feat(service-details): manage bridge & ingress

Merge branch 'feat-1807-service-network-management' of github.com:portainer/portainer into develop
feat(service-details): ability to manage networks
2020-02-06 20:25:05 +13:00 · 2020-02-06 19:08:56 +13:00 · 2020-02-04 18:23:09 +13:00
875 changed files with 29855 additions and 39359 deletions
--- a/.eslintrc.yml
+++ b/.eslintrc.yml
@@ -10,10 +10,6 @@ globals:

 extends:
  - 'eslint:recommended'
-  - prettier
-
-plugins:
-  - import

 parserOptions:
  ecmaVersion: 2018
@@ -21,9 +17,276 @@ parserOptions:
  ecmaFeatures:
    modules: true

+# # http://eslint.org/docs/rules/
 rules:
+#   # Possible Errors
+#   no-await-in-loop: off
+#   no-cond-assign: error
+#   no-console: off
+#   no-constant-condition: error
  no-control-regex: off
+#   no-debugger: error
+#   no-dupe-args: error
+#   no-dupe-keys: error
+#   no-duplicate-case: error
+#   no-empty-character-class: error
  no-empty: warn
+#   no-ex-assign: error
+#   no-extra-boolean-cast: error
+#   no-extra-parens: off
+#   no-extra-semi: error
+#   no-func-assign: error
+#   no-inner-declarations:
+#     - error
+#     - functions
+#   no-invalid-regexp: error
+#   no-irregular-whitespace: error
+#   no-negated-in-lhs: error
+#   no-obj-calls: error
+#   no-prototype-builtins: off
+#   no-regex-spaces: error
+#   no-sparse-arrays: error
+#   no-template-curly-in-string: off
+#   no-unexpected-multiline: error
+#   no-unreachable: error
+#   no-unsafe-finally: off
+#   no-unsafe-negation: off
+#   use-isnan: error
+#   valid-jsdoc: off
+#   valid-typeof: error
+
+#   # Best Practices
+#   accessor-pairs: error
+#   array-callback-return: off
+#   block-scoped-var: off
+#   class-methods-use-this: off
+#   complexity:
+#     - error
+#     - 6
+#   consistent-return: off
+#   curly: off
+#   default-case: off
+#   dot-location: off
+#   dot-notation: off
+#   eqeqeq: error
+#   guard-for-in: error
+#   no-alert: error
+#   no-caller: error
+#   no-case-declarations: error
+#   no-div-regex: error
+#   no-else-return: off
  no-empty-function: warn
+#   no-empty-pattern: error
+#   no-eq-null: error
+#   no-eval: error
+#   no-extend-native: error
+#   no-extra-bind: error
+#   no-extra-label: off
+#   no-fallthrough: error
+#   no-floating-decimal: off
+#   no-global-assign: off
+#   no-implicit-coercion: off
+#   no-implied-eval: error
+#   no-invalid-this: off
+#   no-iterator: error
+#   no-labels:
+#     - error
+#     - allowLoop: true
+#       allowSwitch: true
+#   no-lone-blocks: error
+#   no-loop-func: error
+#   no-magic-number: off
+#   no-multi-spaces: off
+#   no-multi-str: off
+#   no-native-reassign: error
+#   no-new-func: error
+#   no-new-wrappers: error
+#   no-new: error
+#   no-octal-escape: error
+#   no-octal: error
+#   no-param-reassign: off
+#   no-proto: error
+#   no-redeclare: error
+#   no-restricted-properties: off
+#   no-return-assign: error
+#   no-return-await: off
+#   no-script-url: error
+#   no-self-assign: off
+#   no-self-compare: error
+#   no-sequences: off
+#   no-throw-literal: off
+#   no-unmodified-loop-condition: off
+#   no-unused-expressions: error
+#   no-unused-labels: off
+#   no-useless-call: error
+#   no-useless-concat: error
  no-useless-escape: off
-  import/order: error
+#   no-useless-return: off
+#   no-void: error
+#   no-warning-comments: off
+#   no-with: error
+#   prefer-promise-reject-errors: off
+#   radix: error
+#   require-await: off
+#   vars-on-top: off
+#   wrap-iife: error
+#   yoda: off
+
+#   # Strict
+#   strict: off
+
+#   # Variables
+#   init-declarations: off
+#   no-catch-shadow: error
+#   no-delete-var: error
+#   no-label-var: error
+#   no-restricted-globals: off
+#   no-shadow-restricted-names: error
+#   no-shadow: off
+#   no-undef-init: error
+#   no-undef: off
+#   no-undefined: off
+#   no-unused-vars:
+#     - warn
+#     -
+#       vars: local
+#   no-use-before-define: off
+
+#   # Node.js and CommonJS
+#   callback-return: error
+#   global-require: error
+#   handle-callback-err: error
+#   no-mixed-requires: off
+#   no-new-require: off
+#   no-path-concat: error
+#   no-process-env: off
+#   no-process-exit: error
+#   no-restricted-modules: off
+#   no-sync: off
+
+#   # Stylistic Issues
+#   array-bracket-spacing: off
+#   block-spacing: off
+#   brace-style: off
+#   camelcase: off
+#   capitalized-comments: off
+#   comma-dangle:
+#     - error
+#     - never
+#   comma-spacing: off
+#   comma-style: off
+#   computed-property-spacing: off
+#   consistent-this: off
+#   eol-last: off
+#   func-call-spacing: off
+#   func-name-matching: off
+#   func-names: off
+#   func-style: off
+#   id-length: off
+#   id-match: off
+#   indent: off
+#   jsx-quotes: off
+#   key-spacing: off
+#   keyword-spacing: off
+#   line-comment-position: off
+#   linebreak-style:
+#     - error
+#     - unix
+#   lines-around-comment: off
+#   lines-around-directive: off
+#   max-depth: off
+#   max-len: off
+#   max-nested-callbacks: off
+#   max-params: off
+#   max-statements-per-line: off
+#   max-statements:
+#     - error
+#     - 30
+#   multiline-ternary: off
+#   new-cap: off
+#   new-parens: off
+#   newline-after-var: off
+#   newline-before-return: off
+#   newline-per-chained-call: off
+#   no-array-constructor: off
+#   no-bitwise: off
+#   no-continue: off
+#   no-inline-comments: off
+#   no-lonely-if: off
+#   no-mixed-operators: off
+#   no-mixed-spaces-and-tabs: off
+#   no-multi-assign: off
+#   no-multiple-empty-lines: off
+#   no-negated-condition: off
+#   no-nested-ternary: off
+#   no-new-object: off
+#   no-plusplus: off
+#   no-restricted-syntax: off
+#   no-spaced-func: off
+#   no-tabs: off
+#   no-ternary: off
+#   no-trailing-spaces: off
+#   no-underscore-dangle: off
+#   no-unneeded-ternary: off
+#   object-curly-newline: off
+#   object-curly-spacing: off
+#   object-property-newline: off
+#   one-var-declaration-per-line: off
+#   one-var: off
+#   operator-assignment: off
+#   operator-linebreak: off
+#   padded-blocks: off
+#   quote-props: off
+#   quotes:
+#     - error
+#     - single
+#   require-jsdoc: off
+#   semi-spacing: off
+#   semi:
+#     - error
+#     - always
+#   sort-keys: off
+#   sort-vars: off
+#   space-before-blocks: off
+#   space-before-function-paren: off
+#   space-in-parens: off
+#   space-infix-ops: off
+#   space-unary-ops: off
+#   spaced-comment: off
+#   template-tag-spacing: off
+#   unicode-bom: off
+#   wrap-regex: off
+
+#   # ECMAScript 6
+#   arrow-body-style: off
+#   arrow-parens: off
+#   arrow-spacing: off
+#   constructor-super: off
+#   generator-star-spacing: off
+#   no-class-assign: off
+#   no-confusing-arrow: off
+#   no-const-assign: off
+#   no-dupe-class-members: off
+#   no-duplicate-imports: off
+#   no-new-symbol: off
+#   no-restricted-imports: off
+#   no-this-before-super: off
+#   no-useless-computed-key: off
+#   no-useless-constructor: off
+#   no-useless-rename: off
+#   no-var: off
+#   object-shorthand: off
+#   prefer-arrow-callback: off
+#   prefer-const: off
+#   prefer-destructuring: off
+#   prefer-numeric-literals: off
+#   prefer-rest-params: off
+#   prefer-reflect: off
+#   prefer-spread: off
+#   prefer-template: off
+#   require-yield: off
+#   rest-spread-spacing: off
+#   sort-imports: off
+#   symbol-description: off
+#   template-curly-spacing: off
+#   yield-star-spacing: off
--- a/.gitignore
+++ b/.gitignore
@@ -4,5 +4,4 @@ dist
 portainer-checksum.txt
 api/cmd/portainer/portainer*
 .tmp
-.vscode
-.eslintcache
+.vscode
--- a/.prettierrc
+++ b/.prettierrc
@@ -1,13 +0,0 @@
-{
-  "printWidth": 180,
-  "singleQuote": true,
-  "htmlWhitespaceSensitivity": "strict",
-  "overrides": [
-    {
-      "files": ["*.html"],
-      "options": {
-        "parser": "angular"
-      }
-    }
-  ]
-}
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -15,7 +15,21 @@ For example, if you work on a bugfix for the issue #361, you could name the bran

 ## Issues open to contribution

-Want to contribute but don't know where to start? Have a look at the issues labeled with the `good first issue` label: https://github.com/portainer/portainer/issues?q=is%3Aopen+is%3Aissue+label%3A%22good+first+issue%22
+Want to contribute but don't know where to start?
+
+Some of the open issues are labeled with prefix `exp/`, this is used to mark them as available for contributors to work on. All of these have an attributed difficulty level:
+
+* **beginner**: a task that should be accessible with users not familiar with the codebase
+* **intermediate**: a task that require some understanding of the project codebase or some experience in
+either AngularJS or Golang
+* **advanced**: a task that require a deep understanding of the project codebase
+
+You can use Github filters to list these issues:
+
+* beginner labeled issues: https://github.com/portainer/portainer/labels/exp%2Fbeginner
+* intermediate labeled issues: https://github.com/portainer/portainer/labels/exp%2Fintermediate
+* advanced labeled issues: https://github.com/portainer/portainer/labels/exp%2Fadvanced
+

 ## Commit Message Format

--- a/README.md
+++ b/README.md
@@ -3,14 +3,15 @@
 </p>

 [![Docker Pulls](https://img.shields.io/docker/pulls/portainer/portainer.svg)](https://hub.docker.com/r/portainer/portainer/)
-[![Microbadger](https://images.microbadger.com/badges/image/portainer/portainer.svg)](http://microbadger.com/images/portainer/portainer 'Image size')
+[![Microbadger](https://images.microbadger.com/badges/image/portainer/portainer.svg)](http://microbadger.com/images/portainer/portainer "Image size")
+[![Documentation Status](https://readthedocs.org/projects/portainer/badge/?version=stable)](http://portainer.readthedocs.io/en/stable/?badge=stable)
 [![Build Status](https://portainer.visualstudio.com/Portainer%20CI/_apis/build/status/Portainer%20CI?branchName=develop)](https://portainer.visualstudio.com/Portainer%20CI/_build/latest?definitionId=3&branchName=develop)
 [![Code Climate](https://codeclimate.com/github/portainer/portainer/badges/gpa.svg)](https://codeclimate.com/github/portainer/portainer)
 [![Donate](https://img.shields.io/badge/Donate-PayPal-green.svg)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=YHXZJQNJQ36H6)

 **_Portainer_** is a lightweight management UI which allows you to **easily** manage your different Docker environments (Docker hosts or Swarm clusters).
 **_Portainer_** is meant to be as **simple** to deploy as it is to use. It consists of a single container that can run on any Docker engine (can be deployed as Linux container or a Windows native container, supports other platforms too).
-**_Portainer_** allows you to manage all your Docker resources (containers, images, volumes, networks and more) ! It is compatible with the _standalone Docker_ engine and with _Docker Swarm mode_.
+**_Portainer_** allows you to manage all your Docker resources (containers, images, volumes, networks and more) ! It is compatible with the *standalone Docker* engine and with *Docker Swarm mode*.

 ## Demo

@@ -28,31 +29,36 @@ Unlike the public demo, the playground sessions are deleted after 4 hours. Apart

 ## Getting started

- [Deploy Portainer](https://www.portainer.io/installation/)
- [Documentation](https://www.portainer.io/documentation/)
+* [Deploy Portainer](https://portainer.readthedocs.io/en/latest/deployment.html)
+* [Documentation](https://portainer.readthedocs.io)

 ## Getting help

-For FORMAL Support, please purchase a support subscription from here: https://www.portainer.io/products-services/portainer-business-support/
+**NOTE**: You can find more information about Portainer support framework policy here: https://www.portainer.io/2019/04/portainer-support-policy/

-For community support: You can find more information about Portainer's community support framework policy here: https://www.portainer.io/2019/04/portainer-support-policy/
-
- Issues: https://github.com/portainer/portainer/issues
- FAQ: https://www.portainer.io/documentation/faqs/
- Slack (chat): https://portainer.io/slack/
+* Issues: https://github.com/portainer/portainer/issues
+* FAQ: https://portainer.readthedocs.io/en/latest/faq.html
+* Slack (chat): https://portainer.io/slack/

 ## Reporting bugs and contributing

- Want to report a bug or request a feature? Please open [an issue](https://github.com/portainer/portainer/issues/new).
- Want to help us build **_portainer_**? Follow our [contribution guidelines](https://www.portainer.io/documentation/how-to-contribute/) to build it locally and make a pull request. We need all the help we can get!
+* Want to report a bug or request a feature? Please open [an issue](https://github.com/portainer/portainer/issues/new).
+* Want to help us build **_portainer_**? Follow our [contribution guidelines](https://portainer.readthedocs.io/en/latest/contribute.html) to build it  locally and make a pull request. We need all the help we can get!

 ## Security

- Here at Portainer, we believe in [responsible disclosure](https://en.wikipedia.org/wiki/Responsible_disclosure) of security issues. If you have found a security issue, please report it to <security@portainer.io>.
+* Here at Portainer, we believe in [responsible disclosure](https://en.wikipedia.org/wiki/Responsible_disclosure) of security issues. If you have found a security issue, please report it to <security@portainer.io>.

 ## Limitations

-Portainer supports "Current - 2 docker versions only. Prior versions may operate, however these are not supported.
+**_Portainer_** has full support for the following Docker versions:
+
+* Docker 1.10 to the latest version
+* Standalone Docker Swarm >= 1.2.3 _(**NOTE:** Use of Standalone Docker Swarm is being discouraged since the introduction of built-in Swarm Mode in Docker. While older versions of Portainer had support for Standalone Docker Swarm, Portainer 1.17.0 and newer **do not** support it. However, the built-in Swarm Mode of Docker is fully supported.)_
+
+Partial support for the following Docker versions (some features may not be available):
+
+* Docker 1.9

 ## Licensing

@@ -62,4 +68,4 @@ Portainer also contains the following code, which is licensed under the [MIT lic

 UI For Docker: Copyright (c) 2013-2016 Michael Crosby (crosbymichael.com), Kevan Ahlquist (kevanahlquist.com), Anthony Lapenna (portainer.io)

-rdash-angular: Copyright (c) [2014][elliot hesp]
+rdash-angular: Copyright (c) [2014] [Elliot Hesp]
--- a/api/bolt/datastore.go
+++ b/api/bolt/datastore.go
@@ -1,19 +1,14 @@
 package bolt

 import (
-	"io"
 	"log"
-	"os"
 	"path"
 	"time"

-	"github.com/portainer/portainer/api/bolt/edgegroup"
-	"github.com/portainer/portainer/api/bolt/edgestack"
-	"github.com/portainer/portainer/api/bolt/endpointrelation"
 	"github.com/portainer/portainer/api/bolt/tunnelserver"

 	"github.com/boltdb/bolt"
-	portainer "github.com/portainer/portainer/api"
+	"github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/bolt/dockerhub"
 	"github.com/portainer/portainer/api/bolt/endpoint"
 	"github.com/portainer/portainer/api/bolt/endpointgroup"
@@ -36,37 +31,33 @@ import (

 const (
 	databaseFileName = "portainer.db"
-	dbBackupFileName = "portainer-1-24-backup.db"
 )

 // Store defines the implementation of portainer.DataStore using
 // BoltDB as the storage system.
 type Store struct {
-	path                    string
-	db                      *bolt.DB
-	checkForDataMigration   bool
-	fileService             portainer.FileService
-	RoleService             *role.Service
-	DockerHubService        *dockerhub.Service
-	EdgeGroupService        *edgegroup.Service
-	EdgeStackService        *edgestack.Service
-	EndpointGroupService    *endpointgroup.Service
-	EndpointService         *endpoint.Service
-	EndpointRelationService *endpointrelation.Service
-	ExtensionService        *extension.Service
-	RegistryService         *registry.Service
-	ResourceControlService  *resourcecontrol.Service
-	SettingsService         *settings.Service
-	StackService            *stack.Service
-	TagService              *tag.Service
-	TeamMembershipService   *teammembership.Service
-	TeamService             *team.Service
-	TemplateService         *template.Service
-	TunnelServerService     *tunnelserver.Service
-	UserService             *user.Service
-	VersionService          *version.Service
-	WebhookService          *webhook.Service
-	ScheduleService         *schedule.Service
+	path                   string
+	db                     *bolt.DB
+	checkForDataMigration  bool
+	fileService            portainer.FileService
+	RoleService            *role.Service
+	DockerHubService       *dockerhub.Service
+	EndpointGroupService   *endpointgroup.Service
+	EndpointService        *endpoint.Service
+	ExtensionService       *extension.Service
+	RegistryService        *registry.Service
+	ResourceControlService *resourcecontrol.Service
+	SettingsService        *settings.Service
+	StackService           *stack.Service
+	TagService             *tag.Service
+	TeamMembershipService  *teammembership.Service
+	TeamService            *team.Service
+	TemplateService        *template.Service
+	TunnelServerService    *tunnelserver.Service
+	UserService            *user.Service
+	VersionService         *version.Service
+	WebhookService         *webhook.Service
+	ScheduleService        *schedule.Service
 }

 // NewStore initializes a new Store and the associated services
@@ -126,24 +117,22 @@ func (store *Store) MigrateData() error {

 	if version < portainer.DBVersion {
 		migratorParams := &migrator.Parameters{
-			DB:                      store.db,
-			DatabaseVersion:         version,
-			EndpointGroupService:    store.EndpointGroupService,
-			EndpointService:         store.EndpointService,
-			EndpointRelationService: store.EndpointRelationService,
-			ExtensionService:        store.ExtensionService,
-			RegistryService:         store.RegistryService,
-			ResourceControlService:  store.ResourceControlService,
-			RoleService:             store.RoleService,
-			ScheduleService:         store.ScheduleService,
-			SettingsService:         store.SettingsService,
-			StackService:            store.StackService,
-			TagService:              store.TagService,
-			TeamMembershipService:   store.TeamMembershipService,
-			TemplateService:         store.TemplateService,
-			UserService:             store.UserService,
-			VersionService:          store.VersionService,
-			FileService:             store.fileService,
+			DB:                     store.db,
+			DatabaseVersion:        version,
+			EndpointGroupService:   store.EndpointGroupService,
+			EndpointService:        store.EndpointService,
+			ExtensionService:       store.ExtensionService,
+			RegistryService:        store.RegistryService,
+			ResourceControlService: store.ResourceControlService,
+			RoleService:            store.RoleService,
+			ScheduleService:        store.ScheduleService,
+			SettingsService:        store.SettingsService,
+			StackService:           store.StackService,
+			TeamMembershipService:  store.TeamMembershipService,
+			TemplateService:        store.TemplateService,
+			UserService:            store.UserService,
+			VersionService:         store.VersionService,
+			FileService:            store.fileService,
 		}
 		migrator := migrator.NewMigrator(migratorParams)

@@ -171,18 +160,6 @@ func (store *Store) initServices() error {
 	}
 	store.DockerHubService = dockerhubService

-	edgeStackService, err := edgestack.NewService(store.db)
-	if err != nil {
-		return err
-	}
-	store.EdgeStackService = edgeStackService
-
-	edgeGroupService, err := edgegroup.NewService(store.db)
-	if err != nil {
-		return err
-	}
-	store.EdgeGroupService = edgeGroupService
-
 	endpointgroupService, err := endpointgroup.NewService(store.db)
 	if err != nil {
 		return err
@@ -195,12 +172,6 @@ func (store *Store) initServices() error {
 	}
 	store.EndpointService = endpointService

-	endpointRelationService, err := endpointrelation.NewService(store.db)
-	if err != nil {
-		return err
-	}
-	store.EndpointRelationService = endpointRelationService
-
 	extensionService, err := extension.NewService(store.db)
 	if err != nil {
 		return err
@@ -287,38 +258,3 @@ func (store *Store) initServices() error {

 	return nil
 }
-
-func (store *Store) Backup1_24db() error {
-	version, err := store.VersionService.DBVersion()
-	if err != nil && err != portainer.ErrObjectNotFound {
-		return err
-	}
-
-	if version != 24 {
-		return nil
-	}
-
-	databasePath := path.Join(store.path, databaseFileName)
-	dbBackupPath := path.Join(store.path, dbBackupFileName)
-
-	source, err := os.Open(databasePath)
-	if err != nil {
-		return err
-	}
-
-	defer source.Close()
-
-	destination, err := os.Create(dbBackupPath)
-	if err != nil {
-		return err
-	}
-
-	defer destination.Close()
-
-	_, err = io.Copy(destination, source)
-	if err == nil {
-		log.Println("backup for 1.24 finished successfully.")
-	}
-
-	return err
-}
--- a/api/bolt/edgegroup/edgegroup.go
+++ b/api/bolt/edgegroup/edgegroup.go
@@ -1,94 +0,0 @@
-package edgegroup
-
-import (
-	"github.com/boltdb/bolt"
-	"github.com/portainer/portainer/api"
-	"github.com/portainer/portainer/api/bolt/internal"
-)
-
-const (
-	// BucketName represents the name of the bucket where this service stores data.
-	BucketName = "edgegroups"
-)
-
-// Service represents a service for managing Edge group data.
-type Service struct {
-	db *bolt.DB
-}
-
-// NewService creates a new instance of a service.
-func NewService(db *bolt.DB) (*Service, error) {
-	err := internal.CreateBucket(db, BucketName)
-	if err != nil {
-		return nil, err
-	}
-
-	return &Service{
-		db: db,
-	}, nil
-}
-
-// EdgeGroups return an array containing all the Edge groups.
-func (service *Service) EdgeGroups() ([]portainer.EdgeGroup, error) {
-	var groups = make([]portainer.EdgeGroup, 0)
-
-	err := service.db.View(func(tx *bolt.Tx) error {
-		bucket := tx.Bucket([]byte(BucketName))
-
-		cursor := bucket.Cursor()
-		for k, v := cursor.First(); k != nil; k, v = cursor.Next() {
-			var group portainer.EdgeGroup
-			err := internal.UnmarshalObjectWithJsoniter(v, &group)
-			if err != nil {
-				return err
-			}
-			groups = append(groups, group)
-		}
-
-		return nil
-	})
-
-	return groups, err
-}
-
-// EdgeGroup returns an Edge group by ID.
-func (service *Service) EdgeGroup(ID portainer.EdgeGroupID) (*portainer.EdgeGroup, error) {
-	var group portainer.EdgeGroup
-	identifier := internal.Itob(int(ID))
-
-	err := internal.GetObject(service.db, BucketName, identifier, &group)
-	if err != nil {
-		return nil, err
-	}
-
-	return &group, nil
-}
-
-// UpdateEdgeGroup updates an Edge group.
-func (service *Service) UpdateEdgeGroup(ID portainer.EdgeGroupID, group *portainer.EdgeGroup) error {
-	identifier := internal.Itob(int(ID))
-	return internal.UpdateObject(service.db, BucketName, identifier, group)
-}
-
-// DeleteEdgeGroup deletes an Edge group.
-func (service *Service) DeleteEdgeGroup(ID portainer.EdgeGroupID) error {
-	identifier := internal.Itob(int(ID))
-	return internal.DeleteObject(service.db, BucketName, identifier)
-}
-
-// CreateEdgeGroup assign an ID to a new Edge group and saves it.
-func (service *Service) CreateEdgeGroup(group *portainer.EdgeGroup) error {
-	return service.db.Update(func(tx *bolt.Tx) error {
-		bucket := tx.Bucket([]byte(BucketName))
-
-		id, _ := bucket.NextSequence()
-		group.ID = portainer.EdgeGroupID(id)
-
-		data, err := internal.MarshalObject(group)
-		if err != nil {
-			return err
-		}
-
-		return bucket.Put(internal.Itob(int(group.ID)), data)
-	})
-}
--- a/api/bolt/edgestack/edgestack.go
+++ b/api/bolt/edgestack/edgestack.go
@@ -1,101 +0,0 @@
-package edgestack
-
-import (
-	"github.com/boltdb/bolt"
-	"github.com/portainer/portainer/api"
-	"github.com/portainer/portainer/api/bolt/internal"
-)
-
-const (
-	// BucketName represents the name of the bucket where this service stores data.
-	BucketName = "edge_stack"
-)
-
-// Service represents a service for managing Edge stack data.
-type Service struct {
-	db *bolt.DB
-}
-
-// NewService creates a new instance of a service.
-func NewService(db *bolt.DB) (*Service, error) {
-	err := internal.CreateBucket(db, BucketName)
-	if err != nil {
-		return nil, err
-	}
-
-	return &Service{
-		db: db,
-	}, nil
-}
-
-// EdgeStacks returns an array containing all edge stacks
-func (service *Service) EdgeStacks() ([]portainer.EdgeStack, error) {
-	var stacks = make([]portainer.EdgeStack, 0)
-
-	err := service.db.View(func(tx *bolt.Tx) error {
-		bucket := tx.Bucket([]byte(BucketName))
-
-		cursor := bucket.Cursor()
-		for k, v := cursor.First(); k != nil; k, v = cursor.Next() {
-			var stack portainer.EdgeStack
-			err := internal.UnmarshalObject(v, &stack)
-			if err != nil {
-				return err
-			}
-			stacks = append(stacks, stack)
-		}
-
-		return nil
-	})
-
-	return stacks, err
-}
-
-// EdgeStack returns an Edge stack by ID.
-func (service *Service) EdgeStack(ID portainer.EdgeStackID) (*portainer.EdgeStack, error) {
-	var stack portainer.EdgeStack
-	identifier := internal.Itob(int(ID))
-
-	err := internal.GetObject(service.db, BucketName, identifier, &stack)
-	if err != nil {
-		return nil, err
-	}
-
-	return &stack, nil
-}
-
-// CreateEdgeStack assign an ID to a new Edge stack and saves it.
-func (service *Service) CreateEdgeStack(edgeStack *portainer.EdgeStack) error {
-	return service.db.Update(func(tx *bolt.Tx) error {
-		bucket := tx.Bucket([]byte(BucketName))
-
-		if edgeStack.ID == 0 {
-			id, _ := bucket.NextSequence()
-			edgeStack.ID = portainer.EdgeStackID(id)
-		}
-
-		data, err := internal.MarshalObject(edgeStack)
-		if err != nil {
-			return err
-		}
-
-		return bucket.Put(internal.Itob(int(edgeStack.ID)), data)
-	})
-}
-
-// UpdateEdgeStack updates an Edge stack.
-func (service *Service) UpdateEdgeStack(ID portainer.EdgeStackID, edgeStack *portainer.EdgeStack) error {
-	identifier := internal.Itob(int(ID))
-	return internal.UpdateObject(service.db, BucketName, identifier, edgeStack)
-}
-
-// DeleteEdgeStack deletes an Edge stack.
-func (service *Service) DeleteEdgeStack(ID portainer.EdgeStackID) error {
-	identifier := internal.Itob(int(ID))
-	return internal.DeleteObject(service.db, BucketName, identifier)
-}
-
-// GetNextIdentifier returns the next identifier for an endpoint.
-func (service *Service) GetNextIdentifier() int {
-	return internal.GetNextIdentifier(service.db, BucketName)
-}
--- a/api/bolt/endpointrelation/endpointrelation.go
+++ b/api/bolt/endpointrelation/endpointrelation.go
@@ -1,68 +0,0 @@
-package endpointrelation
-
-import (
-	"github.com/boltdb/bolt"
-	portainer "github.com/portainer/portainer/api"
-	"github.com/portainer/portainer/api/bolt/internal"
-)
-
-const (
-	// BucketName represents the name of the bucket where this service stores data.
-	BucketName = "endpoint_relations"
-)
-
-// Service represents a service for managing endpoint relation data.
-type Service struct {
-	db *bolt.DB
-}
-
-// NewService creates a new instance of a service.
-func NewService(db *bolt.DB) (*Service, error) {
-	err := internal.CreateBucket(db, BucketName)
-	if err != nil {
-		return nil, err
-	}
-
-	return &Service{
-		db: db,
-	}, nil
-}
-
-// EndpointRelation returns a Endpoint relation object by EndpointID
-func (service *Service) EndpointRelation(endpointID portainer.EndpointID) (*portainer.EndpointRelation, error) {
-	var endpointRelation portainer.EndpointRelation
-	identifier := internal.Itob(int(endpointID))
-
-	err := internal.GetObject(service.db, BucketName, identifier, &endpointRelation)
-	if err != nil {
-		return nil, err
-	}
-
-	return &endpointRelation, nil
-}
-
-// CreateEndpointRelation saves endpointRelation
-func (service *Service) CreateEndpointRelation(endpointRelation *portainer.EndpointRelation) error {
-	return service.db.Update(func(tx *bolt.Tx) error {
-		bucket := tx.Bucket([]byte(BucketName))
-
-		data, err := internal.MarshalObject(endpointRelation)
-		if err != nil {
-			return err
-		}
-
-		return bucket.Put(internal.Itob(int(endpointRelation.EndpointID)), data)
-	})
-}
-
-// UpdateEndpointRelation updates an Endpoint relation object
-func (service *Service) UpdateEndpointRelation(EndpointID portainer.EndpointID, endpointRelation *portainer.EndpointRelation) error {
-	identifier := internal.Itob(int(EndpointID))
-	return internal.UpdateObject(service.db, BucketName, identifier, endpointRelation)
-}
-
-// DeleteEndpointRelation deletes an Endpoint relation object
-func (service *Service) DeleteEndpointRelation(EndpointID portainer.EndpointID) error {
-	identifier := internal.Itob(int(EndpointID))
-	return internal.DeleteObject(service.db, BucketName, identifier)
-}
--- a/api/bolt/init.go
+++ b/api/bolt/init.go
@@ -16,7 +16,7 @@ func (store *Store) Init() error {
 			Labels:             []portainer.Pair{},
 			UserAccessPolicies: portainer.UserAccessPolicies{},
 			TeamAccessPolicies: portainer.TeamAccessPolicies{},
-			TagIDs:             []portainer.TagID{},
+			Tags:               []string{},
 		}

 		err = store.EndpointGroupService.CreateEndpointGroup(unassignedGroup)
--- a/api/bolt/migrator/migrate_dbversion22.go
+++ b/api/bolt/migrator/migrate_dbversion22.go
@@ -1,94 +0,0 @@
-package migrator
-
-import (
-	"github.com/portainer/portainer/api"
-)
-
-func (m *Migrator) updateTagsToDBVersion23() error {
-	tags, err := m.tagService.Tags()
-	if err != nil {
-		return err
-	}
-
-	for _, tag := range tags {
-		tag.EndpointGroups = make(map[portainer.EndpointGroupID]bool)
-		tag.Endpoints = make(map[portainer.EndpointID]bool)
-		err = m.tagService.UpdateTag(tag.ID, &tag)
-		if err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-func (m *Migrator) updateEndpointsAndEndpointGroupsToDBVersion23() error {
-	tags, err := m.tagService.Tags()
-	if err != nil {
-		return err
-	}
-
-	tagsNameMap := make(map[string]portainer.Tag)
-	for _, tag := range tags {
-		tagsNameMap[tag.Name] = tag
-	}
-
-	endpoints, err := m.endpointService.Endpoints()
-	if err != nil {
-		return err
-	}
-
-	for _, endpoint := range endpoints {
-		endpointTags := make([]portainer.TagID, 0)
-		for _, tagName := range endpoint.Tags {
-			tag, ok := tagsNameMap[tagName]
-			if ok {
-				endpointTags = append(endpointTags, tag.ID)
-				tag.Endpoints[endpoint.ID] = true
-			}
-		}
-		endpoint.TagIDs = endpointTags
-		err = m.endpointService.UpdateEndpoint(endpoint.ID, &endpoint)
-		if err != nil {
-			return err
-		}
-
-		relation := &portainer.EndpointRelation{
-			EndpointID: endpoint.ID,
-			EdgeStacks: map[portainer.EdgeStackID]bool{},
-		}
-
-		err = m.endpointRelationService.CreateEndpointRelation(relation)
-		if err != nil {
-			return err
-		}
-	}
-
-	endpointGroups, err := m.endpointGroupService.EndpointGroups()
-	if err != nil {
-		return err
-	}
-
-	for _, endpointGroup := range endpointGroups {
-		endpointGroupTags := make([]portainer.TagID, 0)
-		for _, tagName := range endpointGroup.Tags {
-			tag, ok := tagsNameMap[tagName]
-			if ok {
-				endpointGroupTags = append(endpointGroupTags, tag.ID)
-				tag.EndpointGroups[endpointGroup.ID] = true
-			}
-		}
-		endpointGroup.TagIDs = endpointGroupTags
-		err = m.endpointGroupService.UpdateEndpointGroup(endpointGroup.ID, &endpointGroup)
-		if err != nil {
-			return err
-		}
-	}
-
-	for _, tag := range tagsNameMap {
-		err = m.tagService.UpdateTag(tag.ID, &tag)
-		if err != nil {
-			return err
-		}
-	}
-	return nil
-}
--- a/api/bolt/migrator/migrate_dbversion23.go
+++ b/api/bolt/migrator/migrate_dbversion23.go
@@ -1,14 +0,0 @@
-package migrator
-
-func (m *Migrator) updateSettingsToDBVersion24() error {
-	legacySettings, err := m.settingsService.Settings()
-	if err != nil {
-		return err
-	}
-
-	legacySettings.AllowDeviceMappingForRegularUsers = true
-	legacySettings.AllowStackManagementForRegularUsers = true
-	legacySettings.AllowHostNamespaceForRegularUsers = true
-
-	return m.settingsService.UpdateSettings(legacySettings)
-}
--- a/api/bolt/migrator/migrate_dbversion24.go
+++ b/api/bolt/migrator/migrate_dbversion24.go
@@ -1,12 +0,0 @@
-package migrator
-
-func (m *Migrator) updateSettingsToDBVersion25() error {
-	legacySettings, err := m.settingsService.Settings()
-	if err != nil {
-		return err
-	}
-
-	legacySettings.AllowContainerCapabilitiesForRegularUsers = true
-
-	return m.settingsService.UpdateSettings(legacySettings)
-}
--- a/api/bolt/migrator/migrator.go
+++ b/api/bolt/migrator/migrator.go
@@ -2,10 +2,9 @@ package migrator

 import (
 	"github.com/boltdb/bolt"
-	portainer "github.com/portainer/portainer/api"
+	"github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/bolt/endpoint"
 	"github.com/portainer/portainer/api/bolt/endpointgroup"
-	"github.com/portainer/portainer/api/bolt/endpointrelation"
 	"github.com/portainer/portainer/api/bolt/extension"
 	"github.com/portainer/portainer/api/bolt/registry"
 	"github.com/portainer/portainer/api/bolt/resourcecontrol"
@@ -13,7 +12,6 @@ import (
 	"github.com/portainer/portainer/api/bolt/schedule"
 	"github.com/portainer/portainer/api/bolt/settings"
 	"github.com/portainer/portainer/api/bolt/stack"
-	"github.com/portainer/portainer/api/bolt/tag"
 	"github.com/portainer/portainer/api/bolt/teammembership"
 	"github.com/portainer/portainer/api/bolt/template"
 	"github.com/portainer/portainer/api/bolt/user"
@@ -23,70 +21,64 @@ import (
 type (
 	// Migrator defines a service to migrate data after a Portainer version update.
 	Migrator struct {
-		currentDBVersion        int
-		db                      *bolt.DB
-		endpointGroupService    *endpointgroup.Service
-		endpointService         *endpoint.Service
-		endpointRelationService *endpointrelation.Service
-		extensionService        *extension.Service
-		registryService         *registry.Service
-		resourceControlService  *resourcecontrol.Service
-		roleService             *role.Service
-		scheduleService         *schedule.Service
-		settingsService         *settings.Service
-		stackService            *stack.Service
-		tagService              *tag.Service
-		teamMembershipService   *teammembership.Service
-		templateService         *template.Service
-		userService             *user.Service
-		versionService          *version.Service
-		fileService             portainer.FileService
+		currentDBVersion       int
+		db                     *bolt.DB
+		endpointGroupService   *endpointgroup.Service
+		endpointService        *endpoint.Service
+		extensionService       *extension.Service
+		registryService        *registry.Service
+		resourceControlService *resourcecontrol.Service
+		roleService            *role.Service
+		scheduleService        *schedule.Service
+		settingsService        *settings.Service
+		stackService           *stack.Service
+		teamMembershipService  *teammembership.Service
+		templateService        *template.Service
+		userService            *user.Service
+		versionService         *version.Service
+		fileService            portainer.FileService
 	}

 	// Parameters represents the required parameters to create a new Migrator instance.
 	Parameters struct {
-		DB                      *bolt.DB
-		DatabaseVersion         int
-		EndpointGroupService    *endpointgroup.Service
-		EndpointService         *endpoint.Service
-		EndpointRelationService *endpointrelation.Service
-		ExtensionService        *extension.Service
-		RegistryService         *registry.Service
-		ResourceControlService  *resourcecontrol.Service
-		RoleService             *role.Service
-		ScheduleService         *schedule.Service
-		SettingsService         *settings.Service
-		StackService            *stack.Service
-		TagService              *tag.Service
-		TeamMembershipService   *teammembership.Service
-		TemplateService         *template.Service
-		UserService             *user.Service
-		VersionService          *version.Service
-		FileService             portainer.FileService
+		DB                     *bolt.DB
+		DatabaseVersion        int
+		EndpointGroupService   *endpointgroup.Service
+		EndpointService        *endpoint.Service
+		ExtensionService       *extension.Service
+		RegistryService        *registry.Service
+		ResourceControlService *resourcecontrol.Service
+		RoleService            *role.Service
+		ScheduleService        *schedule.Service
+		SettingsService        *settings.Service
+		StackService           *stack.Service
+		TeamMembershipService  *teammembership.Service
+		TemplateService        *template.Service
+		UserService            *user.Service
+		VersionService         *version.Service
+		FileService            portainer.FileService
 	}
 )

 // NewMigrator creates a new Migrator.
 func NewMigrator(parameters *Parameters) *Migrator {
 	return &Migrator{
-		db:                      parameters.DB,
-		currentDBVersion:        parameters.DatabaseVersion,
-		endpointGroupService:    parameters.EndpointGroupService,
-		endpointService:         parameters.EndpointService,
-		endpointRelationService: parameters.EndpointRelationService,
-		extensionService:        parameters.ExtensionService,
-		registryService:         parameters.RegistryService,
-		resourceControlService:  parameters.ResourceControlService,
-		roleService:             parameters.RoleService,
-		scheduleService:         parameters.ScheduleService,
-		settingsService:         parameters.SettingsService,
-		tagService:              parameters.TagService,
-		teamMembershipService:   parameters.TeamMembershipService,
-		templateService:         parameters.TemplateService,
-		stackService:            parameters.StackService,
-		userService:             parameters.UserService,
-		versionService:          parameters.VersionService,
-		fileService:             parameters.FileService,
+		db:                     parameters.DB,
+		currentDBVersion:       parameters.DatabaseVersion,
+		endpointGroupService:   parameters.EndpointGroupService,
+		endpointService:        parameters.EndpointService,
+		extensionService:       parameters.ExtensionService,
+		registryService:        parameters.RegistryService,
+		resourceControlService: parameters.ResourceControlService,
+		roleService:            parameters.RoleService,
+		scheduleService:        parameters.ScheduleService,
+		settingsService:        parameters.SettingsService,
+		teamMembershipService:  parameters.TeamMembershipService,
+		templateService:        parameters.TemplateService,
+		stackService:           parameters.StackService,
+		userService:            parameters.UserService,
+		versionService:         parameters.VersionService,
+		fileService:            parameters.FileService,
 	}
 }

@@ -309,34 +301,5 @@ func (m *Migrator) Migrate() error {
 		}
 	}

-	// Portainer 1.24.0
-	if m.currentDBVersion < 23 {
-		err := m.updateTagsToDBVersion23()
-		if err != nil {
-			return err
-		}
-
-		err = m.updateEndpointsAndEndpointGroupsToDBVersion23()
-		if err != nil {
-			return err
-		}
-	}
-
-	// Portainer 1.24.1
-	if m.currentDBVersion < 24 {
-		err := m.updateSettingsToDBVersion24()
-		if err != nil {
-			return err
-		}
-	}
-
-	// Portainer 1.24.2
-	if m.currentDBVersion < 25 {
-		err := m.updateSettingsToDBVersion25()
-		if err != nil {
-			return err
-		}
-	}
-
 	return m.versionService.StoreDBVersion(portainer.DBVersion)
 }
--- a/api/bolt/tag/tag.go
+++ b/api/bolt/tag/tag.go
@@ -52,19 +52,6 @@ func (service *Service) Tags() ([]portainer.Tag, error) {
 	return tags, err
 }

-// Tag returns a tag by ID.
-func (service *Service) Tag(ID portainer.TagID) (*portainer.Tag, error) {
-	var tag portainer.Tag
-	identifier := internal.Itob(int(ID))
-
-	err := internal.GetObject(service.db, BucketName, identifier, &tag)
-	if err != nil {
-		return nil, err
-	}
-
-	return &tag, nil
-}
-
 // CreateTag creates a new tag.
 func (service *Service) CreateTag(tag *portainer.Tag) error {
 	return service.db.Update(func(tx *bolt.Tx) error {
@@ -82,12 +69,6 @@ func (service *Service) CreateTag(tag *portainer.Tag) error {
 	})
 }

-// UpdateTag updates a tag.
-func (service *Service) UpdateTag(ID portainer.TagID, tag *portainer.Tag) error {
-	identifier := internal.Itob(int(ID))
-	return internal.UpdateObject(service.db, BucketName, identifier, tag)
-}
-
 // DeleteTag deletes a tag.
 func (service *Service) DeleteTag(ID portainer.TagID) error {
 	identifier := internal.Itob(int(ID))
--- a/api/chisel/service.go
+++ b/api/chisel/service.go
@@ -179,7 +179,7 @@ func (service *Service) snapshotEnvironment(endpointID portainer.EndpointID, tun
 	}

 	endpointURL := endpoint.URL
-	endpoint.URL = fmt.Sprintf("tcp://127.0.0.1:%d", tunnelPort)
+	endpoint.URL = fmt.Sprintf("tcp://localhost:%d", tunnelPort)
 	snapshot, err := service.snapshotter.CreateSnapshot(endpoint)
 	if err != nil {
 		return err
--- a/api/cli/cli.go
+++ b/api/cli/cli.go
@@ -1,7 +1,6 @@
 package cli

 import (
-	"log"
 	"time"

 	"github.com/portainer/portainer/api"
@@ -39,8 +38,8 @@ func (*Service) ParseFlags(version string) (*portainer.CLIFlags, error) {
 		Assets:            kingpin.Flag("assets", "Path to the assets").Default(defaultAssetsDirectory).Short('a').String(),
 		Data:              kingpin.Flag("data", "Path to the folder where the data is stored").Default(defaultDataDirectory).Short('d').String(),
 		EndpointURL:       kingpin.Flag("host", "Endpoint URL").Short('H').String(),
-		ExternalEndpoints: kingpin.Flag("external-endpoints", "Path to a file defining available endpoints (deprecated)").String(),
-		NoAuth:            kingpin.Flag("no-auth", "Disable authentication (deprecated)").Default(defaultNoAuth).Bool(),
+		ExternalEndpoints: kingpin.Flag("external-endpoints", "Path to a file defining available endpoints").String(),
+		NoAuth:            kingpin.Flag("no-auth", "Disable authentication").Default(defaultNoAuth).Bool(),
 		NoAnalytics:       kingpin.Flag("no-analytics", "Disable Analytics in app").Default(defaultNoAnalytics).Bool(),
 		TLS:               kingpin.Flag("tlsverify", "TLS support").Default(defaultTLS).Bool(),
 		TLSSkipVerify:     kingpin.Flag("tlsskipverify", "Disable TLS server verification").Default(defaultTLSSkipVerify).Bool(),
@@ -50,15 +49,15 @@ func (*Service) ParseFlags(version string) (*portainer.CLIFlags, error) {
 		SSL:               kingpin.Flag("ssl", "Secure Portainer instance using SSL").Default(defaultSSL).Bool(),
 		SSLCert:           kingpin.Flag("sslcert", "Path to the SSL certificate used to secure the Portainer instance").Default(defaultSSLCertPath).String(),
 		SSLKey:            kingpin.Flag("sslkey", "Path to the SSL key used to secure the Portainer instance").Default(defaultSSLKeyPath).String(),
-		SyncInterval:      kingpin.Flag("sync-interval", "Duration between each synchronization via the external endpoints source (deprecated)").Default(defaultSyncInterval).String(),
-		Snapshot:          kingpin.Flag("snapshot", "Start a background job to create endpoint snapshots (deprecated)").Default(defaultSnapshot).Bool(),
+		SyncInterval:      kingpin.Flag("sync-interval", "Duration between each synchronization via the external endpoints source").Default(defaultSyncInterval).String(),
+		Snapshot:          kingpin.Flag("snapshot", "Start a background job to create endpoint snapshots").Default(defaultSnapshot).Bool(),
 		SnapshotInterval:  kingpin.Flag("snapshot-interval", "Duration between each endpoint snapshot job").Default(defaultSnapshotInterval).String(),
 		AdminPassword:     kingpin.Flag("admin-password", "Hashed admin password").String(),
 		AdminPasswordFile: kingpin.Flag("admin-password-file", "Path to the file containing the password for the admin user").String(),
 		Labels:            pairs(kingpin.Flag("hide-label", "Hide containers with a specific label in the UI").Short('l')),
 		Logo:              kingpin.Flag("logo", "URL for the logo displayed in the UI").String(),
 		Templates:         kingpin.Flag("templates", "URL to the templates definitions.").Short('t').String(),
-		TemplateFile:      kingpin.Flag("template-file", "Path to the App templates definitions on the filesystem (deprecated)").Default(defaultTemplateFile).String(),
+		TemplateFile:      kingpin.Flag("template-file", "Path to the templates (app) definitions on the filesystem").Default(defaultTemplateFile).String(),
 	}

 	kingpin.Parse()
@@ -77,8 +76,6 @@ func (*Service) ParseFlags(version string) (*portainer.CLIFlags, error) {
 // ValidateFlags validates the values of the flags.
 func (*Service) ValidateFlags(flags *portainer.CLIFlags) error {

-	displayDeprecationWarnings(flags)
-
 	if *flags.EndpointURL != "" && *flags.ExternalEndpoints != "" {
 		return errEndpointExcludeExternal
 	}
@@ -119,28 +116,6 @@ func (*Service) ValidateFlags(flags *portainer.CLIFlags) error {
 	return nil
 }

-func displayDeprecationWarnings(flags *portainer.CLIFlags) {
-	if *flags.ExternalEndpoints != "" {
-		log.Println("Warning: the --external-endpoint flag is deprecated and will likely be removed in a future version of Portainer.")
-	}
-
-	if *flags.SyncInterval != defaultSyncInterval {
-		log.Println("Warning: the --sync-interval flag is deprecated and will likely be removed in a future version of Portainer.")
-	}
-
-	if *flags.NoAuth {
-		log.Println("Warning: the --no-auth flag is deprecated and will likely be removed in a future version of Portainer.")
-	}
-
-	if !*flags.Snapshot {
-		log.Println("Warning: the --no-snapshot flag is deprecated and will likely be removed in a future version of Portainer.")
-	}
-
-	if *flags.TemplateFile != "" {
-		log.Println("Warning: the --template-file flag is deprecated and will likely be removed in a future version of Portainer.")
-	}
-}
-
 func validateEndpointURL(endpointURL string) error {
 	if endpointURL != "" {
 		if !strings.HasPrefix(endpointURL, "unix://") && !strings.HasPrefix(endpointURL, "tcp://") && !strings.HasPrefix(endpointURL, "npipe://") {
--- a/api/cmd/portainer/main.go
+++ b/api/cmd/portainer/main.go
@@ -9,7 +9,7 @@ import (

 	"github.com/portainer/portainer/api/chisel"

-	portainer "github.com/portainer/portainer/api"
+	"github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/bolt"
 	"github.com/portainer/portainer/api/cli"
 	"github.com/portainer/portainer/api/cron"
@@ -63,16 +63,10 @@ func initStore(dataStorePath string, fileService portainer.FileService) *bolt.St
 		log.Fatal(err)
 	}

-	err = store.Backup1_24db()
-	if err != nil {
-		log.Fatal(err)
-	}
-
 	err = store.MigrateData()
 	if err != nil {
 		log.Fatal(err)
 	}
-
 	return store
 }

@@ -265,7 +259,7 @@ func initSettings(settingsService portainer.SettingsService, flags *portainer.CL
 			LogoURL:              *flags.Logo,
 			AuthenticationMethod: portainer.AuthenticationInternal,
 			LDAPSettings: portainer.LDAPSettings{
-				AnonymousMode:   true,
+				AnonymousMode: true,
 				AutoCreateUsers: true,
 				TLSConfig:       portainer.TLSConfiguration{},
 				SearchSettings: []portainer.LDAPSearchSettings{
@@ -275,17 +269,13 @@ func initSettings(settingsService portainer.SettingsService, flags *portainer.CL
 					portainer.LDAPGroupSearchSettings{},
 				},
 			},
-			OAuthSettings:                             portainer.OAuthSettings{},
-			AllowBindMountsForRegularUsers:            true,
-			AllowPrivilegedModeForRegularUsers:        true,
-			AllowVolumeBrowserForRegularUsers:         false,
-			AllowDeviceMappingForRegularUsers:         true,
-			AllowStackManagementForRegularUsers:       true,
-			AllowContainerCapabilitiesForRegularUsers: true,
-			EnableHostManagementFeatures:              false,
-			AllowHostNamespaceForRegularUsers:         true,
-			SnapshotInterval:                          *flags.SnapshotInterval,
-			EdgeAgentCheckinInterval:                  portainer.DefaultEdgeAgentCheckinIntervalInSeconds,
+			OAuthSettings:                      portainer.OAuthSettings{},
+			AllowBindMountsForRegularUsers:     true,
+			AllowPrivilegedModeForRegularUsers: true,
+			AllowVolumeBrowserForRegularUsers:  false,
+			EnableHostManagementFeatures:       false,
+			SnapshotInterval:                   *flags.SnapshotInterval,
+			EdgeAgentCheckinInterval:           portainer.DefaultEdgeAgentCheckinIntervalInSeconds,
 		}

 		if *flags.Templates != "" {
@@ -407,7 +397,7 @@ func createTLSSecuredEndpoint(flags *portainer.CLIFlags, endpointService portain
 		UserAccessPolicies: portainer.UserAccessPolicies{},
 		TeamAccessPolicies: portainer.TeamAccessPolicies{},
 		Extensions:         []portainer.EndpointExtension{},
-		TagIDs:             []portainer.TagID{},
+		Tags:               []string{},
 		Status:             portainer.EndpointStatusUp,
 		Snapshots:          []portainer.Snapshot{},
 	}
@@ -450,7 +440,7 @@ func createUnsecuredEndpoint(endpointURL string, endpointService portainer.Endpo
 		UserAccessPolicies: portainer.UserAccessPolicies{},
 		TeamAccessPolicies: portainer.TeamAccessPolicies{},
 		Extensions:         []portainer.EndpointExtension{},
-		TagIDs:             []portainer.TagID{},
+		Tags:               []string{},
 		Status:             portainer.EndpointStatusUp,
 		Snapshots:          []portainer.Snapshot{},
 	}
@@ -661,47 +651,44 @@ func main() {
 	}

 	var server portainer.Server = &http.Server{
-		ReverseTunnelService:    reverseTunnelService,
-		Status:                  applicationStatus,
-		BindAddress:             *flags.Addr,
-		AssetsPath:              *flags.Assets,
-		AuthDisabled:            *flags.NoAuth,
-		EndpointManagement:      endpointManagement,
-		RoleService:             store.RoleService,
-		UserService:             store.UserService,
-		TeamService:             store.TeamService,
-		TeamMembershipService:   store.TeamMembershipService,
-		EdgeGroupService:        store.EdgeGroupService,
-		EdgeStackService:        store.EdgeStackService,
-		EndpointService:         store.EndpointService,
-		EndpointGroupService:    store.EndpointGroupService,
-		EndpointRelationService: store.EndpointRelationService,
-		ExtensionService:        store.ExtensionService,
-		ResourceControlService:  store.ResourceControlService,
-		SettingsService:         store.SettingsService,
-		RegistryService:         store.RegistryService,
-		DockerHubService:        store.DockerHubService,
-		StackService:            store.StackService,
-		ScheduleService:         store.ScheduleService,
-		TagService:              store.TagService,
-		TemplateService:         store.TemplateService,
-		WebhookService:          store.WebhookService,
-		SwarmStackManager:       swarmStackManager,
-		ComposeStackManager:     composeStackManager,
-		ExtensionManager:        extensionManager,
-		CryptoService:           cryptoService,
-		JWTService:              jwtService,
-		FileService:             fileService,
-		LDAPService:             ldapService,
-		GitService:              gitService,
-		SignatureService:        digitalSignatureService,
-		JobScheduler:            jobScheduler,
-		Snapshotter:             snapshotter,
-		SSL:                     *flags.SSL,
-		SSLCert:                 *flags.SSLCert,
-		SSLKey:                  *flags.SSLKey,
-		DockerClientFactory:     clientFactory,
-		JobService:              jobService,
+		ReverseTunnelService:   reverseTunnelService,
+		Status:                 applicationStatus,
+		BindAddress:            *flags.Addr,
+		AssetsPath:             *flags.Assets,
+		AuthDisabled:           *flags.NoAuth,
+		EndpointManagement:     endpointManagement,
+		RoleService:            store.RoleService,
+		UserService:            store.UserService,
+		TeamService:            store.TeamService,
+		TeamMembershipService:  store.TeamMembershipService,
+		EndpointService:        store.EndpointService,
+		EndpointGroupService:   store.EndpointGroupService,
+		ExtensionService:       store.ExtensionService,
+		ResourceControlService: store.ResourceControlService,
+		SettingsService:        store.SettingsService,
+		RegistryService:        store.RegistryService,
+		DockerHubService:       store.DockerHubService,
+		StackService:           store.StackService,
+		ScheduleService:        store.ScheduleService,
+		TagService:             store.TagService,
+		TemplateService:        store.TemplateService,
+		WebhookService:         store.WebhookService,
+		SwarmStackManager:      swarmStackManager,
+		ComposeStackManager:    composeStackManager,
+		ExtensionManager:       extensionManager,
+		CryptoService:          cryptoService,
+		JWTService:             jwtService,
+		FileService:            fileService,
+		LDAPService:            ldapService,
+		GitService:             gitService,
+		SignatureService:       digitalSignatureService,
+		JobScheduler:           jobScheduler,
+		Snapshotter:            snapshotter,
+		SSL:                    *flags.SSL,
+		SSLCert:                *flags.SSLCert,
+		SSLKey:                 *flags.SSLKey,
+		DockerClientFactory:    clientFactory,
+		JobService:             jobService,
 	}

 	log.Printf("Starting Portainer %s on %s", portainer.APIVersion, *flags.Addr)
--- a/api/crypto/tls.go
+++ b/api/crypto/tls.go
@@ -6,24 +6,6 @@ import (
 	"io/ioutil"
 )

-// CreateTLSConfiguration creates a basic tls.Config to be used by servers with recommended TLS settings
-func CreateServerTLSConfiguration() *tls.Config {
-	return &tls.Config{
-		MinVersion: tls.VersionTLS12,
-		CipherSuites: []uint16{
-			tls.TLS_AES_128_GCM_SHA256,
-			tls.TLS_AES_256_GCM_SHA384,
-			tls.TLS_CHACHA20_POLY1305_SHA256,
-			tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
-			tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
-			tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
-			tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
-			tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
-			tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
-		},
-	}
-}
-
 // CreateTLSConfigurationFromBytes initializes a tls.Config using a CA certificate, a certificate and a key
 // loaded from memory.
 func CreateTLSConfigurationFromBytes(caCert, cert, key []byte, skipClientVerification, skipServerVerification bool) (*tls.Config, error) {
--- a/api/docker/client.go
+++ b/api/docker/client.go
@@ -81,7 +81,7 @@ func createEdgeClient(endpoint *portainer.Endpoint, reverseTunnelService portain
 	}

 	tunnel := reverseTunnelService.GetTunnelDetails(endpoint.ID)
-	endpointURL := fmt.Sprintf("http://127.0.0.1:%d", tunnel.Port)
+	endpointURL := fmt.Sprintf("http://localhost:%d", tunnel.Port)

 	return client.NewClientWithOpts(
 		client.WithHost(endpointURL),
--- a/api/edgegroup.go
+++ b/api/edgegroup.go
@@ -1,54 +0,0 @@
-package portainer
-
-// EdgeGroupRelatedEndpoints returns a list of endpoints related to this Edge group
-func EdgeGroupRelatedEndpoints(edgeGroup *EdgeGroup, endpoints []Endpoint, endpointGroups []EndpointGroup) []EndpointID {
-	if !edgeGroup.Dynamic {
-		return edgeGroup.Endpoints
-	}
-
-	endpointIDs := []EndpointID{}
-	for _, endpoint := range endpoints {
-		if endpoint.Type != EdgeAgentEnvironment {
-			continue
-		}
-
-		var endpointGroup EndpointGroup
-		for _, group := range endpointGroups {
-			if endpoint.GroupID == group.ID {
-				endpointGroup = group
-				break
-			}
-		}
-
-		if edgeGroupRelatedToEndpoint(edgeGroup, &endpoint, &endpointGroup) {
-			endpointIDs = append(endpointIDs, endpoint.ID)
-		}
-	}
-
-	return endpointIDs
-}
-
-// edgeGroupRelatedToEndpoint returns true is edgeGroup is associated with endpoint
-func edgeGroupRelatedToEndpoint(edgeGroup *EdgeGroup, endpoint *Endpoint, endpointGroup *EndpointGroup) bool {
-	if !edgeGroup.Dynamic {
-		for _, endpointID := range edgeGroup.Endpoints {
-			if endpoint.ID == endpointID {
-				return true
-			}
-		}
-		return false
-	}
-
-	endpointTags := TagSet(endpoint.TagIDs)
-	if endpointGroup.TagIDs != nil {
-		endpointTags = TagUnion(endpointTags, TagSet(endpointGroup.TagIDs))
-	}
-	edgeGroupTags := TagSet(edgeGroup.TagIDs)
-
-	if edgeGroup.PartialMatch {
-		intersection := TagIntersection(endpointTags, edgeGroupTags)
-		return len(intersection) != 0
-	}
-
-	return TagContains(edgeGroupTags, endpointTags)
-}
--- a/api/edgestack.go
+++ b/api/edgestack.go
@@ -1,27 +0,0 @@
-package portainer
-
-import "errors"
-
-// EdgeStackRelatedEndpoints returns a list of endpoints related to this Edge stack
-func EdgeStackRelatedEndpoints(edgeGroupIDs []EdgeGroupID, endpoints []Endpoint, endpointGroups []EndpointGroup, edgeGroups []EdgeGroup) ([]EndpointID, error) {
-	edgeStackEndpoints := []EndpointID{}
-
-	for _, edgeGroupID := range edgeGroupIDs {
-		var edgeGroup *EdgeGroup
-
-		for _, group := range edgeGroups {
-			if group.ID == edgeGroupID {
-				edgeGroup = &group
-				break
-			}
-		}
-
-		if edgeGroup == nil {
-			return nil, errors.New("Edge group was not found")
-		}
-
-		edgeStackEndpoints = append(edgeStackEndpoints, EdgeGroupRelatedEndpoints(edgeGroup, endpoints, endpointGroups)...)
-	}
-
-	return edgeStackEndpoints, nil
-}
--- a/api/endpoint.go
+++ b/api/endpoint.go
@@ -1,25 +0,0 @@
-package portainer
-
-// EndpointRelatedEdgeStacks returns a list of Edge stacks related to this Endpoint
-func EndpointRelatedEdgeStacks(endpoint *Endpoint, endpointGroup *EndpointGroup, edgeGroups []EdgeGroup, edgeStacks []EdgeStack) []EdgeStackID {
-	relatedEdgeGroupsSet := map[EdgeGroupID]bool{}
-
-	for _, edgeGroup := range edgeGroups {
-		if edgeGroupRelatedToEndpoint(&edgeGroup, endpoint, endpointGroup) {
-			relatedEdgeGroupsSet[edgeGroup.ID] = true
-		}
-	}
-
-	relatedEdgeStacks := []EdgeStackID{}
-	for _, edgeStack := range edgeStacks {
-		for _, edgeGroupID := range edgeStack.EdgeGroups {
-			if relatedEdgeGroupsSet[edgeGroupID] {
-				relatedEdgeStacks = append(relatedEdgeStacks, edgeStack.ID)
-				break
-			}
-		}
-	}
-
-	return relatedEdgeStacks
-
-}
--- a/api/exec/swarm_stack.go
+++ b/api/exec/swarm_stack.go
@@ -123,7 +123,7 @@ func (manager *SwarmStackManager) prepareDockerCommandAndArgs(binaryPath, dataPa
 	endpointURL := endpoint.URL
 	if endpoint.Type == portainer.EdgeAgentEnvironment {
 		tunnel := manager.reverseTunnelService.GetTunnelDetails(endpoint.ID)
-		endpointURL = fmt.Sprintf("tcp://127.0.0.1:%d", tunnel.Port)
+		endpointURL = fmt.Sprintf("tcp://localhost:%d", tunnel.Port)
 	}

 	args = append(args, "-H", endpointURL)
--- a/api/filesystem/filesystem.go
+++ b/api/filesystem/filesystem.go
@@ -29,8 +29,6 @@ const (
 	ComposeStorePath = "compose"
 	// ComposeFileDefaultName represents the default name of a compose file.
 	ComposeFileDefaultName = "docker-compose.yml"
-	// EdgeStackStorePath represents the subfolder where edge stack files are stored in the file store folder.
-	EdgeStackStorePath = "edge_stacks"
 	// PrivateKeyFile represents the name on disk of the file containing the private key.
 	PrivateKeyFile = "portainer.key"
 	// PublicKeyFile represents the name on disk of the file containing the public key.
@@ -123,32 +121,6 @@ func (service *Service) StoreStackFileFromBytes(stackIdentifier, fileName string
 	return path.Join(service.fileStorePath, stackStorePath), nil
 }

-// GetEdgeStackProjectPath returns the absolute path on the FS for a edge stack based
-// on its identifier.
-func (service *Service) GetEdgeStackProjectPath(edgeStackIdentifier string) string {
-	return path.Join(service.fileStorePath, EdgeStackStorePath, edgeStackIdentifier)
-}
-
-// StoreEdgeStackFileFromBytes creates a subfolder in the EdgeStackStorePath and stores a new file from bytes.
-// It returns the path to the folder where the file is stored.
-func (service *Service) StoreEdgeStackFileFromBytes(edgeStackIdentifier, fileName string, data []byte) (string, error) {
-	stackStorePath := path.Join(EdgeStackStorePath, edgeStackIdentifier)
-	err := service.createDirectoryInStore(stackStorePath)
-	if err != nil {
-		return "", err
-	}
-
-	composeFilePath := path.Join(stackStorePath, fileName)
-	r := bytes.NewReader(data)
-
-	err = service.createFileInStore(composeFilePath, r)
-	if err != nil {
-		return "", err
-	}
-
-	return path.Join(service.fileStorePath, stackStorePath), nil
-}
-
 // StoreRegistryManagementFileFromBytes creates a subfolder in the
 // ExtensionRegistryManagementStorePath and stores a new file from bytes.
 // It returns the path to the folder where the file is stored.
--- a/api/go.mod
+++ b/api/go.mod
@@ -3,10 +3,9 @@ module github.com/portainer/portainer/api
 go 1.13

 require (
-	github.com/Microsoft/go-winio v0.4.14
+	github.com/Microsoft/go-winio v0.3.8
 	github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a
 	github.com/boltdb/bolt v1.3.1
-	github.com/containerd/containerd v1.3.1 // indirect
 	github.com/coreos/go-semver v0.3.0
 	github.com/dchest/uniuri v0.0.0-20160212164326-8902c56451e9
 	github.com/dgrijalva/jwt-go v3.2.0+incompatible
@@ -24,7 +23,7 @@ require (
 	github.com/mattn/go-shellwords v1.0.6 // indirect
 	github.com/mitchellh/mapstructure v1.1.2 // indirect
 	github.com/orcaman/concurrent-map v0.0.0-20190826125027-8c72a8bb44f6
-	github.com/portainer/libcompose v0.5.3
+	github.com/portainer/libcompose v0.5.1-0.20191128210235-7e42ca632b24
 	github.com/portainer/libcrypto v0.0.0-20190723020515-23ebe86ab2c2
 	github.com/portainer/libhttp v0.0.0-20190806161843-ba068f58be33
 	github.com/robfig/cron/v3 v3.0.0
@@ -35,6 +34,6 @@ require (
 	gopkg.in/src-d/go-git.v4 v4.13.1
 )

-replace github.com/docker/docker => github.com/docker/engine v1.4.2-0.20200204220554-5f6d6f3f2203
+replace github.com/docker/docker => github.com/docker/engine v1.4.2-0.20191127222017-3152f9436292

 replace gopkg.in/asn1-ber.v1 => github.com/go-asn1-ber/asn1-ber v1.3.1
--- a/api/go.sum
+++ b/api/go.sum
@@ -4,8 +4,6 @@ github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/Microsoft/go-winio v0.3.8 h1:dvxbxtpTIjdAbx2OtL26p4eq0iEvys/U5yrsTJb3NZI=
 github.com/Microsoft/go-winio v0.3.8/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA=
-github.com/Microsoft/go-winio v0.4.14 h1:+hMXMk01us9KgxGb7ftKQt2Xpf5hH/yky+TDA+qxleU=
-github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA=
 github.com/Microsoft/hcsshim v0.8.6 h1:ZfF0+zZeYdzMIVMZHKtDKJvLHj76XCuVae/jNkjj0IA=
 github.com/Microsoft/hcsshim v0.8.6/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg=
 github.com/alcortesm/tgz v0.0.0-20161220082320-9c5fe88206d7 h1:uSoVVbwJiQipAclBbw+8quDsfcvFjOpI5iCf4p/cqCs=
@@ -43,7 +41,6 @@ github.com/dchest/uniuri v0.0.0-20160212164326-8902c56451e9 h1:74lLNRzvsdIlkTgfD
 github.com/dchest/uniuri v0.0.0-20160212164326-8902c56451e9/go.mod h1:GgB8SF9nRG+GqaDtLcwJZsQFhcogVCJ79j4EdT0c2V4=
 github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM=
 github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
-github.com/docker/cli v0.0.0-20190711175710-5b38d82aa076/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
 github.com/docker/cli v0.0.0-20191126203649-54d085b857e9 h1:Q6D6b2iRKhvtL3Wj9p0SyPOvUDJ1ht62mbiBoNJ3Aus=
 github.com/docker/cli v0.0.0-20191126203649-54d085b857e9/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
 github.com/docker/distribution v2.7.1+incompatible h1:a5mlkVzth6W5A4fOsS3D2EO5BUmsJpcB+cRlLU7cSug=
@@ -52,10 +49,6 @@ github.com/docker/docker-credential-helpers v0.6.3 h1:zI2p9+1NQYdnG6sMU26EX4aVGl
 github.com/docker/docker-credential-helpers v0.6.3/go.mod h1:WRaJzqw3CTB9bk10avuGsjVBZsD05qeibJ1/TYlvc0Y=
 github.com/docker/engine v1.4.2-0.20191127222017-3152f9436292 h1:qQ7mw+CVWpRj5DWBL4CVHtBbGQdlPCj4j1evDh0ethw=
 github.com/docker/engine v1.4.2-0.20191127222017-3152f9436292/go.mod h1:3CPr2caMgTHxxIAZgEMd3uLYPDlRvPqCpyeRf6ncPcY=
-github.com/docker/engine v1.4.2-0.20200204220554-5f6d6f3f2203 h1:QeBh8wW8pIZKlXxlMOQ8hSCMdJA+2Z/bD/iDyCAS8XU=
-github.com/docker/engine v1.4.2-0.20200204220554-5f6d6f3f2203/go.mod h1:3CPr2caMgTHxxIAZgEMd3uLYPDlRvPqCpyeRf6ncPcY=
-github.com/docker/engine v1.13.1 h1:Cks33UT9YBW5Xyc3MtGDq2IPgqfJtJ+qkFaxc2b0Euc=
-github.com/docker/engine v1.13.1/go.mod h1:3CPr2caMgTHxxIAZgEMd3uLYPDlRvPqCpyeRf6ncPcY=
 github.com/docker/go-connections v0.3.0 h1:3lOnM9cSzgGwx8VfK/NGOW5fLQ0GjIlCkaktF+n1M6o=
 github.com/docker/go-connections v0.3.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec=
 github.com/docker/go-metrics v0.0.0-20181218153428-b84716841b82 h1:X0fj836zx99zFu83v/M79DuBn84IL/Syx1SY6Y5ZEMA=
@@ -140,8 +133,6 @@ github.com/mattn/go-shellwords v1.0.6 h1:9Jok5pILi5S1MnDirGVTufYGtksUs/V2BWUP3Zk
 github.com/mattn/go-shellwords v1.0.6/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o=
 github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU=
 github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
-github.com/microsoft/go-winio v0.4.8 h1:N4SmTFXUK7/jnn/UG/gm2mrHiYu9LVGvtsvULyody/c=
-github.com/microsoft/go-winio v0.4.8/go.mod h1:kcIxxtKZE55DEncT/EOvFiygPobhUWpSDqDb47poQOU=
 github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y=
 github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
 github.com/mitchellh/mapstructure v1.1.2 h1:fmNYVwqnSfB9mZU6OS2O6GsXM+wcskZDuKQzvN1EDeE=
@@ -169,8 +160,8 @@ github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/portainer/libcompose v0.5.3 h1:tE4WcPuGvo+NKeDkDWpwNavNLZ5GHIJ4RvuZXsI9uI8=
-github.com/portainer/libcompose v0.5.3/go.mod h1:7SKd/ho69rRKHDFSDUwkbMcol2TMKU5OslDsajr8Ro8=
+github.com/portainer/libcompose v0.5.1-0.20191128210235-7e42ca632b24 h1:gxc67Oh8DdIyJ2YlwLwerKqFT/SvckBKiEFqUU6G0Aw=
+github.com/portainer/libcompose v0.5.1-0.20191128210235-7e42ca632b24/go.mod h1:H+VCBQCqdkJwcdle9QP3V6skUhynox41/haRsbp3Xuw=
 github.com/portainer/libcrypto v0.0.0-20190723020515-23ebe86ab2c2 h1:0PfgGLys9yHr4rtnirg0W0Cjvv6/DzxBIZk5sV59208=
 github.com/portainer/libcrypto v0.0.0-20190723020515-23ebe86ab2c2/go.mod h1:/wIeGwJOMYc1JplE/OvYMO5korce39HddIfI8VKGyAM=
 github.com/portainer/libhttp v0.0.0-20190806161843-ba068f58be33 h1:H8HR2dHdBf8HANSkUyVw4o8+4tegGcd+zyKZ3e599II=
@@ -195,8 +186,6 @@ github.com/sergi/go-diff v1.0.0 h1:Kpca3qRNrduNnOQeazBd0ysaKrUJiIuISHxogkT9RPQ=
 github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo=
 github.com/sirupsen/logrus v1.2.0 h1:juTguoYk5qI21pwyTXY3B3Y5cOTH3ZUyZCg1v/mihuo=
 github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
-github.com/sirupsen/logrus v1.4.1 h1:GL2rEmy6nsikmW0r8opw9JIRScdMF5hA8cOYLH7In1k=
-github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q=
 github.com/src-d/gcfg v1.4.0 h1:xXbNR5AlLSA315x2UO+fTSSAXCDf+Ar38/6oyGbDKQ4=
 github.com/src-d/gcfg v1.4.0/go.mod h1:p/UMsR43ujA89BJY9duynAwIpvqEujIH/jFlfL7jWoI=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
@@ -243,12 +232,9 @@ golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5h
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190221075227-b4e8571b14e0/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3 h1:4y9KwBHBgBNwDbtu44R5o1fdOCQUEXhbk/P4A9WmJq0=
 golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200219091948-cb0a6d8edb6c h1:jceGD5YNJGgGMkJz79agzOln1K9TaZUjv5ird16qniQ=
-golang.org/x/sys v0.0.0-20200219091948-cb0a6d8edb6c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
--- a/api/http/handler/auth/authenticate.go
+++ b/api/http/handler/auth/authenticate.go
@@ -79,11 +79,6 @@ func (handler *Handler) authenticateLDAP(w http.ResponseWriter, user *portainer.
 		log.Printf("Warning: unable to automatically add user into teams: %s\n", err.Error())
 	}

-	err = handler.AuthorizationService.UpdateUsersAuthorizations()
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to update user authorizations", err}
-	}
-
 	return handler.writeToken(w, user)
 }

@@ -180,7 +175,6 @@ func (handler *Handler) addUserIntoTeams(user *portainer.User, settings *portain
 			}
 		}
 	}
-
 	return nil
 }

--- a/api/http/handler/edgegroups/associated_endpoints.go
+++ b/api/http/handler/edgegroups/associated_endpoints.go
@@ -1,104 +0,0 @@
-package edgegroups
-
-import (
-	"github.com/portainer/portainer/api"
-)
-
-type endpointSetType map[portainer.EndpointID]bool
-
-func (handler *Handler) getEndpointsByTags(tagIDs []portainer.TagID, partialMatch bool) ([]portainer.EndpointID, error) {
-	if len(tagIDs) == 0 {
-		return []portainer.EndpointID{}, nil
-	}
-
-	endpoints, err := handler.EndpointService.Endpoints()
-	if err != nil {
-		return nil, err
-	}
-
-	groupEndpoints := mapEndpointGroupToEndpoints(endpoints)
-
-	tags := []portainer.Tag{}
-	for _, tagID := range tagIDs {
-		tag, err := handler.TagService.Tag(tagID)
-		if err != nil {
-			return nil, err
-		}
-		tags = append(tags, *tag)
-	}
-
-	setsOfEndpoints := mapTagsToEndpoints(tags, groupEndpoints)
-
-	var endpointSet endpointSetType
-	if partialMatch {
-		endpointSet = setsUnion(setsOfEndpoints)
-	} else {
-		endpointSet = setsIntersection(setsOfEndpoints)
-	}
-
-	results := []portainer.EndpointID{}
-	for _, endpoint := range endpoints {
-		if _, ok := endpointSet[endpoint.ID]; ok && endpoint.Type == portainer.EdgeAgentEnvironment {
-			results = append(results, endpoint.ID)
-		}
-	}
-
-	return results, nil
-}
-
-func mapEndpointGroupToEndpoints(endpoints []portainer.Endpoint) map[portainer.EndpointGroupID]endpointSetType {
-	groupEndpoints := map[portainer.EndpointGroupID]endpointSetType{}
-	for _, endpoint := range endpoints {
-		groupID := endpoint.GroupID
-		if groupEndpoints[groupID] == nil {
-			groupEndpoints[groupID] = endpointSetType{}
-		}
-		groupEndpoints[groupID][endpoint.ID] = true
-	}
-	return groupEndpoints
-}
-
-func mapTagsToEndpoints(tags []portainer.Tag, groupEndpoints map[portainer.EndpointGroupID]endpointSetType) []endpointSetType {
-	sets := []endpointSetType{}
-	for _, tag := range tags {
-		set := tag.Endpoints
-		for groupID := range tag.EndpointGroups {
-			for endpointID := range groupEndpoints[groupID] {
-				set[endpointID] = true
-			}
-		}
-		sets = append(sets, set)
-	}
-
-	return sets
-}
-
-func setsIntersection(sets []endpointSetType) endpointSetType {
-	if len(sets) == 0 {
-		return endpointSetType{}
-	}
-
-	intersectionSet := sets[0]
-
-	for _, set := range sets {
-		for endpointID := range intersectionSet {
-			if !set[endpointID] {
-				delete(intersectionSet, endpointID)
-			}
-		}
-	}
-
-	return intersectionSet
-}
-
-func setsUnion(sets []endpointSetType) endpointSetType {
-	unionSet := endpointSetType{}
-
-	for _, set := range sets {
-		for endpointID := range set {
-			unionSet[endpointID] = true
-		}
-	}
-
-	return unionSet
-}
--- a/api/http/handler/edgegroups/edgegroup_create.go
+++ b/api/http/handler/edgegroups/edgegroup_create.go
@@ -1,83 +0,0 @@
-package edgegroups
-
-import (
-	"net/http"
-
-	"github.com/asaskevich/govalidator"
-	httperror "github.com/portainer/libhttp/error"
-	"github.com/portainer/libhttp/request"
-	"github.com/portainer/libhttp/response"
-	"github.com/portainer/portainer/api"
-)
-
-type edgeGroupCreatePayload struct {
-	Name         string
-	Dynamic      bool
-	TagIDs       []portainer.TagID
-	Endpoints    []portainer.EndpointID
-	PartialMatch bool
-}
-
-func (payload *edgeGroupCreatePayload) Validate(r *http.Request) error {
-	if govalidator.IsNull(payload.Name) {
-		return portainer.Error("Invalid Edge group name")
-	}
-	if payload.Dynamic && (payload.TagIDs == nil || len(payload.TagIDs) == 0) {
-		return portainer.Error("TagIDs is mandatory for a dynamic Edge group")
-	}
-	if !payload.Dynamic && (payload.Endpoints == nil || len(payload.Endpoints) == 0) {
-		return portainer.Error("Endpoints is mandatory for a static Edge group")
-	}
-	return nil
-}
-
-func (handler *Handler) edgeGroupCreate(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
-	var payload edgeGroupCreatePayload
-	err := request.DecodeAndValidateJSONPayload(r, &payload)
-	if err != nil {
-		return &httperror.HandlerError{http.StatusBadRequest, "Invalid request payload", err}
-	}
-
-	edgeGroups, err := handler.EdgeGroupService.EdgeGroups()
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve Edge groups from the database", err}
-	}
-
-	for _, edgeGroup := range edgeGroups {
-		if edgeGroup.Name == payload.Name {
-			return &httperror.HandlerError{http.StatusBadRequest, "Edge group name must be unique", portainer.Error("Edge group name must be unique")}
-		}
-	}
-
-	edgeGroup := &portainer.EdgeGroup{
-		Name:         payload.Name,
-		Dynamic:      payload.Dynamic,
-		TagIDs:       []portainer.TagID{},
-		Endpoints:    []portainer.EndpointID{},
-		PartialMatch: payload.PartialMatch,
-	}
-
-	if edgeGroup.Dynamic {
-		edgeGroup.TagIDs = payload.TagIDs
-	} else {
-		endpointIDs := []portainer.EndpointID{}
-		for _, endpointID := range payload.Endpoints {
-			endpoint, err := handler.EndpointService.Endpoint(endpointID)
-			if err != nil {
-				return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve endpoint from the database", err}
-			}
-
-			if endpoint.Type == portainer.EdgeAgentEnvironment {
-				endpointIDs = append(endpointIDs, endpoint.ID)
-			}
-		}
-		edgeGroup.Endpoints = endpointIDs
-	}
-
-	err = handler.EdgeGroupService.CreateEdgeGroup(edgeGroup)
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist the Edge group inside the database", err}
-	}
-
-	return response.JSON(w, edgeGroup)
-}
--- a/api/http/handler/edgegroups/edgegroup_delete.go
+++ b/api/http/handler/edgegroups/edgegroup_delete.go
@@ -1,45 +0,0 @@
-package edgegroups
-
-import (
-	"net/http"
-
-	httperror "github.com/portainer/libhttp/error"
-	"github.com/portainer/libhttp/request"
-	"github.com/portainer/libhttp/response"
-	portainer "github.com/portainer/portainer/api"
-)
-
-func (handler *Handler) edgeGroupDelete(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
-	edgeGroupID, err := request.RetrieveNumericRouteVariableValue(r, "id")
-	if err != nil {
-		return &httperror.HandlerError{http.StatusBadRequest, "Invalid Edge group identifier route variable", err}
-	}
-
-	_, err = handler.EdgeGroupService.EdgeGroup(portainer.EdgeGroupID(edgeGroupID))
-	if err == portainer.ErrObjectNotFound {
-		return &httperror.HandlerError{http.StatusNotFound, "Unable to find an Edge group with the specified identifier inside the database", err}
-	} else if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find an Edge group with the specified identifier inside the database", err}
-	}
-
-	edgeStacks, err := handler.EdgeStackService.EdgeStacks()
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve Edge stacks from the database", err}
-	}
-
-	for _, edgeStack := range edgeStacks {
-		for _, groupID := range edgeStack.EdgeGroups {
-			if groupID == portainer.EdgeGroupID(edgeGroupID) {
-				return &httperror.HandlerError{http.StatusForbidden, "Edge group is used by an Edge stack", portainer.Error("Edge group is used by an Edge stack")}
-			}
-		}
-	}
-
-	err = handler.EdgeGroupService.DeleteEdgeGroup(portainer.EdgeGroupID(edgeGroupID))
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to remove the Edge group from the database", err}
-	}
-
-	return response.Empty(w)
-
-}
--- a/api/http/handler/edgegroups/edgegroup_inspect.go
+++ b/api/http/handler/edgegroups/edgegroup_inspect.go
@@ -1,35 +0,0 @@
-package edgegroups
-
-import (
-	"net/http"
-
-	httperror "github.com/portainer/libhttp/error"
-	"github.com/portainer/libhttp/request"
-	"github.com/portainer/libhttp/response"
-	"github.com/portainer/portainer/api"
-)
-
-func (handler *Handler) edgeGroupInspect(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
-	edgeGroupID, err := request.RetrieveNumericRouteVariableValue(r, "id")
-	if err != nil {
-		return &httperror.HandlerError{http.StatusBadRequest, "Invalid Edge group identifier route variable", err}
-	}
-
-	edgeGroup, err := handler.EdgeGroupService.EdgeGroup(portainer.EdgeGroupID(edgeGroupID))
-	if err == portainer.ErrObjectNotFound {
-		return &httperror.HandlerError{http.StatusNotFound, "Unable to find an Edge group with the specified identifier inside the database", err}
-	} else if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find an Edge group with the specified identifier inside the database", err}
-	}
-
-	if edgeGroup.Dynamic {
-		endpoints, err := handler.getEndpointsByTags(edgeGroup.TagIDs, edgeGroup.PartialMatch)
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve endpoints and endpoint groups for Edge group", err}
-		}
-
-		edgeGroup.Endpoints = endpoints
-	}
-
-	return response.JSON(w, edgeGroup)
-}
--- a/api/http/handler/edgegroups/edgegroup_list.go
+++ b/api/http/handler/edgegroups/edgegroup_list.go
@@ -1,55 +0,0 @@
-package edgegroups
-
-import (
-	"net/http"
-
-	httperror "github.com/portainer/libhttp/error"
-	"github.com/portainer/libhttp/response"
-	"github.com/portainer/portainer/api"
-)
-
-type decoratedEdgeGroup struct {
-	portainer.EdgeGroup
-	HasEdgeStack bool `json:"HasEdgeStack"`
-}
-
-func (handler *Handler) edgeGroupList(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
-	edgeGroups, err := handler.EdgeGroupService.EdgeGroups()
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve Edge groups from the database", err}
-	}
-
-	edgeStacks, err := handler.EdgeStackService.EdgeStacks()
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve Edge stacks from the database", err}
-	}
-
-	usedEdgeGroups := make(map[portainer.EdgeGroupID]bool)
-
-	for _, stack := range edgeStacks {
-		for _, groupID := range stack.EdgeGroups {
-			usedEdgeGroups[groupID] = true
-		}
-	}
-
-	decoratedEdgeGroups := []decoratedEdgeGroup{}
-	for _, orgEdgeGroup := range edgeGroups {
-		edgeGroup := decoratedEdgeGroup{
-			EdgeGroup: orgEdgeGroup,
-		}
-		if edgeGroup.Dynamic {
-			endpoints, err := handler.getEndpointsByTags(edgeGroup.TagIDs, edgeGroup.PartialMatch)
-			if err != nil {
-				return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve endpoints and endpoint groups for Edge group", err}
-			}
-
-			edgeGroup.Endpoints = endpoints
-		}
-
-		edgeGroup.HasEdgeStack = usedEdgeGroups[edgeGroup.ID]
-
-		decoratedEdgeGroups = append(decoratedEdgeGroups, edgeGroup)
-	}
-
-	return response.JSON(w, decoratedEdgeGroups)
-}
--- a/api/http/handler/edgegroups/edgegroup_update.go
+++ b/api/http/handler/edgegroups/edgegroup_update.go
@@ -1,154 +0,0 @@
-package edgegroups
-
-import (
-	"net/http"
-
-	"github.com/asaskevich/govalidator"
-	httperror "github.com/portainer/libhttp/error"
-	"github.com/portainer/libhttp/request"
-	"github.com/portainer/libhttp/response"
-	portainer "github.com/portainer/portainer/api"
-)
-
-type edgeGroupUpdatePayload struct {
-	Name         string
-	Dynamic      bool
-	TagIDs       []portainer.TagID
-	Endpoints    []portainer.EndpointID
-	PartialMatch *bool
-}
-
-func (payload *edgeGroupUpdatePayload) Validate(r *http.Request) error {
-	if govalidator.IsNull(payload.Name) {
-		return portainer.Error("Invalid Edge group name")
-	}
-	if payload.Dynamic && (payload.TagIDs == nil || len(payload.TagIDs) == 0) {
-		return portainer.Error("TagIDs is mandatory for a dynamic Edge group")
-	}
-	if !payload.Dynamic && (payload.Endpoints == nil || len(payload.Endpoints) == 0) {
-		return portainer.Error("Endpoints is mandatory for a static Edge group")
-	}
-	return nil
-}
-
-func (handler *Handler) edgeGroupUpdate(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
-	edgeGroupID, err := request.RetrieveNumericRouteVariableValue(r, "id")
-	if err != nil {
-		return &httperror.HandlerError{http.StatusBadRequest, "Invalid Edge group identifier route variable", err}
-	}
-
-	var payload edgeGroupUpdatePayload
-	err = request.DecodeAndValidateJSONPayload(r, &payload)
-	if err != nil {
-		return &httperror.HandlerError{http.StatusBadRequest, "Invalid request payload", err}
-	}
-
-	edgeGroup, err := handler.EdgeGroupService.EdgeGroup(portainer.EdgeGroupID(edgeGroupID))
-	if err == portainer.ErrObjectNotFound {
-		return &httperror.HandlerError{http.StatusNotFound, "Unable to find an Edge group with the specified identifier inside the database", err}
-	} else if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find an Edge group with the specified identifier inside the database", err}
-	}
-
-	if payload.Name != "" {
-		edgeGroups, err := handler.EdgeGroupService.EdgeGroups()
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve Edge groups from the database", err}
-		}
-		for _, edgeGroup := range edgeGroups {
-			if edgeGroup.Name == payload.Name && edgeGroup.ID != portainer.EdgeGroupID(edgeGroupID) {
-				return &httperror.HandlerError{http.StatusBadRequest, "Edge group name must be unique", portainer.Error("Edge group name must be unique")}
-			}
-		}
-
-		edgeGroup.Name = payload.Name
-	}
-	endpoints, err := handler.EndpointService.Endpoints()
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve endpoints from database", err}
-	}
-
-	endpointGroups, err := handler.EndpointGroupService.EndpointGroups()
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve endpoint groups from database", err}
-	}
-
-	oldRelatedEndpoints := portainer.EdgeGroupRelatedEndpoints(edgeGroup, endpoints, endpointGroups)
-
-	edgeGroup.Dynamic = payload.Dynamic
-	if edgeGroup.Dynamic {
-		edgeGroup.TagIDs = payload.TagIDs
-	} else {
-		endpointIDs := []portainer.EndpointID{}
-		for _, endpointID := range payload.Endpoints {
-			endpoint, err := handler.EndpointService.Endpoint(endpointID)
-			if err != nil {
-				return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve endpoint from the database", err}
-			}
-
-			if endpoint.Type == portainer.EdgeAgentEnvironment {
-				endpointIDs = append(endpointIDs, endpoint.ID)
-			}
-		}
-		edgeGroup.Endpoints = endpointIDs
-	}
-
-	if payload.PartialMatch != nil {
-		edgeGroup.PartialMatch = *payload.PartialMatch
-	}
-
-	err = handler.EdgeGroupService.UpdateEdgeGroup(edgeGroup.ID, edgeGroup)
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist Edge group changes inside the database", err}
-	}
-
-	newRelatedEndpoints := portainer.EdgeGroupRelatedEndpoints(edgeGroup, endpoints, endpointGroups)
-	endpointsToUpdate := append(newRelatedEndpoints, oldRelatedEndpoints...)
-
-	for _, endpointID := range endpointsToUpdate {
-		err = handler.updateEndpoint(endpointID)
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist Endpoint relation changes inside the database", err}
-		}
-	}
-
-	return response.JSON(w, edgeGroup)
-}
-
-func (handler *Handler) updateEndpoint(endpointID portainer.EndpointID) error {
-	relation, err := handler.EndpointRelationService.EndpointRelation(endpointID)
-	if err != nil {
-		return err
-	}
-
-	endpoint, err := handler.EndpointService.Endpoint(endpointID)
-	if err != nil {
-		return err
-	}
-
-	endpointGroup, err := handler.EndpointGroupService.EndpointGroup(endpoint.GroupID)
-	if err != nil {
-		return err
-	}
-
-	edgeGroups, err := handler.EdgeGroupService.EdgeGroups()
-	if err != nil {
-		return err
-	}
-
-	edgeStacks, err := handler.EdgeStackService.EdgeStacks()
-	if err != nil {
-		return err
-	}
-
-	edgeStackSet := map[portainer.EdgeStackID]bool{}
-
-	endpointEdgeStacks := portainer.EndpointRelatedEdgeStacks(endpoint, endpointGroup, edgeGroups, edgeStacks)
-	for _, edgeStackID := range endpointEdgeStacks {
-		edgeStackSet[edgeStackID] = true
-	}
-
-	relation.EdgeStacks = edgeStackSet
-
-	return handler.EndpointRelationService.UpdateEndpointRelation(endpoint.ID, relation)
-}
--- a/api/http/handler/edgegroups/handler.go
+++ b/api/http/handler/edgegroups/handler.go
@@ -1,39 +0,0 @@
-package edgegroups
-
-import (
-	"net/http"
-
-	"github.com/gorilla/mux"
-	httperror "github.com/portainer/libhttp/error"
-	"github.com/portainer/portainer/api"
-	"github.com/portainer/portainer/api/http/security"
-)
-
-// Handler is the HTTP handler used to handle endpoint group operations.
-type Handler struct {
-	*mux.Router
-	EdgeGroupService        portainer.EdgeGroupService
-	EdgeStackService        portainer.EdgeStackService
-	EndpointService         portainer.EndpointService
-	EndpointGroupService    portainer.EndpointGroupService
-	EndpointRelationService portainer.EndpointRelationService
-	TagService              portainer.TagService
-}
-
-// NewHandler creates a handler to manage endpoint group operations.
-func NewHandler(bouncer *security.RequestBouncer) *Handler {
-	h := &Handler{
-		Router: mux.NewRouter(),
-	}
-	h.Handle("/edge_groups",
-		bouncer.AdminAccess(httperror.LoggerHandler(h.edgeGroupCreate))).Methods(http.MethodPost)
-	h.Handle("/edge_groups",
-		bouncer.AdminAccess(httperror.LoggerHandler(h.edgeGroupList))).Methods(http.MethodGet)
-	h.Handle("/edge_groups/{id}",
-		bouncer.AdminAccess(httperror.LoggerHandler(h.edgeGroupInspect))).Methods(http.MethodGet)
-	h.Handle("/edge_groups/{id}",
-		bouncer.AdminAccess(httperror.LoggerHandler(h.edgeGroupUpdate))).Methods(http.MethodPut)
-	h.Handle("/edge_groups/{id}",
-		bouncer.AdminAccess(httperror.LoggerHandler(h.edgeGroupDelete))).Methods(http.MethodDelete)
-	return h
-}
--- a/api/http/handler/edgestacks/edgestack_create.go
+++ b/api/http/handler/edgestacks/edgestack_create.go
@@ -1,289 +0,0 @@
-package edgestacks
-
-import (
-	"errors"
-	"net/http"
-	"strconv"
-	"strings"
-	"time"
-
-	"github.com/asaskevich/govalidator"
-	httperror "github.com/portainer/libhttp/error"
-	"github.com/portainer/libhttp/request"
-	"github.com/portainer/libhttp/response"
-	"github.com/portainer/portainer/api"
-	"github.com/portainer/portainer/api/filesystem"
-)
-
-// POST request on /api/endpoint_groups
-func (handler *Handler) edgeStackCreate(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
-	method, err := request.RetrieveQueryParameter(r, "method", false)
-	if err != nil {
-		return &httperror.HandlerError{http.StatusBadRequest, "Invalid query parameter: method", err}
-	}
-
-	edgeStack, err := handler.createSwarmStack(method, r)
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to create Edge stack", err}
-	}
-
-	endpoints, err := handler.EndpointService.Endpoints()
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve endpoints from database", err}
-	}
-
-	endpointGroups, err := handler.EndpointGroupService.EndpointGroups()
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve endpoint groups from database", err}
-	}
-
-	edgeGroups, err := handler.EdgeGroupService.EdgeGroups()
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve edge groups from database", err}
-	}
-
-	relatedEndpoints, err := portainer.EdgeStackRelatedEndpoints(edgeStack.EdgeGroups, endpoints, endpointGroups, edgeGroups)
-
-	for _, endpointID := range relatedEndpoints {
-		relation, err := handler.EndpointRelationService.EndpointRelation(endpointID)
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find endpoint relation in database", err}
-		}
-
-		relation.EdgeStacks[edgeStack.ID] = true
-
-		err = handler.EndpointRelationService.UpdateEndpointRelation(endpointID, relation)
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist endpoint relation in database", err}
-		}
-	}
-
-	return response.JSON(w, edgeStack)
-}
-
-func (handler *Handler) createSwarmStack(method string, r *http.Request) (*portainer.EdgeStack, error) {
-	switch method {
-	case "string":
-		return handler.createSwarmStackFromFileContent(r)
-	case "repository":
-		return handler.createSwarmStackFromGitRepository(r)
-	case "file":
-		return handler.createSwarmStackFromFileUpload(r)
-	}
-	return nil, errors.New("Invalid value for query parameter: method. Value must be one of: string, repository or file")
-}
-
-type swarmStackFromFileContentPayload struct {
-	Name             string
-	StackFileContent string
-	EdgeGroups       []portainer.EdgeGroupID
-}
-
-func (payload *swarmStackFromFileContentPayload) Validate(r *http.Request) error {
-	if govalidator.IsNull(payload.Name) {
-		return portainer.Error("Invalid stack name")
-	}
-	if govalidator.IsNull(payload.StackFileContent) {
-		return portainer.Error("Invalid stack file content")
-	}
-	if payload.EdgeGroups == nil || len(payload.EdgeGroups) == 0 {
-		return portainer.Error("Edge Groups are mandatory for an Edge stack")
-	}
-	return nil
-}
-
-func (handler *Handler) createSwarmStackFromFileContent(r *http.Request) (*portainer.EdgeStack, error) {
-	var payload swarmStackFromFileContentPayload
-	err := request.DecodeAndValidateJSONPayload(r, &payload)
-	if err != nil {
-		return nil, err
-	}
-
-	err = handler.validateUniqueName(payload.Name)
-	if err != nil {
-		return nil, err
-	}
-
-	stackID := handler.EdgeStackService.GetNextIdentifier()
-	stack := &portainer.EdgeStack{
-		ID:           portainer.EdgeStackID(stackID),
-		Name:         payload.Name,
-		EntryPoint:   filesystem.ComposeFileDefaultName,
-		CreationDate: time.Now().Unix(),
-		EdgeGroups:   payload.EdgeGroups,
-		Status:       make(map[portainer.EndpointID]portainer.EdgeStackStatus),
-		Version:      1,
-	}
-
-	stackFolder := strconv.Itoa(int(stack.ID))
-	projectPath, err := handler.FileService.StoreEdgeStackFileFromBytes(stackFolder, stack.EntryPoint, []byte(payload.StackFileContent))
-	if err != nil {
-		return nil, err
-	}
-	stack.ProjectPath = projectPath
-
-	err = handler.EdgeStackService.CreateEdgeStack(stack)
-	if err != nil {
-		return nil, err
-	}
-
-	return stack, nil
-}
-
-type swarmStackFromGitRepositoryPayload struct {
-	Name                        string
-	RepositoryURL               string
-	RepositoryReferenceName     string
-	RepositoryAuthentication    bool
-	RepositoryUsername          string
-	RepositoryPassword          string
-	ComposeFilePathInRepository string
-	EdgeGroups                  []portainer.EdgeGroupID
-}
-
-func (payload *swarmStackFromGitRepositoryPayload) Validate(r *http.Request) error {
-	if govalidator.IsNull(payload.Name) {
-		return portainer.Error("Invalid stack name")
-	}
-	if govalidator.IsNull(payload.RepositoryURL) || !govalidator.IsURL(payload.RepositoryURL) {
-		return portainer.Error("Invalid repository URL. Must correspond to a valid URL format")
-	}
-	if payload.RepositoryAuthentication && (govalidator.IsNull(payload.RepositoryUsername) || govalidator.IsNull(payload.RepositoryPassword)) {
-		return portainer.Error("Invalid repository credentials. Username and password must be specified when authentication is enabled")
-	}
-	if govalidator.IsNull(payload.ComposeFilePathInRepository) {
-		payload.ComposeFilePathInRepository = filesystem.ComposeFileDefaultName
-	}
-	if payload.EdgeGroups == nil || len(payload.EdgeGroups) == 0 {
-		return portainer.Error("Edge Groups are mandatory for an Edge stack")
-	}
-	return nil
-}
-
-func (handler *Handler) createSwarmStackFromGitRepository(r *http.Request) (*portainer.EdgeStack, error) {
-	var payload swarmStackFromGitRepositoryPayload
-	err := request.DecodeAndValidateJSONPayload(r, &payload)
-	if err != nil {
-		return nil, err
-	}
-
-	err = handler.validateUniqueName(payload.Name)
-	if err != nil {
-		return nil, err
-	}
-
-	stackID := handler.EdgeStackService.GetNextIdentifier()
-	stack := &portainer.EdgeStack{
-		ID:           portainer.EdgeStackID(stackID),
-		Name:         payload.Name,
-		EntryPoint:   payload.ComposeFilePathInRepository,
-		CreationDate: time.Now().Unix(),
-		EdgeGroups:   payload.EdgeGroups,
-		Status:       make(map[portainer.EndpointID]portainer.EdgeStackStatus),
-		Version:      1,
-	}
-
-	projectPath := handler.FileService.GetEdgeStackProjectPath(strconv.Itoa(int(stack.ID)))
-	stack.ProjectPath = projectPath
-
-	gitCloneParams := &cloneRepositoryParameters{
-		url:            payload.RepositoryURL,
-		referenceName:  payload.RepositoryReferenceName,
-		path:           projectPath,
-		authentication: payload.RepositoryAuthentication,
-		username:       payload.RepositoryUsername,
-		password:       payload.RepositoryPassword,
-	}
-
-	err = handler.cloneGitRepository(gitCloneParams)
-	if err != nil {
-		return nil, err
-	}
-
-	err = handler.EdgeStackService.CreateEdgeStack(stack)
-	if err != nil {
-		return nil, err
-	}
-
-	return stack, nil
-}
-
-type swarmStackFromFileUploadPayload struct {
-	Name             string
-	StackFileContent []byte
-	EdgeGroups       []portainer.EdgeGroupID
-}
-
-func (payload *swarmStackFromFileUploadPayload) Validate(r *http.Request) error {
-	name, err := request.RetrieveMultiPartFormValue(r, "Name", false)
-	if err != nil {
-		return portainer.Error("Invalid stack name")
-	}
-	payload.Name = name
-
-	composeFileContent, _, err := request.RetrieveMultiPartFormFile(r, "file")
-	if err != nil {
-		return portainer.Error("Invalid Compose file. Ensure that the Compose file is uploaded correctly")
-	}
-	payload.StackFileContent = composeFileContent
-
-	var edgeGroups []portainer.EdgeGroupID
-	err = request.RetrieveMultiPartFormJSONValue(r, "EdgeGroups", &edgeGroups, false)
-	if err != nil || len(edgeGroups) == 0 {
-		return portainer.Error("Edge Groups are mandatory for an Edge stack")
-	}
-	payload.EdgeGroups = edgeGroups
-	return nil
-}
-
-func (handler *Handler) createSwarmStackFromFileUpload(r *http.Request) (*portainer.EdgeStack, error) {
-	payload := &swarmStackFromFileUploadPayload{}
-	err := payload.Validate(r)
-	if err != nil {
-		return nil, err
-	}
-
-	err = handler.validateUniqueName(payload.Name)
-	if err != nil {
-		return nil, err
-	}
-
-	stackID := handler.EdgeStackService.GetNextIdentifier()
-	stack := &portainer.EdgeStack{
-		ID:           portainer.EdgeStackID(stackID),
-		Name:         payload.Name,
-		EntryPoint:   filesystem.ComposeFileDefaultName,
-		CreationDate: time.Now().Unix(),
-		EdgeGroups:   payload.EdgeGroups,
-		Status:       make(map[portainer.EndpointID]portainer.EdgeStackStatus),
-		Version:      1,
-	}
-
-	stackFolder := strconv.Itoa(int(stack.ID))
-	projectPath, err := handler.FileService.StoreEdgeStackFileFromBytes(stackFolder, stack.EntryPoint, []byte(payload.StackFileContent))
-	if err != nil {
-		return nil, err
-	}
-	stack.ProjectPath = projectPath
-
-	err = handler.EdgeStackService.CreateEdgeStack(stack)
-	if err != nil {
-		return nil, err
-	}
-
-	return stack, nil
-}
-
-func (handler *Handler) validateUniqueName(name string) error {
-	edgeStacks, err := handler.EdgeStackService.EdgeStacks()
-	if err != nil {
-		return err
-	}
-
-	for _, stack := range edgeStacks {
-		if strings.EqualFold(stack.Name, name) {
-			return portainer.Error("Edge stack name must be unique")
-		}
-	}
-	return nil
-}
--- a/api/http/handler/edgestacks/edgestack_delete.go
+++ b/api/http/handler/edgestacks/edgestack_delete.go
@@ -1,62 +0,0 @@
-package edgestacks
-
-import (
-	"net/http"
-
-	httperror "github.com/portainer/libhttp/error"
-	"github.com/portainer/libhttp/request"
-	"github.com/portainer/libhttp/response"
-	"github.com/portainer/portainer/api"
-)
-
-func (handler *Handler) edgeStackDelete(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
-	edgeStackID, err := request.RetrieveNumericRouteVariableValue(r, "id")
-	if err != nil {
-		return &httperror.HandlerError{http.StatusBadRequest, "Invalid edge stack identifier route variable", err}
-	}
-
-	edgeStack, err := handler.EdgeStackService.EdgeStack(portainer.EdgeStackID(edgeStackID))
-	if err == portainer.ErrObjectNotFound {
-		return &httperror.HandlerError{http.StatusNotFound, "Unable to find an edge stack with the specified identifier inside the database", err}
-	} else if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find an edge stack with the specified identifier inside the database", err}
-	}
-
-	err = handler.EdgeStackService.DeleteEdgeStack(portainer.EdgeStackID(edgeStackID))
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to remove the edge stack from the database", err}
-	}
-
-	endpoints, err := handler.EndpointService.Endpoints()
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve endpoints from database", err}
-	}
-
-	endpointGroups, err := handler.EndpointGroupService.EndpointGroups()
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve endpoint groups from database", err}
-	}
-
-	edgeGroups, err := handler.EdgeGroupService.EdgeGroups()
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve edge groups from database", err}
-	}
-
-	relatedEndpoints, err := portainer.EdgeStackRelatedEndpoints(edgeStack.EdgeGroups, endpoints, endpointGroups, edgeGroups)
-
-	for _, endpointID := range relatedEndpoints {
-		relation, err := handler.EndpointRelationService.EndpointRelation(endpointID)
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find endpoint relation in database", err}
-		}
-
-		delete(relation.EdgeStacks, edgeStack.ID)
-
-		err = handler.EndpointRelationService.UpdateEndpointRelation(endpointID, relation)
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist endpoint relation in database", err}
-		}
-	}
-
-	return response.Empty(w)
-}
--- a/api/http/handler/edgestacks/edgestack_file.go
+++ b/api/http/handler/edgestacks/edgestack_file.go
@@ -1,37 +0,0 @@
-package edgestacks
-
-import (
-	"net/http"
-	"path"
-
-	httperror "github.com/portainer/libhttp/error"
-	"github.com/portainer/libhttp/request"
-	"github.com/portainer/libhttp/response"
-	"github.com/portainer/portainer/api"
-)
-
-type stackFileResponse struct {
-	StackFileContent string `json:"StackFileContent"`
-}
-
-// GET request on /api/edge_stacks/:id/file
-func (handler *Handler) edgeStackFile(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
-	stackID, err := request.RetrieveNumericRouteVariableValue(r, "id")
-	if err != nil {
-		return &httperror.HandlerError{http.StatusBadRequest, "Invalid edge stack identifier route variable", err}
-	}
-
-	stack, err := handler.EdgeStackService.EdgeStack(portainer.EdgeStackID(stackID))
-	if err == portainer.ErrObjectNotFound {
-		return &httperror.HandlerError{http.StatusNotFound, "Unable to find an edge stack with the specified identifier inside the database", err}
-	} else if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find an edge stack with the specified identifier inside the database", err}
-	}
-
-	stackFileContent, err := handler.FileService.GetFileContent(path.Join(stack.ProjectPath, stack.EntryPoint))
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve Compose file from disk", err}
-	}
-
-	return response.JSON(w, &stackFileResponse{StackFileContent: string(stackFileContent)})
-}
--- a/api/http/handler/edgestacks/edgestack_inspect.go
+++ b/api/http/handler/edgestacks/edgestack_inspect.go
@@ -1,26 +0,0 @@
-package edgestacks
-
-import (
-	"net/http"
-
-	httperror "github.com/portainer/libhttp/error"
-	"github.com/portainer/libhttp/request"
-	"github.com/portainer/libhttp/response"
-	"github.com/portainer/portainer/api"
-)
-
-func (handler *Handler) edgeStackInspect(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
-	edgeStackID, err := request.RetrieveNumericRouteVariableValue(r, "id")
-	if err != nil {
-		return &httperror.HandlerError{http.StatusBadRequest, "Invalid edge stack identifier route variable", err}
-	}
-
-	edgeStack, err := handler.EdgeStackService.EdgeStack(portainer.EdgeStackID(edgeStackID))
-	if err == portainer.ErrObjectNotFound {
-		return &httperror.HandlerError{http.StatusNotFound, "Unable to find an edge stack with the specified identifier inside the database", err}
-	} else if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find an edge stack with the specified identifier inside the database", err}
-	}
-
-	return response.JSON(w, edgeStack)
-}
--- a/api/http/handler/edgestacks/edgestack_list.go
+++ b/api/http/handler/edgestacks/edgestack_list.go
@@ -1,17 +0,0 @@
-package edgestacks
-
-import (
-	"net/http"
-
-	httperror "github.com/portainer/libhttp/error"
-	"github.com/portainer/libhttp/response"
-)
-
-func (handler *Handler) edgeStackList(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
-	edgeStacks, err := handler.EdgeStackService.EdgeStacks()
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve edge stacks from the database", err}
-	}
-
-	return response.JSON(w, edgeStacks)
-}
--- a/api/http/handler/edgestacks/edgestack_status_update.go
+++ b/api/http/handler/edgestacks/edgestack_status_update.go
@@ -1,76 +0,0 @@
-package edgestacks
-
-import (
-	"net/http"
-
-	"github.com/asaskevich/govalidator"
-	httperror "github.com/portainer/libhttp/error"
-	"github.com/portainer/libhttp/request"
-	"github.com/portainer/libhttp/response"
-	"github.com/portainer/portainer/api"
-)
-
-type updateStatusPayload struct {
-	Error      string
-	Status     *portainer.EdgeStackStatusType
-	EndpointID *portainer.EndpointID
-}
-
-func (payload *updateStatusPayload) Validate(r *http.Request) error {
-	if payload.Status == nil {
-		return portainer.Error("Invalid status")
-	}
-	if payload.EndpointID == nil {
-		return portainer.Error("Invalid EndpointID")
-	}
-	if *payload.Status == portainer.StatusError && govalidator.IsNull(payload.Error) {
-		return portainer.Error("Error message is mandatory when status is error")
-	}
-	return nil
-}
-
-func (handler *Handler) edgeStackStatusUpdate(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
-	stackID, err := request.RetrieveNumericRouteVariableValue(r, "id")
-	if err != nil {
-		return &httperror.HandlerError{http.StatusBadRequest, "Invalid stack identifier route variable", err}
-	}
-
-	stack, err := handler.EdgeStackService.EdgeStack(portainer.EdgeStackID(stackID))
-	if err == portainer.ErrObjectNotFound {
-		return &httperror.HandlerError{http.StatusNotFound, "Unable to find a stack with the specified identifier inside the database", err}
-	} else if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find a stack with the specified identifier inside the database", err}
-	}
-
-	var payload updateStatusPayload
-	err = request.DecodeAndValidateJSONPayload(r, &payload)
-	if err != nil {
-		return &httperror.HandlerError{http.StatusBadRequest, "Invalid request payload", err}
-	}
-
-	endpoint, err := handler.EndpointService.Endpoint(portainer.EndpointID(*payload.EndpointID))
-	if err == portainer.ErrObjectNotFound {
-		return &httperror.HandlerError{http.StatusNotFound, "Unable to find an endpoint with the specified identifier inside the database", err}
-	} else if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find an endpoint with the specified identifier inside the database", err}
-	}
-
-	err = handler.requestBouncer.AuthorizedEdgeEndpointOperation(r, endpoint)
-	if err != nil {
-		return &httperror.HandlerError{http.StatusForbidden, "Permission denied to access endpoint", err}
-	}
-
-	stack.Status[*payload.EndpointID] = portainer.EdgeStackStatus{
-		Type:       *payload.Status,
-		Error:      payload.Error,
-		EndpointID: *payload.EndpointID,
-	}
-
-	err = handler.EdgeStackService.UpdateEdgeStack(stack.ID, stack)
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist the stack changes inside the database", err}
-	}
-
-	return response.JSON(w, stack)
-
-}
--- a/api/http/handler/edgestacks/edgestack_update.go
+++ b/api/http/handler/edgestacks/edgestack_update.go
@@ -1,156 +0,0 @@
-package edgestacks
-
-import (
-	"net/http"
-	"strconv"
-
-	"github.com/asaskevich/govalidator"
-	httperror "github.com/portainer/libhttp/error"
-	"github.com/portainer/libhttp/request"
-	"github.com/portainer/libhttp/response"
-	"github.com/portainer/portainer/api"
-)
-
-type updateEdgeStackPayload struct {
-	StackFileContent string
-	Version          *int
-	Prune            *bool
-	EdgeGroups       []portainer.EdgeGroupID
-}
-
-func (payload *updateEdgeStackPayload) Validate(r *http.Request) error {
-	if govalidator.IsNull(payload.StackFileContent) {
-		return portainer.Error("Invalid stack file content")
-	}
-	if payload.EdgeGroups != nil && len(payload.EdgeGroups) == 0 {
-		return portainer.Error("Edge Groups are mandatory for an Edge stack")
-	}
-	return nil
-}
-
-func (handler *Handler) edgeStackUpdate(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
-	stackID, err := request.RetrieveNumericRouteVariableValue(r, "id")
-	if err != nil {
-		return &httperror.HandlerError{http.StatusBadRequest, "Invalid stack identifier route variable", err}
-	}
-
-	stack, err := handler.EdgeStackService.EdgeStack(portainer.EdgeStackID(stackID))
-	if err == portainer.ErrObjectNotFound {
-		return &httperror.HandlerError{http.StatusNotFound, "Unable to find a stack with the specified identifier inside the database", err}
-	} else if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find a stack with the specified identifier inside the database", err}
-	}
-
-	var payload updateEdgeStackPayload
-	err = request.DecodeAndValidateJSONPayload(r, &payload)
-	if err != nil {
-		return &httperror.HandlerError{http.StatusBadRequest, "Invalid request payload", err}
-	}
-
-	if payload.EdgeGroups != nil {
-		endpoints, err := handler.EndpointService.Endpoints()
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve endpoints from database", err}
-		}
-
-		endpointGroups, err := handler.EndpointGroupService.EndpointGroups()
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve endpoint groups from database", err}
-		}
-
-		edgeGroups, err := handler.EdgeGroupService.EdgeGroups()
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve edge groups from database", err}
-		}
-
-		oldRelated, err := portainer.EdgeStackRelatedEndpoints(stack.EdgeGroups, endpoints, endpointGroups, edgeGroups)
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve edge stack related endpoints from database", err}
-		}
-
-		newRelated, err := portainer.EdgeStackRelatedEndpoints(payload.EdgeGroups, endpoints, endpointGroups, edgeGroups)
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve edge stack related endpoints from database", err}
-		}
-
-		oldRelatedSet := EndpointSet(oldRelated)
-		newRelatedSet := EndpointSet(newRelated)
-
-		endpointsToRemove := map[portainer.EndpointID]bool{}
-		for endpointID := range oldRelatedSet {
-			if !newRelatedSet[endpointID] {
-				endpointsToRemove[endpointID] = true
-			}
-		}
-
-		for endpointID := range endpointsToRemove {
-			relation, err := handler.EndpointRelationService.EndpointRelation(endpointID)
-			if err != nil {
-				return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find endpoint relation in database", err}
-			}
-
-			delete(relation.EdgeStacks, stack.ID)
-
-			err = handler.EndpointRelationService.UpdateEndpointRelation(endpointID, relation)
-			if err != nil {
-				return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist endpoint relation in database", err}
-			}
-		}
-
-		endpointsToAdd := map[portainer.EndpointID]bool{}
-		for endpointID := range newRelatedSet {
-			if !oldRelatedSet[endpointID] {
-				endpointsToAdd[endpointID] = true
-			}
-		}
-
-		for endpointID := range endpointsToAdd {
-			relation, err := handler.EndpointRelationService.EndpointRelation(endpointID)
-			if err != nil {
-				return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find endpoint relation in database", err}
-			}
-
-			relation.EdgeStacks[stack.ID] = true
-
-			err = handler.EndpointRelationService.UpdateEndpointRelation(endpointID, relation)
-			if err != nil {
-				return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist endpoint relation in database", err}
-			}
-		}
-
-		stack.EdgeGroups = payload.EdgeGroups
-
-	}
-
-	if payload.Prune != nil {
-		stack.Prune = *payload.Prune
-	}
-
-	stackFolder := strconv.Itoa(int(stack.ID))
-	_, err = handler.FileService.StoreEdgeStackFileFromBytes(stackFolder, stack.EntryPoint, []byte(payload.StackFileContent))
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist updated Compose file on disk", err}
-	}
-
-	if payload.Version != nil && *payload.Version != stack.Version {
-		stack.Version = *payload.Version
-		stack.Status = map[portainer.EndpointID]portainer.EdgeStackStatus{}
-	}
-
-	err = handler.EdgeStackService.UpdateEdgeStack(stack.ID, stack)
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist the stack changes inside the database", err}
-	}
-
-	return response.JSON(w, stack)
-}
-
-func EndpointSet(endpointIDs []portainer.EndpointID) map[portainer.EndpointID]bool {
-	set := map[portainer.EndpointID]bool{}
-
-	for _, endpointID := range endpointIDs {
-		set[endpointID] = true
-	}
-
-	return set
-}
--- a/api/http/handler/edgestacks/git.go
+++ b/api/http/handler/edgestacks/git.go
@@ -1,17 +0,0 @@
-package edgestacks
-
-type cloneRepositoryParameters struct {
-	url            string
-	referenceName  string
-	path           string
-	authentication bool
-	username       string
-	password       string
-}
-
-func (handler *Handler) cloneGitRepository(parameters *cloneRepositoryParameters) error {
-	if parameters.authentication {
-		return handler.GitService.ClonePrivateRepositoryWithBasicAuth(parameters.url, parameters.referenceName, parameters.path, parameters.username, parameters.password)
-	}
-	return handler.GitService.ClonePublicRepository(parameters.url, parameters.referenceName, parameters.path)
-}
--- a/api/http/handler/edgestacks/handler.go
+++ b/api/http/handler/edgestacks/handler.go
@@ -1,46 +0,0 @@
-package edgestacks
-
-import (
-	"net/http"
-
-	"github.com/gorilla/mux"
-	httperror "github.com/portainer/libhttp/error"
-	"github.com/portainer/portainer/api"
-	"github.com/portainer/portainer/api/http/security"
-)
-
-// Handler is the HTTP handler used to handle endpoint group operations.
-type Handler struct {
-	*mux.Router
-	requestBouncer          *security.RequestBouncer
-	EdgeGroupService        portainer.EdgeGroupService
-	EdgeStackService        portainer.EdgeStackService
-	EndpointService         portainer.EndpointService
-	EndpointGroupService    portainer.EndpointGroupService
-	EndpointRelationService portainer.EndpointRelationService
-	FileService             portainer.FileService
-	GitService              portainer.GitService
-}
-
-// NewHandler creates a handler to manage endpoint group operations.
-func NewHandler(bouncer *security.RequestBouncer) *Handler {
-	h := &Handler{
-		Router:         mux.NewRouter(),
-		requestBouncer: bouncer,
-	}
-	h.Handle("/edge_stacks",
-		bouncer.AdminAccess(httperror.LoggerHandler(h.edgeStackCreate))).Methods(http.MethodPost)
-	h.Handle("/edge_stacks",
-		bouncer.AdminAccess(httperror.LoggerHandler(h.edgeStackList))).Methods(http.MethodGet)
-	h.Handle("/edge_stacks/{id}",
-		bouncer.AdminAccess(httperror.LoggerHandler(h.edgeStackInspect))).Methods(http.MethodGet)
-	h.Handle("/edge_stacks/{id}",
-		bouncer.AdminAccess(httperror.LoggerHandler(h.edgeStackUpdate))).Methods(http.MethodPut)
-	h.Handle("/edge_stacks/{id}",
-		bouncer.AdminAccess(httperror.LoggerHandler(h.edgeStackDelete))).Methods(http.MethodDelete)
-	h.Handle("/edge_stacks/{id}/file",
-		bouncer.AdminAccess(httperror.LoggerHandler(h.edgeStackFile))).Methods(http.MethodGet)
-	h.Handle("/edge_stacks/{id}/status",
-		bouncer.PublicAccess(httperror.LoggerHandler(h.edgeStackStatusUpdate))).Methods(http.MethodPut)
-	return h
-}
--- a/api/http/handler/edgetemplates/edgetemplate_list.go
+++ b/api/http/handler/edgetemplates/edgetemplate_list.go
@@ -1,49 +0,0 @@
-package edgetemplates
-
-import (
-	"encoding/json"
-	"log"
-	"net/http"
-
-	httperror "github.com/portainer/libhttp/error"
-	"github.com/portainer/libhttp/response"
-	"github.com/portainer/portainer/api"
-	"github.com/portainer/portainer/api/http/client"
-)
-
-// GET request on /api/edgetemplates
-func (handler *Handler) edgeTemplateList(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
-	settings, err := handler.SettingsService.Settings()
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve settings from the database", err}
-	}
-
-	url := portainer.EdgeTemplatesURL
-	if settings.TemplatesURL != "" {
-		url = settings.TemplatesURL
-	}
-
-	var templateData []byte
-	templateData, err = client.Get(url, 0)
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve external templates", err}
-	}
-
-	var templates []portainer.Template
-
-	err = json.Unmarshal(templateData, &templates)
-	if err != nil {
-		log.Printf("[DEBUG] [http,edge,templates] [failed parsing edge templates] [body: %s]", templateData)
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to parse external templates", err}
-	}
-
-	filteredTemplates := []portainer.Template{}
-
-	for _, template := range templates {
-		if template.Type == portainer.EdgeStackTemplate {
-			filteredTemplates = append(filteredTemplates, template)
-		}
-	}
-
-	return response.JSON(w, filteredTemplates)
-}
--- a/api/http/handler/edgetemplates/handler.go
+++ b/api/http/handler/edgetemplates/handler.go
@@ -1,31 +0,0 @@
-package edgetemplates
-
-import (
-	"net/http"
-
-	httperror "github.com/portainer/libhttp/error"
-
-	"github.com/gorilla/mux"
-	"github.com/portainer/portainer/api"
-	"github.com/portainer/portainer/api/http/security"
-)
-
-// Handler is the HTTP handler used to handle edge endpoint operations.
-type Handler struct {
-	*mux.Router
-	requestBouncer  *security.RequestBouncer
-	SettingsService portainer.SettingsService
-}
-
-// NewHandler creates a handler to manage endpoint operations.
-func NewHandler(bouncer *security.RequestBouncer) *Handler {
-	h := &Handler{
-		Router:         mux.NewRouter(),
-		requestBouncer: bouncer,
-	}
-
-	h.Handle("/edge_templates",
-		bouncer.AdminAccess(httperror.LoggerHandler(h.edgeTemplateList))).Methods(http.MethodGet)
-
-	return h
-}
--- a/api/http/handler/endpointedge/endpoint_edgestack_inspect.go
+++ b/api/http/handler/endpointedge/endpoint_edgestack_inspect.go
@@ -1,60 +0,0 @@
-package endpointedge
-
-import (
-	"net/http"
-	"path"
-
-	httperror "github.com/portainer/libhttp/error"
-	"github.com/portainer/libhttp/request"
-	"github.com/portainer/libhttp/response"
-	portainer "github.com/portainer/portainer/api"
-)
-
-type configResponse struct {
-	Prune            bool
-	StackFileContent string
-	Name             string
-}
-
-// GET request on api/endpoints/:id/edge/stacks/:stackId
-func (handler *Handler) endpointEdgeStackInspect(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
-	endpointID, err := request.RetrieveNumericRouteVariableValue(r, "id")
-	if err != nil {
-		return &httperror.HandlerError{http.StatusBadRequest, "Invalid endpoint identifier route variable", err}
-	}
-
-	endpoint, err := handler.EndpointService.Endpoint(portainer.EndpointID(endpointID))
-	if err == portainer.ErrObjectNotFound {
-		return &httperror.HandlerError{http.StatusNotFound, "Unable to find an endpoint with the specified identifier inside the database", err}
-	} else if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find an endpoint with the specified identifier inside the database", err}
-	}
-
-	err = handler.requestBouncer.AuthorizedEdgeEndpointOperation(r, endpoint)
-	if err != nil {
-		return &httperror.HandlerError{http.StatusForbidden, "Permission denied to access endpoint", err}
-	}
-
-	edgeStackID, err := request.RetrieveNumericRouteVariableValue(r, "stackId")
-	if err != nil {
-		return &httperror.HandlerError{http.StatusBadRequest, "Invalid edge stack identifier route variable", err}
-	}
-
-	edgeStack, err := handler.EdgeStackService.EdgeStack(portainer.EdgeStackID(edgeStackID))
-	if err == portainer.ErrObjectNotFound {
-		return &httperror.HandlerError{http.StatusNotFound, "Unable to find an edge stack with the specified identifier inside the database", err}
-	} else if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find an edge stack with the specified identifier inside the database", err}
-	}
-
-	stackFileContent, err := handler.FileService.GetFileContent(path.Join(edgeStack.ProjectPath, edgeStack.EntryPoint))
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve Compose file from disk", err}
-	}
-
-	return response.JSON(w, configResponse{
-		Prune:            edgeStack.Prune,
-		StackFileContent: string(stackFileContent),
-		Name:             edgeStack.Name,
-	})
-}
--- a/api/http/handler/endpointedge/handler.go
+++ b/api/http/handler/endpointedge/handler.go
@@ -1,33 +0,0 @@
-package endpointedge
-
-import (
-	"net/http"
-
-	httperror "github.com/portainer/libhttp/error"
-
-	"github.com/gorilla/mux"
-	portainer "github.com/portainer/portainer/api"
-	"github.com/portainer/portainer/api/http/security"
-)
-
-// Handler is the HTTP handler used to handle edge endpoint operations.
-type Handler struct {
-	*mux.Router
-	requestBouncer   *security.RequestBouncer
-	EndpointService  portainer.EndpointService
-	EdgeStackService portainer.EdgeStackService
-	FileService      portainer.FileService
-}
-
-// NewHandler creates a handler to manage endpoint operations.
-func NewHandler(bouncer *security.RequestBouncer) *Handler {
-	h := &Handler{
-		Router:         mux.NewRouter(),
-		requestBouncer: bouncer,
-	}
-
-	h.Handle("/{id}/edge/stacks/{stackId}",
-		bouncer.PublicAccess(httperror.LoggerHandler(h.endpointEdgeStackInspect))).Methods(http.MethodGet)
-
-	return h
-}
--- a/api/http/handler/endpointgroups/endpointgroup_create.go
+++ b/api/http/handler/endpointgroups/endpointgroup_create.go
@@ -14,15 +14,15 @@ type endpointGroupCreatePayload struct {
 	Name                string
 	Description         string
 	AssociatedEndpoints []portainer.EndpointID
-	TagIDs              []portainer.TagID
+	Tags                []string
 }

 func (payload *endpointGroupCreatePayload) Validate(r *http.Request) error {
 	if govalidator.IsNull(payload.Name) {
 		return portainer.Error("Invalid endpoint group name")
 	}
-	if payload.TagIDs == nil {
-		payload.TagIDs = []portainer.TagID{}
+	if payload.Tags == nil {
+		payload.Tags = []string{}
 	}
 	return nil
 }
@@ -40,7 +40,7 @@ func (handler *Handler) endpointGroupCreate(w http.ResponseWriter, r *http.Reque
 		Description:        payload.Description,
 		UserAccessPolicies: portainer.UserAccessPolicies{},
 		TeamAccessPolicies: portainer.TeamAccessPolicies{},
-		TagIDs:             payload.TagIDs,
+		Tags:               payload.Tags,
 	}

 	err = handler.EndpointGroupService.CreateEndpointGroup(endpointGroup)
@@ -63,29 +63,10 @@ func (handler *Handler) endpointGroupCreate(w http.ResponseWriter, r *http.Reque
 					return &httperror.HandlerError{http.StatusInternalServerError, "Unable to update endpoint", err}
 				}

-				err = handler.updateEndpointRelations(&endpoint, endpointGroup)
-				if err != nil {
-					return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist endpoint relations changes inside the database", err}
-				}
-
 				break
 			}
 		}
 	}

-	for _, tagID := range endpointGroup.TagIDs {
-		tag, err := handler.TagService.Tag(tagID)
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve tag from the database", err}
-		}
-
-		tag.EndpointGroups[endpointGroup.ID] = true
-
-		err = handler.TagService.UpdateTag(tagID, tag)
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist tag changes inside the database", err}
-		}
-	}
-
 	return response.JSON(w, endpointGroup)
 }
--- a/api/http/handler/endpointgroups/endpointgroup_delete.go
+++ b/api/http/handler/endpointgroups/endpointgroup_delete.go
@@ -20,7 +20,7 @@ func (handler *Handler) endpointGroupDelete(w http.ResponseWriter, r *http.Reque
 		return &httperror.HandlerError{http.StatusForbidden, "Unable to remove the default 'Unassigned' group", portainer.ErrCannotRemoveDefaultGroup}
 	}

-	endpointGroup, err := handler.EndpointGroupService.EndpointGroup(portainer.EndpointGroupID(endpointGroupID))
+	_, err = handler.EndpointGroupService.EndpointGroup(portainer.EndpointGroupID(endpointGroupID))
 	if err == portainer.ErrObjectNotFound {
 		return &httperror.HandlerError{http.StatusNotFound, "Unable to find an endpoint group with the specified identifier inside the database", err}
 	} else if err != nil {
@@ -46,11 +46,6 @@ func (handler *Handler) endpointGroupDelete(w http.ResponseWriter, r *http.Reque
 			if err != nil {
 				return &httperror.HandlerError{http.StatusInternalServerError, "Unable to update endpoint", err}
 			}
-
-			err = handler.updateEndpointRelations(&endpoint, nil)
-			if err != nil {
-				return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist endpoint relations changes inside the database", err}
-			}
 		}
 	}

@@ -61,19 +56,5 @@ func (handler *Handler) endpointGroupDelete(w http.ResponseWriter, r *http.Reque
 		}
 	}

-	for _, tagID := range endpointGroup.TagIDs {
-		tag, err := handler.TagService.Tag(tagID)
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve tag from the database", err}
-		}
-
-		delete(tag.EndpointGroups, endpointGroup.ID)
-
-		err = handler.TagService.UpdateTag(tagID, tag)
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist tag changes inside the database", err}
-		}
-	}
-
 	return response.Empty(w)
 }
--- a/api/http/handler/endpointgroups/endpointgroup_endpoint_add.go
+++ b/api/http/handler/endpointgroups/endpointgroup_endpoint_add.go
@@ -42,10 +42,5 @@ func (handler *Handler) endpointGroupAddEndpoint(w http.ResponseWriter, r *http.
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist endpoint changes inside the database", err}
 	}

-	err = handler.updateEndpointRelations(endpoint, endpointGroup)
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist endpoint relations changes inside the database", err}
-	}
-
 	return response.Empty(w)
 }
--- a/api/http/handler/endpointgroups/endpointgroup_endpoint_delete.go
+++ b/api/http/handler/endpointgroups/endpointgroup_endpoint_delete.go
@@ -42,10 +42,5 @@ func (handler *Handler) endpointGroupDeleteEndpoint(w http.ResponseWriter, r *ht
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist endpoint changes inside the database", err}
 	}

-	err = handler.updateEndpointRelations(endpoint, nil)
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist endpoint relations changes inside the database", err}
-	}
-
 	return response.Empty(w)
 }
--- a/api/http/handler/endpointgroups/endpointgroup_update.go
+++ b/api/http/handler/endpointgroups/endpointgroup_update.go
@@ -13,7 +13,7 @@ import (
 type endpointGroupUpdatePayload struct {
 	Name               string
 	Description        string
-	TagIDs             []portainer.TagID
+	Tags               []string
 	UserAccessPolicies portainer.UserAccessPolicies
 	TeamAccessPolicies portainer.TeamAccessPolicies
 }
@@ -50,44 +50,8 @@ func (handler *Handler) endpointGroupUpdate(w http.ResponseWriter, r *http.Reque
 		endpointGroup.Description = payload.Description
 	}

-	tagsChanged := false
-	if payload.TagIDs != nil {
-		payloadTagSet := portainer.TagSet(payload.TagIDs)
-		endpointGroupTagSet := portainer.TagSet((endpointGroup.TagIDs))
-		union := portainer.TagUnion(payloadTagSet, endpointGroupTagSet)
-		intersection := portainer.TagIntersection(payloadTagSet, endpointGroupTagSet)
-		tagsChanged = len(union) > len(intersection)
-
-		if tagsChanged {
-			removeTags := portainer.TagDifference(endpointGroupTagSet, payloadTagSet)
-
-			for tagID := range removeTags {
-				tag, err := handler.TagService.Tag(tagID)
-				if err != nil {
-					return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find a tag inside the database", err}
-				}
-				delete(tag.EndpointGroups, endpointGroup.ID)
-				err = handler.TagService.UpdateTag(tag.ID, tag)
-				if err != nil {
-					return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist tag changes inside the database", err}
-				}
-			}
-
-			endpointGroup.TagIDs = payload.TagIDs
-			for _, tagID := range payload.TagIDs {
-				tag, err := handler.TagService.Tag(tagID)
-				if err != nil {
-					return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find a tag inside the database", err}
-				}
-
-				tag.EndpointGroups[endpointGroup.ID] = true
-
-				err = handler.TagService.UpdateTag(tag.ID, tag)
-				if err != nil {
-					return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist tag changes inside the database", err}
-				}
-			}
-		}
+	if payload.Tags != nil {
+		endpointGroup.Tags = payload.Tags
 	}

 	updateAuthorizations := false
@@ -113,22 +77,5 @@ func (handler *Handler) endpointGroupUpdate(w http.ResponseWriter, r *http.Reque
 		}
 	}

-	if tagsChanged {
-		endpoints, err := handler.EndpointService.Endpoints()
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve endpoints from the database", err}
-
-		}
-
-		for _, endpoint := range endpoints {
-			if endpoint.GroupID == endpointGroup.ID {
-				err = handler.updateEndpointRelations(&endpoint, endpointGroup)
-				if err != nil {
-					return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist endpoint relations changes inside the database", err}
-				}
-			}
-		}
-	}
-
 	return response.JSON(w, endpointGroup)
 }
--- a/api/http/handler/endpointgroups/endpoints.go
+++ b/api/http/handler/endpointgroups/endpoints.go
@@ -1,42 +0,0 @@
-package endpointgroups
-
-import portainer "github.com/portainer/portainer/api"
-
-func (handler *Handler) updateEndpointRelations(endpoint *portainer.Endpoint, endpointGroup *portainer.EndpointGroup) error {
-	if endpoint.Type != portainer.EdgeAgentEnvironment {
-		return nil
-	}
-
-	if endpointGroup == nil {
-		unassignedGroup, err := handler.EndpointGroupService.EndpointGroup(portainer.EndpointGroupID(1))
-		if err != nil {
-			return err
-		}
-
-		endpointGroup = unassignedGroup
-	}
-
-	endpointRelation, err := handler.EndpointRelationService.EndpointRelation(endpoint.ID)
-	if err != nil {
-		return err
-	}
-
-	edgeGroups, err := handler.EdgeGroupService.EdgeGroups()
-	if err != nil {
-		return err
-	}
-
-	edgeStacks, err := handler.EdgeStackService.EdgeStacks()
-	if err != nil {
-		return err
-	}
-
-	endpointStacks := portainer.EndpointRelatedEdgeStacks(endpoint, endpointGroup, edgeGroups, edgeStacks)
-	stacksSet := map[portainer.EdgeStackID]bool{}
-	for _, edgeStackID := range endpointStacks {
-		stacksSet[edgeStackID] = true
-	}
-	endpointRelation.EdgeStacks = stacksSet
-
-	return handler.EndpointRelationService.UpdateEndpointRelation(endpoint.ID, endpointRelation)
-}
--- a/api/http/handler/endpointgroups/handler.go
+++ b/api/http/handler/endpointgroups/handler.go
@@ -12,13 +12,9 @@ import (
 // Handler is the HTTP handler used to handle endpoint group operations.
 type Handler struct {
 	*mux.Router
-	AuthorizationService    *portainer.AuthorizationService
-	EdgeGroupService        portainer.EdgeGroupService
-	EdgeStackService        portainer.EdgeStackService
-	EndpointService         portainer.EndpointService
-	EndpointGroupService    portainer.EndpointGroupService
-	EndpointRelationService portainer.EndpointRelationService
-	TagService              portainer.TagService
+	EndpointService      portainer.EndpointService
+	EndpointGroupService portainer.EndpointGroupService
+	AuthorizationService *portainer.AuthorizationService
 }

 // NewHandler creates a handler to manage endpoint group operations.
--- a/api/http/handler/endpoints/endpoint_create.go
+++ b/api/http/handler/endpoints/endpoint_create.go
@@ -12,7 +12,7 @@ import (
 	httperror "github.com/portainer/libhttp/error"
 	"github.com/portainer/libhttp/request"
 	"github.com/portainer/libhttp/response"
-	portainer "github.com/portainer/portainer/api"
+	"github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/crypto"
 	"github.com/portainer/portainer/api/http/client"
 )
@@ -32,7 +32,7 @@ type endpointCreatePayload struct {
 	AzureApplicationID     string
 	AzureTenantID          string
 	AzureAuthenticationKey string
-	TagIDs                 []portainer.TagID
+	Tags                   []string
 }

 func (payload *endpointCreatePayload) Validate(r *http.Request) error {
@@ -54,14 +54,14 @@ func (payload *endpointCreatePayload) Validate(r *http.Request) error {
 	}
 	payload.GroupID = groupID

-	var tagIDs []portainer.TagID
-	err = request.RetrieveMultiPartFormJSONValue(r, "TagIds", &tagIDs, true)
+	var tags []string
+	err = request.RetrieveMultiPartFormJSONValue(r, "Tags", &tags, true)
 	if err != nil {
-		return portainer.Error("Invalid TagIds parameter")
+		return portainer.Error("Invalid Tags parameter")
 	}
-	payload.TagIDs = tagIDs
-	if payload.TagIDs == nil {
-		payload.TagIDs = make([]portainer.TagID, 0)
+	payload.Tags = tags
+	if payload.Tags == nil {
+		payload.Tags = make([]string, 0)
 	}

 	useTLS, _ := request.RetrieveBooleanMultiPartFormValue(r, "TLS", true)
@@ -146,38 +146,6 @@ func (handler *Handler) endpointCreate(w http.ResponseWriter, r *http.Request) *
 		return endpointCreationError
 	}

-	endpointGroup, err := handler.EndpointGroupService.EndpointGroup(endpoint.GroupID)
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find an endpoint group inside the database", err}
-	}
-
-	edgeGroups, err := handler.EdgeGroupService.EdgeGroups()
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve edge groups from the database", err}
-	}
-
-	edgeStacks, err := handler.EdgeStackService.EdgeStacks()
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve edge stacks from the database", err}
-	}
-
-	relationObject := &portainer.EndpointRelation{
-		EndpointID: endpoint.ID,
-		EdgeStacks: map[portainer.EdgeStackID]bool{},
-	}
-
-	if endpoint.Type == portainer.EdgeAgentEnvironment {
-		relatedEdgeStacks := portainer.EndpointRelatedEdgeStacks(endpoint, endpointGroup, edgeGroups, edgeStacks)
-		for _, stackID := range relatedEdgeStacks {
-			relationObject.EdgeStacks[stackID] = true
-		}
-	}
-
-	err = handler.EndpointRelationService.CreateEndpointRelation(relationObject)
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist the relation object inside the database", err}
-	}
-
 	return response.JSON(w, endpoint)
 }

@@ -219,7 +187,7 @@ func (handler *Handler) createAzureEndpoint(payload *endpointCreatePayload) (*po
 		TeamAccessPolicies: portainer.TeamAccessPolicies{},
 		Extensions:         []portainer.EndpointExtension{},
 		AzureCredentials:   credentials,
-		TagIDs:             payload.TagIDs,
+		Tags:               payload.Tags,
 		Status:             portainer.EndpointStatusUp,
 		Snapshots:          []portainer.Snapshot{},
 	}
@@ -261,13 +229,13 @@ func (handler *Handler) createEdgeAgentEndpoint(payload *endpointCreatePayload)
 		TLSConfig: portainer.TLSConfiguration{
 			TLS: false,
 		},
-		UserAccessPolicies: portainer.UserAccessPolicies{},
-		TeamAccessPolicies: portainer.TeamAccessPolicies{},
-		Extensions:         []portainer.EndpointExtension{},
-		TagIDs:             payload.TagIDs,
-		Status:             portainer.EndpointStatusUp,
-		Snapshots:          []portainer.Snapshot{},
-		EdgeKey:            edgeKey,
+		AuthorizedUsers: []portainer.UserID{},
+		AuthorizedTeams: []portainer.TeamID{},
+		Extensions:      []portainer.EndpointExtension{},
+		Tags:            payload.Tags,
+		Status:          portainer.EndpointStatusUp,
+		Snapshots:       []portainer.Snapshot{},
+		EdgeKey:         edgeKey,
 	}

 	err = handler.saveEndpointAndUpdateAuthorizations(endpoint)
@@ -310,7 +278,7 @@ func (handler *Handler) createUnsecuredEndpoint(payload *endpointCreatePayload)
 		UserAccessPolicies: portainer.UserAccessPolicies{},
 		TeamAccessPolicies: portainer.TeamAccessPolicies{},
 		Extensions:         []portainer.EndpointExtension{},
-		TagIDs:             payload.TagIDs,
+		Tags:               payload.Tags,
 		Status:             portainer.EndpointStatusUp,
 		Snapshots:          []portainer.Snapshot{},
 	}
@@ -354,7 +322,7 @@ func (handler *Handler) createTLSSecuredEndpoint(payload *endpointCreatePayload)
 		UserAccessPolicies: portainer.UserAccessPolicies{},
 		TeamAccessPolicies: portainer.TeamAccessPolicies{},
 		Extensions:         []portainer.EndpointExtension{},
-		TagIDs:             payload.TagIDs,
+		Tags:               payload.Tags,
 		Status:             portainer.EndpointStatusUp,
 		Snapshots:          []portainer.Snapshot{},
 	}
@@ -409,20 +377,6 @@ func (handler *Handler) saveEndpointAndUpdateAuthorizations(endpoint *portainer.
 		return handler.AuthorizationService.UpdateUsersAuthorizations()
 	}

-	for _, tagID := range endpoint.TagIDs {
-		tag, err := handler.TagService.Tag(tagID)
-		if err != nil {
-			return err
-		}
-
-		tag.Endpoints[endpoint.ID] = true
-
-		err = handler.TagService.UpdateTag(tagID, tag)
-		if err != nil {
-			return err
-		}
-	}
-
 	return nil
 }

--- a/api/http/handler/endpoints/endpoint_delete.go
+++ b/api/http/handler/endpoints/endpoint_delete.go
@@ -50,75 +50,5 @@ func (handler *Handler) endpointDelete(w http.ResponseWriter, r *http.Request) *
 		}
 	}

-	err = handler.EndpointRelationService.DeleteEndpointRelation(endpoint.ID)
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to remove endpoint relation from the database", err}
-	}
-
-	for _, tagID := range endpoint.TagIDs {
-		tag, err := handler.TagService.Tag(tagID)
-		if err != nil {
-			return &httperror.HandlerError{http.StatusNotFound, "Unable to find tag inside the database", err}
-		}
-
-		delete(tag.Endpoints, endpoint.ID)
-
-		err = handler.TagService.UpdateTag(tagID, tag)
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist tag relation inside the database", err}
-		}
-	}
-
-	edgeGroups, err := handler.EdgeGroupService.EdgeGroups()
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve edge groups from the database", err}
-	}
-
-	for idx := range edgeGroups {
-		edgeGroup := &edgeGroups[idx]
-		endpointIdx := findEndpointIndex(edgeGroup.Endpoints, endpoint.ID)
-		if endpointIdx != -1 {
-			edgeGroup.Endpoints = removeElement(edgeGroup.Endpoints, endpointIdx)
-			err = handler.EdgeGroupService.UpdateEdgeGroup(edgeGroup.ID, edgeGroup)
-			if err != nil {
-				return &httperror.HandlerError{http.StatusInternalServerError, "Unable to update edge group", err}
-			}
-		}
-	}
-
-	edgeStacks, err := handler.EdgeStackService.EdgeStacks()
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve edge stacks from the database", err}
-	}
-
-	for idx := range edgeStacks {
-		edgeStack := &edgeStacks[idx]
-		if _, ok := edgeStack.Status[endpoint.ID]; ok {
-			delete(edgeStack.Status, endpoint.ID)
-			err = handler.EdgeStackService.UpdateEdgeStack(edgeStack.ID, edgeStack)
-			if err != nil {
-				return &httperror.HandlerError{http.StatusInternalServerError, "Unable to update edge stack", err}
-			}
-		}
-	}
-
 	return response.Empty(w)
 }
-
-func findEndpointIndex(tags []portainer.EndpointID, searchEndpointID portainer.EndpointID) int {
-	for idx, tagID := range tags {
-		if searchEndpointID == tagID {
-			return idx
-		}
-	}
-	return -1
-}
-
-func removeElement(arr []portainer.EndpointID, index int) []portainer.EndpointID {
-	if index < 0 {
-		return arr
-	}
-	lastTagIdx := len(arr) - 1
-	arr[index] = arr[lastTagIdx]
-	return arr[:lastTagIdx]
-}
--- a/api/http/handler/endpoints/endpoint_list.go
+++ b/api/http/handler/endpoints/endpoint_list.go
@@ -5,7 +5,7 @@ import (
 	"strconv"
 	"strings"

-	"github.com/portainer/portainer/api"
+	portainer "github.com/portainer/portainer/api"

 	"github.com/portainer/libhttp/request"

@@ -28,15 +28,6 @@ func (handler *Handler) endpointList(w http.ResponseWriter, r *http.Request) *ht

 	groupID, _ := request.RetrieveNumericQueryParameter(r, "groupId", true)
 	limit, _ := request.RetrieveNumericQueryParameter(r, "limit", true)
-	endpointType, _ := request.RetrieveNumericQueryParameter(r, "type", true)
-
-	var tagIDs []portainer.TagID
-	request.RetrieveJSONQueryParameter(r, "tagIds", &tagIDs, true)
-
-	tagsPartialMatch, _ := request.RetrieveBooleanQueryParameter(r, "tagsPartialMatch", true)
-
-	var endpointIDs []portainer.EndpointID
-	request.RetrieveJSONQueryParameter(r, "endpointIds", &endpointIDs, true)

 	endpointGroups, err := handler.EndpointGroupService.EndpointGroups()
 	if err != nil {
@@ -55,32 +46,12 @@ func (handler *Handler) endpointList(w http.ResponseWriter, r *http.Request) *ht

 	filteredEndpoints := security.FilterEndpoints(endpoints, endpointGroups, securityContext)

-	if endpointIDs != nil {
-		filteredEndpoints = filteredEndpointsByIds(filteredEndpoints, endpointIDs)
-	}
-
 	if groupID != 0 {
 		filteredEndpoints = filterEndpointsByGroupID(filteredEndpoints, portainer.EndpointGroupID(groupID))
 	}

 	if search != "" {
-		tags, err := handler.TagService.Tags()
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve tags from the database", err}
-		}
-		tagsMap := make(map[portainer.TagID]string)
-		for _, tag := range tags {
-			tagsMap[tag.ID] = tag.Name
-		}
-		filteredEndpoints = filterEndpointsBySearchCriteria(filteredEndpoints, endpointGroups, tagsMap, search)
-	}
-
-	if endpointType != 0 {
-		filteredEndpoints = filterEndpointsByType(filteredEndpoints, portainer.EndpointType(endpointType))
-	}
-
-	if tagIDs != nil {
-		filteredEndpoints = filteredEndpointsByTags(filteredEndpoints, tagIDs, endpointGroups, tagsPartialMatch)
+		filteredEndpoints = filterEndpointsBySearchCriteria(filteredEndpoints, endpointGroups, search)
 	}

 	filteredEndpointCount := len(filteredEndpoints)
@@ -126,17 +97,17 @@ func filterEndpointsByGroupID(endpoints []portainer.Endpoint, endpointGroupID po
 	return filteredEndpoints
 }

-func filterEndpointsBySearchCriteria(endpoints []portainer.Endpoint, endpointGroups []portainer.EndpointGroup, tagsMap map[portainer.TagID]string, searchCriteria string) []portainer.Endpoint {
+func filterEndpointsBySearchCriteria(endpoints []portainer.Endpoint, endpointGroups []portainer.EndpointGroup, searchCriteria string) []portainer.Endpoint {
 	filteredEndpoints := make([]portainer.Endpoint, 0)

 	for _, endpoint := range endpoints {
-		endpointTags := convertTagIDsToTags(tagsMap, endpoint.TagIDs)
-		if endpointMatchSearchCriteria(&endpoint, endpointTags, searchCriteria) {
+
+		if endpointMatchSearchCriteria(&endpoint, searchCriteria) {
 			filteredEndpoints = append(filteredEndpoints, endpoint)
 			continue
 		}

-		if endpointGroupMatchSearchCriteria(&endpoint, endpointGroups, tagsMap, searchCriteria) {
+		if endpointGroupMatchSearchCriteria(&endpoint, endpointGroups, searchCriteria) {
 			filteredEndpoints = append(filteredEndpoints, endpoint)
 		}
 	}
@@ -144,7 +115,7 @@ func filterEndpointsBySearchCriteria(endpoints []portainer.Endpoint, endpointGro
 	return filteredEndpoints
 }

-func endpointMatchSearchCriteria(endpoint *portainer.Endpoint, tags []string, searchCriteria string) bool {
+func endpointMatchSearchCriteria(endpoint *portainer.Endpoint, searchCriteria string) bool {
 	if strings.Contains(strings.ToLower(endpoint.Name), searchCriteria) {
 		return true
 	}
@@ -158,7 +129,8 @@ func endpointMatchSearchCriteria(endpoint *portainer.Endpoint, tags []string, se
 	} else if endpoint.Status == portainer.EndpointStatusDown && searchCriteria == "down" {
 		return true
 	}
-	for _, tag := range tags {
+
+	for _, tag := range endpoint.Tags {
 		if strings.Contains(strings.ToLower(tag), searchCriteria) {
 			return true
 		}
@@ -167,14 +139,14 @@ func endpointMatchSearchCriteria(endpoint *portainer.Endpoint, tags []string, se
 	return false
 }

-func endpointGroupMatchSearchCriteria(endpoint *portainer.Endpoint, endpointGroups []portainer.EndpointGroup, tagsMap map[portainer.TagID]string, searchCriteria string) bool {
+func endpointGroupMatchSearchCriteria(endpoint *portainer.Endpoint, endpointGroups []portainer.EndpointGroup, searchCriteria string) bool {
 	for _, group := range endpointGroups {
 		if group.ID == endpoint.GroupID {
 			if strings.Contains(strings.ToLower(group.Name), searchCriteria) {
 				return true
 			}
-			tags := convertTagIDsToTags(tagsMap, group.TagIDs)
-			for _, tag := range tags {
+
+			for _, tag := range group.Tags {
 				if strings.Contains(strings.ToLower(tag), searchCriteria) {
 					return true
 				}
@@ -184,106 +156,3 @@ func endpointGroupMatchSearchCriteria(endpoint *portainer.Endpoint, endpointGrou

 	return false
 }
-
-func filterEndpointsByType(endpoints []portainer.Endpoint, endpointType portainer.EndpointType) []portainer.Endpoint {
-	filteredEndpoints := make([]portainer.Endpoint, 0)
-
-	for _, endpoint := range endpoints {
-		if endpoint.Type == endpointType {
-			filteredEndpoints = append(filteredEndpoints, endpoint)
-		}
-	}
-	return filteredEndpoints
-}
-
-func convertTagIDsToTags(tagsMap map[portainer.TagID]string, tagIDs []portainer.TagID) []string {
-	tags := make([]string, 0)
-	for _, tagID := range tagIDs {
-		tags = append(tags, tagsMap[tagID])
-	}
-	return tags
-}
-
-func filteredEndpointsByTags(endpoints []portainer.Endpoint, tagIDs []portainer.TagID, endpointGroups []portainer.EndpointGroup, partialMatch bool) []portainer.Endpoint {
-	filteredEndpoints := make([]portainer.Endpoint, 0)
-
-	for _, endpoint := range endpoints {
-		endpointGroup := getEndpointGroup(endpoint.GroupID, endpointGroups)
-		endpointMatched := false
-		if partialMatch {
-			endpointMatched = endpointPartialMatchTags(endpoint, endpointGroup, tagIDs)
-		} else {
-			endpointMatched = endpointFullMatchTags(endpoint, endpointGroup, tagIDs)
-		}
-
-		if endpointMatched {
-			filteredEndpoints = append(filteredEndpoints, endpoint)
-		}
-	}
-	return filteredEndpoints
-}
-
-func getEndpointGroup(groupID portainer.EndpointGroupID, groups []portainer.EndpointGroup) portainer.EndpointGroup {
-	var endpointGroup portainer.EndpointGroup
-	for _, group := range groups {
-		if group.ID == groupID {
-			endpointGroup = group
-			break
-		}
-	}
-	return endpointGroup
-}
-
-func endpointPartialMatchTags(endpoint portainer.Endpoint, endpointGroup portainer.EndpointGroup, tagIDs []portainer.TagID) bool {
-	tagSet := make(map[portainer.TagID]bool)
-	for _, tagID := range tagIDs {
-		tagSet[tagID] = true
-	}
-	for _, tagID := range endpoint.TagIDs {
-		if tagSet[tagID] {
-			return true
-		}
-	}
-	for _, tagID := range endpointGroup.TagIDs {
-		if tagSet[tagID] {
-			return true
-		}
-	}
-	return false
-}
-
-func endpointFullMatchTags(endpoint portainer.Endpoint, endpointGroup portainer.EndpointGroup, tagIDs []portainer.TagID) bool {
-	missingTags := make(map[portainer.TagID]bool)
-	for _, tagID := range tagIDs {
-		missingTags[tagID] = true
-	}
-	for _, tagID := range endpoint.TagIDs {
-		if missingTags[tagID] {
-			delete(missingTags, tagID)
-		}
-	}
-	for _, tagID := range endpointGroup.TagIDs {
-		if missingTags[tagID] {
-			delete(missingTags, tagID)
-		}
-	}
-	return len(missingTags) == 0
-}
-
-func filteredEndpointsByIds(endpoints []portainer.Endpoint, ids []portainer.EndpointID) []portainer.Endpoint {
-	filteredEndpoints := make([]portainer.Endpoint, 0)
-
-	idsSet := make(map[portainer.EndpointID]bool)
-	for _, id := range ids {
-		idsSet[id] = true
-	}
-
-	for _, endpoint := range endpoints {
-		if idsSet[endpoint.ID] {
-			filteredEndpoints = append(filteredEndpoints, endpoint)
-		}
-	}
-
-	return filteredEndpoints
-
-}
--- a/api/http/handler/endpoints/endpoint_status_inspect.go
+++ b/api/http/handler/endpoints/endpoint_status_inspect.go
@@ -1,6 +1,7 @@
 package endpoints

 import (
+	"errors"
 	"net/http"

 	httperror "github.com/portainer/libhttp/error"
@@ -9,18 +10,12 @@ import (
 	"github.com/portainer/portainer/api"
 )

-type stackStatusResponse struct {
-	ID      portainer.EdgeStackID
-	Version int
-}
-
 type endpointStatusInspectResponse struct {
 	Status          string                   `json:"status"`
 	Port            int                      `json:"port"`
 	Schedules       []portainer.EdgeSchedule `json:"schedules"`
 	CheckinInterval int                      `json:"checkin"`
 	Credentials     string                   `json:"credentials"`
-	Stacks          []stackStatusResponse    `json:"stacks"`
 }

 // GET request on /api/endpoints/:id/status
@@ -37,14 +32,20 @@ func (handler *Handler) endpointStatusInspect(w http.ResponseWriter, r *http.Req
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find an endpoint with the specified identifier inside the database", err}
 	}

-	err = handler.requestBouncer.AuthorizedEdgeEndpointOperation(r, endpoint)
-	if err != nil {
-		return &httperror.HandlerError{http.StatusForbidden, "Permission denied to access endpoint", err}
+	if endpoint.Type != portainer.EdgeAgentEnvironment {
+		return &httperror.HandlerError{http.StatusInternalServerError, "Status unavailable for non Edge agent endpoints", errors.New("Status unavailable")}
+	}
+
+	edgeIdentifier := r.Header.Get(portainer.PortainerAgentEdgeIDHeader)
+	if edgeIdentifier == "" {
+		return &httperror.HandlerError{http.StatusForbidden, "Missing Edge identifier", errors.New("missing Edge identifier")}
+	}
+
+	if endpoint.EdgeID != "" && endpoint.EdgeID != edgeIdentifier {
+		return &httperror.HandlerError{http.StatusForbidden, "Invalid Edge identifier", errors.New("invalid Edge identifier")}
 	}

 	if endpoint.EdgeID == "" {
-		edgeIdentifier := r.Header.Get(portainer.PortainerAgentEdgeIDHeader)
-
 		endpoint.EdgeID = edgeIdentifier

 		err := handler.EndpointService.UpdateEndpoint(endpoint.ID, endpoint)
@@ -72,27 +73,5 @@ func (handler *Handler) endpointStatusInspect(w http.ResponseWriter, r *http.Req
 		handler.ReverseTunnelService.SetTunnelStatusToActive(endpoint.ID)
 	}

-	relation, err := handler.EndpointRelationService.EndpointRelation(endpoint.ID)
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve relation object from the database", err}
-	}
-
-	edgeStacksStatus := []stackStatusResponse{}
-	for stackID := range relation.EdgeStacks {
-		stack, err := handler.EdgeStackService.EdgeStack(stackID)
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve edge stack from the database", err}
-		}
-
-		stackStatus := stackStatusResponse{
-			ID:      stack.ID,
-			Version: stack.Version,
-		}
-
-		edgeStacksStatus = append(edgeStacksStatus, stackStatus)
-	}
-
-	statusResponse.Stacks = edgeStacksStatus
-
 	return response.JSON(w, statusResponse)
 }
--- a/api/http/handler/endpoints/endpoint_update.go
+++ b/api/http/handler/endpoints/endpoint_update.go
@@ -24,7 +24,7 @@ type endpointUpdatePayload struct {
 	AzureApplicationID     *string
 	AzureTenantID          *string
 	AzureAuthenticationKey *string
-	TagIDs                 []portainer.TagID
+	Tags                   []string
 	UserAccessPolicies     portainer.UserAccessPolicies
 	TeamAccessPolicies     portainer.TeamAccessPolicies
 }
@@ -69,52 +69,12 @@ func (handler *Handler) endpointUpdate(w http.ResponseWriter, r *http.Request) *
 		endpoint.PublicURL = *payload.PublicURL
 	}

-	groupIDChanged := false
 	if payload.GroupID != nil {
-		groupID := portainer.EndpointGroupID(*payload.GroupID)
-		groupIDChanged = groupID != endpoint.GroupID
-		endpoint.GroupID = groupID
+		endpoint.GroupID = portainer.EndpointGroupID(*payload.GroupID)
 	}

-	tagsChanged := false
-	if payload.TagIDs != nil {
-		payloadTagSet := portainer.TagSet(payload.TagIDs)
-		endpointTagSet := portainer.TagSet((endpoint.TagIDs))
-		union := portainer.TagUnion(payloadTagSet, endpointTagSet)
-		intersection := portainer.TagIntersection(payloadTagSet, endpointTagSet)
-		tagsChanged = len(union) > len(intersection)
-
-		if tagsChanged {
-			removeTags := portainer.TagDifference(endpointTagSet, payloadTagSet)
-
-			for tagID := range removeTags {
-				tag, err := handler.TagService.Tag(tagID)
-				if err != nil {
-					return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find a tag inside the database", err}
-				}
-
-				delete(tag.Endpoints, endpoint.ID)
-				err = handler.TagService.UpdateTag(tag.ID, tag)
-				if err != nil {
-					return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist tag changes inside the database", err}
-				}
-			}
-
-			endpoint.TagIDs = payload.TagIDs
-			for _, tagID := range payload.TagIDs {
-				tag, err := handler.TagService.Tag(tagID)
-				if err != nil {
-					return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find a tag inside the database", err}
-				}
-
-				tag.Endpoints[endpoint.ID] = true
-
-				err = handler.TagService.UpdateTag(tag.ID, tag)
-				if err != nil {
-					return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist tag changes inside the database", err}
-				}
-			}
-		}
+	if payload.Tags != nil {
+		endpoint.Tags = payload.Tags
 	}

 	updateAuthorizations := false
@@ -224,41 +184,5 @@ func (handler *Handler) endpointUpdate(w http.ResponseWriter, r *http.Request) *
 		}
 	}

-	if endpoint.Type == portainer.EdgeAgentEnvironment && (groupIDChanged || tagsChanged) {
-		relation, err := handler.EndpointRelationService.EndpointRelation(endpoint.ID)
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find endpoint relation inside the database", err}
-		}
-
-		endpointGroup, err := handler.EndpointGroupService.EndpointGroup(endpoint.GroupID)
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find endpoint group inside the database", err}
-		}
-
-		edgeGroups, err := handler.EdgeGroupService.EdgeGroups()
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve edge groups from the database", err}
-		}
-
-		edgeStacks, err := handler.EdgeStackService.EdgeStacks()
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve edge stacks from the database", err}
-		}
-
-		edgeStackSet := map[portainer.EdgeStackID]bool{}
-
-		endpointEdgeStacks := portainer.EndpointRelatedEdgeStacks(endpoint, endpointGroup, edgeGroups, edgeStacks)
-		for _, edgeStackID := range endpointEdgeStacks {
-			edgeStackSet[edgeStackID] = true
-		}
-
-		relation.EdgeStacks = edgeStackSet
-
-		err = handler.EndpointRelationService.UpdateEndpointRelation(endpoint.ID, relation)
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist endpoint relation changes inside the database", err}
-		}
-	}
-
 	return response.JSON(w, endpoint)
 }
--- a/api/http/handler/endpoints/handler.go
+++ b/api/http/handler/endpoints/handler.go
@@ -29,19 +29,15 @@ type Handler struct {
 	*mux.Router
 	authorizeEndpointManagement bool
 	requestBouncer              *security.RequestBouncer
-	AuthorizationService        *portainer.AuthorizationService
-	EdgeGroupService            portainer.EdgeGroupService
-	EdgeStackService            portainer.EdgeStackService
 	EndpointService             portainer.EndpointService
 	EndpointGroupService        portainer.EndpointGroupService
-	EndpointRelationService     portainer.EndpointRelationService
 	FileService                 portainer.FileService
-	JobService                  portainer.JobService
 	ProxyManager                *proxy.Manager
+	Snapshotter                 portainer.Snapshotter
+	JobService                  portainer.JobService
 	ReverseTunnelService        portainer.ReverseTunnelService
 	SettingsService             portainer.SettingsService
-	Snapshotter                 portainer.Snapshotter
-	TagService                  portainer.TagService
+	AuthorizationService        *portainer.AuthorizationService
 }

 // NewHandler creates a handler to manage endpoint operations.
@@ -74,5 +70,6 @@ func NewHandler(bouncer *security.RequestBouncer, authorizeEndpointManagement bo
 		bouncer.AdminAccess(httperror.LoggerHandler(h.endpointSnapshot))).Methods(http.MethodPost)
 	h.Handle("/endpoints/{id}/status",
 		bouncer.PublicAccess(httperror.LoggerHandler(h.endpointStatusInspect))).Methods(http.MethodGet)
+
 	return h
 }
--- a/api/http/handler/extensions/extension_create.go
+++ b/api/http/handler/extensions/extension_create.go
@@ -41,19 +41,14 @@ func (handler *Handler) extensionCreate(w http.ResponseWriter, r *http.Request)
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve extensions status from the database", err}
 	}

-	extension := &portainer.Extension{
-		ID: extensionID,
+	for _, existingExtension := range extensions {
+		if existingExtension.ID == extensionID && existingExtension.Enabled {
+			return &httperror.HandlerError{http.StatusConflict, "Unable to enable extension", portainer.ErrExtensionAlreadyEnabled}
+		}
 	}

-	for _, existingExtension := range extensions {
-		if existingExtension.ID == extensionID && (existingExtension.Enabled || !existingExtension.License.Valid) {
-			if existingExtension.License.LicenseKey == payload.License {
-				return &httperror.HandlerError{http.StatusConflict, "Unable to enable extension", portainer.ErrExtensionAlreadyEnabled}
-			}
-
-			_ = handler.ExtensionManager.DisableExtension(&existingExtension)
-			extension.Enabled = true
-		}
+	extension := &portainer.Extension{
+		ID: extensionID,
 	}

 	extensionDefinitions, err := handler.ExtensionManager.FetchExtensionDefinitions()
@@ -73,14 +68,15 @@ func (handler *Handler) extensionCreate(w http.ResponseWriter, r *http.Request)
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to enable extension", err}
 	}

-	if extension.ID == portainer.RBACExtension && !extension.Enabled {
+	extension.Enabled = true
+
+	if extension.ID == portainer.RBACExtension {
 		err = handler.upgradeRBACData()
 		if err != nil {
 			return &httperror.HandlerError{http.StatusInternalServerError, "An error occured during database update", err}
 		}
 	}

-	extension.Enabled = true
 	err = handler.ExtensionService.Persist(extension)
 	if err != nil {
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist extension status inside the database", err}
--- a/api/http/handler/extensions/extension_upload.go
+++ b/api/http/handler/extensions/extension_upload.go
@@ -46,21 +46,10 @@ func (handler *Handler) extensionUpload(w http.ResponseWriter, r *http.Request)
 	}
 	extensionID := portainer.ExtensionID(extensionIdentifier)

-	extensions, err := handler.ExtensionService.Extensions()
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve extensions status from the database", err}
-	}
-
 	extension := &portainer.Extension{
 		ID: extensionID,
 	}

-	for _, existingExtension := range extensions {
-		if existingExtension.ID == extensionID && (existingExtension.Enabled || !existingExtension.License.Valid) {
-			extension.Enabled = true
-		}
-	}
-
 	_ = handler.ExtensionManager.DisableExtension(extension)

 	err = handler.ExtensionManager.InstallExtension(extension, payload.License, payload.ArchiveFileName, payload.ExtensionArchive)
@@ -68,15 +57,15 @@ func (handler *Handler) extensionUpload(w http.ResponseWriter, r *http.Request)
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to install extension", err}
 	}

-	if extension.ID == portainer.RBACExtension && !extension.Enabled {
+	extension.Enabled = true
+
+	if extension.ID == portainer.RBACExtension {
 		err = handler.upgradeRBACData()
 		if err != nil {
 			return &httperror.HandlerError{http.StatusInternalServerError, "An error occured during database update", err}
 		}
 	}

-	extension.Enabled = true
-
 	err = handler.ExtensionService.Persist(extension)
 	if err != nil {
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist extension status inside the database", err}
--- a/api/http/handler/handler.go
+++ b/api/http/handler/handler.go
@@ -4,10 +4,6 @@ import (
 	"net/http"
 	"strings"

-	"github.com/portainer/portainer/api/http/handler/edgegroups"
-	"github.com/portainer/portainer/api/http/handler/edgestacks"
-	"github.com/portainer/portainer/api/http/handler/edgetemplates"
-	"github.com/portainer/portainer/api/http/handler/endpointedge"
 	"github.com/portainer/portainer/api/http/handler/support"

 	"github.com/portainer/portainer/api/http/handler/schedules"
@@ -41,10 +37,6 @@ import (
 type Handler struct {
 	AuthHandler            *auth.Handler
 	DockerHubHandler       *dockerhub.Handler
-	EdgeGroupsHandler      *edgegroups.Handler
-	EdgeStacksHandler      *edgestacks.Handler
-	EdgeTemplatesHandler   *edgetemplates.Handler
-	EndpointEdgeHandler    *endpointedge.Handler
 	EndpointGroupHandler   *endpointgroups.Handler
 	EndpointHandler        *endpoints.Handler
 	EndpointProxyHandler   *endpointproxy.Handler
@@ -76,12 +68,6 @@ func (h *Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		http.StripPrefix("/api", h.AuthHandler).ServeHTTP(w, r)
 	case strings.HasPrefix(r.URL.Path, "/api/dockerhub"):
 		http.StripPrefix("/api", h.DockerHubHandler).ServeHTTP(w, r)
-	case strings.HasPrefix(r.URL.Path, "/api/edge_stacks"):
-		http.StripPrefix("/api", h.EdgeStacksHandler).ServeHTTP(w, r)
-	case strings.HasPrefix(r.URL.Path, "/api/edge_groups"):
-		http.StripPrefix("/api", h.EdgeGroupsHandler).ServeHTTP(w, r)
-	case strings.HasPrefix(r.URL.Path, "/api/edge_templates"):
-		http.StripPrefix("/api", h.EdgeTemplatesHandler).ServeHTTP(w, r)
 	case strings.HasPrefix(r.URL.Path, "/api/endpoint_groups"):
 		http.StripPrefix("/api", h.EndpointGroupHandler).ServeHTTP(w, r)
 	case strings.HasPrefix(r.URL.Path, "/api/endpoints"):
@@ -92,8 +78,6 @@ func (h *Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 			http.StripPrefix("/api/endpoints", h.EndpointProxyHandler).ServeHTTP(w, r)
 		case strings.Contains(r.URL.Path, "/azure/"):
 			http.StripPrefix("/api/endpoints", h.EndpointProxyHandler).ServeHTTP(w, r)
-		case strings.Contains(r.URL.Path, "/edge/"):
-			http.StripPrefix("/api/endpoints", h.EndpointEdgeHandler).ServeHTTP(w, r)
 		default:
 			http.StripPrefix("/api", h.EndpointHandler).ServeHTTP(w, r)
 		}
--- a/api/http/handler/settings/settings_public.go
+++ b/api/http/handler/settings/settings_public.go
@@ -6,23 +6,18 @@ import (

 	httperror "github.com/portainer/libhttp/error"
 	"github.com/portainer/libhttp/response"
-	portainer "github.com/portainer/portainer/api"
+	"github.com/portainer/portainer/api"
 )

 type publicSettingsResponse struct {
-	LogoURL                                   string                         `json:"LogoURL"`
-	AuthenticationMethod                      portainer.AuthenticationMethod `json:"AuthenticationMethod"`
-	AllowBindMountsForRegularUsers            bool                           `json:"AllowBindMountsForRegularUsers"`
-	AllowPrivilegedModeForRegularUsers        bool                           `json:"AllowPrivilegedModeForRegularUsers"`
-	AllowVolumeBrowserForRegularUsers         bool                           `json:"AllowVolumeBrowserForRegularUsers"`
-	EnableHostManagementFeatures              bool                           `json:"EnableHostManagementFeatures"`
-	EnableEdgeComputeFeatures                 bool                           `json:"EnableEdgeComputeFeatures"`
-	ExternalTemplates                         bool                           `json:"ExternalTemplates"`
-	OAuthLoginURI                             string                         `json:"OAuthLoginURI"`
-	AllowStackManagementForRegularUsers       bool                           `json:"AllowStackManagementForRegularUsers"`
-	AllowHostNamespaceForRegularUsers         bool                           `json:"AllowHostNamespaceForRegularUsers"`
-	AllowDeviceMappingForRegularUsers         bool                           `json:"AllowDeviceMappingForRegularUsers"`
-	AllowContainerCapabilitiesForRegularUsers bool                           `json:"AllowContainerCapabilitiesForRegularUsers"`
+	LogoURL                            string                         `json:"LogoURL"`
+	AuthenticationMethod               portainer.AuthenticationMethod `json:"AuthenticationMethod"`
+	AllowBindMountsForRegularUsers     bool                           `json:"AllowBindMountsForRegularUsers"`
+	AllowPrivilegedModeForRegularUsers bool                           `json:"AllowPrivilegedModeForRegularUsers"`
+	AllowVolumeBrowserForRegularUsers  bool                           `json:"AllowVolumeBrowserForRegularUsers"`
+	EnableHostManagementFeatures       bool                           `json:"EnableHostManagementFeatures"`
+	ExternalTemplates                  bool                           `json:"ExternalTemplates"`
+	OAuthLoginURI                      string                         `json:"OAuthLoginURI"`
 }

 // GET request on /api/settings/public
@@ -33,23 +28,18 @@ func (handler *Handler) settingsPublic(w http.ResponseWriter, r *http.Request) *
 	}

 	publicSettings := &publicSettingsResponse{
-		LogoURL:                                   settings.LogoURL,
-		AuthenticationMethod:                      settings.AuthenticationMethod,
-		AllowBindMountsForRegularUsers:            settings.AllowBindMountsForRegularUsers,
-		AllowPrivilegedModeForRegularUsers:        settings.AllowPrivilegedModeForRegularUsers,
-		AllowVolumeBrowserForRegularUsers:         settings.AllowVolumeBrowserForRegularUsers,
-		EnableHostManagementFeatures:              settings.EnableHostManagementFeatures,
-		EnableEdgeComputeFeatures:                 settings.EnableEdgeComputeFeatures,
-		AllowHostNamespaceForRegularUsers:         settings.AllowHostNamespaceForRegularUsers,
-		AllowStackManagementForRegularUsers:       settings.AllowStackManagementForRegularUsers,
-		ExternalTemplates:                         false,
-		AllowContainerCapabilitiesForRegularUsers: settings.AllowContainerCapabilitiesForRegularUsers,
+		LogoURL:                            settings.LogoURL,
+		AuthenticationMethod:               settings.AuthenticationMethod,
+		AllowBindMountsForRegularUsers:     settings.AllowBindMountsForRegularUsers,
+		AllowPrivilegedModeForRegularUsers: settings.AllowPrivilegedModeForRegularUsers,
+		AllowVolumeBrowserForRegularUsers:  settings.AllowVolumeBrowserForRegularUsers,
+		EnableHostManagementFeatures:       settings.EnableHostManagementFeatures,
+		ExternalTemplates:                  false,
 		OAuthLoginURI: fmt.Sprintf("%s?response_type=code&client_id=%s&redirect_uri=%s&scope=%s&prompt=login",
 			settings.OAuthSettings.AuthorizationURI,
 			settings.OAuthSettings.ClientID,
 			settings.OAuthSettings.RedirectURI,
 			settings.OAuthSettings.Scopes),
-		AllowDeviceMappingForRegularUsers: settings.AllowDeviceMappingForRegularUsers,
 	}

 	if settings.TemplatesURL != "" {
--- a/api/http/handler/settings/settings_update.go
+++ b/api/http/handler/settings/settings_update.go
@@ -7,28 +7,23 @@ import (
 	httperror "github.com/portainer/libhttp/error"
 	"github.com/portainer/libhttp/request"
 	"github.com/portainer/libhttp/response"
-	portainer "github.com/portainer/portainer/api"
+	"github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/filesystem"
 )

 type settingsUpdatePayload struct {
-	LogoURL                                   *string
-	BlackListedLabels                         []portainer.Pair
-	AuthenticationMethod                      *int
-	LDAPSettings                              *portainer.LDAPSettings
-	OAuthSettings                             *portainer.OAuthSettings
-	AllowBindMountsForRegularUsers            *bool
-	AllowPrivilegedModeForRegularUsers        *bool
-	AllowVolumeBrowserForRegularUsers         *bool
-	EnableHostManagementFeatures              *bool
-	SnapshotInterval                          *string
-	TemplatesURL                              *string
-	EdgeAgentCheckinInterval                  *int
-	EnableEdgeComputeFeatures                 *bool
-	AllowStackManagementForRegularUsers       *bool
-	AllowHostNamespaceForRegularUsers         *bool
-	AllowDeviceMappingForRegularUsers         *bool
-	AllowContainerCapabilitiesForRegularUsers *bool
+	LogoURL                            *string
+	BlackListedLabels                  []portainer.Pair
+	AuthenticationMethod               *int
+	LDAPSettings                       *portainer.LDAPSettings
+	OAuthSettings                      *portainer.OAuthSettings
+	AllowBindMountsForRegularUsers     *bool
+	AllowPrivilegedModeForRegularUsers *bool
+	AllowVolumeBrowserForRegularUsers  *bool
+	EnableHostManagementFeatures       *bool
+	SnapshotInterval                   *string
+	TemplatesURL                       *string
+	EdgeAgentCheckinInterval           *int
 }

 func (payload *settingsUpdatePayload) Validate(r *http.Request) error {
@@ -114,22 +109,6 @@ func (handler *Handler) settingsUpdate(w http.ResponseWriter, r *http.Request) *
 		settings.EnableHostManagementFeatures = *payload.EnableHostManagementFeatures
 	}

-	if payload.EnableEdgeComputeFeatures != nil {
-		settings.EnableEdgeComputeFeatures = *payload.EnableEdgeComputeFeatures
-	}
-
-	if payload.AllowStackManagementForRegularUsers != nil {
-		settings.AllowStackManagementForRegularUsers = *payload.AllowStackManagementForRegularUsers
-	}
-
-	if payload.AllowHostNamespaceForRegularUsers != nil {
-		settings.AllowHostNamespaceForRegularUsers = *payload.AllowHostNamespaceForRegularUsers
-	}
-
-	if payload.AllowContainerCapabilitiesForRegularUsers != nil {
-		settings.AllowContainerCapabilitiesForRegularUsers = *payload.AllowContainerCapabilitiesForRegularUsers
-	}
-
 	if payload.SnapshotInterval != nil && *payload.SnapshotInterval != settings.SnapshotInterval {
 		err := handler.updateSnapshotInterval(settings, *payload.SnapshotInterval)
 		if err != nil {
@@ -141,10 +120,6 @@ func (handler *Handler) settingsUpdate(w http.ResponseWriter, r *http.Request) *
 		settings.EdgeAgentCheckinInterval = *payload.EdgeAgentCheckinInterval
 	}

-	if payload.AllowDeviceMappingForRegularUsers != nil {
-		settings.AllowDeviceMappingForRegularUsers = *payload.AllowDeviceMappingForRegularUsers
-	}
-
 	tlsError := handler.updateTLS(settings)
 	if tlsError != nil {
 		return tlsError
--- a/api/http/handler/stacks/create_compose_stack.go
+++ b/api/http/handler/stacks/create_compose_stack.go
@@ -1,6 +1,7 @@
 package stacks

 import (
+	"errors"
 	"net/http"
 	"path"
 	"regexp"
@@ -10,7 +11,7 @@ import (
 	"github.com/asaskevich/govalidator"
 	httperror "github.com/portainer/libhttp/error"
 	"github.com/portainer/libhttp/request"
-	portainer "github.com/portainer/portainer/api"
+	"github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/filesystem"
 	"github.com/portainer/portainer/api/http/security"
 )
@@ -282,7 +283,6 @@ type composeStackDeploymentConfig struct {
 	dockerhub  *portainer.DockerHub
 	registries []portainer.Registry
 	isAdmin    bool
-	user       *portainer.User
 }

 func (handler *Handler) createComposeDeployConfig(r *http.Request, stack *portainer.Stack, endpoint *portainer.Endpoint) (*composeStackDeploymentConfig, *httperror.HandlerError) {
@@ -302,21 +302,12 @@ func (handler *Handler) createComposeDeployConfig(r *http.Request, stack *portai
 	}
 	filteredRegistries := security.FilterRegistries(registries, securityContext)

-	var user *portainer.User
-	if !handler.authDisabled {
-		user, err = handler.UserService.User(securityContext.UserID)
-		if err != nil {
-			return nil, &httperror.HandlerError{http.StatusInternalServerError, "Unable to load user information from the database", err}
-		}
-	}
-
 	config := &composeStackDeploymentConfig{
 		stack:      stack,
 		endpoint:   endpoint,
 		dockerhub:  dockerhub,
 		registries: filteredRegistries,
 		isAdmin:    securityContext.IsAdmin,
-		user:       user,
 	}

 	return config, nil
@@ -333,29 +324,20 @@ func (handler *Handler) deployComposeStack(config *composeStackDeploymentConfig)
 		return err
 	}

-	if !handler.authDisabled {
-		isAdminOrEndpointAdmin, err := handler.userIsAdminOrEndpointAdmin(config.user, config.endpoint.ID)
+	if !settings.AllowBindMountsForRegularUsers && !config.isAdmin {
+		composeFilePath := path.Join(config.stack.ProjectPath, config.stack.EntryPoint)
+
+		stackContent, err := handler.FileService.GetFileContent(composeFilePath)
 		if err != nil {
 			return err
 		}

-		if (!settings.AllowBindMountsForRegularUsers ||
-			!settings.AllowPrivilegedModeForRegularUsers ||
-			!settings.AllowHostNamespaceForRegularUsers ||
-			!settings.AllowDeviceMappingForRegularUsers ||
-			!settings.AllowContainerCapabilitiesForRegularUsers) && !isAdminOrEndpointAdmin {
-
-			composeFilePath := path.Join(config.stack.ProjectPath, config.stack.EntryPoint)
-
-			stackContent, err := handler.FileService.GetFileContent(composeFilePath)
-			if err != nil {
-				return err
-			}
-
-			err = handler.isValidStackFile(stackContent, settings)
-			if err != nil {
-				return err
-			}
+		valid, err := handler.isValidStackFile(stackContent)
+		if err != nil {
+			return err
+		}
+		if !valid {
+			return errors.New("bind-mount disabled for non administrator users")
 		}
 	}

--- a/api/http/handler/stacks/create_swarm_stack.go
+++ b/api/http/handler/stacks/create_swarm_stack.go
@@ -1,6 +1,7 @@
 package stacks

 import (
+	"errors"
 	"net/http"
 	"path"
 	"strconv"
@@ -9,7 +10,7 @@ import (
 	"github.com/asaskevich/govalidator"
 	httperror "github.com/portainer/libhttp/error"
 	"github.com/portainer/libhttp/request"
-	portainer "github.com/portainer/portainer/api"
+	"github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/filesystem"
 	"github.com/portainer/portainer/api/http/security"
 )
@@ -291,7 +292,6 @@ type swarmStackDeploymentConfig struct {
 	registries []portainer.Registry
 	prune      bool
 	isAdmin    bool
-	user       *portainer.User
 }

 func (handler *Handler) createSwarmDeployConfig(r *http.Request, stack *portainer.Stack, endpoint *portainer.Endpoint, prune bool) (*swarmStackDeploymentConfig, *httperror.HandlerError) {
@@ -311,14 +311,6 @@ func (handler *Handler) createSwarmDeployConfig(r *http.Request, stack *portaine
 	}
 	filteredRegistries := security.FilterRegistries(registries, securityContext)

-	var user *portainer.User
-	if !handler.authDisabled {
-		user, err = handler.UserService.User(securityContext.UserID)
-		if err != nil {
-			return nil, &httperror.HandlerError{http.StatusInternalServerError, "Unable to load user information from the database", err}
-		}
-	}
-
 	config := &swarmStackDeploymentConfig{
 		stack:      stack,
 		endpoint:   endpoint,
@@ -326,7 +318,6 @@ func (handler *Handler) createSwarmDeployConfig(r *http.Request, stack *portaine
 		registries: filteredRegistries,
 		prune:      prune,
 		isAdmin:    securityContext.IsAdmin,
-		user:       user,
 	}

 	return config, nil
@@ -338,25 +329,20 @@ func (handler *Handler) deploySwarmStack(config *swarmStackDeploymentConfig) err
 		return err
 	}

-	if !handler.authDisabled {
-		isAdminOrEndpointAdmin, err := handler.userIsAdminOrEndpointAdmin(config.user, config.endpoint.ID)
+	if !settings.AllowBindMountsForRegularUsers && !config.isAdmin {
+		composeFilePath := path.Join(config.stack.ProjectPath, config.stack.EntryPoint)
+
+		stackContent, err := handler.FileService.GetFileContent(composeFilePath)
 		if err != nil {
 			return err
 		}

-		if !settings.AllowBindMountsForRegularUsers && !isAdminOrEndpointAdmin {
-
-			composeFilePath := path.Join(config.stack.ProjectPath, config.stack.EntryPoint)
-
-			stackContent, err := handler.FileService.GetFileContent(composeFilePath)
-			if err != nil {
-				return err
-			}
-
-			err = handler.isValidStackFile(stackContent, settings)
-			if err != nil {
-				return err
-			}
+		valid, err := handler.isValidStackFile(stackContent)
+		if err != nil {
+			return err
+		}
+		if !valid {
+			return errors.New("bind-mount disabled for non administrator users")
 		}
 	}

--- a/api/http/handler/stacks/handler.go
+++ b/api/http/handler/stacks/handler.go
@@ -1,13 +1,12 @@
 package stacks

 import (
-	"errors"
 	"net/http"
 	"sync"

 	"github.com/gorilla/mux"
 	httperror "github.com/portainer/libhttp/error"
-	portainer "github.com/portainer/portainer/api"
+	"github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/http/security"
 )

@@ -16,8 +15,6 @@ type Handler struct {
 	stackCreationMutex *sync.Mutex
 	stackDeletionMutex *sync.Mutex
 	requestBouncer     *security.RequestBouncer
-	authDisabled       bool
-
 	*mux.Router
 	FileService            portainer.FileService
 	GitService             portainer.GitService
@@ -34,10 +31,9 @@ type Handler struct {
 }

 // NewHandler creates a handler to manage stack operations.
-func NewHandler(bouncer *security.RequestBouncer, authDisabled bool) *Handler {
+func NewHandler(bouncer *security.RequestBouncer) *Handler {
 	h := &Handler{
 		Router:             mux.NewRouter(),
-		authDisabled:       authDisabled,
 		stackCreationMutex: &sync.Mutex{},
 		stackDeletionMutex: &sync.Mutex{},
 		requestBouncer:     bouncer,
@@ -60,7 +56,7 @@ func NewHandler(bouncer *security.RequestBouncer, authDisabled bool) *Handler {
 }

 func (handler *Handler) userCanAccessStack(securityContext *security.RestrictedRequestContext, endpointID portainer.EndpointID, resourceControl *portainer.ResourceControl) (bool, error) {
-	if securityContext.IsAdmin || handler.authDisabled {
+	if securityContext.IsAdmin {
 		return true, nil
 	}

@@ -91,54 +87,3 @@ func (handler *Handler) userCanAccessStack(securityContext *security.RestrictedR
 	}
 	return false, nil
 }
-
-func (handler *Handler) userCanCreateStack(securityContext *security.RestrictedRequestContext, endpointID portainer.EndpointID) (bool, error) {
-	if securityContext.IsAdmin || handler.authDisabled {
-		return true, nil
-	}
-
-	_, err := handler.ExtensionService.Extension(portainer.RBACExtension)
-	if err == portainer.ErrObjectNotFound {
-		return false, nil
-	} else if err != nil && err != portainer.ErrObjectNotFound {
-		return false, err
-	}
-
-	user, err := handler.UserService.User(securityContext.UserID)
-	if err != nil {
-		return false, err
-	}
-
-	_, ok := user.EndpointAuthorizations[endpointID][portainer.EndpointResourcesAccess]
-	if ok {
-		return true, nil
-	}
-	return false, nil
-}
-
-func (handler *Handler) userIsAdminOrEndpointAdmin(user *portainer.User, endpointID portainer.EndpointID) (bool, error) {
-	isAdmin := user.Role == portainer.AdministratorRole
-
-	rbacExtension, err := handler.ExtensionService.Extension(portainer.RBACExtension)
-	if err != nil && err != portainer.ErrObjectNotFound {
-		return false, errors.New("Unable to verify if RBAC extension is loaded")
-	}
-
-	endpointResourceAccess := false
-	_, ok := user.EndpointAuthorizations[portainer.EndpointID(endpointID)][portainer.EndpointResourcesAccess]
-	if ok {
-		endpointResourceAccess = true
-	}
-
-	if rbacExtension != nil {
-		if isAdmin || endpointResourceAccess {
-			return true, nil
-		}
-	} else {
-		if isAdmin {
-			return true, nil
-		}
-	}
-
-	return false, nil
-}
--- a/api/http/handler/stacks/stack_create.go
+++ b/api/http/handler/stacks/stack_create.go
@@ -10,7 +10,7 @@ import (
 	httperror "github.com/portainer/libhttp/error"
 	"github.com/portainer/libhttp/request"
 	"github.com/portainer/libhttp/response"
-	portainer "github.com/portainer/portainer/api"
+	"github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/http/security"
 )

@@ -43,29 +43,6 @@ func (handler *Handler) stackCreate(w http.ResponseWriter, r *http.Request) *htt
 		return &httperror.HandlerError{http.StatusBadRequest, "Invalid query parameter: endpointId", err}
 	}

-	settings, err := handler.SettingsService.Settings()
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve settings from the database", err}
-	}
-
-	if !settings.AllowStackManagementForRegularUsers {
-		securityContext, err := security.RetrieveRestrictedRequestContext(r)
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve user info from request context", err}
-		}
-
-		canCreate, err := handler.userCanCreateStack(securityContext, portainer.EndpointID(endpointID))
-
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to verify user authorizations to validate stack creation", err}
-		}
-
-		if !canCreate {
-			errMsg := "Stack creation is disabled for non-admin users"
-			return &httperror.HandlerError{http.StatusForbidden, errMsg, errors.New(errMsg)}
-		}
-	}
-
 	endpoint, err := handler.EndpointService.Endpoint(portainer.EndpointID(endpointID))
 	if err == portainer.ErrObjectNotFound {
 		return &httperror.HandlerError{http.StatusNotFound, "Unable to find an endpoint with the specified identifier inside the database", err}
@@ -120,10 +97,10 @@ func (handler *Handler) createSwarmStack(w http.ResponseWriter, r *http.Request,
 	return &httperror.HandlerError{http.StatusBadRequest, "Invalid value for query parameter: method. Value must be one of: string, repository or file", errors.New(request.ErrInvalidQueryParameter)}
 }

-func (handler *Handler) isValidStackFile(stackFileContent []byte, settings *portainer.Settings) error {
+func (handler *Handler) isValidStackFile(stackFileContent []byte) (bool, error) {
 	composeConfigYAML, err := loader.ParseYAML(stackFileContent)
 	if err != nil {
-		return err
+		return false, err
 	}

 	composeConfigFile := types.ConfigFile{
@@ -140,37 +117,19 @@ func (handler *Handler) isValidStackFile(stackFileContent []byte, settings *port
 		options.SkipInterpolation = true
 	})
 	if err != nil {
-		return err
+		return false, err
 	}

 	for key := range composeConfig.Services {
 		service := composeConfig.Services[key]
-		if !settings.AllowBindMountsForRegularUsers {
-			for _, volume := range service.Volumes {
-				if volume.Type == "bind" {
-					return errors.New("bind-mount disabled for non administrator users")
-				}
+		for _, volume := range service.Volumes {
+			if volume.Type == "bind" {
+				return false, nil
 			}
 		}
-
-		if !settings.AllowPrivilegedModeForRegularUsers && service.Privileged == true {
-			return errors.New("privileged mode disabled for non administrator users")
-		}
-
-		if !settings.AllowHostNamespaceForRegularUsers && service.Pid == "host" {
-			return errors.New("pid host disabled for non administrator users")
-		}
-
-		if !settings.AllowDeviceMappingForRegularUsers && service.Devices != nil && len(service.Devices) > 0 {
-			return errors.New("device mapping disabled for non administrator users")
-		}
-
-		if !settings.AllowContainerCapabilitiesForRegularUsers && (len(service.CapAdd) > 0 || len(service.CapDrop) > 0) {
-			return errors.New("container capabilities disabled for non administrator users")
-		}
 	}

-	return nil
+	return true, nil
 }

 func (handler *Handler) decorateStackResponse(w http.ResponseWriter, stack *portainer.Stack, userID portainer.UserID) *httperror.HandlerError {
--- a/api/http/handler/stacks/stack_delete.go
+++ b/api/http/handler/stacks/stack_delete.go
@@ -9,7 +9,7 @@ import (
 	httperror "github.com/portainer/libhttp/error"
 	"github.com/portainer/libhttp/request"
 	"github.com/portainer/libhttp/response"
-	portainer "github.com/portainer/portainer/api"
+	"github.com/portainer/portainer/api"
 )

 // DELETE request on /api/stacks/:id?external=<external>&endpointId=<endpointId>
@@ -21,14 +21,9 @@ func (handler *Handler) stackDelete(w http.ResponseWriter, r *http.Request) *htt
 		return &httperror.HandlerError{http.StatusBadRequest, "Invalid stack identifier route variable", err}
 	}

-	securityContext, err := security.RetrieveRestrictedRequestContext(r)
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve info from request context", err}
-	}
-
 	externalStack, _ := request.RetrieveBooleanQueryParameter(r, "external", true)
 	if externalStack {
-		return handler.deleteExternalStack(r, w, stackID, securityContext)
+		return handler.deleteExternalStack(r, w, stackID)
 	}

 	id, err := strconv.Atoi(stackID)
@@ -73,6 +68,11 @@ func (handler *Handler) stackDelete(w http.ResponseWriter, r *http.Request) *htt
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve a resource control associated to the stack", err}
 	}

+	securityContext, err := security.RetrieveRestrictedRequestContext(r)
+	if err != nil {
+		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve info from request context", err}
+	}
+
 	access, err := handler.userCanAccessStack(securityContext, endpoint.ID, resourceControl)
 	if err != nil {
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to verify user authorizations to validate stack access", err}
@@ -106,38 +106,7 @@ func (handler *Handler) stackDelete(w http.ResponseWriter, r *http.Request) *htt
 	return response.Empty(w)
 }

-func (handler *Handler) deleteExternalStack(r *http.Request, w http.ResponseWriter, stackName string, securityContext *security.RestrictedRequestContext) *httperror.HandlerError {
-	endpointID, err := request.RetrieveNumericQueryParameter(r, "endpointId", false)
-	if err != nil {
-		return &httperror.HandlerError{http.StatusBadRequest, "Invalid query parameter: endpointId", err}
-	}
-
-	user, err := handler.UserService.User(securityContext.UserID)
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to load user information from the database", err}
-	}
-
-	rbacExtension, err := handler.ExtensionService.Extension(portainer.RBACExtension)
-	if err != nil && err != portainer.ErrObjectNotFound {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to verify if RBAC extension is loaded", err}
-	}
-
-	endpointResourceAccess := false
-	_, ok := user.EndpointAuthorizations[portainer.EndpointID(endpointID)][portainer.EndpointResourcesAccess]
-	if ok {
-		endpointResourceAccess = true
-	}
-
-	if rbacExtension != nil {
-		if !securityContext.IsAdmin && !endpointResourceAccess {
-			return &httperror.HandlerError{http.StatusUnauthorized, "Permission denied to delete the stack", portainer.ErrUnauthorized}
-		}
-	} else {
-		if !securityContext.IsAdmin {
-			return &httperror.HandlerError{http.StatusUnauthorized, "Permission denied to delete the stack", portainer.ErrUnauthorized}
-		}
-	}
-
+func (handler *Handler) deleteExternalStack(r *http.Request, w http.ResponseWriter, stackName string) *httperror.HandlerError {
 	stack, err := handler.StackService.StackByName(stackName)
 	if err != nil && err != portainer.ErrObjectNotFound {
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to check for stack existence inside the database", err}
@@ -146,6 +115,11 @@ func (handler *Handler) deleteExternalStack(r *http.Request, w http.ResponseWrit
 		return &httperror.HandlerError{http.StatusBadRequest, "A stack with this name exists inside the database. Cannot use external delete method", portainer.ErrStackNotExternal}
 	}

+	endpointID, err := request.RetrieveNumericQueryParameter(r, "endpointId", false)
+	if err != nil {
+		return &httperror.HandlerError{http.StatusBadRequest, "Invalid query parameter: endpointId", err}
+	}
+
 	endpoint, err := handler.EndpointService.Endpoint(portainer.EndpointID(endpointID))
 	if err == portainer.ErrObjectNotFound {
 		return &httperror.HandlerError{http.StatusNotFound, "Unable to find the endpoint associated to the stack inside the database", err}
--- a/api/http/handler/tags/handler.go
+++ b/api/http/handler/tags/handler.go
@@ -12,12 +12,7 @@ import (
 // Handler is the HTTP handler used to handle tag operations.
 type Handler struct {
 	*mux.Router
-	TagService              portainer.TagService
-	EdgeGroupService        portainer.EdgeGroupService
-	EdgeStackService        portainer.EdgeStackService
-	EndpointService         portainer.EndpointService
-	EndpointGroupService    portainer.EndpointGroupService
-	EndpointRelationService portainer.EndpointRelationService
+	TagService portainer.TagService
 }

 // NewHandler creates a handler to manage tag operations.
@@ -28,7 +23,7 @@ func NewHandler(bouncer *security.RequestBouncer) *Handler {
 	h.Handle("/tags",
 		bouncer.AdminAccess(httperror.LoggerHandler(h.tagCreate))).Methods(http.MethodPost)
 	h.Handle("/tags",
-		bouncer.AuthenticatedAccess(httperror.LoggerHandler(h.tagList))).Methods(http.MethodGet)
+		bouncer.AdminAccess(httperror.LoggerHandler(h.tagList))).Methods(http.MethodGet)
 	h.Handle("/tags/{id}",
 		bouncer.AdminAccess(httperror.LoggerHandler(h.tagDelete))).Methods(http.MethodDelete)

--- a/api/http/handler/tags/tag_create.go
+++ b/api/http/handler/tags/tag_create.go
@@ -41,9 +41,7 @@ func (handler *Handler) tagCreate(w http.ResponseWriter, r *http.Request) *httpe
 	}

 	tag := &portainer.Tag{
-		Name:           payload.Name,
-		EndpointGroups: map[portainer.EndpointGroupID]bool{},
-		Endpoints:      map[portainer.EndpointID]bool{},
+		Name: payload.Name,
 	}

 	err = handler.TagService.CreateTag(tag)
--- a/api/http/handler/tags/tag_delete.go
+++ b/api/http/handler/tags/tag_delete.go
@@ -15,126 +15,11 @@ func (handler *Handler) tagDelete(w http.ResponseWriter, r *http.Request) *httpe
 	if err != nil {
 		return &httperror.HandlerError{http.StatusBadRequest, "Invalid tag identifier route variable", err}
 	}
-	tagID := portainer.TagID(id)

-	tag, err := handler.TagService.Tag(tagID)
-	if err == portainer.ErrObjectNotFound {
-		return &httperror.HandlerError{http.StatusNotFound, "Unable to find a tag with the specified identifier inside the database", err}
-	} else if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find a tag with the specified identifier inside the database", err}
-	}
-
-	for endpointID := range tag.Endpoints {
-		endpoint, err := handler.EndpointService.Endpoint(endpointID)
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve endpoint from the database", err}
-		}
-
-		tagIdx := findTagIndex(endpoint.TagIDs, tagID)
-		if tagIdx != -1 {
-			endpoint.TagIDs = removeElement(endpoint.TagIDs, tagIdx)
-			err = handler.EndpointService.UpdateEndpoint(endpoint.ID, endpoint)
-			if err != nil {
-				return &httperror.HandlerError{http.StatusInternalServerError, "Unable to update endpoint", err}
-			}
-		}
-	}
-
-	for endpointGroupID := range tag.EndpointGroups {
-		endpointGroup, err := handler.EndpointGroupService.EndpointGroup(endpointGroupID)
-		if err != nil {
-			return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve endpoint group from the database", err}
-		}
-
-		tagIdx := findTagIndex(endpointGroup.TagIDs, tagID)
-		if tagIdx != -1 {
-			endpointGroup.TagIDs = removeElement(endpointGroup.TagIDs, tagIdx)
-			err = handler.EndpointGroupService.UpdateEndpointGroup(endpointGroup.ID, endpointGroup)
-			if err != nil {
-				return &httperror.HandlerError{http.StatusInternalServerError, "Unable to update endpoint group", err}
-			}
-		}
-	}
-
-	endpoints, err := handler.EndpointService.Endpoints()
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve endpoints from the database", err}
-	}
-
-	edgeGroups, err := handler.EdgeGroupService.EdgeGroups()
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve edge groups from the database", err}
-	}
-
-	edgeStacks, err := handler.EdgeStackService.EdgeStacks()
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve edge stacks from the database", err}
-	}
-
-	for _, endpoint := range endpoints {
-		if (tag.Endpoints[endpoint.ID] || tag.EndpointGroups[endpoint.GroupID]) && endpoint.Type == portainer.EdgeAgentEnvironment {
-			err = handler.updateEndpointRelations(endpoint, edgeGroups, edgeStacks)
-			if err != nil {
-				return &httperror.HandlerError{http.StatusInternalServerError, "Unable to update endpoint relations in the database", err}
-			}
-		}
-	}
-
-	for idx := range edgeGroups {
-		edgeGroup := &edgeGroups[idx]
-		tagIdx := findTagIndex(edgeGroup.TagIDs, tagID)
-		if tagIdx != -1 {
-			edgeGroup.TagIDs = removeElement(edgeGroup.TagIDs, tagIdx)
-			err = handler.EdgeGroupService.UpdateEdgeGroup(edgeGroup.ID, edgeGroup)
-			if err != nil {
-				return &httperror.HandlerError{http.StatusInternalServerError, "Unable to update endpoint group", err}
-			}
-		}
-	}
-
-	err = handler.TagService.DeleteTag(tagID)
+	err = handler.TagService.DeleteTag(portainer.TagID(id))
 	if err != nil {
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to remove the tag from the database", err}
 	}

 	return response.Empty(w)
 }
-
-func (handler *Handler) updateEndpointRelations(endpoint portainer.Endpoint, edgeGroups []portainer.EdgeGroup, edgeStacks []portainer.EdgeStack) error {
-	endpointRelation, err := handler.EndpointRelationService.EndpointRelation(endpoint.ID)
-	if err != nil {
-		return err
-	}
-
-	endpointGroup, err := handler.EndpointGroupService.EndpointGroup(endpoint.GroupID)
-	if err != nil {
-		return err
-	}
-
-	endpointStacks := portainer.EndpointRelatedEdgeStacks(&endpoint, endpointGroup, edgeGroups, edgeStacks)
-	stacksSet := map[portainer.EdgeStackID]bool{}
-	for _, edgeStackID := range endpointStacks {
-		stacksSet[edgeStackID] = true
-	}
-	endpointRelation.EdgeStacks = stacksSet
-
-	return handler.EndpointRelationService.UpdateEndpointRelation(endpoint.ID, endpointRelation)
-}
-
-func findTagIndex(tags []portainer.TagID, searchTagID portainer.TagID) int {
-	for idx, tagID := range tags {
-		if searchTagID == tagID {
-			return idx
-		}
-	}
-	return -1
-}
-
-func removeElement(arr []portainer.TagID, index int) []portainer.TagID {
-	if index < 0 {
-		return arr
-	}
-	lastTagIdx := len(arr) - 1
-	arr[index] = arr[lastTagIdx]
-	return arr[:lastTagIdx]
-}
--- a/api/http/handler/websocket/proxy.go
+++ b/api/http/handler/websocket/proxy.go
@@ -14,7 +14,7 @@ import (
 func (handler *Handler) proxyEdgeAgentWebsocketRequest(w http.ResponseWriter, r *http.Request, params *webSocketRequestParams) error {
 	tunnel := handler.ReverseTunnelService.GetTunnelDetails(params.endpoint.ID)

-	endpointURL, err := url.Parse(fmt.Sprintf("http://127.0.0.1:%d", tunnel.Port))
+	endpointURL, err := url.Parse(fmt.Sprintf("http://localhost:%d", tunnel.Port))
 	if err != nil {
 		return err
 	}
--- a/api/http/proxy/factory/docker.go
+++ b/api/http/proxy/factory/docker.go
@@ -34,7 +34,7 @@ func (factory *ProxyFactory) newDockerLocalProxy(endpoint *portainer.Endpoint) (
 func (factory *ProxyFactory) newDockerHTTPProxy(endpoint *portainer.Endpoint) (http.Handler, error) {
 	if endpoint.Type == portainer.EdgeAgentEnvironment {
 		tunnel := factory.reverseTunnelService.GetTunnelDetails(endpoint.ID)
-		endpoint.URL = fmt.Sprintf("http://127.0.0.1:%d", tunnel.Port)
+		endpoint.URL = fmt.Sprintf("http://localhost:%d", tunnel.Port)
 	}

 	endpointURL, err := url.Parse(endpoint.URL)
@@ -68,7 +68,6 @@ func (factory *ProxyFactory) newDockerHTTPProxy(endpoint *portainer.Endpoint) (h
 		ExtensionService:       factory.extensionService,
 		SignatureService:       factory.signatureService,
 		DockerClientFactory:    factory.dockerClientFactory,
-		AuthDisabled:           factory.authDisabled,
 	}

 	dockerTransport, err := docker.NewTransport(transportParameters, httpTransport)
--- a/api/http/proxy/factory/docker/access_control.go
+++ b/api/http/proxy/factory/docker/access_control.go
@@ -158,7 +158,7 @@ func (transport *Transport) applyAccessControlOnResource(parameters *resourceOpe
 		return responseutils.RewriteResponse(response, responseObject, http.StatusOK)
 	}

-	if executor.operationContext.isAdmin || executor.operationContext.endpointResourceAccess || (resourceControl != nil && portainer.UserCanAccessResource(executor.operationContext.userID, executor.operationContext.userTeamIDs, resourceControl)) {
+	if executor.operationContext.isAdmin || executor.operationContext.endpointResourceAccess || portainer.UserCanAccessResource(executor.operationContext.userID, executor.operationContext.userTeamIDs, resourceControl) {
 		responseObject = decorateObject(responseObject, resourceControl)
 		return responseutils.RewriteResponse(response, responseObject, http.StatusOK)
 	}
--- a/api/http/proxy/factory/docker/containers.go
+++ b/api/http/proxy/factory/docker/containers.go
@@ -1,17 +1,12 @@
 package docker

 import (
-	"bytes"
 	"context"
-	"encoding/json"
-	"errors"
-	"io/ioutil"
 	"net/http"

 	"github.com/docker/docker/client"
 	portainer "github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/http/proxy/factory/responseutils"
-	"github.com/portainer/portainer/api/http/security"
 )

 const (
@@ -152,88 +147,3 @@ func containerHasBlackListedLabel(containerLabels map[string]interface{}, labelB

 	return false
 }
-
-func (transport *Transport) decorateContainerCreationOperation(request *http.Request, resourceIdentifierAttribute string, resourceType portainer.ResourceControlType) (*http.Response, error) {
-	type PartialContainer struct {
-		HostConfig struct {
-			Privileged bool          `json:"Privileged"`
-			PidMode    string        `json:"PidMode"`
-			Devices    []interface{} `json:"Devices"`
-			CapAdd     []string      `json:"CapAdd"`
-			CapDrop    []string      `json:"CapDrop"`
-			Binds      []string      `json:"Binds"`
-		} `json:"HostConfig"`
-	}
-
-	forbiddenResponse := &http.Response{
-		StatusCode: http.StatusForbidden,
-	}
-
-	tokenData, err := security.RetrieveTokenData(request)
-	if err != nil {
-		return nil, err
-	}
-
-	isAdminOrEndpointAdmin, err := transport.isAdminOrEndpointAdmin(request)
-	if err != nil {
-		return nil, err
-	}
-
-	if !isAdminOrEndpointAdmin {
-		settings, err := transport.settingsService.Settings()
-		if err != nil {
-			return nil, err
-		}
-
-		if !settings.AllowPrivilegedModeForRegularUsers ||
-			!settings.AllowHostNamespaceForRegularUsers ||
-			!settings.AllowDeviceMappingForRegularUsers ||
-			!settings.AllowContainerCapabilitiesForRegularUsers ||
-			!settings.AllowBindMountsForRegularUsers {
-
-			body, err := ioutil.ReadAll(request.Body)
-			if err != nil {
-				return nil, err
-			}
-
-			partialContainer := &PartialContainer{}
-			err = json.Unmarshal(body, partialContainer)
-			if err != nil {
-				return nil, err
-			}
-
-			if !settings.AllowPrivilegedModeForRegularUsers && partialContainer.HostConfig.Privileged {
-				return forbiddenResponse, errors.New("forbidden to use privileged mode")
-			}
-
-			if !settings.AllowHostNamespaceForRegularUsers && partialContainer.HostConfig.PidMode == "host" {
-				return forbiddenResponse, errors.New("forbidden to use pid host namespace")
-			}
-
-			if !settings.AllowDeviceMappingForRegularUsers && len(partialContainer.HostConfig.Devices) > 0 {
-				return nil, errors.New("forbidden to use device mapping")
-			}
-
-			if !settings.AllowContainerCapabilitiesForRegularUsers && (len(partialContainer.HostConfig.CapAdd) > 0 || len(partialContainer.HostConfig.CapDrop) > 0) {
-				return nil, errors.New("forbidden to use container capabilities")
-			}
-
-			if !settings.AllowBindMountsForRegularUsers && (len(partialContainer.HostConfig.Binds) > 0) {
-				return forbiddenResponse, errors.New("forbidden to use bind mounts")
-			}
-
-			request.Body = ioutil.NopCloser(bytes.NewBuffer(body))
-		}
-	}
-
-	response, err := transport.executeDockerRequest(request)
-	if err != nil {
-		return response, err
-	}
-
-	if response.StatusCode == http.StatusCreated {
-		err = transport.decorateGenericResourceCreationResponse(response, resourceIdentifierAttribute, resourceType, tokenData.ID)
-	}
-
-	return response, err
-}
--- a/api/http/proxy/factory/docker/services.go
+++ b/api/http/proxy/factory/docker/services.go
@@ -1,11 +1,7 @@
 package docker

 import (
-	"bytes"
 	"context"
-	"encoding/json"
-	"errors"
-	"io/ioutil"
 	"net/http"

 	"github.com/docker/docker/api/types"
@@ -88,54 +84,3 @@ func selectorServiceLabels(responseObject map[string]interface{}) map[string]int
 	}
 	return nil
 }
-
-func (transport *Transport) decorateServiceCreationOperation(request *http.Request) (*http.Response, error) {
-	type PartialService struct {
-		TaskTemplate struct {
-			ContainerSpec struct {
-				Mounts []struct {
-					Type string
-				}
-			}
-		}
-	}
-
-	forbiddenResponse := &http.Response{
-		StatusCode: http.StatusForbidden,
-	}
-
-	isAdminOrEndpointAdmin, err := transport.isAdminOrEndpointAdmin(request)
-	if err != nil {
-		return nil, err
-	}
-
-	if !isAdminOrEndpointAdmin {
-		settings, err := transport.settingsService.Settings()
-		if err != nil {
-			return nil, err
-		}
-
-		body, err := ioutil.ReadAll(request.Body)
-		if err != nil {
-			return nil, err
-		}
-
-		partialService := &PartialService{}
-		err = json.Unmarshal(body, partialService)
-		if err != nil {
-			return nil, err
-		}
-
-		if !settings.AllowBindMountsForRegularUsers && (len(partialService.TaskTemplate.ContainerSpec.Mounts) > 0) {
-			for _, mount := range partialService.TaskTemplate.ContainerSpec.Mounts {
-				if mount.Type == "bind" {
-					return forbiddenResponse, errors.New("forbidden to use bind mounts")
-				}
-			}
-		}
-
-		request.Body = ioutil.NopCloser(bytes.NewBuffer(body))
-	}
-
-	return transport.replaceRegistryAuthenticationHeader(request)
-}
--- a/api/http/proxy/factory/docker/transport.go
+++ b/api/http/proxy/factory/docker/transport.go
@@ -38,7 +38,6 @@ type (
 		extensionService       portainer.ExtensionService
 		dockerClient           *client.Client
 		dockerClientFactory    *docker.ClientFactory
-		authDisabled           bool
 	}

 	// TransportParameters is used to create a new Transport
@@ -55,7 +54,6 @@ type (
 		ReverseTunnelService   portainer.ReverseTunnelService
 		ExtensionService       portainer.ExtensionService
 		DockerClientFactory    *docker.ClientFactory
-		AuthDisabled           bool
 	}

 	restrictedDockerOperationContext struct {
@@ -96,7 +94,6 @@ func NewTransport(parameters *TransportParameters, httpTransport *http.Transport
 		dockerClientFactory:    parameters.DockerClientFactory,
 		HTTPTransport:          httpTransport,
 		dockerClient:           dockerClient,
-		authDisabled:           parameters.AuthDisabled,
 	}

 	return transport, nil
@@ -174,13 +171,11 @@ func (transport *Transport) proxyAgentRequest(r *http.Request) (*http.Response,

 	switch {
 	case strings.HasPrefix(requestPath, "/browse"):
-		// host file browser request
 		volumeIDParameter, found := r.URL.Query()["volumeID"]
 		if !found || len(volumeIDParameter) < 1 {
 			return transport.administratorOperation(r)
 		}

-		// volume browser request
 		return transport.restrictedResourceOperation(r, volumeIDParameter[0], portainer.VolumeResourceControl, true)
 	}

@@ -212,7 +207,7 @@ func (transport *Transport) proxyConfigRequest(request *http.Request) (*http.Res
 func (transport *Transport) proxyContainerRequest(request *http.Request) (*http.Response, error) {
 	switch requestPath := request.URL.Path; requestPath {
 	case "/containers/create":
-		return transport.decorateContainerCreationOperation(request, containerObjectIdentifier, portainer.ContainerResourceControl)
+		return transport.decorateGenericResourceCreationOperation(request, containerObjectIdentifier, portainer.ContainerResourceControl)

 	case "/containers/prune":
 		return transport.administratorOperation(request)
@@ -248,7 +243,7 @@ func (transport *Transport) proxyContainerRequest(request *http.Request) (*http.
 func (transport *Transport) proxyServiceRequest(request *http.Request) (*http.Response, error) {
 	switch requestPath := request.URL.Path; requestPath {
 	case "/services/create":
-		return transport.decorateServiceCreationOperation(request)
+		return transport.replaceRegistryAuthenticationHeader(request)

 	case "/services":
 		return transport.rewriteOperation(request, transport.serviceListOperation)
@@ -278,7 +273,7 @@ func (transport *Transport) proxyServiceRequest(request *http.Request) (*http.Re
 func (transport *Transport) proxyVolumeRequest(request *http.Request) (*http.Response, error) {
 	switch requestPath := request.URL.Path; requestPath {
 	case "/volumes/create":
-		return transport.decorateVolumeResourceCreationOperation(request, volumeObjectIdentifier, portainer.VolumeResourceControl)
+		return transport.decorateGenericResourceCreationOperation(request, volumeObjectIdentifier, portainer.VolumeResourceControl)

 	case "/volumes/prune":
 		return transport.administratorOperation(request)
@@ -448,16 +443,10 @@ func (transport *Transport) restrictedResourceOperation(request *http.Request, r
 				return nil, err
 			}

-			if !settings.AllowVolumeBrowserForRegularUsers {
-				if rbacExtension == nil {
-					return responseutils.WriteAccessDeniedResponse()
-				}
-
-				// Return access denied for all roles except endpoint-administrator
-				_, userCanBrowse := user.EndpointAuthorizations[transport.endpoint.ID][portainer.OperationDockerAgentBrowseList]
-				if !userCanBrowse {
-					return responseutils.WriteAccessDeniedResponse()
-				}
+			// Return access denied for all roles except endpoint-administrator
+			_, userCanBrowse := user.EndpointAuthorizations[transport.endpoint.ID][portainer.OperationDockerAgentBrowseList]
+			if rbacExtension != nil && !settings.AllowVolumeBrowserForRegularUsers && !userCanBrowse {
+				return responseutils.WriteAccessDeniedResponse()
 			}
 		}

@@ -736,36 +725,3 @@ func (transport *Transport) createOperationContext(request *http.Request) (*rest

 	return operationContext, nil
 }
-
-func (transport *Transport) isAdminOrEndpointAdmin(request *http.Request) (bool, error) {
-	if transport.authDisabled {
-		return true, nil
-	}
-
-	tokenData, err := security.RetrieveTokenData(request)
-	if err != nil {
-		return false, err
-	}
-
-	if tokenData.Role == portainer.AdministratorRole {
-		return true, nil
-	}
-
-	user, err := transport.userService.User(tokenData.ID)
-	if err != nil {
-		return false, err
-	}
-
-	rbacExtension, err := transport.extensionService.Extension(portainer.RBACExtension)
-	if err != nil && err != portainer.ErrObjectNotFound {
-		return false, err
-	}
-
-	if rbacExtension == nil {
-		return false, nil
-	}
-
-	_, endpointResourceAccess := user.EndpointAuthorizations[portainer.EndpointID(transport.endpoint.ID)][portainer.EndpointResourcesAccess]
-
-	return endpointResourceAccess, nil
-}
--- a/api/http/proxy/factory/docker/volumes.go
+++ b/api/http/proxy/factory/docker/volumes.go
@@ -2,14 +2,12 @@ package docker

 import (
 	"context"
-	"errors"
 	"net/http"

 	"github.com/docker/docker/client"

-	portainer "github.com/portainer/portainer/api"
+	"github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/http/proxy/factory/responseutils"
-	"github.com/portainer/portainer/api/http/security"
 )

 const (
@@ -89,40 +87,3 @@ func (transport *Transport) volumeInspectOperation(response *http.Response, exec
 func selectorVolumeLabels(responseObject map[string]interface{}) map[string]interface{} {
 	return responseutils.GetJSONObject(responseObject, "Labels")
 }
-
-func (transport *Transport) decorateVolumeResourceCreationOperation(request *http.Request, resourceIdentifierAttribute string, resourceType portainer.ResourceControlType) (*http.Response, error) {
-	tokenData, err := security.RetrieveTokenData(request)
-	if err != nil {
-		return nil, err
-	}
-
-	volumeID := request.Header.Get("X-Portainer-VolumeName")
-
-	if volumeID != "" {
-		cli := transport.dockerClient
-		agentTargetHeader := request.Header.Get(portainer.PortainerAgentTargetHeader)
-		if agentTargetHeader != "" {
-			dockerClient, err := transport.dockerClientFactory.CreateClient(transport.endpoint, agentTargetHeader)
-			if err != nil {
-				return nil, err
-			}
-			defer dockerClient.Close()
-			cli = dockerClient
-		}
-
-		_, err = cli.VolumeInspect(context.Background(), volumeID)
-		if err == nil {
-			return nil, errors.New("a volume with the same name already exists")
-		}
-	}
-
-	response, err := transport.executeDockerRequest(request)
-	if err != nil {
-		return response, err
-	}
-
-	if response.StatusCode == http.StatusCreated {
-		err = transport.decorateGenericResourceCreationResponse(response, resourceIdentifierAttribute, resourceType, tokenData.ID)
-	}
-	return response, err
-}
--- a/api/http/proxy/factory/docker_unix.go
+++ b/api/http/proxy/factory/docker_unix.go
@@ -24,7 +24,6 @@ func (factory ProxyFactory) newOSBasedLocalProxy(path string, endpoint *portaine
 		ExtensionService:       factory.extensionService,
 		SignatureService:       factory.signatureService,
 		DockerClientFactory:    factory.dockerClientFactory,
-		AuthDisabled:           factory.authDisabled,
 	}

 	proxy := &dockerLocalProxy{}
--- a/api/http/proxy/factory/docker_windows.go
+++ b/api/http/proxy/factory/docker_windows.go
@@ -25,7 +25,6 @@ func (factory ProxyFactory) newOSBasedLocalProxy(path string, endpoint *portaine
 		ExtensionService:       factory.extensionService,
 		SignatureService:       factory.signatureService,
 		DockerClientFactory:    factory.dockerClientFactory,
-		AuthDisabled:           factory.authDisabled,
 	}

 	proxy := &dockerLocalProxy{}
--- a/api/http/proxy/factory/factory.go
+++ b/api/http/proxy/factory/factory.go
@@ -6,7 +6,7 @@ import (
 	"net/http/httputil"
 	"net/url"

-	portainer "github.com/portainer/portainer/api"
+	"github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/docker"
 )

@@ -32,7 +32,6 @@ type (
 		reverseTunnelService   portainer.ReverseTunnelService
 		extensionService       portainer.ExtensionService
 		dockerClientFactory    *docker.ClientFactory
-		authDisabled           bool
 	}

 	// ProxyFactoryParameters is used to create a new ProxyFactory
@@ -48,7 +47,6 @@ type (
 		ReverseTunnelService   portainer.ReverseTunnelService
 		ExtensionService       portainer.ExtensionService
 		DockerClientFactory    *docker.ClientFactory
-		AuthDisabled           bool
 	}
 )

@@ -66,7 +64,6 @@ func NewProxyFactory(parameters *ProxyFactoryParameters) *ProxyFactory {
 		reverseTunnelService:   parameters.ReverseTunnelService,
 		extensionService:       parameters.ExtensionService,
 		dockerClientFactory:    parameters.DockerClientFactory,
-		authDisabled:           parameters.AuthDisabled,
 	}
 }

--- a/api/http/proxy/manager.go
+++ b/api/http/proxy/manager.go
@@ -4,8 +4,8 @@ import (
 	"net/http"
 	"strconv"

-	cmap "github.com/orcaman/concurrent-map"
-	portainer "github.com/portainer/portainer/api"
+	"github.com/orcaman/concurrent-map"
+	"github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/docker"
 	"github.com/portainer/portainer/api/http/proxy/factory"
 )
@@ -34,7 +34,6 @@ type (
 		ReverseTunnelService   portainer.ReverseTunnelService
 		ExtensionService       portainer.ExtensionService
 		DockerClientFactory    *docker.ClientFactory
-		AuthDisabled           bool
 	}
 )

@@ -52,7 +51,6 @@ func NewManager(parameters *ManagerParams) *Manager {
 		ReverseTunnelService:   parameters.ReverseTunnelService,
 		ExtensionService:       parameters.ExtensionService,
 		DockerClientFactory:    parameters.DockerClientFactory,
-		AuthDisabled:           parameters.AuthDisabled,
 	}

 	return &Manager{
--- a/api/http/security/bouncer.go
+++ b/api/http/security/bouncer.go
@@ -1,8 +1,6 @@
 package security

 import (
-	"errors"
-
 	httperror "github.com/portainer/libhttp/error"
 	"github.com/portainer/portainer/api"

@@ -145,24 +143,6 @@ func (bouncer *RequestBouncer) AuthorizedEndpointOperation(r *http.Request, endp
 	return nil
 }

-// AuthorizedEdgeEndpointOperation verifies that the request was received from a valid Edge endpoint
-func (bouncer *RequestBouncer) AuthorizedEdgeEndpointOperation(r *http.Request, endpoint *portainer.Endpoint) error {
-	if endpoint.Type != portainer.EdgeAgentEnvironment {
-		return errors.New("Invalid endpoint type")
-	}
-
-	edgeIdentifier := r.Header.Get(portainer.PortainerAgentEdgeIDHeader)
-	if edgeIdentifier == "" {
-		return errors.New("missing Edge identifier")
-	}
-
-	if endpoint.EdgeID != "" && endpoint.EdgeID != edgeIdentifier {
-		return errors.New("invalid Edge identifier")
-	}
-
-	return nil
-}
-
 func (bouncer *RequestBouncer) checkEndpointOperationAuthorization(r *http.Request, endpoint *portainer.Endpoint) error {
 	tokenData, err := RetrieveTokenData(r)
 	if err != nil {
--- a/api/http/server.go
+++ b/api/http/server.go
@@ -3,16 +3,11 @@ package http
 import (
 	"time"

-	"github.com/portainer/portainer/api/crypto"
-	"github.com/portainer/portainer/api/http/handler/edgegroups"
-	"github.com/portainer/portainer/api/http/handler/edgestacks"
-	"github.com/portainer/portainer/api/http/handler/edgetemplates"
-	"github.com/portainer/portainer/api/http/handler/endpointedge"
 	"github.com/portainer/portainer/api/http/handler/support"

 	"github.com/portainer/portainer/api/http/handler/roles"

-	portainer "github.com/portainer/portainer/api"
+	"github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/docker"
 	"github.com/portainer/portainer/api/http/handler"
 	"github.com/portainer/portainer/api/http/handler/auth"
@@ -46,48 +41,45 @@ import (

 // Server implements the portainer.Server interface
 type Server struct {
-	BindAddress             string
-	AssetsPath              string
-	AuthDisabled            bool
-	EndpointManagement      bool
-	Status                  *portainer.Status
-	ReverseTunnelService    portainer.ReverseTunnelService
-	ExtensionManager        portainer.ExtensionManager
-	ComposeStackManager     portainer.ComposeStackManager
-	CryptoService           portainer.CryptoService
-	SignatureService        portainer.DigitalSignatureService
-	JobScheduler            portainer.JobScheduler
-	Snapshotter             portainer.Snapshotter
-	RoleService             portainer.RoleService
-	DockerHubService        portainer.DockerHubService
-	EdgeGroupService        portainer.EdgeGroupService
-	EdgeStackService        portainer.EdgeStackService
-	EndpointService         portainer.EndpointService
-	EndpointGroupService    portainer.EndpointGroupService
-	EndpointRelationService portainer.EndpointRelationService
-	FileService             portainer.FileService
-	GitService              portainer.GitService
-	JWTService              portainer.JWTService
-	LDAPService             portainer.LDAPService
-	ExtensionService        portainer.ExtensionService
-	RegistryService         portainer.RegistryService
-	ResourceControlService  portainer.ResourceControlService
-	ScheduleService         portainer.ScheduleService
-	SettingsService         portainer.SettingsService
-	StackService            portainer.StackService
-	SwarmStackManager       portainer.SwarmStackManager
-	TagService              portainer.TagService
-	TeamService             portainer.TeamService
-	TeamMembershipService   portainer.TeamMembershipService
-	TemplateService         portainer.TemplateService
-	UserService             portainer.UserService
-	WebhookService          portainer.WebhookService
-	Handler                 *handler.Handler
-	SSL                     bool
-	SSLCert                 string
-	SSLKey                  string
-	DockerClientFactory     *docker.ClientFactory
-	JobService              portainer.JobService
+	BindAddress            string
+	AssetsPath             string
+	AuthDisabled           bool
+	EndpointManagement     bool
+	Status                 *portainer.Status
+	ReverseTunnelService   portainer.ReverseTunnelService
+	ExtensionManager       portainer.ExtensionManager
+	ComposeStackManager    portainer.ComposeStackManager
+	CryptoService          portainer.CryptoService
+	SignatureService       portainer.DigitalSignatureService
+	JobScheduler           portainer.JobScheduler
+	Snapshotter            portainer.Snapshotter
+	RoleService            portainer.RoleService
+	DockerHubService       portainer.DockerHubService
+	EndpointService        portainer.EndpointService
+	EndpointGroupService   portainer.EndpointGroupService
+	FileService            portainer.FileService
+	GitService             portainer.GitService
+	JWTService             portainer.JWTService
+	LDAPService            portainer.LDAPService
+	ExtensionService       portainer.ExtensionService
+	RegistryService        portainer.RegistryService
+	ResourceControlService portainer.ResourceControlService
+	ScheduleService        portainer.ScheduleService
+	SettingsService        portainer.SettingsService
+	StackService           portainer.StackService
+	SwarmStackManager      portainer.SwarmStackManager
+	TagService             portainer.TagService
+	TeamService            portainer.TeamService
+	TeamMembershipService  portainer.TeamMembershipService
+	TemplateService        portainer.TemplateService
+	UserService            portainer.UserService
+	WebhookService         portainer.WebhookService
+	Handler                *handler.Handler
+	SSL                    bool
+	SSLCert                string
+	SSLKey                 string
+	DockerClientFactory    *docker.ClientFactory
+	JobService             portainer.JobService
 }

 // Start starts the HTTP server
@@ -104,7 +96,6 @@ func (server *Server) Start() error {
 		ReverseTunnelService:   server.ReverseTunnelService,
 		ExtensionService:       server.ExtensionService,
 		DockerClientFactory:    server.DockerClientFactory,
-		AuthDisabled:           server.AuthDisabled,
 	}
 	proxyManager := proxy.NewManager(proxyManagerParameters)

@@ -153,54 +144,21 @@ func (server *Server) Start() error {
 	var dockerHubHandler = dockerhub.NewHandler(requestBouncer)
 	dockerHubHandler.DockerHubService = server.DockerHubService

-	var edgeGroupsHandler = edgegroups.NewHandler(requestBouncer)
-	edgeGroupsHandler.EdgeGroupService = server.EdgeGroupService
-	edgeGroupsHandler.EdgeStackService = server.EdgeStackService
-	edgeGroupsHandler.EndpointService = server.EndpointService
-	edgeGroupsHandler.EndpointGroupService = server.EndpointGroupService
-	edgeGroupsHandler.EndpointRelationService = server.EndpointRelationService
-	edgeGroupsHandler.TagService = server.TagService
-
-	var edgeStacksHandler = edgestacks.NewHandler(requestBouncer)
-	edgeStacksHandler.EdgeGroupService = server.EdgeGroupService
-	edgeStacksHandler.EdgeStackService = server.EdgeStackService
-	edgeStacksHandler.EndpointService = server.EndpointService
-	edgeStacksHandler.EndpointGroupService = server.EndpointGroupService
-	edgeStacksHandler.EndpointRelationService = server.EndpointRelationService
-	edgeStacksHandler.FileService = server.FileService
-	edgeStacksHandler.GitService = server.GitService
-
-	var edgeTemplatesHandler = edgetemplates.NewHandler(requestBouncer)
-	edgeTemplatesHandler.SettingsService = server.SettingsService
-
 	var endpointHandler = endpoints.NewHandler(requestBouncer, server.EndpointManagement)
-	endpointHandler.AuthorizationService = authorizationService
-	endpointHandler.EdgeGroupService = server.EdgeGroupService
-	endpointHandler.EdgeStackService = server.EdgeStackService
 	endpointHandler.EndpointService = server.EndpointService
 	endpointHandler.EndpointGroupService = server.EndpointGroupService
-	endpointHandler.EndpointRelationService = server.EndpointRelationService
 	endpointHandler.FileService = server.FileService
-	endpointHandler.JobService = server.JobService
 	endpointHandler.ProxyManager = proxyManager
+	endpointHandler.Snapshotter = server.Snapshotter
+	endpointHandler.JobService = server.JobService
 	endpointHandler.ReverseTunnelService = server.ReverseTunnelService
 	endpointHandler.SettingsService = server.SettingsService
-	endpointHandler.Snapshotter = server.Snapshotter
-	endpointHandler.TagService = server.TagService
-
-	var endpointEdgeHandler = endpointedge.NewHandler(requestBouncer)
-	endpointEdgeHandler.EdgeStackService = server.EdgeStackService
-	endpointEdgeHandler.EndpointService = server.EndpointService
-	endpointEdgeHandler.FileService = server.FileService
+	endpointHandler.AuthorizationService = authorizationService

 	var endpointGroupHandler = endpointgroups.NewHandler(requestBouncer)
-	endpointGroupHandler.AuthorizationService = authorizationService
-	endpointGroupHandler.EdgeGroupService = server.EdgeGroupService
-	endpointGroupHandler.EdgeStackService = server.EdgeStackService
-	endpointGroupHandler.EndpointService = server.EndpointService
 	endpointGroupHandler.EndpointGroupService = server.EndpointGroupService
-	endpointGroupHandler.EndpointRelationService = server.EndpointRelationService
-	endpointGroupHandler.TagService = server.TagService
+	endpointGroupHandler.EndpointService = server.EndpointService
+	endpointGroupHandler.AuthorizationService = authorizationService

 	var endpointProxyHandler = endpointproxy.NewHandler(requestBouncer)
 	endpointProxyHandler.EndpointService = server.EndpointService
@@ -248,7 +206,7 @@ func (server *Server) Start() error {
 	settingsHandler.ExtensionService = server.ExtensionService
 	settingsHandler.AuthorizationService = authorizationService

-	var stackHandler = stacks.NewHandler(requestBouncer, server.AuthDisabled)
+	var stackHandler = stacks.NewHandler(requestBouncer)
 	stackHandler.FileService = server.FileService
 	stackHandler.StackService = server.StackService
 	stackHandler.EndpointService = server.EndpointService
@@ -263,11 +221,6 @@ func (server *Server) Start() error {
 	stackHandler.ExtensionService = server.ExtensionService

 	var tagHandler = tags.NewHandler(requestBouncer)
-	tagHandler.EdgeGroupService = server.EdgeGroupService
-	tagHandler.EdgeStackService = server.EdgeStackService
-	tagHandler.EndpointService = server.EndpointService
-	tagHandler.EndpointGroupService = server.EndpointGroupService
-	tagHandler.EndpointRelationService = server.EndpointRelationService
 	tagHandler.TagService = server.TagService

 	var teamHandler = teams.NewHandler(requestBouncer)
@@ -313,12 +266,8 @@ func (server *Server) Start() error {
 		RoleHandler:            roleHandler,
 		AuthHandler:            authHandler,
 		DockerHubHandler:       dockerHubHandler,
-		EdgeGroupsHandler:      edgeGroupsHandler,
-		EdgeStacksHandler:      edgeStacksHandler,
-		EdgeTemplatesHandler:   edgeTemplatesHandler,
 		EndpointGroupHandler:   endpointGroupHandler,
 		EndpointHandler:        endpointHandler,
-		EndpointEdgeHandler:    endpointEdgeHandler,
 		EndpointProxyHandler:   endpointProxyHandler,
 		FileHandler:            fileHandler,
 		MOTDHandler:            motdHandler,
@@ -340,14 +289,8 @@ func (server *Server) Start() error {
 		SchedulesHanlder:       schedulesHandler,
 	}

-	httpServer := &http.Server{
-		Addr:    server.BindAddress,
-		Handler: server.Handler,
-	}
-
 	if server.SSL {
-		httpServer.TLSConfig = crypto.CreateServerTLSConfiguration()
-		return httpServer.ListenAndServeTLS(server.SSLCert, server.SSLKey)
+		return http.ListenAndServeTLS(server.BindAddress, server.SSLCert, server.SSLKey, server.Handler)
 	}
-	return httpServer.ListenAndServe()
+	return http.ListenAndServe(server.BindAddress, server.Handler)
 }
--- a/api/ldap/ldap.go
+++ b/api/ldap/ldap.go
@@ -4,7 +4,7 @@ import (
 	"fmt"
 	"strings"

-	portainer "github.com/portainer/portainer/api"
+	"github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/crypto"

 	"gopkg.in/ldap.v2"
@@ -178,9 +178,11 @@ func (*Service) TestConnectivity(settings *portainer.LDAPSettings) error {
 	}
 	defer connection.Close()

-	err = connection.Bind(settings.ReaderDN, settings.Password)
-	if err != nil {
-		return err
+	if !settings.AnonymousMode {
+		err = connection.Bind(settings.ReaderDN, settings.Password)
+		if err != nil {
+			return err
+		}
 	}
 	return nil
 }
--- a/api/libcompose/compose_stack.go
+++ b/api/libcompose/compose_stack.go
@@ -39,7 +39,7 @@ func (manager *ComposeStackManager) createClient(endpoint *portainer.Endpoint) (
 	endpointURL := endpoint.URL
 	if endpoint.Type == portainer.EdgeAgentEnvironment {
 		tunnel := manager.reverseTunnelService.GetTunnelDetails(endpoint.ID)
-		endpointURL = fmt.Sprintf("tcp://127.0.0.1:%d", tunnel.Port)
+		endpointURL = fmt.Sprintf("tcp://localhost:%d", tunnel.Port)
 	}

 	clientOpts := client.Options{
--- a/api/portainer.go
+++ b/api/portainer.go
--- a/api/swagger.yaml
+++ b/api/swagger.yaml
@@ -54,7 +54,7 @@ info:

    **NOTE**: You can find more information on how to query the Docker API in the [Docker official documentation](https://docs.docker.com/engine/api/v1.30/) as well as in [this Portainer example](https://gist.github.com/deviantony/77026d402366b4b43fa5918d41bc42f8).

-  version: "1.24.1"
+  version: "1.24.0-dev"
  title: "Portainer API"
  contact:
    email: "info@portainer.io"
@@ -3174,7 +3174,7 @@ definitions:
        description: "Is analytics enabled"
      Version:
        type: "string"
-        example: "1.24.1"
+        example: "1.24.0-dev"
        description: "Portainer API version"
  PublicSettingsInspectResponse:
    type: "object"
--- a/api/swagger_config.json
+++ b/api/swagger_config.json
@@ -1,5 +1,5 @@
 {
  "packageName": "portainer",
-  "packageVersion": "1.24.1",
+  "packageVersion": "1.24.0-dev",
  "projectName": "portainer"
 }
--- a/api/tag.go
+++ b/api/tag.go
@@ -1,71 +0,0 @@
-package portainer
-
-type tagSet map[TagID]bool
-
-// TagSet converts an array of ids to a set
-func TagSet(tagIDs []TagID) tagSet {
-	set := map[TagID]bool{}
-	for _, tagID := range tagIDs {
-		set[tagID] = true
-	}
-	return set
-}
-
-// TagIntersection returns a set intersection of the provided sets
-func TagIntersection(sets ...tagSet) tagSet {
-	intersection := tagSet{}
-	if len(sets) == 0 {
-		return intersection
-	}
-	setA := sets[0]
-	for tag := range setA {
-		inAll := true
-		for _, setB := range sets {
-			if !setB[tag] {
-				inAll = false
-				break
-			}
-		}
-
-		if inAll {
-			intersection[tag] = true
-		}
-	}
-
-	return intersection
-}
-
-// TagUnion returns a set union of provided sets
-func TagUnion(sets ...tagSet) tagSet {
-	union := tagSet{}
-	for _, set := range sets {
-		for tag := range set {
-			union[tag] = true
-		}
-	}
-	return union
-}
-
-// TagContains return true if setA contains setB
-func TagContains(setA tagSet, setB tagSet) bool {
-	containedTags := 0
-	for tag := range setB {
-		if setA[tag] {
-			containedTags++
-		}
-	}
-	return containedTags == len(setA)
-}
-
-// TagDifference returns the set difference tagsA - tagsB
-func TagDifference(setA tagSet, setB tagSet) tagSet {
-	set := tagSet{}
-
-	for tag := range setA {
-		if !setB[tag] {
-			set[tag] = true
-		}
-	}
-
-	return set
-}
--- a/app/__module.js
+++ b/app/__module.js
@@ -4,7 +4,6 @@ import angular from 'angular';
 import './agent/_module';
 import './azure/_module';
 import './docker/__module';
-import './edge/__module';
 import './portainer/__module';

 angular.module('portainer', [
@@ -30,16 +29,15 @@ angular.module('portainer', [
  'portainer.agent',
  'portainer.azure',
  'portainer.docker',
-  'portainer.edge',
  'portainer.extensions',
  'portainer.integrations',
  'rzModule',
-  'moment-picker',
+  'moment-picker'
 ]);

 if (require) {
  var req = require.context('./', true, /^(.*\.(js$))[^.]*$/im);
-  req.keys().forEach(function (key) {
+  req.keys().forEach(function(key) {
    req(key);
  });
 }
--- a/app/agent/components/file-uploader/file-uploader-controller.js
+++ b/app/agent/components/file-uploader/file-uploader-controller.js
@@ -4,7 +4,7 @@ angular.module('portainer.agent').controller('FileUploaderController', [
    var ctrl = this;

    ctrl.state = {
-      uploadInProgress: false,
+      uploadInProgress: false
    };

    ctrl.onFileSelected = onFileSelected;
@@ -19,5 +19,5 @@ angular.module('portainer.agent').controller('FileUploaderController', [
        ctrl.state.uploadInProgress = false;
      });
    }
-  },
+  }
 ]);
--- a/app/agent/components/file-uploader/file-uploader.html
+++ b/app/agent/components/file-uploader/file-uploader.html
@@ -1,3 +1,6 @@
-<button ngf-select="$ctrl.onFileSelected($file)" class="btn ng-scope" button-spinner="$ctrl.state.uploadInProgress">
-  <i style="margin: 0;" class="fa fa-upload" ng-if="!$ctrl.state.uploadInProgress"></i>
+<button 
+  ngf-select="$ctrl.onFileSelected($file)"
+  class="btn ng-scope"
+  button-spinner="$ctrl.state.uploadInProgress">
+  <i style="margin:0" class="fa fa-upload" ng-if="!$ctrl.state.uploadInProgress"></i>
 </button>
--- a/app/agent/components/file-uploader/file-uploader.js
+++ b/app/agent/components/file-uploader/file-uploader.js
@@ -2,6 +2,6 @@ angular.module('portainer.agent').component('fileUploader', {
  templateUrl: './file-uploader.html',
  controller: 'FileUploaderController',
  bindings: {
-    uploadFile: '<onFileSelected',
-  },
+    uploadFile: '<onFileSelected'
+  }
 });
--- a/app/agent/components/files-datatable/files-datatable.html
+++ b/app/agent/components/files-datatable/files-datatable.html
@@ -1,20 +1,14 @@
 <div class="datatable">
  <rd-widget>
-    <rd-widget-header icon="{{ $ctrl.titleIcon }}" title-text="{{ $ctrl.titleText }}">
-      <file-uploader authorization="DockerAgentBrowsePut" ng-if="$ctrl.isUploadAllowed" on-file-selected="($ctrl.onFileSelectedForUpload)"> </file-uploader>
+    <rd-widget-header icon="{{$ctrl.titleIcon}}" title-text="{{ $ctrl.titleText }}">
+       <file-uploader authorization="DockerAgentBrowsePut" ng-if="$ctrl.isUploadAllowed" on-file-selected="$ctrl.onFileSelectedForUpload">
+       </file-uploader>
    </rd-widget-header>
    <rd-widget-body classes="no-padding">
      <div class="searchBar">
        <i class="fa fa-search searchIcon" aria-hidden="true"></i>
-        <input
-          type="text"
-          class="searchInput"
-          ng-model="$ctrl.state.textFilter"
-          ng-model-options="{ debounce: 300 }"
-          ng-change="$ctrl.onTextFilterChange()"
-          placeholder="Search..."
-          auto-focus
-        />
+        <input type="text" class="searchInput" ng-model="$ctrl.state.textFilter" ng-model-options="{ debounce: 300 }"
+          ng-change="$ctrl.onTextFilterChange()" placeholder="Search..." auto-focus>
      </div>
      <div class="table-responsive">
        <table class="table">
@@ -49,33 +43,36 @@
          <tbody>
            <tr ng-if="!$ctrl.isRoot">
              <td colspan="4">
-                <a ng-click="$ctrl.goToParent()"><i class="fa fa-level-up-alt space-right"></i>Go to parent</a>
+                <a ng-click="$ctrl.goToParent()"><i class="fa fa-level-up-alt space-right"></i>Go
+                  to parent</a>
              </td>
            </tr>
            <tr ng-repeat="item in ($ctrl.state.filteredDataSet = ($ctrl.dataset | filter:$ctrl.state.textFilter | orderBy:$ctrl.state.orderBy:$ctrl.state.reverseOrder))">
              <td>
                <span ng-if="item.edit">
-                  <input
-                    class="input-sm"
-                    type="text"
-                    ng-model="item.newName"
-                    on-enter-key="$ctrl.rename({ name: item.Name, newName: item.newName }); item.edit = false"
-                    auto-focus
-                  />
+                  <input class="input-sm" type="text" ng-model="item.newName"
+                    on-enter-key="$ctrl.rename({name: item.Name, newName: item.newName}); item.edit = false;"
+                    auto-focus />
                  <a class="interactive" ng-click="item.edit = false;"><i class="fa fa-times"></i></a>
-                  <a class="interactive" ng-click="$ctrl.rename({name: item.Name, newName: item.newName}); item.edit = false;"><i class="fa fa-check-square"></i></a>
+                  <a class="interactive" ng-click="$ctrl.rename({name: item.Name, newName: item.newName}); item.edit = false;"><i
+                      class="fa fa-check-square"></i></a>
                </span>
                <span ng-if="!item.edit && item.Dir">
-                  <a ng-click="$ctrl.browse({name: item.Name})"><i class="fa fa-folder space-right" aria-hidden="true"></i>{{ item.Name }}</a>
+                  <a ng-click="$ctrl.browse({name: item.Name})"><i class="fa fa-folder space-right"
+                      aria-hidden="true"></i>{{ item.Name }}</a>
+                </span>
+                <span ng-if="!item.edit && !item.Dir">
+                  <i class="fa fa-file space-right" aria-hidden="true"></i>{{
+                  item.Name }}
                </span>
-                <span ng-if="!item.edit && !item.Dir"> <i class="fa fa-file space-right" aria-hidden="true"></i>{{ item.Name }} </span>
              </td>
              <td>{{ item.Size | humansize }}</td>
              <td>
                {{ item.ModTime | getisodatefromtimestamp }}
              </td>
              <td>
-                <btn authorization="DockerAgentBrowseGet" class="btn btn-xs btn-primary space-right" ng-click="$ctrl.download({ name: item.Name })" ng-if="!item.Dir">
+                <btn authorization="DockerAgentBrowseGet" class="btn btn-xs btn-primary space-right" ng-click="$ctrl.download({ name: item.Name })"
+                  ng-if="!item.Dir">
                  <i class="fa fa-download" aria-hidden="true"></i> Download
                </btn>
                <btn authorization="DockerAgentBrowseRename" class="btn btn-xs btn-primary space-right" ng-click="item.newName = item.Name; item.edit = true">
@@ -97,4 +94,4 @@
      </div>
    </rd-widget-body>
  </rd-widget>
-</div>
+</div>
--- a/app/agent/components/files-datatable/files-datatable.js
+++ b/app/agent/components/files-datatable/files-datatable.js
@@ -15,8 +15,8 @@ angular.module('portainer.agent').component('filesDatatable', {
    rename: '&',
    download: '&',
    delete: '&',
-
+    
    isUploadAllowed: '<',
-    onFileSelectedForUpload: '<',
-  },
+    onFileSelectedForUpload: '<'
+  }
 });
--- a/app/agent/components/host-browser/host-browser-controller.js
+++ b/app/agent/components/host-browser/host-browser-controller.js
@@ -1,15 +1,12 @@
 import _ from 'lodash-es';

 angular.module('portainer.agent').controller('HostBrowserController', [
-  'HostBrowserService',
-  'Notifications',
-  'FileSaver',
-  'ModalService',
+  'HostBrowserService', 'Notifications', 'FileSaver', 'ModalService',
  function HostBrowserController(HostBrowserService, Notifications, FileSaver, ModalService) {
    var ctrl = this;
    var ROOT_PATH = '/host';
    ctrl.state = {
-      path: ROOT_PATH,
+      path: ROOT_PATH
    };

    ctrl.goToParent = goToParent;
@@ -24,7 +21,7 @@ angular.module('portainer.agent').controller('HostBrowserController', [

    function getRelativePath(path) {
      path = path || ctrl.state.path;
-      var rootPathRegex = new RegExp('^' + ROOT_PATH + '/?');
+      var rootPathRegex = new RegExp('^' + ROOT_PATH + '\/?');
      var relativePath = path.replace(rootPathRegex, '/');
      return relativePath;
    }
@@ -74,7 +71,7 @@ angular.module('portainer.agent').controller('HostBrowserController', [
      HostBrowserService.get(filePath)
        .then(function onFileReceived(data) {
          var downloadData = new Blob([data.file], {
-            type: 'text/plain;charset=utf-8',
+            type: 'text/plain;charset=utf-8'
          });
          FileSaver.saveAs(downloadData, file);
        })
@@ -86,12 +83,15 @@ angular.module('portainer.agent').controller('HostBrowserController', [
    function confirmDeleteFile(name) {
      var filePath = buildPath(ctrl.state.path, name);

-      ModalService.confirmDeletion('Are you sure that you want to delete ' + getRelativePath(filePath) + ' ?', function onConfirm(confirmed) {
-        if (!confirmed) {
-          return;
+      ModalService.confirmDeletion(
+        'Are you sure that you want to delete ' + getRelativePath(filePath) + ' ?',
+        function onConfirm(confirmed) {
+          if (!confirmed) {
+            return;
+          }
+          return deleteFile(filePath);
        }
-        return deleteFile(filePath);
-      });
+      );
    }

    function deleteFile(path) {
@@ -145,5 +145,5 @@ angular.module('portainer.agent').controller('HostBrowserController', [
    function refreshList() {
      getFilesForPath(ctrl.state.path);
    }
-  },
+  }
 ]);
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
itsconquest	77294ad731	feat(service-details): manage bridge & ingress	2020-02-06 20:25:05 +13:00
itsconquest	e4254cb634	Merge branch 'feat-1807-service-network-management' of github.com:portainer/portainer into develop	2020-02-06 19:08:56 +13:00
itsconquest	bc17f23c09	feat(service-details): ability to manage networks	2020-02-04 18:23:09 +13:00