diff --git a/.gitignore b/.gitignore
index 251d9eeb..33c751ad 100644
--- a/.gitignore
+++ b/.gitignore
@@ -6,7 +6,9 @@ artifacts/
 msbuild.binlog
 .vscode/
 *.binlog
+*.nupkg
 
 Oqtane.Server/appsettings.json
 Oqtane.Server/Data/*.mdf
-Oqtane.Server/Data/*.ldf
\ No newline at end of file
+Oqtane.Server/Data/*.ldf
+
diff --git a/Oqtane.Client/App.razor b/Oqtane.Client/App.razor
index 6ad2be28..9e2793d7 100644
--- a/Oqtane.Client/App.razor
+++ b/Oqtane.Client/App.razor
@@ -1,29 +1,33 @@
 @using Oqtane.Shared
-@using Oqtane.Client.Shared
 @using Oqtane.Services
 @inject IInstallationService InstallationService
 
-@if (!Installed)
+@if (Initialized)
 {
-    <Installer />
-}
-else
-{
-    <CascadingAuthenticationState>
-        <CascadingValue Value="@PageState">
-            <SiteRouter OnStateChange="@ChangeState" />
-        </CascadingValue>
-    </CascadingAuthenticationState>
+    @if (!Installed)
+    {
+        <Installer />
+    }
+    else
+    {
+        <CascadingAuthenticationState>
+            <CascadingValue Value="@PageState">
+                <SiteRouter OnStateChange="@ChangeState" />
+            </CascadingValue>
+        </CascadingAuthenticationState>
+    }
 }
 
 @code {
+    private bool Initialized = false;
     private bool Installed = false;
     private PageState PageState { get; set; }
 
-    protected override async Task OnInitAsync()
+    protected override async Task OnParametersSetAsync()
     {
         var response = await InstallationService.IsInstalled();
         Installed = response.Success;
+        Initialized = true;
     }
 
     private void ChangeState(PageState pagestate)
diff --git a/Oqtane.Client/Modules/Admin/Admin/Index.razor b/Oqtane.Client/Modules/Admin/Dashboard/Index.razor
similarity index 78%
rename from Oqtane.Client/Modules/Admin/Admin/Index.razor
rename to Oqtane.Client/Modules/Admin/Dashboard/Index.razor
index 3c38f89a..0e2d7fa9 100644
--- a/Oqtane.Client/Modules/Admin/Admin/Index.razor
+++ b/Oqtane.Client/Modules/Admin/Dashboard/Index.razor
@@ -2,7 +2,8 @@
 @using Oqtane.Modules
 @using Oqtane.Services
 @using Oqtane.Models;
-@using Oqtane.Client.Modules.Controls
+@using Oqtane.Security
+@namespace Oqtane.Modules.Admin.Dashboard
 @inherits ModuleBase
 @inject IPageService PageService
 @inject IUserService UserService
@@ -10,7 +11,7 @@
 <ul class="list-group">
     @foreach (var p in pages)
     {
-        if (p.IsNavigation && UserService.IsAuthorized(PageState.User, p.ViewPermissions))
+        if (p.IsNavigation && UserSecurity.IsAuthorized(PageState.User, "View", p.Permissions))
         {
             string url = NavigateUrl(p.Path);
             <li class="list-group-item">
@@ -21,12 +22,13 @@
         }
     }
 </ul>
-<br /><br />
+<br />
+<br />
 
 @code {
     List<Page> pages;
 
-    protected override void OnInit()
+    protected override void OnInitialized()
     {
         // display list of pages which are children of current page
         pages = PageState.Pages.Where(item => item.ParentId == PageState.Page.PageId).ToList();
diff --git a/Oqtane.Client/Modules/Admin/Login/Index.razor b/Oqtane.Client/Modules/Admin/Login/Index.razor
index c381e244..2f24c684 100644
--- a/Oqtane.Client/Modules/Admin/Login/Index.razor
+++ b/Oqtane.Client/Modules/Admin/Login/Index.razor
@@ -5,6 +5,7 @@
 @using Oqtane.Services
 @using Oqtane.Providers
 @using Oqtane.Shared
+@namespace Oqtane.Modules.Admin.Login
 @inherits ModuleBase
 @inject IUriHelper UriHelper
 @inject IJSRuntime jsRuntime
@@ -42,21 +43,14 @@
 </AuthorizeView>
 
 @code {
-public override SecurityAccessLevelEnum SecurityAccessLevel { get { return SecurityAccessLevelEnum.Anonymous; } }
+    public override SecurityAccessLevel SecurityAccessLevel { get { return SecurityAccessLevel.Anonymous; } }
 
-public string Message { get; set; } = "";
-public string Username { get; set; } = "";
-public string Password { get; set; } = "";
-public bool Remember { get; set; } = false;
+    public string Message { get; set; } = "";
+    public string Username { get; set; } = "";
+    public string Password { get; set; } = "";
+    public bool Remember { get; set; } = false;
 
-private async Task Login()
-{
-    User user = new User();
-    user.Username = Username;
-    user.Password = Password;
-    user.IsPersistent = Remember;
-    user = await UserService.LoginUserAsync(user);
-    if (user.IsAuthenticated)
+    private async Task Login()
     {
         string ReturnUrl = PageState.QueryString["returnurl"];
 
@@ -64,27 +58,48 @@ private async Task Login()
         if (authstateprovider == null)
         {
             // server-side Blazor
-            var interop = new Interop(jsRuntime);
-            string antiforgerytoken = await interop.GetElementByName("__RequestVerificationToken");
-            var fields = new { __RequestVerificationToken = antiforgerytoken, username = Username, password = Password, remember = Remember, returnurl = ReturnUrl };
-            await interop.SubmitForm("/login/", fields);
+            User user = new User();
+            user.SiteId = PageState.Site.SiteId;
+            user.Username = Username;
+            user.Password = Password;
+            user = await UserService.LoginUserAsync(user, false, false);
+            if (user.IsAuthenticated)
+            {
+                // complete the login on the server so that the cookies are set correctly on SignalR
+                var interop = new Interop(jsRuntime);
+                string antiforgerytoken = await interop.GetElementByName("__RequestVerificationToken");
+                var fields = new { __RequestVerificationToken = antiforgerytoken, username = Username, password = Password, remember = Remember, returnurl = ReturnUrl };
+                await interop.SubmitForm("/login/", fields);
+            }
+            else
+            {
+                Message = "<div class=\"alert alert-danger\" role=\"alert\">Login Failed. Please Remember That Passwords Are Case Sensitive.</div>";
+            }
         }
         else
         {
             // client-side Blazor
-            authstateprovider.NotifyAuthenticationChanged();
-            UriHelper.NavigateTo(NavigateUrl(ReturnUrl, true));
+            User user = new User();
+            user.SiteId = PageState.Site.SiteId;
+            user.Username = Username;
+            user.Password = Password;
+            user = await UserService.LoginUserAsync(user, true, Remember);
+            if (user.IsAuthenticated)
+            {
+                authstateprovider.NotifyAuthenticationChanged();
+                PageState.Reload = Constants.ReloadSite;
+                UriHelper.NavigateTo(NavigateUrl(ReturnUrl));
+            }
+            else
+            {
+                Message = "<div class=\"alert alert-danger\" role=\"alert\">Login Failed. Please Remember That Passwords Are Case Sensitive.</div>";
+            }
         }
     }
-    else
+
+    private void Cancel()
     {
-        Message = "<div class=\"alert alert-danger\" role=\"alert\">Login Failed. Please Remember That Passwords Are Case Sensitive.</div>";
+        string ReturnUrl = PageState.QueryString["returnurl"];
+        UriHelper.NavigateTo(ReturnUrl);
     }
 }
-
-private void Cancel()
-{
-    string ReturnUrl = PageState.QueryString["returnurl"];
-    UriHelper.NavigateTo(NavigateUrl(ReturnUrl));
-}
-}
diff --git a/Oqtane.Client/Modules/Admin/ModuleDefinitions/Add.razor b/Oqtane.Client/Modules/Admin/ModuleDefinitions/Add.razor
new file mode 100644
index 00000000..49980307
--- /dev/null
+++ b/Oqtane.Client/Modules/Admin/ModuleDefinitions/Add.razor
@@ -0,0 +1,50 @@
+@using Microsoft.AspNetCore.Components.Routing
+@using Oqtane.Modules.Controls
+@using Oqtane.Modules
+@using Oqtane.Services
+@using Oqtane.Shared
+@namespace Oqtane.Modules.Admin.ModuleDefinitions
+@inherits ModuleBase
+@inject IUriHelper UriHelper
+@inject IFileService FileService
+@inject IModuleDefinitionService ModuleDefinitionService
+
+<table class="table table-borderless">
+    <tr>
+        <td>
+            <label for="Name" class="control-label">Module: </label>
+        </td>
+        <td>
+            <FileUpload Filter=".nupkg"></FileUpload>
+        </td>
+    </tr>
+</table>
+@if (uploaded)
+{
+    <button type="button" class="btn btn-success" @onclick="InstallFile">Install</button>
+}
+else
+{
+    <button type="button" class="btn btn-success" @onclick="UploadFile">Upload</button>
+}
+<NavLink class="btn btn-secondary" href="@NavigateUrl()">Cancel</NavLink>
+
+@code {
+    public override SecurityAccessLevel SecurityAccessLevel { get { return SecurityAccessLevel.Host; } }
+
+    bool uploaded = false;
+
+    private async Task UploadFile()
+    {
+        await FileService.UploadFilesAsync("Modules");
+        uploaded = true;
+        StateHasChanged();
+    }
+
+    private async Task InstallFile()
+    {
+        await ModuleDefinitionService.InstallModulesAsync();
+        PageState.Reload = Constants.ReloadApplication;
+        UriHelper.NavigateTo(NavigateUrl());
+    }
+}
diff --git a/Oqtane.Client/Modules/Admin/ModuleDefinitions/Index.razor b/Oqtane.Client/Modules/Admin/ModuleDefinitions/Index.razor
index 55b017d4..53ad0d55 100644
--- a/Oqtane.Client/Modules/Admin/ModuleDefinitions/Index.razor
+++ b/Oqtane.Client/Modules/Admin/ModuleDefinitions/Index.razor
@@ -1,9 +1,9 @@
 @using Oqtane.Services
 @using Oqtane.Models
 @using Oqtane.Modules
-@using Oqtane.Client.Modules.Controls
+@using Oqtane.Modules.Controls
+@namespace Oqtane.Modules.Admin.ModuleDefinitions
 @inherits ModuleBase
-
 @inject IModuleDefinitionService ModuleDefinitionService
 
 @if (moduledefinitions == null)
@@ -12,7 +12,8 @@
 }
 else
 {
-    <table class="table">
+    <ActionLink Action="Add" Text="Install Module" />
+    <table class="table table-borderless">
         <thead>
             <tr>
                 <th>Name</th>
@@ -30,11 +31,11 @@ else
 }
 
 @code {
-    public override SecurityAccessLevelEnum SecurityAccessLevel { get { return SecurityAccessLevelEnum.Host; } }
+    public override SecurityAccessLevel SecurityAccessLevel { get { return SecurityAccessLevel.Host; } }
 
     List<ModuleDefinition> moduledefinitions;
 
-    protected override async Task OnInitAsync()
+    protected override async Task OnInitializedAsync()
     {
         moduledefinitions = await ModuleDefinitionService.GetModuleDefinitionsAsync();
     }
diff --git a/Oqtane.Client/Modules/Admin/ModuleSettings/Index.razor b/Oqtane.Client/Modules/Admin/ModuleSettings/Index.razor
index 68d4d13c..b57abb63 100644
--- a/Oqtane.Client/Modules/Admin/ModuleSettings/Index.razor
+++ b/Oqtane.Client/Modules/Admin/ModuleSettings/Index.razor
@@ -3,107 +3,125 @@
 @using Oqtane.Models
 @using Oqtane.Modules
 @using Oqtane.Shared
-@using Oqtane.Client.Modules.Controls
+@using Oqtane.Security
+@using Oqtane.Modules.Controls
+@namespace Oqtane.Modules.Admin.ModuleSettings
 @inherits ModuleBase
 @inject IUriHelper UriHelper
 @inject IThemeService ThemeService
 @inject IModuleService ModuleService
 @inject IPageModuleService PageModuleService
 
-<table class="form-group">
-    <tr>
-        <td>
-            <label for="Title" class="control-label">Title: </label>
-        </td>
-        <td>
-            <input type="text" name="Title" class="form-control" @bind="@title" />
-        </td>
-    </tr>
-    <tr>
-        <td>
-            <label for="Container" class="control-label">Container: </label>
-        </td>
-        <td>
-            <select class="form-control" @bind="@containertype">
-                <option value="">&lt;Select Container&gt;</option>
-                @foreach (KeyValuePair<string, string> container in containers)
-                {
-                    <option value="@container.Key">@container.Value</option>
-                }
-            </select>
-        </td>
-    </tr>
-    <tr>
-        <td>
-            <label for="ViewPermissions" class="control-label">View Permissions: </label>
-        </td>
-        <td>
-            <input type="text" name="ViewPermissions" class="form-control" @bind="@viewpermissions" />
-        </td>
-    </tr>
-    <tr>
-        <td>
-            <label for="EditPermissions" class="control-label">Edit Permissions: </label>
-        </td>
-        <td>
-            <input type="text" name="EditPermissions" class="form-control" @bind="@editpermissions" />
-        </td>
-    </tr>
-    <tr>
-        <td>
-            <label for="Page" class="control-label">Page: </label>
-        </td>
-        <td>
-            <select class="form-control" @bind="@pageid">
-                @foreach (Page p in PageState.Pages)
-                {
-                    <option value="@p.PageId">@p.Name</option>
-                }
-            </select>
-        </td>
-    </tr>
+<table class="table table-borderless">
+    <thead>
+        <tr>
+            <td>
+                <label for="Title" class="control-label">Title: </label>
+            </td>
+            <td>
+                <input type="text" name="Title" class="form-control" @bind="@title" />
+            </td>
+        </tr>
+    </thead>
+    <tbody>
+        <tr>
+            <td>
+                <label for="Container" class="control-label">Container: </label>
+            </td>
+            <td>
+                <select class="form-control" @bind="@containertype">
+                    <option value="">&lt;Select Container&gt;</option>
+                    @foreach (KeyValuePair<string, string> container in containers)
+                    {
+                        <option value="@container.Key">@container.Value</option>
+                    }
+                </select>
+            </td>
+        </tr>
+        <tr>
+            <td>
+                <label for="Name" class="control-label">Permissions: </label>
+            </td>
+            <td>
+                <PermissionGrid EntityName="Module" Permissions="@permissions" @ref="permissiongrid" @ref:suppressField />
+            </td>
+        </tr>
+        <tr>
+            <td>
+                <label for="Page" class="control-label">Page: </label>
+            </td>
+            <td>
+                <select class="form-control" @bind="@pageid">
+                    @foreach (Page p in PageState.Pages)
+                    {
+                        <option value="@p.PageId">@p.Name</option>
+                    }
+                </select>
+            </td>
+        </tr>
+    </tbody>
 </table>
-<button class="btn btn-success" @onclick="@SaveModule">Save</button>
+
+@DynamicComponent
+
+<button type="button" class="btn btn-success" @onclick="@SaveModule">Save</button>
 <NavLink class="btn btn-secondary" href="@NavigateUrl()">Cancel</NavLink>
 
+
 @code {
-    public override SecurityAccessLevelEnum SecurityAccessLevel { get { return SecurityAccessLevelEnum.Edit; } }
+    public override SecurityAccessLevel SecurityAccessLevel { get { return SecurityAccessLevel.Edit; } }
     public override string Title { get { return "Module Settings"; } }
 
     Dictionary<string, string> containers = new Dictionary<string, string>();
     string title;
     string containertype;
-    string viewpermissions;
-    string editpermissions;
+    string permissions;
     string pageid;
 
-    protected override async Task OnInitAsync()
+    PermissionGrid permissiongrid;
+
+    RenderFragment DynamicComponent { get; set; }
+    object settings;
+
+    protected override async Task OnInitializedAsync()
     {
         title = ModuleState.Title;
         containers = ThemeService.GetContainerTypes(await ThemeService.GetThemesAsync());
         containertype = ModuleState.ContainerType;
-        viewpermissions = ModuleState.ViewPermissions;
-        editpermissions = ModuleState.EditPermissions;
+        permissions = ModuleState.Permissions;
         pageid = ModuleState.PageId.ToString();
+
+        DynamicComponent = builder =>
+        {
+            Type moduleType = Type.GetType(ModuleState.ModuleType);
+            if (moduleType != null)
+            {
+                builder.OpenComponent(0, moduleType);
+                builder.AddComponentReferenceCapture(1, inst => { settings = Convert.ChangeType(inst, moduleType); });
+                builder.CloseComponent();
+            }
+        };
     }
 
     private async Task SaveModule()
     {
         Module module = ModuleState;
-        module.ViewPermissions = viewpermissions;
-        module.EditPermissions = editpermissions;
+        module.Permissions = permissiongrid.GetPermissions();
         await ModuleService.UpdateModuleAsync(module);
 
-        PageModule pagemodule = new PageModule();
-        pagemodule.PageModuleId = ModuleState.PageModuleId;
-        pagemodule.PageId = Int32.Parse(pageid);
-        pagemodule.ModuleId = ModuleState.ModuleId;
+        PageModule pagemodule = await PageModuleService.GetPageModuleAsync(ModuleState.PageModuleId);
         pagemodule.Title = title;
-        pagemodule.Pane = ModuleState.Pane;
-        pagemodule.Order = ModuleState.Order;
         pagemodule.ContainerType = containertype;
         await PageModuleService.UpdatePageModuleAsync(pagemodule);
 
-        UriHelper.NavigateTo(NavigateUrl(true));
+        Type moduleType = Type.GetType(ModuleState.ModuleType);
+        if (moduleType != null)
+        {
+            moduleType.GetMethod("UpdateSettings").Invoke(settings, null); // method must be public in settings component
+        }
+
+        PageState.Reload = Constants.ReloadPage;
+        UriHelper.NavigateTo(NavigateUrl());
     }
+
 }
diff --git a/Oqtane.Client/Modules/Admin/Pages/Add.razor b/Oqtane.Client/Modules/Admin/Pages/Add.razor
index 1e5868bf..f67b9184 100644
--- a/Oqtane.Client/Modules/Admin/Pages/Add.razor
+++ b/Oqtane.Client/Modules/Admin/Pages/Add.razor
@@ -1,14 +1,19 @@
 @using Microsoft.AspNetCore.Components.Routing
+@using Oqtane.Modules.Controls
 @using Oqtane.Models
 @using Oqtane.Services
 @using Oqtane.Modules
 @using Oqtane.Shared
+@using Oqtane.Security
+@namespace Oqtane.Modules.Admin.Pages
 @inherits ModuleBase
 @inject IUriHelper UriHelper
 @inject IPageService PageService
 @inject IThemeService  ThemeService
 
-<table class="form-group">
+<ModuleMessage Message="@message" />
+
+<table class="table table-borderless">
     <tr>
         <td>
             <label for="Name" class="control-label">Name: </label>
@@ -17,34 +22,44 @@
             <input class="form-control" @bind="@name" />
         </td>
     </tr>
-    <tr>
-        <td>
-            <label for="Name" class="control-label">Path: </label>
-        </td>
-        <td>
-            <input class="form-control" @bind="@path" />
-        </td>
-    </tr>
     <tr>
         <td>
             <label for="Name" class="control-label">Parent: </label>
         </td>
         <td>
-            <select class="form-control" @bind="@parentid">
-                <option value="">&lt;Select Parent&gt;</option>
-                @foreach (Page p in PageState.Pages)
+            <select class="form-control" @onchange="@(e => ParentChanged(e))">
+                <option value="">&lt;Site Root&gt;</option>
+                @foreach (Page page in pages)
                 {
-                    <option value="@p.PageId">@p.Name</option>
+                    <option value="@(page.PageId)">@(new string('-',page.Level * 2))@(page.Name)</option>
                 }
             </select>
         </td>
     </tr>
     <tr>
         <td>
-            <label for="Name" class="control-label">Order: </label>
+            <label for="Name" class="control-label">Insert: </label>
         </td>
         <td>
-            <input class="form-control" @bind="@order" />
+            <select class="form-control" @bind="@insert">
+                <option value="<<">At Beginning</option>
+                @if (children != null && children.Count > 0)
+                {
+                    <option value="<">Before</option>
+                    <option value=">">After</option>
+                }
+                <option value=">>" selected>At End</option>
+            </select>
+            @if (children != null && children.Count > 0 && (insert == "<" || insert == ">"))
+            {
+                <select class="form-control" @bind="@childid">
+                    <option value="-1">&lt;Select Page&gt;</option>
+                    @foreach (Page page in children)
+                    {
+                        <option value="@(page.PageId)">@(page.Name)</option>
+                    }
+                </select>
+            }
         </td>
     </tr>
     <tr>
@@ -53,8 +68,19 @@
         </td>
         <td>
             <select class="form-control" @bind="@isnavigation">
-                <option value="true">Yes</option>
-                <option value="false">No</option>
+                <option value="True">Yes</option>
+                <option value="False">No</option>
+            </select>
+        </td>
+    </tr>
+    <tr>
+        <td>
+            <label for="Name" class="control-label">Edit Mode? </label>
+        </td>
+        <td>
+            <select class="form-control" @bind="@editmode">
+                <option value="True">Yes</option>
+                <option value="False">No</option>
             </select>
         </td>
     </tr>
@@ -96,80 +122,144 @@
     </tr>
     <tr>
         <td>
-            <label for="Name" class="control-label">View Permissions: </label>
+            <label for="Name" class="control-label">Permissions: </label>
         </td>
         <td>
-            <input class="form-control" @bind="@viewpermissions" />
-        </td>
-    </tr>
-    <tr>
-        <td>
-            <label for="Name" class="control-label">Edit Permissions: </label>
-        </td>
-        <td>
-            <input class="form-control" @bind="@editpermissions" />
+            <PermissionGrid EntityName="Page" Permissions="@permissions" @ref="permissiongrid" @ref:suppressField />
         </td>
     </tr>
 </table>
-<button class="btn btn-success" @onclick="@SavePage">Save</button>
+<button type="button" class="btn btn-success" @onclick="@SavePage">Save</button>
 <NavLink class="btn btn-secondary" href="@NavigateUrl()">Cancel</NavLink>
 
 @code {
-    public override SecurityAccessLevelEnum SecurityAccessLevel { get { return SecurityAccessLevelEnum.Admin; } }
+    public override SecurityAccessLevel SecurityAccessLevel { get { return SecurityAccessLevel.Admin; } }
+
+    string message = "";
 
     Dictionary<string, string> themes = new Dictionary<string, string>();
     Dictionary<string, string> panelayouts = new Dictionary<string, string>();
 
+    List<Page> pages;
     string name;
-    string path;
     string parentid;
-    string order = "";
+    string insert;
+    List<Page> children;
+    int childid = -1;
     string isnavigation = "True";
+    string editmode = "False";
     string themetype;
     string layouttype = "";
     string icon = "";
-    string viewpermissions = "All Users";
-    string editpermissions = "Administrators";
+    string permissions = ""; // need to set default permissions
 
-    protected override void OnInit()
+    PermissionGrid permissiongrid;
+
+    protected override void OnInitialized()
     {
-        themes = ThemeService.GetThemeTypes(PageState.Themes);
-        panelayouts = ThemeService.GetPaneLayoutTypes(PageState.Themes);
+        try
+        {
+            pages = PageState.Pages.Where(item => item.IsNavigation).ToList();
+            children = PageState.Pages.Where(item => item.ParentId == null && item.IsNavigation).OrderBy(item => item.Order).ToList();
+
+            themes = ThemeService.GetThemeTypes(PageState.Themes);
+            panelayouts = ThemeService.GetPaneLayoutTypes(PageState.Themes);
+
+            List<PermissionString> permissionstrings = new List<PermissionString>();
+            permissionstrings.Add(new PermissionString { PermissionName = "View", Permissions = Constants.AdminRole });
+            permissionstrings.Add(new PermissionString { PermissionName = "Edit", Permissions = Constants.AdminRole });
+            permissions = UserSecurity.SetPermissionStrings(permissionstrings);
+        }
+        catch (Exception ex)
+        {
+            message = ex.Message;
+        }
+    }
+
+    private void ParentChanged(UIChangeEventArgs e)
+    {
+        try
+        {
+            parentid = (string)e.Value;
+            if (string.IsNullOrEmpty(parentid))
+            {
+                children = PageState.Pages.Where(item => item.ParentId == null && item.IsNavigation).OrderBy(item => item.Order).ToList();
+            }
+            else
+            {
+                children = PageState.Pages.Where(item => item.ParentId == int.Parse(parentid) && item.IsNavigation).OrderBy(item => item.Order).ToList();
+            }
+            StateHasChanged();
+        }
+        catch (Exception ex)
+        {
+            message = ex.Message;
+        }
     }
 
     private async Task SavePage()
     {
-        Page p = new Page();
-        p.SiteId = PageState.Page.SiteId;
-        if (string.IsNullOrEmpty(parentid))
+        try
         {
-            p.ParentId = null;
+            Page page = new Page();
+            page.SiteId = PageState.Page.SiteId;
+            page.Name = name;
+            if (string.IsNullOrEmpty(parentid))
+            {
+                page.ParentId = null;
+                page.Path = page.Name.ToLower();
+            }
+            else
+            {
+                page.ParentId = Int32.Parse(parentid);
+                Page parent = PageState.Pages.Where(item => item.ParentId == page.ParentId).FirstOrDefault();
+                page.Path = parent.Path + "/" + page.Name.ToLower();
+            }
+            Page child;
+            switch (insert)
+            {
+                case "<<":
+                    page.Order = 0;
+                    break;
+                case "<":
+                    child = PageState.Pages.Where(item => item.PageId == childid).FirstOrDefault();
+                    page.Order = child.Order - 1;
+                    break;
+                case ">":
+                    child = PageState.Pages.Where(item => item.PageId == childid).FirstOrDefault();
+                    page.Order = child.Order + 1;
+                    break;
+                case ">>":
+                    page.Order = int.MaxValue;
+                    break;
+            }
+            page.IsNavigation = (isnavigation == null ? true : Boolean.Parse(isnavigation));
+            page.EditMode = (editmode == null ? true : Boolean.Parse(editmode));
+            page.ThemeType = themetype;
+            page.LayoutType = (layouttype == null ? "" : layouttype);
+            page.Icon = (icon == null ? "" : icon);
+            Type type;
+            if (!string.IsNullOrEmpty(layouttype))
+            {
+                type = Type.GetType(layouttype);
+            }
+            else
+            {
+                type = Type.GetType(themetype);
+            }
+            System.Reflection.PropertyInfo property = type.GetProperty("Panes");
+            page.Panes = (string)property.GetValue(Activator.CreateInstance(type), null);
+            page.Permissions = permissiongrid.GetPermissions();
+            await PageService.AddPageAsync(page);
+            await PageService.UpdatePageOrderAsync(page.SiteId, page.ParentId);
+
+            PageState.Reload = Constants.ReloadSite;
+            UriHelper.NavigateTo(NavigateUrl());
         }
-        else
+        catch (Exception ex)
         {
-            p.ParentId = Int32.Parse(parentid);
+            message = ex.Message;
         }
-        p.Name = name;
-        p.Path = path;
-        p.Order = (order == null ? 1 : Int32.Parse(order));
-        p.IsNavigation = (isnavigation == null ? true : Boolean.Parse(isnavigation));
-        p.ThemeType = themetype;
-        p.LayoutType = (layouttype == null ? "" : layouttype);
-        p.Icon = (icon == null ? "" : icon);
-        Type type;
-        if (!string.IsNullOrEmpty(layouttype))
-        {
-            type = Type.GetType(layouttype);
-        }
-        else
-        {
-            type = Type.GetType(themetype);
-        }
-        System.Reflection.PropertyInfo property = type.GetProperty("Panes");
-        p.Panes = (string)property.GetValue(Activator.CreateInstance(type), null);
-        p.ViewPermissions = viewpermissions;
-        p.EditPermissions = editpermissions;
-        await PageService.AddPageAsync(p);
-        UriHelper.NavigateTo(NavigateUrl(path, true));
     }
+
 }
diff --git a/Oqtane.Client/Modules/Admin/Pages/Delete.razor b/Oqtane.Client/Modules/Admin/Pages/Delete.razor
index 0a3cf339..932597c9 100644
--- a/Oqtane.Client/Modules/Admin/Pages/Delete.razor
+++ b/Oqtane.Client/Modules/Admin/Pages/Delete.razor
@@ -1,14 +1,19 @@
 @using Microsoft.AspNetCore.Components.Routing
+@using Oqtane.Modules.Controls
 @using Oqtane.Models
 @using Oqtane.Services
 @using Oqtane.Modules
 @using Oqtane.Shared
+@using Oqtane.Security
+@namespace Oqtane.Modules.Admin.Pages
 @inherits ModuleBase
 @inject IUriHelper UriHelper
 @inject IPageService PageService
 @inject IThemeService  ThemeService
 
-<table class="form-group">
+<ModuleMessage Message="@message" />
+
+<table class="table table-borderless">
     <tr>
         <td>
             <label for="Name" class="control-label">Name: </label>
@@ -39,22 +44,25 @@
             </select>
         </td>
     </tr>
-    <tr>
-        <td>
-            <label for="Name" class="control-label">Order: </label>
-        </td>
-        <td>
-            <input class="form-control" @bind="@order" readonly />
-        </td>
-    </tr>
     <tr>
         <td>
             <label for="Name" class="control-label">Navigation? </label>
         </td>
         <td>
             <select class="form-control" @bind="@isnavigation" readonly>
-                <option value="true">Yes</option>
-                <option value="false">No</option>
+                <option value="True">Yes</option>
+                <option value="False">No</option>
+            </select>
+        </td>
+    </tr>
+    <tr>
+        <td>
+            <label for="Name" class="control-label">Edit Mode? </label>
+        </td>
+        <td>
+            <select class="form-control" @bind="@editmode" readonly>
+                <option value="True">Yes</option>
+                <option value="False">No</option>
             </select>
         </td>
     </tr>
@@ -63,7 +71,7 @@
             <label for="Name" class="control-label">Theme: </label>
         </td>
         <td>
-            <select class="form-control" @bind="@themetype">
+            <select class="form-control" @bind="@themetype" readonly>
                 <option value="">&lt;Select Theme&gt;</option>
                 @foreach (KeyValuePair<string, string> item in themes)
                 {
@@ -77,7 +85,7 @@
             <label for="Name" class="control-label">Layout: </label>
         </td>
         <td>
-            <select class="form-control" @bind="@layouttype">
+            <select class="form-control" @bind="@layouttype" readonly>
                 <option value="">&lt;Select Layout&gt;</option>
                 @foreach (KeyValuePair<string, string> panelayout in panelayouts)
                 {
@@ -96,26 +104,23 @@
     </tr>
     <tr>
         <td>
-            <label for="Name" class="control-label">View Permissions: </label>
+            <label for="Name" class="control-label">Permissions: </label>
         </td>
         <td>
-            <input class="form-control" @bind="@viewpermissions" readonly />
-        </td>
-    </tr>
-    <tr>
-        <td>
-            <label for="Name" class="control-label">Edit Permissions: </label>
-        </td>
-        <td>
-            <input class="form-control" @bind="@editpermissions" readonly />
+            <PermissionGrid EntityName="Page" Permissions="@permissions" @ref="permissiongrid" @ref:suppressField />
         </td>
     </tr>
 </table>
-<button class="btn btn-danger" @onclick="@DeletePage">Delete</button>
+<button type="button" class="btn btn-danger" @onclick="@DeletePage">Delete</button>
 <NavLink class="btn btn-secondary" href="@NavigateUrl()">Cancel</NavLink>
+<br />
+<br />
+<AuditInfo CreatedBy="@createdby" CreatedOn="@createdon" ModifiedBy="@modifiedby" ModifiedOn="@modifiedon"></AuditInfo>
 
 @code {
-    public override SecurityAccessLevelEnum SecurityAccessLevel { get { return SecurityAccessLevelEnum.Admin; } }
+    public override SecurityAccessLevel SecurityAccessLevel { get { return SecurityAccessLevel.Admin; } }
+
+    string message = "";
 
     Dictionary<string, string> themes = new Dictionary<string, string>();
     Dictionary<string, string> panelayouts = new Dictionary<string, string>();
@@ -124,39 +129,68 @@
     string name;
     string path;
     string parentid;
-    string order;
     string isnavigation;
+    string editmode;
     string themetype;
     string layouttype;
     string icon;
-    string viewpermissions;
-    string editpermissions;
+    string permissions;
+    string createdby;
+    DateTime createdon;
+    string modifiedby;
+    DateTime modifiedon;
 
-    protected override void OnInit()
+    PermissionGrid permissiongrid;
+
+    protected override void OnInitialized()
     {
-        themes = ThemeService.GetThemeTypes(PageState.Themes);
-        panelayouts = ThemeService.GetPaneLayoutTypes(PageState.Themes);
-
-        PageId = Int32.Parse(PageState.QueryString["id"]);
-        Page p = PageState.Pages.Where(item => item.PageId == PageId).FirstOrDefault();
-        if (p != null)
+        try
         {
-            name = p.Name;
-            path = p.Path;
+            themes = ThemeService.GetThemeTypes(PageState.Themes);
+            panelayouts = ThemeService.GetPaneLayoutTypes(PageState.Themes);
 
-            order = p.Order.ToString();
-            isnavigation = p.IsNavigation.ToString();
-            themetype = p.ThemeType;
-            layouttype = p.LayoutType;
-            icon = p.Icon;
-            viewpermissions = p.ViewPermissions;
-            editpermissions = p.EditPermissions;
+            PageId = Int32.Parse(PageState.QueryString["id"]);
+            Page page = PageState.Pages.Where(item => item.PageId == PageId).FirstOrDefault();
+            if (page != null)
+            {
+                name = page.Name;
+                path = page.Path;
+                isnavigation = page.IsNavigation.ToString();
+                editmode = page.EditMode.ToString();
+                themetype = page.ThemeType;
+                layouttype = page.LayoutType;
+                icon = page.Icon;
+                permissions = page.Permissions;
+                createdby = page.CreatedBy;
+                createdon = page.CreatedOn;
+                modifiedby = page.ModifiedBy;
+                modifiedon = page.ModifiedOn;
+            }
+        }
+        catch (Exception ex)
+        {
+            message = ex.Message;
         }
     }
 
     private async Task DeletePage()
     {
-        await PageService.DeletePageAsync(Int32.Parse(PageState.QueryString["id"]));
-        UriHelper.NavigateTo(NavigateUrl("", true));
+        try
+        {
+            await PageService.DeletePageAsync(Int32.Parse(PageState.QueryString["id"]));
+            PageState.Reload = Constants.ReloadSite;
+            if (PageState.Page.Name == "Page Management")
+            {
+                UriHelper.NavigateTo(NavigateUrl());
+            }
+            else
+            {
+                UriHelper.NavigateTo(NavigateUrl(""));
+            }
+        }
+        catch (Exception ex)
+        {
+            message = ex.Message;
+        }
     }
 }
diff --git a/Oqtane.Client/Modules/Admin/Pages/Edit.razor b/Oqtane.Client/Modules/Admin/Pages/Edit.razor
index 5eadcd24..ad5ee932 100644
--- a/Oqtane.Client/Modules/Admin/Pages/Edit.razor
+++ b/Oqtane.Client/Modules/Admin/Pages/Edit.razor
@@ -1,15 +1,19 @@
 @using Microsoft.AspNetCore.Components.Routing
+@using Oqtane.Modules.Controls
 @using Oqtane.Models
 @using Oqtane.Services
 @using Oqtane.Modules
 @using Oqtane.Shared
-@using Oqtane.Client.Modules.Controls
+@using Oqtane.Security
+@namespace Oqtane.Modules.Admin.Pages
 @inherits ModuleBase
 @inject IUriHelper UriHelper
 @inject IPageService PageService
 @inject IThemeService  ThemeService
 
-<table class="form-group">
+<ModuleMessage Message="@message" />
+
+<table class="table table-borderless">
     <tr>
         <td>
             <label for="Name" class="control-label">Name: </label>
@@ -23,7 +27,7 @@
             <label for="Name" class="control-label">Path: </label>
         </td>
         <td>
-            <input class="form-control" @bind="@path" />
+            <input class="form-control" @bind="@path" readonly />
         </td>
     </tr>
     <tr>
@@ -31,21 +35,40 @@
             <label for="Name" class="control-label">Parent: </label>
         </td>
         <td>
-            <select class="form-control" @bind="@parentid">
-                <option value="">&lt;Select Parent&gt;</option>
-                @foreach (Page p in PageState.Pages)
+            <select class="form-control" @onchange="@(e => ParentChanged(e))">
+                <option value="">&lt;Site Root&gt;</option>
+                @foreach (Page page in pages)
                 {
-                    <option value="@p.PageId">@p.Name</option>
+                    <option value="@(page.PageId)">@(new string('-', page.Level * 2))@(page.Name)</option>
                 }
             </select>
         </td>
     </tr>
     <tr>
         <td>
-            <label for="Name" class="control-label">Order: </label>
+            <label for="Name" class="control-label">Move : </label>
         </td>
         <td>
-            <input class="form-control" @bind="@order" />
+            <select class="form-control" @bind="@insert">
+                <option value="">&lt;Maintain Current Location&gt;</option>
+                <option value="<<">To Beginning</option>
+                @if (children != null && children.Count > 0)
+                {
+                    <option value="<">Before</option>
+                    <option value=">">After</option>
+                }
+                <option value=">>" selected>To End</option>
+            </select>
+            @if (children != null && children.Count > 0 && (insert == "<" || insert == ">"))
+            {
+                <select class="form-control" @bind="@childid">
+                    <option value="-1">&lt;Select Page&gt;</option>
+                    @foreach (Page page in children)
+                    {
+                        <option value="@(page.PageId)">@(page.Name)</option>
+                    }
+                </select>
+            }
         </td>
     </tr>
     <tr>
@@ -54,8 +77,19 @@
         </td>
         <td>
             <select class="form-control" @bind="@isnavigation">
-                <option value="true">Yes</option>
-                <option value="false">No</option>
+                <option value="True">Yes</option>
+                <option value="False">No</option>
+            </select>
+        </td>
+    </tr>
+    <tr>
+        <td>
+            <label for="Name" class="control-label">Edit Mode? </label>
+        </td>
+        <td>
+            <select class="form-control" @bind="@editmode">
+                <option value="True">Yes</option>
+                <option value="False">No</option>
             </select>
         </td>
     </tr>
@@ -97,104 +131,178 @@
     </tr>
     <tr>
         <td>
-            <label for="Name" class="control-label">View Permissions: </label>
+            <label for="Name" class="control-label">Permissions: </label>
         </td>
         <td>
-            <input class="form-control" @bind="@viewpermissions" />
-        </td>
-    </tr>
-    <tr>
-        <td>
-            <label for="Name" class="control-label">Edit Permissions: </label>
-        </td>
-        <td>
-            <input class="form-control" @bind="@editpermissions" />
+            <PermissionGrid EntityName="Page" Permissions="@permissions" @ref="permissiongrid" @ref:suppressField />
         </td>
     </tr>
 </table>
-<button class="btn btn-success" @onclick="@SavePage">Save</button>
+<button type="button" class="btn btn-success" @onclick="@SavePage">Save</button>
 <NavLink class="btn btn-secondary" href="@NavigateUrl()">Cancel</NavLink>
+<br />
+<br />
+<AuditInfo CreatedBy="@createdby" CreatedOn="@createdon" ModifiedBy="@modifiedby" ModifiedOn="@modifiedon"></AuditInfo>
 
 @code {
-    public override SecurityAccessLevelEnum SecurityAccessLevel { get { return SecurityAccessLevelEnum.Admin; } }
+    public override SecurityAccessLevel SecurityAccessLevel { get { return SecurityAccessLevel.Admin; } }
+
+    string message = "";
 
     Dictionary<string, string> themes = new Dictionary<string, string>();
     Dictionary<string, string> panelayouts = new Dictionary<string, string>();
 
+    List<Page> pages;
     int PageId;
     string name;
     string path;
     string parentid;
-    string order;
+    string insert = "";
+    List<Page> children;
+    int childid = -1;
     string isnavigation;
+    string editmode;
     string themetype;
     string layouttype;
     string icon;
-    string viewpermissions;
-    string editpermissions;
+    string permissions;
+    string createdby;
+    DateTime createdon;
+    string modifiedby;
+    DateTime modifiedon;
 
-    protected override void OnInit()
+    PermissionGrid permissiongrid;
+
+    protected override void OnInitialized()
     {
-        themes = ThemeService.GetThemeTypes(PageState.Themes);
-        panelayouts = ThemeService.GetPaneLayoutTypes(PageState.Themes);
-
-        PageId = Int32.Parse(PageState.QueryString["id"]);
-        Page p = PageState.Pages.Where(item => item.PageId == PageId).FirstOrDefault();
-        if (p != null)
+        try
         {
-            name = p.Name;
-            path = p.Path;
-            if (p.ParentId == null)
+            pages = PageState.Pages.Where(item => item.IsNavigation).ToList();
+            children = PageState.Pages.Where(item => item.ParentId == null && item.IsNavigation).OrderBy(item => item.Order).ToList();
+
+            themes = ThemeService.GetThemeTypes(PageState.Themes);
+            panelayouts = ThemeService.GetPaneLayoutTypes(PageState.Themes);
+
+            PageId = Int32.Parse(PageState.QueryString["id"]);
+            Page page = PageState.Pages.Where(item => item.PageId == PageId).FirstOrDefault();
+            if (page != null)
             {
-                parentid = "";
+                name = page.Name;
+                path = page.Path;
+                if (page.ParentId == null)
+                {
+                    parentid = "";
+                }
+                else
+                {
+                    parentid = page.ParentId.ToString();
+                }
+                isnavigation = page.IsNavigation.ToString();
+                editmode = page.EditMode.ToString();
+                themetype = page.ThemeType;
+                layouttype = page.LayoutType;
+                icon = page.Icon;
+                permissions = page.Permissions;
+                createdby = page.CreatedBy;
+                createdon = page.CreatedOn;
+                modifiedby = page.ModifiedBy;
+                modifiedon = page.ModifiedOn;
+            }
+        }
+        catch (Exception ex)
+        {
+            message = ex.Message;
+        }
+    }
+
+    private void ParentChanged(UIChangeEventArgs e)
+    {
+        try
+        {
+            parentid = (string)e.Value;
+            if (string.IsNullOrEmpty(parentid))
+            {
+                children = PageState.Pages.Where(item => item.ParentId == null && item.IsNavigation).OrderBy(item => item.Order).ToList();
             }
             else
             {
-                parentid = p.ParentId.ToString();
+                children = PageState.Pages.Where(item => item.ParentId == int.Parse(parentid) && item.IsNavigation).OrderBy(item => item.Order).ToList();
             }
-            order = p.Order.ToString();
-            isnavigation = p.IsNavigation.ToString();
-            themetype = p.ThemeType;
-            layouttype = p.LayoutType;
-            icon = p.Icon;
-            viewpermissions = p.ViewPermissions;
-            editpermissions = p.EditPermissions;
+            StateHasChanged();
+        }
+        catch (Exception ex)
+        {
+            message = ex.Message;
         }
     }
 
     private async Task SavePage()
     {
-        Page p = PageState.Page;
-        p.PageId = Int32.Parse(PageState.QueryString["id"]);
-        if (string.IsNullOrEmpty(parentid))
+        try
         {
-            p.ParentId = null;
+            Page page = PageState.Page;
+            int? currentparentid = page.ParentId;
+            page.PageId = Int32.Parse(PageState.QueryString["id"]);
+            page.Name = name;
+            if (string.IsNullOrEmpty(parentid))
+            {
+                page.ParentId = null;
+                page.Path = page.Name.ToLower();
+            }
+            else
+            {
+                page.ParentId = Int32.Parse(parentid);
+                Page parent = PageState.Pages.Where(item => item.ParentId == page.ParentId).FirstOrDefault();
+                page.Path = parent.Path + "/" + page.Name.ToLower();
+            }
+            if (insert != "")
+            {
+                Page child;
+                switch (insert)
+                {
+                    case "<<":
+                        page.Order = 0;
+                        break;
+                    case "<":
+                        child = PageState.Pages.Where(item => item.PageId == childid).FirstOrDefault();
+                        page.Order = child.Order - 1;
+                        break;
+                    case ">":
+                        child = PageState.Pages.Where(item => item.PageId == childid).FirstOrDefault();
+                        page.Order = child.Order + 1;
+                        break;
+                    case ">>":
+                        page.Order = int.MaxValue;
+                        break;
+                }
+            }
+            page.IsNavigation = (isnavigation == null ? true : Boolean.Parse(isnavigation));
+            page.EditMode = (editmode == null ? true : Boolean.Parse(editmode));
+            page.ThemeType = themetype;
+            page.LayoutType = (layouttype == null ? "" : layouttype);
+            page.Icon = (icon == null ? "" : icon);
+            Type type;
+            if (!string.IsNullOrEmpty(layouttype))
+            {
+                type = Type.GetType(layouttype);
+            }
+            else
+            {
+                type = Type.GetType(themetype);
+            }
+            System.Reflection.PropertyInfo property = type.GetProperty("Panes");
+            page.Panes = (string)property.GetValue(Activator.CreateInstance(type), null);
+            page.Permissions = permissiongrid.GetPermissions();
+            await PageService.UpdatePageAsync(page);
+            await PageService.UpdatePageOrderAsync(page.SiteId, page.ParentId);
+            await PageService.UpdatePageOrderAsync(page.SiteId, currentparentid);
+
+            PageState.Reload = Constants.ReloadSite;
+            UriHelper.NavigateTo(NavigateUrl());
         }
-        else
+        catch (Exception ex)
         {
-            p.ParentId = Int32.Parse(parentid);
+            message = ex.Message;
         }
-        p.Name = name;
-        p.Path = path;
-        p.Order = (order == null ? 1 : Int32.Parse(order));
-        p.IsNavigation = (isnavigation == null ? true : Boolean.Parse(isnavigation));
-        p.ThemeType = themetype;
-        p.LayoutType = (layouttype == null ? "" : layouttype);
-        p.Icon = (icon == null ? "" : icon);
-        Type type;
-        if (!string.IsNullOrEmpty(layouttype))
-        {
-            type = Type.GetType(layouttype);
-        }
-        else
-        {
-            type = Type.GetType(themetype);
-        }
-        System.Reflection.PropertyInfo property = type.GetProperty("Panes");
-        p.Panes = (string)property.GetValue(Activator.CreateInstance(type), null);
-        p.ViewPermissions = viewpermissions;
-        p.EditPermissions = editpermissions;
-        await PageService.UpdatePageAsync(p);
-        UriHelper.NavigateTo(NavigateUrl(path));
     }
 }
diff --git a/Oqtane.Client/Modules/Admin/Pages/Index.razor b/Oqtane.Client/Modules/Admin/Pages/Index.razor
index 73c6856f..1d765897 100644
--- a/Oqtane.Client/Modules/Admin/Pages/Index.razor
+++ b/Oqtane.Client/Modules/Admin/Pages/Index.razor
@@ -1,40 +1,36 @@
-@using Oqtane.Services
+@using Oqtane.Modules.Controls
+@using Oqtane.Services
 @using Oqtane.Models
 @using Oqtane.Modules
-@using Oqtane.Client.Modules.Controls
+@using Oqtane.Shared
+@namespace Oqtane.Modules.Admin.Pages
 @inherits ModuleBase
 
-@inject IPageService PageService
-
-@if (PageState.Pages == null)
+@if (PageState.Pages != null)
 {
-    <p><em>Loading...</em></p>
-}
-else
-{
-    <table class="table">
+    <ActionLink Action="Add" Text="Add Page" />
+    <table class="table table-borderless">
         <thead>
             <tr>
-                <th> </th>
-                <th>Path</th>
+                <th>&nbsp;</th>
+                <th>&nbsp;</th>
                 <th>Name</th>
             </tr>
         </thead>
         <tbody>
-            @foreach (var p in PageState.Pages)
+            @foreach (Page page in PageState.Pages)
             {
                 <tr>
-                    <td><ActionLink Action="Edit" Parameters="@($"id=" + p.PageId.ToString())" /></td>
-                    <td><ActionLink Action="Delete" Parameters="@($"id=" + p.PageId.ToString())" ButtonClass="btn-danger" /></td>
-                    <td>@p.Path</td>
-                    <td>@p.Name</td>
+                    <td><ActionLink Action="Edit" Parameters="@($"id=" + page.PageId.ToString())" /></td>
+                    <td><ActionLink Action="Delete" Parameters="@($"id=" + page.PageId.ToString())" Class="btn btn-danger" /></td>
+                    <td>@(new string('-', page.Level * 2))@(page.Name)</td>
                 </tr>
             }
         </tbody>
     </table>
-    <ActionLink Action="Add" Text="Add Page" />
+
 }
 
 @code {
-    public override SecurityAccessLevelEnum SecurityAccessLevel { get { return SecurityAccessLevelEnum.Admin; } }
-}
\ No newline at end of file
+    public override SecurityAccessLevel SecurityAccessLevel { get { return SecurityAccessLevel.Admin; } }
+}
diff --git a/Oqtane.Client/Modules/Admin/Profile/Index.razor b/Oqtane.Client/Modules/Admin/Profile/Index.razor
new file mode 100644
index 00000000..3aebe474
--- /dev/null
+++ b/Oqtane.Client/Modules/Admin/Profile/Index.razor
@@ -0,0 +1,128 @@
+@using Microsoft.AspNetCore.Components.Routing
+@using Oqtane.Modules.Controls
+@using Oqtane.Modules
+@using Oqtane.Models
+@using Oqtane.Services
+@namespace Oqtane.Modules.Admin.Profile
+@inherits ModuleBase
+@inject IUriHelper UriHelper
+@inject IUserService UserService
+@inject IProfileService ProfileService
+@inject ISettingService SettingService
+
+<ModuleMessage Message="@message" />
+
+@if (PageState.User != null && profiles != null)
+{
+    <table class="table table-borderless">
+        <tr>
+            <td>
+                <label for="Name" class="control-label">Name: </label>
+            </td>
+            <td>
+                <input class="form-control" @bind="@displayname" />
+            </td>
+        </tr>
+        <tr>
+            <td>
+                <label for="Name" class="control-label">Email: </label>
+            </td>
+            <td>
+                <input class="form-control" @bind="@email" />
+            </td>
+        </tr>
+
+        @foreach (Profile profile in profiles)
+        {
+            var p = profile;
+            if (p.Category != category)
+            {
+                <tr>
+                    <th colspan="2" style="text-align: center;">
+                        @p.Category
+                    </th>
+                </tr>
+                category = p.Category;
+            }
+            <tr>
+                <td>
+                    <label for="@p.Name" class="control-label">@p.Title: </label>
+                </td>
+                <td>
+                    <input class="form-control" maxlength="@p.MaxLength" value="@GetProfileValue(p.Name, p.DefaultValue)" placeholder="@p.Description" @onchange="@(e => ProfileChanged(e, p.Name))" />
+                </td>
+            </tr>
+        }
+    </table>
+    <button type="button" class="btn btn-primary" @onclick="@SaveUser">Save</button>
+    <button type="button" class="btn btn-secondary" @onclick="@Cancel">Cancel</button>
+    <br />
+    <br />
+}
+
+@code {
+    public override SecurityAccessLevel SecurityAccessLevel { get { return SecurityAccessLevel.View; } }
+
+    string message = "";
+    string displayname = "";
+    string email = "";
+    List<Profile> profiles;
+    Dictionary<string, string> settings;
+    string category = "";
+
+    protected override async Task OnInitializedAsync()
+    {
+        try
+        {
+            if (PageState.User != null)
+            {
+                displayname = PageState.User.DisplayName;
+                email = PageState.User.Email;
+                profiles = await ProfileService.GetProfilesAsync(ModuleState.SiteId);
+                settings = await SettingService.GetUserSettingsAsync(PageState.User.UserId);
+            }
+            else
+            {
+                message = "Current User Is Not Logged In";
+            }
+        }
+        catch (Exception ex)
+        {
+            message = ex.Message;
+        }
+    }
+
+    private string GetProfileValue(string SettingName, string DefaultValue)
+    {
+        return SettingService.GetSetting(settings, SettingName, DefaultValue);
+    }
+
+    private async Task SaveUser()
+    {
+        try
+        {
+            User user = PageState.User;
+            user.DisplayName = displayname;
+            user.Email = email;
+            await UserService.UpdateUserAsync(user);
+            await SettingService.UpdateUserSettingsAsync(settings, PageState.User.UserId);
+
+            UriHelper.NavigateTo("");
+        }
+        catch (Exception ex)
+        {
+            message = ex.Message;
+        }
+    }
+
+    private void Cancel()
+    {
+        UriHelper.NavigateTo(NavigateUrl(""));
+    }
+
+    private void ProfileChanged(UIChangeEventArgs e, string SettingName)
+    {
+        string value = (string)e.Value;
+        settings = SettingService.SetSetting(settings, SettingName, value);
+    }
+}
diff --git a/Oqtane.Client/Modules/Admin/Register/Index.razor b/Oqtane.Client/Modules/Admin/Register/Index.razor
index d2380ba2..c9708440 100644
--- a/Oqtane.Client/Modules/Admin/Register/Index.razor
+++ b/Oqtane.Client/Modules/Admin/Register/Index.razor
@@ -2,6 +2,7 @@
 @using Oqtane.Modules
 @using Oqtane.Models
 @using Oqtane.Services
+@namespace Oqtane.Modules.Admin.Register
 @inherits ModuleBase
 @inject IUriHelper UriHelper
 @inject IUserService UserService
@@ -9,31 +10,37 @@
 <div class="container">
     <div class="form-group">
         <label for="Username" class="control-label">Email: </label>
-        <input type="text" name="Username" class="form-control" placeholder="Username" @bind="@Username" />
+        <input type="text" name="Username" class="form-control" placeholder="Username" @bind="@Email" />
     </div>
     <div class="form-group">
         <label for="Password" class="control-label">Password: </label>
         <input type="password" name="Password" class="form-control" placeholder="Password" @bind="@Password" />
     </div>
     <button type="button" class="btn btn-primary" @onclick="@RegisterUser">Register</button>
-    <NavLink class="btn btn-secondary" href="/">Cancel</NavLink>
+    <button type="button" class="btn btn-secondary" @onclick="@Cancel">Cancel</button>
 </div>
 
 @code {
-public override SecurityAccessLevelEnum SecurityAccessLevel { get { return SecurityAccessLevelEnum.Anonymous; } }
+    public override SecurityAccessLevel SecurityAccessLevel { get { return SecurityAccessLevel.Anonymous; } }
 
-public string Username { get; set; } = "";
-public string Password { get; set; } = "";
+    public string Email { get; set; } = "";
+    public string Password { get; set; } = "";
 
-private async Task RegisterUser()
-{
-    User user = new User();
-    user.Username = Username;
-    user.DisplayName = Username;
-    user.Roles = "Administrators;";
-    user.IsSuperUser = false;
-    user.Password = Password;
-    await UserService.AddUserAsync(user);
-    UriHelper.NavigateTo("");
-}
+    private async Task RegisterUser()
+    {
+        User user = new User();
+        user.SiteId = PageState.Site.SiteId;
+        user.Username = Email;
+        user.DisplayName = Email;
+        user.Email = Email;
+        user.IsHost = false;
+        user.Password = Password;
+        await UserService.AddUserAsync(user);
+        UriHelper.NavigateTo("");
+    }
+
+    private void Cancel()
+    {
+        UriHelper.NavigateTo(NavigateUrl("")); // navigate to home
+    }
 }
diff --git a/Oqtane.Client/Modules/Admin/Roles/Index.razor b/Oqtane.Client/Modules/Admin/Roles/Index.razor
new file mode 100644
index 00000000..f6c55e8e
--- /dev/null
+++ b/Oqtane.Client/Modules/Admin/Roles/Index.razor
@@ -0,0 +1,41 @@
+@using Oqtane.Services
+@using Oqtane.Models
+@using Oqtane.Modules
+@using Oqtane.Modules.Controls
+@namespace Oqtane.Modules.Admin.Roles
+@inherits ModuleBase
+@inject IRoleService RoleService
+
+@if (Roles == null)
+{
+    <p><em>Loading...</em></p>
+}
+else
+{
+    <table class="table table-borderless">
+        <thead>
+            <tr>
+                <th>Name</th>
+            </tr>
+        </thead>
+        <tbody>
+            @foreach (var Role in Roles)
+            {
+                <tr>
+                    <td>@Role.Name</td>
+                </tr>
+            }
+        </tbody>
+    </table>
+}
+
+@code {
+    public override SecurityAccessLevel SecurityAccessLevel { get { return SecurityAccessLevel.Admin; } }
+
+    List<Role> Roles;
+
+    protected override async Task OnInitializedAsync()
+    {
+        Roles = await RoleService.GetRolesAsync(PageState.Site.SiteId);
+    }
+}
\ No newline at end of file
diff --git a/Oqtane.Client/Modules/Admin/Sites/Add.razor b/Oqtane.Client/Modules/Admin/Sites/Add.razor
index ff04b471..f71372b9 100644
--- a/Oqtane.Client/Modules/Admin/Sites/Add.razor
+++ b/Oqtane.Client/Modules/Admin/Sites/Add.razor
@@ -2,6 +2,9 @@
 @using Oqtane.Models
 @using Oqtane.Services
 @using Oqtane.Modules
+@using Oqtane.Shared
+@using Oqtane.Security
+@namespace Oqtane.Modules.Admin.Sites
 @inherits ModuleBase
 @inject IUriHelper UriHelper
 @inject ITenantService TenantService
@@ -11,56 +14,56 @@
 
 @if (tenants == null)
 {
-<p><em>Loading...</em></p>
+    <p><em>Loading...</em></p>
 }
 else
 {
-<table class="form-group">
-    <tr>
-        <td>
-            <label for="Name" class="control-label">Tenant: </label>
-        </td>
-        <td>
-            <select class="form-control" @bind="@tenantid">
-                <option value="">&lt;Select Tenant&gt;</option>
-                @foreach (Tenant tenant in tenants)
-                {
-                <option value="@tenant.TenantId">@tenant.Name</option>
-                }
-            </select>
-        </td>
-    </tr>
-    <tr>
-        <td>
-            <label for="Name" class="control-label">Name: </label>
-        </td>
-        <td>
-            <input class="form-control" @bind="@name" />
-        </td>
-    </tr>
-    <tr>
-        <td>
-            <label for="Name" class="control-label">Alias: </label>
-        </td>
-        <td>
-            <input class="form-control" @bind="@url" />
-        </td>
-    </tr>
-    <tr>
-        <td>
-            <label for="Name" class="control-label">Logo: </label>
-        </td>
-        <td>
-            <input class="form-control" @bind="@logo" />
-        </td>
-    </tr>
-</table>
-<button class="btn btn-success" @onclick="@SaveSite">Save</button>
-<NavLink class="btn btn-secondary" href="@NavigateUrl()">Cancel</NavLink>
+    <table class="table table-borderless">
+        <tr>
+            <td>
+                <label for="Name" class="control-label">Tenant: </label>
+            </td>
+            <td>
+                <select class="form-control" @bind="@tenantid">
+                    <option value="">&lt;Select Tenant&gt;</option>
+                    @foreach (Tenant tenant in tenants)
+                    {
+                        <option value="@tenant.TenantId">@tenant.Name</option>
+                    }
+                </select>
+            </td>
+        </tr>
+        <tr>
+            <td>
+                <label for="Name" class="control-label">Name: </label>
+            </td>
+            <td>
+                <input class="form-control" @bind="@name" />
+            </td>
+        </tr>
+        <tr>
+            <td>
+                <label for="Name" class="control-label">Alias: </label>
+            </td>
+            <td>
+                <input class="form-control" @bind="@url" />
+            </td>
+        </tr>
+        <tr>
+            <td>
+                <label for="Name" class="control-label">Logo: </label>
+            </td>
+            <td>
+                <input class="form-control" @bind="@logo" />
+            </td>
+        </tr>
+    </table>
+    <button type="button" class="btn btn-success" @onclick="@SaveSite">Save</button>
+    <NavLink class="btn btn-secondary" href="@NavigateUrl()">Cancel</NavLink>
 }
 
 @code {
-    public override SecurityAccessLevelEnum SecurityAccessLevel { get { return SecurityAccessLevelEnum.Host; } }
+    public override SecurityAccessLevel SecurityAccessLevel { get { return SecurityAccessLevel.Host; } }
 
     List<Tenant> tenants;
     string tenantid;
@@ -68,7 +71,7 @@ else
     string url;
     string logo;
 
-    protected override async Task OnInitAsync()
+    protected override async Task OnInitializedAsync()
     {
         tenants = await TenantService.GetTenantsAsync();
     }
@@ -96,14 +99,18 @@ else
         p.Path = "";
         p.Order = 1;
         p.IsNavigation = true;
-        p.ThemeType = "Oqtane.Client.Themes.Theme1.Theme1, Oqtane.Client";
+        p.ThemeType = PageState.Site.DefaultThemeType;
         p.LayoutType = "";
         p.Icon = "";
         Type type = Type.GetType(p.ThemeType);
         System.Reflection.PropertyInfo property = type.GetProperty("Panes");
         p.Panes = (string)property.GetValue(Activator.CreateInstance(type), null);
-        p.ViewPermissions = "All Users";
-        p.EditPermissions = "Administrators";
+
+        List<PermissionString> permissionstrings = new List<PermissionString>();
+        permissionstrings.Add(new PermissionString { PermissionName = "View", Permissions = Constants.AllUsersRole });
+        permissionstrings.Add(new PermissionString { PermissionName = "Edit", Permissions = Constants.AdminRole });
+        p.Permissions = UserSecurity.SetPermissionStrings(permissionstrings);
+
         await PageService.AddPageAsync(p);
 
         UriHelper.NavigateTo(url, true);
diff --git a/Oqtane.Client/Modules/Admin/Sites/Index.razor b/Oqtane.Client/Modules/Admin/Sites/Index.razor
index bc54b094..5520bd54 100644
--- a/Oqtane.Client/Modules/Admin/Sites/Index.razor
+++ b/Oqtane.Client/Modules/Admin/Sites/Index.razor
@@ -1,7 +1,8 @@
 @using Oqtane.Services
 @using Oqtane.Models
 @using Oqtane.Modules
-@using Oqtane.Client.Modules.Controls
+@using Oqtane.Modules.Controls
+@namespace Oqtane.Modules.Admin.Sites
 @inherits ModuleBase
 
 @inject ISiteService SiteService
@@ -12,7 +13,7 @@
 }
 else
 {
-    <table class="table">
+    <table class="table table-borderless">
         <thead>
             <tr>
                 <th>Name</th>
@@ -31,11 +32,11 @@ else
 }
 
 @code {
-    public override SecurityAccessLevelEnum SecurityAccessLevel { get { return SecurityAccessLevelEnum.Host; } }
+    public override SecurityAccessLevel SecurityAccessLevel { get { return SecurityAccessLevel.Host; } }
 
     List<Site> sites;
 
-    protected override async Task OnInitAsync()
+    protected override async Task OnInitializedAsync()
     {
         sites = await SiteService.GetSitesAsync();
     }
diff --git a/Oqtane.Client/Modules/Admin/Themes/Index.razor b/Oqtane.Client/Modules/Admin/Themes/Index.razor
index 4c606d1a..0fbdc3ac 100644
--- a/Oqtane.Client/Modules/Admin/Themes/Index.razor
+++ b/Oqtane.Client/Modules/Admin/Themes/Index.razor
@@ -1,6 +1,7 @@
 @using Oqtane.Services
 @using Oqtane.Models
 @using Oqtane.Modules
+@namespace Oqtane.Modules.Admin.Themes
 @inherits ModuleBase
 
 @inject IThemeService ThemeService
@@ -11,7 +12,7 @@
 }
 else
 {
-    <table class="table">
+    <table class="table table-borderless">
         <thead>
             <tr>
                 <th>Name</th>
@@ -29,11 +30,11 @@ else
 }
 
 @code {
-    public override SecurityAccessLevelEnum SecurityAccessLevel { get { return SecurityAccessLevelEnum.Host; } }
+    public override SecurityAccessLevel SecurityAccessLevel { get { return SecurityAccessLevel.Host; } }
 
     List<Theme> Themes;
 
-    protected override async Task OnInitAsync()
+    protected override async Task OnInitializedAsync()
     {
         Themes = await ThemeService.GetThemesAsync();
     }
diff --git a/Oqtane.Client/Modules/Admin/Users/Index.razor b/Oqtane.Client/Modules/Admin/Users/Index.razor
index 5445251b..b5e54377 100644
--- a/Oqtane.Client/Modules/Admin/Users/Index.razor
+++ b/Oqtane.Client/Modules/Admin/Users/Index.razor
@@ -1,7 +1,8 @@
 @using Oqtane.Services
 @using Oqtane.Models
 @using Oqtane.Modules
-@using Oqtane.Client.Modules.Controls
+@using Oqtane.Modules.Controls
+@namespace Oqtane.Modules.Admin.Users
 @inherits ModuleBase
 
 @inject IUserService UserService
@@ -30,12 +31,12 @@ else
 }
 
 @code {
-    public override SecurityAccessLevelEnum SecurityAccessLevel { get { return SecurityAccessLevelEnum.Host; } }
+    public override SecurityAccessLevel SecurityAccessLevel { get { return SecurityAccessLevel.Admin; } }
 
     List<User> Users;
 
-    protected override async Task OnInitAsync()
+    protected override async Task OnInitializedAsync()
     {
-        Users = await UserService.GetUsersAsync();
+        Users = await UserService.GetUsersAsync(PageState.Site.SiteId);
     }
 }
\ No newline at end of file
diff --git a/Oqtane.Client/Modules/Controls/ActionLink.razor b/Oqtane.Client/Modules/Controls/ActionLink.razor
index bccc2d14..f1e8c6ce 100644
--- a/Oqtane.Client/Modules/Controls/ActionLink.razor
+++ b/Oqtane.Client/Modules/Controls/ActionLink.razor
@@ -2,34 +2,40 @@
 @using Oqtane.Modules
 @using Oqtane.Services
 @using Oqtane.Shared
+@using Oqtane.Security
+@namespace Oqtane.Modules.Controls
 @inherits ModuleBase
 @inject IUserService UserService
 
 @if (authorized)
 {
-    <NavLink class="@buttonClass" href="@url">@text</NavLink>
+    <NavLink class="@classname" href="@url" style="@style">@text</NavLink>
 }
 
 @code {
     [Parameter]
-    private string Action { get; set; }
+    public string Action { get; set; }
 
     [Parameter]
-    private string Text { get; set; } // optional
+    public string Text { get; set; } // optional
 
     [Parameter]
-    private string Parameters { get; set; } // optional
+    public string Parameters { get; set; } // optional
 
     [Parameter]
-    private string ButtonClass { get; set; } // optional
+    public string Class { get; set; } // optional
+
+    [Parameter]
+    public string Style { get; set; } // optional
 
     string text = "";
     string url = "";
     string parameters = "";
-    string buttonClass = "btn btn-primary";
+    string classname = "btn btn-primary";
+    string style = "";
     bool authorized = false;
 
-    protected override void OnInit()
+    protected override void OnParametersSet()
     {
         text = Action;
         if (!String.IsNullOrEmpty(Text))
@@ -42,36 +48,44 @@
             parameters = Parameters;
         }
 
-        if (!string.IsNullOrEmpty(ButtonClass))
+        if (!string.IsNullOrEmpty(Class))
         {
-            buttonClass = "btn " + ButtonClass;
+            classname = Class;
+        }
+
+        if (!string.IsNullOrEmpty(Style))
+        {
+            style = Style;
         }
 
         url = EditUrl(Action, parameters);
 
-        string typename = ModuleState.ModuleType.Replace(Utilities.GetTypeNameClass(ModuleState.ModuleType) + ",", Action + ",");
-        Type moduleType = Type.GetType(typename);
-        if (moduleType != null)
+        if (PageState.EditMode)
         {
-            var moduleobject = Activator.CreateInstance(moduleType);
-            SecurityAccessLevelEnum SecurityAccessLevel = (SecurityAccessLevelEnum)moduleType.GetProperty("SecurityAccessLevel").GetValue(moduleobject, null);
-            switch (SecurityAccessLevel)
+            string typename = ModuleState.ModuleType.Replace(Utilities.GetTypeNameClass(ModuleState.ModuleType) + ",", Action + ",");
+            Type moduleType = Type.GetType(typename);
+            if (moduleType != null)
             {
-                case SecurityAccessLevelEnum.Anonymous:
-                    authorized = true;
-                    break;
-                case SecurityAccessLevelEnum.View:
-                    authorized = UserService.IsAuthorized(PageState.User, ModuleState.ViewPermissions);
-                    break;
-                case SecurityAccessLevelEnum.Edit:
-                    authorized = UserService.IsAuthorized(PageState.User, ModuleState.EditPermissions);
-                    break;
-                case SecurityAccessLevelEnum.Admin:
-                    authorized = UserService.IsAuthorized(PageState.User, Constants.AdminRole);
-                    break;
-                case SecurityAccessLevelEnum.Host:
-                    authorized = PageState.User.IsSuperUser;
-                    break;
+                var moduleobject = Activator.CreateInstance(moduleType);
+                SecurityAccessLevel SecurityAccessLevel = (SecurityAccessLevel)moduleType.GetProperty("SecurityAccessLevel").GetValue(moduleobject, null);
+                switch (SecurityAccessLevel)
+                {
+                    case SecurityAccessLevel.Anonymous:
+                        authorized = true;
+                        break;
+                    case SecurityAccessLevel.View:
+                        authorized = UserSecurity.IsAuthorized(PageState.User, "View", ModuleState.Permissions);
+                        break;
+                    case SecurityAccessLevel.Edit:
+                        authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", ModuleState.Permissions);
+                        break;
+                    case SecurityAccessLevel.Admin:
+                        authorized = UserSecurity.IsAuthorized(PageState.User, Constants.AdminRole);
+                        break;
+                    case SecurityAccessLevel.Host:
+                        authorized = UserSecurity.IsAuthorized(PageState.User, Constants.HostRole);
+                        break;
+                }
             }
         }
     }
diff --git a/Oqtane.Client/Modules/Controls/AuditInfo.razor b/Oqtane.Client/Modules/Controls/AuditInfo.razor
new file mode 100644
index 00000000..bba7d0ba
--- /dev/null
+++ b/Oqtane.Client/Modules/Controls/AuditInfo.razor
@@ -0,0 +1,59 @@
+@using Oqtane.Modules
+@namespace Oqtane.Modules.Controls
+@inherits ModuleBase
+
+@if (text != "")
+{
+    @((MarkupString)@text)
+}
+
+@code {
+    [Parameter]
+    public string CreatedBy { get; set; }
+
+    [Parameter]
+    public DateTime CreatedOn { get; set; }
+
+    [Parameter]
+    public string ModifiedBy { get; set; }
+
+    [Parameter]
+    public DateTime ModifiedOn { get; set; }
+
+    [Parameter]
+    public string Style { get; set; }
+
+    string text = "";
+
+    protected override void OnParametersSet()
+    {
+        text = "";
+        if (!String.IsNullOrEmpty(CreatedBy) || CreatedOn != null)
+        {
+            text += "<p style=\"" + Style + "\">Created ";
+            if (!String.IsNullOrEmpty(CreatedBy))
+            {
+                text += " by <b>" + CreatedBy + "</b>";
+            }
+            if (CreatedOn != null)
+            {
+                text += " on <b>" + CreatedOn.ToString("MMM dd yyyy HH:mm:ss") + "</b>";
+            }
+            text += "</p>";
+        }
+
+        if (!String.IsNullOrEmpty(ModifiedBy) || ModifiedOn != null)
+        {
+            text += "<p style=\"" + Style + "\">Last modified ";
+            if (!String.IsNullOrEmpty(ModifiedBy))
+            {
+                text += " by <b>" + ModifiedBy + "</b>";
+            }
+            if (ModifiedOn != null)
+            {
+                text += " on <b>" + ModifiedOn.ToString("MMM dd yyyy HH:mm:ss") + "</b>";
+            }
+            text += "</p>";
+        }
+    }
+}
diff --git a/Oqtane.Client/Modules/Controls/FileUpload.razor b/Oqtane.Client/Modules/Controls/FileUpload.razor
new file mode 100644
index 00000000..6f19a0f5
--- /dev/null
+++ b/Oqtane.Client/Modules/Controls/FileUpload.razor
@@ -0,0 +1,45 @@
+@namespace Oqtane.Modules.Controls
+
+@if (multiple)
+{
+    <input type="file" id="@fileid" name="file" accept="@filter" multiple />
+}
+else
+{
+    <input type="file" id="@fileid" name="file" accept="@filter" />
+}
+<span id="@progressinfoid"></span> <progress id="@progressbarid" style="visibility: hidden;"></progress>
+
+@code {
+    [Parameter]
+    public string Name { get; set; } // optional - can be used for managing multiple file upload controls on a page
+
+    [Parameter]
+    public string Filter { get; set; } // optional - for restricting types of files that can be selected
+
+    [Parameter]
+    public string Multiple { get; set; } // optional - enable multiple file uploads
+
+    string fileid = "";
+    string progressinfoid = "";
+    string progressbarid = "";
+    string filter = "*";
+    bool multiple = false;
+
+    protected override void OnInitialized()
+    {
+        fileid = Name + "FileInput";
+        progressinfoid = Name + "ProgressInfo";
+        progressbarid = Name + "ProgressBar";
+
+        if (!string.IsNullOrEmpty(Filter))
+        {
+            filter = Filter;
+        }
+
+        if (!string.IsNullOrEmpty(Multiple))
+        {
+            multiple = bool.Parse(Multiple);
+        }
+    }
+}
diff --git a/Oqtane.Client/Modules/Controls/ModuleMessage.razor b/Oqtane.Client/Modules/Controls/ModuleMessage.razor
new file mode 100644
index 00000000..18b7694e
--- /dev/null
+++ b/Oqtane.Client/Modules/Controls/ModuleMessage.razor
@@ -0,0 +1,39 @@
+@using Oqtane.Modules
+@namespace Oqtane.Modules.Controls
+@inherits ModuleBase
+
+@if (Message != "")
+{
+    <div class="@type">@Message</div>
+    <br />
+    <br />
+}
+
+@code {
+    [Parameter]
+    public string Message { get; set; }
+
+    [Parameter]
+    public MessageType Type { get; set; }
+
+    string type = "alert alert-danger";
+
+    protected override void OnInitialized()
+    {
+        switch (Type)
+        {
+            case MessageType.Success:
+                type = "alert alert-success";
+                break;
+            case MessageType.Info:
+                type = "alert alert-info";
+                break;
+            case MessageType.Warning:
+                type = "alert alert-warning";
+                break;
+            case MessageType.Error:
+                type = "alert alert-danger";
+                break;
+        }
+    }
+}
diff --git a/Oqtane.Client/Modules/Controls/PermissionGrid.razor b/Oqtane.Client/Modules/Controls/PermissionGrid.razor
new file mode 100644
index 00000000..0174d1fa
--- /dev/null
+++ b/Oqtane.Client/Modules/Controls/PermissionGrid.razor
@@ -0,0 +1,213 @@
+@using Oqtane.Services
+@using Oqtane.Modules
+@using Oqtane.Models
+@using Oqtane.Security
+@using Oqtane.Shared
+@namespace Oqtane.Modules.Controls
+@inherits ModuleBase
+@inject IRoleService RoleService
+@inject IUserService UserService
+
+@if (roles != null)
+{
+    <br />
+    <table class="table">
+        <tbody>
+            <tr>
+                <th>Role</th>
+                @foreach (PermissionString permission in permissions)
+                {
+                    <th style="text-align: center;">@permission.PermissionName @EntityName</th>
+                }
+            </tr>
+            @foreach (Role role in roles)
+            {
+                <tr>
+                    <td>@role.Name</td>
+                    @foreach (PermissionString permission in permissions)
+                    {
+                        var p = permission;
+                        <td style="text-align: center;">
+                            <TriStateCheckBox Value=@GetPermissionValue(p.Permissions, role.Name) Disabled=@GetPermissionDisabled(role.Name) OnChange="@(e => PermissionChanged(e, p.PermissionName, role.Name))" />
+                        </td>
+                    }
+                </tr>
+            }
+        </tbody>
+    </table>
+    @if (@users.Count != 0)
+    {
+        <table class="table">
+            <thead>
+                <tr>
+                    <th>User</th>
+                    @foreach (PermissionString permission in permissions)
+                    {
+                        <th style="text-align: center;">@permission.PermissionName @EntityName</th>
+                    }
+                </tr>
+            </thead>
+            <tbody>
+                @foreach (User user in users)
+                {
+                    string userid = "[" + user.UserId.ToString() + "]";
+                    <tr>
+                        <td>@user.DisplayName</td>
+                        @foreach (PermissionString permission in permissions)
+                        {
+                            var p = permission;
+                            <td style="text-align: center;">
+                                <TriStateCheckBox Value=@GetPermissionValue(p.Permissions, userid) Disabled=@GetPermissionDisabled(userid) OnChange="@(e => PermissionChanged(e, p.PermissionName, userid))" />
+                            </td>
+                        }
+                    </tr>
+                }
+            </tbody>
+        </table>
+    }
+    <table class="table">
+        <tbody>
+            <tr>
+                <td style="text-align: right;"><label for="Username" class="control-label">User: </label></td>
+                <td><input type="text" name="Username" class="form-control" placeholder="Enter Username" @bind="@username" /></td>
+                <td style="text-align: left;"><button type="button" class="btn btn-primary" @onclick="@AddUser">Add</button></td>
+            </tr>
+        </tbody>
+    </table>
+    <br />
+    <ModuleMessage Type="MessageType.Error" Message="@message" />
+}
+
+@code {
+    [Parameter]
+    public string EntityName { get; set; }
+
+    [Parameter]
+    public string Permissions { get; set; }
+
+    string permissionnames = "";
+    List<Role> roles;
+    List<PermissionString> permissions = new List<PermissionString>();
+    List<User> users = new List<User>();
+    string username = "";
+    string message = "";
+
+    protected override async Task OnInitializedAsync()
+    {
+        permissionnames = PageState.ModuleDefinitions.Find(item => item.ModuleDefinitionName == ModuleState.ModuleDefinitionName).Permissions;
+        if (string.IsNullOrEmpty(permissionnames))
+        {
+            permissionnames = "View,Edit";
+        }
+        roles = await RoleService.GetRolesAsync(ModuleState.SiteId);
+        roles.Insert(0, new Role { Name = Constants.AllUsersRole });
+
+        foreach (string permissionname in permissionnames.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries))
+        {
+            permissions.Add(new PermissionString { PermissionName = permissionname, Permissions = "" });
+        }
+        foreach (PermissionString permissionstring in UserSecurity.GetPermissionStrings(Permissions))
+        {
+            if (permissions.Find(item => item.PermissionName == permissionstring.PermissionName) != null)
+            {
+                permissions[permissions.FindIndex(item => item.PermissionName == permissionstring.PermissionName)].Permissions = permissionstring.Permissions;
+            }
+            if (permissionstring.Permissions.Contains("["))
+            {
+                foreach (string user in permissionstring.Permissions.Split(new char[] { '[' }, StringSplitOptions.RemoveEmptyEntries))
+                {
+                    if (user.Contains("]"))
+                    {
+                        int userid = int.Parse(user.Substring(0, user.IndexOf("]")));
+                        if (users.Where(item => item.UserId == userid).FirstOrDefault() == null)
+                        {
+                            users.Add(await UserService.GetUserAsync(userid, ModuleState.SiteId));
+                        }
+                    }
+                }
+            }
+        }
+    }
+
+    private bool? GetPermissionValue(string Permissions, string SecurityKey)
+    {
+        if ((";" + Permissions + ";").Contains(";" + "!" + SecurityKey + ";"))
+        {
+            return false; // deny permission
+        }
+        else
+        {
+            if ((";" + Permissions + ";").Contains(";" + SecurityKey + ";"))
+            {
+                return true; // grant permission
+            }
+            else
+            {
+                return null; // not specified
+            }
+        }
+    }
+
+    private bool GetPermissionDisabled(string RoleName)
+    {
+        if (RoleName == Constants.AdminRole)
+        {
+            return true;
+        }
+        else
+        {
+            return false;
+        }
+    }
+
+    private async Task AddUser()
+    {
+        if (users.Where(item => item.Username == username).FirstOrDefault() == null)
+        {
+            try
+            {
+                User user = await UserService.GetUserAsync(username, ModuleState.SiteId);
+                if (user != null)
+                {
+                    users.Add(user);
+                }
+            }
+            catch
+            {
+                message = "Username Does Not Exist";
+            }
+        }
+        username = "";
+    }
+
+    private void PermissionChanged(bool? Value, string PermissionName, string SecurityId)
+    {
+        bool? selected = Value;
+        PermissionString permission = permissions.Find(item => item.PermissionName == PermissionName);
+        if (permission != null)
+        {
+            List<string> ids = permission.Permissions.Split(';').ToList();
+
+            ids.Remove(SecurityId); // remove grant permission
+            ids.Remove("!" + SecurityId); // remove deny permission
+
+            switch (selected)
+            {
+                case true:
+                    ids.Add(SecurityId); // add grant permission
+                    break;
+                case false:
+                    ids.Add("!" + SecurityId); // add deny permission
+                    break;
+                case null:
+                    break; // permission not specified
+            }
+            permissions[permissions.FindIndex(item => item.PermissionName == PermissionName)].Permissions = string.Join(";", ids.ToArray());
+        }
+    }
+
+    public string GetPermissions()
+    {
+        return UserSecurity.SetPermissionStrings(permissions);
+    }
+}
diff --git a/Oqtane.Client/Modules/Controls/TriStateCheckBox.razor b/Oqtane.Client/Modules/Controls/TriStateCheckBox.razor
new file mode 100644
index 00000000..c8881f3f
--- /dev/null
+++ b/Oqtane.Client/Modules/Controls/TriStateCheckBox.razor
@@ -0,0 +1,62 @@
+@namespace Oqtane.Modules.Controls
+
+<img src="@src" title="@title" disabled=@Disabled @onclick="SetValue" />
+
+@code {
+    [Parameter]
+    public bool? Value { get; set; }
+
+    [Parameter]
+    public bool Disabled { get; set; }
+
+    [Parameter]
+    public Action<bool?> OnChange { get; set; }
+
+    bool? value = null;
+    string title;
+    string src = "";
+
+    protected override void OnInitialized()
+    {
+        value = Value;
+        SetImage();
+    }
+
+    private void SetValue()
+    {
+        switch (value)
+        {
+            case true:
+                value = false;
+                break;
+            case false:
+                value = null;
+                break;
+            case null:
+                value = true;
+                break;
+        }
+        SetImage();
+        OnChange(value);
+    }
+
+    private void SetImage()
+    {
+        switch (value)
+        {
+            case true:
+                src = "images/checked.png";
+                title = "Permission Granted";
+                break;
+            case false:
+                src = "images/unchecked.png";
+                title = "Permission Denied";
+                break;
+            case null:
+                src = "images/null.png";
+                title = "";
+                break;
+        }
+        StateHasChanged();
+    }
+}
diff --git a/Oqtane.Client/Modules/Counter/Index.razor b/Oqtane.Client/Modules/Counter/Index.razor
index 77dd787d..9b1ef774 100644
--- a/Oqtane.Client/Modules/Counter/Index.razor
+++ b/Oqtane.Client/Modules/Counter/Index.razor
@@ -1,9 +1,11 @@
 @using Oqtane.Modules
+@namespace Oqtane.Modules.Counter
 @inherits ModuleBase
 Current count: @currentCount
 <br />
-<button class="btn btn-primary" @onclick="@IncrementCount">Click me</button>
-<br /><br />
+<button type="button" class="btn btn-primary" @onclick="@IncrementCount">Click me</button>
+<br />
+<br />
 
 @code {
     int currentCount = 0;
diff --git a/Oqtane.Client/Modules/Counter/Module.cs b/Oqtane.Client/Modules/Counter/Module.cs
index 63973db1..972e366f 100644
--- a/Oqtane.Client/Modules/Counter/Module.cs
+++ b/Oqtane.Client/Modules/Counter/Module.cs
@@ -1,16 +1,22 @@
 using Oqtane.Modules;
+using System.Collections.Generic;
 
-namespace Oqtane.Client.Modules.Counter
+namespace Oqtane.Modules.Counter
 {
     public class Module : IModule
     {
-        public string Name { get { return "Counter"; } }
-        public string Description { get { return "Increments a counter"; } }
-        public string Version { get { return "1.0.0"; } }
-        public string Owner { get { return ""; } }
-        public string Url { get { return ""; } }
-        public string Contact { get { return ""; } }
-        public string License { get { return ""; } }
-        public string Dependencies { get { return ""; } }
+        public Dictionary<string, string> Properties
+        {
+            get
+            {
+                Dictionary<string, string> properties = new Dictionary<string, string>
+                {
+                    { "Name", "Counter" },
+                    { "Description", "Increments a counter" },
+                    { "Version", "1.0.0" }
+                };
+                return properties;
+            }
+        }
     }
 }
diff --git a/Oqtane.Client/Modules/HtmlText/Edit.razor b/Oqtane.Client/Modules/HtmlText/Edit.razor
index 63c4b2f3..2ba17971 100644
--- a/Oqtane.Client/Modules/HtmlText/Edit.razor
+++ b/Oqtane.Client/Modules/HtmlText/Edit.razor
@@ -1,62 +1,90 @@
 @using Microsoft.AspNetCore.Components.Routing
 @using Oqtane.Modules
-@using Oqtane.Client.Modules.HtmlText.Services
-@using Oqtane.Shared.Modules.HtmlText.Models
+@using Oqtane.Modules.Controls
+@using Oqtane.Modules.HtmlText.Services
+@using Oqtane.Modules.HtmlText.Models
 @using System.Net.Http;
 @using Oqtane.Shared;
+@namespace Oqtane.Modules.HtmlText
 @inherits ModuleBase
 @inject IUriHelper UriHelper
 @inject HttpClient http
 @inject SiteState sitestate
 
-<form>
-    <table class="form-group">
-        <tr>
-            <td>
-                <label for="Name" class="control-label">Content: </label>
-            </td>
-            <td>
-                <textarea class="form-control" @bind="@content" rows="5" style="width:400px;" />
-            </td>
-        </tr>
-    </table>
-    <button class="btn btn-success" @onclick="@SaveContent">Save</button>
-    <NavLink class="btn btn-secondary" href="@NavigateUrl()">Cancel</NavLink>
-</form>
+<ModuleMessage Message="@message" />
+
+<table class="form-group">
+    <tr>
+        <td>
+            <label for="Name" class="control-label">Content: </label>
+        </td>
+        <td>
+            <textarea class="form-control" @bind="@content" rows="5" style="width:400px;" />
+        </td>
+    </tr>
+</table>
+<button type="button" class="btn btn-success" @onclick="@SaveContent">Save</button>
+<NavLink class="btn btn-secondary" href="@NavigateUrl()">Cancel</NavLink>
+<br />
+<br />
+<AuditInfo CreatedBy="@createdby" CreatedOn="@createdon" ModifiedBy="@modifiedby" ModifiedOn="@modifiedon"></AuditInfo>
 
 @code {
-    public override SecurityAccessLevelEnum SecurityAccessLevel { get { return SecurityAccessLevelEnum.Edit; } }
+    public override SecurityAccessLevel SecurityAccessLevel { get { return SecurityAccessLevel.Edit; } }
     public override string Title { get { return "Edit Html/Text"; } }
 
-    HtmlTextInfo htmltext;
+    string message = "";
     string content;
+    string createdby;
+    DateTime createdon;
+    string modifiedby;
+    DateTime modifiedon;
 
-    protected override async Task OnInitAsync()
+    protected override async Task OnInitializedAsync()
     {
-        HtmlTextService htmltextservice = new HtmlTextService(http, sitestate, UriHelper);
-        List<HtmlTextInfo> htmltextlist = await htmltextservice.GetHtmlTextAsync(ModuleState.ModuleId);
-        if (htmltextlist != null)
+        try
         {
-            htmltext = htmltextlist.FirstOrDefault();
-            content = htmltext.Content;
+            HtmlTextService htmltextservice = new HtmlTextService(http, sitestate, UriHelper);
+            HtmlTextInfo htmltext = await htmltextservice.GetHtmlTextAsync(ModuleState.ModuleId);
+            if (htmltext != null)
+            {
+                content = htmltext.Content;
+                createdby = htmltext.CreatedBy;
+                createdon = htmltext.CreatedOn;
+                modifiedby = htmltext.ModifiedBy;
+                modifiedon = htmltext.ModifiedOn;
+            }
+        }
+        catch (Exception ex)
+        {
+            message = ex.Message;
         }
     }
 
     private async Task SaveContent()
     {
-        HtmlTextService htmltextservice = new HtmlTextService(http, sitestate, UriHelper);
-        if (htmltext != null)
+        try
         {
-            htmltext.Content = content;
-            await htmltextservice.UpdateHtmlTextAsync(htmltext);
+            HtmlTextService htmltextservice = new HtmlTextService(http, sitestate, UriHelper);
+            HtmlTextInfo htmltext = await htmltextservice.GetHtmlTextAsync(ModuleState.ModuleId);
+            if (htmltext != null)
+            {
+                htmltext.Content = content;
+                await htmltextservice.UpdateHtmlTextAsync(htmltext);
+            }
+            else
+            {
+                htmltext = new HtmlTextInfo();
+                htmltext.ModuleId = ModuleState.ModuleId;
+                htmltext.Content = content;
+                await htmltextservice.AddHtmlTextAsync(htmltext);
+            }
+            PageState.Reload = Constants.ReloadPage;
+            UriHelper.NavigateTo(NavigateUrl());
         }
-        else
+        catch (Exception ex)
         {
-            htmltext = new HtmlTextInfo();
-            htmltext.ModuleId = ModuleState.ModuleId;
-            htmltext.Content = content;
-            await htmltextservice.AddHtmlTextAsync(htmltext);
+            message = ex.Message;
         }
-        UriHelper.NavigateTo(NavigateUrl(), true);
     }
 }
diff --git a/Oqtane.Client/Modules/HtmlText/Index.razor b/Oqtane.Client/Modules/HtmlText/Index.razor
index 90d86153..c27172b1 100644
--- a/Oqtane.Client/Modules/HtmlText/Index.razor
+++ b/Oqtane.Client/Modules/HtmlText/Index.razor
@@ -1,28 +1,42 @@
-@using Oqtane.Client.Modules.HtmlText.Services
+@using Oqtane.Modules.HtmlText.Services
 @using Oqtane.Modules
-@using Oqtane.Shared.Modules.HtmlText.Models
+@using Oqtane.Modules.HtmlText.Models
 @using System.Net.Http;
-@using Oqtane.Client.Modules.Controls
+@using Oqtane.Modules.Controls
 @using Oqtane.Shared;
+@namespace Oqtane.Modules.HtmlText
 @inherits ModuleBase
 @inject IUriHelper UriHelper
 @inject HttpClient http
 @inject SiteState sitestate
 
+<ModuleMessage Message="@message" />
+
 @((MarkupString)content)
 
-<br /><ActionLink Action="Edit" /><br /><br />
+<br />
+<ActionLink Action="Edit" />
+<br />
+<br />
 
 @code {
+    string message = "";
     string content;
 
-    protected override async Task OnInitAsync()
+    protected override async Task OnParametersSetAsync()
     {
-        HtmlTextService htmltextservice = new HtmlTextService(http, sitestate, UriHelper);
-        List<HtmlTextInfo> htmltext = await htmltextservice.GetHtmlTextAsync(ModuleState.ModuleId);
-        if (htmltext != null)
+        try
         {
-            content = htmltext.FirstOrDefault().Content;
+            HtmlTextService htmltextservice = new HtmlTextService(http, sitestate, UriHelper);
+            HtmlTextInfo htmltext = await htmltextservice.GetHtmlTextAsync(ModuleState.ModuleId);
+            if (htmltext != null)
+            {
+                content = htmltext.Content;
+            }
+        }
+        catch (Exception ex)
+        {
+            message = ex.Message;
         }
     }
 }
\ No newline at end of file
diff --git a/Oqtane.Client/Modules/HtmlText/Module.cs b/Oqtane.Client/Modules/HtmlText/Module.cs
index 5fff736d..2928d111 100644
--- a/Oqtane.Client/Modules/HtmlText/Module.cs
+++ b/Oqtane.Client/Modules/HtmlText/Module.cs
@@ -1,16 +1,22 @@
 using Oqtane.Modules;
+using System.Collections.Generic;
 
-namespace Oqtane.Client.Modules.HtmlText
+namespace Oqtane.Modules.HtmlText
 {
     public class Module : IModule
     {
-        public string Name { get { return "HtmlText"; } }
-        public string Description { get { return "Renders HTML or Text"; } }
-        public string Version { get { return "1.0.0"; } }
-        public string Owner { get { return ""; } }
-        public string Url { get { return ""; } }
-        public string Contact { get { return ""; } }
-        public string License { get { return ""; } }
-        public string Dependencies { get { return ""; } }
+        public Dictionary<string, string> Properties
+        {
+            get
+            {
+                Dictionary<string, string> properties = new Dictionary<string, string>
+                {
+                    { "Name", "HtmlText" },
+                    { "Description", "Renders HTML or Text" },
+                    { "Version", "1.0.0" }
+                };
+                return properties;
+            }
+        }
     }
 }
diff --git a/Oqtane.Client/Modules/HtmlText/Services/HtmlTextService.cs b/Oqtane.Client/Modules/HtmlText/Services/HtmlTextService.cs
index e8257b00..e2849879 100644
--- a/Oqtane.Client/Modules/HtmlText/Services/HtmlTextService.cs
+++ b/Oqtane.Client/Modules/HtmlText/Services/HtmlTextService.cs
@@ -4,10 +4,10 @@ using System.Threading.Tasks;
 using System.Net.Http;
 using Microsoft.AspNetCore.Components;
 using Oqtane.Services;
-using Oqtane.Shared.Modules.HtmlText.Models;
+using Oqtane.Modules.HtmlText.Models;
 using Oqtane.Shared;
 
-namespace Oqtane.Client.Modules.HtmlText.Services
+namespace Oqtane.Modules.HtmlText.Services
 {
     public class HtmlTextService : ServiceBase, IHtmlTextService
     {
@@ -27,28 +27,24 @@ namespace Oqtane.Client.Modules.HtmlText.Services
             get { return CreateApiUrl(sitestate.Alias, urihelper.GetAbsoluteUri(), "HtmlText"); }
         }
 
-        public async Task<List<HtmlTextInfo>> GetHtmlTextAsync(int ModuleId)
+        public async Task<HtmlTextInfo> GetHtmlTextAsync(int ModuleId)
         {
-            List<HtmlTextInfo> htmltext = await http.GetJsonAsync<List<HtmlTextInfo>>(apiurl);
-            htmltext = htmltext
-                .Where(item => item.ModuleId == ModuleId)
-                .ToList();
-            return htmltext;
+            return await http.GetJsonAsync<HtmlTextInfo>(apiurl + "/" + ModuleId.ToString() + "?entityid=" + ModuleId.ToString());
         }
 
         public async Task AddHtmlTextAsync(HtmlTextInfo htmltext)
         {
-            await http.PostJsonAsync(apiurl, htmltext);
+            await http.PostJsonAsync(apiurl + "?entityid=" + htmltext.ModuleId.ToString(), htmltext);
         }
 
         public async Task UpdateHtmlTextAsync(HtmlTextInfo htmltext)
         {
-            await http.PutJsonAsync(apiurl + "/" + htmltext.HtmlTextId.ToString(), htmltext);
+            await http.PutJsonAsync(apiurl + "/" + htmltext.HtmlTextId.ToString() + "?entityid=" + htmltext.ModuleId.ToString(), htmltext);
         }
 
-        public async Task DeleteHtmlTextAsync(int HtmlTextId)
+        public async Task DeleteHtmlTextAsync(int ModuleId)
         {
-            await http.DeleteAsync(apiurl + "/" + HtmlTextId.ToString());
+            await http.DeleteAsync(apiurl + "/" + ModuleId.ToString() + "?entityid=" + ModuleId.ToString());
         }
     }
 }
diff --git a/Oqtane.Client/Modules/HtmlText/Services/IHtmlTextService.cs b/Oqtane.Client/Modules/HtmlText/Services/IHtmlTextService.cs
index c0dcc46c..6ce1d646 100644
--- a/Oqtane.Client/Modules/HtmlText/Services/IHtmlTextService.cs
+++ b/Oqtane.Client/Modules/HtmlText/Services/IHtmlTextService.cs
@@ -1,17 +1,17 @@
 using System.Collections.Generic;
 using System.Threading.Tasks;
-using Oqtane.Shared.Modules.HtmlText.Models;
+using Oqtane.Modules.HtmlText.Models;
 
-namespace Oqtane.Client.Modules.HtmlText.Services
+namespace Oqtane.Modules.HtmlText.Services
 {
     public interface IHtmlTextService 
     {
-        Task<List<HtmlTextInfo>> GetHtmlTextAsync(int ModuleId);
+        Task<HtmlTextInfo> GetHtmlTextAsync(int ModuleId);
 
         Task AddHtmlTextAsync(HtmlTextInfo htmltext);
 
         Task UpdateHtmlTextAsync(HtmlTextInfo htmltext);
 
-        Task DeleteHtmlTextAsync(int HtmlTextId);
+        Task DeleteHtmlTextAsync(int ModuleId);
     }
 }
diff --git a/Oqtane.Client/Modules/IModule.cs b/Oqtane.Client/Modules/IModule.cs
index 510c36a3..675378b8 100644
--- a/Oqtane.Client/Modules/IModule.cs
+++ b/Oqtane.Client/Modules/IModule.cs
@@ -1,14 +1,9 @@
-namespace Oqtane.Modules
+using System.Collections.Generic;
+
+namespace Oqtane.Modules
 {
     public interface IModule
     {
-        string Name { get; }
-        string Description { get; }
-        string Version { get; }
-        string Owner { get; }
-        string Url { get; }
-        string Contact { get; }
-        string License { get; }
-        string Dependencies { get; }
+        Dictionary<string, string> Properties { get; }
     }
 }
diff --git a/Oqtane.Client/Modules/IModuleControl.cs b/Oqtane.Client/Modules/IModuleControl.cs
index 7f1eb4b6..3fd7516c 100644
--- a/Oqtane.Client/Modules/IModuleControl.cs
+++ b/Oqtane.Client/Modules/IModuleControl.cs
@@ -2,8 +2,9 @@
 {
     public interface IModuleControl
     {
-        string Title { get; }
-        SecurityAccessLevelEnum SecurityAccessLevel { get; }
-        string Actions { get; } // can be specified as a comma delimited set of values
+        SecurityAccessLevel SecurityAccessLevel { get; } // defines the security access level for this control - defaults to View
+        string Title { get; } // title to display for this control - defaults to module title
+        string Actions { get; } // allows for routing by configuration rather than by convention ( comma delimited ) - defaults to using component file name
+        bool UseAdminContainer { get; } // container for embedding module control - defaults to true
     }
 }
diff --git a/Oqtane.Client/Modules/MessageType.cs b/Oqtane.Client/Modules/MessageType.cs
new file mode 100644
index 00000000..a78f95f9
--- /dev/null
+++ b/Oqtane.Client/Modules/MessageType.cs
@@ -0,0 +1,10 @@
+namespace Oqtane.Modules
+{
+    public enum MessageType
+    {
+        Success,
+        Info,
+        Warning,
+        Error
+    }
+}
diff --git a/Oqtane.Client/Modules/ModuleBase.cs b/Oqtane.Client/Modules/ModuleBase.cs
index 80fc318b..6f176c38 100644
--- a/Oqtane.Client/Modules/ModuleBase.cs
+++ b/Oqtane.Client/Modules/ModuleBase.cs
@@ -12,40 +12,52 @@ namespace Oqtane.Modules
         [CascadingParameter]
         protected Module ModuleState { get; set; }
 
-        public virtual string Title { get { return ""; } }
+        public virtual SecurityAccessLevel SecurityAccessLevel { get { return SecurityAccessLevel.View; } set { } } // default security
 
-        public virtual SecurityAccessLevelEnum SecurityAccessLevel { get { return SecurityAccessLevelEnum.View; } set { } } // default security
+        public virtual string Title { get { return ""; } }
 
         public virtual string Actions { get { return ""; } }
 
+        public virtual bool UseAdminContainer { get { return true; } }
+
         public string NavigateUrl()
         {
-            return Utilities.NavigateUrl(PageState);
-        }
-
-        public string NavigateUrl(bool reload)
-        {
-            return Utilities.NavigateUrl(PageState, reload);
+            return NavigateUrl(PageState.Page.Path);
         }
 
         public string NavigateUrl(string path)
         {
-            return Utilities.NavigateUrl(PageState, path);
+            return NavigateUrl(path, "");
         }
 
-        public string NavigateUrl(string path, bool reload)
+        public string NavigateUrl(string path, string parameters)
         {
-            return Utilities.NavigateUrl(PageState, path, reload);
+            return Utilities.NavigateUrl(PageState.Alias.Path, path, parameters);
         }
 
         public string EditUrl(string action)
         {
-            return Utilities.EditUrl(PageState, ModuleState, action, "");
+            return EditUrl(ModuleState.ModuleId, action);
         }
 
         public string EditUrl(string action, string parameters)
         {
-            return Utilities.EditUrl(PageState, ModuleState, action, parameters);
+            return EditUrl(ModuleState.ModuleId, action, parameters);
+        }
+
+        public string EditUrl(int moduleid, string action)
+        {
+            return EditUrl(moduleid, action, "");
+        }
+
+        public string EditUrl(int moduleid, string action, string parameters)
+        {
+            return EditUrl(PageState.Page.Path, moduleid, action, parameters);
+        }
+
+        public string EditUrl(string path, int moduleid, string action, string parameters)
+        {
+            return Utilities.EditUrl(PageState.Alias.Path, path, moduleid, action, parameters);
         }
     }
 }
diff --git a/Oqtane.Client/Modules/Weather/Index.razor b/Oqtane.Client/Modules/Weather/Index.razor
index 5ca38bc8..55ff47a2 100644
--- a/Oqtane.Client/Modules/Weather/Index.razor
+++ b/Oqtane.Client/Modules/Weather/Index.razor
@@ -1,5 +1,6 @@
 @using Oqtane.Modules
-@using Oqtane.Client.Modules.Weather.Services
+@using Oqtane.Modules.Weather.Services
+@namespace Oqtane.Modules.Weather
 @inherits ModuleBase
 
 @if (forecasts == null)
@@ -34,7 +35,7 @@ else
 @code {
     WeatherForecast[] forecasts;
 
-    protected override async Task OnInitAsync()
+    protected override async Task OnInitializedAsync()
     {
         WeatherForecastService forecastservice = new WeatherForecastService();
         forecasts = await forecastservice.GetForecastAsync(DateTime.Now);
diff --git a/Oqtane.Client/Modules/Weather/Models/WeatherForecast.cs b/Oqtane.Client/Modules/Weather/Models/WeatherForecast.cs
index 5831c6f4..7e02ea8a 100644
--- a/Oqtane.Client/Modules/Weather/Models/WeatherForecast.cs
+++ b/Oqtane.Client/Modules/Weather/Models/WeatherForecast.cs
@@ -1,6 +1,6 @@
 using System;
 
-namespace Oqtane.Client.Modules.Weather
+namespace Oqtane.Modules.Weather
 {
     public class WeatherForecast
     {
diff --git a/Oqtane.Client/Modules/Weather/Module.cs b/Oqtane.Client/Modules/Weather/Module.cs
index d816244b..04286cba 100644
--- a/Oqtane.Client/Modules/Weather/Module.cs
+++ b/Oqtane.Client/Modules/Weather/Module.cs
@@ -1,16 +1,22 @@
 using Oqtane.Modules;
+using System.Collections.Generic;
 
-namespace Oqtane.Client.Modules.Weather
+namespace Oqtane.Modules.Weather
 {
     public class Module : IModule
     {
-        public string Name { get { return "Weather"; } }
-        public string Description { get { return "Displays random weather using a service"; } }
-        public string Version { get { return "1.0.0"; } }
-        public string Owner { get { return ""; } }
-        public string Url { get { return ""; } }
-        public string Contact { get { return ""; } }
-        public string License { get { return ""; } }
-        public string Dependencies { get { return ""; } }
+        public Dictionary<string, string> Properties
+        {
+            get
+            {
+                Dictionary<string, string> properties = new Dictionary<string, string>
+                {
+                    { "Name", "Weather" },
+                    { "Description", "Displays random weather using a service" },
+                    { "Version", "1.0.0" }
+                };
+                return properties;
+            }
+        }
     }
 }
diff --git a/Oqtane.Client/Modules/Weather/Services/IWeatherForecastService.cs b/Oqtane.Client/Modules/Weather/Services/IWeatherForecastService.cs
index 883ce664..743848fb 100644
--- a/Oqtane.Client/Modules/Weather/Services/IWeatherForecastService.cs
+++ b/Oqtane.Client/Modules/Weather/Services/IWeatherForecastService.cs
@@ -1,7 +1,7 @@
 using System;
 using System.Threading.Tasks;
 
-namespace Oqtane.Client.Modules.Weather.Services
+namespace Oqtane.Modules.Weather.Services
 {
     public interface IWeatherForecastService
     {
diff --git a/Oqtane.Client/Modules/Weather/Services/WeatherForecastService.cs b/Oqtane.Client/Modules/Weather/Services/WeatherForecastService.cs
index e2c02b23..e6ad13d9 100644
--- a/Oqtane.Client/Modules/Weather/Services/WeatherForecastService.cs
+++ b/Oqtane.Client/Modules/Weather/Services/WeatherForecastService.cs
@@ -3,7 +3,7 @@ using System;
 using System.Linq;
 using System.Threading.Tasks;
 
-namespace Oqtane.Client.Modules.Weather.Services
+namespace Oqtane.Modules.Weather.Services
 {
     public class WeatherForecastService : IWeatherForecastService
     {
diff --git a/Oqtane.Client/Oqtane.Client.csproj b/Oqtane.Client/Oqtane.Client.csproj
index 12c8fdef..63384937 100644
--- a/Oqtane.Client/Oqtane.Client.csproj
+++ b/Oqtane.Client/Oqtane.Client.csproj
@@ -27,8 +27,9 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.AspNetCore.Blazor" Version="3.0.0-preview6.19307.2" />
-    <PackageReference Include="Microsoft.AspNetCore.Blazor.Build" Version="3.0.0-preview6.19307.2" PrivateAssets="all" />
+    <PackageReference Include="Microsoft.AspNetCore.Blazor" Version="3.0.0-preview8.19405.7" />
+    <PackageReference Include="Microsoft.AspNetCore.Blazor.Build" Version="3.0.0-preview8.19405.7" PrivateAssets="all" />
+    <PackageReference Include="Microsoft.AspNetCore.Blazor.HttpClient" Version="3.0.0-preview8.19405.7" />
   </ItemGroup>
 
   <ItemGroup>
diff --git a/Oqtane.Client/Properties/launchSettings.json b/Oqtane.Client/Properties/launchSettings.json
index 2b36d1d7..4899842e 100644
--- a/Oqtane.Client/Properties/launchSettings.json
+++ b/Oqtane.Client/Properties/launchSettings.json
@@ -21,7 +21,7 @@
       "environmentVariables": {
         "ASPNETCORE_ENVIRONMENT": "Development"
       },
-      "applicationUrl": "http://localhost:14246/"
+      "applicationUrl": "http://localhost:44358/"
     }
   }
 }
\ No newline at end of file
diff --git a/Oqtane.Client/Providers/IdentityAuthenticationStateProvider.cs b/Oqtane.Client/Providers/IdentityAuthenticationStateProvider.cs
index 9ad5b1c7..c02016a5 100644
--- a/Oqtane.Client/Providers/IdentityAuthenticationStateProvider.cs
+++ b/Oqtane.Client/Providers/IdentityAuthenticationStateProvider.cs
@@ -4,29 +4,40 @@ using System.Security.Claims;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Components;
 using Oqtane.Models;
+using Oqtane.Services;
+using Oqtane.Shared;
 
 namespace Oqtane.Providers
 {
     public class IdentityAuthenticationStateProvider : AuthenticationStateProvider
     {
         private readonly IUriHelper urihelper;
+        private readonly SiteState sitestate;
 
-        public IdentityAuthenticationStateProvider(IUriHelper urihelper)
+        public IdentityAuthenticationStateProvider(IUriHelper urihelper, SiteState sitestate)
         {
             this.urihelper = urihelper;
+            this.sitestate = sitestate;
         }
 
         public override async Task<AuthenticationState> GetAuthenticationStateAsync()
         {
             // hack: create a new HttpClient rather than relying on the registered service as the AuthenticationStateProvider is initialized prior to IUriHelper ( https://github.com/aspnet/AspNetCore/issues/11867 )
             HttpClient http = new HttpClient();
-            Uri uri = new Uri(urihelper.GetAbsoluteUri());
-            string apiurl = uri.Scheme + "://" + uri.Authority + "/~/api/User/authenticate";
+            string apiurl = ServiceBase.CreateApiUrl(sitestate.Alias, urihelper.GetAbsoluteUri(), "User") + "/authenticate";
             User user = await http.GetJsonAsync<User>(apiurl);
 
-            var identity = user.IsAuthenticated
-                ? new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, user.Username) }, "Identity.Application")
-                : new ClaimsIdentity();
+            ClaimsIdentity identity = new ClaimsIdentity();
+            if (user.IsAuthenticated)
+            {
+                identity = new ClaimsIdentity("Identity.Application");
+                identity.AddClaim(new Claim(ClaimTypes.Name, user.Username));
+                identity.AddClaim(new Claim(ClaimTypes.PrimarySid, user.UserId.ToString()));
+                foreach (string role in user.Roles.Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries))
+                {
+                    identity.AddClaim(new Claim(ClaimTypes.Role, role));
+                }
+            }
             return new AuthenticationState(new ClaimsPrincipal(identity));
         }
 
diff --git a/Oqtane.Client/Services/AliasService.cs b/Oqtane.Client/Services/AliasService.cs
index 1d29f68a..f1b22cb3 100644
--- a/Oqtane.Client/Services/AliasService.cs
+++ b/Oqtane.Client/Services/AliasService.cs
@@ -37,14 +37,14 @@ namespace Oqtane.Services
             return await http.GetJsonAsync<Alias>(apiurl + "/" + AliasId.ToString());
         }
 
-        public async Task AddAliasAsync(Alias alias)
+        public async Task<Alias> AddAliasAsync(Alias alias)
         {
-            await http.PostJsonAsync(apiurl, alias);
+            return await http.PostJsonAsync<Alias>(apiurl, alias);
         }
 
-        public async Task UpdateAliasAsync(Alias alias)
+        public async Task<Alias> UpdateAliasAsync(Alias alias)
         {
-            await http.PutJsonAsync(apiurl + "/" + alias.AliasId.ToString(), alias);
+            return await http.PutJsonAsync<Alias>(apiurl + "/" + alias.AliasId.ToString(), alias);
         }
         public async Task DeleteAliasAsync(int AliasId)
         {
diff --git a/Oqtane.Client/Services/FileService.cs b/Oqtane.Client/Services/FileService.cs
new file mode 100644
index 00000000..57eddcc2
--- /dev/null
+++ b/Oqtane.Client/Services/FileService.cs
@@ -0,0 +1,37 @@
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Components;
+using Microsoft.JSInterop;
+using Oqtane.Shared;
+
+namespace Oqtane.Services
+{
+    public class FileService : ServiceBase, IFileService
+    {
+        private readonly SiteState sitestate;
+        private readonly IUriHelper urihelper;
+        private readonly IJSRuntime jsRuntime;
+
+        public FileService(SiteState sitestate, IUriHelper urihelper, IJSRuntime jsRuntime)
+        {
+            this.sitestate = sitestate;
+            this.urihelper = urihelper;
+            this.jsRuntime = jsRuntime;
+        }
+
+        private string apiurl
+        {
+            get { return CreateApiUrl(sitestate.Alias, urihelper.GetAbsoluteUri(), "File"); }
+        }
+
+        public async Task UploadFilesAsync(string Folder)
+        {
+            await UploadFilesAsync(Folder, "");
+        }
+
+        public async Task UploadFilesAsync(string Folder, string FileUploadName)
+        {
+            var interop = new Interop(jsRuntime);
+            await interop.UploadFiles(apiurl + "/upload", Folder, FileUploadName);
+        }
+    }
+}
diff --git a/Oqtane.Client/Services/IUserService.cs b/Oqtane.Client/Services/IUserService.cs
deleted file mode 100644
index e1b42bdd..00000000
--- a/Oqtane.Client/Services/IUserService.cs
+++ /dev/null
@@ -1,29 +0,0 @@
-using Oqtane.Models;
-using System.Collections.Generic;
-using System.Threading.Tasks;
-
-namespace Oqtane.Services
-{
-    public interface IUserService
-    {
-        Task<List<User>> GetUsersAsync();
-
-        Task<User> GetUserAsync(int UserId);
-
-        Task<User> GetUserAsync(string Username);
-
-        Task AddUserAsync(User user);
-
-        Task UpdateUserAsync(User user);
-
-        Task DeleteUserAsync(int UserId);
-
-        Task<User> GetCurrentUserAsync();
-
-        Task<User> LoginUserAsync(User user);
-
-        Task LogoutUserAsync();
-
-        bool IsAuthorized(User user, string accesscontrollist);
-    }
-}
diff --git a/Oqtane.Client/Services/IAliasService.cs b/Oqtane.Client/Services/Interfaces/IAliasService.cs
similarity index 75%
rename from Oqtane.Client/Services/IAliasService.cs
rename to Oqtane.Client/Services/Interfaces/IAliasService.cs
index c4fe200b..b9b515ac 100644
--- a/Oqtane.Client/Services/IAliasService.cs
+++ b/Oqtane.Client/Services/Interfaces/IAliasService.cs
@@ -10,9 +10,9 @@ namespace Oqtane.Services
 
         Task<Alias> GetAliasAsync(int AliasId);
 
-        Task AddAliasAsync(Alias alias);
+        Task<Alias> AddAliasAsync(Alias Alias);
 
-        Task UpdateAliasAsync(Alias alias);
+        Task<Alias> UpdateAliasAsync(Alias Alias);
 
         Task DeleteAliasAsync(int AliasId);
     }
diff --git a/Oqtane.Client/Services/Interfaces/IFileService.cs b/Oqtane.Client/Services/Interfaces/IFileService.cs
new file mode 100644
index 00000000..c0943d35
--- /dev/null
+++ b/Oqtane.Client/Services/Interfaces/IFileService.cs
@@ -0,0 +1,12 @@
+using Oqtane.Models;
+using System.Collections.Generic;
+using System.Threading.Tasks;
+
+namespace Oqtane.Services
+{
+    public interface IFileService
+    {
+        Task UploadFilesAsync(string Folder);
+        Task UploadFilesAsync(string Folder, string FileUploadName);
+    }
+}
diff --git a/Oqtane.Client/Services/IInstallationService.cs b/Oqtane.Client/Services/Interfaces/IInstallationService.cs
similarity index 100%
rename from Oqtane.Client/Services/IInstallationService.cs
rename to Oqtane.Client/Services/Interfaces/IInstallationService.cs
diff --git a/Oqtane.Client/Services/IModuleDefinitionService.cs b/Oqtane.Client/Services/Interfaces/IModuleDefinitionService.cs
similarity index 84%
rename from Oqtane.Client/Services/IModuleDefinitionService.cs
rename to Oqtane.Client/Services/Interfaces/IModuleDefinitionService.cs
index b511799b..6d54bbc9 100644
--- a/Oqtane.Client/Services/IModuleDefinitionService.cs
+++ b/Oqtane.Client/Services/Interfaces/IModuleDefinitionService.cs
@@ -7,5 +7,6 @@ namespace Oqtane.Services
     public interface IModuleDefinitionService
     {
         Task<List<ModuleDefinition>> GetModuleDefinitionsAsync();
-    }
+        Task InstallModulesAsync();
+     }
 }
diff --git a/Oqtane.Client/Services/IModuleService.cs b/Oqtane.Client/Services/Interfaces/IModuleService.cs
similarity index 79%
rename from Oqtane.Client/Services/IModuleService.cs
rename to Oqtane.Client/Services/Interfaces/IModuleService.cs
index 4f800cf7..2252e7b6 100644
--- a/Oqtane.Client/Services/IModuleService.cs
+++ b/Oqtane.Client/Services/Interfaces/IModuleService.cs
@@ -9,8 +9,8 @@ namespace Oqtane.Services
         Task<List<Module>> GetModulesAsync(int PageId);
         Task<List<Module>> GetModulesAsync(int SiteId, string ModuleDefinitionName);
         Task<Module> GetModuleAsync(int ModuleId);
-        Task AddModuleAsync(Module module);
-        Task UpdateModuleAsync(Module module);
+        Task<Module> AddModuleAsync(Module Module);
+        Task<Module> UpdateModuleAsync(Module Module);
         Task DeleteModuleAsync(int ModuleId);
     }
 }
diff --git a/Oqtane.Client/Services/IPageModuleService.cs b/Oqtane.Client/Services/Interfaces/IPageModuleService.cs
similarity index 51%
rename from Oqtane.Client/Services/IPageModuleService.cs
rename to Oqtane.Client/Services/Interfaces/IPageModuleService.cs
index 2f3d037c..ec184550 100644
--- a/Oqtane.Client/Services/IPageModuleService.cs
+++ b/Oqtane.Client/Services/Interfaces/IPageModuleService.cs
@@ -7,8 +7,10 @@ namespace Oqtane.Services
     public interface IPageModuleService
     {
         Task<List<PageModule>> GetPageModulesAsync();
-        Task AddPageModuleAsync(PageModule pagemodule);
-        Task UpdatePageModuleAsync(PageModule pagemodule);
+        Task<PageModule> GetPageModuleAsync(int PageModuleId);
+        Task<PageModule> AddPageModuleAsync(PageModule PageModule);
+        Task<PageModule> UpdatePageModuleAsync(PageModule PageModule);
+        Task UpdatePageModuleOrderAsync(int PageId, string Pane);
         Task DeletePageModuleAsync(int PageModuleId);
     }
 }
diff --git a/Oqtane.Client/Services/IPageService.cs b/Oqtane.Client/Services/Interfaces/IPageService.cs
similarity index 66%
rename from Oqtane.Client/Services/IPageService.cs
rename to Oqtane.Client/Services/Interfaces/IPageService.cs
index 5388af7b..d1ec74f4 100644
--- a/Oqtane.Client/Services/IPageService.cs
+++ b/Oqtane.Client/Services/Interfaces/IPageService.cs
@@ -8,8 +8,9 @@ namespace Oqtane.Services
     {
         Task<List<Page>> GetPagesAsync(int SiteId);
         Task<Page> GetPageAsync(int PageId);
-        Task AddPageAsync(Page page);
-        Task UpdatePageAsync(Page page);
+        Task<Page> AddPageAsync(Page Page);
+        Task<Page> UpdatePageAsync(Page Page);
+        Task UpdatePageOrderAsync(int SiteId, int? ParentId);
         Task DeletePageAsync(int PageId);
     }
 }
diff --git a/Oqtane.Client/Services/Interfaces/IProfileService.cs b/Oqtane.Client/Services/Interfaces/IProfileService.cs
new file mode 100644
index 00000000..e5f70bac
--- /dev/null
+++ b/Oqtane.Client/Services/Interfaces/IProfileService.cs
@@ -0,0 +1,21 @@
+using Oqtane.Models;
+using System.Collections.Generic;
+using System.Threading.Tasks;
+
+namespace Oqtane.Services
+{
+    public interface IProfileService
+    {
+        Task<List<Profile>> GetProfilesAsync();
+
+        Task<List<Profile>> GetProfilesAsync(int SiteId);
+
+        Task<Profile> GetProfileAsync(int ProfileId);
+
+        Task<Profile> AddProfileAsync(Profile Profile);
+
+        Task<Profile> UpdateProfileAsync(Profile Profile);
+
+        Task DeleteProfileAsync(int ProfileId);
+    }
+}
diff --git a/Oqtane.Client/Services/Interfaces/IRoleService.cs b/Oqtane.Client/Services/Interfaces/IRoleService.cs
new file mode 100644
index 00000000..d7f26332
--- /dev/null
+++ b/Oqtane.Client/Services/Interfaces/IRoleService.cs
@@ -0,0 +1,21 @@
+using Oqtane.Models;
+using System.Collections.Generic;
+using System.Threading.Tasks;
+
+namespace Oqtane.Services
+{
+    public interface IRoleService
+    {
+        Task<List<Role>> GetRolesAsync();
+
+        Task<List<Role>> GetRolesAsync(int SiteId);
+
+        Task<Role> GetRoleAsync(int RoleId);
+
+        Task<Role> AddRoleAsync(Role Role);
+
+        Task<Role> UpdateRoleAsync(Role Role);
+
+        Task DeleteRoleAsync(int RoleId);
+    }
+}
diff --git a/Oqtane.Client/Services/Interfaces/ISettingService.cs b/Oqtane.Client/Services/Interfaces/ISettingService.cs
new file mode 100644
index 00000000..66647129
--- /dev/null
+++ b/Oqtane.Client/Services/Interfaces/ISettingService.cs
@@ -0,0 +1,51 @@
+using Oqtane.Models;
+using System.Collections.Generic;
+using System.Threading.Tasks;
+
+namespace Oqtane.Services
+{
+    public interface ISettingService
+    {
+        Task<Dictionary<string, string>> GetHostSettingsAsync();
+
+        Task UpdateHostSettingsAsync(Dictionary<string, string> HostSettings);
+
+        Task<Dictionary<string, string>> GetSiteSettingsAsync(int SiteId);
+
+        Task UpdateSiteSettingsAsync(Dictionary<string, string> SiteSettings, int SiteId);
+
+        Task<Dictionary<string, string>> GetPageSettingsAsync(int PageId);
+
+        Task UpdatePageSettingsAsync(Dictionary<string, string> PageSettings, int PageId);
+
+        Task<Dictionary<string, string>> GetPageModuleSettingsAsync(int PageModuleId);
+
+        Task UpdatePageModuleSettingsAsync(Dictionary<string, string> PageModuleSettings, int PageModuleId);
+
+        Task<Dictionary<string, string>> GetModuleSettingsAsync(int ModuleId);
+
+        Task UpdateModuleSettingsAsync(Dictionary<string, string> ModuleSettings, int ModuleId);
+
+        Task<Dictionary<string, string>> GetUserSettingsAsync(int UserId);
+
+        Task UpdateUserSettingsAsync(Dictionary<string, string> UserSettings, int UserId);
+
+        Task<Dictionary<string, string>> GetSettingsAsync(string EntityName, int EntityId);
+
+        Task UpdateSettingsAsync(Dictionary<string, string> Settings, string EntityName, int EntityId);
+
+
+        Task<Setting> GetSettingAsync(int SettingId);
+
+        Task<Setting> AddSettingAsync(Setting Setting);
+
+        Task<Setting> UpdateSettingAsync(Setting Setting);
+
+        Task DeleteSettingAsync(int SettingId);
+
+
+        string GetSetting(Dictionary<string, string> Settings, string SettingName, string DefaultValue);
+
+        Dictionary<string, string> SetSetting(Dictionary<string, string> Settings, string SettingName, string SettingValue);
+     }
+}
diff --git a/Oqtane.Client/Services/ISiteService.cs b/Oqtane.Client/Services/Interfaces/ISiteService.cs
similarity index 76%
rename from Oqtane.Client/Services/ISiteService.cs
rename to Oqtane.Client/Services/Interfaces/ISiteService.cs
index 4fb0ab98..fc81edcf 100644
--- a/Oqtane.Client/Services/ISiteService.cs
+++ b/Oqtane.Client/Services/Interfaces/ISiteService.cs
@@ -10,9 +10,9 @@ namespace Oqtane.Services
 
         Task<Site> GetSiteAsync(int SiteId);
 
-        Task AddSiteAsync(Site site);
+        Task<Site> AddSiteAsync(Site Site);
 
-        Task UpdateSiteAsync(Site site);
+        Task<Site> UpdateSiteAsync(Site Site);
 
         Task DeleteSiteAsync(int SiteId);
     }
diff --git a/Oqtane.Client/Services/ITenantService.cs b/Oqtane.Client/Services/Interfaces/ITenantService.cs
similarity index 100%
rename from Oqtane.Client/Services/ITenantService.cs
rename to Oqtane.Client/Services/Interfaces/ITenantService.cs
diff --git a/Oqtane.Client/Services/IthemeService.cs b/Oqtane.Client/Services/Interfaces/IThemeService.cs
similarity index 100%
rename from Oqtane.Client/Services/IthemeService.cs
rename to Oqtane.Client/Services/Interfaces/IThemeService.cs
diff --git a/Oqtane.Client/Services/Interfaces/IUserRoleService.cs b/Oqtane.Client/Services/Interfaces/IUserRoleService.cs
new file mode 100644
index 00000000..9030e2c1
--- /dev/null
+++ b/Oqtane.Client/Services/Interfaces/IUserRoleService.cs
@@ -0,0 +1,16 @@
+using Oqtane.Models;
+using System.Collections.Generic;
+using System.Threading.Tasks;
+
+namespace Oqtane.Services
+{
+    public interface IUserRoleService
+    {
+        Task<List<UserRole>> GetUserRolesAsync();
+        Task<List<UserRole>> GetUserRolesAsync(int UserId);
+        Task<UserRole> GetUserRoleAsync(int UserRoleId);
+        Task<UserRole> AddUserRoleAsync(UserRole UserRole);
+        Task<UserRole> UpdateUserRoleAsync(UserRole UserRole);
+        Task DeleteUserRoleAsync(int UserRoleId);
+    }
+}
diff --git a/Oqtane.Client/Services/Interfaces/IUserService.cs b/Oqtane.Client/Services/Interfaces/IUserService.cs
new file mode 100644
index 00000000..9b0a0ead
--- /dev/null
+++ b/Oqtane.Client/Services/Interfaces/IUserService.cs
@@ -0,0 +1,25 @@
+using Oqtane.Models;
+using System.Collections.Generic;
+using System.Threading.Tasks;
+
+namespace Oqtane.Services
+{
+    public interface IUserService
+    {
+        Task<List<User>> GetUsersAsync(int SiteId);
+
+        Task<User> GetUserAsync(int UserId, int SiteId);
+
+        Task<User> GetUserAsync(string Username, int SiteId);
+
+        Task<User> AddUserAsync(User User);
+
+        Task<User> UpdateUserAsync(User User);
+
+        Task DeleteUserAsync(int UserId);
+
+        Task<User> LoginUserAsync(User User, bool SetCookie, bool IsPersistent);
+
+        Task LogoutUserAsync();
+    }
+}
diff --git a/Oqtane.Client/Services/InstallationService.cs b/Oqtane.Client/Services/Interfaces/InstallationService.cs
similarity index 100%
rename from Oqtane.Client/Services/InstallationService.cs
rename to Oqtane.Client/Services/Interfaces/InstallationService.cs
diff --git a/Oqtane.Client/Services/ModuleDefinitionService.cs b/Oqtane.Client/Services/ModuleDefinitionService.cs
index 31fff1ba..6ddde8af 100644
--- a/Oqtane.Client/Services/ModuleDefinitionService.cs
+++ b/Oqtane.Client/Services/ModuleDefinitionService.cs
@@ -30,13 +30,15 @@ namespace Oqtane.Services
 
         public async Task<List<ModuleDefinition>> GetModuleDefinitionsAsync()
         {
+            // get list of modules from the server
             List<ModuleDefinition> moduledefinitions = await http.GetJsonAsync<List<ModuleDefinition>>(apiurl);
 
-            // get list of loaded assemblies
+            // get list of loaded assemblies on the client ( in the client-side hosting module the browser client has its own app domain )
             Assembly[] assemblies = AppDomain.CurrentDomain.GetAssemblies();
 
             foreach (ModuleDefinition moduledefinition in moduledefinitions)
             {
+                // if a module has dependencies, check if they are loaded
                 if (moduledefinition.Dependencies != "")
                 {
                     foreach (string dependency in moduledefinition.Dependencies.Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries))
@@ -50,6 +52,7 @@ namespace Oqtane.Services
                         }
                     }
                 }
+                // check if the module assembly is loaded
                 if (assemblies.Where(item => item.FullName.StartsWith(moduledefinition.AssemblyName + ",")).FirstOrDefault() == null)
                 {
                     // download assembly from server and load
@@ -60,5 +63,10 @@ namespace Oqtane.Services
 
             return moduledefinitions.OrderBy(item => item.Name).ToList();
         }
+
+        public async Task InstallModulesAsync()
+        {
+            await http.GetJsonAsync<List<string>>(apiurl + "/install");
+        }
     }
 }
diff --git a/Oqtane.Client/Services/ModuleService.cs b/Oqtane.Client/Services/ModuleService.cs
index 60f22eeb..8fa12e89 100644
--- a/Oqtane.Client/Services/ModuleService.cs
+++ b/Oqtane.Client/Services/ModuleService.cs
@@ -46,14 +46,14 @@ namespace Oqtane.Services
             return await http.GetJsonAsync<Module>(apiurl + "/" + ModuleId.ToString());
         }
 
-        public async Task AddModuleAsync(Module module)
+        public async Task<Module> AddModuleAsync(Module Module)
         {
-            await http.PostJsonAsync(apiurl, module);
+            return await http.PostJsonAsync<Module>(apiurl, Module);
         }
 
-        public async Task UpdateModuleAsync(Module module)
+        public async Task<Module> UpdateModuleAsync(Module Module)
         {
-            await http.PutJsonAsync(apiurl + "/" + module.ModuleId.ToString(), module);
+            return await http.PutJsonAsync<Module>(apiurl + "/" + Module.ModuleId.ToString(), Module);
         }
 
         public async Task DeleteModuleAsync(int ModuleId)
diff --git a/Oqtane.Client/Services/PageModuleService.cs b/Oqtane.Client/Services/PageModuleService.cs
index 8a65de2d..146b7687 100644
--- a/Oqtane.Client/Services/PageModuleService.cs
+++ b/Oqtane.Client/Services/PageModuleService.cs
@@ -23,7 +23,7 @@ namespace Oqtane.Services
 
         private string apiurl
         {
-            get { return CreateApiUrl(sitestate.Alias, "PageModule", urihelper.GetAbsoluteUri()); }
+            get { return CreateApiUrl(sitestate.Alias, urihelper.GetAbsoluteUri(), "PageModule"); }
         }
 
         public async Task<List<PageModule>> GetPageModulesAsync()
@@ -31,14 +31,24 @@ namespace Oqtane.Services
             return await http.GetJsonAsync<List<PageModule>>(apiurl);
         }
 
-        public async Task AddPageModuleAsync(PageModule pagemodule)
+        public async Task<PageModule> GetPageModuleAsync(int PageModuleId)
         {
-            await http.PostJsonAsync(apiurl, pagemodule);
+            return await http.GetJsonAsync<PageModule>(apiurl + "/" + PageModuleId.ToString());
         }
 
-        public async Task UpdatePageModuleAsync(PageModule pagemodule)
+        public async Task<PageModule> AddPageModuleAsync(PageModule PageModule)
         {
-            await http.PutJsonAsync(apiurl + "/" + pagemodule.PageModuleId.ToString(), pagemodule);
+            return await http.PostJsonAsync<PageModule>(apiurl, PageModule);
+        }
+
+        public async Task<PageModule> UpdatePageModuleAsync(PageModule PageModule)
+        {
+            return await http.PutJsonAsync<PageModule>(apiurl + "/" + PageModule.PageModuleId.ToString(), PageModule);
+        }
+
+        public async Task UpdatePageModuleOrderAsync(int PageId, string Pane)
+        {
+            await http.PutJsonAsync(apiurl + "/?pageid=" + PageId.ToString() + "&pane=" + Pane, null);
         }
 
         public async Task DeletePageModuleAsync(int PageModuleId)
diff --git a/Oqtane.Client/Services/PageService.cs b/Oqtane.Client/Services/PageService.cs
index d0124c79..e23ea0f1 100644
--- a/Oqtane.Client/Services/PageService.cs
+++ b/Oqtane.Client/Services/PageService.cs
@@ -5,6 +5,7 @@ using System.Net.Http;
 using Microsoft.AspNetCore.Components;
 using System.Collections.Generic;
 using Oqtane.Shared;
+using System;
 
 namespace Oqtane.Services
 {
@@ -29,7 +30,8 @@ namespace Oqtane.Services
         public async Task<List<Page>> GetPagesAsync(int SiteId)
         {
             List<Page> pages = await http.GetJsonAsync<List<Page>>(apiurl + "?siteid=" + SiteId.ToString());
-            return pages.OrderBy(item => item.Order).ToList();
+            pages = GetPagesHierarchy(pages);
+            return pages;
         }
 
         public async Task<Page> GetPageAsync(int PageId)
@@ -37,18 +39,55 @@ namespace Oqtane.Services
             return await http.GetJsonAsync<Page>(apiurl + "/" + PageId.ToString());
         }
 
-        public async Task AddPageAsync(Page page)
+        public async Task<Page> AddPageAsync(Page Page)
         {
-            await http.PostJsonAsync(apiurl, page);
+            return await http.PostJsonAsync<Page>(apiurl, Page);
         }
 
-        public async Task UpdatePageAsync(Page page)
+        public async Task<Page> UpdatePageAsync(Page Page)
         {
-            await http.PutJsonAsync(apiurl + "/" + page.PageId.ToString(), page);
+            return await http.PutJsonAsync<Page>(apiurl + "/" + Page.PageId.ToString(), Page);
         }
+
+        public async Task UpdatePageOrderAsync(int SiteId, int? ParentId)
+        {
+            await http.PutJsonAsync(apiurl + "/?siteid=" + SiteId.ToString() + "&parentid=" + ((ParentId == null) ? "" : ParentId.ToString()), null);
+        }
+
         public async Task DeletePageAsync(int PageId)
         {
             await http.DeleteAsync(apiurl + "/" + PageId.ToString());
         }
+
+        private static List<Page> GetPagesHierarchy(List<Page> Pages)
+        {
+            List<Page> hierarchy = new List<Page>();
+            Action<List<Page>, Page> GetPath = null;
+            GetPath = (List<Page> pages, Page page) =>
+            {
+                IEnumerable<Page> children;
+                int level;
+                if (page == null)
+                {
+                    level = -1;
+                    children = Pages.Where(item => item.ParentId == null);
+                }
+                else
+                {
+                    level = page.Level;
+                    children = Pages.Where(item => item.ParentId == page.PageId);
+                }
+                foreach (Page child in children)
+                {
+                    child.Level = level + 1;
+                    child.HasChildren = Pages.Where(item => item.ParentId == child.PageId).Any();
+                    hierarchy.Add(child);
+                    GetPath(pages, child);
+                }
+            };
+            Pages = Pages.OrderBy(item => item.Order).ToList();
+            GetPath(Pages, null);
+            return hierarchy;
+        }
     }
 }
diff --git a/Oqtane.Client/Services/ProfileService.cs b/Oqtane.Client/Services/ProfileService.cs
new file mode 100644
index 00000000..4024c143
--- /dev/null
+++ b/Oqtane.Client/Services/ProfileService.cs
@@ -0,0 +1,59 @@
+using Oqtane.Models;
+using System.Threading.Tasks;
+using System.Net.Http;
+using System.Linq;
+using Microsoft.AspNetCore.Components;
+using System.Collections.Generic;
+using Oqtane.Shared;
+
+namespace Oqtane.Services
+{
+    public class ProfileService : ServiceBase, IProfileService
+    {
+        private readonly HttpClient http;
+        private readonly SiteState sitestate;
+        private readonly IUriHelper urihelper;
+
+        public ProfileService(HttpClient http, SiteState sitestate, IUriHelper urihelper)
+        {
+            this.http = http;
+            this.sitestate = sitestate;
+            this.urihelper = urihelper;
+        }
+
+        private string apiurl
+        {
+            get { return CreateApiUrl(sitestate.Alias, urihelper.GetAbsoluteUri(), "Profile"); }
+        }
+
+        public async Task<List<Profile>> GetProfilesAsync()
+        {
+            return await http.GetJsonAsync<List<Profile>>(apiurl);
+        }
+
+        public async Task<List<Profile>> GetProfilesAsync(int SiteId)
+        {
+            List<Profile> Profiles = await http.GetJsonAsync<List<Profile>>(apiurl + "?siteid=" + SiteId.ToString());
+            return Profiles.OrderBy(item => item.ViewOrder).ToList();
+        }
+
+        public async Task<Profile> GetProfileAsync(int ProfileId)
+        {
+            return await http.GetJsonAsync<Profile>(apiurl + "/" + ProfileId.ToString());
+        }
+
+        public async Task<Profile> AddProfileAsync(Profile Profile)
+        {
+            return await http.PostJsonAsync<Profile>(apiurl, Profile);
+        }
+
+        public async Task<Profile> UpdateProfileAsync(Profile Profile)
+        {
+            return await http.PutJsonAsync<Profile>(apiurl + "/" + Profile.SiteId.ToString(), Profile);
+        }
+        public async Task DeleteProfileAsync(int ProfileId)
+        {
+            await http.DeleteAsync(apiurl + "/" + ProfileId.ToString());
+        }
+    }
+}
diff --git a/Oqtane.Client/Services/RoleService.cs b/Oqtane.Client/Services/RoleService.cs
new file mode 100644
index 00000000..8f770e78
--- /dev/null
+++ b/Oqtane.Client/Services/RoleService.cs
@@ -0,0 +1,60 @@
+using Oqtane.Models;
+using System.Threading.Tasks;
+using System.Net.Http;
+using System.Linq;
+using Microsoft.AspNetCore.Components;
+using System.Collections.Generic;
+using Oqtane.Shared;
+
+namespace Oqtane.Services
+{
+    public class RoleService : ServiceBase, IRoleService
+    {
+        private readonly HttpClient http;
+        private readonly SiteState sitestate;
+        private readonly IUriHelper urihelper;
+
+        public RoleService(HttpClient http, SiteState sitestate, IUriHelper urihelper)
+        {
+            this.http = http;
+            this.sitestate = sitestate;
+            this.urihelper = urihelper;
+        }
+
+        private string apiurl
+        {
+            get { return CreateApiUrl(sitestate.Alias, urihelper.GetAbsoluteUri(), "Role"); }
+        }
+
+        public async Task<List<Role>> GetRolesAsync()
+        {
+            List<Role> Roles = await http.GetJsonAsync<List<Role>>(apiurl);
+            return Roles.OrderBy(item => item.Name).ToList();
+        }
+
+        public async Task<List<Role>> GetRolesAsync(int SiteId)
+        {
+            List<Role> Roles = await http.GetJsonAsync<List<Role>>(apiurl + "?siteid=" + SiteId.ToString());
+            return Roles.OrderBy(item => item.Name).ToList();
+        }
+
+        public async Task<Role> GetRoleAsync(int RoleId)
+        {
+            return await http.GetJsonAsync<Role>(apiurl + "/" + RoleId.ToString());
+        }
+
+        public async Task<Role> AddRoleAsync(Role Role)
+        {
+            return await http.PostJsonAsync<Role>(apiurl, Role);
+        }
+
+        public async Task<Role> UpdateRoleAsync(Role Role)
+        {
+            return await http.PutJsonAsync<Role>(apiurl + "/" + Role.SiteId.ToString(), Role);
+        }
+        public async Task DeleteRoleAsync(int RoleId)
+        {
+            await http.DeleteAsync(apiurl + "/" + RoleId.ToString());
+        }
+    }
+}
diff --git a/Oqtane.Client/Services/ServiceBase.cs b/Oqtane.Client/Services/ServiceBase.cs
index b970c373..b7cf911b 100644
--- a/Oqtane.Client/Services/ServiceBase.cs
+++ b/Oqtane.Client/Services/ServiceBase.cs
@@ -8,7 +8,7 @@ namespace Oqtane.Services
     public class ServiceBase
     {
 
-        public string CreateApiUrl(Alias alias, string absoluteUri, string serviceName)
+        public static string CreateApiUrl(Alias alias, string absoluteUri, string serviceName)
         {
             string apiurl = "";
             if (alias != null)
diff --git a/Oqtane.Client/Services/SettingService.cs b/Oqtane.Client/Services/SettingService.cs
new file mode 100644
index 00000000..f36b4d67
--- /dev/null
+++ b/Oqtane.Client/Services/SettingService.cs
@@ -0,0 +1,168 @@
+using Oqtane.Models;
+using System.Threading.Tasks;
+using System.Net.Http;
+using System.Linq;
+using Microsoft.AspNetCore.Components;
+using System.Collections.Generic;
+using Oqtane.Shared;
+
+namespace Oqtane.Services
+{
+    public class SettingService : ServiceBase, ISettingService
+    {
+        private readonly HttpClient http;
+        private readonly SiteState sitestate;
+        private readonly IUriHelper urihelper;
+
+        public SettingService(HttpClient http, SiteState sitestate, IUriHelper urihelper)
+        {
+            this.http = http;
+            this.sitestate = sitestate;
+            this.urihelper = urihelper;
+        }
+
+        private string apiurl
+        {
+            get { return CreateApiUrl(sitestate.Alias, urihelper.GetAbsoluteUri(), "Setting"); }
+        }
+
+        public async Task<Dictionary<string, string>> GetHostSettingsAsync()
+        {
+            return await GetSettingsAsync("Host", -1);
+        }
+
+        public async Task UpdateHostSettingsAsync(Dictionary<string, string> HostSettings)
+        {
+            await UpdateSettingsAsync(HostSettings, "Host", -1); 
+        }
+
+        public async Task<Dictionary<string, string>> GetSiteSettingsAsync(int SiteId)
+        {
+            return await GetSettingsAsync("Site", SiteId);
+        }
+
+        public async Task UpdateSiteSettingsAsync(Dictionary<string, string> SiteSettings, int SiteId)
+        {
+            await UpdateSettingsAsync(SiteSettings, "Site", SiteId);
+        }
+
+        public async Task<Dictionary<string, string>> GetPageSettingsAsync(int PageId)
+        {
+            return await GetSettingsAsync("Page", PageId);
+        }
+
+        public async Task UpdatePageSettingsAsync(Dictionary<string, string> PageSettings, int PageId)
+        {
+            await UpdateSettingsAsync(PageSettings, "Page", PageId);
+        }
+
+        public async Task<Dictionary<string, string>> GetPageModuleSettingsAsync(int PageModuleId)
+        {
+            return await GetSettingsAsync("PageModule", PageModuleId);
+        }
+
+        public async Task UpdatePageModuleSettingsAsync(Dictionary<string, string> PageModuleSettings, int PageModuleId)
+        {
+            await UpdateSettingsAsync(PageModuleSettings, "PageModule", PageModuleId);
+        }
+
+        public async Task<Dictionary<string, string>> GetModuleSettingsAsync(int ModuleId)
+        {
+            return await GetSettingsAsync("Module", ModuleId);
+        }
+
+        public async Task UpdateModuleSettingsAsync(Dictionary<string, string> ModuleSettings, int ModuleId)
+        {
+            await UpdateSettingsAsync(ModuleSettings, "Module", ModuleId);
+        }
+
+        public async Task<Dictionary<string, string>> GetUserSettingsAsync(int UserId)
+        {
+            return await GetSettingsAsync("User", UserId);
+        }
+
+        public async Task UpdateUserSettingsAsync(Dictionary<string, string> UserSettings, int UserId)
+        {
+            await UpdateSettingsAsync(UserSettings, "User", UserId);
+        }
+
+        public async Task<Dictionary<string, string>> GetSettingsAsync(string EntityName, int EntityId)
+        {
+            Dictionary<string, string> dictionary = new Dictionary<string, string>();
+            List<Setting> Settings = await http.GetJsonAsync<List<Setting>>(apiurl + "?entityname=" + EntityName + "&entityid=" + EntityId.ToString());
+            foreach(Setting setting in Settings.OrderBy(item => item.SettingName).ToList())
+            {
+                dictionary.Add(setting.SettingName, setting.SettingValue);
+            }
+            return dictionary;
+        }
+
+        public async Task UpdateSettingsAsync(Dictionary<string, string> Settings, string EntityName, int EntityId)
+        {
+            List<Setting> settings = await http.GetJsonAsync<List<Setting>>(apiurl + "?entityname=" + EntityName + "&entityid=" + EntityId.ToString());
+            foreach (KeyValuePair<string, string> kvp in Settings)
+            {
+                Setting setting = settings.Where(item => item.SettingName == kvp.Key).FirstOrDefault();
+                if (setting == null)
+                {
+                    setting = new Setting();
+                    setting.EntityName = EntityName;
+                    setting.EntityId = EntityId;
+                    setting.SettingName = kvp.Key;
+                    setting.SettingValue = kvp.Value;
+                    setting = await AddSettingAsync(setting);
+                }
+                else
+                {
+                    setting.SettingValue = kvp.Value;
+                    setting = await UpdateSettingAsync(setting);
+                }
+            }
+        }
+
+
+        public async Task<Setting> GetSettingAsync(int SettingId)
+        {
+            return await http.GetJsonAsync<Setting>(apiurl + "/" + SettingId.ToString());
+        }
+
+        public async Task<Setting> AddSettingAsync(Setting Setting)
+        {
+            return await http.PostJsonAsync<Setting>(apiurl, Setting);
+        }
+
+        public async Task<Setting> UpdateSettingAsync(Setting Setting)
+        {
+            return await http.PutJsonAsync<Setting>(apiurl + "/" + Setting.SettingId.ToString(), Setting);
+        }
+
+        public async Task DeleteSettingAsync(int SettingId)
+        {
+            await http.DeleteAsync(apiurl + "/" + SettingId.ToString());
+        }
+
+
+        public string GetSetting(Dictionary<string, string> Settings, string SettingName, string DefaultValue)
+        {
+            string value = DefaultValue;
+            if (Settings.ContainsKey(SettingName))
+            {
+                value = Settings[SettingName];
+            }
+            return value;
+        }
+
+        public Dictionary<string, string> SetSetting(Dictionary<string, string> Settings, string SettingName, string SettingValue)
+        {
+            if (Settings.ContainsKey(SettingName))
+            { 
+                Settings[SettingName] = SettingValue;
+            }
+            else
+            {
+                Settings.Add(SettingName, SettingValue);
+            }
+            return Settings;
+        }
+    }
+}
diff --git a/Oqtane.Client/Services/SiteService.cs b/Oqtane.Client/Services/SiteService.cs
index 83cfad34..2ca7139b 100644
--- a/Oqtane.Client/Services/SiteService.cs
+++ b/Oqtane.Client/Services/SiteService.cs
@@ -37,14 +37,14 @@ namespace Oqtane.Services
             return await http.GetJsonAsync<Site>(apiurl + "/" + SiteId.ToString());
         }
 
-        public async Task AddSiteAsync(Site site)
+        public async Task<Site> AddSiteAsync(Site Site)
         {
-            await http.PostJsonAsync(apiurl, site);
+            return await http.PostJsonAsync<Site>(apiurl, Site);
         }
 
-        public async Task UpdateSiteAsync(Site site)
+        public async Task<Site> UpdateSiteAsync(Site Site)
         {
-            await http.PutJsonAsync(apiurl + "/" + site.SiteId.ToString(), site);
+            return await http.PutJsonAsync<Site>(apiurl + "/" + Site.SiteId.ToString(), Site);
         }
         public async Task DeleteSiteAsync(int SiteId)
         {
diff --git a/Oqtane.Client/Services/UserRoleService.cs b/Oqtane.Client/Services/UserRoleService.cs
new file mode 100644
index 00000000..b84a8450
--- /dev/null
+++ b/Oqtane.Client/Services/UserRoleService.cs
@@ -0,0 +1,59 @@
+using Oqtane.Models;
+using System.Collections.Generic;
+using System.Linq;
+using System.Net.Http;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Components;
+using Oqtane.Shared;
+
+namespace Oqtane.Services
+{
+    public class UserRoleService : ServiceBase, IUserRoleService
+    {
+        private readonly HttpClient http;
+        private readonly SiteState sitestate;
+        private readonly IUriHelper urihelper;
+
+        public UserRoleService(HttpClient http, SiteState sitestate, IUriHelper urihelper)
+        {
+            this.http = http;
+            this.sitestate = sitestate;
+            this.urihelper = urihelper;
+        }
+
+        private string apiurl
+        {
+            get { return CreateApiUrl(sitestate.Alias, urihelper.GetAbsoluteUri(), "UserRole"); }
+        }
+
+        public async Task<List<UserRole>> GetUserRolesAsync()
+        {
+            return await http.GetJsonAsync<List<UserRole>>(apiurl);
+        }
+
+        public async Task<List<UserRole>> GetUserRolesAsync(int UserId)
+        {
+            return await http.GetJsonAsync<List<UserRole>>(apiurl + "?userid=" + UserId.ToString());
+        }
+
+        public async Task<UserRole> GetUserRoleAsync(int UserRoleId)
+        {
+            return await http.GetJsonAsync<UserRole>(apiurl + "/" + UserRoleId.ToString());
+        }
+
+        public async Task<UserRole> AddUserRoleAsync(UserRole UserRole)
+        {
+            return await http.PostJsonAsync<UserRole>(apiurl, UserRole);
+        }
+
+        public async Task<UserRole> UpdateUserRoleAsync(UserRole UserRole)
+        {
+            return await http.PutJsonAsync<UserRole>(apiurl + "/" + UserRole.UserRoleId.ToString(), UserRole);
+        }
+
+        public async Task DeleteUserRoleAsync(int UserRoleId)
+        {
+            await http.DeleteAsync(apiurl + "/" + UserRoleId.ToString());
+        }
+    }
+}
diff --git a/Oqtane.Client/Services/UserService.cs b/Oqtane.Client/Services/UserService.cs
index eeb19433..ab736094 100644
--- a/Oqtane.Client/Services/UserService.cs
+++ b/Oqtane.Client/Services/UserService.cs
@@ -27,44 +27,39 @@ namespace Oqtane.Services
             get { return CreateApiUrl(sitestate.Alias, urihelper.GetAbsoluteUri(), "User"); }
         }
 
-        public async Task<List<User>> GetUsersAsync()
+        public async Task<List<User>> GetUsersAsync(int SiteId)
         {
-            List<User> users = await http.GetJsonAsync<List<User>>(apiurl);
+            List<User> users = await http.GetJsonAsync<List<User>>(apiurl + "?siteid=" + SiteId.ToString());
             return users.OrderBy(item => item.DisplayName).ToList();
         }
 
-        public async Task<User> GetUserAsync(int UserId)
+        public async Task<User> GetUserAsync(int UserId, int SiteId)
         {
-            return await http.GetJsonAsync<User>(apiurl + "/" + UserId.ToString());
+            return await http.GetJsonAsync<User>(apiurl + "/" + UserId.ToString() + "?siteid=" + SiteId.ToString());
         }
 
-        public async Task<User> GetUserAsync(string Username)
+        public async Task<User> GetUserAsync(string Username, int SiteId)
         {
-            return await http.GetJsonAsync<User>(apiurl + "/name/" + Username);
+            return await http.GetJsonAsync<User>(apiurl + "/name/" + Username + "?siteid=" + SiteId.ToString());
         }
 
-        public async Task AddUserAsync(User user)
+        public async Task<User> AddUserAsync(User User)
         {
-            await http.PostJsonAsync(apiurl, user);
+            return await http.PostJsonAsync<User>(apiurl, User);
         }
 
-        public async Task UpdateUserAsync(User user)
+        public async Task<User> UpdateUserAsync(User User)
         {
-            await http.PutJsonAsync(apiurl + "/" + user.UserId.ToString(), user);
+            return await http.PutJsonAsync<User>(apiurl + "/" + User.UserId.ToString(), User);
         }
         public async Task DeleteUserAsync(int UserId)
         {
             await http.DeleteAsync(apiurl + "/" + UserId.ToString());
         }
 
-        public async Task<User> GetCurrentUserAsync()
+        public async Task<User> LoginUserAsync(User User, bool SetCookie, bool IsPersistent)
         {
-            return await http.GetJsonAsync<User>(apiurl + "/current");
-        }
-
-        public async Task<User> LoginUserAsync(User user)
-        {
-            return await http.PostJsonAsync<User>(apiurl + "/login", user);
+            return await http.PostJsonAsync<User>(apiurl + "/login?setcookie=" + SetCookie.ToString() + "&persistent =" + IsPersistent.ToString(), User);
         }
 
         public async Task LogoutUserAsync()
@@ -72,78 +67,5 @@ namespace Oqtane.Services
             // best practices recommend post is preferrable to get for logout
             await http.PostJsonAsync(apiurl + "/logout", null); 
         }
-
-        // ACLs are stored in the format "!rolename1;![userid1];rolename2;rolename3;[userid2];[userid3]" where "!" designates Deny permissions
-        public bool IsAuthorized(User user, string accesscontrollist)
-        {
-            bool isAllowed = false;
-
-            if (user != null)
-            {
-                //super user always has full access
-                isAllowed = user.IsSuperUser;
-            }
-
-            if (!isAllowed)
-            {
-                if (accesscontrollist != null)
-                {
-                    foreach (string permission in accesscontrollist.Split(new[] { ';' }))
-                    {
-                        bool? allowed = VerifyPermission(user, permission);
-                        if (allowed.HasValue)
-                        {
-                            isAllowed = allowed.Value;
-                            break;
-                        }
-                    }
-                }
-            }
-            return isAllowed;
-        }
-
-        private bool? VerifyPermission(User user, string permission)
-        {
-            bool? allowed = null;
-            //permissions strings are encoded with deny permissions at the beginning and grant permissions at the end for optimal performance
-            if (!String.IsNullOrEmpty(permission))
-            {
-                // deny permission
-                if (permission.StartsWith("!"))
-                {
-                    string denyRole = permission.Replace("!", "");
-                    if (denyRole == Constants.AllUsersRole || IsAllowed(user, denyRole))
-                    {
-                        allowed = false;
-                    }
-                }
-                else // grant permission
-                {
-                    if (permission == Constants.AllUsersRole || IsAllowed(user, permission))
-                    {
-                        allowed = true;
-                    }
-                }
-            }
-            return allowed;
-        }
-
-        private bool IsAllowed(User user, string permission)
-        {
-            if (user != null)
-            {
-                if ("[" + user.UserId + "]" == permission)
-                {
-                    return true;
-                }
-
-                var roles = user.Roles;
-                if (roles != null)
-                {
-                    return roles.IndexOf(";" + permission + ";") != -1;
-                }
-            }
-            return false;
-        }
     }
 }
diff --git a/Oqtane.Client/Shared/Constants.cs b/Oqtane.Client/Shared/Constants.cs
deleted file mode 100644
index 54d2d35f..00000000
--- a/Oqtane.Client/Shared/Constants.cs
+++ /dev/null
@@ -1,17 +0,0 @@
-namespace Oqtane.Shared
-{
-    public class Constants
-    {
-        public const string DefaultPage = "Oqtane.Client.Shared.Theme, Oqtane.Client";
-        public const string DefaultContainer = "Oqtane.Client.Shared.Container, Oqtane.Client";
-        public const string DefaultAdminContainer = "Oqtane.Client.Themes.AdminContainer, Oqtane.Client";
-        public const string DefaultSettingsControl = "Oqtane.Client.Modules.Admin.ModuleSettings.Index, Oqtane.Client";
-        public const string PageManagementModule = "Oqtane.Client.Modules.Admin.Pages, Oqtane.Client";
-        public const string DefaultControl = "Index";
-
-        public const string AdminPane = "Admin";
-
-        public const string AllUsersRole = "All Users";
-        public const string AdminRole = "Administrators";
-    }
-}
diff --git a/Oqtane.Client/Shared/Container.razor b/Oqtane.Client/Shared/ContainerBuilder.razor
similarity index 57%
rename from Oqtane.Client/Shared/Container.razor
rename to Oqtane.Client/Shared/ContainerBuilder.razor
index 9d309925..10e30bf7 100644
--- a/Oqtane.Client/Shared/Container.razor
+++ b/Oqtane.Client/Shared/ContainerBuilder.razor
@@ -1,5 +1,7 @@
 @using Oqtane.Models
 @using Oqtane.Shared
+@using Oqtane.Modules
+@namespace Oqtane.Shared
 
 <CascadingValue Value="@ModuleState">
     @DynamicComponent
@@ -10,15 +12,21 @@
     protected PageState PageState { get; set; }
 
     [Parameter]
-    private Module Module { get; set; }
-
-    Module ModuleState;
-    string container;
+    public Module Module { get; set; }
 
     RenderFragment DynamicComponent { get; set; }
 
-    protected override void OnInit()
+    Module ModuleState;
+
+    protected override void OnParametersSet()
     {
+        ModuleState = Module; // passed in from Pane component
+        string container = ModuleState.ContainerType;
+        if (PageState.ModuleId != -1 && PageState.Control != "" && ModuleState.UseAdminContainer)
+        {
+            container = Constants.DefaultAdminContainer;
+        }
+
         DynamicComponent = builder =>
         {
             Type containerType = Type.GetType(container);
@@ -29,19 +37,11 @@
             }
             else
             {
-                // container does not exist with type specified
+            // container does not exist with type specified
+            builder.OpenComponent(0, Type.GetType(Constants.ModuleMessageControl));
+                builder.AddAttribute(1, "Message", "Error Loading Module Container " + container);
+                builder.CloseComponent();
             }
         };
     }
-
-    protected override Task OnParametersSetAsync()
-    {
-        ModuleState = Module; // passed in from Pane component
-        container = ModuleState.ContainerType;
-        if (PageState.ModuleId != -1 && PageState.Control != "")
-        {
-            container = Constants.DefaultAdminContainer;
-        }
-        return Task.CompletedTask;
-    }
 }
diff --git a/Oqtane.Client/Shared/Installer.razor b/Oqtane.Client/Shared/Installer.razor
index 321f8d3d..de2bf1b4 100644
--- a/Oqtane.Client/Shared/Installer.razor
+++ b/Oqtane.Client/Shared/Installer.razor
@@ -1,9 +1,11 @@
 @using Oqtane.Services
 @using Oqtane.Models
+@using Oqtane.Shared
+@namespace Oqtane.Shared
 @inject IUriHelper UriHelper
-@inject IInstallationService  InstallationService
+@inject IInstallationService InstallationService
 @inject IUserService UserService
- 
+
 <div class="container">
     <div class="row">
         <div class="mx-auto text-center">
@@ -82,10 +84,10 @@
                 <tbody>
                     <tr>
                         <td>
-                            <label for="Title" class="control-label" style="font-weight: bold">Username: </label>
+                            <label for="Title" class="control-label" style="font-weight: bold">Email: </label>
                         </td>
                         <td>
-                            <input type="text" id="Email" class="form-control" @bind="@HostUsername" />
+                            <input type="text" id="Email" class="form-control" @bind="@Email" />
                         </td>
                     </tr>
                     <tr>
@@ -102,7 +104,7 @@
     </div>
     <div class="row">
         <div class="mx-auto text-center">
-            <button class="btn btn-success" @onclick="@Install">Install Now</button><br /><br />
+            <button type="button" class="btn btn-success" @onclick="@Install">Install Now</button><br /><br />
             @((MarkupString)@Message)
         </div>
         <div class="loading" style="@LoadingDisplay"></div>
@@ -110,78 +112,78 @@
 </div>
 
 @code {
+    private string DatabaseType = "LocalDB";
+    private string ServerName = "(LocalDb)\\MSSQLLocalDB";
+    private string DatabaseName = "Oqtane-" + DateTime.Now.ToString("yyyyMMddHHmm");
+    private string Username = "";
+    private string Password = "";
+    private string Email = "";
+    private string HostPassword = "";
+    private string Message = "";
 
-private string DatabaseType = "LocalDB";
-private string ServerName = "(LocalDb)\\MSSQLLocalDB";
-private string DatabaseName = "Oqtane-" + DateTime.Now.ToString("yyyyMMddHHmm");
-private bool IntegratedSecurity = true;
-private string Username = "";
-private string Password = "";
-private string HostUsername = "host";
-private string HostPassword = "";
-private string Message = "";
+    private string IntegratedSecurityDisplay = "display:none;";
+    private string LoadingDisplay = "display:none;";
 
-private string IntegratedSecurityDisplay = "display:none;";
-private string LoadingDisplay = "display:none;";
-
-private void SetIntegratedSecurity(UIChangeEventArgs e)
-{
-    if (Convert.ToBoolean(e.Value))
+    private void SetIntegratedSecurity(UIChangeEventArgs e)
     {
-        IntegratedSecurityDisplay = "display:none;";
-    }
-    else
-    {
-        IntegratedSecurityDisplay = "";
-    }
-}
-
-private async Task Install()
-{
-    if (HostPassword.Length >= 6)
-    {
-        LoadingDisplay = "";
-        StateHasChanged();
-
-        string connectionstring = "";
-        if (DatabaseType == "LocalDB")
+        if (Convert.ToBoolean(e.Value))
         {
-            connectionstring = "Data Source=" + ServerName + ";AttachDbFilename=|DataDirectory|\\" + DatabaseName + ".mdf;Initial Catalog=" + DatabaseName + ";Integrated Security=SSPI;";
+            IntegratedSecurityDisplay = "display:none;";
         }
         else
         {
-            connectionstring = "Data Source=" + ServerName + ";Initial Catalog=" + DatabaseName + ";";
-            if (IntegratedSecurityDisplay == "display:none;")
+            IntegratedSecurityDisplay = "";
+        }
+    }
+
+    private async Task Install()
+    {
+        if (HostPassword.Length >= 6)
+        {
+            LoadingDisplay = "";
+            StateHasChanged();
+
+            string connectionstring = "";
+            if (DatabaseType == "LocalDB")
             {
-                connectionstring += "Integrated Security=SSPI;";
+                connectionstring = "Data Source=" + ServerName + ";AttachDbFilename=|DataDirectory|\\" + DatabaseName + ".mdf;Initial Catalog=" + DatabaseName + ";Integrated Security=SSPI;";
             }
             else
             {
-                connectionstring += "User ID=" + Username + ";Password=" + Password;
+                connectionstring = "Data Source=" + ServerName + ";Initial Catalog=" + DatabaseName + ";";
+                if (IntegratedSecurityDisplay == "display:none;")
+                {
+                    connectionstring += "Integrated Security=SSPI;";
+                }
+                else
+                {
+                    connectionstring += "User ID=" + Username + ";Password=" + Password;
 
+                }
+            }
+            GenericResponse response = await InstallationService.Install(connectionstring);
+            if (response.Success)
+            {
+                User user = new User();
+                user.SiteId = 1;
+                user.Username = Email;
+                user.DisplayName = Email;
+                user.Email = Email;
+                user.IsHost = true;
+                user.Password = HostPassword;
+                user = await UserService.AddUserAsync(user);
+
+                UriHelper.NavigateTo("", true);
+            }
+            else
+            {
+                Message = "<div class=\"alert alert-danger\" role=\"alert\">" + response.Message + "</div>";
+                LoadingDisplay = "display:none;";
             }
-        }
-        GenericResponse response = await InstallationService.Install(connectionstring);
-        if (response.Success)
-        {
-            User user = new User();
-            user.Username = HostUsername;
-            user.DisplayName = HostUsername;
-            user.Password = HostPassword;
-            user.IsSuperUser = true;
-            user.Roles = "";
-            await UserService.AddUserAsync(user);
-            UriHelper.NavigateTo("", true);
         }
         else
         {
-            Message = "<div class=\"alert alert-danger\" role=\"alert\">" + response.Message + "</div>";
-            LoadingDisplay = "display:none;";
+            Message = "<div class=\"alert alert-danger\" role=\"alert\">Password Must Be 6 Characters Or Greater</div>";
         }
     }
-    else
-    {
-        Message = "<div class=\"alert alert-danger\" role=\"alert\">Password Must Be 6 Characters Or Greater</div>";
-    }
-}
 }
diff --git a/Oqtane.Client/Shared/Interop.cs b/Oqtane.Client/Shared/Interop.cs
index 3ece9f1d..86430083 100644
--- a/Oqtane.Client/Shared/Interop.cs
+++ b/Oqtane.Client/Shared/Interop.cs
@@ -85,5 +85,20 @@ namespace Oqtane.Shared
                 return Task.CompletedTask;
             }
         }
+
+        public Task UploadFiles(string posturl, string folder, string name)
+        {
+            try
+            {
+                jsRuntime.InvokeAsync<string>(
+                "interop.uploadFiles",
+                posturl, folder, name);
+                return Task.CompletedTask;
+            }
+            catch
+            {
+                return Task.CompletedTask;
+            }
+        }
     }
 }
diff --git a/Oqtane.Client/Shared/ModuleInstance.razor b/Oqtane.Client/Shared/ModuleInstance.razor
index 8a2513a1..2b67de38 100644
--- a/Oqtane.Client/Shared/ModuleInstance.razor
+++ b/Oqtane.Client/Shared/ModuleInstance.razor
@@ -1,5 +1,7 @@
 @using Oqtane.Models
 @using Oqtane.Shared
+@using Oqtane.Modules
+@namespace Oqtane.Shared
 
 @DynamicComponent
 
@@ -12,16 +14,20 @@
 
     RenderFragment DynamicComponent { get; set; }
 
-    protected override void OnInit()
+    protected override void OnParametersSet()
     {
         DynamicComponent = builder =>
         {
             string typename = ModuleState.ModuleType;
             if (PageState.Control == "Settings") // module settings are a core component
-            {
+        {
                 typename = Constants.DefaultSettingsControl;
             }
-            Type moduleType = Type.GetType(typename);
+            Type moduleType = null;
+            if (typename != null)
+            {
+                moduleType = Type.GetType(typename);
+            }
             if (moduleType != null)
             {
                 builder.OpenComponent(0, moduleType);
@@ -29,7 +35,10 @@
             }
             else
             {
-                // module control does not exist with typename specified
+            // module does not exist with typename specified
+            builder.OpenComponent(0, Type.GetType(Constants.ModuleMessageControl));
+                builder.AddAttribute(1, "Message", "Error Loading Component For Module " + ModuleState.ModuleDefinitionName);
+                builder.CloseComponent();
             }
         };
     }
diff --git a/Oqtane.Client/Shared/PageState.cs b/Oqtane.Client/Shared/PageState.cs
index 419b92ad..37721465 100644
--- a/Oqtane.Client/Shared/PageState.cs
+++ b/Oqtane.Client/Shared/PageState.cs
@@ -19,5 +19,8 @@ namespace Oqtane.Shared
         public Dictionary<string, string> QueryString { get; set; }
         public int ModuleId { get; set; }
         public string Control { get; set; }
+        public bool EditMode { get; set; }
+        public bool DesignMode { get; set; }
+        public int Reload { get; set; }
     }
 }
diff --git a/Oqtane.Client/Shared/Pane.razor b/Oqtane.Client/Shared/Pane.razor
index 89776819..cb66c01e 100644
--- a/Oqtane.Client/Shared/Pane.razor
+++ b/Oqtane.Client/Shared/Pane.razor
@@ -3,13 +3,18 @@
 @using Oqtane.Modules
 @using Oqtane.Models
 @using Oqtane.Shared
+@using Oqtane.Security
 @using System.Linq
+@namespace Oqtane.Shared
 @inject IUserService UserService
 @inject IModuleService ModuleService
 @inject IModuleDefinitionService ModuleDefinitionService
 
 <div class="@paneadminborder">
-    @((MarkupString)panetitle)
+    @if (panetitle != "")
+    {
+        @((MarkupString)panetitle)
+    }
     @DynamicComponent
 </div>
 
@@ -18,20 +23,25 @@
     protected PageState PageState { get; set; }
 
     [Parameter]
-    private string Name { get; set; }
+    public string Name { get; set; }
 
     RenderFragment DynamicComponent { get; set; }
 
     string paneadminborder = "";
     string panetitle = "";
 
-    protected override void OnInit()
+    protected override void OnParametersSet()
     {
-        if (UserService.IsAuthorized(PageState.User, PageState.Page.EditPermissions) && Name != Constants.AdminPane)
+        if (PageState.DesignMode && UserSecurity.IsAuthorized(PageState.User, "Edit", PageState.Page.Permissions) && Name != Constants.AdminPane)
         {
             paneadminborder = "pane-admin-border";
             panetitle = "<div class=\"pane-admin-title\">" + Name + " Pane</div>";
         }
+        else
+        {
+            paneadminborder = "";
+            panetitle = "";
+        }
 
         DynamicComponent = builder =>
         {
@@ -50,38 +60,38 @@
                         Type moduleType = Type.GetType(typename);
                         if (moduleType != null)
                         {
-                            var moduleobject = Activator.CreateInstance(moduleType);
-                            // verify security access level for this module control
-                            SecurityAccessLevelEnum SecurityAccessLevel = (SecurityAccessLevelEnum)moduleType.GetProperty("SecurityAccessLevel").GetValue(moduleobject, null);
                             bool authorized = false;
-                            switch (SecurityAccessLevel)
+                            if (PageState.Control == "Settings")
                             {
-                                case SecurityAccessLevelEnum.Anonymous:
-                                    authorized = true;
-                                    break;
-                                case SecurityAccessLevelEnum.View:
-                                    authorized = UserService.IsAuthorized(PageState.User, module.ViewPermissions);
-                                    break;
-                                case SecurityAccessLevelEnum.Edit:
-                                    authorized = UserService.IsAuthorized(PageState.User, module.EditPermissions);
-                                    break;
-                                case SecurityAccessLevelEnum.Admin:
-                                    authorized = UserService.IsAuthorized(PageState.User, Constants.AdminRole);
-                                    break;
-                                case SecurityAccessLevelEnum.Host:
-                                    authorized = PageState.User.IsSuperUser;
-                                    break;
+                                authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", PageState.Page.Permissions);
+                            }
+                            else
+                            {
+                            // verify security access level for this module control
+                            switch (module.SecurityAccessLevel)
+                                {
+                                    case SecurityAccessLevel.Anonymous:
+                                        authorized = true;
+                                        break;
+                                    case SecurityAccessLevel.View:
+                                        authorized = UserSecurity.IsAuthorized(PageState.User, "View", module.Permissions);
+                                        break;
+                                    case SecurityAccessLevel.Edit:
+                                        authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", module.Permissions);
+                                        break;
+                                    case SecurityAccessLevel.Admin:
+                                        authorized = UserSecurity.IsAuthorized(PageState.User, Constants.AdminRole);
+                                        break;
+                                    case SecurityAccessLevel.Host:
+                                        authorized = UserSecurity.IsAuthorized(PageState.User, Constants.HostRole);
+                                        break;
+                                }
                             }
                             if (authorized)
                             {
-                                if (PageState.Control != "Settings")
+                                if (PageState.Control != "Settings" && module.ControlTitle != "")
                                 {
-                                    // get module control title
-                                    string title = (string)moduleType.GetProperty("Title").GetValue(moduleobject);
-                                    if (title != "")
-                                    {
-                                        module.Title = title;
-                                    }
+                                    module.Title = module.ControlTitle;
                                 }
                                 builder.OpenComponent(0, Type.GetType(Constants.DefaultContainer));
                                 builder.AddAttribute(1, "Module", module);
@@ -90,8 +100,8 @@
                         }
                         else
                         {
-                            // module control does not exist with name specified
-                        }
+                        // module control does not exist with name specified
+                    }
                     }
                 }
             }
@@ -102,8 +112,8 @@
                     Module module = PageState.Modules.Where(item => item.ModuleId == PageState.ModuleId).FirstOrDefault();
                     if (module != null && module.Pane == Name)
                     {
-                        // check if user is authorized to view module
-                        if (UserService.IsAuthorized(PageState.User, module.ViewPermissions))
+                    // check if user is authorized to view module
+                    if (UserSecurity.IsAuthorized(PageState.User, "View", module.Permissions))
                         {
                             builder.OpenComponent(0, Type.GetType(Constants.DefaultContainer));
                             builder.AddAttribute(1, "Module", module);
@@ -115,11 +125,12 @@
                 {
                     foreach (Module module in PageState.Modules.Where(item => item.Pane == Name).OrderBy(x => x.Order).ToArray())
                     {
-                        // check if user is authorized to view module
-                        if (UserService.IsAuthorized(PageState.User, module.ViewPermissions))
+                    // check if user is authorized to view module
+                    if (UserSecurity.IsAuthorized(PageState.User, "View", module.Permissions))
                         {
                             builder.OpenComponent(0, Type.GetType(Constants.DefaultContainer));
                             builder.AddAttribute(1, "Module", module);
+                            builder.SetKey(module.PageModuleId);
                             builder.CloseComponent();
                         }
                     }
diff --git a/Oqtane.Client/Shared/PaneLayout.razor b/Oqtane.Client/Shared/PaneLayout.razor
index d07d5920..71366a87 100644
--- a/Oqtane.Client/Shared/PaneLayout.razor
+++ b/Oqtane.Client/Shared/PaneLayout.razor
@@ -1,5 +1,6 @@
 @using System
 @using Oqtane.Shared
+@namespace Oqtane.Shared
 
 @DynamicComponent
 
@@ -9,7 +10,7 @@
 
     RenderFragment DynamicComponent { get; set; }
 
-    protected override void OnInit()
+    protected override void OnParametersSet()
     {
         DynamicComponent = builder =>
         {
diff --git a/Oqtane.Client/Shared/SiteRouter.razor b/Oqtane.Client/Shared/SiteRouter.razor
index b8ec1bd2..779de435 100644
--- a/Oqtane.Client/Shared/SiteRouter.razor
+++ b/Oqtane.Client/Shared/SiteRouter.razor
@@ -1,17 +1,18 @@
 @using System
 @using Oqtane.Services
 @using Oqtane.Models
+@using Oqtane.Modules
 @using System.Linq
 @using System.Collections.Generic
 @using Oqtane.Shared
-@using Microsoft.JSInterop
+@using Oqtane.Security
 @using Microsoft.AspNetCore.Components.Routing
+@namespace Oqtane.Shared
 @inject AuthenticationStateProvider AuthenticationStateProvider
 @inject SiteState SiteState
 @inject IUriHelper UriHelper
 @inject INavigationInterception NavigationInterception
 @inject IComponentContext ComponentContext
-@inject IJSRuntime jsRuntime
 @inject IAliasService AliasService
 @inject ITenantService TenantService
 @inject ISiteService SiteService
@@ -26,325 +27,384 @@
 
 @code {
 
-[CascadingParameter] PageState PageState { get; set; }
+    [CascadingParameter]
+    PageState PageState { get; set; }
 
-[Parameter] Action<PageState> OnStateChange { get; set; }
+    [Parameter]
+    public Action<PageState> OnStateChange { get; set; }
 
-PageState pagestate;
-RenderFragment DynamicComponent { get; set; }
+    PageState pagestate;
+    RenderFragment DynamicComponent { get; set; }
 
-string _absoluteUri;
-bool _navigationInterceptionEnabled;
+    string _absoluteUri;
+    bool _navigationInterceptionEnabled;
 
-protected override void OnInit()
-{
-    _absoluteUri = UriHelper.GetAbsoluteUri();
-    UriHelper.OnLocationChanged += OnLocationChanged;
-
-    DynamicComponent = builder =>
+    protected override void OnInitialized()
     {
-        if (pagestate != null)
+        _absoluteUri = UriHelper.GetAbsoluteUri();
+        UriHelper.OnLocationChanged += OnLocationChanged;
+
+        DynamicComponent = builder =>
         {
-            builder.OpenComponent(0, Type.GetType(Constants.DefaultPage));
-            builder.CloseComponent();
-        }
-    };
-}
-
-public void Dispose()
-{
-    UriHelper.OnLocationChanged -= OnLocationChanged;
-}
-
-protected override async Task OnParametersSetAsync()
-{
-    if (PageState == null)
-    {
-        await Refresh();
-    }
-}
-
-private async Task Refresh()
-{
-    List<ModuleDefinition> moduledefinitions;
-    List<Models.Theme> themes;
-    List<Alias> aliases;
-    Alias alias;
-    Site site;
-    List<Page> pages;
-    Page page;
-    User user;
-    List<Module> modules;
-
-    bool reload = false;
-    if (PageState == null)
-    {
-        aliases = await AliasService.GetAliasesAsync();
-        alias = null;
-    }
-    else
-    {
-        aliases = PageState.Aliases;
-        alias = PageState.Alias;
-    }
-    if (alias == null || GetAlias(_absoluteUri, aliases).Name != alias.Name)
-    {
-        alias = GetAlias(_absoluteUri, aliases);
-        SiteState.Alias = alias; // set state for services
-        reload = true;
-    }
-    if (PageState == null || reload == true)
-    {
-        moduledefinitions = await ModuleDefinitionService.GetModuleDefinitionsAsync();
-        themes = await ThemeService.GetThemesAsync();
-        site = await SiteService.GetSiteAsync(alias.SiteId);
-    }
-    else
-    {
-        moduledefinitions = PageState.ModuleDefinitions;
-        themes = PageState.Themes;
-        site = PageState.Site;
-    }
-    if (site != null || reload == true)
-    {
-        string path = new Uri(_absoluteUri).PathAndQuery.Substring(1);
-        if (path.EndsWith("/")) { path = path.Substring(0, path.Length - 1); }
-        if (alias.Path != "")
-        {
-            path = path.Replace(alias.Path, "");
-            if (path.StartsWith("/")) { path = path.Substring(1); }
-        }
-        Dictionary<string, string> querystring = ParseQueryString(path);
-
-        if (querystring.ContainsKey("reload"))
-        {
-            reload = true;
-        }
-
-        user = null;
-        if (PageState == null || reload == true)
-        {
-            var authState = await AuthenticationStateProvider.GetAuthenticationStateAsync();
-            if (authState.User.Identity.IsAuthenticated)
+            if (PageState != null)
             {
-                user = await UserService.GetUserAsync(authState.User.Identity.Name);
+                builder.OpenComponent(0, Type.GetType(Constants.DefaultPage));
+                builder.CloseComponent();
             }
-        }
-        else
-        {
-            user = PageState.User;
-        }
+        };
+    }
 
-        if (PageState == null || reload == true)
-        {
-            pages = await PageService.GetPagesAsync(site.SiteId);
-        }
-        else
-        {
-            pages = PageState.Pages;
-        }
+    public void Dispose()
+    {
+        UriHelper.OnLocationChanged -= OnLocationChanged;
+    }
 
-        if (path.IndexOf("?") != -1)
+    protected override async Task OnParametersSetAsync()
+    {
+        if (PageState == null)
         {
-            path = path.Substring(0, path.IndexOf("?"));
-        }
-
-        if (PageState == null || reload == true)
-        {
-            page = pages.Where(item => item.Path == path).FirstOrDefault();
-        }
-        else
-        {
-            page = PageState.Page;
-        }
-        if (page.Path != path)
-        {
-            page = pages.Where(item => item.Path == path).FirstOrDefault();
-            reload = true;
-        }
-
-        if (page != null)
-        {
-            // check if user is authorized to view page
-            if (UserService.IsAuthorized(user, page.ViewPermissions))
+            // misconfigured api calls should not be processed through the router
+            if (!_absoluteUri.Contains("~/api/"))
             {
-                pagestate = new PageState();
-                pagestate.ModuleDefinitions = moduledefinitions;
-                pagestate.Themes = themes;
-                pagestate.Aliases = aliases;
-                pagestate.Alias = alias;
-                pagestate.Site = site;
-                pagestate.Pages = pages;
-                pagestate.Page = page;
-                pagestate.User = user;
-                pagestate.Uri = new Uri(_absoluteUri, UriKind.Absolute);
-                pagestate.QueryString = querystring;
-                pagestate.ModuleId = -1;
-                pagestate.Control = "";
-
-                if (querystring.ContainsKey("mid"))
-                {
-                    pagestate.ModuleId = int.Parse(querystring["mid"]);
-                }
-                if (querystring.ContainsKey("ctl"))
-                {
-                    pagestate.Control = querystring["ctl"];
-                }
-                if (PageState != null && (PageState.ModuleId != pagestate.ModuleId || PageState.Control != pagestate.Control))
-                {
-                    reload = true;
-                }
-
-                if (PageState == null || reload == true)
-                {
-                    modules = await ModuleService.GetModulesAsync(page.PageId);
-                    modules = ProcessModules(modules, moduledefinitions, pagestate.Control, page.Panes);
-                }
-                else
-                {
-                    modules = PageState.Modules;
-                }
-                pagestate.Modules = modules;
-
-                OnStateChange?.Invoke(pagestate);
+                await Refresh();
             }
             else
             {
-                // user is not authorized to view page
+                System.Diagnostics.Debug.WriteLine(this.GetType().FullName + ": Error: API call to " + _absoluteUri + " is not mapped to a Controller");
             }
         }
+    }
+
+    private async Task Refresh()
+    {
+        List<ModuleDefinition> moduledefinitions;
+        List<Models.Theme> themes;
+        List<Alias> aliases;
+        Alias alias;
+        Site site;
+        List<Page> pages;
+        Page page;
+        User user;
+        List<Module> modules;
+        int moduleid = -1;
+        string control = "";
+        bool editmode = false;
+        bool designmode = false;
+        int reload = 0;
+
+        if (PageState != null)
+        {
+            reload = PageState.Reload;
+            editmode = PageState.EditMode;
+            designmode = PageState.DesignMode;
+        }
+
+        if (PageState == null || reload == Constants.ReloadApplication)
+        {
+            moduledefinitions = await ModuleDefinitionService.GetModuleDefinitionsAsync();
+            themes = await ThemeService.GetThemesAsync();
+            aliases = await AliasService.GetAliasesAsync();
+            alias = null;
+        }
         else
         {
-            // page does not exist
+            moduledefinitions = PageState.ModuleDefinitions;
+            themes = PageState.Themes;
+            aliases = PageState.Aliases;
+            alias = PageState.Alias;
         }
-    }
-    else
-    {
-        // site does not exist
-    }
-}
 
-private async void OnLocationChanged(object sender, LocationChangedEventArgs args)
-{
-    _absoluteUri = args.Location;
-    await Refresh();
-}
-
-Task IHandleAfterRender.OnAfterRenderAsync()
-{
-    if (!_navigationInterceptionEnabled && ComponentContext.IsConnected)
-    {
-        _navigationInterceptionEnabled = true;
-        return NavigationInterception.EnableNavigationInterceptionAsync();
-    }
-    return Task.CompletedTask;
-}
-
-private Dictionary<string, string> ParseQueryString(string path)
-{
-    Dictionary<string, string> querystring = new Dictionary<string, string>();
-    if (path.IndexOf("?") != -1)
-    {
-        foreach (string kvp in path.Substring(path.IndexOf("?") + 1).Split('&'))
+        // check if site has changed
+        if (alias == null || GetAlias(_absoluteUri, aliases).Name != alias.Name)
         {
-            if (kvp != "")
+            alias = GetAlias(_absoluteUri, aliases);
+            SiteState.Alias = alias; // set state for services
+            reload = Constants.ReloadSite;
+        }
+        if (PageState == null || reload <= Constants.ReloadSite)
+        {
+            site = await SiteService.GetSiteAsync(alias.SiteId);
+        }
+        else
+        {
+            site = PageState.Site;
+        }
+        if (site != null)
+        {
+            if (PageState == null || reload >= Constants.ReloadSite)
             {
-                if (kvp.Contains("="))
+                pages = await PageService.GetPagesAsync(site.SiteId);
+            }
+            else
+            {
+                pages = PageState.Pages;
+            }
+
+            // get Url path and querystring
+            string path = new Uri(_absoluteUri).PathAndQuery.Substring(1);
+
+            // parse querystring and remove
+            Dictionary<string, string> querystring = new Dictionary<string, string>();
+            if (path.IndexOf("?") != -1)
+            {
+                querystring = ParseQueryString(path);
+                path = path.Substring(0, path.IndexOf("?"));
+            }
+
+            // format path and remove alias
+            path = path.Replace("//", "/");
+            if (!path.EndsWith("/")) { path += "/"; }
+            if (alias.Path != "")
+            {
+                path = path.Replace(alias.Path + "/", "");
+            }
+
+            // extract admin route elements from path
+            string[] segments = path.Split(new[] { '/' }, StringSplitOptions.RemoveEmptyEntries);
+            int result;
+            if (segments.Length >= 2 && int.TryParse(segments[segments.Length - 2], out result))
+            {
+                // path has moduleid and control specification ie. page/moduleid/control/
+                control = segments[segments.Length - 1];
+                moduleid = result;
+                path = path.Replace(moduleid.ToString() + "/" + control + "/", "");
+            }
+            else
+            {
+                if (segments.Length >= 2 && int.TryParse(segments[segments.Length - 2], out result))
                 {
-                    string[] pair = kvp.Split('=');
-                    querystring.Add(pair[0], pair[1]);
+                    // path has only moduleid specification ie. page/moduleid/
+                    moduleid = result;
+                    path = path.Replace(moduleid.ToString() + "/", "");
+                }
+            }
+            // remove trailing slash so it can be used as a key for Pages
+            if (path.EndsWith("/")) path = path.Substring(0, path.Length - 1);
+
+            if (PageState == null || reload >= Constants.ReloadPage)
+            {
+                page = pages.Where(item => item.Path == path).FirstOrDefault();
+            }
+            else
+            {
+                page = PageState.Page;
+            }
+            // check if page has changed
+            if (page.Path != path)
+            {
+                page = pages.Where(item => item.Path == path).FirstOrDefault();
+                reload = Constants.ReloadPage;
+                editmode = page.EditMode;
+                designmode = false;
+            }
+
+            user = null;
+            if (PageState == null || reload >= Constants.ReloadPage)
+            {
+                var authState = await AuthenticationStateProvider.GetAuthenticationStateAsync();
+                if (authState.User.Identity.IsAuthenticated)
+                {
+                    user = await UserService.GetUserAsync(authState.User.Identity.Name, site.SiteId);
+                }
+            }
+            else
+            {
+                user = PageState.User;
+            }
+
+            if (page != null)
+            {
+                // check if user is authorized to view page
+                if (UserSecurity.IsAuthorized(user, "View", page.Permissions))
+                {
+                    pagestate = new PageState();
+                    pagestate.ModuleDefinitions = moduledefinitions;
+                    pagestate.Themes = themes;
+                    pagestate.Aliases = aliases;
+                    pagestate.Alias = alias;
+                    pagestate.Site = site;
+                    pagestate.Pages = pages;
+                    pagestate.Page = page;
+                    pagestate.User = user;
+                    pagestate.Uri = new Uri(_absoluteUri, UriKind.Absolute);
+                    pagestate.QueryString = querystring;
+                    pagestate.ModuleId = moduleid;
+                    pagestate.Control = control;
+
+                    if (PageState != null && (PageState.ModuleId != pagestate.ModuleId || PageState.Control != pagestate.Control))
+                    {
+                        reload = Constants.ReloadPage;
+                    }
+
+                    if (PageState == null || reload >= Constants.ReloadPage)
+                    {
+                        modules = await ModuleService.GetModulesAsync(page.PageId);
+                        modules = ProcessModules(modules, moduledefinitions, pagestate.Control, page.Panes);
+                    }
+                    else
+                    {
+                        modules = PageState.Modules;
+                    }
+                    pagestate.Modules = modules;
+                    pagestate.EditMode = editmode;
+                    pagestate.DesignMode = designmode;
+                    pagestate.Reload = Constants.ReloadReset;
+
+                    OnStateChange?.Invoke(pagestate);
                 }
                 else
                 {
-                    querystring.Add(kvp, "true"); // default querystring when no value is provided
+                    // user is not authorized to view page
                 }
             }
-        }
-    }
-    return querystring;
-}
-
-private List<Module> ProcessModules(List<Module> modules, List<ModuleDefinition> moduledefinitions, string control, string panes)
-{
-    ModuleDefinition moduledefinition;
-
-    if (control == "")
-    {
-        control = Constants.DefaultControl;
-    }
-
-    Dictionary<string, int> paneindex = new Dictionary<string, int>();
-    foreach (Module module in modules)
-    {
-        // set the type based on the template and action
-        moduledefinition = moduledefinitions.Where(item => item.ModuleDefinitionName == module.ModuleDefinitionName).FirstOrDefault();
-        if (moduledefinition != null)
-        {
-            string typename = moduledefinition.ControlTypeTemplate;
-            if (moduledefinition.ControlTypeRoutes != "")
+            else
             {
-                foreach (string route in moduledefinition.ControlTypeRoutes.Split(';'))
-                {
-                    if (route.StartsWith(control + "="))
-                    {
-                        typename = route.Replace(control + "=", "");
-                    }
-                }
+                // page does not exist
             }
-            module.ModuleType = typename.Replace("{Control}", control);
-        }
-
-        // ensure module's pane exists in current page and if not, assign it to the Admin pane
-        if (!panes.Contains(module.Pane))
-        {
-            module.Pane = Constants.AdminPane;
-        }
-
-        // calculate module position within pane
-        if (paneindex.ContainsKey(module.Pane))
-        {
-            paneindex[module.Pane] += 1;
         }
         else
         {
-            paneindex.Add(module.Pane, 0);
+            // site does not exist
         }
-        module.PaneModuleIndex = paneindex[module.Pane];
     }
 
-    foreach (Module module in modules)
+    private async void OnLocationChanged(object sender, LocationChangedEventArgs args)
     {
-        module.PaneModuleCount = paneindex[module.Pane] + 1;
+        _absoluteUri = args.Location;
+        await Refresh();
     }
-    return modules;
-}
 
-private Alias GetAlias(string absoluteUri, List<Alias> aliases)
-{
+    Task IHandleAfterRender.OnAfterRenderAsync()
+    {
+        if (!_navigationInterceptionEnabled && ComponentContext.IsConnected)
+        {
+            _navigationInterceptionEnabled = true;
+            return NavigationInterception.EnableNavigationInterceptionAsync();
+        }
+        return Task.CompletedTask;
+    }
 
-    string aliasname;
-    Alias alias = null;
-    Uri uri = new Uri(absoluteUri);
+    private Dictionary<string, string> ParseQueryString(string path)
+    {
+        Dictionary<string, string> querystring = new Dictionary<string, string>();
+        if (path.IndexOf("?") != -1)
+        {
+            foreach (string kvp in path.Substring(path.IndexOf("?") + 1).Split(new[] { '&' }, StringSplitOptions.RemoveEmptyEntries))
+            {
+                if (kvp != "")
+                {
+                    if (kvp.Contains("="))
+                    {
+                        string[] pair = kvp.Split('=');
+                        querystring.Add(pair[0], pair[1]);
+                    }
+                    else
+                    {
+                        querystring.Add(kvp, "true"); // default querystring when no value is provided
+                    }
+                }
+            }
+        }
+        return querystring;
+    }
 
-    if (uri.Segments.Count() > 1)
+    private List<Module> ProcessModules(List<Module> modules, List<ModuleDefinition> moduledefinitions, string control, string panes)
     {
-        // check if first path segment is an alias ( ie. a subfolder - www.domain.com/subfolder )
-        aliasname = uri.Authority + "/" + uri.Segments[1];
-        if (aliasname.EndsWith("/")) { aliasname = aliasname.Substring(0, aliasname.Length - 1); }
-        alias = aliases.Where(item => item.Name == aliasname).FirstOrDefault();
+        ModuleDefinition moduledefinition;
+
+        if (control == "")
+        {
+            control = Constants.DefaultControl;
+        }
+
+        Dictionary<string, int> paneindex = new Dictionary<string, int>();
+        foreach (Module module in modules)
+        {
+            // set the type based on the template and action
+            moduledefinition = moduledefinitions.Where(item => item.ModuleDefinitionName == module.ModuleDefinitionName).FirstOrDefault();
+            if (moduledefinition != null)
+            {
+                string typename = moduledefinition.ControlTypeTemplate;
+                if (moduledefinition.ControlTypeRoutes != "")
+                {
+                    foreach (string route in moduledefinition.ControlTypeRoutes.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries))
+                    {
+                        if (route.StartsWith(control + "="))
+                        {
+                            typename = route.Replace(control + "=", "");
+                        }
+                    }
+                }
+                module.ModuleType = typename.Replace("{Control}", control);
+
+                // get IModuleControl properties
+                typename = module.ModuleType;
+                if (control == "Settings")
+                {
+                    typename = Constants.DefaultSettingsControl;
+                }
+                Type moduletype = Type.GetType(typename);
+                if (moduletype != null)
+                {
+                    var moduleobject = Activator.CreateInstance(moduletype);
+                    module.SecurityAccessLevel = (SecurityAccessLevel)moduletype.GetProperty("SecurityAccessLevel").GetValue(moduleobject, null);
+                    module.ControlTitle = (string)moduletype.GetProperty("Title").GetValue(moduleobject);
+                    module.Actions = (string)moduletype.GetProperty("Actions").GetValue(moduleobject);
+                    module.UseAdminContainer = (bool)moduletype.GetProperty("UseAdminContainer").GetValue(moduleobject);
+                }
+            }
+
+            // ensure module's pane exists in current page and if not, assign it to the Admin pane
+            if (!panes.Contains(module.Pane))
+            {
+                module.Pane = Constants.AdminPane;
+            }
+
+            // calculate module position within pane
+            if (paneindex.ContainsKey(module.Pane))
+            {
+                paneindex[module.Pane] += 1;
+            }
+            else
+            {
+                paneindex.Add(module.Pane, 0);
+            }
+            module.PaneModuleIndex = paneindex[module.Pane];
+        }
+
+        foreach (Module module in modules)
+        {
+            module.PaneModuleCount = paneindex[module.Pane] + 1;
+        }
+        return modules;
     }
-    if (alias == null)
+
+    private Alias GetAlias(string absoluteUri, List<Alias> aliases)
     {
-        aliasname = uri.Authority;
-        alias = aliases.Where(item => item.Name == aliasname).FirstOrDefault();
+
+        string aliasname;
+        Alias alias = null;
+        Uri uri = new Uri(absoluteUri);
+
+        if (uri.Segments.Count() > 1)
+        {
+            // check if first path segment is an alias ( ie. a subfolder - www.domain.com/subfolder )
+            aliasname = uri.Authority + "/" + uri.Segments[1];
+            if (aliasname.EndsWith("/")) { aliasname = aliasname.Substring(0, aliasname.Length - 1); }
+            alias = aliases.Where(item => item.Name == aliasname).FirstOrDefault();
+        }
+        if (alias == null)
+        {
+            aliasname = uri.Authority;
+            alias = aliases.Where(item => item.Name == aliasname).FirstOrDefault();
+        }
+        if (alias == null && aliases.Count > 0)
+        {
+            // use first alias if Uri does not exist
+            alias = aliases.FirstOrDefault();
+        }
+        alias.Scheme = uri.Scheme;
+        return alias;
     }
-    if (alias == null && aliases.Count > 0)
-    {
-        // use first alias if Uri does not exist
-        alias = aliases.FirstOrDefault();
-    }
-    alias.Scheme = uri.Scheme;
-    return alias;
-}
 
 }
\ No newline at end of file
diff --git a/Oqtane.Client/Shared/Theme.razor b/Oqtane.Client/Shared/ThemeBuilder.razor
similarity index 57%
rename from Oqtane.Client/Shared/Theme.razor
rename to Oqtane.Client/Shared/ThemeBuilder.razor
index b059255c..63cdc8da 100644
--- a/Oqtane.Client/Shared/Theme.razor
+++ b/Oqtane.Client/Shared/ThemeBuilder.razor
@@ -1,4 +1,6 @@
 @using Oqtane.Shared
+@using Oqtane.Modules
+@namespace Oqtane.Shared
 
 @DynamicComponent
 
@@ -7,7 +9,7 @@
 
     RenderFragment DynamicComponent { get; set; }
 
-    protected override void OnInit()
+    protected override void OnParametersSet()
     {
         DynamicComponent = builder =>
         {
@@ -19,7 +21,10 @@
             }
             else
             {
-                // theme does not exist with type specified
+            // theme does not exist with type specified
+            builder.OpenComponent(0, Type.GetType(Constants.ModuleMessageControl));
+                builder.AddAttribute(1, "Message", "Error Loading Page Theme " + PageState.Page.ThemeType);
+                builder.CloseComponent();
             }
         };
     }
diff --git a/Oqtane.Client/Shared/Utilities.cs b/Oqtane.Client/Shared/Utilities.cs
index 9de11332..f25ead1c 100644
--- a/Oqtane.Client/Shared/Utilities.cs
+++ b/Oqtane.Client/Shared/Utilities.cs
@@ -1,57 +1,58 @@
-using System;
-using Oqtane.Models;
+using Oqtane.Models;
+using System;
+using System.Collections.Generic;
+using System.Linq;
 
 namespace Oqtane.Shared
 {
     public class Utilities
     {
-        public static string NavigateUrl(PageState pagestate)
-        {
-            return NavigateUrl(pagestate, pagestate.Page.Path, false);
-        }
 
-        public static string NavigateUrl(PageState pagestate, bool reload)
+        public static string NavigateUrl(string alias, string path, string parameters)
         {
-            return NavigateUrl(pagestate, pagestate.Page.Path, reload);
-        }
-
-        public static string NavigateUrl(PageState pagestate, string path)
-        {
-            return NavigateUrl(pagestate, path, false);
-        }
-
-        public static string NavigateUrl(PageState pagestate, string path, bool reload)
-        {
-            string url = pagestate.Alias.Path + "/" + path;
-            if (reload)
+            string url = "";
+            if (alias != "")
             {
-                if (url.Contains("?"))
-                {
-                    url += "&reload=true";
-                }
-                else
-                {
-                    url += "?reload=true";
-                }
+                url += alias + "/";
+            }
+            if (path != "" && path != "/")
+            {
+                url += path + "/";
+            }
+            if (url.EndsWith("/"))
+            {
+                url = url.Substring(0, url.Length - 1);
+            }
+            if (!string.IsNullOrEmpty(parameters))
+            {
+                url += "?" + parameters;
+            }
+            if (!url.StartsWith("/"))
+            {
+                url = "/" + url;
             }
             return url;
         }
 
-        public static string EditUrl(PageState pagestate, Module modulestate, string action)
+        public static string EditUrl(string alias, string path, int moduleid, string action, string parameters)
         {
-            return EditUrl(pagestate, modulestate, action, "");
-        }
-
-        public static string EditUrl(PageState pagestate, Module modulestate, string action, string parameters)
-        {
-            string url = pagestate.Alias.Path + "/" + pagestate.Page.Path + "?mid=" + modulestate.ModuleId.ToString();
-            if (action != "")
+            string url = NavigateUrl(alias, path, "");
+            if (url == "/") url = "";
+            if (moduleid != -1)
             {
-                url += "&ctl=" + action;
+                url += "/" + moduleid.ToString();
+            }
+            if (moduleid != -1 && action != "")
+            {
+                url += "/" + action;
             }
             if (!string.IsNullOrEmpty(parameters))
             {
-                url += "&" + parameters;
+                url += "?" + parameters;
+            }
+            if (!url.StartsWith("/"))
+            {
+                url = "/" + url;
             }
             return url;
         }
diff --git a/Oqtane.Client/Startup.cs b/Oqtane.Client/Startup.cs
index 1c64ca52..fbb94e81 100644
--- a/Oqtane.Client/Startup.cs
+++ b/Oqtane.Client/Startup.cs
@@ -46,7 +46,11 @@ namespace Oqtane.Client
             services.AddScoped<IModuleService, ModuleService>();
             services.AddScoped<IPageModuleService, PageModuleService>();
             services.AddScoped<IUserService, UserService>();
-
+            services.AddScoped<IProfileService, ProfileService>();
+            services.AddScoped<IRoleService, RoleService>();
+            services.AddScoped<IUserRoleService, UserRoleService>();
+            services.AddScoped<ISettingService, SettingService>();
+            services.AddScoped<IFileService, FileService>();
 
             // dynamically register module contexts and repository services
             Assembly[] assemblies = AppDomain.CurrentDomain.GetAssemblies();
@@ -57,7 +61,7 @@ namespace Oqtane.Client
                     .ToArray();
                 foreach (Type implementationtype in implementationtypes)
                 {
-                    Type servicetype = Type.GetType(implementationtype.FullName.Replace(implementationtype.Name, "I" + implementationtype.Name));
+                    Type servicetype = Type.GetType(implementationtype.AssemblyQualifiedName.Replace(implementationtype.Name, "I" + implementationtype.Name));
                     if (servicetype != null)
                     {
                         services.AddScoped(servicetype, implementationtype); // traditional service interface
diff --git a/Oqtane.Client/Themes/AdminContainer.razor b/Oqtane.Client/Themes/AdminContainer.razor
index 57f1f1a0..c7380739 100644
--- a/Oqtane.Client/Themes/AdminContainer.razor
+++ b/Oqtane.Client/Themes/AdminContainer.razor
@@ -1,7 +1,6 @@
 @using Oqtane.Shared
-@using Oqtane.Themes
-@using Oqtane.Client.Themes.Controls
-@using Oqtane.Client.Shared
+@using Oqtane.Themes.Controls
+@namespace Oqtane.Themes
 @inherits ContainerBase
 <div id="modal" class="modal" style="display: block">
     <div class="modal-content">
@@ -23,7 +22,7 @@
 @code {
     string closeurl;
 
-    protected override void OnInit()
+    protected override void OnInitialized()
     {
         closeurl = NavigateUrl();
     }
diff --git a/Oqtane.Client/Themes/ContainerBase.cs b/Oqtane.Client/Themes/ContainerBase.cs
index d476b7b7..6a939f5b 100644
--- a/Oqtane.Client/Themes/ContainerBase.cs
+++ b/Oqtane.Client/Themes/ContainerBase.cs
@@ -16,32 +16,37 @@ namespace Oqtane.Themes
 
         public string NavigateUrl()
         {
-            return Utilities.NavigateUrl(PageState);
-        }
-
-        public string NavigateUrl(bool reload)
-        {
-            return Utilities.NavigateUrl(PageState, reload);
+            return NavigateUrl(PageState.Page.Path);
         }
 
         public string NavigateUrl(string path)
         {
-            return Utilities.NavigateUrl(PageState, path);
+            return NavigateUrl(path, "");
         }
 
-        public string NavigateUrl(string path, bool reload)
+        public string NavigateUrl(string path, string parameters)
         {
-            return Utilities.NavigateUrl(PageState, path, reload);
+            return Utilities.NavigateUrl(PageState.Alias.Path, path, parameters);
         }
-
-        public string EditUrl(string action)
-        {
-            return Utilities.EditUrl(PageState, ModuleState, action, "");
-        }
-
         public string EditUrl(string action, string parameters)
         {
-            return Utilities.EditUrl(PageState, ModuleState, action, parameters);
+            return EditUrl(ModuleState.ModuleId, action, parameters);
         }
+
+        public string EditUrl(int moduleid, string action)
+        {
+            return EditUrl(moduleid, action, "");
+        }
+
+        public string EditUrl(int moduleid, string action, string parameters)
+        {
+            return EditUrl(PageState.Page.Path, moduleid, action, parameters);
+        }
+
+        public string EditUrl(string path, int moduleid, string action, string parameters)
+        {
+            return Utilities.EditUrl(PageState.Alias.Path, path, moduleid, action, parameters);
+        }
+
     }
 }
diff --git a/Oqtane.Client/Themes/Controls/ControlPanel.razor b/Oqtane.Client/Themes/Controls/ControlPanel.razor
index 45dc4d4a..59541741 100644
--- a/Oqtane.Client/Themes/Controls/ControlPanel.razor
+++ b/Oqtane.Client/Themes/Controls/ControlPanel.razor
@@ -3,6 +3,8 @@
 @using Oqtane.Models
 @using Oqtane.Themes
 @using Oqtane.Shared
+@using Oqtane.Security
+@namespace Oqtane.Themes.Controls
 @inherits ThemeObjectBase
 @inject IUriHelper UriHelper
 @inject IUserService UserService
@@ -11,67 +13,83 @@
 @inject IModuleService ModuleService
 @inject IPageModuleService PageModuleService
 
-<div id="actions" class="overlay">
-    <a href="javascript:void(0)" class="closebtn" onclick="closeActions()">x</a>
-    <div class="overlay-content">
-        <ul class="nav flex-column">
-            <li class="nav-item px-3">
-                <NavLink class="btn btn-primary" href="@PageUrl("Add")" Match="NavLinkMatch.All">Add Page</NavLink>
-            </li>
-            <li class="nav-item px-3">
-                <NavLink class="btn btn-primary" href="@PageUrl("Edit")" Match="NavLinkMatch.All">Edit Page</NavLink>
-            </li>
-            <li class="nav-item px-3">
-                <NavLink class="btn btn-primary" href="@PageUrl("Delete")" Match="NavLinkMatch.All">Delete Page</NavLink>
-            </li>
-        </ul>
-        <hr style="width: 100%; color: white; height: 1px; background-color:white;" />
-        <div class="container">
-            <div class="form-group">
-                <label for="Module" class="control-label" style="color: white !important;">Module: </label>
-                @if (moduledefinitions != null)
-                {
-                    <select class="form-control" @bind="@moduledefinitionname">
-                        <option value="">&lt;Select Module&gt;</option>
-                        @foreach (var moduledefinition in moduledefinitions)
+@if (UserSecurity.IsAuthorized(PageState.User, "Edit", PageState.Page.Permissions))
+{
+    <div id="actions" class="overlay">
+        <a href="javascript:void(0)" class="closebtn" onclick="closeActions()">x</a>
+        <div class="overlay-content">
+            <ul class="nav flex-column">
+                <li class="nav-item px-3">
+                    <NavLink class="btn btn-primary" href="@PageUrl("Add")" Match="NavLinkMatch.All">Add Page</NavLink>
+                </li>
+                <li class="nav-item px-3">
+                    <NavLink class="btn btn-primary" href="@PageUrl("Edit")" Match="NavLinkMatch.All">Edit Page</NavLink>
+                </li>
+                <li class="nav-item px-3">
+                    <NavLink class="btn btn-primary" href="@PageUrl("Delete")" Match="NavLinkMatch.All">Delete Page</NavLink>
+                </li>
+            </ul>
+            <hr style="width: 100%; color: white; height: 1px; background-color:white;" />
+            <div class="container">
+                <div class="form-group">
+                    <label for="Module" class="control-label" style="color: white !important;">Module: </label>
+                    @if (moduledefinitions != null)
+                    {
+                        <select class="form-control" @bind="@moduledefinitionname">
+                            <option value="">&lt;Select Module&gt;</option>
+                            @foreach (var moduledefinition in moduledefinitions)
+                            {
+                                <option value="@moduledefinition.ModuleDefinitionName">@moduledefinition.Name</option>
+                            }
+                        </select>
+                    }
+                </div>
+                <div class="form-group">
+                    <label for="Pane" class="control-label" style="color: white !important;">Pane: </label>
+                    <select class="form-control" @bind="@pane">
+                        <option value="">&lt;Select Pane&gt;</option>
+                        @foreach (string pane in PageState.Page.Panes.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries))
                         {
-                            <option value="@moduledefinition.ModuleDefinitionName">@moduledefinition.Name</option>
+                            <option value="@pane">@pane Pane</option>
                         }
                     </select>
-                }
+                </div>
+                <div class="form-group">
+                    <label for="Title" class="control-label" style="color: white !important;">Title: </label>
+                    <input type="text" name="Title" class="form-control" @bind="@title" />
+                </div>
+                <div class="form-group">
+                    <label for="Container" class="control-label" style="color: white !important;">Container: </label>
+                    <select class="form-control" @bind="@containertype">
+                        <option value="">&lt;Select Container&gt;</option>
+                        @foreach (KeyValuePair<string, string> container in containers)
+                        {
+                            <option value="@container.Key">@container.Value</option>
+                        }
+                    </select>
+                </div>
+                <button type="button" class="btn btn-primary" @onclick="@AddModule">Add Module To Page</button>
             </div>
-            <div class="form-group">
-                <label for="Pane" class="control-label" style="color: white !important;">Pane: </label>
-                <select class="form-control" @bind="@pane">
-                    <option value="">&lt;Select Pane&gt;</option>
-                    @foreach (string pane in PageState.Page.Panes.Split(';'))
-                    {
-                        <option value="@pane">@pane Pane</option>
-                    }
-                </select>
-            </div>
-            <div class="form-group">
-                <label for="Title" class="control-label" style="color: white !important;">Title: </label>
-                <input type="text" name="Title" class="form-control" @bind="@title" />
-            </div>
-            <div class="form-group">
-                <label for="Container" class="control-label" style="color: white !important;">Container: </label>
-                <select class="form-control" @bind="@containertype">
-                    <option value="">&lt;Select Container&gt;</option>
-                    @foreach (KeyValuePair<string, string> container in containers)
-                    {
-                        <option value="@container.Key">@container.Value</option>
-                    }
-                </select>
-            </div>
-            <button type="button" class="btn btn-primary" @onclick="@AddModule">Add Module To Page</button>
         </div>
     </div>
-</div>
-<span class="oi oi-menu" style="@display" onclick="openActions()"></span>
+
+    @if (PageState.EditMode)
+    {
+        <button type="button" class="btn btn-outline-primary active" data-toggle="button" aria-pressed="true" autocomplete="off" @onclick="EditMode">
+            <span class="oi oi-pencil"></span>
+        </button>
+
+    }
+    else
+    {
+        <button type="button" class="btn btn-outline-primary" data-toggle="button" aria-pressed="false" autocomplete="off" @onclick="EditMode">
+            <span class="oi oi-pencil"></span>
+        </button>
+    }
+    <span class="oi oi-menu" onclick="openActions()"></span>
+}
 
 @code {
-    string display = "display: none";
     List<ModuleDefinition> moduledefinitions;
     Dictionary<string, string> containers = new Dictionary<string, string>();
     int pagemanagementmoduleid = -1;
@@ -80,46 +98,50 @@
     string title = "";
     string containertype;
 
-    protected override async Task OnInitAsync()
+    protected override async Task OnInitializedAsync()
     {
-        moduledefinitions = PageState.ModuleDefinitions;
-        containers = ThemeService.GetContainerTypes(PageState.Themes);
-        List<Module> modules = await ModuleService.GetModulesAsync(PageState.Site.SiteId, Constants.PageManagementModule);
-        if (modules.Count > 0)
+        if (UserSecurity.IsAuthorized(PageState.User, "Edit", PageState.Page.Permissions))
         {
-            pagemanagementmoduleid = modules.FirstOrDefault().ModuleId;
-        }
-        if (UserService.IsAuthorized(PageState.User, PageState.Page.EditPermissions))
-        {
-            display = "display: inline";
+            moduledefinitions = PageState.ModuleDefinitions;
+            containers = ThemeService.GetContainerTypes(PageState.Themes);
+            List<Module> modules = await ModuleService.GetModulesAsync(PageState.Site.SiteId, Constants.PageManagementModule);
+            if (modules.Count > 0)
+            {
+                pagemanagementmoduleid = modules.FirstOrDefault().ModuleId;
+            }
         }
     }
 
     private async Task AddModule()
     {
-        Module module = new Module();
-        module.SiteId = PageState.Site.SiteId;
-        module.ModuleDefinitionName = moduledefinitionname;
-        module.ViewPermissions = PageState.Page.ViewPermissions;
-        module.EditPermissions = PageState.Page.EditPermissions;
-        await ModuleService.AddModuleAsync(module);
-
-        List<Module> modules = await ModuleService.GetModulesAsync(PageState.Site.SiteId, moduledefinitionname);
-        int ModuleId = modules.LastOrDefault().ModuleId;
-
-        PageModule pagemodule = new PageModule();
-        pagemodule.PageId = PageState.Page.PageId;
-        pagemodule.ModuleId = ModuleId;
-        if (title == "")
+        if (UserSecurity.IsAuthorized(PageState.User, "Edit", PageState.Page.Permissions))
         {
-            title = moduledefinitions.Where(item => item.ModuleDefinitionName == moduledefinitionname).FirstOrDefault().Name;
+            Module module = new Module();
+            module.SiteId = PageState.Site.SiteId;
+            module.ModuleDefinitionName = moduledefinitionname;
+            module.Permissions = PageState.Page.Permissions;
+            await ModuleService.AddModuleAsync(module);
+
+            List<Module> modules = await ModuleService.GetModulesAsync(PageState.Site.SiteId, moduledefinitionname);
+            int ModuleId = modules.LastOrDefault().ModuleId;
+
+            PageModule pagemodule = new PageModule();
+            pagemodule.PageId = PageState.Page.PageId;
+            pagemodule.ModuleId = ModuleId;
+            if (title == "")
+            {
+                title = moduledefinitions.Where(item => item.ModuleDefinitionName == moduledefinitionname).FirstOrDefault().Name;
+            }
+            pagemodule.Title = title;
+            pagemodule.Pane = pane;
+            pagemodule.Order = int.MaxValue;
+            pagemodule.ContainerType = containertype;
+            await PageModuleService.AddPageModuleAsync(pagemodule);
+            await PageModuleService.UpdatePageModuleOrderAsync(pagemodule.PageId, pagemodule.Pane);
+
+            PageState.Reload = Constants.ReloadPage;
+            UriHelper.NavigateTo(NavigateUrl());
         }
-        pagemodule.Title = title;
-        pagemodule.Pane = pane;
-        pagemodule.Order = 0;
-        pagemodule.ContainerType = containertype;
-        await PageModuleService.AddPageModuleAsync(pagemodule);
-        UriHelper.NavigateTo(NavigateUrl(true));
     }
 
     private string PageUrl(string action)
@@ -130,16 +152,35 @@
             switch (action)
             {
                 case "Add":
-                    url = "admin/pages?mid=" + pagemanagementmoduleid.ToString() + "&ctl=" + action;
+                    url = EditUrl("admin/pages", pagemanagementmoduleid, action, "");
                     break;
                 case "Edit":
-                    url = "admin/pages?mid=" + pagemanagementmoduleid.ToString() + "&ctl=" + action + "&id=" + PageState.Page.PageId.ToString();
+                    url = EditUrl("admin/pages", pagemanagementmoduleid, action, "id=" + PageState.Page.PageId.ToString());
                     break;
                 case "Delete":
-                    url = "admin/pages?mid=" + pagemanagementmoduleid.ToString() + "&ctl=" + action + "&id=" + PageState.Page.PageId.ToString();
+                    url = EditUrl("admin/pages", pagemanagementmoduleid, action, "id=" + PageState.Page.PageId.ToString());
                     break;
             }
         }
         return url;
     }
+
+    private void EditMode()
+    {
+        if (UserSecurity.IsAuthorized(PageState.User, "Edit", PageState.Page.Permissions))
+        {
+            if (PageState.EditMode)
+            {
+                PageState.EditMode = false;
+                PageState.DesignMode = false;
+            }
+            else
+            {
+                PageState.EditMode = true;
+                PageState.DesignMode = true;
+            }
+            PageState.Reload = Constants.ReloadPage;
+            UriHelper.NavigateTo(NavigateUrl(PageState.Page.Path, "edit=" + PageState.EditMode.ToString().ToLower()));
+        }
+    }
 }
\ No newline at end of file
diff --git a/Oqtane.Client/Themes/Controls/Login.razor b/Oqtane.Client/Themes/Controls/Login.razor
index cae8a035..93c59bb1 100644
--- a/Oqtane.Client/Themes/Controls/Login.razor
+++ b/Oqtane.Client/Themes/Controls/Login.razor
@@ -1,9 +1,9 @@
 @using Oqtane.Themes
-@using  Oqtane.Services
+@using Oqtane.Services
 @using Oqtane.Providers
 @using Oqtane.Shared
-@using Oqtane.Models
 @using Microsoft.JSInterop
+@namespace Oqtane.Themes.Controls
 @inherits ThemeObjectBase
 @inject IUriHelper UriHelper
 @inject IUserService UserService
@@ -26,7 +26,12 @@
 @code {
     private void LoginUser()
     {
-        UriHelper.NavigateTo(NavigateUrl("login?returnurl=" + PageState.Page.Path));
+        string returnurl = PageState.Alias.Path;
+        if (PageState.Page.Path != "/")
+        {
+            returnurl += "/" + PageState.Page.Path;
+        }
+        UriHelper.NavigateTo("login?returnurl=" + returnurl);
     }
 
     private async Task LogoutUser()
@@ -38,13 +43,16 @@
         {
             // server-side Blazor
             var interop = new Interop(jsRuntime);
-            await interop.SubmitForm("/logout/", "");
+            string antiforgerytoken = await interop.GetElementByName("__RequestVerificationToken");
+            var fields = new { __RequestVerificationToken = antiforgerytoken, returnurl = (PageState.Alias.Path + "/" + PageState.Page.Path) };
+            await interop.SubmitForm("/logout/", fields);
         }
         else
         {
             // client-side Blazor
             authstateprovider.NotifyAuthenticationChanged();
-            UriHelper.NavigateTo(NavigateUrl("login", true));
+            PageState.Reload = Constants.ReloadSite;
+            UriHelper.NavigateTo(NavigateUrl(PageState.Page.Path, "logout"));
         }
     }
 }
diff --git a/Oqtane.Client/Themes/Controls/Logo.razor b/Oqtane.Client/Themes/Controls/Logo.razor
index 3f77d859..ef4bee38 100644
--- a/Oqtane.Client/Themes/Controls/Logo.razor
+++ b/Oqtane.Client/Themes/Controls/Logo.razor
@@ -1,4 +1,5 @@
 @using Oqtane.Themes
+@namespace Oqtane.Themes.Controls
 @inherits ThemeObjectBase
 
 @((MarkupString)logo)
@@ -6,11 +7,12 @@
 @code {
     string logo = "";
 
-    protected override void OnInit()
+    protected override Task OnParametersSetAsync()
     {
         if (PageState.Site.Logo != "")
         {
-            logo = "<a href=\"" + PageState.Alias.Url + "\"><img src=\"/Sites/" + PageState.Site.SiteId.ToString() + "/" + PageState.Site.Logo + "\" alt=\"" + PageState.Site.Name + "\"/></a>";
+            logo = "<a href=\"" + PageState.Alias.Url + "\"><img src=\"" + PageState.Alias.SiteRootUrl + PageState.Site.Logo + "\" alt=\"" + PageState.Site.Name + "\"/></a>";
         }
+        return Task.CompletedTask;
     }
 }
\ No newline at end of file
diff --git a/Oqtane.Client/Themes/Controls/Menu.razor b/Oqtane.Client/Themes/Controls/Menu.razor
index 4a5536dd..d9528094 100644
--- a/Oqtane.Client/Themes/Controls/Menu.razor
+++ b/Oqtane.Client/Themes/Controls/Menu.razor
@@ -2,6 +2,8 @@
 @using Oqtane.Themes
 @using Oqtane.Services
 @using Oqtane.Models;
+@using Oqtane.Security
+@namespace Oqtane.Themes.Controls
 @inherits ThemeObjectBase
 @inject IPageService PageService
 @inject IUserService UserService
@@ -18,11 +20,11 @@
     }
     @foreach (var p in pages)
     {
-        if (p.IsNavigation && UserService.IsAuthorized(PageState.User, p.ViewPermissions))
+        if (p.IsNavigation && UserSecurity.IsAuthorized(PageState.User, "View", p.Permissions))
         {
             string url = NavigateUrl(p.Path);
             <li class="nav-item px-3">
-                <NavLink class="nav-link" href="@url" Match="NavLinkMatch.All">
+                <NavLink @key="@p.PageId" class="nav-link" href="@url" Match="NavLinkMatch.All">
                     <span class="oi @p.Icon" aria-hidden="true"></span> @p.Name
                 </NavLink>
             </li>
@@ -34,13 +36,13 @@
     List<Page> pages;
     Page parent = null;
 
-    protected override void OnInit()
+    protected override Task OnParametersSetAsync()
     {
         // if current page has no children
         if (PageState.Pages.Where(item => item.ParentId == PageState.Page.PageId).FirstOrDefault() == null)
         {
             // display list of pages which have same parent as current page
-            pages = PageState.Pages.Where(item => item.ParentId == PageState.Page.ParentId).ToList();
+            pages = PageState.Pages.Where(item => item.ParentId == PageState.Page.ParentId).OrderBy(item => item.Order).ToList();
             // if current page has parent
             if (PageState.Page.ParentId != null)
             {
@@ -50,9 +52,10 @@
         else
         {
             // display list of pages which are children of current page
-            pages = PageState.Pages.Where(item => item.ParentId == PageState.Page.PageId).ToList();
+            pages = PageState.Pages.Where(item => item.ParentId == PageState.Page.PageId).OrderBy(item => item.Order).ToList();
             // current page is parent
             parent = PageState.Pages.Where(item => item.ParentId == PageState.Page.ParentId).FirstOrDefault();
         }
+        return Task.CompletedTask;
     }
 }
diff --git a/Oqtane.Client/Themes/Controls/Menu2.razor b/Oqtane.Client/Themes/Controls/Menu2.razor
new file mode 100644
index 00000000..111bdd22
--- /dev/null
+++ b/Oqtane.Client/Themes/Controls/Menu2.razor
@@ -0,0 +1,68 @@
+@using Microsoft.AspNetCore.Components.Routing
+@using Oqtane.Themes
+@using Oqtane.Services
+@using Oqtane.Models;
+@using Oqtane.Security
+@namespace Oqtane.Themes.Controls
+@inherits ThemeObjectBase
+@inject IUserService UserService
+
+@if (menu != "")
+{
+    @((MarkupString)menu)
+}
+
+@code {
+    string menu = "";
+
+    protected override void OnInitialized()
+    {
+        int level = -1;
+        int securitylevel = int.MaxValue;
+
+        menu = "<ul class=\"nav flex-column\">\n";
+        foreach (Page p in PageState.Pages.Where(item => item.IsNavigation))
+        {
+            for (int l = p.Level; l < level; l++)
+            {
+                menu += "</ul>\n";
+                menu += "</div>\n";
+            }
+            if (UserSecurity.IsAuthorized(PageState.User, "View", p.Permissions) && p.Level <= securitylevel)
+            {
+                securitylevel = int.MaxValue;
+                if (p.HasChildren)
+                {
+                    menu += "<li class=\"nav-item px-3\">\n";
+                    menu += "<a class=\"nav-link collapsed\" href=\"#submenu" + p.PageId.ToString() + "\" data-toggle=\"collapse\" data-target=\"#submenu" + p.PageId.ToString() + "\">";
+                    menu += "<span class=\"oi " + p.Icon + "\" aria-hidden=\"true\"></span>" + p.Name;
+                    menu += "</a>\n";
+                    menu += "<div class=\"collapse\" id=\"submenu" + p.PageId.ToString() + "\" aria-expanded=\"false\">\n";
+                    menu += "<ul class=\"nav flex-column\">\n";
+                }
+                else
+                {
+                    menu += "<li class=\"nav-item px-3\">\n";
+                    menu += "<a class=\"nav-link\" href=\"" + NavigateUrl(p.Path) + "\">";
+                    menu += "<span class=\"oi " + p.Icon + "\" aria-hidden=\"true\"></span>" + p.Name;
+                    menu += "</a>\n";
+                    menu += "</li>\n";
+                }
+                level = p.Level;
+            }
+            else
+            {
+                if (securitylevel == int.MaxValue)
+                {
+                    securitylevel = p.Level;
+                }
+            }
+        }
+        for (int l = 0; l < level; l++)
+        {
+            menu += "</ul>\n";
+            menu += "</div>\n";
+        }
+        menu += "</ul>";
+    }
+}
diff --git a/Oqtane.Client/Themes/Controls/ModuleActions.razor b/Oqtane.Client/Themes/Controls/ModuleActions.razor
index 3f814787..a83f6ddd 100644
--- a/Oqtane.Client/Themes/Controls/ModuleActions.razor
+++ b/Oqtane.Client/Themes/Controls/ModuleActions.razor
@@ -1,87 +1,111 @@
 @using Oqtane.Themes
 @using Oqtane.Services
 @using Oqtane.Models
+@using Oqtane.Shared
+@using Oqtane.Security
+@namespace Oqtane.Themes.Controls
 @inherits ContainerBase
 @inject IUriHelper UriHelper
 @inject IUserService UserService
 @inject IPageModuleService PageModuleService
 
-<div class="dropdown" style="@display">
-    <button class="btn dropdown-toggle" type="button" id="dropdownMenuButton" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"></button>
-    <div class="dropdown-menu" aria-labelledby="dropdownMenuButton">
-        @foreach (var action in actions)
-        {
-            <a class="dropdown-item" @onclick="@(async () => await ModuleAction(action.Action))">@action.Name</a>
-        }
+@if (PageState.DesignMode && UserSecurity.IsAuthorized(PageState.User, "Edit", ModuleState.Permissions))
+{
+    <div class="dropdown">
+        <button type="button" class="btn dropdown-toggle" id="dropdownMenuButton" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"></button>
+        <div class="dropdown-menu" aria-labelledby="dropdownMenuButton">
+            @foreach (var action in actions)
+            {
+                <a class="dropdown-item" @onclick="@(async () => await ModuleAction(action.Action))">@action.Name</a>
+            }
+        </div>
     </div>
-</div>
+}
 
 @code {
-    string display = "display: none";
     List<ActionViewModel> actions;
 
-    protected override void OnInit()
+    protected override void OnParametersSet()
     {
-        actions = new List<ActionViewModel>();
-        if (ModuleState.PaneModuleIndex > 0)
+        if (PageState.EditMode && UserSecurity.IsAuthorized(PageState.User, "Edit", ModuleState.Permissions))
         {
-            actions.Add(new ActionViewModel { Action = "up", Name = "Move Up" });
-        }
-        if (ModuleState.PaneModuleIndex < (ModuleState.PaneModuleCount - 1))
-        {
-            actions.Add(new ActionViewModel { Action = "down", Name = "Move Down" });
-        }
-        foreach (string pane in PageState.Page.Panes.Split(';'))
-        {
-            if (pane != ModuleState.Pane)
+            actions = new List<ActionViewModel>();
+            if (ModuleState.PaneModuleIndex > 0)
             {
-                actions.Add(new ActionViewModel { Action = pane, Name = "Move To " + pane + " Pane" });
+                actions.Add(new ActionViewModel { Action = "<<", Name = "Move To Top" });
             }
-        }
-        actions.Add(new ActionViewModel { Action = "settings", Name = "Settings" });
-        actions.Add(new ActionViewModel { Action = "delete", Name = "Delete" });
-
-        if (UserService.IsAuthorized(PageState.User, ModuleState.EditPermissions))
-        {
-            display = "display: inline";
+            if (ModuleState.PaneModuleIndex > 0)
+            {
+                actions.Add(new ActionViewModel { Action = "<", Name = "Move Up" });
+            }
+            if (ModuleState.PaneModuleIndex < (ModuleState.PaneModuleCount - 1))
+            {
+                actions.Add(new ActionViewModel { Action = ">", Name = "Move Down" });
+            }
+            if (ModuleState.PaneModuleIndex < (ModuleState.PaneModuleCount - 1))
+            {
+                actions.Add(new ActionViewModel { Action = ">>", Name = "Move To Bottom" });
+            }
+            foreach (string pane in PageState.Page.Panes.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries))
+            {
+                if (pane != ModuleState.Pane)
+                {
+                    actions.Add(new ActionViewModel { Action = pane, Name = "Move To " + pane + " Pane" });
+                }
+            }
+            actions.Add(new ActionViewModel { Action = "settings", Name = "Settings" });
+            actions.Add(new ActionViewModel { Action = "delete", Name = "Delete" });
         }
     }
 
     protected async Task ModuleAction(string action)
     {
-        PageModule pagemodule = new PageModule();
-        pagemodule.PageModuleId = ModuleState.PageModuleId;
-        pagemodule.PageId = ModuleState.PageId;
-        pagemodule.ModuleId = ModuleState.ModuleId;
-        pagemodule.Title = ModuleState.Title;
-        pagemodule.Pane = ModuleState.Pane;
-        pagemodule.Order = ModuleState.Order;
-        pagemodule.ContainerType = ModuleState.ContainerType;
-
-        string path = PageState.Page.Path + "?reload=true";
-        switch (action)
+        if (PageState.EditMode && UserSecurity.IsAuthorized(PageState.User, "Edit", ModuleState.Permissions))
         {
-            case "up":
-                pagemodule.Order += -1;
-                await PageModuleService.UpdatePageModuleAsync(pagemodule);
-                break;
-            case "down":
-                pagemodule.Order += 1;
-                await PageModuleService.UpdatePageModuleAsync(pagemodule);
-                break;
-            case "settings":
-                if (path == "") { path += "/"; }
-                path = PageState.Page.Path + "?mid=" + pagemodule.ModuleId.ToString() + "&ctl=Settings";
-                break;
-            case "delete":
-                await PageModuleService.DeletePageModuleAsync(pagemodule.PageModuleId);
-                break;
-            default: // move to pane
-                pagemodule.Pane = action;
-                await PageModuleService.UpdatePageModuleAsync(pagemodule);
-                break;
+            PageModule pagemodule = await PageModuleService.GetPageModuleAsync(ModuleState.PageModuleId);
+
+            string url = NavigateUrl();
+            switch (action)
+            {
+                case "<<":
+                    pagemodule.Order = 0;
+                    await PageModuleService.UpdatePageModuleAsync(pagemodule);
+                    await PageModuleService.UpdatePageModuleOrderAsync(pagemodule.PageId, pagemodule.Pane);
+                    break;
+                case "<":
+                    pagemodule.Order -= 3;
+                    await PageModuleService.UpdatePageModuleAsync(pagemodule);
+                    await PageModuleService.UpdatePageModuleOrderAsync(pagemodule.PageId, pagemodule.Pane);
+                    break;
+                case ">":
+                    pagemodule.Order += 3;
+                    await PageModuleService.UpdatePageModuleAsync(pagemodule);
+                    await PageModuleService.UpdatePageModuleOrderAsync(pagemodule.PageId, pagemodule.Pane);
+                    break;
+                case ">>":
+                    pagemodule.Order = int.MaxValue;
+                    await PageModuleService.UpdatePageModuleAsync(pagemodule);
+                    await PageModuleService.UpdatePageModuleOrderAsync(pagemodule.PageId, pagemodule.Pane);
+                    break;
+                case "settings":
+                    url = EditUrl(pagemodule.ModuleId, "Settings");
+                    break;
+                case "delete":
+                    await PageModuleService.DeletePageModuleAsync(pagemodule.PageModuleId);
+                    await PageModuleService.UpdatePageModuleOrderAsync(pagemodule.PageId, pagemodule.Pane);
+                    break;
+                default: // move to pane
+                    string pane = pagemodule.Pane;
+                    pagemodule.Pane = action;
+                    pagemodule.Order = int.MaxValue; // add to bottom of pane
+                    await PageModuleService.UpdatePageModuleAsync(pagemodule);
+                    await PageModuleService.UpdatePageModuleOrderAsync(pagemodule.PageId, pagemodule.Pane);
+                    await PageModuleService.UpdatePageModuleOrderAsync(pagemodule.PageId, pane);
+                    break;
+            }
+            PageState.Reload = Constants.ReloadPage;
+            UriHelper.NavigateTo(url);
         }
-        UriHelper.NavigateTo(NavigateUrl(path));
     }
 
     public class ActionViewModel
diff --git a/Oqtane.Client/Themes/Controls/ModuleTitle.razor b/Oqtane.Client/Themes/Controls/ModuleTitle.razor
index 886ae21b..fc26b33f 100644
--- a/Oqtane.Client/Themes/Controls/ModuleTitle.razor
+++ b/Oqtane.Client/Themes/Controls/ModuleTitle.razor
@@ -1,4 +1,5 @@
 @using Oqtane.Themes
+@namespace Oqtane.Themes.Controls
 @inherits ContainerBase
 
 @title
@@ -6,12 +7,13 @@
 @code {
     string title = "";
 
-    protected override void OnInit()
+    protected override Task OnParametersSetAsync()
     {
         title = ModuleState.Title;
         if (PageState.Control == "Settings")
         {
             title = PageState.Control;
         }
+        return Task.CompletedTask;
     }
 }
diff --git a/Oqtane.Client/Themes/Controls/Profile.razor b/Oqtane.Client/Themes/Controls/Profile.razor
index 0ff591a3..c9667a01 100644
--- a/Oqtane.Client/Themes/Controls/Profile.razor
+++ b/Oqtane.Client/Themes/Controls/Profile.razor
@@ -1,4 +1,5 @@
 @using Oqtane.Themes
+@namespace Oqtane.Themes.Controls
 @inherits ThemeObjectBase
 @inject IUriHelper UriHelper
 
@@ -7,7 +8,7 @@
         <text>...</text>
     </Authorizing>
     <Authorized>
-        <button type="button" class="btn btn-primary" @onclick="@RegisterUser">@context.User.Identity.Name</button>
+        <button type="button" class="btn btn-primary" @onclick="@UpdateProfile">@context.User.Identity.Name</button>
     </Authorized>
     <NotAuthorized>
         <button type="button" class="btn btn-primary" @onclick="@RegisterUser">Register</button>
@@ -21,6 +22,11 @@
     {
         UriHelper.NavigateTo(NavigateUrl("register"));
     }
+
+    private void UpdateProfile()
+    {
+        UriHelper.NavigateTo(NavigateUrl("profile"));
+    }
 }
 
 
diff --git a/Oqtane.Client/Themes/DefaultContainer.razor b/Oqtane.Client/Themes/DefaultContainer.razor
index b407e2d5..29b2e8c3 100644
--- a/Oqtane.Client/Themes/DefaultContainer.razor
+++ b/Oqtane.Client/Themes/DefaultContainer.razor
@@ -1,6 +1,6 @@
-@using Oqtane.Themes
-@using Oqtane.Client.Themes.Controls
-@using Oqtane.Client.Shared
+@using Oqtane.Themes.Controls
+@using Oqtane.Shared
+@namespace Oqtane.Themes
 @inherits ContainerBase
 <div class="container">
     <div class="row px-4">
diff --git a/Oqtane.Client/Themes/ITheme.cs b/Oqtane.Client/Themes/ITheme.cs
index 4a8ab2ab..134ec3a2 100644
--- a/Oqtane.Client/Themes/ITheme.cs
+++ b/Oqtane.Client/Themes/ITheme.cs
@@ -1,15 +1,10 @@
 using System;
+using System.Collections.Generic;
 
 namespace Oqtane.Themes
 {
     public interface ITheme
     {
-        string Name { get; }
-        string Version { get; }
-        string Owner { get; }
-        string Url { get; }
-        string Contact { get; }
-        string License { get; }
-        string Dependencies { get; }
+        Dictionary<string, string> Properties { get; }
     }
 }
diff --git a/Oqtane.Client/Themes/Theme1/Container1.razor b/Oqtane.Client/Themes/Theme1/Container1.razor
index c8cbfa1d..cfd1b006 100644
--- a/Oqtane.Client/Themes/Theme1/Container1.razor
+++ b/Oqtane.Client/Themes/Theme1/Container1.razor
@@ -1,6 +1,7 @@
 @using Oqtane.Themes
-@using Oqtane.Client.Themes.Controls
-@using Oqtane.Client.Shared
+@using Oqtane.Themes.Controls
+@using Oqtane.Shared
+@namespace Oqtane.Themes.Theme1
 @inherits ContainerBase
 <div class="container">
     <div class="row px-4">
diff --git a/Oqtane.Client/Themes/Theme1/Theme.cs b/Oqtane.Client/Themes/Theme1/Theme.cs
index 715f75e5..3c1db0ca 100644
--- a/Oqtane.Client/Themes/Theme1/Theme.cs
+++ b/Oqtane.Client/Themes/Theme1/Theme.cs
@@ -1,13 +1,20 @@
-namespace Oqtane.Themes.Theme1
+using System.Collections.Generic;
+
+namespace Oqtane.Themes.Theme1
 {
     public class Theme : ITheme
     {
-        public string Name { get { return "Theme1"; } }
-        public string Version { get { return "1.0.0"; } }
-        public string Owner { get { return ""; } }
-        public string Url { get { return ""; } }
-        public string Contact { get { return ""; } }
-        public string License { get { return ""; } }
-        public string Dependencies { get { return ""; } }
+        public Dictionary<string, string> Properties
+        {
+            get
+            {
+                Dictionary<string, string> properties = new Dictionary<string, string>
+                {
+                    { "Name", "Theme1" },
+                    { "Version", "1.0.0" }
+                };
+                return properties;
+            }
+        }
     }
 }
diff --git a/Oqtane.Client/Themes/Theme1/Theme1.razor b/Oqtane.Client/Themes/Theme1/Theme1.razor
index 8de6feaf..7b27e713 100644
--- a/Oqtane.Client/Themes/Theme1/Theme1.razor
+++ b/Oqtane.Client/Themes/Theme1/Theme1.razor
@@ -1,6 +1,7 @@
 @using Oqtane.Themes
-@using Oqtane.Client.Themes.Controls
-@using Oqtane.Client.Shared
+@using Oqtane.Themes.Controls
+@using Oqtane.Shared
+@namespace Oqtane.Themes.Theme1
 @inherits ThemeBase
 
 <div class="sidebar">
diff --git a/Oqtane.Client/Themes/Theme2/Container2.razor b/Oqtane.Client/Themes/Theme2/Container2.razor
index 55d18353..da1280f8 100644
--- a/Oqtane.Client/Themes/Theme2/Container2.razor
+++ b/Oqtane.Client/Themes/Theme2/Container2.razor
@@ -1,6 +1,7 @@
 @using Oqtane.Themes
-@using Oqtane.Client.Themes.Controls
-@using Oqtane.Client.Shared
+@using Oqtane.Themes.Controls
+@using Oqtane.Shared
+@namespace Oqtane.Themes.Theme2
 @inherits ContainerBase
 <div class="container">
     <div class="row px-4">
diff --git a/Oqtane.Client/Themes/Theme2/Theme.cs b/Oqtane.Client/Themes/Theme2/Theme.cs
index 8107c75d..377bb1ad 100644
--- a/Oqtane.Client/Themes/Theme2/Theme.cs
+++ b/Oqtane.Client/Themes/Theme2/Theme.cs
@@ -1,13 +1,20 @@
-namespace Oqtane.Themes.Theme2
+using System.Collections.Generic;
+
+namespace Oqtane.Themes.Theme2
 {
     public class Theme : ITheme
     {
-        public string Name { get { return "Theme2"; } }
-        public string Version { get { return "1.0.0"; } }
-        public string Owner { get { return ""; } }
-        public string Url { get { return ""; } }
-        public string Contact { get { return ""; } }
-        public string License { get { return ""; } }
-        public string Dependencies { get { return ""; } }
+        public Dictionary<string, string> Properties
+        {
+            get
+            {
+                Dictionary<string, string> properties = new Dictionary<string, string>
+                {
+                    { "Name", "Theme2" },
+                    { "Version", "1.0.0" }
+                };
+                return properties;
+            }
+        }
     }
 }
diff --git a/Oqtane.Client/Themes/Theme2/Theme2.razor b/Oqtane.Client/Themes/Theme2/Theme2.razor
index 7415e777..b450b927 100644
--- a/Oqtane.Client/Themes/Theme2/Theme2.razor
+++ b/Oqtane.Client/Themes/Theme2/Theme2.razor
@@ -1,6 +1,7 @@
 @using Oqtane.Themes
-@using Oqtane.Client.Themes.Controls
-@using Oqtane.Client.Shared
+@using Oqtane.Themes.Controls
+@using Oqtane.Shared
+@namespace Oqtane.Themes.Theme2
 @inherits ThemeBase
 
 <div class="sidebar">
diff --git a/Oqtane.Client/Themes/Theme3/HorizontalLayout.razor b/Oqtane.Client/Themes/Theme3/HorizontalLayout.razor
index bf6b4eda..bf00b8c2 100644
--- a/Oqtane.Client/Themes/Theme3/HorizontalLayout.razor
+++ b/Oqtane.Client/Themes/Theme3/HorizontalLayout.razor
@@ -1,5 +1,6 @@
 @using Oqtane.Themes
-@using Oqtane.Client.Shared
+@using Oqtane.Shared
+@namespace Oqtane.Themes.Theme3
 @inherits ThemeBase
 
 <div class="row px-4">
diff --git a/Oqtane.Client/Themes/Theme3/Theme.cs b/Oqtane.Client/Themes/Theme3/Theme.cs
index 7edfd0d5..53def728 100644
--- a/Oqtane.Client/Themes/Theme3/Theme.cs
+++ b/Oqtane.Client/Themes/Theme3/Theme.cs
@@ -1,13 +1,20 @@
-namespace Oqtane.Themes.Theme3
+using System.Collections.Generic;
+
+namespace Oqtane.Themes.Theme3
 {
     public class Theme : ITheme
     {
-        public string Name { get { return "Theme3"; } }
-        public string Version { get { return "1.0.0"; } }
-        public string Owner { get { return ""; } }
-        public string Url { get { return ""; } }
-        public string Contact { get { return ""; } }
-        public string License { get { return ""; } }
-        public string Dependencies { get { return ""; } }
+        public Dictionary<string, string> Properties
+        {
+            get
+            {
+                Dictionary<string, string> properties = new Dictionary<string, string>
+                {
+                    { "Name", "Theme3" },
+                    { "Version", "1.0.0" }
+                };
+                return properties;
+            }
+        }
     }
 }
diff --git a/Oqtane.Client/Themes/Theme3/Theme3.razor b/Oqtane.Client/Themes/Theme3/Theme3.razor
index a8f5c934..f10abf4e 100644
--- a/Oqtane.Client/Themes/Theme3/Theme3.razor
+++ b/Oqtane.Client/Themes/Theme3/Theme3.razor
@@ -1,6 +1,7 @@
 @using Oqtane.Themes
-@using Oqtane.Client.Themes.Controls
-@using Oqtane.Client.Shared
+@using Oqtane.Themes.Controls
+@using Oqtane.Shared
+@namespace Oqtane.Themes.Theme3
 @inherits ThemeBase
 
 <div class="sidebar">
diff --git a/Oqtane.Client/Themes/Theme3/VerticalLayout.razor b/Oqtane.Client/Themes/Theme3/VerticalLayout.razor
index c09852c8..a17afc3f 100644
--- a/Oqtane.Client/Themes/Theme3/VerticalLayout.razor
+++ b/Oqtane.Client/Themes/Theme3/VerticalLayout.razor
@@ -1,5 +1,6 @@
 @using Oqtane.Themes
-@using Oqtane.Client.Shared
+@using Oqtane.Shared
+@namespace Oqtane.Themes.Theme3
 @inherits ThemeBase
 
 <div class="row px-4">
diff --git a/Oqtane.Client/Themes/ThemeBase.cs b/Oqtane.Client/Themes/ThemeBase.cs
index d9190f0e..2ad2956c 100644
--- a/Oqtane.Client/Themes/ThemeBase.cs
+++ b/Oqtane.Client/Themes/ThemeBase.cs
@@ -12,22 +12,17 @@ namespace Oqtane.Themes
 
         public string NavigateUrl()
         {
-            return Utilities.NavigateUrl(PageState);
-        }
-
-        public string NavigateUrl(bool reload)
-        {
-            return Utilities.NavigateUrl(PageState, reload);
+            return NavigateUrl(PageState.Page.Path);
         }
 
         public string NavigateUrl(string path)
         {
-            return Utilities.NavigateUrl(PageState, path);
+            return NavigateUrl(path, "");
         }
 
-        public string NavigateUrl(string path, bool reload)
+        public string NavigateUrl(string path, string parameters)
         {
-            return Utilities.NavigateUrl(PageState, path, reload);
+            return Utilities.NavigateUrl(PageState.Alias.Path, path, parameters);
         }
 
     }
diff --git a/Oqtane.Client/Themes/ThemeObjectBase.cs b/Oqtane.Client/Themes/ThemeObjectBase.cs
index 61402bc6..efa59f63 100644
--- a/Oqtane.Client/Themes/ThemeObjectBase.cs
+++ b/Oqtane.Client/Themes/ThemeObjectBase.cs
@@ -10,22 +10,32 @@ namespace Oqtane.Themes
 
         public string NavigateUrl()
         {
-            return Utilities.NavigateUrl(PageState);
-        }
-
-        public string NavigateUrl(bool reload)
-        {
-            return Utilities.NavigateUrl(PageState, reload);
+            return NavigateUrl(PageState.Page.Path);
         }
 
         public string NavigateUrl(string path)
         {
-            return Utilities.NavigateUrl(PageState, path);
+            return NavigateUrl(path, "");
         }
 
-        public string NavigateUrl(string path, bool reload)
+        public string NavigateUrl(string path, string parameters)
         {
-            return Utilities.NavigateUrl(PageState, path, reload);
+            return Utilities.NavigateUrl(PageState.Alias.Path, path, parameters);
+        }
+
+        public string EditUrl(int moduleid, string action)
+        {
+            return EditUrl(moduleid, action, "");
+        }
+
+        public string EditUrl(int moduleid, string action, string parameters)
+        {
+            return EditUrl(PageState.Page.Path, moduleid, action, parameters);
+        }
+
+        public string EditUrl(string path, int moduleid, string action, string parameters)
+        {
+            return Utilities.EditUrl(PageState.Alias.Path, path, moduleid, action, parameters);
         }
     }
 }
diff --git a/Oqtane.Client/wwwroot/images/checked.png b/Oqtane.Client/wwwroot/images/checked.png
new file mode 100644
index 00000000..a4100c70
Binary files /dev/null and b/Oqtane.Client/wwwroot/images/checked.png differ
diff --git a/Oqtane.Client/wwwroot/images/null.png b/Oqtane.Client/wwwroot/images/null.png
new file mode 100644
index 00000000..d0f50939
Binary files /dev/null and b/Oqtane.Client/wwwroot/images/null.png differ
diff --git a/Oqtane.Client/wwwroot/images/unchecked.png b/Oqtane.Client/wwwroot/images/unchecked.png
new file mode 100644
index 00000000..566e60a8
Binary files /dev/null and b/Oqtane.Client/wwwroot/images/unchecked.png differ
diff --git a/Oqtane.Client/wwwroot/js/interop.js b/Oqtane.Client/wwwroot/js/interop.js
index db61ecbe..7b23a474 100644
--- a/Oqtane.Client/wwwroot/js/interop.js
+++ b/Oqtane.Client/wwwroot/js/interop.js
@@ -55,5 +55,61 @@ window.interop = {
 
         document.body.appendChild(form);
         form.submit();
+    },
+    uploadFiles: function (posturl, folder, name) {
+        var files = document.getElementById(name + 'FileInput').files;
+        var progressinfo = document.getElementById(name + 'ProgressInfo');
+        var progressbar = document.getElementById(name + 'ProgressBar');
+        var filename = '';
+
+        for (var i = 0; i < files.length; i++) {
+            var FileChunk = [];
+            var file = files[i];
+            var MaxFileSizeMB = 1;
+            var BufferChunkSize = MaxFileSizeMB * (1024 * 1024);
+            var FileStreamPos = 0;
+            var EndPos = BufferChunkSize;
+            var Size = file.size;
+
+            progressbar.setAttribute("style", "visibility: visible;");
+
+            if (files.length > 1) {
+                filename = file.name;
+            }
+
+            while (FileStreamPos < Size) {
+                FileChunk.push(file.slice(FileStreamPos, EndPos));
+                FileStreamPos = EndPos;
+                EndPos = FileStreamPos + BufferChunkSize;
+            }
+
+            var TotalParts = FileChunk.length;
+            var PartCount = 0;
+
+            while (Chunk = FileChunk.shift()) {
+                PartCount++;
+                var FileName = file.name + ".part_" + PartCount + "_" + TotalParts;
+
+                var data = new FormData();
+                data.append('folder', folder);
+                data.append('file', Chunk, FileName);
+                var request = new XMLHttpRequest();
+                request.open('POST', posturl, true);
+                request.upload.onloadstart = function (e) {
+                    progressbar.value = 0;
+                    progressinfo.innerHTML = filename + ' 0%';
+                };
+                request.upload.onprogress = function (e) {
+                    var percent = Math.ceil((e.loaded / e.total) * 100);
+                    progressbar.value = (percent / 100);
+                    progressinfo.innerHTML = filename + '[' + PartCount + '] ' + percent + '%';
+                };
+                request.upload.onloadend = function (e) {
+                    progressbar.value = 1;
+                    progressinfo.innerHTML = filename + ' 100%';
+                };
+                request.send(data);
+            }
+        }
     }
 };
diff --git a/Oqtane.Server/Controllers/AliasController.cs b/Oqtane.Server/Controllers/AliasController.cs
index 772bb974..b559c41e 100644
--- a/Oqtane.Server/Controllers/AliasController.cs
+++ b/Oqtane.Server/Controllers/AliasController.cs
@@ -1,55 +1,66 @@
 using System.Collections.Generic;
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Authorization;
 using Oqtane.Repository;
 using Oqtane.Models;
+using Oqtane.Shared;
 
 namespace Oqtane.Controllers
 {
     [Route("{site}/api/[controller]")]
     public class AliasController : Controller
     {
-        private readonly IAliasRepository aliases;
+        private readonly IAliasRepository Aliases;
 
         public AliasController(IAliasRepository Aliases)
         {
-            aliases = Aliases;
+            this.Aliases = Aliases;
         }
 
         // GET: api/<controller>
         [HttpGet]
         public IEnumerable<Alias> Get()
         {
-            return aliases.GetAliases();
+            return Aliases.GetAliases();
         }
 
         // GET api/<controller>/5
         [HttpGet("{id}")]
         public Alias Get(int id)
         {
-            return aliases.GetAlias(id);
+            return Aliases.GetAlias(id);
         }
 
         // POST api/<controller>
         [HttpPost]
-        public void Post([FromBody] Alias alias)
+        [Authorize(Roles = Constants.AdminRole)]
+        public Alias Post([FromBody] Alias Alias)
         {
             if (ModelState.IsValid)
-                aliases.AddAlias(alias);
+            {
+                Alias = Aliases.AddAlias(Alias);
+            }
+            return Alias;
         }
 
         // PUT api/<controller>/5
         [HttpPut("{id}")]
-        public void Put(int id, [FromBody] Alias alias)
+        [Authorize(Roles = Constants.AdminRole)]
+        public Alias Put(int id, [FromBody] Alias Alias)
         {
             if (ModelState.IsValid)
-                aliases.UpdateAlias(alias);
+            {
+                Alias = Aliases.UpdateAlias(Alias);
+            }
+            return Alias;
         }
 
         // DELETE api/<controller>/5
         [HttpDelete("{id}")]
+        [Authorize(Roles = Constants.AdminRole)]
         public void Delete(int id)
         {
-            aliases.DeleteAlias(id);
+            Aliases.DeleteAlias(id);
         }
     }
 }
diff --git a/Oqtane.Server/Controllers/FileController.cs b/Oqtane.Server/Controllers/FileController.cs
new file mode 100644
index 00000000..430b1cbf
--- /dev/null
+++ b/Oqtane.Server/Controllers/FileController.cs
@@ -0,0 +1,98 @@
+using Microsoft.AspNetCore.Hosting;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+using System;
+using System.IO;
+using System.Threading.Tasks;
+
+namespace Oqtane.Controllers
+{
+    [Route("{site}/api/[controller]")]
+    public class FileController : Controller
+    {
+        private readonly IWebHostEnvironment environment;
+        
+        public FileController(IWebHostEnvironment environment)
+        {
+            this.environment = environment;
+        }
+
+        // GET api/<controller>/current
+        [HttpPost("upload")]
+        public async Task UploadFile(string folder, IFormFile file)
+        {
+            if (file.Length > 0)
+            {
+                if (!folder.Contains(":\\"))
+                {
+                    folder = folder.Replace("/", "\\");
+                    if (folder.StartsWith("\\")) folder = folder.Substring(1);
+                    folder = Path.Combine(environment.WebRootPath, folder);
+                }
+                if (!Directory.Exists(folder))
+                {
+                    Directory.CreateDirectory(folder);
+                }
+                using (var stream = new FileStream(Path.Combine(folder, file.FileName), FileMode.Create))
+                {
+                    await file.CopyToAsync(stream);
+                }
+                await MergeFile(folder, file.FileName);
+            }
+        }
+
+        private async Task MergeFile(string folder, string filename)
+        {
+            // parse the filename which is in the format of filename.ext.part_x_y 
+            string token = ".part_";
+            string parts = Path.GetExtension(filename).Replace(token, ""); // returns "x_y"
+            int totalparts = int.Parse(parts.Substring(parts.IndexOf("_") + 1));
+            filename = filename.Substring(0, filename.IndexOf(token)); // base filename
+            string[] fileparts = Directory.GetFiles(folder, filename + token + "*"); // list of all file parts
+
+            // if all of the file parts exist ( note that file parts can arrive out of order )
+            if (fileparts.Length == totalparts)
+            {
+                // merge file parts
+                bool success = true;
+                using (var stream = new FileStream(Path.Combine(folder, filename), FileMode.Create))
+                {
+                    foreach (string filepart in fileparts)
+                    {
+                        try
+                        {
+                            using (FileStream chunk = new FileStream(filepart, FileMode.Open))
+                            {
+                                await chunk.CopyToAsync(stream);
+                            }
+                        }
+                        catch 
+                        {
+                            success = false;
+                        }
+                    }
+                }
+
+                // delete file parts
+                if (success)
+                {
+                    foreach (string filepart in fileparts)
+                    {
+                        System.IO.File.Delete(filepart);
+                    }
+                }
+            }
+
+            // clean up file parts which are more than 2 hours old ( which can happen if a file upload failed )
+            fileparts = Directory.GetFiles(folder, "*" + token + "*");
+            foreach (string filepart in fileparts)
+            {
+                DateTime createddate = System.IO.File.GetCreationTime(filepart);
+                if (createddate < DateTime.Now.AddHours(-2))
+                {
+                    System.IO.File.Delete(filepart);
+                }
+            }
+        }
+    }
+}
diff --git a/Oqtane.Server/Controllers/InstallationController.cs b/Oqtane.Server/Controllers/InstallationController.cs
index 3297c572..99f0f769 100644
--- a/Oqtane.Server/Controllers/InstallationController.cs
+++ b/Oqtane.Server/Controllers/InstallationController.cs
@@ -1,11 +1,13 @@
 using DbUp;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.EntityFrameworkCore;
 using Microsoft.Extensions.Configuration;
 using Oqtane.Models;
 using System;
 using System.Data.SqlClient;
 using System.IO;
+using System.Linq;
 using System.Reflection;
 using System.Threading;
 
@@ -14,11 +16,11 @@ namespace Oqtane.Controllers
     [Route("{site}/api/[controller]")]
     public class InstallationController : Controller
     {
-        private readonly IConfigurationRoot _config;
+        private readonly IConfigurationRoot Config;
 
-        public InstallationController(IConfigurationRoot config)
+        public InstallationController(IConfigurationRoot Config)
         {
-            _config = config;
+            this.Config = Config;
         }
 
         // POST api/<controller>
@@ -135,7 +137,7 @@ namespace Oqtane.Controllers
                                 {
                                     writer.WriteLine(config);
                                 }
-                                _config.Reload();
+                                Config.Reload();
                                 response.Success = true;
                             }
                         }
@@ -156,7 +158,7 @@ namespace Oqtane.Controllers
             var response = new GenericResponse { Success = false, Message = "" };
 
             string datadirectory = AppDomain.CurrentDomain.GetData("DataDirectory").ToString();
-            string connectionString = _config.GetConnectionString("DefaultConnection");
+            string connectionString = Config.GetConnectionString("DefaultConnection");
             connectionString = connectionString.Replace("|DataDirectory|", datadirectory);
 
             SqlConnection connection = new SqlConnection(connectionString);
@@ -182,11 +184,71 @@ namespace Oqtane.Controllers
                 response.Success = !dbUpgrade.IsUpgradeRequired();
                 if (!response.Success)
                 {
-                    response.Message = "Scripts Have Not Been Run";
+                    response.Message = "Master Installation Scripts Have Not Been Executed";
+                }
+                else
+                {
+                    Assembly[] assemblies = AppDomain.CurrentDomain.GetAssemblies()
+                        .Where(item => item.FullName.Contains(".Module.")).ToArray();
+
+                    // get tenants
+                    using (var db = new InstallationContext(connectionString))
+                    {
+                        foreach (Tenant tenant in db.Tenant.ToList())
+                        {
+                            // upgrade framework
+                            dbUpgradeConfig = DeployChanges.To.SqlDatabase(tenant.DBConnectionString)
+                                .WithScriptsEmbeddedInAssembly(Assembly.GetExecutingAssembly());
+                            dbUpgrade = dbUpgradeConfig.Build();
+                            if (dbUpgrade.IsUpgradeRequired())
+                            {
+                                var result = dbUpgrade.PerformUpgrade();
+                                if (!result.Successful)
+                                {
+                                    // TODO: log result.Error.Message;
+                                }
+                            }
+                            // iterate through Oqtane module assemblies and execute any database scripts
+                            foreach (Assembly assembly in assemblies)
+                            {
+                                InstallModule(assembly, tenant.DBConnectionString);
+                            }
+                        }
+                    }
                 }
             }
 
             return response;
         }
+
+        private void InstallModule(Assembly assembly, string connectionstring)
+        {
+            var dbUpgradeConfig = DeployChanges.To.SqlDatabase(connectionstring)
+                .WithScriptsEmbeddedInAssembly(assembly); // scripts must be included as Embedded Resources
+            var dbUpgrade = dbUpgradeConfig.Build();
+            if (dbUpgrade.IsUpgradeRequired())
+            {
+                var result = dbUpgrade.PerformUpgrade();
+                if (!result.Successful)
+                {
+                    // TODO: log result.Error.Message;
+                }
+            }
+        }
+    }
+
+    public class InstallationContext : DbContext
+    {
+        private readonly string _connectionString;
+
+        public InstallationContext(string connectionString)
+        {
+            _connectionString = connectionString;
+        }
+
+        protected override void OnConfiguring(DbContextOptionsBuilder optionsBuilder)
+           => optionsBuilder.UseSqlServer(_connectionString);
+
+        public virtual DbSet<Tenant> Tenant { get; set; }
     }
 }
diff --git a/Oqtane.Server/Controllers/ModuleController.cs b/Oqtane.Server/Controllers/ModuleController.cs
index 12e4c739..1c60310a 100644
--- a/Oqtane.Server/Controllers/ModuleController.cs
+++ b/Oqtane.Server/Controllers/ModuleController.cs
@@ -1,20 +1,22 @@
 using System.Collections.Generic;
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Authorization;
 using Oqtane.Repository;
 using Oqtane.Models;
+using Oqtane.Shared;
 
 namespace Oqtane.Controllers
 {
     [Route("{site}/api/[controller]")]
     public class ModuleController : Controller
     {
-        private readonly IModuleRepository modules;
-        private readonly IPageModuleRepository pagemodules;
+        private readonly IModuleRepository Modules;
+        private readonly IPageModuleRepository PageModules;
 
         public ModuleController(IModuleRepository Modules, IPageModuleRepository PageModules)
         {
-            modules = Modules;
-            pagemodules = PageModules;
+            this.Modules = Modules;
+            this.PageModules = PageModules;
         }
 
         // GET: api/<controller>?pageid=x
@@ -25,7 +27,7 @@ namespace Oqtane.Controllers
             if (!string.IsNullOrEmpty(pageid))
             {
                 List<Module> modulelist = new List<Module>();
-                foreach (PageModule pagemodule in pagemodules.GetPageModules(int.Parse(pageid)))
+                foreach (PageModule pagemodule in PageModules.GetPageModules(int.Parse(pageid)))
                 {
                     Module module = pagemodule.Module;
                     module.PageModuleId = pagemodule.PageModuleId;
@@ -40,7 +42,7 @@ namespace Oqtane.Controllers
             }
             else
             {
-                return modules.GetModules(int.Parse(siteid), moduledefinitionname);
+                return Modules.GetModules(int.Parse(siteid), moduledefinitionname);
             }
         }
 
@@ -48,30 +50,39 @@ namespace Oqtane.Controllers
         [HttpGet("{id}")]
         public Module Get(int id)
         {
-            return modules.GetModule(id);
+            return Modules.GetModule(id);
         }
 
         // POST api/<controller>
         [HttpPost]
-        public void Post([FromBody] Module Module)
+        [Authorize(Roles = Constants.AdminRole)]
+        public Module Post([FromBody] Module Module)
         {
             if (ModelState.IsValid)
-                modules.AddModule(Module);
+            {
+                Module = Modules.AddModule(Module);
+            }
+            return Module;
         }
 
         // PUT api/<controller>/5
         [HttpPut("{id}")]
-        public void Put(int id, [FromBody] Module Module)
+        [Authorize(Roles = Constants.AdminRole)]
+        public Module Put(int id, [FromBody] Module Module)
         {
             if (ModelState.IsValid)
-                modules.UpdateModule(Module);
+            {
+                Module = Modules.UpdateModule(Module);
+            }
+            return Module;
         }
 
         // DELETE api/<controller>/5
         [HttpDelete("{id}")]
+        [Authorize(Roles = Constants.AdminRole)]
         public void Delete(int id)
         {
-            modules.DeleteModule(id);
+            Modules.DeleteModule(id);
         }
     }
 }
diff --git a/Oqtane.Server/Controllers/ModuleDefinitionController.cs b/Oqtane.Server/Controllers/ModuleDefinitionController.cs
index b523111b..8844e9b6 100644
--- a/Oqtane.Server/Controllers/ModuleDefinitionController.cs
+++ b/Oqtane.Server/Controllers/ModuleDefinitionController.cs
@@ -2,24 +2,72 @@
 using Microsoft.AspNetCore.Mvc;
 using Oqtane.Repository;
 using Oqtane.Models;
+using Oqtane.Shared;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.Extensions.Hosting;
+using System.IO.Compression;
+using Microsoft.AspNetCore.Hosting;
+using System.IO;
+using System.Reflection;
 
 namespace Oqtane.Controllers
 {
     [Route("{site}/api/[controller]")]
     public class ModuleDefinitionController : Controller
     {
-        private readonly IModuleDefinitionRepository moduledefinitions;
+        private readonly IModuleDefinitionRepository ModuleDefinitions;
+        private readonly IHostApplicationLifetime HostApplicationLifetime;
+        private readonly IWebHostEnvironment environment;
 
-        public ModuleDefinitionController(IModuleDefinitionRepository ModuleDefinitions)
+        public ModuleDefinitionController(IModuleDefinitionRepository ModuleDefinitions, IHostApplicationLifetime HostApplicationLifetime, IWebHostEnvironment environment)
         {
-            moduledefinitions = ModuleDefinitions;
+            this.ModuleDefinitions = ModuleDefinitions;
+            this.HostApplicationLifetime = HostApplicationLifetime;
+            this.environment = environment;
         }
 
         // GET: api/<controller>
         [HttpGet]
         public IEnumerable<ModuleDefinition> Get()
         {
-            return moduledefinitions.GetModuleDefinitions();
+            return ModuleDefinitions.GetModuleDefinitions();
+        }
+
+        [HttpGet("install")]
+        [Authorize(Roles = Constants.HostRole)]
+        public void InstallModules()
+        {
+            bool install = false;
+            string modulefolder = Path.Combine(environment.WebRootPath, "Modules");
+            string binfolder = Path.GetDirectoryName(Assembly.GetEntryAssembly().Location);
+
+            // iterate through module packages
+            foreach (string packagename in Directory.GetFiles(modulefolder, "*.nupkg"))
+            {
+                // iterate through files and deploy to appropriate locations
+                using (ZipArchive archive = ZipFile.OpenRead(packagename))
+                {
+                    foreach (ZipArchiveEntry entry in archive.Entries)
+                    {
+                        string filename = Path.GetFileName(entry.FullName);
+                        switch (Path.GetExtension(filename))
+                        {
+                            case ".dll":
+                                entry.ExtractToFile(Path.Combine(binfolder, filename));
+                                break;
+                        }
+                    }
+                }
+                // remove module package
+                System.IO.File.Delete(packagename);
+                install = true;
+            }
+
+            if (install)
+            {
+                // restart application
+                HostApplicationLifetime.StopApplication();
+            }
         }
     }
 }
diff --git a/Oqtane.Server/Controllers/PageController.cs b/Oqtane.Server/Controllers/PageController.cs
index a2addeb4..3a08e680 100644
--- a/Oqtane.Server/Controllers/PageController.cs
+++ b/Oqtane.Server/Controllers/PageController.cs
@@ -1,18 +1,21 @@
 using System.Collections.Generic;
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Authorization;
 using Oqtane.Repository;
 using Oqtane.Models;
+using Oqtane.Shared;
+using System.Linq;
 
 namespace Oqtane.Controllers
 {
     [Route("{site}/api/[controller]")]
     public class PageController : Controller
     {
-        private readonly IPageRepository pages;
+        private readonly IPageRepository Pages;
 
         public PageController(IPageRepository Pages)
         {
-            pages = Pages;
+            this.Pages = Pages;
         }
 
         // GET: api/<controller>?siteid=x
@@ -21,11 +24,11 @@ namespace Oqtane.Controllers
         {
             if (siteid == "")
             {
-                return pages.GetPages();
+                return Pages.GetPages();
             }
             else
             {
-                return pages.GetPages(int.Parse(siteid));
+                return Pages.GetPages(int.Parse(siteid));
             }
         }
 
@@ -33,30 +36,57 @@ namespace Oqtane.Controllers
         [HttpGet("{id}")]
         public Page Get(int id)
         {
-            return pages.GetPage(id);
+            return Pages.GetPage(id);
         }
 
         // POST api/<controller>
         [HttpPost]
-        public void Post([FromBody] Page Page)
+        [Authorize(Roles = Constants.AdminRole)]
+        public Page Post([FromBody] Page Page)
         {
             if (ModelState.IsValid)
-                pages.AddPage(Page);
+            {
+                Page = Pages.AddPage(Page);
+            }
+            return Page;
         }
 
         // PUT api/<controller>/5
         [HttpPut("{id}")]
-        public void Put(int id, [FromBody] Page Page)
+        [Authorize(Roles = Constants.AdminRole)]
+        public Page Put(int id, [FromBody] Page Page)
         {
             if (ModelState.IsValid)
-                pages.UpdatePage(Page);
+            {
+                Page = Pages.UpdatePage(Page);
+            }
+            return Page;
+        }
+
+        // PUT api/<controller>/?siteid=x&parentid=y
+        [HttpPut]
+        [Authorize(Roles = Constants.AdminRole)]
+        public void Put(int siteid, int? parentid)
+        {
+            int order = 1;
+            List<Page> pages = Pages.GetPages(siteid).ToList();
+            foreach (Page page in pages.Where(item => item.ParentId == parentid).OrderBy(item => item.Order))
+            {
+                if (page.Order != order)
+                {
+                    page.Order = order;
+                    Pages.UpdatePage(page);
+                }
+                order += 2;
+            }
         }
 
         // DELETE api/<controller>/5
         [HttpDelete("{id}")]
+        [Authorize(Roles = Constants.AdminRole)]
         public void Delete(int id)
         {
-            pages.DeletePage(id);
+            Pages.DeletePage(id);
         }
     }
 }
diff --git a/Oqtane.Server/Controllers/PageModuleController.cs b/Oqtane.Server/Controllers/PageModuleController.cs
index 25d225da..7c331e0c 100644
--- a/Oqtane.Server/Controllers/PageModuleController.cs
+++ b/Oqtane.Server/Controllers/PageModuleController.cs
@@ -1,55 +1,87 @@
 using System.Collections.Generic;
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Authorization;
 using Oqtane.Repository;
 using Oqtane.Models;
+using Oqtane.Shared;
+using System.Linq;
 
 namespace Oqtane.Controllers
 {
     [Route("{site}/api/[controller]")]
     public class PageModuleController : Controller
     {
-        private readonly IPageModuleRepository pagemodules;
+        private readonly IPageModuleRepository PageModules;
+        private readonly IModuleRepository Modules;
 
-        public PageModuleController(IPageModuleRepository PageModules)
+        public PageModuleController(IPageModuleRepository PageModules, IModuleRepository Modules)
         {
-            pagemodules = PageModules;
+            this.PageModules = PageModules;
+            this.Modules = Modules;
         }
 
         // GET: api/<controller>
         [HttpGet]
         public IEnumerable<PageModule> Get()
         {
-            return pagemodules.GetPageModules();
+            return PageModules.GetPageModules();
         }
 
         // GET api/<controller>/5
         [HttpGet("{id}")]
         public PageModule Get(int id)
         {
-            return pagemodules.GetPageModule(id);
+            return PageModules.GetPageModule(id);
         }
 
         // POST api/<controller>
         [HttpPost]
-        public void Post([FromBody] PageModule PageModule)
+        [Authorize(Roles = Constants.AdminRole)]
+        public PageModule Post([FromBody] PageModule PageModule)
         {
             if (ModelState.IsValid)
-                pagemodules.AddPageModule(PageModule);
+            {
+                PageModule = PageModules.AddPageModule(PageModule);
+            }
+            return PageModule;
         }
 
         // PUT api/<controller>/5
         [HttpPut("{id}")]
-        public void Put(int id, [FromBody] PageModule PageModule)
+        [Authorize(Roles = Constants.AdminRole)]
+        public PageModule Put(int id, [FromBody] PageModule PageModule)
         {
             if (ModelState.IsValid)
-                pagemodules.UpdatePageModule(PageModule);
+            {
+                PageModule = PageModules.UpdatePageModule(PageModule);
+            }
+            return PageModule;
+        }
+
+        // PUT api/<controller>/?pageid=x&pane=y
+        [HttpPut]
+        [Authorize(Roles = Constants.AdminRole)]
+        public void Put(int pageid, string pane)
+        {
+            int order = 1;
+            List<PageModule> pagemodules = PageModules.GetPageModules(pageid).ToList();
+            foreach (PageModule pagemodule in pagemodules.Where(item => item.Pane == pane).OrderBy(item => item.Order))
+            {
+                if (pagemodule.Order != order)
+                {
+                    pagemodule.Order = order;
+                    PageModules.UpdatePageModule(pagemodule);
+                }
+                order += 2;
+            }
         }
 
         // DELETE api/<controller>/5
         [HttpDelete("{id}")]
+        [Authorize(Roles = Constants.AdminRole)]
         public void Delete(int id)
         {
-            pagemodules.DeletePageModule(id);
+            PageModules.DeletePageModule(id);
         }
     }
 }
diff --git a/Oqtane.Server/Controllers/PermissionController.cs b/Oqtane.Server/Controllers/PermissionController.cs
new file mode 100644
index 00000000..dc2bc614
--- /dev/null
+++ b/Oqtane.Server/Controllers/PermissionController.cs
@@ -0,0 +1,66 @@
+using System.Collections.Generic;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Authorization;
+using Oqtane.Repository;
+using Oqtane.Models;
+using Oqtane.Shared;
+
+namespace Oqtane.Controllers
+{
+    [Route("{site}/api/[controller]")]
+    public class PermissionController : Controller
+    {
+        private readonly IPermissionRepository Permissions;
+
+        public PermissionController(IPermissionRepository Permissions)
+        {
+            this.Permissions = Permissions;
+        }
+
+        // GET: api/<controller>
+        [HttpGet]
+        public IEnumerable<Permission> Get(string entityname, int entityid, string permissionname)
+        {
+            return Permissions.GetPermissions(entityname, entityid, permissionname);
+        }
+
+        // GET api/<controller>/5
+        [HttpGet("{id}")]
+        public Permission Get(int id)
+        {
+            return Permissions.GetPermission(id);
+        }
+
+        // POST api/<controller>
+        [HttpPost]
+        [Authorize(Roles = Constants.AdminRole)]
+        public Permission Post([FromBody] Permission Permission)
+        {
+            if (ModelState.IsValid)
+            {
+                Permission = Permissions.AddPermission(Permission);
+            }
+            return Permission;
+        }
+
+        // PUT api/<controller>/5
+        [HttpPut("{id}")]
+        [Authorize(Roles = Constants.AdminRole)]
+        public Permission Put(int id, [FromBody] Permission Permission)
+        {
+            if (ModelState.IsValid)
+            {
+                Permission = Permissions.UpdatePermission(Permission);
+            }
+            return Permission;
+        }
+
+        // DELETE api/<controller>/5
+        [HttpDelete("{id}")]
+        [Authorize(Roles = Constants.AdminRole)]
+        public void Delete(int id)
+        {
+            Permissions.DeletePermission(id);
+        }
+    }
+}
diff --git a/Oqtane.Server/Controllers/ProfileController.cs b/Oqtane.Server/Controllers/ProfileController.cs
new file mode 100644
index 00000000..7281b2a0
--- /dev/null
+++ b/Oqtane.Server/Controllers/ProfileController.cs
@@ -0,0 +1,73 @@
+using System.Collections.Generic;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Authorization;
+using Oqtane.Repository;
+using Oqtane.Models;
+using Oqtane.Shared;
+
+namespace Oqtane.Controllers
+{
+    [Route("{site}/api/[controller]")]
+    public class ProfileController : Controller
+    {
+        private readonly IProfileRepository Profiles;
+
+        public ProfileController(IProfileRepository Profiles)
+        {
+            this.Profiles = Profiles;
+        }
+
+        // GET: api/<controller>?siteid=x
+        [HttpGet]
+        public IEnumerable<Profile> Get(string siteid)
+        {
+            if (siteid == "")
+            {
+                return Profiles.GetProfiles();
+            }
+            else
+            {
+                return Profiles.GetProfiles(int.Parse(siteid));
+            }
+        }
+
+        // GET api/<controller>/5
+        [HttpGet("{id}")]
+        public Profile Get(int id)
+        {
+            return Profiles.GetProfile(id);
+        }
+
+        // POST api/<controller>
+        [HttpPost]
+        [Authorize(Roles = Constants.AdminRole)]
+        public Profile Post([FromBody] Profile Profile)
+        {
+            if (ModelState.IsValid)
+            {
+                Profile = Profiles.AddProfile(Profile);
+            }
+            return Profile;
+        }
+
+        // PUT api/<controller>/5
+        [HttpPut("{id}")]
+        [Authorize(Roles = Constants.AdminRole)]
+        public Profile Put(int id, [FromBody] Profile Profile)
+        {
+            if (ModelState.IsValid)
+            {
+                Profile = Profiles.UpdateProfile(Profile);
+            }
+            return Profile;
+        }
+
+        // DELETE api/<controller>/5
+        [HttpDelete("{id}")]
+        [Authorize(Roles = Constants.AdminRole)]
+        public void Delete(int id)
+        {
+            Profiles.DeleteProfile(id);
+        }
+    }
+}
diff --git a/Oqtane.Server/Controllers/RoleController.cs b/Oqtane.Server/Controllers/RoleController.cs
new file mode 100644
index 00000000..8ac711a3
--- /dev/null
+++ b/Oqtane.Server/Controllers/RoleController.cs
@@ -0,0 +1,73 @@
+using System.Collections.Generic;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Authorization;
+using Oqtane.Repository;
+using Oqtane.Models;
+using Oqtane.Shared;
+
+namespace Oqtane.Controllers
+{
+    [Route("{site}/api/[controller]")]
+    public class RoleController : Controller
+    {
+        private readonly IRoleRepository Roles;
+
+        public RoleController(IRoleRepository Roles)
+        {
+            this.Roles = Roles;
+        }
+
+        // GET: api/<controller>?siteid=x
+        [HttpGet]
+        public IEnumerable<Role> Get(string siteid)
+        {
+            if (siteid == "")
+            {
+                return Roles.GetRoles();
+            }
+            else
+            {
+                return Roles.GetRoles(int.Parse(siteid));
+            }
+        }
+
+        // GET api/<controller>/5
+        [HttpGet("{id}")]
+        public Role Get(int id)
+        {
+            return Roles.GetRole(id);
+        }
+
+        // POST api/<controller>
+        [HttpPost]
+        [Authorize(Roles = Constants.AdminRole)]
+        public Role Post([FromBody] Role Role)
+        {
+            if (ModelState.IsValid)
+            {
+                Role = Roles.AddRole(Role);
+            }
+            return Role;
+        }
+
+        // PUT api/<controller>/5
+        [HttpPut("{id}")]
+        [Authorize(Roles = Constants.AdminRole)]
+        public Role Put(int id, [FromBody] Role Role)
+        {
+            if (ModelState.IsValid)
+            {
+                Role = Roles.UpdateRole(Role);
+            }
+            return Role;
+        }
+
+        // DELETE api/<controller>/5
+        [HttpDelete("{id}")]
+        [Authorize(Roles = Constants.AdminRole)]
+        public void Delete(int id)
+        {
+            Roles.DeleteRole(id);
+        }
+    }
+}
diff --git a/Oqtane.Server/Controllers/SettingController.cs b/Oqtane.Server/Controllers/SettingController.cs
new file mode 100644
index 00000000..2d400cca
--- /dev/null
+++ b/Oqtane.Server/Controllers/SettingController.cs
@@ -0,0 +1,84 @@
+using System.Collections.Generic;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Authorization;
+using Oqtane.Repository;
+using Oqtane.Models;
+using Oqtane.Shared;
+using Oqtane.Security;
+
+namespace Oqtane.Controllers
+{
+    [Route("{site}/api/[controller]")]
+    public class SettingController : Controller
+    {
+        private readonly ISettingRepository Settings;
+        private readonly IUserPermissions UserPermissions;
+
+        public SettingController(ISettingRepository Settings, IUserPermissions UserPermissions)
+        {
+            this.Settings = Settings;
+            this.UserPermissions = UserPermissions;
+        }
+
+        // GET: api/<controller>
+        [HttpGet]
+        public IEnumerable<Setting> Get(string entityname, int entityid)
+        {
+            return Settings.GetSettings(entityname, entityid);
+        }
+
+        // GET api/<controller>/5
+        [HttpGet("{id}")]
+        public Setting Get(int id)
+        {
+            return Settings.GetSetting(id);
+        }
+
+        // POST api/<controller>
+        [HttpPost]
+        [Authorize]
+        public Setting Post([FromBody] Setting Setting)
+        {
+            if (ModelState.IsValid && IsAuthorized(Setting.EntityName, Setting.EntityId))
+            {
+                Setting = Settings.AddSetting(Setting);
+            }
+            return Setting;
+        }
+
+        // PUT api/<controller>/5
+        [HttpPut("{id}")]
+        [Authorize]
+        public Setting Put(int id, [FromBody] Setting Setting)
+        {
+            if (ModelState.IsValid && IsAuthorized(Setting.EntityName, Setting.EntityId))
+            {
+                Setting = Settings.UpdateSetting(Setting);
+            }
+            return Setting;
+        }
+
+        // DELETE api/<controller>/5
+        [HttpDelete("{id}")]
+        [Authorize(Roles = Constants.AdminRole)]
+        public void Delete(int id)
+        {
+            Settings.DeleteSetting(id);
+        }
+
+        private bool IsAuthorized(string EntityName, int EntityId)
+        {
+            bool authorized = false;
+            switch (EntityName)
+            {
+                case "Module":
+                    authorized = UserPermissions.IsAuthorized(User, EntityName, EntityId, "Edit");
+                    break;
+                default:
+                    authorized = User.IsInRole(Constants.AdminRole);
+                    break;
+            }
+            return authorized;
+        }
+    }
+}
diff --git a/Oqtane.Server/Controllers/SiteController.cs b/Oqtane.Server/Controllers/SiteController.cs
index c6493504..802cac83 100644
--- a/Oqtane.Server/Controllers/SiteController.cs
+++ b/Oqtane.Server/Controllers/SiteController.cs
@@ -1,55 +1,66 @@
 using System.Collections.Generic;
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Authorization;
 using Oqtane.Repository;
 using Oqtane.Models;
+using Oqtane.Shared;
 
 namespace Oqtane.Controllers
 {
     [Route("{site}/api/[controller]")]
     public class SiteController : Controller
     {
-        private readonly ISiteRepository sites;
+        private readonly ISiteRepository Sites;
 
         public SiteController(ISiteRepository Sites)
         {
-            sites = Sites;
+            this.Sites = Sites;
         }
 
         // GET: api/<controller>
         [HttpGet]
         public IEnumerable<Site> Get()
         {
-            return sites.GetSites();
+            return Sites.GetSites();
         }
 
         // GET api/<controller>/5
         [HttpGet("{id}")]
         public Site Get(int id)
         {
-            return sites.GetSite(id);
+            return Sites.GetSite(id);
         }
 
         // POST api/<controller>
         [HttpPost]
-        public void Post([FromBody] Site site)
+        [Authorize(Roles = Constants.HostRole)]
+        public Site Post([FromBody] Site Site)
         {
             if (ModelState.IsValid)
-                sites.AddSite(site);
+            {
+                Site = Sites.AddSite(Site);
+            }
+            return Site;
         }
 
         // PUT api/<controller>/5
         [HttpPut("{id}")]
-        public void Put(int id, [FromBody] Site site)
+        [Authorize(Roles = Constants.HostRole)]
+        public Site Put(int id, [FromBody] Site Site)
         {
             if (ModelState.IsValid)
-                sites.UpdateSite(site);
+            {
+                Site = Sites.UpdateSite(Site);
+            }
+            return Site;
         }
 
         // DELETE api/<controller>/5
         [HttpDelete("{id}")]
+        [Authorize(Roles = Constants.HostRole)]
         public void Delete(int id)
         {
-            sites.DeleteSite(id);
+            Sites.DeleteSite(id);
         }
     }
 }
diff --git a/Oqtane.Server/Controllers/TenantController.cs b/Oqtane.Server/Controllers/TenantController.cs
index af19f7af..1711aae1 100644
--- a/Oqtane.Server/Controllers/TenantController.cs
+++ b/Oqtane.Server/Controllers/TenantController.cs
@@ -1,55 +1,66 @@
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Authorization;
 using Oqtane.Repository;
 using Oqtane.Models;
 using System.Collections.Generic;
+using Oqtane.Shared;
 
 namespace Oqtane.Controllers
 {
     [Route("{site}/api/[controller]")]
     public class TenantController : Controller
     {
-        private readonly ITenantRepository tenants;
+        private readonly ITenantRepository Tenants;
 
         public TenantController(ITenantRepository Tenants)
         {
-            tenants = Tenants;
+            this.Tenants = Tenants;
         }
 
         // GET: api/<controller>
         [HttpGet]
         public IEnumerable<Tenant> Get()
         {
-            return tenants.GetTenants();
+            return Tenants.GetTenants();
         }
 
         // GET api/<controller>/5
         [HttpGet("{id}")]
         public Tenant Get(int id)
         {
-            return tenants.GetTenant(id);
+            return Tenants.GetTenant(id);
         }
 
         // POST api/<controller>
         [HttpPost]
-        public void Post([FromBody] Tenant site)
+        [Authorize(Roles = Constants.HostRole)]
+        public Tenant Post([FromBody] Tenant Tenant)
         {
             if (ModelState.IsValid)
-                tenants.AddTenant(site);
+            {
+                Tenant = Tenants.AddTenant(Tenant);
+            }
+            return Tenant;
         }
 
         // PUT api/<controller>/5
         [HttpPut("{id}")]
-        public void Put(int id, [FromBody] Tenant site)
+        [Authorize(Roles = Constants.HostRole)]
+        public Tenant Put(int id, [FromBody] Tenant Tenant)
         {
             if (ModelState.IsValid)
-                tenants.UpdateTenant(site);
+            {
+                Tenant = Tenants.UpdateTenant(Tenant);
+            }
+            return Tenant;
         }
 
         // DELETE api/<controller>/5
         [HttpDelete("{id}")]
+        [Authorize(Roles = Constants.HostRole)]
         public void Delete(int id)
         {
-            tenants.DeleteTenant(id);
+            Tenants.DeleteTenant(id);
         }
     }
 }
diff --git a/Oqtane.Server/Controllers/ThemeController.cs b/Oqtane.Server/Controllers/ThemeController.cs
index 0b22b963..8cb7afe9 100644
--- a/Oqtane.Server/Controllers/ThemeController.cs
+++ b/Oqtane.Server/Controllers/ThemeController.cs
@@ -8,18 +8,18 @@ namespace Oqtane.Controllers
     [Route("{site}/api/[controller]")]
     public class ThemeController : Controller
     {
-        private readonly IThemeRepository themes;
+        private readonly IThemeRepository Themes;
 
         public ThemeController(IThemeRepository Themes)
         {
-            themes = Themes;
+            this.Themes = Themes;
         }
 
         // GET: api/<controller>
         [HttpGet]
         public IEnumerable<Theme> Get()
         {
-            return themes.GetThemes();
+            return Themes.GetThemes();
         }
     }
 }
diff --git a/Oqtane.Server/Controllers/UserController.cs b/Oqtane.Server/Controllers/UserController.cs
index 86f1fa8a..9926dacb 100644
--- a/Oqtane.Server/Controllers/UserController.cs
+++ b/Oqtane.Server/Controllers/UserController.cs
@@ -1,128 +1,279 @@
 using System.Collections.Generic;
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authorization;
 using Oqtane.Repository;
 using Oqtane.Models;
 using Microsoft.AspNetCore.Identity;
 using System.Threading.Tasks;
-using Microsoft.Extensions.Primitives;
+using System.Linq;
 using System.Security.Claims;
+using Oqtane.Shared;
 
 namespace Oqtane.Controllers
 {
     [Route("{site}/api/[controller]")]
     public class UserController : Controller
     {
-        private readonly IUserRepository users;
-        private readonly UserManager<IdentityUser> identityUserManager;
-        private readonly SignInManager<IdentityUser> identitySignInManager;
+        private readonly IUserRepository Users;
+        private readonly ISiteUserRepository SiteUsers;
+        private readonly IRoleRepository Roles;
+        private readonly IUserRoleRepository UserRoles;
+        private readonly UserManager<IdentityUser> IdentityUserManager;
+        private readonly SignInManager<IdentityUser> IdentitySignInManager;
 
-        public UserController(IUserRepository Users, UserManager<IdentityUser> IdentityUserManager, SignInManager<IdentityUser> IdentitySignInManager)
+        public UserController(IUserRepository Users, ISiteUserRepository SiteUsers, IRoleRepository Roles, IUserRoleRepository UserRoles, UserManager<IdentityUser> IdentityUserManager, SignInManager<IdentityUser> IdentitySignInManager)
         {
-            users = Users;
-            identityUserManager = IdentityUserManager;
-            identitySignInManager = IdentitySignInManager;
+            this.Users = Users;
+            this.SiteUsers = SiteUsers;
+            this.Roles = Roles;
+            this.UserRoles = UserRoles;
+            this.IdentityUserManager = IdentityUserManager;
+            this.IdentitySignInManager = IdentitySignInManager;
         }
 
-        // GET: api/<controller>
+        // GET: api/<controller>?siteid=x
         [HttpGet]
-        public IEnumerable<User> Get()
+        public IEnumerable<User> Get(string siteid)
         {
-            return users.GetUsers();
+            List<User> users = new List<User>();
+            IEnumerable<SiteUser> siteusers = SiteUsers.GetSiteUsers(int.Parse(siteid));
+            foreach (SiteUser siteuser in siteusers)
+            {
+                User user = siteuser.User;
+                user.SiteId = siteuser.SiteId;
+                users.Add(user);
+            }
+            return users;
         }
 
-        // GET api/<controller>/5
+        // GET api/<controller>/5?siteid=x
         [HttpGet("{id}")]
-        public User Get(int id)
+        public User Get(int id, string siteid)
         {
-            return users.GetUser(id);
-        }
-        
-        // POST api/<controller>
-        [HttpPost]
-        public async Task Post([FromBody] User user)
-        {
-            if (ModelState.IsValid)
+            User user = Users.GetUser(id);
+            if (user != null)
             {
-                IdentityUser identityuser = await identityUserManager.FindByNameAsync(user.Username);
-                if (identityuser == null)
+                user.SiteId = int.Parse(siteid);
+                if (!user.IsHost) // host users are part of every site by default
                 {
-                    identityuser = new IdentityUser();
-                    identityuser.UserName = user.Username;
-                    identityuser.Email = user.Username;
-                    var result = await identityUserManager.CreateAsync(identityuser, user.Password);
-                    if (result.Succeeded)
+                    SiteUser siteuser = SiteUsers.GetSiteUser(user.SiteId, id);
+                    if (siteuser != null)
                     {
-                        users.AddUser(user);
-                    }
-                }
-            }
-        }
-
-        // PUT api/<controller>/5
-        [HttpPut("{id}")]
-        public void Put(int id, [FromBody] User user)
-        {
-            if (ModelState.IsValid)
-            {
-                users.UpdateUser(user);
-            }
-        }
-
-        // DELETE api/<controller>/5
-        [HttpDelete("{id}")]
-        public void Delete(int id)
-        {
-            users.DeleteUser(id);
-        }
-
-        // GET api/<controller>/name/x
-        [HttpGet("name/{name}")]
-        public User GetByName(string name)
-        {
-            return users.GetUser(name);
-        }
-
-        // POST api/<controller>/login
-        [HttpPost("login")]
-        public async Task<User> Login([FromBody] User user)
-        {
-            if (ModelState.IsValid)
-            {
-                IdentityUser identityuser = await identityUserManager.FindByNameAsync(user.Username);
-                if (identityuser != null)
-                {
-                    var result = await identitySignInManager.CheckPasswordSignInAsync(identityuser, user.Password, false);
-                    if (result.Succeeded)
-                    {
-                        await identitySignInManager.SignInAsync(identityuser, user.IsPersistent);
-                        user = users.GetUser(identityuser.UserName);
-                        user.IsAuthenticated = true;
-                    }
-                    else
-                    {
-                        user = new Models.User { Username = user.Username, IsAuthenticated = false };
+                        user.Roles = GetUserRoles(user.UserId, user.SiteId);
                     }
                 }
                 else
                 {
-                    user = new Models.User { Username = user.Username, IsAuthenticated = false };
+                    user.Roles = ";" + Constants.HostRole + ";" + Constants.AdminRole + ";";
                 }
             }
             return user;
         }
 
+        // GET api/<controller>/name/x?siteid=x
+        [HttpGet("name/{name}")]
+        public User Get(string name, string siteid)
+        {
+            User user = Users.GetUser(name);
+            if (user != null)
+            {
+                user.SiteId = int.Parse(siteid);
+                if (!user.IsHost) // host users are part of every site by default
+                {
+                    SiteUser siteuser = SiteUsers.GetSiteUser(user.SiteId, user.UserId);
+                    if (siteuser != null)
+                    {
+                        user.Roles = GetUserRoles(user.UserId, user.SiteId);
+                    }
+                    else
+                    {
+                        user = null;
+                    }
+                }
+                else
+                {
+                    user.Roles = ";" + Constants.HostRole + ";" + Constants.AdminRole + ";";
+                }
+            }
+            return user;
+        }
+
+        // POST api/<controller>
+        [HttpPost]
+        public async Task<User> Post([FromBody] User User)
+        {
+            User user = null;
+
+            if (ModelState.IsValid)
+            {
+                bool installed = true;
+                if (!Users.GetUsers().Any())
+                {
+                    installed = false; // during initial installation we need to be able to create the host user
+                }
+
+                IdentityUser identityuser = await IdentityUserManager.FindByNameAsync(User.Username);
+                if (identityuser == null)
+                {
+                    identityuser = new IdentityUser();
+                    identityuser.UserName = User.Username;
+                    identityuser.Email = User.Username;
+                    var result = await IdentityUserManager.CreateAsync(identityuser, User.Password);
+                    if (result.Succeeded)
+                    {
+                        user = Users.AddUser(User);
+                        if (!user.IsHost) // host users are part of every site by default
+                        {
+                            SiteUser siteuser = new SiteUser();
+                            siteuser.SiteId = User.SiteId;
+                            siteuser.UserId = user.UserId;
+                            SiteUsers.AddSiteUser(siteuser);
+
+                            List<Role> roles = Roles.GetRoles(user.SiteId).Where(item => item.IsAutoAssigned == true).ToList();
+                            foreach (Role role in roles)
+                            {
+                                UserRole userrole = new UserRole();
+                                userrole.UserId = user.UserId;
+                                userrole.RoleId = role.RoleId;
+                                userrole.EffectiveDate = null;
+                                userrole.ExpiryDate = null;
+                                UserRoles.AddUserRole(userrole);
+                            }
+                        }
+                    }
+                }
+                else
+                {
+                    user = Users.GetUser(User.Username);
+                    SiteUser siteuser = SiteUsers.GetSiteUser(User.SiteId, user.UserId);
+                    if (siteuser == null)
+                    {
+                        if (!user.IsHost) // host users are part of every site by default
+                        {
+                            siteuser = new SiteUser();
+                            siteuser.SiteId = User.SiteId;
+                            siteuser.UserId = user.UserId;
+                            SiteUsers.AddSiteUser(siteuser);
+
+                            List<Role> roles = Roles.GetRoles(User.SiteId).Where(item => item.IsAutoAssigned == true).ToList();
+                            foreach (Role role in roles)
+                            {
+                                UserRole userrole = new UserRole();
+                                userrole.UserId = user.UserId;
+                                userrole.RoleId = role.RoleId;
+                                userrole.EffectiveDate = null;
+                                userrole.ExpiryDate = null;
+                                UserRoles.AddUserRole(userrole);
+                            }
+                        }
+                    }
+                }
+            }
+
+            return user;
+        }
+
+        // PUT api/<controller>/5
+        [HttpPut("{id}")]
+        [Authorize]
+        public User Put(int id, [FromBody] User User)
+        {
+            if (ModelState.IsValid)
+            {
+                User = Users.UpdateUser(User);
+            }
+            return User;
+        }
+
+        // DELETE api/<controller>/5?siteid=x
+        [HttpDelete("{id}")]
+        [Authorize(Roles = Constants.AdminRole)]
+        public void Delete(int id, string siteid)
+        {
+            SiteUser siteuser = SiteUsers.GetSiteUser(id, int.Parse(siteid));
+            if (siteuser != null)
+            {
+                SiteUsers.DeleteSiteUser(siteuser.SiteUserId);
+            }
+        }
+
+        // POST api/<controller>/login
+        [HttpPost("login")]
+        public async Task<User> Login([FromBody] User User, bool SetCookie, bool IsPersistent)
+        {
+            User user = new Models.User { Username = User.Username, IsAuthenticated = false };
+
+            if (ModelState.IsValid)
+            {
+                IdentityUser identityuser = await IdentityUserManager.FindByNameAsync(User.Username);
+                if (identityuser != null)
+                {
+                    var result = await IdentitySignInManager.CheckPasswordSignInAsync(identityuser, User.Password, false);
+                    if (result.Succeeded)
+                    {
+                        user = Users.GetUser(identityuser.UserName);
+                        if (user != null)
+                        {
+                            if (!user.IsHost) // host users are part of every site by default
+                            {
+                                SiteUser siteuser = SiteUsers.GetSiteUser(User.SiteId, user.UserId);
+                                if (siteuser != null)
+                                {
+                                    user.IsAuthenticated = true;
+                                }
+                            }
+                            else
+                            {
+                                user.IsAuthenticated = true;
+                            }
+                            if (user.IsAuthenticated && SetCookie)
+                            {
+                                await IdentitySignInManager.SignInAsync(identityuser, IsPersistent);
+                            }
+                        }
+                    }
+                }
+            }
+
+            return user;
+        }
+
         // POST api/<controller>/logout
         [HttpPost("logout")]
-        public async Task Logout([FromBody] User user)
+        [Authorize]
+        public async Task Logout([FromBody] User User)
         {
-            await identitySignInManager.SignOutAsync();
+            await HttpContext.SignOutAsync(IdentityConstants.ApplicationScheme);
         }
 
         // GET api/<controller>/current
         [HttpGet("authenticate")]
         public User Authenticate()
         {
-            return new User { Username = User.Identity.Name, IsAuthenticated = User.Identity.IsAuthenticated };
+            User user = new User();
+            user.Username = User.Identity.Name;
+            user.IsAuthenticated = User.Identity.IsAuthenticated;
+            string roles = "";
+            foreach (var claim in User.Claims.Where(item => item.Type == ClaimTypes.Role))
+            {
+                roles += claim.Value + ";";
+            }
+            if (roles != "") roles = ";" + roles;
+            user.Roles = roles;
+            return user;
+        }
+
+        private string GetUserRoles(int UserId, int SiteId)
+        {
+            string roles = "";
+            IEnumerable<UserRole> userroles = UserRoles.GetUserRoles(UserId, SiteId);
+            foreach (UserRole userrole in userroles)
+            {
+                roles += userrole.Role.Name + ";";
+            }
+            if (roles != "") roles = ";" + roles;
+            return roles;
         }
     }
 }
diff --git a/Oqtane.Server/Controllers/UserRoleController.cs b/Oqtane.Server/Controllers/UserRoleController.cs
new file mode 100644
index 00000000..752adddb
--- /dev/null
+++ b/Oqtane.Server/Controllers/UserRoleController.cs
@@ -0,0 +1,73 @@
+using System.Collections.Generic;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Authorization;
+using Oqtane.Repository;
+using Oqtane.Models;
+using Oqtane.Shared;
+
+namespace Oqtane.Controllers
+{
+    [Route("{site}/api/[controller]")]
+    public class UserRoleController : Controller
+    {
+        private readonly IUserRoleRepository UserRoles;
+
+        public UserRoleController(IUserRoleRepository UserRoles)
+        {
+            this.UserRoles = UserRoles;
+        }
+
+        // GET: api/<controller>?userid=x
+        [HttpGet]
+        public IEnumerable<UserRole> Get(string userid)
+        {
+            if (userid == "")
+            {
+                return UserRoles.GetUserRoles();
+            }
+            else
+            {
+                return UserRoles.GetUserRoles(int.Parse(userid));
+            }
+        }
+        
+        // GET api/<controller>/5
+        [HttpGet("{id}")]
+        public UserRole Get(int id)
+        {
+            return UserRoles.GetUserRole(id);
+        }
+
+        // POST api/<controller>
+        [HttpPost]
+        [Authorize(Roles = Constants.AdminRole)]
+        public UserRole Post([FromBody] UserRole UserRole)
+        {
+            if (ModelState.IsValid)
+            {
+                UserRole = UserRoles.AddUserRole(UserRole);
+            }
+            return UserRole;
+        }
+
+        // PUT api/<controller>/5
+        [HttpPut("{id}")]
+        [Authorize(Roles = Constants.AdminRole)]
+        public UserRole Put(int id, [FromBody] UserRole UserRole)
+        {
+            if (ModelState.IsValid)
+            {
+                UserRole = UserRoles.UpdateUserRole(UserRole);
+            }
+            return UserRole;
+        }
+
+        // DELETE api/<controller>/5
+        [HttpDelete("{id}")]
+        [Authorize(Roles = Constants.AdminRole)]
+        public void Delete(int id)
+        {
+            UserRoles.DeleteUserRole(id);
+        }
+    }
+}
diff --git a/Oqtane.Server/Modules/HtmlText/Controllers/HtmlTextController.cs b/Oqtane.Server/Modules/HtmlText/Controllers/HtmlTextController.cs
index 36eda275..761b4f37 100644
--- a/Oqtane.Server/Modules/HtmlText/Controllers/HtmlTextController.cs
+++ b/Oqtane.Server/Modules/HtmlText/Controllers/HtmlTextController.cs
@@ -1,55 +1,72 @@
-using System.Collections.Generic;
-using Microsoft.AspNetCore.Mvc;
-using Oqtane.Shared.Modules.HtmlText.Models;
-using Oqtane.Server.Modules.HtmlText.Repository;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Authorization;
+using Oqtane.Modules.HtmlText.Models;
+using Oqtane.Modules.HtmlText.Repository;
+using Microsoft.AspNetCore.Http;
 
-namespace Oqtane.Server.Modules.HtmlText.Controllers
+namespace Oqtane.Modules.HtmlText.Controllers
 {
     [Route("{site}/api/[controller]")]
     public class HtmlTextController : Controller
     {
         private IHtmlTextRepository htmltext;
+        private int EntityId = -1; // passed as a querystring parameter for authorization and used for validation
 
-        public HtmlTextController(IHtmlTextRepository HtmlText)
+        public HtmlTextController(IHtmlTextRepository HtmlText, IHttpContextAccessor HttpContextAccessor)
         {
             htmltext = HtmlText;
-        }
-
-        // GET: api/<controller>
-        [HttpGet]
-        public IEnumerable<HtmlTextInfo> Get()
-        {
-            return htmltext.GetHtmlText();
+            if (HttpContextAccessor.HttpContext.Request.Query.ContainsKey("entityid"))
+            {
+                EntityId = int.Parse(HttpContextAccessor.HttpContext.Request.Query["entityid"]);
+            }
         }
 
         // GET api/<controller>/5
         [HttpGet("{id}")]
+        [Authorize(Policy = "ViewModule")]
         public HtmlTextInfo Get(int id)
         {
-            return htmltext.GetHtmlText(id);
+            HtmlTextInfo HtmlText = null;
+            if (EntityId == id)
+            {
+               HtmlText = htmltext.GetHtmlText(id);
+            }
+            return HtmlText;
         }
 
         // POST api/<controller>
         [HttpPost]
-        public void Post([FromBody] HtmlTextInfo HtmlText)
+        [Authorize(Policy = "EditModule")]
+        public HtmlTextInfo Post([FromBody] HtmlTextInfo HtmlText)
         {
-            if (ModelState.IsValid)
-                htmltext.AddHtmlText(HtmlText);
+            if (ModelState.IsValid && HtmlText.ModuleId == EntityId)
+            {
+                HtmlText = htmltext.AddHtmlText(HtmlText);
+            }
+            return HtmlText;
         }
 
         // PUT api/<controller>/5
         [HttpPut("{id}")]
-        public void Put(int id, [FromBody] HtmlTextInfo HtmlText)
+        [Authorize(Policy = "EditModule")]
+        public HtmlTextInfo Put(int id, [FromBody] HtmlTextInfo HtmlText)
         {
-            if (ModelState.IsValid)
-                htmltext.UpdateHtmlText(HtmlText);
+            if (ModelState.IsValid && HtmlText.ModuleId == EntityId)
+            {
+                HtmlText = htmltext.UpdateHtmlText(HtmlText);
+            }
+            return HtmlText; 
         }
 
         // DELETE api/<controller>/5
         [HttpDelete("{id}")]
+        [Authorize(Policy = "EditModule")]
         public void Delete(int id)
         {
-            htmltext.DeleteHtmlText(id);
+            if (id == EntityId)
+            {
+                htmltext.DeleteHtmlText(id);
+            }
         }
     }
 }
diff --git a/Oqtane.Server/Modules/HtmlText/Repository/HtmlTextContext.cs b/Oqtane.Server/Modules/HtmlText/Repository/HtmlTextContext.cs
index 3ec81ddd..2aa3b5b4 100644
--- a/Oqtane.Server/Modules/HtmlText/Repository/HtmlTextContext.cs
+++ b/Oqtane.Server/Modules/HtmlText/Repository/HtmlTextContext.cs
@@ -1,15 +1,16 @@
 using Microsoft.EntityFrameworkCore;
-using Oqtane.Shared.Modules.HtmlText.Models;
+using Oqtane.Modules.HtmlText.Models;
 using Oqtane.Repository;
 using Oqtane.Modules;
+using Microsoft.AspNetCore.Http;
 
-namespace Oqtane.Server.Modules.HtmlText.Repository
+namespace Oqtane.Modules.HtmlText.Repository
 {
-    public class HtmlTextContext : ContextBase, IService
+    public class HtmlTextContext : DBContextBase, IService
     {
         public virtual DbSet<HtmlTextInfo> HtmlText { get; set; }
 
-        public HtmlTextContext(ITenantResolver TenantResolver):base(TenantResolver)
+        public HtmlTextContext(ITenantResolver TenantResolver, IHttpContextAccessor accessor) : base(TenantResolver, accessor)
         {
             // ContextBase handles multi-tenant database connections
         }
diff --git a/Oqtane.Server/Modules/HtmlText/Repository/HtmlTextRepository.cs b/Oqtane.Server/Modules/HtmlText/Repository/HtmlTextRepository.cs
index ff5a8534..9cda535b 100644
--- a/Oqtane.Server/Modules/HtmlText/Repository/HtmlTextRepository.cs
+++ b/Oqtane.Server/Modules/HtmlText/Repository/HtmlTextRepository.cs
@@ -1,10 +1,10 @@
 using Microsoft.EntityFrameworkCore;
 using System.Collections.Generic;
 using System.Linq;
-using Oqtane.Shared.Modules.HtmlText.Models;
+using Oqtane.Modules.HtmlText.Models;
 using Oqtane.Modules;
 
-namespace Oqtane.Server.Modules.HtmlText.Repository
+namespace Oqtane.Modules.HtmlText.Repository
 {
     public class HtmlTextRepository : IHtmlTextRepository, IService
     {
@@ -15,11 +15,11 @@ namespace Oqtane.Server.Modules.HtmlText.Repository
             db = context;
         }
 
-        public IEnumerable<HtmlTextInfo> GetHtmlText()
+        public HtmlTextInfo GetHtmlText(int ModuleId)
         {
             try
             {
-                return db.HtmlText.ToList();
+                return db.HtmlText.Where(item => item.ModuleId == ModuleId).FirstOrDefault();
             }
             catch
             {
@@ -27,37 +27,13 @@ namespace Oqtane.Server.Modules.HtmlText.Repository
             }
         }
 
-        public void AddHtmlText(HtmlTextInfo HtmlText)
+
+        public HtmlTextInfo AddHtmlText(HtmlTextInfo HtmlText)
         {
             try
             {
                 db.HtmlText.Add(HtmlText);
                 db.SaveChanges();
-            }
-            catch
-            {
-                throw;
-            }
-        }
-
-        public void UpdateHtmlText(HtmlTextInfo HtmlText)
-        {
-            try
-            {
-                db.Entry(HtmlText).State = EntityState.Modified;
-                db.SaveChanges();
-            }
-            catch
-            {
-                throw;
-            }
-        }
-
-        public HtmlTextInfo GetHtmlText(int HtmlTextId)
-        {
-            try
-            {
-                HtmlTextInfo HtmlText = db.HtmlText.Find(HtmlTextId);
                 return HtmlText;
             }
             catch
@@ -66,11 +42,25 @@ namespace Oqtane.Server.Modules.HtmlText.Repository
             }
         }
 
-        public void DeleteHtmlText(int HtmlTextId)
+        public HtmlTextInfo UpdateHtmlText(HtmlTextInfo HtmlText)
         {
             try
             {
-                HtmlTextInfo HtmlText = db.HtmlText.Find(HtmlTextId);
+                db.Entry(HtmlText).State = EntityState.Modified;
+                db.SaveChanges();
+                return HtmlText;
+            }
+            catch
+            {
+                throw;
+            }
+        }
+
+        public void DeleteHtmlText(int ModuleId)
+        {
+            try
+            {
+                HtmlTextInfo HtmlText = db.HtmlText.Where(item => item.ModuleId == ModuleId).FirstOrDefault();
                 db.HtmlText.Remove(HtmlText);
                 db.SaveChanges();
             }
diff --git a/Oqtane.Server/Modules/HtmlText/Repository/IHtmlTextRepository.cs b/Oqtane.Server/Modules/HtmlText/Repository/IHtmlTextRepository.cs
index 6afc00c2..33e368c4 100644
--- a/Oqtane.Server/Modules/HtmlText/Repository/IHtmlTextRepository.cs
+++ b/Oqtane.Server/Modules/HtmlText/Repository/IHtmlTextRepository.cs
@@ -1,14 +1,13 @@
 using System.Collections.Generic;
-using Oqtane.Shared.Modules.HtmlText.Models;
+using Oqtane.Modules.HtmlText.Models;
 
-namespace Oqtane.Server.Modules.HtmlText.Repository
+namespace Oqtane.Modules.HtmlText.Repository
 {
     public interface IHtmlTextRepository
     {
-        IEnumerable<HtmlTextInfo> GetHtmlText();
-        void AddHtmlText(HtmlTextInfo HtmlText);
-        void UpdateHtmlText(HtmlTextInfo HtmlText);
-        HtmlTextInfo GetHtmlText(int HtmlTextIdId);
-        void DeleteHtmlText(int HtmlTextId);
+        HtmlTextInfo GetHtmlText(int ModuleId);
+        HtmlTextInfo AddHtmlText(HtmlTextInfo HtmlText);
+        HtmlTextInfo UpdateHtmlText(HtmlTextInfo HtmlText);
+        void DeleteHtmlText(int ModuleId);
     }
 }
diff --git a/Oqtane.Server/Modules/MVCModuleExtension.cs b/Oqtane.Server/Modules/MVCModuleExtension.cs
new file mode 100644
index 00000000..fdbaec4a
--- /dev/null
+++ b/Oqtane.Server/Modules/MVCModuleExtension.cs
@@ -0,0 +1,30 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Reflection;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.ApplicationParts;
+
+namespace Microsoft.Extensions.DependencyInjection
+{
+    public static class MvcModuleExtensions
+    {
+        public static IMvcBuilder AddModuleAssemblies(this IMvcBuilder mvcBuilder, List<Assembly> assemblies)
+        {
+            // load MVC application parts from module assemblies
+            foreach (Assembly assembly in assemblies)
+            {
+                // check if assembly contains MVC Controllers
+                if (assembly.GetTypes().Where(item => item.IsSubclassOf(typeof(Controller))).ToArray().Length > 0)
+                {
+                    var partFactory = ApplicationPartFactory.GetApplicationPartFactory(assembly);
+                    foreach (var part in partFactory.GetApplicationParts(assembly))
+                    {
+                        mvcBuilder.PartManager.ApplicationParts.Add(part);
+                    }
+                }
+            }
+            return mvcBuilder;
+        }
+    }
+}
\ No newline at end of file
diff --git a/Oqtane.Server/Oqtane.Server.csproj b/Oqtane.Server/Oqtane.Server.csproj
index efb5ecaf..540d0f80 100644
--- a/Oqtane.Server/Oqtane.Server.csproj
+++ b/Oqtane.Server/Oqtane.Server.csproj
@@ -26,23 +26,24 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <None Remove="Scripts\Identity.sql" />
+    <None Remove="Scripts\00.00.01.sql" />
     <None Remove="Scripts\Master.sql" />
   </ItemGroup>
 
   <ItemGroup>
     <Content Include="Scripts\Master.sql" />
-    <EmbeddedResource Include="Scripts\Identity.sql" />
-    <EmbeddedResource Include="Scripts\Tenant.sql" />
+    <EmbeddedResource Include="Scripts\00.00.01.sql" />
+    <EmbeddedResource Include="Scripts\00.00.00.sql" />
   </ItemGroup>
 
   <ItemGroup>
     <PackageReference Include="dbup" Version="4.2.0" />
-    <PackageReference Include="Microsoft.AspNetCore.Blazor.Server" Version="3.0.0-preview6.19307.2" />
-    <PackageReference Include="Microsoft.AspNetCore.Mvc.NewtonsoftJson" Version="3.0.0-preview6.19307.2" />
-    <PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="3.0.0-preview6.19307.2" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore" Version="3.0.0-preview6.19304.10" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="3.0.0-preview6.19304.10" />
+    <PackageReference Include="Microsoft.AspNetCore.Blazor.Server" Version="3.0.0-preview8.19405.7" />
+    <PackageReference Include="Microsoft.AspNetCore.Mvc.NewtonsoftJson" Version="3.0.0-preview8.19405.7" />
+    <PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="3.0.0-preview8.19405.7" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore" Version="3.0.0-preview8.19405.11" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="3.0.0-preview8.19405.11" />
+    <PackageReference Include="Swashbuckle.AspNetCore" Version="5.0.0-rc2" />
   </ItemGroup>
 
   <ItemGroup>
diff --git a/Oqtane.Server/Pages/Login.cshtml.cs b/Oqtane.Server/Pages/Login.cshtml.cs
index ed88df50..4c08b1d5 100644
--- a/Oqtane.Server/Pages/Login.cshtml.cs
+++ b/Oqtane.Server/Pages/Login.cshtml.cs
@@ -1,8 +1,4 @@
-using System;
-using System.Collections.Generic;
-using System.Security.Claims;
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Authentication;
+using System.Threading.Tasks;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
@@ -14,24 +10,22 @@ namespace Oqtane.Pages
     public class LoginModel : PageModel
     {
 
-        private readonly UserManager<IdentityUser> identityUserManager;
-        private readonly SignInManager<IdentityUser> identitySignInManager;
+        private readonly UserManager<IdentityUser> IdentityUserManager;
+        private readonly SignInManager<IdentityUser> IdentitySignInManager;
 
         public LoginModel(UserManager<IdentityUser> IdentityUserManager, SignInManager<IdentityUser> IdentitySignInManager)
         {
-            identityUserManager = IdentityUserManager;
-            identitySignInManager = IdentitySignInManager;
+            this.IdentityUserManager = IdentityUserManager;
+            this.IdentitySignInManager = IdentitySignInManager;
         }
 
         public async Task<IActionResult> OnPostAsync(string username, string password, bool remember, string returnurl)
         {
-            await HttpContext.SignOutAsync(IdentityConstants.ApplicationScheme);
-
             bool validuser = false;
-            IdentityUser identityuser = await identityUserManager.FindByNameAsync(username);
+            IdentityUser identityuser = await IdentityUserManager.FindByNameAsync(username);
             if (identityuser != null)
             {
-                var result = await identitySignInManager.CheckPasswordSignInAsync(identityuser, password, false);
+                var result = await IdentitySignInManager.CheckPasswordSignInAsync(identityuser, password, false);
                 if (result.Succeeded)
                 {
                     validuser = true;
@@ -40,13 +34,10 @@ namespace Oqtane.Pages
 
             if (validuser)
             {
-                var claims = new List<Claim>{ new Claim(ClaimTypes.Name, username) };
-                var claimsIdentity = new ClaimsIdentity(claims, IdentityConstants.ApplicationScheme);
-                var authProperties = new AuthenticationProperties{IsPersistent = remember};
-                await HttpContext.SignInAsync(IdentityConstants.ApplicationScheme, new ClaimsPrincipal(claimsIdentity), authProperties);
+                await IdentitySignInManager.SignInAsync(identityuser, remember);
             }
 
-            return LocalRedirect(Url.Content("~/" + returnurl));
+            return LocalRedirect(Url.Content("~" + returnurl));
         }
     }
 }
\ No newline at end of file
diff --git a/Oqtane.Server/Pages/Logout.cshtml.cs b/Oqtane.Server/Pages/Logout.cshtml.cs
index f66575c4..e4629619 100644
--- a/Oqtane.Server/Pages/Logout.cshtml.cs
+++ b/Oqtane.Server/Pages/Logout.cshtml.cs
@@ -1,26 +1,20 @@
-using System;
-using System.Collections.Generic;
-using System.Security.Claims;
-using System.Threading.Tasks;
+using System.Threading.Tasks;
 using Microsoft.AspNetCore.Authentication;
-using Microsoft.AspNetCore.Authentication.Cookies;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.RazorPages;
-using Oqtane.Models;
 
 namespace Oqtane.Pages
 {
-    [IgnoreAntiforgeryToken(Order = 1001)]
     [AllowAnonymous]
     public class LogoutModel : PageModel
     {
-        public async Task<IActionResult> OnPostAsync()
+        public async Task<IActionResult> OnPostAsync(string returnurl)
         {
             await HttpContext.SignOutAsync(IdentityConstants.ApplicationScheme);
 
-            return LocalRedirect(Url.Content("~/"));
+            return LocalRedirect(Url.Content("~" + returnurl));
         }
     }
 }
\ No newline at end of file
diff --git a/Oqtane.Server/Repository/AliasRepository.cs b/Oqtane.Server/Repository/AliasRepository.cs
index ca9f3059..e8fd87b9 100644
--- a/Oqtane.Server/Repository/AliasRepository.cs
+++ b/Oqtane.Server/Repository/AliasRepository.cs
@@ -9,10 +9,10 @@ namespace Oqtane.Repository
 {
     public class AliasRepository : IAliasRepository
     {
-        private MasterContext db;
+        private MasterDBContext db;
         private readonly IMemoryCache _cache;
 
-        public AliasRepository(MasterContext context, IMemoryCache cache)
+        public AliasRepository(MasterDBContext context, IMemoryCache cache)
         {
             db = context;
             _cache = cache;
@@ -20,72 +20,37 @@ namespace Oqtane.Repository
 
         public IEnumerable<Alias> GetAliases()
         {
-            try
+            return _cache.GetOrCreate("aliases", entry =>
             {
-                IEnumerable<Alias> aliases = _cache.GetOrCreate("aliases", entry =>
-                {
-                    entry.SlidingExpiration = TimeSpan.FromMinutes(30);
-                    return db.Alias.ToList();
-                });
-                return aliases;
-            }
-            catch
-            {
-                throw;
-            }
+                entry.SlidingExpiration = TimeSpan.FromMinutes(30);
+                return db.Alias.ToList();
+            });
         }
 
-        public void AddAlias(Alias alias)
+        public Alias AddAlias(Alias Alias)
         {
-            try
-            {
-                db.Alias.Add(alias);
-                db.SaveChanges();
-            }
-            catch
-            {
-                throw;
-            }
+            db.Alias.Add(Alias);
+            db.SaveChanges();
+            return Alias;
         }
 
-        public void UpdateAlias(Alias alias)
+        public Alias UpdateAlias(Alias Alias)
         {
-            try
-            {
-                db.Entry(alias).State = EntityState.Modified;
-                db.SaveChanges();
-            }
-            catch
-            {
-                throw;
-            }
+            db.Entry(Alias).State = EntityState.Modified;
+            db.SaveChanges();
+            return Alias;
         }
 
-        public Alias GetAlias(int aliasId)
+        public Alias GetAlias(int AliasId)
         {
-            try
-            {
-                Alias alias = db.Alias.Find(aliasId);
-                return alias;
-            }
-            catch
-            {
-                throw;
-            }
+            return db.Alias.Find(AliasId);
         }
 
-        public void DeleteAlias(int aliasId)
+        public void DeleteAlias(int AliasId)
         {
-            try
-            {
-                Alias alias = db.Alias.Find(aliasId);
-                db.Alias.Remove(alias);
-                db.SaveChanges();
-            }
-            catch
-            {
-                throw;
-            }
+            Alias alias = db.Alias.Find(AliasId);
+            db.Alias.Remove(alias);
+            db.SaveChanges();
         }
     }
 }
diff --git a/Oqtane.Server/Repository/Context/DBContextBase.cs b/Oqtane.Server/Repository/Context/DBContextBase.cs
new file mode 100644
index 00000000..0b12b6d7
--- /dev/null
+++ b/Oqtane.Server/Repository/Context/DBContextBase.cs
@@ -0,0 +1,78 @@
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Identity.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore;
+using Oqtane.Models;
+using System;
+using System.Linq;
+
+namespace Oqtane.Repository
+{
+    public class DBContextBase :  IdentityUserContext<IdentityUser> 
+    {
+        private Tenant tenant;
+        private IHttpContextAccessor accessor;
+
+        public DBContextBase(ITenantResolver TenantResolver, IHttpContextAccessor accessor)
+        {
+            tenant = TenantResolver.GetTenant();
+            this.accessor = accessor;
+        }
+
+        protected override void OnConfiguring(DbContextOptionsBuilder optionsBuilder)
+        {
+            optionsBuilder.UseSqlServer(tenant.DBConnectionString
+                    .Replace("|DataDirectory|", AppDomain.CurrentDomain.GetData("DataDirectory").ToString())
+            );
+            base.OnConfiguring(optionsBuilder);
+        }
+
+        protected override void OnModelCreating(ModelBuilder modelBuilder)
+        {
+            base.OnModelCreating(modelBuilder);
+
+            if (tenant.DBSchema != "")
+            {
+                modelBuilder.HasDefaultSchema(tenant.DBSchema);
+            }
+        }
+
+        public override int SaveChanges()
+        {
+            ChangeTracker.DetectChanges();
+
+            string username = "";
+            if (accessor.HttpContext.User.Identity.Name != null)
+            {
+                username = accessor.HttpContext.User.Identity.Name;
+            }
+            DateTime date = DateTime.Now;
+
+            var created = ChangeTracker.Entries()
+                .Where(x => x.State == EntityState.Added);
+
+            foreach(var item in created)
+            {
+                if (item.Entity is IAuditable entity)
+                {
+                    item.CurrentValues[nameof(IAuditable.CreatedBy)] = username;
+                    item.CurrentValues[nameof(IAuditable.CreatedOn)] = date;
+                }
+            }
+
+            var modified = ChangeTracker.Entries()
+                .Where(x => x.State == EntityState.Modified || x.State == EntityState.Added);
+
+            foreach (var item in modified)
+            {
+                if (item.Entity is IAuditable entity)
+                {
+                    item.CurrentValues[nameof(IAuditable.ModifiedBy)] = username;
+                    item.CurrentValues[nameof(IAuditable.ModifiedOn)] = date;
+                }
+            }
+
+            return base.SaveChanges();
+        }
+    }
+}
diff --git a/Oqtane.Server/Repository/Context/MasterDBContext.cs b/Oqtane.Server/Repository/Context/MasterDBContext.cs
new file mode 100644
index 00000000..0cc802a6
--- /dev/null
+++ b/Oqtane.Server/Repository/Context/MasterDBContext.cs
@@ -0,0 +1,59 @@
+using Microsoft.AspNetCore.Http;
+using Microsoft.EntityFrameworkCore;
+using Oqtane.Models;
+using System;
+using System.Linq;
+
+namespace Oqtane.Repository
+{
+    public class MasterDBContext : DbContext
+    {
+        private IHttpContextAccessor accessor;
+
+        public MasterDBContext(DbContextOptions<MasterDBContext> options, IHttpContextAccessor accessor) : base(options)
+        {
+            this.accessor = accessor;
+        }
+
+        public virtual DbSet<Alias> Alias { get; set; }
+        public virtual DbSet<Tenant> Tenant { get; set; }
+
+        public override int SaveChanges()
+        {
+            ChangeTracker.DetectChanges();
+
+            string username = "";
+            if (accessor.HttpContext.User.Identity.Name != null)
+            {
+                username = accessor.HttpContext.User.Identity.Name;
+            }
+            DateTime date = DateTime.Now;
+
+            var created = ChangeTracker.Entries()
+                .Where(x => x.State == EntityState.Added);
+
+            foreach (var item in created)
+            {
+                if (item.Entity is IAuditable entity)
+                {
+                    item.CurrentValues[nameof(IAuditable.CreatedBy)] = username;
+                    item.CurrentValues[nameof(IAuditable.CreatedOn)] = date;
+                }
+            }
+
+            var modified = ChangeTracker.Entries()
+                .Where(x => x.State == EntityState.Modified || x.State == EntityState.Added);
+
+            foreach (var item in modified)
+            {
+                if (item.Entity is IAuditable entity)
+                {
+                    item.CurrentValues[nameof(IAuditable.ModifiedBy)] = username;
+                    item.CurrentValues[nameof(IAuditable.ModifiedOn)] = date;
+                }
+            }
+
+            return base.SaveChanges();
+        }
+    }
+}
diff --git a/Oqtane.Server/Repository/Context/TenantDBContext.cs b/Oqtane.Server/Repository/Context/TenantDBContext.cs
new file mode 100644
index 00000000..6cf6a7b9
--- /dev/null
+++ b/Oqtane.Server/Repository/Context/TenantDBContext.cs
@@ -0,0 +1,27 @@
+using Microsoft.AspNetCore.Http;
+using Microsoft.EntityFrameworkCore;
+using Oqtane.Models;
+
+namespace Oqtane.Repository
+{
+    public class TenantDBContext : DBContextBase
+    {
+        public virtual DbSet<Site> Site { get; set; }
+        public virtual DbSet<Page> Page { get; set; }
+        public virtual DbSet<PageModule> PageModule { get; set; }
+        public virtual DbSet<Module> Module { get; set; }
+        public virtual DbSet<User> User { get; set; }
+        public virtual DbSet<Profile> Profile { get; set; }
+        public virtual DbSet<SiteUser> SiteUser { get; set; }
+        public virtual DbSet<Role> Role { get; set; }
+        public virtual DbSet<UserRole> UserRole { get; set; }
+        public virtual DbSet<Permission> Permission { get; set; }
+        public virtual DbSet<Setting> Setting { get; set; }
+
+        public TenantDBContext(ITenantResolver TenantResolver, IHttpContextAccessor accessor) : base(TenantResolver, accessor)
+        {
+            // ContextBase handles multi-tenant database connections
+        }
+
+    }
+}
diff --git a/Oqtane.Server/Repository/ContextBase.cs b/Oqtane.Server/Repository/ContextBase.cs
deleted file mode 100644
index bc1f475f..00000000
--- a/Oqtane.Server/Repository/ContextBase.cs
+++ /dev/null
@@ -1,33 +0,0 @@
-using Microsoft.EntityFrameworkCore;
-using Oqtane.Models;
-using System;
-
-namespace Oqtane.Repository
-{
-    public class ContextBase : DbContext
-    {
-        private Tenant tenant;
-
-        public ContextBase(ITenantResolver TenantResolver)
-        {
-            tenant = TenantResolver.GetTenant();
-        }
-
-        protected override void OnConfiguring(DbContextOptionsBuilder optionsBuilder)
-        {
-            optionsBuilder.UseSqlServer(tenant.DBConnectionString
-                    .Replace("|DataDirectory|", AppDomain.CurrentDomain.GetData("DataDirectory").ToString())
-            );
-            base.OnConfiguring(optionsBuilder);
-        }
-
-        protected override void OnModelCreating(ModelBuilder modelBuilder)
-        {
-            if (tenant.DBSchema != "")
-            {
-                modelBuilder.HasDefaultSchema(tenant.DBSchema);
-            }
-            base.OnModelCreating(modelBuilder);
-        }
-    }
-}
diff --git a/Oqtane.Server/Repository/IAliasRepository.cs b/Oqtane.Server/Repository/Interfaces/IAliasRepository.cs
similarity index 54%
rename from Oqtane.Server/Repository/IAliasRepository.cs
rename to Oqtane.Server/Repository/Interfaces/IAliasRepository.cs
index 4bc56f7b..3ab61f13 100644
--- a/Oqtane.Server/Repository/IAliasRepository.cs
+++ b/Oqtane.Server/Repository/Interfaces/IAliasRepository.cs
@@ -6,9 +6,9 @@ namespace Oqtane.Repository
     public interface IAliasRepository
     {
         IEnumerable<Alias> GetAliases();
-        void AddAlias(Alias alias);
-        void UpdateAlias(Alias alias);
-        Alias GetAlias(int aliasId);
-        void DeleteAlias(int aliasId);
+        Alias AddAlias(Alias Alias);
+        Alias UpdateAlias(Alias Alias);
+        Alias GetAlias(int AliasId);
+        void DeleteAlias(int AliasId);
     }
 }
diff --git a/Oqtane.Server/Repository/IModuleDefinitionRepository.cs b/Oqtane.Server/Repository/Interfaces/IModuleDefinitionRepository.cs
similarity index 100%
rename from Oqtane.Server/Repository/IModuleDefinitionRepository.cs
rename to Oqtane.Server/Repository/Interfaces/IModuleDefinitionRepository.cs
diff --git a/Oqtane.Server/Repository/IModuleRepository.cs b/Oqtane.Server/Repository/Interfaces/IModuleRepository.cs
similarity index 80%
rename from Oqtane.Server/Repository/IModuleRepository.cs
rename to Oqtane.Server/Repository/Interfaces/IModuleRepository.cs
index 5fd6e321..9e9cde33 100644
--- a/Oqtane.Server/Repository/IModuleRepository.cs
+++ b/Oqtane.Server/Repository/Interfaces/IModuleRepository.cs
@@ -7,8 +7,8 @@ namespace Oqtane.Repository
     {
         IEnumerable<Module> GetModules();
         IEnumerable<Module> GetModules(int SiteId, string ModuleDefinitionName);
-        void AddModule(Module Module);
-        void UpdateModule(Module Module);
+        Module AddModule(Module Module);
+        Module UpdateModule(Module Module);
         Module GetModule(int ModuleId);
         void DeleteModule(int ModuleId);
     }
diff --git a/Oqtane.Server/Repository/IPageModuleRepository.cs b/Oqtane.Server/Repository/Interfaces/IPageModuleRepository.cs
similarity index 75%
rename from Oqtane.Server/Repository/IPageModuleRepository.cs
rename to Oqtane.Server/Repository/Interfaces/IPageModuleRepository.cs
index 4b00f98f..a1fccef8 100644
--- a/Oqtane.Server/Repository/IPageModuleRepository.cs
+++ b/Oqtane.Server/Repository/Interfaces/IPageModuleRepository.cs
@@ -7,8 +7,8 @@ namespace Oqtane.Repository
     {
         IEnumerable<PageModule> GetPageModules();
         IEnumerable<PageModule> GetPageModules(int PageId);
-        void AddPageModule(PageModule PageModule);
-        void UpdatePageModule(PageModule PageModule);
+        PageModule AddPageModule(PageModule PageModule);
+        PageModule UpdatePageModule(PageModule PageModule);
         PageModule GetPageModule(int PageModuleId);
         void DeletePageModule(int PageModuleId);
     }
diff --git a/Oqtane.Server/Repository/IPageRepository.cs b/Oqtane.Server/Repository/Interfaces/IPageRepository.cs
similarity index 81%
rename from Oqtane.Server/Repository/IPageRepository.cs
rename to Oqtane.Server/Repository/Interfaces/IPageRepository.cs
index 128810c8..cb479e98 100644
--- a/Oqtane.Server/Repository/IPageRepository.cs
+++ b/Oqtane.Server/Repository/Interfaces/IPageRepository.cs
@@ -7,8 +7,8 @@ namespace Oqtane.Repository
     {
         IEnumerable<Page> GetPages();
         IEnumerable<Page> GetPages(int SiteId);
-        void AddPage(Page Page);
-        void UpdatePage(Page Page);
+        Page AddPage(Page Page);
+        Page UpdatePage(Page Page);
         Page GetPage(int PageId);
         void DeletePage(int PageId);
     }
diff --git a/Oqtane.Server/Repository/Interfaces/IPermissionRepository.cs b/Oqtane.Server/Repository/Interfaces/IPermissionRepository.cs
new file mode 100644
index 00000000..4b4b01c5
--- /dev/null
+++ b/Oqtane.Server/Repository/Interfaces/IPermissionRepository.cs
@@ -0,0 +1,19 @@
+using System.Collections.Generic;
+using Oqtane.Models;
+
+namespace Oqtane.Repository
+{
+    public interface IPermissionRepository
+    {
+        IEnumerable<Permission> GetPermissions(int SiteId, string EntityName);
+        IEnumerable<Permission> GetPermissions(string EntityName, int EntityId);
+        IEnumerable<Permission> GetPermissions(string EntityName, int EntityId, string PermissionName);
+        Permission AddPermission(Permission Permission);
+        Permission UpdatePermission(Permission Permission);
+        void UpdatePermissions(int SiteId, string EntityName, int EntityId, string Permissions);
+        Permission GetPermission(int PermissionId);
+        void DeletePermission(int PermissionId);
+        string EncodePermissions(int EntityId, IEnumerable<Permission> Permissions);
+        IEnumerable<Permission> DecodePermissions(string Permissions, int SiteId, string EntityName, int EntityId);
+     }
+}
diff --git a/Oqtane.Server/Repository/Interfaces/IProfileRepository.cs b/Oqtane.Server/Repository/Interfaces/IProfileRepository.cs
new file mode 100644
index 00000000..51f4c142
--- /dev/null
+++ b/Oqtane.Server/Repository/Interfaces/IProfileRepository.cs
@@ -0,0 +1,15 @@
+using System.Collections.Generic;
+using Oqtane.Models;
+
+namespace Oqtane.Repository
+{
+    public interface IProfileRepository
+    {
+        IEnumerable<Profile> GetProfiles();
+        IEnumerable<Profile> GetProfiles(int SiteId);
+        Profile AddProfile(Profile Profile);
+        Profile UpdateProfile(Profile Profile);
+        Profile GetProfile(int ProfileId);
+        void DeleteProfile(int ProfileId);
+    }
+}
diff --git a/Oqtane.Server/Repository/Interfaces/IRoleRepository.cs b/Oqtane.Server/Repository/Interfaces/IRoleRepository.cs
new file mode 100644
index 00000000..a83d7194
--- /dev/null
+++ b/Oqtane.Server/Repository/Interfaces/IRoleRepository.cs
@@ -0,0 +1,16 @@
+using System.Collections.Generic;
+using Oqtane.Models;
+
+namespace Oqtane.Repository
+{
+    public interface IRoleRepository
+    {
+        IEnumerable<Role> GetRoles();
+        IEnumerable<Role> GetRoles(int SiteId);
+        IEnumerable<Role> GetRoles(int SiteId, bool IncludeGlobalRoles);
+        Role AddRole(Role Role);
+        Role UpdateRole(Role Role);
+        Role GetRole(int RoleId);
+        void DeleteRole(int RoleId);
+    }
+}
diff --git a/Oqtane.Server/Repository/Interfaces/ISettingRepository.cs b/Oqtane.Server/Repository/Interfaces/ISettingRepository.cs
new file mode 100644
index 00000000..0ffad860
--- /dev/null
+++ b/Oqtane.Server/Repository/Interfaces/ISettingRepository.cs
@@ -0,0 +1,14 @@
+using System.Collections.Generic;
+using Oqtane.Models;
+
+namespace Oqtane.Repository
+{
+    public interface ISettingRepository
+    {
+        IEnumerable<Setting> GetSettings(string EntityName, int EntityId);
+        Setting AddSetting(Setting Setting);
+        Setting UpdateSetting(Setting Setting);
+        Setting GetSetting(int SettingId);
+        void DeleteSetting(int SettingId);
+    }
+}
diff --git a/Oqtane.Server/Repository/ISiteRepository.cs b/Oqtane.Server/Repository/Interfaces/ISiteRepository.cs
similarity index 55%
rename from Oqtane.Server/Repository/ISiteRepository.cs
rename to Oqtane.Server/Repository/Interfaces/ISiteRepository.cs
index a032c580..65cf9aff 100644
--- a/Oqtane.Server/Repository/ISiteRepository.cs
+++ b/Oqtane.Server/Repository/Interfaces/ISiteRepository.cs
@@ -6,9 +6,9 @@ namespace Oqtane.Repository
     public interface ISiteRepository
     {
         IEnumerable<Site> GetSites();
-        void AddSite(Site site);
-        void UpdateSite(Site site);
-        Site GetSite(int siteId);
-        void DeleteSite(int siteId);
+        Site AddSite(Site Site);
+        Site UpdateSite(Site Site);
+        Site GetSite(int SiteId);
+        void DeleteSite(int SiteId);
     }
 }
diff --git a/Oqtane.Server/Repository/Interfaces/ISiteUserRepository.cs b/Oqtane.Server/Repository/Interfaces/ISiteUserRepository.cs
new file mode 100644
index 00000000..67beb7d2
--- /dev/null
+++ b/Oqtane.Server/Repository/Interfaces/ISiteUserRepository.cs
@@ -0,0 +1,16 @@
+using System.Collections.Generic;
+using Oqtane.Models;
+
+namespace Oqtane.Repository
+{
+    public interface ISiteUserRepository
+    {
+        IEnumerable<SiteUser> GetSiteUsers();
+        IEnumerable<SiteUser> GetSiteUsers(int SiteId);
+        SiteUser AddSiteUser(SiteUser SiteUser);
+        SiteUser UpdateSiteUser(SiteUser SiteUser);
+        SiteUser GetSiteUser(int SiteUserId);
+        SiteUser GetSiteUser(int SiteId, int UserId);
+        void DeleteSiteUser(int SiteUserId);
+    }
+}
diff --git a/Oqtane.Server/Repository/ITenantRepository.cs b/Oqtane.Server/Repository/Interfaces/ITenantRepository.cs
similarity index 52%
rename from Oqtane.Server/Repository/ITenantRepository.cs
rename to Oqtane.Server/Repository/Interfaces/ITenantRepository.cs
index df9181f6..17a8b1d0 100644
--- a/Oqtane.Server/Repository/ITenantRepository.cs
+++ b/Oqtane.Server/Repository/Interfaces/ITenantRepository.cs
@@ -6,9 +6,9 @@ namespace Oqtane.Repository
     public interface ITenantRepository
     {
         IEnumerable<Tenant> GetTenants();
-        void AddTenant(Tenant tenant);
-        void UpdateTenant(Tenant tenant);
-        Tenant GetTenant(int tenantId);
-        void DeleteTenant(int tenantId);
+        Tenant AddTenant(Tenant Tenant);
+        Tenant UpdateTenant(Tenant Tenant);
+        Tenant GetTenant(int TenantId);
+        void DeleteTenant(int TenantId);
     }
 }
diff --git a/Oqtane.Server/Repository/ITenantResolver.cs b/Oqtane.Server/Repository/Interfaces/ITenantResolver.cs
similarity index 83%
rename from Oqtane.Server/Repository/ITenantResolver.cs
rename to Oqtane.Server/Repository/Interfaces/ITenantResolver.cs
index e665d76c..95e916f7 100644
--- a/Oqtane.Server/Repository/ITenantResolver.cs
+++ b/Oqtane.Server/Repository/Interfaces/ITenantResolver.cs
@@ -4,6 +4,7 @@ namespace Oqtane.Repository
 {
     public interface ITenantResolver
     {
+        Alias GetAlias();
         Tenant GetTenant();
     }
 }
diff --git a/Oqtane.Server/Repository/IThemeRepository.cs b/Oqtane.Server/Repository/Interfaces/IThemeRepository.cs
similarity index 100%
rename from Oqtane.Server/Repository/IThemeRepository.cs
rename to Oqtane.Server/Repository/Interfaces/IThemeRepository.cs
diff --git a/Oqtane.Server/Repository/IUserRepository.cs b/Oqtane.Server/Repository/Interfaces/IUserRepository.cs
similarity index 80%
rename from Oqtane.Server/Repository/IUserRepository.cs
rename to Oqtane.Server/Repository/Interfaces/IUserRepository.cs
index 05ede0ad..63757b49 100644
--- a/Oqtane.Server/Repository/IUserRepository.cs
+++ b/Oqtane.Server/Repository/Interfaces/IUserRepository.cs
@@ -6,8 +6,8 @@ namespace Oqtane.Repository
     public interface IUserRepository
     {
         IEnumerable<User> GetUsers();
-        void AddUser(User User);
-        void UpdateUser(User User);
+        User AddUser(User User);
+        User UpdateUser(User User);
         User GetUser(int UserId);
         User GetUser(string Username);
         void DeleteUser(int UserId);
diff --git a/Oqtane.Server/Repository/Interfaces/IUserRoleRepository.cs b/Oqtane.Server/Repository/Interfaces/IUserRoleRepository.cs
new file mode 100644
index 00000000..d2141a13
--- /dev/null
+++ b/Oqtane.Server/Repository/Interfaces/IUserRoleRepository.cs
@@ -0,0 +1,16 @@
+using System.Collections.Generic;
+using Oqtane.Models;
+
+namespace Oqtane.Repository
+{
+    public interface IUserRoleRepository
+    {
+        IEnumerable<UserRole> GetUserRoles();
+        IEnumerable<UserRole> GetUserRoles(int UserId);
+        IEnumerable<UserRole> GetUserRoles(int UserId, int SiteId);
+        UserRole AddUserRole(UserRole UserRole);
+        UserRole UpdateUserRole(UserRole UserRole);
+        UserRole GetUserRole(int UserRoleId);
+        void DeleteUserRole(int UserRoleId);
+    }
+}
diff --git a/Oqtane.Server/Repository/MasterContext.cs b/Oqtane.Server/Repository/MasterContext.cs
deleted file mode 100644
index 21dca1dd..00000000
--- a/Oqtane.Server/Repository/MasterContext.cs
+++ /dev/null
@@ -1,13 +0,0 @@
-using Microsoft.EntityFrameworkCore;
-using Oqtane.Models;
-
-namespace Oqtane.Repository
-{
-    public class MasterContext : DbContext
-    {
-        public MasterContext(DbContextOptions<MasterContext> options) : base(options) { }
-
-        public virtual DbSet<Alias> Alias { get; set; }
-        public virtual DbSet<Tenant> Tenant { get; set; }
-    }
-}
diff --git a/Oqtane.Server/Repository/ModuleDefinitionRepository.cs b/Oqtane.Server/Repository/ModuleDefinitionRepository.cs
index a16572fe..b02bee82 100644
--- a/Oqtane.Server/Repository/ModuleDefinitionRepository.cs
+++ b/Oqtane.Server/Repository/ModuleDefinitionRepository.cs
@@ -10,27 +10,26 @@ namespace Oqtane.Repository
 {
     public class ModuleDefinitionRepository : IModuleDefinitionRepository
     {
-        private readonly List<ModuleDefinition> moduledefinitions;
+        private readonly List<ModuleDefinition> ModuleDefinitions;
 
         public ModuleDefinitionRepository()
         {
-            moduledefinitions = LoadModuleDefinitions();
+            ModuleDefinitions = LoadModuleDefinitions();
         }
 
         private List<ModuleDefinition> LoadModuleDefinitions()
         {
-            List<ModuleDefinition> moduledefinitions = new List<ModuleDefinition>();
+            List<ModuleDefinition> ModuleDefinitions = new List<ModuleDefinition>();
 
             // iterate through Oqtane module assemblies
-            foreach (Assembly assembly in AppDomain.CurrentDomain.GetAssemblies())
+            Assembly[] assemblies = AppDomain.CurrentDomain.GetAssemblies()
+                .Where(item => item.FullName.StartsWith("Oqtane.") || item.FullName.Contains(".Module.")).ToArray();
+            foreach (Assembly assembly in assemblies)
             {
-                if (assembly.FullName.StartsWith("Oqtane.Client") || assembly.FullName.StartsWith("Oqtane.Module."))
-                {
-                    moduledefinitions = LoadModuleDefinitionsFromAssembly(moduledefinitions, assembly);
-                }
+                ModuleDefinitions = LoadModuleDefinitionsFromAssembly(ModuleDefinitions, assembly);
             }
 
-            return moduledefinitions;
+            return ModuleDefinitions;
         }
 
         private List<ModuleDefinition> LoadModuleDefinitionsFromAssembly(List<ModuleDefinition> moduledefinitions, Assembly assembly)
@@ -52,24 +51,26 @@ namespace Oqtane.Repository
                     {
                         /// determine if this module implements IModule
                         Type moduletype = assembly.GetTypes()
-                            .Where(item => item.Namespace != null)
-                            .Where(item => item.Namespace.StartsWith(ModuleType))
-                            .Where(item => item.GetInterfaces().Contains(typeof(IModule)))
-                            .FirstOrDefault();
+                        .Where(item => item.Namespace != null)
+                        .Where(item => item.Namespace.StartsWith(ModuleType))
+                        .Where(item => item.GetInterfaces().Contains(typeof(IModule)))
+                        .FirstOrDefault();
                         if (moduletype != null)
                         {
                             var moduleobject = Activator.CreateInstance(moduletype);
+                            Dictionary<string, string> properties = (Dictionary<string, string>)moduletype.GetProperty("Properties").GetValue(moduleobject);
                             moduledefinition = new ModuleDefinition
                             {
                                 ModuleDefinitionName = QualifiedModuleType,
-                                Name = (string)moduletype.GetProperty("Name").GetValue(moduleobject),
-                                Description = (string)moduletype.GetProperty("Description").GetValue(moduleobject),
-                                Version = (string)moduletype.GetProperty("Version").GetValue(moduleobject),
-                                Owner = (string)moduletype.GetProperty("Owner").GetValue(moduleobject),
-                                Url = (string)moduletype.GetProperty("Url").GetValue(moduleobject),
-                                Contact = (string)moduletype.GetProperty("Contact").GetValue(moduleobject),
-                                License = (string)moduletype.GetProperty("License").GetValue(moduleobject),
-                                Dependencies = (string)moduletype.GetProperty("Dependencies").GetValue(moduleobject),
+                                Name = GetProperty(properties, "Name"),
+                                Description = GetProperty(properties, "Description"),
+                                Version = GetProperty(properties, "Version"),
+                                Owner = GetProperty(properties, "Owner"),
+                                Url = GetProperty(properties, "Url"),
+                                Contact = GetProperty(properties, "Contact"),
+                                License = GetProperty(properties, "License"),
+                                Dependencies = GetProperty(properties, "Dependencies"),
+                                Permissions = GetProperty(properties, "Permissions"),
                                 ControlTypeTemplate = ModuleType + ".{Control}" + ", " + typename[1],
                                 ControlTypeRoutes = "",
                                 AssemblyName = assembly.FullName.Split(",")[0]
@@ -88,6 +89,7 @@ namespace Oqtane.Repository
                                 Contact = "",
                                 License = "",
                                 Dependencies = "",
+                                Permissions = "",
                                 ControlTypeTemplate = ModuleType + ".{Control}" + ", " + typename[1],
                                 ControlTypeRoutes = "",
                                 AssemblyName = assembly.FullName.Split(",")[0]
@@ -116,9 +118,17 @@ namespace Oqtane.Repository
 
         public IEnumerable<ModuleDefinition> GetModuleDefinitions()
         {
-            return moduledefinitions;
+            return ModuleDefinitions;
         }
 
-
+        private string GetProperty(Dictionary<string, string> Properties, string Key)
+        {
+            string Value = "";
+            if (Properties.ContainsKey(Key))
+            {
+                Value = Properties[Key];
+            }
+            return Value;
+        }
     }
 }
diff --git a/Oqtane.Server/Repository/ModuleRepository.cs b/Oqtane.Server/Repository/ModuleRepository.cs
index fbec388e..2754161c 100644
--- a/Oqtane.Server/Repository/ModuleRepository.cs
+++ b/Oqtane.Server/Repository/ModuleRepository.cs
@@ -7,91 +7,66 @@ namespace Oqtane.Repository
 {
     public class ModuleRepository : IModuleRepository
     {
-        private TenantContext db;
+        private TenantDBContext db;
+        private readonly IPermissionRepository Permissions;
 
-        public ModuleRepository(TenantContext context)
+        public ModuleRepository(TenantDBContext context, IPermissionRepository Permissions)
         {
             db = context;
+            this.Permissions = Permissions;
         }
 
         public IEnumerable<Module> GetModules()
         {
-            try
-            {
-                return db.Module.ToList();
-            }
-            catch
-            {
-                throw;
-            }
+            return db.Module;
         }
 
         public IEnumerable<Module> GetModules(int SiteId, string ModuleDefinitionName)
         {
-            try
+            IEnumerable<Permission> permissions = Permissions.GetPermissions(SiteId, "Module").ToList();
+            IEnumerable<Module> modules = db.Module
+                .Where(item => item.SiteId == SiteId)
+                .Where(item => item.ModuleDefinitionName == ModuleDefinitionName);
+            foreach (Module module in modules)
             {
-                return db.Module
-                    .Where(item => item.SiteId == SiteId)
-                    .Where(item => item.ModuleDefinitionName == ModuleDefinitionName)
-                    .ToList();
-            }
-            catch
-            {
-                throw;
+                module.Permissions = Permissions.EncodePermissions(module.ModuleId, permissions);
             }
+            return modules;
         }
 
-        public void AddModule(Module Module)
+        public Module AddModule(Module Module)
         {
-            try
-            {
-                db.Module.Add(Module);
-                db.SaveChanges();
-            }
-            catch
-            {
-                throw;
-            }
+            db.Module.Add(Module);
+            db.SaveChanges();
+            Permissions.UpdatePermissions(Module.SiteId, "Module", Module.ModuleId, Module.Permissions);
+            return Module;
         }
 
-        public void UpdateModule(Module Module)
+        public Module UpdateModule(Module Module)
         {
-            try
-            {
-                db.Entry(Module).State = EntityState.Modified;
-                db.SaveChanges();
-            }
-            catch
-            {
-                throw;
-            }
+            db.Entry(Module).State = EntityState.Modified;
+            db.SaveChanges();
+            Permissions.UpdatePermissions(Module.SiteId, "Module", Module.ModuleId, Module.Permissions);
+            return Module;
         }
 
         public Module GetModule(int ModuleId)
         {
-            try
+            Module module = db.Module.Find(ModuleId);
+            if (module != null)
             {
-                Module Module = db.Module.Find(ModuleId);
-                return Module;
-            }
-            catch
-            {
-                throw;
+                List<Permission> permissions = Permissions.GetPermissions("Module", module.ModuleId).ToList();
+                module.Permissions = Permissions.EncodePermissions(module.ModuleId, permissions);
             }
+            return module;
         }
 
         public void DeleteModule(int ModuleId)
         {
-            try
-            {
-                Module Module = db.Module.Find(ModuleId);
-                db.Module.Remove(Module);
-                db.SaveChanges();
-            }
-            catch
-            {
-                throw;
-            }
+            Module Module = db.Module.Find(ModuleId);
+            Permissions.UpdatePermissions(Module.SiteId, "Module", ModuleId, "");
+            db.Module.Remove(Module);
+            db.SaveChanges();
         }
     }
 }
diff --git a/Oqtane.Server/Repository/PageModuleRepository.cs b/Oqtane.Server/Repository/PageModuleRepository.cs
index 791dea65..9eb829d1 100644
--- a/Oqtane.Server/Repository/PageModuleRepository.cs
+++ b/Oqtane.Server/Repository/PageModuleRepository.cs
@@ -7,90 +7,65 @@ namespace Oqtane.Repository
 {
     public class PageModuleRepository : IPageModuleRepository
     {
-        private TenantContext db;
+        private TenantDBContext db;
+        private readonly IPermissionRepository Permissions;
 
-        public PageModuleRepository(TenantContext context)
+        public PageModuleRepository(TenantDBContext context, IPermissionRepository Permissions)
         {
             db = context;
+            this.Permissions = Permissions;
         }
 
         public IEnumerable<PageModule> GetPageModules()
         {
-            try
-            {
-                return db.PageModule.ToList();
-            }
-            catch
-            {
-                throw;
-            }
+            return db.PageModule;
         }
         public IEnumerable<PageModule> GetPageModules(int PageId)
         {
-            try
+            IEnumerable<PageModule> pagemodules = db.PageModule.Where(item => item.PageId == PageId)
+                .Include(item => item.Module); // eager load modules
+            if (pagemodules != null && pagemodules.Any())
             {
-                List<PageModule> pagemodules = db.PageModule.Where(item => item.PageId == PageId)
-                    .Include(item => item.Module)
-                    .ToList();
-                return pagemodules;
-            }
-            catch
-            {
-                throw;
+                IEnumerable<Permission> permissions = Permissions.GetPermissions(pagemodules.FirstOrDefault().Module.SiteId, "Module").ToList();
+                foreach (PageModule pagemodule in pagemodules)
+                {
+                    pagemodule.Module.Permissions = Permissions.EncodePermissions(pagemodule.ModuleId, permissions);
+                }
             }
+            return pagemodules;
         }
 
-        public void AddPageModule(PageModule PageModule)
+        public PageModule AddPageModule(PageModule PageModule)
         {
-            try
-            {
-                db.PageModule.Add(PageModule);
-                db.SaveChanges();
-            }
-            catch
-            {
-                throw;
-            }
+            db.PageModule.Add(PageModule);
+            db.SaveChanges();
+            return PageModule;
         }
 
-        public void UpdatePageModule(PageModule PageModule)
+        public PageModule UpdatePageModule(PageModule PageModule)
         {
-            try
-            {
-                db.Entry(PageModule).State = EntityState.Modified;
-                db.SaveChanges();
-            }
-            catch
-            {
-                throw;
-            }
+            db.Entry(PageModule).State = EntityState.Modified;
+            db.SaveChanges();
+            return PageModule;
         }
 
         public PageModule GetPageModule(int PageModuleId)
         {
-            try
+            PageModule pagemodule = db.PageModule.Include(item => item.Module) // eager load modules
+                .SingleOrDefault(item => item.PageModuleId == PageModuleId);
+            if (pagemodule != null)
             {
-                PageModule PageModule = db.PageModule.Find(PageModuleId);
-                return PageModule;
-            }
-            catch
-            {
-                throw;
+                IEnumerable<Permission> permissions = Permissions.GetPermissions("Module", pagemodule.ModuleId);
+                pagemodule.Module.Permissions = Permissions.EncodePermissions(pagemodule.ModuleId, permissions);
             }
+            return pagemodule;
         }
 
         public void DeletePageModule(int PageModuleId)
         {
-            try
-            {
-                PageModule PageModule = db.PageModule.Find(PageModuleId);
-                db.PageModule.Remove(PageModule);
-                db.SaveChanges();
-            }
-            catch
-            {
-                throw;
-            }
+            PageModule PageModule = db.PageModule.Find(PageModuleId);
+            db.PageModule.Remove(PageModule);
+            db.SaveChanges();
         }
     }
 }
diff --git a/Oqtane.Server/Repository/PageRepository.cs b/Oqtane.Server/Repository/PageRepository.cs
index 8045e038..5b849d1b 100644
--- a/Oqtane.Server/Repository/PageRepository.cs
+++ b/Oqtane.Server/Repository/PageRepository.cs
@@ -7,88 +7,64 @@ namespace Oqtane.Repository
 {
     public class PageRepository : IPageRepository
     {
-        private TenantContext db;
+        private TenantDBContext db;
+        private readonly IPermissionRepository Permissions;
 
-        public PageRepository(TenantContext context)
+        public PageRepository(TenantDBContext context, IPermissionRepository Permissions)
         {
             db = context;
+            this.Permissions = Permissions;
         }
 
         public IEnumerable<Page> GetPages()
         {
-            try
-            {
-                return db.Page.ToList();
-            }
-            catch
-            {
-                throw;
-            }
+            return db.Page.ToList();
         }
 
         public IEnumerable<Page> GetPages(int SiteId)
         {
-            try
+            IEnumerable<Permission> permissions = Permissions.GetPermissions(SiteId, "Page").ToList();
+            IEnumerable<Page> pages = db.Page.Where(item => item.SiteId == SiteId);
+            foreach(Page page in pages)
             {
-                return db.Page.Where(item => item.SiteId == SiteId).ToList();
-            }
-            catch
-            {
-                throw;
+                page.Permissions = Permissions.EncodePermissions(page.PageId, permissions);
             }
+            return pages;
         }
 
-        public void AddPage(Page Page)
+        public Page AddPage(Page Page)
         {
-            try
-            {
-                db.Page.Add(Page);
-                db.SaveChanges();
-            }
-            catch
-            {
-                throw;
-            }
+            db.Page.Add(Page);
+            db.SaveChanges();
+            Permissions.UpdatePermissions(Page.SiteId, "Page", Page.PageId, Page.Permissions);
+            return Page;
         }
 
-        public void UpdatePage(Page Page)
+        public Page UpdatePage(Page Page)
         {
-            try
-            {
-                db.Entry(Page).State = EntityState.Modified;
-                db.SaveChanges();
-            }
-            catch
-            {
-                throw;
-            }
+            db.Entry(Page).State = EntityState.Modified;
+            db.SaveChanges();
+            Permissions.UpdatePermissions(Page.SiteId, "Page", Page.PageId, Page.Permissions);
+            return Page;
         }
 
         public Page GetPage(int PageId)
         {
-            try
+            Page page = db.Page.Find(PageId);
+            if (page != null)
             {
-                Page Page = db.Page.Find(PageId);
-                return Page;
-            }
-            catch
-            {
-                throw;
+                IEnumerable<Permission> permissions = Permissions.GetPermissions("Page", page.PageId);
+                page.Permissions = Permissions.EncodePermissions(page.PageId, permissions);
             }
+            return page;
         }
 
         public void DeletePage(int PageId)
         {
-            try
-            {
-                Page Page = db.Page.Find(PageId);
-                db.Page.Remove(Page);
-                db.SaveChanges();
-            }
-            catch
-            {
-                throw;
-            }
+            Page Page = db.Page.Find(PageId);
+            Permissions.UpdatePermissions(Page.SiteId, "Page", PageId, "");
+            db.Page.Remove(Page);
+            db.SaveChanges();
         }
     }
 }
diff --git a/Oqtane.Server/Repository/PermissionRepository.cs b/Oqtane.Server/Repository/PermissionRepository.cs
new file mode 100644
index 00000000..a4b3f323
--- /dev/null
+++ b/Oqtane.Server/Repository/PermissionRepository.cs
@@ -0,0 +1,193 @@
+using Microsoft.EntityFrameworkCore;
+using System.Collections.Generic;
+using System.Linq;
+using Oqtane.Models;
+using System.Text;
+using System;
+using System.Text.Json;
+using System.Text.Json.Serialization;
+
+namespace Oqtane.Repository
+{
+    public class PermissionRepository : IPermissionRepository
+    {
+        private TenantDBContext db;
+        private readonly IRoleRepository Roles;
+
+        public PermissionRepository(TenantDBContext context, IRoleRepository Roles)
+        {
+            db = context;
+            this.Roles = Roles;
+        }
+
+        public IEnumerable<Permission> GetPermissions(int SiteId, string EntityName)
+        {
+            return db.Permission.Where(item => item.SiteId == SiteId)
+                .Where(item => item.EntityName == EntityName)
+                .Include(item => item.Role); // eager load roles
+        }
+
+        public IEnumerable<Permission> GetPermissions(string EntityName, int EntityId)
+        {
+            return db.Permission.Where(item => item.EntityName == EntityName)
+                .Where(item => item.EntityId == EntityId)
+                .Include(item => item.Role); // eager load roles
+        }
+
+        public IEnumerable<Permission> GetPermissions(string EntityName, int EntityId, string PermissionName)
+        {
+            return db.Permission.Where(item => item.EntityName == EntityName)
+                .Where(item => item.EntityId == EntityId)
+                .Where(item => item.PermissionName == PermissionName)
+                .Include(item => item.Role); // eager load roles
+        }
+
+        public Permission AddPermission(Permission Permission)
+        {
+            db.Permission.Add(Permission);
+            db.SaveChanges();
+            return Permission;
+        }
+
+        public Permission UpdatePermission(Permission Permission)
+        {
+            db.Entry(Permission).State = EntityState.Modified;
+            db.SaveChanges();
+            return Permission;
+        }
+
+        public void UpdatePermissions(int SiteId, string EntityName, int EntityId, string Permissions)
+        {
+            // get current permissions and delete
+            IEnumerable<Permission> permissions = db.Permission
+                .Where(item => item.EntityName == EntityName)
+                .Where(item => item.EntityId == EntityId);
+            foreach(Permission permission in permissions)
+            {
+                db.Permission.Remove(permission);
+            }
+            // add permissions
+            permissions = DecodePermissions(Permissions, SiteId, EntityName, EntityId);
+            foreach (Permission permission in permissions)
+            {
+                db.Permission.Add(permission);
+            }
+            db.SaveChanges();
+        }
+
+        public Permission GetPermission(int PermissionId)
+        {
+            return db.Permission.Find(PermissionId);
+        }
+
+        public void DeletePermission(int PermissionId)
+        {
+            Permission Permission = db.Permission.Find(PermissionId);
+            db.Permission.Remove(Permission);
+            db.SaveChanges();
+        }
+
+        // permissions are stored in the format "{permissionname:!rolename1;![userid1];rolename2;rolename3;[userid2];[userid3]}" where "!" designates Deny permissions
+        public string EncodePermissions(int EntityId, IEnumerable<Permission> Permissions)
+        {
+            List<PermissionString> permissionstrings = new List<PermissionString>();
+            string permissionname = "";
+            string permissions = "";
+            StringBuilder permissionsbuilder = new StringBuilder();
+            string securityid = "";
+            foreach (Permission permission in Permissions.Where(item => item.EntityId == EntityId).OrderBy(item => item.PermissionName))
+            {
+                // permission collections are grouped by permissionname
+                if (permissionname != permission.PermissionName)
+                {
+                    permissions = permissionsbuilder.ToString();
+                    if (permissions != "")
+                    {
+                        permissionstrings.Add(new PermissionString { PermissionName = permissionname, Permissions = permissions.Substring(0, permissions.Length - 1) });
+                    }
+                    permissionname = permission.PermissionName;
+                    permissionsbuilder = new StringBuilder();
+                }
+
+                // deny permissions are prefixed with a "!"
+                string prefix = !permission.IsAuthorized ? "!" : "";
+
+                // encode permission
+                if (permission.UserId == null)
+                {
+                    securityid = prefix + permission.Role.Name + ";";
+                }
+                else
+                {
+                    securityid = prefix + "[" + permission.UserId.ToString() + "];";
+                }
+
+                // insert deny permissions at the beginning and append grant permissions at the end
+                if (prefix == "!")
+                {
+                    permissionsbuilder.Insert(0, securityid);
+                }
+                else
+                {
+                    permissionsbuilder.Append(securityid);
+                }
+            }
+
+            permissions = permissionsbuilder.ToString();
+            if (permissions != "")
+            {
+                permissionstrings.Add(new PermissionString { PermissionName = permissionname, Permissions = permissions.Substring(0, permissions.Length - 1) });
+            }
+            return JsonSerializer.Serialize(permissionstrings);
+        }
+
+        public IEnumerable<Permission> DecodePermissions(string PermissionStrings, int SiteId, string EntityName, int EntityId)
+        {
+            List<Permission> permissions = new List<Permission>();
+            List<Role> roles = Roles.GetRoles(SiteId, true).ToList();
+            string securityid = "";
+            foreach (PermissionString permissionstring in JsonSerializer.Deserialize<List<PermissionString>>(PermissionStrings))
+            {
+                foreach (string id in permissionstring.Permissions.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries))
+                {
+                    securityid = id;
+                    Permission permission = new Permission();
+                    permission.SiteId = SiteId;
+                    permission.EntityName = EntityName;
+                    permission.EntityId = EntityId;
+                    permission.PermissionName = permissionstring.PermissionName;
+                    permission.RoleId = null;
+                    permission.UserId = null;
+                    permission.IsAuthorized = true;
+
+                    if (securityid.StartsWith("!"))
+                    {
+                        // deny permission
+                        securityid.Replace("!", "");
+                        permission.IsAuthorized = false;
+                    }
+                    if (securityid.StartsWith("[") && securityid.EndsWith("]"))
+                    {
+                        // user id
+                        securityid = securityid.Replace("[", "").Replace("]", "");
+                        permission.UserId = int.Parse(securityid);
+                    }
+                    else
+                    {
+                        // role name
+                        Role role = roles.Where(item => item.Name == securityid).SingleOrDefault();
+                        if (role != null)
+                        {
+                            permission.RoleId = role.RoleId;
+                        }
+                    }
+                    if (permission.UserId != null || permission.RoleId != null)
+                    {
+                        permissions.Add(permission);
+                    }
+                }
+            }
+            return permissions;
+        }
+    }
+}
diff --git a/Oqtane.Server/Repository/ProfileRepository.cs b/Oqtane.Server/Repository/ProfileRepository.cs
new file mode 100644
index 00000000..df895fe9
--- /dev/null
+++ b/Oqtane.Server/Repository/ProfileRepository.cs
@@ -0,0 +1,53 @@
+using Microsoft.EntityFrameworkCore;
+using System.Collections.Generic;
+using System.Linq;
+using Oqtane.Models;
+
+namespace Oqtane.Repository
+{
+    public class ProfileRepository : IProfileRepository
+    {
+        private TenantDBContext db;
+
+        public ProfileRepository(TenantDBContext context)
+        {
+            db = context;
+        }
+            
+        public IEnumerable<Profile> GetProfiles()
+        {
+            return db.Profile;
+        }
+
+        public IEnumerable<Profile> GetProfiles(int SiteId)
+        {
+            return db.Profile.Where(item => item.SiteId == SiteId || item.SiteId == null);
+        }
+
+        public Profile AddProfile(Profile Profile)
+        {
+            db.Profile.Add(Profile);
+            db.SaveChanges();
+            return Profile;
+        }
+
+        public Profile UpdateProfile(Profile Profile)
+        {
+            db.Entry(Profile).State = EntityState.Modified;
+            db.SaveChanges();
+            return Profile;
+        }
+
+        public Profile GetProfile(int ProfileId)
+        {
+            return db.Profile.Find(ProfileId);
+        }
+
+        public void DeleteProfile(int ProfileId)
+        {
+            Profile Profile = db.Profile.Find(ProfileId);
+            db.Profile.Remove(Profile);
+            db.SaveChanges();
+        }
+    }
+}
diff --git a/Oqtane.Server/Repository/RoleRepository.cs b/Oqtane.Server/Repository/RoleRepository.cs
new file mode 100644
index 00000000..97958b07
--- /dev/null
+++ b/Oqtane.Server/Repository/RoleRepository.cs
@@ -0,0 +1,59 @@
+using Microsoft.EntityFrameworkCore;
+using System.Collections.Generic;
+using System.Linq;
+using Oqtane.Models;
+
+namespace Oqtane.Repository
+{
+    public class RoleRepository : IRoleRepository
+    {
+        private TenantDBContext db;
+
+        public RoleRepository(TenantDBContext context)
+        {
+            db = context;
+        }
+            
+        public IEnumerable<Role> GetRoles()
+        {
+            return db.Role;
+        }
+
+        public IEnumerable<Role> GetRoles(int SiteId)
+        {
+            return db.Role.Where(item => item.SiteId == SiteId);
+        }
+
+        public IEnumerable<Role> GetRoles(int SiteId, bool IncludeGlobalRoles)
+        {
+            return db.Role.Where(item => item.SiteId == SiteId || item.SiteId == null);
+        }
+
+
+        public Role AddRole(Role Role)
+        {
+            db.Role.Add(Role);
+            db.SaveChanges();
+            return Role;
+        }
+
+        public Role UpdateRole(Role Role)
+        {
+            db.Entry(Role).State = EntityState.Modified;
+            db.SaveChanges();
+            return Role;
+        }
+
+        public Role GetRole(int RoleId)
+        {
+            return db.Role.Find(RoleId);
+        }
+
+        public void DeleteRole(int RoleId)
+        {
+            Role Role = db.Role.Find(RoleId);
+            db.Role.Remove(Role);
+            db.SaveChanges();
+        }
+    }
+}
diff --git a/Oqtane.Server/Repository/SettingRepository.cs b/Oqtane.Server/Repository/SettingRepository.cs
new file mode 100644
index 00000000..b191c9c5
--- /dev/null
+++ b/Oqtane.Server/Repository/SettingRepository.cs
@@ -0,0 +1,49 @@
+using Microsoft.EntityFrameworkCore;
+using System.Collections.Generic;
+using System.Linq;
+using Oqtane.Models;
+
+namespace Oqtane.Repository
+{
+    public class SettingRepository : ISettingRepository
+    {
+        private TenantDBContext db;
+
+        public SettingRepository(TenantDBContext context)
+        {
+            db = context;
+        }
+
+        public IEnumerable<Setting> GetSettings(string EntityName, int EntityId)
+        {
+            return db.Setting.Where(item => item.EntityName == EntityName)
+                .Where(item => item.EntityId == EntityId);
+        }
+
+        public Setting AddSetting(Setting Setting)
+        {
+            db.Setting.Add(Setting);
+            db.SaveChanges();
+            return Setting;
+        }
+
+        public Setting UpdateSetting(Setting Setting)
+        {
+            db.Entry(Setting).State = EntityState.Modified;
+            db.SaveChanges();
+            return Setting;
+        }
+
+        public Setting GetSetting(int SettingId)
+        {
+            return db.Setting.Find(SettingId);
+        }
+
+        public void DeleteSetting(int SettingId)
+        {
+            Setting Setting = db.Setting.Find(SettingId);
+            db.Setting.Remove(Setting);
+            db.SaveChanges();
+        }
+    }
+}
diff --git a/Oqtane.Server/Repository/SiteRepository.cs b/Oqtane.Server/Repository/SiteRepository.cs
index 7310266f..3f200162 100644
--- a/Oqtane.Server/Repository/SiteRepository.cs
+++ b/Oqtane.Server/Repository/SiteRepository.cs
@@ -7,76 +7,42 @@ namespace Oqtane.Repository
 {
     public class SiteRepository : ISiteRepository
     {
-        private TenantContext db;
+        private TenantDBContext db;
 
-        public SiteRepository(TenantContext context)
+        public SiteRepository(TenantDBContext context)
         {
             db = context;
         }
             
         public IEnumerable<Site> GetSites()
         {
-            try
-            {
-                return db.Site.ToList();
-            }
-            catch
-            {
-                throw;
-            }
+            return db.Site;
         }
 
-        public void AddSite(Site site)
+        public Site AddSite(Site Site)
         {
-            try
-            {
-                db.Site.Add(site);
-                db.SaveChanges();
-            }
-            catch
-            {
-                throw;
-            }
+            db.Site.Add(Site);
+            db.SaveChanges();
+            return Site;
         }
 
-        public void UpdateSite(Site site)
+        public Site UpdateSite(Site Site)
         {
-            try
-            {
-                db.Entry(site).State = EntityState.Modified;
-                db.SaveChanges();
-            }
-            catch
-            {
-                throw;
-            }
+            db.Entry(Site).State = EntityState.Modified;
+            db.SaveChanges();
+            return Site;
         }
 
         public Site GetSite(int siteId)
         {
-            try
-            {
-                Site site = db.Site.Find(siteId);
-                return site;
-            }
-            catch
-            {
-                throw;
-            }
+            return db.Site.Find(siteId);
         }
 
         public void DeleteSite(int siteId)
         {
-            try
-            {
-                Site site = db.Site.Find(siteId);
-                db.Site.Remove(site);
-                db.SaveChanges();
-            }
-            catch
-            {
-                throw;
-            }
+            Site site = db.Site.Find(siteId);
+            db.Site.Remove(site);
+            db.SaveChanges();
         }
     }
 }
diff --git a/Oqtane.Server/Repository/SiteUserRepository.cs b/Oqtane.Server/Repository/SiteUserRepository.cs
new file mode 100644
index 00000000..4d7cb1b6
--- /dev/null
+++ b/Oqtane.Server/Repository/SiteUserRepository.cs
@@ -0,0 +1,60 @@
+using Microsoft.EntityFrameworkCore;
+using System.Collections.Generic;
+using System.Linq;
+using Oqtane.Models;
+
+namespace Oqtane.Repository
+{
+    public class SiteUserRepository : ISiteUserRepository
+    {
+        private TenantDBContext db;
+
+        public SiteUserRepository(TenantDBContext context)
+        {
+            db = context;
+        }
+
+        public IEnumerable<SiteUser> GetSiteUsers()
+        {
+            return db.SiteUser;
+        }
+        public IEnumerable<SiteUser> GetSiteUsers(int SiteId)
+        {
+            return db.SiteUser.Where(item => item.SiteId == SiteId)
+                .Include(item => item.User); // eager load users
+        }
+
+        public SiteUser AddSiteUser(SiteUser SiteUser)
+        {
+            db.SiteUser.Add(SiteUser);
+            db.SaveChanges();
+            return SiteUser;
+        }
+
+        public SiteUser UpdateSiteUser(SiteUser SiteUser)
+        {
+            db.Entry(SiteUser).State = EntityState.Modified;
+            db.SaveChanges();
+            return SiteUser;
+        }
+
+        public SiteUser GetSiteUser(int SiteUserId)
+        {
+            return db.SiteUser.Include(item => item.User) // eager load users
+                .SingleOrDefault(item => item.SiteUserId == SiteUserId);
+        }
+
+        public SiteUser GetSiteUser(int SiteId, int UserId)
+        {
+            return db.SiteUser.Where(item => item.SiteId == SiteId)
+                .Where(item => item.UserId == UserId).FirstOrDefault();
+        }
+
+        public void DeleteSiteUser(int SiteUserId)
+        {
+            SiteUser SiteUser = db.SiteUser.Find(SiteUserId);
+            db.SiteUser.Remove(SiteUser);
+            db.SaveChanges();
+        }
+    }
+}
diff --git a/Oqtane.Server/Repository/TenantContext.cs b/Oqtane.Server/Repository/TenantContext.cs
deleted file mode 100644
index b74ce34d..00000000
--- a/Oqtane.Server/Repository/TenantContext.cs
+++ /dev/null
@@ -1,41 +0,0 @@
-using Microsoft.AspNetCore.Identity;
-using Microsoft.AspNetCore.Identity.EntityFrameworkCore;
-using Microsoft.EntityFrameworkCore;
-using Oqtane.Models;
-using System;
-
-namespace Oqtane.Repository
-{
-    public class TenantContext : IdentityDbContext<IdentityUser>
-    {
-        public virtual DbSet<Site> Site { get; set; }
-        public virtual DbSet<Page> Page { get; set; }
-        public virtual DbSet<PageModule> PageModule { get; set; }
-        public virtual DbSet<Module> Module { get; set; }
-        public virtual DbSet<User> User { get; set; }
-
-        private readonly Tenant tenant;
-
-        public TenantContext(ITenantResolver TenantResolver)
-        {
-            tenant = TenantResolver.GetTenant();
-        }
-
-        protected override void OnConfiguring(DbContextOptionsBuilder optionsBuilder)
-        {
-            optionsBuilder.UseSqlServer(tenant.DBConnectionString
-                    .Replace("|DataDirectory|", AppDomain.CurrentDomain.GetData("DataDirectory").ToString())
-            );
-            base.OnConfiguring(optionsBuilder);
-        }
-
-        protected override void OnModelCreating(ModelBuilder modelBuilder)
-        {
-            if (tenant.DBSchema != "")
-            {
-                modelBuilder.HasDefaultSchema(tenant.DBSchema);
-            }
-            base.OnModelCreating(modelBuilder);
-        }
-    }
-}
diff --git a/Oqtane.Server/Repository/TenantRepository.cs b/Oqtane.Server/Repository/TenantRepository.cs
index da7c6be9..e64a57e3 100644
--- a/Oqtane.Server/Repository/TenantRepository.cs
+++ b/Oqtane.Server/Repository/TenantRepository.cs
@@ -10,10 +10,10 @@ namespace Oqtane.Repository
 {
     public class TenantRepository : ITenantRepository
     {
-        private MasterContext db;
+        private MasterDBContext db;
         private readonly IMemoryCache _cache;
 
-        public TenantRepository(MasterContext context, IMemoryCache cache)
+        public TenantRepository(MasterDBContext context, IMemoryCache cache)
         {
             db = context;
             _cache = cache;
@@ -21,72 +21,37 @@ namespace Oqtane.Repository
 
         public IEnumerable<Tenant> GetTenants()
         {
-            try
+            return _cache.GetOrCreate("tenants", entry =>
             {
-                IEnumerable<Tenant> tenants = _cache.GetOrCreate("tenants", entry =>
-                {
-                    entry.SlidingExpiration = TimeSpan.FromMinutes(30);
-                    return db.Tenant.ToList();
-                });
-                return tenants;
-            }
-            catch
-            {
-                throw;
-            }
+                entry.SlidingExpiration = TimeSpan.FromMinutes(30);
+                return db.Tenant.ToList();
+            });
         }
 
-        public void AddTenant(Tenant tenant)
+        public Tenant AddTenant(Tenant Tenant)
         {
-            try
-            {
-                db.Tenant.Add(tenant);
-                db.SaveChanges();
-            }
-            catch
-            {
-                throw;
-            }
+            db.Tenant.Add(Tenant);
+            db.SaveChanges();
+            return Tenant;
         }
 
-        public void UpdateTenant(Tenant tenant)
+        public Tenant UpdateTenant(Tenant Tenant)
         {
-            try
-            {
-                db.Entry(tenant).State = EntityState.Modified;
-                db.SaveChanges();
-            }
-            catch
-            {
-                throw;
-            }
+            db.Entry(Tenant).State = EntityState.Modified;
+            db.SaveChanges();
+            return Tenant;
         }
 
-        public Tenant GetTenant(int tenantId)
+        public Tenant GetTenant(int TenantId)
         {
-            try
-            {
-                Tenant tenant = db.Tenant.Find(tenantId);
-                return tenant;
-            }
-            catch
-            {
-                throw;
-            }
+            return db.Tenant.Find(TenantId);
         }
 
-        public void DeleteTenant(int tenantId)
-        {
-            try
-            {
-                Tenant tenant = db.Tenant.Find(tenantId);
-                db.Tenant.Remove(tenant);
-                db.SaveChanges();
-            }
-            catch
-            {
-                throw;
-            }
+        public void DeleteTenant(int TenantId)
+        { 
+            Tenant tenant = db.Tenant.Find(TenantId);
+            db.Tenant.Remove(tenant);
+            db.SaveChanges();
         }
     }
 }
diff --git a/Oqtane.Server/Repository/TenantResolver.cs b/Oqtane.Server/Repository/TenantResolver.cs
index bd78f450..579c99b9 100644
--- a/Oqtane.Server/Repository/TenantResolver.cs
+++ b/Oqtane.Server/Repository/TenantResolver.cs
@@ -2,17 +2,18 @@
 using System.Linq;
 using Oqtane.Models;
 using Microsoft.AspNetCore.Http;
+using System;
 
 namespace Oqtane.Repository
 {
     public class TenantResolver : ITenantResolver
     {
-        private MasterContext db;
+        private MasterDBContext db;
         private readonly string aliasname;
         private readonly IAliasRepository _aliasrepository;
         private readonly ITenantRepository _tenantrepository;
 
-        public TenantResolver(MasterContext context, IHttpContextAccessor accessor, IAliasRepository aliasrepository, ITenantRepository tenantrepository)
+        public TenantResolver(MasterDBContext context, IHttpContextAccessor accessor, IAliasRepository aliasrepository, ITenantRepository tenantrepository)
         {
             db = context;
             _aliasrepository = aliasrepository;
@@ -21,8 +22,8 @@ namespace Oqtane.Repository
             // get alias based on request context
             aliasname = accessor.HttpContext.Request.Host.Value;
             string path = accessor.HttpContext.Request.Path.Value;
-            string[] segments = path.Split('/');
-            if (segments[0] == "api" && segments[1] != "~")
+            string[] segments = path.Split(new[] { '/' }, StringSplitOptions.RemoveEmptyEntries);
+            if (segments.Length > 0 && segments[0] == "api" && segments[1] != "~")
             {
                 aliasname += "/" + segments[1];
             }
@@ -32,19 +33,16 @@ namespace Oqtane.Repository
             }
         }
 
+        public Alias GetAlias()
+        {
+            IEnumerable<Alias> aliases = _aliasrepository.GetAliases(); // cached
+            return aliases.Where(item => item.Name == aliasname).FirstOrDefault();
+        }
+
         public Tenant GetTenant()
         {
-            try
-            {
-                IEnumerable<Alias> aliases = _aliasrepository.GetAliases(); // cached
-                Alias alias = aliases.Where(item => item.Name == aliasname).FirstOrDefault();
-                IEnumerable<Tenant> tenants = _tenantrepository.GetTenants(); // cached
-                return tenants.Where(item => item.TenantId == alias.TenantId).FirstOrDefault();
-            }
-            catch
-            {
-                throw;
-            }
+            IEnumerable<Tenant> tenants = _tenantrepository.GetTenants(); // cached
+            return tenants.Where(item => item.TenantId == GetAlias().TenantId).FirstOrDefault();
         }
     }
 }
\ No newline at end of file
diff --git a/Oqtane.Server/Repository/ThemeRepository.cs b/Oqtane.Server/Repository/ThemeRepository.cs
index aec59868..5cac43fc 100644
--- a/Oqtane.Server/Repository/ThemeRepository.cs
+++ b/Oqtane.Server/Repository/ThemeRepository.cs
@@ -10,28 +10,26 @@ namespace Oqtane.Repository
 {
     public class ThemeRepository : IThemeRepository
     {
-        private readonly List<Theme> themes;
+        private readonly List<Theme> Themes;
 
         public ThemeRepository()
         {
-            themes = LoadThemes();
+            Themes = LoadThemes();
         }
 
         private List<Theme> LoadThemes()
         {
-            List<Theme> themes = new List<Theme>();
+            List<Theme> Themes = new List<Theme>();
 
             // iterate through Oqtane theme assemblies
-            // TODO: Remove restriction on assembly
+            Assembly[] assemblies = AppDomain.CurrentDomain.GetAssemblies()
+                .Where(item => item.FullName.StartsWith("Oqtane.") || item.FullName.Contains(".Theme.")).ToArray();
             foreach (Assembly assembly in AppDomain.CurrentDomain.GetAssemblies())
             {
-                if (assembly.FullName.StartsWith("Oqtane.Client") || assembly.FullName.StartsWith("Oqtane.Theme."))
-                {
-                    themes = LoadThemesFromAssembly(themes, assembly);
-                }
+                Themes = LoadThemesFromAssembly(Themes, assembly);
             }
 
-            return themes;
+            return Themes;
         }
 
         private List<Theme> LoadThemesFromAssembly(List<Theme> themes, Assembly assembly)
@@ -51,23 +49,24 @@ namespace Oqtane.Repository
                     if (index == -1)
                     {
                         /// determine if this theme implements ITheme
-                        Type themeType = assembly.GetTypes()
+                        Type themetype = assembly.GetTypes()
                             .Where(item => item.Namespace != null)
                             .Where(item => item.Namespace.StartsWith(Namespace))
                             .Where(item => item.GetInterfaces().Contains(typeof(ITheme))).FirstOrDefault();
-                        if (themeType != null)
+                        if (themetype != null)
                         {
-                            var themeObject = Activator.CreateInstance(themeType);
+                            var themeobject = Activator.CreateInstance(themetype);
+                            Dictionary<string, string> properties = (Dictionary<string, string>)themetype.GetProperty("Properties").GetValue(themeobject);
                             theme = new Theme
                             {
                                 ThemeName = Namespace,
-                                Name = (string)themeType.GetProperty("Name").GetValue(themeObject),
-                                Version = (string)themeType.GetProperty("Version").GetValue(themeObject),
-                                Owner = (string)themeType.GetProperty("Owner").GetValue(themeObject),
-                                Url = (string)themeType.GetProperty("Url").GetValue(themeObject),
-                                Contact = (string)themeType.GetProperty("Contact").GetValue(themeObject),
-                                License = (string)themeType.GetProperty("License").GetValue(themeObject),
-                                Dependencies = (string)themeType.GetProperty("Dependencies").GetValue(themeObject),
+                                Name = GetProperty(properties, "Name"),
+                                Version = GetProperty(properties, "Version"),
+                                Owner = GetProperty(properties, "Owner"),
+                                Url = GetProperty(properties, "Url"),
+                                Contact = GetProperty(properties, "Contact"),
+                                License = GetProperty(properties, "License"),
+                                Dependencies = GetProperty(properties, "Dependencies"),
                                 ThemeControls = "",
                                 PaneLayouts = "",
                                 ContainerControls = "",
@@ -122,7 +121,17 @@ namespace Oqtane.Repository
 
         public IEnumerable<Theme> GetThemes()
         {
-            return themes;
+            return Themes;
+        }
+
+        private string GetProperty(Dictionary<string, string> Properties, string Key)
+        {
+            string Value = "";
+            if (Properties.ContainsKey(Key))
+            {
+                Value = Properties[Key];
+            }
+            return Value;
         }
     }
 }
diff --git a/Oqtane.Server/Repository/UserRepository.cs b/Oqtane.Server/Repository/UserRepository.cs
index a750a405..e182dae4 100644
--- a/Oqtane.Server/Repository/UserRepository.cs
+++ b/Oqtane.Server/Repository/UserRepository.cs
@@ -7,89 +7,47 @@ namespace Oqtane.Repository
 {
     public class UserRepository : IUserRepository
     {
-        private TenantContext db;
+        private TenantDBContext db;
 
-        public UserRepository(TenantContext context)
+        public UserRepository(TenantDBContext context)
         {
             db = context;
         }
             
         public IEnumerable<User> GetUsers()
         {
-            try
-            {
-                return db.User.ToList();
-            }
-            catch
-            {
-                throw;
-            }
+            return db.User;
         }
 
-        public void AddUser(User user)
+        public User AddUser(User user)
         {
-            try
-            {
-                db.User.Add(user);
-                db.SaveChanges();
-            }
-            catch
-            {
-                throw;
-            }
+            db.User.Add(user);
+            db.SaveChanges();
+            return user;
         }
 
-        public void UpdateUser(User user)
+        public User UpdateUser(User user)
         {
-            try
-            {
-                db.Entry(user).State = EntityState.Modified;
-                db.SaveChanges();
-            }
-            catch
-            {
-                throw;
-            }
+            db.Entry(user).State = EntityState.Modified;
+            db.SaveChanges();
+            return user;
         }
 
         public User GetUser(int userId)
         {
-            try
-            {
-                User user = db.User.Find(userId);
-                return user;
-            }
-            catch
-            {
-                throw;
-            }
+            return db.User.Find(userId);
         }
 
         public User GetUser(string Username)
         {
-            try
-            {
-                User user = db.User.Where(item => item.Username == Username).FirstOrDefault();
-                return user;
-            }
-            catch
-            {
-                throw;
-            }
+            return db.User.Where(item => item.Username == Username).FirstOrDefault();
         }
 
         public void DeleteUser(int userId)
         {
-            try
-            {
-                User user = db.User.Find(userId);
-                db.User.Remove(user);
-                db.SaveChanges();
-            }
-            catch
-            {
-                throw;
-            }
+            User user = db.User.Find(userId);
+            db.User.Remove(user);
+            db.SaveChanges();
         }
     }
 }
diff --git a/Oqtane.Server/Repository/UserRoleRepository.cs b/Oqtane.Server/Repository/UserRoleRepository.cs
new file mode 100644
index 00000000..e752c832
--- /dev/null
+++ b/Oqtane.Server/Repository/UserRoleRepository.cs
@@ -0,0 +1,61 @@
+using Microsoft.EntityFrameworkCore;
+using System.Collections.Generic;
+using System.Linq;
+using Oqtane.Models;
+
+namespace Oqtane.Repository
+{
+    public class UserRoleRepository : IUserRoleRepository
+    {
+        private TenantDBContext db;
+
+        public UserRoleRepository(TenantDBContext context)
+        {
+            db = context;
+        }
+
+        public IEnumerable<UserRole> GetUserRoles()
+        {
+            return db.UserRole;
+        }
+        public IEnumerable<UserRole> GetUserRoles(int UserId)
+        {
+            return db.UserRole.Where(item => item.UserId == UserId)
+                .Include(item => item.Role); // eager load roles
+        }
+
+        public IEnumerable<UserRole> GetUserRoles(int UserId, int SiteId)
+        {
+            return db.UserRole.Where(item => item.UserId == UserId)
+                .Include(item => item.Role) // eager load roles
+                .Where(item => item.Role.SiteId == SiteId);
+        }
+
+        public UserRole AddUserRole(UserRole UserRole)
+        {
+            db.UserRole.Add(UserRole);
+            db.SaveChanges();
+            return UserRole;
+        }
+
+        public UserRole UpdateUserRole(UserRole UserRole)
+        {
+            db.Entry(UserRole).State = EntityState.Modified;
+            db.SaveChanges();
+            return UserRole;
+        }
+
+        public UserRole GetUserRole(int UserRoleId)
+        {
+            return db.UserRole.Include(item => item.Role) // eager load roles
+                .SingleOrDefault(item => item.UserRoleId == UserRoleId);
+        }
+
+        public void DeleteUserRole(int UserRoleId)
+        {
+            UserRole UserRole = db.UserRole.Find(UserRoleId);
+            db.UserRole.Remove(UserRole);
+            db.SaveChanges();
+        }
+    }
+}
diff --git a/Oqtane.Server/Scripts/00.00.00.sql b/Oqtane.Server/Scripts/00.00.00.sql
new file mode 100644
index 00000000..c71ec72f
--- /dev/null
+++ b/Oqtane.Server/Scripts/00.00.00.sql
@@ -0,0 +1,823 @@
+/*  
+
+Create tables
+
+*/
+
+CREATE TABLE [dbo].[Site](
+	[SiteId] [int] IDENTITY(1,1) NOT NULL,
+	[Name] [nvarchar](200) NOT NULL,
+	[Logo] [nvarchar](50) NOT NULL,
+	[DefaultThemeType] [nvarchar](200) NULL,
+	[CreatedBy] [nvarchar](256) NOT NULL,
+	[CreatedOn] [datetime] NOT NULL,
+	[ModifiedBy] [nvarchar](256) NOT NULL,
+	[ModifiedOn] [datetime] NOT NULL,
+  CONSTRAINT [PK_Site] PRIMARY KEY CLUSTERED 
+  (
+	[SiteId] ASC
+  )
+)
+GO
+
+CREATE TABLE [dbo].[Page](
+	[PageId] [int] IDENTITY(1,1) NOT NULL,
+	[SiteId] [int] NOT NULL,
+	[Path] [nvarchar](50) NOT NULL,
+	[Name] [nvarchar](50) NOT NULL,
+	[ThemeType] [nvarchar](200) NULL,
+	[Icon] [nvarchar](50) NOT NULL,
+	[Panes] [nvarchar](50) NOT NULL,
+	[ParentId] [int] NULL,
+	[Order] [int] NOT NULL,
+	[IsNavigation] [bit] NOT NULL,
+	[LayoutType] [nvarchar](200) NOT NULL,
+	[EditMode] [bit] NOT NULL,
+	[CreatedBy] [nvarchar](256) NOT NULL,
+	[CreatedOn] [datetime] NOT NULL,
+	[ModifiedBy] [nvarchar](256) NOT NULL,
+	[ModifiedOn] [datetime] NOT NULL,
+  CONSTRAINT [PK_Page] PRIMARY KEY CLUSTERED 
+  (
+	[PageId] ASC
+  )
+)
+GO
+
+CREATE TABLE [dbo].[Module](
+	[ModuleId] [int] IDENTITY(1,1) NOT NULL,
+	[SiteId] [int] NOT NULL,
+	[ModuleDefinitionName] [nvarchar](200) NOT NULL,
+	[CreatedBy] [nvarchar](256) NOT NULL,
+	[CreatedOn] [datetime] NOT NULL,
+	[ModifiedBy] [nvarchar](256) NOT NULL,
+	[ModifiedOn] [datetime] NOT NULL,
+  CONSTRAINT [PK_Module] PRIMARY KEY CLUSTERED 
+  (
+	[ModuleId] ASC
+  )
+)
+GO
+
+CREATE TABLE [dbo].[PageModule](
+	[PageModuleId] [int] IDENTITY(1,1) NOT NULL,
+	[PageId] [int] NOT NULL,
+	[ModuleId] [int] NOT NULL,
+	[Title] [nvarchar](200) NOT NULL,
+	[Pane] [nvarchar](50) NOT NULL,
+	[Order] [int] NOT NULL,
+	[ContainerType] [nvarchar](200) NOT NULL,
+	[CreatedBy] [nvarchar](256) NOT NULL,
+	[CreatedOn] [datetime] NOT NULL,
+	[ModifiedBy] [nvarchar](256) NOT NULL,
+	[ModifiedOn] [datetime] NOT NULL,
+  CONSTRAINT [PK_PageModule] PRIMARY KEY CLUSTERED 
+  (
+	[PageModuleId] ASC
+  )
+)
+GO
+
+CREATE TABLE [dbo].[User](
+	[UserId] [int] IDENTITY(1,1) NOT NULL,
+	[Username] [nvarchar](256) NOT NULL,
+	[DisplayName] [nvarchar](50) NOT NULL,
+	[Email] [nvarchar](256) NOT NULL,
+	[IsHost] [bit] NOT NULL,
+	[CreatedBy] [nvarchar](256) NOT NULL,
+	[CreatedOn] [datetime] NOT NULL,
+	[ModifiedBy] [nvarchar](256) NOT NULL,
+	[ModifiedOn] [datetime] NOT NULL,
+  CONSTRAINT [PK_User] PRIMARY KEY CLUSTERED 
+  (
+	[UserId] ASC
+  )
+)
+GO
+
+CREATE TABLE [dbo].[SiteUser](
+	[SiteUserId] [int] IDENTITY(1,1) NOT NULL,
+	[SiteId] [int] NOT NULL,
+	[UserId] [int] NOT NULL,
+	[CreatedBy] [nvarchar](256) NOT NULL,
+	[CreatedOn] [datetime] NOT NULL,
+	[ModifiedBy] [nvarchar](256) NOT NULL,
+	[ModifiedOn] [datetime] NOT NULL,
+  CONSTRAINT [PK_SiteUser] PRIMARY KEY CLUSTERED 
+  (
+	[SiteUserId] ASC
+  )
+)
+GO
+
+CREATE TABLE [dbo].[Role](
+	[RoleId] [int] IDENTITY(1,1) NOT NULL,
+	[SiteId] [int] NULL,
+	[Name] [nvarchar](256) NOT NULL,
+	[Description] [nvarchar](50) NOT NULL,
+	[IsAutoAssigned] [bit] NOT NULL,
+	[CreatedBy] [nvarchar](256) NOT NULL,
+	[CreatedOn] [datetime] NOT NULL,
+	[ModifiedBy] [nvarchar](256) NOT NULL,
+	[ModifiedOn] [datetime] NOT NULL,
+  CONSTRAINT [PK_Role] PRIMARY KEY CLUSTERED 
+  (
+	[RoleId] ASC
+  )
+)
+GO
+
+CREATE TABLE [dbo].[UserRole](
+	[UserRoleId] [int] IDENTITY(1,1) NOT NULL,
+	[UserId] [int] NOT NULL,
+	[RoleId] [int] NOT NULL,
+	[EffectiveDate] [datetime] NULL,
+	[ExpiryDate] [datetime] NULL,
+	[CreatedBy] [nvarchar](256) NOT NULL,
+	[CreatedOn] [datetime] NOT NULL,
+	[ModifiedBy] [nvarchar](256) NOT NULL,
+	[ModifiedOn] [datetime] NOT NULL,
+  CONSTRAINT [PK_UserRole] PRIMARY KEY CLUSTERED 
+  (
+	[UserRoleId] ASC
+  )
+)
+GO
+
+CREATE TABLE [dbo].[Permission](
+	[PermissionId] [int] IDENTITY(1,1) NOT NULL,
+	[SiteId] [int] NOT NULL,
+	[EntityName] [nvarchar](50) NOT NULL,
+	[EntityId] [int] NOT NULL,
+	[PermissionName] [nvarchar](50) NOT NULL,
+	[RoleId] [int] NULL,
+	[UserId] [int] NULL,
+	[IsAuthorized] [bit] NOT NULL,
+	[CreatedBy] [nvarchar](256) NOT NULL,
+	[CreatedOn] [datetime] NOT NULL,
+	[ModifiedBy] [nvarchar](256) NOT NULL,
+	[ModifiedOn] [datetime] NOT NULL,
+  CONSTRAINT [PK_Permission] PRIMARY KEY CLUSTERED 
+  (
+	[PermissionId] ASC
+  )
+)
+GO
+
+CREATE TABLE [dbo].[Setting](
+	[SettingId] [int] IDENTITY(1,1) NOT NULL,
+	[EntityName] [nvarchar](50) NOT NULL,
+	[EntityId] [int] NOT NULL,
+	[SettingName] [nvarchar](50) NOT NULL,
+	[SettingValue] [nvarchar](max) NOT NULL,
+	[CreatedBy] [nvarchar](256) NOT NULL,
+	[CreatedOn] [datetime] NOT NULL,
+	[ModifiedBy] [nvarchar](256) NOT NULL,
+	[ModifiedOn] [datetime] NOT NULL,
+  CONSTRAINT [PK_Setting] PRIMARY KEY CLUSTERED 
+  (
+	[SettingId] ASC
+  )
+)
+GO
+
+CREATE TABLE [dbo].[Profile](
+	[ProfileId] [int] IDENTITY(1,1) NOT NULL,
+	[SiteId] [int] NULL,
+	[Name] [nvarchar](50) NOT NULL,
+	[Title] [nvarchar](50) NOT NULL,
+	[Description] [nvarchar](256) NULL,
+	[Category] [nvarchar](50) NOT NULL,
+	[ViewOrder] [int] NOT NULL,
+	[MaxLength] [int] NOT NULL,
+	[DefaultValue] [nvarchar](2000) NULL,
+	[IsRequired] [bit] NOT NULL,
+	[IsPrivate] [bit] NOT NULL,
+	[CreatedBy] [nvarchar](256) NOT NULL,
+	[CreatedOn] [datetime] NOT NULL,
+	[ModifiedBy] [nvarchar](256) NOT NULL,
+	[ModifiedOn] [datetime] NOT NULL,
+  CONSTRAINT [PK_Profile] PRIMARY KEY CLUSTERED 
+  (
+	[ProfileId] ASC
+  )
+)
+
+GO
+
+CREATE TABLE [dbo].[HtmlText](
+	[HtmlTextId] [int] IDENTITY(1,1) NOT NULL,
+	[ModuleId] [int] NOT NULL,
+	[Content] [nvarchar](max) NOT NULL,
+	[CreatedBy] [nvarchar](256) NOT NULL,
+	[CreatedOn] [datetime] NOT NULL,
+	[ModifiedBy] [nvarchar](256) NOT NULL,
+	[ModifiedOn] [datetime] NOT NULL,
+  CONSTRAINT [PK_HtmlText] PRIMARY KEY CLUSTERED 
+  (
+	[HtmlTextId] ASC
+  )
+)
+GO
+
+/*  
+
+Create foreign key relationships
+
+*/
+ALTER TABLE [dbo].[Module] WITH CHECK ADD CONSTRAINT [FK_Module_Site] FOREIGN KEY([SiteId])
+REFERENCES [dbo].[Site] ([SiteId])
+ON DELETE CASCADE
+GO
+
+ALTER TABLE [dbo].[Page] WITH CHECK ADD CONSTRAINT [FK_Page_Site] FOREIGN KEY([SiteId])
+REFERENCES [dbo].[Site] ([SiteId])
+ON DELETE CASCADE
+GO
+
+ALTER TABLE [dbo].[PageModule] WITH CHECK ADD CONSTRAINT [FK_PageModule_Module] FOREIGN KEY([ModuleId])
+REFERENCES [dbo].[Module] ([ModuleId])
+GO
+
+ALTER TABLE [dbo].[PageModule] WITH CHECK ADD CONSTRAINT [FK_PageModule_Page] FOREIGN KEY([PageId])
+REFERENCES [dbo].[Page] ([PageId])
+ON DELETE CASCADE
+GO
+
+ALTER TABLE [dbo].[SiteUser] WITH CHECK ADD CONSTRAINT [FK_SiteUser_Site] FOREIGN KEY([SiteId])
+REFERENCES [dbo].[Site] ([SiteId])
+ON DELETE CASCADE
+GO
+
+ALTER TABLE [dbo].[SiteUser] WITH CHECK ADD CONSTRAINT [FK_SiteUser_User] FOREIGN KEY([UserId])
+REFERENCES [dbo].[User] ([UserId])
+GO
+
+ALTER TABLE [dbo].[HtmlText] WITH CHECK ADD CONSTRAINT [FK_HtmlText_Module] FOREIGN KEY([ModuleId])
+REFERENCES [dbo].[Module] ([ModuleId])
+ON DELETE CASCADE
+GO
+
+ALTER TABLE [dbo].[Role]  WITH CHECK ADD CONSTRAINT [FK_Role_Site] FOREIGN KEY ([SiteId]) 
+REFERENCES [dbo].[Site] ([SiteId]) 
+ON DELETE CASCADE 
+GO
+
+ALTER TABLE [dbo].[UserRole] WITH CHECK ADD CONSTRAINT [FK_UserRole_User] FOREIGN KEY ([UserId]) 
+REFERENCES [dbo].[User] ([UserId]) 
+ON DELETE CASCADE 
+GO
+
+ALTER TABLE [dbo].[UserRole] WITH CHECK ADD CONSTRAINT [FK_UserRole_Role] FOREIGN KEY ([RoleId]) 
+REFERENCES [dbo].[Role] ([RoleId]) 
+GO
+
+ALTER TABLE [dbo].[Permission] WITH CHECK ADD CONSTRAINT [FK_Permission_Site] FOREIGN KEY ([SiteId]) 
+REFERENCES [dbo].[Site] ([SiteId]) 
+ON DELETE CASCADE 
+GO
+
+ALTER TABLE [dbo].[Permission] WITH CHECK ADD CONSTRAINT [FK_Permission_User] FOREIGN KEY ([UserId]) 
+REFERENCES [dbo].[User] ([UserId]) 	
+GO
+
+ALTER TABLE [dbo].[Permission] WITH CHECK ADD CONSTRAINT [FK_Permission_Role] FOREIGN KEY ([RoleId]) 
+REFERENCES [dbo].[Role] ([RoleId]) 
+GO
+
+ALTER TABLE [dbo].[Profile] WITH NOCHECK ADD CONSTRAINT [FK_Profile_Sites] FOREIGN KEY([SiteId])
+REFERENCES [dbo].[Site] ([SiteId])
+ON DELETE CASCADE
+GO
+
+/*  
+
+Create indexes
+
+*/
+
+CREATE UNIQUE NONCLUSTERED INDEX IX_Setting ON dbo.Setting
+	(
+	EntityName,
+	EntityId,
+	SettingName
+	) ON [PRIMARY]
+GO
+
+CREATE UNIQUE NONCLUSTERED INDEX IX_User ON dbo.[User]
+	(
+	Username
+	) ON [PRIMARY]
+GO
+
+CREATE UNIQUE NONCLUSTERED INDEX IX_SiteUser ON dbo.SiteUser
+	(
+	SiteId,
+	UserId
+	) ON [PRIMARY]
+GO
+
+CREATE UNIQUE NONCLUSTERED INDEX IX_Permission ON dbo.Permission
+	(
+	SiteId,
+	EntityName,
+	EntityId,
+	PermissionName,
+	RoleId,
+	UserId
+	) ON [PRIMARY]
+GO
+
+CREATE UNIQUE NONCLUSTERED INDEX IX_Page ON dbo.Page
+	(
+	SiteId,
+	[Path]
+	) ON [PRIMARY]
+GO
+
+CREATE UNIQUE NONCLUSTERED INDEX IX_UserRole ON dbo.UserRole
+	(
+	RoleId,
+	UserId
+	) ON [PRIMARY]
+GO
+
+/*  
+
+Create seed data
+
+*/
+
+SET IDENTITY_INSERT [dbo].[Site] ON 
+GO
+INSERT [dbo].[Site] ([SiteId], [Name], [Logo], [DefaultThemeType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (1, N'Site1', N'oqtane.png', N'Oqtane.Themes.Theme1.Theme1, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Site] ([SiteId], [Name], [Logo], [DefaultThemeType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (2, N'Site2', N'oqtane.png', N'Oqtane.Themes.Theme1.Theme1, Oqtane.Client', '', getdate(), '', getdate())
+GO
+SET IDENTITY_INSERT [dbo].[Site] OFF
+GO
+
+SET IDENTITY_INSERT [dbo].[Role] ON 
+GO
+INSERT [dbo].[Role] ([RoleId], [SiteId], [Name], [Description], [IsAutoAssigned], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (-1, null, N'All Users', N'All Users', 0, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Role] ([RoleId], [SiteId], [Name], [Description], [IsAutoAssigned], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (0, null, N'Host Users', N'Host Users', 0, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Role] ([RoleId], [SiteId], [Name], [Description], [IsAutoAssigned], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (1, 1, N'Administrators', N'Site Administrators', 0, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Role] ([RoleId], [SiteId], [Name], [Description], [IsAutoAssigned], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (2, 1, N'Registered Users', N'Registered Users', 1, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Role] ([RoleId], [SiteId], [Name], [Description], [IsAutoAssigned], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (3, 2, N'Administrators', N'Site Administrators', 0, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Role] ([RoleId], [SiteId], [Name], [Description], [IsAutoAssigned], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (4, 2, N'Registered Users', N'Registered Users', 1, '', getdate(), '', getdate())
+GO
+SET IDENTITY_INSERT [dbo].[Role] OFF 
+GO
+
+SET IDENTITY_INSERT [dbo].[Profile] ON 
+GO
+INSERT [dbo].[Profile]([ProfileId], [SiteId], [Name], [Title], [Description], [Category], [ViewOrder], [MaxLength], [DefaultValue], [IsRequired], [IsPrivate], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
+VALUES (1, null, 'FirstName', 'First Name', 'Your First Or Given Name', 'Name', 1, 50, '', 1, 0, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Profile]([ProfileId], [SiteId], [Name], [Title], [Description], [Category], [ViewOrder], [MaxLength], [DefaultValue], [IsRequired], [IsPrivate], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
+VALUES (2, null, 'LastName', 'Last Name', 'Your Last Or family Name', 'Name', 2, 50, '', 1, 0, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Profile]([ProfileId], [SiteId], [Name], [Title], [Description], [Category], [ViewOrder], [MaxLength], [DefaultValue], [IsRequired], [IsPrivate], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
+VALUES (3, null, 'Street', 'Street', 'Street Or Building Address', 'Address', 3, 50, '', 1, 0, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Profile]([ProfileId], [SiteId], [Name], [Title], [Description], [Category], [ViewOrder], [MaxLength], [DefaultValue], [IsRequired], [IsPrivate], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
+VALUES (4, null, 'City', 'City', 'City', 'Address', 4, 50, '', 1, 0, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Profile]([ProfileId], [SiteId], [Name], [Title], [Description], [Category], [ViewOrder], [MaxLength], [DefaultValue], [IsRequired], [IsPrivate], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
+VALUES (5, null, 'Region', 'Region', 'State Or Province', 'Address', 5, 50, '', 1, 0, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Profile]([ProfileId], [SiteId], [Name], [Title], [Description], [Category], [ViewOrder], [MaxLength], [DefaultValue], [IsRequired], [IsPrivate], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
+VALUES (6, null, 'Country', 'Country', 'Country', 'Address', 6, 50, '', 1, 0, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Profile]([ProfileId], [SiteId], [Name], [Title], [Description], [Category], [ViewOrder], [MaxLength], [DefaultValue], [IsRequired], [IsPrivate], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
+VALUES (7, null, 'PostalCode', 'Postal Code', 'Postal Code Or Zip Code', 'Address', 7, 50, '', 1, 0, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Profile]([ProfileId], [SiteId], [Name], [Title], [Description], [Category], [ViewOrder], [MaxLength], [DefaultValue], [IsRequired], [IsPrivate], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn])
+VALUES (8, null, 'Phone', 'Phone Number', 'Phone Number', 'Contact', 8, 50, '', 1, 0, '', getdate(), '', getdate())
+GO
+SET IDENTITY_INSERT [dbo].[Profile] OFF 
+GO
+
+SET IDENTITY_INSERT [dbo].[Page] ON 
+GO
+INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [EditMode], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (1, 1, N'Page1', N'', N'Oqtane.Themes.Theme1.Theme1, Oqtane.Client', N'oi-home', N'Left;Right', NULL, 1, 1, N'', 0, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 1, 'View', -1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 1, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 1, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [EditMode], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (2, 1, N'Page2', N'page2', N'Oqtane.Themes.Theme2.Theme2, Oqtane.Client', N'oi-plus', N'Top;Bottom', NULL, 3, 1, N'', 0, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 2, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 2, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [EditMode], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (3, 1, N'Page3', N'page3', N'Oqtane.Themes.Theme3.Theme3, Oqtane.Client', N'oi-list-rich', N'Left;Right', NULL, 5, 1, N'Oqtane.Themes.Theme3.HorizontalLayout, Oqtane.Client', 0, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 3, 'View', -1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 3, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 3, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [EditMode], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (4, 1, N'Admin', N'admin', N'Oqtane.Themes.Theme2.Theme2, Oqtane.Client', N'oi-home', N'Top;Bottom', NULL, 7, 1, N'', '', 1, getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 4, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 4, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [EditMode], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (8, 1, N'Site Management', N'admin/sites', N'Oqtane.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', 4, 1, 1, N'', 1, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 8, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 8, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [EditMode], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (5, 1, N'Page Management', N'admin/pages', N'Oqtane.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', 4, 3, 1, N'', 1, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 5, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 5, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [EditMode], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (10, 1, N'Module Management', N'admin/modules', N'Oqtane.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', 4, 5, 1, N'', 1, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 10, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 10, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [EditMode], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (11, 1, N'Theme Management', N'admin/themes', N'Oqtane.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', 4, 7, 1, N'', 1, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 11, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 11, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [EditMode], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (9, 1, N'User Management', N'admin/users', N'Oqtane.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', 4, 9, 1, N'', 1, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 9, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 9, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [EditMode], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (16, 1, N'Role Management', N'admin/roles', N'Oqtane.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', 4, 11, 1, N'', 1, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 16, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 16, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [EditMode], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (6, 1, N'Login', N'login', N'Oqtane.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', NULL, 7, 0, N'', 0, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 6, 'View', -1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 6, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 6, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [EditMode], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (7, 1, N'Register', N'register', N'Oqtane.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', NULL, 9, 0, N'', 0, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 7, 'View', -1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 7, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 7, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [EditMode], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (17, 1, N'Profile', N'profile', N'Oqtane.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', NULL, 11, 0, N'', 0, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 17, 'View', -1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 17, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Page', 17, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [EditMode], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (12, 2, N'Page1', N'', N'Oqtane.Themes.Theme2.Theme2, Oqtane.Client', N'oi-home', N'Top;Bottom', NULL, 1, 1, N'', 0, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 12, 'View', -1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 12, 'View', 3, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 12, 'Edit', 3, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [EditMode], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (13, 2, N'Page2', N'page2', N'Oqtane.Themes.Theme2.Theme2, Oqtane.Client', N'oi-home', N'Top;Bottom', NULL, 3, 1, N'', 0, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 13, 'View', -1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 13, 'View', 3, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 13, 'Edit', 3, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [EditMode], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (14, 2, N'Login', N'login', N'Oqtane.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', NULL, 5, 0, N'', 0, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 14, 'View', -1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 14, 'View', 3, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 14, 'Edit', 3, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ParentId], [Order], [IsNavigation], [LayoutType], [EditMode], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (15, 2, N'Register', N'register', N'Oqtane.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', NULL, 7, 0, N'', 0, '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 15, 'View', -1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 15, 'View', 3, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Page', 15, 'Edit', 3, null, 1, '', getdate(), '', getdate()) 
+GO
+SET IDENTITY_INSERT [dbo].[Page] OFF 
+GO
+
+SET IDENTITY_INSERT [dbo].[Module] ON 
+GO
+INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (1, 1, N'Oqtane.Modules.Weather, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 1, 'View', -1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 1, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 1, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (2, 1, N'Oqtane.Modules.Counter, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 2, 'View', -1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 2, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 2, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (3, 1, N'Oqtane.Modules.HtmlText, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 3, 'View', -1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 3, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 3, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (4, 1, N'Oqtane.Modules.Weather, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 4, 'View', -1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 4, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 4, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (5, 1, N'Oqtane.Modules.HtmlText, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 5, 'View', -1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 5, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 5, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (6, 1, N'Oqtane.Modules.HtmlText, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 6, 'View', -1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 6, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 6, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (7, 1, N'Oqtane.Modules.HtmlText, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 7, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 7, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (8, 1, N'Oqtane.Modules.Admin.Pages, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 8, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 8, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (9, 1, N'Oqtane.Modules.Admin.Login, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 9, 'View', -1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 9, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 9, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (10, 1, N'Oqtane.Modules.Admin.Register, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 10, 'View', -1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 10, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 10, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (11, 1, N'Oqtane.Modules.Admin.Dashboard, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 11, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 11, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (12, 1, N'Oqtane.Modules.Admin.Sites, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 12, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 12, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (13, 1, N'Oqtane.Modules.Admin.Users, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 13, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 13, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (14, 1, N'Oqtane.Modules.Admin.ModuleDefinitions, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 14, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 14, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (15, 1, N'Oqtane.Modules.Admin.Themes, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 15, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 15, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (16, 2, N'Oqtane.Modules.HtmlText, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 16, 'View', -1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 16, 'View', 3, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 16, 'Edit', 3, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (17, 2, N'Oqtane.Modules.HtmlText, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 17, 'View', -1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 17, 'View', 3, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 17, 'Edit', 3, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (18, 2, N'Oqtane.Modules.Admin.Login, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 18, 'View', -1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 18, 'View', 3, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 18, 'Edit', 3, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (19, 2, N'Oqtane.Modules.Admin.Register, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 19, 'View', -1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 19, 'View', 3, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (2, 'Module', 19, 'Edit', 3, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (20, 1, N'Oqtane.Modules.Admin.Roles, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 20, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 20, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (21, 1, N'Oqtane.Modules.Admin.Profile, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 21, 'View', -1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 21, 'View', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+INSERT [dbo].[Permission] ([SiteId], [EntityName], [EntityId], [PermissionName], [RoleId], [UserId], [IsAuthorized], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) VALUES (1, 'Module', 21, 'Edit', 1, null, 1, '', getdate(), '', getdate()) 
+GO
+SET IDENTITY_INSERT [dbo].[Module] OFF 
+GO
+
+SET IDENTITY_INSERT [dbo].[PageModule] ON 
+GO
+INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (1, 1, 1, N'Weather', N'Right', 1, N'Oqtane.Themes.Theme1.Container1, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (2, 1, 2, N'Counter', N'Left', 1, N'Oqtane.Themes.Theme1.Container1, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (3, 1, 3, N'Lorem ipsum', N'Left', 3, N'Oqtane.Themes.Theme1.Container1, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (4, 2, 4, N'Weather', N'Top', 1, N'Oqtane.Themes.Theme2.Container2, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (5, 2, 5, N'Enim sed', N'Top', 3, N'Oqtane.Themes.Theme1.Container1, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (6, 3, 6, N'Id consectetur', N'Left', 1, N'Oqtane.Themes.Theme1.Container1, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (7, 3, 7, N'Ornare arcu', N'Right', 1, N'Oqtane.Themes.Theme1.Container1, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (8, 5, 8, N'Page Management', N'Top', 1, N'Oqtane.Themes.Theme2.Container2, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (9, 6, 9, N'Login', N'Top', 1, N'Oqtane.Themes.Theme2.Container2, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (10, 7, 10, N'Register', N'Top', 1, N'Oqtane.Themes.Theme2.Container2, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (11, 4, 11, N'Administration', N'Top', 1, N'Oqtane.Themes.Theme2.Container2, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (12, 8, 12, N'Site Management', N'Top', 1, N'Oqtane.Themes.Theme2.Container2, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (13, 9, 13, N'User Management', N'Top', 1, N'Oqtane.Themes.Theme2.Container2, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (14, 10, 14, N'Module Management', N'Top', 1, N'Oqtane.Themes.Theme2.Container2, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (15, 11, 15, N'Theme Management', N'Top', 1, N'Oqtane.Themes.Theme2.Container2, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (16, 12, 16, N'Id consectetur', N'Top', 1, N'Oqtane.Themes.Theme2.Container2, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (17, 13, 17, N'Lorem ipsum', N'Top', 1, N'Oqtane.Themes.Theme2.Container2, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (18, 14, 18, N'Login', N'Top', 1, N'Oqtane.Themes.Theme2.Container2, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (19, 15, 19, N'Register', N'Top', 1, N'Oqtane.Themes.Theme2.Container2, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (20, 16, 20, N'Role Management', N'Top', 1, N'Oqtane.Themes.Theme2.Container2, Oqtane.Client', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (21, 17, 21, N'User Profile', N'Top', 1, N'Oqtane.Themes.Theme2.Container2, Oqtane.Client', '', getdate(), '', getdate())
+GO
+SET IDENTITY_INSERT [dbo].[PageModule] OFF 
+GO
+
+SET IDENTITY_INSERT [dbo].[HtmlText] ON 
+GO
+INSERT [dbo].[HtmlText] ([HtmlTextId], [ModuleId], [Content], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (1, 3, N'Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum. <br /><br /><a href="http://localhost:44357/site2/">Go To Site2</a>', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[HtmlText] ([HtmlTextId], [ModuleId], [Content], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (2, 5, N'Enim sed faucibus turpis in eu mi bibendum neque egestas. Quis hendrerit dolor magna eget est lorem. Dui faucibus in ornare quam viverra orci sagittis. Integer eget aliquet nibh praesent tristique magna sit. Nunc aliquet bibendum enim facilisis gravida neque convallis a cras. Tortor id aliquet lectus proin. Diam volutpat commodo sed egestas egestas fringilla. Posuere sollicitudin aliquam ultrices sagittis orci. Viverra mauris in aliquam sem fringilla ut morbi tincidunt. Eget gravida cum sociis natoque penatibus et. Sagittis orci a scelerisque purus semper. Eget velit aliquet sagittis id consectetur purus. Volutpat blandit aliquam etiam erat. Et tortor consequat id porta nibh venenatis cras. Volutpat odio facilisis mauris sit amet. Varius duis at consectetur lorem.', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[HtmlText] ([HtmlTextId], [ModuleId], [Content], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (3, 6, N'Id consectetur purus ut faucibus pulvinar elementum integer. Bibendum neque egestas congue quisque egestas diam in arcu. Eget nullam non nisi est sit amet facilisis. Sit amet consectetur adipiscing elit pellentesque. Id aliquet risus feugiat in. Enim blandit volutpat maecenas volutpat blandit aliquam etiam erat. Commodo odio aenean sed adipiscing. Pharetra massa massa ultricies mi quis hendrerit dolor magna. Aliquet enim tortor at auctor urna nunc. Nulla pellentesque dignissim enim sit amet. Suscipit adipiscing bibendum est ultricies integer quis auctor. Lacinia quis vel eros donec ac odio tempor. Aliquam vestibulum morbi blandit cursus risus at.', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[HtmlText] ([HtmlTextId], [ModuleId], [Content], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (4, 7, N'Ornare arcu dui vivamus arcu felis bibendum ut. Tortor vitae purus faucibus ornare. Lectus sit amet est placerat in egestas erat imperdiet sed. Aliquam sem et tortor consequat id. Fermentum iaculis eu non diam phasellus vestibulum. Ultricies integer quis auctor elit sed. Fermentum odio eu feugiat pretium nibh ipsum. Ut consequat semper viverra nam libero. Blandit aliquam etiam erat velit scelerisque in dictum non consectetur. At risus viverra adipiscing at in tellus. Facilisi nullam vehicula ipsum a arcu cursus vitae congue. At varius vel pharetra vel turpis nunc eget lorem dolor. Morbi non arcu risus quis varius. Turpis massa sed elementum tempus egestas.', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[HtmlText] ([HtmlTextId], [ModuleId], [Content], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (5, 16, N'Id consectetur purus ut faucibus pulvinar elementum integer. Bibendum neque egestas congue quisque egestas diam in arcu. Eget nullam non nisi est sit amet facilisis. Sit amet consectetur adipiscing elit pellentesque. Id aliquet risus feugiat in. Enim blandit volutpat maecenas volutpat blandit aliquam etiam erat. Commodo odio aenean sed adipiscing. Pharetra massa massa ultricies mi quis hendrerit dolor magna. Aliquet enim tortor at auctor urna nunc. Nulla pellentesque dignissim enim sit amet. Suscipit adipiscing bibendum est ultricies integer quis auctor. Lacinia quis vel eros donec ac odio tempor. Aliquam vestibulum morbi blandit cursus risus at.  <br /><br /><a href="http://localhost:44357/">Go To Site1</a>', '', getdate(), '', getdate())
+GO
+INSERT [dbo].[HtmlText] ([HtmlTextId], [ModuleId], [Content], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (6, 17, N'Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.', '', getdate(), '', getdate())
+GO
+SET IDENTITY_INSERT [dbo].[HtmlText] OFF 
+GO
\ No newline at end of file
diff --git a/Oqtane.Server/Scripts/00.00.01.sql b/Oqtane.Server/Scripts/00.00.01.sql
new file mode 100644
index 00000000..90118490
--- /dev/null
+++ b/Oqtane.Server/Scripts/00.00.01.sql
@@ -0,0 +1,68 @@
+/*  
+
+ASP.NET Identity Minimal Schema
+
+*/
+
+CREATE TABLE [dbo].[AspNetUsers](
+	[Id] [nvarchar](450) NOT NULL,
+	[UserName] [nvarchar](256) NULL,
+	[NormalizedUserName] [nvarchar](256) NULL,
+	[Email] [nvarchar](256) NULL,
+	[NormalizedEmail] [nvarchar](256) NULL,
+	[EmailConfirmed] [bit] NOT NULL,
+	[PasswordHash] [nvarchar](max) NULL,
+	[SecurityStamp] [nvarchar](max) NULL,
+	[ConcurrencyStamp] [nvarchar](max) NULL,
+	[PhoneNumber] [nvarchar](max) NULL,
+	[PhoneNumberConfirmed] [bit] NOT NULL,
+	[TwoFactorEnabled] [bit] NOT NULL,
+	[LockoutEnd] [datetimeoffset](7) NULL,
+	[LockoutEnabled] [bit] NOT NULL,
+	[AccessFailedCount] [int] NOT NULL,
+ CONSTRAINT [PK_AspNetUsers] PRIMARY KEY CLUSTERED 
+(
+	[Id] ASC
+) ON [PRIMARY]
+) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY]
+GO
+
+CREATE TABLE [dbo].[AspNetUserClaims](
+	[Id] [int] IDENTITY(1,1) NOT NULL,
+	[UserId] [nvarchar](450) NOT NULL,
+	[ClaimType] [nvarchar](max) NULL,
+	[ClaimValue] [nvarchar](max) NULL,
+ CONSTRAINT [PK_AspNetUserClaims] PRIMARY KEY CLUSTERED 
+(
+	[Id] ASC
+) ON [PRIMARY]
+) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY]
+GO
+
+CREATE NONCLUSTERED INDEX [IX_AspNetUserClaims_UserId] ON [dbo].[AspNetUserClaims]
+(
+	[UserId] ASC
+) ON [PRIMARY]
+GO
+
+CREATE NONCLUSTERED INDEX [EmailIndex] ON [dbo].[AspNetUsers]
+(
+	[NormalizedEmail] ASC
+) ON [PRIMARY]
+GO
+
+CREATE UNIQUE NONCLUSTERED INDEX [UserNameIndex] ON [dbo].[AspNetUsers]
+(
+	[NormalizedUserName] ASC
+)
+WHERE ([NormalizedUserName] IS NOT NULL)
+ON [PRIMARY]
+GO
+
+ALTER TABLE [dbo].[AspNetUserClaims]  WITH CHECK ADD  CONSTRAINT [FK_AspNetUserClaims_AspNetUsers_UserId] FOREIGN KEY([UserId])
+REFERENCES [dbo].[AspNetUsers] ([Id])
+ON DELETE CASCADE
+GO
+
+ALTER TABLE [dbo].[AspNetUserClaims] CHECK CONSTRAINT [FK_AspNetUserClaims_AspNetUsers_UserId]
+GO
diff --git a/Oqtane.Server/Scripts/Identity.sql b/Oqtane.Server/Scripts/Identity.sql
deleted file mode 100644
index 45f9cd66..00000000
--- a/Oqtane.Server/Scripts/Identity.sql
+++ /dev/null
@@ -1,190 +0,0 @@
-CREATE TABLE [dbo].[AspNetRoleClaims](
-	[Id] [int] IDENTITY(1,1) NOT NULL,
-	[RoleId] [nvarchar](450) NOT NULL,
-	[ClaimType] [nvarchar](max) NULL,
-	[ClaimValue] [nvarchar](max) NULL,
- CONSTRAINT [PK_AspNetRoleClaims] PRIMARY KEY CLUSTERED 
-(
-	[Id] ASC
-) ON [PRIMARY]
-) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY]
-GO
-
-CREATE TABLE [dbo].[AspNetRoles](
-	[Id] [nvarchar](450) NOT NULL,
-	[Name] [nvarchar](256) NULL,
-	[NormalizedName] [nvarchar](256) NULL,
-	[ConcurrencyStamp] [nvarchar](max) NULL,
- CONSTRAINT [PK_AspNetRoles] PRIMARY KEY CLUSTERED 
-(
-	[Id] ASC
-) ON [PRIMARY]
-) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY]
-GO
-
-CREATE TABLE [dbo].[AspNetUserClaims](
-	[Id] [int] IDENTITY(1,1) NOT NULL,
-	[UserId] [nvarchar](450) NOT NULL,
-	[ClaimType] [nvarchar](max) NULL,
-	[ClaimValue] [nvarchar](max) NULL,
- CONSTRAINT [PK_AspNetUserClaims] PRIMARY KEY CLUSTERED 
-(
-	[Id] ASC
-) ON [PRIMARY]
-) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY]
-GO
-
-CREATE TABLE [dbo].[AspNetUserLogins](
-	[LoginProvider] [nvarchar](128) NOT NULL,
-	[ProviderKey] [nvarchar](128) NOT NULL,
-	[ProviderDisplayName] [nvarchar](max) NULL,
-	[UserId] [nvarchar](450) NOT NULL,
- CONSTRAINT [PK_AspNetUserLogins] PRIMARY KEY CLUSTERED 
-(
-	[LoginProvider] ASC,
-	[ProviderKey] ASC
-) ON [PRIMARY]
-) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY]
-GO
-
-CREATE TABLE [dbo].[AspNetUserRoles](
-	[UserId] [nvarchar](450) NOT NULL,
-	[RoleId] [nvarchar](450) NOT NULL,
- CONSTRAINT [PK_AspNetUserRoles] PRIMARY KEY CLUSTERED 
-(
-	[UserId] ASC,
-	[RoleId] ASC
-) ON [PRIMARY]
-) ON [PRIMARY]
-GO
-
-CREATE TABLE [dbo].[AspNetUsers](
-	[Id] [nvarchar](450) NOT NULL,
-	[UserName] [nvarchar](256) NULL,
-	[NormalizedUserName] [nvarchar](256) NULL,
-	[Email] [nvarchar](256) NULL,
-	[NormalizedEmail] [nvarchar](256) NULL,
-	[EmailConfirmed] [bit] NOT NULL,
-	[PasswordHash] [nvarchar](max) NULL,
-	[SecurityStamp] [nvarchar](max) NULL,
-	[ConcurrencyStamp] [nvarchar](max) NULL,
-	[PhoneNumber] [nvarchar](max) NULL,
-	[PhoneNumberConfirmed] [bit] NOT NULL,
-	[TwoFactorEnabled] [bit] NOT NULL,
-	[LockoutEnd] [datetimeoffset](7) NULL,
-	[LockoutEnabled] [bit] NOT NULL,
-	[AccessFailedCount] [int] NOT NULL,
- CONSTRAINT [PK_AspNetUsers] PRIMARY KEY CLUSTERED 
-(
-	[Id] ASC
-) ON [PRIMARY]
-) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY]
-GO
-
-CREATE TABLE [dbo].[AspNetUserTokens](
-	[UserId] [nvarchar](450) NOT NULL,
-	[LoginProvider] [nvarchar](128) NOT NULL,
-	[Name] [nvarchar](128) NOT NULL,
-	[Value] [nvarchar](max) NULL,
- CONSTRAINT [PK_AspNetUserTokens] PRIMARY KEY CLUSTERED 
-(
-	[UserId] ASC,
-	[LoginProvider] ASC,
-	[Name] ASC
-) ON [PRIMARY]
-) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY]
-GO
-
-CREATE NONCLUSTERED INDEX [IX_AspNetRoleClaims_RoleId] ON [dbo].[AspNetRoleClaims]
-(
-	[RoleId] ASC
-) ON [PRIMARY]
-GO
-
-CREATE UNIQUE NONCLUSTERED INDEX [RoleNameIndex] ON [dbo].[AspNetRoles]
-(
-	[NormalizedName] ASC
-)
-WHERE ([NormalizedName] IS NOT NULL)
- ON [PRIMARY]
-GO
-
-CREATE NONCLUSTERED INDEX [IX_AspNetUserClaims_UserId] ON [dbo].[AspNetUserClaims]
-(
-	[UserId] ASC
-) ON [PRIMARY]
-GO
-
-CREATE NONCLUSTERED INDEX [IX_AspNetUserLogins_UserId] ON [dbo].[AspNetUserLogins]
-(
-	[UserId] ASC
-) ON [PRIMARY]
-GO
-
-CREATE NONCLUSTERED INDEX [IX_AspNetUserRoles_RoleId] ON [dbo].[AspNetUserRoles]
-(
-	[RoleId] ASC
-) ON [PRIMARY]
-GO
-
-CREATE NONCLUSTERED INDEX [EmailIndex] ON [dbo].[AspNetUsers]
-(
-	[NormalizedEmail] ASC
-) ON [PRIMARY]
-GO
-
-CREATE UNIQUE NONCLUSTERED INDEX [UserNameIndex] ON [dbo].[AspNetUsers]
-(
-	[NormalizedUserName] ASC
-)
-WHERE ([NormalizedUserName] IS NOT NULL)
-ON [PRIMARY]
-GO
-
-ALTER TABLE [dbo].[AspNetRoleClaims]  WITH CHECK ADD  CONSTRAINT [FK_AspNetRoleClaims_AspNetRoles_RoleId] FOREIGN KEY([RoleId])
-REFERENCES [dbo].[AspNetRoles] ([Id])
-ON DELETE CASCADE
-GO
-
-ALTER TABLE [dbo].[AspNetRoleClaims] CHECK CONSTRAINT [FK_AspNetRoleClaims_AspNetRoles_RoleId]
-GO
-
-ALTER TABLE [dbo].[AspNetUserClaims]  WITH CHECK ADD  CONSTRAINT [FK_AspNetUserClaims_AspNetUsers_UserId] FOREIGN KEY([UserId])
-REFERENCES [dbo].[AspNetUsers] ([Id])
-ON DELETE CASCADE
-GO
-
-ALTER TABLE [dbo].[AspNetUserClaims] CHECK CONSTRAINT [FK_AspNetUserClaims_AspNetUsers_UserId]
-GO
-
-ALTER TABLE [dbo].[AspNetUserLogins]  WITH CHECK ADD  CONSTRAINT [FK_AspNetUserLogins_AspNetUsers_UserId] FOREIGN KEY([UserId])
-REFERENCES [dbo].[AspNetUsers] ([Id])
-ON DELETE CASCADE
-GO
-
-ALTER TABLE [dbo].[AspNetUserLogins] CHECK CONSTRAINT [FK_AspNetUserLogins_AspNetUsers_UserId]
-GO
-
-ALTER TABLE [dbo].[AspNetUserRoles]  WITH CHECK ADD  CONSTRAINT [FK_AspNetUserRoles_AspNetRoles_RoleId] FOREIGN KEY([RoleId])
-REFERENCES [dbo].[AspNetRoles] ([Id])
-ON DELETE CASCADE
-GO
-
-ALTER TABLE [dbo].[AspNetUserRoles] CHECK CONSTRAINT [FK_AspNetUserRoles_AspNetRoles_RoleId]
-GO
-
-ALTER TABLE [dbo].[AspNetUserRoles]  WITH CHECK ADD  CONSTRAINT [FK_AspNetUserRoles_AspNetUsers_UserId] FOREIGN KEY([UserId])
-REFERENCES [dbo].[AspNetUsers] ([Id])
-ON DELETE CASCADE
-GO
-
-ALTER TABLE [dbo].[AspNetUserRoles] CHECK CONSTRAINT [FK_AspNetUserRoles_AspNetUsers_UserId]
-GO
-
-ALTER TABLE [dbo].[AspNetUserTokens]  WITH CHECK ADD  CONSTRAINT [FK_AspNetUserTokens_AspNetUsers_UserId] FOREIGN KEY([UserId])
-REFERENCES [dbo].[AspNetUsers] ([Id])
-ON DELETE CASCADE
-GO
-
-ALTER TABLE [dbo].[AspNetUserTokens] CHECK CONSTRAINT [FK_AspNetUserTokens_AspNetUsers_UserId]
-GO
diff --git a/Oqtane.Server/Scripts/Master.sql b/Oqtane.Server/Scripts/Master.sql
index 9c2cb0b4..cbe422d1 100644
--- a/Oqtane.Server/Scripts/Master.sql
+++ b/Oqtane.Server/Scripts/Master.sql
@@ -8,6 +8,10 @@ CREATE TABLE [dbo].[Alias](
 	[Name] [nvarchar](200) NOT NULL,
 	[TenantId] [int] NOT NULL,
 	[SiteId] [int] NOT NULL,
+	[CreatedBy] [nvarchar](256) NOT NULL,
+	[CreatedOn] [datetime] NOT NULL,
+	[ModifiedBy] [nvarchar](256) NOT NULL,
+	[ModifiedOn] [datetime] NOT NULL,
   CONSTRAINT [PK_Alias] PRIMARY KEY CLUSTERED 
   (
 	[AliasId] ASC
@@ -19,7 +23,11 @@ CREATE TABLE [dbo].[Tenant](
 	[TenantId] [int] IDENTITY(1,1) NOT NULL,
 	[Name] [nvarchar](100) NOT NULL,
 	[DBConnectionString] [nvarchar](1024) NOT NULL,
-	[DBSchema] [nvarchar](50) NOT NULL
+	[DBSchema] [nvarchar](50) NOT NULL,
+	[CreatedBy] [nvarchar](256) NOT NULL,
+	[CreatedOn] [datetime] NOT NULL,
+	[ModifiedBy] [nvarchar](256) NOT NULL,
+	[ModifiedOn] [datetime] NOT NULL,
   CONSTRAINT [PK_Tenant] PRIMARY KEY CLUSTERED 
   (
 	[TenantId] ASC
@@ -45,19 +53,19 @@ Create seed data
 */
 SET IDENTITY_INSERT [dbo].[Tenant] ON 
 GO
-INSERT [dbo].[Tenant] ([TenantId], [Name], [DBConnectionString], [DBSchema]) 
-VALUES (1, N'Tenant1', N'{ConnectionString}', N'')
+INSERT [dbo].[Tenant] ([TenantId], [Name], [DBConnectionString], [DBSchema], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (1, N'Tenant1', N'{ConnectionString}', N'', '', getdate(), '', getdate())
 GO
 SET IDENTITY_INSERT [dbo].[Tenant] OFF
 GO
 
 SET IDENTITY_INSERT [dbo].[Alias] ON 
 GO
-INSERT [dbo].[Alias] ([AliasId], [Name], [TenantId], [SiteId]) 
-VALUES (1, N'{Alias}', 1, 1)
+INSERT [dbo].[Alias] ([AliasId], [Name], [TenantId], [SiteId], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (1, N'{Alias}', 1, 1, '', getdate(), '', getdate())
 GO
-INSERT [dbo].[Alias] ([AliasId], [Name], [TenantId], [SiteId]) 
-VALUES (2, N'{Alias}/site2', 1, 2)
+INSERT [dbo].[Alias] ([AliasId], [Name], [TenantId], [SiteId], [CreatedBy], [CreatedOn], [ModifiedBy], [ModifiedOn]) 
+VALUES (2, N'{Alias}/site2', 1, 2, '', getdate(), '', getdate())
 GO
 SET IDENTITY_INSERT [dbo].[Alias] OFF
 GO
diff --git a/Oqtane.Server/Scripts/Tenant.sql b/Oqtane.Server/Scripts/Tenant.sql
deleted file mode 100644
index 5719f48f..00000000
--- a/Oqtane.Server/Scripts/Tenant.sql
+++ /dev/null
@@ -1,316 +0,0 @@
-/*  
-
-Create tables
-
-*/
-
-CREATE TABLE [dbo].[Site](
-	[SiteId] [int] IDENTITY(1,1) NOT NULL,
-	[Name] [nvarchar](200) NOT NULL,
-	[Logo] [nvarchar](50) NOT NULL,
-  CONSTRAINT [PK_Site] PRIMARY KEY CLUSTERED 
-  (
-	[SiteId] ASC
-  )
-)
-GO
-
-CREATE TABLE [dbo].[Page](
-	[PageId] [int] IDENTITY(1,1) NOT NULL,
-	[SiteId] [int] NOT NULL,
-	[Path] [nvarchar](50) NOT NULL,
-	[Name] [nvarchar](50) NOT NULL,
-	[ThemeType] [nvarchar](200) NULL,
-	[Icon] [nvarchar](50) NOT NULL,
-	[Panes] [nvarchar](50) NOT NULL,
-	[ViewPermissions] [nvarchar](500) NOT NULL,
-	[EditPermissions] [nvarchar](500) NOT NULL,
-	[ParentId] [int] NULL,
-	[Order] [int] NOT NULL,
-	[IsNavigation] [bit] NOT NULL,
-	[LayoutType] [nvarchar](200) NOT NULL,
-  CONSTRAINT [PK_Page] PRIMARY KEY CLUSTERED 
-  (
-	[PageId] ASC
-  )
-)
-GO
-
-CREATE TABLE [dbo].[Module](
-	[ModuleId] [int] IDENTITY(1,1) NOT NULL,
-	[SiteId] [int] NOT NULL,
-	[ModuleDefinitionName] [nvarchar](200) NOT NULL,
-	[ViewPermissions] [nvarchar](500) NOT NULL,
-	[EditPermissions] [nvarchar](500) NOT NULL,
-  CONSTRAINT [PK_Module] PRIMARY KEY CLUSTERED 
-  (
-	[ModuleId] ASC
-  )
-)
-GO
-
-CREATE TABLE [dbo].[PageModule](
-	[PageModuleId] [int] IDENTITY(1,1) NOT NULL,
-	[PageId] [int] NOT NULL,
-	[ModuleId] [int] NOT NULL,
-	[Title] [nvarchar](200) NOT NULL,
-	[Pane] [nvarchar](50) NOT NULL,
-	[Order] [int] NOT NULL,
-	[ContainerType] [nvarchar](200) NOT NULL,
-  CONSTRAINT [PK_PageModule] PRIMARY KEY CLUSTERED 
-  (
-	[PageModuleId] ASC
-  )
-)
-GO
-
-CREATE TABLE [dbo].[HtmlText](
-	[HtmlTextId] [int] IDENTITY(1,1) NOT NULL,
-	[ModuleId] [int] NOT NULL,
-	[Content] [nvarchar](max) NOT NULL,
-  CONSTRAINT [PK_HtmlText] PRIMARY KEY CLUSTERED 
-  (
-	[HtmlTextId] ASC
-  )
-)
-GO
-
-CREATE TABLE [dbo].[User](
-	[UserId] [int] IDENTITY(1,1) NOT NULL,
-	[Username] [nvarchar](50) NOT NULL,
-	[DisplayName] [nvarchar](50) NOT NULL,
-	[Roles] [nvarchar](50) NOT NULL,
-	[IsSuperUser] [bit] NOT NULL,
-  CONSTRAINT [PK_User] PRIMARY KEY CLUSTERED 
-  (
-	[UserId] ASC
-  )
-)
-GO
-
-/*  
-
-Create foreign key relationships
-
-*/
-ALTER TABLE [dbo].[HtmlText]  WITH CHECK ADD  CONSTRAINT [FK_HtmlText_Module] FOREIGN KEY([ModuleId])
-REFERENCES [dbo].[Module] ([ModuleId])
-ON DELETE CASCADE
-GO
-
-ALTER TABLE [dbo].[Module]  WITH CHECK ADD  CONSTRAINT [FK_Module_Site] FOREIGN KEY([SiteId])
-REFERENCES [dbo].[Site] ([SiteId])
-ON DELETE CASCADE
-GO
-
-ALTER TABLE [dbo].[Page]  WITH CHECK ADD  CONSTRAINT [FK_Page_Site] FOREIGN KEY([SiteId])
-REFERENCES [dbo].[Site] ([SiteId])
-ON DELETE CASCADE
-GO
-
-ALTER TABLE [dbo].[PageModule]  WITH CHECK ADD  CONSTRAINT [FK_PageModule_Module] FOREIGN KEY([ModuleId])
-REFERENCES [dbo].[Module] ([ModuleId])
-GO
-
-ALTER TABLE [dbo].[PageModule]  WITH CHECK ADD  CONSTRAINT [FK_PageModule_Page] FOREIGN KEY([PageId])
-REFERENCES [dbo].[Page] ([PageId])
-ON DELETE CASCADE
-GO
-
-/*  
-
-Create seed data
-
-*/
-
-SET IDENTITY_INSERT [dbo].[Site] ON 
-GO
-INSERT [dbo].[Site] ([SiteId], [Name], [Logo]) 
-VALUES (1, N'Site1', N'oqtane.png')
-GO
-INSERT [dbo].[Site] ([SiteId], [Name], [Logo]) 
-VALUES (2, N'Site2', N'oqtane.png')
-GO
-SET IDENTITY_INSERT [dbo].[Site] OFF
-GO
-
-SET IDENTITY_INSERT [dbo].[Page] ON 
-GO
-INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType]) 
-VALUES (1, 1, N'Page1', N'', N'Oqtane.Client.Themes.Theme1.Theme1, Oqtane.Client', N'oi-home', N'Left;Right', N'All Users', N'Administrators', NULL, 1, 1, N'')
-GO
-INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType]) 
-VALUES (2, 1, N'Page2', N'page2', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'oi-plus', N'Top;Bottom', N'Administrators;Editors;', N'Administrators', NULL, 3, 1, N'')
-GO
-INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType]) 
-VALUES (3, 1, N'Page3', N'page3', N'Oqtane.Client.Themes.Theme3.Theme3, Oqtane.Client', N'oi-list-rich', N'Left;Right', N'All Users', N'Administrators', NULL, 3, 1, N'Oqtane.Client.Themes.Theme3.HorizontalLayout, Oqtane.Client')
-GO
-INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType]) 
-VALUES (4, 1, N'Admin', N'admin', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'oi-home', N'Top;Bottom', N'Administrators', N'Administrators', NULL, 7, 1, N'')
-GO
-INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType]) 
-VALUES (5, 1, N'Page Management', N'admin/pages', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'Administrators', N'Administrators', 4, 1, 1, N'')
-GO
-INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType]) 
-VALUES (6, 1, N'Login', N'login', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'All Users', N'Administrators', NULL, 1, 0, N'')
-GO
-INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType]) 
-VALUES (7, 1, N'Register', N'register', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'All Users', N'Administrators', NULL, 1, 0, N'')
-GO
-INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType]) 
-VALUES (8, 1, N'Site Management', N'admin/sites', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'Administrators', N'Administrators', 4, 0, 1, N'')
-GO
-INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType]) 
-VALUES (9, 1, N'User Management', N'admin/users', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'Administrators', N'Administrators', 4, 2, 1, N'')
-GO
-INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType]) 
-VALUES (10, 1, N'Module Management', N'admin/modules', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'Administrators', N'Administrators', 4, 3, 1, N'')
-GO
-INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType]) 
-VALUES (11, 1, N'Theme Management', N'admin/themes', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'', N'Top;Bottom', N'Administrators', N'Administrators', 4, 4, 1, N'')
-GO
-INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType]) 
-VALUES (12, 2, N'Page1', N'', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'oi-home', N'Top;Bottom', N'All Users', N'Administrators', NULL, 1, 1, N'')
-GO
-INSERT [dbo].[Page] ([PageId], [SiteId], [Name], [Path], [ThemeType], [Icon], [Panes], [ViewPermissions], [EditPermissions], [ParentId], [Order], [IsNavigation], [LayoutType]) 
-VALUES (13, 2, N'Page2', N'page2', N'Oqtane.Client.Themes.Theme2.Theme2, Oqtane.Client', N'oi-home', N'Top;Bottom', N'All Users', N'Administrators', NULL, 1, 1, N'')
-GO
-SET IDENTITY_INSERT [dbo].[Page] OFF 
-GO
-
-SET IDENTITY_INSERT [dbo].[Module] ON 
-GO
-INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions]) 
-VALUES (1, 1, N'Oqtane.Client.Modules.Weather, Oqtane.Client', N'All Users', N'Administrators')
-GO
-INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions]) 
-VALUES (2, 1, N'Oqtane.Client.Modules.Counter, Oqtane.Client', N'All Users', N'Administrators')
-GO
-INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions]) 
-VALUES (3, 1, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', N'All Users', N'Administrators')
-GO
-INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions]) 
-VALUES (4, 1, N'Oqtane.Client.Modules.Weather, Oqtane.Client', N'All Users', N'Administrators')
-GO
-INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions]) 
-VALUES (5, 1, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', N'All Users', N'Administrators')
-GO
-INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions]) 
-VALUES (6, 1, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', N'All Users', N'Administrators')
-GO
-INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions]) 
-VALUES (7, 1, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', N'Administrators;Editors;Members;', N'Administrators;Editors;')
-GO
-INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions]) 
-VALUES (8, 1, N'Oqtane.Client.Modules.Admin.Pages, Oqtane.Client', N'Administrators', N'Administrators')
-GO
-INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions]) 
-VALUES (9, 1, N'Oqtane.Client.Modules.Admin.Login, Oqtane.Client', N'All Users', N'Administrators')
-GO
-INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions]) 
-VALUES (10, 1, N'Oqtane.Client.Modules.Admin.Register, Oqtane.Client', N'All Users', N'Administrators')
-GO
-INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions]) 
-VALUES (11, 1, N'Oqtane.Client.Modules.Admin.Admin, Oqtane.Client', N'Administrators', N'Administrators')
-GO
-INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions]) 
-VALUES (12, 1, N'Oqtane.Client.Modules.Admin.Sites, Oqtane.Client', N'Administrators', N'Administrators')
-GO
-INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions]) 
-VALUES (13, 1, N'Oqtane.Client.Modules.Admin.Users, Oqtane.Client', N'Administrators', N'Administrators')
-GO
-INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions]) 
-VALUES (14, 1, N'Oqtane.Client.Modules.Admin.ModuleDefinitions, Oqtane.Client', N'Administrators', N'Administrators')
-GO
-INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions]) 
-VALUES (15, 1, N'Oqtane.Client.Modules.Admin.Themes, Oqtane.Client', N'Administrators', N'Administrators')
-GO
-INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions]) 
-VALUES (16, 2, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', N'All Users', N'Administrators')
-GO
-INSERT [dbo].[Module] ([ModuleId], [SiteId], [ModuleDefinitionName], [ViewPermissions], [EditPermissions]) 
-VALUES (17, 2, N'Oqtane.Client.Modules.HtmlText, Oqtane.Client', N'All Users', N'Administrators')
-GO
-SET IDENTITY_INSERT [dbo].[Module] OFF 
-GO
-
-SET IDENTITY_INSERT [dbo].[PageModule] ON 
-GO
-INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType]) 
-VALUES (1, 1, 1, N'Weather', N'Right', 0, N'Oqtane.Client.Themes.Theme1.Container1, Oqtane.Client')
-GO
-INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType]) 
-VALUES (2, 1, 2, N'Counter', N'Left', 1, N'Oqtane.Client.Themes.Theme1.Container1, Oqtane.Client')
-GO
-INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType]) 
-VALUES (3, 1, 3, N'Text', N'Left', 0, N'Oqtane.Client.Themes.Theme1.Container1, Oqtane.Client')
-GO
-INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType]) 
-VALUES (4, 2, 4, N'Weather', N'Top', 0, N'Oqtane.Client.Themes.Theme2.Container2, Oqtane.Client')
-GO
-INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType]) 
-VALUES (5, 2, 5, N'Text', N'Top', 1, N'Oqtane.Client.Themes.Theme1.Container1, Oqtane.Client')
-GO
-INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType]) 
-VALUES (6, 3, 6, N'Text', N'Left', 0, N'Oqtane.Client.Themes.Theme1.Container1, Oqtane.Client')
-GO
-INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType]) 
-VALUES (7, 3, 7, N'Text', N'Right', 0, N'Oqtane.Client.Themes.Theme1.Container1, Oqtane.Client')
-GO
-INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType]) 
-VALUES (8, 5, 8, N'Page Management', N'Top', 0, N'Oqtane.Client.Themes.Theme2.Container2, Oqtane.Client')
-GO
-INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType]) 
-VALUES (9, 6, 9, N'Login', N'Top', 0, N'Oqtane.Client.Themes.Theme2.Container2, Oqtane.Client')
-GO
-INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType]) 
-VALUES (10, 7, 10, N'Register', N'Top', 0, N'Oqtane.Client.Themes.Theme2.Container2, Oqtane.Client')
-GO
-INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType]) 
-VALUES (11, 4, 11, N'Administration', N'Top', 0, N'Oqtane.Client.Themes.Theme2.Container2, Oqtane.Client')
-GO
-INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType]) 
-VALUES (12, 8, 12, N'Site Management', N'Top', 0, N'Oqtane.Client.Themes.Theme2.Container2, Oqtane.Client')
-GO
-INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType]) 
-VALUES (13, 9, 13, N'User Management', N'Top', 0, N'Oqtane.Client.Themes.Theme2.Container2, Oqtane.Client')
-GO
-INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType]) 
-VALUES (14, 10, 14, N'Module Management', N'Top', 0, N'Oqtane.Client.Themes.Theme2.Container2, Oqtane.Client')
-GO
-INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType]) 
-VALUES (15, 11, 15, N'Theme Management', N'Top', 0, N'Oqtane.Client.Themes.Theme2.Container2, Oqtane.Client')
-GO
-INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType]) 
-VALUES (16, 12, 16, N'Text', N'Top', 1, N'Oqtane.Client.Themes.Theme2.Container2, Oqtane.Client')
-GO
-INSERT [dbo].[PageModule] ([PageModuleId], [PageId], [ModuleId], [Title], [Pane], [Order], [ContainerType]) 
-VALUES (17, 13, 17, N'Text', N'Top', 1, N'Oqtane.Client.Themes.Theme2.Container2, Oqtane.Client')
-GO
-SET IDENTITY_INSERT [dbo].[PageModule] OFF 
-GO
-
-SET IDENTITY_INSERT [dbo].[HtmlText] ON 
-GO
-INSERT [dbo].[HtmlText] ([HtmlTextId], [ModuleId], [Content]) 
-VALUES (1, 3, N'Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum. <br /><br /><a href="http://localhost:44357/site2/">Go To Site2</a>')
-GO
-INSERT [dbo].[HtmlText] ([HtmlTextId], [ModuleId], [Content]) 
-VALUES (2, 5, N'Enim sed faucibus turpis in eu mi bibendum neque egestas. Quis hendrerit dolor magna eget est lorem. Dui faucibus in ornare quam viverra orci sagittis. Integer eget aliquet nibh praesent tristique magna sit. Nunc aliquet bibendum enim facilisis gravida neque convallis a cras. Tortor id aliquet lectus proin. Diam volutpat commodo sed egestas egestas fringilla. Posuere sollicitudin aliquam ultrices sagittis orci. Viverra mauris in aliquam sem fringilla ut morbi tincidunt. Eget gravida cum sociis natoque penatibus et. Sagittis orci a scelerisque purus semper. Eget velit aliquet sagittis id consectetur purus. Volutpat blandit aliquam etiam erat. Et tortor consequat id porta nibh venenatis cras. Volutpat odio facilisis mauris sit amet. Varius duis at consectetur lorem.')
-GO
-INSERT [dbo].[HtmlText] ([HtmlTextId], [ModuleId], [Content]) 
-VALUES (3, 6, N'Id consectetur purus ut faucibus pulvinar elementum integer. Bibendum neque egestas congue quisque egestas diam in arcu. Eget nullam non nisi est sit amet facilisis. Sit amet consectetur adipiscing elit pellentesque. Id aliquet risus feugiat in. Enim blandit volutpat maecenas volutpat blandit aliquam etiam erat. Commodo odio aenean sed adipiscing. Pharetra massa massa ultricies mi quis hendrerit dolor magna. Aliquet enim tortor at auctor urna nunc. Nulla pellentesque dignissim enim sit amet. Suscipit adipiscing bibendum est ultricies integer quis auctor. Lacinia quis vel eros donec ac odio tempor. Aliquam vestibulum morbi blandit cursus risus at.')
-GO
-INSERT [dbo].[HtmlText] ([HtmlTextId], [ModuleId], [Content]) 
-VALUES (4, 7, N'Ornare arcu dui vivamus arcu felis bibendum ut. Tortor vitae purus faucibus ornare. Lectus sit amet est placerat in egestas erat imperdiet sed. Aliquam sem et tortor consequat id. Fermentum iaculis eu non diam phasellus vestibulum. Ultricies integer quis auctor elit sed. Fermentum odio eu feugiat pretium nibh ipsum. Ut consequat semper viverra nam libero. Blandit aliquam etiam erat velit scelerisque in dictum non consectetur. At risus viverra adipiscing at in tellus. Facilisi nullam vehicula ipsum a arcu cursus vitae congue. At varius vel pharetra vel turpis nunc eget lorem dolor. Morbi non arcu risus quis varius. Turpis massa sed elementum tempus egestas.')
-GO
-INSERT [dbo].[HtmlText] ([HtmlTextId], [ModuleId], [Content]) 
-VALUES (5, 16, N'Id consectetur purus ut faucibus pulvinar elementum integer. Bibendum neque egestas congue quisque egestas diam in arcu. Eget nullam non nisi est sit amet facilisis. Sit amet consectetur adipiscing elit pellentesque. Id aliquet risus feugiat in. Enim blandit volutpat maecenas volutpat blandit aliquam etiam erat. Commodo odio aenean sed adipiscing. Pharetra massa massa ultricies mi quis hendrerit dolor magna. Aliquet enim tortor at auctor urna nunc. Nulla pellentesque dignissim enim sit amet. Suscipit adipiscing bibendum est ultricies integer quis auctor. Lacinia quis vel eros donec ac odio tempor. Aliquam vestibulum morbi blandit cursus risus at.  <br /><br /><a href="http://localhost:44357/">Go To Site1</a>')
-GO
-INSERT [dbo].[HtmlText] ([HtmlTextId], [ModuleId], [Content]) 
-VALUES (6, 17, N'Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.')
-GO
-SET IDENTITY_INSERT [dbo].[HtmlText] OFF 
-GO
-
-
diff --git a/Oqtane.Server/Security/ClaimsPrincipalFactory.cs b/Oqtane.Server/Security/ClaimsPrincipalFactory.cs
new file mode 100644
index 00000000..3248242e
--- /dev/null
+++ b/Oqtane.Server/Security/ClaimsPrincipalFactory.cs
@@ -0,0 +1,53 @@
+using Microsoft.AspNetCore.Identity;
+using Microsoft.Extensions.Options;
+using System.Security.Claims;
+using System.Threading.Tasks;
+using Oqtane.Repository;
+using Oqtane.Models;
+using Oqtane.Shared;
+
+namespace Oqtane.Security
+{
+    public class ClaimsPrincipalFactory<TUser> : UserClaimsPrincipalFactory<TUser> where TUser : IdentityUser
+    {
+        private readonly IdentityOptions options;
+        private readonly ITenantResolver Tenants;
+        private readonly IUserRepository Users;
+        private readonly IUserRoleRepository UserRoles;
+
+        public ClaimsPrincipalFactory(UserManager<TUser> userManager, IOptions<IdentityOptions> optionsAccessor, ITenantResolver tenants, IUserRepository users, IUserRoleRepository userroles) : base(userManager, optionsAccessor)
+        {
+            options = optionsAccessor.Value;
+            Tenants = tenants;
+            Users = users; 
+            UserRoles = userroles;
+        }
+
+        protected override async Task<ClaimsIdentity> GenerateClaimsAsync(TUser identityuser)
+        {
+            var id = await base.GenerateClaimsAsync(identityuser);
+
+            User user = Users.GetUser(identityuser.UserName);
+            if (user != null)
+            {
+                id.AddClaim(new Claim(ClaimTypes.PrimarySid, user.UserId.ToString()));
+                if (user.IsHost) // host users are part of every site by default
+                {
+                    id.AddClaim(new Claim(options.ClaimsIdentity.RoleClaimType, Constants.HostRole));
+                    id.AddClaim(new Claim(options.ClaimsIdentity.RoleClaimType, Constants.AdminRole));
+                }
+                else
+                {
+                    Alias alias = Tenants.GetAlias();
+                    foreach (UserRole userrole in UserRoles.GetUserRoles(user.UserId, alias.SiteId))
+                    {
+                        id.AddClaim(new Claim(options.ClaimsIdentity.RoleClaimType, userrole.Role.Name));
+                    }
+                }
+            }
+
+            return id;
+        }
+    }
+
+}
diff --git a/Oqtane.Server/Security/IUserPermissions.cs b/Oqtane.Server/Security/IUserPermissions.cs
new file mode 100644
index 00000000..587c68ea
--- /dev/null
+++ b/Oqtane.Server/Security/IUserPermissions.cs
@@ -0,0 +1,9 @@
+using System.Security.Claims;
+
+namespace Oqtane.Security
+{
+    public interface IUserPermissions
+    {
+        bool IsAuthorized(ClaimsPrincipal User, string EntityName, int EntityId, string PermissionName);
+    }
+}
diff --git a/Oqtane.Server/Security/PermissionHandler.cs b/Oqtane.Server/Security/PermissionHandler.cs
new file mode 100644
index 00000000..8332900d
--- /dev/null
+++ b/Oqtane.Server/Security/PermissionHandler.cs
@@ -0,0 +1,34 @@
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http;
+
+
+namespace Oqtane.Security
+{
+    public class PermissionHandler : AuthorizationHandler<PermissionRequirement>
+    {
+        private readonly IHttpContextAccessor HttpContextAccessor;
+        private readonly IUserPermissions UserPermissions;
+
+        public PermissionHandler(IHttpContextAccessor HttpContextAccessor, IUserPermissions UserPermissions)
+        {
+            this.HttpContextAccessor = HttpContextAccessor;
+            this.UserPermissions = UserPermissions;
+        }
+
+        protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement)
+        {
+            // permission is scoped based on EntityId which must be passed as a querystring parameter
+            var ctx = HttpContextAccessor.HttpContext;
+            if (ctx != null && ctx.Request.Query.ContainsKey("entityid"))
+            {
+                int EntityId = int.Parse(ctx.Request.Query["entityid"]);
+                if (UserPermissions.IsAuthorized(context.User, requirement.EntityName, EntityId, requirement.PermissionName))
+                {
+                    context.Succeed(requirement);
+                }
+            }
+            return Task.CompletedTask;
+        }
+    }
+}
\ No newline at end of file
diff --git a/Oqtane.Server/Security/PermissionRequirement.cs b/Oqtane.Server/Security/PermissionRequirement.cs
new file mode 100644
index 00000000..7404d5bd
--- /dev/null
+++ b/Oqtane.Server/Security/PermissionRequirement.cs
@@ -0,0 +1,17 @@
+using Microsoft.AspNetCore.Authorization;
+
+namespace Oqtane.Security
+{
+    public class PermissionRequirement : IAuthorizationRequirement
+    {
+        public string EntityName { get; }
+
+        public string PermissionName { get; }
+
+        public PermissionRequirement(string EntityName, string PermissionName)
+        {
+            this.EntityName = EntityName;
+            this.PermissionName = PermissionName;
+        }
+    }
+}
diff --git a/Oqtane.Server/Security/UserPermissions.cs b/Oqtane.Server/Security/UserPermissions.cs
new file mode 100644
index 00000000..6b28d6fd
--- /dev/null
+++ b/Oqtane.Server/Security/UserPermissions.cs
@@ -0,0 +1,42 @@
+using Oqtane.Models;
+using Oqtane.Repository;
+using System.Linq;
+using System.Security.Claims;
+
+namespace Oqtane.Security
+{
+    public class UserPermissions : IUserPermissions
+    {
+        private readonly IPermissionRepository Permissions;
+
+        public UserPermissions(IPermissionRepository Permissions)
+        {
+            this.Permissions = Permissions;
+        }
+
+        public bool IsAuthorized(ClaimsPrincipal User, string EntityName, int EntityId, string PermissionName)
+        {
+            string permissionstrings = Permissions.EncodePermissions(EntityId, Permissions.GetPermissions(EntityName, EntityId, PermissionName).ToList());
+
+            User user = new User();
+            user.UserId = -1;
+            user.Roles = "";
+
+            if (User != null)
+            {
+                var idclaim = User.Claims.Where(item => item.Type == ClaimTypes.PrimarySid).FirstOrDefault();
+                if (idclaim != null)
+                {
+                    user.UserId = int.Parse(idclaim.Value);
+                    foreach (var claim in User.Claims.Where(item => item.Type == ClaimTypes.Role))
+                    {
+                        user.Roles += claim.Value + ";";
+                    }
+                    if (user.Roles != "") user.Roles = ";" + user.Roles;
+                }
+            }
+
+            return UserSecurity.IsAuthorized(user, PermissionName, permissionstrings);
+        }
+    }
+}
diff --git a/Oqtane.Server/Startup.cs b/Oqtane.Server/Startup.cs
index d071f537..e8fa612b 100644
--- a/Oqtane.Server/Startup.cs
+++ b/Oqtane.Server/Startup.cs
@@ -1,6 +1,6 @@
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
-using Microsoft.AspNetCore.ResponseCompression;
+using Microsoft.AspNetCore.ResponseCompression; // needed for WASM
 using Microsoft.Extensions.DependencyInjection;
 using System.Linq;
 using Microsoft.Extensions.Configuration;
@@ -19,6 +19,13 @@ using Microsoft.AspNetCore.Components;
 using Oqtane.Shared;
 using Microsoft.AspNetCore.Identity;
 using System.Threading.Tasks;
+using System.Collections.Generic;
+using Microsoft.OpenApi.Models;
+using Oqtane.Security;
+using Microsoft.AspNetCore.Authentication.Cookies;
+using Microsoft.AspNetCore.Authentication;
+using System.Net;
+using Microsoft.AspNetCore.Authorization;
 
 namespace Oqtane.Server
 {
@@ -62,8 +69,15 @@ namespace Oqtane.Server
                 });
             }
 
-            // register auth services
-            services.AddAuthorizationCore();
+            // register authorization services
+            services.AddAuthorizationCore(options =>
+            {
+                options.AddPolicy("ViewPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", "View")));
+                options.AddPolicy("EditPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", "Edit")));
+                options.AddPolicy("ViewModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", "View")));
+                options.AddPolicy("EditModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", "Edit")));
+            });
+            services.AddScoped<IAuthorizationHandler, PermissionHandler>();
 
             // register scoped core services
             services.AddScoped<SiteState>();
@@ -77,40 +91,25 @@ namespace Oqtane.Server
             services.AddScoped<IModuleService, ModuleService>();
             services.AddScoped<IPageModuleService, PageModuleService>();
             services.AddScoped<IUserService, UserService>();
-
-            // dynamically register module contexts and repository services
-            Assembly[] assemblies = AppDomain.CurrentDomain.GetAssemblies();
-            foreach (Assembly assembly in assemblies)
-            {
-                Type[] implementationtypes = assembly.GetTypes()
-                    .Where(item => item.GetInterfaces().Contains(typeof(IService)))
-                    .ToArray();
-                foreach (Type implementationtype in implementationtypes)
-                {
-                    Type servicetype = Type.GetType(implementationtype.FullName.Replace(implementationtype.Name, "I" + implementationtype.Name));
-                    if (servicetype != null)
-                    {
-                        services.AddScoped(servicetype, implementationtype); // traditional service interface
-                    }
-                    else
-                    {
-                        services.AddScoped(implementationtype, implementationtype); // no interface defined for service
-                    }
-                }
-            }
+            services.AddScoped<IProfileService, ProfileService>();
+            services.AddScoped<IRoleService, RoleService>();
+            services.AddScoped<IUserRoleService, UserRoleService>();
+            services.AddScoped<ISettingService, SettingService>();
+            services.AddScoped<IFileService, FileService>();
 
             services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
 
-            services.AddDbContext<MasterContext>(options =>
+            services.AddDbContext<MasterDBContext>(options =>
                 options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")
                     .Replace("|DataDirectory|", AppDomain.CurrentDomain.GetData("DataDirectory").ToString())
                 ));
-            services.AddDbContext<TenantContext>(options => { });
+            services.AddDbContext<TenantDBContext>(options => { });
 
-            services.AddIdentity<IdentityUser, IdentityRole>()
-                .AddEntityFrameworkStores<TenantContext>()
+            services.AddIdentityCore<IdentityUser>(options => { })
+                .AddEntityFrameworkStores<TenantDBContext>()
+                .AddSignInManager()
                 .AddDefaultTokenProviders();
-
+            
             services.Configure<IdentityOptions>(options =>
             {
                 // Password settings
@@ -129,6 +128,9 @@ namespace Oqtane.Server
                 options.User.RequireUniqueEmail = false;
             });
 
+            services.AddAuthentication(IdentityConstants.ApplicationScheme)
+                .AddCookie(IdentityConstants.ApplicationScheme);
+
             services.ConfigureApplicationCookie(options =>
             {
                 options.Cookie.HttpOnly = false;
@@ -139,9 +141,29 @@ namespace Oqtane.Server
                 };
             });
 
-            services.AddMemoryCache();
+            // register custom claims principal factory for role claims
+            services.AddTransient<IUserClaimsPrincipalFactory<IdentityUser>, ClaimsPrincipalFactory<IdentityUser>>();
 
-            services.AddMvc().AddNewtonsoftJson();
+            // get list of loaded assemblies
+            Assembly[] assemblies = AppDomain.CurrentDomain.GetAssemblies();
+
+            // iterate through Oqtane module assemblies in /bin ( filter is narrow to optimize loading process )
+            string path = Path.GetDirectoryName(Assembly.GetEntryAssembly().Location);
+            DirectoryInfo folder = new DirectoryInfo(path);
+            List<Assembly> moduleassemblies = new List<Assembly>();
+            foreach (FileInfo file in folder.EnumerateFiles("*.Module.*.dll"))
+            {
+                // check if assembly is already loaded
+                Assembly assembly = assemblies.Where(item => item.Location == file.FullName).FirstOrDefault();
+                if (assembly == null)
+                {
+                    // load assembly ( as long as dependencies are in /bin they will load as well )
+                    assembly = AssemblyLoadContext.Default.LoadFromAssemblyPath(file.FullName);
+                    moduleassemblies.Add(assembly);
+                }
+            }
+
+            services.AddMvc().AddModuleAssemblies(moduleassemblies).AddNewtonsoftJson();
 
             // register singleton scoped core services
             services.AddSingleton<IConfigurationRoot>(Configuration);
@@ -149,6 +171,7 @@ namespace Oqtane.Server
             services.AddSingleton<IThemeRepository, ThemeRepository>();
 
             // register transient scoped core services
+            services.AddTransient<IUserPermissions, UserPermissions>();
             services.AddTransient<ITenantResolver, TenantResolver>();
             services.AddTransient<IAliasRepository, AliasRepository>();
             services.AddTransient<ITenantRepository, TenantRepository>();
@@ -157,26 +180,16 @@ namespace Oqtane.Server
             services.AddTransient<IModuleRepository, ModuleRepository>();
             services.AddTransient<IPageModuleRepository, PageModuleRepository>();
             services.AddTransient<IUserRepository, UserRepository>();
+            services.AddTransient<IProfileRepository, ProfileRepository>();
+            services.AddTransient<ISiteUserRepository, SiteUserRepository>();
+            services.AddTransient<IRoleRepository, RoleRepository>();
+            services.AddTransient<IUserRoleRepository, UserRoleRepository>();
+            services.AddTransient<IPermissionRepository, PermissionRepository>();
+            services.AddTransient<ISettingRepository, SettingRepository>();
 
-            // get list of loaded assemblies
-            assemblies = AppDomain.CurrentDomain.GetAssemblies();
-            // get path to /bin
-            string path = Path.GetDirectoryName(Assembly.GetEntryAssembly().Location);
-            DirectoryInfo folder = new DirectoryInfo(path);
-            // iterate through Oqtane assemblies in /bin ( filter is narrow to optimize loading process )
-            foreach (FileInfo file in folder.EnumerateFiles("Oqtane.*.dll"))
-            {
-                // check if assembly is already loaded
-                Assembly assembly = assemblies.Where(item => item.Location == file.FullName).FirstOrDefault();
-                if (assembly == null)
-                {
-                    // load assembly ( as long as dependencies are in /bin they will load as well )
-                    assembly = AssemblyLoadContext.Default.LoadFromAssemblyPath(file.FullName);
-                }
-            }
-            
-            // dynamically register module contexts and repository services
-            assemblies = AppDomain.CurrentDomain.GetAssemblies();
+            // dynamically register module services, contexts, and repository classes
+            assemblies = AppDomain.CurrentDomain.GetAssemblies()
+                .Where(item => item.FullName.StartsWith("Oqtane.") || item.FullName.Contains(".Module.")).ToArray();
             foreach (Assembly assembly in assemblies)
             {
                 Type[] implementationtypes = assembly.GetTypes()
@@ -184,7 +197,7 @@ namespace Oqtane.Server
                     .ToArray();
                 foreach (Type implementationtype in implementationtypes)
                 {
-                    Type servicetype = Type.GetType(implementationtype.FullName.Replace(implementationtype.Name, "I" + implementationtype.Name));
+                    Type servicetype = Type.GetType(implementationtype.AssemblyQualifiedName.Replace(implementationtype.Name, "I" + implementationtype.Name));
                     if (servicetype != null)
                     {
                         services.AddScoped(servicetype, implementationtype); // traditional service interface
@@ -195,6 +208,11 @@ namespace Oqtane.Server
                     }
                 }
             }
+
+            services.AddSwaggerGen(c =>
+            {
+                c.SwaggerDoc("v1", new OpenApiInfo { Title = "Oqtane", Version = "v1" });
+            });
         }
 
         // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
@@ -218,6 +236,12 @@ namespace Oqtane.Server
             app.UseAuthentication();
             app.UseAuthorization();
 
+            app.UseSwagger();
+            app.UseSwaggerUI(c =>
+            {
+                c.SwaggerEndpoint("/swagger/v1/swagger.json", "Oqtane V1");
+            });
+
             app.UseEndpoints(endpoints =>
             {
                 endpoints.MapRazorPages();
@@ -235,14 +259,15 @@ namespace Oqtane.Server
         {
             services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
 
-            services.AddDbContext<MasterContext>(options =>
+            services.AddDbContext<MasterDBContext>(options =>
                 options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")
                     .Replace("|DataDirectory|", AppDomain.CurrentDomain.GetData("DataDirectory").ToString())
                 ));
-            services.AddDbContext<TenantContext>(options => { });
+            services.AddDbContext<TenantDBContext>(options => { });
 
-            services.AddIdentity<IdentityUser, IdentityRole>()
-                .AddEntityFrameworkStores<TenantContext>()
+            services.AddIdentityCore<IdentityUser>(options => { })
+                .AddEntityFrameworkStores<TenantDBContext>()
+                .AddSignInManager()
                 .AddDefaultTokenProviders();
 
             services.Configure<IdentityOptions>(options =>
@@ -263,6 +288,16 @@ namespace Oqtane.Server
                 options.User.RequireUniqueEmail = false;
             });
 
+            // register authorization services
+            services.AddAuthorizationCore(options =>
+            {
+                options.AddPolicy("ViewPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", "View")));
+                options.AddPolicy("EditPage", policy => policy.Requirements.Add(new PermissionRequirement("Page", "Edit")));
+                options.AddPolicy("ViewModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", "View")));
+                options.AddPolicy("EditModule", policy => policy.Requirements.Add(new PermissionRequirement("Module", "Edit")));
+            });
+            services.AddScoped<IAuthorizationHandler, PermissionHandler>();
+
             services.ConfigureApplicationCookie(options =>
             {
                 options.Cookie.HttpOnly = false;
@@ -273,9 +308,29 @@ namespace Oqtane.Server
                 };
             });
 
-            services.AddMemoryCache();
+            // register custom claims principal factory for role claims
+            services.AddTransient<IUserClaimsPrincipalFactory<IdentityUser>, ClaimsPrincipalFactory<IdentityUser>>();
 
-            services.AddMvc().AddNewtonsoftJson();
+            // get list of loaded assemblies
+            Assembly[] assemblies = AppDomain.CurrentDomain.GetAssemblies();
+
+            // iterate through Oqtane module assemblies in /bin ( filter is narrow to optimize loading process )
+            string path = Path.GetDirectoryName(Assembly.GetEntryAssembly().Location);
+            DirectoryInfo folder = new DirectoryInfo(path);
+            List<Assembly> moduleassemblies = new List<Assembly>();
+            foreach (FileInfo file in folder.EnumerateFiles("*.Module.*.dll"))
+            {
+                // check if assembly is already loaded
+                Assembly assembly = assemblies.Where(item => item.Location == file.FullName).FirstOrDefault();
+                if (assembly == null)
+                {
+                    // load assembly ( as long as dependencies are in /bin they will load as well )
+                    assembly = AssemblyLoadContext.Default.LoadFromAssemblyPath(file.FullName);
+                    moduleassemblies.Add(assembly);
+                }
+            }
+
+            services.AddMvc().AddModuleAssemblies(moduleassemblies).AddNewtonsoftJson();
 
             // register singleton scoped core services
             services.AddSingleton<IConfigurationRoot>(Configuration);
@@ -283,6 +338,7 @@ namespace Oqtane.Server
             services.AddSingleton<IThemeRepository, ThemeRepository>();
 
             // register transient scoped core services
+            services.AddTransient<IUserPermissions, UserPermissions>();
             services.AddTransient<ITenantResolver, TenantResolver>();
             services.AddTransient<IAliasRepository, AliasRepository>();
             services.AddTransient<ITenantRepository, TenantRepository>();
@@ -291,26 +347,15 @@ namespace Oqtane.Server
             services.AddTransient<IModuleRepository, ModuleRepository>();
             services.AddTransient<IPageModuleRepository, PageModuleRepository>();
             services.AddTransient<IUserRepository, UserRepository>();
-
-            // get list of loaded assemblies
-            Assembly[] assemblies = AppDomain.CurrentDomain.GetAssemblies();
-            // get path to /bin
-            string path = Path.GetDirectoryName(Assembly.GetEntryAssembly().Location);
-            DirectoryInfo folder = new DirectoryInfo(path);
-            // iterate through Oqtane assemblies in /bin ( filter is narrow to optimize loading process )
-            foreach (FileInfo file in folder.EnumerateFiles("Oqtane.*.dll"))
-            {
-                // check if assembly is already loaded
-                Assembly assembly = assemblies.Where(item => item.Location == file.FullName).FirstOrDefault();
-                if (assembly == null)
-                {
-                    // load assembly ( as long as dependencies are in /bin they will load as well )
-                    assembly = AssemblyLoadContext.Default.LoadFromAssemblyPath(file.FullName);
-                }
-            }
-            
-            // dynamically register module contexts and repository services
-            assemblies = AppDomain.CurrentDomain.GetAssemblies();
+            services.AddTransient<ISiteUserRepository, SiteUserRepository>();
+            services.AddTransient<IRoleRepository, RoleRepository>();
+            services.AddTransient<IUserRoleRepository, UserRoleRepository>();
+            services.AddTransient<IPermissionRepository, PermissionRepository>();
+            services.AddTransient<ISettingRepository, SettingRepository>();
+           
+            // dynamically register module services, contexts, and repository classes
+            assemblies = AppDomain.CurrentDomain.GetAssemblies()
+                .Where(item => item.FullName.StartsWith("Oqtane.") || item.FullName.Contains(".Module.")).ToArray();
             foreach (Assembly assembly in assemblies)
             {
                 Type[] implementationtypes = assembly.GetTypes()
@@ -318,7 +363,7 @@ namespace Oqtane.Server
                     .ToArray();
                 foreach (Type implementationtype in implementationtypes)
                 {
-                    Type servicetype = Type.GetType(implementationtype.FullName.Replace(implementationtype.Name, "I" + implementationtype.Name));
+                    Type servicetype = Type.GetType(implementationtype.AssemblyQualifiedName.Replace(implementationtype.Name, "I" + implementationtype.Name));
                     if (servicetype != null)
                     {
                         services.AddScoped(servicetype, implementationtype); // traditional service interface
@@ -330,6 +375,11 @@ namespace Oqtane.Server
                 }
             }
 
+            services.AddSwaggerGen(c =>
+            {
+                c.SwaggerDoc("v1", new OpenApiInfo { Title = "Oqtane", Version = "v1" });
+            });
+
             services.AddResponseCompression(opts =>
             {
                 opts.MimeTypes = ResponseCompressionDefaults.MimeTypes.Concat(
@@ -354,6 +404,12 @@ namespace Oqtane.Server
             app.UseAuthentication();
             app.UseAuthorization();
 
+            app.UseSwagger();
+            app.UseSwaggerUI(c =>
+            {
+                c.SwaggerEndpoint("/swagger/v1/swagger.json", "Oqtane V1");
+            });
+
             app.UseEndpoints(endpoints =>
             {
                 endpoints.MapDefaultControllerRoute();
@@ -361,5 +417,6 @@ namespace Oqtane.Server
             });
         }
 #endif
+
     }
 }
diff --git a/Oqtane.Server/wwwroot/Sites/1/oqtane.png b/Oqtane.Server/wwwroot/Sites/1/oqtane.png
deleted file mode 100644
index 94454bf6..00000000
Binary files a/Oqtane.Server/wwwroot/Sites/1/oqtane.png and /dev/null differ
diff --git a/Oqtane.Server/wwwroot/Sites/2/oqtane.png b/Oqtane.Server/wwwroot/Sites/2/oqtane.png
deleted file mode 100644
index 94454bf6..00000000
Binary files a/Oqtane.Server/wwwroot/Sites/2/oqtane.png and /dev/null differ
diff --git a/Oqtane.Client/wwwroot/Sites/1/oqtane.png b/Oqtane.Server/wwwroot/Tenants/1/Sites/1/oqtane.png
similarity index 100%
rename from Oqtane.Client/wwwroot/Sites/1/oqtane.png
rename to Oqtane.Server/wwwroot/Tenants/1/Sites/1/oqtane.png
diff --git a/Oqtane.Client/wwwroot/Sites/2/oqtane.png b/Oqtane.Server/wwwroot/Tenants/1/Sites/2/oqtane.png
similarity index 100%
rename from Oqtane.Client/wwwroot/Sites/2/oqtane.png
rename to Oqtane.Server/wwwroot/Tenants/1/Sites/2/oqtane.png
diff --git a/Oqtane.Server/wwwroot/css/site.css b/Oqtane.Server/wwwroot/css/site.css
index 193ec6f0..b4bdaf08 100644
--- a/Oqtane.Server/wwwroot/css/site.css
+++ b/Oqtane.Server/wwwroot/css/site.css
@@ -76,6 +76,14 @@ app {
             color: white;
         }
 
+.nav-link[data-toggle].collapsed:after {
+    content: "▾";
+}
+
+.nav-link[data-toggle]:not(.collapsed):after {
+    content: "▴";
+}
+
 .content {
     padding-top: 1.1rem;
 }
diff --git a/Oqtane.Server/wwwroot/images/checked.png b/Oqtane.Server/wwwroot/images/checked.png
new file mode 100644
index 00000000..a4100c70
Binary files /dev/null and b/Oqtane.Server/wwwroot/images/checked.png differ
diff --git a/Oqtane.Server/wwwroot/images/null.png b/Oqtane.Server/wwwroot/images/null.png
new file mode 100644
index 00000000..d0f50939
Binary files /dev/null and b/Oqtane.Server/wwwroot/images/null.png differ
diff --git a/Oqtane.Server/wwwroot/images/unchecked.png b/Oqtane.Server/wwwroot/images/unchecked.png
new file mode 100644
index 00000000..566e60a8
Binary files /dev/null and b/Oqtane.Server/wwwroot/images/unchecked.png differ
diff --git a/Oqtane.Server/wwwroot/js/interop.js b/Oqtane.Server/wwwroot/js/interop.js
index db61ecbe..7b23a474 100644
--- a/Oqtane.Server/wwwroot/js/interop.js
+++ b/Oqtane.Server/wwwroot/js/interop.js
@@ -55,5 +55,61 @@ window.interop = {
 
         document.body.appendChild(form);
         form.submit();
+    },
+    uploadFiles: function (posturl, folder, name) {
+        var files = document.getElementById(name + 'FileInput').files;
+        var progressinfo = document.getElementById(name + 'ProgressInfo');
+        var progressbar = document.getElementById(name + 'ProgressBar');
+        var filename = '';
+
+        for (var i = 0; i < files.length; i++) {
+            var FileChunk = [];
+            var file = files[i];
+            var MaxFileSizeMB = 1;
+            var BufferChunkSize = MaxFileSizeMB * (1024 * 1024);
+            var FileStreamPos = 0;
+            var EndPos = BufferChunkSize;
+            var Size = file.size;
+
+            progressbar.setAttribute("style", "visibility: visible;");
+
+            if (files.length > 1) {
+                filename = file.name;
+            }
+
+            while (FileStreamPos < Size) {
+                FileChunk.push(file.slice(FileStreamPos, EndPos));
+                FileStreamPos = EndPos;
+                EndPos = FileStreamPos + BufferChunkSize;
+            }
+
+            var TotalParts = FileChunk.length;
+            var PartCount = 0;
+
+            while (Chunk = FileChunk.shift()) {
+                PartCount++;
+                var FileName = file.name + ".part_" + PartCount + "_" + TotalParts;
+
+                var data = new FormData();
+                data.append('folder', folder);
+                data.append('file', Chunk, FileName);
+                var request = new XMLHttpRequest();
+                request.open('POST', posturl, true);
+                request.upload.onloadstart = function (e) {
+                    progressbar.value = 0;
+                    progressinfo.innerHTML = filename + ' 0%';
+                };
+                request.upload.onprogress = function (e) {
+                    var percent = Math.ceil((e.loaded / e.total) * 100);
+                    progressbar.value = (percent / 100);
+                    progressinfo.innerHTML = filename + '[' + PartCount + '] ' + percent + '%';
+                };
+                request.upload.onloadend = function (e) {
+                    progressbar.value = 1;
+                    progressinfo.innerHTML = filename + ' 100%';
+                };
+                request.send(data);
+            }
+        }
     }
 };
diff --git a/Oqtane.Shared/Models/Alias.cs b/Oqtane.Shared/Models/Alias.cs
index 704acf43..f22648b8 100644
--- a/Oqtane.Shared/Models/Alias.cs
+++ b/Oqtane.Shared/Models/Alias.cs
@@ -1,14 +1,21 @@
-using System.ComponentModel.DataAnnotations.Schema;
+using System;
+using System.ComponentModel.DataAnnotations.Schema;
 
 namespace Oqtane.Models
 {
-    public class Alias
+    public class Alias : IAuditable
     {
         public int AliasId { get; set; }
         public string Name { get; set; }
         public int TenantId { get; set; }
         public int SiteId { get; set; }
 
+        public string CreatedBy { get; set; }
+        public DateTime CreatedOn { get; set; }
+        public string ModifiedBy { get; set; }
+        public DateTime ModifiedOn { get; set; }
+
+
         [NotMapped]
         public string Scheme { get; set; }
 
@@ -37,5 +44,40 @@ namespace Oqtane.Models
             }
         }
 
+        [NotMapped]
+        public string TenantRootPath
+        {
+            get
+            {
+                return "Tenants/" + TenantId.ToString() + "/";
+            }
+        }
+
+        [NotMapped]
+        public string TenantRootUrl
+        {
+            get
+            {
+                return Url + "/Tenants/" + TenantId.ToString() + "/";
+            }
+        }
+
+        [NotMapped]
+        public string SiteRootPath
+        {
+            get
+            {
+                return "Tenants/" + TenantId.ToString() + "/Sites/" + SiteId.ToString() + "/";
+            }
+        }
+
+        [NotMapped]
+        public string SiteRootUrl
+        {
+            get
+            {
+                return Url + "/Tenants/" + TenantId.ToString() + "/Sites/" + SiteId.ToString() + "/";
+            }
+        }
     }
 }
diff --git a/Oqtane.Shared/Models/HtmlTextInfo.cs b/Oqtane.Shared/Models/HtmlTextInfo.cs
index 31364b59..e51a41fd 100644
--- a/Oqtane.Shared/Models/HtmlTextInfo.cs
+++ b/Oqtane.Shared/Models/HtmlTextInfo.cs
@@ -1,14 +1,21 @@
+using System;
+using Oqtane.Models;
 using System.ComponentModel.DataAnnotations;
 using System.ComponentModel.DataAnnotations.Schema;
 
-namespace Oqtane.Shared.Modules.HtmlText.Models
+namespace Oqtane.Modules.HtmlText.Models
 {
     [Table("HtmlText")]
-    public class HtmlTextInfo
+    public class HtmlTextInfo : IAuditable
     {
         [Key]
         public int HtmlTextId { get; set; }
         public int ModuleId { get; set; }
         public string Content { get; set; }
+
+        public string CreatedBy { get; set; }
+        public DateTime CreatedOn { get; set; }
+        public string ModifiedBy { get; set; }
+        public DateTime ModifiedOn { get; set; }
     }
 }
diff --git a/Oqtane.Shared/Models/IAuditable.cs b/Oqtane.Shared/Models/IAuditable.cs
new file mode 100644
index 00000000..83cd1c1f
--- /dev/null
+++ b/Oqtane.Shared/Models/IAuditable.cs
@@ -0,0 +1,12 @@
+using System;
+
+namespace Oqtane.Models
+{
+    public interface IAuditable
+    {
+        string CreatedBy { get; set; }
+        DateTime CreatedOn { get; set; }
+        string ModifiedBy { get; set; }
+        DateTime ModifiedOn { get; set; }
+    }
+}
diff --git a/Oqtane.Shared/Models/Module.cs b/Oqtane.Shared/Models/Module.cs
index e7522b99..8816205a 100644
--- a/Oqtane.Shared/Models/Module.cs
+++ b/Oqtane.Shared/Models/Module.cs
@@ -1,15 +1,25 @@
-using System.Collections.Generic;
+using Oqtane.Modules;
+using System;
+using System.Collections.Generic;
 using System.ComponentModel.DataAnnotations.Schema;
 
 namespace Oqtane.Models
 {
-    public class Module
+    public class Module : IAuditable
     {
         public int ModuleId { get; set; }
         public int SiteId { get; set; }
         public string ModuleDefinitionName { get; set; }
-        public string ViewPermissions { get; set; }
-        public string EditPermissions { get; set; }
+
+        public string CreatedBy { get; set; }
+        public DateTime CreatedOn { get; set; }
+        public string ModifiedBy { get; set; }
+        public DateTime ModifiedOn { get; set; }
+
+        [NotMapped]
+        public string Permissions { get; set; }
+
+        // PageModule properties
         [NotMapped]
         public int PageModuleId { get; set; }
         [NotMapped]
@@ -22,11 +32,23 @@ namespace Oqtane.Models
         public int Order { get; set; }
         [NotMapped]
         public string ContainerType { get; set; }
+
+        // SiteRouter properties
         [NotMapped]
         public string ModuleType { get; set; }
         [NotMapped]
         public int PaneModuleIndex { get; set; }
         [NotMapped]
         public int PaneModuleCount { get; set; }
+
+        // IModuleControl properties
+        [NotMapped]
+        public SecurityAccessLevel SecurityAccessLevel { get; set; }
+        [NotMapped]
+        public string ControlTitle { get; set; }
+        [NotMapped]
+        public string Actions { get; set; }
+        [NotMapped]
+        public bool UseAdminContainer { get; set; }
     }
 }
diff --git a/Oqtane.Shared/Models/ModuleDefinition.cs b/Oqtane.Shared/Models/ModuleDefinition.cs
index 75ba1902..86d3dc54 100644
--- a/Oqtane.Shared/Models/ModuleDefinition.cs
+++ b/Oqtane.Shared/Models/ModuleDefinition.cs
@@ -11,6 +11,7 @@
         public string Contact { get; set; }
         public string License { get; set; }
         public string Dependencies { get; set; }
+        public string Permissions { get; set; }
         public string ControlTypeTemplate { get; set; }
         public string ControlTypeRoutes { get; set; }
         public string AssemblyName { get; set; }
diff --git a/Oqtane.Shared/Models/Page.cs b/Oqtane.Shared/Models/Page.cs
index 1e04f4c3..49d22ba6 100644
--- a/Oqtane.Shared/Models/Page.cs
+++ b/Oqtane.Shared/Models/Page.cs
@@ -1,6 +1,9 @@
-namespace Oqtane.Models
+using System;
+using System.ComponentModel.DataAnnotations.Schema;
+
+namespace Oqtane.Models
 {
-    public class Page
+    public class Page : IAuditable
     {
         public int PageId { get; set; }
         public int SiteId { get; set; }
@@ -12,8 +15,20 @@
         public string LayoutType { get; set; }
         public string Icon { get; set; }
         public string Panes { get; set; }
-        public string ViewPermissions { get; set; }
-        public string EditPermissions { get; set; }
         public bool IsNavigation { get; set; }
+        public bool EditMode { get; set; }
+
+        public string CreatedBy { get; set; }
+        public DateTime CreatedOn { get; set; }
+        public string ModifiedBy { get; set; }
+        public DateTime ModifiedOn { get; set; }
+
+
+        [NotMapped]
+        public string Permissions { get; set; }
+        [NotMapped]
+        public int Level { get; set; }
+        [NotMapped]
+        public bool HasChildren { get; set; }
     }
 }
diff --git a/Oqtane.Shared/Models/PageModule.cs b/Oqtane.Shared/Models/PageModule.cs
index af8b330b..ffeb1872 100644
--- a/Oqtane.Shared/Models/PageModule.cs
+++ b/Oqtane.Shared/Models/PageModule.cs
@@ -1,6 +1,8 @@
-namespace Oqtane.Models
+using System;
+
+namespace Oqtane.Models
 {
-    public class PageModule
+    public class PageModule : IAuditable
     {
         public int PageModuleId { get; set; }
         public int PageId { get; set; }
@@ -10,6 +12,12 @@
         public int Order { get; set; }
         public string ContainerType { get; set; }
 
+        public string CreatedBy { get; set; }
+        public DateTime CreatedOn { get; set; }
+        public string ModifiedBy { get; set; }
+        public DateTime ModifiedOn { get; set; }
+
+
         public Module Module { get; set; }
     }
 }
diff --git a/Oqtane.Shared/Models/Permission.cs b/Oqtane.Shared/Models/Permission.cs
new file mode 100644
index 00000000..0f7f7b61
--- /dev/null
+++ b/Oqtane.Shared/Models/Permission.cs
@@ -0,0 +1,23 @@
+using System;
+
+namespace Oqtane.Models
+{
+    public class Permission : IAuditable
+    {
+        public int PermissionId { get; set; }
+        public int SiteId { get; set; }
+        public string EntityName { get; set; }
+        public int EntityId { get; set; }
+        public string PermissionName { get; set; }
+        public int? RoleId { get; set; }
+        public int? UserId { get; set; }
+        public bool IsAuthorized { get; set; }
+
+        public string CreatedBy { get; set; }
+        public DateTime CreatedOn { get; set; }
+        public string ModifiedBy { get; set; }
+        public DateTime ModifiedOn { get; set; }
+
+        public Role Role { get; set; }
+    }
+}
diff --git a/Oqtane.Shared/Models/PermissionString.cs b/Oqtane.Shared/Models/PermissionString.cs
new file mode 100644
index 00000000..1a68e2ef
--- /dev/null
+++ b/Oqtane.Shared/Models/PermissionString.cs
@@ -0,0 +1,8 @@
+namespace Oqtane.Models
+{
+    public class PermissionString
+    {
+        public string PermissionName { get; set; }
+        public string Permissions { get; set; }
+    }
+}
diff --git a/Oqtane.Shared/Models/Profile.cs b/Oqtane.Shared/Models/Profile.cs
new file mode 100644
index 00000000..11ecec07
--- /dev/null
+++ b/Oqtane.Shared/Models/Profile.cs
@@ -0,0 +1,24 @@
+using System;
+
+namespace Oqtane.Models
+{
+    public class Profile : IAuditable
+    {
+        public int ProfileId { get; set; }
+        public int? SiteId { get; set; }
+        public string Name { get; set; }
+        public string Title { get; set; }
+        public string Description { get; set; }
+        public string Category { get; set; }
+        public int ViewOrder { get; set; }
+        public int MaxLength { get; set; }
+        public string DefaultValue { get; set; }
+        public bool IsRequired { get; set; }
+        public bool IsPrivate { get; set; }
+
+        public string CreatedBy { get; set; }
+        public DateTime CreatedOn { get; set; }
+        public string ModifiedBy { get; set; }
+        public DateTime ModifiedOn { get; set; }
+    }
+}
diff --git a/Oqtane.Shared/Models/Role.cs b/Oqtane.Shared/Models/Role.cs
new file mode 100644
index 00000000..03da1f77
--- /dev/null
+++ b/Oqtane.Shared/Models/Role.cs
@@ -0,0 +1,18 @@
+using System;
+
+namespace Oqtane.Models
+{
+    public class Role : IAuditable
+    {
+        public int RoleId { get; set; }
+        public int? SiteId { get; set; }
+        public string Name { get; set; }
+        public string Description { get; set; }
+        public bool IsAutoAssigned { get; set; }
+
+        public string CreatedBy { get; set; }
+        public DateTime CreatedOn { get; set; }
+        public string ModifiedBy { get; set; }
+        public DateTime ModifiedOn { get; set; }
+    }
+}
diff --git a/Oqtane.Shared/Models/Setting.cs b/Oqtane.Shared/Models/Setting.cs
new file mode 100644
index 00000000..d7742c84
--- /dev/null
+++ b/Oqtane.Shared/Models/Setting.cs
@@ -0,0 +1,18 @@
+using System;
+
+namespace Oqtane.Models
+{
+    public class Setting : IAuditable
+    {
+        public int SettingId { get; set; }
+        public string EntityName { get; set; }
+        public int EntityId { get; set; }
+        public string SettingName { get; set; }
+        public string SettingValue { get; set; }
+
+        public string CreatedBy { get; set; }
+        public DateTime CreatedOn { get; set; }
+        public string ModifiedBy { get; set; }
+        public DateTime ModifiedOn { get; set; }
+    }
+}
diff --git a/Oqtane.Shared/Models/Site.cs b/Oqtane.Shared/Models/Site.cs
index c3f214f8..c9959e95 100644
--- a/Oqtane.Shared/Models/Site.cs
+++ b/Oqtane.Shared/Models/Site.cs
@@ -1,9 +1,18 @@
-namespace Oqtane.Models
+using System;
+
+namespace Oqtane.Models
 {
-    public class Site
+    public class Site : IAuditable
     {
         public int SiteId { get; set; }
         public string Name { get; set; }
         public string Logo { get; set; }
+        public string DefaultThemeType { get; set; }
+
+
+        public string CreatedBy { get; set; }
+        public DateTime CreatedOn { get; set; }
+        public string ModifiedBy { get; set; }
+        public DateTime ModifiedOn { get; set; }
     }
 }
diff --git a/Oqtane.Shared/Models/SiteUser.cs b/Oqtane.Shared/Models/SiteUser.cs
new file mode 100644
index 00000000..15e23c41
--- /dev/null
+++ b/Oqtane.Shared/Models/SiteUser.cs
@@ -0,0 +1,18 @@
+using System;
+
+namespace Oqtane.Models
+{
+    public class SiteUser : IAuditable
+    {
+        public int SiteUserId { get; set; }
+        public int SiteId { get; set; }
+        public int UserId { get; set; }
+
+        public string CreatedBy { get; set; }
+        public DateTime CreatedOn { get; set; }
+        public string ModifiedBy { get; set; }
+        public DateTime ModifiedOn { get; set; }
+
+        public User User { get; set; }
+    }
+}
diff --git a/Oqtane.Shared/Models/Tenant.cs b/Oqtane.Shared/Models/Tenant.cs
index 9a4fd66a..f7eb85a4 100644
--- a/Oqtane.Shared/Models/Tenant.cs
+++ b/Oqtane.Shared/Models/Tenant.cs
@@ -2,11 +2,16 @@
 
 namespace Oqtane.Models
 {
-    public class Tenant
+    public class Tenant : IAuditable
     {
         public int TenantId { get; set; }
         public string Name { get; set; }
         public string DBConnectionString { get; set; }
         public string DBSchema { get; set; }
+
+        public string CreatedBy { get; set; }
+        public DateTime CreatedOn { get; set; }
+        public string ModifiedBy { get; set; }
+        public DateTime ModifiedOn { get; set; }
     }
 }
diff --git a/Oqtane.Shared/Models/User.cs b/Oqtane.Shared/Models/User.cs
index 34b27776..ec8fca94 100644
--- a/Oqtane.Shared/Models/User.cs
+++ b/Oqtane.Shared/Models/User.cs
@@ -1,20 +1,28 @@
-using System.ComponentModel.DataAnnotations.Schema;
+using System;
+using System.ComponentModel.DataAnnotations.Schema;
 
 namespace Oqtane.Models
 {
-    public class User
+    public class User : IAuditable
     {
         public int UserId { get; set; }
         public string Username { get; set; }
         public string DisplayName { get; set; }
+        public string Email { get; set; }
+        public bool IsHost { get; set; }
+        [NotMapped]
+        public int SiteId { get; set; }
+        [NotMapped]
         public string Roles { get; set; }
-        public bool IsSuperUser { get; set; }
+
+        public string CreatedBy { get; set; }
+        public DateTime CreatedOn { get; set; }
+        public string ModifiedBy { get; set; }
+        public DateTime ModifiedOn { get; set; }
 
         [NotMapped]
         public string Password { get; set; }
         [NotMapped]
         public bool IsAuthenticated { get; set; }
-        [NotMapped]
-        public bool IsPersistent { get; set; }
     }
 }
diff --git a/Oqtane.Shared/Models/UserRole.cs b/Oqtane.Shared/Models/UserRole.cs
new file mode 100644
index 00000000..3ed423bb
--- /dev/null
+++ b/Oqtane.Shared/Models/UserRole.cs
@@ -0,0 +1,20 @@
+using System;
+
+namespace Oqtane.Models
+{
+    public class UserRole : IAuditable
+    {
+        public int UserRoleId { get; set; }
+        public int UserId { get; set; }
+        public int RoleId { get; set; }
+        public DateTime? EffectiveDate { get; set; }
+        public DateTime? ExpiryDate { get; set; }
+
+        public string CreatedBy { get; set; }
+        public DateTime CreatedOn { get; set; }
+        public string ModifiedBy { get; set; }
+        public DateTime ModifiedOn { get; set; }
+
+        public Role Role { get; set; }
+    }
+}
diff --git a/Oqtane.Client/Modules/SecurityAccessLevel.cs b/Oqtane.Shared/Modules/SecurityAccessLevel.cs
similarity index 74%
rename from Oqtane.Client/Modules/SecurityAccessLevel.cs
rename to Oqtane.Shared/Modules/SecurityAccessLevel.cs
index 241507f8..abaf4f6e 100644
--- a/Oqtane.Client/Modules/SecurityAccessLevel.cs
+++ b/Oqtane.Shared/Modules/SecurityAccessLevel.cs
@@ -1,6 +1,6 @@
 namespace Oqtane.Modules
 {
-    public enum SecurityAccessLevelEnum
+    public enum SecurityAccessLevel
     {
         Anonymous,
         View,
diff --git a/Oqtane.Shared/Oqtane.Shared.csproj b/Oqtane.Shared/Oqtane.Shared.csproj
index 95593fdd..5f73f172 100644
--- a/Oqtane.Shared/Oqtane.Shared.csproj
+++ b/Oqtane.Shared/Oqtane.Shared.csproj
@@ -22,6 +22,7 @@
 
   <ItemGroup>
     <PackageReference Include="System.ComponentModel.Annotations" Version="4.5.0" />
+    <PackageReference Include="System.Text.Json" Version="4.6.0-preview8.19405.3" />
   </ItemGroup>
 
 </Project>
diff --git a/Oqtane.Shared/Security/UserSecurity.cs b/Oqtane.Shared/Security/UserSecurity.cs
new file mode 100644
index 00000000..8a1854fa
--- /dev/null
+++ b/Oqtane.Shared/Security/UserSecurity.cs
@@ -0,0 +1,118 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text.Json;
+using Oqtane.Models;
+using Oqtane.Shared;
+
+namespace Oqtane.Security
+{
+    public class UserSecurity
+    {
+        public static List<PermissionString> GetPermissionStrings(string PermissionStrings)
+        {
+            return JsonSerializer.Deserialize<List<PermissionString>>(PermissionStrings);
+        }
+
+        public static string SetPermissionStrings(List<PermissionString> PermissionStrings)
+        {
+            return JsonSerializer.Serialize(PermissionStrings);
+        }
+
+        public static string GetPermissions(string PermissionName, string PermissionStrings)
+        {
+            string permissions = "";
+            List<PermissionString> permissionstrings = JsonSerializer.Deserialize<List<PermissionString>>(PermissionStrings);
+            PermissionString permissionstring = permissionstrings.Where(item => item.PermissionName == PermissionName).FirstOrDefault();
+            if (permissionstring != null)
+            {
+                permissions = permissionstring.Permissions;
+            }
+            return permissions;
+        }
+
+        public static bool IsAuthorized(User User, string PermissionName, string PermissionStrings)
+        {
+            return IsAuthorized(User, GetPermissions(PermissionName, PermissionStrings));
+        }
+
+        // permissions are stored in the format "!rolename1;![userid1];rolename2;rolename3;[userid2];[userid3]" where "!" designates Deny permissions
+        public static bool IsAuthorized(User User, string Permissions)
+        {
+            bool authorized = false;
+            if (Permissions != "")
+            {
+                if (User == null)
+                {
+                    authorized =  IsAuthorized(-1, "", Permissions); // user is not authenticated but may have access to resource
+                }
+                else
+                {
+                    authorized = IsAuthorized(User.UserId, User.Roles, Permissions);
+                }
+
+            }
+            return authorized;
+        }
+
+        private static bool IsAuthorized(int UserId, string Roles, string Permissions)
+        {
+            bool IsAuthorized = false;
+
+            if (Permissions != null)
+            {
+                foreach (string permission in Permissions.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries))
+                {
+                    bool? allowed = VerifyPermission(UserId, Roles, permission);
+                    if (allowed.HasValue)
+                    {
+                        IsAuthorized = allowed.Value;
+                        break;
+                    }
+                }
+            }
+
+            return IsAuthorized;
+        }
+
+        private static bool? VerifyPermission(int UserId, string Roles, string Permission)
+        {
+            bool? allowed = null;
+            //permissions strings are encoded with deny permissions at the beginning and grant permissions at the end for optimal performance
+            if (!String.IsNullOrEmpty(Permission))
+            {
+                // deny permission
+                if (Permission.StartsWith("!"))
+                {
+                    string denyRole = Permission.Replace("!", "");
+                    if (denyRole == Constants.AllUsersRole || IsAllowed(UserId, Roles, denyRole))
+                    {
+                        allowed = false;
+                    }
+                }
+                else // grant permission
+                {
+                    if (Permission == Constants.AllUsersRole || IsAllowed(UserId, Roles, Permission))
+                    {
+                        allowed = true;
+                    }
+                }
+            }
+            return allowed;
+        }
+
+        private static bool IsAllowed(int UserId, string Roles, string Permission)
+        {
+            if ("[" + UserId + "]" == Permission)
+            {
+                return true;
+            }
+
+            if (Roles != null)
+            {
+                return Roles.IndexOf(";" + Permission + ";") != -1;
+            }
+            return false;
+        }
+    }
+}
diff --git a/Oqtane.Shared/Shared/Constants.cs b/Oqtane.Shared/Shared/Constants.cs
new file mode 100644
index 00000000..b5f79aa3
--- /dev/null
+++ b/Oqtane.Shared/Shared/Constants.cs
@@ -0,0 +1,24 @@
+namespace Oqtane.Shared
+{
+    public class Constants
+    {
+        public const string DefaultPage = "Oqtane.Shared.ThemeBuilder, Oqtane.Client";
+        public const string DefaultContainer = "Oqtane.Shared.ContainerBuilder, Oqtane.Client";
+        public const string DefaultAdminContainer = "Oqtane.Themes.AdminContainer, Oqtane.Client";
+        public const string DefaultSettingsControl = "Oqtane.Modules.Admin.ModuleSettings.Index, Oqtane.Client";
+        public const string PageManagementModule = "Oqtane.Modules.Admin.Pages, Oqtane.Client";
+        public const string ModuleMessageControl = "Oqtane.Modules.Controls.ModuleMessage, Oqtane.Client";
+        public const string DefaultControl = "Index";
+
+        public const string AdminPane = "Admin";
+
+        public const string AllUsersRole = "All Users";
+        public const string HostRole = "Host Users";
+        public const string AdminRole = "Administrators";
+
+        public const int ReloadApplication = 3;
+        public const int ReloadSite = 2;
+        public const int ReloadPage = 1;
+        public const int ReloadReset = 0;
+    }
+}
diff --git a/README.md b/README.md
index f17fa9b2..25a528fd 100644
--- a/README.md
+++ b/README.md
@@ -7,7 +7,7 @@ Oqtane uses Blazor, a new web framework for .NET Core that lets you build intera
 
 **To get started with Oqtane:**
 
-   1.&nbsp;Oqtane is currently compatible with **[.NET Core 3.0 Preview 6 SDK (3.0.0-preview6.19307.2)](https://dotnet.microsoft.com/download/dotnet-core/3.0)**. Microsoft continues to release new versions of .NET Core 3.0 on a regular basis and we do our best to keep up; however, for the best results you should use the most compatible .NET Core 3.0 version.
+   1.&nbsp;Oqtane is currently compatible with **[.NET Core 3.0 Preview 8 SDK (3.0.0-preview8.19405.7)](https://dotnet.microsoft.com/download/dotnet-core/3.0)**. Microsoft continues to release new versions of .NET Core 3.0 on a regular basis and we do our best to keep up; however, for the best results you should use the most compatible .NET Core 3.0 version.
    
    2.&nbsp;Install the latest **Preview** edition of [Visual Studio 2019](https://visualstudio.com/preview) with the **ASP.NET and web development** workload.
 
@@ -16,6 +16,41 @@ Oqtane uses Blazor, a new web framework for .NET Core that lets you build intera
    4.&nbsp;Enable Visual Studio to use preview SDKs: Open **Tools** > **Options** in the menu bar. Open the **Environment** node. Open the **Preview Features** tab. Check the box for **Use previews of the .NET Core SDK**. Select **OK**. 
 
    5.&nbsp;Download or Clone the Oqtane source code to your local system. Open the **Oqtane.sln** solution file. If you want to develop using **server-side** Blazor ( which includes a full debugging experience in Visual Studio ) you should choose to Build the solution using the default Debug configuration. If you want to develop using **client-side** Blazor ( WebAssembly ) you should first choose the "Wasm" configuration option in the Visual Studio toolbar and then Build.
+   
+   NOTE: If you have already installed a previous version of Oqtane and you wish to install a newer version, there is currently no upgrade path from one version to the next. The recommended upgrade approach is to get the latest code and build it, and then reset the DefaultConnection value to "" in the appsettings.json file in the Oqtane.server project. This will trigger a re-install when you run the application which will execute the latest database scripts.
+
+# Roadmap
+This project is a work in progress and the schedule for implementing the items identified below is dependent upon the availability of community members who are able to assist.
+
+Security
+- Logging
+
+Design
+- Need modern Admin UI theme
+- Need to cleanly separate site.css
+- CSS registration for modules and skins
+
+Packaging
+- Need ability to package/install Modules
+- Need ability to package/install Themes
+
+Admin
+- Need fully functional administrative modules for all core entities ( user, role, site, etc… )
+- Need ability to create a new Site and auto provision Admin pages/modules
+- Need ability to soft delete core entities
+- Re-ordering of modules in panes
+- Drag and Drop modules
+
+Upgrade
+- Need ability to upgrade application seamlessly
+- integrated store/catalog of extensions
+- auto update - provide url to check for updates, perhaps even download in background - core and extensions
+
+Multi-Tenant
+- Need ability to provision a new tenant DB
+
+Database
+- Need ability to run on SQLite
 
 # Background
 Oqtane was created by [Shaun Walker](https://www.linkedin.com/in/shaunbrucewalker/) and is inspired by the DotNetNuke web application framework. Initially created as a proof of concept, Oqtane is a native Blazor application written from the ground up using modern .NET Core technology. It is a modular framework offering a fully dynamic page compositing model, multi-site support, designer friendly templates ( skins ), and extensibility via third party modules.
@@ -28,7 +63,7 @@ At this point Oqtane offers a minimum of desired functionality and is not recomm
 
 # Example Screenshots
 
-A simplistic login flow ( note that a full authentication story has not been implemented at this point ):
+A seamless login flow utilizing .NET Core Identity services:
 
 ![Login](https://github.com/oqtane/framework/blob/master/screenshot1.png?raw=true "Login")