Fixed #17642 - location data displaying incrrectly in checkout email intro

Signed-off-by: snipe <snipe@snipe.net>
Undo double-float
2025-08-19 08:40:41 +01:00 · 2025-08-18 15:24:15 +01:00 · 2025-08-18 13:30:53 +01:00 · 2025-08-18 12:47:03 +01:00 · 2025-08-18 12:31:03 +01:00 · 2025-08-18 11:25:55 +01:00
2272 changed files with 52162 additions and 317400 deletions
--- a/.all-contributorsrc
+++ b/.all-contributorsrc
@@ -4180,6 +4180,24 @@
      "contributions": [
        "code"
      ]
+    },
+    {
+      "login": "lukaskraic",
+      "name": "Lukas Kraic",
+      "avatar_url": "https://avatars.githubusercontent.com/u/58696401?v=4",
+      "profile": "https://github.com/lukaskraic",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "mckaygerhard",
+      "name": "Герхард PICCORO Lenz McKAY ",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1571724?v=4",
+      "profile": "https://github-readme-stats.vercel.app/api?username=mckaygerhard",
+      "contributions": [
+        "code"
+      ]
    }
  ]
 }
--- a/.env.docker
+++ b/.env.docker
@@ -28,6 +28,7 @@ PUBLIC_FILESYSTEM_DISK=local_public
 # --------------------------------------------
 DB_CONNECTION=mysql
 DB_HOST=db
+DB_SOCKET=null
 DB_PORT='3306'
 DB_DATABASE=snipeit
 DB_USERNAME=snipeit
@@ -168,6 +169,7 @@ AWS_DEFAULT_REGION=null
 LOGIN_MAX_ATTEMPTS=5
 LOGIN_LOCKOUT_DURATION=60
 RESET_PASSWORD_LINK_EXPIRES=900
+INVITE_PASSWORD_LINK_EXPIRES=1500

 # --------------------------------------------
 # OPTIONAL: MISC
--- a/.env.example
+++ b/.env.example
@@ -24,6 +24,7 @@ PUBLIC_FILESYSTEM_DISK=local_public
 # --------------------------------------------
 DB_CONNECTION=mysql
 DB_HOST=127.0.0.1
+DB_SOCKET=null
 DB_PORT=3306
 DB_DATABASE=null
 DB_USERNAME=null
@@ -174,6 +175,7 @@ LOGIN_AUTOCOMPLETE=false
 RESET_PASSWORD_LINK_EXPIRES=15
 PASSWORD_CONFIRM_TIMEOUT=10800
 PASSWORD_RESET_MAX_ATTEMPTS_PER_MIN=50
+INVITE_PASSWORD_LINK_EXPIRES=1500

 # --------------------------------------------
 # OPTIONAL: MISC
--- a/.github/workflows/codacy-analysis.yml
+++ b/.github/workflows/codacy-analysis.yml
@@ -36,7 +36,7 @@ jobs:

      # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
      - name: Run Codacy Analysis CLI
-        uses: codacy/codacy-analysis-cli-action@v4.4.5
+        uses: codacy/codacy-analysis-cli-action@v4.4.7
        with:
          # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
          # You can also omit the token and run the tools that support default configurations
--- a/CONTRIBUTORS.md
+++ b/CONTRIBUTORS.md
@@ -67,7 +67,8 @@ Thanks goes to all of these wonderful people ([emoji key](https://github.com/ken
 | [<img src="https://avatars.githubusercontent.com/u/80526133?v=4" width="110px;"/><br /><sub>AlexanderWPapyrus</sub>](https://github.com/AlexanderWPapyrus)<br />[💻](https://github.com/snipe/snipe-it/commits?author=AlexanderWPapyrus "Code") | [<img src="https://avatars.githubusercontent.com/u/306231?v=4" width="110px;"/><br /><sub>Alexandr Hacicheant</sub>](https://github.com/disc)<br />[💻](https://github.com/snipe/snipe-it/commits?author=disc "Code") | [<img src="https://avatars.githubusercontent.com/u/3032891?v=4" width="110px;"/><br /><sub>Hex</sub>](https://hex128.io/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=hex128 "Code") | [<img src="https://avatars.githubusercontent.com/u/8697942?v=4" width="110px;"/><br /><sub>Arunas Skirius</sub>](https://github.com/arukompas)<br />[💻](https://github.com/snipe/snipe-it/commits?author=arukompas "Code") | [<img src="https://avatars.githubusercontent.com/u/104396?v=4" width="110px;"/><br /><sub>Ben Periton</sub>](https://github.com/benperiton)<br />[💻](https://github.com/snipe/snipe-it/commits?author=benperiton "Code") | [<img src="https://avatars.githubusercontent.com/u/11906832?v=4" width="110px;"/><br /><sub>Byron Wolfman</sub>](https://wolfman.dev/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=byronwolfman "Code") | [<img src="https://avatars.githubusercontent.com/u/56485508?v=4" width="110px;"/><br /><sub>Calvin</sub>](https://github.com/CalvinSchwartz)<br />[💻](https://github.com/snipe/snipe-it/commits?author=CalvinSchwartz "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/181059?v=4" width="110px;"/><br /><sub>Juan Font</sub>](https://github.com/juanfont)<br />[💻](https://github.com/snipe/snipe-it/commits?author=juanfont "Code") | [<img src="https://avatars.githubusercontent.com/u/13137708?v=4" width="110px;"/><br /><sub>Juho Taipale</sub>](https://github.com/juhotaipale)<br />[💻](https://github.com/snipe/snipe-it/commits?author=juhotaipale "Code") | [<img src="https://avatars.githubusercontent.com/u/1007419?v=4" width="110px;"/><br /><sub>Korvin Szanto</sub>](https://github.com/KorvinSzanto)<br />[💻](https://github.com/snipe/snipe-it/commits?author=KorvinSzanto "Code") | [<img src="https://avatars.githubusercontent.com/u/8513053?v=4" width="110px;"/><br /><sub>Lewis Foster</sub>](https://lewisfoster.foo/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sniff122 "Code") | [<img src="https://avatars.githubusercontent.com/u/33877541?v=4" width="110px;"/><br /><sub>Logan Swartzendruber</sub>](https://github.com/loganswartz)<br />[💻](https://github.com/snipe/snipe-it/commits?author=loganswartz "Code") | [<img src="https://avatars.githubusercontent.com/u/1156208?v=4" width="110px;"/><br /><sub>Lorenzo P.</sub>](https://github.com/lopezio)<br />[💻](https://github.com/snipe/snipe-it/commits?author=lopezio "Code") | [<img src="https://avatars.githubusercontent.com/u/33946590?v=4" width="110px;"/><br /><sub>Lukas Jung</sub>](https://github.com/m4us1ne)<br />[💻](https://github.com/snipe/snipe-it/commits?author=m4us1ne "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/10965027?v=4" width="110px;"/><br /><sub>Ellie</sub>](https://leafedfox.xyz/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=LeafedFox "Code") | [<img src="https://avatars.githubusercontent.com/u/20960555?v=4" width="110px;"/><br /><sub>GA Stamper</sub>](https://github.com/gastamper)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gastamper "Code") | [<img src="https://avatars.githubusercontent.com/u/206553556?v=4" width="110px;"/><br /><sub>Guillaume Lefranc</sub>](https://github.com/gl-pup)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gl-pup "Code") | [<img src="https://avatars.githubusercontent.com/u/733892?v=4" width="110px;"/><br /><sub>Hajo Möller</sub>](https://github.com/dasjoe)<br />[💻](https://github.com/snipe/snipe-it/commits?author=dasjoe "Code") | [<img src="https://avatars.githubusercontent.com/u/3420063?v=4" width="110px;"/><br /><sub>Istvan Basa</sub>](https://github.com/pottom)<br />[💻](https://github.com/snipe/snipe-it/commits?author=pottom "Code") | [<img src="https://avatars.githubusercontent.com/u/810824?v=4" width="110px;"/><br /><sub>JJ Asghar</sub>](https://jjasghar.github.io/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jjasghar "Code") | [<img src="https://avatars.githubusercontent.com/u/40404495?v=4" width="110px;"/><br /><sub>James E. Msenga</sub>](https://github.com/JemCdo)<br />[💻](https://github.com/snipe/snipe-it/commits?author=JemCdo "Code") |
-| [<img src="https://avatars.githubusercontent.com/u/6865786?v=4" width="110px;"/><br /><sub>Jan Felix Wiebe</sub>](https://github.com/jfwiebe)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jfwiebe "Code") | [<img src="https://avatars.githubusercontent.com/u/43412008?v=4" width="110px;"/><br /><sub>Jo Drexl</sub>](https://www.nfon.com/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=drexljo "Code") | [<img src="https://avatars.githubusercontent.com/u/4807843?v=4" width="110px;"/><br /><sub>Austin Sasko</sub>](https://github.com/austinsasko)<br />[💻](https://github.com/snipe/snipe-it/commits?author=austinsasko "Code") | [<img src="https://avatars.githubusercontent.com/u/4875039?v=4" width="110px;"/><br /><sub>Jasson</sub>](http://jassoncordones.github.io)<br />[💻](https://github.com/snipe/snipe-it/commits?author=JassonCordones "Code") | [<img src="https://avatars.githubusercontent.com/u/76069640?v=4" width="110px;"/><br /><sub>Okean</sub>](https://github.com/Tinyblargon)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Tinyblargon "Code") | [<img src="https://avatars.githubusercontent.com/u/6515064?v=4" width="110px;"/><br /><sub>Alejandro Medrano</sub>](https://www.lst.tfo.upm.es/alejandro-medrano/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=amedranogil "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/6865786?v=4" width="110px;"/><br /><sub>Jan Felix Wiebe</sub>](https://github.com/jfwiebe)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jfwiebe "Code") | [<img src="https://avatars.githubusercontent.com/u/43412008?v=4" width="110px;"/><br /><sub>Jo Drexl</sub>](https://www.nfon.com/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=drexljo "Code") | [<img src="https://avatars.githubusercontent.com/u/4807843?v=4" width="110px;"/><br /><sub>Austin Sasko</sub>](https://github.com/austinsasko)<br />[💻](https://github.com/snipe/snipe-it/commits?author=austinsasko "Code") | [<img src="https://avatars.githubusercontent.com/u/4875039?v=4" width="110px;"/><br /><sub>Jasson</sub>](http://jassoncordones.github.io)<br />[💻](https://github.com/snipe/snipe-it/commits?author=JassonCordones "Code") | [<img src="https://avatars.githubusercontent.com/u/76069640?v=4" width="110px;"/><br /><sub>Okean</sub>](https://github.com/Tinyblargon)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Tinyblargon "Code") | [<img src="https://avatars.githubusercontent.com/u/6515064?v=4" width="110px;"/><br /><sub>Alejandro Medrano</sub>](https://www.lst.tfo.upm.es/alejandro-medrano/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=amedranogil "Code") | [<img src="https://avatars.githubusercontent.com/u/58696401?v=4" width="110px;"/><br /><sub>Lukas Kraic</sub>](https://github.com/lukaskraic)<br />[💻](https://github.com/snipe/snipe-it/commits?author=lukaskraic "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/1571724?v=4" width="110px;"/><br /><sub>Герхард PICCORO Lenz McKAY </sub>](https://github-readme-stats.vercel.app/api?username=mckaygerhard)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mckaygerhard "Code") |
 <!-- ALL-CONTRIBUTORS-LIST:END -->

 This project follows the [all-contributors](https://github.com/kentcdodds/all-contributors) specification. Contributions of any kind welcome!
--- a/app/Console/Commands/CleanIncorrectCheckoutAcceptances.php
+++ b/app/Console/Commands/CleanIncorrectCheckoutAcceptances.php
@@ -0,0 +1,68 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\CheckoutAcceptance;
+use App\Models\LicenseSeat;
+use App\Models\User;
+use Illuminate\Console\Command;
+
+class CleanIncorrectCheckoutAcceptances extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:clean-checkout-acceptances';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = "Delete checkout acceptances for checkouts to non-users";
+
+    /**
+     * Execute the console command.
+     */
+    public function handle()
+    {
+        $deletions = 0;
+        $skips = 0;
+
+        // This walks *every* checkoutacceptance. That's gnarly. But necessary
+        $this->withProgressBar(CheckoutAcceptance::all(), function ($checkoutAcceptance) use (&$deletions, &$skips) {
+            $item = $checkoutAcceptance->checkoutable;
+            $checkout_to_id = $checkoutAcceptance->assigned_to_id;
+            if(is_null($item)) {
+                $this->info("'Checkoutable' Item is null, going to next record");
+                return; //'false' allegedly breaks execution entirely, so 'true' maybe doesn't? hrm. just straight return maybe?
+            }
+            if(get_class($item) == LicenseSeat::class) {
+                $item = $item->license;
+            }
+            foreach($item->assetlog()->where('action_type','checkout')->get() as $assetlog) {
+                if ($assetlog->target_id == $checkout_to_id && $assetlog->target_type != User::class) {
+                    //We have a checkout-to an ID for a non-User, which matches to an ID in the checkout_acceptances table
+
+                    //now, let's compare the _times_ - are they close?
+                    //I'm picking `created_at` over `action_date` because I'm more interested in when the actionlogs
+                    //were _created_, not when they were alleged to have happened - those created_at times need to be within 'X' seconds of
+                    //each other (currently 5)
+                    if ($assetlog->created_at->diffInSeconds($checkoutAcceptance->created_at, true) <= 5) { //we're allowing for five _ish_ seconds of slop
+                        $deletions++;
+                        $checkoutAcceptance->forceDelete(); // HARD delete this record; it should have never been
+                        return;
+                    } else {
+                        //$this->info("The two records are too far apart");
+                    }
+                } else {
+                    //$this->info("No match! checkout to id: " . $checkout_to_id." target_id: ".$assetlog->target_id." target_type: ".$assetlog->target_type);
+                }
+            }
+            $skips++;
+        });
+        $this->error("Final deletion count: $deletions, and skip count: $skips");
+    }
+}
--- a/app/Console/Commands/CleanOldCheckoutRequests.php
+++ b/app/Console/Commands/CleanOldCheckoutRequests.php
@@ -0,0 +1,74 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\CheckoutRequest;
+use Illuminate\Console\Command;
+
+class CleanOldCheckoutRequests extends Command
+{
+    private int $deletions = 0;
+    private int $skips = 0;
+
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:clean-old-checkout-requests';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Removes checkout requests that reference deleted assets or users.';
+
+    /**
+     * Execute the console command.
+     */
+    public function handle()
+    {
+        $requests = CheckoutRequest::with([
+            'user' => function ($query) {
+                $query->withTrashed();
+            },
+            'requestedItem' => function ($query) {
+                $query->withTrashed();
+            },
+        ])->get();
+
+        $this->info("Processing {$requests->count()} checkout requests");
+
+        $this->withProgressBar($requests, function ($request) {
+            if ($this->shouldForceDelete($request)) {
+                $request->forceDelete();
+                $this->deletions++;
+                return;
+            }
+
+            if ($this->shouldSoftDelete($request)) {
+                $request->delete();
+                $this->deletions++;
+                return;
+            }
+
+            $this->skips++;
+        });
+
+        $this->info("Final deletion count: $this->deletions, and skip count: $this->skips");
+
+        return 0;
+    }
+
+    private function shouldForceDelete(CheckoutRequest $request)
+    {
+        // check if the requestable or user relationship is null
+        return !$request->requestable || !$request->user;
+    }
+
+    private function shouldSoftDelete(CheckoutRequest $request)
+    {
+        return $request->requestable->trashed() || $request->user->trashed();
+    }
+}
--- a/app/Console/Commands/LdapSync.php
+++ b/app/Console/Commands/LdapSync.php
@@ -182,7 +182,7 @@ class LdapSync extends Command
            // Inject location information fields
            for ($i = 0; $i < $results['count']; $i++) {
                $results[$i]['ldap_location_override'] = false;
-                $results[$i]['location_id'] = 0;
+                $results[$i]['location_id'] = null;
            }

            // Grab subsets based on location-specific DNs, and overwrite location for these users.
--- a/app/Console/Commands/MoveUploadsToNewDisk.php
+++ b/app/Console/Commands/MoveUploadsToNewDisk.php
@@ -96,7 +96,7 @@ class MoveUploadsToNewDisk extends Command
        $private_uploads['assets'] = glob('storage/private_uploads/assets'."/*.*");
        $private_uploads['signatures'] = glob('storage/private_uploads/signatures'."/*.*");
        $private_uploads['audits'] = glob('storage/private_uploads/audits'."/*.*");
-        $private_uploads['assetmodels'] = glob('storage/private_uploads/assetmodels'."/*.*");
+        $private_uploads['assetmodels'] = glob('storage/private_uploads/models'."/*.*");
        $private_uploads['imports'] = glob('storage/private_uploads/imports'."/*.*");
        $private_uploads['licenses'] = glob('storage/private_uploads/licenses'."/*.*");
        $private_uploads['users'] = glob('storage/private_uploads/users'."/*.*");
--- a/app/Console/Commands/PaveIt.php
+++ b/app/Console/Commands/PaveIt.php
@@ -4,7 +4,7 @@ namespace App\Console\Commands;

 use App\Models\Asset;
 use App\Models\CustomField;
-use Schema;
+use Illuminate\Support\Facades\Schema;
 use Illuminate\Support\Facades\DB;
 use Illuminate\Console\Command;

@@ -66,8 +66,8 @@ class PaveIt extends Command
        foreach ($custom_fields as $custom_field) {
            $this->info('DROP the '.$custom_field->db_column.' column from assets as well.');

-            if (\Schema::hasColumn('assets', $custom_field->db_column)) {
-                \Schema::table('assets', function ($table) use ($custom_field) {
+            if (Schema::hasColumn('assets', $custom_field->db_column)) {
+                Schema::table('assets', function ($table) use ($custom_field) {
                    $table->dropColumn($custom_field->db_column);
                });
            }
@@ -84,8 +84,8 @@ class PaveIt extends Command
        }

        // Leave in the demo oauth keys so we don't have to reset them every day in the demos
-        \DB::statement('delete from oauth_clients WHERE id > 2');
-        \DB::statement('delete from oauth_access_tokens WHERE id > 2');
+        DB::statement('delete from oauth_clients WHERE id > 2');
+        DB::statement('delete from oauth_access_tokens WHERE user_id > 2');
    
    }
 }
--- a/app/Console/Commands/Purge.php
+++ b/app/Console/Commands/Purge.php
@@ -62,19 +62,19 @@ class Purge extends Command
            $assetcount = $assets->count();
            $this->info($assets->count().' assets purged.');
            $asset_assoc = 0;
-            $asset_maintenances = 0;
+            $maintenances = 0;

            foreach ($assets as $asset) {
                $this->info('- Asset "'.$asset->present()->name().'" deleted.');
                $asset_assoc += $asset->assetlog()->count();
                $asset->assetlog()->forceDelete();
-                $asset_maintenances += $asset->assetmaintenances()->count();
-                $asset->assetmaintenances()->forceDelete();
+                $maintenances += $asset->maintenances()->count();
+                $asset->maintenances()->forceDelete();
                $asset->forceDelete();
            }

            $this->info($asset_assoc.' corresponding log records purged.');
-            $this->info($asset_maintenances.' corresponding maintenance records purged.');
+            $this->info($maintenances.' corresponding maintenance records purged.');

            $locations = Location::whereNotNull('deleted_at')->withTrashed()->get();
            $this->info($locations->count().' locations purged.');
--- a/app/Console/Commands/RestoreFromBackup.php
+++ b/app/Console/Commands/RestoreFromBackup.php
@@ -243,6 +243,8 @@ class RestoreFromBackup extends Command
        $private_dirs = [
            'storage/private_uploads/accessories',
            'storage/private_uploads/assetmodels',
+            'storage/private_uploads/maintenances',
+            'storage/private_uploads/models',
            'storage/private_uploads/assets', // these are asset _files_, not the pictures.
            'storage/private_uploads/audits',
            'storage/private_uploads/components',
@@ -260,9 +262,10 @@ class RestoreFromBackup extends Command
        ];
        $public_dirs = [
            'public/uploads/accessories',
+            'public/uploads/assetmodels',
+            'public/uploads/maintenances',
            'public/uploads/assets', // these are asset _pictures_, not asset files
            'public/uploads/avatars',
-            //'public/uploads/barcodes', // we don't want this, let the barcodes be regenerated
            'public/uploads/categories',
            'public/uploads/companies',
            'public/uploads/components',
@@ -329,9 +332,9 @@ class RestoreFromBackup extends Command
                    }
                }
            }
-            $good_extensions = ['png', 'gif', 'jpg', 'svg', 'jpeg', 'doc', 'docx', 'pdf', 'txt',
-                                'zip', 'rar', 'xls', 'xlsx', 'lic', 'xml', 'rtf', 'webp', 'key', 'ico', 'avif'
-            ];
+
+            $good_extensions = config('filesystems.allowed_upload_extensions_array');
+
            foreach (array_merge($private_files, $public_files) as $file) {
                $has_wildcard = (strpos($file, '*') !== false);
                if ($has_wildcard) {
--- a/app/Exceptions/Handler.php
+++ b/app/Exceptions/Handler.php
@@ -116,18 +116,35 @@ class Handler extends ExceptionHandler
                        return response()->json(Helper::formatStandardApiResponse('error', null, 'Method not allowed'), 405);
                    default:
                        return response()->json(Helper::formatStandardApiResponse('error', null, $statusCode), $statusCode);
+                }

            }
+
+            // This handles API validation exceptions that happen at the Form Request level, so they
+            // never even get to the controller where we normally  nicely format JSON responses
+            if ($e instanceof ValidationException) {
+                $response = $this->invalidJson($request, $e);
+                return response()->json(Helper::formatStandardApiResponse('error', null,  $e->errors()), 200);
            }
+
        }


        // This is traaaaash but it handles models that are not found while using route model binding :(
        // The only alternative is to set that at *each* route, which is crazypants
        if ($e instanceof \Illuminate\Database\Eloquent\ModelNotFoundException) {
+            $ids = method_exists($e, 'getIds') ? $e->getIds() : [];
+
+            if (in_array('bulkedit', $ids, true)) {
+            $error_array = session()->get('bulk_asset_errors');
+                return redirect()
+                    ->route('hardware.index')
+                    ->withErrors($error_array, 'bulk_asset_errors')
+                    ->withInput();
+            }

            // This gets the MVC model name from the exception and formats in a way that's less fugly
-            $model_name = strtolower(implode(" ", preg_split('/(?=[A-Z])/', last(explode('\\', $e->getModel())))));
+            $model_name = trim(strtolower(implode(" ", preg_split('/(?=[A-Z])/', last(explode('\\', $e->getModel()))))));
            $route = str_plural(strtolower(last(explode('\\', $e->getModel())))).'.index';

            // Sigh.
@@ -143,9 +160,7 @@ class Handler extends ExceptionHandler
                $route = 'maintenances.index';
            } elseif ($route === 'licenseseats.index') {
                $route = 'licenses.index';
-            } elseif ($route === 'customfields.index') {
-                $route = 'fields.index';
-            } elseif ($route === 'customfieldsets.index') {
+            } elseif (($route === 'customfieldsets.index') || ($route === 'customfields.index')) {
                $route = 'fields.index';
            }

--- a/app/Helpers/Helper.php
+++ b/app/Helpers/Helper.php
@@ -13,6 +13,7 @@ use App\Models\Setting;
 use App\Models\Statuslabel;
 use App\Models\License;
 use App\Models\Location;
+use Illuminate\Http\RedirectResponse;
 use Illuminate\Support\Facades\Crypt;
 use Illuminate\Contracts\Encryption\DecryptException;
 use Carbon\Carbon;
@@ -876,6 +877,48 @@ class Helper
        return false;
    }

+    /**
+     * Check if the file is a video, so we can show a preview
+     *
+     * @param File $file
+     * @return string | Boolean
+     * @author [B. Wetherington] [<bwetherington@grokability.com>]
+     * @since [v8.1.18]
+     */
+    public static function checkUploadIsVideo($file)
+    {
+        $finfo = @finfo_open(FILEINFO_MIME_TYPE); // return mime type ala mimetype extension
+        $filetype = @finfo_file($finfo, $file);
+        finfo_close($finfo);
+
+        if (($filetype == 'video/mp4') || ($filetype == 'video/quicktime') || ($filetype == 'video/mpeg') || ($filetype == 'video/ogg') || ($filetype == 'video/webm') || ($filetype == 'video/x-msvide')) {
+            return $filetype;
+        }
+
+        return false;
+    }
+
+    /**
+     * Check if the file is audio, so we can show a preview
+     *
+     * @param File $file
+     * @return string | Boolean
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     */
+    public static function checkUploadIsAudio($file)
+    {
+        $finfo = @finfo_open(FILEINFO_MIME_TYPE); // return mime type ala mimetype extension
+        $filetype = @finfo_file($finfo, $file);
+        finfo_close($finfo);
+
+        if (($filetype == 'audio/mpeg') || ($filetype == 'audio/ogg')) {
+            return $filetype;
+        }
+
+        return false;
+    }
+
    /**
     * Walks through the permissions in the permissions config file and determines if
     * permissions are granted based on a $selected_arr array.
@@ -1170,6 +1213,15 @@ class Helper
            // Misc
            'pdf'   => 'far fa-file-pdf',
            'lic'   => 'far fa-save',
+
+            // video
+            'mov'   => 'fa-solid fa-video',
+            'mp4'   => 'fa-solid fa-video',
+
+            // audio
+            'ogg'   => 'fa-solid fa-file-audio',
+            'mp3'   => 'fa-solid fa-file-audio',
+            'wav'   => 'fa-solid fa-file-audio',
        ];

        if ($extension && array_key_exists($extension, $allowedExtensionMap)) {
@@ -1480,68 +1532,59 @@ class Helper
    }


-    static public function getRedirectOption($request, $id, $table, $item_id = null)
+    static public function getRedirectOption($request, $id, $table, $item_id = null) : RedirectResponse
    {

-        $redirect_option = Session::get('redirect_option');
-        $checkout_to_type = Session::get('checkout_to_type');
+        $redirect_option = Session::get('redirect_option') ?? $request->redirect_option;
+        $checkout_to_type = Session::get('checkout_to_type') ?? null;
        $checkedInFrom = Session::get('checkedInFrom');
        $other_redirect = Session::get('other_redirect');
+        $backUrl = Session::pull('back_url', route('home'));
+
+       // return to previous page
+        if ($redirect_option === 'back') {
+            return redirect()->to($backUrl);
+        }

        // return to index
        if ($redirect_option == 'index') {
-            switch ($table) {
-                case "Assets":
-                    return route('hardware.index');
-                case "Users":
-                    return route('users.index');
-                case "Licenses":
-                    return route('licenses.index');
-                case "Accessories":
-                    return route('accessories.index');
-                case "Components":
-                    return route('components.index');
-                case "Consumables":
-                    return route('consumables.index');
-            }
+            return match ($table) {
+                'Assets' => redirect()->route('hardware.index'),
+                'Users' => redirect()->route('users.index'),
+                'Licenses' => redirect()->route('licenses.index'),
+                'Accessories' => redirect()->route('accessories.index'),
+                'Components' => redirect()->route('components.index'),
+                'Consumables' => redirect()->route('consumables.index'),
+            };
        }

        // return to thing being assigned
        if ($redirect_option == 'item') {
-            switch ($table) {
-                case "Assets":
-                    return route('hardware.show', $id ?? $item_id);
-                case "Users":
-                    return route('users.show', $id ?? $item_id);
-                case "Licenses":
-                    return route('licenses.show', $id ?? $item_id);
-                case "Accessories":
-                    return route('accessories.show', $id ?? $item_id);
-                case "Components":
-                    return route('components.show', $id ?? $item_id);
-                case "Consumables":
-                    return route('consumables.show', $id ?? $item_id);
-            }
+            return match ($table) {
+                'Assets'      => redirect()->route('hardware.show', $id ?? $item_id),
+                'Users'       => redirect()->route('users.show', $id ?? $item_id),
+                'Licenses'    => redirect()->route('licenses.show', $id ?? $item_id),
+                'Accessories' => redirect()->route('accessories.show', $id ?? $item_id),
+                'Components'  => redirect()->route('components.show', $id ?? $item_id),
+                'Consumables' => redirect()->route('consumables.show', $id ?? $item_id),
+            };
        }

        // return to assignment target
        if ($redirect_option == 'target') {
-            switch ($checkout_to_type) {
-                case 'user':
-                    return route('users.show', $request->assigned_user ?? $checkedInFrom);
-                case 'location':
-                    return route('locations.show', $request->assigned_location ?? $checkedInFrom);
-                case 'asset':
-                    return route('hardware.show', $request->assigned_asset ?? $checkedInFrom);
-            }
+            return match ($checkout_to_type) {
+                'user'     => redirect()->route('users.show', $request->assigned_user ?? $checkedInFrom),
+                'location' => redirect()->route('locations.show', $request->assigned_location ?? $checkedInFrom),
+                'asset'    => redirect()->route('hardware.show', $request->assigned_asset ?? $checkedInFrom),
+            };
        }

        // return to somewhere else
        if ($redirect_option == 'other_redirect') {
-            switch ($other_redirect) {
-                case 'audit':
-                    return route('assets.audit.due');
-            }
+            return match ($other_redirect) {
+                'audit' => redirect()->route('assets.audit.due'),
+                'model' => redirect()->route('models.show', $request->model_id),
+            };

        }

--- a/app/Helpers/IconHelper.php
+++ b/app/Helpers/IconHelper.php
@@ -43,6 +43,8 @@ class IconHelper
                return 'fa-regular fa-envelope';
            case 'phone':
                return 'fa-solid fa-phone';
+            case 'mobile':
+                return 'fas fa-mobile-screen-button';
            case 'long-arrow-right':
                return 'fas fa-long-arrow-alt-right';
            case 'download':
@@ -151,6 +153,7 @@ class IconHelper
            case 'location':
                return 'fas fa-map-marker-alt';
            case 'superadmin':
+            case 'admin':
                return 'fas fa-crown';
            case 'print':
                return 'fa-solid fa-print';
--- a/app/Helpers/StorageHelper.php
+++ b/app/Helpers/StorageHelper.php
@@ -27,6 +27,36 @@ class StorageHelper
        }
    }

+    public static function getMediaType($file_with_path) {
+
+        // The file exists and is allowed to be displayed inline
+        if (Storage::exists($file_with_path)) {
+            $fileinfo = pathinfo($file_with_path);
+            $extension = strtolower($fileinfo['extension']);
+            switch ($extension) {
+                case 'avif':
+                case 'jpg':
+                case 'png':
+                case 'gif':
+                case 'svg':
+                case 'webp':
+                    return 'image';
+                case 'pdf':
+                    return 'pdf';
+                case 'mp3':
+                case 'wav':
+                case 'ogg':
+                    return 'audio';
+                case 'mp4':
+                case 'webm':
+                case 'mov':
+                    return 'video';
+                default:
+                    return $extension; // Default for unknown types
+            }
+        }
+        return null;
+    }

    /**
     * This determines the file types that should be allowed inline and checks their fileinfo extension
@@ -37,17 +67,24 @@ class StorageHelper
     * @param  $file_with_path
     * @return bool
     */
-    public static function allowSafeInline($file_with_path) {
+    public static function allowSafeInline($file_with_path)
+    {

        $allowed_inline = [
-            'pdf',
-            'svg',
-            'jpg',
-            'gif',
-            'svg',
            'avif',
-            'webp',
+            'gif',
+            'gif',
+            'jpg',
+            'mov',
+            'mp3',
+            'mp4',
+            'ogg',
+            'pdf',
            'png',
+            'svg',
+            'wav',
+            'webm',
+            'webp',
        ];


@@ -59,10 +96,24 @@ class StorageHelper

    }

+    public static function getFiletype($file_with_path)
+    {
+
+        // The file exists and is allowed to be displayed inline
+        if (Storage::exists($file_with_path)) {
+            return pathinfo($file_with_path, PATHINFO_EXTENSION);
+        }
+
+        return null;
+
+    }
+
+
    /**
     * Decide whether to show the file inline or download it.
     */
-    public static function showOrDownloadFile($file, $filename) {
+    public static function showOrDownloadFile($file, $filename)
+    {

        $headers = [];

--- a/app/Http/Controllers/Accessories/AccessoriesController.php
+++ b/app/Http/Controllers/Accessories/AccessoriesController.php
@@ -77,13 +77,30 @@ class AccessoriesController extends Controller
        $accessory->supplier_id             = request('supplier_id');
        $accessory->notes                   = request('notes');

-        $accessory = $request->handleImages($accessory);
+        if ($request->has('use_cloned_image')) {
+            $cloned_model_img = Accessory::select('image')->find($request->input('clone_image_from_id'));
+            if ($cloned_model_img) {
+                $new_image_name = 'clone-'.date('U').'-'.$cloned_model_img->image;
+                $new_image = 'accessories/'.$new_image_name;
+                Storage::disk('public')->copy('accessories/'.$cloned_model_img->image, $new_image);
+                $accessory->image = $new_image_name;
+            }

+        } else {
+            $accessory = $request->handleImages($accessory);
+        }
+
+        if($request->get('redirect_option') === 'back'){
+            session()->put(['redirect_option' => 'index']);
+        } else {
            session()->put(['redirect_option' => $request->get('redirect_option')]);
+        }
+
        // Was the accessory created?
        if ($accessory->save()) {
            // Redirect to the new accessory  page
-            return redirect()->to(Helper::getRedirectOption($request, $accessory->id, 'Accessories'))->with('success', trans('admin/accessories/message.create.success'));
+            return Helper::getRedirectOption($request, $accessory->id, 'Accessories')
+                ->with('success', trans('admin/accessories/message.create.success'));
        }

        return redirect()->back()->withInput()->withErrors($accessory->getErrors());
@@ -113,11 +130,12 @@ class AccessoriesController extends Controller

        $this->authorize('create', Accessory::class);
        $cloned = clone $accessory;
+        $accessory_to_clone = $accessory;
        $cloned->id = null;
        $cloned->deleted_at = '';
-        $cloned->location_id = null;

        return view('accessories/edit')
+            ->with('cloned_model', $accessory_to_clone)
            ->with('item', $cloned);
        
    }
@@ -167,7 +185,8 @@ class AccessoriesController extends Controller
            session()->put(['redirect_option' => $request->get('redirect_option')]);

            if ($accessory->save()) {
-                return redirect()->to(Helper::getRedirectOption($request, $accessory->id, 'Accessories'))->with('success', trans('admin/accessories/message.update.success'));
+                return Helper::getRedirectOption($request, $accessory->id, 'Accessories')
+                    ->with('success', trans('admin/accessories/message.update.success'));
            }
        } else {
            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
--- a/app/Http/Controllers/Accessories/AccessoriesFilesController.php
+++ b/app/Http/Controllers/Accessories/AccessoriesFilesController.php
@@ -1,132 +0,0 @@
-<?php
-
-namespace App\Http\Controllers\Accessories;
-
-use App\Helpers\StorageHelper;
-use App\Http\Controllers\Controller;
-use App\Http\Requests\UploadFileRequest;
-use App\Models\Actionlog;
-use App\Models\Accessory;
-use Illuminate\Support\Facades\Storage;
-use Illuminate\Support\Facades\Log;
-use \Illuminate\Contracts\View\View;
-use \Illuminate\Http\RedirectResponse;
-use Illuminate\Support\Facades\Response;
-use Symfony\Component\HttpFoundation\BinaryFileResponse;
-use Symfony\Component\HttpFoundation\StreamedResponse;
-
-class AccessoriesFilesController extends Controller
-{
-    /**
-     * Validates and stores files associated with a accessory.
-     *
-     * @param UploadFileRequest $request
-     * @param int $accessoryId
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v1.0]
-     * @todo Switch to using the AssetFileRequest form request validator.
-     */
-    public function store(UploadFileRequest $request, $accessoryId = null) : RedirectResponse
-    {
-
-        if (config('app.lock_passwords')) {
-            return redirect()->route('accessories.show', ['accessory'=>$accessoryId])->with('error', trans('general.feature_disabled'));
-        }
-
-        $accessory = Accessory::find($accessoryId);
-
-        if (isset($accessory->id)) {
-            $this->authorize('accessories.files', $accessory);
-
-            if ($request->hasFile('file')) {
-                if (! Storage::exists('private_uploads/accessories')) {
-                    Storage::makeDirectory('private_uploads/accessories', 775);
-                }
-
-                foreach ($request->file('file') as $file) {
-
-                    $file_name = $request->handleFile('private_uploads/accessories/', 'accessory-'.$accessory->id, $file);
-                    //Log the upload to the log
-                    $accessory->logUpload($file_name, e($request->input('notes')));
-                }
-
-
-                return redirect()->route('accessories.show', $accessory->id)->withFragment('files')->with('success', trans('general.file_upload_success'));
-
-            }
-
-            return redirect()->route('accessories.show', $accessory->id)->withFragment('files')->with('error', trans('general.no_files_uploaded'));
-        }
-        // Prepare the error message
-        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
-
-    }
-
-    /**
-     * Deletes the selected accessory file.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v1.0]
-     * @param int $accessoryId
-     * @param int $fileId
-     */
-    public function destroy($accessoryId = null, $fileId = null) : RedirectResponse
-    {
-        if ($accessory = Accessory::find($accessoryId)) {
-            $this->authorize('update', $accessory);
-
-            if ($log = Actionlog::find($fileId)) {
-
-                if (Storage::exists('private_uploads/accessories/'.$log->filename)) {
-                    try {
-                        Storage::delete('private_uploads/accessories/' . $log->filename);
-                        $log->delete();
-                        return redirect()->back()->withFragment('files')->with('success', trans('admin/hardware/message.deletefile.success'));
-                    } catch (\Exception $e) {
-                        Log::debug($e);
-                        return redirect()->route('accessories.index')->with('error', trans('general.file_does_not_exist'));
-                    }
-                }
-
-            }
-            return redirect()->route('accessories.show', ['accessory' => $accessory])->withFragment('files')->with('error',  trans('general.log_record_not_found'));
-        }
-
-        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
-    }
-
-    /**
-     * Allows the selected file to be viewed.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v1.4]
-     * @param int $accessoryId
-     * @param int $fileId
-     */
-    public function show($accessoryId = null, $fileId = null) : View | RedirectResponse | Response | BinaryFileResponse | StreamedResponse
-    {
-
-
-        // the accessory is valid
-        if ($accessory = Accessory::find($accessoryId)) {
-            $this->authorize('view', $accessory);
-            $this->authorize('accessories.files', $accessory);
-
-            if ($log = Actionlog::whereNotNull('filename')->where('item_id', $accessory->id)->find($fileId)) {
-                $file = 'private_uploads/accessories/'.$log->filename;
-
-                try {
-                    return StorageHelper::showOrDownloadFile($file, $log->filename);
-                } catch (\Exception $e) {
-                    return redirect()->route('accessories.show', ['accessory' => $accessory])->with('error',  trans('general.file_not_found'));
-                }
-            }
-
-            return redirect()->route('accessories.show', ['accessory' => $accessory])->withFragment('files')->with('error',  trans('general.log_record_not_found'));
-
-        }
-
-        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
-
-    }
-}
--- a/app/Http/Controllers/Accessories/AccessoryCheckinController.php
+++ b/app/Http/Controllers/Accessories/AccessoryCheckinController.php
@@ -78,7 +78,8 @@ class AccessoryCheckinController extends Controller

            session()->put(['redirect_option' => $request->get('redirect_option')]);

-            return redirect()->to(Helper::getRedirectOption($request, $accessory->id, 'Accessories'))->with('success', trans('admin/accessories/message.checkin.success'));
+            return Helper::getRedirectOption($request, $accessory->id, 'Accessories')
+                ->with('success', trans('admin/accessories/message.checkin.success'));
        }
        // Redirect to the accessory management page with error
        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.checkin.error'));
--- a/app/Http/Controllers/Accessories/AccessoryCheckoutController.php
+++ b/app/Http/Controllers/Accessories/AccessoryCheckoutController.php
@@ -97,7 +97,7 @@ class AccessoryCheckoutController extends Controller


        // Redirect to the new accessory page
-        return redirect()->to(Helper::getRedirectOption($request, $accessory->id, 'Accessories'))
+        return Helper::getRedirectOption($request, $accessory->id, 'Accessories')
            ->with('success', trans('admin/accessories/message.checkout.success'));
    }
 }
--- a/app/Http/Controllers/Account/AcceptanceController.php
+++ b/app/Http/Controllers/Account/AcceptanceController.php
@@ -7,6 +7,7 @@ use App\Events\CheckoutDeclined;
 use App\Events\ItemAccepted;
 use App\Events\ItemDeclined;
 use App\Http\Controllers\Controller;
+use App\Mail\CheckoutAcceptanceResponseMail;
 use App\Models\Actionlog;
 use App\Models\Asset;
 use App\Models\CheckoutAcceptance;
@@ -20,9 +21,12 @@ use App\Models\License;
 use App\Models\Component;
 use App\Models\Consumable;
 use App\Notifications\AcceptanceAssetAcceptedNotification;
+use App\Notifications\AcceptanceAssetAcceptedToUserNotification;
 use App\Notifications\AcceptanceAssetDeclinedNotification;
+use Exception;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Mail;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Str;
 use App\Http\Controllers\SettingsController;
@@ -148,6 +152,8 @@ class AcceptanceController extends Controller
                }
            }

+
+            $assigned_user = User::find($acceptance->assigned_to_id);
            // this is horrible
            switch($acceptance->checkoutable_type){
                case 'App\Models\Asset':
@@ -157,35 +163,30 @@ class AcceptanceController extends Controller
                            return redirect()->back()->with('error', trans('admin/models/message.does_not_exist'));
                        }
                        $display_model = $asset_model->name;
-                        $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
                break;

                case 'App\Models\Accessory':
                        $pdf_view_route ='account.accept.accept-accessory-eula';
                        $accessory = Accessory::find($item->id);
                        $display_model = $accessory->name;
-                        $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
                break;

                case 'App\Models\LicenseSeat':
                        $pdf_view_route ='account.accept.accept-license-eula';
                        $license = License::find($item->license_id);
                        $display_model = $license->name;
-                        $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
                break;

                case 'App\Models\Component':
                        $pdf_view_route ='account.accept.accept-component-eula';
                        $component = Component::find($item->id);
                        $display_model = $component->name;
-                        $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
                break;

                case 'App\Models\Consumable':
                        $pdf_view_route ='account.accept.accept-consumable-eula';
                        $consumable = Consumable::find($item->id);
                        $display_model = $consumable->name;
-                        $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
                break;
            }
 //            if ($acceptance->checkoutable_type == 'App\Models\Asset') {
@@ -226,11 +227,12 @@ class AcceptanceController extends Controller
                'note' => $request->input('note'),
                'check_out_date' => Carbon::parse($acceptance->created_at)->format('Y-m-d'),
                'accepted_date' => Carbon::parse($acceptance->accepted_at)->format('Y-m-d'),
-                'assigned_to' => $assigned_to,
+                'assigned_to' => $assigned_user->present()->fullName,
                'company_name' => $branding_settings->site_name,
                'signature' => ($sig_filename) ? storage_path() . '/private_uploads/signatures/' . $sig_filename : null,
                'logo' => $path_logo,
                'date_settings' => $branding_settings->date_display_format,
+                'admin' => auth()->user()->present()?->fullName,
            ];

            if ($pdf_view_route!='') {
@@ -240,6 +242,19 @@ class AcceptanceController extends Controller
            }

            $acceptance->accept($sig_filename, $item->getEula(), $pdf_filename, $request->input('note'));
+
+            // Send the PDF to the signing user
+            if (($request->input('send_copy') == '1') && ($assigned_user->email !='')) {
+
+                // Add the attachment for the signing user into the $data array
+                $data['file'] = $pdf_filename;
+
+                try {
+                    $assigned_user->notify(new AcceptanceAssetAcceptedToUserNotification($data));
+                } catch (\Exception $e) {
+                    Log::warning($e);
+                }
+            }
            try {
                $acceptance->notify(new AcceptanceAssetAcceptedNotification($data));
            } catch (\Exception $e) {
@@ -333,10 +348,29 @@ class AcceptanceController extends Controller

            $acceptance->decline($sig_filename, $request->input('note'));
            $acceptance->notify(new AcceptanceAssetDeclinedNotification($data));
+            Log::debug('New event acceptance.');
            event(new CheckoutDeclined($acceptance));
            $return_msg = trans('admin/users/message.declined');
        }

+        if ($acceptance->alert_on_response_id) {
+            try {
+                $recipient = User::find($acceptance->alert_on_response_id);
+
+                if ($recipient) {
+                    Log::debug('Attempting to send email acceptance.');
+                    Mail::to($recipient)->send(new CheckoutAcceptanceResponseMail(
+                        $acceptance,
+                        $recipient,
+                        $request->input('asset_acceptance') === 'accepted',
+                    ));
+                    Log::debug('Send email notification sucess on checkout acceptance response.');
+                }
+            } catch (Exception $e) {
+                Log::error($e->getMessage());
+                Log::warning($e);
+            }
+        }

        return redirect()->to('account/accept')->with('success', $return_msg);

--- a/app/Http/Controllers/Api/AssetFilesController.php
+++ b/app/Http/Controllers/Api/AssetFilesController.php
@@ -1,200 +0,0 @@
-<?php
-
-namespace App\Http\Controllers\Api;
-
-use App\Helpers\StorageHelper;
-use App\Http\Transformers\UploadedFilesTransformer;
-use Illuminate\Support\Facades\Storage;
-use App\Helpers\Helper;
-use App\Http\Controllers\Controller;
-use App\Models\Asset;
-use App\Models\Actionlog;
-use App\Http\Requests\UploadFileRequest;
-use Illuminate\Http\JsonResponse;
-use Illuminate\Support\Facades\Log;
-use Symfony\Component\HttpFoundation\StreamedResponse;
-use Symfony\Component\HttpFoundation\BinaryFileResponse;
-use Illuminate\Http\Request;
-
-
-/**
- * This class controls file related actions related
- * to assets for the Snipe-IT Asset Management application.
- *
- * Based on the Assets/AssetFilesController by A. Gianotto <snipe@snipe.net>
- *
- * @version    v1.0
- * @author [T. Scarsbrook] [<snipe@scarzybrook.co.uk>]
- */
-class AssetFilesController extends Controller
-{
-    /**
-     * Accepts a POST to upload a file to the server.
-     *
-     * @param \App\Http\Requests\UploadFileRequest $request
-     * @param int $assetId
-     * @since [v6.0]
-     * @author [T. Scarsbrook] [<snipe@scarzybrook.co.uk>]
-     */
-    public function store(UploadFileRequest $request, $assetId = null) : JsonResponse
-    {
-        // Start by checking if the asset being acted upon exists
-        if (! $asset = Asset::find($assetId)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 404);
-        }
-
-        // Make sure we are allowed to update this asset
-        $this->authorize('update', $asset);
-
-	    if ($request->hasFile('file')) {
-            // If the file storage directory doesn't exist; create it
-            if (! Storage::exists('private_uploads/assets')) {
-                Storage::makeDirectory('private_uploads/assets', 775);
-            }
-
-            // Loop over the attached files and add them to the asset
-            foreach ($request->file('file') as $file) {
-                $file_name = $request->handleFile('private_uploads/assets/','hardware-'.$asset->id, $file);
-                
-                $asset->logUpload($file_name, e($request->get('notes')));
-            }
-
-            // All done - report success
-            return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.upload.success')));
-        }
-
-        // We only reach here if no files were included in the POST, so tell the user this
-        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.upload.nofiles')), 500);
-    }
-
-    /**
-     * List the files for an asset.
-     *
-     * @param  int $assetId
-     * @since [v6.0]
-     * @author [T. Scarsbrook] [<snipe@scarzybrook.co.uk>]
-     */
-    public function list(Asset $asset, Request $request) : JsonResponse | array
-    {
-
-        $this->authorize('view', $asset);
-
-        $allowed_columns =
-            [
-                'id',
-                'filename',
-                'eol',
-                'notes',
-                'created_at',
-                'updated_at',
-            ];
-
-        $files = Actionlog::select('action_logs.*')->where('action_type', '=', 'uploaded')->where('item_type', '=', Asset::class)->where('item_id', '=', $asset->id);
-
-        if ($request->filled('search')) {
-            $files = $files->TextSearch($request->input('search'));
-        }
-
-        // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $files->count()) ? $files->count() : abs($request->input('offset'));
-        $limit = app('api_limit_value');
-        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
-        $files = $files->orderBy($sort, $order);
-
-        $files = $files->skip($offset)->take($limit)->get();
-        return (new UploadedFilesTransformer())->transformFiles($files, $files->count());
-
-    }
-
-    /**
-     * Check for permissions and display the file.
-     *
-     * @param  int $assetId
-     * @param  int $fileId
-     * @return \Illuminate\Http\JsonResponse
-     * @throws \Illuminate\Auth\Access\AuthorizationException
-     * @since [v6.0]
-     * @author [T. Scarsbrook] [<snipe@scarzybrook.co.uk>]
-     */
-    public function show(Asset $asset, $fileId = null) : JsonResponse | StreamedResponse | Storage | StorageHelper | BinaryFileResponse
-    {
-
-        // the asset is valid
-        if (isset($asset->id)) {
-            $this->authorize('view', $asset);
-
-            // Check that the file being requested exists for the asset
-            if (! $log = Actionlog::whereNotNull('filename')->where('item_id', $asset->id)->find($fileId)) {
-                return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.download.no_match', ['id' => $fileId])), 404);
-            }
-
-	    // Form the full filename with path
-            $file = 'private_uploads/assets/'.$log->filename;
-            Log::debug('Checking for '.$file);
-
-            if ($log->action_type == 'audit') {
-                $file = 'private_uploads/audits/'.$log->filename;
-            }
-
-            // Check the file actually exists on the filesystem
-            if (! Storage::exists($file)) {
-                return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.download.does_not_exist', ['id' => $fileId])), 404);
-            }
-
-            if (request('inline') == 'true') {
-
-                $headers = [
-                    'Content-Disposition' => 'inline',
-                ];
-
-                return Storage::download($file, $log->filename, $headers);
-            }
-
-            return StorageHelper::downloader($file);
-        }
-
-        // Send back an error message
-        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.download.error', ['id' => $fileId])), 500);
-    }
-
-    /**
-     * Delete the associated file
-     *
-     * @param  int $assetId
-     * @param  int $fileId
-     * @since [v6.0]
-     * @author [T. Scarsbrook] [<snipe@scarzybrook.co.uk>]
-     */
-    public function destroy(Asset $asset, $fileId = null) : JsonResponse
-    {
-
-        $rel_path = 'private_uploads/assets';
-
-        // the asset is valid
-        if (isset($asset->id)) {
-            $this->authorize('update', $asset);
-
-            // Check for the file
-            $log = Actionlog::find($fileId);
-
-                if ($log) {
-                        // Check the file actually exists, and delete it
-                        if (Storage::exists($rel_path.'/'.$log->filename)) {
-                            Storage::delete($rel_path.'/'.$log->filename);
-                }
-
-		        // Delete the record of the file
-                $log->delete();
-
-                // All deleting done - notify the user of success
-                return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/hardware/message.deletefile.success')), 200);
-            }
-
-            // The file doesn't seem to really exist, so report an error
-            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.deletefile.error')), 500);
-        }
-
-        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.deletefile.error')), 500);
-    }
-}
--- a/app/Http/Controllers/Api/AssetModelFilesController.php
+++ b/app/Http/Controllers/Api/AssetModelFilesController.php
@@ -1,184 +0,0 @@
-<?php
-
-namespace App\Http\Controllers\Api;
-
-use App\Helpers\StorageHelper;
-use Illuminate\Support\Facades\Storage;
-use App\Helpers\Helper;
-use App\Http\Controllers\Controller;
-use App\Models\AssetModel;
-use App\Models\Actionlog;
-use App\Http\Requests\UploadFileRequest;
-use App\Http\Transformers\AssetModelsTransformer;
-use Illuminate\Http\JsonResponse;
-use Illuminate\Support\Facades\Log;
-use Symfony\Component\HttpFoundation\StreamedResponse;
-use Symfony\Component\HttpFoundation\BinaryFileResponse;
-
-
-/**
- * This class controls file related actions related
- * to assets for the Snipe-IT Asset Management application.
- *
- * Based on the Assets/AssetFilesController by A. Gianotto <snipe@snipe.net>
- *
- * @version    v1.0
- * @author [T. Scarsbrook] [<snipe@scarzybrook.co.uk>]
- */
-class AssetModelFilesController extends Controller
-{
-    /**
-     * Accepts a POST to upload a file to the server.
-     *
-     * @param \App\Http\Requests\UploadFileRequest $request
-     * @param int $assetModelId
-     * @since [v7.0.12]
-     * @author [r-xyz]
-     */
-    public function store(UploadFileRequest $request, $assetModelId = null) : JsonResponse
-    {
-        // Start by checking if the asset being acted upon exists
-        if (! $assetModel = AssetModel::find($assetModelId)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/models/message.does_not_exist')), 404);
-        }
-
-        // Make sure we are allowed to update this asset
-        $this->authorize('update', $assetModel);
-
-            if ($request->hasFile('file')) {
-            // If the file storage directory doesn't exist; create it
-            if (! Storage::exists('private_uploads/assetmodels')) {
-                Storage::makeDirectory('private_uploads/assetmodels', 775);
-            }
-
-            // Loop over the attached files and add them to the asset
-            foreach ($request->file('file') as $file) {
-                $file_name = $request->handleFile('private_uploads/assetmodels/','model-'.$assetModel->id, $file);
-                
-                $assetModel->logUpload($file_name, e($request->get('notes')));
-            }
-
-            // All done - report success
-            return response()->json(Helper::formatStandardApiResponse('success', $assetModel, trans('admin/models/message.upload.success')));
-        }
-
-        // We only reach here if no files were included in the POST, so tell the user this
-        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/models/message.upload.nofiles')), 500);
-    }
-
-    /**
-     * List the files for an asset.
-     *
-     * @param  int $assetmodel
-     * @since [v7.0.12]
-     * @author [r-xyz]
-     */
-    public function list($assetmodel_id) : JsonResponse | array
-    {
-        // Start by checking if the asset being acted upon exists
-        if (! $assetModel = AssetModel::find($assetmodel_id)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/models/message.does_not_exist')), 404);
-        }
-
-            $assetmodel = AssetModel::with('uploads')->find($assetmodel_id);
-            $this->authorize('view', $assetmodel);
-            return (new AssetModelsTransformer)->transformAssetModelFiles($assetmodel, $assetmodel->uploads()->count());
-    }
-
-    /**
-     * Check for permissions and display the file.
-     *
-     * @param  int $assetModelId
-     * @param  int $fileId
-     * @return \Illuminate\Http\JsonResponse
-     * @throws \Illuminate\Auth\Access\AuthorizationException
-     * @since [v7.0.12]
-     * @author [r-xyz]
-     */
-    public function show($assetModelId = null, $fileId = null) : JsonResponse | StreamedResponse | Storage | StorageHelper | BinaryFileResponse
-    {
-        // Start by checking if the asset being acted upon exists
-        if (! $assetModel = AssetModel::find($assetModelId)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/models/message.does_not_exist')), 404);
-        }
-
-        // the asset is valid
-        if (isset($assetModel->id)) {
-            $this->authorize('view', $assetModel);
-
-            // Check that the file being requested exists for the asset
-            if (! $log = Actionlog::whereNotNull('filename')->where('item_id', $assetModel->id)->find($fileId)) {
-                return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/models/message.download.no_match', ['id' => $fileId])), 404);
-            }
-
-            // Form the full filename with path
-            $file = 'private_uploads/assetmodels/'.$log->filename;
-            Log::debug('Checking for '.$file);
-
-            if ($log->action_type == 'audit') {
-                $file = 'private_uploads/audits/'.$log->filename;
-            }
-
-            // Check the file actually exists on the filesystem
-            if (! Storage::exists($file)) {
-                return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/models/message.download.does_not_exist', ['id' => $fileId])), 404);
-            }
-
-            if (request('inline') == 'true') {
-
-                $headers = [
-                    'Content-Disposition' => 'inline',
-                ];
-
-                return Storage::download($file, $log->filename, $headers);
-            }
-
-            return StorageHelper::downloader($file);
-        }
-
-        // Send back an error message
-        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/models/message.download.error', ['id' => $fileId])), 500);
-    }
-
-    /**
-     * Delete the associated file
-     *
-     * @param  int $assetModelId
-     * @param  int $fileId
-     * @since [v7.0.12]
-     * @author [r-xyz]
-     */
-    public function destroy($assetModelId = null, $fileId = null) : JsonResponse
-    {
-        // Start by checking if the asset being acted upon exists
-        if (! $assetModel = AssetModel::find($assetModelId)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/models/message.does_not_exist')), 404);
-        }
-
-        $rel_path = 'private_uploads/assetmodels';
-
-        // the asset is valid
-        if (isset($assetModel->id)) {
-            $this->authorize('update', $assetModel);
-
-            // Check for the file
-            $log = Actionlog::find($fileId);
-            if ($log) {
-                // Check the file actually exists, and delete it
-                if (Storage::exists($rel_path.'/'.$log->filename)) {
-                    Storage::delete($rel_path.'/'.$log->filename);
-                }
-                // Delete the record of the file
-                $log->delete();
-
-                // All deleting done - notify the user of success
-                return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/models/message.deletefile.success')), 200);
-            }
-
-            // The file doesn't seem to really exist, so report an error
-            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/models/message.deletefile.error')), 500);
-        }
-
-        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/models/message.deletefile.error')), 500);
-    }
-}
--- a/app/Http/Controllers/Api/AssetModelsController.php
+++ b/app/Http/Controllers/Api/AssetModelsController.php
@@ -154,7 +154,7 @@ class AssetModelsController extends Controller
        $assetmodel = $request->handleImages($assetmodel);

        if ($assetmodel->save()) {
-            return response()->json(Helper::formatStandardApiResponse('success', $assetmodel, trans('admin/models/message.create.success')));
+            return response()->json(Helper::formatStandardApiResponse('success', (new AssetModelsTransformer)->transformAssetModel($assetmodel), trans('admin/models/message.create.success')));
        }
        return response()->json(Helper::formatStandardApiResponse('error', null, $assetmodel->getErrors()));

@@ -222,7 +222,7 @@ class AssetModelsController extends Controller


        if ($assetmodel->save()) {
-            return response()->json(Helper::formatStandardApiResponse('success', $assetmodel, trans('admin/models/message.update.success')));
+            return response()->json(Helper::formatStandardApiResponse('success', (new AssetModelsTransformer)->transformAssetModel($assetmodel), trans('admin/models/message.update.success')));
        }

        return response()->json(Helper::formatStandardApiResponse('error', null, $assetmodel->getErrors()));
--- a/app/Http/Controllers/Api/AssetsController.php
+++ b/app/Http/Controllers/Api/AssetsController.php
@@ -114,17 +114,23 @@ class AssetsController extends Controller
            'byod',
            'asset_eol_date',
            'requestable',
+            'jobtitle',
        ];

+        $all_custom_fields = CustomField::all(); //used as a 'cache' of custom fields throughout this page load
+
+        foreach ($all_custom_fields as $field) {
+            $allowed_columns[] = $field->db_column_name();
+        }
+
        $filter = [];

        if ($request->filled('filter')) {
            $filter = json_decode($request->input('filter'), true);
-        }

-        $all_custom_fields = CustomField::all(); //used as a 'cache' of custom fields throughout this page load
-        foreach ($all_custom_fields as $field) {
-            $allowed_columns[] = $field->db_column_name();
+            $filter = array_filter($filter, function ($key) use ($allowed_columns) {
+                return in_array($key, $allowed_columns);
+            }, ARRAY_FILTER_USE_KEY);
        }

        $assets = Asset::select('assets.*')
@@ -395,6 +401,9 @@ class AssetsController extends Controller
            case 'assigned_to':
                $assets->OrderAssigned($order);
                break;
+            case 'jobtitle':
+                $assets->OrderByJobTitle($order);
+                break;
            case 'created_by':
                $assets->OrderByCreatedByName($order);
                break;
--- a/app/Http/Controllers/Api/CompaniesController.php
+++ b/app/Http/Controllers/Api/CompaniesController.php
@@ -43,7 +43,10 @@ class CompaniesController extends Controller

        $companies = Company::withCount(['assets as assets_count'  => function ($query) {
            $query->AssetsForShow();
-        }])->withCount('licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'users as users_count');
+        }])
+            ->with('adminuser')
+            ->withCount('licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'users as users_count');
+

        if ($request->filled('search')) {
            $companies->TextSearch($request->input('search'));
@@ -119,6 +122,7 @@ class CompaniesController extends Controller
    {
        $this->authorize('view', Company::class);
        $company = Company::findOrFail($id);
+        $this->authorize('view', $company);
        return (new CompaniesTransformer)->transformCompany($company);

    }
@@ -136,6 +140,7 @@ class CompaniesController extends Controller
    {
        $this->authorize('update', Company::class);
        $company = Company::findOrFail($id);
+        $this->authorize('update', $company);
        $company->fill($request->all());
        $company = $request->handleImages($company);

@@ -188,6 +193,7 @@ class CompaniesController extends Controller
            'companies.image',
        ]);

+
        if ($request->filled('search')) {
            $companies = $companies->where('companies.name', 'LIKE', '%'.$request->get('search').'%');
        }
--- a/app/Http/Controllers/Api/ConsumablesController.php
+++ b/app/Http/Controllers/Api/ConsumablesController.php
@@ -228,11 +228,16 @@ class ConsumablesController extends Controller
        foreach ($consumable->consumableAssignments as $consumable_assignment) {
            $rows[] = [
                'avatar' => ($consumable_assignment->user) ? e($consumable_assignment->user->present()->gravatar) : '',
-                'name' => ($consumable_assignment->user) ? $consumable_assignment->user->present()->nameUrl() : 'Deleted User',
+                'user' => ($consumable_assignment->user) ? [
+                    'id' => (int) $consumable_assignment->user->id,
+                    'name'=> e($consumable_assignment->user->present()->fullName()),
+                ] : null,
                'created_at' => Helper::getFormattedDateObject($consumable_assignment->created_at, 'datetime'),
                'note' => ($consumable_assignment->note) ? e($consumable_assignment->note) : null,
-                'admin' => ($consumable_assignment->adminuser) ? $consumable_assignment->adminuser->present()->nameUrl() : null, // legacy, so we don't change the shape of the response
-                'created_by' => ($consumable_assignment->adminuser) ? $consumable_assignment->adminuser->present()->nameUrl() : null,
+                'created_by' => ($consumable_assignment->adminuser) ? [
+                    'id' => (int) $consumable_assignment->adminuser->id,
+                    'name'=> e($consumable_assignment->adminuser->present()->fullName()),
+                ] : null,
            ];
        }

--- a/app/Http/Controllers/Api/LicenseSeatsController.php
+++ b/app/Http/Controllers/Api/LicenseSeatsController.php
@@ -29,6 +29,15 @@ class LicenseSeatsController extends Controller
            $seats = LicenseSeat::with('license', 'user', 'asset', 'user.department')
                ->where('license_seats.license_id', $licenseId);

+            if ($request->input('status') == 'available') {
+                $seats->whereNull('license_seats.assigned_to');
+            }
+
+            if ($request->input('status') == 'assigned') {
+                $seats->ByAssigned();
+            }
+
+
            $order = $request->input('order') === 'asc' ? 'asc' : 'desc';

            if ($request->input('sort') == 'department') {
--- a/app/Http/Controllers/Api/AssetMaintenancesController.php
+++ b/app/Http/Controllers/Api/AssetMaintenancesController.php
@@ -4,11 +4,11 @@ namespace App\Http\Controllers\Api;

 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
-use App\Http\Transformers\AssetMaintenancesTransformer;
+use App\Http\Requests\ImageUploadRequest;
+use App\Http\Transformers\MaintenancesTransformer;
 use App\Models\Asset;
-use App\Models\AssetMaintenance;
+use App\Models\Maintenance;
 use App\Models\Company;
-use Illuminate\Support\Facades\Auth;
 use Illuminate\Http\Request;
 use Illuminate\Http\JsonResponse;

@@ -18,13 +18,13 @@ use Illuminate\Http\JsonResponse;
 *
 * @version    v2.0
 */
-class AssetMaintenancesController extends Controller
+class MaintenancesController extends Controller
 {

    /**
     *  Generates the JSON response for asset maintenances listing view.
     *
-     * @see AssetMaintenancesController::getIndex() method that generates view
+     * @see MaintenancesController::getIndex() method that generates view
     * @author  Vincent Sposato <vincent.sposato@gmail.com>
     * @version v1.0
     * @since [v1.8]
@@ -33,7 +33,7 @@ class AssetMaintenancesController extends Controller
    {
        $this->authorize('view', Asset::class);

-        $maintenances = AssetMaintenance::select('asset_maintenances.*')
+        $maintenances = Maintenance::select('maintenances.*')
            ->with('asset', 'asset.model', 'asset.location', 'asset.defaultLoc', 'supplier', 'asset.company',  'asset.assetstatus', 'adminuser');

        if ($request->filled('search')) {
@@ -45,11 +45,11 @@ class AssetMaintenancesController extends Controller
        }

        if ($request->filled('supplier_id')) {
-            $maintenances->where('asset_maintenances.supplier_id', '=', $request->input('supplier_id'));
+            $maintenances->where('maintenances.supplier_id', '=', $request->input('supplier_id'));
        }

        if ($request->filled('created_by')) {
-            $maintenances->where('asset_maintenances.created_by', '=', $request->input('created_by'));
+            $maintenances->where('maintenances.created_by', '=', $request->input('created_by'));
        }

        if ($request->filled('asset_maintenance_type')) {
@@ -63,7 +63,7 @@ class AssetMaintenancesController extends Controller

        $allowed_columns = [
                                'id',
-                                'title',
+                                'name',
                                'asset_maintenance_time',
                                'asset_maintenance_type',
                                'cost',
@@ -75,6 +75,7 @@ class AssetMaintenancesController extends Controller
                                'serial',
                                'created_by',
                                'supplier',
+                                'location',
                                'is_warranty',
                                'status_label',
                            ];
@@ -98,6 +99,9 @@ class AssetMaintenancesController extends Controller
            case 'serial':
                $maintenances = $maintenances->OrderByAssetSerial($order);
                break;
+            case 'location':
+                $maintenances = $maintenances->OrderLocationName($order);
+                break;
            case 'status_label':
                $maintenances = $maintenances->OrderStatusName($order);
                break;
@@ -108,7 +112,7 @@ class AssetMaintenancesController extends Controller

        $total = $maintenances->count();
        $maintenances = $maintenances->skip($offset)->take($limit)->get();
-        return (new AssetMaintenancesTransformer())->transformAssetMaintenances($maintenances, $total);
+        return (new MaintenancesTransformer())->transformMaintenances($maintenances, $total);


    }
@@ -117,22 +121,23 @@ class AssetMaintenancesController extends Controller
    /**
     *  Validates and stores the new asset maintenance
     *
-     * @see AssetMaintenancesController::getCreate() method for the form
+     * @see MaintenancesController::getCreate() method for the form
     * @author  Vincent Sposato <vincent.sposato@gmail.com>
     * @version v1.0
     * @since [v1.8]
     */
-    public function store(Request $request) : JsonResponse | array
+    public function store(ImageUploadRequest $request) : JsonResponse | array
    {
        $this->authorize('update', Asset::class);
+
        // create a new model instance
-        $maintenance = new AssetMaintenance();
+        $maintenance = new Maintenance();
        $maintenance->fill($request->all());
        $maintenance->created_by = auth()->id();
-
+        $maintenance = $request->handleImages($maintenance);
        // Was the asset maintenance created?
        if ($maintenance->save()) {
-            return response()->json(Helper::formatStandardApiResponse('success', $maintenance, trans('admin/asset_maintenances/message.create.success')));
+            return response()->json(Helper::formatStandardApiResponse('success', $maintenance, trans('admin/maintenances/message.create.success')));

        }

@@ -153,11 +158,11 @@ class AssetMaintenancesController extends Controller
    {
        $this->authorize('update', Asset::class);

-        if ($maintenance = AssetMaintenance::with('asset')->find($id)) {
+        if ($maintenance = Maintenance::with('asset')->find($id)) {

            // Can this user manage this asset?
            if (! Company::isCurrentUserHasAccess($maintenance->asset)) {
-                return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.action_permission_denied', ['item_type' => trans('admin/asset_maintenances/general.maintenance'), 'id' => $id, 'action' => trans('general.edit')])));
+                return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.action_permission_denied', ['item_type' => trans('admin/maintenances/general.maintenance'), 'id' => $id, 'action' => trans('general.edit')])));
            }

            // The asset this miantenance is attached to is not valid or has been deleted
@@ -168,13 +173,13 @@ class AssetMaintenancesController extends Controller
            $maintenance->fill($request->all());

            if ($maintenance->save()) {
-                return response()->json(Helper::formatStandardApiResponse('success', $maintenance, trans('admin/asset_maintenances/message.edit.success')));
+                return response()->json(Helper::formatStandardApiResponse('success', $maintenance, trans('admin/maintenances/message.edit.success')));
            }

            return response()->json(Helper::formatStandardApiResponse('error', null, $maintenance->getErrors()));
        }

-        return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.item_not_found', ['item_type' => trans('admin/asset_maintenances/general.maintenance'), 'id' => $id])));
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.item_not_found', ['item_type' => trans('admin/maintenances/general.maintenance'), 'id' => $id])));

    }

@@ -182,20 +187,20 @@ class AssetMaintenancesController extends Controller
     *  Delete an asset maintenance
     *
     * @author  A. Gianotto <snipe@snipe.net>
-     * @param int $assetMaintenanceId
+     * @param int $maintenanceId
     * @version v1.0
     * @since [v4.0]
     */
-    public function destroy($assetMaintenanceId) : JsonResponse | array
+    public function destroy($maintenanceId) : JsonResponse | array
    {
        $this->authorize('update', Asset::class);
        // Check if the asset maintenance exists

-        $assetMaintenance = AssetMaintenance::findOrFail($assetMaintenanceId);
+        $maintenance = Maintenance::findOrFail($maintenanceId);

-        $assetMaintenance->delete();
+        $maintenance->delete();

-        return response()->json(Helper::formatStandardApiResponse('success', $assetMaintenance, trans('admin/asset_maintenances/message.delete.success')));
+        return response()->json(Helper::formatStandardApiResponse('success', $maintenance, trans('admin/maintenances/message.delete.success')));


    }
@@ -204,19 +209,19 @@ class AssetMaintenancesController extends Controller
     *  View an asset maintenance
     *
     * @author  A. Gianotto <snipe@snipe.net>
-     * @param int $assetMaintenanceId
+     * @param int $maintenanceId
     * @version v1.0
     * @since [v4.0]
     */
-    public function show($assetMaintenanceId) : JsonResponse | array
+    public function show($maintenanceId) : JsonResponse | array
    {
        $this->authorize('view', Asset::class);
-        $assetMaintenance = AssetMaintenance::findOrFail($assetMaintenanceId);
-        if (! Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
+        $maintenance = Maintenance::findOrFail($maintenanceId);
+        if (! Company::isCurrentUserHasAccess($maintenance->asset)) {
            return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot view a maintenance for that asset'));
        }

-        return (new AssetMaintenancesTransformer())->transformAssetMaintenance($assetMaintenance);
+        return (new MaintenancesTransformer())->transformMaintenance($maintenance);

    }
 }
--- a/app/Http/Controllers/Api/ProfileController.php
+++ b/app/Http/Controllers/Api/ProfileController.php
@@ -4,15 +4,19 @@ namespace App\Http\Controllers\Api;

 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
+use App\Http\Transformers\ProfileTransformer;
 use App\Models\CheckoutRequest;
+use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Response;
 use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Storage;
 use Laravel\Passport\TokenRepository;
 use Illuminate\Contracts\Validation\Factory as ValidationFactory;
 use Illuminate\Support\Facades\Gate;
 use App\Models\CustomField;
 use Illuminate\Support\Facades\DB;
 use Illuminate\Http\JsonResponse;
+use Symfony\Component\HttpFoundation\BinaryFileResponse;

 class ProfileController extends Controller
 {
@@ -167,6 +171,22 @@ class ProfileController extends Controller

    }

+    /**
+     * Display the EULAs accepted by the user.
+     *
+     *  @param \App\Http\Transformers\ActionlogsTransformer $transformer
+     *  @return \Illuminate\Http\JsonResponse
+     *@since [v8.1.16]
+     * @author [Godfrey Martinez] [<gmartinez@grokability.com>]
+     */
+    public function eulas(ProfileTransformer $transformer)
+    {
+        // Only return this user's EULAs
+        $eulas = auth()->user()->eulas;
+        return response()->json(
+            $transformer->transformFiles($eulas, $eulas->count())
+        );
+    }


 }
--- a/app/Http/Controllers/Api/SettingsController.php
+++ b/app/Http/Controllers/Api/SettingsController.php
@@ -150,8 +150,11 @@ class SettingsController extends Controller
        if (!config('app.lock_passwords')) {
            try {
                Notification::send(Setting::first(), new MailTest());
+                Log::debug('Attempting to sending to '.config('mail.reply_to.address'));
                return response()->json(['message' => 'Mail sent to '.config('mail.reply_to.address')], 200);
            } catch (\Exception $e) {
+                Log::error('Mail sent error using '.config('mail.reply_to.address') .': '. $e->getMessage());
+                Log::debug($e);
                return response()->json(['message' => $e->getMessage()], 500);
            }
        }
--- a/app/Http/Controllers/Api/SuppliersController.php
+++ b/app/Http/Controllers/Api/SuppliersController.php
@@ -194,7 +194,7 @@ class SuppliersController extends Controller
    public function destroy($id) : JsonResponse
    {
        $this->authorize('delete', Supplier::class);
-        $supplier = Supplier::with('asset_maintenances', 'assets', 'licenses')->withCount('asset_maintenances as asset_maintenances_count', 'assets as assets_count', 'licenses as licenses_count')->findOrFail($id);
+        $supplier = Supplier::with('maintenances', 'assets', 'licenses')->withCount('maintenances as maintenances_count', 'assets as assets_count', 'licenses as licenses_count')->findOrFail($id);
        $this->authorize('delete', $supplier);


@@ -202,8 +202,8 @@ class SuppliersController extends Controller
            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/suppliers/message.delete.assoc_assets', ['asset_count' => (int) $supplier->assets_count])));
        }

-        if ($supplier->asset_maintenances_count > 0) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/suppliers/message.delete.assoc_maintenances', ['asset_maintenances_count' => $supplier->asset_maintenances_count])));
+        if ($supplier->maintenances_count > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/suppliers/message.delete.assoc_maintenances', ['maintenances_count' => $supplier->maintenances_count])));
        }

        if ($supplier->licenses_count > 0) {
--- a/app/Http/Controllers/Api/UploadedFilesController.php
+++ b/app/Http/Controllers/Api/UploadedFilesController.php
@@ -0,0 +1,220 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use App\Helpers\Helper;
+use App\Helpers\StorageHelper;
+use App\Http\Controllers\Controller;
+use App\Http\Requests\UploadFileRequest;
+use App\Http\Transformers\UploadedFilesTransformer;
+use App\Models\Actionlog;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Storage;
+use Symfony\Component\HttpFoundation\BinaryFileResponse;
+use Symfony\Component\HttpFoundation\StreamedResponse;
+
+
+class UploadedFilesController extends Controller
+{
+
+
+    /**
+     * List files for an object
+     *
+     * @param  \App\Http\Requests\UploadFileRequest $request
+     * @param  string                               $object_type the type of object to upload the file to
+     * @param  int                                  $id          the ID of the object to list files for
+     * @since  [v8.1.17]
+     * @author [A. Gianotto <snipe@snipe.net>]
+     */
+    public function index(Request $request, $object_type, $id) : JsonResponse | array
+    {
+
+        // Check the permissions to make sure the user can view the object
+        $object = self::$map_object_type[$object_type]::find($id);
+        $this->authorize('view', $object);
+
+        if (!$object) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.file_upload_status.invalid_object')));
+        }
+
+        // Columns allowed for sorting
+        $allowed_columns =
+            [
+                'id',
+                'filename',
+                'action_type',
+                'action_date',
+                'note',
+                'created_at',
+            ];
+
+
+        $uploads = Actionlog::select('action_logs.*')
+            ->whereNotNull('filename')
+            ->where('item_type', self::$map_object_type[$object_type])
+            ->where('item_id', $object->id)
+            ->where('action_type', '=', 'uploaded')
+            ->with('adminuser');
+
+        $offset = ($request->input('offset') > $uploads->count()) ? $uploads->count() : abs($request->input('offset'));
+        $limit = app('api_limit_value');
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+
+        // Text search on action_logs fields
+        // We could use the normal Actionlogs text scope, but it's a very heavy query since it's searching across all relations
+        // and we generally won't need that here
+        if ($request->filled('search')) {
+
+            $uploads->where(
+                function ($query) use ($request) {
+                    $query->where('filename', 'LIKE', '%' . $request->input('search') . '%')
+                        ->orWhere('note', 'LIKE', '%' . $request->input('search') . '%');
+                }
+            );
+        }
+
+        $total = $uploads->count();
+        $uploads = $uploads->skip($offset)->take($limit)->orderBy($sort, $order)->get();
+
+        return (new UploadedFilesTransformer())->transformFiles($uploads, $total);
+    }
+
+
+    /**
+     * Accepts a POST to upload a file to the server.
+     *
+     * @param  \App\Http\Requests\UploadFileRequest $request
+     * @param  string                               $object_type the type of object to upload the file to
+     * @param  int                                  $id          the ID of the object to store so we can check permisisons
+     * @since  [v8.1.17]
+     * @author [A. Gianotto <snipe@snipe.net>]
+     */
+    public function store(UploadFileRequest $request, $object_type, $id) : JsonResponse
+    {
+
+        // Check the permissions to make sure the user can view the object
+        $object = self::$map_object_type[$object_type]::find($id);
+        $this->authorize('view', $object);
+
+        if (!$object) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.file_upload_status.invalid_object')));
+        }
+
+        // If the file storage directory doesn't exist, create it
+        if (! Storage::exists(self::$map_storage_path[$object_type])) {
+            Storage::makeDirectory(self::$map_storage_path[$object_type], 775);
+        }
+
+
+        if ($request->hasFile('file')) {
+            // Loop over the attached files and add them to the object
+            foreach ($request->file('file') as $file) {
+                $file_name = $request->handleFile(self::$map_storage_path[$object_type], self::$map_file_prefix[$object_type].'-'.$object->id, $file);
+                $files[] = $file_name;
+                $object->logUpload($file_name, $request->get('notes'));
+            }
+
+            $files = Actionlog::select('action_logs.*')->where('action_type', '=', 'uploaded')
+                ->where('item_type', '=', self::$map_object_type[$object_type])
+                ->where('item_id', '=', $id)->whereIn('filename', $files)
+                ->get();
+
+            return response()->json(Helper::formatStandardApiResponse('success', (new UploadedFilesTransformer())->transformFiles($files, count($files)), trans_choice('general.file_upload_status.upload.success',  count($files))));
+        }
+
+        // No files were submitted
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.file_upload_status.nofiles')));
+    }
+
+
+
+    /**
+     * Check for permissions and display the file.
+     *
+     * @param  \App\Http\Requests\UploadFileRequest $request
+     * @param  string                               $object_type the type of object to upload the file to
+     * @param  int                                  $id          the ID of the object to delete from so we can check permisisons
+     * @param  $file_id     the ID of the file to delete from the action_logs table
+     * @since  [v8.1.17]
+     * @author [A. Gianotto <snipe@snipe.net>]
+     */
+    public function show($object_type, $id, $file_id) : JsonResponse | StreamedResponse | Storage | StorageHelper | BinaryFileResponse
+    {
+        // Check the permissions to make sure the user can view the object
+        $object = self::$map_object_type[$object_type]::find($id);
+        $this->authorize('view', $object);
+
+        if (!$object) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.file_upload_status.invalid_object')));
+        }
+
+
+        // Check that the file being requested exists for the object
+        if (! $log = Actionlog::whereNotNull('filename')->where('item_type', self::$map_object_type[$object_type])->where('item_id', $object->id)->find($file_id)
+        ) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.file_upload_status.invalid_id')), 200);
+        }
+
+
+        if (! Storage::exists(self::$map_storage_path[$object_type].'/'.$log->filename)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.file_upload_status.file_not_found'), 200));
+        }
+
+        if (request('inline') == 'true') {
+            $headers = [
+                'Content-Disposition' => 'inline',
+            ];
+            return Storage::download(self::$map_storage_path[$object_type].'/'.$log->filename, $log->filename, $headers);
+        }
+
+        return StorageHelper::downloader(self::$map_storage_path[$object_type].'/'.$log->filename);
+
+    }
+
+    /**
+     * Delete the associated file
+     *
+     * @param  \App\Http\Requests\UploadFileRequest $request
+     * @param  string                               $object_type the type of object to upload the file to
+     * @param  int                                  $id          the ID of the object to delete from so we can check permisisons
+     * @param  $file_id     the ID of the file to delete from the action_logs table
+     * @since  [v8.1.17]
+     * @author [A. Gianotto <snipe@snipe.net>]
+     */
+    public function destroy($object_type, $id, $file_id) : JsonResponse
+    {
+
+        // Check the permissions to make sure the user can view the object
+        $object = self::$map_object_type[$object_type]::find($id);
+        $this->authorize('update', self::$map_object_type[$object_type]);
+
+        if (!$object) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.file_upload_status.invalid_object')));
+        }
+
+
+        // Check for the file
+        $log = Actionlog::find($file_id)->where('item_type', self::$map_object_type[$object_type])
+            ->where('item_id', $object->id)->first();
+
+        if ($log) {
+            // Check the file actually exists, and delete it
+            if (Storage::exists(self::$map_storage_path[$object_type].'/'.$log->filename)) {
+                Storage::delete(self::$map_storage_path[$object_type].'/'.$log->filename);
+            }
+            // Delete the record of the file
+            if ($log->delete()) {
+                return response()->json(Helper::formatStandardApiResponse('success', null, trans_choice('general.file_upload_status.delete.success', 1)), 200);
+            }
+
+
+        }
+
+        // The file doesn't seem to really exist, so report an error
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans_choice('general.file_upload_status.delete.error', 1)), 500);
+
+    }
+}
--- a/app/Http/Controllers/Api/UsersController.php
+++ b/app/Http/Controllers/Api/UsersController.php
@@ -20,9 +20,11 @@ use App\Models\Consumable;
 use App\Models\License;
 use App\Models\User;
 use App\Notifications\CurrentInventory;
+use Illuminate\Support\Facades\Artisan;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Gate;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Facades\Validator;
 use Illuminate\Support\Facades\Log;
@@ -68,6 +70,7 @@ class UsersController extends Controller
            'users.notes',
            'users.permissions',
            'users.phone',
+            'users.mobile',
            'users.state',
            'users.two_factor_enrolled',
            'users.two_factor_optin',
@@ -81,7 +84,12 @@ class UsersController extends Controller
            'users.autoassign_licenses',
            'users.website',

-        ])->with('manager', 'groups', 'userloc', 'company', 'department', 'assets', 'licenses', 'accessories', 'consumables', 'createdBy', 'managesUsers', 'managedLocations', 'eulas')
+        ])->with('manager')
+            ->with('groups')
+            ->with('userloc')
+            ->with('company')
+            ->with('department')
+            ->with('createdBy')
            ->withCount([
                'assets as assets_count' => function(Builder $query) {
                    $query->withoutTrashed();
@@ -102,10 +110,26 @@ class UsersController extends Controller
            $users = $users->where('users.activated', '=', $request->input('activated'));
        }

+        if ($request->input('admins') == 'true') {
+            $users = $users->OnlyAdminsAndSuperAdmins();
+        }
+
+        if ($request->input('superadmins') == 'true') {
+            $users = $users->OnlySuperAdmins();
+        }
+
        if ($request->filled('company_id')) {
            $users = $users->where('users.company_id', '=', $request->input('company_id'));
        }

+        if ($request->filled('phone')) {
+            $users = $users->where('users.phone', '=', $request->input('phone'));
+        }
+
+        if ($request->filled('mobile')) {
+            $users = $users->where('users.mobile', '=', $request->input('mobile'));
+        }
+
        if ($request->filled('location_id')) {
            $users = $users->where('users.location_id', '=', $request->input('location_id'));
        }
@@ -278,6 +302,7 @@ class UsersController extends Controller
                        'manages_users_count',
                        'manages_locations_count',
                        'phone',
+                        'mobile',
                        'address',
                        'city',
                        'state',
@@ -475,10 +500,27 @@ class UsersController extends Controller
                return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot be your own manager'));
            }

+            // check for permissions related fields and pull them out if the current user cannot edit them
+            if (auth()->user()->can('canEditAuthFields', $user) && auth()->user()->can('editableOnDemo')) {
+
                if ($request->filled('password')) {
                    $user->password = bcrypt($request->input('password'));
                }

+                if ($request->filled('username')) {
+                    $user->username = $request->input('username');
+                }
+
+                if ($request->filled('email')) {
+                    $user->email = $request->input('email');
+                }
+
+                if ($request->filled('activated')) {
+                    $user->activated = $request->input('activated');
+                }
+
+            }
+
            // We need to use has()  instead of filled()
            // here because we need to overwrite permissions
            // if someone needs to null them out
@@ -677,7 +719,6 @@ class UsersController extends Controller
        $this->authorize('view', License::class);
        
        if ($user = User::where('id', $id)->withTrashed()->first()) {
-            $this->authorize('update', $user);
            $licenses = $user->licenses()->get();
            return (new LicensesTransformer())->transformLicenses($licenses, $licenses->count());
        }
@@ -748,7 +789,7 @@ class UsersController extends Controller
     */
    public function eulas(User $user, ActionlogsTransformer $transformer)
    {
-        $this->authorize('view', Asset::class);
+        $this->authorize('view', User::class);

        $eulas = $user->eulas;
        return response()->json(
@@ -792,4 +833,37 @@ class UsersController extends Controller
        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.user_not_found')), 200);

    }
+
+
+    /**
+     * Run the LDAP sync command to import users from LDAP via API.
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since 8.2.2
+     *
+     * @return \Illuminate\Http\JsonResponse
+     */
+    public function syncLdapUsers(Request $request)
+    {
+        $this->authorize('update', User::class);
+        // Call Artisan LDAP import command.
+
+        Artisan::call('snipeit:ldap-sync', ['--location_id' => $request->input('location_id'), '--json_summary' => true]);
+
+        // Collect and parse JSON summary.
+        $ldap_results_json = Artisan::output();
+        $ldap_results = json_decode($ldap_results_json, true);
+
+        if (!$ldap_results) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,trans('general.no_results')), 200);
+        }
+
+        // Direct user to appropriate status page.
+        if ($ldap_results['error']) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, $ldap_results['error_message']), 200);
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('success', null, $ldap_results['summary']), 200);
+
+    }
 }
--- a/app/Http/Controllers/AssetModelsController.php
+++ b/app/Http/Controllers/AssetModelsController.php
@@ -87,7 +87,20 @@ class AssetModelsController extends Controller
            $model->fieldset_id = $request->input('fieldset_id');
        }

+        if ($request->has('use_cloned_image')) {
+            $cloned_model_img = AssetModel::select('image')->find($request->input('clone_image_from_id'));
+            if ($cloned_model_img) {
+                $new_image_name = 'clone-'.date('U').'-'.$cloned_model_img->image;
+                $new_image = 'models/'.$new_image_name;
+                Storage::disk('public')->copy('models/'.$cloned_model_img->image, $new_image);
+                $model->image = $new_image_name;
+            }
+
+        } else {
            $model = $request->handleImages($model);
+        }
+
+

        if ($model->save()) {
            if ($this->shouldAddDefaultValues($request->input())) {
@@ -271,7 +284,7 @@ class AssetModelsController extends Controller
            ->with('depreciation_list', Helper::depreciationList())
            ->with('item', $model)
            ->with('model_id', $model->id)
-            ->with('clone_model', $cloned_model);
+            ->with('cloned_model', $cloned_model);
    }


--- a/app/Http/Controllers/AssetModelsFilesController.php
+++ b/app/Http/Controllers/AssetModelsFilesController.php
@@ -1,115 +0,0 @@
-<?php
-
-namespace App\Http\Controllers;
-
-use App\Helpers\StorageHelper;
-use App\Http\Requests\UploadFileRequest;
-use App\Models\Actionlog;
-use App\Models\AssetModel;
-use Illuminate\Http\RedirectResponse;
-use Illuminate\Http\Response;
-use Illuminate\Support\Facades\Storage;
-use \Symfony\Component\HttpFoundation\StreamedResponse;
-use Symfony\Component\HttpFoundation\BinaryFileResponse;
-
-class AssetModelsFilesController extends Controller
-{
-    /**
-     * Upload a file to the server.
-     *
-     * @param UploadFileRequest $request
-     * @param int $modelId
-     * @return \Illuminate\Http\RedirectResponse
-     * @throws \Illuminate\Auth\Access\AuthorizationException
-     *@since [v1.0]
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     */
-    public function store(UploadFileRequest $request, $modelId = null) : RedirectResponse
-    {
-        if (! $model = AssetModel::find($modelId)) {
-            return redirect()->route('models.index')->with('error', trans('admin/hardware/message.does_not_exist'));
-        }
-
-        $this->authorize('update', $model);
-
-        if ($request->hasFile('file')) {
-            if (! Storage::exists('private_uploads/assetmodels')) {
-                Storage::makeDirectory('private_uploads/assetmodels', 775);
-            }
-
-            foreach ($request->file('file') as $file) {
-
-                $file_name = $request->handleFile('private_uploads/assetmodels/','model-'.$model->id,$file);
-
-                $model->logUpload($file_name, $request->get('notes'));
-            }
-
-            return redirect()->back()->withFragment('files')->with('success', trans('general.file_upload_success'));
-        }
-
-        return redirect()->back()->withFragment('files')->with('error', trans('admin/hardware/message.upload.nofiles'));
-    }
-
-    /**
-     * Check for permissions and display the file.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @param  int $modelId
-     * @param  int $fileId
-     * @since [v1.0]
-     */
-    public function show(AssetModel $model, $fileId = null) : StreamedResponse | Response | RedirectResponse | BinaryFileResponse
-    {
-
-            $this->authorize('view', $model);
-
-            if (! $log = Actionlog::find($fileId)) {
-                return response('No matching record for that model/file', 500)
-                    ->header('Content-Type', 'text/plain');
-            }
-
-            $file = 'private_uploads/assetmodels/'.$log->filename;
-
-            if (! Storage::exists($file)) {
-                return response('File '.$file.' not found on server', 404)
-                    ->header('Content-Type', 'text/plain');
-            }
-
-            if (request('inline') == 'true') {
-
-                $headers = [
-                    'Content-Disposition' => 'inline',
-                ];
-
-                return Storage::download($file, $log->filename, $headers);
-            }
-
-            return StorageHelper::downloader($file);
-    }
-
-    /**
-     * Delete the associated file
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @param  int $modelId
-     * @param  int $fileId
-     * @since [v1.0]
-     */
-    public function destroy(AssetModel $model, $fileId = null) : RedirectResponse
-    {
-        $rel_path = 'private_uploads/assetmodels';
-        $this->authorize('update', $model);
-        $log = Actionlog::find($fileId);
-        if ($log) {
-            if (Storage::exists($rel_path.'/'.$log->filename)) {
-                Storage::delete($rel_path.'/'.$log->filename);
-            }
-            $log->delete();
-
-            return redirect()->back()->withFragment('files')->with('success', trans('admin/hardware/message.deletefile.success'));
-        }
-
-        return redirect()->back()->withFragment('files')->with('success', trans('admin/hardware/message.deletefile.success'));
-
-    }
-}
--- a/app/Http/Controllers/Assets/AssetCheckinController.php
+++ b/app/Http/Controllers/Assets/AssetCheckinController.php
@@ -153,7 +153,8 @@ class AssetCheckinController extends Controller
        if ($asset->save()) {

            event(new CheckoutableCheckedIn($asset, $target, auth()->user(), $request->input('note'), $checkin_at, $originalValues));
-            return redirect()->to(Helper::getRedirectOption($request, $asset->id, 'Assets'))->with('success', trans('admin/hardware/message.checkin.success'));
+            return Helper::getRedirectOption($request, $asset->id, 'Assets')
+                ->with('success', trans('admin/hardware/message.checkin.success'));
        }
        // Redirect to the asset management page with error
        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkin.error').$asset->getErrors());
--- a/app/Http/Controllers/Assets/AssetCheckoutController.php
+++ b/app/Http/Controllers/Assets/AssetCheckoutController.php
@@ -123,7 +123,7 @@ class AssetCheckoutController extends Controller
            session()->put(['redirect_option' => $request->get('redirect_option'), 'checkout_to_type' => $request->get('checkout_to_type')]);

            if ($asset->checkOut($target, $admin, $checkout_at, $expected_checkin, $request->get('note'), $request->get('name'))) {
-                return redirect()->to(Helper::getRedirectOption($request, $asset->id, 'Assets'))
+                return Helper::getRedirectOption($request, $asset->id, 'Assets')
                    ->with('success', trans('admin/hardware/message.checkout.success'));
            }
            // Redirect to the asset management page with error
--- a/app/Http/Controllers/Assets/AssetFilesController.php
+++ b/app/Http/Controllers/Assets/AssetFilesController.php
@@ -1,108 +0,0 @@
-<?php
-
-namespace App\Http\Controllers\Assets;
-
-use App\Helpers\StorageHelper;
-use App\Http\Controllers\Controller;
-use App\Http\Requests\UploadFileRequest;
-use App\Models\Actionlog;
-use App\Models\Asset;
-use \Illuminate\Http\Response;
-use Illuminate\Support\Facades\Storage;
-use \Illuminate\Contracts\View\View;
-use \Illuminate\Http\RedirectResponse;
-use Symfony\Component\HttpFoundation\StreamedResponse;
-use Symfony\Component\HttpFoundation\BinaryFileResponse;
-
-class AssetFilesController extends Controller
-{
-    /**
-     * Upload a file to the server.
-     *
-     * @param UploadFileRequest $request
-     * @param int $assetId
-     * @return \Illuminate\Http\RedirectResponse
-     * @throws \Illuminate\Auth\Access\AuthorizationException
-     *@since [v1.0]
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     */
-    public function store(UploadFileRequest $request, Asset $asset) : RedirectResponse
-    {
-
-        $this->authorize('update', $asset);
-
-        if ($request->hasFile('file')) {
-            if (! Storage::exists('private_uploads/assets')) {
-                Storage::makeDirectory('private_uploads/assets', 775);
-            }
-
-            foreach ($request->file('file') as $file) {
-                $file_name = $request->handleFile('private_uploads/assets/','hardware-'.$asset->id, $file);
-                
-                $asset->logUpload($file_name, $request->get('notes'));
-            }
-
-            return redirect()->back()->withFragment('files')->with('success', trans('admin/hardware/message.upload.success'));
-        }
-
-        return redirect()->back()->with('error', trans('admin/hardware/message.upload.nofiles'));
-    }
-
-    /**
-     * Check for permissions and display the file.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @param  int $assetId
-     * @param  int $fileId
-     * @since [v1.0]
-     */
-    public function show(Asset $asset, $fileId = null) : View | RedirectResponse | Response | StreamedResponse | BinaryFileResponse
-    {
-
-        $this->authorize('view', $asset);
-
-        if ($log = Actionlog::whereNotNull('filename')->where('item_id', $asset->id)->find($fileId)) {
-            $file = 'private_uploads/assets/'.$log->filename;
-
-            if ($log->action_type == 'audit') {
-                $file = 'private_uploads/audits/'.$log->filename;
-            }
-
-            try {
-                 return StorageHelper::showOrDownloadFile($file, $log->filename);
-            } catch (\Exception $e) {
-                return redirect()->route('hardware.show', $asset)->with('error', trans('general.file_not_found'));
-            }
-
-        }
-
-        return redirect()->route('hardware.show', $asset)->with('error', trans('general.log_record_not_found'));
-
-
-    }
-
-    /**
-     * Delete the associated file
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @param  int $assetId
-     * @param  int $fileId
-     * @since [v1.0]
-     */
-    public function destroy(Asset $asset, $fileId = null) : RedirectResponse
-    {
-        $this->authorize('update', $asset);
-        $rel_path = 'private_uploads/assets';
-
-        if ($log = Actionlog::find($fileId)) {
-            if (Storage::exists($rel_path.'/'.$log->filename)) {
-                Storage::delete($rel_path.'/'.$log->filename);
-            }
-            $log->delete();
-            return redirect()->back()->withFragment('files')->with('success', trans('admin/hardware/message.deletefile.success'));
-        }
-
-        return redirect()->route('hardware.show', $asset)->with('error', trans('general.log_record_not_found'));
-    }
-
-}
--- a/app/Http/Controllers/Assets/AssetsController.php
+++ b/app/Http/Controllers/Assets/AssetsController.php
@@ -157,8 +157,16 @@ class AssetsController extends Controller
                $asset->location_id = $request->input('rtd_location_id', null);
            }

-            // Create the image (if one was chosen.)
-            if ($request->has('image')) {
+            if ($request->has('use_cloned_image')) {
+                $cloned_model_img = Asset::select('image')->find($request->input('clone_image_from_id'));
+                if ($cloned_model_img) {
+                    $new_image_name = 'clone-'.date('U').'-'.$cloned_model_img->image;
+                    $new_image = 'assets/'.$new_image_name;
+                    Storage::disk('public')->copy('assets/'.$cloned_model_img->image, $new_image);
+                    $asset->image = $new_image_name;
+                }
+
+            } else {
                $asset = $request->handleImages($asset);
            }

@@ -226,25 +234,32 @@ class AssetsController extends Controller
                $failures[] = join(",", $asset->getErrors()->all());
            }
        }
+        if($request->get('redirect_option') === 'back'){
+            session()->put(['redirect_option' => 'index']);
+        } else {
+            session()->put(['redirect_option' => $request->get('redirect_option')]);
+        }
+
+        session()->put(['checkout_to_type' => $request->get('checkout_to_type'),
+                       'other_redirect' =>  'model' ]);

-        session()->put(['redirect_option' => $request->get('redirect_option'), 'checkout_to_type' => $request->get('checkout_to_type')]);


        if ($successes) {
            if ($failures) {
                //some succeeded, some failed
-                return redirect()->to(Helper::getRedirectOption($request, $asset->id, 'Assets')) //FIXME - not tested
+                return Helper::getRedirectOption($request, $asset->id, 'Assets') //FIXME - not tested
                ->with('success-unescaped', trans_choice('admin/hardware/message.create.multi_success_linked', $successes, ['links' => join(", ", $successes)]))
                    ->with('warning', trans_choice('admin/hardware/message.create.partial_failure', $failures, ['failures' => join("; ", $failures)]));
            } else {
                if (count($successes) == 1) {
                    //the most common case, keeping it so we don't have to make every use of that translation string be trans_choice'ed
                    //and re-translated
-                    return redirect()->to(Helper::getRedirectOption($request, $asset->id, 'Assets'))
+                    return Helper::getRedirectOption($request, $asset->id, 'Assets')
                        ->with('success-unescaped', trans('admin/hardware/message.create.success_linked', ['link' => route('hardware.show', $asset), 'id', 'tag' => e($asset->asset_tag)]));
                } else {
                    //multi-success
-                    return redirect()->to(Helper::getRedirectOption($request, $asset->id, 'Assets'))
+                    return Helper::getRedirectOption($request, $asset->id, 'Assets')
                        ->with('success-unescaped', trans_choice('admin/hardware/message.create.multi_success_linked', $successes, ['links' => join(", ", $successes)]));
                }
            }
@@ -265,6 +280,7 @@ class AssetsController extends Controller
    public function edit(Asset $asset) : View | RedirectResponse
    {
        $this->authorize($asset);
+        session()->put('back_url', url()->previous());
        return view('hardware/edit')
            ->with('item', $asset)
            ->with('statuslabel_list', Helper::statusLabelList())
@@ -408,6 +424,9 @@ class AssetsController extends Controller
        $model = AssetModel::find($request->get('model_id'));
        if (($model) && ($model->fieldset)) {
            foreach ($model->fieldset->fields as $field) {
+                if ($field->element == 'checkbox' && !$request->has($field->db_column)) {
+                    $asset->{$field->db_column} = null;
+                }
                if ($request->has($field->db_column)) {
                    if ($field->field_encrypted == '1') {
                        if (Gate::allows('assets.view.encrypted_custom_fields')) {
@@ -427,11 +446,15 @@ class AssetsController extends Controller
                }
            }
        }
+        session()->put([
+            'redirect_option' => $request->get('redirect_option'),
+            'checkout_to_type' => $request->get('checkout_to_type'),
+            'other_redirect' => $request->get('redirect_option') === 'other_redirect' ? 'model' : null,
+        ]);

-        session()->put(['redirect_option' => $request->get('redirect_option'), 'checkout_to_type' => $request->get('checkout_to_type')]);

        if ($asset->save()) {
-            return redirect()->to(Helper::getRedirectOption($request, $asset->id, 'Assets'))
+            return Helper::getRedirectOption($request, $asset->id, 'Assets')
                ->with('success', trans('admin/hardware/message.update.success'));
        }

@@ -636,8 +659,9 @@ class AssetsController extends Controller
     */
    public function getClone(Asset $asset)
    {
-        $this->authorize('create', $asset);
+        $this->authorize('create', Asset::class);
        $cloned = clone $asset;
+        $cloned_model = $asset;
        $cloned->id = null;
        $cloned->asset_tag = '';
        $cloned->serial = '';
@@ -647,6 +671,7 @@ class AssetsController extends Controller
        return view('hardware/edit')
            ->with('statuslabel_list', Helper::statusLabelList())
            ->with('statuslabel_types', Helper::statusTypeList())
+            ->with('cloned_model', $cloned_model)
            ->with('item', $cloned);
    }

@@ -996,7 +1021,7 @@ class AssetsController extends Controller
            }

            $asset->logAudit($request->input('note'), $request->input('location_id'), $file_name, $originalValues);
-            return redirect()->to(Helper::getRedirectOption($request, $asset->id, 'Assets'))->with('success', trans('admin/hardware/message.audit.success'));
+            return Helper::getRedirectOption($request, $asset->id, 'Assets')->with('success', trans('admin/hardware/message.audit.success'));
        }

        return redirect()->back()->withInput()->withErrors($asset->getErrors());
--- a/app/Http/Controllers/Assets/BulkAssetsController.php
+++ b/app/Http/Controllers/Assets/BulkAssetsController.php
@@ -112,11 +112,47 @@ class BulkAssetsController extends Controller
        // This handles all of the pivot sorting below (versus the assets.* fields in the allowed_columns array)
        $column_sort = in_array($sort_override, $allowed_columns) ? $sort_override : 'assets.id';

-        $assets = Asset::with('assignedTo', 'location', 'model')
+        $query = Asset::with('assignedTo', 'location', 'model')
                ->whereIn('assets.id', $asset_ids)
                ->withTrashed();

-        $assets = $assets->get();
+
+        switch ($sort_override) {
+            case 'model':
+                $query->OrderModels($order);
+                break;
+            case 'model_number':
+                $query->OrderModelNumber($order);
+                break;
+            case 'category':
+                $query->OrderCategory($order);
+                break;
+            case 'manufacturer':
+                $query->OrderManufacturer($order);
+                break;
+            case 'company':
+                $query->OrderCompany($order);
+                break;
+            case 'location':
+                $query->OrderLocation($order);
+                break;
+            case 'rtd_location':
+                $query->OrderRtdLocation($order);
+                break;
+            case 'status_label':
+                $query->OrderStatus($order);
+                break;
+            case 'supplier':
+                $query->OrderSupplier($order);
+                break;
+            case 'assigned_to':
+                $query->OrderAssigned($order);
+                break;
+            default:
+                $query->orderBy($column_sort, $order);
+                break;
+        }
+        $assets = $query->get();

        if ($assets->isEmpty()) {
            Log::debug('No assets were found for the provided IDs', ['ids' => $asset_ids]);
@@ -125,6 +161,7 @@ class BulkAssetsController extends Controller

        $models = $assets->unique('model_id');
        $modelNames = [];
+
        foreach($models as $model) {
            $modelNames[] = $model->model->name;
        }
@@ -160,7 +197,6 @@ class BulkAssetsController extends Controller

                case 'edit':
                    $this->authorize('update', Asset::class);
-
                    return view('hardware/bulk')
                        ->with('assets', $asset_ids)
                        ->with('statuslabel_list', Helper::statusLabelList())
@@ -169,40 +205,7 @@ class BulkAssetsController extends Controller
            }
        }

-        switch ($sort_override) {
-            case 'model':
-                $assets->OrderModels($order);
-                break;
-            case 'model_number':
-                $assets->OrderModelNumber($order);
-                break;
-            case 'category':
-                $assets->OrderCategory($order);
-                break;
-            case 'manufacturer':
-                $assets->OrderManufacturer($order);
-                break;
-            case 'company':
-                $assets->OrderCompany($order);
-                break;
-            case 'location':
-                $assets->OrderLocation($order);
-            case 'rtd_location':
-                $assets->OrderRtdLocation($order);
-                break;
-            case 'status_label':
-                $assets->OrderStatus($order);
-                break;
-            case 'supplier':
-                $assets->OrderSupplier($order);
-                break;
-            case 'assigned_to':
-                $assets->OrderAssigned($order);
-                break;
-            default:
-                $assets->orderBy($column_sort, $order);
-                break;
-        }
+

        return redirect()->back()->with('error', 'No action selected');
    }
@@ -221,11 +224,8 @@ class BulkAssetsController extends Controller
        $error_array = array();

        // Get the back url from the session and then destroy the session
-        $bulk_back_url = route('hardware.index');

-        if ($request->session()->has('bulk_back_url')) {
-            $bulk_back_url = $request->session()->pull('bulk_back_url');
-        }
+        $bulk_back_url = $request->session()->pull('bulk_back_url', url()->previous());

       $custom_field_columns = CustomField::all()->pluck('db_column')->toArray();

@@ -281,6 +281,7 @@ class BulkAssetsController extends Controller
            || ($request->filled('null_expected_checkin_date'))
            || ($request->filled('null_next_audit_date'))
            || ($request->filled('null_asset_eol_date'))
+            || ($request->filled('null_notes'))
            || ($request->anyFilled($custom_field_columns))
            || ($request->anyFilled(array_keys($null_custom_fields_inputs)))

@@ -305,7 +306,8 @@ class BulkAssetsController extends Controller
                    ->conditionallyAddItem('supplier_id')
                    ->conditionallyAddItem('warranty_months')
                    ->conditionallyAddItem('next_audit_date')
-                    ->conditionallyAddItem('asset_eol_date');
+                    ->conditionallyAddItem('asset_eol_date')
+                    ->conditionallyAddItem('notes');
                    foreach ($custom_field_columns as $key => $custom_field_column) {
                        $this->conditionallyAddItem($custom_field_column); 
                   }
@@ -362,6 +364,10 @@ class BulkAssetsController extends Controller
                    }
                }

+                if ($request->input('null_notes')=='1') {
+                    $this->update_array['notes'] = null;
+                }
+


                if ($request->filled('purchase_cost')) {
@@ -534,7 +540,13 @@ class BulkAssetsController extends Controller
            } // end asset foreach

            if ($has_errors > 0) {
-                return redirect($bulk_back_url)->with('bulk_asset_errors', $error_array);
+                session()->put('bulkedit_ids', $request->input('ids'));
+                session()->put('bulk_asset_errors',$error_array);
+
+                return redirect()
+                    ->route('hardware.index')
+                    ->with('bulk_asset_errors', $error_array)
+                    ->withInput();
            }

            return redirect($bulk_back_url)->with('success', trans('admin/hardware/message.update.success'));
@@ -726,4 +738,33 @@ class BulkAssetsController extends Controller
         }
        return false;
    }
+
+    public function bulkEditForm(): View|RedirectResponse
+    {
+        $this->authorize('update', Asset::class);
+
+        $asset_ids = session()->pull('bulkedit_ids', []);
+
+        if (empty($asset_ids)) {
+            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.update.no_assets_selected'));
+        }
+
+        $assets = Asset::with('model')->withTrashed()->whereIn('id', $asset_ids)->get();
+
+        if ($assets->isEmpty()) {
+            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.update.assets_do_not_exist_or_are_invalid'));
+        }
+
+        $models = $assets->unique('model_id');
+        $modelNames = [];
+        foreach ($models as $model) {
+            $modelNames[] = $model->model->name;
+        }
+
+        return view('hardware/bulk')
+            ->with('assets', $asset_ids)
+            ->with('statuslabel_list', Helper::statusLabelList())
+            ->with('models', $models->pluck(['model']))
+            ->with('modelNames', $modelNames);
+    }
 }
--- a/app/Http/Controllers/CategoriesController.php
+++ b/app/Http/Controllers/CategoriesController.php
@@ -68,6 +68,7 @@ class CategoriesController extends Controller
        $category->eula_text = $request->input('eula_text');
        $category->use_default_eula = $request->input('use_default_eula', '0');
        $category->require_acceptance = $request->input('require_acceptance', '0');
+        $category->alert_on_response = $request->input('alert_on_response', '0');
        $category->checkin_email = $request->input('checkin_email', '0');
        $category->notes = $request->input('notes');
        $category->created_by = auth()->id();
@@ -121,6 +122,7 @@ class CategoriesController extends Controller
        $category->eula_text = $request->input('eula_text');
        $category->use_default_eula = $request->input('use_default_eula', '0');
        $category->require_acceptance = $request->input('require_acceptance', '0');
+        $category->alert_on_response = $request->input('alert_on_response', '0');
        $category->checkin_email = $request->input('checkin_email', '0');
        $category->notes = $request->input('notes');

--- a/app/Http/Controllers/CompaniesController.php
+++ b/app/Http/Controllers/CompaniesController.php
@@ -123,11 +123,13 @@ final class CompaniesController extends Controller
     */
    public function destroy($companyId) : RedirectResponse
    {
+
        if (is_null($company = Company::find($companyId))) {
            return redirect()->route('companies.index')
                ->with('error', trans('admin/companies/message.not_found'));
        }

+
        $this->authorize('delete', $company);
        if (! $company->isDeletable()) {
            return redirect()->route('companies.index')
--- a/app/Http/Controllers/Components/ComponentCheckinController.php
+++ b/app/Http/Controllers/Components/ComponentCheckinController.php
@@ -100,8 +100,8 @@ class ComponentCheckinController extends Controller

            session()->put(['redirect_option' => $request->get('redirect_option')]);

-            return redirect()->to(Helper::getRedirectOption($request, $component->id, 'Components'))->with('success',
-                trans('admin/components/message.checkin.success'));
+            return Helper::getRedirectOption($request, $component->id, 'Components')
+                ->with('success', trans('admin/components/message.checkin.success'));
        }

        return redirect()->route('components.index')->with('error', trans('admin/components/message.does_not_exist'));
--- a/app/Http/Controllers/Components/ComponentCheckoutController.php
+++ b/app/Http/Controllers/Components/ComponentCheckoutController.php
@@ -120,6 +120,7 @@ class ComponentCheckoutController extends Controller

        session()->put(['redirect_option' => $request->get('redirect_option'), 'checkout_to_type' => $request->get('checkout_to_type')]);

-        return redirect()->to(Helper::getRedirectOption($request, $component->id, 'Components'))->with('success', trans('admin/components/message.checkout.success'));
+        return Helper::getRedirectOption($request, $component->id, 'Components')
+            ->with('success', trans('admin/components/message.checkout.success'));
    }
 }
--- a/app/Http/Controllers/Components/ComponentsController.php
+++ b/app/Http/Controllers/Components/ComponentsController.php
@@ -88,10 +88,16 @@ class ComponentsController extends Controller

        $component = $request->handleImages($component);

+        if($request->get('redirect_option') === 'back'){
+            session()->put(['redirect_option' => 'index']);
+        } else {
            session()->put(['redirect_option' => $request->get('redirect_option')]);
+        }
+

        if ($component->save()) {
-            return redirect()->to(Helper::getRedirectOption($request, $component->id, 'Components'))->with('success', trans('admin/components/message.create.success'));
+            return Helper::getRedirectOption($request, $component->id, 'Components')
+                ->with('success', trans('admin/components/message.create.success'));
        }

        return redirect()->back()->withInput()->withErrors($component->getErrors());
@@ -111,6 +117,7 @@ class ComponentsController extends Controller
    {

            $this->authorize('update', $component);
+            session()->put('back_url', url()->previous());
            return view('components/edit')
                ->with('item', $component)
                ->with('category_type', 'component');
@@ -164,7 +171,8 @@ class ComponentsController extends Controller
        session()->put(['redirect_option' => $request->get('redirect_option')]);

        if ($component->save()) {
-            return redirect()->to(Helper::getRedirectOption($request, $component->id, 'Components'))->with('success', trans('admin/components/message.update.success'));
+            return Helper::getRedirectOption($request, $component->id, 'Components')
+                ->with('success', trans('admin/components/message.update.success'));
        }

        return redirect()->back()->withInput()->withErrors($component->getErrors());
--- a/app/Http/Controllers/Components/ComponentsFilesController.php
+++ b/app/Http/Controllers/Components/ComponentsFilesController.php
@@ -1,138 +0,0 @@
-<?php
-
-namespace App\Http\Controllers\Components;
-
-use App\Helpers\StorageHelper;
-use App\Http\Controllers\Controller;
-use App\Http\Requests\UploadFileRequest;
-use App\Models\Actionlog;
-use App\Models\Component;
-use Illuminate\Support\Facades\Response;
-use Illuminate\Support\Facades\Storage;
-use Symfony\Component\HttpFoundation\JsonResponse;
-use Illuminate\Support\Facades\Log;
-
-class ComponentsFilesController extends Controller
-{
-    /**
-     * Validates and stores files associated with a component.
-     *
-     * @param UploadFileRequest $request
-     * @param int $componentId
-     * @return \Illuminate\Http\RedirectResponse
-     * @throws \Illuminate\Auth\Access\AuthorizationException
-     *@author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v1.0]
-     * @todo Switch to using the AssetFileRequest form request validator.
-     */
-    public function store(UploadFileRequest $request, $componentId = null)
-    {
-
-        if (config('app.lock_passwords')) {
-            return redirect()->route('components.show', ['component'=>$componentId])->with('error', trans('general.feature_disabled'));
-        }
-
-        $component = Component::find($componentId);
-
-        if (isset($component->id)) {
-            $this->authorize('update', $component);
-
-            if ($request->hasFile('file')) {
-                if (! Storage::exists('private_uploads/components')) {
-                    Storage::makeDirectory('private_uploads/components', 775);
-                }
-
-                foreach ($request->file('file') as $file) {
-                    $file_name = $request->handleFile('private_uploads/components/','component-'.$component->id, $file);
-
-                    //Log the upload to the log
-                    $component->logUpload($file_name, e($request->input('notes')));
-                }
-
-
-                return redirect()->route('components.show', $component->id)->withFragment('files')->with('success', trans('general.file_upload_success'));
-
-            }
-
-            return redirect()->route('components.show', $component->id)->with('error', trans('general.no_files_uploaded'));
-        }
-        // Prepare the error message
-        return redirect()->route('components.index')
-            ->with('error', trans('general.file_does_not_exist'));
-    }
-
-    /**
-     * Deletes the selected component file.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v1.0]
-     * @param int $componentId
-     * @param int $fileId
-     * @return \Illuminate\Http\RedirectResponse
-     * @throws \Illuminate\Auth\Access\AuthorizationException
-     */
-    public function destroy($componentId = null, $fileId = null)
-    {
-        $component = Component::find($componentId);
-
-        // the asset is valid
-        if (isset($component->id)) {
-            $this->authorize('update', $component);
-            $log = Actionlog::find($fileId);
-
-            // Remove the file if one exists
-            if (Storage::exists('components/'.$log->filename)) {
-                try {
-                    Storage::delete('components/'.$log->filename);
-                } catch (\Exception $e) {
-                    Log::debug($e);
-                }
-            }
-
-            $log->delete();
-
-            return redirect()->back()->withFragment('files')
-                ->with('success', trans('admin/hardware/message.deletefile.success'));
-        }
-
-        // Redirect to the licence management page
-        return redirect()->route('components.index')->with('error', trans('general.file_does_not_exist'));
-    }
-
-    /**
-     * Allows the selected file to be viewed.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v1.4]
-     * @param int $componentId
-     * @param int $fileId
-     * @return \Symfony\Component\HttpFoundation\Response
-     * @throws \Illuminate\Auth\Access\AuthorizationException
-     */
-    public function show($componentId = null, $fileId = null)
-    {
-        Log::debug('Private filesystem is: '.config('filesystems.default'));
-
-
-        // the component is valid
-        if ($component = Component::find($componentId)) {
-            $this->authorize('view', $component);
-            $this->authorize('components.files', $component);
-
-            if ($log = Actionlog::whereNotNull('filename')->where('item_id', $component->id)->find($fileId)) {
-
-                $file = 'private_uploads/components/'.$log->filename;
-
-                try {
-                    return StorageHelper::showOrDownloadFile($file, $log->filename);
-                } catch (\Exception $e) {
-                    return redirect()->route('components.show', ['component' => $component])->with('error',  trans('general.file_not_found'));
-                }
-            }
-            return redirect()->route('components.show', ['component' => $component])->with('error',  trans('general.log_record_not_found'));
-
-        }
-
-        return redirect()->route('components.index')->with('error', trans('general.file_does_not_exist', ['id' => $fileId]));
-    }
-}
--- a/app/Http/Controllers/Consumables/ConsumableCheckoutController.php
+++ b/app/Http/Controllers/Consumables/ConsumableCheckoutController.php
@@ -111,6 +111,7 @@ class ConsumableCheckoutController extends Controller


        // Redirect to the new consumable page
-        return redirect()->to(Helper::getRedirectOption($request, $consumable->id, 'Consumables'))->with('success', trans('admin/consumables/message.checkout.success'));
+        return Helper::getRedirectOption($request, $consumable->id, 'Consumables')
+            ->with('success', trans('admin/consumables/message.checkout.success'));
    }
 }
--- a/app/Http/Controllers/Consumables/ConsumablesController.php
+++ b/app/Http/Controllers/Consumables/ConsumablesController.php
@@ -7,7 +7,7 @@ use App\Http\Controllers\Controller;
 use App\Http\Requests\ImageUploadRequest;
 use App\Models\Company;
 use App\Models\Consumable;
-use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Facades\Validator;
 use Illuminate\Http\RedirectResponse;
 use \Illuminate\Contracts\View\View;
@@ -85,12 +85,29 @@ class ConsumablesController extends Controller
        $consumable->notes                  = $request->input('notes');


-        $consumable = $request->handleImages($consumable);
+        if ($request->has('use_cloned_image')) {
+            $cloned_model_img = Consumable::select('image')->find($request->input('clone_image_from_id'));
+            if ($cloned_model_img) {
+                $new_image_name = 'clone-'.date('U').'-'.$cloned_model_img->image;
+                $new_image = 'consumables/'.$new_image_name;
+                Storage::disk('public')->copy('consumables/'.$cloned_model_img->image, $new_image);
+                $consumable->image = $new_image_name;
+            }

+        } else {
+            $consumable = $request->handleImages($consumable);
+        }
+
+        if($request->get('redirect_option') === 'back'){
+            session()->put(['redirect_option' => 'index']);
+        } else {
            session()->put(['redirect_option' => $request->get('redirect_option')]);
+        }
+

        if ($consumable->save()) {
-            return redirect()->to(Helper::getRedirectOption($request, $consumable->id, 'Consumables'))->with('success', trans('admin/consumables/message.create.success'));
+            return Helper::getRedirectOption($request, $consumable->id, 'Consumables')
+                ->with('success', trans('admin/consumables/message.create.success'));
        }

        return redirect()->back()->withInput()->withErrors($consumable->getErrors());
@@ -107,6 +124,7 @@ class ConsumablesController extends Controller
    public function edit(Consumable $consumable) : View | RedirectResponse
    {
            $this->authorize($consumable);
+            session()->put('back_url', url()->previous());
            return view('consumables/edit')
                ->with('item', $consumable)
                ->with('category_type', 'consumable');
@@ -160,7 +178,8 @@ class ConsumablesController extends Controller
        session()->put(['redirect_option' => $request->get('redirect_option')]);

        if ($consumable->save()) {
-            return redirect()->to(Helper::getRedirectOption($request, $consumable->id, 'Consumables'))->with('success', trans('admin/consumables/message.update.success'));
+            return Helper::getRedirectOption($request, $consumable->id, 'Consumables')
+                ->with('success', trans('admin/consumables/message.update.success'));
        }

        return redirect()->back()->withInput()->withErrors($consumable->getErrors());
@@ -210,9 +229,10 @@ class ConsumablesController extends Controller
        $consumable_to_close = $consumable;
        $consumable = clone $consumable_to_close;
        $consumable->id = null;
-        $consumable->image = null;
        $consumable->created_by = null;

-        return view('consumables/edit')->with('item', $consumable);
+        return view('consumables/edit')
+            ->with('cloned_model', $consumable_to_close)
+            ->with('item', $consumable);
    }
 }
--- a/app/Http/Controllers/Consumables/ConsumablesFilesController.php
+++ b/app/Http/Controllers/Consumables/ConsumablesFilesController.php
@@ -1,134 +0,0 @@
-<?php
-
-namespace App\Http\Controllers\Consumables;
-
-use App\Helpers\StorageHelper;
-use App\Http\Controllers\Controller;
-use App\Http\Requests\UploadFileRequest;
-use App\Models\Actionlog;
-use App\Models\Consumable;
-use Illuminate\Support\Facades\Response;
-use Illuminate\Support\Facades\Storage;
-use Symfony\Consumable\HttpFoundation\JsonResponse;
-use Illuminate\Support\Facades\Log;
-class ConsumablesFilesController extends Controller
-{
-    /**
-     * Validates and stores files associated with a consumable.
-     *
-     * @param UploadFileRequest $request
-     * @param int $consumableId
-     * @return \Illuminate\Http\RedirectResponse
-     * @throws \Illuminate\Auth\Access\AuthorizationException
-     *@author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v1.0]
-     * @todo Switch to using the AssetFileRequest form request validator.
-     */
-    public function store(UploadFileRequest $request, $consumableId = null)
-    {
-        if (config('app.lock_passwords')) {
-            return redirect()->route('consumables.show', ['consumable'=>$consumableId])->with('error', trans('general.feature_disabled'));
-        }
-
-        $consumable = Consumable::find($consumableId);
-
-        if (isset($consumable->id)) {
-            $this->authorize('update', $consumable);
-
-            if ($request->hasFile('file')) {
-                if (! Storage::exists('private_uploads/consumables')) {
-                    Storage::makeDirectory('private_uploads/consumables', 775);
-                }
-
-                foreach ($request->file('file') as $file) {
-                    $file_name = $request->handleFile('private_uploads/consumables/','consumable-'.$consumable->id, $file);
-
-                    //Log the upload to the log
-                    $consumable->logUpload($file_name, e($request->input('notes')));
-                }
-
-
-                return redirect()->route('consumables.show', $consumable->id)->withFragment('files')->with('success', trans('general.file_upload_success'));
-
-            }
-
-            return redirect()->route('consumables.show', $consumable->id)->with('error', trans('general.no_files_uploaded'));
-        }
-        // Prepare the error message
-        return redirect()->route('consumables.index')
-            ->with('error', trans('general.file_does_not_exist'));
-    }
-
-    /**
-     * Deletes the selected consumable file.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v1.0]
-     * @param int $consumableId
-     * @param int $fileId
-     * @return \Illuminate\Http\RedirectResponse
-     * @throws \Illuminate\Auth\Access\AuthorizationException
-     */
-    public function destroy($consumableId = null, $fileId = null)
-    {
-        $consumable = Consumable::find($consumableId);
-
-        // the asset is valid
-        if (isset($consumable->id)) {
-            $this->authorize('update', $consumable);
-            $log = Actionlog::find($fileId);
-
-            // Remove the file if one exists
-            if (Storage::exists('consumables/'.$log->filename)) {
-                try {
-                    Storage::delete('consumables/'.$log->filename);
-                } catch (\Exception $e) {
-                    Log::debug($e);
-                }
-            }
-
-            $log->delete();
-
-            return redirect()->back()->withFragment('files')
-                ->with('success', trans('admin/hardware/message.deletefile.success'));
-        }
-
-        // Redirect to the licence management page
-        return redirect()->route('consumables.index')->with('error', trans('general.file_does_not_exist'));
-    }
-
-    /**
-     * Allows the selected file to be viewed.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v1.4]
-     * @param int $consumableId
-     * @param int $fileId
-     * @throws \Illuminate\Auth\Access\AuthorizationException
-     */
-    public function show($consumableId = null, $fileId = null)
-    {
-        $consumable = Consumable::find($consumableId);
-
-        // the consumable is valid
-        if (isset($consumable->id)) {
-            $this->authorize('view', $consumable);
-            $this->authorize('consumables.files', $consumable);
-
-            if ($log = Actionlog::whereNotNull('filename')->where('item_id', $consumable->id)->find($fileId)) {
-                $file = 'private_uploads/consumables/'.$log->filename;
-
-                try {
-                    return StorageHelper::showOrDownloadFile($file, $log->filename);
-                } catch (\Exception $e) {
-                    return redirect()->route('consumables.show', ['consumable' => $consumable])->with('error',  trans('general.file_not_found'));
-                }
-            }
-            // The log record doesn't exist somehow
-            return redirect()->route('consumables.show', ['consumable' => $consumable])->with('error',  trans('general.log_record_not_found'));
-
-        }
-
-        return redirect()->route('consumables.index')->with('error', trans('general.file_does_not_exist', ['id' => $fileId]));
-    }
-}
--- a/app/Http/Controllers/Controller.php
+++ b/app/Http/Controllers/Controller.php
@@ -22,6 +22,15 @@

 namespace App\Http\Controllers;

+use App\Models\Accessory;
+use App\Models\Asset;
+use App\Models\AssetModel;
+use App\Models\Component;
+use App\Models\Consumable;
+use App\Models\License;
+use App\Models\Location;
+use App\Models\Maintenance;
+use App\Models\User;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
 use Illuminate\Foundation\Bus\DispatchesJobs;
@@ -32,6 +41,45 @@ abstract class Controller extends BaseController
 {
    use AuthorizesRequests, DispatchesJobs, ValidatesRequests;

+    static $map_object_type = [
+        'accessories' => Accessory::class,
+        'maintenances' => Maintenance::class,
+        'assets' => Asset::class,
+        'components' => Component::class,
+        'consumables' => Consumable::class,
+        'hardware' => Asset::class,
+        'licenses' => License::class,
+        'locations' => Location::class,
+        'models' => AssetModel::class,
+        'users' => User::class,
+    ];
+
+    static $map_storage_path = [
+        'accessories' => 'private_uploads/accessories/',
+        'maintenances' => 'private_uploads/maintenances/',
+        'assets' => 'private_uploads/assets/',
+        'components' => 'private_uploads/components/',
+        'consumables' => 'private_uploads/consumables/',
+        'hardware' => 'private_uploads/assets/',
+        'licenses' => 'private_uploads/licenses/',
+        'locations' => 'private_uploads/locations/',
+        'models' => 'private_uploads/models/',
+        'users' => 'private_uploads/users/',
+    ];
+
+    static $map_file_prefix= [
+        'accessories' => 'accessory',
+        'maintenances' => 'maintenance',
+        'assets' => 'asset',
+        'components' => 'component',
+        'consumables' => 'consumable',
+        'hardware' => 'asset',
+        'licenses' => 'license',
+        'locations' => 'location',
+        'models' => 'model',
+        'users' => 'user',
+    ];
+
    public function __construct()
    {
        view()->share('signedIn', Auth::check());
--- a/app/Http/Controllers/CustomFieldsController.php
+++ b/app/Http/Controllers/CustomFieldsController.php
@@ -144,10 +144,9 @@ class CustomFieldsController extends Controller
     */
    public function deleteFieldFromFieldset($field_id, $fieldset_id) : RedirectResponse
    {
+        $this->authorize('update', CustomField::class);
        $field = CustomField::find($field_id);

-        $this->authorize('update', $field);
-
        // Check that the field exists - this is mostly related to the demo, where we 
        // rewrite the data every x minutes, so it's possible someone might be disassociating 
        // a field from a fieldset just as we're wiping the database
@@ -157,11 +156,12 @@ class CustomFieldsController extends Controller
            return redirect()->route('fieldsets.show', ['fieldset' => $fieldset_id])
                ->with('success', trans('admin/custom_fields/message.field.delete.success'));
            } else {
-                return redirect()->back()->withErrors(['message' => "Field is in use and cannot be deleted."]);
+                return redirect()->back()->with('error', trans('admin/custom_fields/message.field.delete.error'))
+                    ->withInput();
            }
        }

-        return redirect()->back()->withErrors(['message' => "Error deleting field from fieldset"]);
+        return redirect()->back()->with('error', trans('admin/custom_fields/message.field.delete.error'));

       
    }
@@ -172,22 +172,18 @@ class CustomFieldsController extends Controller
     * @author [Brady Wetherington] [<uberbrady@gmail.com>]
     * @since [v1.8]
     */
-    public function destroy($field_id) : RedirectResponse
+    public function destroy(CustomField $field) : RedirectResponse
    {
-        if ($field = CustomField::find($field_id)) {
-            $this->authorize('delete', $field);
+        $this->authorize('delete', CustomField::class);

        if (($field->fieldset) && ($field->fieldset->count() > 0)) {
-                return redirect()->back()->withErrors(['message' => 'Field is in-use']);
+            return redirect()->back()->with('error', trans('admin/custom_fields/message.field.delete.in_use'));
        }
        $field->delete();
        return redirect()->route("fields.index")
            ->with("success", trans('admin/custom_fields/message.field.delete.success'));
    }

-        return redirect()->back()->withErrors(['message' => 'Field does not exist']);
-    }
-

    /**
     * Return a view to edit a custom field
@@ -198,7 +194,7 @@ class CustomFieldsController extends Controller
     */
    public function edit(Request $request, CustomField $field) : View | RedirectResponse
    {
-        $this->authorize('update', $field);
+        $this->authorize('update', CustomField::class);
        $fieldsets = CustomFieldset::get();
        $customFormat = '';
        if ((stripos($field->format, 'regex') === 0) && ($field->format !== CustomField::PREDEFINED_FORMATS['MAC'])) {
@@ -228,7 +224,7 @@ class CustomFieldsController extends Controller
     */
    public function update(CustomFieldRequest $request, CustomField $field) : RedirectResponse
    {
-        $this->authorize('update', $field);
+        $this->authorize('update', CustomField::class);
        $show_in_email = $request->get("show_in_email", 0);
        $display_in_user_view = $request->get("display_in_user_view", 0);

@@ -265,7 +261,6 @@ class CustomFieldsController extends Controller

        if ($field->save()) {

-
            // Sync fields with fieldsets
            $fieldset_array = $request->input('associate_fieldsets');
            if ($request->has('associate_fieldsets') && (is_array($fieldset_array))) {
--- a/app/Http/Controllers/Licenses/LicenseCheckinController.php
+++ b/app/Http/Controllers/Licenses/LicenseCheckinController.php
@@ -86,8 +86,10 @@ class LicenseCheckinController extends Controller
        }

        if($licenseSeat->assigned_to != null){
-            $return_to = User::find($licenseSeat->assigned_to);
+            $return_to = User::withTrashed()->find($licenseSeat->assigned_to);
+            if ($return_to) {
                session()->put('checkedInFrom', $return_to->id);
+            }
        } else {
            $return_to = Asset::find($licenseSeat->asset_id);
        }
@@ -98,14 +100,17 @@ class LicenseCheckinController extends Controller
        $licenseSeat->notes = $request->input('notes');

        session()->put(['redirect_option' => $request->get('redirect_option')]);
-
+        if ($request->get('redirect_option') === 'target'){
+            session()->put(['checkout_to_type' => 'user']);
+        }

        // Was the asset updated?
        if ($licenseSeat->save()) {
            event(new CheckoutableCheckedIn($licenseSeat, $return_to, auth()->user(), $request->input('notes')));


-            return redirect()->to(Helper::getRedirectOption($request, $license->id, 'Licenses'))->with('success', trans('admin/licenses/message.checkin.success'));
+            return Helper::getRedirectOption($request, $license->id, 'Licenses')
+                ->with('success', trans('admin/licenses/message.checkin.success'));
        }

        // Redirect to the license page with error
--- a/app/Http/Controllers/Licenses/LicenseCheckoutController.php
+++ b/app/Http/Controllers/Licenses/LicenseCheckoutController.php
@@ -89,7 +89,8 @@ class LicenseCheckoutController extends Controller


        if ($checkoutTarget) {
-            return redirect()->to(Helper::getRedirectOption($request, $license->id, 'Licenses'))->with('success', trans('admin/licenses/message.checkout.success'));
+            return Helper::getRedirectOption($request, $license->id, 'Licenses')
+                ->with('success', trans('admin/licenses/message.checkout.success'));
        }


--- a/app/Http/Controllers/Licenses/LicenseFilesController.php
+++ b/app/Http/Controllers/Licenses/LicenseFilesController.php
@@ -1,132 +0,0 @@
-<?php
-
-namespace App\Http\Controllers\Licenses;
-
-use App\Helpers\StorageHelper;
-use App\Http\Controllers\Controller;
-use App\Http\Requests\UploadFileRequest;
-use App\Models\Actionlog;
-use App\Models\License;
-use Illuminate\Support\Facades\Storage;
-use Illuminate\Support\Facades\Log;
-
-class LicenseFilesController extends Controller
-{
-    /**
-     * Validates and stores files associated with a license.
-     *
-     * @param UploadFileRequest $request
-     * @param int $licenseId
-     * @return \Illuminate\Http\RedirectResponse
-     * @throws \Illuminate\Auth\Access\AuthorizationException
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v1.0]
-     * @todo Switch to using the AssetFileRequest form request validator.
-     */
-    public function store(UploadFileRequest $request, $licenseId = null)
-    {
-        $license = License::find($licenseId);
-
-        if (isset($license->id)) {
-            $this->authorize('update', $license);
-
-            if ($request->hasFile('file')) {
-                if (! Storage::exists('private_uploads/licenses')) {
-                    Storage::makeDirectory('private_uploads/licenses', 775);
-                }
-
-                foreach ($request->file('file') as $file) {
-                    $file_name = $request->handleFile('private_uploads/licenses/','license-'.$license->id, $file);
-
-                    //Log the upload to the log
-                    $license->logUpload($file_name, e($request->input('notes')));
-                }
-
-
-                    return redirect()->route('licenses.show', $license->id)->with('success', trans('admin/licenses/message.upload.success'));
-
-            }
-
-            return redirect()->route('licenses.show', $license->id)->with('error', trans('admin/licenses/message.upload.nofiles'));
-        }
-        // Prepare the error message
-        return redirect()->route('licenses.index')
-            ->with('error', trans('admin/licenses/message.does_not_exist'));
-    }
-
-    /**
-     * Deletes the selected license file.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v1.0]
-     * @param int $licenseId
-     * @param int $fileId
-     * @return \Illuminate\Http\RedirectResponse
-     * @throws \Illuminate\Auth\Access\AuthorizationException
-     */
-    public function destroy($licenseId = null, $fileId = null)
-    {
-        if ($license = License::find($licenseId)) {
-
-            $this->authorize('update', $license);
-
-            if ($log = Actionlog::find($fileId)) {
-
-                // Remove the file if one exists
-                if (Storage::exists('licenses/'.$log->filename)) {
-                    try {
-                        Storage::delete('licenses/'.$log->filename);
-                    } catch (\Exception $e) {
-                        Log::debug($e);
-                    }
-                }
-                
-                $log->delete();
-
-                return redirect()->back()
-                    ->with('success', trans('admin/hardware/message.deletefile.success'));
-            }
-
-            return redirect()->route('licenses.index')->with('error', trans('general.log_does_not_exist'));
-        }
-
-        return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.does_not_exist'));
-    }
-
-    /**
-     * Allows the selected file to be viewed.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v1.4]
-     * @param int $licenseId
-     * @param int $fileId
-     * @return \Symfony\Component\HttpFoundation\Response
-     * @throws \Illuminate\Auth\Access\AuthorizationException
-     */
-    public function show($licenseId = null, $fileId = null, $download = true)
-    {
-        $license = License::find($licenseId);
-
-        // the license is valid
-        if (isset($license->id)) {
-            $this->authorize('view', $license);
-            $this->authorize('licenses.files', $license);
-
-            if ($log = Actionlog::whereNotNull('filename')->where('item_id', $license->id)->find($fileId)) {
-                $file = 'private_uploads/licenses/'.$log->filename;
-
-                try {
-                    return StorageHelper::showOrDownloadFile($file, $log->filename);
-                } catch (\Exception $e) {
-                    return redirect()->route('licenses.show', ['licenses' => $license])->with('error',  trans('general.file_not_found'));
-                }
-            }
-
-            // The log record doesn't exist somehow
-            return redirect()->route('licenses.show', ['licenses' => $license])->with('error',  trans('general.log_record_not_found'));
-
-        }
-
-        return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.does_not_exist', ['id' => $fileId]));
-    }
-}
--- a/app/Http/Controllers/Licenses/LicensesController.php
+++ b/app/Http/Controllers/Licenses/LicensesController.php
@@ -102,10 +102,15 @@ class LicensesController extends Controller
        $license->created_by           = auth()->id();
        $license->min_amt           = $request->input('min_amt');

+        if($request->get('redirect_option') === 'back'){
+            session()->put(['redirect_option' => 'index']);
+        } else {
            session()->put(['redirect_option' => $request->get('redirect_option')]);
+        }

        if ($license->save()) {
-            return redirect()->to(Helper::getRedirectOption($request, $license->id, 'Licenses'))->with('success', trans('admin/licenses/message.create.success'));
+            return Helper::getRedirectOption($request, $license->id, 'Licenses')
+                ->with('success', trans('admin/licenses/message.create.success'));
        }

        return redirect()->back()->withInput()->withErrors($license->getErrors());
@@ -125,7 +130,7 @@ class LicensesController extends Controller
    {

        $this->authorize('update', $license);
-
+        session()->put('back_url', url()->previous());
        $maintained_list = [
            '' => 'Maintained',
            '1' => 'Yes',
@@ -181,7 +186,8 @@ class LicensesController extends Controller
        session()->put(['redirect_option' => $request->get('redirect_option')]);

        if ($license->save()) {
-            return redirect()->to(Helper::getRedirectOption($request, $license->id, 'Licenses'))->with('success', trans('admin/licenses/message.update.success'));
+            return Helper::getRedirectOption($request, $license->id, 'Licenses')
+                ->with('success', trans('admin/licenses/message.update.success'));
        }
        // If we can't adjust the number of seats, the error is flashed to the session by the event handler in License.php
        return redirect()->back()->withInput()->withErrors($license->getErrors());
@@ -302,13 +308,16 @@ class LicensesController extends Controller
        $response = new StreamedResponse(function () {
            // Open output stream
            $handle = fopen('php://output', 'w');
-            $licenses= License::with('company',
+            $licenses = License::with('company',
                          'manufacturer',
                          'category',
                          'supplier',
                          'adminuser',
-                          'assignedusers')
-                          ->orderBy('created_at', 'DESC');
+                          'assignedusers');
+            if (request()->filled('category_id')) {
+                $licenses = $licenses->where('category_id', request()->input('category_id'));
+            }
+            $licenses = $licenses->orderBy('created_at', 'DESC');
            Company::scopeCompanyables($licenses)
                ->chunk(500, function ($licenses) use ($handle) {
                    $headers = [
--- a/app/Http/Controllers/LocationsController.php
+++ b/app/Http/Controllers/LocationsController.php
@@ -96,7 +96,18 @@ class LocationsController extends Controller
            $location->company_id = $request->input('company_id');
        }

+        if ($request->has('use_cloned_image')) {
+            $cloned_model_img = Location::select('image')->find($request->input('clone_image_from_id'));
+            if ($cloned_model_img) {
+                $new_image_name = 'clone-'.date('U').'-'.$cloned_model_img->image;
+                $new_image = 'locations/'.$new_image_name;
+                Storage::disk('public')->copy('locations/'.$cloned_model_img->image, $new_image);
+                $location->image = $new_image_name;
+            }
+
+        } else {
            $location = $request->handleImages($location);
+        }

        if ($location->save()) {
            return redirect()->route('locations.index')->with('success', trans('admin/locations/message.create.success'));
@@ -275,9 +286,9 @@ class LocationsController extends Controller

        // unset these values
        $location->id = null;
-        $location->image = null;

        return view('locations/edit')
+            ->with('cloned_model', $location_to_clone)
            ->with('item', $location);
    }

--- a/app/Http/Controllers/LocationsFilesController.php
+++ b/app/Http/Controllers/LocationsFilesController.php
@@ -1,111 +0,0 @@
-<?php
-
-namespace App\Http\Controllers;
-
-use App\Helpers\StorageHelper;
-use App\Http\Requests\UploadFileRequest;
-use App\Models\Actionlog;
-use App\Models\Location;
-use Illuminate\Http\RedirectResponse;
-use Illuminate\Http\Response;
-use Illuminate\Support\Facades\Storage;
-use \Symfony\Component\HttpFoundation\StreamedResponse;
-use Symfony\Component\HttpFoundation\BinaryFileResponse;
-
-class LocationsFilesController extends Controller
-{
-    /**
-     * Upload a file to the server.
-     *
-     * @param UploadFileRequest $request
-     * @param int $modelId
-     * @return \Illuminate\Http\RedirectResponse
-     * @throws \Illuminate\Auth\Access\AuthorizationException
-     *@since [v1.0]
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     */
-    public function store(UploadFileRequest $request, Location $location) : RedirectResponse
-    {
-        $this->authorize('update', $location);
-
-        if ($request->hasFile('file')) {
-
-            if (! Storage::exists('private_uploads/locations')) {
-                Storage::makeDirectory('private_uploads/locations', 775);
-            }
-
-            foreach ($request->file('file') as $file) {
-                $file_name = $request->handleFile('private_uploads/locations/','location-'.$location->id, $file);
-                $location->logUpload($file_name, $request->get('notes'));
-            }
-
-            return redirect()->back()->withFragment('files')->with('success', trans('general.file_upload_success'));
-        }
-
-        return redirect()->back()->withFragment('files')->with('error', trans('admin/hardware/message.upload.nofiles'));
-    }
-
-    /**
-     * Check for permissions and display the file.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @param  int $modelId
-     * @param  int $fileId
-     * @since [v1.0]
-     */
-    public function show(Location $location, $fileId = null) : StreamedResponse | Response | RedirectResponse | BinaryFileResponse
-    {
-
-        $this->authorize('view', $location);
-
-        if (! $log = Actionlog::find($fileId)) {
-            return redirect()->back()->withFragment('files')->with('error', 'No matching file record');
-        }
-
-        $file = 'private_uploads/locations/'.$log->filename;
-
-        if (! Storage::exists($file)) {
-            return redirect()->back()->withFragment('files')->with('error', 'No matching file on server');
-        }
-
-        if (request('inline') == 'true') {
-
-            $headers = [
-                'Content-Disposition' => 'inline',
-            ];
-
-            return Storage::download($file, $log->filename, $headers);
-        }
-
-        return StorageHelper::downloader($file);
-    }
-
-    /**
-     * Delete the associated file
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @param  int $modelId
-     * @param  int $fileId
-     * @since [v1.0]
-     */
-    public function destroy(Location $location, $fileId = null) : RedirectResponse
-    {
-        $rel_path = 'private_uploads/locations';
-        $this->authorize('update', $location);
-        $log = Actionlog::find($fileId);
-
-        if ($log) {
-
-            // This should be moved to purge
-//            if (Storage::exists($rel_path.'/'.$log->filename)) {
-//                Storage::delete($rel_path.'/'.$log->filename);
-//            }
-            $log->delete();
-
-            return redirect()->back()->withFragment('files')->with('success', trans('admin/hardware/message.deletefile.success'));
-        }
-
-        return redirect()->back()->withFragment('files')->with('success', trans('admin/hardware/message.deletefile.success'));
-
-    }
-}
--- a/app/Http/Controllers/AssetMaintenancesController.php
+++ b/app/Http/Controllers/AssetMaintenancesController.php
@@ -2,8 +2,9 @@

 namespace App\Http\Controllers;

+use App\Http\Requests\ImageUploadRequest;
 use App\Models\Asset;
-use App\Models\AssetMaintenance;
+use App\Models\Maintenance;
 use App\Models\Company;
 use Illuminate\Support\Facades\Auth;
 use Carbon\Carbon;
@@ -17,29 +18,23 @@ use \Illuminate\Http\RedirectResponse;
 *
 * @version    v2.0
 */
-class AssetMaintenancesController extends Controller
+class MaintenancesController extends Controller
 {

    /**
    *  Returns a view that invokes the ajax tables which actually contains
-    * the content for the asset maintenances listing, which is generated in getDatatable.
-    *
-    * @todo This should be replaced with middleware and/or policies
-    * @see AssetMaintenancesController::getDatatable() method that generates the JSON response
-    * @author  Vincent Sposato <vincent.sposato@gmail.com>
-    * @version v1.0
-    * @since [v1.8]
+    * the content for the asset maintenances listing.
    */
    public function index() : View
    {
        $this->authorize('view', Asset::class);
-        return view('asset_maintenances/index');
+        return view('maintenances.index');
    }

    /**
     *  Returns a form view to create a new asset maintenance.
     *
-     * @see AssetMaintenancesController::postCreate() method that stores the data
+     * @see MaintenancesController::postCreate() method that stores the data
     * @author  Vincent Sposato <vincent.sposato@gmail.com>
     * @version v1.0
     * @since [v1.8]
@@ -55,21 +50,21 @@ class AssetMaintenancesController extends Controller
            $asset->asset_id = $asset->id;
        }
        
-        return view('asset_maintenances/edit')
-                   ->with('assetMaintenanceType', AssetMaintenance::getImprovementOptions())
+        return view('maintenances/edit')
+                   ->with('maintenanceType', Maintenance::getImprovementOptions())
                   ->with('asset', $asset)
-                   ->with('item', new AssetMaintenance);
+                   ->with('item', new Maintenance);
    }

    /**
    *  Validates and stores the new asset maintenance
    *
-    * @see AssetMaintenancesController::getCreate() method for the form
+    * @see MaintenancesController::getCreate() method for the form
    * @author  Vincent Sposato <vincent.sposato@gmail.com>
    * @version v1.0
    * @since [v1.8]
    */
-    public function store(Request $request) : RedirectResponse
+    public function store(ImageUploadRequest $request) : RedirectResponse
    {
        $this->authorize('update', Asset::class);

@@ -78,72 +73,73 @@ class AssetMaintenancesController extends Controller
        // Loop through the selected assets
        foreach ($assets as $asset) {

-            $assetMaintenance = new AssetMaintenance();
-            $assetMaintenance->supplier_id = $request->input('supplier_id');
-            $assetMaintenance->is_warranty = $request->input('is_warranty');
-            $assetMaintenance->cost = $request->input('cost');
-            $assetMaintenance->notes = $request->input('notes');
+            $maintenance = new Maintenance();
+            $maintenance->supplier_id = $request->input('supplier_id');
+            $maintenance->is_warranty = $request->input('is_warranty');
+            $maintenance->cost = $request->input('cost');
+            $maintenance->notes = $request->input('notes');

            // Save the asset maintenance data
-            $assetMaintenance->asset_id = $asset->id;
-            $assetMaintenance->asset_maintenance_type = $request->input('asset_maintenance_type');
-            $assetMaintenance->title = $request->input('title');
-            $assetMaintenance->start_date = $request->input('start_date');
-            $assetMaintenance->completion_date = $request->input('completion_date');
-            $assetMaintenance->created_by = auth()->id();
+            $maintenance->asset_id = $asset->id;
+            $maintenance->asset_maintenance_type = $request->input('asset_maintenance_type');
+            $maintenance->name = $request->input('name');
+            $maintenance->start_date = $request->input('start_date');
+            $maintenance->completion_date = $request->input('completion_date');
+            $maintenance->created_by = auth()->id();

-            if (($assetMaintenance->completion_date !== null)
-                && ($assetMaintenance->start_date !== '')
-                && ($assetMaintenance->start_date !== '0000-00-00')
+            if (($maintenance->completion_date !== null)
+                && ($maintenance->start_date !== '')
+                && ($maintenance->start_date !== '0000-00-00')
            ) {
-                $startDate = Carbon::parse($assetMaintenance->start_date);
-                $completionDate = Carbon::parse($assetMaintenance->completion_date);
-                $assetMaintenance->asset_maintenance_time = (int) $completionDate->diffInDays($startDate, true);
+                $startDate = Carbon::parse($maintenance->start_date);
+                $completionDate = Carbon::parse($maintenance->completion_date);
+                $maintenance->asset_maintenance_time = (int) $completionDate->diffInDays($startDate, true);
            }

+            $maintenance = $request->handleImages($maintenance);

            // Was the asset maintenance created?
-            if (!$assetMaintenance->save()) {
-                return redirect()->back()->withInput()->withErrors($assetMaintenance->getErrors());
+            if (!$maintenance->save()) {
+                return redirect()->back()->withInput()->withErrors($maintenance->getErrors());
            }
        }

        return redirect()->route('maintenances.index')
-            ->with('success', trans('admin/asset_maintenances/message.create.success'));
+            ->with('success', trans('admin/maintenances/message.create.success'));

    }

    /**
    *  Returns a form view to edit a selected asset maintenance.
    *
-    * @see AssetMaintenancesController::postEdit() method that stores the data
+    * @see MaintenancesController::postEdit() method that stores the data
    * @author  Vincent Sposato <vincent.sposato@gmail.com>
    * @version v1.0
    * @since [v1.8]
    */
-    public function edit(AssetMaintenance $maintenance) : View | RedirectResponse
+    public function edit(Maintenance $maintenance) : View | RedirectResponse
    {
        $this->authorize('update', Asset::class);
        $this->authorize('update', $maintenance->asset);

-        return view('asset_maintenances/edit')
+        return view('maintenances/edit')
            ->with('selected_assets', $maintenance->asset->pluck('id')->toArray())
            ->with('asset_ids', request()->input('asset_ids', []))
-            ->with('assetMaintenanceType', AssetMaintenance::getImprovementOptions())
+            ->with('maintenanceType', Maintenance::getImprovementOptions())
            ->with('item', $maintenance);
    }

    /**
     *  Validates and stores an update to an asset maintenance
     *
-     * @see AssetMaintenancesController::postEdit() method that stores the data
+     * @see MaintenancesController::postEdit() method that stores the data
     * @author  Vincent Sposato <vincent.sposato@gmail.com>
     * @param Request $request
-     * @param int $assetMaintenanceId
+     * @param int $maintenanceId
     * @version v1.0
     * @since [v1.8]
     */
-    public function update(Request $request, AssetMaintenance $maintenance) : View | RedirectResponse
+    public function update(ImageUploadRequest $request, Maintenance $maintenance) : View | RedirectResponse
    {
        $this->authorize('update', Asset::class);
        $this->authorize('update', $maintenance->asset);
@@ -153,7 +149,7 @@ class AssetMaintenancesController extends Controller
        $maintenance->cost =  $request->input('cost');
        $maintenance->notes = $request->input('notes');
        $maintenance->asset_maintenance_type = $request->input('asset_maintenance_type');
-        $maintenance->title = $request->input('title');
+        $maintenance->name = $request->input('name');
        $maintenance->start_date = $request->input('start_date');
        $maintenance->completion_date = $request->input('completion_date');

@@ -176,10 +172,11 @@ class AssetMaintenancesController extends Controller
            $completionDate = Carbon::parse($maintenance->completion_date);
            $maintenance->asset_maintenance_time = (int) $completionDate->diffInDays($startDate, true);
        }
+        $maintenance = $request->handleImages($maintenance);

        if ($maintenance->save()) {
            return redirect()->route('maintenances.index')
-                            ->with('success', trans('admin/asset_maintenances/message.edit.success'));
+                            ->with('success', trans('admin/maintenances/message.edit.success'));
        }

        return redirect()->back()->withInput()->withErrors($maintenance->getErrors());
@@ -189,11 +186,11 @@ class AssetMaintenancesController extends Controller
    *  Delete an asset maintenance
    *
    * @author  Vincent Sposato <vincent.sposato@gmail.com>
-    * @param int $assetMaintenanceId
+    * @param int $maintenanceId
    * @version v1.0
    * @since [v1.8]
    */
-    public function destroy(AssetMaintenance $maintenance) : RedirectResponse
+    public function destroy(Maintenance $maintenance) : RedirectResponse
    {
        $this->authorize('update', Asset::class);
        $this->authorize('update', $maintenance->asset);
@@ -201,19 +198,19 @@ class AssetMaintenancesController extends Controller
        $maintenance->delete();
        // Redirect to the asset_maintenance management page
        return redirect()->route('maintenances.index')
-                       ->with('success', trans('admin/asset_maintenances/message.delete.success'));
+                       ->with('success', trans('admin/maintenances/message.delete.success'));
    }

    /**
    *  View an asset maintenance
    *
    * @author  Vincent Sposato <vincent.sposato@gmail.com>
-    * @param int $assetMaintenanceId
+    * @param int $maintenanceId
    * @version v1.0
    * @since [v1.8]
    */
-    public function show(AssetMaintenance $maintenance) : View | RedirectResponse
+    public function show(Maintenance $maintenance) : View | RedirectResponse
    {
-        return view('asset_maintenances/view')->with('assetMaintenance', $maintenance);
+        return view('maintenances.view')->with('maintenance', $maintenance);
    }
 }
--- a/app/Http/Controllers/ManufacturersController.php
+++ b/app/Http/Controllers/ManufacturersController.php
@@ -51,7 +51,7 @@ class ManufacturersController extends Controller
        $manufacturers_count = Manufacturer::withTrashed()->count();

        if ($manufacturers_count == 0) {
-            Artisan::call('db:seed', ['--class' => 'ManufacturerSeeder']);
+            Artisan::call('db:seed', ['--class' => 'Database\\Seeders\\ManufacturerSeeder', '--force' => true]);
            return redirect()->route('manufacturers.index')->with('success', trans('general.seeding.manufacturers.success'));
        }

--- a/app/Http/Controllers/ProfileController.php
+++ b/app/Http/Controllers/ProfileController.php
@@ -3,15 +3,21 @@
 namespace App\Http\Controllers;

 use App\Http\Requests\ImageUploadRequest;
+use App\Http\Transformers\ProfileTransformer;
+use App\Models\Actionlog;
 use App\Models\Setting;
 use App\Models\User;
 use App\Notifications\CurrentInventory;
+use Illuminate\Http\Response;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Gate;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Hash;
 use Illuminate\Http\RedirectResponse;
 use \Illuminate\Contracts\View\View;
+use Illuminate\Support\Facades\Storage;
+use Symfony\Component\HttpFoundation\BinaryFileResponse;
+
 /**
 * This controller handles all actions related to User Profiles for
 * the Snipe-IT Asset Management application.
@@ -220,7 +226,7 @@ class ProfileController extends Controller

        if (!$user = User::find(auth()->id())) {
            return redirect()->back()
-                ->with('error', trans('admin/users/message.user_not_found', ['id' => $id]));
+                ->with('error', trans('admin/users/message.user_not_found', ['id' => auth()->id()]));
        }
        if (empty($user->email)) {
            return redirect()->back()->with('error', trans('admin/users/message.user_has_no_email'));
@@ -234,4 +240,28 @@ class ProfileController extends Controller

        return redirect()->back()->with('success', trans('admin/users/general.user_notified'));
    }
+
+
+
+    public function getStoredEula($filename) : Response | BinaryFileResponse | RedirectResponse
+    {
+
+        $logentry = Actionlog::where('filename', $filename)->first();
+
+        // Make sure the user has permission to view this file
+        if (auth()->id() != $logentry->target_id) {
+            return redirect()->route('account')->with('error', trans('general.generic_model_not_found', ['model' => 'file']));
+        }
+
+        if (config('filesystems.default') == 's3_private') {
+            return redirect()->away(Storage::disk('s3_private')->temporaryUrl('private_uploads/eula-pdfs/'.$filename, now()->addMinutes(5)));
+        }
+
+        if (Storage::exists('private_uploads/eula-pdfs/'.$filename)) {
+            return response()->download(config('app.private_uploads').'/eula-pdfs/'.$filename);
+        }
+
+        return redirect()->back()->with('error',  trans('general.file_does_not_exist'));
+
+    }
 }
--- a/app/Http/Controllers/ReportsController.php
+++ b/app/Http/Controllers/ReportsController.php
@@ -9,7 +9,7 @@ use App\Models\Actionlog;
 use App\Models\Asset;
 use App\Models\AssetModel;
 use App\Models\Category;
-use App\Models\AssetMaintenance;
+use App\Models\Maintenance;
 use App\Models\CheckoutAcceptance;
 use App\Models\Company;
 use App\Models\CustomField;
@@ -17,13 +17,11 @@ use App\Models\Depreciation;
 use App\Models\License;
 use App\Models\ReportTemplate;
 use App\Models\Setting;
-use App\Notifications\CheckoutAssetNotification;
 use Carbon\Carbon;
 use Illuminate\Database\Eloquent\Relations\MorphTo;
 use Illuminate\Http\Request;
 use Illuminate\Http\Response;
 use Illuminate\Support\Facades\Mail;
-use Illuminate\Support\Facades\Notification;
 use \Illuminate\Contracts\View\View;
 use League\Csv\Reader;
 use Symfony\Component\HttpFoundation\StreamedResponse;
@@ -1038,11 +1036,11 @@ class ReportsController extends Controller
     * @author  Vincent Sposato <vincent.sposato@gmail.com>
     * @version v1.0
     */
-    public function getAssetMaintenancesReport() : View
+    public function getMaintenancesReport() : View
    {
        $this->authorize('reports.view');

-        return view('reports.asset_maintenances');
+        return view('reports.maintenances');
    }

    /**
@@ -1051,11 +1049,11 @@ class ReportsController extends Controller
     * @author  Vincent Sposato <vincent.sposato@gmail.com>
     * @version v1.0
     */
-    public function exportAssetMaintenancesReport() : Response
+    public function exportMaintenancesReport() : Response
    {
        $this->authorize('reports.view');
        // Grab all the improvements
-        $assetMaintenances = AssetMaintenance::with('asset', 'supplier')
+        $Maintenances = Maintenance::with('asset', 'supplier')
                                             ->orderBy('created_at', 'DESC')
                                             ->get();

@@ -1063,36 +1061,36 @@ class ReportsController extends Controller

        $header = [
            trans('admin/hardware/table.asset_tag'),
-            trans('admin/asset_maintenances/table.asset_name'),
+            trans('admin/maintenances/table.asset_name'),
            trans('general.supplier'),
-            trans('admin/asset_maintenances/form.asset_maintenance_type'),
-            trans('admin/asset_maintenances/form.title'),
-            trans('admin/asset_maintenances/form.start_date'),
-            trans('admin/asset_maintenances/form.completion_date'),
-            trans('admin/asset_maintenances/form.asset_maintenance_time'),
-            trans('admin/asset_maintenances/form.cost'),
+            trans('admin/maintenances/form.asset_maintenance_type'),
+            trans('admin/maintenances/form.title'),
+            trans('admin/maintenances/form.start_date'),
+            trans('admin/maintenances/form.completion_date'),
+            trans('admin/maintenances/form.asset_maintenance_time'),
+            trans('admin/maintenances/form.cost'),
        ];

        $header = array_map('trim', $header);
        $rows[] = implode(',', $header);

-        foreach ($assetMaintenances as $assetMaintenance) {
+        foreach ($Maintenances as $maintenance) {
            $row = [];
-            $row[] = str_replace(',', '', e($assetMaintenance->asset->asset_tag));
-            $row[] = str_replace(',', '', e($assetMaintenance->asset->name));
-            $row[] = str_replace(',', '', e($assetMaintenance->supplier->name));
-            $row[] = e($assetMaintenance->improvement_type);
-            $row[] = e($assetMaintenance->title);
-            $row[] = e($assetMaintenance->start_date);
-            $row[] = e($assetMaintenance->completion_date);
-            if (is_null($assetMaintenance->asset_maintenance_time)) {
+            $row[] = str_replace(',', '', e($maintenance->asset->asset_tag));
+            $row[] = str_replace(',', '', e($maintenance->asset->name));
+            $row[] = str_replace(',', '', e($maintenance->supplier->name));
+            $row[] = e($maintenance->improvement_type);
+            $row[] = e($maintenance->name);
+            $row[] = e($maintenance->start_date);
+            $row[] = e($maintenance->completion_date);
+            if (is_null($maintenance->asset_maintenance_time)) {
                $improvementTime = (int) Carbon::now()
-                    ->diffInDays(Carbon::parse($assetMaintenance->start_date), true);
+                    ->diffInDays(Carbon::parse($maintenance->start_date), true);
            } else {
-                $improvementTime = (int) $assetMaintenance->asset_maintenance_time;
+                $improvementTime = (int) $maintenance->asset_maintenance_time;
            }
            $row[]  = $improvementTime;
-            $row[]  = trans('general.currency') . Helper::formatCurrencyOutput($assetMaintenance->cost);
+            $row[]  = trans('general.currency') . Helper::formatCurrencyOutput($maintenance->cost);
            $rows[] = implode(',', $row);
        }

--- a/app/Http/Controllers/SettingsController.php
+++ b/app/Http/Controllers/SettingsController.php
@@ -352,6 +352,7 @@ class SettingsController extends Controller
        $setting->dash_chart_type = $request->input('dash_chart_type');
        $setting->profile_edit = $request->input('profile_edit', 0);
        $setting->require_checkinout_notes = $request->input('require_checkinout_notes', 0);
+        $setting->manager_view_enabled = $request->input('manager_view_enabled', 0);


        if ($request->input('per_page') != '') {
@@ -1083,6 +1084,7 @@ class SettingsController extends Controller

        if (! config('app.lock_passwords')) {
            if (Storage::exists($path.'/'.$filename)) {
+                Log::warning('User '.auth()->user()->username.' is attempting to download backup file: '.$filename);
                return StorageHelper::downloader($path.'/'.$filename);
            } else {
                // Redirect to the backup page
@@ -1110,6 +1112,7 @@ class SettingsController extends Controller
                if (Storage::exists($path . '/' . $filename)) {

                    try {
+                        Log::warning('User '.auth()->user()->username.' is attempting to delete backup file: '.$filename);
                        Storage::delete($path . '/' . $filename);
                        return redirect()->route('settings.backups.index')->with('success', trans('admin/settings/message.backup.file_deleted'));
                    } catch (\Exception $e) {
@@ -1189,7 +1192,7 @@ class SettingsController extends Controller
                    '--force' => true,
                ]);

-                Log::debug('Attempting to restore from: '. storage_path($path).'/'.$filename);
+                Log::warning('User '.auth()->user()->username.' is attempting to restore from: '. storage_path($path).'/'.$filename);

                $restore_params = [
                    '--force' => true,
@@ -1338,9 +1341,11 @@ class SettingsController extends Controller
                'name'  => config('mail.from.name'),
                'email' => config('mail.from.address'),
            ])->notify(new MailTest());
-
+            Log::debug('Attempting to send mail to '.config('mail.from.address'));
            return response()->json(Helper::formatStandardApiResponse('success', null, trans('mail_sent.mail_sent')));
        } catch (\Exception $e) {
+            Log::error('Mail sent from '.config('mail.from.address') .' with errors '. $e->getMessage());
+            Log::debug($e);
            return response()->json(Helper::formatStandardApiResponse('success', null, $e->getMessage()));
        }
    }
--- a/app/Http/Controllers/SuppliersController.php
+++ b/app/Http/Controllers/SuppliersController.php
@@ -4,7 +4,6 @@ namespace App\Http\Controllers;

 use App\Http\Requests\ImageUploadRequest;
 use App\Models\Supplier;
-use Illuminate\Support\Facades\Auth;
 use Illuminate\Http\RedirectResponse;
 use \Illuminate\Contracts\View\View;

@@ -122,7 +121,7 @@ class SuppliersController extends Controller
    public function destroy($supplierId) : RedirectResponse
    {
        $this->authorize('delete', Supplier::class);
-        if (is_null($supplier = Supplier::with('asset_maintenances', 'assets', 'licenses')->withCount('asset_maintenances as asset_maintenances_count', 'assets as assets_count', 'licenses as licenses_count')->find($supplierId))) {
+        if (is_null($supplier = Supplier::with('maintenances', 'assets', 'licenses')->withCount('maintenances as maintenances_count', 'assets as assets_count', 'licenses as licenses_count')->find($supplierId))) {
            return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.not_found'));
        }

@@ -130,8 +129,8 @@ class SuppliersController extends Controller
            return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.delete.assoc_assets', ['asset_count' => (int) $supplier->assets_count]));
        }

-        if ($supplier->asset_maintenances_count > 0) {
-            return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.delete.assoc_maintenances', ['asset_maintenances_count' => $supplier->asset_maintenances_count]));
+        if ($supplier->maintenances_count > 0) {
+            return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.delete.assoc_maintenances', ['maintenances_count' => $supplier->maintenances_count]));
        }

        if ($supplier->licenses_count > 0) {
--- a/app/Http/Controllers/UploadedFilesController.php
+++ b/app/Http/Controllers/UploadedFilesController.php
@@ -0,0 +1,162 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Helpers\StorageHelper;
+use App\Http\Requests\UploadFileRequest;
+use App\Models\Actionlog;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Support\Facades\Storage;
+use Symfony\Component\HttpFoundation\BinaryFileResponse;
+use Symfony\Component\HttpFoundation\StreamedResponse;
+
+/**
+ * This controller provide the health route  for
+ * the Snipe-IT Asset Management application.
+ *
+ * @version   v1.0
+ *
+ * @return \Illuminate\Http\JsonResponse
+
+ */
+class UploadedFilesController extends Controller
+{
+
+
+    /**
+     * Accepts a POST to upload a file to the server.
+     *
+     * @param  \App\Http\Requests\UploadFileRequest $request
+     * @param  string                               $object_type the type of object to upload the file to
+     * @param  int                                  $id          the ID of the object to store so we can check permisisons
+     * @since  [v8.2.2]
+     * @author [A. Gianotto <snipe@snipe.net>]
+     */
+    public function store(UploadFileRequest $request, $object_type, $id) : RedirectResponse
+    {
+
+        // Check the permissions to make sure the user can view the object
+        $object = self::$map_object_type[$object_type]::find($id);
+        $this->authorize('update', $object);
+
+        if (!$object) {
+            return redirect()->back()->withFragment('files')->with('error',trans('general.file_upload_status.invalid_object'));
+        }
+
+        // If the file storage directory doesn't exist, create it
+        if (! Storage::exists(self::$map_storage_path[$object_type])) {
+            Storage::makeDirectory(self::$map_storage_path[$object_type], 775);
+        }
+
+
+        if ($request->hasFile('file')) {
+            // Loop over the attached files and add them to the object
+            foreach ($request->file('file') as $file) {
+                $file_name = $request->handleFile(self::$map_storage_path[$object_type], self::$map_file_prefix[$object_type].'-'.$object->id, $file);
+                $files[] = $file_name;
+                $object->logUpload($file_name, $request->get('notes'));
+            }
+
+            $files = Actionlog::select('action_logs.*')->where('action_type', '=', 'uploaded')
+                ->where('item_type', '=', self::$map_object_type[$object_type])
+                ->where('item_id', '=', $id)->whereIn('filename', $files)
+                ->get();
+
+            return redirect()->back()->withFragment('files')->with('success', trans_choice('general.file_upload_status.upload.success',  count($files)));
+        }
+
+        // No files were submitted
+        return redirect()->back()->withFragment('files')->with('error', trans('general.file_upload_status.nofiles'));
+    }
+
+
+
+    /**
+     * Check for permissions and display the file.
+     * This isn't currently used, but is here for future use.
+     *
+     * @param  \App\Http\Requests\UploadFileRequest $request
+     * @param  string                               $object_type the type of object to upload the file to
+     * @param  int                                  $id          the ID of the object to delete from so we can check permisisons
+     * @param  $file_id     the ID of the file to show from the action_logs table
+     * @since  [v8.2.2]
+     * @author [A. Gianotto <snipe@snipe.net>]
+     */
+    public function show($object_type, $id, $file_id) : RedirectResponse | StreamedResponse | Storage | StorageHelper | BinaryFileResponse
+    {
+        // Check the permissions to make sure the user can view the object
+        $object = self::$map_object_type[$object_type]::find($id);
+        $this->authorize('view', $object);
+
+        if (!$object) {
+            return redirect()->back()->withFragment('files')->with('error',trans('general.file_upload_status.invalid_object'));
+        }
+
+
+        // Check that the file being requested exists for the object
+        if (! $log = Actionlog::whereNotNull('filename')->where('item_type', self::$map_object_type[$object_type])->where('item_id', $object->id)->find($file_id))
+        {
+            return redirect()->back()->withFragment('files')->with('error', trans('general.file_upload_status.invalid_id'));
+        }
+
+
+        if (! Storage::exists(self::$map_storage_path[$object_type].'/'.$log->filename))
+        {
+            return redirect()->back()->withFragment('files')->with('error', trans('general.file_upload_status.file_not_found'));
+        }
+
+        if (request('inline') == 'true') {
+            $headers = [
+                'Content-Disposition' => 'inline',
+            ];
+            return Storage::download(self::$map_storage_path[$object_type].'/'.$log->filename, $log->filename, $headers);
+        }
+
+        return StorageHelper::downloader(self::$map_storage_path[$object_type].'/'.$log->filename);
+
+    }
+
+    /**
+     * Delete the associated file
+     *
+     * @param  \App\Http\Requests\UploadFileRequest $request
+     * @param  string                               $object_type the type of object to upload the file to
+     * @param  int                                  $id          the ID of the object to delete from so we can check permisisons
+     * @param  $file_id     the ID of the file to delete from the action_logs table
+     * @since  [v8.2.2]
+     * @author [A. Gianotto <snipe@snipe.net>]
+     */
+    public function destroy($object_type, $id, $file_id) : RedirectResponse
+    {
+
+        // Check the permissions to make sure the user can view the object
+        $object = self::$map_object_type[$object_type]::find($id);
+        $this->authorize('update', self::$map_object_type[$object_type]);
+
+        if (!$object) {
+            return redirect()->back()->withFragment('files')->with('error',trans('general.file_upload_status.invalid_object'));
+        }
+
+
+        // Check for the file
+        $log = Actionlog::find($file_id)->where('item_type', self::$map_object_type[$object_type])
+            ->where('item_id', $object->id)->first();
+
+        if ($log) {
+            // Check the file actually exists, and delete it
+            if (Storage::exists(self::$map_storage_path[$object_type].'/'.$log->filename)) {
+                Storage::delete(self::$map_storage_path[$object_type].'/'.$log->filename);
+            }
+            // Delete the record of the file
+            if ($log->delete()) {
+                return redirect()->back()->withFragment('files')->with('success', trans_choice('general.file_upload_status.delete.success', 1));
+            }
+
+        }
+
+        // The file doesn't seem to really exist, so report an error
+        return redirect()->back()->withFragment('files')->with('success', trans_choice('general.file_upload_status.delete.error', 1));
+
+    }
+
+}
--- a/app/Http/Controllers/Users/UserFilesController.php
+++ b/app/Http/Controllers/Users/UserFilesController.php
@@ -1,129 +0,0 @@
-<?php
-
-namespace App\Http\Controllers\Users;
-
-use App\Helpers\StorageHelper;
-use App\Http\Controllers\Controller;
-use App\Http\Requests\UploadFileRequest;
-use App\Models\Actionlog;
-use App\Models\User;
-use Symfony\Component\HttpFoundation\JsonResponse;
-use Illuminate\Support\Facades\Storage;
-
-class UserFilesController extends Controller
-{
-    /**
-     * Return JSON response with a list of user details for the getIndex() view.
-     *
-     * @param UploadFileRequest $request
-     * @param int $userId
-     * @return string JSON
-     * @throws \Illuminate\Auth\Access\AuthorizationException
-     *@author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v1.6]
-     */
-    public function store(UploadFileRequest $request, User $user)
-    {
-        $this->authorize('update', $user);
-        $files = $request->file('file');
-
-        if (is_null($files)) {
-            return redirect()->back()->with('error', trans('admin/users/message.upload.nofiles'));
-        }
-        foreach ($files as $file) {
-            $file_name = $request->handleFile('private_uploads/users/', 'user-'.$user->id, $file);
-
-            //Log the uploaded file to the log
-            $logAction = new Actionlog();
-            $logAction->item_id = $user->id;
-            $logAction->item_type = User::class;
-            $logAction->created_by = auth()->id();
-            $logAction->note = $request->input('notes');
-            $logAction->target_id = null;
-            $logAction->created_at = date("Y-m-d H:i:s");
-            $logAction->filename = $file_name;
-            $logAction->action_type = 'uploaded';
-
-            if (! $logAction->save()) {
-                return JsonResponse::create(['error' => 'Failed validation: '.print_r($logAction->getErrors(), true)], 500);
-            }
-
-        return redirect()->back()->withFragment('files')->with('success', trans('admin/users/message.upload.success'));
-        }
-
-
-    }
-
-    /**
-     * Delete file
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v1.6]
-     * @param  int $userId
-     * @param  int $fileId
-     * @return \Illuminate\Http\RedirectResponse
-     * @throws \Illuminate\Auth\Access\AuthorizationException
-     */
-    public function destroy($userId = null, $fileId = null)
-    {
-        if ($user = User::find($userId)) {
-
-            $this->authorize('delete', $user);
-            $rel_path = 'private_uploads/users';
-
-
-            if ($log = Actionlog::find($fileId)) {
-                $filename = $log->filename;
-                $log->delete();
-                
-                if (Storage::exists($rel_path.'/'.$filename)) {
-                    Storage::delete($rel_path.'/'.$filename);
-                    return redirect()->back()->withFragment('files')->with('success', trans('admin/users/message.deletefile.success'));
-                }
-
-            }
-
-            // The log record doesn't exist somehow
-            return redirect()->back()->with('success', trans('admin/users/message.deletefile.success'));
-        }
-
-        return redirect()->route('users.index')->with('error', trans('admin/users/message.user_not_found', ['id' => $userId]));
-
-    }
-
-    /**
-     * Display/download the uploaded file
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v1.6]
-     * @param  int $userId
-     * @param  int $fileId
-     * @return mixed
-     * @throws \Illuminate\Auth\Access\AuthorizationException
-     */
-    public function show(User $user, $fileId = null)
-    {
-
-
-        if (empty($fileId)) {
-            return redirect()->route('users.show')->with('error', 'Invalid file request');
-        }
-
-            $this->authorize('view', $user);
-
-        if ($log = Actionlog::whereNotNull('filename')->where('item_id', $user->id)->find($fileId)) {
-            $file = 'private_uploads/users/'.$log->filename;
-
-            try {
-                return StorageHelper::showOrDownloadFile($file, $log->filename);
-            } catch (\Exception $e) {
-                return redirect()->route('users.show', ['user' => $user])->with('error',  trans('general.file_not_found'));
-            }
-        }
-
-        // The log record doesn't exist somehow
-        return redirect()->route('users.show', ['user' => $user])->with('error',  trans('general.log_record_not_found'));
-
-    }
-
-}
--- a/app/Http/Controllers/Users/UsersController.php
+++ b/app/Http/Controllers/Users/UsersController.php
@@ -13,15 +13,8 @@ use App\Models\Company;
 use App\Models\Group;
 use App\Models\Setting;
 use App\Models\User;
-use App\Notifications\WelcomeNotification;
-use Illuminate\Support\Facades\Auth;
-use Illuminate\Database\Eloquent\ModelNotFoundException;
 use Illuminate\Http\Request;
-use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Password;
-use Illuminate\Support\Facades\Storage;
-use Redirect;
-use Str;
 use Symfony\Component\HttpFoundation\StreamedResponse;
 use App\Notifications\CurrentInventory;

@@ -105,6 +98,7 @@ class UsersController extends Controller
        $user->activated = $request->input('activated', 0);
        $user->jobtitle = $request->input('jobtitle');
        $user->phone = $request->input('phone');
+        $user->mobile = $request->input('mobile');
        $user->location_id = $request->input('location_id', null);
        $user->department_id = $request->input('department_id', null);
        $user->company_id = Company::getIdForUser($request->input('company_id', null));
@@ -130,10 +124,15 @@ class UsersController extends Controller
        }
        $user->permissions = json_encode($permissions_array);

-        // we have to invoke the
+        // we have to invoke the form request here to handle image uploads
        app(ImageUploadRequest::class)->handleImages($user, 600, 'avatar', 'avatars', 'avatar');

+        if($request->get('redirect_option') === 'back'){
+            session()->put(['redirect_option' => 'index']);
+        } else {
            session()->put(['redirect_option' => $request->get('redirect_option')]);
+        }
+

        if ($user->save()) {
            if ($request->filled('groups')) {
@@ -142,19 +141,8 @@ class UsersController extends Controller
                $user->groups()->sync([]);
            }

-            if (($request->input('email_user') == 1) && ($request->filled('email'))) {
-                // Send the credentials through email
-                $data = [];
-                $data['email'] = e($request->input('email'));
-                $data['username'] = e($request->input('username'));
-                $data['first_name'] = e($request->input('first_name'));
-                $data['last_name'] = e($request->input('last_name'));
-                $data['password'] = e($request->input('password'));
-
-                $user->notify(new WelcomeNotification($data));
-            }
-
-            return redirect()->to(Helper::getRedirectOption($request, $user->id, 'Users'))->with('success', trans('admin/users/message.success.create'));
+            return Helper::getRedirectOption($request, $user->id, 'Users')
+                ->with('success', trans('admin/users/message.success.create'));
        }

        return redirect()->back()->withInput()->withErrors($user->getErrors());
@@ -186,6 +174,7 @@ class UsersController extends Controller
    {

        $this->authorize('update', User::class);
+        session()->put('back_url', url()->previous());
        $user = User::with(['assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc'])->withTrashed()->find($user->id);

        if ($user) {
@@ -246,22 +235,17 @@ class UsersController extends Controller
            }
        }

-        // Only save groups if the user is a superuser
-        if (auth()->user()->isSuperUser()) {
-            $user->groups()->sync($request->input('groups'));
-        }

        // Update the user fields
-        $user->username = trim($request->input('username'));
-        $user->email = trim($request->input('email'));
+
        $user->first_name = $request->input('first_name');
        $user->last_name = $request->input('last_name');
        $user->two_factor_optin = $request->input('two_factor_optin') ?: 0;
        $user->locale = $request->input('locale');
        $user->employee_num = $request->input('employee_num');
-        $user->activated = $request->input('activated', 0);
        $user->jobtitle = $request->input('jobtitle', null);
        $user->phone = $request->input('phone');
+        $user->mobile = $request->input('mobile');
        $user->location_id = $request->input('location_id', null);
        $user->company_id = Company::getIdForUser($request->input('company_id', null));
        $user->manager_id = $request->input('manager_id', null);
@@ -271,8 +255,6 @@ class UsersController extends Controller
        $user->city = $request->input('city', null);
        $user->state = $request->input('state', null);
        $user->country = $request->input('country', null);
-        // if a user is editing themselves we should always keep activated true
-        $user->activated = $request->input('activated', $request->user()->is($user) ? 1 : 0);
        $user->zip = $request->input('zip', null);
        $user->remote = $request->input('remote', 0);
        $user->vip = $request->input('vip', 0);
@@ -281,21 +263,27 @@ class UsersController extends Controller
        $user->end_date = $request->input('end_date', null);
        $user->autoassign_licenses = $request->input('autoassign_licenses', 0);

+        // Set this here so that we can overwrite it later if the user is an admin or superadmin
+        $user->activated = $request->input('activated', auth()->user()->is($user) ? 1 : $user->activated);
+
+
        // Update the location of any assets checked out to this user
        Asset::where('assigned_type', User::class)
            ->where('assigned_to', $user->id)
            ->update(['location_id' => $request->input('location_id', null)]);

+        // check for permissions related fields and only set them if the user has permission to edit them
+        if (auth()->user()->can('canEditAuthFields', $user) && auth()->user()->can('editableOnDemo')) {
+
+            $user->username = trim($request->input('username'));
+            $user->email = trim($request->input('email'));
+            $user->activated = $request->input('activated', $request->user()->is($user) ? 1 : 0);
+
            // Do we want to update the user password?
            if ($request->filled('password')) {
                $user->password = bcrypt($request->input('password'));
            }

-        // Update the location of any assets checked out to this user
-        Asset::where('assigned_type', User::class)
-            ->where('assigned_to', $user->id)
-            ->update(['location_id' => $user->location_id]);
-
            $permissions_array = $request->input('permission');

            // Strip out the superuser permission if the user isn't a superadmin
@@ -306,13 +294,26 @@ class UsersController extends Controller

            $user->permissions = json_encode($permissions_array);

+            // Only save groups if the user is a superuser
+            if (auth()->user()->isSuperUser()) {
+                $user->groups()->sync($request->input('groups'));
+            }
+        }
+
+
+        // Update the location of any assets checked out to this user
+        Asset::where('assigned_type', User::class)
+            ->where('assigned_to', $user->id)
+            ->update(['location_id' => $user->location_id]);
+
+
        // Handle uploaded avatar
        app(ImageUploadRequest::class)->handleImages($user, 600, 'avatar', 'avatars', 'avatar');
        session()->put(['redirect_option' => $request->get('redirect_option')]);

        if ($user->save()) {
            // Redirect to the user page
-            return redirect()->to(Helper::getRedirectOption($request, $user->id, 'Users'))
+            return Helper::getRedirectOption($request, $user->id, 'Users')
                ->with('success', trans('admin/users/message.success.update'));
        }
        return redirect()->back()->withInput()->withErrors($user->getErrors());
@@ -438,7 +439,7 @@ class UsersController extends Controller
        app('request')->request->set('permissions', $permissions);


-        $user_to_clone = User::with('assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc')->withTrashed()->find($user->id);
+        $user_to_clone = User::with('userloc')->withTrashed()->find($user->id);
        // Make sure they can view this particular user
        $this->authorize('view', $user_to_clone);

@@ -453,6 +454,8 @@ class UsersController extends Controller
            $user->last_name = '';
            $user->email = substr($user->email, ($pos = strpos($user->email, '@')) !== false ? $pos : 0);
            $user->id = null;
+            $user->username = null;
+            $user->avatar = null;

            // Get this user's groups
            $userGroups = $user_to_clone->groups()->pluck('name', 'id');
@@ -468,7 +471,7 @@ class UsersController extends Controller
                ->with('user', $user)
                ->with('groups', Group::pluck('name', 'id'))
                ->with('userGroups', $userGroups)
-                ->with('clone_user', $user_to_clone)
+                ->with('cloned_model', $user_to_clone)
                ->with('item', $user);
        }

@@ -510,6 +513,8 @@ class UsersController extends Controller
                        trans('admin/companies/table.title'),
                        trans('admin/users/table.title'),
                        trans('general.employee_number'),
+                        trans('admin/users/table.first_name'),
+                        trans('admin/users/table.last_name'),
                        trans('admin/users/table.name'),
                        trans('admin/users/table.username'),
                        trans('admin/users/table.email'),
@@ -555,6 +560,8 @@ class UsersController extends Controller
                            ($user->company) ? $user->company->name : '',
                            $user->jobtitle,
                            $user->employee_num,
+                            $user->first_name,
+                            $user->last_name,
                            $user->present()->fullName(),
                            $user->username,
                            $user->email,
--- a/app/Http/Controllers/ViewAssetsController.php
+++ b/app/Http/Controllers/ViewAssetsController.php
@@ -27,50 +27,126 @@ use Exception;
 class ViewAssetsController extends Controller
 {
    /**
-     * Redirect to the profile page.
+     * Extract custom fields that should be displayed in user view.
+     *
+     * @param User $user
+     * @return array
+     */
+    private function extractCustomFields(User $user): array
+    {
+        $fieldArray = [];
+        foreach ($user->assets as $asset) {
+            if ($asset->model && $asset->model->fieldset) {
+                foreach ($asset->model->fieldset->fields as $field) {
+                    if ($field->display_in_user_view == '1') {
+                        $fieldArray[$field->db_column] = $field->name;
+                    }
+                }
+            }
+        }
+        return array_unique($fieldArray);
+    }
+
+    /**
+     * Get list of users viewable by the current user.
+     *
+     * @param User $authUser
+     * @return \Illuminate\Support\Collection
+     */
+    private function getViewableUsers(User $authUser): \Illuminate\Support\Collection
+    {
+        // SuperAdmin sees all users
+        if ($authUser->isSuperUser()) {
+            return User::select('id', 'first_name', 'last_name', 'username')
+                ->where('activated', 1)
+                ->orderBy('last_name')
+                ->orderBy('first_name')
+                ->get();
+        }
+
+        // Regular manager sees only their subordinates + self
+        $managedUsers = $authUser->getAllSubordinates();
+        
+        // If user has subordinates, show them with self at beginning
+        if ($managedUsers->count() > 0) {
+            return collect([$authUser])->merge($managedUsers)
+                ->sortBy('last_name')
+                ->sortBy('first_name');
+        }
+        
+        // User has no subordinates, only sees themselves
+        return collect([$authUser]);
+    }
+
+    /**
+     * Get the selected user ID from request or default to current user.
+     *
+     * @param Request $request
+     * @param \Illuminate\Support\Collection $subordinates
+     * @param int $defaultUserId
+     * @return int
+     */
+    private function getSelectedUserId(Request $request, \Illuminate\Support\Collection $subordinates, int $defaultUserId): int
+    {
+        // If no subordinates or no user_id in request, return default
+        if ($subordinates->count() <= 1 || !$request->filled('user_id')) {
+            return $defaultUserId;
+        }
+
+        $requestedUserId = (int) $request->input('user_id');
+        
+        // Validate if the requested user is allowed
+        if ($subordinates->contains('id', $requestedUserId)) {
+            return $requestedUserId;
+        }
+        
+        // If invalid ID or not authorized, return default
+        return $defaultUserId;
+    }
+
+    /**
+     * Show user's assigned assets with optional manager view functionality.
     *
     */
-    public function getIndex() : View | RedirectResponse
+    public function getIndex(Request $request) : View | RedirectResponse
    {
-        $user = User::with(
+        $authUser = auth()->user();
+        $settings = Setting::getSettings();
+        $subordinates = collect();
+        $selectedUserId = $authUser->id;
+
+        // Process manager view if enabled
+        if ($settings->manager_view_enabled) {
+            $subordinates = $this->getViewableUsers($authUser);
+            $selectedUserId = $this->getSelectedUserId($request, $subordinates, $authUser->id);
+        }
+
+        // Load the data for the user to be viewed (either auth user or selected subordinate)
+        $userToView = User::with([
            'assets',
            'assets.model',
            'assets.model.fieldset.fields',
            'consumables',
            'accessories',
-            'licenses',
-        )->find(auth()->id());
+            'licenses'
+        ])->find($selectedUserId);

-        $field_array = array();
-
-        // Loop through all the custom fields that are applied to any model the user has assigned
-        foreach ($user->assets as $asset) {
-
-            // Make sure the model has a custom fieldset before trying to loop through the associated fields
-            if ($asset->model->fieldset) {
-
-                foreach ($asset->model->fieldset->fields as $field) {
-                    // check and make sure they're allowed to see the value of the custom field
-                    if ($field->display_in_user_view == '1') {
-                        $field_array[$field->db_column] = $field->name;
+        // If the user to view couldn't be found (shouldn't happen with proper logic), redirect with error
+        if (!$userToView) {
+            return redirect()->route('view-assets')->with('error', trans('admin/users/message.user_not_found'));
        }

-                }
-            }
+        // Process custom fields for the user being viewed
+        $fieldArray = $this->extractCustomFields($userToView);

-        }
-
-        // Since some models may re-use the same fieldsets/fields, let's make the array unique so we don't repeat columns
-        array_unique($field_array);
-
-        if (isset($user->id)) {
-            return view('account/view-assets', compact('user', 'field_array' ))
-                ->with('settings', Setting::getSettings());
-        }
-
-        // Redirect to the user management page
-        return redirect()->route('users.index')
-            ->with('error', trans('admin/users/message.user_not_found', $user->id));
+        // Pass the necessary data to the view
+        return view('account/view-assets', [
+            'user' => $userToView, // Use 'user' for compatibility with the existing view
+            'field_array' => $fieldArray,
+            'settings' => $settings,
+            'subordinates' => $subordinates,
+            'selectedUserId' => $selectedUserId
+        ]);
    }

    /**
--- a/app/Http/Middleware/SecurityHeaders.php
+++ b/app/Http/Middleware/SecurityHeaders.php
@@ -26,7 +26,6 @@ class SecurityHeaders
        $response = $next($request);

        $response->headers->set('X-Content-Type-Options', 'nosniff');
-        $response->headers->set('X-XSS-Protection', '1; mode=block');

        // Ugh. Feature-Policy is dumb and clumsy and mostly irrelevant for Snipe-IT,
        // since we don't provide any way to IFRAME anything in in the first place.
--- a/app/Http/Requests/ImageUploadRequest.php
+++ b/app/Http/Requests/ImageUploadRequest.php
@@ -11,6 +11,7 @@ use Illuminate\Support\Facades\Storage;
 use Intervention\Image\Exception\NotReadableException;
 use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Validator;
+use Illuminate\Support\Str;

 class ImageUploadRequest extends Request
 {
@@ -70,19 +71,25 @@ class ImageUploadRequest extends Request
    public function handleImages($item, $w = 600, $form_fieldname = 'image', $path = null, $db_fieldname = 'image')
    {

-        $type = strtolower(class_basename(get_class($item)));
+        $type = class_basename(get_class($item));

        if (is_null($path)) {

-            $path = str_plural($type);
+            $path = strtolower(str_plural($type));

-            if ($type == 'assetmodel') {
+            if ($type == 'AssetModel') {
                $path = 'models';
            }

            if ($type == 'user') {
                $path = 'avatars';
            }
+
+        }
+
+
+        if (!Storage::disk('public')->exists($path)) {
+            Storage::disk('public')->makeDirectory($path);
        }

        if ($this->offsetGet($form_fieldname) instanceof UploadedFile) {
@@ -93,10 +100,9 @@ class ImageUploadRequest extends Request

        if (isset($image)) {

-            if (!config('app.lock_passwords')) {

                $ext = $image->guessExtension();
-                $file_name = $type.'-'.$form_fieldname.'-'.$item->id.'-'.str_random(10).'.'.$ext;
+                $file_name = $type.'-'.$form_fieldname.($item->id ?? '-'.$item->id).'-'.str_random(10).'.'.$ext;
                
                if (($image->getMimeType() == 'image/vnd.microsoft.icon') || ($image->getMimeType() == 'image/x-icon') || ($image->getMimeType() == 'image/avif') || ($image->getMimeType() == 'image/webp')) {
                    // If the file is an icon, webp or avif, we need to just move it since gd doesn't support resizing
@@ -138,7 +144,7 @@ class ImageUploadRequest extends Request
                 // Remove Current image if exists
                $item = $this->deleteExistingImage($item, $path, $db_fieldname);
                $item->{$db_fieldname} = $file_name;
-            }
+


        // If the user isn't uploading anything new but wants to delete their old image, do so
--- a/app/Http/Requests/SettingsSamlRequest.php
+++ b/app/Http/Requests/SettingsSamlRequest.php
@@ -41,6 +41,7 @@ class SettingsSamlRequest extends FormRequest
    public function withValidator($validator)
    {
        $validator->after(function ($validator) {
+            $setting = Setting::getSettings();
            if ($this->input('saml_enabled') == '1') {
                $idpMetadata = $this->input('saml_idp_metadata');
                if (! empty($idpMetadata)) {
@@ -56,7 +57,7 @@ class SettingsSamlRequest extends FormRequest
                }
            }

-            $was_custom_x509cert = strpos(Setting::getSettings()->saml_custom_settings, 'sp_x509cert') !== false;
+            $was_custom_x509cert = strpos($setting->saml_custom_settings, 'sp_x509cert') !== false;

            $custom_x509cert = '';
            $custom_privateKey = '';
@@ -126,10 +127,14 @@ class SettingsSamlRequest extends FormRequest
                    }

                    if (! (empty($x509cert) && empty($privateKey))) {
-                        $this->merge([
-                            'saml_sp_x509cert' => $x509cert,
-                            'saml_sp_privatekey' => $privateKey,
-                        ]);
+//                        $this->merge([
+//                            'saml_sp_x509cert' => $x509cert,
+//                            'saml_sp_privatekey' => $privateKey,
+//                        ]);
+                        $setting->saml_sp_x509cert = $x509cert;
+                        $setting->saml_sp_privatekey = $privateKey;
+                        $setting->save();
+
                    }
                } else {
                    $validator->errors()->add('saml_integration', 'openssl.cnf is missing/invalid');
@@ -145,15 +150,21 @@ class SettingsSamlRequest extends FormRequest
                }

                if (! empty($x509certNew)) {
-                    $this->merge([
-                        'saml_sp_x509certNew' => $x509certNew,
-                    ]);
+//                    $this->merge([
+//                        'saml_sp_x509certNew' => $x509certNew,
+//                    ]);
+                    $setting->saml_sp_x509certNew = $x509certNew;
+                    $setting->save();
                }
            } else {
-                $this->merge([
-                    'saml_sp_x509certNew' => '',
-                ]);
+//                $this->merge([
+//                    'saml_sp_x509certNew' => '',
+//                ]);
+                $setting->saml_sp_x509certNew = '';
+                $setting->save();
            }
+
+
        });
    }
 }
--- a/app/Http/Requests/UploadFileRequest.php
+++ b/app/Http/Requests/UploadFileRequest.php
@@ -6,6 +6,7 @@ use App\Http\Traits\ConvertsBase64ToFiles;
 use enshrined\svgSanitize\Sanitizer;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Facades\Log;
+use \App\Helpers\Helper;

 class UploadFileRequest extends Request
 {
@@ -27,44 +28,76 @@ class UploadFileRequest extends Request
     */
    public function rules()
    {
-        $max_file_size = \App\Helpers\Helper::file_upload_max_size();
+        $max_file_size = Helper::file_upload_max_size();

        return [
-          'file.*' => 'required|mimes:png,gif,jpg,svg,jpeg,doc,docx,pdf,txt,zip,rar,xls,xlsx,lic,xml,rtf,json,webp,avif|max:'.$max_file_size,
+            'file.*' => 'required|mimes:'.config('filesystems.allowed_upload_extensions_for_validator').'|max:'.$max_file_size,
        ];
    }

    /**
     * Sanitizes (if needed) and Saves a file to the appropriate location
     * Returns the 'short' (storage-relative) filename
-     *
-     * TODO - this has a lot of similarities to UploadImageRequest's handleImage; is there
-     *        a way to merge them or extend one into the other?
     */
    public function handleFile(string $dirname, string $name_prefix, $file): string
    {
+
        $extension = $file->getClientOriginalExtension();
        $file_name = $name_prefix.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$file->guessExtension();

        // Check for SVG and sanitize it
        if ($file->getMimeType() === 'image/svg+xml') {
-            Log::debug('This is an SVG');
-            Log::debug($file_name);
-
-            $sanitizer = new Sanitizer();
-            $dirtySVG = file_get_contents($file->getRealPath());
-            $cleanSVG = $sanitizer->sanitize($dirtySVG);
+            $uploaded_file = $this->handleSVG($file);
+        } else {
+            $uploaded_file = file_get_contents($file);
+        }

        try {
-                Storage::put($dirname.$file_name, $cleanSVG);
+            Storage::put($dirname.$file_name, $uploaded_file);
        } catch (\Exception $e) {
-                Log::debug('Upload no workie :( ');
            Log::debug($e);
        }

-        } else {
-            $put_results = Storage::put($dirname.$file_name, file_get_contents($file));
-        }
        return $file_name;
    }
+
+    public function handleSVG($file)
+    {
+        $sanitizer = new Sanitizer();
+        $dirtySVG = file_get_contents($file->getRealPath());
+        return $sanitizer->sanitize($dirtySVG);
+    }
+
+
+    /**
+     * Get the validation error messages that apply to the request, but
+     * replace the attribute name with the name of the file that was attempted and failed
+     * to make it clearer to the user which file is the bad one.
+     *
+     * @return array
+     */
+    public function attributes(): array
+    {
+        $attributes = [];
+
+        if (($this->file) && (is_array($this->file))) {
+
+            for ($i = 0; $i < count($this->file); $i++) {
+
+                try {
+
+                    if ($this->file[$i]) {
+                        $attributes['file.'.$i] = $this->file[$i]->getClientOriginalName();
+                    }
+
+                } catch (\Exception $e) {
+                    $attributes['file.'.$i] = 'Invalid file';
+                }
+
+            }
+        }
+
+        return $attributes;
+
+    }
 }
--- a/app/Http/Transformers/ActionlogsTransformer.php
+++ b/app/Http/Transformers/ActionlogsTransformer.php
@@ -2,6 +2,7 @@
 namespace App\Http\Transformers;

 use App\Helpers\Helper;
+use App\Helpers\StorageHelper;
 use App\Models\Actionlog;
 use App\Models\Asset;
 use App\Models\CustomField;
@@ -16,6 +17,7 @@ use Illuminate\Contracts\Encryption\DecryptException;
 use Illuminate\Support\Facades\Crypt;
 use Illuminate\Support\Facades\Gate;
 use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\Storage;

 class ActionlogsTransformer
 {
@@ -113,8 +115,8 @@ class ActionlogsTransformer

                                        // Display the changes if the user is an admin or superadmin
                                        if (Gate::allows('admin')) {
-                                            $clean_meta[$fieldname]['old'] = ($enc_old) ? unserialize($enc_old): '';
-                                            $clean_meta[$fieldname]['new'] = ($enc_new) ? unserialize($enc_new): '';
+                                            $clean_meta[$fieldname]['old'] = ($enc_old) ? unserialize($enc_old, ['allowed_classes' => false]) : '';
+                                            $clean_meta[$fieldname]['new'] = ($enc_new) ? unserialize($enc_new, ['allowed_classes' => false]) : '';
                                        }

                                    }
@@ -133,24 +135,6 @@ class ActionlogsTransformer
            $clean_meta= $this->changedInfo($clean_meta);
        }

-        $file_url = '';
-        if($actionlog->filename!='') {
-            if ($actionlog->action_type == 'accepted') {
-                $file_url = route('log.storedeula.download', ['filename' => $actionlog->filename]);
-            } else {
-                if ($actionlog->item) {
-                    if ($actionlog->itemType() == 'asset') {
-                        $file_url = route('show/assetfile', ['asset' => $actionlog->item->id, 'fileId' => $actionlog->id]);
-                    } elseif ($actionlog->itemType() == 'accessory') {
-                        $file_url = route('show.accessoryfile', ['accessoryId' => $actionlog->item->id, 'fileId' => $actionlog->id]);
-                    } elseif ($actionlog->itemType() == 'license') {
-                        $file_url = route('show.licensefile', ['licenseId' => $actionlog->item->id, 'fileId' => $actionlog->id]);
-                    } elseif ($actionlog->itemType() == 'user') {
-                        $file_url = route('show/userfile', ['user' => $actionlog->item->id, 'fileId' => $actionlog->id]);
-                    }
-                }
-            }
-        }

        $array = [
            'id'          => (int) $actionlog->id,
@@ -158,8 +142,10 @@ class ActionlogsTransformer
            'file' => ($actionlog->filename!='')
                ?
                [
-                    'url' => $file_url,
+                    'url' => $actionlog->uploads_file_url(),
                    'filename' => $actionlog->filename,
+                    'inlineable' => StorageHelper::allowSafeInline($actionlog->uploads_file_url()),
+                    'exists_on_disk' => Storage::exists($actionlog->uploads_file_path()) ? true : false,
                ] : null,

            'item' => ($actionlog->item) ? [
@@ -198,8 +184,8 @@ class ActionlogsTransformer
            'note'          => ($actionlog->note) ? Helper::parseEscapedMarkedownInline($actionlog->note): null,
            'signature_file'   => ($actionlog->accept_signature) ? route('log.signature.view', ['filename' => $actionlog->accept_signature ]) : null,
            'log_meta'          => ((isset($clean_meta)) && (is_array($clean_meta))) ? $clean_meta: null,
-            'remote_ip'          => ($actionlog->remote_ip) ??  null,
-            'user_agent'          => ($actionlog->user_agent) ??  null,
+            'remote_ip' => e($actionlog->remote_ip) ?? null,
+            'user_agent' => e($actionlog->user_agent) ?? null,
            'action_source'          => ($actionlog->action_source) ??  null,
            'action_date'   => ($actionlog->action_date) ? Helper::getFormattedDateObject($actionlog->action_date, 'datetime'): Helper::getFormattedDateObject($actionlog->created_at, 'datetime'),
        ];
--- a/app/Http/Transformers/AssetsTransformer.php
+++ b/app/Http/Transformers/AssetsTransformer.php
@@ -101,7 +101,7 @@ class AssetsTransformer
            'checkout_counter' => (int) $asset->checkout_counter,
            'requests_counter' => (int) $asset->requests_counter,
            'user_can_checkout' => (bool) $asset->availableForCheckout(),
-            'book_value' => Helper::formatCurrencyOutput($asset->getLinearDepreciatedValue()),
+            'book_value' => Helper::formatCurrencyOutput($asset->getDepreciatedValue()),
        ];


@@ -203,6 +203,7 @@ class AssetsTransformer
                    'last_name'=> ($asset->assigned->last_name) ? e($asset->assigned->last_name) : null,
                    'email'=> ($asset->assigned->email) ? e($asset->assigned->email) : null,
                    'employee_number' =>  ($asset->assigned->employee_num) ? e($asset->assigned->employee_num) : null,
+                    'jobtitle' => $asset->assigned->jobtitle ? e($asset->assigned->jobtitle) : null,
                    'type' => 'user',
                ] : null;
        }
--- a/app/Http/Transformers/ConsumablesTransformer.php
+++ b/app/Http/Transformers/ConsumablesTransformer.php
@@ -25,7 +25,7 @@ class ConsumablesTransformer
        $array = [
            'id'            => (int) $consumable->id,
            'name'          => e($consumable->name),
-            'image' =>   ($consumable->image) ? Storage::disk('public')->url('consumables/'.e($consumable->image)) : null,
+            'image' =>   ($consumable->getImageUrl()) ? ($consumable->getImageUrl()) : null,
            'category'      => ($consumable->category) ? ['id' => $consumable->category->id, 'name' => e($consumable->category->name)] : null,
            'company'   => ($consumable->company) ? ['id' => (int) $consumable->company->id, 'name' => e($consumable->company->name)] : null,
            'item_no'       => e($consumable->item_no),
--- a/app/Http/Transformers/DatatablesTransformer.php
+++ b/app/Http/Transformers/DatatablesTransformer.php
@@ -4,6 +4,10 @@ namespace App\Http\Transformers;

 class DatatablesTransformer
 {
+
+    /**
+     * Transform data for bootstrap tables and API responses for lists of things
+     **/
    public function transformDatatables($objects, $total = null)
    {
        (isset($total)) ? $objects_array['total'] = $total : $objects_array['total'] = count($objects);
@@ -11,4 +15,15 @@ class DatatablesTransformer

        return $objects_array;
    }
+
+    /**
+     * Transform data for returning the status of items within a bulk action
+     **/
+    public function transformBulkResponseWithStatusAndObjects($objects, $total)
+    {
+        (isset($total)) ? $objects_array['total'] = $total : $objects_array['total'] = count($objects);
+        $objects_array['rows'] = $objects;
+
+        return $objects_array;
+    }
 }
--- a/app/Http/Transformers/DepreciationsTransformer.php
+++ b/app/Http/Transformers/DepreciationsTransformer.php
@@ -26,11 +26,11 @@ class DepreciationsTransformer
        $array = [
            'id' => (int) $depreciation->id,
            'name' => e($depreciation->name),
-            'months' => $depreciation->months.' '.trans('general.months'),
+            'months' => trans_choice('general.months_plural', $depreciation->months),
            'depreciation_min' => $depreciation->depreciation_type === 'percent' ? $depreciation->depreciation_min.'%' : $depreciation->depreciation_min,
-            'assets_count' => $depreciation->assets_count,
-            'models_count' => $depreciation->models_count,
-            'licenses_count' => $depreciation->licenses_count,
+            'assets_count' => ($depreciation->assets_count > 0) ? (int) $depreciation->assets_count : 0,
+            'models_count' => ($depreciation->models_count > 0) ? (int) $depreciation->models_count : 0,
+            'licenses_count' => ($depreciation->licenses_count > 0) ? (int) $depreciation->licenses_count : 0,
            'created_by' => ($depreciation->adminuser) ? [
                'id' => (int) $depreciation->adminuser->id,
                'name'=> e($depreciation->adminuser->present()->fullName()),
--- a/app/Http/Transformers/LicensesTransformer.php
+++ b/app/Http/Transformers/LicensesTransformer.php
@@ -62,7 +62,7 @@ class LicensesTransformer
            'checkin' => Gate::allows('checkin', License::class),
            'clone' => Gate::allows('create', License::class),
            'update' => Gate::allows('update', License::class),
-            'delete' => (Gate::allows('delete', License::class) && ($license->free_seats_count > 0)) ? true : false,
+            'delete' => (Gate::allows('delete', License::class) && ($license->free_seats_count == $license->seats)) ? true : false,
        ];

        $array += $permissions_array;
--- a/app/Http/Transformers/AssetMaintenancesTransformer.php
+++ b/app/Http/Transformers/AssetMaintenancesTransformer.php
@@ -4,23 +4,24 @@ namespace App\Http\Transformers;

 use App\Helpers\Helper;
 use App\Models\Asset;
-use App\Models\AssetMaintenance;
+use App\Models\Maintenance;
 use Illuminate\Support\Facades\Gate;
 use Illuminate\Database\Eloquent\Collection;
+use Illuminate\Support\Facades\Storage;

-class AssetMaintenancesTransformer
+class MaintenancesTransformer
 {
-    public function transformAssetMaintenances(Collection $assetmaintenances, $total)
+    public function transformMaintenances(Collection $maintenances, $total)
    {
        $array = [];
-        foreach ($assetmaintenances as $assetmaintenance) {
-            $array[] = self::transformAssetMaintenance($assetmaintenance);
+        foreach ($maintenances as $assetmaintenance) {
+            $array[] = self::transformMaintenance($assetmaintenance);
        }

        return (new DatatablesTransformer)->transformDatatables($array, $total);
    }

-    public function transformAssetMaintenance(AssetMaintenance $assetmaintenance)
+    public function transformMaintenance(Maintenance $assetmaintenance)
    {
        $array = [
            'id'            => (int) $assetmaintenance->id,
@@ -33,6 +34,7 @@ class AssetMaintenancesTransformer
                'created_at' => Helper::getFormattedDateObject($assetmaintenance->asset->created_at, 'datetime'),
                'updated_at' => Helper::getFormattedDateObject($assetmaintenance->asset->updated_at, 'datetime'),
            ] : null,
+            'image' => ($assetmaintenance->image != '') ? Storage::disk('public')->url('maintenances/'.e($assetmaintenance->image)) : null,
            'model' => (($assetmaintenance->asset) && ($assetmaintenance->asset->model)) ? [
                'id' => (int) $assetmaintenance->asset->model->id,
                'name'=> ($assetmaintenance->asset->model->name) ? e($assetmaintenance->asset->model->name).' '.e($assetmaintenance->asset->model->model_number) : null,
@@ -48,7 +50,8 @@ class AssetMaintenancesTransformer
                'name'=> ($assetmaintenance->asset->company->name) ? e($assetmaintenance->asset->company->name) : null,

            ] : null,
-            'title'         => ($assetmaintenance->title) ? e($assetmaintenance->title) : null,
+            'name'         => ($assetmaintenance->name) ? e($assetmaintenance->name) : null,
+            'title'         => ($assetmaintenance->name) ? e($assetmaintenance->name) : null, // legacy to not change the shape of the API
            'location' => (($assetmaintenance->asset) && ($assetmaintenance->asset->location)) ? [
                'id' => (int) $assetmaintenance->asset->location->id,
                'name'=> e($assetmaintenance->asset->location->name),
--- a/app/Http/Transformers/ProfileTransformer.php
+++ b/app/Http/Transformers/ProfileTransformer.php
@@ -0,0 +1,43 @@
+<?php
+
+namespace App\Http\Transformers;
+
+use App\Helpers\Helper;
+use App\Models\Actionlog;
+use App\Models\Asset;
+use Illuminate\Database\Eloquent\Collection;
+
+class ProfileTransformer
+{
+    public function transformFiles(Collection $files, $total)
+    {
+        $array = [];
+        foreach ($files as $file) {
+            $array[] = self::transformFile($file);
+        }
+
+        return (new DatatablesTransformer)->transformDatatables($array, $total);
+    }
+
+
+    public function transformFile(Actionlog $file)
+    {
+        $array = [
+            'id' => (int) $file->id,
+            'icon' => Helper::filetype_icon($file->filename),
+            'item' => ($file->item) ? [
+                'name' => ($file->itemType()=='user') ? e($file->item->getFullNameAttribute()) : e($file->item->getDisplayNameAttribute()),
+                'type' => e($file->itemType()),
+            ] : null,
+            'filename' => e($file->filename),
+            'signature_file'   => ($file->accept_signature) ? route('profile.signature.view', ['filename' => $file->accept_signature ]) : null,
+            'note' => e($file->note),
+            'url' => route('profile.storedeula.download', ['filename' => $file->filename]),
+            'file' => route('profile.storedeula.download', ['filename' => $file->filename]),
+            'created_at' => Helper::getFormattedDateObject($file->created_at, 'datetime'),
+        ];
+
+        return $array;
+    }
+
+}
--- a/app/Http/Transformers/UploadedFilesTransformer.php
+++ b/app/Http/Transformers/UploadedFilesTransformer.php
@@ -3,10 +3,10 @@
 namespace App\Http\Transformers;

 use App\Helpers\Helper;
+use App\Helpers\StorageHelper;
 use App\Models\Actionlog;
-use App\Models\Asset;
-use Illuminate\Support\Facades\Gate;
 use Illuminate\Database\Eloquent\Collection;
+use Illuminate\Support\Facades\Gate;
 use Illuminate\Support\Facades\Storage;

 class UploadedFilesTransformer
@@ -26,23 +26,27 @@ class UploadedFilesTransformer
    {
        $snipeModel = $file->item_type;

-
-        // This will be used later as we extend out this transformer to handle more types of uploads
-        if ($file->item_type == Asset::class) {
-            $file_url = route('show/assetfile', [$file->item_id, $file->id]);
-        }
-
        $array = [
            'id' => (int) $file->id,
+            'icon' => Helper::filetype_icon($file->filename),
+            'name' => e($file->filename),
+            'item' => ($file->item_type) ? [
+                'id' => (int) $file->item_id,
+                'type' => str_plural(strtolower(class_basename($file->item_type))),
+            ] : null,
            'filename' => e($file->filename),
-            'url' => $file_url,
+            'filetype' => StorageHelper::getFiletype($file->uploads_file_path()),
+            'mediatype' => StorageHelper::getMediaType($file->uploads_file_path()),
+            'url' => $file->uploads_file_url(),
+            'note' =>  ($file->note) ? e($file->note) : null,
            'created_by' => ($file->adminuser) ? [
                'id' => (int) $file->adminuser->id,
                'name'=> e($file->adminuser->present()->fullName),
            ] : null,
            'created_at' => Helper::getFormattedDateObject($file->created_at, 'datetime'),
-            'updated_at' => Helper::getFormattedDateObject($file->updated_at, 'datetime'),
            'deleted_at' => Helper::getFormattedDateObject($file->deleted_at, 'datetime'),
+            'inlineable' => StorageHelper::allowSafeInline($file->uploads_file_path()),
+            'exists_on_disk' => (Storage::exists($file->uploads_file_path()) ? true : false),
        ];

        $permissions_array['available_actions'] = [
@@ -53,4 +57,5 @@ class UploadedFilesTransformer
        return $array;
    }

+
 }
--- a/app/Http/Transformers/UsersTransformer.php
+++ b/app/Http/Transformers/UsersTransformer.php
@@ -22,6 +22,12 @@ class UsersTransformer
    public function transformUser(User $user)
    {

+        $role = '';
+        if ($user->isSuperUser()) {
+            $role = 'superadmin';
+        } elseif ($user->isAdmin()) {
+            $role = 'admin';
+        }
        $array = [
                'id' => (int) $user->id,
                'avatar' => e($user->present()->gravatar) ?? null,
@@ -39,6 +45,7 @@ class UsersTransformer
                'jobtitle' => ($user->jobtitle) ? e($user->jobtitle) : null,
                'vip' => ($user->vip == '1') ? true : false,
                'phone' => ($user->phone) ? e($user->phone) : null,
+                'mobile' => ($user->mobile) ? e($user->mobile) : null,
                'website' => ($user->website) ? e($user->website) : null,
                'address' => ($user->address) ? e($user->address) : null,
                'city' => ($user->city) ? e($user->city) : null,
@@ -59,6 +66,7 @@ class UsersTransformer
                    'name'=> e($user->userloc->name),
                ] : null,
                'notes'=> Helper::parseEscapedMarkedownInline($user->notes),
+                'role' => $role,
                'permissions' => $user->decodePermissions(),
                'activated' => ($user->activated == '1') ? true : false,
                'autoassign_licenses' => ($user->autoassign_licenses == '1') ? true : false,
--- a/app/Importer/Importer.php
+++ b/app/Importer/Importer.php
@@ -88,6 +88,7 @@ abstract class Importer
        'department' => 'department',
        'manager_name' => 'manager full name',
        'manager_username' => 'manager username',
+        'manager_employee_num' => 'manager employee number',
        'min_amt' => 'minimum quantity',
        'remote' => 'remote',
        'vip' => 'vip',
@@ -132,7 +133,7 @@ abstract class Importer
        } else {
            $this->csv = Reader::createFromString($file);
        }
-        $this->tempPassword = substr(str_shuffle('0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), 0, 40);
+        $this->tempPassword = '*** NO PASSWORD - IMPORTED VIA CSV ***';
    }

    // Cached Values for import lookups
--- a/app/Importer/ItemImporter.php
+++ b/app/Importer/ItemImporter.php
@@ -353,16 +353,27 @@ class ItemImporter extends Importer
     * @param $user_manager string
     * @return int id of company created/found
     */
-    public function fetchManager($user_manager_first_name, $user_manager_last_name)
+    public function fetchManager($user_manager_username = null, $user_manager_employee_num = null, $user_manager_first_name = null, $user_manager_last_name = null)
    {
+        if ($user_manager_username!='') {
+            $manager = User::where('username', '=', $user_manager_username)->first();
+            $this->log('Checking on username '.$user_manager_username);
+        } elseif ($user_manager_employee_num!='') {
+            $manager = User::where('employee_num', '=', $user_manager_employee_num)->first();
+            $this->log('Checking on employee_num '.$user_manager_employee_num);
+        } else {
            $manager = User::where('first_name', '=', $user_manager_first_name)
                ->where('last_name', '=', $user_manager_last_name)->first();
+            $this->log('Checking on full name');
+        }
+
        if ($manager) {
            $this->log('A matching Manager '.$user_manager_first_name.' '.$user_manager_last_name.' already exists');

            return $manager->id;
        }
-        $this->log('No matching Manager '.$user_manager_first_name.' '.$user_manager_last_name.' found. If their user account is being created through this import, you should re-process this file again. ');
+
+        $this->log('No matching Manager found. If their user account is being created through this import, you should re-process this file again. ');

        return null;
    }
--- a/app/Importer/UserImporter.php
+++ b/app/Importer/UserImporter.php
@@ -7,7 +7,9 @@ use App\Models\Department;
 use App\Models\Setting;
 use App\Models\User;
 use App\Notifications\WelcomeNotification;
+use Illuminate\Support\Facades\Gate;
 use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\Password;

 /**
 * This is ONLY used for the User Import. When we are importing users
@@ -50,6 +52,7 @@ class UserImporter extends ItemImporter
        $this->item['email'] = trim($this->findCsvMatch($row, 'email'));
        $this->item['gravatar'] = trim($this->findCsvMatch($row, 'gravatar'));
        $this->item['phone'] = trim($this->findCsvMatch($row, 'phone_number'));
+        $this->item['mobile'] = trim($this->findCsvMatch($row, 'mobile_number'));
        $this->item['website'] = trim($this->findCsvMatch($row, 'website'));
        $this->item['jobtitle'] = trim($this->findCsvMatch($row, 'jobtitle'));
        $this->item['address'] = trim($this->findCsvMatch($row, 'address'));
@@ -62,7 +65,7 @@ class UserImporter extends ItemImporter
        $this->item['activated'] = ($this->fetchHumanBoolean(trim($this->findCsvMatch($row, 'activated'))) == 1) ? '1' : 0;
        $this->item['employee_num'] = trim($this->findCsvMatch($row, 'employee_num'));
        $this->item['department_id'] = trim($this->createOrFetchDepartment(trim($this->findCsvMatch($row, 'department'))));
-        $this->item['manager_id'] = $this->fetchManager(trim($this->findCsvMatch($row, 'manager_first_name')), trim($this->findCsvMatch($row, 'manager_last_name')));
+        $this->item['manager_id'] = $this->fetchManager(trim($this->findCsvMatch($row, 'manager_username')), trim($this->findCsvMatch($row, 'manager_employee_num')), trim($this->findCsvMatch($row, 'manager_first_name')), trim($this->findCsvMatch($row, 'manager_last_name')));
        $this->item['remote'] = ($this->fetchHumanBoolean(trim($this->findCsvMatch($row, 'remote'))) == 1 ) ? '1' : 0;
        $this->item['vip'] = ($this->fetchHumanBoolean(trim($this->findCsvMatch($row, 'vip'))) ==1 ) ? '1' : 0;
        $this->item['autoassign_licenses'] = ($this->fetchHumanBoolean(trim($this->findCsvMatch($row, 'autoassign_licenses'))) ==1 ) ? '1' : 0;
@@ -80,6 +83,7 @@ class UserImporter extends ItemImporter
            $this->item['username'] = $user_formatted_array['username'];
        }

+
        // Check if a numeric ID was passed. If it does, use that above all else.
        if ((array_key_exists('id', $this->item) && ($this->item['id'] != "") && (is_numeric($this->item['id']))))  {
            $user = User::find($this->item['id']);
@@ -89,12 +93,25 @@ class UserImporter extends ItemImporter

        if ($user) {

+            // If the user does not want to update existing values, only add new ones, bail out
            if (! $this->updating) {
                Log::debug('A matching User '.$this->item['name'].' already exists.  ');
                return;
            }
+
            $this->log('Updating User');
+
+            // Todo - check that this works
+            if (!Gate::allows('canEditAuthFields', $user)) {
+                unset($user->username);
+                unset($user->email);
+                unset($user->password);
+                unset($user->activated);
+            }
+
            $user->update($this->sanitizeItemForUpdating($user));
+
+            // Why do we have to do this twice? Update should
            $user->save();

            // Update the location of any assets checked out to this user
@@ -110,28 +127,32 @@ class UserImporter extends ItemImporter

        // This needs to be applied after the update logic, otherwise we'll overwrite user passwords
        // Issue #5408
-        $this->item['password'] = bcrypt($this->tempPassword);
+        $this->item['password'] = $this->tempPassword;

        $this->log('No matching user, creating one');
        $user = new User();
        $user->created_by = auth()->id();
+
        $user->fill($this->sanitizeItemForStoring($user));

+        // TODO - check for gate here I guess
+
+
        if ($user->save()) {
            $this->log('User '.$this->item['name'].' was created');

            if (($user->email) && ($user->activated == '1')) {
-                $data = [
-                    'email' => $user->email,
-                    'username' => $user->username,
-                    'first_name' => $user->first_name,
-                    'last_name' => $user->last_name,
-                    'password' => $this->tempPassword,
-                ];

                if ($this->send_welcome) {
-                    $user->notify(new WelcomeNotification($data));
+
+                    try {
+                        $user->notify(new WelcomeNotification($user));
+                    } catch (\Exception $e) {
+                        Log::warning('Could not send welcome notification for user: ' . $e->getMessage());
                    }
+
+                }
+
            }
            $user = null;
            $this->item = null;
@@ -140,9 +161,9 @@ class UserImporter extends ItemImporter
        }

        $this->logError($user, 'User');
-        return;
    }

+
    /**
     * Fetch an existing department, or create new if it doesn't exist
     *
--- a/app/Listeners/CheckoutableListener.php
+++ b/app/Listeners/CheckoutableListener.php
@@ -4,14 +4,17 @@ namespace App\Listeners;

 use App\Events\CheckoutableCheckedOut;
 use App\Mail\CheckinAccessoryMail;
+use App\Mail\CheckinComponentMail;
 use App\Mail\CheckinLicenseMail;
 use App\Mail\CheckoutAccessoryMail;
 use App\Mail\CheckoutAssetMail;
 use App\Mail\CheckinAssetMail;
+use App\Mail\CheckoutComponentMail;
 use App\Mail\CheckoutConsumableMail;
 use App\Mail\CheckoutLicenseMail;
 use App\Models\Accessory;
 use App\Models\Asset;
+use App\Models\Category;
 use App\Models\CheckoutAcceptance;
 use App\Models\Component;
 use App\Models\Consumable;
@@ -21,9 +24,11 @@ use App\Models\Setting;
 use App\Models\User;
 use App\Notifications\CheckinAccessoryNotification;
 use App\Notifications\CheckinAssetNotification;
+use App\Notifications\CheckinComponentNotification;
 use App\Notifications\CheckinLicenseSeatNotification;
 use App\Notifications\CheckoutAccessoryNotification;
 use App\Notifications\CheckoutAssetNotification;
+use App\Notifications\CheckoutComponentNotification;
 use App\Notifications\CheckoutConsumableNotification;
 use App\Notifications\CheckoutLicenseSeatNotification;
 use GuzzleHttp\Exception\ClientException;
@@ -38,7 +43,7 @@ use Osama\LaravelTeamsNotification\TeamsNotification;
 class CheckoutableListener
 {
    private array $skipNotificationsFor = [
-        Component::class,
+//        Component::class,
    ];

    /**
@@ -144,7 +149,6 @@ class CheckoutableListener
        $shouldSendEmailToUser = $this->checkoutableCategoryShouldSendEmail($event->checkoutable);
        $shouldSendEmailToAlertAddress = $this->shouldSendEmailToAlertAddress();
        $shouldSendWebhookNotification = $this->shouldSendWebhookNotification();
-
        if (!$shouldSendEmailToUser && !$shouldSendEmailToAlertAddress && !$shouldSendWebhookNotification) {
            return;
        }
@@ -227,6 +231,7 @@ class CheckoutableListener
        if ($checkedOutToType != "App\Models\User") {
            return null;
        }
+
        if (!$event->checkoutable->requireAcceptance()) {
            return null;
        }
@@ -234,6 +239,13 @@ class CheckoutableListener
        $acceptance = new CheckoutAcceptance;
        $acceptance->checkoutable()->associate($event->checkoutable);
        $acceptance->assignedTo()->associate($event->checkedOutTo);
+
+        $category = $this->getCategoryFromCheckoutable($event->checkoutable);
+
+        if ($category?->alert_on_response) {
+            $acceptance->alert_on_response_id = auth()->id();
+        }
+        
        $acceptance->save();

        return $acceptance;
@@ -260,6 +272,9 @@ class CheckoutableListener
            case LicenseSeat::class:
                $notificationClass = CheckinLicenseSeatNotification::class;
                break;
+            case Component::class:
+                $notificationClass = CheckinComponentNotification::class;
+                break;
        }

        Log::debug('Notification class: '.$notificationClass);
@@ -290,6 +305,9 @@ class CheckoutableListener
            case LicenseSeat::class:
                $notificationClass = CheckoutLicenseSeatNotification::class;
                break;
+            case Component::class:
+                $notificationClass = CheckoutComponentNotification::class;
+            break;
        }


@@ -301,6 +319,7 @@ class CheckoutableListener
            Asset::class => CheckoutAssetMail::class,
            LicenseSeat::class => CheckoutLicenseMail::class,
            Consumable::class => CheckoutConsumableMail::class,
+            Component::class => CheckoutComponentMail::class,
        ];
        $mailable= $lookup[get_class($event->checkoutable)];

@@ -313,8 +332,8 @@ class CheckoutableListener
            Accessory::class => CheckinAccessoryMail::class,
            Asset::class => CheckinAssetMail::class,
            LicenseSeat::class => CheckinLicenseMail::class,
+            Component::class => CheckinComponentMail::class,
        ];
-
        $mailable= $lookup[get_class($event->checkoutable)];

        return new $mailable($event->checkoutable, $event->checkedOutTo, $event->checkedInBy, $event->note);
@@ -360,23 +379,6 @@ class CheckoutableListener
        return in_array(get_class($checkoutable), $this->skipNotificationsFor);
    }

-    private function shouldSendEmailNotifications(Model $checkoutable): bool
-    {
-        //runs a check if the category wants to send checkin/checkout emails to users
-        $category = match (true) {
-            $checkoutable instanceof Asset => $checkoutable->model->category,
-            $checkoutable instanceof Accessory,
-            $checkoutable instanceof Consumable => $checkoutable->category,
-            $checkoutable instanceof LicenseSeat => $checkoutable->license->category,
-            default => null,
-        };
-
-        if (!$category?->checkin_email) {
-            return false;
-        }
-        return true;
-    }
-
    private function shouldSendWebhookNotification(): bool
    {
        return Setting::getSettings() && Setting::getSettings()->webhook_endpoint;
@@ -471,4 +473,15 @@ class CheckoutableListener

        return array($to, $cc);
    }
+
+    private function getCategoryFromCheckoutable(Model $checkoutable): ?Category
+    {
+        return match (true) {
+            $checkoutable instanceof Asset => $checkoutable->model->category,
+            $checkoutable instanceof Accessory,
+                $checkoutable instanceof Consumable,
+                $checkoutable instanceof Component => $checkoutable->category,
+            $checkoutable instanceof LicenseSeat => $checkoutable->license->category,
+        };
+    }
 }
--- a/app/Livewire/CategoryEditForm.php
+++ b/app/Livewire/CategoryEditForm.php
@@ -6,6 +6,8 @@ use Livewire\Component;

 class CategoryEditForm extends Component
 {
+    public bool $alertOnResponse;
+
    public $defaultEulaText;

    public $eulaText;
--- a/app/Livewire/Importer.php
+++ b/app/Livewire/Importer.php
@@ -330,8 +330,11 @@ class Importer extends Component
            'location' => trans('general.location'),
            'manager_first_name' => trans('general.importer.manager_first_name'),
            'manager_last_name' => trans('general.importer.manager_last_name'),
+            'manager_employee_num' => trans('general.importer.manager_employee_num'),
+            'manager_username' => trans('general.importer.manager_username'),
            'notes' => trans('general.notes'),
            'phone_number' => trans('admin/users/table.phone'),
+            'mobile_number' => trans('admin/users/table.mobile'),
            'remote' => trans('admin/users/general.remote'),
            'start_date' => trans('general.start_date'),
            'state' => trans('general.state'),
@@ -508,6 +511,13 @@ class Importer extends Component
                    'telephone',
                    'tel.',
                ],
+            'mobile_number' =>
+                [
+                    'mobile',
+                    'mobile number',
+                    'cell',
+                    'cellphone',
+                ],

            'serial' =>
                [
--- a/app/Livewire/LocationScopeCheck.php
+++ b/app/Livewire/LocationScopeCheck.php
@@ -10,15 +10,16 @@ class LocationScopeCheck extends Component
 {
    public $mismatched = [];
    public $setting;
+    public $is_tested = false;

    public function check_locations()
    {
        $this->mismatched = Helper::test_locations_fmcs(false);
+        $this->is_tested = true;
    }

    public function mount() {
        $this->setting = Setting::getSettings();
-        $this->mismatched = Helper::test_locations_fmcs(false);
    }

    public function render()
--- a/app/Mail/CheckinComponentMail.php
+++ b/app/Mail/CheckinComponentMail.php
@@ -0,0 +1,71 @@
+<?php
+
+namespace App\Mail;
+
+use App\Models\Accessory;
+use App\Models\Component;
+use App\Models\Setting;
+use App\Models\User;
+use Illuminate\Bus\Queueable;
+use Illuminate\Contracts\Queue\ShouldQueue;
+use Illuminate\Mail\Mailable;
+use Illuminate\Mail\Mailables\Address;
+use Illuminate\Mail\Mailables\Content;
+use Illuminate\Mail\Mailables\Envelope;
+use Illuminate\Queue\SerializesModels;
+
+class CheckinComponentMail extends Mailable
+{
+    use Queueable, SerializesModels;
+
+    /**
+     * Create a new message instance.
+     */
+    public function __construct(Component $component, $checkedOutTo, User $checkedInby, $note)
+    {
+        $this->item = $component;
+        $this->target = $checkedOutTo;
+        $this->admin = $checkedInby;
+        $this->note = $note;
+        $this->settings = Setting::getSettings();
+    }
+
+    /**
+     * Get the message envelope.
+     */
+    public function envelope(): Envelope
+    {
+        $from = new Address(config('mail.from.address'), config('mail.from.name'));
+
+        return new Envelope(
+            from: $from,
+            subject: trans('mail.Confirm_component_checkin'),
+        );
+    }
+
+    /**
+     * Get the message content definition.
+     */
+    public function content(): Content
+    {
+        return new Content(
+            markdown: 'mail.markdown.checkin-component',
+            with:   [
+                'item'          => $this->item,
+                'admin'         => $this->admin,
+                'note'          => $this->note,
+                'target'        => $this->target,
+            ]
+        );
+    }
+
+    /**
+     * Get the attachments for the message.
+     *
+     * @return array<int, \Illuminate\Mail\Mailables\Attachment>
+     */
+    public function attachments(): array
+    {
+        return [];
+    }
+}
--- a/app/Mail/CheckoutAcceptanceResponseMail.php
+++ b/app/Mail/CheckoutAcceptanceResponseMail.php
@@ -0,0 +1,79 @@
+<?php
+
+namespace App\Mail;
+
+use App\Models\CheckoutAcceptance;
+use App\Models\User;
+use Illuminate\Bus\Queueable;
+use Illuminate\Contracts\Queue\ShouldQueue;
+use Illuminate\Mail\Mailable;
+use Illuminate\Mail\Mailables\Content;
+use Illuminate\Mail\Mailables\Envelope;
+use Illuminate\Queue\SerializesModels;
+
+class CheckoutAcceptanceResponseMail extends Mailable
+{
+    use Queueable, SerializesModels;
+
+    public CheckoutAcceptance $acceptance;
+    public User $recipient;
+    public bool $wasAccepted;
+
+    /**
+     * Create a new message instance.
+     */
+    public function __construct(CheckoutAcceptance $acceptance, User $recipient, bool $wasAccepted)
+    {
+        $this->acceptance = $acceptance;
+        $this->recipient = $recipient;
+        $this->wasAccepted = $wasAccepted;
+    }
+
+    /**
+     * Get the message envelope.
+     */
+    public function envelope(): Envelope
+    {
+        $subject = $this->wasAccepted
+            ? trans('mail.initiated_accepted')
+            : trans('mail.initiated_declined');
+
+        return new Envelope(
+            subject: $subject,
+        );
+    }
+
+    /**
+     * Get the message content definition.
+     */
+    public function content(): Content
+    {
+        return new Content(
+            markdown: 'mail.markdown.checkout-acceptance-response',
+            with: [
+                'assignedTo' => $this->acceptance->assignedTo,
+                'introduction' => $this->introduction(),
+                'item' => $this->acceptance->checkoutable,
+                'note' => $this->acceptance->note,
+                'recipient' => $this->recipient,
+            ]
+        );
+    }
+
+    /**
+     * Get the attachments for the message.
+     *
+     * @return array<int, \Illuminate\Mail\Mailables\Attachment>
+     */
+    public function attachments(): array
+    {
+        return [];
+    }
+
+    private function introduction(): string
+    {
+        return $this->wasAccepted
+            ? trans('mail.following_accepted')
+            : trans('mail.following_declined');
+    }
+}
--- a/app/Mail/CheckoutAssetMail.php
+++ b/app/Mail/CheckoutAssetMail.php
@@ -13,7 +13,6 @@ use Illuminate\Mail\Mailables\Address;
 use Illuminate\Mail\Mailables\Attachment;
 use Illuminate\Mail\Mailables\Content;
 use Illuminate\Mail\Mailables\Envelope;
-use Illuminate\Notifications\Messages\MailMessage;
 use Illuminate\Queue\SerializesModels;

 class CheckoutAssetMail extends Mailable
@@ -24,16 +23,25 @@ class CheckoutAssetMail extends Mailable

    /**
     * Create a new message instance.
+     * @throws \Exception
     */
    public function __construct(Asset $asset, $checkedOutTo, User $checkedOutBy, $acceptance, $note, bool $firstTimeSending = true)
    {
        $this->item = $asset;
        $this->admin = $checkedOutBy;
        $this->note = $note;
-        $this->target = $checkedOutTo;
        $this->acceptance = $acceptance;

        $this->settings = Setting::getSettings();
+        $this->target = $checkedOutTo;
+
+        // Location is a target option, but there are no emails currently associated with locations.
+        if($this->target instanceof User){
+            $this->target = $this->target->present()?->fullName();
+        }
+        else if($this->target instanceof Asset){
+            $this->target = $this->target->assignedto?->present()?->fullName();
+        }

        $this->last_checkout = '';
        $this->expected_checkin = '';
@@ -91,7 +99,7 @@ class CheckoutAssetMail extends Mailable
                'admin'         => $this->admin,
                'status'        => $this->item->assetstatus?->name,
                'note'          => $this->note,
-                'target'        => $this->target,
+                'target'        => $this->target->name ?? $this->admin->present()->fullName(),
                'fields'        => $fields,
                'eula'          => $eula,
                'req_accept'    => $req_accept,
@@ -116,7 +124,7 @@ class CheckoutAssetMail extends Mailable
    private function getSubject(): string
    {
        if ($this->firstTimeSending) {
-            return trans('mail.Asset_Checkout_Notification');
+            return trans('mail.Asset_Checkout_Notification').' - '.$this->item->asset_tag;
        }

        return trans('mail.unaccepted_asset_reminder');
--- a/app/Mail/CheckoutComponentMail.php
+++ b/app/Mail/CheckoutComponentMail.php
@@ -0,0 +1,82 @@
+<?php
+
+namespace App\Mail;
+
+use App\Models\Component;
+use App\Models\Setting;
+use App\Models\User;
+use Illuminate\Bus\Queueable;
+use Illuminate\Mail\Mailable;
+use Illuminate\Mail\Mailables\Address;
+use Illuminate\Mail\Mailables\Content;
+use Illuminate\Mail\Mailables\Envelope;
+use Illuminate\Queue\SerializesModels;
+
+class CheckoutComponentMail extends Mailable
+{
+    use Queueable, SerializesModels;
+
+    /**
+     * Create a new message instance.
+     */
+    public function __construct(Component $component, $checkedOutTo, User $checkedOutBy, $acceptance, $note)
+    {
+        $this->item = $component;
+        $this->admin = $checkedOutBy;
+        $this->note = $note;
+        $this->target = $checkedOutTo;
+        $this->acceptance = $acceptance;
+        $this->qty = $component->assets->first()?->pivot?->assigned_qty;
+
+        $this->settings = Setting::getSettings();
+    }
+
+    /**
+     * Get the message envelope.
+     */
+    public function envelope(): Envelope
+    {
+        $from = new Address(config('mail.from.address'), config('mail.from.name'));
+
+        return new Envelope(
+            from: $from,
+            subject: trans('mail.Confirm_component_delivery'),
+        );
+    }
+
+    /**
+     * Get the message content definition.
+     */
+    public function content(): Content
+    {
+
+        $eula = $this->item->getEula();
+        $req_accept = $this->item->requireAcceptance();
+
+        $accept_url = is_null($this->acceptance) ? null : route('account.accept.item', $this->acceptance);
+
+        return new Content(
+            markdown: 'mail.markdown.checkout-component',
+            with:   [
+                'item'          => $this->item,
+                'admin'         => $this->admin,
+                'note'          => $this->note,
+                'target'        => $this->target,
+                'eula'          => $eula,
+                'req_accept'    => $req_accept,
+                'accept_url'    => $accept_url,
+                'qty'           => $this->qty,
+            ]
+        );
+    }
+
+    /**
+     * Get the attachments for the message.
+     *
+     * @return array<int, \Illuminate\Mail\Mailables\Attachment>
+     */
+    public function attachments(): array
+    {
+        return [];
+    }
+}
--- a/app/Mail/CheckoutLicenseMail.php
+++ b/app/Mail/CheckoutLicenseMail.php
@@ -2,6 +2,7 @@

 namespace App\Mail;

+use App\Models\Asset;
 use App\Models\LicenseSeat;
 use App\Models\Setting;
 use App\Models\User;
@@ -25,9 +26,16 @@ class CheckoutLicenseMail extends Mailable
        $this->item = $licenseSeat;
        $this->admin = $checkedOutBy;
        $this->note = $note;
-        $this->target = $checkedOutTo;
        $this->acceptance = $acceptance;
        $this->settings = Setting::getSettings();
+        $this->target = $checkedOutTo;
+
+        if($this->target instanceof User){
+            $this->target = $this->target->present()?->fullName();
+        }
+        elseif($this->target instanceof Asset){
+            $this->target = $this->target->assignedto?->present()?->fullName();
+        }
    }

    /**
--- a/app/Models/Accessory.php
+++ b/app/Models/Accessory.php
@@ -4,6 +4,7 @@ namespace App\Models;

 use App\Helpers\Helper;
 use App\Models\Traits\Acceptable;
+use App\Models\Traits\HasUploads;
 use App\Models\Traits\Searchable;
 use App\Presenters\Presentable;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
@@ -22,6 +23,7 @@ class Accessory extends SnipeModel

    protected $presenter = \App\Presenters\AccessoryPresenter::class;
    use CompanyableTrait;
+    use HasUploads;
    use Loggable, Presentable;
    use SoftDeletes;

@@ -102,24 +104,6 @@ class Accessory extends SnipeModel
    ];


-
-    /**
-     * Establishes the accessories -> action logs -> uploads relationship
-     *
-     * @author A. Gianotto <snipe@snipe.net>
-     * @since [v6.1.13]
-     * @return \Illuminate\Database\Eloquent\Relations\Relation
-     */
-    public function uploads()
-    {
-        return $this->hasMany(\App\Models\Actionlog::class, 'item_id')
-            ->where('item_type', '=', self::class)
-            ->where('action_type', '=', 'uploaded')
-            ->whereNotNull('filename')
-            ->orderBy('created_at', 'desc');
-    }
-
-
    /**
     * Establishes the accessory -> supplier relationship
     *
@@ -426,7 +410,6 @@ class Accessory extends SnipeModel

    /**
     * Query builder scope to order on created_by name
-     *
     */
    public function scopeOrderByCreatedByName($query, $order)
    {
--- a/app/Models/AccessoryCheckout.php
+++ b/app/Models/AccessoryCheckout.php
@@ -133,44 +133,58 @@ class AccessoryCheckout extends Model
    public function advancedTextSearch(Builder $query, array $terms)
    {

-        $userQuery = User::where(function ($query) use ($terms) {
+        $userQuery = User::where(
+            function ($query) use ($terms) {
                foreach ($terms as $term) {
                    $search_str = '%' . $term . '%';
                    $query->where('first_name', 'like', $search_str)
                        ->orWhere('last_name', 'like', $search_str)
                        ->orWhere('note', 'like', $search_str);
                }
-        })->select('id');
+            }
+        )->select('id');

-        $locationQuery = Location::where(function ($query) use ($terms) {
+        $locationQuery = Location::where(
+            function ($query) use ($terms) {
                foreach ($terms as $term) {
                    $search_str = '%' . $term . '%';
                    $query->where('name', 'like', $search_str);
                }
-        })->select('id');
+            }
+        )->select('id');

-        $assetQuery = Asset::where(function ($query) use ($terms) {
+        $assetQuery = Asset::where(
+            function ($query) use ($terms) {
                foreach ($terms as $term) {
                    $search_str = '%' . $term . '%';
                    $query->where('name', 'like', $search_str);
                }
-        })->select('id');
+            }
+        )->select('id');

-        $query->where(function ($query) use ($userQuery) {
+        $query->where(
+            function ($query) use ($userQuery) {
                $query->where('assigned_type', User::class)
                    ->whereIn('assigned_to', $userQuery);
-        })->orWhere(function($query) use ($locationQuery) {
+            }
+        )->orWhere(
+            function ($query) use ($locationQuery) {
                $query->where('assigned_type', Location::class)
                    ->whereIn('assigned_to', $locationQuery);
-        })->orWhere(function($query) use ($assetQuery) {
+            }
+        )->orWhere(
+            function ($query) use ($assetQuery) {
                $query->where('assigned_type', Asset::class)
                    ->whereIn('assigned_to', $assetQuery);
-        })->orWhere(function($query) use ($terms) {
+            }
+        )->orWhere(
+            function ($query) use ($terms) {
                foreach ($terms as $term) {
                    $search_str = '%' . $term . '%';
                    $query->where('note', 'like', $search_str);
                }
-        });
+            }
+        );

        return $query;
    }
--- a/app/Models/Actionlog.php
+++ b/app/Models/Actionlog.php
@@ -7,6 +7,7 @@ use App\Presenters\Presentable;
 use Carbon\Carbon;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Database\Eloquent\SoftDeletes;
+use Illuminate\Support\Str;

 /**
 * Model for the Actionlog (the table that keeps a historical log of
@@ -69,11 +70,13 @@ class Actionlog extends SnipeModel
     */
    protected $searchableRelations = [
        'company'     => ['name'],
-        'adminuser'   => ['first_name','last_name','username', 'email'],
-        'user'        => ['first_name','last_name','username', 'email'],
+        'adminuser'   => ['first_name','last_name','username', 'email', 'employee_num'],
+        'user'        => ['first_name','last_name','username', 'email', 'employee_num'],
        'assets'      => ['asset_tag','name', 'serial', 'order_number', 'notes', 'purchase_date'],
        'assets.model'              => ['name', 'model_number', 'eol', 'notes'],
        'assets.model.category'     => ['name', 'notes'],
+        'assets.location'           => ['name'],
+        'assets.defaultLoc'         => ['name'],
        'assets.model.manufacturer' => ['name', 'notes'],
        'licenses'    => ['name', 'serial', 'notes', 'order_number', 'license_email', 'license_name', 'purchase_order', 'purchase_date'],
        'licenses.category'     => ['name', 'notes'],
@@ -102,7 +105,8 @@ class Actionlog extends SnipeModel
    public static function boot()
    {
        parent::boot();
-        static::creating(function (self $actionlog) {
+        static::creating(
+            function (self $actionlog) {
                // If the admin is a superadmin, let's see if the target instead has a company.
                if (auth()->user() && auth()->user()->isSuperUser()) {
                    if ($actionlog->target) {
@@ -118,8 +122,8 @@ class Actionlog extends SnipeModel
                    $actionlog->action_date = Carbon::now();
                }

-        });
-
+            }
+        );
    }


@@ -436,7 +440,8 @@ class Actionlog extends SnipeModel

        // This is an API call
        if (((request()->header('content-type') && (request()->header('accept'))=='application/json'))
-            && (starts_with(request()->header('authorization'), 'Bearer '))) {
+            && (starts_with(request()->header('authorization'), 'Bearer '))
+        ) {
            return 'api';
        }

@@ -450,6 +455,61 @@ class Actionlog extends SnipeModel

    }

+    public function uploads_file_url()
+    {
+
+
+
+        if (($this->action_type == 'accepted') || ($this->action_type == 'declined')) {
+            return route('log.storedeula.download', ['filename' => $this->filename]);
+        }
+
+        $object = Str::snake(str_plural(str_replace("App\Models\\", '', $this->item_type)));
+
+        if ($object == 'asset_models') {
+            $object = 'models';
+        }
+
+        return route('ui.files.show', [
+            'object_type' => $object,
+            'id' => $this->item_id,
+            'file_id' => $this->id,
+        ]);
+
+    }
+
+    public function uploads_file_path()
+    {
+
+        if (($this->action_type == 'accepted') || ($this->action_type == 'declined')) {
+            return 'private_uploads/eula-pdfs/'.$this->filename;
+        }
+
+        switch ($this->item_type) {
+        case Accessory::class:
+            return 'private_uploads/accessories/'.$this->filename;
+        case Asset::class:
+            return 'private_uploads/assets/'.$this->filename;
+        case AssetModel::class:
+            return 'private_uploads/models/'.$this->filename;
+        case Consumable::class:
+            return 'private_uploads/consumables/'.$this->filename;
+        case Component::class:
+            return 'private_uploads/components/'.$this->filename;
+        case License::class:
+            return 'private_uploads/licenses/'.$this->filename;
+        case Location::class:
+            return 'private_uploads/locations/'.$this->filename;
+        case Maintenance::class:
+             return 'private_uploads/maintenances/'.$this->filename;
+        case User::class:
+            return 'private_uploads/users/'.$this->filename;
+        default:
+            return null;
+        }
+    }
+
+
    // Manually sets $this->source for determineActionSource()
    public function setActionSource($source = null): void
    {
--- a/app/Models/Asset.php
+++ b/app/Models/Asset.php
@@ -7,19 +7,19 @@ use App\Exceptions\CheckoutNotAllowed;
 use App\Helpers\Helper;
 use App\Http\Traits\UniqueUndeletedTrait;
 use App\Models\Traits\Acceptable;
+use App\Models\Traits\HasUploads;
 use App\Models\Traits\Searchable;
 use App\Presenters\Presentable;
 use App\Presenters\AssetPresenter;
-use Illuminate\Support\Facades\Auth;
 use Carbon\Carbon;
-use Illuminate\Support\Facades\DB;
 use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Database\Eloquent\SoftDeletes;
+use Illuminate\Support\Facades\Crypt;
+use Illuminate\Support\Facades\Gate;
 use Illuminate\Support\Facades\Storage;
 use Watson\Validating\ValidatingTrait;
 use Illuminate\Database\Eloquent\Casts\Attribute;
-use Illuminate\Database\Eloquent\Model;

 /**
 * Model for Assets.
@@ -33,6 +33,7 @@ class Asset extends Depreciable
    protected $with = ['model', 'adminuser'];

    use CompanyableTrait;
+    use HasUploads;
    use HasFactory, Loggable, Requestable, Presentable, SoftDeletes, ValidatingTrait, UniqueUndeletedTrait;

    public const LOCATION = 'location';
@@ -111,7 +112,7 @@ class Asset extends Depreciable
        'location_id'       => ['nullable', 'exists:locations,id', 'fmcs_location'],
        'rtd_location_id'   => ['nullable', 'exists:locations,id', 'fmcs_location'],
        'purchase_date'     => ['nullable', 'date', 'date_format:Y-m-d'],
-        'serial'            => ['nullable', 'unique_undeleted:assets,serial'],
+        'serial'            => ['nullable', 'string', 'unique_undeleted:assets,serial'],
        'purchase_cost'     => ['nullable', 'numeric', 'gte:0', 'max:9999999999999'],
        'supplier_id'       => ['nullable', 'exists:suppliers,id'],
        'asset_eol_date'    => ['nullable', 'date'],
@@ -205,6 +206,17 @@ class Asset extends Depreciable
        'model.manufacturer' => ['name'],
    ];

+    protected static function booted(): void
+    {
+        static::forceDeleted(function (Asset $asset) {
+            $asset->requests()->forceDelete();
+        });
+
+        static::softDeleted(function (Asset $asset) {
+            $asset->requests()->delete();
+        });
+    }
+
    // To properly set the expected checkin as Y-m-d
    public function setExpectedCheckinAttribute($value)
    {
@@ -225,7 +237,11 @@ class Asset extends Depreciable

            foreach ($this->model->fieldset->fields as $field) {

-                    if ($field->format == 'BOOLEAN'){
+                // this just casts booleans that may come through as strings to an actual boolean type
+                // adding !$field->field_encrypted because when the encrypted value comes through it
+                // screws things up for the encrypted validation rules (and the encrypted string
+                // is not a valid boolean type)
+                if ($field->format == 'BOOLEAN' && !$field->field_encrypted) {
                    $this->{$field->db_column} = filter_var($this->{$field->db_column}, FILTER_VALIDATE_BOOLEAN);
                }
            }
@@ -258,6 +274,7 @@ class Asset extends Depreciable

    /**
     * Returns the warranty expiration date as Carbon object
+     *
     * @return \Carbon\Carbon|null
     */
    public function getWarrantyExpiresAttribute()
@@ -307,8 +324,8 @@ class Asset extends Depreciable

            // The asset status is not archived and is deployable
            if (($this->assetstatus) && ($this->assetstatus->archived == '0')
-                && ($this->assetstatus->deployable == '1'))
-            {
+                && ($this->assetstatus->deployable == '1')
+            ) {
                return true;

            }
@@ -417,17 +434,40 @@ class Asset extends Depreciable
        return $this->rules;
    }

-    public function customFieldsForCheckinCheckout($checkin_checkout) {
+    public function customFieldsForCheckinCheckout($checkin_checkout)
+    {
        // Check to see if any of the custom fields were included on the form and if they have any values
        if (($this->model) && ($this->model->fieldset) && ($this->model->fieldset->fields)) {
+
            foreach ($this->model->fieldset->fields as $field) {
-                if (($field->{$checkin_checkout} == 1) && (request()->has($field->db_column))){
-                    $this->{$field->db_column} = request()->get($field->db_column);
+
+                if (($field->{$checkin_checkout} == 1) && (request()->has($field->db_column))) {
+
+                    if ($field->field_encrypted == '1') {
+
+                        if (Gate::allows('assets.view.encrypted_custom_fields')) {
+                            if (is_array(request()->input($field->db_column))) {
+                                $this->{$field->db_column} = Crypt::encrypt(implode(', ', request()->input($field->db_column)));
+                            } else {
+                                $this->{$field->db_column} = Crypt::encrypt(request()->get($field->db_column));
+                            }
+                        }
+
+                    } else {
+
+                        if (is_array(request()->input($field->db_column))) {
+                            $this->{$field->db_column} = implode(', ', request()->input($field->db_column));
+                        } else {
+                            $this->{$field->db_column} = request()->input($field->db_column);
+                        }
+
                    }
                }
            }
        }

+    }
+

    /**
     * Establishes the asset -> depreciation relationship
@@ -438,7 +478,7 @@ class Asset extends Depreciable
     */
    public function depreciation()
    {
-        return $this->hasOneThrough(\App\Models\Depreciation::class,\App\Models\AssetModel::class,'id','id','model_id','depreciation_id');
+        return $this->hasOneThrough(\App\Models\Depreciation::class, \App\Models\AssetModel::class, 'id', 'id', 'model_id', 'depreciation_id');
    }


@@ -472,26 +512,10 @@ class Asset extends Depreciable
    }


-    /**
-     * Get uploads for this asset
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v4.0]
-     * @return \Illuminate\Database\Eloquent\Relations\Relation
-     */
-    public function uploads()
-    {
-        return $this->hasMany('\App\Models\Actionlog', 'item_id')
-                  ->where('item_type', '=', Asset::class)
-                  ->where('action_type', '=', 'uploaded')
-                  ->whereNotNull('filename')
-                  ->orderBy('created_at', 'desc');
-    }
-
    /**
     * Determines whether the asset is checked out to a user
     *
-     * Even though we allow allow for checkout to things beyond users
+     * Even though we allow for checkout to things beyond users
     * this method is an easy way of seeing if we are checked out to a user.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
@@ -610,6 +634,7 @@ class Asset extends Depreciable

    /**
     * This is annoying, but because we don't say "assets" in our route names, we have to make an exception here
+     *
     * @todo - normalize the route names - API endpoint URLS can stay the same
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
@@ -746,9 +771,9 @@ class Asset extends Depreciable
     * @since  1.0
     * @return \Illuminate\Database\Eloquent\Relations\Relation
     */
-    public function assetmaintenances()
+    public function maintenances()
    {
-        return $this->hasMany(\App\Models\AssetMaintenance::class, 'asset_id')
+        return $this->hasMany(\App\Models\Maintenance::class, 'asset_id')
            ->orderBy('created_at', 'desc');
    }

@@ -807,9 +832,11 @@ class Asset extends Depreciable
            ->whereNotNull('purchase_date')
            ->whereNull('deleted_at')
            ->NotArchived()
-            ->whereRaw('DATE_ADD(`purchase_date`, INTERVAL `warranty_months` MONTH) <= DATE_ADD(NOW(), INTERVAL '
+            ->whereRaw(
+                'DATE_ADD(`purchase_date`, INTERVAL `warranty_months` MONTH) <= DATE_ADD(NOW(), INTERVAL '
                                 . $days
-                                 . ' DAY) AND DATE_ADD(`purchase_date`, INTERVAL `warranty_months` MONTH) > NOW()')
+                . ' DAY) AND DATE_ADD(`purchase_date`, INTERVAL `warranty_months` MONTH) > NOW()'
+            )
            ->orderByRaw('DATE_ADD(`purchase_date`,INTERVAL `warranty_months` MONTH)')
            ->get();
    }
@@ -905,12 +932,10 @@ class Asset extends Depreciable
        foreach ($assets as $asset) {
            $results = preg_match("/\d+$/", $asset['asset_tag'], $matches);

-            if ($results)
-            {
+            if ($results) {
                $number = $matches[0];

-                if ($number > $max)
-                {
+                if ($number > $max) {
                    $max = $number;
                }
            }
@@ -1018,7 +1043,8 @@ class Asset extends Depreciable

        return false;
    }
-    public function getComponentCost(){
+    public function getComponentCost()
+    {
        $cost = 0;
        foreach($this->components as $component) {
            $cost += $component->pivot->assigned_qty*$component->purchase_cost;
@@ -1120,31 +1146,38 @@ class Asset extends Depreciable
        /**
         * Assigned user
         */
-        $query = $query->leftJoin('users as assets_users', function ($leftJoin) {
+        $query = $query->leftJoin(
+            'users as assets_users', function ($leftJoin) {
                $leftJoin->on('assets_users.id', '=', 'assets.assigned_to')
                    ->where('assets.assigned_type', '=', User::class);
-        });
+            }
+        );

        foreach ($terms as $term) {

            $query = $query
                ->orWhere('assets_users.first_name', 'LIKE', '%'.$term.'%')
                ->orWhere('assets_users.last_name', 'LIKE', '%'.$term.'%')
+                ->orWhere('assets_users.jobtitle', 'LIKE', '%'.$term.'%')
                ->orWhere('assets_users.username', 'LIKE', '%'.$term.'%')
                ->orWhere('assets_users.employee_num', 'LIKE', '%'.$term.'%')
-                ->orWhereMultipleColumns([
+                ->orWhereMultipleColumns(
+                    [
                    'assets_users.first_name',
                    'assets_users.last_name',
-                ], $term);
+                    ], $term
+                );
        }

        /**
         * Assigned location
         */
-        $query = $query->leftJoin('locations as assets_locations', function ($leftJoin) {
+        $query = $query->leftJoin(
+            'locations as assets_locations', function ($leftJoin) {
                $leftJoin->on('assets_locations.id', '=', 'assets.assigned_to')
                    ->where('assets.assigned_type', '=', Location::class);
-        });
+            }
+        );

        foreach ($terms as $term) {

@@ -1154,10 +1187,12 @@ class Asset extends Depreciable
        /**
         * Assigned assets
         */
-        $query = $query->leftJoin('assets as assigned_assets', function ($leftJoin) {
+        $query = $query->leftJoin(
+            'assets as assigned_assets', function ($leftJoin) {
                $leftJoin->on('assigned_assets.id', '=', 'assets.assigned_to')
                    ->where('assets.assigned_type', '=', self::class);
-        });
+            }
+        );

        foreach ($terms as $term) {
            $query = $query->orWhere('assigned_assets.name', 'LIKE', '%'.$term.'%');
@@ -1191,11 +1226,13 @@ class Asset extends Depreciable

    public function scopePending($query)
    {
-        return $query->whereHas('assetstatus', function ($query) {
+        return $query->whereHas(
+            'assetstatus', function ($query) {
                $query->where('deployable', '=', 0)
                    ->where('pending', '=', 1)
                    ->where('archived', '=', 0);
-        });
+            }
+        );
    }


@@ -1209,23 +1246,35 @@ class Asset extends Depreciable

    public function scopeAssetsByLocation($query, $location)
    {
-        return $query->where(function ($query) use ($location) {
-            $query->whereHas('assignedTo', function ($query) use ($location) {
-                $query->where([
+        return $query->where(
+            function ($query) use ($location) {
+                $query->whereHas(
+                    'assignedTo', function ($query) use ($location) {
+                        $query->where(
+                            [
                            ['users.location_id', '=', $location->id],
                            ['assets.assigned_type', '=', User::class],
-                ])->orWhere([
+                            ]
+                        )->orWhere(
+                            [
                            ['locations.id', '=', $location->id],
                            ['assets.assigned_type', '=', Location::class],
-                ])->orWhere([
+                            ]
+                        )->orWhere(
+                            [
                            ['assets.rtd_location_id', '=', $location->id],
                            ['assets.assigned_type', '=', self::class],
-                ]);
-            })->orWhere(function ($query) use ($location) {
+                            ]
+                        );
+                    }
+                )->orWhere(
+                    function ($query) use ($location) {
                        $query->where('assets.rtd_location_id', '=', $location->id);
                        $query->whereNull('assets.assigned_to');
-            });
-        });
+                    }
+                );
+            }
+        );
    }


@@ -1240,11 +1289,13 @@ class Asset extends Depreciable
    public function scopeRTD($query)
    {
        return $query->whereNull('assets.assigned_to')
-                   ->whereHas('assetstatus', function ($query) {
+            ->whereHas(
+                'assetstatus', function ($query) {
                        $query->where('deployable', '=', 1)
                            ->where('pending', '=', 0)
                            ->where('archived', '=', 0);
-                   });
+                }
+            );
    }

    /**
@@ -1257,11 +1308,13 @@ class Asset extends Depreciable

    public function scopeUndeployable($query)
    {
-        return $query->whereHas('assetstatus', function ($query) {
+        return $query->whereHas(
+            'assetstatus', function ($query) {
                $query->where('deployable', '=', 0)
                    ->where('pending', '=', 0)
                    ->where('archived', '=', 0);
-        });
+            }
+        );
    }

    /**
@@ -1274,9 +1327,11 @@ class Asset extends Depreciable

    public function scopeNotArchived($query)
    {
-        return $query->whereHas('assetstatus', function ($query) {
+        return $query->whereHas(
+            'assetstatus', function ($query) {
                $query->where('archived', '=', 0);
-        });
+            }
+        );
    }

    /**
@@ -1353,11 +1408,15 @@ class Asset extends Depreciable
    public function scopeDueOrOverdueForAudit($query, $settings)
    {

-        return $query->where(function ($query) {
+        return $query->where(
+            function ($query) {
                $query->OverdueForAudit();
-        })->orWhere(function ($query) use ($settings) {
+            }
+        )->orWhere(
+            function ($query) use ($settings) {
                $query->DueForAudit($settings);
-        });
+            }
+        );
    }


@@ -1408,11 +1467,15 @@ class Asset extends Depreciable
     */
    public function scopeDueOrOverdueForCheckin($query, $settings)
    {
-        return $query->where(function ($query) {
+        return $query->where(
+            function ($query) {
                $query->OverdueForCheckin();
-        })->orWhere(function ($query) use ($settings) {
+            }
+        )->orWhere(
+            function ($query) use ($settings) {
                $query->DueForCheckin($settings);
-        });
+            }
+        );
    }


@@ -1432,9 +1495,11 @@ class Asset extends Depreciable
    {

        if (Setting::getSettings()->show_archived_in_list!=1) {
-            return $query->whereHas('assetstatus', function ($query) {
+            return $query->whereHas(
+                'assetstatus', function ($query) {
                    $query->where('archived', '=', 0);
-            });
+                }
+            );
        } else {
            return $query;
        }
@@ -1451,11 +1516,13 @@ class Asset extends Depreciable

    public function scopeArchived($query)
    {
-        return $query->whereHas('assetstatus', function ($query) {
+        return $query->whereHas(
+            'assetstatus', function ($query) {
                $query->where('deployable', '=', 0)
                    ->where('pending', '=', 0)
                    ->where('archived', '=', 1);
-        });
+            }
+        );
    }

    /**
@@ -1484,12 +1551,16 @@ class Asset extends Depreciable
        $table = $query->getModel()->getTable();

        return Company::scopeCompanyables($query->where($table.'.requestable', '=', 1))
-        ->whereHas('assetstatus', function ($query) {
-            $query->where(function ($query) {
+        ->whereHas(
+            'assetstatus', function ($query) {
+                $query->where(
+                    function ($query) {
                        $query->where('deployable', '=', 1)
                            ->where('archived', '=', 0); // you definitely can't request something that's archived
-            })->orWhere('pending', '=', 1); // we've decided that even though an asset may be 'pending', you can still request it
-        });
+                    }
+                )->orWhere('pending', '=', 1); // we've decided that even though an asset may be 'pending', you can still request it
+            }
+        );
    }


@@ -1558,49 +1629,75 @@ class Asset extends Depreciable
    {
        $search = explode(' OR ', $search);

-        return $query->leftJoin('users as assets_users', function ($leftJoin) {
+        return $query->leftJoin(
+            'users as assets_users', function ($leftJoin) {
                $leftJoin->on('assets_users.id', '=', 'assets.assigned_to')
                    ->where('assets.assigned_type', '=', User::class);
-        })->leftJoin('locations as assets_locations', function ($leftJoin) {
+            }
+        )->leftJoin(
+            'locations as assets_locations', function ($leftJoin) {
                    $leftJoin->on('assets_locations.id', '=', 'assets.assigned_to')
                        ->where('assets.assigned_type', '=', Location::class);
-        })->leftJoin('assets as assigned_assets', function ($leftJoin) {
+            }
+        )->leftJoin(
+            'assets as assigned_assets', function ($leftJoin) {
                    $leftJoin->on('assigned_assets.id', '=', 'assets.assigned_to')
                        ->where('assets.assigned_type', '=', self::class);
-        })->where(function ($query) use ($search) {
+            }
+        )->where(
+            function ($query) use ($search) {
                foreach ($search as $search) {
-                $query->whereHas('model', function ($query) use ($search) {
-                    $query->whereHas('category', function ($query) use ($search) {
-                        $query->where(function ($query) use ($search) {
+                    $query->whereHas(
+                        'model', function ($query) use ($search) {
+                            $query->whereHas(
+                                'category', function ($query) use ($search) {
+                                    $query->where(
+                                        function ($query) use ($search) {
                                            $query->where('categories.name', 'LIKE', '%'.$search.'%')
                                                ->orWhere('models.name', 'LIKE', '%'.$search.'%')
                                                ->orWhere('models.model_number', 'LIKE', '%'.$search.'%');
-                        });
-                    });
-                })->orWhereHas('model', function ($query) use ($search) {
-                    $query->whereHas('manufacturer', function ($query) use ($search) {
-                        $query->where(function ($query) use ($search) {
+                                        }
+                                    );
+                                }
+                            );
+                        }
+                    )->orWhereHas(
+                        'model', function ($query) use ($search) {
+                            $query->whereHas(
+                                'manufacturer', function ($query) use ($search) {
+                                    $query->where(
+                                        function ($query) use ($search) {
                                            $query->where('manufacturers.name', 'LIKE', '%'.$search.'%');
-                        });
-                    });
-                })->orWhere(function ($query) use ($search) {
+                                        }
+                                    );
+                                }
+                            );
+                        }
+                    )->orWhere(
+                        function ($query) use ($search) {
                            $query->where('assets_users.first_name', 'LIKE', '%'.$search.'%')
                                ->orWhere('assets_users.last_name', 'LIKE', '%'.$search.'%')
-                        ->orWhereMultipleColumns([
+                                ->orWhere('assets_users.username', 'LIKE', '%'.$search.'%')
+                                ->orWhere('assets_users.jobtitle', 'LIKE', '%'.$search.'%')
+                                ->orWhereMultipleColumns(
+                                    [
                                    'assets_users.first_name',
                                    'assets_users.last_name',
-                        ], $search)
-                        ->orWhere('assets_users.username', 'LIKE', '%'.$search.'%')
+                                    'assets_users.jobtitle',
+                                    ], $search
+                                )
                                ->orWhere('assets_locations.name', 'LIKE', '%'.$search.'%')
                                ->orWhere('assigned_assets.name', 'LIKE', '%'.$search.'%');
-                })->orWhere('assets.name', 'LIKE', '%'.$search.'%')
+                        }
+                    )->orWhere('assets.name', 'LIKE', '%'.$search.'%')
                        ->orWhere('assets.asset_tag', 'LIKE', '%'.$search.'%')
                        ->orWhere('assets.serial', 'LIKE', '%'.$search.'%')
                        ->orWhere('assets.order_number', 'LIKE', '%'.$search.'%')
                        ->orWhere('assets.notes', 'LIKE', '%'.$search.'%');
                }

-        })->withTrashed()->whereNull('assets.deleted_at'); //workaround for laravel bug
+            }
+        )->withTrashed()->whereNull('assets.deleted_at'); //workaround for laravel bug
    }

    /**
@@ -1614,13 +1711,17 @@ class Asset extends Depreciable
     */
    public function scopeCheckedOutToTargetInDepartment($query, $search)
    {
-        return $query->leftJoin('users as assets_dept_users', function ($leftJoin) {
+        return $query->leftJoin(
+            'users as assets_dept_users', function ($leftJoin) {
                $leftJoin->on('assets_dept_users.id', '=', 'assets.assigned_to')
                    ->where('assets.assigned_type', '=', User::class);
-        })->where(function ($query) use ($search) {
+            }
+        )->where(
+            function ($query) use ($search) {
                    $query->whereIn('assets_dept_users.department_id', $search);

-        })->withTrashed()->whereNull('assets.deleted_at'); //workaround for laravel bug
+            }
+        )->withTrashed()->whereNull('assets.deleted_at'); //workaround for laravel bug
    }


@@ -1635,7 +1736,8 @@ class Asset extends Depreciable
     */
    public function scopeByFilter($query, $filter)
    {
-        return $query->where(function ($query) use ($filter) {
+        return $query->where(
+            function ($query) use ($filter) {
                foreach ($filter as $key => $search_val) {

                    $fieldname = str_replace('custom_fields.', '', $key);
@@ -1670,86 +1772,124 @@ class Asset extends Depreciable
                    }

                    if ($fieldname == 'status_label') {
-                    $query->whereHas('assetstatus', function ($query) use ($search_val) {
+                        $query->whereHas(
+                            'assetstatus', function ($query) use ($search_val) {
                                $query->where('status_labels.name', 'LIKE', '%'.$search_val.'%');
-                    });
+                            }
+                        );
                    }

                    if ($fieldname == 'location') {
-                    $query->whereHas('location', function ($query) use ($search_val) {
+                        $query->whereHas(
+                            'location', function ($query) use ($search_val) {
                                $query->where('locations.name', 'LIKE', '%'.$search_val.'%');
-                    });
+                            }
+                        );
                    }

                    if ($fieldname == 'rtd_location') {
-                    $query->whereHas('defaultLoc', function ($query) use ($search_val) {
+                        $query->whereHas(
+                            'defaultLoc', function ($query) use ($search_val) {
                                $query->where('locations.name', 'LIKE', '%'.$search_val.'%');
-                    });
+                            }
+                        );
                    }

                    if ($fieldname =='assigned_to') {
-                    $query->whereHasMorph('assignedTo', [User::class], function ($query) use ($search_val) {
-                        $query->where(function ($query) use ($search_val) {
+                        $query->whereHasMorph(
+                            'assignedTo', [User::class], function ($query) use ($search_val) {
+                                $query->where(
+                                    function ($query) use ($search_val) {
                                        $query->where('users.first_name', 'LIKE', '%'.$search_val.'%')
                                            ->orWhere('users.last_name', 'LIKE', '%'.$search_val.'%');
-                        });
-                    });
+                                    }
+                                );
+                            }
+                        );
                    }


                    if ($fieldname == 'manufacturer') {
-                    $query->whereHas('model', function ($query) use ($search_val) {
-                        $query->whereHas('manufacturer', function ($query) use ($search_val) {
-                            $query->where(function ($query) use ($search_val) {
+                        $query->whereHas(
+                            'model', function ($query) use ($search_val) {
+                                $query->whereHas(
+                                    'manufacturer', function ($query) use ($search_val) {
+                                        $query->where(
+                                            function ($query) use ($search_val) {
                                                $query->where('manufacturers.name', 'LIKE', '%'.$search_val.'%');
-                            });
-                        });
-                    });
+                                            }
+                                        );
+                                    }
+                                );
+                            }
+                        );
                    }

                    if ($fieldname == 'category') {
-                    $query->whereHas('model', function ($query) use ($search_val) {
-                        $query->whereHas('category', function ($query) use ($search_val) {
-                            $query->where(function ($query) use ($search_val) {
+                        $query->whereHas(
+                            'model', function ($query) use ($search_val) {
+                                $query->whereHas(
+                                    'category', function ($query) use ($search_val) {
+                                        $query->where(
+                                            function ($query) use ($search_val) {
                                                $query->where('categories.name', 'LIKE', '%'.$search_val.'%')
                                                    ->orWhere('models.name', 'LIKE', '%'.$search_val.'%')
                                                    ->orWhere('models.model_number', 'LIKE', '%'.$search_val.'%');
-                            });
-                        });
-                    });
+                                            }
+                                        );
+                                    }
+                                );
+                            }
+                        );
                    }

                    if ($fieldname == 'model') {
-                    $query->where(function ($query) use ($search_val) {
-                        $query->whereHas('model', function ($query) use ($search_val) {
+                        $query->where(
+                            function ($query) use ($search_val) {
+                                $query->whereHas(
+                                    'model', function ($query) use ($search_val) {
                                        $query->where('models.name', 'LIKE', '%'.$search_val.'%');
-                        });
-                    });
+                                    }
+                                );
+                            }
+                        );
                    }

                    if ($fieldname == 'model_number') {
-                    $query->where(function ($query) use ($search_val) {
-                        $query->whereHas('model', function ($query) use ($search_val) {
+                        $query->where(
+                            function ($query) use ($search_val) {
+                                $query->whereHas(
+                                    'model', function ($query) use ($search_val) {
                                        $query->where('models.model_number', 'LIKE', '%'.$search_val.'%');
-                        });
-                    });
+                                    }
+                                );
+                            }
+                        );
                    }


                    if ($fieldname == 'company') {
-                    $query->where(function ($query) use ($search_val) {
-                        $query->whereHas('company', function ($query) use ($search_val) {
+                        $query->where(
+                            function ($query) use ($search_val) {
+                                $query->whereHas(
+                                    'company', function ($query) use ($search_val) {
                                        $query->where('companies.name', 'LIKE', '%'.$search_val.'%');
-                        });
-                    });
+                                    }
+                                );
+                            }
+                        );
                    }

                    if ($fieldname == 'supplier') {
-                    $query->where(function ($query) use ($search_val) {
-                        $query->whereHas('supplier', function ($query) use ($search_val) {
+                        $query->where(
+                            function ($query) use ($search_val) {
+                                $query->whereHas(
+                                    'supplier', function ($query) use ($search_val) {
                                        $query->where('suppliers.name', 'LIKE', '%'.$search_val.'%');
-                        });
-                    });
+                                    }
+                                );
+                            }
+                        );
                    }


@@ -1773,11 +1913,11 @@ class Asset extends Depreciable
                     * against those relationships earlier in this method.
                     *
                     * - snipe
-             *
                     */

                    if (($fieldname!='category') && ($fieldname!='model_number') && ($fieldname!='rtd_location') && ($fieldname!='location') && ($fieldname!='supplier')
-                && ($fieldname!='status_label') && ($fieldname!='assigned_to') && ($fieldname!='model') && ($fieldname!='company') && ($fieldname!='manufacturer')) {
+                        && ($fieldname!='status_label') && ($fieldname!='assigned_to') && ($fieldname!='model') && ($fieldname!='company') && ($fieldname!='manufacturer')
+                    ) {
                        $query->where('assets.'.$fieldname, 'LIKE', '%' . $search_val . '%');
                    }

@@ -1785,7 +1925,8 @@ class Asset extends Depreciable
                }


-        });
+            }
+        );

    }

@@ -1883,7 +2024,7 @@ class Asset extends Depreciable
    {
        return $query->join('models as category_models', 'assets.model_id', '=', 'category_models.id')
            ->join('categories', 'category_models.category_id', '=', 'categories.id')
-            ->whereIn('category_models.category_id', (!is_array($category_id) ? explode(',',$category_id): $category_id));
+            ->whereIn('category_models.category_id', (!is_array($category_id) ? explode(',', $category_id): $category_id));
            //->whereIn('category_models.category_id', $category_id);
    }

@@ -1898,7 +2039,7 @@ class Asset extends Depreciable
    public function scopeByManufacturer($query, $manufacturer_id)
    {
        return $query->join('models', 'assets.model_id', '=', 'models.id')
-            ->join('manufacturers', 'models.manufacturer_id', '=', 'manufacturers.id')->whereIn('models.manufacturer_id', (!is_array($manufacturer_id) ? explode(',',$manufacturer_id): $manufacturer_id));
+            ->join('manufacturers', 'models.manufacturer_id', '=', 'manufacturers.id')->whereIn('models.manufacturer_id', (!is_array($manufacturer_id) ? explode(',', $manufacturer_id): $manufacturer_id));
    }


@@ -1949,6 +2090,7 @@ class Asset extends Depreciable

    /**
     * Query builder scope to order on default
+     *
     * @param \Illuminate\Database\Query\Builder $query Query builder instance
     * @param text                               $order Order
     *
@@ -1973,6 +2115,19 @@ class Asset extends Depreciable
        return $query->leftJoin('suppliers as suppliers_assets', 'assets.supplier_id', '=', 'suppliers_assets.id')->orderBy('suppliers_assets.name', $order);
    }

+    /**
+     * Query builder scope to order on supplier name
+     *
+     * @param \Illuminate\Database\Query\Builder $query Query builder instance
+     * @param text                               $order Order
+     *
+     * @return \Illuminate\Database\Query\Builder          Modified query builder
+     */
+    public function scopeOrderByJobTitle($query, $order)
+    {
+        return $query->leftJoin('users as users_sort', 'assets.assigned_to', '=', 'users_sort.id')->select('assets.*')->orderBy('users_sort.jobtitle', $order);
+    }
+
    /**
     * Query builder scope to search on location ID
     *
@@ -1983,17 +2138,22 @@ class Asset extends Depreciable
     */
    public function scopeByLocationId($query, $search)
    {
-        return $query->where(function ($query) use ($search) {
-            $query->whereHas('location', function ($query) use ($search) {
+        return $query->where(
+            function ($query) use ($search) {
+                $query->whereHas(
+                    'location', function ($query) use ($search) {
                        $query->where('locations.id', '=', $search);
-            });
-        });
+                    }
+                );
+            }
+        );

    }


    /**
     * Query builder scope to search on depreciation name
+     *
     * @param \Illuminate\Database\Query\Builder $query  Query builder instance
     * @param text                               $search Search term
     *
--- a/app/Models/AssetModel.php
+++ b/app/Models/AssetModel.php
@@ -2,6 +2,7 @@

 namespace App\Models;

+use App\Models\Traits\HasUploads;
 use App\Models\Traits\Searchable;
 use App\Presenters\Presentable;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
@@ -24,6 +25,7 @@ class AssetModel extends SnipeModel
    use SoftDeletes;
    use Loggable, Requestable, Presentable;
    use TwoColumnUniqueUndeletedTrait;
+    use HasUploads;

    /**
     * Whether the model should inject its identifier to the unique
@@ -96,8 +98,16 @@ class AssetModel extends SnipeModel
        'manufacturer' => ['name'],
    ];

+    protected static function booted(): void
+    {
+        static::forceDeleted(function (AssetModel $assetModel) {
+            $assetModel->requests()->forceDelete();
+        });

-
+        static::softDeleted(function (AssetModel $assetModel) {
+            $assetModel->requests()->delete();
+        });
+    }

    /**
     * Establishes the model -> assets relationship
@@ -209,21 +219,6 @@ class AssetModel extends SnipeModel
            && ($this->deleted_at == '');
    }

-    /**
-     * Get uploads for this model
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v4.0]
-     * @return \Illuminate\Database\Eloquent\Relations\Relation
-     */
-    public function uploads()
-    {
-        return $this->hasMany('\App\Models\Actionlog', 'item_id')
-            ->where('item_type', '=', AssetModel::class)
-            ->where('action_type', '=', 'uploaded')
-            ->whereNotNull('filename')
-            ->orderBy('created_at', 'desc');
-    }

    /**
     * Get user who created the item
@@ -287,16 +282,24 @@ class AssetModel extends SnipeModel
    {
        return $query->where('models.name', 'LIKE', "%$search%")
            ->orWhere('model_number', 'LIKE', "%$search%")
-            ->orWhere(function ($query) use ($search) {
-                $query->whereHas('category', function ($query) use ($search) {
+            ->orWhere(
+                function ($query) use ($search) {
+                    $query->whereHas(
+                        'category', function ($query) use ($search) {
                            $query->where('categories.name', 'LIKE', '%'.$search.'%');
-                });
-            })
-            ->orWhere(function ($query) use ($search) {
-                $query->whereHas('manufacturer', function ($query) use ($search) {
+                        }
+                    );
+                }
+            )
+            ->orWhere(
+                function ($query) use ($search) {
+                    $query->whereHas(
+                        'manufacturer', function ($query) use ($search) {
                            $query->where('manufacturers.name', 'LIKE', '%'.$search.'%');
-                });
-            });
+                        }
+                    );
+                }
+            );
    }

    /**
@@ -332,7 +335,6 @@ class AssetModel extends SnipeModel

    /**
     * Query builder scope to order on created_by name
-     *
     */
    public function scopeOrderByCreatedByName($query, $order)
    {
--- a/app/Models/Category.php
+++ b/app/Models/Category.php
@@ -32,6 +32,7 @@ class Category extends SnipeModel
    protected $hidden = ['created_by', 'deleted_at'];

    protected $casts = [
+        'alert_on_response' => 'boolean',
        'created_by'      => 'integer',
    ];

@@ -69,6 +70,7 @@ class Category extends SnipeModel
        'eula_text',
        'name',
        'require_acceptance',
+        'alert_on_response',
        'use_default_eula',
        'created_by',
        'notes',
--- a/Show More
+++ b/Show More