Merge branch 'develop'

deactivate for now
more nginx testing
2025-12-25 11:19:39 -05:00 · 2025-09-24 19:11:01 +02:00 · 2025-09-24 18:56:45 +02:00 · 2025-09-24 18:49:29 +02:00 · 2025-09-24 18:34:53 +02:00 · 2025-09-24 18:31:02 +02:00
335 changed files with 57407 additions and 46329 deletions
--- a/.devcontainer/Dockerfile
+++ b/.devcontainer/Dockerfile
@@ -1,12 +1,7 @@
-FROM python:3.10-alpine3.18
+FROM python:3.13-alpine3.22

 #Install all dependencies.
-RUN apk add --no-cache postgresql-libs postgresql-client gettext zlib libjpeg libwebp libxml2-dev libxslt-dev openldap git yarn
-
-# Fix libxml error from xmlsec https://github.com/xmlsec/python-xmlsec/issues/257#issuecomment-1738620862
-RUN echo "https://dl-cdn.alpinelinux.org/alpine/v3.15/community/" | tee -a /etc/apk/repositories
-RUN echo "https://dl-cdn.alpinelinux.org/alpine/v3.15/main" | tee -a /etc/apk/repositories
-RUN apk add --no-cache libxml2-dev=2.9.14-r2  xmlsec-dev=1.2.33-r0
+RUN apk add --no-cache postgresql-libs postgresql-client gettext zlib libjpeg libwebp libxml2-dev libxslt-dev openldap git yarn libgcc libstdc++ nginx tini envsubst nodejs npm

 #Print all logs without buffering it.
 ENV PYTHONUNBUFFERED 1
@@ -24,8 +19,10 @@ RUN \
    if [ `apk --print-arch` = "armv7" ]; then \
    printf "[global]\nextra-index-url=https://www.piwheels.org/simple\n" > /etc/pip.conf ; \
    fi
-RUN apk add --no-cache --virtual .build-deps gcc musl-dev postgresql-dev zlib-dev jpeg-dev libwebp-dev openssl-dev libffi-dev cargo openldap-dev python3-dev && \
-    echo -n "INPUT ( libldap.so )" > /usr/lib/libldap_r.so && \
-    pip3 --disable-pip-version-check --no-cache-dir install -r /tmp/pip-tmp/requirements.txt && \
-    rm -rf /tmp/pip-tmp && \
+RUN apk add --no-cache --virtual .build-deps gcc musl-dev postgresql-dev zlib-dev jpeg-dev libwebp-dev openssl-dev libffi-dev cargo openldap-dev python3-dev xmlsec-dev xmlsec build-base g++ curl rust && \
+    python -m pip install --upgrade pip && \
+    pip debug -v && \
+    pip install wheel==0.45.1 && \
+    pip install setuptools_rust==1.10.2 && \
+    pip install -r /tmp/pip-tmp/requirements.txt --no-cache-dir &&\
    apk --purge del .build-deps
--- a/.github/workflows/build-docker.yml
+++ b/.github/workflows/build-docker.yml
@@ -21,7 +21,7 @@ jobs:
            suffix: ""
            continue-on-error: false
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5

      - name: Get version number
        id: get_version
@@ -107,7 +107,7 @@ jobs:
      - name: Discord notification
        env:
          DISCORD_WEBHOOK: ${{ secrets.DISCORD_RELEASE_WEBHOOK }}
-        uses: Ilshidur/action-discord@0.3.2
+        uses: Ilshidur/action-discord@0.4.0
        with:
          args: '🚀 Version {{ VERSION }} of tandoor has been released 🥳 Check it out https://github.com/vabene1111/recipes/releases/tag/{{ VERSION }}'

@@ -121,6 +121,6 @@ jobs:
      - name: Discord notification
        env:
          DISCORD_WEBHOOK: ${{ secrets.DISCORD_BETA_WEBHOOK }}
-        uses: Ilshidur/action-discord@0.3.2
+        uses: Ilshidur/action-discord@0.4.0
        with:
          args: '🚀 The Tandoor 2 Image has been updated! 🥳'
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -12,8 +12,8 @@ jobs:
                python-version: ["3.12"]
                node-version: ["22"]
        steps:
-            - uses: actions/checkout@v4
-            - uses: awalsh128/cache-apt-pkgs-action@v1.4.3
+            - uses: actions/checkout@v5
+            - uses: awalsh128/cache-apt-pkgs-action@v1.5.3
              with:
                  packages: libsasl2-dev python3-dev libxml2-dev libxmlsec1-dev libxslt-dev libxmlsec1-openssl libxslt-dev libldap2-dev libssl-dev gcc musl-dev postgresql-dev zlib-dev jpeg-dev libwebp-dev openssl-dev libffi-dev cargo openldap-dev python3-dev xmlsec-dev xmlsec build-base g++ curl
                  version: 1.0
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -12,7 +12,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          # We must fetch at least the immediate parents so that if this is
          # a pull request then we can checkout the head.
--- a/.github/workflows/docs.yml
+++ b/.github/workflows/docs.yml
@@ -12,7 +12,7 @@ jobs:
    if: github.repository_owner == 'TandoorRecipes' && ${{ github.event.workflow_run.conclusion == 'success' }}
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - uses: actions/setup-python@v5
        with:
          python-version: 3.x
--- a/.gitignore
+++ b/.gitignore
@@ -91,3 +91,4 @@ cookbook/static/vue3
 vue3/node_modules
 cookbook/tests/other/docs/reports/tests/tests.html
 cookbook/tests/other/docs/reports/tests/pytest.xml
+vue3/src/plugins
--- a/.vscode/tasks.json
+++ b/.vscode/tasks.json
@@ -14,28 +14,16 @@
    },
    {
      "label": "Setup Dev Server",
-      "dependsOn": ["Run Migrations", "Yarn Build"]
+      "dependsOn": ["Run Migrations"]
    },
    {
      "label": "Run Dev Server",
-      "type": "shell",
+      "type": "shell", 
      "dependsOn": ["Setup Dev Server"],
-      "command": "python3 manage.py runserver"
+      "command": "DEBUG=1 python3 manage.py runserver"
    },
    {
      "label": "Yarn Install",
-      "dependsOn": ["Yarn Install - Vue", "Yarn Install - Vue3"]
-    },
-    {
-      "label": "Yarn Install - Vue",
-      "type": "shell",
-      "command": "yarn install --force",
-      "options": {
-        "cwd": "${workspaceFolder}/vue"
-      }
-    },
-    {
-      "label": "Yarn Install - Vue3",
      "type": "shell",
      "command": "yarn install --force",
      "options": {
@@ -44,18 +32,6 @@
    },
    {
      "label": "Generate API",
-      "dependsOn": ["Generate API - Vue", "Generate API - Vue3"]
-    },
-    {
-      "label": "Generate API - Vue",
-      "type": "shell",
-      "command": "openapi-generator-cli generate -g typescript-axios -i http://127.0.0.1:8000/openapi/",
-      "options": {
-        "cwd": "${workspaceFolder}/vue/src/utils/openapi"
-      }
-    },
-    {
-      "label": "Generate API - Vue3",
      "type": "shell",
      "command": "openapi-generator-cli generate -g typescript-fetch -i http://127.0.0.1:8000/openapi/",
      "options": {
@@ -63,43 +39,19 @@
      }
    },
    {
-      "label": "Yarn Serve",
+      "label": "Yarn Dev",
      "type": "shell",
-      "command": "yarn serve",
-      "dependsOn": ["Yarn Install - Vue"],
-      "options": {
-        "cwd": "${workspaceFolder}/vue"
-      }
-    },
-    {
-      "label": "Vite Serve",
-      "type": "shell",
-      "command": "vite",
-      "dependsOn": ["Yarn Install - Vue3"],
+      "command": "yarn dev",
+      "dependsOn": ["Yarn Install"],
      "options": {
        "cwd": "${workspaceFolder}/vue3"
      }
    },
    {
      "label": "Yarn Build",
-      "dependsOn": ["Yarn Build - Vue", "Vite Build - Vue3"],
-      "group": "build"
-    },
-    {
-      "label": "Yarn Build - Vue",
      "type": "shell",
      "command": "yarn build",
-      "dependsOn": ["Yarn Install - Vue"],
-      "options": {
-        "cwd": "${workspaceFolder}/vue"
-      },
-      "group": "build"
-    },
-    {
-      "label": "Vite Build - Vue3",
-      "type": "shell",
-      "command": "vite build",
-      "dependsOn": ["Yarn Install - Vue3"],
+      "dependsOn": ["Yarn Install"],
      "options": {
        "cwd": "${workspaceFolder}/vue3"
      },
--- a/29
+++ b/29
@@ -1,12 +1,11 @@
-FROM python:3.13-alpine3.21
+FROM python:3.13-alpine3.22

 #Install all dependencies.
-RUN apk add --no-cache postgresql-libs postgresql-client gettext zlib libjpeg libwebp libxml2-dev libxslt-dev openldap git libgcc libstdc++ nginx
+RUN apk add --no-cache postgresql-libs postgresql-client gettext zlib libjpeg libwebp libxml2-dev libxslt-dev openldap git libgcc libstdc++ nginx tini envsubst nodejs npm

 #Print all logs without buffering it.
-ENV PYTHONUNBUFFERED 1
-
-ENV DOCKER true
+ENV PYTHONUNBUFFERED=1 \
+    DOCKER=true

 #This port will be used by gunicorn.
 EXPOSE 80 8080
@@ -17,23 +16,14 @@ WORKDIR /opt/recipes

 COPY requirements.txt ./

-RUN \
-    if [ `apk --print-arch` = "armv7" ]; then \
-    printf "[global]\nextra-index-url=https://www.piwheels.org/simple\n" > /etc/pip.conf ; \
-    fi
-
 # remove Development dependencies from requirements.txt
 RUN sed -i '/# Development/,$d' requirements.txt
-RUN apk add --no-cache --virtual .build-deps gcc musl-dev postgresql-dev zlib-dev jpeg-dev libwebp-dev openssl-dev libffi-dev cargo openldap-dev python3-dev xmlsec-dev xmlsec build-base g++ curl && \
-    echo -n "INPUT ( libldap.so )" > /usr/lib/libldap_r.so && \
+RUN apk add --no-cache --virtual .build-deps gcc musl-dev postgresql-dev zlib-dev jpeg-dev libwebp-dev openssl-dev libffi-dev cargo openldap-dev python3-dev xmlsec-dev xmlsec build-base g++ curl rust && \
    python -m venv venv && \
    /opt/recipes/venv/bin/python -m pip install --upgrade pip && \
    venv/bin/pip debug -v && \
    venv/bin/pip install wheel==0.45.1 && \
    venv/bin/pip install setuptools_rust==1.10.2 && \
-    if [ `apk --print-arch` = "aarch64" ]; then \
-    curl https://sh.rustup.rs -sSf | sh -s -- -y; \
-    fi &&\
    venv/bin/pip install -r requirements.txt --no-cache-dir &&\
    apk --purge del .build-deps

@@ -41,8 +31,11 @@ RUN apk add --no-cache --virtual .build-deps gcc musl-dev postgresql-dev zlib-de
 COPY . ./

 # delete default nginx config and link it to tandoors config
-RUN rm -rf /etc/nginx/http.d
-RUN ln -s /opt/recipes/http.d /etc/nginx/http.d
+# create symlinks to access and error log to show them on stdout
+RUN rm -rf /etc/nginx/http.d && \
+    ln -s /opt/recipes/http.d /etc/nginx/http.d && \
+    ln -sf /dev/stdout /var/log/nginx/access.log && \
+    ln -sf /dev/stderr /var/log/nginx/error.log

 # commented for now https://github.com/TandoorRecipes/recipes/issues/3478
 #HEALTHCHECK --interval=30s \
@@ -57,4 +50,4 @@ RUN /opt/recipes/venv/bin/python version.py
 RUN find . -type d -name ".git" | xargs rm -rf

 RUN chmod +x boot.sh
-ENTRYPOINT ["/opt/recipes/boot.sh"]
+ENTRYPOINT ["/sbin/tini", "--", "/opt/recipes/boot.sh"]
--- a/README.md
+++ b/README.md
@@ -15,14 +15,15 @@
 <a href="https://discord.gg/RhzBrfWgtp" target="_blank" rel="noopener noreferrer"><img src="https://badgen.net/badge/icon/discord?icon=discord&label" ></a>
 <a href="https://hub.docker.com/r/vabene1111/recipes" target="_blank" rel="noopener noreferrer"><img src="https://img.shields.io/docker/pulls/vabene1111/recipes" ></a>
 <a href="https://github.com/vabene1111/recipes/releases/latest" rel="noopener noreferrer"><img src="https://img.shields.io/github/v/release/vabene1111/recipes" ></a>
-<a href="https://app.tandoor.dev/accounts/login/?demo" rel="noopener noreferrer"><img src="https://img.shields.io/badge/demo-available-success" ></a>
+<a href="https://app.tandoor.dev/e/demo-auto-login/" rel="noopener noreferrer"><img src="https://img.shields.io/badge/demo-available-success" ></a>
 </p>

 <p align="center">
 <a href="https://tandoor.dev" target="_blank" rel="noopener noreferrer">Website</a> •
 <a href="https://docs.tandoor.dev/install/docker/" target="_blank" rel="noopener noreferrer">Installation</a> •
 <a href="https://docs.tandoor.dev/" target="_blank" rel="noopener noreferrer">Docs</a> •
-<a href="https://app.tandoor.dev/accounts/login/?demo" target="_blank" rel="noopener noreferrer">Demo</a> •
+<a href="https://app.tandoor.dev/e/demo-auto-login/" target="_blank" rel="noopener noreferrer">Demo</a> •
+<a href="https://community.tandoor.dev" target="_blank" rel="noopener noreferrer">Community</a> •
 <a href="https://discord.gg/RhzBrfWgtp" target="_blank" rel="noopener noreferrer">Discord</a>
 </p>

@@ -81,13 +82,13 @@ Share some information on how you use Tandoor to help me improve the application

 <table>
  <tr>
-    <td><a href="https://discord.gg/RhzBrfWgtp">Discord</a></td>
-    <td>We have a public Discord server that anyone can join. This is where all our developers and contributors hang out and where we make announcements</td>
+    <td><a href="https://community.tandoor.dev">Community</a></td>
+    <td>Get support, share best practices, discuss feature ideas, and meet other Tandoor users.</td>
  </tr>

  <tr>
-    <td><a href="https://twitter.com/TandoorRecipes">Twitter</a></td>
-    <td>You can follow our Twitter account to get updates on new features or releases</td>
+    <td><a href="https://discord.gg/RhzBrfWgtp">Discord</a></td>
+    <td>We have a public Discord server that anyone can join. This is where all our developers and contributors hang out and where we make announcements</td>
  </tr>
 </table>

--- a/boot.sh
+++ b/boot.sh
@@ -1,11 +1,17 @@
 #!/bin/sh
 source venv/bin/activate

-TANDOOR_PORT="${TANDOOR_PORT:-8080}"
+# these are envsubst in the nginx config, make sure they default to something sensible when unset
+export TANDOOR_PORT="${TANDOOR_PORT:-8080}"
+export MEDIA_ROOT=${MEDIA_ROOT:-/opt/recipes/mediafiles};
+export STATIC_ROOT=${STATIC_ROOT:-/opt/recipes/staticfiles};
+
 GUNICORN_WORKERS="${GUNICORN_WORKERS:-3}"
 GUNICORN_THREADS="${GUNICORN_THREADS:-2}"
 GUNICORN_LOG_LEVEL="${GUNICORN_LOG_LEVEL:-'info'}"

+PLUGINS_BUILD="${PLUGINS_BUILD:-0}"
+
 if [ "${TANDOOR_PORT}" -eq 80 ]; then
    echo "TANDOOR_PORT set to 8080 because 80 is now taken by the integrated nginx"
    TANDOOR_PORT=8080
@@ -16,6 +22,14 @@ display_warning() {
    echo -e "$1"
 }

+# prepare nginx config
+envsubst '$MEDIA_ROOT $STATIC_ROOT $TANDOOR_PORT' < /opt/recipes/http.d/Recipes.conf.template > /opt/recipes/http.d/Recipes.conf
+
+# start nginx early to display error pages
+echo "Starting nginx"
+nginx
+
+
 echo "Checking configuration..."

 # SECRET_KEY (or a valid file at SECRET_KEY_FILE) must be set in .env file
@@ -78,23 +92,23 @@ echo "Database is ready"

 echo "Migrating database"

-
 python manage.py migrate

+if [ "${PLUGINS_BUILD}" -eq 1 ]; then
+    echo "Running yarn build at startup because PLUGINS_BUILD is enabled"
+    python plugin.py
+fi
+
 echo "Collecting static files, this may take a while..."

-python manage.py collectstatic --noinput
+python manage.py collectstatic --noinput --clear

 echo "Done"

-chmod -R 755 /opt/recipes/mediafiles
+chmod -R 755 ${MEDIA_ROOT:-/opt/recipes/mediafiles}

 ipv6_disable=$(cat /sys/module/ipv6/parameters/disable)

-# start nginx
-echo "Starting nginx"
-nginx
-
 echo "Starting gunicorn"
 # Check if IPv6 is enabled, only then run gunicorn with ipv6 support
 if [ "$ipv6_disable" -eq 0 ]; then
--- a/cookbook/admin.py
+++ b/cookbook/admin.py
@@ -17,7 +17,7 @@ from .models import (BookmarkletImport, Comment, CookLog, CustomFilter, Food, Im
                     ShoppingListEntry, ShoppingListRecipe, Space, Step, Storage,
                     Supermarket, SupermarketCategory, SupermarketCategoryRelation, Sync, SyncLog,
                     TelegramBot, Unit, UnitConversion, UserFile, UserPreference, UserSpace,
-                     ViewLog, ConnectorConfig)
+                     ViewLog, ConnectorConfig, AiProvider, AiLog)

 admin.site.login = secure_admin_login(admin.site.login)

@@ -90,6 +90,20 @@ class SearchPreferenceAdmin(admin.ModelAdmin):
 admin.site.register(SearchPreference, SearchPreferenceAdmin)


+class AiProviderAdmin(admin.ModelAdmin):
+    list_display = ('name', 'space', 'model_name',)
+    search_fields = ('name', 'space', 'model_name',)
+
+
+admin.site.register(AiProvider, AiProviderAdmin)
+
+
+class AiLogAdmin(admin.ModelAdmin):
+    list_display = ('ai_provider', 'function', 'credit_cost', 'created_by', 'created_at',)
+
+admin.site.register(AiLog, AiLogAdmin)
+
+
 class StorageAdmin(admin.ModelAdmin):
    list_display = ('name', 'method')
    search_fields = ('name',)
--- a/cookbook/forms.py
+++ b/cookbook/forms.py
@@ -26,6 +26,7 @@ class ImportExportBase(forms.Form):
    PAPRIKA = 'PAPRIKA'
    NEXTCLOUD = 'NEXTCLOUD'
    MEALIE = 'MEALIE'
+    MEALIE1 = 'MEALIE1'
    CHOWDOWN = 'CHOWDOWN'
    SAFFRON = 'SAFFRON'
    CHEFTAP = 'CHEFTAP'
@@ -46,7 +47,7 @@ class ImportExportBase(forms.Form):
    PDF = 'PDF'
    GOURMET = 'GOURMET'

-    type = forms.ChoiceField(choices=((DEFAULT, _('Default')), (PAPRIKA, 'Paprika'), (NEXTCLOUD, 'Nextcloud Cookbook'), (MEALIE, 'Mealie'), (CHOWDOWN, 'Chowdown'),
+    type = forms.ChoiceField(choices=((DEFAULT, _('Default')), (PAPRIKA, 'Paprika'), (NEXTCLOUD, 'Nextcloud Cookbook'), (MEALIE, 'Mealie'), (MEALIE1, 'Mealie1'), (CHOWDOWN, 'Chowdown'),
                                      (SAFFRON, 'Saffron'), (CHEFTAP, 'ChefTap'), (PEPPERPLATE, 'Pepperplate'), (RECETTETEK, 'RecetteTek'), (RECIPESAGE, 'Recipe Sage'),
                                      (DOMESTICA, 'Domestica'), (MEALMASTER, 'MealMaster'), (REZKONV, 'RezKonv'), (OPENEATS, 'Openeats'), (RECIPEKEEPER, 'Recipe Keeper'),
                                      (PLANTOEAT, 'Plantoeat'), (COOKBOOKAPP, 'CookBookApp'), (COPYMETHAT, 'CopyMeThat'), (PDF, 'PDF'), (MELARECIPES, 'Melarecipes'),
@@ -75,6 +76,11 @@ class ImportForm(ImportExportBase):
    files = MultipleFileField(required=True)
    duplicates = forms.BooleanField(help_text=_('To prevent duplicates recipes with the same name as existing ones are ignored. Check this box to import everything.'),
                                    required=False)
+    meal_plans = forms.BooleanField(required=False)
+    shopping_lists = forms.BooleanField(required=False)
+    nutrition_per_serving = forms.BooleanField(required=False) # some managers (e.g. mealie) do not specify what the nutrition's relate to so we let the user choose
+
+
 class ExportForm(ImportExportBase):
    recipes = forms.ModelMultipleChoiceField(widget=MultiSelectWidget, queryset=Recipe.objects.none(), required=False)
    all = forms.BooleanField(required=False)
--- a/cookbook/helper/ai_helper.py
+++ b/cookbook/helper/ai_helper.py
@@ -0,0 +1,85 @@
+from decimal import Decimal
+
+from django.utils import timezone
+from django.db.models import Sum
+from litellm import CustomLogger
+
+from cookbook.models import AiLog
+from recipes import settings
+
+
+def get_monthly_token_usage(space):
+    """
+    returns the number of credits the space has used in the current month
+    """
+    token_usage = AiLog.objects.filter(space=space, credits_from_balance=False, created_at__month=timezone.now().month).aggregate(Sum('credit_cost'))['credit_cost__sum']
+    if token_usage is None:
+        token_usage = 0
+    return token_usage
+
+
+def has_monthly_token(space):
+    """
+    checks if the monthly credit limit has been exceeded
+    """
+    return get_monthly_token_usage(space) < space.ai_credits_monthly
+
+
+def can_perform_ai_request(space):
+    return (has_monthly_token(space) or space.ai_credits_balance > 0) and space.ai_enabled
+
+
+class AiCallbackHandler(CustomLogger):
+    space = None
+    user = None
+    ai_provider = None
+    function = None
+
+    def __init__(self, space, user, ai_provider, function):
+        super().__init__()
+        self.space = space
+        self.user = user
+        self.ai_provider = ai_provider
+        self.function = function
+
+    def log_pre_api_call(self, model, messages, kwargs):
+        pass
+
+    def log_post_api_call(self, kwargs, response_obj, start_time, end_time):
+        pass
+
+    def log_success_event(self, kwargs, response_obj, start_time, end_time):
+        self.create_ai_log(kwargs, response_obj, start_time, end_time)
+
+    def log_failure_event(self, kwargs, response_obj, start_time, end_time):
+        self.create_ai_log(kwargs, response_obj, start_time, end_time)
+
+    def create_ai_log(self, kwargs, response_obj, start_time, end_time):
+        credit_cost = 0
+        credits_from_balance = False
+        if self.ai_provider.log_credit_cost:
+            credit_cost = kwargs.get("response_cost", 0) * 100
+
+        if (not has_monthly_token(self.space)) and self.space.ai_credits_balance > 0:
+            remaining_balance = self.space.ai_credits_balance - Decimal(str(credit_cost))
+            if remaining_balance < 0:
+                remaining_balance = 0
+                if settings.HOSTED and self.space.ai_credits_monthly == 0:
+                    self.space.ai_enabled = False
+
+            self.space.ai_credits_balance = remaining_balance
+            credits_from_balance = True
+            self.space.save()
+
+        AiLog.objects.create(
+            created_by=self.user,
+            space=self.space,
+            ai_provider=self.ai_provider,
+            start_time=start_time,
+            end_time=end_time,
+            input_tokens=response_obj['usage']['prompt_tokens'],
+            output_tokens=response_obj['usage']['completion_tokens'],
+            function=self.function,
+            credit_cost=credit_cost,
+            credits_from_balance=credits_from_balance,
+        )
--- a/cookbook/helper/batch_edit_helper.py
+++ b/cookbook/helper/batch_edit_helper.py
@@ -0,0 +1,22 @@
+def add_to_relation(relation_model, base_field_name, base_ids, related_field_name, related_ids):
+    """
+    given a model, the base and related field and the base and related ids, bulk create relation objects
+    """
+    relation_objects = []
+    for b in base_ids:
+        for r in related_ids:
+            relation_objects.append(relation_model(**{base_field_name: b, related_field_name: r}))
+    relation_model.objects.bulk_create(relation_objects, ignore_conflicts=True, unique_fields=(base_field_name, related_field_name,))
+
+
+def remove_from_relation(relation_model, base_field_name, base_ids, related_field_name, related_ids):
+    relation_model.objects.filter(**{f'{base_field_name}__in': base_ids, f'{related_field_name}__in': related_ids}).delete()
+
+
+def remove_all_from_relation(relation_model, base_field_name, base_ids):
+    relation_model.objects.filter(**{f'{base_field_name}__in': base_ids}).delete()
+
+
+def set_relation(relation_model, base_field_name, base_ids, related_field_name, related_ids):
+    remove_all_from_relation(relation_model, base_field_name, base_ids)
+    add_to_relation(relation_model, base_field_name, base_ids, related_field_name, related_ids)
--- a/cookbook/helper/image_processing.py
+++ b/cookbook/helper/image_processing.py
@@ -37,7 +37,7 @@ def get_filetype(name):

 def is_file_type_allowed(filename, image_only=False):
    is_file_allowed = False
-    allowed_file_types = ['.pdf', '.docx', '.xlsx', '.css']
+    allowed_file_types = ['.pdf', '.docx', '.xlsx', '.css', '.mp4', '.mov']
    allowed_image_types = ['.png', '.jpg', '.jpeg', '.gif', '.webp']
    check_list = allowed_image_types
    if not image_only:
@@ -77,6 +77,8 @@ def handle_image(request, image_object, filetype):
        file_format = 'JPEG'
    if filetype == '.png':
        file_format = 'PNG'
+    if filetype == '.webp':
+        file_format = 'WEBP'

    if (image_object.size / 1000) > 500:  # if larger than 500 kb compress
        if filetype == '.jpeg' or filetype == '.jpg':
--- a/cookbook/helper/open_data_importer.py
+++ b/cookbook/helper/open_data_importer.py
@@ -51,10 +51,10 @@ class OpenDataImporter:
        for field in field_list:
            if isinstance(getattr(obj, field), float) or isinstance(getattr(obj, field), Decimal):
                if abs(float(getattr(obj, field)) - float(existing_obj[field])) > 0.001:  # convert both to float and check if basically equal
-                    print(f'comparing FLOAT {obj} failed because field {field} is not equal ({getattr(obj, field)} != {existing_obj[field]})')
+                    #print(f'comparing FLOAT {obj} failed because field {field} is not equal ({getattr(obj, field)} != {existing_obj[field]})')
                    return False
            elif getattr(obj, field) != existing_obj[field]:
-                print(f'comparing {obj} failed because field {field} is not equal ({getattr(obj, field)} != {existing_obj[field]})')
+                #print(f'comparing {obj} failed because field {field} is not equal ({getattr(obj, field)} != {existing_obj[field]})')
                return False
        return True

@@ -342,7 +342,7 @@ class OpenDataImporter:
                'name': self.data[datatype][k]['name'],
                'plural_name': self.data[datatype][k]['plural_name'] if self.data[datatype][k]['plural_name'] != '' else None,
                'supermarket_category_id': self.slug_id_cache['category'][self.data[datatype][k]['store_category']] if self.data[datatype][k]['store_category'] in self.slug_id_cache['category'] else None,
-                'fdc_id': re.sub(r'\D', '', self.data[datatype][k]['fdc_id']) if self.data[datatype][k]['fdc_id'] != '' else None,
+                'fdc_id': re.sub(r'\D', '', str(self.data[datatype][k]['fdc_id'])) if self.data[datatype][k]['fdc_id'] != '' else None,
                'open_data_slug': k,
                'properties_food_unit_id': None,
                'space_id': self.request.space.id,
--- a/cookbook/helper/permission_helper.py
+++ b/cookbook/helper/permission_helper.py
@@ -3,17 +3,19 @@ import inspect
 from django.conf import settings
 from django.contrib import messages
 from django.contrib.auth.decorators import user_passes_test
+from django.contrib.auth.models import Group
 from django.core.cache import cache
 from django.core.exceptions import ObjectDoesNotExist, ValidationError
 from django.http import HttpResponseRedirect
 from django.urls import reverse, reverse_lazy
 from django.utils.translation import gettext as _
+from django_scopes import scopes_disabled
 from oauth2_provider.contrib.rest_framework import TokenHasReadWriteScope, TokenHasScope
 from oauth2_provider.models import AccessToken
 from rest_framework import permissions
 from rest_framework.permissions import SAFE_METHODS
-
-from cookbook.models import Recipe, ShareLink, UserSpace
+import random
+from cookbook.models import Recipe, ShareLink, UserSpace, Space


 def get_allowed_groups(groups_required):
@@ -331,6 +333,25 @@ class CustomRecipePermission(permissions.BasePermission):
                        or has_group_permission(request.user, ['user'])) and obj.space == request.space


+class CustomAiProviderPermission(permissions.BasePermission):
+    """
+    Custom permission class for the AiProvider api endpoint
+    users: can read all
+    admins: can read and write
+    superusers: can read and write + write providers without a space
+    """
+    message = _('You do not have the required permissions to view this page!')
+
+    def has_permission(self, request, view):  # user is either at least a user and the request is safe
+        return (has_group_permission(request.user, ['user']) and request.method in SAFE_METHODS) or (has_group_permission(request.user, ['admin']) or request.user.is_superuser)
+
+    # editing of global providers allowed for superusers, space providers by admins and users can read only access
+    def has_object_permission(self, request, view, obj):
+        return ((obj.space is None and request.user.is_superuser)
+                or (obj.space == request.space and has_group_permission(request.user, ['admin']))
+                or (obj.space == request.space and has_group_permission(request.user, ['user']) and request.method in SAFE_METHODS))
+
+
 class CustomUserPermission(permissions.BasePermission):
    """
    Custom permission class for user api endpoint
@@ -437,3 +458,36 @@ class IsReadOnlyDRF(permissions.BasePermission):

    def has_permission(self, request, view):
        return request.method in SAFE_METHODS
+
+
+class IsCreateDRF(permissions.BasePermission):
+    message = 'You cannot interact with this object, you can only create'
+
+    def has_permission(self, request, view):
+        return request.method == 'POST'
+
+
+def create_space_for_user(user, name=None):
+    with scopes_disabled():
+        if not name:
+            name = f"{user.username}'s Space"
+
+        if Space.objects.filter(name=name).exists():
+            name = f'{name} #{random.randrange(1, 10 ** 5)}'
+
+        created_space = Space(name=name,
+                              created_by=user,
+                              max_file_storage_mb=settings.SPACE_DEFAULT_MAX_FILES,
+                              max_recipes=settings.SPACE_DEFAULT_MAX_RECIPES,
+                              max_users=settings.SPACE_DEFAULT_MAX_USERS,
+                              allow_sharing=settings.SPACE_DEFAULT_ALLOW_SHARING,
+                              ai_enabled=settings.SPACE_AI_ENABLED,
+                              ai_credits_monthly=settings.SPACE_AI_CREDITS_MONTHLY,
+                              space_setup_completed=False, )
+        created_space.save()
+
+        UserSpace.objects.filter(user=user).update(active=False)
+        user_space = UserSpace.objects.create(space=created_space, user=user, active=True)
+        user_space.groups.add(Group.objects.filter(name='admin').get())
+
+        return user_space
--- a/cookbook/helper/recipe_search.py
+++ b/cookbook/helper/recipe_search.py
@@ -288,7 +288,7 @@ class RecipeSearch():

    def _updated_on_filter(self):
        if self._updatedon:
-            self._queryset = self._queryset.filter(updated_at__date__date=self._updatedon)
+            self._queryset = self._queryset.filter(updated_at__date=self._updatedon)
        elif self._updatedon_lte:
            self._queryset = self._queryset.filter(updated_at__date__lte=self._updatedon_lte)
        elif self._updatedon_gte:
--- a/cookbook/helper/recipe_url_import.py
+++ b/cookbook/helper/recipe_url_import.py
@@ -155,7 +155,7 @@ def get_from_scraper(scrape, request):

    # assign steps
    try:
-        for i in parse_instructions(scrape.instructions()):
+        for i in parse_instructions(scrape.instructions_list()):
            recipe_json['steps'].append({
                'instruction': i,
                'ingredients': [],
@@ -177,11 +177,11 @@ def get_from_scraper(scrape, request):
        for x in scrape.ingredients():
            if x.strip() != '':
                try:
-                    amount, unit, ingredient, note = ingredient_parser.parse(x)
+                    amount, unit, food, note = ingredient_parser.parse(x)
                    ingredient = {
                        'amount': amount,
                        'food': {
-                            'name': ingredient,
+                            'name': food,
                        },
                        'unit': None,
                        'note': note,
@@ -315,14 +315,29 @@ def clean_instruction_string(instruction):
    # handle unsupported, special UTF8 character in Thermomix-specific instructions,
    # that happen in nearly every recipe on Cookidoo, Zaubertopf Club, Rezeptwelt
    # and in Thermomix-specific recipes on many other sites
-    return normalized_string \
-        .replace("", _('reverse rotation')) \
-        .replace("", _('careful rotation')) \
-        .replace("", _('knead')) \
-        .replace("Andicken ", _('thicken')) \
-        .replace("Erwärmen ", _('warm up')) \
-        .replace("Fermentieren ", _('ferment')) \
-        .replace("Sous-vide ", _("sous-vide"))
+    normalized_string = normalized_string \
+        .replace(u"\uE003", _('reverse rotation')) \
+        .replace(u"\uE002", _('careful rotation')) \
+        .replace(u"\uE001", _('knead')) \
+        .replace(u"\uE031", _('thicken')) \
+        .replace(u"\uE019", _('warm up')) \
+        .replace(u"\uE02E", _('ferment')) \
+        .replace(u"\uE018", _('slow cook')) \
+        .replace(u"\uE033", _('egg boiler')) \
+        .replace(u"\uE016", _('kettle')) \
+        .replace(u"\uE01E", _('blend')) \
+        .replace(u"\uE011", _('pre-clean')) \
+        .replace(u"\uE026", _('high temperature')) \
+        .replace(u"\uE00D", _('rice cooker')) \
+        .replace(u"\uE00C", _('caramelize')) \
+        .replace(u"\uE038", _('peeler')) \
+        .replace(u"\uE037", _('slicer')) \
+        .replace(u"\uE036", _('grater')) \
+        .replace(u"\uE04C", _('spiralizer')) \
+        .replace(u"\uE02D", _("sous-vide"))
+
+
+    return normalized_string


 def parse_instructions(instructions):
@@ -403,6 +418,8 @@ def parse_servings_text(servings):


 def parse_time(recipe_time):
+    if not recipe_time:
+        return 0
    if type(recipe_time) not in [int, float]:
        try:
            recipe_time = float(re.search(r'\d+', recipe_time).group())
--- a/cookbook/helper/scope_middleware.py
+++ b/cookbook/helper/scope_middleware.py
@@ -1,8 +1,15 @@
+from django.contrib.auth.models import Group
+from django.http import HttpResponseRedirect
 from django.urls import reverse
 from django_scopes import scope, scopes_disabled
 from oauth2_provider.contrib.rest_framework import OAuth2Authentication
+from psycopg2.errors import UniqueViolation
 from rest_framework.exceptions import AuthenticationFailed

+import random
+
+from cookbook.helper.permission_helper import create_space_for_user
+from cookbook.models import Space, UserSpace
 from cookbook.views import views
 from recipes import settings

@@ -34,16 +41,28 @@ class ScopeMiddleware:
            if request.path.startswith(prefix + '/switch-space/'):
                return self.get_response(request)

-            with scopes_disabled():
-                if request.user.userspace_set.count() == 0 and not reverse('account_logout') in request.path:
-                    return views.space_overview(request)
+            if request.path.startswith(prefix + '/invite/'):
+                return self.get_response(request)

            # get active user space, if for some reason more than one space is active select first (group permission checks will fail, this is not intended at this point)
            user_space = request.user.userspace_set.filter(active=True).first()

-            if not user_space:
-                return views.space_overview(request)
+            if not user_space and request.user.userspace_set.count() > 0:
+                # if the users has a userspace but nothing is active, activate the first one
+                user_space = request.user.userspace_set.first()
+                if user_space:
+                    user_space.active = True
+                    user_space.save()

+            if not user_space:
+                if 'signup_token' in request.session:
+                    # if user is authenticated, has no space but a signup token (InviteLink) is present, redirect to invite link logic
+                    return HttpResponseRedirect(reverse('view_invite', args=[request.session.pop('signup_token', '')]))
+                else:
+                    # if user does not yet have a space create one for him
+                    user_space = create_space_for_user(request.user)
+
+            # TODO remove the need for this view
            if user_space.groups.count() == 0 and not reverse('account_logout') in request.path:
                return views.no_groups(request)

--- a/cookbook/integration/integration.py
+++ b/cookbook/integration/integration.py
@@ -26,6 +26,12 @@ class Integration:
    files = None
    export_type = None
    ignored_recipes = []
+    import_log = None
+    import_duplicates = False
+
+    import_meal_plans = True
+    import_shopping_lists = True
+    nutrition_per_serving = False

    def __init__(self, request, export_type):
        """
@@ -102,7 +108,7 @@ class Integration:
        """
        return True

-    def do_import(self, files, il, import_duplicates):
+    def do_import(self, files, il, import_duplicates, meal_plans=True, shopping_lists=True, nutrition_per_serving=False):
        """
        Imports given files
        :param import_duplicates: if true duplicates are imported as well
@@ -111,6 +117,12 @@ class Integration:
        :return: HttpResponseRedirect to the recipe search showing all imported recipes
        """
        with scope(space=self.request.space):
+            self.import_log = il
+            self.import_duplicates = import_duplicates
+
+            self.import_meal_plans = meal_plans
+            self.import_shopping_lists = shopping_lists
+            self.nutrition_per_serving = nutrition_per_serving

            try:
                self.files = files
@@ -166,20 +178,24 @@ class Integration:
                            il.total_recipes = len(new_file_list)
                            file_list = new_file_list

-                        for z in file_list:
-                            try:
-                                if not hasattr(z, 'filename') or isinstance(z, Tag):
-                                    recipe = self.get_recipe_from_file(z)
-                                else:
-                                    recipe = self.get_recipe_from_file(BytesIO(import_zip.read(z.filename)))
-                                recipe.keywords.add(self.keyword)
-                                il.msg += self.get_recipe_processed_msg(recipe)
-                                self.handle_duplicates(recipe, import_duplicates)
-                                il.imported_recipes += 1
-                                il.save()
-                            except Exception as e:
-                                traceback.print_exc()
-                                self.handle_exception(e, log=il, message=f'-------------------- \nERROR \n{e}\n--------------------\n')
+                        if isinstance(self, cookbook.integration.mealie1.Mealie1):
+                            # since the mealie 1.0 export is a backup and not a classic recipe export we treat it a bit differently
+                            recipes = self.get_recipe_from_file(import_zip)
+                        else:
+                            for z in file_list:
+                                try:
+                                    if not hasattr(z, 'filename') or isinstance(z, Tag):
+                                        recipe = self.get_recipe_from_file(z)
+                                    else:
+                                        recipe = self.get_recipe_from_file(BytesIO(import_zip.read(z.filename)))
+                                    recipe.keywords.add(self.keyword)
+                                    il.msg += self.get_recipe_processed_msg(recipe)
+                                    self.handle_duplicates(recipe, import_duplicates)
+                                    il.imported_recipes += 1
+                                    il.save()
+                                except Exception as e:
+                                    traceback.print_exc()
+                                    self.handle_exception(e, log=il, message=f'-------------------- \nERROR \n{e}\n--------------------\n')
                        import_zip.close()
                    elif '.json' in f['name'] or '.xml' in f['name'] or '.txt' in f['name'] or '.mmf' in f['name'] or '.rk' in f['name'] or '.melarecipe' in f['name']:
                        data_list = self.split_recipe_file(f['file'])
--- a/cookbook/integration/mealie1.py
+++ b/cookbook/integration/mealie1.py
@@ -0,0 +1,342 @@
+import json
+import re
+import traceback
+import uuid
+from decimal import Decimal
+from io import BytesIO
+from zipfile import ZipFile
+from gettext import gettext as _
+
+from django.db import transaction
+
+from cookbook.helper import ingredient_parser
+from cookbook.helper.image_processing import get_filetype
+from cookbook.helper.ingredient_parser import IngredientParser
+from cookbook.helper.recipe_url_import import parse_servings, parse_servings_text, parse_time
+from cookbook.integration.integration import Integration
+from cookbook.models import Ingredient, Keyword, Recipe, Step, Food, Unit, SupermarketCategory, PropertyType, Property, MealType, MealPlan, CookLog, ShoppingListEntry
+
+
+class Mealie1(Integration):
+    """
+    integration for mealie past version 1.0
+    """
+
+    def get_recipe_from_file(self, file):
+        mealie_database = json.loads(BytesIO(file.read('database.json')).getvalue().decode("utf-8"))
+        self.import_log.total_recipes = len(mealie_database['recipes'])
+        self.import_log.msg += f"Importing {len(mealie_database["categories"]) + len(mealie_database["tags"])} tags and categories as keywords...\n"
+        self.import_log.save()
+
+        keywords_categories_dict = {}
+        for c in mealie_database['categories']:
+            if keyword := Keyword.objects.filter(name=c['name'], space=self.request.space).first():
+                keywords_categories_dict[c['id']] = keyword.pk
+            else:
+                keyword = Keyword.objects.create(name=c['name'], space=self.request.space)
+                keywords_categories_dict[c['id']] = keyword.pk
+
+        keywords_tags_dict = {}
+        for t in mealie_database['tags']:
+            if keyword := Keyword.objects.filter(name=t['name'], space=self.request.space).first():
+                keywords_tags_dict[t['id']] = keyword.pk
+            else:
+                keyword = Keyword.objects.create(name=t['name'], space=self.request.space)
+                keywords_tags_dict[t['id']] = keyword.pk
+
+        self.import_log.msg += f"Importing {len(mealie_database["multi_purpose_labels"])} multi purpose labels as supermarket categories...\n"
+        self.import_log.save()
+
+        supermarket_categories_dict = {}
+        for m in mealie_database['multi_purpose_labels']:
+            if supermarket_category := SupermarketCategory.objects.filter(name=m['name'], space=self.request.space).first():
+                supermarket_categories_dict[m['id']] = supermarket_category.pk
+            else:
+                supermarket_category = SupermarketCategory.objects.create(name=m['name'], space=self.request.space)
+                supermarket_categories_dict[m['id']] = supermarket_category.pk
+
+        self.import_log.msg += f"Importing {len(mealie_database["ingredient_foods"])} foods...\n"
+        self.import_log.save()
+
+        foods_dict = {}
+        for f in mealie_database['ingredient_foods']:
+            if food := Food.objects.filter(name=f['name'], space=self.request.space).first():
+                foods_dict[f['id']] = food.pk
+            else:
+                food = {'name': f['name'],
+                        'plural_name': f['plural_name'],
+                        'description': f['description'],
+                        'space': self.request.space}
+
+                if f['label_id'] and f['label_id'] in supermarket_categories_dict:
+                    food['supermarket_category_id'] = supermarket_categories_dict[f['label_id']]
+
+                food = Food.objects.create(**food)
+                if f['on_hand']:
+                    food.onhand_users.add(self.request.user)
+                foods_dict[f['id']] = food.pk
+
+        self.import_log.msg += f"Importing {len(mealie_database["ingredient_units"])} units...\n"
+        self.import_log.save()
+
+        units_dict = {}
+        for u in mealie_database['ingredient_units']:
+            if unit := Unit.objects.filter(name=u['name'], space=self.request.space).first():
+                units_dict[u['id']] = unit.pk
+            else:
+                unit = Unit.objects.create(name=u['name'], plural_name=u['plural_name'], description=u['description'], space=self.request.space)
+                units_dict[u['id']] = unit.pk
+
+        recipes_dict = {}
+        recipe_property_factor_dict = {}
+        recipes = []
+        recipe_keyword_relation = []
+        for r in mealie_database['recipes']:
+            if Recipe.objects.filter(space=self.request.space, name=r['name']).exists() and not self.import_duplicates:
+                self.import_log.msg += f"Ignoring {r['name']} because a recipe with this name already exists.\n"
+                self.import_log.save()
+            else:
+                recipe = Recipe.objects.create(
+                    waiting_time=parse_time(r['perform_time']),
+                    working_time=parse_time(r['prep_time']),
+                    description=r['description'][:512],
+                    name=r['name'],
+                    source_url=r['org_url'],
+                    servings=r['recipe_servings'] if r['recipe_servings'] and r['recipe_servings'] != 0 else 1,
+                    servings_text=r['recipe_yield'].strip() if r['recipe_yield'] else "",
+                    internal=True,
+                    created_at=r['created_at'],
+                    space=self.request.space,
+                    created_by=self.request.user,
+                )
+
+                if not self.nutrition_per_serving:
+                    recipe_property_factor_dict[r['id']] = recipe.servings
+
+                self.import_log.msg += self.get_recipe_processed_msg(recipe)
+                self.import_log.imported_recipes += 1
+                self.import_log.save()
+
+                recipes.append(recipe)
+                recipes_dict[r['id']] = recipe.pk
+                recipe_keyword_relation.append(Recipe.keywords.through(recipe_id=recipe.pk, keyword_id=self.keyword.pk))
+
+        Recipe.keywords.through.objects.bulk_create(recipe_keyword_relation, ignore_conflicts=True)
+
+        self.import_log.msg += f"Importing {len(mealie_database["recipe_instructions"])} instructions...\n"
+        self.import_log.save()
+
+        steps_relation = []
+        first_step_of_recipe_dict = {}
+        for s in mealie_database['recipe_instructions']:
+            if s['recipe_id'] in recipes_dict:
+                step = Step.objects.create(instruction=(s['text'] if s['text'] else "") + (f" \n {s['summary']}" if s['summary'] else ""),
+                                           order=s['position'],
+                                           name=s['title'],
+                                           space=self.request.space)
+                steps_relation.append(Recipe.steps.through(recipe_id=recipes_dict[s['recipe_id']], step_id=step.pk))
+                if s['recipe_id'] not in first_step_of_recipe_dict:
+                    first_step_of_recipe_dict[s['recipe_id']] = step.pk
+
+        for n in mealie_database['notes']:
+            if n['recipe_id'] in recipes_dict:
+                step = Step.objects.create(instruction=n['text'],
+                                           name=n['title'],
+                                           order=100,
+                                           space=self.request.space)
+                steps_relation.append(Recipe.steps.through(recipe_id=recipes_dict[n['recipe_id']], step_id=step.pk))
+
+        Recipe.steps.through.objects.bulk_create(steps_relation)
+
+        ingredient_parser = IngredientParser(self.request, True)
+
+        self.import_log.msg += f"Importing {len(mealie_database["recipes_ingredients"])} ingredients...\n"
+        self.import_log.save()
+
+        ingredients_relation = []
+        for i in mealie_database['recipes_ingredients']:
+            if i['recipe_id'] in recipes_dict:
+                if i['title']:
+                    title_ingredient = Ingredient.objects.create(
+                        note=i['title'],
+                        is_header=True,
+                        space=self.request.space,
+                    )
+                    ingredients_relation.append(Step.ingredients.through(step_id=first_step_of_recipe_dict[i['recipe_id']], ingredient_id=title_ingredient.pk))
+                if i['food_id']:
+                    ingredient = Ingredient.objects.create(
+                        food_id=foods_dict[i['food_id']] if i['food_id'] in foods_dict else None,
+                        unit_id=units_dict[i['unit_id']] if i['unit_id'] in units_dict else None,
+                        original_text=i['original_text'],
+                        order=i['position'],
+                        amount=i['quantity'],
+                        note=i['note'],
+                        space=self.request.space,
+                    )
+                    ingredients_relation.append(Step.ingredients.through(step_id=first_step_of_recipe_dict[i['recipe_id']], ingredient_id=ingredient.pk))
+                elif i['note'].strip():
+                    amount, unit, food, note = ingredient_parser.parse(i['note'].strip())
+                    f = ingredient_parser.get_food(food)
+                    u = ingredient_parser.get_unit(unit)
+                    ingredient = Ingredient.objects.create(
+                        food=f,
+                        unit=u,
+                        amount=amount,
+                        note=note,
+                        original_text=i['original_text'],
+                        space=self.request.space,
+                    )
+                    ingredients_relation.append(Step.ingredients.through(step_id=first_step_of_recipe_dict[i['recipe_id']], ingredient_id=ingredient.pk))
+        Step.ingredients.through.objects.bulk_create(ingredients_relation)
+
+        self.import_log.msg += f"Importing {len(mealie_database["recipes_to_categories"]) + len(mealie_database["recipes_to_tags"])} category and keyword relations...\n"
+        self.import_log.save()
+
+        recipe_keyword_relation = []
+        for rC in mealie_database['recipes_to_categories']:
+            if rC['recipe_id'] in recipes_dict:
+                recipe_keyword_relation.append(Recipe.keywords.through(recipe_id=recipes_dict[rC['recipe_id']], keyword_id=keywords_categories_dict[rC['category_id']]))
+
+        for rT in mealie_database['recipes_to_tags']:
+            if rT['recipe_id'] in recipes_dict:
+                recipe_keyword_relation.append(Recipe.keywords.through(recipe_id=recipes_dict[rT['recipe_id']], keyword_id=keywords_tags_dict[rT['tag_id']]))
+
+        Recipe.keywords.through.objects.bulk_create(recipe_keyword_relation, ignore_conflicts=True)
+
+        self.import_log.msg += f"Importing {len(mealie_database["recipe_nutrition"])} properties...\n"
+        self.import_log.save()
+
+        property_types_dict = {
+            'calories': PropertyType.objects.get_or_create(name=_('Calories'), space=self.request.space, defaults={'unit': 'kcal', 'fdc_id': 1008})[0],
+            'carbohydrate_content': PropertyType.objects.get_or_create(name=_('Carbohydrates'), space=self.request.space, defaults={'unit': 'g', 'fdc_id': 1005})[0],
+            'cholesterol_content': PropertyType.objects.get_or_create(name=_('Cholesterol'), space=self.request.space, defaults={'unit': 'mg', 'fdc_id': 1253})[0],
+            'fat_content': PropertyType.objects.get_or_create(name=_('Fat'), space=self.request.space, defaults={'unit': 'g', 'fdc_id': 1004})[0],
+            'fiber_content': PropertyType.objects.get_or_create(name=_('Fiber'), space=self.request.space, defaults={'unit': 'g', 'fdc_id': 1079})[0],
+            'protein_content': PropertyType.objects.get_or_create(name=_('Protein'), space=self.request.space, defaults={'unit': 'g', 'fdc_id': 1003})[0],
+            'saturated_fat_content': PropertyType.objects.get_or_create(name=_('Saturated Fat'), space=self.request.space, defaults={'unit': 'g', 'fdc_id': 1258})[0],
+            'sodium_content': PropertyType.objects.get_or_create(name=_('Sodium'), space=self.request.space, defaults={'unit': 'mg', 'fdc_id': 1093})[0],
+            'sugar_content': PropertyType.objects.get_or_create(name=_('Sugar'), space=self.request.space, defaults={'unit': 'g', 'fdc_id': 1063})[0],
+            'trans_fat_content': PropertyType.objects.get_or_create(name=_('Trans Fat'), space=self.request.space, defaults={'unit': 'g', 'fdc_id': 1257})[0],
+            'unsaturated_fat_content': PropertyType.objects.get_or_create(name=_('Unsaturated Fat'), space=self.request.space, defaults={'unit': 'g'})[0],
+        }
+
+        with transaction.atomic():
+            recipe_properties_relation = []
+            properties_relation = []
+            for r in mealie_database['recipe_nutrition']:
+                if r['recipe_id'] in recipes_dict:
+                    for key in property_types_dict:
+                        if r[key]:
+                            properties_relation.append(
+                                Property(property_type_id=property_types_dict[key].pk,
+                                         property_amount=Decimal(str(r[key])) / (
+                                             Decimal(str(recipe_property_factor_dict[r['recipe_id']])) if r['recipe_id'] in recipe_property_factor_dict else 1),
+                                         open_data_food_slug=r['recipe_id'],
+                                         space=self.request.space))
+            properties = Property.objects.bulk_create(properties_relation)
+            property_ids = []
+            for p in properties:
+                recipe_properties_relation.append(Recipe.properties.through(recipe_id=recipes_dict[p.open_data_food_slug], property_id=p.pk))
+                property_ids.append(p.pk)
+            Recipe.properties.through.objects.bulk_create(recipe_properties_relation, ignore_conflicts=True)
+            Property.objects.filter(id__in=property_ids).update(open_data_food_slug=None)
+
+        # delete unused property types
+        for pT in property_types_dict:
+            try:
+                property_types_dict[pT].delete()
+            except:
+                pass
+
+        self.import_log.msg += f"Importing {len(mealie_database["recipe_comments"]) + len(mealie_database["recipe_timeline_events"])} comments and cook logs...\n"
+        self.import_log.save()
+
+        cook_log_list = []
+        for c in mealie_database['recipe_comments']:
+            if c['recipe_id'] in recipes_dict:
+                cook_log_list.append(CookLog(
+                    recipe_id=recipes_dict[c['recipe_id']],
+                    comment=c['text'],
+                    created_at=c['created_at'],
+                    created_by=self.request.user,
+                    space=self.request.space,
+                ))
+
+        for c in mealie_database['recipe_timeline_events']:
+            if c['recipe_id'] in recipes_dict:
+                if c['event_type'] == 'comment':
+                    cook_log_list.append(CookLog(
+                        recipe_id=recipes_dict[c['recipe_id']],
+                        comment=c['message'],
+                        created_at=c['created_at'],
+                        created_by=self.request.user,
+                        space=self.request.space,
+                    ))
+
+        CookLog.objects.bulk_create(cook_log_list)
+
+        if self.import_meal_plans:
+            self.import_log.msg += f"Importing {len(mealie_database["group_meal_plans"])} meal plans...\n"
+            self.import_log.save()
+
+            meal_types_dict = {}
+            meal_plans = []
+            for m in mealie_database['group_meal_plans']:
+                if m['recipe_id'] in recipes_dict:
+                    if not m['entry_type'] in meal_types_dict:
+                        meal_type = MealType.objects.get_or_create(name=m['entry_type'], created_by=self.request.user, space=self.request.space)[0]
+                        meal_types_dict[m['entry_type']] = meal_type.pk
+                    meal_plans.append(MealPlan(
+                        recipe_id=recipes_dict[m['recipe_id']] if m['recipe_id'] else None,
+                        title=m['title'] if m['title'] else "",
+                        note=m['text'] if m['text'] else "",
+                        from_date=m['date'],
+                        to_date=m['date'],
+                        meal_type_id=meal_types_dict[m['entry_type']],
+                        created_by=self.request.user,
+                        space=self.request.space,
+                    ))
+
+            MealPlan.objects.bulk_create(meal_plans)
+
+        if self.import_shopping_lists:
+            self.import_log.msg += f"Importing {len(mealie_database["shopping_list_items"])} shopping list items...\n"
+            self.import_log.save()
+
+            shopping_list_items = []
+            for sli in mealie_database['shopping_list_items']:
+                if not sli['checked']:
+                    if sli['food_id']:
+                        shopping_list_items.append(ShoppingListEntry(
+                            amount=sli['quantity'],
+                            unit_id=units_dict[sli['unit_id']] if sli['unit_id'] else None,
+                            food_id=foods_dict[sli['food_id']] if sli['food_id'] else None,
+                            created_by=self.request.user,
+                            space=self.request.space,
+                        ))
+                    elif not sli['food_id'] and sli['note'].strip():
+                        amount, unit, food, note = ingredient_parser.parse(sli['note'].strip())
+                        f = ingredient_parser.get_food(food)
+                        u = ingredient_parser.get_unit(unit)
+                        shopping_list_items.append(ShoppingListEntry(
+                            amount=amount,
+                            unit=u,
+                            food=f,
+                            created_by=self.request.user,
+                            space=self.request.space,
+                        ))
+            ShoppingListEntry.objects.bulk_create(shopping_list_items)
+
+        self.import_log.msg += f"Importing Images. This might take some time ...\n"
+        self.import_log.save()
+        for r in mealie_database['recipes']:
+            try:
+                if recipe := Recipe.objects.filter(pk=recipes_dict[r['id']]).first():
+                    self.import_recipe_image(recipe, BytesIO(file.read(f'data/recipes/{str(uuid.UUID(str(r['id'])))}/images/original.webp')), filetype='.webp')
+            except Exception:
+                pass
+
+        return recipes
+
+    def get_file_from_recipe(self, recipe):
+        raise NotImplementedError('Method not implemented in storage integration')
--- a/cookbook/locale/ar/LC_MESSAGES/django.mo
+++ b/cookbook/locale/ar/LC_MESSAGES/django.mo
--- a/cookbook/locale/ar/LC_MESSAGES/django.po
+++ b/cookbook/locale/ar/LC_MESSAGES/django.po
--- a/cookbook/locale/bg/LC_MESSAGES/django.mo
+++ b/cookbook/locale/bg/LC_MESSAGES/django.mo
--- a/cookbook/locale/bg/LC_MESSAGES/django.po
+++ b/cookbook/locale/bg/LC_MESSAGES/django.po
--- a/cookbook/locale/ca/LC_MESSAGES/django.mo
+++ b/cookbook/locale/ca/LC_MESSAGES/django.mo
--- a/cookbook/locale/ca/LC_MESSAGES/django.po
+++ b/cookbook/locale/ca/LC_MESSAGES/django.po
--- a/cookbook/locale/cs/LC_MESSAGES/django.mo
+++ b/cookbook/locale/cs/LC_MESSAGES/django.mo
--- a/cookbook/locale/cs/LC_MESSAGES/django.po
+++ b/cookbook/locale/cs/LC_MESSAGES/django.po
--- a/cookbook/locale/da/LC_MESSAGES/django.mo
+++ b/cookbook/locale/da/LC_MESSAGES/django.mo
--- a/cookbook/locale/da/LC_MESSAGES/django.po
+++ b/cookbook/locale/da/LC_MESSAGES/django.po
--- a/cookbook/locale/de/LC_MESSAGES/django.mo
+++ b/cookbook/locale/de/LC_MESSAGES/django.mo
--- a/cookbook/locale/de/LC_MESSAGES/django.po
+++ b/cookbook/locale/de/LC_MESSAGES/django.po
--- a/cookbook/locale/el/LC_MESSAGES/django.mo
+++ b/cookbook/locale/el/LC_MESSAGES/django.mo
--- a/cookbook/locale/el/LC_MESSAGES/django.po
+++ b/cookbook/locale/el/LC_MESSAGES/django.po
--- a/cookbook/locale/en/LC_MESSAGES/django.po
+++ b/cookbook/locale/en/LC_MESSAGES/django.po
--- a/cookbook/locale/es/LC_MESSAGES/django.mo
+++ b/cookbook/locale/es/LC_MESSAGES/django.mo
--- a/cookbook/locale/es/LC_MESSAGES/django.po
+++ b/cookbook/locale/es/LC_MESSAGES/django.po
--- a/cookbook/locale/fi/LC_MESSAGES/django.mo
+++ b/cookbook/locale/fi/LC_MESSAGES/django.mo
--- a/cookbook/locale/fi/LC_MESSAGES/django.po
+++ b/cookbook/locale/fi/LC_MESSAGES/django.po
--- a/cookbook/locale/fr/LC_MESSAGES/django.mo
+++ b/cookbook/locale/fr/LC_MESSAGES/django.mo
--- a/cookbook/locale/fr/LC_MESSAGES/django.po
+++ b/cookbook/locale/fr/LC_MESSAGES/django.po
--- a/cookbook/locale/he/LC_MESSAGES/django.mo
+++ b/cookbook/locale/he/LC_MESSAGES/django.mo
--- a/cookbook/locale/he/LC_MESSAGES/django.po
+++ b/cookbook/locale/he/LC_MESSAGES/django.po
--- a/cookbook/locale/hr/LC_MESSAGES/django.mo
+++ b/cookbook/locale/hr/LC_MESSAGES/django.mo
--- a/cookbook/locale/hr/LC_MESSAGES/django.po
+++ b/cookbook/locale/hr/LC_MESSAGES/django.po
--- a/cookbook/locale/hu_HU/LC_MESSAGES/django.mo
+++ b/cookbook/locale/hu_HU/LC_MESSAGES/django.mo
--- a/cookbook/locale/hu_HU/LC_MESSAGES/django.po
+++ b/cookbook/locale/hu_HU/LC_MESSAGES/django.po
--- a/cookbook/locale/hy/LC_MESSAGES/django.mo
+++ b/cookbook/locale/hy/LC_MESSAGES/django.mo
--- a/cookbook/locale/hy/LC_MESSAGES/django.po
+++ b/cookbook/locale/hy/LC_MESSAGES/django.po
--- a/cookbook/locale/id/LC_MESSAGES/django.mo
+++ b/cookbook/locale/id/LC_MESSAGES/django.mo
--- a/cookbook/locale/id/LC_MESSAGES/django.po
+++ b/cookbook/locale/id/LC_MESSAGES/django.po
--- a/cookbook/locale/it/LC_MESSAGES/django.mo
+++ b/cookbook/locale/it/LC_MESSAGES/django.mo
--- a/cookbook/locale/it/LC_MESSAGES/django.po
+++ b/cookbook/locale/it/LC_MESSAGES/django.po
--- a/cookbook/locale/lv/LC_MESSAGES/django.mo
+++ b/cookbook/locale/lv/LC_MESSAGES/django.mo
--- a/cookbook/locale/lv/LC_MESSAGES/django.po
+++ b/cookbook/locale/lv/LC_MESSAGES/django.po
--- a/cookbook/locale/nb_NO/LC_MESSAGES/django.mo
+++ b/cookbook/locale/nb_NO/LC_MESSAGES/django.mo
--- a/cookbook/locale/nb_NO/LC_MESSAGES/django.po
+++ b/cookbook/locale/nb_NO/LC_MESSAGES/django.po
--- a/cookbook/locale/nl/LC_MESSAGES/django.mo
+++ b/cookbook/locale/nl/LC_MESSAGES/django.mo
--- a/cookbook/locale/nl/LC_MESSAGES/django.po
+++ b/cookbook/locale/nl/LC_MESSAGES/django.po
--- a/cookbook/locale/pl/LC_MESSAGES/django.mo
+++ b/cookbook/locale/pl/LC_MESSAGES/django.mo
--- a/cookbook/locale/pl/LC_MESSAGES/django.po
+++ b/cookbook/locale/pl/LC_MESSAGES/django.po
--- a/cookbook/locale/pt/LC_MESSAGES/django.mo
+++ b/cookbook/locale/pt/LC_MESSAGES/django.mo
--- a/cookbook/locale/pt/LC_MESSAGES/django.po
+++ b/cookbook/locale/pt/LC_MESSAGES/django.po
--- a/cookbook/locale/pt_BR/LC_MESSAGES/django.mo
+++ b/cookbook/locale/pt_BR/LC_MESSAGES/django.mo
--- a/cookbook/locale/pt_BR/LC_MESSAGES/django.po
+++ b/cookbook/locale/pt_BR/LC_MESSAGES/django.po
--- a/cookbook/locale/rn/LC_MESSAGES/django.po
+++ b/cookbook/locale/rn/LC_MESSAGES/django.po
--- a/cookbook/locale/ro/LC_MESSAGES/django.mo
+++ b/cookbook/locale/ro/LC_MESSAGES/django.mo
--- a/cookbook/locale/ro/LC_MESSAGES/django.po
+++ b/cookbook/locale/ro/LC_MESSAGES/django.po
--- a/cookbook/locale/ru/LC_MESSAGES/django.mo
+++ b/cookbook/locale/ru/LC_MESSAGES/django.mo
--- a/cookbook/locale/ru/LC_MESSAGES/django.po
+++ b/cookbook/locale/ru/LC_MESSAGES/django.po
--- a/cookbook/locale/sl/LC_MESSAGES/django.mo
+++ b/cookbook/locale/sl/LC_MESSAGES/django.mo
--- a/cookbook/locale/sl/LC_MESSAGES/django.po
+++ b/cookbook/locale/sl/LC_MESSAGES/django.po
--- a/cookbook/locale/sv/LC_MESSAGES/django.mo
+++ b/cookbook/locale/sv/LC_MESSAGES/django.mo
--- a/cookbook/locale/sv/LC_MESSAGES/django.po
+++ b/cookbook/locale/sv/LC_MESSAGES/django.po
--- a/cookbook/locale/tr/LC_MESSAGES/django.mo
+++ b/cookbook/locale/tr/LC_MESSAGES/django.mo
--- a/cookbook/locale/tr/LC_MESSAGES/django.po
+++ b/cookbook/locale/tr/LC_MESSAGES/django.po
--- a/cookbook/locale/uk/LC_MESSAGES/django.mo
+++ b/cookbook/locale/uk/LC_MESSAGES/django.mo
--- a/cookbook/locale/uk/LC_MESSAGES/django.po
+++ b/cookbook/locale/uk/LC_MESSAGES/django.po
--- a/cookbook/locale/vi/LC_MESSAGES/django.mo
+++ b/cookbook/locale/vi/LC_MESSAGES/django.mo
--- a/cookbook/locale/vi/LC_MESSAGES/django.po
+++ b/cookbook/locale/vi/LC_MESSAGES/django.po
--- a/cookbook/locale/zh_CN/LC_MESSAGES/django.mo
+++ b/cookbook/locale/zh_CN/LC_MESSAGES/django.mo
--- a/cookbook/locale/zh_CN/LC_MESSAGES/django.po
+++ b/cookbook/locale/zh_CN/LC_MESSAGES/django.po
--- a/cookbook/locale/zh_Hant/LC_MESSAGES/django.mo
+++ b/cookbook/locale/zh_Hant/LC_MESSAGES/django.mo
--- a/cookbook/locale/zh_Hant/LC_MESSAGES/django.po
+++ b/cookbook/locale/zh_Hant/LC_MESSAGES/django.po
--- a/cookbook/migrations/0001_squashed_0227_space_ai_default_provider_and_more.py
+++ b/cookbook/migrations/0001_squashed_0227_space_ai_default_provider_and_more.py
--- a/cookbook/migrations/0223_auto_20250831_1111.py
+++ b/cookbook/migrations/0223_auto_20250831_1111.py
@@ -0,0 +1,34 @@
+# Generated by Django 4.2.22 on 2025-08-31 09:11
+
+from django.db import migrations
+from django_scopes import scopes_disabled
+
+
+def migrate_comments(apps, schema_editor):
+    with scopes_disabled():
+        Comment = apps.get_model('cookbook', 'Comment')
+        CookLog = apps.get_model('cookbook', 'CookLog')
+
+        cook_logs = []
+
+        for c in Comment.objects.all():
+            cook_logs.append(CookLog(
+                recipe=c.recipe,
+                created_by=c.created_by,
+                created_at=c.created_at,
+                comment=c.text,
+                space=c.recipe.space,
+            ))
+
+        CookLog.objects.bulk_create(cook_logs, unique_fields=('recipe', 'comment', 'created_at', 'created_by'))
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('cookbook', '0222_alter_shoppinglistrecipe_created_by_and_more'),
+    ]
+
+    operations = [
+        migrations.RunPython(migrate_comments),
+    ]
--- a/cookbook/migrations/0224_space_ai_credits_balance_space_ai_credits_monthly_and_more.py
+++ b/cookbook/migrations/0224_space_ai_credits_balance_space_ai_credits_monthly_and_more.py
@@ -0,0 +1,60 @@
+# Generated by Django 4.2.22 on 2025-09-05 06:51
+
+import cookbook.models
+from django.conf import settings
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+        ('cookbook', '0223_auto_20250831_1111'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='space',
+            name='ai_credits_balance',
+            field=models.IntegerField(default=0),
+        ),
+        migrations.AddField(
+            model_name='space',
+            name='ai_credits_monthly',
+            field=models.IntegerField(default=100),
+        ),
+        migrations.CreateModel(
+            name='AiProvider',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('name', models.CharField(max_length=128)),
+                ('description', models.TextField(blank=True)),
+                ('api_key', models.CharField(max_length=2048)),
+                ('model_name', models.CharField(max_length=256)),
+                ('url', models.CharField(blank=True, max_length=2048, null=True)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+                ('space', models.ForeignKey(null=True, on_delete=django.db.models.deletion.CASCADE, to='cookbook.space')),
+            ],
+        ),
+        migrations.CreateModel(
+            name='AiLog',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('function', models.CharField(max_length=64)),
+                ('credit_cost', models.DecimalField(decimal_places=4, max_digits=16)),
+                ('credits_from_balance', models.BooleanField(default=False)),
+                ('input_tokens', models.IntegerField(default=0)),
+                ('output_tokens', models.IntegerField(default=0)),
+                ('start_time', models.DateTimeField(null=True)),
+                ('end_time', models.DateTimeField(null=True)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+                ('ai_provider', models.ForeignKey(null=True, on_delete=django.db.models.deletion.SET_NULL, to='cookbook.aiprovider')),
+                ('created_by', models.ForeignKey(null=True, on_delete=django.db.models.deletion.SET_NULL, to=settings.AUTH_USER_MODEL)),
+                ('space', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='cookbook.space')),
+            ],
+            bases=(models.Model, cookbook.models.PermissionModelMixin),
+        ),
+    ]
--- a/cookbook/migrations/0225_space_ai_enabled.py
+++ b/cookbook/migrations/0225_space_ai_enabled.py
@@ -0,0 +1,18 @@
+# Generated by Django 4.2.22 on 2025-09-08 19:21
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('cookbook', '0224_space_ai_credits_balance_space_ai_credits_monthly_and_more'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='space',
+            name='ai_enabled',
+            field=models.BooleanField(default=True),
+        ),
+    ]
--- a/cookbook/migrations/0226_aiprovider_log_credit_cost_and_more.py
+++ b/cookbook/migrations/0226_aiprovider_log_credit_cost_and_more.py
@@ -0,0 +1,23 @@
+# Generated by Django 4.2.22 on 2025-09-08 20:00
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('cookbook', '0225_space_ai_enabled'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='aiprovider',
+            name='log_credit_cost',
+            field=models.BooleanField(default=True),
+        ),
+        migrations.AlterField(
+            model_name='space',
+            name='ai_credits_monthly',
+            field=models.IntegerField(default=10000),
+        ),
+    ]
--- a/cookbook/migrations/0227_space_ai_default_provider_and_more.py
+++ b/cookbook/migrations/0227_space_ai_default_provider_and_more.py
@@ -0,0 +1,24 @@
+# Generated by Django 4.2.22 on 2025-09-09 11:40
+
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('cookbook', '0226_aiprovider_log_credit_cost_and_more'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='space',
+            name='ai_default_provider',
+            field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='space_ai_default_provider', to='cookbook.aiprovider'),
+        ),
+        migrations.AlterField(
+            model_name='space',
+            name='ai_credits_balance',
+            field=models.DecimalField(decimal_places=4, default=0, max_digits=16),
+        ),
+    ]
--- a/cookbook/migrations/0228_space_space_setup_completed.py
+++ b/cookbook/migrations/0228_space_space_setup_completed.py
@@ -0,0 +1,18 @@
+# Generated by Django 5.2.6 on 2025-09-10 20:11
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('cookbook', '0001_squashed_0227_space_ai_default_provider_and_more'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='space',
+            name='space_setup_completed',
+            field=models.BooleanField(default=True),
+        ),
+    ]
--- a/cookbook/models.py
+++ b/cookbook/models.py
@@ -329,6 +329,13 @@ class Space(ExportModelOperationsMixin('space'), models.Model):
    demo = models.BooleanField(default=False)
    food_inherit = models.ManyToManyField(FoodInheritField, blank=True)

+    space_setup_completed = models.BooleanField(default=True)
+
+    ai_enabled = models.BooleanField(default=True)
+    ai_credits_monthly = models.IntegerField(default=100)
+    ai_credits_balance = models.DecimalField(default=0, max_digits=16, decimal_places=4)
+    ai_default_provider = models.ForeignKey("AiProvider", on_delete=models.SET_NULL, null=True, blank=True, related_name='space_ai_default_provider')
+
    internal_note = models.TextField(blank=True, null=True)

    def safe_delete(self):
@@ -341,6 +348,9 @@ class Space(ExportModelOperationsMixin('space'), models.Model):
        BookmarkletImport.objects.filter(space=self).delete()
        CustomFilter.objects.filter(space=self).delete()

+        AiLog.objects.filter(space=self).delete()
+        AiProvider.objects.filter(space=self).delete()
+
        Property.objects.filter(space=self).delete()
        PropertyType.objects.filter(space=self).delete()

@@ -393,6 +403,55 @@ class Space(ExportModelOperationsMixin('space'), models.Model):
        return self.name


+class AiProvider(models.Model):
+    name = models.CharField(max_length=128)
+    description = models.TextField(blank=True)
+    # AiProviders can be global, so space=null is allowed (configurable by superusers)
+    space = models.ForeignKey(Space, on_delete=models.CASCADE, null=True)
+
+    api_key = models.CharField(max_length=2048)
+    model_name = models.CharField(max_length=256)
+    url = models.CharField(max_length=2048, blank=True, null=True)
+    log_credit_cost = models.BooleanField(default=True)
+
+    created_at = models.DateTimeField(auto_now_add=True)
+    updated_at = models.DateTimeField(auto_now=True)
+
+    def __str__(self):
+        return self.name
+
+    class Meta:
+        ordering = ('id',)
+
+
+class AiLog(models.Model, PermissionModelMixin):
+    F_FILE_IMPORT = 'FILE_IMPORT'
+    F_STEP_SORT = 'STEP_SORT'
+    F_FOOD_PROPERTIES = 'FOOD_PROPERTIES'
+
+    ai_provider = models.ForeignKey(AiProvider, on_delete=models.SET_NULL, null=True)
+    function = models.CharField(max_length=64)
+    credit_cost = models.DecimalField(max_digits=16, decimal_places=4)
+    # if credits from balance were used, else its from monthly quota
+    credits_from_balance = models.BooleanField(default=False)
+
+    input_tokens = models.IntegerField(default=0)
+    output_tokens = models.IntegerField(default=0)
+    start_time = models.DateTimeField(null=True)
+    end_time = models.DateTimeField(null=True)
+
+    space = models.ForeignKey(Space, on_delete=models.CASCADE)
+    created_by = models.ForeignKey(User, on_delete=models.SET_NULL, null=True)
+    created_at = models.DateTimeField(auto_now_add=True)
+    updated_at = models.DateTimeField(auto_now=True)
+
+    def __str__(self):
+        return f"{self.function} {self.ai_provider.name} {self.created_at}"
+
+    class Meta:
+        ordering = ('-created_at',)
+
+
 class ConnectorConfig(models.Model, PermissionModelMixin):
    HOMEASSISTANT = 'HomeAssistant'
    CONNECTER_TYPE = ((HOMEASSISTANT, 'HomeAssistant'),)
@@ -748,14 +807,7 @@ class Food(ExportModelOperationsMixin('food'), TreeModel, PermissionModelMixin):
        self.delete()
        return target

-    def delete(self):
-        if self.ingredient_set.all().exclude(step=None).count() > 0:
-            raise ProtectedError(self.name + _(" is part of a recipe step and cannot be deleted"), self.ingredient_set.all().exclude(step=None))
-        else:
-            return super().delete()
-
    # MP_Tree move uses raw SQL to execute move, override behavior to force a save triggering post_save signal
-
    def move(self, *args, **kwargs):
        super().move(*args, **kwargs)
        # treebeard bypasses ORM, need to explicity save to trigger post save signals retrieve the object again to avoid writing previous state back to disk
--- a/cookbook/serializer.py
+++ b/cookbook/serializer.py
@@ -24,8 +24,9 @@ from rest_framework.fields import IntegerField

 from cookbook.helper.CustomStorageClass import CachedS3Boto3Storage
 from cookbook.helper.HelperFunctions import str2bool
+from cookbook.helper.ai_helper import get_monthly_token_usage
 from cookbook.helper.image_processing import is_file_type_allowed
-from cookbook.helper.permission_helper import above_space_limit
+from cookbook.helper.permission_helper import above_space_limit, create_space_for_user
 from cookbook.helper.property_helper import FoodPropertyHelper
 from cookbook.helper.shopping_helper import RecipeShoppingEditor
 from cookbook.helper.unit_conversion_helper import UnitConversionHelper
@@ -36,7 +37,7 @@ from cookbook.models import (Automation, BookmarkletImport, Comment, CookLog, Cu
                             ShareLink, ShoppingListEntry, ShoppingListRecipe, Space,
                             Step, Storage, Supermarket, SupermarketCategory,
                             SupermarketCategoryRelation, Sync, SyncLog, Unit, UnitConversion,
-                             UserFile, UserPreference, UserSpace, ViewLog, ConnectorConfig, SearchPreference, SearchFields)
+                             UserFile, UserPreference, UserSpace, ViewLog, ConnectorConfig, SearchPreference, SearchFields, AiLog, AiProvider)
 from cookbook.templatetags.custom_tags import markdown
 from recipes.settings import AWS_ENABLED, MEDIA_URL, EMAIL_HOST

@@ -150,19 +151,22 @@ class CustomOnHandField(serializers.Field):
        return instance

    def to_representation(self, obj):
-        if not self.context["request"].user.is_authenticated:
+        try:
+            if not self.context["request"].user.is_authenticated:
+                return []
+            shared_users = []
+            if c := caches['default'].get(f'shopping_shared_users_{self.context["request"].space.id}_{self.context["request"].user.id}', None):
+                shared_users = c
+            else:
+                try:
+                    shared_users = [x.id for x in list(self.context['request'].user.get_shopping_share())] + [self.context['request'].user.id]
+                    caches['default'].set(f'shopping_shared_users_{self.context["request"].space.id}_{self.context["request"].user.id}', shared_users, timeout=5 * 60)
+                    # TODO ugly hack that improves API performance significantly, should be done properly
+                except AttributeError:  # Anonymous users (using share links) don't have shared users
+                    pass
+            return obj.onhand_users.filter(id__in=shared_users).exists()
+        except AttributeError:
            return []
-        shared_users = []
-        if c := caches['default'].get(f'shopping_shared_users_{self.context["request"].space.id}_{self.context["request"].user.id}', None):
-            shared_users = c
-        else:
-            try:
-                shared_users = [x.id for x in list(self.context['request'].user.get_shopping_share())] + [self.context['request'].user.id]
-                caches['default'].set(f'shopping_shared_users_{self.context["request"].space.id}_{self.context["request"].user.id}', shared_users, timeout=5 * 60)
-                # TODO ugly hack that improves API performance significantly, should be done properly
-            except AttributeError:  # Anonymous users (using share links) don't have shared users
-                pass
-        return obj.onhand_users.filter(id__in=shared_users).exists()

    def to_internal_value(self, data):
        return data
@@ -325,12 +329,62 @@ class UserFileViewSerializer(serializers.ModelSerializer):
        read_only_fields = ('id', 'file', 'file_download', 'file_size_kb', 'preview', 'created_by', 'created_at')


+class AiProviderSerializer(serializers.ModelSerializer):
+    api_key = serializers.CharField(required=False, write_only=True)
+
+    def create(self, validated_data):
+        validated_data = self.handle_global_space_logic(validated_data)
+
+        return super().create(validated_data)
+
+    def update(self, instance, validated_data):
+        validated_data = self.handle_global_space_logic(validated_data, instance=instance)
+        return super().update(instance, validated_data)
+
+    def handle_global_space_logic(self, validated_data, instance=None):
+        """
+        allow superusers to create AI providers without a space but make sure everyone else only uses their own space
+        """
+        if self.context['request'].user.is_superuser:
+            if ('space' not in validated_data or not validated_data['space']):
+                validated_data['space'] = None
+            else:
+                validated_data['space'] = self.context['request'].space
+        else:
+            if instance:
+                validated_data['space'] = instance.space
+            else:
+                validated_data['space'] = self.context['request'].space
+
+        if 'log_credit_cost' in validated_data and not self.context['request'].user.is_superuser:
+            del validated_data['log_credit_cost']
+
+        return validated_data
+
+    class Meta:
+        model = AiProvider
+        fields = ('id', 'name', 'description', 'api_key', 'model_name', 'url', 'log_credit_cost', 'space', 'created_at', 'updated_at')
+        read_only_fields = ('created_at', 'updated_at',)
+
+
+class AiLogSerializer(serializers.ModelSerializer):
+    ai_provider = AiProviderSerializer(read_only=True)
+
+    class Meta:
+        model = AiLog
+        fields = ('id', 'ai_provider', 'function', 'credit_cost', 'credits_from_balance', 'input_tokens', 'output_tokens', 'start_time', 'end_time', 'created_by', 'created_at',
+                  'updated_at')
+        read_only_fields = ('__all__',)
+
+
 class SpaceSerializer(WritableNestedModelSerializer):
    created_by = UserSerializer(read_only=True)
-    user_count = serializers.SerializerMethodField('get_user_count')
-    recipe_count = serializers.SerializerMethodField('get_recipe_count')
-    file_size_mb = serializers.SerializerMethodField('get_file_size_mb')
-    food_inherit = FoodInheritFieldSerializer(many=True)
+    user_count = serializers.SerializerMethodField('get_user_count', read_only=True)
+    recipe_count = serializers.SerializerMethodField('get_recipe_count', read_only=True)
+    file_size_mb = serializers.SerializerMethodField('get_file_size_mb', read_only=True)
+    ai_monthly_credits_used = serializers.SerializerMethodField('get_ai_monthly_credits_used', read_only=True)
+    ai_default_provider = AiProviderSerializer(required=False, allow_null=True)
+    food_inherit = FoodInheritFieldSerializer(many=True, required=False)
    image = UserFileViewSerializer(required=False, many=False, allow_null=True)
    nav_logo = UserFileViewSerializer(required=False, many=False, allow_null=True)
    custom_space_theme = UserFileViewSerializer(required=False, many=False, allow_null=True)
@@ -350,6 +404,10 @@ class SpaceSerializer(WritableNestedModelSerializer):
    def get_recipe_count(self, obj):
        return Recipe.objects.filter(space=obj).count()

+    @extend_schema_field(int)
+    def get_ai_monthly_credits_used(self, obj):
+        return get_monthly_token_usage(obj)
+
    @extend_schema_field(float)
    def get_file_size_mb(self, obj):
        try:
@@ -358,7 +416,36 @@ class SpaceSerializer(WritableNestedModelSerializer):
            return 0

    def create(self, validated_data):
-        raise ValidationError('Cannot create using this endpoint')
+        if Space.objects.filter(created_by=self.context['request'].user).count() >= self.context['request'].user.userpreference.max_owned_spaces:
+            raise serializers.ValidationError(
+                _('You have the reached the maximum amount of spaces that can be owned by you.') + f' ({self.context['request'].user.userpreference.max_owned_spaces})')
+
+        name = None
+        if 'name' in validated_data:
+            name = validated_data['name']
+        user_space = create_space_for_user(self.context['request'].user, name)
+        return user_space.space
+
+    def update(self, instance, validated_data):
+        validated_data = self.filter_superuser_parameters(validated_data)
+
+        if 'name' in validated_data:
+            if Space.objects.filter(Q(name=validated_data['name']), ~Q(pk=instance.pk)).exists():
+                raise ValidationError(_('Space Name must be unique.'))
+
+        return super().update(instance, validated_data)
+
+    def filter_superuser_parameters(self, validated_data):
+        if 'ai_enabled' in validated_data and not self.context['request'].user.is_superuser:
+            del validated_data['ai_enabled']
+
+        if 'ai_credits_monthly' in validated_data and not self.context['request'].user.is_superuser:
+            del validated_data['ai_credits_monthly']
+
+        if 'ai_credits_balance' in validated_data and not self.context['request'].user.is_superuser:
+            del validated_data['ai_credits_balance']
+
+        return validated_data

    class Meta:
        model = Space
@@ -366,10 +453,11 @@ class SpaceSerializer(WritableNestedModelSerializer):
            'id', 'name', 'created_by', 'created_at', 'message', 'max_recipes', 'max_file_storage_mb', 'max_users',
            'allow_sharing', 'demo', 'food_inherit', 'user_count', 'recipe_count', 'file_size_mb',
            'image', 'nav_logo', 'space_theme', 'custom_space_theme', 'nav_bg_color', 'nav_text_color',
-            'logo_color_32', 'logo_color_128', 'logo_color_144', 'logo_color_180', 'logo_color_192', 'logo_color_512', 'logo_color_svg',)
+            'logo_color_32', 'logo_color_128', 'logo_color_144', 'logo_color_180', 'logo_color_192', 'logo_color_512', 'logo_color_svg', 'ai_credits_monthly',
+            'ai_credits_balance', 'ai_monthly_credits_used', 'ai_enabled', 'ai_default_provider', 'space_setup_completed')
        read_only_fields = (
            'id', 'created_by', 'created_at', 'max_recipes', 'max_file_storage_mb', 'max_users', 'allow_sharing',
-            'demo',)
+            'demo', 'ai_monthly_credits_used')


 class UserSpaceSerializer(WritableNestedModelSerializer):
@@ -592,7 +680,7 @@ class KeywordSerializer(UniqueFieldsMixin, ExtendedRecipeMixin):
        fields = (
            'id', 'name', 'label', 'description', 'image', 'parent', 'numchild', 'numrecipe', 'created_at',
            'updated_at', 'full_name')
-        read_only_fields = ('id', 'label', 'numchild', 'parent', 'image')
+        read_only_fields = ('id', 'label', 'numchild', 'numrecipe', 'parent', 'image')


 class UnitSerializer(UniqueFieldsMixin, ExtendedRecipeMixin, OpenDataModelMixin):
@@ -758,28 +846,31 @@ class FoodSerializer(UniqueFieldsMixin, WritableNestedModelSerializer, ExtendedR

    @extend_schema_field(bool)
    def get_substitute_onhand(self, obj):
-        if not self.context["request"].user.is_authenticated:
+        try:
+            if not self.context["request"].user.is_authenticated:
+                return []
+            shared_users = []
+            if c := caches['default'].get(
+                    f'shopping_shared_users_{self.context["request"].space.id}_{self.context["request"].user.id}', None):
+                shared_users = c
+            else:
+                try:
+                    shared_users = [x.id for x in list(self.context['request'].user.get_shopping_share())] + [
+                        self.context['request'].user.id]
+                    caches['default'].set(
+                        f'shopping_shared_users_{self.context["request"].space.id}_{self.context["request"].user.id}',
+                        shared_users, timeout=5 * 60)
+                    # TODO ugly hack that improves API performance significantly, should be done properly
+                except AttributeError:  # Anonymous users (using share links) don't have shared users
+                    pass
+            filter = Q(id__in=obj.substitute.all())
+            if obj.substitute_siblings:
+                filter |= Q(path__startswith=obj.path[:Food.steplen * (obj.depth - 1)], depth=obj.depth)
+            if obj.substitute_children:
+                filter |= Q(path__startswith=obj.path, depth__gt=obj.depth)
+            return Food.objects.filter(filter).filter(onhand_users__id__in=shared_users).exists()
+        except AttributeError:
            return []
-        shared_users = []
-        if c := caches['default'].get(
-                f'shopping_shared_users_{self.context["request"].space.id}_{self.context["request"].user.id}', None):
-            shared_users = c
-        else:
-            try:
-                shared_users = [x.id for x in list(self.context['request'].user.get_shopping_share())] + [
-                    self.context['request'].user.id]
-                caches['default'].set(
-                    f'shopping_shared_users_{self.context["request"].space.id}_{self.context["request"].user.id}',
-                    shared_users, timeout=5 * 60)
-                # TODO ugly hack that improves API performance significantly, should be done properly
-            except AttributeError:  # Anonymous users (using share links) don't have shared users
-                pass
-        filter = Q(id__in=obj.substitute.all())
-        if obj.substitute_siblings:
-            filter |= Q(path__startswith=obj.path[:Food.steplen * (obj.depth - 1)], depth=obj.depth)
-        if obj.substitute_children:
-            filter |= Q(path__startswith=obj.path, depth__gt=obj.depth)
-        return Food.objects.filter(filter).filter(onhand_users__id__in=shared_users).exists()

    def create(self, validated_data):
        name = validated_data['name'].strip()
@@ -787,7 +878,7 @@ class FoodSerializer(UniqueFieldsMixin, WritableNestedModelSerializer, ExtendedR
        if plural_name := validated_data.pop('plural_name', None):
            plural_name = plural_name.strip()

-        if food := Food.objects.filter(Q(name=name) | Q(plural_name=name)).first():
+        if food := Food.objects.filter(Q(name__iexact=name) | Q(plural_name__iexact=name)).first():
            return food

        space = validated_data.pop('space', self.context['request'].space)
@@ -1038,7 +1129,7 @@ class RecipeOverviewSerializer(RecipeBaseSerializer):
        fields = (
            'id', 'name', 'description', 'image', 'keywords', 'working_time',
            'waiting_time', 'created_by', 'created_at', 'updated_at',
-            'internal', 'servings', 'servings_text', 'rating', 'last_cooked', 'new', 'recent'
+            'internal', 'private', 'servings', 'servings_text', 'rating', 'last_cooked', 'new', 'recent'
        )
        # TODO having these readonly fields makes "RecipeOverview.ts" (API Client) not generate the RecipeOverviewToJSON second else block which leads to errors when using the api
        # TODO find a solution (custom schema?) to have these fields readonly (to save performance) and generate a proper client (two serializers would probably do the trick)
@@ -1112,6 +1203,57 @@ class RecipeImportSerializer(SpacedModelSerializer):
        fields = '__all__'


+class RecipeBatchUpdateSerializer(serializers.Serializer):
+    recipes = serializers.ListField(child=serializers.IntegerField())
+    keywords_add = serializers.ListField(child=serializers.IntegerField())
+    keywords_remove = serializers.ListField(child=serializers.IntegerField())
+    keywords_set = serializers.ListField(child=serializers.IntegerField())
+    keywords_remove_all = serializers.BooleanField(default=False)
+
+    working_time = serializers.IntegerField(required=False, allow_null=True)
+    waiting_time = serializers.IntegerField(required=False, allow_null=True)
+    servings = serializers.IntegerField(required=False, allow_null=True)
+    servings_text = serializers.CharField(required=False, allow_null=True, allow_blank=True)
+
+    private = serializers.BooleanField(required=False, allow_null=True)
+    shared_add = serializers.ListField(child=serializers.IntegerField())
+    shared_remove = serializers.ListField(child=serializers.IntegerField())
+    shared_set = serializers.ListField(child=serializers.IntegerField())
+    shared_remove_all = serializers.BooleanField(default=False)
+
+    show_ingredient_overview = serializers.BooleanField(required=False, allow_null=True)
+    clear_description = serializers.BooleanField(required=False, allow_null=True)
+
+
+class FoodBatchUpdateSerializer(serializers.Serializer):
+    foods = serializers.ListField(child=serializers.IntegerField())
+
+    category = serializers.IntegerField(required=False, allow_null=True)
+
+    substitute_add = serializers.ListField(child=serializers.IntegerField())
+    substitute_remove = serializers.ListField(child=serializers.IntegerField())
+    substitute_set = serializers.ListField(child=serializers.IntegerField())
+    substitute_remove_all = serializers.BooleanField(default=False)
+
+    inherit_fields_add = serializers.ListField(child=serializers.IntegerField())
+    inherit_fields_remove = serializers.ListField(child=serializers.IntegerField())
+    inherit_fields_set = serializers.ListField(child=serializers.IntegerField())
+    inherit_fields_remove_all = serializers.BooleanField(default=False)
+
+    child_inherit_fields_add = serializers.ListField(child=serializers.IntegerField())
+    child_inherit_fields_remove = serializers.ListField(child=serializers.IntegerField())
+    child_inherit_fields_set = serializers.ListField(child=serializers.IntegerField())
+    child_inherit_fields_remove_all = serializers.BooleanField(default=False)
+
+    substitute_children = serializers.BooleanField(required=False, allow_null=True)
+    substitute_siblings = serializers.BooleanField(required=False, allow_null=True)
+    ignore_shopping = serializers.BooleanField(required=False, allow_null=True)
+    on_hand = serializers.BooleanField(required=False, allow_null=True)
+
+    parent_remove = serializers.BooleanField(required=False, allow_null=True)
+    parent_set = serializers.IntegerField(required=False, allow_null=True)
+
+
 class CustomFilterSerializer(SpacedModelSerializer, WritableNestedModelSerializer):
    shared = UserSerializer(many=True, required=False)

@@ -1223,8 +1365,8 @@ class MealPlanSerializer(SpacedModelSerializer, WritableNestedModelSerializer):


 class AutoMealPlanSerializer(serializers.Serializer):
-    start_date = serializers.DateField()
-    end_date = serializers.DateField()
+    start_date = serializers.DateTimeField()
+    end_date = serializers.DateTimeField()
    meal_type_id = serializers.IntegerField()
    keyword_ids = serializers.ListField()
    servings = CustomDecimalField()
@@ -1480,7 +1622,7 @@ class InviteLinkSerializer(WritableNestedModelSerializer):
        fields = (
            'id', 'uuid', 'email', 'group', 'valid_until', 'used_by', 'reusable', 'internal_note', 'created_by',
            'created_at',)
-        read_only_fields = ('id', 'uuid', 'created_by', 'created_at',)
+        read_only_fields = ('id', 'uuid', 'used_by', 'created_by', 'created_at',)


 # CORS, REST and Scopes aren't currently working
@@ -1542,7 +1684,6 @@ class ServerSettingsSerializer(serializers.Serializer):
    # TODO add all other relevant settings including path/url related ones?
    shopping_min_autosync_interval = serializers.CharField()
    enable_pdf_export = serializers.BooleanField()
-    enable_ai_import = serializers.BooleanField()
    disable_external_connectors = serializers.BooleanField()
    terms_url = serializers.CharField()
    privacy_url = serializers.CharField()
@@ -1583,6 +1724,11 @@ class FdcQuerySerializer(serializers.Serializer):
    foods = FdcQueryFoodsSerializer(many=True)


+class GenericModelReferenceSerializer(serializers.Serializer):
+    id = serializers.IntegerField()
+    model = serializers.CharField()
+    name = serializers.CharField()
+
 # Export/Import Serializers

 class KeywordExportSerializer(KeywordSerializer):
@@ -1766,8 +1912,10 @@ class RecipeFromSourceResponseSerializer(serializers.Serializer):


 class AiImportSerializer(serializers.Serializer):
+    ai_provider_id = serializers.IntegerField()
    file = serializers.FileField(allow_null=True)
    text = serializers.CharField(allow_null=True, allow_blank=True)
+    recipe_id = serializers.CharField(allow_null=True, allow_blank=True)


 class ExportRequestSerializer(serializers.Serializer):
--- a/cookbook/templates/space_overview.html
+++ b/cookbook/templates/space_overview.html
@@ -51,11 +51,6 @@
                                    {#                                    {% endif %}#}
                                    <p class="card-text"><small
                                            class="text-muted">{% trans 'Owner' %}: {{ us.space.created_by }}</small>
-                                        {% if us.space.created_by != us.user %}
-                                            <p class="card-text"><small
-                                                class="text-muted"><a
-                                                href="{% url 'delete_user_space' us.pk %}">{% trans 'Leave Space' %}</a></small>
-                                        {% endif %}
                                        <!--TODO add direct link to management page -->
                                        </p>
                                </div>
--- a/cookbook/templates/system.html
+++ b/cookbook/templates/system.html
@@ -53,6 +53,17 @@
        {% endblocktrans %}
    {% endif %}

+    <h3 class="mt-5">{% trans 'Plugins' %}</h3>
+    Clone the plugin using git into the <code>recipe/plugin/</code> folder (Docker mount <code>/opt/recipe/recipes/plugins</code> to the host system and clone into it).
+    <table class="table table-bordered">
+        {% for p in plugins %}
+            <tr>
+                <td><a href="{{ p.github }}">{{ p.name }}</a> <br/>{{ p.base_path }}</td>
+                <td><a href="{% url 'view_plugin_update' %}?module={{ p.module }}" class="btn btn-primary">Git Pull</a></td>
+            </tr>
+        {% endfor %}
+    </table>
+
    <h4 class="mt-3">{% trans 'Media Serving' %} <span class="badge text-bg-{% if gunicorn_media %}danger{% else %}success{% endif %}">{% if gunicorn_media %}
        {% trans 'Warning' %}{% else %}{% trans 'Ok' %}{% endif %}</span></h4>
    {% if gunicorn_media %}
--- a/cookbook/tests/api/test_api_ai_provider.py
+++ b/cookbook/tests/api/test_api_ai_provider.py
@@ -0,0 +1,168 @@
+import json
+
+import pytest
+from django.urls import reverse
+from django_scopes import scopes_disabled
+
+from cookbook.models import MealType, PropertyType, AiProvider
+
+LIST_URL = 'api:aiprovider-list'
+DETAIL_URL = 'api:aiprovider-detail'
+
+
+@pytest.fixture()
+def obj_1(space_1, a1_s1):
+    return AiProvider.objects.get_or_create(name='test_1', space=space_1)[0]
+
+
+@pytest.fixture
+def obj_2(space_1, a1_s1):
+    return AiProvider.objects.get_or_create(name='test_2', space=None)[0]
+
+
+@pytest.mark.parametrize("arg", [
+    ['a_u', 403],
+    ['g1_s1', 403],
+    ['u1_s1', 200],
+    ['a1_s1', 200],
+])
+def test_list_permission(arg, request):
+    c = request.getfixturevalue(arg[0])
+    assert c.get(reverse(LIST_URL)).status_code == arg[1]
+
+
+def test_list_space(obj_1, obj_2, u1_s1, u1_s2, space_2):
+    assert json.loads(u1_s1.get(reverse(LIST_URL)).content)['count'] == 2
+    assert json.loads(u1_s2.get(reverse(LIST_URL)).content)['count'] == 1
+
+    obj_1.space = space_2
+    obj_1.save()
+
+    assert json.loads(u1_s1.get(reverse(LIST_URL)).content)['count'] == 1
+    assert json.loads(u1_s2.get(reverse(LIST_URL)).content)['count'] == 2
+
+    obj_1.space = None
+    obj_1.save()
+
+    assert json.loads(u1_s1.get(reverse(LIST_URL)).content)['count'] == 2
+    assert json.loads(u1_s2.get(reverse(LIST_URL)).content)['count'] == 2
+
+
+@pytest.mark.parametrize("arg", [
+    ['a_u', 403],
+    ['g1_s1', 403],
+    ['u1_s1', 403],
+    ['a1_s1', 200],
+    ['g1_s2', 403],
+    ['u1_s2', 403],
+    ['a1_s2', 404],
+])
+def test_update(arg, request, obj_1):
+    c = request.getfixturevalue(arg[0])
+    r = c.patch(
+        reverse(
+            DETAIL_URL,
+            args={obj_1.id}
+        ),
+        {'name': 'new'},
+        content_type='application/json'
+    )
+    response = json.loads(r.content)
+    assert r.status_code == arg[1]
+    if r.status_code == 200:
+        assert response['name'] == 'new'
+
+
+@pytest.mark.parametrize("arg", [
+    ['a_u', 403],
+    ['g1_s1', 403],
+    ['u1_s1', 403],
+    ['a1_s1', 403],
+    ['g1_s2', 403],
+    ['u1_s2', 403],
+    ['a1_s2', 403],
+    ['s1_s1', 200],
+])
+def test_update_global(arg, request, obj_2):
+    c = request.getfixturevalue(arg[0])
+    r = c.patch(
+        reverse(
+            DETAIL_URL,
+            args={obj_2.id}
+        ),
+        {'name': 'new'},
+        content_type='application/json'
+    )
+    response = json.loads(r.content)
+    assert r.status_code == arg[1]
+    if r.status_code == 200:
+        assert response['name'] == 'new'
+
+
+@pytest.mark.parametrize("arg", [
+    ['a_u', 403],
+    ['g1_s1', 403],
+    ['u1_s1', 403],
+    ['a1_s1', 201],
+])
+def test_add(arg, request, u1_s2):
+    c = request.getfixturevalue(arg[0])
+    r = c.post(
+        reverse(LIST_URL),
+        {'name': 'test', 'api_key': 'test', 'model_name': 'test'},
+        content_type='application/json'
+    )
+    response = json.loads(r.content)
+    assert r.status_code == arg[1]
+    if r.status_code == 201:
+        assert response['name'] == 'test'
+        r = c.get(reverse(DETAIL_URL, args={response['id']}))
+        assert r.status_code == 200
+        r = u1_s2.get(reverse(DETAIL_URL, args={response['id']}))
+        assert r.status_code == 404
+
+
+def test_delete(a1_s1, a1_s2, obj_1):
+    # admins cannot delete foreign space providers
+    r = a1_s2.delete(
+        reverse(
+            DETAIL_URL,
+            args={obj_1.id}
+        )
+    )
+    assert r.status_code == 404
+
+    # admins can delete their space providers
+    r = a1_s1.delete(
+        reverse(
+            DETAIL_URL,
+            args={obj_1.id}
+        )
+    )
+
+    assert r.status_code == 204
+    with scopes_disabled():
+        assert AiProvider.objects.count() == 0
+
+
+def test_delete_global(a1_s1, s1_s1, obj_2):
+    # admins cant delete global providers
+    r = a1_s1.delete(
+        reverse(
+            DETAIL_URL,
+            args={obj_2.id}
+        )
+    )
+    assert r.status_code == 403
+
+    # superusers can delete global providers
+    r = s1_s1.delete(
+        reverse(
+            DETAIL_URL,
+            args={obj_2.id}
+        )
+    )
+
+    assert r.status_code == 204
+    with scopes_disabled():
+        assert AiProvider.objects.count() == 0
--- a/cookbook/tests/api/test_api_food.py
+++ b/cookbook/tests/api/test_api_food.py
@@ -236,42 +236,6 @@ def test_delete(u1_s1, u1_s2, obj_1, obj_tree_1):
        assert Food.find_problems() == ([], [], [], [], [])


-def test_integrity(u1_s1, recipe_1_s1):
-    with scopes_disabled():
-        assert Food.objects.count() == 10
-        assert Ingredient.objects.count() == 10
-        f_1 = Food.objects.first()
-
-    # deleting food will fail because food is part of recipe
-    r = u1_s1.delete(
-        reverse(
-            DETAIL_URL,
-            args={f_1.id}
-        )
-    )
-    assert r.status_code == 403
-
-    with scopes_disabled():
-        i_1 = f_1.ingredient_set.first()
-        # remove Ingredient that references Food from recipe step
-        i_1.step_set.first().ingredients.remove(i_1)
-        assert Food.objects.count() == 10
-        assert Ingredient.objects.count() == 10
-
-    # deleting food will succeed because its not part of recipe and delete will cascade to Ingredient
-    r = u1_s1.delete(
-        reverse(
-            DETAIL_URL,
-            args={f_1.id}
-        )
-    )
-    assert r.status_code == 204
-
-    with scopes_disabled():
-        assert Food.objects.count() == 9
-        assert Ingredient.objects.count() == 9
-
-
 def test_move(u1_s1, obj_tree_1, obj_2, obj_3, space_1):
    with scope(space=space_1):
        # for some reason the 'path' attribute changes between the factory and the test when using both obj_tree and obj
--- a/cookbook/tests/api/test_api_space.py
+++ b/cookbook/tests/api/test_api_space.py
@@ -7,6 +7,7 @@ from django.urls import reverse
 from django_scopes import scopes_disabled

 from cookbook.models import UserSpace
+from recipes import settings

 LIST_URL = 'api:space-list'
 DETAIL_URL = 'api:space-detail'
@@ -45,7 +46,6 @@ def test_list_multiple(u1_s1, space_1, space_2):
    assert u1_response['id'] == space_1.id


-
@pytest.mark.parametrize("arg", [
    ['a_u', 403],
    ['g1_s1', 403],
@@ -70,9 +70,9 @@ def test_update(arg, request, space_1, a1_s1):

@pytest.mark.parametrize("arg", [
    ['a_u', 403],
-    ['g1_s1', 403],
-    ['u1_s1', 403],
-    ['a1_s1', 405],
+    ['g1_s1', 201],
+    ['u1_s1', 201],
+    ['a1_s1', 201],
 ])
 def test_add(arg, request, u1_s2):
    c = request.getfixturevalue(arg[0])
@@ -90,3 +90,59 @@ def test_delete(u1_s1, u1_s2, a1_s1, space_1):
    # event the space owner cannot delete his space over the api (this might change later but for now it's only available in the UI)
    r = a1_s1.delete(reverse(DETAIL_URL, args={space_1.id}))
    assert r.status_code == 405
+
+
+def test_superuser_parameters(space_1, a1_s1, s1_s1):
+    # ------- test as normal user -------
+    response = a1_s1.post(reverse(LIST_URL), {'name': 'test', 'ai_enabled': not settings.SPACE_AI_ENABLED, 'ai_credits_monthly': settings.SPACE_AI_CREDITS_MONTHLY + 100, 'ai_credits_balance': 100},
+                           content_type='application/json')
+
+    assert response.status_code == 201
+    response = json.loads(response.content)
+    assert response['ai_enabled'] == settings.SPACE_AI_ENABLED
+    assert response['ai_credits_monthly'] == settings.SPACE_AI_CREDITS_MONTHLY
+    assert response['ai_credits_balance'] == 0
+
+    space_1.created_by = auth.get_user(a1_s1)
+    space_1.ai_enabled = False
+    space_1.ai_credits_monthly = 0
+    space_1.ai_credits_balance = 0
+    space_1.save()
+
+    response = a1_s1.patch(reverse(DETAIL_URL, args={space_1.id}), {'ai_enabled': True, 'ai_credits_monthly': 100, 'ai_credits_balance': 100},
+                           content_type='application/json')
+
+    assert response.status_code == 200
+
+    space_1.refresh_from_db()
+    assert space_1.ai_enabled == False
+    assert space_1.ai_credits_monthly == 0
+    assert space_1.ai_credits_balance == 0
+
+    # ------- test as superuser -------
+
+    response = s1_s1.post(reverse(LIST_URL),
+                          {'name': 'test', 'ai_enabled': not settings.SPACE_AI_ENABLED, 'ai_credits_monthly': settings.SPACE_AI_CREDITS_MONTHLY + 100, 'ai_credits_balance': 100},
+                          content_type='application/json')
+
+    assert response.status_code == 201
+    response = json.loads(response.content)
+    assert response['ai_enabled'] == settings.SPACE_AI_ENABLED
+    assert response['ai_credits_monthly'] == settings.SPACE_AI_CREDITS_MONTHLY
+    assert response['ai_credits_balance'] == 0
+
+    space_1.created_by = auth.get_user(s1_s1)
+    space_1.ai_enabled = False
+    space_1.ai_credits_monthly = 0
+    space_1.ai_credits_balance = 0
+    space_1.save()
+
+    response = s1_s1.patch(reverse(DETAIL_URL, args={space_1.id}), {'ai_enabled': True, 'ai_credits_monthly': 100, 'ai_credits_balance': 100},
+                           content_type='application/json')
+
+    assert response.status_code == 200
+
+    space_1.refresh_from_db()
+    assert space_1.ai_enabled == True
+    assert space_1.ai_credits_monthly == 100
+    assert space_1.ai_credits_balance == 100
--- a/Show More
+++ b/Show More