Merge remote-tracking branch 'origin/develop'

Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	config/version.php

.all-contributorsrc

@@ -3235,6 +3235,60 @@
       "contributions": [
         "code"
       ]
+    },
+    {
+      "login": "sgross-emlix",
+      "name": "Sebastian Groß",
+      "avatar_url": "https://avatars.githubusercontent.com/u/143394709?v=4",
+      "profile": "https://github.com/sgross-emlix",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "AnouarTouati",
+      "name": "Anouar Touati",
+      "avatar_url": "https://avatars.githubusercontent.com/u/41107778?v=4",
+      "profile": "https://github.com/AnouarTouati",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "aHVzY2g",
+      "name": "aHVzY2g",
+      "avatar_url": "https://avatars.githubusercontent.com/u/25596663?v=4",
+      "profile": "https://github.com/aHVzY2g",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "brlin-tw",
+      "name": "林博仁 Buo-ren Lin",
+      "avatar_url": "https://avatars.githubusercontent.com/u/13408130?v=4",
+      "profile": "https://brlin.me",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "addex12",
+      "name": "Adugna Gizaw",
+      "avatar_url": "https://avatars.githubusercontent.com/u/18550946?v=4",
+      "profile": "https://orbalia.pythonanywhere.com/",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "jostrander",
+      "name": "Jesse Ostrander",
+      "avatar_url": "https://avatars.githubusercontent.com/u/760989?v=4",
+      "profile": "https://github.com/jostrander",
+      "contributions": [
+        "code"
+      ]
     }
   ]
 }

.env.dev.docker

@@ -11,12 +11,12 @@ MYSQL_ROOT_PASSWORD=changeme1234
 # REQUIRED: BASIC APP SETTINGS
 # --------------------------------------------
 APP_ENV=develop
-APP_DEBUG=false
+APP_DEBUG=true
 # please regenerate the APP_KEY value by calling `docker-compose run --rm snipeit bash` and then `php artisan key:generate --show` and then copy paste the value here
 APP_KEY=base64:3ilviXqB9u6DX1NRcyWGJ+sjySF+H18CPDGb3+IVwMQ=
 APP_URL=http://localhost:8000
 APP_TIMEZONE='UTC'
-APP_LOCALE=en
+APP_LOCALE=en-US
 MAX_RESULTS=500
 
 # --------------------------------------------
@@ -158,7 +158,7 @@ RESET_PASSWORD_LINK_EXPIRES=900
 # --------------------------------------------
 # OPTIONAL: MISC
 # --------------------------------------------
-LOG_CHANNEL=stderr
+LOG_CHANNEL=single
 LOG_MAX_DAYS=10
 APP_LOCKED=false
 APP_CIPHER=AES-256-CBC

.env.docker

@@ -1,7 +1,7 @@
 # --------------------------------------------
 # REQUIRED: DOCKER SPECIFIC SETTINGS
 # --------------------------------------------
-APP_VERSION=v6.4.1
+APP_VERSION=
 APP_PORT=8000
 
 # --------------------------------------------
@@ -9,7 +9,7 @@ APP_PORT=8000
 # --------------------------------------------
 APP_ENV=production
 APP_DEBUG=false
-# Please regenerate the APP_KEY value by calling `docker compose run --rm snipeit php artisan key:generate --show`. Copy paste the value here
+# Please regenerate the APP_KEY value by calling `docker compose run --rm app php artisan key:generate --show`. Copy paste the value here
 APP_KEY=base64:3ilviXqB9u6DX1NRcyWGJ+sjySF+H18CPDGb3+IVwMQ=
 APP_URL=http://localhost:8000
 # https://en.wikipedia.org/wiki/List_of_tz_database_time_zones - TZ identifier

.env.example

@@ -80,6 +80,12 @@ MAIL_BACKUP_NOTIFICATION_ADDRESS=null
 BACKUP_ENV=true
 ALLOW_BACKUP_DELETE=false
 ALLOW_DATA_PURGE=false
+ALL_BACKUP_KEEP_DAYS=7
+DAILY_BACKUP_KEEP_DAYS=16
+WEEKLY_BACKUP_KEEP_WEEKS=8
+MONTHLY_BACKUP_KEEP_MONTHS=4
+YEARLY_BACKUP_KEEP_YEARS=2
+BACKUP_PURGE_OLDEST_AT_MEGS=5000
 
 # --------------------------------------------
 # OPTIONAL: SESSION SETTINGS
@@ -93,7 +99,7 @@ PASSPORT_COOKIE_NAME='snipeit_passport_token'
 COOKIE_DOMAIN=null
 SECURE_COOKIES=false
 API_TOKEN_EXPIRATION_YEARS=15
-BS_TABLE_STORAGE=cookieStorage
+BS_TABLE_STORAGE=localStorage
 BS_TABLE_DEEPLINK=true
 
 # --------------------------------------------

.github/ISSUE_TEMPLATE.md

@@ -1,38 +0,0 @@
-#### Expected Behavior (or desired behavior if a feature request)
-
-(what you expect to happen goes here)
-
------
-
-#### Actual Behavior
-
-(what actually happens goes here)
-
------
-
-#### Please confirm you have done the following before posting your bug report:
-
-- [ ] I have enabled debug mode 
-- [ ] I have read [checked the Common Issues page](https://snipe-it.readme.io/docs/common-issues)
-
------
-#### Provide answers to these questions:
-
-- Is this a fresh install or an upgrade? 
-- Version of Snipe-IT you're running
-- Version of PHP you're running
-- Version of MySQL/MariaDB you're running
-- What OS and web server you're running Snipe-IT on
-- What method you used to install Snipe-IT (install.sh, manual installation, docker, etc)
-- WITH DEBUG TURNED ON, if you're getting an error in your browser, include that error
-- What specific Snipe-IT page you're on, and what specific element you're interacting with to trigger the error
-- If a stacktrace is provided in the error, include that too.
-- Any errors that appear in your browser's error console.
-- Confirm whether the error is reproducible on the demo: https://snipeitapp.com/demo.
-- Include any additional information you can find in `storage/logs` and your webserver's logs.
-- Include what you've done so far in the installation, and if you got any error messages along the way.
-- Indicate whether or not you've manually edited any data directly in the database
-
-Please do not post an issue without answering the related questions above. If you have opened a different issue and already answered these questions, answer them again, once for every ticket. It will be next to impossible for us to help you.
-
-https://snipe-it.readme.io/docs/getting-help

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -1,129 +0,0 @@
-name: Bug Report
-description: Create a report to help us improve
-body:
-  - type: checkboxes
-    attributes:
-      label: Debug mode
-      description: Please confirm you have done the following before posting your bug report
-      options:
-        - label: I have enabled debug mode
-          required: true
-        - label: I have read [checked the Common Issues page](https://snipe-it.readme.io/docs/common-issues)
-          required: true
-  - type: textarea
-    attributes:
-      label: Describe the bug
-      description: A clear and concise description of what the bug is.
-    validations:
-      required: true
-  - type: textarea
-    attributes:
-      label: Reproduction steps
-      description: Steps to reproduce the behavior.
-      value: |
-        1.
-        2.
-        3.
-        ...
-    validations:
-        required: true
-  - type: textarea
-    attributes:
-      label: Expected behavior
-      description: A clear and concise description of what you expected to happen.
-    validations:
-      required: true
-  - type: textarea
-    attributes:
-      label: Screenshots
-      description: 'If applicable, add screenshots to help explain your problem.'
-  - type: markdown
-    attributes:
-      value: "### Server"
-  - type: input
-    attributes:
-      label: Snipe-IT Version
-    validations:
-      required: true
-  - type: input
-    id: server_operatingSystem
-    attributes:
-      label: Operating System
-      description: 'e.g. Ubuntu, Windows'
-    validations:
-      required: true
-  - type: input
-    attributes:
-      label: Web Server
-      description: 'e.g. Apache, IIS'
-    validations:
-      required: true
-  - type: input
-    attributes:
-      label: PHP Version
-    validations:
-      required: true
-  - type: markdown
-    attributes:
-      value: "### Desktop"
-  - type: input
-    id: desktop_operatingSystem
-    attributes:
-      label: Operating System
-      description: 'e.g. Ubuntu, Windows'
-  - type: input
-    id: desktop_browser
-    attributes:
-      label: Browser
-      description: 'e.g. Google Chrome, Safari'
-  - type: input
-    id: desktop_version
-    attributes:
-      label: Version
-      description: 'e.g. 93'
-  - type: markdown
-    attributes:
-      value: "### Mobile"
-  - type: input
-    attributes:
-      label: Device
-      description: 'e.g. iPhone 6, Pixel 4a'
-  - type: input
-    id: mobile_operatingSystem
-    attributes:
-      label: Operating System
-      description: 'e.g. iOS 8.1, Android 9'
-  - type: input
-    id: mobile_browser
-    attributes:
-      label: Browser
-      description: 'e.g. Google Chrome, Safari'
-  - type: input
-    id: mobile_version
-    attributes:
-      label: Version
-      description: 'e.g. 93'
-  - type: textarea
-    attributes:
-      label: Error messages
-      description: |
-        WITH DEBUG TURNED ON, if you're getting an error in your browser, include that error
-        If a stacktrace is provided in the error, include that too.
-        Any errors that appear in your browser's error console.
-        Confirm whether the error is reproducible on the demo: https://snipeitapp.com/demo.
-        Include any additional information you can find in `storage/logs` and your webserver's logs.
-        Include the output from `php -m` (this should display what modules you have enabled.)
-      render: shell
-  - type: textarea
-    attributes:
-      label: Additional context
-      description: |
-        Is this a fresh install or an upgrade?
-        What OS and web server you're running Snipe-IT on
-        What method you used to install Snipe-IT (install.sh, manual installation, docker, etc)
-        Include what you've done so far in the installation, and if you got any error messages along the way.
-        Indicate whether or not you've manually edited any data directly in the database
-        Add any other context about the problem here.
-  - type: markdown
-    attributes:
-      value: Please do not post an issue without answering the related questions above. If you have opened a different issue and already answered these questions, answer them again, once for every ticket. It will be next to impossible for us to help you.

.github/ISSUE_TEMPLATE/config.yml

@@ -1 +0,0 @@
-blank_issues_enabled: false

.github/ISSUE_TEMPLATE/feature_request.yml

@@ -1,25 +0,0 @@
-name: Feature Request
-description: Suggest an idea for this project
-title: "[Feature Request]: "
-labels: ["feature request"]
-body:
-  - type: textarea
-    attributes:
-      label: Is your feature request related to a problem? Please describe.
-      description: A clear and concise description of what the problem is. The more information you can provide about your use-case, the more liklely we are to consider your feature.
-    validations:
-      required: true
-  - type: textarea
-    attributes:
-      label: Describe the solution you'd like
-      description: A clear and concise description of what you want to happen.
-    validations:
-      required: true
-  - type: textarea
-    attributes:
-      label: Describe alternatives you've considered
-      description: A clear and concise description of any alternative solutions or features you've considered.
-  - type: textarea
-    attributes:
-      label: Additional context
-      description: Add any other context or screenshots about the feature request here.

.github/pull_request_template.md

@@ -1,40 +0,0 @@
-# Description
-
-Please include a summary of the change and which issue is fixed. Please also include relevant motivation and context, providing screenshots where practical. List any dependencies that are required for this change.
-
-Fixes # (issue)
-
-## Type of change
-
-Please delete options that are not relevant.
-
-- [ ] Bug fix (non-breaking change which fixes an issue)
-- [ ] New feature (non-breaking change which adds functionality)
-- [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
-- [ ] This change requires a documentation update
-
-# How Has This Been Tested?
-
-Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration
-
-- [ ] Test A
-- [ ] Test B
-
-**Test Configuration**:
-* PHP version:
-* MySQL version
-* Webserver version
-* OS version
-
-
-# Checklist:
-
-- [ ] I have read the Contributing documentation available here: https://snipe-it.readme.io/docs/contributing-overview
-- [ ] I have formatted this PR according to the project guidelines: https://snipe-it.readme.io/docs/contributing-overview#pull-request-guidelines
-- [ ] My code follows the style guidelines of this project
-- [ ] I have performed a self-review of my own code
-- [ ] I have commented my code, particularly in hard-to-understand areas
-- [ ] I have made corresponding changes to the documentation
-- [ ] My changes generate no new warnings
-- [ ] I have added tests that prove my fix is effective or that my feature works
-- [ ] New and existing unit tests pass locally with my changes

.github/travis-memory.ini

@@ -1 +0,0 @@
-memory_limit= 2048M

.github/weekly-digest.yml

@@ -1,7 +0,0 @@
-# Configuration for weekly-digest - https://github.com/apps/weekly-digest
-publishDay: sun
-canPublishIssues: true
-canPublishPullRequests: true
-canPublishContributors: true
-canPublishStargazers: true
-canPublishCommits: true

.github/workflows/tests-mysql.yml

@@ -25,9 +25,9 @@ jobs:
       fail-fast: false
       matrix:
         php-version:
-          - "8.1"
           - "8.2"
           - "8.3"
+          - "8.4"
 
     name: PHP ${{ matrix.php-version }}
 
@@ -67,7 +67,7 @@ jobs:
         run: |
           php artisan key:generate
           php artisan migrate --force
-          php artisan passport:install
+          php artisan passport:install --no-interaction
           chmod -R 777 storage bootstrap/cache
 
       - name: Execute tests (Unit and Feature tests) via PHPUnit

.github/workflows/tests-postgres.yml

@@ -21,9 +21,10 @@ jobs:
       fail-fast: false
       matrix:
         php-version:
-          - "8.1"
           - "8.2"
           - "8.3"
+          - "8.4"
+
 
     name: PHP ${{ matrix.php-version }}
 
@@ -64,7 +65,7 @@ jobs:
         run: |
           php artisan key:generate
           php artisan migrate --force
-          php artisan passport:install
+          php artisan passport:install --no-interaction
           chmod -R 777 storage bootstrap/cache
 
       - name: Execute tests (Unit and Feature tests) via PHPUnit

.github/workflows/tests-sqlite.yml

@@ -15,7 +15,7 @@ jobs:
       fail-fast: false
       matrix:
         php-version:
-          - "8.1.1"
+          - "8.3"
 
     name: PHP ${{ matrix.php-version }}
 
@@ -43,6 +43,9 @@ jobs:
           cp -v .env.testing.example .env
           cp -v .env.testing.example .env.testing
 
+      - name: Create database file
+        run: touch database/database.sqlite
+
       - name: Install Dependencies
         run: composer install -q --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist
 
@@ -57,5 +60,5 @@ jobs:
 
       - name: Execute tests (Unit and Feature tests) via PHPUnit
         env:
-          DB_CONNECTION: sqlite_testing
+          DB_CONNECTION: sqlite
         run: php artisan test

.upgrade_requirements.json

@@ -3,8 +3,8 @@
     "DOC2": "In other words, what you see locally are the requirements for your _current_ install",
     "DOC3": "Please don't rely on these versions for planning upgrades unless you've fetched the most recent version",
     "DOC4": "You should really just ignore it and run upgrade.php. Really",
-    "php_min_version": "8.1.0",
-    "php_max_major_minor": "8.3",
-    "php_max_wontwork": "8.4.0",
-    "current_snipeit_version": "7.0"
+    "php_min_version": "8.2.0",
+    "php_max_major_minor": "8.4",
+    "php_max_wontwork": "8.5.0",
+    "current_snipeit_version": "8.0"
 }

CONTRIBUTORS.md

@@ -52,7 +52,8 @@ Thanks goes to all of these wonderful people ([emoji key](https://github.com/ken
 | [<img src="https://avatars.githubusercontent.com/u/47315739?v=4" width="110px;"/><br /><sub>bilias</sub>](https://github.com/bilias)<br />[💻](https://github.com/snipe/snipe-it/commits?author=bilias "Code") | [<img src="https://avatars.githubusercontent.com/u/2565989?v=4" width="110px;"/><br /><sub>coach1988</sub>](https://github.com/coach1988)<br />[💻](https://github.com/snipe/snipe-it/commits?author=coach1988 "Code") | [<img src="https://avatars.githubusercontent.com/u/11910225?v=4" width="110px;"/><br /><sub>MrM</sub>](https://github.com/mauro-miatello)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mauro-miatello "Code") | [<img src="https://avatars.githubusercontent.com/u/60405354?v=4" width="110px;"/><br /><sub>koiakoia</sub>](https://github.com/koiakoia)<br />[💻](https://github.com/snipe/snipe-it/commits?author=koiakoia "Code") | [<img src="https://avatars.githubusercontent.com/u/5323832?v=4" width="110px;"/><br /><sub>Mustafa Online</sub>](https://github.com/mustafa-online)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mustafa-online "Code") | [<img src="https://avatars.githubusercontent.com/u/104601439?v=4" width="110px;"/><br /><sub>franceslui</sub>](https://github.com/franceslui)<br />[💻](https://github.com/snipe/snipe-it/commits?author=franceslui "Code") | [<img src="https://avatars.githubusercontent.com/u/125313163?v=4" width="110px;"/><br /><sub>Q4kK</sub>](https://github.com/Q4kK)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Q4kK "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/55590532?v=4" width="110px;"/><br /><sub>squintfox</sub>](https://github.com/squintfox)<br />[💻](https://github.com/snipe/snipe-it/commits?author=squintfox "Code") | [<img src="https://avatars.githubusercontent.com/u/1380084?v=4" width="110px;"/><br /><sub>Jeff Clay</sub>](https://github.com/jeffclay)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jeffclay "Code") | [<img src="https://avatars.githubusercontent.com/u/52716446?v=4" width="110px;"/><br /><sub>Phil J R</sub>](https://github.com/PP-JN-RL)<br />[💻](https://github.com/snipe/snipe-it/commits?author=PP-JN-RL "Code") | [<img src="https://avatars.githubusercontent.com/u/1496725?v=4" width="110px;"/><br /><sub>i_virus</sub>](https://www.corelight.com/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=chandanchowdhury "Code") | [<img src="https://avatars.githubusercontent.com/u/1020541?v=4" width="110px;"/><br /><sub>Paul Grime</sub>](https://github.com/gitgrimbo)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gitgrimbo "Code") | [<img src="https://avatars.githubusercontent.com/u/922815?v=4" width="110px;"/><br /><sub>Lee Porte</sub>](https://leeporte.co.uk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=LeePorte "Code") | [<img src="https://avatars.githubusercontent.com/u/23613427?v=4" width="110px;"/><br /><sub>BRYAN </sub>](https://github.com/bryanlopezinc)<br />[💻](https://github.com/snipe/snipe-it/commits?author=bryanlopezinc "Code") [⚠️](https://github.com/snipe/snipe-it/commits?author=bryanlopezinc "Tests") |
 | [<img src="https://avatars.githubusercontent.com/u/64061710?v=4" width="110px;"/><br /><sub>U-H-T</sub>](https://github.com/U-H-T)<br />[💻](https://github.com/snipe/snipe-it/commits?author=U-H-T "Code") | [<img src="https://avatars.githubusercontent.com/u/5395363?v=4" width="110px;"/><br /><sub>Matt Tyree</sub>](https://github.com/Tyree)<br />[📖](https://github.com/snipe/snipe-it/commits?author=Tyree "Documentation") | [<img src="https://avatars.githubusercontent.com/u/292081?v=4" width="110px;"/><br /><sub>Florent Bervas</sub>](http://spoontux.net)<br />[💻](https://github.com/snipe/snipe-it/commits?author=FlorentDotMe "Code") | [<img src="https://avatars.githubusercontent.com/u/4498077?v=4" width="110px;"/><br /><sub>Daniel Albertsen</sub>](https://ditscheri.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=dbakan "Code") | [<img src="https://avatars.githubusercontent.com/u/100710244?v=4" width="110px;"/><br /><sub>r-xyz</sub>](https://github.com/r-xyz)<br />[💻](https://github.com/snipe/snipe-it/commits?author=r-xyz "Code") | [<img src="https://avatars.githubusercontent.com/u/47491036?v=4" width="110px;"/><br /><sub>Steven Mainor</sub>](https://github.com/DrekiDegga)<br />[💻](https://github.com/snipe/snipe-it/commits?author=DrekiDegga "Code") | [<img src="https://avatars.githubusercontent.com/u/65785975?v=4" width="110px;"/><br /><sub>arne-kroeger</sub>](https://github.com/arne-kroeger)<br />[💻](https://github.com/snipe/snipe-it/commits?author=arne-kroeger "Code") |
-| [<img src="https://avatars.githubusercontent.com/u/167117705?v=4" width="110px;"/><br /><sub>Glukose1</sub>](https://github.com/Glukose1)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Glukose1 "Code") | [<img src="https://avatars.githubusercontent.com/u/1197791?v=4" width="110px;"/><br /><sub>Scarzy</sub>](https://github.com/Scarzy)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Scarzy "Code") | [<img src="https://avatars.githubusercontent.com/u/37372069?v=4" width="110px;"/><br /><sub>setpill</sub>](https://github.com/setpill)<br />[💻](https://github.com/snipe/snipe-it/commits?author=setpill "Code") | [<img src="https://avatars.githubusercontent.com/u/3755203?v=4" width="110px;"/><br /><sub>swift2512</sub>](https://github.com/swift2512)<br />[🐛](https://github.com/snipe/snipe-it/issues?q=author%3Aswift2512 "Bug reports") | [<img src="https://avatars.githubusercontent.com/u/6136439?v=4" width="110px;"/><br /><sub>Darren Rainey</sub>](https://darrenraineys.co.uk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=DarrenRainey "Code") | [<img src="https://avatars.githubusercontent.com/u/133033121?v=4" width="110px;"/><br /><sub>maciej-poleszczyk</sub>](https://github.com/maciej-poleszczyk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=maciej-poleszczyk "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/167117705?v=4" width="110px;"/><br /><sub>Glukose1</sub>](https://github.com/Glukose1)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Glukose1 "Code") | [<img src="https://avatars.githubusercontent.com/u/1197791?v=4" width="110px;"/><br /><sub>Scarzy</sub>](https://github.com/Scarzy)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Scarzy "Code") | [<img src="https://avatars.githubusercontent.com/u/37372069?v=4" width="110px;"/><br /><sub>setpill</sub>](https://github.com/setpill)<br />[💻](https://github.com/snipe/snipe-it/commits?author=setpill "Code") | [<img src="https://avatars.githubusercontent.com/u/3755203?v=4" width="110px;"/><br /><sub>swift2512</sub>](https://github.com/swift2512)<br />[🐛](https://github.com/snipe/snipe-it/issues?q=author%3Aswift2512 "Bug reports") | [<img src="https://avatars.githubusercontent.com/u/6136439?v=4" width="110px;"/><br /><sub>Darren Rainey</sub>](https://darrenraineys.co.uk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=DarrenRainey "Code") | [<img src="https://avatars.githubusercontent.com/u/133033121?v=4" width="110px;"/><br /><sub>maciej-poleszczyk</sub>](https://github.com/maciej-poleszczyk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=maciej-poleszczyk "Code") | [<img src="https://avatars.githubusercontent.com/u/143394709?v=4" width="110px;"/><br /><sub>Sebastian Groß</sub>](https://github.com/sgross-emlix)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sgross-emlix "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/41107778?v=4" width="110px;"/><br /><sub>Anouar Touati</sub>](https://github.com/AnouarTouati)<br />[💻](https://github.com/snipe/snipe-it/commits?author=AnouarTouati "Code") | [<img src="https://avatars.githubusercontent.com/u/25596663?v=4" width="110px;"/><br /><sub>aHVzY2g</sub>](https://github.com/aHVzY2g)<br />[💻](https://github.com/snipe/snipe-it/commits?author=aHVzY2g "Code") | [<img src="https://avatars.githubusercontent.com/u/13408130?v=4" width="110px;"/><br /><sub>林博仁 Buo-ren Lin</sub>](https://brlin.me)<br />[💻](https://github.com/snipe/snipe-it/commits?author=brlin-tw "Code") | [<img src="https://avatars.githubusercontent.com/u/18550946?v=4" width="110px;"/><br /><sub>Adugna Gizaw</sub>](https://orbalia.pythonanywhere.com/)<br />[🌍](#translation-addex12 "Translation") | [<img src="https://avatars.githubusercontent.com/u/760989?v=4" width="110px;"/><br /><sub>Jesse Ostrander</sub>](https://github.com/jostrander)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jostrander "Code") |
 <!-- ALL-CONTRIBUTORS-LIST:END -->
 
 This project follows the [all-contributors](https://github.com/kentcdodds/all-contributors) specification. Contributions of any kind welcome!

Dockerfile

@@ -1,4 +1,4 @@
-FROM ubuntu:22.04
+FROM ubuntu:24.04
 LABEL maintainer="Brady Wetherington <bwetherington@grokability.com>"
 
 # No need to add `apt-get clean` here, reference:
@@ -14,16 +14,16 @@ RUN export DEBIAN_FRONTEND=noninteractive; \
 apt-utils \
 apache2 \
 apache2-bin \
-libapache2-mod-php8.1 \
-php8.1-curl \
-php8.1-ldap \
-php8.1-mysql \
-php8.1-gd \
-php8.1-xml \
-php8.1-mbstring \
-php8.1-zip \
-php8.1-bcmath \
-php8.1-redis \
+libapache2-mod-php8.3 \
+php8.3-curl \
+php8.3-ldap \
+php8.3-mysql \
+php8.3-gd \
+php8.3-xml \
+php8.3-mbstring \
+php8.3-zip \
+php8.3-bcmath \
+php8.3-redis \
 php-memcached \
 patch \
 curl \
@@ -40,8 +40,7 @@ autoconf \
 libc-dev \
 libldap-common \
 pkg-config \
-libmcrypt-dev \
-php8.1-dev \
+php8.3-dev \
 ca-certificates \
 unzip \
 dnsutils \
@@ -51,18 +50,13 @@ dnsutils \
 RUN curl -L -O https://github.com/pear/pearweb_phars/raw/master/go-pear.phar
 RUN php go-pear.phar
 
-RUN pecl install mcrypt
-
-RUN bash -c "echo extension=/usr/lib/php/20210902/mcrypt.so > /etc/php/8.1/mods-available/mcrypt.ini"
-
-RUN phpenmod mcrypt
 RUN phpenmod gd
 RUN phpenmod bcmath
 
-RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/8.1/apache2/php.ini
-RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/8.1/cli/php.ini
+RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/8.3/apache2/php.ini
+RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/8.3/cli/php.ini
 
-RUN useradd -m --uid 1000 --gid 50 docker
+RUN useradd -m --uid 10000 --gid 50 docker
 
 RUN echo export APACHE_RUN_USER=docker >> /etc/apache2/envvars
 RUN echo export APACHE_RUN_GROUP=staff >> /etc/apache2/envvars

Dockerfile.alpine

@@ -73,7 +73,7 @@ RUN mkdir -p /var/www/.composer && chown apache /var/www/.composer
 
 # Install dependencies
 USER apache
-RUN COMPOSER_CACHE_DIR=/dev/null composer install --no-dev --working-dir=/var/www/html
+RUN COMPOSER_CACHE_DIR=/dev/null composer install --working-dir=/var/www/html
 
 USER root
 

README.md

@@ -7,7 +7,7 @@
 
 This is a FOSS project for asset management in IT Operations. Knowing who has which laptop, when it was purchased in order to depreciate it correctly, handling software licenses, etc.
 
-It is built on [Laravel 10](http://laravel.com).
+It is built on [Laravel 11](http://laravel.com).
 
 Snipe-IT is actively developed and we [release quite frequently](https://github.com/snipe/snipe-it/releases). ([Check out the live demo here](https://snipeitapp.com/demo/).)
 
@@ -94,6 +94,8 @@ Since the release of the JSON REST API, several third-party developers have been
 - [SnipeAgent](https://github.com/ReticentRobot/SnipeAgent) by [@ReticentRobot](https://github.com/ReticentRobot) - Windows agent for Snipe-IT.
 - [Gate Pass Generator](https://github.com/cha7uraAE/snipe-it-gate-pass-system) by [@cha7uraAE](https://github.com/cha7uraAE) - A Streamlit application for generating gate passes based on hardware data from a Snipe-IT API.
 
+We also have a handful of [Google Apps scripts](https://github.com/grokability/google-apps-scripts-for-snipe-it) to help with various tasks.
+
 -----
 
 ### Join the Community!
@@ -102,7 +104,7 @@ Since the release of the JSON REST API, several third-party developers have been
 - **Follow us on Bluesky** at [@snipeitapp.com](https://bsky.app/profile/snipeitapp.com)
 - **Follow us on Mastodon** at [hachyderm.io/@grokability](https://hachyderm.io/@grokability)
 - **Follow our blog** at [Grokstar.Dev](https://grokstar.dev)
-- **Subscribe here** on Github for notifications about new releases. (We recommend selecting "Releases" only for mosrt users - this repo can get noisy.)
+- **Subscribe here** on Github for notifications about new releases. (We recommend selecting "Releases" only for most users - this repo can get noisy.)
 
 -----
 

SECURITY.md

@@ -10,10 +10,12 @@ however there are times when library dependencies and/or PHP/MySQL dependencies
 make it impossible to backport security fixes on older versions. 
 
 | Version | Supported          |
-| ------- | ------------------ |
-| 5.1.x   | :white_check_mark: |
+|---------| ------------------ |
+| 7.x     | :white_check_mark: |
+| 6.x     | :x:                |
+| 5.1.x   | :x:                |
 | 5.0.x   | :x:                |
-| 4.0.x   | :white_check_mark: |
+| 4.0.x   | :x:                |
 | < 4.0   | :x:                |
 
 ## Reporting a Vulnerability

app/Console/Commands/LdapSync.php

@@ -125,6 +125,10 @@ class LdapSync extends Command
              */
             $attributes = array_values(array_filter($ldap_map));
 
+            if (Setting::getSettings()->is_ad === 1 && is_null($ldap_map['active_flag'])) {
+                $attributes[] = 'useraccountcontrol';
+            }
+
             $results = Ldap::findLdapUsers($search_base, -1, $filter, $attributes);
 
         } catch (\Exception $e) {
@@ -427,7 +431,13 @@ class LdapSync extends Command
                     $user->groups()->attach($ldap_default_group);
                 }
                 //updates assets location based on user's location
-                Asset::where('assigned_to', '=', $user->id)->update(['location_id' => $user->location_id]);
+                if ($user->wasChanged('location_id')) {
+                    foreach ($user->assets as $asset) {
+                        $asset->location_id = $user->location_id;
+                        // TODO: somehow add note? "Asset Location Changed because of thing"
+                        $asset->save();
+                    }
+                }
 
             } else {
                 foreach ($user->getErrors()->getMessages() as $key => $err) {

app/Console/Commands/ObjectImportCommand.php

@@ -59,7 +59,7 @@ class ObjectImportCommand extends Command
         $classString = "App\\Importer\\{$class}Importer";
         $importer = new $classString($filename);
         $importer->setCallbacks([$this, 'log'], [$this, 'progress'], [$this, 'errorCallback'])
-                 ->setUserId($this->option('user_id'))
+                 ->setCreatedBy($this->option('user_id'))
                  ->setUpdating($this->option('update'))
                  ->setShouldNotify($this->option('send-welcome'))
                  ->setUsernameFormat($this->option('username_format'));

app/Console/Commands/RecryptFromMcrypt.php

@@ -1,157 +0,0 @@
-<?php
-
-namespace App\Console\Commands;
-
-use App\LegacyEncrypter\McryptEncrypter;
-use App\Models\Asset;
-use App\Models\CustomField;
-use App\Models\Setting;
-use Illuminate\Console\Command;
-use Illuminate\Support\Facades\Storage;
-
-class RecryptFromMcrypt extends Command
-{
-    /**
-     * The name and signature of the console command.
-     *
-     * @var string
-     */
-    protected $signature = 'snipeit:legacy-recrypt 
-                {--force : Force a re-crypt of encrypted data from MCRYPT.}';
-
-    /**
-     * The console command description.
-     *
-     * @var string
-     */
-    protected $description = 'This command allows upgrading users to de-encrypt their deprecated mcrypt encrypted fields and re-encrypt them using the current OpenSSL encryption.';
-
-    /**
-     * Create a new command instance.
-     *
-     * @return void
-     */
-    public function __construct()
-    {
-        parent::__construct();
-    }
-
-    /**
-     * Execute the console command.
-     *
-     * @return mixed
-     */
-    public function handle()
-    {
-
-        // Check and see if they have a legacy app key listed in their .env
-        // If not, we can try to use the current APP_KEY if looks like it's old
-        $legacy_key = env('LEGACY_APP_KEY');
-        $key_parts = explode(':', $legacy_key);
-        $legacy_cipher = env('LEGACY_CIPHER', 'rijndael-256');
-        $errors = [];
-
-        if (! $legacy_key) {
-            $this->error('ERROR: You do not have a LEGACY_APP_KEY set in your .env file. Please locate your old APP_KEY and ADD a line to your .env file like: LEGACY_APP_KEY=YOUR_OLD_APP_KEY');
-
-            return false;
-        }
-
-        // Do some basic legacy app key length checks
-        if (strlen($legacy_key) == 32) {
-            $legacy_length_check = true;
-        } elseif (array_key_exists('1', $key_parts) && (strlen($key_parts[1]) == 44)) {
-            $legacy_key = base64_decode($key_parts[1], true);
-            $legacy_length_check = true;
-        } else {
-            $legacy_length_check = false;
-        }
-
-        // Check that the app key is 32 characters
-        if ($legacy_length_check === true) {
-            $this->comment('INFO: Your LEGACY_APP_KEY looks correct. Okay to continue.');
-        } else {
-            $this->error('ERROR: Your LEGACY_APP_KEY is not the correct length (32 characters or base64 followed by 44 characters for later versions). Please locate your old APP_KEY and use that as your LEGACY_APP_KEY in your .env file to continue.');
-
-            return false;
-        }
-
-        $this->error('================================!!!! WARNING !!!!================================');
-        $this->error('================================!!!! WARNING !!!!================================');
-        $this->comment("This tool will attempt to decrypt your old Snipe-IT (mcrypt, now deprecated) encrypted data and re-encrypt it using OpenSSL. \n\nYou should only continue if you have backed up any and all old APP_KEYs and have backed up your data.");
-
-        $force = ($this->option('force')) ? true : false;
-
-        if ($force || ($this->confirm('Are you SURE you wish to continue?'))) {
-            $backup_file = 'backups/env-backups/'.'app_key-'.date('Y-m-d-gis');
-
-            try {
-                Storage::disk('local')->put($backup_file, 'APP_KEY: '.config('app.key'));
-                Storage::disk('local')->append($backup_file, 'LEGACY_APP_KEY: '.$legacy_key);
-            } catch (\Exception $e) {
-                $this->info('WARNING: Could not backup app keys');
-            }
-
-            if ($legacy_cipher) {
-                $mcrypter = new McryptEncrypter($legacy_key, $legacy_cipher);
-            } else {
-                $mcrypter = new McryptEncrypter($legacy_key);
-            }
-            $settings = Setting::getSettings();
-
-            if ($settings->ldap_pword == '') {
-                $this->comment('INFO: No LDAP password found. Skipping... ');
-            } else {
-                $decrypted_ldap_pword = $mcrypter->decrypt($settings->ldap_pword);
-                $settings->ldap_pword = Crypt::encrypt($decrypted_ldap_pword);
-                $settings->save();
-            }
-            /** @var CustomField[] $custom_fields */
-            $custom_fields = CustomField::where('field_encrypted', '=', 1)->get();
-            $this->comment('INFO: Retrieving encrypted custom fields...');
-
-            $query = Asset::withTrashed();
-
-            foreach ($custom_fields as $custom_field) {
-                $this->comment('FIELD TO RECRYPT:  '.$custom_field->name.' ('.$custom_field->db_column.')');
-                $query->orWhereNotNull($custom_field->db_column);
-            }
-
-            // Get all assets with a value in any of the fields that were encrypted
-            /** @var Asset[] $assets */
-            $assets = $query->get();
-
-            $bar = $this->output->createProgressBar(count($assets));
-
-            foreach ($assets as $asset) {
-                foreach ($custom_fields as $encrypted_field) {
-                    $columnName = $encrypted_field->db_column;
-
-                    // Make sure the value isn't null
-                    if ($asset->{$columnName} != '') {
-                        // Try to decrypt the payload using the legacy app key
-                        try {
-                            $decrypted_field = $mcrypter->decrypt($asset->{$columnName});
-                            $asset->{$columnName} = Crypt::encrypt($decrypted_field);
-                            $this->comment($decrypted_field);
-                        } catch (\Exception $e) {
-                            $errors[] = ' - ERROR: Could not decrypt field ['.$encrypted_field->name.']: '.$e->getMessage();
-                        }
-                    }
-                }
-                $asset->save();
-                $bar->advance();
-            }
-
-            $bar->finish();
-
-            if (count($errors) > 0) {
-                $this->comment("\n\n");
-                $this->error("The decrypter encountered some errors: \n");
-                foreach ($errors as $error) {
-                    $this->error($error);
-                }
-            }
-        }
-    }
-}

app/Console/Commands/ResetDemoSettings.php

@@ -50,12 +50,12 @@ class ResetDemoSettings extends Command
         $settings->alert_email = 'service@snipe-it.io';
         $settings->login_note = 'Use `admin` / `password` to login to the demo.';
         $settings->header_color = null;
-        $settings->barcode_type = 'QRCODE';
+        $settings->label2_2d_type = 'QRCODE';
         $settings->default_currency = 'USD';
         $settings->brand = 2;
         $settings->ldap_enabled = 0;
         $settings->full_multiple_companies_support = 0;
-        $settings->alt_barcode = 'C128';
+        $settings->label2_1d_type = 'C128';
         $settings->skin = '';
         $settings->email_domain = 'snipeitapp.com';
         $settings->email_format = 'filastname';
@@ -65,7 +65,7 @@ class ResetDemoSettings extends Command
         $settings->thumbnail_max_h = '30';
         $settings->locale = 'en-US';
         $settings->version_footer = 'on';
-        $settings->support_footer = null;
+        $settings->support_footer = 'on';
         $settings->saml_enabled = '0';
         $settings->saml_sp_x509cert = null;
         $settings->saml_idp_metadata = null;

app/Console/Commands/RestoreFromBackup.php

@@ -51,6 +51,8 @@ class SQLStreamer {
             /* we *could* have made the ^INSERT INTO blah VALUES$ turn on the capturing state, and closed it with
                a ^(blahblah);$ but it's cleaner to not have to manage the state machine. We're just going to
                assume that (blahblah), or (blahblah); are values for INSERT and are always acceptable. */
+            "<^/\*!40101 SET NAMES '?[a-zA-Z0-9_-]+'? \*/;$>"                                   => false, //using weird delimiters (<,>) for readability. allow quoted or unquoted charsets
+            "<^/\*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' \*/;$>" => false, //same, now handle zero-values
         ];
 
         foreach($allowed_statements as $statement => $statechange) {
@@ -370,7 +372,7 @@ class RestoreFromBackup extends Command
         if ($this->option('sanitize-guess-prefix')) {
             $prefix = SQLStreamer::guess_prefix($sql_contents);
             $this->line($prefix);
-            return $this->info("Re-run this command with '--sanitize-with-prefix=".$prefix."' to see an attempt to sanitze your SQL.");
+            return $this->info("Re-run this command with '--sanitize-with-prefix=".$prefix."' to see an attempt to sanitize your SQL.");
         }
 
         // If we're doing --sql-stdout-only, handle that now so we don't have to open pipes to mysql and all of that silliness

app/Console/Commands/SendAcceptanceReminder.php

@@ -2,15 +2,15 @@
 
 namespace App\Console\Commands;
 
+use App\Mail\UnacceptedAssetReminderMail;
 use App\Models\Asset;
 use App\Models\CheckoutAcceptance;
 use App\Models\Setting;
 use App\Models\User;
 use App\Notifications\CheckoutAssetNotification;
 use App\Notifications\CurrentInventory;
-use App\Notifications\UnacceptedAssetReminderNotification;
 use Illuminate\Console\Command;
-use Illuminate\Support\Facades\Notification;
+use Illuminate\Support\Facades\Mail;
 
 class SendAcceptanceReminder extends Command
 {
@@ -64,43 +64,42 @@ class SendAcceptanceReminder extends Command
             ->groupBy(function($item) {
                 return $item['acceptance']->assignedTo ? $item['acceptance']->assignedTo->id : '';
             });
-
-        $no_mail_address = [];
+            $no_email_list= [];
 
         foreach($unacceptedAssetGroups as $unacceptedAssetGroup) {
+            // The [0] is weird, but it allows for the item_count to work and grabs the appropriate info for each user.
+            // Collapsing and flattening the collection doesn't work above.
+            $acceptance = $unacceptedAssetGroup[0]['acceptance'];
+            $locale = $acceptance->assignedTo?->locale;
+            $email = $acceptance->assignedTo?->email;
+            if(!$email){
+                $no_email_list[] = [
+                    'id' => $acceptance->assignedTo->id,
+                    'name' => $acceptance->assignedTo->present()->fullName(),
+                ];
+            }
             $item_count = $unacceptedAssetGroup->count();
-            foreach ($unacceptedAssetGroup as $unacceptedAsset) {
-//            if ($unacceptedAsset['acceptance']->assignedTo->email == ''){
-//                $no_mail_address[] = $unacceptedAsset['checkoutable']->assignedTo->present()->fullName;
-//            }
-                if ($unacceptedAsset['acceptance']->assignedTo) {
 
-                    if (!$unacceptedAsset['acceptance']->assignedTo->locale) {
-                        Notification::locale(Setting::getSettings()->locale)->send(
-                            $unacceptedAsset['acceptance']->assignedTo,
-                            new UnacceptedAssetReminderNotification($unacceptedAsset['assetItem'], $count)
-                        );
-                    } else {
-                        Notification::send(
-                            $unacceptedAsset['acceptance']->assignedTo,
-                            new UnacceptedAssetReminderNotification($unacceptedAsset, $item_count)
-                        );
-                    }
-                    $count++;
-                }
+            if ($locale && $email) {
+                Mail::to($email)->send((new UnacceptedAssetReminderMail($acceptance, $item_count))->locale($locale));
+
+            } elseif ($email) {
+                Mail::to($email)->send((new UnacceptedAssetReminderMail($acceptance, $item_count)));
             }
+            $count++;
         }
 
-        if (!empty($no_mail_address)) {
-            foreach($no_mail_address as $user) {
-                return $user.' has no email.';
-            }
-
-
-        }
-
-
-
         $this->info($count.' users notified.');
+        $headers = ['ID', 'Name'];
+        $rows = [];
+
+        foreach ($no_email_list as $user) {
+            $rows[] = [$user['id'], $user['name']];
+        }
+        $this->info("The following users do not have an email address:");
+        $this->table($headers, $rows);
+
+        return 0;
     }
+
 }

app/Console/Commands/SendExpirationAlerts.php

@@ -2,13 +2,13 @@
 
 namespace App\Console\Commands;
 
+use App\Mail\ExpiringAssetsMail;
+use App\Mail\ExpiringLicenseMail;
 use App\Models\Asset;
 use App\Models\License;
-use App\Models\Recipients\AlertRecipient;
 use App\Models\Setting;
-use App\Notifications\ExpiringAssetsNotification;
-use App\Notifications\ExpiringLicenseNotification;
 use Illuminate\Console\Command;
+use Illuminate\Support\Facades\Mail;
 
 class SendExpirationAlerts extends Command
 {
@@ -47,22 +47,22 @@ class SendExpirationAlerts extends Command
         if (($settings->alert_email != '') && ($settings->alerts_enabled == 1)) {
 
             // Send a rollup to the admin, if settings dictate
-            $recipients = collect(explode(',', $settings->alert_email))->map(function ($item, $key) {
-                return new AlertRecipient($item);
-            });
-
+            $recipients = collect(explode(',', $settings->alert_email))
+                ->map(fn($item) => trim($item)) // Trim each email
+                ->all();
             // Expiring Assets
             $assets = Asset::getExpiringWarrantee($threshold);
+
             if ($assets->count() > 0) {
                 $this->info(trans_choice('mail.assets_warrantee_alert', $assets->count(), ['count' => $assets->count(), 'threshold' => $threshold]));
-                \Notification::send($recipients, new ExpiringAssetsNotification($assets, $threshold));
+                Mail::to($recipients)->send(new ExpiringAssetsMail($assets, $threshold));
             }
 
             // Expiring licenses
             $licenses = License::getExpiringLicenses($threshold);
             if ($licenses->count() > 0) {
                 $this->info(trans_choice('mail.license_expiring_alert', $licenses->count(), ['count' => $licenses->count(), 'threshold' => $threshold]));
-                \Notification::send($recipients, new ExpiringLicenseNotification($licenses, $threshold));
+                Mail::to($recipients)->send(new ExpiringLicenseMail($licenses, $threshold));
             }
         } else {
             if ($settings->alert_email == '') {

app/Exceptions/Handler.php

@@ -122,6 +122,27 @@ class Handler extends ExceptionHandler
         }
 
 
+        // This is traaaaash but it handles models that are not found while using route model binding :(
+        // The only alternative is to set that at *each* route, which is crazypants
+        if ($e instanceof \Illuminate\Database\Eloquent\ModelNotFoundException) {
+            $model_name = last(explode('\\', $e->getModel()));
+            $route = str_plural(strtolower(last(explode('\\', $e->getModel())))).'.index';
+
+            // Sigh.
+            if ($route == 'assets.index') {
+                $route = 'hardware.index';
+            } elseif ($route == 'reporttemplates.index') {
+                $route = 'reports/custom';
+            } elseif ($route == 'assetmodels.index') {
+                $route = 'models.index';
+            } elseif ($route == 'predefinedkits.index') {
+                $route = 'kits.index';
+            }
+
+            return redirect()
+                ->route($route)
+                ->withError(trans('general.generic_model_not_found', ['model' => $model_name]));
+        }
 
 
         if ($this->isHttpException($e) && (isset($statusCode)) && ($statusCode == '404' )) {

app/Helpers/Helper.php

@@ -1520,11 +1520,11 @@ class Helper
         if ($redirect_option == 'target') {
             switch ($checkout_to_type) {
                 case 'user':
-                    return route('users.show', ['user' => $request->assigned_user]);
+                    return route('users.show', $request->assigned_user);
                 case 'location':
-                    return route('locations.show', ['location' => $request->assigned_location]);
+                    return route('locations.show', $request->assigned_location);
                 case 'asset':
-                    return route('hardware.show', ['hardware' => $request->assigned_asset]);
+                    return route('hardware.show', $request->assigned_asset);
             }
         }
         return redirect()->back()->with('error', trans('admin/hardware/message.checkout.error'));

app/Helpers/IconHelper.php

@@ -59,6 +59,8 @@ class IconHelper
                 return 'fas fa-cog';
             case 'angle-left':
                 return 'fas fa-angle-left';
+            case 'angle-right':
+                return 'fas fa-angle-right';
             case 'warning':
                 return 'fas fa-exclamation-triangle';
             case 'kits':
@@ -184,7 +186,11 @@ class IconHelper
                 return 'fa-regular fa-id-card';
             case 'department' :
                 return 'fa-solid fa-building-user';
-
+            case 'home' :
+                return 'fa-solid fa-house';
+            case 'note':
+            case 'notes':
+                return 'fas fa-sticky-note';
         }
     }
 }

app/Http/Controllers/Accessories/AccessoriesController.php

@@ -31,7 +31,7 @@ class AccessoriesController extends Controller
     public function index() : View
     {
         $this->authorize('index', Accessory::class);
-        return view('accessories/index');
+        return view('accessories.index');
     }
 
     /**
@@ -95,16 +95,10 @@ class AccessoriesController extends Controller
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @param  int $accessoryId
      */
-    public function edit($accessoryId = null) : View | RedirectResponse
+    public function edit(Accessory $accessory) : View | RedirectResponse
     {
-
-        if ($item = Accessory::find($accessoryId)) {
-            $this->authorize($item);
-            return view('accessories/edit', compact('item'))->with('category_type', 'accessory');
-        }
-
-        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
-
+        $this->authorize('update', Accessory::class);
+        return view('accessories.edit')->with('item', $accessory)->with('category_type', 'accessory');
     }
 
     /**
@@ -114,19 +108,12 @@ class AccessoriesController extends Controller
      * @param int $accessoryId
      * @since [v6.0]
      */
-    public function getClone($accessoryId = null) : View | RedirectResponse
+    public function getClone(Accessory $accessory) : View | RedirectResponse
     {
 
         $this->authorize('create', Accessory::class);
 
-        // Check if the asset exists
-        if (is_null($accessory_to_clone = Accessory::find($accessoryId))) {
-            // Redirect to the asset management page
-            return redirect()->route('accessories.index')
-                ->with('error', trans('admin/accessories/message.does_not_exist', ['id' => $accessoryId]));
-        }
-
-        $accessory = clone $accessory_to_clone;
+        $accessory = clone $accessory;
         $accessory->id = null;
         $accessory->location_id = null;
 
@@ -142,9 +129,9 @@ class AccessoriesController extends Controller
      * @param ImageUploadRequest $request
      * @param  int $accessoryId
      */
-    public function update(ImageUploadRequest $request, $accessoryId = null) : RedirectResponse
+    public function update(ImageUploadRequest $request, Accessory $accessory) : RedirectResponse
     {
-        if ($accessory = Accessory::withCount('checkouts as checkouts_count')->find($accessoryId)) {
+        if ($accessory = Accessory::withCount('checkouts as checkouts_count')->find($accessory->id)) {
 
             $this->authorize($accessory);
 
@@ -231,14 +218,10 @@ class AccessoriesController extends Controller
      * @see AccessoriesController::getDataView() method that generates the JSON response
      * @since [v1.0]
      */
-    public function show($accessoryID = null) : View | RedirectResponse
+    public function show(Accessory $accessory) : View | RedirectResponse
     {
-        $accessory = Accessory::withCount('checkouts as checkouts_count')->find($accessoryID);
+        $accessory = Accessory::withCount('checkouts as checkouts_count')->find($accessory->id);
         $this->authorize('view', $accessory);
-        if (isset($accessory->id)) {
-            return view('accessories/view', compact('accessory'));
-        }
-
-        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist', ['id' => $accessoryID]));
+        return view('accessories.view', compact('accessory'));
     }
 }

app/Http/Controllers/Accessories/AccessoriesFilesController.php

@@ -51,15 +51,15 @@ class AccessoriesFilesController extends Controller
                 }
 
 
-                return redirect()->route('accessories.show', $accessory->id)->with('success', trans('general.file_upload_success'));
+                return redirect()->route('accessories.show', $accessory->id)->withFragment('files')->with('success', trans('general.file_upload_success'));
 
             }
 
-            return redirect()->route('accessories.show', $accessory->id)->with('error', trans('general.no_files_uploaded'));
+            return redirect()->route('accessories.show', $accessory->id)->withFragment('files')->with('error', trans('general.no_files_uploaded'));
         }
         // Prepare the error message
-        return redirect()->route('accessories.index')
-            ->with('error', trans('general.file_does_not_exist'));
+        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
+
     }
 
     /**
@@ -72,30 +72,27 @@ class AccessoriesFilesController extends Controller
      */
     public function destroy($accessoryId = null, $fileId = null) : RedirectResponse
     {
-        $accessory = Accessory::find($accessoryId);
-
-        // the asset is valid
-        if (isset($accessory->id)) {
+        if ($accessory = Accessory::find($accessoryId)) {
             $this->authorize('update', $accessory);
-            $log = Actionlog::find($fileId);
 
-            // Remove the file if one exists
-            if (Storage::exists('accessories/'.$log->filename)) {
-                try {
-                    Storage::delete('accessories/'.$log->filename);
-                } catch (\Exception $e) {
-                    Log::debug($e);
+            if ($log = Actionlog::find($fileId)) {
+
+                if (Storage::exists('private_uploads/accessories/'.$log->filename)) {
+                    try {
+                        Storage::delete('private_uploads/accessories/' . $log->filename);
+                        $log->delete();
+                        return redirect()->back()->withFragment('files')->with('success', trans('admin/hardware/message.deletefile.success'));
+                    } catch (\Exception $e) {
+                        Log::debug($e);
+                        return redirect()->route('accessories.index')->with('error', trans('general.file_does_not_exist'));
+                    }
                 }
+
             }
-
-            $log->delete();
-
-            return redirect()->back()
-                ->with('success', trans('admin/hardware/message.deletefile.success'));
+            return redirect()->route('accessories.show', ['accessory' => $accessory])->withFragment('files')->with('error',  trans('general.log_record_not_found'));
         }
 
-        // Redirect to the licence management page
-        return redirect()->route('accessories.index')->with('error', trans('general.file_does_not_exist'));
+        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
     }
 
     /**
@@ -125,10 +122,11 @@ class AccessoriesFilesController extends Controller
                 }
             }
 
-            return redirect()->route('accessories.show', ['accessory' => $accessory])->with('error',  trans('general.log_record_not_found'));
+            return redirect()->route('accessories.show', ['accessory' => $accessory])->withFragment('files')->with('error',  trans('general.log_record_not_found'));
 
         }
 
-        return redirect()->route('accessories.index')->with('error', trans('general.file_not_found'));
+        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
+
     }
 }

app/Http/Controllers/Accessories/AccessoryCheckoutController.php

@@ -75,20 +75,23 @@ class AccessoryCheckoutController extends Controller
         $accessory->checkout_qty = $request->input('checkout_qty', 1);
         
         for ($i = 0; $i < $accessory->checkout_qty; $i++) {
-            AccessoryCheckout::create([
+
+            $accessory_checkout = new AccessoryCheckout([
                 'accessory_id' => $accessory->id,
                 'created_at' => Carbon::now(),
-                'created_by' => auth()->id(),
                 'assigned_to' => $target->id,
                 'assigned_type' => $target::class,
                 'note' => $request->input('note'),
             ]);
+
+            $accessory_checkout->created_by = auth()->id();
+            $accessory_checkout->save();
         }
+
         event(new CheckoutableCheckedOut($accessory,  $target, auth()->user(), $request->input('note')));
 
-        // Set this as user since we only allow checkout to user for this item type
         $request->request->add(['checkout_to_type' => request('checkout_to_type')]);
-        $request->request->add(['assigned_user' => $target->id]);
+        $request->request->add(['assigned_to' => $target->id]);
 
         session()->put(['redirect_option' => $request->get('redirect_option'), 'checkout_to_type' => $request->get('checkout_to_type')]);
 

app/Http/Controllers/ActionlogController.php

@@ -40,15 +40,16 @@ class ActionlogController extends Controller
     public function getStoredEula($filename) : Response | BinaryFileResponse | RedirectResponse
     {
         $this->authorize('view', \App\Models\Asset::class);
-        $file = config('app.private_uploads').'/eula-pdfs/'.$filename;
 
-        if (Storage::exists($file)) {
-            return response()->download($file);
+        if (config('filesystems.default') == 's3_private') {
+            return redirect()->away(Storage::disk('s3_private')->temporaryUrl('private_uploads/eula-pdfs/'.$filename, now()->addMinutes(5)));
+        }
+
+        if (Storage::exists('private_uploads/eula-pdfs/'.$filename)) {
+            return response()->download(config('app.private_uploads').'/eula-pdfs/'.$filename);
         }
 
         return redirect()->back()->with('error',  trans('general.file_does_not_exist'));
 
-
-
     }
 }

app/Http/Controllers/Api/AccessoriesController.php

@@ -13,6 +13,7 @@ use App\Http\Transformers\SelectlistTransformer;
 use App\Models\Accessory;
 use App\Models\Company;
 use App\Models\User;
+use Illuminate\Http\JsonResponse;
 use Illuminate\Support\Facades\Auth;
 use Carbon\Carbon;
 use Illuminate\Support\Facades\DB;
@@ -184,39 +185,33 @@ class AccessoriesController extends Controller
 
 
     /**
-     * Display the specified resource.
+     * Get the list of checkouts for a specific accessory
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0]
      * @param  int  $id
-     * @return \Illuminate\Http\Response
+     * @return  | array
      */
-    public function checkedout($id, Request $request)
+    public function checkedout(Request $request, $id)
     {
         $this->authorize('view', Accessory::class);
 
         $accessory = Accessory::with('lastCheckout')->findOrFail($id);
-
         $offset = request('offset', 0);
         $limit = request('limit', 50);
 
-        $accessory_checkouts = $accessory->checkouts;
-        $total = $accessory_checkouts->count();
-
-        if ($total < $offset) {
-            $offset = 0;
-        }
-
-        $accessory_checkouts = $accessory->checkouts()->skip($offset)->take($limit)->get();
+        // Total count of all checkouts for this asset
+        $accessory_checkouts = $accessory->checkouts();
 
+        // Check for search text in the request
         if ($request->filled('search')) {
-            
-            $accessory_checkouts = $accessory->checkouts()->TextSearch($request->input('search'))
-                                         ->get();
-            $total = $accessory_checkouts->count();
+            $accessory_checkouts = $accessory_checkouts->TextSearch($request->input('search'));
         }
 
-        return (new AccessoriesTransformer)->transformCheckedoutAccessory($accessory, $accessory_checkouts, $total);
+        $total = $accessory_checkouts->count();
+        $accessory_checkouts = $accessory_checkouts->skip($offset)->take($limit)->get();
+
+        return (new AccessoriesTransformer)->transformCheckedoutAccessory($accessory_checkouts, $total);
     }
 
 
@@ -227,7 +222,7 @@ class AccessoriesController extends Controller
      * @since [v4.0]
      * @param  \App\Http\Requests\ImageUploadRequest $request
      * @param  int  $id
-     * @return \Illuminate\Http\Response
+     * @return \Illuminate\Http\JsonResponse
      */
     public function update(ImageUploadRequest $request, $id)
     {
@@ -249,7 +244,7 @@ class AccessoriesController extends Controller
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0]
      * @param  int  $id
-     * @return \Illuminate\Http\Response
+     * @return \Illuminate\Http\JsonResponse
      */
     public function destroy($id)
     {
@@ -284,14 +279,17 @@ class AccessoriesController extends Controller
         $accessory->checkout_qty = $request->input('checkout_qty', 1);
 
         for ($i = 0; $i < $accessory->checkout_qty; $i++) {
-            AccessoryCheckout::create([
+
+            $accessory_checkout = new AccessoryCheckout([
                 'accessory_id' => $accessory->id,
                 'created_at' => Carbon::now(),
-                'created_by' => auth()->id(),
                 'assigned_to' => $target->id,
                 'assigned_type' => $target::class,
                 'note' => $request->input('note'),
             ]);
+
+            $accessory_checkout->created_by = auth()->id();
+            $accessory_checkout->save();
         }
 
         // Set this value to be able to pass the qty through to the event

app/Http/Controllers/Api/AssetMaintenancesController.php

@@ -122,7 +122,7 @@ class AssetMaintenancesController extends Controller
      * @version v1.0
      * @since [v1.8]
      */
-    public function store(Request $request) : JsonResponse
+    public function store(Request $request) : JsonResponse | array
     {
         $this->authorize('update', Asset::class);
         // create a new model instance
@@ -149,7 +149,7 @@ class AssetMaintenancesController extends Controller
      * @version v1.0
      * @since [v4.0]
      */
-    public function update(Request $request, $id) : JsonResponse
+    public function update(Request $request, $id) : JsonResponse | array
     {
         $this->authorize('update', Asset::class);
 
@@ -186,7 +186,7 @@ class AssetMaintenancesController extends Controller
      * @version v1.0
      * @since [v4.0]
      */
-    public function destroy($assetMaintenanceId) : JsonResponse
+    public function destroy($assetMaintenanceId) : JsonResponse | array
     {
         $this->authorize('update', Asset::class);
         // Check if the asset maintenance exists
@@ -208,7 +208,7 @@ class AssetMaintenancesController extends Controller
      * @version v1.0
      * @since [v4.0]
      */
-    public function show($assetMaintenanceId) : JsonResponse
+    public function show($assetMaintenanceId) : JsonResponse | array
     {
         $this->authorize('view', Asset::class);
         $assetMaintenance = AssetMaintenance::findOrFail($assetMaintenanceId);

app/Http/Controllers/Api/AssetModelFilesController.php

@@ -9,6 +9,7 @@ use App\Http\Controllers\Controller;
 use App\Models\AssetModel;
 use App\Models\Actionlog;
 use App\Http\Requests\UploadFileRequest;
+use App\Http\Transformers\AssetModelsTransformer;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Support\Facades\Log;
 use Symfony\Component\HttpFoundation\StreamedResponse;
@@ -68,37 +69,15 @@ class AssetModelFilesController extends Controller
     /**
      * List the files for an asset.
      *
-     * @param  int $assetModelId
+     * @param  int $assetmodel
      * @since [v7.0.12]
      * @author [r-xyz]
      */
-    public function list($assetModelId = null) : JsonResponse
+    public function list($assetmodel_id) : JsonResponse | array
     {
-        // Start by checking if the asset being acted upon exists
-        if (! $assetModel = AssetModel::find($assetModelId)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/models/message.does_not_exist')), 404);
-        }
-        
-        // the asset is valid
-        if (isset($assetModel->id)) {
-            $this->authorize('view', $assetModel);
-
-            // Check that there are some uploads on this asset that can be listed
-            if ($assetModel->uploads->count() > 0) {
-                $files = array();
-                foreach ($assetModel->uploads as $upload) {
-                    array_push($files, $upload);
-                }
-                // Give the list of files back to the user
-                return response()->json(Helper::formatStandardApiResponse('success', $files, trans('admin/models/message.upload.success')));
-            }
-
-            // There are no files.
-            return response()->json(Helper::formatStandardApiResponse('success', array(), trans('admin/models/message.upload.success')));
-        }
-
-        // Send back an error message
-        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/models/message.download.error')), 500);
+            $assetmodel = AssetModel::with('uploads')->find($assetmodel_id);
+            $this->authorize('view', $assetmodel);
+            return (new AssetModelsTransformer)->transformAssetModelFiles($assetmodel, $assetmodel->uploads()->count());
     }
 
     /**

app/Http/Controllers/Api/AssetModelsController.php

@@ -77,6 +77,18 @@ class AssetModelsController extends Controller
             $assetmodels->onlyTrashed();
         }
 
+        if ($request->filled('name')) {
+            $assetmodels = $assetmodels->where('models.name', '=', $request->input('name'));
+        }
+
+        if ($request->filled('model_number')) {
+            $assetmodels = $assetmodels->where('models.model_number', '=', $request->input('model_number'));
+        }
+
+        if ($request->filled('notes')) {
+            $assetmodels = $assetmodels->where('models.notes', '=', $request->input('notes'));
+        }
+
         if ($request->filled('category_id')) {
             $assetmodels = $assetmodels->where('models.category_id', '=', $request->input('category_id'));
         }

app/Http/Controllers/Api/AssetsController.php

@@ -6,6 +6,7 @@ use App\Events\CheckoutableCheckedIn;
 use App\Http\Requests\StoreAssetRequest;
 use App\Http\Requests\UpdateAssetRequest;
 use App\Http\Traits\MigratesLegacyAssetLocations;
+use App\Models\AccessoryCheckout;
 use App\Models\CheckoutAcceptance;
 use App\Models\LicenseSeat;
 use Illuminate\Database\Eloquent\Builder;
@@ -26,13 +27,13 @@ use App\Models\License;
 use App\Models\Location;
 use App\Models\Setting;
 use App\Models\User;
-use Illuminate\Support\Facades\Auth;
 use Carbon\Carbon;
 use Illuminate\Support\Facades\DB;
 use Illuminate\Http\Request;
-use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Route;
+use App\View\Label;
+use Illuminate\Support\Facades\Storage;
 
 
 /**
@@ -80,10 +81,10 @@ class AssetsController extends Controller
             $this->authorize('reports.view');
         } else {
             $transformer = 'App\Http\Transformers\AssetsTransformer';
-            $this->authorize('index', Asset::class);          
+            $this->authorize('index', Asset::class);
         }
-        
-       
+
+
         $settings = Setting::getSettings();
 
         $allowed_columns = [
@@ -126,8 +127,20 @@ class AssetsController extends Controller
         }
 
         $assets = Asset::select('assets.*')
-            ->with('location', 'assetstatus', 'company', 'defaultLoc','assignedTo', 'adminuser','model.depreciation',
-                'model.category', 'model.manufacturer', 'model.fieldset','supplier'); //it might be tempting to add 'assetlog' here, but don't. It blows up update-heavy users.
+            ->with(
+                'model',
+                'location',
+                'assetstatus',
+                'company',
+                'defaultLoc',
+                'assignedTo',
+                'adminuser',
+                'model.depreciation',
+                'model.category',
+                'model.manufacturer',
+                'model.fieldset',
+                'supplier'
+            ); // it might be tempting to add 'assetlog' here, but don't. It blows up update-heavy users.
 
 
         if ($filter_non_deprecable_assets) {
@@ -159,8 +172,8 @@ class AssetsController extends Controller
          * Handle due and overdue audits and checkin dates
          */
         switch ($action) {
-            // Audit (singular) is left over from earlier legacy APIs
-            case 'audits' :
+                // Audit (singular) is left over from earlier legacy APIs
+            case 'audits':
                 switch ($upcoming_status) {
                     case 'due':
                         $assets->DueForAudit($settings);
@@ -187,7 +200,7 @@ class AssetsController extends Controller
                         break;
                 }
                 break;
-            }
+        }
 
         /**
          * End handling due and overdue audits and checkin dates
@@ -265,7 +278,6 @@ class AssetsController extends Controller
                         $join->on('status_alias.id', '=', 'assets.status_id');
                     });
                 }
-
         }
 
 
@@ -345,7 +357,7 @@ class AssetsController extends Controller
         $column_sort = in_array($sort_override, $allowed_columns) ? $sort_override : 'assets.created_at';
 
         $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        
+
         switch ($sort_override) {
             case 'model':
                 $assets->OrderModels($order);
@@ -399,7 +411,6 @@ class AssetsController extends Controller
                     } else {
                         $assets->orderBy($sort_override, $order);
                     }
-
                 } else {
                     $assets->orderBy($column_sort, $order);
                 }
@@ -413,11 +424,11 @@ class AssetsController extends Controller
 
         $total = $assets->count();
         $assets = $assets->skip($offset)->take($limit)->get();
-        
+
 
         /**
          * Include additional associated relationships
-         */  
+         */
         if ($request->input('components')) {
             $assets->loadMissing(['components' => function ($query) {
                 $query->orderBy('created_at', 'desc');
@@ -441,7 +452,7 @@ class AssetsController extends Controller
      * @since [v4.2.1]
      * @author [A. Gianotto] [<snipe@snipe.net>]
      */
-    public function showByTag(Request $request, $tag) : JsonResponse | array
+    public function showByTag(Request $request, $tag): JsonResponse | array
     {
         $this->authorize('index', Asset::class);
         $assets = Asset::where('asset_tag', $tag)->with('assetstatus')->with('assignedTo');
@@ -463,12 +474,10 @@ class AssetsController extends Controller
             } else {
                 return (new AssetsTransformer)->transformAssets($assets, $assets->count());
             }
-
         }
 
         // If there are 0 results, return the "no such asset" response
         return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 200);
-
     }
 
     /**
@@ -479,7 +488,7 @@ class AssetsController extends Controller
      * @since [v4.2.1]
      * @return \Illuminate\Http\JsonResponse
      */
-    public function showBySerial(Request $request, $serial) : JsonResponse | array
+    public function showBySerial(Request $request, $serial): JsonResponse | array
     {
         $this->authorize('index', Asset::class);
         $assets = Asset::where('serial', $serial)->with('assetstatus')->with('assignedTo');
@@ -488,14 +497,13 @@ class AssetsController extends Controller
         if ($request->input('deleted', 'false') == 'true') {
             $assets = $assets->withTrashed();
         }
-        
+
         if (($assets = $assets->get()) && ($assets->count()) > 0) {
-             return (new AssetsTransformer)->transformAssets($assets, $assets->count());
+            return (new AssetsTransformer)->transformAssets($assets, $assets->count());
         }
 
         // If there are 0 results, return the "no such asset" response
         return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 200);
-
     }
 
     /**
@@ -506,20 +514,20 @@ class AssetsController extends Controller
      * @since [v4.0]
      * @return \Illuminate\Http\JsonResponse
      */
-    public function show(Request $request, $id) : JsonResponse | array
+    public function show(Request $request, $id): JsonResponse | array
     {
         if ($asset = Asset::with('assetstatus')
             ->with('assignedTo')->withTrashed()
-            ->withCount('checkins as checkins_count', 'checkouts as checkouts_count', 'userRequests as user_requests_count')->find($id)) {
+            ->withCount('checkins as checkins_count', 'checkouts as checkouts_count', 'userRequests as user_requests_count')->find($id)
+        ) {
             $this->authorize('view', $asset);
 
-            return (new AssetsTransformer)->transformAsset($asset, $request->input('components') );
+            return (new AssetsTransformer)->transformAsset($asset, $request->input('components'));
         }
         return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 200);
-
     }
 
-    public function licenses(Request $request, $id) : array
+    public function licenses(Request $request, $id): array
     {
         $this->authorize('view', Asset::class);
         $this->authorize('view', License::class);
@@ -527,7 +535,7 @@ class AssetsController extends Controller
         $licenses = $asset->licenses()->get();
 
         return (new LicensesTransformer())->transformLicenses($licenses, $licenses->count());
-     }
+    }
 
 
     /**
@@ -537,7 +545,7 @@ class AssetsController extends Controller
      * @since [v4.0.16]
      * @see \App\Http\Transformers\SelectlistTransformer
      */
-    public function selectlist(Request $request) : array
+    public function selectlist(Request $request): array
     {
 
         $assets = Asset::select([
@@ -548,7 +556,7 @@ class AssetsController extends Controller
             'assets.assigned_to',
             'assets.assigned_type',
             'assets.status_id',
-            ])->with('model', 'assetstatus', 'assignedTo')->NotArchived();
+        ])->with('model', 'assetstatus', 'assignedTo')->NotArchived();
 
         if ($request->filled('assetStatusType') && $request->input('assetStatusType') === 'RTD') {
             $assets = $assets->RTD();
@@ -570,12 +578,12 @@ class AssetsController extends Controller
             $asset->use_text = $asset->present()->fullName;
 
             if (($asset->checkedOutToUser()) && ($asset->assigned)) {
-                $asset->use_text .= ' → '.$asset->assigned->getFullNameAttribute();
+                $asset->use_text .= ' → ' . $asset->assigned->getFullNameAttribute();
             }
 
 
             if ($asset->assetstatus->getStatuslabelType() == 'pending') {
-                $asset->use_text .= '('.$asset->assetstatus->getStatuslabelType().')';
+                $asset->use_text .= '(' . $asset->assetstatus->getStatuslabelType() . ')';
             }
 
             $asset->use_image = ($asset->getImageUrl()) ? $asset->getImageUrl() : null;
@@ -601,12 +609,12 @@ class AssetsController extends Controller
         $asset->created_by    = auth()->id();
 
         /**
-        * this is here just legacy reasons. Api\AssetController
-        * used image_source  once to allow encoded image uploads.
-        */
+         * this is here just legacy reasons. Api\AssetController
+         * used image_source  once to allow encoded image uploads.
+         */
         if ($request->has('image_source')) {
             $request->offsetSet('image', $request->offsetGet('image_source'));
-        }     
+        }
 
         $asset = $request->handleImages($asset);
 
@@ -623,9 +631,9 @@ class AssetsController extends Controller
 
                 // If input value is null, use custom field's default value
                 if ($field_val == null) {
-                    Log::debug('Field value for '.$field->db_column.' is null');
+                    Log::debug('Field value for ' . $field->db_column . ' is null');
                     $field_val = $field->defaultValue($request->get('model_id'));
-                    Log::debug('Use the default fieldset value of '.$field->defaultValue($request->get('model_id')));
+                    Log::debug('Use the default fieldset value of ' . $field->defaultValue($request->get('model_id')));
                 }
 
                 // if the field is set to encrypted, make sure we encrypt the value
@@ -643,7 +651,7 @@ class AssetsController extends Controller
                     }
                 }
                 if ($field->element == 'checkbox') {
-                    if(is_array($field_val)) {
+                    if (is_array($field_val)) {
                         $field_val = implode(',', $field_val);
                     }
                 }
@@ -702,64 +710,68 @@ class AssetsController extends Controller
         }
 
         /**
-        * this is here just legacy reasons. Api\AssetController
-        * used image_source  once to allow encoded image uploads.
-        */
+         * this is here just legacy reasons. Api\AssetController
+         * used image_source  once to allow encoded image uploads.
+         */
         if ($request->has('image_source')) {
             $request->offsetSet('image', $request->offsetGet('image_source'));
         }
 
         $asset = $request->handleImages($asset);
         $model = $asset->model;
-            
-            // Update custom fields
-            $problems_updating_encrypted_custom_fields = false;
-            if (($model) && (isset($model->fieldset))) {
-                foreach ($model->fieldset->fields as $field) {
-                    $field_val = $request->input($field->db_column, null);
 
-                    if ($request->has($field->db_column)) {
-                        if ($field->element == 'checkbox') {
-                            if(is_array($field_val)) {
-                                $field_val = implode(',', $field_val);
-                            }
+        // Update custom fields
+        $problems_updating_encrypted_custom_fields = false;
+        if (($model) && (isset($model->fieldset))) {
+            foreach ($model->fieldset->fields as $field) {
+                $field_val = $request->input($field->db_column, null);
+
+                if ($request->has($field->db_column)) {
+                    if ($field->element == 'checkbox') {
+                        if (is_array($field_val)) {
+                            $field_val = implode(',', $field_val);
                         }
-                        if ($field->field_encrypted == '1') {
-                            if (Gate::allows('assets.view.encrypted_custom_fields')) {
-                                $field_val = Crypt::encrypt($field_val);
-                            } else {
-                                $problems_updating_encrypted_custom_fields = true;
-                                continue;
-                            }
-                        }
-                        $asset->{$field->db_column} = $field_val;
                     }
+                    if ($field->field_encrypted == '1') {
+                        if (Gate::allows('assets.view.encrypted_custom_fields')) {
+                            $field_val = Crypt::encrypt($field_val);
+                        } else {
+                            $problems_updating_encrypted_custom_fields = true;
+                            continue;
+                        }
+                    }
+                    $asset->{$field->db_column} = $field_val;
                 }
             }
-            if ($asset->save()) {
-                if (($request->filled('assigned_user')) && ($target = User::find($request->get('assigned_user')))) {
-                        $location = $target->location_id;
-                } elseif (($request->filled('assigned_asset')) && ($target = Asset::find($request->get('assigned_asset')))) {
-                    $location = $target->location_id;
+        }
+        if ($asset->save()) {
+            if (($request->filled('assigned_user')) && ($target = User::find($request->get('assigned_user')))) {
+                $location = $target->location_id;
+            } elseif (($request->filled('assigned_asset')) && ($target = Asset::find($request->get('assigned_asset')))) {
+                $location = $target->location_id;
 
-                    Asset::where('assigned_type', \App\Models\Asset::class)->where('assigned_to', $asset->id)
-                        ->update(['location_id' => $target->location_id]);
-                } elseif (($request->filled('assigned_location')) && ($target = Location::find($request->get('assigned_location')))) {
-                    $location = $target->id;
-                }
+                Asset::where('assigned_type', \App\Models\Asset::class)->where('assigned_to', $asset->id)
+                    ->update(['location_id' => $target->location_id]);
+            } elseif (($request->filled('assigned_location')) && ($target = Location::find($request->get('assigned_location')))) {
+                $location = $target->id;
+            }
 
-                if (isset($target)) {
-                    $asset->checkOut($target, auth()->user(), date('Y-m-d H:i:s'), '', 'Checked out on asset update', e($request->get('name')), $location);
-                }
+            if (isset($target)) {
+                $asset->checkOut($target, auth()->user(), date('Y-m-d H:i:s'), '', 'Checked out on asset update', e($request->get('name')), $location);
+            }
 
-                if ($asset->image) {
-                    $asset->image = $asset->getImageUrl();
-                }
+            if ($asset->image) {
+                $asset->image = $asset->getImageUrl();
+            }
 
             if ($problems_updating_encrypted_custom_fields) {
                 return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.update.encrypted_warning')));
+                // Below is the *correct* return since it uses the transformer, but we have to use the old, flat return for now until we can update Jamf2Snipe and Kanji2Snipe
+                // return response()->json(Helper::formatStandardApiResponse('success', (new AssetsTransformer)->transformAsset($asset), trans('admin/hardware/message.update.encrypted_warning')));
             } else {
                 return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.update.success')));
+                // Below is the *correct* return since it uses the transformer, but we have to use the old, flat return for now until we can update Jamf2Snipe and Kanji2Snipe
+                /// return response()->json(Helper::formatStandardApiResponse('success', (new AssetsTransformer)->transformAsset($asset), trans('admin/hardware/message.update.success')));
             }
         }
         return response()->json(Helper::formatStandardApiResponse('error', null, $asset->getErrors()), 200);
@@ -773,7 +785,7 @@ class AssetsController extends Controller
      * @param int $assetId
      * @since [v4.0]
      */
-    public function destroy($id) : JsonResponse
+    public function destroy($id): JsonResponse
     {
         $this->authorize('delete', Asset::class);
 
@@ -799,7 +811,7 @@ class AssetsController extends Controller
         return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 200);
     }
 
-    
+
 
     /**
      * Restore a soft-deleted asset.
@@ -808,7 +820,7 @@ class AssetsController extends Controller
      * @param int $assetId
      * @since [v5.1.18]
      */
-    public function restore(Request $request, $assetId = null) : JsonResponse
+    public function restore(Request $request, $assetId = null): JsonResponse
     {
 
         if ($asset = Asset::withTrashed()->find($assetId)) {
@@ -827,7 +839,6 @@ class AssetsController extends Controller
         }
 
         return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 200);
-
     }
 
     /**
@@ -837,7 +848,7 @@ class AssetsController extends Controller
      * @param string $tag
      * @since [v6.0.5]
      */
-    public function checkoutByTag(AssetCheckoutRequest $request, $tag) : JsonResponse
+    public function checkoutByTag(AssetCheckoutRequest $request, $tag): JsonResponse
     {
         if ($asset = Asset::where('asset_tag', $tag)->first()) {
             return $this->checkout($request, $asset->id);
@@ -852,13 +863,13 @@ class AssetsController extends Controller
      * @param int $assetId
      * @since [v4.0]
      */
-    public function checkout(AssetCheckoutRequest $request, $asset_id) : JsonResponse
+    public function checkout(AssetCheckoutRequest $request, $asset_id): JsonResponse
     {
         $this->authorize('checkout', Asset::class);
         $asset = Asset::findOrFail($asset_id);
 
         if (! $asset->availableForCheckout()) {
-            return response()->json(Helper::formatStandardApiResponse('error', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkout.not_available')));
+            return response()->json(Helper::formatStandardApiResponse('error', ['asset' => e($asset->asset_tag)], trans('admin/hardware/message.checkout.not_available')));
         }
 
         $this->authorize('checkout', $asset);
@@ -875,14 +886,12 @@ class AssetsController extends Controller
             $asset->location_id = ($target) ? $target->id : '';
             $error_payload['target_id'] = $request->input('assigned_location');
             $error_payload['target_type'] = 'location';
-
         } elseif (request('checkout_to_type') == 'asset') {
             $target = Asset::where('id', '!=', $asset_id)->find(request('assigned_asset'));
             // Override with the asset's location_id if it has one
             $asset->location_id = (($target) && (isset($target->location_id))) ? $target->location_id : '';
             $error_payload['target_id'] = $request->input('assigned_asset');
             $error_payload['target_type'] = 'asset';
-
         } elseif (request('checkout_to_type') == 'user') {
             // Fetch the target and set the asset's new location_id
             $target = User::find(request('assigned_user'));
@@ -896,7 +905,7 @@ class AssetsController extends Controller
         }
 
         if (! isset($target)) {
-            return response()->json(Helper::formatStandardApiResponse('error', $error_payload, 'Checkout target for asset '.e($asset->asset_tag).' is invalid - '.$error_payload['target_type'].' does not exist.'));
+            return response()->json(Helper::formatStandardApiResponse('error', $error_payload, 'Checkout target for asset ' . e($asset->asset_tag) . ' is invalid - ' . $error_payload['target_type'] . ' does not exist.'));
         }
 
         $checkout_at = request('checkout_at', date('Y-m-d H:i:s'));
@@ -910,15 +919,15 @@ class AssetsController extends Controller
         // TODO: Follow up here. WTF. Commented out for now. 
 
 
-//        if ((isset($target->rtd_location_id)) && ($asset->rtd_location_id!='')) {
-//            $asset->location_id = $target->rtd_location_id;
-//        }
+        //        if ((isset($target->rtd_location_id)) && ($asset->rtd_location_id!='')) {
+        //            $asset->location_id = $target->rtd_location_id;
+        //        }
 
         if ($asset->checkOut($target, auth()->user(), $checkout_at, $expected_checkin, $note, $asset_name, $asset->location_id)) {
-            return response()->json(Helper::formatStandardApiResponse('success', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkout.success')));
+            return response()->json(Helper::formatStandardApiResponse('success', ['asset' => e($asset->asset_tag)], trans('admin/hardware/message.checkout.success')));
         }
 
-        return response()->json(Helper::formatStandardApiResponse('error', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkout.error')));
+        return response()->json(Helper::formatStandardApiResponse('error', ['asset' => e($asset->asset_tag)], trans('admin/hardware/message.checkout.error')));
     }
 
 
@@ -929,7 +938,7 @@ class AssetsController extends Controller
      * @param int $assetId
      * @since [v4.0]
      */
-    public function checkin(Request $request, $asset_id) : JsonResponse
+    public function checkin(Request $request, $asset_id): JsonResponse
     {
         $asset = Asset::with('model')->findOrFail($asset_id);
         $this->authorize('checkin', $asset);
@@ -937,7 +946,7 @@ class AssetsController extends Controller
         $target = $asset->assignedTo;
         if (is_null($target)) {
             return response()->json(Helper::formatStandardApiResponse('error', [
-                'asset_tag'=> e($asset->asset_tag),
+                'asset_tag' => e($asset->asset_tag),
                 'model' => e($asset->model->name),
                 'model_number' => e($asset->model->model_number)
             ], trans('admin/hardware/message.checkin.already_checked_in')));
@@ -960,7 +969,7 @@ class AssetsController extends Controller
         if ($request->filled('location_id')) {
             $asset->location_id = $request->input('location_id');
 
-            if ($request->input('update_default_location')){
+            if ($request->input('update_default_location')) {
                 $asset->rtd_location_id = $request->input('location_id');
             }
         }
@@ -968,8 +977,8 @@ class AssetsController extends Controller
         if ($request->filled('status_id')) {
             $asset->status_id = $request->input('status_id');
         }
-        
-        $checkin_at = $request->filled('checkin_at') ? $request->input('checkin_at').' '. date('H:i:s') : date('Y-m-d H:i:s');
+
+        $checkin_at = $request->filled('checkin_at') ? $request->input('checkin_at') . ' ' . date('H:i:s') : date('Y-m-d H:i:s');
         $originalValues = $asset->getRawOriginal();
 
         if (($request->filled('checkin_at')) && ($request->get('checkin_at') != date('Y-m-d'))) {
@@ -987,7 +996,8 @@ class AssetsController extends Controller
                 [Asset::class],
                 function (Builder $query) use ($asset) {
                     $query->where('id', $asset->id);
-                })
+                }
+            )
             ->get()
             ->map(function ($acceptance) {
                 $acceptance->delete();
@@ -997,13 +1007,13 @@ class AssetsController extends Controller
             event(new CheckoutableCheckedIn($asset, $target, auth()->user(), $request->input('note'), $checkin_at, $originalValues));
 
             return response()->json(Helper::formatStandardApiResponse('success', [
-                'asset_tag'=> e($asset->asset_tag),
+                'asset_tag' => e($asset->asset_tag),
                 'model' => e($asset->model->name),
                 'model_number' => e($asset->model->model_number)
             ], trans('admin/hardware/message.checkin.success')));
         }
 
-        return response()->json(Helper::formatStandardApiResponse('error', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkin.error')));
+        return response()->json(Helper::formatStandardApiResponse('error', ['asset' => e($asset->asset_tag)], trans('admin/hardware/message.checkin.error')));
     }
 
     /**
@@ -1012,7 +1022,7 @@ class AssetsController extends Controller
      * @author [A. Janes] [<ajanes@adagiohealth.org>]
      * @since [v6.0]
      */
-    public function checkinByTag(Request $request, $tag = null) : JsonResponse
+    public function checkinByTag(Request $request, $tag = null): JsonResponse
     {
         $this->authorize('checkin', Asset::class);
         if (null == $tag && null !== ($request->input('asset_tag'))) {
@@ -1025,8 +1035,8 @@ class AssetsController extends Controller
         }
 
         return response()->json(Helper::formatStandardApiResponse('error', [
-            'asset'=> e($tag)
-        ], 'Asset with tag '.e($tag).' not found'));
+            'asset' => e($tag)
+        ], 'Asset with tag ' . e($tag) . ' not found'));
     }
 
 
@@ -1037,7 +1047,7 @@ class AssetsController extends Controller
      * @param int $id
      * @since [v4.0]
      */
-    public function audit(Request $request) : JsonResponse
+    public function audit(Request $request): JsonResponse
 
     {
         $this->authorize('audit', Asset::class);
@@ -1048,8 +1058,8 @@ class AssetsController extends Controller
         // No tag passed - return an error
         if (!$request->filled('asset_tag')) {
             return response()->json(Helper::formatStandardApiResponse('error', [
-                'asset_tag'=> '',
-                'error'=> trans('admin/hardware/message.no_tag'),
+                'asset_tag' => '',
+                'error' => trans('admin/hardware/message.no_tag'),
             ], trans('admin/hardware/message.no_tag')), 200);
         }
 
@@ -1097,28 +1107,25 @@ class AssetsController extends Controller
                 $asset->logAudit(request('note'), request('location_id'));
 
                 return response()->json(Helper::formatStandardApiResponse('success', [
-                    'asset_tag'=> e($asset->asset_tag),
-                    'note'=> e($request->input('note')),
+                    'asset_tag' => e($asset->asset_tag),
+                    'note' => e($request->input('note')),
                     'next_audit_date' => Helper::getFormattedDateObject($asset->next_audit_date),
                 ], trans('admin/hardware/message.audit.success')));
             }
 
             // Asset failed validation or was not able to be saved
             return response()->json(Helper::formatStandardApiResponse('error', [
-                'asset_tag'=> e($asset->asset_tag),
-                'error'=> $asset->getErrors()->first(),
+                'asset_tag' => e($asset->asset_tag),
+                'error' => $asset->getErrors()->first(),
             ], trans('admin/hardware/message.audit.error', ['error' => $asset->getErrors()->first()])), 200);
-
         }
 
 
         // No matching asset for the asset tag that was passed.
         return response()->json(Helper::formatStandardApiResponse('error', [
-            'asset_tag'=> e($request->input('asset_tag')),
-            'error'=> trans('admin/hardware/message.audit.error'),
+            'asset_tag' => e($request->input('asset_tag')),
+            'error' => trans('admin/hardware/message.audit.error'),
         ], trans('admin/hardware/message.audit.error', ['error' => trans('admin/hardware/message.does_not_exist')])), 200);
-
-
     }
 
 
@@ -1129,7 +1136,7 @@ class AssetsController extends Controller
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0]
      */
-    public function requestable(Request $request) : JsonResponse | array
+    public function requestable(Request $request): JsonResponse | array
     {
         $this->authorize('viewRequestable', Asset::class);
 
@@ -1150,8 +1157,18 @@ class AssetsController extends Controller
         }
 
         $assets = Asset::select('assets.*')
-            ->with('location', 'assetstatus', 'assetlog', 'company','assignedTo',
-                'model.category', 'model.manufacturer', 'model.fieldset', 'supplier', 'requests');
+            ->with(
+                'location',
+                'assetstatus',
+                'assetlog',
+                'company',
+                'assignedTo',
+                'model.category',
+                'model.manufacturer',
+                'model.fieldset',
+                'supplier',
+                'requests'
+            );
 
 
 
@@ -1159,7 +1176,7 @@ class AssetsController extends Controller
         if ($request->filled('search')) {
             $assets->TextSearch($request->input('search'));
         }
-        
+
         // Search custom fields by column name
         foreach ($all_custom_fields as $field) {
             if ($request->filled($field->db_column_name())) {
@@ -1200,4 +1217,115 @@ class AssetsController extends Controller
 
         return (new AssetsTransformer)->transformRequestedAssets($assets, $total);
     }
+
+
+    public function assignedAssets(Request $request, Asset $asset) : JsonResponse | array
+    {
+
+        return [];
+        // to do
+    }
+
+    public function assignedAccessories(Request $request, Asset $asset) : JsonResponse | array
+    {
+        $this->authorize('view', Asset::class);
+        $this->authorize('view', $asset);
+        $accessory_checkouts = AccessoryCheckout::AssetsAssigned()
+            ->where('assigned_to', $asset->id)
+            ->with('adminuser')
+            ->with('accessories');
+
+        $offset = ($request->input('offset') > $accessory_checkouts->count()) ? $accessory_checkouts->count() : app('api_offset_value');
+        $limit = app('api_limit_value');
+
+        $total = $accessory_checkouts->count();
+        $accessory_checkouts = $accessory_checkouts->skip($offset)->take($limit)->get();
+        return (new AssetsTransformer)->transformCheckedoutAccessories($accessory_checkouts, $total);
+    }
+
+
+    /**
+     * Generate asset labels by tag
+     * 
+     * @author [Nebelkreis] [https://github.com/NebelKreis]
+     * 
+     * @param Request $request Contains asset_tags array of asset tags to generate labels for
+     * @return JsonResponse Returns base64 encoded PDF on success, error message on failure
+     */
+    public function getLabels(Request $request): JsonResponse
+    {
+        try {
+            $this->authorize('view', Asset::class);
+
+             // Validate that asset tags were provided in the request
+            if (!$request->filled('asset_tags')) {
+                return response()->json(Helper::formatStandardApiResponse('error', null, 
+                    trans('admin/hardware/message.no_assets_selected')), 400);
+            }
+
+             // Convert asset tags from request into collection and fetch matching assets
+            $asset_tags = collect($request->input('asset_tags'));
+            $assets = Asset::whereIn('asset_tag', $asset_tags)->get();
+
+             // Return error if no assets were found for the provided tags
+            if ($assets->isEmpty()) {
+                return response()->json(Helper::formatStandardApiResponse('error', null,
+                    trans('admin/hardware/message.does_not_exist')), 404);
+            }
+
+            try {
+                $settings = Setting::getSettings();
+
+                // Check if logo file exists in storage and disable logo if not found
+                // This prevents errors when trying to include a non-existent logo in the PDF
+                $settings->label_logo = ($original_logo = $settings->label_logo) && !Storage::disk('public')->exists('/' . $original_logo) ? null : $settings->label_logo;
+
+
+                $label = new Label();
+                
+                if (!$label) {
+                    throw new \Exception('Label object could not be created');
+                }
+
+                // Configure label with assets and settings
+                // bulkedit=false and count=0 are default values for label generation
+                $label = $label->with('assets', $assets)
+                              ->with('settings', $settings)
+                              ->with('bulkedit', false)
+                              ->with('count', 0);
+
+                // Generate PDF using callback function
+                // The callback captures the PDF content in $pdf_content variable
+                $pdf_content = '';
+                $label->render(function($pdf) use (&$pdf_content) {
+                    $pdf_content = $pdf->Output('', 'S');
+                    return $pdf;
+                });
+
+                // Verify PDF was generated successfully
+                if (empty($pdf_content)) {
+                    throw new \Exception('PDF content is empty');
+                }
+
+                $encoded_content = base64_encode($pdf_content);
+
+                return response()->json(Helper::formatStandardApiResponse('success', [
+                    'pdf' => $encoded_content
+                ], trans('admin/hardware/message.labels_generated')));
+
+            } catch (\Exception $e) {
+                return response()->json(Helper::formatStandardApiResponse('error', [
+                    'error_message' => $e->getMessage(),
+                    'error_line' => $e->getLine(),
+                    'error_file' => $e->getFile()
+                ], trans('admin/hardware/message.error_generating_labels')), 500);
+            }
+        } catch (\Exception $e) {
+            return response()->json(Helper::formatStandardApiResponse('error', [
+                'error_message' => $e->getMessage(),
+                'error_line' => $e->getLine(),
+                'error_file' => $e->getFile()
+            ], $e->getMessage()), 500);
+        }
+    }
 }

app/Http/Controllers/Api/CategoriesController.php

@@ -39,6 +39,7 @@ class CategoriesController extends Controller
             'components_count',
             'licenses_count',
             'image',
+            'notes',
         ];
 
         $categories = Category::select([
@@ -52,6 +53,7 @@ class CategoriesController extends Controller
             'require_acceptance',
             'checkin_email',
             'image',
+            'notes',
             ])
             ->with('adminuser')
             ->withCount('accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'licenses as licenses_count');

app/Http/Controllers/Api/CompaniesController.php

@@ -38,11 +38,12 @@ class CompaniesController extends Controller
             'accessories_count',
             'consumables_count',
             'components_count',
+            'notes',
         ];
 
         $companies = Company::withCount(['assets as assets_count'  => function ($query) {
             $query->AssetsForShow();
-        }])->withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'users as users_count');
+        }])->withCount('licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'users as users_count');
 
         if ($request->filled('search')) {
             $companies->TextSearch($request->input('search'));

app/Http/Controllers/Api/ComponentsController.php

@@ -48,7 +48,8 @@ class ComponentsController extends Controller
             ];
 
         $components = Component::select('components.*')
-            ->with('company', 'location', 'category', 'assets', 'supplier', 'adminuser', 'manufacturer');
+            ->with('company', 'location', 'category', 'assets', 'supplier', 'adminuser', 'manufacturer', 'uncontrainedAssets')
+            ->withSum('uncontrainedAssets', 'components_assets.assigned_qty');
 
         if ($request->filled('search')) {
             $components = $components->TextSearch($request->input('search'));
@@ -197,6 +198,11 @@ class ComponentsController extends Controller
         $this->authorize('delete', Component::class);
         $component = Component::findOrFail($id);
         $this->authorize('delete', $component);
+
+        if ($component->numCheckedOut() > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/components/message.delete.error_qty')));
+        }
+
         $component->delete();
 
         return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/components/message.delete.success')));
@@ -309,9 +315,7 @@ class ComponentsController extends Controller
     public function checkin(Request $request, $component_asset_id) : JsonResponse
     {
         if ($component_assets = DB::table('components_assets')->find($component_asset_id)) {
-
             if (is_null($component = Component::find($component_assets->component_id))) {
-
                 return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/components/message.not_found')));
             }
 
@@ -319,17 +323,13 @@ class ComponentsController extends Controller
 
             $max_to_checkin = $component_assets->assigned_qty;
 
-            if ($max_to_checkin > 1) {
-                
-                $validator = Validator::make($request->all(), [
-                    "checkin_qty" => "required|numeric|between:1,$max_to_checkin"
-                ]);
-    
-                if ($validator->fails()) {
-                    return response()->json(Helper::formatStandardApiResponse('error', null, 'Checkin quantity must be between 1 and '.$max_to_checkin));
-                }
+            $validator = Validator::make($request->all(), [
+                "checkin_qty" => "required|numeric|between:1,$max_to_checkin"
+            ]);
+
+            if ($validator->fails()) {
+                return response()->json(Helper::formatStandardApiResponse('error', null, 'Checkin quantity must be between 1 and ' . $max_to_checkin));
             }
-            
 
             // Validation passed, so let's figure out what we have to do here.
             $qty_remaining_in_checkout = ($component_assets->assigned_qty - (int)$request->input('checkin_qty', 1));
@@ -339,28 +339,23 @@ class ComponentsController extends Controller
             $component_assets->assigned_qty = $qty_remaining_in_checkout;
 
             Log::debug($component_asset_id.' - '.$qty_remaining_in_checkout.' remaining in record '.$component_assets->id);
-            
-            DB::table('components_assets')->where('id',
-                $component_asset_id)->update(['assigned_qty' => $qty_remaining_in_checkout]);
+
+            DB::table('components_assets')->where('id', $component_asset_id)->update(['assigned_qty' => $qty_remaining_in_checkout]);
 
             // If the checked-in qty is exactly the same as the assigned_qty,
             // we can simply delete the associated components_assets record
-            if ($qty_remaining_in_checkout == 0) {
+            if ($qty_remaining_in_checkout === 0) {
                 DB::table('components_assets')->where('id', '=', $component_asset_id)->delete();
             }
-            
 
             $asset = Asset::find($component_assets->asset_id);
 
             event(new CheckoutableCheckedIn($component, $asset, auth()->user(), $request->input('note'), Carbon::now()));
 
             return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/components/message.checkin.success')));
-
         }
 
         return response()->json(Helper::formatStandardApiResponse('error', null, 'No matching checkouts for that component join record'));
-
-    
     }
 
 }

app/Http/Controllers/Api/DepartmentsController.php

@@ -23,7 +23,7 @@ class DepartmentsController extends Controller
     public function index(Request $request) : JsonResponse | array
     {
         $this->authorize('view', Department::class);
-        $allowed_columns = ['id', 'name', 'image', 'users_count'];
+        $allowed_columns = ['id', 'name', 'image', 'users_count', 'notes'];
 
         $departments = Department::select(
             'departments.id',
@@ -35,7 +35,8 @@ class DepartmentsController extends Controller
             'departments.manager_id',
             'departments.created_at',
             'departments.updated_at',
-            'departments.image'
+            'departments.image',
+            'departments.notes',
         )->with('users')->with('location')->with('manager')->with('company')->withCount('users as users_count');
 
         if ($request->filled('search')) {
@@ -72,6 +73,9 @@ class DepartmentsController extends Controller
             case 'manager':
                 $departments->OrderManager($order);
                 break;
+            case 'company':
+                $departments->OrderCompany($order);
+                break;
             default:
                 $departments->orderBy($sort, $order);
                 break;

app/Http/Controllers/Api/GroupsController.php

@@ -24,7 +24,7 @@ class GroupsController extends Controller
 
         $this->authorize('view', Group::class);
 
-        $groups = Group::select('id', 'name', 'permissions', 'created_at', 'updated_at', 'created_by')->with('adminuser')->withCount('users as users_count');
+        $groups = Group::select('id', 'name', 'permissions', 'notes', 'created_at', 'updated_at', 'created_by')->with('adminuser')->withCount('users as users_count');
 
         if ($request->filled('search')) {
             $groups = $groups->TextSearch($request->input('search'));
@@ -81,6 +81,7 @@ class GroupsController extends Controller
 
         $group->name = $request->input('name');
         $group->created_by = auth()->id();
+        $group->notes = $request->input('notes');
         $group->permissions = json_encode($request->input('permissions', $groupPermissions));
 
         if ($group->save()) {
@@ -118,6 +119,7 @@ class GroupsController extends Controller
         $group = Group::findOrFail($id);
 
         $group->name = $request->input('name');
+        $group->notes = $request->input('notes');
         $group->permissions = $request->input('permissions'); // Todo - some JSON validation stuff here
 
         if ($group->save()) {

app/Http/Controllers/Api/ImportController.php

@@ -9,12 +9,14 @@ use App\Http\Transformers\ImportsTransformer;
 use App\Models\Asset;
 use App\Models\Company;
 use App\Models\Import;
+use Illuminate\Http\UploadedFile;
 use Illuminate\Support\Facades\Artisan;
 use Illuminate\Database\Eloquent\JsonEncodingException;
 use Illuminate\Support\Facades\Request;
 use Illuminate\Support\Facades\Session;
 use Illuminate\Support\Facades\Storage;
 use League\Csv\Reader;
+use Onnov\DetectEncoding\EncodingDetector;
 use Symfony\Component\HttpFoundation\File\Exception\FileException;
 use Illuminate\Support\Facades\Log;
 use Illuminate\Http\JsonResponse;
@@ -45,6 +47,8 @@ class ImportController extends Controller
             $path = config('app.private_uploads').'/imports';
             $results = [];
             $import = new Import;
+            $detector = new EncodingDetector();
+
             foreach ($files as $file) {
                 if (! in_array($file->getMimeType(), [
                     'application/vnd.ms-excel',
@@ -55,7 +59,6 @@ class ImportController extends Controller
                     'text/comma-separated-values',
                     'text/tsv', ])) {
                     $results['error'] = 'File type must be CSV. Uploaded file is '.$file->getMimeType();
-
                     return response()->json(Helper::formatStandardApiResponse('error', null, $results['error']), 422);
                 }
 
@@ -63,7 +66,25 @@ class ImportController extends Controller
                 if (! ini_get('auto_detect_line_endings')) {
                     ini_set('auto_detect_line_endings', '1');
                 }
+                $file_contents = $file->getContent(); //TODO - this *does* load the whole file in RAM, but we need that to be able to 'iconv' it?
+                $encoding = $detector->getEncoding($file_contents);
+                $reader = null;
+                if (strcasecmp($encoding, 'UTF-8') != 0) {
+                    $transliterated = iconv($encoding, 'UTF-8', $file_contents);
+                    if ($transliterated !== false) {
+                        $tmpname = tempnam(sys_get_temp_dir(), '');
+                        $tmpresults = file_put_contents($tmpname, $transliterated);
+                        if ($tmpresults !== false) {
+                            $transliterated = null; //save on memory?
+                            $newfile = new UploadedFile($tmpname, $file->getClientOriginalName(), null, null, true); //WARNING: this is enabling 'test mode' - which is gross, but otherwise the file won't be treated as 'uploaded'
+                            if ($newfile->isValid()) {
+                                $file = $newfile;
+                            }
+                        }
+                    }
+                }
                 $reader = Reader::createFromFileObject($file->openFile('r')); //file pointer leak?
+                $file_contents = null; //try to save on memory, I guess?
 
                 try {
                     $import->header_row = $reader->fetchOne(0);

app/Http/Controllers/Api/LocationsController.php

@@ -3,17 +3,20 @@
 namespace App\Http\Controllers\Api;
 
 use App\Helpers\Helper;
-use App\Http\Requests\ImageUploadRequest;
 use App\Http\Controllers\Controller;
+use App\Http\Requests\ImageUploadRequest;
+use App\Http\Transformers\AccessoriesTransformer;
 use App\Http\Transformers\AssetsTransformer;
 use App\Http\Transformers\LocationsTransformer;
 use App\Http\Transformers\SelectlistTransformer;
+use App\Models\Accessory;
+use App\Models\AccessoryCheckout;
 use App\Models\Asset;
 use App\Models\Location;
+use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Request;
 use Illuminate\Pagination\LengthAwarePaginator;
 use Illuminate\Support\Collection;
-use Illuminate\Http\JsonResponse;
 
 class LocationsController extends Controller
 {
@@ -28,26 +31,29 @@ class LocationsController extends Controller
     {
         $this->authorize('view', Location::class);
         $allowed_columns = [
-            'id',
-            'name',
+            'accessories_count',
             'address',
             'address2',
+            'assets_count',
+            'assets_count',
+            'assigned_accessories_count',
+            'assigned_assets_count',
+            'assigned_assets_count',
             'city',
-            'state',
             'country',
-            'zip',
             'created_at',
-            'updated_at',
-            'manager_id',
-            'image',
-            'assigned_assets_count',
-            'users_count',
-            'assets_count',
-            'assigned_assets_count',
-            'assets_count',
-            'rtd_assets_count',
             'currency',
+            'id',
+            'image',
             'ldap_ou',
+            'manager_id',
+            'name',
+            'rtd_assets_count',
+            'state',
+            'updated_at',
+            'users_count',
+            'zip',
+            'notes',
             ];
 
         $locations = Location::with('parent', 'manager', 'children')->select([
@@ -68,8 +74,12 @@ class LocationsController extends Controller
             'locations.image',
             'locations.ldap_ou',
             'locations.currency',
-        ])->withCount('assignedAssets as assigned_assets_count')
+            'locations.notes',
+        ])
+            ->withCount('assignedAssets as assigned_assets_count')
             ->withCount('assets as assets_count')
+            ->withCount('assignedAccessories as assigned_accessories_count')
+            ->withCount('accessories as accessories_count')
             ->withCount('rtd_assets as rtd_assets_count')
             ->withCount('children as children_count')
             ->withCount('users as users_count');
@@ -182,6 +192,7 @@ class LocationsController extends Controller
                 'locations.updated_at',
                 'locations.image',
                 'locations.currency',
+                'locations.notes',
             ])
             ->withCount('assignedAssets as assigned_assets_count')
             ->withCount('assets as assets_count')
@@ -224,7 +235,17 @@ class LocationsController extends Controller
         return response()->json(Helper::formatStandardApiResponse('error', null, $location->getErrors()));
     }
 
+
     public function assets(Request $request, Location $location) : JsonResponse | array
+    {
+        $this->authorize('view', Asset::class);
+        $this->authorize('view', $location);
+        $assets = Asset::where('location_id', '=', $location->id)->with('model', 'model.category', 'assetstatus', 'location', 'company', 'defaultLoc');
+        $assets = $assets->get();
+        return (new AssetsTransformer)->transformAssets($assets, $assets->count(), $request);
+    }
+
+    public function assignedAssets(Request $request, Location $location) : JsonResponse | array
     {
         $this->authorize('view', Asset::class);
         $this->authorize('view', $location);
@@ -233,6 +254,20 @@ class LocationsController extends Controller
         return (new AssetsTransformer)->transformAssets($assets, $assets->count(), $request);
     }
 
+    public function assignedAccessories(Request $request, Location $location) : JsonResponse | array
+    {
+        $this->authorize('view', Accessory::class);
+        $this->authorize('view', $location);
+        $accessory_checkouts = AccessoryCheckout::LocationAssigned()->where('assigned_to', $location->id)->with('adminuser')->with('accessories');
+
+        $offset = ($request->input('offset') > $accessory_checkouts->count()) ? $accessory_checkouts->count() : app('api_offset_value');
+        $limit = app('api_limit_value');
+
+        $total = $accessory_checkouts->count();
+        $accessory_checkouts = $accessory_checkouts->skip($offset)->take($limit)->get();
+        return (new LocationsTransformer)->transformCheckedoutAccessories($accessory_checkouts, $total);
+    }
+
     /**
      * Remove the specified resource from storage.
      *

app/Http/Controllers/Api/ManufacturersController.php

@@ -39,7 +39,8 @@ class ManufacturersController extends Controller
             'assets_count',
             'consumables_count',
             'components_count',
-            'licenses_count'
+            'licenses_count',
+            'notes',
         ];
 
         $manufacturers = Manufacturer::select([
@@ -55,6 +56,7 @@ class ManufacturersController extends Controller
                 'updated_at',
                 'image',
                 'deleted_at',
+                'notes',
             ])
             ->with('adminuser')
             ->withCount('assets as assets_count')

app/Http/Controllers/Api/StatuslabelsController.php

@@ -290,10 +290,12 @@ class StatuslabelsController extends Controller
 
     /**
      * Returns a boolean response based on whether the status label
-     * is one that is deployable.
+     * is one that is deployable or pending.
      *
      * This is used by the hardware create/edit view to determine whether
-     * we should provide a dropdown of users for them to check the asset out to.
+     * we should provide a dropdown of users for them to check the asset out to,
+     * and whether we show a warning that the asset will be checked in if it's already
+     * assigned but the status is changed to one that isn't pending or deployable
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0]
@@ -301,7 +303,7 @@ class StatuslabelsController extends Controller
     public function checkIfDeployable($id) : string
     {
         $statuslabel = Statuslabel::findOrFail($id);
-        if ($statuslabel->getStatuslabelType() == 'deployable') {
+        if (($statuslabel->getStatuslabelType() == 'pending') || ($statuslabel->getStatuslabelType() == 'deployable')) {
             return '1';
         }
 

app/Http/Controllers/Api/UsersController.php

@@ -20,6 +20,7 @@ use App\Models\License;
 use App\Models\User;
 use App\Notifications\CurrentInventory;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Facades\Validator;
@@ -80,7 +81,16 @@ class UsersController extends Controller
             'users.website',
 
         ])->with('manager', 'groups', 'userloc', 'company', 'department', 'assets', 'licenses', 'accessories', 'consumables', 'createdBy', 'managesUsers', 'managedLocations')
-            ->withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count', 'managesUsers as manages_users_count', 'managedLocations as manages_locations_count');
+            ->withCount([
+                'assets as assets_count' => function(Builder $query) {
+                    $query->withoutTrashed();
+                },
+                'licenses as licenses_count',
+                'accessories as accessories_count',
+                'consumables as consumables_count',
+                'managesUsers as manages_users_count',
+                'managedLocations as manages_locations_count'
+            ]);
 
 
         if ($request->filled('search') != '') {
@@ -283,6 +293,7 @@ class UsersController extends Controller
                         'autoassign_licenses',
                         'website',
                         'locale',
+                        'notes',
                     ];
 
                 $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'first_name';
@@ -480,10 +491,11 @@ class UsersController extends Controller
                 $user->permissions = $permissions_array;
             }
 
-            // Update the location of any assets checked out to this user
-            Asset::where('assigned_type', User::class)
-                ->where('assigned_to', $user->id)->update(['location_id' => $request->input('location_id', null)]);
-
+            if($request->has('location_id')) {
+                // Update the location of any assets checked out to this user
+                Asset::where('assigned_type', User::class)
+                    ->where('assigned_to', $user->id)->update(['location_id' => $request->input('location_id', null)]);
+            }
             app('App\Http\Requests\ImageUploadRequest')->handleImages($user, 600, 'image', 'avatars', 'avatar');
 
             if ($user->save()) {

app/Http/Controllers/AssetMaintenancesController.php

@@ -139,19 +139,12 @@ class AssetMaintenancesController extends Controller
     * @version v1.0
     * @since [v1.8]
     */
-    public function edit($assetMaintenanceId = null) : View | RedirectResponse
+    public function edit(AssetMaintenance $maintenance) : View | RedirectResponse
     {
         $this->authorize('update', Asset::class);
-        // Check if the asset maintenance exists
-        $this->authorize('update', Asset::class);
-        // Check if the asset maintenance exists
-        if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
-            // Redirect to the asset maintenance management page
-            return redirect()->route('maintenances.index')->with('error', trans('admin/asset_maintenances/message.not_found'));
-        } elseif ((!$assetMaintenance->asset) || ($assetMaintenance->asset->deleted_at!='')) {
-            // Redirect to the asset maintenance management page
+        if ((!$maintenance->asset) || ($maintenance->asset->deleted_at!='')) {
             return redirect()->route('maintenances.index')->with('error', 'asset does not exist');
-        } elseif (! Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
+        } elseif (! Company::isCurrentUserHasAccess($maintenance->asset)) {
             return static::getInsufficientPermissionsRedirect();
         }
 
@@ -161,7 +154,7 @@ class AssetMaintenancesController extends Controller
         return view('asset_maintenances/edit')
                    ->with('selectedAsset', null)
                    ->with('assetMaintenanceType', $assetMaintenanceType)
-                   ->with('item', $assetMaintenance);
+                   ->with('item', $maintenance);
     }
 
     /**
@@ -174,24 +167,20 @@ class AssetMaintenancesController extends Controller
      * @version v1.0
      * @since [v1.8]
      */
-    public function update(Request $request, $assetMaintenanceId = null) : View | RedirectResponse
+    public function update(Request $request, AssetMaintenance $maintenance) : View | RedirectResponse
     {
         $this->authorize('update', Asset::class);
-        // Check if the asset maintenance exists
-        if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
-            // Redirect to the asset maintenance management page
-            return redirect()->route('maintenances.index')->with('error', trans('admin/asset_maintenances/message.not_found'));
-        } elseif ((!$assetMaintenance->asset) || ($assetMaintenance->asset->deleted_at!='')) {
-                // Redirect to the asset maintenance management page
+
+       if ((!$maintenance->asset) || ($maintenance->asset->deleted_at!='')) {
                 return redirect()->route('maintenances.index')->with('error', 'asset does not exist');
-        } elseif (! Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
+        } elseif (! Company::isCurrentUserHasAccess($maintenance->asset)) {
             return static::getInsufficientPermissionsRedirect();
         }
 
-        $assetMaintenance->supplier_id = $request->input('supplier_id');
-        $assetMaintenance->is_warranty = $request->input('is_warranty');
-        $assetMaintenance->cost =  $request->input('cost');
-        $assetMaintenance->notes = $request->input('notes');
+        $maintenance->supplier_id = $request->input('supplier_id');
+        $maintenance->is_warranty = $request->input('is_warranty');
+        $maintenance->cost =  $request->input('cost');
+        $maintenance->notes = $request->input('notes');
 
         $asset = Asset::find(request('asset_id'));
 
@@ -200,39 +189,39 @@ class AssetMaintenancesController extends Controller
         }
 
         // Save the asset maintenance data
-        $assetMaintenance->asset_id = $request->input('asset_id');
-        $assetMaintenance->asset_maintenance_type = $request->input('asset_maintenance_type');
-        $assetMaintenance->title = $request->input('title');
-        $assetMaintenance->start_date = $request->input('start_date');
-        $assetMaintenance->completion_date = $request->input('completion_date');
+        $maintenance->asset_id = $request->input('asset_id');
+        $maintenance->asset_maintenance_type = $request->input('asset_maintenance_type');
+        $maintenance->title = $request->input('title');
+        $maintenance->start_date = $request->input('start_date');
+        $maintenance->completion_date = $request->input('completion_date');
 
-        if (($assetMaintenance->completion_date == null)
+        if (($maintenance->completion_date == null)
         ) {
-            if (($assetMaintenance->asset_maintenance_time !== 0)
-              || (! is_null($assetMaintenance->asset_maintenance_time))
+            if (($maintenance->asset_maintenance_time !== 0)
+              || (! is_null($maintenance->asset_maintenance_time))
             ) {
-                $assetMaintenance->asset_maintenance_time = null;
+                $maintenance->asset_maintenance_time = null;
             }
         }
 
-        if (($assetMaintenance->completion_date !== null)
-          && ($assetMaintenance->start_date !== '')
-          && ($assetMaintenance->start_date !== '0000-00-00')
+        if (($maintenance->completion_date !== null)
+          && ($maintenance->start_date !== '')
+          && ($maintenance->start_date !== '0000-00-00')
         ) {
-            $startDate = Carbon::parse($assetMaintenance->start_date);
-            $completionDate = Carbon::parse($assetMaintenance->completion_date);
-            $assetMaintenance->asset_maintenance_time = $completionDate->diffInDays($startDate);
+            $startDate = Carbon::parse($maintenance->start_date);
+            $completionDate = Carbon::parse($maintenance->completion_date);
+            $maintenance->asset_maintenance_time = $completionDate->diffInDays($startDate);
         }
 
       // Was the asset maintenance created?
-        if ($assetMaintenance->save()) {
+        if ($maintenance->save()) {
 
             // Redirect to the new asset maintenance page
             return redirect()->route('maintenances.index')
-                         ->with('success', trans('admin/asset_maintenances/message.edit.success'));
+                            ->with('success', trans('admin/asset_maintenances/message.edit.success'));
         }
 
-        return redirect()->back()->withInput()->withErrors($assetMaintenance->getErrors());
+        return redirect()->back()->withInput()->withErrors($maintenance->getErrors());
     }
 
     /**
@@ -271,19 +260,13 @@ class AssetMaintenancesController extends Controller
     * @version v1.0
     * @since [v1.8]
     */
-    public function show($assetMaintenanceId) : View | RedirectResponse
+    public function show(AssetMaintenance $maintenance) : View | RedirectResponse
     {
         $this->authorize('view', Asset::class);
-
-        // Check if the asset maintenance exists
-        if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
-            // Redirect to the asset maintenance management page
-            return redirect()->route('maintenances.index')
-                           ->with('error', trans('admin/asset_maintenances/message.not_found'));
-        } elseif (! Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
+        if (! Company::isCurrentUserHasAccess($maintenance->asset)) {
             return static::getInsufficientPermissionsRedirect();
         }
 
-        return view('asset_maintenances/view')->with('assetMaintenance', $assetMaintenance);
+        return view('asset_maintenances/view')->with('assetMaintenance', $maintenance);
     }
 }

app/Http/Controllers/AssetModelsController.php

@@ -18,6 +18,7 @@ use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Facades\Log;
 use \Illuminate\Contracts\View\View;
 use \Illuminate\Http\RedirectResponse;
+use Illuminate\Support\MessageBag;
 
 
 /**
@@ -29,6 +30,7 @@ use \Illuminate\Http\RedirectResponse;
  */
 class AssetModelsController extends Controller
 {
+    protected MessageBag $validatorErrors;
     /**
      * Returns a view that invokes the ajax tables which actually contains
      * the content for the accessories listing, which is generated in getDatatable.
@@ -107,16 +109,11 @@ class AssetModelsController extends Controller
      * @since [v1.0]
      * @param int $modelId
      */
-    public function edit($modelId = null) : View | RedirectResponse
+    public function edit(AssetModel $model) : View | RedirectResponse
     {
         $this->authorize('update', AssetModel::class);
-        if ($item = AssetModel::find($modelId)) {
-            $category_type = 'asset';
-            return view('models/edit', compact('item', 'category_type'))->with('depreciation_list', Helper::depreciationList());
-
-        }
-
-        return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
+        $category_type = 'asset';
+        return view('models/edit', compact('category_type'))->with('item', $model)->with('depreciation_list', Helper::depreciationList());
     }
 
 
@@ -131,16 +128,11 @@ class AssetModelsController extends Controller
      * @return \Illuminate\Http\RedirectResponse
      * @throws \Illuminate\Auth\Access\AuthorizationException
      */
-    public function update(StoreAssetModelRequest $request, $modelId) : RedirectResponse
+    public function update(StoreAssetModelRequest $request, AssetModel $model) : RedirectResponse
     {
         $this->authorize('update', AssetModel::class);
 
-        if (is_null($model = AssetModel::find($modelId))) {
-            return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
-        }
-
         $model = $request->handleImages($model);
-
         $model->depreciation_id = $request->input('depreciation_id');
         $model->eol = $request->input('eol');
         $model->name = $request->input('name');
@@ -158,7 +150,7 @@ class AssetModelsController extends Controller
 
             if ($this->shouldAddDefaultValues($request->input())) {
                 if (!$this->assignCustomFieldsDefaultValues($model, $request->input('default_values'))) {
-                    return redirect()->back()->withInput()->with('error', trans('admin/custom_fields/message.fieldset_default_value.error'));
+                    return redirect()->back()->withInput()->withErrors($this->validatorErrors);
                 }
             }
 
@@ -186,28 +178,16 @@ class AssetModelsController extends Controller
      * @since [v1.0]
      * @param int $modelId
      */
-    public function destroy($modelId) : RedirectResponse
+    public function destroy(AssetModel $model) : RedirectResponse
     {
         $this->authorize('delete', AssetModel::class);
-        // Check if the model exists
-        if (is_null($model = AssetModel::find($modelId))) {
-            return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
-        }
+
 
         if ($model->assets()->count() > 0) {
             // Throw an error that this model is associated with assets
             return redirect()->route('models.index')->with('error', trans('admin/models/message.assoc_users'));
         }
 
-        if ($model->image) {
-            try {
-                Storage::disk('public')->delete('models/'.$model->image);
-                $model->update(['image' => null]);
-            } catch (\Exception $e) {
-                Log::info($e);
-            }
-        }
-
         // Delete the model
         $model->delete();
 
@@ -265,16 +245,10 @@ class AssetModelsController extends Controller
      * @since [v1.0]
      * @param int $modelId
      */
-    public function show($modelId = null) : View | RedirectResponse
+    public function show(AssetModel $model) : View | RedirectResponse
     {
         $this->authorize('view', AssetModel::class);
-        $model = AssetModel::withTrashed()->find($modelId);
-
-        if (isset($model->id)) {
-            return view('models/view', compact('model'));
-        }
-
-        return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
+        return view('models/view', compact('model'));
     }
 
     /**
@@ -284,23 +258,20 @@ class AssetModelsController extends Controller
      * @since [v1.0]
      * @param int $modelId
      */
-    public function getClone($modelId = null) : View | RedirectResponse
+    public function getClone(AssetModel $model) : View | RedirectResponse
     {
         $this->authorize('create', AssetModel::class);
-        // Check if the model exists
-        if (is_null($model_to_clone = AssetModel::find($modelId))) {
-            return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
-        }
 
-        $model = clone $model_to_clone;
+        $cloned_model = clone $model;
         $model->id = null;
+        $model->deleted_at = null;
 
         // Show the page
         return view('models/edit')
             ->with('depreciation_list', Helper::depreciationList())
             ->with('item', $model)
-            ->with('model_id', $model_to_clone->id)
-            ->with('clone_model', $model_to_clone);
+            ->with('model_id', $model->id)
+            ->with('clone_model', $cloned_model);
     }
 
 
@@ -319,7 +290,7 @@ class AssetModelsController extends Controller
 
 
     /**
-     * Returns a view that allows the user to bulk edit model attrbutes
+     * Returns a view that allows the user to bulk edit model attributes
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v1.7]
@@ -481,9 +452,15 @@ class AssetModelsController extends Controller
             $rules[$field] = $validation;
         }
 
-        $validator = Validator::make($data, $rules);
+        $attributes = [];
+        foreach ($model->fieldset->fields as $field) {
+            $attributes[$field->db_column] = trim(preg_replace('/_+|snipeit|\d+/', ' ', $field->db_column));
+        }
+
+        $validator = Validator::make($data, $rules)->setAttributeNames($attributes);
 
         if($validator->fails()){
+            $this->validatorErrors = $validator->errors();
             return false;
         }
 

app/Http/Controllers/AssetModelsFilesController.php

@@ -44,10 +44,10 @@ class AssetModelsFilesController extends Controller
                 $model->logUpload($file_name, $request->get('notes'));
             }
 
-            return redirect()->back()->with('success', trans('general.file_upload_success'));
+            return redirect()->back()->withFragment('files')->with('success', trans('general.file_upload_success'));
         }
 
-        return redirect()->back()->with('error', trans('admin/hardware/message.upload.nofiles'));
+        return redirect()->back()->withFragment('files')->with('error', trans('admin/hardware/message.upload.nofiles'));
     }
 
     /**
@@ -58,11 +58,9 @@ class AssetModelsFilesController extends Controller
      * @param  int $fileId
      * @since [v1.0]
      */
-    public function show($modelId = null, $fileId = null) : StreamedResponse | Response | RedirectResponse | BinaryFileResponse
+    public function show(AssetModel $model, $fileId = null) : StreamedResponse | Response | RedirectResponse | BinaryFileResponse
     {
-        $model = AssetModel::find($modelId);
-        // the asset is valid
-        if (isset($model->id)) {
+
             $this->authorize('view', $model);
 
             if (! $log = Actionlog::find($fileId)) {
@@ -87,12 +85,6 @@ class AssetModelsFilesController extends Controller
             }
 
             return StorageHelper::downloader($file);
-        }
-        // Prepare the error message
-        $error = trans('admin/hardware/message.does_not_exist', ['id' => $fileId]);
-
-        // Redirect to the hardware management page
-        return redirect()->route('hardware.index')->with('error', $error);
     }
 
     /**
@@ -103,30 +95,21 @@ class AssetModelsFilesController extends Controller
      * @param  int $fileId
      * @since [v1.0]
      */
-    public function destroy($modelId = null, $fileId = null) : RedirectResponse
+    public function destroy(AssetModel $model, $fileId = null) : RedirectResponse
     {
-        $model = AssetModel::find($modelId);
-        $this->authorize('update', $model);
         $rel_path = 'private_uploads/assetmodels';
-
-        // the asset is valid
-        if (isset($model->id)) {
-            $this->authorize('update', $model);
-            $log = Actionlog::find($fileId);
-            if ($log) {
-                if (Storage::exists($rel_path.'/'.$log->filename)) {
-                    Storage::delete($rel_path.'/'.$log->filename);
-                }
-                $log->delete();
-
-                return redirect()->back()->with('success', trans('admin/hardware/message.deletefile.success'));
+        $this->authorize('update', $model);
+        $log = Actionlog::find($fileId);
+        if ($log) {
+            if (Storage::exists($rel_path.'/'.$log->filename)) {
+                Storage::delete($rel_path.'/'.$log->filename);
             }
+            $log->delete();
 
-            return redirect()->back()
-                ->with('success', trans('admin/hardware/message.deletefile.success'));
+            return redirect()->back()->withFragment('files')->with('success', trans('admin/hardware/message.deletefile.success'));
         }
 
-        // Redirect to the hardware management page
-        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+        return redirect()->back()->withFragment('files')->with('success', trans('admin/hardware/message.deletefile.success'));
+
     }
 }

app/Http/Controllers/Assets/AssetCheckinController.php

@@ -27,18 +27,12 @@ class AssetCheckinController extends Controller
      * @param string $backto
      * @since [v1.0]
      */
-    public function create($assetId, $backto = null) : View | RedirectResponse
+    public function create(Asset $asset, $backto = null) : View | RedirectResponse
     {
-        // Check if the asset exists
-        if (is_null($asset = Asset::find($assetId))) {
-            // Redirect to the asset management page with error
-            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
-        }
 
         $this->authorize('checkin', $asset);
 
         // This asset is already checked in, redirect
-        
         if (is_null($asset->assignedTo)) {
             return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkin.already_checked_in'));
         }
@@ -47,7 +41,11 @@ class AssetCheckinController extends Controller
             return redirect()->route('hardware.show', $asset->id)->with('error', trans('admin/hardware/general.model_invalid_fix'));
         }
 
-        return view('hardware/checkin', compact('asset'))->with('statusLabel_list', Helper::statusLabelList())->with('backto', $backto)->with('table_name', 'Assets');
+        return view('hardware/checkin', compact('asset'))
+            ->with('item', $asset)
+            ->with('statusLabel_list', Helper::statusLabelList())
+            ->with('backto', $backto)
+            ->with('table_name', 'Assets');
     }
 
     /**
@@ -91,6 +89,9 @@ class AssetCheckinController extends Controller
             $asset->status_id = e($request->get('status_id'));
         }
 
+        // Add any custom fields that should be included in the checkout
+        $asset->customFieldsForCheckinCheckout('display_checkin');
+
         $this->migrateLegacyLocations($asset);
 
         $asset->location_id = $asset->rtd_location_id;
@@ -128,6 +129,9 @@ class AssetCheckinController extends Controller
 
         session()->put('redirect_option', $request->get('redirect_option'));
 
+        // Add any custom fields that should be included in the checkout
+        $asset->customFieldsForCheckinCheckout('display_checkin');
+
         if ($asset->save()) {
 
             event(new CheckoutableCheckedIn($asset, $target, auth()->user(), $request->input('note'), $checkin_at, $originalValues));

app/Http/Controllers/Assets/AssetCheckoutController.php

@@ -26,27 +26,25 @@ class AssetCheckoutController extends Controller
      * @since [v1.0]
      * @return \Illuminate\Contracts\View\View
      */
-    public function create($assetId) : View | RedirectResponse
+    public function create(Asset $asset) : View | RedirectResponse
     {
-        // Check if the asset exists
-        if (is_null($asset = Asset::with('company')->find(e($assetId)))) {
-            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
-        }
 
         $this->authorize('checkout', $asset);
 
         if (!$asset->model) {
-            return redirect()->route('hardware.show', $asset->id)->with('error', trans('admin/hardware/general.model_invalid_fix'));
+            return redirect()->route('hardware.show', $asset)
+                ->with('error', trans('admin/hardware/general.model_invalid_fix'));
         }
 
         if ($asset->availableForCheckout()) {
             return view('hardware/checkout', compact('asset'))
                 ->with('statusLabel_list', Helper::deployableStatusLabelList())
-                ->with('table_name', 'Assets');
+                ->with('table_name', 'Assets')
+                ->with('item', $asset);
         }
 
-
-        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkout.not_available'));
+        return redirect()->route('hardware.index')
+            ->with('error', trans('admin/hardware/message.checkout.not_available'));
     }
 
     /**
@@ -68,7 +66,7 @@ class AssetCheckoutController extends Controller
             $this->authorize('checkout', $asset);
 
             if (!$asset->model) {
-                return redirect()->route('hardware.show', $asset->id)->with('error', trans('admin/hardware/general.model_invalid_fix'));
+                return redirect()->route('hardware.show', $asset)->with('error', trans('admin/hardware/general.model_invalid_fix'));
             }
 
             $admin = auth()->user();
@@ -91,6 +89,7 @@ class AssetCheckoutController extends Controller
                 $asset->status_id = $request->get('status_id');
             }
 
+
             if(!empty($asset->licenseseats->all())){
                 if(request('checkout_to_type') == 'user') {
                     foreach ($asset->licenseseats as $seat){
@@ -100,23 +99,26 @@ class AssetCheckoutController extends Controller
                 }
             }
 
+            // Add any custom fields that should be included in the checkout
+            $asset->customFieldsForCheckinCheckout('display_checkout');
+
             $settings = \App\Models\Setting::getSettings();
 
             // We have to check whether $target->company_id is null here since locations don't have a company yet
             if (($settings->full_multiple_companies_support) && ((!is_null($target->company_id)) &&  (!is_null($asset->company_id)))) {
                 if ($target->company_id != $asset->company_id){
-                    return redirect()->to("hardware/$assetId/checkout")->with('error', trans('general.error_user_company'));
+                    return redirect()->route('hardware.checkout.create', $asset)->with('error', trans('general.error_user_company'));
                 }
             }
 
-                session()->put(['redirect_option' => $request->get('redirect_option'), 'checkout_to_type' => $request->get('checkout_to_type')]);
+            session()->put(['redirect_option' => $request->get('redirect_option'), 'checkout_to_type' => $request->get('checkout_to_type')]);
 
             if ($asset->checkOut($target, $admin, $checkout_at, $expected_checkin, $request->get('note'), $request->get('name'))) {
                 return redirect()->to(Helper::getRedirectOption($request, $asset->id, 'Assets'))
                     ->with('success', trans('admin/hardware/message.checkout.success'));
             }
             // Redirect to the asset management page with error
-            return redirect()->to("hardware/$assetId/checkout")->with('error', trans('admin/hardware/message.checkout.error').$asset->getErrors());
+            return redirect()->route("hardware.checkout.create", $asset)->with('error', trans('admin/hardware/message.checkout.error').$asset->getErrors());
         } catch (ModelNotFoundException $e) {
             return redirect()->back()->with('error', trans('admin/hardware/message.checkout.error'))->withErrors($asset->getErrors());
         } catch (CheckoutNotAllowed $e) {

app/Http/Controllers/Assets/AssetFilesController.php

@@ -26,11 +26,8 @@ class AssetFilesController extends Controller
      *@since [v1.0]
      * @author [A. Gianotto] [<snipe@snipe.net>]
      */
-    public function store(UploadFileRequest $request, $assetId = null) : RedirectResponse
+    public function store(UploadFileRequest $request, Asset $asset) : RedirectResponse
     {
-        if (! $asset = Asset::find($assetId)) {
-            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
-        }
 
         $this->authorize('update', $asset);
 
@@ -45,7 +42,7 @@ class AssetFilesController extends Controller
                 $asset->logUpload($file_name, $request->get('notes'));
             }
 
-            return redirect()->back()->with('success', trans('admin/hardware/message.upload.success'));
+            return redirect()->back()->withFragment('files')->with('success', trans('admin/hardware/message.upload.success'));
         }
 
         return redirect()->back()->with('error', trans('admin/hardware/message.upload.nofiles'));
@@ -59,31 +56,28 @@ class AssetFilesController extends Controller
      * @param  int $fileId
      * @since [v1.0]
      */
-    public function show($assetId = null, $fileId = null) : View | RedirectResponse | Response | StreamedResponse | BinaryFileResponse
+    public function show(Asset $asset, $fileId = null) : View | RedirectResponse | Response | StreamedResponse | BinaryFileResponse
     {
-        if ($asset = Asset::find($assetId)) {
 
-            $this->authorize('view', $asset);
+        $this->authorize('view', $asset);
 
-            if ($log = Actionlog::whereNotNull('filename')->where('item_id', $asset->id)->find($fileId)) {
-                $file = 'private_uploads/assets/'.$log->filename;
-
-                if ($log->action_type == 'audit') {
-                    $file = 'private_uploads/audits/'.$log->filename;
-                }
-
-                try {
-                     return StorageHelper::showOrDownloadFile($file, $log->filename);
-                } catch (\Exception $e) {
-                    return redirect()->route('hardware.show', ['hardware' => $asset])->with('error',  trans('general.file_not_found'));
-                }
+        if ($log = Actionlog::whereNotNull('filename')->where('item_id', $asset->id)->find($fileId)) {
+            $file = 'private_uploads/assets/'.$log->filename;
 
+            if ($log->action_type == 'audit') {
+                $file = 'private_uploads/audits/'.$log->filename;
+            }
+
+            try {
+                 return StorageHelper::showOrDownloadFile($file, $log->filename);
+            } catch (\Exception $e) {
+                return redirect()->route('hardware.show', $asset)->with('error', trans('general.file_not_found'));
             }
 
-            return redirect()->route('hardware.show', ['hardware' => $asset])->with('error',  trans('general.log_record_not_found'));
         }
 
-        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+        return redirect()->route('hardware.show', $asset)->with('error', trans('general.log_record_not_found'));
+
 
     }
 
@@ -95,29 +89,20 @@ class AssetFilesController extends Controller
      * @param  int $fileId
      * @since [v1.0]
      */
-    public function destroy($assetId = null, $fileId = null) : RedirectResponse
+    public function destroy(Asset $asset, $fileId = null) : RedirectResponse
     {
-        $asset = Asset::find($assetId);
         $this->authorize('update', $asset);
         $rel_path = 'private_uploads/assets';
 
-        // the asset is valid
-        if (isset($asset->id)) {
-            $this->authorize('update', $asset);
-            $log = Actionlog::find($fileId);
-            if ($log) {
-                if (Storage::exists($rel_path.'/'.$log->filename)) {
-                    Storage::delete($rel_path.'/'.$log->filename);
-                }
-                $log->delete();
-
-                return redirect()->back()->with('success', trans('admin/hardware/message.deletefile.success'));
+        if ($log = Actionlog::find($fileId)) {
+            if (Storage::exists($rel_path.'/'.$log->filename)) {
+                Storage::delete($rel_path.'/'.$log->filename);
             }
-
-            return redirect()->back()
-                ->with('success', trans('admin/hardware/message.deletefile.success'));
+            $log->delete();
+            return redirect()->back()->withFragment('files')->with('success', trans('admin/hardware/message.deletefile.success'));
         }
 
-        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+        return redirect()->route('hardware.show', $asset)->with('error', trans('general.log_record_not_found'));
     }
+
 }

app/Http/Controllers/Assets/AssetsController.php

@@ -30,6 +30,7 @@ use Illuminate\Http\Response;
 use Illuminate\Contracts\View\View;
 use Illuminate\Http\RedirectResponse;
 use Symfony\Component\HttpFoundation\BinaryFileResponse;
+use TypeError;
 
 /**
  * This class controls all actions related to assets for
@@ -201,7 +202,7 @@ class AssetsController extends Controller
                     $asset->checkOut($target, auth()->user(), date('Y-m-d H:i:s'), $request->input('expected_checkin', null), 'Checked out on asset creation', $request->get('name'), $location);
                 }
 
-                $successes[] = "<a href='" . route('hardware.show', ['hardware' => $asset->id]) . "' style='color: white;'>" . e($asset->asset_tag) . "</a>";
+                $successes[] = "<a href='" . route('hardware.show', $asset) . "' style='color: white;'>" . e($asset->asset_tag) . "</a>";
 
             } else {
                 $failures[] = join(",", $asset->getErrors()->all());
@@ -222,7 +223,7 @@ class AssetsController extends Controller
                     //the most common case, keeping it so we don't have to make every use of that translation string be trans_choice'ed
                     //and re-translated
                     return redirect()->to(Helper::getRedirectOption($request, $asset->id, 'Assets'))
-                        ->with('success-unescaped', trans('admin/hardware/message.create.success_linked', ['link' => route('hardware.show', ['hardware' => $asset->id]), 'id', 'tag' => e($asset->asset_tag)]));
+                        ->with('success-unescaped', trans('admin/hardware/message.create.success_linked', ['link' => route('hardware.show', $asset), 'id', 'tag' => e($asset->asset_tag)]));
                 } else {
                     //multi-success
                     return redirect()->to(Helper::getRedirectOption($request, $asset->id, 'Assets'))
@@ -240,20 +241,14 @@ class AssetsController extends Controller
      * Returns a view that presents a form to edit an existing asset.
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @param int $assetId
      * @since [v1.0]
      * @return \Illuminate\Contracts\View\View
      */
-    public function edit($assetId = null) : View | RedirectResponse
+    public function edit(Asset $asset) : View | RedirectResponse
     {
-        if (! $item = Asset::find($assetId)) {
-            // Redirect to the asset management page with error
-            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
-        }
-        //Handles company checks and permissions.
-        $this->authorize($item);
-
-        return view('hardware/edit', compact('item'))
+        $this->authorize($asset);
+        return view('hardware/edit')
+            ->with('item', $asset)
             ->with('statuslabel_list', Helper::statusLabelList())
             ->with('statuslabel_types', Helper::statusTypeList());
     }
@@ -267,15 +262,14 @@ class AssetsController extends Controller
      * @since [v1.0]
      * @return \Illuminate\Contracts\View\View
      */
-    public function show($assetId = null) : View | RedirectResponse
+    public function show(Asset $asset) : View | RedirectResponse
     {
-        $asset = Asset::withTrashed()->find($assetId);
         $this->authorize('view', $asset);
         $settings = Setting::getSettings();
 
         if (isset($asset)) {
             $audit_log = Actionlog::where('action_type', '=', 'audit')
-                ->where('item_id', '=', $assetId)
+                ->where('item_id', '=', $asset->id)
                 ->where('item_type', '=', Asset::class)
                 ->orderBy('created_at', 'DESC')->first();
 
@@ -291,7 +285,7 @@ class AssetsController extends Controller
 
             $qr_code = (object) [
                 'display' => $settings->qr_code == '1',
-                'url' => route('qr_code/hardware', $asset->id),
+                'url' => route('qr_code/hardware', $asset),
             ];
 
             return view('hardware/view', compact('asset', 'qr_code', 'settings'))
@@ -308,14 +302,9 @@ class AssetsController extends Controller
      * @since [v1.0]
      * @author [A. Gianotto] [<snipe@snipe.net>]
      */
-    public function update(ImageUploadRequest $request, $assetId = null) : RedirectResponse
+    public function update(ImageUploadRequest $request, Asset $asset) : RedirectResponse
     {
 
-        // Check if the asset exists
-        if (! $asset = Asset::find($assetId)) {
-            // Redirect to the asset management page with error
-            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
-        }
         $this->authorize($asset);
 
         $asset->status_id = $request->input('status_id', null);
@@ -351,15 +340,14 @@ class AssetsController extends Controller
 
         $status = Statuslabel::find($request->input('status_id'));
 
-        // This is a non-deployable status label - we should check the asset back in.
-        if (($status && $status->getStatuslabelType() != 'deployable') && ($target = $asset->assignedTo)) {
-
+        // This is an archived or undeployable - we should check the asset back in.
+        // Pending is allowed here
+        if (($status) && (($status->getStatuslabelType() != 'pending') && ($status->getStatuslabelType() != 'deployable')) && ($target = $asset->assignedTo)) {
             $originalValues = $asset->getRawOriginal();
             $asset->assigned_to = null;
             $asset->assigned_type = null;
             $asset->accepted = null;
-
-            event(new CheckoutableCheckedIn($asset, $target, auth()->user(), 'Checkin on asset update', date('Y-m-d H:i:s'), $originalValues));
+            event(new CheckoutableCheckedIn($asset, $target, auth()->user(), 'Checkin on asset update with '.$status->getStatuslabelType().' status', date('Y-m-d H:i:s'), $originalValues));
         }
 
         if ($asset->assigned_to == '') {
@@ -430,7 +418,7 @@ class AssetsController extends Controller
         session()->put(['redirect_option' => $request->get('redirect_option'), 'checkout_to_type' => $request->get('checkout_to_type')]);
 
         if ($asset->save()) {
-            return redirect()->to(Helper::getRedirectOption($request, $assetId, 'Assets'))
+            return redirect()->to(Helper::getRedirectOption($request, $asset->id, 'Assets'))
                 ->with('success', trans('admin/hardware/message.update.success'));
         }
 
@@ -531,14 +519,14 @@ class AssetsController extends Controller
      * @param int $assetId
      * @since [v1.0]
      */
-    public function getQrCode($assetId = null) : Response | BinaryFileResponse | string | bool
+    public function getQrCode(Asset $asset) : Response | BinaryFileResponse | string | bool
     {
         $settings = Setting::getSettings();
 
-        if ($settings->qr_code == '1') {
-            $asset = Asset::withTrashed()->find($assetId);
+        if (($settings->qr_code == '1') && ($settings->label2_2d_type !== 'none')) {
+
             if ($asset) {
-                $size = Helper::barcodeDimensions($settings->barcode_type);
+                $size = Helper::barcodeDimensions($settings->label2_2d_type);
                 $qr_file = public_path().'/uploads/barcodes/qr-'.str_slug($asset->asset_tag).'-'.str_slug($asset->id).'.png';
 
                 if (isset($asset->id, $asset->asset_tag)) {
@@ -548,7 +536,7 @@ class AssetsController extends Controller
                         return response()->file($qr_file, $header);
                     } else {
                         $barcode = new \Com\Tecnick\Barcode\Barcode();
-                        $barcode_obj = $barcode->getBarcodeObj($settings->barcode_type, route('hardware.show', $asset->id), $size['height'], $size['width'], 'black', [-2, -2, -2, -2]);
+                        $barcode_obj = $barcode->getBarcodeObj($settings->label2_2d_type, route('hardware.show', $asset->id), $size['height'], $size['width'], 'black', [-2, -2, -2, -2]);
                         file_put_contents($qr_file, $barcode_obj->getPngData());
 
                         return response($barcode_obj->getPngData())->header('Content-type', 'image/png');
@@ -573,7 +561,7 @@ class AssetsController extends Controller
     {
         $settings = Setting::getSettings();
         if ($asset = Asset::withTrashed()->find($assetId)) {
-            $barcode_file = public_path().'/uploads/barcodes/'.str_slug($settings->alt_barcode).'-'.str_slug($asset->asset_tag).'.png';
+            $barcode_file = public_path().'/uploads/barcodes/'.str_slug($settings->label2_1d_type).'-'.str_slug($asset->asset_tag).'.png';
 
             if (isset($asset->id, $asset->asset_tag)) {
                 if (file_exists($barcode_file)) {
@@ -586,11 +574,11 @@ class AssetsController extends Controller
 
                     $barcode = new \Com\Tecnick\Barcode\Barcode();
                     try {
-                        $barcode_obj = $barcode->getBarcodeObj($settings->alt_barcode, $asset->asset_tag, ($barcode_width < 300 ? $barcode_width : 300), 50);
+                        $barcode_obj = $barcode->getBarcodeObj($settings->label2_1d_type, $asset->asset_tag, ($barcode_width < 300 ? $barcode_width : 300), 50);
                         file_put_contents($barcode_file, $barcode_obj->getPngData());
 
                         return response($barcode_obj->getPngData())->header('Content-type', 'image/png');
-                    } catch (\Exception $e) {
+                    } catch (\Exception|TypeError $e) {
                         Log::debug('The barcode format is invalid.');
 
                         return response(file_get_contents(public_path('uploads/barcodes/invalid_barcode.gif')))->header('Content-type', 'image/gif');
@@ -865,8 +853,8 @@ class AssetsController extends Controller
     public function quickScan()
     {
         $this->authorize('audit', Asset::class);
-        $dt = Carbon::now()->addMonths(12)->toDateString();
-
+        $settings = Setting::getSettings();
+        $dt = Carbon::now()->addMonths($settings->audit_interval)->toDateString();
         return view('hardware/quickscan')->with('next_audit_date', $dt);
     }
 
@@ -877,13 +865,11 @@ class AssetsController extends Controller
         return view('hardware/quickscan-checkin')->with('statusLabel_list', Helper::statusLabelList());
     }
 
-    public function audit($id)
+    public function audit(Asset $asset)
     {
         $settings = Setting::getSettings();
         $this->authorize('audit', Asset::class);
         $dt = Carbon::now()->addMonths($settings->audit_interval)->toDateString();
-        $asset = Asset::findOrFail($id);
-
         return view('hardware/audit')->with('asset', $asset)->with('next_audit_date', $dt)->with('locations_list');
     }
 
@@ -902,7 +888,7 @@ class AssetsController extends Controller
     }
 
 
-    public function auditStore(UploadFileRequest $request, $id)
+    public function auditStore(UploadFileRequest $request, Asset $asset)
     {
         $this->authorize('audit', Asset::class);
 
@@ -917,8 +903,6 @@ class AssetsController extends Controller
             return response()->json(Helper::formatStandardApiResponse('error', null, $validator->errors()->all()));
         }
 
-        $asset = Asset::findOrFail($id);
-
         /**
          * Even though we do a save() further down, we don't want to log this as a "normal" asset update,
          * which would trigger the Asset Observer and would log an asset *update* log entry (because the

app/Http/Controllers/Assets/BulkAssetsController.php

@@ -358,7 +358,11 @@ class BulkAssetsController extends Controller
                  * to someone/something.
                  */
                 if ($request->filled('status_id')) {
-                    $updated_status = Statuslabel::find($request->input('status_id'));
+                    try {
+                        $updated_status = Statuslabel::findOrFail($request->input('status_id'));
+                    } catch (ModelNotFoundException $e) {
+                        return redirect($bulk_back_url)->with('error', trans('admin/statuslabels/message.does_not_exist'));
+                    }
 
                     // We cannot assign a non-deployable status type if the asset is already assigned.
                     // This could probably be added to a form request.
@@ -366,7 +370,7 @@ class BulkAssetsController extends Controller
                     // Otherwise we need to make sure the status type is still a deployable one.
                     if (
                         ($asset->assigned_to == '')
-                        || ($updated_status->deployable == '1') && ($asset->assetstatus->deployable == '1')
+                        || ($updated_status->deployable == '1') && ($asset->assetstatus?->deployable == '1')
                     ) {
                         $this->update_array['status_id'] = $updated_status->id;
                     }
@@ -525,21 +529,31 @@ class BulkAssetsController extends Controller
         $this->authorize('delete', Asset::class);
 
         $bulk_back_url = route('hardware.index');
+
         if ($request->session()->has('bulk_back_url')) {
             $bulk_back_url = $request->session()->pull('bulk_back_url');
         }
+        $assetIds = $request->get('ids');
 
-        if ($request->filled('ids')) {
-            $assets = Asset::find($request->get('ids'));
-            foreach ($assets as $asset) {
-                $asset->delete();
-            } // endforeach
-
-            return redirect($bulk_back_url)->with('success', trans('admin/hardware/message.delete.success'));
-            // no values given, nothing to update
+        if(empty($assetIds)) {
+            return redirect($bulk_back_url)->with('error', trans('admin/hardware/message.delete.nothing_updated'));
         }
 
-        return redirect($bulk_back_url)->with('error', trans('admin/hardware/message.delete.nothing_updated'));
+        $assignedAssets = Asset::whereIn('id', $assetIds)->whereNotNull('assigned_to')->get();
+        if($assignedAssets->isNotEmpty()) {
+
+            //if assets are checked out, return a list of asset tags that would need to be checked in first.
+            $assetTags = $assignedAssets->pluck('asset_tag')->implode(', ');
+            return redirect($bulk_back_url)->with('error', trans_choice('admin/hardware/message.delete.assigned_to_error', $assignedAssets->count(), ['asset_tag' => $assetTags] ));
+        }
+
+        foreach (Asset::wherein('id', $assetIds)->get() as $asset) {
+                $asset->delete();
+            }
+
+        return redirect($bulk_back_url)->with('success', trans('admin/hardware/message.delete.success'));
+            // no values given, nothing to update
+
     }
 
     /**

app/Http/Controllers/Auth/ForgotPasswordController.php

@@ -50,14 +50,14 @@ class ForgotPasswordController extends Controller
      */
     public function sendResetLinkEmail(Request $request)
     {
-
         /**
          * Let's set a max character count here to prevent potential
          * buffer overflow issues with attackers sending very large
-         * payloads through.
+         * payloads through. The addition of the string rule prevents attackers
+         * sending arrays through and causing 500s
          */
         $request->validate([
-            'username' => ['required', 'max:255'],
+            'username' => ['required', 'max:255', 'string'],
         ]);
 
         /**

app/Http/Controllers/Auth/ResetPasswordController.php

@@ -103,22 +103,24 @@ class ResetPasswordController extends Controller
                     ], $messages);
             }
 
+            if ($user->ldap_import != '1') {
 
-            // set the response
-            $response = $broker->reset(
-                $this->credentials($request), function ($user, $password) {
-                $this->resetPassword($user, $password);
-            });
+                    // set the response
+                    $response = $broker->reset(
+                        $this->credentials($request), function ($user, $password) {
+                        $this->resetPassword($user, $password);
+                    });
 
-            // Check if the password reset above actually worked
-            if ($response == \Password::PASSWORD_RESET) {
-                Log::debug('Password reset for '.$user->username.' worked');
-                return redirect()->guest('login')->with('success', trans('passwords.reset'));
+                    // Check if the password reset above actually worked
+                    if ($response == \Password::PASSWORD_RESET) {
+                        Log::debug('Password reset for ' . $user->username . ' worked');
+                        return redirect()->guest('login')->with('success', trans('passwords.reset'));
+                    }
+
+                    Log::debug('Password reset for ' . $user->username . ' FAILED - this user exists but the token is not valid');
+                    return redirect()->back()->withInput($request->only('email'))->with('success', trans('passwords.reset'));
             }
 
-            Log::debug('Password reset for '.$user->username.' FAILED - this user exists but the token is not valid');
-            return redirect()->back()->withInput($request->only('email'))->with('success', trans('passwords.reset'));
-
         }
 
 

app/Http/Controllers/CategoriesController.php

@@ -69,6 +69,7 @@ class CategoriesController extends Controller
         $category->use_default_eula = $request->input('use_default_eula', '0');
         $category->require_acceptance = $request->input('require_acceptance', '0');
         $category->checkin_email = $request->input('checkin_email', '0');
+        $category->notes = $request->input('notes');
         $category->created_by = auth()->id();
 
         $category = $request->handleImages($category);
@@ -87,14 +88,10 @@ class CategoriesController extends Controller
      * @param int $categoryId
      * @since [v1.0]
      */
-    public function edit($categoryId = null) : RedirectResponse | View
+    public function edit(Category $category) : RedirectResponse | View
     {
         $this->authorize('update', Category::class);
-        if (is_null($item = Category::find($categoryId))) {
-            return redirect()->route('categories.index')->with('error', trans('admin/categories/message.does_not_exist'));
-        }
-
-        return view('categories/edit', compact('item'))
+        return view('categories/edit')->with('item', $category)
         ->with('category_types', Helper::categoryTypeList());
     }
 
@@ -107,19 +104,10 @@ class CategoriesController extends Controller
      * @param int $categoryId
      * @since [v1.0]
      */
-    public function update(ImageUploadRequest $request, $categoryId = null) : RedirectResponse
+    public function update(ImageUploadRequest $request, Category $category) : RedirectResponse
     {
         $this->authorize('update', Category::class);
-        if (is_null($category = Category::find($categoryId))) {
-            // Redirect to the categories management page
-            return redirect()->route('categories.index')->with('error', trans('admin/categories/message.does_not_exist'));
-        }
-
-        // Update the category data
         $category->name = $request->input('name');
-        // If the item count is > 0, we disable the category type in the edit. Disabled items
-        // don't POST, so if the category_type is blank we just set it to the default.
-
 
         // Don't allow the user to change the category_type once it's been created
         if (($request->filled('category_type') && ($category->itemCount() > 0))) {
@@ -134,6 +122,7 @@ class CategoriesController extends Controller
         $category->use_default_eula = $request->input('use_default_eula', '0');
         $category->require_acceptance = $request->input('require_acceptance', '0');
         $category->checkin_email = $request->input('checkin_email', '0');
+        $category->notes = $request->input('notes');
 
         $category = $request->handleImages($category);
 
@@ -179,10 +168,10 @@ class CategoriesController extends Controller
      * @param $id
      * @since [v1.8]
      */
-    public function show($id) : View | RedirectResponse
+    public function show(Category $category) : View | RedirectResponse
     {
         $this->authorize('view', Category::class);
-        if ($category = Category::find($id)) {
+
             if ($category->category_type == 'asset') {
                 $category_type = 'hardware';
                 $category_type_route = 'assets';
@@ -197,8 +186,5 @@ class CategoriesController extends Controller
             return view('categories/view', compact('category'))
                 ->with('category_type', $category_type)
                 ->with('category_type_route', $category_type_route);
-        }
-
-        return redirect()->route('categories.index')->with('error', trans('admin/categories/message.does_not_exist'));
     }
 }

app/Http/Controllers/CompaniesController.php

@@ -60,6 +60,7 @@ final class CompaniesController extends Controller
         $company->phone = $request->input('phone');
         $company->fax = $request->input('fax');
         $company->email = $request->input('email');
+        $company->notes = $request->input('notes');
         $company->created_by = auth()->id();
 
         $company = $request->handleImages($company);
@@ -79,16 +80,10 @@ final class CompaniesController extends Controller
      * @since [v1.8]
      * @param int $companyId
      */
-    public function edit($companyId) : View | RedirectResponse
+    public function edit(Company $company) : View | RedirectResponse
     {
-        if (is_null($item = Company::find($companyId))) {
-            return redirect()->route('companies.index')
-                ->with('error', trans('admin/companies/message.does_not_exist'));
-        }
-
-        $this->authorize('update', $item);
-
-        return view('companies/edit')->with('item', $item);
+        $this->authorize('update', $company);
+        return view('companies/edit')->with('item', $company);
     }
 
     /**
@@ -99,18 +94,15 @@ final class CompaniesController extends Controller
      * @param ImageUploadRequest $request
      * @param int $companyId
      */
-    public function update(ImageUploadRequest $request, $companyId) : RedirectResponse
+    public function update(ImageUploadRequest $request, Company $company) : RedirectResponse
     {
-        if (is_null($company = Company::find($companyId))) {
-            return redirect()->route('companies.index')->with('error', trans('admin/companies/message.does_not_exist'));
-        }
 
         $this->authorize('update', $company);
-
         $company->name = $request->input('name');
         $company->phone = $request->input('phone');
         $company->fax = $request->input('fax');
         $company->email = $request->input('email');
+        $company->notes = $request->input('notes');
 
         $company = $request->handleImages($company);
 
@@ -156,15 +148,9 @@ final class CompaniesController extends Controller
             ->with('success', trans('admin/companies/message.delete.success'));
     }
 
-    public function show($id) : View | RedirectResponse
+    public function show(Company $company) : View | RedirectResponse
     {
         $this->authorize('view', Company::class);
-
-        if (is_null($company = Company::find($id))) {
-            return redirect()->route('companies.index')
-                ->with('error', trans('admin/companies/message.not_found'));
-        }
-
         return view('companies/view')->with('company', $company);
     }
 }

app/Http/Controllers/Components/ComponentsController.php

@@ -107,15 +107,13 @@ class ComponentsController extends Controller
      * @return \Illuminate\Contracts\View\View
      * @throws \Illuminate\Auth\Access\AuthorizationException
      */
-    public function edit($componentId = null)
+    public function edit(Component $component)
     {
-        if ($item = Component::find($componentId)) {
-            $this->authorize('update', $item);
 
-            return view('components/edit', compact('item'))->with('category_type', 'component');
-        }
-
-        return redirect()->route('components.index')->with('error', trans('admin/components/message.does_not_exist'));
+            $this->authorize('update', $component);
+            return view('components/edit')
+                ->with('item', $component)
+                ->with('category_type', 'component');
     }
 
 
@@ -130,11 +128,8 @@ class ComponentsController extends Controller
      * @throws \Illuminate\Auth\Access\AuthorizationException
      * @since [v3.0]
      */
-    public function update(ImageUploadRequest $request, $componentId = null)
+    public function update(ImageUploadRequest $request, Component $component)
     {
-        if (is_null($component = Component::find($componentId))) {
-            return redirect()->route('components.index')->with('error', trans('admin/components/message.does_not_exist'));
-        }
         $min = $component->numCheckedOut();
         $validator = Validator::make($request->all(), [
             'qty' => "required|numeric|min:$min",
@@ -193,7 +188,7 @@ class ComponentsController extends Controller
         $this->authorize('delete', $component);
 
         // Remove the image if one exists
-        if (Storage::disk('public')->exists('components/'.$component->image)) {
+        if ($component->image && Storage::disk('public')->exists('components/' . $component->image)) {
             try {
                 Storage::disk('public')->delete('components/'.$component->image);
             } catch (\Exception $e) {
@@ -201,6 +196,10 @@ class ComponentsController extends Controller
             }
         }
 
+        if ($component->numCheckedOut() > 0) {
+            return redirect()->route('components.index')->with('error', trans('admin/components/message.delete.error_qty'));
+        }
+
         $component->delete();
 
         return redirect()->route('components.index')->with('success', trans('admin/components/message.delete.success'));
@@ -216,17 +215,9 @@ class ComponentsController extends Controller
      * @return \Illuminate\Contracts\View\View
      * @throws \Illuminate\Auth\Access\AuthorizationException
      */
-    public function show($componentId = null)
+    public function show(Component $component)
     {
-        $component = Component::find($componentId);
-
-        if (isset($component->id)) {
             $this->authorize('view', $component);
-
             return view('components/view', compact('component'));
-        }
-        // Redirect to the user management page
-        return redirect()->route('components.index')
-            ->with('error', trans('admin/components/message.does_not_exist'));
     }
 }

app/Http/Controllers/Components/ComponentsFilesController.php

@@ -50,7 +50,7 @@ class ComponentsFilesController extends Controller
                 }
 
 
-                return redirect()->route('components.show', $component->id)->with('success', trans('general.file_upload_success'));
+                return redirect()->route('components.show', $component->id)->withFragment('files')->with('success', trans('general.file_upload_success'));
 
             }
 
@@ -91,7 +91,7 @@ class ComponentsFilesController extends Controller
 
             $log->delete();
 
-            return redirect()->back()
+            return redirect()->back()->withFragment('files')
                 ->with('success', trans('admin/hardware/message.deletefile.success'));
         }
 

app/Http/Controllers/Consumables/ConsumablesController.php

@@ -50,7 +50,7 @@ class ConsumablesController extends Controller
     {
         $this->authorize('create', Consumable::class);
 
-        return view('consumables/edit')->with('category_type', 'consumable')
+        return view('consumables.edit')->with('category_type', 'consumable')
             ->with('item', new Consumable);
     }
 
@@ -104,15 +104,13 @@ class ConsumablesController extends Controller
      * @see ConsumablesController::postEdit() method that stores the form data.
      * @since [v1.0]
      */
-    public function edit($consumableId = null) : View | RedirectResponse
+    public function edit(Consumable $consumable) : View | RedirectResponse
     {
-        if ($item = Consumable::find($consumableId)) {
-            $this->authorize($item);
+            $this->authorize($consumable);
+            return view('consumables/edit')
+                ->with('item', $consumable)
+                ->with('category_type', 'consumable');
 
-            return view('consumables/edit', compact('item'))->with('category_type', 'consumable');
-        }
-
-        return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.does_not_exist'));
     }
 
     /**
@@ -126,11 +124,8 @@ class ConsumablesController extends Controller
      * @see ConsumablesController::getEdit() method that stores the form data.
      * @since [v1.0]
      */
-    public function update(StoreConsumableRequest $request, $consumableId = null)
+    public function update(StoreConsumableRequest $request, Consumable $consumable)
     {
-        if (is_null($consumable = Consumable::find($consumableId))) {
-            return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.does_not_exist'));
-        }
 
         $min = $consumable->numCheckedOut();
         $validator = Validator::make($request->all(), [
@@ -202,16 +197,11 @@ class ConsumablesController extends Controller
      * @return \Illuminate\Contracts\View\View
      * @throws \Illuminate\Auth\Access\AuthorizationException
      */
-    public function show($consumableId = null)
+    public function show(Consumable $consumable)
     {
-        $consumable = Consumable::withCount('users as users_consumables')->find($consumableId);
+        $consumable = Consumable::withCount('users as users_consumables')->find($consumable->id);
         $this->authorize($consumable);
-        if (isset($consumable->id)) {
-            return view('consumables/view', compact('consumable'));
-        }
-
-        return redirect()->route('consumables.index')
-            ->with('error', trans('admin/consumables/message.does_not_exist'));
+        return view('consumables/view', compact('consumable'));
     }
 
     public function clone(Consumable $consumable) : View

app/Http/Controllers/Consumables/ConsumablesFilesController.php

@@ -48,7 +48,7 @@ class ConsumablesFilesController extends Controller
                 }
 
 
-                return redirect()->route('consumables.show', $consumable->id)->with('success', trans('general.file_upload_success'));
+                return redirect()->route('consumables.show', $consumable->id)->withFragment('files')->with('success', trans('general.file_upload_success'));
 
             }
 
@@ -89,7 +89,7 @@ class ConsumablesFilesController extends Controller
 
             $log->delete();
 
-            return redirect()->back()
+            return redirect()->back()->withFragment('files')
                 ->with('success', trans('admin/hardware/message.deletefile.success'));
         }
 

app/Http/Controllers/CustomFieldsController.php

@@ -104,7 +104,9 @@ class CustomFieldsController extends Controller
             "auto_add_to_fieldsets" => $request->get("auto_add_to_fieldsets", 0),
             "show_in_listview" => $request->get("show_in_listview", 0),
             "show_in_requestable_list" => $request->get("show_in_requestable_list", 0),
-            "user_id" => auth()->id()
+            "display_checkin" => $request->get("display_checkin", 0),
+            "display_checkout" => $request->get("display_checkout", 0),
+            "created_by" => auth()->id()
         ]);
 
 
@@ -193,10 +195,8 @@ class CustomFieldsController extends Controller
      * @param  int $id
      * @since [v4.0]
      */
-    public function edit(Request $request, $id) : View | RedirectResponse
+    public function edit(Request $request, CustomField $field) : View | RedirectResponse
     {
-        if ($field = CustomField::find($id)) {
-
         $this->authorize('update', $field);
         $fieldsets = CustomFieldset::get();
         $customFormat = '';
@@ -210,11 +210,7 @@ class CustomFieldsController extends Controller
             'fieldsets'         => $fieldsets,
             'predefinedFormats' => Helper::predefined_formats(),
         ]);
-        } 
 
-        return redirect()->route("fields.index")
-            ->with("error", trans('admin/custom_fields/message.field.invalid'));
-        
     }
 
 
@@ -229,13 +225,9 @@ class CustomFieldsController extends Controller
      * @return \Illuminate\Http\RedirectResponse
      * @throws \Illuminate\Auth\Access\AuthorizationException
      */
-    public function update(CustomFieldRequest $request, $id) : RedirectResponse
+    public function update(CustomFieldRequest $request, CustomField $field) : RedirectResponse
     {
-        $field = CustomField::find($id);
-
         $this->authorize('update', $field);
-
-
         $show_in_email = $request->get("show_in_email", 0);
         $display_in_user_view = $request->get("display_in_user_view", 0);
 
@@ -256,6 +248,8 @@ class CustomFieldsController extends Controller
         $field->auto_add_to_fieldsets = $request->get("auto_add_to_fieldsets", 0);
         $field->show_in_listview = $request->get("show_in_listview", 0);
         $field->show_in_requestable_list = $request->get("show_in_requestable_list", 0);
+        $field->display_checkin = $request->get("display_checkin", 0);
+        $field->display_checkout = $request->get("display_checkout", 0);
 
         if ($request->get('format') == 'CUSTOM REGEX') {
             $field->format = e($request->get('custom_format'));

app/Http/Controllers/CustomFieldsetsController.php

@@ -35,10 +35,12 @@ class CustomFieldsetsController extends Controller
      * @param int $id
      * @since [v1.8]
      */
-    public function show($id) : View | RedirectResponse
+    public function show(CustomFieldset $fieldset) : View | RedirectResponse
     {
         $cfset = CustomFieldset::with('fields')
-            ->where('id', '=', $id)->orderBy('id', 'ASC')->first();
+            ->where('id', '=', $fieldset->id)
+            ->orderBy('id', 'ASC')
+            ->first();
 
         $this->authorize('view', $cfset);
 
@@ -122,16 +124,10 @@ class CustomFieldsetsController extends Controller
      * @param  int  $id
      * @since [v6.0.14]
      */
-    public function edit($id) : View | RedirectResponse
+    public function edit(CustomFieldset $fieldset) : View | RedirectResponse
     {
         $this->authorize('create', CustomField::class);
-
-        if ($fieldset = CustomFieldset::find($id)) {
-            return view('custom_fields.fieldsets.edit')->with('item', $fieldset);
-        }
-
-        return redirect()->route('fields.index')->with('error', trans('admin/custom_fields/general.fieldset_does_not_exist', ['id' => $id]));
-
+        return view('custom_fields.fieldsets.edit')->with('item', $fieldset);
     }
 
     /**
@@ -141,23 +137,18 @@ class CustomFieldsetsController extends Controller
      * @param  int  $id
      * @since [v6.0.14]
      */
-    public function update(Request $request, $id) : RedirectResponse
+    public function update(Request $request, CustomFieldset $fieldset) : RedirectResponse
     {
         $this->authorize('create', CustomField::class);
 
-        if ($fieldset = CustomFieldset::find($id)) {
-
-            $fieldset->name = $request->input('name');
-
-            if ($fieldset->save()) {
-                return redirect()->route('fields.index')->with('success', trans('admin/custom_fields/general.fieldset_updated'));
-            }
-
-            return redirect()->back()->withInput()->withErrors($fieldset->getErrors());
+        $fieldset->name = $request->input('name');
 
+        if ($fieldset->save()) {
+            return redirect()->route('fields.index')->with('success', trans('admin/custom_fields/general.fieldset_updated'));
         }
 
-        return redirect()->route('fields.index')->with('error', trans('admin/custom_fields/general.fieldset_does_not_exist', ['id' => $id]));
+        return redirect()->back()->withInput()->withErrors($fieldset->getErrors());
+
     }
 
     /**

app/Http/Controllers/DashboardController.php

@@ -40,7 +40,7 @@ class DashboardController extends Controller
 
             if ((! file_exists(storage_path().'/oauth-private.key')) || (! file_exists(storage_path().'/oauth-public.key'))) {
                 Artisan::call('migrate', ['--force' => true]);
-                \Artisan::call('passport:install');
+                Artisan::call('passport:install', ['--no-interaction' => true]);
             }
 
             return view('dashboard')->with('asset_stats', $asset_stats)->with('counts', $counts);

app/Http/Controllers/DepartmentsController.php

@@ -55,6 +55,7 @@ class DepartmentsController extends Controller
         $department->manager_id = ($request->filled('manager_id') ? $request->input('manager_id') : null);
         $department->location_id = ($request->filled('location_id') ? $request->input('location_id') : null);
         $department->company_id = ($request->filled('company_id') ? $request->input('company_id') : null);
+        $department->notes = $request->input('notes');
         $department = $request->handleImages($department);
 
         if ($department->save()) {
@@ -72,17 +73,10 @@ class DepartmentsController extends Controller
      * @param int $id
      * @since [v4.0]
      */
-    public function show($id) : View | RedirectResponse
+    public function show(Department $department) : View | RedirectResponse
     {
-        $department = Department::find($id);
-
         $this->authorize('view', $department);
-
-        if (isset($department->id)) {
-            return view('departments/view', compact('department'));
-        }
-
-        return redirect()->route('departments.index')->with('error', trans('admin/departments/message.does_not_exist'));
+        return view('departments/view', compact('department'));
     }
 
     /**
@@ -138,15 +132,10 @@ class DepartmentsController extends Controller
      * @param int $departmentId
      * @since [v1.0]
      */
-    public function edit($departmentId = null) : View | RedirectResponse
+    public function edit(Department $department) : View | RedirectResponse
     {
-        if (is_null($item = Department::find($departmentId))) {
-            return redirect()->back()->with('error', trans('admin/locations/message.does_not_exist'));
-        }
-
-        $this->authorize('update', $item);
-
-        return view('departments/edit', compact('item'));
+        $this->authorize('update', $department);
+        return view('departments/edit')->with('item', $department);
     }
 
     /**
@@ -157,11 +146,8 @@ class DepartmentsController extends Controller
      * @param int $departmentId
      * @since [v1.0]
      */
-    public function update(ImageUploadRequest $request, $id) : RedirectResponse
+    public function update(ImageUploadRequest $request, Department $department) : RedirectResponse
     {
-        if (is_null($department = Department::find($id))) {
-            return redirect()->route('departments.index')->with('error', trans('admin/departments/message.does_not_exist'));
-        }
 
         $this->authorize('update', $department);
 
@@ -171,7 +157,7 @@ class DepartmentsController extends Controller
         $department->company_id = ($request->filled('company_id') ? $request->input('company_id') : null);
         $department->phone = $request->input('phone');
         $department->fax = $request->input('fax');
-
+        $department->notes = $request->input('notes');
         $department = $request->handleImages($department);
 
         if ($department->save()) {

app/Http/Controllers/DepreciationsController.php

@@ -95,17 +95,11 @@ class DepreciationsController extends Controller
      * @param int $depreciationId
      * @since [v1.0]
      */
-    public function edit($depreciationId = null) : RedirectResponse | View
+    public function edit(Depreciation $depreciation) : RedirectResponse | View
     {
-        // Check if the depreciation exists
-        if (is_null($item = Depreciation::find($depreciationId))) {
-            // Redirect to the blogs management page
-            return redirect()->route('depreciations.index')->with('error', trans('admin/depreciations/message.does_not_exist'));
-        }
 
-        $this->authorize('update', $item);
-
-        return view('depreciations/edit', compact('item'));
+        $this->authorize('update', $depreciation);
+        return view('depreciations/edit')->with('item', $depreciation);
     }
 
     /**
@@ -117,17 +111,10 @@ class DepreciationsController extends Controller
      * @param int $depreciationId
      * @since [v1.0]
      */
-    public function update(Request $request, $depreciationId = null) : RedirectResponse
+    public function update(Request $request, Depreciation $depreciation) : RedirectResponse
     {
-        // Check if the depreciation exists
-        if (is_null($depreciation = Depreciation::find($depreciationId))) {
-            // Redirect to the blogs management page
-            return redirect()->route('depreciations.index')->with('error', trans('admin/depreciations/message.does_not_exist'));
-        }
 
         $this->authorize('update', $depreciation);
-
-        // Depreciation data
         $depreciation->name             = $request->input('name');
         $depreciation->months           = $request->input('months');
 
@@ -191,12 +178,12 @@ class DepreciationsController extends Controller
      * @param int $depreciationId
      * @since [v1.0]
      */
-    public function show($id) : View | RedirectResponse
+    public function show(Depreciation $depreciation) : View | RedirectResponse
     {
         $depreciation = Depreciation::withCount('assets as assets_count')
             ->withCount('models as models_count')
             ->withCount('licenses as licenses_count')
-            ->find($id);
+            ->find($depreciation->id);
 
         $this->authorize('view', $depreciation);
 

app/Http/Controllers/GroupsController.php

@@ -62,6 +62,7 @@ class GroupsController extends Controller
         $group->name = $request->input('name');
         $group->permissions = json_encode($request->input('permission'));
         $group->created_by = auth()->id();
+        $group->notes = $request->input('notes');
 
         if ($group->save()) {
             return redirect()->route('groups.index')->with('success', trans('admin/groups/message.success.create'));
@@ -78,19 +79,12 @@ class GroupsController extends Controller
      * @param int $id
      * @since [v1.0]
      */
-    public function edit($id) : View | RedirectResponse
+    public function edit(Group $group) : View | RedirectResponse
     {
-        $group = Group::find($id);
-
-        if ($group) {
-            $permissions = config('permissions');
-            $groupPermissions = $group->decodePermissions();
-            $selected_array = Helper::selectedPermissionsArray($permissions, $groupPermissions);
-
-            return view('groups.edit', compact('group', 'permissions', 'selected_array', 'groupPermissions'));
-        }
-
-        return redirect()->route('groups.index')->with('error', trans('admin/groups/message.group_not_found', ['id' => $id]));
+        $permissions = config('permissions');
+        $groupPermissions = $group->decodePermissions();
+        $selected_array = Helper::selectedPermissionsArray($permissions, $groupPermissions);
+        return view('groups.edit', compact('group', 'permissions', 'selected_array', 'groupPermissions'));
     }
 
     /**
@@ -101,13 +95,11 @@ class GroupsController extends Controller
      * @param int $id
      * @since [v1.0]
      */
-    public function update(Request $request, $id = null) : RedirectResponse
+    public function update(Request $request, Group $group) : RedirectResponse
     {
-        if (! $group = Group::find($id)) {
-            return redirect()->route('groups.index')->with('error', trans('admin/groups/message.group_not_found', ['id' => $id]));
-        }
         $group->name = $request->input('name');
         $group->permissions = json_encode($request->input('permission'));
+        $group->notes = $request->input('notes');
 
         if (! config('app.lock_passwords')) {
             if ($group->save()) {
@@ -149,14 +141,8 @@ class GroupsController extends Controller
      * @param $id
      * @since [v4.0.11]
      */
-    public function show($id) : View | RedirectResponse
+    public function show(Group $group) : View | RedirectResponse
     {
-        $group = Group::find($id);
-
-        if ($group) {
-            return view('groups/view', compact('group'));
-        }
-
-        return redirect()->route('groups.index')->with('error', trans('admin/groups/message.group_not_found', ['id' => $id]));
+      return view('groups/view', compact('group'));
     }
 }

app/Http/Controllers/Kits/CheckoutKitController.php

@@ -4,10 +4,8 @@ namespace App\Http\Controllers\Kits;
 
 use App\Http\Controllers\CheckInOutRequest;
 use App\Http\Controllers\Controller;
-use App\Models\PredefinedKit;
 use App\Models\Asset;
-use App\Models\PredefinedLicence;
-use App\Models\PredefinedModel;
+use App\Models\PredefinedKit;
 use App\Models\User;
 use App\Services\PredefinedKitCheckoutService;
 use Illuminate\Http\Request;
@@ -35,12 +33,9 @@ class CheckoutKitController extends Controller
      * @author [D. Minaev.] [<dmitriy.minaev.v@gmail.com>]
      * @return \Illuminate\Contracts\View\View View to checkout
      */
-    public function showCheckout($kit_id)
+    public function showCheckout(PredefinedKit $kit)
     {
         $this->authorize('checkout', Asset::class);
-
-        $kit = PredefinedKit::findOrFail($kit_id);
-
         return view('kits/checkout')->with('kit', $kit);
     }
 

app/Http/Controllers/Kits/PredefinedKitsController.php

@@ -76,17 +76,15 @@ class PredefinedKitsController extends Controller
      * @param int $kit_id
      * @return \Illuminate\Contracts\View\View
      */
-    public function edit($kit_id = null)
+    public function edit(PredefinedKit $kit)
     {
         $this->authorize('update', PredefinedKit::class);
-        if ($kit = PredefinedKit::find($kit_id)) {
+
             return view('kits/edit')
                 ->with('item', $kit)
                 ->with('models', $kit->models)
                 ->with('licenses', $kit->licenses);
-        }
 
-        return redirect()->route('kits.index')->with('error', trans('admin/kits/general.kit_none'));
     }
 
     /**
@@ -98,15 +96,9 @@ class PredefinedKitsController extends Controller
      * @param int $kit_id
      * @return \Illuminate\Http\RedirectResponse
      */
-    public function update(ImageUploadRequest $request, $kit_id = null)
+    public function update(ImageUploadRequest $request, PredefinedKit $kit)
     {
         $this->authorize('update', PredefinedKit::class);
-        // Check if the kit exists
-        if (is_null($kit = PredefinedKit::find($kit_id))) {
-            // Redirect to the kits management page
-            return redirect()->route('kits.index')->with('error', trans('admin/kits/general.kit_none'));
-        }
-
         $kit->name = $request->input('name');
 
         if ($kit->save()) {
@@ -153,9 +145,9 @@ class PredefinedKitsController extends Controller
      * @param int $modelId
      * @return \Illuminate\Contracts\View\View
      */
-    public function show($kit_id = null)
+    public function show(PredefinedKit $kit)
     {
-        return $this->edit($kit_id);
+        return $this->edit($kit);
     }
 
     /**

app/Http/Controllers/Licenses/LicenseCheckinController.php

@@ -28,16 +28,11 @@ class LicenseCheckinController extends Controller
      * @return \Illuminate\Contracts\View\View
      * @throws \Illuminate\Auth\Access\AuthorizationException
      */
-    public function create($seatId = null, $backTo = null)
+    public function create(LicenseSeat $licenseSeat, $backTo = null)
     {
         // Check if the asset exists
-        if (is_null($licenseSeat = LicenseSeat::find($seatId)) || is_null($license = License::find($licenseSeat->license_id))) {
-            // Redirect to the asset management page with error
-            return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.not_found'));
-        }
-
+        $license = License::find($licenseSeat->license_id);
         $this->authorize('checkout', $license);
-
         return view('licenses/checkin', compact('licenseSeat'))->with('backto', $backTo);
     }
 
@@ -71,7 +66,7 @@ class LicenseCheckinController extends Controller
 
         if (! $license->reassignable) {
             // Not allowed to checkin
-            Session::flash('error', 'License not reassignable.');
+            Session::flash('error', trans('admin/licenses/message.checkin.not_reassignable') . '.');
 
             return redirect()->back()->withInput();
         }

app/Http/Controllers/Licenses/LicenseCheckoutController.php

@@ -28,33 +28,24 @@ class LicenseCheckoutController extends Controller
      * @return \Illuminate\Contracts\View\View
      * @throws \Illuminate\Auth\Access\AuthorizationException
      */
-    public function create($id)
+    public function create(License $license)
     {
+        $this->authorize('checkout', $license);
 
-        if ($license = License::find($id)) {
+        if ($license->category) {
 
-            $this->authorize('checkout', $license);
-
-            if ($license->category) {
-
-                // Make sure there is at least one available to checkout
-                if ($license->availCount()->count() < 1){
-                    return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.checkout.not_enough_seats'));
-                }
-
-                // Return the checkout view
-                return view('licenses/checkout', compact('license'));
+            // Make sure there is at least one available to checkout
+            if ($license->availCount()->count() < 1) {
+                return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.checkout.not_enough_seats'));
             }
 
-            // Invalid category
-            return redirect()->route('licenses.edit', ['license' => $license->id])
-                ->with('error', trans('general.invalid_item_category_single', ['type' => trans('general.license')]));
-
+            // Return the checkout view
+            return view('licenses/checkout', compact('license'));
         }
 
-        // Not found
-        return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.not_found'));
-
+        // Invalid category
+        return redirect()->route('licenses.edit', ['license' => $license->id])
+            ->with('error', trans('general.invalid_item_category_single', ['type' => trans('general.license')]));
 
     }
 

app/Http/Controllers/Licenses/LicensesController.php

@@ -121,13 +121,10 @@ class LicensesController extends Controller
      * @return \Illuminate\Contracts\View\View
      * @throws \Illuminate\Auth\Access\AuthorizationException
      */
-    public function edit($licenseId = null)
+    public function edit(License $license)
     {
-        if (is_null($item = License::find($licenseId))) {
-            return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.does_not_exist'));
-        }
 
-        $this->authorize('update', $item);
+        $this->authorize('update', $license);
 
         $maintained_list = [
             '' => 'Maintained',
@@ -135,7 +132,8 @@ class LicensesController extends Controller
             '0' => 'No',
         ];
 
-        return view('licenses/edit', compact('item'))
+        return view('licenses/edit')
+            ->with('item', $license)
             ->with('depreciation_list', Helper::depreciationList())
             ->with('maintained_list', $maintained_list);
     }
@@ -153,11 +151,9 @@ class LicensesController extends Controller
      * @return \Illuminate\Http\RedirectResponse
      * @throws \Illuminate\Auth\Access\AuthorizationException
      */
-    public function update(Request $request, $licenseId = null)
+    public function update(Request $request, License $license)
     {
-        if (is_null($license = License::find($licenseId))) {
-            return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.does_not_exist'));
-        }
+
 
         $this->authorize('update', $license);
 
@@ -201,10 +197,10 @@ class LicensesController extends Controller
      * @return \Illuminate\Http\RedirectResponse
      * @throws \Illuminate\Auth\Access\AuthorizationException
      */
-    public function destroy($licenseId)
+    public function destroy(License $license)
     {
         // Check if the license exists
-        if (is_null($license = License::find($licenseId))) {
+        if (is_null($license = License::find($license->id))) {
             // Redirect to the license management page
             return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.not_found'));
         }
@@ -238,14 +234,9 @@ class LicensesController extends Controller
      * @return \Illuminate\Contracts\View\View
      * @throws \Illuminate\Auth\Access\AuthorizationException
      */
-    public function show($licenseId = null)
+    public function show(License $license)
     {
-        $license = License::with('assignedusers')->find($licenseId);
-
-        if (!$license) {
-            return redirect()->route('licenses.index')
-            ->with('error', trans('admin/licenses/message.does_not_exist'));
-        }
+        $license = License::with('assignedusers')->find($license->id);
 
         $users_count = User::where('autoassign_licenses', '1')->count();
         $total_seats_count = $license->totalSeatsByLicenseID();
@@ -267,10 +258,10 @@ class LicensesController extends Controller
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @param int $licenseId
-     * @return \Illuminate\Http\RedirectResponse
+     * @return \Illuminate\Http\RedirectResponse | \Illuminate\Contracts\View\View
      * @throws \Illuminate\Auth\Access\AuthorizationException
      */
-    public function getClone($licenseId = null)
+    public function getClone($licenseId = null) : \Illuminate\Contracts\View\View | \Illuminate\Http\RedirectResponse
     {
         if (is_null($license_to_clone = License::find($licenseId))) {
             return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.does_not_exist'));

app/Http/Controllers/LocationsController.php

@@ -78,6 +78,7 @@ class LocationsController extends Controller
         $location->created_by = auth()->id();
         $location->phone = request('phone');
         $location->fax = request('fax');
+        $location->notes = $request->input('notes');
 
         $location = $request->handleImages($location);
 
@@ -96,15 +97,10 @@ class LocationsController extends Controller
      * @param int $locationId
      * @since [v1.0]
      */
-    public function edit($locationId = null) : View | RedirectResponse
+    public function edit(Location $location) : View | RedirectResponse
     {
         $this->authorize('update', Location::class);
-        // Check if the location exists
-        if (is_null($item = Location::find($locationId))) {
-            return redirect()->route('locations.index')->with('error', trans('admin/locations/message.does_not_exist'));
-        }
-
-        return view('locations/edit', compact('item'));
+        return view('locations/edit')->with('item', $location);
     }
 
     /**
@@ -116,15 +112,10 @@ class LocationsController extends Controller
      * @param int $locationId
      * @since [v1.0]
      */
-    public function update(ImageUploadRequest $request, $locationId = null) : RedirectResponse
+    public function update(ImageUploadRequest $request, Location $location) : RedirectResponse
     {
         $this->authorize('update', Location::class);
-        // Check if the location exists
-        if (is_null($location = Location::find($locationId))) {
-            return redirect()->route('locations.index')->with('error', trans('admin/locations/message.does_not_exist'));
-        }
 
-        // Update the location data
         $location->name = $request->input('name');
         $location->parent_id = $request->input('parent_id', null);
         $location->currency = $request->input('currency', '$');
@@ -138,6 +129,7 @@ class LocationsController extends Controller
         $location->fax = request('fax');
         $location->ldap_ou = $request->input('ldap_ou');
         $location->manager_id = $request->input('manager_id');
+        $location->notes = $request->input('notes');
 
         $location = $request->handleImages($location);
 
@@ -192,7 +184,7 @@ class LocationsController extends Controller
      * @param int $id
      * @since [v1.0]
      */
-    public function show($id = null) : View | RedirectResponse
+    public function show(Location $location) : View | RedirectResponse
     {
         $location = Location::withCount('assignedAssets as assigned_assets_count')
             ->withCount('assets as assets_count')
@@ -200,7 +192,7 @@ class LocationsController extends Controller
             ->withCount('children as children_count')
             ->withCount('users as users_count')
             ->withTrashed()
-            ->find($id);
+            ->find($location->id);
 
         if (isset($location->id)) {
             return view('locations/view', compact('location'));

app/Http/Controllers/ManufacturersController.php

@@ -67,6 +67,7 @@ class ManufacturersController extends Controller
         $manufacturer->warranty_lookup_url = $request->input('warranty_lookup_url');
         $manufacturer->support_phone = $request->input('support_phone');
         $manufacturer->support_email = $request->input('support_email');
+        $manufacturer->notes = $request->input('notes');
         $manufacturer = $request->handleImages($manufacturer);
 
         if ($manufacturer->save()) {
@@ -84,18 +85,10 @@ class ManufacturersController extends Controller
      * @param int $manufacturerId
      * @since [v1.0]
      */
-    public function edit($manufacturerId = null) : View | RedirectResponse
+    public function edit(Manufacturer $manufacturer) : View | RedirectResponse
     {
-        // Handles manufacturer checks and permissions.
         $this->authorize('update', Manufacturer::class);
-
-        // Check if the manufacturer exists
-        if (! $item = Manufacturer::find($manufacturerId)) {
-            return redirect()->route('manufacturers.index')->with('error', trans('admin/manufacturers/message.does_not_exist'));
-        }
-
-        // Show the page
-        return view('manufacturers/edit', compact('item'));
+        return view('manufacturers/edit')->with('item', $manufacturer);
     }
 
     /**
@@ -107,22 +100,17 @@ class ManufacturersController extends Controller
      * @param int $manufacturerId
      * @since [v1.0]
      */
-    public function update(ImageUploadRequest $request, $manufacturerId = null) : RedirectResponse
+    public function update(ImageUploadRequest $request, Manufacturer $manufacturer) : RedirectResponse
     {
         $this->authorize('update', Manufacturer::class);
-        // Check if the manufacturer exists
-        if (is_null($manufacturer = Manufacturer::find($manufacturerId))) {
-            // Redirect to the manufacturer  page
-            return redirect()->route('manufacturers.index')->with('error', trans('admin/manufacturers/message.does_not_exist'));
-        }
 
-        // Save the data
         $manufacturer->name = $request->input('name');
         $manufacturer->url = $request->input('url');
         $manufacturer->support_url = $request->input('support_url');
         $manufacturer->warranty_lookup_url = $request->input('warranty_lookup_url');
         $manufacturer->support_phone = $request->input('support_phone');
         $manufacturer->support_email = $request->input('support_email');
+        $manufacturer->notes = $request->input('notes');
 
         // Set the model's image property to null if the image is being deleted
         if ($request->input('image_delete') == 1) {
@@ -183,18 +171,10 @@ class ManufacturersController extends Controller
      * @param int $manufacturerId
      * @since [v1.0]
      */
-    public function show($manufacturerId = null) : View | RedirectResponse
+    public function show(Manufacturer $manufacturer) : View | RedirectResponse
     {
         $this->authorize('view', Manufacturer::class);
-        $manufacturer = Manufacturer::find($manufacturerId);
-
-        if (isset($manufacturer->id)) {
-            return view('manufacturers/view', compact('manufacturer'));
-        }
-
-        $error = trans('admin/manufacturers/message.does_not_exist');
-        // Redirect to the user management page
-        return redirect()->route('manufacturers.index')->with('error', $error);
+        return view('manufacturers/view', compact('manufacturer'));
     }
 
     /**

app/Http/Controllers/ModalController.php

@@ -32,7 +32,8 @@ class ModalController extends Controller
             'statuslabel',
             'supplier',
             'upload-file',
-            'user',         
+            'user',
+            'add-note',
         ];
 
 

app/Http/Controllers/NotesController.php

@@ -0,0 +1,42 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Models\Actionlog;
+use App\Models\Asset;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Validation\Rule;
+
+class NotesController extends Controller
+{
+    public function store(Request $request)
+    {
+        $this->authorize('update', Asset::class);
+
+        $validated = $request->validate([
+            'id' => 'required',
+            'note' => 'required|string|max:50000',
+            'type' => [
+                'required',
+                Rule::in(['asset']),
+            ],
+        ]);
+
+        $item = Asset::findOrFail($validated['id']);
+
+        $this->authorize('update', $item);
+
+        $logaction = new Actionlog;
+        $logaction->item_id = $item->id;
+        $logaction->item_type = get_class($item);
+        $logaction->note = $validated['note'];
+        $logaction->created_by = Auth::id();
+        $logaction->logaction('note added');
+
+        return redirect()
+            ->route('hardware.show', $validated['id'])
+            ->withFragment('history')
+            ->with('success', trans('general.note_added'));
+    }
+}

app/Http/Controllers/ProfileController.php

@@ -99,9 +99,13 @@ class ProfileController extends Controller
      * User change email page.
      *
      */
-    public function password() : View
+    public function password() : View | RedirectResponse
     {
+
         $user = auth()->user();
+        if ($user->ldap_import=='1') {
+            return redirect()->route('account')->with('error', trans('admin/users/message.error.password_ldap'));
+        }
         return view('account/change-password', compact('user'));
     }
 
@@ -116,7 +120,7 @@ class ProfileController extends Controller
 
         $user = auth()->user();
         if ($user->ldap_import == '1') {
-            return redirect()->route('account.password.index')->with('error', trans('admin/users/message.error.password_ldap'));
+            return redirect()->route('account')->with('error', trans('admin/users/message.error.password_ldap'));
         }
 
         $rules = [

app/Http/Controllers/ReportTemplatesController.php

@@ -0,0 +1,80 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Models\CustomField;
+use App\Models\ReportTemplate;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;
+use Illuminate\Support\Arr;
+
+class ReportTemplatesController extends Controller
+{
+    public function store(Request $request): RedirectResponse
+    {
+        $this->authorize('reports.view');
+
+        // Ignore "options" rules since data does not come in under that key...
+        $validated = $request->validate(Arr::except((new ReportTemplate)->getRules(), 'options'));
+
+        $report = $request->user()->reportTemplates()->create([
+            'name' => $validated['name'],
+            'options' => $request->except(['_token', 'name']),
+        ]);
+
+        session()->flash('success', trans('admin/reports/message.create.success'));
+
+        return redirect()->route('report-templates.show', $report->id);
+    }
+
+    public function show(ReportTemplate $reportTemplate)
+    {
+        $this->authorize('reports.view');
+
+        $customfields = CustomField::get();
+        $report_templates = ReportTemplate::orderBy('name')->get();
+
+        return view('reports/custom', [
+            'customfields' => $customfields,
+            'report_templates' => $report_templates,
+            'template' => $reportTemplate,
+        ]);
+    }
+
+    public function edit(ReportTemplate $reportTemplate)
+    {
+        $this->authorize('reports.view');
+
+        return view('reports/custom', [
+            'customfields' => CustomField::get(),
+            'template' => $reportTemplate,
+        ]);
+    }
+
+    public function update(Request $request, ReportTemplate $reportTemplate): RedirectResponse
+    {
+        $this->authorize('reports.view');
+
+        // Ignore "options" rules since data does not come in under that key...
+        $validated = $request->validate(Arr::except((new ReportTemplate)->getRules(), 'options'));
+
+        $reportTemplate->update([
+            'name' => $validated['name'],
+            'options' => $request->except(['_token', 'name']),
+        ]);
+
+        session()->flash('success', trans('admin/reports/message.update.success'));
+
+        return redirect()->route('report-templates.show', $reportTemplate->id);
+    }
+
+    public function destroy(ReportTemplate $reportTemplate): RedirectResponse
+    {
+        $this->authorize('reports.view');
+
+        $reportTemplate->delete();
+
+        return redirect()->route('reports/custom')
+            ->with('success', trans('admin/reports/message.delete.success'));
+    }
+}

app/Http/Controllers/ReportsController.php

@@ -3,6 +3,7 @@
 namespace App\Http\Controllers;
 
 use App\Helpers\Helper;
+use App\Mail\CheckoutAssetMail;
 use App\Models\Accessory;
 use App\Models\Actionlog;
 use App\Models\Asset;
@@ -10,14 +11,18 @@ use App\Models\AssetModel;
 use App\Models\Category;
 use App\Models\AssetMaintenance;
 use App\Models\CheckoutAcceptance;
+use App\Models\Company;
 use App\Models\CustomField;
 use App\Models\Depreciation;
 use App\Models\License;
+use App\Models\ReportTemplate;
 use App\Models\Setting;
 use App\Notifications\CheckoutAssetNotification;
 use Carbon\Carbon;
+use Illuminate\Database\Eloquent\Relations\MorphTo;
 use Illuminate\Http\Request;
 use Illuminate\Http\Response;
+use Illuminate\Support\Facades\Mail;
 use Illuminate\Support\Facades\Notification;
 use \Illuminate\Contracts\View\View;
 use League\Csv\Reader;
@@ -259,9 +264,9 @@ class ReportsController extends Controller
             $executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
             Log::debug('Added headers: '.$executionTime);
 
-            $actionlogs = Actionlog::with('item', 'user', 'target', 'location')
+            $actionlogs = Actionlog::with('item', 'user', 'target', 'location', 'adminuser')
                 ->orderBy('created_at', 'DESC')
-                ->chunk(20, function ($actionlogs) use ($handle) {
+                ->chunk(500, function ($actionlogs) use ($handle) {
                     $executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
                 Log::debug('Walking results: '.$executionTime);
                 $count = 0;
@@ -286,7 +291,7 @@ class ReportsController extends Controller
 
                     $row = [
                         $actionlog->created_at,
-                        ($actionlog->admin) ? e($actionlog->admin->getFullNameAttribute()) : '',
+                        ($actionlog->adminuser) ? e($actionlog->adminuser->getFullNameAttribute()) : '',
                         $actionlog->present()->actionType(),
                         e($actionlog->itemType()),
                         ($actionlog->itemType() == 'user') ? $actionlog->filename : $item_name,
@@ -392,12 +397,27 @@ class ReportsController extends Controller
     * @see ReportsController::postCustomReport() method that generates the CSV
     * @since [v1.0]
     */
-    public function getCustomReport() : View
+    public function getCustomReport(Request $request) : View
     {
         $this->authorize('reports.view');
         $customfields = CustomField::get();
+        $report_templates = ReportTemplate::orderBy('name')->get();
 
-        return view('reports/custom')->with('customfields', $customfields);
+        // The view needs a template to render correctly, even if it is empty...
+        $template = new ReportTemplate;
+
+        // Set the report's input values in the cases we were redirected back
+        // with validation errors so the report is populated as expected.
+        if ($request->old()) {
+            $template->name = $request->old('name');
+            $template->options = $request->old();
+        }
+
+        return view('reports/custom', [
+            'customfields' => $customfields,
+            'report_templates' => $report_templates,
+            'template' => $template,
+        ]);
     }
 
     /**
@@ -728,7 +748,7 @@ class ReportsController extends Controller
             }
 
             Log::debug($assets->toSql());
-            $assets->orderBy('assets.id', 'ASC')->chunk(20, function ($assets) use ($handle, $customfields, $request) {
+            $assets->orderBy('assets.id', 'ASC')->chunk(500, function ($assets) use ($handle, $customfields, $request) {
             
                 $executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
                 Log::debug('Walking results: '.$executionTime);
@@ -1091,28 +1111,31 @@ class ReportsController extends Controller
         $this->authorize('reports.view');
         $showDeleted = $deleted == 'deleted';
 
-        /**
-         * Get all assets with pending checkout acceptances
-         */
-        if($showDeleted) {
-            $acceptances = CheckoutAcceptance::pending()->where('checkoutable_type', 'App\Models\Asset')->withTrashed()->with(['assignedTo' , 'checkoutable.assignedTo', 'checkoutable.model'])->get();
-        } else {
-            $acceptances = CheckoutAcceptance::pending()->where('checkoutable_type', 'App\Models\Asset')->with(['assignedTo' => function ($query) {
-                $query->withTrashed();
-            }, 'checkoutable.assignedTo', 'checkoutable.model'])->get();
+        $query = CheckoutAcceptance::pending()
+            ->where('checkoutable_type', 'App\Models\Asset')
+            ->with([
+                'checkoutable' => function (MorphTo $query) {
+                    $query->morphWith([
+                        AssetModel::class => ['model'],
+                        Company::class => ['company'],
+                        Asset::class => ['assignedTo'],
+                    ])->with('model.category');
+                },
+                'assignedTo' => function($query){
+                         $query->withTrashed();
+                    }
+            ]);
+
+        if ($showDeleted) {
+            $query->withTrashed();
         }
 
-        $assetsForReport = $acceptances
-            ->filter(function ($acceptance) {
-                $acceptance_checkoutable_flag = false;
-                if ($acceptance->checkoutable){
-                    $acceptance_checkoutable_flag = $acceptance->checkoutable->checkedOutToUser();
-                }
-                
-                return $acceptance->checkoutable_type == 'App\Models\Asset' && $acceptance_checkoutable_flag;
-            })
-            ->map(function($acceptance) {
-                return ['assetItem' => $acceptance->checkoutable, 'acceptance' => $acceptance];
+        $assetsForReport = $query->get()
+                ->map(function ($acceptance) {
+                    return [
+                        'assetItem' => $acceptance->checkoutable,
+                        'acceptance' => $acceptance,
+                    ];
             });
 
         return view('reports/unaccepted_assets', compact('assetsForReport','showDeleted' ));
@@ -1150,24 +1173,17 @@ class ReportsController extends Controller
             }
             $logItem = $logItem_res[0];
         }
-
+        $email = $assetItem->assignedTo?->email;
+        $locale = $assetItem->assignedTo?->locale;
         // Only send notification if assigned
-        if ($assetItem->assignedTo) {
+        if ($locale && $email) {
+            Mail::to($email)->send((new CheckoutAssetMail($assetItem, $assetItem->assignedTo, $logItem->user, $acceptance, $logItem->note))->locale($locale));
 
-            if (!$assetItem->assignedTo->locale) {
-                Notification::locale(Setting::getSettings()->locale)->send(
-                    $assetItem->assignedTo,
-                    new CheckoutAssetNotification($assetItem, $assetItem->assignedTo, $logItem->user, $acceptance, $logItem->note)
-                );
-            } else {
-                Notification::send(
-                    $assetItem->assignedTo,
-                    new CheckoutAssetNotification($assetItem, $assetItem->assignedTo, $logItem->user, $acceptance, $logItem->note)
-                );
+            } elseif ($email) {
+            Mail::to($email)->send((new CheckoutAssetMail($assetItem, $assetItem->assignedTo, $logItem->user, $acceptance, $logItem->note)));
             }
-        }
 
-        if ($assetItem->assignedTo->email == ''){
+        if ($email == ''){
             return redirect()->route('reports/unaccepted_assets')->with('error', trans('general.no_email'));
         }
 

app/Http/Controllers/SettingsController.php

@@ -192,6 +192,7 @@ class SettingsController extends Controller
         $settings->next_auto_tag_base = 1;
         $settings->auto_increment_assets = $request->input('auto_increment_assets', 0);
         $settings->auto_increment_prefix = $request->input('auto_increment_prefix');
+        $settings->zerofill_count = $request->input('zerofill_count') ?: 0;
 
         if ((! $user->isValid()) || (! $settings->isValid())) {
             return redirect()->back()->withInput()->withErrors($user->getErrors())->withErrors($settings->getErrors());
@@ -255,7 +256,7 @@ class SettingsController extends Controller
         Artisan::call('migrate', ['--force' => true]);
         if ((! file_exists(storage_path().'/oauth-private.key')) || (! file_exists(storage_path().'/oauth-public.key'))) {
             Artisan::call('migrate', ['--path' => 'vendor/laravel/passport/database/migrations', '--force' => true]);
-            Artisan::call('passport:install');
+            Artisan::call('passport:install', ['--no-interaction' => true]);
         }
 
         return view('setup/migrate')
@@ -334,6 +335,8 @@ class SettingsController extends Controller
         $setting->depreciation_method = $request->input('depreciation_method');
         $setting->dash_chart_type = $request->input('dash_chart_type');
         $setting->profile_edit = $request->input('profile_edit', 0);
+        $setting->require_checkinout_notes = $request->input('require_checkinout_notes', 0);
+
 
         if ($request->input('per_page') != '') {
             $setting->per_page = $request->input('per_page');
@@ -693,48 +696,6 @@ class SettingsController extends Controller
         return redirect()->back()->withInput()->withErrors($setting->getErrors());
     }
 
-    /**
-     * Return a form to allow a super admin to update settings.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     *
-     * @since [v1.0]
-     */
-    public function getBarcodes() : View
-    {
-        $setting = Setting::getSettings();
-        $is_gd_installed = extension_loaded('gd');
-
-        return view('settings.barcodes', compact('setting'))->with('is_gd_installed', $is_gd_installed);
-    }
-
-    /**
-     * Saves settings from form.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     *
-     * @since [v1.0]
-     */
-    public function postBarcodes(Request $request) : RedirectResponse
-    {
-        if (is_null($setting = Setting::getSettings())) {
-            return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
-        }
-
-        $setting->qr_code = $request->input('qr_code', '0');
-        $setting->alt_barcode = $request->input('alt_barcode');
-        $setting->alt_barcode_enabled = $request->input('alt_barcode_enabled', '0');
-        $setting->barcode_type = $request->input('barcode_type');
-        $setting->qr_text = $request->input('qr_text');
-
-        if ($setting->save()) {
-            return redirect()->route('settings.index')
-                ->with('success', trans('admin/settings/message.update.success'));
-        }
-
-        return redirect()->back()->withInput()->withErrors($setting->getErrors());
-    }
-
     /**
      * Return a form to allow a super admin to update settings.
      *
@@ -760,8 +721,11 @@ class SettingsController extends Controller
      */
     public function getLabels() : View
     {
+        $is_gd_installed = extension_loaded('gd');
+
         return view('settings.labels')
             ->with('setting', Setting::getSettings())
+            ->with('is_gd_installed', $is_gd_installed)
             ->with('customFields', CustomField::where('field_encrypted', '=', 0)->get());
     }
 
@@ -797,9 +761,13 @@ class SettingsController extends Controller
         $setting->labels_pagewidth = $request->input('labels_pagewidth');
         $setting->labels_pageheight = $request->input('labels_pageheight');
         $setting->labels_display_company_name = $request->input('labels_display_company_name', '0');
-        $setting->labels_display_company_name = $request->input('labels_display_company_name', '0');
-
 
+        //Barcodes
+        $setting->qr_code = $request->input('qr_code', '0');
+        //1D-Barcode
+        $setting->alt_barcode_enabled = $request->input('alt_barcode_enabled', '0');
+        //QR-Code
+        $setting->qr_text = $request->input('qr_text');
 
         if ($request->filled('labels_display_name')) {
             $setting->labels_display_name = 1;
@@ -832,6 +800,7 @@ class SettingsController extends Controller
         }
 
         if ($setting->save()) {
+
             return redirect()->route('settings.labels.index')
                 ->with('success', trans('admin/settings/message.update.success'));
         }
@@ -901,7 +870,6 @@ class SettingsController extends Controller
         }
 
         if ($setting->save()) {
-            $setting->update_client_side_cert_files();
             return redirect()->route('settings.ldap.index')
                 ->with('success', trans('admin/settings/message.update.success'));
         }

app/Http/Controllers/StatuslabelsController.php

@@ -26,14 +26,10 @@ class StatuslabelsController extends Controller
         return view('statuslabels.index');
     }
 
-    public function show($id) : View | RedirectResponse
+    public function show(Statuslabel $statuslabel) : View | RedirectResponse
     {
         $this->authorize('view', Statuslabel::class);
-        if ($statuslabel = Statuslabel::find($id)) {
-            return view('statuslabels.view')->with('statuslabel', $statuslabel);
-        }
-
-        return redirect()->route('statuslabels.index')->with('error', trans('admin/statuslabels/message.does_not_exist'));
+        return view('statuslabels.view')->with('statuslabel', $statuslabel);
     }
 
     /**
@@ -91,20 +87,15 @@ class StatuslabelsController extends Controller
      *
      * @param  int $statuslabelId
      */
-    public function edit($statuslabelId = null) : View | RedirectResponse
+    public function edit(Statuslabel $statuslabel) : View | RedirectResponse
     {
         $this->authorize('update', Statuslabel::class);
-        // Check if the Statuslabel exists
-        if (is_null($item = Statuslabel::find($statuslabelId))) {
-            // Redirect to the blogs management page
-            return redirect()->route('statuslabels.index')->with('error', trans('admin/statuslabels/message.does_not_exist'));
-        }
-
-        $use_statuslabel_type = $item->getStatuslabelType();
 
         $statuslabel_types = ['' => trans('admin/hardware/form.select_statustype')] + ['undeployable' => trans('admin/hardware/general.undeployable')] + ['pending' => trans('admin/hardware/general.pending')] + ['archived' => trans('admin/hardware/general.archived')] + ['deployable' => trans('admin/hardware/general.deployable')];
 
-        return view('statuslabels/edit', compact('item', 'statuslabel_types'))->with('use_statuslabel_type', $use_statuslabel_type);
+        return view('statuslabels/edit', compact('statuslabel_types'))
+            ->with('item', $statuslabel)
+            ->with('use_statuslabel_type', $statuslabel);
     }
 
     /**
@@ -112,14 +103,9 @@ class StatuslabelsController extends Controller
      *
      * @param  int $statuslabelId
      */
-    public function update(Request $request, $statuslabelId = null) : RedirectResponse
+    public function update(Request $request, Statuslabel $statuslabel) : RedirectResponse
     {
         $this->authorize('update', Statuslabel::class);
-        // Check if the Statuslabel exists
-        if (is_null($statuslabel = Statuslabel::find($statuslabelId))) {
-            // Redirect to the blogs management page
-            return redirect()->route('statuslabels.index')->with('error', trans('admin/statuslabels/message.does_not_exist'));
-        }
 
         if (! $request->filled('statuslabel_types')) {
             return redirect()->back()->withInput()->withErrors(['statuslabel_types' => trans('validation.statuslabel_type')]);

app/Http/Controllers/SuppliersController.php

@@ -77,17 +77,10 @@ class SuppliersController extends Controller
      *
      * @param  int $supplierId
      */
-    public function edit($supplierId = null) : View | RedirectResponse
+    public function edit(Supplier $supplier) : View | RedirectResponse
     {
         $this->authorize('update', Supplier::class);
-        // Check if the supplier exists
-        if (is_null($item = Supplier::find($supplierId))) {
-            // Redirect to the supplier  page
-            return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.does_not_exist'));
-        }
-
-        // Show the page
-        return view('suppliers/edit', compact('item'));
+        return view('suppliers/edit')->with('item',  $supplier);
     }
 
     /**
@@ -95,14 +88,9 @@ class SuppliersController extends Controller
      *
      * @param  int $supplierId
      */
-    public function update($supplierId, ImageUploadRequest $request) : RedirectResponse
+    public function update(ImageUploadRequest $request, Supplier $supplier) : RedirectResponse
     {
         $this->authorize('update', Supplier::class);
-
-        if (is_null($supplier = Supplier::find($supplierId))) {
-            return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.does_not_exist'));
-        }
-
         // Save the  data
         $supplier->name = request('name');
         $supplier->address = request('address');
@@ -163,15 +151,10 @@ class SuppliersController extends Controller
      * @param null $supplierId
      * @internal param int $assetId
      */
-    public function show($supplierId = null) : View | RedirectResponse
+    public function show(Supplier $supplier) : View | RedirectResponse
     {
         $this->authorize('view', Supplier::class);
-        $supplier = Supplier::find($supplierId);
+        return view('suppliers/view', compact('supplier'));
 
-        if (isset($supplier->id)) {
-            return view('suppliers/view', compact('supplier'));
-        }
-
-        return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.does_not_exist'));
     }
 }

app/Http/Controllers/Users/BulkUsersController.php

@@ -15,6 +15,7 @@ use App\Models\ConsumableAssignment;
 use App\Models\Consumable;
 use App\Models\Setting;
 use App\Models\User;
+use App\Notifications\CurrentInventory;
 use Carbon\Carbon;
 use Illuminate\Http\Request;
 use Illuminate\Support\Collection;
@@ -52,6 +53,28 @@ class BulkUsersController extends Controller
                 return view('users/bulk-edit', compact('users'))
                     ->with('groups', Group::pluck('name', 'id'));
 
+            // bulk send assigned inventory
+            } elseif ($request->input('bulk_actions') == 'send_assigned') {
+                    $this->authorize('update', User::class);
+
+                $users_without_email = 0;
+                foreach ($users as $user) {
+                    if (empty($user->email)) {
+                        $users_without_email++;
+                    } else {
+                        $user->notify((new CurrentInventory($user)));
+                    }
+                }
+
+                if ($users_without_email == 0) {
+                    return redirect()->back()->with('success', trans_choice('admin/users/general.users_notified', $users->count()));
+                } else {
+                    return redirect()->back()->with('warning', trans_choice('admin/users/general.users_notified_warning', $users->count(), ['no_email' => $users_without_email]));
+                }
+
+
+
+
             // bulk delete, display the bulk delete confirmation form
             } elseif ($request->input('bulk_actions') == 'delete') {
                 $this->authorize('delete', User::class);
@@ -70,7 +93,7 @@ class BulkUsersController extends Controller
             // bulk password reset, just do the thing
             } elseif ($request->input('bulk_actions') == 'bulkpasswordreset') {
                 foreach ($users as $user) {
-                    if (($user->activated == '1') && ($user->email != '')) {
+                    if (($user->activated == '1') && ($user->email != '') && ($user->ldap_import != '1')) {
                         $credentials = ['email' => $user->email];
                         Password::sendResetLink($credentials/* , function (Message $message) {
                         $message->subject($this->getEmailSubject()); // TODO - I'm not sure if we still need this, but this second parameter is no longer accepted in later Laravel versions.
@@ -323,7 +346,7 @@ class BulkUsersController extends Controller
             $logAction->item_type = $itemType;
             $logAction->target_id = $item->assigned_to;
             $logAction->target_type = User::class;
-            $logAction->created_at = auth()->id();
+            $logAction->created_by = auth()->id();
             $logAction->note = 'Bulk checkin items';
             $logAction->logaction('checkin from');
         }

app/Http/Controllers/Users/UserFilesController.php

@@ -22,43 +22,34 @@ class UserFilesController extends Controller
      *@author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v1.6]
      */
-    public function store(UploadFileRequest $request, $userId = null)
+    public function store(UploadFileRequest $request, User $user)
     {
-        $user = User::find($userId);
-        $destinationPath = config('app.private_uploads').'/users';
+        $this->authorize('update', $user);
+        $files = $request->file('file');
 
-        if (isset($user->id)) {
-            $this->authorize('update', $user);
-
-            $logActions = [];
-            $files = $request->file('file');
-
-            if (is_null($files)) {
-                return redirect()->back()->with('error', trans('admin/users/message.upload.nofiles'));
-            }
-            foreach ($files as $file) {
-                $file_name = $request->handleFile('private_uploads/users/', 'user-'.$user->id, $file);
-
-                //Log the uploaded file to the log
-                $logAction = new Actionlog();
-                $logAction->item_id = $user->id;
-                $logAction->item_type = User::class;
-                $logAction->created_by = auth()->id();
-                $logAction->note = $request->input('notes');
-                $logAction->target_id = null;
-                $logAction->created_at = date("Y-m-d H:i:s");
-                $logAction->filename = $file_name;
-                $logAction->action_type = 'uploaded';
-
-                if (! $logAction->save()) {
-                    return JsonResponse::create(['error' => 'Failed validation: '.print_r($logAction->getErrors(), true)], 500);
-                }
-                $logActions[] = $logAction;
-            }
-            // dd($logActions);
-            return redirect()->back()->with('success', trans('admin/users/message.upload.success'));
+        if (is_null($files)) {
+            return redirect()->back()->with('error', trans('admin/users/message.upload.nofiles'));
+        }
+        foreach ($files as $file) {
+            $file_name = $request->handleFile('private_uploads/users/', 'user-'.$user->id, $file);
+
+            //Log the uploaded file to the log
+            $logAction = new Actionlog();
+            $logAction->item_id = $user->id;
+            $logAction->item_type = User::class;
+            $logAction->created_by = auth()->id();
+            $logAction->note = $request->input('notes');
+            $logAction->target_id = null;
+            $logAction->created_at = date("Y-m-d H:i:s");
+            $logAction->filename = $file_name;
+            $logAction->action_type = 'uploaded';
+
+            if (! $logAction->save()) {
+                return JsonResponse::create(['error' => 'Failed validation: '.print_r($logAction->getErrors(), true)], 500);
+            }
+
+        return redirect()->back()->withFragment('files')->with('success', trans('admin/users/message.upload.success'));
         }
-        return redirect()->back()->with('error', trans('admin/users/message.upload.nofiles'));
 
 
     }
@@ -87,7 +78,7 @@ class UserFilesController extends Controller
                 
                 if (Storage::exists($rel_path.'/'.$filename)) {
                     Storage::delete($rel_path.'/'.$filename);
-                    return redirect()->back()->with('success', trans('admin/users/message.deletefile.success'));
+                    return redirect()->back()->withFragment('files')->with('success', trans('admin/users/message.deletefile.success'));
                 }
 
             }
@@ -110,7 +101,7 @@ class UserFilesController extends Controller
      * @return mixed
      * @throws \Illuminate\Auth\Access\AuthorizationException
      */
-    public function show($userId = null, $fileId = null)
+    public function show(User $user, $fileId = null)
     {
 
 
@@ -118,29 +109,21 @@ class UserFilesController extends Controller
             return redirect()->route('users.show')->with('error', 'Invalid file request');
         }
 
-        if ($user = User::find($userId)) {
-
             $this->authorize('view', $user);
 
-            if ($log = Actionlog::whereNotNull('filename')->where('item_id', $user->id)->find($fileId)) {
-                $file = 'private_uploads/users/'.$log->filename;
+        if ($log = Actionlog::whereNotNull('filename')->where('item_id', $user->id)->find($fileId)) {
+            $file = 'private_uploads/users/'.$log->filename;
 
-                try {
-                    return StorageHelper::showOrDownloadFile($file, $log->filename);
-                } catch (\Exception $e) {
-                    return redirect()->route('users.show', ['user' => $user])->with('error',  trans('general.file_not_found'));
-                }
+            try {
+                return StorageHelper::showOrDownloadFile($file, $log->filename);
+            } catch (\Exception $e) {
+                return redirect()->route('users.show', ['user' => $user])->with('error',  trans('general.file_not_found'));
             }
-
-            // The log record doesn't exist somehow
-            return redirect()->route('users.show', ['user' => $user])->with('error',  trans('general.log_record_not_found'));
-
-
-            return redirect()->back()->with('error',  trans('general.file_not_found'));
         }
 
-        // Redirect to the user management page if the user doesn't exist
-        return redirect()->route('users.index')->with('error',  trans('admin/users/message.user_not_found', ['id' => $userId]));
+        // The log record doesn't exist somehow
+        return redirect()->route('users.show', ['user' => $user])->with('error',  trans('general.log_record_not_found'));
+
     }
 
 }

app/Http/Controllers/Users/UsersController.php

@@ -182,11 +182,11 @@ class UsersController extends Controller
      * @internal param int $id
      * @throws \Illuminate\Auth\Access\AuthorizationException
      */
-    public function edit($id)
+    public function edit(User $user)
     {
 
         $this->authorize('update', User::class);
-        $user = User::with(['assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc'])->withTrashed()->find($id);
+        $user = User::with(['assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc'])->withTrashed()->find($user->id);
 
         if ($user) {
 
@@ -198,7 +198,7 @@ class UsersController extends Controller
             $userPermissions = Helper::selectedPermissionsArray($permissions, $user->permissions);
             $permissions = $this->filterDisplayable($permissions);
 
-            return view('users/edit', compact('user', 'groups', 'userGroups', 'permissions', 'userPermissions'))->with('item', $user);
+            return view('users/edit', compact('user', 'groups', 'userGroups', 'permissions', 'userPermissions'));
         }
 
         return redirect()->route('users.index')->with('error', trans('admin/users/message.user_not_found', compact('id')));
@@ -324,7 +324,7 @@ class UsersController extends Controller
      * @return \Illuminate\Http\RedirectResponse
      * @throws \Illuminate\Auth\Access\AuthorizationException
      */
-    public function destroy(DeleteUserRequest $request, $id = null)
+    public function destroy(DeleteUserRequest $request, $id)
     {
         $this->authorize('delete', User::class);
 
@@ -333,13 +333,6 @@ class UsersController extends Controller
             $this->authorize('delete', $user);
 
             if ($user->delete()) {
-                if (Storage::disk('public')->exists('avatars/' . $user->avatar)) {
-                    try {
-                        Storage::disk('public')->delete('avatars/' . $user->avatar);
-                    } catch (\Exception $e) {
-                        Log::debug($e);
-                    }
-                }
                 return redirect()->route('users.index')->with('success', trans('admin/users/message.success.delete'));
             }
         }
@@ -398,23 +391,18 @@ class UsersController extends Controller
      * @return \Illuminate\Contracts\View\View
      * @throws \Illuminate\Auth\Access\AuthorizationException
      */
-    public function show($userId = null)
+    public function show(User $user)
     {
         // Make sure the user can view users at all
         $this->authorize('view', User::class);
 
-        $user = User::with('assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc')->withTrashed()->find($userId);
+        $user = User::with('assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc')->withTrashed()->find($user->id);
 
         // Make sure they can view this particular user
         $this->authorize('view', $user);
 
-        if ($user) {
             $userlog = $user->userlog->load('item');
             return view('users/view', compact('user', 'userlog'))->with('settings', Setting::getSettings());
-        }
-
-        return redirect()->route('users.index')->with('error', trans('admin/users/message.user_not_found', ['id' => $userId]));
-
     }
 
 
@@ -428,7 +416,7 @@ class UsersController extends Controller
      * @return \Illuminate\Contracts\View\View
      * @throws \Illuminate\Auth\Access\AuthorizationException
      */
-    public function getClone(Request $request, $id = null)
+    public function getClone(Request $request, User $user)
     {
         $this->authorize('create', User::class);
 
@@ -438,7 +426,7 @@ class UsersController extends Controller
         app('request')->request->set('permissions', $permissions);
 
 
-        $user_to_clone = User::with('assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc')->withTrashed()->find($id);
+        $user_to_clone = User::with('assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc')->withTrashed()->find($user->id);
         // Make sure they can view this particular user
         $this->authorize('view', $user_to_clone);
 

app/Http/Requests/AssetCheckinRequest.php

@@ -21,9 +21,14 @@ class AssetCheckinRequest extends Request
      */
     public function rules()
     {
-        return [
+        $settings = \App\Models\Setting::getSettings();
 
-        ];
+        $rules = [];
+
+            if($settings->require_checkinout_notes) {
+            $rules['note'] = 'string|required';
+        }
+        return $rules;
     }
 
     public function response(array $errors)

app/Http/Requests/AssetCheckoutRequest.php

@@ -21,10 +21,12 @@ class AssetCheckoutRequest extends Request
      */
     public function rules()
     {
+        $settings = \App\Models\Setting::getSettings();
+
         $rules = [
-            'assigned_user'         => 'required_without_all:assigned_asset,assigned_location',
-            'assigned_asset'        => 'required_without_all:assigned_user,assigned_location',
-            'assigned_location'     => 'required_without_all:assigned_user,assigned_asset',
+            'assigned_user' => 'numeric|nullable|required_without_all:assigned_asset,assigned_location',
+            'assigned_asset' => 'numeric|nullable|required_without_all:assigned_user,assigned_location',
+            'assigned_location' => 'numeric|nullable|required_without_all:assigned_user,assigned_asset',
             'status_id'             => 'exists:status_labels,id,deployable,1',
             'checkout_to_type'      => 'required|in:asset,location,user',
             'checkout_at' => [
@@ -35,7 +37,11 @@ class AssetCheckoutRequest extends Request
                 'nullable',
                 'date'
             ],
-        ];
+            ];
+
+            if($settings->require_checkinout_notes) {
+                $rules['note'] = 'required|string';
+            }
 
         return $rules;
     }

app/Http/Requests/DeleteUserRequest.php

@@ -24,7 +24,7 @@ class DeleteUserRequest extends FormRequest
 
     public function prepareForValidation(): void
     {
-        $user_to_delete = User::withTrashed()->find(request()->route('user'));
+        $user_to_delete = User::withTrashed()->with('managesUsers')->find(request()->route('user'));
 
         if ($user_to_delete) {
             $this->merge([
@@ -61,7 +61,8 @@ class DeleteUserRequest extends FormRequest
     public function messages(): array
     {
 
-        $user_to_delete = User::withTrashed()->find(request()->route('user'));
+        $user_to_delete = User::withTrashed()->with('managesUsers')->find(request()->route('user'));
+
         $messages = [];
 
         if ($user_to_delete) {

app/Http/Requests/SettingsSamlRequest.php

@@ -62,7 +62,7 @@ class SettingsSamlRequest extends FormRequest
             $custom_privateKey = '';
             $custom_x509certNew = '';
             if (! empty($this->input('saml_custom_settings'))) {
-                $req_custom_settings = preg_split('/\r\n|\r|\n/', $this->input('saml_custom_settings'));
+                $req_custom_settings = preg_split('/\r\n|\r|\n/', $this->input('saml_custom_settings', ''));
                 $custom_settings = [];
 
                 foreach ($req_custom_settings as $custom_setting) {

app/Http/Requests/StoreLabelSettings.php

@@ -2,8 +2,11 @@
 
 namespace App\Http\Requests;
 
+
+use App\Models\Labels\Label;
 use Illuminate\Foundation\Http\FormRequest;
 use Illuminate\Support\Facades\Gate;
+use Illuminate\Validation\Rule;
 
 class StoreLabelSettings extends FormRequest
 {
@@ -22,6 +25,10 @@ class StoreLabelSettings extends FormRequest
      */
     public function rules(): array
     {
+        $names = Label::find()?->map(function ($label) {
+            return $label->getName();
+        })->values()->toArray();
+
         return [
             'labels_per_page'                     => 'numeric',
             'labels_width'                        => 'numeric',
@@ -36,6 +43,10 @@ class StoreLabelSettings extends FormRequest
             'labels_pagewidth'                    => 'numeric|nullable',
             'labels_pageheight'                   => 'numeric|nullable',
             'qr_text'                             => 'max:31|nullable',
+            'label2_template'                     => [
+                'required',
+                Rule::in($names),
+            ],
         ];
     }
 }

app/Http/Requests/StoreNotificationSettings.php

@@ -26,9 +26,9 @@ class StoreNotificationSettings extends FormRequest
         return [
             'alert_email'                         => 'email_array|nullable',
             'admin_cc_email'                      => 'email_array|nullable',
-            'alert_threshold'                     => 'numeric|nullable|gt:0',
+            'alert_threshold'                     => 'numeric|nullable',
             'alert_interval'                      => 'numeric|nullable|gt:0',
-            'audit_warning_days'                  => 'numeric|nullable|gt:0',
+            'audit_warning_days'                  => 'numeric|nullable',
             'due_checkin_days'                    => 'numeric|nullable|gt:0',
             'audit_interval'                      => 'numeric|nullable|gt:0',
         ];

app/Http/Requests/UploadFileRequest.php

@@ -46,8 +46,6 @@ class UploadFileRequest extends Request
         $extension = $file->getClientOriginalExtension();
         $file_name = $name_prefix.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$file->guessExtension();
 
-
-        Log::debug("Your filetype IS: ".$file->getMimeType());
         // Check for SVG and sanitize it
         if ($file->getMimeType() === 'image/svg+xml') {
             Log::debug('This is an SVG');
@@ -66,7 +64,6 @@ class UploadFileRequest extends Request
 
         } else {
             $put_results = Storage::put($dirname.$file_name, file_get_contents($file));
-            Log::debug("Here are the '$put_results' (should be 0 or 1 or true or false or something?)");
         }
         return $file_name;
     }

app/Http/Transformers/AccessoriesTransformer.php

@@ -69,7 +69,7 @@ class AccessoriesTransformer
         return $array;
     }
 
-    public function transformCheckedoutAccessory($accessory, $accessory_checkouts, $total)
+    public function transformCheckedoutAccessory($accessory_checkouts, $total)
     {
         $array = [];
 
@@ -77,9 +77,13 @@ class AccessoriesTransformer
             $array[] = [
                 'id' => $checkout->id,
                 'assigned_to' => $this->transformAssignedTo($checkout),
-                'checkout_notes' => e($checkout->note),
-                'last_checkout' => Helper::getFormattedDateObject($checkout->created_at, 'datetime'),
-                'available_actions' => ['checkin' => true],
+                'note' => $checkout->note ? e($checkout->note) : null,
+                'created_by' => $checkout->adminuser ? [
+                    'id' => (int) $checkout->adminuser->id,
+                    'name'=> e($checkout->adminuser->present()->fullName),
+                ]: null,
+                'created_at' => Helper::getFormattedDateObject($checkout->created_at, 'datetime'),
+                'available_actions' => Gate::allows('checkout', Accessory::class) ? ['checkin' => true] : ['checkin' => false],
             ];
         }
 
@@ -89,22 +93,11 @@ class AccessoriesTransformer
     public function transformAssignedTo($accessoryCheckout)
     {
         if ($accessoryCheckout->checkedOutToUser()) {
-            return [
-                    'id' => (int) $accessoryCheckout->assigned->id,
-                    'username' => e($accessoryCheckout->assigned->username),
-                    'name' => e($accessoryCheckout->assigned->getFullNameAttribute()),
-                    'first_name'=> e($accessoryCheckout->assigned->first_name),
-                    'last_name'=> ($accessoryCheckout->assigned->last_name) ? e($accessoryCheckout->assigned->last_name) : null,
-                    'email'=> ($accessoryCheckout->assigned->email) ? e($accessoryCheckout->assigned->email) : null,
-                    'employee_number' =>  ($accessoryCheckout->assigned->employee_num) ? e($accessoryCheckout->assigned->employee_num) : null,
-                    'type' => 'user',
-                ];
+            return (new UsersTransformer)->transformUserCompact($accessoryCheckout->assigned);
+        } elseif ($accessoryCheckout->checkedOutToLocation()) {
+            return (new LocationsTransformer())->transformLocationCompact($accessoryCheckout->assigned);
+        } elseif ($accessoryCheckout->checkedOutToAsset()) {
+            return (new AssetsTransformer())->transformAssetCompact($accessoryCheckout->assigned);
         }
-
-        return $accessoryCheckout->assigned ? [
-            'id' => $accessoryCheckout->assigned->id,
-            'name' => e($accessoryCheckout->assigned->display_name),
-            'type' => $accessoryCheckout->assignedType(),
-        ] : null;
     }
 }

app/Http/Transformers/ActionlogsTransformer.php

@@ -140,13 +140,13 @@ class ActionlogsTransformer
             } else {
                 if ($actionlog->item) {
                     if ($actionlog->itemType() == 'asset') {
-                        $file_url = route('show/assetfile', ['assetId' => $actionlog->item->id, 'fileId' => $actionlog->id]);
+                        $file_url = route('show/assetfile', ['asset' => $actionlog->item->id, 'fileId' => $actionlog->id]);
                     } elseif ($actionlog->itemType() == 'accessory') {
                         $file_url = route('show.accessoryfile', ['accessoryId' => $actionlog->item->id, 'fileId' => $actionlog->id]);
                     } elseif ($actionlog->itemType() == 'license') {
                         $file_url = route('show.licensefile', ['licenseId' => $actionlog->item->id, 'fileId' => $actionlog->id]);
                     } elseif ($actionlog->itemType() == 'user') {
-                        $file_url = route('show/userfile', ['userId' => $actionlog->item->id, 'fileId' => $actionlog->id]);
+                        $file_url = route('show/userfile', ['user' => $actionlog->item->id, 'fileId' => $actionlog->id]);
                     }
                 }
             }

app/Http/Transformers/AssetMaintenancesTransformer.php

@@ -29,14 +29,15 @@ class AssetMaintenancesTransformer
                 'name'=> ($assetmaintenance->asset->name) ? e($assetmaintenance->asset->name) : null,
                 'asset_tag'=> e($assetmaintenance->asset->asset_tag),
                 'serial'=> e($assetmaintenance->asset->serial),
-                'deleted_at'=> e($assetmaintenance->asset->deleted_at),
-                'created_at'=> e($assetmaintenance->asset->created_at),
+                'deleted_at'=> Helper::getFormattedDateObject($assetmaintenance->asset->deleted_at, 'datetime'),
+                'created_at' => Helper::getFormattedDateObject($assetmaintenance->asset->created_at, 'datetime'),
+                'updated_at' => Helper::getFormattedDateObject($assetmaintenance->asset->updated_at, 'datetime'),
             ] : null,
             'model' => (($assetmaintenance->asset) && ($assetmaintenance->asset->model)) ? [
                 'id' => (int) $assetmaintenance->asset->model->id,
                 'name'=> ($assetmaintenance->asset->model->name) ? e($assetmaintenance->asset->model->name).' '.e($assetmaintenance->asset->model->model_number) : null,
             ] : null,
-            'status_label' => ($assetmaintenance->asset->assetstatus) ? [
+            'status_label' => (($assetmaintenance->asset) && ($assetmaintenance->asset->assetstatus)) ? [
                 'id' => (int) $assetmaintenance->asset->assetstatus->id,
                 'name'=> e($assetmaintenance->asset->assetstatus->name),
                 'status_type'=> e($assetmaintenance->asset->assetstatus->getStatuslabelType()),
@@ -79,7 +80,7 @@ class AssetMaintenancesTransformer
         ];
 
         $permissions_array['available_actions'] = [
-            'update' => (Gate::allows('update', Asset::class) && ($assetmaintenance->asset->deleted_at=='')) ? true : false,
+            'update' => (Gate::allows('update', Asset::class) && ((($assetmaintenance->asset) && $assetmaintenance->asset->deleted_at==''))) ? true : false,
             'delete' => Gate::allows('delete', Asset::class),
         ];
 

app/Http/Transformers/AssetModelsTransformer.php

@@ -87,6 +87,41 @@ class AssetModelsTransformer
         return $array;
     }
 
+    public function transformAssetModelFiles($assetmodel, $total)
+    {
+
+        $array = [];
+        foreach ($assetmodel->uploads as $file) {
+            $array[] = self::transformAssetModelFile($file, $assetmodel);
+        }
+
+        return (new DatatablesTransformer)->transformDatatables($array, $total);
+    }
+
+    public function transformAssetModelFile($file, $assetmodel)
+    {
+
+        $array = [
+            'id' => (int) $file->id,
+            'filename' => e($file->filename),
+            'url' => route('show/modelfile', [$assetmodel->id, $file->id]),
+            'created_by' => ($file->adminuser) ? [
+                'id' => (int) $file->adminuser->id,
+                'name'=> e($file->adminuser->present()->fullName),
+            ] : null,
+            'created_at' => Helper::getFormattedDateObject($file->created_at, 'datetime'),
+            'updated_at' => Helper::getFormattedDateObject($file->updated_at, 'datetime'),
+            'deleted_at' => Helper::getFormattedDateObject($file->deleted_at, 'datetime'),
+        ];
+
+        $permissions_array['available_actions'] = [
+            'delete' => (Gate::allows('update', AssetModel::class) && ($assetmodel->deleted_at == '')),
+        ];
+
+        $array += $permissions_array;
+        return $array;
+    }
+
     public function transformAssetModelsDatatable($assetmodels)
     {
         return (new DatatablesTransformer)->transformDatatables($assetmodels);