test folder refactoring

2026-04-18 00:02:15 +00:00 · 2021-07-18 14:53:00 +02:00
parent 5046071f3a
commit 18150cd920
20 changed files with 25 additions and 25 deletions
--- a/tests/Domain/Admin/AdminTest.php
+++ b/tests/Domain/Admin/AdminTest.php
@@ -0,0 +1,638 @@
+<?php
+
+namespace Tests\Feature\Admin;
+
+use App\Models\File;
+use App\Models\Folder;
+use App\Models\Setting;
+use App\Models\Share;
+use App\Models\User;
+use App\Models\Zip;
+use App\Notifications\ResetPassword;
+use App\Services\SetupService;
+use DB;
+use Illuminate\Http\UploadedFile;
+use Notification;
+use Laravel\Sanctum\Sanctum;
+use Storage;
+use Tests\TestCase;
+
+class AdminTest extends TestCase
+{
+    public function __construct()
+    {
+        parent::__construct();
+        $this->setup = app()->make(SetupService::class);
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_dashboard_data()
+    {
+        $user = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        File::factory(File::class)
+            ->count(2)
+            ->create(['filesize' => 1000000]);
+
+        Setting::forceCreate([
+            'name'  => 'license',
+            'value' => 'Regular'
+        ]);
+
+        DB::table('subscriptions')
+            ->insert([
+                'user_id'       => $user->id,
+                'name'          => 'main',
+                'stripe_id'     => 'sub_Hp4jgdIpPDDWXw',
+                'stripe_status' => 'active',
+            ]);
+
+        Sanctum::actingAs($user);
+
+        $this->getJson('/api/admin/dashboard')
+            ->assertStatus(200)
+            ->assertExactJson([
+                "license"             => 'Regular',
+                "app_version"         => config('vuefilemanager.version'),
+                "total_users"         => 1,
+                "total_used_space"    => '2.00MB',
+                "total_premium_users" => 1,
+            ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_new_users_for_dashboard()
+    {
+        $users = User::factory(User::class)
+            ->count(5)
+            ->create(['role' => 'user']);
+
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $users->each(function ($user) {
+            $this->getJson('/api/admin/dashboard/newbies')
+                ->assertStatus(200)
+                ->assertJsonFragment([
+                    'id' => $user->id,
+                ]);
+        });
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_all_users()
+    {
+        $users = User::factory(User::class)
+            ->count(5)
+            ->create(['role' => 'user']);
+
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $users->each(function ($user) {
+            $this->getJson('/api/admin/users?page=1')
+                ->assertStatus(200)
+                ->assertJsonFragment([
+                    'id' => $user->id,
+                ]);
+        });
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_single_user()
+    {
+        $user = User::factory(User::class)
+            ->create(['role' => 'user']);
+
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        // TODO: pridat exactjson po refaktorovani userresource
+        $this->getJson("/api/admin/users/$user->id/detail")
+            ->assertStatus(200)
+            ->assertJsonFragment([
+                'id' => $user->id,
+            ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_non_existed_user_subscription()
+    {
+        $user = User::factory(User::class)
+            ->create();
+
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $this->getJson("/api/admin/users/$user->id/subscription")
+            ->assertStatus(404);
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_user_storage_detail()
+    {
+        $user = User::factory(User::class)
+            ->create(['role' => 'user']);
+
+        collect(['image', 'audio', 'video', 'pdf', 'zip'])
+            ->each(function ($mimetype) use ($user) {
+                File::factory(File::class)
+                    ->create([
+                        'user_id'  => $user->id,
+                        'type'     => $mimetype,
+                        'mimetype' => $mimetype,
+                        'filesize' => 1000000,
+                    ]);
+            });
+
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $this->getJson("/api/admin/users/$user->id/storage")
+            ->assertStatus(200)
+            ->assertExactJson([
+                "data" => [
+                    "id"         => $user->id,
+                    "type"       => "storage",
+                    "attributes" => [
+                        "used"       => "5.00MB",
+                        "capacity"   => "5GB",
+                        "percentage" => 0.1,
+                    ],
+                    "meta"       => [
+                        "images"    => [
+                            "used"       => '1.00MB',
+                            "percentage" => 0.02,
+                        ],
+                        "audios"    => [
+                            "used"       => '1.00MB',
+                            "percentage" => 0.02,
+                        ],
+                        "videos"    => [
+                            "used"       => '1.00MB',
+                            "percentage" => 0.02,
+                        ],
+                        "documents" => [
+                            "used"       => '1.00MB',
+                            "percentage" => 0.02,
+                        ],
+                        "others"    => [
+                            "used"       => '1.00MB',
+                            "percentage" => 0.02,
+                        ]
+                    ]
+                ]
+            ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_send_reset_password_for_user()
+    {
+        $user = User::factory(User::class)
+            ->create(['role' => 'user']);
+
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $this->postJson("/api/admin/users/$user->id/reset-password")
+            ->assertStatus(204);
+
+        Notification::assertTimesSent(1, ResetPassword::class);
+    }
+
+    /**
+     * @test
+     */
+    public function it_change_user_storage_capacity()
+    {
+        $user = User::factory(User::class)
+            ->create(['role' => 'user']);
+
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $this->patchJson("/api/admin/users/$user->id/capacity", [
+            'attributes' => [
+                'storage_capacity' => 10
+            ]
+        ])->assertStatus(200);
+
+        $this->assertDatabaseHas('user_settings', [
+            'user_id'          => $user->id,
+            'storage_capacity' => 10,
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_change_user_role()
+    {
+        $user = User::factory(User::class)
+            ->create(['role' => 'user']);
+
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $this->patchJson("/api/admin/users/$user->id/role", [
+            'attributes' => [
+                'role' => 'admin'
+            ]
+        ])->assertStatus(200);
+
+        $this->assertTrue(User::find($user->id)->role === 'admin');
+    }
+
+    /**
+     * @test
+     */
+    public function it_create_new_user_with_avatar()
+    {
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $avatar = UploadedFile::fake()
+            ->image('fake-image.jpg');
+
+        $this->postJson("/api/admin/users/create", [
+            'name'                  => 'John Doe',
+            'role'                  => 'user',
+            'email'                 => 'john@doe.com',
+            'password'              => 'VerySecretPassword',
+            'storage_capacity'      => 15,
+            'password_confirmation' => 'VerySecretPassword',
+            'avatar'                => $avatar,
+        ])->assertStatus(201);
+
+        $this->assertDatabaseHas('users', [
+            'email' => 'john@doe.com'
+        ]);
+
+        $this->assertNotNull(User::whereEmail('john@doe.com')
+            ->get('email_verified_at'));
+
+        $this->assertDatabaseHas('user_settings', [
+            'name' => 'John Doe'
+        ]);
+
+        Storage::disk('local')
+            ->assertExists(
+                User::whereEmail('john@doe.com')->first()->settings->getRawOriginal('avatar')
+            );
+    }
+
+    /**
+     * @test
+     */
+    public function it_delete_user_with_all_data()
+    {
+        $this->setup->create_directories();
+
+        // Create and login user
+        $user = User::factory(User::class)
+            ->create(['role' => 'user']);
+
+        Sanctum::actingAs($user);
+
+        // Create folders
+        $folders = Folder::factory(Folder::class)
+            ->count(2)
+            ->create(['user_id' => $user->id]);
+
+        // Create favourite folders
+        $folders->each(function ($folder) use ($user) {
+            $user->favouriteFolders()->attach($folder->id);
+        });
+
+        // Create zips
+        Zip::factory(Zip::class)
+            ->count(2)
+            ->create(['user_id' => $user->id]);
+
+        // Create shares
+        Share::factory(Share::class)
+            ->count(2)
+            ->create(['user_id' => $user->id]);
+
+        // Upload files
+        collect([0, 1])
+            ->each(function ($index) {
+
+                $file = UploadedFile::fake()
+                    ->create("fake-file-$index.pdf", 1200, 'application/pdf');
+
+                $this->postJson('/api/upload', [
+                    'filename'  => $file->name,
+                    'file'      => $file,
+                    'folder_id' => null,
+                    'is_last'   => true,
+                ])->assertStatus(201);
+            });
+
+        $file_ids = File::all()
+            ->pluck('id');
+
+        // Upload avatar
+        $avatar = UploadedFile::fake()
+            ->image('fake-image.jpg');
+
+        $this->patchJson('/api/user/relationships/settings', [
+            'avatar' => $avatar,
+        ])->assertStatus(204);
+
+        $user = User::whereRole('user')
+            ->first();
+
+        // Create and login admin
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        // Delete user
+        $this->deleteJson("/api/admin/users/$user->id/delete", [
+            'name' => $user->settings->name
+        ])
+            ->assertStatus(204);
+
+        $this->assertDatabaseMissing('user_settings', [
+            'user_id' => $user->id,
+        ]);
+
+        $this->assertDatabaseMissing('folders', [
+            'user_id' => $user->id,
+        ]);
+
+        $this->assertDatabaseMissing('shares', [
+            'user_id' => $user->id,
+        ]);
+
+        $this->assertDatabaseMissing('favourite_folder', [
+            'user_id' => $user->id,
+        ]);
+
+        $this->assertDatabaseMissing('files', [
+            'user_id' => $user->id,
+        ]);
+
+        $this->assertDatabaseMissing('zips', [
+            'user_id' => $user->id,
+        ]);
+
+        $file_ids
+            ->each(function ($id, $index) use ($user) {
+
+                Storage::disk('local')
+                    ->assertMissing(
+                        "files/$user->id/fake-file-$index.pdf"
+                    );
+
+                Storage::disk('local')
+                    ->assertMissing(
+                        "files/fake-file-$index.pdf"
+                    );
+            });
+
+        Storage::disk('local')
+            ->assertMissing($user->settings->getRawOriginal('avatar'));
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_all_pages()
+    {
+        $this->setup->seed_default_pages();
+
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        collect(['terms-of-service', 'privacy-policy', 'cookie-policy'])
+            ->each(function ($slug) {
+                $this->getJson('/api/admin/pages')
+                    ->assertStatus(200)
+                    ->assertJsonFragment([
+                        'slug' => $slug
+                    ]);
+            });
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_page()
+    {
+        $this->setup->seed_default_pages();
+
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $this->getJson('/api/admin/pages/terms-of-service')
+            ->assertStatus(200)
+            ->assertJsonFragment([
+                'slug' => 'terms-of-service'
+            ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_update_page()
+    {
+        $this->setup->seed_default_pages();
+
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $this->patchJson('/api/admin/pages/terms-of-service', [
+            'name'  => 'title',
+            'value' => 'New Title'
+        ])->assertStatus(204);
+
+        $this->assertDatabaseHas('pages', [
+            'title' => 'New Title'
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_settings()
+    {
+        $this->setup->seed_default_settings('Extended');
+
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $this->getJson('/api/admin/settings?column=section_features|section_feature_boxes')
+            ->assertStatus(200)
+            ->assertJsonFragment([
+                'section_features'      => '1',
+                'section_feature_boxes' => '1',
+            ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_update_settings()
+    {
+        $this->setup->seed_default_settings('Extended');
+
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $this->patchJson('/api/admin/settings', [
+            'name'  => 'header_title',
+            'value' => 'New Header Title'
+        ])->assertStatus(204);
+
+        $this->assertDatabaseHas('settings', [
+            'value' => 'New Header Title'
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_update_settings_image()
+    {
+        $this->setup->create_directories();
+
+        Setting::forceCreate([
+            'name'  => 'app_logo',
+            'value' => null,
+        ]);
+
+        $logo = UploadedFile::fake()
+            ->image('fake-image.jpg');
+
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $this->patchJson('/api/admin/settings', [
+            'name'     => 'app_logo',
+            'app_logo' => $logo
+        ])->assertStatus(204);
+
+        $this->assertDatabaseMissing('settings', [
+            'app_logo' => null
+        ]);
+
+        Storage::assertExists(
+            get_setting('app_logo')
+        );
+    }
+
+    /**
+     * @test
+     */
+    public function it_flush_cache()
+    {
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $this->getJson('/api/admin/settings/flush-cache')
+            ->assertStatus(204);
+    }
+
+    /**
+     * @test
+     */
+    public function it_set_stripe()
+    {
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $this->postJson('/api/admin/settings/stripe', [
+            'currency'      => 'EUR',
+            'key'           => '123456789',
+            'secret'        => '123456789',
+            'webhookSecret' => '123456789',
+        ])->assertStatus(204);
+
+        $this->assertDatabaseHas('settings', [
+            'name'  => 'stripe_currency',
+            'value' => 'EUR',
+        ]);
+
+        $this->assertDatabaseHas('settings', [
+            'name'  => 'payments_configured',
+            'value' => 1,
+        ]);
+
+        $this->assertDatabaseHas('settings', [
+            'name'  => 'payments_active',
+            'value' => 1,
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_set_email()
+    {
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $this->postJson('/api/admin/settings/email', [
+            'driver'     => 'smtp',
+            'host'       => 'smtp.email.com',
+            'port'       => 25,
+            'username'   => 'john@doe.com',
+            'password'   => 'secret',
+            'encryption' => 'tls',
+        ])->assertStatus(204);
+    }
+}
--- a/tests/Domain/Browsing/BrowseTest.php
+++ b/tests/Domain/Browsing/BrowseTest.php
@@ -0,0 +1,488 @@
+<?php
+
+namespace Tests\Feature\FileManager;
+
+use App\Models\File;
+use App\Models\Folder;
+use App\Models\Share;
+use App\Models\User;
+use Illuminate\Bus\Queueable;
+use Illuminate\Foundation\Testing\DatabaseMigrations;
+use Laravel\Sanctum\Sanctum;
+use Tests\TestCase;
+
+class BrowseTest extends TestCase
+{
+    use DatabaseMigrations, Queueable;
+
+    /**
+     * @test
+     */
+    public function it_get_navigator_tree()
+    {
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $folder_level_1 = Folder::factory(Folder::class)
+            ->create([
+                'name'    => 'level 1',
+                'author'  => 'user',
+                'user_id' => $user->id,
+            ]);
+
+        $folder_level_2 = Folder::factory(Folder::class)
+            ->create([
+                'name'      => 'level 2',
+                'parent_id' => $folder_level_1->id,
+                'author'    => 'user',
+                'user_id'   => $user->id,
+            ]);
+
+        $folder_level_3 = Folder::factory(Folder::class)
+            ->create([
+                'name'      => 'level 3',
+                'parent_id' => $folder_level_2->id,
+                'author'    => 'user',
+                'user_id'   => $user->id,
+            ]);
+
+        $folder_level_2_sibling = Folder::factory(Folder::class)
+            ->create([
+                'name'      => 'level 2 Sibling',
+                'parent_id' => $folder_level_1->id,
+                'author'    => 'user',
+                'user_id'   => $user->id,
+            ]);
+
+        $this->getJson("/api/browse/navigation")
+            ->assertStatus(200)
+            ->assertExactJson([
+                [
+                    "name"     => "Home",
+                    "location" => "base",
+                    "folders"  => [
+                        [
+                            "id"            => $folder_level_1->id,
+                            "parent_id"     => null,
+                            "name"          => "level 1",
+                            "items"         => 2,
+                            "trashed_items" => 2,
+                            "type"          => "folder",
+                            "folders"       => [
+                                [
+                                    "id"            => $folder_level_2->id,
+                                    "parent_id"     => $folder_level_1->id,
+                                    "name"          => "level 2",
+                                    "items"         => 1,
+                                    "trashed_items" => 1,
+                                    "type"          => "folder",
+                                    "folders"       => [
+                                        [
+                                            "id"            => $folder_level_3->id,
+                                            "user_id"       => $user->id,
+                                            "parent_id"     => $folder_level_2->id,
+                                            "name"          => "level 3",
+                                            "color"         => null,
+                                            "emoji"         => null,
+                                            "author"        => "user",
+                                            "deleted_at"    => null,
+                                            "created_at"    => $folder_level_3->created_at,
+                                            "updated_at"    => $folder_level_3->updated_at->toJson(),
+                                            "items"         => 0,
+                                            "trashed_items" => 0,
+                                            "type"          => "folder",
+                                            "folders"       => [],
+                                        ],
+                                    ],
+                                ],
+                                [
+                                    "id"            => $folder_level_2_sibling->id,
+                                    "parent_id"     => $folder_level_1->id,
+                                    "name"          => "level 2 Sibling",
+                                    "items"         => 0,
+                                    "trashed_items" => 0,
+                                    "type"          => "folder",
+                                    "folders"       => []
+                                ]
+                            ]
+                        ]
+                    ]
+                ]
+            ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_folder_content()
+    {
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $root = Folder::factory(Folder::class)
+            ->create([
+                'name'    => 'root',
+                'user_id' => $user->id,
+            ]);
+
+        $folder = Folder::factory(Folder::class)
+            ->create([
+                'parent_id' => $root->id,
+                'name'      => 'Documents',
+                "author"    => "user",
+                'user_id'   => $user->id,
+            ]);
+
+        $file = File::factory(File::class)
+            ->create([
+                'folder_id' => $root->id,
+                'name'      => 'Document',
+                'basename'  => 'document.pdf',
+                "mimetype"  => "application/pdf",
+                "author"    => "user",
+                "type"      => "file",
+                'user_id'   => $user->id,
+            ]);
+
+        $this->getJson("/api/browse/folders/$root->id")
+            ->assertStatus(200)
+            ->assertExactJson([
+                [
+                    "id"            => $folder->id,
+                    "user_id"       => $user->id,
+                    "parent_id"     => $root->id,
+                    "name"          => "Documents",
+                    "color"         => null,
+                    "emoji"         => null,
+                    "author"        => "user",
+                    "deleted_at"    => null,
+                    "created_at"    => $folder->created_at,
+                    "updated_at"    => $folder->updated_at->toJson(),
+                    "items"         => 0,
+                    "trashed_items" => 0,
+                    "type"          => "folder",
+                    "parent"        => [
+                        "id"            => $root->id,
+                        "name"          => "root",
+                        "items"         => 2,
+                        "trashed_items" => 2,
+                        "type"          => "folder",
+                    ],
+                    "shared"        => null,
+                ],
+                [
+                    "id"         => $file->id,
+                    "user_id"    => $user->id,
+                    "folder_id"  => $root->id,
+                    "thumbnail"  => null,
+                    "name"       => "Document",
+                    "basename"   => "document.pdf",
+                    "mimetype"   => "application/pdf",
+                    "filesize"   => $file->filesize,
+                    "type"       => "file",
+                    "metadata"   => null,
+                    "author"     => "user",
+                    "deleted_at" => null,
+                    "created_at" => $file->created_at,
+                    "updated_at" => $file->updated_at->toJson(),
+                    "file_url"   => "http://localhost/file/document.pdf",
+                    "parent"     => [
+                        "id"            => $root->id,
+                        "name"          => "root",
+                        "items"         => 2,
+                        "trashed_items" => 2,
+                        "type"          => "folder",
+                    ],
+                    "shared"     => null,
+                ]
+            ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_recent_files()
+    {
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $root = Folder::factory(Folder::class)
+            ->create([
+                'name'    => 'root',
+                'user_id' => $user->id,
+            ]);
+
+        $file_1 = File::factory(File::class)
+            ->create([
+                'folder_id'  => $root->id,
+                'name'       => 'Document 1',
+                'basename'   => 'document-1.pdf',
+                "mimetype"   => "application/pdf",
+                "author"     => "user",
+                "type"       => "file",
+                'user_id'    => $user->id,
+                'created_at' => now(),
+            ]);
+
+        $this->travel(5)->minutes();
+
+        $file_2 = File::factory(File::class)
+            ->create([
+                'folder_id'  => $root->id,
+                'name'       => 'Document 2',
+                'basename'   => 'document-2.pdf',
+                "mimetype"   => "application/pdf",
+                "author"     => "user",
+                "type"       => "file",
+                'user_id'    => $user->id,
+                'created_at' => now(),
+            ]);
+
+        $this->getJson("/api/browse/latest")
+            ->assertStatus(200)
+            ->assertExactJson([
+                [
+                    "id"         => $file_2->id,
+                    "user_id"    => $user->id,
+                    "folder_id"  => $root->id,
+                    "thumbnail"  => null,
+                    "name"       => "Document 2",
+                    "basename"   => "document-2.pdf",
+                    "mimetype"   => "application/pdf",
+                    "filesize"   => $file_2->filesize,
+                    "type"       => "file",
+                    "metadata"   => null,
+                    "author"     => "user",
+                    "deleted_at" => null,
+                    "created_at" => $file_2->created_at,
+                    "updated_at" => $file_2->updated_at->toJson(),
+                    "file_url"   => "http://localhost/file/document-2.pdf",
+                    "parent"     => [
+                        "id"            => $root->id,
+                        "name"          => "root",
+                        "items"         => 2,
+                        "trashed_items" => 2,
+                        "type"          => "folder",
+                    ],
+                ],
+                [
+                    "id"         => $file_1->id,
+                    "user_id"    => $user->id,
+                    "folder_id"  => $root->id,
+                    "thumbnail"  => null,
+                    "name"       => "Document 1",
+                    "basename"   => "document-1.pdf",
+                    "mimetype"   => "application/pdf",
+                    "filesize"   => $file_1->filesize,
+                    "type"       => "file",
+                    "metadata"   => null,
+                    "author"     => "user",
+                    "deleted_at" => null,
+                    "created_at" => $file_1->created_at,
+                    "updated_at" => $file_1->updated_at->toJson(),
+                    "file_url"   => "http://localhost/file/document-1.pdf",
+                    "parent"     => [
+                        "id"            => $root->id,
+                        "name"          => "root",
+                        "items"         => 2,
+                        "trashed_items" => 2,
+                        "type"          => "folder",
+                    ],
+                ],
+            ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_participant_uploads()
+    {
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $file = File::factory(File::class)
+            ->create([
+                "author"  => "visitor",
+                "type"    => "file",
+                'user_id' => $user->id,
+            ]);
+
+        $this->getJson("/api/browse/participants")
+            ->assertStatus(200)
+            ->assertJsonFragment([
+                'id' => $file->id
+            ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_trash_root()
+    {
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $folder = Folder::factory(Folder::class)
+            ->create([
+                'parent_id'  => null,
+                'name'       => 'root',
+                'user_id'    => $user->id,
+                "author"     => "user",
+                'deleted_at' => now(),
+            ]);
+
+        $file = File::factory(File::class)
+            ->create([
+                'folder_id'  => null,
+                'name'       => 'Document',
+                'basename'   => 'document.pdf',
+                "mimetype"   => "application/pdf",
+                "author"     => "user",
+                "type"       => "file",
+                'user_id'    => $user->id,
+                'deleted_at' => now(),
+            ]);
+
+        File::factory(File::class)
+            ->create([
+                'folder_id'  => $folder->id,
+                'user_id'    => $user->id,
+                'deleted_at' => now(),
+            ]);
+
+        $this->getJson("/api/browse/trash")
+            ->assertStatus(200)
+            ->assertExactJson([
+                [
+                    "id"            => $folder->id,
+                    "user_id"       => $user->id,
+                    "parent_id"     => null,
+                    "name"          => "root",
+                    "color"         => null,
+                    "emoji"         => null,
+                    "author"        => "user",
+                    "deleted_at"    => $folder->deleted_at,
+                    "created_at"    => $folder->created_at,
+                    "updated_at"    => $folder->updated_at->toJson(),
+                    "items"         => 0,
+                    "trashed_items" => 1,
+                    "type"          => "folder",
+                    "parent"        => null,
+                ],
+                [
+                    "id"         => $file->id,
+                    "user_id"    => $user->id,
+                    "folder_id"  => null,
+                    "thumbnail"  => null,
+                    "name"       => "Document",
+                    "basename"   => "document.pdf",
+                    "mimetype"   => "application/pdf",
+                    "filesize"   => $file->filesize,
+                    "type"       => "file",
+                    "metadata"   => null,
+                    "author"     => "user",
+                    "deleted_at" => $file->deleted_at,
+                    "created_at" => $file->created_at,
+                    "updated_at" => $file->updated_at->toJson(),
+                    "file_url"   => "http://localhost/file/document.pdf",
+                    "parent"     => null
+                ],
+            ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_shared_items()
+    {
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $folder = Folder::factory(Folder::class)
+            ->create([
+                'user_id' => $user->id,
+            ]);
+
+        $file = File::factory(File::class)
+            ->create([
+                'user_id' => $user->id,
+            ]);
+
+        collect([$folder, $file])
+            ->each(function ($item) use ($user) {
+                Share::factory(Share::class)
+                    ->create([
+                        "type"    => $item->type === 'folder' ? 'folder' : 'file',
+                        "item_id" => $item->id,
+                        'user_id' => $user->id,
+                    ]);
+            });
+
+        collect([$folder, $file])
+            ->each(function ($item) use ($user) {
+                $this->getJson("/api/browse/share")
+                    ->assertStatus(200)
+                    ->assertJsonFragment([
+                        'id' => $item->id
+                    ]);
+            });
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_searched_file()
+    {
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $file = File::factory(File::class)
+            ->create([
+                'name'    => 'Document',
+                'user_id' => $user->id,
+            ]);
+
+        $this->getJson("/api/browse/search?query=doc")
+            ->assertStatus(200)
+            ->assertJsonFragment([
+                'id' => $file->id
+            ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_searched_folder()
+    {
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $folder = Folder::factory(Folder::class)
+            ->create([
+                'name'    => 'Documents',
+                'user_id' => $user->id,
+            ]);
+
+        $this->getJson("/api/browse/search?query=doc")
+            ->assertStatus(200)
+            ->assertJsonFragment([
+                'id' => $folder->id
+            ]);
+    }
+}
--- a/tests/Domain/Files/ContentAccessTest.php
+++ b/tests/Domain/Files/ContentAccessTest.php
@@ -0,0 +1,263 @@
+<?php
+
+namespace Tests\Feature\FileManager;
+
+use App\Models\File;
+use App\Models\Folder;
+use App\Models\User;
+use App\Models\Zip;
+use App\Services\SetupService;
+use Illuminate\Http\UploadedFile;
+use Illuminate\Support\Str;
+use Laravel\Sanctum\Sanctum;
+use Storage;
+use Tests\TestCase;
+
+class ContentAccessTest extends TestCase
+{
+    public function __construct()
+    {
+        parent::__construct();
+        $this->setup = app()->make(SetupService::class);
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_public_user_avatar()
+    {
+        $this->setup->create_directories();
+
+        $avatar = UploadedFile::fake()
+            ->image('fake-avatar.jpg');
+
+        Storage::putFileAs('avatars', $avatar, 'fake-avatar.jpg');
+
+        $this->get('avatars/fake-avatar.jpg')
+            ->assertStatus(200);
+
+        Storage::assertExists('avatars/fake-avatar.jpg');
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_public_system_image()
+    {
+        $this->setup->create_directories();
+
+        $system = UploadedFile::fake()
+            ->image('fake-logo.jpg');
+
+        Storage::putFileAs('system', $system, 'fake-logo.jpg');
+
+        $this->get('system/fake-logo.jpg')
+            ->assertStatus(200);
+
+        Storage::assertExists('system/fake-logo.jpg');
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_private_user_file()
+    {
+        $this->setup->create_directories();
+
+        $user = User::factory(User::class)
+            ->create();
+
+        $file = UploadedFile::fake()
+            ->create(Str::random() . '-fake-file.pdf', 1200, 'application/pdf');
+
+        Storage::putFileAs("files/$user->id", $file, $file->name);
+
+        File::factory(File::class)
+            ->create([
+                'user_id'  => $user->id,
+                'basename' => $file->name,
+                'name'     => 'fake-file.pdf',
+            ]);
+
+        Sanctum::actingAs($user);
+
+        $this->get("file/$file->name")
+            ->assertOk();
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_private_user_image_thumbnail()
+    {
+        $this->setup->create_directories();
+
+        $user = User::factory(User::class)
+            ->create();
+
+        $thumbnail = UploadedFile::fake()
+            ->image(Str::random() . '-fake-thumbnail.jpg');
+
+        Storage::putFileAs("files/$user->id", $thumbnail, $thumbnail->name);
+
+        File::factory(File::class)
+            ->create([
+                'user_id'   => $user->id,
+                'thumbnail' => $thumbnail->name,
+                'name'      => 'fake-thumbnail.jpg',
+            ]);
+
+        Sanctum::actingAs($user);
+
+        $this->get("thumbnail/$thumbnail->name")
+            ->assertStatus(200);
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_private_user_zip()
+    {
+        $this->setup->create_directories();
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $file = UploadedFile::fake()
+            ->create('archive.zip', 2000, 'application/zip');
+
+        Storage::putFileAs('zip', $file, 'EHWKcuvKzA4Gv29v-archive.zip');
+
+        $zip = Zip::factory(Zip::class)->create([
+            'basename' => 'EHWKcuvKzA4Gv29v-archive.zip',
+            'user_id'  => $user->id,
+        ]);
+
+        $this->get("zip/$zip->id")
+            ->assertOk();
+    }
+
+    /**
+     * @test
+     */
+    public function logged_user_try_to_get_another_private_user_image_thumbnail()
+    {
+        $this->setup->create_directories();
+
+        $users = User::factory(User::class)
+            ->count(2)
+            ->create();
+
+        $thumbnail = UploadedFile::fake()
+            ->image(Str::random() . '-fake-thumbnail.jpg');
+
+        Storage::putFileAs("files/{$users[0]->id}", $thumbnail, $thumbnail->name);
+
+        File::factory(File::class)
+            ->create([
+                'user_id'   => $users[0]->id,
+                'thumbnail' => $thumbnail->name,
+                'name'      => 'fake-thumbnail.jpg',
+            ]);
+
+        Sanctum::actingAs($users[1]);
+
+        $this->get("thumbnail/$thumbnail->name")
+            ->assertNotFound();
+    }
+
+    /**
+     * @test
+     */
+    public function logged_user_try_to_get_another_private_user_file()
+    {
+        $this->setup->create_directories();
+
+        $users = User::factory(User::class)
+            ->count(2)
+            ->create();
+
+        $file = UploadedFile::fake()
+            ->create(Str::random() . '-fake-file.pdf', 1200, 'application/pdf');
+
+        Storage::putFileAs("files/{$users[0]->id}", $file, $file->name);
+
+        File::factory(File::class)
+            ->create([
+                'user_id'  => $users[0]->id,
+                'basename' => $file->name,
+                'name'     => 'fake-file.pdf',
+            ]);
+
+        Sanctum::actingAs($users[1]);
+
+        $this->get("file/$file->name")
+            ->assertStatus(404);
+    }
+
+    /**
+     * @test
+     */
+    public function logged_user_try_to_get_another_private_user_zip()
+    {
+        $this->setup->create_directories();
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $file = UploadedFile::fake()
+            ->create('archive.zip', 2000, 'application/zip');
+
+        Storage::putFileAs('zip', $file, 'EHWKcuvKzA4Gv29v-archive.zip');
+
+        $zip = Zip::factory(Zip::class)->create([
+            'basename' => 'EHWKcuvKzA4Gv29v-archive.zip',
+        ]);
+
+        $this->get("zip/$zip->id")
+            ->assertNotFound();
+    }
+
+    /**
+     * @test
+     */
+    public function guest_try_to_get_private_user_file()
+    {
+        $this->get("file/fake-file.pdf")
+            ->assertRedirect();
+    }
+
+    /**
+     * @test
+     */
+    public function guest_try_to_get_private_user_zip()
+    {
+        $this->get("zip/EHWKcuvKzA4Gv29v-archive.zip")
+            ->assertRedirect();
+    }
+
+    /**
+     * @test
+     */
+    public function guest_try_to_get_private_user_image_thumbnail()
+    {
+        $this->get("thumbnail/fake-thumbnail.jpg")
+            ->assertRedirect();
+    }
+
+    /**
+     * @test
+     */
+    public function guest_try_to_get_private_user_folder()
+    {
+        $folder = Folder::factory(Folder::class)
+            ->create();
+
+        $this->getJson("/api/browse/folders/$folder->id")
+            ->assertUnauthorized();
+    }
+}
--- a/tests/Domain/Files/FileTest.php
+++ b/tests/Domain/Files/FileTest.php
@@ -0,0 +1,339 @@
+<?php
+
+namespace Tests\Feature\FileManager;
+
+use App\Models\File;
+use App\Models\Folder;
+use App\Models\Setting;
+use App\Models\User;
+use App\Models\Zip;
+use App\Services\SetupService;
+use Illuminate\Http\UploadedFile;
+use Laravel\Sanctum\Sanctum;
+use Storage;
+use Tests\TestCase;
+
+class FileTest extends TestCase
+{
+    public function __construct()
+    {
+        parent::__construct();
+        $this->setup = app()->make(SetupService::class);
+    }
+
+    /**
+     * @test
+     */
+    public function it_test_file_factory()
+    {
+        $file = File::factory(File::class)
+            ->create();
+
+        $this->assertDatabaseHas('files', [
+            'id' => $file->id
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_upload_image_file_and_create_thumbnail()
+    {
+        $this->setup->create_directories();
+
+        $file = UploadedFile::fake()
+            ->image('fake-image.jpg');
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $this->postJson('/api/upload', [
+            'filename'  => $file->name,
+            'file'      => $file,
+            'folder_id' => null,
+            'is_last'   => true,
+        ])->assertStatus(201);
+
+        $disk = Storage::disk('local');
+
+        $disk->assertMissing(
+            "chunks/fake-image.jpg"
+        );
+
+        $disk->assertExists(
+            "files/$user->id/fake-image.jpg"
+        );
+
+        $disk->assertExists(
+            "files/$user->id/thumbnail-fake-image.jpg"
+        );
+
+        $this->assertDatabaseHas('traffic', [
+            'user_id' => $user->id,
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_upload_new_file()
+    {
+        $this->setup->create_directories();
+
+        $file = UploadedFile::fake()
+            ->create('fake-file.pdf', 1200, 'application/pdf');
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $this->postJson('/api/upload', [
+            'filename'  => $file->name,
+            'file'      => $file,
+            'folder_id' => null,
+            'is_last'   => true,
+        ])->assertStatus(201);
+
+        $disk = Storage::disk('local');
+
+        $disk->assertMissing(
+            "chunks/fake-file.pdf"
+        );
+
+        $disk->assertExists(
+            "files/$user->id/fake-file.pdf"
+        );
+
+        $this->assertDatabaseHas('traffic', [
+            'user_id' => $user->id,
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_upload_blacklisted_mimetype_file()
+    {
+        $this->setup->create_directories();
+
+        Setting::create([
+            'name'  => 'mimetypes_blacklist',
+            'value' => 'pdf',
+        ]);
+
+        $file = UploadedFile::fake()
+            ->create('fake-file.pdf', 1200, 'application/pdf');
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $this->postJson('/api/upload', [
+            'file'      => $file,
+            'folder_id' => null,
+            'is_last'   => true,
+        ])->assertStatus(422);
+
+        Storage::disk('local')
+            ->assertMissing("files/$user->id/fake-file.pdf");
+    }
+
+    /**
+     * @test
+     */
+    public function it_rename_file()
+    {
+        $file = File::factory(File::class)
+            ->create();
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $this->patchJson("/api/rename/{$file->id}", [
+            'name' => 'Renamed Item',
+            'type' => 'file',
+        ])
+            ->assertStatus(200)
+            ->assertJsonFragment([
+                'name' => 'Renamed Item',
+            ]);
+
+        $this->assertDatabaseHas('files', [
+            'name' => 'Renamed Item'
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_move_file_to_another_folder()
+    {
+        $folder = Folder::factory(Folder::class)
+            ->create();
+
+        $file = File::factory(File::class)
+            ->create();
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $this->postJson("/api/move", [
+            'to_id' => $folder->id,
+            'items' => [
+                [
+                    'type' => 'file',
+                    'id'   => $file->id,
+                ]
+            ],
+        ])->assertStatus(204);
+
+        $this->assertDatabaseHas('files', [
+            'id'        => $file->id,
+            'folder_id' => $folder->id,
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_delete_multiple_files_softly()
+    {
+        $user = User::factory(User::class)
+            ->create();
+
+        $files = File::factory(File::class)
+            ->count(2)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $this->postJson("/api/remove", [
+            'items' => [
+                [
+                    'id'           => $files[0]->id,
+                    'type'         => 'file',
+                    'force_delete' => false,
+                ],
+                [
+                    'id'           => $files[1]->id,
+                    'type'         => 'file',
+                    'force_delete' => false,
+                ],
+            ],
+        ])->assertStatus(204);
+
+        $files
+            ->each(function ($file) {
+                $this->assertSoftDeleted('files', [
+                    'id' => $file->id,
+                ]);
+            });
+    }
+
+    /**
+     * @test
+     */
+    public function it_delete_multiple_files_hardly()
+    {
+        $this->setup->create_directories();
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        collect([0, 1])
+            ->each(function ($index) {
+
+                $file = UploadedFile::fake()
+                    ->create("fake-file-$index.pdf", 1200, 'application/pdf');
+
+                $this->postJson('/api/upload', [
+                    'filename'  => $file->name,
+                    'file'      => $file,
+                    'folder_id' => null,
+                    'is_last'   => true,
+                ])->assertStatus(201);
+            });
+
+        $file_ids = File::all()->pluck('id');
+
+        $this->postJson("/api/remove", [
+            'items' => [
+                [
+                    'id'           => $file_ids->first(),
+                    'type'         => 'file',
+                    'force_delete' => true,
+                ],
+                [
+                    'id'           => $file_ids->last(),
+                    'type'         => 'file',
+                    'force_delete' => true,
+                ],
+            ],
+        ])->assertStatus(204);
+
+        $file_ids
+            ->each(function ($id, $index) use ($user) {
+
+                $this->assertDatabaseMissing('files', [
+                    'id' => $id,
+                ]);
+
+                Storage::disk('local')
+                    ->assertMissing(
+                        "files/$user->id/fake-file-$index.pdf"
+                    );
+            });
+    }
+
+    /**
+     * @test
+     */
+    public function it_zip_multiple_files_and_download_it()
+    {
+        $this->setup->create_directories();
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        collect([0, 1])
+            ->each(function ($index) {
+
+                $file = UploadedFile::fake()
+                    ->create("fake-file-$index.pdf", 1200, 'application/pdf');
+
+                $this->postJson('/api/upload', [
+                    'filename'  => $file->name,
+                    'file'      => $file,
+                    'folder_id' => null,
+                    'is_last'   => true,
+                ])->assertStatus(201);
+            });
+
+        $file_ids = File::all()->pluck('id');
+
+        $this->postJson("/api/zip/files", [
+            'items' => $file_ids,
+        ])->assertStatus(201);
+
+        $this->assertDatabaseHas('zips', [
+            'user_id' => $user->id
+        ]);
+
+        Storage::disk('local')
+            ->assertExists(
+                'zip/' . Zip::first()->basename
+            );
+    }
+}
--- a/tests/Domain/Folders/FolderTest.php
+++ b/tests/Domain/Folders/FolderTest.php
@@ -0,0 +1,499 @@
+<?php
+
+namespace Tests\Feature\FileManager;
+
+use App\Models\File;
+use App\Models\Folder;
+use App\Models\User;
+use App\Models\Zip;
+use App\Services\SetupService;
+use Illuminate\Http\UploadedFile;
+use Laravel\Sanctum\Sanctum;
+use Storage;
+use Tests\TestCase;
+
+// TODO: pridat foldre do api skupiny
+
+class FolderTest extends TestCase
+{
+    public function __construct()
+    {
+        parent::__construct();
+        $this->setup = app()->make(SetupService::class);
+    }
+
+    /**
+     * @test
+     */
+    public function it_test_folder_factory()
+    {
+        $folder = Folder::factory(Folder::class)
+            ->create();
+
+        $this->assertDatabaseHas('folders', [
+            'id' => $folder->id
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_create_new_folder()
+    {
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $this->postJson('/api/create-folder', [
+            'name'      => 'New Folder',
+            'parent_id' => null,
+        ])
+            ->assertStatus(201)
+            ->assertJsonFragment([
+                'name' => 'New Folder',
+            ]);
+
+        $this->assertDatabaseHas('folders', [
+            'name' => 'New Folder'
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_rename_folder()
+    {
+        $folder = Folder::factory(Folder::class)
+            ->create();
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $this->patchJson("/api/rename/{$folder->id}", [
+            'name' => 'Renamed Folder',
+            'type' => 'folder',
+        ])
+            ->assertStatus(200)
+            ->assertJsonFragment([
+                'name' => 'Renamed Folder',
+            ]);
+
+        $this->assertDatabaseHas('folders', [
+            'name' => 'Renamed Folder'
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_set_folder_emoji()
+    {
+        $folder = Folder::factory(Folder::class)
+            ->create();
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $emoji_fragment = [
+            'category' => 'Smileys & Emotion (face-smiling)',
+            'char'     => '😁',
+            'name'     => 'beaming face with smiling eyes',
+        ];
+
+        $this->patchJson("/api/rename/{$folder->id}", [
+            'name'  => 'Renamed Folder',
+            'type'  => 'folder',
+            'emoji' => $emoji_fragment
+        ])
+            ->assertStatus(200)
+            ->assertJsonFragment([
+                'name'  => 'Renamed Folder',
+                'emoji' => $emoji_fragment
+            ]);
+
+        $this->assertDatabaseHas('folders', [
+            'color' => null,
+            'emoji' => json_encode($emoji_fragment)
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_set_folder_color()
+    {
+        $folder = Folder::factory(Folder::class)
+            ->create();
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $this->patchJson("/api/rename/{$folder->id}", [
+            'name'  => 'Folder Name',
+            'type'  => 'folder',
+            'color' => '#AD6FFE'
+        ])
+            ->assertStatus(200)
+            ->assertJsonFragment([
+                'name'  => 'Folder Name',
+                'emoji' => null,
+                'color' => '#AD6FFE',
+            ]);
+
+        $this->assertDatabaseHas('folders', [
+            'color' => '#AD6FFE',
+            'emoji' => null,
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_add_folder_to_favourites()
+    {
+        $folder = Folder::factory(Folder::class)
+            ->create();
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $this->postJson("/api/folders/favourites", [
+            'folders' => [
+                $folder->id
+            ],
+        ])->assertStatus(204);
+
+        $this->assertDatabaseHas('favourite_folder', [
+            'user_id'   => $user->id,
+            'folder_id' => $folder->id,
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_remove_folder_from_favourites()
+    {
+        $folder = Folder::factory(Folder::class)
+            ->create();
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $user
+            ->favouriteFolders()
+            ->attach($folder->id);
+
+        $this->deleteJson("/api/folders/favourites/$folder->id")
+            ->assertStatus(204);
+
+        $this->assertDatabaseMissing('favourite_folder', [
+            'user_id'   => $user->id,
+            'folder_id' => $folder->id,
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_move_folder_to_another_folder()
+    {
+        $root = Folder::factory(Folder::class)
+            ->create();
+
+        $children = Folder::factory(Folder::class)
+            ->create();
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $this->postJson("/api/move", [
+            'to_id' => $root->id,
+            'items' => [
+                [
+                    'type' => 'folder',
+                    'id'   => $children->id,
+                ]
+            ],
+        ])->assertStatus(204);
+
+        $this->assertEquals(
+            $root->id, Folder::find($children->id)->parent_id
+        );
+    }
+
+    /**
+     * @test
+     */
+    public function it_delete_multiple_folder_softly()
+    {
+        $user = User::factory(User::class)
+            ->create();
+
+        $folder_1 = Folder::factory(Folder::class)
+            ->create();
+
+        $folder_2 = Folder::factory(Folder::class)
+            ->create();
+
+        $user->favouriteFolders()->attach($folder_1->id);
+        $user->favouriteFolders()->attach($folder_2->id);
+
+        Sanctum::actingAs($user);
+
+        $this->postJson("/api/remove", [
+            'items' => [
+                [
+                    'id'           => $folder_1->id,
+                    'type'         => 'folder',
+                    'force_delete' => false,
+                ],
+                [
+                    'id'           => $folder_2->id,
+                    'type'         => 'folder',
+                    'force_delete' => false,
+                ],
+            ],
+        ])->assertStatus(204);
+
+        collect([$folder_1, $folder_2])
+            ->each(function ($folder) {
+
+                $this->assertSoftDeleted('folders', [
+                    'id' => $folder->id,
+                ]);
+
+                $this->assertDatabaseMissing('favourite_folder', [
+                    'folder_id' => $folder->id,
+                ]);
+            });
+    }
+
+    /**
+     * @test
+     */
+    public function it_delete_multiple_folder_hardly()
+    {
+        $user = User::factory(User::class)
+            ->create();
+
+        $folder_1 = Folder::factory(Folder::class)
+            ->create();
+
+        $folder_2 = Folder::factory(Folder::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $this->postJson("/api/remove", [
+            'items' => [
+                [
+                    'id'           => $folder_1->id,
+                    'type'         => 'folder',
+                    'force_delete' => true,
+                ],
+                [
+                    'id'           => $folder_2->id,
+                    'type'         => 'folder',
+                    'force_delete' => true,
+                ],
+            ],
+        ])->assertStatus(204);
+
+        $this->assertDatabaseMissing('folders', [
+            'id' => $folder_1->id,
+        ]);
+
+        $this->assertDatabaseMissing('folders', [
+            'id' => $folder_2->id,
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_delete_folder_with_their_content_within_softly()
+    {
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $folder_root = Folder::factory(Folder::class)
+            ->create([
+                'user_id' => $user->id
+            ]);
+
+        $folder_children = Folder::factory(Folder::class)
+            ->create([
+                'user_id'   => $user->id,
+                'parent_id' => $folder_root->id,
+            ]);
+
+        $file_1 = File::factory(File::class)
+            ->create([
+                'folder_id' => $folder_root->id,
+                'user_id'   => $user->id,
+            ]);
+
+        $file_2 = File::factory(File::class)
+            ->create([
+                'folder_id' => $folder_children->id,
+                'user_id'   => $user->id,
+            ]);
+
+        $this->postJson("/api/remove", [
+            'items' => [
+                [
+                    'id'           => $folder_root->id,
+                    'type'         => 'folder',
+                    'force_delete' => false,
+                ],
+            ],
+        ])->assertStatus(204);
+
+        collect([$file_1, $file_2])
+            ->each(function ($file) {
+                $this->assertSoftDeleted('files', [
+                    'id' => $file->id,
+                ]);
+            });
+
+        collect([$folder_root, $folder_children])
+            ->each(function ($file) {
+                $this->assertSoftDeleted('folders', [
+                    'id' => $file->id,
+                ]);
+            });
+    }
+
+    /**
+     * @test
+     */
+    public function it_delete_folder_with_their_content_within_hardly()
+    {
+        $this->setup->create_directories();
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $folder_root = Folder::factory(Folder::class)
+            ->create([
+                'user_id' => $user->id
+            ]);
+
+        $folder_children = Folder::factory(Folder::class)
+            ->create([
+                'user_id'   => $user->id,
+                'parent_id' => $folder_root->id,
+            ]);
+
+        collect([$folder_root, $folder_children])
+            ->each(function ($folder, $index) {
+
+                $file = UploadedFile::fake()
+                    ->create("fake-file-$index.pdf", 1200, 'application/pdf');
+
+                $this->postJson('/api/upload', [
+                    'filename'  => $file->name,
+                    'file'      => $file,
+                    'folder_id' => $folder->id,
+                    'is_last'   => true,
+                ])->assertStatus(201);
+            });
+
+        $uploaded_files = File::all();
+
+        collect([0, 1])
+            ->each(function ($index) use ($folder_root) {
+                $this->postJson("/api/remove", [
+                    'items' => [
+                        [
+                            'id'           => $folder_root->id,
+                            'type'         => 'folder',
+                            'force_delete' => $index,
+                        ],
+                    ],
+                ])->assertStatus(204);
+            });
+
+        $uploaded_files
+            ->each(function ($file, $index) use ($user) {
+
+                $this->assertDatabaseMissing('files', [
+                    'id' => $file->id,
+                ]);
+
+                Storage::disk('local')
+                    ->assertMissing(
+                        "files/$user->id/fake-file-$index.pdf"
+                    );
+            });
+
+        collect([$folder_root, $folder_children])
+            ->each(function ($id) {
+                $this->assertDatabaseMissing('folders', [
+                    'id' => $id,
+                ]);
+            });
+    }
+
+    /**
+     * @test
+     */
+    public function it_zip_folder_with_content_within_and_download()
+    {
+        $this->setup->create_directories();
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $folder = Folder::factory(Folder::class)
+            ->create([
+                'user_id' => $user->id
+            ]);
+
+        collect([0, 1])
+            ->each(function ($index) use ($folder) {
+
+                $file = UploadedFile::fake()
+                    ->create("fake-file-$index.pdf", 1200, 'application/pdf');
+
+                $this->postJson('/api/upload', [
+                    'filename'  => $file->name,
+                    'file'      => $file,
+                    'folder_id' => $folder->id,
+                    'is_last'   => true,
+                ])->assertStatus(201);
+            });
+
+        $this->getJson("/api/zip/folder/$folder->id")
+            ->assertStatus(201);
+
+        $this->assertDatabaseHas('zips', [
+            'user_id' => $user->id
+        ]);
+
+        Storage::disk('local')
+            ->assertExists(
+                'zip/' . Zip::first()->basename
+            );
+    }
+}
--- a/tests/Domain/Homepage/HomepageTest.php
+++ b/tests/Domain/Homepage/HomepageTest.php
@@ -0,0 +1,218 @@
+<?php
+
+namespace Tests\Feature\App;
+
+use App\Http\Mail\SendContactMessage;
+use App\Models\File;
+use App\Models\Folder;
+use App\Models\Setting;
+use App\Models\Share;
+use App\Models\User;
+use App\Services\SetupService;
+use Mail;
+use ScssPhp\ScssPhp\Compiler;
+use Tests\TestCase;
+
+class HomepageTest extends TestCase
+{
+    public function __construct()
+    {
+        parent::__construct();
+        $this->setup = app()->make(SetupService::class);
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_index_page()
+    {
+        $this->setup->seed_default_pages();
+
+        $this->setup->seed_default_settings('Extended');
+
+        Setting::create([
+            'name'  => 'setup_wizard_success',
+            'value' => 'setup-done',
+        ]);
+
+        Setting::create([
+            'name'  => 'license',
+            'value' => 'Extended',
+        ]);
+
+        $this->get('/')
+            ->assertStatus(200)
+            ->assertSee('setup-done')
+            ->assertSee('VueFileManager');
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_index_page_without_setup()
+    {
+        $this->get('/')
+            ->assertStatus(200)
+            ->assertSee('setup-disclaimer')
+            ->assertSee('VueFileManager');
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_og_page_for_folder()
+    {
+        $user = User::factory(User::class)
+            ->create();
+
+        $folder = Folder::factory(Folder::class)
+            ->create([
+                'user_id' => $user->id,
+                'name'    => 'Folder Title',
+            ]);
+
+        $share = Share::factory(Share::class)
+            ->create([
+                'item_id'      => $folder->id,
+                'user_id'      => $user->id,
+                'type'         => 'folder',
+                'is_protected' => false,
+            ]);
+
+        $this
+            ->get("/api/og-site/$share->token")
+            ->assertStatus(200)
+            ->assertSee('Folder Title');
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_og_page_for_image()
+    {
+        $user = User::factory(User::class)
+            ->create();
+
+        $file = File::factory(File::class)
+            ->create([
+                'user_id'   => $user->id,
+                'name'      => 'Fake Image',
+                'thumbnail' => 'fake-image-thumbnail.jpg',
+            ]);
+
+        $share = Share::factory(Share::class)
+            ->create([
+                'item_id'      => $file->id,
+                'user_id'      => $user->id,
+                'type'         => 'file',
+                'is_protected' => false,
+            ]);
+
+        $this
+            ->get("/api/og-site/$share->token")
+            ->assertStatus(200)
+            ->assertSee('Fake Image')
+            ->assertSee('fake-image-thumbnail.jpg');
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_og_page_for_protected_file()
+    {
+        $user = User::factory(User::class)
+            ->create();
+
+        $file = File::factory(File::class)
+            ->create([
+                'user_id'   => $user->id,
+                'name'      => 'Fake Image',
+                'thumbnail' => 'fake-image-thumbnail.jpg',
+            ]);
+
+        $share = Share::factory(Share::class)
+            ->create([
+                'item_id'      => $file->id,
+                'user_id'      => $user->id,
+                'type'         => 'file',
+                'is_protected' => true,
+            ]);
+
+        $this
+            ->get("/api/og-site/$share->token")
+            ->assertStatus(200)
+            ->assertSee('This link is protected by password');
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_legal_page()
+    {
+        $this->setup->seed_default_pages();
+
+        $this->getJson('/api/page/terms-of-service')
+            ->assertStatus(200)
+            ->assertJsonFragment([
+                'title' => 'Terms of Service',
+            ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_send_contact_form()
+    {
+        Mail::fake();
+
+        Setting::create([
+            'name'  => 'contact_email',
+            'value' => 'jane@doe.com',
+        ]);
+
+        $this->postJson('/api/contact', [
+            'email'   => 'john@doe.com',
+            'message' => 'Whaats is up!',
+        ])
+            ->assertStatus(201);
+
+        Mail::assertSent(SendContactMessage::class);
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_settings()
+    {
+        Setting::create([
+            'name'  => 'get_started_title',
+            'value' => 'Hello World!',
+        ]);
+
+        Setting::create([
+            'name'  => 'pricing_description',
+            'value' => 'Give me a money!',
+        ]);
+
+        $this->getJson('/api/content?column=get_started_title|pricing_description')
+            ->assertStatus(200)
+            ->assertExactJson([
+                "get_started_title"   => "Hello World!",
+                "pricing_description" => "Give me a money!",
+            ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_try_get_secured_settings_via_public_api()
+    {
+        Setting::create([
+            'name'  => 'purchase_code',
+            'value' => '15a53561-d387-4e0a-8de1-5d1bff34c1ed',
+        ]);
+
+        $this->getJson('/api/content?column=purchase_code')
+            ->assertStatus(401);
+    }
+}
--- a/tests/Domain/Languages/LanguagesTest.php
+++ b/tests/Domain/Languages/LanguagesTest.php
@@ -0,0 +1,274 @@
+<?php
+
+namespace Tests\Feature\Admin;
+
+use App\Models\Language;
+use App\Models\Setting;
+use App\Models\User;
+use App\Services\SetupService;
+use Laravel\Sanctum\Sanctum;
+use Tests\TestCase;
+
+class LanguagesTest extends TestCase
+{
+    protected $setup;
+
+    public function __construct()
+    {
+        parent::__construct();
+        $this->setup = app()->make(SetupService::class);
+    }
+
+    /**
+     * @test
+     */
+    public function it_create_language()
+    {
+        Setting::create([
+            'name'  => 'license',
+            'value' => 'Extended',
+        ]);
+
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $this->postJson('/api/admin/languages', [
+            'name'   => 'Slovenčina',
+            'locale' => 'sk',
+        ])
+            ->assertStatus(201)
+            ->assertJsonFragment([
+                'name'   => 'Slovenčina',
+                'locale' => 'sk',
+            ]);
+
+        $this->assertDatabaseHas('languages', [
+            'name'   => 'Slovenčina',
+            'locale' => 'sk',
+        ]);
+
+        $this->assertDatabaseHas('language_translations', [
+            'key'   => 'actions.close',
+            'value' => 'Close',
+            'lang'  => 'sk',
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_update_language()
+    {
+        $this->setup->seed_default_language();
+
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $language = Language::first();
+
+        $this->patchJson("/api/admin/languages/$language->id", [
+            'name'  => 'name',
+            'value' => 'Slovenčina',
+        ])
+            ->assertStatus(201)
+            ->assertJsonFragment([
+                'name' => 'Slovenčina',
+            ]);
+
+        $this->assertDatabaseHas('languages', [
+            'name'   => 'Slovenčina',
+            'locale' => 'en',
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_delete_language()
+    {
+        $language = Language::create([
+            'name'   => 'Slovenčina',
+            'locale' => 'sk'
+        ]);
+
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $this->deleteJson("/api/admin/languages/$language->id")
+            ->assertStatus(204);
+
+        $this->assertDatabaseMissing('languages', [
+            'name'   => 'Slovenčina',
+            'locale' => 'sk',
+        ]);
+
+        $this->assertDatabaseMissing('language_translations', [
+            'key'   => 'actions.close',
+            'value' => 'Close',
+            'lang'  => 'sk',
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_try_to_delete_default_language()
+    {
+        $this->setup->seed_default_language();
+
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $language = Language::first();
+
+        $this->deleteJson("/api/admin/languages/$language->id")
+            ->assertStatus(401);
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_all_languages()
+    {
+        $this->setup->seed_default_language();
+
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $this->getJson('/api/admin/languages')
+            ->assertStatus(200)
+            ->assertJsonFragment([
+                "locale"        => "en",
+                "actions.close" => "Close",
+            ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_update_language_string()
+    {
+        $this->setup->seed_default_language();
+
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $language = Language::first();
+
+        $this->patchJson("/api/admin/languages/$language->id/strings", [
+            'name'  => 'actions.close',
+            'value' => 'Close It, now!',
+        ]);
+
+        $this->assertDatabaseHas('language_translations', [
+            'key'   => 'actions.close',
+            'value' => 'Close It, now!',
+            'lang'  => 'en',
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_language_with_strings_by_selected_language_id()
+    {
+        $this->setup->seed_default_language();
+
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $language = Language::first();
+
+        $this->getJson("/api/admin/languages/$language->id")
+            ->assertStatus(200)
+            ->assertJsonFragment([
+                "actions.close" => "Close",
+                "locale"        => "en",
+            ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_language_translations_for_frontend()
+    {
+        $this->setup->seed_default_language();
+
+        $this->getJson("/translations/en")
+            ->assertStatus(200)
+            ->assertJsonFragment([
+                "actions.close" => "Close",
+            ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_custom_translations_from_file_config()
+    {
+        $this->setup->seed_default_language();
+
+        $this->assertDatabaseHas('language_translations', [
+            'key'   => 'custom',
+            'value' => 'translation',
+            'lang'  => 'en',
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_translated_string_from_t_helper_function()
+    {
+        $this->setup->seed_default_language();
+
+        Language::first()
+            ->languageTranslations()
+            ->forceCreate([
+                "key"   => "test",
+                "value" => "Hi, my name is :name :surname",
+                "lang"  => "en",
+            ]);
+
+        $this->assertEquals(
+            'Close',
+            __t('actions.close')
+        );
+
+        $this->assertEquals(
+            '🙋 John share some files with you. Look at it!',
+            __t('shared_link_email_subject', ['user' => 'John'])
+        );
+
+        $this->assertEquals(
+            'Hi, my name is John Doe',
+            __t('test', ['name' => 'John', 'surname' => 'Doe'])
+        );
+    }
+
+
+    /**
+     * @test
+     */
+    public function it_get_translated_string_from_t_helper_without_database_connection()
+    {
+        $this->assertEquals(
+            __t('actions.close'),
+            'Close'
+        );
+    }
+}
--- a/tests/Domain/Maintenance/AppUpgradeTest.php
+++ b/tests/Domain/Maintenance/AppUpgradeTest.php
@@ -0,0 +1,89 @@
+<?php
+
+namespace Tests\Feature\App;
+
+use App\Models\User;
+use DB;
+use Illuminate\Support\Str;
+use Laravel\Sanctum\Sanctum;
+use Tests\TestCase;
+
+class AppUpgradeTest extends TestCase
+{
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * @test
+     */
+    public function it_upgrade_default_language_translations()
+    {
+        $user = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($user);
+
+        DB::table('settings')
+            ->insert([
+                [
+                    'name'  => 'language',
+                    'value' => 'en',
+                ],
+                [
+                    'name'  => 'license',
+                    'value' => 'Extended',
+                ]
+            ]);
+
+        collect(['en', 'sk'])
+            ->map(function ($locale) {
+
+                DB::table('languages')
+                    ->insert([
+                        'id'     => Str::uuid(),
+                        'name'   => 'English',
+                        'locale' => $locale
+                    ]);
+
+                DB::table('language_translations')
+                    ->insert([
+                        [
+                            'key'   => 'activation.stripe.button',
+                            'value' => 'Set up your Stripe account',
+                            'lang'  => $locale
+                        ], [
+                            'key'   => 'activation.stripe.description',
+                            'value' => 'This is original test description',
+                            'lang'  => $locale
+                        ]
+                    ]);
+            });
+
+        $this->get('/upgrade/translations')
+            ->assertStatus(201);
+
+        collect(['en', 'sk'])
+            ->map(function ($locale) {
+
+                $this->assertDatabaseHas('language_translations', [
+                    'key'   => 'activation.stripe.title',
+                    'value' => 'Your Stripe account is not set',
+                    'lang'  => $locale,
+                ]);
+
+                $this->assertDatabaseHas('language_translations', [
+                    'key'   => 'activation.stripe.description',
+                    'value' => 'This is original test description',
+                    'lang'  => $locale,
+                ]);
+
+                $this->assertDatabaseMissing('language_translations', [
+                    'key'   => 'activation.stripe.description',
+                    'value' => 'To charge your users, please set up your Stripe account credentials.',
+                    'lang'  => $locale,
+                ]);
+            });
+    }
+}
--- a/tests/Domain/SetupWizard/SetupServiceTest.php
+++ b/tests/Domain/SetupWizard/SetupServiceTest.php
@@ -0,0 +1,58 @@
+<?php
+
+namespace Tests\Feature\Setup;
+
+use App\Models\Language;
+use App\Models\Setting;
+use App\Services\SetupService;
+use Storage;
+use Tests\TestCase;
+
+class SetupServiceTest extends TestCase
+{
+    public function __construct()
+    {
+        parent::__construct();
+        $this->setup = app()->make(SetupService::class);
+    }
+
+    /**
+     * @test
+     */
+    public function it_create_system_folders()
+    {
+        $this->setup->create_directories();
+
+        collect(['avatars', 'chunks', 'system', 'files', 'temp', 'zip'])
+            ->each(function ($directory) {
+                Storage::disk('local')->assertExists($directory);
+            });
+    }
+
+    /**
+     * @test
+     */
+    public function it_seed_default_language()
+    {
+        Setting::create([
+            'name'  => 'license',
+            'value' => 'Extended',
+        ]);
+
+        Language::create([
+            'name'   => 'English',
+            'locale' => 'en'
+        ]);
+
+        $this->assertDatabaseHas('languages', [
+            'name'   => 'English',
+            'locale' => 'en',
+        ]);
+
+        $this->assertDatabaseHas('language_translations', [
+            'key'   => 'actions.close',
+            'value' => 'Close',
+            'lang'  => 'en',
+        ]);
+    }
+}
--- a/tests/Domain/SetupWizard/SetupWizardTest.php
+++ b/tests/Domain/SetupWizard/SetupWizardTest.php
@@ -0,0 +1,305 @@
+<?php
+
+namespace Tests\Feature\Setup;
+
+use App\Models\Setting;
+use App\Models\User;
+use Illuminate\Http\UploadedFile;
+use Illuminate\Support\Facades\Http;
+use Illuminate\Support\Facades\Storage;
+use Tests\TestCase;
+
+class SetupWizardTest extends TestCase
+{
+    /**
+     * CAVEAT:
+     *
+     * The route '/api/setup/stripe-plans' which is part of setup wizard is moved to
+     * SubscriptionTest.php to group all live API test. For more info how to test
+     * subscription integration in VueFileManager platform visit https://laravel.com/docs/8.x/billing#testing
+     */
+
+    /**
+     * @test
+     */
+    public function it_verify_purchase_code_successfully()
+    {
+        Http::fake([
+            'https://verify.vuefilemanager.com/api/verify-code/*' => Http::response([], 204),
+        ]);
+
+        $this->postJson('/api/setup/purchase-code', [
+            'purchaseCode' => '8624194e-3156-4cd0-944e-3440fcecdacb'
+        ])->assertStatus(204);
+    }
+
+    /**
+     * @test
+     */
+    public function it_verify_purchase_code_unsuccessfully()
+    {
+        Http::fake([
+            'https://verify.vuefilemanager.com/api/verify-code/*' => Http::response([], 400),
+        ]);
+
+        $this->postJson('/api/setup/purchase-code', [
+            'purchaseCode' => '8624194e-3156-4cd0-944e-3440fcecdacb'
+        ])->assertStatus(400);
+    }
+
+    /**
+     * @test
+     */
+    public function it_setup_database()
+    {
+        $this->postJson('/api/setup/database', [
+            'connection' => 'sqlite',
+            'host'       => 'null',
+            'port'       => 'null',
+            'name'       => 'database/test.sqlite',
+            'username'   => 'null',
+            'password'   => 'null',
+        ])->assertStatus(204);
+
+        $this->assertDatabaseHas('settings', [
+            'name'  => 'setup_wizard_database',
+            'value' => 1,
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_store_stripe_credentials()
+    {
+        $this->postJson('/api/setup/stripe-credentials', [
+            'currency'      => 'EUR',
+            'key'           => '123456789',
+            'secret'        => '123456789',
+            'webhookSecret' => '123456789',
+        ])->assertStatus(204);
+
+        $this->assertDatabaseHas('settings', [
+            'name'  => 'stripe_currency',
+            'value' => 'EUR',
+        ]);
+
+        $this->assertDatabaseHas('settings', [
+            'name'  => 'payments_configured',
+            'value' => 1,
+        ]);
+
+        $this->assertDatabaseHas('settings', [
+            'name'  => 'payments_active',
+            'value' => 1,
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_store_stripe_billings()
+    {
+        $payload = collect([
+            'billing_phone_number' => '+421123456789',
+            'billing_postal_code'  => '04001',
+            'billing_vat_number'   => 'SK20042134234',
+            'billing_address'      => 'Does 20',
+            'billing_country'      => 'Doeland',
+            'billing_state'        => 'Doeslandia',
+            'billing_city'         => 'Does',
+            'billing_name'         => 'John Doe Ltd.',
+        ]);
+
+        $this->postJson('/api/setup/stripe-billings', $payload->toArray())
+            ->assertStatus(204);
+
+        $payload
+            ->each(function ($value, $key) {
+                $this->assertDatabaseHas('settings', [
+                    'name'  => $key,
+                    'value' => $value,
+                ]);
+            });
+    }
+
+    /**
+     *
+     */
+    public function it_store_stripe_plans()
+    {
+
+    }
+
+    /**
+     * @test
+     */
+    public function it_store_environment()
+    {
+        $this->postJson('/api/setup/environment-setup', [
+            'storage' => [
+                'driver' => 'local',
+            ],
+            'mail'    => [
+                'driver'     => 'smtp',
+                'host'       => 'smtp.email.com',
+                'port'       => '25',
+                'username'   => 'john@doe.com',
+                'password'   => 'secret',
+                'encryption' => 'tls',
+            ],
+        ])->assertStatus(204);
+    }
+
+    /**
+     * @test
+     */
+    public function it_store_app_settings()
+    {
+        $this->postJson('/api/setup/app-setup', [
+            'title'             => 'VueFileManager',
+            'description'       => 'The best file manager on the internet',
+            'googleAnalytics'   => 'UA-12345678-1',
+            'contactMail'       => 'john@doe.com',
+            'userRegistration'  => 1,
+            'storageLimitation' => 1,
+            'defaultStorage'    => 10,
+            'logo'              => UploadedFile::fake()->image('fake-logo.jpg'),
+            'logo_horizontal'   => UploadedFile::fake()->image('fake-logo-horizontal.jpg'),
+            'favicon'           => UploadedFile::fake()->image('fake-favicon.jpg'),
+        ])->assertStatus(204);
+
+        $this->assertDatabaseHas('settings', [
+            'name'  => 'app_title',
+            'value' => 'VueFileManager',
+        ]);
+
+        $this->assertDatabaseHas('settings', [
+            'name'  => 'app_description',
+            'value' => 'The best file manager on the internet',
+        ]);
+
+        $this->assertDatabaseHas('settings', [
+            'name'  => 'google_analytics',
+            'value' => 'UA-12345678-1',
+        ]);
+
+        $this->assertDatabaseHas('settings', [
+            'name'  => 'contact_email',
+            'value' => 'john@doe.com',
+        ]);
+
+        $this->assertDatabaseHas('settings', [
+            'name'  => 'storage_default',
+            'value' => '10',
+        ]);
+
+        collect(['app_logo', 'app_logo_horizontal', 'app_favicon'])
+            ->each(function ($file) {
+
+                $path = get_setting($file);
+
+                $this->assertNotNull($path);
+
+                Storage::assertExists($path);
+            });
+    }
+
+    /**
+     * @test
+     */
+    public function it_create_admin_account()
+    {
+        $this->postJson('/admin-setup', [
+            'email'                 => 'john@doe.com',
+            'password'              => 'VerySecretPassword',
+            'password_confirmation' => 'VerySecretPassword',
+            'name'                  => 'John Doe',
+            'purchase_code'         => '8624194e-3156-4cd0-944e-3440fcecdacb',
+            'license'               => 'Regular',
+            'avatar'                => UploadedFile::fake()->image('fake-logo.jpg'),
+        ])->assertStatus(204);
+
+        $this->assertDatabaseHas('users', [
+            'email' => 'john@doe.com',
+            'role'  => 'admin',
+        ]);
+
+        $this->assertDatabaseHas('user_settings', [
+            'user_id' => User::first()->id,
+            'name'    => 'John Doe',
+        ]);
+
+        $this->assertDatabaseMissing('user_settings', [
+            'avatar' => null,
+        ]);
+
+        $this->assertDatabaseHas('pages', [
+            'title' => 'Terms of Service',
+        ]);
+
+        $this->assertDatabaseHas('settings', [
+            'name'  => 'feature_title_1',
+            'value' => 'Truly Freedom',
+        ]);
+
+        $this->assertDatabaseHas('settings', [
+            'name'  => 'setup_wizard_success',
+            'value' => '1',
+        ]);
+
+        $this->assertDatabaseHas('settings', [
+            'name'  => 'license',
+            'value' => 'Regular',
+        ]);
+
+        $this->assertDatabaseHas('settings', [
+            'name'  => 'purchase_code',
+            'value' => '8624194e-3156-4cd0-944e-3440fcecdacb',
+        ]);
+
+        $this->assertDatabaseHas('languages', [
+            'name'   => 'English',
+            'locale' => 'en',
+        ]);
+
+        $this->assertDatabaseHas('language_translations', [
+            'key'   => 'actions.close',
+            'value' => 'Close',
+            'lang'  => 'en',
+        ]);
+
+        $avatar = User::first()
+            ->settings
+            ->getRawOriginal('avatar');
+
+        $this->assertNotNull($avatar);
+
+        Storage::assertExists($avatar);
+    }
+
+    /**
+     * @test
+     */
+    public function it_try_to_create_admin_account_after_setup_wizard_success()
+    {
+        Setting::forceCreate([
+            'name'  => 'setup_wizard_success',
+            'value' => '1',
+        ]);
+
+        $this->postJson('/admin-setup', [
+            'email'                 => 'john@doe.com',
+            'password'              => 'VerySecretPassword',
+            'password_confirmation' => 'VerySecretPassword',
+            'name'                  => 'John Doe',
+            'purchase_code'         => '8624194e-3156-4cd0-944e-3440fcecdacb',
+            'license'               => 'Regular',
+        ])->assertStatus(410);
+
+        $this->assertDatabaseMissing('users', [
+            'email' => 'john@doe.com',
+            'role'  => 'admin',
+        ]);
+    }
+}
--- a/tests/Domain/Sharing/UserShareTest.php
+++ b/tests/Domain/Sharing/UserShareTest.php
@@ -0,0 +1,229 @@
+<?php
+
+namespace Tests\Feature\Share;
+
+use App\Models\File;
+use App\Models\Folder;
+use App\Models\User;
+use App\Notifications\SharedSendViaEmail;
+use Illuminate\Support\Facades\Notification;
+use Laravel\Sanctum\Sanctum;
+use Tests\TestCase;
+
+class UserShareTest extends TestCase
+{
+    /**
+     * @test
+     */
+    public function it_share_single_file_without_password()
+    {
+        $file = File::factory(File::class)
+            ->create();
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $this->postJson("/api/share/$file->id", [
+            'isPassword' => false,
+            'permission' => 'editor',
+            'type'       => 'file',
+        ])->assertStatus(201)->assertJsonFragment([
+            'item_id' => $file->id,
+            'type'    => 'file',
+        ]);
+
+        $this->assertDatabaseHas('shares', [
+            'user_id'      => $user->id,
+            'item_id'      => $file->id,
+            'type'         => 'file',
+            'is_protected' => false,
+            'password'     => null,
+            'expire_in'    => null,
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_share_folder_without_password()
+    {
+        $folder = Folder::factory(Folder::class)
+            ->create();
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $this->postJson("/api/share/$folder->id", [
+            'isPassword' => false,
+            'permission' => 'editor',
+            'type'       => 'folder',
+        ])->assertStatus(201)->assertJsonFragment([
+            'item_id' => $folder->id,
+            'type'    => 'folder',
+        ]);
+
+        $this->assertDatabaseHas('shares', [
+            'user_id'      => $user->id,
+            'item_id'      => $folder->id,
+            'type'         => 'folder',
+            'is_protected' => false,
+            'password'     => null,
+            'expire_in'    => null,
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_share_folder_with_password()
+    {
+        $folder = Folder::factory(Folder::class)
+            ->create();
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $this->postJson("/api/share/$folder->id", [
+            'isPassword' => true,
+            'password'   => 'secret',
+            'permission' => 'editor',
+            'type'       => 'folder',
+        ])
+            ->assertStatus(201)
+            ->assertJsonFragment([
+                'item_id' => $folder->id,
+                'type'    => 'folder',
+            ]);
+
+        $this->assertDatabaseHas('shares', [
+            'user_id'      => $user->id,
+            'item_id'      => $folder->id,
+            'type'         => 'folder',
+            'is_protected' => true,
+        ]);
+
+        $this->assertDatabaseMissing('shares', [
+            'item_id'  => $folder->id,
+            'password' => null,
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_share_folder_with_expiration_time()
+    {
+        $folder = Folder::factory(Folder::class)
+            ->create();
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $this->postJson("/api/share/$folder->id", [
+            'isPassword' => false,
+            'permission' => 'editor',
+            'type'       => 'folder',
+            'expiration' => 12,
+        ])
+            ->assertStatus(201)
+            ->assertJsonFragment([
+                'item_id'   => $folder->id,
+                'expire_in' => 12,
+            ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_share_folder_and_send_link_for_multiple_email()
+    {
+        $folder = Folder::factory(Folder::class)
+            ->create();
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $this->postJson("/api/share/$folder->id", [
+            'isPassword' => false,
+            'permission' => 'editor',
+            'type'       => 'folder',
+            'emails'     => [
+                'john@doe.com',
+                'jane@doe.com',
+            ],
+        ])->assertStatus(201);
+
+        Notification::assertTimesSent(2, SharedSendViaEmail::class);
+    }
+
+    /**
+     * @test
+     */
+    public function it_send_existing_shared_folder_for_multiple_email_once_again()
+    {
+        $folder = Folder::factory(Folder::class)
+            ->create();
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $this->postJson("/api/share/$folder->id", [
+            'isPassword' => false,
+            'permission' => 'editor',
+            'type'       => 'folder',
+        ])->assertStatus(201);
+
+        $this->postJson("/api/share/$folder->id/email", [
+            'emails' => [
+                'john@doe.com',
+                'jane@doe.com',
+            ],
+        ])->assertStatus(204);
+
+        Notification::assertTimesSent(2, SharedSendViaEmail::class);
+    }
+
+    /**
+     * @test
+     *
+     * TODO: pridat test na zmazanie zip
+     */
+    public function it_revoke_single_share_record()
+    {
+        $folder = Folder::factory(Folder::class)
+            ->create();
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $this->postJson("/api/share/$folder->id", [
+            'isPassword' => false,
+            'permission' => 'editor',
+            'type'       => 'folder',
+        ])->assertStatus(201);
+
+        $this->deleteJson("/api/share/revoke", [
+            'tokens' => [
+                $folder->shared->token
+            ],
+        ])->assertStatus(204);
+
+        $this->assertDatabaseMissing('shares', [
+            'item_id' => $folder->id
+        ]);
+    }
+}
--- a/tests/Domain/Sharing/VisitorAccessToItemsTest.php
+++ b/tests/Domain/Sharing/VisitorAccessToItemsTest.php
@@ -0,0 +1,273 @@
+<?php
+
+namespace Tests\Feature\Share;
+
+use App\Models\File;
+use App\Models\Share;
+use App\Models\User;
+use App\Models\Zip;
+use App\Services\SetupService;
+use Illuminate\Http\UploadedFile;
+use Illuminate\Support\Str;
+use Storage;
+use Tests\TestCase;
+
+class VisitorAccessToItemsTest extends TestCase
+{
+    private $setup;
+
+    public function __construct()
+    {
+        parent::__construct();
+        $this->setup = app()->make(SetupService::class);
+    }
+
+    /**
+     * @test
+     */
+    public function it_download_file()
+    {
+        $this->setup->create_directories();
+
+        collect([true, false])
+            ->each(function ($is_protected) {
+
+                $user = User::factory(User::class)
+                    ->create();
+
+                $document = UploadedFile::fake()
+                    ->create(Str::random() . '-fake-file.pdf', 1000, 'application/pdf');
+
+                Storage::putFileAs("files/$user->id", $document, $document->name);
+
+                $file = File::factory(File::class)
+                    ->create([
+                        'filesize' => $document->getSize(),
+                        'user_id'  => $user->id,
+                        'basename' => $document->name,
+                        'name'     => $document->name,
+                    ]);
+
+                $share = Share::factory(Share::class)
+                    ->create([
+                        'item_id'      => $file->id,
+                        'user_id'      => $user->id,
+                        'type'         => 'file',
+                        'is_protected' => $is_protected,
+                    ]);
+
+                if ($is_protected) {
+
+                    $cookie = ['share_session' => json_encode([
+                        'token'         => $share->token,
+                        'authenticated' => true,
+                    ])];
+
+                    $this->withCookies($cookie)
+                        ->get("/file/$document->name/$share->token")
+                        ->assertStatus(200);
+                }
+
+                if (!$is_protected) {
+
+                    // Get shared file
+                    $this->get("/file/$document->name/$share->token")
+                        ->assertStatus(200);
+                }
+
+                $this->assertDatabaseHas('traffic', [
+                    'user_id' => $user->id,
+                ]);
+            });
+    }
+
+    /**
+     * @test
+     */
+    public function it_try_to_get_protected_file_record()
+    {
+        $share = Share::factory(Share::class)
+            ->create([
+                'type'         => 'file',
+                'is_protected' => true,
+            ]);
+
+        // Get share record
+        $this->get("/api/browse/file/$share->token")
+            ->assertStatus(403);
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_shared_image()
+    {
+        $this->setup->create_directories();
+
+        collect([true, false])
+            ->each(function ($is_protected) {
+
+                $user = User::factory(User::class)
+                    ->create();
+
+                $thumbnail = UploadedFile::fake()
+                    ->image(Str::random() . '-fake-image.jpg');
+
+                Storage::putFileAs("files/$user->id", $thumbnail, $thumbnail->name);
+
+                $file = File::factory(File::class)
+                    ->create([
+                        'user_id'   => $user->id,
+                        'thumbnail' => $thumbnail->name,
+                        'basename'  => $thumbnail->name,
+                        'name'      => 'fake-thumbnail.jpg',
+                        'type'      => 'image',
+                        'mimetype'  => 'jpg',
+                    ]);
+
+                $share = Share::factory(Share::class)
+                    ->create([
+                        'item_id'      => $file->id,
+                        'user_id'      => $user->id,
+                        'type'         => 'file',
+                        'is_protected' => $is_protected,
+                    ]);
+
+                if ($is_protected) {
+
+                    $cookie = [
+                        'share_session' => json_encode([
+                            'token'         => $share->token,
+                            'authenticated' => true,
+                        ])
+                    ];
+
+                    $this->withCookies($cookie)
+                        ->get("/share/$share->token")
+                        ->assertStatus(200);
+                }
+
+                if (!$is_protected) {
+                    $this->get("/share/$share->token")
+                        ->assertStatus(200);
+                }
+            });
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_public_thumbnail()
+    {
+        $this->setup->create_directories();
+
+        collect([true, false])
+            ->each(function ($is_protected) {
+
+                $user = User::factory(User::class)
+                    ->create();
+
+                $thumbnail = UploadedFile::fake()
+                    ->image(Str::random() . '-fake-thumbnail.jpg');
+
+                Storage::putFileAs("files/$user->id", $thumbnail, $thumbnail->name);
+
+                $file = File::factory(File::class)
+                    ->create([
+                        'user_id'   => $user->id,
+                        'thumbnail' => $thumbnail->name,
+                        'name'      => 'fake-thumbnail.jpg',
+                    ]);
+
+                $share = Share::factory(Share::class)
+                    ->create([
+                        'item_id'      => $file->id,
+                        'user_id'      => $user->id,
+                        'type'         => 'file',
+                        'is_protected' => $is_protected,
+                    ]);
+
+                // Get thumbnail file
+                if ($is_protected) {
+
+                    $cookie = [
+                        'share_session' => json_encode([
+                            'token'         => $share->token,
+                            'authenticated' => true,
+                        ])
+                    ];
+
+                    $this->withCookies($cookie)
+                        ->get("/thumbnail/$thumbnail->name/$share->token")
+                        ->assertStatus(200);
+                }
+
+                if (!$is_protected) {
+                    $this->get("/thumbnail/$thumbnail->name/$share->token")
+                        ->assertStatus(200);
+                }
+
+                $this->assertDatabaseMissing('traffic', [
+                    'user_id'  => $user->id,
+                    'download' => null,
+                ]);
+            });
+    }
+
+    /**
+     * @test
+     */
+    public function it_download_publicly_zipped_files()
+    {
+        $this->setup->create_directories();
+
+        collect([true, false])
+            ->each(function ($is_protected) {
+
+                $user = User::factory(User::class)
+                    ->create();
+
+                $share = Share::factory(Share::class)
+                    ->create([
+                        'user_id'      => $user->id,
+                        'type'         => 'folder',
+                        'is_protected' => $is_protected,
+                    ]);
+
+                $zip = Zip::factory(Zip::class)->create([
+                    'basename'     => 'EHWKcuvKzA4Gv29v-archive.zip',
+                    'user_id'      => $user->id,
+                    'shared_token' => $share->token,
+                ]);
+
+                $file = UploadedFile::fake()
+                    ->create($zip->basename, 1000, 'application/zip');
+
+                Storage::putFileAs("zip", $file, $file->name);
+
+                if ($is_protected) {
+
+                    $cookie = [
+                        'share_session' => json_encode([
+                            'token'         => $share->token,
+                            'authenticated' => true,
+                        ])
+                    ];
+
+                    $this->withCookies($cookie)
+                        ->get("/zip/$zip->id/$share->token")
+                        ->assertStatus(200);
+                }
+
+                if (!$is_protected) {
+                    $this->get("/zip/$zip->id/$share->token")
+                        ->assertStatus(200);
+                }
+
+                $this->assertDatabaseMissing('traffic', [
+                    'user_id'  => $user->id,
+                    'download' => null,
+                ]);
+            });
+    }
+}
--- a/tests/Domain/Sharing/VisitorBrowseTest.php
+++ b/tests/Domain/Sharing/VisitorBrowseTest.php
@@ -0,0 +1,787 @@
+<?php
+
+namespace Tests\Feature\Share;
+
+use App\Models\File;
+use App\Models\Folder;
+use App\Models\Share;
+use App\Models\User;
+use App\Models\Zip;
+use App\Services\SetupService;
+use Illuminate\Http\UploadedFile;
+use Illuminate\Support\Str;
+use Storage;
+use Tests\TestCase;
+
+class VisitorBrowseTest extends TestCase
+{
+    public function __construct()
+    {
+        parent::__construct();
+        $this->setup = app()->make(SetupService::class);
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_share_record()
+    {
+        $share = Share::factory(Share::class)
+            ->create([
+                'is_protected' => 0,
+            ]);
+
+        $this->get("/api/browse/share/$share->token")
+            ->assertStatus(200)
+            ->assertExactJson([
+                'data' => [
+                    'id'         => $share->id,
+                    'type'       => 'shares',
+                    'attributes' => [
+                        'permission'   => $share->permission,
+                        'is_protected' => false,
+                        'item_id'      => $share->item_id,
+                        'expire_in'    => $share->expire_in,
+                        'token'        => $share->token,
+                        'link'         => $share->link,
+                        'type'         => $share->type,
+                        'created_at'   => $share->created_at->toJson(),
+                        'updated_at'   => $share->updated_at->toJson(),
+                    ],
+                ]
+            ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_get_share_page()
+    {
+        $share = Share::factory(Share::class)
+            ->create([
+                'type'         => 'folder',
+                'is_protected' => false,
+            ]);
+
+        $this->get("/share/$share->token")
+            ->assertViewIs('index')
+            ->assertStatus(200);
+    }
+
+    /**
+     * @test
+     */
+    public function it_try_to_get_deleted_share_record()
+    {
+        $this->get("/api/browse/share/19ZMPNiass4ZqWwQ")
+            ->assertNotFound();
+    }
+
+    /**
+     * @test
+     */
+    public function it_try_to_get_deleted_share_page()
+    {
+        $this->get('/share/19ZMPNiass4ZqWwQ')
+            ->assertNotFound(404);
+    }
+
+    /**
+     * @test
+     */
+    public function it_authenticate_protected_file_with_correct_password()
+    {
+        $file = File::factory(File::class)
+            ->create();
+
+        $share = Share::factory(Share::class)
+            ->create([
+                'item_id'      => $file->id,
+                'user_id'      => $file->user_id,
+                'type'         => 'file',
+                'is_protected' => true,
+                'password'     => bcrypt('secret'),
+            ]);
+
+        $this->postJson("/api/browse/authenticate/$share->token", [
+            'password' => 'secret'
+        ])
+            ->assertStatus(200)
+            ->assertCookie('share_session', json_encode([
+                'token'         => $share->token,
+                'authenticated' => true,
+            ]), false);
+    }
+
+    /**
+     * @test
+     */
+    public function it_authenticate_protected_file_with_incorrect_password()
+    {
+        $file = File::factory(File::class)
+            ->create();
+
+        $share = Share::factory(Share::class)
+            ->create([
+                'item_id'      => $file->id,
+                'user_id'      => $file->user_id,
+                'type'         => 'file',
+                'is_protected' => true,
+                'password'     => bcrypt('secret'),
+            ]);
+
+        $this->postJson("/api/browse/authenticate/$share->token", [
+            'password' => 'bad-password'
+        ])
+            ->assertStatus(401)
+            ->assertCookieMissing('share_session');
+    }
+
+    /**
+     * @test
+     */
+    public function visitor_zip_shared_multiple_files()
+    {
+        $this->setup->create_directories();
+
+        // check private or public share record
+        collect([true, false])
+            ->each(function ($is_protected) {
+
+                $user = User::factory(User::class)
+                    ->create();
+
+                $folder = Folder::factory(Folder::class)
+                    ->create([
+                        'user_id' => $user->id
+                    ]);
+
+                collect([0, 1])
+                    ->each(function ($index) use ($folder, $user) {
+
+                        $file = UploadedFile::fake()
+                            ->create(Str::random() . "-fake-file-$index.pdf", 1000, 'application/pdf');
+
+                        Storage::putFileAs("files/$user->id", $file, $file->name);
+
+                        File::factory(File::class)
+                            ->create([
+                                'filesize'  => $file->getSize(),
+                                'folder_id' => $folder->id,
+                                'user_id'   => $user->id,
+                                'basename'  => $file->name,
+                                'name'      => "fake-file-$index.pdf",
+                            ]);
+                    });
+
+                $share = Share::factory(Share::class)
+                    ->create([
+                        'item_id'      => $folder->id,
+                        'user_id'      => $user->id,
+                        'type'         => 'folder',
+                        'is_protected' => $is_protected,
+                    ]);
+
+                // Check shared item protected by password
+                if ($is_protected) {
+
+                    $cookie = ['share_session' => json_encode([
+                        'token'         => $share->token,
+                        'authenticated' => true,
+                    ])];
+
+                    $this
+                        ->withUnencryptedCookies($cookie)
+                        ->post("/api/zip/files/$share->token", [
+                            'items' => File::all()->pluck('id')
+                        ])->assertStatus(201);
+                }
+
+                // Check public shared item
+                if (!$is_protected) {
+                    $this->postJson("/api/zip/files/$share->token", [
+                        'items' => File::all()->pluck('id')
+                    ])->assertStatus(201);
+                }
+
+                $this->assertDatabaseHas('zips', [
+                    'user_id'      => $user->id,
+                    'shared_token' => $share->token,
+                ]);
+
+                Storage::assertExists("zip/" . Zip::first()->basename);
+            });
+    }
+
+    /**
+     * @test
+     */
+    public function visitor_try_zip_not_shared_file_with_already_shared_multiple_files()
+    {
+        // check private or public share record
+        collect([true, false])
+            ->each(function ($is_protected) {
+
+                $user = User::factory(User::class)
+                    ->create();
+
+                $folder = Folder::factory(Folder::class)
+                    ->create([
+                        'user_id' => $user->id
+                    ]);
+
+                File::factory(File::class)
+                    ->create([
+                        'folder_id' => $folder->id,
+                        'user_id'   => $user->id,
+                    ]);
+
+                File::factory(File::class)
+                    ->create([
+                        'user_id' => $user->id,
+                    ]);
+
+                $share = Share::factory(Share::class)
+                    ->create([
+                        'item_id'      => $folder->id,
+                        'user_id'      => $user->id,
+                        'type'         => 'folder',
+                        'is_protected' => $is_protected,
+                    ]);
+
+                // Check shared item protected by password
+                if ($is_protected) {
+
+                    $cookie = ['share_session' => json_encode([
+                        'token'         => $share->token,
+                        'authenticated' => true,
+                    ])];
+
+                    $this
+                        ->withUnencryptedCookies($cookie)
+                        ->post("/api/zip/files/$share->token", [
+                            'items' => File::all()->pluck('id')
+                        ])->assertStatus(403);
+                }
+
+                // Check public shared item
+                if (!$is_protected) {
+                    $this->postJson("/api/zip/files/$share->token", [
+                        'items' => File::all()->pluck('id')
+                    ])->assertStatus(403);
+                }
+            });
+    }
+
+    /**
+     * @test
+     */
+    public function visitor_zip_shared_folder()
+    {
+        $this->setup->create_directories();
+
+        // check private or public share record
+        collect([true, false])
+            ->each(function ($is_protected) {
+
+                $user = User::factory(User::class)
+                    ->create();
+
+                $root = Folder::factory(Folder::class)
+                    ->create([
+                        'user_id' => $user->id
+                    ]);
+
+                $children = Folder::factory(Folder::class)
+                    ->create([
+                        'user_id'   => $user->id,
+                        'parent_id' => $root->id
+                    ]);
+
+                collect([0, 1])
+                    ->each(function ($index) use ($children, $user) {
+
+                        $file = UploadedFile::fake()
+                            ->create(Str::random() . "-fake-file-$index.pdf", 1000, 'application/pdf');
+
+                        Storage::putFileAs("files/$user->id", $file, $file->name);
+
+                        File::factory(File::class)
+                            ->create([
+                                'filesize'  => $file->getSize(),
+                                'folder_id' => $children->id,
+                                'user_id'   => $user->id,
+                                'basename'  => $file->name,
+                                'name'      => "fake-file-$index.pdf",
+                            ]);
+                    });
+
+                $share = Share::factory(Share::class)
+                    ->create([
+                        'item_id'      => $children->id,
+                        'user_id'      => $user->id,
+                        'type'         => 'folder',
+                        'is_protected' => $is_protected,
+                    ]);
+
+                // Check shared item protected by password
+                if ($is_protected) {
+
+                    $cookie = ['share_session' => json_encode([
+                        'token'         => $share->token,
+                        'authenticated' => true,
+                    ])];
+
+                    $this
+                        ->withUnencryptedCookies($cookie)
+                        ->get("/api/zip/folder/$children->id/$share->token")
+                        ->assertStatus(201);
+                }
+
+                // Check public shared item
+                if (!$is_protected) {
+                    $this->getJson("/api/zip/folder/$children->id/$share->token")
+                        ->assertStatus(201);
+                }
+
+                $this->assertDatabaseHas('zips', [
+                    'user_id'      => $user->id,
+                    'shared_token' => $share->token,
+                ]);
+
+                Zip::all()
+                    ->each(function ($zip) {
+                        Storage::assertExists("zip/$zip->basename");
+                    });
+            });
+    }
+
+    /**
+     * @test
+     */
+    public function visitor_try_zip_not_shared_folder()
+    {
+        $this->setup->create_directories();
+
+        // check private or public share record
+        collect([true, false])
+            ->each(function ($is_protected) {
+
+                $user = User::factory(User::class)
+                    ->create();
+
+                $folder = Folder::factory(Folder::class)
+                    ->create([
+                        'user_id' => $user->id
+                    ]);
+
+                $share = Share::factory(Share::class)
+                    ->create([
+                        'user_id'      => $user->id,
+                        'type'         => 'folder',
+                        'is_protected' => $is_protected,
+                    ]);
+
+                // Check shared item protected by password
+                if ($is_protected) {
+
+                    $cookie = ['share_session' => json_encode([
+                        'token'         => $share->token,
+                        'authenticated' => true,
+                    ])];
+
+                    $this
+                        ->withUnencryptedCookies($cookie)
+                        ->get("/api/zip/folder/$folder->id/$share->token")
+                        ->assertStatus(403);
+                }
+
+                // Check public shared item
+                if (!$is_protected) {
+                    $this->getJson("/api/zip/folder/$folder->id/$share->token")
+                        ->assertStatus(403);
+                }
+            });
+    }
+
+    /**
+     * @test
+     */
+    public function visitor_get_folder_content()
+    {
+        // check private or public share record
+        collect([true, false])
+            ->each(function ($is_protected) {
+
+                $user = User::factory(User::class)
+                    ->create();
+
+                $root = Folder::factory(Folder::class)
+                    ->create([
+                        'name'    => 'root',
+                        'user_id' => $user->id,
+                    ]);
+
+                $share = Share::factory(Share::class)
+                    ->create([
+                        'item_id'      => $root->id,
+                        'user_id'      => $user->id,
+                        'type'         => 'folder',
+                        'is_protected' => $is_protected,
+                        'permission'   => 'editor',
+                    ]);
+
+                $folder = Folder::factory(Folder::class)
+                    ->create([
+                        'parent_id' => $root->id,
+                        'name'      => 'Documents',
+                        "author"    => "user",
+                        'user_id'   => $user->id,
+                    ]);
+
+                $file = File::factory(File::class)
+                    ->create([
+                        'folder_id' => $root->id,
+                        'name'      => 'Document',
+                        'basename'  => 'document.pdf',
+                        "mimetype"  => "application/pdf",
+                        "author"    => "user",
+                        "type"      => "file",
+                        'user_id'   => $user->id,
+                    ]);
+
+                $json = [
+                    [
+                        "id"            => $folder->id,
+                        "user_id"       => $user->id,
+                        "parent_id"     => $root->id,
+                        "name"          => "Documents",
+                        "color"         => null,
+                        "emoji"         => null,
+                        "author"        => "user",
+                        "deleted_at"    => null,
+                        "created_at"    => $folder->created_at,
+                        "updated_at"    => $folder->updated_at->toJson(),
+                        "items"         => 0,
+                        "trashed_items" => 0,
+                        "type"          => "folder",
+                    ],
+                    [
+                        "id"         => $file->id,
+                        "user_id"    => $user->id,
+                        "folder_id"  => $root->id,
+                        "thumbnail"  => null,
+                        "name"       => "Document",
+                        "basename"   => "document.pdf",
+                        "mimetype"   => "application/pdf",
+                        "filesize"   => $file->filesize,
+                        "type"       => "file",
+                        "metadata"   => null,
+                        "author"     => "user",
+                        "deleted_at" => null,
+                        "created_at" => $file->created_at,
+                        "updated_at" => $file->updated_at->toJson(),
+                        "file_url"   => "http://localhost/file/document.pdf/$share->token",
+                    ]
+                ];
+
+                // Check shared item protected by password
+                if ($is_protected) {
+
+                    $cookie = ['share_session' => json_encode([
+                        'token'         => $share->token,
+                        'authenticated' => true,
+                    ])];
+
+                    $this
+                        ->withUnencryptedCookies($cookie)
+                        ->get("/api/browse/folders/$root->id/$share->token")
+                        ->assertStatus(200)
+                        ->assertExactJson($json);
+                }
+
+                // Check public shared item
+                if (!$is_protected) {
+                    $this->getJson("/api/browse/folders/$root->id/$share->token")
+                        ->assertStatus(200)
+                        ->assertExactJson($json);
+                }
+            });
+    }
+
+    /**
+     * @test
+     */
+    public function visitor_get_navigator_tree()
+    {
+        // check private or public share record
+        collect([true, false])
+            ->each(function ($is_protected) {
+
+                $user = User::factory(User::class)
+                    ->create();
+
+                $folder_level_1 = Folder::factory(Folder::class)
+                    ->create([
+                        'name'    => 'level 1',
+                        'author'  => 'user',
+                        'user_id' => $user->id,
+                    ]);
+
+                $share = Share::factory(Share::class)
+                    ->create([
+                        'item_id'      => $folder_level_1->id,
+                        'user_id'      => $user->id,
+                        'type'         => 'folder',
+                        'permission'   => 'editor',
+                        'is_protected' => $is_protected,
+                        'password'     => bcrypt('secret'),
+                    ]);
+
+                $folder_level_2 = Folder::factory(Folder::class)
+                    ->create([
+                        'name'      => 'level 2',
+                        'parent_id' => $folder_level_1->id,
+                        'author'    => 'user',
+                        'user_id'   => $user->id,
+                    ]);
+
+                $folder_level_3 = Folder::factory(Folder::class)
+                    ->create([
+                        'name'      => 'level 3',
+                        'parent_id' => $folder_level_2->id,
+                        'author'    => 'user',
+                        'user_id'   => $user->id,
+                    ]);
+
+                $folder_level_2_sibling = Folder::factory(Folder::class)
+                    ->create([
+                        'name'      => 'level 2 Sibling',
+                        'parent_id' => $folder_level_1->id,
+                        'author'    => 'user',
+                        'user_id'   => $user->id,
+                    ]);
+
+                $tree = [
+                    [
+                        'id'       => $share->item_id,
+                        "name"     => "Home",
+                        "location" => "public",
+                        "folders"  => [
+                            [
+                                "id"            => $folder_level_2->id,
+                                "parent_id"     => $folder_level_1->id,
+                                "name"          => "level 2",
+                                "items"         => 1,
+                                "trashed_items" => 1,
+                                "type"          => "folder",
+                                "folders"       => [
+                                    [
+                                        "id"            => $folder_level_3->id,
+                                        "parent_id"     => $folder_level_2->id,
+                                        "name"          => "level 3",
+                                        "items"         => 0,
+                                        "trashed_items" => 0,
+                                        "type"          => "folder",
+                                        "folders"       => [],
+                                    ],
+                                ],
+                            ],
+                            [
+                                "id"            => $folder_level_2_sibling->id,
+                                "parent_id"     => $folder_level_1->id,
+                                "name"          => "level 2 Sibling",
+                                "items"         => 0,
+                                "trashed_items" => 0,
+                                "type"          => "folder",
+                                "folders"       => []
+                            ]
+                        ]
+                    ]
+                ];
+
+                // Check shared item protected by password
+                if ($is_protected) {
+
+                    $cookie = ['share_session' => json_encode([
+                        'token'         => $share->token,
+                        'authenticated' => true,
+                    ])];
+
+                    $this
+                        ->withUnencryptedCookies($cookie)
+                        ->get("/api/browse/navigation/$share->token")
+                        ->assertStatus(200)
+                        ->assertExactJson($tree);
+                }
+
+                // Check public shared item
+                if (!$is_protected) {
+
+                    $this->getJson("/api/browse/navigation/$share->token")
+                        ->assertStatus(200)
+                        ->assertExactJson($tree);
+                }
+            });
+    }
+
+    /**
+     * @test
+     */
+    public function visitor_search_file()
+    {
+        // check private or public share record
+        collect([true, false])
+            ->each(function ($is_protected) {
+
+                $folder = Folder::factory(Folder::class)
+                    ->create();
+
+                $share = Share::factory(Share::class)
+                    ->create([
+                        'item_id'      => $folder->id,
+                        'user_id'      => $folder->user_id,
+                        'type'         => 'folder',
+                        'permission'   => 'editor',
+                        'is_protected' => $is_protected,
+                        'password'     => bcrypt('secret'),
+                    ]);
+
+                $file = File::factory(File::class)
+                    ->create([
+                        'name'      => 'Document',
+                        'folder_id' => $folder->id,
+                        'user_id'   => $folder->user_id,
+                    ]);
+
+                // Check shared item protected by password
+                if ($is_protected) {
+
+                    $cookie = ['share_session' => json_encode([
+                        'token'         => $share->token,
+                        'authenticated' => true,
+                    ])];
+
+                    $this->withUnencryptedCookies($cookie)
+                        ->get("/api/browse/search/$share->token?query=doc")
+                        ->assertStatus(200)
+                        ->assertJsonFragment([
+                            'id' => $file->id
+                        ]);
+                }
+
+                // Check public shared item
+                if (!$is_protected) {
+
+                    $this->getJson("/api/browse/search/$share->token?query=doc")
+                        ->assertStatus(200)
+                        ->assertJsonFragment([
+                            'id' => $file->id
+                        ]);
+                }
+            });
+    }
+
+    /**
+     * @test
+     */
+    public function visitor_try_search_not_shared_user_file()
+    {
+        // check private or public share record
+        collect([true, false])
+            ->each(function ($is_protected) {
+
+                $folder = Folder::factory(Folder::class)
+                    ->create();
+
+                $share = Share::factory(Share::class)
+                    ->create([
+                        'item_id'      => $folder->id,
+                        'user_id'      => $folder->user_id,
+                        'type'         => 'folder',
+                        'permission'   => 'editor',
+                        'is_protected' => $is_protected,
+                        'password'     => bcrypt('secret'),
+                    ]);
+
+                File::factory(File::class)
+                    ->create([
+                        'name'    => 'Document',
+                        'user_id' => $folder->user_id,
+                    ]);
+
+                // Check shared item protected by password
+                if ($is_protected) {
+
+                    $cookie = ['share_session' => json_encode([
+                        'token'         => $share->token,
+                        'authenticated' => true,
+                    ])];
+
+                    $this->withUnencryptedCookies($cookie)
+                        ->get("/api/browse/search/$share->token?query=doc")
+                        ->assertStatus(200)
+                        ->assertJsonFragment([]);
+                }
+
+                // Check public shared item
+                if (!$is_protected) {
+
+                    $this->getJson("/api/browse/search/$share->token?query=doc")
+                        ->assertStatus(200)
+                        ->assertJsonFragment([]);
+                }
+            });
+    }
+
+    /**
+     * @test
+     */
+    public function visitor_get_file_detail()
+    {
+        // check private or public share record
+        collect([true, false])
+            ->each(function ($is_protected) {
+
+                $file = File::factory(File::class)
+                    ->create([
+                        'name' => 'Document',
+                    ]);
+
+                $share = Share::factory(Share::class)
+                    ->create([
+                        'item_id'      => $file->id,
+                        'user_id'      => $file->user_id,
+                        'type'         => 'file',
+                        'permission'   => 'editor',
+                        'is_protected' => $is_protected,
+                        'password'     => bcrypt('secret'),
+                    ]);
+
+                // Check shared item protected by password
+                if ($is_protected) {
+
+                    $cookie = ['share_session' => json_encode([
+                        'token'         => $share->token,
+                        'authenticated' => true,
+                    ])];
+
+                    $this->withUnencryptedCookies($cookie)
+                        ->get("/api/browse/file/$share->token")
+                        ->assertStatus(200)
+                        ->assertJsonFragment([
+                            'name' => 'Document'
+                        ]);
+                }
+
+                // Check public shared item
+                if (!$is_protected) {
+                    $this->getJson("/api/browse/file/$share->token")
+                        ->assertStatus(200)
+                        ->assertJsonFragment([
+                            'name' => 'Document'
+                        ]);
+                }
+            });
+    }
+}
--- a/tests/Domain/Sharing/VisitorManipulatingTest.php
+++ b/tests/Domain/Sharing/VisitorManipulatingTest.php
@@ -0,0 +1,535 @@
+<?php
+
+namespace Tests\Feature\Share;
+
+use App\Models\File;
+use App\Models\Folder;
+use App\Models\Share;
+use App\Models\User;
+use App\Services\SetupService;
+use Illuminate\Http\UploadedFile;
+use Storage;
+use Tests\TestCase;
+
+class VisitorManipulatingTest extends TestCase
+{
+    public function __construct()
+    {
+        parent::__construct();
+        $this->setup = app()->make(SetupService::class);
+    }
+
+    /**
+     * @test
+     */
+    public function editor_rename_shared_file()
+    {
+        // check private or public share record
+        collect([true, false])
+            ->each(function ($is_protected) {
+
+                $user = User::factory(User::class)
+                    ->create();
+
+                $folder = Folder::factory(Folder::class)
+                    ->create([
+                        'user_id' => $user->id
+                    ]);
+
+                $file = File::factory(File::class)
+                    ->create([
+                        'folder_id' => $folder->id
+                    ]);
+
+                $share = Share::factory(Share::class)
+                    ->create([
+                        'item_id'      => $folder->id,
+                        'user_id'      => $user->id,
+                        'type'         => 'folder',
+                        'is_protected' => $is_protected,
+                        'permission'   => 'editor',
+                    ]);
+
+                // Check shared item protected by password
+                if ($is_protected) {
+
+                    $cookie = ['share_session' => json_encode([
+                        'token'         => $share->token,
+                        'authenticated' => true,
+                    ])];
+
+                    $this
+                        ->withUnencryptedCookies($cookie)
+                        ->patch("/api/editor/rename/{$file->id}/$share->token", [
+                            'name' => 'Renamed Item',
+                            'type' => 'file',
+                        ])
+                        ->assertStatus(201)
+                        ->assertJsonFragment([
+                            'name' => 'Renamed Item',
+                        ]);
+                }
+
+                // Check public shared item
+                if (!$is_protected) {
+                    $this->patchJson("/api/editor/rename/{$file->id}/$share->token", [
+                        'name' => 'Renamed Item',
+                        'type' => 'file',
+                    ])
+                        ->assertStatus(201)
+                        ->assertJsonFragment([
+                            'name' => 'Renamed Item',
+                        ]);
+                }
+
+                $this->assertDatabaseHas('files', [
+                    'name' => 'Renamed Item',
+                    'id'   => $file->id,
+                ]);
+            });
+    }
+
+    /**
+     * @test
+     */
+    public function editor_rename_shared_folder()
+    {
+        // check private or public share record
+        collect([true, false])
+            ->each(function ($is_protected) {
+
+                $user = User::factory(User::class)
+                    ->create();
+
+                $root = Folder::factory(Folder::class)
+                    ->create([
+                        'user_id' => $user->id
+                    ]);
+
+                $children = Folder::factory(Folder::class)
+                    ->create([
+                        'user_id'   => $user->id,
+                        'parent_id' => $root->id
+                    ]);
+
+                $share = Share::factory(Share::class)
+                    ->create([
+                        'item_id'      => $root->id,
+                        'user_id'      => $user->id,
+                        'type'         => 'folder',
+                        'is_protected' => $is_protected,
+                        'permission'   => 'editor',
+                    ]);
+
+                // Check shared item protected by password
+                if ($is_protected) {
+
+                    $cookie = ['share_session' => json_encode([
+                        'token'         => $share->token,
+                        'authenticated' => true,
+                    ])];
+
+                    $this
+                        ->withUnencryptedCookies($cookie)
+                        ->patch("/api/editor/rename/{$children->id}/$share->token", [
+                            'name' => 'Renamed Folder',
+                            'type' => 'folder',
+                        ])
+                        ->assertStatus(201)
+                        ->assertJsonFragment([
+                            'name' => 'Renamed Folder',
+                        ]);
+                }
+
+                // Check public shared item
+                if (!$is_protected) {
+
+                    $this->patchJson("/api/editor/rename/{$children->id}/$share->token", [
+                        'name' => 'Renamed Folder',
+                        'type' => 'folder',
+                    ])
+                        ->assertStatus(201)
+                        ->assertJsonFragment([
+                            'name' => 'Renamed Folder',
+                        ]);
+                }
+
+                $this->assertDatabaseHas('folders', [
+                    'name' => 'Renamed Folder',
+                    'id'   => $children->id
+                ]);
+            });
+    }
+
+    /**
+     * @test
+     */
+    public function editor_create_new_folder_in_shared_folder()
+    {
+        // check private or public share record
+        collect([true, false])
+            ->each(function ($is_protected) {
+
+                $user = User::factory(User::class)
+                    ->create();
+
+                $folder = Folder::factory(Folder::class)
+                    ->create([
+                        'user_id' => $user->id,
+                    ]);
+
+                $share = Share::factory(Share::class)
+                    ->create([
+                        'item_id'      => $folder->id,
+                        'user_id'      => $user->id,
+                        'type'         => 'folder',
+                        'is_protected' => $is_protected,
+                        'permission'   => 'editor',
+                    ]);
+
+                // Check shared item protected by password
+                if ($is_protected) {
+
+                    $cookie = ['share_session' => json_encode([
+                        'token'         => $share->token,
+                        'authenticated' => true,
+                    ])];
+
+                    $this
+                        ->withUnencryptedCookies($cookie)
+                        ->post("/api/editor/create-folder/$share->token", [
+                            'name'      => 'Awesome New Folder',
+                            'parent_id' => $folder->id,
+                        ])
+                        ->assertStatus(201)
+                        ->assertJsonFragment([
+                            'name' => 'Awesome New Folder',
+                        ]);
+                }
+
+                // Check public shared item
+                if (!$is_protected) {
+
+                    $this->postJson("/api/editor/create-folder/$share->token", [
+                        'name'      => 'Awesome New Folder',
+                        'parent_id' => $folder->id,
+                    ])
+                        ->assertStatus(201)
+                        ->assertJsonFragment([
+                            'name' => 'Awesome New Folder',
+                        ]);
+                }
+
+                $this->assertDatabaseHas('folders', [
+                    'name'      => 'Awesome New Folder',
+                    'parent_id' => $folder->id,
+                    'author'    => 'visitor',
+                ]);
+            });
+    }
+
+    /**
+     * @test
+     */
+    public function editor_delete_multiple_files_in_shared_folder()
+    {
+        // check private or public share record
+        collect([true, false])
+            ->each(function ($is_protected) {
+
+                $user = User::factory(User::class)
+                    ->create();
+
+                $folder = Folder::factory(Folder::class)
+                    ->create([
+                        'user_id' => $user->id,
+                    ]);
+
+                $share = Share::factory(Share::class)
+                    ->create([
+                        'item_id'      => $folder->id,
+                        'user_id'      => $user->id,
+                        'type'         => 'folder',
+                        'is_protected' => $is_protected,
+                        'permission'   => 'editor',
+                    ]);
+
+                $files = File::factory(File::class)
+                    ->count(2)
+                    ->create([
+                        'folder_id' => $folder->id
+                    ]);
+
+                $payload = [
+                    'items' => [
+                        [
+                            'id'           => $files[0]->id,
+                            'type'         => 'file',
+                            'force_delete' => false,
+                        ],
+                        [
+                            'id'           => $files[1]->id,
+                            'type'         => 'file',
+                            'force_delete' => false,
+                        ],
+                    ],
+                ];
+
+                // Check shared item protected by password
+                if ($is_protected) {
+
+                    $cookie = ['share_session' => json_encode([
+                        'token'         => $share->token,
+                        'authenticated' => true,
+                    ])];
+
+                    $this
+                        ->withUnencryptedCookies($cookie)
+                        ->post("/api/editor/remove/$share->token", $payload)
+                        ->assertStatus(204);
+                }
+
+                // Check public shared item
+                if (!$is_protected) {
+
+                    $this->postJson("/api/editor/remove/$share->token", $payload)
+                        ->assertStatus(204);
+                }
+
+                $files
+                    ->each(function ($file) {
+                        $this->assertSoftDeleted('files', [
+                            'id' => $file->id,
+                        ]);
+                    });
+            });
+    }
+
+    /**
+     * @test
+     */
+    public function editor_upload_file_into_shared_folder()
+    {
+        $this->setup->create_directories();
+
+        // check private or public share record
+        collect([true, false])
+            ->each(function ($is_protected) {
+
+                $user = User::factory(User::class)
+                    ->create();
+
+                $folder = Folder::factory(Folder::class)
+                    ->create([
+                        'user_id' => $user->id,
+                        'author'  => 'user',
+                    ]);
+
+                $share = Share::factory(Share::class)
+                    ->create([
+                        'item_id'      => $folder->id,
+                        'user_id'      => $user->id,
+                        'type'         => 'folder',
+                        'is_protected' => $is_protected,
+                        'permission'   => 'editor',
+                    ]);
+
+                $file = UploadedFile::fake()
+                    ->create('fake-file.pdf', 1000, 'application/pdf');
+
+                // Check shared item protected by password
+                if ($is_protected) {
+
+                    $cookie = ['share_session' => json_encode([
+                        'token'         => $share->token,
+                        'authenticated' => true,
+                    ])];
+
+                    $this
+                        ->withUnencryptedCookies($cookie)
+                        ->post("/api/editor/upload/$share->token", [
+                            'filename'  => $file->name,
+                            'file'      => $file,
+                            'folder_id' => $folder->id,
+                            'is_last'   => true,
+                        ])->assertStatus(201);
+                }
+
+                // Check public shared item
+                if (!$is_protected) {
+
+                    $this->postJson("/api/editor/upload/$share->token", [
+                        'filename'  => $file->name,
+                        'file'      => $file,
+                        'folder_id' => $folder->id,
+                        'is_last'   => true,
+                    ])->assertStatus(201);
+                }
+
+                $this->assertDatabaseHas('traffic', [
+                    'user_id' => $user->id,
+                ]);
+
+                $this->assertDatabaseHas('files', [
+                    'author' => 'visitor',
+                ]);
+
+                Storage::disk('local')
+                    ->assertExists(
+                        "files/$user->id/fake-file.pdf"
+                    );
+            });
+    }
+
+    /**
+     * @test
+     */
+    public function editor_move_file_to_another_folder()
+    {
+        // check private or public share record
+        collect([true, false])
+            ->each(function ($is_protected) {
+
+                $user = User::factory(User::class)
+                    ->create();
+
+                $root = Folder::factory(Folder::class)
+                    ->create([
+                        'user_id' => $user->id
+                    ]);
+
+                $children = Folder::factory(Folder::class)
+                    ->create([
+                        'user_id'   => $user->id,
+                        'parent_id' => $root->id,
+                    ]);
+
+                $file = File::factory(File::class)
+                    ->create([
+                        'user_id'   => $user->id,
+                        'folder_id' => $root->id
+                    ]);
+
+                $share = Share::factory(Share::class)
+                    ->create([
+                        'item_id'      => $root->id,
+                        'user_id'      => $user->id,
+                        'type'         => 'folder',
+                        'is_protected' => $is_protected,
+                        'permission'   => 'editor',
+                    ]);
+
+                $payload = [
+                    'to_id' => $children->id,
+                    'items' => [
+                        [
+                            'type' => 'file',
+                            'id'   => $file->id,
+                        ]
+                    ],
+                ];
+
+                // Check shared item protected by password
+                if ($is_protected) {
+
+                    $cookie = ['share_session' => json_encode([
+                        'token'         => $share->token,
+                        'authenticated' => true,
+                    ])];
+
+                    $this
+                        ->withUnencryptedCookies($cookie)
+                        ->post("/api/editor/move/$share->token", $payload)
+                        ->assertStatus(204);
+                }
+
+                // Check public shared item
+                if (!$is_protected) {
+
+                    $this->postJson("/api/editor/move/$share->token", $payload)
+                        ->assertStatus(204);
+                }
+
+                $this->assertDatabaseHas('files', [
+                    'id'        => $file->id,
+                    'folder_id' => $children->id,
+                ]);
+            });
+    }
+
+    /**
+     * @test
+     */
+    public function editor_move_folder_to_another_folder()
+    {
+        // check private or public share record
+        collect([true, false])
+            ->each(function ($is_protected) {
+
+                $user = User::factory(User::class)
+                    ->create();
+
+                $root = Folder::factory(Folder::class)
+                    ->create([
+                        'user_id' => $user->id
+                    ]);
+
+                $brother = Folder::factory(Folder::class)
+                    ->create([
+                        'user_id'   => $user->id,
+                        'parent_id' => $root->id,
+                    ]);
+
+                $sister = Folder::factory(Folder::class)
+                    ->create([
+                        'user_id'   => $user->id,
+                        'parent_id' => $root->id,
+                    ]);
+
+                $share = Share::factory(Share::class)
+                    ->create([
+                        'item_id'      => $root->id,
+                        'user_id'      => $user->id,
+                        'type'         => 'folder',
+                        'is_protected' => $is_protected,
+                        'permission'   => 'editor',
+                    ]);
+
+                $payload = [
+                    'to_id' => $brother->id,
+                    'items' => [
+                        [
+                            'type' => 'folder',
+                            'id'   => $sister->id,
+                        ]
+                    ],
+                ];
+
+                // Check shared item protected by password
+                if ($is_protected) {
+
+                    $cookie = ['share_session' => json_encode([
+                        'token'         => $share->token,
+                        'authenticated' => true,
+                    ])];
+
+                    $this
+                        ->withUnencryptedCookies($cookie)
+                        ->post("/api/editor/move/$share->token", $payload)
+                        ->assertStatus(204);
+                }
+
+                // Check public shared item
+                if (!$is_protected) {
+
+                    $this->postJson("/api/editor/move/$share->token", $payload)
+                        ->assertStatus(204);
+                }
+
+                $this->assertDatabaseHas('folders', [
+                    'id'        => $sister->id,
+                    'parent_id' => $brother->id,
+                ]);
+            });
+    }
+}
--- a/tests/Domain/Subscriptions/SubscriptionTest.php
+++ b/tests/Domain/Subscriptions/SubscriptionTest.php
@@ -0,0 +1,520 @@
+<?php
+
+namespace Tests\Feature\External;
+
+use App\Models\User;
+use Illuminate\Support\Str;
+use Laravel\Sanctum\Sanctum;
+use Tests\TestCase;
+
+class SubscriptionTest extends TestCase
+{
+    private $user;
+
+    private $plan;
+
+    private $billing;
+
+    public function __construct()
+    {
+        parent::__construct();
+
+        // Define test user
+        $this->user = [
+            'email'          => 'howdy@hi5ve.digital',
+            'stripe_id'      => 'cus_HgbhvNCbSwV8Qg',
+            'card_brand'     => 'visa',
+            'card_last_four' => 4242,
+        ];
+
+        // Define test plan to subscribe
+        $this->plan = [
+            'data' => [
+                'id'         => "business-pack",
+                'type'       => "plans",
+                'attributes' => [
+                    'name'               => "Business Packs",
+                    'description'        => "When your business start grow up.",
+                    'price'              => "$44.99",
+                    'capacity'           => 1000,
+                    'capacity_formatted' => "1TB",
+                    'currency'           => "USD",
+                    'tax_rates'          => [],
+                ],
+            ],
+        ];
+
+        // Define test billing to subscribe
+        $this->billing = [
+            'billing_address'      => '2794 Alfreda Mount Suite 467 East Crystalberg',
+            'billing_city'         => 'Christianfort',
+            'billing_country'      => 'SK',
+            'billing_name'         => 'Heidi Romaguera PhD',
+            'billing_phone_number' => '+421',
+            'billing_postal_code'  => '59445',
+            'billing_state'        => 'SK',
+        ];
+    }
+
+    /**
+     *
+     */
+    public function it_get_setup_intent()
+    {
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $this->getJson('/api/user/subscription/setup-intent')
+            ->assertStatus(201)
+            ->assertJsonFragment([
+                "object" => "setup_intent"
+            ]);
+
+        $this->assertDatabaseMissing('users', [
+            'stripe_id' => null,
+        ]);
+    }
+
+    /**
+     *
+     */
+    public function it_upgrade_plan()
+    {
+        $user = User::factory(User::class)
+            ->create($this->user);
+
+        Sanctum::actingAs($user);
+
+        $this->postJson('/api/user/subscription/upgrade', [
+            'billing' => $this->billing,
+            'plan'    => $this->plan,
+            'payment' => [
+                'type' => 'stripe',
+            ],
+        ])->assertStatus(204);
+
+        $this->assertDatabaseHas('subscriptions', [
+            'stripe_status' => 'active'
+        ]);
+
+        $this->assertDatabaseHas('user_settings', [
+            'storage_capacity' => 1000
+        ]);
+    }
+
+    /**
+     *
+     */
+    public function it_cancel_subscription()
+    {
+        $user = User::factory(User::class)
+            ->create($this->user);
+
+        Sanctum::actingAs($user);
+
+        $this->postJson('/api/user/subscription/upgrade', [
+            'billing' => $this->billing,
+            'plan'    => $this->plan,
+            'payment' => [
+                'type' => 'stripe',
+            ],
+        ])->assertStatus(204);
+
+        $this->postJson('/api/user/subscription/cancel')
+            ->assertStatus(204);
+
+        $this->assertDatabaseMissing('subscriptions', [
+            'ends_at' => null
+        ]);
+    }
+
+    /**
+     *
+     */
+    public function it_resume_subscription()
+    {
+        $user = User::factory(User::class)
+            ->create($this->user);
+
+        Sanctum::actingAs($user);
+
+        $this->postJson('/api/user/subscription/upgrade', [
+            'billing' => $this->billing,
+            'plan'    => $this->plan,
+            'payment' => [
+                'type' => 'stripe',
+            ],
+        ])->assertStatus(204);
+
+        $this->postJson('/api/user/subscription/cancel')
+            ->assertStatus(204);
+
+        $this->postJson('/api/user/subscription/resume')
+            ->assertStatus(204);
+
+        $this->assertDatabaseHas('subscriptions', [
+            'ends_at' => null
+        ]);
+    }
+
+    /**
+     *
+     */
+    public function it_get_user_subscription_details()
+    {
+        $user = User::factory(User::class)
+            ->create($this->user);
+
+        Sanctum::actingAs($user);
+
+        $this->postJson('/api/user/subscription/upgrade', [
+            'billing' => $this->billing,
+            'plan'    => $this->plan,
+            'payment' => [
+                'type' => 'stripe',
+            ],
+        ])->assertStatus(204);
+
+        $this->getJson('/api/user/subscription')
+            ->assertStatus(200)
+            ->assertExactJson([
+                "data" => [
+                    "id"         => "business-pack",
+                    "type"       => "subscription",
+                    "attributes" => [
+                        "incomplete"         => false,
+                        "active"             => true,
+                        "canceled"           => false,
+                        "name"               => "Business Packs",
+                        "capacity"           => 1000,
+                        "capacity_formatted" => "1TB",
+                        "slug"               => "business-pack",
+                        "canceled_at"        => format_date(now(), '%d. %B. %Y'),
+                        "created_at"         => format_date(now(), '%d. %B. %Y'),
+                        "ends_at"            => format_date(now()->addMonth(), '%d. %B. %Y'),
+                    ]
+                ]
+            ]);
+    }
+
+    /**
+     *
+     */
+    public function it_get_user_invoices()
+    {
+        $user = User::factory(User::class)
+            ->create($this->user);
+
+        Sanctum::actingAs($user);
+
+        $this->postJson('/api/user/subscription/upgrade', [
+            'billing' => $this->billing,
+            'plan'    => $this->plan,
+            'payment' => [
+                'type' => 'stripe',
+            ],
+        ])->assertStatus(204);
+
+        $this->getJson('/api/user/invoices')
+            ->assertStatus(200)
+            ->assertJsonFragment([
+                'customer' => $this->user['stripe_id']
+            ]);
+    }
+
+    /**
+     *
+     */
+    public function it_get_user_subscription_from_admin()
+    {
+        $user = User::factory(User::class)
+            ->create($this->user);
+
+        Sanctum::actingAs($user);
+
+        $this->postJson('/api/user/subscription/upgrade', [
+            'billing' => $this->billing,
+            'plan'    => $this->plan,
+            'payment' => [
+                'type' => 'stripe',
+            ],
+        ])->assertStatus(204);
+
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $this->getJson("/api/admin/users/$user->id/subscription")
+            ->assertStatus(200)
+            ->assertExactJson([
+                "data" => [
+                    "id"         => "business-pack",
+                    "type"       => "subscription",
+                    "attributes" => [
+                        "incomplete"         => false,
+                        "active"             => true,
+                        "canceled"           => false,
+                        "name"               => "Business Packs",
+                        "capacity"           => 1000,
+                        "capacity_formatted" => "1TB",
+                        "slug"               => "business-pack",
+                        "canceled_at"        => format_date(now(), '%d. %B. %Y'),
+                        "created_at"         => format_date(now(), '%d. %B. %Y'),
+                        "ends_at"            => format_date(now()->addMonth(), '%d. %B. %Y'),
+                    ]
+                ]
+            ]);
+    }
+
+    /**
+     *
+     */
+    public function it_store_stripe_plans_via_setup_wizard()
+    {
+        $this->postJson('/api/setup/stripe-plans', [
+            'plans' => [
+                [
+                    'type'       => 'plan',
+                    'attributes' => [
+                        'name'        => 'test-plan-' . Str::random(16),
+                        'price'       => (string)rand(1, 99),
+                        'description' => 'Some random description',
+                        'capacity'    => rand(1, 999),
+                    ],
+                ],
+                [
+                    'type'       => 'plan',
+                    'attributes' => [
+                        'name'        => 'test-plan-' . Str::random(16),
+                        'price'       => (string)rand(1, 99),
+                        'description' => 'Some random description',
+                        'capacity'    => rand(1, 999),
+                    ],
+                ],
+            ]
+        ])->assertStatus(204);
+    }
+
+    /**
+     *
+     */
+    public function it_delete_single_plan()
+    {
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $plan_name = 'test-plan-' . Str::random(16);
+
+        $this->postJson('/api/admin/plans', [
+            'type'       => 'plan',
+            'attributes' => [
+                'name'        => $plan_name,
+                'price'       => (string)rand(1, 99),
+                'description' => 'Some random description',
+                'capacity'    => rand(1, 999),
+            ],
+        ])
+            ->assertStatus(201)
+            ->assertJsonFragment([
+                'name' => $plan_name
+            ]);
+
+        $this->deleteJson("/api/admin/plans/" . strtolower($plan_name))
+            ->assertStatus(204);
+    }
+
+    /**
+     *
+     */
+    public function it_update_single_plan_from_admin()
+    {
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $plan_name = 'test-plan-' . Str::random(16);
+
+        $this->postJson('/api/admin/plans', [
+            'type'       => 'plan',
+            'attributes' => [
+                'name'        => $plan_name,
+                'price'       => (string)rand(1, 99),
+                'description' => 'Some random description',
+                'capacity'    => rand(1, 999),
+            ],
+        ])
+            ->assertStatus(201)
+            ->assertJsonFragment([
+                'name' => $plan_name
+            ]);
+
+        $this->patchJson("/api/admin/plans/" . strtolower($plan_name), [
+            'name'  => 'description',
+            'value' => 'updated description'
+        ])->assertStatus(201);
+    }
+
+    /**
+     *
+     */
+    public function it_get_subscribers_from_plan_from_admin()
+    {
+        $user = User::factory(User::class)
+            ->create($this->user);
+
+        Sanctum::actingAs($user);
+
+        $this->postJson('/api/user/subscription/upgrade', [
+            'billing' => $this->billing,
+            'plan'    => $this->plan,
+            'payment' => [
+                'type' => 'stripe',
+            ],
+        ])->assertStatus(204);
+
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $this->getJson('/api/admin/plans/' . $this->plan['data']['id'] . '/subscribers')
+            ->assertStatus(200)
+            ->assertJsonFragment([
+                'id' => $user->id
+            ]);
+    }
+
+    /**
+     *
+     */
+    public function it_get_all_invoices_from_admin()
+    {
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $this->getJson("/api/admin/invoices")
+            ->assertStatus(200);
+    }
+
+    /**
+     *
+     */
+    public function it_get_single_user_invoice_page_from_admin()
+    {
+        $user = User::factory(User::class)
+            ->create($this->user);
+
+        Sanctum::actingAs($user);
+
+        $invoices = $this->getJson('/api/user/invoices')
+            ->assertStatus(200)
+            ->assertJsonFragment([
+                'customer' => $this->user['stripe_id']
+            ]);
+
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $invoice_id = json_decode($invoices->content(), true)['data'][0]['data']['id'];
+
+        $this->get("/invoice/{$this->user['stripe_id']}/$invoice_id")
+            ->assertStatus(200)
+            ->assertSee('Invoice');
+    }
+
+    /**
+     *
+     */
+    public function it_get_user_invoices_from_admin()
+    {
+        $user = User::factory(User::class)
+            ->create($this->user);
+
+        Sanctum::actingAs($user);
+
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $this->getJson("/api/admin/users/$user->id/invoices")
+            ->assertStatus(200)
+            ->assertJsonFragment([
+                'customer' => $this->user['stripe_id']
+            ]);
+    }
+
+    /**
+     *
+     */
+    public function it_get_all_plans_from_admin()
+    {
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $this->getJson('/api/admin/plans')
+            ->assertStatus(200);
+    }
+
+    /**
+     *
+     */
+    public function it_get_all_plans_for_index_page()
+    {
+        $this->getJson('/api/pricing')
+            ->assertStatus(200);
+    }
+
+    /**
+     *
+     */
+    public function it_get_single_plan_from_admin()
+    {
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $this->getJson('/api/admin/plans/' . $this->plan['data']['id'])
+            ->assertStatus(200);
+    }
+
+    /**
+     *
+     */
+    public function it_create_single_plan_from_admin()
+    {
+        $admin = User::factory(User::class)
+            ->create(['role' => 'admin']);
+
+        Sanctum::actingAs($admin);
+
+        $plan_name = 'test-plan-' . Str::random(16);
+
+        $this->postJson('/api/admin/plans', [
+            'type'       => 'plan',
+            'attributes' => [
+                'name'        => $plan_name,
+                'price'       => (string)rand(1, 99),
+                'description' => 'Some random description',
+                'capacity'    => rand(1, 999),
+            ],
+        ])
+            ->assertStatus(201)
+            ->assertJsonFragment([
+                'name' => $plan_name
+            ]);
+    }
+}
--- a/tests/Domain/Trash/TrashTest.php
+++ b/tests/Domain/Trash/TrashTest.php
@@ -0,0 +1,130 @@
+<?php
+
+namespace Tests\Feature\FileManager;
+
+use App\Models\File;
+use App\Models\Folder;
+use App\Models\User;
+use App\Services\SetupService;
+use Illuminate\Http\UploadedFile;
+use Laravel\Sanctum\Sanctum;
+use Storage;
+use Tests\TestCase;
+
+class TrashTest extends TestCase
+{
+    public function __construct()
+    {
+        parent::__construct();
+        $this->setup = app()->make(SetupService::class);
+    }
+
+    /**
+     * @test
+     */
+    public function it_restore_items_from_trash()
+    {
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $attributes = [
+            'user_id'    => $user->id,
+            'deleted_at' => now(),
+        ];
+
+        $folder = Folder::factory(Folder::class)
+            ->create($attributes);
+
+        $file = File::factory(File::class)
+            ->create($attributes);
+
+        $this->postJson("/api/trash/restore", [
+            'items' => [
+                [
+                    'id'   => $file->id,
+                    'type' => 'file',
+                ],
+                [
+                    'id'   => $folder->id,
+                    'type' => 'folder',
+                ],
+            ],
+        ])->assertStatus(204);
+
+        $this->assertDatabaseHas('files', [
+            'deleted_at' => null
+        ]);
+
+        $this->assertDatabaseHas('folders', [
+            'deleted_at' => null
+        ]);
+    }
+
+    /**
+     * @test
+     */
+    public function it_dump_trash()
+    {
+        $this->setup->create_directories();
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $folder = Folder::factory(Folder::class)
+            ->create([
+                'user_id' => $user->id
+            ]);
+
+        $image = UploadedFile::fake()
+            ->image('fake-image.jpg');
+
+        $this->postJson('/api/upload', [
+            'filename'  => $image->name,
+            'file'      => $image,
+            'folder_id' => null,
+            'is_last'   => true,
+        ])->assertStatus(201);
+
+        $file = File::first();
+
+        $this->postJson("/api/remove", [
+            'items' => [
+                [
+                    'id'           => $file->id,
+                    'type'         => 'file',
+                    'force_delete' => false,
+                ],
+                [
+                    'id'           => $folder->id,
+                    'type'         => 'folder',
+                    'force_delete' => false,
+                ],
+            ],
+        ])->assertStatus(204);
+
+        $this->deleteJson("/api/trash/dump")
+            ->assertStatus(204);
+
+        $this->assertDatabaseMissing('files', [
+            'id' => $file->id
+        ]);
+
+        $this->assertDatabaseMissing('folders', [
+            'id' => $folder->id
+        ]);
+
+        $disk = Storage::disk('local');
+
+        $disk->assertMissing(
+            "files/$user->id/fake-image.jpg"
+        );
+
+        $disk->assertMissing(
+            "files/$user->id/thumbnail-fake-image.jpg"
+        );
+    }
+}