Changed the method name, since it will return an entire collection

Signed-off-by: snipe <snipe@snipe.net>
Adds the filename for the acceptance PDF to asset payload
2023-01-10 12:18:27 -08:00 · 2023-01-10 12:12:08 -08:00 · 2023-01-10 12:12:04 -08:00
3459 changed files with 26738 additions and 352034 deletions
@@ -2837,166 +2837,6 @@
      "contributions": [
        "code"
      ]
-    },
-    {
-      "login": "AndrewSav",
-      "name": "Andrew Savinykh",
-      "avatar_url": "https://avatars.githubusercontent.com/u/658865?v=4",
-      "profile": "https://github.com/AndrewSav",
-      "contributions": [
-        "code"
-      ]
-    },
-    {
-      "login": "kenchan0130",
-      "name": "Tadayuki Onishi",
-      "avatar_url": "https://avatars.githubusercontent.com/u/1155067?v=4",
-      "profile": "https://kenchan0130.github.io",
-      "contributions": [
-        "code"
-      ]
-    },
-    {
-      "login": "floschoepfer",
-      "name": "Florian",
-      "avatar_url": "https://avatars.githubusercontent.com/u/112496896?v=4",
-      "profile": "https://github.com/floschoepfer",
-      "contributions": [
-        "code"
-      ]
-    },
-    {
-      "login": "spencerrlongg",
-      "name": "Spencer Long",
-      "avatar_url": "https://avatars.githubusercontent.com/u/7305753?v=4",
-      "profile": "http://spencerlong.com",
-      "contributions": [
-        "code"
-      ]
-    },
-    {
-      "login": "marcusmoore",
-      "name": "Marcus Moore",
-      "avatar_url": "https://avatars.githubusercontent.com/u/1141514?v=4",
-      "profile": "https://github.com/marcusmoore",
-      "contributions": [
-        "code"
-      ]
-    },
-    {
-      "login": "Mezzle",
-      "name": "Martin Meredith",
-      "avatar_url": "https://avatars.githubusercontent.com/u/570639?v=4",
-      "profile": "https://github.com/Mezzle",
-      "contributions": []
-    },
-    {
-      "login": "dboth",
-      "name": "dboth",
-      "avatar_url": "https://avatars.githubusercontent.com/u/5731963?v=4",
-      "profile": "http://dboth.de",
-      "contributions": [
-        "code"
-      ]
-    },
-    {
-      "login": "zacharyfleck",
-      "name": "Zachary Fleck",
-      "avatar_url": "https://avatars.githubusercontent.com/u/87536651?v=4",
-      "profile": "https://github.com/zacharyfleck",
-      "contributions": [
-        "code"
-      ]
-    },
-    {
-      "login": "vikaas-cyper",
-      "name": "VIKAAS-A",
-      "avatar_url": "https://avatars.githubusercontent.com/u/74609912?v=4",
-      "profile": "https://github.com/vikaas-cyper",
-      "contributions": [
-        "code"
-      ]
-    },
-    {
-      "login": "ak-piracha",
-      "name": "Abdul Kareem",
-      "avatar_url": "https://avatars.githubusercontent.com/u/88882041?v=4",
-      "profile": "https://github.com/ak-piracha",
-      "contributions": [
-        "code"
-      ]
-    },
-    {
-      "login": "NojoudAlshehri",
-      "name": "NojoudAlshehri",
-      "avatar_url": "https://avatars.githubusercontent.com/u/111287779?v=4",
-      "profile": "https://github.com/NojoudAlshehri",
-      "contributions": [
-        "code"
-      ]
-    },
-    {
-      "login": "stefanstidlffg",
-      "name": "Stefan Stidl",
-      "avatar_url": "https://avatars.githubusercontent.com/u/54367449?v=4",
-      "profile": "https://github.com/stefanstidlffg",
-      "contributions": [
-        "code"
-      ]
-    },
-    {
-      "login": "qay21",
-      "name": "Quentin Aymard",
-      "avatar_url": "https://avatars.githubusercontent.com/u/87803479?v=4",
-      "profile": "https://github.com/qay21",
-      "contributions": [
-        "code"
-      ]
-    },
-    {
-      "login": "cram42",
-      "name": "Grant Le Roux",
-      "avatar_url": "https://avatars.githubusercontent.com/u/5396871?v=4",
-      "profile": "https://github.com/cram42",
-      "contributions": [
-        "code"
-      ]
-    },
-    {
-      "login": "Singrity",
-      "name": "Bogdan",
-      "avatar_url": "https://avatars.githubusercontent.com/u/58479551?v=4",
-      "profile": "http://@singrity",
-      "contributions": [
-        "code"
-      ]
-    },
-    {
-      "login": "mmanjos",
-      "name": "mmanjos",
-      "avatar_url": "https://avatars.githubusercontent.com/u/3483684?v=4",
-      "profile": "https://github.com/mmanjos",
-      "contributions": [
-        "code"
-      ]
-    },
-    {
-      "login": "Azooz2014",
-      "name": "Abdelaziz Faki",
-      "avatar_url": "https://avatars.githubusercontent.com/u/7429229?v=4",
-      "profile": "https://azooz2014.github.io/",
-      "contributions": [
-        "code"
-      ]
-    },
-    {
-      "login": "bilias",
-      "name": "bilias",
-      "avatar_url": "https://avatars.githubusercontent.com/u/47315739?v=4",
-      "profile": "https://github.com/bilias",
-      "contributions": [
-        "code"
-      ]
    }
  ]
 }
@@ -159,7 +159,6 @@ LOG_CHANNEL=stderr
 LOG_MAX_DAYS=10
 APP_LOCKED=false
 APP_CIPHER=AES-256-CBC
-APP_FORCE_TLS=false
 GOOGLE_MAPS_API=
 LDAP_MEM_LIM=500M
 LDAP_TIME_LIM=600
@@ -20,13 +20,13 @@ PUBLIC_FILESYSTEM_DISK=local_public
 # REQUIRED: DATABASE SETTINGS
 # --------------------------------------------
 DB_CONNECTION=mysql
-DB_HOST=127.0.0.1
+DB_HOST=localhost
 DB_PORT=3306
-DB_DATABASE=null
-DB_USERNAME=null
-DB_PASSWORD=null
+DB_DATABASE=snipeit-local
+DB_USERNAME=snipeit-local
+DB_PASSWORD=snipeit-local
 DB_PREFIX=null
-#DB_DUMP_PATH=
+DB_DUMP_PATH='/Applications/MAMP/Library/bin'

 # --------------------------------------------
 # OPTIONAL: SSL DATABASE SETTINGS
@@ -85,7 +85,6 @@ COOKIE_NAME=snipeit_session
 COOKIE_DOMAIN=null
 SECURE_COOKIES=false
 API_TOKEN_EXPIRATION_YEARS=15
-BS_TABLE_STORAGE=cookieStorage

 # --------------------------------------------
 # OPTIONAL: SECURITY HEADER SETTINGS
@@ -127,17 +126,6 @@ PUBLIC_AWS_BUCKET=null
 PUBLIC_AWS_URL=null
 PUBLIC_AWS_BUCKET_ROOT=null

-
-# --------------------------------------------
-# OPTIONAL: Digital Ocean Spaces File Settings
-# --------------------------------------------
-DIGITALOCEAN_SPACES_KEY=null
-DIGITALOCEAN_SPACES_SECRET=null
-DIGITALOCEAN_SPACES_ENDPOINT=https://region.digitaloceanspaces.com
-DIGITALOCEAN_SPACES_REGION=null
-DIGITALOCEAN_SPACES_BUCKET=null
-
-
 # --------------------------------------------
 # OPTIONAL: PRIVATE S3 Settings
 # --------------------------------------------
@@ -160,7 +148,6 @@ AWS_DEFAULT_REGION=null
 # --------------------------------------------
 LOGIN_MAX_ATTEMPTS=5
 LOGIN_LOCKOUT_DURATION=60
-LOGIN_AUTOCOMPLETE=false

 # --------------------------------------------
 # OPTIONAL: FORGOTTEN PASSWORD SETTINGS
@@ -188,15 +175,6 @@ REQUIRE_SAML=false
 API_THROTTLE_PER_MINUTE=120
 CSV_ESCAPE_FORMULAS=true

-# --------------------------------------------
-# OPTIONAL: HASHING
-# --------------------------------------------
-HASHING_DRIVER='bcrypt'
-BCRYPT_ROUNDS=10
-ARGON_MEMORY=1024
-ARGON_THREADS=2
-ARGON_TIME=2
-
 # --------------------------------------------
 # OPTIONAL: SCIM
 # --------------------------------------------
@@ -0,0 +1,75 @@
+# --------------------------------------------
+# REQUIRED: BASIC APP SETTINGS
+# --------------------------------------------
+APP_ENV=testing
+APP_DEBUG=true
+APP_KEY=base64:glJpcM7BYwWiBggp3SQ/+NlRkqsBQMaGEOjemXqJzOU=
+APP_URL=http://localhost:8000
+APP_TIMEZONE='US/Pacific'
+APP_LOCALE=en
+FILESYSTEM_DISK=local
+
+# --------------------------------------------
+# REQUIRED: DATABASE SETTINGS
+# --------------------------------------------
+DB_CONNECTION=sqlite_testing
+DB_HOST=localhost
+DB_PORT=3306
+DB_DATABASE=testing.sqlite
+DB_USERNAME=null
+DB_PASSWORD=null
+
+# --------------------------------------------
+# REQUIRED: OUTGOING MAIL SERVER SETTINGS
+# --------------------------------------------
+MAIL_DRIVER=log
+MAIL_HOST=email-smtp.us-west-2.amazonaws.com
+MAIL_PORT=587
+MAIL_USERNAME=YOURUSERNAME
+MAIL_PASSWORD=YOURPASSWORD
+MAIL_ENCRYPTION=null
+MAIL_FROM_ADDR=you@example.com
+MAIL_FROM_NAME=Snipe-IT
+
+# --------------------------------------------
+# REQUIRED: IMAGE LIBRARY
+# This should be gd or imagick
+# --------------------------------------------
+IMAGE_LIB=gd
+
+
+# --------------------------------------------
+# OPTIONAL: AWS SETTINGS
+# --------------------------------------------
+AWS_SECRET_ACCESS_KEY=null
+AWS_ACCESS_KEY_ID=null
+AWS_DEFAULT_REGION=null
+AWS_BUCKET=null
+AWS_BUCKET_ROOT=null
+AWS_URL=null
+
+
+# --------------------------------------------
+# OPTIONAL: CACHE SETTINGS
+# --------------------------------------------
+CACHE_DRIVER=file
+SESSION_DRIVER=file
+QUEUE_DRIVER=sync
+
+
+# --------------------------------------------
+# OPTIONAL: SESSION SETTINGS
+# --------------------------------------------
+SESSION_LIFETIME=12000
+EXPIRE_ON_CLOSE=false
+ENCRYPT=false
+COOKIE_NAME=snipeittest_session
+COOKIE_DOMAIN=null
+SECURE_COOKIES=false
+
+
+# --------------------------------------------
+# OPTIONAL: APP LOG FORMAT
+# --------------------------------------------
+LOG_CHANNEL=single
+LOG_LEVEL=debug
@@ -1,19 +0,0 @@
-# --------------------------------------------
-# REQUIRED: BASIC APP SETTINGS
-# --------------------------------------------
-APP_ENV=testing
-APP_DEBUG=true
-APP_KEY=base64:glJpcM7BYwWiBggp3SQ/+NlRkqsBQMaGEOjemXqJzOU=
-APP_URL=http://localhost:8000
-APP_TIMEZONE='UTC'
-APP_LOCALE=en
-
-# --------------------------------------------
-# REQUIRED: DATABASE SETTINGS
-# --------------------------------------------
-DB_CONNECTION=mysql
-DB_HOST=127.0.0.1
-DB_PORT=3306
-DB_DATABASE=null
-DB_USERNAME=null
-DB_PASSWORD=null
@@ -2,6 +2,8 @@ name: Feature Request
 description: Suggest an idea for this project
 title: "[Feature Request]: "
 labels: ["feature request"]
+assignees:
+  - snipe
 body:
  - type: textarea
    attributes:
@@ -1,22 +1,18 @@
-frontend: ["*.js", "*.css", "*.vue", "*.scss", "*.less", "*.blade.*", "resources/views/livewire/*"]
+frontend: ["*.js", "*.css", "*.vue", "*.scss", "*.less", "*.blade.*", "*livewire*"]
 skins: ["*.js", "*.css", "*.scss", "*.less"]
 css: ["*.css","*.scss", "*.less"]
-javascript: ["*.js", "package.json", "package.lock"]
-backend: ["/app/*", "composer.json", "composer.lock"]
-translations: ["/resources/lang"]
-livewire: ["/app/Http/Livewire/*", "resources/views/livewire/*"]
+backend: ["/app/*", "*.php"]
 backups: ["*backup*"]
 restore: ["*restore*"]
 saml: ["*saml*"]
 scim: ["*scim*"]
 custom fields: ["*fields*", "*fieldsets*"]
-dependencies: ["composer.json", "composer.lock", "package.json", "package.lock"]
+dependencies: ["composer.json"]
 consumables: ["*consumables*"]
-api: ["/app/Http/Controllers/Api/*"]
+api: ["/app/Http/Controllers/api/*"]
 notifications: ["/app/Notifications/*"]
-importer: ["/app/Importer/*","/app/Http/Livewire/Importer.php", "resources/views/livewire/importer.php"]
+importer: ["/app/Importer/*"]
 cli / artisan: ["/app/Console/*"]
-LDAP: ["*Ldap*", "/app/Console/Commands/Ldap*","/app/Models/Ldap.php"]
+LDAP: ["*LDAP*", "/app/Console/Commands/Ldap*","/app/Models/Ldap.php"]
 docker: ["*docker/*", "Dockerfile", "Dockerfile.alpine", "Dockerfile.fpm-alpine", ".dockerignore", ".env.docker"]
-tests: ["/tests/*", "/database/factories/*", "/stubs"]
 config: .github
@@ -2,6 +2,5 @@ version: 2
 updates:
  - package-ecosystem: "github-actions"
    directory: "/"
-    target-branch: "develop"
    schedule:
      interval: "weekly"
@@ -26,7 +26,7 @@ jobs:
        language: [ 'javascript' ]
    steps:
    - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@v3.3.0

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
@@ -32,11 +32,11 @@ jobs:
    steps:
      # Checkout the repository to the GitHub Actions runner
      - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v3.3.0

      # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
      - name: Run Codacy Analysis CLI
-        uses: codacy/codacy-analysis-cli-action@v4.3.0
+        uses: codacy/codacy-analysis-cli-action@v4.2.0
        with:
          # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
          # You can also omit the token and run the tools that support default configurations
@@ -1,21 +0,0 @@
-name: Crowdin Action
-
-on:
-  push:
-    branches: [ develop ]
-
-jobs:
-  upload-sources-to-crowdin:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Crowdin push
-        uses: crowdin/github-action@v1
-        with:
-          upload_sources: true
-          upload_translations: false
-          download_translations: false
-          project_id: ${{ secrets.CROWDIN_PROJECT_ID }}
-          token: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}
@@ -32,7 +32,6 @@ jobs:
        type=raw,value=latest,enable=${{ endsWith(github.ref, github.event.repository.default_branch) }},suffix=-alpine
        type=ref,event=branch,enable=${{ !endsWith(github.ref, github.event.repository.default_branch) }},suffix=-alpine
        type=ref,event=tag,suffix=-alpine
-        type=semver,pattern=v{{major}}-latest-alpine 
      # Define default tag "flavor" for docker/metadata-action per
      # https://github.com/docker/metadata-action#flavor-input
      # We turn off 'latest' tag by default.
@@ -42,17 +41,17 @@ jobs:
    steps:
      # https://github.com/actions/checkout
      - name: Checkout codebase
-        uses: actions/checkout@v4
+        uses: actions/checkout@v3.3.0

      # https://github.com/docker/setup-buildx-action
      - name: Setup Docker Buildx
-        uses: docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@v2

      # https://github.com/docker/login-action
      - name: Login to DockerHub
        # Only login if not a PR, as PRs only trigger a Docker build and not a push
        if: github.event_name != 'pull_request'
-        uses: docker/login-action@v3
+        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_ACCESS_TOKEN }}
@@ -64,7 +63,7 @@ jobs:
      # Get Metadata for docker_build step below
      - name: Sync metadata (tags, labels) from GitHub to Docker for 'snipe-it' image
        id: meta_build
-        uses: docker/metadata-action@v5
+        uses: docker/metadata-action@v4
        with:
          images: snipe/snipe-it
          tags: ${{ env.IMAGE_TAGS }}
@@ -73,11 +72,11 @@ jobs:
      # https://github.com/docker/build-push-action
      - name: Build and push 'snipe-it' image
        id: docker_build
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v3
        with:
          context: .
          file: ./Dockerfile.alpine
-          platforms: linux/amd64,linux/arm64
+          platforms: linux/amd64
          # For pull requests, we run the Docker build (to ensure no PR changes break the build),
          # but we ONLY do an image push to DockerHub if it's NOT a PR
          push: ${{ github.event_name != 'pull_request' }}
@@ -32,7 +32,6 @@ jobs:
        type=raw,value=latest,enable=${{ endsWith(github.ref, github.event.repository.default_branch) }}
        type=ref,event=branch,enable=${{ !endsWith(github.ref, github.event.repository.default_branch) }}
        type=ref,event=tag
-        type=semver,pattern=v{{major}}-latest 
      # Define default tag "flavor" for docker/metadata-action per
      # https://github.com/docker/metadata-action#flavor-input
      # We turn off 'latest' tag by default.
@@ -42,17 +41,17 @@ jobs:
    steps:
      # https://github.com/actions/checkout
      - name: Checkout codebase
-        uses: actions/checkout@v4
+        uses: actions/checkout@v3.3.0

      # https://github.com/docker/setup-buildx-action
      - name: Setup Docker Buildx
-        uses: docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@v2

      # https://github.com/docker/login-action
      - name: Login to DockerHub
        # Only login if not a PR, as PRs only trigger a Docker build and not a push
        if: github.event_name != 'pull_request'
-        uses: docker/login-action@v3
+        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_ACCESS_TOKEN }}
@@ -64,7 +63,7 @@ jobs:
      # Get Metadata for docker_build step below
      - name: Sync metadata (tags, labels) from GitHub to Docker for 'snipe-it' image
        id: meta_build
-        uses: docker/metadata-action@v5
+        uses: docker/metadata-action@v4
        with:
          images: snipe/snipe-it
          tags: ${{ env.IMAGE_TAGS }}
@@ -73,11 +72,11 @@ jobs:
      # https://github.com/docker/build-push-action
      - name: Build and push 'snipe-it' image
        id: docker_build
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v3
        with:
          context: .
          file: ./Dockerfile
-          platforms: linux/amd64,linux/arm64
+          platforms: linux/amd64
          # For pull requests, we run the Docker build (to ensure no PR changes break the build),
          # but we ONLY do an image push to DockerHub if it's NOT a PR
          push: ${{ github.event_name != 'pull_request' }}
@@ -1,73 +0,0 @@
-name: Tests
-
-on:
-  push:
-    branches:
-      - master
-      - develop
-  pull_request:
-
-jobs:
-  tests:
-    runs-on: ubuntu-latest
-
-    services:
-      mysql:
-        image: mysql:5.7
-        env:
-          MYSQL_ALLOW_EMPTY_PASSWORD: yes
-          MYSQL_DATABASE: snipeit
-        ports:
-          - 33306:3306
-        options: --health-cmd="mysqladmin ping" --health-interval=10s --health-timeout=5s --health-retries=3
-
-    strategy:
-      fail-fast: false
-      matrix:
-        php-version:
-          - "7.4"
-          - "8.0"
-          - "8.1.1"
-
-    name: PHP ${{ matrix.php-version }}
-
-    steps:
-      - uses: shivammathur/setup-php@v2
-        with:
-          php-version: "${{ matrix.php-version }}"
-          coverage: none
-
-      - uses: actions/checkout@v4
-
-      - name: Get Composer Cache Directory
-        id: composer-cache
-        run: |
-          echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
-      - uses: actions/cache@v3
-        with:
-          path: ${{ steps.composer-cache.outputs.dir }}
-          key: ${{ runner.os }}-${{ matrix.php-version }}-composer-${{ hashFiles('**/composer.lock') }}
-          restore-keys: |
-            ${{ runner.os }}-composer-
-
-      - name: Copy .env
-        run: |
-          cp -v .env.testing.example .env
-          cp -v .env.testing.example .env.testing
-
-      - name: Install Dependencies
-        run: composer install -q --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist
-
-      - name: Generate key
-        run: php artisan key:generate
-
-      - name: Directory Permissions
-        run: chmod -R 777 storage bootstrap/cache
-
-      - name: Execute tests (Unit and Feature tests) via PHPUnit
-        env:
-          DB_CONNECTION: mysql
-          DB_DATABASE: snipeit
-          DB_PORT: ${{ job.services.mysql.ports[3306] }}
-          DB_USERNAME: root
-        run: php artisan test --parallel
@@ -1,8 +1,6 @@
 .couscous
 .DS_Store
 .env
-.env.testing
-phpstan.neon
 .idea
 /bin/
 /bootstrap/compiled.php
@@ -1,4 +1,4 @@
-FROM ubuntu:22.04
+FROM ubuntu:20.04
 LABEL maintainer="Brady Wetherington <bwetherington@grokability.com>"

 # No need to add `apt-get clean` here, reference:
@@ -14,16 +14,16 @@ RUN export DEBIAN_FRONTEND=noninteractive; \
 apt-utils \
 apache2 \
 apache2-bin \
-libapache2-mod-php8.1 \
-php8.1-curl \
-php8.1-ldap \
-php8.1-mysql \
-php8.1-gd \
-php8.1-xml \
-php8.1-mbstring \
-php8.1-zip \
-php8.1-bcmath \
-php8.1-redis \
+libapache2-mod-php7.4 \
+php7.4-curl \
+php7.4-ldap \
+php7.4-mysql \
+php7.4-gd \
+php7.4-xml \
+php7.4-mbstring \
+php7.4-zip \
+php7.4-bcmath \
+php7.4-redis \
 php-memcached \
 patch \
 curl \
@@ -38,10 +38,9 @@ gcc \
 make \
 autoconf \
 libc-dev \
-libldap-common \
 pkg-config \
 libmcrypt-dev \
-php8.1-dev \
+php7.4-dev \
 ca-certificates \
 unzip \
 dnsutils \
@@ -51,16 +50,16 @@ dnsutils \
 RUN curl -L -O https://github.com/pear/pearweb_phars/raw/master/go-pear.phar
 RUN php go-pear.phar

-RUN pecl install mcrypt
+RUN pecl install mcrypt-1.0.3

-RUN bash -c "echo extension=/usr/lib/php/20210902/mcrypt.so > /etc/php/8.1/mods-available/mcrypt.ini"
+RUN bash -c "echo extension=/usr/lib/php/20190902/mcrypt.so > /etc/php/7.4/mods-available/mcrypt.ini"

 RUN phpenmod mcrypt
 RUN phpenmod gd
 RUN phpenmod bcmath

-RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/8.1/apache2/php.ini
-RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/8.1/cli/php.ini
+RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/7.4/apache2/php.ini
+RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/7.4/cli/php.ini

 RUN useradd -m --uid 1000 --gid 50 docker

@@ -1,34 +1,34 @@
-FROM alpine:3.17.3
+FROM alpine:3.14.2
 # Apache + PHP
 RUN  apk add --no-cache \
        apache2 \
-        php81 \
-        php81-common \
-        php81-apache2 \
-        php81-curl \
-        php81-ldap \
-        php81-mysqli \
-        php81-gd \
-        php81-xml \
-        php81-mbstring \
-        php81-zip \
-        php81-ctype \
-        php81-tokenizer \
-        php81-pdo_mysql \
-        php81-openssl \
-        php81-bcmath \
-        php81-phar \
-        php81-json \
-        php81-iconv \
-        php81-fileinfo \
-        php81-simplexml \
-        php81-session \
-        php81-dom \
-        php81-xmlwriter \
-        php81-xmlreader \
-        php81-sodium \
-        php81-redis \
-        php81-pecl-memcached \
+        php7 \
+        php7-common \
+        php7-apache2 \
+        php7-curl \
+        php7-ldap \
+        php7-mysqli \
+        php7-gd \
+        php7-xml \
+        php7-mbstring \
+        php7-zip \
+        php7-ctype \
+        php7-tokenizer \
+        php7-pdo_mysql \
+        php7-openssl \
+        php7-bcmath \
+        php7-phar \
+        php7-json \
+        php7-iconv \
+        php7-fileinfo \
+        php7-simplexml \
+        php7-session \
+        php7-dom \
+        php7-xmlwriter \
+        php7-xmlreader \
+        php7-sodium \
+        php7-redis \
+        php7-pecl-memcached \
        curl \
        wget \
        vim \
@@ -41,7 +41,7 @@ COPY docker/column-statistics.cnf /etc/mysql/conf.d/column-statistics.cnf
 # Where apache's PID lives
 RUN mkdir -p /run/apache2 && chown apache:apache /run/apache2

-RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php81/php.ini
+RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php7/php.ini
 COPY  docker/000-default-2.4.conf /etc/apache2/conf.d/default.conf

 # Enable mod_rewrite
@@ -1,8 +1,8 @@
 ARG ENVIRONMENT=production
-ARG SNIPEIT_RELEASE=6.1.0
-ARG PHP_VERSION=8.2
-ARG PHP_ALPINE_VERSION=3.17
-ARG COMPOSER_VERSION=2
+ARG SNIPEIT_RELEASE=5.1.3
+ARG PHP_VERSION=7.4.16
+ARG PHP_ALPINE_VERSION=3.13
+ARG COMPOSER_VERSION=2.0.11

 # Cannot use arguments with 'COPY --from' workaround
 # https://github.com/moby/moby/issues/34482#issuecomment-454716952
@@ -52,7 +52,7 @@ RUN { \

 # Install php extensions inside docker containers easily
 # https://github.com/mlocati/docker-php-extension-installer
-COPY --from=mlocati/php-extension-installer:2.1.15 /usr/bin/install-php-extensions /usr/local/bin/
+COPY --from=mlocati/php-extension-installer:1.2.19 /usr/bin/install-php-extensions /usr/local/bin/
 RUN set -eux; \
    install-php-extensions \
        bcmath \
@@ -1,5 +1,5 @@
-[![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeitapp.svg?style=social)](https://twitter.com/snipeitapp)  [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=snipe/snipe-it&amp;utm_campaign=Badge_Grade)
-[![All Contributors](https://img.shields.io/badge/all_contributors-330-orange.svg?style=flat-square)](#contributors) [![Discord](https://badgen.net/badge/icon/discord?icon=discord&label)](https://discord.gg/yZFtShAcKk) [![huntr](https://cdn.huntr.dev/huntr_security_badge_mono.svg)](https://huntr.dev)
+![Build Status](https://app.chipperci.com/projects/0e5f8979-31eb-4ee6-9abf-050b76ab0383/status/master) [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeitapp.svg?style=social)](https://twitter.com/snipeitapp)  [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=snipe/snipe-it&amp;utm_campaign=Badge_Grade)
+[![All Contributors](https://img.shields.io/badge/all_contributors-312-orange.svg?style=flat-square)](#contributors) [![Discord](https://badgen.net/badge/icon/discord?icon=discord&label)](https://discord.gg/yZFtShAcKk) [![huntr](https://cdn.huntr.dev/huntr_security_badge_mono.svg)](https://huntr.dev)

 ## Snipe-IT - Open Source Asset Management System

@@ -60,17 +60,13 @@ Since the release of the JSON REST API, several third-party developers have been
 - [InQRy -unmaintained-](https://github.com/Microsoft/InQRy) by [@Microsoft](https://github.com/Microsoft)
 - [SnipeitPS](https://github.com/snazy2000/SnipeitPS) by [@snazy2000](https://github.com/snazy2000) - Powershell API Wrapper for Snipe-it
 - [jamf2snipe](https://github.com/grokability/jamf2snipe) - Python script to sync assets between a JAMFPro instance and a Snipe-IT instance
- [jamf-snipe-rename](https://macblog.org/jamf-snipe-rename/) - Python script to rename computers in Jamf from Snipe-IT
 - [Marksman](https://github.com/Scope-IT/marksman) - A Windows agent for Snipe-IT
 - [Snipe-IT plugin for Jira Service Desk](https://marketplace.atlassian.com/apps/1220964/snipe-it-for-jira)
 - [Python 3 CSV importer](https://github.com/gastamper/snipeit-csvimporter) - allows importing assets into Snipe-IT based on Item Name rather than Asset Tag.
 - [Snipe-IT Kubernetes Helm Chart](https://github.com/t3n/helm-charts/tree/master/snipeit) - For more information, [click here](https://hub.helm.sh/charts/t3n/snipeit).
 - [Snipe-IT Bulk Edit](https://github.com/bricelabelle/snipe-it-bulkedit) - Google Script files to use Google Sheets as a bulk checkout/checkin/edit tool for Snipe-it.
- [MosyleSnipeSync](https://github.com/RodneyLeeBrands/MosyleSnipeSync) by [@Karpadiem](https://github.com/Karpadiem) - Python script to synchronize information between Mosyle and Snipe-IT
+- [MosyleSnipeSync](https://github.com/RodneyLeeBrands/MosyleSnipeSync) by [@RodneyLeeBrands](https://github.com/RodneyLeeBrands) - Python script to synchronize information between Mosyle and Snipe-IT
 - [WWW::SnipeIT](https://github.com/SEDC/perl-www-snipeit) by [@SEDC](https://github.com/SEDC) - perl module for accessing the API
- [UniFi to Snipe-IT](https://github.com/RodneyLeeBrands/UnifiSnipeSync) by [@karpadiem](https://github.com/karpadiem) - Python script that synchronizes UniFi devices with Snipe-IT.
- [Kandji2Snipe](https://github.com/grokability/kandji2snipe) by [@briangoldstein](https://github.com/briangoldstein) - Python script that synchronizes Kandji with Snipe-IT.
- [SnipeAgent](https://github.com/ReticentRobot/SnipeAgent) by @ReticentRobot - Windows agent for Snipe-IT
                                                     
 As these were created by third-parties, Snipe-IT cannot provide support for these project, and you should contact the developers directly if you need assistance. Additionally, Snipe-IT makes no guarantees as to the reliability, accuracy or maintainability of these libraries. Use at your own risk. :)

@@ -143,10 +139,7 @@ Thanks goes to all of these wonderful people ([emoji key](https://github.com/ken
 | [<img src="https://avatars.githubusercontent.com/u/97299851?v=4" width="110px;"/><br /><sub>Christian Weirich</sub>](https://github.com/chrisweirich)<br />[💻](https://github.com/snipe/snipe-it/commits?author=chrisweirich "Code") | [<img src="https://avatars.githubusercontent.com/u/1294403?v=4" width="110px;"/><br /><sub>denzfarid</sub>](https://github.com/denzfarid)<br /> | [<img src="https://avatars.githubusercontent.com/u/94018771?v=4" width="110px;"/><br /><sub>ntbutler-nbcs</sub>](https://github.com/ntbutler-nbcs)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ntbutler-nbcs "Code") | [<img src="https://avatars.githubusercontent.com/u/172697?v=4" width="110px;"/><br /><sub>Naveen</sub>](https://naveensrinivasan.dev)<br />[💻](https://github.com/snipe/snipe-it/commits?author=naveensrinivasan "Code") | [<img src="https://avatars.githubusercontent.com/u/55674383?v=4" width="110px;"/><br /><sub>Mike Roquemore</sub>](https://github.com/mikeroq)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mikeroq "Code") | [<img src="https://avatars.githubusercontent.com/u/7991086?v=4" width="110px;"/><br /><sub>Daniel Reeder</sub>](https://github.com/reederda)<br />[🌍](#translation-reederda "Translation") [🌍](#translation-reederda "Translation") [💻](https://github.com/snipe/snipe-it/commits?author=reederda "Code") | [<img src="https://avatars.githubusercontent.com/u/109422491?v=4" width="110px;"/><br /><sub>vickyjaura183</sub>](https://github.com/vickyjaura183)<br />[💻](https://github.com/snipe/snipe-it/commits?author=vickyjaura183 "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/32363424?v=4" width="110px;"/><br /><sub>Peace</sub>](https://github.com/julian-piehl)<br />[💻](https://github.com/snipe/snipe-it/commits?author=julian-piehl "Code") | [<img src="https://avatars.githubusercontent.com/u/231528?v=4" width="110px;"/><br /><sub>Kyle Gordon</sub>](https://github.com/kylegordon)<br />[💻](https://github.com/snipe/snipe-it/commits?author=kylegordon "Code") | [<img src="https://avatars.githubusercontent.com/u/53009155?v=4" width="110px;"/><br /><sub>Katharina Drexel</sub>](http://www.bfh.ch)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sunflowerbofh "Code") | [<img src="https://avatars.githubusercontent.com/u/1931963?v=4" width="110px;"/><br /><sub>David Sferruzza</sub>](https://david.sferruzza.fr/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=dsferruzza "Code") | [<img src="https://avatars.githubusercontent.com/u/19511639?v=4" width="110px;"/><br /><sub>Rick Nelson</sub>](https://github.com/rnelsonee)<br />[💻](https://github.com/snipe/snipe-it/commits?author=rnelsonee "Code") | [<img src="https://avatars.githubusercontent.com/u/94169344?v=4" width="110px;"/><br /><sub>BasO12</sub>](https://github.com/BasO12)<br />[💻](https://github.com/snipe/snipe-it/commits?author=BasO12 "Code") | [<img src="https://avatars.githubusercontent.com/u/111710123?v=4" width="110px;"/><br /><sub>Vautia</sub>](https://github.com/Vautia)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Vautia "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/28321?v=4" width="110px;"/><br /><sub>Chris Hartjes</sub>](http://www.littlehart.net/atthekeyboard)<br />[💻](https://github.com/snipe/snipe-it/commits?author=chartjes "Code") | [<img src="https://avatars.githubusercontent.com/u/2404584?v=4" width="110px;"/><br /><sub>geo-chen</sub>](https://github.com/geo-chen)<br />[💻](https://github.com/snipe/snipe-it/commits?author=geo-chen "Code") | [<img src="https://avatars.githubusercontent.com/u/6006620?v=4" width="110px;"/><br /><sub>Phan Nguyen</sub>](https://github.com/nh314)<br />[💻](https://github.com/snipe/snipe-it/commits?author=nh314 "Code") | [<img src="https://avatars.githubusercontent.com/u/115993812?v=4" width="110px;"/><br /><sub>Iisakki Jaakkola</sub>](https://github.com/StarlessNights)<br />[💻](https://github.com/snipe/snipe-it/commits?author=StarlessNights "Code") | [<img src="https://avatars.githubusercontent.com/u/22633385?v=4" width="110px;"/><br /><sub>Ikko Ashimine</sub>](https://bandism.net/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=eltociear "Code") | [<img src="https://avatars.githubusercontent.com/u/56871540?v=4" width="110px;"/><br /><sub>Lukas Fehling</sub>](https://github.com/lukasfehling)<br />[💻](https://github.com/snipe/snipe-it/commits?author=lukasfehling "Code") | [<img src="https://avatars.githubusercontent.com/u/1975990?v=4" width="110px;"/><br /><sub>Fernando Almeida</sub>](https://github.com/fernando-almeida)<br />[💻](https://github.com/snipe/snipe-it/commits?author=fernando-almeida "Code") |
-| [<img src="https://avatars.githubusercontent.com/u/116301219?v=4" width="110px;"/><br /><sub>akemidx</sub>](https://github.com/akemidx)<br />[💻](https://github.com/snipe/snipe-it/commits?author=akemidx "Code") | [<img src="https://avatars.githubusercontent.com/u/144778?v=4" width="110px;"/><br /><sub>Oguz Bilgic</sub>](http://oguz.site)<br />[💻](https://github.com/snipe/snipe-it/commits?author=oguzbilgic "Code") | [<img src="https://avatars.githubusercontent.com/u/9262438?v=4" width="110px;"/><br /><sub>Scooter Crawford</sub>](https://github.com/scoo73r)<br />[💻](https://github.com/snipe/snipe-it/commits?author=scoo73r "Code") | [<img src="https://avatars.githubusercontent.com/u/5957345?v=4" width="110px;"/><br /><sub>subdriven</sub>](https://github.com/subdriven)<br />[💻](https://github.com/snipe/snipe-it/commits?author=subdriven "Code") | [<img src="https://avatars.githubusercontent.com/u/658865?v=4" width="110px;"/><br /><sub>Andrew Savinykh</sub>](https://github.com/AndrewSav)<br />[💻](https://github.com/snipe/snipe-it/commits?author=AndrewSav "Code") | [<img src="https://avatars.githubusercontent.com/u/1155067?v=4" width="110px;"/><br /><sub>Tadayuki Onishi</sub>](https://kenchan0130.github.io)<br />[💻](https://github.com/snipe/snipe-it/commits?author=kenchan0130 "Code") | [<img src="https://avatars.githubusercontent.com/u/112496896?v=4" width="110px;"/><br /><sub>Florian</sub>](https://github.com/floschoepfer)<br />[💻](https://github.com/snipe/snipe-it/commits?author=floschoepfer "Code") |
-| [<img src="https://avatars.githubusercontent.com/u/7305753?v=4" width="110px;"/><br /><sub>Spencer Long</sub>](http://spencerlong.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=spencerrlongg "Code") | [<img src="https://avatars.githubusercontent.com/u/1141514?v=4" width="110px;"/><br /><sub>Marcus Moore</sub>](https://github.com/marcusmoore)<br />[💻](https://github.com/snipe/snipe-it/commits?author=marcusmoore "Code") | [<img src="https://avatars.githubusercontent.com/u/570639?v=4" width="110px;"/><br /><sub>Martin Meredith</sub>](https://github.com/Mezzle)<br /> | [<img src="https://avatars.githubusercontent.com/u/5731963?v=4" width="110px;"/><br /><sub>dboth</sub>](http://dboth.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=dboth "Code") | [<img src="https://avatars.githubusercontent.com/u/87536651?v=4" width="110px;"/><br /><sub>Zachary Fleck</sub>](https://github.com/zacharyfleck)<br />[💻](https://github.com/snipe/snipe-it/commits?author=zacharyfleck "Code") | [<img src="https://avatars.githubusercontent.com/u/74609912?v=4" width="110px;"/><br /><sub>VIKAAS-A</sub>](https://github.com/vikaas-cyper)<br />[💻](https://github.com/snipe/snipe-it/commits?author=vikaas-cyper "Code") | [<img src="https://avatars.githubusercontent.com/u/88882041?v=4" width="110px;"/><br /><sub>Abdul Kareem</sub>](https://github.com/ak-piracha)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ak-piracha "Code") |
-| [<img src="https://avatars.githubusercontent.com/u/111287779?v=4" width="110px;"/><br /><sub>NojoudAlshehri</sub>](https://github.com/NojoudAlshehri)<br />[💻](https://github.com/snipe/snipe-it/commits?author=NojoudAlshehri "Code") | [<img src="https://avatars.githubusercontent.com/u/54367449?v=4" width="110px;"/><br /><sub>Stefan Stidl</sub>](https://github.com/stefanstidlffg)<br />[💻](https://github.com/snipe/snipe-it/commits?author=stefanstidlffg "Code") | [<img src="https://avatars.githubusercontent.com/u/87803479?v=4" width="110px;"/><br /><sub>Quentin Aymard</sub>](https://github.com/qay21)<br />[💻](https://github.com/snipe/snipe-it/commits?author=qay21 "Code") | [<img src="https://avatars.githubusercontent.com/u/5396871?v=4" width="110px;"/><br /><sub>Grant Le Roux</sub>](https://github.com/cram42)<br />[💻](https://github.com/snipe/snipe-it/commits?author=cram42 "Code") | [<img src="https://avatars.githubusercontent.com/u/58479551?v=4" width="110px;"/><br /><sub>Bogdan</sub>](http://@singrity)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Singrity "Code") | [<img src="https://avatars.githubusercontent.com/u/3483684?v=4" width="110px;"/><br /><sub>mmanjos</sub>](https://github.com/mmanjos)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mmanjos "Code") | [<img src="https://avatars.githubusercontent.com/u/7429229?v=4" width="110px;"/><br /><sub>Abdelaziz Faki</sub>](https://azooz2014.github.io/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Azooz2014 "Code") |
-| [<img src="https://avatars.githubusercontent.com/u/47315739?v=4" width="110px;"/><br /><sub>bilias</sub>](https://github.com/bilias)<br />[💻](https://github.com/snipe/snipe-it/commits?author=bilias "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/116301219?v=4" width="110px;"/><br /><sub>akemidx</sub>](https://github.com/akemidx)<br />[💻](https://github.com/snipe/snipe-it/commits?author=akemidx "Code") | [<img src="https://avatars.githubusercontent.com/u/144778?v=4" width="110px;"/><br /><sub>Oguz Bilgic</sub>](http://oguz.site)<br />[💻](https://github.com/snipe/snipe-it/commits?author=oguzbilgic "Code") | [<img src="https://avatars.githubusercontent.com/u/9262438?v=4" width="110px;"/><br /><sub>Scooter Crawford</sub>](https://github.com/scoo73r)<br />[💻](https://github.com/snipe/snipe-it/commits?author=scoo73r "Code") | [<img src="https://avatars.githubusercontent.com/u/5957345?v=4" width="110px;"/><br /><sub>subdriven</sub>](https://github.com/subdriven)<br />[💻](https://github.com/snipe/snipe-it/commits?author=subdriven "Code") |
 <!-- ALL-CONTRIBUTORS-LIST:END -->

 This project follows the [all-contributors](https://github.com/kentcdodds/all-contributors) specification. Contributions of any kind welcome!
@@ -1,52 +1,65 @@
-# Running the Test Suite
+# Using the Test Suite

-This document is targeted at developers looking to make modifications to this application's code base and want to run the existing test suite.
+This document is targeted at developers looking to make modifications to
+this application's code base and want to run the existing test suite.

-Before starting, follow the [instructions](README.md#installation) for installing the application locally and ensure you can load it in a browser properly.

-## Unit and Feature Tests
+## Setup

-Before attempting to run the test suite copy the example environment file for tests and update the values to match your environment:
+Follow the instructions for installing the application locally,
+making sure to have also run the [database migrations](link to db migrations).

-`cp .env.testing.example .env.testing`

-The following should work for running tests in memory with sqlite:
-```
-# --------------------------------------------
-# REQUIRED: BASIC APP SETTINGS
-# --------------------------------------------
-APP_ENV=testing
-APP_DEBUG=true
-APP_KEY=base64:glJpcM7BYwWiBggp3SQ/+NlRkqsBQMaGEOjemXqJzOU=
-APP_URL=http://localhost:8000
-APP_TIMEZONE='UTC'
-APP_LOCALE=en
+## Unit Tests 

+The application will use values in the `.env.testing` file located
+in the root directory to override the
+default settings and/or other values that exist in your `.env` files.
+
+Make sure to modify the section in `.env.testing` that has the
+database settings. In the example below, it is connecting to the
+[MariaDB](link-to-maria-db) server that is used if you install the
+application using [Docker](https://docker.com).
+
+```dotenv
 # --------------------------------------------
 # REQUIRED: DATABASE SETTINGS
 # --------------------------------------------
-DB_CONNECTION=sqlite_testing
-#DB_HOST=127.0.0.1
-#DB_PORT=3306
-#DB_DATABASE=null
-#DB_USERNAME=null
-#DB_PASSWORD=null
-```
-
-To use MySQL you should update the `DB_` variables to match your local test database:
-```
 DB_CONNECTION=mysql
 DB_HOST=127.0.0.1
-DB_PORT=3306
-DB_DATABASE={}
-DB_USERNAME={}
-DB_PASSWORD={}
+DB_DATABASE=snipeit
+DB_USERNAME=root
+DB_PASSWORD=changeme1234
 ```

-Now you are ready to run the entire test suite from your terminal:
+To run the entire unit test suite, use the following command from your terminal:

-`php artisan test`
+`php artisan test --env=testing`

-To run individual test files, you can pass the path to the test that you want to run:
+To run individual test files, you can pass the path to the test that
+you want to run.

-`php artisan test tests/Unit/AccessoryTest.php`
+`php artisan test --env=testing tests/Unit/AccessoryTest.php`
+
+## Browser Tests 
+
+The browser tests use [Dusk](https://laravel.com/docs/8.x/dusk) to run them.
+When troubleshooting any problems, make sure that your `.env` file is configured
+correctly to run the existing application.
+
+### Test Setup
+
+Your application needs to be configued and up and running in order for the browser
+tests to actually run. When running the tests locally, you can start the application
+using the following command:
+
+`php artisan serve`
+
+
+To run the test suite use the following command from another terminal tab or window:
+
+`php artisan dusk`
+
+To run individual test files, you can pass the path to the test that you want to run.
+
+`php artisan dusk tests/Browser/LoginTest.php`
@@ -56,7 +56,7 @@ class CheckoutLicenseToAllUsers extends Command
            return false;
        }

-        $users = User::whereNull('deleted_at')->where('autoassign_licenses', '=', 1)->with('licenses')->get();
+        $users = User::whereNull('deleted_at')->with('licenses')->get();

        if ($users->count() > $license->getAvailSeatsCountAttribute()) {
            $this->info('You do not have enough free seats to complete this task, so we will check out as many as we can. ');
@@ -3,31 +3,15 @@
 namespace App\Console\Commands;

 use Illuminate\Console\Command;
-use \App\Models\User;
-

 class CreateAdmin extends Command
 {
-
-    /** @mixin User **/
    /**
-     * App\Console\CreateAdmin
-     * @property mixed $first_name
-     * @property string $last_name
-     * @property string $username
-     * @property string $email
-     * @property string $permissions
-     * @property string $password
-     * @property boolean $activated
-     * @property boolean $show_in_list
-     * @property boolean $autoassign_licenses
-     * @property \Illuminate\Support\Carbon|null $created_at
-     * @property mixed $created_by
+     * The name and signature of the console command.
+     *
+     * @var string
     */
-
-
-
-    protected $signature = 'snipeit:create-admin {--first_name=} {--last_name=}  {--email=}  {--username=}  {--password=} {show_in_list?} {autoassign_licenses?}';
+    protected $signature = 'snipeit:create-admin {--first_name=} {--last_name=}  {--email=}  {--username=}  {--password=}   {show_in_list?}';

    /**
     * The console command description.
@@ -46,7 +30,11 @@ class CreateAdmin extends Command
        parent::__construct();
    }

-
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
    public function handle()
    {
        $first_name = $this->option('first_name');
@@ -55,14 +43,11 @@ class CreateAdmin extends Command
        $email = $this->option('email');
        $password = $this->option('password');
        $show_in_list = $this->argument('show_in_list');
-        $autoassign_licenses = $this->argument('autoassign_licenses');
-
-

        if (($first_name == '') || ($last_name == '') || ($username == '') || ($email == '') || ($password == '')) {
            $this->info('ERROR: All fields are required.');
        } else {
-            $user = new User;
+            $user = new \App\Models\User;
            $user->first_name = $first_name;
            $user->last_name = $last_name;
            $user->username = $username;
@@ -74,11 +59,6 @@ class CreateAdmin extends Command
            if ($show_in_list == 'false') {
                $user->show_in_list = 0;
            }
-
-            if ($autoassign_licenses == 'false') {
-                $user->autoassign_licenses = 0;
-            }
-
            if ($user->save()) {
                $this->info('New user created');
                $user->groups()->attach(1);
@@ -18,7 +18,7 @@ class LdapSync extends Command
     *
     * @var string
     */
-    protected $signature = 'snipeit:ldap-sync {--location=} {--location_id=*} {--base_dn=} {--filter=} {--summary} {--json_summary}';
+    protected $signature = 'snipeit:ldap-sync {--location=} {--location_id=} {--base_dn=} {--filter=} {--summary} {--json_summary}';

    /**
     * The console command description.
@@ -44,25 +44,18 @@ class LdapSync extends Command
     */
    public function handle()
    {
-
-        // If LDAP enabled isn't set to 1 (ldap_enabled!=1) then we should cut this short immediately without going any further
-        if (Setting::getSettings()->ldap_enabled!='1') {
-            $this->error('LDAP is not enabled. Aborting. See Settings > LDAP to enable it.');
-            exit();
-        }
-
        ini_set('max_execution_time', env('LDAP_TIME_LIM', 600)); //600 seconds = 10 minutes
        ini_set('memory_limit', env('LDAP_MEM_LIM', '500M'));
        $ldap_result_username = Setting::getSettings()->ldap_username_field;
        $ldap_result_last_name = Setting::getSettings()->ldap_lname_field;
        $ldap_result_first_name = Setting::getSettings()->ldap_fname_field;
+
        $ldap_result_active_flag = Setting::getSettings()->ldap_active_flag;
        $ldap_result_emp_num = Setting::getSettings()->ldap_emp_num;
        $ldap_result_email = Setting::getSettings()->ldap_email;
        $ldap_result_phone = Setting::getSettings()->ldap_phone_field;
        $ldap_result_jobtitle = Setting::getSettings()->ldap_jobtitle;
        $ldap_result_country = Setting::getSettings()->ldap_country;
-        $ldap_result_location = Setting::getSettings()->ldap_location;
        $ldap_result_dept = Setting::getSettings()->ldap_dept;
        $ldap_result_manager = Setting::getSettings()->ldap_manager;
        $ldap_default_group = Setting::getSettings()->ldap_default_group;
@@ -75,7 +68,7 @@ class LdapSync extends Command
                $json_summary = ['error' => true, 'error_message' => $e->getMessage(), 'summary' => []];
                $this->info(json_encode($json_summary));
            }
-            Log::info($e);
+            LOG::info($e);

            return [];
        }
@@ -83,18 +76,9 @@ class LdapSync extends Command
        $summary = [];

        try {
-            if ( $this->option('location_id') != '') {
-
-                foreach($this->option('location_id') as $location_id){
-                    $location_ou= Location::where('id', '=', $location_id)->value('ldap_ou');
-                    $search_base = $location_ou;
-                    Log::debug('Importing users from specified location OU: \"'.$search_base.'\".');
-                 }
-            }
-
-            else if ($this->option('base_dn') != '') {
+            if ($this->option('base_dn') != '') {
                $search_base = $this->option('base_dn');
-                Log::debug('Importing users from specified base DN: \"'.$search_base.'\".');
+                LOG::debug('Importing users from specified base DN: \"'.$search_base.'\".');
            } else {
                $search_base = null;
            }
@@ -108,30 +92,26 @@ class LdapSync extends Command
                $json_summary = ['error' => true, 'error_message' => $e->getMessage(), 'summary' => []];
                $this->info(json_encode($json_summary));
            }
-            Log::info($e);
+            LOG::info($e);

            return [];
        }

        /* Determine which location to assign users to by default. */
        $location = null; // TODO - this would be better called "$default_location", which is more explicit about its purpose
-            if ($this->option('location') != '') {
-                if ($location = Location::where('name', '=', $this->option('location'))->first()) {
-                    Log::debug('Location name ' . $this->option('location') . ' passed');
-                    Log::debug('Importing to ' . $location->name . ' (' . $location->id . ')');
-                }

-            } elseif ($this->option('location_id') != '') {
-                foreach($this->option('location_id') as $location_id) {
-                if ($location = Location::where('id', '=', $location_id)->first()) {
-                    Log::debug('Location ID ' . $location_id . ' passed');
-                    Log::debug('Importing to ' . $location->name . ' (' . $location->id . ')');
-                }
-
-            }
+        if ($this->option('location') != '') {
+            $location = Location::where('name', '=', $this->option('location'))->first();
+            LOG::debug('Location name '.$this->option('location').' passed');
+            LOG::debug('Importing to '.$location->name.' ('.$location->id.')');
+        } elseif ($this->option('location_id') != '') {
+            $location = Location::where('id', '=', $this->option('location_id'))->first();
+            LOG::debug('Location ID '.$this->option('location_id').' passed');
+            LOG::debug('Importing to '.$location->name.' ('.$location->id.')');
        }
+
        if (! isset($location)) {
-            Log::debug('That location is invalid or a location was not provided, so no location will be assigned by default.');
+            LOG::debug('That location is invalid or a location was not provided, so no location will be assigned by default.');
        }

        /* Process locations with explicitly defined OUs, if doing a full import. */
@@ -147,7 +127,7 @@ class LdapSync extends Command
            array_multisort($ldap_ou_lengths, SORT_ASC, $ldap_ou_locations);

            if (count($ldap_ou_locations) > 0) {
-                Log::debug('Some locations have special OUs set. Locations will be automatically set for users in those OUs.');
+                LOG::debug('Some locations have special OUs set. Locations will be automatically set for users in those OUs.');
            }

            // Inject location information fields
@@ -165,7 +145,7 @@ class LdapSync extends Command
                        $json_summary = ['error' => true, 'error_message' => trans('admin/users/message.error.ldap_could_not_search').' Location: '.$ldap_loc['name'].' (ID: '.$ldap_loc['id'].') cannot connect to "'.$ldap_loc['ldap_ou'].'" - '.$e->getMessage(), 'summary' => []];
                        $this->info(json_encode($json_summary));
                    }
-                    Log::info($e);
+                    LOG::info($e);

                    return [];
                }
@@ -193,6 +173,10 @@ class LdapSync extends Command
            }
        }

+        /* Create user account entries in Snipe-IT */
+        $tmp_pass = substr(str_shuffle('0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), 0, 20);
+        $pass = bcrypt($tmp_pass);
+
        $manager_cache = [];

        if($ldap_default_group != null) {
@@ -207,26 +191,20 @@ class LdapSync extends Command

        for ($i = 0; $i < $results['count']; $i++) {
                $item = [];
-                $item['username'] = $results[$i][$ldap_result_username][0] ?? '';
-                $item['employee_number'] = $results[$i][$ldap_result_emp_num][0] ?? '';
-                $item['lastname'] = $results[$i][$ldap_result_last_name][0] ?? '';
-                $item['firstname'] = $results[$i][$ldap_result_first_name][0] ?? '';
-                $item['email'] = $results[$i][$ldap_result_email][0] ?? '';
-                $item['ldap_location_override'] = $results[$i]['ldap_location_override'] ?? '';
-                $item['location_id'] = $results[$i]['location_id'] ?? '';
-                $item['telephone'] = $results[$i][$ldap_result_phone][0] ?? '';
-                $item['jobtitle'] = $results[$i][$ldap_result_jobtitle][0] ?? '';
-                $item['country'] = $results[$i][$ldap_result_country][0] ?? '';
-                $item['department'] = $results[$i][$ldap_result_dept][0] ?? '';
-                $item['manager'] = $results[$i][$ldap_result_manager][0] ?? '';
-                $item['location'] = $results[$i][$ldap_result_location][0] ?? '';
+                $item['username'] = isset($results[$i][$ldap_result_username][0]) ? $results[$i][$ldap_result_username][0] : '';
+                $item['employee_number'] = isset($results[$i][$ldap_result_emp_num][0]) ? $results[$i][$ldap_result_emp_num][0] : '';
+                $item['lastname'] = isset($results[$i][$ldap_result_last_name][0]) ? $results[$i][$ldap_result_last_name][0] : '';
+                $item['firstname'] = isset($results[$i][$ldap_result_first_name][0]) ? $results[$i][$ldap_result_first_name][0] : '';
+                $item['email'] = isset($results[$i][$ldap_result_email][0]) ? $results[$i][$ldap_result_email][0] : '';
+                $item['ldap_location_override'] = isset($results[$i]['ldap_location_override']) ? $results[$i]['ldap_location_override'] : '';
+                $item['location_id'] = isset($results[$i]['location_id']) ? $results[$i]['location_id'] : '';
+                $item['telephone'] = isset($results[$i][$ldap_result_phone][0]) ? $results[$i][$ldap_result_phone][0] : '';
+                $item['jobtitle'] = isset($results[$i][$ldap_result_jobtitle][0]) ? $results[$i][$ldap_result_jobtitle][0] : '';
+                $item['country'] = isset($results[$i][$ldap_result_country][0]) ? $results[$i][$ldap_result_country][0] : '';
+                $item['department'] = isset($results[$i][$ldap_result_dept][0]) ? $results[$i][$ldap_result_dept][0] : '';
+                $item['manager'] = isset($results[$i][$ldap_result_manager][0]) ? $results[$i][$ldap_result_manager][0] : '';
+

-                // ONLY if you are using the "ldap_location" option *AND* you have an actual result
-                if ($ldap_result_location && $item['location']) {
-                        $location = Location::firstOrCreate([
-                                'name' => $item['location'],
-                        ]);
-                }
                $department = Department::firstOrCreate([
                    'name' => $item['department'],
                ]);
@@ -238,44 +216,21 @@ class LdapSync extends Command
                } else {
                    // Creating a new user.
                    $user = new User;
-                    $user->password = $user->noPassword();
+                    $user->password = $pass;
                    $user->activated = 1; // newly created users can log in by default, unless AD's UAC is in use, or an active flag is set (below)
                    $item['createorupdate'] = 'created';
                }

-            //If a sync option is not filled in on the LDAP settings don't populate the user field
-            if($ldap_result_username  != null){
-                $user->username = $item['username'];
-            }
-            if($ldap_result_last_name != null){
-                $user->last_name = $item['lastname'];
-            }
-            if($ldap_result_first_name != null){
                $user->first_name = $item['firstname'];
-            }
-            if($ldap_result_emp_num  != null){
-                $user->employee_num = e($item['employee_number']);
-            }
-            if($ldap_result_email != null){
+                $user->last_name = $item['lastname'];
+                $user->username = $item['username'];
                $user->email = $item['email'];
-            }
-            if($ldap_result_phone != null){
+                $user->employee_num = e($item['employee_number']);
                $user->phone = $item['telephone'];
-            }
-            if($ldap_result_jobtitle != null){
                $user->jobtitle = $item['jobtitle'];
-            }
-            if($ldap_result_country != null){
                $user->country = $item['country'];
-            }
-            if($ldap_result_dept  != null){
                $user->department_id = $department->id;
-            }
-            if($ldap_result_location != null){
-                $user->location_id = $location ? $location->id : null;
-            }

-            if($ldap_result_manager != null){
                if($item['manager'] != null) {
                    // Check Cache first
                    if (isset($manager_cache[$item['manager']])) {
@@ -315,7 +270,6 @@ class LdapSync extends Command

                    }
                }
-            }

                // Sync activated state for Active Directory.
                if ( !empty($ldap_result_active_flag)) { // IF we have an 'active' flag set....
@@ -349,18 +303,17 @@ class LdapSync extends Command
                        $user->activated = 0;
                    } */
                    $enabled_accounts = [
-                    '512',    //     0x200 NORMAL_ACCOUNT
-                    '544',    //     0x220 NORMAL_ACCOUNT, PASSWD_NOTREQD
-                    '66048',  //   0x10200 NORMAL_ACCOUNT, DONT_EXPIRE_PASSWORD
-                    '66080',  //   0x10220 NORMAL_ACCOUNT, PASSWD_NOTREQD, DONT_EXPIRE_PASSWORD
-                    '262656', //   0x40200 NORMAL_ACCOUNT, SMARTCARD_REQUIRED
-                    '262688', //   0x40220 NORMAL_ACCOUNT, PASSWD_NOTREQD, SMARTCARD_REQUIRED
-                    '328192', //   0x50200 NORMAL_ACCOUNT, SMARTCARD_REQUIRED, DONT_EXPIRE_PASSWORD
-                    '328224', //   0x50220 NORMAL_ACCOUNT, PASSWD_NOT_REQD, SMARTCARD_REQUIRED, DONT_EXPIRE_PASSWORD
-                    '4194816',//  0x400200 NORMAL_ACCOUNT, DONT_REQ_PREAUTH
+                    '512',    // 0x200    NORMAL_ACCOUNT
+                    '544',    // 0x220    NORMAL_ACCOUNT, PASSWD_NOTREQD
+                    '66048',  // 0x10200  NORMAL_ACCOUNT, DONT_EXPIRE_PASSWORD
+                    '66080',  // 0x10220  NORMAL_ACCOUNT, PASSWD_NOTREQD, DONT_EXPIRE_PASSWORD
+                    '262656', // 0x40200  NORMAL_ACCOUNT, SMARTCARD_REQUIRED
+                    '262688', // 0x40220  NORMAL_ACCOUNT, PASSWD_NOTREQD, SMARTCARD_REQUIRED
+                    '328192', // 0x50200  NORMAL_ACCOUNT, SMARTCARD_REQUIRED, DONT_EXPIRE_PASSWORD
+                    '328224', // 0x50220  NORMAL_ACCOUNT, PASSWD_NOT_REQD, SMARTCARD_REQUIRED, DONT_EXPIRE_PASSWORD
+                    '4194816',// 0x400200 NORMAL_ACCOUNT, DONT_REQ_PREAUTH
                    '4260352', // 0x410200 NORMAL_ACCOUNT, DONT_EXPIRE_PASSWORD, DONT_REQ_PREAUTH
                    '1049088', // 0x100200 NORMAL_ACCOUNT, NOT_DELEGATED
-                    '1114624', // 0x110200 NORMAL_ACCOUNT, DONT_EXPIRE_PASSWORD, NOT_DELEGATED,
                  ];
                    $user->activated = (in_array($results[$i]['useraccountcontrol'][0], $enabled_accounts)) ? 1 : 0;

@@ -1,52 +0,0 @@
-<?php
-
-namespace App\Console\Commands;
-
-use Illuminate\Console\Command;
-use App\Models\User;
-
-class NormalizeUserNames extends Command
-{
-    /**
-     * The name and signature of the console command.
-     *
-     * @var string
-     */
-    protected $signature = 'snipeit:normalize-names';
-
-    /**
-     * The console command description.
-     *
-     * @var string
-     */
-    protected $description = 'Normalizes weirdly formatted names as first-letter upercased';
-
-    /**
-     * Create a new command instance.
-     *
-     * @return void
-     */
-    public function __construct()
-    {
-        parent::__construct();
-    }
-
-    /**
-     * Execute the console command.
-     *
-     * @return int
-     */
-    public function handle()
-    {
-
-        $users = User::get();
-            $this->info($users->count() . ' users');
-
-            foreach ($users as $user) {
-                $user->first_name = ucwords(strtolower($user->first_name));
-                $user->last_name = ucwords(strtolower($user->last_name));
-                $user->email = strtolower($user->email);
-                $user->save();
-        }
-    }
-}
@@ -149,7 +149,7 @@ class RestoreFromBackup extends Command
                $boring_files[] = $raw_path;
                continue;
            }
-            if (@pathinfo($raw_path, PATHINFO_EXTENSION) == 'sql') {
+            if (@pathinfo($raw_path)['extension'] == 'sql') {
                \Log::debug("Found a sql file!");
                $sqlfiles[] = $raw_path;
                $sqlfile_indices[] = $i;
@@ -214,7 +214,7 @@ class RestoreFromBackup extends Command
        $env_vars['MYSQL_PWD'] = config('database.connections.mysql.password');
        // TODO notes: we are stealing the dump_binary_path (which *probably* also has your copy of the mysql binary in it. But it might not, so we might need to extend this)
        //             we unilaterally prepend a slash to the `mysql` command. This might mean your path could look like /blah/blah/blah//mysql - which should be fine. But maybe in some environments it isn't?
-        $mysql_binary = config('database.connections.mysql.dump.dump_binary_path').\DIRECTORY_SEPARATOR.'mysql'.(\DIRECTORY_SEPARATOR == '\\' ? ".exe" : "");
+        $mysql_binary = config('database.connections.mysql.dump.dump_binary_path').'/mysql';
        if( ! file_exists($mysql_binary) ) {
            return $this->error("mysql tool at: '$mysql_binary' does not exist, cannot restore. Please edit DB_DUMP_PATH in your .env to point to a directory that contains the mysqldump and mysql binary");
        }
@@ -7,7 +7,6 @@ use App\Models\CustomField;
 use App\Models\Setting;
 use Artisan;
 use Illuminate\Console\Command;
-use Illuminate\Contracts\Encryption\DecryptException;
 use Illuminate\Encryption\Encrypter;

 class RotateAppKey extends Command
@@ -17,17 +16,14 @@ class RotateAppKey extends Command
     *
     * @var string
     */
-    protected $signature = 'snipeit:rotate-key
-                            {previous_key? : The previous key to rotate from} 
-                            {--emergency : Emergency mode - rotate from .env APP_KEY to newly-generated one, modifying .env} 
-                            {--force : Skip interactive confirmation}';
+    protected $signature = 'snipeit:rotate-key';

    /**
     * The console command description.
     *
     * @var string
     */
-    protected $description = 'Rotates APP_KEY to a new value, optionally taking the previous key as an argument';
+    protected $description = 'Command description';

    /**
     * Create a new command instance.
@@ -46,42 +42,26 @@ class RotateAppKey extends Command
     */
    public function handle()
    {
-        //make sure they specify only exactly one of --emergency, or a filename. Not neither, and not both.
-        if ( (!$this->option('emergency') && !$this->argument('previous_key')) || ( $this->option('emergency') && $this->argument('previous_key'))) {
-            $this->error("Specify only one of --emergency, or an app key value, in order to rotate keys");
-            return 1;
-        }
-        if ( $this->option('emergency') ) {
-            $msg = "\n****************************************************\nTHIS WILL MODIFY YOUR APP_KEY AND DE-CRYPT YOUR ENCRYPTED CUSTOM FIELDS AND \nRE-ENCRYPT THEM WITH A NEWLY GENERATED KEY. \n\nThere is NO undo. \n\nMake SURE you have a database backup and a backup of your .env generated BEFORE running this command. \n\nIf you do not save the newly generated APP_KEY to your .env in this process, \nyour encrypted data will no longer be decryptable. \n\nAre you SURE you wish to continue, and have confirmed you have a database backup and an .env backup? ";
-        } else {
-            $msg = "\n****************************************************\nTHIS WILL DE-CRYPT YOUR ENCRYPTED CUSTOM FIELDS AND RE-ENCRYPT THEM WITH YOUR\nAPP_KEY.\n\nThere is NO undo. \n\nMake SURE you have a database backup BEFORE running this command. \n\nAre you SURE you wish to continue, and have confirmed you have a database backup? ";
-        }
-        if ($this->option('force') || $this->confirm($msg)) {
+        if ($this->confirm("\n****************************************************\nTHIS WILL MODIFY YOUR APP_KEY AND DE-CRYPT YOUR ENCRYPTED CUSTOM FIELDS AND \nRE-ENCRYPT THEM WITH A NEWLY GENERATED KEY. \n\nThere is NO undo. \n\nMake SURE you have a database backup and a backup of your .env generated BEFORE running this command. \n\nIf you do not save the newly generated APP_KEY to your .env in this process, \nyour encrypted data will no longer be decryptable. \n\nAre you SURE you wish to continue, and have confirmed you have a database backup and an .env backup? ")) {

            // Get the existing app_key and ciphers
            // We put them in a variable since we clear the cache partway through here.
-            if ($this->option('emergency')) {
-                $old_app_key = config('app.key');
-                $cipher = config('app.cipher');
+            $old_app_key = config('app.key');
+            $cipher = config('app.cipher');

-                // Generate a new one
-                Artisan::call('key:generate', ['--show' => true]);
-                $new_app_key = trim(Artisan::output());
+            // Generate a new one
+            Artisan::call('key:generate', ['--show' => true]);
+            $new_app_key = Artisan::output();

-                // Clear the config cache
-                Artisan::call('config:clear');
+            // Clear the config cache
+            Artisan::call('config:clear');

-                // Write the new app key to the .env file
-                $this->writeNewEnvironmentFileWith($new_app_key);
-            } elseif ($this->argument('previous_key')) {
-                $old_app_key = $this->argument('previous_key');
-                $cipher = config('app.cipher'); // just a guess?
-                $new_app_key = config('app.key');
-            }
+            $this->warn('Your app cipher is: '.$cipher);
+            $this->warn('Your old APP_KEY is: '.$old_app_key);
+            $this->warn('Your new APP_KEY is: '.$new_app_key);

-            $this->warn('Your app cipher is: ' . $cipher);
-            $this->warn('Your old APP_KEY is: ' . $old_app_key);
-            $this->warn('Your new APP_KEY is: ' . $new_app_key);
+            // Write the new app key to the .env file
+            $this->writeNewEnvironmentFileWith($new_app_key);

            // Manually create an old encrypter instance using the old app key
            // and also create a new encrypter instance so we can re-crypt the field
@@ -95,16 +75,8 @@ class RotateAppKey extends Command
                $assets = Asset::whereNotNull($field->db_column)->get();

                foreach ($assets as $asset) {
-                    try {
-                        $asset->{$field->db_column} = $oldEncrypter->decrypt($asset->{$field->db_column});
-                        $this->line('DECRYPTED: ' . $field->db_column);
-                    } catch (DecryptException $e) {
-                        $this->line('Could not decrypt '. $field->db_column.' using "old key" - skipping...');
-                        continue;
-                    } catch (\Exception $e) {
-                        $this->error("Error decrypting ".$field->db_column.", reason: ".$e->getMessage().". Aborting key rotation");
-                        throw $e;
-                    }
+                    $asset->{$field->db_column} = $oldEncrypter->decrypt($asset->{$field->db_column});
+                    $this->line('DECRYPTED: '.$field->db_column);
                    $asset->{$field->db_column} = $newEncrypter->encrypt($asset->{$field->db_column});
                    $this->line('ENCRYPTED: '.$field->db_column);
                    $asset->save();
@@ -114,14 +86,10 @@ class RotateAppKey extends Command
            // Handle the LDAP password if one is provided
            $setting = Setting::first();
            if ($setting->ldap_pword != '') {
-                try {
-                    $setting->ldap_pword = $oldEncrypter->decrypt($setting->ldap_pword);
-                    $setting->ldap_pword = $newEncrypter->encrypt($setting->ldap_pword);
-                    $setting->save();
-                    $this->warn('LDAP password has been re-encrypted.');
-                } catch(DecryptException $e) {
-                    $this->warn("Unable to decrypt old LDAP password; skipping");
-                }
+                $setting->ldap_pword = $oldEncrypter->decrypt($setting->ldap_pword);
+                $setting->ldap_pword = $newEncrypter->encrypt($setting->ldap_pword);
+                $setting->save();
+                $this->warn('LDAP password has been re-encrypted.');
            }
        } else {
            $this->info('This operation has been canceled. No changes have been made.');
@@ -138,7 +106,7 @@ class RotateAppKey extends Command
    {
        file_put_contents($this->laravel->environmentFilePath(), preg_replace(
            $this->keyReplacementPattern(),
-            'APP_KEY="'.$key.'"',
+            'APP_KEY='.$key,
            file_get_contents($this->laravel->environmentFilePath())
        ));
    }
@@ -150,7 +118,7 @@ class RotateAppKey extends Command
     */
    protected function keyReplacementPattern()
    {
-        $escaped = '="?'.preg_quote($this->laravel['config']['app.key'], '/').'"?';
+        $escaped = preg_quote('='.$this->laravel['config']['app.key'], '/');

        return "/^APP_KEY{$escaped}/m";
    }
@@ -11,7 +11,7 @@ class SystemBackup extends Command
     *
     * @var string
     */
-    protected $signature = 'snipeit:backup {--filename=}';
+    protected $name = 'snipeit:backup';

    /**
     * The console command description.
@@ -37,18 +37,7 @@ class SystemBackup extends Command
     */
    public function handle()
    {
-        if ($this->option('filename')) {
-            $filename = $this->option('filename');
-
-            // Make sure the filename ends in .zip
-            if (!ends_with($filename, '.zip')) {
-                $filename = $filename.'.zip';
-            }
-
-            $this->call('backup:run', ['--filename' => $filename]);
-        } else {
-            $this->call('backup:run');
-        }
-
+        //
+        $this->call('backup:run');
    }
 }
@@ -15,20 +15,18 @@ class CheckoutableCheckedIn
    public $checkedInBy;
    public $note;
    public $action_date; // Date setted in the hardware.checkin view at the checkin_at input, for the action log
-    public $originalValues;

    /**
     * Create a new event instance.
     *
     * @return void
     */
-    public function __construct($checkoutable, $checkedOutTo, User $checkedInBy, $note, $action_date = null, $originalValues = [])
+    public function __construct($checkoutable, $checkedOutTo, User $checkedInBy, $note, $action_date = null)
    {
        $this->checkoutable = $checkoutable;
        $this->checkedOutTo = $checkedOutTo;
        $this->checkedInBy = $checkedInBy;
        $this->note = $note;
        $this->action_date = $action_date ?? date('Y-m-d');
-        $this->originalValues = $originalValues;
    }
 }
@@ -14,19 +14,17 @@ class CheckoutableCheckedOut
    public $checkedOutTo;
    public $checkedOutBy;
    public $note;
-    public $originalValues;

    /**
     * Create a new event instance.
     *
     * @return void
     */
-    public function __construct($checkoutable, $checkedOutTo, User $checkedOutBy, $note, $originalValues = [])
+    public function __construct($checkoutable, $checkedOutTo, User $checkedOutBy, $note)
    {
        $this->checkoutable = $checkoutable;
        $this->checkedOutTo = $checkedOutTo;
        $this->checkedOutBy = $checkedOutBy;
        $this->note = $note;
-        $this->originalValues = $originalValues;
    }
 }
@@ -1,24 +0,0 @@
-<?php
-
-namespace App\Events;
-
-use Illuminate\Foundation\Events\Dispatchable;
-use Illuminate\Queue\SerializesModels;
-use App\Models\User;
-
-class UserMerged
-{
-    use Dispatchable, SerializesModels;
-
-    /**
-     * Create a new event instance.
-     *
-     * @return void
-     */
-    public function __construct(User $from_user, User $to_user, User $admin)
-    {
-        $this->merged_from        = $from_user;
-        $this->merged_to      = $to_user;
-        $this->admin            = $admin;
-    }
-}
@@ -6,11 +6,10 @@ use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
 use App\Helpers\Helper;
 use Illuminate\Validation\ValidationException;
 use Illuminate\Auth\AuthenticationException;
-use ArieTimmerman\Laravel\SCIMServer\Exceptions\SCIMException;
 use Log;
 use Throwable;
 use JsonException;
-use Carbon\Exceptions\InvalidFormatException;
+

 class Handler extends ExceptionHandler
 {
@@ -29,8 +28,6 @@ class Handler extends ExceptionHandler
        \Intervention\Image\Exception\NotSupportedException::class,
        \League\OAuth2\Server\Exception\OAuthServerException::class,
        JsonException::class,
-        SCIMException::class, //these generally don't need to be reported
-        InvalidFormatException::class,
    ];

    /**
@@ -44,9 +41,7 @@ class Handler extends ExceptionHandler
    public function report(Throwable $exception)
    {
        if ($this->shouldReport($exception)) {
-            if (class_exists(\Log::class)) {
-                \Log::error($exception);
-            }
+            \Log::error($exception);
            return parent::report($exception);
        }
    }
@@ -56,7 +51,7 @@ class Handler extends ExceptionHandler
     * 
     * @param  \Illuminate\Http\Request  $request
     * @param  \Exception  $e
-     * @return \Illuminate\Http\JsonResponse|\Illuminate\Http\RedirectResponse|\Illuminate\Http\Response
+     * @return \Illuminate\Http\Response
     */
    public function render($request, Throwable $e)
    {
@@ -70,39 +65,18 @@ class Handler extends ExceptionHandler
        // Invalid JSON exception
        // TODO: don't understand why we have to do this when we have the invalidJson() method, below, but, well, whatever
        if ($e instanceof JsonException) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, 'Invalid JSON'), 422);
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'invalid JSON'), 422);
        }

-        // Handle SCIM exceptions
-        if ($e instanceof SCIMException) {
-            try {
-                $e->report(); // logs as 'debug', so shouldn't get too noisy
-            } catch(\Exception $reportException) {
-                //do nothing
-            }
-            return $e->render($request); // ALL SCIMExceptions have the 'render()' method
-        }

-        // Handle standard requests that fail because Carbon cannot parse the date on validation (when a submitted date value is definitely not a date)
-        if ($e instanceof InvalidFormatException) {
-            return redirect()->back()->withInput()->with('error', trans('validation.date', ['attribute' => 'date']));
-        }
-
-        // Handle API requests that fail
+        // Handle Ajax requests that fail because the model doesn't exist
        if ($request->ajax() || $request->wantsJson()) {

-            // Handle API requests that fail because Carbon cannot parse the date on validation (when a submitted date value is definitely not a date)
-            if ($e instanceof InvalidFormatException) {
-                return response()->json(Helper::formatStandardApiResponse('error', null, trans('validation.date', ['attribute' => 'date'])), 200);
-            }
-
-            // Handle API requests that fail because the model doesn't exist
            if ($e instanceof \Illuminate\Database\Eloquent\ModelNotFoundException) {
                $className = last(explode('\\', $e->getModel()));
                return response()->json(Helper::formatStandardApiResponse('error', null, $className . ' not found'), 200);
            }

-            // Handle API requests that fail because of an HTTP status code and return a useful error message
            if ($this->isHttpException($e)) {

                $statusCode = $e->getStatusCode();
@@ -122,8 +96,6 @@ class Handler extends ExceptionHandler
        }


-
-
        if ($this->isHttpException($e) && (isset($statusCode)) && ($statusCode == '404' )) {
            return response()->view('layouts/basic', [
                'content' => view('errors/404')
@@ -139,8 +111,8 @@ class Handler extends ExceptionHandler
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Illuminate\Auth\AuthenticationException  $exception
-     * @return \Illuminate\Http\JsonResponse|\Illuminate\Http\RedirectResponse
-  */
+     * @return \Illuminate\Http\Response
+     */
    protected function unauthenticated($request, AuthenticationException $exception)
    {
        if ($request->expectsJson()) {
@@ -150,11 +122,6 @@ class Handler extends ExceptionHandler
        return redirect()->guest('login');
    }

-    protected function invalidJson($request, ValidationException $exception)
-    {
-        return response()->json(Helper::formatStandardApiResponse('error', null, $exception->errors()), 200);
-    }
-

    /** 
     * A list of the inputs that are never flashed for validation exceptions.
@@ -2,8 +2,6 @@

 namespace App\Helpers;
 use App\Models\Accessory;
-use App\Models\Asset;
-use App\Models\AssetModel;
 use App\Models\Component;
 use App\Models\Consumable;
 use App\Models\CustomField;
@@ -35,16 +33,6 @@ class Helper
        }
    }

-    public static function parseEscapedMarkedownInline($str = null)
-    {
-        $Parsedown = new \Parsedown();
-        $Parsedown->setSafeMode(true);
-
-        if ($str) {
-            return $Parsedown->line($str);
-        }
-    }
-
    /**
     * The importer has formatted number strings since v3,
     * so the value might be a string, or an integer.
@@ -73,14 +61,10 @@ class Helper
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v3.3]
-     * @return string
+     * @return array
     */
-    public static function defaultChartColors(int $index = 0)
+    public static function defaultChartColors($index = 0)
    {
-        if ($index < 0) {
-            $index = 0;
-        }
-
        $colors = [
            '#008941',
            '#FF4A46',
@@ -350,23 +334,7 @@ class Helper
            '#92896B',
        ];

-        $total_colors = count($colors);

-        if ($index >= $total_colors) {
-
-            \Log::error('Status label count is '.$index.' and exceeds the allowed count of 266.');
-            //patch fix for array key overflow (color count starts at 1, array starts at 0)
-            $index = $index - $total_colors - 1;
-
-            //constraints to keep result in 0-265 range. This should never be needed, but if something happens
-            //to create this many status labels and it DOES happen, this will keep it from failing at least.
-            if($index < 0) {
-                $index = 0;
-            }
-            elseif($index >($total_colors - 1)) {
-                $index = $total_colors - 1;
-            }
-        }

        return $colors[$index];
    }
@@ -560,23 +528,20 @@ class Helper
     * @since [v2.5]
     * @return array
     */
-    public static function categoryTypeList($selection=null)
+    public static function categoryTypeList()
    {
        $category_types = [
            '' => '',
-            'accessory' => trans('general.accessory'),
-            'asset' => trans('general.asset'),
-            'consumable' => trans('general.consumable'),
-            'component' => trans('general.component'),
-            'license' => trans('general.license'),
+            'accessory' => 'Accessory',
+            'asset' => 'Asset',
+            'consumable' => 'Consumable',
+            'component' => 'Component',
+            'license' => 'License',
        ];

-        if ($selection != null){
-            return $category_types[strtolower($selection)];
-        }
-        else
        return $category_types;
    }
+
    /**
     * Get the list of custom fields in an array to make a dropdown menu
     *
@@ -661,7 +626,6 @@ class Helper
        $consumables = Consumable::withCount('consumableAssignments as consumable_assignments_count')->whereNotNull('min_amt')->get();
        $accessories = Accessory::withCount('users as users_count')->whereNotNull('min_amt')->get();
        $components = Component::whereNotNull('min_amt')->get();
-        $asset_models = AssetModel::where('min_amt', '>', 0)->get();

        $avail_consumables = 0;
        $items_array = [];
@@ -724,28 +688,6 @@ class Helper
            }
        }

-        foreach ($asset_models as $asset_model){
-
-            $asset = new Asset();
-            $total_owned = $asset->where('model_id', '=', $asset_model->id)->count();
-            $avail = $asset->where('model_id', '=', $asset_model->id)->whereNull('assigned_to')->count();
-
-            if ($avail < ($asset_model->min_amt)+ \App\Models\Setting::getSettings()->alert_threshold) {
-                if ($avail > 0) {
-                    $percent = number_format((($avail / $total_owned) * 100), 0);
-                } else {
-                    $percent = 100;
-                }
-                $items_array[$all_count]['id'] = $asset_model->id;
-                $items_array[$all_count]['name'] = $asset_model->name;
-                $items_array[$all_count]['type'] = 'models';
-                $items_array[$all_count]['percent'] = $percent;
-                $items_array[$all_count]['remaining'] = $avail;
-                $items_array[$all_count]['min_amt'] = $asset_model->min_amt;
-                $all_count++;
-            }
-        }
-
        return $items_array;
    }

@@ -1150,15 +1092,6 @@ class Helper
        return $file_name;
    }

-
-    /**
-     * Universal helper to show file size in human-readable formats
-     *
-     * @author A. Gianotto <snipe@snipe.net>
-     * @since 5.0
-     *
-     * @return string[]
-     */
    public static function formatFilesizeUnits($bytes)
    {
        if ($bytes >= 1073741824)
@@ -1188,141 +1121,30 @@ class Helper

        return $bytes;
    }
-
-    /**
-     * This is weird but used by the side nav to determine which URL to point the user to
-     *
-     * @author A. Gianotto <snipe@snipe.net>
-     * @since 5.0
-     *
-     * @return string[]
-     */
    public static function SettingUrls(){
        $settings=['#','fields.index', 'statuslabels.index', 'models.index', 'categories.index', 'manufacturers.index', 'suppliers.index', 'departments.index', 'locations.index', 'companies.index', 'depreciations.index'];

        return $settings;
        }
-
-
-    /**
-     * Generic helper (largely used by livewire right now) that returns the font-awesome icon
-     * for the object type.
-     *
-     * @author A. Gianotto <snipe@snipe.net>
-     * @since 6.1.0
-     *
-     * @return string
-     */
-    public static function iconTypeByItem($item) {
-
-        switch ($item) {
-            case 'asset':
-                return 'fas fa-barcode';
-                break;
-            case 'accessory':
-                return 'fas fa-keyboard';
-                break;
-            case 'component':
-                return 'fas fa-hdd';
-                break;
-            case 'consumable':
-                return 'fas fa-tint';
-                break;
-            case 'license':
-                return 'far fa-save';
-                break;
-            case 'location':
-                return 'fas fa-map-marker-alt';
-                break;
-            case 'user':
-                return 'fas fa-user';
-                break;
+    public static function AgeFormat($date) {
+        $year = Carbon::parse($date)
+            ->diff(now())->y;
+        $month = Carbon::parse($date)
+            ->diff(now())->m;
+        $days = Carbon::parse($date)
+            ->diff(now())->d;
+        $age='';
+        if ($year) {
+            $age .= $year.'y ';
+        }
+        if ($month) {
+            $age .= $month.'m ';
+        }
+        if ($days) {
+            $age .= $days.'d';
        }

-    }
+        return $age;

-
-     /*
-     * This is a shorter way to see if the app is in demo mode.
-     *
-     * This makes it cleanly available in blades and in controllers, e.g.
-     *
-     * Blade:
-     * {{ Helper::isDemoMode() ? ' disabled' : ''}} for form blades where we need to disable a form
-     *
-     * Controller:
-     * if (Helper::isDemoMode()) {
-     *      // don't allow the thing
-     * }
-     * @todo - use this everywhere else in the app where we have very long if/else config('app.lock_passwords') stuff
-     */
-    public static function isDemoMode() {
-        if (config('app.lock_passwords') === true) {
-            return true;
-            \Log::debug('app locked!');
-        }
-        
-        return false;
-    }
-
-  
-    /**
-     * Conversion between units of measurement
-     *
-     * @author Grant Le Roux <grant.leroux+snipe-it@gmail.com>
-     * @since 5.0
-     * @param float  $value    Measurement value to convert
-     * @param string $srcUnit  Source unit of measurement
-     * @param string $dstUnit  Destination unit of measurement
-     * @param int    $round    Round the result to decimals (Default false - No rounding)
-     * @return float
-     */
-    public static function convertUnit($value, $srcUnit, $dstUnit, $round=false) {
-        $srcFactor = static::getUnitConversionFactor($srcUnit);
-        $dstFactor = static::getUnitConversionFactor($dstUnit);
-        $output = $value * $srcFactor / $dstFactor;
-        return ($round !== false) ? round($output, $round) : $output;
-    }
-  
-    /**
-     * Get conversion factor from unit of measurement to mm
-     *
-     * @author Grant Le Roux <grant.leroux+snipe-it@gmail.com>
-     * @since 5.0
-     * @param string $unit  Unit of measurement
-     * @return float
-     */
-    public static function getUnitConversionFactor($unit) {
-        switch (strtolower($unit)) {
-            case 'mm':
-                return 1.0;
-            case 'cm':
-                return 10.0;
-            case 'm':
-                return 1000.0;
-            case 'in':
-                return 25.4;
-            case 'ft':
-                return 12 * static::getUnitConversionFactor('in');
-            case 'yd':
-                return 3 * static::getUnitConversionFactor('ft');
-            case 'pt':
-                return (1 / 72) * static::getUnitConversionFactor('in');
-            default:
-                throw new \InvalidArgumentException('Unit: \'' . $unit . '\' is not supported');
-
-                return false;
-        }
-    }
-
-
-    /*
-     * I know it's gauche  to return a shitty HTML string, but this is just a helper and since it will be the same every single time,
-     * it seemed pretty safe to do here. Don't you judge me.
-     */
-    public static function showDemoModeFieldWarning() {
-        if (Helper::isDemoMode()) {
-            return "<p class=\"text-warning\"><i class=\"fas fa-lock\"></i>" . trans('general.feature_disabled') . "</p>";
-        }
    }
 }
@@ -63,7 +63,6 @@ class AccessoriesController extends Controller
    public function store(ImageUploadRequest $request)
    {
        $this->authorize(Accessory::class);
-        
        // create a new model instance
        $accessory = new Accessory();

@@ -77,12 +76,13 @@ class AccessoriesController extends Controller
        $accessory->manufacturer_id         = request('manufacturer_id');
        $accessory->model_number            = request('model_number');
        $accessory->purchase_date           = request('purchase_date');
-        $accessory->purchase_cost           = request('purchase_cost');
+        $accessory->purchase_cost           = Helper::ParseCurrency(request('purchase_cost'));
        $accessory->qty                     = request('qty');
        $accessory->user_id                 = Auth::user()->id;
        $accessory->supplier_id             = request('supplier_id');
        $accessory->notes                   = request('notes');

+
        $accessory = $request->handleImages($accessory);

        // Was the accessory created?
@@ -115,34 +115,6 @@ class AccessoriesController extends Controller

    }

-    /**
-     * Returns a view that presents a form to clone an accessory.
-     *
-     * @author [J. Vinsmoke]
-     * @param int $accessoryId
-     * @since [v6.0]
-     * @return View
-     */
-    public function getClone($accessoryId = null)
-    {
-
-        $this->authorize('create', Accessory::class);
-
-        // Check if the asset exists
-        if (is_null($accessory_to_clone = Accessory::find($accessoryId))) {
-            // Redirect to the asset management page
-            return redirect()->route('accessories.index')
-                ->with('error', trans('admin/accessories/message.does_not_exist', ['id' => $accessoryId]));
-        }
-
-        $accessory = clone $accessory_to_clone;
-        $accessory->id = null;
-        $accessory->location_id = null;
-
-        return view('accessories/edit')
-            ->with('item', $accessory);
-        
-    }

    /**
     * Save edited Accessory from form post
@@ -155,47 +127,45 @@ class AccessoriesController extends Controller
     */
    public function update(ImageUploadRequest $request, $accessoryId = null)
    {
-        if ($accessory = Accessory::withCount('users as users_count')->find($accessoryId)) {
-
-            $this->authorize($accessory);
-
-            $validator = Validator::make($request->all(), [
-                "qty" => "required|numeric|min:$accessory->users_count"
-            ]);
-
-            if ($validator->fails()) {
-                return redirect()->back()
-                    ->withErrors($validator)
-                    ->withInput();
-            }
-
-
-
-            // Update the accessory data
-            $accessory->name = request('name');
-            $accessory->location_id = request('location_id');
-            $accessory->min_amt = request('min_amt');
-            $accessory->category_id = request('category_id');
-            $accessory->company_id = Company::getIdForCurrentUser(request('company_id'));
-            $accessory->manufacturer_id = request('manufacturer_id');
-            $accessory->order_number = request('order_number');
-            $accessory->model_number = request('model_number');
-            $accessory->purchase_date = request('purchase_date');
-            $accessory->purchase_cost = request('purchase_cost');
-            $accessory->qty = request('qty');
-            $accessory->supplier_id = request('supplier_id');
-            $accessory->notes = request('notes');
-
-            $accessory = $request->handleImages($accessory);
-
-            // Was the accessory updated?
-            if ($accessory->save()) {
-                return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.update.success'));
-            }
-        } else {
+        if (is_null($accessory = Accessory::find($accessoryId))) {
            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
        }

+        $min = $accessory->numCheckedOut();
+        $validator = Validator::make($request->all(), [
+            "qty" => "required|numeric|min:$min"
+        ]);
+
+        if ($validator->fails()) {
+            return redirect()->back()
+                ->withErrors($validator)
+                ->withInput();
+        }
+
+        $this->authorize($accessory);
+
+        // Update the accessory data
+        $accessory->name                    = request('name');
+        $accessory->location_id             = request('location_id');
+        $accessory->min_amt                 = request('min_amt');
+        $accessory->category_id             = request('category_id');
+        $accessory->company_id              = Company::getIdForCurrentUser(request('company_id'));
+        $accessory->manufacturer_id         = request('manufacturer_id');
+        $accessory->order_number            = request('order_number');
+        $accessory->model_number            = request('model_number');
+        $accessory->purchase_date           = request('purchase_date');
+        $accessory->purchase_cost           = Helper::ParseCurrency(request('purchase_cost'));
+        $accessory->qty                     = request('qty');
+        $accessory->supplier_id             = request('supplier_id');
+        $accessory->notes                   = request('notes');
+
+        $accessory = $request->handleImages($accessory);
+
+        // Was the accessory updated?
+        if ($accessory->save()) {
+            return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.update.success'));
+        }
+
        return redirect()->back()->withInput()->withErrors($accessory->getErrors());
    }

@@ -247,7 +217,7 @@ class AccessoriesController extends Controller
     */
    public function show($accessoryID = null)
    {
-        $accessory = Accessory::withCount('users as users_count')->find($accessoryID);
+        $accessory = Accessory::find($accessoryID);
        $this->authorize('view', $accessory);
        if (isset($accessory->id)) {
            return view('accessories/view', compact('accessory'));
@@ -146,8 +146,9 @@ class AccessoriesFilesController extends Controller
            $this->authorize('view', $accessory);
            $this->authorize('accessories.files', $accessory);

-            if (! $log = Actionlog::whereNotNull('filename')->where('item_id', $accessory->id)->find($fileId)) {
-                return redirect()->route('accessories.index')->with('error',  trans('admin/users/message.log_record_not_found'));
+            if (! $log = Actionlog::find($fileId)) {
+                return response('No matching record for that asset/file', 500)
+                    ->header('Content-Type', 'text/plain');
            }

            $file = 'private_uploads/accessories/'.$log->filename;
@@ -160,19 +161,22 @@ class AccessoriesFilesController extends Controller
                    ->header('Content-Type', 'text/plain');
            } else {

-                // Display the file inline
-                if (request('inline') == 'true') {
-                    $headers = [
-                        'Content-Disposition' => 'inline',
-                    ];
-                    return Storage::download($file, $log->filename, $headers);
-                }
-
-
                // We have to override the URL stuff here, since local defaults in Laravel's Flysystem
                // won't work, as they're not accessible via the web
                if (config('filesystems.default') == 'local') { // TODO - is there any way to fix this at the StorageHelper layer?
                    return StorageHelper::downloader($file);
+                } else {
+                    if ($download != 'true') {
+                        \Log::debug('display the file');
+                        if ($contents = file_get_contents(Storage::url($file))) { // TODO - this will fail on private S3 files or large public ones
+                            return Response::make(Storage::url($file)->header('Content-Type', mime_content_type($file)));
+                        }
+
+                        return JsonResponse::create(['error' => 'Failed validation: '], 500);
+                    }
+
+                    return StorageHelper::downloader($file);
+
                }
            }
        }
@@ -18,36 +18,26 @@ class AccessoryCheckoutController extends Controller
     * Return the form to checkout an Accessory to a user.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @param  int $id
+     * @param  int $accessoryId
     * @return View
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
-    public function create($id)
+    public function create($accessoryId)
    {
-
-        if ($accessory = Accessory::withCount('users as users_count')->find($id)) {
-
-            $this->authorize('checkout', $accessory);
-
-            if ($accessory->category) {
-                // Make sure there is at least one available to checkout
-                if ($accessory->numRemaining() <= 0){
-                    return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.checkout.unavailable'));
-                }
-
-                // Return the checkout view
-                return view('accessories/checkout', compact('accessory'));
-            }
-
-            // Invalid category
-            return redirect()->route('accessories.edit', ['accessory' => $accessory->id])
-                ->with('error', trans('general.invalid_item_category_single', ['type' => trans('general.accessory')]));
-
+        // Check if the accessory exists
+        if (is_null($accessory = Accessory::find($accessoryId))) {
+            // Redirect to the accessory management page with error
+            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.not_found'));
        }

-        // Not found
-        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.not_found'));
+        if ($accessory->category) {
+            $this->authorize('checkout', $accessory);

+            // Get the dropdown of users and then pass it to the checkout view
+            return view('accessories/checkout', compact('accessory'));
+        }
+
+        return redirect()->back()->with('error', 'The category type for this accessory is not valid. Edit the accessory and select a valid accessory category.');
    }

    /**
@@ -65,23 +55,17 @@ class AccessoryCheckoutController extends Controller
    public function store(Request $request, $accessoryId)
    {
        // Check if the accessory exists
-        if (is_null($accessory = Accessory::withCount('users as users_count')->find($accessoryId))) {
+        if (is_null($accessory = Accessory::find($accessoryId))) {
            // Redirect to the accessory management page with error
            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.user_not_found'));
        }

        $this->authorize('checkout', $accessory);

-        if (!$user = User::find($request->input('assigned_to'))) {
+        if (! $user = User::find($request->input('assigned_to'))) {
            return redirect()->route('accessories.checkout.show', $accessory->id)->with('error', trans('admin/accessories/message.checkout.user_does_not_exist'));
        }

-        // Make sure there is at least one available to checkout
-        if ($accessory->numRemaining() <= 0){
-            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.checkout.unavailable'));
-        }
-
-
        // Update the accessory data
        $accessory->assigned_to = e($request->input('assigned_to'));

@@ -69,7 +69,7 @@ class AcceptanceController extends Controller
        }

        if (! Company::isCurrentUserHasAccess($acceptance->checkoutable)) {
-            return redirect()->route('account.accept')->with('error', trans('general.error_user_company'));
+            return redirect()->route('account.accept')->with('error', trans('general.insufficient_permissions'));
        }

        return view('account/accept.create', compact('acceptance'));
@@ -121,6 +121,7 @@ class AcceptanceController extends Controller
        $pdf_filename = 'accepted-eula-'.date('Y-m-d-h-i-s').'.pdf';
        $sig_filename='';

+
        if ($request->input('asset_acceptance') == 'accepted') {

            /**
@@ -152,14 +153,12 @@ class AcceptanceController extends Controller
                }
            }

+
            // this is horrible
            switch($acceptance->checkoutable_type){
                case 'App\Models\Asset':
                        $pdf_view_route ='account.accept.accept-asset-eula';
                        $asset_model = AssetModel::find($item->model_id);
-                        if (!$asset_model) {
-                            return redirect()->back()->with('error', trans('admin/models/message.does_not_exist'));
-                        }
                        $display_model = $asset_model->name;
                        $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
                break;
@@ -168,7 +167,7 @@ class AcceptanceController extends Controller
                        $pdf_view_route ='account.accept.accept-accessory-eula';
                        $accessory = Accessory::find($item->id);
                        $display_model = $accessory->name;
-                        $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
+                        $assigned_to = User::find($item->assignedTo);
                break;

                case 'App\Models\LicenseSeat':
@@ -223,8 +222,8 @@ class AcceptanceController extends Controller
                'item_model' => $display_model,
                'item_serial' => $item->serial,
                'eula' => $item->getEula(),
-                'check_out_date' => Carbon::parse($acceptance->created_at)->format('Y-m-d'),
-                'accepted_date' => Carbon::parse($acceptance->accepted_at)->format('Y-m-d'),
+                'check_out_date' => Carbon::parse($acceptance->created_at)->format($branding_settings->date_display_format),
+                'accepted_date' => Carbon::parse($acceptance->accepted_at)->format($branding_settings->date_display_format),
                'assigned_to' => $assigned_to,
                'company_name' => $branding_settings->site_name,
                'signature' => ($sig_filename) ? storage_path() . '/private_uploads/signatures/' . $sig_filename : null,
@@ -245,51 +244,17 @@ class AcceptanceController extends Controller
            $return_msg = trans('admin/users/message.accepted');

        } else {
-
-            /**
-             * Check for the eula-pdfs directory
-             */
-            if (! Storage::exists('private_uploads/eula-pdfs')) {
-                Storage::makeDirectory('private_uploads/eula-pdfs', 775);
-            }
-
-            if (Setting::getSettings()->require_accept_signature == '1') {
-                
-                // Check if the signature directory exists, if not create it
-                if (!Storage::exists('private_uploads/signatures')) {
-                    Storage::makeDirectory('private_uploads/signatures', 775);
-                }
-
-                // The item was accepted, check for a signature
-                if ($request->filled('signature_output')) {
-                    $sig_filename = 'siglog-' . Str::uuid() . '-' . date('Y-m-d-his') . '.png';
-                    $data_uri = $request->input('signature_output');
-                    $encoded_image = explode(',', $data_uri);
-                    $decoded_image = base64_decode($encoded_image[1]);
-                    Storage::put('private_uploads/signatures/' . $sig_filename, (string)$decoded_image);
-
-                    // No image data is present, kick them back.
-                    // This mostly only applies to users on super-duper crapola browsers *cough* IE *cough*
-                } else {
-                    return redirect()->back()->with('error', trans('general.shitty_browser'));
-                }
-            }
-            
            // Format the data to send the declined notification
            $branding_settings = SettingsController::getPDFBranding();

            // This is the most horriblest
            switch($acceptance->checkoutable_type){
                case 'App\Models\Asset':
-                    $asset_model = AssetModel::find($item->model_id);
-                    $display_model = $asset_model->name;
                    $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
                    break;

                case 'App\Models\Accessory':
-                    $accessory = Accessory::find($item->id);
-                    $display_model = $accessory->name;
-                    $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
+                    $assigned_to = User::find($item->assignedTo);
                    break;

                case 'App\Models\LicenseSeat':
@@ -301,8 +266,6 @@ class AcceptanceController extends Controller
                    break;

                case 'App\Models\Consumable':
-                    $consumable = Consumable::find($item->id);
-                    $display_model = $consumable->name;
                    $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
                    break;
            }
@@ -310,19 +273,12 @@ class AcceptanceController extends Controller
                'item_tag' => $item->asset_tag,
                'item_model' => $display_model,
                'item_serial' => $item->serial,
-                'declined_date' => Carbon::parse($acceptance->declined_at)->format('Y-m-d'),
-                'signature' => ($sig_filename) ? storage_path() . '/private_uploads/signatures/' . $sig_filename : null,
+                'declined_date' => Carbon::parse($acceptance->accepted_at)->format($branding_settings->date_display_format),
                'assigned_to' => $assigned_to,
                'company_name' => $branding_settings->site_name,
                'date_settings' => $branding_settings->date_display_format,
            ];

-            if ($pdf_view_route!='') {
-                \Log::debug($pdf_filename.' is the filename, and the route was specified.');
-                $pdf = Pdf::loadView($pdf_view_route, $data);
-                Storage::put('private_uploads/eula-pdfs/' .$pdf_filename, $pdf->output());
-            }
-
            $acceptance->decline($sig_filename);
            $acceptance->notify(new AcceptanceAssetDeclinedNotification($data));
            event(new CheckoutDeclined($acceptance));
@@ -333,4 +289,4 @@ class AcceptanceController extends Controller
        return redirect()->to('account/accept')->with('success', $return_msg);

    }
-}
+}
@@ -26,10 +26,7 @@ class AccessoriesController extends Controller
     */
    public function index(Request $request)
    {
-        if ($request->user()->cannot('reports.view')) {
-            $this->authorize('view', Accessory::class);
-        }
-
+        $this->authorize('view', Accessory::class);

        // This array is what determines which fields should be allowed to be sorted on ON the table itself, no relations
        // Relations will be handled in query scopes a little further down.
@@ -44,13 +41,10 @@ class AccessoriesController extends Controller
                'min_amt',
                'company_id',
                'notes',
-                'users_count',
-                'qty',
            ];


-        $accessories = Accessory::select('accessories.*')->with('category', 'company', 'manufacturer', 'users', 'location', 'supplier')
-                                ->withCount('users as users_count');
+        $accessories = Accessory::select('accessories.*')->with('category', 'company', 'manufacturer', 'users', 'location', 'supplier');

        if ($request->filled('search')) {
            $accessories = $accessories->TextSearch($request->input('search'));
@@ -80,9 +74,12 @@ class AccessoriesController extends Controller
            $accessories->where('notes','=',$request->input('notes'));
        }

-        // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $accessories->count()) ? $accessories->count() : abs($request->input('offset'));
-        $limit = app('api_limit_value');
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($accessories) && ($request->get('offset') > $accessories->count())) ? $accessories->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');

        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort_override =  $request->input('sort');
@@ -150,7 +147,7 @@ class AccessoriesController extends Controller
    public function show($id)
    {
        $this->authorize('view', Accessory::class);
-        $accessory = Accessory::withCount('users as users_count')->findOrFail($id);
+        $accessory = Accessory::findOrFail($id);

        return (new AccessoriesTransformer)->transformAccessory($accessory);
    }
@@ -331,7 +328,7 @@ class AccessoriesController extends Controller
        $accessory = Accessory::find($accessory_user->accessory_id);
        $this->authorize('checkin', $accessory);

-        $logaction = $accessory->logCheckin(User::find($accessory_user->assigned_to), $request->input('note'));
+        $logaction = $accessory->logCheckin(User::find($accessory_user->user_id), $request->input('note'));

        // Was the accessory updated?
        if (DB::table('accessories_users')->where('id', '=', $accessory_user->id)->delete()) {
@@ -36,7 +36,7 @@ class AssetMaintenancesController extends Controller
    {
        $this->authorize('view', Asset::class);

-        $maintenances = AssetMaintenance::select('asset_maintenances.*')->with('asset', 'asset.model', 'asset.location', 'asset.defaultLoc', 'supplier', 'asset.company', 'admin');
+        $maintenances = AssetMaintenance::select('asset_maintenances.*')->with('asset', 'asset.model', 'asset.location', 'supplier', 'asset.company', 'admin');

        if ($request->filled('search')) {
            $maintenances = $maintenances->TextSearch($request->input('search'));
@@ -55,9 +55,12 @@ class AssetMaintenancesController extends Controller
        }


-        // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $maintenances->count()) ? $maintenances->count() : abs($request->input('offset'));
-        $limit = app('api_limit_value');
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($maintenances) && ($request->get('offset') > $maintenances->count())) ? $maintenances->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');

        $allowed_columns = [
                                'id',
@@ -71,8 +74,7 @@ class AssetMaintenancesController extends Controller
                                'asset_tag',
                                'asset_name',
                                'user_id',
-                                'supplier',
-                                'is_warranty',
+                                'supplier'
                            ];
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
@@ -119,7 +121,7 @@ class AssetMaintenancesController extends Controller
        $assetMaintenance = new AssetMaintenance();
        $assetMaintenance->supplier_id = $request->input('supplier_id');
        $assetMaintenance->is_warranty = $request->input('is_warranty');
-        $assetMaintenance->cost =  $request->input('cost');
+        $assetMaintenance->cost =  Helper::ParseCurrency($request->input('cost'));
        $assetMaintenance->notes = e($request->input('notes'));
        $asset = Asset::find(e($request->input('asset_id')));

@@ -176,7 +178,7 @@ class AssetMaintenancesController extends Controller

        $assetMaintenance->supplier_id = e($request->input('supplier_id'));
        $assetMaintenance->is_warranty = e($request->input('is_warranty'));
-        $assetMaintenance->cost =  $request->input('cost');
+        $assetMaintenance->cost =  Helper::ParseCurrency($request->input('cost'));
        $assetMaintenance->notes = e($request->input('notes'));

        $asset = Asset::find(request('asset_id'));
@@ -38,7 +38,6 @@ class AssetModelsController extends Controller
                'image',
                'name',
                'model_number',
-                'min_amt',
                'eol',
                'notes',
                'created_at',
@@ -46,7 +45,6 @@ class AssetModelsController extends Controller
                'requestable',
                'assets_count',
                'category',
-                'fieldset',
            ];

        $assetmodels = AssetModel::select([
@@ -54,7 +52,6 @@ class AssetModelsController extends Controller
            'models.image',
            'models.name',
            'model_number',
-            'min_amt',
            'eol',
            'requestable',
            'models.notes',
@@ -66,7 +63,7 @@ class AssetModelsController extends Controller
            'models.deleted_at',
            'models.updated_at',
         ])
-            ->with('category', 'depreciation', 'manufacturer', 'fieldset.fields.defaultValues')
+            ->with('category', 'depreciation', 'manufacturer', 'fieldset')
            ->withCount('assets as assets_count');

        if ($request->input('status')=='deleted') {
@@ -81,9 +78,12 @@ class AssetModelsController extends Controller
            $assetmodels->TextSearch($request->input('search'));
        }

-        // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $assetmodels->count()) ? $assetmodels->count() : abs($request->input('offset'));
-        $limit = app('api_limit_value');
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($assetmodels) && ($request->get('offset') > $assetmodels->count())) ? $assetmodels->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');

        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'models.created_at';
@@ -95,9 +95,6 @@ class AssetModelsController extends Controller
            case 'category':
                $assetmodels->OrderCategory($order);
                break;
-            case 'fieldset':
-                $assetmodels->OrderFieldset($order);
-                break;
            default:
                $assetmodels->orderBy($sort, $order);
                break;
@@ -33,7 +33,6 @@ use TCPDF;
 use Validator;
 use Route;

-
 /**
 * This class controls all actions related to assets for
 * the Snipe-IT Asset Management application.
@@ -49,7 +48,7 @@ class AssetsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param int $assetId
     * @since [v4.0]
-     * @return \Illuminate\Http\JsonResponse
+     * @return JsonResponse
     */
    public function index(Request $request, $audit = null) 
    {
@@ -101,8 +100,6 @@ class AssetsController extends Controller
            'checkout_counter',
            'checkin_counter',
            'requests_counter',
-            'byod',
-            'asset_eol_date',
        ];

        $filter = [];
@@ -116,7 +113,7 @@ class AssetsController extends Controller
            $allowed_columns[] = $field->db_column_name();
        }

-        $assets = Asset::select('assets.*')
+        $assets = Company::scopeCompanyables(Asset::select('assets.*'), 'company_id', 'assets')
            ->with('location', 'assetstatus', 'company', 'defaultLoc','assignedTo',
                'model.category', 'model.manufacturer', 'model.fieldset','supplier'); //it might be tempting to add 'assetlog' here, but don't. It blows up update-heavy users.

@@ -126,12 +123,11 @@ class AssetsController extends Controller
            $assets->InModelList($non_deprecable_models->toArray());
        }

-
-
        // These are used by the API to query against specific ID numbers.
        // They are also used by the individual searches on detail pages like
        // locations, etc.

+
        // Search custom fields by column name
        foreach ($all_custom_fields as $field) {
            if ($request->filled($field->db_column_name())) {
@@ -139,12 +135,72 @@ class AssetsController extends Controller
            }
        }

-        if ((! is_null($filter)) && (count($filter)) > 0) {
-            $assets->ByFilter($filter);
-        } elseif ($request->filled('search')) {
-            $assets->TextSearch($request->input('search'));
+
+        if ($request->filled('status_id')) {
+            $assets->where('assets.status_id', '=', $request->input('status_id'));
        }

+        if ($request->filled('asset_tag')) {
+            $assets->where('assets.asset_tag', '=', $request->input('asset_tag'));
+        }
+
+        if ($request->filled('serial')) {
+            $assets->where('assets.serial', '=', $request->input('serial'));
+        }
+
+        if ($request->input('requestable') == 'true') {
+            $assets->where('assets.requestable', '=', '1');
+        }
+
+        if ($request->filled('model_id')) {
+            $assets->InModelList([$request->input('model_id')]);
+        }
+
+        if ($request->filled('category_id')) {
+            $assets->InCategory($request->input('category_id'));
+        }
+
+        if ($request->filled('location_id')) {
+            $assets->where('assets.location_id', '=', $request->input('location_id'));
+        }
+
+        if ($request->filled('rtd_location_id')) {
+            $assets->where('assets.rtd_location_id', '=', $request->input('rtd_location_id'));
+        }
+
+        if ($request->filled('supplier_id')) {
+            $assets->where('assets.supplier_id', '=', $request->input('supplier_id'));
+        }
+
+        if (($request->filled('assigned_to')) && ($request->filled('assigned_type'))) {
+            $assets->where('assets.assigned_to', '=', $request->input('assigned_to'))
+                ->where('assets.assigned_type', '=', $request->input('assigned_type'));
+        }
+
+        if ($request->filled('company_id')) {
+            $assets->where('assets.company_id', '=', $request->input('company_id'));
+        }
+
+        if ($request->filled('manufacturer_id')) {
+            $assets->ByManufacturer($request->input('manufacturer_id'));
+        }
+
+        if ($request->filled('depreciation_id')) {
+            $assets->ByDepreciationId($request->input('depreciation_id'));
+        }
+
+        $request->filled('order_number') ? $assets = $assets->where('assets.order_number', '=', e($request->get('order_number'))) : '';
+
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($assets) && ($request->get('offset') > $assets->count())) ? $assets->count() : $request->get('offset', 0);
+
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');
+
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+
        // This is used by the audit reporting routes
        if (Gate::allows('audit', Asset::class)) {
            switch ($audit) {
@@ -158,6 +214,7 @@ class AssetsController extends Controller
        }


+
        // This is used by the sidenav, mostly

        // We switched from using query scopes here because of a Laravel bug
@@ -207,12 +264,7 @@ class AssetsController extends Controller
                break;
            case 'Deployed':
                // more sad, horrible workarounds for laravel bugs when doing full text searches
-                $assets->whereNotNull('assets.assigned_to');
-                break;
-            case 'byod':
-                // This is kind of redundant, since we already check for byod=1 above, but this keeps the
-                // sidebar nav links a little less chaotic
-                $assets->where('assets.byod', '=', '1');
+                $assets->where('assets.assigned_to', '>', '0');
                break;
            default:

@@ -233,71 +285,12 @@ class AssetsController extends Controller
        }


-        // Leave these under the TextSearch scope, else the fuzziness will override the specific ID (status ID, etc) requested
-        if ($request->filled('status_id')) {
-            $assets->where('assets.status_id', '=', $request->input('status_id'));
+        if ((! is_null($filter)) && (count($filter)) > 0) {
+            $assets->ByFilter($filter);
+        } elseif ($request->filled('search')) {
+            $assets->TextSearch($request->input('search'));
        }

-        if ($request->filled('asset_tag')) {
-            $assets->where('assets.asset_tag', '=', $request->input('asset_tag'));
-        }
-
-        if ($request->filled('serial')) {
-            $assets->where('assets.serial', '=', $request->input('serial'));
-        }
-
-        if ($request->input('requestable') == 'true') {
-            $assets->where('assets.requestable', '=', '1');
-        }
-
-        if ($request->filled('model_id')) {
-            $assets->InModelList([$request->input('model_id')]);
-        }
-
-        if ($request->filled('category_id')) {
-            $assets->InCategory($request->input('category_id'));
-        }
-
-        if ($request->filled('location_id')) {
-            $assets->where('assets.location_id', '=', $request->input('location_id'));
-        }
-
-        if ($request->filled('rtd_location_id')) {
-            $assets->where('assets.rtd_location_id', '=', $request->input('rtd_location_id'));
-        }
-
-        if ($request->filled('supplier_id')) {
-            $assets->where('assets.supplier_id', '=', $request->input('supplier_id'));
-        }
-
-        if ($request->filled('asset_eol_date')) {
-            $assets->where('assets.asset_eol_date', '=', $request->input('asset_eol_date'));
-        }
-
-        if (($request->filled('assigned_to')) && ($request->filled('assigned_type'))) {
-            $assets->where('assets.assigned_to', '=', $request->input('assigned_to'))
-                ->where('assets.assigned_type', '=', $request->input('assigned_type'));
-        }
-
-        if ($request->filled('company_id')) {
-            $assets->where('assets.company_id', '=', $request->input('company_id'));
-        }
-
-        if ($request->filled('manufacturer_id')) {
-            $assets->ByManufacturer($request->input('manufacturer_id'));
-        }
-
-        if ($request->filled('depreciation_id')) {
-            $assets->ByDepreciationId($request->input('depreciation_id'));
-        }
-
-        if ($request->filled('byod')) {
-            $assets->where('assets.byod', '=', $request->input('byod'));
-        }
-
-        if ($request->filled('order_number')) {
-            $assets->where('assets.order_number', '=', strval($request->get('order_number')));
-        }

        // This is kinda gross, but we need to do this because the Bootstrap Tables
        // API passes custom field ordering as custom_fields.fieldname, and we have to strip
@@ -308,8 +301,7 @@ class AssetsController extends Controller
        // in the allowed_columns array)
        $column_sort = in_array($sort_override, $allowed_columns) ? $sort_override : 'assets.created_at';

-        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        
+
        switch ($sort_override) {
            case 'model':
                $assets->OrderModels($order);
@@ -346,10 +338,6 @@ class AssetsController extends Controller
        }


-        // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $assets->count()) ? $assets->count() : app('api_offset_value');
-        $limit = app('api_limit_value');
-
        $total = $assets->count();
        $assets = $assets->skip($offset)->take($limit)->get();
        
@@ -444,7 +432,7 @@ class AssetsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param int $assetId
     * @since [v4.0]
-     * @return \Illuminate\Http\JsonResponse
+     * @return JsonResponse
     */
    public function show(Request $request, $id)
    {
@@ -462,7 +450,7 @@ class AssetsController extends Controller
    {
        $this->authorize('view', Asset::class);
        $this->authorize('view', License::class);
-        $asset = Asset::where('id', $id)->withTrashed()->firstorfail();
+        $asset = Asset::where('id', $id)->withTrashed()->first();
        $licenses = $asset->licenses()->get();

        return (new LicensesTransformer())->transformLicenses($licenses, $licenses->count());
@@ -475,12 +463,12 @@ class AssetsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0.16]
     * @see \App\Http\Transformers\SelectlistTransformer
-     * @return \Illuminate\Http\JsonResponse
+     *
     */
    public function selectlist(Request $request)
    {

-        $assets = Asset::select([
+        $assets = Company::scopeCompanyables(Asset::select([
            'assets.id',
            'assets.name',
            'assets.asset_tag',
@@ -488,7 +476,7 @@ class AssetsController extends Controller
            'assets.assigned_to',
            'assets.assigned_type',
            'assets.status_id',
-            ])->with('model', 'assetstatus', 'assignedTo')->NotArchived();
+            ])->with('model', 'assetstatus', 'assignedTo')->NotArchived(), 'company_id', 'assets');

        if ($request->filled('assetStatusType') && $request->input('assetStatusType') === 'RTD') {
            $assets = $assets->RTD();
@@ -531,12 +519,12 @@ class AssetsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param \App\Http\Requests\ImageUploadRequest $request
     * @since [v4.0]
-     * @return \Illuminate\Http\JsonResponse
+     * @return JsonResponse
     */
    public function store(ImageUploadRequest $request)
    {
        $this->authorize('create', Asset::class);
-        
+
        $asset = new Asset();
        $asset->model()->associate(AssetModel::find((int) $request->get('model_id')));

@@ -553,8 +541,7 @@ class AssetsController extends Controller
        $asset->depreciate              = '0';
        $asset->status_id               = $request->get('status_id', 0);
        $asset->warranty_months         = $request->get('warranty_months', null);
-        $asset->purchase_cost           = $request->get('purchase_cost');
-        $asset->asset_eol_date          = $request->get('asset_eol_date', $asset->present()->eol_date());
+        $asset->purchase_cost           = Helper::ParseCurrency($request->get('purchase_cost')); // this is the API's store method, so I don't know that I want to do this? Confusing. FIXME (or not?!)
        $asset->purchase_date           = $request->get('purchase_date', null);
        $asset->assigned_to             = $request->get('assigned_to', null);
        $asset->supplier_id             = $request->get('supplier_id');
@@ -562,7 +549,6 @@ class AssetsController extends Controller
        $asset->rtd_location_id         = $request->get('rtd_location_id', null);
        $asset->location_id             = $request->get('rtd_location_id', null);

-
        /**
        * this is here just legacy reasons. Api\AssetController
        * used image_source  once to allow encoded image uploads.
@@ -576,7 +562,6 @@ class AssetsController extends Controller
        // Update custom fields in the database.
        // Validation for these fields is handled through the AssetRequest form request
        $model = AssetModel::find($request->get('model_id'));
-
        if (($model) && ($model->fieldset)) {
            foreach ($model->fieldset->fields as $field) {

@@ -639,7 +624,7 @@ class AssetsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param \App\Http\Requests\ImageUploadRequest $request
     * @since [v4.0]
-     * @return \Illuminate\Http\JsonResponse
+     * @return JsonResponse
     */
    public function update(ImageUploadRequest $request, $id)
    {
@@ -666,11 +651,10 @@ class AssetsController extends Controller
                $request->offsetSet('image', $request->offsetGet('image_source'));
            }     

-            $asset = $request->handleImages($asset);
-            $model = AssetModel::find($asset->model_id);
+            $asset = $request->handleImages($asset); 
            
            // Update custom fields
-            if (($model) && (isset($model->fieldset))) {
+            if (($model = AssetModel::find($asset->model_id)) && (isset($model->fieldset))) {
                foreach ($model->fieldset->fields as $field) {
                    if ($request->has($field->db_column)) {
                        if ($field->field_encrypted == '1') {
@@ -721,7 +705,7 @@ class AssetsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param int $assetId
     * @since [v4.0]
-     * @return \Illuminate\Http\JsonResponse
+     * @return JsonResponse
     */
    public function destroy($id)
    {
@@ -750,28 +734,38 @@ class AssetsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param int $assetId
     * @since [v5.1.18]
-     * @return \Illuminate\Http\JsonResponse
+     * @return JsonResponse
     */
    public function restore(Request $request, $assetId = null)
    {
+        // Get asset information
+        $asset = Asset::withTrashed()->find($assetId);
+        $this->authorize('delete', $asset);

-        if ($asset = Asset::withTrashed()->find($assetId)) {
-            $this->authorize('delete', $asset);
+        if (isset($asset->id)) {

-            if ($asset->deleted_at == '') {
-                return response()->json(Helper::formatStandardApiResponse('error', trans('general.not_deleted', ['item_type' => trans('general.asset')])), 200);
+            if ($asset->deleted_at=='') {
+               $message = 'Asset was not deleted. No data was changed.';
+
+            } else {
+
+                $message = trans('admin/hardware/message.restore.success');
+                // Restore the asset
+                Asset::withTrashed()->where('id', $assetId)->restore();
+
+                $logaction = new Actionlog();
+                $logaction->item_type = Asset::class;
+                $logaction->item_id = $asset->id;
+                $logaction->created_at =  date("Y-m-d H:i:s");
+                $logaction->user_id = Auth::user()->id;
+                $logaction->logaction('restored');
            }

-            if ($asset->restore()) {
-                return response()->json(Helper::formatStandardApiResponse('success', trans('admin/hardware/message.restore.success')), 200);
-            }
+            return response()->json(Helper::formatStandardApiResponse('success', (new AssetsTransformer)->transformAsset($asset, $request), $message));
+        

-            // Check validation to make sure we're not restoring an asset with the same asset tag (or unique attribute) as an existing asset
-            return response()->json(Helper::formatStandardApiResponse('error', trans('general.could_not_restore', ['item_type' => trans('general.asset'), 'error' => $asset->getErrors()->first()])), 200);
        }
-
        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 200);
-
    }

    /**
@@ -780,7 +774,7 @@ class AssetsController extends Controller
     * @author [N. Butler]
     * @param string $tag
     * @since [v6.0.5]
-     * @return \Illuminate\Http\JsonResponse
+     * @return JsonResponse
     */
    public function checkoutByTag(AssetCheckoutRequest $request, $tag)
    {
@@ -796,7 +790,7 @@ class AssetsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param int $assetId
     * @since [v4.0]
-     * @return \Illuminate\Http\JsonResponse
+     * @return JsonResponse
     */
    public function checkout(AssetCheckoutRequest $request, $asset_id)
    {
@@ -825,6 +819,7 @@ class AssetsController extends Controller

        } elseif (request('checkout_to_type') == 'asset') {
            $target = Asset::where('id', '!=', $asset_id)->find(request('assigned_asset'));
+            $asset->location_id = $target->rtd_location_id;
            // Override with the asset's location_id if it has one
            $asset->location_id = (($target) && (isset($target->location_id))) ? $target->location_id : '';
            $error_payload['target_id'] = $request->input('assigned_asset');
@@ -852,8 +847,7 @@ class AssetsController extends Controller
        $checkout_at = request('checkout_at', date('Y-m-d H:i:s'));
        $expected_checkin = request('expected_checkin', null);
        $note = request('note', null);
-        // Using `->has` preserves the asset name if the name parameter was not included in request.
-        $asset_name = request()->has('name') ? request('name') : $asset->name;
+        $asset_name = request('name', null);

        // Set the location ID to the RTD location id if there is one
        // Wait, why are we doing this? This overrides the stuff we set further up, which makes no sense.
@@ -880,7 +874,7 @@ class AssetsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param int $assetId
     * @since [v4.0]
-     * @return \Illuminate\Http\JsonResponse
+     * @return JsonResponse
     */
    public function checkin(Request $request, $asset_id)
    {
@@ -896,7 +890,6 @@ class AssetsController extends Controller

        $asset->expected_checkin = null;
        $asset->last_checkout = null;
-        $asset->last_checkin = now();
        $asset->assigned_to = null;
        $asset->assignedTo()->disassociate($asset);
        $asset->accepted = null;
@@ -916,14 +909,10 @@ class AssetsController extends Controller
        }
        
        $checkin_at = $request->filled('checkin_at') ? $request->input('checkin_at').' '. date('H:i:s') : date('Y-m-d H:i:s');
-        $originalValues = $asset->getRawOriginal();

-        if (($request->filled('checkin_at')) && ($request->get('checkin_at') != date('Y-m-d'))) {
-            $originalValues['action_date'] = $checkin_at;
-        }

        if ($asset->save()) {
-            event(new CheckoutableCheckedIn($asset, $target, Auth::user(), $request->input('note'), $checkin_at, $originalValues));
+            event(new CheckoutableCheckedIn($asset, $target, Auth::user(), $request->input('note'), $checkin_at));

            return response()->json(Helper::formatStandardApiResponse('success', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkin.success')));
        }
@@ -936,23 +925,20 @@ class AssetsController extends Controller
     *
     * @author [A. Janes] [<ajanes@adagiohealth.org>]
     * @since [v6.0]
-     * @return \Illuminate\Http\JsonResponse
+     * @return JsonResponse
     */
-    public function checkinByTag(Request $request, $tag = null)
+    public function checkinByTag(Request $request)
    {
        $this->authorize('checkin', Asset::class);
-        if(null == $tag && null !== ($request->input('asset_tag'))) {
-            $tag = $request->input('asset_tag');
-        }
-        $asset = Asset::where('asset_tag', $tag)->first();
+        $asset = Asset::where('asset_tag', $request->input('asset_tag'))->first();

        if ($asset) {
            return $this->checkin($request, $asset->id);
        }

        return response()->json(Helper::formatStandardApiResponse('error', [
-            'asset'=> e($tag)
-        ], 'Asset with tag '.e($tag).' not found'));
+            'asset'=> e($request->input('asset_tag'))
+        ], 'Asset with tag '.e($request->input('asset_tag')).' not found'));
    }


@@ -962,7 +948,7 @@ class AssetsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param int $id
     * @since [v4.0]
-     * @return \Illuminate\Http\JsonResponse
+     * @return JsonResponse
     */
    public function audit(Request $request)

@@ -1023,54 +1009,23 @@ class AssetsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
-     * @return \Illuminate\Http\JsonResponse
+     * @return JsonResponse
     */
    public function requestable(Request $request)
    {
        $this->authorize('viewRequestable', Asset::class);

-        $allowed_columns = [
-            'name',
-            'asset_tag',
-            'serial',
-            'model_number',
-            'image',
-            'purchase_cost',
-            'expected_checkin',
-        ];
-
-        $all_custom_fields = CustomField::all(); //used as a 'cache' of custom fields throughout this page load
-
-        foreach ($all_custom_fields as $field) {
-            $allowed_columns[] = $field->db_column_name();
-        }
-
-        $assets = Asset::select('assets.*')
-            ->with('location', 'assetstatus', 'assetlog', 'company','assignedTo',
-                'model.category', 'model.manufacturer', 'model.fieldset', 'supplier', 'requests')
-            ->requestableAssets();
-
-
-
+        $assets = Company::scopeCompanyables(Asset::select('assets.*'), 'company_id', 'assets')
+            ->with('location', 'assetstatus', 'assetlog', 'company', 'defaultLoc','assignedTo',
+                'model.category', 'model.manufacturer', 'model.fieldset', 'supplier')->requestableAssets();

+        $offset = request('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        if ($request->filled('search')) {
            $assets->TextSearch($request->input('search'));
        }

-        // Search custom fields by column name
-        foreach ($all_custom_fields as $field) {
-            if ($request->filled($field->db_column_name())) {
-                $assets->where($field->db_column_name(), '=', $request->input($field->db_column_name()));
-            }
-        }
-
-        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $sort_override = str_replace('custom_fields.', '', $request->input('sort'));
-
-        // This handles all the pivot sorting (versus the assets.* fields
-        // in the allowed_columns array)
-        $column_sort = in_array($sort_override, $allowed_columns) ? $sort_override : 'assets.created_at';
-
        switch ($request->input('sort')) {
            case 'model':
                $assets->OrderModels($order);
@@ -1078,19 +1033,17 @@ class AssetsController extends Controller
            case 'model_number':
                $assets->OrderModelNumber($order);
                break;
-            case 'location':
-                $assets->OrderLocation($order);
+            case 'category':
+                $assets->OrderCategory($order);
+                break;
+            case 'manufacturer':
+                $assets->OrderManufacturer($order);
                break;
            default:
-                $assets->orderBy($column_sort, $order);
+                $assets->orderBy('assets.created_at', $order);
                break;
        }

-
-        // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $assets->count()) ? $assets->count() : app('api_offset_value');
-        $limit = app('api_limit_value');
-
        $total = $assets->count();
        $assets = $assets->skip($offset)->take($limit)->get();

@@ -10,7 +10,6 @@ use App\Models\Category;
 use Illuminate\Http\Request;
 use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Storage;
-use Illuminate\Support\Facades\Validator;

 class CategoriesController extends Controller
 {
@@ -24,48 +23,10 @@ class CategoriesController extends Controller
    public function index(Request $request)
    {
        $this->authorize('view', Category::class);
-        $allowed_columns = [
-            'id',
-            'name',
-            'category_type',
-            'category_type',
-            'use_default_eula',
-            'eula_text',
-            'require_acceptance',
-            'checkin_email',
-            'assets_count',
-            'accessories_count',
-            'consumables_count',
-            'components_count',
-            'licenses_count',
-            'image',
-        ];
+        $allowed_columns = ['id', 'name', 'category_type', 'category_type', 'use_default_eula', 'eula_text', 'require_acceptance', 'checkin_email', 'assets_count', 'accessories_count', 'consumables_count', 'components_count', 'licenses_count', 'image'];

-        $categories = Category::select([
-            'id',
-            'created_at',
-            'updated_at',
-            'name', 'category_type',
-            'use_default_eula',
-            'eula_text',
-            'require_acceptance',
-            'checkin_email',
-            'image'
-            ])->withCount('accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'licenses as licenses_count');
-
-
-        /*
-         * This checks to see if we should override the Admin Setting to show archived assets in list.
-         * We don't currently use it within the Snipe-IT GUI, but will be useful for API integrations where they
-         * may actually need to fetch assets that are archived.
-         *
-         * @see \App\Models\Category::showableAssets()
-         */
-        if ($request->input('archived')=='true') {
-            $categories = $categories->withCount('assets as assets_count');
-        } else {
-            $categories = $categories->withCount('showableAssets as assets_count');
-        }
+        $categories = Category::select(['id', 'created_at', 'updated_at', 'name', 'category_type', 'use_default_eula', 'eula_text', 'require_acceptance', 'checkin_email', 'image'])
+            ->withCount('assets as assets_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'licenses as licenses_count');

        if ($request->filled('search')) {
            $categories = $categories->TextSearch($request->input('search'));
@@ -91,9 +52,14 @@ class CategoriesController extends Controller
            $categories->where('checkin_email', '=', $request->input('checkin_email'));
        }

-        // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $categories->count()) ? $categories->count() : app('api_offset_value');
-        $limit = app('api_limit_value');
+
+
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($categories) && ($request->get('offset') > $categories->count())) ? $categories->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');

        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'assets_count';
@@ -141,7 +107,7 @@ class CategoriesController extends Controller
    public function show($id)
    {
        $this->authorize('view', Category::class);
-        $category = Category::withCount('assets as assets_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'licenses as licenses_count')->findOrFail($id);
+        $category = Category::findOrFail($id);
        return (new CategoriesTransformer)->transformCategory($category);

    }
@@ -160,14 +126,8 @@ class CategoriesController extends Controller
    {
        $this->authorize('update', Category::class);
        $category = Category::findOrFail($id);
-
-        // Don't allow the user to change the category_type once it's been created
-        if (($request->filled('category_type')) && ($category->category_type != $request->input('category_type'))) {
-            return response()->json(
-                Helper::formatStandardApiResponse('error', null,  trans('admin/categories/message.update.cannot_change_category_type'))
-            );
-        }
        $category->fill($request->all());
+        $category->category_type = strtolower($request->input('category_type'));
        $category = $request->handleImages($category);

        if ($category->save()) {
@@ -188,7 +148,7 @@ class CategoriesController extends Controller
    public function destroy($id)
    {
        $this->authorize('delete', Category::class);
-        $category = Category::withCount('assets as assets_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'licenses as licenses_count')->findOrFail($id);
+        $category = Category::findOrFail($id);

        if (! $category->isDeletable()) {
            return response()->json(
@@ -27,9 +27,6 @@ class CompaniesController extends Controller
        $allowed_columns = [
            'id',
            'name',
-            'phone',
-            'fax',
-            'email',
            'created_at',
            'updated_at',
            'users_count',
@@ -50,15 +47,13 @@ class CompaniesController extends Controller
            $companies->where('name', '=', $request->input('name'));
        }

-		if ($request->filled('email')) {
-            $companies->where('email', '=', $request->input('email'));
-        }

+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($companies) && ($request->get('offset') > $companies->count())) ? $companies->count() : $request->get('offset', 0);

-        // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $companies->count()) ? $companies->count() : app('api_offset_value');
-        $limit = app('api_limit_value');
-
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');

        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
@@ -173,7 +168,6 @@ class CompaniesController extends Controller
        $companies = Company::select([
            'companies.id',
            'companies.name',
-            'companies.email',
            'companies.image',
        ]);

@@ -12,8 +12,6 @@ use App\Http\Requests\ImageUploadRequest;
 use App\Events\CheckoutableCheckedIn;
 use App\Events\ComponentCheckedIn;
 use App\Models\Asset;
-use Illuminate\Support\Facades\Validator;
-use Illuminate\Database\Query\Builder;

 class ComponentsController extends Controller
 {
@@ -45,8 +43,9 @@ class ComponentsController extends Controller
                'notes',
            ];

-        $components = Component::select('components.*')
-            ->with('company', 'location', 'category', 'assets', 'supplier');
+
+        $components = Company::scopeCompanyables(Component::select('components.*')
+            ->with('company', 'location', 'category', 'assets'));

        if ($request->filled('search')) {
            $components = $components->TextSearch($request->input('search'));
@@ -64,10 +63,6 @@ class ComponentsController extends Controller
            $components->where('category_id', '=', $request->input('category_id'));
        }

-        if ($request->filled('supplier_id')) {
-            $components->where('supplier_id', '=', $request->input('supplier_id'));
-        }
-
        if ($request->filled('location_id')) {
            $components->where('location_id', '=', $request->input('location_id'));
        }
@@ -76,10 +71,14 @@ class ComponentsController extends Controller
            $components->where('notes','=',$request->input('notes'));
        }

-        // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $components->count()) ? $components->count() : app('api_offset_value');
-        $limit = app('api_limit_value');
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($components) && ($request->get('offset') > $components->count())) ? $components->count() : $request->get('offset', 0);

+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');
+
+        
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort_override =  $request->input('sort');
        $column_sort = in_array($sort_override, $allowed_columns) ? $sort_override : 'created_at';
@@ -94,9 +93,6 @@ class ComponentsController extends Controller
            case 'company':
                $components = $components->OrderCompany($order);
                break;
-            case 'supplier':
-                $components = $components->OrderSupplier($order);
-                break;
            default:
                $components = $components->orderBy($column_sort, $order);
                break;
@@ -204,29 +200,12 @@ class ComponentsController extends Controller
        $this->authorize('view', \App\Models\Asset::class);
        
        $component = Component::findOrFail($id);
-        
+        $assets = $component->assets();
+
        $offset = request('offset', 0);
        $limit = $request->input('limit', 50);
-        
-        if ($request->filled('search')) {
-            $assets = $component->assets()
-                                ->where(function ($query) use ($request) {
-                                    $search_str = '%' . $request->input('search') . '%';
-                                    $query->where('name', 'like', $search_str)
-                                            ->orWhereIn('model_id', function (Builder $query) use ($request) {
-                                                $search_str = '%' . $request->input('search') . '%';
-                                                $query->selectRaw('id')->from('models')->where('name', 'like', $search_str);
-                                            })
-                                            ->orWhere('asset_tag', 'like', $search_str);
-                                         })
-                                         ->get();
-            $total = $assets->count();
-        } else {
-            $assets = $component->assets();
-            
-            $total = $assets->count();
-            $assets = $assets->skip($offset)->take($limit)->get();
-        }
+        $total = $assets->count();
+        $assets = $assets->skip($offset)->take($limit)->get();

        return (new ComponentsTransformer)->transformCheckedoutComponents($assets, $total);
    }
@@ -246,30 +225,20 @@ class ComponentsController extends Controller
    public function checkout(Request $request, $componentId)
    {
        // Check if the component exists
-        if (!$component = Component::find($componentId)) {
+        if (is_null($component = Component::find($componentId))) {
            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/components/message.does_not_exist')));
        }

        $this->authorize('checkout', $component);

-        $validator = Validator::make($request->all(), [
-            'assigned_to'          => 'required|exists:assets,id',
-            'assigned_qty'      => "required|numeric|min:1|digits_between:1,".$component->numRemaining(),
-        ]);
-
-        if ($validator->fails()) {
-            return response()->json(Helper::formatStandardApiResponse('error', $validator->errors()));
-
-        }
-
-        // Make sure there is at least one available to checkout
-        if ($component->numRemaining() < $request->get('assigned_qty')) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/components/message.checkout.unavailable', ['remaining' => $component->numRemaining(), 'requested' => $request->get('assigned_qty')])));
-        }

        if ($component->numRemaining() >= $request->get('assigned_qty')) {

-            $asset = Asset::find($request->input('assigned_to'));
+            if (!$asset = Asset::find($request->input('assigned_to'))) {
+                return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')));
+            }
+
+            // Update the accessory data
            $component->assigned_to = $request->input('assigned_to');

            $component->assets()->attach($component->id, [
@@ -286,7 +255,7 @@ class ComponentsController extends Controller
            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/components/message.checkout.success')));
        }

-        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/components/message.checkout.unavailable', ['remaining' => $component->numRemaining(), 'requested' => $request->get('assigned_qty')])));
+        return response()->json(Helper::formatStandardApiResponse('error', null, 'Not enough components remaining: '.$component->numRemaining().' remaining, '.$request->get('assigned_qty').' requested.'));
    }

    /**
@@ -45,8 +45,11 @@ class ConsumablesController extends Controller
                'notes',
                ];

-        $consumables = Consumable::select('consumables.*')
-            ->with('company', 'location', 'category', 'users', 'manufacturer');
+
+        $consumables = Company::scopeCompanyables(
+            Consumable::select('consumables.*')
+                ->with('company', 'location', 'category', 'users', 'manufacturer')
+        );

        if ($request->filled('search')) {
            $consumables = $consumables->TextSearch(e($request->input('search')));
@@ -72,10 +75,6 @@ class ConsumablesController extends Controller
            $consumables->where('manufacturer_id', '=', $request->input('manufacturer_id'));
        }

-        if ($request->filled('supplier_id')) {
-            $consumables->where('supplier_id', '=', $request->input('supplier_id'));
-        }
-
        if ($request->filled('location_id')) {
            $consumables->where('location_id','=',$request->input('location_id'));
        }
@@ -85,9 +84,12 @@ class ConsumablesController extends Controller
        }


-        // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $consumables->count()) ? $consumables->count() : app('api_offset_value');
-        $limit = app('api_limit_value');
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($consumables) && ($request->get('offset') > $consumables->count())) ? $consumables->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');

        $allowed_columns = ['id', 'name', 'order_number', 'min_amt', 'purchase_date', 'purchase_cost', 'company', 'category', 'model_number', 'item_no', 'manufacturer', 'location', 'qty', 'image'];
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
@@ -109,9 +111,6 @@ class ConsumablesController extends Controller
            case 'company':
                $consumables = $consumables->OrderCompany($order);
                break;
-            case 'supplier':
-                $components = $consumables->OrderSupplier($order);
-                break;
            default:
                $consumables = $consumables->orderBy($column_sort, $order);
                break;
@@ -155,7 +154,7 @@ class ConsumablesController extends Controller
    public function show($id)
    {
        $this->authorize('view', Consumable::class);
-        $consumable = Consumable::with('users')->findOrFail($id);
+        $consumable = Consumable::findOrFail($id);

        return (new ConsumablesTransformer)->transformConsumable($consumable);
    }
@@ -254,44 +253,33 @@ class ConsumablesController extends Controller
    public function checkout(Request $request, $id)
    {
        // Check if the consumable exists
-        if (!$consumable = Consumable::with('users')->find($id)) {
+        if (is_null($consumable = Consumable::find($id))) {
            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/consumables/message.does_not_exist')));
        }

        $this->authorize('checkout', $consumable);

-        // Make sure there is at least one available to checkout
-        if ($consumable->numRemaining() <= 0) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/consumables/message.checkout.unavailable')));
-        }
+        if ($consumable->qty > 0) {

-        // Make sure there is a valid category
-        if (!$consumable->category){
-            return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.invalid_item_category_single', ['type' => trans('general.consumable')])));
-        }
+            // Check if the user exists
+            $assigned_to = $request->input('assigned_to');
+            if (is_null($user = User::find($assigned_to))) {
+                // Return error message
+                return response()->json(Helper::formatStandardApiResponse('error', null, 'No user found'));
+            }

+            // Update the consumable data
+            $consumable->assigned_to = e($assigned_to);

-        // Check if the user exists - @TODO:  this should probably be handled via validation, not here??
-        if (!$user = User::find($request->input('assigned_to'))) {
-            // Return error message
-            return response()->json(Helper::formatStandardApiResponse('error', null, 'No user found'));
-            \Log::debug('No valid user');
-        }
-
-        // Update the consumable data
-        $consumable->assigned_to = $request->input('assigned_to');
-
-        $consumable->users()->attach($consumable->id,
-                [
-                    'consumable_id' => $consumable->id,
-                    'user_id' => $user->id,
-                    'assigned_to' => $request->input('assigned_to'),
-                    'note' => $request->input('note'),
-                ]
-            );
+            $consumable->users()->attach($consumable->id, [
+                'consumable_id' => $consumable->id,
+                'user_id' => $user->id,
+                'assigned_to' => $assigned_to,
+                'note' => $request->input('note'),
+            ]);

            // Log checkout event
-            $logaction = $consumable->logCheckout($request->input('note'), $user);
+            $logaction = $consumable->logCheckout(e($request->input('note')), $user);
            $data['log_id'] = $logaction->id;
            $data['eula'] = $consumable->getEula();
            $data['first_name'] = $user->first_name;
@@ -301,7 +289,9 @@ class ConsumablesController extends Controller
            $data['require_acceptance'] = $consumable->requireAcceptance();

            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/consumables/message.checkout.success')));
+        }

+        return response()->json(Helper::formatStandardApiResponse('error', null, 'No consumables remaining'));
    }

    /**
@@ -7,7 +7,6 @@ use App\Http\Controllers\Controller;
 use App\Http\Transformers\CustomFieldsetsTransformer;
 use App\Http\Transformers\CustomFieldsTransformer;
 use App\Models\CustomFieldset;
-use App\Models\CustomField;
 use Illuminate\Http\Request;
 use Redirect;
 use View;
@@ -34,7 +33,7 @@ class CustomFieldsetsController extends Controller
     */
    public function index()
    {
-        $this->authorize('index', CustomField::class);
+        $this->authorize('index', CustomFieldset::class);
        $fieldsets = CustomFieldset::withCount('fields as fields_count', 'models as models_count')->get();

        return (new CustomFieldsetsTransformer)->transformCustomFieldsets($fieldsets, $fieldsets->count());
@@ -50,7 +49,7 @@ class CustomFieldsetsController extends Controller
     */
    public function show($id)
    {
-        $this->authorize('view', CustomField::class);
+        $this->authorize('view', CustomFieldset::class);
        if ($fieldset = CustomFieldset::find($id)) {
            return (new CustomFieldsetsTransformer)->transformCustomFieldset($fieldset);
        }
@@ -69,7 +68,7 @@ class CustomFieldsetsController extends Controller
     */
    public function update(Request $request, $id)
    {
-        $this->authorize('update', CustomField::class);
+        $this->authorize('update', CustomFieldset::class);
        $fieldset = CustomFieldset::findOrFail($id);
        $fieldset->fill($request->all());

@@ -90,23 +89,11 @@ class CustomFieldsetsController extends Controller
     */
    public function store(Request $request)
    {
-        $this->authorize('create', CustomField::class);
+        $this->authorize('create', CustomFieldset::class);
        $fieldset = new CustomFieldset;
        $fieldset->fill($request->all());

        if ($fieldset->save()) {
-            // Sync fieldset with auto_add_to_fieldsets
-            $fields = CustomField::select('id')->where('auto_add_to_fieldsets', '=', '1')->get();
-
-            if ($fields->count() > 0) {
-
-                foreach ($fields as $field) {
-                    $field_ids[] = $field->id;
-                }
-
-                $fieldset->fields()->sync($field_ids);
-            }
-
            return response()->json(Helper::formatStandardApiResponse('success', $fieldset, trans('admin/custom_fields/message.fieldset.create.success')));
        }

@@ -122,7 +109,7 @@ class CustomFieldsetsController extends Controller
     */
    public function destroy($id)
    {
-        $this->authorize('delete', CustomField::class);
+        $this->authorize('delete', CustomFieldset::class);
        $fieldset = CustomFieldset::findOrFail($id);

        $modelsCount = $fieldset->models->count();
@@ -149,7 +136,7 @@ class CustomFieldsetsController extends Controller
     */
    public function fields($id)
    {
-        $this->authorize('view', CustomField::class);
+        $this->authorize('view', CustomFieldset::class);
        $set = CustomFieldset::findOrFail($id);
        $fields = $set->fields;

@@ -166,7 +153,7 @@ class CustomFieldsetsController extends Controller
     */
    public function fieldsWithDefaultValues($fieldsetId, $modelId)
    {
-        $this->authorize('view', CustomField::class);
+        $this->authorize('view', CustomFieldset::class);

        $set = CustomFieldset::findOrFail($fieldsetId);

@@ -27,18 +27,16 @@ class DepartmentsController extends Controller
        $this->authorize('view', Department::class);
        $allowed_columns = ['id', 'name', 'image', 'users_count'];

-        $departments = Department::select(
+        $departments = Company::scopeCompanyables(Department::select(
            'departments.id',
            'departments.name',
-            'departments.phone',
-            'departments.fax',
            'departments.location_id',
            'departments.company_id',
            'departments.manager_id',
            'departments.created_at',
            'departments.updated_at',
-            'departments.image'
-        )->with('users')->with('location')->with('manager')->with('company')->withCount('users as users_count');
+            'departments.image'),
+             "company_id", "departments")->with('users')->with('location')->with('manager')->with('company')->withCount('users as users_count');

        if ($request->filled('search')) {
            $departments = $departments->TextSearch($request->input('search'));
@@ -60,9 +58,12 @@ class DepartmentsController extends Controller
            $departments->where('location_id', '=', $request->input('location_id'));
        }

-        // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $departments->count()) ? $departments->count() : app('api_offset_value');
-        $limit = app('api_limit_value');
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($departments) && ($request->get('offset') > $departments->count())) ? $departments->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');

        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
@@ -28,9 +28,12 @@ class DepreciationsController extends Controller
            $depreciations = $depreciations->TextSearch($request->input('search'));
        }

-        // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $depreciations->count()) ? $depreciations->count() : app('api_offset_value');
-        $limit = app('api_limit_value');
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($depreciations) && ($request->get('offset') > $depreciations->count())) ? $depreciations->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');

        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
@@ -8,7 +8,6 @@ use App\Http\Transformers\GroupsTransformer;
 use App\Models\Group;
 use Illuminate\Http\Request;

-
 class GroupsController extends Controller
 {
    /**
@@ -20,8 +19,6 @@ class GroupsController extends Controller
     */
    public function index(Request $request)
    {
-        $this->authorize('superadmin');
-
        $this->authorize('view', Group::class);
        $allowed_columns = ['id', 'name', 'created_at', 'users_count'];

@@ -35,9 +32,12 @@ class GroupsController extends Controller
            $groups->where('name', '=', $request->input('name'));
        }

-        // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $groups->count()) ? $groups->count() : app('api_offset_value');
-        $limit = app('api_limit_value');
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($groups) && ($request->get('offset') > $groups->count())) ? $groups->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');

        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
@@ -59,11 +59,9 @@ class GroupsController extends Controller
     */
    public function store(Request $request)
    {
-        $this->authorize('superadmin');
+        $this->authorize('create', Group::class);
        $group = new Group;
-
-        $group->name = $request->input('name');
-        $group->permissions = json_encode($request->input('permissions')); // Todo - some JSON validation stuff here
+        $group->fill($request->all());

        if ($group->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $group, trans('admin/groups/message.create.success')));
@@ -82,7 +80,7 @@ class GroupsController extends Controller
     */
    public function show($id)
    {
-        $this->authorize('superadmin');
+        $this->authorize('view', Group::class);
        $group = Group::findOrFail($id);

        return (new GroupsTransformer)->transformGroup($group);
@@ -99,11 +97,9 @@ class GroupsController extends Controller
     */
    public function update(Request $request, $id)
    {
-        $this->authorize('superadmin');
+        $this->authorize('update', Group::class);
        $group = Group::findOrFail($id);
-
-        $group->name = $request->input('name');
-        $group->permissions = $request->input('permissions'); // Todo - some JSON validation stuff here
+        $group->fill($request->all());

        if ($group->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $group, trans('admin/groups/message.update.success')));
@@ -122,8 +118,9 @@ class GroupsController extends Controller
     */
    public function destroy($id)
    {
-        $this->authorize('superadmin');
+        $this->authorize('delete', Group::class);
        $group = Group::findOrFail($id);
+        $this->authorize('delete', $group);
        $group->delete();

        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/groups/message.delete.success')));
@@ -10,7 +10,6 @@ use App\Models\Asset;
 use App\Models\Company;
 use App\Models\Import;
 use Artisan;
-use Illuminate\Database\Eloquent\JsonEncodingException;
 use Illuminate\Support\Facades\Request;
 use Illuminate\Support\Facades\Session;
 use Illuminate\Support\Facades\Storage;
@@ -36,7 +35,7 @@ class ImportController extends Controller
     * Process and store a CSV upload file.
     *
     * @param  \Illuminate\Http\Request  $request
-     * @return \Illuminate\Http\JsonResponse
+     * @return \Illuminate\Http\Response
     */
    public function store()
    {
@@ -57,7 +56,7 @@ class ImportController extends Controller
                    'text/tsv', ])) {
                    $results['error'] = 'File type must be CSV. Uploaded file is '.$file->getMimeType();

-                    return response()->json(Helper::formatStandardApiResponse('error', null, $results['error']), 422);
+                    return response()->json(Helper::formatStandardApiResponse('error', null, $results['error']), 500);
                }

                //TODO: is there a lighter way to do this?
@@ -65,19 +64,7 @@ class ImportController extends Controller
                    ini_set('auto_detect_line_endings', '1');
                }
                $reader = Reader::createFromFileObject($file->openFile('r')); //file pointer leak?
-
-                try {
-                    $import->header_row = $reader->fetchOne(0);
-                } catch (JsonEncodingException $e) {
-                    return response()->json(
-                        Helper::formatStandardApiResponse(
-                            'error',
-                            null,
-                            trans('admin/hardware/message.import.header_row_has_malformed_characters')
-                        ),
-                        422
-                    );
-                }
+                $import->header_row = $reader->fetchOne(0);

                //duplicate headers check
                $duplicate_headers = [];
@@ -95,22 +82,11 @@ class ImportController extends Controller
                    }
                }
                if (count($duplicate_headers) > 0) {
-                    return response()->json(Helper::formatStandardApiResponse('error', null, implode('; ', $duplicate_headers)),422);
+                    return response()->json(Helper::formatStandardApiResponse('error', null, implode('; ', $duplicate_headers)), 500); //should this be '4xx'?
                }

-                try {
-                    // Grab the first row to display via ajax as the user picks fields
-                    $import->first_row = $reader->fetchOne(1);
-                } catch (JsonEncodingException $e) {
-                    return response()->json(
-                        Helper::formatStandardApiResponse(
-                            'error',
-                            null,
-                            trans('admin/hardware/message.import.content_row_has_malformed_characters')
-                        ),
-                        422
-                    );
-                }
+                // Grab the first row to display via ajax as the user picks fields
+                $import->first_row = $reader->fetchOne(1);

                $date = date('Y-m-d-his');
                $fixed_filename = str_slug($file->getClientOriginalName());
@@ -126,25 +102,18 @@ class ImportController extends Controller
                }
                $file_name = date('Y-m-d-his').'-'.$fixed_filename;
                $import->file_path = $file_name;
-                $import->filesize = null;
-
-                if (!file_exists($path.'/'.$file_name)) {
-                    return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.file_not_found')), 500);
-                }
-
                $import->filesize = filesize($path.'/'.$file_name);
-                
                $import->save();
                $results[] = $import;
            }
            $results = (new ImportsTransformer)->transformImports($results);

-            return response()->json([
+            return [
                'files' => $results,
-            ]);
+            ];
        }

-        return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.feature_disabled')), 422);
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.feature_disabled')), 500);
    }

    /**
@@ -158,9 +127,9 @@ class ImportController extends Controller
        $this->authorize('import');

        // Run a backup immediately before processing
-        if ($request->get('run-backup')) {
+        if ($request->has('run-backup')) {
            \Log::debug('Backup manually requested via importer');
-            Artisan::call('snipeit:backup', ['--filename' => 'pre-import-backup-'.date('Y-m-d-H:i:s')]);
+            Artisan::call('backup:run');
        } else {
            \Log::debug('NO BACKUP requested via importer');
        }
@@ -193,9 +162,6 @@ class ImportController extends Controller
            case 'user':
                $redirectTo = 'users.index';
                break;
-            case 'location':
-                $redirectTo = 'locations.index';
-                break;
        }

        if ($errors) { //Failure
@@ -1,71 +0,0 @@
-<?php
-
-namespace App\Http\Controllers\Api;
-
-use App\Helpers\Helper;
-use App\Http\Controllers\Controller;
-use App\Http\Transformers\LabelsTransformer;
-use App\Models\Labels\Label;
-use Illuminate\Http\Request;
-use Illuminate\Support\ItemNotFoundException;
-use Auth;
-
-class LabelsController extends Controller
-{
-    /**
-     * Returns JSON listing of all labels.
-     *
-     * @author Grant Le Roux <grant.leroux+snipe-it@gmail.com>
-     * @return JsonResponse
-     */
-    public function index(Request $request)
-    {
-        $this->authorize('view', Label::class);
-
-        $labels = Label::find();
-
-        if ($request->filled('search')) {
-            $search = $request->get('search');
-            $labels = $labels->filter(function ($label, $index) use ($search) {
-                return stripos($label->getName(), $search) !== false;
-            });
-        }
-
-        $total = $labels->count();
-
-        $offset = $request->get('offset', 0);
-        $offset = ($offset > $total) ? $total : $offset;
-
-        $maxLimit = config('app.max_results');
-        $limit = $request->get('limit', $maxLimit);
-        $limit = ($limit > $maxLimit) ? $maxLimit : $limit;
-        
-        $labels = $labels->skip($offset)->take($limit);
-
-        return (new LabelsTransformer)->transformLabels($labels, $total, $request);
-    }
-
-    /**
-     * Returns JSON with information about a label for detail view.
-     *
-     * @author Grant Le Roux <grant.leroux+snipe-it@gmail.com>
-     * @param  string  $labelName
-     * @return JsonResponse
-     */
-    public function show(string $labelName)
-    {
-        $labelName = str_replace('/', '\\', $labelName);
-        try {
-            $label = Label::find($labelName);
-        } catch(ItemNotFoundException $e) {
-            return response()
-                ->json(
-                    Helper::formatStandardApiResponse('error', null, trans('admin/labels/message.does_not_exist')), 
-                    404
-                );
-        }
-        $this->authorize('view', $label);
-        return (new LabelsTransformer)->transformLabel($label);
-    }
-
-}
@@ -39,15 +39,8 @@ class LicenseSeatsController extends Controller
            }

            $total = $seats->count();
-
-            // Make sure the offset and limit are actually integers and do not exceed system limits
-            $offset = ($request->input('offset') > $seats->count()) ? $seats->count() : app('api_offset_value');
-
-            if ($offset >= $total ){
-                $offset = 0;
-            }
-
-            $limit = app('api_limit_value');
+            $offset = (($seats) && (request('offset') >= $total)) ? 0 : request('offset', 0);
+            $limit = request('limit', 50);

            $seats = $seats->skip($offset)->take($limit)->get();

@@ -26,8 +26,8 @@ class LicensesController extends Controller
    public function index(Request $request)
    {
        $this->authorize('view', License::class);
+        $licenses = Company::scopeCompanyables(License::with('company', 'manufacturer', 'supplier','category')->withCount('freeSeats as free_seats_count'));

-        $licenses = License::with('company', 'manufacturer', 'supplier','category')->withCount('freeSeats as free_seats_count');

        if ($request->filled('company_id')) {
            $licenses->where('company_id', '=', $request->input('company_id'));
@@ -94,9 +94,12 @@ class LicensesController extends Controller
            $licenses->onlyTrashed();
        }

-        // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $licenses->count()) ? $licenses->count() : app('api_offset_value');
-        $limit = app('api_limit_value');
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($licenses) && ($request->get('offset') > $licenses->count())) ? $licenses->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');

        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';

@@ -37,8 +37,6 @@ class LocationsController extends Controller
            'locations.city',
            'locations.state',
            'locations.zip',
-            'locations.phone',
-            'locations.fax',
            'locations.country',
            'locations.parent_id',
            'locations.manager_id',
@@ -80,15 +78,14 @@ class LocationsController extends Controller
            $locations->where('locations.country', '=', $request->input('country'));
        }

-        // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $locations->count()) ? $locations->count() : app('api_offset_value');
-        $limit = app('api_limit_value');
+        $offset = (($locations) && (request('offset') > $locations->count())) ? $locations->count() : request('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');

        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';

-
-
        switch ($request->input('sort')) {
            case 'parent':
                $locations->OrderParent($order);
@@ -253,12 +250,8 @@ class LocationsController extends Controller
     */
    public function selectlist(Request $request)
    {
-        // If a user is in the process of editing their profile, as determined by the referrer,
-        // then we check that they have permission to edit their own location.
-        // Otherwise, we do our normal check that they can view select lists.
-        $request->headers->get('referer') === route('profile')
-            ? $this->authorize('self.edit_location')
-            : $this->authorize('view.selectlists');
+
+        $this->authorize('view.selectlists');

        $locations = Location::select([
            'locations.id',
@@ -6,11 +6,9 @@ use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Transformers\ManufacturersTransformer;
 use App\Http\Transformers\SelectlistTransformer;
-use App\Models\Actionlog;
 use App\Models\Manufacturer;
 use Illuminate\Http\Request;
 use App\Http\Requests\ImageUploadRequest;
-use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Storage;

 class ManufacturersController extends Controller
@@ -25,10 +23,10 @@ class ManufacturersController extends Controller
    public function index(Request $request)
    {
        $this->authorize('view', Manufacturer::class);
-        $allowed_columns = ['id', 'name', 'url', 'support_url', 'support_email', 'warranty_lookup_url', 'support_phone', 'created_at', 'updated_at', 'image', 'assets_count', 'consumables_count', 'components_count', 'licenses_count'];
+        $allowed_columns = ['id', 'name', 'url', 'support_url', 'support_email', 'support_phone', 'created_at', 'updated_at', 'image', 'assets_count', 'consumables_count', 'components_count', 'licenses_count'];

        $manufacturers = Manufacturer::select(
-            ['id', 'name', 'url', 'support_url', 'warranty_lookup_url', 'support_email', 'support_phone', 'created_at', 'updated_at', 'image', 'deleted_at']
+            ['id', 'name', 'url', 'support_url', 'support_email', 'support_phone', 'created_at', 'updated_at', 'image', 'deleted_at']
        )->withCount('assets as assets_count')->withCount('licenses as licenses_count')->withCount('consumables as consumables_count')->withCount('accessories as accessories_count');

        if ($request->input('deleted') == 'true') {
@@ -51,10 +49,6 @@ class ManufacturersController extends Controller
            $manufacturers->where('support_url', '=', $request->input('support_url'));
        }

-        if ($request->filled('warranty_lookup_url')) {
-            $manufacturers->where('warranty_lookup_url', '=', $request->input('warranty_lookup_url'));
-        }
-
        if ($request->filled('support_phone')) {
            $manufacturers->where('support_phone', '=', $request->input('support_phone'));
        }
@@ -63,9 +57,12 @@ class ManufacturersController extends Controller
            $manufacturers->where('support_email', '=', $request->input('support_email'));
        }

-        // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $manufacturers->count()) ? $manufacturers->count() : app('api_offset_value');
-        $limit = app('api_limit_value');
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($manufacturers) && ($request->get('offset') > $manufacturers->count())) ? $manufacturers->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');

        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
@@ -161,44 +158,6 @@ class ManufacturersController extends Controller

    }

-    /**
-     * Restore a given Manufacturer (mark as un-deleted)
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v6.3.4]
-     * @param int $id
-     * @return \Illuminate\Http\JsonResponse
-     * @throws \Illuminate\Auth\Access\AuthorizationException
-     */
-    public function restore($id)
-    {
-        $this->authorize('delete', Manufacturer::class);
-
-        if ($manufacturer = Manufacturer::withTrashed()->find($id)) {
-
-            if ($manufacturer->deleted_at == '') {
-                return response()->json(Helper::formatStandardApiResponse('error', trans('general.not_deleted', ['item_type' => trans('general.manufacturer')])), 200);
-            }
-
-            if ($manufacturer->restore()) {
-
-                $logaction = new Actionlog();
-                $logaction->item_type = Manufacturer::class;
-                $logaction->item_id = $manufacturer->id;
-                $logaction->created_at = date('Y-m-d H:i:s');
-                $logaction->user_id = Auth::user()->id;
-                $logaction->logaction('restore');
-
-                return response()->json(Helper::formatStandardApiResponse('success', trans('admin/manufacturers/message.restore.success')), 200);
-            }
-
-            // Check validation to make sure we're not restoring an item with the same unique attributes as a non-deleted one
-            return response()->json(Helper::formatStandardApiResponse('error', trans('general.could_not_restore', ['item_type' => trans('general.manufacturer'), 'error' => $manufacturer->getErrors()->first()])), 200);
-        }
-
-        return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/manufacturers/message.does_not_exist')));
-    }
-
    /**
     * Gets a paginated collection for the select2 menus
     *
@@ -29,10 +29,8 @@ class PredefinedKitsController extends Controller
            $kits = $kits->TextSearch($request->input('search'));
        }

-        // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $kits->count()) ? $kits->count() : app('api_offset_value');
-        $limit = app('api_limit_value');
-
+        $offset = $request->input('offset', 0);
+        $limit = $request->input('limit', 50);
        $order = $request->input('order') === 'desc' ? 'desc' : 'asc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'name';
        $kits->orderBy($sort, $order);
@@ -10,8 +10,7 @@ use Illuminate\Support\Facades\Auth;
 use Illuminate\Http\Request;
 use Laravel\Passport\TokenRepository;
 use Illuminate\Contracts\Validation\Factory as ValidationFactory;
-use Illuminate\Support\Facades\Gate;
-use App\Models\CustomField;
+use Gate;
 use DB;

 class ProfileController extends Controller
@@ -49,23 +48,14 @@ class ProfileController extends Controller
    {
        $checkoutRequests = CheckoutRequest::where('user_id', '=', Auth::user()->id)->get();

-        $results = array();
-        $show_field = array();
-        $showable_fields = array();
+        $results = [];
        $results['total'] = $checkoutRequests->count();

-        $all_custom_fields = CustomField::all(); //used as a 'cache' of custom fields throughout this page load
-        foreach ($all_custom_fields as $field) {
-            if (($field->field_encrypted=='0') && ($field->show_in_requestable_list=='1')) {
-                $showable_fields[] = $field->db_column_name();
-            }
-        }
-
        foreach ($checkoutRequests as $checkoutRequest) {

            // Make sure the asset and request still exist
            if ($checkoutRequest && $checkoutRequest->itemRequested()) {
-                $assets = [
+                $results['rows'][] = [
                    'image' => e($checkoutRequest->itemRequested()->present()->getImageUrl()),
                    'name' => e($checkoutRequest->itemRequested()->present()->name()),
                    'type' => e($checkoutRequest->itemType()),
@@ -74,16 +64,7 @@ class ProfileController extends Controller
                    'expected_checkin' => Helper::getFormattedDateObject($checkoutRequest->itemRequested()->expected_checkin, 'datetime'),
                    'request_date' => Helper::getFormattedDateObject($checkoutRequest->created_at, 'datetime'),
                ];
-
-                foreach ($showable_fields as $showable_field_name) {
-                    $show_field['custom_fields.'.$showable_field_name] =  $checkoutRequest->itemRequested()->{$showable_field_name};
-                }
-
-                // Merge the plain asset data and the custom fields data
-                $results['rows'][] = array_merge($assets, $show_field);
            }
-
-
        }

        return $results;
@@ -54,15 +54,11 @@ class ReportsController extends Controller
            'note',
        ];

-
-        // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $actionlogs->count()) ? $actionlogs->count() : app('api_offset_value');
-        $limit = app('api_limit_value');
-
        $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
        $order = ($request->input('order') == 'asc') ? 'asc' : 'desc';
+        $offset = request('offset', 0);
+        $limit = request('limit', 50);
        $total = $actionlogs->count();
-
        $actionlogs = $actionlogs->orderBy($sort, $order)->skip($offset)->take($limit)->get();

        return response()->json((new ActionlogsTransformer)->transformActionlogs($actionlogs, $total), 200, ['Content-Type' => 'application/json;charset=utf8'], JSON_UNESCAPED_UNICODE);
@@ -143,6 +143,47 @@ class SettingsController extends Controller

    }

+    public function slacktest(SlackSettingsRequest $request)
+    {
+
+        $validator = Validator::make($request->all(), [
+            'slack_endpoint'                      => 'url|required_with:slack_channel|starts_with:https://hooks.slack.com/|nullable',
+            'slack_channel'                       => 'required_with:slack_endpoint|starts_with:#|nullable',
+        ]);
+
+        if ($validator->fails()) {
+            return response()->json(['message' => 'Validation failed', 'errors' => $validator->errors()], 422);
+        }
+
+        // If validation passes, continue to the curl request
+            $slack = new Client([
+                'base_url' => e($request->input('slack_endpoint')),
+                'defaults' => [
+                    'exceptions' => false,
+                ],
+            ]);
+
+            $payload = json_encode(
+                [
+                    'channel'    => e($request->input('slack_channel')),
+                    'text'       => trans('general.slack_test_msg'),
+                    'username'    => e($request->input('slack_botname')),
+                    'icon_emoji' => ':heart:',
+                ]);
+
+            try {
+                $slack->post($request->input('slack_endpoint'), ['body' => $payload]);
+                return response()->json(['message' => 'Success'], 200);
+
+            } catch (\Exception $e) {
+                return response()->json(['message' => 'Please check the channel name and webhook endpoint URL ('.e($request->input('slack_endpoint')).'). Slack responded with: '.$e->getMessage()], 400);
+            }
+
+        //} 
+        return response()->json(['message' => 'Something went wrong :( '], 400);
+    }
+
+
    /**
     * Test the email configuration
     *
@@ -271,7 +312,7 @@ class SettingsController extends Controller
            $headers = ['ContentType' => 'application/zip'];
            return Storage::download($path.'/'.$file, $file, $headers);
        } else {
-            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('general.file_not_found')));
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'File not found'));
        }

    }
@@ -5,7 +5,6 @@ namespace App\Http\Controllers\Api;
 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Transformers\AssetsTransformer;
-use App\Http\Transformers\SelectlistTransformer;
 use App\Http\Transformers\StatuslabelsTransformer;
 use App\Models\Asset;
 use App\Models\Statuslabel;
@@ -51,9 +50,12 @@ class StatuslabelsController extends Controller
            }
        }

-        // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $statuslabels->count()) ? $statuslabels->count() : app('api_offset_value');
-        $limit = app('api_limit_value');
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($statuslabels) && ($request->get('offset') > $statuslabels->count())) ? $statuslabels->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');

        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
@@ -194,7 +196,6 @@ class StatuslabelsController extends Controller
    {
        $this->authorize('view', Statuslabel::class);
        $statuslabels = Statuslabel::withCount('assets')->get();
-        $total = Array();

        foreach ($statuslabels as $statuslabel) {

@@ -292,45 +293,4 @@ class StatuslabelsController extends Controller

        return '0';
    }
-
-    /**
-     * Gets a paginated collection for the select2 menus
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v6.1.1]
-     * @see \App\Http\Transformers\SelectlistTransformer
-     */
-    public function selectlist(Request $request)
-    {
-
-        $this->authorize('view.selectlists');
-        $statuslabels = Statuslabel::orderBy('default_label', 'desc')->orderBy('name', 'asc')->orderBy('deployable', 'desc');
-
-        if ($request->filled('search')) {
-            $statuslabels = $statuslabels->where('name', 'LIKE', '%'.$request->get('search').'%');
-        }
-
-        if ($request->filled('deployable')) {
-            $statuslabels = $statuslabels->where('deployable', '=', '1');
-        }
-
-        if ($request->filled('pending')) {
-            $statuslabels = $statuslabels->where('pending', '=', '1');
-        }
-
-        if ($request->filled('archived')) {
-            $statuslabels = $statuslabels->where('archived', '=', '1');
-        }
-
-        $statuslabels = $statuslabels->orderBy('name', 'ASC')->paginate(50);
-
-        // Loop through and set some custom properties for the transformer to use.
-        // This lets us have more flexibility in special cases like assets, where
-        // they may not have a ->name value but we want to display something anyway
-        foreach ($statuslabels as $statuslabel) {
-            $statuslabels->use_text = $statuslabel->name;
-        }
-
-        return (new SelectlistTransformer)->transformSelectlist($statuslabels);
-    }
 }
@@ -23,30 +23,11 @@ class SuppliersController extends Controller
    public function index(Request $request)
    {
        $this->authorize('view', Supplier::class);
-        $allowed_columns = ['
-            id',
-            'name',
-            'address',
-            'phone',
-            'contact',
-            'fax',
-            'email',
-            'image',
-            'assets_count',
-            'licenses_count',
-            'accessories_count',
-            'components_count',
-            'consumables_count',
-            'url',
-        ];
+        $allowed_columns = ['id', 'name', 'address', 'phone', 'contact', 'fax', 'email', 'image', 'assets_count', 'licenses_count', 'accessories_count', 'url'];
        
        $suppliers = Supplier::select(
-                ['id', 'name', 'address', 'address2', 'city', 'state', 'country', 'fax', 'phone', 'email', 'contact', 'created_at', 'updated_at', 'deleted_at', 'image', 'notes', 'url'])
-                    ->withCount('assets as assets_count')
-                    ->withCount('licenses as licenses_count')
-                    ->withCount('accessories as accessories_count')
-                    ->withCount('components as components_count')
-                    ->withCount('consumables as consumables_count');
+                ['id', 'name', 'address', 'address2', 'city', 'state', 'country', 'fax', 'phone', 'email', 'contact', 'created_at', 'updated_at', 'deleted_at', 'image', 'notes']
+            )->withCount('assets as assets_count')->withCount('licenses as licenses_count')->withCount('accessories as accessories_count');


        if ($request->filled('search')) {
@@ -93,9 +74,12 @@ class SuppliersController extends Controller
            $suppliers->where('notes', '=', $request->input('notes'));
        }

-        // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $suppliers->count()) ? $suppliers->count() : app('api_offset_value');
-        $limit = app('api_limit_value');
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($suppliers) && ($request->get('offset') > $suppliers->count())) ? $suppliers->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');

        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
@@ -11,7 +11,6 @@ use App\Http\Transformers\ConsumablesTransformer;
 use App\Http\Transformers\LicensesTransformer;
 use App\Http\Transformers\SelectlistTransformer;
 use App\Http\Transformers\UsersTransformer;
-use App\Models\Actionlog;
 use App\Models\Asset;
 use App\Models\Company;
 use App\Models\License;
@@ -21,7 +20,6 @@ use Auth;
 use Illuminate\Http\Request;
 use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Storage;
-use Illuminate\Support\Facades\Validator;

 class UsersController extends Controller
 {
@@ -71,13 +69,18 @@ class UsersController extends Controller
            'users.ldap_import',
            'users.start_date',
            'users.end_date',
-            'users.vip',
-            'users.autoassign_licenses',

        ])->with('manager', 'groups', 'userloc', 'company', 'department', 'assets', 'licenses', 'accessories', 'consumables', 'createdBy',)
            ->withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count');
+        $users = Company::scopeCompanyables($users);


+        if (($request->filled('deleted')) && ($request->input('deleted') == 'true')) {
+            $users = $users->onlyTrashed();
+        } elseif (($request->filled('all')) && ($request->input('all') == 'true')) {
+            $users = $users->withTrashed();
+        }
+
        if ($request->filled('activated')) {
            $users = $users->where('users.activated', '=', $request->input('activated'));
        }
@@ -146,18 +149,6 @@ class UsersController extends Controller
            $users = $users->where('remote', '=', $request->input('remote'));
        }

-        if ($request->filled('vip')) {
-            $users = $users->where('vip', '=', $request->input('vip'));
-        }
-
-        if ($request->filled('two_factor_enrolled')) {
-            $users = $users->where('two_factor_enrolled', '=', $request->input('two_factor_enrolled'));
-        }
-
-        if ($request->filled('two_factor_optin')) {
-            $users = $users->where('two_factor_optin', '=', $request->input('two_factor_optin'));
-        }
-
        if ($request->filled('start_date')) {
            $users = $users->where('users.start_date', '=', $request->input('start_date'));
        }
@@ -166,6 +157,7 @@ class UsersController extends Controller
            $users = $users->where('users.end_date', '=', $request->input('end_date'));
        }

+
        if ($request->filled('assets_count')) {
           $users->has('assets', '=', $request->input('assets_count'));
        }
@@ -182,19 +174,19 @@ class UsersController extends Controller
            $users->has('accessories', '=', $request->input('accessories_count'));
        }

-        if ($request->filled('autoassign_licenses')) {
-            $users->where('autoassign_licenses', '=', $request->input('autoassign_licenses'));
-        }
-
        if ($request->filled('search')) {
            $users = $users->TextSearch($request->input('search'));
        }

        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $offset = (($users) && (request('offset') > $users->count())) ? 0 : request('offset', 0);

-        // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $users->count()) ? $users->count() : app('api_offset_value');
-        $limit = app('api_limit_value');
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($users) && ($request->get('offset') > $users->count())) ? $users->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');


        switch ($request->input('sort')) {
@@ -213,52 +205,14 @@ class UsersController extends Controller
            case 'company':
                $users = $users->OrderCompany($order);
                break;
-            case 'first_name':
-                $users->orderBy('first_name', $order);
-                $users->orderBy('last_name', $order);
-                break;
-            case 'last_name':
-                $users->orderBy('last_name', $order);
-                $users->orderBy('first_name', $order);
-                break;
            default:
                $allowed_columns =
                    [
-                        'last_name',
-                        'first_name',
-                        'email',
-                        'jobtitle',
-                        'username',
-                        'employee_num',
-                        'assets',
-                        'accessories',
-                        'consumables',
-                        'licenses',
-                        'groups',
-                        'activated',
-                        'created_at',
-                        'two_factor_enrolled',
-                        'two_factor_optin',
-                        'last_login',
-                        'assets_count',
-                        'licenses_count',
-                        'consumables_count',
-                        'accessories_count',
-                        'phone',
-                        'address',
-                        'city',
-                        'state',
-                        'country',
-                        'zip',
-                        'id',
-                        'ldap_import',
-                        'two_factor_optin',
-                        'two_factor_enrolled',
-                        'remote',
-                        'vip',
-                        'start_date',
-                        'end_date',
-                        'autoassign_licenses',
+                        'last_name', 'first_name', 'email', 'jobtitle', 'username', 'employee_num',
+                        'assets', 'accessories', 'consumables', 'licenses', 'groups', 'activated', 'created_at',
+                        'two_factor_enrolled', 'two_factor_optin', 'last_login', 'assets_count', 'licenses_count',
+                        'consumables_count', 'accessories_count', 'phone', 'address', 'city', 'state',
+                        'country', 'zip', 'id', 'ldap_import', 'remote', 'start_date', 'end_date',
                    ];

                $sort = in_array($request->get('sort'), $allowed_columns) ? $request->get('sort') : 'first_name';
@@ -266,14 +220,6 @@ class UsersController extends Controller
                break;
        }

-        if (($request->filled('deleted')) && ($request->input('deleted') == 'true')) {
-            $users = $users->onlyTrashed();
-        } elseif (($request->filled('all')) && ($request->input('all') == 'true')) {
-            $users = $users->withTrashed();
-        }
-
-        $users = Company::scopeCompanyables($users);
-        
        $total = $users->count();
        $users = $users->skip($offset)->take($limit)->get();

@@ -305,11 +251,9 @@ class UsersController extends Controller
        $users = Company::scopeCompanyables($users);

        if ($request->filled('search')) {
-            $users = $users->where(function ($query) use ($request) {
-                $query->SimpleNameSearch($request->get('search'))
-                    ->orWhere('username', 'LIKE', '%'.$request->get('search').'%')
-                    ->orWhere('employee_num', 'LIKE', '%'.$request->get('search').'%');
-            });
+            $users = $users->SimpleNameSearch($request->get('search'))
+                ->orWhere('username', 'LIKE', '%'.$request->get('search').'%')
+                ->orWhere('employee_num', 'LIKE', '%'.$request->get('search').'%');
        }

        $users = $users->orderBy('last_name', 'asc')->orderBy('first_name', 'asc');
@@ -364,12 +308,8 @@ class UsersController extends Controller
            $user->permissions = $permissions_array;
        }

-        // 
-        if ($request->filled('password')) {
-            $user->password = bcrypt($request->get('password'));
-        } else {
-            $user->password = $user->noPassword();
-        }
+        $tmp_pass = substr(str_shuffle('0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), 0, 20);
+        $user->password = bcrypt($request->get('password', $tmp_pass));

        app('App\Http\Requests\ImageUploadRequest')->handleImages($user, 600, 'image', 'avatars', 'avatar');
        
@@ -474,13 +414,6 @@ class UsersController extends Controller

            // Check if the request has groups passed and has a value
            if ($request->filled('groups')) {
-                $validator = Validator::make($request->all(), [
-                    'groups.*' => 'integer|exists:permission_groups,id',
-                ]);
-                
-                if ($validator->fails()){
-                    return response()->json(Helper::formatStandardApiResponse('error', null, $user->getErrors()));
-                }
                $user->groups()->sync($request->input('groups'));
            // The groups field has been passed but it is null, so we should blank it out
            } elseif ($request->has('groups')) {
@@ -574,10 +507,9 @@ class UsersController extends Controller
        if (empty($user->email)) {
            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.inventorynotification.error')));
        }
-
-        $user->notify((new CurrentInventory($user)));
 
-        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/users/message.inventorynotification.success')));
+        return response()->Helper::formatStandardApiResponse('success', null, trans('admin/users/message.inventorynotification.success'));
+ 
    }

    /**
@@ -689,31 +621,17 @@ class UsersController extends Controller
     */
    public function restore($userId = null)
    {
+        // Get asset information
+        $user = User::withTrashed()->find($userId);
+        $this->authorize('delete', $user);
+        if (isset($user->id)) {
+            // Restore the user
+            User::withTrashed()->where('id', $userId)->restore();

-        if ($user = User::withTrashed()->find($userId)) {
-            $this->authorize('delete', $user);
-
-            if ($user->deleted_at == '') {
-                return response()->json(Helper::formatStandardApiResponse('error', trans('general.not_deleted', ['item_type' => trans('general.user')])), 200);
-            }
-
-            if ($user->restore()) {
-
-                $logaction = new Actionlog();
-                $logaction->item_type = User::class;
-                $logaction->item_id = $user->id;
-                $logaction->created_at = date('Y-m-d H:i:s');
-                $logaction->user_id = Auth::user()->id;
-                $logaction->logaction('restore');
-
-                return response()->json(Helper::formatStandardApiResponse('success', trans('admin/users/message.restore.success')), 200);
-            }
-
-            // Check validation to make sure we're not restoring a user with the same username as an existing user
-            return response()->json(Helper::formatStandardApiResponse('error', trans('general.could_not_restore', ['item_type' => trans('general.user'), 'error' => $user->getErrors()->first()])), 200);
+            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/users/message.success.restored')));
        }
-
-        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.user_not_found')), 200);
-
+        
+        $id = $userId;
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.user_not_found', compact('id'))), 200);
    }
 }
@@ -101,7 +101,7 @@ class AssetMaintenancesController extends Controller
        $assetMaintenance = new AssetMaintenance();
        $assetMaintenance->supplier_id = $request->input('supplier_id');
        $assetMaintenance->is_warranty = $request->input('is_warranty');
-        $assetMaintenance->cost = $request->input('cost');
+        $assetMaintenance->cost = Helper::ParseCurrency($request->input('cost'));
        $assetMaintenance->notes = $request->input('notes');
        $asset = Asset::find($request->input('asset_id'));

@@ -211,7 +211,7 @@ class AssetMaintenancesController extends Controller

        $assetMaintenance->supplier_id = $request->input('supplier_id');
        $assetMaintenance->is_warranty = $request->input('is_warranty');
-        $assetMaintenance->cost =  $request->input('cost');
+        $assetMaintenance->cost =  Helper::ParseCurrency($request->input('cost'));
        $assetMaintenance->notes = $request->input('notes');

        $asset = Asset::find(request('asset_id'));
@@ -4,12 +4,8 @@ namespace App\Http\Controllers;

 use App\Helpers\Helper;
 use App\Http\Requests\ImageUploadRequest;
-use App\Models\Actionlog;
-use App\Models\Asset;
 use App\Models\AssetModel;
-use App\Models\User;
 use Illuminate\Support\Facades\Auth;
-use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Facades\Input;
 use Illuminate\Support\Facades\View;
 use Illuminate\Support\Facades\Validator;
@@ -80,15 +76,14 @@ class AssetModelsController extends Controller
        $model->depreciation_id = $request->input('depreciation_id');
        $model->name = $request->input('name');
        $model->model_number = $request->input('model_number');
-        $model->min_amt = $request->input('min_amt');
        $model->manufacturer_id = $request->input('manufacturer_id');
        $model->category_id = $request->input('category_id');
        $model->notes = $request->input('notes');
        $model->user_id = Auth::id();
        $model->requestable = Request::has('requestable');

-        if ($request->input('fieldset_id') != '') {
-            $model->fieldset_id = e($request->input('fieldset_id'));
+        if ($request->input('custom_fieldset') != '') {
+            $model->fieldset_id = e($request->input('custom_fieldset'));
        }

        $model = $request->handleImages($model);
@@ -158,7 +153,6 @@ class AssetModelsController extends Controller
        $model->eol = $request->input('eol');
        $model->name = $request->input('name');
        $model->model_number = $request->input('model_number');
-        $model->min_amt = $request->input('min_amt');
        $model->manufacturer_id = $request->input('manufacturer_id');
        $model->category_id = $request->input('category_id');
        $model->notes = $request->input('notes');
@@ -166,10 +160,10 @@ class AssetModelsController extends Controller

        $this->removeCustomFieldsDefaultValues($model);

-        if ($request->input('fieldset_id') == '') {
+        if ($request->input('custom_fieldset') == '') {
            $model->fieldset_id = null;
        } else {
-            $model->fieldset_id = $request->input('fieldset_id');
+            $model->fieldset_id = $request->input('custom_fieldset');

            if ($this->shouldAddDefaultValues($request->input())) {
                if (!$this->assignCustomFieldsDefaultValues($model, $request->input('default_values'))){
@@ -177,20 +171,8 @@ class AssetModelsController extends Controller
                }
            }
        }
-       
-      
-       
+
        if ($model->save()) {
-            if ($model->wasChanged('eol')) {
-                    if ($model->eol > 0) {
-                        $newEol = $model->eol; 
-                        $model->assets()->whereNotNull('purchase_date')->where('eol_explicit', false)
-                            ->update(['asset_eol_date' => DB::raw('DATE_ADD(purchase_date, INTERVAL ' . $newEol . ' MONTH)')]);
-                        } elseif ($model->eol == 0) {
-    						$model->assets()->whereNotNull('purchase_date')->where('eol_explicit', false)
-    							->update(['asset_eol_date' => DB::raw('null')]);
-					}
-                }
            return redirect()->route('models.index')->with('success', trans('admin/models/message.update.success'));
        }

@@ -212,7 +194,7 @@ class AssetModelsController extends Controller
        $this->authorize('delete', AssetModel::class);
        // Check if the model exists
        if (is_null($model = AssetModel::find($modelId))) {
-            return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
+            return redirect()->route('models.index')->with('error', trans('admin/models/message.not_found'));
        }

        if ($model->assets()->count() > 0) {
@@ -240,42 +222,22 @@ class AssetModelsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
-     * @param int $id
+     * @param int $modelId
     * @return Redirect
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
-    public function getRestore($id)
+    public function getRestore($modelId = null)
    {
        $this->authorize('create', AssetModel::class);
+        // Get user information
+        $model = AssetModel::withTrashed()->find($modelId);

-        if ($model = AssetModel::withTrashed()->find($id)) {
+        if (isset($model->id)) {
+            $model->restore();

-            if ($model->deleted_at == '') {
-                return redirect()->back()->with('error', trans('general.not_deleted', ['item_type' => trans('general.asset_model')]));
-            }
-
-            if ($model->restore()) {
-                $logaction = new Actionlog();
-                $logaction->item_type = User::class;
-                $logaction->item_id = $model->id;
-                $logaction->created_at = date('Y-m-d H:i:s');
-                $logaction->user_id = Auth::user()->id;
-                $logaction->logaction('restore');
-
-
-                // Redirect them to the deleted page if there are more, otherwise the section index
-                $deleted_models = AssetModel::onlyTrashed()->count();
-                if ($deleted_models > 0) {
-                    return redirect()->back()->with('success', trans('admin/models/message.restore.success'));
-                }
-                return redirect()->route('models.index')->with('success', trans('admin/models/message.restore.success'));
-            }
-
-            // Check validation
-            return redirect()->back()->with('error', trans('general.could_not_restore', ['item_type' => trans('general.asset_model'), 'error' => $model->getErrors()->first()]));
+            return redirect()->route('models.index')->with('success', trans('admin/models/message.restore.success'));
        }
-
-        return redirect()->back()->with('error', trans('admin/models/message.does_not_exist'));
+        return redirect()->back()->with('error', trans('admin/models/message.not_found'));

    }

@@ -324,7 +286,6 @@ class AssetModelsController extends Controller
        return view('models/edit')
            ->with('depreciation_list', Helper::depreciationList())
            ->with('item', $model)
-            ->with('model_id', $model_to_clone->id)
            ->with('clone_model', $model_to_clone);
    }

@@ -483,7 +444,7 @@ class AssetModelsController extends Controller
    {
        return ! empty($input['add_default_values'])
            && ! empty($input['default_values'])
-            && ! empty($input['fieldset_id']);
+            && ! empty($input['custom_fieldset']);
    }

    /**
@@ -78,7 +78,7 @@ class AssetModelsFilesController extends Controller
     * @return View
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
-    public function show($modelId = null, $fileId = null)
+    public function show($modelId = null, $fileId = null, $download = true)
    {
        $model = AssetModel::find($modelId);
        // the asset is valid
@@ -99,13 +99,12 @@ class AssetModelsFilesController extends Controller
                    ->header('Content-Type', 'text/plain');
            }

-            if (request('inline') == 'true') {
+            if ($download != 'true') {
+                if ($contents = file_get_contents(Storage::url($file))) {
+                    return Response::make(Storage::url($file)->header('Content-Type', mime_content_type($file)));
+                }

-                $headers = [
-                    'Content-Disposition' => 'inline',
-                ];
-
-                return Storage::download($file, $log->filename, $headers);
+                return JsonResponse::create(['error' => 'Failed validation: '], 500);
            }

            return StorageHelper::downloader($file);
@@ -68,7 +68,6 @@ class AssetCheckinController extends Controller

        $asset->expected_checkin = null;
        $asset->last_checkout = null;
-        $asset->last_checkin = now();
        $asset->assigned_to = null;
        $asset->assignedTo()->disassociate($asset);
        $asset->assigned_type = null;
@@ -95,25 +94,18 @@ class AssetCheckinController extends Controller
            \Log::debug('Manually override the location IDs');
            \Log::debug('Original Location ID: '.$asset->location_id);
            $asset->location_id = '';
-            \Log::debug('New Location ID: '.$asset->location_id);
+            \Log::debug('New RTD Location ID: '.$asset->location_id);
        }

        $asset->location_id = $asset->rtd_location_id;

        if ($request->filled('location_id')) {
            \Log::debug('NEW Location ID: '.$request->get('location_id'));
-            $asset->location_id = $request->get('location_id');
-
-            if ($request->get('update_default_location') == 0){
-                $asset->rtd_location_id = $request->get('location_id');
-            }
+            $asset->location_id = e($request->get('location_id'));
        }

-        $originalValues = $asset->getRawOriginal();
-
        $checkin_at = date('Y-m-d H:i:s');
        if (($request->filled('checkin_at')) && ($request->get('checkin_at') != date('Y-m-d'))) {
-            $originalValues['action_date'] = $checkin_at;
            $checkin_at = $request->get('checkin_at');
        }

@@ -136,7 +128,7 @@ class AssetCheckinController extends Controller

        // Was the asset updated?
        if ($asset->save()) {
-            event(new CheckoutableCheckedIn($asset, $target, Auth::user(), $request->input('note'), $checkin_at, $originalValues));
+            event(new CheckoutableCheckedIn($asset, $target, Auth::user(), $request->input('note'), $checkin_at));

            if ((isset($user)) && ($backto == 'user')) {
                return redirect()->route('users.show', $user->id)->with('success', trans('admin/hardware/message.checkin.success'));
@@ -27,7 +27,7 @@ class AssetCheckoutController extends Controller
    public function create($assetId)
    {
        // Check if the asset exists
-        if (is_null($asset = Asset::with('company')->find(e($assetId)))) {
+        if (is_null($asset = Asset::find(e($assetId)))) {
            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
        }

@@ -89,15 +89,6 @@ class AssetCheckoutController extends Controller
                }
            }

-            $settings = \App\Models\Setting::getSettings();
-
-            // We have to check whether $target->company_id is null here since locations don't have a company yet
-            if (($settings->full_multiple_companies_support) && ((!is_null($target->company_id)) &&  (!is_null($asset->company_id)))) {
-                if ($target->company_id != $asset->company_id){
-                    return redirect()->to("hardware/$assetId/checkout")->with('error', trans('general.error_user_company'));
-                }
-            }
-            
            if ($asset->checkOut($target, $admin, $checkout_at, $expected_checkin, e($request->get('note')), $request->get('name'))) {
                return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.checkout.success'));
            }
@@ -79,14 +79,14 @@ class AssetFilesController extends Controller
     * @return View
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
-    public function show($assetId = null, $fileId = null)
+    public function show($assetId = null, $fileId = null, $download = true)
    {
        $asset = Asset::find($assetId);
        // the asset is valid
        if (isset($asset->id)) {
            $this->authorize('view', $asset);

-            if (! $log = Actionlog::whereNotNull('filename')->where('item_id', $asset->id)->find($fileId)) {
+            if (! $log = Actionlog::find($fileId)) {
                return response('No matching record for that asset/file', 500)
                    ->header('Content-Type', 'text/plain');
            }
@@ -103,13 +103,12 @@ class AssetFilesController extends Controller
                    ->header('Content-Type', 'text/plain');
            }

-            if (request('inline') == 'true') {
+            if ($download != 'true') {
+                if ($contents = file_get_contents(Storage::url($file))) {
+                    return Response::make(Storage::url($file)->header('Content-Type', mime_content_type($file)));
+                }

-                $headers = [
-                    'Content-Disposition' => 'inline',
-                ];
-
-                return Storage::download($file, $log->filename, $headers);
+                return JsonResponse::create(['error' => 'Failed validation: '], 500);
            }

            return StorageHelper::downloader($file);
@@ -6,28 +6,32 @@ use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\ImageUploadRequest;
 use App\Models\Actionlog;
-use App\Models\Manufacturer;
-use Illuminate\Support\Facades\Log;
 use App\Models\Asset;
 use App\Models\AssetModel;
 use App\Models\CheckoutRequest;
 use App\Models\Company;
 use App\Models\Location;
 use App\Models\Setting;
-use App\Models\Statuslabel;
 use App\Models\User;
-use Illuminate\Support\Facades\Auth;
-use App\View\Label;
+use Auth;
 use Carbon\Carbon;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\View;
-use Illuminate\Support\Facades\Gate;
+use DB;
+use Gate;
 use Illuminate\Http\Request;
-use Illuminate\Support\Facades\Crypt;
+use Illuminate\Support\Facades\Cache;
 use Illuminate\Support\Facades\Storage;
-use Illuminate\Support\Facades\Validator;
+use Illuminate\Support\Facades\Cookie;
+use Input;
+use Intervention\Image\Facades\Image;
 use League\Csv\Reader;
-use Illuminate\Support\Facades\Redirect;
+use League\Csv\Statement;
+use Paginator;
+use Redirect;
+use Response;
+use Slack;
+use Str;
+use TCPDF;
+use View;

 /**
 * This class controls all actions related to assets for
@@ -136,14 +140,12 @@ class AssetsController extends Controller
            $asset->depreciate              = '0';
            $asset->status_id               = request('status_id');
            $asset->warranty_months         = request('warranty_months', null);
-            $asset->purchase_cost           = request('purchase_cost');
+            $asset->purchase_cost           = Helper::ParseCurrency($request->get('purchase_cost'));
            $asset->purchase_date           = request('purchase_date', null);
-            $asset->asset_eol_date          = request('asset_eol_date', null);
            $asset->assigned_to             = request('assigned_to', null);
            $asset->supplier_id             = request('supplier_id', null);
            $asset->requestable             = request('requestable', 0);
            $asset->rtd_location_id         = request('rtd_location_id', null);
-            $asset->byod                    = request('byod', 0);

            if (! empty($settings->audit_interval)) {
                $asset->next_audit_date = Carbon::now()->addMonths($settings->audit_interval)->toDateString();
@@ -167,9 +169,9 @@ class AssetsController extends Controller
                    if ($field->field_encrypted == '1') {
                        if (Gate::allows('admin')) {
                            if (is_array($request->input($field->db_column))) {
-                                $asset->{$field->db_column} = Crypt::encrypt(implode(', ', $request->input($field->db_column)));
+                                $asset->{$field->db_column} = \Crypt::encrypt(implode(', ', $request->input($field->db_column)));
                            } else {
-                                $asset->{$field->db_column} = Crypt::encrypt($request->input($field->db_column));
+                                $asset->{$field->db_column} = \Crypt::encrypt($request->input($field->db_column));
                            }
                        }
                    } else {
@@ -205,9 +207,12 @@ class AssetsController extends Controller
        }

        if ($success) {
-            \Log::debug(e($asset->asset_tag));
+            // Redirect to the asset listing page
+            $minutes = 518400;
+            // dd( $_POST['options']);
+            // Cookie::queue(Cookie::make('optional_info', json_decode($_POST['options']), $minutes));
            return redirect()->route('hardware.index')
-                ->with('success-unescaped', trans('admin/hardware/message.create.success_linked', ['link' => route('hardware.show', $asset->id), 'id', 'tag' => e($asset->asset_tag)]));
+                ->with('success', trans('admin/hardware/message.create.success'));
               
      
        }
@@ -289,10 +294,10 @@ class AssetsController extends Controller
    /**
     * Validate and process asset edit form.
     *
-     * @param int $assetId
-     * @return \Illuminate\Http\RedirectResponse|Redirect
-     *@since [v1.0]
     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $assetId
+     * @since [v1.0]
+     * @return Redirect
     */
    public function update(ImageUploadRequest $request, $assetId = null)
    {
@@ -305,41 +310,14 @@ class AssetsController extends Controller

        $asset->status_id = $request->input('status_id', null);
        $asset->warranty_months = $request->input('warranty_months', null);
-        $asset->purchase_cost = $request->input('purchase_cost', null);
-        $asset->purchase_date = $request->input('purchase_date', null); 
-        if ($request->filled('purchase_date') && !$request->filled('asset_eol_date') && ($asset->model->eol > 0)) {
-            $asset->purchase_date = $request->input('purchase_date', null); 
-            $asset->asset_eol_date = Carbon::parse($request->input('purchase_date'))->addMonths($asset->model->eol)->format('Y-m-d');
-            $asset->eol_explicit = false;
-        } elseif ($request->filled('asset_eol_date')) {
-           $asset->asset_eol_date = $request->input('asset_eol_date', null);
-           $months = Carbon::parse($asset->asset_eol_date)->diffInMonths($asset->purchase_date);
-           if($asset->model->eol) {
-               if($months != $asset->model->eol > 0) {
-                   $asset->eol_explicit = true;
-               } else {
-                   $asset->eol_explicit = false;
-               }
-           } else {
-               $asset->eol_explicit = true;
-           }
-        } elseif (!$request->filled('asset_eol_date') && (($asset->model->eol) == 0)) {
-           $asset->asset_eol_date = null;
-		   $asset->eol_explicit = false;
-        }
+        $asset->purchase_cost = Helper::ParseCurrency($request->input('purchase_cost', null));
+        $asset->purchase_date = $request->input('purchase_date', null);
        $asset->supplier_id = $request->input('supplier_id', null);
        $asset->expected_checkin = $request->input('expected_checkin', null);

        // If the box isn't checked, it's not in the request at all.
        $asset->requestable = $request->filled('requestable');
        $asset->rtd_location_id = $request->input('rtd_location_id', null);
-        $asset->byod = $request->input('byod', 0);
-
-        $status = Statuslabel::find($asset->status_id);
-
-        if($status->archived){
-            $asset->assigned_to = null;
-        }

        if ($asset->assigned_to == '') {
            $asset->location_id = $request->input('rtd_location_id', null);
@@ -351,7 +329,7 @@ class AssetsController extends Controller
                unlink(public_path().'/uploads/assets/'.$asset->image);
                $asset->image = '';
            } catch (\Exception $e) {
-                Log::info($e);
+                \Log::info($e);
            }
        }

@@ -379,9 +357,9 @@ class AssetsController extends Controller
                if ($field->field_encrypted == '1') {
                    if (Gate::allows('admin')) {
                        if (is_array($request->input($field->db_column))) {
-                            $asset->{$field->db_column} = Crypt::encrypt(implode(', ', $request->input($field->db_column)));
+                            $asset->{$field->db_column} = \Crypt::encrypt(implode(', ', $request->input($field->db_column)));
                        } else {
-                            $asset->{$field->db_column} = Crypt::encrypt($request->input($field->db_column));
+                            $asset->{$field->db_column} = \Crypt::encrypt($request->input($field->db_column));
                        }
                    }
                } else {
@@ -429,7 +407,7 @@ class AssetsController extends Controller
            try {
                Storage::disk('public')->delete('assets'.'/'.$asset->image);
            } catch (\Exception $e) {
-                Log::debug($e);
+                \Log::debug($e);
            }
        }

@@ -463,12 +441,11 @@ class AssetsController extends Controller
     * @since [v3.0]
     * @return Redirect
     */
-    public function getAssetByTag(Request $request, $tag=null)
+    public function getAssetByTag(Request $request)
    {
-        $tag = $tag ? $tag : $request->get('assetTag');
        $topsearch = ($request->get('topsearch') == 'true');

-        if (! $asset = Asset::where('asset_tag', '=', $tag)->first()) {
+        if (! $asset = Asset::where('asset_tag', '=', $request->get('assetTag'))->first()) {
            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
        }
        $this->authorize('view', $asset);
@@ -544,7 +521,7 @@ class AssetsController extends Controller

                    return response($barcode_obj->getPngData())->header('Content-type', 'image/png');
                } catch (\Exception $e) {
-                    Log::debug('The barcode format is invalid.');
+                    \Log::debug('The barcode format is invalid.');

                    return response(file_get_contents(public_path('uploads/barcodes/invalid_barcode.gif')))->header('Content-type', 'image/gif');
                }
@@ -565,11 +542,9 @@ class AssetsController extends Controller
            $asset = Asset::find($assetId);
            $this->authorize('view', $asset);

-            return (new Label())
-                ->with('assets', collect([ $asset ]))
+            return view('hardware/labels')
+                ->with('assets', Asset::find($asset))
                ->with('settings', Setting::getSettings())
-                ->with('template', request()->get('template'))
-                ->with('offset', request()->get('offset'))
                ->with('bulkedit', false)
                ->with('count', 0);
        }
@@ -647,11 +622,7 @@ class AssetsController extends Controller
        $csv->setHeaderOffset(0);
        $header = $csv->getHeader();
        $isCheckinHeaderExplicit = in_array('checkin date', (array_map('strtolower', $header)));
-        try {
-            $results = $csv->getRecords();
-        } catch (\Exception $e) {
-            return back()->with('error', trans('general.error_in_import_file', ['error' => $e->getMessage()]));
-        } 
+        $results = $csv->getRecords();
        $item = [];
        $status = [];
        $status['error'] = [];
@@ -787,7 +758,7 @@ class AssetsController extends Controller
    }

    /**
-     * Restore a deleted asset.
+     * Retore a deleted asset.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param int $assetId
@@ -796,24 +767,21 @@ class AssetsController extends Controller
     */
    public function getRestore($assetId = null)
    {
-        if ($asset = Asset::withTrashed()->find($assetId)) {
-            $this->authorize('delete', $asset);
+        // Get asset information
+        $asset = Asset::withTrashed()->find($assetId);
+        $this->authorize('delete', $asset);
+        if (isset($asset->id)) {
+            // Restore the asset
+            Asset::withTrashed()->where('id', $assetId)->restore();

-            if ($asset->deleted_at == '') {
-                return redirect()->back()->with('error', trans('general.not_deleted', ['item_type' => trans('general.asset')]));
-            }
+            $logaction = new Actionlog();
+            $logaction->item_type = Asset::class;
+            $logaction->item_id = $asset->id;
+            $logaction->created_at = date('Y-m-d H:i:s');
+            $logaction->user_id = Auth::user()->id;
+            $logaction->logaction('restored');

-            if ($asset->restore()) {
-                // Redirect them to the deleted page if there are more, otherwise the section index
-                $deleted_assets = Asset::onlyTrashed()->count();
-                if ($deleted_assets > 0) {
-                    return redirect()->back()->with('success', trans('admin/hardware/message.restore.success'));
-                }
-                return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.restore.success'));
-            }
-
-            // Check validation to make sure we're not restoring an asset with the same asset tag (or unique attribute) as an existing asset
-            return redirect()->back()->with('error', trans('general.could_not_restore', ['item_type' => trans('general.asset'), 'error' => $asset->getErrors()->first()]));
+            return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.restore.success'));
        }

        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
@@ -868,7 +836,7 @@ class AssetsController extends Controller
            'next_audit_date' => 'date|nullable',
        ];

-        $validator = Validator::make($request->all(), $rules);
+        $validator = \Validator::make($request->all(), $rules);

        if ($validator->fails()) {
            return response()->json(Helper::formatStandardApiResponse('error', null, $validator->errors()->all()));
@@ -885,7 +853,7 @@ class AssetsController extends Controller
        // Check to see if they checked the box to update the physical location,
        // not just note it in the audit notes
        if ($request->input('update_location') == '1') {
-            Log::debug('update location in audit');
+            \Log::debug('update location in audit');
            $asset->location_id = $request->input('location_id');
        }

@@ -7,16 +7,12 @@ use App\Helpers\Helper;
 use App\Http\Controllers\CheckInOutRequest;
 use App\Http\Controllers\Controller;
 use App\Models\Asset;
-use App\Models\AssetModel;
-use App\Models\Statuslabel;
 use App\Models\Setting;
-use App\View\Label;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Facades\Session;
 use App\Http\Requests\AssetCheckoutRequest;
-use App\Models\CustomField;

 class BulkAssetsController extends Controller
 {
@@ -25,13 +21,6 @@ class BulkAssetsController extends Controller
    /**
     * Display the bulk edit page.
     *
-     * This method is super weird because it's kinda of like a controller within a controller.
-     * It's main function is to determine what the bulk action in, and then return a view with
-     * the information that view needs, be it bulk delete, bulk edit, restore, etc.
-     *
-     * This is something that made sense at the time, but sort of doesn't make sense now. A JS front-end to determine form
-     * action would make a lot more sense here and make things a lot more clear.
-     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @return View
     * @internal param int $assetId
@@ -40,11 +29,8 @@ class BulkAssetsController extends Controller
     */
    public function edit(Request $request)
    {
-        $this->authorize('view', Asset::class);
+        $this->authorize('update', Asset::class);

-        /**
-         * No asset IDs were passed
-         */
        if (! $request->filled('ids')) {
            return redirect()->back()->with('error', trans('admin/hardware/message.update.no_assets_selected'));
        }
@@ -53,53 +39,27 @@ class BulkAssetsController extends Controller
        $bulk_back_url = request()->headers->get('referer');
        session(['bulk_back_url' => $bulk_back_url]);

-
-        $asset_ids = $request->input('ids');
-        $assets = Asset::with('assignedTo', 'location', 'model')->find($asset_ids);
-
-        $models = $assets->unique('model_id');
-        $modelNames = [];
-        foreach($models as $model) {
-            $modelNames[] = $model->model->name;
-        }
+        $asset_ids = array_values(array_unique($request->input('ids')));

        if ($request->filled('bulk_actions')) {
-
-
            switch ($request->input('bulk_actions')) {
                case 'labels':
-                    $this->authorize('view', Asset::class);
-
-                    return (new Label)
-                        ->with('assets', $assets)
+                    return view('hardware/labels')
+                        ->with('assets', Asset::find($asset_ids))
                        ->with('settings', Setting::getSettings())
                        ->with('bulkedit', true)
                        ->with('count', 0);
-
                case 'delete':
-                    $this->authorize('delete', Asset::class);
-                    $assets->each(function ($assets) {
-                        $this->authorize('delete', $assets);
-                    });
-
-                    return view('hardware/bulk-delete')->with('assets', $assets);
-                   
-                case 'restore':
-                    $this->authorize('update', Asset::class);
-                    $assets = Asset::withTrashed()->find($asset_ids);
+                    $assets = Asset::with('assignedTo', 'location')->find($asset_ids);
                    $assets->each(function ($asset) {
                        $this->authorize('delete', $asset);
                    });
-                    return view('hardware/bulk-restore')->with('assets', $assets);

+                    return view('hardware/bulk-delete')->with('assets', $assets);
                case 'edit':
-                    $this->authorize('update', Asset::class);
-
                    return view('hardware/bulk')
                        ->with('assets', $asset_ids)
-                        ->with('statuslabel_list', Helper::statusLabelList())
-                        ->with('models', $models->pluck(['model']))
-                        ->with('modelNames', $modelNames);
+                        ->with('statuslabel_list', Helper::statusLabelList());
            }
        }

@@ -117,35 +77,19 @@ class BulkAssetsController extends Controller
    public function update(Request $request)
    {
        $this->authorize('update', Asset::class);
-        $has_errors = 0;
-        $error_array = array();

        // Get the back url from the session and then destroy the session
        $bulk_back_url = route('hardware.index');
-
        if ($request->session()->has('bulk_back_url')) {
            $bulk_back_url = $request->session()->pull('bulk_back_url');
        }

-       $custom_field_columns = CustomField::all()->pluck('db_column')->toArray();

-     
-        if (! $request->filled('ids') || count($request->input('ids')) == 0) {
+        if (! $request->filled('ids') || count($request->input('ids')) <= 0) {
            return redirect($bulk_back_url)->with('error', trans('admin/hardware/message.update.no_assets_selected'));
        }

-
-        $assets = Asset::whereIn('id', array_keys($request->input('ids')))->get();
-
-
-
-        /**
-         * If ANY of these are filled, prepare to update the values on the assets.
-         *
-         * Additional checks will be needed for some of them to make sure the values
-         * make sense (for example, changing the status ID to something incompatible with
-         * its checkout status.
-         */
+        $assets = array_keys($request->input('ids'));

        if (($request->filled('purchase_date'))
            || ($request->filled('expected_checkin'))
@@ -158,39 +102,22 @@ class BulkAssetsController extends Controller
            || ($request->filled('company_id'))
            || ($request->filled('status_id'))
            || ($request->filled('model_id'))
-            || ($request->filled('next_audit_date'))
            || ($request->filled('null_purchase_date'))
            || ($request->filled('null_expected_checkin_date'))
-            || ($request->filled('null_next_audit_date'))
-            || ($request->anyFilled($custom_field_columns))
-
        ) {
-            // Let's loop through those assets and build an update array
-            foreach ($assets as $asset) {
+            foreach ($assets as $assetId) {

                $this->update_array = [];

-                /**
-                 * Leave out model_id and status here because we do math on that later. We have to do some extra
-                 * validation and checks on those two.
-                 *
-                 * It's tempting to make these match the request check above, but some of these values require
-                 * extra work to make sure the data makes sense.
-                 */
                $this->conditionallyAddItem('purchase_date')
                    ->conditionallyAddItem('expected_checkin')
+                    ->conditionallyAddItem('model_id')
                    ->conditionallyAddItem('order_number')
                    ->conditionallyAddItem('requestable')
+                    ->conditionallyAddItem('status_id')
                    ->conditionallyAddItem('supplier_id')
-                    ->conditionallyAddItem('warranty_months')
-                    ->conditionallyAddItem('next_audit_date');
-                    foreach ($custom_field_columns as $key => $custom_field_column) {
-                        $this->conditionallyAddItem($custom_field_column); 
-                   }
+                    ->conditionallyAddItem('warranty_months');

-                /**
-                 * Blank out fields that were requested to be blanked out via checkbox
-                 */
                if ($request->input('null_purchase_date')=='1') {
                    $this->update_array['purchase_date'] = null;
                }
@@ -199,12 +126,8 @@ class BulkAssetsController extends Controller
                    $this->update_array['expected_checkin'] = null;
                }

-                if ($request->input('null_next_audit_date')=='1') {
-                    $this->update_array['next_audit_date'] = null;
-                }
-
                if ($request->filled('purchase_cost')) {
-                    $this->update_array['purchase_cost'] =  $request->input('purchase_cost');
+                    $this->update_array['purchase_cost'] =  Helper::ParseCurrency($request->input('purchase_cost'));
                }

                if ($request->filled('company_id')) {
@@ -214,152 +137,41 @@ class BulkAssetsController extends Controller
                    }
                }

-                /**
-                 * We're trying to change the model ID - we need to do some extra checks here to make sure
-                 * the custom field values work for the custom fieldset rules around this asset. Uniqueness
-                 * and requiredness across the fieldset is particularly important, since those are
-                 * fieldset-specific attributes.
-                 */
-                if ($request->filled('model_id')) {
-                    $this->update_array['model_id'] = AssetModel::find($request->input('model_id'))->id;
-                }
-
-                /**
-                 * We're trying to change the status ID - we need to do some extra checks here to
-                 * make sure the status label type is one that makes sense for the state of the asset,
-                 * for example, we shouldn't be able to make an asset archived if it's currently assigned
-                 * to someone/something.
-                 */
-                if ($request->filled('status_id')) {
-                    $updated_status = Statuslabel::find($request->input('status_id'));
-
-                    // We cannot assign a non-deployable status type if the asset is already assigned.
-                    // This could probably be added to a form request.
-                    // If the asset isn't assigned, we don't care what the status is.
-                    // Otherwise we need to make sure the status type is still a deployable one.
-                    if (
-                        ($asset->assigned_to == '')
-                        || ($updated_status->deployable == '1') && ($asset->assetstatus->deployable == '1')
-                    ) {
-                        $this->update_array['status_id'] = $updated_status->id;
-                    }
-
-                }
-
-                /**
-                 * We're changing the location ID - figure out which location we should apply
-                 * this change to:
-                 *
-                 * 0 - RTD location only
-                 * 1 - location ID and RTD location ID
-                 * 2 - location ID only
-                 *
-                 * Note: this is kinda dumb and we should just use human-readable values IMHO. - snipe
-                 */
                if ($request->filled('rtd_location_id')) {
-
-                    if (($request->filled('update_real_loc')) && (($request->input('update_real_loc')) == '0')) {
-                        $this->update_array['rtd_location_id'] = $request->input('rtd_location_id');
-                    }
-
+                    $this->update_array['rtd_location_id'] = $request->input('rtd_location_id');
                    if (($request->filled('update_real_loc')) && (($request->input('update_real_loc')) == '1')) {
                        $this->update_array['location_id'] = $request->input('rtd_location_id');
-                        $this->update_array['rtd_location_id'] = $request->input('rtd_location_id');
                    }
-
-                    if (($request->filled('update_real_loc')) && (($request->input('update_real_loc')) == '2')) {
-                        $this->update_array['location_id'] = $request->input('rtd_location_id');
-                    }
-
                }

-
-                /**
-                 * ------------------------------------------------------------------------------
-                 * ANYTHING that happens past this foreach
-                 * WILL NOT BE logged in the edit log_meta data
-                 *  ------------------------------------------------------------------------------
-                 */
                $changed = [];
+                $asset = Asset::where('id' ,$assetId)->get();

                foreach ($this->update_array as $key => $value) {
-
-                    if ($this->update_array[$key] != $asset->{$key}) {
-                        $changed[$key]['old'] = $asset->{$key};
+                    if ($this->update_array[$key] != $asset->toArray()[0][$key]) {
+                        $changed[$key]['old'] = $asset->toArray()[0][$key];
                        $changed[$key]['new'] = $this->update_array[$key];
                    }
-
                }

-                /**
-                 * Start all the custom fields shenanigans
-                 */
+                $logAction = new Actionlog();
+                $logAction->item_type = Asset::class;
+                $logAction->item_id = $assetId;
+                $logAction->created_at =  date("Y-m-d H:i:s");
+                $logAction->user_id = Auth::id();
+                $logAction->log_meta = json_encode($changed);
+                $logAction->logaction('update');

-                // Does the model have a fieldset?
-                if ($asset->model->fieldset) {
-                    foreach ($asset->model->fieldset->fields as $field) {
-
-                        if ((array_key_exists($field->db_column, $this->update_array)) && ($field->field_encrypted == '1')) {
-                            $decrypted_old = Helper::gracefulDecrypt($field, $asset->{$field->db_column});
-
-                            /*
-                             * Check if the decrypted existing value is different from one we just submitted
-                             * and if not, pull it out of the object since it shouldn't really be updating at all.
-                             * If we don't do this, it will try to re-encrypt it, and the same value encrypted two
-                             * different times will have different values, so it will *look* like it was updated
-                             * but it wasn't.
-                             */
-                            if ($decrypted_old != $this->update_array[$field->db_column]) {
-                                $asset->{$field->db_column} = \Crypt::encrypt($this->update_array[$field->db_column]);
-                            } else {
-                                /*
-                                 * Remove the encrypted custom field from the update_array, since nothing changed
-                                 */
-                                unset($this->update_array[$field->db_column]);
-                                unset($asset->{$field->db_column});
-                            }
-
-                            /*
-                             * These custom fields aren't encrypted, just carry on as usual
-                             */
-                        } else {
-
-                            if ((array_key_exists($field->db_column, $this->update_array)) && ($asset->{$field->db_column} != $this->update_array[$field->db_column])) {
-
-                                // Check if this is an array, and if so, flatten it
-                                if (is_array($this->update_array[$field->db_column])) {
-                                    $asset->{$field->db_column} = implode(', ', $this->update_array[$field->db_column]);
-                                } else {
-                                    $asset->{$field->db_column} = $this->update_array[$field->db_column];
-                                }
-                            }
-                        }
-
-                    } // endforeach
-                }
-
-
-                // Check if it passes validation, and then try to save
-                if (!$asset->update($this->update_array)) {
-
-                    // Build the error array
-                    foreach ($asset->getErrors()->toArray() as $key => $message) {
-                        for ($x = 0; $x < count($message); $x++) {
-                            $error_array[$key][] = trans('general.asset') . ' ' . $asset->id . ': ' . $message[$x];
-                            $has_errors++;
-                        }
-                    }
-
-                }  // end if saved
-
-            } // end asset foreach
-
-            if ($has_errors > 0) {
-                return redirect($bulk_back_url)->with('bulk_asset_errors', $error_array);
-            }
+                DB::table('assets')
+                    ->where('id', $assetId)
+                    ->update($this->update_array);
+            } // endforeach

            return redirect($bulk_back_url)->with('success', trans('admin/hardware/message.update.success'));
+
+
        }
+
        // no values given, nothing to update
        return redirect($bulk_back_url)->with('warning', trans('admin/hardware/message.update.nothing_updated'));
    }
@@ -476,8 +288,7 @@ class BulkAssetsController extends Controller
                foreach ($asset_ids as $asset_id) {
                    $asset = Asset::findOrFail($asset_id);
                    $this->authorize('checkout', $asset);
-
-                    $error = $asset->checkOut($target, $admin, $checkout_at, $expected_checkin, e($request->get('note')), $asset->name, null);
+                    $error = $asset->checkOut($target, $admin, $checkout_at, $expected_checkin, e($request->get('note')), null);

                    if ($target->location_id != '') {
                        $asset->location_id = $target->location_id;
@@ -500,19 +311,5 @@ class BulkAssetsController extends Controller
        } catch (ModelNotFoundException $e) {
            return redirect()->route('hardware.bulkcheckout.show')->with('error', $e->getErrors());
        }
-        
-    }
-    public function restore(Request $request) {
-        $this->authorize('update', Asset::class);
-       $assetIds = $request->get('ids');
-      if (empty($assetIds)) {
-          return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.restore.nothing_updated'));
-        } else {
-            foreach ($assetIds as $key => $assetId) {
-                    $asset = Asset::withTrashed()->find($assetId);
-                    $asset->restore(); 
-            } 
-        return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.restore.success'));
-        }
    }
 }
@@ -56,6 +56,7 @@ class LoginController extends Controller
        parent::__construct();
        $this->middleware('guest', ['except' => ['logout', 'postTwoFactorAuth', 'getTwoFactorAuth', 'getTwoFactorEnroll']]);
        Session::put('backUrl', \URL::previous());
+        // $this->ldap = $ldap;
        $this->saml = $saml;
    }

@@ -81,6 +82,7 @@ class LoginController extends Controller
        }

        if (Setting::getSettings()->login_common_disabled == '1') {
+            \Log::debug('login_common_disabled is set to 1 - return a 403');
            return view('errors.403');
        }

@@ -121,7 +123,7 @@ class LoginController extends Controller

                if ($user = Auth::user()) {
                    $user->last_login = \Carbon::now();
-                    $user->saveQuietly();
+                    $user->save();
                }
                
            } catch (\Exception $e) {
@@ -189,15 +191,13 @@ class LoginController extends Controller

             $ldap_attr = Ldap::parseAndMapLdapAttributes($ldap_user);

-            $user->password = $user->noPassword();
            if (Setting::getSettings()->ldap_pw_sync=='1') {
                $user->password = bcrypt($request->input('password'));
            }
-
            $user->email = $ldap_attr['email'];
            $user->first_name = $ldap_attr['firstname'];
            $user->last_name = $ldap_attr['lastname']; //FIXME (or TODO?) - do we need to map additional fields that we now support? E.g. country, phone, etc.
-            $user->saveQuietly();
+            $user->save();
        } // End if(!user)
        return $user;
    }
@@ -317,7 +317,7 @@ class LoginController extends Controller
        if ($user = Auth::user()) {
            $user->last_login = \Carbon::now();
            $user->activated = 1;
-            $user->saveQuietly();
+            $user->save();
        }
        // Redirect to the users page
        return redirect()->intended()->with('success', trans('auth/message.signin.success'));
@@ -369,7 +369,7 @@ class LoginController extends Controller
                [-2, -2, -2, -2]
            );

-        $user->saveQuietly(); // make sure to save *AFTER* displaying the barcode, or else we might save a two_factor_secret that we never actually displayed to the user if the barcode fails
+        $user->save(); // make sure to save *AFTER* displaying the barcode, or else we might save a two_factor_secret that we never actually displayed to the user if the barcode fails

        return view('auth.two_factor_enroll')->with('barcode_obj', $barcode_obj);
    }
@@ -424,7 +424,7 @@ class LoginController extends Controller

        if (Google2FA::verifyKey($user->two_factor_secret, $secret)) {
            $user->two_factor_enrolled = 1;
-            $user->saveQuietly();
+            $user->save();
            $request->session()->put('2fa_authed', $user->id);

            return redirect()->route('home')->with('success', 'You are logged in!');
@@ -92,7 +92,7 @@ class BulkAssetModelsController extends Controller
            AssetModel::whereIn('id', $models_raw_array)->update($update_array);

            return redirect()->route('models.index')
-                ->with('success', trans_choice('admin/models/message.bulkedit.success', count($models_raw_array), ['model_count' => count($models_raw_array)]));
+                ->with('success', trans('admin/models/message.bulkedit.success'));
        }

        return redirect()->route('models.index')
@@ -60,9 +60,6 @@ final class CompaniesController extends Controller

        $company = new Company;
        $company->name = $request->input('name');
-        $company->phone = $request->input('phone');
-        $company->fax = $request->input('fax');
-        $company->email = $request->input('email');

        $company = $request->handleImages($company);

@@ -114,9 +111,6 @@ final class CompaniesController extends Controller
        $this->authorize('update', $company);

        $company->name = $request->input('name');
-        $company->phone = $request->input('phone');
-        $company->fax = $request->input('fax');
-        $company->email = $request->input('email');

        $company = $request->handleImages($company);

@@ -125,7 +119,8 @@ final class CompaniesController extends Controller
                ->with('success', trans('admin/companies/message.update.success'));
        }

-        return redirect()->back()->withInput()->withErrors($company->getErrors());
+        return redirect()->route('companies.edit', ['company' => $companyId])
+            ->with('error', trans('admin/companies/message.update.error'));
    }

    /**
@@ -56,11 +56,10 @@ class ComponentCheckinController extends Controller
     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
-    public function store(Request $request, $component_asset_id, $backto = null)
+    public function store(Request $request, $component_asset_id)
    {
        if ($component_assets = DB::table('components_assets')->find($component_asset_id)) {
            if (is_null($component = Component::find($component_assets->component_id))) {
-
                return redirect()->route('components.index')->with('error',
                    trans('admin/components/message.not_found'));
            }
@@ -96,10 +95,6 @@ class ComponentCheckinController extends Controller
            $asset = Asset::find($component_assets->asset_id);

            event(new CheckoutableCheckedIn($component, $asset, Auth::user(), $request->input('note'), Carbon::now()));
-            if ($backto == 'asset'){
-                return redirect()->route('hardware.show', $asset->id)->with('success',
-                    trans('admin/components/message.checkin.success'));
-            }

            return redirect()->route('components.index')->with('success',
                trans('admin/components/message.checkin.success'));
@@ -20,38 +20,20 @@ class ComponentCheckoutController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @see ComponentCheckoutController::store() method that stores the data.
     * @since [v3.0]
-     * @param int $id
+     * @param int $componentId
     * @return \Illuminate\Contracts\View\View
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
-    public function create($id)
+    public function create($componentId)
    {
-
-        if ($component = Component::find($id)) {
-
-            $this->authorize('checkout', $component);
-
-            // Make sure the category is valid
-            if ($component->category) {
-
-                // Make sure there is at least one available to checkout
-                if ($component->numRemaining() <= 0){
-                    return redirect()->route('components.index')
-                        ->with('error', trans('admin/components/message.checkout.unavailable'));
-                }
-
-                // Return the checkout view
-                return view('components/checkout', compact('component'));
-            }
-
-            // Invalid category
-            return redirect()->route('components.edit', ['component' => $component->id])
-                ->with('error', trans('general.invalid_item_category_single', ['type' => trans('general.component')]));
+        // Check if the component exists
+        if (is_null($component = Component::find($componentId))) {
+            // Redirect to the component management page with error
+            return redirect()->route('components.index')->with('error', trans('admin/components/message.not_found'));
        }
+        $this->authorize('checkout', $component);

-        // Not found
-        return redirect()->route('components.index')->with('error', trans('admin/components/message.not_found'));
-
+        return view('components/checkout', compact('component'));
    }

    /**
@@ -68,7 +50,7 @@ class ComponentCheckoutController extends Controller
    public function store(Request $request, $componentId)
    {
        // Check if the component exists
-        if (!$component = Component::find($componentId)) {
+        if (is_null($component = Component::find($componentId))) {
            // Redirect to the component management page with error
            return redirect()->route('components.index')->with('error', trans('admin/components/message.not_found'));
        }
@@ -76,15 +58,9 @@ class ComponentCheckoutController extends Controller
        $this->authorize('checkout', $component);

        $max_to_checkout = $component->numRemaining();
-
-        // Make sure there are at least the requested number of components available to checkout
-        if ($max_to_checkout < $request->get('assigned_qty')) {
-            return redirect()->back()->withInput()->with('error', trans('admin/components/message.checkout.unavailable', ['remaining' => $max_to_checkout, 'requested' => $request->get('assigned_qty')]));
-        }
-
        $validator = Validator::make($request->all(), [
-            'asset_id'          => 'required|exists:assets,id',
-            'assigned_qty'      => "required|numeric|min:1|digits_between:1,$max_to_checkout",
+            'asset_id'          => 'required',
+            'assigned_qty'      => "required|numeric|between:1,$max_to_checkout",
        ]);

        if ($validator->fails()) {
@@ -93,17 +69,24 @@ class ComponentCheckoutController extends Controller
                ->withInput();
        }

+        $admin_user = Auth::user();
+        $asset_id = e($request->input('asset_id'));
+
        // Check if the user exists
-        $asset = Asset::find($request->input('asset_id'));
+        if (is_null($asset = Asset::find($asset_id))) {
+            // Redirect to the component management page with error
+            return redirect()->route('components.index')->with('error', trans('admin/components/message.asset_does_not_exist'));
+        }

        // Update the component data
-        $component->asset_id = $request->input('asset_id');
+        $component->asset_id = $asset_id;
+
        $component->assets()->attach($component->id, [
            'component_id' => $component->id,
-            'user_id' => Auth::user(),
+            'user_id' => $admin_user->id,
            'created_at' => date('Y-m-d H:i:s'),
            'assigned_qty' => $request->input('assigned_qty'),
-            'asset_id' => $request->input('asset_id'),
+            'asset_id' => $asset_id,
            'note' => $request->input('note'),
        ]);

@@ -71,14 +71,13 @@ class ComponentsController extends Controller
        $component = new Component();
        $component->name                   = $request->input('name');
        $component->category_id            = $request->input('category_id');
-        $component->supplier_id            = $request->input('supplier_id');
        $component->location_id            = $request->input('location_id');
        $component->company_id             = Company::getIdForCurrentUser($request->input('company_id'));
        $component->order_number           = $request->input('order_number', null);
        $component->min_amt                = $request->input('min_amt', null);
        $component->serial                 = $request->input('serial', null);
        $component->purchase_date          = $request->input('purchase_date', null);
-        $component->purchase_cost          = $request->input('purchase_cost', null);
+        $component->purchase_cost          = Helper::ParseCurrency($request->input('purchase_cost', null));
        $component->qty                    = $request->input('qty');
        $component->user_id                = Auth::id();
        $component->notes                  = $request->input('notes');
@@ -146,14 +145,13 @@ class ComponentsController extends Controller
        // Update the component data
        $component->name                   = $request->input('name');
        $component->category_id            = $request->input('category_id');
-        $component->supplier_id            = $request->input('supplier_id');
        $component->location_id            = $request->input('location_id');
        $component->company_id             = Company::getIdForCurrentUser($request->input('company_id'));
        $component->order_number           = $request->input('order_number');
        $component->min_amt                = $request->input('min_amt');
        $component->serial                 = $request->input('serial');
        $component->purchase_date          = $request->input('purchase_date');
-        $component->purchase_cost          = request('purchase_cost');
+        $component->purchase_cost          = Helper::ParseCurrency(request('purchase_cost'));
        $component->qty                    = $request->input('qty');
        $component->notes                  = $request->input('notes');

@@ -132,7 +132,7 @@ class ComponentsFilesController extends Controller
     * @return \Symfony\Component\HttpFoundation\Response
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
-    public function show($componentId = null, $fileId = null)
+    public function show($componentId = null, $fileId = null, $download = true)
    {
        \Log::debug('Private filesystem is: '.config('filesystems.default'));
        $component = Component::find($componentId);
@@ -142,7 +142,7 @@ class ComponentsFilesController extends Controller
            $this->authorize('view', $component);
            $this->authorize('components.files', $component);

-            if (! $log = Actionlog::whereNotNull('filename')->where('item_id', $component->id)->find($fileId)) {
+            if (! $log = Actionlog::find($fileId)) {
                return response('No matching record for that asset/file', 500)
                    ->header('Content-Type', 'text/plain');
            }
@@ -157,17 +157,21 @@ class ComponentsFilesController extends Controller
                    ->header('Content-Type', 'text/plain');
            } else {

-                // Display the file inline
-                if (request('inline') == 'true') {
-                    $headers = [
-                        'Content-Disposition' => 'inline',
-                    ];
-                    return Storage::download($file, $log->filename, $headers);
-                }
-
                if (config('filesystems.default') == 'local') { // TODO - is there any way to fix this at the StorageHelper layer?
                    return StorageHelper::downloader($file);
-                } 
+                } else {
+                    if ($download != 'true') {
+                        \Log::debug('display the file');
+                        if ($contents = file_get_contents(Storage::url($file))) { // TODO - this will fail on private S3 files or large public ones
+                            return Response::make(Storage::url($file)->header('Content-Type', mime_content_type($file)));
+                        }
+
+                        return JsonResponse::create(['error' => 'Failed validation: '], 500);
+                    }
+
+                    return StorageHelper::downloader($file);
+
+                }
            }
        }

@@ -4,7 +4,6 @@ namespace App\Http\Controllers\Consumables;

 use App\Events\CheckoutableCheckedOut;
 use App\Http\Controllers\Controller;
-use App\Models\Accessory;
 use App\Models\Consumable;
 use App\Models\User;
 use Illuminate\Http\Request;
@@ -19,38 +18,18 @@ class ConsumableCheckoutController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @see ConsumableCheckoutController::store() method that stores the data.
     * @since [v1.0]
-     * @param int $id
+     * @param int $consumableId
     * @return \Illuminate\Contracts\View\View
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
-    public function create($id)
+    public function create($consumableId)
    {
-
-        if ($consumable = Consumable::with('users')->find($id)) {
-
-            $this->authorize('checkout', $consumable);
-
-            // Make sure the category is valid
-            if ($consumable->category) {
-
-                // Make sure there is at least one available to checkout
-                if ($consumable->numRemaining() <= 0){
-                    return redirect()->route('consumables.index')
-                        ->with('error', trans('admin/consumables/message.checkout.unavailable'));
-                }
-
-                // Return the checkout view
-                return view('consumables/checkout', compact('consumable'));
-            }
-
-            // Invalid category
-            return redirect()->route('consumables.edit', ['consumable' => $consumable->id])
-                ->with('error', trans('general.invalid_item_category_single', ['type' => trans('general.consumable')]));
+        if (is_null($consumable = Consumable::find($consumableId))) {
+            return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.does_not_exist'));
        }
+        $this->authorize('checkout', $consumable);

-        // Not found
-        return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.does_not_exist'));
-
+        return view('consumables/checkout', compact('consumable'));
    }

    /**
@@ -65,18 +44,12 @@ class ConsumableCheckoutController extends Controller
     */
    public function store(Request $request, $consumableId)
    {
-        if (is_null($consumable = Consumable::with('users')->find($consumableId))) {
+        if (is_null($consumable = Consumable::find($consumableId))) {
            return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.not_found'));
        }

        $this->authorize('checkout', $consumable);

-        // Make sure there is at least one available to checkout
-        if ($consumable->numRemaining() <= 0) {
-            return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.checkout.unavailable'));
-        }
-
-
        $admin_user = Auth::user();
        $assigned_to = e($request->input('assigned_to'));

@@ -68,7 +68,6 @@ class ConsumablesController extends Controller
        $consumable = new Consumable();
        $consumable->name                   = $request->input('name');
        $consumable->category_id            = $request->input('category_id');
-        $consumable->supplier_id            = $request->input('supplier_id');
        $consumable->location_id            = $request->input('location_id');
        $consumable->company_id             = Company::getIdForCurrentUser($request->input('company_id'));
        $consumable->order_number           = $request->input('order_number');
@@ -77,7 +76,7 @@ class ConsumablesController extends Controller
        $consumable->model_number           = $request->input('model_number');
        $consumable->item_no                = $request->input('item_no');
        $consumable->purchase_date          = $request->input('purchase_date');
-        $consumable->purchase_cost          = $request->input('purchase_cost');
+        $consumable->purchase_cost          = Helper::ParseCurrency($request->input('purchase_cost'));
        $consumable->qty                    = $request->input('qty');
        $consumable->user_id                = Auth::id();
        $consumable->notes                  = $request->input('notes');
@@ -145,7 +144,6 @@ class ConsumablesController extends Controller

        $consumable->name                   = $request->input('name');
        $consumable->category_id            = $request->input('category_id');
-        $consumable->supplier_id            = $request->input('supplier_id');
        $consumable->location_id            = $request->input('location_id');
        $consumable->company_id             = Company::getIdForCurrentUser($request->input('company_id'));
        $consumable->order_number           = $request->input('order_number');
@@ -154,7 +152,7 @@ class ConsumablesController extends Controller
        $consumable->model_number           = $request->input('model_number');
        $consumable->item_no                = $request->input('item_no');
        $consumable->purchase_date          = $request->input('purchase_date');
-        $consumable->purchase_cost          = $request->input('purchase_cost');
+        $consumable->purchase_cost          = Helper::ParseCurrency($request->input('purchase_cost'));
        $consumable->qty                    = Helper::ParseFloat($request->input('qty'));
        $consumable->notes                  = $request->input('notes');

@@ -131,7 +131,7 @@ class ConsumablesFilesController extends Controller
     * @return \Symfony\Consumable\HttpFoundation\Response
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
-    public function show($consumableId = null, $fileId = null)
+    public function show($consumableId = null, $fileId = null, $download = true)
    {
        $consumable = Consumable::find($consumableId);

@@ -140,7 +140,7 @@ class ConsumablesFilesController extends Controller
            $this->authorize('view', $consumable);
            $this->authorize('consumables.files', $consumable);

-            if (! $log = Actionlog::whereNotNull('filename')->where('item_id', $consumable->id)->find($fileId)) {
+            if (! $log = Actionlog::find($fileId)) {
                return response('No matching record for that asset/file', 500)
                    ->header('Content-Type', 'text/plain');
            }
@@ -155,19 +155,22 @@ class ConsumablesFilesController extends Controller
                    ->header('Content-Type', 'text/plain');
            } else {

-                // Display the file inline
-                if (request('inline') == 'true') {
-                    $headers = [
-                        'Content-Disposition' => 'inline',
-                    ];
-                    return Storage::download($file, $log->filename, $headers);
-                }
-
-
                // We have to override the URL stuff here, since local defaults in Laravel's Flysystem
                // won't work, as they're not accessible via the web
                if (config('filesystems.default') == 'local') { // TODO - is there any way to fix this at the StorageHelper layer?
                    return StorageHelper::downloader($file);
+                } else {
+                    if ($download != 'true') {
+                        \Log::debug('display the file');
+                        if ($contents = file_get_contents(Storage::url($file))) { // TODO - this will fail on private S3 files or large public ones
+                            return Response::make(Storage::url($file)->header('Content-Type', mime_content_type($file)));
+                        }
+
+                        return JsonResponse::create(['error' => 'Failed validation: '], 500);
+                    }
+
+                    return StorageHelper::downloader($file);
+
                }
            }
        }
@@ -9,11 +9,11 @@
 *
 * **THIS DOCUMENTATION DOES NOT COVER INSTALLATION.** If you're here and you're not a
 * developer, you're probably in the wrong place. Please see the
- * [Installation documentation](https://snipe-it.readme.io) for
+ * [Installation documentation](http://docs.snipeitapp.com) for
 * information on how to install Snipe-IT.
 *
 * To learn how to set up a development environment and get started developing for Snipe-IT,
- * please see the [contributing documentation](https://snipe-it.readme.io/docs/contributing-overview).
+ * please see the [contributing documentation](http://docs.snipeitapp.com/contributing.html).
 *
 * Only the Snipe-IT specific controllers, models, helpers, service providers,
 * etc have been included in this documentation (excluding vendors, Laravel core, etc)
@@ -7,7 +7,6 @@ use App\Http\Requests\CustomFieldRequest;
 use App\Models\CustomField;
 use App\Models\CustomFieldset;
 use Illuminate\Support\Facades\Auth;
-use Illuminate\Http\Request;
 use Redirect;

 /**
@@ -46,7 +45,7 @@ class CustomFieldsController extends Controller
     * @see CustomFieldsController::storeField()
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v5.1.5]
-     * @return \Illuminate\Http\RedirectResponse
+     * @return Redirect
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function show()
@@ -64,17 +63,14 @@ class CustomFieldsController extends Controller
     * @return \Illuminate\Support\Facades\View
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
-    public function create(Request $request)
+    public function create()
    {
        $this->authorize('create', CustomField::class);
-        $fieldsets = CustomFieldset::get();

        return view('custom_fields.fields.edit', [
            'predefinedFormats' => Helper::predefined_formats(),
-            'customFormat' => '',
-            'fieldsets' => $fieldsets,
-            'field' => new CustomField(),
-        ]);
+        'customFormat' => '',
+        ])->with('field', new CustomField());
    }

    /**
@@ -83,7 +79,7 @@ class CustomFieldsController extends Controller
     * @see CustomFieldsController::createField()
     * @author [Brady Wetherington] [<uberbrady@gmail.com>]
     * @since [v1.8]
-     * @return \Illuminate\Http\RedirectResponse
+     * @return Redirect
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function store(CustomFieldRequest $request)
@@ -108,34 +104,21 @@ class CustomFieldsController extends Controller
            "show_in_email" => $show_in_email,
            "is_unique" => $request->get("is_unique", 0),
            "display_in_user_view" => $display_in_user_view,
-            "auto_add_to_fieldsets" => $request->get("auto_add_to_fieldsets", 0),
-            "show_in_listview" => $request->get("show_in_listview", 0),
-            "show_in_requestable_list" => $request->get("show_in_requestable_list", 0),
            "user_id" => Auth::id()
        ]);


        if ($request->filled('custom_format')) {
-            $field->format = $request->get('custom_format');
+            $field->format = e($request->get('custom_format'));
        } else {
-            $field->format = $request->get('format');
+            $field->format = e($request->get('format'));
        }

        if ($field->save()) {
-
-            // Sync fields with fieldsets
-            $fieldset_array = $request->input('associate_fieldsets');
-            if ($request->has('associate_fieldsets') && (is_array($fieldset_array))) {
-                $field->fieldset()->sync(array_keys($fieldset_array));
-            } else {
-                $field->fieldset()->sync([]);
-            }
-
-
            return redirect()->route('fields.index')->with('success', trans('admin/custom_fields/message.field.create.success'));
        }

-        return redirect()->back()->with('selected_fieldsets', $request->input('associate_fieldsets'))->withInput()
+        return redirect()->back()->withInput()
            ->with('error', trans('admin/custom_fields/message.field.create.error'));
    }

@@ -145,7 +128,7 @@ class CustomFieldsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v3.0]
-     * @return \Illuminate\Http\RedirectResponse
+     * @return Redirect
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function deleteFieldFromFieldset($field_id, $fieldset_id)
@@ -164,7 +147,8 @@ class CustomFieldsController extends Controller
                ->with('success', trans('admin/custom_fields/message.field.delete.success'));
            } else {
                return redirect()->back()->withErrors(['message' => "Field is in use and cannot be deleted."]);
-            }
+            }  
+
        }

        return redirect()->back()->withErrors(['message' => "Error deleting field from fieldset"]);
@@ -177,7 +161,7 @@ class CustomFieldsController extends Controller
     *
     * @author [Brady Wetherington] [<uberbrady@gmail.com>]
     * @since [v1.8]
-     * @return \Illuminate\Http\RedirectResponse
+     * @return Redirect
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function destroy($field_id)
@@ -206,12 +190,12 @@ class CustomFieldsController extends Controller
     * @return \Illuminate\Support\Facades\View
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
-    public function edit(Request $request, $id)
+    public function edit($id)
    {
        if ($field = CustomField::find($id)) {

        $this->authorize('update', $field);
-        $fieldsets = CustomFieldset::get();
+
        $customFormat = '';
        if ((stripos($field->format, 'regex') === 0) && ($field->format !== CustomField::PREDEFINED_FORMATS['MAC'])) {
            $customFormat = $field->format;
@@ -220,7 +204,6 @@ class CustomFieldsController extends Controller
        return view('custom_fields.fields.edit', [
            'field'             => $field,
            'customFormat'      => $customFormat,
-            'fieldsets'         => $fieldsets,
            'predefinedFormats' => Helper::predefined_formats(),
        ]);
        } 
@@ -239,7 +222,7 @@ class CustomFieldsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param  int $id
     * @since [v4.0]
-     * @return \Illuminate\Http\RedirectResponse
+     * @return Redirect
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function update(CustomFieldRequest $request, $id)
@@ -266,9 +249,6 @@ class CustomFieldsController extends Controller
        $field->show_in_email = $show_in_email;
        $field->is_unique     = $request->get("is_unique", 0);
        $field->display_in_user_view = $display_in_user_view;
-        $field->auto_add_to_fieldsets = $request->get("auto_add_to_fieldsets", 0);
-        $field->show_in_listview = $request->get("show_in_listview", 0);
-        $field->show_in_requestable_list = $request->get("show_in_requestable_list", 0);

        if ($request->get('format') == 'CUSTOM REGEX') {
            $field->format = e($request->get('custom_format'));
@@ -276,21 +256,11 @@ class CustomFieldsController extends Controller
            $field->format = e($request->get('format'));
        }

-        if ($field->element == 'checkbox' || $field->element == 'radio'){
+        if($field->element == 'checkbox' || $field->element == 'radio'){
            $field->format = 'ANY';
        }

        if ($field->save()) {
-
-
-            // Sync fields with fieldsets
-            $fieldset_array = $request->input('associate_fieldsets');
-            if ($request->has('associate_fieldsets') && (is_array($fieldset_array))) {
-                $field->fieldset()->sync(array_keys($fieldset_array));
-            } else {
-                $field->fieldset()->sync([]);
-            }
-
            return redirect()->route('fields.index')->with('success', trans('admin/custom_fields/message.field.update.success'));
        }

@@ -75,9 +75,9 @@ class CustomFieldsetsController extends Controller
     */
    public function create()
    {
-        $this->authorize('create', CustomField::class);
+        $this->authorize('create', CustomFieldset::class);

-        return view('custom_fields.fieldsets.edit')->with('item', new CustomFieldset());
+        return view('custom_fields.fieldsets.edit');
    }

    /**
@@ -91,29 +91,18 @@ class CustomFieldsetsController extends Controller
     */
    public function store(Request $request)
    {
-        $this->authorize('create', CustomField::class);
+        $this->authorize('create', CustomFieldset::class);

-        $fieldset = new CustomFieldset([
-                'name' => $request->get('name'),
+        $cfset = new CustomFieldset([
+                'name' => e($request->get('name')),
                'user_id' => Auth::user()->id,
        ]);

-        $validator = Validator::make($request->all(), $fieldset->rules);
-
+        $validator = Validator::make($request->all(), $cfset->rules);
        if ($validator->passes()) {
-            $fieldset->save();
+            $cfset->save();

-            // Sync fieldset with auto_add_to_fieldsets
-            $fields = CustomField::select('id')->where('auto_add_to_fieldsets', '=', '1')->get();
-            if ($fields->count() > 0) {
-                foreach ($fields as $field) {
-                    $field_ids[] = $field->id;
-                }
-
-                $fieldset->fields()->sync($field_ids);
-            }
-
-            return redirect()->route('fieldsets.show', [$fieldset->id])
+            return redirect()->route('fieldsets.show', [$cfset->id])
                ->with('success', trans('admin/custom_fields/message.fieldset.create.success'));
        }

@@ -121,52 +110,31 @@ class CustomFieldsetsController extends Controller
    }

    /**
-     * Presents edit form for fieldset
+     * What the actual fuck, Brady?
     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @todo Uhh, build this?
+     * @author [Brady Wetherington] [<uberbrady@gmail.com>]
     * @param  int  $id
-     * @since [v6.0.14]
-     * @return Redirect
-     * @throws \Illuminate\Auth\Access\AuthorizationException
+     * @since [v1.8]
+     * @return Fuckall
     */
    public function edit($id)
    {
-        $this->authorize('create', CustomField::class);
-
-        if ($fieldset = CustomFieldset::find($id)) {
-            return view('custom_fields.fieldsets.edit')->with('item', $fieldset);
-        }
-
-        return redirect()->route('fields.index')->with('error', trans('admin/custom_fields/general.fieldset_does_not_exist', ['id' => $id]));
-
+        //
    }

    /**
-     * Saves updated fieldset data
+     * GET IN THE SEA BRADY.
     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @todo Uhh, build this too?
+     * @author [Brady Wetherington] [<uberbrady@gmail.com>]
     * @param  int  $id
-     * @since [v6.0.14]
-     * @return Redirect
-     * @throws \Illuminate\Auth\Access\AuthorizationException
+     * @since [v1.8]
+     * @return Fuckall
     */
-    public function update(Request $request, $id)
+    public function update($id)
    {
-        $this->authorize('create', CustomField::class);
-
-        if ($fieldset = CustomFieldset::find($id)) {
-
-            $fieldset->name = $request->input('name');
-
-            if ($fieldset->save()) {
-                return redirect()->route('fields.index')->with('success', trans('admin/custom_fields/general.fieldset_updated'));
-            }
-
-            return redirect()->back()->withInput()->withErrors($fieldset->getErrors());
-
-        }
-
-        return redirect()->route('fields.index')->with('error', trans('admin/custom_fields/general.fieldset_does_not_exist', ['id' => $id]));
+        //
    }

    /**
@@ -234,7 +202,7 @@ class CustomFieldsetsController extends Controller
     */
    public function makeFieldRequired($fieldset_id, $field_id)
    {
-        $this->authorize('update', CustomField::class);
+        $this->authorize('update', CustomFieldset::class);
        $field = CustomField::findOrFail($field_id);
        $fieldset = CustomFieldset::findOrFail($fieldset_id);
        $fields[$field->id] = ['required' => 1];
@@ -252,7 +220,7 @@ class CustomFieldsetsController extends Controller
     */
    public function makeFieldOptional($fieldset_id, $field_id)
    {
-        $this->authorize('update', CustomField::class);
+        $this->authorize('update', CustomFieldset::class);
        $field = CustomField::findOrFail($field_id);
        $fieldset = CustomFieldset::findOrFail($fieldset_id);
        $fields[$field->id] = ['required' => 0];
@@ -170,8 +170,6 @@ class DepartmentsController extends Controller
        $department->manager_id = ($request->filled('manager_id') ? $request->input('manager_id') : null);
        $department->location_id = ($request->filled('location_id') ? $request->input('location_id') : null);
        $department->company_id = ($request->filled('company_id') ? $request->input('company_id') : null);
-        $department->phone = $request->input('phone');
-        $department->fax = $request->input('fax');

        $department = $request->handleImages($department);

@@ -1,74 +0,0 @@
-<?php
-
-namespace App\Http\Controllers;
-
-use Illuminate\Http\Request;
-use App\Models\User;
-use Illuminate\Support\Facades\Auth;
-use Laravel\Socialite\Facades\Socialite;
-use Laravel\Socialite\Two\InvalidStateException;
-use App\Models\Setting;
-
-
-class GoogleAuthController extends Controller
-{
-    /**
-     * We need this constructor so that we override the socialite expected config variables,
-     * since we want to allow this to be changed via database fields
-     */
-    public function __construct()
-    {
-        parent::__construct();
-        $setting = Setting::getSettings();
-        config(['services.google.redirect' => config('app.url').'/google/callback']);
-        config(['services.google.client_id' => $setting->google_client_id]);
-        config(['services.google.client_secret' => $setting->google_client_secret]);
-    }
-
-    public function redirectToGoogle()
-    {
-        return Socialite::driver('google')->redirect();
-    }
-
-    public function handleGoogleCallback()
-    {
-        try {
-            $socialUser = Socialite::driver('google')->user();
-            \Log::debug('Google user found in Google Workspace');
-        } catch (InvalidStateException $exception) {
-            \Log::debug('Google user NOT found in Google Workspace');
-            return redirect()->route('login')
-                ->withErrors(
-                    [
-                        'username' => [
-                           trans('auth/general.google_login_failed')
-                        ],
-                    ]
-                );
-        }
-
-
-        $user = User::where('username', $socialUser->getEmail())->first();
-
-
-        if ($user) {
-            \Log::debug('Google user '.$socialUser->getEmail().' found in Snipe-IT');
-            $user->update([
-                'avatar'   => $socialUser->avatar,
-            ]);
-
-            Auth::login($user, true);
-            return redirect()->route('home');
-        }
-
-        \Log::debug('Google user '.$socialUser->getEmail().' NOT found in Snipe-IT');
-        return redirect()->route('login')
-            ->withErrors(
-                [
-                    'username' => [
-                        trans('auth/general.google_login_failed'),
-                    ],
-                ]
-            );
-    }
-}
@@ -92,7 +92,7 @@ class GroupsController extends Controller
            return view('groups.edit', compact('group', 'permissions', 'selected_array', 'groupPermissions'));
        }

-        return redirect()->route('groups.index')->with('error', trans('admin/groups/message.group_not_found', ['id' => $id]));
+        return redirect()->route('groups.index')->with('error', trans('admin/groups/message.group_not_found'));
    }

    /**
@@ -107,7 +107,7 @@ class GroupsController extends Controller
    public function update(Request $request, $id = null)
    {
        if (! $group = Group::find($id)) {
-            return redirect()->route('groups.index')->with('error', trans('admin/groups/message.group_not_found', ['id' => $id]));
+            return redirect()->route('groups.index')->with('error', trans('admin/groups/message.group_not_found', compact('id')));
        }
        $group->name = $request->input('name');
        $group->permissions = json_encode($request->input('permission'));
@@ -133,13 +133,14 @@ class GroupsController extends Controller
     * @return \Illuminate\Http\RedirectResponse
     * @throws \Exception
     */
-    public function destroy($id)
+    public function destroy($id = null)
    {
        if (! config('app.lock_passwords')) {
            if (! $group = Group::find($id)) {
-                return redirect()->route('groups.index')->with('error', trans('admin/groups/message.group_not_found', ['id' => $id]));
+                return redirect()->route('groups.index')->with('error', trans('admin/groups/message.group_not_found', compact('id')));
            }
            $group->delete();
+            // Redirect to the group management page
            return redirect()->route('groups.index')->with('success', trans('admin/groups/message.success.delete'));
        }

@@ -163,6 +164,6 @@ class GroupsController extends Controller
            return view('groups/view', compact('group'));
        }

-        return redirect()->route('groups.index')->with('error', trans('admin/groups/message.group_not_found', ['id' => $id]));
+        return redirect()->route('groups.index')->with('error', trans('admin/groups/message.group_not_found', compact('id')));
    }
 }
@@ -0,0 +1,22 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Http\Transformers\ImportsTransformer;
+use App\Models\Asset;
+use App\Models\Import;
+
+class ImportsController extends Controller
+{
+    /**
+     * @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function index()
+    {
+        $this->authorize('import');
+        $imports = (new ImportsTransformer)->transformImports(Import::latest()->get());
+
+        return view('importer/import')->with('imports', $imports);
+    }
+}
@@ -1,85 +0,0 @@
-<?php
-
-namespace App\Http\Controllers;
-
-use App\Models\Asset;
-use App\Models\AssetModel;
-use App\Models\Category;
-use App\Models\Company;
-use App\Models\Labels\Label;
-use App\Models\Location;
-use App\Models\Manufacturer;
-use App\Models\Setting;
-use App\Models\Supplier;
-use App\Models\User;
-use App\View\Label as LabelView;
-use Illuminate\Support\Facades\Storage;
-
-class LabelsController extends Controller
-{
-    /**
-     * Returns the Label view with test data
-     *
-     * @author Grant Le Roux <grant.leroux+snipe-it@gmail.com>
-     * @param  string  $labelName
-     * @return \Illuminate\Contracts\View\View
-     */
-    public function show(string $labelName)
-    {
-        $labelName = str_replace('/', '\\', $labelName);
-        $template = Label::find($labelName);
-
-        $exampleAsset = new Asset();
-
-        $exampleAsset->id = 999999;
-        $exampleAsset->name = 'JEN-867-5309';
-        $exampleAsset->asset_tag = '100001';
-        $exampleAsset->serial = 'SN9876543210';
-        $exampleAsset->asset_eol_date = '2025-01-01';
-        $exampleAsset->order_number = '12345';
-        $exampleAsset->purchase_date = '2023-01-01';
-        $exampleAsset->status_id = 1;
-
-        $exampleAsset->company = new Company([
-            'name' => 'Test Company Limited',
-            'phone' => '1-555-555-5555',
-            'email' => 'company@example.com',
-        ]);
-
-        $exampleAsset->setRelation('assignedTo', new User(['first_name' => 'Luke', 'last_name' => 'Skywalker']));
-        $exampleAsset->defaultLoc = new Location(['name' => 'Building 1', 'phone' => '1-555-555-5555']);
-        $exampleAsset->location = new Location(['name' => 'Building 2', 'phone' => '1-555-555-5555']);
-
-        $exampleAsset->model = new AssetModel();
-        $exampleAsset->model->id = 999999;
-        $exampleAsset->model->name = 'Test Model';
-        $exampleAsset->model->model_number = 'MDL5678';
-        $exampleAsset->model->manufacturer = new Manufacturer();
-        $exampleAsset->model->manufacturer->id = 999999;
-        $exampleAsset->model->manufacturer->name = 'Test Manufacturing Inc.';
-        $exampleAsset->model->manufacturer->support_email = 'support@test.com';
-        $exampleAsset->model->manufacturer->support_phone = '1-555-555-5555';
-        $exampleAsset->model->manufacturer->support_url = 'https://example.com';
-        $exampleAsset->supplier = new Supplier(['name' => 'Test Company Limited']);
-        $exampleAsset->model->category = new Category();
-        $exampleAsset->model->category->id = 999999;
-        $exampleAsset->model->category->name = 'Test Category';
-
-        $settings = Setting::getSettings();
-        if (request()->has('settings')) {
-            $overrides = request()->get('settings');
-            foreach ($overrides as $key => $value) {
-                $settings->$key = $value;
-            }
-        }
-
-        return (new LabelView())
-            ->with('assets', collect([$exampleAsset]))
-            ->with('settings', $settings)
-            ->with('template', $template)
-            ->with('bulkedit', false)
-            ->with('count', 0);
-
-        return redirect()->route('home')->with('error', trans('admin/labels/message.does_not_exist'));
-    }
-}
@@ -59,12 +59,6 @@ class LicenseCheckinController extends Controller
        }

        $license = License::find($licenseSeat->license_id);
-
-        // LicenseSeat is not assigned, it can't be checked in
-        if (is_null($licenseSeat->assigned_to) && is_null($licenseSeat->asset_id)) {
-            return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.checkin.error'));
-        }
-
        $this->authorize('checkout', $license);

        if (! $license->reassignable) {
@@ -76,7 +70,7 @@ class LicenseCheckinController extends Controller

        // Declare the rules for the form validation
        $rules = [
-            'notes'   => 'string|nullable',
+            'note'   => 'string|nullable',
        ];

        // Create a new validator instance from our validation rules
@@ -97,11 +91,10 @@ class LicenseCheckinController extends Controller
        // Update the asset data
        $licenseSeat->assigned_to = null;
        $licenseSeat->asset_id = null;
-        $licenseSeat->notes = $request->input('notes');

        // Was the asset updated?
        if ($licenseSeat->save()) {
-            event(new CheckoutableCheckedIn($licenseSeat, $return_to, Auth::user(), $request->input('notes')));
+            event(new CheckoutableCheckedIn($licenseSeat, $return_to, Auth::user(), $request->input('note')));

            if ($backTo == 'user') {
                return redirect()->route('users.show', $return_to->id)->with('success', trans('admin/licenses/message.checkin.success'));
@@ -113,61 +106,4 @@ class LicenseCheckinController extends Controller
        // Redirect to the license page with error
        return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.checkin.error'));
    }
-
-    /**
-     * Bulk checkin all license seats
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @see LicenseCheckinController::create() method that provides the form view
-     * @since [v6.1.1]
-     * @return \Illuminate\Http\RedirectResponse
-     * @throws \Illuminate\Auth\Access\AuthorizationException
-     */
-
-    public function bulkCheckin(Request $request, $licenseId) {
-
-        $license = License::findOrFail($licenseId);
-        $this->authorize('checkin', $license);
-
-        if (! $license->reassignable) {
-            // Not allowed to checkin
-            Session::flash('error', 'License not reassignable.');
-
-            return redirect()->back()->withInput();
-        }
-
-        $licenseSeatsByUser = LicenseSeat::where('license_id', '=', $licenseId)
-            ->whereNotNull('assigned_to')
-            ->with('user')
-            ->get();
-
-        foreach ($licenseSeatsByUser as $user_seat) {
-            $user_seat->assigned_to = null;
-
-            if ($user_seat->save()) {
-                \Log::debug('Checking in '.$license->name.' from user '.$user_seat->username);
-                $user_seat->logCheckin($user_seat->user, trans('admin/licenses/general.bulk.checkin_all.log_msg'));
-            }
-        }
-
-        $licenseSeatsByAsset = LicenseSeat::where('license_id', '=', $licenseId)
-            ->whereNotNull('asset_id')
-            ->with('asset')
-            ->get();
-
-        $count = 0;
-        foreach ($licenseSeatsByAsset as $asset_seat) {
-            $asset_seat->asset_id = null;
-
-            if ($asset_seat->save()) {
-                \Log::debug('Checking in '.$license->name.' from asset '.$asset_seat->asset_tag);
-                $asset_seat->logCheckin($asset_seat->asset, trans('admin/licenses/general.bulk.checkin_all.log_msg'));
-                $count++;
-            }
-        }
-
-        return redirect()->back()->with('success', trans_choice('admin/licenses/general.bulk.checkin_all.success', 2, ['count' => $count] ));
-
-    }
-
 }
@@ -5,7 +5,6 @@ namespace App\Http\Controllers\Licenses;
 use App\Events\CheckoutableCheckedOut;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\LicenseCheckoutRequest;
-use App\Models\Accessory;
 use App\Models\Asset;
 use App\Models\License;
 use App\Models\LicenseSeat;
@@ -22,38 +21,24 @@ class LicenseCheckoutController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
-     * @param $id
+     * @param $licenseId
     * @return \Illuminate\Contracts\View\View
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
-    public function create($id)
+    public function create($licenseId)
    {
+        // Check that the license is valid
+        if ($license = License::find($licenseId)) {

-        if ($license = License::find($id)) {
-
-            $this->authorize('checkout', $license);
-
-            if ($license->category) {
-
-                // Make sure there is at least one available to checkout
-                if ($license->availCount()->count() < 1){
-                    return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.checkout.not_enough_seats'));
-                }
-
-                // Return the checkout view
-                return view('licenses/checkout', compact('license'));
+            // If the license is valid, check that there is an available seat
+            if ($license->avail_seats_count < 1) {
+                return redirect()->route('licenses.index')->with('error', 'There are no available seats for this license');
            }
-
-            // Invalid category
-            return redirect()->route('licenses.edit', ['license' => $license->id])
-                ->with('error', trans('general.invalid_item_category_single', ['type' => trans('general.license')]));
-
        }

-        // Not found
-        return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.not_found'));
-
+        $this->authorize('checkout', $license);

+        return view('licenses/checkout', compact('license'));
    }

    /**
@@ -76,7 +61,6 @@ class LicenseCheckoutController extends Controller

        $licenseSeat = $this->findLicenseSeatToCheckout($license, $seatId);
        $licenseSeat->user_id = Auth::id();
-        $licenseSeat->notes = $request->input('notes');
        

        $checkoutMethod = 'checkoutTo'.ucwords(request('checkout_to_type'));
@@ -118,7 +102,7 @@ class LicenseCheckoutController extends Controller
            $licenseSeat->assigned_to = $target->assigned_to;
        }
        if ($licenseSeat->save()) {
-            event(new CheckoutableCheckedOut($licenseSeat, $target, Auth::user(), request('notes')));
+            event(new CheckoutableCheckedOut($licenseSeat, $target, Auth::user(), request('note')));

            return true;
        }
@@ -135,77 +119,11 @@ class LicenseCheckoutController extends Controller
        $licenseSeat->assigned_to = request('assigned_to');

        if ($licenseSeat->save()) {
-            event(new CheckoutableCheckedOut($licenseSeat, $target, Auth::user(), request('notes')));
+            event(new CheckoutableCheckedOut($licenseSeat, $target, Auth::user(), request('note')));

            return true;
        }

        return false;
    }
-
-    /**
-     * Bulk checkin all license seats
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @see LicenseCheckinController::create() method that provides the form view
-     * @since [v6.1.1]
-     * @return \Illuminate\Http\RedirectResponse
-     * @throws \Illuminate\Auth\Access\AuthorizationException
-     */
-
-    public function bulkCheckout($licenseId) {
-
-        \Log::debug('Checking out '.$licenseId.' via bulk');
-        $license = License::findOrFail($licenseId);
-        $this->authorize('checkin', $license);
-        $avail_count = $license->getAvailSeatsCountAttribute();
-
-        $users = User::whereNull('deleted_at')->where('autoassign_licenses', '=', 1)->with('licenses')->get();
-        \Log::debug($avail_count.' will be assigned');
-
-        if ($users->count() > $avail_count) {
-            \Log::debug('You do not have enough free seats to complete this task, so we will check out as many as we can. ');
-        }
-
-        // If the license is valid, check that there is an available seat
-        if ($license->availCount()->count() < 1) {
-            return redirect()->back()->with('error', trans('admin/licenses/general.bulk.checkout_all.error_no_seats'));
-        }
-
-
-        $assigned_count = 0;
-
-        foreach ($users as $user) {
-
-            // Check to make sure this user doesn't already have this license checked out to them
-            if ($user->licenses->where('id', '=', $licenseId)->count()) {
-                \Log::debug($user->username.' already has this license checked out to them. Skipping... ');
-                continue;
-            }
-
-            $licenseSeat = $license->freeSeat();
-
-            // Update the seat with checkout info
-            $licenseSeat->assigned_to = $user->id;
-
-            if ($licenseSeat->save()) {
-                $avail_count--;
-                $assigned_count++;
-                $licenseSeat->logCheckout(trans('admin/licenses/general.bulk.checkout_all.log_msg'), $user);
-                \Log::debug('License '.$license->name.' seat '.$licenseSeat->id.' checked out to '.$user->username);
-            }
-
-            if ($avail_count ==  0) {
-                return redirect()->back()->with('warning', trans('admin/licenses/general.bulk.checkout_all.warn_not_enough_seats', ['count' => $assigned_count]));
-            }
-        }
-
-        if ($assigned_count ==  0) {
-            return redirect()->back()->with('warning', trans('admin/licenses/general.bulk.checkout_all.warn_no_avail_users', ['count' => $assigned_count]));
-        }
-
-        return redirect()->back()->with('success', trans_choice('admin/licenses/general.bulk.checkout_all.success', 2, ['count' => $assigned_count] ));
-
-
-    }
 }
@@ -91,30 +91,29 @@ class LicenseFilesController extends Controller
     */
    public function destroy($licenseId = null, $fileId = null)
    {
-        if ($license = License::find($licenseId)) {
+        $license = License::find($licenseId);

+        // the asset is valid
+        if (isset($license->id)) {
            $this->authorize('update', $license);
+            $log = Actionlog::find($fileId);

-            if ($log = Actionlog::find($fileId)) {
-
-                // Remove the file if one exists
-                if (Storage::exists('licenses/'.$log->filename)) {
-                    try {
-                        Storage::delete('licenses/'.$log->filename);
-                    } catch (\Exception $e) {
-                        \Log::debug($e);
-                    }
+            // Remove the file if one exists
+            if (Storage::exists('licenses/'.$log->filename)) {
+                try {
+                    Storage::delete('licenses/'.$log->filename);
+                } catch (\Exception $e) {
+                    \Log::debug($e);
                }
-                
-                $log->delete();
-
-                return redirect()->back()
-                    ->with('success', trans('admin/hardware/message.deletefile.success'));
            }

-            return redirect()->route('licenses.index')->with('error', trans('general.log_does_not_exist'));
+            $log->delete();
+
+            return redirect()->back()
+                ->with('success', trans('admin/hardware/message.deletefile.success'));
        }

+        // Redirect to the licence management page
        return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.does_not_exist'));
    }

@@ -130,6 +129,7 @@ class LicenseFilesController extends Controller
     */
    public function show($licenseId = null, $fileId = null, $download = true)
    {
+        \Log::info('Private filesystem is: '.config('filesystems.default'));
        $license = License::find($licenseId);

        // the license is valid
@@ -137,7 +137,7 @@ class LicenseFilesController extends Controller
            $this->authorize('view', $license);
            $this->authorize('licenses.files', $license);

-            if (! $log = Actionlog::whereNotNull('filename')->where('item_id', $license->id)->find($fileId)) {
+            if (! $log = Actionlog::find($fileId)) {
                return response('No matching record for that asset/file', 500)
                    ->header('Content-Type', 'text/plain');
            }
@@ -152,19 +152,21 @@ class LicenseFilesController extends Controller
                    ->header('Content-Type', 'text/plain');
            } else {

-                if (request('inline') == 'true') {
-
-                    $headers = [
-                        'Content-Disposition' => 'inline',
-                    ];
-
-                    return Storage::download($file, $log->filename, $headers);
-                }
-
                // We have to override the URL stuff here, since local defaults in Laravel's Flysystem
                // won't work, as they're not accessible via the web
                if (config('filesystems.default') == 'local') { // TODO - is there any way to fix this at the StorageHelper layer?
                    return StorageHelper::downloader($file);
+                } else {
+                    if ($download != 'true') {
+                        \Log::debug('display the file');
+                        if ($contents = file_get_contents(Storage::url($file))) { // TODO - this will fail on private S3 files or large public ones
+                            return Response::make(Storage::url($file)->header('Content-Type', mime_content_type($file)));
+                        }
+
+                        return JsonResponse::create(['error' => 'Failed validation: '], 500);
+                    }
+
+                    return StorageHelper::downloader($file);

                }
            }
@@ -6,8 +6,6 @@ use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Models\Company;
 use App\Models\License;
-use App\Models\LicenseSeat;
-use App\Models\User;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\DB;
@@ -88,7 +86,7 @@ class LicensesController extends Controller
        $license->name              = $request->input('name');
        $license->notes             = $request->input('notes');
        $license->order_number      = $request->input('order_number');
-        $license->purchase_cost     = $request->input('purchase_cost');
+        $license->purchase_cost     = Helper::ParseCurrency($request->input('purchase_cost'));
        $license->purchase_date     = $request->input('purchase_date');
        $license->purchase_order    = $request->input('purchase_order');
        $license->purchase_order    = $request->input('purchase_order');
@@ -166,7 +164,7 @@ class LicensesController extends Controller
        $license->name              = $request->input('name');
        $license->notes             = $request->input('notes');
        $license->order_number      = $request->input('order_number');
-        $license->purchase_cost     = $request->input('purchase_cost');
+        $license->purchase_cost     = Helper::ParseCurrency($request->input('purchase_cost'));
        $license->purchase_date     = $request->input('purchase_date');
        $license->purchase_order    = $request->input('purchase_order');
        $license->reassignable      = $request->input('reassignable', 0);
@@ -207,7 +205,7 @@ class LicensesController extends Controller
        if ($license->assigned_seats_count == 0) {
            // Delete the license and the associated license seats
            DB::table('license_seats')
-                ->where('license_id', $license->id)
+                ->where('id', $license->id)
                ->update(['assigned_to' => null, 'asset_id' => null]);

            $licenseSeats = $license->licenseseats();
@@ -235,40 +233,16 @@ class LicensesController extends Controller
    {
        $license = License::with('assignedusers')->find($licenseId);

-        if (!$license) {
-            return redirect()->route('licenses.index')
-            ->with('error', trans('admin/licenses/message.does_not_exist'));
+        if ($license) {
+            $this->authorize('view', $license);
+
+            return view('licenses/view', compact('license'));
        }

-        $users_count = User::where('autoassign_licenses', '1')->count();
-        $total_seats_count = $license->totalSeatsByLicenseID();
-        $available_seats_count = $license->availCount()->count();
-        $checkedout_seats_count = ($total_seats_count - $available_seats_count);
-
-        \Log::debug('Total: '.$total_seats_count);
-        \Log::debug('Users: '.$users_count);
-        \Log::debug('Available: '.$available_seats_count);
-        \Log::debug('Checkedout: '.$checkedout_seats_count);
-
-
-        $this->authorize('view', $license);
-        return view('licenses.view', compact('license'))
-            ->with('users_count', $users_count)
-            ->with('total_seats_count', $total_seats_count)
-            ->with('available_seats_count', $available_seats_count)
-            ->with('checkedout_seats_count', $checkedout_seats_count);
-
+        return redirect()->route('licenses.index')
+            ->with('error', trans('admin/licenses/message.does_not_exist'));
    }

-
-    /**
-     * Returns a view with prepopulated data for clone
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @param int $licenseId
-     * @return \Illuminate\Http\RedirectResponse
-     * @throws \Illuminate\Auth\Access\AuthorizationException
-     */
    public function getClone($licenseId = null)
    {
        if (is_null($license_to_clone = License::find($licenseId))) {
@@ -79,8 +79,6 @@ class LocationsController extends Controller
        $location->ldap_ou = $request->input('ldap_ou');
        $location->manager_id = $request->input('manager_id');
        $location->user_id = Auth::id();
-        $location->phone = request('phone');
-        $location->fax = request('fax');

        $location = $request->handleImages($location);

@@ -141,8 +139,6 @@ class LocationsController extends Controller
        $location->state = $request->input('state');
        $location->country = $request->input('country');
        $location->zip = $request->input('zip');
-        $location->phone = request('phone');
-        $location->fax = request('fax');
        $location->ldap_ou = $request->input('ldap_ou');
        $location->manager_id = $request->input('manager_id');

@@ -231,36 +227,6 @@ class LocationsController extends Controller

    }

-
-    /**
-     * Returns a view that presents a form to clone a location.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @param int $locationId
-     * @since [v6.0.14]
-     * @return View
-     */
-    public function getClone($locationId = null)
-    {
-        $this->authorize('create', Location::class);
-
-        // Check if the asset exists
-        if (is_null($location_to_clone = Location::find($locationId))) {
-            // Redirect to the asset management page
-            return redirect()->route('licenses.index')->with('error', trans('admin/locations/message.does_not_exist'));
-        }
-
-        $location = clone $location_to_clone;
-
-        // unset these values
-        $location->id = null;
-        $location->image = null;
-
-        return view('locations/edit')
-            ->with('item', $location);
-    }
-
-
    public function print_all_assigned($id)
    {
        if ($location = Location::where('id', $id)->first()) {
@@ -2,12 +2,8 @@

 namespace App\Http\Controllers;

-use App\Helpers\Helper;
 use App\Http\Requests\ImageUploadRequest;
-use App\Models\Actionlog;
-use App\Models\Asset;
 use App\Models\Manufacturer;
-use App\Models\User;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Storage;
@@ -72,7 +68,6 @@ class ManufacturersController extends Controller
        $manufacturer->user_id = Auth::id();
        $manufacturer->url = $request->input('url');
        $manufacturer->support_url = $request->input('support_url');
-        $manufacturer->warranty_lookup_url = $request->input('warranty_lookup_url');
        $manufacturer->support_phone = $request->input('support_phone');
        $manufacturer->support_email = $request->input('support_email');
        $manufacturer = $request->handleImages($manufacturer);
@@ -128,11 +123,10 @@ class ManufacturersController extends Controller
            return redirect()->route('manufacturers.index')->with('error', trans('admin/manufacturers/message.does_not_exist'));
        }

-        // Save the data
+        // Save the  data
        $manufacturer->name = $request->input('name');
        $manufacturer->url = $request->input('url');
        $manufacturer->support_url = $request->input('support_url');
-        $manufacturer->warranty_lookup_url = $request->input('warranty_lookup_url');
        $manufacturer->support_phone = $request->input('support_phone');
        $manufacturer->support_email = $request->input('support_email');

@@ -222,37 +216,22 @@ class ManufacturersController extends Controller
     * @return Redirect
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
-    public function restore($id)
+    public function restore($manufacturers_id)
    {
-        $this->authorize('delete', Manufacturer::class);
+        $this->authorize('create', Manufacturer::class);
+        $manufacturer = Manufacturer::onlyTrashed()->where('id', $manufacturers_id)->first();

-        if ($manufacturer = Manufacturer::withTrashed()->find($id)) {
-
-            if ($manufacturer->deleted_at == '') {
-                return redirect()->back()->with('error', trans('general.not_deleted', ['item_type' => trans('general.manufacturer')]));
-            }
+        if ($manufacturer) {

+            // Not sure why this is necessary - it shouldn't fail validation here, but it fails without this, so....
+            $manufacturer->setValidating(false);
            if ($manufacturer->restore()) {
-                $logaction = new Actionlog();
-                $logaction->item_type = Manufacturer::class;
-                $logaction->item_id = $manufacturer->id;
-                $logaction->created_at = date('Y-m-d H:i:s');
-                $logaction->user_id = Auth::user()->id;
-                $logaction->logaction('restore');
-
-                // Redirect them to the deleted page if there are more, otherwise the section index
-                $deleted_manufacturers = Manufacturer::onlyTrashed()->count();
-                if ($deleted_manufacturers > 0) {
-                    return redirect()->back()->with('success', trans('admin/manufacturers/message.success.restored'));
-                }
                return redirect()->route('manufacturers.index')->with('success', trans('admin/manufacturers/message.restore.success'));
            }

-            // Check validation to make sure we're not restoring an asset with the same asset tag (or unique attribute) as an existing asset
-            return redirect()->back()->with('error', trans('general.could_not_restore', ['item_type' => trans('general.manufacturer'), 'error' => $manufacturer->getErrors()->first()]));
+            return redirect()->back()->with('error', 'Could not restore.');
        }

-        return redirect()->route('manufacturers.index')->with('error', trans('admin/manufacturers/message.does_not_exist'));
-
+        return redirect()->back()->with('error', trans('admin/manufacturers/message.does_not_exist'));
    }
 }
@@ -17,7 +17,7 @@ class ModalController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net]
     * @return View
     */
-    public function show ($type, $itemId = null) {
+    function show ($type, $itemId = null) {

        // These values should correspond to a file in resources/views/modals/
        $allowed_types = [
@@ -8,7 +8,7 @@ use App\Models\Setting;
 use App\Models\User;
 use App\Notifications\CurrentInventory;
 use Illuminate\Support\Facades\Auth;
-use Illuminate\Support\Facades\Gate;
+use Gate;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Hash;
 use Illuminate\Support\Facades\Storage;
@@ -67,9 +67,37 @@ class ProfileController extends Controller
            $user->location_id = $request->input('location_id');
        }

-        // Handle the avatar upload and/or delete if necessary
-        app('\App\Http\Requests\ImageUploadRequest')->handleImages($user, 600, 'avatar', 'avatars', 'avatar');

+        if ($request->input('avatar_delete') == 1) {
+            $user->avatar = null;
+        }
+
+
+        if ($request->hasFile('avatar')) {
+            $path = 'avatars';
+
+            if (! Storage::disk('public')->exists($path)) {
+                Storage::disk('public')->makeDirectory($path, 775);
+            }
+
+            $upload = $image = $request->file('avatar');
+            $ext = $image->getClientOriginalExtension();
+            $file_name = 'avatar-'.str_random(18).'.'.$ext;
+
+            if ($image->getClientOriginalExtension() != 'svg') {
+                $upload = Image::make($image->getRealPath())->resize(84, 84);
+            }
+
+            // This requires a string instead of an object, so we use ($string)
+            Storage::disk('public')->put($path.'/'.$file_name, (string) $upload->encode());
+
+            // Remove Current image if exists
+            if (($user->avatar) && (Storage::disk('public')->exists($path.'/'.$user->avatar))) {
+                Storage::disk('public')->delete($path.'/'.$user->avatar);
+            }
+
+            $user->avatar = $file_name;
+        }

        if ($user->save()) {
            return redirect()->route('profile')->with('success', 'Account successfully updated');
@@ -134,7 +162,6 @@ class ProfileController extends Controller
        ];

        $validator = \Validator::make($request->all(), $rules);
-
        $validator->after(function ($validator) use ($request, $user) {
            if (! Hash::check($request->input('current_password'), $user->password)) {
                $validator->errors()->add('current_password', trans('validation.custom.hashed_pass'));
@@ -160,14 +187,12 @@ class ProfileController extends Controller
        });

        if (! $validator->fails()) {
-
            $user->password = Hash::make($request->input('password'));
-            // We have to use saveQuietly here because for some reason this method was calling the User Oserver twice :(
-            $user->saveQuietly();
-            
+            $user->save();
+
            // Log the user out of other devices
            Auth::logoutOtherDevices($request->input('password'));
-            return redirect()->route('account')->with('success', trans('passwords.password_change'));
+            return redirect()->route('account.password.index')->with('success', 'Password updated!');

        }
        return redirect()->back()->withInput()->withErrors($validator);
@@ -23,7 +23,6 @@ use Input;
 use League\Csv\Reader;
 use Symfony\Component\HttpFoundation\StreamedResponse;
 use League\Csv\EscapeFormula;
-use App\Http\Requests\CustomAssetReportRequest;


 /**
@@ -52,8 +51,9 @@ class ReportsController extends Controller
    public function getAccessoryReport()
    {
        $this->authorize('reports.view');
+        $accessories = Accessory::orderBy('created_at', 'DESC')->with('company')->get();

-        return view('reports/accessories');
+        return view('reports/accessories', compact('accessories'));
    }

    /**
@@ -247,9 +247,6 @@ class ReportsController extends Controller
                trans('general.action'),
                trans('general.type'),
                trans('general.item'),
-                trans('general.license_serial'),
-                trans('general.model_name'),
-                trans('general.model_no'),
                'To',
                trans('general.notes'),
                'Changed',
@@ -288,13 +285,10 @@ class ReportsController extends Controller

                    $row = [
                        $actionlog->created_at,
-                        ($actionlog->admin) ? e($actionlog->admin->getFullNameAttribute()) : '',
+                        ($actionlog->user) ? e($actionlog->user->getFullNameAttribute()) : '',
                        $actionlog->present()->actionType(),
                        e($actionlog->itemType()),
                        ($actionlog->itemType() == 'user') ? $actionlog->filename : $item_name,
-                        ($actionlog->item->serial) ? $actionlog->item->serial : null,
-                        ($actionlog->item->model) ? htmlspecialchars($actionlog->item->model->name, ENT_NOQUOTES) : null,
-                        ($actionlog->item->model) ? $actionlog->item->model->model_number : null,
                        $target_name,
                        ($actionlog->note) ? e($actionlog->note) : '',
                        $actionlog->log_meta,
@@ -410,12 +404,11 @@ class ReportsController extends Controller
     * @since [v1.0]
     * @return \Illuminate\Http\Response
     */
-    public function postCustom(CustomAssetReportRequest $request)
+    public function postCustom(Request $request)
    {
        ini_set('max_execution_time', env('REPORT_TIME_LIMIT', 12000)); //12000 seconds = 200 minutes
        $this->authorize('reports.view');

-
        \Debugbar::disable();
        $customfields = CustomField::get();
        $response = new StreamedResponse(function () use ($customfields, $request) {
@@ -509,6 +502,7 @@ class ReportsController extends Controller
                $header[] = trans('general.zip');
            }

+
            if ($request->filled('assigned_to')) {
                $header[] = trans('admin/hardware/table.checkoutto');
                $header[] = trans('general.type');
@@ -534,53 +528,24 @@ class ReportsController extends Controller
                $header[] = trans('admin/users/table.title');
            }

-            if ($request->filled('phone')) {
-                $header[] = trans('admin/users/table.phone');
-            }
-
-            if ($request->filled('user_address')) {
-                $header[] = trans('admin/reports/general.custom_export.user_address');
-            }
-
-            if ($request->filled('user_city')) {
-                $header[] = trans('admin/reports/general.custom_export.user_city');
-            }
-
-            if ($request->filled('user_state')) {
-                $header[] = trans('admin/reports/general.custom_export.user_state');
-            }
-
-            if ($request->filled('user_country')) {
-                $header[] = trans('admin/reports/general.custom_export.user_country');
-            }
-
-            if ($request->filled('user_zip')) {
-                $header[] = trans('admin/reports/general.custom_export.user_zip');
-            }
-
            if ($request->filled('status')) {
                $header[] = trans('general.status');
            }

            if ($request->filled('warranty')) {
-                $header[] = trans('admin/hardware/form.warranty');
-                $header[] = trans('admin/hardware/form.warranty_expires');
+                $header[] = 'Warranty';
+                $header[] = 'Warranty Expires';
            }
-
            if ($request->filled('depreciation')) {
-                $header[] = trans('admin/hardware/table.book_value');
-                $header[] = trans('admin/hardware/table.diff');
-                $header[] = trans('admin/hardware/form.fully_depreciated');
+                $header[] = 'Value';
+                $header[] = 'Diff';
+                $header[] = 'Fully Depreciated';
            }

            if ($request->filled('checkout_date')) {
                $header[] = trans('admin/hardware/table.checkout_date');
            }

-            if ($request->filled('checkin_date')) {
-                $header[] = trans('admin/hardware/table.last_checkin_date');
-            }
-
            if ($request->filled('expected_checkin')) {
                $header[] = trans('admin/hardware/form.expected_checkin');
            }
@@ -626,28 +591,28 @@ class ReportsController extends Controller
            $executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
            \Log::debug('Added headers: '.$executionTime);

-            $assets = Asset::select('assets.*')->with(
+            $assets = \App\Models\Company::scopeCompanyables(Asset::select('assets.*'))->with(
                'location', 'assetstatus', 'company', 'defaultLoc', 'assignedTo',
                'model.category', 'model.manufacturer', 'supplier');
            
            if ($request->filled('by_location_id')) {
-                $assets->whereIn('assets.location_id', $request->input('by_location_id'));
+                $assets->where('assets.location_id', $request->input('by_location_id'));
            }

            if ($request->filled('by_rtd_location_id')) {
-                $assets->whereIn('assets.rtd_location_id', $request->input('by_rtd_location_id'));
+                $assets->where('assets.rtd_location_id', $request->input('by_rtd_location_id'));
            }

            if ($request->filled('by_supplier_id')) {
-                $assets->whereIn('assets.supplier_id', $request->input('by_supplier_id'));
+                $assets->where('assets.supplier_id', $request->input('by_supplier_id'));
            }

            if ($request->filled('by_company_id')) {
-                $assets->whereIn('assets.company_id', $request->input('by_company_id'));
+                $assets->where('assets.company_id', $request->input('by_company_id'));
            }

            if ($request->filled('by_model_id')) {
-                $assets->whereIn('assets.model_id', $request->input('by_model_id'));
+                $assets->where('assets.model_id', $request->input('by_model_id'));
            }

            if ($request->filled('by_category_id')) {
@@ -667,7 +632,7 @@ class ReportsController extends Controller
            }

            if ($request->filled('by_status_id')) {
-                $assets->whereIn('assets.status_id', $request->input('by_status_id'));
+                $assets->where('assets.status_id', $request->input('by_status_id'));
            }

            if (($request->filled('purchase_start')) && ($request->filled('purchase_end'))) {
@@ -675,35 +640,15 @@ class ReportsController extends Controller
            }

            if (($request->filled('created_start')) && ($request->filled('created_end'))) {
-                $created_start = \Carbon::parse($request->input('created_start'))->startOfDay();
-                $created_end = \Carbon::parse($request->input('created_end'))->endOfDay();
-
-                $assets->whereBetween('assets.created_at', [$created_start, $created_end]);
-            }
-            if (($request->filled('checkout_date_start')) && ($request->filled('checkout_date_end'))) {
-                $checkout_start = \Carbon::parse($request->input('checkout_date_start'))->startOfDay();
-                $checkout_end = \Carbon::parse($request->input('checkout_date_end'))->endOfDay();
-
-                $assets->whereBetween('assets.last_checkout', [$checkout_start, $checkout_end]);
-            }
-
-            if (($request->filled('checkin_date_start'))) {
-                    $assets->whereBetween('last_checkin', [
-                        Carbon::parse($request->input('checkin_date_start'))->startOfDay(),
-                        // use today's date is `checkin_date_end` is not provided
-                        Carbon::parse($request->input('checkin_date_end', now()))->endOfDay(),
-                    ]);
+                $assets->whereBetween('assets.created_at', [$request->input('created_start'), $request->input('created_end')]);
            }

            if (($request->filled('expected_checkin_start')) && ($request->filled('expected_checkin_end'))) {
-                    $assets->whereBetween('assets.expected_checkin', [$request->input('expected_checkin_start'), $request->input('expected_checkin_end')]);
+                $assets->whereBetween('assets.expected_checkin', [$request->input('expected_checkin_start'), $request->input('expected_checkin_end')]);
            }

            if (($request->filled('last_audit_start')) && ($request->filled('last_audit_end'))) {
-                    $last_audit_start = \Carbon::parse($request->input('last_audit_start'))->startOfDay();
-                    $last_audit_end = \Carbon::parse($request->input('last_audit_end'))->endOfDay();
-
-                    $assets->whereBetween('assets.last_audit_date', [$last_audit_start, $last_audit_end]);
+                $assets->whereBetween('assets.last_audit_date', [$request->input('last_audit_start'), $request->input('last_audit_end')]);
            }

            if (($request->filled('next_audit_start')) && ($request->filled('next_audit_end'))) {
@@ -719,7 +664,6 @@ class ReportsController extends Controller
                $assets->onlyTrashed();
            }

-            \Log::debug($assets->toSql());
            $assets->orderBy('assets.id', 'ASC')->chunk(20, function ($assets) use ($handle, $customfields, $request) {
            
                $executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
@@ -774,7 +718,7 @@ class ReportsController extends Controller
                    }

                    if ($request->filled('eol')) {
-                            $row[] = ($asset->asset_eol_date) ? $asset->asset_eol_date : '';
+                        $row[] = ($asset->purchase_date != '') ? $asset->present()->eol_date() : '';
                    }

                    if ($request->filled('order')) {
@@ -858,54 +802,6 @@ class ReportsController extends Controller
                        }
                    }

-                    if ($request->filled('phone')) {
-                        if ($asset->checkedOutToUser()) {
-                            $row[] = ($asset->assignedto) ? $asset->assignedto->phone : '';
-                        } else {
-                            $row[] = ''; // Empty string if unassigned
-                        }
-                    }
-
-                    if ($request->filled('user_address')) {
-                        if ($asset->checkedOutToUser()) {
-                            $row[] = ($asset->assignedto) ? $asset->assignedto->address : '';
-                        } else {
-                            $row[] = ''; // Empty string if unassigned
-                        }
-                    }
-
-                    if ($request->filled('user_city')) {
-                        if ($asset->checkedOutToUser()) {
-                            $row[] = ($asset->assignedto) ? $asset->assignedto->city : '';
-                        } else {
-                            $row[] = ''; // Empty string if unassigned
-                        }
-                    }
-
-                    if ($request->filled('user_state')) {
-                        if ($asset->checkedOutToUser()) {
-                            $row[] = ($asset->assignedto) ? $asset->assignedto->state : '';
-                        } else {
-                            $row[] = ''; // Empty string if unassigned
-                        }
-                    }
-
-                    if ($request->filled('user_country')) {
-                        if ($asset->checkedOutToUser()) {
-                            $row[] = ($asset->assignedto) ? $asset->assignedto->country : '';
-                        } else {
-                            $row[] = ''; // Empty string if unassigned
-                        }
-                    }
-
-                    if ($request->filled('user_zip')) {
-                        if ($asset->checkedOutToUser()) {
-                            $row[] = ($asset->assignedto) ? $asset->assignedto->zip : '';
-                        } else {
-                            $row[] = ''; // Empty string if unassigned
-                        }
-                    }
-
                    if ($request->filled('status')) {
                        $row[] = ($asset->assetstatus) ? $asset->assetstatus->name.' ('.$asset->present()->statusMeta.')' : '';
                    }
@@ -927,12 +823,6 @@ class ReportsController extends Controller
                        $row[] = ($asset->last_checkout) ? $asset->last_checkout : '';
                    }

-                    if ($request->filled('checkin_date')) {
-                        $row[] = ($asset->last_checkin)
-                            ? Carbon::parse($asset->last_checkin)->format('Y-m-d')
-                            : '';
-                    }
-
                    if ($request->filled('expected_checkin')) {
                        $row[] = ($asset->expected_checkin) ? $asset->expected_checkin : '';
                    }
@@ -1009,8 +899,12 @@ class ReportsController extends Controller
    public function getAssetMaintenancesReport()
    {
        $this->authorize('reports.view');
+        // Grab all the improvements
+        $assetMaintenances = AssetMaintenance::with('asset', 'supplier', 'asset.company')
+                                              ->orderBy('created_at', 'DESC')
+                                              ->get();

-        return view('reports.asset_maintenances');
+        return view('reports/asset_maintenances', compact('assetMaintenances'));
    }

    /**
@@ -1101,12 +995,7 @@ class ReportsController extends Controller

        $assetsForReport = $acceptances
            ->filter(function ($acceptance) {
-                $acceptance_checkoutable_flag = false;
-                if ($acceptance->checkoutable){
-                    $acceptance_checkoutable_flag = $acceptance->checkoutable->checkedOutToUser();
-                }
-                
-                return $acceptance->checkoutable_type == 'App\Models\Asset' && $acceptance_checkoutable_flag;
+                return $acceptance->checkoutable_type == 'App\Models\Asset';
            })
            ->map(function($acceptance) {
                return ['assetItem' => $acceptance->checkoutable, 'acceptance' => $acceptance];
@@ -1123,34 +1012,23 @@ class ReportsController extends Controller
     * @throws \Illuminate\Auth\Access\AuthorizationException
     * @version v1.0
     */
-    public function sentAssetAcceptanceReminder(Request $request)
+    public function sentAssetAcceptanceReminder($acceptanceId = null)
    {
        $this->authorize('reports.view');

-        if (!$acceptance = CheckoutAcceptance::pending()->find($request->input('acceptance_id'))) {
-            \Log::debug('No pending acceptances');
+        if (!$acceptance = CheckoutAcceptance::pending()->find($acceptanceId)) {
            // Redirect to the unaccepted assets report page with error
            return redirect()->route('reports/unaccepted_assets')->with('error', trans('general.bad_data'));
        }
-
        $assetItem = $acceptance->checkoutable;

-        \Log::debug(print_r($assetItem, true));
-
        if (is_null($acceptance->created_at)){
-            \Log::debug('No acceptance created_at');
            return redirect()->route('reports/unaccepted_assets')->with('error', trans('general.bad_data'));
        } else {
-            $logItem_res = $assetItem->checkouts()->where('created_at', '=', $acceptance->created_at)->get();
-
-            if ($logItem_res->isEmpty()){
-                \Log::debug('Acceptance date mismatch');
-                return redirect()->route('reports/unaccepted_assets')->with('error', trans('general.bad_data'));
-            }
-            $logItem = $logItem_res[0];
+            $logItem = $assetItem->checkouts()->where('created_at', '=', $acceptance->created_at)->get()[0];
        }

-        if (!$assetItem->assignedTo->locale){
+        if(!$assetItem->assignedTo->locale){
            Notification::locale(Setting::getSettings()->locale)->send(
                $assetItem->assignedTo,
                new CheckoutAssetNotification($assetItem, $assetItem->assignedTo, $logItem->user, $acceptance, $logItem->note)
@@ -1242,6 +1120,8 @@ class ReportsController extends Controller
                $row[]  = str_replace(',', '', e($item['assetItem']->asset_tag));
                $row[]  = str_replace(',', '', e(($item['acceptance']->assignedTo) ? $item['acceptance']->assignedTo->present()->name() : trans('admin/reports/general.deleted_user')));
                $rows[] = implode(',', $row);
+            } else {
+                // Log the error maybe?
            }
        }

@@ -7,7 +7,6 @@ use App\Helpers\StorageHelper;
 use App\Http\Requests\ImageUploadRequest;
 use App\Http\Requests\SettingsSamlRequest;
 use App\Http\Requests\SetupUserRequest;
-use App\Models\CustomField;
 use App\Models\Group;
 use App\Models\Setting;
 use App\Models\Asset;
@@ -27,7 +26,7 @@ use Response;
 use App\Http\Requests\SlackSettingsRequest;
 use Illuminate\Support\Str;
 use Illuminate\Support\Facades\Artisan;
-use Illuminate\Support\Facades\Validator;
+use Validator;

 /**
 * This controller handles all actions related to Settings for
@@ -66,27 +65,18 @@ class SettingsController extends Controller
            $start_settings['db_error'] = $e->getMessage();
        }

-        if (array_key_exists("HTTP_X_FORWARDED_PROTO", $_SERVER)) {
-            $protocol = $_SERVER["HTTP_X_FORWARDED_PROTO"] . "://";
-        } elseif (array_key_exists('HTTPS', $_SERVER) && ('on' == $_SERVER['HTTPS'])) {
-            $protocol = "https://";
-        } else {
-            $protocol = "http://";
-        }
+        $protocol = array_key_exists('HTTPS', $_SERVER) && ('on' == $_SERVER['HTTPS']) ? 'https://' : 'http://';

-        if (array_key_exists("HTTP_X_FORWARDED_HOST", $_SERVER)) {
-            $host = $_SERVER["HTTP_X_FORWARDED_HOST"];
-        } else {
-            $host = array_key_exists('SERVER_NAME', $_SERVER) ? $_SERVER['SERVER_NAME'] : null;
-            $port = array_key_exists('SERVER_PORT', $_SERVER) ? $_SERVER['SERVER_PORT'] : null;
-            if (('http://' === $protocol && '80' != $port) || ('https://' === $protocol && '443' != $port)) {
-                $host .= ':'.$port;
-            }
+        $host = array_key_exists('SERVER_NAME', $_SERVER) ? $_SERVER['SERVER_NAME'] : null;
+        $port = array_key_exists('SERVER_PORT', $_SERVER) ? $_SERVER['SERVER_PORT'] : null;
+        if (('http://' === $protocol && '80' != $port) || ('https://' === $protocol && '443' != $port)) {
+            $host .= ':'.$port;
        }
        $pageURL = $protocol.$host.$_SERVER['REQUEST_URI'];

-        $start_settings['url_config'] = config('app.url').'/setup';
-        $start_settings['url_valid'] = ($start_settings['url_config'] === $pageURL);
+        $start_settings['url_valid'] = (url('/').'/setup' === $pageURL);
+
+        $start_settings['url_config'] = url('/');
        $start_settings['real_url'] = $pageURL;
        $start_settings['php_version_min'] = true;

@@ -121,17 +111,17 @@ class SettingsController extends Controller
            $start_settings['prod'] = true;
        }

-        $start_settings['owner'] = '';
-
        if (function_exists('posix_getpwuid')) { // Probably Linux
            $owner = posix_getpwuid(fileowner($_SERVER['SCRIPT_FILENAME']));
-            // This *should* be an array, but we've seen this return a bool in some chrooted environments
-            if (is_array($owner)) {
-                $start_settings['owner'] = $owner['name'];
-            }
+            $start_settings['owner'] = $owner['name'];
+        } else { // Windows
+            // TODO: Is there a way of knowing if a windows user has elevated permissions
+            // This just gets the user name, which likely isn't 'root'
+            // $start_settings['owner'] = getenv('USERNAME');
+            $start_settings['owner'] = '';
        }

-        if (($start_settings['owner'] === 'root') || ($start_settings['owner'] === '0')) {
+        if (('root' === $start_settings['owner']) || ('0' === $start_settings['owner'])) {
            $start_settings['owner_is_admin'] = true;
        } else {
            $start_settings['owner_is_admin'] = false;
@@ -591,7 +581,6 @@ class SettingsController extends Controller
        $setting->date_display_format = $request->input('date_display_format');
        $setting->time_display_format = $request->input('time_display_format');
        $setting->digit_separator = $request->input('digit_separator');
-        $setting->name_display_format = $request->input('name_display_format');

        if ($setting->save()) {
            return redirect()->route('settings.index')
@@ -690,6 +679,33 @@ class SettingsController extends Controller
        return view('settings.slack', compact('setting'));
    }

+    /**
+     * Return a form to allow a super admin to update settings.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     *
+     * @since [v1.0]
+     *
+     * @return View
+     */
+    public function postSlack(SlackSettingsRequest $request)
+    {
+        if (is_null($setting = Setting::getSettings())) {
+            return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
+        }
+
+        $setting->slack_endpoint = $request->input('slack_endpoint');
+        $setting->slack_channel = $request->input('slack_channel');
+        $setting->slack_botname = $request->input('slack_botname');
+
+        if ($setting->save()) {
+            return redirect()->route('settings.index')
+                ->with('success', trans('admin/settings/message.update.success'));
+        }
+
+        return redirect()->back()->withInput()->withErrors($setting->getErrors());
+    }
+
    /**
     * Return a form to allow a super admin to update settings.
     *
@@ -791,7 +807,7 @@ class SettingsController extends Controller
     */
    public function getPhpInfo()
    {
-        if (config('app.debug') === true) {
+        if (true === config('app.debug')) {
            return view('settings.phpinfo');
        }

@@ -810,10 +826,9 @@ class SettingsController extends Controller
     */
    public function getLabels()
    {
-        return view('settings.labels', [
-            'setting' => Setting::getSettings(),
-            'customFields' => CustomField::all(),
-        ]);
+        $setting = Setting::getSettings();
+
+        return view('settings.labels', compact('setting'));
    }

    /**
@@ -830,14 +845,6 @@ class SettingsController extends Controller
        if (is_null($setting = Setting::getSettings())) {
            return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
        }
-        $setting->label2_enable = $request->input('label2_enable');
-        $setting->label2_template = $request->input('label2_template');
-        $setting->label2_title = $request->input('label2_title');
-        $setting->label2_asset_logo = $request->input('label2_asset_logo');
-        $setting->label2_1d_type = $request->input('label2_1d_type');
-        $setting->label2_2d_type = $request->input('label2_2d_type');
-        $setting->label2_2d_target = $request->input('label2_2d_target');
-        $setting->label2_fields = $request->input('label2_fields');
        $setting->labels_per_page = $request->input('labels_per_page');
        $setting->labels_width = $request->input('labels_width');
        $setting->labels_height = $request->input('labels_height');
@@ -886,7 +893,7 @@ class SettingsController extends Controller
        }

        if ($setting->save()) {
-            return redirect()->route('settings.labels.index')
+            return redirect()->route('settings.index')
                ->with('success', trans('admin/settings/message.update.success'));
        }

@@ -972,7 +979,6 @@ class SettingsController extends Controller
            $setting->ldap_phone_field = $request->input('ldap_phone');
            $setting->ldap_jobtitle = $request->input('ldap_jobtitle');
            $setting->ldap_country = $request->input('ldap_country');
-            $setting->ldap_location = $request->input('ldap_location');
            $setting->ldap_dept = $request->input('ldap_dept');
            $setting->ldap_client_tls_cert   = $request->input('ldap_client_tls_cert');
            $setting->ldap_client_tls_key    = $request->input('ldap_client_tls_key');
@@ -1050,48 +1056,6 @@ class SettingsController extends Controller
        return $pdf_branding;
    }

-
-    /**
-     * Show Google login settings form
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v6.1.1]
-     * @return View
-     */
-    public function getGoogleLoginSettings()
-    {
-        $setting = Setting::getSettings();
-        return view('settings.google', compact('setting'));
-    }
-
-    /**
-     * ShSaveow Google login settings form
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v6.1.1]
-     * @return View
-     */
-    public function postGoogleLoginSettings(Request $request)
-    {
-        if (!config('app.lock_passwords')) {
-            $setting = Setting::getSettings();
-
-            $setting->google_login = $request->input('google_login', 0);
-            $setting->google_client_id = $request->input('google_client_id');
-            $setting->google_client_secret = $request->input('google_client_secret');
-
-            if ($setting->save()) {
-                return redirect()->route('settings.index')
-                    ->with('success', trans('admin/settings/message.update.success'));
-            }
-
-            return redirect()->back()->withInput()->withErrors($setting->getErrors());
-        }
-
-        return redirect()->back()->with('error', trans('general.feature_disabled'));
-    }
-
-
    /**
     * Show the listing of backups.
     *
@@ -1147,7 +1111,7 @@ class SettingsController extends Controller
    public function postBackups()
    {
        if (! config('app.lock_passwords')) {
-            Artisan::call('snipeit:backup', ['--filename' => 'manual-backup-'.date('Y-m-d-H-i-s')]);
+            Artisan::call('backup:run');
            $output = Artisan::output();

            // Backup completed
@@ -1250,11 +1214,13 @@ class SettingsController extends Controller
            if (!$request->hasFile('file')) {
                return redirect()->route('settings.backups.index')->with('error', 'No file uploaded');
            } else {
-
                $max_file_size = Helper::file_upload_max_size();
-                $validator = Validator::make($request->all(), [
+
+                $rules = [
                    'file' => 'required|mimes:zip|max:'.$max_file_size,
-                ]);
+                ];
+
+                $validator = \Validator::make($request->all(), $rules);

                if ($validator->passes()) {

@@ -1265,7 +1231,7 @@ class SettingsController extends Controller
                        return redirect()->route('settings.backups.index')->with('success', 'File uploaded');
                }

-                return redirect()->route('settings.backups.index')->withErrors($validator);
+                return redirect()->route('settings.backups.index')->withErrors($request->getErrors());

            }

@@ -2,7 +2,6 @@

 namespace App\Http\Controllers\Users;

-use App\Events\UserMerged;
 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Models\Accessory;
@@ -14,7 +13,6 @@ use App\Models\LicenseSeat;
 use App\Models\ConsumableAssignment;
 use App\Models\Consumable;
 use App\Models\User;
-use Carbon\Carbon;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\DB;
@@ -23,7 +21,7 @@ use Illuminate\Support\Facades\Password;
 class BulkUsersController extends Controller
 {
    /**
-     * Returns a view that confirms the user's a bulk action will be applied to.
+     * Returns a view that confirms the user's a bulk delete will be applied to.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.7]
@@ -37,32 +35,16 @@ class BulkUsersController extends Controller

        // Make sure there were users selected
        if (($request->filled('ids')) && (count($request->input('ids')) > 0)) {
-
            // Get the list of affected users
            $user_raw_array = request('ids');
            $users = User::whereIn('id', $user_raw_array)
                ->with('groups', 'assets', 'licenses', 'accessories')->get();

-            // bulk edit, display the bulk edit form
            if ($request->input('bulk_actions') == 'edit') {
                return view('users/bulk-edit', compact('users'))
                    ->with('groups', Group::pluck('name', 'id'));
-
-            // bulk delete, display the bulk delete confirmation form
            } elseif ($request->input('bulk_actions') == 'delete') {
                return view('users/confirm-bulk-delete')->with('users', $users)->with('statuslabel_list', Helper::statusLabelList());
-
-            // merge, confirm they have at least 2 users selected and display the merge screen
-            } elseif ($request->input('bulk_actions') == 'merge') {
-
-                if (($request->filled('ids')) && (count($request->input('ids')) > 1)) {
-                    return view('users/confirm-merge')->with('users', $users);
-                // Not enough users selected, send them back
-                } else {
-                    return redirect()->back()->with('error', trans('general.not_enough_users_selected', ['count' => 2]));
-                }
-
-            // bulk password reset, just do the thing
            } elseif ($request->input('bulk_actions') == 'bulkpasswordreset') {
                foreach ($users as $user) {
                    if (($user->activated == '1') && ($user->email != '')) {
@@ -77,7 +59,7 @@ class BulkUsersController extends Controller
            }
        }

-        return redirect()->back()->with('error', trans('general.no_users_selected'));
+        return redirect()->back()->with('error', 'No users selected');
    }

    /**
@@ -94,7 +76,7 @@ class BulkUsersController extends Controller
        $this->authorize('update', User::class);

        if ((! $request->filled('ids')) || $request->input('ids') <= 0) {
-            return redirect()->back()->with('error', trans('general.no_users_selected'));
+            return redirect()->back()->with('error', 'No users selected');
        }
        $user_raw_array = $request->input('ids');

@@ -113,8 +95,7 @@ class BulkUsersController extends Controller
            ->conditionallyAddItem('locale')
            ->conditionallyAddItem('remote')
            ->conditionallyAddItem('ldap_import')
-            ->conditionallyAddItem('activated')
-            ->conditionallyAddItem('autoassign_licenses');
+            ->conditionallyAddItem('activated');


        // If the manager_id is one of the users being updated, generate a warning.
@@ -124,27 +105,6 @@ class BulkUsersController extends Controller
                'warning' => trans('admin/users/message.bulk_manager_warn'),
            ];
        }
-
-        /**
-         * Check to see if the user wants to actually blank out the values vs skip them
-         */
-        if ($request->input('null_location_id')=='1') {
-            $this->update_array['location_id'] = null;
-        }
-
-        if ($request->input('null_department_id')=='1') {
-            $this->update_array['department_id'] = null;
-        }
-
-        if ($request->input('null_manager_id')=='1') {
-            $this->update_array['manager_id'] = null;
-        }
-
-        if ($request->input('null_company_id')=='1') {
-            $this->update_array['company_id'] = null;
-        }
-
-        
        if (! $manager_conflict) {
            $this->conditionallyAddItem('manager_id');
        }
@@ -203,11 +163,11 @@ class BulkUsersController extends Controller
        $this->authorize('update', User::class);

        if ((! $request->filled('ids')) || (count($request->input('ids')) == 0)) {
-            return redirect()->back()->with('error', trans('general.no_users_selected'));
+            return redirect()->back()->with('error', 'No users selected');
        }

        if (config('app.lock_passwords')) {
-            return redirect()->route('users.index')->with('error', trans('general.feature_disabled'));
+            return redirect()->route('users.index')->with('error', 'Bulk delete is not enabled in this installation');
        }

        $user_raw_array = request('ids');
@@ -289,80 +249,4 @@ class BulkUsersController extends Controller
            $logAction->logaction('checkin from');
        }
    }
-
-    /**
-     * Save bulk-edited users
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v1.0]
-     * @param Request $request
-     * @return \Illuminate\Http\RedirectResponse
-     * @throws \Illuminate\Auth\Access\AuthorizationException
-     */
-    public function merge(Request $request)
-    {
-        $this->authorize('update', User::class);
-
-        if (config('app.lock_passwords')) {
-            return redirect()->route('users.index')->with('error', trans('general.feature_disabled'));
-        }
-
-        $user_ids_to_merge = $request->input('ids_to_merge');
-        $user_ids_to_merge = array_diff($user_ids_to_merge, array($request->input('merge_into_id')));
-
-        if ((!$request->filled('merge_into_id')) || (count($user_ids_to_merge) < 1)) {
-            return redirect()->back()->with('error', trans('general.no_users_selected'));
-        }
-
-        // Get the users
-        $merge_into_user = User::find($request->input('merge_into_id'));
-        $users_to_merge = User::whereIn('id', $user_ids_to_merge)->with('assets', 'licenses', 'consumables','accessories')->get();
-        $admin = User::find(Auth::user()->id);
-
-        // Walk users
-        foreach ($users_to_merge as $user_to_merge) {
-
-            foreach ($user_to_merge->assets as $asset) {
-                \Log::debug('Updating asset: '.$asset->asset_tag . ' to '.$merge_into_user->id);
-                $asset->assigned_to = $request->input('merge_into_id');
-                $asset->save();
-            }
-
-            foreach ($user_to_merge->licenses as $license) {
-                \Log::debug('Updating license pivot: '.$license->id . ' to '.$merge_into_user->id);
-                $user_to_merge->licenses()->updateExistingPivot($license->id, ['assigned_to' => $merge_into_user->id]);
-            }
-
-            foreach ($user_to_merge->consumables as $consumable) {
-                \Log::debug('Updating consumable pivot: '.$consumable->id . ' to '.$merge_into_user->id);
-                $user_to_merge->consumables()->updateExistingPivot($consumable->id, ['assigned_to' => $merge_into_user->id]);
-            }
-
-            foreach ($user_to_merge->accessories as $accessory) {
-                $user_to_merge->accessories()->updateExistingPivot($accessory->id, ['assigned_to' => $merge_into_user->id]);
-            }
-
-            foreach ($user_to_merge->userlog as $log) {
-                $log->target_id = $user_to_merge->id;
-                $log->save();
-            }
-
-            User::where('manager_id', '=', $user_to_merge->id)->update(['manager_id' => $merge_into_user->id]);
-
-            foreach ($user_to_merge->managedLocations as $managedLocation) {
-                $managedLocation->manager_id = $merge_into_user->id;
-                $managedLocation->save();
-            }
-
-            $user_to_merge->delete();
-            //$user_to_merge->save();
-
-            event(new UserMerged($user_to_merge, $merge_into_user, $admin));
-
-        }
-
-        return redirect()->route('users.index')->with('success', trans('general.merge_success', ['count' => $users_to_merge->count(), 'into_username' => $merge_into_user->username]));
-
-
-    }
 }
@@ -49,19 +49,15 @@ class LDAPImportController extends Controller
    {
        $this->authorize('update', User::class);
        // Call Artisan LDAP import command.
-
-        Artisan::call('snipeit:ldap-sync', ['--location_id' => $request->input('location_id'), '--json_summary' => true]);
+        $location_id = $request->input('location_id');
+        Artisan::call('snipeit:ldap-sync', ['--location_id' => $location_id, '--json_summary' => true]);

        // Collect and parse JSON summary.
        $ldap_results_json = Artisan::output();
        $ldap_results = json_decode($ldap_results_json, true);
-        if (!$ldap_results) {
-            return redirect()->back()->withInput()->with('error', trans('general.no_results'));
-        }

        // Direct user to appropriate status page.
        if ($ldap_results['error']) {
-
            return redirect()->back()->withInput()->with('error', $ldap_results['error_message']);
        }

--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
snipe	adec86f1ef	Changed the method name, since it will return an entire collection Signed-off-by: snipe <snipe@snipe.net>	2023-01-10 12:18:27 -08:00
snipe	46e17f7e77	Adds the filename for the acceptance PDF to asset payload Signed-off-by: snipe <snipe@snipe.net>	2023-01-10 12:12:08 -08:00
snipe	772d3c1da9	Removed duplicate validation Signed-off-by: snipe <snipe@snipe.net>	2023-01-10 12:12:04 -08:00