } from '@ghostfolio/api/app/access/access.module';
+import { AccountBalanceService } from '@ghostfolio/api/app/account-balance/account-balance.service';
 import { AccountService } from '@ghostfolio/api/app/account/account.service';
 import { OrderModule } from '@ghostfolio/api/app/order/order.module';
 import { UserModule } from '@ghostfolio/api/app/user/user.module';
@ -36,6 +37,7 @@ import { RulesService } from './rules.service';
    UserModule
  ],
  providers: [
+    AccountBalanceService,
    AccountService,
    CurrentRateService,
    PortfolioService,
--- a/apps/api/src/app/portfolio/portfolio.service.ts
+++ b/apps/api/src/app/portfolio/portfolio.service.ts
--- a/apps/api/src/app/redis-cache/interfaces/redis-cache.interface.ts
+++ b/apps/api/src/app/redis-cache/interfaces/redis-cache.interface.ts
@ -0,0 +1,7 @@
+import { Cache } from 'cache-manager';
+
+import type { RedisStore } from './redis-store.interface';
+
+export interface RedisCache extends Cache {
+  store: RedisStore;
+}
--- a/apps/api/src/app/redis-cache/interfaces/redis-store.interface.ts
+++ b/apps/api/src/app/redis-cache/interfaces/redis-store.interface.ts
@ -0,0 +1,8 @@
+import { Store } from 'cache-manager';
+import { createClient } from 'redis';
+
+export interface RedisStore extends Store {
+  getClient: () => ReturnType<typeof createClient>;
+  isCacheableValue: (value: any) => boolean;
+  name: 'redis';
+}
--- a/apps/api/src/app/redis-cache/redis-cache.module.ts
+++ b/apps/api/src/app/redis-cache/redis-cache.module.ts
@ -1,7 +1,9 @@
 import { ConfigurationModule } from '@ghostfolio/api/services/configuration/configuration.module';
 import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
-import { CacheManagerOptions, CacheModule, Module } from '@nestjs/common';
+import { CacheModule } from '@nestjs/cache-manager';
+import { Module } from '@nestjs/common';
 import * as redisStore from 'cache-manager-redis-store';
+import type { RedisClientOptions } from 'redis';

 import { RedisCacheService } from './redis-cache.service';

@ -11,7 +13,7 @@ import { RedisCacheService } from './redis-cache.service';
      imports: [ConfigurationModule],
      inject: [ConfigurationService],
      useFactory: async (configurationService: ConfigurationService) => {
-        return <CacheManagerOptions>{
+        return <RedisClientOptions>{
          host: configurationService.get('REDIS_HOST'),
          max: configurationService.get('MAX_ITEM_IN_CACHE'),
          password: configurationService.get('REDIS_PASSWORD'),
--- a/apps/api/src/app/redis-cache/redis-cache.service.ts
+++ b/apps/api/src/app/redis-cache/redis-cache.service.ts
@ -1,18 +1,32 @@
 import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
-import { CACHE_MANAGER, Inject, Injectable } from '@nestjs/common';
-import { Cache } from 'cache-manager';
+import { getAssetProfileIdentifier } from '@ghostfolio/common/helper';
+import { UniqueAsset } from '@ghostfolio/common/interfaces';
+import { CACHE_MANAGER } from '@nestjs/cache-manager';
+import { Inject, Injectable, Logger } from '@nestjs/common';
+
+import type { RedisCache } from './interfaces/redis-cache.interface';

@Injectable()
 export class RedisCacheService {
  public constructor(
-    @Inject(CACHE_MANAGER) private readonly cache: Cache,
+    @Inject(CACHE_MANAGER) private readonly cache: RedisCache,
    private readonly configurationService: ConfigurationService
-  ) {}
+  ) {
+    const client = cache.store.getClient();
+
+    client.on('error', (error) => {
+      Logger.error(error, 'RedisCacheService');
+    });
+  }

  public async get(key: string): Promise<string> {
    return await this.cache.get(key);
  }

+  public getQuoteKey({ dataSource, symbol }: UniqueAsset) {
+    return `quote-${getAssetProfileIdentifier({ dataSource, symbol })}`;
+  }
+
  public async remove(key: string) {
    await this.cache.del(key);
  }
@ -22,8 +36,10 @@ export class RedisCacheService {
  }

  public async set(key: string, value: string, ttlInSeconds?: number) {
-    await this.cache.set(key, value, {
-      ttl: ttlInSeconds ?? this.configurationService.get('CACHE_TTL')
-    });
+    await this.cache.set(
+      key,
+      value,
+      ttlInSeconds ?? this.configurationService.get('CACHE_TTL')
+    );
  }
 }
--- a/apps/api/src/app/sitemap/sitemap.controller.ts
+++ b/apps/api/src/app/sitemap/sitemap.controller.ts
@ -0,0 +1,36 @@
+import * as fs from 'fs';
+import * as path from 'path';
+
+import {
+  DATE_FORMAT,
+  getYesterday,
+  interpolate
+} from '@ghostfolio/common/helper';
+import { Controller, Get, Res, VERSION_NEUTRAL, Version } from '@nestjs/common';
+import { format } from 'date-fns';
+import { Response } from 'express';
+
+@Controller('sitemap.xml')
+export class SitemapController {
+  public sitemapXml = '';
+
+  public constructor() {
+    try {
+      this.sitemapXml = fs.readFileSync(
+        path.join(__dirname, 'assets', 'sitemap.xml'),
+        'utf8'
+      );
+    } catch {}
+  }
+
+  @Get()
+  @Version(VERSION_NEUTRAL)
+  public async flushCache(@Res() response: Response): Promise<void> {
+    response.setHeader('content-type', 'application/xml');
+    response.send(
+      interpolate(this.sitemapXml, {
+        currentDate: format(getYesterday(), DATE_FORMAT)
+      })
+    );
+  }
+}
--- a/apps/api/src/app/sitemap/sitemap.module.ts
+++ b/apps/api/src/app/sitemap/sitemap.module.ts
@ -0,0 +1,24 @@
+import { RedisCacheModule } from '@ghostfolio/api/app/redis-cache/redis-cache.module';
+import { ConfigurationModule } from '@ghostfolio/api/services/configuration/configuration.module';
+import { DataGatheringModule } from '@ghostfolio/api/services/data-gathering/data-gathering.module';
+import { DataProviderModule } from '@ghostfolio/api/services/data-provider/data-provider.module';
+import { ExchangeRateDataModule } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.module';
+import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
+import { SymbolProfileModule } from '@ghostfolio/api/services/symbol-profile/symbol-profile.module';
+import { Module } from '@nestjs/common';
+
+import { SitemapController } from './sitemap.controller';
+
+@Module({
+  controllers: [SitemapController],
+  imports: [
+    ConfigurationModule,
+    DataGatheringModule,
+    DataProviderModule,
+    ExchangeRateDataModule,
+    PrismaModule,
+    RedisCacheModule,
+    SymbolProfileModule
+  ]
+})
+export class SitemapModule {}
--- a/apps/api/src/app/subscription/subscription.controller.ts
+++ b/apps/api/src/app/subscription/subscription.controller.ts
@ -1,3 +1,4 @@
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
 import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
 import { PropertyService } from '@ghostfolio/api/services/property/property.service';
 import {
@ -37,7 +38,7 @@ export class SubscriptionController {

  @Post('redeem-coupon')
  @HttpCode(StatusCodes.OK)
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async redeemCoupon(@Body() { couponCode }: { couponCode: string }) {
    if (!this.request.user) {
      throw new HttpException(
@ -104,12 +105,12 @@ export class SubscriptionController {
    response.redirect(
      `${this.configurationService.get(
        'ROOT_URL'
-      )}/${DEFAULT_LANGUAGE_CODE}/account`
+      )}/${DEFAULT_LANGUAGE_CODE}/account/membership`
    );
  }

  @Post('stripe/checkout-session')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async createCheckoutSession(
    @Body() { couponId, priceId }: { couponId: string; priceId: string }
  ) {
--- a/apps/api/src/app/subscription/subscription.service.ts
+++ b/apps/api/src/app/subscription/subscription.service.ts
@ -93,9 +93,8 @@ export class SubscriptionService {

  public async createSubscriptionViaStripe(aCheckoutSessionId: string) {
    try {
-      const session = await this.stripe.checkout.sessions.retrieve(
-        aCheckoutSessionId
-      );
+      const session =
+        await this.stripe.checkout.sessions.retrieve(aCheckoutSessionId);

      await this.createSubscription({
        price: session.amount_total / 100,
@ -112,14 +111,14 @@ export class SubscriptionService {
    aSubscriptions: Subscription[]
  ): UserWithSettings['subscription'] {
    if (aSubscriptions.length > 0) {
-      const latestSubscription = aSubscriptions.reduce((a, b) => {
+      const { expiresAt, price } = aSubscriptions.reduce((a, b) => {
        return new Date(a.expiresAt) > new Date(b.expiresAt) ? a : b;
      });

      return {
-        expiresAt: latestSubscription.expiresAt,
-        offer: latestSubscription.price === 0 ? 'default' : 'renewal',
-        type: isBefore(new Date(), latestSubscription.expiresAt)
+        expiresAt,
+        offer: price ? 'renewal' : 'default',
+        type: isBefore(new Date(), expiresAt)
          ? SubscriptionType.Premium
          : SubscriptionType.Basic
      };
--- a/apps/api/src/app/symbol/symbol.controller.ts
+++ b/apps/api/src/app/symbol/symbol.controller.ts
@ -1,3 +1,4 @@
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
 import { TransformDataSourceInRequestInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-request.interceptor';
 import { TransformDataSourceInResponseInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-response.interceptor';
 import { IDataProviderHistoricalResponse } from '@ghostfolio/api/services/interfaces/interfaces';
@ -15,6 +16,7 @@ import {
 import { REQUEST } from '@nestjs/core';
 import { AuthGuard } from '@nestjs/passport';
 import { DataSource } from '@prisma/client';
+import { parseISO } from 'date-fns';
 import { StatusCodes, getReasonPhrase } from 'http-status-codes';
 import { isDate, isEmpty } from 'lodash';

@ -33,13 +35,15 @@ export class SymbolController {
   * Must be before /:symbol
   */
  @Get('lookup')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  @UseInterceptors(TransformDataSourceInResponseInterceptor)
  public async lookupSymbol(
-    @Query() { query = '' }
+    @Query('includeIndices') includeIndices: boolean = false,
+    @Query('query') query = ''
  ): Promise<{ items: LookupItem[] }> {
    try {
      return this.symbolService.lookup({
+        includeIndices,
        query: query.toLowerCase(),
        user: this.request.user
      });
@ -85,13 +89,13 @@ export class SymbolController {
  }

  @Get(':dataSource/:symbol/:dateString')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async gatherSymbolForDate(
    @Param('dataSource') dataSource: DataSource,
    @Param('dateString') dateString: string,
    @Param('symbol') symbol: string
  ): Promise<IDataProviderHistoricalResponse> {
-    const date = new Date(dateString);
+    const date = parseISO(dateString);

    if (!isDate(date)) {
      throw new HttpException(
--- a/apps/api/src/app/symbol/symbol.service.ts
+++ b/apps/api/src/app/symbol/symbol.service.ts
@ -27,9 +27,9 @@ export class SymbolService {
    dataGatheringItem: IDataGatheringItem;
    includeHistoricalData?: number;
  }): Promise<SymbolItem> {
-    const quotes = await this.dataProviderService.getQuotes([
-      dataGatheringItem
-    ]);
+    const quotes = await this.dataProviderService.getQuotes({
+      items: [dataGatheringItem]
+    });
    const { currency, marketPrice } = quotes[dataGatheringItem.symbol] ?? {};

    if (dataGatheringItem.dataSource && marketPrice >= 0) {
@ -40,7 +40,12 @@ export class SymbolService {

        const marketData = await this.marketDataService.getRange({
          dateQuery: { gte: subDays(new Date(), days) },
-          symbols: [dataGatheringItem.symbol]
+          uniqueAssets: [
+            {
+              dataSource: dataGatheringItem.dataSource,
+              symbol: dataGatheringItem.symbol
+            }
+          ]
        });

        historicalData = marketData.map(({ date, marketPrice: value }) => {
@ -81,9 +86,11 @@ export class SymbolService {
  }

  public async lookup({
+    includeIndices = false,
    query,
    user
  }: {
+    includeIndices?: boolean;
    query: string;
    user: UserWithSettings;
  }): Promise<{ items: LookupItem[] }> {
@ -95,6 +102,7 @@ export class SymbolService {

    try {
      const { items } = await this.dataProviderService.search({
+        includeIndices,
        query,
        user
      });
--- a/apps/api/src/app/tag/create-tag.dto.ts
+++ b/apps/api/src/app/tag/create-tag.dto.ts
@ -0,0 +1,6 @@
+import { IsString } from 'class-validator';
+
+export class CreateTagDto {
+  @IsString()
+  name: string;
+}
--- a/apps/api/src/app/tag/tag.controller.ts
+++ b/apps/api/src/app/tag/tag.controller.ts
@ -0,0 +1,82 @@
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import { permissions } from '@ghostfolio/common/permissions';
+import {
+  Body,
+  Controller,
+  Delete,
+  Get,
+  HttpException,
+  Param,
+  Post,
+  Put,
+  UseGuards
+} from '@nestjs/common';
+import { AuthGuard } from '@nestjs/passport';
+import { Tag } from '@prisma/client';
+import { StatusCodes, getReasonPhrase } from 'http-status-codes';
+
+import { CreateTagDto } from './create-tag.dto';
+import { TagService } from './tag.service';
+import { UpdateTagDto } from './update-tag.dto';
+
+@Controller('tag')
+export class TagController {
+  public constructor(private readonly tagService: TagService) {}
+
+  @Get()
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async getTags() {
+    return this.tagService.getTagsWithActivityCount();
+  }
+
+  @Post()
+  @HasPermission(permissions.createTag)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async createTag(@Body() data: CreateTagDto): Promise<Tag> {
+    return this.tagService.createTag(data);
+  }
+
+  @HasPermission(permissions.updateTag)
+  @Put(':id')
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async updateTag(@Param('id') id: string, @Body() data: UpdateTagDto) {
+    const originalTag = await this.tagService.getTag({
+      id
+    });
+
+    if (!originalTag) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.FORBIDDEN),
+        StatusCodes.FORBIDDEN
+      );
+    }
+
+    return this.tagService.updateTag({
+      data: {
+        ...data
+      },
+      where: {
+        id
+      }
+    });
+  }
+
+  @Delete(':id')
+  @HasPermission(permissions.deleteTag)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async deleteTag(@Param('id') id: string) {
+    const originalTag = await this.tagService.getTag({
+      id
+    });
+
+    if (!originalTag) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.FORBIDDEN),
+        StatusCodes.FORBIDDEN
+      );
+    }
+
+    return this.tagService.deleteTag({ id });
+  }
+}
--- a/apps/api/src/app/tag/tag.module.ts
+++ b/apps/api/src/app/tag/tag.module.ts
@ -0,0 +1,13 @@
+import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
+import { Module } from '@nestjs/common';
+
+import { TagController } from './tag.controller';
+import { TagService } from './tag.service';
+
+@Module({
+  controllers: [TagController],
+  exports: [TagService],
+  imports: [PrismaModule],
+  providers: [TagService]
+})
+export class TagModule {}
--- a/apps/api/src/app/tag/tag.service.ts
+++ b/apps/api/src/app/tag/tag.service.ts
@ -0,0 +1,79 @@
+import { PrismaService } from '@ghostfolio/api/services/prisma/prisma.service';
+import { Injectable } from '@nestjs/common';
+import { Prisma, Tag } from '@prisma/client';
+
+@Injectable()
+export class TagService {
+  public constructor(private readonly prismaService: PrismaService) {}
+
+  public async createTag(data: Prisma.TagCreateInput) {
+    return this.prismaService.tag.create({
+      data
+    });
+  }
+
+  public async deleteTag(where: Prisma.TagWhereUniqueInput): Promise<Tag> {
+    return this.prismaService.tag.delete({ where });
+  }
+
+  public async getTag(
+    tagWhereUniqueInput: Prisma.TagWhereUniqueInput
+  ): Promise<Tag> {
+    return this.prismaService.tag.findUnique({
+      where: tagWhereUniqueInput
+    });
+  }
+
+  public async getTags({
+    cursor,
+    orderBy,
+    skip,
+    take,
+    where
+  }: {
+    cursor?: Prisma.TagWhereUniqueInput;
+    orderBy?: Prisma.TagOrderByWithRelationInput;
+    skip?: number;
+    take?: number;
+    where?: Prisma.TagWhereInput;
+  } = {}) {
+    return this.prismaService.tag.findMany({
+      cursor,
+      orderBy,
+      skip,
+      take,
+      where
+    });
+  }
+
+  public async getTagsWithActivityCount() {
+    const tagsWithOrderCount = await this.prismaService.tag.findMany({
+      include: {
+        _count: {
+          select: { orders: true }
+        }
+      }
+    });
+
+    return tagsWithOrderCount.map(({ _count, id, name }) => {
+      return {
+        id,
+        name,
+        activityCount: _count.orders
+      };
+    });
+  }
+
+  public async updateTag({
+    data,
+    where
+  }: {
+    data: Prisma.TagUpdateInput;
+    where: Prisma.TagWhereUniqueInput;
+  }): Promise<Tag> {
+    return this.prismaService.tag.update({
+      data,
+      where
+    });
+  }
+}
--- a/apps/api/src/app/tag/update-tag.dto.ts
+++ b/apps/api/src/app/tag/update-tag.dto.ts
@ -0,0 +1,9 @@
+import { IsString } from 'class-validator';
+
+export class UpdateTagDto {
+  @IsString()
+  id: string;
+
+  @IsString()
+  name: string;
+}
--- a/apps/api/src/app/user/update-user-setting.dto.ts
+++ b/apps/api/src/app/user/update-user-setting.dto.ts
@ -4,6 +4,7 @@ import type {
  ViewMode
 } from '@ghostfolio/common/types';
 import {
+  IsArray,
  IsBoolean,
  IsISO8601,
  IsIn,
@ -29,7 +30,7 @@ export class UpdateUserSettingDto {
  @IsOptional()
  colorScheme?: ColorScheme;

-  @IsIn(<DateRange[]>['1d', '1y', '5y', 'max', 'ytd'])
+  @IsIn(<DateRange[]>['1d', '1y', '5y', 'max', 'mtd', 'wtd', 'ytd'])
  @IsOptional()
  dateRange?: DateRange;

@ -37,6 +38,14 @@ export class UpdateUserSettingDto {
  @IsOptional()
  emergencyFund?: number;

+  @IsArray()
+  @IsOptional()
+  'filters.accounts'?: string[];
+
+  @IsArray()
+  @IsOptional()
+  'filters.tags'?: string[];
+
  @IsBoolean()
  @IsOptional()
  isExperimentalFeatures?: boolean;
--- a/Show More
+++ b/Show More