Merge branch 'develop'

# Conflicts:
#	config/version.php

.all-contributorsrc

@@ -737,6 +737,910 @@
       "contributions": [
         "code"
       ]
+    },
+    {
+      "login": "richardhofman6",
+      "name": "Richard Hofman",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/6551003?v=4",
+      "profile": "https://github.com/richardhofman6",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "gizzmojr",
+      "name": "gizzmojr",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/3697569?v=4",
+      "profile": "https://github.com/gizzmojr",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "imjennyli",
+      "name": "Jenny Li",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/404729?v=4",
+      "profile": "https://github.com/imjennyli",
+      "contributions": [
+        "doc"
+      ]
+    },
+    {
+      "login": "GeoffYoung",
+      "name": "Geoff Young",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/869227?v=4",
+      "profile": "https://github.com/GeoffYoung",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "BlueHatbRit",
+      "name": "Elliot Blackburn",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/1068477?v=4",
+      "profile": "http://www.elliotblackburn.com",
+      "contributions": [
+        "doc"
+      ]
+    },
+    {
+      "login": "TonisOrmisson",
+      "name": "Tõnis Ormisson",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/6357451?v=4",
+      "profile": "http://andmemasin.eu",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "thakilla",
+      "name": "Nicolai Essig",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/449411?v=4",
+      "profile": "http://www.nicolai-essig.de",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "techincolor",
+      "name": "Danielle",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/14809698?v=4",
+      "profile": "https://github.com/techincolor",
+      "contributions": [
+        "doc"
+      ]
+    },
+    {
+      "login": "TheVakman",
+      "name": "Lawrence",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/18545156?v=4",
+      "profile": "https://github.com/TheVakman",
+      "contributions": [
+        "test",
+        "bug"
+      ]
+    },
+    {
+      "login": "uknzaeinozpas",
+      "name": "uknzaeinozpas",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/22473767?v=4",
+      "profile": "https://github.com/uknzaeinozpas",
+      "contributions": [
+        "test",
+        "code"
+      ]
+    },
+    {
+      "login": "Gelob",
+      "name": "Ryan",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/422752?v=4",
+      "profile": "https://github.com/Gelob",
+      "contributions": [
+        "doc"
+      ]
+    },
+    {
+      "login": "vcordes79",
+      "name": "vcordes79",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/10672546?v=4",
+      "profile": "https://github.com/vcordes79",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "fordster78",
+      "name": "fordster78",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/27958330?v=4",
+      "profile": "https://github.com/fordster78",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "CronKz",
+      "name": "CronKz",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/34064225?v=4",
+      "profile": "https://github.com/CronKz",
+      "contributions": [
+        "code",
+        "translation"
+      ]
+    },
+    {
+      "login": "tdb",
+      "name": "Tim Bishop",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/585486?v=4",
+      "profile": "https://github.com/tdb",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "seanmcilvenna",
+      "name": "Sean McIlvenna",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/5384694?v=4",
+      "profile": "https://www.seanmcilvenna.com",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "cepacs",
+      "name": "cepacs",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/36515590?v=4",
+      "profile": "https://github.com/cepacs",
+      "contributions": [
+        "bug",
+        "doc"
+      ]
+    },
+    {
+      "login": "lea-mink",
+      "name": "lea-mink",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/37537300?v=4",
+      "profile": "https://github.com/lea-mink",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "hannahtinkler",
+      "name": "Hannah Tinkler",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/7140719?v=4",
+      "profile": "https://github.com/hannahtinkler",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "doekman",
+      "name": "Doeke Zanstra",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/1086388?v=4",
+      "profile": "https://github.com/doekman",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "SjamonDaal",
+      "name": "Djamon Staal",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/4325936?v=4",
+      "profile": "https://www.sdhd.nl/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "EarlRamirez",
+      "name": "Earl Ramirez",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/12306859?v=4",
+      "profile": "https://github.com/EarlRamirez",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "RichardRay",
+      "name": "Richard Ray Thomas",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/8671456?v=4",
+      "profile": "https://github.com/RichardRay",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "thelamer",
+      "name": "Ryan Kuba",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/1852688?v=4",
+      "profile": "https://www.taisun.io/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "ParadoxGuitarist",
+      "name": "Brian Monroe",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/6751928?v=4",
+      "profile": "https://github.com/ParadoxGuitarist",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "plexorama",
+      "name": "plexorama",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/605167?v=4",
+      "profile": "https://github.com/plexorama",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "tilldeeke",
+      "name": "Till Deeke",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/1795149?v=4",
+      "profile": "https://tilldeeke.de",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "5quirrel",
+      "name": "5quirrel",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/12634129?v=4",
+      "profile": "https://github.com/5quirrel",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "jasonlshelton",
+      "name": "Jason",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/13071957?v=4",
+      "profile": "https://github.com/jasonlshelton",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "chemfy",
+      "name": "Antti",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/7128321?v=4",
+      "profile": "https://github.com/chemfy",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "DeusMaximus",
+      "name": "DeusMaximus",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/10080364?v=4",
+      "profile": "https://github.com/DeusMaximus",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "A-ROYAL",
+      "name": "a-royal",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/16384611?v=4",
+      "profile": "https://github.com/A-ROYAL",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "albertoaldrigo",
+      "name": "Alberto Aldrigo",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/5358208?v=4",
+      "profile": "https://github.com/albertoaldrigo",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "RealEnder",
+      "name": "Alex Stanev",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/1412342?v=4",
+      "profile": "http://alex.stanev.org/blog",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "sirrus",
+      "name": "Andreas Rehm",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/177295?v=4",
+      "profile": "http://devel.itsolution2.de",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "xelan",
+      "name": "Andreas Erhard",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/5080535?v=4",
+      "profile": "https://github.com/xelan",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "angeldeejay",
+      "name": "Andrés Vanegas Jiménez",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/142350?v=4",
+      "profile": "https://github.com/angeldeejay",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "aschiavon91",
+      "name": "Antonio Schiavon",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/3910403?v=4",
+      "profile": "https://github.com/aschiavon91",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "benunter",
+      "name": "benunter",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/10464547?v=4",
+      "profile": "https://github.com/benunter",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "rudashi",
+      "name": "Borys Żmuda",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/5038647?v=4",
+      "profile": "http://catweb24.pl",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "chibacityblues",
+      "name": "chibacityblues",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/5539359?v=4",
+      "profile": "https://github.com/chibacityblues",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "cwlin0416",
+      "name": "Chien Wei Lin",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/1954830?v=4",
+      "profile": "https://github.com/cwlin0416",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "Againstreality",
+      "name": "Christian Schuster",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/11700533?v=4",
+      "profile": "https://github.com/Againstreality",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "kopi-item",
+      "name": "Christian Stefanus",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/4308704?v=4",
+      "profile": "http://chriss.webhostid.com",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "wxcafe",
+      "name": "wxcafé",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/3009327?v=4",
+      "profile": "http://wxcafe.net",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "dpyroc",
+      "name": "dpyroc",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/35761525?v=4",
+      "profile": "https://github.com/dpyroc",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "da-friedl",
+      "name": "Daniel Friedlmaier",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/2153639?v=4",
+      "profile": "http://www.friedlmaier.net",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "danielheene",
+      "name": "Daniel Heene",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/2947640?v=4",
+      "profile": "https://github.com/danielheene",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "danielcb",
+      "name": "danielcb",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/319022?v=4",
+      "profile": "https://github.com/danielcb",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "dominiksenti",
+      "name": "Dominik Senti",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/15846537?v=4",
+      "profile": "https://github.com/dominiksenti",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "EpixFr",
+      "name": "Eric Gautheron",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/25570954?v=4",
+      "profile": "http://www.konectik.com",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "Erlpil",
+      "name": "Erlend Pilø",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/5732623?v=4",
+      "profile": "https://erlpil.com",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "frapposelli",
+      "name": "Fabio Rapposelli",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/541832?v=4",
+      "profile": "http://fabio.technology",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "fgbs",
+      "name": "Felipe Barros",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/3605240?v=4",
+      "profile": "https://github.com/fgbs",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "possebon",
+      "name": "Fernando Possebon",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/257745?v=4",
+      "profile": "https://github.com/possebon",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "gdraque",
+      "name": "gdraque",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/2540832?v=4",
+      "profile": "https://github.com/gdraque",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "georgwallisch",
+      "name": "Georg Wallisch",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/23440381?v=4",
+      "profile": "https://github.com/georgwallisch",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "jgroblesr85",
+      "name": "Gerardo Robles",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/9852832?v=4",
+      "profile": "https://github.com/jgroblesr85",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "mrgluek",
+      "name": "Gluek",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/11082640?v=4",
+      "profile": "https://t.me/Gluek",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "AdnanAbuShahad",
+      "name": "AdnanAbuShahad",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/6847946?v=4",
+      "profile": "https://github.com/AdnanAbuShahad",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "hafidzi",
+      "name": "Hafidzi My",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/3580608?v=4",
+      "profile": "https://hafidzi.my",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "fofwisdom",
+      "name": "Harim Park",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/205521?v=4",
+      "profile": "https://github.com/fofwisdom",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "Kentsson",
+      "name": "Henrik Kentsson",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/3333841?v=4",
+      "profile": "http://www.kentsson.se",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "husnulyaqien",
+      "name": "Husnul Yaqien",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/36551034?v=4",
+      "profile": "https://github.com/husnulyaqien",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "abaalkh",
+      "name": "Ibrahim",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/2372747?v=4",
+      "profile": "http://abaalkhail.org",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "igolman",
+      "name": "igolman",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/1389334?v=4",
+      "profile": "https://github.com/igolman",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "itangiang",
+      "name": "itangiang",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/3257070?v=4",
+      "profile": "https://github.com/itangiang",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "jarby1211",
+      "name": "jarby1211",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/14814254?v=4",
+      "profile": "https://github.com/jarby1211",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "JohnWillker",
+      "name": "Jhonn Willker",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/6719357?v=4",
+      "profile": "http://jwillker.com",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "joxelito94",
+      "name": "Jose",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/10983635?v=4",
+      "profile": "https://github.com/joxelito94",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "laopangzi",
+      "name": "laopangzi",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/5206122?v=4",
+      "profile": "https://github.com/laopangzi",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "lstrojny",
+      "name": "Lars Strojny",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/79707?v=4",
+      "profile": "http://usrportage.de",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "MarcosBL",
+      "name": "MarcosBL",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/389801?v=4",
+      "profile": "http://twitter.com/marcosbl",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "mariejoyacajes",
+      "name": "marie joy cajes",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/35664606?v=4",
+      "profile": "https://github.com/mariejoyacajes",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "msjohansen",
+      "name": "Mark S. Johansen",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/3052816?v=4",
+      "profile": "http://www.markjohansen.dk",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "stubben",
+      "name": "Martin Stub",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/982885?v=4",
+      "profile": "http://martinstub.dk",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "meyerf99",
+      "name": "Meyer Flavio",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/28959963?v=4",
+      "profile": "https://github.com/meyerf99",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "MicaelRodrigues",
+      "name": "Micael Rodrigues",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/796443?v=4",
+      "profile": "https://github.com/MicaelRodrigues",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "mikaelssen",
+      "name": "Mikael Rasmussen",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/10481331?v=4",
+      "profile": "http://rubixy.com/",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "IxFail",
+      "name": "IxFail",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/1544552?v=4",
+      "profile": "https://github.com/IxFail",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "MohammedFota",
+      "name": "Mohammed Fota",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/18483118?v=4",
+      "profile": "http://www.mohammedfota.com",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "omego",
+      "name": "Moayad Alserihi",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/227080?v=4",
+      "profile": "https://github.com/omego",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "saymd",
+      "name": "saymd",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/1680266?v=4",
+      "profile": "https://github.com/saymd",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "pooot",
+      "name": "Patrik Larsson",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/1826808?v=4",
+      "profile": "https://nordsken.se",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "drcryo",
+      "name": "drcryo",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/20584746?v=4",
+      "profile": "https://github.com/drcryo",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "pawel1615",
+      "name": "pawel1615",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/19408004?v=4",
+      "profile": "https://github.com/pawel1615",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "bodrovics",
+      "name": "bodrovics",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/23340468?v=4",
+      "profile": "https://github.com/bodrovics",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "priatna",
+      "name": "priatna",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/3257654?v=4",
+      "profile": "https://github.com/priatna",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "ProfFan",
+      "name": "Fan Jiang",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/5358374?v=4",
+      "profile": "https://amayume.net",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "ragnarcx",
+      "name": "ragnarcx",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/22555451?v=4",
+      "profile": "https://github.com/ragnarcx",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "reinvanhaaren",
+      "name": "Rein van Haaren",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/18654582?v=4",
+      "profile": "http://www.reinvanhaaren.nl/",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "dheche",
+      "name": "Teguh Dwicaksana",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/386672?v=4",
+      "profile": "http://dheche.songolimo.net",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "FRaccie",
+      "name": "fraccie",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/2572552?v=4",
+      "profile": "https://github.com/FRaccie",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "vinzruzell",
+      "name": "vinzruzell",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/35182720?v=4",
+      "profile": "https://github.com/vinzruzell",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "vipsystem",
+      "name": "Kevin Austin",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/7883603?v=4",
+      "profile": "http://kevinaustin.com",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "wira-sandy",
+      "name": "Wira Sandy",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/3861828?v=4",
+      "profile": "http://azuraweb.xyz",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "GrayHoax",
+      "name": "Илья",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/8663789?v=4",
+      "profile": "https://github.com/GrayHoax",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "godusevpn",
+      "name": "GodUseVPN",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/30119111?v=4",
+      "profile": "https://github.com/godusevpn",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "EngrZhou",
+      "name": "周周",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/745576?v=4",
+      "profile": "https://github.com/EngrZhou",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "takuy",
+      "name": "Sam",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/1631095?v=4",
+      "profile": "https://github.com/takuy",
+      "contributions": [
+        "code"
+      ]
     }
   ]
 }

.env.example

@@ -7,18 +7,20 @@ APP_KEY=ChangeMe
 APP_URL=null
 APP_TIMEZONE='UTC'
 APP_LOCALE=en
-
+BACKUP_ENV=false
 
 # --------------------------------------------
 # REQUIRED: DATABASE SETTINGS
 # --------------------------------------------
 DB_CONNECTION=mysql
-DB_HOST=localhost
+DB_HOST=127.0.0.1
 DB_DATABASE=null
 DB_USERNAME=null
 DB_PASSWORD=null
 DB_PREFIX=null
 DB_DUMP_PATH='/usr/bin'
+DB_CHARSET=utf8mb4
+DB_COLLATION=utf8mb4_unicode_ci
 
 # --------------------------------------------
 # OPTIONAL: SSL DATABASE SETTINGS
@@ -29,7 +31,6 @@ DB_SSL_CERT_PATH=null
 DB_SSL_CA_PATH=null
 DB_SSL_CIPHER=null
 
-
 # --------------------------------------------
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
 # --------------------------------------------
@@ -44,14 +45,12 @@ MAIL_FROM_NAME='Snipe-IT'
 MAIL_REPLYTO_ADDR=you@example.com
 MAIL_REPLYTO_NAME='Snipe-IT'
 
-
 # --------------------------------------------
 # REQUIRED: IMAGE LIBRARY
 # This should be gd or imagick
 # --------------------------------------------
 IMAGE_LIB=gd
 
-
 # --------------------------------------------
 # OPTIONAL: SESSION SETTINGS
 # --------------------------------------------
@@ -62,6 +61,11 @@ COOKIE_NAME=snipeit_session
 COOKIE_DOMAIN=null
 SECURE_COOKIES=false
 
+# --------------------------------------------
+# OPTIONAL: SECURITY HEADER SETTINGS
+# --------------------------------------------
+REFERRER_POLICY=same-origin
+ENABLE_CSP=false
 
 # --------------------------------------------
 # OPTIONAL: CACHE SETTINGS
@@ -70,6 +74,12 @@ CACHE_DRIVER=file
 SESSION_DRIVER=file
 QUEUE_DRIVER=sync
 
+# --------------------------------------------
+# OPTIONAL: REDIS SETTINGS
+# --------------------------------------------
+REDIS_HOST=null
+REDIS_PASSWORD=null
+REDIS_PORT-null
 
 # --------------------------------------------
 # OPTIONAL: AWS S3 SETTINGS
@@ -89,8 +99,11 @@ LOGIN_LOCKOUT_DURATION=60
 # OPTIONAL: MISC
 # --------------------------------------------
 APP_LOG=single
+APP_LOG_MAX_FILES=10
 APP_LOCKED=false
 FILESYSTEM_DISK=local
 APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1
 ALLOW_IFRAMING=false
 APP_CIPHER=AES-256-CBC
+GOOGLE_MAPS_API=
+BACKUP_ENV=true

.env.tests

@@ -1,8 +1,8 @@
 APP_ENV=testing
 APP_DEBUG=true
 APP_URL=http://snipe-it.localapp
-DB_CONNECTION=sqlite_testing
-DB_DEFAULT=sqlite_testing
+DB_CONNECTION=mysql
+DB_DEFAULT=mysql
 DB_HOST=localhost
 DB_DATABASE=snipeittests
 DB_USERNAME=snipeit

.env.unit-tests

@@ -0,0 +1,19 @@
+APP_ENV=testing
+APP_DEBUG=true
+APP_URL=http://snipe-it.localapp
+DB_CONNECTION=sqlite_testing
+DB_DEFAULT=sqlite_testing
+DB_HOST=localhost
+APP_KEY=base64:tu9NRh/a6+dCXBDGvg0Gv/0TcABnFsbT4AKxrr8mwQo=
+
+
+# --------------------------------------------
+# OPTIONAL: LOGIN THROTTLING
+# (LOGIN_LOCKOUT_DURATIONin minutes)
+# --------------------------------------------
+LOGIN_MAX_ATTEMPTS=1000000
+LOGIN_LOCKOUT_DURATION=100000000
+
+MAIL_DRIVER=log
+MAIL_FROM_ADDR=you@example.com
+MAIL_FROM_NAME=Snipe-IT

.github/ISSUE_TEMPLATE.md

@@ -12,20 +12,27 @@
 
 #### Please confirm you have done the following before posting your bug report:
 
-- [ ] I have enabled debug mode
+- [ ] I have enabled debug mode 
 - [ ] I have read [checked the Common Issues page](https://snipe-it.readme.io/docs/common-issues)
 
 -----
-#### Please provide answers to these questions before posting your bug report:
+#### Provide answers to these questions:
 
+- Is this a fresh install or an upgrade? 
 - Version of Snipe-IT you're running
+- Version of PHP you're running
+- Version of MySQL/MariaDB you're running
 - What OS and web server you're running Snipe-IT on
 - What method you used to install Snipe-IT (install.sh, manual installation, docker, etc)
 - WITH DEBUG TURNED ON, if you're getting an error in your browser, include that error
 - What specific Snipe-IT page you're on, and what specific element you're interacting with to trigger the error
 - If a stacktrace is provided in the error, include that too.
 - Any errors that appear in your browser's error console.
-- Confirm whether the error is [reproduceable on the demo](https://snipeitapp.com/demo).
-- Include any additional information you can find in `app/storage/logs` and your webserver's logs.
+- Confirm whether the error is reproducible on the demo: https://snipeitapp.com/demo.
+- Include any additional information you can find in `storage/logs` and your webserver's logs.
 - Include what you've done so far in the installation, and if you got any error messages along the way.
 - Indicate whether or not you've manually edited any data directly in the database
+
+Please do not post an issue without answering the related questions above. If you have opened a different issue and already answered these questions, answer them again, once for every ticket. It will be next to impossible for us to help you.
+
+https://snipe-it.readme.io/docs/getting-help

.github/ISSUE_TEMPLATE/Bug_report.md

@@ -0,0 +1,61 @@
+---
+name: Bug report
+about: Create a report to help us improve
+
+---
+
+#### Please confirm you have done the following before posting your bug report:
+
+- [ ] I have enabled debug mode 
+- [ ] I have read [checked the Common Issues page](https://snipe-it.readme.io/docs/common-issues)
+
+**Describe the bug**
+A clear and concise description of what the bug is.
+
+**To Reproduce**
+Steps to reproduce the behavior:
+1. Go to '...'
+2. Click on '....'
+3. Scroll down to '....'
+4. See error
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Screenshots**
+If applicable, add screenshots to help explain your problem.
+
+**Server (please complete the following information):**
+ - Snipe-IT Version 
+ - OS: [e.g. Ubuntu, CentOS]
+ - Web Server: [e.g. Apache, IIS]
+ - PHP Version 
+
+**Desktop (please complete the following information):**
+ - OS: [e.g. iOS]
+ - Browser [e.g. chrome, safari]
+ - Version [e.g. 22]
+
+**Smartphone (please complete the following information):**
+ - Device: [e.g. iPhone6]
+ - OS: [e.g. iOS8.1]
+ - Browser [e.g. stock browser, safari]
+ - Version [e.g. 22]
+
+**Error Messages**
+- WITH DEBUG TURNED ON, if you're getting an error in your browser, include that error
+- If a stacktrace is provided in the error, include that too.
+- Any errors that appear in your browser's error console.
+- Confirm whether the error is reproducible on the demo: https://snipeitapp.com/demo.
+- Include any additional information you can find in `storage/logs` and your webserver's logs.
+
+**Additional context**
+- Is this a fresh install or an upgrade? 
+- What OS and web server you're running Snipe-IT on
+- What method you used to install Snipe-IT (install.sh, manual installation, docker, etc)
+- Include what you've done so far in the installation, and if you got any error messages along the way.
+- Indicate whether or not you've manually edited any data directly in the database
+
+Add any other context about the problem here.
+
+Please do not post an issue without answering the related questions above. If you have opened a different issue and already answered these questions, answer them again, once for every ticket. It will be next to impossible for us to help you.

.github/ISSUE_TEMPLATE/Feature_request.md

@@ -0,0 +1,23 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+
+---
+
+**Server (please complete the following information):**
+ - Snipe-IT Version 
+ - OS: [e.g. Ubuntu, CentOS]
+ - Web Server: [e.g. Apache, IIS]
+ - PHP Version 
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.

.github/stale.yml

@@ -0,0 +1,43 @@
+# Number of days of inactivity before an issue becomes stale
+daysUntilStale: 60
+# Number of days of inactivity before a stale issue is closed
+daysUntilClose: 7
+# Issues with these labels will never be considered stale
+exemptLabels:
+  - pinned
+  - security
+  - :woman_technologist: ready for dev
+  - :moneybag: bounty
+  - :hand: bug
+  - "🔐 security"
+  - "👩‍💻 ready for dev"
+  - "💰 bounty"
+  - "✋ bug"
+
+exemptMilestones: true
+
+# Label to use when marking an issue as stale
+staleLabel: stale
+
+only: issues
+
+# Comment to post when removing the stale label.
+unmarkComment: >
+  Okay, it looks like this issue or feature request might still be important. We'll re-open
+  it for now. Thank you for letting us know!
+
+# Comment to post when marking an issue as stale. Set to `false` to disable
+markComment: >
+  Is this still relevant? We haven't heard from anyone in a bit. If so,
+  please comment with any updates or additional detail.
+
+  This issue has been automatically marked as stale because it has not had
+  recent activity. It will be closed if no further activity occurs. Don't
+  take it personally, we just need to keep a handle on things. Thank you
+  for your contributions!
+# Comment to post when closing a stale issue. Set to `false` to disable
+closeComment: >
+  This issue has been automatically closed because it has not had
+  recent activity. If you believe this is still an issue, please confirm that
+  this issue is still happening in the most recent version of Snipe-IT and reply
+  to this thread to re-open it.

.github/travis-memory.ini

@@ -0,0 +1 @@
+memory_limit= 2048M

.gitignore

@@ -27,8 +27,16 @@ public/uploads/logo.png
 public/uploads/logo.svg
 public/uploads/models/*
 public/uploads/suppliers/*
+public/uploads/accessories/*
+public/uploads/locations/*
+public/uploads/manufacturers/*
+public/uploads/components/*
+public/uploads/consumables/*
+public/uploads/companies/*
+public/uploads/categories/*
 public/uploads/users/*
 storage/app/private_uploads/users/*
+public/uploads/departments/*
 storage/debugbar/
 storage/dumps/*
 storage/laravel-backups

.travis.yml

@@ -1,4 +1,7 @@
 addons:
+    code_climate:
+      repo_token:
+        secure: "C/bUAEpwfZB82dkzI2Nxx3PW5w/BzbKkSyCkp6YjT046jD2/QKvz6ngCFlt3tAWV11TXWFI6D8DzkMmdWOrQl3SGlPZXRD8QOvCiz0HiGMDvlxjAaPaQecGaQZdx/H4m6xTUXRNUVaYmxlMgkkFCWhAp+HZDs0iyOEVamp0Jszg="
     hosts:
         - localhost
 sudo: false
@@ -13,9 +16,12 @@ services:
 php:
   - 5.6
   - 7.0
+  - 7.2 
+  - 7.1.4
 
 # execute any number of scripts before the test run, custom env's are available as variables
 before_script:
+  - phpenv config-add .github/travis-memory.ini
   - phantomjs --webdriver=4444  &
   - sleep 4
   - mysql -e 'CREATE DATABASE snipeit_unit;'
@@ -43,11 +49,14 @@ before_script:
 # use the $DB env variable to determine the phpunit.xml to use
 # script: ./vendor/bin/codecept run --env testing-ci
 script:
-  - ./vendor/bin/codecept run unit --env testing-ci
+  - ./vendor/bin/codecept run unit
 #  - ./vendor/bin/codecept run acceptance --env=testing-ci
-  - ./vendor/bin/codecept run functional --env=functional-travis
-#script: ./vendor/bin/codecept run
-  - ./vendor/bin/codecept run api --env=testing-ci
+  - ./vendor/bin/codecept run functional --env=functional-travis -g func1
+  - ./vendor/bin/codecept run functional --env=functional-travis -g func2
+  - ./vendor/bin/codecept run api --env=functional-travis
+
+after_script:
+  - vendor/bin/test-reporter
 
 after_success:
   - codecov

CODE_OF_CONDUCT.md

@@ -55,7 +55,7 @@ further defined and clarified by project maintainers.
 ## Enforcement
 
 Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported by contacting the project team at [INSERT EMAIL ADDRESS]. All
+reported by contacting the project team at abuse@snipeitapp.com. All
 complaints will be reviewed and investigated and will result in a response that
 is deemed necessary and appropriate to the circumstances. The project team is
 obligated to maintain confidentiality with regard to the reporter of an incident.

CONTRIBUTING.md

@@ -1,6 +1,6 @@
 ### Contributing
 
-Please see the documentation on [contributing and developing for Snipe-IT](https://snipe-it.readme.io/docs/contributing).
+Please see the documentation on [contributing and developing for Snipe-IT](https://snipe-it.readme.io/docs/contributing-overview).
 
 
 Please note that this project is released with a [Contributor Code of Conduct](CODE_OF_CONDUCT.md). By participating in this project you agree to abide by its terms.

Dockerfile

@@ -18,6 +18,7 @@ patch \
 curl \
 vim \
 git \
+cron \
 mysql-client \
 && apt-get clean \
 && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
@@ -64,7 +65,10 @@ RUN chown -R docker /var/www/html
 RUN \
 	rm -r "/var/www/html/storage/private_uploads" && ln -fs "/var/lib/snipeit/data/private_uploads" "/var/www/html/storage/private_uploads" \
       && rm -rf "/var/www/html/public/uploads" && ln -fs "/var/lib/snipeit/data/uploads" "/var/www/html/public/uploads" \
-      && rm -r "/var/www/html/storage/app/backups" && ln -fs "/var/lib/snipeit/dumps" "/var/www/html/storage/app/backups"
+      && rm -r "/var/www/html/storage/app/backups" && ln -fs "/var/lib/snipeit/dumps" "/var/www/html/storage/app/backups" \
+      && mkdir "/var/lib/snipeit/keys" && ln -fs "/var/lib/snipeit/keys/oauth-private.key" "/var/www/html/storage/oauth-private.key" \
+      && ln -fs "/var/lib/snipeit/keys/oauth-public.key" "/var/www/html/storage/oauth-public.key" \
+      && chown docker "/var/lib/snipeit/keys/"
 
 ############## DEPENDENCIES via COMPOSER ###################
 

README.md

@@ -1,5 +1,5 @@
-[![Build Status](https://travis-ci.org/snipe/snipe-it.svg?branch=develop)](https://travis-ci.org/snipe/snipe-it) [![Stories in Ready](https://badge.waffle.io/snipe/snipe-it.png?label=ready+for+dev&title=Ready+for+development)](http://waffle.io/snipe/snipe-it) [![Maintenance](https://img.shields.io/maintenance/yes/2017.svg)]() [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.png)](https://crowdin.com/project/snipe-it) [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/snipe/snipe-it?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeyhead.svg?style=social)](https://twitter.com/snipeyhead) [![Zenhub](https://raw.githubusercontent.com/ZenHubIO/support/master/zenhub-badge.png)](https://zenhub.io) [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&utm_medium=referral&utm_content=snipe/snipe-it&utm_campaign=Badge_Grade)
-[![All Contributors](https://img.shields.io/badge/all_contributors-79-orange.svg?style=flat-square)](#contributors)
+[![Build Status](https://travis-ci.org/snipe/snipe-it.svg?branch=master)](https://travis-ci.org/snipe/snipe-it) [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/snipe/snipe-it?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeitapp.svg?style=social)](https://twitter.com/snipeitapp)  [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&utm_medium=referral&utm_content=snipe/snipe-it&utm_campaign=Badge_Grade)
+[![All Contributors](https://img.shields.io/badge/all_contributors-179-orange.svg?style=flat-square)](#contributors) [![Open Source Helpers](https://www.codetriage.com/snipe/snipe-it/badges/users.svg)](https://www.codetriage.com/snipe/snipe-it)
 
 
 ## Snipe-IT - Open Source Asset Management System
@@ -50,6 +50,20 @@ Please see the [translations documentation](https://snipe-it.readme.io/docs/tran
 
 -----
 
+### Libraries, Modules & Related Projects
+
+Since the release of the JSON REST API, several third-party developers have been developing modules and libraries to work with Snipe-IT.  
+
+- [Python Module](https://github.com/jbloomer/SnipeIT-PythonAPI) by [@jbloomer](https://github.com/jbloomer)
+- [SnipeSharp - .NET module in C#](https://github.com/barrycarey/SnipeSharp) by [@barrycarey](https://github.com/barrycarey)
+- [InQRy](https://github.com/Microsoft/InQRy) by [@Microsoft](https://github.com/Microsoft)
+- [SnipeitPS](https://github.com/snazy2000/SnipeitPS) by [@snazy2000](https://github.com/snazy2000) - Powershell API Wrapper for Snipe-it
+- [jamf2snipe](https://github.com/ParadoxGuitarist/jamf2snipe) by [@ParadoxGuitarist](https://github.com/ParadoxGuitarist) - Python script to sync assets between a JAMFPro instance and a Snipe-II instance
+
+As these were created by third-parties, Snipe-IT cannot provide support for these project, and you should contact the developers directly if you need assistance. Additionally, Snipe-IT makes no guarantees as to the reliability, accuracy or maintainability of these libraries. Use at your own risk. :) 
+
+-----
+
 ### Contributors
 
 Thanks goes to all of these wonderful people ([emoji key](https://github.com/kentcdodds/all-contributors#emoji-key)) who have helped Snipe-IT get this far:
@@ -67,7 +81,21 @@ Thanks goes to all of these wonderful people ([emoji key](https://github.com/ken
 | [<img src="https://avatars0.githubusercontent.com/u/8341172?v=3" width="110px;"/><br /><sub>Jay Richards</sub>](http://www.cordeos.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=technogenus "Code") | [<img src="https://avatars2.githubusercontent.com/u/7295127?v=3" width="110px;"/><br /><sub>Alexander Innes</sub>](https://necurity.co.uk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=leostat "Code") | [<img src="https://avatars2.githubusercontent.com/u/334485?v=3" width="110px;"/><br /><sub>Danny Garcia</sub>](https://buzzedword.codes)<br />[💻](https://github.com/snipe/snipe-it/commits?author=buzzedword "Code") | [<img src="https://avatars2.githubusercontent.com/u/366855?v=3" width="110px;"/><br /><sub>archpoint</sub>](https://github.com/archpoint)<br />[💻](https://github.com/snipe/snipe-it/commits?author=archpoint "Code") | [<img src="https://avatars1.githubusercontent.com/u/67991?v=3" width="110px;"/><br /><sub>Jake McGraw</sub>](http://www.jakemcgraw.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jakemcgraw "Code") | [<img src="https://avatars1.githubusercontent.com/u/1714374?v=3" width="110px;"/><br /><sub>FleischKarussel</sub>](https://github.com/FleischKarussel)<br />[📖](https://github.com/snipe/snipe-it/commits?author=FleischKarussel "Documentation") | [<img src="https://avatars3.githubusercontent.com/u/319644?v=3" width="110px;"/><br /><sub>Dylan Yi</sub>](https://github.com/feeva)<br />[💻](https://github.com/snipe/snipe-it/commits?author=feeva "Code") |
 | [<img src="https://avatars2.githubusercontent.com/u/857740?v=3" width="110px;"/><br /><sub>Gil Rutkowski</sub>](http://FlashingCursor.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=flashingcursor "Code") | [<img src="https://avatars3.githubusercontent.com/u/129360?v=3" width="110px;"/><br /><sub>Desmond Morris</sub>](http://www.desmondmorris.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=desmondmorris "Code") | [<img src="https://avatars2.githubusercontent.com/u/52936?v=3" width="110px;"/><br /><sub>Nick Peelman</sub>](http://peelman.us)<br />[💻](https://github.com/snipe/snipe-it/commits?author=peelman "Code") | [<img src="https://avatars0.githubusercontent.com/u/53161?v=3" width="110px;"/><br /><sub>Abraham Vegh</sub>](https://abrahamvegh.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=abrahamvegh "Code") | [<img src="https://avatars0.githubusercontent.com/u/2818680?v=3" width="110px;"/><br /><sub>Mohamed Rashid</sub>](https://github.com/rashivkp)<br />[📖](https://github.com/snipe/snipe-it/commits?author=rashivkp "Documentation") | [<img src="https://avatars3.githubusercontent.com/u/1509456?v=3" width="110px;"/><br /><sub>Kasey</sub>](http://hinchk.github.io)<br />[💻](https://github.com/snipe/snipe-it/commits?author=HinchK "Code") | [<img src="https://avatars2.githubusercontent.com/u/10522541?v=3" width="110px;"/><br /><sub>Brett</sub>](https://github.com/BrettFagerlund)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=BrettFagerlund "Tests") |
 | [<img src="https://avatars2.githubusercontent.com/u/16108587?v=3" width="110px;"/><br /><sub>Jason Spriggs</sub>](http://jasonspriggs.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jasonspriggs "Code") | [<img src="https://avatars2.githubusercontent.com/u/1134568?v=3" width="110px;"/><br /><sub>Nate Felton</sub>](http://n8felton.wordpress.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=n8felton "Code") | [<img src="https://avatars2.githubusercontent.com/u/14036694?v=3" width="110px;"/><br /><sub>Manasses Ferreira</sub>](http://homepages.dcc.ufmg.br/~manassesferreira)<br />[💻](https://github.com/snipe/snipe-it/commits?author=manassesferreira "Code") | [<img src="https://avatars0.githubusercontent.com/u/15913949?v=3" width="110px;"/><br /><sub>Steve</sub>](https://github.com/steveelwood)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=steveelwood "Tests") | [<img src="https://avatars1.githubusercontent.com/u/3361683?v=3" width="110px;"/><br /><sub>matc</sub>](http://twitter.com/matc)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=matc "Tests") | [<img src="https://avatars3.githubusercontent.com/u/7405702?v=3" width="110px;"/><br /><sub>Cole R. Davis</sub>](http://www.davisracingteam.com)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=VanillaNinjaD "Tests") | [<img src="https://avatars2.githubusercontent.com/u/10167681?v=3" width="110px;"/><br /><sub>gibsonjoshua55</sub>](https://github.com/gibsonjoshua55)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gibsonjoshua55 "Code") |
-| [<img src="https://avatars2.githubusercontent.com/u/2809241?v=4" width="110px;"/><br /><sub>Robin Temme</sub>](https://github.com/zwerch)<br />[💻](https://github.com/snipe/snipe-it/commits?author=zwerch "Code") | [<img src="https://avatars0.githubusercontent.com/u/6961695?v=4" width="110px;"/><br /><sub>Iman</sub>](https://github.com/imanghafoori1)<br />[💻](https://github.com/snipe/snipe-it/commits?author=imanghafoori1 "Code") |
+| [<img src="https://avatars2.githubusercontent.com/u/2809241?v=4" width="110px;"/><br /><sub>Robin Temme</sub>](https://github.com/zwerch)<br />[💻](https://github.com/snipe/snipe-it/commits?author=zwerch "Code") | [<img src="https://avatars0.githubusercontent.com/u/6961695?v=4" width="110px;"/><br /><sub>Iman</sub>](https://github.com/imanghafoori1)<br />[💻](https://github.com/snipe/snipe-it/commits?author=imanghafoori1 "Code") | [<img src="https://avatars1.githubusercontent.com/u/6551003?v=4" width="110px;"/><br /><sub>Richard Hofman</sub>](https://github.com/richardhofman6)<br />[💻](https://github.com/snipe/snipe-it/commits?author=richardhofman6 "Code") | [<img src="https://avatars0.githubusercontent.com/u/3697569?v=4" width="110px;"/><br /><sub>gizzmojr</sub>](https://github.com/gizzmojr)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gizzmojr "Code") | [<img src="https://avatars3.githubusercontent.com/u/404729?v=4" width="110px;"/><br /><sub>Jenny Li</sub>](https://github.com/imjennyli)<br />[📖](https://github.com/snipe/snipe-it/commits?author=imjennyli "Documentation") | [<img src="https://avatars0.githubusercontent.com/u/869227?v=4" width="110px;"/><br /><sub>Geoff Young</sub>](https://github.com/GeoffYoung)<br />[💻](https://github.com/snipe/snipe-it/commits?author=GeoffYoung "Code") | [<img src="https://avatars3.githubusercontent.com/u/1068477?v=4" width="110px;"/><br /><sub>Elliot Blackburn</sub>](http://www.elliotblackburn.com)<br />[📖](https://github.com/snipe/snipe-it/commits?author=BlueHatbRit "Documentation") |
+| [<img src="https://avatars1.githubusercontent.com/u/6357451?v=4" width="110px;"/><br /><sub>Tõnis Ormisson</sub>](http://andmemasin.eu)<br />[💻](https://github.com/snipe/snipe-it/commits?author=TonisOrmisson "Code") | [<img src="https://avatars0.githubusercontent.com/u/449411?v=4" width="110px;"/><br /><sub>Nicolai Essig</sub>](http://www.nicolai-essig.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=thakilla "Code") | [<img src="https://avatars1.githubusercontent.com/u/14809698?v=4" width="110px;"/><br /><sub>Danielle</sub>](https://github.com/techincolor)<br />[📖](https://github.com/snipe/snipe-it/commits?author=techincolor "Documentation") | [<img src="https://avatars1.githubusercontent.com/u/18545156?v=4" width="110px;"/><br /><sub>Lawrence</sub>](https://github.com/TheVakman)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=TheVakman "Tests") [🐛](https://github.com/snipe/snipe-it/issues?q=author%3ATheVakman "Bug reports") | [<img src="https://avatars1.githubusercontent.com/u/22473767?v=4" width="110px;"/><br /><sub>uknzaeinozpas</sub>](https://github.com/uknzaeinozpas)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=uknzaeinozpas "Tests") [💻](https://github.com/snipe/snipe-it/commits?author=uknzaeinozpas "Code") | [<img src="https://avatars3.githubusercontent.com/u/422752?v=4" width="110px;"/><br /><sub>Ryan</sub>](https://github.com/Gelob)<br />[📖](https://github.com/snipe/snipe-it/commits?author=Gelob "Documentation") | [<img src="https://avatars1.githubusercontent.com/u/10672546?v=4" width="110px;"/><br /><sub>vcordes79</sub>](https://github.com/vcordes79)<br />[💻](https://github.com/snipe/snipe-it/commits?author=vcordes79 "Code") |
+| [<img src="https://avatars3.githubusercontent.com/u/27958330?v=4" width="110px;"/><br /><sub>fordster78</sub>](https://github.com/fordster78)<br />[💻](https://github.com/snipe/snipe-it/commits?author=fordster78 "Code") | [<img src="https://avatars0.githubusercontent.com/u/34064225?v=4" width="110px;"/><br /><sub>CronKz</sub>](https://github.com/CronKz)<br />[💻](https://github.com/snipe/snipe-it/commits?author=CronKz "Code") [🌍](#translation-CronKz "Translation") | [<img src="https://avatars1.githubusercontent.com/u/585486?v=4" width="110px;"/><br /><sub>Tim Bishop</sub>](https://github.com/tdb)<br />[💻](https://github.com/snipe/snipe-it/commits?author=tdb "Code") | [<img src="https://avatars2.githubusercontent.com/u/5384694?v=4" width="110px;"/><br /><sub>Sean McIlvenna</sub>](https://www.seanmcilvenna.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=seanmcilvenna "Code") | [<img src="https://avatars3.githubusercontent.com/u/36515590?v=4" width="110px;"/><br /><sub>cepacs</sub>](https://github.com/cepacs)<br />[🐛](https://github.com/snipe/snipe-it/issues?q=author%3Acepacs "Bug reports") [📖](https://github.com/snipe/snipe-it/commits?author=cepacs "Documentation") | [<img src="https://avatars2.githubusercontent.com/u/37537300?v=4" width="110px;"/><br /><sub>lea-mink</sub>](https://github.com/lea-mink)<br />[💻](https://github.com/snipe/snipe-it/commits?author=lea-mink "Code") | [<img src="https://avatars0.githubusercontent.com/u/7140719?v=4" width="110px;"/><br /><sub>Hannah Tinkler</sub>](https://github.com/hannahtinkler)<br />[💻](https://github.com/snipe/snipe-it/commits?author=hannahtinkler "Code") |
+| [<img src="https://avatars1.githubusercontent.com/u/1086388?v=4" width="110px;"/><br /><sub>Doeke Zanstra</sub>](https://github.com/doekman)<br />[💻](https://github.com/snipe/snipe-it/commits?author=doekman "Code") | [<img src="https://avatars1.githubusercontent.com/u/4325936?v=4" width="110px;"/><br /><sub>Djamon Staal</sub>](https://www.sdhd.nl/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=SjamonDaal "Code") | [<img src="https://avatars3.githubusercontent.com/u/12306859?v=4" width="110px;"/><br /><sub>Earl Ramirez</sub>](https://github.com/EarlRamirez)<br />[💻](https://github.com/snipe/snipe-it/commits?author=EarlRamirez "Code") | [<img src="https://avatars2.githubusercontent.com/u/8671456?v=4" width="110px;"/><br /><sub>Richard Ray Thomas</sub>](https://github.com/RichardRay)<br />[💻](https://github.com/snipe/snipe-it/commits?author=RichardRay "Code") | [<img src="https://avatars3.githubusercontent.com/u/1852688?v=4" width="110px;"/><br /><sub>Ryan Kuba</sub>](https://www.taisun.io/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=thelamer "Code") | [<img src="https://avatars1.githubusercontent.com/u/6751928?v=4" width="110px;"/><br /><sub>Brian Monroe</sub>](https://github.com/ParadoxGuitarist)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ParadoxGuitarist "Code") | [<img src="https://avatars1.githubusercontent.com/u/605167?v=4" width="110px;"/><br /><sub>plexorama</sub>](https://github.com/plexorama)<br />[💻](https://github.com/snipe/snipe-it/commits?author=plexorama "Code") |
+| [<img src="https://avatars2.githubusercontent.com/u/1795149?v=4" width="110px;"/><br /><sub>Till Deeke</sub>](https://tilldeeke.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=tilldeeke "Code") | [<img src="https://avatars0.githubusercontent.com/u/12634129?v=4" width="110px;"/><br /><sub>5quirrel</sub>](https://github.com/5quirrel)<br />[💻](https://github.com/snipe/snipe-it/commits?author=5quirrel "Code") | [<img src="https://avatars1.githubusercontent.com/u/13071957?v=4" width="110px;"/><br /><sub>Jason</sub>](https://github.com/jasonlshelton)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jasonlshelton "Code") | [<img src="https://avatars3.githubusercontent.com/u/7128321?v=4" width="110px;"/><br /><sub>Antti</sub>](https://github.com/chemfy)<br />[💻](https://github.com/snipe/snipe-it/commits?author=chemfy "Code") | [<img src="https://avatars3.githubusercontent.com/u/10080364?v=4" width="110px;"/><br /><sub>DeusMaximus</sub>](https://github.com/DeusMaximus)<br />[💻](https://github.com/snipe/snipe-it/commits?author=DeusMaximus "Code") | [<img src="https://avatars2.githubusercontent.com/u/16384611?v=4" width="110px;"/><br /><sub>a-royal</sub>](https://github.com/A-ROYAL)<br />[🌍](#translation-A-ROYAL "Translation") | [<img src="https://avatars0.githubusercontent.com/u/5358208?v=4" width="110px;"/><br /><sub>Alberto Aldrigo</sub>](https://github.com/albertoaldrigo)<br />[🌍](#translation-albertoaldrigo "Translation") |
+| [<img src="https://avatars0.githubusercontent.com/u/1412342?v=4" width="110px;"/><br /><sub>Alex Stanev</sub>](http://alex.stanev.org/blog)<br />[🌍](#translation-RealEnder "Translation") | [<img src="https://avatars0.githubusercontent.com/u/177295?v=4" width="110px;"/><br /><sub>Andreas Rehm</sub>](http://devel.itsolution2.de)<br />[🌍](#translation-sirrus "Translation") | [<img src="https://avatars0.githubusercontent.com/u/5080535?v=4" width="110px;"/><br /><sub>Andreas Erhard</sub>](https://github.com/xelan)<br />[🌍](#translation-xelan "Translation") | [<img src="https://avatars2.githubusercontent.com/u/142350?v=4" width="110px;"/><br /><sub>Andrés Vanegas Jiménez</sub>](https://github.com/angeldeejay)<br />[🌍](#translation-angeldeejay "Translation") | [<img src="https://avatars0.githubusercontent.com/u/3910403?v=4" width="110px;"/><br /><sub>Antonio Schiavon</sub>](https://github.com/aschiavon91)<br />[🌍](#translation-aschiavon91 "Translation") | [<img src="https://avatars0.githubusercontent.com/u/10464547?v=4" width="110px;"/><br /><sub>benunter</sub>](https://github.com/benunter)<br />[🌍](#translation-benunter "Translation") | [<img src="https://avatars1.githubusercontent.com/u/5038647?v=4" width="110px;"/><br /><sub>Borys Żmuda</sub>](http://catweb24.pl)<br />[🌍](#translation-rudashi "Translation") |
+| [<img src="https://avatars0.githubusercontent.com/u/5539359?v=4" width="110px;"/><br /><sub>chibacityblues</sub>](https://github.com/chibacityblues)<br />[🌍](#translation-chibacityblues "Translation") | [<img src="https://avatars1.githubusercontent.com/u/1954830?v=4" width="110px;"/><br /><sub>Chien Wei Lin</sub>](https://github.com/cwlin0416)<br />[🌍](#translation-cwlin0416 "Translation") | [<img src="https://avatars3.githubusercontent.com/u/11700533?v=4" width="110px;"/><br /><sub>Christian Schuster</sub>](https://github.com/Againstreality)<br />[🌍](#translation-Againstreality "Translation") | [<img src="https://avatars1.githubusercontent.com/u/4308704?v=4" width="110px;"/><br /><sub>Christian Stefanus</sub>](http://chriss.webhostid.com)<br />[🌍](#translation-kopi-item "Translation") | [<img src="https://avatars3.githubusercontent.com/u/3009327?v=4" width="110px;"/><br /><sub>wxcafé</sub>](http://wxcafe.net)<br />[🌍](#translation-wxcafe "Translation") | [<img src="https://avatars3.githubusercontent.com/u/35761525?v=4" width="110px;"/><br /><sub>dpyroc</sub>](https://github.com/dpyroc)<br />[🌍](#translation-dpyroc "Translation") | [<img src="https://avatars1.githubusercontent.com/u/2153639?v=4" width="110px;"/><br /><sub>Daniel Friedlmaier</sub>](http://www.friedlmaier.net)<br />[🌍](#translation-da-friedl "Translation") |
+| [<img src="https://avatars1.githubusercontent.com/u/2947640?v=4" width="110px;"/><br /><sub>Daniel Heene</sub>](https://github.com/danielheene)<br />[🌍](#translation-danielheene "Translation") | [<img src="https://avatars3.githubusercontent.com/u/319022?v=4" width="110px;"/><br /><sub>danielcb</sub>](https://github.com/danielcb)<br />[🌍](#translation-danielcb "Translation") | [<img src="https://avatars3.githubusercontent.com/u/15846537?v=4" width="110px;"/><br /><sub>Dominik Senti</sub>](https://github.com/dominiksenti)<br />[🌍](#translation-dominiksenti "Translation") | [<img src="https://avatars0.githubusercontent.com/u/25570954?v=4" width="110px;"/><br /><sub>Eric Gautheron</sub>](http://www.konectik.com)<br />[🌍](#translation-EpixFr "Translation") | [<img src="https://avatars1.githubusercontent.com/u/5732623?v=4" width="110px;"/><br /><sub>Erlend Pilø</sub>](https://erlpil.com)<br />[🌍](#translation-Erlpil "Translation") | [<img src="https://avatars0.githubusercontent.com/u/541832?v=4" width="110px;"/><br /><sub>Fabio Rapposelli</sub>](http://fabio.technology)<br />[🌍](#translation-frapposelli "Translation") | [<img src="https://avatars2.githubusercontent.com/u/3605240?v=4" width="110px;"/><br /><sub>Felipe Barros</sub>](https://github.com/fgbs)<br />[🌍](#translation-fgbs "Translation") |
+| [<img src="https://avatars0.githubusercontent.com/u/257745?v=4" width="110px;"/><br /><sub>Fernando Possebon</sub>](https://github.com/possebon)<br />[🌍](#translation-possebon "Translation") | [<img src="https://avatars3.githubusercontent.com/u/2540832?v=4" width="110px;"/><br /><sub>gdraque</sub>](https://github.com/gdraque)<br />[🌍](#translation-gdraque "Translation") | [<img src="https://avatars0.githubusercontent.com/u/23440381?v=4" width="110px;"/><br /><sub>Georg Wallisch</sub>](https://github.com/georgwallisch)<br />[🌍](#translation-georgwallisch "Translation") | [<img src="https://avatars1.githubusercontent.com/u/9852832?v=4" width="110px;"/><br /><sub>Gerardo Robles</sub>](https://github.com/jgroblesr85)<br />[🌍](#translation-jgroblesr85 "Translation") | [<img src="https://avatars2.githubusercontent.com/u/11082640?v=4" width="110px;"/><br /><sub>Gluek</sub>](https://t.me/Gluek)<br />[🌍](#translation-mrgluek "Translation") | [<img src="https://avatars0.githubusercontent.com/u/6847946?v=4" width="110px;"/><br /><sub>AdnanAbuShahad</sub>](https://github.com/AdnanAbuShahad)<br />[🌍](#translation-AdnanAbuShahad "Translation") | [<img src="https://avatars1.githubusercontent.com/u/3580608?v=4" width="110px;"/><br /><sub>Hafidzi My</sub>](https://hafidzi.my)<br />[🌍](#translation-hafidzi "Translation") |
+| [<img src="https://avatars2.githubusercontent.com/u/205521?v=4" width="110px;"/><br /><sub>Harim Park</sub>](https://github.com/fofwisdom)<br />[🌍](#translation-fofwisdom "Translation") | [<img src="https://avatars2.githubusercontent.com/u/3333841?v=4" width="110px;"/><br /><sub>Henrik Kentsson</sub>](http://www.kentsson.se)<br />[🌍](#translation-Kentsson "Translation") | [<img src="https://avatars0.githubusercontent.com/u/36551034?v=4" width="110px;"/><br /><sub>Husnul Yaqien</sub>](https://github.com/husnulyaqien)<br />[🌍](#translation-husnulyaqien "Translation") | [<img src="https://avatars1.githubusercontent.com/u/2372747?v=4" width="110px;"/><br /><sub>Ibrahim</sub>](http://abaalkhail.org)<br />[🌍](#translation-abaalkh "Translation") | [<img src="https://avatars0.githubusercontent.com/u/1389334?v=4" width="110px;"/><br /><sub>igolman</sub>](https://github.com/igolman)<br />[🌍](#translation-igolman "Translation") | [<img src="https://avatars1.githubusercontent.com/u/3257070?v=4" width="110px;"/><br /><sub>itangiang</sub>](https://github.com/itangiang)<br />[🌍](#translation-itangiang "Translation") | [<img src="https://avatars2.githubusercontent.com/u/14814254?v=4" width="110px;"/><br /><sub>jarby1211</sub>](https://github.com/jarby1211)<br />[🌍](#translation-jarby1211 "Translation") |
+| [<img src="https://avatars3.githubusercontent.com/u/6719357?v=4" width="110px;"/><br /><sub>Jhonn Willker</sub>](http://jwillker.com)<br />[🌍](#translation-JohnWillker "Translation") | [<img src="https://avatars2.githubusercontent.com/u/10983635?v=4" width="110px;"/><br /><sub>Jose</sub>](https://github.com/joxelito94)<br />[🌍](#translation-joxelito94 "Translation") | [<img src="https://avatars0.githubusercontent.com/u/5206122?v=4" width="110px;"/><br /><sub>laopangzi</sub>](https://github.com/laopangzi)<br />[🌍](#translation-laopangzi "Translation") | [<img src="https://avatars2.githubusercontent.com/u/79707?v=4" width="110px;"/><br /><sub>Lars Strojny</sub>](http://usrportage.de)<br />[🌍](#translation-lstrojny "Translation") | [<img src="https://avatars0.githubusercontent.com/u/389801?v=4" width="110px;"/><br /><sub>MarcosBL</sub>](http://twitter.com/marcosbl)<br />[🌍](#translation-MarcosBL "Translation") | [<img src="https://avatars3.githubusercontent.com/u/35664606?v=4" width="110px;"/><br /><sub>marie joy cajes</sub>](https://github.com/mariejoyacajes)<br />[🌍](#translation-mariejoyacajes "Translation") | [<img src="https://avatars2.githubusercontent.com/u/3052816?v=4" width="110px;"/><br /><sub>Mark S. Johansen</sub>](http://www.markjohansen.dk)<br />[🌍](#translation-msjohansen "Translation") |
+| [<img src="https://avatars2.githubusercontent.com/u/982885?v=4" width="110px;"/><br /><sub>Martin Stub</sub>](http://martinstub.dk)<br />[🌍](#translation-stubben "Translation") | [<img src="https://avatars2.githubusercontent.com/u/28959963?v=4" width="110px;"/><br /><sub>Meyer Flavio</sub>](https://github.com/meyerf99)<br />[🌍](#translation-meyerf99 "Translation") | [<img src="https://avatars3.githubusercontent.com/u/796443?v=4" width="110px;"/><br /><sub>Micael Rodrigues</sub>](https://github.com/MicaelRodrigues)<br />[🌍](#translation-MicaelRodrigues "Translation") | [<img src="https://avatars0.githubusercontent.com/u/10481331?v=4" width="110px;"/><br /><sub>Mikael Rasmussen</sub>](http://rubixy.com/)<br />[🌍](#translation-mikaelssen "Translation") | [<img src="https://avatars1.githubusercontent.com/u/1544552?v=4" width="110px;"/><br /><sub>IxFail</sub>](https://github.com/IxFail)<br />[🌍](#translation-IxFail "Translation") | [<img src="https://avatars3.githubusercontent.com/u/18483118?v=4" width="110px;"/><br /><sub>Mohammed Fota</sub>](http://www.mohammedfota.com)<br />[🌍](#translation-MohammedFota "Translation") | [<img src="https://avatars0.githubusercontent.com/u/227080?v=4" width="110px;"/><br /><sub>Moayad Alserihi</sub>](https://github.com/omego)<br />[🌍](#translation-omego "Translation") |
+| [<img src="https://avatars0.githubusercontent.com/u/1680266?v=4" width="110px;"/><br /><sub>saymd</sub>](https://github.com/saymd)<br />[🌍](#translation-saymd "Translation") | [<img src="https://avatars0.githubusercontent.com/u/1826808?v=4" width="110px;"/><br /><sub>Patrik Larsson</sub>](https://nordsken.se)<br />[🌍](#translation-pooot "Translation") | [<img src="https://avatars1.githubusercontent.com/u/20584746?v=4" width="110px;"/><br /><sub>drcryo</sub>](https://github.com/drcryo)<br />[🌍](#translation-drcryo "Translation") | [<img src="https://avatars1.githubusercontent.com/u/19408004?v=4" width="110px;"/><br /><sub>pawel1615</sub>](https://github.com/pawel1615)<br />[🌍](#translation-pawel1615 "Translation") | [<img src="https://avatars2.githubusercontent.com/u/23340468?v=4" width="110px;"/><br /><sub>bodrovics</sub>](https://github.com/bodrovics)<br />[🌍](#translation-bodrovics "Translation") | [<img src="https://avatars0.githubusercontent.com/u/3257654?v=4" width="110px;"/><br /><sub>priatna</sub>](https://github.com/priatna)<br />[🌍](#translation-priatna "Translation") | [<img src="https://avatars1.githubusercontent.com/u/5358374?v=4" width="110px;"/><br /><sub>Fan Jiang</sub>](https://amayume.net)<br />[🌍](#translation-ProfFan "Translation") |
+| [<img src="https://avatars1.githubusercontent.com/u/22555451?v=4" width="110px;"/><br /><sub>ragnarcx</sub>](https://github.com/ragnarcx)<br />[🌍](#translation-ragnarcx "Translation") | [<img src="https://avatars2.githubusercontent.com/u/18654582?v=4" width="110px;"/><br /><sub>Rein van Haaren</sub>](http://www.reinvanhaaren.nl/)<br />[🌍](#translation-reinvanhaaren "Translation") | [<img src="https://avatars1.githubusercontent.com/u/386672?v=4" width="110px;"/><br /><sub>Teguh Dwicaksana</sub>](http://dheche.songolimo.net)<br />[🌍](#translation-dheche "Translation") | [<img src="https://avatars2.githubusercontent.com/u/2572552?v=4" width="110px;"/><br /><sub>fraccie</sub>](https://github.com/FRaccie)<br />[🌍](#translation-FRaccie "Translation") | [<img src="https://avatars0.githubusercontent.com/u/35182720?v=4" width="110px;"/><br /><sub>vinzruzell</sub>](https://github.com/vinzruzell)<br />[🌍](#translation-vinzruzell "Translation") | [<img src="https://avatars1.githubusercontent.com/u/7883603?v=4" width="110px;"/><br /><sub>Kevin Austin</sub>](http://kevinaustin.com)<br />[🌍](#translation-vipsystem "Translation") | [<img src="https://avatars3.githubusercontent.com/u/3861828?v=4" width="110px;"/><br /><sub>Wira Sandy</sub>](http://azuraweb.xyz)<br />[🌍](#translation-wira-sandy "Translation") |
+| [<img src="https://avatars2.githubusercontent.com/u/8663789?v=4" width="110px;"/><br /><sub>Илья</sub>](https://github.com/GrayHoax)<br />[🌍](#translation-GrayHoax "Translation") | [<img src="https://avatars3.githubusercontent.com/u/30119111?v=4" width="110px;"/><br /><sub>GodUseVPN</sub>](https://github.com/godusevpn)<br />[🌍](#translation-godusevpn "Translation") | [<img src="https://avatars1.githubusercontent.com/u/745576?v=4" width="110px;"/><br /><sub>周周</sub>](https://github.com/EngrZhou)<br />[🌍](#translation-EngrZhou "Translation") | [<img src="https://avatars3.githubusercontent.com/u/1631095?v=4" width="110px;"/><br /><sub>Sam</sub>](https://github.com/takuy)<br />[💻](https://github.com/snipe/snipe-it/commits?author=takuy "Code") |
 <!-- ALL-CONTRIBUTORS-LIST:END -->
 
 This project follows the [all-contributors](https://github.com/kentcdodds/all-contributors) specification. Contributions of any kind welcome!
@@ -76,7 +104,7 @@ This project follows the [all-contributors](https://github.com/kentcdodds/all-co
 
 ### Contributing
 
-Please see the documentation on [contributing and developing for Snipe-IT](https://snipe-it.readme.io/docs/contributing).
+Please see the documentation on [contributing and developing for Snipe-IT](https://snipe-it.readme.io/docs/contributing-overview).
 
 
 Please note that this project is released with a [Contributor Code of Conduct](CODE_OF_CONDUCT.md). By participating in this project you agree to abide by its terms.

Vagrantfile

@@ -0,0 +1,84 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+SNIPEIT_SH_URL= "https://raw.githubusercontent.com/snipe/snipe-it/master/snipeit.sh"
+NETWORK_BRIDGE= "en0: Wi-Fi (AirPort)"
+
+Vagrant.configure("2") do |config|
+  config.vm.define "bionic" do |bionic|
+    bionic.vm.box = "ubuntu/bionic64"
+    bionic.vm.hostname = 'bionic'
+    bionic.vm.network "public_network", bridge: NETWORK_BRIDGE
+    bionic.vm.provision :shell, :inline => "wget #{SNIPEIT_SH_URL}"
+    bionic.vm.provision :shell, :inline => "chmod 755 snipeit.sh"
+  end
+
+  config.vm.define "xenial" do |xenial|
+    xenial.vm.box = "ubuntu/xenial64"
+    xenial.vm.hostname = 'xenial'
+    xenial.vm.network "public_network", bridge: NETWORK_BRIDGE
+    xenial.vm.provision :shell, :inline => "wget #{SNIPEIT_SH_URL}"
+    xenial.vm.provision :shell, :inline => "chmod 755 snipeit.sh"
+  end
+
+  config.vm.define "trusty" do |trusty|
+    trusty.vm.box = "ubuntu/trusty32"
+    trusty.vm.hostname = 'trusty'
+    trusty.vm.network "public_network", bridge: NETWORK_BRIDGE
+    trusty.vm.provision :shell, :inline => "wget #{SNIPEIT_SH_URL}"
+    trusty.vm.provision :shell, :inline => "chmod 755 snipeit.sh"
+  end
+
+  config.vm.define "centos7" do |centos7|
+    centos7.vm.box = "centos/7"
+    centos7.vm.hostname = 'centos7'
+    centos7.vm.network "public_network", bridge: NETWORK_BRIDGE
+    centos7.vm.provision :shell, :inline => "sudo yum -y update"
+    centos7.vm.provision :shell, :inline => "yum install -y wget"
+    centos7.vm.provision :shell, :inline => "wget #{SNIPEIT_SH_URL}"
+    centos7.vm.provision :shell, :inline => "chmod 755 snipeit.sh"
+  end
+
+  config.vm.define "centos6" do |centos6|
+    centos6.vm.box = "centos/6"
+    centos6.vm.hostname = 'centos6'
+    centos6.vm.network "public_network", bridge: NETWORK_BRIDGE
+    centos6.vm.provision :shell, :inline => "sudo yum -y update"
+    centos6.vm.provision :shell, :inline => "wget #{SNIPEIT_SH_URL}"
+    centos6.vm.provision :shell, :inline => "chmod 755 snipeit.sh"
+  end
+
+  config.vm.define "jessie" do |jessie|
+    jessie.vm.box = "debian/jessie64"
+    jessie.vm.hostname = 'debian8'
+    jessie.vm.network "public_network", bridge: NETWORK_BRIDGE
+    jessie.vm.provision :shell, :inline => "wget #{SNIPEIT_SH_URL}"
+    jessie.vm.provision :shell, :inline => "chmod 755 snipeit.sh"
+  end
+
+  config.vm.define "stretch" do |stretch|
+    stretch.vm.box = "debian/stretch64"
+    stretch.vm.hostname = 'debian9'
+    stretch.vm.network "public_network", bridge: NETWORK_BRIDGE
+    stretch.vm.provision :shell, :inline => "wget #{SNIPEIT_SH_URL}"
+    stretch.vm.provision :shell, :inline => "chmod 755 snipeit.sh"
+  end
+
+  config.vm.define "fedora27" do |fedora27|
+    fedora27.vm.box = "fedora/27-cloud-base"
+    fedora27.vm.hostname = 'fedora27'
+    fedora27.vm.network "public_network", bridge: NETWORK_BRIDGE
+    fedora27.vm.provision :shell, :inline => "dnf -y install wget"
+    fedora27.vm.provision :shell, :inline => "wget #{SNIPEIT_SH_URL}"
+    fedora27.vm.provision :shell, :inline => "chmod 755 snipeit.sh"
+  end
+
+    config.vm.define "fedora26" do |fedora26|
+    fedora26.vm.box = "fedora/26-cloud-base"
+    fedora26.vm.hostname = 'fedora26'
+    fedora26.vm.network "public_network", bridge: NETWORK_BRIDGE
+    fedora26.vm.provision :shell, :inline => "dnf -y install wget"
+    fedora26.vm.provision :shell, :inline => "wget #{SNIPEIT_SH_URL}"
+    fedora26.vm.provision :shell, :inline => "chmod 755 snipeit.sh"
+  end
+end

app/Console/Commands/LdapSync.php

@@ -16,7 +16,7 @@ class LdapSync extends Command
      *
      * @var string
      */
-    protected $signature = 'snipeit:ldap-sync {--location=} {--location_id=} {--summary}';
+    protected $signature = 'snipeit:ldap-sync {--location=} {--location_id=} {--base_dn=} {--summary} {--json_summary}';
 
     /**
      * The console command description.
@@ -55,31 +55,37 @@ class LdapSync extends Command
 
         try {
             $ldapconn = Ldap::connectToLdap();
-        } catch (\Exception $e) {
-            LOG::error($e);
-        }
-
-        try {
             Ldap::bindAdminToLdap($ldapconn);
         } catch (\Exception $e) {
+            if ($this->option('json_summary')) {
+                $json_summary = [ "error" => true, "error_message" => $e->getMessage(), "summary" => [] ];
+                $this->info(json_encode($json_summary));
+            }
             LOG::error($e);
+            return [];
         }
 
         $summary = array();
 
-        $results = Ldap::findLdapUsers();
-
-        $ldap_ou_locations = Location::whereNotNull('ldap_ou')->get();
-
-        if (sizeof($ldap_ou_locations) > 0) {
-            LOG::debug('Some locations have special OUs set. Locations will be automatically set for users in those OUs.');
+        try {    
+            if ($this->option('base_dn') != '') {
+                $search_base = $this->option('base_dn');
+                LOG::debug('Importing users from specified base DN: \"'.$search_base.'\".');                
+            } else {
+                $search_base = null;
+            }
+            $results = Ldap::findLdapUsers($search_base);
+        } catch (\Exception $e) {
+            if ($this->option('json_summary')) {
+                $json_summary = [ "error" => true, "error_message" => $e->getMessage(), "summary" => [] ];
+                $this->info(json_encode($json_summary));
+            }
+            LOG::error($e);
+            return [];
         }
 
-        $results = Ldap::findLdapUsers();
-        for ($i = 0; $i < $results["count"]; $i++) {
-            $results[$i]["ldap_location_override"] = false;
-            $results[$i]["location_id"] = 0;
-        }
+        /* Determine which location to assign users to by default. */
+        $location = NULL;
 
         if ($this->option('location')!='') {
             $location = Location::where('name', '=', $this->option('location'))->first();
@@ -89,40 +95,61 @@ class LdapSync extends Command
             $location = Location::where('id', '=', $this->option('location_id'))->first();
             LOG::debug('Location ID '.$this->option('location_id').' passed');
             LOG::debug('Importing to '.$location->name.' ('.$location->id.')');
-        } else {
-	    $location = NULL;
-	}
+        }
 
         if (!isset($location)) {
             LOG::debug('That location is invalid or a location was not provided, so no location will be assigned by default.');
         }
 
-        // Grab subsets based on location-specific DNs, and overwrite location for these users.
-        foreach ($ldap_ou_locations as $ldap_loc) {
-            $location_users = Ldap::findLdapUsers($ldap_loc->ldap_ou);
-            $usernames = array();
-            for ($i = 0; $i < $location_users["count"]; $i++) {
-                $location_users[$i]["ldap_location_override"] = true;
-                $location_users[$i]["location_id"] = $ldap_loc->id;
-                $usernames[] = $location_users[$i][$ldap_result_username][0];
+        /* Process locations with explicitly defined OUs, if doing a full import. */
+        if ($this->option('base_dn')=='') {
+            // Retrieve locations with a mapped OU, and sort them from the shallowest to deepest OU (see #3993)
+            $ldap_ou_locations = Location::where('ldap_ou', '!=', '')->get()->toArray();
+            $ldap_ou_lengths = array();
+            
+            foreach ($ldap_ou_locations as $location) {
+                $ldap_ou_lengths[] = strlen($location["ldap_ou"]);
             }
 
-            // Delete located users from the general group.
-            foreach ($results as $key => $generic_entry) {
-                if (in_array($generic_entry[$ldap_result_username][0], $usernames)) {
-                    unset($results[$key]);
+            array_multisort($ldap_ou_lengths, SORT_ASC, $ldap_ou_locations);
+
+            if (sizeof($ldap_ou_locations) > 0) {
+                LOG::debug('Some locations have special OUs set. Locations will be automatically set for users in those OUs.');
+            }
+
+            // Inject location information fields
+            for ($i = 0; $i < $results["count"]; $i++) {
+                $results[$i]["ldap_location_override"] = false;
+                $results[$i]["location_id"] = 0;
+            }
+
+            // Grab subsets based on location-specific DNs, and overwrite location for these users.
+            foreach ($ldap_ou_locations as $ldap_loc) {
+                $location_users = Ldap::findLdapUsers($ldap_loc["ldap_ou"]);
+                $usernames = array();
+                for ($i = 0; $i < $location_users["count"]; $i++) {
+                    $location_users[$i]["ldap_location_override"] = true;
+                    $location_users[$i]["location_id"] = $ldap_loc["id"];
+                    $usernames[] = $location_users[$i][$ldap_result_username][0];
                 }
-            }
 
-            $global_count = $results['count'];
-            $results = array_merge($location_users, $results);
-            $results['count'] = $global_count;
+                // Delete located users from the general group.
+                foreach ($results as $key => $generic_entry) {
+                    if (in_array($generic_entry[$ldap_result_username][0], $usernames)) {
+                        unset($results[$key]);
+                    }
+                }
+
+                $global_count = $results['count'];
+                $results = array_merge($location_users, $results);
+                $results['count'] = $global_count;
+            }
         }
 
+        /* Create user account entries in Snipe-IT */
         $tmp_pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
         $pass = bcrypt($tmp_pass);
 
-
         for ($i = 0; $i < $results["count"]; $i++) {
             if (empty($ldap_result_active_flag) || $results[$i][$ldap_result_active_flag][0] == "TRUE") {
 
@@ -135,6 +162,14 @@ class LdapSync extends Command
                 $item["ldap_location_override"] = isset($results[$i]["ldap_location_override"]) ? $results[$i]["ldap_location_override"]:"";
                 $item["location_id"] = isset($results[$i]["location_id"]) ? $results[$i]["location_id"]:"";
 
+                if ( array_key_exists('useraccountcontrol', $results[$i]) ) {
+                    $enabled_accounts = [
+                        '512', '544', '66048', '66080', '262656', '262688', '328192', '328224'
+                    ];
+                    $item['activated'] = ( in_array($results[$i]['useraccountcontrol'][0], $enabled_accounts) ) ? 1 : 0;
+                } else {
+                    $item['activated'] = 0;
+                }
 
                 // User exists
                 $item["createorupdate"] = 'updated';
@@ -145,19 +180,23 @@ class LdapSync extends Command
                 }
 
                 // Create the user if they don't exist.
-
-
                 $user->first_name = e($item["firstname"]);
                 $user->last_name = e($item["lastname"]);
                 $user->username = e($item["username"]);
                 $user->email = e($item["email"]);
                 $user->employee_num = e($item["employee_number"]);
-                $user->activated = 1;
+                $user->activated = $item['activated'];
 
                 if ($item['ldap_location_override'] == true) {
                     $user->location_id = $item['location_id'];
-                } else if ($location) {
-                    $user->location_id = e($location->id);
+                } elseif ((isset($location)) && (!empty($location))) {
+
+                    if ((is_array($location)) && (array_key_exists('id', $location))) {
+                        $user->location_id = $location['id'];
+                    } elseif (is_object($location)) {
+                        $user->location_id = $location->id;
+                    }
+
                 }
 
                 $user->notes = 'Imported from LDAP';
@@ -184,17 +223,16 @@ class LdapSync extends Command
         if ($this->option('summary')) {
             for ($x = 0; $x < count($summary); $x++) {
                 if ($summary[$x]['status']=='error') {
-                    $this->error('ERROR: '.$summary[$x]['firstname'].' '.$summary[$x]['lastname'].' (username:  '.$summary[$x]['username'].' was not imported: '.$summary[$x]['note']);
+                    $this->error('ERROR: '.$summary[$x]['firstname'].' '.$summary[$x]['lastname'].' (username:  '.$summary[$x]['username'].') was not imported: '.$summary[$x]['note']);
                 } else {
-                    $this->info('User '.$summary[$x]['firstname'].' '.$summary[$x]['lastname'].' (username:  '.$summary[$x]['username'].' was '.strtoupper($summary[$x]['createorupdate']).'.');
+                    $this->info('User '.$summary[$x]['firstname'].' '.$summary[$x]['lastname'].' (username:  '.$summary[$x]['username'].') was '.strtoupper($summary[$x]['createorupdate']).'.');
                 }
-
             }
+        } else if ($this->option('json_summary')) {
+            $json_summary = [ "error" => false, "error_message" => "", "summary" => $summary ];
+            $this->info(json_encode($json_summary));
         } else {
             return $summary;
         }
-
-
-
     }
 }

app/Console/Commands/ObjectImportCommand.php

@@ -78,12 +78,7 @@ class ObjectImportCommand extends Command
 
         $logFile = $this->option('logfile');
         \Log::useFiles($logFile);
-        if ($this->option('testrun')) {
-            $this->comment('====== TEST ONLY Item Import for '.$filename.' ====');
-            $this->comment('============== NO DATA WILL BE WRITTEN ==============');
-        } else {
-            $this->comment('======= Importing Items from '.$filename.' =========');
-        }
+        $this->comment('======= Importing Items from '.$filename.' =========');
         $importer->import();
 
         $this->bar = null;

app/Console/Commands/RecryptFromMcrypt.php

@@ -16,7 +16,8 @@ class RecryptFromMcrypt extends Command
      *
      * @var string
      */
-    protected $signature = 'snipeit:legacy-recrypt';
+    protected $signature = 'snipeit:legacy-recrypt 
+                {--force : Force a re-crypt of encrypted data from MCRYPT.}';
 
     /**
      * The console command description.
@@ -48,6 +49,7 @@ class RecryptFromMcrypt extends Command
         // If not, we can try to use the current APP_KEY if looks like it's old
         $legacy_key = env('LEGACY_APP_KEY');
         $key_parts = explode(':', $legacy_key);
+        $legacy_cipher = env('LEGACY_CIPHER', 'rijndael-256');
         $errors = array();
 
         if (!$legacy_key) {
@@ -60,6 +62,7 @@ class RecryptFromMcrypt extends Command
         if (strlen($legacy_key) == 32) {
             $legacy_length_check = true;
         } elseif (array_key_exists('1', $key_parts) && (strlen($key_parts[1])==44)) {
+            $legacy_key = base64_decode($key_parts[1],true);
             $legacy_length_check = true;
         } else {
             $legacy_length_check = false;
@@ -79,7 +82,9 @@ class RecryptFromMcrypt extends Command
         $this->error('================================!!!! WARNING !!!!================================');
         $this->comment("This tool will attempt to decrypt your old Snipe-IT (mcrypt, now deprecated) encrypted data and re-encrypt it using OpenSSL. \n\nYou should only continue if you have backed up any and all old APP_KEYs and have backed up your data.");
 
-        if ($this->confirm("Are you SURE you wish to continue?")) {
+        $force = ($this->option('force')) ? true : false;
+
+        if ($force || ($this->confirm("Are you SURE you wish to continue?"))) {
 
             $backup_file = 'backups/env-backups/'.'app_key-'.date('Y-m-d-gis');
 
@@ -91,13 +96,21 @@ class RecryptFromMcrypt extends Command
             }
 
 
-            $mcrypter = new McryptEncrypter($legacy_key);
+            if ($legacy_cipher){
+                $mcrypter = new McryptEncrypter($legacy_key,$legacy_cipher);
+            }else{
+                $mcrypter = new McryptEncrypter($legacy_key);
+            }
             $settings = Setting::getSettings();
 
-            if ($settings->ldap_password=='') {
+            if ($settings->ldap_pword=='') {
                 $this->comment('INFO: No LDAP password found. Skipping... ');
+            } else {
+                $decrypted_ldap_pword = $mcrypter->decrypt($settings->ldap_pword);
+                $settings->ldap_pword = \Crypt::encrypt($decrypted_ldap_pword);
+                $settings->save();
             }
-
+            /** @var CustomField[] $custom_fields */
             $custom_fields = CustomField::where('field_encrypted','=', 1)->get();
             $this->comment('INFO: Retrieving encrypted custom fields...');
 
@@ -110,32 +123,22 @@ class RecryptFromMcrypt extends Command
 
 
             // Get all assets with a value in any of the fields that were encrypted
+            /** @var Asset[] $assets */
             $assets = $query->get();
 
             $bar = $this->output->createProgressBar(count($assets));
 
-            foreach ($custom_fields as $encrypted_field) {
-
-                // Try to decrypt the payload using the legacy app key
-                try {
-                    $decrypted_field = $mcrypter->decrypt($encrypted_field);
-                    $this->comment($decrypted_field);
-                } catch (\Exception $e) {
-                    $errors[] = ' - ERROR: Could not decrypt field ['.$encrypted_field->name.']: '.$e->getMessage();
-                }
-                $bar->advance();
-            }
-
 
             foreach ($assets as $asset) {
                 foreach ($custom_fields as $encrypted_field) {
+                    $columnName = $encrypted_field->db_column;
 
                     // Make sure the value isn't null
-                    if ($asset->{$encrypted_field}!='') {
+                    if ($asset->{$columnName}!='') {
                         // Try to decrypt the payload using the legacy app key
                         try {
-                            $decrypted_field = $mcrypter->decrypt($asset->{$encrypted_field});
-                            $asset->{$encrypted_field} = \Crypt::encrypt($decrypted_field);
+                            $decrypted_field = $mcrypter->decrypt($asset->{$columnName});
+                            $asset->{$columnName} = \Crypt::encrypt($decrypted_field);
                             $this->comment($decrypted_field);
                         } catch (\Exception $e) {
                             $errors[] = ' - ERROR: Could not decrypt field ['.$encrypted_field->name.']: '.$e->getMessage();

app/Console/Commands/RegenerateAssetTags.php

@@ -0,0 +1,105 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+use App\Models\Asset;
+use App\Models\Setting;
+use DB;
+use Artisan;
+
+class RegenerateAssetTags extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:regenerate-tags {--start=} {--output= : info|warn|error|all} ';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This utility will regenerate all asset tags. THIS IS DATA-DESTRUCTIVE AND SHOULD BE USED WITH CAUTION. ';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        if ($this->confirm('This will regenerate all of the asset tags within your system. This action is data-destructive and should be used with caution. Do you wish to continue?'))
+        {
+
+            $output['info'] = [];
+            $output['warn'] = [];
+            $output['error'] = [];
+            $settings = Setting::getSettings();
+
+            $start_tag = ($this->option('start')) ? $this->option('start') : (($settings->next_auto_tag_base) ? Setting::getSettings()->next_auto_tag_base : 1) ;
+
+            $this->info('Starting at '.$start_tag);
+
+            $total_assets = Asset::orderBy('id','asc')->get();
+            $bar = $this->output->createProgressBar(count($total_assets));
+
+            try  {
+                Artisan::call('backup:run');
+            } catch (\Exception $e) {
+                $output['error'][] = $e;
+            }
+
+            foreach ($total_assets as $asset) {
+                
+                $start_tag++;
+                $output['info'][] = 'Asset tag:'.$asset->asset_tag;
+                $asset->asset_tag = $settings->auto_increment_prefix.$settings->auto_increment_prefix.$start_tag;
+
+                if ($settings->zerofill_count > 0) {
+                    $asset->asset_tag = $settings->auto_increment_prefix.Asset::zerofill($start_tag, $settings->zerofill_count);
+                }
+
+                $output['info'][] = 'New Asset tag:'.$asset->asset_tag;
+
+                // Use forceSave here to override model level validation
+                $asset->forceSave();
+            }
+
+            $bar->finish();
+            $this->info("\n");
+
+
+            if (($this->option('output')=='all') || ($this->option('output')=='info')) {
+                foreach ($output['info'] as $key => $output_text) {
+                    $this->info($output_text);
+                }
+            }
+            if (($this->option('output')=='all') || ($this->option('output')=='warn')) {
+                foreach ($output['warn'] as $key => $output_text) {
+                    $this->warn($output_text);
+                }
+            }
+            if (($this->option('output')=='all') || ($this->option('output')=='error')) {
+                foreach ($output['error'] as $key => $output_text) {
+                    $this->error($output_text);
+                }
+            }
+        }
+
+
+    }
+}

app/Console/Commands/ResetDemoSettings.php

@@ -0,0 +1,76 @@
+<?php
+
+namespace App\Console\Commands;
+
+
+use Illuminate\Console\Command;
+use App\Models\Setting;
+use App\Models\User;
+
+class ResetDemoSettings extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:demo-settings';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This will reset the Snipe-IT demo settings back to default. ';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        $this->info('Resetting the demo settings.');
+        $settings = Setting::first();
+        $settings->per_page = 20;
+        $settings->site_name = 'Snipe-IT Asset Management Demo';
+        $settings->auto_increment_assets = 1;
+        $settings->logo = 'snipe-logo.png';
+        $settings->alert_email = 'service@snipe-it.io';
+        $settings->header_color = null;
+        $settings->barcode_type = 'QRCODE';
+        $settings->default_currency = 'USD';
+        $settings->brand = 3;
+        $settings->ldap_enabled = 0;
+        $settings->full_multiple_companies_support = 1;
+        $settings->alt_barcode = 'C128';
+        $settings->skin = '';
+        $settings->email_domain = 'snipeitapp.com';
+        $settings->email_format = 'filastname';
+        $settings->username_format = 'filastname';
+        $settings->date_display_format = 'D M d, Y';
+        $settings->time_display_format = 'g:iA';
+        $settings->thumbnail_max_h = '30';
+        $settings->locale = 'en';
+        $settings->save();
+
+        if ($user = User::where('username', '=', 'admin')->first()) {
+            $user->locale = 'en';
+            $user->save();
+        }
+
+        
+    }
+
+}

app/Console/Commands/SendExpectedCheckinAlerts.php

@@ -4,8 +4,10 @@ namespace App\Console\Commands;
 
 
 use App\Models\Asset;
+use App\Models\Setting;
 use Illuminate\Console\Command;
 use App\Notifications\ExpectedCheckinNotification;
+use App\Notifications\ExpectedCheckinAdminNotification;
 use Carbon\Carbon;
 
 class SendExpectedCheckinAlerts extends Command
@@ -42,21 +44,28 @@ class SendExpectedCheckinAlerts extends Command
      */
     public function fire()
     {
-
+        $settings = Setting::getSettings();
         $whenNotify = Carbon::now()->addDays(7);
-        $assets = Asset::with('assignedTo')->whereNotNull('expected_checkin')->where('expected_checkin', '<=', $whenNotify)->get();
+        $assets = Asset::with('assignedTo')->whereNotNull('assigned_to')->whereNotNull('expected_checkin')->where('expected_checkin', '<=', $whenNotify)->get();
 
         $this->info($whenNotify.' is deadline');
         $this->info($assets->count().' assets');
 
         foreach ($assets as $asset) {
-            if ($asset->assignedTo  && $asset->checkoutOutToUser()) {
-                $asset->assignedTo->notify((new ExpectedCheckinNotification($asset)));
-                //$this->info($asset);
+            if ($asset->assigned  && $asset->checkedOutToUser()) {
+                $asset->assigned->notify((new ExpectedCheckinNotification($asset)));
             }
         }
 
 
+        // Send a rollup to the admin, if settings dictate
+        $recipient = new \App\Models\Recipients\AlertRecipient();
+
+        if (($assets) && ($assets->count() > 0) && ($settings->alert_email!='')) {
+            $recipient->notify(new ExpectedCheckinAdminNotification($assets));
+        }
+
+
 
 
 

app/Console/Commands/SendExpirationAlerts.php

@@ -6,6 +6,8 @@ use App\Models\Asset;
 use App\Models\License;
 use App\Models\Setting;
 use DB;
+use App\Notifications\ExpiringLicenseNotification;
+use App\Notifications\ExpiringAssetsNotification;
 
 use Illuminate\Console\Command;
 
@@ -44,88 +46,39 @@ class SendExpirationAlerts extends Command
     public function fire()
     {
 
+        $settings = Setting::getSettings();
+        $threshold = $settings->alert_interval;
+
+
         // Expiring Assets
-        $expiring_assets = Asset::getExpiringWarrantee(Setting::getSettings()->alert_interval);
-        $this->info(count($expiring_assets).' expiring assets');
-
-        $asset_data['count'] =  count($expiring_assets);
-        $asset_data['email_content'] ='';
-        $now = date("Y-m-d");
-
-
-        foreach ($expiring_assets as $asset) {
-
-            $expires = $asset->present()->warrantee_expires();
-            $difference =  round(abs(strtotime($expires) - strtotime($now))/86400);
-
-            if ($difference > 30) {
-                $asset_data['email_content'] .= '<tr style="background-color: #fcffa3;">';
-            } else {
-                $asset_data['email_content'] .= '<tr style="background-color:#d9534f;">';
-            }
-            $asset_data['email_content'] .= '<td><a href="'.config('app.url').'/hardware/'.e($asset->id).'/view">';
-            $asset_data['email_content'] .= $asset->present()->name().'</a></td><td>'.e($asset->asset_tag).'</td>';
-            $asset_data['email_content'] .= '<td>'.e($asset->present()->warrantee_expires()).'</td>';
-            $asset_data['email_content'] .= '<td>'.$difference.' '.trans('mail.days').'</td>';
-            $asset_data['email_content'] .= '<td>'.($asset->supplier ? e($asset->supplier->name) : '').'</td>';
-            $asset_data['email_content'] .= '<td>'.($asset->assignedTo ? e($asset->assignedTo->present()->name()) : '').'</td>';
-            $asset_data['email_content'] .= '</tr>';
-        }
+        $assets = Asset::getExpiringWarrantee(Setting::getSettings()->alert_interval);
+        $this->info(trans_choice('mail.assets_warrantee_alert', $assets->count(), ['count'=>$assets->count(), 'threshold' => $threshold]));
 
         // Expiring licenses
-        $expiring_licenses = License::getExpiringLicenses(Setting::getSettings()->alert_interval);
-        $this->info(count($expiring_licenses).' expiring licenses');
+        $licenses = License::getExpiringLicenses($threshold);
 
+        $this->info(trans_choice('mail.license_expiring_alert', $licenses->count(), ['count'=>$licenses->count(), 'threshold' => $threshold]));
 
-        $license_data['count'] =  count($expiring_licenses);
-        $license_data['email_content'] = '';
+        $recipient = new \App\Models\Recipients\AlertRecipient();
 
-        foreach ($expiring_licenses as $license) {
-            $expires = $license->expiration_date;
-            $difference =  round(abs(strtotime($expires) - strtotime($now))/86400);
-
-            if ($difference > 30) {
-                $license_data['email_content'] .= '<tr style="background-color: #fcffa3;">';
-            } else {
-                $license_data['email_content'] .= '<tr style="background-color:#d9534f;">';
-            }
-                $license_data['email_content'] .= '<td><a href="'.route('licenses.show', $license->id).'">';
-                $license_data['email_content'] .= $license->name.'</a></td>';
-                $license_data['email_content'] .= '<td>'.$license->expiration_date.'</td>';
-                $license_data['email_content'] .= '<td>'.$difference.' days</td>';
-                $license_data['email_content'] .= '</tr>';
-        }
-
-        if ((Setting::getSettings()->alert_email!='')  && (Setting::getSettings()->alerts_enabled==1)) {
-
-
-            if (count($expiring_assets) > 0) {
-                $this->info('Report sent to '.Setting::getSettings()->alert_email);
-                \Mail::send('emails.expiring-assets-report', $asset_data, function ($m) {
-                    $m->to(explode(',', Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
-                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
-                    $m->subject(trans('mail.Expiring_Assets_Report'));
-                });
+        if ((Setting::getSettings()->alert_email!='')  && ($settings->alerts_enabled==1)) {
 
+            if ($assets->count() > 0) {
+                // Send a rollup to the admin, if settings dictate
+                $recipient->notify(new ExpiringAssetsNotification($assets, $threshold));
             }
 
-            if (count($expiring_licenses) > 0) {
-                $this->info('Report sent to '.Setting::getSettings()->alert_email);
-                \Mail::send('emails.expiring-licenses-report', $license_data, function ($m) {
-                    $m->to(explode(',', Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
-                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
-                    $m->subject(trans('mail.Expiring_Licenses_Report'));
-                });
-
+            if ($licenses->count() > 0) {
+                $recipient->notify(new ExpiringLicenseNotification($licenses, $threshold));
             }
 
 
         } else {
 
-            if (Setting::getSettings()->alert_email=='') {
-                echo "Could not send email. No alert email configured in settings. \n";
-            } elseif (Setting::getSettings()->alerts_enabled!=1) {
-                echo "Alerts are disabled in the settings. No mail will be sent. \n";
+            if ($settings->alert_email=='') {
+                $this->error('Could not send email. No alert email configured in settings');
+            } elseif ($settings->alerts_enabled!=1) {
+                $this->info('Alerts are disabled in the settings. No mail will be sent');
             }
 
         }

app/Console/Commands/SendInventoryAlerts.php

@@ -6,6 +6,7 @@ use App\Models\Setting;
 use DB;
 use Mail;
 use App\Helpers\Helper;
+use App\Notifications\InventoryAlert;
 
 use Illuminate\Console\Command;
 
@@ -42,25 +43,27 @@ class SendInventoryAlerts extends Command
      */
     public function handle()
     {
-        if ((Setting::getSettings()->alert_email!='')  && (Setting::getSettings()->alerts_enabled==1)) {
+        $settings = Setting::getSettings();
 
-            $data['data'] = Helper::checkLowInventory();
-            $data['count'] = count($data['data']);
+        if (($settings->alert_email!='')  && ($settings->alerts_enabled==1)) {
 
-            if (count($data['data']) > 0) {
-                \Mail::send('emails.low-inventory', $data, function ($m) {
-                    $m->to(explode(',', Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
-                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
-                    $m->subject(trans('mail.Low_Inventory_Report'));
-                });
+            $items = Helper::checkLowInventory();
 
+            // Send a rollup to the admin, if settings dictate
+            $recipient = new \App\Models\Recipients\AlertRecipient();
+
+            if (($items) && (count($items) > 0) && ($settings->alert_email!='')) {
+
+                $this->info( trans_choice('mail.low_inventory_alert',count($items)) );
+
+                $recipient->notify(new InventoryAlert($items, $settings->alert_threshold));
             }
 
         } else {
             if (Setting::getSettings()->alert_email=='') {
-                echo "Could not send email. No alert email configured in settings. \n";
+                $this->error('Could not send email. No alert email configured in settings');
             } elseif (Setting::getSettings()->alerts_enabled!=1) {
-                echo "Alerts are disabled in the settings. No mail will be sent. \n";
+                $this->info('Alerts are disabled in the settings. No mail will be sent');
             }
         }
 

app/Console/Commands/SyncAssetCounters.php

@@ -0,0 +1,76 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+use App\Models\Asset;
+
+class SyncAssetCounters extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:counter-sync';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Syncs checkedout, checked in, and requested counters for assets';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+        $start = microtime(true);
+        $assets = Asset::withCount('checkins', 'checkouts', 'userRequests')
+            ->withTrashed()->get();
+
+        if ($assets) {
+            if ($assets->count() > 0) {
+                $bar = $this->output->createProgressBar($assets->count());
+                
+                foreach ($assets as $asset) {
+                    $asset->checkin_counter = (int) $asset->checkins_count;
+                    $asset->checkout_counter = (int) $asset->checkouts_count;
+                    $asset->requests_counter = (int) $asset->user_requests_count;
+                    $asset->unsetEventDispatcher();
+                    $asset->save();
+                    $output['info'][] = 'Asset: ' . $asset->id . ' has ' . $asset->checkin_counter . ' checkins, ' . $asset->checkout_counter . ' checkouts, and ' . $asset->requests_counter . ' requests';
+                    $bar->advance();
+                }
+                $bar->finish();
+
+                foreach ($output['info'] as $key => $output_text) {
+                    $this->info($output_text);
+                }
+
+                $time_elapsed_secs = microtime(true) - $start;
+                $this->info('Sync executed in ' . $time_elapsed_secs . ' seconds');
+
+            } else {
+                $this->info('No assets to sync');
+            }
+
+        }
+
+
+
+    }
+}

app/Console/Commands/SyncAssetLocations.php

@@ -0,0 +1,148 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\CustomField;
+use Illuminate\Console\Command;
+use App\Models\Asset;
+use Illuminate\Support\Facades\Storage;
+
+class SyncAssetLocations extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:sync-asset-locations {--output= : info|warn|error|all} ';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This utility will sync the location_id of assets based on current state. It should not normally be needed, but is a safeguard in case we missed something in the Great Migration when flattening the assets to location relationship.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        $output['info'] = [];
+        $output['warn'] = [];
+        $output['error'] = [];
+
+        $total_assets = Asset::whereNull('deleted_at')->get();
+        $bar = $this->output->createProgressBar(count($total_assets));
+
+        // Unassigned
+        $rtd_assets = Asset::whereNull('assigned_to')->whereNull('deleted_at')->with('defaultLoc')->get();
+        $output['info'][] = 'There are '.$rtd_assets->count().' unassigned assets.';
+
+        foreach ($rtd_assets as $rtd_asset) {
+             $output['info'][] = 'Setting Unassigned Asset ' . $rtd_asset->id . ' ('.$rtd_asset->asset_tag.') to  location: ' . $rtd_asset->rtd_location_id . " because their default location is: " . $rtd_asset->rtd_location_id;
+            $rtd_asset->location_id=$rtd_asset->rtd_location_id;
+            $rtd_asset->unsetEventDispatcher();
+            $rtd_asset->save();
+            $bar->advance();
+        }
+
+        $assigned_user_assets = Asset::where('assigned_type','App\Models\User')->whereNotNull('assigned_to')->whereNull('deleted_at')->get();
+        $output['info'][] = 'There are '.$assigned_user_assets->count().' assets checked out to users.';
+        foreach ($assigned_user_assets as $assigned_user_asset) {
+            if (($assigned_user_asset->assignedTo) && ($assigned_user_asset->assignedTo->userLoc)) {
+                $new_location=$assigned_user_asset->assignedTo->userloc->id;
+                $output['info'][] ='Setting User Asset ' . $assigned_user_asset->id . ' ('.$assigned_user_asset->asset_tag.') to  ' . $assigned_user_asset->assignedTo->userLoc->name . ' which is id: ' . $new_location;
+            } else {
+                $output['warn'][] ='Asset ' . $assigned_user_asset->id . ' ('.$assigned_user_asset->asset_tag.') still has no location! ';
+                $new_location = $assigned_user_asset->rtd_location_id;
+            }
+            $assigned_user_asset->location_id=$new_location;
+            $assigned_user_asset->unsetEventDispatcher();
+            $assigned_user_asset->save();
+            $bar->advance();
+
+        }
+
+        $assigned_location_assets = Asset::where('assigned_type','App\Models\Location')
+            ->whereNotNull('assigned_to')->whereNull('deleted_at')->get();
+        $output['info'][] = 'There are '.$assigned_location_assets->count().' assets checked out to locations.';
+
+        foreach ($assigned_location_assets as $assigned_location_asset) {
+            if ($assigned_location_asset->assignedTo) {
+                $assigned_location_asset->location_id = $assigned_location_asset->assignedTo->id;
+                $output['info'][] ='Setting Location Assigned  asset ' . $assigned_location_asset->id . ' ('.$assigned_location_asset->asset_tag.') that is checked out to '.$assigned_location_asset->assignedTo->name.' (#'.$assigned_location_asset->assignedTo->id.') to location: ' . $assigned_location_asset->assetLoc()->id;
+                $assigned_location_asset->unsetEventDispatcher();
+                $assigned_location_asset->save();
+            } else {
+                $output['warn'][] ='Asset ' . $assigned_location_asset->id . ' ('.$assigned_location_asset->asset_tag.') did not return a valid associated location - perhaps it was deleted?';
+            }
+            $bar->advance();
+
+        }
+
+
+        // Assigned to assets
+        $assigned_asset_assets = Asset::where('assigned_type','App\Models\Asset')
+            ->whereNotNull('assigned_to')->whereNull('deleted_at')->get();
+            $output['info'][] ='Asset-assigned assets: '.$assigned_asset_assets->count();
+
+            foreach ($assigned_asset_assets as $assigned_asset_asset) {
+
+                // Check to make sure there aren't any invalid relationships
+                if ($assigned_asset_asset->assetLoc()) {
+                    $assigned_asset_asset->location_id = $assigned_asset_asset->assetLoc()->id;
+                    $output['info'][] ='Setting Asset Assigned asset ' . $assigned_asset_asset->assetLoc()->id. ' ('.$assigned_asset_asset->asset_tag.') location to: ' . $assigned_asset_asset->assetLoc()->id;
+                    $assigned_asset_asset->unsetEventDispatcher();
+                    $assigned_asset_asset->save();
+                } else {
+                    $output['warn'][] ='Asset Assigned asset ' . $assigned_asset_asset->id. ' ('.$assigned_asset_asset->asset_tag.') does not seem to have a valid location';
+                }
+
+                $bar->advance();
+
+            }
+
+        $unlocated_assets = Asset::whereNull("location_id")->whereNull('deleted_at')->get();
+        $output['info'][] ='Assets still without a location: '.$unlocated_assets->count();
+        foreach($unlocated_assets as $unlocated_asset) {
+            $output['warn'][] ='Asset: '.$unlocated_asset->id.' still has no location. ';
+            $bar->advance();
+        }
+
+        $bar->finish();
+        $this->info("\n");
+
+
+        if (($this->option('output')=='all') || ($this->option('output')=='info')) {
+            foreach ($output['info'] as $key => $output_text) {
+                $this->info($output_text);
+            }
+        }
+        if (($this->option('output')=='all') || ($this->option('output')=='warn')) {
+            foreach ($output['warn'] as $key => $output_text) {
+                $this->warn($output_text);
+            }
+        }
+        if (($this->option('output')=='all') || ($this->option('output')=='error')) {
+            foreach ($output['error'] as $key => $output_text) {
+                $this->error($output_text);
+            }
+        }
+
+
+    }
+}

app/Console/Commands/Version.php

@@ -0,0 +1,135 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+
+class Version extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'version:update {--branch=master} {--type=patch}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Command description';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        $use_branch = $this->option('branch');
+        $use_type = $this->option('type');
+        $git_branch = trim(shell_exec('git rev-parse --abbrev-ref HEAD'));
+        $build_version = trim(shell_exec('git rev-list --count '.$use_branch));
+        $versionFile = 'config/version.php';
+        $full_hash_version = str_replace("\n", '', shell_exec('git describe master --tags'));
+
+        $version = explode('-', $full_hash_version);
+        $app_version = $current_app_version = $version[0];
+        $hash_version = (array_key_exists('2', $version)) ? $version[2] : '';
+        $prerelease_version = '';
+
+        $this->line('Branch is: '.$use_branch);
+        $this->line('Type is: '.$use_type);
+        $this->line('Current version is: '.$full_hash_version);
+
+        if (count($version)==3) {
+            $this->line('This does not look like an alpha/beta release.');
+        } else {
+            if (array_key_exists('3',$version)) {
+                $this->line('The current version looks like a beta release.');
+                $prerelease_version = $version[1];
+                $hash_version = $version[3];
+            }
+        }
+
+
+        $app_version_raw = explode('.', $app_version);
+
+        $maj = str_replace('v', '', $app_version_raw[0]);
+        $min = $app_version_raw[1];
+        $patch = '';
+
+
+
+        // This is a major release that might not have a third .0
+        if (array_key_exists(2, $app_version_raw)) {
+            $patch = $app_version_raw[2];
+        }
+
+        if ($use_type=='major') {
+            $app_version = "v".($maj + 1).".$min.$patch";
+        } elseif ($use_type=='minor') {
+            $app_version = "v"."$maj.".($min + 1).".$patch";
+        } elseif ($use_type=='pre') {
+            $pre_raw = str_replace('beta','', $prerelease_version);
+            $pre_raw = str_replace('alpha','', $pre_raw);
+            $pre_raw = str_ireplace('rc','', $pre_raw);
+            $pre_raw = $pre_raw++;
+            $this->line('Setting the pre-release to '. $prerelease_version.'-'.$pre_raw);
+            $app_version = "v"."$maj.".($min + 1).".$patch";
+        } elseif ($use_type=='patch') {
+            $app_version = "v" . "$maj.$min." . ($patch + 1);
+        // If nothing is passed, leave the version as it is, just increment the build
+        } else {
+            $app_version = "v" . "$maj.$min." . $patch;
+        }
+
+        // Determine if this tag already exists, or if this prior to a release
+        $this->line('Running: git rev-parse master '.$current_app_version);
+        // $pre_release = trim(shell_exec('git rev-parse '.$use_branch.' '.$current_app_version.' 2>&1 1> /dev/null'));
+
+        if ($use_branch=='develop') {
+            $app_version = $app_version.'-pre';
+        }
+
+        $full_app_version = $app_version.' - build '.$build_version.'-'.$hash_version;
+
+
+        $array = var_export(
+            array(
+                'app_version' => $app_version,
+                'full_app_version' => $full_app_version,
+                'build_version' => $build_version,
+                'prerelease_version' => $prerelease_version,
+                'hash_version' => $hash_version,
+                'full_hash' => $full_hash_version,
+                'branch' => $git_branch),
+            true
+        );
+        
+
+
+        // Construct our file content
+        $content = <<<CON
+<?php
+return $array;
+CON;
+
+        // And finally write the file and output the current version
+        \File::put($versionFile, $content);
+        $this->info('Setting NEW version: '. $full_app_version.' ('.$git_branch.')');
+    }
+
+}

app/Console/Commands/Versioning.php

@@ -1,91 +0,0 @@
-<?php
-
-namespace App\Console\Commands;
-
-use Symfony\Component\Console\Input\InputArgument;
-
-use Illuminate\Console\Command;
-
-class Versioning extends Command
-{
-
-    /**
-     * The console command name.
-     *
-     * @var string
-     */
-    protected $name = 'versioning:update';
-
-    /**
-     * The console command description.
-     *
-     * @var string
-     */
-    protected $description = 'Generate and update app\'s version via git.';
-
-    /**
-     * Create a new command instance.
-     *
-     * @return void
-     */
-    public function __construct()
-    {
-        parent::__construct();
-    }
-
-    /**
-     * Execute the console command.
-     *
-     * @return void
-     */
-    public function fire()
-    {
-
-        $versionFile = 'config/version.php';
-        $hash_version = str_replace("\n", '', shell_exec('git describe --tags'));
-
-        $version = explode('-', $hash_version);
-
-        $array = var_export(
-            array(
-            'app_version' => $version[0],
-            'build_version' => $version[1],
-            'hash_version' => $version[2],
-            'full_hash' => $hash_version),
-            true
-        );
-
-
-        // Construct our file content
-            $content = <<<CON
-<?php
-return $array;
-CON;
-
-        // And finally write the file and output the current version
-            \File::put($versionFile, $content);
-            $this->line('Setting version: '. config('version.app_version').' build '.config('version.build_version').' ('.config('version.hash_version').')');
-    }
-
-    /**
-     * Get the console command arguments.
-     *
-     * @return array
-     */
-    protected function getArguments()
-    {
-        return array(
-        );
-    }
-
-    /**
-     * Get the console command options.
-     *
-     * @return array
-     */
-    protected function getOptions()
-    {
-        return array(
-        );
-    }
-}

app/Console/Kernel.php

@@ -19,13 +19,17 @@ class Kernel extends ConsoleKernel
         Commands\SendInventoryAlerts::class,
         Commands\SendExpectedCheckinAlerts::class,
         Commands\ObjectImportCommand::class,
-        Commands\Versioning::class,
+        Commands\Version::class,
         Commands\SystemBackup::class,
         Commands\DisableLDAP::class,
         Commands\Purge::class,
         Commands\LdapSync::class,
         Commands\FixDoubleEscape::class,
-        Commands\RecryptFromMcrypt::class
+        Commands\RecryptFromMcrypt::class,
+        Commands\ResetDemoSettings::class,
+        Commands\SyncAssetLocations::class,
+        Commands\RegenerateAssetTags::class,
+        Commands\SyncAssetCounters::class,
     ];
 
     /**
@@ -39,7 +43,7 @@ class Kernel extends ConsoleKernel
 
         $schedule->command('snipeit:inventory-alerts')->daily();
         $schedule->command('snipeit:expiring-alerts')->daily();
-        $schedule->command('snipeit:expected-checkins')->daily();
+        $schedule->command('snipeit:expected-checkin')->daily();
         $schedule->command('snipeit:backup')->weekly();
         $schedule->command('backup:clean')->daily();
     }

app/Exceptions/CheckoutNotAllowed.php

@@ -5,8 +5,17 @@ namespace App\Exceptions;
 use Exception;
 class CheckoutNotAllowed extends Exception
 {
+
+    private $errorMessage;
+
+    function __construct($errorMessage = null)
+    {
+        $this->errorMessage = $errorMessage;
+
+        parent::__construct($errorMessage);
+    }
     public function __toString()
     {
-        "A checkout is not allowed under these circumstances";
+       return is_null($this->errorMessage) ? "A checkout is not allowed under these circumstances" : $this->errorMessage;
     }
 }

app/Exceptions/Handler.php

@@ -7,6 +7,7 @@ use Illuminate\Auth\AuthenticationException;
 use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
 use App\Helpers\Helper;
 use Illuminate\Validation\ValidationException;
+use Log;
 
 class Handler extends ExceptionHandler
 {
@@ -34,7 +35,10 @@ class Handler extends ExceptionHandler
      */
     public function report(Exception $exception)
     {
-        parent::report($exception);
+        if ($this->shouldReport($exception)) {
+            Log::error($exception);
+            return parent::report($exception);
+        }
     }
 
     /**
@@ -63,7 +67,7 @@ class Handler extends ExceptionHandler
             }
 
             if ($e instanceof \Illuminate\Validation\ValidationException) {
-                return response()->json(Helper::formatStandardApiResponse('error', $e->response['messages'], $e->getMessage(), 400));
+                return response()->json(Helper::formatStandardApiResponse('error', null, $e->response['messages'], 400));
             }
 
             if ($this->isHttpException($e)) {

app/Helpers/Helper.php

@@ -127,99 +127,16 @@ class Helper
         $floatString = str_replace(",", "", $floatString);
         $floatString = str_replace($LocaleInfo["decimal_point"], ".", $floatString);
         // Strip Currency symbol
-        $floatString = str_replace($LocaleInfo['currency_symbol'], '', $floatString);
+        // If no currency symbol is set, default to $ because Murica
+        $currencySymbol = $LocaleInfo['currency_symbol'];
+        if (empty($currencySymbol)) {
+            $currencySymbol = '$';
+        }
+
+        $floatString = str_replace($currencySymbol, '', $floatString);
         return floatval($floatString);
     }
 
-
-    /**
-     * Get the list of models in an array to make a dropdown menu
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v2.5]
-     * @return Array
-     */
-    public static function modelList()
-    {
-        $models = AssetModel::with('manufacturer')->get();
-        $model_array[''] = trans('general.select_model');
-        foreach ($models as $model) {
-            $model_array[$model->id] = $model->present()->modelName();
-        }
-        return $model_array;
-    }
-
-    /**
-     * Get the list of companies in an array to make a dropdown menu
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v2.5]
-     * @return Array
-     */
-    public static function companyList()
-    {
-        $company_list = array('' => trans('general.select_company')) + DB::table('companies')
-                ->orderBy('name', 'asc')
-                ->pluck('name', 'id')
-                ->toArray();
-        return $company_list;
-    }
-
-
-    /**
-     * Get the list of categories in an array to make a dropdown menu
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v2.5]
-     * @return Array
-     */
-    public static function categoryList($category_type = null)
-    {
-        $categories = Category::orderBy('name', 'asc')
-                ->whereNull('deleted_at')
-                ->orderBy('name', 'asc');
-        if (!empty($category_type)) {
-            $categories = $categories->where('category_type', '=', $category_type);
-        }
-        $category_list = array('' => trans('general.select_category')) + $categories->pluck('name', 'id')->toArray();
-        return $category_list;
-    }
-
-
-    /**
-     * Get the list of categories in an array to make a dropdown menu
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v2.5]
-     * @return Array
-     */
-    public static function departmentList()
-    {
-        $departments = Department::orderBy('name', 'asc')
-            ->whereNull('deleted_at')
-            ->orderBy('name', 'asc');
-
-        return array('' => trans('general.select_department')) + $departments->pluck('name', 'id')->toArray();
-
-    }
-    
-
-    /**
-     * Get the list of suppliers in an array to make a dropdown menu
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v2.5]
-     * @return Array
-     */
-    public static function suppliersList()
-    {
-        $supplier_list = array('' => trans('general.select_supplier')) + Supplier::orderBy('name', 'asc')
-                ->orderBy('name', 'asc')
-                ->pluck('name', 'id')->toArray();
-        return $supplier_list;
-    }
-
-
     /**
      * Get the list of status labels in an array to make a dropdown menu
      *
@@ -229,42 +146,11 @@ class Helper
      */
     public static function statusLabelList()
     {
-        $statuslabel_list = array('' => trans('general.select_statuslabel')) + Statuslabel::orderBy('deployable', 'desc')
+        $statuslabel_list = array('' => trans('general.select_statuslabel')) + Statuslabel::orderBy('default_label', 'desc')->orderBy('name','asc')->orderBy('deployable','desc')
                 ->pluck('name', 'id')->toArray();
         return $statuslabel_list;
     }
 
-
-    /**
-     * Get the list of locations in an array to make a dropdown menu
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v2.5]
-     * @return Array
-     */
-    public static function locationsList()
-    {
-        $location_list = array('' => trans('general.select_location')) + Location::orderBy('name', 'asc')
-                ->pluck('name', 'id')->toArray();
-        return $location_list;
-    }
-
-
-    /**
-     * Get the list of manufacturers in an array to make a dropdown menu
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v2.5]
-     * @return Array
-     */
-    public static function manufacturerList()
-    {
-        $manufacturer_list = array('' => trans('general.select_manufacturer')) +
-            Manufacturer::orderBy('name', 'asc')
-                ->pluck('name', 'id')->toArray();
-        return $manufacturer_list;
-    }
-
     /**
      * Get the list of status label types in an array to make a dropdown menu
      *
@@ -283,24 +169,6 @@ class Helper
         return $statuslabel_types;
     }
 
-    /**
-     * Get the list of managers in an array to make a dropdown menu
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v2.5]
-     * @return Array
-     */
-    public static function managerList()
-    {
-        $manager_list = array('' => trans('general.select_user')) +
-                        User::where('deleted_at', '=', null)
-                        ->orderBy('last_name', 'asc')
-                        ->orderBy('first_name', 'asc')->get()
-                        ->pluck('complete_name', 'id')->toArray();
-
-        return $manager_list;
-    }
-
     /**
      * Get the list of depreciations in an array to make a dropdown menu
      *
@@ -324,58 +192,17 @@ class Helper
      */
     public static function categoryTypeList()
     {
-        $category_types = array('' => '','accessory' => 'Accessory', 'asset' => 'Asset', 'consumable' => 'Consumable','component' => 'Component');
+        $category_types = array(
+            '' => '',
+            'accessory' => 'Accessory',
+            'asset' => 'Asset',
+            'consumable' => 'Consumable',
+            'component' => 'Component',
+            'license' => 'License'
+        );
         return $category_types;
     }
 
-    /**
-     * Get the list of users in an array to make a dropdown menu
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v2.5]
-     * @return Array
-     */
-    public static function usersList()
-    {
-        $users_list =   array( '' => trans('general.select_user')) +
-                        Company::scopeCompanyables(User::where('deleted_at', '=', null))
-                        ->where('show_in_list', '=', 1)
-                        ->orderBy('last_name', 'asc')
-                        ->orderBy('first_name', 'asc')->get()
-                        ->pluck('complete_name', 'id')->toArray();
-
-        return $users_list;
-    }
-
-    /**
-     * Get the list of assets in an array to make a dropdown menu
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v2.5]
-     * @return Array
-     */
-    public static function assetsList()
-    {
-        $assets_list = array('' => trans('general.select_asset')) + Asset::orderBy('name', 'asc')
-                ->whereNull('deleted_at')
-                ->pluck('name', 'id')->toArray();
-        return $assets_list;
-    }
-
-    /**
-     * Get the detailed list of assets in an array to make a dropdown menu
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v2.5]
-     * @return array
-     */
-    public static function detailedAssetList()
-    {
-        $assets = array('' => trans('general.select_asset')) + Company::scopeCompanyables(Asset::with('assignedTo', 'model'), 'assets.company_id')->get()->pluck('detailed_name', 'id')->toArray();
-        return $assets;
-    }
-
-
     /**
      * Get the list of custom fields in an array to make a dropdown menu
      *
@@ -400,7 +227,7 @@ class Helper
     {
         $keys = array_keys(CustomField::$PredefinedFormats);
         $stuff = array_combine($keys, $keys);
-        return $stuff+["" => trans('admin/custom_fields/general.custom_format')];
+        return $stuff;
     }
 
     /**
@@ -454,9 +281,9 @@ class Helper
      */
     public static function checkLowInventory()
     {
-        $consumables = Consumable::with('users')->whereNotNull('min_amt')->get();
-        $accessories = Accessory::with('users')->whereNotNull('min_amt')->get();
-        $components = Component::with('assets')->whereNotNull('min_amt')->get();
+        $consumables = Consumable::withCount('consumableAssignments')->whereNotNull('min_amt')->get();
+        $accessories = Accessory::withCount('users')->whereNotNull('min_amt')->get();
+        $components = Component::withCount('assets')->whereNotNull('min_amt')->get();
 
         $avail_consumables = 0;
         $items_array = array();
@@ -466,7 +293,7 @@ class Helper
             $avail = $consumable->numRemaining();
             if ($avail < ($consumable->min_amt) + \App\Models\Setting::getSettings()->alert_threshold) {
                 if ($consumable->qty > 0) {
-                    $percent = number_format((($consumable->numRemaining() / $consumable->qty) * 100), 0);
+                    $percent = number_format((($avail / $consumable->qty) * 100), 0);
                 } else {
                     $percent = 100;
                 }
@@ -475,7 +302,7 @@ class Helper
                 $items_array[$all_count]['name'] = $consumable->name;
                 $items_array[$all_count]['type'] = 'consumables';
                 $items_array[$all_count]['percent'] = $percent;
-                $items_array[$all_count]['remaining']=$consumable->numRemaining();
+                $items_array[$all_count]['remaining'] = $avail;
                 $items_array[$all_count]['min_amt']=$consumable->min_amt;
                 $all_count++;
             }
@@ -484,11 +311,11 @@ class Helper
         }
 
         foreach ($accessories as $accessory) {
-            $avail = $accessory->numRemaining();
+            $avail = $accessory->qty - $accessory->users_count;
             if ($avail < ($accessory->min_amt) + \App\Models\Setting::getSettings()->alert_threshold) {
 
                 if ($accessory->qty > 0) {
-                    $percent = number_format((($accessory->numRemaining() / $accessory->qty) * 100), 0);
+                    $percent = number_format((($avail / $accessory->qty) * 100), 0);
                 } else {
                     $percent = 100;
                 }
@@ -497,7 +324,7 @@ class Helper
                 $items_array[$all_count]['name'] = $accessory->name;
                 $items_array[$all_count]['type'] = 'accessories';
                 $items_array[$all_count]['percent'] = $percent;
-                $items_array[$all_count]['remaining']=$accessory->numRemaining();
+                $items_array[$all_count]['remaining'] = $avail;
                 $items_array[$all_count]['min_amt']=$accessory->min_amt;
                 $all_count++;
             }
@@ -505,10 +332,10 @@ class Helper
         }
 
         foreach ($components as $component) {
-            $avail = $component->numRemaining();
+            $avail = $component->qty - $component->assets_count;
             if ($avail < ($component->min_amt) + \App\Models\Setting::getSettings()->alert_threshold) {
                 if ($component->qty > 0) {
-                    $percent = number_format((($component->numRemaining() / $component->qty) * 100), 0);
+                    $percent = number_format((($avail / $component->qty) * 100), 0);
                 } else {
                     $percent = 100;
                 }
@@ -517,7 +344,7 @@ class Helper
                 $items_array[$all_count]['name'] = $component->name;
                 $items_array[$all_count]['type'] = 'components';
                 $items_array[$all_count]['percent'] = $percent;
-                $items_array[$all_count]['remaining']=$component->numRemaining();
+                $items_array[$all_count]['remaining'] = $avail;
                 $items_array[$all_count]['min_amt']=$component->min_amt;
                 $all_count++;
             }
@@ -684,7 +511,7 @@ class Helper
 
         $array['status'] = $status;
         $array['messages'] = $messages;
-        if (($messages) && (count($messages) > 0)) {
+        if (($messages) &&  (is_array($messages)) && (count($messages) > 0)) {
             $array['messages'] = $messages;
         }
         ($payload) ? $array['payload'] = $payload : $array['payload'] = null;
@@ -725,5 +552,124 @@ class Helper
     }
 
 
+    // Nicked from Drupal :)
+    // Returns a file size limit in bytes based on the PHP upload_max_filesize
+    // and post_max_size
+    public static function file_upload_max_size() {
+        static $max_size = -1;
+
+        if ($max_size < 0) {
+
+            // Start with post_max_size.
+            $post_max_size = Helper::parse_size(ini_get('post_max_size'));
+            if ($post_max_size > 0) {
+                $max_size = $post_max_size;
+            }
+
+            // If upload_max_size is less, then reduce. Except if upload_max_size is
+            // zero, which indicates no limit.
+            $upload_max = Helper::parse_size(ini_get('upload_max_filesize'));
+            if ($upload_max > 0 && $upload_max < $max_size) {
+                $max_size = $upload_max;
+            }
+        }
+
+        return $max_size;
+    }
+
+    public static function file_upload_max_size_readable() {
+        static $max_size = -1;
+
+        if ($max_size < 0) {
+            // Start with post_max_size.
+            $post_max_size = Helper::parse_size(ini_get('post_max_size'));
+            if ($post_max_size > 0) {
+                $max_size = ini_get('post_max_size');
+            }
+
+            // If upload_max_size is less, then reduce. Except if upload_max_size is
+            // zero, which indicates no limit.
+            $upload_max = Helper::parse_size(ini_get('upload_max_filesize'));
+            if ($upload_max > 0 && $upload_max < $max_size) {
+                $max_size = ini_get('upload_max_filesize');
+            }
+        }
+        return $max_size;
+    }
+
+    public static function parse_size($size) {
+        $unit = preg_replace('/[^bkmgtpezy]/i', '', $size); // Remove the non-unit characters from the size.
+        $size = preg_replace('/[^0-9\.]/', '', $size); // Remove the non-numeric characters from the size.
+        if ($unit) {
+            // Find the position of the unit in the ordered string which is the power of magnitude to multiply a kilobyte by.
+            return round($size * pow(1024, stripos('bkmgtpezy', $unit[0])));
+        }
+        else {
+            return round($size);
+        }
+    }
+
+
+    public static function filetype_icon($filename) {
+
+        $extension = substr(strrchr($filename,'.'),1);
+
+        if ($extension) {
+            switch ($extension) {
+                case 'jpg':
+                case 'jpeg':
+                case 'gif':
+                case 'png':
+                    return "fa fa-file-image-o";
+                    break;
+                case 'doc':
+                case 'docx':
+                    return "fa fa-file-word-o";
+                    break;
+                case 'xls':
+                case 'xlsx':
+                    return "fa fa-file-excel-o";
+                    break;
+                case 'zip':
+                case 'rar':
+                    return "fa fa-file-archive-o";
+                    break;
+                case 'pdf':
+                    return "fa fa-file-pdf-o";
+                    break;
+                case 'txt':
+                    return "fa fa-file-text-o";
+                    break;
+                case 'lic':
+                    return "fa fa-floppy-o";
+                    break;
+                default:
+                    return "fa fa-file-o";
+            }
+        }
+        return "fa fa-file-o";
+    }
+
+    public static function show_file_inline($filename) {
+
+        $extension = substr(strrchr($filename,'.'),1);
+
+        if ($extension) {
+            switch ($extension) {
+                case 'jpg':
+                case 'jpeg':
+                case 'gif':
+                case 'png':
+                    return true;
+                    break;
+                default:
+                    return false;
+            }
+        }
+        return false;
+    }
+
+
+
 
 }

app/Http/Controllers/AccessoriesController.php

@@ -12,12 +12,13 @@ use DB;
 use Gate;
 use Input;
 use Lang;
-use Mail;
 use Redirect;
 use Illuminate\Http\Request;
 use Slack;
 use Str;
 use View;
+use Image;
+use App\Http\Requests\ImageUploadRequest;
 
 /** This controller handles all actions related to Accessories for
  * the Snipe-IT Asset Management application.
@@ -52,13 +53,9 @@ class AccessoriesController extends Controller
     public function create(Request $request)
     {
         $this->authorize('create', Accessory::class);
-        // Show the page
-        return view('accessories/edit')
-          ->with('item', new Accessory)
-          ->with('category_list', Helper::categoryList('accessory'))
-          ->with('company_list', Helper::companyList())
-          ->with('location_list', Helper::locationsList())
-          ->with('manufacturer_list', Helper::manufacturerList());
+        $category_type = 'accessory';
+        return view('accessories/edit')->with('category_type', $category_type)
+          ->with('item', new Accessory);
     }
 
 
@@ -68,7 +65,7 @@ class AccessoriesController extends Controller
    * @author [A. Gianotto] [<snipe@snipe.net>]
    * @return Redirect
    */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
     {
         $this->authorize(Accessory::class);
         // create a new model instance
@@ -87,6 +84,28 @@ class AccessoriesController extends Controller
         $accessory->purchase_cost           = Helper::ParseFloat(request('purchase_cost'));
         $accessory->qty                     = request('qty');
         $accessory->user_id                 = Auth::user()->id;
+        $accessory->supplier_id             = request('supplier_id');
+
+        if ($request->hasFile('image')) {
+
+            if (!config('app.lock_passwords')) {
+                $image = $request->file('image');
+                $ext = $image->getClientOriginalExtension();
+                $file_name = "accessory-".str_random(18).'.'.$ext;
+                $path = public_path('/uploads/accessories');
+                if ($image->getClientOriginalExtension()!='svg') {
+                    Image::make($image->getRealPath())->resize(null, 250, function ($constraint) {
+                        $constraint->aspectRatio();
+                        $constraint->upsize();
+                    })->save($path.'/'.$file_name);
+                } else {
+                    $image->move($path, $file_name);
+                }
+                $accessory->image = $file_name;
+            }
+        }
+
+
 
         // Was the accessory created?
         if ($accessory->save()) {
@@ -105,18 +124,15 @@ class AccessoriesController extends Controller
    */
     public function edit(Request $request, $accessoryId = null)
     {
-        // Check if the accessory exists
-        if (is_null($item = Accessory::find($accessoryId))) {
-            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
+
+        if ($item = Accessory::find($accessoryId)) {
+            $this->authorize($item);
+            $category_type = 'accessory';
+            return view('accessories/edit', compact('item'))->with('category_type', $category_type);
         }
 
-        $this->authorize($item);
+        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
 
-        return view('accessories/edit', compact('item'))
-          ->with('category_list', Helper::categoryList('accessory'))
-          ->with('company_list', Helper::companyList())
-          ->with('location_list', Helper::locationsList())
-          ->with('manufacturer_list', Helper::manufacturerList());
     }
 
 
@@ -127,7 +143,7 @@ class AccessoriesController extends Controller
    * @param  int  $accessoryId
    * @return Redirect
    */
-    public function update(Request $request, $accessoryId = null)
+    public function update(ImageUploadRequest $request, $accessoryId = null)
     {
         if (is_null($accessory = Accessory::find($accessoryId))) {
             return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
@@ -144,11 +160,36 @@ class AccessoriesController extends Controller
         $accessory->manufacturer_id         = request('manufacturer_id');
         $accessory->order_number            = request('order_number');
         $accessory->model_number            = request('model_number');
-        $accessory->purchase_date       = request('purchase_date');
-        $accessory->purchase_cost       = request('purchase_cost');
+        $accessory->purchase_date           = request('purchase_date');
+        $accessory->purchase_cost           = request('purchase_cost');
         $accessory->qty                     = request('qty');
+        $accessory->supplier_id             = request('supplier_id');
 
-      // Was the accessory updated?
+        if ($request->hasFile('image')) {
+
+            if (!config('app.lock_passwords')) {
+                $image = $request->file('image');
+                $ext = $image->getClientOriginalExtension();
+                $file_name = "accessory-".str_random(18).'.'.$ext;
+                $path = public_path('/uploads/accessories');
+                if ($image->getClientOriginalExtension()!='svg') {
+                    Image::make($image->getRealPath())->resize(null, 250, function ($constraint) {
+                        $constraint->aspectRatio();
+                        $constraint->upsize();
+                    })->save($path.'/'.$file_name);
+                } else {
+                    $image->move($path, $file_name);
+                }
+                if (($accessory->image) && (file_exists($path.'/'.$accessory->image))) {
+                    unlink($path.'/'.$accessory->image);
+                }
+
+                $accessory->image = $file_name;
+            }
+        }
+
+
+        // Was the accessory updated?
         if ($accessory->save()) {
             return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.update.success'));
         }
@@ -197,11 +238,7 @@ class AccessoriesController extends Controller
         if (isset($accessory->id)) {
             return view('accessories/view', compact('accessory'));
         }
-        // Prepare the error message
-        $error = trans('admin/accessories/message.does_not_exist', compact('id'));
-
-        // Redirect to the user management page
-        return redirect()->route('accessories')->with('error', $error);
+        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist', compact('id')));
     }
 
   /**
@@ -219,10 +256,17 @@ class AccessoriesController extends Controller
             return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.not_found'));
         }
 
-        $this->authorize('checkout', $accessory);
+        if ($accessory->category) {
+
+            $this->authorize('checkout', $accessory);
+
+            // Get the dropdown of users and then pass it to the checkout view
+            return view('accessories/checkout', compact('accessory'));
+        }
+
+        return redirect()->back()->with('error', 'The category type for this accessory is not valid. Edit the accessory and select a valid accessory category.');
+
 
-        // Get the dropdown of users and then pass it to the checkout view
-        return view('accessories/checkout', compact('accessory'))->with('users_list', Helper::usersList());
 
     }
 
@@ -247,7 +291,7 @@ class AccessoriesController extends Controller
         $this->authorize('checkout', $accessory);
 
         if (!$user = User::find(Input::get('assigned_to'))) {
-            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.not_found'));
+            return redirect()->route('checkout/accessory', $accessory->id)->with('error', trans('admin/accessories/message.checkout.user_does_not_exist'));
         }
 
       // Update the accessory data
@@ -273,15 +317,6 @@ class AccessoriesController extends Controller
         $data['expected_checkin'] = '';
         $data['note'] = $logaction->note;
         $data['require_acceptance'] = $accessory->requireAcceptance();
-        // TODO: Port this to new mail notifications
-        if (($accessory->requireAcceptance()=='1')  || ($accessory->getEula())) {
-
-            Mail::send('emails.accept-accessory', $data, function ($m) use ($user) {
-                $m->to($user->email, $user->first_name . ' ' . $user->last_name);
-                $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
-                $m->subject(trans('mail.Confirm_accessory_delivery'));
-            });
-        }
 
       // Redirect to the new accessory page
         return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.checkout.success'));
@@ -328,7 +363,7 @@ class AccessoriesController extends Controller
       // Check if the accessory exists
         if (is_null($accessory_user = DB::table('accessories_users')->find($accessoryUserId))) {
             // Redirect to the accessory management page with error
-            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.not_found'));
+            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
         }
 
         $accessory = Accessory::find($accessory_user->accessory_id);
@@ -346,20 +381,12 @@ class AccessoriesController extends Controller
 
             $data['log_id'] = $logaction->id;
             $data['first_name'] = e($user->first_name);
+            $data['last_name'] = e($user->last_name);
             $data['item_name'] = e($accessory->name);
             $data['checkin_date'] = e($logaction->created_at);
             $data['item_tag'] = '';
             $data['note'] = e($logaction->note);
 
-            if (($accessory->checkin_email()=='1')) {
-
-                Mail::send('emails.checkin-asset', $data, function ($m) use ($user) {
-                    $m->to($user->email, $user->first_name . ' ' . $user->last_name);
-                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
-                    $m->subject(trans('mail.Confirm_Accessory_Checkin'));
-                });
-            }
-
             if ($backto=='user') {
                 return redirect()->route("users.show", $return_to)->with('success', trans('admin/accessories/message.checkin.success'));
             }
@@ -369,143 +396,5 @@ class AccessoriesController extends Controller
         return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.checkin.error'));
     }
 
-    /**
-     * Generates the JSON response for accessories listing view.
-     *
-     * Example:
-     * {
-     *  "actions": "(links to available actions)",
-     *  "category": "(link to category)",
-     *  "company": "My Company",
-     *  "location":  "My Location",
-     *  "min_amt": 2,
-     *  "name":  "(link to accessory),
-     *  "numRemaining": 6,
-     *  "order_number": null,
-     *  "purchase_cost": "0.00",
-     *  "purchase_date": null,
-     *  "qty": 7
-     *  },
-     *
-     * The names of the fields in the returns JSON correspond directly to the the
-     * names of the fields in the bootstrap-tables in the view.
-     *
-     * For debugging, see at /api/accessories/list
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @param Request $request
-     * @return string JSON containing accessories and their associated atrributes.
-     * @internal param int $accessoryId
-     */
-    public function getDatatable(Request $request)
-    {
-        $this->authorize('index', Accessory::class);
-        $accessories = Company::scopeCompanyables(
-            Accessory::select('accessories.*')
-            ->whereNull('accessories.deleted_at')
-            ->with('category', 'company', 'manufacturer', 'users', 'location')
-        );
-        if (Input::has('search')) {
-            $accessories = $accessories->TextSearch(e(Input::get('search')));
-        }
-        $offset = request('offset', 0);
-        $limit = request('limit', 50);
 
-        $allowed_columns = ['name','min_amt','order_number','purchase_date','purchase_cost','company','category','model_number', 'manufacturer', 'location'];
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
-
-        switch ($sort) {
-            case 'category':
-                $accessories = $accessories->OrderCategory($order);
-                break;
-            case 'company':
-                $accessories = $accessories->OrderCompany($order);
-                break;
-            case 'location':
-                $accessories = $accessories->OrderLocation($order);
-                break;
-            case 'manufacturer':
-                $accessories = $accessories->OrderManufacturer($order);
-                break;
-            default:
-                $accessories = $accessories->orderBy($sort, $order);
-                break;
-        }
-
-        $accessCount = $accessories->count();
-        $accessories = $accessories->skip($offset)->take($limit)->get();
-
-        $rows = array();
-
-        foreach ($accessories as $accessory) {
-            $rows[] = $accessory->present()->forDataTable();
-        }
-
-        $data = array('total'=>$accessCount, 'rows'=>$rows);
-
-        return $data;
-    }
-
-
-  /**
-  * Generates the JSON response for accessory detail view.
-  *
-  * Example:
-  * <code>
-  * {
-  * "rows": [
-  * {
-  * "actions": "(link to available actions)",
-  * "name": "(link to user)"
-  * }
-  * ],
-  * "total": 1
-  * }
-  * </code>
-  *
-  * The names of the fields in the returns JSON correspond directly to the the
-  * names of the fields in the bootstrap-tables in the view.
-  *
-  * For debugging, see at /api/accessories/$accessoryID/view
-  *
-  * @author [A. Gianotto] [<snipe@snipe.net>]
-  * @param  int  $accessoryId
-  * @return string JSON containing accessories and their associated atrributes.
-  **/
-    public function getDataView(Request $request, $accessoryID)
-    {
-        $accessory = Accessory::find($accessoryID);
-
-        if (!Company::isCurrentUserHasAccess($accessory)) {
-            return ['total' => 0, 'rows' => []];
-        }
-
-        $accessory_users = $accessory->users;
-        $count = $accessory_users->count();
-
-        $rows = array();
-
-        foreach ($accessory_users as $user) {
-            $actions = '';
-            if (Gate::allows('checkin', $accessory)) {
-                $actions .= Helper::generateDatatableButton('checkin', route('checkin/accessory', $user->pivot->id));
-            }
-
-            if (Gate::allows('view', $user)) {
-                $name = (string) link_to_route('users.show', e($user->present()->fullName()), [$user->id]);
-            } else {
-                $name = e($user->present()->fullName());
-            }
-
-            $rows[] = array(
-              'name'          => $name,
-              'actions'       => $actions
-              );
-        }
-
-        $data = array('total'=>$count, 'rows'=>$rows);
-
-        return $data;
-    }
 }

app/Http/Controllers/Api/AccessoriesController.php

@@ -7,6 +7,7 @@ use App\Http\Controllers\Controller;
 use App\Helpers\Helper;
 use App\Models\Accessory;
 use App\Http\Transformers\AccessoriesTransformer;
+use App\Models\Company;
 
 
 class AccessoriesController extends Controller
@@ -23,7 +24,7 @@ class AccessoriesController extends Controller
         $this->authorize('view', Accessory::class);
         $allowed_columns = ['id','name','model_number','eol','notes','created_at','min_amt','company_id'];
 
-        $accessories = Accessory::whereNull('accessories.deleted_at')->with('category', 'company', 'manufacturer', 'users', 'location');
+        $accessories = Accessory::with('category', 'company', 'manufacturer', 'users', 'location');
 
         if ($request->has('search')) {
             $accessories = $accessories->TextSearch($request->input('search'));
@@ -33,10 +34,18 @@ class AccessoriesController extends Controller
             $accessories->where('company_id','=',$request->input('company_id'));
         }
 
+        if ($request->has('category_id')) {
+            $accessories->where('category_id','=',$request->input('category_id'));
+        }
+
         if ($request->has('manufacturer_id')) {
             $accessories->where('manufacturer_id','=',$request->input('manufacturer_id'));
         }
 
+        if ($request->has('supplier_id')) {
+            $accessories->where('supplier_id','=',$request->input('supplier_id'));
+        }
+
         $offset = $request->input('offset', 0);
         $limit = $request->input('limit', 50);
         $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
@@ -95,8 +104,6 @@ class AccessoriesController extends Controller
     {
         $this->authorize('view', Accessory::class);
         $accessory = Accessory::findOrFail($id);
-        $accessory_users = $accessory->users;
-
         return (new AccessoriesTransformer)->transformAccessory($accessory);
     }
 
@@ -128,10 +135,15 @@ class AccessoriesController extends Controller
     public function checkedout($id)
     {
         $this->authorize('view', Accessory::class);
-        $accessory = Accessory::findOrFail($id)->with('users')->first();
-        $accessories_users = $accessory->users;
-        $total = $accessories_users->count();
-        return (new AccessoriesTransformer)->transformCheckedoutAccessories($accessories_users, $total);
+
+        $accessory = Accessory::findOrFail($id);
+        if (!Company::isCurrentUserHasAccess($accessory)) {
+            return ['total' => 0, 'rows' => []];
+        }
+        $accessory_users = $accessory->users;
+        $total = $accessory_users->count();
+
+        return (new AccessoriesTransformer)->transformCheckedoutAccessory($accessory_users, $total);
     }
 
 

app/Http/Controllers/Api/AssetMaintenancesController.php

@@ -40,10 +40,26 @@ class AssetMaintenancesController extends Controller
             $maintenances = $maintenances->TextSearch(e($request->input('search')));
         }
 
+        if ($request->has('asset_id')) {
+            $maintenances->where('asset_id', '=', $request->input('asset_id'));
+        }
+
         $offset = request('offset', 0);
         $limit = request('limit', 50);
 
-        $allowed_columns = ['id','title','asset_maintenance_time','asset_maintenance_type','cost','start_date','completion_date','notes','user_id'];
+        $allowed_columns = [
+                                'id',
+                                'title',
+                                'asset_maintenance_time',
+                                'asset_maintenance_type',
+                                'cost',
+                                'start_date',
+                                'completion_date',
+                                'notes',
+                                'asset_tag',
+                                'asset_name',
+                                'user_id'
+                            ];
         $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
         $sort = in_array(Input::get('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
 
@@ -51,16 +67,20 @@ class AssetMaintenancesController extends Controller
             case 'user_id':
                 $maintenances = $maintenances->OrderAdmin($order);
                 break;
+            case 'asset_tag':
+                $maintenances = $maintenances->OrderByTag($order);
+                break;
+            case 'asset_name':
+                $maintenances = $maintenances->OrderByAssetName($order);
+                break;
             default:
                 $maintenances = $maintenances->orderBy($sort, $order);
                 break;
         }
 
-
+        $total = $maintenances->count();
         $maintenances = $maintenances->skip($offset)->take($limit)->get();
-
-
-        return (new AssetMaintenancesTransformer())->transformAssetMaintenances($maintenances, $maintenances->count());
+        return (new AssetMaintenancesTransformer())->transformAssetMaintenances($maintenances, $total);
 
 
     }

app/Http/Controllers/Api/AssetModelsController.php

@@ -8,6 +8,7 @@ use App\Helpers\Helper;
 use Illuminate\Http\Request;
 use App\Http\Transformers\AssetModelsTransformer;
 use App\Http\Transformers\AssetsTransformer;
+use App\Http\Transformers\SelectlistTransformer;
 
 
 /**
@@ -29,17 +30,36 @@ class AssetModelsController extends Controller
     public function index(Request $request)
     {
         $this->authorize('view', AssetModel::class);
-        $allowed_columns = ['id','image','name','model_number','eol','notes','created_at','manufacturer'];
+        $allowed_columns = ['id','image','name','model_number','eol','notes','created_at','manufacturer','assets_count'];
 
-        $assetmodels = AssetModel::select(['models.id','models.image','models.name','model_number','eol','models.notes','models.created_at','category_id','manufacturer_id','depreciation_id','fieldset_id'])
+        $assetmodels = AssetModel::select([
+            'models.id',
+            'models.image',
+            'models.name',
+            'model_number',
+            'eol',
+            'models.notes',
+            'models.created_at',
+            'category_id',
+            'manufacturer_id',
+            'depreciation_id',
+            'fieldset_id',
+            'models.deleted_at',
+            'models.updated_at',
+         ])
             ->with('category','depreciation', 'manufacturer','fieldset')
             ->withCount('assets');
 
+
+
+        if ($request->has('status')) {
+            $assetmodels->onlyTrashed();
+        }
+
         if ($request->has('search')) {
             $assetmodels->TextSearch($request->input('search'));
         }
 
-
         $offset = $request->input('offset', 0);
         $limit = $request->input('limit', 50);
         $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
@@ -55,6 +75,7 @@ class AssetModelsController extends Controller
         }
 
 
+
         $total = $assetmodels->count();
         $assetmodels = $assetmodels->skip($offset)->take($limit)->get();
         return (new AssetModelsTransformer)->transformAssetModels($assetmodels, $total);
@@ -124,13 +145,13 @@ class AssetModelsController extends Controller
      */
     public function update(Request $request, $id)
     {
-        $this->authorize('edit', AssetModel::class);
+        $this->authorize('update', AssetModel::class);
         $assetmodel = AssetModel::findOrFail($id);
         $assetmodel->fill($request->all());
         $assetmodel->fieldset_id = $request->get("custom_fieldset_id");
 
         if ($assetmodel->save()) {
-            return response()->json(Helper::formatStandardApiResponse('success', $assetmodel, trans('admin/assetmodels/message.update.success')));
+            return response()->json(Helper::formatStandardApiResponse('success', $assetmodel, trans('admin/models/message.update.success')));
         }
 
         return response()->json(Helper::formatStandardApiResponse('error', null, $assetmodel->getErrors()));
@@ -154,8 +175,69 @@ class AssetModelsController extends Controller
             return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/models/message.assoc_users')));
         }
 
+        if ($assetmodel->image) {
+            try  {
+                unlink(public_path().'/uploads/models/'.$assetmodel->image);
+            } catch (\Exception $e) {
+                \Log::error($e);
+            }
+        }
+
         $assetmodel->delete();
-        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/assetmodels/message.delete.success')));
+        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/models/message.delete.success')));
 
     }
+
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request)
+    {
+
+        $assetmodels = AssetModel::select([
+            'models.id',
+            'models.name',
+            'models.image',
+            'models.model_number',
+            'models.manufacturer_id',
+            'models.category_id',
+        ])->with('manufacturer','category');
+
+        $settings = \App\Models\Setting::getSettings();
+
+        if ($request->has('search')) {
+            $assetmodels = $assetmodels->SearchByManufacturerOrCat($request->input('search'));
+        }
+
+        $assetmodels = $assetmodels->OrderCategory('ASC')->OrderManufacturer('ASC')->orderby('models.name', 'asc')->orderby('models.model_number', 'asc')->paginate(50);
+
+        foreach ($assetmodels as $assetmodel) {
+
+            $assetmodel->use_text = '';
+
+            if ($settings->modellistCheckedValue('category')) {
+                $assetmodel->use_text .= (($assetmodel->category) ? e($assetmodel->category->name).' - ' : '');
+            }
+
+            if ($settings->modellistCheckedValue('manufacturer')) {
+                $assetmodel->use_text .= (($assetmodel->manufacturer) ? e($assetmodel->manufacturer->name).' ' : '');
+            }
+
+            $assetmodel->use_text .=  e($assetmodel->name);
+
+            if (($settings->modellistCheckedValue('model_number')) && ($assetmodel->model_number!='')) {
+                $assetmodel->use_text .=  ' (#'.e($assetmodel->model_number).')';
+            }
+
+            $assetmodel->use_image = ($settings->modellistCheckedValue('image') && ($assetmodel->image)) ? url('/').'/uploads/models/'.$assetmodel->image : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($assetmodels);
+    }
+
 }

app/Http/Controllers/Api/AssetsController.php

@@ -4,6 +4,7 @@ namespace App\Http\Controllers\Api;
 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\AssetRequest;
+use App\Http\Requests\AssetCheckoutRequest;
 use App\Http\Transformers\AssetsTransformer;
 use App\Models\Asset;
 use App\Models\AssetModel;
@@ -30,6 +31,7 @@ use Str;
 use TCPDF;
 use Validator;
 use View;
+use App\Http\Transformers\SelectlistTransformer;
 
 
 /**
@@ -52,7 +54,9 @@ class AssetsController extends Controller
      */
     public function index(Request $request)
     {
+
         $this->authorize('index', Asset::class);
+        $settings = Setting::getSettings();
 
         $allowed_columns = [
             'id',
@@ -69,36 +73,40 @@ class AssetsController extends Controller
             'created_at',
             'updated_at',
             'purchase_date',
-            'purchase_cost'
+            'purchase_cost',
+            'last_audit_date',
+            'next_audit_date',
+            'warranty_months',
+            'checkout_counter',
+            'checkin_counter',
+            'requests_counter',
         ];
 
         $filter = array();
-        if ($request->has('filter')) {
-            $filter = json_decode($request->input('filter'));
-        }
 
+        if ($request->has('filter')) {
+            $filter = json_decode($request->input('filter'), true);
+        }
 
         $all_custom_fields = CustomField::all(); //used as a 'cache' of custom fields throughout this page load
         foreach ($all_custom_fields as $field) {
             $allowed_columns[]=$field->db_column_name();
         }
 
-        $assets = Company::scopeCompanyables(Asset::select('assets.*'))->with(
-            'assetloc', 'assetstatus', 'defaultLoc', 'assetlog', 'company',
+        $assets = Company::scopeCompanyables(Asset::select('assets.*'),"company_id","assets")
+            ->with('location', 'assetstatus', 'assetlog', 'company', 'defaultLoc','assignedTo',
             'model.category', 'model.manufacturer', 'model.fieldset','supplier');
-        // If we should search on everything
-        if (($request->has('search')) && (count($filter) == 0)) {
-            $assets->TextSearch($request->input('search'));
-        // otherwise loop through the filters and search strictly on them
-        } else {
-            if (count($filter) > 0) {
-                $assets->ByFilter($filter);
-            }
+
+
+        // These are used by the API to query against specific ID numbers.
+        // They are also used by the individual searches on detail pages like
+        // locations, etc.
+        if ($request->has('status_id')) {
+            $assets->where('assets.status_id', '=', $request->input('status_id'));
         }
 
-        // These are used by the API to query against specific ID numbers
-        if ($request->has('status_id')) {
-            $assets->where('status_id', '=', $request->input('status_id'));
+        if ($request->input('requestable')=='true') {
+            $assets->where('assets.requestable', '=', '1');
         }
 
         if ($request->has('model_id')) {
@@ -110,13 +118,18 @@ class AssetsController extends Controller
         }
 
         if ($request->has('location_id')) {
-            $assets->ByLocationId($request->input('location_id'));
+            $assets->where('assets.location_id', '=', $request->input('location_id'));
         }
 
         if ($request->has('supplier_id')) {
             $assets->where('assets.supplier_id', '=', $request->input('supplier_id'));
         }
 
+        if (($request->has('assigned_to')) && ($request->has('assigned_type'))) {
+            $assets->where('assets.assigned_to', '=', $request->input('assigned_to'))
+                    ->where('assets.assigned_type', '=', $request->input('assigned_type'));
+        }
+
         if ($request->has('company_id')) {
             $assets->where('assets.company_id', '=', $request->input('company_id'));
         }
@@ -125,44 +138,104 @@ class AssetsController extends Controller
             $assets->ByManufacturer($request->input('manufacturer_id'));
         }
 
-        $request->has('order_number') ? $assets = $assets->where('order_number', '=', e($request->get('order_number'))) : '';
+        if ($request->has('depreciation_id')) {
+            $assets->ByDepreciationId($request->input('depreciation_id'));
+        }
+
+        $request->has('order_number') ? $assets = $assets->where('assets.order_number', '=', e($request->get('order_number'))) : '';
 
         $offset = request('offset', 0);
         $limit = $request->input('limit', 50);
         $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
 
-
         // This is used by the sidenav, mostly
+
+        // We switched from using query scopes here because of a Laravel bug
+        // related to fulltext searches on complex queries.
+        // I am sad. :(
         switch ($request->input('status')) {
             case 'Deleted':
                 $assets->withTrashed()->Deleted();
                 break;
             case 'Pending':
-                $assets->Pending();
+                $assets->join('status_labels AS status_alias',function ($join) {
+                    $join->on('status_alias.id', "=", "assets.status_id")
+                        ->where('status_alias.deployable','=',0)
+                        ->where('status_alias.pending','=',1)
+                        ->where('status_alias.archived', '=', 0);
+                });
                 break;
             case 'RTD':
-                $assets->RTD();
+                $assets->whereNull('assets.assigned_to')
+                ->join('status_labels AS status_alias',function ($join) {
+                    $join->on('status_alias.id', "=", "assets.status_id")
+                        ->where('status_alias.deployable','=',1)
+                        ->where('status_alias.pending','=',0)
+                        ->where('status_alias.archived', '=', 0);
+                });
                 break;
             case 'Undeployable':
                 $assets->Undeployable();
                 break;
             case 'Archived':
-                $assets->Archived();
+                $assets->join('status_labels AS status_alias',function ($join) {
+                    $join->on('status_alias.id', "=", "assets.status_id")
+                        ->where('status_alias.deployable','=',0)
+                        ->where('status_alias.pending','=',0)
+                        ->where('status_alias.archived', '=', 1);
+                });
                 break;
             case 'Requestable':
-                $assets->RequestableAssets();
+                $assets->where('assets.requestable', '=', 1)
+                    ->join('status_labels AS status_alias',function ($join) {
+                    $join->on('status_alias.id', "=", "assets.status_id")
+                        ->where('status_alias.deployable','=',1)
+                        ->where('status_alias.pending','=',0)
+                        ->where('status_alias.archived', '=', 0);
+                });
+
                 break;
             case 'Deployed':
-                $assets->Deployed();
+                // more sad, horrible workarounds for laravel bugs when doing full text searches
+                $assets->where('assets.assigned_to', '>', '0');
                 break;
+            default:
+
+                if ((!$request->has('status_id')) && ($settings->show_archived_in_list!='1')) {
+                    // terrible workaround for complex-query Laravel bug in fulltext
+                    $assets->join('status_labels AS status_alias',function ($join) {
+                        $join->on('status_alias.id', "=", "assets.status_id")
+                            ->where('status_alias.archived', '=', 0);
+                    });
+                    
+                // If there is a status ID, don't take show_archived_in_list into consideration
+                } else {
+                    $assets->join('status_labels AS status_alias',function ($join) {
+                        $join->on('status_alias.id', "=", "assets.status_id");
+                    });
+                }
+
         }
 
 
+        if ((!is_null($filter)) && (count($filter)) > 0) {
+            $assets->ByFilter($filter);
+        } elseif ($request->has('search')) {
+            $assets->TextSearch($request->input('search'));
+        }
 
-        // This handles all of the pivot sorting (versus the assets.* fields in the allowed_columns array)
-        $column_sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'assets.created_at';
 
-        switch ($request->input('sort')) {
+        // This is kinda gross, but we need to do this because the Bootstrap Tables
+        // API passes custom field ordering as custom_fields.fieldname, and we have to strip
+        // that out to let the default sorter below order them correctly on the assets table.
+        $sort_override = str_replace('custom_fields.','', $request->input('sort')) ;
+
+        // This handles all of the pivot sorting (versus the assets.* fields
+        // in the allowed_columns array)
+        $column_sort = in_array($sort_override, $allowed_columns) ? $sort_override : 'assets.created_at';
+        
+        
+        switch ($sort_override) {
             case 'model':
                 $assets->OrderModels($order);
                 break;
@@ -180,6 +253,8 @@ class AssetsController extends Controller
                 break;
             case 'location':
                 $assets->OrderLocation($order);
+            case 'rtd_location':
+                $assets->OrderRtdLocation($order);
                 break;
             case 'status_label':
                 $assets->OrderStatus($order);
@@ -194,13 +269,52 @@ class AssetsController extends Controller
                 $assets->orderBy($column_sort, $order);
                 break;
         }
-        
+
+
         $total = $assets->count();
         $assets = $assets->skip($offset)->take($limit)->get();
         return (new AssetsTransformer)->transformAssets($assets, $total);
     }
 
 
+    /**
+     * Returns JSON with information about an asset (by tag) for detail view.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param string $tag
+     * @since [v4.2.1]
+     * @return JsonResponse
+     */
+    public function showByTag($tag)
+    {
+        if ($asset = Asset::with('assetstatus')->with('assignedTo')->withTrashed()->where('asset_tag',$tag)->first()) {
+            $this->authorize('view', $asset);
+            return (new AssetsTransformer)->transformAsset($asset);
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 404);
+
+    }
+
+    /**
+     * Returns JSON with information about an asset (by serial) for detail view.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param string $serial
+     * @since [v4.2.1]
+     * @return JsonResponse
+     */
+    public function showBySerial($serial)
+    {
+        if ($assets = Asset::with('assetstatus')->with('assignedTo')
+            ->withTrashed()->where('serial',$serial)->get()) {
+                $this->authorize('view', $assets);
+                return (new AssetsTransformer)->transformAssets($assets, $assets->count());
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 404);
+
+    }
+
+
      /**
      * Returns JSON with information about an asset for detail view.
      *
@@ -211,12 +325,69 @@ class AssetsController extends Controller
      */
     public function show($id)
     {
-        if ($asset = Asset::withTrashed()->find($id)) {
+        if ($asset = Asset::with('assetstatus')->with('assignedTo')->withTrashed()->withCount('checkins', 'checkouts', 'userRequests')->findOrFail($id)) {
             $this->authorize('view', $asset);
             return (new AssetsTransformer)->transformAsset($asset);
         }
 
-        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 200);
+
+    }
+
+
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request)
+    {
+
+        $assets = Company::scopeCompanyables(Asset::select([
+            'assets.id',
+            'assets.name',
+            'assets.asset_tag',
+            'assets.model_id',
+            'assets.assigned_to',
+            'assets.assigned_type',
+            'assets.status_id'
+            ])->with('model', 'assetstatus', 'assignedTo')->NotArchived());
+
+        if ($request->has('assetStatusType') && $request->input('assetStatusType') === 'RTD') {
+            $assets = $assets->RTD();
+        }
+
+        if ($request->has('search')) {
+            $assets = $assets->AssignedSearch($request->input('search'));
+        }
+
+
+        $assets = $assets->paginate(50);
+
+        // Loop through and set some custom properties for the transformer to use.
+        // This lets us have more flexibility in special cases like assets, where
+        // they may not have a ->name value but we want to display something anyway
+        foreach ($assets as $asset) {
+
+
+            $asset->use_text = $asset->present()->fullName;
+
+            if (($asset->checkedOutToUser()) && ($asset->assigned)) {
+                $asset->use_text .= ' → '.$asset->assigned->getFullNameAttribute();
+            }
+
+            
+            if ($asset->assetstatus->getStatuslabelType()=='pending') {
+                $asset->use_text .=  '('.$asset->assetstatus->getStatuslabelType().')';
+            }
+
+            $asset->use_image = ($asset->getImageUrl()) ? $asset->getImageUrl() : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($assets);
+
     }
 
 
@@ -242,7 +413,7 @@ class AssetsController extends Controller
         $asset->model_id                = $request->get('model_id');
         $asset->order_number            = $request->get('order_number');
         $asset->notes                   = $request->get('notes');
-        $asset->asset_tag               = $request->get('asset_tag');
+        $asset->asset_tag               = $request->get('asset_tag', Asset::autoincrement_asset());
         $asset->user_id                 = Auth::id();
         $asset->archived                = '0';
         $asset->physical                = '1';
@@ -261,12 +432,12 @@ class AssetsController extends Controller
         $model = AssetModel::find($request->get('model_id'));
         if ($model->fieldset) {
             foreach ($model->fieldset->fields as $field) {
-                $asset->{$field->convertUnicodeDbSlug()} = e($request->input($field->convertUnicodeDbSlug()));
+                $asset->{$field->convertUnicodeDbSlug()} = e($request->input($field->convertUnicodeDbSlug(), null));
             }
         }
 
         if ($asset->save()) {
-            $asset->logCreate();
+
             if ($request->get('assigned_user')) {
                 $target = User::find(request('assigned_user'));
             } elseif ($request->get('assigned_asset')) {
@@ -294,7 +465,7 @@ class AssetsController extends Controller
      */
     public function update(Request $request, $id)
     {
-        $this->authorize('create', Asset::class);
+        $this->authorize('update', Asset::class);
 
         if ($asset = Asset::find($id)) {
             ($request->has('model_id')) ?
@@ -329,31 +500,34 @@ class AssetsController extends Controller
                 $asset->requestable = $request->get('requestable') : '';
             ($request->has('rtd_location_id')) ?
                 $asset->rtd_location_id = $request->get('rtd_location_id') : '';
+            ($request->has('rtd_location_id')) ?
+                $asset->location_id = $request->get('rtd_location_id') : '';
             ($request->has('company_id')) ?
                 $asset->company_id = Company::getIdForCurrentUser($request->get('company_id')) : '';
 
-            if ($request->has('model_id')) {
-                if (($model = AssetModel::find($request->get('model_id'))) && (isset($model->fieldset))) {
-                    foreach ($model->fieldset->fields as $field) {
-                        if ($request->has($field->convertUnicodeDbSlug())) {
-                            $asset->{$field->convertUnicodeDbSlug()} = e($request->input($field->convertUnicodeDbSlug()));
-                        }
+
+            // Update custom fields
+            if (($model = AssetModel::find($asset->model_id)) && (isset($model->fieldset))) {
+                foreach ($model->fieldset->fields as $field) {
+                    if ($request->has($field->convertUnicodeDbSlug())) {
+                        $asset->{$field->convertUnicodeDbSlug()} = e($request->input($field->convertUnicodeDbSlug()));
                     }
                 }
             }
 
+
             if ($asset->save()) {
 
-                if ($request->get('assigned_user')) {
-                    $target = User::find(request('assigned_user'));
-                } elseif ($request->get('assigned_asset')) {
-                    $target = Asset::find(request('assigned_asset'));
-                } elseif ($request->get('assigned_location')) {
-                    $target = Location::find(request('assigned_location'));
+                if (($request->has('assigned_user')) && ($target = User::find($request->get('assigned_user')))) {
+                        $location = $target->location_id;
+                } elseif (($request->has('assigned_asset')) && ($target = Asset::find($request->get('assigned_asset')))) {
+                            $location = $target->location_id;
+                } elseif (($request->has('assigned_location')) && ($target = Location::find($request->get('assigned_location')))) {
+                    $location = $target->id;
                 }
 
                 if (isset($target)) {
-                    $asset->checkOut($target, Auth::user(), date('Y-m-d H:i:s'), '', 'Checked out on asset update', e($request->get('name')));
+                    $asset->checkOut($target, Auth::user(), date('Y-m-d H:i:s'), '', 'Checked out on asset update', e($request->get('name')), $location);
                 }
 
                 return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.update.success')));
@@ -402,7 +576,7 @@ class AssetsController extends Controller
      * @since [v4.0]
      * @return JsonResponse
      */
-    public function checkout(Request $request, $asset_id)
+    public function checkout(AssetCheckoutRequest $request, $asset_id)
     {
         $this->authorize('checkout', Asset::class);
         $asset = Asset::findOrFail($asset_id);
@@ -413,25 +587,61 @@ class AssetsController extends Controller
 
         $this->authorize('checkout', $asset);
 
-        if ($request->has('user_id')) {
-            $target = User::find($request->input('user_id'));
-        } elseif ($request->has('asset_id')) {
-            $target = Asset::find($request->input('asset_id'));
-        } elseif ($request->has('location_id')) {
-            $target = Location::find($request->input('location_id'));
+        $error_payload = [];
+        $error_payload['asset'] = [
+            'id' => $asset->id,
+            'asset_tag' => $asset->asset_tag,
+        ];
+
+
+        // This item is checked out to a location
+        if (request('checkout_to_type')=='location') {
+            $target = Location::find(request('assigned_location'));
+            $asset->location_id = ($target) ? $target->id : '';
+            $error_payload['target_id'] = $request->input('assigned_location');
+            $error_payload['target_type'] = 'location';
+
+        } elseif (request('checkout_to_type')=='asset') {
+            $target = Asset::where('id','!=',$asset_id)->find(request('assigned_asset'));
+            $asset->location_id = $target->rtd_location_id;
+            // Override with the asset's location_id if it has one
+            if ($target->location_id!='') {
+                $asset->location_id = ($target) ? $target->location_id : '';
+            }
+            $error_payload['target_id'] = $request->input('assigned_asset');
+            $error_payload['target_type'] = 'asset';
+
+        } elseif (request('checkout_to_type')=='user') {
+            // Fetch the target and set the asset's new location_id
+            $target = User::find(request('assigned_user'));
+            $asset->location_id = ($target) ? $target->location_id : '';
+            $error_payload['target_id'] = $request->input('assigned_user');
+            $error_payload['target_type'] = 'user';
         }
 
+
+
         if (!isset($target)) {
-            return response()->json(Helper::formatStandardApiResponse('error', ['asset'=> e($asset->asset_tag)], 'No valid checkout target specified for asset '.e($asset->asset_tag).'.'));
+            return response()->json(Helper::formatStandardApiResponse('error', $error_payload, 'Checkout target for asset '.e($asset->asset_tag).' is invalid - '.$error_payload['target_type'].' does not exist.'));
         }
 
+
+
         $checkout_at = request('checkout_at', date("Y-m-d H:i:s"));
         $expected_checkin = request('expected_checkin', null);
         $note = request('note', null);
         $asset_name = request('name', null);
         
+        // Set the location ID to the RTD location id if there is one
+        if ($asset->rtd_location_id!='') {
+            $asset->location_id = $target->rtd_location_id;
+        }
 
-        if ($asset->checkOut($target, Auth::user(), $checkout_at, $expected_checkin, $note, $asset_name)) {
+
+
+        
+
+        if ($asset->checkOut($target, Auth::user(), $checkout_at, $expected_checkin, $note, $asset_name, $asset->location_id)) {
             return response()->json(Helper::formatStandardApiResponse('success', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkout.success')));
         }
 
@@ -447,7 +657,7 @@ class AssetsController extends Controller
      * @since [v4.0]
      * @return JsonResponse
      */
-    public function checkin($asset_id)
+    public function checkin(Request $request, $asset_id)
     {
         $this->authorize('checkin', Asset::class);
         $asset = Asset::findOrFail($asset_id);
@@ -464,32 +674,19 @@ class AssetsController extends Controller
         $asset->assigned_to = null;
         $asset->assignedTo()->disassociate($asset);
         $asset->accepted = null;
-        $asset->name = e(Input::get('name'));
+        $asset->name = Input::get('name');
+        $asset->location_id =  $asset->rtd_location_id;
 
-        if (Input::has('status_id')) {
-            $asset->status_id =  e(Input::get('status_id'));
+        if ($request->has('location_id')) {
+            $asset->location_id =  $request->input('location_id');
+        }
+
+        if (Input::has('status_id')) {
+            $asset->status_id =  Input::get('status_id');
         }
 
-        // Was the asset updated?
         if ($asset->save()) {
-            $logaction = $asset->logCheckin($target, e(request('note')));
-
-            $data['log_id'] = $logaction->id;
-            $data['first_name'] = get_class($target) == User::class ? $target->first_name : '';
-            $data['item_name'] = $asset->present()->name();
-            $data['checkin_date'] = $logaction->created_at;
-            $data['item_tag'] = $asset->asset_tag;
-            $data['item_serial'] = $asset->serial;
-            $data['note'] = $logaction->note;
-
-            if ((($asset->checkin_email()=='1')) && (isset($user)) && (!config('app.lock_passwords'))) {
-                Mail::send('emails.checkin-asset', $data, function ($m) use ($user) {
-                    $m->to($user->email, $user->first_name . ' ' . $user->last_name);
-                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
-                    $m->subject(trans('mail.Confirm_Asset_Checkin'));
-                });
-            }
-
+            $asset->logCheckin($target, e(request('note')));
             return response()->json(Helper::formatStandardApiResponse('success', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkin.success')));
         }
 
@@ -524,7 +721,11 @@ class AssetsController extends Controller
 
 
         if ($asset) {
+            // We don't want to log this as a normal update, so let's bypass that
+            $asset->unsetEventDispatcher();
             $asset->next_audit_date = $request->input('next_audit_date');
+            $asset->last_audit_date = date('Y-m-d h:i:s');
+
             if ($asset->save()) {
                 $log = $asset->logAudit(request('note'),request('location_id'));
                 return response()->json(Helper::formatStandardApiResponse('success', [
@@ -541,5 +742,51 @@ class AssetsController extends Controller
 
 
 
+    }
+
+
+
+    /**
+     * Returns JSON listing of all requestable assets
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return JsonResponse
+     */
+    public function requestable(Request $request)
+    {
+        $this->authorize('viewRequestable', Asset::class);
+
+        $assets = Company::scopeCompanyables(Asset::select('assets.*'),"company_id","assets")
+            ->with('location', 'assetstatus', 'assetlog', 'company', 'defaultLoc','assignedTo',
+                'model.category', 'model.manufacturer', 'model.fieldset','supplier')->where('assets.requestable', '=', '1');
+
+        $offset = request('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $assets->TextSearch($request->input('search'));
+
+        switch ($request->input('sort')) {
+            case 'model':
+                $assets->OrderModels($order);
+                break;
+            case 'model_number':
+                $assets->OrderModelNumber($order);
+                break;
+            case 'category':
+                $assets->OrderCategory($order);
+                break;
+            case 'manufacturer':
+                $assets->OrderManufacturer($order);
+                break;
+            default:
+                $assets->orderBy('assets.created_at', $order);
+                break;
+        }
+
+
+        $total = $assets->count();
+        $assets = $assets->skip($offset)->take($limit)->get();
+        return (new AssetsTransformer)->transformRequestedAssets($assets, $total);
     }
 }

app/Http/Controllers/Api/CategoriesController.php

@@ -7,6 +7,7 @@ use App\Http\Controllers\Controller;
 use App\Helpers\Helper;
 use App\Models\Category;
 use App\Http\Transformers\CategoriesTransformer;
+use App\Http\Transformers\SelectlistTransformer;
 
 class CategoriesController extends Controller
 {
@@ -20,10 +21,10 @@ class CategoriesController extends Controller
     public function index(Request $request)
     {
         $this->authorize('view', Category::class);
-        $allowed_columns = ['id', 'name','category_type','use_default_eula','require_acceptance','checkin_email'];
+        $allowed_columns = ['id', 'name','category_type', 'category_type','use_default_eula','eula_text', 'require_acceptance','checkin_email', 'assets_count', 'accessories_count', 'consumables_count', 'components_count','licenses_count', 'image'];
 
-        $categories = Category::select(['id', 'created_at', 'updated_at', 'name','category_type','use_default_eula','require_acceptance','checkin_email'])
-            ->withCount('assets', 'accessories', 'consumables', 'components');
+        $categories = Category::select(['id', 'created_at', 'updated_at', 'name','category_type','use_default_eula','eula_text', 'require_acceptance','checkin_email','image'])
+            ->withCount('assets', 'accessories', 'consumables', 'components','licenses');
 
         if ($request->has('search')) {
             $categories = $categories->TextSearch($request->input('search'));
@@ -32,7 +33,7 @@ class CategoriesController extends Controller
         $offset = $request->input('offset', 0);
         $limit = $request->input('limit', 50);
         $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'assets_count';
         $categories->orderBy($sort, $order);
 
         $total = $categories->count();
@@ -91,7 +92,7 @@ class CategoriesController extends Controller
      */
     public function update(Request $request, $id)
     {
-        $this->authorize('edit', Category::class);
+        $this->authorize('update', Category::class);
         $category = Category::findOrFail($id);
         $category->fill($request->all());
 
@@ -128,4 +129,40 @@ class CategoriesController extends Controller
         return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/categories/message.delete.success')));
 
     }
+
+
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request, $category_type = 'asset')
+    {
+
+        $categories = Category::select([
+            'id',
+            'name',
+            'image',
+        ]);
+
+        if ($request->has('search')) {
+            $categories = $categories->where('name', 'LIKE', '%'.$request->get('search').'%');
+        }
+
+        $categories = $categories->where('category_type', $category_type)->orderBy('name', 'ASC')->paginate(50);
+
+        // Loop through and set some custom properties for the transformer to use.
+        // This lets us have more flexibility in special cases like assets, where
+        // they may not have a ->name value but we want to display something anyway
+        foreach ($categories as $category) {
+            $category->use_image = ($category->image) ? url('/').'/uploads/categories/'.$category->image : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($categories);
+
+    }
+
 }

app/Http/Controllers/Api/CompaniesController.php

@@ -7,6 +7,7 @@ use Illuminate\Http\Request;
 use App\Http\Controllers\Controller;
 use App\Helpers\Helper;
 use App\Models\Company;
+use App\Http\Transformers\SelectlistTransformer;
 
 class CompaniesController extends Controller
 {
@@ -21,12 +22,20 @@ class CompaniesController extends Controller
     {
         $this->authorize('view', Company::class);
 
-        $allowed_columns = ['id','name'];
+        $allowed_columns = [
+            'id',
+            'name',
+            'created_at',
+            'updated_at',
+            'users_count',
+            'assets_count',
+            'licenses_count',
+            'accessories_count',
+            'consumables_count',
+            'components_count',
+        ];
 
-        $companies = Company::withCount('assets','licenses','accessories','consumables','components','users')
-            ->withCount('users')->withCount('users')->withCount('assets')
-            ->withCount('licenses')->withCount('accessories')
-            ->withCount('consumables')->withCount('components');
+        $companies = Company::withCount('assets','licenses','accessories','consumables','components','users');
 
         if ($request->has('search')) {
             $companies->TextSearch($request->input('search'));
@@ -95,7 +104,7 @@ class CompaniesController extends Controller
      */
     public function update(Request $request, $id)
     {
-        $this->authorize('edit', Company::class);
+        $this->authorize('update', Company::class);
         $company = Company::findOrFail($id);
         $company->fill($request->all());
 
@@ -141,4 +150,37 @@ class CompaniesController extends Controller
         }
 
     }
+
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request)
+    {
+
+        $companies = Company::select([
+            'companies.id',
+            'companies.name',
+            'companies.image',
+        ]);
+
+        if ($request->has('search')) {
+            $companies = $companies->where('companies.name', 'LIKE', '%'.$request->get('search').'%');
+        }
+
+        $companies = $companies->orderBy('name', 'ASC')->paginate(50);
+
+        // Loop through and set some custom properties for the transformer to use.
+        // This lets us have more flexibility in special cases like assets, where
+        // they may not have a ->name value but we want to display something anyway
+        foreach ($companies as $company) {
+            $company->use_image = ($company->image) ? url('/').'/uploads/companies/'.$company->image : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($companies);
+    }
 }

app/Http/Controllers/Api/ComponentsController.php

@@ -24,17 +24,29 @@ class ComponentsController extends Controller
     public function index(Request $request)
     {
         $this->authorize('view', Component::class);
-        $components = Company::scopeCompanyables(Component::select('components.*')->whereNull('components.deleted_at')
+        $components = Company::scopeCompanyables(Component::select('components.*')
             ->with('company', 'location', 'category'));
 
         if ($request->has('search')) {
             $components = $components->TextSearch($request->input('search'));
         }
 
+        if ($request->has('company_id')) {
+            $components->where('company_id','=',$request->input('company_id'));
+        }
+
+        if ($request->has('category_id')) {
+            $components->where('category_id','=',$request->input('category_id'));
+        }
+
+        if ($request->has('location_id')) {
+            $components->where('location_id','=',$request->input('location_id'));
+        }
+
         $offset = request('offset', 0);
         $limit = request('limit', 50);
 
-        $allowed_columns = ['id','name','min_amt','order_number','serial','purchase_date','purchase_cost','company','category','qty','location'];
+        $allowed_columns = ['id','name','min_amt','order_number','serial','purchase_date','purchase_cost','company','category','qty','location','image'];
         $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
         $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
 
@@ -89,13 +101,11 @@ class ComponentsController extends Controller
     public function show($id)
     {
         $this->authorize('view', Component::class);
-        $component = Component::find($id);
+        $component = Component::findOrFail($id);
 
         if ($component) {
             return (new ComponentsTransformer)->transformComponent($component);
         }
-        
-        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/components/message.does_not_exist')));
     }
 
 
@@ -110,7 +120,7 @@ class ComponentsController extends Controller
      */
     public function update(Request $request, $id)
     {
-        $this->authorize('edit', Component::class);
+        $this->authorize('update', Component::class);
         $component = Component::findOrFail($id);
         $component->fill($request->all());
 
@@ -149,7 +159,7 @@ class ComponentsController extends Controller
     */
     public function getAssets(Request $request, $id)
     {
-        $this->authorize('index', Asset::class);
+        $this->authorize('view', \App\Models\Asset::class);
         
         $component = Component::findOrFail($id);
         $assets = $component->assets();
@@ -158,6 +168,6 @@ class ComponentsController extends Controller
         $limit = $request->input('limit', 50);
         $total = $assets->count();
         $assets = $assets->skip($offset)->take($limit)->get();
-        return (new ComponentsAssetsTransformer)->transformAssets($assets, $total);
+        return (new ComponentsTransformer)->transformCheckedoutComponents($assets, $total);
     }
 }

app/Http/Controllers/Api/ConsumablesController.php

@@ -24,7 +24,6 @@ class ConsumablesController extends Controller
         $this->authorize('index', Consumable::class);
         $consumables = Company::scopeCompanyables(
             Consumable::select('consumables.*')
-                ->whereNull('consumables.deleted_at')
                 ->with('company', 'location', 'category', 'users', 'manufacturer')
         );
 
@@ -43,7 +42,7 @@ class ConsumablesController extends Controller
 
         $offset = request('offset', 0);
         $limit = request('limit', 50);
-        $allowed_columns = ['id','name','order_number','min_amt','purchase_date','purchase_cost','company','category','model_number', 'item_no', 'manufacturer','location','qty'];
+        $allowed_columns = ['id','name','order_number','min_amt','purchase_date','purchase_cost','company','category','model_number', 'item_no', 'manufacturer','location','qty','image'];
         $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
         $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
 
@@ -121,7 +120,7 @@ class ConsumablesController extends Controller
      */
     public function update(Request $request, $id)
     {
-        $this->authorize('edit', Consumable::class);
+        $this->authorize('update', Consumable::class);
         $consumable = Consumable::findOrFail($id);
         $consumable->fill($request->all());
 
@@ -160,7 +159,6 @@ class ConsumablesController extends Controller
      */
     public function getDataView($consumableId)
     {
-        //$consumable = Consumable::find($consumableID);
         $consumable = Consumable::with(array('consumableAssignments'=>
         function ($query) {
             $query->orderBy('created_at', 'DESC');
@@ -171,18 +169,16 @@ class ConsumablesController extends Controller
         },
         ))->find($consumableId);
 
-        //  $consumable->load('consumableAssignments.admin','consumableAssignments.user');
-
         if (!Company::isCurrentUserHasAccess($consumable)) {
             return ['total' => 0, 'rows' => []];
         }
-        $this->authorize('view', Component::class);
+        $this->authorize('view', Consumable::class);
         $rows = array();
 
         foreach ($consumable->consumableAssignments as $consumable_assignment) {
             $rows[] = [
-                'name' => $consumable_assignment->user->present()->nameUrl(),
-                'created_at' => ($consumable_assignment->created_at->format('Y-m-d H:i:s')=='-0001-11-30 00:00:00') ? '' : $consumable_assignment->created_at->format('Y-m-d H:i:s'),
+                'name' => ($consumable_assignment->user) ? $consumable_assignment->user->present()->nameUrl() : 'Deleted User',
+                'created_at' => Helper::getFormattedDateObject($consumable_assignment->created_at, 'datetime'),
                 'admin' => ($consumable_assignment->admin) ? $consumable_assignment->admin->present()->nameUrl() : '',
             ];
         }

app/Http/Controllers/Api/CustomFieldsController.php

@@ -2,11 +2,14 @@
 
 namespace App\Http\Controllers\Api;
 
+use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Transformers\CustomFieldsTransformer;
 use App\Models\CustomField;
 use App\Models\CustomFieldset;
 use Illuminate\Http\Request;
+use Validator;
+use Illuminate\Validation\Rule;
 
 class CustomFieldsController extends Controller
 {
@@ -23,13 +26,95 @@ class CustomFieldsController extends Controller
     {
         $this->authorize('index', CustomFields::class);
         $fields = CustomField::get();
-
-        $total = count($fields);
-        return (new CustomFieldsTransformer)->transformCustomFields($fields, $total);
+        return (new CustomFieldsTransformer)->transformCustomFields($fields, $fields->count());
     }
+
+    /**
+    * Shows the given field
+    * @author [V. Cordes] [<volker@fdatek.de>]
+    * @param int $id
+    * @since [v4.1.10]
+    * @return View
+    */
+    public function show($id)
+    {
+      $this->authorize('show', CustomField::class);
+        if ($field = CustomField::find($id)) {
+            return (new CustomFieldsTransformer)->transformCustomField($field);
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/custom_fields/message.field.invalid')), 200);
+    }
+
+     /**
+     * Update the specified field
+     *
+     * @author [V. Cordes] [<volker@fdatek.de>]
+     * @since [v4.1.10]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('update', CustomField::class);
+        $field = CustomField::findOrFail($id);
+        
+        /**
+         * Updated values for the field, 
+         * without the "field_encrypted" flag, preventing the change of encryption status
+         * @var array
+         */
+        $data = $request->except(['field_encrypted']);
+
+        $validator = Validator::make($data, $field->validationRules());
+        if ($validator->fails()) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, $validator->errors()));
+        }
+
+        $field->fill($data);
+
+        if ($field->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $field, trans('admin/custom_fields/message.field.update.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $field->getErrors()));
+    }
+
+
+    /**
+     * Store a newly created field.
+     *
+     * @author [V. Cordes] [<volker@fdatek.de>]
+     * @since [v4.1.10]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', CustomField::class);
+        $field = new CustomField;
+
+        $data = $request->all();
+        $validator = Validator::make($data, $field->validationRules());
+        if ($validator->fails()) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, $validator->errors()));
+        }
+        $field->fill($data);
+
+        if ($field->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $field, trans('admin/custom_fields/message.field.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $field->getErrors()));
+
+    }
+
     public function postReorder(Request $request, $id)
     {
         $fieldset = CustomFieldset::find($id);
+
+        $this->authorize('update', $fieldset);
+
         $fields = array();
         $order_array = array();
 
@@ -47,6 +132,40 @@ class CustomFieldsController extends Controller
 
     }
 
+    public function associate(Request $request, $field_id)
+    {
+        $this->authorize('update', CustomFieldset::class);
+
+        $field = CustomField::findOrFail($field_id);
+
+        $fieldset_id = $request->input('fieldset_id');
+        foreach ($field->fieldset as $fieldset) {
+            if ($fieldset->id == $fieldset_id) {
+                return response()->json(Helper::formatStandardApiResponse('success', $fieldset, trans('admin/custom_fields/message.fieldset.update.success')));
+            }
+        }
+
+        $fieldset = CustomFieldset::findOrFail($fieldset_id);
+        $fieldset->fields()->attach($field->id, ["required" => ($request->input('required') == "on"), "order" => $request->input('order', $fieldset->fields->count())]);
+        return response()->json(Helper::formatStandardApiResponse('success', $fieldset, trans('admin/custom_fields/message.fieldset.update.success')));
+    }
+
+    public function disassociate(Request $request, $field_id)
+    {
+        $this->authorize('update', CustomFieldset::class);
+
+        $field = CustomField::findOrFail($field_id);
+
+        $fieldset_id = $request->input('fieldset_id');
+        foreach ($field->fieldset as $fieldset) {
+            if ($fieldset->id == $fieldset_id) {
+                $fieldset->fields()->detach($field->id);
+                return response()->json(Helper::formatStandardApiResponse('success', $fieldset, trans('admin/custom_fields/message.fieldset.update.success')));
+            }
+        }
+        $fieldset = CustomFieldset::findOrFail($fieldset_id);
+        return response()->json(Helper::formatStandardApiResponse('success', $fieldset, trans('admin/custom_fields/message.fieldset.update.success')));
+    }
 
     /**
      * Delete a custom field.
@@ -57,15 +176,17 @@ class CustomFieldsController extends Controller
      */
     public function destroy($field_id)
     {
-        $field = CustomField::find($field_id);
+        $field = CustomField::findOrFail($field_id);
+
+        $this->authorize('delete', $field);
 
         if ($field->fieldset->count() >0) {
             return response()->json(Helper::formatStandardApiResponse('error', null, 'Field is in use.'));
-        } else {
-            $field->delete();
-            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/custom_fields/message.field.delete.success')));
-
         }
+
+        $field->delete();
+        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/custom_fields/message.field.delete.success')));
+
     }
 
 }

app/Http/Controllers/Api/CustomFieldsetsController.php

@@ -44,9 +44,7 @@ class CustomFieldsetsController extends Controller
     {
         $this->authorize('index', CustomFieldset::class);
         $fieldsets = CustomFieldset::withCount(['fields', 'models'])->get();
-
-        $total = count($fieldsets);
-        return (new CustomFieldsetsTransformer)->transformCustomFieldsets($fieldsets, $total);
+        return (new CustomFieldsetsTransformer)->transformCustomFieldsets($fieldsets, $fieldsets->count());
 
     }
 
@@ -81,7 +79,7 @@ class CustomFieldsetsController extends Controller
      */
     public function update(Request $request, $id)
     {
-        $this->authorize('edit', CustomFieldset::class);
+        $this->authorize('update', CustomFieldset::class);
         $fieldset = CustomFieldset::findOrFail($id);
         $fieldset->fill($request->all());
 
@@ -126,7 +124,7 @@ class CustomFieldsetsController extends Controller
     {
         $this->authorize('delete', CustomFieldset::class);
         $fieldset = CustomFieldset::findOrFail($id);
-        
+
         $modelsCount = $fieldset->models->count();
         $fieldsCount = $fieldset->fields->count();
 
@@ -141,7 +139,41 @@ class CustomFieldsetsController extends Controller
         return response()->json(Helper::formatStandardApiResponse('error', null, 'Unspecified error'));
 
 
-        
+
     }
 
+    /**
+     * Return JSON containing a list of fields belonging to a fieldset.
+     *
+     * @author [V. Cordes] [<volker@fdatek.de>]
+     * @since [v4.1.10]
+     * @param $fieldsetId
+     * @return string JSON
+     */
+    public function fields($id)
+    {
+        $this->authorize('view', CustomFieldset::class);
+        $set = CustomFieldset::findOrFail($id);
+        $fields = $set->fields;
+        return (new CustomFieldsTransformer)->transformCustomFields($fields, $fields->count());
+    }
+
+    /**
+     * Return JSON containing a list of fields belonging to a fieldset with the
+     * default values for a given model
+     *
+     * @param $modelId
+     * @param $fieldsetId
+     * @return string JSON
+     */
+    public function fieldsWithDefaultValues($fieldsetId, $modelId)
+    {
+        $this->authorize('view', CustomFieldset::class);
+
+        $set = CustomFieldset::findOrFail($fieldsetId);
+
+        $fields = $set->fields;
+
+        return (new CustomFieldsTransformer)->transformCustomFieldsWithDefaultValues($fields, $modelId, $fields->count());
+    }
 }

app/Http/Controllers/Api/DepartmentsController.php

@@ -8,6 +8,7 @@ use App\Models\Department;
 use App\Http\Transformers\DepartmentsTransformer;
 use App\Helpers\Helper;
 use Auth;
+use App\Http\Transformers\SelectlistTransformer;
 
 class DepartmentsController extends Controller
 {
@@ -21,16 +22,17 @@ class DepartmentsController extends Controller
     public function index(Request $request)
     {
         $this->authorize('view', Department::class);
-        $allowed_columns = ['id','name'];
+        $allowed_columns = ['id','name','image','users_count'];
 
         $departments = Department::select([
-            'id',
-            'name',
-            'location_id',
-            'company_id',
-            'manager_id',
-            'created_at',
-            'updated_at'
+            'departments.id',
+            'departments.name',
+            'departments.location_id',
+            'departments.company_id',
+            'departments.manager_id',
+            'departments.created_at',
+            'departments.updated_at',
+            'departments.image'
         ])->with('users')->with('location')->with('manager')->with('company')->withCount('users');
 
         if ($request->has('search')) {
@@ -41,7 +43,18 @@ class DepartmentsController extends Controller
         $limit = $request->input('limit', 50);
         $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
         $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
-        $departments->orderBy($sort, $order);
+
+        switch ($request->input('sort')) {
+            case 'location':
+                $departments->OrderLocation($order);
+                break;
+            case 'manager':
+                $departments->OrderManager($order);
+                break;
+            default:
+                $departments->orderBy($sort, $order);
+                break;
+        }
 
         $total = $departments->count();
         $departments = $departments->skip($offset)->take($limit)->get();
@@ -101,6 +114,8 @@ class DepartmentsController extends Controller
     {
         $department = Department::findOrFail($id);
 
+        $this->authorize('delete', $department);
+
         if ($department->users->count() > 0) {
             return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/departments/message.assoc_users')));
         }
@@ -110,4 +125,38 @@ class DepartmentsController extends Controller
 
     }
 
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request)
+    {
+
+        $departments = Department::select([
+            'id',
+            'name',
+            'image',
+        ]);
+
+        if ($request->has('search')) {
+            $departments = $departments->where('name', 'LIKE', '%'.$request->get('search').'%');
+        }
+
+        $departments = $departments->orderBy('name', 'ASC')->paginate(50);
+
+        // Loop through and set some custom properties for the transformer to use.
+        // This lets us have more flexibility in special cases like assets, where
+        // they may not have a ->name value but we want to display something anyway
+        foreach ($departments as $department) {
+            $department->use_image = ($department->image) ? url('/').'/uploads/departments/'.$department->image : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($departments);
+
+    }
+
 }

app/Http/Controllers/Api/DepreciationsController.php

@@ -88,7 +88,7 @@ class DepreciationsController extends Controller
      */
     public function update(Request $request, $id)
     {
-        $this->authorize('edit', Depreciation::class);
+        $this->authorize('update', Depreciation::class);
         $depreciation = Depreciation::findOrFail($id);
         $depreciation->fill($request->all());
 

app/Http/Controllers/Api/GroupsController.php

@@ -20,7 +20,7 @@ class GroupsController extends Controller
     public function index(Request $request)
     {
         $this->authorize('view', Group::class);
-        $allowed_columns = ['id','name','created_at'];
+        $allowed_columns = ['id','name','created_at', 'users_count'];
 
         $groups = Group::select('id','name','permissions','created_at','updated_at')->withCount('users');
 
@@ -73,7 +73,7 @@ class GroupsController extends Controller
     {
         $this->authorize('view', Group::class);
         $group = Group::findOrFail($id);
-        return $group;
+        return (new GroupsTransformer)->transformGroup($group);
     }
 
 
@@ -88,7 +88,7 @@ class GroupsController extends Controller
      */
     public function update(Request $request, $id)
     {
-        $this->authorize('edit', Group::class);
+        $this->authorize('update', Group::class);
         $group = Group::findOrFail($id);
         $group->fill($request->all());
 

app/Http/Controllers/Api/ImportController.php

@@ -13,6 +13,8 @@ use Illuminate\Support\Facades\Input;
 use Illuminate\Support\Facades\Session;
 use League\Csv\Reader;
 use Symfony\Component\HttpFoundation\File\Exception\FileException;
+use Artisan;
+use App\Models\Asset;
 
 class ImportController extends Controller
 {
@@ -56,6 +58,35 @@ class ImportController extends Controller
                     return response()->json(Helper::formatStandardApiResponse('error', null, $results['error']), 500);
                 }
 
+                //TODO: is there a lighter way to do this?
+                if (! ini_get("auto_detect_line_endings")) {
+                    ini_set("auto_detect_line_endings", '1');
+                }
+                $reader = Reader::createFromFileObject($file->openFile('r')); //file pointer leak?
+                $import->header_row = $reader->fetchOne(0);
+
+                //duplicate headers check
+                $duplicate_headers = [];
+
+                for($i = 0; $i<count($import->header_row); $i++) {
+                    $header = $import->header_row[$i];
+                    if(in_array($header, $import->header_row)) {
+                        $found_at = array_search($header, $import->header_row);
+                        if($i > $found_at) {
+                            //avoid reporting duplicates twice, e.g. "1 is same as 17! 17 is same as 1!!!"
+                            //as well as "1 is same as 1!!!" (which is always true)
+                            //has to be > because otherwise the first result of array_search will always be $i itself(!)
+                            array_push($duplicate_headers,"Duplicate header '$header' detected, first at column: ".($found_at+1).", repeats at column: ".($i+1));
+                        }
+                    }
+                }
+                if(count($duplicate_headers) > 0) {
+                    return response()->json(Helper::formatStandardApiResponse('error',null, implode("; ",$duplicate_headers)), 500); //should this be '4xx'?
+                }
+
+                // Grab the first row to display via ajax as the user picks fields
+                $import->first_row = $reader->fetchOne(1);
+
                 $date = date('Y-m-d-his');
                 $fixed_filename = str_slug($file->getClientOriginalName());
                 try {
@@ -70,11 +101,6 @@ class ImportController extends Controller
                 $file_name = date('Y-m-d-his').'-'.$fixed_filename;
                 $import->file_path = $file_name;
                 $import->filesize = filesize($path.'/'.$file_name);
-                //TODO: is there a lighter way to do this?
-                $reader = Reader::createFromPath("{$path}/{$file_name}");
-                $import->header_row = $reader->fetchOne(0);
-                // Grab the first row to display via ajax as the user picks fields
-                $import->first_row = $reader->fetchOne(1);
                 $import->save();
                 $results[] = $import;
             }
@@ -94,6 +120,8 @@ class ImportController extends Controller
     public function process(ItemImportRequest $request, $import_id)
     {
         $this->authorize('create', Asset::class);
+        // Run a backup immediately before processing
+        Artisan::call('backup:run');
         $errors = $request->import(Import::find($import_id));
         $redirectTo = "hardware.index";
         switch ($request->get('import-type')) {

app/Http/Controllers/Api/LicensesController.php

@@ -2,11 +2,15 @@
 
 namespace App\Http\Controllers\Api;
 
-use Illuminate\Http\Request;
+use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
+use App\Http\Transformers\LicenseSeatsTransformer;
 use App\Http\Transformers\LicensesTransformer;
-use App\Models\License;
 use App\Models\Company;
+use App\Models\License;
+use App\Models\LicenseSeat;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\DB;
 
 class LicensesController extends Controller
 {
@@ -21,11 +25,8 @@ class LicensesController extends Controller
     public function index(Request $request)
     {
         $this->authorize('view', License::class);
-        $licenses = Company::scopeCompanyables(License::with('company', 'licenseSeatsRelation', 'manufacturer', 'supplier'));
+        $licenses = Company::scopeCompanyables(License::with('company', 'manufacturer', 'freeSeats', 'supplier','category')->withCount('freeSeats'));
 
-        if ($request->has('search')) {
-            $licenses = $licenses->TextSearch($request->input('search'));
-        }
 
         if ($request->has('company_id')) {
             $licenses->where('company_id','=',$request->input('company_id'));
@@ -63,6 +64,10 @@ class LicensesController extends Controller
             $licenses->where('supplier_id','=',$request->input('supplier_id'));
         }
 
+        if ($request->has('category_id')) {
+            $licenses->where('category_id','=',$request->input('category_id'));
+        }
+
         if ($request->has('depreciation_id')) {
             $licenses->where('depreciation_id','=',$request->input('depreciation_id'));
         }
@@ -71,30 +76,41 @@ class LicensesController extends Controller
             $licenses->where('supplier_id','=',$request->input('supplier_id'));
         }
 
+
+        if ($request->has('search')) {
+            $licenses = $licenses->TextSearch($request->input('search'));
+        }
+
+
         $offset = request('offset', 0);
         $limit = request('limit', 50);
         $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
 
 
         switch ($request->input('sort')) {
-            case 'manufacturer':
-                $licenses = $licenses->OrderManufacturer($order);
+                case 'manufacturer':
+                    $licenses = $licenses->leftJoin('manufacturers', 'licenses.manufacturer_id', '=', 'manufacturers.id')->orderBy('manufacturers.name', $order);
                 break;
             case 'supplier':
-                $licenses = $licenses->OrderSupplier($order);
+                $licenses = $licenses->leftJoin('suppliers', 'licenses.supplier_id', '=', 'suppliers.id')->orderBy('suppliers.name', $order);
+                break;
+            case 'category':
+                $licenses = $licenses->leftJoin('categories', 'licenses.category_id', '=', 'categories.id')->orderBy('categories.name', $order);
                 break;
             case 'company':
-                $licenses = $licenses->OrderCompany($order);
+                $licenses = $licenses->leftJoin('companies', 'licenses.company_id', '=', 'companies.id')->orderBy('companies.name', $order);
                 break;
             default:
-                $allowed_columns = ['id','name','purchase_cost','expiration_date','purchase_order','order_number','notes','purchase_date','serial','company','license_name','license_email'];
+                $allowed_columns = ['id','name','purchase_cost','expiration_date','purchase_order','order_number','notes','purchase_date','serial','company','category','license_name','license_email','free_seats_count','seats'];
                 $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
                 $licenses = $licenses->orderBy($sort, $order);
                 break;
         }
-        
+
+
 
         $total = $licenses->count();
+
         $licenses = $licenses->skip($offset)->take($limit)->get();
         return (new LicensesTransformer)->transformLicenses($licenses, $total);
 
@@ -114,6 +130,14 @@ class LicensesController extends Controller
     public function store(Request $request)
     {
         //
+        $this->authorize('create', License::class);
+        $license = new License;
+        $license->fill($request->all());
+
+        if($license->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $license, trans('admin/licenses/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $license->getErrors()));
     }
 
     /**
@@ -125,13 +149,10 @@ class LicensesController extends Controller
      */
     public function show($id)
     {
-        $license = License::find($id);
-        if (isset($license->id)) {
-            $license = $license->load('assignedusers', 'licenseSeats.user', 'licenseSeats.asset');
-            $this->authorize('view', $license);
-            return (new LicensesTransformer)->transformLicense($license);
-        }
-        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/licenses/message.does_not_exist')), 200);
+        $this->authorize('view', License::class);
+        $license = License::findOrFail($id);
+        $license = $license->load('assignedusers', 'licenseSeats.user', 'licenseSeats.asset');
+        return (new LicensesTransformer)->transformLicense($license);
     }
 
 
@@ -147,6 +168,16 @@ class LicensesController extends Controller
     public function update(Request $request, $id)
     {
         //
+        $this->authorize('update', License::class);
+
+        $license = License::findOrFail($id);
+        $license->fill($request->all());
+
+        if ($license->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $license, trans('admin/licenses/message.update.success')));
+        }
+
+        return Helper::formatStandardApiResponse('error', null, $license->getErrors());
     }
 
     /**
@@ -160,5 +191,58 @@ class LicensesController extends Controller
     public function destroy($id)
     {
         //
+        $license = License::findOrFail($id);
+        $this->authorize('delete', $license);
+
+        if($license->assigned_seats_count == 0) {
+            // Delete the license and the associated license seats
+            DB::table('license_seats')
+                ->where('id', $license->id)
+                ->update(array('assigned_to' => null,'asset_id' => null));
+
+            $licenseSeats = $license->licenseseats();
+            $licenseSeats->delete();
+            $license->delete();
+
+            // Redirect to the licenses management page
+            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/licenses/message.delete.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/licenses/message.assoc_users')));
     }
+
+    /**
+     * Get license seat listing
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param int $licenseId
+     * @return \Illuminate\Contracts\View\View
+     */
+    public function seats(Request $request, $licenseId)
+    {
+
+        if ($license = License::find($licenseId)) {
+
+            $this->authorize('view', $license);
+
+            $seats = LicenseSeat::where('license_id', $licenseId)->with('license', 'user', 'asset');
+
+            $offset = request('offset', 0);
+            $limit = request('limit', 50);
+            $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+
+            $total = $seats->count();
+            $seats = $seats->skip($offset)->take($limit)->get();
+
+            if ($seats) {
+                return (new LicenseSeatsTransformer)->transformLicenseSeats($seats, $total);
+            }
+
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/licenses/message.does_not_exist')), 200);
+
+    }
+
+
 }

app/Http/Controllers/Api/LocationsController.php

@@ -7,6 +7,7 @@ use App\Http\Controllers\Controller;
 use App\Helpers\Helper;
 use App\Models\Location;
 use App\Http\Transformers\LocationsTransformer;
+use App\Http\Transformers\SelectlistTransformer;
 
 class LocationsController extends Controller
 {
@@ -20,10 +21,12 @@ class LocationsController extends Controller
     public function index(Request $request)
     {
         $this->authorize('view', Location::class);
-        $allowed_columns = ['id','name','address','address2','city','state','country','zip','created_at',
-        'updated_at','parent_id', 'manager_id'];
+        $allowed_columns = [
+                'id','name','address','address2','city','state','country','zip','created_at',
+                'updated_at','manager_id','image',
+                'assigned_assets_count','users_count','assets_count','currency'];
 
-        $locations = Location::select([
+        $locations = Location::with('parent', 'manager', 'childLocations')->select([
             'locations.id',
             'locations.name',
             'locations.address',
@@ -36,23 +39,39 @@ class LocationsController extends Controller
             'locations.manager_id',
             'locations.created_at',
             'locations.updated_at',
+            'locations.image',
             'locations.currency'
-        ])->withCount('assets')->withCount('users');
+        ])->withCount('assignedAssets')
+        ->withCount('assets')
+        ->withCount('users');
 
         if ($request->has('search')) {
             $locations = $locations->TextSearch($request->input('search'));
         }
 
+
+
         $offset = $request->input('offset', 0);
         $limit = $request->input('limit', 50);
         $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
         $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
-        $locations->orderBy($sort, $order);
+
+        switch ($request->input('sort')) {
+            case 'parent':
+                $locations->OrderParent($order);
+                break;
+            case 'manager':
+                $locations->OrderManager($order);
+                break;
+            default:
+                $locations->orderBy($sort, $order);
+                break;
+        }
+
 
         $total = $locations->count();
         $locations = $locations->skip($offset)->take($limit)->get();
         return (new LocationsTransformer)->transformLocations($locations, $total);
-
     }
 
 
@@ -74,7 +93,6 @@ class LocationsController extends Controller
             return response()->json(Helper::formatStandardApiResponse('success', (new LocationsTransformer)->transformLocation($location), trans('admin/locations/message.create.success')));
         }
         return response()->json(Helper::formatStandardApiResponse('error', null, $location->getErrors()));
-
     }
 
     /**
@@ -104,12 +122,18 @@ class LocationsController extends Controller
      */
     public function update(Request $request, $id)
     {
-        $this->authorize('edit', Location::class);
+        $this->authorize('update', Location::class);
         $location = Location::findOrFail($id);
         $location->fill($request->all());
 
         if ($location->save()) {
-            return response()->json(Helper::formatStandardApiResponse('success',  (new LocationsTransformer)->transformLocation($location), trans('admin/locations/message.update.success')));
+            return response()->json(
+                Helper::formatStandardApiResponse(
+                    'success',
+                    (new LocationsTransformer)->transformLocation($location),
+                    trans('admin/locations/message.update.success')
+                )
+            );
         }
 
         return response()->json(Helper::formatStandardApiResponse('error', null, $location->getErrors()));
@@ -129,7 +153,42 @@ class LocationsController extends Controller
         $location = Location::findOrFail($id);
         $this->authorize('delete', $location);
         $location->delete();
-        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/locations/message.delete.success')));
+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/locations/message.delete.success')));
+    }
+
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request)
+    {
+
+        $locations = Location::select([
+            'locations.id',
+            'locations.name',
+            'locations.image',
+        ]);
+
+        if ($request->has('search')) {
+            $locations = $locations->where('locations.name', 'LIKE', '%'.$request->get('search').'%');
+        }
+
+        $locations = $locations->orderBy('name', 'ASC')->paginate(50);
+
+        // Loop through and set some custom properties for the transformer to use.
+        // This lets us have more flexibility in special cases like assets, where
+        // they may not have a ->name value but we want to display something anyway
+        foreach ($locations as $location) {
+            $location->use_text = $location->name;
+            $location->use_image = ($location->image) ? url('/').'/uploads/locations/'.$location->image : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($locations);
 
     }
+
 }

app/Http/Controllers/Api/ManufacturersController.php

@@ -8,6 +8,7 @@ use App\Helpers\Helper;
 use App\Models\Manufacturer;
 use App\Http\Transformers\DatatablesTransformer;
 use App\Http\Transformers\ManufacturersTransformer;
+use App\Http\Transformers\SelectlistTransformer;
 
 class ManufacturersController extends Controller
 {
@@ -21,17 +22,23 @@ class ManufacturersController extends Controller
     public function index(Request $request)
     {
         $this->authorize('view', Manufacturer::class);
-        $allowed_columns = ['id','name','url','support_url','support_email','support_phone','created_at','updated_at'];
+        $allowed_columns = ['id','name','url','support_url','support_email','support_phone','created_at','updated_at','image', 'assets_count', 'consumables_count', 'components_count', 'licenses_count'];
 
         $manufacturers = Manufacturer::select(
-            array('id','name','url','support_url','support_email','support_phone','created_at','updated_at')
+            array('id','name','url','support_url','support_email','support_phone','created_at','updated_at','image', 'deleted_at')
         )->withCount('assets')->withCount('licenses')->withCount('consumables')->withCount('accessories');
 
+        if ($request->input('deleted')=='true') {
+            $manufacturers->onlyTrashed();
+        }
 
         if ($request->has('search')) {
             $manufacturers = $manufacturers->TextSearch($request->input('search'));
         }
 
+
+
+
         $offset = request('offset', 0);
         $limit = $request->input('limit', 50);
         $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
@@ -92,7 +99,7 @@ class ManufacturersController extends Controller
      */
     public function update(Request $request, $id)
     {
-        $this->authorize('edit', Manufacturer::class);
+        $this->authorize('update', Manufacturer::class);
         $manufacturer = Manufacturer::findOrFail($id);
         $manufacturer->fill($request->all());
 
@@ -120,4 +127,39 @@ class ManufacturersController extends Controller
         return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/manufacturers/message.delete.success')));
 
     }
+
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request)
+    {
+
+        $manufacturers = Manufacturer::select([
+            'id',
+            'name',
+            'image',
+        ]);
+
+        if ($request->has('search')) {
+            $manufacturers = $manufacturers->where('name', 'LIKE', '%'.$request->get('search').'%');
+        }
+
+        $manufacturers = $manufacturers->orderBy('name', 'ASC')->paginate(50);
+
+        // Loop through and set some custom properties for the transformer to use.
+        // This lets us have more flexibility in special cases like assets, where
+        // they may not have a ->name value but we want to display something anyway
+        foreach ($manufacturers as $manufacturer) {
+            $manufacturer->use_text = $manufacturer->name;
+            $manufacturer->use_image = ($manufacturer->image) ? url('/').'/uploads/manufacturers/'.$manufacturer->image : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($manufacturers);
+
+    }
 }

app/Http/Controllers/Api/ProfileController.php

@@ -0,0 +1,44 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use App\Models\CheckoutRequest;
+use App\Http\Controllers\Controller;
+use Auth;
+use App\Helpers\Helper;
+
+
+class ProfileController extends Controller
+{
+    /**
+     * Display a listing of requested assets.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.3.0]
+     *
+     * @return Array
+     */
+    public function requestedAssets()
+    {
+        $checkoutRequests = CheckoutRequest::where('user_id', '=', Auth::user()->id)->get();
+
+        $results = [];
+        $results['total'] = $checkoutRequests->count();
+
+
+        foreach ($checkoutRequests as $checkoutRequest) {
+            $results['rows'][] = [
+                'image' => $checkoutRequest->itemRequested()->present()->getImageUrl(),
+                'name' => $checkoutRequest->itemRequested()->present()->name(),
+                'type' => $checkoutRequest->itemType(),
+                'qty' => $checkoutRequest->quantity,
+                'location' => ($checkoutRequest->location()) ? $checkoutRequest->location()->name : null,
+                'expected_checkin' => Helper::getFormattedDateObject($checkoutRequest->itemRequested()->expected_checkin, 'datetime'),
+                'request_date' => Helper::getFormattedDateObject($checkoutRequest->created_at, 'datetime'),
+            ];
+        }
+        return $results;
+    }
+
+
+}

app/Http/Controllers/Api/ReportsController.php

@@ -18,7 +18,8 @@ class ReportsController extends Controller
      */
     public function index(Request $request)
     {
-
+        $this->authorize('reports.view');
+        
         $actionlogs = Actionlog::with('item', 'user', 'target','location');
 
         if ($request->has('search')) {
@@ -28,7 +29,6 @@ class ReportsController extends Controller
         if (($request->has('target_type'))  && ($request->has('target_id'))) {
             $actionlogs = $actionlogs->where('target_id','=',$request->input('target_id'))
                 ->where('target_type','=',"App\\Models\\".ucwords($request->input('target_type')));
-
         }
 
         if (($request->has('item_type'))  && ($request->has('item_id'))) {
@@ -40,21 +40,27 @@ class ReportsController extends Controller
             $actionlogs = $actionlogs->where('action_type','=',$request->input('action_type'))->orderBy('created_at', 'desc');
         }
 
+        if ($request->has('uploads')) {
+            $actionlogs = $actionlogs->whereNotNull('filename')->orderBy('created_at', 'desc');
+        }
+
         $allowed_columns = [
             'id',
-            'created_at'
+            'created_at',
+            'target_id',
+            'user_id',
+            'action_type',
+            'note'
         ];
         
         $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
-        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $order = ($request->input('order') == 'asc') ? 'asc' : 'desc';
         $offset = request('offset', 0);
         $limit = request('limit', 50);
         $total = $actionlogs->count();
-        $actionlogs = $actionlogs->orderBy($sort, $order);
-        $actionlogs = $actionlogs->skip($offset)->take($limit)->get();
-        return (new ActionlogsTransformer)->transformActionlogs($actionlogs, $total);
-
+        $actionlogs = $actionlogs->orderBy($sort, $order)->skip($offset)->take($limit)->get();
 
+        return response()->json((new ActionlogsTransformer)->transformActionlogs($actionlogs, $total), 200, ['Content-Type' => 'application/json;charset=utf8'], JSON_UNESCAPED_UNICODE);
 
     }
 }

app/Http/Controllers/Api/SettingsController.php

@@ -5,78 +5,25 @@ namespace App\Http\Controllers\Api;
 use Illuminate\Http\Request;
 use App\Http\Controllers\Controller;
 use App\Models\Ldap;
+use Validator;
+use App\Models\Setting;
+use Mail;
+use App\Notifications\SlackTest;
+use Notification;
+use App\Notifications\MailTest;
 
 class SettingsController extends Controller
 {
-    /**
-     * Display a listing of the resource.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v4.0]
-     *
-     * @return \Illuminate\Http\Response
-     */
-    public function index()
+
+
+    public function ldaptest()
     {
-        //
-    }
 
+        if (Setting::getSettings()->ldap_enabled!='1') {
+            \Log::debug('LDAP is not enabled cannot test.');
+            return response()->json(['message' => 'LDAP is not enabled, cannot test.'], 400);
+        }
 
-    /**
-     * Store a newly created resource in storage.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
-     * @return \Illuminate\Http\Response
-     */
-    public function store(Request $request)
-    {
-        //
-    }
-
-    /**
-     * Display the specified resource.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @param  int  $id
-     * @return \Illuminate\Http\Response
-     */
-    public function show($id)
-    {
-        //
-    }
-
-
-    /**
-     * Update the specified resource in storage.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
-     * @param  int  $id
-     * @return \Illuminate\Http\Response
-     */
-    public function update(Request $request, $id)
-    {
-        //
-    }
-
-    /**
-     * Remove the specified resource from storage.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v4.0]
-     * @param  int  $id
-     * @return \Illuminate\Http\Response
-     */
-    public function destroy($id)
-    {
-        //
-    }
-
-    public function getLdapTest()
-    {
         \Log::debug('Preparing to test LDAP connection');
 
         try {
@@ -98,4 +45,104 @@ class SettingsController extends Controller
 
     }
 
+    public function ldaptestlogin(Request $request)
+    {
+
+        if (Setting::getSettings()->ldap_enabled!='1') {
+            \Log::debug('LDAP is not enabled. Cannot test.');
+            return response()->json(['message' => 'LDAP is not enabled, cannot test.'], 400);
+        }
+
+
+        $rules = array(
+            'ldaptest_user' => 'required',
+            'ldaptest_password' => 'required'
+        );
+
+        $validator = Validator::make($request->all(), $rules);
+        if ($validator->fails()) {
+            \Log::debug('LDAP Validation test failed.');
+            $validation_errors = implode(' ',$validator->errors()->all());
+            return response()->json(['message' => $validator->errors()->all()], 400);
+        }
+        
+
+        \Log::debug('Preparing to test LDAP login');
+        try {
+            $connection = Ldap::connectToLdap();
+            try {
+                Ldap::bindAdminToLdap($connection);
+                \Log::debug('Attempting to bind to LDAP for LDAP test');
+                try {
+                    $ldap_user = Ldap::findAndBindUserLdap($request->input('ldaptest_user'), $request->input('ldaptest_password'));
+                    if ($ldap_user) {
+                        \Log::debug('It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.');
+                        return response()->json(['message' => 'It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.'], 200);
+                    }
+                    return response()->json(['message' => 'Login Failed. '. $request->input('ldaptest_user').' did not successfully bind to LDAP.'], 400);
+
+                } catch (\Exception $e) {
+                    \Log::debug('LDAP login failed');
+                    return response()->json(['message' => $e->getMessage()], 400);
+                }
+
+            } catch (\Exception $e) {
+                \Log::debug('Bind failed');
+                return response()->json(['message' => $e->getMessage()], 400);
+                //return response()->json(['message' => $e->getMessage()], 500);
+            }
+        } catch (\Exception $e) {
+            \Log::debug('Connection failed');
+            return response()->json(['message' => $e->getMessage()], 500);
+        }
+
+
+    }
+
+
+    public function slacktest()
+    {
+
+        if ($settings = Setting::getSettings()->slack_channel=='') {
+            \Log::debug('Slack is not enabled. Cannot test.');
+            return response()->json(['message' => 'Slack is not enabled, cannot test.'], 400);
+        }
+
+        \Log::debug('Preparing to test slack connection');
+
+        try {
+            Notification::send($settings = Setting::getSettings(), new SlackTest());
+            return response()->json(['message' => 'Success'], 200);
+        } catch (\Exception $e) {
+            \Log::debug('Slack connection failed');
+            return response()->json(['message' => $e->getMessage()], 400);
+        }
+
+
+    }
+
+
+    /**
+     * Test the email configuration
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return Redirect
+     */
+    public function ajaxTestEmail()
+    {
+        if (!config('app.lock_passwords')) {
+            try {
+                Notification::send(Setting::first(), new MailTest());
+                return response()->json(['message' => 'Mail sent to '.config('mail.reply_to.address')], 200);
+            } catch (Exception $e) {
+                return response()->json(['message' => $e->getMessage()], 500);
+            }
+        }
+        return response()->json(['message' => 'Mail would have been sent, but this application is in demo mode! '], 200);
+
+    }
+
+
+
 }

app/Http/Controllers/Api/StatuslabelsController.php

@@ -22,7 +22,7 @@ class StatuslabelsController extends Controller
     public function index(Request $request)
     {
         $this->authorize('view', Statuslabel::class);
-        $allowed_columns = ['id','name','created_at'];
+        $allowed_columns = ['id','name','created_at', 'assets_count','color','default_label'];
 
         $statuslabels = Statuslabel::withCount('assets');
 
@@ -56,7 +56,7 @@ class StatuslabelsController extends Controller
         $request->except('deployable', 'pending','archived');
 
         if (!$request->has('type')) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, ["type" => ["Status label type is required."]]));
+            return response()->json(Helper::formatStandardApiResponse('error', null, ["type" => ["Status label type is required."]]),500);
         }
 
         $statuslabel = new Statuslabel;
@@ -101,7 +101,7 @@ class StatuslabelsController extends Controller
      */
     public function update(Request $request, $id)
     {
-        $this->authorize('edit', Statuslabel::class);
+        $this->authorize('update', Statuslabel::class);
         $statuslabel = Statuslabel::findOrFail($id);
         
         $request->except('deployable', 'pending','archived');
@@ -137,8 +137,14 @@ class StatuslabelsController extends Controller
         $this->authorize('delete', Statuslabel::class);
         $statuslabel = Statuslabel::findOrFail($id);
         $this->authorize('delete', $statuslabel);
-        $statuslabel->delete();
-        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/statuslabels/message.delete.success')));
+
+        // Check that there are no assets associated
+        if ($statuslabel->assets()->count() == 0) {
+            $statuslabel->delete();
+            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/statuslabels/message.delete.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/statuslabels/message.assoc_assets')));
 
     }
 
@@ -154,23 +160,25 @@ class StatuslabelsController extends Controller
 
     public function getAssetCountByStatuslabel()
     {
+        $this->authorize('view', Statuslabel::class);
+
+        $statuslabels = Statuslabel::with('assets')->groupBy('id')->withCount('assets')->get();
 
-        $statusLabels = Statuslabel::with('assets')->get();
         $labels=[];
         $points=[];
         $colors=[];
-        foreach ($statusLabels as $statusLabel) {
-            if ($statusLabel->assets()->count() > 0) {
-                $labels[]=$statusLabel->name;
-                $points[]=$statusLabel->assets()->whereNull('assigned_to')->count();
-                if ($statusLabel->color!='') {
-                    $colors[]=$statusLabel->color;
+        foreach ($statuslabels as $statuslabel) {
+            if ($statuslabel->assets_count > 0) {
+
+                $labels[]=$statuslabel->name. ' ('.number_format($statuslabel->assets_count).')';
+                $points[]=$statuslabel->assets_count;
+                if ($statuslabel->color!='') {
+                    $colors[]=$statuslabel->color;
                 }
             }
         }
-        $labels[]='Deployed';
-        $points[]=Asset::whereNotNull('assigned_to')->count();
 
+        
         $colors_array = array_merge($colors, Helper::chartColors());
 
         $result= [
@@ -230,6 +238,9 @@ class StatuslabelsController extends Controller
      */
     public function checkIfDeployable($id) {
         $statuslabel = Statuslabel::findOrFail($id);
+
+        $this->authorize('view', $statuslabel);
+
         if ($statuslabel->getStatuslabelType()=='deployable') {
             return '1';
         }

app/Http/Controllers/Api/SuppliersController.php

@@ -7,6 +7,8 @@ use App\Http\Controllers\Controller;
 use App\Helpers\Helper;
 use App\Models\Supplier;
 use App\Http\Transformers\SuppliersTransformer;
+use App\Http\Transformers\SelectlistTransformer;
+
 
 class SuppliersController extends Controller
 {
@@ -20,11 +22,11 @@ class SuppliersController extends Controller
     public function index(Request $request)
     {
         $this->authorize('view', Supplier::class);
-        $allowed_columns = ['id','name','address','phone','contact','fax','email'];
+        $allowed_columns = ['id','name','address','phone','contact','fax','email','image','assets_count','licenses_count', 'accessories_count'];
         
         $suppliers = Supplier::select(
-                array('id','name','address','address2','city','state','country','fax', 'phone','email','contact','created_at','updated_at','deleted_at')
-            )->withCount('assets')->withCount('licenses')->whereNull('deleted_at');
+                array('id','name','address','address2','city','state','country','fax', 'phone','email','contact','created_at','updated_at','deleted_at','image','notes')
+            )->withCount('assets')->withCount('licenses')->withCount('accessories');
 
 
         if ($request->has('search')) {
@@ -91,7 +93,7 @@ class SuppliersController extends Controller
      */
     public function update(Request $request, $id)
     {
-        $this->authorize('edit', Supplier::class);
+        $this->authorize('update', Supplier::class);
         $supplier = Supplier::findOrFail($id);
         $supplier->fill($request->all());
 
@@ -113,10 +115,60 @@ class SuppliersController extends Controller
     public function destroy($id)
     {
         $this->authorize('delete', Supplier::class);
-        $supplier = Supplier::findOrFail($id);
+        $supplier = Supplier::with('asset_maintenances', 'assets', 'licenses')->withCount('asset_maintenances','assets', 'licenses')->findOrFail($id);
         $this->authorize('delete', $supplier);
+
+
+        if ($supplier->assets_count > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/suppliers/message.delete.assoc_assets', ['asset_count' => (int) $supplier->assets_count])));
+        }
+
+        if ($supplier->asset_maintenances_count > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/suppliers/message.delete.assoc_maintenances', ['asset_maintenances_count' => $supplier->asset_maintenances_count])));
+        }
+
+        if ($supplier->licenses_count > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/suppliers/message.delete.assoc_licenses', ['licenses_count' => (int) $supplier->licenses_count])));
+        }
+
         $supplier->delete();
         return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/suppliers/message.delete.success')));
 
     }
+
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request)
+    {
+
+        $suppliers = Supplier::select([
+            'id',
+            'name',
+            'image',
+        ]);
+
+        if ($request->has('search')) {
+            $suppliers = $suppliers->where('suppliers.name', 'LIKE', '%'.$request->get('search').'%');
+        }
+
+        $suppliers = $suppliers->orderBy('name', 'ASC')->paginate(50);
+
+        // Loop through and set some custom properties for the transformer to use.
+        // This lets us have more flexibility in special cases like assets, where
+        // they may not have a ->name value but we want to display something anyway
+        foreach ($suppliers as $supplier) {
+            $supplier->use_text = $supplier->name;
+            $supplier->use_image = ($supplier->image) ? url('/').'/uploads/suppliers/'.$supplier->image : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($suppliers);
+
+    }
+
 }

app/Http/Controllers/Api/UsersController.php

@@ -10,6 +10,8 @@ use App\Models\User;
 use App\Helpers\Helper;
 use App\Http\Requests\SaveUserRequest;
 use App\Models\Asset;
+use App\Http\Transformers\AssetsTransformer;
+use App\Http\Transformers\SelectlistTransformer;
 
 class UsersController extends Controller
 {
@@ -26,53 +28,65 @@ class UsersController extends Controller
         $this->authorize('view', User::class);
 
         $users = User::select([
-            'users.id',
-            'users.employee_num',
-            'users.two_factor_enrolled',
-            'users.jobtitle',
-            'users.email',
-            'users.username',
-            'users.location_id',
-            'users.manager_id',
-            'users.first_name',
-            'users.last_name',
-            'users.created_at',
-            'users.notes',
+            'users.activated',
+            'users.address',
+            'users.avatar',
+            'users.city',
             'users.company_id',
-            'users.last_login',
+            'users.country',
+            'users.created_at',
             'users.deleted_at',
             'users.department_id',
-            'users.activated'
-        ])->with('manager', 'groups', 'userloc', 'company', 'department','throttle','assets','licenses','accessories','consumables')
+            'users.email',
+            'users.employee_num',
+            'users.first_name',
+            'users.id',
+            'users.jobtitle',
+            'users.last_login',
+            'users.last_name',
+            'users.location_id',
+            'users.manager_id',
+            'users.notes',
+            'users.permissions',
+            'users.phone',
+            'users.state',
+            'users.two_factor_enrolled',
+            'users.updated_at',
+            'users.username',
+            'users.zip',
+
+        ])->with('manager', 'groups', 'userloc', 'company', 'department','assets','licenses','accessories','consumables')
             ->withCount('assets','licenses','accessories','consumables');
         $users = Company::scopeCompanyables($users);
 
 
-        if ($request->has('search')) {
-            $users = $users->TextSearch($request->input('search'));
-        }
-
-
         if (($request->has('deleted')) && ($request->input('deleted')=='true')) {
             $users = $users->GetDeleted();
         }
 
-
         if ($request->has('company_id')) {
-            $users = $users->where('company_id', '=', $request->input('company_id'));
+            $users = $users->where('users.company_id', '=', $request->input('company_id'));
         }
 
         if ($request->has('location_id')) {
-            $users = $users->where('location_id', '=', $request->input('location_id'));
+            $users = $users->where('users.location_id', '=', $request->input('location_id'));
+        }
+
+        if ($request->has('group_id')) {
+            $users = $users->ByGroup($request->get('group_id'));
         }
 
         if ($request->has('department_id')) {
-            $users = $users->where('department_id','=',$request->input('department_id'));
+            $users = $users->where('users.department_id','=',$request->input('department_id'));
+        }
+
+        if ($request->has('search')) {
+            $users = $users->TextSearch($request->input('search'));
         }
 
         $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
         $offset = request('offset', 0);
-        $limit = request('limit', 50);
+        $limit = request('limit',  20);
 
         switch ($request->input('sort')) {
             case 'manager':
@@ -89,19 +103,84 @@ class UsersController extends Controller
                     [
                         'last_name','first_name','email','jobtitle','username','employee_num',
                         'assets','accessories', 'consumables','licenses','groups','activated','created_at',
-                        'two_factor_enrolled','two_factor_optin','last_login'
+                        'two_factor_enrolled','two_factor_optin','last_login', 'assets_count', 'licenses_count',
+                        'consumables_count', 'accessories_count', 'phone', 'address', 'city', 'state',
+                        'country', 'zip'
                     ];
 
                 $sort = in_array($request->get('sort'), $allowed_columns) ? $request->get('sort') : 'first_name';
                 $users = $users->orderBy($sort, $order);
                 break;
         }
+
+
         $total = $users->count();
         $users = $users->skip($offset)->take($limit)->get();
         return (new UsersTransformer)->transformUsers($users, $total);
     }
 
 
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request)
+    {
+
+        $users = User::select(
+            [
+                'users.id',
+                'users.username',
+                'users.employee_num',
+                'users.first_name',
+                'users.last_name',
+                'users.gravatar',
+                'users.avatar',
+                'users.email',
+            ]
+            )->where('show_in_list', '=', '1');
+
+        $users = Company::scopeCompanyables($users);
+
+        if ($request->has('search')) {
+            $users = $users->where('first_name', 'LIKE', '%'.$request->get('search').'%')
+                ->orWhere('last_name', 'LIKE', '%'.$request->get('search').'%')
+                ->orWhere('username', 'LIKE', '%'.$request->get('search').'%')
+                ->orWhere('employee_num', 'LIKE', '%'.$request->get('search').'%');
+        }
+
+        $users = $users->orderBy('last_name', 'asc')->orderBy('first_name', 'asc');
+        $users = $users->paginate(50);
+
+        foreach ($users as $user) {
+            $name_str = '';
+            if ($user->last_name!='') {
+                $name_str .= e($user->last_name).', ';
+            }
+            $name_str .= e($user->first_name);
+
+            if ($user->username!='') {
+                $name_str .= ' ('.e($user->username).')';
+            }
+
+            if ($user->employee_num!='') {
+                $name_str .= ' - #'.e($user->employee_num);
+            }
+
+            $user->use_text = $name_str;
+            $user->use_image = ($user->present()->gravatar) ? $user->present()->gravatar : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($users);
+
+    }
+
+
+
     /**
      * Store a newly created resource in storage.
      *
@@ -112,13 +191,16 @@ class UsersController extends Controller
      */
     public function store(SaveUserRequest $request)
     {
-        $this->authorize('view', User::class);
+        $this->authorize('create', User::class);
+
         $user = new User;
         $user->fill($request->all());
-        $user->password = bcrypt($request->input('password'));
+
+        $tmp_pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
+        $user->password = bcrypt($request->get('password', $tmp_pass));
 
         if ($user->save()) {
-            return response()->json(Helper::formatStandardApiResponse('success', (new UsersTransformer)->transformUser($user), trans('admin/users/message.create.success')));
+            return response()->json(Helper::formatStandardApiResponse('success', (new UsersTransformer)->transformUser($user), trans('admin/users/message.success.create')));
         }
         return response()->json(Helper::formatStandardApiResponse('error', null, $user->getErrors()));
     }
@@ -149,14 +231,22 @@ class UsersController extends Controller
      */
     public function update(SaveUserRequest $request, $id)
     {
-        $this->authorize('edit', User::class);
+        $this->authorize('update', User::class);
+
         $user = User::findOrFail($id);
         $user->fill($request->all());
 
+        if ($user->id == $request->input('manager_id')) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot be your own manager'));
+        }
+
         if ($request->has('password')) {
             $user->password = bcrypt($request->input('password'));
         }
 
+        // Update the location of any assets checked out to this user
+        Asset::where('assigned_type', User::class)
+            ->where('assigned_to', $user->id)->update(['location_id' => $request->input('location_id', null)]);
 
         if ($user->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', (new UsersTransformer)->transformUser($user), trans('admin/users/message.success.update')));
@@ -201,7 +291,49 @@ class UsersController extends Controller
     public function assets($id)
     {
         $this->authorize('view', User::class);
+        $this->authorize('view', Asset::class);
         $assets = Asset::where('assigned_to', '=', $id)->with('model')->get();
-        return response()->json($assets);
+        return (new AssetsTransformer)->transformAssets($assets, $assets->count());
+    }
+
+    /**
+     * Reset the user's two-factor status
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @param $userId
+     * @return string JSON
+     */
+    public function postTwoFactorReset(Request $request)
+    {
+
+        $this->authorize('update', User::class);
+
+        if ($request->has('id')) {
+            try {
+                $user = User::find($request->get('id'));
+                $user->two_factor_secret = null;
+                $user->two_factor_enrolled = 0;
+                $user->save();
+                return response()->json(['message' => trans('admin/settings/general.two_factor_reset_success')], 200);
+            } catch (\Exception $e) {
+                return response()->json(['message' => trans('admin/settings/general.two_factor_reset_error')], 500);
+            }
+        }
+        return response()->json(['message' => 'No ID provided'], 500);
+
+    }
+
+    /**
+     * Get info on the current user.
+     *
+     * @author [Juan Font] [<juanfontalonso@gmail.com>]
+     * @since [v4.4.2]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function getCurrentUserInfo(Request $request)
+    {
+        return response()->json($request->user());
     }
 }

app/Http/Controllers/AssetCheckinController.php

@@ -0,0 +1,104 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Helpers\Helper;
+use App\Http\Requests\AssetCheckinRequest;
+use App\Models\Asset;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+
+class AssetCheckinController extends Controller
+{
+
+    /**
+    * Returns a view that presents a form to check an asset back into inventory.
+    *
+    * @author [A. Gianotto] [<snipe@snipe.net>]
+    * @param int $assetId
+    * @param string $backto
+    * @since [v1.0]
+    * @return View
+    */
+    public function create($assetId, $backto = null)
+    {
+        // Check if the asset exists
+        if (is_null($asset = Asset::find($assetId))) {
+            // Redirect to the asset management page with error
+            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+        }
+
+        $this->authorize('checkin', $asset);
+        return view('hardware/checkin', compact('asset'))->with('statusLabel_list', Helper::statusLabelList())->with('backto', $backto);
+    }
+
+    /**
+     * Validate and process the form data to check an asset back into inventory.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param AssetCheckinRequest $request
+     * @param int $assetId
+     * @param null $backto
+     * @return Redirect
+     * @since [v1.0]
+     */
+    public function store(AssetCheckinRequest $request, $assetId = null, $backto = null)
+    {
+        // Check if the asset exists
+        if (is_null($asset = Asset::find($assetId))) {
+            // Redirect to the asset management page with error
+            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+        }
+
+        $this->authorize('checkin', $asset);
+
+        if ($asset->assignedType() == Asset::USER) {
+            $user = $asset->assignedTo;
+        }
+        if (is_null($target = $asset->assignedTo)) {
+            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkin.already_checked_in'));
+        }
+
+        $asset->expected_checkin = null;
+        $asset->last_checkout = null;
+        $asset->assigned_to = null;
+        $asset->assignedTo()->disassociate($asset);
+        $asset->assigned_type = null;
+        $asset->accepted = null;
+        $asset->name = e($request->get('name'));
+
+        if ($request->has('status_id')) {
+            $asset->status_id =  e($request->get('status_id'));
+        }
+
+        $asset->location_id = $asset->rtd_location_id;
+
+        if ($request->has('location_id')) {
+            $asset->location_id =  e($request->get('location_id'));
+        }
+
+        // Was the asset updated?
+        if ($asset->save()) {
+            $logaction = $asset->logCheckin($target, e(request('note')));
+
+            $data['log_id'] = $logaction->id;
+            $data['first_name'] = get_class($target) == User::class ? $target->first_name : '';
+            $data['last_name'] = get_class($target) == User::class ? $target->last_name : '';
+            $data['item_name'] = $asset->present()->name();
+            $data['checkin_date'] = $logaction->created_at;
+            $data['item_tag'] = $asset->asset_tag;
+            $data['item_serial'] = $asset->serial;
+            $data['note'] = $logaction->note;
+            $data['manufacturer_name'] = $asset->model->manufacturer->name;
+            $data['model_name'] = $asset->model->name;
+            $data['model_number'] = $asset->model->model_number;
+
+            if ($backto=='user') {
+                return redirect()->route("users.show", $user->id)->with('success', trans('admin/hardware/message.checkin.success'));
+            }
+            return redirect()->route("hardware.index")->with('success', trans('admin/hardware/message.checkin.success'));
+        }
+        // Redirect to the asset management page with error
+        return redirect()->route("hardware.index")->with('error', trans('admin/hardware/message.checkin.error'));
+    }
+}

app/Http/Controllers/AssetCheckoutController.php

@@ -0,0 +1,96 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Exceptions\CheckoutNotAllowed;
+use App\Http\Controllers\CheckInOutRequest;
+use App\Http\Requests\AssetCheckoutRequest;
+use App\Models\Asset;
+use App\Models\Location;
+use App\Models\User;
+use Illuminate\Database\Eloquent\ModelNotFoundException;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+
+class AssetCheckoutController extends Controller
+{
+    use CheckInOutRequest;
+    /**
+    * Returns a view that presents a form to check an asset out to a
+    * user.
+    *
+    * @author [A. Gianotto] [<snipe@snipe.net>]
+    * @param int $assetId
+    * @since [v1.0]
+    * @return View
+    */
+    public function create($assetId)
+    {
+        // Check if the asset exists
+        if (is_null($asset = Asset::find(e($assetId)))) {
+            // Redirect to the asset management page with error
+            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+        }
+
+        $this->authorize('checkout', $asset);
+
+        if ($asset->availableForCheckout()) {
+            return view('hardware/checkout', compact('asset'));
+        }
+        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkout.not_available'));
+
+        // Get the dropdown of users and then pass it to the checkout view
+
+    }
+
+    /**
+     * Validate and process the form data to check out an asset to a user.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param AssetCheckoutRequest $request
+     * @param int $assetId
+     * @return Redirect
+     * @since [v1.0]
+     */
+    public function store(AssetCheckoutRequest $request, $assetId)
+    {
+        try {
+            // Check if the asset exists
+            if (!$asset = Asset::find($assetId)) {
+                return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+            } elseif (!$asset->availableForCheckout()) {
+                return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkout.not_available'));
+            }
+            $this->authorize('checkout', $asset);
+            $admin = Auth::user();
+
+            $target = $this->determineCheckoutTarget($asset);
+            if ($asset->is($target)) {
+                throw new CheckoutNotAllowed('You cannot check an asset out to itself.');
+            }
+            $asset = $this->updateAssetLocation($asset, $target);
+
+            $checkout_at = date("Y-m-d H:i:s");
+            if (($request->has('checkout_at')) && ($request->get('checkout_at')!= date("Y-m-d"))) {
+                $checkout_at = $request->get('checkout_at');
+            }
+
+            $expected_checkin = '';
+            if ($request->has('expected_checkin')) {
+                $expected_checkin = $request->get('expected_checkin');
+            }
+
+            if ($asset->checkOut($target, $admin, $checkout_at, $expected_checkin, e($request->get('note')), $request->get('name'))) {
+                return redirect()->route("hardware.index")->with('success', trans('admin/hardware/message.checkout.success'));
+            }
+
+            // Redirect to the asset management page with error
+            return redirect()->to("hardware/$assetId/checkout")->with('error', trans('admin/hardware/message.checkout.error'))->withErrors($asset->getErrors());
+        } catch (ModelNotFoundException $e) {
+            return redirect()->back()->with('error', trans('admin/hardware/message.checkout.error'))->withErrors($asset->getErrors());
+        } catch (CheckoutNotAllowed $e) {
+            return redirect()->back()->with('error', $e->getMessage());
+        }
+    }
+
+}

app/Http/Controllers/AssetFilesController.php

@@ -0,0 +1,125 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Helpers\Helper;
+use App\Http\Requests\AssetFileRequest;
+use App\Models\Actionlog;
+use App\Models\Asset;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Response;
+
+class AssetFilesController extends Controller
+{
+    /**
+     * Upload a file to the server.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param AssetFileRequest $request
+     * @param int $assetId
+     * @return Redirect
+     * @since [v1.0]
+     */
+    public function store(AssetFileRequest $request, $assetId = null)
+    {
+        if (!$asset = Asset::find($assetId)) {
+            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+        }
+
+        $this->authorize('update', $asset);
+
+        $destinationPath = config('app.private_uploads').'/assets';
+
+        if ($request->hasFile('file')) {
+            foreach ($request->file('file') as $file) {
+                $extension = $file->getClientOriginalExtension();
+                $filename = 'hardware-'.$asset->id.'-'.str_random(8);
+                $filename .= '-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
+                $file->move($destinationPath, $filename);
+                $asset->logUpload($filename, e($request->get('notes')));
+            }
+            return redirect()->back()->with('success', trans('admin/hardware/message.upload.success'));
+        }
+
+        return redirect()->back()->with('error', trans('admin/hardware/message.upload.nofiles'));
+    }
+
+    /**
+    * Check for permissions and display the file.
+    *
+    * @author [A. Gianotto] [<snipe@snipe.net>]
+    * @param  int  $assetId
+    * @param  int  $fileId
+    * @since [v1.0]
+    * @return View
+    */
+    public function show($assetId = null, $fileId = null, $download = true)
+    {
+        $asset = Asset::find($assetId);
+        // the asset is valid
+        if (isset($asset->id)) {
+            $this->authorize('view', $asset);
+
+            if (!$log = Actionlog::find($fileId)) {
+                return response('No matching record for that asset/file', 500)
+                    ->header('Content-Type', 'text/plain');
+            }
+
+            $file = $log->get_src('assets');
+
+            if ($log->action_type =='audit') {
+                $file = $log->get_src('audits');
+            }
+
+            if (!file_exists($file)) {
+                return response('File '.$file.' not found on server', 404)
+                    ->header('Content-Type', 'text/plain');
+            }
+
+            if ($download != 'true') {
+                  if ($contents = file_get_contents($file)) {
+                      return Response::make($contents)->header('Content-Type', mime_content_type($file));
+                  }
+                return JsonResponse::create(["error" => "Failed validation: "], 500);
+            }
+            return Response::download($file);
+        }
+        // Prepare the error message
+        $error = trans('admin/hardware/message.does_not_exist', ['id' => $fileId]);
+
+        // Redirect to the hardware management page
+        return redirect()->route('hardware.index')->with('error', $error);
+    }
+
+    /**
+    * Delete the associated file
+    *
+    * @author [A. Gianotto] [<snipe@snipe.net>]
+    * @param  int  $assetId
+    * @param  int  $fileId
+    * @since [v1.0]
+    * @return View
+    */
+    public function destroy($assetId = null, $fileId = null)
+    {
+        $asset = Asset::find($assetId);
+        $this->authorize('update', $asset);
+        $destinationPath = config('app.private_uploads').'/imports/assets';
+
+        // the asset is valid
+        if (isset($asset->id)) {
+            $this->authorize('update', $asset);
+
+            $log = Actionlog::find($fileId);
+            $full_filename = $destinationPath.'/'.$log->filename;
+            if (file_exists($full_filename)) {
+                unlink($destinationPath.'/'.$log->filename);
+            }
+            $log->delete();
+            return redirect()->back()->with('success', trans('admin/hardware/message.deletefile.success'));
+        }
+
+        // Redirect to the hardware management page
+        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+    }
+}

app/Http/Controllers/AssetMaintenancesController.php

@@ -63,85 +63,6 @@ class AssetMaintenancesController extends Controller
     }
 
 
-    /**
-    *  Generates the JSON response for asset maintenances listing view.
-    *
-    * @see AssetMaintenancesController::getIndex() method that generates view
-    * @author  Vincent Sposato <vincent.sposato@gmail.com>
-    * @version v1.0
-    * @since [v1.8]
-    * @return String JSON
-    */
-    public function getDatatable(Request $request)
-    {
-        $maintenances = AssetMaintenance::with('asset', 'supplier', 'asset.company', 'admin');
-
-        if (Input::has('search')) {
-            $maintenances = $maintenances->TextSearch(e($request->input('search')));
-        }
-
-        $offset = request('offset', 0);
-        $limit = request('limit', 50);
-
-        $allowed_columns = ['id','title','asset_maintenance_time','asset_maintenance_type','cost','start_date','completion_date','notes','user_id'];
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
-
-        switch ($sort) {
-            case 'user_id':
-                $maintenances = $maintenances->OrderAdmin($order);
-                break;
-            default:
-                $maintenances = $maintenances->orderBy($sort, $order);
-                break;
-        }
-
-        $maintenancesCount = $maintenances->count();
-        $maintenances = $maintenances->skip($offset)->take($limit)->get();
-
-        $rows = array();
-        $settings = Setting::getSettings();
-
-        foreach ($maintenances as $maintenance) {
-            $actions = '';
-            if (Gate::allows('update', Asset::class)) {
-                $actions .= Helper::generateDatatableButton('edit', route('maintenances.edit', $maintenance->id));
-                $actions .= Helper::generateDatatableButton(
-                    'delete',
-                    route('maintenances.destroy', $maintenance->id),
-                    $enabled = true,
-                    trans('admin/asset_maintenances/message.delete.confirm'),
-                    $maintenance->title
-                );
-            }
-
-            if (($maintenance->cost) && (isset($maintenance->asset)) && ($maintenance->asset->assetloc) &&  ($maintenance->asset->assetloc->currency!='')) {
-                $maintenance_cost = $maintenance->asset->assetloc->currency.$maintenance->cost;
-            } else {
-                $maintenance_cost = $settings->default_currency.$maintenance->cost;
-            }
-
-            $rows[] = array(
-                'id'            => $maintenance->id,
-                'asset_name'    =>  ($maintenance->asset) ? (string)link_to_route('maintenances.show', $maintenance->asset->present()->Name(), ['maintenance' => $maintenance->asset->id]) : 'Deleted Asset' ,
-                'title'         => $maintenance->title,
-                'notes'         => $maintenance->notes,
-                'supplier'      => ($maintenance->supplier) ? (string)link_to_route('suppliers.show', $maintenance->supplier->name, ['maintenance'=>$maintenance->supplier->id]) : 'Deleted Supplier',
-                'cost'          => $maintenance_cost,
-                'asset_maintenance_type'          => e($maintenance->asset_maintenance_type),
-                'start_date'         => $maintenance->start_date,
-                'asset_maintenance_time'          => $maintenance->asset_maintenance_time,
-                'completion_date'     => $maintenance->completion_date,
-                'user_id'       => ($maintenance->admin) ? (string)link_to_route('users.show', $maintenance->admin->present()->fullName(), ['user'=>$maintenance->admin->id]) : '',
-                'actions'       => $actions,
-                'company'   => ($maintenance->asset->company) ? $maintenance->asset->company->name : ''
-            );
-        }
-
-        $data = array('total' => $maintenancesCount, 'rows' => $rows);
-        return $data;
-
-    }
 
     /**
      *  Returns a form view to create a new asset maintenance.
@@ -154,16 +75,21 @@ class AssetMaintenancesController extends Controller
      */
     public function create()
     {
+        $asset = null;
+
+        if ($asset = Asset::find(request('asset_id'))) {
+            // We have to set this so that the correct property is set in the select2 ajax dropdown
+            $asset->asset_id = $asset->id;
+        }
+
         // Prepare Asset Maintenance Type List
         $assetMaintenanceType = [
                                     '' => 'Select an asset maintenance type',
                                 ] + AssetMaintenance::getImprovementOptions();
         // Mark the selected asset, if it came in
-        // Render the view
+
         return view('asset_maintenances/edit')
-                   ->with('asset_list', Helper::detailedAssetList())
-                   ->with('selectedAsset', request('asset_id'))
-                   ->with('supplier_list', Helper::suppliersList())
+                   ->with('asset', $asset)
                    ->with('assetMaintenanceType', $assetMaintenanceType)
                    ->with('item', new AssetMaintenance);
     }
@@ -187,7 +113,7 @@ class AssetMaintenancesController extends Controller
         $assetMaintenance->notes = e($request->input('notes'));
         $asset = Asset::find(e($request->input('asset_id')));
 
-        if (!Company::isCurrentUserHasAccess($asset)) {
+        if ((!Company::isCurrentUserHasAccess($asset)) && ($asset!=null)) {
             return static::getInsufficientPermissionsRedirect();
         }
 
@@ -260,9 +186,7 @@ class AssetMaintenancesController extends Controller
         // Get Supplier List
         // Render the view
         return view('asset_maintenances/edit')
-                   ->with('asset_list', Helper::detailedAssetList())
                    ->with('selectedAsset', null)
-                   ->with('supplier_list', Helper::suppliersList())
                    ->with('assetMaintenanceType', $assetMaintenanceType)
                    ->with('item', $assetMaintenance);
 

app/Http/Controllers/AssetModelsController.php

@@ -17,6 +17,7 @@ use App\Models\Company;
 use Config;
 use App\Helpers\Helper;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
 
 use Symfony\Component\HttpFoundation\JsonResponse;
 
@@ -34,12 +35,12 @@ class AssetModelsController extends Controller
     * the content for the accessories listing, which is generated in getDatatable.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see AssetModelsController::getDatatable() method that generates the JSON response
     * @since [v1.0]
     * @return View
     */
     public function index()
     {
+        $this->authorize('index', AssetModel::class);
         return view('models/index');
     }
 
@@ -52,11 +53,10 @@ class AssetModelsController extends Controller
     */
     public function create()
     {
-        // Show the page
-        return view('models/edit')
-        ->with('category_list', Helper::categoryList('asset'))
+        $this->authorize('create', AssetModel::class);
+        $category_type = 'asset';
+        return view('models/edit')->with('category_type',$category_type)
         ->with('depreciation_list', Helper::depreciationList())
-        ->with('manufacturer_list', Helper::manufacturerList())
         ->with('item', new AssetModel);
     }
 
@@ -68,9 +68,10 @@ class AssetModelsController extends Controller
     * @since [v1.0]
     * @return Redirect
     */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
     {
 
+        $this->authorize('create', AssetModel::class);
         // Create a new asset model
         $model = new AssetModel;
 
@@ -82,7 +83,7 @@ class AssetModelsController extends Controller
         $model->manufacturer_id     = $request->input('manufacturer_id');
         $model->category_id         = $request->input('category_id');
         $model->notes               = $request->input('notes');
-        $model->user_id             = Auth::guard('api')->user();
+        $model->user_id             = Auth::id();
         $model->requestable         = Input::has('requestable');
 
         if ($request->input('custom_fieldset')!='') {
@@ -90,63 +91,35 @@ class AssetModelsController extends Controller
         }
 
         if (Input::file('image')) {
+
             $image = Input::file('image');
-            $file_name = str_random(25).".".$image->getClientOriginalExtension();
-            $path = public_path('uploads/models/'.$file_name);
-            Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
-                $constraint->aspectRatio();
-                $constraint->upsize();
-            })->save($path);
+            $file_name = str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
+            $path = app('models_upload_path');
+
+            if ($image->getClientOriginalExtension()!='svg') {
+                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                    $constraint->aspectRatio();
+                    $constraint->upsize();
+                })->save($path.'/'.$file_name);
+            } else {
+                $image->move($path, $file_name);
+            }
             $model->image = $file_name;
+
         }
 
             // Was it created?
         if ($model->save()) {
+            if ($this->shouldAddDefaultValues($request->input())) {
+                $this->assignCustomFieldsDefaultValues($model, $request->input('default_values'));
+            }
+
             // Redirect to the new model  page
             return redirect()->route("models.index")->with('success', trans('admin/models/message.create.success'));
         }
         return redirect()->back()->withInput()->withErrors($model->getErrors());
     }
 
-    /**
-     * Validates and stores new Asset Model data created from the
-     * modal form on the Asset Creation view.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v2.0]
-     * @param Request $request
-     * @return String JSON
-     */
-    public function apiStore(Request $request)
-    {
-      //COPYPASTA!!!! FIXME
-        $model = new AssetModel;
-
-        $settings=Input::all();
-        $settings['eol']= null;
-
-        $model->name=$request->input('name');
-        $model->manufacturer_id = $request->input('manufacturer_id');
-        $model->category_id = $request->input('category_id');
-        $model->model_number = $request->input('model_number');
-        $model->user_id = Auth::id();
-        $model->notes            = $request->input('notes');
-        $model->eol= null;
-
-        if ($request->input('fieldset_id')=='') {
-            $model->fieldset_id = null;
-        } else {
-            $model->fieldset_id = e($request->input('fieldset_id'));
-        }
-
-        if ($model->save()) {
-            return JsonResponse::create($model);
-        } else {
-            return JsonResponse::create(["error" => "Failed validation: ".print_r($model->getErrors()->all('<li>:message</li>'), true)], 500);
-        }
-    }
-
-
     /**
     * Returns a view containing the asset model edit form.
     *
@@ -157,17 +130,16 @@ class AssetModelsController extends Controller
     */
     public function edit($modelId = null)
     {
-        // Check if the model exists
-        if (is_null($item = AssetModel::find($modelId))) {
-            // Redirect to the model management page
-            return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
+        $this->authorize('update', AssetModel::class);
+        if ($item = AssetModel::find($modelId)) {
+            $category_type = 'asset';
+            $view = View::make('models/edit', compact('item','category_type'));
+            $view->with('depreciation_list', Helper::depreciationList());
+            return $view;
         }
 
-        $view = View::make('models/edit', compact('item'));
-        $view->with('category_list', Helper::categoryList('asset'));
-        $view->with('depreciation_list', Helper::depreciationList());
-        $view->with('manufacturer_list', Helper::manufacturerList());
-        return $view;
+        return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
+
     }
 
 
@@ -180,45 +152,68 @@ class AssetModelsController extends Controller
     * @param int $modelId
     * @return Redirect
     */
-    public function update(Request $request, $modelId = null)
+    public function update(ImageUploadRequest $request, $modelId = null)
     {
+        $this->authorize('update', AssetModel::class);
         // Check if the model exists
         if (is_null($model = AssetModel::find($modelId))) {
             // Redirect to the models management page
             return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
         }
 
-        $model->depreciation_id = $request->input('depreciation_id');
-        $model->eol = $request->input('eol');
+        $model->depreciation_id     = $request->input('depreciation_id');
+        $model->eol                 = $request->input('eol');
         $model->name                = $request->input('name');
         $model->model_number        = $request->input('model_number');
         $model->manufacturer_id     = $request->input('manufacturer_id');
         $model->category_id         = $request->input('category_id');
         $model->notes               = $request->input('notes');
+        $model->requestable         = $request->input('requestable', '0');
 
-        $model->requestable = Input::has('requestable');
+        $this->removeCustomFieldsDefaultValues($model);
 
         if ($request->input('custom_fieldset')=='') {
             $model->fieldset_id = null;
         } else {
             $model->fieldset_id = $request->input('custom_fieldset');
+
+            if ($this->shouldAddDefaultValues($request->input())) {
+                $this->assignCustomFieldsDefaultValues($model, $request->input('default_values'));
+            }
         }
 
-        if (Input::file('image')) {
-            $image = Input::file('image');
-            $file_name = str_random(25).".".$image->getClientOriginalExtension();
-            $path = public_path('uploads/models/'.$file_name);
-            Image::make($image->getRealPath())->resize(300, null, function ($constraint) {
-                $constraint->aspectRatio();
-                $constraint->upsize();
-            })->save($path);
-            $model->image = $file_name;
-        }
+        $old_image = $model->image;
 
-        if ($request->input('image_delete') == 1 && Input::file('image') == "") {
+        // Set the model's image property to null if the image is being deleted
+        if ($request->input('image_delete') == 1) {
             $model->image = null;
         }
 
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = $model->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
+
+            if ($image->getClientOriginalExtension()!='svg') {
+                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                    $constraint->aspectRatio();
+                    $constraint->upsize();
+                })->save(app('models_upload_path').$file_name);
+            } else {
+                $image->move(app('models_upload_path'), $file_name);
+            }
+            $model->image = $file_name;
+
+        }
+
+        if ((($request->file('image')) && (isset($old_image)) && ($old_image!='')) || ($request->input('image_delete') == 1)) {
+            try  {
+                unlink(app('models_upload_path').$old_image);
+            } catch (\Exception $e) {
+                \Log::error($e);
+            }
+        }
+
+
         if ($model->save()) {
             return redirect()->route("models.index")->with('success', trans('admin/models/message.update.success'));
         }
@@ -236,6 +231,7 @@ class AssetModelsController extends Controller
     */
     public function destroy($modelId)
     {
+        $this->authorize('delete', AssetModel::class);
         // Check if the model exists
         if (is_null($model = AssetModel::find($modelId))) {
             return redirect()->route('models.index')->with('error', trans('admin/models/message.not_found'));
@@ -245,6 +241,15 @@ class AssetModelsController extends Controller
             // Throw an error that this model is associated with assets
             return redirect()->route('models.index')->with('error', trans('admin/models/message.assoc_users'));
         }
+
+        if ($model->image) {
+            try  {
+                unlink(public_path().'/uploads/models/'.$model->image);
+            } catch (\Exception $e) {
+                \Log::error($e);
+            }
+        }
+
         // Delete the model
         $model->delete();
 
@@ -263,7 +268,7 @@ class AssetModelsController extends Controller
     */
     public function getRestore($modelId = null)
     {
-
+        $this->authorize('create', AssetModel::class);
         // Get user information
         $model = AssetModel::withTrashed()->find($modelId);
 
@@ -294,6 +299,7 @@ class AssetModelsController extends Controller
     */
     public function show($modelId = null)
     {
+        $this->authorize('view', AssetModel::class);
         $model = AssetModel::withTrashed()->find($modelId);
 
         if (isset($model->id)) {
@@ -326,9 +332,7 @@ class AssetModelsController extends Controller
 
         // Show the page
         $view = View::make('models/edit');
-        $view->with('category_list', Helper::categoryList('asset'));
         $view->with('depreciation_list', Helper::depreciationList());
-        $view->with('manufacturer_list', Helper::manufacturerList());
         $view->with('item', $model);
         $view->with('clone_model', $model_to_clone);
         return $view;
@@ -352,49 +356,6 @@ class AssetModelsController extends Controller
 
 
 
-    /**
-     * Get the asset information to present to the model view detail page
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v2.0]
-     * @param Request $request
-     * @param $modelID
-     * @return String JSON
-     * @internal param int $modelId
-     */
-    public function getDataView(Request $request, $modelID)
-    {
-        $assets = Asset::where('model_id', '=', $modelID)->with('company', 'assetstatus');
-
-        if (Input::has('search')) {
-            $assets = $assets->TextSearch(e($request->input('search')));
-        }
-        $offset = request('offset', 0);
-        $limit = request('limit', 50);
-
-
-        $allowed_columns = ['name', 'serial','asset_tag'];
-        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
-
-        $assets = $assets->orderBy($sort, $order);
-
-        $assetsCount = $assets->count();
-        $assets = $assets->skip($offset)->take($limit)->get();
-
-        $rows = array();
-
-        $all_custom_fields = CustomField::all();
-        foreach ($assets as $asset) {
-
-            $rows[] = $asset->present()->forDataTable($all_custom_fields);
-        }
-
-        $data = array('total' => $assetsCount, 'rows' => $rows);
-
-        return $data;
-    }
-
 
     /**
      * Returns a view that allows the user to bulk edit model attrbutes
@@ -405,20 +366,41 @@ class AssetModelsController extends Controller
      */
     public function postBulkEdit(Request $request)
     {
-        $models_raw_array = Input::get('ids');
-        $models = AssetModel::whereIn('id', $models_raw_array)->get();
-        $nochange = ['NC' => 'No Change'];
-        $fieldset_list = $nochange + Helper::customFieldsetList();
-        $depreciation_list = $nochange + Helper::depreciationList();
-        $category_list = $nochange + Helper::categoryList('asset');
-        $manufacturer_list = $nochange + Helper::manufacturerList();
 
-        
-             return view('models/bulk-edit', compact('models'))
-                ->with('manufacturer_list', $manufacturer_list)
-                ->with('category_list', $category_list)
-                ->with('fieldset_list', $fieldset_list)
-                ->with('depreciation_list', $depreciation_list);
+        $models_raw_array = Input::get('ids');
+
+        // Make sure some IDs have been selected
+        if ((is_array($models_raw_array)) && (count($models_raw_array) > 0)) {
+
+
+            $models = AssetModel::whereIn('id', $models_raw_array)->withCount('assets')->orderBy('assets_count', 'ASC')->get();
+
+            // If deleting....
+            if ($request->input('bulk_actions')=='delete') {
+                $valid_count = 0;
+                foreach ($models as $model) {
+                    if ($model->assets_count == 0) {
+                        $valid_count++;
+                    }
+                }
+                return view('models/bulk-delete', compact('models'))->with('valid_count', $valid_count);
+
+            // Otherwise display the bulk edit screen
+            } else {
+
+                $nochange = ['NC' => 'No Change'];
+                $fieldset_list = $nochange + Helper::customFieldsetList();
+                $depreciation_list = $nochange + Helper::depreciationList();
+
+                return view('models/bulk-edit', compact('models'))
+                    ->with('fieldset_list', $fieldset_list)
+                    ->with('depreciation_list', $depreciation_list);
+            }
+
+        }
+
+        return redirect()->route('models.index')
+            ->with('error', 'You must select at least one model to edit.');
 
     }
 
@@ -437,6 +419,7 @@ class AssetModelsController extends Controller
         $models_raw_array = Input::get('ids');
         $update_array = array();
 
+
         if (($request->has('manufacturer_id') && ($request->input('manufacturer_id')!='NC'))) {
             $update_array['manufacturer_id'] = $request->input('manufacturer_id');
         }
@@ -463,4 +446,91 @@ class AssetModelsController extends Controller
 
     }
 
+    /**
+     * Validate and delete the given Asset Models. An Asset Model
+     * cannot be deleted if there are associated assets.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param int $modelId
+     * @return Redirect
+     */
+    public function postBulkDelete(Request $request)
+    {
+        $models_raw_array = Input::get('ids');
+
+        if ((is_array($models_raw_array)) && (count($models_raw_array) > 0)) {
+
+            $models = AssetModel::whereIn('id', $models_raw_array)->withCount('assets')->get();
+
+            $del_error_count = 0;
+            $del_count = 0;
+
+            foreach ($models as $model) {
+                \Log::debug($model->id);
+
+                if ($model->assets_count > 0) {
+                    $del_error_count++;
+                } else {
+                    $model->delete();
+                    $del_count++;
+                }
+            }
+
+            \Log::debug($del_count);
+            \Log::debug($del_error_count);
+
+            if ($del_error_count == 0) {
+                return redirect()->route('models.index')
+                    ->with('success', trans('admin/models/message.bulkdelete.success',['success_count'=> $del_count] ));
+            }
+
+            return redirect()->route('models.index')
+                ->with('warning', trans('admin/models/message.bulkdelete.success_partial', ['fail_count'=>$del_error_count, 'success_count'=> $del_count]));
+        }
+
+        return redirect()->route('models.index')
+            ->with('error', trans('admin/models/message.bulkdelete.error'));
+
+    }
+
+    /**
+     * Returns true if a fieldset is set, 'add default values' is ticked and if
+     * any default values were entered into the form.
+     *
+     * @param  array  $input
+     * @return boolean
+     */
+    private function shouldAddDefaultValues(array $input)
+    {
+        return !empty($input['add_default_values'])
+            && !empty($input['default_values'])
+            && !empty($input['custom_fieldset']);
+    }
+
+    /**
+     * Adds default values to a model (as long as they are truthy)
+     *
+     * @param  AssetModel $model
+     * @param  array      $defaultValues
+     * @return void
+     */
+    private function assignCustomFieldsDefaultValues(AssetModel $model, array $defaultValues)
+    {
+        foreach ($defaultValues as $customFieldId => $defaultValue) {
+            if ($defaultValue) {
+                $model->defaultValues()->attach($customFieldId, ['default_value' => $defaultValue]);
+            }
+        }
+    }
+
+    /**
+     * Removes all default values
+     *
+     * @return void
+     */
+    private function removeCustomFieldsDefaultValues(AssetModel $model)
+    {
+        $model->defaultValues()->detach();
+    }
 }

app/Http/Controllers/Auth/LoginController.php

@@ -47,19 +47,45 @@ class LoginController extends Controller
     public function __construct()
     {
         $this->middleware('guest', ['except' => ['logout','postTwoFactorAuth','getTwoFactorAuth','getTwoFactorEnroll']]);
+        \Session::put('backUrl', \URL::previous());
     }
 
-
-    function showLoginForm()
+    function showLoginForm(Request $request)
     {
+        $this->loginViaRemoteUser($request);
         if (Auth::check()) {
             return redirect()->intended('dashboard');
         }
+
+        if (Setting::getSettings()->login_common_disabled == "1") {
+            return view('errors.403');
+        }
+
         return view('auth.login');
     }
 
+    private function loginViaRemoteUser(Request $request)
+    {
+        $remote_user = $request->server('REMOTE_USER');
+        if (Setting::getSettings()->login_remote_user_enabled == "1" && isset($remote_user) && !empty($remote_user)) {
+            LOG::debug("Authenticatiing via REMOTE_USER.");
 
-    private function login_via_ldap(Request $request)
+            $pos = strpos($remote_user, '\\');
+            if ($pos > 0) {
+                $remote_user = substr($remote_user, $pos + 1);
+            };
+            
+            try {
+                $user = User::where('username', '=', $remote_user)->whereNull('deleted_at')->where('activated', '=', '1')->first();
+                LOG::debug("Remote user auth lookup complete");
+                if(!is_null($user)) Auth::login($user, true);
+            } catch(Exception $e) {
+                LOG::error("There was an error authenticating the Remote user: " . $e->getMessage());
+            }
+        }
+    }
+
+    private function loginViaLdap(Request $request)
     {
         LOG::debug("Binding user to LDAP.");
         $ldap_user = Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'));
@@ -71,7 +97,7 @@ class LoginController extends Controller
         }
 
         // Check if the user already exists in the database and was imported via LDAP
-        $user = User::where('username', '=', Input::get('username'))->whereNull('deleted_at')->where('ldap_import', '=', 1)->first();
+        $user = User::where('username', '=', Input::get('username'))->whereNull('deleted_at')->where('ldap_import', '=', 1)->where('activated', '=', '1')->first();
         LOG::debug("Local auth lookup complete");
 
         // The user does not exist in the database. Try to get them from LDAP.
@@ -113,6 +139,10 @@ class LoginController extends Controller
      */
     public function login(Request $request)
     {
+        if (Setting::getSettings()->login_common_disabled == "1") {
+            return view('errors.403');
+        }
+
         $validator = $this->validator(Input::all());
 
         if ($validator->fails()) {
@@ -133,7 +163,7 @@ class LoginController extends Controller
         if (Setting::getSettings()->ldap_enabled=='1') {
             LOG::debug("LDAP is enabled.");
             try {
-                $user = $this->login_via_ldap($request);
+                $user = $this->loginViaLdap($request);
                 Auth::login($user, true);
 
             // If the user was unable to login via LDAP, log the error and let them fall through to
@@ -147,7 +177,7 @@ class LoginController extends Controller
         if (!$user) {
             LOG::debug("Authenticating user against database.");
           // Try to log the user in
-            if (!Auth::attempt(Input::only('username', 'password'), Input::get('remember-me', 0))) {
+            if (!Auth::attempt(['username' => $request->input('username'), 'password' => $request->input('password'), 'activated' => 1], $request->input('remember'))) {
 
                 if (!$lockedOut) {
                     $this->incrementLoginAttempts($request);
@@ -251,7 +281,15 @@ class LoginController extends Controller
     public function logout(Request $request)
     {
         $request->session()->forget('2fa_authed');
+
         Auth::logout();
+
+        $settings = Setting::getSettings();
+        $customLogoutUrl = $settings->login_remote_user_custom_logout_url ;
+        if ($settings->login_remote_user_enabled == '1' && $customLogoutUrl != '') {
+            return redirect()->away($customLogoutUrl);
+        }
+
         return redirect()->route('login')->with('success', 'You have successfully logged out!');
     }
 
@@ -320,4 +358,9 @@ class LoginController extends Controller
         return redirect()->route('login');
     }
 
+    public function redirectTo()
+    {
+        return Session::get('backUrl') ? Session::get('backUrl') :   $this->redirectTo;
+    }
+
 }

app/Http/Controllers/Auth/RegisterController.php

@@ -0,0 +1,23 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Foundation\Auth\ResetsPasswords;
+
+class RegisterController extends Controller
+{
+
+    public function __construct()
+    {
+        $this->middleware('guest');
+    }
+
+    public function showRegistrationForm() {
+        abort(404,'Page not found');
+    }
+    
+    public function register() {
+        abort(404,'Page not found');
+    }
+}

app/Http/Controllers/Auth/ResetPasswordController.php

@@ -25,7 +25,7 @@ class ResetPasswordController extends Controller
      *
      * @var string
      */
-    protected $redirectTo = '/home';
+    protected $redirectTo = '/';
 
     /**
      * Create a new controller instance.

app/Http/Controllers/BulkAssetsController.php

@@ -0,0 +1,249 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Helpers\Helper;
+use App\Http\Controllers\CheckInOutRequest;
+use App\Models\Asset;
+use App\Models\Setting;
+use App\Models\User;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\DB;
+
+class BulkAssetsController extends Controller
+{
+    use CheckInOutRequest;
+    /**
+     * Display the bulk edit page.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @return View
+     * @internal param int $assetId
+     * @since [v2.0]
+     */
+    public function edit(Request $request)
+    {
+        $this->authorize('update', Asset::class);
+
+        if (!$request->has('ids')) {
+            return redirect()->back()->with('error', 'No assets selected');
+        }
+
+        $asset_ids = array_keys($request->input('ids'));
+
+        if ($request->has('bulk_actions')) {
+            switch($request->input('bulk_actions')) {
+                case 'labels':
+                    return view('hardware/labels')
+                        ->with('assets', Asset::find($asset_ids))
+                        ->with('settings', Setting::getSettings())
+                        ->with('count', 0);
+                case 'delete':
+                    $assets = Asset::with('assignedTo', 'location')->find($asset_ids);
+                    $assets->each(function ($asset) {
+                        $this->authorize('delete', $asset);
+                    });
+                    return view('hardware/bulk-delete')->with('assets', $assets);
+                case 'edit':
+                    return view('hardware/bulk')
+                        ->with('assets', request('ids'))
+                        ->with('statuslabel_list', Helper::statusLabelList());
+            }
+        }
+        return redirect()->back()->with('error', 'No action selected');
+    }
+
+    /**
+     * Save bulk edits
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @return Redirect
+     * @internal param array $assets
+     * @since [v2.0]
+     */
+    public function update(Request $request)
+    {
+        $this->authorize('update', Asset::class);
+
+        \Log::debug($request->input('ids'));
+
+        if(!$request->has('ids') || count($request->input('ids')) <= 0) {
+            return redirect()->route("hardware.index")->with('warning', trans('No assets selected, so nothing was updated.'));
+        }
+
+        $assets = array_keys($request->input('ids'));
+
+        if (($request->has('purchase_date'))
+            || ($request->has('purchase_cost'))
+            || ($request->has('supplier_id'))
+            || ($request->has('order_number'))
+            || ($request->has('warranty_months'))
+            || ($request->has('rtd_location_id'))
+            || ($request->has('requestable'))
+            || ($request->has('company_id'))
+            || ($request->has('status_id'))
+            || ($request->has('model_id'))
+        ) {
+            foreach ($assets as $assetId) {
+                $this->update_array = [];
+
+                $this->conditionallyAddItem('purchase_date')
+                    ->conditionallyAddItem('model_id')
+                    ->conditionallyAddItem('order_number')
+                    ->conditionallyAddItem('requestable')
+                    ->conditionallyAddItem('status_id')
+                    ->conditionallyAddItem('supplier_id')
+                    ->conditionallyAddItem('warranty_months');
+
+                if ($request->has('purchase_cost')) {
+                    $this->update_array['purchase_cost'] =  Helper::ParseFloat($request->input('purchase_cost'));
+                }
+
+                if ($request->has('company_id')) {
+                    $this->update_array['company_id'] =  $request->input('company_id');
+                    if ($request->input('company_id')=="clear") {
+                        $this->update_array['company_id'] = null;
+                    }
+                }
+
+                if ($request->has('rtd_location_id')) {
+                    $this->update_array['rtd_location_id'] = $request->input('rtd_location_id');
+                    if (($request->has('update_real_loc')) && (($request->input('update_real_loc')) == '1')) {
+                        $this->update_array['location_id'] = $request->input('rtd_location_id');
+                    }
+                }
+
+                DB::table('assets')
+                    ->where('id', $assetId)
+                    ->update($this->update_array);
+            } // endforeach
+            return redirect()->route("hardware.index")->with('success', trans('admin/hardware/message.update.success'));
+        // no values given, nothing to update
+        }
+        return redirect()->route("hardware.index")->with('warning', trans('admin/hardware/message.update.nothing_updated'));
+
+    }
+
+    /**
+     * Array to store update data per item
+     * @var Array
+     */
+    private $update_array;
+    /**
+     * Adds parameter to update array for an item if it exists in request
+     * @param  String  $field        field name
+     * @return this     Model for Chaining
+     */
+    protected function conditionallyAddItem($field)
+    {
+        if(request()->has($field)) {
+            $this->update_array[$field] = request()->input($field);
+        }
+        return $this;
+    }
+
+    /**
+     * Save bulk deleted.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @return View
+     * @internal param array $assets
+     * @since [v2.0]
+     */
+    public function destroy(Request $request)
+    {
+        $this->authorize('delete', Asset::class);
+
+        if ($request->has('ids')) {
+            $assets = Asset::find($request->get('ids'));
+            foreach ($assets as $asset) {
+                $update_array['deleted_at'] = date('Y-m-d H:i:s');
+                $update_array['assigned_to'] = null;
+
+                DB::table('assets')
+                    ->where('id', $asset->id)
+                    ->update($update_array);
+            } // endforeach
+            return redirect()->to("hardware")->with('success', trans('admin/hardware/message.delete.success'));
+            // no values given, nothing to update
+        }
+        return redirect()->to("hardware")->with('info', trans('admin/hardware/message.delete.nothing_updated'));
+    }
+
+    /**
+     * Show Bulk Checkout Page
+     * @return View View to checkout multiple assets
+     */
+    public function showCheckout()
+    {
+        $this->authorize('checkout', Asset::class);
+        // Filter out assets that are not deployable.
+
+        return view('hardware/bulk-checkout');
+    }
+
+    /**
+     * Process Multiple Checkout Request
+     * @return View
+     */
+    public function storeCheckout(Request $request)
+    {
+        try {
+            $admin = Auth::user();
+
+            $target = $this->determineCheckoutTarget();
+
+            if (!is_array($request->get('selected_assets'))) {
+                return redirect()->route('hardware/bulkcheckout')->withInput()->with('error', trans('admin/hardware/message.checkout.no_assets_selected'));
+            }
+
+            $asset_ids = array_filter($request->get('selected_assets'));
+
+            foreach ($asset_ids as $asset_id) {
+                if ($target->id == $asset_id && request('checkout_to_type') =='asset') {
+                    return redirect()->back()->with('error', 'You cannot check an asset out to itself.');
+                }
+            }
+            $checkout_at = date("Y-m-d H:i:s");
+            if (($request->has('checkout_at')) && ($request->get('checkout_at')!= date("Y-m-d"))) {
+                $checkout_at = e($request->get('checkout_at'));
+            }
+
+            $expected_checkin = '';
+
+            if ($request->has('expected_checkin')) {
+                $expected_checkin = e($request->get('expected_checkin'));
+            }
+
+            $errors = [];
+            DB::transaction(function () use ($target, $admin, $checkout_at, $expected_checkin, $errors, $asset_ids, $request) {
+
+                foreach ($asset_ids as $asset_id) {
+                    $asset = Asset::findOrFail($asset_id);
+                    $this->authorize('checkout', $asset);
+                    $error = $asset->checkOut($target, $admin, $checkout_at, $expected_checkin, e($request->get('note')), null);
+
+                    if ($target->location_id!='') {
+                        $asset->location_id = $target->location_id;
+                        $asset->unsetEventDispatcher();
+                        $asset->save();
+                    }
+
+                    if ($error) {
+                        array_merge_recursive($errors, $asset->getErrors()->toArray());
+                    }
+                }
+            });
+
+            if (!$errors) {
+              // Redirect to the new asset page
+                return redirect()->to("hardware")->with('success', trans('admin/hardware/message.checkout.success'));
+            }
+            // Redirect to the asset management page with error
+            return redirect()->to("hardware/bulk-checkout")->with('error', trans('admin/hardware/message.checkout.error'))->withErrors($errors);
+        } catch (ModelNotFoundException $e) {
+            return redirect()->to("hardware/bulk-checkout")->with('error', $e->getErrors());
+        }
+    }
+}

app/Http/Controllers/CategoriesController.php

@@ -15,6 +15,8 @@ use Lang;
 use Redirect;
 use Str;
 use View;
+use Image;
+use App\Http\Requests\ImageUploadRequest;
 
 /**
  * This class controls all actions related to Categories for
@@ -38,6 +40,7 @@ class CategoriesController extends Controller
     public function index()
     {
         // Show the page
+        $this->authorize('view', Category::class);
         return view('categories/index');
     }
 
@@ -53,6 +56,7 @@ class CategoriesController extends Controller
     public function create()
     {
         // Show the page
+        $this->authorize('create', Category::class);
          $category_types= Helper::categoryTypeList();
         return view('categories/edit')->with('item', new Category)
             ->with('category_types', $category_types);
@@ -67,11 +71,10 @@ class CategoriesController extends Controller
     * @since [v1.0]
     * @return \Illuminate\Http\RedirectResponse
      */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
     {
-        // create a new model instance
+        $this->authorize('create', Category::class);
         $category = new Category();
-        // Update the category data
         $category->name                 = $request->input('name');
         $category->category_type        = $request->input('category_type');
         $category->eula_text            = $request->input('eula_text');
@@ -80,6 +83,18 @@ class CategoriesController extends Controller
         $category->checkin_email        = $request->input('checkin_email', '0');
         $category->user_id              = Auth::id();
 
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_random(25).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/categories/'.$file_name);
+            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $category->image = $file_name;
+        }
+
+
         if ($category->save()) {
             return redirect()->route('categories.index')->with('success', trans('admin/categories/message.create.success'));
         }
@@ -98,10 +113,9 @@ class CategoriesController extends Controller
      */
     public function edit($categoryId = null)
     {
-        // Check if the category exists
+        $this->authorize('edit', Category::class);
         if (is_null($item = Category::find($categoryId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/settings/categories')->with('error', trans('admin/categories/message.does_not_exist'));
+            return redirect()->route('categories.index')->with('error', trans('admin/categories/message.does_not_exist'));
         }
         $category_types= Helper::categoryTypeList();
 
@@ -120,9 +134,9 @@ class CategoriesController extends Controller
      * @return \Illuminate\Http\RedirectResponse
      * @since [v1.0]
      */
-    public function update(Request $request, $categoryId = null)
+    public function update(ImageUploadRequest $request, $categoryId = null)
     {
-        // Check if the blog post exists
+        $this->authorize('edit', Category::class);
         if (is_null($category = Category::find($categoryId))) {
             // Redirect to the categories management page
             return redirect()->to('admin/categories')->with('error', trans('admin/categories/message.does_not_exist'));
@@ -138,6 +152,38 @@ class CategoriesController extends Controller
         $category->require_acceptance   = $request->input('require_acceptance', '0');
         $category->checkin_email        = $request->input('checkin_email', '0');
 
+        $old_image = $category->image;
+
+        // Set the model's image property to null if the image is being deleted
+        if ($request->input('image_delete') == 1) {
+            $category->image = null;
+        }
+
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = $category->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
+
+            if ($image->getClientOriginalExtension()!='svg') {
+                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                    $constraint->aspectRatio();
+                    $constraint->upsize();
+                })->save(app('categories_upload_path').$file_name);
+            } else {
+                $image->move(app('categories_upload_path'), $file_name);
+            }
+            $category->image = $file_name;
+
+        }
+
+        if ((($request->file('image')) && (isset($old_image)) && ($old_image!='')) || ($request->input('image_delete') == 1)) {
+            try  {
+                unlink(app('categories_upload_path').$old_image);
+            } catch (\Exception $e) {
+                \Log::error($e);
+            }
+        }
+
+
         if ($category->save()) {
             // Redirect to the new category page
             return redirect()->route('categories.index')->with('success', trans('admin/categories/message.update.success'));
@@ -156,24 +202,25 @@ class CategoriesController extends Controller
      */
     public function destroy($categoryId)
     {
+        $this->authorize('delete', Category::class);
         // Check if the category exists
         if (is_null($category = Category::find($categoryId))) {
-            return redirect()->to('admin/settings/categories')->with('error', trans('admin/categories/message.not_found'));
+            return redirect()->route('categories.index')->with('error', trans('admin/categories/message.not_found'));
         }
 
         if ($category->has_models() > 0) {
-            return redirect()->to('admin/settings/categories')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'model']));
+            return redirect()->route('categories.index')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'model']));
         } elseif ($category->accessories()->count() > 0) {
-                return redirect()->to('admin/settings/categories')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'accessory']));
+                return redirect()->route('categories.index')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'accessory']));
         } elseif ($category->consumables()->count() > 0) {
-                return redirect()->to('admin/settings/categories')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'consumable']));
+                return redirect()->route('categories.index')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'consumable']));
         } elseif ($category->components()->count() > 0) {
-                return redirect()->to('admin/settings/categories')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'component']));
+                return redirect()->route('categories.index')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'component']));
         }
 
         $category->delete();
         // Redirect to the locations management page
-        return redirect()->to(route('categories.index'))->with('success', trans('admin/categories/message.delete.success'));
+        return redirect()->route('categories.index')->with('success', trans('admin/categories/message.delete.success'));
     }
 
 
@@ -189,6 +236,7 @@ class CategoriesController extends Controller
      */
     public function show($id)
     {
+        $this->authorize('view', Category::class);
         if ($category = Category::find($id)) {
 
             if ($category->category_type=='asset') {

app/Http/Controllers/CheckInOutRequest.php

@@ -0,0 +1,56 @@
+<?php
+namespace App\Http\Controllers;
+
+use App\Exceptions\CheckoutNotAllowed;
+use App\Models\Asset;
+use App\Models\Location;
+use App\Models\User;
+
+trait CheckInOutRequest
+{
+    /**
+     * Find target for checkout
+     * @return SnipeModel        Target asset is being checked out to.
+     */
+    protected function determineCheckoutTarget()
+    {
+          // This item is checked out to a location
+        switch(request('checkout_to_type'))
+        {
+            case 'location':
+                return Location::findOrFail(request('assigned_location'));
+            case 'asset':
+                return Asset::findOrFail(request('assigned_asset'));
+            case 'user':
+                return User::findOrFail(request('assigned_user'));
+        }
+        return null;
+    }
+
+    /**
+     * Update the location of the asset passed in.
+     * @param  Asset $asset Asset being updated
+     * @param  SnipeModel $target Target with location
+     * @return Asset        Asset being updated
+     */
+    protected function updateAssetLocation($asset, $target)
+    {
+        switch(request('checkout_to_type'))
+        {
+            case 'location':
+                $asset->location_id = $target->id;
+                break;
+            case 'asset':
+                $asset->location_id = $target->rtd_location_id;
+                // Override with the asset's location_id if it has one
+                if ($target->location_id!='') {
+                    $asset->location_id = $target->location_id;
+                }
+                break;
+            case 'user':
+                    $asset->location_id = $target->location_id;
+                    break;
+        }
+        return $asset;
+    }
+}

app/Http/Controllers/CompaniesController.php

@@ -7,6 +7,8 @@ use Lang;
 use Redirect;
 use View;
 use Illuminate\Http\Request;
+use Image;
+use App\Http\Requests\ImageUploadRequest;
 
 /**
  * This controller handles all actions related to Companies for
@@ -27,6 +29,8 @@ final class CompaniesController extends Controller
      */
     public function index()
     {
+        $this->authorize('view', Company::class);
+
         return view('companies/index')->with('companies', Company::all());
     }
 
@@ -39,6 +43,8 @@ final class CompaniesController extends Controller
      */
     public function create()
     {
+        $this->authorize('create', Company::class);
+
         return view('companies/edit')->with('item', new Company);
     }
 
@@ -50,11 +56,24 @@ final class CompaniesController extends Controller
      * @param Request $request
      * @return \Illuminate\Http\RedirectResponse
      */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
     {
+        $this->authorize('create', Company::class);
+
         $company = new Company;
         $company->name = $request->input('name');
 
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_random(25).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/companies/'.$file_name);
+            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $company->image = $file_name;
+        }
+
         if ($company->save()) {
             return redirect()->route('companies.index')
                 ->with('success', trans('admin/companies/message.create.success'));
@@ -77,6 +96,9 @@ final class CompaniesController extends Controller
             return redirect()->route('companies.index')
                 ->with('error', trans('admin/companies/message.does_not_exist'));
         }
+
+        $this->authorize('update', $item);
+
         return view('companies/edit')->with('item', $item);
     }
 
@@ -89,14 +111,48 @@ final class CompaniesController extends Controller
      * @param int $companyId
      * @return \Illuminate\Http\RedirectResponse
      */
-    public function update(Request $request, $companyId)
+    public function update(ImageUploadRequest $request, $companyId)
     {
         if (is_null($company = Company::find($companyId))) {
             return redirect()->route('companies.index')->with('error', trans('admin/companies/message.does_not_exist'));
         }
 
+        $this->authorize('update', $company);
+
         $company->name = $request->input('name');
 
+        $old_image = $company->image;
+
+        // Set the model's image property to null if the image is being deleted
+        if ($request->input('image_delete') == 1) {
+            $company->image = null;
+        }
+
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = $company->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
+
+            if ($image->getClientOriginalExtension()!='svg') {
+                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                    $constraint->aspectRatio();
+                    $constraint->upsize();
+                })->save(app('companies_upload_path').$file_name);
+            } else {
+                $image->move(app('companies_upload_path'), $file_name);
+            }
+            $company->image = $file_name;
+
+        }
+
+        if ((($request->file('image')) && (isset($old_image)) && ($old_image!='')) || ($request->input('image_delete') == 1)) {
+            try  {
+                unlink(app('companies_upload_path').$old_image);
+            } catch (\Exception $e) {
+                \Log::error($e);
+            }
+        }
+
+
         if ($company->save()) {
             return redirect()->route('companies.index')
                 ->with('success', trans('admin/companies/message.update.success'));
@@ -119,6 +175,9 @@ final class CompaniesController extends Controller
             return redirect()->route('companies.index')
                 ->with('error', trans('admin/companies/message.not_found'));
         } else {
+
+            $this->authorize('delete', $company);
+
             try {
                 $company->delete();
                 return redirect()->route('companies.index')

app/Http/Controllers/ComponentsController.php

@@ -2,6 +2,8 @@
 namespace App\Http\Controllers;
 
 use App\Helpers\Helper;
+use App\Http\Requests\ImageUploadRequest;
+use App\Models\Actionlog;
 use App\Models\Company;
 use App\Models\Component;
 use App\Models\CustomField;
@@ -21,6 +23,7 @@ use View;
 use Validator;
 use Illuminate\Http\Request;
 use Gate;
+use Image;
 
 /**
  * This class controls all actions related to Components for
@@ -57,12 +60,9 @@ class ComponentsController extends Controller
     public function create()
     {
         $this->authorize('create', Component::class);
-        // Show the page
-        return view('components/edit')
-            ->with('item', new Component)
-            ->with('category_list', Helper::categoryList('component'))
-            ->with('company_list', Helper::companyList())
-            ->with('location_list', Helper::locationsList());
+        $category_type = 'component';
+        return view('components/edit')->with('category_type',$category_type)
+            ->with('item', new Component);
     }
 
 
@@ -74,22 +74,34 @@ class ComponentsController extends Controller
     * @since [v3.0]
     * @return \Illuminate\Http\RedirectResponse
      */
-    public function store()
+    public function store(ImageUploadRequest $request)
     {
         $this->authorize('create', Component::class);
         $component = new Component();
-        $component->name                   = Input::get('name');
-        $component->category_id            = Input::get('category_id');
-        $component->location_id            = Input::get('location_id');
-        $component->company_id             = Company::getIdForCurrentUser(Input::get('company_id'));
-        $component->order_number           = Input::get('order_number');
-        $component->min_amt                = Input::get('min_amt');
-        $component->serial                 = Input::get('serial');
-        $component->purchase_date       = Input::get('purchase_date');
-        $component->purchase_cost       = request('purchase_cost');
-        $component->qty                    = Input::get('qty');
+        $component->name                   = $request->input('name');
+        $component->category_id            = $request->input('category_id');
+        $component->location_id            = $request->input('location_id');
+        $component->company_id             = Company::getIdForCurrentUser($request->input('company_id'));
+        $component->order_number           = $request->input('order_number', null);
+        $component->min_amt                = $request->input('min_amt', null);
+        $component->serial                 = $request->input('serial', null);
+        $component->purchase_date          = $request->input('purchase_date', null);
+        $component->purchase_cost          = $request->input('purchase_cost', null);
+        $component->qty                    = $request->input('qty');
         $component->user_id                = Auth::id();
 
+
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_random(25).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/components/'.$file_name);
+            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $component->image = $file_name;
+        }
+
         if ($component->save()) {
             return redirect()->route('components.index')->with('success', trans('admin/components/message.create.success'));
         }
@@ -107,16 +119,18 @@ class ComponentsController extends Controller
      */
     public function edit($componentId = null)
     {
-        if (is_null($item = Component::find($componentId))) {
-            return redirect()->route('components.index')->with('error', trans('admin/components/message.does_not_exist'));
+
+
+        if ($item = Component::find($componentId)) {
+            $this->authorize('update', $item);
+            $category_type = 'component';
+            return view('components/edit', compact('item'))->with('category_type', $category_type);
         }
+        return redirect()->route('components.index')->with('error', trans('admin/components/message.does_not_exist'));
+
+
 
-        $this->authorize('update', $item);
 
-        return view('components/edit', compact('item'))
-            ->with('category_list', Helper::categoryList('component'))
-            ->with('company_list', Helper::companyList())
-            ->with('location_list', Helper::locationsList());
     }
 
 
@@ -129,7 +143,7 @@ class ComponentsController extends Controller
     * @since [v3.0]
     * @return \Illuminate\Http\RedirectResponse
      */
-    public function update($componentId = null)
+    public function update(ImageUploadRequest $request, $componentId = null)
     {
         if (is_null($component = Component::find($componentId))) {
             return redirect()->route('components.index')->with('error', trans('admin/components/message.does_not_exist'));
@@ -150,6 +164,19 @@ class ComponentsController extends Controller
         $component->purchase_cost          = request('purchase_cost');
         $component->qty                    = Input::get('qty');
 
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_random(25).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/components/'.$file_name);
+            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $component->image = $file_name;
+        } elseif ($request->input('image_delete')=='1') {
+            $component->image = null;
+        }
+
         if ($component->save()) {
             return redirect()->route('components.index')->with('success', trans('admin/components/message.update.success'));
         }
@@ -167,7 +194,7 @@ class ComponentsController extends Controller
     public function destroy($componentId)
     {
         if (is_null($component = Component::find($componentId))) {
-            return redirect()->route('components.index')->with('error', trans('admin/components/message.not_found'));
+            return redirect()->route('components.index')->with('error', trans('admin/components/message.does_not_exist'));
         }
 
         $this->authorize('delete', $component);
@@ -175,19 +202,6 @@ class ComponentsController extends Controller
         return redirect()->route('components.index')->with('success', trans('admin/components/message.delete.success'));
     }
 
-    public function postBulk($componentId = null)
-    {
-        //$this->authorize('checkout', $component)
-        echo 'Stubbed - not yet complete';
-    }
-
-    public function postBulkSave($componentId = null)
-    {
-        //$this->authorize('edit', Component::class);
-        echo 'Stubbed - not yet complete';
-    }
-
-
     /**
     * Return a view to display component information.
     *
@@ -228,7 +242,7 @@ class ComponentsController extends Controller
             return redirect()->route('components.index')->with('error', trans('admin/components/message.not_found'));
         }
         $this->authorize('checkout', $component);
-        return view('components/checkout', compact('component'))->with('assets_list', Helper::detailedAssetList());
+        return view('components/checkout', compact('component'));
     }
 
     /**
@@ -287,36 +301,97 @@ class ComponentsController extends Controller
         return redirect()->route('components.index')->with('success', trans('admin/components/message.checkout.success'));
     }
 
+    /**
+     * Returns a view that allows the checkin of a component from an asset.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @see ComponentsController::postCheckout() method that stores the data.
+     * @since [v4.1.4]
+     * @param int $componentId
+     * @return \Illuminate\Contracts\View\View
+     */
+    public function getCheckin($component_asset_id)
+    {
+
+        // This could probably be done more cleanly but I am very tired. - @snipe
+        if ($component_assets = DB::table('components_assets')->find($component_asset_id)) {
+            if (is_null($component = Component::find($component_assets->component_id))) {
+                return redirect()->route('components.index')->with('error', trans('admin/components/messages.not_found'));
+            }
+            if (is_null($asset = Asset::find($component_assets->asset_id))) {
+                return redirect()->route('components.index')->with('error',
+                    trans('admin/components/message.not_found'));
+            }
+            $this->authorize('checkin', $component);
+            return view('components/checkin', compact('component_assets','component','asset'));
+        }
+
+        return redirect()->route('components.index')->with('error', trans('admin/components/messages.not_found'));
+
+    }
 
     /**
-    * Return JSON data to populate the components view,
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ComponentsController::getView() method that returns the view.
-    * @since [v3.0]
-    * @param int $componentId
-    * @return string JSON
-    */
-    public function getDataView($componentId)
+     * Validate and store checkin data.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @see ComponentsController::getCheckout() method that returns the form.
+     * @since [v4.1.4]
+     * @param Request $request
+     * @param int $componentId
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function postCheckin(Request $request, $component_asset_id)
     {
-        if (is_null($component = Component::with('assets')->find($componentId))) {
-            // Redirect to the component management page with error
-            return redirect()->route('components.index')->with('error', trans('admin/components/message.not_found'));
-        }
+        if ($component_assets = DB::table('components_assets')->find($component_asset_id)) {
+            if (is_null($component = Component::find($component_assets->component_id))) {
+                return redirect()->route('components.index')->with('error',
+                    trans('admin/components/message.not_found'));
+            }
 
-        if (!Company::isCurrentUserHasAccess($component)) {
-            return ['total' => 0, 'rows' => []];
-        }
-        $this->authorize('view', $component);
 
-        $rows = array();
-        $all_custom_fields = CustomField::all(); // Cached for table;
-        foreach ($component->assets as $component_assignment) {
-            $rows[] = $component_assignment->present()->forDataTable($all_custom_fields);
-        }
+            $this->authorize('checkin', $component);
 
-        $componentCount = $component->assets->count();
-        $data = array('total' => $componentCount, 'rows' => $rows);
-        return $data;
+            $max_to_checkin = $component_assets->assigned_qty;
+            $validator = Validator::make($request->all(), [
+                "checkin_qty" => "required|numeric|between:1,$max_to_checkin"
+            ]);
+
+            if ($validator->fails()) {
+                return redirect()->back()
+                    ->withErrors($validator)
+                    ->withInput();
+            }
+
+            // Validation passed, so let's figure out what we have to do here.
+            $qty_remaining_in_checkout = ($component_assets->assigned_qty - (int)$request->input('checkin_qty'));
+
+            // We have to modify the record to reflect the new qty that's
+            // actually checked out.
+            $component_assets->assigned_qty = $qty_remaining_in_checkout;
+            DB::table('components_assets')->where('id',
+                $component_asset_id)->update(['assigned_qty' => $qty_remaining_in_checkout]);
+
+            $log = new Actionlog();
+            $log->user_id = Auth::user()->id;
+            $log->action_type = 'checkin from';
+            $log->target_type = Asset::class;
+            $log->target_id = $component_assets->asset_id;
+            $log->item_id = $component_assets->component_id;
+            $log->item_type = Component::class;
+            $log->note = $request->input('note');
+            $log->save();
+
+            // If the checked-in qty is exactly the same as the assigned_qty,
+            // we can simply delete the associated components_assets record
+            if ($qty_remaining_in_checkout == 0) {
+                DB::table('components_assets')->where('id', '=', $component_asset_id)->delete();
+            }
+
+            return redirect()->route('components.index')->with('success',
+                trans('admin/components/message.checkout.success'));
+        }
+        return redirect()->route('components.index')->with('error', trans('admin/components/message.not_found'));
     }
+
+
 }

app/Http/Controllers/ConsumablesController.php

@@ -7,18 +7,18 @@ use App\Models\Company;
 use App\Models\Consumable;
 use App\Models\Setting;
 use App\Models\User;
-use App\Notifications\CheckoutNotification;
 use Auth;
 use Config;
 use DB;
 use Input;
 use Lang;
-use Mail;
 use Redirect;
 use Slack;
 use Str;
 use View;
 use Gate;
+use Image;
+use App\Http\Requests\ImageUploadRequest;
 
 /**
  * This controller handles all actions related to Consumables for
@@ -54,13 +54,9 @@ class ConsumablesController extends Controller
     public function create()
     {
         $this->authorize('create', Consumable::class);
-        // Show the page
-        return view('consumables/edit')
-            ->with('item', new Consumable)
-            ->with('category_list', Helper::categoryList('consumable'))
-            ->with('company_list', Helper::companyList())
-            ->with('location_list', Helper::locationsList())
-            ->with('manufacturer_list', Helper::manufacturerList());
+        $category_type = 'consumable';
+        return view('consumables/edit')->with('category_type', $category_type)
+            ->with('item', new Consumable);
     }
 
 
@@ -72,24 +68,36 @@ class ConsumablesController extends Controller
     * @since [v1.0]
     * @return \Illuminate\Http\RedirectResponse
      */
-    public function store()
+    public function store(ImageUploadRequest $request)
     {
         $this->authorize('create', Consumable::class);
         $consumable = new Consumable();
-        $consumable->name                   = Input::get('name');
-        $consumable->category_id            = Input::get('category_id');
-        $consumable->location_id            = Input::get('location_id');
-        $consumable->company_id             = Company::getIdForCurrentUser(Input::get('company_id'));
-        $consumable->order_number           = Input::get('order_number');
-        $consumable->min_amt                = Input::get('min_amt');
-        $consumable->manufacturer_id        = Input::get('manufacturer_id');
-        $consumable->model_number           = Input::get('model_number');
-        $consumable->item_no                = Input::get('item_no');
-        $consumable->purchase_date          = Input::get('purchase_date');
-        $consumable->purchase_cost          = Helper::ParseFloat(Input::get('purchase_cost'));
-        $consumable->qty                    = Input::get('qty');
+        $consumable->name                   = $request->input('name');
+        $consumable->category_id            = $request->input('category_id');
+        $consumable->location_id            = $request->input('location_id');
+        $consumable->company_id             = Company::getIdForCurrentUser($request->input('company_id'));
+        $consumable->order_number           = $request->input('order_number');
+        $consumable->min_amt                = $request->input('min_amt');
+        $consumable->manufacturer_id        = $request->input('manufacturer_id');
+        $consumable->model_number           = $request->input('model_number');
+        $consumable->item_no                = $request->input('item_no');
+        $consumable->purchase_date          = $request->input('purchase_date');
+        $consumable->purchase_cost          = Helper::ParseFloat($request->input('purchase_cost'));
+        $consumable->qty                    = $request->input('qty');
         $consumable->user_id                = Auth::id();
 
+
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_random(25).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/consumables/'.$file_name);
+            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $consumable->image = $file_name;
+        }
+
         if ($consumable->save()) {
             return redirect()->route('consumables.index')->with('success', trans('admin/consumables/message.create.success'));
         }
@@ -109,17 +117,14 @@ class ConsumablesController extends Controller
      */
     public function edit($consumableId = null)
     {
-        if (is_null($item = Consumable::find($consumableId))) {
-            return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.does_not_exist'));
+        if ($item = Consumable::find($consumableId)) {
+            $this->authorize($item);
+            $category_type = 'consumable';
+            return view('consumables/edit', compact('item'))->with('category_type', $category_type);
         }
 
-        $this->authorize($item);
+        return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.does_not_exist'));
 
-        return view('consumables/edit', compact('item'))
-            ->with('category_list', Helper::categoryList('consumable'))
-            ->with('company_list', Helper::companyList())
-            ->with('location_list', Helper::locationsList())
-            ->with('manufacturer_list', Helper::manufacturerList());
     }
 
 
@@ -132,7 +137,7 @@ class ConsumablesController extends Controller
     * @since [v1.0]
     * @return \Illuminate\Http\RedirectResponse
      */
-    public function update($consumableId = null)
+    public function update(ImageUploadRequest $request,  $consumableId = null)
     {
         if (is_null($consumable = Consumable::find($consumableId))) {
             return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.does_not_exist'));
@@ -140,19 +145,32 @@ class ConsumablesController extends Controller
 
         $this->authorize($consumable);
 
-        $consumable->name                   = Input::get('name');
-        $consumable->category_id            = Input::get('category_id');
-        $consumable->location_id            = Input::get('location_id');
-        $consumable->company_id             = Company::getIdForCurrentUser(Input::get('company_id'));
-        $consumable->order_number           = Input::get('order_number');
-        $consumable->min_amt                   = Input::get('min_amt');
-        $consumable->manufacturer_id         = Input::get('manufacturer_id');
-        $consumable->model_number               = Input::get('model_number');
-        $consumable->item_no         = Input::get('item_no');
-        $consumable->purchase_date       = Input::get('purchase_date');
-        $consumable->purchase_cost       = Helper::ParseFloat(Input::get('purchase_cost'));
+        $consumable->name                   = $request->input('name');
+        $consumable->category_id            = $request->input('category_id');
+        $consumable->location_id            = $request->input('location_id');
+        $consumable->company_id             = Company::getIdForCurrentUser($request->input('company_id'));
+        $consumable->order_number           = $request->input('order_number');
+        $consumable->min_amt                = $request->input('min_amt');
+        $consumable->manufacturer_id        = $request->input('manufacturer_id');
+        $consumable->model_number           = $request->input('model_number');
+        $consumable->item_no                = $request->input('item_no');
+        $consumable->purchase_date          = $request->input('purchase_date');
+        $consumable->purchase_cost          = Helper::ParseFloat(Input::get('purchase_cost'));
         $consumable->qty                    = Helper::ParseFloat(Input::get('qty'));
 
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_random(25).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/consumables/'.$file_name);
+            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $consumable->image = $file_name;
+        } elseif ($request->input('image_delete')=='1') {
+            $consumable->image = null;
+        }
+
         if ($consumable->save()) {
             return redirect()->route('consumables.index')->with('success', trans('admin/consumables/message.update.success'));
         }
@@ -194,7 +212,7 @@ class ConsumablesController extends Controller
         if (isset($consumable->id)) {
             return view('consumables/view', compact('consumable'));
         }
-        return redirect()->route('consumables')->with('error', trans('admin/consumables/message.does_not_exist', compact('id')));
+        return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.does_not_exist', compact('id')));
     }
 
     /**
@@ -209,10 +227,10 @@ class ConsumablesController extends Controller
     public function getCheckout($consumableId)
     {
         if (is_null($consumable = Consumable::find($consumableId))) {
-            return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.not_found'));
+            return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.does_not_exist'));
         }
         $this->authorize('checkout', $consumable);
-        return view('consumables/checkout', compact('consumable'))->with('users_list', Helper::usersList());
+        return view('consumables/checkout', compact('consumable'));
     }
 
     /**
@@ -238,7 +256,7 @@ class ConsumablesController extends Controller
         // Check if the user exists
         if (is_null($user = User::find($assigned_to))) {
             // Redirect to the consumable management page with error
-            return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.user_does_not_exist'));
+            return redirect()->route('checkout/consumable', $consumable)->with('error', trans('admin/consumables/message.checkout.user_does_not_exist'));
         }
 
         // Update the consumable data
@@ -259,14 +277,6 @@ class ConsumablesController extends Controller
         $data['note'] = $logaction->note;
         $data['require_acceptance'] = $consumable->requireAcceptance();
 
-        if (($consumable->requireAcceptance()=='1')  || ($consumable->getEula())) {
-
-            Mail::send('emails.accept-asset', $data, function ($m) use ($user) {
-                $m->to($user->email, $user->first_name . ' ' . $user->last_name);
-                $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
-                $m->subject(trans('mail.Confirm_consumable_delivery'));
-            });
-        }
 
       // Redirect to the new consumable page
         return redirect()->route('consumables.index')->with('success', trans('admin/consumables/message.checkout.success'));

app/Http/Controllers/CustomFieldsController.php

@@ -1,6 +1,7 @@
 <?php
 namespace App\Http\Controllers;
 
+use App\Http\Requests\CustomFieldRequest;
 use View;
 use App\Models\CustomFieldset;
 use App\Models\CustomField;
@@ -36,6 +37,7 @@ class CustomFieldsController extends Controller
     */
     public function index()
     {
+        $this->authorize('view', CustomField::class);
 
         $fieldsets = CustomFieldset::with("fields", "models")->get();
         $fields = CustomField::with("fieldset")->get();
@@ -56,6 +58,7 @@ class CustomFieldsController extends Controller
     */
     public function create()
     {
+        $this->authorize('create', CustomField::class);
 
         return view("custom_fields.fields.edit")->with('field', new CustomField());
     }
@@ -69,39 +72,33 @@ class CustomFieldsController extends Controller
     * @since [v1.8]
     * @return Redirect
     */
-    public function store(Request $request)
+    public function store(CustomFieldRequest $request)
     {
+        $this->authorize('create', CustomField::class);
+
         $field = new CustomField([
             "name" => $request->get("name"),
             "element" => $request->get("element"),
             "help_text" => $request->get("help_text"),
             "field_values" => $request->get("field_values"),
             "field_encrypted" => $request->get("field_encrypted", 0),
+            "show_in_email" => $request->get("show_in_email", 0),
             "user_id" => Auth::user()->id
         ]);
 
 
-
-        if (!in_array(Input::get('format'), array_keys(CustomField::$PredefinedFormats))) {
+        if ($request->has("custom_format")) {
             $field->format = e($request->get("custom_format"));
         } else {
             $field->format = e($request->get("format"));
         }
 
-
-        $validator = Validator::make(Input::all(), $field->rules);
-
-        if ($validator->passes()) {
-            $results = $field->save();
-            if ($results) {
-                return redirect()->route("fields.index")->with("success", trans('admin/custom_fields/message.field.create.success'));
-            } else {
-                dd($field);
-                return redirect()->back()->withInput()->with('error', trans('admin/custom_fields/message.field.create.error'));
-            }
+        if ($field->save()) {
+            return redirect()->route("fields.index")->with("success", trans('admin/custom_fields/message.field.create.success'));
         } else {
-            return redirect()->back()->withInput()->withErrors($validator);
+            return redirect()->back()->withInput()->with('error', trans('admin/custom_fields/message.field.create.error'));
         }
+
     }
 
 
@@ -116,6 +113,8 @@ class CustomFieldsController extends Controller
     {
         $field = CustomField::find($field_id);
 
+        $this->authorize('update', $field);
+
         if ($field->fieldset()->detach($fieldset_id)) {
             return redirect()->route('fieldsets.show', ['fieldset' => $fieldset_id])->with("success", trans('admin/custom_fields/message.field.delete.success'));
         }
@@ -134,6 +133,8 @@ class CustomFieldsController extends Controller
     {
         $field = CustomField::find($field_id);
 
+        $this->authorize('delete', $field);
+
         if ($field->fieldset->count()>0) {
             return redirect()->back()->withErrors(['message' => "Field is in-use"]);
         } else {
@@ -155,6 +156,9 @@ class CustomFieldsController extends Controller
     public function edit($id)
     {
         $field = CustomField::find($id);
+
+        $this->authorize('update', $field);
+
         return view("custom_fields.fields.edit")->with('field', $field);
     }
 
@@ -169,16 +173,18 @@ class CustomFieldsController extends Controller
     * @since [v4.0]
     * @return Redirect
     */
-    public function update(Request $request, $id)
+    public function update(CustomFieldRequest $request, $id)
     {
         $field =  CustomField::find($id);
 
+        $this->authorize('update', $field);
+
         $field->name = e($request->get("name"));
         $field->element = e($request->get("element"));
         $field->field_values = e($request->get("field_values"));
-        $field->field_encrypted = e($request->get("field_encrypted", 0));
         $field->user_id = Auth::user()->id;
         $field->help_text = $request->get("help_text");
+        $field->show_in_email = $request->get("show_in_email", 0);
 
         if (!in_array(Input::get('format'), array_keys(CustomField::$PredefinedFormats))) {
             $field->format = e($request->get("custom_format"));
@@ -186,13 +192,11 @@ class CustomFieldsController extends Controller
             $field->format = e($request->get("format"));
         }
 
-        $validator = Validator::make(Input::all(), $field->rules);
-
         if ($field->save()) {
            return redirect()->route("fields.index")->with("success", trans('admin/custom_fields/message.field.update.success'));
         }
 
-       return redirect()->back()->withInput()->withErrors($validator);
+        return redirect()->back()->withInput()->with('error', trans('admin/custom_fields/message.field.update.error'));
     }
 
 

app/Http/Controllers/CustomFieldsetsController.php

@@ -37,19 +37,27 @@ class CustomFieldsetsController extends Controller
     public function show($id)
     {
         $cfset = CustomFieldset::with('fields')->where('id', '=', $id)->orderBy('id', 'ASC')->first();
-        $custom_fields_list = ["" => "Add New Field to Fieldset"] + CustomField::pluck("name", "id")->toArray();
 
-        $maxid = 0;
-        foreach ($cfset->fields() as $field) {
-            if ($field->pivot->order > $maxid) {
-                $maxid=$field->pivot->order;
-            }
-            if (isset($custom_fields_list[$field->id])) {
-                unset($custom_fields_list[$field->id]);
+        $this->authorize('view', $cfset);
+
+        if ($cfset) {
+            $custom_fields_list = ["" => "Add New Field to Fieldset"] + CustomField::pluck("name", "id")->toArray();
+
+            $maxid = 0;
+            foreach ($cfset->fields() as $field) {
+                if ($field->pivot->order > $maxid) {
+                    $maxid=$field->pivot->order;
+                }
+                if (isset($custom_fields_list[$field->id])) {
+                    unset($custom_fields_list[$field->id]);
+                }
             }
+
+            return view("custom_fields.fieldsets.view")->with("custom_fieldset", $cfset)->with("maxid", $maxid+1)->with("custom_fields_list", $custom_fields_list);
         }
 
-        return view("custom_fields.fieldsets.view")->with("custom_fieldset", $cfset)->with("maxid", $maxid+1)->with("custom_fields_list", $custom_fields_list);
+        return redirect()->route("fields.index")->with("error", trans('admin/custom_fields/message.fieldset.does_not_exist'));
+
     }
 
 
@@ -62,6 +70,8 @@ class CustomFieldsetsController extends Controller
     */
     public function create()
     {
+        $this->authorize('create', CustomFieldset::class);
+
         return view("custom_fields.fieldsets.edit");
     }
 
@@ -75,6 +85,8 @@ class CustomFieldsetsController extends Controller
     */
     public function store(Request $request)
     {
+        $this->authorize('create', CustomFieldset::class);
+
         $cfset = new CustomFieldset(
             [
                 "name" => e($request->get("name")),
@@ -133,16 +145,23 @@ class CustomFieldsetsController extends Controller
     */
     public function destroy($id)
     {
-        //
         $fieldset = CustomFieldset::find($id);
 
-        $models = AssetModel::where("fieldset_id", "=", $id);
-        if ($models->count() == 0) {
-            $fieldset->delete();
-            return redirect()->route("fields.show")->with("success", trans('admin/custom_fields/message.fieldset.delete.success'));
-        } else {
-            return redirect()->route("fields.show")->with("error", trans('admin/custom_fields/message.fieldset.delete.in_use'));
+        $this->authorize('delete', $fieldset);
+
+        if ($fieldset) {
+            $models = AssetModel::where("fieldset_id", "=", $id);
+            if ($models->count() == 0) {
+                $fieldset->delete();
+                return redirect()->route("fields.index")->with("success", trans('admin/custom_fields/message.fieldset.delete.success'));
+            } else {
+                return redirect()->route("fields.index")->with("error", trans('admin/custom_fields/message.fieldset.delete.in_use'));
+            }
         }
+
+        return redirect()->route("fields.index")->with("error", trans('admin/custom_fields/message.fieldset.does_not_exist'));
+
+
     }
 
 
@@ -158,6 +177,8 @@ class CustomFieldsetsController extends Controller
 
         $set = CustomFieldset::find($id);
 
+        $this->authorize('update', $set);
+
         foreach ($set->fields as $field) {
             if ($field->id == Input::get('field_id')) {
                 return redirect()->route("fieldsets.show", [$id])->withInput()->withErrors(['field_id' => trans('admin/custom_fields/message.field.already_added')]);

app/Http/Controllers/DashboardController.php

@@ -39,8 +39,8 @@ class DashboardController extends Controller
             $counts['grand_total'] =  $counts['asset'] +  $counts['accessory'] +  $counts['license'] +  $counts['consumable'];
 
             if ((!file_exists(storage_path().'/oauth-private.key')) || (!file_exists(storage_path().'/oauth-public.key'))) {
-                \Artisan::call('passport:install');
                 \Artisan::call('migrate', ['--force' => true]);
+                \Artisan::call('passport:install');
             }
 
             return view('dashboard')->with('asset_stats', $asset_stats)->with('counts', $counts);

app/Http/Controllers/DepartmentsController.php

@@ -6,6 +6,8 @@ use Illuminate\Http\Request;
 use App\Models\Department;
 use App\Helpers\Helper;
 use Auth;
+use Image;
+use App\Http\Requests\ImageUploadRequest;
 
 class DepartmentsController extends Controller
 {
@@ -27,13 +29,11 @@ class DepartmentsController extends Controller
     public function index(Request $request)
     {
         $this->authorize('index', Department::class);
+        $company = null;
         if ($request->has('company_id')) {
             $company = Company::find($request->input('company_id'));
-        } else {
-            $company = null;
         }
-        return view('departments/index')->with('company',$company);
-
+        return view('departments/index')->with('company', $company);
     }
 
 
@@ -45,7 +45,7 @@ class DepartmentsController extends Controller
      * @param  \Illuminate\Http\Request  $request
      * @return \Illuminate\Http\Response
      */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
     {
         $this->authorize('create', Department::class);
         $department = new Department;
@@ -53,12 +53,21 @@ class DepartmentsController extends Controller
         $department->user_id = Auth::user()->id;
         $department->manager_id = ($request->has('manager_id' ) ? $request->input('manager_id') : null);
 
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_random(25).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/departments/'.$file_name);
+            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $department->image = $file_name;
+        }
 
         if ($department->save()) {
             return redirect()->route("departments.index")->with('success', trans('admin/departments/message.create.success'));
         }
         return redirect()->back()->withInput()->withErrors($department->getErrors());
-
     }
 
     /**
@@ -74,6 +83,8 @@ class DepartmentsController extends Controller
     {
         $department = Department::find($id);
 
+        $this->authorize('view', $department);
+
         if (isset($department->id)) {
             return view('departments/view', compact('department'));
         }
@@ -91,10 +102,9 @@ class DepartmentsController extends Controller
      */
     public function create()
     {
-        return view('departments/edit')->with('item', new Department)
-            ->with('manager_list', Helper::managerList())
-            ->with('location_list', Helper::locationsList())
-            ->with('company_list', Helper::companyList());
+        $this->authorize('create', Department::class);
+
+        return view('departments/edit')->with('item', new Department);
     }
 
 
@@ -112,6 +122,8 @@ class DepartmentsController extends Controller
             return redirect()->to(route('departments.index'))->with('error', trans('admin/departments/message.not_found'));
         }
 
+        $this->authorize('delete', $department);
+
         if ($department->users->count() > 0) {
             return redirect()->to(route('departments.index'))->with('error', trans('admin/departments/message.assoc_users'));
         }
@@ -135,30 +147,57 @@ class DepartmentsController extends Controller
         if (is_null($item = Department::find($id))) {
             return redirect()->back()->with('error', trans('admin/locations/message.does_not_exist'));
         }
-        return view('departments/edit', compact('item'))
-            ->with('manager_list', Helper::managerList())
-            ->with('location_list', Helper::locationsList())
-            ->with('company_list', Helper::companyList());
-    }
-    
-    
-    public function update(Request $request, $id) {
 
-        $this->authorize('create', Department::class);
+        $this->authorize('update', $item);
+
+        return view('departments/edit', compact('item'));
+    }
+
+    public function update(ImageUploadRequest $request, $id) {
+
         if (is_null($department = Department::find($id))) {
-            return redirect()->to('admin/settings/departments')->with('error', trans('admin/departments/message.does_not_exist'));
+            return redirect()->route('departments.index')->with('error', trans('admin/departments/message.does_not_exist'));
         }
 
+        $this->authorize('update', $department);
 
         $department->fill($request->all());
         $department->manager_id = ($request->has('manager_id' ) ? $request->input('manager_id') : null);
 
+        $old_image = $department->image;
+
+        // Set the model's image property to null if the image is being deleted
+        if ($request->input('image_delete') == 1) {
+            $department->image = null;
+        }
+
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = $department->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
+
+            if ($image->getClientOriginalExtension()!='svg') {
+                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                    $constraint->aspectRatio();
+                    $constraint->upsize();
+                })->save(app('departments_upload_path').$file_name);
+            } else {
+                $image->move(app('departments_upload_path'), $file_name);
+            }
+            $department->image = $file_name;
+
+        }
+
+        if ((($request->file('image')) && (isset($old_image)) && ($old_image!='')) || ($request->input('image_delete') == 1)) {
+            try  {
+                unlink(app('departments_upload_path').$old_image);
+            } catch (\Exception $e) {
+                \Log::error($e);
+            }
+        }
+
         if ($department->save()) {
             return redirect()->route("departments.index")->with('success', trans('admin/departments/message.update.success'));
         }
-        
         return redirect()->back()->withInput()->withErrors($department->getErrors());
     }
-    
-
 }

app/Http/Controllers/DepreciationsController.php

@@ -31,6 +31,8 @@ class DepreciationsController extends Controller
      */
     public function index()
     {
+        $this->authorize('view', Depreciation::class);
+
         // Show the page
         return view('depreciations/index', compact('depreciations'));
     }
@@ -46,6 +48,8 @@ class DepreciationsController extends Controller
      */
     public function create()
     {
+        $this->authorize('create', Depreciation::class);
+
         // Show the page
         return view('depreciations/edit')->with('item', new Depreciation);
     }
@@ -62,6 +66,8 @@ class DepreciationsController extends Controller
      */
     public function store(Request $request)
     {
+        $this->authorize('create', Depreciation::class);
+
         // create a new instance
         $depreciation = new Depreciation();
         // Depreciation data
@@ -94,6 +100,8 @@ class DepreciationsController extends Controller
             return redirect()->route('depreciations.index')->with('error', trans('admin/depreciations/message.does_not_exist'));
         }
 
+        $this->authorize('update', $item);
+
         return view('depreciations/edit', compact('item'));
     }
 
@@ -116,6 +124,8 @@ class DepreciationsController extends Controller
             return redirect()->route('depreciations.index')->with('error', trans('admin/depreciations/message.does_not_exist'));
         }
 
+        $this->authorize('update', $depreciation);
+
         // Depreciation data
         $depreciation->name      = $request->input('name');
         $depreciation->months    = $request->input('months');
@@ -145,6 +155,8 @@ class DepreciationsController extends Controller
             return redirect()->route('depreciations.index')->with('error', trans('admin/depreciations/message.not_found'));
         }
 
+        $this->authorize('delete', $depreciation);
+
         if ($depreciation->has_models() > 0) {
             // Redirect to the asset management page
             return redirect()->route('depreciations.index')->with('error', trans('admin/depreciations/message.assoc_users'));
@@ -155,5 +167,26 @@ class DepreciationsController extends Controller
         return redirect()->route('depreciations.index')->with('success', trans('admin/depreciations/message.delete.success'));
     }
 
+    /**
+     * Returns a view that displays a form to display depreciation listing
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net]
+     * @see DepreciationsController::postEdit()
+     * @param int $depreciationId
+     * @since [v1.0]
+     * @return \Illuminate\Contracts\View\View
+     */
+    public function show($id)
+    {
+        if (is_null($depreciation = Depreciation::find($id))) {
+            // Redirect to the blogs management page
+            return redirect()->route('depreciations.index')->with('error', trans('admin/depreciations/message.does_not_exist'));
+        }
+
+        $this->authorize('view', $depreciation);
+
+        return view('depreciations/view', compact('depreciation'));
+    }
+
 
 }

app/Http/Controllers/GroupsController.php

@@ -47,7 +47,7 @@ class GroupsController extends Controller
         $group = new Group;
         // Get all the available permissions
         $permissions = config('permissions');
-        $groupPermissions = array();
+        $groupPermissions = Helper::selectedPermissionsArray($permissions, $permissions);
         $selectedPermissions = Input::old('permissions', $groupPermissions);
 
         // Show the page
@@ -84,13 +84,18 @@ class GroupsController extends Controller
     * @since [v1.0]
     * @return \Illuminate\Contracts\View\View
      */
-    public function edit($id = null)
+    public function edit($id)
     {
         $group = Group::find($id);
-        $permissions = config('permissions');
-        $groupPermissions = $group->decodePermissions();
-        $selected_array = Helper::selectedPermissionsArray($permissions, $groupPermissions);
-        return view('groups.edit', compact('group', 'permissions', 'selected_array', 'groupPermissions'));
+
+        if ($group) {
+            $permissions = config('permissions');
+            $groupPermissions = $group->decodePermissions();
+            $selected_array = Helper::selectedPermissionsArray($permissions, $groupPermissions);
+            return view('groups.edit', compact('group', 'permissions', 'selected_array', 'groupPermissions'));
+        }
+
+        return redirect()->route('groups.index')->with('error', trans('admin/groups/message.group_not_found'));
     }
 
     /**
@@ -142,4 +147,24 @@ class GroupsController extends Controller
         return redirect()->route('groups.index')->with('error', trans('general.feature_disabled'));
     }
 
+    /**
+     * Returns a view that invokes the ajax tables which actually contains
+     * the content for the group detail page.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $locationId
+     * @since [v4.0.11]
+     * @return \Illuminate\Contracts\View\View
+     */
+    public function show($id)
+    {
+        $group = Group::find($id);
+
+        if ($group) {
+            return view('groups/view', compact('group'));
+        }
+
+        return redirect()->route('groups.index')->with('error', trans('admin/groups/message.group_not_found', compact('id')));
+    }
+
 }

app/Http/Controllers/ImportsController.php

@@ -5,6 +5,8 @@ namespace App\Http\Controllers;
 use App\Http\Transformers\ImportsTransformer;
 use App\Models\Import;
 use Illuminate\Http\Request;
+use App\Models\Asset;
+
 
 class ImportsController extends Controller
 {

app/Http/Controllers/LicensesController.php

@@ -1,6 +1,7 @@
 <?php
 namespace App\Http\Controllers;
 
+use App\Http\Requests\AssetFileRequest;
 use Assets;
 use Illuminate\Support\Facades\Session;
 use Input;
@@ -67,10 +68,7 @@ class LicensesController extends Controller
         return view('licenses/edit')
             //->with('license_options',$license_options)
             ->with('depreciation_list', Helper::depreciationList())
-            ->with('supplier_list', Helper::suppliersList())
             ->with('maintained_list', $maintained_list)
-            ->with('company_list', Helper::companyList())
-            ->with('manufacturer_list', Helper::manufacturerList())
             ->with('item', new License);
 
     }
@@ -110,6 +108,7 @@ class LicensesController extends Controller
         $license->seats             = $request->input('seats');
         $license->serial            = $request->input('serial');
         $license->supplier_id       = $request->input('supplier_id');
+        $license->category_id       = $request->input('category_id');
         $license->termination_date  = $request->input('termination_date');
         $license->user_id           = Auth::id();
 
@@ -144,10 +143,7 @@ class LicensesController extends Controller
 
         return view('licenses/edit', compact('item'))
             ->with('depreciation_list', Helper::depreciationList())
-            ->with('supplier_list', Helper::suppliersList())
-            ->with('company_list', Helper::companyList())
-            ->with('maintained_list', $maintained_list)
-            ->with('manufacturer_list', Helper::manufacturerList());
+            ->with('maintained_list', $maintained_list);
     }
 
 
@@ -187,6 +183,8 @@ class LicensesController extends Controller
         $license->termination_date  = $request->input('termination_date');
         $license->seats             = e($request->input('seats'));
         $license->manufacturer_id   =  $request->input('manufacturer_id');
+        $license->supplier_id       = $request->input('supplier_id');
+        $license->category_id       = $request->input('category_id');
 
         if ($license->save()) {
             return redirect()->route('licenses.show', ['license' => $licenseId])->with('success', trans('admin/licenses/message.update.success'));
@@ -244,18 +242,19 @@ class LicensesController extends Controller
     * @param int $seatId
     * @return \Illuminate\Contracts\View\View
      */
-    public function getCheckout($seatId)
+    public function getCheckout($licenceId)
     {
-        // Check if the license seat exists
-        if (is_null($licenseSeat = LicenseSeat::find($seatId))) {
-            // Redirect to the asset management page with error
-            return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.not_found'));
+        // Check that the license is valid
+        if ($license = License::where('id',$licenceId)->first()) {
+
+            // If the license is valid, check that there is an available seat
+            if ($license->getAvailSeatsCountAttribute() < 1) {
+                return redirect()->route('licenses.index')->with('error', 'There are no available seats for this license');
+            }
         }
 
-        $this->authorize('checkout', $licenseSeat);
-        return view('licenses/checkout', compact('licenseSeat'))
-            ->with('users_list', Helper::usersList())
-            ->with('asset_list', Helper::detailedAssetList());
+        $this->authorize('checkout', $license);
+        return view('licenses/checkout', compact('license'));
     }
 
 
@@ -269,80 +268,84 @@ class LicensesController extends Controller
      * @param int $seatId
      * @return \Illuminate\Http\RedirectResponse
      */
-    public function postCheckout(Request $request, $seatId)
+    public function postCheckout(Request $request, $licenseId)
     {
-        $licenseSeat = LicenseSeat::find($seatId);
-        $assigned_to = e($request->input('assigned_to'));
-        $asset_id = e($request->input('asset_id'));
 
-        $this->authorize('checkout', $licenseSeat);
+        // Check that the license is valid
+        if ($license = License::where('id',$licenseId)->first()) {
 
-        // Declare the rules for the form validation
-        $rules = [
-            'note'   => 'string',
-            'asset_id'  => 'required_without:assigned_to',
-        ];
-
-        // Create a new validator instance from our validation rules
-        $validator = Validator::make(Input::all(), $rules);
-
-        // If validation fails, we'll exit the operation now.
-        if ($validator->fails()) {
-            // Ooops.. something went wrong
-            return redirect()->back()->withInput()->withErrors($validator);
-        }
-        $target = null;
-        if ($assigned_to!='') {
-        // Check if the user exists
-            if (is_null($target = User::find($assigned_to))) {
-                // Redirect to the asset management page with error
-                return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.user_does_not_exist'));
-            }
-        }
-
-        if ($asset_id!='') {
-            if (is_null($target = Asset::find($asset_id))) {
-                // Redirect to the asset management page with error
-                return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.asset_does_not_exist'));
+            // If the license is valid, check that there is an available seat
+            if ($license->getAvailSeatsCountAttribute() < 1) {
+                return redirect()->route('licenses.index')->with('error', 'There are no available seats for this license');
             }
 
-            if (($target->assigned_to!='') && (($target->assigned_to!=$assigned_to)) && ($target!='')) {
-                return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.owner_doesnt_match_asset'));
+            // Get the next available seat for this license
+            $next = $license->freeSeat();
+
+            if (!$next) {
+                return redirect()->route('licenses.index')->with('error', 'There are no available seats for this license');
             }
+
+            if (!$licenseSeat = LicenseSeat::where('id', '=', $next->id)->first()) {
+                return redirect()->route('licenses.index')->with('error', 'There are no available seats for this license');
+            }
+
+
+            $this->authorize('checkout', $license);
+
+            // Declare the rules for the form validation
+            $rules = [
+                'note'   => 'string|nullable',
+                'asset_id'  => 'required_without:assigned_to',
+            ];
+
+            // Create a new validator instance from our validation rules
+            $validator = Validator::make(Input::all(), $rules);
+
+            // If validation fails, we'll exit the operation now.
+            if ($validator->fails()) {
+                // Ooops.. something went wrong
+                return redirect()->back()->withInput()->withErrors($validator);
+            }
+            $target = null;
+
+
+            // This item is checked out to a an asset
+            if (request('checkout_to_type')=='asset') {
+                if (is_null($target = Asset::find(request('asset_id')))) {
+                    return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.asset_does_not_exist'));
+                }
+                $licenseSeat->asset_id = $request->input('asset_id');
+
+                // Override asset's assigned user if available
+                if ($target->checkedOutToUser()) {
+                    $licenseSeat->assigned_to =  $target->assigned_to;
+                }
+
+            } else {
+
+                // Fetch the target and set the license user
+                if (is_null($target = User::find(request('assigned_to')))) {
+                    return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.user_does_not_exist'));
+                }
+                $licenseSeat->assigned_to = request('assigned_to');
+            }
+
+            $licenseSeat->user_id = Auth::user()->id;
+
+
+            if ($licenseSeat->save()) {
+                $licenseSeat->logCheckout($request->input('note'), $target);
+                return redirect()->route("licenses.index")->with('success', trans('admin/licenses/message.checkout.success'));
+            }
+
         }
+        return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.not_found'));
 
-        // Check if the asset exists
-        if (is_null($licenseSeat)) {
-            // Redirect to the asset management page with error
-            return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.not_found'));
-        }
 
-        if ($request->input('asset_id') == '') {
-            $licenseSeat->asset_id = null;
-        } else {
-            $licenseSeat->asset_id = $request->input('asset_id');
-        }
 
-        // Update the asset data
-        if ($request->input('assigned_to') == '') {
-                $licenseSeat->assigned_to =  null;
-        } else {
-                $licenseSeat->assigned_to = $request->input('assigned_to');
-        }
 
-        // Was the asset updated?
-        if ($licenseSeat->save()) {
-            $licenseSeat->logCheckout($request->input('note'), $target);
-
-            $data['license_id'] =$licenseSeat->license_id;
-            $data['note'] = $request->input('note');
-
-            // Redirect to the new asset page
-            return redirect()->route("licenses.index")->with('success', trans('admin/licenses/message.checkout.success'));
-        }
-
-        // Redirect to the asset management page with error
-        return redirect()->to("admin/licenses/{$asset_id}/checkout")->with('error', trans('admin/licenses/message.create.error'))->with('license', new License);
+        return redirect()->route("licenses.index")->with('error', trans('admin/licenses/message.checkout.error'));
     }
 
 
@@ -358,12 +361,19 @@ class LicensesController extends Controller
     public function getCheckin($seatId = null, $backTo = null)
     {
         // Check if the asset exists
-        if (is_null($licenseseat = LicenseSeat::find($seatId))) {
+        if (is_null($licenseSeat = LicenseSeat::find($seatId))) {
             // Redirect to the asset management page with error
             return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.not_found'));
         }
-        $this->authorize('checkin', $licenseseat);
-        return view('licenses/checkin', compact('licenseseat'))->with('backto', $backTo);
+
+        if (is_null($license = License::find($licenseSeat->license_id))) {
+            // Redirect to the asset management page with error
+            return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.not_found'));
+        }
+
+
+        $this->authorize('checkout', $license);
+        return view('licenses/checkin', compact('licenseSeat'))->with('backto', $backTo);
     }
 
 
@@ -386,8 +396,7 @@ class LicensesController extends Controller
         }
 
         $license = License::find($licenseSeat->license_id);
-
-        $this->authorize('checkin', $licenseSeat);
+        $this->authorize('checkout', $license);
 
         if (!$license->reassignable) {
             // Not allowed to checkin
@@ -413,6 +422,7 @@ class LicensesController extends Controller
         if (!$return_to) {
             $return_to = Asset::find($licenseSeat->asset_id);
         }
+
         // Update the asset data
         $licenseSeat->assigned_to                   = null;
         $licenseSeat->asset_id                      = null;
@@ -440,15 +450,16 @@ class LicensesController extends Controller
      */
     public function show($licenseId = null)
     {
-        $license = License::find($licenseId);
-        if (isset($license->id)) {
-            $license = $license->load('assignedusers', 'licenseSeats.user', 'licenseSeats.asset');
+
+        $license = License::with('assignedusers', 'licenseSeats.user', 'licenseSeats.asset')->find($licenseId);
+
+        if ($license) {
             $this->authorize('view', $license);
             return view('licenses/view', compact('license'));
         }
-        $error = trans('admin/licenses/message.does_not_exist', compact('id'));
-        return redirect()->route('licenses.index')->with('error', $error);
+        return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.does_not_exist', compact('id')));
     }
+    
 
     public function getClone($licenseId = null)
     {
@@ -471,11 +482,8 @@ class LicensesController extends Controller
         // Show the page
         return view('licenses/edit')
         ->with('depreciation_list', Helper::depreciationList())
-        ->with('supplier_list', Helper::suppliersList())
         ->with('item', $license)
-        ->with('maintained_list', $maintained_list)
-        ->with('company_list', Helper::companyList())
-        ->with('manufacturer_list', Helper::manufacturerList());
+        ->with('maintained_list', $maintained_list);
     }
 
 
@@ -488,7 +496,7 @@ class LicensesController extends Controller
     * @param int $licenseId
     * @return \Illuminate\Http\RedirectResponse
      */
-    public function postUpload($licenseId = null)
+    public function postUpload(AssetFileRequest $request, $licenseId = null)
     {
         $license = License::find($licenseId);
         // the license is valid
@@ -497,33 +505,26 @@ class LicensesController extends Controller
         if (isset($license->id)) {
             $this->authorize('update', $license);
 
-            if (Input::hasFile('licensefile')) {
+            if (Input::hasFile('file')) {
 
-                foreach (Input::file('licensefile') as $file) {
-
-                    $rules = array(
-                    'licensefile' => 'required|mimes:png,gif,jpg,jpeg,doc,docx,pdf,txt,zip,rar,rtf,xml,lic|max:2000'
-                    );
-                    $validator = Validator::make(array('licensefile'=> $file), $rules);
-
-                    if ($validator->fails()) {
-                         return redirect()->back()->with('error', trans('admin/licenses/message.upload.invalidfiles'));
-                    }
+                foreach (Input::file('file') as $file) {
                     $extension = $file->getClientOriginalExtension();
-                    $filename = 'license-'.$license->id.'-'.str_random(8);
-                    $filename .= '-'.str_slug($file->getClientOriginalName()).'.'.$extension;
+                    $filename = 'license-'.$license->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
                     $upload_success = $file->move($destinationPath, $filename);
 
                     //Log the upload to the log
                     $license->logUpload($filename, e($request->input('notes')));
                 }
-
+                // This being called from a modal seems to confuse redirect()->back()
+                // It thinks we should go to the dashboard.  As this is only used
+                // from the modal at present, hardcode the redirect.  Longterm
+                // maybe we evaluate something else.
                 if ($upload_success) {
-                    return redirect()->back()->with('success', trans('admin/licenses/message.upload.success'));
+                    return redirect()->route('licenses.show', $license->id)->with('success', trans('admin/licenses/message.upload.success'));
                 }
-                return redirect()->back()->with('error', trans('admin/licenses/message.upload.error'));
+                return redirect()->route('licenses.show', $license->id)->with('error', trans('admin/licenses/message.upload.error'));
             }
-            return redirect()->back()->with('error', trans('admin/licenses/message.upload.nofiles'));
+            return redirect()->route('licenses.show', $license->id)->with('error', trans('admin/licenses/message.upload.nofiles'));
         }
         // Prepare the error message
         $error = trans('admin/licenses/message.does_not_exist', compact('id'));
@@ -574,7 +575,7 @@ class LicensesController extends Controller
     * @param int $fileId
     * @return \Symfony\Component\HttpFoundation\BinaryFileResponse
      */
-    public function displayFile($licenseId = null, $fileId = null)
+    public function displayFile($licenseId = null, $fileId = null, $download = true)
     {
 
         $license = License::find($licenseId);
@@ -584,63 +585,35 @@ class LicensesController extends Controller
             $this->authorize('view', $license);
             $log = Actionlog::find($fileId);
             $file = $log->get_src('licenses');
+
+
+            if ($file =='') {
+                return response('File not found on server', 404)
+                    ->header('Content-Type', 'text/plain');
+            }
+
+            $mimetype = \File::mimeType($file);
+
+
+            if (!file_exists($file)) {
+                return response('File '.$file.' not found on server', 404)
+                    ->header('Content-Type', 'text/plain');
+            }
+
+            if ($download != 'true') {
+                if ($contents = file_get_contents($file)) {
+                    return Response::make($contents)->header('Content-Type', $mimetype);
+                }
+                return JsonResponse::create(["error" => "Failed validation: "], 500);
+            }
             return Response::download($file);
         }
-        // Prepare the error message
-        $error = trans('admin/licenses/message.does_not_exist', compact('id'));
-        // Redirect to the licence management page
-        return redirect()->route('licenses.index')->with('error', $error);
+
+
+        return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.does_not_exist', compact('id')));
     }
 
 
-    /**
-    * Generates a JSON response to populate the licence index datatables.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see LicensesController::getIndex() method that provides the view
-    * @since [v1.0]
-    * @return String JSON
-    */
-    public function getDatatable(Request $request)
-    {
-        $this->authorize('view', License::class);
-        $licenses = Company::scopeCompanyables(License::with('company', 'licenseSeatsRelation', 'manufacturer'));
-
-        if (Input::has('search')) {
-            $licenses = $licenses->TextSearch($request->input('search'));
-        }
-        $offset = request('offset', 0);
-        $limit = request('limit', 50);
-
-        $allowed_columns = ['id','name','purchase_cost','expiration_date','purchase_order','order_number','notes','purchase_date','serial','manufacturer','company'];
-        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
-
-        switch ($sort) {
-            case 'manufacturer':
-                $licenses = $licenses->OrderManufacturer($order);
-                break;
-            case 'company':
-                $licenses = $licenses->OrderCompany($order);
-                break;
-            default:
-                $licenses = $licenses->orderBy($sort, $order);
-                break;
-        }
-
-        $licenseCount = $licenses->count();
-        $licenses = $licenses->skip($offset)->take($limit)->get();
-
-        $rows = array();
-
-        foreach ($licenses as $license) {
-            $rows[] = $license->present()->forDataTable();
-        }
-
-        $data = array('total' => $licenseCount, 'rows' => $rows);
-
-        return $data;
-    }
 
     /**
     * Generates the next free seat ID for checkout.

app/Http/Controllers/LocationsController.php

@@ -16,6 +16,8 @@ use Validator;
 use View;
 use Auth;
 use Symfony\Component\HttpFoundation\JsonResponse;
+use Image;
+use App\Http\Requests\ImageUploadRequest;
 
 /**
  * This controller handles all actions related to Locations for
@@ -38,6 +40,7 @@ class LocationsController extends Controller
     public function index()
     {
         // Grab all the locations
+        $this->authorize('view', Location::class);
         $locations = Location::orderBy('created_at', 'DESC')->with('parent', 'assets', 'assignedassets')->get();
 
         // Show the page
@@ -55,6 +58,7 @@ class LocationsController extends Controller
      */
     public function create()
     {
+        $this->authorize('create', Location::class);
         $locations = Location::orderBy('name', 'ASC')->get();
 
         $location_options_array = Location::getLocationHierarchy($locations);
@@ -63,8 +67,7 @@ class LocationsController extends Controller
 
         return view('locations/edit')
             ->with('location_options', $location_options)
-            ->with('item', new Location)
-            ->with('manager_list', Helper::managerList());
+            ->with('item', new Location);
     }
 
 
@@ -77,62 +80,40 @@ class LocationsController extends Controller
     * @since [v1.0]
     * @return \Illuminate\Http\RedirectResponse
      */
-    public function store()
+    public function store(ImageUploadRequest $request)
     {
+        $this->authorize('create', Location::class);
         $location = new Location();
-        $location->name             = Input::get('name');
-        $location->parent_id        = Input::get('parent_id', null);
-        $location->currency         = Input::get('currency', '$');
-        $location->address          = Input::get('address');
-        $location->address2         = Input::get('address2');
-        $location->city             = Input::get('city');
-        $location->state            = Input::get('state');
-        $location->country          = Input::get('country');
-        $location->zip              = Input::get('zip');
-        $location->manager_id       = Input::get('manager_id');
+        $location->name             = $request->input('name');
+        $location->parent_id        = $request->input('parent_id', null);
+        $location->currency         = $request->input('currency', '$');
+        $location->address          = $request->input('address');
+        $location->address2         = $request->input('address2');
+        $location->city             = $request->input('city');
+        $location->state            = $request->input('state');
+        $location->country          = $request->input('country');
+        $location->zip              = $request->input('zip');
+        $location->ldap_ou          = $request->input('ldap_ou');
+        $location->manager_id       = $request->input('manager_id');
         $location->user_id          = Auth::id();
 
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_random(25).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/locations/'.$file_name);
+            Image::make($image->getRealPath())->resize(600, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $location->image = $file_name;
+        }
+
         if ($location->save()) {
             return redirect()->route("locations.index")->with('success', trans('admin/locations/message.create.success'));
         }
         return redirect()->back()->withInput()->withErrors($location->getErrors());
     }
 
-    /**
-    * Validates and stores a new location created via the Create Asset form modal.
-    *
-    * @todo Check if a Form Request would work better here.
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see AssetsController::getCreate() method that makes the form
-    * @since [v1.0]
-    * @return String JSON
-    */
-    public function apiStore()
-    {
-        $new['currency']=Setting::first()->default_currency;
-
-        // create a new location instance
-        $location = new Location();
-
-        // Save the location data
-        $location->name               = Input::get('name');
-        $location->currency           =  Setting::first()->default_currency; //e(Input::get('currency'));
-        $location->address            = ''; //e(Input::get('address'));
-        // $location->address2			= e(Input::get('address2'));
-        $location->city               = Input::get('city');
-        $location->state          = '';//e(Input::get('state'));
-        $location->country            = Input::get('country');
-        // $location->zip    			= e(Input::get('zip'));
-        $location->user_id          = Auth::id();
-
-        // Was the location created?
-        if ($location->save()) {
-            return JsonResponse::create($location);
-        }
-        // failure
-        return JsonResponse::create(["error" => "Failed validation: ".print_r($location->getErrors(), true)], 500);
-    }
-
 
     /**
     * Makes a form view to edit location information.
@@ -145,9 +126,10 @@ class LocationsController extends Controller
      */
     public function edit($locationId = null)
     {
+        $this->authorize('update', Location::class);
         // Check if the location exists
         if (is_null($item = Location::find($locationId))) {
-            return redirect()->to('admin/settings/locations')->with('error', trans('admin/locations/message.does_not_exist'));
+            return redirect()->route('locations.index')->with('error', trans('admin/locations/message.does_not_exist'));
         }
 
         // Show the page
@@ -156,10 +138,8 @@ class LocationsController extends Controller
         $location_options = Location::flattenLocationsArray($location_options_array);
         $location_options = array('' => 'Top Level') + $location_options;
 
-
         return view('locations/edit', compact('item'))
-            ->with('location_options', $location_options)
-            ->with('manager_list', Helper::managerList());
+            ->with('location_options', $location_options);
     }
 
 
@@ -172,32 +152,62 @@ class LocationsController extends Controller
     * @since [v1.0]
     * @return \Illuminate\Http\RedirectResponse
      */
-    public function update($locationId = null)
+    public function update(ImageUploadRequest $request, $locationId = null)
     {
+        $this->authorize('update', Location::class);
         // Check if the location exists
         if (is_null($location = Location::find($locationId))) {
-            return redirect()->to('admin/settings/locations')->with('error', trans('admin/locations/message.does_not_exist'));
+            return redirect()->route('locations.index')->with('error', trans('admin/locations/message.does_not_exist'));
         }
 
         // Update the location data
-        $location->name         = Input::get('name');
-        $location->parent_id    = Input::get('parent_id', null);
-        $location->currency     = Input::get('currency', '$');
-        $location->address      = Input::get('address');
-        $location->address2     = Input::get('address2');
-        $location->city         = Input::get('city');
-        $location->state        = Input::get('state');
-        $location->country      = Input::get('country');
-        $location->zip          = Input::get('zip');
-        $location->ldap_ou      = Input::get('ldap_ou');
-        $location->manager_id   = Input::get('manager_id');
+        $location->name         = $request->input('name');
+        $location->parent_id    = $request->input('parent_id', null);
+        $location->currency     = $request->input('currency', '$');
+        $location->address      = $request->input('address');
+        $location->address2     = $request->input('address2');
+        $location->city         = $request->input('city');
+        $location->state        = $request->input('state');
+        $location->country      = $request->input('country');
+        $location->zip          = $request->input('zip');
+        $location->ldap_ou      = $request->input('ldap_ou');
+        $location->manager_id   = $request->input('manager_id');
+
+        $old_image = $location->image;
+
+        // Set the model's image property to null if the image is being deleted
+        if ($request->input('image_delete') == 1) {
+            $location->image = null;
+        }
+
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = $location->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
+
+            if ($image->getClientOriginalExtension()!='svg') {
+                Image::make($image->getRealPath())->resize(600, null, function ($constraint) {
+                    $constraint->aspectRatio();
+                    $constraint->upsize();
+                })->save(app('locations_upload_path').$file_name);
+            } else {
+                $image->move(app('locations_upload_path'), $file_name);
+            }
+            $location->image = $file_name;
+
+        }
+
+        if ((($request->file('image')) && (isset($old_image)) && ($old_image!='')) || ($request->input('image_delete') == 1)) {
+            try  {
+                unlink(app('locations_upload_path').$old_image);
+            } catch (\Exception $e) {
+                \Log::error($e);
+            }
+        }
+
 
-        // Was the location updated?
         if ($location->save()) {
-          // Redirect to the saved location page
             return redirect()->route("locations.index")->with('success', trans('admin/locations/message.update.success'));
         }
-        // Redirect to the location management page
         return redirect()->back()->withInput()->withInput()->withErrors($location->getErrors());
     }
 
@@ -211,21 +221,23 @@ class LocationsController extends Controller
      */
     public function destroy($locationId)
     {
-        // Check if the location exists
+        $this->authorize('delete', Location::class);
         if (is_null($location = Location::find($locationId))) {
-            // Redirect to the blogs management page
             return redirect()->to(route('locations.index'))->with('error', trans('admin/locations/message.not_found'));
         }
 
-
         if ($location->users->count() > 0) {
             return redirect()->to(route('locations.index'))->with('error', trans('admin/locations/message.assoc_users'));
+
         } elseif ($location->childLocations->count() > 0) {
             return redirect()->to(route('locations.index'))->with('error', trans('admin/locations/message.assoc_child_loc'));
+
         } elseif ($location->assets->count() > 0) {
             return redirect()->to(route('locations.index'))->with('error', trans('admin/locations/message.assoc_assets'));
+
         } elseif ($location->assignedassets->count() > 0) {
             return redirect()->to(route('locations.index'))->with('error', trans('admin/locations/message.assoc_assets'));
+
         } else {
             $location->delete();
             return redirect()->to(route('locations.index'))->with('success', trans('admin/locations/message.delete.success'));
@@ -249,11 +261,8 @@ class LocationsController extends Controller
         if (isset($location->id)) {
             return view('locations/view', compact('location'));
         }
-        // Prepare the error message
-        $error = trans('admin/locations/message.does_not_exist', compact('id'));
 
-        // Redirect to the user management page
-        return redirect()->route('locations.index')->with('error', $error);
+        return redirect()->route('locations.index')->with('error', trans('admin/locations/message.does_not_exist', compact('id')));
     }
 
 }

app/Http/Controllers/ManufacturersController.php

@@ -2,6 +2,7 @@
 namespace App\Http\Controllers;
 
 use App\Helpers\Helper;
+use App\Http\Requests\ImageUploadRequest;
 use App\Models\CustomField;
 use App\Models\Manufacturer;
 use Auth;
@@ -13,6 +14,7 @@ use Redirect;
 use Str;
 use View;
 use Illuminate\Http\Request;
+use Image;
 
 /**
  * This controller handles all actions related to Manufacturers for
@@ -33,6 +35,7 @@ class ManufacturersController extends Controller
      */
     public function index()
     {
+        $this->authorize('index', Manufacturer::class);
         return view('manufacturers/index', compact('manufacturers'));
     }
 
@@ -47,6 +50,7 @@ class ManufacturersController extends Controller
      */
     public function create()
     {
+        $this->authorize('create', Manufacturer::class);
         return view('manufacturers/edit')->with('item', new Manufacturer);
     }
 
@@ -60,9 +64,10 @@ class ManufacturersController extends Controller
      * @param Request $request
      * @return \Illuminate\Http\RedirectResponse
      */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
     {
 
+        $this->authorize('create', Manufacturer::class);
         $manufacturer = new Manufacturer;
         $manufacturer->name            = $request->input('name');
         $manufacturer->user_id          = Auth::user()->id;
@@ -72,6 +77,18 @@ class ManufacturersController extends Controller
         $manufacturer->support_email    = $request->input('support_email');
 
 
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_slug($image->getClientOriginalName()).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/manufacturers/'.$file_name);
+            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $manufacturer->image = $file_name;
+        }
+
+
 
         if ($manufacturer->save()) {
             return redirect()->route('manufacturers.index')->with('success', trans('admin/manufacturers/message.create.success'));
@@ -90,6 +107,7 @@ class ManufacturersController extends Controller
      */
     public function edit($id = null)
     {
+        $this->authorize('edit', Manufacturer::class);
         // Check if the manufacturer exists
         if (is_null($item = Manufacturer::find($id))) {
             return redirect()->route('manufacturers.index')->with('error', trans('admin/manufacturers/message.does_not_exist'));
@@ -109,8 +127,9 @@ class ManufacturersController extends Controller
      * @return \Illuminate\Http\RedirectResponse
      * @since [v1.0]
      */
-    public function update(Request $request, $manufacturerId = null)
+    public function update(ImageUploadRequest $request, $manufacturerId = null)
     {
+        $this->authorize('edit', Manufacturer::class);
         // Check if the manufacturer exists
         if (is_null($manufacturer = Manufacturer::find($manufacturerId))) {
             // Redirect to the manufacturer  page
@@ -124,6 +143,38 @@ class ManufacturersController extends Controller
         $manufacturer->support_phone    = $request->input('support_phone');
         $manufacturer->support_email    = $request->input('support_email');
 
+        $old_image = $manufacturer->image;
+
+        // Set the model's image property to null if the image is being deleted
+        if ($request->input('image_delete') == 1) {
+            $manufacturer->image = null;
+        }
+
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = $manufacturer->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
+
+            if ($image->getClientOriginalExtension()!='svg') {
+                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                    $constraint->aspectRatio();
+                    $constraint->upsize();
+                })->save(app('manufacturers_upload_path').$file_name);
+            } else {
+                $image->move(app('manufacturers_upload_path'), $file_name);
+            }
+            $manufacturer->image = $file_name;
+
+        }
+
+        if ((($request->file('image')) && (isset($old_image)) && ($old_image!='')) || ($request->input('image_delete') == 1)) {
+            try  {
+                unlink(app('manufacturers_upload_path').$old_image);
+            } catch (\Exception $e) {
+                \Log::error($e);
+            }
+        }
+
+
         if ($manufacturer->save()) {
             return redirect()->route('manufacturers.index')->with('success', trans('admin/manufacturers/message.update.success'));
         }
@@ -140,6 +191,7 @@ class ManufacturersController extends Controller
      */
     public function destroy($manufacturerId)
     {
+        $this->authorize('delete', Manufacturer::class);
         // Check if the manufacturer exists
         if (is_null($manufacturer = Manufacturer::find($manufacturerId))) {
             // Redirect to the manufacturers page
@@ -150,6 +202,16 @@ class ManufacturersController extends Controller
             // Redirect to the asset management page
             return redirect()->route('manufacturers.index')->with('error', trans('admin/manufacturers/message.assoc_users'));
         }
+
+        if ($manufacturer->image) {
+            try  {
+                unlink(public_path().'/uploads/manufacturers/'.$manufacturer->image);
+            } catch (\Exception $e) {
+                \Log::error($e);
+            }
+        }
+
+
         // Delete the manufacturer
         $manufacturer->delete();
         // Redirect to the manufacturers management page
@@ -158,170 +220,55 @@ class ManufacturersController extends Controller
 
     /**
     * Returns a view that invokes the ajax tables which actually contains
-    * the content for the manufacturers detail listing, which is generated in getDatatable.
+    * the content for the manufacturers detail listing, which is generated via API.
     * This data contains a listing of all assets that belong to that manufacturer.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ManufacturersController::getDataView()
     * @param int $manufacturerId
     * @since [v1.0]
     * @return \Illuminate\Contracts\View\View
      */
     public function show($manufacturerId = null)
     {
+        $this->authorize('view', Manufacturer::class);
         $manufacturer = Manufacturer::find($manufacturerId);
 
         if (isset($manufacturer->id)) {
             return view('manufacturers/view', compact('manufacturer'));
         }
-        // Prepare the error message
-        $error = trans('admin/manufacturers/message.does_not_exist', compact('id'));
+
+        $error = trans('admin/manufacturers/message.does_not_exist');
         // Redirect to the user management page
-        return redirect()->route('manufacturers')->with('error', $error);
+        return redirect()->route('manufacturers.index')->with('error', $error);
+    }
+
+    /**
+     * Restore a given Manufacturer (mark as un-deleted)
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.1.15]
+     * @param int $manufacturers_id
+     * @return Redirect
+     */
+    public function restore($manufacturers_id)
+    {
+        $this->authorize('create', Manufacturer::class);
+        $manufacturer = Manufacturer::onlyTrashed()->where('id',$manufacturers_id)->first();
+
+        if ($manufacturer) {
+
+            // Not sure why this is necessary - it shouldn't fail validation here, but it fails without this, so....
+            $manufacturer->setValidating(false);
+            if ($manufacturer->restore()) {
+                return redirect()->route('manufacturers.index')->with('success', trans('admin/manufacturers/message.restore.success'));
+            }
+            return redirect()->back()->with('error', 'Could not restore.');
+        }
+        return redirect()->back()->with('error', trans('admin/manufacturers/message.does_not_exist'));
+
     }
 
    
-    /**
-     * Generates the JSON used to display the manufacturer detail.
-     * This JSON returns data on all of the assets with the specified
-     * manufacturer ID number.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @see ManufacturersController::getView()
-     * @param int $manufacturerId
-     * @param string $itemType
-     * @param Request $request
-     * @return String JSON* @since [v1.0]
-     */
-    public function getDataView($manufacturerId, $itemType = null, Request $request)
-    {
-        $manufacturer = Manufacturer::find($manufacturerId);
-
-        switch ($itemType) {
-            case "assets":
-                return $this->getDataAssetsView($manufacturer, $request);
-            case "licenses":
-                return $this->getDataLicensesView($manufacturer, $request);
-            case "accessories":
-                return $this->getDataAccessoriesView($manufacturer, $request);
-            case "consumables":
-                return $this->getDataConsumablesView($manufacturer, $request);
-        }
-
-        return "We shouldn't be here";
-
-    }
-
-    protected function getDataAssetsView(Manufacturer $manufacturer, Request $request)
-    {
-        $manufacturer = $manufacturer->load('assets.model', 'assets.assignedTo', 'assets.assetstatus', 'assets.company');
-        $manufacturer_assets = $manufacturer->assets();
-
-        if ($request->has('search')) {
-            $manufacturer_assets = $manufacturer_assets->TextSearch(e($request->input('search')));
-        }
-
-        $offset = request('offset', 0);
-        $limit = request('limit', 50);
-
-        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-
-        $allowed_columns = ['id','name','serial','asset_tag'];
-        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
-        $count = $manufacturer_assets->count();
-        $manufacturer_assets = $manufacturer_assets->skip($offset)->take($limit)->get();
-        $rows = array();
-        $all_custom_fields = CustomField::all(); // cached;
-        foreach ($manufacturer_assets as $asset) {
-            $rows[] = $asset->present()->forDataTable($all_custom_fields);
-        }
-
-        $data = array('total' => $count, 'rows' => $rows);
-        return $data;
-    }
-
-    protected function getDataLicensesView(Manufacturer $manufacturer, Request $request)
-    {
-        $manufacturer = $manufacturer->load('licenses.company', 'licenses.manufacturer', 'licenses.licenseSeatsRelation');
-        $licenses = $manufacturer->licenses;
-
-        if ($request->has('search')) {
-            $licenses = $licenses->TextSearch($request->input('search'));
-        }
-
-        $licenseCount = $licenses->count();
-
-        $rows = array();
-
-        foreach ($licenses as $license) {
-            $rows[] = $license->present()->forDataTable();
-        }
-
-        $data = array('total' => $licenseCount, 'rows' => $rows);
-
-        return $data;
-    }
-
-    public function getDataAccessoriesView(Manufacturer $manufacturer, Request $request)
-    {
-        $manufacturer = $manufacturer->load(
-            'accessories.location',
-            'accessories.company',
-            'accessories.category',
-            'accessories.manufacturer',
-            'accessories.users'
-        );
-        $accessories = $manufacturer->accessories();
-
-        if ($request->has('search')) {
-            $accessories = $accessories->TextSearch(e($request->input('search')));
-        }
-
-        $offset = request('offset', 0);
-        $limit = request('limit', 50);
-
-        $accessCount = $accessories->count();
-        $accessories = $accessories->skip($offset)->take($limit)->get();
-        $rows = array();
-
-        foreach ($accessories as $accessory) {
-            $rows[] = $accessory->present()->forDataTable();
-        }
-
-        $data = array('total'=>$accessCount, 'rows'=>$rows);
-
-        return $data;
-    }
-
-    public function getDataConsumablesView($manufacturer, Request $request)
-    {
-        $manufacturer = $manufacturer->load(
-            'consumables.location',
-            'consumables.company',
-            'consumables.category',
-            'consumables.manufacturer',
-            'consumables.users'
-        );
-        $consumables = $manufacturer->consumables();
-
-        if ($request->has('search')) {
-            $consumables = $consumables->TextSearch(e($request->input('search')));
-        }
-
-        $offset = request('offset', 0);
-        $limit = request('limit', 50);
 
 
-        $consumCount = $consumables->count();
-        $consumables = $consumables->skip($offset)->take($limit)->get();
-        $rows = array();
-
-        foreach ($consumables as $consumable) {
-            $rows[] = $consumable->present()->forDataTable();
-        }
-
-        $data = array('total' => $consumCount, 'rows' => $rows);
-
-        return $data;
-    }
 }

app/Http/Controllers/ModalController.php

@@ -13,9 +13,7 @@ class ModalController extends Controller
     }
 
     function model() {
-        return view('modals.model')
-            ->with('manufacturer', Helper::manufacturerList())
-            ->with('category', Helper::categoryList('asset'));
+        return view('modals.model');
     }
 
     function statuslabel() {
@@ -29,4 +27,13 @@ class ModalController extends Controller
     function user() {
         return view('modals.user');
     }
+
+    function category() {
+        return view('modals.category');
+    }
+
+    function manufacturer() {
+        return view('modals.manufacturer');
+    }
+
 }

app/Http/Controllers/ProfileController.php

@@ -11,6 +11,7 @@ use App\Models\Setting;
 use Gate;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Hash;
+use App\Http\Requests\ImageUploadRequest;
 
 /**
  * This controller handles all actions related to User Profiles for
@@ -30,8 +31,7 @@ class ProfileController extends Controller
     public function getIndex()
     {
         $user = Auth::user();
-        $location_list = Helper::locationsList();
-        return view('account/profile', compact('user'))->with('location_list', $location_list);
+        return view('account/profile', compact('user'));
     }
 
     /**
@@ -41,7 +41,7 @@ class ProfileController extends Controller
     * @since [v1.0]
     * @return \Illuminate\Http\RedirectResponse
      */
-    public function postIndex()
+    public function postIndex(ImageUploadRequest $request)
     {
 
         $user = Auth::user();
@@ -109,12 +109,12 @@ class ProfileController extends Controller
     {
 
         if (config('app.lock_passwords')) {
-            return redirect()->route('account.password.index')->with('error', Lang::get('admin/users/table.lock_passwords'));
+            return redirect()->route('account.password.index')->with('error', trans('admin/users/table.lock_passwords'));
         }
 
         $user = Auth::user();
         if ($user->ldap_import=='1') {
-            return redirect()->route('account.password.index')->with('error', Lang::get('admin/users/message.error.password_ldap'));
+            return redirect()->route('account.password.index')->with('error', trans('admin/users/message.error.password_ldap'));
         }
 
         $rules = array(
@@ -143,5 +143,25 @@ class ProfileController extends Controller
 
     }
 
+    /**
+     * Save the menu state of open/closed when the user clicks on the hamburger
+     * menu.
+     *
+     * This URL is triggered via jquery in
+     * resources/views/layouts/default.blade.php
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return View
+     */
+
+    public function getMenuState(Request $request) {
+        if ($request->input('state')=='open') {
+            $request->session()->put('menu_state', 'open');
+        } else {
+            $request->session()->put('menu_state', 'closed');
+        }
+    }
+
 
 }

app/Http/Controllers/ReportsController.php

@@ -7,6 +7,7 @@ use App\Models\Actionlog;
 use App\Models\Asset;
 use App\Models\AssetMaintenance;
 use App\Models\CustomField;
+use App\Models\Depreciation;
 use App\Models\License;
 use App\Models\Setting;
 use Carbon\Carbon;
@@ -15,6 +16,7 @@ use Illuminate\Support\Facades\View;
 use Input;
 use League\Csv\Reader;
 use Symfony\Component\HttpFoundation\StreamedResponse;
+use Illuminate\Http\Request;
 
 /**
  * This controller handles all actions related to Reports for
@@ -24,6 +26,14 @@ use Symfony\Component\HttpFoundation\StreamedResponse;
  */
 class ReportsController extends Controller
 {
+    /**
+     * Checks for correct permissions
+     */
+    public function __construct() {
+        parent::__construct();
+
+        $this->authorize('reports.view');
+    }
 
     /**
     * Returns a view that displays the accessories report.
@@ -80,101 +90,6 @@ class ReportsController extends Controller
         return $response;
     }
 
-    /**
-    * Display asset report view.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v1.0]
-    * @return View
-    */
-    public function getAssetsReport()
-    {
-        $settings = \App\Models\Setting::first();
-        return view('reports/asset', compact('assets'))->with('settings', $settings);
-    }
-
-
-
-    /**
-    * Exports the assets to CSV
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v1.0]
-    * @return \Illuminate\Http\Response
-    */
-    public function exportAssetReport()
-    {
-
-         \Debugbar::disable();
-
-        $customfields = CustomField::get();
-
-        $response = new StreamedResponse(function () use ($customfields) {
-            // Open output stream
-            $handle = fopen('php://output', 'w');
-
-            Asset::with('assignedTo', 'assetLoc','defaultLoc','assignedTo','model','supplier','assetstatus','model.manufacturer')->orderBy('created_at', 'DESC')->chunk(500, function($assets) use($handle, $customfields) {
-                $headers=[
-                    trans('general.company'),
-                    trans('admin/hardware/table.asset_tag'),
-                    trans('admin/hardware/form.manufacturer'),
-                    trans('admin/hardware/form.model'),
-                    trans('general.model_no'),
-                    trans('general.name'),
-                    trans('admin/hardware/table.serial'),
-                    trans('general.status'),
-                    trans('admin/hardware/table.purchase_date'),
-                    trans('admin/hardware/table.purchase_cost'),
-                    trans('admin/hardware/form.order'),
-                    trans('admin/hardware/form.supplier'),
-                    trans('admin/hardware/table.checkoutto'),
-                    trans('admin/hardware/table.checkout_date'),
-                    trans('admin/hardware/table.location'),
-                    trans('general.notes'),
-                ];
-                foreach ($customfields as $field) {
-                    $headers[]=$field->name;
-                }
-                fputcsv($handle, $headers);
-
-                foreach ($assets as $asset) {
-                    // Add a new row with data
-                    $values=[
-                        ($asset->company) ? $asset->company->name : '',
-                        $asset->asset_tag,
-                        ($asset->model->manufacturer) ? $asset->model->manufacturer->name : '',
-                        ($asset->model) ? $asset->model->name : '',
-                        ($asset->model->model_number) ? $asset->model->model_number : '',
-                        ($asset->name) ? $asset->name : '',
-                        ($asset->serial) ? $asset->serial : '',
-                        ($asset->assetstatus) ? e($asset->assetstatus->name) : '',
-                        ($asset->purchase_date) ? e($asset->purchase_date) : '',
-                        ($asset->purchase_cost > 0) ? Helper::formatCurrencyOutput($asset->purchase_cost) : '',
-                        ($asset->order_number) ? e($asset->order_number) : '',
-                        ($asset->supplier) ? e($asset->supplier->name) : '',
-                        ($asset->assignedTo) ? e($asset->assignedTo->present()->name()) : '',
-                        ($asset->last_checkout!='') ? e($asset->last_checkout) : '',
-                        e($asset->assetLoc->present()->name()),
-                        ($asset->notes) ? e($asset->notes) : '',
-                    ];
-                    foreach ($customfields as $field) {
-                        $values[]=$asset->{$field->db_column_name()};
-                    }
-                    fputcsv($handle, $values);
-                }
-            });
-
-            // Close the output stream
-            fclose($handle);
-        }, 200, [
-            'Content-Type' => 'text/csv',
-            'Content-Disposition' => 'attachment; filename="assets-'.date('Y-m-d-his').'.csv"',
-        ]);
-
-        return $response;
-
-    }
-
     /**
     * Show depreciation report for assets.
     *
@@ -185,11 +100,12 @@ class ReportsController extends Controller
     public function getDeprecationReport()
     {
 
+        $depreciations = Depreciation::get();
         // Grab all the assets
-        $assets = Asset::with( 'assignedTo', 'assetstatus', 'defaultLoc', 'assetloc', 'assetlog', 'company', 'model.category', 'model.depreciation')
+        $assets = Asset::with( 'assignedTo', 'assetstatus', 'defaultLoc', 'location', 'assetlog', 'company', 'model.category', 'model.depreciation')
                        ->orderBy('created_at', 'DESC')->get();
 
-        return view('reports/depreciation', compact('assets'));
+        return view('reports/depreciation', compact('assets'))->with('depreciations',$depreciations);
     }
 
     /**
@@ -241,7 +157,7 @@ class ReportsController extends Controller
                 $row[] = ''; // Empty string if unassigned
             }
 
-            if (( $asset->assigned_to > 0 ) && ( $location = $asset->assetLoc )) {
+            if (( $asset->assigned_to > 0 ) && ( $location = $asset->location )) {
                 if ($location->city) {
                     $row[] = e($location->city) . ', ' . e($location->state);
                 } elseif ($location->name) {
@@ -253,8 +169,8 @@ class ReportsController extends Controller
                 $row[] = '';  // Empty string if location is not set
             }
 
-            if ($asset->assetloc) {
-                $currency = e($asset->assetloc->currency);
+            if ($asset->location) {
+                $currency = e($asset->location->currency);
             } else {
                 $currency = e(Setting::first()->default_currency);
             }
@@ -388,251 +304,411 @@ class ReportsController extends Controller
      * @since [v1.0]
      * @return \Illuminate\Http\Response
      */
-    public function postCustom()
+    public function postCustom(Request $request)
     {
-        $assets = Asset::orderBy('created_at', 'DESC')->with('company', 'assignedTo', 'assetloc', 'defaultLoc', 'model', 'supplier', 'assetstatus', 'model.manufacturer')->get();
+
+        \Debugbar::disable();
         $customfields = CustomField::get();
+        $response = new StreamedResponse(function () use ($customfields, $request) {
 
-        $rows   = [ ];
-        $header = [ ];
-
-        if (e(Input::get('company')) == '1') {
-            $header[] = 'Company Name';
-        }
-
-        if (e(Input::get('asset_name')) == '1') {
-            $header[] = 'Asset Name';
-        }
-        if (e(Input::get('asset_tag')) == '1') {
-            $header[] = 'Asset Tag';
-        }
-        if (e(Input::get('manufacturer')) == '1') {
-            $header[] = 'Manufacturer';
-        }
-        if (e(Input::get('model')) == '1') {
-            $header[] = 'Model';
-            $header[] = 'Model Number';
-        }
-        if (e(Input::get('category')) == '1') {
-            $header[] = 'Category';
-        }
-        if (e(Input::get('serial')) == '1') {
-            $header[] = 'Serial';
-        }
-        if (e(Input::get('purchase_date')) == '1') {
-            $header[] = 'Purchase Date';
-        }
-        if (( e(Input::get('purchase_cost')) == '1' ) && ( e(Input::get('depreciation')) != '1' )) {
-            $header[] = 'Purchase Cost';
-        }
-        if (e(Input::get('eol')) == '1') {
-            $header[] = 'EOL';
-        }
-        if (e(Input::get('order')) == '1') {
-            $header[] = 'Order Number';
-        }
-        if (e(Input::get('supplier')) == '1') {
-            $header[] = 'Supplier';
-        }
-        if (e(Input::get('location')) == '1') {
-            $header[] = 'Location';
-        }
-        if (e(Input::get('assigned_to')) == '1') {
-            $header[] = 'Assigned To';
-        }
-        if (e(Input::get('username')) == '1') {
-            $header[] = 'Username';
-        }
-        if (e(Input::get('employee_num')) == '1') {
-            $header[] = 'Employee No.';
-        }
-        if (e(Input::get('status')) == '1') {
-            $header[] = 'Status';
-        }
-        if (e(Input::get('warranty')) == '1') {
-            $header[] = 'Warranty';
-            $header[] = 'Warranty Expires';
-        }
-        if (e(Input::get('depreciation')) == '1') {
-            $header[] = 'Purchase Cost';
-            $header[] = 'Value';
-            $header[] = 'Diff';
-        }
-        if (e(Input::get('expected_checkin')) == '1') {
-            $header[] = trans('admin/hardware/form.expected_checkin');
-        }
-
-        if (e(Input::get('notes')) == '1') {
-            $header[] = 'Notes';
-        }
-
-
-        foreach ($customfields as $customfield) {
-            if (e(Input::get($customfield->db_column_name())) == '1') {
-                $header[] = $customfield->name;
-            }
-        }
-
-
-        $header = array_map('trim', $header);
-        $rows[] = implode($header, ',');
-
-        foreach ($assets as $asset) {
-            $row = [ ];
-
-            if (e(Input::get('company')) == '1') {
-                $row[] = is_null($asset->company) ? '' : '"'.$asset->company->name.'"';
+            // Open output stream
+            $handle = fopen('php://output', 'w');
+            
+            if ($request->has('use_bom')) {
+                fprintf($handle, chr(0xEF) . chr(0xBB) . chr(0xBF));
             }
 
-            if (e(Input::get('asset_name')) == '1') {
-                $row[] = '"' .e($asset->name) . '"';
-            }
-            if (e(Input::get('asset_tag')) == '1') {
-                $row[] = e($asset->asset_tag);
-            }
-            if (e(Input::get('manufacturer')) == '1') {
-                if ($asset->model->manufacturer) {
-                    $row[] = '"' .e($asset->model->manufacturer->name) . '"';
-                } else {
-                    $row[] = '';
-                }
-            }
-            if (e(Input::get('model')) == '1') {
-                $row[] = '"' . e($asset->model->name) . '"';
-                $row[] = '"' . e($asset->model->model_number) . '"';
-            }
-            if (e(Input::get('category')) == '1') {
-                $row[] = '"' .e($asset->model->category->name) . '"';
+            $header = [];
+
+
+            if ($request->has('company')) {
+                $header[] = trans('general.company');
             }
 
-            if (e(Input::get('serial')) == '1') {
-                $row[] = e($asset->serial);
-            }
-            if (e(Input::get('purchase_date')) == '1') {
-                $row[] = e($asset->purchase_date);
-            }
-            if (e(Input::get('purchase_cost')) == '1' && ( e(Input::get('depreciation')) != '1' )) {
-                $row[] = '"' . Helper::formatCurrencyOutput($asset->purchase_cost) . '"';
-            }
-            if (e(Input::get('eol')) == '1') {
-                $row[] = '"' .($asset->present()->eol_date()) ? $asset->present()->eol_date() : ''. '"';
-            }
-            if (e(Input::get('order')) == '1') {
-                if ($asset->order_number) {
-                    $row[] = e($asset->order_number);
-                } else {
-                    $row[] = '';
-                }
-            }
-            if (e(Input::get('supplier')) == '1') {
-                if ($asset->supplier) {
-                    $row[] = '"' .e($asset->supplier->name) . '"';
-                } else {
-                    $row[] = '';
-                }
+            if ($request->has('asset_name')) {
+                $header[] = trans('admin/hardware/form.name');
             }
 
-            if (e(Input::get('location')) == '1') {
-                if($asset->assetLoc) {
-                    $show_loc = $asset->assetLoc->present()->name();
-                } else {
-                    $show_loc = 'Default location '.$asset->rtd_location_id.' is invalid';
-                }
-                $row[] = $show_loc;
+            if ($request->has('asset_tag')) {
+                $header[] = trans('admin/hardware/table.asset_tag');
+            }
+
+            if ($request->has('model')) {
+                $header[] = trans('admin/hardware/form.model');
+                $header[] = trans('general.model_no');
+            }
+
+            if ($request->has('category')) {
+                $header[] = trans('general.category');
+            }
+
+            if ($request->has('manufacturer')) {
+                $header[] = trans('admin/hardware/form.manufacturer');
+            }
+
+            if ($request->has('serial')) {
+                $header[] = trans('admin/hardware/table.serial');
+            }
+            if ($request->has('purchase_date')) {
+                $header[] = trans('admin/hardware/table.purchase_date');
+            }
+
+            if (($request->has('purchase_cost'))  || ($request->has('depreciation'))) {
+                $header[] = trans('admin/hardware/table.purchase_cost');
+            }
+
+            if ($request->has('eol')) {
+                $header[] = trans('admin/hardware/table.eol');
+            }
+
+            if ($request->has('order')) {
+                $header[] = trans('admin/hardware/form.order');
+            }
+
+            if ($request->has('supplier')) {
+                $header[] = trans('general.supplier');
+            }
+
+            if ($request->has('location')) {
+                $header[] = trans('admin/hardware/table.location');
+            }
+            if ($request->has('location_address')) {
+                $header[] = trans('general.address');
+                $header[] = trans('general.address');
+                $header[] = trans('general.city');
+                $header[] = trans('general.state');
+                $header[] = trans('general.country');
+                $header[] = trans('general.zip');
+            }
+
+            if ($request->has('rtd_location')) {
+                $header[] = trans('admin/hardware/form.default_location');
+            }
+            
+            if ($request->has('rtd_location_address')) {
+                $header[] = trans('general.address');
+                $header[] = trans('general.address');
+                $header[] = trans('general.city');
+                $header[] = trans('general.state');
+                $header[] = trans('general.country');
+                $header[] = trans('general.zip');
             }
 
 
-            if (e(Input::get('assigned_to')) == '1') {
-                if ($asset->assignedTo) {
-                    $row[] = '"' .e($asset->assignedTo->present()->name()). '"';
-                } else {
-                    $row[] = ''; // Empty string if unassigned
-                }
+            if ($request->has('assigned_to')) {
+                $header[] = trans('admin/hardware/table.checkoutto');
+                $header[] = trans('general.type');
             }
 
-            if (e(Input::get('username')) == '1') {
-                // Only works if we're checked out to a user, not anything else.
-                if ($asset->checkedOutToUser()) {
-                    $row[] = '"' .e($asset->assignedTo->username). '"';
-                } else {
-                    $row[] = ''; // Empty string if unassigned
-                }
+            if ($request->has('username')) {
+                $header[] = 'Username';
             }
 
-            if (e(Input::get('employee_num')) == '1') {
-                // Only works if we're checked out to a user, not anything else.
-                if ($asset->checkedOutToUser()) {
-                    $row[] = '"' .e($asset->assignedTo->employee_num). '"';
-                } else {
-                    $row[] = ''; // Empty string if unassigned
-                }
+            if ($request->has('employee_num')) {
+                $header[] = 'Employee No.';
             }
 
-            if (e(Input::get('status')) == '1') {
-                if (( $asset->status_id == '0' ) && ( $asset->assigned_to == '0' )) {
-                    $row[] = trans('general.ready_to_deploy');
-                } elseif (( $asset->status_id == '' ) && ( $asset->assigned_to == '0' )) {
-                    $row[] = trans('general.pending');
-                } elseif ($asset->assetstatus) {
-                    $row[] = '"' .e($asset->assetstatus->name). '"';
-                } else {
-                    $row[] = '';
-                }
-            }
-            if (e(Input::get('warranty')) == '1') {
-                if ($asset->warranty_months) {
-                    $row[] = $asset->warranty_months;
-                    $row[] = $asset->present()->warrantee_expires();
-                } else {
-                    $row[] = '';
-                    $row[] = '';
-                }
-            }
-            if (e(Input::get('depreciation')) == '1') {
-                $depreciation = $asset->getDepreciatedValue();
-                $row[]        = '"' . Helper::formatCurrencyOutput($asset->purchase_cost) . '"';
-                $row[]        = '"' . Helper::formatCurrencyOutput($depreciation) . '"';
-                $row[]        = '"' . Helper::formatCurrencyOutput($asset->purchase_cost) . '"';
-            }
-            if (e(Input::get('expected_checkin')) == '1') {
-                if ($asset->expected_checkin) {
-                    $row[] = '"' .e($asset->expected_checkin). '"';
-                } else {
-                    $row[] = ''; // Empty string if blankd
-                }
+            if ($request->has('manager')) {
+                $header[] = trans('admin/users/table.manager');
             }
 
-            if (e(Input::get('notes')) == '1') {
-                if ($asset->notes) {
-                    $row[] = '"' .$asset->notes. '"';
-                } else {
-                    $row[] = ''; // Empty string if unassigned
-                }
+            if ($request->has('department')) {
+                $header[] = trans('general.department');
             }
 
+            if ($request->has('status')) {
+                $header[] = trans('general.status');
+            }
+
+            if ($request->has('warranty')) {
+                $header[] = 'Warranty';
+                $header[] = 'Warranty Expires';
+            }
+            if ($request->has('depreciation')) {
+                $header[] = 'Value';
+                $header[] = 'Diff';
+            }
+
+            if ($request->has('checkout_date')) {
+                $header[] = trans('admin/hardware/table.checkout_date');
+            }
+
+            if ($request->has('expected_checkin')) {
+                $header[] = trans('admin/hardware/form.expected_checkin');
+            }
+
+            if ($request->has('created_at')) {
+                $header[] = trans('general.created_at');
+            }
+
+            if ($request->has('updated_at')) {
+                $header[] = trans('general.updated_at');
+            }
+
+            if ($request->has('last_audit_date')) {
+                $header[] = trans('general.last_audit');
+            }
+
+            if ($request->has('next_audit_date')) {
+                $header[] = trans('general.next_audit_date');
+            }
+
+            if ($request->has('notes')) {
+                $header[] = trans('general.notes');
+            }
+
+
             foreach ($customfields as $customfield) {
-                $column_name = $customfield->db_column_name();
                 if (e(Input::get($customfield->db_column_name())) == '1') {
-                    $row[] = str_replace(",", "\,", $asset->$column_name);
+                    $header[] = $customfield->name;
                 }
             }
 
 
-            $rows[] = implode($row, ',');
-        }
+            fputcsv($handle, $header);
+
+            $assets = \App\Models\Company::scopeCompanyables(Asset::select('assets.*'))->with(
+                'location', 'assetstatus', 'assetlog', 'company', 'defaultLoc','assignedTo',
+                'model.category', 'model.manufacturer','supplier');
+            
+            if ($request->has('by_location_id')) {
+                $assets->where('assets.location_id', $request->input('by_location_id'));
+            }
+
+            if ($request->has('by_rtd_location_id')) {
+                \Log::debug('RTD location should match: '.$request->input('by_rtd_location_id'));
+                $assets->where('assets.rtd_location_id', $request->input('by_rtd_location_id'));
+            }
+
+            if ($request->has('by_supplier_id')) {
+                $assets->where('assets.supplier_id', $request->input('by_supplier_id'));
+            }
+
+            if ($request->has('by_company_id')) {
+                $assets->where('assets.company_id', $request->input('by_company_id'));
+            }
+
+            if ($request->has('by_model_id')) {
+                $assets->where('assets.model_id', $request->input('by_model_id'));
+            }
+
+            if ($request->has('by_category_id')) {
+                $assets->InCategory($request->input('by_category_id'));
+            }
+
+            if ($request->has('by_manufacturer_id')) {
+                $assets->ByManufacturer($request->input('by_manufacturer_id'));
+            }
+
+            if ($request->has('by_order_number')) {
+                $assets->where('assets.order_number', $request->input('by_order_number'));
+            }
+
+            if ($request->has('by_status_id')) {
+                $assets->where('assets.status_id', $request->input('by_status_id'));
+            }
+
+            if (($request->has('purchase_start')) && ($request->has('purchase_end'))) {
+                $assets->whereBetween('assets.purchase_date', [$request->input('purchase_start'), $request->input('purchase_end')]);
+            }
+
+            if (($request->has('created_start')) && ($request->has('created_end'))) {
+                $assets->whereBetween('assets.created_at', [$request->input('created_start'), $request->input('created_end')]);
+            }
+
+            if (($request->has('expected_checkin_start')) && ($request->has('expected_checkin_end'))) {
+                $assets->whereBetween('assets.expected_checkin', [$request->input('expected_checkin_start'), $request->input('expected_checkin_end')]);
+            }
+            
+            $assets->orderBy('assets.created_at', 'ASC')->chunk(500, function($assets) use($handle, $customfields, $request) {
+
+                foreach ($assets as $asset) {
+                    $row = [];
+                    
+                    if ($request->has('company')) {
+                        $row[] = ($asset->company) ? $asset->company->name : '';
+                    }
+
+                    if ($request->has('asset_name')) {
+                        $row[] = ($asset->name) ? $asset->name : '';
+                    }
+
+                    if ($request->has('asset_tag')) {
+                        $row[] = ($asset->asset_tag) ? $asset->asset_tag : '';
+                    }
+
+                    if ($request->has('model')) {
+                        $row[] = ($asset->model) ? $asset->model->name : '';
+                        $row[] = ($asset->model) ? $asset->model->model_number : '';
+                    }
+
+                    if ($request->has('category')) {
+                        $row[] = (($asset->model) && ($asset->model->category)) ? $asset->model->category->name : '';
+                    }
+
+                    if ($request->has('manufacturer')) {
+                        $row[] = ($asset->model && $asset->model->manufacturer) ? $asset->model->manufacturer->name : '';
+                    }
+
+                    if ($request->has('serial')) {
+                        $row[] = ($asset->serial) ? $asset->serial : '';
+                    }
+
+                    if ($request->has('purchase_date')) {
+                        $row[] = ($asset->purchase_date) ? $asset->purchase_date : '';
+                    }
+
+                    if ($request->has('purchase_cost')) {
+                        $row[] = ($asset->purchase_cost) ? Helper::formatCurrencyOutput($asset->purchase_cost) : '';
+                    }
+
+                    if ($request->has('eol')) {
+                        $row[] = ($asset->purchase_date!='') ? $asset->present()->eol_date() : '';
+                    }
+
+                    if ($request->has('order')) {
+                        $row[] = ($asset->order_number) ? $asset->order_number : '';
+                    }
+
+                    if ($request->has('supplier')) {
+                        $row[] = ($asset->supplier) ? $asset->supplier->name : '';
+                    }
+                    
+
+                    if ($request->has('location')) {
+                        $row[] = ($asset->location) ? $asset->location->present()->name() : '';
+                    }
+
+                    if ($request->has('location_address')) {
+                        $row[] = ($asset->location) ? $asset->location->address : '';
+                        $row[] = ($asset->location) ? $asset->location->address2 : '';
+                        $row[] = ($asset->location) ? $asset->location->city : '';
+                        $row[] = ($asset->location) ? $asset->location->state : '';
+                        $row[] = ($asset->location) ? $asset->location->country : '';
+                        $row[] = ($asset->location) ? $asset->location->zip : '';
+                    }
+
+                    if ($request->has('rtd_location')) {
+                        $row[] = ($asset->defaultLoc) ? $asset->defaultLoc->present()->name() : '';
+                    }
+
+                    if ($request->has('rtd_location_address')) {
+                        $row[] = ($asset->defaultLoc) ? $asset->defaultLoc->address : '';
+                        $row[] = ($asset->defaultLoc) ? $asset->defaultLoc->address2 : '';
+                        $row[] = ($asset->defaultLoc) ? $asset->defaultLoc->city : '';
+                        $row[] = ($asset->defaultLoc) ? $asset->defaultLoc->state : '';
+                        $row[] = ($asset->defaultLoc) ? $asset->defaultLoc->country : '';
+                        $row[] = ($asset->defaultLoc) ? $asset->defaultLoc->zip : '';
+                    }
+
+
+                    if ($request->has('assigned_to')) {
+                        $row[] = ($asset->checkedOutToUser() && $asset->assigned) ? e($asset->assigned->getFullNameAttribute()) : ($asset->assigned ? e($asset->assigned->display_name) : '');
+                        $row[] = ($asset->checkedOutToUser() && $asset->assigned) ? 'user' : e($asset->assignedType());
+                    }
+
+                    if ($request->has('username')) {
+                        // Only works if we're checked out to a user, not anything else.
+                        if ($asset->checkedOutToUser()) {
+                            $row[] = ($asset->assignedto) ? $asset->assignedto->username : '';
+                        } else {
+                            $row[] = ''; // Empty string if unassigned
+                        }
+                    }
+
+                    if ($request->has('employee_num')) {
+                        // Only works if we're checked out to a user, not anything else.
+                        if ($asset->checkedOutToUser()) {
+                            $row[] = ($asset->assignedto) ? $asset->assignedto->employee_num : '';
+                        } else {
+                            $row[] = ''; // Empty string if unassigned
+                        }
+                    }
+
+                    if ($request->has('manager')) {
+                        if ($asset->checkedOutToUser()) {
+                            $row[] = (($asset->assignedto) && ($asset->assignedto->manager)) ? $asset->assignedto->manager->present()->fullName : '';
+                        } else {
+                            $row[] = ''; // Empty string if unassigned
+                        }
+                    }
+
+
+                    if ($request->has('department')) {
+                        if ($asset->checkedOutToUser()) {
+                            $row[] = (($asset->assignedto) && ($asset->assignedto->department)) ? $asset->assignedto->department->name : '';
+                        } else {
+                            $row[] = ''; // Empty string if unassigned
+                        }
+                    }
+
+                    if ($request->has('status')) {
+                        $row[] = ($asset->assetstatus) ? $asset->assetstatus->name.' ('.$asset->present()->statusMeta.')' : '';
+                    }
+
+
+                    if ($request->has('warranty')) {
+                        $row[] = ($asset->warranty_months) ? $asset->warranty_months : '';
+                        $row[] = $asset->present()->warrantee_expires();
+                    }
+
+
+                    if ($request->has('depreciation')) {
+                            $depreciation = $asset->getDepreciatedValue();
+                            $diff = ($asset->purchase_cost - $depreciation);
+                            $row[]        = Helper::formatCurrencyOutput($depreciation);
+                            $row[]        = Helper::formatCurrencyOutput($diff);
+                    }
+
+                    if ($request->has('checkout_date')) {
+                        $row[] = ($asset->last_checkout) ? $asset->last_checkout : '';
+                    }
+
+                    if ($request->has('expected_checkin')) {
+                        $row[] = ($asset->expected_checkin) ? $asset->expected_checkin : '';
+                    }
+
+                    if ($request->has('created_at')) {
+                        $row[] = ($asset->created_at) ? $asset->created_at : '';
+                    }
+
+                    if ($request->has('updated_at')) {
+                        $row[] = ($asset->updated_at) ? $asset->updated_at : '';
+                    }
+
+                    if ($request->has('last_audit_date')) {
+                        $row[] = ($asset->last_audit_date) ? $asset->last_audit_date : '';
+                    }
+
+                    if ($request->has('next_audit_date')) {
+                        $row[] = ($asset->next_audit_date) ? $asset->next_audit_date : '';
+                    }
+
+                    if ($request->has('notes')) {
+                        $row[] = ($asset->notes) ? $asset->notes : '';
+                    }
+
+                    foreach ($customfields as $customfield) {
+                        $column_name = $customfield->db_column_name();
+                        if ($request->has($customfield->db_column_name())) {
+                            $row[] = $asset->$column_name;
+                        }
+                    }
+                    fputcsv($handle, $row);
+                }
+            });
+
+            // Close the output stream
+            fclose($handle);
+        }, 200, [
+            'Content-Type' => 'text/csv',
+            'Content-Disposition'
+            => 'attachment; filename="custom-assets-report-'.date('Y-m-d-his').'.csv"',
+        ]);
+
+        return $response;
 
-        // spit out a csv
-        if (array_filter($rows)) {
-            $csv      = implode($rows, "\n");
-            $response = Response::make($csv, 200);
-            $response->header('Content-Type', 'text/csv');
-            $response->header('Content-disposition', 'attachment;filename='.date('Y-m-d-His').'-custom-asset-report.csv');
 
-            return $response;
-        } else {
-            return redirect()->to("reports/custom")
-                ->with('error', trans('admin/reports/message.error'));
-        }
     }
 
 

app/Http/Controllers/SettingsController.php

@@ -21,6 +21,8 @@ use App\Models\User;
 use App\Http\Requests\SetupUserRequest;
 use App\Http\Requests\ImageUploadRequest;
 use App\Http\Requests\SettingsLdapRequest;
+use App\Helpers\Helper;
+use App\Notifications\FirstAdminNotification;
 
 /**
  * This controller handles all actions related to Settings for
@@ -56,9 +58,10 @@ class SettingsController extends Controller
 
         $protocol = array_key_exists('HTTPS', $_SERVER) && ( $_SERVER['HTTPS'] == "on") ? 'https://' : 'http://';
 
-        $host = $_SERVER['SERVER_NAME'];
-        if (($protocol === 'http://' && $_SERVER['SERVER_PORT'] != '80') || ($protocol === 'https://' && $_SERVER['SERVER_PORT'] != '443')) {
-            $host .= ':' . $_SERVER['SERVER_PORT'];
+        $host = array_key_exists('SERVER_NAME', $_SERVER) ? $_SERVER['SERVER_NAME'] : null;
+        $port = array_key_exists('SERVER_PORT', $_SERVER) ? $_SERVER['SERVER_PORT'] : null;
+        if (($protocol === 'http://' && $port != '80') || ($protocol === 'https://' && $port != '443')) {
+            $host .= ':' . $port;
         }
         $pageURL = $protocol . $host . $_SERVER['REQUEST_URI'];
 
@@ -66,7 +69,7 @@ class SettingsController extends Controller
 
         $start_settings['url_config'] = url('/');
         $start_settings['real_url'] = $pageURL;
-        
+
         // Curl the .env file to make sure it's not accessible via a browser
         $ch = curl_init($protocol . $host.'/.env');
         curl_setopt($ch, CURLOPT_HEADER, true);    // we want headers
@@ -136,28 +139,6 @@ class SettingsController extends Controller
         ->with('section', 'Pre-Flight Check');
     }
 
-    /**
-    * Test the email configuration
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v3.0]
-    * @return Redirect
-    */
-    public function ajaxTestEmail()
-    {
-
-        try {
-            Mail::send('emails.test', [], function ($m) {
-                $m->to(config('mail.from.address'), config('mail.from.name'));
-                $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
-                $m->subject(trans('mail.test_email'));
-            });
-            return 'success';
-        } catch (Exception $e) {
-            return 'error';
-        }
-
-    }
 
     /**
     * Save the first admin user from Setup.
@@ -171,28 +152,31 @@ class SettingsController extends Controller
 
 
         $user = new User;
-        $user->first_name  = $data['first_name']= e(Input::get('first_name'));
-        $user->last_name = e(Input::get('last_name'));
-        $user->email = $data['email'] = e(Input::get('email'));
+        $user->first_name  = $data['first_name']= $request->input('first_name');
+        $user->last_name = $request->input('last_name');
+        $user->email = $data['email'] = $request->input('email');
         $user->activated = 1;
         $permissions = array('superuser' => 1);
         $user->permissions = json_encode($permissions);
-        $user->username = $data['username'] = e(Input::get('username'));
-        $user->password = bcrypt(Input::get('password'));
-        $data['password'] =  Input::get('password');
+        $user->username = $data['username'] = $request->input('username');
+        $user->password = bcrypt($request->input('password'));
+        $data['password'] =  $request->input('password');
 
         $settings = new Setting;
-        $settings->site_name = e(Input::get('site_name'));
-        $settings->alert_email = e(Input::get('email'));
+        $settings->full_multiple_companies_support = $request->input('full_multiple_companies_support', 0);
+        $settings->site_name = $request->input('site_name');
+        $settings->alert_email = $request->input('email');
         $settings->alerts_enabled = 1;
         $settings->pwd_secure_min = 10;
         $settings->brand = 1;
-        $settings->locale = 'en';
-        $settings->default_currency = 'USD';
+        $settings->locale = $request->input('locale', 'en');
+        $settings->default_currency = $request->input('default_currency', "USD");
         $settings->user_id = 1;
-        $settings->email_domain = e(Input::get('email_domain'));
-        $settings->email_format = e(Input::get('email_format'));
+        $settings->email_domain = $request->input('email_domain');
+        $settings->email_format = $request->input('email_format');
         $settings->next_auto_tag_base = 1;
+        $settings->auto_increment_assets = $request->input('auto_increment_assets', 0);
+        $settings->auto_increment_prefix = $request->input('auto_increment_prefix');
 
 
         if ((!$user->isValid()) || (!$settings->isValid())) {
@@ -203,11 +187,19 @@ class SettingsController extends Controller
             $settings->save();
 
             if (Input::get('email_creds')=='1') {
-                Mail::send(['text' => 'emails.firstadmin'], $data, function ($m) use ($data) {
+                $data = array();
+                $data['email'] = $user->email;
+                $data['username'] = $user->username;
+                $data['first_name'] = $user->first_name;
+                $data['last_name'] = $user->last_name;
+                $data['password'] = $request->input('password');
+                $user->notify(new FirstAdminNotification($data));
+
+                /*Mail::send(['text' => 'emails.firstadmin'], $data, function ($m) use ($data) {
                     $m->to($data['email'], $data['first_name']);
                     $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
                     $m->subject(trans('mail.your_credentials'));
-                });
+                });*/
             }
 
 
@@ -263,8 +255,8 @@ class SettingsController extends Controller
         $output = Artisan::output();
 
         if ((!file_exists(storage_path().'/oauth-private.key')) || (!file_exists(storage_path().'/oauth-public.key'))) {
-            Artisan::call('passport:install');
             Artisan::call('migrate', ['--force' => true]);
+            Artisan::call('passport:install');
         }
 
 
@@ -332,15 +324,31 @@ class SettingsController extends Controller
             return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
         }
 
+        $setting->modellist_displays = '';
+
+        if (($request->has('show_in_model_list')) && (count($request->input('show_in_model_list')) > 0))
+        {
+            $setting->modellist_displays = implode(',', $request->input('show_in_model_list'));
+        }
+
+
         $setting->full_multiple_companies_support = $request->input('full_multiple_companies_support', '0');
         $setting->load_remote = $request->input('load_remote', '0');
+        $setting->unique_serial = $request->input('unique_serial', '0');
+        $setting->show_images_in_email = $request->input('show_images_in_email', '0');
+        $setting->show_archived_in_list = $request->input('show_archived_in_list', '0');
+        $setting->dashboard_message = $request->input('dashboard_message');
         $setting->email_domain = $request->input('email_domain');
         $setting->email_format = $request->input('email_format');
         $setting->username_format = $request->input('username_format');
         $setting->require_accept_signature = $request->input('require_accept_signature');
-        $setting->login_note = $request->input('login_note');
+        if (!config('app.lock_passwords')) {
+            $setting->login_note = $request->input('login_note');
+        }
+
         $setting->default_eula_text = $request->input('default_eula_text');
         $setting->thumbnail_max_h = $request->input('thumbnail_max_h');
+        $setting->privacy_policy_link = $request->input('privacy_policy_link');
 
         if (Input::get('per_page')!='') {
             $setting->per_page = $request->input('per_page');
@@ -388,6 +396,11 @@ class SettingsController extends Controller
 
         $setting->brand = $request->input('brand', '1');
         $setting->header_color = $request->input('header_color');
+        $setting->support_footer = $request->input('support_footer');
+        $setting->version_footer = $request->input('version_footer');
+        $setting->footer_text = $request->input('footer_text');
+        $setting->skin = $request->input('skin');
+        $setting->show_url_in_emails = $request->input('show_url_in_emails', '0');
 
 
         // Only allow the site name and CSS to be changed if lock_passwords is false
@@ -411,7 +424,7 @@ class SettingsController extends Controller
                 $file_name = "logo.".$image->getClientOriginalExtension();
                 $path = public_path('uploads');
                 if ($image->getClientOriginalExtension()!='svg') {
-                    Image::make($image->getRealPath())->resize(null, 40, function ($constraint) {
+                    Image::make($image->getRealPath())->resize(null, 150, function ($constraint) {
                         $constraint->aspectRatio();
                         $constraint->upsize();
                     })->save($path.'/'.$file_name);
@@ -467,6 +480,11 @@ class SettingsController extends Controller
                 $setting->two_factor_enabled = null;
             } else {
                 $setting->two_factor_enabled = $request->input('two_factor_enabled');
+
+                # remote user login
+                $setting->login_remote_user_enabled = (int)$request->input('login_remote_user_enabled');
+                $setting->login_common_disabled= (int)$request->input('login_common_disabled');
+                $setting->login_remote_user_custom_logout_url = $request->input('login_remote_user_custom_logout_url');
             }
 
         }
@@ -475,6 +493,7 @@ class SettingsController extends Controller
         $setting->pwd_secure_min = (int) $request->input('pwd_secure_min');
         $setting->pwd_secure_complexity = '';
 
+
         if ($request->has('pwd_secure_complexity')) {
             $setting->pwd_secure_complexity =  implode('|', $request->input('pwd_secure_complexity'));
         }
@@ -562,13 +581,17 @@ class SettingsController extends Controller
 
         $alert_email = rtrim($request->input('alert_email'), ',');
         $alert_email = trim($alert_email);
+        $admin_cc_email = rtrim($request->input('admin_cc_email'), ',');
+        $admin_cc_email = trim($admin_cc_email);
 
         $setting->alert_email = $alert_email;
+        $setting->admin_cc_email = $admin_cc_email;
         $setting->alerts_enabled = $request->input('alerts_enabled', '0');
         $setting->alert_interval = $request->input('alert_interval');
         $setting->alert_threshold = $request->input('alert_threshold');
         $setting->audit_interval = $request->input('audit_interval');
         $setting->audit_warning_days = $request->input('audit_warning_days');
+        $setting->show_alerts_in_menu = $request->input('show_alerts_in_menu', '0');
 
         if ($setting->save()) {
             return redirect()->route('settings.index')
@@ -764,6 +787,7 @@ class SettingsController extends Controller
         $setting->labels_fontsize = $request->input('labels_fontsize');
         $setting->labels_pagewidth = $request->input('labels_pagewidth');
         $setting->labels_pageheight = $request->input('labels_pageheight');
+        $setting->labels_display_company_name = $request->input('labels_display_company_name', '0');
 
 
 
@@ -783,7 +807,13 @@ class SettingsController extends Controller
             $setting->labels_display_tag = 1;
         } else {
             $setting->labels_display_tag = 0;
-        }
+	}
+
+	 if (Input::has('labels_display_tag')) {
+             $setting->labels_display_tag = 1;
+         } else {
+             $setting->labels_display_tag = 0;
+         }
 
         if ($setting->save()) {
             return redirect()->route('settings.index')
@@ -843,6 +873,7 @@ class SettingsController extends Controller
         $setting->is_ad = $request->input('is_ad', '0');
         $setting->ldap_tls = $request->input('ldap_tls', '0');
         $setting->ldap_pw_sync = $request->input('ldap_pw_sync', '0');
+        $setting->custom_forgot_pass_url = $request->input('custom_forgot_pass_url');
 
         if ($setting->save()) {
             return redirect()->route('settings.index')
@@ -904,12 +935,30 @@ class SettingsController extends Controller
 
     public function postBackups()
     {
+
         if (!config('app.lock_passwords')) {
             Artisan::call('backup:run');
-            return redirect()->route('settings.backups.index')->with('success', trans('admin/settings/message.backup.generated'));
-        } else {
-            return redirect()->to("settings.backups.index")->with('error', trans('general.feature_disabled'));
-        }
+            $output = Artisan::output();
+
+            // Backup completed
+            if (!preg_match('/failed/', $output)) {
+                return redirect()->route('settings.backups.index')
+                    ->with('success', trans('admin/settings/message.backup.generated'));
+            }
+
+
+            $formatted_output = str_replace('Backup completed!', '', $output);
+            $output_split = explode('...', $formatted_output);
+
+            if (array_key_exists(2, $output_split)) {
+                return redirect()->route("settings.backups.index")->with('error', $output_split[2]);
+            }
+            return redirect()->route("settings.backups.index")->with('error', $formatted_output);
+
+            }
+        return redirect()->route("settings.backups.index")->with('error', trans('general.feature_disabled'));
+
+
 
 
     }
@@ -992,6 +1041,8 @@ class SettingsController extends Controller
     {
         if (!config('app.lock_passwords')) {
             if (Input::get('confirm_purge')=='DELETE') {
+                // Run a backup immediately before processing
+                Artisan::call('backup:run');
                 Artisan::call('snipeit:purge', ['--force'=>'true','--no-interaction'=>true]);
                 $output = Artisan::output();
                 return view('settings/purge')
@@ -1018,4 +1069,28 @@ class SettingsController extends Controller
     public function api() {
         return view('settings.api');
     }
+
+
+
+    /**
+     * Test the email configuration
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return Redirect
+     */
+    public function ajaxTestEmail()
+    {
+        try {
+            Mail::send('emails.test', [], function ($m) {
+                $m->to(config('mail.from.address'), config('mail.from.name'));
+                $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                $m->subject(trans('mail.test_email'));
+            });
+            return response()->json(Helper::formatStandardApiResponse('success', null, 'Maiol sent!'));
+        } catch (Exception $e) {
+            return response()->json(Helper::formatStandardApiResponse('success', null, $e->getMessage()));
+        }
+
+    }
 }

app/Http/Controllers/StatuslabelsController.php

@@ -32,18 +32,18 @@ class StatuslabelsController extends Controller
 
     public function index()
     {
-        return view('statuslabels/index', compact('statuslabels'));
+        $this->authorize('view', Statuslabel::class);
+        return view('statuslabels.index', compact('statuslabels'));
     }
 
     public function show($id)
     {
-        $statuslabel = Statuslabel::find($id);
-
-        if (isset($statuslabel->id)) {
-            return view('statuslabels/view', compact('statuslabel'));
+        $this->authorize('view', Statuslabel::class);
+        if ($statuslabel = Statuslabel::find($id)) {
+            return view('statuslabels.view')->with('statuslabel', $statuslabel);
         }
 
-        return redirect()->route('statuslabels.index')->with('error', trans('admin/locations/message.does_not_exist', compact('id')));
+        return redirect()->route('statuslabels.index')->with('error', trans('admin/statuslabels/message.does_not_exist', compact('id')));
     }
 
 
@@ -56,6 +56,7 @@ class StatuslabelsController extends Controller
     public function create()
     {
         // Show the page
+        $this->authorize('create', Statuslabel::class);
         $item = new Statuslabel;
         $use_statuslabel_type = $item->getStatuslabelType();
         $statuslabel_types = Helper::statusTypeList();
@@ -73,6 +74,7 @@ class StatuslabelsController extends Controller
     public function store(Request $request)
     {
 
+        $this->authorize('create', Statuslabel::class);
         // create a new model instance
         $statusLabel = new Statuslabel();
 
@@ -91,9 +93,9 @@ class StatuslabelsController extends Controller
         $statusLabel->archived          =  $statusType['archived'];
         $statusLabel->color             =  Input::get('color');
         $statusLabel->show_in_nav       =  Input::get('show_in_nav', 0);
+        $statusLabel->default_label       =  Input::get('default_label', 0);
 
 
-        // Was the asset created?
         if ($statusLabel->save()) {
             // Redirect to the new Statuslabel  page
             return redirect()->route('statuslabels.index')->with('success', trans('admin/statuslabels/message.create.success'));
@@ -101,35 +103,6 @@ class StatuslabelsController extends Controller
         return redirect()->back()->withInput()->withErrors($statusLabel->getErrors());
     }
 
-    /**
-     * @param Request $request
-     * @return JsonResponse
-     */
-    public function apiStore(Request $request)
-    {
-        $statuslabel = new Statuslabel();
-        if (!$request->has('statuslabel_types')) {
-            return JsonResponse::create(["error" => trans('validation.statuslabel_type')], 500);
-        }
-        $statustype = Statuslabel::getStatuslabelTypesForDB(Input::get('statuslabel_types'));
-        $statuslabel->name            = Input::get('name');
-        $statuslabel->user_id         = Auth::id();
-        $statuslabel->notes           =  '';
-        $statuslabel->deployable      =  $statustype['deployable'];
-        $statuslabel->pending         =  $statustype['pending'];
-        $statuslabel->archived        =  $statustype['archived'];
-
-
-        if ($statuslabel->isValid()) {
-            $statuslabel->save();
-            // Redirect to the new Statuslabel  page
-            return JsonResponse::create($statuslabel);
-        }
-        return JsonResponse::create(["error" => $statuslabel->getErrors()->first()], 500);
-
-    }
-
-
     /**
      * Statuslabel update.
      *
@@ -138,6 +111,7 @@ class StatuslabelsController extends Controller
      */
     public function edit($statuslabelId = null)
     {
+        $this->authorize('update', Statuslabel::class);
         // Check if the Statuslabel exists
         if (is_null($item = Statuslabel::find($statuslabelId))) {
             // Redirect to the blogs management page
@@ -160,6 +134,7 @@ class StatuslabelsController extends Controller
      */
     public function update(Request $request, $statuslabelId = null)
     {
+        $this->authorize('update', Statuslabel::class);
         // Check if the Statuslabel exists
         if (is_null($statuslabel = Statuslabel::find($statuslabelId))) {
             // Redirect to the blogs management page
@@ -180,6 +155,7 @@ class StatuslabelsController extends Controller
         $statuslabel->archived          =  $statustype['archived'];
         $statuslabel->color          =  Input::get('color');
         $statuslabel->show_in_nav          =  Input::get('show_in_nav', 0);
+        $statuslabel->default_label          =  Input::get('default_label', 0);
 
 
         // Was the asset created?
@@ -198,19 +174,18 @@ class StatuslabelsController extends Controller
      */
     public function destroy($statuslabelId)
     {
+        $this->authorize('delete', Statuslabel::class);
         // Check if the Statuslabel exists
         if (is_null($statuslabel = Statuslabel::find($statuslabelId))) {
-            // Redirect to the blogs management page
             return redirect()->route('statuslabels.index')->with('error', trans('admin/statuslabels/message.not_found'));
         }
 
-
-        if ($statuslabel->has_assets() == 0) {
+        // Check that there are no assets associated
+        if ($statuslabel->assets()->count() == 0) {
             $statuslabel->delete();
-            // Redirect to the statuslabels management page
             return redirect()->route('statuslabels.index')->with('success', trans('admin/statuslabels/message.delete.success'));
         }
-        // Redirect to the asset management page
+
         return redirect()->route('statuslabels.index')->with('error', trans('admin/statuslabels/message.assoc_assets'));
     }
 

app/Http/Controllers/SuppliersController.php

@@ -13,6 +13,7 @@ use Str;
 use View;
 use Auth;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
 
 use Symfony\Component\HttpFoundation\JsonResponse;
 
@@ -32,6 +33,7 @@ class SuppliersController extends Controller
     public function index()
     {
         // Grab all the suppliers
+        $this->authorize('view', Supplier::class);
         $suppliers = Supplier::orderBy('created_at', 'DESC')->get();
 
         // Show the page
@@ -46,6 +48,7 @@ class SuppliersController extends Controller
      */
     public function create()
     {
+        $this->authorize('create', Supplier::class);
         return view('suppliers/edit')->with('item', new Supplier);
     }
 
@@ -56,8 +59,9 @@ class SuppliersController extends Controller
      * @param Request $request
      * @return \Illuminate\Http\RedirectResponse
      */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
     {
+        $this->authorize('create', Supplier::class);
         // Create a new supplier
         $supplier = new Supplier;
         // Save the location data
@@ -76,41 +80,23 @@ class SuppliersController extends Controller
         $supplier->url                  = $supplier->addhttp(request('url'));
         $supplier->user_id              = Auth::id();
 
-        if (Input::file('image')) {
+        if ($request->file('image')) {
             $image = $request->file('image');
             $file_name = str_random(25).".".$image->getClientOriginalExtension();
             $path = public_path('uploads/suppliers/'.$file_name);
-            Image::make($image->getRealPath())->resize(300, null, function ($constraint) {
+            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
                 $constraint->aspectRatio();
                 $constraint->upsize();
             })->save($path);
-                $supplier->image = $file_name;
+            $supplier->image = $file_name;
         }
 
-            // Was it created?
         if ($supplier->save()) {
-          // Redirect to the new supplier  page
             return redirect()->route('suppliers.index')->with('success', trans('admin/suppliers/message.create.success'));
         }
         return redirect()->back()->withInput()->withErrors($supplier->getErrors());
     }
 
-    /**
-     * @param Request $request
-     * @return JsonResponse
-     */
-    public function apiStore(Request $request)
-    {
-        $supplier = new Supplier;
-        $supplier->name =  $request->input('name');
-        $supplier->user_id              = Auth::id();
-
-        if ($supplier->save()) {
-            return JsonResponse::create($supplier);
-        }
-        return JsonResponse::create(["error" => "Failed validation: ".print_r($supplier->getErrors(), true)], 500);
-    }
-
     /**
      * Supplier update.
      *
@@ -119,6 +105,7 @@ class SuppliersController extends Controller
      */
     public function edit($supplierId = null)
     {
+        $this->authorize('edit', Supplier::class);
         // Check if the supplier exists
         if (is_null($item = Supplier::find($supplierId))) {
             // Redirect to the supplier  page
@@ -136,8 +123,9 @@ class SuppliersController extends Controller
      * @param  int  $supplierId
      * @return \Illuminate\Http\RedirectResponse
      */
-    public function update($supplierId = null, Request $request)
+    public function update($supplierId = null, ImageUploadRequest $request)
     {
+        $this->authorize('edit', Supplier::class);
         // Check if the supplier exists
         if (is_null($supplier = Supplier::find($supplierId))) {
             // Redirect to the supplier  page
@@ -159,21 +147,39 @@ class SuppliersController extends Controller
         $supplier->url                  = $supplier->addhttp(request('url'));
         $supplier->notes                = request('notes');
 
-        if (Input::file('image')) {
-            $image = $request->file('image');
-            $file_name = str_random(25).".".$image->getClientOriginalExtension();
-            $path = public_path('uploads/suppliers/'.$file_name);
-            Image::make($image->getRealPath())->resize(300, null, function ($constraint) {
-                $constraint->aspectRatio();
-                $constraint->upsize();
-            })->save($path);
-            $supplier->image = $file_name;
-        }
 
-        if (request('image_delete') == 1 && $request->file('image') == "") {
+        $old_image = $supplier->image;
+
+        // Set the model's image property to null if the image is being deleted
+        if ($request->input('image_delete') == 1) {
             $supplier->image = null;
         }
 
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = $supplier->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
+
+            if ($image->getClientOriginalExtension()!='svg') {
+                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                    $constraint->aspectRatio();
+                    $constraint->upsize();
+                })->save(app('suppliers_upload_path').$file_name);
+            } else {
+                $image->move(app('suppliers_upload_path'), $file_name);
+            }
+            $supplier->image = $file_name;
+
+        }
+
+        if ((($request->file('image')) && (isset($old_image)) && ($old_image!='')) || ($request->input('image_delete') == 1)) {
+            try  {
+                unlink(app('suppliers_upload_path').$old_image);
+            } catch (\Exception $e) {
+                \Log::error($e);
+            }
+        }
+
+
         if ($supplier->save()) {
             return redirect()->route('suppliers.index')->with('success', trans('admin/suppliers/message.update.success'));
         }
@@ -190,23 +196,30 @@ class SuppliersController extends Controller
      */
     public function destroy($supplierId)
     {
-        // Check if the supplier exists
-        if (is_null($supplier = Supplier::find($supplierId))) {
-            // Redirect to the suppliers page
+        $this->authorize('delete', Supplier::class);
+        if (is_null($supplier = Supplier::with('asset_maintenances', 'assets', 'licenses')->withCount('asset_maintenances','assets','licenses')->find($supplierId))) {
             return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.not_found'));
         }
 
-        if ($supplier->num_assets() == 0) {
-            // Delete the supplier
-            $supplier->delete();
-            // Redirect to the suppliers management page
-            return redirect()->route('suppliers.index')->with(
-                'success',
-                trans('admin/suppliers/message.delete.success')
-            );
+
+        if ($supplier->assets_count > 0) {
+            return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.delete.assoc_assets', ['asset_count' => (int) $supplier->assets_count]));
         }
-        // Redirect to the asset management page
-        return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.assoc_users'));
+
+        if ($supplier->asset_maintenances_count > 0) {
+            return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.delete.assoc_maintenances', ['asset_maintenances_count' => $supplier->asset_maintenances_count]));
+        }
+
+        if ($supplier->licenses_count > 0) {
+            return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.delete.assoc_licenses', ['licenses_count' => (int) $supplier->licenses_count]));
+        }
+
+        $supplier->delete();
+        return redirect()->route('suppliers.index')->with('success',
+            trans('admin/suppliers/message.delete.success')
+        );
+
+
     }
 
 
@@ -228,7 +241,7 @@ class SuppliersController extends Controller
         $error = trans('admin/suppliers/message.does_not_exist', compact('id'));
 
         // Redirect to the user management page
-        return redirect()->route('suppliers')->with('error', $error);
+        return redirect()->route('suppliers.index')->with('error', $error);
     }
 
 }

app/Http/Controllers/UsersController.php

@@ -1,26 +1,30 @@
 <?php
 namespace App\Http\Controllers;
 
-use App\Http\Requests\AssetFileRequest;
 use App\Helpers\Helper;
+use App\Http\Requests\AssetFileRequest;
+use App\Http\Requests\SaveUserRequest;
 use App\Models\Accessory;
-use App\Models\LicenseSeat;
 use App\Models\Actionlog;
 use App\Models\Asset;
-use App\Models\Group;
 use App\Models\Company;
-use App\Models\Location;
-use App\Models\License;
-use App\Models\Setting;
-use App\Http\Requests\SaveUserRequest;
-use Symfony\Component\HttpFoundation\StreamedResponse;
-use App\Models\User;
+use App\Models\Group;
 use App\Models\Ldap;
+use App\Models\License;
+use App\Models\LicenseSeat;
+use App\Models\Location;
+use App\Models\Setting;
+use App\Models\User;
+use App\Notifications\WelcomeNotification;
+use Artisan;
 use Auth;
 use Config;
 use Crypt;
 use DB;
+use Gate;
 use HTML;
+use Illuminate\Database\Eloquent\ModelNotFoundException;
+use Illuminate\Http\Request;
 use Input;
 use Lang;
 use League\Csv\Reader;
@@ -29,10 +33,9 @@ use Redirect;
 use Response;
 use Str;
 use Symfony\Component\HttpFoundation\JsonResponse;
+use Symfony\Component\HttpFoundation\StreamedResponse;
 use URL;
 use View;
-use Illuminate\Http\Request;
-use Gate;
 
 /**
  * This controller handles all actions related to Users for
@@ -84,10 +87,6 @@ class UsersController extends Controller
         $permissions = $this->filterDisplayable($permissions);
 
         return view('users/edit', compact('groups', 'userGroups', 'permissions', 'userPermissions'))
-        ->with('location_list', Helper::locationsList())
-        ->with('manager_list', Helper::managerList())
-        ->with('company_list', Helper::companyList())
-        ->with('department_list', Helper::departmentList())
         ->with('user', new User);
     }
 
@@ -109,7 +108,6 @@ class UsersController extends Controller
             $user->password = bcrypt($request->input('password'));
             $data['password'] =  $request->input('password');
         }
-        // Update the user
         $user->first_name = $request->input('first_name');
         $user->last_name = $request->input('last_name');
         $user->locale = $request->input('locale');
@@ -122,6 +120,11 @@ class UsersController extends Controller
         $user->company_id = Company::getIdForUser($request->input('company_id', null));
         $user->manager_id = $request->input('manager_id', null);
         $user->notes = $request->input('notes');
+        $user->address = $request->input('address', null);
+        $user->city = $request->input('city', null);
+        $user->state = $request->input('state', null);
+        $user->country = $request->input('country', null);
+        $user->zip = $request->input('zip', null);
 
         // Strip out the superuser permission if the user isn't a superadmin
         $permissions_array = $request->input('permission');
@@ -145,78 +148,23 @@ class UsersController extends Controller
                 $data['email'] = e($request->input('email'));
                 $data['username'] = e($request->input('username'));
                 $data['first_name'] = e($request->input('first_name'));
+                $data['last_name'] = e($request->input('last_name'));
                 $data['password'] = e($request->input('password'));
 
-                Mail::send('emails.send-login', $data, function ($m) use ($user) {
+                $user->notify(new WelcomeNotification($data));
+
+/*                Mail::send('emails.send-login', $data, function ($m) use ($user) {
                     $m->to($user->email, $user->first_name . ' ' . $user->last_name);
                     $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
                     $m->subject(trans('mail.welcome', ['name' => $user->first_name]));
-                });
+                });*/
             }
             return redirect::route('users.index')->with('success', trans('admin/users/message.success.create'));
         }
         return redirect()->back()->withInput()->withErrors($user->getErrors());
     }
 
-    /**
-    * JSON handler for creating a user through a modal popup
-    *
-    * @todo Handle validation more graciously
-    * @author [B. Wetherington] [<uberbrady@gmail.com>]
-    * @since [v1.8]
-    * @return string JSON
-    */
-    public function apiStore(SaveUserRequest $request)
-    {
-        $this->authorize('create', User::class);
 
-        $user = new User;
-        $inputs = Input::except('csrf_token', 'password_confirm', 'groups', 'email_user');
-        $inputs['activated'] = true;
-
-        $user->first_name = $request->input('first_name');
-        $user->last_name = $request->input('last_name');
-        $user->username = $request->input('username');
-        $user->email = $request->input('email');
-        $user->department_id = $request->input('department_id', null);
-        if ($request->has('password')) {
-            $user->password = bcrypt($request->input('password'));
-        }
-        $user->activated = true;
-
-        // Was the user created?
-        if ($user->save()) {
-
-            if (Input::get('email_user') == 1) {
-                // Send the credentials through email
-                $data = array();
-                $data['email'] = $request->input('email');
-                $data['first_name'] = $request->input('first_name');
-                $data['last_name'] = $request->input('last_name');
-                $data['password'] = $request->input('password');
-
-                Mail::send('emails.send-login', $data, function ($m) use ($user) {
-                    $m->to($user->email, $user->first_name . ' ' . $user->last_name);
-                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
-                    $m->subject(trans('mail.welcome', ['name' => $user->first_name]));
-                });
-            }
-
-            return JsonResponse::create($user);
-
-        }
-        return JsonResponse::create(["error" => "Failed validation: " . print_r($user->getErrors(), true)], 500);
-    }
-
-    /**
-     * Returns a view that displays the edit user form
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v1.0]
-     * @param $permissions
-     * @return View
-     * @internal param int $id
-     */
 
     private function filterDisplayable($permissions)
     {
@@ -229,11 +177,20 @@ class UsersController extends Controller
         return $output;
     }
 
+    /**
+     * Returns a view that displays the edit user form
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param $permissions
+     * @return View
+     * @internal param int $id
+     */
     public function edit($id)
     {
-        try {
 
-            $user = User::find($id);
+        if ($user =  User::find($id)) {
+
             $this->authorize('update', $user);
             $permissions = config('permissions');
 
@@ -243,19 +200,14 @@ class UsersController extends Controller
             $user->permissions = $user->decodePermissions();
             $userPermissions = Helper::selectedPermissionsArray($permissions, $user->permissions);
             $permissions = $this->filterDisplayable($permissions);
-            
-        } catch (UserNotFoundException $e) {
 
-            $error = trans('admin/users/message.user_not_found', compact('id'));
-            return redirect()->route('users.index')->with('error', $error);
+            return view('users/edit', compact('user', 'groups', 'userGroups', 'permissions', 'userPermissions'))->with('item', $user);
         }
 
-        // Show the page
-        return view('users/edit', compact('user', 'groups', 'userGroups', 'permissions', 'userPermissions'))
-            ->with('location_list', Helper::locationsList())
-            ->with('department_list', Helper::departmentList())
-            ->with('company_list', Helper::companyList())
-            ->with('manager_list', Helper::managerList());
+        $error = trans('admin/users/message.user_not_found', compact('id'));
+        return redirect()->route('users.index')->with('error', $error);
+
+
     }
 
     /**
@@ -281,6 +233,10 @@ class UsersController extends Controller
         try {
 
             $user = User::find($id);
+
+            if ($user->id == $request->input('manager_id')) {
+                return redirect()->back()->withInput()->with('error', 'You cannot be your own manager.');
+            }
             $this->authorize('update', $user);
             // Figure out of this user was an admin before this edit
             $orig_permissions_array = $user->decodePermissions();
@@ -319,16 +275,26 @@ class UsersController extends Controller
         $user->two_factor_optin = $request->input('two_factor_optin') ?: 0;
         $user->locale = $request->input('locale');
         $user->employee_num = $request->input('employee_num');
-        $user->activated = $request->input('activated', $user->activated);
-        $user->jobtitle = $request->input('jobtitle');
+        $user->activated = $request->input('activated', 0);
+        $user->jobtitle = $request->input('jobtitle', null);
         $user->phone = $request->input('phone');
         $user->location_id = $request->input('location_id', null);
         $user->company_id = Company::getIdForUser($request->input('company_id', null));
         $user->manager_id = $request->input('manager_id', null);
         $user->notes = $request->input('notes');
         $user->department_id = $request->input('department_id', null);
+        $user->address = $request->input('address', null);
+        $user->city = $request->input('city', null);
+        $user->state = $request->input('state', null);
+        $user->country = $request->input('country', null);
+        $user->activated = $request->input('activated', 0);
+        $user->zip = $request->input('zip', null);
 
 
+        // Update the location of any assets checked out to this user
+        Asset::where('assigned_type', User::class)
+            ->where('assigned_to', $user->id)->update(['location_id' => $request->input('location_id', null)]);
+
         // Do we want to update the user password?
         if ($request->has('password')) {
             $user->password = bcrypt($request->input('password'));
@@ -366,18 +332,24 @@ class UsersController extends Controller
     {
         try {
             // Get user information
-            $user = User::find($id);
+            $user = User::findOrFail($id);
             // Authorize takes care of many of our logic checks now.
             $this->authorize('delete', User::class);
 
-            if ($user->assets()->count() > 0) {
+            // Check if we are not trying to delete ourselves
+            if ($user->id === Auth::user()->id) {
                 // Redirect to the user management page
                 return redirect()->route('users.index')->with('error', 'This user still has ' . $user->assets()->count() . ' assets associated with them.');
             }
 
+            if ($user->assets->count() > 0) {
+                // Redirect to the user management page
+                return redirect()->route('users.index')->with('error', 'This user still has ' . count($user->assets->count()) . ' assets associated with them.');
+            }
+
             if ($user->licenses()->count() > 0) {
                 // Redirect to the user management page
-                return redirect()->route('users.index')->with('error', 'This user still has ' . $user->licenses()->count() . ' licenses associated with them.');
+                return redirect()->route('users.index')->with('error', 'This user still has ' . $user->assets()->count() . ' assets associated with them.');
             }
 
             if ($user->accessories()->count() > 0) {
@@ -398,7 +370,7 @@ class UsersController extends Controller
 
             // Redirect to the user management page
             return redirect()->route('users.index')->with('success', $success);
-        } catch (UserNotFoundException $e) {
+        } catch (ModelNotFoundException $e) {
             // Prepare the error message
             $error = trans('admin/users/message.user_not_found', compact('id'));
             // Redirect to the user management page
@@ -416,28 +388,19 @@ class UsersController extends Controller
     public function postBulkEdit(Request $request)
     {
         $this->authorize('update', User::class);
-        if ((!Input::has('ids')) || (count(Input::has('ids')) == 0)) {
-            return redirect()->back()->with('error', 'No users selected');
-        } else {
 
+        if (($request->has('ids')) && (count($request->input('ids')) > 0)) {
             $statuslabel_list = Helper::statusLabelList();
             $user_raw_array = array_keys(Input::get('ids'));
-            $licenses = DB::table('license_seats')->whereIn('assigned_to', $user_raw_array)->get();
-
             $users = User::whereIn('id', $user_raw_array)->with('groups', 'assets', 'licenses', 'accessories')->get();
-            if ($request->input('bulk_actions')=='edit') {
-
+            if ($request->input('bulk_actions') == 'edit') {
                 return view('users/bulk-edit', compact('users'))
-                    ->with('location_list', Helper::locationsList())
-                    ->with('company_list', Helper::companyList())
-                    ->with('manager_list', Helper::managerList())
-                    ->with('manager_list', Helper::managerList())
-                    ->with('department_list', Helper::departmentList())
                     ->with('groups', Group::pluck('name', 'id'));
             }
-
             return view('users/confirm-bulk-delete', compact('users', 'statuslabel_list'));
         }
+
+        return redirect()->back()->with('error', 'No users selected');
     }
 
 
@@ -451,15 +414,13 @@ class UsersController extends Controller
     public function postBulkEditSave(Request $request)
     {
         $this->authorize('update', User::class);
-        if ((!Input::has('ids')) || (count(Input::has('ids')) == 0)) {
-            return redirect()->back()->with('error', 'No users selected');
-        } else {
 
-            $user_raw_array = Input::get('ids');
+        if (($request->has('ids')) && (count($request->input('ids')) > 0)) {
+
+            $user_raw_array = $request->input('ids');
             $update_array = array();
             $manager_conflict = false;
-
-            $users = User::whereIn('id', $user_raw_array)->where('id','!=',Auth::user()->id)->get();
+            $users = User::whereIn('id', $user_raw_array)->where('id', '!=', Auth::user()->id)->get();
 
             if ($request->has('location_id')) {
                 $update_array['location_id'] = $request->input('location_id');
@@ -470,6 +431,10 @@ class UsersController extends Controller
             if ($request->has('company_id')) {
                 $update_array['company_id'] = $request->input('company_id');
             }
+            if ($request->has('locale')) {
+                $update_array['locale'] = $request->input('locale');
+            }
+
 
             if ($request->has('manager_id')) {
 
@@ -477,7 +442,6 @@ class UsersController extends Controller
                 // edited.
                 if (!array_key_exists($request->input('manager_id'), $user_raw_array)) {
                     $update_array['manager_id'] = $request->input('manager_id');
-
                 } else {
                     $manager_conflict = true;
                 }
@@ -487,8 +451,9 @@ class UsersController extends Controller
                 $update_array['activated'] = $request->input('activated');
             }
 
+            // Save the updated info
             if (count($update_array) > 0) {
-                User::whereIn('id', $user_raw_array)->where('id','!=',Auth::user()->id)->update($update_array);
+                User::whereIn('id', $user_raw_array)->where('id', '!=', Auth::user()->id)->update($update_array);
             }
 
             // Only sync groups if groups were selected
@@ -498,13 +463,17 @@ class UsersController extends Controller
                 }
             }
 
-        }
-        if ($manager_conflict) {
+            if ($manager_conflict) {
+                return redirect()->route('users.index')
+                    ->with('warning', trans('admin/users/message.bulk_manager_warn'));
+            }
+
             return redirect()->route('users.index')
-                ->with('warning', trans('admin/users/message.bulk_manager_warn'));
+                ->with('success', trans('admin/users/message.success.update_bulk'));
         }
-        return redirect()->route('users.index')
-            ->with('success', trans('admin/users/message.success.update_bulk'));
+
+        return redirect()->back()->with('error', 'No users selected');
+
 
 
     }
@@ -516,13 +485,13 @@ class UsersController extends Controller
     * @since [v1.0]
     * @return \Illuminate\Http\RedirectResponse
      */
-    public function postBulkSave()
+    public function postBulkSave(Request $request)
     {
         $this->authorize('update', User::class);
 
-        if ((!Input::has('ids')) || (count(Input::has('ids')) == 0)) {
+        if ((!$request->has('ids')) || (count($request->input('ids')) == 0)) {
             return redirect()->back()->with('error', 'No users selected');
-        } elseif ((!Input::has('status_id')) || (count(Input::has('status_id')) == 0)) {
+        } elseif ((!$request->has('status_id')) || ($request->input('status_id')=='')) {
             return redirect()->route('users.index')->with('error', 'No status selected');
         } else {
 
@@ -533,9 +502,6 @@ class UsersController extends Controller
                 unset($user_raw_array[$key]);
             }
 
-            if (!Auth::user()->isSuperUser()) {
-                return redirect()->route('users.index')->with('error', trans('admin/users/message.insufficient_permissions'));
-            }
 
             if (!config('app.lock_passwords')) {
 
@@ -721,7 +687,7 @@ class UsersController extends Controller
             $user->first_name = '';
             $user->last_name = '';
             $user->email = substr($user->email, ($pos = strpos($user->email, '@')) !== false ? $pos : 0);
-            ;
+
             $user->id = null;
 
             // Get this user groups
@@ -734,10 +700,6 @@ class UsersController extends Controller
 
             // Show the page
             return view('users/edit', compact('permissions', 'userPermissions'))
-                            ->with('location_list', Helper::locationsList())
-                            ->with('company_list', Helper::companyList())
-                            ->with('manager_list', Helper::managerList())
-                            ->with('department_list', Helper::departmentList())
                             ->with('user', $user)
                             ->with('groups', Group::pluck('name', 'id'))
                             ->with('userGroups', $userGroups)
@@ -750,125 +712,6 @@ class UsersController extends Controller
         }
     }
 
-    /**
-    * Return user import view
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v1.0]
-    * @return \Illuminate\Contracts\View\View
-     */
-    public function getImport()
-    {
-        $this->authorize('update', User::class);
-        // Selected groups
-        $selectedGroups = Input::old('groups', array());
-        // Get all the available permissions
-        $permissions = config('permissions');
-        $selectedPermissions = Input::old('permissions', array('superuser' => -1));
-        // Show the page
-        return view('users/import', compact('selectedGroups', 'permissions', 'selectedPermissions'));
-    }
-
-    /**
-    * Handle user import file
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v1.0]
-    * @return \Illuminate\Http\RedirectResponse
-     */
-    public function postImport()
-    {
-        $this->authorize('update', User::class);
-        if (!ini_get("auto_detect_line_endings")) {
-            ini_set("auto_detect_line_endings", '1');
-        }
-
-        $csv = Reader::createFromPath(Input::file('user_import_csv'));
-        $csv->setNewline("\r\n");
-
-        if (Input::get('has_headers') == 1) {
-            $csv->setOffset(1);
-        }
-
-        $duplicates = '';
-
-        $nbInsert = $csv->each(function ($row) use ($duplicates) {
-
-            if (array_key_exists(2, $row)) {
-
-                if (Input::get('activate') == 1) {
-                    $activated = '1';
-                } else {
-                    $activated = '0';
-                }
-
-                $pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 15);
-
-                // Location
-                if (array_key_exists('4', $row)) {
-                    $user_location_id = trim($row[4]);
-                    if ($user_location_id=='') {
-                        $user_location_id = null;
-                    }
-                }
-
-
-
-                try {
-                    // Check if this email already exists in the system
-                    $user = User::where('username', $row[2])->first();
-                    if ($user) {
-                        $duplicates .= $row[2] . ', ';
-                    } else {
-
-                        $newuser = array(
-                            'first_name' => trim(e($row[0])),
-                            'last_name' => trim(e($row[1])),
-                            'username' => trim(e($row[2])),
-                            'email' => trim(e($row[3])),
-                            'password' => bcrypt($pass),
-                            'activated' => $activated,
-                            'location_id' => trim(e($user_location_id)),
-                            'phone' => trim(e($row[5])),
-                            'jobtitle' => trim(e($row[6])),
-                            'employee_num' => trim(e($row[7])),
-                            'company_id' => Company::getIdForUser($row[8]),
-                            'permissions' => '{"user":1}',
-                            'notes' => 'Imported user'
-                        );
-                        //dd($newuser);
-
-                        DB::table('users')->insert($newuser);
-
-
-                        if (((Input::get('email_user') == 1) && !config('app.lock_passwords'))) {
-                            // Send the credentials through email
-                            if ($row[3] != '') {
-                                $data = array();
-                                $data['username'] = trim(e($row[2]));
-                                $data['first_name'] = trim(e($row[0]));
-                                $data['password'] = $pass;
-
-                                if ($newuser['email']) {
-                                    Mail::send('emails.send-login', $data, function ($m) use ($newuser) {
-                                        $m->to($newuser['email'], $newuser['first_name'] . ' ' . $newuser['last_name']);
-                                        $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
-                                        $m->subject(trans('mail.welcome', ['name' => $newuser['first_name']]));
-                                    });
-                                }
-                            }
-                        }
-                    }
-                } catch (Exception $e) {
-                    echo 'Caught exception: ', $e->getMessage(), "\n";
-                }
-                return true;
-            }
-        });
-        return redirect()->route('users.index')->with('duplicates', $duplicates)->with('success', 'Success');
-    }
-
-
     /**
      * Return JSON response with a list of user details for the getIndex() view.
      *
@@ -928,7 +771,6 @@ class UsersController extends Controller
         $user = User::find($userId);
         $destinationPath = config('app.private_uploads').'/users';
 
-        // the license is valid
         if (isset($user->id)) {
             $this->authorize('update', $user);
             $log = Actionlog::find($fileId);
@@ -996,8 +838,7 @@ class UsersController extends Controller
             return redirect()->route('users.index')->with('error', $e->getMessage());
         }
 
-        return view('users/ldap')
-              ->with('location_list', Helper::locationsList());
+        return view('users/ldap');
     }
 
 
@@ -1028,128 +869,20 @@ class UsersController extends Controller
      */
     public function postLDAP(Request $request)
     {
-        $this->authorize('update', User::class);
-        ini_set('max_execution_time', 600); //600 seconds = 10 minutes
-        ini_set('memory_limit', '500M');
+        // Call Artisan LDAP import command.
+        $location_id = $request->input('location_id');
+        Artisan::call('snipeit:ldap-sync', ['--location_id' => $location_id, '--json_summary' => true]);
 
-        $ldap_result_username = Setting::getSettings()->ldap_username_field;
-        $ldap_result_last_name = Setting::getSettings()->ldap_lname_field;
-        $ldap_result_first_name = Setting::getSettings()->ldap_fname_field;
+        // Collect and parse JSON summary.
+        $ldap_results_json = Artisan::output();
+        $ldap_results = json_decode($ldap_results_json, true);
 
-        $ldap_result_active_flag = Setting::getSettings()->ldap_active_flag_field;
-        $ldap_result_emp_num = Setting::getSettings()->ldap_emp_num;
-        $ldap_result_email = Setting::getSettings()->ldap_email;
-
-        try {
-            $ldapconn = Ldap::connectToLdap();
-        } catch (\Exception $e) {
-            return redirect()->back()->withInput()->with('error', $e->getMessage());
+        // Direct user to appropriate status page.
+        if ($ldap_results['error']) {
+            return redirect()->back()->withInput()->with('error', $ldap_results['error_message']);
+        } else {
+            return redirect()->route('ldap/user')->with('success', "LDAP Import successful.")->with('summary', $ldap_results['summary']);
         }
-
-        try {
-            Ldap::bindAdminToLdap($ldapconn);
-        } catch (\Exception $e) {
-            return redirect()->back()->withInput()->with('error', $e->getMessage());
-        }
-
-        $summary = array();
-
-        $ldap_ou_locations = Location::whereNotNull('ldap_ou')->get();
-
-        $results = Ldap::findLdapUsers();
-
-        // Inject location information fields
-        for ($i = 0; $i < $results["count"]; $i++) {
-            $results[$i]["ldap_location_override"] = false;
-            $results[$i]["location_id"] = 0;
-        }
-
-        // Grab subsets based on location-specific DNs, and overwrite location for these users.
-        foreach ($ldap_ou_locations as $ldap_loc) {
-            $location_users = Ldap::findLdapUsers($ldap_loc->ldap_ou);
-            $usernames = array();
-            for ($i = 0; $i < $location_users["count"]; $i++) {
-                $location_users[$i]["ldap_location_override"] = true;
-                $location_users[$i]["location_id"] = $ldap_loc->id;
-                $usernames[] = $location_users[$i][$ldap_result_username][0];
-            }
-
-            // Delete located users from the general group.
-            foreach ($results as $key => $generic_entry) {
-                if (in_array($generic_entry[$ldap_result_username][0], $location_users)) {
-                    unset($results[$key]);
-                }
-            }
-
-            $global_count = $results['count'];
-            $results = array_merge($location_users, $results);
-            $results['count'] = $global_count;
-        }
-
-        $tmp_pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
-        $pass = bcrypt($tmp_pass);
-
-        for ($i = 0; $i < $results["count"]; $i++) {
-            if (empty($ldap_result_active_flag) || $results[$i][$ldap_result_active_flag][0] == "TRUE") {
-
-                $item = array();
-                $item["username"] = isset($results[$i][$ldap_result_username][0]) ? $results[$i][$ldap_result_username][0] : "";
-                $item["employee_number"] = isset($results[$i][$ldap_result_emp_num][0]) ? $results[$i][$ldap_result_emp_num][0] : "";
-                $item["lastname"] = isset($results[$i][$ldap_result_last_name][0]) ? $results[$i][$ldap_result_last_name][0] : "";
-                $item["firstname"] = isset($results[$i][$ldap_result_first_name][0]) ? $results[$i][$ldap_result_first_name][0] : "";
-                $item["email"] = isset($results[$i][$ldap_result_email][0]) ? $results[$i][$ldap_result_email][0] : "" ;
-                $item["ldap_location_override"] = isset($results[$i]["ldap_location_override"]) ? $results[$i]["ldap_location_override"]:"";
-                $item["location_id"] = isset($results[$i]["location_id"]) ? $results[$i]["location_id"]:"";
-
-                if( array_key_exists('useraccountcontrol', $results[$i]) ) {
-                $enabled_accounts = [
-                        '512', '544', '66048', '66080', '262656', '262688', '328192', '328224'
-                    ];
-                    $item['activated'] = ( in_array($results[$i]['useraccountcontrol'][0], $enabled_accounts) ) ? 1 : 0;
-                } else {
-                    $item['activated'] = 0;
-                }
-
-                // User exists
-                $item["createorupdate"] = 'updated';
-                if (!$user = User::where('username', $item["username"])->first()) {
-                    $user = new User;
-                    $user->password = $pass;
-                    $item["createorupdate"] = 'created';
-                }
-
-                 // Create the user if they don't exist.
-                $user->first_name = $item["firstname"];
-                $user->last_name = $item["lastname"];
-                $user->username = $item["username"];
-                $user->email = $item["email"];
-                $user->employee_num = e($item["employee_number"]);
-                $user->activated = $item['activated'];
-                
-                if ($item['ldap_location_override'] == true) {
-                    $user->location_id = $item['location_id'];
-                } else if ($request->input('location_id')!='') {
-                    $user->location_id = e($request->input('location_id'));
-                }
-                $user->notes = 'Imported from LDAP';
-                $user->ldap_import = 1;
-
-                $errors = '';
-
-                if ($user->save()) {
-                    $item["note"] = $item["createorupdate"];
-                    $item["status"]='success';
-                } else {
-                    foreach ($user->getErrors()->getMessages() as $key => $err) {
-                        $errors .='<li>'.$err[0];
-                    }
-                    $item["note"] = $errors;
-                    $item["status"]='error';
-                }
-                array_push($summary, $item);
-            }
-        }
-        return redirect()->route('ldap/user')->with('success', "LDAP Import successful.")->with('summary', $summary);
     }
     
 
@@ -1170,7 +903,7 @@ class UsersController extends Controller
             // Open output stream
             $handle = fopen('php://output', 'w');
 
-            User::with('assets', 'accessories', 'consumables', 'licenses', 'manager', 'groups', 'userloc', 'company','throttle')->orderBy('created_at', 'DESC')->chunk(500, function($users) use($handle) {
+            User::with('assets', 'accessories', 'consumables', 'department', 'licenses', 'manager', 'groups', 'userloc', 'company','throttle')->orderBy('created_at', 'DESC')->chunk(500, function($users) use($handle) {
                 $headers=[
                     // strtolower to prevent Excel from trying to open it as a SYLK file
                     strtolower(trans('general.id')),
@@ -1182,6 +915,7 @@ class UsersController extends Controller
                     trans('admin/users/table.email'),
                     trans('admin/users/table.manager'),
                     trans('admin/users/table.location'),
+                    trans('general.department'),
                     trans('general.assets'),
                     trans('general.licenses'),
                     trans('general.accessories'),
@@ -1212,6 +946,7 @@ class UsersController extends Controller
                         $user->email,
                         ($user->manager) ? $user->manager->present()->fullName() : '',
                         ($user->userloc) ? $user->userloc->name : '',
+                        ($user->department) ? $user->department->name : '',
                         $user->assets->count(),
                         $user->licenses->count(),
                         $user->accessories->count(),
@@ -1238,20 +973,23 @@ class UsersController extends Controller
 
     }
 
-    public function postTwoFactorReset(Request $request)
+    /**
+     * LDAP form processing.
+     *
+     * @author Aladin Alaily
+     * @since [v1.8]
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function printInventory($id)
     {
-        if (Gate::denies('users.edit')) {
-            return response()->json(['message' => trans('general.insufficient_permissions')], 500);
-        }
 
-        try {
-            $user = User::find($request->get('id'));
-            $user->two_factor_secret = null;
-            $user->two_factor_enrolled = 0;
-            $user->save();
-            return response()->json(['message' => trans('admin/settings/general.two_factor_reset_success')], 200);
-        } catch (\Exception $e) {
-            return response()->json(['message' => trans('admin/settings/general.two_factor_reset_error')], 500);
-        }
+        $show_user = User::where('id',$id)->withTrashed()->first();
+        $assets = Asset::where('assigned_to', $id)->where('assigned_type', User::class)->with('model', 'model.category')->get();
+        $licenses = $show_user->licenses()->get();
+        $accessories = $show_user->accessories()->get();
+        $consumables = $show_user->consumables()->get();
+        return view('users/print')->with('assets', $assets)->with('licenses',$licenses)->with('accessories', $accessories)->with('consumables', $consumables)->with('show_user', $show_user);
+
     }
+
 }

app/Http/Controllers/ViewAssetsController.php

@@ -12,6 +12,8 @@ use App\Models\Consumable;
 use App\Models\License;
 use App\Models\Setting;
 use App\Models\User;
+use App\Notifications\RequestAssetNotification;
+use App\Notifications\RequestAssetCancelationNotification;
 use Auth;
 use Config;
 use DB;
@@ -59,7 +61,7 @@ class ViewAssetsController extends Controller
             $error = trans('admin/users/message.user_not_found', compact('id'));
 
             // Redirect to the user management page
-            return redirect()->route('users')->with('error', $error);
+            return redirect()->route('users.index')->with('error', $error);
         }
 
     }
@@ -68,133 +70,83 @@ class ViewAssetsController extends Controller
     public function getRequestableIndex()
     {
 
-        $assets = Asset::with('model', 'defaultLoc', 'assetloc', 'assignedTo', 'requests')->Hardware()->RequestableAssets()->get();
+        $assets = Asset::with('model', 'defaultLoc', 'location', 'assignedTo', 'requests')->Hardware()->RequestableAssets()->get();
         $models = AssetModel::with('category', 'requests', 'assets')->RequestableModels()->get();
 
         return view('account/requestable-assets', compact('user', 'assets', 'models'));
     }
 
-    public function getRequestedIndex()
-    {
-        $requestedItems = CheckoutRequest::with('user', 'requestedItem')->get();
-        return view('admin/requested-assets', compact('requestedItems'));
-    }
 
 
     public function getRequestItem($itemType, $itemId = null)
     {
         $item = null;
         $fullItemType = 'App\\Models\\' . studly_case($itemType);
+
         if ($itemType == "asset_model") {
             $itemType = "model";
         }
         $item = call_user_func(array($fullItemType, 'find'), $itemId);
+
         $user = Auth::user();
-        $quantity = $data['item_quantity'] = Input::has('request-quantity') ? e(Input::get('request-quantity')) : 1;
+
 
         $logaction = new Actionlog();
         $logaction->item_id = $data['asset_id'] = $item->id;
         $logaction->item_type = $fullItemType;
         $logaction->created_at = $data['requested_date'] = date("Y-m-d H:i:s");
+
         if ($user->location_id) {
             $logaction->location_id = $user->location_id;
         }
         $logaction->target_id = $data['user_id'] = Auth::user()->id;
         $logaction->target_type = User::class;
 
+        $data['item_quantity'] = Input::has('request-quantity') ? e(Input::get('request-quantity')) : 1;
         $data['requested_by'] = $user->present()->fullName();
-        $data['item_name'] = $item->name;
+        $data['item'] = $item;
         $data['item_type'] = $itemType;
+        $data['target'] = Auth::user();
+
 
         if ($fullItemType == Asset::class) {
             $data['item_url'] = route('hardware.show', $item->id);
-            $slackMessage = ' Asset <'.url('/').'/hardware/'.$item->id.'/view'.'|'.$item->present()->name().'> requested by <'.url('/').'/users/'.$item->user_id.'/view'.'|'.$user->present()->fullName().'>.';
         } else {
             $data['item_url'] = route("view/${itemType}", $item->id);
-            $slackMessage = $quantity. ' ' . class_basename(strtoupper($logaction->item_type)).' <'.$data['item_url'].'|'.$item->name.'> requested by <'.url('/').'/user/'.$item->id.'/view'.'|'.$user->present()->fullName().'>.';
+
         }
 
         $settings = Setting::getSettings();
 
-        if ($settings->slack_endpoint) {
-
-            $slack_settings = [
-                'username' => $settings->botname,
-                'channel' => $settings->slack_channel,
-                'link_names' => true
-            ];
-
-            $slackClient = new \Maknz\Slack\Client($settings->slack_endpoint, $slack_settings);
-        }
-
-        if ($item->isRequestedBy($user)) {
-
-            $item->cancelRequest();
-            $log = $logaction->logaction('request_canceled');
+        if ($item_request = $item->isRequestedBy($user)) {
+           $item->cancelRequest();
+           $data['item_quantity'] = $item_request->qty;
+           $logaction->logaction('request_canceled');
 
             if (($settings->alert_email!='')  && ($settings->alerts_enabled=='1') && (!config('app.lock_passwords'))) {
-                Mail::send('emails.asset-canceled', $data, function ($m) use ($user, $settings) {
-                    $m->to(explode(',', $settings->alert_email), $settings->site_name);
-                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
-                    $m->subject(trans('mail.Item_Request_Canceled'));
-                });
-            }
-
-            if ($settings->slack_endpoint) {
-                try {
-                        $slackClient->attach([
-                            'color' => 'good',
-                            'fields' => [
-                                [
-                                    'title' => 'CANCELED:',
-                                    'value' => $slackMessage
-                                ]
-
-                            ]
-                        ])->send('Item Request Canceled');
-
-                } catch (Exception $e) {
-
-                }
+                $settings->notify(new RequestAssetCancelationNotification($data));
             }
 
             return redirect()->route('requestable-assets')->with('success')->with('success', trans('admin/hardware/message.requests.canceled'));
 
         } else {
             $item->request();
-
-            $log = $logaction->logaction('requested');
-
-
             if (($settings->alert_email!='')  && ($settings->alerts_enabled=='1') && (!config('app.lock_passwords'))) {
-                Mail::send('emails.asset-requested', $data, function ($m) use ($user, $settings) {
-                    $m->to(explode(',', $settings->alert_email), $settings->site_name);
-                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
-                    $m->subject(trans('mail.Item_Requested'));
-                });
+                $logaction->logaction('requested');
+                $settings->notify(new RequestAssetNotification($data));
             }
 
-            if ($settings->slack_endpoint) {
-                try {
-                        $slackClient->attach([
-                            'color' => 'good',
-                            'fields' => [
-                                [
-                                    'title' => 'REQUESTED:',
-                                    'value' => $slackMessage
-                                ]
 
-                            ]
-                        ])->send('Item Requested');
-
-                } catch (Exception $e) {
-
-                }
-            }
 
             return redirect()->route('requestable-assets')->with('success')->with('success', trans('admin/hardware/message.requests.success'));
         }
     }
+
+
+
+
+
+
     public function getRequestAsset($assetId = null)
     {
 
@@ -202,74 +154,47 @@ class ViewAssetsController extends Controller
 
         // Check if the asset exists and is requestable
         if (is_null($asset = Asset::RequestableAssets()->find($assetId))) {
-            // Redirect to the asset management page
-            return redirect()->route('requestable-assets')->with('error', trans('admin/hardware/message.does_not_exist_or_not_requestable'));
+            return redirect()->route('requestable-assets')
+                ->with('error', trans('admin/hardware/message.does_not_exist_or_not_requestable'));
         } elseif (!Company::isCurrentUserHasAccess($asset)) {
-            return redirect()->route('requestable-assets')->with('error', trans('general.insufficient_permissions'));
+            return redirect()->route('requestable-assets')
+                ->with('error', trans('general.insufficient_permissions'));
         }
-        // If it's requested, cancel the request.
+
+        $data['item'] = $asset;
+        $data['target'] =  Auth::user();
+        $data['item_quantity'] = 1;
+        $settings = Setting::getSettings();
+
+        $logaction = new Actionlog();
+        $logaction->item_id = $data['asset_id'] = $asset->id;
+        $logaction->item_type = $data['item_type'] = Asset::class;
+        $logaction->created_at = $data['requested_date'] = date("Y-m-d H:i:s");
+
+        if ($user->location_id) {
+            $logaction->location_id = $user->location_id;
+        }
+        $logaction->target_id = $data['user_id'] = Auth::user()->id;
+        $logaction->target_type = User::class;
+
+
+        // If it's already requested, cancel the request.
         if ($asset->isRequestedBy(Auth::user())) {
             $asset->cancelRequest();
-            return redirect()->route('requestable-assets')->with('success')->with('success', trans('admin/hardware/message.requests.success'));
+            $asset->decrement('requests_counter', 1);
+            
+            $logaction->logaction('request canceled');
+            $settings->notify(new RequestAssetCancelationNotification($data));
+            return redirect()->route('requestable-assets')
+                ->with('success')->with('success', trans('admin/hardware/message.requests.cancel-success'));
         } else {
 
-            $logaction = new Actionlog();
-            $logaction->item_id = $data['asset_id'] = $asset->id;
-            $logaction->item_type = Asset::class;
-            $logaction->created_at = $data['requested_date'] = date("Y-m-d H:i:s");
-            $data['asset_type'] = 'hardware';
-            if ($user->location_id) {
-                $logaction->location_id = $user->location_id;
-            }
-            $logaction->target_id = $data['user_id'] = Auth::user()->id;
-            $logaction->target_type = User::class;
-            $log = $logaction->logaction('requested');
-
-            $data['requested_by'] = $user->present()->fullName();
-            $data['asset_name'] = $asset->present()->name();
-
-            $settings = Setting::getSettings();
-
-            if (($settings->alert_email!='')  && ($settings->alerts_enabled=='1') && (!config('app.lock_passwords'))) {
-                Mail::send('emails.asset-requested', $data, function ($m) use ($user, $settings) {
-                    $m->to(explode(',', $settings->alert_email), $settings->site_name);
-                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
-                    $m->subject(trans('mail.asset_requested'));
-                });
-            }
-
+            $logaction->logaction('requested');
             $asset->request();
+            $asset->increment('requests_counter', 1);
+            $settings->notify(new RequestAssetNotification($data));
 
 
-            if ($settings->slack_endpoint) {
-
-
-                $slack_settings = [
-                    'username' => $settings->botname,
-                    'channel' => $settings->slack_channel,
-                    'link_names' => true
-                ];
-
-                $client = new \Maknz\Slack\Client($settings->slack_endpoint, $slack_settings);
-
-                try {
-                        $client->attach([
-                            'color' => 'good',
-                            'fields' => [
-                                [
-                                    'title' => 'REQUESTED:',
-                                    'value' => class_basename(strtoupper($logaction->item_type)).' asset <'.url('/').'/hardware/'.$asset->id.'/view'.'|'.$asset->present()->name().'> requested by <'.url('/').'/hardware/'.$asset->id.'/view'.'|'.Auth::user()->present()->fullName().'>.'
-                                ]
-
-                            ]
-                        ])->send('Asset Requested');
-
-                } catch (Exception $e) {
-
-                }
-
-            }
-
             return redirect()->route('requestable-assets')->with('success')->with('success', trans('admin/hardware/message.requests.success'));
         }
 
@@ -278,20 +203,18 @@ class ViewAssetsController extends Controller
 
     public function getRequestedAssets()
     {
-        $checkoutrequests = CheckoutRequest::all();
-
-        return view('account/requested-items', compact($checkoutrequests));
+        return view('account/requested');
     }
 
 
-
     // Get the acceptance screen
     public function getAcceptAsset($logID = null)
     {
 
-        if (!$findlog = Actionlog::where('id', $logID)->first()) {
-            echo 'no record';
-            //return redirect()->to('account')->with('error', trans('admin/hardware/message.does_not_exist'));
+        $findlog = Actionlog::where('id', $logID)->first();
+
+        if (!$findlog) {
+            return redirect()->to('account/view-assets')->with('error', 'No matching record.');
         }
 
         if ($findlog->accepted_id!='') {
@@ -301,10 +224,12 @@ class ViewAssetsController extends Controller
         $user = Auth::user();
 
 
-        if ($user->id != $findlog->item->assigned_to) {
+        // TODO - Fix this for non-assets
+        if (($findlog->item_type==Asset::class) && ($user->id != $findlog->item->assigned_to)) {
             return redirect()->to('account/view-assets')->with('error', trans('admin/users/message.error.incorrect_user_accepted'));
         }
 
+
         $item = $findlog->item;
 
         // Check if the asset exists
@@ -340,7 +265,7 @@ class ViewAssetsController extends Controller
 
         $user = Auth::user();
 
-        if ($user->id != $findlog->item->assigned_to) {
+        if (($findlog->item_type==Asset::class) && ($user->id != $findlog->item->assigned_to)) {
             return redirect()->to('account/view-assets')->with('error', trans('admin/users/message.error.incorrect_user_accepted'));
         }
 
@@ -392,9 +317,11 @@ class ViewAssetsController extends Controller
         ->where('id', $findlog->id)
         ->update(array('accepted_id' => $logaction->id));
 
+        if (($findlog->item_id!='') && ($findlog->item_type==Asset::class)) {
             $affected_asset = $logaction->item;
             $affected_asset->accepted = $accepted;
             $affected_asset->save();
+        }
 
         if ($update_checkout) {
             return redirect()->to('account/view-assets')->with('success', $return_msg);

app/Http/Kernel.php

@@ -19,10 +19,13 @@ class Kernel extends HttpKernel
         \Illuminate\View\Middleware\ShareErrorsFromSession::class,
         \App\Http\Middleware\FrameGuard::class,
         \App\Http\Middleware\XssProtectHeader::class,
+        \App\Http\Middleware\ReferrerPolicyHeader::class,
+        \App\Http\Middleware\ContentSecurityPolicyHeader::class,
         \App\Http\Middleware\NosniffGuard::class,
-        \App\Http\Middleware\CheckForSetup::class,
         \Fideloper\Proxy\TrustProxies::class,
+        \App\Http\Middleware\CheckForSetup::class,
         \App\Http\Middleware\CheckForDebug::class,
+       // \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
     ];
 
     /**

app/Http/Middleware/CheckForSetup.php

@@ -29,7 +29,7 @@ class CheckForSetup
 
         } else {
             if (!($request->is('setup*')) && !($request->is('.env'))) {
-                return redirect(url('/').'/setup')->with('Request', $request);
+                return redirect(url('/').'/setup');
             }
 
             return $next($request);

app/Http/Middleware/ContentSecurityPolicyHeader.php

@@ -0,0 +1,35 @@
+<?php
+namespace App\Http\Middleware;
+
+use Closure;
+
+class ContentSecurityPolicyHeader
+{
+    /**
+     * Handle the given request and get the response.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return \Illuminate\Http\Response
+     */
+    public function handle($request, Closure $next)
+    {
+        if ((config('app.debug')=='true')  || (config('app.enable_csp')!='true')) {
+            $response = $next($request);
+            return $response;
+        }
+
+        $policy[] = "default-src 'self'";
+        $policy[] = "style-src 'self' 'unsafe-inline' oss.maxcdn.com";
+        $policy[] = "script-src 'self' 'unsafe-inline' oss.mafxcdn.com cdnjs.cloudflare.com'";
+        $policy[] = "connect-src 'self'";
+        $policy[] = "object-src 'none'";
+        $policy[] = "font-src 'self' data:";
+        $policy[] = "img-src 'self' data: gravatar.com";
+        $policy = join(';', $policy);
+
+        $response = $next($request);
+        $response->headers->set('Content-Security-Policy', $policy);
+        return $response;
+    }
+}

app/Http/Middleware/ReferrerPolicyHeader.php

@@ -0,0 +1,21 @@
+<?php
+namespace App\Http\Middleware;
+
+use Closure;
+
+class ReferrerPolicyHeader
+{
+    /**
+     * Handle the given request and get the response.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return \Illuminate\Http\Response
+     */
+    public function handle($request, Closure $next)
+    {
+        $response = $next($request);
+        $response->headers->set('Referrer-Policy', config('app.referrer_policy'));
+        return $response;
+    }
+}

app/Http/Middleware/XssProtectHeader.php

@@ -14,8 +14,9 @@ class XssProtectHeader
      */
     public function handle($request, Closure $next)
     {
+        $mode = '1;mode=block';
         $response = $next($request);
-        $response->headers->set('X-XSS-Protection', '1');
+        $response->headers->set('X-XSS-Protection', $mode);
         return $response;
     }
 }

app/Http/Requests/AssetCheckoutRequest.php

@@ -23,10 +23,14 @@ class AssetCheckoutRequest extends Request
      */
     public function rules()
     {
-        return [
-            "assigned_user"   => 'required_without_all:assigned_asset,assigned_location',
-            "assigned_asset"   => 'required_without_all:assigned_user,assigned_location',
-            "assigned_location"   => 'required_without_all:assigned_user,assigned_asset',
+        $rules = [
+            "assigned_user"         => 'required_without_all:assigned_asset,assigned_location',
+            "assigned_asset"        => 'required_without_all:assigned_user,assigned_location|different:'.$this->id,
+            "assigned_location"     => 'required_without_all:assigned_user,assigned_asset',
+            "checkout_to_type"      => 'required|in:asset,location,user'
         ];
+
+
+        return $rules;
     }
 }

app/Http/Requests/AssetFileRequest.php

@@ -23,8 +23,9 @@ class AssetFileRequest extends Request
      */
     public function rules()
     {
+        $max_file_size = \App\Helpers\Helper::file_upload_max_size();
         return [
-          'file.*' => 'required|mimes:png,gif,jpg,jpeg,doc,docx,pdf,txt,zip,rar|max:2000'
+          'file.*' => 'required|mimes:png,gif,jpg,svg,jpeg,doc,docx,pdf,txt,zip,rar,xls,lic|max:'.$max_file_size,
         ];
     }
 

app/Http/Requests/AssetRequest.php

@@ -36,20 +36,24 @@ class AssetRequest extends Request
             'checkin_date'    => 'date',
             'supplier_id'     => 'integer|nullable',
             'status'          => 'integer|nullable',
-            'asset_tag'       => 'required',
             'purchase_cost'   => 'numeric|nullable',
             "assigned_user"   => 'sometimes:required_without_all:assigned_asset,assigned_location',
             "assigned_asset"   => 'sometimes:required_without_all:assigned_user,assigned_location',
             "assigned_location"   => 'sometimes:required_without_all:assigned_user,assigned_asset',
         ];
 
-        $model = AssetModel::find($this->request->get('model_id'));
+        $settings = \App\Models\Setting::getSettings();
 
-        if (($model) && ($model->fieldset)) {
-            $rules += $model->fieldset->validation_rules();
+        $rules['asset_tag'] = ($settings->auto_increment_assets == '1') ? 'max:255' : 'required';
+
+        if($this->request->get('model_id') != '') {
+            $model = AssetModel::find($this->request->get('model_id'));
+
+            if (($model) && ($model->fieldset)) {
+                $rules += $model->fieldset->validation_rules();
+            }
         }
 
-
         return $rules;
 
     }

app/Http/Requests/CustomFieldRequest.php

@@ -0,0 +1,59 @@
+<?php
+
+namespace App\Http\Requests;
+
+use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Http\Request;
+
+class CustomFieldRequest extends FormRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     *
+     * @return bool
+     */
+    public function authorize()
+    {
+        return true;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules(Request $request)
+    {
+
+        $rules = [];
+
+        switch($this->method())
+        {
+
+            // Brand new
+            case 'POST':
+            {
+                $rules['name'] = "required|unique:custom_fields";
+                break;
+            }
+
+            // Save all fields
+            case 'PUT':
+                $rules['name'] = "required";
+                break;
+
+            // Save only what's passed
+            case 'PATCH':
+            {
+                $rules['name'] = "required";
+                break;
+            }
+
+            default:break;
+        }
+
+        $rules['custom_format'] = 'valid_regex';
+
+        return  $rules;
+    }
+}

app/Http/Requests/ImageUploadRequest.php

@@ -24,7 +24,8 @@ class ImageUploadRequest extends Request
     public function rules()
     {
         return [
-            'image' => 'mimes:png,gif,jpg,jpeg,svg|max:2000'
+            'image' => 'mimes:png,gif,jpg,jpeg,svg',
+            'avatar' => 'mimes:png,gif,jpg,jpeg,svg',
         ];
     }
 

app/Http/Requests/ItemImportRequest.php

@@ -26,7 +26,7 @@ class ItemImportRequest extends FormRequest
     public function rules()
     {
         return [
-            //
+            'import-type' => 'required',
         ];
     }