chore: instance tracing

fix: lockfile update
Merge branch 'preview' of github.com:makeplane/plane into preview
2025-08-07 19:59:33 +00:00 · 2024-10-04 21:35:13 +05:30 · 2024-10-04 19:38:19 +05:30 · 2024-10-04 19:26:06 +05:30 · 2024-10-04 19:25:49 +05:30 · 2024-10-04 19:24:47 +05:30
890 changed files with 20414 additions and 15705 deletions
--- a/.env.example
+++ b/.env.example
@@ -8,6 +8,13 @@ PGDATA="/var/lib/postgresql/data"
 REDIS_HOST="plane-redis"
 REDIS_PORT="6379"

+# RabbitMQ Settings
+RABBITMQ_HOST="plane-mq"
+RABBITMQ_PORT="5672"
+RABBITMQ_USER="plane"
+RABBITMQ_PASSWORD="plane"
+RABBITMQ_VHOST="plane"
+
 # AWS Settings
 AWS_REGION=""
 AWS_ACCESS_KEY_ID="access-key"
--- a/.eslintrc-staged.js
+++ b/.eslintrc-staged.js
@@ -1,59 +0,0 @@
-/**
- * Adds three new lint plugins over the existing configuration:
- * This is used to lint staged files only.
- * We should remove this file once the entire codebase follows these rules.
- */
-module.exports = {
-  root: true,
-  extends: [
-    "custom",
-  ],
-  parser: "@typescript-eslint/parser",
-  settings: {
-    "import/resolver": {
-      typescript: {},
-      node: {
-        moduleDirectory: ["node_modules", "."],
-      },
-    },
-  },
-  rules: {
-    "import/order": [
-      "error",
-      {
-        groups: ["builtin", "external", "internal", "parent", "sibling"],
-        pathGroups: [
-          {
-            pattern: "react",
-            group: "external",
-            position: "before",
-          },
-          {
-            pattern: "lucide-react",
-            group: "external",
-            position: "after",
-          },
-          {
-            pattern: "@headlessui/**",
-            group: "external",
-            position: "after",
-          },
-          {
-            pattern: "@plane/**",
-            group: "external",
-            position: "after",
-          },
-          {
-            pattern: "@/**",
-            group: "internal",
-          },
-        ],
-        pathGroupsExcludedImportTypes: ["builtin", "internal", "react"],
-        alphabetize: {
-          order: "asc",
-          caseInsensitive: true,
-        },
-      },
-    ],
-  },
-};
--- a/.eslintrc.js
+++ b/.eslintrc.js
@@ -1,10 +0,0 @@
-module.exports = {
-  root: true,
-  // This tells ESLint to load the config from the package `eslint-config-custom`
-  extends: ["custom"],
-  settings: {
-    next: {
-      rootDir: ["web/", "space/", "admin/"],
-    },
-  },
-};
--- a/.gitattributes
+++ b/.gitattributes
@@ -0,0 +1 @@
+*.sh text eol=lf
--- a/.github/workflows/build-branch.yml
+++ b/.github/workflows/build-branch.yml
@@ -2,6 +2,12 @@ name: Branch Build

 on:
  workflow_dispatch:
+    inputs:
+      arm64:
+        description: "Build for ARM64 architecture"
+        required: false
+        default: false
+        type: boolean
  push:
    branches:
      - master
@@ -11,6 +17,8 @@ on:

 env:
  TARGET_BRANCH: ${{ github.ref_name || github.event.release.target_commitish }}
+  ARM64_BUILD: ${{ github.event.inputs.arm64 }}
+  IS_PRERELEASE: ${{ github.event.release.prerelease }}

 jobs:
  branch_build_setup:
@@ -27,12 +35,14 @@ jobs:
      build_admin: ${{ steps.changed_files.outputs.admin_any_changed }}
      build_space: ${{ steps.changed_files.outputs.space_any_changed }}
      build_web: ${{ steps.changed_files.outputs.web_any_changed }}
+      build_live: ${{ steps.changed_files.outputs.live_any_changed }}
+      flat_branch_name: ${{ steps.set_env_variables.outputs.FLAT_BRANCH_NAME }}

    steps:
      - id: set_env_variables
        name: Set Environment Variables
        run: |
-          if [ "${{ env.TARGET_BRANCH }}" == "master" ] || [ "${{ github.event_name }}" == "release" ]; then
+          if [ "${{ env.TARGET_BRANCH }}" == "master" ] || [ "${{ env.ARM64_BUILD }}" == "true" ] || ([ "${{ github.event_name }}" == "release" ] && [ "${{ env.IS_PRERELEASE }}" != "true" ]); then
            echo "BUILDX_DRIVER=cloud" >> $GITHUB_OUTPUT
            echo "BUILDX_VERSION=lab:latest" >> $GITHUB_OUTPUT
            echo "BUILDX_PLATFORMS=linux/amd64,linux/arm64" >> $GITHUB_OUTPUT
@@ -44,6 +54,8 @@ jobs:
            echo "BUILDX_ENDPOINT=" >> $GITHUB_OUTPUT
          fi
          echo "TARGET_BRANCH=${{ env.TARGET_BRANCH }}" >> $GITHUB_OUTPUT
+          flat_branch_name=$(echo ${{ env.TARGET_BRANCH }} | sed 's/[^a-zA-Z0-9\._]/-/g')
+          echo "FLAT_BRANCH_NAME=${flat_branch_name}" >> $GITHUB_OUTPUT

      - id: checkout_files
        name: Checkout Files
@@ -79,13 +91,21 @@ jobs:
              - 'yarn.lock'
              - 'tsconfig.json'
              - 'turbo.json'
+            live:
+              - live/**
+              - packages/**
+              - 'package.json'
+              - 'yarn.lock'
+              - 'tsconfig.json'
+              - 'turbo.json'

  branch_build_push_web:
    if: ${{ needs.branch_build_setup.outputs.build_web == 'true' || github.event_name == 'workflow_dispatch' || github.event_name == 'release' || needs.branch_build_setup.outputs.gh_branch_name == 'master' }}
+    name: Build-Push Web Docker Image
    runs-on: ubuntu-20.04
    needs: [branch_build_setup]
    env:
-      FRONTEND_TAG: makeplane/plane-frontend:${{ needs.branch_build_setup.outputs.gh_branch_name }}
+      FRONTEND_TAG: makeplane/plane-frontend:${{ needs.branch_build_setup.outputs.flat_branch_name }}
      TARGET_BRANCH: ${{ needs.branch_build_setup.outputs.gh_branch_name }}
      BUILDX_DRIVER: ${{ needs.branch_build_setup.outputs.gh_buildx_driver }}
      BUILDX_VERSION: ${{ needs.branch_build_setup.outputs.gh_buildx_version }}
@@ -95,7 +115,10 @@ jobs:
      - name: Set Frontend Docker Tag
        run: |
          if [ "${{ github.event_name }}" == "release" ]; then
-            TAG=makeplane/plane-frontend:stable,makeplane/plane-frontend:${{ github.event.release.tag_name }}
+            TAG=makeplane/plane-frontend:${{ github.event.release.tag_name }}
+            if [ "${{ env.IS_PRERELEASE }}" != "true" ]; then
+              TAG=${TAG},makeplane/plane-frontend:stable
+            fi
          elif [ "${{ env.TARGET_BRANCH }}" == "master" ]; then
            TAG=makeplane/plane-frontend:latest
          else
@@ -134,10 +157,11 @@ jobs:

  branch_build_push_admin:
    if: ${{ needs.branch_build_setup.outputs.build_admin== 'true' || github.event_name == 'workflow_dispatch' || github.event_name == 'release' || needs.branch_build_setup.outputs.gh_branch_name == 'master' }}
+    name: Build-Push Admin Docker Image
    runs-on: ubuntu-20.04
    needs: [branch_build_setup]
    env:
-      ADMIN_TAG: makeplane/plane-admin:${{ needs.branch_build_setup.outputs.gh_branch_name }}
+      ADMIN_TAG: makeplane/plane-admin:${{ needs.branch_build_setup.outputs.flat_branch_name }}
      TARGET_BRANCH: ${{ needs.branch_build_setup.outputs.gh_branch_name }}
      BUILDX_DRIVER: ${{ needs.branch_build_setup.outputs.gh_buildx_driver }}
      BUILDX_VERSION: ${{ needs.branch_build_setup.outputs.gh_buildx_version }}
@@ -147,7 +171,10 @@ jobs:
      - name: Set Admin Docker Tag
        run: |
          if [ "${{ github.event_name }}" == "release" ]; then
-            TAG=makeplane/plane-admin:stable,makeplane/plane-admin:${{ github.event.release.tag_name }}
+            TAG=makeplane/plane-admin:${{ github.event.release.tag_name }}
+            if [ "${{ env.IS_PRERELEASE }}" != "true" ]; then
+              TAG=${TAG},makeplane/plane-admin:stable
+            fi
          elif [ "${{ env.TARGET_BRANCH }}" == "master" ]; then
            TAG=makeplane/plane-admin:latest
          else
@@ -186,10 +213,11 @@ jobs:

  branch_build_push_space:
    if: ${{ needs.branch_build_setup.outputs.build_space == 'true' || github.event_name == 'workflow_dispatch' || github.event_name == 'release' || needs.branch_build_setup.outputs.gh_branch_name == 'master' }}
+    name: Build-Push Space Docker Image
    runs-on: ubuntu-20.04
    needs: [branch_build_setup]
    env:
-      SPACE_TAG: makeplane/plane-space:${{ needs.branch_build_setup.outputs.gh_branch_name }}
+      SPACE_TAG: makeplane/plane-space:${{ needs.branch_build_setup.outputs.flat_branch_name }}
      TARGET_BRANCH: ${{ needs.branch_build_setup.outputs.gh_branch_name }}
      BUILDX_DRIVER: ${{ needs.branch_build_setup.outputs.gh_buildx_driver }}
      BUILDX_VERSION: ${{ needs.branch_build_setup.outputs.gh_buildx_version }}
@@ -199,7 +227,10 @@ jobs:
      - name: Set Space Docker Tag
        run: |
          if [ "${{ github.event_name }}" == "release" ]; then
-            TAG=makeplane/plane-space:stable,makeplane/plane-space:${{ github.event.release.tag_name }}
+            TAG=makeplane/plane-space:${{ github.event.release.tag_name }}
+            if [ "${{ env.IS_PRERELEASE }}" != "true" ]; then
+              TAG=${TAG},makeplane/plane-space:stable
+            fi
          elif [ "${{ env.TARGET_BRANCH }}" == "master" ]; then
            TAG=makeplane/plane-space:latest
          else
@@ -238,10 +269,11 @@ jobs:

  branch_build_push_apiserver:
    if: ${{ needs.branch_build_setup.outputs.build_apiserver == 'true' || github.event_name == 'workflow_dispatch' || github.event_name == 'release' || needs.branch_build_setup.outputs.gh_branch_name == 'master' }}
+    name: Build-Push API Server Docker Image
    runs-on: ubuntu-20.04
    needs: [branch_build_setup]
    env:
-      BACKEND_TAG: makeplane/plane-backend:${{ needs.branch_build_setup.outputs.gh_branch_name }}
+      BACKEND_TAG: makeplane/plane-backend:${{ needs.branch_build_setup.outputs.flat_branch_name }}
      TARGET_BRANCH: ${{ needs.branch_build_setup.outputs.gh_branch_name }}
      BUILDX_DRIVER: ${{ needs.branch_build_setup.outputs.gh_buildx_driver }}
      BUILDX_VERSION: ${{ needs.branch_build_setup.outputs.gh_buildx_version }}
@@ -251,7 +283,10 @@ jobs:
      - name: Set Backend Docker Tag
        run: |
          if [ "${{ github.event_name }}" == "release" ]; then
-            TAG=makeplane/plane-backend:stable,makeplane/plane-backend:${{ github.event.release.tag_name }}
+            TAG=makeplane/plane-backend:${{ github.event.release.tag_name }}
+            if [ "${{ env.IS_PRERELEASE }}" != "true" ]; then
+              TAG=${TAG},makeplane/plane-backend:stable
+            fi
          elif [ "${{ env.TARGET_BRANCH }}" == "master" ]; then
            TAG=makeplane/plane-backend:latest
          else
@@ -288,12 +323,69 @@ jobs:
          DOCKER_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
          DOCKER_PASSWORD: ${{ secrets.DOCKERHUB_TOKEN }}

-  branch_build_push_proxy:
-    if: ${{ needs.branch_build_setup.outputs.build_proxy == 'true' || github.event_name == 'workflow_dispatch' || github.event_name == 'release' || needs.branch_build_setup.outputs.gh_branch_name == 'master' }}
+  branch_build_push_live:
+    if: ${{ needs.branch_build_setup.outputs.build_live == 'true' || github.event_name == 'workflow_dispatch' || github.event_name == 'release' || needs.branch_build_setup.outputs.gh_branch_name == 'master' }}
+    name: Build-Push Live Collaboration Docker Image
    runs-on: ubuntu-20.04
    needs: [branch_build_setup]
    env:
-      PROXY_TAG: makeplane/plane-proxy:${{ needs.branch_build_setup.outputs.gh_branch_name }}
+      LIVE_TAG: makeplane/plane-live:${{ needs.branch_build_setup.outputs.flat_branch_name }}
+      TARGET_BRANCH: ${{ needs.branch_build_setup.outputs.gh_branch_name }}
+      BUILDX_DRIVER: ${{ needs.branch_build_setup.outputs.gh_buildx_driver }}
+      BUILDX_VERSION: ${{ needs.branch_build_setup.outputs.gh_buildx_version }}
+      BUILDX_PLATFORMS: ${{ needs.branch_build_setup.outputs.gh_buildx_platforms }}
+      BUILDX_ENDPOINT: ${{ needs.branch_build_setup.outputs.gh_buildx_endpoint }}
+    steps:
+      - name: Set Live Docker Tag
+        run: |
+          if [ "${{ github.event_name }}" == "release" ]; then
+            TAG=makeplane/plane-live:${{ github.event.release.tag_name }}
+            if [ "${{ github.event.release.prerelease }}" != "true" ]; then
+              TAG=${TAG},makeplane/plane-live:stable
+            fi
+          elif [ "${{ env.TARGET_BRANCH }}" == "master" ]; then
+            TAG=makeplane/plane-live:latest
+          else
+            TAG=${{ env.LIVE_TAG }}
+          fi
+          echo "LIVE_TAG=${TAG}" >> $GITHUB_ENV
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+        with:
+          driver: ${{ env.BUILDX_DRIVER }}
+          version: ${{ env.BUILDX_VERSION }}
+          endpoint: ${{ env.BUILDX_ENDPOINT }}
+
+      - name: Check out the repo
+        uses: actions/checkout@v4
+
+      - name: Build and Push Live Server to Docker Hub
+        uses: docker/build-push-action@v5.1.0
+        with:
+          context: .
+          file: ./live/Dockerfile.live
+          platforms: ${{ env.BUILDX_PLATFORMS }}
+          tags: ${{ env.LIVE_TAG }}
+          push: true
+        env:
+          DOCKER_BUILDKIT: 1
+          DOCKER_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
+          DOCKER_PASSWORD: ${{ secrets.DOCKERHUB_TOKEN }}
+
+  branch_build_push_proxy:
+    if: ${{ needs.branch_build_setup.outputs.build_proxy == 'true' || github.event_name == 'workflow_dispatch' || github.event_name == 'release' || needs.branch_build_setup.outputs.gh_branch_name == 'master' }}
+    name: Build-Push Proxy Docker Image
+    runs-on: ubuntu-20.04
+    needs: [branch_build_setup]
+    env:
+      PROXY_TAG: makeplane/plane-proxy:${{ needs.branch_build_setup.outputs.flat_branch_name }}
      TARGET_BRANCH: ${{ needs.branch_build_setup.outputs.gh_branch_name }}
      BUILDX_DRIVER: ${{ needs.branch_build_setup.outputs.gh_buildx_driver }}
      BUILDX_VERSION: ${{ needs.branch_build_setup.outputs.gh_buildx_version }}
@@ -303,7 +395,10 @@ jobs:
      - name: Set Proxy Docker Tag
        run: |
          if [ "${{ github.event_name }}" == "release" ]; then
-            TAG=makeplane/plane-proxy:stable,makeplane/plane-proxy:${{ github.event.release.tag_name }}
+            TAG=makeplane/plane-proxy:${{ github.event.release.tag_name }}
+            if [ "${{ env.IS_PRERELEASE }}" != "true" ]; then
+              TAG=${TAG},makeplane/plane-proxy:stable
+            fi
          elif [ "${{ env.TARGET_BRANCH }}" == "master" ]; then
            TAG=makeplane/plane-proxy:latest
          else
--- a/.github/workflows/create-sync-pr.yml
+++ b/.github/workflows/create-sync-pr.yml
@@ -8,7 +8,6 @@ on:

 env:
  CURRENT_BRANCH: ${{ github.ref_name }}
-  SOURCE_BRANCH: ${{ vars.SYNC_SOURCE_BRANCH_NAME }} # The sync branch such as "sync/ce"
  TARGET_BRANCH: ${{ vars.SYNC_TARGET_BRANCH_NAME }} # The target branch that you would like to merge changes like develop
  GITHUB_TOKEN: ${{ secrets.ACCESS_TOKEN }} # Personal access token required to modify contents and workflows
  REVIEWER: ${{ vars.SYNC_PR_REVIEWER }}
@@ -16,22 +15,7 @@ env:
  ACCOUNT_USER_EMAIL: ${{ vars.ACCOUNT_USER_EMAIL }}

 jobs:
-  Check_Branch:
-    runs-on: ubuntu-latest
-    outputs:
-      BRANCH_MATCH: ${{ steps.check-branch.outputs.MATCH }}
-    steps:
-      - name: Check if current branch matches the secret
-        id: check-branch
-        run: |
-          if [ "$CURRENT_BRANCH" = "$SOURCE_BRANCH" ]; then
-            echo "MATCH=true" >> $GITHUB_OUTPUT
-          else
-            echo "MATCH=false" >> $GITHUB_OUTPUT
-          fi
  Create_PR:
-    if: ${{ needs.Check_Branch.outputs.BRANCH_MATCH == 'true' }}
-    needs: [Check_Branch]
    runs-on: ubuntu-latest
    permissions:
      pull-requests: write
@@ -59,11 +43,11 @@ jobs:
      - name: Create PR to Target Branch
        run: |
          # get all pull requests and check if there is already a PR
-          PR_EXISTS=$(gh pr list --base $TARGET_BRANCH --head $SOURCE_BRANCH --state open --json number | jq '.[] | .number')
+          PR_EXISTS=$(gh pr list --base $TARGET_BRANCH --head $CURRENT_BRANCH --state open --json number | jq '.[] | .number')
          if [ -n "$PR_EXISTS" ]; then
            echo "Pull Request already exists: $PR_EXISTS"
          else
            echo "Creating new pull request"
-            PR_URL=$(gh pr create --base $TARGET_BRANCH --head $SOURCE_BRANCH --title "sync: community changes" --body "")
+            PR_URL=$(gh pr create --base $TARGET_BRANCH --head $CURRENT_BRANCH --title "sync: community changes" --body "")
            echo "Pull Request created: $PR_URL"
          fi
--- a/.github/workflows/repo-sync.yml
+++ b/.github/workflows/repo-sync.yml
@@ -35,8 +35,9 @@ jobs:
        env:
          GH_TOKEN: ${{ secrets.ACCESS_TOKEN }}
        run: |
+          RUN_ID="${{ github.run_id }}"
          TARGET_REPO="${{ vars.SYNC_TARGET_REPO }}"
-          TARGET_BRANCH="${{ vars.SYNC_TARGET_BRANCH_NAME }}"
+          TARGET_BRANCH="sync/${RUN_ID}"
          SOURCE_BRANCH="${{ env.SOURCE_BRANCH_NAME }}"

          git checkout $SOURCE_BRANCH
--- a/.husky/pre-commit
+++ b/.husky/pre-commit
--- a/.lintstagedrc.json
+++ b/.lintstagedrc.json
@@ -1,3 +0,0 @@
-{
-  "*.{ts,tsx,js,jsx}": ["eslint -c ./.eslintrc-staged.js", "prettier --check"]
-}
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -4,7 +4,7 @@ Thank you for showing an interest in contributing to Plane! All kinds of contrib

 ## Submitting an issue

-Before submitting a new issue, please search the [issues](https://github.com/makeplane/plane/issues) tab. Maybe an issue or discussion already exists and might inform you of workarounds. Otherwise, you can give new informplaneation.
+Before submitting a new issue, please search the [issues](https://github.com/makeplane/plane/issues) tab. Maybe an issue or discussion already exists and might inform you of workarounds. Otherwise, you can give new information.

 While we want to fix all the [issues](https://github.com/makeplane/plane/issues), before fixing a bug we need to be able to reproduce and confirm it. Please provide us with a minimal reproduction scenario using a repository or [Gist](https://gist.github.com/). Having a live, reproducible scenario gives us the information without asking questions back & forth with additional questions like:

--- a/SECURITY.md
+++ b/SECURITY.md
@@ -1,44 +1,39 @@
-# Security Policy
+# Security policy
+This document outlines the security protocols and vulnerability reporting guidelines for the Plane project. Ensuring the security of our systems is a top priority, and while we work diligently to maintain robust protection, vulnerabilities may still occur. We highly value the community’s role in identifying and reporting security concerns to uphold the integrity of our systems and safeguard our users.

-This document outlines security procedures and vulnerabilities reporting for the Plane project.
+## Reporting a vulnerability
+If you have identified a security vulnerability, submit your findings to [security@plane.so](mailto:security@plane.so). 
+Ensure your report includes all relevant information needed for us to reproduce and assess the issue. Include the IP address or URL of the affected system.

-At Plane, we safeguarding the security of our systems with top priority. Despite our efforts, vulnerabilities may still exist. We greatly appreciate your assistance in identifying and reporting any such vulnerabilities to help us maintain the integrity of our systems and protect our clients.
+To ensure a responsible and effective disclosure process, please adhere to the following:

-To report a security vulnerability, please email us directly at security@plane.so with a detailed description of the vulnerability and steps to reproduce it. Please refrain from disclosing the vulnerability publicly until we have had an opportunity to review and address it.
+- Maintain confidentiality and refrain from publicly disclosing the vulnerability until we have had the opportunity to investigate and address the issue.
+- Refrain from running automated vulnerability scans on our infrastructure or dashboard without prior consent. Contact us to set up a sandbox environment if necessary.
+- Do not exploit any discovered vulnerabilities for malicious purposes, such as accessing or altering user data.
+- Do not engage in physical security attacks, social engineering, distributed denial of service (DDoS) attacks, spam campaigns, or attacks on third-party applications as part of your vulnerability testing.

-## Out of Scope Vulnerabilities
+## Out of scope
+While we appreciate all efforts to assist in improving our security, please note that the following types of vulnerabilities are considered out of scope:

-We appreciate your help in identifying vulnerabilities. However, please note that the following types of vulnerabilities are considered out of scope:
+- Vulnerabilities requiring man-in-the-middle (MITM) attacks or physical access to a user’s device.
+- Content spoofing or text injection issues without a clear attack vector or the ability to modify HTML/CSS.
+- Issues related to email spoofing.
+- Missing DNSSEC, CAA, or CSP headers.
+- Absence of secure or HTTP-only flags on non-sensitive cookies.

- Attacks requiring MITM or physical access to a user's device.
- Content spoofing and text injection issues without demonstrating an attack vector or ability to modify HTML/CSS.
- Email spoofing.
- Missing DNSSEC, CAA, CSP headers.
- Lack of Secure or HTTP only flag on non-sensitive cookies.
+## Our commitment

-## Reporting Process
+At Plane, we are committed to maintaining transparent and collaborative communication throughout the vulnerability resolution process. Here's what you can expect from us:

-If you discover a vulnerability, please adhere to the following reporting process:
+- **Response Time** <br/>
+We will acknowledge receipt of your vulnerability report within three business days and provide an estimated timeline for resolution.
+- **Legal Protection** <br/>
+We will not initiate legal action against you for reporting vulnerabilities, provided you adhere to the reporting guidelines.
+- **Confidentiality** <br/>
+Your report will be treated with confidentiality. We will not disclose your personal information to third parties without your consent.
+- **Recognition** <br/>
+With your permission, we are happy to publicly acknowledge your contribution to improving our security once the issue is resolved.
+- **Timely Resolution** <br/>
+We are committed to working closely with you throughout the resolution process, providing timely updates as necessary. Our goal is to address all reported vulnerabilities swiftly, and we will actively engage with you to coordinate a responsible disclosure once the issue is fully resolved.

-1. Email your findings to security@plane.so.
-2. Refrain from running automated scanners on our infrastructure or dashboard without prior consent. Contact us to set up a sandbox environment if necessary.
-3. Do not exploit the vulnerability for malicious purposes, such as downloading excessive data or altering user data.
-4. Maintain confidentiality and refrain from disclosing the vulnerability until it has been resolved.
-5. Avoid using physical security attacks, social engineering, distributed denial of service, spam, or third-party applications.
-
-When reporting a vulnerability, please provide sufficient information to allow us to reproduce and address the issue promptly. Include the IP address or URL of the affected system, along with a detailed description of the vulnerability.
-
-## Our Commitment
-
-We are committed to promptly addressing reported vulnerabilities and maintaining open communication throughout the resolution process. Here's what you can expect from us:
-
- **Response Time:** We will acknowledge receipt of your report within three business days and provide an expected resolution date.
- **Legal Protection:** We will not pursue legal action against you for reporting vulnerabilities, provided you adhere to the reporting guidelines.
- **Confidentiality:** Your report will be treated with strict confidentiality. We will not disclose your personal information to third parties without your consent.
- **Progress Updates:** We will keep you informed of our progress in resolving the reported vulnerability.
- **Recognition:** With your permission, we will publicly acknowledge you as the discoverer of the vulnerability.
- **Timely Resolution:** We strive to resolve all reported vulnerabilities promptly and will actively participate in the publication process once the issue is resolved.
-
-We appreciate your cooperation in helping us maintain the security of our systems and protecting our clients. Thank you for your contributions to our security efforts.
-
-reference: https://supabase.com/.well-known/security.txt
+We appreciate your help in ensuring the security of our platform. Your contributions are crucial to protecting our users and maintaining a secure environment. Thank you for working with us to keep Plane safe.
--- a/admin/.eslintrc.js
+++ b/admin/.eslintrc.js
@@ -1,52 +1,8 @@
 module.exports = {
  root: true,
-  extends: ["custom"],
+  extends: ["@plane/eslint-config/next.js"],
  parser: "@typescript-eslint/parser",
-  settings: {
-    "import/resolver": {
-      typescript: {},
-      node: {
-        moduleDirectory: ["node_modules", "."],
-      },
-    },
+  parserOptions: {
+    project: true,
  },
-  rules: {
-    "import/order": [
-      "error",
-      {
-        groups: ["builtin", "external", "internal", "parent", "sibling",],
-        pathGroups: [
-          {
-            pattern: "react",
-            group: "external",
-            position: "before",
-          },
-          {
-            pattern: "lucide-react",
-            group: "external",
-            position: "after",
-          },
-          {
-            pattern: "@headlessui/**",
-            group: "external",
-            position: "after",
-          },
-          {
-            pattern: "@plane/**",
-            group: "external",
-            position: "after",
-          },
-          {
-            pattern: "@/**",
-            group: "internal",
-          }
-        ],
-        pathGroupsExcludedImportTypes: ["builtin", "internal", "react"],
-        alphabetize: {
-          order: "asc",
-          caseInsensitive: true,
-        },
-      },
-    ],
-  },
-}
+};
--- a/admin/ce/components/authentication/authentication-modes.tsx
+++ b/admin/ce/components/authentication/authentication-modes.tsx
@@ -10,8 +10,9 @@ import {
 // components
 import { AuthenticationMethodCard } from "@/components/authentication";
 // helpers
-import { UpgradeButton } from "@/components/common/upgrade-button";
 import { getBaseAuthenticationModes } from "@/helpers/authentication.helper";
+// plane admin components
+import { UpgradeButton } from "@/plane-admin/components/common";
 // images
 import OIDCLogo from "@/public/logos/oidc-logo.svg";
 import SAMLLogo from "@/public/logos/saml-logo.svg";
@@ -27,24 +28,24 @@ export const getAuthenticationModes: (props: TGetBaseAuthenticationModeProps) =>
  updateConfig,
  resolvedTheme,
 }) => [
-    ...getBaseAuthenticationModes({ disabled, updateConfig, resolvedTheme }),
-    {
-      key: "oidc",
-      name: "OIDC",
-      description: "Authenticate your users via the OpenID Connect protocol.",
-      icon: <Image src={OIDCLogo} height={22} width={22} alt="OIDC Logo" />,
-      config: <UpgradeButton />,
-      unavailable: true,
-    },
-    {
-      key: "saml",
-      name: "SAML",
-      description: "Authenticate your users via the Security Assertion Markup Language protocol.",
-      icon: <Image src={SAMLLogo} height={22} width={22} alt="SAML Logo" className="pl-0.5" />,
-      config: <UpgradeButton />,
-      unavailable: true,
-    },
-  ];
+  ...getBaseAuthenticationModes({ disabled, updateConfig, resolvedTheme }),
+  {
+    key: "oidc",
+    name: "OIDC",
+    description: "Authenticate your users via the OpenID Connect protocol.",
+    icon: <Image src={OIDCLogo} height={22} width={22} alt="OIDC Logo" />,
+    config: <UpgradeButton />,
+    unavailable: true,
+  },
+  {
+    key: "saml",
+    name: "SAML",
+    description: "Authenticate your users via the Security Assertion Markup Language protocol.",
+    icon: <Image src={SAMLLogo} height={22} width={22} alt="SAML Logo" className="pl-0.5" />,
+    config: <UpgradeButton />,
+    unavailable: true,
+  },
+];

 export const AuthenticationModes: React.FC<TAuthenticationModeProps> = observer((props) => {
  const { disabled, updateConfig } = props;
--- a/admin/ce/components/common/index.ts
+++ b/admin/ce/components/common/index.ts
@@ -0,0 +1 @@
+export * from "./upgrade-button";
--- a/admin/core/components/common/upgrade-button.tsx
+++ b/admin/core/components/common/upgrade-button.tsx
--- a/admin/ce/store/root.store.ts
+++ b/admin/ce/store/root.store.ts
@@ -0,0 +1,19 @@
+import { enableStaticRendering } from "mobx-react";
+// stores
+import { CoreRootStore } from "@/store/root.store";
+
+enableStaticRendering(typeof window === "undefined");
+
+export class RootStore extends CoreRootStore {
+  constructor() {
+    super();
+  }
+
+  hydrate(initialData: any) {
+    super.hydrate(initialData);
+  }
+
+  resetOnSignOut() {
+    super.resetOnSignOut();
+  }
+}
--- a/admin/core/components/admin-sidebar/root.tsx
+++ b/admin/core/components/admin-sidebar/root.tsx
@@ -2,15 +2,14 @@

 import { FC, useEffect, useRef } from "react";
 import { observer } from "mobx-react";
-// hooks
-import { HelpSection, SidebarMenu, SidebarDropdown } from "@/components/admin-sidebar";
-import { useTheme } from "@/hooks/store";
-import useOutsideClickDetector from "@/hooks/use-outside-click-detector";
+// plane helpers
+import { useOutsideClickDetector } from "@plane/helpers";
 // components
+import { HelpSection, SidebarMenu, SidebarDropdown } from "@/components/admin-sidebar";
+// hooks
+import { useTheme } from "@/hooks/store";

-export interface IInstanceSidebar {}
-
-export const InstanceSidebar: FC<IInstanceSidebar> = observer(() => {
+export const InstanceSidebar: FC = observer(() => {
  // store
  const { isSidebarCollapsed, toggleSidebar } = useTheme();

--- a/admin/core/components/common/index.ts
+++ b/admin/core/components/common/index.ts
@@ -8,4 +8,3 @@ export * from "./empty-state";
 export * from "./logo-spinner";
 export * from "./page-header";
 export * from "./code-block";
-export * from "./upgrade-button";
--- a/admin/core/components/instance/instance-failure-view.tsx
+++ b/admin/core/components/instance/instance-failure-view.tsx
@@ -7,11 +7,7 @@ import { Button } from "@plane/ui";
 import InstanceFailureDarkImage from "@/public/instance/instance-failure-dark.svg";
 import InstanceFailureImage from "@/public/instance/instance-failure.svg";

-type InstanceFailureViewProps = {
-  // mutate: () => void;
-};
-
-export const InstanceFailureView: FC<InstanceFailureViewProps> = () => {
+export const InstanceFailureView: FC = () => {
  const { resolvedTheme } = useTheme();

  const instanceImage = resolvedTheme === "dark" ? InstanceFailureDarkImage : InstanceFailureImage;
--- a/admin/core/hooks/use-outside-click-detector.tsx
+++ b/admin/core/hooks/use-outside-click-detector.tsx
@@ -1,21 +0,0 @@
-"use client";
-
-import React, { useEffect } from "react";
-
-const useOutsideClickDetector = (ref: React.RefObject<HTMLElement>, callback: () => void) => {
-  const handleClick = (event: MouseEvent) => {
-    if (ref.current && !ref.current.contains(event.target as Node)) {
-      callback();
-    }
-  };
-
-  useEffect(() => {
-    document.addEventListener("mousedown", handleClick);
-
-    return () => {
-      document.removeEventListener("mousedown", handleClick);
-    };
-  });
-};
-
-export default useOutsideClickDetector;
--- a/admin/core/layouts/admin-layout.tsx
+++ b/admin/core/layouts/admin-layout.tsx
@@ -18,6 +18,7 @@ export const AdminLayout: FC<TAdminLayout> = observer((props) => {
  const { children } = props;
  // router
  const router = useRouter();
+  // store hooks
  const { isUserLoggedIn } = useUser();

  useEffect(() => {
--- a/admin/core/lib/store-provider.tsx
+++ b/admin/core/lib/store-provider.tsx
@@ -1,8 +1,8 @@
 "use client";

 import { ReactNode, createContext } from "react";
-// store
-import { RootStore } from "@/store/root.store";
+// plane admin store
+import { RootStore } from "@/plane-admin/store/root.store";

 let rootStore = new RootStore();

--- a/admin/core/services/auth.service.ts
+++ b/admin/core/services/auth.service.ts
@@ -1,5 +1,5 @@
 // helpers
-import { API_BASE_URL } from "helpers/common.helper";
+import { API_BASE_URL } from "@/helpers/common.helper";
 // services
 import { APIService } from "@/services/api.service";

--- a/admin/core/services/user.service.ts
+++ b/admin/core/services/user.service.ts
@@ -1,7 +1,7 @@
-// helpers
-import { API_BASE_URL } from "helpers/common.helper";
 // types
 import type { IUser } from "@plane/types";
+// helpers
+import { API_BASE_URL } from "@/helpers/common.helper";
 // services
 import { APIService } from "@/services/api.service";

--- a/admin/core/store/instance.store.ts
+++ b/admin/core/store/instance.store.ts
@@ -13,7 +13,7 @@ import { EInstanceStatus, TInstanceStatus } from "@/helpers/instance.helper";
 // services
 import { InstanceService } from "@/services/instance.service";
 // root store
-import { RootStore } from "@/store/root.store";
+import { CoreRootStore } from "@/store/root.store";

 export interface IInstanceStore {
  // issues
@@ -46,7 +46,7 @@ export class InstanceStore implements IInstanceStore {
  // service
  instanceService;

-  constructor(private store: RootStore) {
+  constructor(private store: CoreRootStore) {
    makeObservable(this, {
      // observable
      isLoading: observable.ref,
--- a/admin/core/store/root.store.ts
+++ b/admin/core/store/root.store.ts
@@ -6,7 +6,7 @@ import { IUserStore, UserStore } from "./user.store";

 enableStaticRendering(typeof window === "undefined");

-export class RootStore {
+export abstract class CoreRootStore {
  theme: IThemeStore;
  instance: IInstanceStore;
  user: IUserStore;
--- a/admin/core/store/theme.store.ts
+++ b/admin/core/store/theme.store.ts
@@ -1,6 +1,6 @@
 import { action, observable, makeObservable } from "mobx";
 // root store
-import { RootStore } from "@/store/root.store";
+import { CoreRootStore } from "@/store/root.store";

 type TTheme = "dark" | "light";
 export interface IThemeStore {
@@ -21,7 +21,7 @@ export class ThemeStore implements IThemeStore {
  isSidebarCollapsed: boolean | undefined = undefined;
  theme: string | undefined = undefined;

-  constructor(private store: RootStore) {
+  constructor(private store: CoreRootStore) {
    makeObservable(this, {
      // observables
      isNewUserPopup: observable.ref,
--- a/admin/core/store/user.store.ts
+++ b/admin/core/store/user.store.ts
@@ -6,7 +6,7 @@ import { EUserStatus, TUserStatus } from "@/helpers/user.helper";
 import { AuthService } from "@/services/auth.service";
 import { UserService } from "@/services/user.service";
 // root store
-import { RootStore } from "@/store/root.store";
+import { CoreRootStore } from "@/store/root.store";

 export interface IUserStore {
  // observables
@@ -31,7 +31,7 @@ export class UserStore implements IUserStore {
  userService;
  authService;

-  constructor(private store: RootStore) {
+  constructor(private store: CoreRootStore) {
    makeObservable(this, {
      // observables
      isLoading: observable.ref,
--- a/admin/ee/components/common/index.ts
+++ b/admin/ee/components/common/index.ts
@@ -0,0 +1 @@
+export * from "ce/components/common";
--- a/admin/ee/store/root.store.ts
+++ b/admin/ee/store/root.store.ts
@@ -0,0 +1 @@
+export * from "ce/store/root.store";
--- a/admin/next-env.d.ts
+++ b/admin/next-env.d.ts
@@ -2,4 +2,4 @@
 /// <reference types="next/image-types/global" />

 // NOTE: This file should not be edited
-// see https://nextjs.org/docs/basic-features/typescript for more information.
+// see https://nextjs.org/docs/app/building-your-application/configuring/typescript for more information.
--- a/admin/package.json
+++ b/admin/package.json
@@ -1,6 +1,6 @@
 {
  "name": "admin",
-  "version": "0.22.0",
+  "version": "0.23.0",
  "private": true,
  "scripts": {
    "dev": "turbo run develop",
@@ -8,13 +8,16 @@
    "build": "next build",
    "preview": "next build && next start",
    "start": "next start",
-    "lint": "next lint"
+    "lint": "eslint . --ext .ts,.tsx",
+    "lint:errors": "eslint . --ext .ts,.tsx --quiet"
  },
  "dependencies": {
    "@headlessui/react": "^1.7.19",
+    "@plane/constants": "*",
+    "@plane/helpers": "*",
    "@plane/types": "*",
    "@plane/ui": "*",
-    "@plane/constants": "*",
+    "@sentry/nextjs": "^8.32.0",
    "@tailwindcss/typography": "^0.5.9",
    "@types/lodash": "^4.17.0",
    "autoprefixer": "10.4.14",
@@ -24,27 +27,27 @@
    "lucide-react": "^0.356.0",
    "mobx": "^6.12.0",
    "mobx-react": "^9.1.1",
-    "next": "^14.2.3",
+    "next": "^14.2.12",
    "next-themes": "^0.2.1",
    "postcss": "^8.4.38",
    "react": "^18.3.1",
    "react-dom": "^18.3.1",
-    "react-hook-form": "^7.51.0",
+    "react-hook-form": "7.51.5",
    "swr": "^2.2.4",
    "tailwindcss": "3.3.2",
    "uuid": "^9.0.1",
    "zxcvbn": "^4.4.2"
  },
  "devDependencies": {
+    "@plane/eslint-config": "*",
+    "@plane/typescript-config": "*",
    "@types/js-cookie": "^3.0.6",
    "@types/node": "18.16.1",
    "@types/react": "^18.2.48",
    "@types/react-dom": "^18.2.18",
    "@types/uuid": "^9.0.8",
    "@types/zxcvbn": "^4.4.4",
-    "eslint-config-custom": "*",
    "tailwind-config-custom": "*",
-    "tsconfig": "*",
-    "typescript": "^5.4.2"
+    "typescript": "5.3.3"
  }
-}
+}
--- a/admin/tsconfig.json
+++ b/admin/tsconfig.json
@@ -1,21 +1,15 @@
 {
-  "extends": "tsconfig/nextjs.json",
-  "include": ["next-env.d.ts", "**/*.ts", "**/*.tsx", ".next/types/**/*.ts"],
-  "exclude": ["node_modules"],
+  "extends": "@plane/typescript-config/nextjs.json",
  "compilerOptions": {
+    "plugins": [{ "name": "next" }],
    "baseUrl": ".",
-    "jsx": "preserve",
-    "esModuleInterop": true,
    "paths": {
      "@/*": ["core/*"],
      "@/helpers/*": ["helpers/*"],
      "@/public/*": ["public/*"],
      "@/plane-admin/*": ["ce/*"]
-    },
-    "plugins": [
-      {
-        "name": "next"
-      }
-    ]
-  }
+    }
+  },
+  "include": ["next-env.d.ts", "next.config.js", "**/*.ts", "**/*.tsx", ".next/types/**/*.ts"],
+  "exclude": ["node_modules"]
 }
--- a/apiserver/.env.example
+++ b/apiserver/.env.example
@@ -15,12 +15,18 @@ POSTGRES_DB="plane"
 POSTGRES_PORT=5432
 DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}

-
 # Redis Settings
 REDIS_HOST="plane-redis"
 REDIS_PORT="6379"
 REDIS_URL="redis://${REDIS_HOST}:6379/"

+# RabbitMQ Settings
+RABBITMQ_HOST="plane-mq"
+RABBITMQ_PORT="5672"
+RABBITMQ_USER="plane"
+RABBITMQ_PASSWORD="plane"
+RABBITMQ_VHOST="plane"
+
 # AWS Settings
 AWS_REGION=""
 AWS_ACCESS_KEY_ID="access-key"
--- a/apiserver/package.json
+++ b/apiserver/package.json
@@ -1,4 +1,4 @@
 {
  "name": "plane-api",
-  "version": "0.22.0"
+  "version": "0.23.0"
 }
--- a/apiserver/plane/api/serializers/init.py
+++ b/apiserver/plane/api/serializers/init.py
@@ -10,6 +10,7 @@ from .issue import (
    IssueAttachmentSerializer,
    IssueActivitySerializer,
    IssueExpandSerializer,
+    IssueLiteSerializer,
 )
 from .state import StateLiteSerializer, StateSerializer
 from .cycle import CycleSerializer, CycleIssueSerializer, CycleLiteSerializer
--- a/apiserver/plane/api/serializers/base.py
+++ b/apiserver/plane/api/serializers/base.py
@@ -67,6 +67,7 @@ class BaseSerializer(serializers.ModelSerializer):
                    # Import all the expandable serializers
                    from . import (
                        IssueSerializer,
+                        IssueLiteSerializer,
                        ProjectLiteSerializer,
                        StateLiteSerializer,
                        UserLiteSerializer,
@@ -86,6 +87,7 @@ class BaseSerializer(serializers.ModelSerializer):
                        "actor": UserLiteSerializer,
                        "owned_by": UserLiteSerializer,
                        "members": UserLiteSerializer,
+                        "parent": IssueLiteSerializer,
                    }
                    # Check if field in expansion  then expand the field
                    if expand in expansion:
--- a/apiserver/plane/api/serializers/issue.py
+++ b/apiserver/plane/api/serializers/issue.py
@@ -1,6 +1,3 @@
-from django.core.exceptions import ValidationError
-from django.core.validators import URLValidator
-
 # Django imports
 from django.utils import timezone
 from lxml import html
@@ -30,6 +27,9 @@ from .module import ModuleLiteSerializer, ModuleSerializer
 from .state import StateLiteSerializer
 from .user import UserLiteSerializer

+# Django imports
+from django.core.exceptions import ValidationError
+from django.core.validators import URLValidator

 class IssueSerializer(BaseSerializer):
    assignees = serializers.ListField(
@@ -274,6 +274,17 @@ class IssueSerializer(BaseSerializer):
        return data


+class IssueLiteSerializer(BaseSerializer):
+    class Meta:
+        model = Issue
+        fields = [
+            "id",
+            "sequence_id",
+            "project_id",
+        ]
+        read_only_fields = fields
+
+
 class LabelSerializer(BaseSerializer):
    class Meta:
        model = Label
@@ -304,7 +315,7 @@ class IssueLinkSerializer(BaseSerializer):
            "created_at",
            "updated_at",
        ]
-
+    
    def validate_url(self, value):
        # Check URL format
        validate_url = URLValidator()
--- a/apiserver/plane/api/serializers/module.py
+++ b/apiserver/plane/api/serializers/module.py
@@ -71,6 +71,16 @@ class ModuleSerializer(BaseSerializer):
        project_id = self.context["project_id"]
        workspace_id = self.context["workspace_id"]

+        module_name = validated_data.get("name")
+        if module_name:
+            # Lookup for the module name in the module table for that project
+            if Module.objects.filter(
+                name=module_name, project_id=project_id
+            ).exists():
+                raise serializers.ValidationError(
+                    {"error": "Module with this name already exists"}
+                )
+
        module = Module.objects.create(**validated_data, project_id=project_id)
        if members is not None:
            ModuleMember.objects.bulk_create(
@@ -93,6 +103,19 @@ class ModuleSerializer(BaseSerializer):

    def update(self, instance, validated_data):
        members = validated_data.pop("members", None)
+        module_name = validated_data.get("name")
+        if module_name:
+            # Lookup for the module name in the module table for that project
+            if (
+                Module.objects.filter(
+                    name=module_name, project=instance.project
+                )
+                .exclude(id=instance.id)
+                .exists()
+            ):
+                raise serializers.ValidationError(
+                    {"error": "Module with this name already exists"}
+                )

        if members is not None:
            ModuleMember.objects.filter(module=instance).delete()
--- a/apiserver/plane/api/views/inbox.py
+++ b/apiserver/plane/api/views/inbox.py
@@ -210,7 +210,7 @@ class InboxIssueAPIEndpoint(BaseAPIView):
        )

        # Only project members admins and created_by users can access this endpoint
-        if project_member.role <= 10 and str(inbox_issue.created_by_id) != str(
+        if project_member.role <= 5 and str(inbox_issue.created_by_id) != str(
            request.user.id
        ):
            return Response(
@@ -244,9 +244,8 @@ class InboxIssueAPIEndpoint(BaseAPIView):
                workspace__slug=slug,
                project_id=project_id,
            )
-            # Only allow guests and viewers to edit name and description
-            if project_member.role <= 10:
-                # viewers and guests since only viewers and guests
+            # Only allow guests to edit name and description
+            if project_member.role <= 5:
                issue_data = {
                    "name": issue_data.get("name", issue.name),
                    "description_html": issue_data.get(
@@ -286,7 +285,7 @@ class InboxIssueAPIEndpoint(BaseAPIView):
                )

        # Only project admins and members can edit inbox issue attributes
-        if project_member.role > 10:
+        if project_member.role > 5:
            serializer = InboxIssueSerializer(
                inbox_issue, data=request.data, partial=True
            )
--- a/apiserver/plane/api/views/member.py
+++ b/apiserver/plane/api/views/member.py
@@ -133,7 +133,7 @@ class ProjectMemberAPIEndpoint(BaseAPIView):
            workspace_member = WorkspaceMember.objects.create(
                workspace=workspace,
                member=user,
-                role=request.data.get("role", 10),
+                role=request.data.get("role", 5),
            )
            workspace_member.save()

@@ -142,7 +142,7 @@ class ProjectMemberAPIEndpoint(BaseAPIView):
            project_member = ProjectMember.objects.create(
                project=project,
                member=user,
-                role=request.data.get("role", 10),
+                role=request.data.get("role", 5),
            )
            project_member.save()

--- a/apiserver/plane/api/views/project.py
+++ b/apiserver/plane/api/views/project.py
@@ -301,11 +301,16 @@ class ProjectAPIEndpoint(BaseAPIView):
            if serializer.is_valid():
                serializer.save()
                if serializer.data["inbox_view"]:
-                    Inbox.objects.get_or_create(
-                        name=f"{project.name} Inbox",
+                    inbox = Inbox.objects.filter(
                        project=project,
                        is_default=True,
-                    )
+                    ).first()
+                    if not inbox:
+                        Inbox.objects.create(
+                            name=f"{project.name} Inbox",
+                            project=project,
+                            is_default=True,
+                        )

                    # Create the triage state in Backlog group
                    State.objects.get_or_create(
--- a/apiserver/plane/app/permissions/base.py
+++ b/apiserver/plane/app/permissions/base.py
@@ -8,7 +8,6 @@ from enum import Enum
 class ROLE(Enum):
    ADMIN = 20
    MEMBER = 15
-    VIEWER = 10
    GUEST = 5


--- a/apiserver/plane/app/permissions/project.py
+++ b/apiserver/plane/app/permissions/project.py
@@ -7,7 +7,6 @@ from plane.db.models import ProjectMember, WorkspaceMember
 # Permission Mappings
 Admin = 20
 Member = 15
-Viewer = 10
 Guest = 5


--- a/apiserver/plane/app/permissions/workspace.py
+++ b/apiserver/plane/app/permissions/workspace.py
@@ -6,9 +6,8 @@ from plane.db.models import WorkspaceMember


 # Permission Mappings
-Owner = 20
-Admin = 15
-Member = 10
+Admin = 20
+Member = 15
 Guest = 5


@@ -31,7 +30,7 @@ class WorkSpaceBasePermission(BasePermission):
            return WorkspaceMember.objects.filter(
                member=request.user,
                workspace__slug=view.workspace_slug,
-                role__in=[Owner, Admin],
+                role__in=[Admin, Member],
                is_active=True,
            ).exists()

@@ -40,7 +39,7 @@ class WorkSpaceBasePermission(BasePermission):
            return WorkspaceMember.objects.filter(
                member=request.user,
                workspace__slug=view.workspace_slug,
-                role=Owner,
+                role=Admin,
                is_active=True,
            ).exists()

@@ -53,7 +52,7 @@ class WorkspaceOwnerPermission(BasePermission):
        return WorkspaceMember.objects.filter(
            workspace__slug=view.workspace_slug,
            member=request.user,
-            role=Owner,
+            role=Admin,
        ).exists()


@@ -65,7 +64,7 @@ class WorkSpaceAdminPermission(BasePermission):
        return WorkspaceMember.objects.filter(
            member=request.user,
            workspace__slug=view.workspace_slug,
-            role__in=[Owner, Admin],
+            role__in=[Admin, Member],
            is_active=True,
        ).exists()

@@ -86,7 +85,7 @@ class WorkspaceEntityPermission(BasePermission):
        return WorkspaceMember.objects.filter(
            member=request.user,
            workspace__slug=view.workspace_slug,
-            role__in=[Owner, Admin],
+            role__in=[Admin, Member],
            is_active=True,
        ).exists()

--- a/apiserver/plane/app/serializers/issue.py
+++ b/apiserver/plane/app/serializers/issue.py
@@ -437,17 +437,21 @@ class IssueLinkSerializer(BaseSerializer):
            "issue",
        ]

-    def validate_url(self, value):
-        # Check URL format
-        validate_url = URLValidator()
-        try:
-            validate_url(value)
-        except ValidationError:
-            raise serializers.ValidationError("Invalid URL format.")
+    def to_internal_value(self, data):
+        # Modify the URL before validation by appending http:// if missing
+        url = data.get("url", "")
+        if url and not url.startswith(("http://", "https://")):
+            data["url"] = "http://" + url

-        # Check URL scheme
-        if not value.startswith(("http://", "https://")):
-            raise serializers.ValidationError("Invalid URL scheme.")
+        return super().to_internal_value(data)
+
+    def validate_url(self, value):
+        # Use Django's built-in URLValidator for validation
+        url_validator = URLValidator()
+        try:
+            url_validator(value)
+        except ValidationError:
+            raise serializers.ValidationError({"error": "Invalid URL format."})

        return value

@@ -533,7 +537,7 @@ class IssueReactionSerializer(BaseSerializer):
            "project",
            "issue",
            "actor",
-            "deleted_at"
+            "deleted_at",
        ]


@@ -552,7 +556,13 @@ class CommentReactionSerializer(BaseSerializer):
    class Meta:
        model = CommentReaction
        fields = "__all__"
-        read_only_fields = ["workspace", "project", "comment", "actor", "deleted_at"]
+        read_only_fields = [
+            "workspace",
+            "project",
+            "comment",
+            "actor",
+            "deleted_at",
+        ]


 class IssueVoteSerializer(BaseSerializer):
--- a/apiserver/plane/app/serializers/module.py
+++ b/apiserver/plane/app/serializers/module.py
@@ -5,6 +5,10 @@ from rest_framework import serializers
 from .base import BaseSerializer, DynamicBaseSerializer
 from .project import ProjectLiteSerializer

+# Django imports
+from django.core.validators import URLValidator
+from django.core.exceptions import ValidationError
+
 from plane.db.models import (
    User,
    Module,
@@ -64,6 +68,16 @@ class ModuleWriteSerializer(BaseSerializer):
        members = validated_data.pop("member_ids", None)
        project = self.context["project"]

+        module_name = validated_data.get("name")
+        if module_name:
+            # Lookup for the module name in the module table for that project
+            if Module.objects.filter(
+                name=module_name, project=project
+            ).exists():
+                raise serializers.ValidationError(
+                    {"error": "Module with this name already exists"}
+                )
+
        module = Module.objects.create(**validated_data, project=project)
        if members is not None:
            ModuleMember.objects.bulk_create(
@@ -86,6 +100,19 @@ class ModuleWriteSerializer(BaseSerializer):

    def update(self, instance, validated_data):
        members = validated_data.pop("member_ids", None)
+        module_name = validated_data.get("name")
+        if module_name:
+            # Lookup for the module name in the module table for that project
+            if (
+                Module.objects.filter(
+                    name=module_name, project=instance.project
+                )
+                .exclude(id=instance.id)
+                .exists()
+            ):
+                raise serializers.ValidationError(
+                    {"error": "Module with this name already exists"}
+                )

        if members is not None:
            ModuleMember.objects.filter(module=instance).delete()
@@ -155,16 +182,48 @@ class ModuleLinkSerializer(BaseSerializer):
            "module",
        ]

-    # Validation if url already exists
+    def to_internal_value(self, data):
+        # Modify the URL before validation by appending http:// if missing
+        url = data.get("url", "")
+        if url and not url.startswith(("http://", "https://")):
+            data["url"] = "http://" + url
+
+        return super().to_internal_value(data)
+
+    def validate_url(self, value):
+        # Use Django's built-in URLValidator for validation
+        url_validator = URLValidator()
+        try:
+            url_validator(value)
+        except ValidationError:
+            raise serializers.ValidationError({"error": "Invalid URL format."})
+
+        return value
+
    def create(self, validated_data):
+        validated_data["url"] = self.validate_url(validated_data.get("url"))
        if ModuleLink.objects.filter(
            url=validated_data.get("url"),
            module_id=validated_data.get("module_id"),
        ).exists():
+            raise serializers.ValidationError({"error": "URL already exists."})
+        return super().create(validated_data)
+
+    def update(self, instance, validated_data):
+        validated_data["url"] = self.validate_url(validated_data.get("url"))
+        if (
+            ModuleLink.objects.filter(
+                url=validated_data.get("url"),
+                module_id=instance.module_id,
+            )
+            .exclude(pk=instance.id)
+            .exists()
+        ):
            raise serializers.ValidationError(
                {"error": "URL already exists for this Issue"}
            )
-        return ModuleLink.objects.create(**validated_data)
+
+        return super().update(instance, validated_data)


 class ModuleSerializer(DynamicBaseSerializer):
@@ -229,7 +288,14 @@ class ModuleDetailSerializer(ModuleSerializer):
    cancelled_estimate_points = serializers.FloatField(read_only=True)

    class Meta(ModuleSerializer.Meta):
-        fields = ModuleSerializer.Meta.fields + ["link_module", "sub_issues", "backlog_estimate_points", "unstarted_estimate_points", "started_estimate_points", "cancelled_estimate_points"]
+        fields = ModuleSerializer.Meta.fields + [
+            "link_module",
+            "sub_issues",
+            "backlog_estimate_points",
+            "unstarted_estimate_points",
+            "started_estimate_points",
+            "cancelled_estimate_points",
+        ]


 class ModuleUserPropertiesSerializer(BaseSerializer):
--- a/apiserver/plane/app/serializers/user.py
+++ b/apiserver/plane/app/serializers/user.py
@@ -176,6 +176,7 @@ class UserAdminLiteSerializer(BaseSerializer):
            "is_bot",
            "display_name",
            "email",
+            "last_login_medium",
        ]
        read_only_fields = [
            "id",
--- a/apiserver/plane/app/serializers/webhook.py
+++ b/apiserver/plane/app/serializers/webhook.py
@@ -40,7 +40,7 @@ class WebhookSerializer(DynamicBaseSerializer):

        for addr in ip_addresses:
            ip = ipaddress.ip_address(addr[4][0])
-            if ip.is_private or ip.is_loopback:
+            if ip.is_loopback:
                raise serializers.ValidationError(
                    {"url": "URL resolves to a blocked IP address."}
                )
@@ -92,7 +92,7 @@ class WebhookSerializer(DynamicBaseSerializer):

            for addr in ip_addresses:
                ip = ipaddress.ip_address(addr[4][0])
-                if ip.is_private or ip.is_loopback:
+                if ip.is_loopback:
                    raise serializers.ValidationError(
                        {"url": "URL resolves to a blocked IP address."}
                    )
--- a/apiserver/plane/app/urls/issue.py
+++ b/apiserver/plane/app/urls/issue.py
@@ -20,6 +20,7 @@ from plane.app.views import (
    IssueViewSet,
    LabelViewSet,
    BulkArchiveIssuesEndpoint,
+    DeletedIssuesListViewSet,
    IssuePaginatedViewSet,
 )

@@ -39,7 +40,7 @@ urlpatterns = [
        ),
        name="project-issue",
    ),
-    # updated v1 paginated issues
+    # updated v2 paginated issues
    path(
        "workspaces/<str:slug>/projects/<uuid:project_id>/v2/issues/",
        IssuePaginatedViewSet.as_view({"get": "list"}),
@@ -311,4 +312,9 @@ urlpatterns = [
        ),
        name="project-issue-draft",
    ),
+    path(
+        "workspaces/<str:slug>/projects/<uuid:project_id>/deleted-issues/",
+        DeletedIssuesListViewSet.as_view(),
+        name="deleted-issues",
+    ),
 ]
--- a/apiserver/plane/app/views/init.py
+++ b/apiserver/plane/app/views/init.py
@@ -114,6 +114,7 @@ from .issue.base import (
    IssueViewSet,
    IssueUserDisplayPropertyEndpoint,
    BulkDeleteIssuesEndpoint,
+    DeletedIssuesListViewSet,
    IssuePaginatedViewSet,
 )

--- a/apiserver/plane/app/views/analytic/base.py
+++ b/apiserver/plane/app/views/analytic/base.py
@@ -21,7 +21,11 @@ from plane.app.permissions import allow_permission, ROLE
 class AnalyticsEndpoint(BaseAPIView):

    @allow_permission(
-        [ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER], level="WORKSPACE"
+        [
+            ROLE.ADMIN,
+            ROLE.MEMBER,
+        ],
+        level="WORKSPACE",
    )
    def get(self, request, slug):
        x_axis = request.GET.get("x_axis", False)
@@ -203,7 +207,11 @@ class AnalyticViewViewset(BaseViewSet):
 class SavedAnalyticEndpoint(BaseAPIView):

    @allow_permission(
-        [ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER], level="WORKSPACE"
+        [
+            ROLE.ADMIN,
+            ROLE.MEMBER,
+        ],
+        level="WORKSPACE",
    )
    def get(self, request, slug, analytic_id):
        analytic_view = AnalyticView.objects.get(
@@ -236,7 +244,11 @@ class SavedAnalyticEndpoint(BaseAPIView):
 class ExportAnalyticsEndpoint(BaseAPIView):

    @allow_permission(
-        [ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER], level="WORKSPACE"
+        [
+            ROLE.ADMIN,
+            ROLE.MEMBER,
+        ],
+        level="WORKSPACE",
    )
    def post(self, request, slug):
        x_axis = request.data.get("x_axis", False)
@@ -302,9 +314,7 @@ class ExportAnalyticsEndpoint(BaseAPIView):

 class DefaultAnalyticsEndpoint(BaseAPIView):

-    @allow_permission(
-        [ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST], level="WORKSPACE"
-    )
+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST], level="WORKSPACE")
    def get(self, request, slug):
        filters = issue_filters(request.GET, "GET")
        base_issues = Issue.issue_objects.filter(
--- a/apiserver/plane/app/views/cycle/archive.py
+++ b/apiserver/plane/app/views/cycle/archive.py
@@ -288,7 +288,12 @@ class CycleArchiveUnarchiveEndpoint(BaseAPIView):
            .distinct()
        )

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER])
+    @allow_permission(
+        [
+            ROLE.ADMIN,
+            ROLE.MEMBER,
+        ]
+    )
    def get(self, request, slug, project_id, pk=None):
        if pk is None:
            queryset = (
--- a/apiserver/plane/app/views/cycle/base.py
+++ b/apiserver/plane/app/views/cycle/base.py
@@ -150,7 +150,7 @@ class CycleViewSet(BaseViewSet):
            .distinct()
        )

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST])
+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
    def list(self, request, slug, project_id):
        queryset = self.get_queryset().filter(archived_at__isnull=True)
        cycle_view = request.GET.get("cycle_view", "all")
@@ -370,7 +370,12 @@ class CycleViewSet(BaseViewSet):
            return Response(cycle, status=status.HTTP_200_OK)
        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER])
+    @allow_permission(
+        [
+            ROLE.ADMIN,
+            ROLE.MEMBER,
+        ]
+    )
    def retrieve(self, request, slug, project_id, pk):
        queryset = (
            self.get_queryset().filter(archived_at__isnull=True).filter(pk=pk)
@@ -497,7 +502,6 @@ class CycleViewSet(BaseViewSet):


 class CycleDateCheckEndpoint(BaseAPIView):
-
    @allow_permission([ROLE.ADMIN, ROLE.MEMBER])
    def post(self, request, slug, project_id):
        start_date = request.data.get("start_date", False)
@@ -566,7 +570,6 @@ class CycleFavoriteViewSet(BaseViewSet):


 class TransferCycleIssueEndpoint(BaseAPIView):
-
    @allow_permission([ROLE.ADMIN, ROLE.MEMBER])
    def post(self, request, slug, project_id, cycle_id):
        new_cycle_id = request.data.get("new_cycle_id", False)
@@ -977,8 +980,7 @@ class TransferCycleIssueEndpoint(BaseAPIView):


 class CycleUserPropertiesEndpoint(BaseAPIView):
-
-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST])
+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
    def patch(self, request, slug, project_id, cycle_id):
        cycle_properties = CycleUserProperties.objects.get(
            user=request.user,
@@ -1001,7 +1003,7 @@ class CycleUserPropertiesEndpoint(BaseAPIView):
        serializer = CycleUserPropertiesSerializer(cycle_properties)
        return Response(serializer.data, status=status.HTTP_201_CREATED)

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST])
+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
    def get(self, request, slug, project_id, cycle_id):
        cycle_properties, _ = CycleUserProperties.objects.get_or_create(
            user=request.user,
@@ -1014,10 +1016,8 @@ class CycleUserPropertiesEndpoint(BaseAPIView):


 class CycleProgressEndpoint(BaseAPIView):
-
-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST])
+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
    def get(self, request, slug, project_id, cycle_id):
-
        aggregate_estimates = (
            Issue.issue_objects.filter(
                estimate_point__estimate__type="points",
@@ -1148,10 +1148,9 @@ class CycleProgressEndpoint(BaseAPIView):
            status=status.HTTP_200_OK,
        )

-
 class CycleAnalyticsEndpoint(BaseAPIView):

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST])
+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
    def get(self, request, slug, project_id, cycle_id):
        analytic_type = request.GET.get("type", "issues")
        cycle = (
--- a/apiserver/plane/app/views/cycle/issue.py
+++ b/apiserver/plane/app/views/cycle/issue.py
@@ -80,7 +80,12 @@ class CycleIssueViewSet(BaseViewSet):
        )

    @method_decorator(gzip_page)
-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER])
+    @allow_permission(
+        [
+            ROLE.ADMIN,
+            ROLE.MEMBER,
+        ]
+    )
    def list(self, request, slug, project_id, cycle_id):
        order_by_param = request.GET.get("order_by", "created_at")
        filters = issue_filters(request.query_params, "GET")
--- a/apiserver/plane/app/views/dashboard/base.py
+++ b/apiserver/plane/app/views/dashboard/base.py
@@ -52,23 +52,28 @@ from .. import BaseAPIView


 def dashboard_overview_stats(self, request, slug):
-    extra_filters = {}
-    if WorkspaceMember.objects.filter(
-        workspace__slug=slug,
-        member=request.user,
-        role=5,
-        is_active=True,
-    ).exists():
-        extra_filters = {"created_by": request.user}
-
    assigned_issues = (
        Issue.issue_objects.filter(
            project__project_projectmember__is_active=True,
            project__project_projectmember__member=request.user,
            workspace__slug=slug,
            assignees__in=[request.user],
+        ).filter(
+            Q(
+                project__project_projectmember__role=5,
+                project__guest_view_all_features=True,
+            )
+            | Q(
+                project__project_projectmember__role=5,
+                project__guest_view_all_features=False,
+                created_by=self.request.user,
+            )
+            |
+            # For other roles (role < 5), show all issues
+            Q(project__project_projectmember__role__gt=5),
+            project__project_projectmember__member=self.request.user,
+            project__project_projectmember__is_active=True,
        )
-        .filter(**extra_filters)
        .count()
    )

@@ -80,8 +85,22 @@ def dashboard_overview_stats(self, request, slug):
            project__project_projectmember__member=request.user,
            workspace__slug=slug,
            assignees__in=[request.user],
+        ).filter(
+            Q(
+                project__project_projectmember__role=5,
+                project__guest_view_all_features=True,
+            )
+            | Q(
+                project__project_projectmember__role=5,
+                project__guest_view_all_features=False,
+                created_by=self.request.user,
+            )
+            |
+            # For other roles (role < 5), show all issues
+            Q(project__project_projectmember__role__gt=5),
+            project__project_projectmember__member=self.request.user,
+            project__project_projectmember__is_active=True,
        )
-        .filter(**extra_filters)
        .count()
    )

@@ -91,8 +110,22 @@ def dashboard_overview_stats(self, request, slug):
            project__project_projectmember__is_active=True,
            project__project_projectmember__member=request.user,
            created_by_id=request.user.id,
+        ).filter(
+            Q(
+                project__project_projectmember__role=5,
+                project__guest_view_all_features=True,
+            )
+            | Q(
+                project__project_projectmember__role=5,
+                project__guest_view_all_features=False,
+                created_by=self.request.user,
+            )
+            |
+            # For other roles (role < 5), show all issues
+            Q(project__project_projectmember__role__gt=5),
+            project__project_projectmember__member=self.request.user,
+            project__project_projectmember__is_active=True,
        )
-        .filter(**extra_filters)
        .count()
    )

@@ -103,8 +136,22 @@ def dashboard_overview_stats(self, request, slug):
            project__project_projectmember__member=request.user,
            assignees__in=[request.user],
            state__group="completed",
+        ).filter(
+            Q(
+                project__project_projectmember__role=5,
+                project__guest_view_all_features=True,
+            )
+            | Q(
+                project__project_projectmember__role=5,
+                project__guest_view_all_features=False,
+                created_by=self.request.user,
+            )
+            |
+            # For other roles (role < 5), show all issues
+            Q(project__project_projectmember__role__gt=5),
+            project__project_projectmember__member=self.request.user,
+            project__project_projectmember__is_active=True,
        )
-        .filter(**extra_filters)
        .count()
    )

@@ -574,105 +621,42 @@ def dashboard_recent_projects(self, request, slug):


 def dashboard_recent_collaborators(self, request, slug):
-    # Subquery to count activities for each project member
-    activity_count_subquery = (
-        IssueActivity.objects.filter(
-            workspace__slug=slug,
-            actor=OuterRef("member"),
-            project__project_projectmember__member=request.user,
-            project__project_projectmember__is_active=True,
-            project__archived_at__isnull=True,
-        )
-        .values("actor")
-        .annotate(num_activities=Count("pk"))
-        .values("num_activities")
-    )
-
-    # Get all project members and annotate them with activity counts
    project_members_with_activities = (
-        ProjectMember.objects.filter(
+        WorkspaceMember.objects.filter(
            workspace__slug=slug,
-            project__project_projectmember__member=request.user,
-            project__project_projectmember__is_active=True,
-            project__archived_at__isnull=True,
            is_active=True,
        )
        .annotate(
-            num_activities=Coalesce(
-                Subquery(activity_count_subquery),
-                Value(0),
-                output_field=IntegerField(),
-            ),
-            is_current_user=Case(
-                When(member=request.user, then=Value(0)),
-                default=Value(1),
-                output_field=IntegerField(),
+            active_issue_count=Count(
+                Case(
+                    When(
+                        member__issue_assignee__issue__state__group__in=[
+                            "unstarted",
+                            "started",
+                        ],
+                        member__issue_assignee__issue__workspace__slug=slug,
+                        member__issue_assignee__issue__project__project_projectmember__member=request.user,
+                        member__issue_assignee__issue__project__project_projectmember__is_active=True,
+                        then=F("member__issue_assignee__issue__id"),
+                    ),
+                    distinct=True,
+                    output_field=IntegerField(),
+                ),
+                distinct=True,
            ),
+            user_id=F("member_id"),
        )
-        .values_list("member", flat=True)
-        .order_by("is_current_user", "-num_activities")
+        .values("user_id", "active_issue_count")
+        .order_by("-active_issue_count")
        .distinct()
    )
-    search = request.query_params.get("search", None)
-    if search:
-        project_members_with_activities = (
-            project_members_with_activities.filter(
-                Q(member__display_name__icontains=search)
-                | Q(member__first_name__icontains=search)
-                | Q(member__last_name__icontains=search)
-            )
-        )
-
-    return self.paginate(
-        request=request,
-        queryset=project_members_with_activities,
-        controller=lambda qs: self.get_results_controller(qs, slug),
+    return Response(
+        (project_members_with_activities),
+        status=status.HTTP_200_OK,
    )


 class DashboardEndpoint(BaseAPIView):
-    def get_results_controller(self, project_members_with_activities, slug):
-        user_active_issue_counts = (
-            User.objects.filter(
-                id__in=project_members_with_activities,
-            )
-            .annotate(
-                active_issue_count=Count(
-                    Case(
-                        When(
-                            issue_assignee__issue__state__group__in=[
-                                "unstarted",
-                                "started",
-                            ],
-                            issue_assignee__issue__workspace__slug=slug,
-                            issue_assignee__issue__project__project_projectmember__is_active=True,
-                            then=F("issue_assignee__issue__id"),
-                        ),
-                        output_field=IntegerField(),
-                    ),
-                    distinct=True,
-                )
-            )
-            .values("active_issue_count", user_id=F("id"))
-        )
-        # Create a dictionary to store the active issue counts by user ID
-        active_issue_counts_dict = {
-            user["user_id"]: user["active_issue_count"]
-            for user in user_active_issue_counts
-        }
-
-        # Preserve the sequence of project members with activities
-        paginated_results = [
-            {
-                "user_id": member_id,
-                "active_issue_count": active_issue_counts_dict.get(
-                    member_id, 0
-                ),
-            }
-            for member_id in project_members_with_activities
-        ]
-        return paginated_results
-
    def create(self, request, slug):
        serializer = DashboardSerializer(data=request.data)
        if serializer.is_valid():
--- a/apiserver/plane/app/views/estimate/base.py
+++ b/apiserver/plane/app/views/estimate/base.py
@@ -28,7 +28,12 @@ def generate_random_name(length=10):

 class ProjectEstimatePointEndpoint(BaseAPIView):

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER])
+    @allow_permission(
+        [
+            ROLE.ADMIN,
+            ROLE.MEMBER,
+        ]
+    )
    def get(self, request, slug, project_id):
        project = Project.objects.get(workspace__slug=slug, pk=project_id)
        if project.estimate_id is not None:
--- a/apiserver/plane/app/views/inbox/base.py
+++ b/apiserver/plane/app/views/inbox/base.py
@@ -165,11 +165,12 @@ class InboxIssueViewSet(BaseViewSet):
            )
        ).distinct()

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST])
+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
    def list(self, request, slug, project_id):
-        inbox_id = Inbox.objects.get(
+        inbox_id = Inbox.objects.filter(
            workspace__slug=slug, project_id=project_id
-        )
+        ).first()
+        project = Project.objects.get(pk=project_id)
        filters = issue_filters(request.GET, "GET", "issue__")
        inbox_issue = (
            InboxIssue.objects.filter(
@@ -199,13 +200,16 @@ class InboxIssueViewSet(BaseViewSet):
        if inbox_status:
            inbox_issue = inbox_issue.filter(status__in=inbox_status)

-        if ProjectMember.objects.filter(
-            workspace__slug=slug,
-            project_id=project_id,
-            member=request.user,
-            role=5,
-            is_active=True,
-        ).exists():
+        if (
+            ProjectMember.objects.filter(
+                workspace__slug=slug,
+                project_id=project_id,
+                member=request.user,
+                role=5,
+                is_active=True,
+            ).exists()
+            and not project.guest_view_all_features
+        ):
            inbox_issue = inbox_issue.filter(created_by=request.user)
        return self.paginate(
            request=request,
@@ -338,7 +342,7 @@ class InboxIssueViewSet(BaseViewSet):
            is_active=True,
        )
        # Only project members admins and created_by users can access this endpoint
-        if project_member.role <= 10 and str(inbox_issue.created_by_id) != str(
+        if project_member.role <= 5 and str(inbox_issue.created_by_id) != str(
            request.user.id
        ):
            return Response(
@@ -371,9 +375,8 @@ class InboxIssueViewSet(BaseViewSet):
                workspace__slug=slug,
                project_id=project_id,
            )
-            # Only allow guests and viewers to edit name and description
-            if project_member.role <= 10:
-                # viewers and guests since only viewers and guests
+            # Only allow guests to edit name and description
+            if project_member.role <= 5:
                issue_data = {
                    "name": issue_data.get("name", issue.name),
                    "description_html": issue_data.get(
@@ -415,7 +418,7 @@ class InboxIssueViewSet(BaseViewSet):
                )

        # Only project admins and members can edit inbox issue attributes
-        if project_member.role > 10:
+        if project_member.role > 5:
            serializer = InboxIssueSerializer(
                inbox_issue, data=request.data, partial=True
            )
@@ -515,14 +518,19 @@ class InboxIssueViewSet(BaseViewSet):
            return Response(serializer, status=status.HTTP_200_OK)

    @allow_permission(
-        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER],
+        allowed_roles=[
+            ROLE.ADMIN,
+            ROLE.MEMBER,
+            ROLE.GUEST,
+        ],
        creator=True,
        model=Issue,
    )
    def retrieve(self, request, slug, project_id, pk):
-        inbox_id = Inbox.objects.get(
+        inbox_id = Inbox.objects.filter(
            workspace__slug=slug, project_id=project_id
-        )
+        ).first()
+        project = Project.objects.get(pk=project_id)
        inbox_issue = (
            InboxIssue.objects.select_related("issue")
            .prefetch_related(
@@ -549,6 +557,21 @@ class InboxIssueViewSet(BaseViewSet):
            )
            .get(inbox_id=inbox_id.id, issue_id=pk, project_id=project_id)
        )
+        if (
+            ProjectMember.objects.filter(
+                workspace__slug=slug,
+                project_id=project_id,
+                member=request.user,
+                role=5,
+                is_active=True,
+            ).exists()
+            and not project.guest_view_all_features
+            and not inbox_issue.created_by == request.user
+        ):
+            return Response(
+                {"error": "You are not allowed to view this issue"},
+                status=status.HTTP_400_BAD_REQUEST,
+            )
        issue = InboxIssueDetailSerializer(inbox_issue).data
        return Response(
            issue,
--- a/apiserver/plane/app/views/issue/activity.py
+++ b/apiserver/plane/app/views/issue/activity.py
@@ -19,7 +19,11 @@ from plane.app.serializers import (
    IssueActivitySerializer,
    IssueCommentSerializer,
 )
-from plane.app.permissions import ProjectEntityPermission, allow_permission, ROLE
+from plane.app.permissions import (
+    ProjectEntityPermission,
+    allow_permission,
+    ROLE,
+)
 from plane.db.models import (
    IssueActivity,
    IssueComment,
@@ -33,7 +37,13 @@ class IssueActivityEndpoint(BaseAPIView):
    ]

    @method_decorator(gzip_page)
-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST, ROLE.VIEWER])
+    @allow_permission(
+        [
+            ROLE.ADMIN,
+            ROLE.MEMBER,
+            ROLE.GUEST,
+        ]
+    )
    def get(self, request, slug, project_id, issue_id):
        filters = {}
        if request.GET.get("created_at__gt", None) is not None:
--- a/apiserver/plane/app/views/issue/archive.py
+++ b/apiserver/plane/app/views/issue/archive.py
@@ -97,7 +97,12 @@ class IssueArchiveViewSet(BaseViewSet):
        )

    @method_decorator(gzip_page)
-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER])
+    @allow_permission(
+        [
+            ROLE.ADMIN,
+            ROLE.MEMBER,
+        ]
+    )
    def list(self, request, slug, project_id):
        filters = issue_filters(request.query_params, "GET")
        show_sub_issues = request.GET.get("show_sub_issues", "true")
@@ -213,7 +218,12 @@ class IssueArchiveViewSet(BaseViewSet):
                ),
            )

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER])
+    @allow_permission(
+        [
+            ROLE.ADMIN,
+            ROLE.MEMBER,
+        ]
+    )
    def retrieve(self, request, slug, project_id, pk=None):
        issue = (
            self.get_queryset()
--- a/apiserver/plane/app/views/issue/attachment.py
+++ b/apiserver/plane/app/views/issue/attachment.py
@@ -64,7 +64,13 @@ class IssueAttachmentEndpoint(BaseAPIView):

        return Response(status=status.HTTP_204_NO_CONTENT)

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST, ROLE.VIEWER])
+    @allow_permission(
+        [
+            ROLE.ADMIN,
+            ROLE.MEMBER,
+            ROLE.GUEST,
+        ]
+    )
    def get(self, request, slug, project_id, issue_id):
        issue_attachments = IssueAttachment.objects.filter(
            issue_id=issue_id, workspace__slug=slug, project_id=project_id
--- a/apiserver/plane/app/views/issue/base.py
+++ b/apiserver/plane/app/views/issue/base.py
@@ -62,7 +62,7 @@ from plane.bgtasks.webhook_task import model_activity


 class IssueListEndpoint(BaseAPIView):
-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST])
+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
    def get(self, request, slug, project_id):
        issue_ids = request.GET.get("issues", False)

@@ -232,12 +232,19 @@ class IssueViewSet(BaseViewSet):
        ).distinct()

    @method_decorator(gzip_page)
-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST])
+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
    def list(self, request, slug, project_id):
+        extra_filters = {}
+        if request.GET.get("updated_at__gt", None) is not None:
+            extra_filters = {
+                "updated_at__gt": request.GET.get("updated_at__gt")
+            }
+
+        project = Project.objects.get(pk=project_id, workspace__slug=slug)
        filters = issue_filters(request.query_params, "GET")
        order_by_param = request.GET.get("order_by", "-created_at")

-        issue_queryset = self.get_queryset().filter(**filters)
+        issue_queryset = self.get_queryset().filter(**filters, **extra_filters)
        # Custom ordering for priority and state

        # Issue queryset
@@ -264,13 +271,16 @@ class IssueViewSet(BaseViewSet):
            entity_identifier=project_id,
            user_id=request.user.id,
        )
-        if ProjectMember.objects.filter(
-            workspace__slug=slug,
-            project_id=project_id,
-            member=request.user,
-            role=5,
-            is_active=True,
-        ).exists():
+        if (
+            ProjectMember.objects.filter(
+                workspace__slug=slug,
+                project_id=project_id,
+                member=request.user,
+                role=5,
+                is_active=True,
+            ).exists()
+            and not project.guest_view_all_features
+        ):
            issue_queryset = issue_queryset.filter(created_by=request.user)

        if group_by:
@@ -440,9 +450,17 @@ class IssueViewSet(BaseViewSet):
        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)

    @allow_permission(
-        [ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER], creator=True, model=Issue
+        allowed_roles=[
+            ROLE.ADMIN,
+            ROLE.MEMBER,
+            ROLE.GUEST,
+        ],
+        creator=True,
+        model=Issue,
    )
    def retrieve(self, request, slug, project_id, pk=None):
+        project = Project.objects.get(pk=project_id, workspace__slug=slug)
+
        issue = (
            self.get_queryset()
            .filter(pk=pk)
@@ -511,6 +529,27 @@ class IssueViewSet(BaseViewSet):
                status=status.HTTP_404_NOT_FOUND,
            )

+        """
+        if the role is guest and guest_view_all_features is false and owned by is not 
+        the requesting user then dont show the issue
+        """
+
+        if (
+            ProjectMember.objects.filter(
+                workspace__slug=slug,
+                project_id=project_id,
+                member=request.user,
+                role=5,
+                is_active=True,
+            ).exists()
+            and not project.guest_view_all_features
+            and not issue.created_by == request.user
+        ):
+            return Response(
+                {"error": "You are not allowed to view this issue"},
+                status=status.HTTP_400_BAD_REQUEST,
+            )
+
        recent_visited_task.delay(
            slug=slug,
            entity_name="issue",
@@ -522,7 +561,9 @@ class IssueViewSet(BaseViewSet):
        serializer = IssueDetailSerializer(issue, expand=self.expand)
        return Response(serializer.data, status=status.HTTP_200_OK)

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
+    @allow_permission(
+        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER], creator=True, model=Issue
+    )
    def partial_update(self, request, slug, project_id, pk=None):
        issue = (
            self.get_queryset()
@@ -618,7 +659,7 @@ class IssueViewSet(BaseViewSet):


 class IssueUserDisplayPropertyEndpoint(BaseAPIView):
-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST, ROLE.VIEWER])
+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
    def patch(self, request, slug, project_id):
        issue_property = IssueUserProperty.objects.get(
            user=request.user,
@@ -638,7 +679,13 @@ class IssueUserDisplayPropertyEndpoint(BaseAPIView):
        serializer = IssueUserPropertySerializer(issue_property)
        return Response(serializer.data, status=status.HTTP_201_CREATED)

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST, ROLE.VIEWER])
+    @allow_permission(
+        [
+            ROLE.ADMIN,
+            ROLE.MEMBER,
+            ROLE.GUEST,
+        ]
+    )
    def get(self, request, slug, project_id):
        issue_property, _ = IssueUserProperty.objects.get_or_create(
            user=request.user, project_id=project_id
@@ -672,16 +719,38 @@ class BulkDeleteIssuesEndpoint(BaseAPIView):
        )


+class DeletedIssuesListViewSet(BaseAPIView):
+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
+    def get(self, request, slug, project_id):
+        filters = {}
+        if request.GET.get("updated_at__gt", None) is not None:
+            filters = {"updated_at__gt": request.GET.get("updated_at__gt")}
+        deleted_issues = (
+            Issue.all_objects.filter(
+                workspace__slug=slug,
+                project_id=project_id,
+            )
+            .filter(Q(archived_at__isnull=False) | Q(deleted_at__isnull=False))
+            .filter(**filters)
+            .values_list("id", flat=True)
+        )
+
+        return Response(deleted_issues, status=status.HTTP_200_OK)
+
+
 class IssuePaginatedViewSet(BaseViewSet):
    def get_queryset(self):
        workspace_slug = self.kwargs.get("slug")
        project_id = self.kwargs.get("project_id")

+        issue_queryset = Issue.issue_objects.filter(
+            workspace__slug=workspace_slug, project_id=project_id
+        )
+
        return (
-            Issue.issue_objects.filter(
-                workspace__slug=workspace_slug, project_id=project_id
+            issue_queryset.select_related(
+                "workspace", "project", "state", "parent"
            )
-            .select_related("workspace", "project", "state", "parent")
            .prefetch_related("assignees", "labels", "issue_module__module")
            .annotate(cycle_id=F("issue_cycle__cycle_id"))
            .annotate(
@@ -719,17 +788,18 @@ class IssuePaginatedViewSet(BaseViewSet):

        return paginated_data

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST])
+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
    def list(self, request, slug, project_id):
        cursor = request.GET.get("cursor", None)
        is_description_required = request.GET.get("description", False)
-        updated_at = request.GET.get("updated_at__gte", None)
+        updated_at = request.GET.get("updated_at__gt", None)

        # required fields
        required_fields = [
            "id",
            "name",
            "state_id",
+            "state__group",
            "sort_order",
            "completed_at",
            "estimate_point",
@@ -746,7 +816,6 @@ class IssuePaginatedViewSet(BaseViewSet):
            "updated_by",
            "is_draft",
            "archived_at",
-            "deleted_at",
            "module_ids",
            "label_ids",
            "assignee_ids",
@@ -761,13 +830,28 @@ class IssuePaginatedViewSet(BaseViewSet):
        # querying issues
        base_queryset = Issue.issue_objects.filter(
            workspace__slug=slug, project_id=project_id
-        ).order_by("updated_at")
+        )
+
+        base_queryset = base_queryset.order_by("updated_at")
        queryset = self.get_queryset().order_by("updated_at")

+        # validation for guest user
+        project = Project.objects.get(pk=project_id, workspace__slug=slug)
+        project_member = ProjectMember.objects.filter(
+            workspace__slug=slug,
+            project_id=project_id,
+            member=request.user,
+            role=5,
+            is_active=True,
+        )
+        if project_member.exists() and not project.guest_view_all_features:
+            base_queryset = base_queryset.filter(created_by=request.user)
+            queryset = queryset.filter(created_by=request.user)
+
        # filtering issues by greater then updated_at given by the user
        if updated_at:
-            base_queryset = base_queryset.filter(updated_at__gte=updated_at)
-            queryset = queryset.filter(updated_at__gte=updated_at)
+            base_queryset = base_queryset.filter(updated_at__gt=updated_at)
+            queryset = queryset.filter(updated_at__gt=updated_at)

        queryset = queryset.annotate(
            label_ids=Coalesce(
--- a/apiserver/plane/app/views/issue/comment.py
+++ b/apiserver/plane/app/views/issue/comment.py
@@ -16,11 +16,13 @@ from plane.app.serializers import (
    IssueCommentSerializer,
    CommentReactionSerializer,
 )
-from plane.app.permissions import ProjectLitePermission, allow_permission, ROLE
+from plane.app.permissions import allow_permission, ROLE
 from plane.db.models import (
    IssueComment,
    ProjectMember,
    CommentReaction,
+    Project,
+    Issue,
 )
 from plane.bgtasks.issue_activities_task import issue_activity

@@ -63,8 +65,31 @@ class IssueCommentViewSet(BaseViewSet):
            .distinct()
        )

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST, ROLE.VIEWER])
+    @allow_permission(
+        [
+            ROLE.ADMIN,
+            ROLE.MEMBER,
+            ROLE.GUEST,
+        ]
+    )
    def create(self, request, slug, project_id, issue_id):
+        project = Project.objects.get(pk=project_id)
+        issue = Issue.objects.get(pk=issue_id)
+        if (
+            ProjectMember.objects.filter(
+                workspace__slug=slug,
+                project_id=project_id,
+                member=request.user,
+                role=5,
+                is_active=True,
+            ).exists()
+            and not project.guest_view_all_features
+            and not issue.created_by == request.user
+        ):
+            return Response(
+                {"error": "You are not allowed to comment on the issue"},
+                status=status.HTTP_400_BAD_REQUEST,
+            )
        serializer = IssueCommentSerializer(data=request.data)
        if serializer.is_valid():
            serializer.save(
@@ -89,7 +114,7 @@ class IssueCommentViewSet(BaseViewSet):
        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)

    @allow_permission(
-        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER],
+        allowed_roles=[ROLE.ADMIN],
        creator=True,
        model=IssueComment,
    )
@@ -156,9 +181,6 @@ class IssueCommentViewSet(BaseViewSet):
 class CommentReactionViewSet(BaseViewSet):
    serializer_class = CommentReactionSerializer
    model = CommentReaction
-    permission_classes = [
-        ProjectLitePermission,
-    ]

    def get_queryset(self):
        return (
@@ -176,6 +198,13 @@ class CommentReactionViewSet(BaseViewSet):
            .distinct()
        )

+    @allow_permission(
+        [
+            ROLE.ADMIN,
+            ROLE.MEMBER,
+            ROLE.GUEST,
+        ]
+    )
    def create(self, request, slug, project_id, comment_id):
        serializer = CommentReactionSerializer(data=request.data)
        if serializer.is_valid():
@@ -198,6 +227,13 @@ class CommentReactionViewSet(BaseViewSet):
            return Response(serializer.data, status=status.HTTP_201_CREATED)
        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)

+    @allow_permission(
+        [
+            ROLE.ADMIN,
+            ROLE.MEMBER,
+            ROLE.GUEST,
+        ]
+    )
    def destroy(self, request, slug, project_id, comment_id, reaction_code):
        comment_reaction = CommentReaction.objects.get(
            workspace__slug=slug,
--- a/apiserver/plane/app/views/issue/label.py
+++ b/apiserver/plane/app/views/issue/label.py
@@ -43,7 +43,7 @@ class LabelViewSet(BaseViewSet):
    @invalidate_cache(
        path="/api/workspaces/:slug/labels/", url_params=True, user=False
    )
-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER])
+    @allow_permission([ROLE.ADMIN])
    def create(self, request, slug, project_id):
        try:
            serializer = LabelSerializer(data=request.data)
@@ -66,14 +66,14 @@ class LabelViewSet(BaseViewSet):
    @invalidate_cache(
        path="/api/workspaces/:slug/labels/", url_params=True, user=False
    )
-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER])
+    @allow_permission([ROLE.ADMIN])
    def partial_update(self, request, *args, **kwargs):
        return super().partial_update(request, *args, **kwargs)

    @invalidate_cache(
        path="/api/workspaces/:slug/labels/", url_params=True, user=False
    )
-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER])
+    @allow_permission([ROLE.ADMIN])
    def destroy(self, request, *args, **kwargs):
        return super().destroy(request, *args, **kwargs)

--- a/apiserver/plane/app/views/issue/reaction.py
+++ b/apiserver/plane/app/views/issue/reaction.py
@@ -12,7 +12,7 @@ from rest_framework import status
 # Module imports
 from .. import BaseViewSet
 from plane.app.serializers import IssueReactionSerializer
-from plane.app.permissions import ProjectLitePermission
+from plane.app.permissions import allow_permission, ROLE
 from plane.db.models import IssueReaction
 from plane.bgtasks.issue_activities_task import issue_activity

@@ -20,9 +20,6 @@ from plane.bgtasks.issue_activities_task import issue_activity
 class IssueReactionViewSet(BaseViewSet):
    serializer_class = IssueReactionSerializer
    model = IssueReaction
-    permission_classes = [
-        ProjectLitePermission,
-    ]

    def get_queryset(self):
        return (
@@ -40,6 +37,7 @@ class IssueReactionViewSet(BaseViewSet):
            .distinct()
        )

+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
    def create(self, request, slug, project_id, issue_id):
        serializer = IssueReactionSerializer(data=request.data)
        if serializer.is_valid():
@@ -62,6 +60,7 @@ class IssueReactionViewSet(BaseViewSet):
            return Response(serializer.data, status=status.HTTP_201_CREATED)
        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)

+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
    def destroy(self, request, slug, project_id, issue_id, reaction_code):
        issue_reaction = IssueReaction.objects.get(
            workspace__slug=slug,
--- a/apiserver/plane/app/views/issue/relation.py
+++ b/apiserver/plane/app/views/issue/relation.py
@@ -267,7 +267,7 @@ class IssueRelationViewSet(BaseViewSet):
            IssueRelationSerializer(issue_relation).data,
            cls=DjangoJSONEncoder,
        )
-        issue_relation.delete()
+        issue_relation.delete(soft=False)
        issue_activity.delay(
            type="issue_relation.activity.deleted",
            requested_data=json.dumps(request.data, cls=DjangoJSONEncoder),
--- a/apiserver/plane/app/views/module/base.py
+++ b/apiserver/plane/app/views/module/base.py
@@ -317,7 +317,12 @@ class ModuleViewSet(BaseViewSet):
            .order_by("-is_favorite", "-created_at")
        )

-    allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER])
+    allow_permission(
+        [
+            ROLE.ADMIN,
+            ROLE.MEMBER,
+        ]
+    )

    def create(self, request, slug, project_id):
        project = Project.objects.get(workspace__slug=slug, pk=project_id)
@@ -381,7 +386,7 @@ class ModuleViewSet(BaseViewSet):
            return Response(module, status=status.HTTP_201_CREATED)
        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)

-    allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST])
+    allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])

    def list(self, request, slug, project_id):
        queryset = self.get_queryset().filter(archived_at__isnull=True)
@@ -430,7 +435,12 @@ class ModuleViewSet(BaseViewSet):
            )
        return Response(modules, status=status.HTTP_200_OK)

-    allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER])
+    allow_permission(
+        [
+            ROLE.ADMIN,
+            ROLE.MEMBER,
+        ]
+    )

    def retrieve(self, request, slug, project_id, pk):
        queryset = (
@@ -861,7 +871,7 @@ class ModuleFavoriteViewSet(BaseViewSet):

 class ModuleUserPropertiesEndpoint(BaseAPIView):

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST])
+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
    def patch(self, request, slug, project_id, module_id):
        module_properties = ModuleUserProperties.objects.get(
            user=request.user,
@@ -884,7 +894,7 @@ class ModuleUserPropertiesEndpoint(BaseAPIView):
        serializer = ModuleUserPropertiesSerializer(module_properties)
        return Response(serializer.data, status=status.HTTP_201_CREATED)

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST])
+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
    def get(self, request, slug, project_id, module_id):
        module_properties, _ = ModuleUserProperties.objects.get_or_create(
            user=request.user,
--- a/apiserver/plane/app/views/module/issue.py
+++ b/apiserver/plane/app/views/module/issue.py
@@ -91,7 +91,12 @@ class ModuleIssueViewSet(BaseViewSet):
        ).distinct()

    @method_decorator(gzip_page)
-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER])
+    @allow_permission(
+        [
+            ROLE.ADMIN,
+            ROLE.MEMBER,
+        ]
+    )
    def list(self, request, slug, project_id, module_id):
        filters = issue_filters(request.query_params, "GET")
        issue_queryset = self.get_queryset().filter(**filters)
--- a/apiserver/plane/app/views/notification/base.py
+++ b/apiserver/plane/app/views/notification/base.py
@@ -41,7 +41,7 @@ class NotificationViewSet(BaseViewSet, BasePaginator):
        )

    @allow_permission(
-        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST],
+        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST],
        level="WORKSPACE",
    )
    def list(self, request, slug):
@@ -174,7 +174,7 @@ class NotificationViewSet(BaseViewSet, BasePaginator):
        return Response(serializer.data, status=status.HTTP_200_OK)

    @allow_permission(
-        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST],
+        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST],
        level="WORKSPACE",
    )
    def partial_update(self, request, slug, pk):
@@ -195,8 +195,7 @@ class NotificationViewSet(BaseViewSet, BasePaginator):
        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)

    @allow_permission(
-        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST],
-        level="WORKSPACE",
+        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST], level="WORKSPACE"
    )
    def mark_read(self, request, slug, pk):
        notification = Notification.objects.get(
@@ -208,7 +207,7 @@ class NotificationViewSet(BaseViewSet, BasePaginator):
        return Response(serializer.data, status=status.HTTP_200_OK)

    @allow_permission(
-        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER], level="WORKSPACE"
+        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST], level="WORKSPACE"
    )
    def mark_unread(self, request, slug, pk):
        notification = Notification.objects.get(
@@ -220,7 +219,7 @@ class NotificationViewSet(BaseViewSet, BasePaginator):
        return Response(serializer.data, status=status.HTTP_200_OK)

    @allow_permission(
-        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER], level="WORKSPACE"
+        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST], level="WORKSPACE"
    )
    def archive(self, request, slug, pk):
        notification = Notification.objects.get(
@@ -232,7 +231,7 @@ class NotificationViewSet(BaseViewSet, BasePaginator):
        return Response(serializer.data, status=status.HTTP_200_OK)

    @allow_permission(
-        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER], level="WORKSPACE"
+        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST], level="WORKSPACE"
    )
    def unarchive(self, request, slug, pk):
        notification = Notification.objects.get(
@@ -246,7 +245,7 @@ class NotificationViewSet(BaseViewSet, BasePaginator):

 class UnreadNotificationEndpoint(BaseAPIView):
    @allow_permission(
-        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST],
+        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST],
        level="WORKSPACE",
    )
    def get(self, request, slug):
@@ -287,7 +286,7 @@ class UnreadNotificationEndpoint(BaseAPIView):

 class MarkAllReadNotificationViewSet(BaseViewSet):
    @allow_permission(
-        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER], level="WORKSPACE"
+        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST], level="WORKSPACE"
    )
    def create(self, request, slug):
        snoozed = request.data.get("snoozed", False)
--- a/apiserver/plane/app/views/page/base.py
+++ b/apiserver/plane/app/views/page/base.py
@@ -32,8 +32,10 @@ from plane.db.models import (
    UserFavorite,
    ProjectMember,
    ProjectPage,
+    Project,
 )
 from plane.utils.error_codes import ERROR_CODES
+
 # Module imports
 from ..base import BaseAPIView, BaseViewSet

@@ -120,7 +122,7 @@ class PageViewSet(BaseViewSet):
            .distinct()
        )

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER])
+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
    def create(self, request, slug, project_id):
        serializer = PageSerializer(
            data=request.data,
@@ -142,7 +144,7 @@ class PageViewSet(BaseViewSet):
            return Response(serializer.data, status=status.HTTP_201_CREATED)
        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER])
+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
    def partial_update(self, request, slug, project_id, pk):
        try:
            page = Page.objects.get(
@@ -208,9 +210,38 @@ class PageViewSet(BaseViewSet):
                status=status.HTTP_400_BAD_REQUEST,
            )

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER])
+    @allow_permission(
+        [
+            ROLE.ADMIN,
+            ROLE.MEMBER,
+            ROLE.GUEST,
+        ]
+    )
    def retrieve(self, request, slug, project_id, pk=None):
        page = self.get_queryset().filter(pk=pk).first()
+        project = Project.objects.get(pk=project_id)
+
+        """
+        if the role is guest and guest_view_all_features is false and owned by is not 
+        the requesting user then dont show the page
+        """
+
+        if (
+            ProjectMember.objects.filter(
+                workspace__slug=slug,
+                project_id=project_id,
+                member=request.user,
+                role=5,
+                is_active=True,
+            ).exists()
+            and not project.guest_view_all_features
+            and not page.owned_by == request.user
+        ):
+            return Response(
+                {"error": "You are not allowed to view this page"},
+                status=status.HTTP_400_BAD_REQUEST,
+            )
+
        if page is None:
            return Response(
                {"error": "Page not found"},
@@ -234,7 +265,7 @@ class PageViewSet(BaseViewSet):
                status=status.HTTP_200_OK,
            )

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER])
+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
    def lock(self, request, slug, project_id, pk):
        page = Page.objects.filter(
            pk=pk, workspace__slug=slug, projects__id=project_id
@@ -244,7 +275,7 @@ class PageViewSet(BaseViewSet):
        page.save()
        return Response(status=status.HTTP_204_NO_CONTENT)

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER])
+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
    def unlock(self, request, slug, project_id, pk):
        page = Page.objects.filter(
            pk=pk, workspace__slug=slug, projects__id=project_id
@@ -255,7 +286,7 @@ class PageViewSet(BaseViewSet):

        return Response(status=status.HTTP_204_NO_CONTENT)

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER])
+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
    def access(self, request, slug, project_id, pk):
        access = request.data.get("access", 0)
        page = Page.objects.filter(
@@ -278,13 +309,31 @@ class PageViewSet(BaseViewSet):
        page.save()
        return Response(status=status.HTTP_204_NO_CONTENT)

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER])
+    @allow_permission(
+        [
+            ROLE.ADMIN,
+            ROLE.MEMBER,
+            ROLE.GUEST,
+        ]
+    )
    def list(self, request, slug, project_id):
        queryset = self.get_queryset()
+        project = Project.objects.get(pk=project_id)
+        if (
+            ProjectMember.objects.filter(
+                workspace__slug=slug,
+                project_id=project_id,
+                member=request.user,
+                role=5,
+                is_active=True,
+            ).exists()
+            and not project.guest_view_all_features
+        ):
+            queryset = queryset.filter(owned_by=request.user)
        pages = PageSerializer(queryset, many=True).data
        return Response(pages, status=status.HTTP_200_OK)

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER])
+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
    def archive(self, request, slug, project_id, pk):
        page = Page.objects.get(
            pk=pk, workspace__slug=slug, projects__id=project_id
@@ -319,7 +368,7 @@ class PageViewSet(BaseViewSet):
            status=status.HTTP_200_OK,
        )

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER])
+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
    def unarchive(self, request, slug, project_id, pk):
        page = Page.objects.get(
            pk=pk, workspace__slug=slug, projects__id=project_id
@@ -477,7 +526,13 @@ class SubPagesEndpoint(BaseAPIView):

 class PagesDescriptionViewSet(BaseViewSet):

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER])
+    @allow_permission(
+        [
+            ROLE.ADMIN,
+            ROLE.MEMBER,
+            ROLE.GUEST,
+        ]
+    )
    def retrieve(self, request, slug, project_id, pk):
        page = (
            Page.objects.filter(
@@ -507,7 +562,7 @@ class PagesDescriptionViewSet(BaseViewSet):
        )
        return response

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST])
+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
    def partial_update(self, request, slug, project_id, pk):
        page = (
            Page.objects.filter(
@@ -566,6 +621,7 @@ class PagesDescriptionViewSet(BaseViewSet):
            # Store the updated binary data
            page.description_binary = new_binary_data
            page.description_html = request.data.get("description_html")
+            page.description = request.data.get("description")
            page.save()
            # Return a success response
            page_version.delay(
--- a/apiserver/plane/app/views/page/version.py
+++ b/apiserver/plane/app/views/page/version.py
@@ -15,7 +15,7 @@ from plane.app.permissions import allow_permission, ROLE
 class PageVersionEndpoint(BaseAPIView):

    @allow_permission(
-        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST]
+        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST]
    )
    def get(self, request, slug, project_id, page_id, pk=None):
        # Check if pk is provided
--- a/apiserver/plane/app/views/project/base.py
+++ b/apiserver/plane/app/views/project/base.py
@@ -71,13 +71,6 @@ class ProjectViewSet(BaseViewSet):
            super()
            .get_queryset()
            .filter(workspace__slug=self.kwargs.get("slug"))
-            .filter(
-                Q(
-                    project_projectmember__member=self.request.user,
-                    project_projectmember__is_active=True,
-                )
-                | Q(network=2)
-            )
            .select_related(
                "workspace",
                "workspace__owner",
@@ -155,7 +148,7 @@ class ProjectViewSet(BaseViewSet):
        )

    @allow_permission(
-        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST],
+        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST],
        level="WORKSPACE",
    )
    def list(self, request, slug):
@@ -165,6 +158,31 @@ class ProjectViewSet(BaseViewSet):
            if field
        ]
        projects = self.get_queryset().order_by("sort_order", "name")
+        if WorkspaceMember.objects.filter(
+            member=request.user,
+            workspace__slug=slug,
+            is_active=True,
+            role=5,
+        ).exists():
+            projects = projects.filter(
+                project_projectmember__member=self.request.user,
+                project_projectmember__is_active=True,
+            )
+
+        if WorkspaceMember.objects.filter(
+            member=request.user,
+            workspace__slug=slug,
+            is_active=True,
+            role=15,
+        ).exists():
+            projects = projects.filter(
+                Q(
+                    project_projectmember__member=self.request.user,
+                    project_projectmember__is_active=True,
+                )
+                | Q(network=2)
+            )
+
        if request.GET.get("per_page", False) and request.GET.get(
            "cursor", False
        ):
@@ -177,24 +195,13 @@ class ProjectViewSet(BaseViewSet):
                ).data,
            )

-        if WorkspaceMember.objects.filter(
-            member=request.user,
-            workspace__slug=slug,
-            is_active=True,
-            role__in=[5, 10],
-        ).exists():
-            projects = projects.filter(
-                project_projectmember__member=self.request.user,
-                project_projectmember__is_active=True,
-            )
-
        projects = ProjectListSerializer(
            projects, many=True, fields=fields if fields else None
        ).data
        return Response(projects, status=status.HTTP_200_OK)

    @allow_permission(
-        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST],
+        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST],
        level="WORKSPACE",
    )
    def retrieve(self, request, slug, pk):
@@ -431,11 +438,16 @@ class ProjectViewSet(BaseViewSet):
            if serializer.is_valid():
                serializer.save()
                if serializer.data["inbox_view"]:
-                    Inbox.objects.get_or_create(
-                        name=f"{project.name} Inbox",
+                    inbox = Inbox.objects.filter(
                        project=project,
                        is_default=True,
-                    )
+                    ).first()
+                    if not inbox:
+                        Inbox.objects.create(
+                            name=f"{project.name} Inbox",
+                            project=project,
+                            is_default=True,
+                        )

                    # Create the triage state in Backlog group
                    State.objects.get_or_create(
--- a/apiserver/plane/app/views/project/invite.py
+++ b/apiserver/plane/app/views/project/invite.py
@@ -17,7 +17,7 @@ from rest_framework.permissions import AllowAny
 from .base import BaseViewSet, BaseAPIView
 from plane.app.serializers import ProjectMemberInviteSerializer

-from plane.app.permissions import ProjectBasePermission
+from plane.app.permissions import allow_permission, ROLE

 from plane.db.models import (
    ProjectMember,
@@ -35,10 +35,6 @@ class ProjectInvitationsViewset(BaseViewSet):

    search_fields = []

-    permission_classes = [
-        ProjectBasePermission,
-    ]
-
    def get_queryset(self):
        return self.filter_queryset(
            super()
@@ -49,6 +45,7 @@ class ProjectInvitationsViewset(BaseViewSet):
            .select_related("workspace", "workspace__owner")
        )

+    @allow_permission([ROLE.ADMIN])
    def create(self, request, slug, project_id):
        emails = request.data.get("emails", [])

@@ -59,24 +56,21 @@ class ProjectInvitationsViewset(BaseViewSet):
                status=status.HTTP_400_BAD_REQUEST,
            )

-        requesting_user = ProjectMember.objects.get(
-            workspace__slug=slug,
-            project_id=project_id,
-            member_id=request.user.id,
-        )
+        for email in emails:
+            workspace_role = WorkspaceMember.objects.filter(
+                workspace__slug=slug,
+                member__email=email.get("email"),
+                is_active=True,
+            ).role

-        # Check if any invited user has an higher role
-        if len(
-            [
-                email
-                for email in emails
-                if int(email.get("role", 10)) > requesting_user.role
-            ]
-        ):
-            return Response(
-                {"error": "You cannot invite a user with higher role"},
-                status=status.HTTP_400_BAD_REQUEST,
-            )
+            if workspace_role in [5, 20] and workspace_role != email.get(
+                "role", 5
+            ):
+                return Response(
+                    {
+                        "error": "You cannot invite a user with different role than workspace role"
+                    },
+                )

        workspace = Workspace.objects.get(slug=slug)

@@ -97,7 +91,7 @@ class ProjectInvitationsViewset(BaseViewSet):
                            settings.SECRET_KEY,
                            algorithm="HS256",
                        ),
-                        role=email.get("role", 10),
+                        role=email.get("role", 5),
                        created_by=request.user,
                    )
                )
@@ -170,7 +164,7 @@ class UserProjectInvitationsViewset(BaseViewSet):
                ProjectMember(
                    project_id=project_id,
                    member=request.user,
-                    role=15 if workspace_role >= 15 else 10,
+                    role=workspace_role,
                    workspace=workspace,
                    created_by=request.user,
                )
--- a/apiserver/plane/app/views/project/member.py
+++ b/apiserver/plane/app/views/project/member.py
@@ -95,9 +95,21 @@ class ProjectMemberViewSet(BaseViewSet):
                member=member,
                is_active=True,
            ).role
-            if workspace_member_role in [5, 10] and member_roles.get(
-                member
-            ) in [15, 20]:
+            if workspace_member_role in [20] and member_roles.get(member) in [
+                5,
+                15,
+            ]:
+                return Response(
+                    {
+                        "error": "You cannot add a user with role lower than the workspace role"
+                    },
+                    status=status.HTTP_400_BAD_REQUEST,
+                )
+
+            if workspace_member_role in [5] and member_roles.get(member) in [
+                15,
+                20,
+            ]:
                return Response(
                    {
                        "error": "You cannot add a user with role higher than the workspace role"
@@ -143,7 +155,7 @@ class ProjectMemberViewSet(BaseViewSet):
            bulk_project_members.append(
                ProjectMember(
                    member_id=member.get("member_id"),
-                    role=member.get("role", 10),
+                    role=member.get("role", 5),
                    project_id=project_id,
                    workspace_id=project.workspace_id,
                    sort_order=(
@@ -189,7 +201,7 @@ class ProjectMemberViewSet(BaseViewSet):
        # Return the serialized data
        return Response(serializer.data, status=status.HTTP_201_CREATED)

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST])
+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
    def list(self, request, slug, project_id):
        # Get the list of project members for the project
        project_members = ProjectMember.objects.filter(
@@ -230,7 +242,7 @@ class ProjectMemberViewSet(BaseViewSet):
            member=project_member.member,
            is_active=True,
        ).role
-        if workspace_role in [5, 10] and int(
+        if workspace_role in [5] and int(
            request.data.get("role", project_member.role)
        ) in [15, 20]:
            return Response(
@@ -261,7 +273,7 @@ class ProjectMemberViewSet(BaseViewSet):
            return Response(serializer.data, status=status.HTTP_200_OK)
        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER])
+    @allow_permission([ROLE.ADMIN])
    def destroy(self, request, slug, project_id, pk):
        project_member = ProjectMember.objects.get(
            workspace__slug=slug,
@@ -298,7 +310,7 @@ class ProjectMemberViewSet(BaseViewSet):
        project_member.save()
        return Response(status=status.HTTP_204_NO_CONTENT)

-    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST])
+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
    def leave(self, request, slug, project_id):
        project_member = ProjectMember.objects.get(
            workspace__slug=slug,
@@ -402,6 +414,7 @@ class UserProjectRolesEndpoint(BaseAPIView):
        project_members = ProjectMember.objects.filter(
            workspace__slug=slug,
            member_id=request.user.id,
+            is_active=True,
        ).values("project_id", "role")

        project_members = {
--- a/apiserver/plane/app/views/search/base.py
+++ b/apiserver/plane/app/views/search/base.py
@@ -90,7 +90,7 @@ class GlobalSearchEndpoint(BaseAPIView):
            "project__identifier",
            "project_id",
            "workspace__slug",
-        )
+        )[:100]

    def filter_cycles(self, query, slug, project_id, workspace_search):
        fields = ["name"]
--- a/apiserver/plane/app/views/search/issue.py
+++ b/apiserver/plane/app/views/search/issue.py
@@ -97,6 +97,6 @@ class IssueSearchEndpoint(BaseAPIView):
                "state__name",
                "state__group",
                "state__color",
-            ),
+            )[:100],
            status=status.HTTP_200_OK,
        )
--- a/apiserver/plane/app/views/state/base.py
+++ b/apiserver/plane/app/views/state/base.py
@@ -9,7 +9,8 @@ from rest_framework import status
 from .. import BaseViewSet
 from plane.app.serializers import StateSerializer
 from plane.app.permissions import (
-    ProjectEntityPermission,
+    ROLE,
+    allow_permission
 )
 from plane.db.models import State, Issue
 from plane.utils.cache import invalidate_cache
@@ -18,9 +19,6 @@ from plane.utils.cache import invalidate_cache
 class StateViewSet(BaseViewSet):
    serializer_class = StateSerializer
    model = State
-    permission_classes = [
-        ProjectEntityPermission,
-    ]

    def get_queryset(self):
        return self.filter_queryset(
@@ -42,6 +40,7 @@ class StateViewSet(BaseViewSet):
    @invalidate_cache(
        path="workspaces/:slug/states/", url_params=True, user=False
    )
+    @allow_permission([ROLE.ADMIN])
    def create(self, request, slug, project_id):
        serializer = StateSerializer(data=request.data)
        if serializer.is_valid():
@@ -49,6 +48,7 @@ class StateViewSet(BaseViewSet):
            return Response(serializer.data, status=status.HTTP_200_OK)
        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)

+    @allow_permission([ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])
    def list(self, request, slug, project_id):
        states = StateSerializer(self.get_queryset(), many=True).data
        grouped = request.GET.get("grouped", False)
@@ -65,6 +65,7 @@ class StateViewSet(BaseViewSet):
    @invalidate_cache(
        path="workspaces/:slug/states/", url_params=True, user=False
    )
+    @allow_permission([ROLE.ADMIN])
    def mark_as_default(self, request, slug, project_id, pk):
        # Select all the states which are marked as default
        _ = State.objects.filter(
@@ -78,6 +79,7 @@ class StateViewSet(BaseViewSet):
    @invalidate_cache(
        path="workspaces/:slug/states/", url_params=True, user=False
    )
+    @allow_permission([ROLE.ADMIN])
    def destroy(self, request, slug, project_id, pk):
        state = State.objects.get(
            is_triage=False,
--- a/apiserver/plane/app/views/view/base.py
+++ b/apiserver/plane/app/views/view/base.py
@@ -35,6 +35,7 @@ from plane.db.models import (
    Workspace,
    WorkspaceMember,
    ProjectMember,
+    Project,
 )
 from plane.utils.grouper import (
    issue_group_values,
@@ -75,7 +76,7 @@ class WorkspaceViewViewSet(BaseViewSet):
        )

    @allow_permission(
-        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST],
+        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST],
        level="WORKSPACE",
    )
    def list(self, request, slug):
@@ -259,7 +260,7 @@ class WorkspaceViewIssuesViewSet(BaseViewSet):

    @method_decorator(gzip_page)
    @allow_permission(
-        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST],
+        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST],
        level="WORKSPACE",
    )
    def list(self, request, slug):
@@ -272,15 +273,24 @@ class WorkspaceViewIssuesViewSet(BaseViewSet):
            .annotate(cycle_id=F("issue_cycle__cycle_id"))
        )

-        if WorkspaceMember.objects.filter(
-            workspace__slug=slug,
-            member=request.user,
-            role=5,
-            is_active=True,
-        ).exists():
-            issue_queryset = issue_queryset.filter(
-                created_by=request.user,
+        # check for the project member role, if the role is 5 then check for the guest_view_all_features if it is true then show all the issues else show only the issues created by the user
+
+        issue_queryset = issue_queryset.filter(
+            Q(
+                project__project_projectmember__role=5,
+                project__guest_view_all_features=True,
            )
+            | Q(
+                project__project_projectmember__role=5,
+                project__guest_view_all_features=False,
+                created_by=self.request.user,
+            )
+            |
+            # For other roles (role < 5), show all issues
+            Q(project__project_projectmember__role__gt=5),
+            project__project_projectmember__member=self.request.user,
+            project__project_projectmember__is_active=True,
+        )

        # Issue queryset
        issue_queryset, order_by_param = order_issue_queryset(
@@ -421,19 +431,21 @@ class IssueViewViewSet(BaseViewSet):
            .distinct()
        )

-    allow_permission(
-        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST]
-    )
+    allow_permission(allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])

    def list(self, request, slug, project_id):
        queryset = self.get_queryset()
-        if ProjectMember.objects.filter(
-            workspace__slug=slug,
-            project_id=project_id,
-            member=request.user,
-            role=5,
-            is_active=True,
-        ).exists():
+        project = Project.objects.get(id=project_id)
+        if (
+            ProjectMember.objects.filter(
+                workspace__slug=slug,
+                project_id=project_id,
+                member=request.user,
+                role=5,
+                is_active=True,
+            ).exists()
+            and not project.guest_view_all_features
+        ):
            queryset = queryset.filter(owned_by=request.user)
        fields = [
            field
@@ -445,14 +457,34 @@ class IssueViewViewSet(BaseViewSet):
        ).data
        return Response(views, status=status.HTTP_200_OK)

-    allow_permission(
-        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.VIEWER, ROLE.GUEST]
-    )
+    allow_permission(allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST])

    def retrieve(self, request, slug, project_id, pk):
        issue_view = (
            self.get_queryset().filter(pk=pk, project_id=project_id).first()
        )
+        project = Project.objects.get(id=project_id)
+        """
+        if the role is guest and guest_view_all_features is false and owned by is not 
+        the requesting user then dont show the view
+        """
+
+        if (
+            ProjectMember.objects.filter(
+                workspace__slug=slug,
+                project_id=project_id,
+                member=request.user,
+                role=5,
+                is_active=True,
+            ).exists()
+            and not project.guest_view_all_features
+            and not issue_view.owned_by == request.user
+        ):
+            return Response(
+                {"error": "You are not allowed to view this issue"},
+                status=status.HTTP_400_BAD_REQUEST,
+            )
+
        serializer = IssueViewSerializer(issue_view)
        recent_visited_task.delay(
            slug=slug,
--- a/apiserver/plane/app/views/workspace/base.py
+++ b/apiserver/plane/app/views/workspace/base.py
@@ -43,6 +43,7 @@ from plane.db.models import (
    WorkspaceMember,
    WorkspaceTheme,
 )
+from plane.app.permissions import ROLE, allow_permission
 from plane.utils.cache import cache_response, invalidate_cache
 from django.utils.decorators import method_decorator
 from django.views.decorators.cache import cache_control
@@ -147,11 +148,25 @@ class WorkSpaceViewSet(BaseViewSet):
                )

    @cache_response(60 * 60 * 2)
+    @allow_permission(
+        [
+            ROLE.ADMIN,
+            ROLE.MEMBER,
+            ROLE.GUEST,
+        ],
+        level="WORKSPACE",
+    )
    def list(self, request, *args, **kwargs):
        return super().list(request, *args, **kwargs)

    @invalidate_cache(path="/api/workspaces/", user=False)
    @invalidate_cache(path="/api/users/me/workspaces/")
+    @allow_permission(
+        [
+            ROLE.ADMIN,
+        ],
+        level="WORKSPACE",
+    )
    def partial_update(self, request, *args, **kwargs):
        return super().partial_update(request, *args, **kwargs)

@@ -162,6 +177,7 @@ class WorkSpaceViewSet(BaseViewSet):
    @invalidate_cache(
        path="/api/users/me/settings/", multiple=True, user=False
    )
+    @allow_permission([ROLE.ADMIN], level="WORKSPACE")
    def destroy(self, request, *args, **kwargs):
        return super().destroy(request, *args, **kwargs)

--- a/apiserver/plane/app/views/workspace/favorite.py
+++ b/apiserver/plane/app/views/workspace/favorite.py
@@ -24,7 +24,7 @@ class WorkspaceFavoriteEndpoint(BaseAPIView):
            workspace__slug=slug,
            parent__isnull=True,
        ).filter(
-            Q(project__isnull=True)
+            Q(project__isnull=True) & ~Q(entity_type="page")
            | (
                Q(project__isnull=False)
                & Q(project__project_projectmember__member=request.user)
--- a/apiserver/plane/app/views/workspace/invite.py
+++ b/apiserver/plane/app/views/workspace/invite.py
@@ -74,7 +74,7 @@ class WorkspaceInvitationsViewset(BaseViewSet):
            [
                email
                for email in emails
-                if int(email.get("role", 10)) > requesting_user.role
+                if int(email.get("role", 5)) > requesting_user.role
            ]
        ):
            return Response(
@@ -119,7 +119,7 @@ class WorkspaceInvitationsViewset(BaseViewSet):
                            settings.SECRET_KEY,
                            algorithm="HS256",
                        ),
-                        role=email.get("role", 10),
+                        role=email.get("role", 5),
                        created_by=request.user,
                    )
                )
--- a/apiserver/plane/app/views/workspace/member.py
+++ b/apiserver/plane/app/views/workspace/member.py
@@ -13,7 +13,8 @@ from rest_framework.response import Response
 from plane.app.permissions import (
    WorkSpaceAdminPermission,
    WorkspaceEntityPermission,
-    WorkspaceUserPermission,
+    allow_permission,
+    ROLE,
 )

 # Module imports
@@ -43,22 +44,6 @@ class WorkSpaceMemberViewSet(BaseViewSet):
    serializer_class = WorkspaceMemberAdminSerializer
    model = WorkspaceMember

-    permission_classes = [
-        WorkspaceEntityPermission,
-    ]
-
-    def get_permissions(self):
-        if self.action == "leave":
-            self.permission_classes = [
-                WorkspaceUserPermission,
-            ]
-        else:
-            self.permission_classes = [
-                WorkspaceEntityPermission,
-            ]
-
-        return super(WorkSpaceMemberViewSet, self).get_permissions()
-
    search_fields = [
        "member__display_name",
        "member__first_name",
@@ -77,6 +62,9 @@ class WorkSpaceMemberViewSet(BaseViewSet):
        )

    @cache_response(60 * 60 * 2)
+    @allow_permission(
+        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST], level="WORKSPACE"
+    )
    def list(self, request, slug):
        workspace_member = WorkspaceMember.objects.get(
            member=request.user,
@@ -86,8 +74,7 @@ class WorkSpaceMemberViewSet(BaseViewSet):

        # Get all active workspace members
        workspace_members = self.get_queryset()
-
-        if workspace_member.role > 10:
+        if workspace_member.role > 5:
            serializer = WorkspaceMemberAdminSerializer(
                workspace_members,
                fields=("id", "member", "role"),
@@ -107,6 +94,7 @@ class WorkSpaceMemberViewSet(BaseViewSet):
        user=False,
        multiple=True,
    )
+    @allow_permission(allowed_roles=[ROLE.ADMIN], level="WORKSPACE")
    def partial_update(self, request, slug, pk):
        workspace_member = WorkspaceMember.objects.get(
            pk=pk,
@@ -120,25 +108,10 @@ class WorkSpaceMemberViewSet(BaseViewSet):
                status=status.HTTP_400_BAD_REQUEST,
            )

-        # Get the requested user role
-        requested_workspace_member = WorkspaceMember.objects.get(
-            workspace__slug=slug,
-            member=request.user,
-            is_active=True,
-        )
-        # Check if role is being updated
-        # One cannot update role higher than his own role
-        if (
-            "role" in request.data
-            and int(request.data.get("role", workspace_member.role))
-            > requested_workspace_member.role
-        ):
-            return Response(
-                {
-                    "error": "You cannot update a role that is higher than your own role"
-                },
-                status=status.HTTP_400_BAD_REQUEST,
-            )
+        if workspace_member.role > int(request.data.get("role")):
+            _ = ProjectMember.objects.filter(
+                workspace__slug=slug, member_id=workspace_member.member_id
+            ).update(role=int(request.data.get("role")))

        serializer = WorkSpaceMemberSerializer(
            workspace_member, data=request.data, partial=True
@@ -159,6 +132,7 @@ class WorkSpaceMemberViewSet(BaseViewSet):
    @invalidate_cache(
        path="/api/users/me/workspaces/", user=False, multiple=True
    )
+    @allow_permission(allowed_roles=[ROLE.ADMIN], level="WORKSPACE")
    def destroy(self, request, slug, pk):
        # Check the user role who is deleting the user
        workspace_member = WorkspaceMember.objects.get(
@@ -233,6 +207,9 @@ class WorkSpaceMemberViewSet(BaseViewSet):
    @invalidate_cache(
        path="api/users/me/workspaces/", user=False, multiple=True
    )
+    @allow_permission(
+        allowed_roles=[ROLE.ADMIN, ROLE.MEMBER, ROLE.GUEST], level="WORKSPACE"
+    )
    def leave(self, request, slug):
        workspace_member = WorkspaceMember.objects.get(
            workspace__slug=slug,
--- a/apiserver/plane/app/views/workspace/user.py
+++ b/apiserver/plane/app/views/workspace/user.py
@@ -288,7 +288,7 @@ class WorkspaceUserProfileEndpoint(BaseAPIView):
            is_active=True,
        )
        projects = []
-        if requesting_workspace_member.role >= 10:
+        if requesting_workspace_member.role >= 15:
            projects = (
                Project.objects.filter(
                    workspace__slug=slug,
--- a/apiserver/plane/authentication/utils/workspace_project_join.py
+++ b/apiserver/plane/authentication/utils/workspace_project_join.py
@@ -49,7 +49,7 @@ def process_workspace_project_invitations(user):
                workspace_id=project_member_invite.workspace_id,
                role=(
                    project_member_invite.role
-                    if project_member_invite.role in [5, 10, 15]
+                    if project_member_invite.role in [5, 15]
                    else 15
                ),
                member=user,
@@ -67,7 +67,7 @@ def process_workspace_project_invitations(user):
                workspace_id=project_member_invite.workspace_id,
                role=(
                    project_member_invite.role
-                    if project_member_invite.role in [5, 10, 15]
+                    if project_member_invite.role in [5, 15]
                    else 15
                ),
                member=user,
--- a/apiserver/plane/bgtasks/dummy_data_task.py
+++ b/apiserver/plane/bgtasks/dummy_data_task.py
@@ -347,7 +347,7 @@ def create_issues(workspace, project, user_id, issue_count):
            )
        )

-        text = fake.text(max_nb_chars=60000)
+        text = fake.text(max_nb_chars=3000)
        issues.append(
            Issue(
                state_id=states[random.randint(0, len(states) - 1)],
@@ -490,18 +490,23 @@ def create_issue_assignees(workspace, project, user_id, issue_count):
 def create_issue_labels(workspace, project, user_id, issue_count):
    # labels
    labels = Label.objects.filter(project=project).values_list("id", flat=True)
-    issues = random.sample(
-        list(
+    # issues = random.sample(
+    #     list(
+    #         Issue.objects.filter(project=project).values_list("id", flat=True)
+    #     ),
+    #     int(issue_count / 2),
+    # )
+    issues = list(
            Issue.objects.filter(project=project).values_list("id", flat=True)
-        ),
-        int(issue_count / 2),
-    )
+        ) 
+    shuffled_labels = list(labels)

    # Bulk issue
    bulk_issue_labels = []
    for issue in issues:
+        random.shuffle(shuffled_labels)
        for label in random.sample(
-            list(labels), random.randint(0, len(labels) - 1)
+            shuffled_labels, random.randint(0, 5)
        ):
            bulk_issue_labels.append(
                IssueLabel(
@@ -552,25 +557,33 @@ def create_module_issues(workspace, project, user_id, issue_count):
    modules = Module.objects.filter(project=project).values_list(
        "id", flat=True
    )
-    issues = random.sample(
-        list(
+    # issues = random.sample(
+    #     list(
+    #         Issue.objects.filter(project=project).values_list("id", flat=True)
+    #     ),
+    #     int(issue_count / 2),
+    # )
+    issues = list(
            Issue.objects.filter(project=project).values_list("id", flat=True)
-        ),
-        int(issue_count / 2),
-    )
+        ) 
+
+    shuffled_modules = list(modules)

    # Bulk issue
    bulk_module_issues = []
    for issue in issues:
-        module = modules[random.randint(0, len(modules) - 1)]
-        bulk_module_issues.append(
-            ModuleIssue(
-                module_id=module,
-                issue_id=issue,
-                project=project,
-                workspace=workspace,
+        random.shuffle(shuffled_modules)
+        for module in random.sample(
+            shuffled_modules, random.randint(0, 5)
+        ):
+            bulk_module_issues.append(
+                ModuleIssue(
+                    module_id=module,
+                    issue_id=issue,
+                    project=project,
+                    workspace=workspace,
+                )
            )
-        )
    # Issue assignees
    ModuleIssue.objects.bulk_create(
        bulk_module_issues, batch_size=1000, ignore_conflicts=True
--- a/apiserver/plane/bgtasks/export_task.py
+++ b/apiserver/plane/bgtasks/export_task.py
@@ -244,9 +244,13 @@ def update_json_row(rows, row):
        )
        assignee, label = row["Assignee"], row["Labels"]

-        if assignee is not None and assignee not in existing_assignees:
+        if assignee is not None and (
+            existing_assignees is None or label not in existing_assignees
+        ):
            rows[matched_index]["Assignee"] += f", {assignee}"
-        if label is not None and label not in existing_labels:
+        if label is not None and (
+            existing_labels is None or label not in existing_labels
+        ):
            rows[matched_index]["Labels"] += f", {label}"
    else:
        rows.append(row)
@@ -266,9 +270,13 @@ def update_table_row(rows, row):
        existing_assignees, existing_labels = rows[matched_index][7:9]
        assignee, label = row[7:9]

-        if assignee is not None and assignee not in existing_assignees:
-            rows[matched_index][7] += f", {assignee}"
-        if label is not None and label not in existing_labels:
+        if assignee is not None and (
+            existing_assignees is None or label not in existing_assignees
+        ):
+            rows[matched_index][8] += f", {assignee}"
+        if label is not None and (
+            existing_labels is None or label not in existing_labels
+        ):
            rows[matched_index][8] += f", {label}"
    else:
        rows.append(row)
--- a/apiserver/plane/bgtasks/issue_activities_task.py
+++ b/apiserver/plane/bgtasks/issue_activities_task.py
@@ -1,13 +1,11 @@
 # Python imports
 import json

-import requests

 # Third Party imports
 from celery import shared_task

 # Django imports
-from django.conf import settings
 from django.core.serializers.json import DjangoJSONEncoder
 from django.utils import timezone

--- a/apiserver/plane/bgtasks/notification_task.py
+++ b/apiserver/plane/bgtasks/notification_task.py
@@ -128,7 +128,9 @@ def extract_mentions(issue_instance):
            "mention-component", attrs={"target": "users"}
        )

-        mentions = [mention_tag["entity_identifier"] for mention_tag in mention_tags]
+        mentions = [
+            mention_tag["entity_identifier"] for mention_tag in mention_tags
+        ]

        return list(set(mentions))
    except Exception:
@@ -198,6 +200,16 @@ def create_mention_notification(
                "actor": str(activity.get("actor_id")),
                "new_value": str(activity.get("new_value")),
                "old_value": str(activity.get("old_value")),
+                "old_identifier": (
+                    str(activity.get("old_identifier"))
+                    if activity.get("old_identifier")
+                    else None
+                ),
+                "new_identifier": (
+                    str(activity.get("new_identifier"))
+                    if activity.get("new_identifier")
+                    else None
+                ),
            },
        },
    )
@@ -440,6 +452,24 @@ def notifications(
                                        if issue_comment is not None
                                        else ""
                                    ),
+                                    "old_identifier": (
+                                        str(
+                                            issue_activity.get(
+                                                "old_identifier"
+                                            )
+                                        )
+                                        if issue_activity.get("old_identifier")
+                                        else None
+                                    ),
+                                    "new_identifier": (
+                                        str(
+                                            issue_activity.get(
+                                                "new_identifier"
+                                            )
+                                        )
+                                        if issue_activity.get("new_identifier")
+                                        else None
+                                    ),
                                },
                            },
                        )
@@ -489,6 +519,28 @@ def notifications(
                                            if issue_comment is not None
                                            else ""
                                        ),
+                                        "old_identifier": (
+                                            str(
+                                                issue_activity.get(
+                                                    "old_identifier"
+                                                )
+                                            )
+                                            if issue_activity.get(
+                                                "old_identifier"
+                                            )
+                                            else None
+                                        ),
+                                        "new_identifier": (
+                                            str(
+                                                issue_activity.get(
+                                                    "new_identifier"
+                                                )
+                                            )
+                                            if issue_activity.get(
+                                                "new_identifier"
+                                            )
+                                            else None
+                                        ),
                                        "activity_time": issue_activity.get(
                                            "created_at"
                                        ),
@@ -572,6 +624,28 @@ def notifications(
                                            "old_value": str(
                                                issue_activity.get("old_value")
                                            ),
+                                            "old_identifier": (
+                                                str(
+                                                    issue_activity.get(
+                                                        "old_identifier"
+                                                    )
+                                                )
+                                                if issue_activity.get(
+                                                    "old_identifier"
+                                                )
+                                                else None
+                                            ),
+                                            "new_identifier": (
+                                                str(
+                                                    issue_activity.get(
+                                                        "new_identifier"
+                                                    )
+                                                )
+                                                if issue_activity.get(
+                                                    "new_identifier"
+                                                )
+                                                else None
+                                            ),
                                            "activity_time": issue_activity.get(
                                                "created_at"
                                            ),
@@ -627,6 +701,28 @@ def notifications(
                                        "old_value": str(
                                            last_activity.old_value
                                        ),
+                                        "old_identifier": (
+                                            str(
+                                                issue_activity.get(
+                                                    "old_identifier"
+                                                )
+                                            )
+                                            if issue_activity.get(
+                                                "old_identifier"
+                                            )
+                                            else None
+                                        ),
+                                        "new_identifier": (
+                                            str(
+                                                issue_activity.get(
+                                                    "new_identifier"
+                                                )
+                                            )
+                                            if issue_activity.get(
+                                                "new_identifier"
+                                            )
+                                            else None
+                                        ),
                                    },
                                },
                            )
@@ -662,7 +758,31 @@ def notifications(
                                            "old_value": str(
                                                last_activity.old_value
                                            ),
-                                            "activity_time": str(last_activity.created_at),
+                                            "old_identifier": (
+                                                str(
+                                                    issue_activity.get(
+                                                        "old_identifier"
+                                                    )
+                                                )
+                                                if issue_activity.get(
+                                                    "old_identifier"
+                                                )
+                                                else None
+                                            ),
+                                            "new_identifier": (
+                                                str(
+                                                    issue_activity.get(
+                                                        "new_identifier"
+                                                    )
+                                                )
+                                                if issue_activity.get(
+                                                    "new_identifier"
+                                                )
+                                                else None
+                                            ),
+                                            "activity_time": str(
+                                                last_activity.created_at
+                                            ),
                                        },
                                    },
                                )
@@ -719,6 +839,28 @@ def notifications(
                                                        "old_value"
                                                    )
                                                ),
+                                                "old_identifier": (
+                                                    str(
+                                                        issue_activity.get(
+                                                            "old_identifier"
+                                                        )
+                                                    )
+                                                    if issue_activity.get(
+                                                        "old_identifier"
+                                                    )
+                                                    else None
+                                                ),
+                                                "new_identifier": (
+                                                    str(
+                                                        issue_activity.get(
+                                                            "new_identifier"
+                                                        )
+                                                    )
+                                                    if issue_activity.get(
+                                                        "new_identifier"
+                                                    )
+                                                    else None
+                                                ),
                                                "activity_time": issue_activity.get(
                                                    "created_at"
                                                ),
--- a/apiserver/plane/db/management/commands/create_dummy_data.py
+++ b/apiserver/plane/db/management/commands/create_dummy_data.py
@@ -73,7 +73,7 @@ class Command(BaseCommand):

                from plane.bgtasks.dummy_data_task import create_dummy_data

-                create_dummy_data.delay(
+                create_dummy_data(
                    slug=workspace_slug,
                    email=creator,
                    members=members,
--- a/apiserver/plane/db/migrations/0076_alter_projectmember_role_and_more.py
+++ b/apiserver/plane/db/migrations/0076_alter_projectmember_role_and_more.py
@@ -0,0 +1,60 @@
+# Generated by Django 4.2.15 on 2024-08-30 07:34
+
+from django.db import migrations, models
+
+
+def update_workspace_project_member_role(apps, schema_editor):
+    WorkspaceMember = apps.get_model("db", "WorkspaceMember")
+    ProjectMember = apps.get_model("db", "ProjectMember")
+
+    # update all existing members with role 10 to role 5
+    WorkspaceMember.objects.filter(role=10).update(role=5)
+    ProjectMember.objects.filter(role=10).update(role=5)
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("db", "0075_alter_fileasset_asset"),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name="projectmember",
+            name="role",
+            field=models.PositiveSmallIntegerField(
+                choices=[(20, "Admin"), (15, "Member"), (5, "Guest")],
+                default=5,
+            ),
+        ),
+        migrations.AlterField(
+            model_name="projectmemberinvite",
+            name="role",
+            field=models.PositiveSmallIntegerField(
+                choices=[(20, "Admin"), (15, "Member"), (5, "Guest")],
+                default=5,
+            ),
+        ),
+        migrations.AlterField(
+            model_name="workspacemember",
+            name="role",
+            field=models.PositiveSmallIntegerField(
+                choices=[(20, "Admin"), (15, "Member"), (5, "Guest")],
+                default=5,
+            ),
+        ),
+        migrations.AlterField(
+            model_name="workspacememberinvite",
+            name="role",
+            field=models.PositiveSmallIntegerField(
+                choices=[(20, "Admin"), (15, "Member"), (5, "Guest")],
+                default=5,
+            ),
+        ),
+        migrations.AddField(
+            model_name="project",
+            name="guest_view_all_features",
+            field=models.BooleanField(default=False),
+        ),
+        migrations.RunPython(update_workspace_project_member_role),
+    ]
--- a/apiserver/plane/db/models/project.py
+++ b/apiserver/plane/db/models/project.py
@@ -16,7 +16,6 @@ from .base import BaseModel
 ROLE_CHOICES = (
    (20, "Admin"),
    (15, "Member"),
-    (10, "Viewer"),
    (5, "Guest"),
 )

@@ -98,6 +97,7 @@ class Project(BaseModel):
    inbox_view = models.BooleanField(default=False)
    is_time_tracking_enabled = models.BooleanField(default=False)
    is_issue_type_enabled = models.BooleanField(default=False)
+    guest_view_all_features = models.BooleanField(default=False)
    cover_image = models.URLField(blank=True, null=True, max_length=800)
    estimate = models.ForeignKey(
        "db.Estimate",
@@ -173,7 +173,7 @@ class ProjectMemberInvite(ProjectBaseModel):
    token = models.CharField(max_length=255)
    message = models.TextField(null=True)
    responded_at = models.DateTimeField(null=True)
-    role = models.PositiveSmallIntegerField(choices=ROLE_CHOICES, default=10)
+    role = models.PositiveSmallIntegerField(choices=ROLE_CHOICES, default=5)

    class Meta:
        verbose_name = "Project Member Invite"
@@ -194,7 +194,7 @@ class ProjectMember(ProjectBaseModel):
        related_name="member_project",
    )
    comment = models.TextField(blank=True, null=True)
-    role = models.PositiveSmallIntegerField(choices=ROLE_CHOICES, default=10)
+    role = models.PositiveSmallIntegerField(choices=ROLE_CHOICES, default=5)
    view_props = models.JSONField(default=get_default_props)
    default_props = models.JSONField(default=get_default_props)
    preferences = models.JSONField(default=get_default_preferences)
--- a/apiserver/plane/db/models/workspace.py
+++ b/apiserver/plane/db/models/workspace.py
@@ -8,9 +8,8 @@ from .base import BaseModel
 from plane.utils.constants import RESTRICTED_WORKSPACE_SLUGS

 ROLE_CHOICES = (
-    (20, "Owner"),
-    (15, "Admin"),
-    (10, "Member"),
+    (20, "Admin"),
+    (15, "Member"),
    (5, "Guest"),
 )

@@ -177,7 +176,7 @@ class WorkspaceMember(BaseModel):
        on_delete=models.CASCADE,
        related_name="member_workspace",
    )
-    role = models.PositiveSmallIntegerField(choices=ROLE_CHOICES, default=10)
+    role = models.PositiveSmallIntegerField(choices=ROLE_CHOICES, default=5)
    company_role = models.TextField(null=True, blank=True)
    view_props = models.JSONField(default=get_default_props)
    default_props = models.JSONField(default=get_default_props)
@@ -214,7 +213,7 @@ class WorkspaceMemberInvite(BaseModel):
    token = models.CharField(max_length=255)
    message = models.TextField(null=True)
    responded_at = models.DateTimeField(null=True)
-    role = models.PositiveSmallIntegerField(choices=ROLE_CHOICES, default=10)
+    role = models.PositiveSmallIntegerField(choices=ROLE_CHOICES, default=5)

    class Meta:
        unique_together = ["email", "workspace", "deleted_at"]
--- a/apiserver/plane/license/bgtasks/tracer.py
+++ b/apiserver/plane/license/bgtasks/tracer.py
@@ -0,0 +1,96 @@
+# Third party imports
+from celery import shared_task
+from opentelemetry import trace
+
+# Module imports
+from plane.license.models import Instance
+from plane.db.models import (
+    User,
+    Workspace,
+    Project,
+    Issue,
+    Module,
+    Cycle,
+    CycleIssue,
+    ModuleIssue,
+    Page,
+    WorkspaceMember,
+)
+
+
+@shared_task
+def instance_traces():
+    # Get the tracer
+    tracer = trace.get_tracer(__name__)
+
+    # Check if the instance is registered
+    instance = Instance.objects.first()
+
+    # If instance is None then return
+    if instance is None:
+        return
+
+    if instance.is_telemetry_enabled:
+        # Instance details
+        with tracer.start_as_current_span("instance_details") as span:
+            # Count of all models
+            workspace_count = Workspace.objects.count()
+            user_count = User.objects.count()
+            project_count = Project.objects.count()
+            issue_count = Issue.objects.count()
+            module_count = Module.objects.count()
+            cycle_count = Cycle.objects.count()
+            cycle_issue_count = CycleIssue.objects.count()
+            module_issue_count = ModuleIssue.objects.count()
+            page_count = Page.objects.count()
+
+            # Set span attributes
+            span.set_attribute("instance_id", instance.instance_id)
+            span.set_attribute("instance_name", instance.instance_name)
+            span.set_attribute("current_version", instance.current_version)
+            span.set_attribute("latest_version", instance.latest_version)
+            span.set_attribute(
+                "is_telemetry_enabled", instance.is_telemetry_enabled
+            )
+            span.set_attribute("user_count", user_count)
+            span.set_attribute("workspace_count", workspace_count)
+            span.set_attribute("project_count", project_count)
+            span.set_attribute("issue_count", issue_count)
+            span.set_attribute("module_count", module_count)
+            span.set_attribute("cycle_count", cycle_count)
+            span.set_attribute("cycle_issue_count", cycle_issue_count)
+            span.set_attribute("module_issue_count", module_issue_count)
+            span.set_attribute("page_count", page_count)
+
+        # Workspace details
+        for workspace in Workspace.objects.all():
+            # Count of all models
+            project_count = Project.objects.filter(workspace=workspace).count()
+            issue_count = Issue.objects.filter(workspace=workspace).count()
+            module_count = Module.objects.filter(workspace=workspace).count()
+            cycle_count = Cycle.objects.filter(workspace=workspace).count()
+            cycle_issue_count = CycleIssue.objects.filter(
+                workspace=workspace
+            ).count()
+            module_issue_count = ModuleIssue.objects.filter(
+                workspace=workspace
+            ).count()
+            page_count = Page.objects.filter(workspace=workspace).count()
+            member_count = WorkspaceMember.objects.filter(
+                workspace=workspace
+            ).count()
+
+            # Set span attributes
+            with tracer.start_as_current_span("workspace_details") as span:
+                span.set_attribute("workspace_id", str(workspace.id))
+                span.set_attribute("workspace_slug", workspace.slug)
+                span.set_attribute("project_count", project_count)
+                span.set_attribute("issue_count", issue_count)
+                span.set_attribute("module_count", module_count)
+                span.set_attribute("cycle_count", cycle_count)
+                span.set_attribute("cycle_issue_count", cycle_issue_count)
+                span.set_attribute("module_issue_count", module_issue_count)
+                span.set_attribute("page_count", page_count)
+                span.set_attribute("member_count", member_count)
+
+    return
--- a/apiserver/plane/license/management/commands/register_instance.py
+++ b/apiserver/plane/license/management/commands/register_instance.py
@@ -9,7 +9,10 @@ from django.conf import settings

 # Module imports
 from plane.license.models import Instance
-from plane.db.models import User
+from plane.db.models import (
+    User,
+)
+from plane.license.bgtasks.tracer import instance_traces


 class Command(BaseCommand):
@@ -21,16 +24,24 @@ class Command(BaseCommand):
            "machine_signature", type=str, help="Machine signature"
        )

+    def read_package_json(self):
+        with open("package.json", "r") as file:
+            # Load JSON content from the file
+            data = json.load(file)
+
+        payload = {
+            "instance_key": settings.INSTANCE_KEY,
+            "version": data.get("version", 0.1),
+            "user_count": User.objects.filter(is_bot=False).count(),
+        }
+        return payload
+
    def handle(self, *args, **options):
        # Check if the instance is registered
        instance = Instance.objects.first()

        # If instance is None then register this instance
        if instance is None:
-            with open("package.json", "r") as file:
-                # Load JSON content from the file
-                data = json.load(file)
-
            machine_signature = options.get(
                "machine_signature", "machine-signature"
            )
@@ -38,12 +49,7 @@ class Command(BaseCommand):
            if not machine_signature:
                raise CommandError("Machine signature is required")

-            payload = {
-                "instance_key": settings.INSTANCE_KEY,
-                "version": data.get("version", 0.1),
-                "machine_signature": machine_signature,
-                "user_count": User.objects.filter(is_bot=False).count(),
-            }
+            payload = self.read_package_json()

            instance = Instance.objects.create(
                instance_name="Plane Community Edition",
@@ -60,4 +66,15 @@ class Command(BaseCommand):
            self.stdout.write(
                self.style.SUCCESS("Instance already registered")
            )
-            return
+            payload = self.read_package_json()
+            # Update the instance details
+            instance.last_checked_at = timezone.now()
+            instance.user_count = payload.get("user_count", 0)
+            instance.current_version = payload.get("version")
+            instance.latest_version = payload.get("version")
+            instance.save()
+
+        # Call the instance traces task
+        instance_traces.delay()
+
+        return
--- a/apiserver/plane/settings/common.py
+++ b/apiserver/plane/settings/common.py
@@ -2,10 +2,8 @@

 # Python imports
 import os
-import ssl
 from urllib.parse import urlparse

-import certifi

 # Third party imports
 import dj_database_url
@@ -18,6 +16,17 @@ from sentry_sdk.integrations.django import DjangoIntegration
 from sentry_sdk.integrations.redis import RedisIntegration
 from corsheaders.defaults import default_headers

+# OpenTelemetry
+from opentelemetry import trace
+from opentelemetry.exporter.otlp.proto.grpc.trace_exporter import (
+    OTLPSpanExporter,
+)
+from opentelemetry.sdk.trace import TracerProvider
+from opentelemetry.sdk.trace.export import BatchSpanProcessor
+from opentelemetry.sdk.resources import Resource
+from opentelemetry.instrumentation.django import DjangoInstrumentor
+
+
 BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))

 # Secret Key
@@ -26,6 +35,19 @@ SECRET_KEY = os.environ.get("SECRET_KEY", get_random_secret_key())
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = int(os.environ.get("DEBUG", "0"))

+# Initialize Django instrumentation
+DjangoInstrumentor().instrument()
+# Configure the tracer provider
+service_name = os.environ.get("SERVICE_NAME", "plane-ce-api")
+resource = Resource.create({"service.name": service_name})
+trace.set_tracer_provider(TracerProvider(resource=resource))
+# Configure the OTLP exporter
+otel_endpoint = os.environ.get("OTLP_ENDPOINT", "https://telemetry.plane.so")
+otlp_exporter = OTLPSpanExporter(endpoint=otel_endpoint)
+span_processor = BatchSpanProcessor(otlp_exporter)
+trace.get_tracer_provider().add_span_processor(span_processor)
+
+
 # Allowed Hosts
 ALLOWED_HOSTS = ["*"]

@@ -254,18 +276,25 @@ if AWS_S3_ENDPOINT_URL and USE_MINIO:
    AWS_S3_CUSTOM_DOMAIN = f"{parsed_url.netloc}/{AWS_STORAGE_BUCKET_NAME}"
    AWS_S3_URL_PROTOCOL = f"{parsed_url.scheme}:"

+# RabbitMQ connection settings
+RABBITMQ_HOST = os.environ.get("RABBITMQ_HOST", "localhost")
+RABBITMQ_PORT = os.environ.get("RABBITMQ_PORT", "5672")
+RABBITMQ_USER = os.environ.get("RABBITMQ_USER", "guest")
+RABBITMQ_PASSWORD = os.environ.get("RABBITMQ_PASSWORD", "guest")
+RABBITMQ_VHOST = os.environ.get("RABBITMQ_VHOST", "/")
+AMQP_URL = os.environ.get("AMQP_URL")

 # Celery Configuration
+if AMQP_URL:
+    CELERY_BROKER_URL = AMQP_URL
+else:
+    CELERY_BROKER_URL = f"amqp://{RABBITMQ_USER}:{RABBITMQ_PASSWORD}@{RABBITMQ_HOST}:{RABBITMQ_PORT}/{RABBITMQ_VHOST}"
+
 CELERY_TIMEZONE = TIME_ZONE
 CELERY_TASK_SERIALIZER = "json"
+CELERY_RESULT_SERIALIZER = "json"
 CELERY_ACCEPT_CONTENT = ["application/json"]

-if REDIS_SSL:
-    redis_url = os.environ.get("REDIS_URL")
-    broker_url = f"{redis_url}?ssl_cert_reqs={ssl.CERT_NONE.name}&ssl_ca_certs={certifi.where()}"
-    CELERY_BROKER_URL = broker_url
-else:
-    CELERY_BROKER_URL = REDIS_URL

 CELERY_IMPORTS = (
    # scheduled tasks
@@ -274,6 +303,7 @@ CELERY_IMPORTS = (
    "plane.bgtasks.file_asset_task",
    "plane.bgtasks.email_notification_task",
    "plane.bgtasks.api_logs_task",
+    "plane.license.bgtasks.tracer",
    # management tasks
    "plane.bgtasks.dummy_data_task",
 )
@@ -331,14 +361,14 @@ SESSION_COOKIE_SECURE = secure_origins
 SESSION_COOKIE_HTTPONLY = True
 SESSION_ENGINE = "plane.db.models.session"
 SESSION_COOKIE_AGE = os.environ.get("SESSION_COOKIE_AGE", 604800)
-SESSION_COOKIE_NAME = "plane-session-id"
+SESSION_COOKIE_NAME = os.environ.get("SESSION_COOKIE_NAME", "session-id")
 SESSION_COOKIE_DOMAIN = os.environ.get("COOKIE_DOMAIN", None)
 SESSION_SAVE_EVERY_REQUEST = (
    os.environ.get("SESSION_SAVE_EVERY_REQUEST", "0") == "1"
 )

 # Admin Cookie
-ADMIN_SESSION_COOKIE_NAME = "plane-admin-session-id"
+ADMIN_SESSION_COOKIE_NAME = "admin-session-id"
 ADMIN_SESSION_COOKIE_AGE = os.environ.get("ADMIN_SESSION_COOKIE_AGE", 3600)

 # CSRF cookies
--- a/apiserver/plane/utils/global_paginator.py
+++ b/apiserver/plane/utils/global_paginator.py
@@ -1,3 +1,6 @@
+# python imports
+from math import ceil
+
 # constants
 PAGINATOR_MAX_LIMIT = 1000

@@ -36,6 +39,9 @@ def paginate(base_queryset, queryset, cursor, on_result):
    total_results = base_queryset.count()
    page_size = min(cursor_object.current_page_size, PAGINATOR_MAX_LIMIT)

+    # getting the total pages available based on the page size
+    total_pages = ceil(total_results / page_size)
+
    # Calculate the start and end index for the paginated data
    start_index = 0
    if cursor_object.current_page > 0:
@@ -72,6 +78,7 @@ def paginate(base_queryset, queryset, cursor, on_result):
        "next_page_results": next_page_results,
        "page_count": len(paginated_data),
        "total_results": total_results,
+        "total_pages": total_pages,
        "results": paginated_data,
    }

--- a/apiserver/plane/utils/order_queryset.py
+++ b/apiserver/plane/utils/order_queryset.py
@@ -30,9 +30,9 @@ def order_issue_queryset(issue_queryset, order_by_param="-created_at"):
            )
        ).order_by("priority_order")
        order_by_param = (
-            "-priority_order"
+            "priority_order"
            if order_by_param.startswith("-")
-            else "priority_order"
+            else "-priority_order"
        )
    # State Ordering
    elif order_by_param in [
--- a/apiserver/plane/utils/paginator.py
+++ b/apiserver/plane/utils/paginator.py
@@ -82,7 +82,7 @@ class CursorResult(Sequence):
        return f"<{type(self).__name__}: results={len(self.results)}>"


-MAX_LIMIT = 100
+MAX_LIMIT = 1000


 class BadPaginationError(Exception):
@@ -118,7 +118,7 @@ class OffsetPaginator:
        self.max_offset = max_offset
        self.on_results = on_results

-    def get_result(self, limit=100, cursor=None):
+    def get_result(self, limit=1000, cursor=None):
        # offset is page #
        # value is page limit
        if cursor is None:
@@ -727,7 +727,7 @@ class BasePaginator:
    cursor_name = "cursor"

    # get the per page parameter from request
-    def get_per_page(self, request, default_per_page=100, max_per_page=100):
+    def get_per_page(self, request, default_per_page=1000, max_per_page=1000):
        try:
            per_page = int(request.GET.get("per_page", default_per_page))
        except ValueError:
@@ -747,8 +747,8 @@ class BasePaginator:
        on_results=None,
        paginator=None,
        paginator_cls=OffsetPaginator,
-        default_per_page=100,
-        max_per_page=100,
+        default_per_page=1000,
+        max_per_page=1000,
        cursor_cls=Cursor,
        extra_stats=None,
        controller=None,
--- a/apiserver/requirements/base.txt
+++ b/apiserver/requirements/base.txt
@@ -17,6 +17,7 @@ django-cors-headers==4.3.1
 # celery
 celery==5.4.0
 django_celery_beat==2.6.0
+django-celery-results==2.5.1
 # file serve
 whitenoise==6.6.0
 # fake data
@@ -50,7 +51,7 @@ beautifulsoup4==4.12.3
 # analytics
 posthog==3.5.0
 # crypto
-cryptography==42.0.5
+cryptography==43.0.1
 # html validator
 lxml==5.2.1
 # s3
@@ -61,3 +62,8 @@ zxcvbn==4.4.28
 pytz==2024.1
 # jwt
 PyJWT==2.8.0
+# OpenTelemetry
+opentelemetry-api==1.27.0
+opentelemetry-sdk==1.27.0
+opentelemetry-instrumentation-django==0.48b0
+opentelemetry-exporter-otlp==1.27.0
--- a/apiserver/runtime.txt
+++ b/apiserver/runtime.txt
@@ -1 +1 @@
-python-3.12.3
+python-3.12.6
--- a/Show More
+++ b/Show More