Ensure Pixel gets disabled, PDF ToC support (#3659)

# Description of Changes

Please provide a summary of the changes, including:

- What was changed
- Why the change was made
- Any challenges encountered

Closes #(issue_number)

---

## Checklist

### General

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [ ] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing)
for more details.

---------

Co-authored-by: Dario Ghunney Ware <dariogware@gmail.com>
Co-authored-by: Connor Yoh <con.yoh13@gmail.com>
Co-authored-by: a <a>
Co-authored-by: Reece <reecebrowne1995@gmail.com>

proprietary/src/test/java/stirling/software/proprietary/security/service/TeamServiceTest.java

@@ -0,0 +1,83 @@
+package stirling.software.proprietary.security.service;
+
+import java.util.Optional;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.junit.jupiter.MockitoExtension;
+import stirling.software.proprietary.model.Team;
+import stirling.software.proprietary.security.repository.TeamRepository;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.when;
+
+@ExtendWith(MockitoExtension.class)
+class TeamServiceTest {
+
+    @Mock
+    private TeamRepository teamRepository;
+
+    @InjectMocks
+    private TeamService teamService;
+
+    @Test
+    void getDefaultTeam() {
+        var team = new Team();
+        team.setName("Marleyans");
+
+        when(teamRepository.findByName(TeamService.DEFAULT_TEAM_NAME))
+                .thenReturn(Optional.of(team));
+
+        Team result = teamService.getOrCreateDefaultTeam();
+
+        assertEquals(team, result);
+    }
+
+    @Test
+    void createDefaultTeam_whenRepositoryIsEmpty() {
+        String teamName = "Default";
+        var defaultTeam = new Team();
+        defaultTeam.setId(1L);
+        defaultTeam.setName(teamName);
+
+        when(teamRepository.findByName(teamName))
+                .thenReturn(Optional.empty());
+        when(teamRepository.save(any(Team.class))).thenReturn(defaultTeam);
+
+        Team result = teamService.getOrCreateDefaultTeam();
+
+        assertEquals(TeamService.DEFAULT_TEAM_NAME, result.getName());
+    }
+
+    @Test
+    void getInternalTeam() {
+        var team = new Team();
+        team.setName("Eldians");
+
+        when(teamRepository.findByName(TeamService.INTERNAL_TEAM_NAME))
+            .thenReturn(Optional.of(team));
+
+        Team result = teamService.getOrCreateInternalTeam();
+
+        assertEquals(team, result);
+    }
+
+    @Test
+    void createInternalTeam_whenRepositoryIsEmpty() {
+        String teamName = "Internal";
+        Team internalTeam = new Team();
+        internalTeam.setId(2L);
+        internalTeam.setName(teamName);
+
+        when(teamRepository.findByName(teamName))
+            .thenReturn(Optional.empty());
+        when(teamRepository.save(any(Team.class))).thenReturn(internalTeam);
+        when(teamRepository.findByName(TeamService.INTERNAL_TEAM_NAME))
+            .thenReturn(Optional.empty());
+
+        Team result = teamService.getOrCreateInternalTeam();
+
+        assertEquals(internalTeam, result);
+    }
+}

proprietary/src/test/java/stirling/software/proprietary/security/service/UserServiceTest.java

@@ -0,0 +1,317 @@
+package stirling.software.proprietary.security.service;
+
+import java.sql.SQLException;
+import java.util.Locale;
+import java.util.Optional;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.junit.jupiter.MockitoExtension;
+import org.springframework.context.MessageSource;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.test.context.bean.override.mockito.MockitoBean;
+import stirling.software.common.model.ApplicationProperties;
+import stirling.software.common.model.enumeration.Role;
+import stirling.software.common.model.exception.UnsupportedProviderException;
+import stirling.software.proprietary.model.Team;
+import stirling.software.proprietary.security.database.repository.AuthorityRepository;
+import stirling.software.proprietary.security.database.repository.UserRepository;
+import stirling.software.proprietary.security.model.AuthenticationType;
+import stirling.software.proprietary.security.model.User;
+import stirling.software.proprietary.security.repository.TeamRepository;
+import stirling.software.proprietary.security.session.SessionPersistentRegistry;
+import static org.junit.jupiter.api.Assertions.*;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.anyLong;
+import static org.mockito.ArgumentMatchers.anyString;
+import static org.mockito.ArgumentMatchers.eq;
+import static org.mockito.Mockito.*;
+
+@ExtendWith(MockitoExtension.class)
+class UserServiceTest {
+
+    @Mock
+    private UserRepository userRepository;
+
+    @Mock
+    private TeamRepository teamRepository;
+
+    @Mock
+    private AuthorityRepository authorityRepository;
+
+    @Mock
+    private PasswordEncoder passwordEncoder;
+
+    @Mock
+    private MessageSource messageSource;
+
+    @Mock
+    private SessionPersistentRegistry sessionPersistentRegistry;
+
+    @Mock
+    private DatabaseServiceInterface databaseService;
+
+    @Mock
+    private ApplicationProperties.Security.OAUTH2 oauth2Properties;
+
+    @InjectMocks
+    private UserService userService;
+
+    private Team mockTeam;
+    private User mockUser;
+
+    @BeforeEach
+    void setUp() {
+        mockTeam = new Team();
+        mockTeam.setId(1L);
+        mockTeam.setName("Test Team");
+
+        mockUser = new User();
+        mockUser.setId(1L);
+        mockUser.setUsername("testuser");
+        mockUser.setEnabled(true);
+    }
+
+    @Test
+    void testSaveUser_WithUsernameAndAuthenticationType_Success() throws Exception {
+        // Given
+        String username = "testuser";
+        AuthenticationType authType = AuthenticationType.WEB;
+        
+        when(teamRepository.findByName("Default")).thenReturn(Optional.of(mockTeam));
+        when(userRepository.save(any(User.class))).thenReturn(mockUser);
+        doNothing().when(databaseService).exportDatabase();
+
+        // When
+        userService.saveUser(username, authType);
+
+        // Then
+        verify(userRepository).save(any(User.class));
+        verify(databaseService).exportDatabase();
+    }
+
+    @Test
+    void testSaveUser_WithUsernamePasswordAndTeamId_Success() throws Exception {
+        // Given
+        String username = "testuser";
+        String password = "password123";
+        Long teamId = 1L;
+        String encodedPassword = "encodedPassword123";
+        
+        when(passwordEncoder.encode(password)).thenReturn(encodedPassword);
+        when(teamRepository.findById(teamId)).thenReturn(Optional.of(mockTeam));
+        when(userRepository.save(any(User.class))).thenReturn(mockUser);
+        doNothing().when(databaseService).exportDatabase();
+
+        // When
+        User result = userService.saveUser(username, password, teamId);
+
+        // Then
+        assertNotNull(result);
+        verify(passwordEncoder).encode(password);
+        verify(teamRepository).findById(teamId);
+        verify(userRepository).save(any(User.class));
+        verify(databaseService).exportDatabase();
+    }
+
+    @Test
+    void testSaveUser_WithTeamAndRole_Success() throws Exception {
+        // Given
+        String username = "testuser";
+        String password = "password123";
+        String role = Role.ADMIN.getRoleId();
+        boolean firstLogin = true;
+        String encodedPassword = "encodedPassword123";
+        
+        when(passwordEncoder.encode(password)).thenReturn(encodedPassword);
+        when(userRepository.save(any(User.class))).thenReturn(mockUser);
+        doNothing().when(databaseService).exportDatabase();
+
+        // When
+        User result = userService.saveUser(username, password, mockTeam, role, firstLogin);
+
+        // Then
+        assertNotNull(result);
+        verify(passwordEncoder).encode(password);
+        verify(userRepository).save(any(User.class));
+        verify(databaseService).exportDatabase();
+    }
+
+    @Test
+    void testSaveUser_WithInvalidUsername_ThrowsException() throws Exception {
+        // Given
+        String invalidUsername = "ab"; // Too short (less than 3 characters)
+        AuthenticationType authType = AuthenticationType.WEB;
+
+        // When & Then
+        IllegalArgumentException exception = assertThrows(
+            IllegalArgumentException.class,
+            () -> userService.saveUser(invalidUsername, authType)
+        );
+        
+        verify(userRepository, never()).save(any(User.class));
+        verify(databaseService, never()).exportDatabase();
+    }
+
+    @Test
+    void testSaveUser_WithNullPassword_Success() throws Exception {
+        // Given
+        String username = "testuser";
+        Long teamId = 1L;
+        
+        when(teamRepository.findById(teamId)).thenReturn(Optional.of(mockTeam));
+        when(userRepository.save(any(User.class))).thenReturn(mockUser);
+        doNothing().when(databaseService).exportDatabase();
+
+        // When
+        User result = userService.saveUser(username, null, teamId);
+
+        // Then
+        assertNotNull(result);
+        verify(passwordEncoder, never()).encode(anyString());
+        verify(userRepository).save(any(User.class));
+        verify(databaseService).exportDatabase();
+    }
+
+    @Test
+    void testSaveUser_WithEmptyPassword_Success() throws Exception {
+        // Given
+        String username = "testuser";
+        String emptyPassword = "";
+        Long teamId = 1L;
+        
+        when(teamRepository.findById(teamId)).thenReturn(Optional.of(mockTeam));
+        when(userRepository.save(any(User.class))).thenReturn(mockUser);
+        doNothing().when(databaseService).exportDatabase();
+
+        // When
+        User result = userService.saveUser(username, emptyPassword, teamId);
+
+        // Then
+        assertNotNull(result);
+        verify(passwordEncoder, never()).encode(anyString());
+        verify(userRepository).save(any(User.class));
+        verify(databaseService).exportDatabase();
+    }
+
+    @Test
+    void testSaveUser_WithValidEmail_Success() throws Exception {
+        // Given
+        String emailUsername = "test@example.com";
+        AuthenticationType authType = AuthenticationType.SSO;
+        
+        when(teamRepository.findByName("Default")).thenReturn(Optional.of(mockTeam));
+        when(userRepository.save(any(User.class))).thenReturn(mockUser);
+        doNothing().when(databaseService).exportDatabase();
+
+        // When
+        userService.saveUser(emailUsername, authType);
+
+        // Then
+        verify(userRepository).save(any(User.class));
+        verify(databaseService).exportDatabase();
+    }
+
+    @Test
+    void testSaveUser_WithReservedUsername_ThrowsException() throws Exception {
+        // Given
+        String reservedUsername = "all_users";
+        AuthenticationType authType = AuthenticationType.WEB;
+
+        // When & Then
+        IllegalArgumentException exception = assertThrows(
+            IllegalArgumentException.class,
+            () -> userService.saveUser(reservedUsername, authType)
+        );
+        
+        verify(userRepository, never()).save(any(User.class));
+        verify(databaseService, never()).exportDatabase();
+    }
+
+    @Test
+    void testSaveUser_WithAnonymousUser_ThrowsException() throws Exception {
+        // Given
+        String anonymousUsername = "anonymoususer";
+        AuthenticationType authType = AuthenticationType.WEB;
+
+        // When & Then
+        IllegalArgumentException exception = assertThrows(
+            IllegalArgumentException.class,
+            () -> userService.saveUser(anonymousUsername, authType)
+        );
+        
+        verify(userRepository, never()).save(any(User.class));
+        verify(databaseService, never()).exportDatabase();
+    }
+
+    @Test
+    void testSaveUser_DatabaseExportThrowsException_StillSavesUser() throws Exception {
+        // Given
+        String username = "testuser";
+        String password = "password123";
+        Long teamId = 1L;
+        String encodedPassword = "encodedPassword123";
+        
+        when(passwordEncoder.encode(password)).thenReturn(encodedPassword);
+        when(teamRepository.findById(teamId)).thenReturn(Optional.of(mockTeam));
+        when(userRepository.save(any(User.class))).thenReturn(mockUser);
+        doThrow(new SQLException("Database export failed")).when(databaseService).exportDatabase();
+
+        // When & Then
+        assertThrows(SQLException.class, () -> userService.saveUser(username, password, teamId));
+        
+        // Verify user was still saved before the exception
+        verify(userRepository).save(any(User.class));
+        verify(databaseService).exportDatabase();
+    }
+
+    @Test
+    void testSaveUser_WithFirstLoginFlag_Success() throws Exception {
+        // Given
+        String username = "testuser";
+        String password = "password123";
+        Long teamId = 1L;
+        boolean firstLogin = true;
+        boolean enabled = false;
+        String encodedPassword = "encodedPassword123";
+        
+        when(passwordEncoder.encode(password)).thenReturn(encodedPassword);
+        when(teamRepository.findById(teamId)).thenReturn(Optional.of(mockTeam));
+        when(userRepository.save(any(User.class))).thenReturn(mockUser);
+        doNothing().when(databaseService).exportDatabase();
+
+        // When
+        userService.saveUser(username, password, teamId, firstLogin, enabled);
+
+        // Then
+        verify(passwordEncoder).encode(password);
+        verify(userRepository).save(any(User.class));
+        verify(databaseService).exportDatabase();
+    }
+
+    @Test
+    void testSaveUser_WithCustomRole_Success() throws Exception {
+        // Given
+        String username = "testuser";
+        String password = "password123";
+        Long teamId = 1L;
+        String customRole = Role.LIMITED_API_USER.getRoleId();
+        String encodedPassword = "encodedPassword123";
+        
+        when(passwordEncoder.encode(password)).thenReturn(encodedPassword);
+        when(teamRepository.findById(teamId)).thenReturn(Optional.of(mockTeam));
+        when(userRepository.save(any(User.class))).thenReturn(mockUser);
+        doNothing().when(databaseService).exportDatabase();
+
+        // When
+        userService.saveUser(username, password, teamId, customRole);
+
+        // Then
+        verify(passwordEncoder).encode(password);
+        verify(userRepository).save(any(User.class));
+        verify(databaseService).exportDatabase();
+    }
+
+}