diff --git a/README.md b/README.md
index cf4349a2..3a572ea3 100644
--- a/README.md
+++ b/README.md
@@ -10,10 +10,10 @@ Documize is an intelligent document environment (IDE) for creating, securing and
 
 ## Why should I care?
 
-Because maybe like us, you might be tired of:
+Because maybe like us, you're tired of:
 
-* juggling WYSIWYG editors, wiki software and various document related solutions
-* playing document related email tennis with contributions, versions and feedback
+* juggling WYSIWYG editors, wiki software and other document related solutions
+* playing email tennis with documents, contributions, versions and feedback
 * sharing not-so-secure folders with external participants
 
 Sound familiar? Read on.
@@ -38,7 +38,7 @@ Reusable templates and content blocks.
 
 Documentation related tasking and delegation.
 
-Integrations for embedding SaaS data within documents.
+Integrations for embedding SaaS data within documents, zero add-on/marketplace fees.
 
 ## What does it look like?
 
@@ -63,7 +63,7 @@ Documize runs on the following:
 Documize is built with the following technologies:
 
 - EmberJS (v2.18.0)
-- Go (v1.9.2)
+- Go (v1.9.3)
 
 ...and supports the following databases:
 
diff --git a/domain/category/mysql/store.go b/domain/category/mysql/store.go
index bd1427b5..b79c3b60 100644
--- a/domain/category/mysql/store.go
+++ b/domain/category/mysql/store.go
@@ -234,9 +234,9 @@ func (s Scope) GetSpaceCategoryMembership(ctx domain.RequestContext, spaceID str
 		SELECT id, refid, orgid, labelid, categoryid, documentid, created, revised FROM categorymember
 		WHERE orgid=? AND labelid=?
 			  AND labelid IN (SELECT refid FROM permission WHERE orgid=? AND location='space' AND refid IN (
-				SELECT refid from permission WHERE orgid=? AND who='user' AND whoid=? AND location='space' UNION ALL
+				SELECT refid from permission WHERE orgid=? AND who='user' AND (whoid=? OR whoid='0') AND location='space' UNION ALL
 				SELECT p.refid from permission p LEFT JOIN rolemember r ON p.whoid=r.roleid WHERE p.orgid=? AND p.who='role' AND p.location='space' 
-					AND p.action='view' AND r.userid=?
+					AND p.action='view' AND (r.userid=? OR r.userid='0')
 		))
 	  ORDER BY documentid`, ctx.OrgID, spaceID, ctx.OrgID, ctx.OrgID, ctx.UserID, ctx.OrgID, ctx.UserID)
 
diff --git a/domain/document/endpoint.go b/domain/document/endpoint.go
index 07a02ea8..1e87f95a 100644
--- a/domain/document/endpoint.go
+++ b/domain/document/endpoint.go
@@ -14,7 +14,6 @@ package document
 import (
 	"database/sql"
 	"encoding/json"
-	"github.com/documize/community/model/user"
 	"io/ioutil"
 	"net/http"
 	"sort"
@@ -34,6 +33,7 @@ import (
 	pm "github.com/documize/community/model/permission"
 	"github.com/documize/community/model/search"
 	"github.com/documize/community/model/space"
+	"github.com/documize/community/model/user"
 	"github.com/documize/community/model/workflow"
 )
 
diff --git a/domain/document/mysql/store.go b/domain/document/mysql/store.go
index 814abd32..22a0e47a 100644
--- a/domain/document/mysql/store.go
+++ b/domain/document/mysql/store.go
@@ -111,9 +111,9 @@ func (s Scope) GetBySpace(ctx domain.RequestContext, spaceID string) (documents
 		WHERE orgid=? AND template=0 AND labelid IN (
 			SELECT refid FROM label WHERE orgid=? AND refid IN 
 				(SELECT refid FROM permission WHERE orgid=? AND location='space' AND refid=? AND refid IN (
-						SELECT refid from permission WHERE orgid=? AND who='user' AND whoid=? AND location='space' UNION ALL
+						SELECT refid from permission WHERE orgid=? AND who='user' AND (whoid=? OR whoid='0') AND location='space' UNION ALL
 						SELECT p.refid from permission p LEFT JOIN rolemember r ON p.whoid=r.roleid WHERE p.orgid=? 
-						AND p.who='role' AND p.location='space' AND p.refid=? AND p.action='view' AND r.userid=?
+						AND p.who='role' AND p.location='space' AND p.refid=? AND p.action='view' AND (r.userid=? OR r.userid='0')
 				))
 		)
 		ORDER BY title`, ctx.OrgID, ctx.OrgID, ctx.OrgID, spaceID, ctx.OrgID, ctx.UserID, ctx.OrgID, spaceID, ctx.UserID)
@@ -136,9 +136,9 @@ func (s Scope) Templates(ctx domain.RequestContext) (documents []doc.Document, e
 			(
 				SELECT refid FROM label WHERE orgid=?
             	AND refid IN (SELECT refid FROM permission WHERE orgid=? AND location='space' AND refid IN (
-					SELECT refid from permission WHERE orgid=? AND who='user' AND whoid=? AND location='space'
+					SELECT refid from permission WHERE orgid=? AND who='user' AND (whoid=? OR whoid='0') AND location='space'
 					UNION ALL
-                	SELECT p.refid from permission p LEFT JOIN rolemember r ON p.whoid=r.roleid WHERE p.orgid=? AND p.who='role' AND p.location='space' AND p.action='view' AND r.userid=?
+                	SELECT p.refid from permission p LEFT JOIN rolemember r ON p.whoid=r.roleid WHERE p.orgid=? AND p.who='role' AND p.location='space' AND p.action='view' AND (r.userid=? OR r.userid='0')
 				))
 			)
 		ORDER BY title`, ctx.OrgID, ctx.OrgID, ctx.OrgID, ctx.OrgID, ctx.UserID, ctx.OrgID, ctx.UserID)
@@ -158,9 +158,9 @@ func (s Scope) TemplatesBySpace(ctx domain.RequestContext, spaceID string) (docu
 			(
 				SELECT refid FROM label WHERE orgid=?
             	AND refid IN (SELECT refid FROM permission WHERE orgid=? AND location='space' AND refid IN (
-					SELECT refid from permission WHERE orgid=? AND who='user' AND whoid=? AND location='space'
+					SELECT refid from permission WHERE orgid=? AND who='user' AND (whoid=? OR whoid='0') AND location='space'
 					UNION ALL
-                	SELECT p.refid from permission p LEFT JOIN rolemember r ON p.whoid=r.roleid WHERE p.orgid=? AND p.who='role' AND p.location='space' AND p.action='view' AND r.userid=?
+                	SELECT p.refid from permission p LEFT JOIN rolemember r ON p.whoid=r.roleid WHERE p.orgid=? AND p.who='role' AND p.location='space' AND p.action='view' AND (r.userid=? OR r.userid='0')
 				))
 			)
 		ORDER BY title`, ctx.OrgID, spaceID, ctx.OrgID, ctx.OrgID, ctx.OrgID, ctx.UserID, ctx.OrgID, ctx.UserID)
@@ -201,9 +201,9 @@ func (s Scope) DocumentList(ctx domain.RequestContext) (documents []doc.Document
 			(
 				SELECT refid FROM label WHERE orgid=?
 				AND refid IN (SELECT refid FROM permission WHERE orgid=? AND location='space' AND refid IN (
-					SELECT refid from permission WHERE orgid=? AND who='user' AND whoid=? AND location='space'
+					SELECT refid from permission WHERE orgid=? AND who='user' AND (whoid=? OR whoid='0') AND location='space'
 					UNION ALL
-					SELECT p.refid from permission p LEFT JOIN rolemember r ON p.whoid=r.roleid WHERE p.orgid=? AND p.who='role' AND p.location='space' AND p.action='view' AND r.userid=?
+					SELECT p.refid from permission p LEFT JOIN rolemember r ON p.whoid=r.roleid WHERE p.orgid=? AND p.who='role' AND p.location='space' AND p.action='view' AND (r.userid=? OR r.userid='0')
 				))
 			)
 		ORDER BY title`, ctx.OrgID, ctx.OrgID, ctx.OrgID, ctx.OrgID, ctx.UserID, ctx.OrgID, ctx.UserID)
diff --git a/domain/link/mysql/store.go b/domain/link/mysql/store.go
index 2f7b7029..938382c3 100644
--- a/domain/link/mysql/store.go
+++ b/domain/link/mysql/store.go
@@ -164,9 +164,10 @@ func (s Scope) SearchCandidates(ctx domain.RequestContext, keywords string) (doc
 		(
 			SELECT refid FROM label WHERE orgid=?
 			AND refid IN (SELECT refid FROM permission WHERE orgid=? AND location='space' AND refid IN (
-				SELECT refid from permission WHERE orgid=? AND who='user' AND whoid=? AND location='space'
+				SELECT refid from permission WHERE orgid=? AND who='user' AND (whoid=? OR whoid='0') AND location='space'
 				UNION ALL
-				SELECT p.refid from permission p LEFT JOIN rolemember r ON p.whoid=r.roleid WHERE p.orgid=? AND p.who='role' AND p.location='space' AND p.action='view' AND r.userid=?
+				SELECT p.refid from permission p LEFT JOIN rolemember r ON p.whoid=r.roleid WHERE p.orgid=? AND p.who='role'
+				AND p.location='space' AND p.action='view' AND (r.userid=? OR r.userid='0')
 			))
 		)
 		ORDER BY title`, ctx.OrgID, ctx.OrgID, ctx.OrgID, ctx.OrgID, ctx.UserID, ctx.OrgID, ctx.UserID)
@@ -201,9 +202,10 @@ func (s Scope) SearchCandidates(ctx domain.RequestContext, keywords string) (doc
 		(
 			SELECT refid FROM label WHERE orgid=?
 			AND refid IN (SELECT refid FROM permission WHERE orgid=? AND location='space' AND refid IN (
-				SELECT refid from permission WHERE orgid=? AND who='user' AND whoid=? AND location='space'
+				SELECT refid from permission WHERE orgid=? AND who='user' AND (whoid=? OR whoid='0') AND location='space'
 				UNION ALL
-				SELECT p.refid from permission p LEFT JOIN rolemember r ON p.whoid=r.roleid WHERE p.orgid=? AND p.who='role' AND p.location='space' AND p.action='view' AND r.userid=?
+				SELECT p.refid from permission p LEFT JOIN rolemember r ON p.whoid=r.roleid WHERE p.orgid=? AND p.who='role'
+				AND p.location='space' AND p.action='view' AND (r.userid=? OR r.userid='0')
 			))
 		)
 		ORDER BY p.title`, ctx.OrgID, ctx.OrgID, ctx.OrgID, ctx.OrgID, ctx.UserID, ctx.OrgID, ctx.UserID)
@@ -238,9 +240,10 @@ func (s Scope) SearchCandidates(ctx domain.RequestContext, keywords string) (doc
 		(
 			SELECT refid FROM label WHERE orgid=?
 			AND refid IN (SELECT refid FROM permission WHERE orgid=? AND location='space' AND refid IN (
-				SELECT refid from permission WHERE orgid=? AND who='user' AND whoid=? AND location='space'
+				SELECT refid from permission WHERE orgid=? AND who='user' AND (whoid=? OR whoid='0') AND location='space'
 				UNION ALL
-				SELECT p.refid from permission p LEFT JOIN rolemember r ON p.whoid=r.roleid WHERE p.orgid=? AND p.who='role' AND p.location='space' AND p.action='view' AND r.userid=?
+				SELECT p.refid from permission p LEFT JOIN rolemember r ON p.whoid=r.roleid WHERE p.orgid=? AND p.who='role'
+				AND p.location='space' AND p.action='view' AND (r.userid=? OR r.userid='0')
 			))
 		)
 		ORDER BY a.filename`, ctx.OrgID, ctx.OrgID, ctx.OrgID, ctx.OrgID, ctx.UserID, ctx.OrgID, ctx.UserID)
diff --git a/domain/permission/mysql/store.go b/domain/permission/mysql/store.go
index 6569ed08..45847baf 100644
--- a/domain/permission/mysql/store.go
+++ b/domain/permission/mysql/store.go
@@ -64,7 +64,7 @@ func (s Scope) GetUserSpacePermissions(ctx domain.RequestContext, spaceID string
 		SELECT p.id, p.orgid, p.who, p.whoid, p.action, p.scope, p.location, p.refid
 			FROM permission p LEFT JOIN rolemember r ON p.whoid=r.roleid WHERE p.orgid=? AND p.location='space' AND refid=?
 			AND p.who='role' AND (r.userid=? OR r.userid='0')`,
-		ctx.OrgID, spaceID, ctx.UserID, ctx.OrgID, spaceID, ctx.OrgID)
+		ctx.OrgID, spaceID, ctx.UserID, ctx.OrgID, spaceID, ctx.UserID)
 
 	if err == sql.ErrNoRows {
 		err = nil
@@ -200,7 +200,7 @@ func (s Scope) GetUserCategoryPermissions(ctx domain.RequestContext, userID stri
 		UNION ALL
 		SELECT p.id, p.orgid, p.who, p.whoid, p.action, p.scope, p.location, p.refid
 			FROM permission p LEFT JOIN rolemember r ON p.whoid=r.roleid
-			WHERE p.orgid=? AND p.location='category'  AND p.who='role'`,
+			WHERE p.orgid=? AND p.location='category' AND p.who='role'`,
 		ctx.OrgID, userID, ctx.OrgID)
 
 	if err == sql.ErrNoRows {
diff --git a/domain/search/mysql/store.go b/domain/search/mysql/store.go
index 689ca5ae..cccb4197 100644
--- a/domain/search/mysql/store.go
+++ b/domain/search/mysql/store.go
@@ -222,7 +222,7 @@ func (s Scope) matchFullText(ctx domain.RequestContext, keywords, itemType strin
 		(
 			SELECT refid FROM label WHERE orgid=?
 			AND refid IN (SELECT refid FROM permission WHERE orgid=? AND location='space' AND refid IN (
-				SELECT refid from permission WHERE orgid=? AND who='user' AND whoid=? AND location='space'
+				SELECT refid from permission WHERE orgid=? AND who='user' AND (whoid=? OR whoid='0') AND location='space'
 				UNION ALL
 				SELECT p.refid from permission p LEFT JOIN rolemember r ON p.whoid=r.roleid WHERE p.orgid=? AND p.who='role' AND p.location='space' AND p.action='view' AND r.userid=?
 			))
@@ -279,9 +279,10 @@ func (s Scope) matchLike(ctx domain.RequestContext, keywords, itemType string) (
 		(
 			SELECT refid FROM label WHERE orgid=?
 			AND refid IN (SELECT refid FROM permission WHERE orgid=? AND location='space' AND refid IN (
-				SELECT refid from permission WHERE orgid=? AND who='user' AND whoid=? AND location='space'
+				SELECT refid from permission WHERE orgid=? AND who='user' AND (whoid=? OR whoid='0') AND location='space'
 				UNION ALL
-				SELECT p.refid from permission p LEFT JOIN rolemember r ON p.whoid=r.roleid WHERE p.orgid=? AND p.who='role' AND p.location='space' AND p.action='view' AND r.userid=?
+				SELECT p.refid from permission p LEFT JOIN rolemember r ON p.whoid=r.roleid WHERE p.orgid=? AND p.who='role'
+				AND p.location='space' AND p.action='view' AND (r.userid=? OR r.userid='0')
 			))
 		)
 		AND s.content LIKE ?`
diff --git a/domain/space/endpoint.go b/domain/space/endpoint.go
index db74da40..404bce1d 100644
--- a/domain/space/endpoint.go
+++ b/domain/space/endpoint.go
@@ -642,7 +642,7 @@ func (h *Handler) AcceptInvitation(w http.ResponseWriter, r *http.Request) {
 
 	u, err := h.Store.User.GetBySerial(ctx, model.Serial)
 	if err != nil && err == sql.ErrNoRows {
-		response.WriteDuplicateError(w, method, "user")
+		response.WriteNotFoundError(w, method, "user")
 		h.Runtime.Log.Error(method, err)
 		return
 	}
@@ -650,6 +650,7 @@ func (h *Handler) AcceptInvitation(w http.ResponseWriter, r *http.Request) {
 	// AcceptShare does not authenticate the user hence the context needs to set up
 	ctx.UserID = u.RefID
 
+	// Prepare user data
 	u.Firstname = model.Firstname
 	u.Lastname = model.Lastname
 	u.Initials = stringutil.MakeInitials(u.Firstname, u.Lastname)
@@ -670,7 +671,6 @@ func (h *Handler) AcceptInvitation(w http.ResponseWriter, r *http.Request) {
 	}
 
 	salt := secrets.GenerateSalt()
-
 	err = h.Store.User.UpdateUserPassword(ctx, u.RefID, salt, secrets.GeneratePassword(model.Password, salt))
 	if err != nil {
 		ctx.Transaction.Rollback()
@@ -679,10 +679,12 @@ func (h *Handler) AcceptInvitation(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	h.Store.Audit.Record(ctx, audit.EventTypeSpaceJoin)
-
 	ctx.Transaction.Commit()
 
+	h.Store.Audit.Record(ctx, audit.EventTypeSpaceJoin)
+
+	// We send back POJO and not fully authenticated user object as
+	// SSO should take place thereafter
 	response.WriteJSON(w, u)
 }
 
@@ -704,10 +706,10 @@ func (h *Handler) Invite(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	if sp.UserID != ctx.UserID {
-		response.WriteForbiddenError(w)
-		return
-	}
+	// if sp.UserID != ctx.UserID {
+	// 	response.WriteForbiddenError(w)
+	// 	return
+	// }
 
 	defer streamutil.Close(r.Body)
 	body, err := ioutil.ReadAll(r.Body)
diff --git a/domain/user/mysql/store.go b/domain/user/mysql/store.go
index c50173ae..6d04b44a 100644
--- a/domain/user/mysql/store.go
+++ b/domain/user/mysql/store.go
@@ -97,7 +97,7 @@ func (s Scope) GetByToken(ctx domain.RequestContext, token string) (u user.User,
 // This occurs when we you share a folder with a new user and they have to complete
 // the onboarding process.
 func (s Scope) GetBySerial(ctx domain.RequestContext, serial string) (u user.User, err error) {
-	err = s.Runtime.Db.Get("SELECT id, refid, firstname, lastname, email, initials, global, password, salt, reset, created, revised FROM user WHERE salt=?", serial)
+	err = s.Runtime.Db.Get(&u, "SELECT id, refid, firstname, lastname, email, initials, global, password, salt, reset, created, revised FROM user WHERE salt=?", serial)
 
 	if err != nil {
 		err = errors.Wrap(err, fmt.Sprintf("execute user select by serial %s", serial))
diff --git a/gui/app/components/document/view-attachment.js b/gui/app/components/document/view-attachment.js
index 1d20b712..7b7ff1d8 100644
--- a/gui/app/components/document/view-attachment.js
+++ b/gui/app/components/document/view-attachment.js
@@ -18,9 +18,6 @@ export default Component.extend({
 	documentService: service('document'),
 	appMeta: service(),
 	hasAttachments: notEmpty('files'),
-	canShow: computed('permissions', 'files', function() {
-		return this.get('files.length') > 0 || this.get('permissions.documentEdit');
-	}),
 	canEdit: computed('permissions', 'document.protection', function() {
 		return this.get('document.protection') !== this.get('constants').ProtectionType.Lock && this.get('permissions.documentEdit');
 	}),
diff --git a/gui/app/components/onboard/share-folder.js b/gui/app/components/onboard/share-folder.js
index 35e791b3..71ba3625 100644
--- a/gui/app/components/onboard/share-folder.js
+++ b/gui/app/components/onboard/share-folder.js
@@ -114,7 +114,7 @@ export default Component.extend({
                 $(".stage-3").fadeIn();
                 // $("#spinner-1").show();
 
-                var payload = '{ "Password": "' + $("#stage-2-password").val() + '", "Serial": "' + self.serial + '", "Firstname": "' + $("#stage-1-firstname").val() + '", "Lastname": "' + $("#stage-1-lastname").val() + '" }';
+                var payload = '{ "password": "' + $("#stage-2-password").val() + '", "serial": "' + self.serial + '", "firstname": "' + $("#stage-1-firstname").val() + '", "lastname": "' + $("#stage-1-lastname").val() + '" }';
                 var password = $("#stage-2-password").val();
 
                 self.get('folderService').onboard(self.folderId, payload).then(function(user) {
diff --git a/gui/app/components/toolbar/for-document.js b/gui/app/components/toolbar/for-document.js
index e034bb34..acc07d62 100644
--- a/gui/app/components/toolbar/for-document.js
+++ b/gui/app/components/toolbar/for-document.js
@@ -57,7 +57,6 @@ export default Component.extend(ModalMixin, TooltipMixin, AuthMixin, {
 
 	didInsertElement() {
 		this._super(...arguments);
-
 		this.modalInputFocus('#document-template-modal', '#new-template-name');
 	},
 
diff --git a/gui/app/pods/document/index/template.hbs b/gui/app/pods/document/index/template.hbs
index 13889349..74912bc3 100644
--- a/gui/app/pods/document/index/template.hbs
+++ b/gui/app/pods/document/index/template.hbs
@@ -24,7 +24,7 @@
 		</div>
 	</div>
 
-	<div class="row no-gutters">
+	<div class="row no-gutters mb-5">
 		<div class="col-12">
 			<div class="text-center non-printable document-tabnav">
 				<ul class="tabnav-control">
diff --git a/gui/app/services/app-meta.js b/gui/app/services/app-meta.js
index 43bf3eba..84eb25dc 100644
--- a/gui/app/services/app-meta.js
+++ b/gui/app/services/app-meta.js
@@ -10,7 +10,6 @@
 // https://documize.com
 
 import { htmlSafe } from '@ember/string';
-
 import { resolve } from 'rsvp';
 import Service, { inject as service } from '@ember/service';
 import config from '../config/environment';
diff --git a/gui/app/services/folder.js b/gui/app/services/folder.js
index 71e7e284..e68e67f7 100644
--- a/gui/app/services/folder.js
+++ b/gui/app/services/folder.js
@@ -95,7 +95,7 @@ export default BaseService.extend({
 		});
 	},
 
-	// reloads and caches folders.
+	// reloads and caches folders
 	reload() {
 		return this.get('ajax').request(`space`, {
 			method: "GET"
diff --git a/gui/app/templates/components/document/view-attachment.hbs b/gui/app/templates/components/document/view-attachment.hbs
index 944d39b3..95c3e7db 100644
--- a/gui/app/templates/components/document/view-attachment.hbs
+++ b/gui/app/templates/components/document/view-attachment.hbs
@@ -1,30 +1,30 @@
-{{#if canShow}}
-	<div class="view-attachment mt-5">
-		{{#if hasAttachments}}
-			<ul class="list">
-				{{#each files key="id" as |a index|}}
-					<li class="item">
-						<img class="icon" src="/assets/img/attachments/{{document/file-icon a.extension}}" />
-						<a href="{{appMeta.endpoint}}/public/attachments/{{appMeta.orgId}}/{{a.id}}">
-							<span class="file">{{ a.filename }}</span>
-						</a>
-						{{#if canEdit}}
-							<div class="button-icon-danger align-middle action" {{action 'onShowDialog' a.id a.filename}}>
-								<i class="material-icons">delete</i>
-							</div>
-						{{/if}}
-					</li>
-				{{/each}}
-			</ul>
-		{{/if}}
-		{{#if canEdit}}
-			<div class="upload-document-files">
-				<div id="upload-document-files" class="btn btn-secondary">Upload</div>
-			</div>
-		{{/if}}
-	</div>
+<div class="view-attachment mt-5">
+	{{#if hasAttachments}}
+		<ul class="list">
+			{{#each files key="id" as |a index|}}
+				<li class="item">
+					<img class="icon" src="/assets/img/attachments/{{document/file-icon a.extension}}" />
+					<a href="{{appMeta.endpoint}}/public/attachments/{{appMeta.orgId}}/{{a.id}}">
+						<span class="file">{{ a.filename }}</span>
+					</a>
+					{{#if canEdit}}
+						<div class="button-icon-danger align-middle action" {{action 'onShowDialog' a.id a.filename}}>
+							<i class="material-icons">delete</i>
+						</div>
+					{{/if}}
+				</li>
+			{{/each}}
+		</ul>
+	{{else}}
+		<p>No attachments found</p>
+	{{/if}}
+	{{#if canEdit}}
+		<div class="upload-document-files">
+			<div id="upload-document-files" class="btn btn-secondary">Upload</div>
+		</div>
+	{{/if}}
+</div>
 
-	{{#ui/ui-dialog title="Delete Attachment" confirmCaption="Delete" buttonType="btn-danger" show=showDialog onAction=(action 'onDelete')}}
-		<p>Are you sure you want to delete {{deleteAttachment.name}}?</p>
-	{{/ui/ui-dialog}}
-{{/if}}
\ No newline at end of file
+{{#ui/ui-dialog title="Delete Attachment" confirmCaption="Delete" buttonType="btn-danger" show=showDialog onAction=(action 'onDelete')}}
+	<p>Are you sure you want to delete {{deleteAttachment.name}}?</p>
+{{/ui/ui-dialog}}
diff --git a/gui/app/templates/components/document/view-revision.hbs b/gui/app/templates/components/document/view-revision.hbs
index eda0ee78..b921205c 100644
--- a/gui/app/templates/components/document/view-revision.hbs
+++ b/gui/app/templates/components/document/view-revision.hbs
@@ -18,30 +18,31 @@
 				</div>
 			</div>
 		</div>
-		<div class="row">
-			<div class="col-12">
-				<div class="form-group">
-					<div id="restore-history-button" class="btn btn-danger" data-toggle="modal" data-target="#document-rollback-modal" data-backdrop="static">Restore to this version</div>
+		{{#if permissions.documentEdit}}
+			<div class="row">
+				<div class="col-12">
+					<div class="form-group">
+						<div id="restore-history-button" class="btn btn-danger" data-toggle="modal" data-target="#document-rollback-modal" data-backdrop="static">Restore to this version</div>
+					</div>
 				</div>
 			</div>
-		</div>
 
-		<div id="document-rollback-modal" class="modal" tabindex="-1" role="dialog">
-			<div class="modal-dialog" role="document">
-				<div class="modal-content">
-					<div class="modal-header">Restore Document Section</div>
-					<div class="modal-body">
-						<p>Are you sure you want to roll back to this revision?</p>
-					</div>
-					<div class="modal-footer">
-						<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
-						<button type="button" class="btn btn-success" onclick={{action 'onRollback'}}>Restore</button>
+			<div id="document-rollback-modal" class="modal" tabindex="-1" role="dialog">
+				<div class="modal-dialog" role="document">
+					<div class="modal-content">
+						<div class="modal-header">Restore Document Section</div>
+						<div class="modal-body">
+							<p>Are you sure you want to roll back to this revision?</p>
+						</div>
+						<div class="modal-footer">
+							<button type="button" class="btn btn-outline-secondary" data-dismiss="modal">Cancel</button>
+							<button type="button" class="btn btn-success" onclick={{action 'onRollback'}}>Restore</button>
+						</div>
 					</div>
 				</div>
 			</div>
-		</div>
+		{{/if}}
 	{{else}}
 		<p>No revisions made</p>
 	{{/if}}
-</div>
-
+</div>
\ No newline at end of file
diff --git a/jsconfig.json b/jsconfig.json
index 134ed86a..60e03225 100644
--- a/jsconfig.json
+++ b/jsconfig.json
@@ -1,7 +1,13 @@
 {
 	"compilerOptions": {
 		"target": "es6",
-		"experimentalDecorators": true
+		"experimentalDecorators": true,
+		"allowSyntheticDefaultImports": true
 	},
-	"exclude": ["node_modules", "bower_components", "tmp", "vendor", ".git", "dist", "dist-prod", "gui/node_modules", "gui/dist", "gui/dist-prod", "gui/tmp"]
+	"exclude": ["node_modules", "bower_components", "tmp", "vendor", ".git", "dist", "dist-prod", "gui/node_modules", "gui/dist", "gui/dist-prod", "gui/tmp"],
+	"typeAcquisition": {
+		"include": [
+			"underscore"
+		]
+	}
 }
diff --git a/server/routing/routes.go b/server/routing/routes.go
index b78539ed..e917f5f8 100644
--- a/server/routing/routes.go
+++ b/server/routing/routes.go
@@ -73,7 +73,7 @@ func RegisterEndpoints(rt *env.Runtime, s *domain.Store) {
 	Add(rt, RoutePrefixPublic, "validate", []string{"GET", "OPTIONS"}, nil, auth.ValidateToken)
 	Add(rt, RoutePrefixPublic, "forgot", []string{"POST", "OPTIONS"}, nil, user.ForgotPassword)
 	Add(rt, RoutePrefixPublic, "reset/{token}", []string{"POST", "OPTIONS"}, nil, user.ResetPassword)
-	Add(rt, RoutePrefixPublic, "share/{folderID}", []string{"POST", "OPTIONS"}, nil, space.AcceptInvitation)
+	Add(rt, RoutePrefixPublic, "share/{spaceID}", []string{"POST", "OPTIONS"}, nil, space.AcceptInvitation)
 	Add(rt, RoutePrefixPublic, "attachments/{orgID}/{attachmentID}", []string{"GET", "OPTIONS"}, nil, attachment.Download)
 	Add(rt, RoutePrefixPublic, "version", []string{"GET", "OPTIONS"}, nil, func(w http.ResponseWriter, r *http.Request) {
 		w.Write([]byte(rt.Product.Version))