Bumped version

* Fixed  #6834 and #6402 - use inline QR code generation for

* Update auth controllers to use translations

* Updated composer lock

* Added comments

* Moar comments

* Typo

.env.example

@@ -5,20 +5,30 @@ APP_ENV=production
 APP_DEBUG=false
 APP_KEY=ChangeMe
 APP_URL=null
-APP_TIMEZONE='US/Pacific'
+APP_TIMEZONE='UTC'
 APP_LOCALE=en
 
-
 # --------------------------------------------
 # REQUIRED: DATABASE SETTINGS
 # --------------------------------------------
 DB_CONNECTION=mysql
-DB_HOST=localhost
+DB_HOST=127.0.0.1
 DB_DATABASE=null
 DB_USERNAME=null
 DB_PASSWORD=null
 DB_PREFIX=null
-DB_DUMP_PATH='/usr/local/bin'
+DB_DUMP_PATH='/usr/bin'
+DB_CHARSET=utf8mb4
+DB_COLLATION=utf8mb4_unicode_ci
+
+# --------------------------------------------
+# OPTIONAL: SSL DATABASE SETTINGS
+# --------------------------------------------
+DB_SSL=false
+DB_SSL_KEY_PATH=null
+DB_SSL_CERT_PATH=null
+DB_SSL_CA_PATH=null
+DB_SSL_CIPHER=null
 
 # --------------------------------------------
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
@@ -30,8 +40,9 @@ MAIL_USERNAME=YOURUSERNAME
 MAIL_PASSWORD=YOURPASSWORD
 MAIL_ENCRYPTION=null
 MAIL_FROM_ADDR=you@example.com
-MAIL_FROM_NAME=Snipe-IT
-
+MAIL_FROM_NAME='Snipe-IT'
+MAIL_REPLYTO_ADDR=you@example.com
+MAIL_REPLYTO_NAME='Snipe-IT'
 
 # --------------------------------------------
 # REQUIRED: IMAGE LIBRARY
@@ -39,7 +50,6 @@ MAIL_FROM_NAME=Snipe-IT
 # --------------------------------------------
 IMAGE_LIB=gd
 
-
 # --------------------------------------------
 # OPTIONAL: SESSION SETTINGS
 # --------------------------------------------
@@ -50,6 +60,11 @@ COOKIE_NAME=snipeit_session
 COOKIE_DOMAIN=null
 SECURE_COOKIES=false
 
+# --------------------------------------------
+# OPTIONAL: SECURITY HEADER SETTINGS
+# --------------------------------------------
+REFERRER_POLICY=same-origin
+ENABLE_CSP=false
 
 # --------------------------------------------
 # OPTIONAL: CACHE SETTINGS
@@ -57,7 +72,20 @@ SECURE_COOKIES=false
 CACHE_DRIVER=file
 SESSION_DRIVER=file
 QUEUE_DRIVER=sync
+CACHE_PREFIX=snipeit
 
+# --------------------------------------------
+# OPTIONAL: REDIS SETTINGS
+# --------------------------------------------
+REDIS_HOST=null
+REDIS_PASSWORD=null
+REDIS_PORT=null
+
+# --------------------------------------------
+# OPTIONAL: MEMCACHED SETTINGS
+# --------------------------------------------
+MEMCACHED_HOST=null
+MEMCACHED_PORT=null
 
 # --------------------------------------------
 # OPTIONAL: AWS S3 SETTINGS
@@ -67,10 +95,21 @@ AWS_KEY=null
 AWS_REGION=null
 AWS_BUCKET=null
 
+# --------------------------------------------
+# OPTIONAL: LOGIN THROTTLING
+# --------------------------------------------
+LOGIN_MAX_ATTEMPTS=5
+LOGIN_LOCKOUT_DURATION=60
 
 # --------------------------------------------
 # OPTIONAL: MISC
 # --------------------------------------------
 APP_LOG=single
+APP_LOG_MAX_FILES=10
 APP_LOCKED=false
 FILESYSTEM_DISK=local
+APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1
+ALLOW_IFRAMING=false
+APP_CIPHER=AES-256-CBC
+GOOGLE_MAPS_API=
+BACKUP_ENV=true

.env.testing

@@ -3,7 +3,7 @@
 # --------------------------------------------
 APP_ENV=testing
 APP_DEBUG=true
-APP_KEY=ChangeMe
+APP_KEY=base64:glJpcM7BYwWiBggp3SQ/+NlRkqsBQMaGEOjemXqJzOU=
 APP_URL=http://localhost:8000
 APP_TIMEZONE='US/Pacific'
 APP_LOCALE=en
@@ -21,7 +21,7 @@ DB_PASSWORD=null
 # --------------------------------------------
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
 # --------------------------------------------
-MAIL_DRIVER=smtp
+MAIL_DRIVER=log
 MAIL_HOST=email-smtp.us-west-2.amazonaws.com
 MAIL_PORT=587
 MAIL_USERNAME=YOURUSERNAME
@@ -69,3 +69,4 @@ SECURE_COOKIES=false
 # OPTIONAL: APP LOG FORMAT
 # --------------------------------------------
 APP_LOG=single
+APP_LOG_LEVEL=debug

.env.testing-ci

@@ -15,13 +15,13 @@ FILESYSTEM_DISK=local
 DB_CONNECTION=mysql
 DB_HOST=localhost
 DB_DATABASE=snipeit_unit
-DB_USERNAME=travis
+DB_USERNAME=root
 DB_PASSWORD=null
 
 # --------------------------------------------
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
 # --------------------------------------------
-MAIL_DRIVER=smtp
+MAIL_DRIVER=log
 MAIL_HOST=email-smtp.us-west-2.amazonaws.com
 MAIL_PORT=587
 MAIL_USERNAME=YOURUSERNAME

.env.tests

@@ -0,0 +1,22 @@
+APP_ENV=testing
+APP_DEBUG=true
+APP_URL=http://snipe-it.localapp
+DB_CONNECTION=mysql
+DB_DEFAULT=mysql
+DB_HOST=localhost
+DB_DATABASE=snipeittests
+DB_USERNAME=snipeit
+DB_PASSWORD=snipe
+APP_KEY=base64:tu9NRh/a6+dCXBDGvg0Gv/0TcABnFsbT4AKxrr8mwQo=
+
+
+# --------------------------------------------
+# OPTIONAL: LOGIN THROTTLING
+# (LOGIN_LOCKOUT_DURATIONin minutes)
+# --------------------------------------------
+LOGIN_MAX_ATTEMPTS=1000000
+LOGIN_LOCKOUT_DURATION=100000000
+
+MAIL_DRIVER=log
+MAIL_FROM_ADDR=you@example.com
+MAIL_FROM_NAME=Snipe-IT

.env.unit-tests

@@ -0,0 +1,19 @@
+APP_ENV=testing
+APP_DEBUG=true
+APP_URL=http://snipe-it.localapp
+DB_CONNECTION=sqlite_testing
+DB_DEFAULT=sqlite_testing
+DB_HOST=localhost
+APP_KEY=base64:tu9NRh/a6+dCXBDGvg0Gv/0TcABnFsbT4AKxrr8mwQo=
+
+
+# --------------------------------------------
+# OPTIONAL: LOGIN THROTTLING
+# (LOGIN_LOCKOUT_DURATIONin minutes)
+# --------------------------------------------
+LOGIN_MAX_ATTEMPTS=1000000
+LOGIN_LOCKOUT_DURATION=100000000
+
+MAIL_DRIVER=log
+MAIL_FROM_ADDR=you@example.com
+MAIL_FROM_NAME=Snipe-IT

.github/CODEOWNERS

@@ -0,0 +1,22 @@
+# Code ownership for pull request reviews, per
+# the feature detailed here:
+
+# https://github.com/blog/2392-introducing-code-owners
+# https://help.github.com/articles/about-codeowners/
+
+# These owners will be the default owners for everything in the repo.
+* @snipe
+
+# Order is important. The last matching pattern has the most precedence.
+# So if a pull request only touches javascript files, only these owners
+# will be requested to review.
+
+# For example:
+#  *.js    @octocat @github/js
+
+
+app/Importer/*  @dmeltzer
+app/Http/Controllers/CustomFields* @uberbrady
+app/Http/Controllers/Api/CustomFields* @uberbrady
+resources/views/custom_fields/* @uberbrady
+docker/* @uberbrady

.github/FUNDING.yml

@@ -0,0 +1,5 @@
+# You can add one username per supported platform and one custom link
+# patreon: # Replace with your Patreon username
+# open_collective: # Replace with your Open Collective username
+# ko_fi: # Replace with your Ko-fi username
+custom: https://snipeitapp.com/donate

.github/ISSUE_TEMPLATE.md

@@ -12,20 +12,27 @@
 
 #### Please confirm you have done the following before posting your bug report:
 
-- [ ] I have enabled debug mode
-- [ ] I have read [checked the Common Issues page](http://docs.snipeitapp.com/common-issues.html)
+- [ ] I have enabled debug mode 
+- [ ] I have read [checked the Common Issues page](https://snipe-it.readme.io/docs/common-issues)
 
 -----
-#### Please provide answers to these questions before posting your bug report:
+#### Provide answers to these questions:
 
+- Is this a fresh install or an upgrade? 
 - Version of Snipe-IT you're running
+- Version of PHP you're running
+- Version of MySQL/MariaDB you're running
 - What OS and web server you're running Snipe-IT on
 - What method you used to install Snipe-IT (install.sh, manual installation, docker, etc)
-- If you're getting an error in your browser, include that error
+- WITH DEBUG TURNED ON, if you're getting an error in your browser, include that error
 - What specific Snipe-IT page you're on, and what specific element you're interacting with to trigger the error
 - If a stacktrace is provided in the error, include that too.
 - Any errors that appear in your browser's error console.
-- Confirm whether the error is [reproduceable on the demo](https://snipeitapp.com/demo).
-- Include any additional information you can find in `app/storage/logs` and your webserver's logs.
+- Confirm whether the error is reproducible on the demo: https://snipeitapp.com/demo.
+- Include any additional information you can find in `storage/logs` and your webserver's logs.
 - Include what you've done so far in the installation, and if you got any error messages along the way.
 - Indicate whether or not you've manually edited any data directly in the database
+
+Please do not post an issue without answering the related questions above. If you have opened a different issue and already answered these questions, answer them again, once for every ticket. It will be next to impossible for us to help you.
+
+https://snipe-it.readme.io/docs/getting-help

.github/ISSUE_TEMPLATE/Bug_report.md

@@ -0,0 +1,61 @@
+---
+name: Bug report
+about: Create a report to help us improve
+
+---
+
+#### Please confirm you have done the following before posting your bug report:
+
+- [ ] I have enabled debug mode 
+- [ ] I have read [checked the Common Issues page](https://snipe-it.readme.io/docs/common-issues)
+
+**Describe the bug**
+A clear and concise description of what the bug is.
+
+**To Reproduce**
+Steps to reproduce the behavior:
+1. Go to '...'
+2. Click on '....'
+3. Scroll down to '....'
+4. See error
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Screenshots**
+If applicable, add screenshots to help explain your problem.
+
+**Server (please complete the following information):**
+ - Snipe-IT Version 
+ - OS: [e.g. Ubuntu, CentOS]
+ - Web Server: [e.g. Apache, IIS]
+ - PHP Version 
+
+**Desktop (please complete the following information):**
+ - OS: [e.g. iOS]
+ - Browser [e.g. chrome, safari]
+ - Version [e.g. 22]
+
+**Smartphone (please complete the following information):**
+ - Device: [e.g. iPhone6]
+ - OS: [e.g. iOS8.1]
+ - Browser [e.g. stock browser, safari]
+ - Version [e.g. 22]
+
+**Error Messages**
+- WITH DEBUG TURNED ON, if you're getting an error in your browser, include that error
+- If a stacktrace is provided in the error, include that too.
+- Any errors that appear in your browser's error console.
+- Confirm whether the error is reproducible on the demo: https://snipeitapp.com/demo.
+- Include any additional information you can find in `storage/logs` and your webserver's logs.
+
+**Additional context**
+- Is this a fresh install or an upgrade? 
+- What OS and web server you're running Snipe-IT on
+- What method you used to install Snipe-IT (install.sh, manual installation, docker, etc)
+- Include what you've done so far in the installation, and if you got any error messages along the way.
+- Indicate whether or not you've manually edited any data directly in the database
+
+Add any other context about the problem here.
+
+Please do not post an issue without answering the related questions above. If you have opened a different issue and already answered these questions, answer them again, once for every ticket. It will be next to impossible for us to help you.

.github/ISSUE_TEMPLATE/Feature_request.md

@@ -0,0 +1,23 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+
+---
+
+**Server (please complete the following information):**
+ - Snipe-IT Version 
+ - OS: [e.g. Ubuntu, CentOS]
+ - Web Server: [e.g. Apache, IIS]
+ - PHP Version 
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.

.github/stale.yml

@@ -0,0 +1,43 @@
+# Number of days of inactivity before an issue becomes stale
+daysUntilStale: 60
+# Number of days of inactivity before a stale issue is closed
+daysUntilClose: 7
+# Issues with these labels will never be considered stale
+exemptLabels:
+  - pinned
+  - security
+  - :woman_technologist: ready for dev
+  - :moneybag: bounty
+  - :hand: bug
+  - "🔐 security"
+  - "👩‍💻 ready for dev"
+  - "💰 bounty"
+  - "✋ bug"
+
+exemptMilestones: true
+
+# Label to use when marking an issue as stale
+staleLabel: stale
+
+only: issues
+
+# Comment to post when removing the stale label.
+unmarkComment: >
+  Okay, it looks like this issue or feature request might still be important. We'll re-open
+  it for now. Thank you for letting us know!
+
+# Comment to post when marking an issue as stale. Set to `false` to disable
+markComment: >
+  Is this still relevant? We haven't heard from anyone in a bit. If so,
+  please comment with any updates or additional detail.
+
+  This issue has been automatically marked as stale because it has not had
+  recent activity. It will be closed if no further activity occurs. Don't
+  take it personally, we just need to keep a handle on things. Thank you
+  for your contributions!
+# Comment to post when closing a stale issue. Set to `false` to disable
+closeComment: >
+  This issue has been automatically closed because it has not had
+  recent activity. If you believe this is still an issue, please confirm that
+  this issue is still happening in the most recent version of Snipe-IT and reply
+  to this thread to re-open it.

.github/travis-memory.ini

@@ -0,0 +1 @@
+memory_limit= 2048M

.gitignore

@@ -1,49 +1,53 @@
-/vendor
-/node_modules
-Homestead.yaml
-Homestead.json
-.env
-
-tests/_output/*
+.couscous
 .DS_Store
-public/uploads/models/*
-public/uploads/avatars/*
-public/uploads/suppliers/*
-public/uploads/assets/*
-public/uploads/users/*
-public/uploads/*.gif
-public/uploads/*.jpg
-public/uploads/*.png
-public/uploads/*.tif
-public/uploads/*.svg
-storage/app/private_uploads/users/*
-phpDocumentor.phar
-output
-tests/_support/_generated/*
-
-
+.env
+.idea
+/bin/
 /bootstrap/compiled.php
-composer.phar
-app/config/database.php
-app/config/mail.php
+/node_modules
+/vendor
 app/database/*.sqlite
 app/storage/meta/services.json
-app/config/*/mail.php
-app/config/*/session.php
-app/config/*/database.php
-app/config/*/app.php
-app/config/*/ldap.php
-public/packages/*
-storage/logs/*
-storage/debugbar/
-/bin/
-.idea
+composer.phar
 crowdin.yaml
+Homestead.json
+Homestead.yaml
+output
+phpDocumentor.phar
+public/uploads/*.gif
+public/uploads/barcodes/*.png
+public/uploads/*.jpg
+public/uploads/*.png
+public/uploads/*.svg
+public/uploads/*.tif
+public/uploads/assets/*
+public/uploads/avatars/*
 public/uploads/logo.gif
-public/uploads/logo.svg
 public/uploads/logo.png
-.couscous
+public/uploads/logo.svg
+public/uploads/models/*
+public/uploads/suppliers/*
+public/uploads/accessories/*
+public/uploads/locations/*
+public/uploads/manufacturers/*
+public/uploads/components/*
+public/uploads/consumables/*
+public/uploads/companies/*
+public/uploads/categories/*
+public/uploads/users/*
+storage/app/private_uploads/users/*
+public/uploads/departments/*
+storage/debugbar/
 storage/dumps/*
-tests/_data/scenarios
 storage/laravel-backups
+storage/logs/*
 storage/private_uploads/users/*
+tests/_data/scenarios
+tests/_output/*
+tests/_support/_generated/*
+/npm-debug.log
+/storage/oauth-private.key
+/storage/oauth-public.key
+
+*.cache
+/public/storage

.travis.yml

@@ -1,4 +1,7 @@
 addons:
+    code_climate:
+      repo_token:
+        secure: "C/bUAEpwfZB82dkzI2Nxx3PW5w/BzbKkSyCkp6YjT046jD2/QKvz6ngCFlt3tAWV11TXWFI6D8DzkMmdWOrQl3SGlPZXRD8QOvCiz0HiGMDvlxjAaPaQecGaQZdx/H4m6xTUXRNUVaYmxlMgkkFCWhAp+HZDs0iyOEVamp0Jszg="
     hosts:
         - localhost
 sudo: false
@@ -6,26 +9,41 @@ sudo: false
 # see http://about.travis-ci.org/docs/user/languages/php/ for more hints
 language: php
 
+services:
+  - mysql
+
 # list any PHP version you want to test against
 php:
   - 5.6
   - 7.0
+  - 7.1
+  - 7.2
+  - 7.3
+
+matrix:
+  allow_failures:
+    - php: 7.3
 
 # execute any number of scripts before the test run, custom env's are available as variables
 before_script:
+  - phpenv config-add .github/travis-memory.ini
   - phantomjs --webdriver=4444  &
-  - sleep 10
-  - mysql -e "create database IF NOT EXISTS snipeit_unit;" -utravis
+  - sleep 4
+  - mysql -e 'CREATE DATABASE snipeit_unit;'
+  - mysql -e 'CREATE USER "travis'@'localhost";'
+  - mysql -e 'GRANT ALL PRIVILEGES ON * . * TO "travis'@'localhost";'
+  - mysql -e 'FLUSH PRIVILEGES;'
   - composer self-update
   - composer install -n --prefer-source
-  - cp .env.testing-ci .env
   - chmod -R 777 storage
-  - php artisan migrate --database=mysql --force
+  - php artisan migrate --env=testing-ci --database=mysql --force
   - ./vendor/bin/codecept build
-  - php artisan key:generate
-  - php artisan db:seed --database=mysql --force
-  - php artisan snipeit:create-admin --first_name=Alison --last_name=Foobar --email=me@example.com --username=snipe --password=password
-  - php artisan serve --port=8000 --host=localhost &
+  - php artisan --env=testing-ci key:generate 
+  - php artisan --env=testing-ci snipeit:travisci-install
+  - php artisan --env=testing-ci db:seed --database=mysql --force
+  - php artisan --env=testing-ci snipeit:create-admin --first_name=Alison --last_name=Foobar --email=me@example.com --username=snipe --password=password
+  - php artisan --env=testing-ci passport:install
+  - php artisan serve --env=testing-ci --port=8000 --host=localhost &
   - sleep 5
   - pip install --user codecov
   - sleep 5
@@ -34,16 +52,24 @@ before_script:
 
 # omitting "script:" will default to phpunit
 # use the $DB env variable to determine the phpunit.xml to use
-# script: ./vendor/bin/codecept run --env testing-ci - broken :(
-script: ./vendor/bin/codecept run unit --env testing-ci
-#script: ./vendor/bin/codecept run
+# script: ./vendor/bin/codecept run --env testing-ci
+script:
+  - ./vendor/bin/codecept run unit
+#  - ./vendor/bin/codecept run acceptance --env=testing-ci
+  - ./vendor/bin/codecept run functional --env=functional-travis -g func1
+  - ./vendor/bin/codecept run functional --env=functional-travis -g func2
+  - ./vendor/bin/codecept run api --env=functional-travis
+
+after_script:
+  - vendor/bin/test-reporter
 
 after_success:
   - codecov
 
 after_failure:
-  - cat tests/_output/AccessoriesCept.fail.html
+  - cat tests/_output/*.fail.html
   - curl http://localhost:8000/login
+  - cat storage/logs/laravel.log
 
 # configure notifications (email, IRC, campfire etc)
 notifications:

CODE_OF_CONDUCT.md

@@ -0,0 +1,74 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, gender identity and expression, level of experience,
+nationality, personal appearance, race, religion, or sexual identity and
+orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+  address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at abuse@snipeitapp.com. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at [http://contributor-covenant.org/version/1/4][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/

CONTRIBUTING.md

@@ -0,0 +1,6 @@
+### Contributing
+
+Please see the documentation on [contributing and developing for Snipe-IT](https://snipe-it.readme.io/docs/contributing-overview).
+
+
+Please note that this project is released with a [Contributor Code of Conduct](CODE_OF_CONDUCT.md). By participating in this project you agree to abide by its terms.

Dockerfile

@@ -1,27 +1,36 @@
-FROM ubuntu:trusty
+FROM ubuntu:xenial
 MAINTAINER Brady Wetherington <uberbrady@gmail.com>
 
 RUN apt-get update && apt-get install -y \
+apache2 \
 apache2-bin \
-libapache2-mod-php5 \
-php5-curl \
-php5-ldap \
-php5-mysql \
-php5-mcrypt \
-php5-gd \
+libapache2-mod-php7.0 \
+php7.0-curl \
+php7.0-ldap \
+php7.0-mysql \
+php7.0-mcrypt \
+php7.0-gd \
+php7.0-xml \
+php7.0-mbstring \
+php7.0-zip \
+php7.0-bcmath \
 patch \
 curl \
 vim \
 git \
-mysql-client
+mysql-client \
+supervisor \
+&& apt-get clean \
+&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 
-RUN php5enmod mcrypt
-RUN php5enmod gd
+RUN phpenmod mcrypt
+RUN phpenmod gd
+RUN phpenmod bcmath
 
-RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php5/apache2/php.ini
-RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php5/cli/php.ini
+RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/7.0/apache2/php.ini
+RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/7.0/cli/php.ini
 
-RUN useradd --uid 1000 --gid 50 docker
+RUN useradd -m --uid 1000 --gid 50 docker
 
 RUN echo export APACHE_RUN_USER=docker >> /etc/apache2/envvars
 RUN echo export APACHE_RUN_GROUP=staff >> /etc/apache2/envvars
@@ -54,12 +63,14 @@ COPY docker/docker.env /var/www/html/.env
 RUN chown -R docker /var/www/html
 
 RUN \
-	rm -r "/var/www/html/storage/private_uploads"      && ln -fs "/var/lib/snipeit/data/private_uploads"   "/var/www/html/storage/private_uploads"      && \
-	mkdir -p "/var/www/html/public/uploads" && \
-	rm -rf "/var/www/html/public/uploads/avatars"   && ln -fs "/var/lib/snipeit/data/uploads/avatars"   "/var/www/html/public/uploads/avatars"   && \
-	rm -rf "/var/www/html/public/uploads/models"    && ln -fs "/var/lib/snipeit/data/uploads/models"    "/var/www/html/public/uploads/models"    && \
-	rm -rf "/var/www/html/public/uploads/suppliers" && ln -fs "/var/lib/snipeit/data/uploads/suppliers" "/var/www/html/public/uploads/suppliers" && \
-	rm -r "/var/www/html/storage/backups"        && ln -fs "/var/lib/snipeit/dumps"                  "/var/www/html/storage/backups"
+	rm -r "/var/www/html/storage/private_uploads" && ln -fs "/var/lib/snipeit/data/private_uploads" "/var/www/html/storage/private_uploads" \
+      && rm -rf "/var/www/html/public/uploads" && ln -fs "/var/lib/snipeit/data/uploads" "/var/www/html/public/uploads" \
+      && rm -r "/var/www/html/storage/app/backups" && ln -fs "/var/lib/snipeit/dumps" "/var/www/html/storage/app/backups" \
+      && mkdir "/var/lib/snipeit/keys" && ln -fs "/var/lib/snipeit/keys/oauth-private.key" "/var/www/html/storage/oauth-private.key" \
+      && ln -fs "/var/lib/snipeit/keys/oauth-public.key" "/var/www/html/storage/oauth-public.key" \
+      && chown docker "/var/lib/snipeit/keys/" \
+      && chmod +x /var/www/html/artisan \
+      && echo "Finished setting up application in /var/www/html"
 
 ############## DEPENDENCIES via COMPOSER ###################
 
@@ -67,7 +78,9 @@ RUN \
 RUN cd /tmp;curl -sS https://getcomposer.org/installer | php;mv /tmp/composer.phar /usr/local/bin/composer
 
 # Get dependencies
-RUN cd /var/www/html;composer install
+USER docker
+RUN cd /var/www/html;composer install && rm -rf /home/docker/.composer/cache
+USER root
 
 ############### APPLICATION INSTALL/INIT #################
 
@@ -80,14 +93,15 @@ RUN cd /var/www/html;composer install
 
 ############### DATA VOLUME #################
 
-VOLUME [/var/lib/snipeit]
+VOLUME ["/var/lib/snipeit"]
 
 ##### START SERVER
 
-COPY docker/entrypoint.sh /entrypoint.sh
-RUN chmod +x /entrypoint.sh
+COPY docker/startup.sh docker/supervisord.conf /
+COPY docker/supervisor-exit-event-listener /usr/bin/supervisor-exit-event-listener
+RUN chmod +x /startup.sh /usr/bin/supervisor-exit-event-listener
 
-ENTRYPOINT ["/entrypoint.sh"]
+CMD ["/startup.sh"]
 
 EXPOSE 80
 EXPOSE 443

README.md

@@ -1,43 +1,41 @@
-[![Build Status](https://travis-ci.org/snipe/snipe-it.svg?branch=develop)](https://travis-ci.org/snipe/snipe-it) [![Stories in Ready](https://badge.waffle.io/snipe/snipe-it.png?label=ready+for+dev&title=Ready+for+development)](http://waffle.io/snipe/snipe-it) [![Maintenance](https://img.shields.io/maintenance/yes/2016.svg)]() [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.png)](https://crowdin.com/project/snipe-it)
-[![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/snipe/snipe-it?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
-[![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/)
-[![Twitter Follow](https://img.shields.io/twitter/follow/snipeyhead.svg?style=social)](https://twitter.com/snipeyhead)
-[![Zenhub](https://raw.githubusercontent.com/ZenHubIO/support/master/zenhub-badge.png)](https://zenhub.io)
+[![Build Status](https://travis-ci.org/snipe/snipe-it.svg?branch=master)](https://travis-ci.org/snipe/snipe-it) [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/snipe/snipe-it?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeitapp.svg?style=social)](https://twitter.com/snipeitapp)  [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&utm_medium=referral&utm_content=snipe/snipe-it&utm_campaign=Badge_Grade)
+[![All Contributors](https://img.shields.io/badge/all_contributors-181-orange.svg?style=flat-square)](#contributors) [![Open Source Helpers](https://www.codetriage.com/snipe/snipe-it/badges/users.svg)](https://www.codetriage.com/snipe/snipe-it)
 
 
-## Snipe-IT - Asset Management For the Rest of Us
+## Snipe-IT - Open Source Asset Management System
 
 This is a FOSS project for asset management in IT Operations. Knowing who has which laptop, when it was purchased in order to depreciate it correctly, handling software licenses, etc.
 
-It is built on [Laravel 5.2](http://laravel.com).
+It is built on [Laravel 5.4](http://laravel.com).
 
-This project is being actively developed and we're [releasing quite frequently](https://github.com/snipe/snipe-it/releases). ([Check out the live demo here](https://snipeitapp.com/demo/).)
+Snipe-IT is actively developed and we're [releasing quite frequently](https://github.com/snipe/snipe-it/releases). ([Check out the live demo here](https://snipeitapp.com/demo/).)
 
-__This is web-based software__. This means there there is no executable file (aka no .exe files), and it must be run on a web server and accessed through a web browser. It runs on any Mac OSX, flavor of Linux, as well as Windows.
+__This is web-based software__. This means there is no executable file (aka no .exe files), and it must be run on a web server and accessed through a web browser. It runs on any Mac OSX, flavor of Linux, as well as Windows, and we have a [Docker image](https://snipe-it.readme.io/docs/docker) available if that's what you're into.
 
 -----
 
 ### Installation
 
-__Installation and configuration documentation for this project has been moved to http://docs.snipeitapp.com.__
+For instructions on installing and configuring Snipe-IT on your server, check out the [installation manual](https://snipe-it.readme.io/docs). (Please see the [requirements documentation](https://snipe-it.readme.io/docs/requirements) for full requirements.)
 
-#### Server Requirements
-Please see the [requirements documentation](http://docs.snipeitapp.com/requirements.html) for full requirements.
+If you're having trouble with the installation, please check the [Common Issues](https://snipe-it.readme.io/docs/common-issues) and [Getting Help](https://snipe-it.readme.io/docs/getting-help) documentation, and search this repository's open *and* closed issues for help.
+
+-----
+### User's Manual
+For help using Snipe-IT, check out the [user's manual](https://snipe-it.readme.io/docs/overview).
 
 -----
 ### Bug Reports & Feature Requests
 
-Feel free to check out the [GitHub Issues for this project](https://github.com/snipe/snipe-it/issues) to open a bug report or see what open issues you can help with. Please search through existing issues (open and closed) to see if your question hasn't already been answered before opening a new issue.
+Feel free to check out the [GitHub Issues for this project](https://github.com/snipe/snipe-it/issues) to open a bug report or see what open issues you can help with. Please search through existing issues (open *and* closed) to see if your question has already been answered before opening a new issue.
 
-We use Waffle.io to help better communicate our roadmap with users. Our [project page there](http://waffle.io/snipe/snipe-it) will show you the backlog, what's ready to be worked on, what's in progress, and what's completed.
-
-If you're having trouble with the installation, please check the [Common Issues](http://docs.snipeitapp.com/common-issues.html) and [Getting Help](http://docs.snipeitapp.com/getting-help.html) documentation.
+**PLEASE see the [Getting Help Guidelines](https://snipe-it.readme.io/docs/getting-help) and [Common Issues](https://snipe-it.readme.io/docs/common-issues) before opening a ticket, and be sure to complete all of the questions in the Github Issue template to help us to help you as quickly as possible.**
 
 -----
 
 ### Upgrading
 
-Please see the [upgrading documentation](http://docs.snipeitapp.com/upgrading.html) for instructions on upgrading Snipe-IT.
+Please see the [upgrading documentation](https://snipe-it.readme.io/docs/upgrading) for instructions on upgrading Snipe-IT.
 
 ------
 ### Announcement List
@@ -48,14 +46,72 @@ To be notified of important news (such as new releases, security advisories, etc
 
 ### Translations!
 
-Please see the [translations documentation](http://docs.snipeitapp.com/translations.html) for information about available languages and how to add translations to Snipe-IT.
+Please see the [translations documentation](https://snipe-it.readme.io/docs/translations) for information about available languages and how to add translations to Snipe-IT.
+
+-----
+
+### Libraries, Modules & Related Projects
+
+Since the release of the JSON REST API, several third-party developers have been developing modules and libraries to work with Snipe-IT.  
+
+- [Python Module](https://github.com/jbloomer/SnipeIT-PythonAPI) by [@jbloomer](https://github.com/jbloomer)
+- [SnipeSharp - .NET module in C#](https://github.com/barrycarey/SnipeSharp) by [@barrycarey](https://github.com/barrycarey)
+- [InQRy](https://github.com/Microsoft/InQRy) by [@Microsoft](https://github.com/Microsoft)
+- [SnipeitPS](https://github.com/snazy2000/SnipeitPS) by [@snazy2000](https://github.com/snazy2000) - Powershell API Wrapper for Snipe-it
+- [jamf2snipe](https://github.com/ParadoxGuitarist/jamf2snipe) by [@ParadoxGuitarist](https://github.com/ParadoxGuitarist) - Python script to sync assets between a JAMFPro instance and a Snipe-II instance
+- [Marksman](https://github.com/Scope-IT/marksman) - A Windows agent for Snipe-IT
+
+As these were created by third-parties, Snipe-IT cannot provide support for these project, and you should contact the developers directly if you need assistance. Additionally, Snipe-IT makes no guarantees as to the reliability, accuracy or maintainability of these libraries. Use at your own risk. :) 
+
+-----
+
+### Contributors
+
+Thanks goes to all of these wonderful people ([emoji key](https://github.com/kentcdodds/all-contributors#emoji-key)) who have helped Snipe-IT get this far:
+
+<!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section -->
+| [<img src="https://avatars3.githubusercontent.com/u/197404?v=3" width="110px;"/><br /><sub>snipe</sub>](http://www.snipe.net)<br />[💻](https://github.com/snipe/snipe-it/commits?author=snipe "Code") [🚇](#infra-snipe "Infrastructure (Hosting, Build-Tools, etc)") [📖](https://github.com/snipe/snipe-it/commits?author=snipe "Documentation") [⚠️](https://github.com/snipe/snipe-it/commits?author=snipe "Tests") [🐛](https://github.com/snipe/snipe-it/issues?q=author%3Asnipe "Bug reports") [🎨](#design-snipe "Design") [👀](#review-snipe "Reviewed Pull Requests") | [<img src="https://avatars0.githubusercontent.com/u/36335?v=3" width="110px;"/><br /><sub>Brady Wetherington</sub>](http://www.uberbrady.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=uberbrady "Code") [📖](https://github.com/snipe/snipe-it/commits?author=uberbrady "Documentation") [🚇](#infra-uberbrady "Infrastructure (Hosting, Build-Tools, etc)") [👀](#review-uberbrady "Reviewed Pull Requests") | [<img src="https://avatars0.githubusercontent.com/u/3803132?v=3" width="110px;"/><br /><sub>Daniel Meltzer</sub>](https://github.com/dmeltzer)<br />[💻](https://github.com/snipe/snipe-it/commits?author=dmeltzer "Code") [⚠️](https://github.com/snipe/snipe-it/commits?author=dmeltzer "Tests") [📖](https://github.com/snipe/snipe-it/commits?author=dmeltzer "Documentation") | [<img src="https://avatars0.githubusercontent.com/u/1609106?v=3" width="110px;"/><br /><sub>Michael T</sub>](http://www.tuckertechonline.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mtucker6784 "Code") | [<img src="https://avatars2.githubusercontent.com/u/3274937?v=3" width="110px;"/><br /><sub>madd15</sub>](https://github.com/madd15)<br />[📖](https://github.com/snipe/snipe-it/commits?author=madd15 "Documentation") [💬](#question-madd15 "Answering Questions") | [<img src="https://avatars2.githubusercontent.com/u/894126?v=3" width="110px;"/><br /><sub>Vincent Sposato</sub>](https://github.com/vsposato)<br />[💻](https://github.com/snipe/snipe-it/commits?author=vsposato "Code") | [<img src="https://avatars0.githubusercontent.com/u/1639757?v=3" width="110px;"/><br /><sub>Andrea Bergamasco</sub>](https://github.com/vjandrea)<br />[💻](https://github.com/snipe/snipe-it/commits?author=vjandrea "Code") |
+| :---: | :---: | :---: | :---: | :---: | :---: | :---: |
+| [<img src="https://avatars0.githubusercontent.com/u/10640152?v=3" width="110px;"/><br /><sub>Karol</sub>](https://github.com/kpawelski)<br />[🌍](#translation-kpawelski "Translation") [💻](https://github.com/snipe/snipe-it/commits?author=kpawelski "Code") | [<img src="https://avatars3.githubusercontent.com/u/600106?v=3" width="110px;"/><br /><sub>morph027</sub>](http://blog.morph027.de/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=morph027 "Code") | [<img src="https://avatars3.githubusercontent.com/u/22935755?v=3" width="110px;"/><br /><sub>fvleminckx</sub>](https://github.com/fvleminckx)<br />[🚇](#infra-fvleminckx "Infrastructure (Hosting, Build-Tools, etc)") | [<img src="https://avatars2.githubusercontent.com/u/15633547?v=3" width="110px;"/><br /><sub>itsupportcmsukorg</sub>](https://github.com/itsupportcmsukorg)<br />[💻](https://github.com/snipe/snipe-it/commits?author=itsupportcmsukorg "Code") [🐛](https://github.com/snipe/snipe-it/issues?q=author%3Aitsupportcmsukorg "Bug reports") | [<img src="https://avatars3.githubusercontent.com/u/12373799?v=3" width="110px;"/><br /><sub>Frank</sub>](https://override.io)<br />[💻](https://github.com/snipe/snipe-it/commits?author=base-zero "Code") | [<img src="https://avatars0.githubusercontent.com/u/10137?v=3" width="110px;"/><br /><sub>Deleted user</sub>](https://github.com/ghost)<br />[🌍](#translation-ghost "Translation") | [<img src="https://avatars1.githubusercontent.com/u/10802313?v=3" width="110px;"/><br /><sub>tiagom62</sub>](https://github.com/tiagom62)<br />[💻](https://github.com/snipe/snipe-it/commits?author=tiagom62 "Code") [🚇](#infra-tiagom62 "Infrastructure (Hosting, Build-Tools, etc)") |
+| [<img src="https://avatars3.githubusercontent.com/u/2389047?v=3" width="110px;"/><br /><sub>Ryan Stafford</sub>](https://github.com/rystaf)<br />[💻](https://github.com/snipe/snipe-it/commits?author=rystaf "Code") | [<img src="https://avatars2.githubusercontent.com/u/10345935?v=3" width="110px;"/><br /><sub>Eammon Hanlon</sub>](https://github.com/ehanlon)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ehanlon "Code") | [<img src="https://avatars0.githubusercontent.com/u/441924?v=3" width="110px;"/><br /><sub>zjean</sub>](https://github.com/zjean)<br />[💻](https://github.com/snipe/snipe-it/commits?author=zjean "Code") | [<img src="https://avatars0.githubusercontent.com/u/12660103?v=3" width="110px;"/><br /><sub>Matthias Frei</sub>](http://www.frei.media)<br />[💻](https://github.com/snipe/snipe-it/commits?author=FREImedia "Code") | [<img src="https://avatars0.githubusercontent.com/u/3767518?v=3" width="110px;"/><br /><sub>opsydev</sub>](https://github.com/opsydev)<br />[💻](https://github.com/snipe/snipe-it/commits?author=opsydev "Code") | [<img src="https://avatars1.githubusercontent.com/u/82290?v=3" width="110px;"/><br /><sub>Daniel Dreier</sub>](http://www.ddreier.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ddreier "Code") | [<img src="https://avatars0.githubusercontent.com/u/23448?v=3" width="110px;"/><br /><sub>Nikolai Prokoschenko</sub>](http://rassie.org)<br />[💻](https://github.com/snipe/snipe-it/commits?author=rassie "Code") |
+| [<img src="https://avatars0.githubusercontent.com/u/13452757?v=3" width="110px;"/><br /><sub>Drew</sub>](https://github.com/YetAnotherCodeMonkey)<br />[💻](https://github.com/snipe/snipe-it/commits?author=YetAnotherCodeMonkey "Code") | [<img src="https://avatars0.githubusercontent.com/u/1342320?v=3" width="110px;"/><br /><sub>Walter</sub>](https://github.com/merid14)<br />[💻](https://github.com/snipe/snipe-it/commits?author=merid14 "Code") | [<img src="https://avatars3.githubusercontent.com/u/11254614?v=3" width="110px;"/><br /><sub>Petr Baloun</sub>](https://github.com/balous)<br />[💻](https://github.com/snipe/snipe-it/commits?author=balous "Code") | [<img src="https://avatars0.githubusercontent.com/u/6117660?v=3" width="110px;"/><br /><sub>reidblomquist</sub>](https://github.com/reidblomquist)<br />[📖](https://github.com/snipe/snipe-it/commits?author=reidblomquist "Documentation") | [<img src="https://avatars0.githubusercontent.com/u/539914?v=3" width="110px;"/><br /><sub>Mathieu Kooiman</sub>](https://github.com/mathieuk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mathieuk "Code") | [<img src="https://avatars3.githubusercontent.com/u/6606421?v=3" width="110px;"/><br /><sub>csayre</sub>](https://github.com/csayre)<br />[📖](https://github.com/snipe/snipe-it/commits?author=csayre "Documentation") | [<img src="https://avatars1.githubusercontent.com/u/768488?v=3" width="110px;"/><br /><sub>Adam Dunson</sub>](https://github.com/adamdunson)<br />[💻](https://github.com/snipe/snipe-it/commits?author=adamdunson "Code") |
+| [<img src="https://avatars0.githubusercontent.com/u/5547470?v=3" width="110px;"/><br /><sub>Hereward</sub>](https://github.com/thehereward)<br />[💻](https://github.com/snipe/snipe-it/commits?author=thehereward "Code") | [<img src="https://avatars0.githubusercontent.com/u/5802977?v=3" width="110px;"/><br /><sub>swoopdk</sub>](https://github.com/swoopdk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=swoopdk "Code") | [<img src="https://avatars1.githubusercontent.com/u/3470403?v=3" width="110px;"/><br /><sub>Abdullah Alansari</sub>](https://linkedin.com/in/ahimta)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Ahimta "Code") | [<img src="https://avatars0.githubusercontent.com/u/796443?v=3" width="110px;"/><br /><sub>Micael Rodrigues</sub>](https://github.com/MicaelRodrigues)<br />[💻](https://github.com/snipe/snipe-it/commits?author=MicaelRodrigues "Code") | [<img src="https://avatars0.githubusercontent.com/u/614564?v=3" width="110px;"/><br /><sub>Patrick Gallagher</sub>](http://macadmincorner.com)<br />[📖](https://github.com/snipe/snipe-it/commits?author=patgmac "Documentation") | [<img src="https://avatars3.githubusercontent.com/u/7165922?v=3" width="110px;"/><br /><sub>Miliamber</sub>](https://github.com/Miliamber)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Miliamber "Code") | [<img src="https://avatars3.githubusercontent.com/u/861766?v=3" width="110px;"/><br /><sub>hawk554</sub>](https://github.com/hawk554)<br />[💻](https://github.com/snipe/snipe-it/commits?author=hawk554 "Code") |
+| [<img src="https://avatars1.githubusercontent.com/u/1695622?v=3" width="110px;"/><br /><sub>Justin Kerr</sub>](http://jbirdkerr.net)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jbirdkerr "Code") | [<img src="https://avatars3.githubusercontent.com/u/11426176?v=3" width="110px;"/><br /><sub>Ira W. Snyder</sub>](http://www.irasnyder.com/devel/)<br />[📖](https://github.com/snipe/snipe-it/commits?author=irasnyd "Documentation") | [<img src="https://avatars2.githubusercontent.com/u/2475759?v=3" width="110px;"/><br /><sub>Aladin Alaily</sub>](https://github.com/aalaily)<br />[💻](https://github.com/snipe/snipe-it/commits?author=aalaily "Code") | [<img src="https://avatars0.githubusercontent.com/u/10247644?v=3" width="110px;"/><br /><sub>Chase Hansen</sub>](https://github.com/kobie-chasehansen)<br />[💻](https://github.com/snipe/snipe-it/commits?author=kobie-chasehansen "Code") [💬](#question-kobie-chasehansen "Answering Questions") [🐛](https://github.com/snipe/snipe-it/issues?q=author%3Akobie-chasehansen "Bug reports") | [<img src="https://avatars2.githubusercontent.com/u/13545400?v=3" width="110px;"/><br /><sub>IDM Helpdesk</sub>](https://github.com/IDM-Helpdesk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=IDM-Helpdesk "Code") | [<img src="https://avatars2.githubusercontent.com/u/614439?v=3" width="110px;"/><br /><sub>Kai</sub>](http://balticer.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=balticer "Code") | [<img src="https://avatars1.githubusercontent.com/u/8762511?v=3" width="110px;"/><br /><sub>Michael Daniels</sub>](http://www.michaeldaniels.me)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mdaniels5757 "Code") |
+| [<img src="https://avatars3.githubusercontent.com/u/1532660?v=3" width="110px;"/><br /><sub>Tom Castleman</sub>](http://tomcastleman.me)<br />[💻](https://github.com/snipe/snipe-it/commits?author=tomcastleman "Code") | [<img src="https://avatars3.githubusercontent.com/u/10723243?v=3" width="110px;"/><br /><sub>Daniel Nemanic</sub>](https://github.com/DanielNemanic)<br />[💻](https://github.com/snipe/snipe-it/commits?author=DanielNemanic "Code") | [<img src="https://avatars0.githubusercontent.com/u/150648?v=3" width="110px;"/><br /><sub>SouthWolf</sub>](https://github.com/southwolf)<br />[💻](https://github.com/snipe/snipe-it/commits?author=southwolf "Code") | [<img src="https://avatars2.githubusercontent.com/u/131616?v=3" width="110px;"/><br /><sub>Ivar Nesje</sub>](https://github.com/ivarne)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ivarne "Code") | [<img src="https://avatars1.githubusercontent.com/u/62333?v=3" width="110px;"/><br /><sub>Jérémy Benoist</sub>](http://www.j0k3r.net)<br />[📖](https://github.com/snipe/snipe-it/commits?author=j0k3r "Documentation") | [<img src="https://avatars2.githubusercontent.com/u/724344?v=3" width="110px;"/><br /><sub>Chris Leathley</sub>](https://github.com/cleathley)<br />[🚇](#infra-cleathley "Infrastructure (Hosting, Build-Tools, etc)") | [<img src="https://avatars0.githubusercontent.com/u/972498?v=3" width="110px;"/><br /><sub>splaer</sub>](https://github.com/splaer)<br />[🐛](https://github.com/snipe/snipe-it/issues?q=author%3Asplaer "Bug reports") [💻](https://github.com/snipe/snipe-it/commits?author=splaer "Code") |
+| [<img src="https://avatars1.githubusercontent.com/u/967362?v=3" width="110px;"/><br /><sub>Joe Ferguson</sub>](http://www.joeferguson.me)<br />[💻](https://github.com/snipe/snipe-it/commits?author=svpernova09 "Code") | [<img src="https://avatars3.githubusercontent.com/u/6108682?v=3" width="110px;"/><br /><sub>diwanicki</sub>](https://github.com/diwanicki)<br />[💻](https://github.com/snipe/snipe-it/commits?author=diwanicki "Code") [📖](https://github.com/snipe/snipe-it/commits?author=diwanicki "Documentation") | [<img src="https://avatars3.githubusercontent.com/u/2527115?v=3" width="110px;"/><br /><sub>Lee Thoong Ching</sub>](https://github.com/pakkua80)<br />[📖](https://github.com/snipe/snipe-it/commits?author=pakkua80 "Documentation") [💻](https://github.com/snipe/snipe-it/commits?author=pakkua80 "Code") | [<img src="https://avatars1.githubusercontent.com/u/461491?v=3" width="110px;"/><br /><sub>Marek Šuppa</sub>](http://shu.io)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mrshu "Code") | [<img src="https://avatars1.githubusercontent.com/u/8693762?v=3" width="110px;"/><br /><sub>Juan J. Martinez</sub>](https://github.com/mizar1616)<br />[🌍](#translation-mizar1616 "Translation") | [<img src="https://avatars1.githubusercontent.com/u/1458388?v=3" width="110px;"/><br /><sub>R Ryan Dial</sub>](https://github.com/rrdial)<br />[🌍](#translation-rrdial "Translation") | [<img src="https://avatars2.githubusercontent.com/u/2871745?v=3" width="110px;"/><br /><sub>Andrej Manduch</sub>](https://github.com/burlito)<br />[📖](https://github.com/snipe/snipe-it/commits?author=burlito "Documentation") |
+| [<img src="https://avatars0.githubusercontent.com/u/8341172?v=3" width="110px;"/><br /><sub>Jay Richards</sub>](http://www.cordeos.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=technogenus "Code") | [<img src="https://avatars2.githubusercontent.com/u/7295127?v=3" width="110px;"/><br /><sub>Alexander Innes</sub>](https://necurity.co.uk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=leostat "Code") | [<img src="https://avatars2.githubusercontent.com/u/334485?v=3" width="110px;"/><br /><sub>Danny Garcia</sub>](https://buzzedword.codes)<br />[💻](https://github.com/snipe/snipe-it/commits?author=buzzedword "Code") | [<img src="https://avatars2.githubusercontent.com/u/366855?v=3" width="110px;"/><br /><sub>archpoint</sub>](https://github.com/archpoint)<br />[💻](https://github.com/snipe/snipe-it/commits?author=archpoint "Code") | [<img src="https://avatars1.githubusercontent.com/u/67991?v=3" width="110px;"/><br /><sub>Jake McGraw</sub>](http://www.jakemcgraw.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jakemcgraw "Code") | [<img src="https://avatars1.githubusercontent.com/u/1714374?v=3" width="110px;"/><br /><sub>FleischKarussel</sub>](https://github.com/FleischKarussel)<br />[📖](https://github.com/snipe/snipe-it/commits?author=FleischKarussel "Documentation") | [<img src="https://avatars3.githubusercontent.com/u/319644?v=3" width="110px;"/><br /><sub>Dylan Yi</sub>](https://github.com/feeva)<br />[💻](https://github.com/snipe/snipe-it/commits?author=feeva "Code") |
+| [<img src="https://avatars2.githubusercontent.com/u/857740?v=3" width="110px;"/><br /><sub>Gil Rutkowski</sub>](http://FlashingCursor.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=flashingcursor "Code") | [<img src="https://avatars3.githubusercontent.com/u/129360?v=3" width="110px;"/><br /><sub>Desmond Morris</sub>](http://www.desmondmorris.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=desmondmorris "Code") | [<img src="https://avatars2.githubusercontent.com/u/52936?v=3" width="110px;"/><br /><sub>Nick Peelman</sub>](http://peelman.us)<br />[💻](https://github.com/snipe/snipe-it/commits?author=peelman "Code") | [<img src="https://avatars0.githubusercontent.com/u/53161?v=3" width="110px;"/><br /><sub>Abraham Vegh</sub>](https://abrahamvegh.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=abrahamvegh "Code") | [<img src="https://avatars0.githubusercontent.com/u/2818680?v=3" width="110px;"/><br /><sub>Mohamed Rashid</sub>](https://github.com/rashivkp)<br />[📖](https://github.com/snipe/snipe-it/commits?author=rashivkp "Documentation") | [<img src="https://avatars3.githubusercontent.com/u/1509456?v=3" width="110px;"/><br /><sub>Kasey</sub>](http://hinchk.github.io)<br />[💻](https://github.com/snipe/snipe-it/commits?author=HinchK "Code") | [<img src="https://avatars2.githubusercontent.com/u/10522541?v=3" width="110px;"/><br /><sub>Brett</sub>](https://github.com/BrettFagerlund)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=BrettFagerlund "Tests") |
+| [<img src="https://avatars2.githubusercontent.com/u/16108587?v=3" width="110px;"/><br /><sub>Jason Spriggs</sub>](http://jasonspriggs.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jasonspriggs "Code") | [<img src="https://avatars2.githubusercontent.com/u/1134568?v=3" width="110px;"/><br /><sub>Nate Felton</sub>](http://n8felton.wordpress.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=n8felton "Code") | [<img src="https://avatars2.githubusercontent.com/u/14036694?v=3" width="110px;"/><br /><sub>Manasses Ferreira</sub>](http://homepages.dcc.ufmg.br/~manassesferreira)<br />[💻](https://github.com/snipe/snipe-it/commits?author=manassesferreira "Code") | [<img src="https://avatars0.githubusercontent.com/u/15913949?v=3" width="110px;"/><br /><sub>Steve</sub>](https://github.com/steveelwood)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=steveelwood "Tests") | [<img src="https://avatars1.githubusercontent.com/u/3361683?v=3" width="110px;"/><br /><sub>matc</sub>](http://twitter.com/matc)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=matc "Tests") | [<img src="https://avatars3.githubusercontent.com/u/7405702?v=3" width="110px;"/><br /><sub>Cole R. Davis</sub>](http://www.davisracingteam.com)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=VanillaNinjaD "Tests") | [<img src="https://avatars2.githubusercontent.com/u/10167681?v=3" width="110px;"/><br /><sub>gibsonjoshua55</sub>](https://github.com/gibsonjoshua55)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gibsonjoshua55 "Code") |
+| [<img src="https://avatars2.githubusercontent.com/u/2809241?v=4" width="110px;"/><br /><sub>Robin Temme</sub>](https://github.com/zwerch)<br />[💻](https://github.com/snipe/snipe-it/commits?author=zwerch "Code") | [<img src="https://avatars0.githubusercontent.com/u/6961695?v=4" width="110px;"/><br /><sub>Iman</sub>](https://github.com/imanghafoori1)<br />[💻](https://github.com/snipe/snipe-it/commits?author=imanghafoori1 "Code") | [<img src="https://avatars1.githubusercontent.com/u/6551003?v=4" width="110px;"/><br /><sub>Richard Hofman</sub>](https://github.com/richardhofman6)<br />[💻](https://github.com/snipe/snipe-it/commits?author=richardhofman6 "Code") | [<img src="https://avatars0.githubusercontent.com/u/3697569?v=4" width="110px;"/><br /><sub>gizzmojr</sub>](https://github.com/gizzmojr)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gizzmojr "Code") | [<img src="https://avatars3.githubusercontent.com/u/404729?v=4" width="110px;"/><br /><sub>Jenny Li</sub>](https://github.com/imjennyli)<br />[📖](https://github.com/snipe/snipe-it/commits?author=imjennyli "Documentation") | [<img src="https://avatars0.githubusercontent.com/u/869227?v=4" width="110px;"/><br /><sub>Geoff Young</sub>](https://github.com/GeoffYoung)<br />[💻](https://github.com/snipe/snipe-it/commits?author=GeoffYoung "Code") | [<img src="https://avatars3.githubusercontent.com/u/1068477?v=4" width="110px;"/><br /><sub>Elliot Blackburn</sub>](http://www.elliotblackburn.com)<br />[📖](https://github.com/snipe/snipe-it/commits?author=BlueHatbRit "Documentation") |
+| [<img src="https://avatars1.githubusercontent.com/u/6357451?v=4" width="110px;"/><br /><sub>Tõnis Ormisson</sub>](http://andmemasin.eu)<br />[💻](https://github.com/snipe/snipe-it/commits?author=TonisOrmisson "Code") | [<img src="https://avatars0.githubusercontent.com/u/449411?v=4" width="110px;"/><br /><sub>Nicolai Essig</sub>](http://www.nicolai-essig.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=thakilla "Code") | [<img src="https://avatars1.githubusercontent.com/u/14809698?v=4" width="110px;"/><br /><sub>Danielle</sub>](https://github.com/techincolor)<br />[📖](https://github.com/snipe/snipe-it/commits?author=techincolor "Documentation") | [<img src="https://avatars1.githubusercontent.com/u/18545156?v=4" width="110px;"/><br /><sub>Lawrence</sub>](https://github.com/TheVakman)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=TheVakman "Tests") [🐛](https://github.com/snipe/snipe-it/issues?q=author%3ATheVakman "Bug reports") | [<img src="https://avatars1.githubusercontent.com/u/22473767?v=4" width="110px;"/><br /><sub>uknzaeinozpas</sub>](https://github.com/uknzaeinozpas)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=uknzaeinozpas "Tests") [💻](https://github.com/snipe/snipe-it/commits?author=uknzaeinozpas "Code") | [<img src="https://avatars3.githubusercontent.com/u/422752?v=4" width="110px;"/><br /><sub>Ryan</sub>](https://github.com/Gelob)<br />[📖](https://github.com/snipe/snipe-it/commits?author=Gelob "Documentation") | [<img src="https://avatars1.githubusercontent.com/u/10672546?v=4" width="110px;"/><br /><sub>vcordes79</sub>](https://github.com/vcordes79)<br />[💻](https://github.com/snipe/snipe-it/commits?author=vcordes79 "Code") |
+| [<img src="https://avatars3.githubusercontent.com/u/27958330?v=4" width="110px;"/><br /><sub>fordster78</sub>](https://github.com/fordster78)<br />[💻](https://github.com/snipe/snipe-it/commits?author=fordster78 "Code") | [<img src="https://avatars0.githubusercontent.com/u/34064225?v=4" width="110px;"/><br /><sub>CronKz</sub>](https://github.com/CronKz)<br />[💻](https://github.com/snipe/snipe-it/commits?author=CronKz "Code") [🌍](#translation-CronKz "Translation") | [<img src="https://avatars1.githubusercontent.com/u/585486?v=4" width="110px;"/><br /><sub>Tim Bishop</sub>](https://github.com/tdb)<br />[💻](https://github.com/snipe/snipe-it/commits?author=tdb "Code") | [<img src="https://avatars2.githubusercontent.com/u/5384694?v=4" width="110px;"/><br /><sub>Sean McIlvenna</sub>](https://www.seanmcilvenna.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=seanmcilvenna "Code") | [<img src="https://avatars3.githubusercontent.com/u/36515590?v=4" width="110px;"/><br /><sub>cepacs</sub>](https://github.com/cepacs)<br />[🐛](https://github.com/snipe/snipe-it/issues?q=author%3Acepacs "Bug reports") [📖](https://github.com/snipe/snipe-it/commits?author=cepacs "Documentation") | [<img src="https://avatars2.githubusercontent.com/u/37537300?v=4" width="110px;"/><br /><sub>lea-mink</sub>](https://github.com/lea-mink)<br />[💻](https://github.com/snipe/snipe-it/commits?author=lea-mink "Code") | [<img src="https://avatars0.githubusercontent.com/u/7140719?v=4" width="110px;"/><br /><sub>Hannah Tinkler</sub>](https://github.com/hannahtinkler)<br />[💻](https://github.com/snipe/snipe-it/commits?author=hannahtinkler "Code") |
+| [<img src="https://avatars1.githubusercontent.com/u/1086388?v=4" width="110px;"/><br /><sub>Doeke Zanstra</sub>](https://github.com/doekman)<br />[💻](https://github.com/snipe/snipe-it/commits?author=doekman "Code") | [<img src="https://avatars1.githubusercontent.com/u/4325936?v=4" width="110px;"/><br /><sub>Djamon Staal</sub>](https://www.sdhd.nl/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=SjamonDaal "Code") | [<img src="https://avatars3.githubusercontent.com/u/12306859?v=4" width="110px;"/><br /><sub>Earl Ramirez</sub>](https://github.com/EarlRamirez)<br />[💻](https://github.com/snipe/snipe-it/commits?author=EarlRamirez "Code") | [<img src="https://avatars2.githubusercontent.com/u/8671456?v=4" width="110px;"/><br /><sub>Richard Ray Thomas</sub>](https://github.com/RichardRay)<br />[💻](https://github.com/snipe/snipe-it/commits?author=RichardRay "Code") | [<img src="https://avatars3.githubusercontent.com/u/1852688?v=4" width="110px;"/><br /><sub>Ryan Kuba</sub>](https://www.taisun.io/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=thelamer "Code") | [<img src="https://avatars1.githubusercontent.com/u/6751928?v=4" width="110px;"/><br /><sub>Brian Monroe</sub>](https://github.com/ParadoxGuitarist)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ParadoxGuitarist "Code") | [<img src="https://avatars1.githubusercontent.com/u/605167?v=4" width="110px;"/><br /><sub>plexorama</sub>](https://github.com/plexorama)<br />[💻](https://github.com/snipe/snipe-it/commits?author=plexorama "Code") |
+| [<img src="https://avatars2.githubusercontent.com/u/1795149?v=4" width="110px;"/><br /><sub>Till Deeke</sub>](https://tilldeeke.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=tilldeeke "Code") | [<img src="https://avatars0.githubusercontent.com/u/12634129?v=4" width="110px;"/><br /><sub>5quirrel</sub>](https://github.com/5quirrel)<br />[💻](https://github.com/snipe/snipe-it/commits?author=5quirrel "Code") | [<img src="https://avatars1.githubusercontent.com/u/13071957?v=4" width="110px;"/><br /><sub>Jason</sub>](https://github.com/jasonlshelton)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jasonlshelton "Code") | [<img src="https://avatars3.githubusercontent.com/u/7128321?v=4" width="110px;"/><br /><sub>Antti</sub>](https://github.com/chemfy)<br />[💻](https://github.com/snipe/snipe-it/commits?author=chemfy "Code") | [<img src="https://avatars3.githubusercontent.com/u/10080364?v=4" width="110px;"/><br /><sub>DeusMaximus</sub>](https://github.com/DeusMaximus)<br />[💻](https://github.com/snipe/snipe-it/commits?author=DeusMaximus "Code") | [<img src="https://avatars2.githubusercontent.com/u/16384611?v=4" width="110px;"/><br /><sub>a-royal</sub>](https://github.com/A-ROYAL)<br />[🌍](#translation-A-ROYAL "Translation") | [<img src="https://avatars0.githubusercontent.com/u/5358208?v=4" width="110px;"/><br /><sub>Alberto Aldrigo</sub>](https://github.com/albertoaldrigo)<br />[🌍](#translation-albertoaldrigo "Translation") |
+| [<img src="https://avatars0.githubusercontent.com/u/1412342?v=4" width="110px;"/><br /><sub>Alex Stanev</sub>](http://alex.stanev.org/blog)<br />[🌍](#translation-RealEnder "Translation") | [<img src="https://avatars0.githubusercontent.com/u/177295?v=4" width="110px;"/><br /><sub>Andreas Rehm</sub>](http://devel.itsolution2.de)<br />[🌍](#translation-sirrus "Translation") | [<img src="https://avatars0.githubusercontent.com/u/5080535?v=4" width="110px;"/><br /><sub>Andreas Erhard</sub>](https://github.com/xelan)<br />[🌍](#translation-xelan "Translation") | [<img src="https://avatars2.githubusercontent.com/u/142350?v=4" width="110px;"/><br /><sub>Andrés Vanegas Jiménez</sub>](https://github.com/angeldeejay)<br />[🌍](#translation-angeldeejay "Translation") | [<img src="https://avatars0.githubusercontent.com/u/3910403?v=4" width="110px;"/><br /><sub>Antonio Schiavon</sub>](https://github.com/aschiavon91)<br />[🌍](#translation-aschiavon91 "Translation") | [<img src="https://avatars0.githubusercontent.com/u/10464547?v=4" width="110px;"/><br /><sub>benunter</sub>](https://github.com/benunter)<br />[🌍](#translation-benunter "Translation") | [<img src="https://avatars1.githubusercontent.com/u/5038647?v=4" width="110px;"/><br /><sub>Borys Żmuda</sub>](http://catweb24.pl)<br />[🌍](#translation-rudashi "Translation") |
+| [<img src="https://avatars0.githubusercontent.com/u/5539359?v=4" width="110px;"/><br /><sub>chibacityblues</sub>](https://github.com/chibacityblues)<br />[🌍](#translation-chibacityblues "Translation") | [<img src="https://avatars1.githubusercontent.com/u/1954830?v=4" width="110px;"/><br /><sub>Chien Wei Lin</sub>](https://github.com/cwlin0416)<br />[🌍](#translation-cwlin0416 "Translation") | [<img src="https://avatars3.githubusercontent.com/u/11700533?v=4" width="110px;"/><br /><sub>Christian Schuster</sub>](https://github.com/Againstreality)<br />[🌍](#translation-Againstreality "Translation") | [<img src="https://avatars1.githubusercontent.com/u/4308704?v=4" width="110px;"/><br /><sub>Christian Stefanus</sub>](http://chriss.webhostid.com)<br />[🌍](#translation-kopi-item "Translation") | [<img src="https://avatars3.githubusercontent.com/u/3009327?v=4" width="110px;"/><br /><sub>wxcafé</sub>](http://wxcafe.net)<br />[🌍](#translation-wxcafe "Translation") | [<img src="https://avatars3.githubusercontent.com/u/35761525?v=4" width="110px;"/><br /><sub>dpyroc</sub>](https://github.com/dpyroc)<br />[🌍](#translation-dpyroc "Translation") | [<img src="https://avatars1.githubusercontent.com/u/2153639?v=4" width="110px;"/><br /><sub>Daniel Friedlmaier</sub>](http://www.friedlmaier.net)<br />[🌍](#translation-da-friedl "Translation") |
+| [<img src="https://avatars1.githubusercontent.com/u/2947640?v=4" width="110px;"/><br /><sub>Daniel Heene</sub>](https://github.com/danielheene)<br />[🌍](#translation-danielheene "Translation") | [<img src="https://avatars3.githubusercontent.com/u/319022?v=4" width="110px;"/><br /><sub>danielcb</sub>](https://github.com/danielcb)<br />[🌍](#translation-danielcb "Translation") | [<img src="https://avatars3.githubusercontent.com/u/15846537?v=4" width="110px;"/><br /><sub>Dominik Senti</sub>](https://github.com/dominiksenti)<br />[🌍](#translation-dominiksenti "Translation") | [<img src="https://avatars0.githubusercontent.com/u/25570954?v=4" width="110px;"/><br /><sub>Eric Gautheron</sub>](http://www.konectik.com)<br />[🌍](#translation-EpixFr "Translation") | [<img src="https://avatars1.githubusercontent.com/u/5732623?v=4" width="110px;"/><br /><sub>Erlend Pilø</sub>](https://erlpil.com)<br />[🌍](#translation-Erlpil "Translation") | [<img src="https://avatars0.githubusercontent.com/u/541832?v=4" width="110px;"/><br /><sub>Fabio Rapposelli</sub>](http://fabio.technology)<br />[🌍](#translation-frapposelli "Translation") | [<img src="https://avatars2.githubusercontent.com/u/3605240?v=4" width="110px;"/><br /><sub>Felipe Barros</sub>](https://github.com/fgbs)<br />[🌍](#translation-fgbs "Translation") |
+| [<img src="https://avatars0.githubusercontent.com/u/257745?v=4" width="110px;"/><br /><sub>Fernando Possebon</sub>](https://github.com/possebon)<br />[🌍](#translation-possebon "Translation") | [<img src="https://avatars3.githubusercontent.com/u/2540832?v=4" width="110px;"/><br /><sub>gdraque</sub>](https://github.com/gdraque)<br />[🌍](#translation-gdraque "Translation") | [<img src="https://avatars0.githubusercontent.com/u/23440381?v=4" width="110px;"/><br /><sub>Georg Wallisch</sub>](https://github.com/georgwallisch)<br />[🌍](#translation-georgwallisch "Translation") | [<img src="https://avatars1.githubusercontent.com/u/9852832?v=4" width="110px;"/><br /><sub>Gerardo Robles</sub>](https://github.com/jgroblesr85)<br />[🌍](#translation-jgroblesr85 "Translation") | [<img src="https://avatars2.githubusercontent.com/u/11082640?v=4" width="110px;"/><br /><sub>Gluek</sub>](https://t.me/Gluek)<br />[🌍](#translation-mrgluek "Translation") | [<img src="https://avatars0.githubusercontent.com/u/6847946?v=4" width="110px;"/><br /><sub>AdnanAbuShahad</sub>](https://github.com/AdnanAbuShahad)<br />[🌍](#translation-AdnanAbuShahad "Translation") | [<img src="https://avatars1.githubusercontent.com/u/3580608?v=4" width="110px;"/><br /><sub>Hafidzi My</sub>](https://hafidzi.my)<br />[🌍](#translation-hafidzi "Translation") |
+| [<img src="https://avatars2.githubusercontent.com/u/205521?v=4" width="110px;"/><br /><sub>Harim Park</sub>](https://github.com/fofwisdom)<br />[🌍](#translation-fofwisdom "Translation") | [<img src="https://avatars2.githubusercontent.com/u/3333841?v=4" width="110px;"/><br /><sub>Henrik Kentsson</sub>](http://www.kentsson.se)<br />[🌍](#translation-Kentsson "Translation") | [<img src="https://avatars0.githubusercontent.com/u/36551034?v=4" width="110px;"/><br /><sub>Husnul Yaqien</sub>](https://github.com/husnulyaqien)<br />[🌍](#translation-husnulyaqien "Translation") | [<img src="https://avatars1.githubusercontent.com/u/2372747?v=4" width="110px;"/><br /><sub>Ibrahim</sub>](http://abaalkhail.org)<br />[🌍](#translation-abaalkh "Translation") | [<img src="https://avatars0.githubusercontent.com/u/1389334?v=4" width="110px;"/><br /><sub>igolman</sub>](https://github.com/igolman)<br />[🌍](#translation-igolman "Translation") | [<img src="https://avatars1.githubusercontent.com/u/3257070?v=4" width="110px;"/><br /><sub>itangiang</sub>](https://github.com/itangiang)<br />[🌍](#translation-itangiang "Translation") | [<img src="https://avatars2.githubusercontent.com/u/14814254?v=4" width="110px;"/><br /><sub>jarby1211</sub>](https://github.com/jarby1211)<br />[🌍](#translation-jarby1211 "Translation") |
+| [<img src="https://avatars3.githubusercontent.com/u/6719357?v=4" width="110px;"/><br /><sub>Jhonn Willker</sub>](http://jwillker.com)<br />[🌍](#translation-JohnWillker "Translation") | [<img src="https://avatars2.githubusercontent.com/u/10983635?v=4" width="110px;"/><br /><sub>Jose</sub>](https://github.com/joxelito94)<br />[🌍](#translation-joxelito94 "Translation") | [<img src="https://avatars0.githubusercontent.com/u/5206122?v=4" width="110px;"/><br /><sub>laopangzi</sub>](https://github.com/laopangzi)<br />[🌍](#translation-laopangzi "Translation") | [<img src="https://avatars2.githubusercontent.com/u/79707?v=4" width="110px;"/><br /><sub>Lars Strojny</sub>](http://usrportage.de)<br />[🌍](#translation-lstrojny "Translation") | [<img src="https://avatars0.githubusercontent.com/u/389801?v=4" width="110px;"/><br /><sub>MarcosBL</sub>](http://twitter.com/marcosbl)<br />[🌍](#translation-MarcosBL "Translation") | [<img src="https://avatars3.githubusercontent.com/u/35664606?v=4" width="110px;"/><br /><sub>marie joy cajes</sub>](https://github.com/mariejoyacajes)<br />[🌍](#translation-mariejoyacajes "Translation") | [<img src="https://avatars2.githubusercontent.com/u/3052816?v=4" width="110px;"/><br /><sub>Mark S. Johansen</sub>](http://www.markjohansen.dk)<br />[🌍](#translation-msjohansen "Translation") |
+| [<img src="https://avatars2.githubusercontent.com/u/982885?v=4" width="110px;"/><br /><sub>Martin Stub</sub>](http://martinstub.dk)<br />[🌍](#translation-stubben "Translation") | [<img src="https://avatars2.githubusercontent.com/u/28959963?v=4" width="110px;"/><br /><sub>Meyer Flavio</sub>](https://github.com/meyerf99)<br />[🌍](#translation-meyerf99 "Translation") | [<img src="https://avatars3.githubusercontent.com/u/796443?v=4" width="110px;"/><br /><sub>Micael Rodrigues</sub>](https://github.com/MicaelRodrigues)<br />[🌍](#translation-MicaelRodrigues "Translation") | [<img src="https://avatars0.githubusercontent.com/u/10481331?v=4" width="110px;"/><br /><sub>Mikael Rasmussen</sub>](http://rubixy.com/)<br />[🌍](#translation-mikaelssen "Translation") | [<img src="https://avatars1.githubusercontent.com/u/1544552?v=4" width="110px;"/><br /><sub>IxFail</sub>](https://github.com/IxFail)<br />[🌍](#translation-IxFail "Translation") | [<img src="https://avatars3.githubusercontent.com/u/18483118?v=4" width="110px;"/><br /><sub>Mohammed Fota</sub>](http://www.mohammedfota.com)<br />[🌍](#translation-MohammedFota "Translation") | [<img src="https://avatars0.githubusercontent.com/u/227080?v=4" width="110px;"/><br /><sub>Moayad Alserihi</sub>](https://github.com/omego)<br />[🌍](#translation-omego "Translation") |
+| [<img src="https://avatars0.githubusercontent.com/u/1680266?v=4" width="110px;"/><br /><sub>saymd</sub>](https://github.com/saymd)<br />[🌍](#translation-saymd "Translation") | [<img src="https://avatars0.githubusercontent.com/u/1826808?v=4" width="110px;"/><br /><sub>Patrik Larsson</sub>](https://nordsken.se)<br />[🌍](#translation-pooot "Translation") | [<img src="https://avatars1.githubusercontent.com/u/20584746?v=4" width="110px;"/><br /><sub>drcryo</sub>](https://github.com/drcryo)<br />[🌍](#translation-drcryo "Translation") | [<img src="https://avatars1.githubusercontent.com/u/19408004?v=4" width="110px;"/><br /><sub>pawel1615</sub>](https://github.com/pawel1615)<br />[🌍](#translation-pawel1615 "Translation") | [<img src="https://avatars2.githubusercontent.com/u/23340468?v=4" width="110px;"/><br /><sub>bodrovics</sub>](https://github.com/bodrovics)<br />[🌍](#translation-bodrovics "Translation") | [<img src="https://avatars0.githubusercontent.com/u/3257654?v=4" width="110px;"/><br /><sub>priatna</sub>](https://github.com/priatna)<br />[🌍](#translation-priatna "Translation") | [<img src="https://avatars1.githubusercontent.com/u/5358374?v=4" width="110px;"/><br /><sub>Fan Jiang</sub>](https://amayume.net)<br />[🌍](#translation-ProfFan "Translation") |
+| [<img src="https://avatars1.githubusercontent.com/u/22555451?v=4" width="110px;"/><br /><sub>ragnarcx</sub>](https://github.com/ragnarcx)<br />[🌍](#translation-ragnarcx "Translation") | [<img src="https://avatars2.githubusercontent.com/u/18654582?v=4" width="110px;"/><br /><sub>Rein van Haaren</sub>](http://www.reinvanhaaren.nl/)<br />[🌍](#translation-reinvanhaaren "Translation") | [<img src="https://avatars1.githubusercontent.com/u/386672?v=4" width="110px;"/><br /><sub>Teguh Dwicaksana</sub>](http://dheche.songolimo.net)<br />[🌍](#translation-dheche "Translation") | [<img src="https://avatars2.githubusercontent.com/u/2572552?v=4" width="110px;"/><br /><sub>fraccie</sub>](https://github.com/FRaccie)<br />[🌍](#translation-FRaccie "Translation") | [<img src="https://avatars0.githubusercontent.com/u/35182720?v=4" width="110px;"/><br /><sub>vinzruzell</sub>](https://github.com/vinzruzell)<br />[🌍](#translation-vinzruzell "Translation") | [<img src="https://avatars1.githubusercontent.com/u/7883603?v=4" width="110px;"/><br /><sub>Kevin Austin</sub>](http://kevinaustin.com)<br />[🌍](#translation-vipsystem "Translation") | [<img src="https://avatars3.githubusercontent.com/u/3861828?v=4" width="110px;"/><br /><sub>Wira Sandy</sub>](http://azuraweb.xyz)<br />[🌍](#translation-wira-sandy "Translation") |
+| [<img src="https://avatars2.githubusercontent.com/u/8663789?v=4" width="110px;"/><br /><sub>Илья</sub>](https://github.com/GrayHoax)<br />[🌍](#translation-GrayHoax "Translation") | [<img src="https://avatars3.githubusercontent.com/u/30119111?v=4" width="110px;"/><br /><sub>GodUseVPN</sub>](https://github.com/godusevpn)<br />[🌍](#translation-godusevpn "Translation") | [<img src="https://avatars1.githubusercontent.com/u/745576?v=4" width="110px;"/><br /><sub>周周</sub>](https://github.com/EngrZhou)<br />[🌍](#translation-EngrZhou "Translation") | [<img src="https://avatars3.githubusercontent.com/u/1631095?v=4" width="110px;"/><br /><sub>Sam</sub>](https://github.com/takuy)<br />[💻](https://github.com/snipe/snipe-it/commits?author=takuy "Code") | [<img src="https://avatars1.githubusercontent.com/u/264022?v=4" width="110px;"/><br /><sub>Azerothian</sub>](https://www.illisian.com.au)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Azerothian "Code") | [<img src="https://avatars1.githubusercontent.com/u/7632599?v=4" width="110px;"/><br /><sub>Tim Farmer</sub>](https://github.com/timothyfarmer)<br />[💻](https://github.com/snipe/snipe-it/commits?author=timothyfarmer "Code") |
+<!-- ALL-CONTRIBUTORS-LIST:END -->
+
+This project follows the [all-contributors](https://github.com/kentcdodds/all-contributors) specification. Contributions of any kind welcome!
 
 -----
 
 ### Contributing
 
-Please see the documentation on [contributing and developing for Snipe-IT](http://docs.snipeitapp.com/contributing.html).
+Please see the documentation on [contributing and developing for Snipe-IT](https://snipe-it.readme.io/docs/contributing-overview).
 
-[![Stories in Ready](https://badge.waffle.io/snipe/snipe-it.png?label=ready+for+dev&title=Ready+for+Development)](http://waffle.io/snipe/snipe-it)
 
 Please note that this project is released with a [Contributor Code of Conduct](CODE_OF_CONDUCT.md). By participating in this project you agree to abide by its terms.
+
+-----
+
+### Security
+
+To report a security vulnerability, please email security@snipeitapp.com instead of using the issue tracker. 

Vagrantfile

@@ -0,0 +1,84 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+SNIPEIT_SH_URL= "https://raw.githubusercontent.com/snipe/snipe-it/master/snipeit.sh"
+NETWORK_BRIDGE= "en0: Wi-Fi (AirPort)"
+
+Vagrant.configure("2") do |config|
+  config.vm.define "bionic" do |bionic|
+    bionic.vm.box = "ubuntu/bionic64"
+    bionic.vm.hostname = 'bionic'
+    bionic.vm.network "public_network", bridge: NETWORK_BRIDGE
+    bionic.vm.provision :shell, :inline => "wget #{SNIPEIT_SH_URL}"
+    bionic.vm.provision :shell, :inline => "chmod 755 snipeit.sh"
+  end
+
+  config.vm.define "xenial" do |xenial|
+    xenial.vm.box = "ubuntu/xenial64"
+    xenial.vm.hostname = 'xenial'
+    xenial.vm.network "public_network", bridge: NETWORK_BRIDGE
+    xenial.vm.provision :shell, :inline => "wget #{SNIPEIT_SH_URL}"
+    xenial.vm.provision :shell, :inline => "chmod 755 snipeit.sh"
+  end
+
+  config.vm.define "trusty" do |trusty|
+    trusty.vm.box = "ubuntu/trusty32"
+    trusty.vm.hostname = 'trusty'
+    trusty.vm.network "public_network", bridge: NETWORK_BRIDGE
+    trusty.vm.provision :shell, :inline => "wget #{SNIPEIT_SH_URL}"
+    trusty.vm.provision :shell, :inline => "chmod 755 snipeit.sh"
+  end
+
+  config.vm.define "centos7" do |centos7|
+    centos7.vm.box = "centos/7"
+    centos7.vm.hostname = 'centos7'
+    centos7.vm.network "public_network", bridge: NETWORK_BRIDGE
+    centos7.vm.provision :shell, :inline => "sudo yum -y update"
+    centos7.vm.provision :shell, :inline => "yum install -y wget"
+    centos7.vm.provision :shell, :inline => "wget #{SNIPEIT_SH_URL}"
+    centos7.vm.provision :shell, :inline => "chmod 755 snipeit.sh"
+  end
+
+  config.vm.define "centos6" do |centos6|
+    centos6.vm.box = "centos/6"
+    centos6.vm.hostname = 'centos6'
+    centos6.vm.network "public_network", bridge: NETWORK_BRIDGE
+    centos6.vm.provision :shell, :inline => "sudo yum -y update"
+    centos6.vm.provision :shell, :inline => "wget #{SNIPEIT_SH_URL}"
+    centos6.vm.provision :shell, :inline => "chmod 755 snipeit.sh"
+  end
+
+  config.vm.define "jessie" do |jessie|
+    jessie.vm.box = "debian/jessie64"
+    jessie.vm.hostname = 'debian8'
+    jessie.vm.network "public_network", bridge: NETWORK_BRIDGE
+    jessie.vm.provision :shell, :inline => "wget #{SNIPEIT_SH_URL}"
+    jessie.vm.provision :shell, :inline => "chmod 755 snipeit.sh"
+  end
+
+  config.vm.define "stretch" do |stretch|
+    stretch.vm.box = "debian/stretch64"
+    stretch.vm.hostname = 'debian9'
+    stretch.vm.network "public_network", bridge: NETWORK_BRIDGE
+    stretch.vm.provision :shell, :inline => "wget #{SNIPEIT_SH_URL}"
+    stretch.vm.provision :shell, :inline => "chmod 755 snipeit.sh"
+  end
+
+  config.vm.define "fedora27" do |fedora27|
+    fedora27.vm.box = "fedora/27-cloud-base"
+    fedora27.vm.hostname = 'fedora27'
+    fedora27.vm.network "public_network", bridge: NETWORK_BRIDGE
+    fedora27.vm.provision :shell, :inline => "dnf -y install wget"
+    fedora27.vm.provision :shell, :inline => "wget #{SNIPEIT_SH_URL}"
+    fedora27.vm.provision :shell, :inline => "chmod 755 snipeit.sh"
+  end
+
+    config.vm.define "fedora26" do |fedora26|
+    fedora26.vm.box = "fedora/26-cloud-base"
+    fedora26.vm.hostname = 'fedora26'
+    fedora26.vm.network "public_network", bridge: NETWORK_BRIDGE
+    fedora26.vm.provision :shell, :inline => "dnf -y install wget"
+    fedora26.vm.provision :shell, :inline => "wget #{SNIPEIT_SH_URL}"
+    fedora26.vm.provision :shell, :inline => "chmod 755 snipeit.sh"
+  end
+end

app/Console/Commands/AssetImportCommand.php

@@ -1,468 +0,0 @@
-<?php
-namespace App\Console\Commands;
-use App\Models\User;
-use App\Models\Location;
-use App\Models\Category;
-use App\Models\AssetModel;
-use App\Models\Company;
-use App\Models\Asset;
-use App\Models\Manufacturer;
-use Symfony\Component\Console\Input\InputOption;
-use Symfony\Component\Console\Input\InputArgument;
-
-use Illuminate\Console\Command;
-use League\Csv\Reader;
-
-class AssetImportCommand extends Command {
-
-	/**
-	 * The console command name.
-	 *
-	 * @var string
-	 */
-	protected $name = 'snipeit:asset-import';
-
-	/**
-	 * The console command description.
-	 *
-	 * @var string
-	 */
-	protected $description = 'Import Assets from CSV';
-
-	/**
-	 * Create a new command instance.
-	 *
-	 * @return void
-	 */
-	public function __construct()
-	{
-		parent::__construct();
-	}
-
-	/**
-	 * Execute the console command.
-	 *
-	 * @return mixed
-	 */
-	public function fire()
-	{
-		$filename = $this->argument('filename');
-
-
-		if (!$this->option('testrun')=='true') {
-			$this->comment('======= Importing Assets from '.$filename.' =========');
-		} else {
-			$this->comment('====== TEST ONLY Asset Import for '.$filename.' ====');
-			$this->comment('============== NO DATA WILL BE WRITTEN ==============');
-		}
-
-		if (! ini_get("auto_detect_line_endings")) {
-			ini_set("auto_detect_line_endings", '1');
-		}
-
-		$csv = Reader::createFromPath($this->argument('filename'));
-		$csv->setNewline("\r\n");
-		$csv->setOffset(1);
-		$duplicates = '';
-
-		// Loop through the records
-		$nbInsert = $csv->each(function ($row) use ($duplicates) {
-			$status_id = 1;
-
-			// Let's just map some of these entries to more user friendly words
-
-			// User's name
-			if (array_key_exists('0',$row)) {
-				$user_name = trim($row[0]);
-			} else {
-				$user_name = '';
-			}
-
-			// User's email
-			if (array_key_exists('1',$row)) {
-				$user_email = trim($row[1]);
-			} else {
-				$user_email = '';
-			}
-
-			// User's email
-			if (array_key_exists('2',$row)) {
-				$user_username = trim($row[2]);
-			} else {
-				$user_username = '';
-			}
-
-			// Asset Name
-			if (array_key_exists('3',$row)) {
-				$user_asset_asset_name = trim($row[3]);
-			} else {
-				$user_asset_asset_name = '';
-			}
-
-			// Asset Category
-			if (array_key_exists('4',$row)) {
-				$user_asset_category = trim($row[4]);
-			} else {
-				$user_asset_category = '';
-			}
-
-			// Asset Name
-			if (array_key_exists('5',$row)) {
-				$user_asset_name = trim($row[5]);
-			} else {
-				$user_asset_name = '';
-			}
-
-			// Asset Manufacturer
-			if (array_key_exists('6',$row)) {
-				$user_asset_mfgr = trim($row[6]);
-			} else {
-				$user_asset_mfgr = '';
-			}
-
-			// Asset model number
-			if (array_key_exists('7',$row)) {
-				$user_asset_modelno = trim($row[7]);
-			} else {
-				$user_asset_modelno = '';
-			}
-
-			// Asset serial number
-			if (array_key_exists('8',$row)) {
-				$user_asset_serial = trim($row[8]);
-			} else {
-				$user_asset_serial = '';
-			}
-
-			// Asset tag
-			if (array_key_exists('9',$row)) {
-				$user_asset_tag = trim($row[9]);
-			} else {
-				$user_asset_tag = '';
-			}
-
-			// Asset location
-			if (array_key_exists('10',$row)) {
-				$user_asset_location = trim($row[10]);
-			} else {
-				$user_asset_location = '';
-			}
-
-			// Asset notes
-			if (array_key_exists('11',$row)) {
-				$user_asset_notes = trim($row[11]);
-			} else {
-				$user_asset_notes = '';
-			}
-
-			// Asset purchase date
-			if (array_key_exists('12',$row)) {
-				if ($row[12]!='') {
-					$user_asset_purchase_date = date("Y-m-d 00:00:01", strtotime($row[12]));
-				} else {
-					$user_asset_purchase_date = '';
-				}
-			} else {
-				$user_asset_purchase_date = '';
-			}
-
-			// Asset purchase cost
-			if (array_key_exists('13',$row)) {
-				if ($row[13]!='') {
-					$user_asset_purchase_cost = trim($row[13]);
-				} else {
-					$user_asset_purchase_cost = '';
-				}
-			} else {
-				$user_asset_purchase_cost = '';
-			}
-
-       // Asset Company Name
-       if (array_key_exists('14',$row)) {
-              if ($row[14]!='') {
-                  $user_asset_company_name = trim($row[14]);
-              } else {
-                      $user_asset_company_name= '';
-              }
-       } else {
-              $user_asset_company_name = '';
-       }
-
-
-		// A number was given instead of a name
-		if (is_numeric($user_name)) {
-			$this->comment('User '.$user_name.' is not a name - assume this user already exists');
-			$user_username = '';
-            $first_name = '';
-			$last_name = '';
-
-		// No name was given
-		} elseif ($user_name=='') {
-			$this->comment('No user data provided - skipping user creation, just adding asset');
-			$first_name = '';
-			$last_name = '';
-			//$user_username = '';
-
-		} else {
-			$user_email_array = User::generateFormattedNameFromFullName($this->option('email_format'), $user_name);
-			$first_name = $user_email_array['first_name'];
-			$last_name = $user_email_array['last_name'];
-
-			if ($user_email=='') {
-				$user_email = $user_email_array['username'].'@'.config('app.domain');
-			}
-
-			if ($user_username=='') {
-				if ($this->option('username_format')=='email') {
-					$user_username = $user_email;
-				} else {
-					$user_name_array = User::generateFormattedNameFromFullName($this->option('username_format'), $user_name);
-					$user_username = $user_name_array['username'];
-				}
-
-			}
-
-		}
-
-		$this->comment('Full Name: '.$user_name);
-		$this->comment('First Name: '.$first_name);
-		$this->comment('Last Name: '.$last_name);
-		$this->comment('Username: '.$user_username);
-		$this->comment('Email: '.$user_email);
-		$this->comment('Category Name: '.$user_asset_category);
-		$this->comment('Item: '.$user_asset_name);
-		$this->comment('Manufacturer ID: '.$user_asset_mfgr);
-		$this->comment('Model No: '.$user_asset_modelno);
-		$this->comment('Serial No: '.$user_asset_serial);
-		$this->comment('Asset Tag: '.$user_asset_tag);
-		$this->comment('Location: '.$user_asset_location);
-		$this->comment('Purchase Date: '.$user_asset_purchase_date);
-		$this->comment('Purchase Cost: '.$user_asset_purchase_cost);
-		$this->comment('Notes: '.$user_asset_notes);
-        $this->comment('Company Name: '.$user_asset_company_name);
-
-		$this->comment('------------- Action Summary ----------------');
-
-		if ($user_username!='') {
-			if ($user = User::MatchEmailOrUsername($user_username, $user_email)
-				->whereNotNull('username')->first()) {
-				$this->comment('User '.$user_username.' already exists');
-			} else {
-                $user = new \App\Models\User;
-                $password  = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
-
-                $user->first_name = $first_name;
-                $user->last_name = $last_name;
-                $user->username = $user_username;
-                $user->email = $user_email;
-                $user->permissions = '{user":1}';
-                $user->password = bcrypt($password);
-                $user->activated = 1;
-                if ($user->save()) {
-                    $this->comment('User '.$first_name.' created');
-                } else {
-                    $this->error('ERROR CREATING User '.$first_name.' '.$last_name);
-                    $this->error($user->getErrors());
-                }
-
-			}
-		} else {
-			$user = new User;
-		}
-
-		// Check for the location match and create it if it doesn't exist
-		if ($location = Location::where('name', e($user_asset_location))->first()) {
-			$this->comment('Location '.$user_asset_location.' already exists');
-		} else {
-
-        $location = new Location();
-
-				if ($user_asset_location!='')
-                {
-					$location->name = e($user_asset_location);
-					$location->address = '';
-					$location->city = '';
-					$location->state = '';
-					$location->country = '';
-					$location->user_id = 1;
-
-					if (!$this->option('testrun')=='true') {
-
-						if ($location->save()) {
-							$this->comment('Location '.$user_asset_location.' was created');
-			            } else {
-							$this->error('Something went wrong! Location '.$user_asset_location.' was NOT created');
-                            $this->error($location->getErrors());
-						}
-
-					}
-                    else
-                    {
-						$this->comment('Location '.$user_asset_location.' was (not) created - test run only');
-					}
-				}
-                else
-                {
-					$this->comment('No location given, so none created.');
-				}
-
-			}
-
-        if (e($user_asset_category)=='') {
-            $category_name = 'Unnamed Category';
-        } else {
-            $category_name = e($user_asset_category);
-        }
-
-    	// Check for the category match and create it if it doesn't exist
-    	if ($category = Category::where('name', e($category_name))->where('category_type', 'asset')->first()) {
-    		$this->comment('Category '.$category_name.' already exists');
-
-    	} else {
-    		$category = new Category();
-            $category->name = e($category_name);
-    		$category->category_type = 'asset';
-    		$category->user_id = 1;
-
-    		if ($category->save()) {
-    			$this->comment('Category '.$user_asset_category.' was created');
-            } else {
-    			$this->error('Something went wrong! Category '.$user_asset_category.' was NOT created');
-                $this->error($category->getErrors());
-    		}
-
-    	}
-
-    	// Check for the manufacturer match and create it if it doesn't exist
-    	if ($manufacturer = Manufacturer::where('name', e($user_asset_mfgr))->first()) {
-    		$this->comment('Manufacturer '.$user_asset_mfgr.' already exists');
-    	} else {
-    		$manufacturer = new Manufacturer();
-    		$manufacturer->name = e($user_asset_mfgr);
-    		$manufacturer->user_id = 1;
-
-    		if ($manufacturer->save()) {
-    			$this->comment('Manufacturer '.$user_asset_mfgr.' was created');
-            } else {
-    			$this->error('Something went wrong! Manufacturer '.$user_asset_mfgr.' was NOT created: '. $manufacturer->getErrors()->first());
-    		}
-
-    	}
-
-    	// Check for the asset model match and create it if it doesn't exist
-    	if ($asset_model = AssetModel::where('name', e($user_asset_name))->where('modelno', e($user_asset_modelno))->where('category_id', $category->id)->where('manufacturer_id', $manufacturer->id)->first()) {
-    		$this->comment('The Asset Model '.$user_asset_name.' with model number '.$user_asset_modelno.' already exists');
-    	} else {
-    		$asset_model = new AssetModel();
-    		$asset_model->name = e($user_asset_name);
-    		$asset_model->manufacturer_id = $manufacturer->id;
-    		$asset_model->modelno = e($user_asset_modelno);
-    		$asset_model->category_id = $category->id;
-    		$asset_model->user_id = 1;
-
-    		if ($asset_model->save()) {
-    			$this->comment('Asset Model '.$user_asset_name.' with model number '.$user_asset_modelno.' was created');
-            } else {
-    			$this->error('Something went wrong! Asset Model '.$user_asset_name.' was NOT created: '.$asset_model->getErrors()->first());
-    		}
-
-    	}
-
-        // Check for the asset company match and create it if it doesn't exist
-        if ($user_asset_company_name!='') {
-            if ($company = Company::where('name', e($user_asset_company_name))->first()) {
-                $this->comment('Company '.$user_asset_company_name.' already exists');
-            } else {
-                $company = new Company();
-                $company->name = e($user_asset_company_name);
-
-                if ($company->save()) {
-                    $this->comment('Company '.$user_asset_company_name.' was created');
-                } else {
-                    $this->error('Something went wrong! Company '.$user_asset_company_name.' was NOT created: '.$company->getErrors()->first());
-                }
-            }
-
-        } else {
-          $company = new Company();
-        }
-
-			// Check for the asset match and create it if it doesn't exist
-        if ($asset = Asset::where('asset_tag', e($user_asset_tag))->first()) {
-          $this->comment('The Asset with asset tag '.$user_asset_tag.' already exists');
-        } else {
-          $asset = new Asset();
-          $asset->name = e($user_asset_asset_name);
-  				if ($user_asset_purchase_date!='') {
-  					$asset->purchase_date = $user_asset_purchase_date;
-  				} else {
-  					$asset->purchase_date = NULL;
-  				}
-  				if ($user_asset_purchase_cost!='') {
-  					$asset->purchase_cost = ParseFloat(e($user_asset_purchase_cost));
-  				} else {
-  					$asset->purchase_cost = 0.00;
-  				}
-  				$asset->serial = e($user_asset_serial);
-  				$asset->asset_tag = e($user_asset_tag);
-  				$asset->model_id = $asset_model->id;
-  				$asset->assigned_to = $user->id;
-  				$asset->rtd_location_id = $location->id;
-  				$asset->user_id = 1;
-  				$asset->status_id = $status_id;
-                $asset->company_id = $company->id;
-  				if ($user_asset_purchase_date!='') {
-  					$asset->purchase_date = $user_asset_purchase_date;
-  				} else {
-  					$asset->purchase_date = NULL;
-  				}
-  				$asset->notes = e($user_asset_notes);
-
-  				if ($asset->save()) {
-  					$this->comment('Asset '.$user_asset_name.' with serial number '.$user_asset_serial.' was created');
-  	            } else {
-  					$this->error('Something went wrong! Asset '.$user_asset_name.' was NOT created: '.$asset->getErrors()->first());
-  				}
-
-        }
-
-
-
-			$this->comment('=====================================');
-
-			return true;
-
-		});
-
-
-	}
-
-	/**
-	 * Get the console command arguments.
-	 *
-	 * @return array
-	 */
-	protected function getArguments()
-	{
-		return array(
-			array('filename', InputArgument::REQUIRED, 'File for the CSV import.'),
-		);
-	}
-
-
-	/**
-	 * Get the console command options.
-	 *
-	 * @return array
-	 */
-	protected function getOptions()
-	{
-	return array(
-		array('email_format', null, InputOption::VALUE_REQUIRED, 'The format of the email addresses that should be generated. Options are firstname.lastname, firstname, filastname', null),
-		array('username_format', null, InputOption::VALUE_REQUIRED, 'The format of the username that should be generated. Options are firstname.lastname, firstname, filastname, email', null),
-		array('testrun', null, InputOption::VALUE_REQUIRED, 'Test the output without writing to the database or not.', null),
-	);
-	}
-
-
-}

app/Console/Commands/CreateAdmin.php

@@ -46,32 +46,32 @@ class CreateAdmin extends Command
         $show_in_list = $this->argument('show_in_list');
 
         if (($first_name=='') || ($last_name=='') || ($username=='') || ($email=='') || ($password=='')) {
-          $this->info('ERROR: All fields are required.');
+            $this->info('ERROR: All fields are required.');
         } else {
-          $user = new \App\Models\User;
-          $user->first_name = $first_name;
-          $user->last_name = $last_name;
-          $user->username = $username;
-          $user->email = $email;
-          $user->permissions = '{"admin":1,"user":1,"superuser":1,"reports.view":1, "licenses.keys":1}';
-          $user->password = bcrypt($password);
-          $user->activated = 1;
+            $user = new \App\Models\User;
+            $user->first_name = $first_name;
+            $user->last_name = $last_name;
+            $user->username = $username;
+            $user->email = $email;
+            $user->permissions = '{"admin":1,"user":1,"superuser":1,"reports.view":1, "licenses.keys":1}';
+            $user->password = bcrypt($password);
+            $user->activated = 1;
 
-          if ($show_in_list == 'false') {
-             $user->show_in_list = 0;
-          }
-          if ($user->save()) {
-            $this->info('New user created');
-            $user->groups()->attach(1);
-          } else {
-            $this->info('Admin user was not created');
-            $errors = $user->getErrors();
-
-            foreach ($errors->all() as $error) {
-              $this->info('ERROR:'. $error);
+            if ($show_in_list == 'false') {
+                $user->show_in_list = 0;
             }
+            if ($user->save()) {
+                $this->info('New user created');
+                $user->groups()->attach(1);
+            } else {
+                $this->info('Admin user was not created');
+                $errors = $user->getErrors();
 
-          }
+                foreach ($errors->all() as $error) {
+                    $this->info('ERROR:'. $error);
+                }
+
+            }
         }
 
     }
@@ -81,5 +81,5 @@ class CreateAdmin extends Command
   // 		return array(
   // 			array('username', InputArgument::REQUIRED, 'Username'),
   // 		);
-	// }
+    // }
 }

app/Console/Commands/DisableLDAP.php

@@ -5,7 +5,6 @@ namespace App\Console\Commands;
 use Illuminate\Console\Command;
 use App\Models\Setting;
 
-
 class DisableLDAP extends Command
 {
     /**

app/Console/Commands/FixDoubleEscape.php

@@ -0,0 +1,85 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+
+class FixDoubleEscape extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:unescape';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This should be run to fix some double-escaping issues from earlier versions of Snipe-IT.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        $tables = [
+            '\App\Models\Asset' => ['name'],
+            '\App\Models\License' => ['name'],
+            '\App\Models\Consumable' => ['name'],
+            '\App\Models\Accessory' => ['name'],
+            '\App\Models\Component' => ['name'],
+            '\App\Models\Company' => ['name'],
+            '\App\Models\Manufacturer' => ['name'],
+            '\App\Models\Supplier' => ['name'],
+            '\App\Models\Statuslabel' => ['name'],
+            '\App\Models\Depreciation' => ['name'],
+            '\App\Models\AssetModel' => ['name'],
+            '\App\Models\Group' => ['name'],
+            '\App\Models\Department' => ['name'],
+            '\App\Models\Location' => ['name'],
+            '\App\Models\User' => ['first_name', 'last_name'],
+        ];
+
+        $count = array();
+
+
+
+            foreach ($tables as $classname => $fields) {
+                $count[$classname] = array();
+                $count[$classname]['classname'] = 0;
+
+                foreach($fields as $field) {
+
+                    $count[$classname]['classname']++;
+                    $count[$classname][$field] = 0;
+
+                    foreach($classname::where("$field",'LIKE','%&%')->get() as $row) {
+                        $this->info('Updating '.$field.' for '.$classname);
+                        $row->{$field} = html_entity_decode($row->{$field});
+                        $row->save();
+                        $count[$classname][$field]++;
+
+                    }
+                }
+            }
+
+        $this->info('Update complete');
+
+    }
+}

app/Console/Commands/LdapSync.php

@@ -0,0 +1,248 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+use App\Models\Setting;
+use App\Models\Ldap;
+use App\Models\User;
+use App\Models\Location;
+use Log;
+
+class LdapSync extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:ldap-sync {--location=} {--location_id=} {--base_dn=} {--summary} {--json_summary}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Command line LDAP sync';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+        ini_set('max_execution_time', 600); //600 seconds = 10 minutes
+        ini_set('memory_limit', '500M');
+
+        $ldap_result_username = Setting::getSettings()->ldap_username_field;
+        $ldap_result_last_name = Setting::getSettings()->ldap_lname_field;
+        $ldap_result_first_name = Setting::getSettings()->ldap_fname_field;
+
+        $ldap_result_active_flag = Setting::getSettings()->ldap_active_flag_field;
+        $ldap_result_emp_num = Setting::getSettings()->ldap_emp_num;
+        $ldap_result_email = Setting::getSettings()->ldap_email;
+
+        try {
+            $ldapconn = Ldap::connectToLdap();
+            Ldap::bindAdminToLdap($ldapconn);
+        } catch (\Exception $e) {
+            if ($this->option('json_summary')) {
+                $json_summary = [ "error" => true, "error_message" => $e->getMessage(), "summary" => [] ];
+                $this->info(json_encode($json_summary));
+            }
+            LOG::info($e);
+            return [];
+        }
+
+        $summary = array();
+
+        try {    
+            if ($this->option('base_dn') != '') {
+                $search_base = $this->option('base_dn');
+                LOG::debug('Importing users from specified base DN: \"'.$search_base.'\".');                
+            } else {
+                $search_base = null;
+            }
+            $results = Ldap::findLdapUsers($search_base);
+        } catch (\Exception $e) {
+            if ($this->option('json_summary')) {
+                $json_summary = [ "error" => true, "error_message" => $e->getMessage(), "summary" => [] ];
+                $this->info(json_encode($json_summary));
+            }
+            LOG::info($e);
+            return [];
+        }
+
+        /* Determine which location to assign users to by default. */
+        $location = NULL;
+
+        if ($this->option('location')!='') {
+            $location = Location::where('name', '=', $this->option('location'))->first();
+            LOG::debug('Location name '.$this->option('location').' passed');
+            LOG::debug('Importing to '.$location->name.' ('.$location->id.')');
+        } elseif ($this->option('location_id')!='') {
+            $location = Location::where('id', '=', $this->option('location_id'))->first();
+            LOG::debug('Location ID '.$this->option('location_id').' passed');
+            LOG::debug('Importing to '.$location->name.' ('.$location->id.')');
+        }
+
+        if (!isset($location)) {
+            LOG::debug('That location is invalid or a location was not provided, so no location will be assigned by default.');
+        }
+
+        /* Process locations with explicitly defined OUs, if doing a full import. */
+        if ($this->option('base_dn')=='') {
+            // Retrieve locations with a mapped OU, and sort them from the shallowest to deepest OU (see #3993)
+            $ldap_ou_locations = Location::where('ldap_ou', '!=', '')->get()->toArray();
+            $ldap_ou_lengths = array();
+            
+            foreach ($ldap_ou_locations as $location) {
+                $ldap_ou_lengths[] = strlen($location["ldap_ou"]);
+            }
+
+            array_multisort($ldap_ou_lengths, SORT_ASC, $ldap_ou_locations);
+
+            if (sizeof($ldap_ou_locations) > 0) {
+                LOG::debug('Some locations have special OUs set. Locations will be automatically set for users in those OUs.');
+            }
+
+            // Inject location information fields
+            for ($i = 0; $i < $results["count"]; $i++) {
+                $results[$i]["ldap_location_override"] = false;
+                $results[$i]["location_id"] = 0;
+            }
+
+            // Grab subsets based on location-specific DNs, and overwrite location for these users.
+            foreach ($ldap_ou_locations as $ldap_loc) {
+                $location_users = Ldap::findLdapUsers($ldap_loc["ldap_ou"]);
+                $usernames = array();
+                for ($i = 0; $i < $location_users["count"]; $i++) {
+
+                    if (array_key_exists($ldap_result_username, $location_users[$i])) {
+                        $location_users[$i]["ldap_location_override"] = true;
+                        $location_users[$i]["location_id"] = $ldap_loc["id"];
+                        $usernames[] = $location_users[$i][$ldap_result_username][0];
+                    }
+
+                }
+
+                // Delete located users from the general group.
+                foreach ($results as $key => $generic_entry) {
+                   if ((is_array($generic_entry)) && (array_key_exists($ldap_result_username, $generic_entry))) {
+                        if (in_array($generic_entry[$ldap_result_username][0], $usernames)) {
+                            unset($results[$key]);
+                        }
+                    }
+                }
+
+                $global_count = $results['count'];
+                $results = array_merge($location_users, $results);
+                $results['count'] = $global_count;
+            }
+        }
+
+        /* Create user account entries in Snipe-IT */
+        $tmp_pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
+        $pass = bcrypt($tmp_pass);
+
+        for ($i = 0; $i < $results["count"]; $i++) {
+            if (empty($ldap_result_active_flag) || $results[$i][$ldap_result_active_flag][0] == "TRUE") {
+
+                $item = array();
+                $item["username"] = isset($results[$i][$ldap_result_username][0]) ? $results[$i][$ldap_result_username][0] : "";
+                $item["employee_number"] = isset($results[$i][$ldap_result_emp_num][0]) ? $results[$i][$ldap_result_emp_num][0] : "";
+                $item["lastname"] = isset($results[$i][$ldap_result_last_name][0]) ? $results[$i][$ldap_result_last_name][0] : "";
+                $item["firstname"] = isset($results[$i][$ldap_result_first_name][0]) ? $results[$i][$ldap_result_first_name][0] : "";
+                $item["email"] = isset($results[$i][$ldap_result_email][0]) ? $results[$i][$ldap_result_email][0] : "" ;
+                $item["ldap_location_override"] = isset($results[$i]["ldap_location_override"]) ? $results[$i]["ldap_location_override"]:"";
+                $item["location_id"] = isset($results[$i]["location_id"]) ? $results[$i]["location_id"]:"";
+
+
+                // This is active directory, not regular LDAP
+                if ( array_key_exists('useraccountcontrol', $results[$i]) ) {
+                    $enabled_accounts = [
+                        '512', '544', '66048', '66080', '262656', '262688', '328192', '328224'
+                    ];
+                    $item['activated'] = ( in_array($results[$i]['useraccountcontrol'][0], $enabled_accounts) ) ? 1 : 0;
+
+                // Fall through to LDAP
+                } else {
+                    $item['activated'] = 0;
+                }
+
+                // User exists
+                $item["createorupdate"] = 'updated';
+                if (!$user = User::where('username', $item["username"])->first()) {
+                    $user = new User;
+                    $user->password = $pass;
+                    $item["createorupdate"] = 'created';
+                }
+
+                // Create the user if they don't exist.
+                $user->first_name = e($item["firstname"]);
+                $user->last_name = e($item["lastname"]);
+                $user->username = e($item["username"]);
+                $user->email = e($item["email"]);
+                $user->employee_num = e($item["employee_number"]);
+                $user->activated = $item['activated'];
+
+                if ($item['ldap_location_override'] == true) {
+                    $user->location_id = $item['location_id'];
+                } elseif ((isset($location)) && (!empty($location))) {
+
+                    if ((is_array($location)) && (array_key_exists('id', $location))) {
+                        $user->location_id = $location['id'];
+                    } elseif (is_object($location)) {
+                        $user->location_id = $location->id;
+                    }
+
+                }
+
+                $user->notes = 'Imported from LDAP';
+                $user->ldap_import = 1;
+
+                $errors = '';
+
+                if ($user->save()) {
+                    $item["note"] = $item["createorupdate"];
+                    $item["status"]='success';
+                } else {
+                    foreach ($user->getErrors()->getMessages() as $key => $err) {
+                        $errors .= $err[0];
+                    }
+                    $item["note"] = $errors;
+                    $item["status"]='error';
+                }
+
+                array_push($summary, $item);
+            }
+
+        }
+
+        if ($this->option('summary')) {
+            for ($x = 0; $x < count($summary); $x++) {
+                if ($summary[$x]['status']=='error') {
+                    $this->error('ERROR: '.$summary[$x]['firstname'].' '.$summary[$x]['lastname'].' (username:  '.$summary[$x]['username'].') was not imported: '.$summary[$x]['note']);
+                } else {
+                    $this->info('User '.$summary[$x]['firstname'].' '.$summary[$x]['lastname'].' (username:  '.$summary[$x]['username'].') was '.strtoupper($summary[$x]['createorupdate']).'.');
+                }
+            }
+        } else if ($this->option('json_summary')) {
+            $json_summary = [ "error" => false, "error_message" => "", "summary" => $summary ];
+            $this->info(json_encode($json_summary));
+        } else {
+            return $summary;
+        }
+    }
+}

app/Console/Commands/LicenseImportCommand.php

@@ -1,382 +0,0 @@
-<?php
-namespace App\Console\Commands;
-
-use Illuminate\Console\Command;
-use Symfony\Component\Console\Input\InputOption;
-use Symfony\Component\Console\Input\InputArgument;
-use League\Csv\Reader;
-
-class LicenseImportCommand extends Command {
-
-	/**
-	 * The console command name.
-	 *
-	 * @var string
-	 */
-	protected $name = 'snipeit:license-import';
-
-	/**
-	 * The console command description.
-	 *
-	 * @var string
-	 */
-	protected $description = 'Import Licenses from CSV';
-
-	/**
-	 * Create a new command instance.
-	 *
-	 * @return void
-	 */
-	public function __construct()
-	{
-		parent::__construct();
-	}
-
-	/**
-	 * Execute the console command.
-	 *
-	 * @return mixed
-	 */
-	public function fire()
-	{
-		$filename = $this->argument('filename');
-
-
-		if (!$this->option('testrun')=='true') {
-			$this->comment('======= Importing Licenses from '.$filename.' =========');
-		} else {
-			$this->comment('====== TEST ONLY License Import for '.$filename.' ====');
-			$this->comment('============== NO DATA WILL BE WRITTEN ==============');
-		}
-
-		if (! ini_get("auto_detect_line_endings")) {
-			ini_set("auto_detect_line_endings", '1');
-		}
-
-		$csv = Reader::createFromPath($this->argument('filename'));
-		$csv->setNewline("\r\n");
-		$csv->setOffset(1);
-		$duplicates = '';
-
-		// Loop through the records
-		$nbInsert = $csv->each(function ($row) use ($duplicates) {
-			$status_id = 1;
-
-			// Let's just map some of these entries to more user friendly words
-
-			if (array_key_exists('0',$row)) {
-				$user_name = trim($row[0]);
-			} else {
-				$user_name = '';
-			}
-
-			if (array_key_exists('1',$row)) {
-				$user_email = trim($row[1]);
-			} else {
-				$user_email = '';
-			}
-
-			if (array_key_exists('2',$row)) {
-				$user_username = trim($row[2]);
-			} else {
-				$user_username = '';
-			}
-
-			if (array_key_exists('3',$row)) {
-				$user_license_name = trim($row[3]);
-			} else {
-				$user_license_name = '';
-			}
-
-			if (array_key_exists('4',$row)) {
-				$user_license_serial = trim($row[4]);
-			} else {
-				$user_license_serial = '';
-			}
-
-			if (array_key_exists('5',$row)) {
-				$user_licensed_to_name = trim($row[5]);
-			} else {
-				$user_licensed_to_name = '';
-			}
-
-			if (array_key_exists('6',$row)) {
-				$user_licensed_to_email = trim($row[6]);
-			} else {
-				$user_licensed_to_email = '';
-			}
-
-			if (array_key_exists('7',$row)) {
-				$user_license_seats = trim($row[7]);
-			} else {
-				$user_license_seats = '';
-			}
-
-			if (array_key_exists('8',$row)) {
-				$user_license_reassignable = trim($row[8]);
-				if ($user_license_reassignable!='') {
-					if ((strtolower($user_license_reassignable)=='yes') || (strtolower($user_license_reassignable)=='true') || ($user_license_reassignable=='1')) {
-						$user_license_reassignable = 1;
-					}
-				} else {
-					$user_license_reassignable = 0;
-				}
-			} else {
-				$user_license_reassignable = 0;
-			}
-
-			if (array_key_exists('9',$row)) {
-				$user_license_supplier = trim($row[9]);
-			} else {
-				$user_license_supplier = '';
-			}
-
-			if (array_key_exists('10',$row)) {
-				$user_license_maintained = trim($row[10]);
-
-				if ($user_license_maintained!='') {
-					if ((strtolower($user_license_maintained)=='yes') || (strtolower($user_license_maintained)=='true') || ($user_license_maintained=='1')) {
-						$user_license_maintained = 1;
-					}
-				} else {
-					$user_license_maintained = 0;
-				}
-
-
-			} else {
-				$user_license_maintained = '';
-			}
-
-			if (array_key_exists('11',$row)) {
-				$user_license_notes = trim($row[11]);
-			} else {
-				$user_license_notes = '';
-			}
-
-			if (array_key_exists('12',$row)) {
-				if ($row[12]!='') {
-					$user_license_purchase_date = date("Y-m-d 00:00:01", strtotime($row[12]));
-				} else {
-					$user_license_purchase_date = '';
-				}
-			} else {
-				$user_license_purchase_date = 0;
-			}
-
-			// A number was given instead of a name
-			if (is_numeric($user_name)) {
-				$this->comment('User '.$user_name.' is not a name - assume this user already exists');
-				$user_username = '';
-			// No name was given
-
-			} elseif ($user_name=='') {
-				$this->comment('No user data provided - skipping user creation, just adding license');
-				$first_name = '';
-				$last_name = '';
-				$user_username = '';
-
-			} else {
-
-					$name = explode(" ", $user_name);
-					$first_name = $name[0];
-					$email_last_name = '';
-					$email_prefix = $first_name;
-
-					if (!array_key_exists(1, $name)) {
-						$last_name='';
-						$email_last_name = $last_name;
-						$email_prefix = $first_name;
-					} else {
-						$last_name = str_replace($first_name,'',$user_name);
-
-						if ($this->option('email_format')=='filastname') {
-							$email_last_name.=str_replace(' ','',$last_name);
-							$email_prefix = $first_name[0].$email_last_name;
-
-						} elseif ($this->option('email_format')=='firstname.lastname') {
-							$email_last_name.=str_replace(' ','',$last_name);
-							$email_prefix = $first_name.'.'.$email_last_name;
-
-						} elseif ($this->option('email_format')=='firstname') {
-							$email_last_name.=str_replace(' ','',$last_name);
-							$email_prefix = $first_name;
-						}
-
-
-					}
-
-
-					$user_username = $email_prefix;
-
-					// Generate an email based on their name if no email address is given
-					if ($user_email=='') {
-						if ($first_name=='Unknown') {
-							$status_id = 7;
-						}
-						$email = strtolower($email_prefix).'@'.$this->option('domain');
-						$user_email = str_replace("'",'',$email);
-					}
-			}
-
-			$this->comment('Full Name: '.$user_name);
-			$this->comment('First Name: '.$first_name);
-			$this->comment('Last Name: '.$last_name);
-			$this->comment('Username: '.$user_username);
-			$this->comment('Email: '.$user_email);
-			$this->comment('License Name: '.$user_license_name);
-			$this->comment('Serial No: '.$user_license_serial);
-			$this->comment('Licensed To Name: '.$user_licensed_to_name);
-			$this->comment('Licensed To Email: '.$user_licensed_to_email);
-			$this->comment('Seats: '.$user_license_seats);
-			$this->comment('Reassignable: '.$user_license_reassignable);
-			$this->comment('Supplier: '.$user_license_supplier);
-			$this->comment('Maintained: '.$user_license_maintained);
-			$this->comment('Notes: '.$user_license_notes);
-			$this->comment('Purchase Date: '.$user_license_purchase_date);
-
-			$this->comment('------------- Action Summary ----------------');
-
-			if ($user_username!='') {
-				if ($user = User::where('username', $user_username)->whereNotNull('username')->first()) {
-					$this->comment('User '.$user_username.' already exists');
-				} else {
-					// Create the user
-					$user = Sentry::createUser(array(
-						'first_name' => $first_name,
-						'last_name' => $last_name,
-						'email'     => $user_email,
-						'username'     => $user_username,
-						'password'  => substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 10),
-						'activated' => true,
-						'permissions' => array(
-							'admin' => 0,
-							'user'  => 1,
-						),
-						'notes'         => 'User importerd through license importer'
-					));
-
-					// Find the group using the group id
-					$userGroup = Sentry::findGroupById(3);
-
-					// Assign the group to the user
-					$user->addGroup($userGroup);
-					$this->comment('User '.$first_name.' created');
-				}
-			} else {
-				$user = new User;
-				$user->user_id = NULL;
-			}
-
-
-			// Check for the supplier match and create it if it doesn't exist
-			if ($supplier = Supplier::where('name', $user_license_supplier)->first()) {
-				$this->comment('Supplier '.$user_license_supplier.' already exists');
-			} else {
-				$supplier = new Supplier();
-				$supplier->name = e($user_license_supplier);
-				$supplier->user_id = 1;
-
-				if ($supplier->save()) {
-					$this->comment('Supplier '.$user_license_supplier.' was created');
-	            } else {
-					$this->comment('Something went wrong! Supplier '.$user_license_supplier.' was NOT created');
-				}
-
-			}
-
-
-			// Add the license
-			$license = new License();
-			$license->name = e($user_license_name);
-			if ($user_license_purchase_date!='') {
-				$license->purchase_date = $user_license_purchase_date;
-			} else {
-				$license->purchase_date = NULL;
-			}
-			$license->serial = e($user_license_serial);
-			$license->seats = e($user_license_seats);
-			$license->supplier_id = $supplier->id;
-			$license->user_id = 1;
-			if ($user_license_purchase_date!='') {
-				$license->purchase_date = $user_license_purchase_date;
-			} else {
-				$license->purchase_date = NULL;
-			}
-			$license->license_name = $user_licensed_to_name;
-			$license->license_email = $user_licensed_to_email;
-			$license->notes = e($user_license_notes);
-
-			if ($license->save()) {
-				$this->comment('License '.$user_license_name.' with serial number '.$user_license_serial.' was created');
-
-
-				$license_seat_created = 0;
-
-				for ($x = 0; $x < $user_license_seats; $x++) {
-					// Create the license seat entries
-					$license_seat = new LicenseSeat();
-					$license_seat->license_id = $license->id;
-
-					// Only assign the first seat to the user
-					if ($x==0) {
-						$license_seat->assigned_to = $user->id;
-					} else {
-						$license_seat->assigned_to = NULL;
-					}
-
-					if ($license_seat->save()) {
-						$license_seat_created++;
-					}
-				}
-
-				if ($license_seat_created > 0) {
-					$this->comment($license_seat_created.' seats were created');
-				} else {
-					$this->comment('Something went wrong! NO seats for '.$user_license_name.' were created');
-				}
-
-
-
-            } else {
-				$this->comment('Something went wrong! License '.$user_license_name.' was NOT created');
-			}
-
-
-			$this->comment('=====================================');
-
-			return true;
-
-		});
-
-
-	}
-
-	/**
-	 * Get the console command arguments.
-	 *
-	 * @return array
-	 */
-	protected function getArguments()
-	{
-		return array(
-			array('filename', InputArgument::REQUIRED, 'File for the CSV import.'),
-		);
-	}
-
-
-	/**
-	 * Get the console command options.
-	 *
-	 * @return array
-	 */
-	protected function getOptions()
-	{
-		return array(
-			array('domain', null, InputOption::VALUE_REQUIRED, 'Email domain for generated email addresses.', null),
-			array('email_format', null, InputOption::VALUE_REQUIRED, 'The format of the email addresses that should be generated. Options are firstname.lastname, firstname, filastname', null),
-			array('testrun', null, InputOption::VALUE_REQUIRED, 'Test the output without writing to the database or not.', null),
-		);
-	}
-
-
-}

app/Console/Commands/ObjectImportCommand.php

@@ -1,725 +1,180 @@
 <?php
 namespace App\Console\Commands;
 
-use Illuminate\Console\Command;
-use Illuminate\Support\Facades\Config;
-use Symfony\Component\Console\Input\InputOption;
-use Symfony\Component\Console\Input\InputArgument;
-use League\Csv\Reader;
+use App\Helpers\Helper;
+use App\Importer\AccessoryImporter;
+use App\Importer\AssetImporter;
+use App\Importer\ConsumableImporter;
+use App\Importer\Importer;
 use App\Models\Accessory;
 use App\Models\Asset;
 use App\Models\AssetModel;
 use App\Models\Category;
 use App\Models\Company;
 use App\Models\Consumable;
+use App\Models\CustomField;
 use App\Models\Location;
 use App\Models\Manufacturer;
+use App\Models\Setting;
+use App\Models\Statuslabel;
 use App\Models\Supplier;
 use App\Models\User;
 use DB;
+use Illuminate\Console\Command;
+use Illuminate\Database\Eloquent\Model;
+use League\Csv\Reader;
+use Symfony\Component\Console\Input\InputArgument;
+use Symfony\Component\Console\Input\InputOption;
+use ForceUTF8\Encoding;
+
+ini_set('max_execution_time', 600); //600 seconds = 10 minutes
+ini_set('memory_limit', '500M');
+
 /**
  * Class ObjectImportCommand
  */
-class ObjectImportCommand extends Command {
+class ObjectImportCommand extends Command
+{
 
-	/**
-	 * The console command name.
-	 *
-	 * @var string
-	 */
-	protected $name = 'snipeit:import';
-
-	/**
-	 * The console command description.
-	 *
-	 * @var string
-	 */
-	protected $description = 'Import Items from CSV';
-
-	/**
-	 * Create a new command instance.
-	 *
-	 * @return void
-	 */
-	public function __construct()
-	{
-		parent::__construct();
-	}
-
-	/**
-	 * Execute the console command.
-	 *
-	 * @return mixed
-	 */
-	public function fire()
-	{
-		$filename = $this->argument('filename');
-
-
-		if ($this->option('testrun')) {
-			$this->comment('====== TEST ONLY Asset Import for '.$filename.' ====');
-			$this->comment('============== NO DATA WILL BE WRITTEN ==============');
-		} else {
-
-			$this->comment('======= Importing Assets from '.$filename.' =========');
-		}
-
-		if (! ini_get("auto_detect_line_endings")) {
-			ini_set("auto_detect_line_endings", '1');
-		}
-
-		$csv = Reader::createFromPath($this->argument('filename'));
-		$csv->setNewline("\r\n");
-
-		$results = $csv->fetchAssoc();
-
-
-		$newarray = NULL;
-		foreach( $results as $index => $arraytoNormalize) {
-			$internalnewarray = array_change_key_case($arraytoNormalize);
-			$newarray[$index] = $internalnewarray;
-		}
-
-		$this->locations = Location::All(['name', 'id']);
-		$this->categories = Category::All(['name', 'category_type', 'id']);
-		$this->manufacturers = Manufacturer::All(['name', 'id']);
-		$this->asset_models = AssetModel::All(['name','modelno','category_id','manufacturer_id', 'id']);
-		$this->companies = Company::All(['name', 'id']);
-		$this->assets = Asset::all(['asset_tag']);
-		$this->suppliers = Supplier::All(['name']);
-		$this->accessories = Accessory::All(['name']);
-		$this->consumables = Consumable::All(['name']);
-		// Loop through the records
-		DB::transaction(function() use (&$newarray){
-		foreach( $newarray as $row ) {
-
-			// Let's just map some of these entries to more user friendly words
-
-			// Fetch general items here, fetch item type specific items in respective methods
-			/** @var Asset, License, Accessory, or Consumable $item_type */
-
-			$item_category = $this->array_smart_fetch($row, "category");
-			$item_company_name = $this->array_smart_fetch($row, "company");
-			$item_location = $this->array_smart_fetch($row, "location");
-
-			$item["item_type"] = strtolower($this->array_smart_fetch($row, "item type"));
-			if(empty($item["item_type"])) {
-				$this->comment("Item Type not set.  Assuming asset");
-				$item["item_type"] = 'asset';
-			}
-
-			$item["item_name"] = $this->array_smart_fetch($row, "item name");
-			$item["purchase_date"] = date("Y-m-d 00:00:01", strtotime($this->array_smart_fetch($row, "purchase date")));
-			$item["purchase_cost"] = $this->array_smart_fetch($row, "purchase cost");
-			$item["order_number"] = $this->array_smart_fetch($row, "order number");
-			$item["notes"] = $this->array_smart_fetch($row, "notes");
-			$item["quantity"] = $this->array_smart_fetch($row, "quantity");
-			$item["requestable"] = $this->array_smart_fetch($row, "requestable");
-
-
-			$this->comment("Item Type: " . $item["item_type"]);
-			$this->comment('Category Name: ' . $item_category);
-			$this->comment('Location: ' . $item_location);
-			$this->comment('Purchase Date: ' . $item["purchase_date"]);
-			$this->comment('Purchase Cost: ' . $item["purchase_cost"]);
-			$this->comment('Company Name: ' . $item_company_name);
-
-			$item["user"] = $this->createOrFetchUser($row);
-
-			$item["location"] = $this->createOrFetchLocation($item_location);
-			$item["category"] = $this->createOrFetchCategory($item_category, $item["item_type"]);
-			$item["manufacturer"] = $this->createOrFetchManufacturer($row);
-			$item["company"] = $this->createOrFetchCompany($item_company_name);
-
-			switch ($item["item_type"]) {
-				case "asset":
-					$this->createAssetIfNotExists($row, $item);
-					break;
-				case "accessory":
-					$this->createAccessoryIfNotExists($item);
-					break;
-				case 'consumable':
-					$this->createConsumableIfNotExists($item);
-					break;
-			}
-			$this->comment('------------- Action Summary ----------------');
-
-		}
-	});
-			$this->comment('=====================================');
-
-			return true;
-	}
-
-	/**
-	 * Check to see if the given key exists in the array, and trim excess white space before returning it
-	 * @param $array array
-	 * @param $key string
-	 * @param $default string
-	 * @return string
-     */
-	public function array_smart_fetch(Array $array, $key, $default = ''){
-		return array_key_exists($key,$array) ? e(trim($array[ $key ])) : $default;
-	}
-
-	private $asset_models;
     /**
-     * @param array
-     * @param $category Category
-     * @param $manufacturer Manufacturer
-     * @return Model
-     * @internal param $asset_modelno string
+     * The console command name.
+     *
+     * @var string
      */
-	public function createOrFetchAssetModel(array $row, $category, $manufacturer)
-	{
+    protected $name = 'snipeit:import';
 
-		$asset_model_name = $this->array_smart_fetch($row, "model name");
-		$asset_modelno = $this->array_smart_fetch($row, "model number");
-		if(empty($asset_model_name))
-			$asset_model_name='Unknown';
-		if(empty($asset_modelno))
-			$asset_modelno=0;
-		$this->comment('Model Name: ' . $asset_model_name);
-		$this->comment('Model No: ' . $asset_modelno);
-
-
-		foreach ($this->asset_models as $tempmodel) {
-			if ($tempmodel->name === $asset_model_name 
-				&& $tempmodel->modelno == $asset_modelno
-				&& $tempmodel->category_id == $category->id 
-				&& $tempmodel->manufacturer_id == $manufacturer->id )
-			{
-				$this->comment('A matching model ' . $asset_model_name . ' with model number ' . $asset_modelno . ' already exists');
-				return $tempmodel;
-			}
-		}
-		$asset_model = new AssetModel();
-		$asset_model->name = $asset_model_name;
-		$asset_model->manufacturer_id = $manufacturer->id;
-		$asset_model->modelno = $asset_modelno;
-		$asset_model->category_id = $category->id;
-		$asset_model->user_id = 1;
-		$this->asset_models->add($asset_model);
-
-		if(!$this->option('testrun')) {
-			if ($asset_model->save()) {
-				$this->comment('Asset Model ' . $asset_model_name . ' with model number ' . $asset_modelno . ' was created');
-				return $asset_model;
-			} else {
-				$this->comment('Something went wrong! Asset Model ' . $asset_model_name . ' was NOT created');
-				dd($asset_model);
-				return $asset_model;
-			}
-		} else {
-			return $asset_model;
-		}
-
-	}
-
-	private $categories;
-
-	/**
-	 * Finds a category with the same name and item type in the database, otherwise creates it
-	 * @param $asset_category string
-	 * @param $item_type string
-	 * @return Category
-	 */
-	public function createOrFetchCategory($asset_category, $item_type)
-	{
-		if (empty($asset_category))
-			$asset_category = 'Unnamed Category';
-
-		foreach($this->categories as $tempcategory) {
-			if( $tempcategory->name === $asset_category && $tempcategory->category_type === $item_type) {
-				$this->comment('Category ' . $asset_category . ' already exists');
-				return $tempcategory;
-			}
-		}
-
-		$category = new Category();
-
-		$category->name = $asset_category;
-		$category->category_type = $item_type;
-		$category->user_id = 1;
-		$this->categories->add($category);
-
-		if(!$this->option('testrun')) {
-			if ($category->save()) {
-				$this->comment('Category ' . $asset_category . ' was created');
-				return $category;
-			} else {
-				$this->comment('Something went wrong! Category ' . $asset_category . ' was NOT created');
-				dd($category);
-				return $category;
-			}
-		} else {
-			return $category;
-		}
-
-	}
-
-	private $companies;
-
-	/**
-	 * @param $asset_company_name string
-	 * @return Company
-	 */
-	public function createOrFetchCompany($asset_company_name)
-	{
-		foreach ($this->companies as $tempcompany) {
-			if ($tempcompany->name === $asset_company_name) {
-				$this->comment('A matching Company ' . $asset_company_name . ' already exists');
-				return $tempcompany;
-			}
-		}
-
-		$company = new Company();
-		$company->name = $asset_company_name;
-		$this->companies->add($company);
-
-		if(!$this->option('testrun')) {
-			if ($company->save()) {
-				$this->comment('Company ' . $asset_company_name . ' was created');
-				return $company;
-			} else {
-				$this->comment('Something went wrong! Company ' . $asset_company_name . ' was NOT created');
-				return $company;
-			}
-		} else {
-			return $company;
-		}
-	}
-
-
-	private $manufacturers;
-
-	/**
-	 * Finds a manufacturer with matching name, otherwise create it.
-	 * @param $row array
-	 * @return Manufacturer
-	 * @internal param $asset_mfgr string
-	 */
-
-	public function createOrFetchManufacturer(array $row)
-	{
-		$asset_mfgr = $this->array_smart_fetch($row, "manufacturer");
-
-		if(empty($asset_mfgr)) {
-			$asset_mfgr='Unknown';
-		}
-		$this->comment('Manufacturer ID: ' . $asset_mfgr);
-
-		foreach ($this->manufacturers as $tempmanufacturer) {
-			if ($tempmanufacturer->name === $asset_mfgr) {
-				$this->comment('Manufacturer ' . $asset_mfgr . ' already exists');
-				return $tempmanufacturer;
-			}
-		}
-
-		//Otherwise create a manufacturer.
-
-		$manufacturer = new Manufacturer();
-		$manufacturer->name = $asset_mfgr;
-		$manufacturer->user_id = 1;
-		$this->manufacturers->add($manufacturer);
-
-		if (!$this->option('testrun')) {
-			if ($manufacturer->save()) {
-				$this->comment('Manufacturer ' . $manufacturer->name . ' was created');
-				return $manufacturer;
-			} else {
-				$this->comment('Something went wrong! Manufacturer ' . $asset_mfgr . ' was NOT created');
-				dd($manufacturer);
-				return $manufacturer;
-			}
-
-		} else {
-			return $manufacturer;
-		}
-	}
-
-		/**
-	 * @var
+    /**
+     * The console command description.
+     *
+     * @var string
      */
-	private $locations;
-	/**
-	 * Checks the DB to see if a location with the same name exists, otherwise create it
-	 * @param $asset_location string
-	 * @return Location
-	 */
-	public function createOrFetchLocation($asset_location)
-	{
-		foreach($this->locations as $templocation) {
-			if( $templocation->name === $asset_location ) {
-				$this->comment('Location ' . $asset_location . ' already exists');
-				return $templocation;
-			}
-		}
-		// No matching locations in the collection, create a new one.
-		$location = new Location();
+    protected $description = 'Import Items from CSV';
 
-		if (!empty($asset_location)) {
-			$location->name = $asset_location;
-			$location->address = '';
-			$location->city = '';
-			$location->state = '';
-			$location->country = '';
-			$location->user_id = 1;
-			$this->locations->add($location);
-
-			if (!$this->option('testrun')) {
-				if ($location->save()) {
-					$this->comment('Location ' . $asset_location . ' was created');
-					return $location;
-				} else {
-					$this->comment('Something went wrong! Location ' . $asset_location . ' was NOT created');
-					dd($location);
-					return $location;
-				}
-			} else {
-				return $location;
-			}
-		} else {
-			$this->comment('No location given, so none created.');
-			return $location;
-		}
-
-	}
-
-	private $suppliers;
-
-	/**
-	 * @param $row array
-	 * @return Supplier
+    /**
+     * Create a new command instance.
+     *
+     * @return void
      */
-	public function createOrFetchSupplier(array $row)
-	{
-		$supplier_name = $this->array_smart_fetch($row, "supplier");
-		if(empty($supplier_name))
-			$supplier_name='Unknown';
-		foreach ($this->suppliers as $tempsupplier) {
-			if ($tempsupplier->name === $supplier_name) {
-				$this->comment('A matching Company ' . $supplier_name . ' already exists');
-				return $tempsupplier;
-			}
-		}
+    public function __construct()
+    {
+        parent::__construct();
+    }
+    private $bar;
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function fire()
+    {
+        $filename = $this->argument('filename');
+        $class = title_case($this->option('item-type'));
+        $classString = "App\\Importer\\{$class}Importer";
+        $importer = new $classString($filename);
+        $importer->setCallbacks([$this, 'log'], [$this, 'progress'], [$this, 'errorCallback'])
+                 ->setUserId($this->option('user_id'))
+                 ->setUpdating($this->option('update'))
+                 ->setShouldNotify($this->option('send-welcome'))
+                 ->setUsernameFormat($this->option('username_format'));
 
-		$supplier = new Supplier();
-		$supplier->name = $supplier_name;
-		$supplier->user_id = 1;
-		$this->suppliers->add($supplier);
+        $logFile = $this->option('logfile');
+        \Log::useFiles($logFile);
+        $this->comment('======= Importing Items from '.$filename.' =========');
+        $importer->import();
 
-		if(!$this->option('testrun')) {
-			if ($supplier->save()) {
-				$this->comment('Supplier ' . $supplier_name . ' was created');
-				return $supplier;
-			} else {
-				$this->comment('Something went wrong! Supplier ' . $supplier_name . ' was NOT created');
-				dd($supplier);
-				return $supplier;
-			}
-		} else {
-			return $supplier;
-		}
-	}
+        $this->bar = null;
 
-		/**
-	 * Finds the user matching given data, or creates a new one if there is no match
-	 * @param $row array
-	 * @return User Model w/ matching name
-	 * @internal param string $user_username Username extracted from CSV
-	 * @internal param string $user_email Email extracted from CSV
-	 * @internal param string $first_name
-	 * @internal param string $last_name
-	 */
-	public function createOrFetchUser($row)
-	{
-		$user_name = $this->array_smart_fetch($row, "name");
-		$user_email = $this->array_smart_fetch($row, "email");
-		$user_username = $this->array_smart_fetch($row, "username");
+        if (!empty($this->errors)) {
+            $this->comment("The following Errors were encountered.");
+            foreach ($this->errors as $asset => $error) {
+                $this->comment('Error: Item: ' . $asset . ' failed validation: ' . json_encode($error));
+            }
+        } else {
+            $this->comment("All Items imported successfully!");
+        }
+        $this->comment("");
 
-		// A number was given instead of a name
-		if (is_numeric($user_name)) {
-			$this->comment('User '.$user_name.' is not a name - assume this user already exists');
-			$user_username = '';
-            $first_name = '';
-			$last_name = '';
+        return;
+    }
 
-		// No name was given
-		} elseif (empty($user_name)) {
-			$this->comment('No user data provided - skipping user creation, just adding asset');
-			$first_name = '';
-			$last_name = '';
-			//$user_username = '';
-		} else {
-			$user_email_array = User::generateFormattedNameFromFullName($this->option('email_format'), $user_name);
-			$first_name = $user_email_array['first_name'];
-			$last_name = $user_email_array['last_name'];
-
-			if ($user_email=='') {
-				$user_email = $user_email_array['username'].'@'.config('app.domain');
-			}
-
-			if ($user_username=='') {
-				if ($this->option('username_format')=='email') {
-					$user_username = $user_email;
-				} else {
-					$user_name_array = User::generateFormattedNameFromFullName($this->option('username_format'), $user_name);
-					$user_username = $user_name_array['username'];
-				}
-
-			}
-
-		}
-		$this->comment("--- User Data ---");
-		$this->comment('Full Name: ' . $user_name);
-		$this->comment('First Name: ' . $first_name);
-		$this->comment('Last Name: ' . $last_name);
-		$this->comment('Username: ' . $user_username);
-		$this->comment('Email: ' . $user_email);
-		$this->comment('--- End User Data ---');
-
-        if($this->option('testrun'))
-            return new User;
-
-		if (!empty($user_username)) {
-			if ($user = User::MatchEmailOrUsername($user_username, $user_email)
-				->whereNotNull('username')->first()) {
-				$this->comment('User '.$user_username.' already exists');
-			} else {
-                $user = new \App\Models\User;
-                $password  = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
-
-                $user->first_name = $first_name;
-                $user->last_name = $last_name;
-                $user->username = $user_username;
-                $user->email = $user_email;
-                $user->password = bcrypt($password);
-                $user->activated = 1;
-                if ($user->save()) {
-                    $this->comment('User '.$first_name.' created');
-                } else {
-                    $this->error('ERROR CREATING User '.$first_name.' '.$last_name);
-                    $this->error($user->getErrors());
-                }
-
-			}
-		} else {
-			$user = new User;
-		}
-		return $user;
-	}
-
-	private $assets;
-
-	/**
-	 * @param array $row
-	 * @param array $item
-	 */
-	public function createAssetIfNotExists(array $row, array $item )
-	{
-		$status_id = 1;
-        $asset_serial = $this->array_smart_fetch($row, "serial number");
-        $asset_tag = $this->array_smart_fetch($row, "asset tag");
-        $asset_image = $this->array_smart_fetch($row, "image");
-        // Check for the asset model match and create it if it doesn't exist
-        $asset_model = $this->createOrFetchAssetModel($row, $item["category"], $item["manufacturer"]);
-		$supplier = $this->createOrFetchSupplier($row);
-
-        $this->comment('Serial No: '.$asset_serial);
-        $this->comment('Asset Tag: '.$asset_tag);
-        $this->comment('Notes: '.$item["notes"]);
-
-		foreach ($this->assets as $tempasset) {
-			if ($tempasset->asset_tag === $asset_tag ) {
-				$this->comment('A matching Asset ' . $asset_tag . ' already exists');
-				return;
-			}
-		}
-
-		$asset = new Asset();
-		$asset->name = $item["item_name"];
-		if ($item["purchase_date"] != '') {
-			$asset->purchase_date = $item["purchase_date"];
-		} else {
-			$asset->purchase_date = NULL;
-		}
-
-		if (!empty($item_purchase_cost)) {
-			$asset->purchase_cost = number_format($item["purchase_cost"],2);
-			$this->comment("Asset cost parsed: " . $asset->purchase_cost);
-		} else {
-			$asset->purchase_cost = 0.00;
-		}
-		$asset->serial = $asset_serial;
-		$asset->asset_tag = $asset_tag;
-		$asset->model_id = $asset_model->id;
-		$asset->assigned_to = $item["user"]->id;
-		$asset->rtd_location_id = $item["location"]->id;
-		$asset->user_id = 1;
-		$asset->status_id = $status_id;
-		$asset->company_id = $item["company"]->id;
-		$asset->order_number = $item["order_number"];
-		$asset->supplier_id = $supplier->id;
-		$asset->notes = $item["notes"];
-		$asset->image = $asset_image;
-		$this->assets->add($asset);
-		if (!$this->option('testrun')) {
-
-			if ($asset->save()) {
-				$this->comment('Asset ' . $item["item_name"] . ' with serial number ' . $asset_serial . ' was created');
-			} else {
-				$this->comment('Something went wrong! Asset ' . $item["item_name"] . ' was NOT created');
-				// dd($asset);
-			}
-
-		} else {
-			return;
-		}
-	}
-
-	private $accessories;
-
-	/**
-	 * Create an accessory if a duplicate does not exist
-	 * @param $item array
-	 */
-	public function createAccessoryIfNotExists(array $item )
-	{
-		$this->comment("Creating Accessory");
-		foreach ($this->accessories as $tempaccessory) {
-			if ($tempaccessory->name === $item["item_name"] ) {
-				$this->comment('A matching Accessory ' . $item["item_name"] . ' already exists.  ');
-				// FUTURE: Adjust quantity on import maybe?
-				return;
-			}
-		}
-
-		$accessory = new Accessory();
-		$accessory->name = $item["item_name"];
-		if (!empty($item["purchase_date"])) {
-			$accessory->purchase_date = $item["purchase_date"];
-		} else {
-			$accessory->purchase_date = NULL;
-		}
-		if (!empty($item["purchase_cost"])) {
-			$accessory->purchase_cost = number_format(e($item["purchase_cost"]),2);
-		} else {
-			$accessory->purchase_cost = 0.00;
-		}
-		$accessory->location_id = $item["location"]->id;
-		$accessory->user_id = 1;
-		$accessory->company_id = $item["company"]->id;
-		$accessory->order_number = $item["order_number"];
-		$accessory->category_id = $item["category"]->id;
-
-		//TODO: Implement
-//		$accessory->notes = e($item_notes);
-		$accessory->requestable = filter_var($item["requestable"], FILTER_VALIDATE_BOOLEAN);
-
-		//Must have at least zero of the item if we import it.
-		if($item["quantity"] > -1) {
-			$accessory->qty = $item["quantity"];
-		} else {
-			$accessory->qty = 1;
-		}
-
-		if (!$this->option('testrun')) {
-			if ($accessory->save()) {
-				$this->comment('Accessory ' . $item["item_name"] . ' was created');
-			} else {
-				$this->comment('Something went wrong! Accessory ' . $item["item_name"] . ' was NOT created');
-			}
-		} else {
-			$this->comment('TEST RUN - Accessory  ' . $item["item_name"] . ' not created');
-		}
-	}
-
-	private $consumables;
-
-	/**
-	 * Create a consumable if a duplicate does not exist
-	 * @param $item array
-	 */
-	public function createConsumableIfNotExists(array $item)
-	{
-		$this->comment("Creating Consumable");
-		foreach($this->consumables as $tempconsumable) {
-			if($tempconsumable->name === $item["item_name"]) {
-				$this->comment("A matching sumable " . $item["item_name"] . " already exists");
-				//TODO: Adjust quantity if different maybe?
-				return;
-			}
-		}
-
-		$consumable = new Consumable();
-		$consumable->name = $item["item_name"];
-
-		if(!empty($item["purchase_date"])) {
-			$consumable->purchase_date = $item["purchase_date"];
-		} else {
-			$consumable->purchase_date = NULL;
-		}
-
-		if(!empty($item["purchase_cost"])) {
-			$consumable->purchase_cost = number_format(e($item["purchase_cost"]),2);
-		} else {
-			$consumable->purchase_cost = 0.00;
-		}
-		$consumable->location_id = $item["location"]->id;
-		$consumable->user_id = 1; // TODO: What user_id should we use for imports?
-		$consumable->company_id = $item["company"]->id;
-		$consumable->order_number = $item["order_number"];
-		$consumable->category_id = $item["category"]->id;
-		// TODO:Implement
-		//$consumable->notes= e($item_notes);
-		$consumable->requestable = filter_var($item["requestable"], FILTER_VALIDATE_BOOLEAN);
-
-		if($item["quantity"] > -1) {
-			$consumable->qty = $item["quantity"];
-		} else {
-			$consumable->qty = 1;
-		}
-
-		if(!$this->option("testrun")) {
-			if($consumable->save()) {
-				$this->comment("Consumable " . $item["item_name"] . ' was created');
-			} else {
-				$this->comment('Something went wrong! Consumable ' . $item["item_name"] . ' not created');
-			}
-		} else {
-			$this->comment('TEST RUN - Consumable ' . $item['item_name'] . ' not created');
-		}
-	}
-
-	/**
-	 * Get the console command arguments.
-	 *
-	 * @return array
-	 */
-	protected function getArguments()
-	{
-		return array(
-			array('filename', InputArgument::REQUIRED, 'File for the CSV import.'),
-		);
-	}
+    public function errorCallback($item, $field, $errorString)
+    {
+        $this->errors[$item->name][$field] = $errorString;
+    }
+    public function progress($count)
+    {
+        if (!$this->bar) {
+            $this->bar = $this->output->createProgressBar($count);
+        }
+        static $index =0;
+        $index++;
+        if ($index < $count) {
+            $this->bar->advance();
+        } else {
+            $this->bar->finish();
+        }
+    }
+    // Tracks the current item for error messages
+    private $updating;
+    // An array of errors encountered while parsing
+    private $errors;
 
 
-	/**
-	 * Get the console command options.
-	 *
-	 * @return array
-	 */
-	protected function getOptions()
-	{
-	return array(
-		array('email_format', null, InputOption::VALUE_REQUIRED, 'The format of the email addresses that should be generated. Options are firstname.lastname, firstname, filastname', null),
-		array('username_format', null, InputOption::VALUE_REQUIRED, 'The format of the username that should be generated. Options are firstname.lastname, firstname, filastname, email', null),
-		array('testrun', null, InputOption::VALUE_NONE, 'If set, will parse and output data without adding to database', null),
-	);
-
-	}
+    /**
+     * Log a message to file, configurable by the --log-file parameter.
+     * If a warning message is passed, we'll spit it to the console as well.
+     *
+     * @author Daniel Melzter
+     * @since 3.0
+     * @param string $string
+     * @param string $level
+    */
+    public function log($string, $level = 'info')
+    {
+        if ($level === 'warning') {
+            \Log::warning($string);
+            $this->comment($string);
+        } else {
+            \Log::Info($string);
+            if ($this->option('verbose')) {
+                $this->comment($string);
+            }
+        }
+    }
+    /**
+     * Get the console command arguments.
+     *
+     * @author Daniel Melzter
+     * @since 3.0
+     * @return array
+     */
+    protected function getArguments()
+    {
+        return array(
+            array('filename', InputArgument::REQUIRED, 'File for the CSV import.'),
+        );
+    }
 
 
+    /**
+     * Get the console command options.
+     *
+     * @author Daniel Melzter
+     * @since 3.0
+     * @return array
+     */
+    protected function getOptions()
+    {
+        return array(
+        array('email_format', null, InputOption::VALUE_REQUIRED, 'The format of the email addresses that should be generated. Options are firstname.lastname, firstname, filastname', null),
+        array('username_format', null, InputOption::VALUE_REQUIRED, 'The format of the username that should be generated. Options are firstname.lastname, firstname, filastname, email', null),
+        array('logfile', null, InputOption::VALUE_REQUIRED, 'The path to log output to.  storage/logs/importer.log by default', storage_path('logs/importer.log') ),
+        array('item-type', null, InputOption::VALUE_REQUIRED, 'Item Type To import.  Valid Options are Asset, Consumable, Accessory, License, or User', 'Asset'),
+        array('web-importer', null, InputOption::VALUE_NONE, 'Internal: packages output for use with the web importer'),
+        array('user_id', null, InputOption::VALUE_REQUIRED, 'ID of user creating items', 1),
+        array('update', null, InputOption::VALUE_NONE, 'If a matching item is found, update item information'),
+        array('send-welcome', null, InputOption::VALUE_NONE, 'Whether to send a welcome email to any new users that are created.'),
+        );
 
-}
+    }
+}

app/Console/Commands/PaveIt.php

@@ -2,8 +2,25 @@
 
 namespace App\Console\Commands;
 
-use Illuminate\Console\Command;
+use App\Models\Accessory;
+use App\Models\Asset;
+use App\Models\AssetModel;
+use App\Models\Category;
+use App\Models\Company;
+use App\Models\Component;
+use App\Models\Consumable;
+use App\Models\Department;
+use App\Models\Depreciation;
+use App\Models\Group;
+use App\Models\Import;
+use App\Models\License;
+use App\Models\LicenseSeat;
+use App\Models\Location;
+use App\Models\Manufacturer;
+use App\Models\Statuslabel;
+use App\Models\Supplier;
 use DB;
+use Illuminate\Console\Command;
 
 class PaveIt extends Command
 {
@@ -12,7 +29,8 @@ class PaveIt extends Command
      *
      * @var string
      */
-    protected $signature = 'snipeit:pave';
+    protected $signature = 'snipeit:pave
+              {--soft : Perform a "Soft" Delete, leaving all migrations, table structure, and the first user in place.}';
 
     /**
      * The console command description.
@@ -38,45 +56,88 @@ class PaveIt extends Command
      */
     public function handle()
     {
+        if ($this->confirm("\n****************************************************\nTHIS WILL DELETE ALL OF THE DATA IN YOUR DATABASE. \nThere is NO undo. This WILL destroy ALL of your data. \n****************************************************\n\nDo you wish to continue? No backsies! [y|N]")) {
+            if ($this->option('soft')) {
+                Accessory::getQuery()->delete();
+                Asset::getQuery()->delete();
+                Category::getQuery()->delete();
+                Company::getQuery()->delete();
+                Component::getQuery()->delete();
+                Consumable::getQuery()->delete();
+                Department::getQuery()->delete();
+                Depreciation::getQuery()->delete();
+                License::getQuery()->delete();
+                LicenseSeat::getQuery()->delete();
+                Location::getQuery()->delete();
+                Manufacturer::getQuery()->delete();
+                AssetModel::getQuery()->delete();
+                Statuslabel::getQuery()->delete();
+                Supplier::getQuery()->delete();
+                Group::getQuery()->delete();
+                Import::getQuery()->delete();
 
-        if ($this->confirm("\n****************************************************\nTHIS WILL DROP ALL OF THE TABLES IN YOUR DATABASE. \nThere is NO undo. This WILL destroy ALL of your data. \n****************************************************\n\nDo you wish to continue? No backsies! [y|N]")) {
-
-          \DB::statement('drop table IF EXISTS accessories_users');
-          \DB::statement('drop table IF EXISTS accessories');
-          \DB::statement('drop table IF EXISTS asset_logs');
-          \DB::statement('drop table IF EXISTS asset_maintenances');
-          \DB::statement('drop table IF EXISTS asset_uploads');
-          \DB::statement('drop table IF EXISTS assets');
-          \DB::statement('drop table IF EXISTS categories');
-          \DB::statement('drop table IF EXISTS companies');
-          \DB::statement('drop table IF EXISTS consumables_users');
-          \DB::statement('drop table IF EXISTS consumables');
-          \DB::statement('drop table IF EXISTS custom_field_custom_fieldset');
-          \DB::statement('drop table IF EXISTS custom_fields');
-          \DB::statement('drop table IF EXISTS custom_fieldsets');
-          \DB::statement('drop table IF EXISTS depreciations');
-          \DB::statement('drop table IF EXISTS groups');
-          \DB::statement('drop table IF EXISTS history');
-          \DB::statement('drop table IF EXISTS components');
-          \DB::statement('drop table IF EXISTS components_assets');
-          \DB::statement('drop table IF EXISTS license_seats');
-          \DB::statement('drop table IF EXISTS licenses');
-          \DB::statement('drop table IF EXISTS locations');
-          \DB::statement('drop table IF EXISTS manufacturers');
-          \DB::statement('drop table IF EXISTS models');
-          \DB::statement('drop table IF EXISTS migrations');
-          \DB::statement('drop table IF EXISTS password_resets');
-          \DB::statement('drop table IF EXISTS requested_assets');
-          \DB::statement('drop table IF EXISTS requests');
-          \DB::statement('drop table IF EXISTS settings');
-          \DB::statement('drop table IF EXISTS status_labels');
-          \DB::statement('drop table IF EXISTS suppliers');
-          \DB::statement('drop table IF EXISTS throttle');
-          \DB::statement('drop table IF EXISTS users_groups');
-          \DB::statement('drop table IF EXISTS users');
-
-
+                DB::statement('delete from accessories_users');
+                DB::statement('delete from asset_logs');
+                DB::statement('delete from asset_maintenances');
+                DB::statement('delete from login_attempts');
+                DB::statement('delete from asset_uploads');
+                DB::statement('delete from action_logs');
+                DB::statement('delete from checkout_requests');
+                DB::statement('delete from consumables_users');
+                DB::statement('delete from custom_field_custom_fieldset');
+                DB::statement('delete from custom_fields');
+                DB::statement('delete from custom_fieldsets');
+                DB::statement('delete from components_assets');
+                DB::statement('delete from password_resets');
+                DB::statement('delete from requested_assets');
+                DB::statement('delete from requests');
+                DB::statement('delete from throttle');
+                DB::statement('delete from users_groups');
+                DB::statement('delete from users WHERE id!=1');
+            } else {
+                \DB::statement('drop table IF EXISTS accessories_users');
+                \DB::statement('drop table IF EXISTS accessories');
+                \DB::statement('drop table IF EXISTS asset_logs');
+                \DB::statement('drop table IF EXISTS action_logs');
+                \DB::statement('drop table IF EXISTS asset_maintenances');
+                \DB::statement('drop table IF EXISTS asset_uploads');
+                \DB::statement('drop table IF EXISTS assets');
+                \DB::statement('drop table IF EXISTS categories');
+                \DB::statement('drop table IF EXISTS checkout_requests');
+                \DB::statement('drop table IF EXISTS companies');
+                \DB::statement('drop table IF EXISTS consumables_users');
+                \DB::statement('drop table IF EXISTS consumables');
+                \DB::statement('drop table IF EXISTS custom_field_custom_fieldset');
+                \DB::statement('drop table IF EXISTS custom_fields');
+                \DB::statement('drop table IF EXISTS custom_fieldsets');
+                \DB::statement('drop table IF EXISTS depreciations');
+                \DB::statement('drop table IF EXISTS departments');
+                \DB::statement('drop table IF EXISTS groups');
+                \DB::statement('drop table IF EXISTS history');
+                \DB::statement('drop table IF EXISTS components');
+                \DB::statement('drop table IF EXISTS components_assets');
+                \DB::statement('drop table IF EXISTS license_seats');
+                \DB::statement('drop table IF EXISTS licenses');
+                \DB::statement('drop table IF EXISTS locations');
+                \DB::statement('drop table IF EXISTS manufacturers');
+                \DB::statement('drop table IF EXISTS models');
+                \DB::statement('drop table IF EXISTS migrations');
+                \DB::statement('drop table IF EXISTS oauth_access_tokens');
+                \DB::statement('drop table IF EXISTS oauth_auth_codes');
+                \DB::statement('drop table IF EXISTS oauth_clients');
+                \DB::statement('drop table IF EXISTS oauth_personal_access_clients');
+                \DB::statement('drop table IF EXISTS oauth_refresh_tokens');
+                \DB::statement('drop table IF EXISTS password_resets');
+                \DB::statement('drop table IF EXISTS requested_assets');
+                \DB::statement('drop table IF EXISTS requests');
+                \DB::statement('drop table IF EXISTS settings');
+                \DB::statement('drop table IF EXISTS status_labels');
+                \DB::statement('drop table IF EXISTS suppliers');
+                \DB::statement('drop table IF EXISTS throttle');
+                \DB::statement('drop table IF EXISTS users_groups');
+                \DB::statement('drop table IF EXISTS users');
+                \DB::statement('drop table IF EXISTS imports');
+            }
         }
-
     }
 }

app/Console/Commands/Purge.php

@@ -53,7 +53,7 @@ class Purge extends Command
     public function handle()
     {
         $force = $this->option('force');
-        if (($this->confirm("\n****************************************************\nTHIS WILL PURGE ALL SOFT-DELETED ITEMS IN YOUR SYSTEM. \nThere is NO undo. This WILL permanently destroy \nALL of your deleted data. \n****************************************************\n\nDo you wish to continue? No backsies! [y|N]")) ||  $force == 'true')  {
+        if (($this->confirm("\n****************************************************\nTHIS WILL PURGE ALL SOFT-DELETED ITEMS IN YOUR SYSTEM. \nThere is NO undo. This WILL permanently destroy \nALL of your deleted data. \n****************************************************\n\nDo you wish to continue? No backsies! [y|N]")) ||  $force == 'true') {
 
             /**
              * Delete assets
@@ -62,15 +62,19 @@ class Purge extends Command
             $assetcount = $assets->count();
             $this->info($assets->count().' assets purged.');
             $asset_assoc = 0;
+            $asset_maintenances = 0;
 
             foreach ($assets as $asset) {
-                $this->info('- Asset "'.$asset->showAssetName().'" deleted.');
+                $this->info('- Asset "'.$asset->present()->name().'" deleted.');
                 $asset_assoc += $asset->assetlog()->count();
                 $asset->assetlog()->forceDelete();
+                $asset_maintenances += $asset->assetmaintenances()->count();
+                $asset->assetmaintenances()->forceDelete();
                 $asset->forceDelete();
             }
 
             $this->info($asset_assoc.' corresponding log records purged.');
+            $this->info($asset_maintenances.' corresponding maintenance records purged.');
 
             $locations = Location::whereNotNull('deleted_at')->withTrashed()->get();
             $this->info($locations->count().' locations purged.');
@@ -140,7 +144,7 @@ class Purge extends Command
                 $supplier->forceDelete();
             }
 
-            $users = User::whereNotNull('deleted_at')->withTrashed()->get();
+            $users = User::whereNotNull('deleted_at')->where('show_in_list', '!=', '0')->withTrashed()->get();
             $this->info($users->count().' users purged.');
             $user_assoc = 0;
             foreach ($users as $user) {

app/Console/Commands/RecryptFromMcrypt.php

@@ -0,0 +1,167 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\CustomField;
+use Illuminate\Console\Command;
+use App\LegacyEncrypter\McryptEncrypter;
+use App\Models\Setting;
+use App\Models\Asset;
+use Illuminate\Support\Facades\Storage;
+
+class RecryptFromMcrypt extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:legacy-recrypt 
+                {--force : Force a re-crypt of encrypted data from MCRYPT.}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This command allows upgrading users to de-encrypt their deprecated mcrypt encrypted fields and re-encrypt them using the current OpenSSL encryption.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+
+        // Check and see if they have a legacy app key listed in their .env
+        // If not, we can try to use the current APP_KEY if looks like it's old
+        $legacy_key = env('LEGACY_APP_KEY');
+        $key_parts = explode(':', $legacy_key);
+        $legacy_cipher = env('LEGACY_CIPHER', 'rijndael-256');
+        $errors = array();
+
+        if (!$legacy_key) {
+            $this->error('ERROR: You do not have a LEGACY_APP_KEY set in your .env file. Please locate your old APP_KEY and ADD a line to your .env file like: LEGACY_APP_KEY=YOUR_OLD_APP_KEY');
+            return false;
+        }
+
+
+        // Do some basic legacy app key length checks
+        if (strlen($legacy_key) == 32) {
+            $legacy_length_check = true;
+        } elseif (array_key_exists('1', $key_parts) && (strlen($key_parts[1])==44)) {
+            $legacy_key = base64_decode($key_parts[1],true);
+            $legacy_length_check = true;
+        } else {
+            $legacy_length_check = false;
+        }
+   
+
+
+        // Check that the app key is 32 characters
+        if ($legacy_length_check === true) {
+            $this->comment('INFO: Your LEGACY_APP_KEY looks correct. Okay to continue.');
+        } else {
+            $this->error('ERROR: Your LEGACY_APP_KEY is not the correct length (32 characters or base64 followed by 44 characters for later versions). Please locate your old APP_KEY and use that as your LEGACY_APP_KEY in your .env file to continue.');
+            return false;
+        }
+
+        $this->error('================================!!!! WARNING !!!!================================');
+        $this->error('================================!!!! WARNING !!!!================================');
+        $this->comment("This tool will attempt to decrypt your old Snipe-IT (mcrypt, now deprecated) encrypted data and re-encrypt it using OpenSSL. \n\nYou should only continue if you have backed up any and all old APP_KEYs and have backed up your data.");
+
+        $force = ($this->option('force')) ? true : false;
+
+        if ($force || ($this->confirm("Are you SURE you wish to continue?"))) {
+
+            $backup_file = 'backups/env-backups/'.'app_key-'.date('Y-m-d-gis');
+
+            try {
+                Storage::disk('local')->put($backup_file, 'APP_KEY: '.config('app.key'));
+                Storage::disk('local')->append($backup_file, 'LEGACY_APP_KEY: '.$legacy_key);
+            } catch (\Exception $e) {
+                $this->info('WARNING: Could not backup app keys');
+            }
+
+
+            if ($legacy_cipher){
+                $mcrypter = new McryptEncrypter($legacy_key,$legacy_cipher);
+            }else{
+                $mcrypter = new McryptEncrypter($legacy_key);
+            }
+            $settings = Setting::getSettings();
+
+            if ($settings->ldap_pword=='') {
+                $this->comment('INFO: No LDAP password found. Skipping... ');
+            } else {
+                $decrypted_ldap_pword = $mcrypter->decrypt($settings->ldap_pword);
+                $settings->ldap_pword = \Crypt::encrypt($decrypted_ldap_pword);
+                $settings->save();
+            }
+            /** @var CustomField[] $custom_fields */
+            $custom_fields = CustomField::where('field_encrypted','=', 1)->get();
+            $this->comment('INFO: Retrieving encrypted custom fields...');
+
+            $query = Asset::withTrashed();
+
+            foreach ($custom_fields as $custom_field) {
+                $this->comment('FIELD TO RECRYPT:  '.$custom_field->name .' ('.$custom_field->db_column.')');
+                $query->orWhereNotNull($custom_field->db_column);
+            }
+
+
+            // Get all assets with a value in any of the fields that were encrypted
+            /** @var Asset[] $assets */
+            $assets = $query->get();
+
+            $bar = $this->output->createProgressBar(count($assets));
+
+
+            foreach ($assets as $asset) {
+                foreach ($custom_fields as $encrypted_field) {
+                    $columnName = $encrypted_field->db_column;
+
+                    // Make sure the value isn't null
+                    if ($asset->{$columnName}!='') {
+                        // Try to decrypt the payload using the legacy app key
+                        try {
+                            $decrypted_field = $mcrypter->decrypt($asset->{$columnName});
+                            $asset->{$columnName} = \Crypt::encrypt($decrypted_field);
+                            $this->comment($decrypted_field);
+                        } catch (\Exception $e) {
+                            $errors[] = ' - ERROR: Could not decrypt field ['.$encrypted_field->name.']: '.$e->getMessage();
+                        }
+                    }
+
+                }
+                $asset->save();
+                $bar->advance();
+            }
+
+
+
+            $bar->finish();
+
+            if (count($errors) > 0) {
+                $this->comment("\n\n");
+                $this->error("The decrypter encountered some errors: \n");
+                foreach ($errors as $error) {
+                    $this->error($error);
+                }
+            }
+        }
+
+    }
+}

app/Console/Commands/RegenerateAssetTags.php

@@ -0,0 +1,105 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+use App\Models\Asset;
+use App\Models\Setting;
+use DB;
+use Artisan;
+
+class RegenerateAssetTags extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:regenerate-tags {--start=} {--output= : info|warn|error|all} ';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This utility will regenerate all asset tags. THIS IS DATA-DESTRUCTIVE AND SHOULD BE USED WITH CAUTION. ';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        if ($this->confirm('This will regenerate all of the asset tags within your system. This action is data-destructive and should be used with caution. Do you wish to continue?'))
+        {
+
+            $output['info'] = [];
+            $output['warn'] = [];
+            $output['error'] = [];
+            $settings = Setting::getSettings();
+
+            $start_tag = ($this->option('start')) ? $this->option('start') : (($settings->next_auto_tag_base) ? Setting::getSettings()->next_auto_tag_base : 1) ;
+
+            $this->info('Starting at '.$start_tag);
+
+            $total_assets = Asset::orderBy('id','asc')->get();
+            $bar = $this->output->createProgressBar(count($total_assets));
+
+            try  {
+                Artisan::call('backup:run');
+            } catch (\Exception $e) {
+                $output['error'][] = $e;
+            }
+
+            foreach ($total_assets as $asset) {
+                
+                $start_tag++;
+                $output['info'][] = 'Asset tag:'.$asset->asset_tag;
+                $asset->asset_tag = $settings->auto_increment_prefix.$settings->auto_increment_prefix.$start_tag;
+
+                if ($settings->zerofill_count > 0) {
+                    $asset->asset_tag = $settings->auto_increment_prefix.Asset::zerofill($start_tag, $settings->zerofill_count);
+                }
+
+                $output['info'][] = 'New Asset tag:'.$asset->asset_tag;
+
+                // Use forceSave here to override model level validation
+                $asset->forceSave();
+            }
+
+            $bar->finish();
+            $this->info("\n");
+
+
+            if (($this->option('output')=='all') || ($this->option('output')=='info')) {
+                foreach ($output['info'] as $key => $output_text) {
+                    $this->info($output_text);
+                }
+            }
+            if (($this->option('output')=='all') || ($this->option('output')=='warn')) {
+                foreach ($output['warn'] as $key => $output_text) {
+                    $this->warn($output_text);
+                }
+            }
+            if (($this->option('output')=='all') || ($this->option('output')=='error')) {
+                foreach ($output['error'] as $key => $output_text) {
+                    $this->error($output_text);
+                }
+            }
+        }
+
+
+    }
+}

app/Console/Commands/ResetDemoSettings.php

@@ -0,0 +1,78 @@
+<?php
+
+namespace App\Console\Commands;
+
+
+use Illuminate\Console\Command;
+use App\Models\Setting;
+use App\Models\User;
+
+class ResetDemoSettings extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:demo-settings';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This will reset the Snipe-IT demo settings back to default. ';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        $this->info('Resetting the demo settings.');
+        $settings = Setting::first();
+        $settings->per_page = 20;
+        $settings->site_name = 'Snipe-IT Asset Management Demo';
+        $settings->auto_increment_assets = 1;
+        $settings->logo = 'snipe-logo.png';
+        $settings->alert_email = 'service@snipe-it.io';
+        $settings->header_color = null;
+        $settings->barcode_type = 'QRCODE';
+        $settings->default_currency = 'USD';
+        $settings->brand = 3;
+        $settings->ldap_enabled = 0;
+        $settings->full_multiple_companies_support = 1;
+        $settings->alt_barcode = 'C128';
+        $settings->skin = '';
+        $settings->email_domain = 'snipeitapp.com';
+        $settings->email_format = 'filastname';
+        $settings->username_format = 'filastname';
+        $settings->date_display_format = 'D M d, Y';
+        $settings->time_display_format = 'g:iA';
+        $settings->thumbnail_max_h = '30';
+        $settings->locale = 'en';
+        $settings->version_footer = 'on';
+        $settings->support_footer = 'on';
+        $settings->save();
+
+        if ($user = User::where('username', '=', 'admin')->first()) {
+            $user->locale = 'en';
+            $user->save();
+        }
+
+        
+    }
+
+}

app/Console/Commands/RestoreDeletedUsers.php

@@ -0,0 +1,120 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+use App\Models\User;
+use App\Models\Actionlog;
+use App\Models\Asset;
+use App\Models\Consumable;
+use App\Models\Accessory;
+use App\Models\LicenseSeat;
+use App\Models\License;
+use DB;
+use Artisan;
+
+class RestoreDeletedUsers extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:restore-users {--start_date=} {--end_date=}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Restore users, and any associated assets and license checkouts.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        $start_date = $this->option('start_date');
+        $end_date = $this->option('end_date');
+        $asset_totals = 0;
+        $license_totals = 0;
+        $user_count = 0;
+
+
+        if (($start_date=='') || ($end_date=='')) {
+            $this->info('ERROR: All fields are required.');
+            return false;
+        }
+
+        $users = User::whereBetween('deleted_at', [$start_date, $end_date])->withTrashed()->get();
+        $this->info('There are '.$users->count().' users deleted between '.$start_date.' and '.$end_date);
+        $this->warn('Making a backup!');
+        Artisan::call('backup:run');
+
+        foreach ($users as $user) {
+            $user_count++;
+            $user_logs = Actionlog::where('target_id', $user->id)->where('target_type',User::class)
+                ->where('action_type','checkout')->with('item')->get();
+
+            $this->info($user_count.'. '.$user->username.' ('.$user->id.') was deleted at '.$user->deleted_at. ' and has '.$user_logs->count().' checkouts associated.');
+
+            foreach ($user_logs as $user_log) {
+                $this->info('  * '.$user_log->item_type.': '.$user_log->item->name.' - item_id: '.$user_log->item_id);
+
+                if ($user_log->item_type==Asset::class) {
+                    $asset_totals++;
+
+                    DB::table('assets')
+                        ->where('id', $user_log->item_id)
+                        ->update(['assigned_to' => $user->id, 'assigned_type'=> User::class]);
+
+                    $this->info('      ** Asset '.$user_log->item->id.' ('.$user_log->item->asset_tag.') restored to user '.$user->id.'');
+
+                } elseif ($user_log->item_type==License::class) {
+                    $license_totals++;
+
+                    $avail_seat = DB::table('license_seats')->where('license_id','=',$user_log->item->id)
+                        ->whereNull('assigned_to')->whereNull('asset_id')->whereBetween('updated_at', [$start_date, $end_date])->first();
+                    if ($avail_seat) {
+                        $this->info('      ** Allocating seat '.$avail_seat->id.' for this License');
+
+                        DB::table('license_seats')
+                            ->where('id', $avail_seat->id)
+                            ->update(['assigned_to' => $user->id]);
+
+                    } else {
+                        $this->warn('ERROR: No available seats for '.$user_log->item->name);
+                    }
+
+                }
+
+            }
+
+            $this->warn('Restoring user '.$user->username.'!');
+            $user->restore();
+
+
+        }
+
+        $this->info($asset_totals.' assets affected');
+        $this->info($license_totals.' licenses affected');
+
+
+
+    }
+
+
+}

app/Console/Commands/SendExpectedCheckinAlerts.php

@@ -0,0 +1,73 @@
+<?php
+
+namespace App\Console\Commands;
+
+
+use App\Models\Asset;
+use App\Models\Setting;
+use Illuminate\Console\Command;
+use App\Notifications\ExpectedCheckinNotification;
+use App\Notifications\ExpectedCheckinAdminNotification;
+use Carbon\Carbon;
+
+class SendExpectedCheckinAlerts extends Command
+{
+
+    /**
+     * The console command name.
+     *
+     * @var string
+     */
+    protected $name = 'snipeit:expected-checkin';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Check for overdue or upcoming expected checkins.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function fire()
+    {
+        $settings = Setting::getSettings();
+        $whenNotify = Carbon::now()->addDays(7);
+        $assets = Asset::with('assignedTo')->whereNotNull('assigned_to')->whereNotNull('expected_checkin')->where('expected_checkin', '<=', $whenNotify)->get();
+
+        $this->info($whenNotify.' is deadline');
+        $this->info($assets->count().' assets');
+
+        foreach ($assets as $asset) {
+            if ($asset->assigned  && $asset->checkedOutToUser()) {
+                $asset->assigned->notify((new ExpectedCheckinNotification($asset)));
+            }
+        }
+
+        if (($assets) && ($assets->count() > 0) && ($settings->alert_email != '')) {
+            // Send a rollup to the admin, if settings dictate
+            $recipients = collect(explode(',', $settings->alert_email))->map(function ($item, $key) {
+                return new \App\Models\Recipients\AlertRecipient($item);
+            });
+            \Notification::send($recipients, new ExpectedCheckinAdminNotification($assets));
+        }
+
+
+
+
+
+    }
+}

app/Console/Commands/SendExpirationAlerts.php

@@ -1,136 +1,92 @@
 <?php
 
 namespace App\Console\Commands;
+
 use App\Models\Asset;
 use App\Models\License;
 use App\Models\Setting;
 use DB;
+use App\Notifications\ExpiringLicenseNotification;
+use App\Notifications\ExpiringAssetsNotification;
 
 use Illuminate\Console\Command;
 
-class SendExpirationAlerts extends Command {
+class SendExpirationAlerts extends Command
+{
 
-	/**
-	 * The console command name.
-	 *
-	 * @var string
-	 */
-	protected $name = 'snipeit:expiring-alerts';
+    /**
+     * The console command name.
+     *
+     * @var string
+     */
+    protected $name = 'snipeit:expiring-alerts';
 
-	/**
-	 * The console command description.
-	 *
-	 * @var string
-	 */
-	protected $description = 'Check for expiring warrantees and service agreements, and sends out an alert email.';
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Check for expiring warrantees and service agreements, and sends out an alert email.';
 
-	/**
-	 * Create a new command instance.
-	 *
-	 * @return void
-	 */
-	public function __construct()
-	{
-		parent::__construct();
-	}
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
 
-	/**
-	 * Execute the console command.
-	 *
-	 * @return mixed
-	 */
-	public function fire()
-	{
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function fire()
+    {
 
-		// Expiring Assets
-		$expiring_assets = Asset::getExpiringWarrantee(Setting::getSettings()->alert_interval);
-		$this->info(count($expiring_assets).' expiring assets');
-
-		$asset_data['count'] =  count($expiring_assets);
-		$asset_data['email_content'] ='';
-		$now = date("Y-m-d");
+        $settings = Setting::getSettings();
+        $threshold = $settings->alert_interval;
 
 
-		foreach ($expiring_assets as $asset) {
+        if (($settings->alert_email != '') && ($settings->alerts_enabled == 1)) {
 
-			$expires = $asset->warrantee_expires();
-			$difference =  round(abs(strtotime($expires) - strtotime($now))/86400);
+            // Send a rollup to the admin, if settings dictate
+            $recipients = collect(explode(',', $settings->alert_email))->map(function ($item, $key) {
+                return new \App\Models\Recipients\AlertRecipient($item);
+            });
 
-			if ($difference > 30) {
-				$asset_data['email_content'] .= '<tr style="background-color: #fcffa3;">';
-			} else {
-				$asset_data['email_content'] .= '<tr style="background-color:#d9534f;">';
-			}
-			$asset_data['email_content'] .= '<td><a href="'.config('app.url').'/hardware/'.e($asset->id).'/view">';
-			$asset_data['email_content'] .= $asset->showAssetName().'</a></td><td>'.e($asset->asset_tag).'</td>';
-			$asset_data['email_content'] .= '<td>'.e($asset->warrantee_expires()).'</td>';
-			$asset_data['email_content'] .= '<td>'.$difference.' days</td>';
-            $asset_data['email_content'] .= '<td>'.($asset->supplier ? e($asset->supplier->name) : '').'</td>';
-            $asset_data['email_content'] .= '<td>'.($asset->assigneduser ? e($asset->assigneduser->fullName()) : '').'</td>';
-			$asset_data['email_content'] .= '</tr>';
-		}
+            // Expiring Assets
+            $assets = Asset::getExpiringWarrantee(Setting::getSettings()->alert_interval);
+            if ($assets->count() > 0) {
+                $this->info(trans_choice('mail.assets_warrantee_alert', $assets->count(),
+                    ['count' => $assets->count(), 'threshold' => $threshold]));
+                \Notification::send($recipients, new ExpiringAssetsNotification($assets, $threshold));
+            }
 
-		// Expiring licenses
-		$expiring_licenses = License::getExpiringLicenses(Setting::getSettings()->alert_interval);
-		$this->info(count($expiring_licenses).' expiring licenses');
+            // Expiring licenses
+            $licenses = License::getExpiringLicenses($threshold);
 
 
-		$license_data['count'] =  count($expiring_licenses);
-		$license_data['email_content'] = '';
-
-		foreach ($expiring_licenses as $license) {
-			$expires = $license->expiration_date;
-			$difference =  round(abs(strtotime($expires) - strtotime($now))/86400);
-
-			if ($difference > 30) {
-				$license_data['email_content'] .= '<tr style="background-color: #fcffa3;">';
-			} else {
-				$license_data['email_content'] .= '<tr style="background-color:#d9534f;">';
-			}
-				$license_data['email_content'] .= '<td><a href="'.config('app.url').'/admin/licenses/'.$license->id.'/view">';
-				$license_data['email_content'] .= $license->name.'</a></td>';
-				$license_data['email_content'] .= '<td>'.$license->expiration_date.'</td>';
-				$license_data['email_content'] .= '<td>'.$difference.' days</td>';
-				$license_data['email_content'] .= '</tr>';
-		}
-
-		if ((Setting::getSettings()->alert_email!='')  && (Setting::getSettings()->alerts_enabled==1)) {
+            if ($licenses->count() > 0) {
+                $this->info(trans_choice('mail.license_expiring_alert', $licenses->count(), ['count' => $licenses->count(), 'threshold' => $threshold]));
+                \Notification::send($recipients, new ExpiringLicenseNotification($licenses, $threshold));
+            }
 
 
-			if (count($expiring_assets) > 0) {
-				\Mail::send('emails.expiring-assets-report', $asset_data, function ($m)  {
-	                $m->to(explode(',',Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
-	                $m->subject('Expiring Assets Report');
-	        	});
+        } else {
 
-			}
-
-			if (count($expiring_licenses) > 0) {
-				\Mail::send('emails.expiring-licenses-report', $license_data, function ($m)  {
-	                $m->to(explode(',',Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
-	                $m->subject('Expiring Licenses Report');
-	        	});
-
-			}
-
-
-		} else {
-
-			if (Setting::getSettings()->alert_email=='') {
-				echo "Could not send email. No alert email configured in settings. \n";
-			} elseif (Setting::getSettings()->alerts_enabled!=1) {
-				echo "Alerts are disabled in the settings. No mail will be sent. \n";
-			}
-
-		}
-
-
-
-
-	}
+            if ($settings->alert_email=='') {
+                $this->error('Could not send email. No alert email configured in settings');
+            } elseif ($settings->alerts_enabled!=1) {
+                $this->info('Alerts are disabled in the settings. No mail will be sent');
+            }
 
+        }
 
 
 
 
+    }
 }

app/Console/Commands/SendInventoryAlerts.php

@@ -6,6 +6,7 @@ use App\Models\Setting;
 use DB;
 use Mail;
 use App\Helpers\Helper;
+use App\Notifications\InventoryAlert;
 
 use Illuminate\Console\Command;
 
@@ -42,28 +43,31 @@ class SendInventoryAlerts extends Command
      */
     public function handle()
     {
-        if ((Setting::getSettings()->alert_email!='')  && (Setting::getSettings()->alerts_enabled==1)) {
+        $settings = Setting::getSettings();
 
-            $data['data'] = Helper::checkLowInventory();
-            $data['count'] = count($data['data']);
+        if (($settings->alert_email!='')  && ($settings->alerts_enabled==1)) {
 
-            if (count($data['data']) > 0) {
-				\Mail::send('emails.low-inventory', $data, function ($m)  {
-	                $m->to(explode(',',Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
-	                $m->subject('Low Inventory Report');
-	        	});
+            $items = Helper::checkLowInventory();
 
-			}
+            // Send a rollup to the admin, if settings dictate
+
+            if (($items) && (count($items) > 0)) {
+                $this->info(trans_choice('mail.low_inventory_alert', count($items)));
+                // Send a rollup to the admin, if settings dictate
+                $recipients = collect(explode(',', $settings->alert_email))->map(function ($item, $key) {
+                    return new \App\Models\Recipients\AlertRecipient($item);
+                });
+                \Notification::send($recipients, new InventoryAlert($items, $settings->alert_threshold));
+            }
 
         } else {
             if (Setting::getSettings()->alert_email=='') {
-				echo "Could not send email. No alert email configured in settings. \n";
-			} elseif (Setting::getSettings()->alerts_enabled!=1) {
-				echo "Alerts are disabled in the settings. No mail will be sent. \n";
-			}
+                $this->error('Could not send email. No alert email configured in settings');
+            } elseif (Setting::getSettings()->alerts_enabled!=1) {
+                $this->info('Alerts are disabled in the settings. No mail will be sent');
+            }
         }
 
 
     }
-
 }

app/Console/Commands/SyncAssetCounters.php

@@ -0,0 +1,76 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+use App\Models\Asset;
+
+class SyncAssetCounters extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:counter-sync';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Syncs checkedout, checked in, and requested counters for assets';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+        $start = microtime(true);
+        $assets = Asset::withCount('checkins', 'checkouts', 'userRequests')
+            ->withTrashed()->get();
+
+        if ($assets) {
+            if ($assets->count() > 0) {
+                $bar = $this->output->createProgressBar($assets->count());
+                
+                foreach ($assets as $asset) {
+                    $asset->checkin_counter = (int) $asset->checkins_count;
+                    $asset->checkout_counter = (int) $asset->checkouts_count;
+                    $asset->requests_counter = (int) $asset->user_requests_count;
+                    $asset->unsetEventDispatcher();
+                    $asset->save();
+                    $output['info'][] = 'Asset: ' . $asset->id . ' has ' . $asset->checkin_counter . ' checkins, ' . $asset->checkout_counter . ' checkouts, and ' . $asset->requests_counter . ' requests';
+                    $bar->advance();
+                }
+                $bar->finish();
+
+                foreach ($output['info'] as $key => $output_text) {
+                    $this->info($output_text);
+                }
+
+                $time_elapsed_secs = microtime(true) - $start;
+                $this->info('Sync executed in ' . $time_elapsed_secs . ' seconds');
+
+            } else {
+                $this->info('No assets to sync');
+            }
+
+        }
+
+
+
+    }
+}

app/Console/Commands/SyncAssetLocations.php

@@ -0,0 +1,148 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\CustomField;
+use Illuminate\Console\Command;
+use App\Models\Asset;
+use Illuminate\Support\Facades\Storage;
+
+class SyncAssetLocations extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:sync-asset-locations {--output= : info|warn|error|all} ';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This utility will sync the location_id of assets based on current state. It should not normally be needed, but is a safeguard in case we missed something in the Great Migration when flattening the assets to location relationship.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        $output['info'] = [];
+        $output['warn'] = [];
+        $output['error'] = [];
+
+        $total_assets = Asset::whereNull('deleted_at')->get();
+        $bar = $this->output->createProgressBar(count($total_assets));
+
+        // Unassigned
+        $rtd_assets = Asset::whereNull('assigned_to')->whereNull('deleted_at')->with('defaultLoc')->get();
+        $output['info'][] = 'There are '.$rtd_assets->count().' unassigned assets.';
+
+        foreach ($rtd_assets as $rtd_asset) {
+             $output['info'][] = 'Setting Unassigned Asset ' . $rtd_asset->id . ' ('.$rtd_asset->asset_tag.') to  location: ' . $rtd_asset->rtd_location_id . " because their default location is: " . $rtd_asset->rtd_location_id;
+            $rtd_asset->location_id=$rtd_asset->rtd_location_id;
+            $rtd_asset->unsetEventDispatcher();
+            $rtd_asset->save();
+            $bar->advance();
+        }
+
+        $assigned_user_assets = Asset::where('assigned_type','App\Models\User')->whereNotNull('assigned_to')->whereNull('deleted_at')->get();
+        $output['info'][] = 'There are '.$assigned_user_assets->count().' assets checked out to users.';
+        foreach ($assigned_user_assets as $assigned_user_asset) {
+            if (($assigned_user_asset->assignedTo) && ($assigned_user_asset->assignedTo->userLoc)) {
+                $new_location=$assigned_user_asset->assignedTo->userloc->id;
+                $output['info'][] ='Setting User Asset ' . $assigned_user_asset->id . ' ('.$assigned_user_asset->asset_tag.') to  ' . $assigned_user_asset->assignedTo->userLoc->name . ' which is id: ' . $new_location;
+            } else {
+                $output['warn'][] ='Asset ' . $assigned_user_asset->id . ' ('.$assigned_user_asset->asset_tag.') still has no location! ';
+                $new_location = $assigned_user_asset->rtd_location_id;
+            }
+            $assigned_user_asset->location_id=$new_location;
+            $assigned_user_asset->unsetEventDispatcher();
+            $assigned_user_asset->save();
+            $bar->advance();
+
+        }
+
+        $assigned_location_assets = Asset::where('assigned_type','App\Models\Location')
+            ->whereNotNull('assigned_to')->whereNull('deleted_at')->get();
+        $output['info'][] = 'There are '.$assigned_location_assets->count().' assets checked out to locations.';
+
+        foreach ($assigned_location_assets as $assigned_location_asset) {
+            if ($assigned_location_asset->assignedTo) {
+                $assigned_location_asset->location_id = $assigned_location_asset->assignedTo->id;
+                $output['info'][] ='Setting Location Assigned  asset ' . $assigned_location_asset->id . ' ('.$assigned_location_asset->asset_tag.') that is checked out to '.$assigned_location_asset->assignedTo->name.' (#'.$assigned_location_asset->assignedTo->id.') to location: ' . $assigned_location_asset->assetLoc()->id;
+                $assigned_location_asset->unsetEventDispatcher();
+                $assigned_location_asset->save();
+            } else {
+                $output['warn'][] ='Asset ' . $assigned_location_asset->id . ' ('.$assigned_location_asset->asset_tag.') did not return a valid associated location - perhaps it was deleted?';
+            }
+            $bar->advance();
+
+        }
+
+
+        // Assigned to assets
+        $assigned_asset_assets = Asset::where('assigned_type','App\Models\Asset')
+            ->whereNotNull('assigned_to')->whereNull('deleted_at')->get();
+            $output['info'][] ='Asset-assigned assets: '.$assigned_asset_assets->count();
+
+            foreach ($assigned_asset_assets as $assigned_asset_asset) {
+
+                // Check to make sure there aren't any invalid relationships
+                if ($assigned_asset_asset->assetLoc()) {
+                    $assigned_asset_asset->location_id = $assigned_asset_asset->assetLoc()->id;
+                    $output['info'][] ='Setting Asset Assigned asset ' . $assigned_asset_asset->assetLoc()->id. ' ('.$assigned_asset_asset->asset_tag.') location to: ' . $assigned_asset_asset->assetLoc()->id;
+                    $assigned_asset_asset->unsetEventDispatcher();
+                    $assigned_asset_asset->save();
+                } else {
+                    $output['warn'][] ='Asset Assigned asset ' . $assigned_asset_asset->id. ' ('.$assigned_asset_asset->asset_tag.') does not seem to have a valid location';
+                }
+
+                $bar->advance();
+
+            }
+
+        $unlocated_assets = Asset::whereNull("location_id")->whereNull('deleted_at')->get();
+        $output['info'][] ='Assets still without a location: '.$unlocated_assets->count();
+        foreach($unlocated_assets as $unlocated_asset) {
+            $output['warn'][] ='Asset: '.$unlocated_asset->id.' still has no location. ';
+            $bar->advance();
+        }
+
+        $bar->finish();
+        $this->info("\n");
+
+
+        if (($this->option('output')=='all') || ($this->option('output')=='info')) {
+            foreach ($output['info'] as $key => $output_text) {
+                $this->info($output_text);
+            }
+        }
+        if (($this->option('output')=='all') || ($this->option('output')=='warn')) {
+            foreach ($output['warn'] as $key => $output_text) {
+                $this->warn($output_text);
+            }
+        }
+        if (($this->option('output')=='all') || ($this->option('output')=='error')) {
+            foreach ($output['error'] as $key => $output_text) {
+                $this->error($output_text);
+            }
+        }
+
+
+    }
+}

app/Console/Commands/SystemBackup.php

@@ -4,44 +4,42 @@ namespace App\Console\Commands;
 
 use Illuminate\Console\Command;
 
-class SystemBackup extends Command {
+class SystemBackup extends Command
+{
 
-	/**
-	 * The console command name.
-	 *
-	 * @var string
-	 */
-	protected $name = 'snipeit:backup';
+    /**
+     * The console command name.
+     *
+     * @var string
+     */
+    protected $name = 'snipeit:backup';
 
-	/**
-	 * The console command description.
-	 *
-	 * @var string
-	 */
-	protected $description = 'This command creates a database dump and zips up all of the uploaded files in the upload directories.';
-
-	/**
-	 * Create a new command instance.
-	 *
-	 * @return void
-	 */
-	public function __construct()
-	{
-		parent::__construct();
-	}
-
-	/**
-	 * Execute the console command.
-	 *
-	 * @return mixed
-	 */
-	public function fire()
-	{
-		//
-		$this->call('backup:run');
-
-	}
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This command creates a database dump and zips up all of the uploaded files in the upload directories.';
 
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
 
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function fire()
+    {
+        //
+        $this->call('backup:run');
 
+    }
 }

app/Console/Commands/Version.php

@@ -0,0 +1,135 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+
+class Version extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'version:update {--branch=master} {--type=patch}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Command description';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        $use_branch = $this->option('branch');
+        $use_type = $this->option('type');
+        $git_branch = trim(shell_exec('git rev-parse --abbrev-ref HEAD'));
+        $build_version = trim(shell_exec('git rev-list --count '.$use_branch));
+        $versionFile = 'config/version.php';
+        $full_hash_version = str_replace("\n", '', shell_exec('git describe master --tags'));
+
+        $version = explode('-', $full_hash_version);
+        $app_version = $current_app_version = $version[0];
+        $hash_version = (array_key_exists('2', $version)) ? $version[2] : '';
+        $prerelease_version = '';
+
+        $this->line('Branch is: '.$use_branch);
+        $this->line('Type is: '.$use_type);
+        $this->line('Current version is: '.$full_hash_version);
+
+        if (count($version)==3) {
+            $this->line('This does not look like an alpha/beta release.');
+        } else {
+            if (array_key_exists('3',$version)) {
+                $this->line('The current version looks like a beta release.');
+                $prerelease_version = $version[1];
+                $hash_version = $version[3];
+            }
+        }
+
+
+        $app_version_raw = explode('.', $app_version);
+
+        $maj = str_replace('v', '', $app_version_raw[0]);
+        $min = $app_version_raw[1];
+        $patch = '';
+
+
+
+        // This is a major release that might not have a third .0
+        if (array_key_exists(2, $app_version_raw)) {
+            $patch = $app_version_raw[2];
+        }
+
+        if ($use_type=='major') {
+            $app_version = "v".($maj + 1).".$min.$patch";
+        } elseif ($use_type=='minor') {
+            $app_version = "v"."$maj.".($min + 1).".$patch";
+        } elseif ($use_type=='pre') {
+            $pre_raw = str_replace('beta','', $prerelease_version);
+            $pre_raw = str_replace('alpha','', $pre_raw);
+            $pre_raw = str_ireplace('rc','', $pre_raw);
+            $pre_raw = $pre_raw++;
+            $this->line('Setting the pre-release to '. $prerelease_version.'-'.$pre_raw);
+            $app_version = "v"."$maj.".($min + 1).".$patch";
+        } elseif ($use_type=='patch') {
+            $app_version = "v" . "$maj.$min." . ($patch + 1);
+        // If nothing is passed, leave the version as it is, just increment the build
+        } else {
+            $app_version = "v" . "$maj.$min." . $patch;
+        }
+
+        // Determine if this tag already exists, or if this prior to a release
+        $this->line('Running: git rev-parse master '.$current_app_version);
+        // $pre_release = trim(shell_exec('git rev-parse '.$use_branch.' '.$current_app_version.' 2>&1 1> /dev/null'));
+
+        if ($use_branch=='develop') {
+            $app_version = $app_version.'-pre';
+        }
+
+        $full_app_version = $app_version.' - build '.$build_version.'-'.$hash_version;
+
+
+        $array = var_export(
+            array(
+                'app_version' => $app_version,
+                'full_app_version' => $full_app_version,
+                'build_version' => $build_version,
+                'prerelease_version' => $prerelease_version,
+                'hash_version' => $hash_version,
+                'full_hash' => $full_hash_version,
+                'branch' => $git_branch),
+            true
+        );
+        
+
+
+        // Construct our file content
+        $content = <<<CON
+<?php
+return $array;
+CON;
+
+        // And finally write the file and output the current version
+        \File::put($versionFile, $content);
+        $this->info('Setting NEW version: '. $full_app_version.' ('.$git_branch.')');
+    }
+
+}

app/Console/Commands/Versioning.php

@@ -1,91 +0,0 @@
-<?php
-
-namespace App\Console\Commands;
-
-use Symfony\Component\Console\Input\InputArgument;
-
-use Illuminate\Console\Command;
-
-class Versioning extends Command {
-
-    /**
-     * The console command name.
-     *
-     * @var string
-     */
-    protected $name = 'versioning:update';
-
-    /**
-     * The console command description.
-     *
-     * @var string
-     */
-    protected $description = 'Generate and update app\'s version via git.';
-
-    /**
-     * Create a new command instance.
-     *
-     * @return void
-     */
-    public function __construct()
-    {
-        parent::__construct();
-    }
-
-    /**
-     * Execute the console command.
-     *
-     * @return void
-     */
-    public function fire()
-    {
-        // Path to the file containing your version
-        // This will be overwritten everything you commit a message
-        $versionFile = app_path().'/config/version.php';
-
-        // The git's output
-        // get the argument passed in the git command
-		 $hash_version = $this->argument('app_version');
-
-		 // discard the commit hash
-		 $version = explode('-', $hash_version);
-		 $realVersion = $version[0] . '-' . $version[1];
-
-		 // save the version array to a variable
-		 $array = var_export(array('app_version' => $realVersion,'hash_version' => $hash_version), true);
-
-
-        // Construct our file content
-        $content = <<<CON
-<?php
-return $array;
-CON;
-
-        // And finally write the file and output the current version
-        \File::put($versionFile, $content);
-        $this->line('Setting version: '. \config('version.latest'));
-    }
-
-    /**
-     * Get the console command arguments.
-     *
-     * @return array
-     */
-    protected function getArguments()
-    {
-        return array(
-            array('app_version', InputArgument::REQUIRED, 'version number is required.'),
-        );
-    }
-
-    /**
-     * Get the console command options.
-     *
-     * @return array
-     */
-    protected function getOptions()
-    {
-        return array(
-        );
-    }
-}

app/Console/Kernel.php

@@ -17,13 +17,20 @@ class Kernel extends ConsoleKernel
         Commands\CreateAdmin::class,
         Commands\SendExpirationAlerts::class,
         Commands\SendInventoryAlerts::class,
-        Commands\AssetImportCommand::class,
-        Commands\LicenseImportCommand::class,
+        Commands\SendExpectedCheckinAlerts::class,
         Commands\ObjectImportCommand::class,
-        Commands\Versioning::class,
+        Commands\Version::class,
         Commands\SystemBackup::class,
         Commands\DisableLDAP::class,
         Commands\Purge::class,
+        Commands\LdapSync::class,
+        Commands\FixDoubleEscape::class,
+        Commands\RecryptFromMcrypt::class,
+        Commands\ResetDemoSettings::class,
+        Commands\SyncAssetLocations::class,
+        Commands\RegenerateAssetTags::class,
+        Commands\SyncAssetCounters::class,
+        Commands\RestoreDeletedUsers::class,
     ];
 
     /**
@@ -37,7 +44,13 @@ class Kernel extends ConsoleKernel
 
         $schedule->command('snipeit:inventory-alerts')->daily();
         $schedule->command('snipeit:expiring-alerts')->daily();
+        $schedule->command('snipeit:expected-checkin')->daily();
         $schedule->command('snipeit:backup')->weekly();
         $schedule->command('backup:clean')->daily();
     }
+
+    protected function commands()
+    {
+        require base_path('routes/console.php');
+    }
 }

app/Exceptions/CheckoutNotAllowed.php

@@ -0,0 +1,21 @@
+<?php
+
+namespace App\Exceptions;
+
+use Exception;
+class CheckoutNotAllowed extends Exception
+{
+
+    private $errorMessage;
+
+    function __construct($errorMessage = null)
+    {
+        $this->errorMessage = $errorMessage;
+
+        parent::__construct($errorMessage);
+    }
+    public function __toString()
+    {
+       return is_null($this->errorMessage) ? "A checkout is not allowed under these circumstances" : $this->errorMessage;
+    }
+}

app/Exceptions/Handler.php

@@ -3,11 +3,11 @@
 namespace App\Exceptions;
 
 use Exception;
-use Illuminate\Validation\ValidationException;
-use Illuminate\Auth\Access\AuthorizationException;
-use Illuminate\Database\Eloquent\ModelNotFoundException;
-use Symfony\Component\HttpKernel\Exception\HttpException;
+use Illuminate\Auth\AuthenticationException;
 use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
+use App\Helpers\Helper;
+use Illuminate\Validation\ValidationException;
+use Log;
 
 class Handler extends ExceptionHandler
 {
@@ -17,10 +17,12 @@ class Handler extends ExceptionHandler
      * @var array
      */
     protected $dontReport = [
-        AuthorizationException::class,
-        HttpException::class,
-        ModelNotFoundException::class,
-        ValidationException::class,
+        \Illuminate\Auth\AuthenticationException::class,
+        \Illuminate\Auth\Access\AuthorizationException::class,
+        \Symfony\Component\HttpKernel\Exception\HttpException::class,
+        \Illuminate\Database\Eloquent\ModelNotFoundException::class,
+        \Illuminate\Session\TokenMismatchException::class,
+        \Illuminate\Validation\ValidationException::class,
     ];
 
     /**
@@ -28,12 +30,15 @@ class Handler extends ExceptionHandler
      *
      * This is a great spot to send exceptions to Sentry, Bugsnag, etc.
      *
-     * @param  \Exception  $e
+     * @param  \Exception  $exception
      * @return void
      */
-    public function report(Exception $e)
+    public function report(Exception $exception)
     {
-        parent::report($e);
+        if ($this->shouldReport($exception)) {
+            Log::error($exception);
+            return parent::report($exception);
+        }
     }
 
     /**
@@ -45,23 +50,71 @@ class Handler extends ExceptionHandler
      */
     public function render($request, Exception $e)
     {
+
+
+        // CSRF token mismatch error
         if ($e instanceof \Illuminate\Session\TokenMismatchException) {
-          return redirect()->back()->with('error', trans('general.token_expired'));
+            return redirect()->back()->with('error', trans('general.token_expired'));
         }
 
-        if ($this->isHttpException($e)) {
 
-        $statusCode = $e->getStatusCode();
+        // Handle Ajax requests that fail because the model doesn't exist
+        if ($request->ajax() || $request->wantsJson()) {
 
-        switch ($statusCode) {
+            if ($e instanceof \Illuminate\Database\Eloquent\ModelNotFoundException) {
+                $className = last(explode('\\', $e->getModel()));
+                return response()->json(Helper::formatStandardApiResponse('error', null, $className . ' not found'), 200);
+            }
 
-            case '404':
-              return response()->view('layouts/basic', [
-                  'content' => view('errors/404')
-              ]);
-          }
+            if ($e instanceof \Illuminate\Validation\ValidationException) {
+                return response()->json(Helper::formatStandardApiResponse('error', null, $e->response['messages'], 400));
+            }
+
+            if ($this->isHttpException($e)) {
+
+                $statusCode = $e->getStatusCode();
+
+                switch ($e->getStatusCode()) {
+                    case '404':
+                       return response()->json(Helper::formatStandardApiResponse('error', null, $statusCode . ' endpoint not found'), 404);
+                    case '405':
+                        return response()->json(Helper::formatStandardApiResponse('error', null, 'Method not allowed'), 405);
+                    default:
+                        return response()->json(Helper::formatStandardApiResponse('error', null, $statusCode), 405);
+
+                }
+            }
+            // Try to parse 500 Errors in a bit nicer way when debug is enabled.
+            if (config('app.debug')) {
+                return response()->json(Helper::formatStandardApiResponse('error', null, "An Error has occured! " . $e->getMessage()), 500);
+            }
+
+        }
+
+
+        if ($this->isHttpException($e) && (isset($statusCode)) && ($statusCode == '404' )) {
+            return response()->view('layouts/basic', [
+                'content' => view('errors/404')
+            ],$statusCode);
         }
 
         return parent::render($request, $e);
+
+    }
+
+    /**
+     * Convert an authentication exception into an unauthenticated response.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Illuminate\Auth\AuthenticationException  $exception
+     * @return \Illuminate\Http\Response
+     */
+    protected function unauthenticated($request, AuthenticationException $exception)
+    {
+        if ($request->expectsJson()) {
+            return response()->json(['error' => 'Unauthorized.'], 401);
+        }
+
+        return redirect()->guest('login');
     }
 }

app/Helpers/Helper.php

@@ -4,6 +4,7 @@ namespace App\Helpers;
 use DB;
 use App\Models\Statuslabel;
 use App\Models\Location;
+use App\Models\Department;
 use App\Models\AssetModel;
 use App\Models\Company;
 use App\Models\User;
@@ -17,160 +18,225 @@ use App\Models\Component;
 use App\Models\Accessory;
 use App\Models\Consumable;
 use App\Models\Asset;
+use App\Models\Setting;
+use Crypt;
+use Illuminate\Contracts\Encryption\DecryptException;
 
-/*
- * To change this license header, choose License Headers in Project Properties.
- * To change this template file, choose Tools | Templates
- * and open the template in the editor.
- */
 class Helper
 {
 
-   // This doesn't do anything yet
-    public static function parseEmailList($emails)
-    {
-        $emails_array = explode(',', $emails);
-        return array_walk($emails_array, 'trim_value');
-    }
 
-   // This doesn't do anything yet
-    public static function trim_value(&$value)
+    /**
+     * Simple helper to invoke the markdown parser
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.0]
+     * @return String
+     */
+    public static function parseEscapedMarkedown($str)
     {
-        return trim($value);
+        $Parsedown = new \Parsedown();
+
+        if ($str) {
+            return $Parsedown->text(e($str));
+        }
     }
 
 
+    /**
+     * The importer has formatted number strings since v3,
+     * so the value might be a string, or an integer.
+     * If it's a number, format it as a string.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.0]
+     * @return String
+     */
+    public static function formatCurrencyOutput($cost)
+    {
+        if (is_numeric($cost)) {
+            return number_format($cost, 2, '.', '');
+        }
+        // It's already been parsed.
+        return $cost;
+    }
+
+
+    /**
+     * Static colors for pie charts.
+     * This is inelegant, and could be refactored later.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.3]
+     * @return Array
+     */
+    public static function chartColors()
+    {
+        $colors = [
+            '#f56954',
+            '#00a65a',
+            '#f39c12',
+            '#00c0ef',
+            '#3c8dbc',
+            '#d2d6de',
+            '#3c8dbc',
+            '#3c8dbc',
+            '#3c8dbc',
+
+        ];
+        return $colors;
+    }
+
+
+    /**
+     * Static background (highlight) colors for pie charts
+     * This is inelegant, and could be refactored later.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.2]
+     * @return Array
+     */
+    public static function chartBackgroundColors()
+    {
+        $colors = [
+            '#f56954',
+            '#00a65a',
+            '#f39c12',
+            '#00c0ef',
+            '#3c8dbc',
+            '#d2d6de',
+            '#3c8dbc',
+            '#3c8dbc',
+            '#3c8dbc',
+
+        ];
+        return $colors;
+    }
+
+
+    /**
+     * Format currency using comma for thousands until local info is property used.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.7]
+     * @return String
+     */
     public static function ParseFloat($floatString)
     {
-        // use comma for thousands until local info is property used
         $LocaleInfo = localeconv();
         $floatString = str_replace(",", "", $floatString);
         $floatString = str_replace($LocaleInfo["decimal_point"], ".", $floatString);
+        // Strip Currency symbol
+        // If no currency symbol is set, default to $ because Murica
+        $currencySymbol = $LocaleInfo['currency_symbol'];
+        if (empty($currencySymbol)) {
+            $currencySymbol = '$';
+        }
+
+        $floatString = str_replace($currencySymbol, '', $floatString);
         return floatval($floatString);
     }
 
-
-    public static function modelList()
-    {
-        $models = AssetModel::with('manufacturer')->get();
-        $model_array[''] = trans('general.select_model');
-        foreach ($models as $model) {
-            $model_array[$model->id] = $model->displayModelName();
-        }
-        return $model_array;
-    }
-
-    public static function companyList()
-    {
-        $company_list = array('0' => trans('general.select_company')) + DB::table('companies')
-        ->orderBy('name', 'asc')
-        ->pluck('name', 'id');
-        return $company_list;
-    }
-
-
-    public static function categoryList()
-    {
-        $category_list = array('' => '') + Category::orderBy('name', 'asc')
-        ->whereNull('deleted_at')
-        ->orderBy('name', 'asc')
-        ->pluck('name', 'id')->toArray();
-        return $category_list;
-    }
-
-    public static function suppliersList()
-    {
-        $supplier_list = array('' => trans('general.select_supplier')) + Supplier::orderBy('name', 'asc')
-        ->orderBy('name', 'asc')
-        ->pluck('name', 'id')->toArray();
-        return $supplier_list;
-    }
-
+    /**
+     * Get the list of status labels in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
     public static function statusLabelList()
     {
-        $statuslabel_list = array('' => trans('general.select_statuslabel')) + Statuslabel::orderBy('name', 'asc')
-        ->pluck('name', 'id')->toArray();
+        $statuslabel_list = array('' => trans('general.select_statuslabel')) + Statuslabel::orderBy('default_label', 'desc')->orderBy('name','asc')->orderBy('deployable','desc')
+                ->pluck('name', 'id')->toArray();
         return $statuslabel_list;
     }
 
-    public static function locationsList()
-    {
-        $location_list = array('' => trans('general.select_location')) + Location::orderBy('name', 'asc')
-        ->pluck('name', 'id')->toArray();
-        return $location_list;
-    }
-
-    public static function manufacturerList()
-    {
-        $manufacturer_list = array('' => 'Select One') +
-        Manufacturer::orderBy('name', 'asc')
-        ->pluck('name', 'id')->toArray();
-        return $manufacturer_list;
-    }
-
+    /**
+     * Get the list of status label types in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
     public static function statusTypeList()
     {
-        $statuslabel_types = array('' => trans('admin/hardware/form.select_statustype')) + array('undeployable' => trans('admin/hardware/general.undeployable')) + array('pending' => trans('admin/hardware/general.pending')) + array('archived' => trans('admin/hardware/general.archived')) + array('deployable' => trans('admin/hardware/general.deployable'));
+        $statuslabel_types =
+              array('' => trans('admin/hardware/form.select_statustype'))
+            + array('deployable' => trans('admin/hardware/general.deployable'))
+            + array('pending' => trans('admin/hardware/general.pending'))
+            + array('undeployable' => trans('admin/hardware/general.undeployable'))
+            + array('archived' => trans('admin/hardware/general.archived'));
         return $statuslabel_types;
     }
 
-    public static function managerList()
-    {
-        $manager_list = array('' => '') + User::select(DB::raw('concat(last_name,", ",first_name," (",username,")") as full_name, id'))
-        ->whereNull('deleted_at', 'and')
-        ->orderBy('last_name', 'asc')
-        ->orderBy('first_name', 'asc')
-        ->pluck('full_name', 'id')->toArray();
-        return $manager_list;
-    }
-
+    /**
+     * Get the list of depreciations in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
     public static function depreciationList()
     {
         $depreciation_list = ['' => 'Do Not Depreciate'] + Depreciation::orderBy('name', 'asc')
-        ->pluck('name', 'id')->toArray();
+                ->pluck('name', 'id')->toArray();
         return $depreciation_list;
     }
 
+    /**
+     * Get the list of category types in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
     public static function categoryTypeList()
     {
-         $category_types = array('' => '','accessory' => 'Accessory', 'asset' => 'Asset', 'consumable' => 'Consumable','component' => 'Component');
-         return $category_types;
+        $category_types = array(
+            '' => '',
+            'accessory' => 'Accessory',
+            'asset' => 'Asset',
+            'consumable' => 'Consumable',
+            'component' => 'Component',
+            'license' => 'License'
+        );
+        return $category_types;
     }
 
-    public static function usersList()
-    {
-        $users_list = array('' => trans('general.select_user')) + DB::table('users')
-        ->select(DB::raw('concat(last_name,", ",first_name," (",username,")") as full_name, id'))
-        ->whereNull('deleted_at')
-        ->where('show_in_list','=',1)
-        ->orderBy('last_name', 'asc')
-        ->orderBy('first_name', 'asc')
-        ->pluck('full_name', 'id');
-        return $users_list;
-    }
-
-    public static function assetsList()
-    {
-        $assets_list = array('' => trans('general.select_asset')) + Asset::orderBy('name', 'asc')
-        ->whereNull('deleted_at')
-        ->pluck('name', 'id')->toArray();
-        return $assets_list;
-    }
-
-
+    /**
+     * Get the list of custom fields in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
     public static function customFieldsetList()
     {
         $customfields = array('' => trans('admin/models/general.no_custom_field')) + CustomFieldset::pluck('name', 'id')->toArray();
         return  $customfields;
     }
 
+    /**
+     * Get the list of custom field formats in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.4]
+     * @return Array
+     */
     public static function predefined_formats()
     {
-        $keys=array_keys(CustomField::$PredefinedFormats);
-        $stuff=array_combine($keys, $keys);
-        return $stuff+["" => "Custom Format..."];
+        $keys = array_keys(CustomField::$PredefinedFormats);
+        $stuff = array_combine($keys, $keys);
+        return $stuff;
     }
 
+    /**
+     * Get the list of barcode dimensions
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.3]
+     * @return Array
+     */
     public static function barcodeDimensions($barcode_type = 'QRCODE')
     {
         if ($barcode_type == 'C128') {
@@ -186,6 +252,13 @@ class Helper
         return $size;
     }
 
+    /**
+     * Generates a random string
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return Array
+     */
     public static function generateRandomString($length = 10)
     {
         $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
@@ -197,15 +270,20 @@ class Helper
         return $randomString;
     }
 
-  /**
-  * This nasty little method gets the low inventory info for the
-  * alert dropdown
-  **/
+
+    /**
+     * This nasty little method gets the low inventory info for the
+     * alert dropdown
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return Array
+     */
     public static function checkLowInventory()
     {
-        $consumables = Consumable::with('users')->whereNotNull('min_amt')->get();
-        $accessories = Accessory::with('users')->whereNotNull('min_amt')->get();
-        $components = Component::with('assets')->whereNotNull('min_amt')->get();
+        $consumables = Consumable::withCount('consumableAssignments')->whereNotNull('min_amt')->get();
+        $accessories = Accessory::withCount('users')->whereNotNull('min_amt')->get();
+        $components = Component::withCount('assets')->whereNotNull('min_amt')->get();
 
         $avail_consumables = 0;
         $items_array = array();
@@ -214,12 +292,17 @@ class Helper
         foreach ($consumables as $consumable) {
             $avail = $consumable->numRemaining();
             if ($avail < ($consumable->min_amt) + \App\Models\Setting::getSettings()->alert_threshold) {
-                $percent = number_format((($consumable->numRemaining() / $consumable->qty) * 100), 0);
+                if ($consumable->qty > 0) {
+                    $percent = number_format((($avail / $consumable->qty) * 100), 0);
+                } else {
+                    $percent = 100;
+                }
+
                 $items_array[$all_count]['id'] = $consumable->id;
                 $items_array[$all_count]['name'] = $consumable->name;
                 $items_array[$all_count]['type'] = 'consumables';
                 $items_array[$all_count]['percent'] = $percent;
-                $items_array[$all_count]['remaining']=$consumable->numRemaining();
+                $items_array[$all_count]['remaining'] = $avail;
                 $items_array[$all_count]['min_amt']=$consumable->min_amt;
                 $all_count++;
             }
@@ -228,14 +311,20 @@ class Helper
         }
 
         foreach ($accessories as $accessory) {
-            $avail = $accessory->numRemaining();
+            $avail = $accessory->qty - $accessory->users_count;
             if ($avail < ($accessory->min_amt) + \App\Models\Setting::getSettings()->alert_threshold) {
-                $percent = number_format((($accessory->numRemaining() / $accessory->qty) * 100), 0);
+
+                if ($accessory->qty > 0) {
+                    $percent = number_format((($avail / $accessory->qty) * 100), 0);
+                } else {
+                    $percent = 100;
+                }
+
                 $items_array[$all_count]['id'] = $accessory->id;
                 $items_array[$all_count]['name'] = $accessory->name;
                 $items_array[$all_count]['type'] = 'accessories';
                 $items_array[$all_count]['percent'] = $percent;
-                $items_array[$all_count]['remaining']=$accessory->numRemaining();
+                $items_array[$all_count]['remaining'] = $avail;
                 $items_array[$all_count]['min_amt']=$accessory->min_amt;
                 $all_count++;
             }
@@ -243,14 +332,19 @@ class Helper
         }
 
         foreach ($components as $component) {
-            $avail = $component->numRemaining();
+            $avail = $component->qty - $component->assets_count;
             if ($avail < ($component->min_amt) + \App\Models\Setting::getSettings()->alert_threshold) {
-                $percent = number_format((($component->numRemaining() / $component->total_qty) * 100), 0);
+                if ($component->qty > 0) {
+                    $percent = number_format((($avail / $component->qty) * 100), 0);
+                } else {
+                    $percent = 100;
+                }
+
                 $items_array[$all_count]['id'] = $component->id;
                 $items_array[$all_count]['name'] = $component->name;
                 $items_array[$all_count]['type'] = 'components';
                 $items_array[$all_count]['percent'] = $percent;
-                $items_array[$all_count]['remaining']=$component->numRemaining();
+                $items_array[$all_count]['remaining'] = $avail;
                 $items_array[$all_count]['min_amt']=$component->min_amt;
                 $all_count++;
             }
@@ -265,9 +359,16 @@ class Helper
     }
 
 
+    /**
+     * Check if the file is an image, so we can show a preview
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @param File $file
+     * @return String | Boolean
+     */
     public static function checkUploadIsImage($file)
     {
-        // Check if the file is an image, so we can show a preview
         $finfo = @finfo_open(FILEINFO_MIME_TYPE); // return mime type ala mimetype extension
         $filetype = @finfo_file($finfo, $file);
         finfo_close($finfo);
@@ -280,25 +381,26 @@ class Helper
     }
 
     /**
-    * Walks through the permissions in the permissions config file and determines if
-    * permissions are granted based on a $selected_arr array.
-    *
-    * The $permissions array is a multidimensional array broke down by section.
-    * (Licenses, Assets, etc)
-    *
-    * The $selected_arr should be a flattened array that contains just the
-    * corresponding permission name and a true or false boolean to determine
-    * if that group/user has been granted that permission.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net]
-    * @param array $permissions
-    * @param array $selected_arr
-    * @since [v1.0]
-    * @return Array
-    */
+     * Walks through the permissions in the permissions config file and determines if
+     * permissions are granted based on a $selected_arr array.
+     *
+     * The $permissions array is a multidimensional array broke down by section.
+     * (Licenses, Assets, etc)
+     *
+     * The $selected_arr should be a flattened array that contains just the
+     * corresponding permission name and a true or false boolean to determine
+     * if that group/user has been granted that permission.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net]
+     * @param array $permissions
+     * @param array $selected_arr
+     * @since [v1.0]
+     * @return Array
+     */
     public static function selectedPermissionsArray($permissions, $selected_arr = array())
     {
 
+
         $permissions_arr = array();
 
         foreach ($permissions as $permission) {
@@ -309,8 +411,8 @@ class Helper
                 if ($permission[$x]['display'] === true) {
 
                     if ($selected_arr) {
-                        if (array_key_exists($permission_name,$selected_arr)) {
-                            $permissions_arr[$permission_name] = ($selected_arr[$permission_name] == 1) ? '1': '0';
+                        if (array_key_exists($permission_name, $selected_arr)) {
+                            $permissions_arr[$permission_name] = $selected_arr[$permission_name];
                         } else {
                             $permissions_arr[$permission_name] = '0';
                         }
@@ -324,8 +426,250 @@ class Helper
 
 
         }
-        
+
         return $permissions_arr;
     }
 
+    /**
+     * Introspects into the model validation to see if the field passed is required.
+     * This is used by the blades to add a required class onto the HTML element.
+     * This isn't critical, but is helpful to keep form fields in sync with the actual
+     * model level validation.
+     *
+     * This does not currently handle form request validation requiredness :(
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return boolean
+     */
+    public static function checkIfRequired($class, $field)
+    {
+        $rules = $class::rules();
+        foreach ($rules as $rule_name => $rule) {
+            if ($rule_name == $field) {
+                if (strpos($rule, 'required') === false) {
+                    return false;
+                } else {
+                    return true;
+                }
+
+            }
+        }
+    }
+
+
+    /**
+     * Check to see if the given key exists in the array, and trim excess white space before returning it
+     *
+     * @author Daniel Melzter
+     * @since 3.0
+     * @param $array array
+     * @param $key string
+     * @param $default string
+     * @return string
+     */
+    public static function array_smart_fetch(array $array, $key, $default = '')
+    {
+        array_change_key_case($array, CASE_LOWER);
+        return array_key_exists(strtolower($key), array_change_key_case($array)) ? e(trim($array[ $key ])) : $default;
+    }
+
+
+    /**
+     * Gracefully handle decrypting the legacy data (encrypted via mcrypt) and use the new
+     * decryption method instead.
+     *
+     * This is not currently used, but will be.
+     *
+     * @author A. Gianotto
+     * @since 3.6
+     * @param CustomField $field
+     * @param String $string
+     * @return string
+     */
+    public static function gracefulDecrypt(CustomField $field, $string)
+    {
+
+        if ($field->isFieldDecryptable($string)) {
+
+            try {
+                Crypt::decrypt($string);
+                return Crypt::decrypt($string);
+
+            } catch (DecryptException $e) {
+                return 'Error Decrypting: '.$e->getMessage();
+            }
+
+        }
+        return $string;
+
+    }
+
+
+
+    public static function formatStandardApiResponse($status, $payload = null, $messages = null) {
+
+        $array['status'] = $status;
+        $array['messages'] = $messages;
+        if (($messages) &&  (is_array($messages)) && (count($messages) > 0)) {
+            $array['messages'] = $messages;
+        }
+        ($payload) ? $array['payload'] = $payload : $array['payload'] = null;
+        return $array;
+    }
+
+
+    /*
+    Possible solution for unicode fieldnames
+    */
+    public static function make_slug($string) {
+        return preg_replace('/\s+/u', '_', trim($string));
+    }
+
+
+    public static function getFormattedDateObject($date, $type = 'datetime', $array = true) {
+
+        if ($date=='') {
+            return null;
+        }
+
+        $settings = Setting::getSettings();
+        $tmp_date = new \Carbon($date);
+
+        if ($type == 'datetime') {
+            $dt['datetime'] = $tmp_date->format('Y-m-d H:i:s');
+            $dt['formatted'] = $tmp_date->format($settings->date_display_format .' '. $settings->time_display_format);
+        } else {
+            $dt['date'] = $tmp_date->format('Y-m-d');
+            $dt['formatted'] = $tmp_date->format($settings->date_display_format);
+        }
+
+        if ($array == 'true') {
+            return $dt;
+        }
+        return $dt['formatted'];
+
+    }
+
+
+    // Nicked from Drupal :)
+    // Returns a file size limit in bytes based on the PHP upload_max_filesize
+    // and post_max_size
+    public static function file_upload_max_size() {
+        static $max_size = -1;
+
+        if ($max_size < 0) {
+
+            // Start with post_max_size.
+            $post_max_size = Helper::parse_size(ini_get('post_max_size'));
+            if ($post_max_size > 0) {
+                $max_size = $post_max_size;
+            }
+
+            // If upload_max_size is less, then reduce. Except if upload_max_size is
+            // zero, which indicates no limit.
+            $upload_max = Helper::parse_size(ini_get('upload_max_filesize'));
+            if ($upload_max > 0 && $upload_max < $max_size) {
+                $max_size = $upload_max;
+            }
+        }
+
+        return $max_size;
+    }
+
+    public static function file_upload_max_size_readable() {
+        static $max_size = -1;
+
+        if ($max_size < 0) {
+            // Start with post_max_size.
+            $post_max_size = Helper::parse_size(ini_get('post_max_size'));
+            if ($post_max_size > 0) {
+                $max_size = ini_get('post_max_size');
+            }
+
+            // If upload_max_size is less, then reduce. Except if upload_max_size is
+            // zero, which indicates no limit.
+            $upload_max = Helper::parse_size(ini_get('upload_max_filesize'));
+            if ($upload_max > 0 && $upload_max < $max_size) {
+                $max_size = ini_get('upload_max_filesize');
+            }
+        }
+        return $max_size;
+    }
+
+    public static function parse_size($size) {
+        $unit = preg_replace('/[^bkmgtpezy]/i', '', $size); // Remove the non-unit characters from the size.
+        $size = preg_replace('/[^0-9\.]/', '', $size); // Remove the non-numeric characters from the size.
+        if ($unit) {
+            // Find the position of the unit in the ordered string which is the power of magnitude to multiply a kilobyte by.
+            return round($size * pow(1024, stripos('bkmgtpezy', $unit[0])));
+        }
+        else {
+            return round($size);
+        }
+    }
+
+
+    public static function filetype_icon($filename) {
+
+        $extension = substr(strrchr($filename,'.'),1);
+
+        if ($extension) {
+            switch ($extension) {
+                case 'jpg':
+                case 'jpeg':
+                case 'gif':
+                case 'png':
+                    return "fa fa-file-image-o";
+                    break;
+                case 'doc':
+                case 'docx':
+                    return "fa fa-file-word-o";
+                    break;
+                case 'xls':
+                case 'xlsx':
+                    return "fa fa-file-excel-o";
+                    break;
+                case 'zip':
+                case 'rar':
+                    return "fa fa-file-archive-o";
+                    break;
+                case 'pdf':
+                    return "fa fa-file-pdf-o";
+                    break;
+                case 'txt':
+                    return "fa fa-file-text-o";
+                    break;
+                case 'lic':
+                    return "fa fa-floppy-o";
+                    break;
+                default:
+                    return "fa fa-file-o";
+            }
+        }
+        return "fa fa-file-o";
+    }
+
+    public static function show_file_inline($filename) {
+
+        $extension = substr(strrchr($filename,'.'),1);
+
+        if ($extension) {
+            switch ($extension) {
+                case 'jpg':
+                case 'jpeg':
+                case 'gif':
+                case 'png':
+                    return true;
+                    break;
+                default:
+                    return false;
+            }
+        }
+        return false;
+    }
+
+
+
+
 }

app/Http/Controllers/AccessoriesController.php

@@ -3,22 +3,22 @@ namespace App\Http\Controllers;
 
 use App\Helpers\Helper;
 use App\Models\Accessory;
-use App\Models\Actionlog;
 use App\Models\Company;
-use App\Models\Setting;
 use App\Models\User;
+use Auth;
 use Carbon\Carbon;
 use Config;
 use DB;
+use Gate;
 use Input;
 use Lang;
-use Mail;
 use Redirect;
+use Illuminate\Http\Request;
 use Slack;
 use Str;
 use View;
-use Auth;
-use Request;
+use Image;
+use App\Http\Requests\ImageUploadRequest;
 
 /** This controller handles all actions related to Accessories for
  * the Snipe-IT Asset Management application.
@@ -37,9 +37,10 @@ class AccessoriesController extends Controller
     * @since [v1.0]
     * @return View
     */
-    public function getIndex(Request $request)
+    public function index(Request $request)
     {
-        return View::make('accessories/index');
+        $this->authorize('index', Accessory::class);
+        return view('accessories/index');
     }
 
 
@@ -49,17 +50,12 @@ class AccessoriesController extends Controller
    * @author [A. Gianotto] [<snipe@snipe.net>]
    * @return View
    */
-    public function getCreate(Request $request)
+    public function create(Request $request)
     {
-        // Show the page
-        $category_list = array('' => '') + DB::table('categories')->where('category_type', '=', 'accessory')->whereNull('deleted_at')->orderBy('name', 'ASC')->lists('name', 'id');
-        $company_list = Helper::companyList();
-        $location_list = Helper::locationsList();
-        return View::make('accessories/edit')
-          ->with('accessory', new Accessory)
-          ->with('category_list', $category_list)
-          ->with('company_list', $company_list)
-          ->with('location_list', $location_list);
+        $this->authorize('create', Accessory::class);
+        $category_type = 'accessory';
+        return view('accessories/edit')->with('category_type', $category_type)
+          ->with('item', new Accessory);
     }
 
 
@@ -69,42 +65,53 @@ class AccessoriesController extends Controller
    * @author [A. Gianotto] [<snipe@snipe.net>]
    * @return Redirect
    */
-    public function postCreate(Request $request)
+    public function store(ImageUploadRequest $request)
     {
-
+        $this->authorize(Accessory::class);
         // create a new model instance
         $accessory = new Accessory();
 
         // Update the accessory data
-        $accessory->name                  = e(Input::get('name'));
-        $accessory->category_id               = e(Input::get('category_id'));
-        $accessory->location_id               = e(Input::get('location_id'));
-        $accessory->min_amt               = e(Input::get('min_amt'));
-        $accessory->company_id              = Company::getIdForCurrentUser(Input::get('company_id'));
-        $accessory->order_number            = e(Input::get('order_number'));
+        $accessory->name                    = request('name');
+        $accessory->category_id             = request('category_id');
+        $accessory->location_id             = request('location_id');
+        $accessory->min_amt                 = request('min_amt');
+        $accessory->company_id              = Company::getIdForCurrentUser(request('company_id'));
+        $accessory->order_number            = request('order_number');
+        $accessory->manufacturer_id         = request('manufacturer_id');
+        $accessory->model_number            = request('model_number');
+        $accessory->purchase_date           = request('purchase_date');
+        $accessory->purchase_cost           = Helper::ParseFloat(request('purchase_cost'));
+        $accessory->qty                     = request('qty');
+        $accessory->user_id                 = Auth::user()->id;
+        $accessory->supplier_id             = request('supplier_id');
 
-        if (e(Input::get('purchase_date')) == '') {
-            $accessory->purchase_date       =  null;
-        } else {
-            $accessory->purchase_date       = e(Input::get('purchase_date'));
+        if ($request->hasFile('image')) {
+
+            if (!config('app.lock_passwords')) {
+                $image = $request->file('image');
+                $ext = $image->getClientOriginalExtension();
+                $file_name = "accessory-".str_random(18).'.'.$ext;
+                $path = public_path('/uploads/accessories');
+                if ($image->getClientOriginalExtension()!='svg') {
+                    Image::make($image->getRealPath())->resize(null, 250, function ($constraint) {
+                        $constraint->aspectRatio();
+                        $constraint->upsize();
+                    })->save($path.'/'.$file_name);
+                } else {
+                    $image->move($path, $file_name);
+                }
+                $accessory->image = $file_name;
+            }
         }
 
-        if (e(Input::get('purchase_cost')) == '0.00') {
-            $accessory->purchase_cost       =  null;
-        } else {
-            $accessory->purchase_cost       = e(Input::get('purchase_cost'));
-        }
 
-        $accessory->qty                       = e(Input::get('qty'));
-        $accessory->user_id               = Auth::user()->id;
 
         // Was the accessory created?
         if ($accessory->save()) {
             // Redirect to the new accessory  page
-            return redirect()->to("admin/accessories")->with('success', trans('admin/accessories/message.create.success'));
+            return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.create.success'));
         }
-
-
         return redirect()->back()->withInput()->withErrors($accessory->getErrors());
     }
 
@@ -115,24 +122,17 @@ class AccessoriesController extends Controller
    * @param  int  $accessoryId
    * @return View
    */
-    public function getEdit(Request $request, $accessoryId = null)
+    public function edit(Request $request, $accessoryId = null)
     {
-        // Check if the accessory exists
-        if (is_null($accessory = Accessory::find($accessoryId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/accessories')->with('error', trans('admin/accessories/message.does_not_exist'));
-        } elseif (!Company::isCurrentUserHasAccess($accessory)) {
-            return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
+
+        if ($item = Accessory::find($accessoryId)) {
+            $this->authorize($item);
+            $category_type = 'accessory';
+            return view('accessories/edit', compact('item'))->with('category_type', $category_type);
         }
 
-        $category_list = array('' => '') + DB::table('categories')->where('category_type', '=', 'accessory')->whereNull('deleted_at')->orderBy('name', 'ASC')->lists('name', 'id');
-        $company_list = Helper::companyList();
-        $location_list = Helper::locationsList();
+        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
 
-        return View::make('accessories/edit', compact('accessory'))
-          ->with('category_list', $category_list)
-          ->with('company_list', $company_list)
-          ->with('location_list', $location_list);
     }
 
 
@@ -143,52 +143,57 @@ class AccessoriesController extends Controller
    * @param  int  $accessoryId
    * @return Redirect
    */
-    public function postEdit(Request $request, $accessoryId = null)
+    public function update(ImageUploadRequest $request, $accessoryId = null)
     {
-      // Check if the blog post exists
         if (is_null($accessory = Accessory::find($accessoryId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/accessories')->with('error', trans('admin/accessories/message.does_not_exist'));
-        } elseif (!Company::isCurrentUserHasAccess($accessory)) {
-            return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
+            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
         }
 
-      // Update the accessory data
-        $accessory->name                    = e(Input::get('name'));
+        $this->authorize($accessory);
 
-        if (e(Input::get('location_id')) == '') {
-            $accessory->location_id = null;
-        } else {
-            $accessory->location_id     = e(Input::get('location_id'));
-        }
-        $accessory->min_amt             = e(Input::get('min_amt'));
-        $accessory->category_id             = e(Input::get('category_id'));
-        $accessory->company_id              = Company::getIdForCurrentUser(Input::get('company_id'));
-        $accessory->order_number            = e(Input::get('order_number'));
+        // Update the accessory data
+        $accessory->name                    = request('name');
+        $accessory->location_id             = request('location_id');
+        $accessory->min_amt                 = request('min_amt');
+        $accessory->category_id             = request('category_id');
+        $accessory->company_id              = Company::getIdForCurrentUser(request('company_id'));
+        $accessory->manufacturer_id         = request('manufacturer_id');
+        $accessory->order_number            = request('order_number');
+        $accessory->model_number            = request('model_number');
+        $accessory->purchase_date           = request('purchase_date');
+        $accessory->purchase_cost           = request('purchase_cost');
+        $accessory->qty                     = request('qty');
+        $accessory->supplier_id             = request('supplier_id');
 
-        if (e(Input::get('purchase_date')) == '') {
-            $accessory->purchase_date       =  null;
-        } else {
-            $accessory->purchase_date       = e(Input::get('purchase_date'));
+        if ($request->hasFile('image')) {
+
+            if (!config('app.lock_passwords')) {
+                $image = $request->file('image');
+                $ext = $image->getClientOriginalExtension();
+                $file_name = "accessory-".str_random(18).'.'.$ext;
+                $path = public_path('/uploads/accessories');
+                if ($image->getClientOriginalExtension()!='svg') {
+                    Image::make($image->getRealPath())->resize(null, 250, function ($constraint) {
+                        $constraint->aspectRatio();
+                        $constraint->upsize();
+                    })->save($path.'/'.$file_name);
+                } else {
+                    $image->move($path, $file_name);
+                }
+                if (($accessory->image) && (file_exists($path.'/'.$accessory->image))) {
+                    unlink($path.'/'.$accessory->image);
+                }
+
+                $accessory->image = $file_name;
+            }
         }
 
-        if (e(Input::get('purchase_cost')) == '0.00') {
-            $accessory->purchase_cost       =  null;
-        } else {
-            $accessory->purchase_cost       = e(Input::get('purchase_cost'));
-        }
 
-        $accessory->qty                     = e(Input::get('qty'));
-
-      // Was the accessory created?
+        // Was the accessory updated?
         if ($accessory->save()) {
-            // Redirect to the new accessory page
-            return redirect()->to("admin/accessories")->with('success', trans('admin/accessories/message.update.success'));
+            return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.update.success'));
         }
-
-
         return redirect()->back()->withInput()->withErrors($accessory->getErrors());
-
     }
 
   /**
@@ -198,26 +203,20 @@ class AccessoriesController extends Controller
    * @param  int  $accessoryId
    * @return Redirect
    */
-    public function getDelete(Request $request, $accessoryId)
+    public function destroy(Request $request, $accessoryId)
     {
-        // Check if the blog post exists
         if (is_null($accessory = Accessory::find($accessoryId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/accessories')->with('error', trans('admin/accessories/message.not_found'));
-        } elseif (!Company::isCurrentUserHasAccess($accessory)) {
-            return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
+            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.not_found'));
         }
 
+        $this->authorize($accessory);
+
 
         if ($accessory->hasUsers() > 0) {
-             return redirect()->to('admin/accessories')->with('error', trans('admin/accessories/message.assoc_users', array('count'=> $accessory->hasUsers())));
-        } else {
-            $accessory->delete();
-
-            // Redirect to the locations management page
-            return redirect()->to('admin/accessories')->with('success', trans('admin/accessories/message.delete.success'));
-
+             return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.assoc_users', array('count'=> $accessory->hasUsers())));
         }
+        $accessory->delete();
+        return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.delete.success'));
     }
 
 
@@ -227,31 +226,19 @@ class AccessoriesController extends Controller
   * the content for the accessory detail view, which is generated in getDataView.
   *
   * @author [A. Gianotto] [<snipe@snipe.net>]
-  * @param  int  $accessoryId
+  * @param  int  $accessoryID
   * @see AccessoriesController::getDataView() method that generates the JSON response
   * @since [v1.0]
   * @return View
   */
-    public function getView(Request $request, $accessoryID = null)
+    public function show(Request $request, $accessoryID = null)
     {
         $accessory = Accessory::find($accessoryID);
-
+        $this->authorize('view', $accessory);
         if (isset($accessory->id)) {
-
-            if (!Company::isCurrentUserHasAccess($accessory)) {
-                return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
-            } else {
-                return View::make('accessories/view', compact('accessory'));
-            }
-        } else {
-            // Prepare the error message
-            $error = trans('admin/accessories/message.does_not_exist', compact('id'));
-
-            // Redirect to the user management page
-            return redirect()->route('accessories')->with('error', $error);
+            return view('accessories/view', compact('accessory'));
         }
-
-
+        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist', compact('id')));
     }
 
   /**
@@ -266,15 +253,20 @@ class AccessoriesController extends Controller
         // Check if the accessory exists
         if (is_null($accessory = Accessory::find($accessoryId))) {
             // Redirect to the accessory management page with error
-            return redirect()->to('accessories')->with('error', trans('admin/accessories/message.not_found'));
-        } elseif (!Company::isCurrentUserHasAccess($accessory)) {
-            return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
+            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.not_found'));
         }
 
-        // Get the dropdown of users and then pass it to the checkout view
-        $users_list = Helper::usersList();
+        if ($accessory->category) {
+
+            $this->authorize('checkout', $accessory);
+
+            // Get the dropdown of users and then pass it to the checkout view
+            return view('accessories/checkout', compact('accessory'));
+        }
+
+        return redirect()->back()->with('error', 'The category type for this accessory is not valid. Edit the accessory and select a valid accessory category.');
+
 
-        return View::make('accessories/checkout', compact('accessory'))->with('users_list', $users_list);
 
     }
 
@@ -293,72 +285,28 @@ class AccessoriesController extends Controller
       // Check if the accessory exists
         if (is_null($accessory = Accessory::find($accessoryId))) {
             // Redirect to the accessory management page with error
-            return redirect()->to('accessories')->with('error', trans('admin/accessories/message.user_not_found'));
-        } elseif (!Company::isCurrentUserHasAccess($accessory)) {
-            return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
+            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.user_not_found'));
         }
 
+        $this->authorize('checkout', $accessory);
+
         if (!$user = User::find(Input::get('assigned_to'))) {
-            return redirect()->to('admin/accessories')->with('error', trans('admin/accessories/message.not_found'));
+            return redirect()->route('checkout/accessory', $accessory->id)->with('error', trans('admin/accessories/message.checkout.user_does_not_exist'));
         }
 
       // Update the accessory data
-        $accessory->assigned_to                 = e(Input::get('assigned_to'));
+        $accessory->assigned_to = e(Input::get('assigned_to'));
 
-        $accessory->users()->attach($accessory->id, array(
-        'accessory_id' => $accessory->id,
-        'created_at' => Carbon::now(),
-        'user_id' => Auth::user()->id,
-        'assigned_to' => e(Input::get('assigned_to'))));
+        $accessory->users()->attach($accessory->id, [
+            'accessory_id' => $accessory->id,
+            'created_at' => Carbon::now(),
+            'user_id' => Auth::id(),
+            'assigned_to' => $request->get('assigned_to')
+        ]);
 
-        $logaction = new Actionlog();
-        $logaction->accessory_id = $accessory->id;
-        $logaction->checkedout_to = $accessory->assigned_to;
-        $logaction->asset_type = 'accessory';
-        $logaction->location_id = $user->location_id;
-        $logaction->user_id = Auth::user()->id;
-        $logaction->note = e(Input::get('note'));
+        $logaction = $accessory->logCheckout(e(Input::get('note')), $user);
 
-
-
-        $settings = Setting::getSettings();
-
-        if ($settings->slack_endpoint) {
-
-
-            $slack_settings = [
-              'username' => $settings->botname,
-              'channel' => $settings->slack_channel,
-              'link_names' => true
-            ];
-
-            $client = new \Maknz\Slack\Client($settings->slack_endpoint, $slack_settings);
-
-            try {
-                $client->attach([
-                'color' => 'good',
-                'fields' => [
-                  [
-                  'title' => 'Checked Out:',
-                  'value' => strtoupper($logaction->asset_type).' <'.config('app.url').'/admin/accessories/'.$accessory->id.'/view'.'|'.$accessory->name.'> checked out to <'.config('app.url').'/admin/users/'.$user->id.'/view|'.$user->fullName().'> by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
-                  ],
-                  [
-                      'title' => 'Note:',
-                      'value' => e($logaction->note)
-                  ],
-                ]
-                ])->send('Accessory Checked Out');
-            } catch (Exception $e) {
-
-            }
-
-        }
-
-
-
-        $log = $logaction->logaction('checkout');
-
-        $accessory_user = DB::table('accessories_users')->where('assigned_to', '=', $accessory->assigned_to)->where('accessory_id', '=', $accessory->id)->first();
+        DB::table('accessories_users')->where('assigned_to', '=', $accessory->assigned_to)->where('accessory_id', '=', $accessory->id)->first();
 
         $data['log_id'] = $logaction->id;
         $data['eula'] = $accessory->getEula();
@@ -370,298 +318,83 @@ class AccessoriesController extends Controller
         $data['note'] = $logaction->note;
         $data['require_acceptance'] = $accessory->requireAcceptance();
 
-
-        if (($accessory->requireAcceptance()=='1')  || ($accessory->getEula())) {
-
-            Mail::send('emails.accept-accessory', $data, function ($m) use ($user) {
-                $m->to($user->email, $user->first_name . ' ' . $user->last_name);
-                $m->subject('Confirm accessory delivery');
-            });
-        }
-
       // Redirect to the new accessory page
-        return redirect()->to("admin/accessories")->with('success', trans('admin/accessories/message.checkout.success'));
-
-
-
+        return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.checkout.success'));
     }
 
 
-  /**
-  * Check the accessory back into inventory
-  *
-  * @author [A. Gianotto] [<snipe@snipe.net>]
-  * @param  int  $accessoryId
-  * @return View
-  **/
+    /**
+     * Check the accessory back into inventory
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param Request $request
+     * @param integer $accessoryUserId
+     * @param string $backto
+     * @return View
+     * @internal param int $accessoryId
+     */
     public function getCheckin(Request $request, $accessoryUserId = null, $backto = null)
     {
         // Check if the accessory exists
         if (is_null($accessory_user = DB::table('accessories_users')->find($accessoryUserId))) {
             // Redirect to the accessory management page with error
-            return redirect()->to('admin/accessories')->with('error', trans('admin/accessories/message.not_found'));
+            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.not_found'));
         }
 
         $accessory = Accessory::find($accessory_user->accessory_id);
-
-        if (!Company::isCurrentUserHasAccess($accessory)) {
-            return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
-        } else {
-            return View::make('accessories/checkin', compact('accessory'))->with('backto', $backto);
-        }
+        $this->authorize('checkin', $accessory);
+        return view('accessories/checkin', compact('accessory'))->with('backto', $backto);
     }
 
 
-  /**
-  * Check in the item so that it can be checked out again to someone else
-  *
-  * @uses Accessory::checkin_email() to determine if an email can and should be sent
-  * @author [A. Gianotto] [<snipe@snipe.net>]
-  * @param  int  $accessoryId
-  * @return Redirect
-  **/
+    /**
+     * Check in the item so that it can be checked out again to someone else
+     *
+     * @uses Accessory::checkin_email() to determine if an email can and should be sent
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param Request $request
+     * @param integer $accessoryUserId
+     * @param string $backto
+     * @return Redirect
+     * @internal param int $accessoryId
+     */
     public function postCheckin(Request $request, $accessoryUserId = null, $backto = null)
     {
       // Check if the accessory exists
         if (is_null($accessory_user = DB::table('accessories_users')->find($accessoryUserId))) {
             // Redirect to the accessory management page with error
-            return redirect()->to('admin/accessories')->with('error', trans('admin/accessories/message.not_found'));
+            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
         }
 
-
         $accessory = Accessory::find($accessory_user->accessory_id);
 
-        if (!Company::isCurrentUserHasAccess($accessory)) {
-            return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
-        }
+        $this->authorize('checkin', $accessory);
 
-        $logaction = new Actionlog();
-        $logaction->checkedout_to = e($accessory_user->assigned_to);
         $return_to = e($accessory_user->assigned_to);
-        $admin_user = Auth::user();
+        $logaction = $accessory->logCheckin(User::find($return_to), e(Input::get('note')));
 
-
-      // Was the accessory updated?
+        // Was the accessory updated?
         if (DB::table('accessories_users')->where('id', '=', $accessory_user->id)->delete()) {
-
-            $logaction->accessory_id = e($accessory->id);
-            $logaction->location_id = null;
-            $logaction->asset_type = 'accessory';
-            $logaction->user_id = e($admin_user->id);
-            $logaction->note = e(Input::get('note'));
-
-            $settings = Setting::getSettings();
-
-            if ($settings->slack_endpoint) {
-
-
-                $slack_settings = [
-                'username' => e($settings->botname),
-                'channel' => e($settings->slack_channel),
-                'link_names' => true
-                ];
-
-                $client = new \Maknz\Slack\Client($settings->slack_endpoint, $slack_settings);
-
-                try {
-                    $client->attach([
-                        'color' => 'good',
-                        'fields' => [
-                            [
-                                'title' => 'Checked In:',
-                                'value' => strtoupper($logaction->asset_type).' <'.config('app.url').'/admin/accessories/'.e($accessory->id).'/view'.'|'.e($accessory->name).'> checked in by <'.config('app.url').'/admin/users/'.e($admin_user->id).'/view'.'|'.e($admin_user->fullName()).'>.'
-                            ],
-                            [
-                                'title' => 'Note:',
-                                'value' => e($logaction->note)
-                            ],
-
-                        ]
-                    ])->send('Accessory Checked In');
-
-                } catch (Exception $e) {
-
-                }
-
-            }
-
-
-            $log = $logaction->logaction('checkin from');
-
             if (!is_null($accessory_user->assigned_to)) {
                 $user = User::find($accessory_user->assigned_to);
             }
 
             $data['log_id'] = $logaction->id;
             $data['first_name'] = e($user->first_name);
+            $data['last_name'] = e($user->last_name);
             $data['item_name'] = e($accessory->name);
             $data['checkin_date'] = e($logaction->created_at);
             $data['item_tag'] = '';
             $data['note'] = e($logaction->note);
 
-            if (($accessory->checkin_email()=='1')) {
-
-                Mail::send('emails.checkin-asset', $data, function ($m) use ($user) {
-                    $m->to($user->email, $user->first_name . ' ' . $user->last_name);
-                    $m->subject('Confirm Accessory Checkin');
-                });
-            }
-
             if ($backto=='user') {
-                return redirect()->to("admin/users/".$return_to.'/view')->with('success', trans('admin/accessories/message.checkin.success'));
-            } else {
-                return redirect()->to("admin/accessories/".$accessory->id."/view")->with('success', trans('admin/accessories/message.checkin.success'));
+                return redirect()->route("users.show", $return_to)->with('success', trans('admin/accessories/message.checkin.success'));
             }
+            return redirect()->route("accessories.show", $accessory->id)->with('success', trans('admin/accessories/message.checkin.success'));
         }
-
         // Redirect to the accessory management page with error
-        return redirect()->to("admin/accessories")->with('error', trans('admin/accessories/message.checkin.error'));
-    }
-
-    /**
-    * Generates the JSON response for accessories listing view.
-    *
-    * Example:
-    * {
-    *  "actions": "(links to available actions)",
-    *  "category": "(link to category)",
-    *  "companyName": "My Company",
-    *  "location":  "My Location",
-    *  "min_amt": 2,
-    *  "name":  "(link to accessory),
-    *  "numRemaining": 6,
-    *  "order_number": null,
-    *  "purchase_cost": "0.00",
-    *  "purchase_date": null,
-    *  "qty": 7
-    *  },
-    *
-    * The names of the fields in the returns JSON correspond directly to the the
-    * names of the fields in the bootstrap-tables in the view.
-    *
-    * For debugging, see at /api/accessories/list
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @param  int  $accessoryId
-    * @return string JSON containing accessories and their associated atrributes.
-    **/
-    public function getDatatable(Request $request)
-    {
-        $accessories = Accessory::select('accessories.*')->with('category', 'company')
-        ->whereNull('accessories.deleted_at');
-
-        if (Input::has('search')) {
-            $accessories = $accessories->TextSearch(e(Input::get('search')));
-        }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-
-        $allowed_columns = ['name','min_amt','order_number','purchase_date','purchase_cost','companyName','category'];
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
-
-        switch ($sort) {
-            case 'category':
-                $accessories = $accessories->OrderCategory($order);
-                break;
-            case 'companyName':
-                $accessories = $accessories->OrderCompany($order);
-                break;
-            default:
-                $accessories = $accessories->orderBy($sort, $order);
-                break;
-        }
-
-        $accessCount = $accessories->count();
-        $accessories = $accessories->skip($offset)->take($limit)->get();
-
-        $rows = array();
-
-        foreach ($accessories as $accessory) {
-            $actions = '<nobr><a href="'.route('checkout/accessory', $accessory->id).'" style="margin-right:5px;" class="btn btn-info btn-sm" '.(($accessory->numRemaining() > 0 ) ? '' : ' disabled').'>'.trans('general.checkout').'</a><a href="'.route('update/accessory', $accessory->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/accessory', $accessory->id).'" data-content="'.trans('admin/accessories/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($accessory->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></nobr>';
-            $company = $accessory->company;
-
-            $rows[] = array(
-            'name'          => '<a href="'.url('admin/accessories/'.$accessory->id).'/view">'. $accessory->name.'</a>',
-            'category'      => ($accessory->category) ? (string)link_to('admin/settings/categories/'.$accessory->category->id.'/view', $accessory->category->name) : '',
-            'qty'           => e($accessory->qty),
-            'order_number'  => e($accessory->order_number),
-            'min_amt'  => e($accessory->min_amt),
-            'location'      => ($accessory->location) ? e($accessory->location->name): '',
-            'purchase_date' => e($accessory->purchase_date),
-            'purchase_cost' => number_format($accessory->purchase_cost, 2),
-            'numRemaining'  => $accessory->numRemaining(),
-            'actions'       => $actions,
-            'companyName'   => is_null($company) ? '' : e($company->name)
-            );
-        }
-
-        $data = array('total'=>$accessCount, 'rows'=>$rows);
-
-        return $data;
+        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.checkin.error'));
     }
 
 
-  /**
-  * Generates the JSON response for accessory detail view.
-  *
-  * Example:
-  * <code>
-  * {
-  * "rows": [
-  * {
-  * "actions": "(link to available actions)",
-  * "name": "(link to user)"
-  * }
-  * ],
-  * "total": 1
-  * }
-  * </code>
-  *
-  * The names of the fields in the returns JSON correspond directly to the the
-  * names of the fields in the bootstrap-tables in the view.
-  *
-  * For debugging, see at /api/accessories/$accessoryID/view
-  *
-  * @author [A. Gianotto] [<snipe@snipe.net>]
-  * @param  int  $accessoryId
-  * @return string JSON containing accessories and their associated atrributes.
-  **/
-    public function getDataView(Request $request, $accessoryID)
-    {
-        $accessory = Accessory::find($accessoryID);
-
-        if (!Company::isCurrentUserHasAccess($accessory)) {
-            return ['total' => 0, 'rows' => []];
-        }
-
-        $accessory_users = $accessory->users;
-        $count = $accessory_users->count();
-
-        $rows = array();
-
-        foreach ($accessory_users as $user) {
-            $actions = '<a href="'.route('checkin/accessory', $user->pivot->id).'" class="btn btn-info btn-sm">Checkin</a>';
-
-            $rows[] = array(
-              'name'          =>(string) link_to('/admin/users/'.$user->id.'/view', e($user->fullName())),
-              'actions'       => $actions
-              );
-        }
-
-        $data = array('total'=>$count, 'rows'=>$rows);
-
-        return $data;
-    }
 }

app/Http/Controllers/ActionlogController.php

@@ -0,0 +1,18 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Helpers\Helper;
+use Response;
+
+class ActionlogController extends Controller
+{
+    public function displaySig($filename)
+    {
+        $this->authorize('view', \App\Models\Asset::class);
+        $file = config('app.private_uploads') . '/signatures/' . $filename;
+        $filetype = Helper::checkUploadIsImage($file);
+        $contents = file_get_contents($file);
+        return Response::make($contents)->header('Content-Type', $filetype);
+    }
+}

app/Http/Controllers/Api/AccessoriesController.php

@@ -0,0 +1,194 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Helpers\Helper;
+use App\Models\Accessory;
+use App\Http\Transformers\AccessoriesTransformer;
+use App\Models\Company;
+
+
+class AccessoriesController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', Accessory::class);
+        $allowed_columns = ['id','name','model_number','eol','notes','created_at','min_amt','company_id'];
+
+        $accessories = Accessory::with('category', 'company', 'manufacturer', 'users', 'location');
+
+        if ($request->has('search')) {
+            $accessories = $accessories->TextSearch($request->input('search'));
+        }
+
+        if ($request->has('company_id')) {
+            $accessories->where('company_id','=',$request->input('company_id'));
+        }
+
+        if ($request->has('category_id')) {
+            $accessories->where('category_id','=',$request->input('category_id'));
+        }
+
+        if ($request->has('manufacturer_id')) {
+            $accessories->where('manufacturer_id','=',$request->input('manufacturer_id'));
+        }
+
+        if ($request->has('supplier_id')) {
+            $accessories->where('supplier_id','=',$request->input('supplier_id'));
+        }
+
+        $offset = (($accessories) && (request('offset') > $accessories->count())) ? 0 : request('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+
+        switch ($sort) {
+            case 'category':
+                $accessories = $accessories->OrderCategory($order);
+                break;
+            case 'company':
+                $accessories = $accessories->OrderCompany($order);
+                break;
+            default:
+                $accessories = $accessories->orderBy($sort, $order);
+                break;
+        }
+
+        $accessories->orderBy($sort, $order);
+
+        $total = $accessories->count();
+        $accessories = $accessories->skip($offset)->take($limit)->get();
+        return (new AccessoriesTransformer)->transformAccessories($accessories, $total);
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', Accessory::class);
+        $accessory = new Accessory;
+        $accessory->fill($request->all());
+
+        if ($accessory->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $accessory, trans('admin/accessories/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $accessory->getErrors()));
+
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', Accessory::class);
+        $accessory = Accessory::findOrFail($id);
+        return (new AccessoriesTransformer)->transformAccessory($accessory);
+    }
+
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function accessory_detail($id)
+    {
+        $this->authorize('view', Accessory::class);
+        $accessory = Accessory::findOrFail($id);
+        return (new AccessoriesTransformer)->transformAccessory($accessory);
+    }
+
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function checkedout($id)
+    {
+        $this->authorize('view', Accessory::class);
+
+        $accessory = Accessory::findOrFail($id);
+        if (!Company::isCurrentUserHasAccess($accessory)) {
+            return ['total' => 0, 'rows' => []];
+        }
+        $accessory_users = $accessory->users;
+        $total = $accessory_users->count();
+
+        return (new AccessoriesTransformer)->transformCheckedoutAccessory($accessory_users, $total);
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('edit', Accessory::class);
+        $accessory = Accessory::findOrFail($id);
+        $accessory->fill($request->all());
+
+        if ($accessory->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $accessory, trans('admin/accessories/message.update.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $accessory->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', Accessory::class);
+        $accessory = Accessory::findOrFail($id);
+        $this->authorize($accessory);
+
+        if ($accessory->hasUsers() > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/accessories/message.assoc_users', array('count'=> $accessory->hasUsers()))));
+        }
+
+        $accessory->delete();
+        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/accessories/message.delete.success')));
+
+    }
+}

app/Http/Controllers/Api/AssetMaintenancesController.php

@@ -0,0 +1,247 @@
+<?php
+namespace App\Http\Controllers\Api;
+
+use App\Helpers\Helper;
+use App\Http\Controllers\Controller;
+use App\Http\Transformers\AssetMaintenancesTransformer;
+use App\Models\Asset;
+use App\Models\AssetMaintenance;
+use App\Models\Company;
+use Auth;
+use Carbon\Carbon;
+use Gate;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Input;
+
+/**
+ * This controller handles all actions related to Asset Maintenance for
+ * the Snipe-IT Asset Management application.
+ *
+ * @version    v2.0
+ */
+class AssetMaintenancesController extends Controller
+{
+
+
+    /**
+     *  Generates the JSON response for asset maintenances listing view.
+     *
+     * @see AssetMaintenancesController::getIndex() method that generates view
+     * @author  Vincent Sposato <vincent.sposato@gmail.com>
+     * @version v1.0
+     * @since [v1.8]
+     * @return String JSON
+     */
+    public function index(Request $request)
+    {
+        $maintenances = AssetMaintenance::with('asset', 'supplier', 'asset.company', 'admin');
+
+        if (Input::has('search')) {
+            $maintenances = $maintenances->TextSearch(e($request->input('search')));
+        }
+
+        if ($request->has('asset_id')) {
+            $maintenances->where('asset_id', '=', $request->input('asset_id'));
+        }
+
+        $offset = (($maintenances) && (request('offset') > $maintenances->count())) ? 0 : request('offset', 0);
+        $limit = request('limit', 50);
+
+        $allowed_columns = [
+                                'id',
+                                'title',
+                                'asset_maintenance_time',
+                                'asset_maintenance_type',
+                                'cost',
+                                'start_date',
+                                'completion_date',
+                                'notes',
+                                'asset_tag',
+                                'asset_name',
+                                'user_id'
+                            ];
+        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array(Input::get('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
+
+        switch ($sort) {
+            case 'user_id':
+                $maintenances = $maintenances->OrderAdmin($order);
+                break;
+            case 'asset_tag':
+                $maintenances = $maintenances->OrderByTag($order);
+                break;
+            case 'asset_name':
+                $maintenances = $maintenances->OrderByAssetName($order);
+                break;
+            default:
+                $maintenances = $maintenances->orderBy($sort, $order);
+                break;
+        }
+
+        $total = $maintenances->count();
+        $maintenances = $maintenances->skip($offset)->take($limit)->get();
+        return (new AssetMaintenancesTransformer())->transformAssetMaintenances($maintenances, $total);
+
+
+    }
+
+
+    /**
+     *  Validates and stores the new asset maintenance
+     *
+     * @see AssetMaintenancesController::getCreate() method for the form
+     * @author  Vincent Sposato <vincent.sposato@gmail.com>
+     * @version v1.0
+     * @since [v1.8]
+     * @return String JSON
+     */
+    public function store(Request $request)
+    {
+        // create a new model instance
+        $assetMaintenance = new AssetMaintenance();
+        $assetMaintenance->supplier_id = $request->input('supplier_id');
+        $assetMaintenance->is_warranty = $request->input('is_warranty');
+        $assetMaintenance->cost =  e($request->input('cost'));
+        $assetMaintenance->notes = e($request->input('notes'));
+        $asset = Asset::find(e($request->input('asset_id')));
+
+        if (!Company::isCurrentUserHasAccess($asset)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot add a maintenance for that asset'));
+        }
+
+        // Save the asset maintenance data
+        $assetMaintenance->asset_id               = $request->input('asset_id');
+        $assetMaintenance->asset_maintenance_type = $request->input('asset_maintenance_type');
+        $assetMaintenance->title                  = $request->input('title');
+        $assetMaintenance->start_date             = $request->input('start_date');
+        $assetMaintenance->completion_date        = $request->input('completion_date');
+        $assetMaintenance->user_id                = Auth::id();
+
+        if (( $assetMaintenance->completion_date !== null )
+            && ( $assetMaintenance->start_date !== "" )
+            && ( $assetMaintenance->start_date !== "0000-00-00" )
+        ) {
+            $startDate                                = Carbon::parse($assetMaintenance->start_date);
+            $completionDate                           = Carbon::parse($assetMaintenance->completion_date);
+            $assetMaintenance->asset_maintenance_time = $completionDate->diffInDays($startDate);
+        }
+
+        // Was the asset maintenance created?
+        if ($assetMaintenance->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $assetMaintenance, trans('admin/asset_maintenances/message.create.success')));
+
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $assetMaintenance->getErrors()));
+
+    }
+
+
+    /**
+     *  Validates and stores an update to an asset maintenance
+     *
+     * @author  A. Gianotto <snipe@snipe.net>
+     * @param int $assetMaintenanceId
+     * @param int $request
+     * @version v1.0
+     * @since [v4.0]
+     * @return String JSON
+     */
+    public function update(Request $request, $assetMaintenanceId = null)
+    {
+        // Check if the asset maintenance exists
+        $assetMaintenance = AssetMaintenance::findOrFail($assetMaintenanceId);
+
+        if (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot edit a maintenance for that asset'));
+        }
+
+        $assetMaintenance->supplier_id = e($request->input('supplier_id'));
+        $assetMaintenance->is_warranty = e($request->input('is_warranty'));
+        $assetMaintenance->cost =  Helper::ParseFloat(e($request->input('cost')));
+        $assetMaintenance->notes = e($request->input('notes'));
+
+        $asset = Asset::find(request('asset_id'));
+
+        if (!Company::isCurrentUserHasAccess($asset)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot edit a maintenance for that asset'));
+        }
+
+        // Save the asset maintenance data
+        $assetMaintenance->asset_id               = $request->input('asset_id');
+        $assetMaintenance->asset_maintenance_type = $request->input('asset_maintenance_type');
+        $assetMaintenance->title                  = $request->input('title');
+        $assetMaintenance->start_date             = $request->input('start_date');
+        $assetMaintenance->completion_date        = $request->input('completion_date');
+
+        if (( $assetMaintenance->completion_date == null )
+        ) {
+            if (( $assetMaintenance->asset_maintenance_time !== 0 )
+                || ( !is_null($assetMaintenance->asset_maintenance_time) )
+            ) {
+                $assetMaintenance->asset_maintenance_time = null;
+            }
+        }
+
+        if (( $assetMaintenance->completion_date !== null )
+            && ( $assetMaintenance->start_date !== "" )
+            && ( $assetMaintenance->start_date !== "0000-00-00" )
+        ) {
+            $startDate                                = Carbon::parse($assetMaintenance->start_date);
+            $completionDate                           = Carbon::parse($assetMaintenance->completion_date);
+            $assetMaintenance->asset_maintenance_time = $completionDate->diffInDays($startDate);
+        }
+
+        // Was the asset maintenance created?
+        if ($assetMaintenance->save()) {
+
+            return response()->json(Helper::formatStandardApiResponse('success', $assetMaintenance, trans('admin/asset_maintenances/message.edit.success')));
+
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $assetMaintenance->getErrors()));
+    }
+
+    /**
+     *  Delete an asset maintenance
+     *
+     * @author  A. Gianotto <snipe@snipe.net>
+     * @param int $assetMaintenanceId
+     * @version v1.0
+     * @since [v4.0]
+     * @return String JSON
+     */
+    public function destroy($assetMaintenanceId)
+    {
+        // Check if the asset maintenance exists
+        $assetMaintenance = AssetMaintenance::findOrFail($assetMaintenanceId);
+
+        if (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot delete a maintenance for that asset'));
+        }
+
+        $assetMaintenance->delete();
+
+        return response()->json(Helper::formatStandardApiResponse('success', $assetMaintenance, trans('admin/asset_maintenances/message.delete.success')));
+
+
+    }
+
+    /**
+     *  View an asset maintenance
+     *
+     * @author  A. Gianotto <snipe@snipe.net>
+     * @param int $assetMaintenanceId
+     * @version v1.0
+     * @since [v4.0]
+     * @return String JSON
+     */
+    public function show($assetMaintenanceId)
+    {
+        $assetMaintenance = AssetMaintenance::findOrFail($assetMaintenanceId);
+        if (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot view a maintenance for that asset'));
+        }
+        return (new AssetMaintenancesTransformer())->transformAssetMaintenance($assetMaintenance);
+
+    }
+}

app/Http/Controllers/Api/AssetModelsController.php

@@ -0,0 +1,243 @@
+<?php
+namespace App\Http\Controllers\Api;
+
+use App\Models\AssetModel;
+use App\Models\Asset;
+use App\Http\Controllers\Controller;
+use App\Helpers\Helper;
+use Illuminate\Http\Request;
+use App\Http\Transformers\AssetModelsTransformer;
+use App\Http\Transformers\AssetsTransformer;
+use App\Http\Transformers\SelectlistTransformer;
+
+
+/**
+ * This class controls all actions related to asset models for
+ * the Snipe-IT Asset Management application.
+ *
+ * @version    v4.0
+ * @author [A. Gianotto] [<snipe@snipe.net>]
+ */
+class AssetModelsController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', AssetModel::class);
+        $allowed_columns = ['id','image','name','model_number','eol','notes','created_at','manufacturer','assets_count'];
+
+        $assetmodels = AssetModel::select([
+            'models.id',
+            'models.image',
+            'models.name',
+            'model_number',
+            'eol',
+            'models.notes',
+            'models.created_at',
+            'category_id',
+            'manufacturer_id',
+            'depreciation_id',
+            'fieldset_id',
+            'models.deleted_at',
+            'models.updated_at',
+         ])
+            ->with('category','depreciation', 'manufacturer','fieldset')
+            ->withCount('assets');
+
+
+
+        if ($request->has('status')) {
+            $assetmodels->onlyTrashed();
+        }
+
+        if ($request->has('search')) {
+            $assetmodels->TextSearch($request->input('search'));
+        }
+
+        $offset = (($assetmodels) && (request('offset') > $assetmodels->count())) ? 0 : request('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'models.created_at';
+
+        switch ($sort) {
+            case 'manufacturer':
+                $assetmodels->OrderManufacturer($order);
+                break;
+            default:
+                $assetmodels->orderBy($sort, $order);
+                break;
+        }
+
+
+
+        $total = $assetmodels->count();
+        $assetmodels = $assetmodels->skip($offset)->take($limit)->get();
+        return (new AssetModelsTransformer)->transformAssetModels($assetmodels, $total);
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', AssetModel::class);
+        $assetmodel = new AssetModel;
+        $assetmodel->fill($request->all());
+
+        if ($assetmodel->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $assetmodel, trans('admin/models/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $assetmodel->getErrors()));
+
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', AssetModel::class);
+        $assetmodel = AssetModel::withCount('assets')->findOrFail($id);
+        return (new AssetModelsTransformer)->transformAssetModel($assetmodel);
+    }
+
+    /**
+     * Display the specified resource's assets
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function assets($id)
+    {
+        $this->authorize('view', AssetModel::class);
+        $assets = Asset::where('model_id','=',$id)->get();
+        return (new AssetsTransformer)->transformAssets($assets, $assets->count());
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('update', AssetModel::class);
+        $assetmodel = AssetModel::findOrFail($id);
+        $assetmodel->fill($request->all());
+        $assetmodel->fieldset_id = $request->get("custom_fieldset_id");
+
+        if ($assetmodel->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $assetmodel, trans('admin/models/message.update.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $assetmodel->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', AssetModel::class);
+        $assetmodel = AssetModel::findOrFail($id);
+        $this->authorize('delete', $assetmodel);
+
+        if ($assetmodel->assets()->count() > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/models/message.assoc_users')));
+        }
+
+        if ($assetmodel->image) {
+            try  {
+                unlink(public_path().'/uploads/models/'.$assetmodel->image);
+            } catch (\Exception $e) {
+                \Log::info($e);
+            }
+        }
+
+        $assetmodel->delete();
+        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/models/message.delete.success')));
+
+    }
+
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request)
+    {
+
+        $assetmodels = AssetModel::select([
+            'models.id',
+            'models.name',
+            'models.image',
+            'models.model_number',
+            'models.manufacturer_id',
+            'models.category_id',
+        ])->with('manufacturer','category');
+
+        $settings = \App\Models\Setting::getSettings();
+
+        if ($request->has('search')) {
+            $assetmodels = $assetmodels->SearchByManufacturerOrCat($request->input('search'));
+        }
+
+        $assetmodels = $assetmodels->OrderCategory('ASC')->OrderManufacturer('ASC')->orderby('models.name', 'asc')->orderby('models.model_number', 'asc')->paginate(50);
+
+        foreach ($assetmodels as $assetmodel) {
+
+            $assetmodel->use_text = '';
+
+            if ($settings->modellistCheckedValue('category')) {
+                $assetmodel->use_text .= (($assetmodel->category) ? e($assetmodel->category->name).' - ' : '');
+            }
+
+            if ($settings->modellistCheckedValue('manufacturer')) {
+                $assetmodel->use_text .= (($assetmodel->manufacturer) ? e($assetmodel->manufacturer->name).' ' : '');
+            }
+
+            $assetmodel->use_text .=  e($assetmodel->name);
+
+            if (($settings->modellistCheckedValue('model_number')) && ($assetmodel->model_number!='')) {
+                $assetmodel->use_text .=  ' (#'.e($assetmodel->model_number).')';
+            }
+
+            $assetmodel->use_image = ($settings->modellistCheckedValue('image') && ($assetmodel->image)) ? url('/').'/uploads/models/'.$assetmodel->image : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($assetmodels);
+    }
+
+}

app/Http/Controllers/Api/AssetsController.php

@@ -0,0 +1,765 @@
+<?php
+namespace App\Http\Controllers\Api;
+
+use App\Helpers\Helper;
+use App\Http\Controllers\Controller;
+use App\Http\Requests\AssetRequest;
+use App\Http\Requests\AssetCheckoutRequest;
+use App\Http\Transformers\AssetsTransformer;
+use App\Models\Asset;
+use App\Models\AssetModel;
+use App\Models\Company;
+use App\Models\CustomField;
+use App\Models\Location;
+use App\Models\Setting;
+use App\Models\User;
+use Artisan;
+use Auth;
+use Carbon\Carbon;
+use Config;
+use DB;
+use Gate;
+use Illuminate\Http\Request;
+use Input;
+use Lang;
+use Log;
+use Mail;
+use Paginator;
+use Response;
+use Slack;
+use Str;
+use TCPDF;
+use Validator;
+use View;
+use App\Http\Transformers\SelectlistTransformer;
+
+
+/**
+ * This class controls all actions related to assets for
+ * the Snipe-IT Asset Management application.
+ *
+ * @version    v1.0
+ * @author [A. Gianotto] [<snipe@snipe.net>]
+ */
+class AssetsController extends Controller
+{
+
+    /**
+     * Returns JSON listing of all assets
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $assetId
+     * @since [v4.0]
+     * @return JsonResponse
+     */
+    public function index(Request $request)
+    {
+
+        $this->authorize('index', Asset::class);
+        $settings = Setting::getSettings();
+
+        $allowed_columns = [
+            'id',
+            'name',
+            'asset_tag',
+            'serial',
+            'model_number',
+            'last_checkout',
+            'notes',
+            'expected_checkin',
+            'order_number',
+            'image',
+            'assigned_to',
+            'created_at',
+            'updated_at',
+            'purchase_date',
+            'purchase_cost',
+            'last_audit_date',
+            'next_audit_date',
+            'warranty_months',
+            'checkout_counter',
+            'checkin_counter',
+            'requests_counter',
+        ];
+
+        $filter = array();
+
+        if ($request->has('filter')) {
+            $filter = json_decode($request->input('filter'), true);
+        }
+
+        $all_custom_fields = CustomField::all(); //used as a 'cache' of custom fields throughout this page load
+        foreach ($all_custom_fields as $field) {
+            $allowed_columns[]=$field->db_column_name();
+        }
+
+        $assets = Company::scopeCompanyables(Asset::select('assets.*'),"company_id","assets")
+            ->with('location', 'assetstatus', 'assetlog', 'company', 'defaultLoc','assignedTo',
+                'model.category', 'model.manufacturer', 'model.fieldset','supplier');
+
+
+        // These are used by the API to query against specific ID numbers.
+        // They are also used by the individual searches on detail pages like
+        // locations, etc.
+        if ($request->has('status_id')) {
+            $assets->where('assets.status_id', '=', $request->input('status_id'));
+        }
+
+        if ($request->input('requestable')=='true') {
+            $assets->where('assets.requestable', '=', '1');
+        }
+
+        if ($request->has('model_id')) {
+            $assets->InModelList([$request->input('model_id')]);
+        }
+
+        if ($request->has('category_id')) {
+            $assets->InCategory($request->input('category_id'));
+        }
+
+        if ($request->has('location_id')) {
+            $assets->where('assets.location_id', '=', $request->input('location_id'));
+        }
+
+        if ($request->has('supplier_id')) {
+            $assets->where('assets.supplier_id', '=', $request->input('supplier_id'));
+        }
+
+        if (($request->has('assigned_to')) && ($request->has('assigned_type'))) {
+            $assets->where('assets.assigned_to', '=', $request->input('assigned_to'))
+                ->where('assets.assigned_type', '=', $request->input('assigned_type'));
+        }
+
+        if ($request->has('company_id')) {
+            $assets->where('assets.company_id', '=', $request->input('company_id'));
+        }
+
+        if ($request->has('manufacturer_id')) {
+            $assets->ByManufacturer($request->input('manufacturer_id'));
+        }
+
+        if ($request->has('depreciation_id')) {
+            $assets->ByDepreciationId($request->input('depreciation_id'));
+        }
+
+        $request->has('order_number') ? $assets = $assets->where('assets.order_number', '=', e($request->get('order_number'))) : '';
+
+        $offset = (($assets) && (request('offset') > $assets->count())) ? 0 : request('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+
+        // This is used by the sidenav, mostly
+
+        // We switched from using query scopes here because of a Laravel bug
+        // related to fulltext searches on complex queries.
+        // I am sad. :(
+        switch ($request->input('status')) {
+            case 'Deleted':
+                $assets->withTrashed()->Deleted();
+                break;
+            case 'Pending':
+                $assets->join('status_labels AS status_alias',function ($join) {
+                    $join->on('status_alias.id', "=", "assets.status_id")
+                        ->where('status_alias.deployable','=',0)
+                        ->where('status_alias.pending','=',1)
+                        ->where('status_alias.archived', '=', 0);
+                });
+                break;
+            case 'RTD':
+                $assets->whereNull('assets.assigned_to')
+                    ->join('status_labels AS status_alias',function ($join) {
+                        $join->on('status_alias.id', "=", "assets.status_id")
+                            ->where('status_alias.deployable','=',1)
+                            ->where('status_alias.pending','=',0)
+                            ->where('status_alias.archived', '=', 0);
+                    });
+                break;
+            case 'Undeployable':
+                $assets->Undeployable();
+                break;
+            case 'Archived':
+                $assets->join('status_labels AS status_alias',function ($join) {
+                    $join->on('status_alias.id', "=", "assets.status_id")
+                        ->where('status_alias.deployable','=',0)
+                        ->where('status_alias.pending','=',0)
+                        ->where('status_alias.archived', '=', 1);
+                });
+                break;
+            case 'Requestable':
+                $assets->where('assets.requestable', '=', 1)
+                    ->join('status_labels AS status_alias',function ($join) {
+                        $join->on('status_alias.id', "=", "assets.status_id")
+                            ->where('status_alias.deployable','=',1)
+                            ->where('status_alias.pending','=',0)
+                            ->where('status_alias.archived', '=', 0);
+                    });
+
+                break;
+            case 'Deployed':
+                // more sad, horrible workarounds for laravel bugs when doing full text searches
+                $assets->where('assets.assigned_to', '>', '0');
+                break;
+            default:
+
+                if ((!$request->has('status_id')) && ($settings->show_archived_in_list!='1')) {
+                    // terrible workaround for complex-query Laravel bug in fulltext
+                    $assets->join('status_labels AS status_alias',function ($join) {
+                        $join->on('status_alias.id', "=", "assets.status_id")
+                            ->where('status_alias.archived', '=', 0);
+                    });
+
+                    // If there is a status ID, don't take show_archived_in_list into consideration
+                } else {
+                    $assets->join('status_labels AS status_alias',function ($join) {
+                        $join->on('status_alias.id', "=", "assets.status_id");
+                    });
+                }
+
+        }
+
+
+        if ((!is_null($filter)) && (count($filter)) > 0) {
+            $assets->ByFilter($filter);
+        } elseif ($request->has('search')) {
+            $assets->TextSearch($request->input('search'));
+        }
+
+
+        // This is kinda gross, but we need to do this because the Bootstrap Tables
+        // API passes custom field ordering as custom_fields.fieldname, and we have to strip
+        // that out to let the default sorter below order them correctly on the assets table.
+        $sort_override = str_replace('custom_fields.','', $request->input('sort')) ;
+
+        // This handles all of the pivot sorting (versus the assets.* fields
+        // in the allowed_columns array)
+        $column_sort = in_array($sort_override, $allowed_columns) ? $sort_override : 'assets.created_at';
+
+
+        switch ($sort_override) {
+            case 'model':
+                $assets->OrderModels($order);
+                break;
+            case 'model_number':
+                $assets->OrderModelNumber($order);
+                break;
+            case 'category':
+                $assets->OrderCategory($order);
+                break;
+            case 'manufacturer':
+                $assets->OrderManufacturer($order);
+                break;
+            case 'company':
+                $assets->OrderCompany($order);
+                break;
+            case 'location':
+                $assets->OrderLocation($order);
+            case 'rtd_location':
+                $assets->OrderRtdLocation($order);
+                break;
+            case 'status_label':
+                $assets->OrderStatus($order);
+                break;
+            case 'supplier':
+                $assets->OrderSupplier($order);
+                break;
+            case 'assigned_to':
+                $assets->OrderAssigned($order);
+                break;
+            default:
+                $assets->orderBy($column_sort, $order);
+                break;
+        }
+
+
+        $total = $assets->count();
+        $assets = $assets->skip($offset)->take($limit)->get();
+        return (new AssetsTransformer)->transformAssets($assets, $total);
+    }
+
+
+    /**
+     * Returns JSON with information about an asset (by tag) for detail view.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param string $tag
+     * @since [v4.2.1]
+     * @return JsonResponse
+     */
+    public function showByTag($tag)
+    {
+        if ($asset = Asset::with('assetstatus')->with('assignedTo')->withTrashed()->where('asset_tag',$tag)->first()) {
+            $this->authorize('view', $asset);
+            return (new AssetsTransformer)->transformAsset($asset);
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 200);
+
+    }
+
+    /**
+     * Returns JSON with information about an asset (by serial) for detail view.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param string $serial
+     * @since [v4.2.1]
+     * @return JsonResponse
+     */
+    public function showBySerial($serial)
+    {
+        $this->authorize('index', Asset::class);
+        if ($assets = Asset::with('assetstatus')->with('assignedTo')
+            ->withTrashed()->where('serial',$serial)->get()) {
+
+            return (new AssetsTransformer)->transformAssets($assets, $assets->count());
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 200);
+
+    }
+
+
+    /**
+     * Returns JSON with information about an asset for detail view.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $assetId
+     * @since [v4.0]
+     * @return JsonResponse
+     */
+    public function show($id)
+    {
+        if ($asset = Asset::with('assetstatus')->with('assignedTo')->withTrashed()->withCount('checkins', 'checkouts', 'userRequests')->findOrFail($id)) {
+            $this->authorize('view', $asset);
+            return (new AssetsTransformer)->transformAsset($asset);
+        }
+
+
+    }
+
+
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request)
+    {
+
+        $assets = Company::scopeCompanyables(Asset::select([
+            'assets.id',
+            'assets.name',
+            'assets.asset_tag',
+            'assets.model_id',
+            'assets.assigned_to',
+            'assets.assigned_type',
+            'assets.status_id'
+        ])->with('model', 'assetstatus', 'assignedTo')->NotArchived(),'company_id', 'assets');
+
+        if ($request->has('assetStatusType') && $request->input('assetStatusType') === 'RTD') {
+            $assets = $assets->RTD();
+        }
+
+        if ($request->has('search')) {
+            $assets = $assets->AssignedSearch($request->input('search'));
+        }
+
+
+        $assets = $assets->paginate(50);
+
+        // Loop through and set some custom properties for the transformer to use.
+        // This lets us have more flexibility in special cases like assets, where
+        // they may not have a ->name value but we want to display something anyway
+        foreach ($assets as $asset) {
+
+
+            $asset->use_text = $asset->present()->fullName;
+
+            if (($asset->checkedOutToUser()) && ($asset->assigned)) {
+                $asset->use_text .= ' → '.$asset->assigned->getFullNameAttribute();
+            }
+
+
+            if ($asset->assetstatus->getStatuslabelType()=='pending') {
+                $asset->use_text .=  '('.$asset->assetstatus->getStatuslabelType().')';
+            }
+
+            $asset->use_image = ($asset->getImageUrl()) ? $asset->getImageUrl() : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($assets);
+
+    }
+
+
+    /**
+     * Accepts a POST request to create a new asset
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param Request $request
+     * @since [v4.0]
+     * @return JsonResponse
+     */
+    public function store(AssetRequest $request)
+    {
+
+        $this->authorize('create', Asset::class);
+
+        $asset = new Asset();
+        $asset->model()->associate(AssetModel::find((int) $request->get('model_id')));
+
+        $asset->name                    = $request->get('name');
+        $asset->serial                  = $request->get('serial');
+        $asset->company_id              = Company::getIdForCurrentUser($request->get('company_id'));
+        $asset->model_id                = $request->get('model_id');
+        $asset->order_number            = $request->get('order_number');
+        $asset->notes                   = $request->get('notes');
+        $asset->asset_tag               = $request->get('asset_tag', Asset::autoincrement_asset());
+        $asset->user_id                 = Auth::id();
+        $asset->archived                = '0';
+        $asset->physical                = '1';
+        $asset->depreciate              = '0';
+        $asset->status_id               = $request->get('status_id', 0);
+        $asset->warranty_months         = $request->get('warranty_months', null);
+        $asset->purchase_cost           = Helper::ParseFloat($request->get('purchase_cost'));
+        $asset->purchase_date           = $request->get('purchase_date', null);
+        $asset->assigned_to             = $request->get('assigned_to', null);
+        $asset->supplier_id             = $request->get('supplier_id', 0);
+        $asset->requestable             = $request->get('requestable', 0);
+        $asset->rtd_location_id         = $request->get('rtd_location_id', null);
+
+        // Update custom fields in the database.
+        // Validation for these fields is handled through the AssetRequest form request
+        $model = AssetModel::find($request->get('model_id'));
+        if ($model->fieldset) {
+            foreach ($model->fieldset->fields as $field) {
+                $asset->{$field->convertUnicodeDbSlug()} = e($request->input($field->convertUnicodeDbSlug(), null));
+            }
+        }
+
+        if ($asset->save()) {
+
+            if ($request->get('assigned_user')) {
+                $target = User::find(request('assigned_user'));
+            } elseif ($request->get('assigned_asset')) {
+                $target = Asset::find(request('assigned_asset'));
+            } elseif ($request->get('assigned_location')) {
+                $target = Location::find(request('assigned_location'));
+            }
+            if (isset($target)) {
+                $asset->checkOut($target, Auth::user(), date('Y-m-d H:i:s'), '', 'Checked out on asset creation', e($request->get('name')));
+            }
+            return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.create.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $asset->getErrors()), 200);
+    }
+
+
+    /**
+     * Accepts a POST request to update an asset
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param Request $request
+     * @since [v4.0]
+     * @return JsonResponse
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('update', Asset::class);
+
+        if ($asset = Asset::find($id)) {
+
+            $asset->fill($request->all());
+
+            ($request->has('model_id')) ?
+                $asset->model()->associate(AssetModel::find($request->get('model_id'))) : null;
+            ($request->has('company_id')) ?
+                $asset->company_id = Company::getIdForCurrentUser($request->get('company_id')) : null;
+            ($request->has('rtd_location_id')) ?
+                $asset->location_id = $request->get('rtd_location_id') : null;
+
+            // Update custom fields
+            if (($model = AssetModel::find($asset->model_id)) && (isset($model->fieldset))) {
+                foreach ($model->fieldset->fields as $field) {
+                    if ($request->has($field->convertUnicodeDbSlug())) {
+                        $asset->{$field->convertUnicodeDbSlug()} = e($request->input($field->convertUnicodeDbSlug()));
+                    }
+                }
+            }
+
+
+            if ($asset->save()) {
+
+                if (($request->has('assigned_user')) && ($target = User::find($request->get('assigned_user')))) {
+                    $location = $target->location_id;
+                } elseif (($request->has('assigned_asset')) && ($target = Asset::find($request->get('assigned_asset')))) {
+                    $location = $target->location_id;
+                } elseif (($request->has('assigned_location')) && ($target = Location::find($request->get('assigned_location')))) {
+                    $location = $target->id;
+                }
+
+                if (isset($target)) {
+                    $asset->checkOut($target, Auth::user(), date('Y-m-d H:i:s'), '', 'Checked out on asset update', e($request->get('name')), $location);
+                }
+
+                return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.update.success')));
+            }
+            return response()->json(Helper::formatStandardApiResponse('error', null, $asset->getErrors()), 200);
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 200);
+    }
+
+
+    /**
+     * Delete a given asset (mark as deleted).
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $assetId
+     * @since [v4.0]
+     * @return JsonResponse
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', Asset::class);
+
+        if ($asset = Asset::find($id)) {
+
+            $this->authorize('delete', $asset);
+
+            DB::table('assets')
+                ->where('id', $asset->id)
+                ->update(array('assigned_to' => null));
+
+            $asset->delete();
+
+            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/hardware/message.delete.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 200);
+    }
+
+
+
+    /**
+     * Checkout an asset
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $assetId
+     * @since [v4.0]
+     * @return JsonResponse
+     */
+    public function checkout(AssetCheckoutRequest $request, $asset_id)
+    {
+        $this->authorize('checkout', Asset::class);
+        $asset = Asset::findOrFail($asset_id);
+
+        if (!$asset->availableForCheckout()) {
+            return response()->json(Helper::formatStandardApiResponse('error', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkout.not_available')));
+        }
+
+        $this->authorize('checkout', $asset);
+
+        $error_payload = [];
+        $error_payload['asset'] = [
+            'id' => $asset->id,
+            'asset_tag' => $asset->asset_tag,
+        ];
+
+
+        // This item is checked out to a location
+        if (request('checkout_to_type')=='location') {
+            $target = Location::find(request('assigned_location'));
+            $asset->location_id = ($target) ? $target->id : '';
+            $error_payload['target_id'] = $request->input('assigned_location');
+            $error_payload['target_type'] = 'location';
+
+        } elseif (request('checkout_to_type')=='asset') {
+            $target = Asset::where('id','!=',$asset_id)->find(request('assigned_asset'));
+            $asset->location_id = $target->rtd_location_id;
+            // Override with the asset's location_id if it has one
+            if ($target->location_id!='') {
+                $asset->location_id = ($target) ? $target->location_id : '';
+            }
+            $error_payload['target_id'] = $request->input('assigned_asset');
+            $error_payload['target_type'] = 'asset';
+
+        } elseif (request('checkout_to_type')=='user') {
+            // Fetch the target and set the asset's new location_id
+            $target = User::find(request('assigned_user'));
+            $asset->location_id = ($target) ? $target->location_id : '';
+            $error_payload['target_id'] = $request->input('assigned_user');
+            $error_payload['target_type'] = 'user';
+        }
+
+
+
+        if (!isset($target)) {
+            return response()->json(Helper::formatStandardApiResponse('error', $error_payload, 'Checkout target for asset '.e($asset->asset_tag).' is invalid - '.$error_payload['target_type'].' does not exist.'));
+        }
+
+
+
+        $checkout_at = request('checkout_at', date("Y-m-d H:i:s"));
+        $expected_checkin = request('expected_checkin', null);
+        $note = request('note', null);
+        $asset_name = request('name', null);
+
+        // Set the location ID to the RTD location id if there is one
+        if ($asset->rtd_location_id!='') {
+            $asset->location_id = $target->rtd_location_id;
+        }
+
+
+
+
+
+        if ($asset->checkOut($target, Auth::user(), $checkout_at, $expected_checkin, $note, $asset_name, $asset->location_id)) {
+            return response()->json(Helper::formatStandardApiResponse('success', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkout.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkout.error')))->withErrors($asset->getErrors());
+    }
+
+
+    /**
+     * Checkin an asset
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $assetId
+     * @since [v4.0]
+     * @return JsonResponse
+     */
+    public function checkin(Request $request, $asset_id)
+    {
+        $this->authorize('checkin', Asset::class);
+        $asset = Asset::findOrFail($asset_id);
+        $this->authorize('checkin', $asset);
+
+
+        $user = $asset->assignedUser;
+        if (is_null($target = $asset->assignedTo)) {
+            return response()->json(Helper::formatStandardApiResponse('error', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkin.already_checked_in')));
+        }
+
+        $asset->expected_checkin = null;
+        $asset->last_checkout = null;
+        $asset->assigned_to = null;
+        $asset->assignedTo()->disassociate($asset);
+        $asset->accepted = null;
+        $asset->name = Input::get('name');
+        $asset->location_id =  $asset->rtd_location_id;
+
+        if ($request->has('location_id')) {
+            $asset->location_id =  $request->input('location_id');
+        }
+
+        if (Input::has('status_id')) {
+            $asset->status_id =  Input::get('status_id');
+        }
+
+        if ($asset->save()) {
+            $asset->logCheckin($target, e(request('note')));
+            return response()->json(Helper::formatStandardApiResponse('success', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkin.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('success', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkin.error')));
+    }
+
+
+    /**
+     * Mark an asset as audited
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $id
+     * @since [v4.0]
+     * @return JsonResponse
+     */
+    public function audit(Request $request) {
+
+
+        $this->authorize('audit', Asset::class);
+        $rules = array(
+            'asset_tag' => 'required',
+            'location_id' => 'exists:locations,id|nullable|numeric',
+            'next_audit_date' => 'date|nullable'
+        );
+
+        $validator = Validator::make($request->all(), $rules);
+        if ($validator->fails()) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, $validator->errors()->all()));
+        }
+
+        $asset = Asset::where('asset_tag','=', $request->input('asset_tag'))->first();
+
+
+        if ($asset) {
+            // We don't want to log this as a normal update, so let's bypass that
+            $asset->unsetEventDispatcher();
+            $asset->next_audit_date = $request->input('next_audit_date');
+            $asset->last_audit_date = date('Y-m-d h:i:s');
+
+            if ($asset->save()) {
+                $log = $asset->logAudit(request('note'),request('location_id'));
+                return response()->json(Helper::formatStandardApiResponse('success', [
+                    'asset_tag'=> e($asset->asset_tag),
+                    'note'=> e($request->input('note')),
+                    'next_audit_date' => Helper::getFormattedDateObject($log->calcNextAuditDate())
+                ], trans('admin/hardware/message.audit.success')));
+            }
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', ['asset_tag'=> e($request->input('asset_tag'))], 'Asset with tag '.$request->input('asset_tag').' not found'));
+
+
+
+
+
+    }
+
+
+
+    /**
+     * Returns JSON listing of all requestable assets
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return JsonResponse
+     */
+    public function requestable(Request $request)
+    {
+        $this->authorize('viewRequestable', Asset::class);
+
+        $assets = Company::scopeCompanyables(Asset::select('assets.*'),"company_id","assets")
+            ->with('location', 'assetstatus', 'assetlog', 'company', 'defaultLoc','assignedTo',
+                'model.category', 'model.manufacturer', 'model.fieldset','supplier')->where('assets.requestable', '=', '1');
+
+        $offset = request('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $assets->TextSearch($request->input('search'));
+
+        switch ($request->input('sort')) {
+            case 'model':
+                $assets->OrderModels($order);
+                break;
+            case 'model_number':
+                $assets->OrderModelNumber($order);
+                break;
+            case 'category':
+                $assets->OrderCategory($order);
+                break;
+            case 'manufacturer':
+                $assets->OrderManufacturer($order);
+                break;
+            default:
+                $assets->orderBy('assets.created_at', $order);
+                break;
+        }
+
+
+        $total = $assets->count();
+        $assets = $assets->skip($offset)->take($limit)->get();
+        return (new AssetsTransformer)->transformRequestedAssets($assets, $total);
+    }
+}

app/Http/Controllers/Api/CategoriesController.php

@@ -0,0 +1,168 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Helpers\Helper;
+use App\Models\Category;
+use App\Http\Transformers\CategoriesTransformer;
+use App\Http\Transformers\SelectlistTransformer;
+
+class CategoriesController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', Category::class);
+        $allowed_columns = ['id', 'name','category_type', 'category_type','use_default_eula','eula_text', 'require_acceptance','checkin_email', 'assets_count', 'accessories_count', 'consumables_count', 'components_count','licenses_count', 'image'];
+
+        $categories = Category::select(['id', 'created_at', 'updated_at', 'name','category_type','use_default_eula','eula_text', 'require_acceptance','checkin_email','image'])
+            ->withCount('assets', 'accessories', 'consumables', 'components','licenses');
+
+        if ($request->has('search')) {
+            $categories = $categories->TextSearch($request->input('search'));
+        }
+
+        $offset = (($categories) && (request('offset') > $categories->count())) ? 0 : request('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'assets_count';
+        $categories->orderBy($sort, $order);
+
+        $total = $categories->count();
+        $categories = $categories->skip($offset)->take($limit)->get();
+        return (new CategoriesTransformer)->transformCategories($categories, $total);
+
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', Category::class);
+        $category = new Category;
+        $category->fill($request->all());
+
+        if ($category->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $category, trans('admin/categories/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $category->getErrors()));
+
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', Category::class);
+        $category = Category::findOrFail($id);
+        return (new CategoriesTransformer)->transformCategory($category);
+
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('update', Category::class);
+        $category = Category::findOrFail($id);
+        $category->fill($request->all());
+
+        if ($category->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $category, trans('admin/categories/message.update.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $category->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', Category::class);
+        $category = Category::findOrFail($id);
+
+        if ($category->has_models() > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/categories/message.assoc_items', ['asset_type'=>'model'])));
+        } elseif ($category->accessories()->count() > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/categories/message.assoc_items', ['asset_type'=>'accessory'])));
+        } elseif ($category->consumables()->count() > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/categories/message.assoc_items', ['asset_type'=>'consumable'])));
+        } elseif ($category->components()->count() > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/categories/message.assoc_items', ['asset_type'=>'component'])));
+        }
+        $category->delete();
+        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/categories/message.delete.success')));
+
+    }
+
+
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request, $category_type = 'asset')
+    {
+
+        $categories = Category::select([
+            'id',
+            'name',
+            'image',
+        ]);
+
+        if ($request->has('search')) {
+            $categories = $categories->where('name', 'LIKE', '%'.$request->get('search').'%');
+        }
+
+        $categories = $categories->where('category_type', $category_type)->orderBy('name', 'ASC')->paginate(50);
+
+        // Loop through and set some custom properties for the transformer to use.
+        // This lets us have more flexibility in special cases like assets, where
+        // they may not have a ->name value but we want to display something anyway
+        foreach ($categories as $category) {
+            $category->use_image = ($category->image) ? url('/').'/uploads/categories/'.$category->image : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($categories);
+
+    }
+
+}

app/Http/Controllers/Api/CompaniesController.php

@@ -0,0 +1,186 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use App\Http\Transformers\CompaniesTransformer;
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Helpers\Helper;
+use App\Models\Company;
+use App\Http\Transformers\SelectlistTransformer;
+
+class CompaniesController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', Company::class);
+
+        $allowed_columns = [
+            'id',
+            'name',
+            'created_at',
+            'updated_at',
+            'users_count',
+            'assets_count',
+            'licenses_count',
+            'accessories_count',
+            'consumables_count',
+            'components_count',
+        ];
+
+        $companies = Company::withCount('assets','licenses','accessories','consumables','components','users');
+
+        if ($request->has('search')) {
+            $companies->TextSearch($request->input('search'));
+        }
+
+        $offset = (($companies) && (request('offset') > $companies->count())) ? 0 : request('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+        $companies->orderBy($sort, $order);
+
+        $total = $companies->count();
+        $companies = $companies->skip($offset)->take($limit)->get();
+        return (new CompaniesTransformer)->transformCompanies($companies, $total);
+
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', Company::class);
+        $company = new Company;
+        $company->fill($request->all());
+
+        if ($company->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', (new CompaniesTransformer)->transformCompany($company), trans('admin/companies/message.create.success')));
+        }
+        return response()
+            ->json(Helper::formatStandardApiResponse('error', null, $company->getErrors()));
+
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', Company::class);
+        $company = Company::findOrFail($id);
+        return (new CompaniesTransformer)->transformCompany($company);
+
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('update', Company::class);
+        $company = Company::findOrFail($id);
+        $company->fill($request->all());
+
+        if ($company->save()) {
+            return response()
+                ->json(Helper::formatStandardApiResponse('success', (new CompaniesTransformer)->transformCompany($company), trans('admin/companies/message.update.success')));
+        }
+
+        return response()
+            ->json(Helper::formatStandardApiResponse('error', null, $company->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+       $this->authorize('delete', Company::class);
+       $company = Company::findOrFail($id);
+            $this->authorize('delete', $company);
+
+        try {
+            $company->delete();
+            return response()
+                ->json(Helper::formatStandardApiResponse('success', null,  trans('admin/companies/message.delete.success')));
+        } catch (\Illuminate\Database\QueryException $exception) {
+            /*
+                 * NOTE: This happens when there's a foreign key constraint violation
+                 * For example when rows in other tables are referencing this company
+                 */
+            if ($exception->getCode() == 23000) {
+                return response()
+                    ->json(Helper::formatStandardApiResponse('error', null,  trans('admin/companies/message.assoc_users')));
+
+            } else {
+                throw $exception;
+            }
+        }
+
+    }
+
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request)
+    {
+
+        $companies = Company::select([
+            'companies.id',
+            'companies.name',
+            'companies.image',
+        ]);
+
+        if ($request->has('search')) {
+            $companies = $companies->where('companies.name', 'LIKE', '%'.$request->get('search').'%');
+        }
+
+        $companies = $companies->orderBy('name', 'ASC')->paginate(50);
+
+        // Loop through and set some custom properties for the transformer to use.
+        // This lets us have more flexibility in special cases like assets, where
+        // they may not have a ->name value but we want to display something anyway
+        foreach ($companies as $company) {
+            $company->use_image = ($company->image) ? url('/').'/uploads/companies/'.$company->image : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($companies);
+    }
+}

app/Http/Controllers/Api/ComponentsController.php

@@ -0,0 +1,173 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Http\Transformers\AssetsTransformer;
+use App\Http\Transformers\ComponentsTransformer;
+use App\Http\Transformers\ComponentsAssetsTransformer;
+use App\Models\Component;
+use App\Models\Company;
+use App\Helpers\Helper;
+
+class ComponentsController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', Component::class);
+        $components = Company::scopeCompanyables(Component::select('components.*')
+            ->with('company', 'location', 'category'));
+
+        if ($request->has('search')) {
+            $components = $components->TextSearch($request->input('search'));
+        }
+
+        if ($request->has('company_id')) {
+            $components->where('company_id','=',$request->input('company_id'));
+        }
+
+        if ($request->has('category_id')) {
+            $components->where('category_id','=',$request->input('category_id'));
+        }
+
+        if ($request->has('location_id')) {
+            $components->where('location_id','=',$request->input('location_id'));
+        }
+
+        $offset = (($components) && (request('offset') > $components->count())) ? 0 : request('offset', 0);
+        $limit = request('limit', 50);
+
+        $allowed_columns = ['id','name','min_amt','order_number','serial','purchase_date','purchase_cost','company','category','qty','location','image'];
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+
+        switch ($sort) {
+            case 'category':
+                $components = $components->OrderCategory($order);
+                break;
+            case 'location':
+                $components = $components->OrderLocation($order);
+                break;
+            case 'company':
+                $components = $components->OrderCompany($order);
+                break;
+            default:
+                $components = $components->orderBy($sort, $order);
+                break;
+        }
+
+        $total = $components->count();
+        $components = $components->skip($offset)->take($limit)->get();
+        return (new ComponentsTransformer)->transformComponents($components, $total);
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', Component::class);
+        $component = new Component;
+        $component->fill($request->all());
+
+        if ($component->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $component, trans('admin/components/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $component->getErrors()));
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', Component::class);
+        $component = Component::findOrFail($id);
+
+        if ($component) {
+            return (new ComponentsTransformer)->transformComponent($component);
+        }
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('update', Component::class);
+        $component = Component::findOrFail($id);
+        $component->fill($request->all());
+
+        if ($component->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $component, trans('admin/components/message.update.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $component->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', Component::class);
+        $component = Component::findOrFail($id);
+        $this->authorize('delete', $component);
+        $component->delete();
+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/components/message.delete.success')));
+    }
+
+    /**
+     * Display all assets attached to a component
+     *
+     * @author [A. Bergamasco] [@vjandrea]
+     * @since [v4.0]
+     * @param Request $request
+     * @param int $id
+     * @return \Illuminate\Http\Response
+    */
+    public function getAssets(Request $request, $id)
+    {
+        $this->authorize('view', \App\Models\Asset::class);
+        
+        $component = Component::findOrFail($id);
+        $assets = $component->assets();
+
+        $offset = request('offset', 0);
+        $limit = $request->input('limit', 50);
+        $total = $assets->count();
+        $assets = $assets->skip($offset)->take($limit)->get();
+        return (new ComponentsTransformer)->transformCheckedoutComponents($assets, $total);
+    }
+}

app/Http/Controllers/Api/ConsumablesController.php

@@ -0,0 +1,194 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Models\Company;
+use App\Models\Consumable;
+use App\Http\Transformers\ConsumablesTransformer;
+use App\Helpers\Helper;
+
+class ConsumablesController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('index', Consumable::class);
+        $consumables = Company::scopeCompanyables(
+            Consumable::select('consumables.*')
+                ->with('company', 'location', 'category', 'users', 'manufacturer')
+        );
+
+        if ($request->has('search')) {
+            $consumables = $consumables->TextSearch(e($request->input('search')));
+        }
+
+        if ($request->has('company_id')) {
+            $consumables->where('company_id','=',$request->input('company_id'));
+        }
+
+        if ($request->has('category_id')) {
+            $consumables->where('category_id','=',$request->input('category_id'));
+        }
+
+        if ($request->has('manufacturer_id')) {
+            $consumables->where('manufacturer_id','=',$request->input('manufacturer_id'));
+        }
+
+
+        $offset = (($consumables) && (request('offset') > $consumables->count())) ? 0 : request('offset', 0);
+        $limit = request('limit', 50);
+        $allowed_columns = ['id','name','order_number','min_amt','purchase_date','purchase_cost','company','category','model_number', 'item_no', 'manufacturer','location','qty','image'];
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+
+
+        switch ($sort) {
+            case 'category':
+                $consumables = $consumables->OrderCategory($order);
+                break;
+            case 'location':
+                $consumables = $consumables->OrderLocation($order);
+                break;
+            case 'manufacturer':
+                $consumables = $consumables->OrderManufacturer($order);
+                break;
+            case 'company':
+                $consumables = $consumables->OrderCompany($order);
+                break;
+            default:
+                $consumables = $consumables->orderBy($sort, $order);
+                break;
+        }
+
+
+
+        $total = $consumables->count();
+        $consumables = $consumables->skip($offset)->take($limit)->get();
+        return (new ConsumablesTransformer)->transformConsumables($consumables, $total);
+
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', Consumable::class);
+        $consumable = new Consumable;
+        $consumable->fill($request->all());
+
+        if ($consumable->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $consumable, trans('admin/consumables/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $consumable->getErrors()));
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param  int $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', Consumable::class);
+        $consumable = Consumable::findOrFail($id);
+        return (new ConsumablesTransformer)->transformConsumable($consumable);
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request $request
+     * @param  int $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('update', Consumable::class);
+        $consumable = Consumable::findOrFail($id);
+        $consumable->fill($request->all());
+
+        if ($consumable->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $consumable, trans('admin/consumables/message.update.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $consumable->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', Consumable::class);
+        $consumable = Consumable::findOrFail($id);
+        $this->authorize('delete', $consumable);
+        $consumable->delete();
+        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/consumables/message.delete.success')));
+    }
+
+        /**
+    * Returns a JSON response containing details on the users associated with this consumable.
+    *
+    * @author [A. Gianotto] [<snipe@snipe.net>]
+    * @see ConsumablesController::getView() method that returns the form.
+    * @since [v1.0]
+    * @param int $consumableId
+    * @return array
+     */
+    public function getDataView($consumableId)
+    {
+        $consumable = Consumable::with(array('consumableAssignments'=>
+        function ($query) {
+            $query->orderBy('created_at', 'DESC');
+        },
+        'consumableAssignments.admin'=> function ($query) {
+        },
+        'consumableAssignments.user'=> function ($query) {
+        },
+        ))->find($consumableId);
+
+        if (!Company::isCurrentUserHasAccess($consumable)) {
+            return ['total' => 0, 'rows' => []];
+        }
+        $this->authorize('view', Consumable::class);
+        $rows = array();
+
+        foreach ($consumable->consumableAssignments as $consumable_assignment) {
+            $rows[] = [
+                'name' => ($consumable_assignment->user) ? $consumable_assignment->user->present()->nameUrl() : 'Deleted User',
+                'created_at' => Helper::getFormattedDateObject($consumable_assignment->created_at, 'datetime'),
+                'admin' => ($consumable_assignment->admin) ? $consumable_assignment->admin->present()->nameUrl() : '',
+            ];
+        }
+
+        $consumableCount = $consumable->users->count();
+        $data = array('total' => $consumableCount, 'rows' => $rows);
+        return $data;
+    }
+}

app/Http/Controllers/Api/CustomFieldsController.php

@@ -0,0 +1,192 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use App\Helpers\Helper;
+use App\Http\Controllers\Controller;
+use App\Http\Transformers\CustomFieldsTransformer;
+use App\Models\CustomField;
+use App\Models\CustomFieldset;
+use Illuminate\Http\Request;
+use Validator;
+use Illuminate\Validation\Rule;
+
+class CustomFieldsController extends Controller
+{
+    /**
+     * Reorder the custom fields within a fieldset
+     *
+     * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+     * @param  int  $id
+     * @since [v3.0]
+     * @return Array
+     */
+
+    public function index()
+    {
+        $this->authorize('index', CustomFields::class);
+        $fields = CustomField::get();
+        return (new CustomFieldsTransformer)->transformCustomFields($fields, $fields->count());
+    }
+
+    /**
+    * Shows the given field
+    * @author [V. Cordes] [<volker@fdatek.de>]
+    * @param int $id
+    * @since [v4.1.10]
+    * @return View
+    */
+    public function show($id)
+    {
+      $this->authorize('show', CustomField::class);
+        if ($field = CustomField::find($id)) {
+            return (new CustomFieldsTransformer)->transformCustomField($field);
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/custom_fields/message.field.invalid')), 200);
+    }
+
+     /**
+     * Update the specified field
+     *
+     * @author [V. Cordes] [<volker@fdatek.de>]
+     * @since [v4.1.10]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('update', CustomField::class);
+        $field = CustomField::findOrFail($id);
+        
+        /**
+         * Updated values for the field, 
+         * without the "field_encrypted" flag, preventing the change of encryption status
+         * @var array
+         */
+        $data = $request->except(['field_encrypted']);
+
+        $validator = Validator::make($data, $field->validationRules());
+        if ($validator->fails()) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, $validator->errors()));
+        }
+
+        $field->fill($data);
+
+        if ($field->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $field, trans('admin/custom_fields/message.field.update.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $field->getErrors()));
+    }
+
+
+    /**
+     * Store a newly created field.
+     *
+     * @author [V. Cordes] [<volker@fdatek.de>]
+     * @since [v4.1.10]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', CustomField::class);
+        $field = new CustomField;
+
+        $data = $request->all();
+        $validator = Validator::make($data, $field->validationRules());
+        if ($validator->fails()) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, $validator->errors()));
+        }
+        $field->fill($data);
+
+        if ($field->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $field, trans('admin/custom_fields/message.field.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $field->getErrors()));
+
+    }
+
+    public function postReorder(Request $request, $id)
+    {
+        $fieldset = CustomFieldset::find($id);
+
+        $this->authorize('update', $fieldset);
+
+        $fields = array();
+        $order_array = array();
+
+        $items = $request->input('item');
+
+        foreach ($items as $order => $field_id) {
+            $order_array[$field_id] = $order;
+        }
+
+        foreach ($fieldset->fields as $field) {
+            $fields[$field->id] = ['required' => $field->pivot->required, 'order' => $order_array[$field->id]];
+        }
+
+        return $fieldset->fields()->sync($fields);
+
+    }
+
+    public function associate(Request $request, $field_id)
+    {
+        $this->authorize('update', CustomFieldset::class);
+
+        $field = CustomField::findOrFail($field_id);
+
+        $fieldset_id = $request->input('fieldset_id');
+        foreach ($field->fieldset as $fieldset) {
+            if ($fieldset->id == $fieldset_id) {
+                return response()->json(Helper::formatStandardApiResponse('success', $fieldset, trans('admin/custom_fields/message.fieldset.update.success')));
+            }
+        }
+
+        $fieldset = CustomFieldset::findOrFail($fieldset_id);
+        $fieldset->fields()->attach($field->id, ["required" => ($request->input('required') == "on"), "order" => $request->input('order', $fieldset->fields->count())]);
+        return response()->json(Helper::formatStandardApiResponse('success', $fieldset, trans('admin/custom_fields/message.fieldset.update.success')));
+    }
+
+    public function disassociate(Request $request, $field_id)
+    {
+        $this->authorize('update', CustomFieldset::class);
+
+        $field = CustomField::findOrFail($field_id);
+
+        $fieldset_id = $request->input('fieldset_id');
+        foreach ($field->fieldset as $fieldset) {
+            if ($fieldset->id == $fieldset_id) {
+                $fieldset->fields()->detach($field->id);
+                return response()->json(Helper::formatStandardApiResponse('success', $fieldset, trans('admin/custom_fields/message.fieldset.update.success')));
+            }
+        }
+        $fieldset = CustomFieldset::findOrFail($fieldset_id);
+        return response()->json(Helper::formatStandardApiResponse('success', $fieldset, trans('admin/custom_fields/message.fieldset.update.success')));
+    }
+
+    /**
+     * Delete a custom field.
+     *
+     * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+     * @since [v1.8]
+     * @return Redirect
+     */
+    public function destroy($field_id)
+    {
+        $field = CustomField::findOrFail($field_id);
+
+        $this->authorize('delete', $field);
+
+        if ($field->fieldset->count() >0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'Field is in use.'));
+        }
+
+        $field->delete();
+        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/custom_fields/message.field.delete.success')));
+
+    }
+
+}

app/Http/Controllers/Api/CustomFieldsetsController.php

@@ -0,0 +1,179 @@
+<?php
+namespace App\Http\Controllers\Api;
+
+use View;
+use App\Models\CustomFieldset;
+use App\Models\CustomField;
+use Input;
+use Validator;
+use Redirect;
+use App\Models\AssetModel;
+use Lang;
+use Auth;
+use Illuminate\Http\Request;
+use Log;
+use App\Http\Controllers\Controller;
+use App\Helpers\Helper;
+use App\Http\Transformers\CustomFieldsTransformer;
+use App\Http\Transformers\CustomFieldsetsTransformer;
+use App\Http\Requests\AssetRequest;
+
+/**
+ * This controller handles all actions related to Custom Asset Fieldsets for
+ * the Snipe-IT Asset Management application.
+ *
+ * @todo Improve documentation here.
+ * @todo Check for raw DB queries and try to convert them to query builder statements
+ * @version    v2.0
+ * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+ * @author [Josh Gibson]
+ */
+
+class CustomFieldsetsController extends Controller
+{
+
+    /**
+    * Shows the given fieldset and its fields
+    * @author [A. Gianotto] [<snipe@snipe.net>]
+    * @author [Josh Gibson]
+    * @param int $id
+    * @since [v1.8]
+    * @return View
+    */
+    public function index()
+    {
+        $this->authorize('index', CustomFieldset::class);
+        $fieldsets = CustomFieldset::withCount(['fields', 'models'])->get();
+        return (new CustomFieldsetsTransformer)->transformCustomFieldsets($fieldsets, $fieldsets->count());
+
+    }
+
+    /**
+    * Shows the given fieldset and its fields
+    * @author [A. Gianotto] [<snipe@snipe.net>]
+    * @author [Josh Gibson]
+    * @param int $id
+    * @since [v1.8]
+    * @return View
+    */
+    public function show($id)
+    {
+      $this->authorize('show', CustomFieldset::class);
+        if ($fieldset = CustomFieldset::find($id)) {
+            return (new CustomFieldsetsTransformer)->transformCustomFieldset($fieldset);
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/custom_fields/message.fieldset.does_not_exist')), 200);
+
+    }
+
+
+     /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('update', CustomFieldset::class);
+        $fieldset = CustomFieldset::findOrFail($id);
+        $fieldset->fill($request->all());
+
+        if ($fieldset->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $fieldset, trans('admin/custom_fields/message.fieldset.update.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $fieldset->getErrors()));
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', CustomFieldset::class);
+        $fieldset = new CustomFieldset;
+        $fieldset->fill($request->all());
+
+        if ($fieldset->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $fieldset, trans('admin/custom_fields/message.fieldset.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $fieldset->getErrors()));
+
+    }
+
+
+    /**
+     * Delete a custom fieldset.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return Redirect
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', CustomFieldset::class);
+        $fieldset = CustomFieldset::findOrFail($id);
+
+        $modelsCount = $fieldset->models->count();
+        $fieldsCount = $fieldset->fields->count();
+
+        if (($modelsCount > 0) || ($fieldsCount > 0) ){
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'Fieldset is in use.'));
+        }
+
+         if ($fieldset->delete()) {
+             return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/custom_fields/message.fieldset.delete.success')));
+         }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, 'Unspecified error'));
+
+
+
+    }
+
+    /**
+     * Return JSON containing a list of fields belonging to a fieldset.
+     *
+     * @author [V. Cordes] [<volker@fdatek.de>]
+     * @since [v4.1.10]
+     * @param $fieldsetId
+     * @return string JSON
+     */
+    public function fields($id)
+    {
+        $this->authorize('view', CustomFieldset::class);
+        $set = CustomFieldset::findOrFail($id);
+        $fields = $set->fields;
+        return (new CustomFieldsTransformer)->transformCustomFields($fields, $fields->count());
+    }
+
+    /**
+     * Return JSON containing a list of fields belonging to a fieldset with the
+     * default values for a given model
+     *
+     * @param $modelId
+     * @param $fieldsetId
+     * @return string JSON
+     */
+    public function fieldsWithDefaultValues($fieldsetId, $modelId)
+    {
+        $this->authorize('view', CustomFieldset::class);
+
+        $set = CustomFieldset::findOrFail($fieldsetId);
+
+        $fields = $set->fields;
+
+        return (new CustomFieldsTransformer)->transformCustomFieldsWithDefaultValues($fields, $modelId, $fields->count());
+    }
+}

app/Http/Controllers/Api/DepartmentsController.php

@@ -0,0 +1,162 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Models\Department;
+use App\Http\Transformers\DepartmentsTransformer;
+use App\Helpers\Helper;
+use Auth;
+use App\Http\Transformers\SelectlistTransformer;
+
+class DepartmentsController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', Department::class);
+        $allowed_columns = ['id','name','image','users_count'];
+
+        $departments = Department::select([
+            'departments.id',
+            'departments.name',
+            'departments.location_id',
+            'departments.company_id',
+            'departments.manager_id',
+            'departments.created_at',
+            'departments.updated_at',
+            'departments.image'
+        ])->with('users')->with('location')->with('manager')->with('company')->withCount('users');
+
+        if ($request->has('search')) {
+            $departments = $departments->TextSearch($request->input('search'));
+        }
+
+        $offset = (($departments) && (request('offset') > $departments->count())) ? 0 : request('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+
+        switch ($request->input('sort')) {
+            case 'location':
+                $departments->OrderLocation($order);
+                break;
+            case 'manager':
+                $departments->OrderManager($order);
+                break;
+            default:
+                $departments->orderBy($sort, $order);
+                break;
+        }
+
+        $total = $departments->count();
+        $departments = $departments->skip($offset)->take($limit)->get();
+        return (new DepartmentsTransformer)->transformDepartments($departments, $total);
+
+    }
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', Department::class);
+        $department = new Department;
+        $department->fill($request->all());
+        $department->user_id = Auth::user()->id;
+        $department->manager_id = ($request->has('manager_id' ) ? $request->input('manager_id') : null);
+
+        if ($department->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $department, trans('admin/departments/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $department->getErrors()));
+
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', Department::class);
+        $department = Department::findOrFail($id);
+        return (new DepartmentsTransformer)->transformDepartment($department);
+    }
+
+
+
+    /**
+     * Validates and deletes selected location.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $locationId
+     * @since [v1.0]
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function destroy($id)
+    {
+        $department = Department::findOrFail($id);
+
+        $this->authorize('delete', $department);
+
+        if ($department->users->count() > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/departments/message.assoc_users')));
+        }
+
+        $department->delete();
+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/departments/message.delete.success')));
+
+    }
+
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request)
+    {
+
+        $departments = Department::select([
+            'id',
+            'name',
+            'image',
+        ]);
+
+        if ($request->has('search')) {
+            $departments = $departments->where('name', 'LIKE', '%'.$request->get('search').'%');
+        }
+
+        $departments = $departments->orderBy('name', 'ASC')->paginate(50);
+
+        // Loop through and set some custom properties for the transformer to use.
+        // This lets us have more flexibility in special cases like assets, where
+        // they may not have a ->name value but we want to display something anyway
+        foreach ($departments as $department) {
+            $department->use_image = ($department->image) ? url('/').'/uploads/departments/'.$department->image : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($departments);
+
+    }
+
+}

app/Http/Controllers/Api/DepreciationsController.php

@@ -0,0 +1,127 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Helpers\Helper;
+use App\Models\Depreciation;
+use App\Http\Transformers\DepreciationsTransformer;
+
+class DepreciationsController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', Depreciation::class);
+        $allowed_columns = ['id','name','created_at'];
+
+        $depreciations = Depreciation::select('id','name','months','user_id','created_at','updated_at');
+
+        if ($request->has('search')) {
+            $depreciations = $depreciations->TextSearch($request->input('search'));
+        }
+
+        $offset = (($depreciations) && (request('offset') > $depreciations->count())) ? 0 : request('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+        $depreciations->orderBy($sort, $order);
+
+        $total = $depreciations->count();
+        $depreciations = $depreciations->skip($offset)->take($limit)->get();
+        return (new DepreciationsTransformer)->transformDepreciations($depreciations, $total);
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', Depreciation::class);
+        $depreciation = new Depreciation;
+        $depreciation->fill($request->all());
+
+        if ($depreciation->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $depreciation, trans('admin/depreciations/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $depreciation->getErrors()));
+
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', Depreciation::class);
+        $depreciation = Depreciation::findOrFail($id);
+        return (new DepreciationsTransformer)->transformDepreciation($depreciation);
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('update', Depreciation::class);
+        $depreciation = Depreciation::findOrFail($id);
+        $depreciation->fill($request->all());
+
+        if ($depreciation->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $depreciation, trans('admin/depreciations/message.update.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $depreciation->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', Depreciation::class);
+        $depreciation = Depreciation::findOrFail($id);
+        $this->authorize('delete', $depreciation);
+
+        if ($depreciation->has_models() > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', trans('admin/depreciations/message.assoc_users')));
+        }
+
+        $depreciation->delete();
+        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/depreciations/message.delete.success')));
+
+    }
+
+
+
+}

app/Http/Controllers/Api/GroupsController.php

@@ -0,0 +1,121 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Helpers\Helper;
+use App\Models\Group;
+use App\Http\Transformers\GroupsTransformer;
+
+class GroupsController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', Group::class);
+        $allowed_columns = ['id','name','created_at', 'users_count'];
+
+        $groups = Group::select('id','name','permissions','created_at','updated_at')->withCount('users');
+
+        if ($request->has('search')) {
+            $groups = $groups->TextSearch($request->input('search'));
+        }
+
+        $offset = (($groups) && (request('offset') > $groups->count())) ? 0 : request('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+        $groups->orderBy($sort, $order);
+
+        $total = $groups->count();
+        $groups = $groups->skip($offset)->take($limit)->get();
+        return (new GroupsTransformer)->transformGroups($groups, $total);
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', Group::class);
+        $group = new Group;
+        $group->fill($request->all());
+
+        if ($group->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $group, trans('admin/groups/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $group->getErrors()));
+
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', Group::class);
+        $group = Group::findOrFail($id);
+        return (new GroupsTransformer)->transformGroup($group);
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('update', Group::class);
+        $group = Group::findOrFail($id);
+        $group->fill($request->all());
+
+        if ($group->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $group, trans('admin/groups/message.update.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $group->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', Group::class);
+        $group = Group::findOrFail($id);
+        $this->authorize('delete', $group);
+        $group->delete();
+        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/groups/message.delete.success')));
+
+    }
+
+
+}

app/Http/Controllers/Api/ImportController.php

@@ -0,0 +1,173 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use App\Helpers\Helper;
+use App\Http\Controllers\Controller;
+use App\Http\Requests\ItemImportRequest;
+use App\Http\Transformers\ImportsTransformer;
+use App\Models\Company;
+use App\Models\Import;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Input;
+use Illuminate\Support\Facades\Session;
+use League\Csv\Reader;
+use Symfony\Component\HttpFoundation\File\Exception\FileException;
+use Artisan;
+use App\Models\Asset;
+
+class ImportController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function index()
+    {
+        $this->authorize('import');
+        $imports = Import::latest()->get();
+        return (new ImportsTransformer)->transformImports($imports);
+
+    }
+
+    /**
+     * Process and store a CSV upload file.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store()
+    {
+        $this->authorize('import');
+        if (!config('app.lock_passwords')) {
+            $files = Input::file('files');
+            $path = config('app.private_uploads').'/imports';
+            $results = [];
+            $import = new Import;
+            foreach ($files as $file) {
+                if (!in_array($file->getMimeType(), array(
+                    'application/vnd.ms-excel',
+                    'text/csv',
+                    'text/plain',
+                    'text/comma-separated-values',
+                    'text/tsv'))) {
+                    $results['error']='File type must be CSV';
+                    return response()->json(Helper::formatStandardApiResponse('error', null, $results['error']), 500);
+                }
+
+                //TODO: is there a lighter way to do this?
+                if (! ini_get("auto_detect_line_endings")) {
+                    ini_set("auto_detect_line_endings", '1');
+                }
+                $reader = Reader::createFromFileObject($file->openFile('r')); //file pointer leak?
+                $import->header_row = $reader->fetchOne(0);
+
+                //duplicate headers check
+                $duplicate_headers = [];
+
+                for($i = 0; $i<count($import->header_row); $i++) {
+                    $header = $import->header_row[$i];
+                    if(in_array($header, $import->header_row)) {
+                        $found_at = array_search($header, $import->header_row);
+                        if($i > $found_at) {
+                            //avoid reporting duplicates twice, e.g. "1 is same as 17! 17 is same as 1!!!"
+                            //as well as "1 is same as 1!!!" (which is always true)
+                            //has to be > because otherwise the first result of array_search will always be $i itself(!)
+                            array_push($duplicate_headers,"Duplicate header '$header' detected, first at column: ".($found_at+1).", repeats at column: ".($i+1));
+                        }
+                    }
+                }
+                if(count($duplicate_headers) > 0) {
+                    return response()->json(Helper::formatStandardApiResponse('error',null, implode("; ",$duplicate_headers)), 500); //should this be '4xx'?
+                }
+
+                // Grab the first row to display via ajax as the user picks fields
+                $import->first_row = $reader->fetchOne(1);
+
+                $date = date('Y-m-d-his');
+                $fixed_filename = str_slug($file->getClientOriginalName());
+                try {
+                    $file->move($path, $date.'-'.$fixed_filename);
+                } catch (FileException $exception) {
+                    $results['error']=trans('admin/hardware/message.upload.error');
+                    if (config('app.debug')) {
+                        $results['error'].= ' ' . $exception->getMessage();
+                    }
+                    return response()->json(Helper::formatStandardApiResponse('error', null, $results['error']), 500);
+                }
+                $file_name = date('Y-m-d-his').'-'.$fixed_filename;
+                $import->file_path = $file_name;
+                $import->filesize = filesize($path.'/'.$file_name);
+                $import->save();
+                $results[] = $import;
+            }
+            $results = (new ImportsTransformer)->transformImports($results);
+            return [
+                'files' => $results,
+            ];
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.feature_disabled')), 500);
+    }
+    /**
+     * Processes the specified Import.
+     *
+     * @param  \App\Import  $import
+     * @return \Illuminate\Http\Response
+     */
+    public function process(ItemImportRequest $request, $import_id)
+    {
+        $this->authorize('import');
+        // Run a backup immediately before processing
+        Artisan::call('backup:run');
+        $errors = $request->import(Import::find($import_id));
+        $redirectTo = "hardware.index";
+        switch ($request->get('import-type')) {
+            case "asset":
+                $redirectTo = "hardware.index";
+                break;
+            case "accessory":
+                $redirectTo = "accessories.index";
+                break;
+            case "consumable":
+                $redirectTo = "consumables.index";
+                break;
+            case "component":
+                $redirectTo = "components.index";
+                break;
+            case "license":
+                $redirectTo = "licenses.index";
+                break;
+            case "user":
+                $redirectTo = "users.index";
+                break;
+        }
+
+        if ($errors) { //Failure
+            return response()->json(Helper::formatStandardApiResponse('import-errors', null, $errors), 500);
+        }
+        //Flash message before the redirect
+        Session::flash('success', trans('admin/hardware/message.import.success'));
+        return response()->json(Helper::formatStandardApiResponse('success', null, ['redirect_url' => route($redirectTo)]));
+
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @param  \App\Import  $import
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($import_id)
+    {
+        $this->authorize('import');
+        $import = Import::find($import_id);
+        try {
+            unlink(config('app.private_uploads').'/imports/'.$import->file_path);
+            $import->delete();
+            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/hardware/message.import.file_delete_success')));
+        } catch (\Exception $e) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.import.file_delete_error')), 500);
+        }
+    }
+}

app/Http/Controllers/Api/LicensesController.php

@@ -0,0 +1,248 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use App\Helpers\Helper;
+use App\Http\Controllers\Controller;
+use App\Http\Transformers\LicenseSeatsTransformer;
+use App\Http\Transformers\LicensesTransformer;
+use App\Models\Company;
+use App\Models\License;
+use App\Models\LicenseSeat;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\DB;
+
+class LicensesController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', License::class);
+        $licenses = Company::scopeCompanyables(License::with('company', 'manufacturer', 'freeSeats', 'supplier','category')->withCount('freeSeats'));
+
+
+        if ($request->has('company_id')) {
+            $licenses->where('company_id','=',$request->input('company_id'));
+        }
+
+        if ($request->has('name')) {
+            $licenses->where('licenses.name','=',$request->input('name'));
+        }
+
+        if ($request->has('product_key')) {
+            $licenses->where('licenses.serial','=',$request->input('product_key'));
+        }
+
+        if ($request->has('order_number')) {
+            $licenses->where('order_number','=',$request->input('order_number'));
+        }
+
+        if ($request->has('purchase_order')) {
+            $licenses->where('purchase_order','=',$request->input('purchase_order'));
+        }
+
+        if ($request->has('license_name')) {
+            $licenses->where('license_name','=',$request->input('license_name'));
+        }
+
+        if ($request->has('license_email')) {
+            $licenses->where('license_email','=',$request->input('license_email'));
+        }
+
+        if ($request->has('manufacturer_id')) {
+            $licenses->where('manufacturer_id','=',$request->input('manufacturer_id'));
+        }
+
+        if ($request->has('supplier_id')) {
+            $licenses->where('supplier_id','=',$request->input('supplier_id'));
+        }
+
+        if ($request->has('category_id')) {
+            $licenses->where('category_id','=',$request->input('category_id'));
+        }
+
+        if ($request->has('depreciation_id')) {
+            $licenses->where('depreciation_id','=',$request->input('depreciation_id'));
+        }
+
+        if ($request->has('supplier_id')) {
+            $licenses->where('supplier_id','=',$request->input('supplier_id'));
+        }
+
+
+        if ($request->has('search')) {
+            $licenses = $licenses->TextSearch($request->input('search'));
+        }
+
+
+        $offset = (($licenses) && (request('offset') > $licenses->count())) ? 0 : request('offset', 0);
+        $limit = request('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+
+
+        switch ($request->input('sort')) {
+                case 'manufacturer':
+                    $licenses = $licenses->leftJoin('manufacturers', 'licenses.manufacturer_id', '=', 'manufacturers.id')->orderBy('manufacturers.name', $order);
+                break;
+            case 'supplier':
+                $licenses = $licenses->leftJoin('suppliers', 'licenses.supplier_id', '=', 'suppliers.id')->orderBy('suppliers.name', $order);
+                break;
+            case 'category':
+                $licenses = $licenses->leftJoin('categories', 'licenses.category_id', '=', 'categories.id')->orderBy('categories.name', $order);
+                break;
+            case 'company':
+                $licenses = $licenses->leftJoin('companies', 'licenses.company_id', '=', 'companies.id')->orderBy('companies.name', $order);
+                break;
+            default:
+                $allowed_columns = ['id','name','purchase_cost','expiration_date','purchase_order','order_number','notes','purchase_date','serial','company','category','license_name','license_email','free_seats_count','seats'];
+                $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
+                $licenses = $licenses->orderBy($sort, $order);
+                break;
+        }
+
+
+
+        $total = $licenses->count();
+
+        $licenses = $licenses->skip($offset)->take($limit)->get();
+        return (new LicensesTransformer)->transformLicenses($licenses, $total);
+
+    }
+
+
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        //
+        $this->authorize('create', License::class);
+        $license = new License;
+        $license->fill($request->all());
+
+        if($license->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $license, trans('admin/licenses/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $license->getErrors()));
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', License::class);
+        $license = License::findOrFail($id);
+        $license = $license->load('assignedusers', 'licenseSeats.user', 'licenseSeats.asset');
+        return (new LicensesTransformer)->transformLicense($license);
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        //
+        $this->authorize('update', License::class);
+
+        $license = License::findOrFail($id);
+        $license->fill($request->all());
+
+        if ($license->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $license, trans('admin/licenses/message.update.success')));
+        }
+
+        return Helper::formatStandardApiResponse('error', null, $license->getErrors());
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        //
+        $license = License::findOrFail($id);
+        $this->authorize('delete', $license);
+
+        if($license->assigned_seats_count == 0) {
+            // Delete the license and the associated license seats
+            DB::table('license_seats')
+                ->where('id', $license->id)
+                ->update(array('assigned_to' => null,'asset_id' => null));
+
+            $licenseSeats = $license->licenseseats();
+            $licenseSeats->delete();
+            $license->delete();
+
+            // Redirect to the licenses management page
+            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/licenses/message.delete.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/licenses/message.assoc_users')));
+    }
+
+    /**
+     * Get license seat listing
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param int $licenseId
+     * @return \Illuminate\Contracts\View\View
+     */
+    public function seats(Request $request, $licenseId)
+    {
+
+        if ($license = License::find($licenseId)) {
+
+            $this->authorize('view', $license);
+
+            $seats = LicenseSeat::where('license_id', $licenseId)->with('license', 'user', 'asset');
+
+            $offset = request('offset', 0);
+            $limit = request('limit', 50);
+            $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+
+            $total = $seats->count();
+            $seats = $seats->skip($offset)->take($limit)->get();
+
+            if ($seats) {
+                return (new LicenseSeatsTransformer)->transformLicenseSeats($seats, $total);
+            }
+
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/licenses/message.does_not_exist')), 200);
+
+    }
+
+
+}

app/Http/Controllers/Api/LocationsController.php

@@ -0,0 +1,213 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Helpers\Helper;
+use App\Models\Location;
+use App\Http\Transformers\LocationsTransformer;
+use App\Http\Transformers\SelectlistTransformer;
+
+class LocationsController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', Location::class);
+        $allowed_columns = [
+                'id','name','address','address2','city','state','country','zip','created_at',
+                'updated_at','manager_id','image',
+                'assigned_assets_count','users_count','assets_count','currency'];
+
+        $locations = Location::with('parent', 'manager', 'childLocations')->select([
+            'locations.id',
+            'locations.name',
+            'locations.address',
+            'locations.address2',
+            'locations.city',
+            'locations.state',
+            'locations.zip',
+            'locations.country',
+            'locations.parent_id',
+            'locations.manager_id',
+            'locations.created_at',
+            'locations.updated_at',
+            'locations.image',
+            'locations.currency'
+        ])->withCount('assignedAssets')
+        ->withCount('assets')
+        ->withCount('users');
+
+        if ($request->has('search')) {
+            $locations = $locations->TextSearch($request->input('search'));
+        }
+
+
+
+        $offset = (($locations) && (request('offset') > $locations->count())) ? 0 : request('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+
+        switch ($request->input('sort')) {
+            case 'parent':
+                $locations->OrderParent($order);
+                break;
+            case 'manager':
+                $locations->OrderManager($order);
+                break;
+            default:
+                $locations->orderBy($sort, $order);
+                break;
+        }
+
+
+        $total = $locations->count();
+        $locations = $locations->skip($offset)->take($limit)->get();
+        return (new LocationsTransformer)->transformLocations($locations, $total);
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', Location::class);
+        $location = new Location;
+        $location->fill($request->all());
+
+        if ($location->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', (new LocationsTransformer)->transformLocation($location), trans('admin/locations/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $location->getErrors()));
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', Location::class);
+        $location = Location::with('parent', 'manager', 'childLocations')
+            ->select([
+                'locations.id',
+                'locations.name',
+                'locations.address',
+                'locations.address2',
+                'locations.city',
+                'locations.state',
+                'locations.zip',
+                'locations.country',
+                'locations.parent_id',
+                'locations.manager_id',
+                'locations.created_at',
+                'locations.updated_at',
+                'locations.image',
+                'locations.currency'
+            ])
+            ->withCount('assignedAssets')
+            ->withCount('assets')
+            ->withCount('users')->findOrFail($id);
+        return (new LocationsTransformer)->transformLocation($location);
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('update', Location::class);
+        $location = Location::findOrFail($id);
+        $location->fill($request->all());
+
+        if ($location->save()) {
+            return response()->json(
+                Helper::formatStandardApiResponse(
+                    'success',
+                    (new LocationsTransformer)->transformLocation($location),
+                    trans('admin/locations/message.update.success')
+                )
+            );
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $location->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', Location::class);
+        $location = Location::findOrFail($id);
+        $this->authorize('delete', $location);
+        $location->delete();
+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/locations/message.delete.success')));
+    }
+
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request)
+    {
+
+        $locations = Location::select([
+            'locations.id',
+            'locations.name',
+            'locations.image',
+        ]);
+
+        if ($request->has('search')) {
+            $locations = $locations->where('locations.name', 'LIKE', '%'.$request->get('search').'%');
+        }
+
+        $locations = $locations->orderBy('name', 'ASC')->paginate(50);
+
+        // Loop through and set some custom properties for the transformer to use.
+        // This lets us have more flexibility in special cases like assets, where
+        // they may not have a ->name value but we want to display something anyway
+        foreach ($locations as $location) {
+            $location->use_text = $location->name;
+            $location->use_image = ($location->image) ? url('/').'/uploads/locations/'.$location->image : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($locations);
+
+    }
+
+}

app/Http/Controllers/Api/ManufacturersController.php

@@ -0,0 +1,165 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Helpers\Helper;
+use App\Models\Manufacturer;
+use App\Http\Transformers\DatatablesTransformer;
+use App\Http\Transformers\ManufacturersTransformer;
+use App\Http\Transformers\SelectlistTransformer;
+
+class ManufacturersController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', Manufacturer::class);
+        $allowed_columns = ['id','name','url','support_url','support_email','support_phone','created_at','updated_at','image', 'assets_count', 'consumables_count', 'components_count', 'licenses_count'];
+
+        $manufacturers = Manufacturer::select(
+            array('id','name','url','support_url','support_email','support_phone','created_at','updated_at','image', 'deleted_at')
+        )->withCount('assets')->withCount('licenses')->withCount('consumables')->withCount('accessories');
+
+        if ($request->input('deleted')=='true') {
+            $manufacturers->onlyTrashed();
+        }
+
+        if ($request->has('search')) {
+            $manufacturers = $manufacturers->TextSearch($request->input('search'));
+        }
+
+
+
+
+        $offset = (($manufacturers) && (request('offset') > $manufacturers->count())) ? 0 : request('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+        $manufacturers->orderBy($sort, $order);
+
+        $total = $manufacturers->count();
+        $manufacturers = $manufacturers->skip($offset)->take($limit)->get();
+        return (new ManufacturersTransformer)->transformManufacturers($manufacturers, $total);
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', Manufacturer::class);
+        $manufacturer = new Manufacturer;
+        $manufacturer->fill($request->all());
+
+        if ($manufacturer->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $manufacturer, trans('admin/manufacturers/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $manufacturer->getErrors()));
+
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', Manufacturer::class);
+        $manufacturer = Manufacturer::withCount('assets')->withCount('licenses')->withCount('consumables')->withCount('accessories')->findOrFail($id);
+        return (new ManufacturersTransformer)->transformManufacturer($manufacturer);
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('update', Manufacturer::class);
+        $manufacturer = Manufacturer::findOrFail($id);
+        $manufacturer->fill($request->all());
+
+        if ($manufacturer->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $manufacturer, trans('admin/manufacturers/message.update.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $manufacturer->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', Manufacturer::class);
+        $manufacturer = Manufacturer::findOrFail($id);
+        $this->authorize('delete', $manufacturer);
+        $manufacturer->delete();
+        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/manufacturers/message.delete.success')));
+
+    }
+
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request)
+    {
+
+        $manufacturers = Manufacturer::select([
+            'id',
+            'name',
+            'image',
+        ]);
+
+        if ($request->has('search')) {
+            $manufacturers = $manufacturers->where('name', 'LIKE', '%'.$request->get('search').'%');
+        }
+
+        $manufacturers = $manufacturers->orderBy('name', 'ASC')->paginate(50);
+
+        // Loop through and set some custom properties for the transformer to use.
+        // This lets us have more flexibility in special cases like assets, where
+        // they may not have a ->name value but we want to display something anyway
+        foreach ($manufacturers as $manufacturer) {
+            $manufacturer->use_text = $manufacturer->name;
+            $manufacturer->use_image = ($manufacturer->image) ? url('/').'/uploads/manufacturers/'.$manufacturer->image : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($manufacturers);
+
+    }
+}

app/Http/Controllers/Api/ProfileController.php

@@ -0,0 +1,49 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use App\Models\CheckoutRequest;
+use App\Http\Controllers\Controller;
+use Auth;
+use App\Helpers\Helper;
+
+
+class ProfileController extends Controller
+{
+    /**
+     * Display a listing of requested assets.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.3.0]
+     *
+     * @return Array
+     */
+    public function requestedAssets()
+    {
+        $checkoutRequests = CheckoutRequest::where('user_id', '=', Auth::user()->id)->get();
+
+        $results = [];
+        $results['total'] = $checkoutRequests->count();
+
+
+        foreach ($checkoutRequests as $checkoutRequest) {
+
+            // Make sure the asset and request still exist
+            if ($checkoutRequest && $checkoutRequest->itemRequested()) {
+                $results['rows'][] = [
+                    'image' => $checkoutRequest->itemRequested()->present()->getImageUrl(),
+                    'name' => $checkoutRequest->itemRequested()->present()->name(),
+                    'type' => $checkoutRequest->itemType(),
+                    'qty' => $checkoutRequest->quantity,
+                    'location' => ($checkoutRequest->location()) ? $checkoutRequest->location()->name : null,
+                    'expected_checkin' => Helper::getFormattedDateObject($checkoutRequest->itemRequested()->expected_checkin, 'datetime'),
+                    'request_date' => Helper::getFormattedDateObject($checkoutRequest->created_at, 'datetime'),
+                ];
+            }
+
+        }
+        return $results;
+    }
+
+
+}

app/Http/Controllers/Api/ReportsController.php

@@ -0,0 +1,66 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Models\Actionlog;
+use App\Http\Transformers\ActionlogsTransformer;
+
+class ReportsController extends Controller
+{
+    /**
+     * Returns Activity Report JSON.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return View
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('reports.view');
+        
+        $actionlogs = Actionlog::with('item', 'user', 'target','location');
+
+        if ($request->has('search')) {
+            $actionlogs = $actionlogs->TextSearch(e($request->input('search')));
+        }
+
+        if (($request->has('target_type'))  && ($request->has('target_id'))) {
+            $actionlogs = $actionlogs->where('target_id','=',$request->input('target_id'))
+                ->where('target_type','=',"App\\Models\\".ucwords($request->input('target_type')));
+        }
+
+        if (($request->has('item_type'))  && ($request->has('item_id'))) {
+            $actionlogs = $actionlogs->where('item_id','=',$request->input('item_id'))
+                ->where('item_type','=',"App\\Models\\".ucwords($request->input('item_type')));
+        }
+
+        if ($request->has('action_type')) {
+            $actionlogs = $actionlogs->where('action_type','=',$request->input('action_type'))->orderBy('created_at', 'desc');
+        }
+
+        if ($request->has('uploads')) {
+            $actionlogs = $actionlogs->whereNotNull('filename')->orderBy('created_at', 'desc');
+        }
+
+        $allowed_columns = [
+            'id',
+            'created_at',
+            'target_id',
+            'user_id',
+            'action_type',
+            'note'
+        ];
+        
+        $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
+        $order = ($request->input('order') == 'asc') ? 'asc' : 'desc';
+        $offset = request('offset', 0);
+        $limit = request('limit', 50);
+        $total = $actionlogs->count();
+        $actionlogs = $actionlogs->orderBy($sort, $order)->skip($offset)->take($limit)->get();
+
+        return response()->json((new ActionlogsTransformer)->transformActionlogs($actionlogs, $total), 200, ['Content-Type' => 'application/json;charset=utf8'], JSON_UNESCAPED_UNICODE);
+
+    }
+}

app/Http/Controllers/Api/SettingsController.php

@@ -0,0 +1,148 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Models\Ldap;
+use Validator;
+use App\Models\Setting;
+use Mail;
+use App\Notifications\SlackTest;
+use Notification;
+use App\Notifications\MailTest;
+
+class SettingsController extends Controller
+{
+
+
+    public function ldaptest()
+    {
+
+        if (Setting::getSettings()->ldap_enabled!='1') {
+            \Log::debug('LDAP is not enabled cannot test.');
+            return response()->json(['message' => 'LDAP is not enabled, cannot test.'], 400);
+        }
+
+        \Log::debug('Preparing to test LDAP connection');
+
+        try {
+            $connection = Ldap::connectToLdap();
+            try {
+                \Log::debug('attempting to bind to LDAP for LDAP test');
+                Ldap::bindAdminToLdap($connection);
+                return response()->json(['message' => 'It worked!'], 200);
+            } catch (\Exception $e) {
+                \Log::debug('Bind failed');
+                return response()->json(['message' => $e->getMessage()], 400);
+                //return response()->json(['message' => $e->getMessage()], 500);
+            }
+        } catch (\Exception $e) {
+            \Log::debug('Connection failed');
+            return response()->json(['message' => $e->getMessage()], 600);
+        }
+
+
+    }
+
+    public function ldaptestlogin(Request $request)
+    {
+
+        if (Setting::getSettings()->ldap_enabled!='1') {
+            \Log::debug('LDAP is not enabled. Cannot test.');
+            return response()->json(['message' => 'LDAP is not enabled, cannot test.'], 400);
+        }
+
+
+        $rules = array(
+            'ldaptest_user' => 'required',
+            'ldaptest_password' => 'required'
+        );
+
+        $validator = Validator::make($request->all(), $rules);
+        if ($validator->fails()) {
+            \Log::debug('LDAP Validation test failed.');
+            $validation_errors = implode(' ',$validator->errors()->all());
+            return response()->json(['message' => $validator->errors()->all()], 400);
+        }
+        
+
+        \Log::debug('Preparing to test LDAP login');
+        try {
+            $connection = Ldap::connectToLdap();
+            try {
+                Ldap::bindAdminToLdap($connection);
+                \Log::debug('Attempting to bind to LDAP for LDAP test');
+                try {
+                    $ldap_user = Ldap::findAndBindUserLdap($request->input('ldaptest_user'), $request->input('ldaptest_password'));
+                    if ($ldap_user) {
+                        \Log::debug('It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.');
+                        return response()->json(['message' => 'It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.'], 200);
+                    }
+                    return response()->json(['message' => 'Login Failed. '. $request->input('ldaptest_user').' did not successfully bind to LDAP.'], 400);
+
+                } catch (\Exception $e) {
+                    \Log::debug('LDAP login failed');
+                    return response()->json(['message' => $e->getMessage()], 400);
+                }
+
+            } catch (\Exception $e) {
+                \Log::debug('Bind failed');
+                return response()->json(['message' => $e->getMessage()], 400);
+                //return response()->json(['message' => $e->getMessage()], 500);
+            }
+        } catch (\Exception $e) {
+            \Log::debug('Connection failed');
+            return response()->json(['message' => $e->getMessage()], 500);
+        }
+
+
+    }
+
+
+    public function slacktest()
+    {
+
+        if ($settings = Setting::getSettings()->slack_channel=='') {
+            \Log::debug('Slack is not enabled. Cannot test.');
+            return response()->json(['message' => 'Slack is not enabled, cannot test.'], 400);
+        }
+
+        \Log::debug('Preparing to test slack connection');
+
+        try {
+            Notification::send($settings = Setting::getSettings(), new SlackTest());
+            return response()->json(['message' => 'Success'], 200);
+        } catch (\Exception $e) {
+            \Log::debug('Slack connection failed');
+            return response()->json(['message' => $e->getMessage()], 400);
+        }
+
+
+    }
+
+
+    /**
+     * Test the email configuration
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return Redirect
+     */
+    public function ajaxTestEmail()
+    {
+        if (!config('app.lock_passwords')) {
+            try {
+                Notification::send(Setting::first(), new MailTest());
+                return response()->json(['message' => 'Mail sent to '.config('mail.reply_to.address')], 200);
+            } catch (Exception $e) {
+                return response()->json(['message' => $e->getMessage()], 500);
+            }
+        }
+        return response()->json(['message' => 'Mail would have been sent, but this application is in demo mode! '], 200);
+
+    }
+
+
+
+}

app/Http/Controllers/Api/StatuslabelsController.php

@@ -0,0 +1,249 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Helpers\Helper;
+use App\Models\Statuslabel;
+use App\Models\Asset;
+use App\Http\Transformers\StatuslabelsTransformer;
+use App\Http\Transformers\AssetsTransformer;
+
+class StatuslabelsController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', Statuslabel::class);
+        $allowed_columns = ['id','name','created_at', 'assets_count','color','default_label'];
+
+        $statuslabels = Statuslabel::withCount('assets');
+
+        if ($request->has('search')) {
+            $statuslabels = $statuslabels->TextSearch($request->input('search'));
+        }
+
+        $offset = (($statuslabels) && (request('offset') > $statuslabels->count())) ? 0 : request('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+        $statuslabels->orderBy($sort, $order);
+
+        $total = $statuslabels->count();
+        $statuslabels = $statuslabels->skip($offset)->take($limit)->get();
+        return (new StatuslabelsTransformer)->transformStatuslabels($statuslabels, $total);
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', Statuslabel::class);
+        $request->except('deployable', 'pending','archived');
+
+        if (!$request->has('type')) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, ["type" => ["Status label type is required."]]),500);
+        }
+
+        $statuslabel = new Statuslabel;
+        $statuslabel->fill($request->all());
+
+        $statusType = Statuslabel::getStatuslabelTypesForDB($request->input('type'));
+        $statuslabel->deployable        =  $statusType['deployable'];
+        $statuslabel->pending           =  $statusType['pending'];
+        $statuslabel->archived          =  $statusType['archived'];
+
+        if ($statuslabel->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $statuslabel, trans('admin/statuslabels/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $statuslabel->getErrors()));
+
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', Statuslabel::class);
+        $statuslabel = Statuslabel::findOrFail($id);
+        return (new StatuslabelsTransformer)->transformStatuslabel($statuslabel);
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('update', Statuslabel::class);
+        $statuslabel = Statuslabel::findOrFail($id);
+        
+        $request->except('deployable', 'pending','archived');
+
+        if (!$request->has('type')) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'Status label type is required.'));
+        }
+
+        $statuslabel->fill($request->all());
+
+        $statusType = Statuslabel::getStatuslabelTypesForDB($request->input('type'));
+        $statuslabel->deployable        =  $statusType['deployable'];
+        $statuslabel->pending           =  $statusType['pending'];
+        $statuslabel->archived          =  $statusType['archived'];
+
+        if ($statuslabel->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $statuslabel, trans('admin/statuslabels/message.update.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $statuslabel->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', Statuslabel::class);
+        $statuslabel = Statuslabel::findOrFail($id);
+        $this->authorize('delete', $statuslabel);
+
+        // Check that there are no assets associated
+        if ($statuslabel->assets()->count() == 0) {
+            $statuslabel->delete();
+            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/statuslabels/message.delete.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/statuslabels/message.assoc_assets')));
+
+    }
+
+
+
+     /**
+     * Show a count of assets by status label for pie chart
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return \Illuminate\Http\Response
+     */
+
+    public function getAssetCountByStatuslabel()
+    {
+        $this->authorize('view', Statuslabel::class);
+
+        $statuslabels = Statuslabel::with('assets')->groupBy('id')->withCount('assets')->get();
+
+        $labels=[];
+        $points=[];
+        $colors=[];
+        foreach ($statuslabels as $statuslabel) {
+            if ($statuslabel->assets_count > 0) {
+
+                $labels[]=$statuslabel->name. ' ('.number_format($statuslabel->assets_count).')';
+                $points[]=$statuslabel->assets_count;
+                if ($statuslabel->color!='') {
+                    $colors[]=$statuslabel->color;
+                }
+            }
+        }
+
+        
+        $colors_array = array_merge($colors, Helper::chartColors());
+
+        $result= [
+            "labels" => $labels,
+            "datasets" => [ [
+                "data" => $points,
+                "backgroundColor" => $colors_array,
+                "hoverBackgroundColor" =>  $colors_array
+            ]]
+        ];
+        return $result;
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function assets(Request $request, $id)
+    {
+        $this->authorize('view', Statuslabel::class);
+        $this->authorize('index', Asset::class);
+        $assets = Asset::where('status_id','=',$id);
+
+        $allowed_columns = [
+            'id',
+            'name'
+        ];
+
+        $offset = request('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+        $assets->orderBy($sort, $order);
+
+        $total = $assets->count();
+        $assets = $assets->skip($offset)->take($limit)->get();
+
+
+        return (new AssetsTransformer)->transformAssets($assets, $total);
+    }
+
+
+    /**
+     * Returns a boolean response based on whether the status label
+     * is one that is deployable.
+     *
+     * This is used by the hardware create/edit view to determine whether
+     * we should provide a dropdown of users for them to check the asset out to.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return Bool
+     */
+    public function checkIfDeployable($id) {
+        $statuslabel = Statuslabel::findOrFail($id);
+        $this->authorize('view', Asset::class);
+
+        if ($statuslabel->getStatuslabelType()=='deployable') {
+            return '1';
+        }
+
+        return '0';
+    }
+}

app/Http/Controllers/Api/SuppliersController.php

@@ -0,0 +1,174 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Helpers\Helper;
+use App\Models\Supplier;
+use App\Http\Transformers\SuppliersTransformer;
+use App\Http\Transformers\SelectlistTransformer;
+
+
+class SuppliersController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', Supplier::class);
+        $allowed_columns = ['id','name','address','phone','contact','fax','email','image','assets_count','licenses_count', 'accessories_count'];
+        
+        $suppliers = Supplier::select(
+                array('id','name','address','address2','city','state','country','fax', 'phone','email','contact','created_at','updated_at','deleted_at','image','notes')
+            )->withCount('assets')->withCount('licenses')->withCount('accessories');
+
+
+        if ($request->has('search')) {
+            $suppliers = $suppliers->TextSearch($request->input('search'));
+        }
+
+        $offset = (($suppliers) && (request('offset') > $suppliers->count())) ? 0 : request('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+        $suppliers->orderBy($sort, $order);
+
+        $total = $suppliers->count();
+        $suppliers = $suppliers->skip($offset)->take($limit)->get();
+        return (new SuppliersTransformer)->transformSuppliers($suppliers, $total);
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', Supplier::class);
+        $supplier = new Supplier;
+        $supplier->fill($request->all());
+
+        if ($supplier->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $supplier, trans('admin/suppliers/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $supplier->getErrors()));
+
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', Supplier::class);
+        $supplier = Supplier::findOrFail($id);
+        return (new SuppliersTransformer)->transformSupplier($supplier);
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('update', Supplier::class);
+        $supplier = Supplier::findOrFail($id);
+        $supplier->fill($request->all());
+
+        if ($supplier->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $supplier, trans('admin/suppliers/message.update.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $supplier->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', Supplier::class);
+        $supplier = Supplier::with('asset_maintenances', 'assets', 'licenses')->withCount('asset_maintenances','assets', 'licenses')->findOrFail($id);
+        $this->authorize('delete', $supplier);
+
+
+        if ($supplier->assets_count > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/suppliers/message.delete.assoc_assets', ['asset_count' => (int) $supplier->assets_count])));
+        }
+
+        if ($supplier->asset_maintenances_count > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/suppliers/message.delete.assoc_maintenances', ['asset_maintenances_count' => $supplier->asset_maintenances_count])));
+        }
+
+        if ($supplier->licenses_count > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/suppliers/message.delete.assoc_licenses', ['licenses_count' => (int) $supplier->licenses_count])));
+        }
+
+        $supplier->delete();
+        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/suppliers/message.delete.success')));
+
+    }
+
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request)
+    {
+
+        $suppliers = Supplier::select([
+            'id',
+            'name',
+            'image',
+        ]);
+
+        if ($request->has('search')) {
+            $suppliers = $suppliers->where('suppliers.name', 'LIKE', '%'.$request->get('search').'%');
+        }
+
+        $suppliers = $suppliers->orderBy('name', 'ASC')->paginate(50);
+
+        // Loop through and set some custom properties for the transformer to use.
+        // This lets us have more flexibility in special cases like assets, where
+        // they may not have a ->name value but we want to display something anyway
+        foreach ($suppliers as $supplier) {
+            $supplier->use_text = $supplier->name;
+            $supplier->use_image = ($supplier->image) ? url('/').'/uploads/suppliers/'.$supplier->image : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($suppliers);
+
+    }
+
+}

app/Http/Controllers/Api/UsersController.php

@@ -0,0 +1,363 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Http\Transformers\UsersTransformer;
+use App\Models\Company;
+use App\Models\User;
+use App\Helpers\Helper;
+use App\Http\Requests\SaveUserRequest;
+use App\Models\Asset;
+use App\Http\Transformers\AssetsTransformer;
+use App\Http\Transformers\SelectlistTransformer;
+use App\Http\Transformers\AccessoriesTransformer;
+
+class UsersController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', User::class);
+
+        $users = User::select([
+            'users.activated',
+            'users.address',
+            'users.avatar',
+            'users.city',
+            'users.company_id',
+            'users.country',
+            'users.created_at',
+            'users.deleted_at',
+            'users.department_id',
+            'users.email',
+            'users.employee_num',
+            'users.first_name',
+            'users.id',
+            'users.jobtitle',
+            'users.last_login',
+            'users.last_name',
+            'users.location_id',
+            'users.manager_id',
+            'users.notes',
+            'users.permissions',
+            'users.phone',
+            'users.state',
+            'users.two_factor_enrolled',
+            'users.two_factor_optin',
+            'users.updated_at',
+            'users.username',
+            'users.zip',
+
+        ])->with('manager', 'groups', 'userloc', 'company', 'department','assets','licenses','accessories','consumables')
+            ->withCount('assets','licenses','accessories','consumables');
+        $users = Company::scopeCompanyables($users);
+
+
+        if (($request->has('deleted')) && ($request->input('deleted')=='true')) {
+            $users = $users->GetDeleted();
+        }
+
+        if ($request->has('company_id')) {
+            $users = $users->where('users.company_id', '=', $request->input('company_id'));
+        }
+
+        if ($request->has('location_id')) {
+            $users = $users->where('users.location_id', '=', $request->input('location_id'));
+        }
+
+        if ($request->has('group_id')) {
+            $users = $users->ByGroup($request->get('group_id'));
+        }
+
+        if ($request->has('department_id')) {
+            $users = $users->where('users.department_id','=',$request->input('department_id'));
+        }
+
+        if ($request->has('search')) {
+            $users = $users->TextSearch($request->input('search'));
+        }
+
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $offset = (($users) && (request('offset') > $users->count())) ? 0 : request('offset', 0);
+        $limit = request('limit',  20);
+
+        switch ($request->input('sort')) {
+            case 'manager':
+                $users = $users->OrderManager($order);
+                break;
+            case 'location':
+                $users = $users->OrderLocation($order);
+                break;
+            case 'department':
+                $users = $users->OrderDepartment($order);
+                break;
+            default:
+                $allowed_columns =
+                    [
+                        'last_name','first_name','email','jobtitle','username','employee_num',
+                        'assets','accessories', 'consumables','licenses','groups','activated','created_at',
+                        'two_factor_enrolled','two_factor_optin','last_login', 'assets_count', 'licenses_count',
+                        'consumables_count', 'accessories_count', 'phone', 'address', 'city', 'state',
+                        'country', 'zip', 'id'
+                    ];
+
+                $sort = in_array($request->get('sort'), $allowed_columns) ? $request->get('sort') : 'first_name';
+                $users = $users->orderBy($sort, $order);
+                break;
+        }
+
+
+        $total = $users->count();
+        $users = $users->skip($offset)->take($limit)->get();
+        return (new UsersTransformer)->transformUsers($users, $total);
+    }
+
+
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request)
+    {
+
+        $users = User::select(
+            [
+                'users.id',
+                'users.username',
+                'users.employee_num',
+                'users.first_name',
+                'users.last_name',
+                'users.gravatar',
+                'users.avatar',
+                'users.email',
+            ]
+            )->where('show_in_list', '=', '1');
+
+        $users = Company::scopeCompanyables($users);
+
+        if ($request->has('search')) {
+            $users = $users->SimpleNameSearch($request->get('search'))
+                ->orWhere('username', 'LIKE', '%'.$request->get('search').'%')
+                ->orWhere('employee_num', 'LIKE', '%'.$request->get('search').'%');
+        }
+
+        $users = $users->orderBy('last_name', 'asc')->orderBy('first_name', 'asc');
+        $users = $users->paginate(50);
+
+        foreach ($users as $user) {
+            $name_str = '';
+            if ($user->last_name!='') {
+                $name_str .= e($user->last_name).', ';
+            }
+            $name_str .= e($user->first_name);
+
+            if ($user->username!='') {
+                $name_str .= ' ('.e($user->username).')';
+            }
+
+            if ($user->employee_num!='') {
+                $name_str .= ' - #'.e($user->employee_num);
+            }
+
+            $user->use_text = $name_str;
+            $user->use_image = ($user->present()->gravatar) ? $user->present()->gravatar : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($users);
+
+    }
+
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(SaveUserRequest $request)
+    {
+        $this->authorize('create', User::class);
+
+        $user = new User;
+        $user->fill($request->all());
+
+        $tmp_pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
+        $user->password = bcrypt($request->get('password', $tmp_pass));
+
+        if ($user->save()) {
+            if ($request->has('groups')) {
+                $user->groups()->sync($request->input('groups'));
+            } else {
+                $user->groups()->sync(array());
+            }
+            
+            return response()->json(Helper::formatStandardApiResponse('success', (new UsersTransformer)->transformUser($user), trans('admin/users/message.success.create')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $user->getErrors()));
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', User::class);
+        $user = User::findOrFail($id);
+        return (new UsersTransformer)->transformUser($user);
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(SaveUserRequest $request, $id)
+    {
+        $this->authorize('update', User::class);
+
+        $user = User::findOrFail($id);
+        $user->fill($request->all());
+
+        if ($user->id == $request->input('manager_id')) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot be your own manager'));
+        }
+
+        if ($request->has('password')) {
+            $user->password = bcrypt($request->input('password'));
+        }
+
+        // Update the location of any assets checked out to this user
+        Asset::where('assigned_type', User::class)
+            ->where('assigned_to', $user->id)->update(['location_id' => $request->input('location_id', null)]);
+
+        if ($user->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', (new UsersTransformer)->transformUser($user), trans('admin/users/message.success.update')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $user->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', User::class);
+        $user = User::findOrFail($id);
+        $this->authorize('delete', $user);
+
+
+        if ($user->assets()->count() > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/users/message.error.delete_has_assets')));
+        }
+
+        if ($user->delete()) {
+            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/users/message.success.delete')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/users/message.error.delete')));
+    }
+
+    /**
+     * Return JSON containing a list of assets assigned to a user.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @param $userId
+     * @return string JSON
+     */
+    public function assets($id)
+    {
+        $this->authorize('view', User::class);
+        $this->authorize('view', Asset::class);
+        $assets = Asset::where('assigned_to', '=', $id)->where('assigned_type', '=', User::class)->with('model')->get();
+        return (new AssetsTransformer)->transformAssets($assets, $assets->count());
+    }
+
+    /**
+     * Return JSON containing a list of accessories assigned to a user.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.6.14]
+     * @param $userId
+     * @return string JSON
+     */
+    public function accessories($id)
+    {
+        $this->authorize('view', User::class);
+        $user = User::findOrFail($id);
+        $this->authorize('view', Accessory::class);
+        $accessories = $user->accessories;
+        return (new AccessoriesTransformer)->transformAccessories($accessories, $accessories->count());
+    }
+
+    /**
+     * Reset the user's two-factor status
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @param $userId
+     * @return string JSON
+     */
+    public function postTwoFactorReset(Request $request)
+    {
+
+        $this->authorize('update', User::class);
+
+        if ($request->has('id')) {
+            try {
+                $user = User::find($request->get('id'));
+                $user->two_factor_secret = null;
+                $user->two_factor_enrolled = 0;
+                $user->save();
+                return response()->json(['message' => trans('admin/settings/general.two_factor_reset_success')], 200);
+            } catch (\Exception $e) {
+                return response()->json(['message' => trans('admin/settings/general.two_factor_reset_error')], 500);
+            }
+        }
+        return response()->json(['message' => 'No ID provided'], 500);
+
+    }
+
+    /**
+     * Get info on the current user.
+     *
+     * @author [Juan Font] [<juanfontalonso@gmail.com>]
+     * @since [v4.4.2]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function getCurrentUserInfo(Request $request)
+    {
+        return response()->json($request->user());
+    }
+}

app/Http/Controllers/AssetCheckinController.php

@@ -0,0 +1,104 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Helpers\Helper;
+use App\Http\Requests\AssetCheckinRequest;
+use App\Models\Asset;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+
+class AssetCheckinController extends Controller
+{
+
+    /**
+    * Returns a view that presents a form to check an asset back into inventory.
+    *
+    * @author [A. Gianotto] [<snipe@snipe.net>]
+    * @param int $assetId
+    * @param string $backto
+    * @since [v1.0]
+    * @return View
+    */
+    public function create($assetId, $backto = null)
+    {
+        // Check if the asset exists
+        if (is_null($asset = Asset::find($assetId))) {
+            // Redirect to the asset management page with error
+            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+        }
+
+        $this->authorize('checkin', $asset);
+        return view('hardware/checkin', compact('asset'))->with('statusLabel_list', Helper::statusLabelList())->with('backto', $backto);
+    }
+
+    /**
+     * Validate and process the form data to check an asset back into inventory.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param AssetCheckinRequest $request
+     * @param int $assetId
+     * @param null $backto
+     * @return Redirect
+     * @since [v1.0]
+     */
+    public function store(AssetCheckinRequest $request, $assetId = null, $backto = null)
+    {
+        // Check if the asset exists
+        if (is_null($asset = Asset::find($assetId))) {
+            // Redirect to the asset management page with error
+            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+        }
+
+        $this->authorize('checkin', $asset);
+
+        if ($asset->assignedType() == Asset::USER) {
+            $user = $asset->assignedTo;
+        }
+        if (is_null($target = $asset->assignedTo)) {
+            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkin.already_checked_in'));
+        }
+
+        $asset->expected_checkin = null;
+        $asset->last_checkout = null;
+        $asset->assigned_to = null;
+        $asset->assignedTo()->disassociate($asset);
+        $asset->assigned_type = null;
+        $asset->accepted = null;
+        $asset->name = e($request->get('name'));
+
+        if ($request->has('status_id')) {
+            $asset->status_id =  e($request->get('status_id'));
+        }
+
+        $asset->location_id = $asset->rtd_location_id;
+
+        if ($request->has('location_id')) {
+            $asset->location_id =  e($request->get('location_id'));
+        }
+
+        // Was the asset updated?
+        if ($asset->save()) {
+            $logaction = $asset->logCheckin($target, e(request('note')));
+
+            $data['log_id'] = $logaction->id;
+            $data['first_name'] = get_class($target) == User::class ? $target->first_name : '';
+            $data['last_name'] = get_class($target) == User::class ? $target->last_name : '';
+            $data['item_name'] = $asset->present()->name();
+            $data['checkin_date'] = $logaction->created_at;
+            $data['item_tag'] = $asset->asset_tag;
+            $data['item_serial'] = $asset->serial;
+            $data['note'] = $logaction->note;
+            $data['manufacturer_name'] = $asset->model->manufacturer->name;
+            $data['model_name'] = $asset->model->name;
+            $data['model_number'] = $asset->model->model_number;
+
+            if ($backto=='user') {
+                return redirect()->route("users.show", $user->id)->with('success', trans('admin/hardware/message.checkin.success'));
+            }
+            return redirect()->route("hardware.index")->with('success', trans('admin/hardware/message.checkin.success'));
+        }
+        // Redirect to the asset management page with error
+        return redirect()->route("hardware.index")->with('error', trans('admin/hardware/message.checkin.error'));
+    }
+}

app/Http/Controllers/AssetCheckoutController.php

@@ -0,0 +1,96 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Exceptions\CheckoutNotAllowed;
+use App\Http\Controllers\CheckInOutRequest;
+use App\Http\Requests\AssetCheckoutRequest;
+use App\Models\Asset;
+use App\Models\Location;
+use App\Models\User;
+use Illuminate\Database\Eloquent\ModelNotFoundException;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+
+class AssetCheckoutController extends Controller
+{
+    use CheckInOutRequest;
+    /**
+    * Returns a view that presents a form to check an asset out to a
+    * user.
+    *
+    * @author [A. Gianotto] [<snipe@snipe.net>]
+    * @param int $assetId
+    * @since [v1.0]
+    * @return View
+    */
+    public function create($assetId)
+    {
+        // Check if the asset exists
+        if (is_null($asset = Asset::find(e($assetId)))) {
+            // Redirect to the asset management page with error
+            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+        }
+
+        $this->authorize('checkout', $asset);
+
+        if ($asset->availableForCheckout()) {
+            return view('hardware/checkout', compact('asset'));
+        }
+        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkout.not_available'));
+
+        // Get the dropdown of users and then pass it to the checkout view
+
+    }
+
+    /**
+     * Validate and process the form data to check out an asset to a user.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param AssetCheckoutRequest $request
+     * @param int $assetId
+     * @return Redirect
+     * @since [v1.0]
+     */
+    public function store(AssetCheckoutRequest $request, $assetId)
+    {
+        try {
+            // Check if the asset exists
+            if (!$asset = Asset::find($assetId)) {
+                return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+            } elseif (!$asset->availableForCheckout()) {
+                return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkout.not_available'));
+            }
+            $this->authorize('checkout', $asset);
+            $admin = Auth::user();
+
+            $target = $this->determineCheckoutTarget($asset);
+            if ($asset->is($target)) {
+                throw new CheckoutNotAllowed('You cannot check an asset out to itself.');
+            }
+            $asset = $this->updateAssetLocation($asset, $target);
+
+            $checkout_at = date("Y-m-d H:i:s");
+            if (($request->has('checkout_at')) && ($request->get('checkout_at')!= date("Y-m-d"))) {
+                $checkout_at = $request->get('checkout_at');
+            }
+
+            $expected_checkin = '';
+            if ($request->has('expected_checkin')) {
+                $expected_checkin = $request->get('expected_checkin');
+            }
+
+            if ($asset->checkOut($target, $admin, $checkout_at, $expected_checkin, e($request->get('note')), $request->get('name'))) {
+                return redirect()->route("hardware.index")->with('success', trans('admin/hardware/message.checkout.success'));
+            }
+
+            // Redirect to the asset management page with error
+            return redirect()->to("hardware/$assetId/checkout")->with('error', trans('admin/hardware/message.checkout.error'))->withErrors($asset->getErrors());
+        } catch (ModelNotFoundException $e) {
+            return redirect()->back()->with('error', trans('admin/hardware/message.checkout.error'))->withErrors($asset->getErrors());
+        } catch (CheckoutNotAllowed $e) {
+            return redirect()->back()->with('error', $e->getMessage());
+        }
+    }
+
+}

app/Http/Controllers/AssetFilesController.php

@@ -0,0 +1,125 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Helpers\Helper;
+use App\Http\Requests\AssetFileRequest;
+use App\Models\Actionlog;
+use App\Models\Asset;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Response;
+
+class AssetFilesController extends Controller
+{
+    /**
+     * Upload a file to the server.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param AssetFileRequest $request
+     * @param int $assetId
+     * @return Redirect
+     * @since [v1.0]
+     */
+    public function store(AssetFileRequest $request, $assetId = null)
+    {
+        if (!$asset = Asset::find($assetId)) {
+            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+        }
+
+        $this->authorize('update', $asset);
+
+        $destinationPath = config('app.private_uploads').'/assets';
+
+        if ($request->hasFile('file')) {
+            foreach ($request->file('file') as $file) {
+                $extension = $file->getClientOriginalExtension();
+                $filename = 'hardware-'.$asset->id.'-'.str_random(8);
+                $filename .= '-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
+                $file->move($destinationPath, $filename);
+                $asset->logUpload($filename, e($request->get('notes')));
+            }
+            return redirect()->back()->with('success', trans('admin/hardware/message.upload.success'));
+        }
+
+        return redirect()->back()->with('error', trans('admin/hardware/message.upload.nofiles'));
+    }
+
+    /**
+    * Check for permissions and display the file.
+    *
+    * @author [A. Gianotto] [<snipe@snipe.net>]
+    * @param  int  $assetId
+    * @param  int  $fileId
+    * @since [v1.0]
+    * @return View
+    */
+    public function show($assetId = null, $fileId = null, $download = true)
+    {
+        $asset = Asset::find($assetId);
+        // the asset is valid
+        if (isset($asset->id)) {
+            $this->authorize('view', $asset);
+
+            if (!$log = Actionlog::find($fileId)) {
+                return response('No matching record for that asset/file', 500)
+                    ->header('Content-Type', 'text/plain');
+            }
+
+            $file = $log->get_src('assets');
+
+            if ($log->action_type =='audit') {
+                $file = $log->get_src('audits');
+            }
+
+            if (!file_exists($file)) {
+                return response('File '.$file.' not found on server', 404)
+                    ->header('Content-Type', 'text/plain');
+            }
+
+            if ($download != 'true') {
+                  if ($contents = file_get_contents($file)) {
+                      return Response::make($contents)->header('Content-Type', mime_content_type($file));
+                  }
+                return JsonResponse::create(["error" => "Failed validation: "], 500);
+            }
+            return Response::download($file);
+        }
+        // Prepare the error message
+        $error = trans('admin/hardware/message.does_not_exist', ['id' => $fileId]);
+
+        // Redirect to the hardware management page
+        return redirect()->route('hardware.index')->with('error', $error);
+    }
+
+    /**
+    * Delete the associated file
+    *
+    * @author [A. Gianotto] [<snipe@snipe.net>]
+    * @param  int  $assetId
+    * @param  int  $fileId
+    * @since [v1.0]
+    * @return View
+    */
+    public function destroy($assetId = null, $fileId = null)
+    {
+        $asset = Asset::find($assetId);
+        $this->authorize('update', $asset);
+        $destinationPath = config('app.private_uploads').'/imports/assets';
+
+        // the asset is valid
+        if (isset($asset->id)) {
+            $this->authorize('update', $asset);
+
+            $log = Actionlog::find($fileId);
+            $full_filename = $destinationPath.'/'.$log->filename;
+            if (file_exists($full_filename)) {
+                unlink($destinationPath.'/'.$log->filename);
+            }
+            $log->delete();
+            return redirect()->back()->with('success', trans('admin/hardware/message.deletefile.success'));
+        }
+
+        // Redirect to the hardware management page
+        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+    }
+}

app/Http/Controllers/AssetMaintenancesController.php

@@ -9,17 +9,18 @@ use Input;
 use Lang;
 use Log;
 use Mail;
-use Redirect;
 use Response;
 use Slack;
 use Str;
-use App\Models\Supplier;
 use TCPDF;
 use Validator;
 use View;
 use App\Models\Setting;
 use App\Models\Asset;
 use App\Helpers\Helper;
+use Auth;
+use Gate;
+use Illuminate\Http\Request;
 
 /**
  * This controller handles all actions related to Asset Maintenance for
@@ -41,7 +42,7 @@ class AssetMaintenancesController extends Controller
     */
     private static function getInsufficientPermissionsRedirect()
     {
-        return redirect()->route('asset_maintenances')
+        return redirect()->route('maintenances.index')
           ->with('error', trans('general.insufficient_permissions'));
     }
 
@@ -56,144 +57,41 @@ class AssetMaintenancesController extends Controller
     * @since [v1.8]
     * @return View
     */
-    public function getIndex()
+    public function index()
     {
-
-        return View::make('asset_maintenances/index');
+        return view('asset_maintenances/index');
     }
 
 
-    /**
-    *  Generates the JSON response for asset maintenances listing view.
-    *
-    * @see AssetMaintenancesController::getIndex() method that generates view
-    * @author  Vincent Sposato <vincent.sposato@gmail.com>
-    * @version v1.0
-    * @since [v1.8]
-    * @return String JSON
-    */
-    public function getDatatable()
-    {
-        $maintenances = AssetMaintenance::with('asset', 'supplier', 'asset.company')
-        ->whereNull('deleted_at');
-
-        if (Input::has('search')) {
-            $maintenances = $maintenances->TextSearch(e(Input::get('search')));
-        }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        $allowed_columns = ['id','title','asset_maintenance_time','asset_maintenance_type','cost','start_date','completion_date','notes'];
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
-
-        $maintenances->orderBy($sort, $order);
-
-        $maintenancesCount = $maintenances->count();
-        $maintenances = $maintenances->skip($offset)->take($limit)->get();
-
-        $rows = array();
-        $settings = Setting::getSettings();
-
-        foreach ($maintenances as $maintenance) {
-
-            $actions = '<nobr><a href="'.route('update/asset_maintenance', $maintenance->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/asset_maintenance', $maintenance->id).'" data-content="'.trans('admin/asset_maintenances/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($maintenance->title).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></nobr>';
-
-            if (($maintenance->cost) && ($maintenance->asset->assetloc) &&  ($maintenance->asset->assetloc->currency!='')) {
-                $maintenance_cost = $maintenance->asset->assetloc->currency.$maintenance->cost;
-            } else {
-                $maintenance_cost = $settings->default_currency.$maintenance->cost;
-            }
-
-            $company = $maintenance->asset->company;
-
-            $rows[] = array(
-                'id'            => $maintenance->id,
-                'asset_name'    =>  (string)link_to('/hardware/'.$maintenance->asset->id.'/view', $maintenance->asset->showAssetName()) ,
-                'title'         => $maintenance->title,
-                'notes'         => $maintenance->notes,
-                'supplier'      => $maintenance->supplier->name,
-                'cost'          => $maintenance_cost,
-                'asset_maintenance_type'          => e($maintenance->asset_maintenance_type),
-                'start_date'         => $maintenance->start_date,
-                'asset_maintenance_time'          => $maintenance->asset_maintenance_time,
-                'completion_date'     => $maintenance->completion_date,
-                'actions'       => $actions,
-                'companyName'   => is_null($company) ? '' : $company->name
-            );
-        }
-
-        $data = array('total' => $maintenancesCount, 'rows' => $rows);
-        return $data;
-
-    }
 
     /**
-    *  Returns a form view to create a new asset maintenance.
-    *
-    * @see AssetMaintenancesController::postCreate() method that stores the data
-    * @author  Vincent Sposato <vincent.sposato@gmail.com>
-    * @version v1.0
-    * @since [v1.8]
-    * @return mixed
-    */
-    public function getCreate($assetId = null)
+     *  Returns a form view to create a new asset maintenance.
+     *
+     * @see AssetMaintenancesController::postCreate() method that stores the data
+     * @author  Vincent Sposato <vincent.sposato@gmail.com>
+     * @version v1.0
+     * @since [v1.8]
+     * @return mixed
+     */
+    public function create()
     {
+        $asset = null;
+
+        if ($asset = Asset::find(request('asset_id'))) {
+            // We have to set this so that the correct property is set in the select2 ajax dropdown
+            $asset->asset_id = $asset->id;
+        }
+
         // Prepare Asset Maintenance Type List
         $assetMaintenanceType = [
                                     '' => 'Select an asset maintenance type',
                                 ] + AssetMaintenance::getImprovementOptions();
         // Mark the selected asset, if it came in
-        $selectedAsset = $assetId;
-        // Get the possible assets using a left join to get a list of assets and some other helpful info
-        $asset = Company::scopeCompanyables(DB::table('assets'), 'assets.company_id')
-                 ->leftJoin('users', 'users.id', '=', 'assets.assigned_to')
-                 ->leftJoin('models', 'assets.model_id', '=', 'models.id')
-                 ->select(
-                     'assets.id',
-                     'assets.name',
-                     'first_name',
-                     'last_name',
-                     'asset_tag',
-                     DB::raw('concat(first_name," ",last_name) as full_name, assets.id as id, models.name as modelname')
-                 )
-                 ->whereNull('assets.deleted_at')
-                 ->get();
-        $asset_array         = json_decode(json_encode($asset), true);
-        $asset_element[ '' ] = 'Please select an asset';
 
-        // Build a list out of the data results
-        for ($x = 0; $x < count($asset_array); $x++) {
-
-            if ($asset_array[ $x ][ 'full_name' ] != '') {
-                $full_name = ' (' . $asset_array[ $x ][ 'full_name' ] . ') ' . $asset_array[ $x ][ 'modelname' ];
-            } else {
-                $full_name = ' (Unassigned) ' . $asset_array[ $x ][ 'modelname' ];
-            }
-            $asset_element[ $asset_array[ $x ][ 'id' ] ] =
-                $asset_array[ $x ][ 'asset_tag' ] . ' - ' . $asset_array[ $x ][ 'name' ] . $full_name;
-        }
-
-        // Get Supplier List
-        $supplier_list = Helper::suppliersList();
-
-        // Render the view
-        return View::make('asset_maintenances/edit')
-                   ->with('asset_list', $asset_element)
-                   ->with('selectedAsset', $selectedAsset)
-                   ->with('supplier_list', $supplier_list)
+        return view('asset_maintenances/edit')
+                   ->with('asset', $asset)
                    ->with('assetMaintenanceType', $assetMaintenanceType)
-                   ->with('assetMaintenance', new AssetMaintenance);
+                   ->with('item', new AssetMaintenance);
     }
 
     /**
@@ -205,61 +103,29 @@ class AssetMaintenancesController extends Controller
     * @since [v1.8]
     * @return mixed
     */
-    public function postCreate()
+    public function store(Request $request)
     {
-
-        // get the POST data
-        $new = Input::all();
-
         // create a new model instance
         $assetMaintenance = new AssetMaintenance();
+        $assetMaintenance->supplier_id = $request->input('supplier_id');
+        $assetMaintenance->is_warranty = $request->input('is_warranty');
+        $assetMaintenance->cost =  e($request->input('cost'));
+        $assetMaintenance->notes = e($request->input('notes'));
+        $asset = Asset::find(e($request->input('asset_id')));
 
-
-        if (e(Input::get('supplier_id')) == '') {
-            $assetMaintenance->supplier_id = null;
-        } else {
-            $assetMaintenance->supplier_id = e(Input::get('supplier_id'));
-        }
-
-        if (e(Input::get('is_warranty')) == '') {
-            $assetMaintenance->is_warranty = 0;
-        } else {
-            $assetMaintenance->is_warranty = e(Input::get('is_warranty'));
-        }
-
-        if (e(Input::get('cost')) == '') {
-            $assetMaintenance->cost = '';
-        } else {
-            $assetMaintenance->cost =  e(Input::get('cost'));
-        }
-
-        if (e(Input::get('notes')) == '') {
-            $assetMaintenance->notes = null;
-        } else {
-            $assetMaintenance->notes = e(Input::get('notes'));
-        }
-
-        $asset = Asset::find(e(Input::get('asset_id')));
-
-        if (!Company::isCurrentUserHasAccess($asset)) {
+        if ((!Company::isCurrentUserHasAccess($asset)) && ($asset!=null)) {
             return static::getInsufficientPermissionsRedirect();
         }
 
         // Save the asset maintenance data
-        $assetMaintenance->asset_id               = e(Input::get('asset_id'));
-        $assetMaintenance->asset_maintenance_type = e(Input::get('asset_maintenance_type'));
-        $assetMaintenance->title                  = e(Input::get('title'));
-        $assetMaintenance->start_date             = e(Input::get('start_date'));
-        $assetMaintenance->completion_date        = e(Input::get('completion_date'));
+        $assetMaintenance->asset_id               = $request->input('asset_id');
+        $assetMaintenance->asset_maintenance_type = $request->input('asset_maintenance_type');
+        $assetMaintenance->title                  = $request->input('title');
+        $assetMaintenance->start_date             = $request->input('start_date');
+        $assetMaintenance->completion_date        = $request->input('completion_date');
+        $assetMaintenance->user_id                = Auth::id();
 
-        if (( $assetMaintenance->completion_date == "" )
-            || ( $assetMaintenance->completion_date == "0000-00-00" )
-        ) {
-            $assetMaintenance->completion_date = null;
-        }
-
-        if (( $assetMaintenance->completion_date !== "" )
-            && ( $assetMaintenance->completion_date !== "0000-00-00" )
+        if (( $assetMaintenance->completion_date !== null )
             && ( $assetMaintenance->start_date !== "" )
             && ( $assetMaintenance->start_date !== "0000-00-00" )
         ) {
@@ -270,17 +136,13 @@ class AssetMaintenancesController extends Controller
 
         // Was the asset maintenance created?
         if ($assetMaintenance->save()) {
-
             // Redirect to the new asset maintenance page
-            return redirect()->to("admin/asset_maintenances")
+            return redirect()->route('maintenances.index')
                            ->with('success', trans('admin/asset_maintenances/message.create.success'));
         }
 
         return redirect()->back()->withInput()->withErrors($assetMaintenance->getErrors());
 
-
-
-
     }
 
     /**
@@ -293,13 +155,16 @@ class AssetMaintenancesController extends Controller
     * @since [v1.8]
     * @return mixed
     */
-    public function getEdit($assetMaintenanceId = null)
+    public function edit($assetMaintenanceId = null)
     {
         // Check if the asset maintenance exists
         if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
             // Redirect to the improvement management page
-            return redirect()->to('admin/asset_maintenances')
+            return redirect()->route('maintenances.index')
                            ->with('error', trans('admin/asset_maintenances/message.not_found'));
+        } elseif (!$assetMaintenance->asset) {
+            return redirect()->route('maintenances.index')
+                ->with('error', 'The asset associated with this maintenance does not exist.');
         } elseif (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
             return static::getInsufficientPermissionsRedirect();
         }
@@ -321,115 +186,57 @@ class AssetMaintenancesController extends Controller
                                     '' => 'Select an improvement type',
                                 ] + AssetMaintenance::getImprovementOptions();
 
-        // Get the possible assets using a left join to get a list of assets and some other helpful info
-        $asset = Company::scopeCompanyables(DB::table('assets'), 'assets.company_id')
-                 ->leftJoin('users', 'users.id', '=', 'assets.assigned_to')
-                 ->leftJoin('models', 'assets.model_id', '=', 'models.id')
-                 ->select(
-                     'assets.id',
-                     'assets.name',
-                     'first_name',
-                     'last_name',
-                     'asset_tag',
-                     DB::raw('concat(first_name," ",last_name) as full_name, assets.id as id, models.name as modelname')
-                 )
-                 ->whereNull('assets.deleted_at')
-                 ->get();
-        $asset_array         = json_decode(json_encode($asset), true);
-        $asset_element[ '' ] = 'Please select an asset';
-
-        // Build a list out of the data results
-        for ($x = 0; $x < count($asset_array); $x++) {
-
-            if ($asset_array[ $x ][ 'full_name' ] != '') {
-                $full_name = ' (' . $asset_array[ $x ][ 'full_name' ] . ') ' . $asset_array[ $x ][ 'modelname' ];
-            } else {
-                $full_name = ' (Unassigned) ' . $asset_array[ $x ][ 'modelname' ];
-            }
-            $asset_element[ $asset_array[ $x ][ 'id' ] ] =
-                $asset_array[ $x ][ 'asset_tag' ] . ' - ' . $asset_array[ $x ][ 'name' ] . $full_name;
-        }
         // Get Supplier List
-        $supplier_list = Helper::suppliersList();
-
         // Render the view
-        return View::make('asset_maintenances/edit')
-                   ->with('asset_list', $asset_element)
+        return view('asset_maintenances/edit')
                    ->with('selectedAsset', null)
-                   ->with('supplier_list', $supplier_list)
                    ->with('assetMaintenanceType', $assetMaintenanceType)
-                   ->with('assetMaintenance', $assetMaintenance);
+                   ->with('item', $assetMaintenance);
 
     }
 
     /**
-    *  Validates and stores an update to an asset maintenance
-    *
-    * @see AssetMaintenancesController::postEdit() method that stores the data
-    * @author  Vincent Sposato <vincent.sposato@gmail.com>
-    * @param int $assetMaintenanceId
-    * @version v1.0
-    * @since [v1.8]
-    * @return mixed
-    */
-    public function postEdit($assetMaintenanceId = null)
+     *  Validates and stores an update to an asset maintenance
+     *
+     * @see AssetMaintenancesController::postEdit() method that stores the data
+     * @author  Vincent Sposato <vincent.sposato@gmail.com>
+     * @param Request $request
+     * @param int $assetMaintenanceId
+     * @return mixed
+     * @version v1.0
+     * @since [v1.8]
+     */
+    public function update(Request $request, $assetMaintenanceId = null)
     {
-
-        // get the POST data
-        $new = Input::all();
-
         // Check if the asset maintenance exists
         if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
             // Redirect to the asset maintenance management page
-            return redirect()->to('admin/asset_maintenances')
+            return redirect()->route('maintenances.index')
                            ->with('error', trans('admin/asset_maintenances/message.not_found'));
         } elseif (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
             return static::getInsufficientPermissionsRedirect();
         }
 
+        $assetMaintenance->supplier_id = e($request->input('supplier_id'));
+        $assetMaintenance->is_warranty = e($request->input('is_warranty'));
+        $assetMaintenance->cost =  Helper::ParseFloat(e($request->input('cost')));
+        $assetMaintenance->notes = e($request->input('notes'));
 
-
-        if (e(Input::get('supplier_id')) == '') {
-            $assetMaintenance->supplier_id = null;
-        } else {
-            $assetMaintenance->supplier_id = e(Input::get('supplier_id'));
-        }
-
-        if (e(Input::get('is_warranty')) == '') {
-            $assetMaintenance->is_warranty = 0;
-        } else {
-            $assetMaintenance->is_warranty = e(Input::get('is_warranty'));
-        }
-
-        if (e(Input::get('cost')) == '') {
-            $assetMaintenance->cost = '';
-        } else {
-            $assetMaintenance->cost =  e(Input::get('cost'));
-        }
-
-        if (e(Input::get('notes')) == '') {
-            $assetMaintenance->notes = null;
-        } else {
-            $assetMaintenance->notes = e(Input::get('notes'));
-        }
-
-        $asset = Asset::find(e(Input::get('asset_id')));
+        $asset = Asset::find(request('asset_id'));
 
         if (!Company::isCurrentUserHasAccess($asset)) {
             return static::getInsufficientPermissionsRedirect();
         }
 
         // Save the asset maintenance data
-        $assetMaintenance->asset_id               = e(Input::get('asset_id'));
-        $assetMaintenance->asset_maintenance_type = e(Input::get('asset_maintenance_type'));
-        $assetMaintenance->title                  = e(Input::get('title'));
-        $assetMaintenance->start_date             = e(Input::get('start_date'));
-        $assetMaintenance->completion_date        = e(Input::get('completion_date'));
+        $assetMaintenance->asset_id               = $request->input('asset_id');
+        $assetMaintenance->asset_maintenance_type = $request->input('asset_maintenance_type');
+        $assetMaintenance->title                  = $request->input('title');
+        $assetMaintenance->start_date             = $request->input('start_date');
+        $assetMaintenance->completion_date        = $request->input('completion_date');
 
-        if (( $assetMaintenance->completion_date == "" )
-          || ( $assetMaintenance->completion_date == "0000-00-00" )
+        if (( $assetMaintenance->completion_date == null )
         ) {
-            $assetMaintenance->completion_date = null;
             if (( $assetMaintenance->asset_maintenance_time !== 0 )
               || ( !is_null($assetMaintenance->asset_maintenance_time) )
             ) {
@@ -437,8 +244,7 @@ class AssetMaintenancesController extends Controller
             }
         }
 
-        if (( $assetMaintenance->completion_date !== "" )
-          && ( $assetMaintenance->completion_date !== "0000-00-00" )
+        if (( $assetMaintenance->completion_date !== null )
           && ( $assetMaintenance->start_date !== "" )
           && ( $assetMaintenance->start_date !== "0000-00-00" )
         ) {
@@ -451,12 +257,10 @@ class AssetMaintenancesController extends Controller
         if ($assetMaintenance->save()) {
 
             // Redirect to the new asset maintenance page
-            return redirect()->to("admin/asset_maintenances")
-                         ->with('success', trans('admin/asset_maintenances/message.create.success'));
+            return redirect()->route('maintenances.index')
+                         ->with('success', trans('admin/asset_maintenances/message.edit.success'));
         }
-        return redirect()->back() ->withInput()->withErrors($assetMaintenance->getErrors());
-
-
+        return redirect()->back()->withInput()->withErrors($assetMaintenance->getErrors());
     }
 
     /**
@@ -468,12 +272,12 @@ class AssetMaintenancesController extends Controller
     * @since [v1.8]
     * @return mixed
     */
-    public function getDelete($assetMaintenanceId)
+    public function destroy($assetMaintenanceId)
     {
         // Check if the asset maintenance exists
         if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
             // Redirect to the asset maintenance management page
-            return redirect()->to('admin/asset_maintenances')
+            return redirect()->route('maintenances.index')
                            ->with('error', trans('admin/asset_maintenances/message.not_found'));
         } elseif (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
             return static::getInsufficientPermissionsRedirect();
@@ -483,7 +287,7 @@ class AssetMaintenancesController extends Controller
         $assetMaintenance->delete();
 
         // Redirect to the asset_maintenance management page
-        return redirect()->to('admin/asset_maintenances')
+        return redirect()->route('maintenances.index')
                        ->with('success', trans('admin/asset_maintenances/message.delete.success'));
     }
 
@@ -496,17 +300,17 @@ class AssetMaintenancesController extends Controller
     * @since [v1.8]
     * @return View
     */
-    public function getView($assetMaintenanceId)
+    public function show($assetMaintenanceId)
     {
         // Check if the asset maintenance exists
         if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
             // Redirect to the asset maintenance management page
-            return redirect()->to('admin/asset_maintenances')
+            return redirect()->route('maintenances.index')
                            ->with('error', trans('admin/asset_maintenances/message.not_found'));
         } elseif (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
             return static::getInsufficientPermissionsRedirect();
         }
 
-        return View::make('asset_maintenances/view')->with('assetMaintenance', $assetMaintenance);
+        return view('asset_maintenances/view')->with('assetMaintenance', $assetMaintenance);
     }
 }

app/Http/Controllers/AssetModelsController.php

@@ -1,16 +1,14 @@
 <?php
 namespace App\Http\Controllers;
 
+use App\Models\CustomField;
 use Image;
 use Input;
 use Lang;
 use App\Models\AssetModel;
 use Redirect;
-use App\Models\Setting;
 use Auth;
 use DB;
-use App\Models\Depreciation;
-use App\Models\Manufacturer;
 use Str;
 use Validator;
 use View;
@@ -18,6 +16,8 @@ use App\Models\Asset;
 use App\Models\Company;
 use Config;
 use App\Helpers\Helper;
+use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
 
 use Symfony\Component\HttpFoundation\JsonResponse;
 
@@ -35,14 +35,13 @@ class AssetModelsController extends Controller
     * the content for the accessories listing, which is generated in getDatatable.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see AssetModelsController::getDatatable() method that generates the JSON response
     * @since [v1.0]
     * @return View
     */
-    public function getIndex()
+    public function index()
     {
-        // Show the page
-        return View::make('models/index');
+        $this->authorize('index', AssetModel::class);
+        return view('models/index');
     }
 
     /**
@@ -52,17 +51,13 @@ class AssetModelsController extends Controller
     * @since [v1.0]
     * @return View
     */
-    public function getCreate()
+    public function create()
     {
-        // Show the page
-        $depreciation_list = \App\Helpers\Helper::depreciationList();
-        $manufacturer_list = \App\Helpers\Helper::manufacturerList();
-        $category_list = \App\Helpers\Helper::categoryList();
-        return View::make('models/edit')
-        ->with('category_list', $category_list)
-        ->with('depreciation_list', $depreciation_list)
-        ->with('manufacturer_list', $manufacturer_list)
-        ->with('model', new AssetModel);
+        $this->authorize('create', AssetModel::class);
+        $category_type = 'asset';
+        return view('models/edit')->with('category_type',$category_type)
+        ->with('depreciation_list', Helper::depreciationList())
+        ->with('item', new AssetModel);
     }
 
 
@@ -73,98 +68,58 @@ class AssetModelsController extends Controller
     * @since [v1.0]
     * @return Redirect
     */
-    public function postCreate()
+    public function store(ImageUploadRequest $request)
     {
 
+        $this->authorize('create', AssetModel::class);
         // Create a new asset model
         $model = new AssetModel;
 
+        // Save the model data
+        $model->eol = $request->input('eol');
+        $model->depreciation_id = $request->input('depreciation_id');
+        $model->name                = $request->input('name');
+        $model->model_number        = $request->input('model_number');
+        $model->manufacturer_id     = $request->input('manufacturer_id');
+        $model->category_id         = $request->input('category_id');
+        $model->notes               = $request->input('notes');
+        $model->user_id             = Auth::id();
+        $model->requestable         = Input::has('requestable');
 
-        if (e(Input::get('depreciation_id')) == '') {
-            $model->depreciation_id =  0;
-        } else {
-            $model->depreciation_id = e(Input::get('depreciation_id'));
+        if ($request->input('custom_fieldset')!='') {
+            $model->fieldset_id = e($request->input('custom_fieldset'));
         }
 
-        if (e(Input::get('eol')) == '') {
-            $model->eol =  0;
-        } else {
-            $model->eol = e(Input::get('eol'));
-        }
-
-            // Save the model data
-            $model->name                = e(Input::get('name'));
-            $model->modelno             = e(Input::get('modelno'));
-            $model->manufacturer_id     = e(Input::get('manufacturer_id'));
-            $model->category_id         = e(Input::get('category_id'));
-            $model->note            = e(Input::get('note'));
-            $model->user_id             = Auth::user()->id;
-        if (Input::get('custom_fieldset')!='') {
-            $model->fieldset_id = e(Input::get('custom_fieldset'));
-        }
-
-            //$model->show_mac_address 	= e(Input::get('show_mac_address', '0'));
-
-
         if (Input::file('image')) {
+
             $image = Input::file('image');
-            $file_name = str_random(25).".".$image->getClientOriginalExtension();
-            $path = public_path('uploads/models/'.$file_name);
-          // Image::make($image->getRealPath())->resize(300, null, function ($constraint) {
-          //     $constraint->aspectRatio();
-          //     $constraint->upsize();
-          // })->save($path);
+            $file_name = str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
+            $path = app('models_upload_path');
+
+            if ($image->getClientOriginalExtension()!='svg') {
+                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                    $constraint->aspectRatio();
+                    $constraint->upsize();
+                })->save($path.'/'.$file_name);
+            } else {
+                $image->move($path, $file_name);
+            }
             $model->image = $file_name;
+
         }
 
             // Was it created?
         if ($model->save()) {
+            if ($this->shouldAddDefaultValues($request->input())) {
+                $this->assignCustomFieldsDefaultValues($model, $request->input('default_values'));
+            }
+
             // Redirect to the new model  page
-            return redirect()->to("hardware/models")->with('success', trans('admin/models/message.create.success'));
+            return redirect()->route("models.index")->with('success', trans('admin/models/message.create.success'));
         }
-
-            return redirect()->back()->withInput()->withErrors($model->getErrors());
-
+        return redirect()->back()->withInput()->withErrors($model->getErrors());
     }
 
-    /**
-    * Validates and stores new Asset Model data created from the
-    * modal form on the Asset Creation view.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v2.0]
-    * @return String JSON
-    */
-    public function store()
-    {
-      //COPYPASTA!!!! FIXME
-        $model = new AssetModel;
-
-        $settings=Input::all();
-        $settings['eol']=0;
-
-        $model->name=e(Input::get('name'));
-        $model->manufacturer_id = e(Input::get('manufacturer_id'));
-        $model->category_id = e(Input::get('category_id'));
-        $model->modelno = e(Input::get('modelno'));
-        $model->user_id = Auth::user()->id;
-        $model->note            = e(Input::get('note'));
-        $model->eol=0;
-
-        if (Input::get('fieldset_id')=='') {
-            $model->fieldset_id = null;
-        } else {
-            $model->fieldset_id = e(Input::get('fieldset_id'));
-        }
-
-        if ($model->save()) {
-            return JsonResponse::create($model);
-        } else {
-            return JsonResponse::create(["error" => "Failed validation: ".print_r($model->getErrors()->all('<li>:message</li>'), true)], 500);
-        }
-    }
-
-
     /**
     * Returns a view containing the asset model edit form.
     *
@@ -173,22 +128,18 @@ class AssetModelsController extends Controller
     * @param int $modelId
     * @return View
     */
-    public function getEdit($modelId = null)
+    public function edit($modelId = null)
     {
-        // Check if the model exists
-        if (is_null($model = AssetModel::find($modelId))) {
-            // Redirect to the model management page
-            return redirect()->to('assets/models')->with('error', trans('admin/models/message.does_not_exist'));
+        $this->authorize('update', AssetModel::class);
+        if ($item = AssetModel::find($modelId)) {
+            $category_type = 'asset';
+            $view = View::make('models/edit', compact('item','category_type'));
+            $view->with('depreciation_list', Helper::depreciationList());
+            return $view;
         }
 
-        $depreciation_list = \App\Helpers\Helper::depreciationList();
-        $manufacturer_list = \App\Helpers\Helper::manufacturerList();
-        $category_list = \App\Helpers\Helper::categoryList();
-        $view = View::make('models/edit', compact('model'));
-        $view->with('category_list', $category_list);
-        $view->with('depreciation_list', $depreciation_list);
-        $view->with('manufacturer_list', $manufacturer_list);
-        return $view;
+        return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
+
     }
 
 
@@ -201,66 +152,72 @@ class AssetModelsController extends Controller
     * @param int $modelId
     * @return Redirect
     */
-    public function postEdit($modelId = null)
+    public function update(ImageUploadRequest $request, $modelId = null)
     {
+        $this->authorize('update', AssetModel::class);
         // Check if the model exists
         if (is_null($model = AssetModel::find($modelId))) {
             // Redirect to the models management page
-            return redirect()->to('admin/models')->with('error', trans('admin/models/message.does_not_exist'));
+            return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
         }
 
+        $model->depreciation_id     = $request->input('depreciation_id');
+        $model->eol                 = $request->input('eol');
+        $model->name                = $request->input('name');
+        $model->model_number        = $request->input('model_number');
+        $model->manufacturer_id     = $request->input('manufacturer_id');
+        $model->category_id         = $request->input('category_id');
+        $model->notes               = $request->input('notes');
+        $model->requestable         = $request->input('requestable', '0');
 
-        if (e(Input::get('depreciation_id')) == '') {
-            $model->depreciation_id =  0;
-        } else {
-            $model->depreciation_id = e(Input::get('depreciation_id'));
-        }
+        $this->removeCustomFieldsDefaultValues($model);
 
-        if (e(Input::get('eol')) == '') {
-            $model->eol =  0;
-        } else {
-            $model->eol = e(Input::get('eol'));
-        }
-
-        // Update the model data
-        $model->name                = e(Input::get('name'));
-        $model->modelno             = e(Input::get('modelno'));
-        $model->manufacturer_id     = e(Input::get('manufacturer_id'));
-        $model->category_id         = e(Input::get('category_id'));
-        $model->note            = e(Input::get('note'));
-        if (Input::get('custom_fieldset')=='') {
+        if ($request->input('custom_fieldset')=='') {
             $model->fieldset_id = null;
         } else {
-            $model->fieldset_id = e(Input::get('custom_fieldset'));
+            $model->fieldset_id = $request->input('custom_fieldset');
+
+            if ($this->shouldAddDefaultValues($request->input())) {
+                $this->assignCustomFieldsDefaultValues($model, $request->input('default_values'));
+            }
         }
 
-        if (Input::file('image')) {
-            $image = Input::file('image');
-            $file_name = str_random(25).".".$image->getClientOriginalExtension();
-            $path = public_path('uploads/models/'.$file_name);
-            Image::make($image->getRealPath())->resize(300, null, function ($constraint) {
-                $constraint->aspectRatio();
-                $constraint->upsize();
-            })->save($path);
-            $model->image = $file_name;
-        }
+        $old_image = $model->image;
 
-        if (Input::get('image_delete') == 1 && Input::file('image') == "") {
+        // Set the model's image property to null if the image is being deleted
+        if ($request->input('image_delete') == 1) {
             $model->image = null;
         }
 
-        // Was it created?
-        if ($model->save()) {
-            // Redirect to the new model  page
-            return redirect()->to("hardware/models")->with('success', trans('admin/models/message.update.success'));
-        } else {
-            return redirect()->back()->withInput()->withErrors($model->getErrors());
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = $model->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
+
+            if ($image->getClientOriginalExtension()!='svg') {
+                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                    $constraint->aspectRatio();
+                    $constraint->upsize();
+                })->save(app('models_upload_path').$file_name);
+            } else {
+                $image->move(app('models_upload_path'), $file_name);
+            }
+            $model->image = $file_name;
+
+        }
+
+        if ((($request->file('image')) && (isset($old_image)) && ($old_image!='')) || ($request->input('image_delete') == 1)) {
+            try  {
+                unlink(app('models_upload_path').$old_image);
+            } catch (\Exception $e) {
+                \Log::info($e);
+            }
         }
 
 
-        // Redirect to the model create page
-        return redirect()->to("hardware/models/$modelId/edit")->with('error', trans('admin/models/message.update.error'));
-
+        if ($model->save()) {
+            return redirect()->route("models.index")->with('success', trans('admin/models/message.update.success'));
+        }
+        return redirect()->back()->withInput()->withErrors($model->getErrors());
     }
 
     /**
@@ -272,25 +229,32 @@ class AssetModelsController extends Controller
     * @param int $modelId
     * @return Redirect
     */
-    public function getDelete($modelId)
+    public function destroy($modelId)
     {
+        $this->authorize('delete', AssetModel::class);
         // Check if the model exists
         if (is_null($model = AssetModel::find($modelId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('hardware/models')->with('error', trans('admin/models/message.not_found'));
+            return redirect()->route('models.index')->with('error', trans('admin/models/message.not_found'));
         }
 
-        if ($model->assets->count() > 0) {
+        if ($model->assets()->count() > 0) {
             // Throw an error that this model is associated with assets
-            return redirect()->to('hardware/models')->with('error', trans('admin/models/message.assoc_users'));
-
-        } else {
-            // Delete the model
-            $model->delete();
-
-            // Redirect to the models management page
-            return redirect()->to('hardware/models')->with('success', trans('admin/models/message.delete.success'));
+            return redirect()->route('models.index')->with('error', trans('admin/models/message.assoc_users'));
         }
+
+        if ($model->image) {
+            try  {
+                unlink(public_path().'/uploads/models/'.$model->image);
+            } catch (\Exception $e) {
+                \Log::info($e);
+            }
+        }
+
+        // Delete the model
+        $model->delete();
+
+        // Redirect to the models management page
+        return redirect()->route('models.index')->with('success', trans('admin/models/message.delete.success'));
     }
 
 
@@ -304,7 +268,7 @@ class AssetModelsController extends Controller
     */
     public function getRestore($modelId = null)
     {
-
+        $this->authorize('create', AssetModel::class);
         // Get user information
         $model = AssetModel::withTrashed()->find($modelId);
 
@@ -317,11 +281,10 @@ class AssetModelsController extends Controller
             $success = trans('admin/models/message.restore.success');
 
             // Redirect back
-            return redirect()->back()->with('success', $success);
+            return redirect()->route('models.index')->with('success', $success);
 
-        } else {
-            return redirect()->back()->with('error', trans('admin/models/message.not_found'));
         }
+        return redirect()->back()->with('error', trans('admin/models/message.not_found'));
 
     }
 
@@ -334,21 +297,19 @@ class AssetModelsController extends Controller
     * @param int $modelId
     * @return View
     */
-    public function getView($modelId = null)
+    public function show($modelId = null)
     {
+        $this->authorize('view', AssetModel::class);
         $model = AssetModel::withTrashed()->find($modelId);
 
         if (isset($model->id)) {
-                return View::make('models/view', compact('model'));
-        } else {
-            // Prepare the error message
-            $error = trans('admin/models/message.does_not_exist', compact('id'));
-
-            // Redirect to the user management page
-            return redirect()->route('models')->with('error', $error);
+            return view('models/view', compact('model'));
         }
+        // Prepare the error message
+        $error = trans('admin/models/message.does_not_exist', compact('id'));
 
-
+        // Redirect to the user management page
+        return redirect()->route('models.index')->with('error', $error);
     }
 
     /**
@@ -363,22 +324,16 @@ class AssetModelsController extends Controller
     {
         // Check if the model exists
         if (is_null($model_to_clone = AssetModel::find($modelId))) {
-            // Redirect to the model management page
-            return redirect()->to('assets/models')->with('error', trans('admin/models/message.does_not_exist'));
+            return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
         }
 
         $model = clone $model_to_clone;
         $model->id = null;
 
         // Show the page
-        $depreciation_list = array('' => 'Do Not Depreciate') + Depreciation::lists('name', 'id');
-        $manufacturer_list = array('' => 'Select One') + Manufacturer::lists('name', 'id');
-        $category_list = array('' => '') + DB::table('categories')->whereNull('deleted_at')->lists('name', 'id');
         $view = View::make('models/edit');
-        $view->with('category_list', $category_list);
-        $view->with('depreciation_list', $depreciation_list);
-        $view->with('manufacturer_list', $manufacturer_list);
-        $view->with('model', $model);
+        $view->with('depreciation_list', Helper::depreciationList());
+        $view->with('item', $model);
         $view->with('clone_model', $model_to_clone);
         return $view;
 
@@ -395,156 +350,187 @@ class AssetModelsController extends Controller
     */
     public function getCustomFields($modelId)
     {
-        $model=AssetModel::find($modelId);
-        return View::make("models.custom_fields_form")->with("model", $model);
+        $model = AssetModel::find($modelId);
+        return view("models.custom_fields_form")->with("model", $model);
     }
 
 
 
+
     /**
-    * Get the JSON response to populate the data tables on the
-    * Asset Model listing page.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v2.0]
-    * @param string $status
-    * @return String JSON
-    */
-
-    public function getDatatable($status = null)
+     * Returns a view that allows the user to bulk edit model attrbutes
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.7]
+     * @return \Illuminate\Contracts\View\View
+     */
+    public function postBulkEdit(Request $request)
     {
-        $models = AssetModel::with('category', 'assets', 'depreciation');
 
-        switch ($status) {
-            case 'Deleted':
-                $models->withTrashed()->Deleted();
-                break;
-        }
+        $models_raw_array = Input::get('ids');
+
+        // Make sure some IDs have been selected
+        if ((is_array($models_raw_array)) && (count($models_raw_array) > 0)) {
 
 
-        if (Input::has('search')) {
-            $models = $models->TextSearch(Input::get('search'));
-        }
+            $models = AssetModel::whereIn('id', $models_raw_array)->withCount('assets')->orderBy('assets_count', 'ASC')->get();
 
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
+            // If deleting....
+            if ($request->input('bulk_actions')=='delete') {
+                $valid_count = 0;
+                foreach ($models as $model) {
+                    if ($model->assets_count == 0) {
+                        $valid_count++;
+                    }
+                }
+                return view('models/bulk-delete', compact('models'))->with('valid_count', $valid_count);
 
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-
-        $allowed_columns = ['id','name','modelno'];
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
-
-        $models = $models->orderBy($sort, $order);
-
-        $modelCount = $models->count();
-        $models = $models->skip($offset)->take($limit)->get();
-
-        $rows = array();
-
-        foreach ($models as $model) {
-            if ($model->deleted_at == '') {
-                $actions = '<div style=" white-space: nowrap;"><a href="'.route('update/model', $model->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/model', $model->id).'" data-content="'.trans('admin/models/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($model->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
+            // Otherwise display the bulk edit screen
             } else {
-                $actions = '<a href="'.route('restore/model', $model->id).'" class="btn btn-warning btn-sm"><i class="fa fa-recycle icon-white"></i></a>';
+
+                $nochange = ['NC' => 'No Change'];
+                $fieldset_list = $nochange + Helper::customFieldsetList();
+                $depreciation_list = $nochange + Helper::depreciationList();
+
+                return view('models/bulk-edit', compact('models'))
+                    ->with('fieldset_list', $fieldset_list)
+                    ->with('depreciation_list', $depreciation_list);
             }
 
-            $rows[] = array(
-                'id'      => $model->id,
-                'manufacturer'      => (string)link_to('/admin/settings/manufacturers/'.$model->manufacturer->id.'/view', $model->manufacturer->name),
-                'name'              => (string)link_to('/hardware/models/'.$model->id.'/view', $model->name),
-                'image' => ($model->image!='') ? '<img src="'.config('app.url').'/uploads/models/'.$model->image.'" height=50 width=50>' : '',
-                'modelnumber'       => $model->modelno,
-                'numassets'         => $model->assets->count(),
-                'depreciation'      => (($model->depreciation)&&($model->depreciation->id > 0)) ? $model->depreciation->name.' ('.$model->depreciation->months.')' : trans('general.no_depreciation'),
-                'category'          => ($model->category) ? $model->category->name : '',
-                'eol'               => ($model->eol) ? $model->eol.' '.trans('general.months') : '',
-                'note'       => $model->getNote(),
-                'actions'           => $actions
-                );
         }
 
-        $data = array('total' => $modelCount, 'rows' => $rows);
+        return redirect()->route('models.index')
+            ->with('error', 'You must select at least one model to edit.');
 
-        return $data;
     }
 
 
+
     /**
-    * Get the asset information to present to the model view detail page
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v2.0]
-    * @param int $modelId
-    * @return String JSON
-    */
-    public function getDataView($modelID)
+     * Returns a view that allows the user to bulk edit model attrbutes
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.7]
+     * @return \Illuminate\Contracts\View\View
+     */
+    public function postBulkEditSave(Request $request)
     {
-        $assets = Asset::where('model_id', '=', $modelID)->with('company');
 
-        if (Input::has('search')) {
-            $assets = $assets->TextSearch(e(Input::get('search')));
+        $models_raw_array = Input::get('ids');
+        $update_array = array();
+
+
+        if (($request->has('manufacturer_id') && ($request->input('manufacturer_id')!='NC'))) {
+            $update_array['manufacturer_id'] = $request->input('manufacturer_id');
         }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
+        if (($request->has('category_id') && ($request->input('category_id')!='NC'))) {
+            $update_array['category_id'] = $request->input('category_id');
         }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
+        if ($request->input('fieldset_id')!='NC') {
+            $update_array['fieldset_id'] = $request->input('fieldset_id');
+        }
+        if ($request->input('depreciation_id')!='NC') {
+            $update_array['depreciation_id'] = $request->input('depreciation_id');
         }
 
 
-        $allowed_columns = ['name', 'serial','asset_tag'];
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
+        
+        if (count($update_array) > 0) {
+            AssetModel::whereIn('id', $models_raw_array)->update($update_array);
+            return redirect()->route('models.index')
+                ->with('success', trans('admin/models/message.bulkedit.success'));
+        }
 
-        $assets = $assets->orderBy($sort, $order);
+        return redirect()->route('models.index')
+            ->with('warning', trans('admin/models/message.bulkedit.error'));
 
-        $assetsCount = $assets->count();
-        $assets = $assets->skip($offset)->take($limit)->get();
+    }
 
-        $rows = array();
+    /**
+     * Validate and delete the given Asset Models. An Asset Model
+     * cannot be deleted if there are associated assets.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param int $modelId
+     * @return Redirect
+     */
+    public function postBulkDelete(Request $request)
+    {
+        $models_raw_array = Input::get('ids');
 
+        if ((is_array($models_raw_array)) && (count($models_raw_array) > 0)) {
 
-        foreach ($assets as $asset) {
-            $actions = '';
+            $models = AssetModel::whereIn('id', $models_raw_array)->withCount('assets')->get();
 
-            if ($asset->assetstatus) {
-                if ($asset->assetstatus->deployable != 0) {
-                    if (($asset->assigned_to !='') && ($asset->assigned_to > 0)) {
-                        $actions = '<a href="'.route('checkin/hardware', $asset->id).'" class="btn btn-primary btn-sm">'.trans('general.checkin').'</a>';
-                    } else {
-                        $actions = '<a href="'.route('checkout/hardware', $asset->id).'" class="btn btn-info btn-sm">'.trans('general.checkout').'</a>';
-                    }
+            $del_error_count = 0;
+            $del_count = 0;
+
+            foreach ($models as $model) {
+                \Log::debug($model->id);
+
+                if ($model->assets_count > 0) {
+                    $del_error_count++;
+                } else {
+                    $model->delete();
+                    $del_count++;
                 }
             }
 
-            $rows[] = array(
-                'id'            => $asset->id,
-                'name'          => (string)link_to('/hardware/'.$asset->id.'/view', $asset->showAssetName()),
-                'asset_tag'     => (string)link_to('hardware/'.$asset->id.'/view', $asset->asset_tag),
-                'serial'        => $asset->serial,
-                'assigned_to'   => ($asset->assigned_to) ? (string)link_to('/admin/users/'.$asset->assigned_to.'/view', $asset->assigneduser->fullName()) : '',
-                'actions'       => $actions,
-                'companyName'   => Company::getName($asset)
-            );
+            \Log::debug($del_count);
+            \Log::debug($del_error_count);
+
+            if ($del_error_count == 0) {
+                return redirect()->route('models.index')
+                    ->with('success', trans('admin/models/message.bulkdelete.success',['success_count'=> $del_count] ));
+            }
+
+            return redirect()->route('models.index')
+                ->with('warning', trans('admin/models/message.bulkdelete.success_partial', ['fail_count'=>$del_error_count, 'success_count'=> $del_count]));
         }
 
-        $data = array('total' => $assetsCount, 'rows' => $rows);
+        return redirect()->route('models.index')
+            ->with('error', trans('admin/models/message.bulkdelete.error'));
 
-        return $data;
+    }
+
+    /**
+     * Returns true if a fieldset is set, 'add default values' is ticked and if
+     * any default values were entered into the form.
+     *
+     * @param  array  $input
+     * @return boolean
+     */
+    private function shouldAddDefaultValues(array $input)
+    {
+        return !empty($input['add_default_values'])
+            && !empty($input['default_values'])
+            && !empty($input['custom_fieldset']);
+    }
+
+    /**
+     * Adds default values to a model (as long as they are truthy)
+     *
+     * @param  AssetModel $model
+     * @param  array      $defaultValues
+     * @return void
+     */
+    private function assignCustomFieldsDefaultValues(AssetModel $model, array $defaultValues)
+    {
+        foreach ($defaultValues as $customFieldId => $defaultValue) {
+            if ($defaultValue) {
+                $model->defaultValues()->attach($customFieldId, ['default_value' => $defaultValue]);
+            }
+        }
+    }
+
+    /**
+     * Removes all default values
+     *
+     * @return void
+     */
+    private function removeCustomFieldsDefaultValues(AssetModel $model)
+    {
+        $model->defaultValues()->detach();
     }
 }

app/Http/Controllers/Auth/AuthController.php

@@ -1,276 +0,0 @@
-<?php
-
-namespace App\Http\Controllers\Auth;
-
-use Validator;
-use App\Http\Controllers\Controller;
-use Illuminate\Foundation\Auth\ThrottlesLogins;
-use App\Models\Setting;
-use App\Models\User;
-use Auth;
-use Config;
-use Illuminate\Http\Request;
-use Input;
-use Redirect;
-use Log;
-use View;
-
-/**
- * This controller handles authentication for the user, including local
- * database users and LDAP users.
- *
- * @todo Move LDAP methods into user model for better separation of concerns.
- * @author [A. Gianotto] [<snipe@snipe.net>]
- * @version    v1.0
- */
-class AuthController extends Controller
-{
-
-    use ThrottlesLogins;
-
-    // This tells the auth controller to use username instead of email address
-    protected $username = 'username';
-
-    /**
-     * Where to redirect users after login / registration.
-     *
-     * @var string
-     */
-    protected $redirectTo = '/';
-
-    /**
-     * Create a new authentication controller instance.
-     *
-     * @return void
-     */
-    public function __construct()
-    {
-        $this->middleware('guest', ['except' => 'logout']);
-    }
-
-
-    function showLoginForm()
-    {
-      // Is the user logged in?
-        if (Auth::check()) {
-            return redirect()->intended('dashboard');
-        }
-
-      // Show the page
-        return View::make('auth.login');
-    }
-
-
-    /**
-     * Authenticates a user to LDAP
-     *
-     * @param $username
-     * @param $password
-     * @param bool|false $returnUser
-     * @return bool true    if the username and/or password provided are valid
-     *              false   if the username and/or password provided are invalid
-     *         array of ldap_attributes if $returnUser is true
-     */
-    function ldap($username, $password, $returnUser = false)
-    {
-
-        $ldaphost    = Setting::getSettings()->ldap_server;
-        $ldaprdn     = Setting::getSettings()->ldap_uname;
-        $ldappass    = \Crypt::decrypt(Setting::getSettings()->ldap_pword);
-        $baseDn      = Setting::getSettings()->ldap_basedn;
-        $filterQuery = Setting::getSettings()->ldap_auth_filter_query . $username;
-        $ldapversion = Setting::getSettings()->ldap_version;
-        $ldap_server_cert_ignore = Setting::getSettings()->ldap_server_cert_ignore;
-
-        // If we are ignoring the SSL cert we need to setup the environment variable
-        // before we create the connection
-        if ($ldap_server_cert_ignore) {
-            putenv('LDAPTLS_REQCERT=never');
-        }
-
-        // Connecting to LDAP
-        $connection = ldap_connect($ldaphost) or die("Could not connect to {$ldaphost}");
-        // Needed for AD
-        ldap_set_option($connection, LDAP_OPT_REFERRALS, 0);
-        ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, $ldapversion);
-
-        try {
-            if ($connection) {
-              // binding to ldap server
-                $ldapbind = ldap_bind($connection, $ldaprdn, $ldappass);
-                if (($results = @ldap_search($connection, $baseDn, $filterQuery)) != false) {
-                    $entry = ldap_first_entry($connection, $results);
-                    if (($userDn = @ldap_get_dn($connection, $entry)) != false) {
-                        if (($isBound = ldap_bind($connection, $userDn, $password)) == "true") {
-                            return $returnUser ?
-                            array_change_key_case(ldap_get_attributes($connection, $entry), CASE_LOWER)
-                            : true;
-                        }
-                    }
-                }
-            }
-        } catch (Exception $e) {
-            LOG::error($e->getMessage());
-        }
-           ldap_close($connection);
-            return false;
-    }
-
-    /**
-     * Create user from LDAP attributes
-     *
-     * @param $ldapatttibutes
-     * @return array|bool
-     */
-    function createUserFromLdap($ldapatttibutes)
-    {
-        //Get LDAP attribute config
-        $ldap_result_username = Setting::getSettings()->ldap_username_field;
-        $ldap_result_emp_num = Setting::getSettings()->ldap_emp_num;
-        $ldap_result_last_name = Setting::getSettings()->ldap_lname_field;
-        $ldap_result_first_name = Setting::getSettings()->ldap_fname_field;
-        $ldap_result_email = Setting::getSettings()->ldap_email;
-
-        //Get LDAP user data
-        $item = array();
-        $item["username"] = isset($ldapatttibutes[$ldap_result_username][0]) ? $ldapatttibutes[$ldap_result_username][0] : "";
-        $item["employee_number"] = isset($ldapatttibutes[$ldap_result_emp_num][0]) ? $ldapatttibutes[$ldap_result_emp_num][0] : "";
-        $item["lastname"] = isset($ldapatttibutes[$ldap_result_last_name][0]) ? $ldapatttibutes[$ldap_result_last_name][0] : "";
-        $item["firstname"] = isset($ldapatttibutes[$ldap_result_first_name][0]) ? $ldapatttibutes[$ldap_result_first_name][0] : "";
-        $item["email"] = isset($ldapatttibutes[$ldap_result_email][0]) ? $ldapatttibutes[$ldap_result_email][0] : "" ;
-
-        //create user
-        if (!empty($item["username"])) {
-            //$pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 10);
-
-            $newuser = array(
-              'first_name' => $item["firstname"],
-              'last_name' => $item["lastname"],
-              'username' => $item["username"],
-              'email' => $item["email"],
-              'employee_num' => $item["employee_number"],
-              'password' => bcrypt(Input::get("password")), //$pass,
-              'activated' => 1,
-              'permissions' => ["user" => 1], //'{"user":1}',
-              'notes' => 'Imported from LDAP'
-            );
-            User::save($newuser);
-
-        } else {
-            throw new Cartalyst\Sentry\Users\UserNotFoundException();
-        }
-
-        //$item["note"] = "<strong>created</strong>";
-        $credentials = array(
-            'username' => $item["username"],
-            'password' => Input::get("password")//$pass,
-        );
-        return $credentials;
-    }
-
-
-    /**
-     * Account sign in form processing.
-     *
-     * @return Redirect
-     */
-    public function login()
-    {
-        $validator = $this->validator(Input::all());
-
-        if ($validator->fails()) {
-            return redirect()->back()->withInput()->withErrors($validator);
-        }
-
-        // Should we even check for LDAP users?
-        if (Setting::getSettings()->ldap_enabled=='1') {
-
-            LOG::debug("LDAP is enabled.");
-          // Check if the user exists in the database
-            $user = User::where('username', '=', Input::get('username'))->whereNull('deleted_at')->first();
-            LOG::debug("Auth lookup complete");
-
-
-          // The user does not exist in the database. Try to get them from LDAP.
-          // If user does not exist and authenticates sucessfully with LDAP we
-          // will create it on the fly and sign in with default permissions
-            if (!$user) {
-                LOG::debug("Local user ".Input::get('username')." does not exist");
-                if ($userattr = $this->ldap(Input::get('username'), Input::get('password'), true)) {
-                    LOG::debug("Creating local user from authenticated LDAP user.");
-                    $credentials = $this->createUserFromLdap($userattr);
-                } else {
-                    LOG::debug("User did not authenticate correctly against LDAP. No local user was created.");
-                }
-
-            // If the user exists and they were imported from LDAP already
-            } else {
-
-                LOG::debug("Local user ".Input::get('username')." exists in database. Authenticating existing user against LDAP.");
-
-                if ($this->ldap(Input::get('username'), Input::get('password'))) {
-                    LOG::debug("Valid LDAP login. Updating the local data.");
-                    $user = User::find($user->id); //need the Sentry object, not the Eloquent object, to access critical password hashing functions
-                    $user->password = bcrypt(Input::get('password'));
-                    $user->ldap_import = 1;
-                    $user->save();
-
-                } else {
-                    LOG::debug("User did not authenticate correctly against LDAP. Local user was not updated.");
-                }// End LDAP auth
-
-            } // End if(!user)
-
-        // NO LDAP enabled - just try to login the user normally
-        }
-
-        LOG::debug("Authenticating user against database.");
-        // Try to log the user in
-        if (!Auth::attempt(Input::only('username', 'password'), Input::get('remember-me', 0))) {
-            LOG::debug("Local authentication failed.");
-          // throw new Cartalyst\Sentry\Users\UserNotFoundException();
-            return redirect()->back()->withInput()->with('error', trans('auth/message.account_not_found'));
-        }
-
-        // Get the page we were before
-        $redirect = \Session::get('loginRedirect', 'home');
-
-        // Unset the page we were before from the session
-        \Session::forget('loginRedirect');
-
-        // Redirect to the users page
-        return redirect()->to($redirect)->with('success', trans('auth/message.signin.success'));
-
-        // Ooops.. something went wrong
-        return redirect()->back()->withInput()->withErrors($this->messageBag);
-    }
-
-    /**
-     * Logout page.
-     *
-     * @return Redirect
-     */
-    public function logout()
-    {
-        // Log the user out
-        Auth::logout();
-
-        // Redirect to the users page
-        return redirect()->route('home')->with('success', 'You have successfully logged out!');
-    }
-
-
-    /**
-     * Get a validator for an incoming registration request.
-     *
-     * @param  array  $data
-     * @return \Illuminate\Contracts\Validation\Validator
-     */
-    protected function validator(array $data)
-    {
-        return Validator::make($data, [
-            'username' => 'required',
-            'password' => 'required',
-        ]);
-    }
-}

app/Http/Controllers/Auth/ForgotPasswordController.php

@@ -0,0 +1,75 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
+use Illuminate\Http\Request;
+
+class ForgotPasswordController extends Controller
+{
+    /*
+    |--------------------------------------------------------------------------
+    | Password Reset Controller
+    |--------------------------------------------------------------------------
+    |
+    | This controller is responsible for handling password reset emails and
+    | includes a trait which assists in sending these notifications from
+    | your application to your users. Feel free to explore this trait.
+    |
+    */
+
+    use SendsPasswordResetEmails;
+
+    /**
+     * Create a new controller instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        $this->middleware('guest');
+    }
+
+    /**
+     * Get the e-mail subject line to be used for the reset link email.
+     * Overriding method "getEmailSubject()" from trait "use ResetsPasswords"
+     * @return string
+     */
+    public function getEmailSubject()
+    {
+        return property_exists($this, 'subject') ? $this->subject : \Lang::get('mail.reset_link');
+    }
+
+    /**
+     * Send a reset link to the given user.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function sendResetLinkEmail(Request $request)
+    {
+        $this->validate($request, ['email' => 'required|email']);
+
+        // We will send the password reset link to this user. Once we have attempted
+        // to send the link, we will examine the response then see the message we
+        // need to show to the user. Finally, we'll send out a proper response.
+        $response = $this->broker()->sendResetLink(
+            array_merge(
+                $request->only('email'),
+                ['activated' => '1']
+            )
+        );
+
+        if ($response === \Password::RESET_LINK_SENT) {
+            return redirect()->route('login')->with('status', trans($response));
+        }
+
+        // If an error was returned by the password broker, we will get this message
+        // translated so we can notify a user of the problem. We'll redirect back
+        // to where the users came from so they can attempt this process again.
+        return back()->withErrors(
+            ['email' => trans($response)]
+        );
+    }
+}

app/Http/Controllers/Auth/LoginController.php

@@ -0,0 +1,390 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use Validator;
+use App\Http\Controllers\Controller;
+use Illuminate\Foundation\Auth\ThrottlesLogins;
+use App\Models\Setting;
+use App\Models\Ldap;
+use App\Models\User;
+use Auth;
+use Config;
+use Illuminate\Http\Request;
+use Input;
+use Redirect;
+use Log;
+use View;
+use PragmaRX\Google2FA\Google2FA;
+
+/**
+ * This controller handles authentication for the user, including local
+ * database users and LDAP users.
+ *
+ * @author [A. Gianotto] [<snipe@snipe.net>]
+ * @version    v1.0
+ */
+class LoginController extends Controller
+{
+
+    use ThrottlesLogins;
+
+    // This tells the auth controller to use username instead of email address
+    protected $username = 'username';
+
+    /**
+     * Where to redirect users after login / registration.
+     *
+     * @var string
+     */
+    protected $redirectTo = '/';
+
+    /**
+     * Create a new authentication controller instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        $this->middleware('guest', ['except' => ['logout','postTwoFactorAuth','getTwoFactorAuth','getTwoFactorEnroll']]);
+        \Session::put('backUrl', \URL::previous());
+    }
+
+    function showLoginForm(Request $request)
+    {
+        $this->loginViaRemoteUser($request);
+        if (Auth::check()) {
+            return redirect()->intended('dashboard');
+        }
+
+        if (Setting::getSettings()->login_common_disabled == "1") {
+            return view('errors.403');
+        }
+
+        return view('auth.login');
+    }
+
+    private function loginViaRemoteUser(Request $request)
+    {
+        $remote_user = $request->server('REMOTE_USER');
+        if (Setting::getSettings()->login_remote_user_enabled == "1" && isset($remote_user) && !empty($remote_user)) {
+            Log::debug("Authenticatiing via REMOTE_USER.");
+
+            $pos = strpos($remote_user, '\\');
+            if ($pos > 0) {
+                $remote_user = substr($remote_user, $pos + 1);
+            };
+            
+            try {
+                $user = User::where('username', '=', $remote_user)->whereNull('deleted_at')->where('activated', '=', '1')->first();
+                Log::debug("Remote user auth lookup complete");
+                if(!is_null($user)) Auth::login($user, true);
+            } catch(Exception $e) {
+                Log::debug("There was an error authenticating the Remote user: " . $e->getMessage());
+            }
+        }
+    }
+
+    private function loginViaLdap(Request $request)
+    {
+        Log::debug("Binding user to LDAP.");
+        $ldap_user = Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'));
+        if (!$ldap_user) {
+            Log::debug("LDAP user ".$request->input('username')." not found in LDAP or could not bind");
+            throw new \Exception("Could not find user in LDAP directory");
+        } else {
+            Log::debug("LDAP user ".$request->input('username')." successfully bound to LDAP");
+        }
+
+        // Check if the user already exists in the database and was imported via LDAP
+        $user = User::where('username', '=', Input::get('username'))->whereNull('deleted_at')->where('ldap_import', '=', 1)->where('activated', '=', '1')->first();
+        Log::debug("Local auth lookup complete");
+
+        // The user does not exist in the database. Try to get them from LDAP.
+        // If user does not exist and authenticates successfully with LDAP we
+        // will create it on the fly and sign in with default permissions
+        if (!$user) {
+            Log::debug("Local user ".Input::get('username')." does not exist");
+            Log::debug("Creating local user ".Input::get('username'));
+
+            if ($user = Ldap::createUserFromLdap($ldap_user)) { //this handles passwords on its own
+                Log::debug("Local user created.");
+            } else {
+                Log::debug("Could not create local user.");
+                throw new \Exception("Could not create local user");
+            }
+            // If the user exists and they were imported from LDAP already
+        } else {
+            Log::debug("Local user ".$request->input('username')." exists in database. Updating existing user against LDAP.");
+
+            $ldap_attr = Ldap::parseAndMapLdapAttributes($ldap_user);
+
+            if (Setting::getSettings()->ldap_pw_sync=='1') {
+                $user->password = bcrypt($request->input('password'));
+            }
+
+            $user->email = $ldap_attr['email'];
+            $user->first_name = $ldap_attr['firstname'];
+            $user->last_name = $ldap_attr['lastname'];
+            $user->save();
+        } // End if(!user)
+        return $user;
+    }
+
+
+    /**
+     * Account sign in form processing.
+     *
+     * @return Redirect
+     */
+    public function login(Request $request)
+    {
+        if (Setting::getSettings()->login_common_disabled == "1") {
+            return view('errors.403');
+        }
+
+        $validator = $this->validator(Input::all());
+
+        if ($validator->fails()) {
+            return redirect()->back()->withInput()->withErrors($validator);
+        }
+
+        $this->maxLoginAttempts = config('auth.throttle.max_attempts');
+        $this->lockoutTime = config('auth.throttle.lockout_duration');
+
+        if ($lockedOut = $this->hasTooManyLoginAttempts($request)) {
+            $this->fireLockoutEvent($request);
+            return $this->sendLockoutResponse($request);
+        }
+
+        $user = null;
+
+        // Should we even check for LDAP users?
+        if (Setting::getSettings()->ldap_enabled=='1') {
+            Log::debug("LDAP is enabled.");
+            try {
+                $user = $this->loginViaLdap($request);
+                Auth::login($user, true);
+
+            // If the user was unable to login via LDAP, log the error and let them fall through to
+            // local authentication.
+            } catch (\Exception $e) {
+                Log::debug("There was an error authenticating the LDAP user: ".$e->getMessage());
+            }
+        }
+
+        // If the user wasn't authenticated via LDAP, skip to local auth
+        if (!$user) {
+            Log::debug("Authenticating user against database.");
+          // Try to log the user in
+            if (!Auth::attempt(['username' => $request->input('username'), 'password' => $request->input('password'), 'activated' => 1], $request->input('remember'))) {
+
+                if (!$lockedOut) {
+                    $this->incrementLoginAttempts($request);
+                }
+
+                Log::debug("Local authentication failed.");
+                return redirect()->back()->withInput()->with('error', trans('auth/message.account_not_found'));
+            } else {
+
+                  $this->clearLoginAttempts($request);
+            }
+        }
+
+        if ($user = Auth::user()) {
+            $user->last_login = \Carbon::now();
+            \Log::debug('Last login:'.$user->last_login);
+            $user->save();
+        }
+        // Redirect to the users page
+        return redirect()->intended()->with('success', trans('auth/message.signin.success'));
+    }
+
+
+    /**
+     * Two factor enrollment page
+     *
+     * @return Redirect
+     */
+    public function getTwoFactorEnroll()
+    {
+
+        // Make sure the user is logged in
+        if (!Auth::check()) {
+            return redirect()->route('login')->with('error', trans('auth/general.login_prompt'));
+        }
+
+
+        $settings = Setting::getSettings();
+        $user = Auth::user();
+
+        // We wouldn't normally see this page if 2FA isn't enforced via the
+        // \App\Http\Middleware\CheckForTwoFactor middleware AND if a device isn't enrolled,
+        // but let's check check anyway in case there's a browser history or back button thing.
+        // While you can access this page directly, enrolling a device when 2FA isn't enforced
+        // won't cause any harm.
+
+        if (($user->two_factor_secret!='') && ($user->two_factor_enrolled==1)) {
+            return redirect()->route('two-factor')->with('error', trans('auth/message.two_factor.already_enrolled'));
+        }
+
+        $google2fa = new Google2FA();
+        $secret = $google2fa->generateSecretKey();
+        $user->two_factor_secret = $secret;
+        $user->save();
+
+        $barcode = new \Com\Tecnick\Barcode\Barcode();
+        $barcode_obj =  $barcode->getBarcodeObj('QRCODE', 'otpauth://totp/'.urlencode($settings->site_name).':'.urlencode($user->username).'?secret='.urlencode($secret).'&issuer=Snipe-IT&period=30', 300, 300, 'black', array(-2, -2, -2, -2));
+        return view('auth.two_factor_enroll')->with('barcode_obj', $barcode_obj);
+
+    }
+
+
+    /**
+     * Two factor code form page
+     *
+     * @return Redirect
+     */
+    public function getTwoFactorAuth()
+    {
+        // Check that the user is logged in
+        if (!Auth::check()) {
+            return redirect()->route('login')->with('error', trans('auth/general.login_prompt'));
+        }
+
+        $user = Auth::user();
+
+        // Check whether there is a device enrolled.
+        // This *should* be handled via the \App\Http\Middleware\CheckForTwoFactor middleware
+        // but we're just making sure (in case someone edited the database directly, etc)
+        if (($user->two_factor_secret=='') || ($user->two_factor_enrolled!=1)) {
+            return redirect()->route('two-factor-enroll');
+        }
+
+        return view('auth.two_factor');
+    }
+
+    /**
+     * Two factor code submission
+     *
+     * @return Redirect
+     */
+    public function postTwoFactorAuth(Request $request)
+    {
+
+        if (!Auth::check()) {
+            return redirect()->route('login')->with('error', trans('auth/general.login_prompt'));
+        }
+
+        if (!$request->has('two_factor_secret')) {
+            return redirect()->route('two-factor')->with('error', trans('auth/message.two_factor.code_required'));
+        }
+
+        $user = Auth::user();
+        $google2fa = new Google2FA();
+        $secret = $request->input('two_factor_secret');
+
+        if ($google2fa->verifyKey($user->two_factor_secret, $secret)) {
+            $user->two_factor_enrolled = 1;
+            $user->save();
+            $request->session()->put('2fa_authed', 'true');
+            return redirect()->route('home')->with('success', 'You are logged in!');
+        }
+
+        return redirect()->route('two-factor')->with('error', trans('auth/message.two_factor.invalid_code'));
+
+
+    }
+
+
+    /**
+     * Logout page.
+     *
+     * @return Redirect
+     */
+    public function logout(Request $request)
+    {
+        $request->session()->forget('2fa_authed');
+
+        Auth::logout();
+
+        $settings = Setting::getSettings();
+        $customLogoutUrl = $settings->login_remote_user_custom_logout_url ;
+        if ($settings->login_remote_user_enabled == '1' && $customLogoutUrl != '') {
+            return redirect()->away($customLogoutUrl);
+        }
+
+        return redirect()->route('login')->with('success',  trans('auth/general.logout.success'));
+    }
+
+
+    /**
+     * Get a validator for an incoming registration request.
+     *
+     * @param  array  $data
+     * @return \Illuminate\Contracts\Validation\Validator
+     */
+    protected function validator(array $data)
+    {
+        return Validator::make($data, [
+            'username' => 'required',
+            'password' => 'required',
+        ]);
+    }
+
+
+    public function username()
+    {
+        return 'username';
+    }
+
+    /**
+     * Redirect the user after determining they are locked out.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    protected function sendLockoutResponse(Request $request)
+    {
+        $seconds = $this->limiter()->availableIn(
+            $this->throttleKey($request)
+        );
+
+        $minutes = round($seconds / 60);
+
+        $message = \Lang::get('auth/message.throttle', ['minutes' => $minutes]);
+
+        return redirect()->back()
+            ->withInput($request->only($this->username(), 'remember'))
+            ->withErrors([$this->username() => $message]);
+    }
+
+
+    /**
+     * Override the lockout time and duration
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return bool
+     */
+    protected function hasTooManyLoginAttempts(Request $request)
+    {
+        $lockoutTime = config('auth.throttle.lockout_duration');
+        $maxLoginAttempts = config('auth.throttle.max_attempts');
+
+        return $this->limiter()->tooManyAttempts(
+            $this->throttleKey($request),
+            $maxLoginAttempts,
+            $lockoutTime
+        );
+    }
+
+    public function legacyAuthRedirect() {
+        return redirect()->route('login');
+    }
+
+    public function redirectTo()
+    {
+        return Session::get('backUrl') ? Session::get('backUrl') :   $this->redirectTo;
+    }
+
+}

app/Http/Controllers/Auth/PasswordController.php

@@ -1,40 +0,0 @@
-<?php
-
-namespace App\Http\Controllers\Auth;
-
-use App\Http\Controllers\Controller;
-use Illuminate\Foundation\Auth\ResetsPasswords;
-
-/**
- * This controller handles password resets for the user.
- * It uses the built-in Laravel magic of ResetsPasswords, so we
- * don't actually do much here.
- *
- * @author [A. Gianotto] [<snipe@snipe.net>]
- * @version    v1.0
- */
-class PasswordController extends Controller
-{
-    /*
-    |--------------------------------------------------------------------------
-    | Password Reset Controller
-    |--------------------------------------------------------------------------
-    |
-    | This controller is responsible for handling password reset requests
-    | and uses a simple trait to include this behavior. You're free to
-    | explore this trait and override any methods you wish to tweak.
-    |
-    */
-
-    use ResetsPasswords;
-
-    /**
-     * Create a new password controller instance.
-     *
-     * @return void
-     */
-    public function __construct()
-    {
-        $this->middleware('guest');
-    }
-}

app/Http/Controllers/Auth/RegisterController.php

@@ -0,0 +1,23 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Foundation\Auth\ResetsPasswords;
+
+class RegisterController extends Controller
+{
+
+    public function __construct()
+    {
+        $this->middleware('guest');
+    }
+
+    public function showRegistrationForm() {
+        abort(404,'Page not found');
+    }
+    
+    public function register() {
+        abort(404,'Page not found');
+    }
+}

app/Http/Controllers/Auth/ResetPasswordController.php

@@ -0,0 +1,45 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Foundation\Auth\ResetsPasswords;
+use App\Models\User;
+use Illuminate\Http\Request;
+
+class ResetPasswordController extends Controller
+{
+    /*
+    |--------------------------------------------------------------------------
+    | Password Reset Controller
+    |--------------------------------------------------------------------------
+    |
+    | This controller is responsible for handling password reset requests
+    | and uses a simple trait to include this behavior. You're free to
+    | explore this trait and override any methods you wish to tweak.
+    |
+    */
+
+    use ResetsPasswords;
+
+    /**
+     * Where to redirect users after resetting their password.
+     *
+     * @var string
+     */
+    protected $redirectTo = '/';
+
+    /**
+     * Create a new controller instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        $this->middleware('guest');
+    }
+
+   
+
+
+}

app/Http/Controllers/BulkAssetsController.php

@@ -0,0 +1,249 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Helpers\Helper;
+use App\Http\Controllers\CheckInOutRequest;
+use App\Models\Asset;
+use App\Models\Setting;
+use App\Models\User;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\DB;
+
+class BulkAssetsController extends Controller
+{
+    use CheckInOutRequest;
+    /**
+     * Display the bulk edit page.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @return View
+     * @internal param int $assetId
+     * @since [v2.0]
+     */
+    public function edit(Request $request)
+    {
+        $this->authorize('update', Asset::class);
+
+        if (!$request->has('ids')) {
+            return redirect()->back()->with('error', 'No assets selected');
+        }
+
+        $asset_ids = array_keys($request->input('ids'));
+
+        if ($request->has('bulk_actions')) {
+            switch($request->input('bulk_actions')) {
+                case 'labels':
+                    return view('hardware/labels')
+                        ->with('assets', Asset::find($asset_ids))
+                        ->with('settings', Setting::getSettings())
+                        ->with('count', 0);
+                case 'delete':
+                    $assets = Asset::with('assignedTo', 'location')->find($asset_ids);
+                    $assets->each(function ($asset) {
+                        $this->authorize('delete', $asset);
+                    });
+                    return view('hardware/bulk-delete')->with('assets', $assets);
+                case 'edit':
+                    return view('hardware/bulk')
+                        ->with('assets', request('ids'))
+                        ->with('statuslabel_list', Helper::statusLabelList());
+            }
+        }
+        return redirect()->back()->with('error', 'No action selected');
+    }
+
+    /**
+     * Save bulk edits
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @return Redirect
+     * @internal param array $assets
+     * @since [v2.0]
+     */
+    public function update(Request $request)
+    {
+        $this->authorize('update', Asset::class);
+
+        \Log::debug($request->input('ids'));
+
+        if(!$request->has('ids') || count($request->input('ids')) <= 0) {
+            return redirect()->route("hardware.index")->with('warning', trans('No assets selected, so nothing was updated.'));
+        }
+
+        $assets = array_keys($request->input('ids'));
+
+        if (($request->has('purchase_date'))
+            || ($request->has('purchase_cost'))
+            || ($request->has('supplier_id'))
+            || ($request->has('order_number'))
+            || ($request->has('warranty_months'))
+            || ($request->has('rtd_location_id'))
+            || ($request->has('requestable'))
+            || ($request->has('company_id'))
+            || ($request->has('status_id'))
+            || ($request->has('model_id'))
+        ) {
+            foreach ($assets as $assetId) {
+                $this->update_array = [];
+
+                $this->conditionallyAddItem('purchase_date')
+                    ->conditionallyAddItem('model_id')
+                    ->conditionallyAddItem('order_number')
+                    ->conditionallyAddItem('requestable')
+                    ->conditionallyAddItem('status_id')
+                    ->conditionallyAddItem('supplier_id')
+                    ->conditionallyAddItem('warranty_months');
+
+                if ($request->has('purchase_cost')) {
+                    $this->update_array['purchase_cost'] =  Helper::ParseFloat($request->input('purchase_cost'));
+                }
+
+                if ($request->has('company_id')) {
+                    $this->update_array['company_id'] =  $request->input('company_id');
+                    if ($request->input('company_id')=="clear") {
+                        $this->update_array['company_id'] = null;
+                    }
+                }
+
+                if ($request->has('rtd_location_id')) {
+                    $this->update_array['rtd_location_id'] = $request->input('rtd_location_id');
+                    if (($request->has('update_real_loc')) && (($request->input('update_real_loc')) == '1')) {
+                        $this->update_array['location_id'] = $request->input('rtd_location_id');
+                    }
+                }
+
+                DB::table('assets')
+                    ->where('id', $assetId)
+                    ->update($this->update_array);
+            } // endforeach
+            return redirect()->route("hardware.index")->with('success', trans('admin/hardware/message.update.success'));
+        // no values given, nothing to update
+        }
+        return redirect()->route("hardware.index")->with('warning', trans('admin/hardware/message.update.nothing_updated'));
+
+    }
+
+    /**
+     * Array to store update data per item
+     * @var Array
+     */
+    private $update_array;
+    /**
+     * Adds parameter to update array for an item if it exists in request
+     * @param  String  $field        field name
+     * @return this     Model for Chaining
+     */
+    protected function conditionallyAddItem($field)
+    {
+        if(request()->has($field)) {
+            $this->update_array[$field] = request()->input($field);
+        }
+        return $this;
+    }
+
+    /**
+     * Save bulk deleted.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @return View
+     * @internal param array $assets
+     * @since [v2.0]
+     */
+    public function destroy(Request $request)
+    {
+        $this->authorize('delete', Asset::class);
+
+        if ($request->has('ids')) {
+            $assets = Asset::find($request->get('ids'));
+            foreach ($assets as $asset) {
+                $update_array['deleted_at'] = date('Y-m-d H:i:s');
+                $update_array['assigned_to'] = null;
+
+                DB::table('assets')
+                    ->where('id', $asset->id)
+                    ->update($update_array);
+            } // endforeach
+            return redirect()->to("hardware")->with('success', trans('admin/hardware/message.delete.success'));
+            // no values given, nothing to update
+        }
+        return redirect()->to("hardware")->with('info', trans('admin/hardware/message.delete.nothing_updated'));
+    }
+
+    /**
+     * Show Bulk Checkout Page
+     * @return View View to checkout multiple assets
+     */
+    public function showCheckout()
+    {
+        $this->authorize('checkout', Asset::class);
+        // Filter out assets that are not deployable.
+
+        return view('hardware/bulk-checkout');
+    }
+
+    /**
+     * Process Multiple Checkout Request
+     * @return View
+     */
+    public function storeCheckout(Request $request)
+    {
+        try {
+            $admin = Auth::user();
+
+            $target = $this->determineCheckoutTarget();
+
+            if (!is_array($request->get('selected_assets'))) {
+                return redirect()->route('hardware/bulkcheckout')->withInput()->with('error', trans('admin/hardware/message.checkout.no_assets_selected'));
+            }
+
+            $asset_ids = array_filter($request->get('selected_assets'));
+
+            foreach ($asset_ids as $asset_id) {
+                if ($target->id == $asset_id && request('checkout_to_type') =='asset') {
+                    return redirect()->back()->with('error', 'You cannot check an asset out to itself.');
+                }
+            }
+            $checkout_at = date("Y-m-d H:i:s");
+            if (($request->has('checkout_at')) && ($request->get('checkout_at')!= date("Y-m-d"))) {
+                $checkout_at = e($request->get('checkout_at'));
+            }
+
+            $expected_checkin = '';
+
+            if ($request->has('expected_checkin')) {
+                $expected_checkin = e($request->get('expected_checkin'));
+            }
+
+            $errors = [];
+            DB::transaction(function () use ($target, $admin, $checkout_at, $expected_checkin, $errors, $asset_ids, $request) {
+
+                foreach ($asset_ids as $asset_id) {
+                    $asset = Asset::findOrFail($asset_id);
+                    $this->authorize('checkout', $asset);
+                    $error = $asset->checkOut($target, $admin, $checkout_at, $expected_checkin, e($request->get('note')), null);
+
+                    if ($target->location_id!='') {
+                        $asset->location_id = $target->location_id;
+                        $asset->unsetEventDispatcher();
+                        $asset->save();
+                    }
+
+                    if ($error) {
+                        array_merge_recursive($errors, $asset->getErrors()->toArray());
+                    }
+                }
+            });
+
+            if (!$errors) {
+              // Redirect to the new asset page
+                return redirect()->to("hardware")->with('success', trans('admin/hardware/message.checkout.success'));
+            }
+            // Redirect to the asset management page with error
+            return redirect()->to("hardware/bulk-checkout")->with('error', trans('admin/hardware/message.checkout.error'))->withErrors($errors);
+        } catch (ModelNotFoundException $e) {
+            return redirect()->to("hardware/bulk-checkout")->with('error', $e->getErrors());
+        }
+    }
+}

app/Http/Controllers/CategoriesController.php

@@ -4,14 +4,19 @@ namespace App\Http\Controllers;
 use App\Helpers\Helper;
 use App\Models\Category as Category;
 use App\Models\Company;
+use App\Models\CustomField;
 use App\Models\Setting;
 use Auth;
 use DB;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Gate;
 use Input;
 use Lang;
 use Redirect;
 use Str;
 use View;
+use Image;
+use App\Http\Requests\ImageUploadRequest;
 
 /**
  * This class controls all actions related to Categories for
@@ -30,12 +35,13 @@ class CategoriesController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @see CategoriesController::getDatatable() method that generates the JSON response
     * @since [v1.0]
-    * @return View
-    */
-    public function getIndex()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function index()
     {
         // Show the page
-        return View::make('categories/index');
+        $this->authorize('view', Category::class);
+        return view('categories/index');
     }
 
 
@@ -43,16 +49,17 @@ class CategoriesController extends Controller
     * Returns a form view to create a new category.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see CategoriesController::postCreate() method that stores the data
+    * @see CategoriesController::store() method that stores the data
     * @since [v1.0]
-    * @return View
-    */
-    public function getCreate()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function create()
     {
         // Show the page
+        $this->authorize('create', Category::class);
          $category_types= Helper::categoryTypeList();
-        return View::make('categories/edit')->with('category', new Category)
-        ->with('category_types', $category_types);
+        return view('categories/edit')->with('item', new Category)
+            ->with('category_types', $category_types);
     }
 
 
@@ -60,39 +67,39 @@ class CategoriesController extends Controller
     * Validates and stores the new category data.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see CategoriesController::getCreate() method that makes the form.
+    * @see CategoriesController::create() method that makes the form.
     * @since [v1.0]
-    * @return Redirect
-    */
-    public function postCreate()
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function store(ImageUploadRequest $request)
     {
-
-        // create a new model instance
+        $this->authorize('create', Category::class);
         $category = new Category();
+        $category->name                 = $request->input('name');
+        $category->category_type        = $request->input('category_type');
+        $category->eula_text            = $request->input('eula_text');
+        $category->use_default_eula     = $request->input('use_default_eula', '0');
+        $category->require_acceptance   = $request->input('require_acceptance', '0');
+        $category->checkin_email        = $request->input('checkin_email', '0');
+        $category->user_id              = Auth::id();
 
-        // Update the category data
-        $category->name                 = e(Input::get('name'));
-        $category->category_type        = e(Input::get('category_type'));
-        $category->eula_text            = e(Input::get('eula_text'));
-        $category->use_default_eula     = e(Input::get('use_default_eula', '0'));
-        $category->require_acceptance   = e(Input::get('require_acceptance', '0'));
-        $category->checkin_email        = e(Input::get('checkin_email', '0'));
-        $category->user_id              = Auth::user()->id;
-
-        if ($category->save()) {
-        // Redirect to the new category  page
-            return redirect()->to("admin/settings/categories")->with('success', trans('admin/categories/message.create.success'));
-        } else {
-
-          // The given data did not pass validation
-            return redirect()->back()->withInput()->withErrors($category->getErrors());
-
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_random(25).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/categories/'.$file_name);
+            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $category->image = $file_name;
         }
 
-        // Redirect to the category create page
-        return redirect()->to('admin/settings/categories/create')->with('error', trans('admin/categories/message.create.error'));
 
+        if ($category->save()) {
+            return redirect()->route('categories.index')->with('success', trans('admin/categories/message.create.success'));
+        }
 
+        return redirect()->back()->withInput()->withErrors($category->getErrors());
     }
 
     /**
@@ -102,65 +109,87 @@ class CategoriesController extends Controller
     * @see CategoriesController::postEdit() method saves the data
     * @param int $categoryId
     * @since [v1.0]
-    * @return View
-    */
-    public function getEdit($categoryId = null)
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function edit($categoryId = null)
     {
-        // Check if the category exists
-        if (is_null($category = Category::find($categoryId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/settings/categories')->with('error', trans('admin/categories/message.does_not_exist'));
+        $this->authorize('edit', Category::class);
+        if (is_null($item = Category::find($categoryId))) {
+            return redirect()->route('categories.index')->with('error', trans('admin/categories/message.does_not_exist'));
         }
-
-        // Show the page
-        //$category_options = array('' => 'Top Level') + Category::lists('name', 'id');
-
-        $category_options = array('' => 'Top Level') + DB::table('categories')->where('id', '!=', $categoryId)->lists('name', 'id');
         $category_types= Helper::categoryTypeList();
 
-        return View::make('categories/edit', compact('category'))
-        ->with('category_options', $category_options)
+        return view('categories/edit', compact('item'))
         ->with('category_types', $category_types);
     }
 
 
     /**
-    * Validates and stores the updated category data.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see CategoriesController::getEdit() method that makes the form.
-    * @param int $categoryId
-    * @since [v1.0]
-    * @return Redirect
-    */
-    public function postEdit($categoryId = null)
+     * Validates and stores the updated category data.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @see CategoriesController::getEdit() method that makes the form.
+     * @param Request $request
+     * @param int $categoryId
+     * @return \Illuminate\Http\RedirectResponse
+     * @since [v1.0]
+     */
+    public function update(ImageUploadRequest $request, $categoryId = null)
     {
-        // Check if the blog post exists
+        $this->authorize('edit', Category::class);
         if (is_null($category = Category::find($categoryId))) {
-            // Redirect to the blogs management page
+            // Redirect to the categories management page
             return redirect()->to('admin/categories')->with('error', trans('admin/categories/message.does_not_exist'));
         }
 
         // Update the category data
-        $category->name            = e(Input::get('name'));
-        $category->category_type        = e(Input::get('category_type'));
-        $category->eula_text            = e(Input::get('eula_text'));
-        $category->use_default_eula     = e(Input::get('use_default_eula', '0'));
-        $category->require_acceptance   = e(Input::get('require_acceptance', '0'));
-        $category->checkin_email        = e(Input::get('checkin_email', '0'));
+        $category->name                 = $request->input('name');
+        // If the item count is > 0, we disable the category type in the edit. Disabled items
+        // don't POST, so if the category_type is blank we just set it to the default.
+        $category->category_type        = $request->input('category_type', $category->category_type);
+        $category->eula_text            = $request->input('eula_text');
+        $category->use_default_eula     = $request->input('use_default_eula', '0');
+        $category->require_acceptance   = $request->input('require_acceptance', '0');
+        $category->checkin_email        = $request->input('checkin_email', '0');
 
-        if ($category->save()) {
-        // Redirect to the new category page
-            return redirect()->to("admin/settings/categories")->with('success', trans('admin/categories/message.update.success'));
-        } // attempt validation
-        else {
-          // The given data did not pass validation
-            return redirect()->back()->withInput()->withErrors($category->getErrors());
+        $old_image = $category->image;
+
+        // Set the model's image property to null if the image is being deleted
+        if ($request->input('image_delete') == 1) {
+            $category->image = null;
         }
 
-        // Redirect to the category management page
-        return redirect()->back()->with('error', trans('admin/categories/message.update.error'));
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = $category->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
 
+            if ($image->getClientOriginalExtension()!='svg') {
+                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                    $constraint->aspectRatio();
+                    $constraint->upsize();
+                })->save(app('categories_upload_path').$file_name);
+            } else {
+                $image->move(app('categories_upload_path'), $file_name);
+            }
+            $category->image = $file_name;
+
+        }
+
+        if ((($request->file('image')) && (isset($old_image)) && ($old_image!='')) || ($request->input('image_delete') == 1)) {
+            try  {
+                unlink(app('categories_upload_path').$old_image);
+            } catch (\Exception $e) {
+                \Log::info($e);
+            }
+        }
+
+
+        if ($category->save()) {
+            // Redirect to the new category page
+            return redirect()->route('categories.index')->with('success', trans('admin/categories/message.update.success'));
+        }
+        // The given data did not pass validation
+        return redirect()->back()->withInput()->withErrors($category->getErrors());
     }
 
     /**
@@ -169,41 +198,32 @@ class CategoriesController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
     * @param int $categoryId
-    * @return Redirect
-    */
-    public function getDelete($categoryId)
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function destroy($categoryId)
     {
+        $this->authorize('delete', Category::class);
         // Check if the category exists
         if (is_null($category = Category::find($categoryId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/settings/categories')->with('error', trans('admin/categories/message.not_found'));
+            return redirect()->route('categories.index')->with('error', trans('admin/categories/message.not_found'));
         }
 
-
         if ($category->has_models() > 0) {
-            return redirect()->to('admin/settings/categories')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'model']));
-
+            return redirect()->route('categories.index')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'model']));
         } elseif ($category->accessories()->count() > 0) {
-                return redirect()->to('admin/settings/categories')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'accessory']));
-
+                return redirect()->route('categories.index')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'accessory']));
         } elseif ($category->consumables()->count() > 0) {
-                return redirect()->to('admin/settings/categories')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'consumable']));
-
+                return redirect()->route('categories.index')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'consumable']));
         } elseif ($category->components()->count() > 0) {
-                return redirect()->to('admin/settings/categories')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'component']));
-        } else {
-
-            $category->delete();
-
-            // Redirect to the locations management page
-            return redirect()->to('admin/settings/categories')->with('success', trans('admin/categories/message.delete.success'));
+                return redirect()->route('categories.index')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'component']));
         }
 
-
+        $category->delete();
+        // Redirect to the locations management page
+        return redirect()->route('categories.index')->with('success', trans('admin/categories/message.delete.success'));
     }
 
 
-
     /**
     * Returns a view that invokes the ajax tables which actually contains
     * the content for the categories detail view, which is generated in getDataView.
@@ -212,320 +232,33 @@ class CategoriesController extends Controller
     * @see CategoriesController::getDataView() method that generates the JSON response
     * @param int $categoryId
     * @since [v1.8]
-    * @return View
-    */
-    public function getView($categoryId = null)
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function show($id)
     {
-        $category = Category::find($categoryId);
+        $this->authorize('view', Category::class);
+        if ($category = Category::find($id)) {
 
-        if (isset($category->id)) {
-                return View::make('categories/view', compact('category'));
-        } else {
-            // Prepare the error message
-            $error = trans('admin/categories/message.does_not_exist', compact('id'));
-
-            // Redirect to the user management page
-            return redirect()->route('categories')->with('error', $error);
-        }
-
-
-    }
-
-    /**
-    * Returns a JSON response with the data to populate the bootstrap table on the
-    * cateory listing page.
-    *
-    * @todo Refactor this nastiness. Assets do not behave the same as accessories, etc.
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see CategoriesController::getIndex() method that generates the view
-    * @since [v1.8]
-    * @return String JSON
-    */
-    public function getDatatable()
-    {
-        // Grab all the categories
-        $categories = Category::with('assets', 'accessories', 'consumables','components');
-
-        if (Input::has('search')) {
-            $categories = $categories->TextSearch(e(Input::get('search')));
-        }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-
-        $allowed_columns = ['id','name','category_type'];
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
-
-        $categories = $categories->orderBy($sort, $order);
-
-        $catCount = $categories->count();
-        $categories = $categories->skip($offset)->take($limit)->get();
-
-        $rows = array();
-
-        foreach ($categories as $category) {
-
-            $actions = '<a href="'.route('update/category', $category->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;">';
-            $actions .='<i class="fa fa-pencil icon-white"></i></a>';
-            $actions .='<a data-html="false" class="btn delete-asset btn-danger btn-sm';
-            if ($category->itemCount() > 0) {
-                $actions .=' disabled';
+            if ($category->category_type=='asset') {
+                $category_type = 'hardware';
+                $category_type_route = 'assets';
+            } elseif ($category->category_type=='accessory') {
+                $category_type = 'accessories';
+                $category_type_route = 'accessories';
+            } else {
+                $category_type = $category->category_type;
+                $category_type_route = $category->category_type.'s';
             }
-            $actions .=' data-toggle="modal" href="'.route('delete/category', $category->id).'" data-content="'.trans('admin/categories/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($category->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
-            $rows[] = array(
-                'id'      => $category->id,
-                'name'  => (string)link_to('/admin/settings/categories/'.$category->id.'/view', $category->name) ,
-                'category_type' => ucwords($category->category_type),
-                'count'         => $category->itemCount(),
-                'acceptance'    => ($category->require_acceptance=='1') ? '<i class="fa fa-check"></i>' : '',
-                //EULA is still not working correctly
-                'eula'          => ($category->getEula()) ? '<i class="fa fa-check"></i>' : '',
-                'actions'       => $actions
-            );
+            return view('categories/view', compact('category'))
+                ->with('category_type',$category_type)
+                ->with('category_type_route',$category_type_route);
         }
 
-        $data = array('total' => $catCount, 'rows' => $rows);
-
-        return $data;
+        // Prepare the error message
+        $error = trans('admin/categories/message.does_not_exist', compact('id'));
+        // Redirect to the user management page
+        return redirect()->route('categories.index')->with('error', $error);
     }
 
-    public function getDataViewAssets($categoryID) {
-
-        $category = Category::with('assets.company')->find($categoryID);
-        $category_assets = $category->assets;
-
-        if (Input::has('search')) {
-            $category_assets = $category_assets->TextSearch(e(Input::get('search')));
-        }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-
-        $allowed_columns = ['id','name','serial','asset_tag'];
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
-        $count = $category_assets->count();
-        $category_assets = $category_assets->skip($offset)->take($limit)->get();
-        $rows = array();
-
-        foreach ($category_assets as $asset) {
-
-            $actions = '';
-            $inout='';
-
-            if ($asset->deleted_at=='') {
-                $actions = '<div style=" white-space: nowrap;"><a href="'.route('clone/hardware', $asset->id).'" class="btn btn-info btn-sm" title="Clone asset"><i class="fa fa-files-o"></i></a> <a href="'.route('update/hardware', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/hardware', $asset->id).'" data-content="'.Lang::get('admin/hardware/message.delete.confirm').'" data-title="'.Lang::get('general.delete').' '.htmlspecialchars($asset->asset_tag).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
-            } elseif ($asset->deleted_at!='') {
-                $actions = '<a href="'.route('restore/hardware', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-recycle icon-white"></i></a>';
-            }
-
-            if ($asset->assetstatus) {
-                if ($asset->assetstatus->deployable != 0) {
-                    if (($asset->assigned_to !='') && ($asset->assigned_to > 0)) {
-                        $inout = '<a href="'.route('checkin/hardware', $asset->id).'" class="btn btn-primary btn-sm">'.Lang::get('general.checkin').'</a>';
-                    } else {
-                        $inout = '<a href="'.route('checkout/hardware', $asset->id).'" class="btn btn-info btn-sm">'.Lang::get('general.checkout').'</a>';
-                    }
-                }
-            }
-
-            $rows[] = array(
-                'id' => $asset->id,
-                'name' => (string)link_to('/hardware/'.$asset->id.'/view', $asset->showAssetName()),
-                'model' => $asset->model->name,
-                'asset_tag' => $asset->asset_tag,
-                'serial' => $asset->serial,
-                'assigned_to' => ($asset->assigneduser) ? link_to('/admin/users/'.$asset->assigneduser->id.'/view', $asset->assigneduser->fullName()): '',
-                'change' => $inout,
-                'actions' => $actions,
-                'companyName' => Company::getName($asset),
-            );
-        }
-
-        $data = array('total' => $count, 'rows' => $rows);
-        return $data;
-    }
-
-
-
-    public function getDataViewAccessories($categoryID) {
-
-        $category = Category::with('accessories.company')->find($categoryID);
-        $category_assets = $category->accessories;
-
-        if (Input::has('search')) {
-            $category_assets = $category_assets->TextSearch(e(Input::get('search')));
-        }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-
-        $allowed_columns = ['id','name','serial','asset_tag'];
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
-        $count = $category_assets->count();
-
-        $rows = array();
-
-        foreach ($category_assets as $asset) {
-
-            $actions = '';
-            $inout='';
-
-            if ($asset->deleted_at=='') {
-                $actions = '<div style=" white-space: nowrap;"><a href="'.route('update/accessory', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/accessory', $asset->id).'" data-content="'.Lang::get('admin/hardware/message.delete.confirm').'" data-title="'.Lang::get('general.delete').' '.htmlspecialchars($asset->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
-            }
-
-
-
-            $rows[] = array(
-                'id' => $asset->id,
-                'name' => (string)link_to_route('view/accessory', $asset->name, [$asset->id]),
-                'actions' => $actions,
-                'companyName' => Company::getName($asset),
-            );
-        }
-
-        $data = array('total' => $count, 'rows' => $rows);
-        return $data;
-    }
-
-
-    public function getDataViewConsumables($categoryID) {
-
-        $category = Category::with('accessories.company')->find($categoryID);
-        $category_assets = $category->consumables;
-
-        if (Input::has('search')) {
-            $category_assets = $category_assets->TextSearch(e(Input::get('search')));
-        }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-
-        $allowed_columns = ['id','name','serial','asset_tag'];
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
-        $count = $category_assets->count();
-
-        $rows = array();
-
-        foreach ($category_assets as $asset) {
-
-            $actions = '';
-            $inout='';
-
-            if ($asset->deleted_at=='') {
-                $actions = '<div style=" white-space: nowrap;"><a href="'.route('update/consumable', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/consumable', $asset->id).'" data-content="'.Lang::get('admin/hardware/message.delete.confirm').'" data-title="'.Lang::get('general.delete').' '.htmlspecialchars($asset->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
-            }
-
-
-
-            $rows[] = array(
-                'id' => $asset->id,
-                'name' => (string) link_to_route('view/consumable', $asset->name, [$asset->id]),
-                'actions' => $actions,
-                'companyName' => Company::getName($asset),
-            );
-        }
-
-        $data = array('total' => $count, 'rows' => $rows);
-        return $data;
-    }
-
-    public function getDataViewComponent($categoryID) {
-
-        $category = Category::with('accessories.company')->find($categoryID);
-        $category_assets = $category->components;
-
-        if (Input::has('search')) {
-            $category_assets = $category_assets->TextSearch(e(Input::get('search')));
-        }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-
-        $allowed_columns = ['id','name','serial','asset_tag'];
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
-        $count = $category_assets->count();
-
-        $rows = array();
-
-        foreach ($category_assets as $asset) {
-
-            $actions = '';
-            $inout='';
-
-            if ($asset->deleted_at=='') {
-                $actions = '<div style=" white-space: nowrap;"><a href="'.route('update/component', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/component', $asset->id).'" data-content="'.Lang::get('admin/hardware/message.delete.confirm').'" data-title="'.Lang::get('general.delete').' '.htmlspecialchars($asset->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
-            }
-
-
-
-            $rows[] = array(
-                'id' => $asset->id,
-                'name' => (string)link_to_route('view/accessory', $asset->name, [$asset->id]),
-                'actions' => $actions,
-                'companyName' => Company::getName($asset),
-            );
-        }
-
-        $data = array('total' => $count, 'rows' => $rows);
-        return $data;
-    }
-
-
 
 }

app/Http/Controllers/CheckInOutRequest.php

@@ -0,0 +1,56 @@
+<?php
+namespace App\Http\Controllers;
+
+use App\Exceptions\CheckoutNotAllowed;
+use App\Models\Asset;
+use App\Models\Location;
+use App\Models\User;
+
+trait CheckInOutRequest
+{
+    /**
+     * Find target for checkout
+     * @return SnipeModel        Target asset is being checked out to.
+     */
+    protected function determineCheckoutTarget()
+    {
+          // This item is checked out to a location
+        switch(request('checkout_to_type'))
+        {
+            case 'location':
+                return Location::findOrFail(request('assigned_location'));
+            case 'asset':
+                return Asset::findOrFail(request('assigned_asset'));
+            case 'user':
+                return User::findOrFail(request('assigned_user'));
+        }
+        return null;
+    }
+
+    /**
+     * Update the location of the asset passed in.
+     * @param  Asset $asset Asset being updated
+     * @param  SnipeModel $target Target with location
+     * @return Asset        Asset being updated
+     */
+    protected function updateAssetLocation($asset, $target)
+    {
+        switch(request('checkout_to_type'))
+        {
+            case 'location':
+                $asset->location_id = $target->id;
+                break;
+            case 'asset':
+                $asset->location_id = $target->rtd_location_id;
+                // Override with the asset's location_id if it has one
+                if ($target->location_id!='') {
+                    $asset->location_id = $target->location_id;
+                }
+                break;
+            case 'user':
+                    $asset->location_id = $target->location_id;
+                    break;
+        }
+        return $asset;
+    }
+}

app/Http/Controllers/CompaniesController.php

@@ -6,6 +6,9 @@ use Input;
 use Lang;
 use Redirect;
 use View;
+use Illuminate\Http\Request;
+use Image;
+use App\Http\Requests\ImageUploadRequest;
 
 /**
  * This controller handles all actions related to Companies for
@@ -22,11 +25,13 @@ final class CompaniesController extends Controller
     *
     * @author [Abdullah Alansari] [<ahimta@gmail.com>]
     * @since [v1.8]
-    * @return View
-    */
-    public function getIndex()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function index()
     {
-        return View::make('companies/index')->with('companies', Company::all());
+        $this->authorize('view', Company::class);
+
+        return view('companies/index');
     }
 
     /**
@@ -34,33 +39,46 @@ final class CompaniesController extends Controller
     *
     * @author [Abdullah Alansari] [<ahimta@gmail.com>]
     * @since [v1.8]
-    * @return View
-    */
-    public function getCreate()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function create()
     {
-        return View::make('companies/edit')->with('company', new Company);
+        $this->authorize('create', Company::class);
+
+        return view('companies/edit')->with('item', new Company);
     }
 
     /**
-    * Save data from new company form.
-    *
-    * @author [Abdullah Alansari] [<ahimta@gmail.com>]
-    * @since [v1.8]
-    * @return Redirect
-    */
-    public function postCreate()
+     * Save data from new company form.
+     *
+     * @author [Abdullah Alansari] [<ahimta@gmail.com>]
+     * @since [v1.8]
+     * @param Request $request
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function store(ImageUploadRequest $request)
     {
+        $this->authorize('create', Company::class);
+
         $company = new Company;
+        $company->name = $request->input('name');
 
-            $company->name = e(Input::get('name'));
-
-        if ($company->save()) {
-            return redirect()->to('admin/settings/companies')
-                ->with('success', trans('admin/companies/message.create.success'));
-        } else {
-            return redirect()->back()->withInput()->withErrors($company->getErrors());
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_random(25).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/companies/'.$file_name);
+            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $company->image = $file_name;
         }
 
+        if ($company->save()) {
+            return redirect()->route('companies.index')
+                ->with('success', trans('admin/companies/message.create.success'));
+        }
+        return redirect()->back()->withInput()->withErrors($company->getErrors());
     }
 
 
@@ -70,44 +88,77 @@ final class CompaniesController extends Controller
     * @author [Abdullah Alansari] [<ahimta@gmail.com>]
     * @since [v1.8]
     * @param int $companyId
-    * @return View
-    */
-    public function getEdit($companyId)
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function edit($companyId)
     {
-        if (is_null($company = Company::find($companyId))) {
-            return redirect()->to('admin/settings/companies')
+        if (is_null($item = Company::find($companyId))) {
+            return redirect()->route('companies.index')
                 ->with('error', trans('admin/companies/message.does_not_exist'));
-        } else {
-            return View::make('companies/edit')->with('company', $company);
         }
+
+        $this->authorize('update', $item);
+
+        return view('companies/edit')->with('item', $item);
     }
 
     /**
-    * Save data from edit company form.
-    *
-    * @author [Abdullah Alansari] [<ahimta@gmail.com>]
-    * @since [v1.8]
-    * @param int $companyId
-    * @return Redirect
-    */
-    public function postEdit($companyId)
+     * Save data from edit company form.
+     *
+     * @author [Abdullah Alansari] [<ahimta@gmail.com>]
+     * @since [v1.8]
+     * @param Request $request
+     * @param int $companyId
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function update(ImageUploadRequest $request, $companyId)
     {
         if (is_null($company = Company::find($companyId))) {
-            return redirect()->to('admin/settings/companies')->with('error', trans('admin/companies/message.does_not_exist'));
-        } else {
+            return redirect()->route('companies.index')->with('error', trans('admin/companies/message.does_not_exist'));
+        }
 
+        $this->authorize('update', $company);
 
-            $company->name = e(Input::get('name'));
+        $company->name = $request->input('name');
 
-            if ($company->save()) {
-                return redirect()->to('admin/settings/companies')
-                    ->with('success', trans('admin/companies/message.update.success'));
+        $old_image = $company->image;
+
+        // Set the model's image property to null if the image is being deleted
+        if ($request->input('image_delete') == 1) {
+            $company->image = null;
+        }
+
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = $company->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
+
+            if ($image->getClientOriginalExtension()!='svg') {
+                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                    $constraint->aspectRatio();
+                    $constraint->upsize();
+                })->save(app('companies_upload_path').$file_name);
             } else {
-                return redirect()->to("admin/settings/companies/$companyId/edit")
-                    ->with('error', trans('admin/companies/message.update.error'));
+                $image->move(app('companies_upload_path'), $file_name);
             }
+            $company->image = $file_name;
 
         }
+
+        if ((($request->file('image')) && (isset($old_image)) && ($old_image!='')) || ($request->input('image_delete') == 1)) {
+            try  {
+                unlink(app('companies_upload_path').$old_image);
+            } catch (\Exception $e) {
+                \Log::info($e);
+            }
+        }
+
+
+        if ($company->save()) {
+            return redirect()->route('companies.index')
+                ->with('success', trans('admin/companies/message.update.success'));
+        }
+        return redirect()->route('companies.edit', ['company' => $companyId])
+            ->with('error', trans('admin/companies/message.update.error'));
     }
 
     /**
@@ -116,17 +167,20 @@ final class CompaniesController extends Controller
     * @author [Abdullah Alansari] [<ahimta@gmail.com>]
     * @since [v1.8]
     * @param int $companyId
-    * @return Redirect
-    */
-    public function postDelete($companyId)
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function destroy($companyId)
     {
         if (is_null($company = Company::find($companyId))) {
-            return redirect()->to('admin/settings/companies')
+            return redirect()->route('companies.index')
                 ->with('error', trans('admin/companies/message.not_found'));
         } else {
+
+            $this->authorize('delete', $company);
+
             try {
                 $company->delete();
-                return redirect()->to('admin/settings/companies')
+                return redirect()->route('companies.index')
                     ->with('success', trans('admin/companies/message.delete.success'));
             } catch (\Illuminate\Database\QueryException $exception) {
             /*
@@ -134,7 +188,7 @@ final class CompaniesController extends Controller
                  * For example when rows in other tables are referencing this company
                  */
                 if ($exception->getCode() == 23000) {
-                    return redirect()->to('admin/settings/companies')
+                    return redirect()->route('companies.index')
                         ->with('error', trans('admin/companies/message.assoc_users'));
                 } else {
                     throw $exception;
@@ -142,4 +196,16 @@ final class CompaniesController extends Controller
             }
         }
     }
+
+    public function show($id) {
+        $this->authorize('view', Company::class);
+
+        if (is_null($company = Company::find($id))) {
+            return redirect()->route('companies.index')
+                ->with('error', trans('admin/companies/message.not_found'));
+        } else {
+            return view('companies/view')->with('company',$company);
+        }
+
+    }
 }

app/Http/Controllers/ComponentsController.php

@@ -2,13 +2,14 @@
 namespace App\Http\Controllers;
 
 use App\Helpers\Helper;
+use App\Http\Requests\ImageUploadRequest;
 use App\Models\Actionlog;
 use App\Models\Company;
 use App\Models\Component;
+use App\Models\CustomField;
 use App\Models\Setting;
 use App\Models\User;
 use App\Models\Asset;
-use App\Http\Requests\ComponentCheckoutRequest;
 use Auth;
 use Config;
 use DB;
@@ -19,6 +20,10 @@ use Redirect;
 use Slack;
 use Str;
 use View;
+use Validator;
+use Illuminate\Http\Request;
+use Gate;
+use Image;
 
 /**
  * This class controls all actions related to Components for
@@ -35,11 +40,12 @@ class ComponentsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @see ComponentsController::getDatatable() method that generates the JSON response
     * @since [v3.0]
-    * @return View
+     * @return \Illuminate\Contracts\View\View
     */
-    public function getIndex()
+    public function index()
     {
-        return View::make('components/index');
+        $this->authorize('view', Component::class);
+        return view('components/index');
     }
 
 
@@ -49,20 +55,14 @@ class ComponentsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @see ComponentsController::postCreate() method that stores the data
     * @since [v3.0]
-    * @return View
+    * @return \Illuminate\Contracts\View\View
     */
-    public function getCreate()
+    public function create()
     {
-        // Show the page
-        $category_list = array('' => '') + DB::table('categories')->where('category_type', '=', 'component')->whereNull('deleted_at')->orderBy('name', 'ASC')->lists('name', 'id');
-        $company_list = Helper::companyList();
-        $location_list = Helper::locationsList();
-
-        return View::make('components/edit')
-            ->with('component', new Component)
-            ->with('category_list', $category_list)
-            ->with('company_list', $company_list)
-            ->with('location_list', $location_list);
+        $this->authorize('create', Component::class);
+        $category_type = 'component';
+        return view('components/edit')->with('category_type',$category_type)
+            ->with('item', new Component);
     }
 
 
@@ -72,46 +72,40 @@ class ComponentsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @see ComponentsController::getCreate() method that generates the view
     * @since [v3.0]
-    * @return Redirect
-    */
-    public function postCreate()
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function store(ImageUploadRequest $request)
     {
-
-        // create a new model instance
+        $this->authorize('create', Component::class);
         $component = new Component();
+        $component->name                   = $request->input('name');
+        $component->category_id            = $request->input('category_id');
+        $component->location_id            = $request->input('location_id');
+        $component->company_id             = Company::getIdForCurrentUser($request->input('company_id'));
+        $component->order_number           = $request->input('order_number', null);
+        $component->min_amt                = $request->input('min_amt', null);
+        $component->serial                 = $request->input('serial', null);
+        $component->purchase_date          = $request->input('purchase_date', null);
+        $component->purchase_cost          = $request->input('purchase_cost', null);
+        $component->qty                    = $request->input('qty');
+        $component->user_id                = Auth::id();
 
-        // Update the component data
-        $component->name                   = e(Input::get('name'));
-        $component->category_id            = e(Input::get('category_id'));
-        $component->location_id            = e(Input::get('location_id'));
-        $component->company_id             = Company::getIdForCurrentUser(Input::get('company_id'));
-        $component->order_number           = e(Input::get('order_number'));
-        $component->min_amt                = e(Input::get('min_amt'));
 
-        if (e(Input::get('purchase_date')) == '') {
-            $component->purchase_date       =  null;
-        } else {
-            $component->purchase_date       = e(Input::get('purchase_date'));
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_random(25).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/components/'.$file_name);
+            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $component->image = $file_name;
         }
 
-        if (e(Input::get('purchase_cost')) == '0.00') {
-            $component->purchase_cost       =  null;
-        } else {
-            $component->purchase_cost       = e(Input::get('purchase_cost'));
-        }
-
-        $component->total_qty                    = e(Input::get('total_qty'));
-        $component->user_id                = Auth::user()->id;
-
-        // Was the component created?
         if ($component->save()) {
-            // Redirect to the new component  page
-            return redirect()->to("admin/components")->with('success', trans('admin/components/message.create.success'));
+            return redirect()->route('components.index')->with('success', trans('admin/components/message.create.success'));
         }
-
         return redirect()->back()->withInput()->withErrors($component->getErrors());
-
-
     }
 
     /**
@@ -121,26 +115,22 @@ class ComponentsController extends Controller
     * @see ComponentsController::postEdit() method that stores the data.
     * @since [v3.0]
     * @param int $componentId
-    * @return View
-    */
-    public function getEdit($componentId = null)
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function edit($componentId = null)
     {
-        // Check if the component exists
-        if (is_null($component = Component::find($componentId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/components')->with('error', trans('admin/components/message.does_not_exist'));
-        } elseif (!Company::isCurrentUserHasAccess($component)) {
-            return redirect()->to('admin/components')->with('error', trans('general.insufficient_permissions'));
+
+
+        if ($item = Component::find($componentId)) {
+            $this->authorize('update', $item);
+            $category_type = 'component';
+            return view('components/edit', compact('item'))->with('category_type', $category_type);
         }
+        return redirect()->route('components.index')->with('error', trans('admin/components/message.does_not_exist'));
+
+
 
-            $category_list =  Helper::categoryList();
-        $company_list = Helper::companyList();
-        $location_list = Helper::locationsList();
 
-        return View::make('components/edit', compact('component'))
-            ->with('category_list', $category_list)
-            ->with('company_list', $company_list)
-            ->with('location_list', $location_list);
     }
 
 
@@ -151,52 +141,46 @@ class ComponentsController extends Controller
     * @see ComponentsController::getEdit() method presents the form.
     * @param int $componentId
     * @since [v3.0]
-    * @return Redirect
-    */
-    public function postEdit($componentId = null)
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function update(ImageUploadRequest $request, $componentId = null)
     {
-        // Check if the blog post exists
         if (is_null($component = Component::find($componentId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/components')->with('error', trans('admin/components/message.does_not_exist'));
-        } elseif (!Company::isCurrentUserHasAccess($component)) {
-            return redirect()->to('admin/components')->with('error', trans('general.insufficient_permissions'));
+            return redirect()->route('components.index')->with('error', trans('admin/components/message.does_not_exist'));
         }
 
+        $this->authorize('update', $component);
+
 
         // Update the component data
-        $component->name                   = e(Input::get('name'));
-        $component->category_id            = e(Input::get('category_id'));
-        $component->location_id            = e(Input::get('location_id'));
+        $component->name                   = Input::get('name');
+        $component->category_id            = Input::get('category_id');
+        $component->location_id            = Input::get('location_id');
         $component->company_id             = Company::getIdForCurrentUser(Input::get('company_id'));
-        $component->order_number           = e(Input::get('order_number'));
-        $component->min_amt             = e(Input::get('min_amt'));
+        $component->order_number           = Input::get('order_number');
+        $component->min_amt                = Input::get('min_amt');
+        $component->serial                 = Input::get('serial');
+        $component->purchase_date          = Input::get('purchase_date');
+        $component->purchase_cost          = request('purchase_cost');
+        $component->qty                    = Input::get('qty');
 
-        if (e(Input::get('purchase_date')) == '') {
-            $component->purchase_date       =  null;
-        } else {
-            $component->purchase_date       = e(Input::get('purchase_date'));
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_random(25).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/components/'.$file_name);
+            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $component->image = $file_name;
+        } elseif ($request->input('image_delete')=='1') {
+            $component->image = null;
         }
 
-        if (e(Input::get('purchase_cost')) == '0.00') {
-            $component->purchase_cost       =  null;
-        } else {
-            $component->purchase_cost       = e(Input::get('purchase_cost'));
-        }
-
-        $component->total_qty                    = e(Input::get('total_qty'));
-
-        // Was the component created?
         if ($component->save()) {
-            // Redirect to the new component page
-            return redirect()->to("admin/components")->with('success', trans('admin/components/message.update.success'));
+            return redirect()->route('components.index')->with('success', trans('admin/components/message.update.success'));
         }
-
         return redirect()->back()->withInput()->withErrors($component->getErrors());
-
-
-
-
     }
 
     /**
@@ -205,36 +189,19 @@ class ComponentsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v3.0]
     * @param int $componentId
-    * @return Redirect
-    */
-    public function getDelete($componentId)
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function destroy($componentId)
     {
-        // Check if the blog post exists
         if (is_null($component = Component::find($componentId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/components')->with('error', trans('admin/components/message.not_found'));
-        } elseif (!Company::isCurrentUserHasAccess($component)) {
-            return redirect()->to('admin/components')->with('error', trans('general.insufficient_permissions'));
+            return redirect()->route('components.index')->with('error', trans('admin/components/message.does_not_exist'));
         }
 
-            $component->delete();
-
-            // Redirect to the locations management page
-            return redirect()->to('admin/components')->with('success', trans('admin/components/message.delete.success'));
-
+        $this->authorize('delete', $component);
+        $component->delete();
+        return redirect()->route('components.index')->with('success', trans('admin/components/message.delete.success'));
     }
 
-    public function postBulk($componentId = null)
-    {
-        echo 'Stubbed - not yet complete';
-    }
-
-    public function postBulkSave($componentId = null)
-    {
-        echo 'Stubbed - not yet complete';
-    }
-
-
     /**
     * Return a view to display component information.
     *
@@ -242,29 +209,20 @@ class ComponentsController extends Controller
     * @see ComponentsController::getDataView() method that generates the JSON response
     * @since [v3.0]
     * @param int $componentId
-    * @return View
-    */
-    public function getView($componentId = null)
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function show($componentId = null)
     {
         $component = Component::find($componentId);
 
         if (isset($component->id)) {
-
-
-            if (!Company::isCurrentUserHasAccess($component)) {
-                return redirect()->to('admin/components')->with('error', trans('general.insufficient_permissions'));
-            } else {
-                return View::make('components/view', compact('component'));
-            }
-        } else {
-            // Prepare the error message
-            $error = trans('admin/components/message.does_not_exist', compact('id'));
-
-            // Redirect to the user management page
-            return redirect()->route('components')->with('error', $error);
+            $this->authorize('view', $component);
+            return view('components/view', compact('component'));
         }
-
-
+        // Prepare the error message
+        $error = trans('admin/components/message.does_not_exist', compact('id'));
+        // Redirect to the user management page
+        return redirect()->route('components.index')->with('error', $error);
     }
 
     /**
@@ -274,42 +232,49 @@ class ComponentsController extends Controller
     * @see ComponentsController::postCheckout() method that stores the data.
     * @since [v3.0]
     * @param int $componentId
-    * @return View
-    */
+    * @return \Illuminate\Contracts\View\View
+     */
     public function getCheckout($componentId)
     {
         // Check if the component exists
         if (is_null($component = Component::find($componentId))) {
             // Redirect to the component management page with error
-            return redirect()->to('components')->with('error', trans('admin/components/message.not_found'));
-        } elseif (!Company::isCurrentUserHasAccess($component)) {
-            return redirect()->to('admin/components')->with('error', trans('general.insufficient_permissions'));
+            return redirect()->route('components.index')->with('error', trans('admin/components/message.not_found'));
         }
-
-        // Get the dropdown of assets and then pass it to the checkout view
-        $assets_list = Helper::assetsList();
-
-        return View::make('components/checkout', compact('component'))->with('assets_list', $assets_list);
-
+        $this->authorize('checkout', $component);
+        return view('components/checkout', compact('component'));
     }
 
     /**
-    * Validate and store checkout data.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ComponentsController::getCheckout() method that returns the form.
-    * @since [v3.0]
-    * @param int $componentId
-    * @return Redirect
-    */
-    public function postCheckout(ComponentCheckoutRequest $request, $componentId)
+     * Validate and store checkout data.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @see ComponentsController::getCheckout() method that returns the form.
+     * @since [v3.0]
+     * @param Request $request
+     * @param int $componentId
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function postCheckout(Request $request, $componentId)
     {
-      // Check if the component exists
+        // Check if the component exists
         if (is_null($component = Component::find($componentId))) {
             // Redirect to the component management page with error
-            return redirect()->to('components')->with('error', trans('admin/components/message.not_found'));
-        } elseif (!Company::isCurrentUserHasAccess($component)) {
-            return redirect()->to('admin/components')->with('error', trans('general.insufficient_permissions'));
+            return redirect()->route('components.index')->with('error', trans('admin/components/message.not_found'));
+        }
+
+        $this->authorize('checkout', $component);
+
+        $max_to_checkout = $component->numRemaining();
+        $validator = Validator::make($request->all(), [
+            "asset_id"          => "required",
+            "assigned_qty"      => "required|numeric|between:1,$max_to_checkout"
+        ]);
+
+        if ($validator->fails()) {
+            return redirect()->back()
+                ->withErrors($validator)
+                ->withInput();
         }
 
         $admin_user = Auth::user();
@@ -318,182 +283,115 @@ class ComponentsController extends Controller
       // Check if the user exists
         if (is_null($asset = Asset::find($asset_id))) {
             // Redirect to the component management page with error
-            return redirect()->to('admin/components')->with('error', trans('admin/components/message.asset_does_not_exist'));
+            return redirect()->route('components.index')->with('error', trans('admin/components/message.asset_does_not_exist'));
         }
 
       // Update the component data
         $component->asset_id =   $asset_id;
 
-        $component->assets()->attach($component->id, array(
-        'component_id' => $component->id,
-        'user_id' => $admin_user->id,
-        'created_at' => date('Y-m-d h:i:s'),
-        'assigned_qty' => e(Input::get('assigned_qty')),
-        'asset_id' => $asset_id));
+        $component->assets()->attach($component->id, [
+            'component_id' => $component->id,
+            'user_id' => $admin_user->id,
+            'created_at' => date('Y-m-d H:i:s'),
+            'assigned_qty' => Input::get('assigned_qty'),
+            'asset_id' => $asset_id
+        ]);
 
-        $logaction = new Actionlog();
-        $logaction->component_id = $component->id;
-        $logaction->asset_id = $asset_id;
-        $logaction->asset_type = 'component';
-        $logaction->location_id = $asset->location_id;
-        $logaction->user_id = Auth::user()->id;
-        $logaction->note = e(Input::get('note'));
+        $component->logCheckout(e(Input::get('note')), $asset);
+        return redirect()->route('components.index')->with('success', trans('admin/components/message.checkout.success'));
+    }
 
-        $settings = Setting::getSettings();
-
-        if ($settings->slack_endpoint) {
-
-            $slack_settings = [
-                'username' => $settings->botname,
-                'channel' => $settings->slack_channel,
-                'link_names' => true
-            ];
-
-            $client = new \Maknz\Slack\Client($settings->slack_endpoint, $slack_settings);
-
-            try {
-                    $client->attach([
-                        'color' => 'good',
-                        'fields' => [
-                            [
-                                'title' => 'Checked Out:',
-                                'value' => strtoupper($logaction->asset_type).' <'.config('app.url').'/admin/components/'.$component->id.'/view'.'|'.$component->name.'> checked out to <'.config('app.url').'/hardware/'.$asset->id.'/view|'.$asset->name.'> by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
-                            ],
-                            [
-                                'title' => 'Note:',
-                                'value' => e($logaction->note)
-                            ],
-                        ]
-                    ])->send('Component Checked Out');
-
-            } catch (Exception $e) {
+    /**
+     * Returns a view that allows the checkin of a component from an asset.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @see ComponentsController::postCheckout() method that stores the data.
+     * @since [v4.1.4]
+     * @param int $componentId
+     * @return \Illuminate\Contracts\View\View
+     */
+    public function getCheckin($component_asset_id)
+    {
 
+        // This could probably be done more cleanly but I am very tired. - @snipe
+        if ($component_assets = DB::table('components_assets')->find($component_asset_id)) {
+            if (is_null($component = Component::find($component_assets->component_id))) {
+                return redirect()->route('components.index')->with('error', trans('admin/components/messages.not_found'));
             }
+            if (is_null($asset = Asset::find($component_assets->asset_id))) {
+                return redirect()->route('components.index')->with('error',
+                    trans('admin/components/message.not_found'));
+            }
+            $this->authorize('checkin', $component);
+            return view('components/checkin', compact('component_assets','component','asset'));
         }
 
-
-        $log = $logaction->logaction('checkout');
-
-      // Redirect to the new component page
-        return redirect()->to("admin/components")->with('success', trans('admin/components/message.checkout.success'));
-
-
-
-    }
-
-
-    /**
-    * Generates the JSON response for accessories listing view.
-    *
-    * For debugging, see at /api/accessories/list
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v3.0]
-    * @return string JSON
-    **/
-    public function getDatatable()
-    {
-        $components = Component::select('components.*')->whereNull('components.deleted_at')
-            ->with('company', 'location', 'category');
-
-        if (Input::has('search')) {
-            $components = $components->TextSearch(Input::get('search'));
-        }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        $allowed_columns = ['id','name','min_amt','order_number','purchase_date','purchase_cost','companyName','category','total_qty'];
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
-
-        switch ($sort) {
-            case 'category':
-                $components = $components->OrderCategory($order);
-                break;
-            case 'location':
-                $components = $components->OrderLocation($order);
-                break;
-            case 'companyName':
-                $components = $components->OrderCompany($order);
-                break;
-            default:
-                $components = $components->orderBy($sort, $order);
-                break;
-        }
-
-        $consumCount = $components->count();
-        $components = $components->skip($offset)->take($limit)->get();
-
-        $rows = array();
-
-        foreach ($components as $component) {
-            $actions = '<nobr><a href="'.route('checkout/component', $component->id).'" style="margin-right:5px;" class="btn btn-info btn-sm" '.(($component->numRemaining() > 0 ) ? '' : ' disabled').'>'.trans('general.checkout').'</a><a href="'.route('update/component', $component->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/component', $component->id).'" data-content="'.trans('admin/components/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($component->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></nobr>';
-            $company = $component->company;
-
-            $rows[] = array(
-                'checkbox'      =>'<div class="text-center"><input type="checkbox" name="component['.$component->id.']" class="one_required"></div>',
-                'id'            => $component->id,
-                'name'          => (string)link_to('admin/components/'.$component->id.'/view', e($component->name)),
-                'location'   => ($component->location) ? e($component->location->name) : '',
-                'total_qty'           => e($component->total_qty),
-                'min_amt'           => e($component->min_amt),
-                'category'           => ($component->category) ? e($component->category->name) : 'Missing category',
-                'order_number'  => e($component->order_number),
-                'purchase_date'  => e($component->purchase_date),
-                'purchase_cost'  => ($component->purchase_cost!='') ? number_format($component->purchase_cost, 2): '' ,
-                'numRemaining'  => $component->numRemaining(),
-                'actions'       => $actions,
-                'companyName'   => is_null($company) ? '' : e($company->name),
-            );
-        }
-
-        $data = array('total' => $consumCount, 'rows' => $rows);
-
-        return $data;
+        return redirect()->route('components.index')->with('error', trans('admin/components/messages.not_found'));
 
     }
 
     /**
-    * Return JSON data to populate the components view,
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ComponentsController::getView() method that returns the view.
-    * @since [v3.0]
-    * @param int $componentId
-    * @return string JSON
-    */
-    public function getDataView($componentId)
+     * Validate and store checkin data.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @see ComponentsController::getCheckout() method that returns the form.
+     * @since [v4.1.4]
+     * @param Request $request
+     * @param int $componentId
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function postCheckin(Request $request, $component_asset_id)
     {
-        //$component = Component::find($componentID);
-        $component = Component::with('assets')->find($componentId);
+        if ($component_assets = DB::table('components_assets')->find($component_asset_id)) {
+            if (is_null($component = Component::find($component_assets->component_id))) {
+                return redirect()->route('components.index')->with('error',
+                    trans('admin/components/message.not_found'));
+            }
 
 
-        if (!Company::isCurrentUserHasAccess($component)) {
-            return ['total' => 0, 'rows' => []];
+            $this->authorize('checkin', $component);
+
+            $max_to_checkin = $component_assets->assigned_qty;
+            $validator = Validator::make($request->all(), [
+                "checkin_qty" => "required|numeric|between:1,$max_to_checkin"
+            ]);
+
+            if ($validator->fails()) {
+                return redirect()->back()
+                    ->withErrors($validator)
+                    ->withInput();
+            }
+
+            // Validation passed, so let's figure out what we have to do here.
+            $qty_remaining_in_checkout = ($component_assets->assigned_qty - (int)$request->input('checkin_qty'));
+
+            // We have to modify the record to reflect the new qty that's
+            // actually checked out.
+            $component_assets->assigned_qty = $qty_remaining_in_checkout;
+            DB::table('components_assets')->where('id',
+                $component_asset_id)->update(['assigned_qty' => $qty_remaining_in_checkout]);
+
+            $log = new Actionlog();
+            $log->user_id = Auth::user()->id;
+            $log->action_type = 'checkin from';
+            $log->target_type = Asset::class;
+            $log->target_id = $component_assets->asset_id;
+            $log->item_id = $component_assets->component_id;
+            $log->item_type = Component::class;
+            $log->note = $request->input('note');
+            $log->save();
+
+            // If the checked-in qty is exactly the same as the assigned_qty,
+            // we can simply delete the associated components_assets record
+            if ($qty_remaining_in_checkout == 0) {
+                DB::table('components_assets')->where('id', '=', $component_asset_id)->delete();
+            }
+
+            return redirect()->route('components.index')->with('success',
+                trans('admin/components/message.checkout.success'));
         }
-
-        $rows = array();
-
-        foreach ($component->assets as $component_assignment) {
-            $rows[] = array(
-            'name' => (string)link_to('/hardware/'.$component_assignment->id.'/view', e($component_assignment->name)),
-            'qty' => e($component_assignment->pivot->assigned_qty),
-            'created_at' => ($component_assignment->created_at->format('Y-m-d H:i:s')=='-0001-11-30 00:00:00') ? '' : $component_assignment->created_at->format('Y-m-d H:i:s'),
-            );
-        }
-
-        $componentCount = $component->assets->count();
-        $data = array('total' => $componentCount, 'rows' => $rows);
-        return $data;
+        return redirect()->route('components.index')->with('error', trans('admin/components/message.not_found'));
     }
+
+
 }

app/Http/Controllers/ConsumablesController.php

@@ -3,7 +3,6 @@
 namespace App\Http\Controllers;
 
 use App\Helpers\Helper;
-use App\Models\Actionlog;
 use App\Models\Company;
 use App\Models\Consumable;
 use App\Models\Setting;
@@ -13,11 +12,13 @@ use Config;
 use DB;
 use Input;
 use Lang;
-use Mail;
 use Redirect;
 use Slack;
 use Str;
 use View;
+use Gate;
+use Image;
+use App\Http\Requests\ImageUploadRequest;
 
 /**
  * This controller handles all actions related to Consumables for
@@ -33,11 +34,12 @@ class ConsumablesController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @see ConsumablesController::getDatatable() method that generates the JSON response
     * @since [v1.0]
-    * @return View
-    */
-    public function getIndex()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function index()
     {
-        return View::make('consumables/index');
+        $this->authorize('index', Consumable::class);
+        return view('consumables/index');
     }
 
 
@@ -47,22 +49,14 @@ class ConsumablesController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @see ConsumablesController::postCreate() method that stores the form data
     * @since [v1.0]
-    * @return View
-    */
-    public function getCreate()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function create()
     {
-        // Show the page
-        $category_list = array('' => '') + DB::table('categories')->where('category_type', '=', 'consumable')->whereNull('deleted_at')->orderBy('name', 'ASC')->lists('name', 'id');
-        $company_list = Helper::companyList();
-        $location_list = Helper::locationsList();
-        $manufacturer_list = Helper::manufacturerList();
-
-        return View::make('consumables/edit')
-            ->with('consumable', new Consumable)
-            ->with('category_list', $category_list)
-            ->with('company_list', $company_list)
-            ->with('location_list', $location_list)
-            ->with('manufacturer_list', $manufacturer_list);
+        $this->authorize('create', Consumable::class);
+        $category_type = 'consumable';
+        return view('consumables/edit')->with('category_type', $category_type)
+            ->with('item', new Consumable);
     }
 
 
@@ -72,45 +66,44 @@ class ConsumablesController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @see ConsumablesController::getCreate() method that returns the form view
     * @since [v1.0]
-    * @return Redirect
-    */
-    public function postCreate()
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function store(ImageUploadRequest $request)
     {
+        $this->authorize('create', Consumable::class);
         $consumable = new Consumable();
-        $consumable->name                   = e(Input::get('name'));
-        $consumable->category_id            = e(Input::get('category_id'));
-        $consumable->location_id            = e(Input::get('location_id'));
-        $consumable->company_id             = Company::getIdForCurrentUser(Input::get('company_id'));
-        $consumable->order_number           = e(Input::get('order_number'));
-        $consumable->min_amt                = e(Input::get('min_amt'));
-        $consumable->manufacturer_id         = e(Input::get('manufacturer_id'));
-        $consumable->model_no               = e(Input::get('model_no'));
-        $consumable->item_no         = e(Input::get('item_no'));
+        $consumable->name                   = $request->input('name');
+        $consumable->category_id            = $request->input('category_id');
+        $consumable->location_id            = $request->input('location_id');
+        $consumable->company_id             = Company::getIdForCurrentUser($request->input('company_id'));
+        $consumable->order_number           = $request->input('order_number');
+        $consumable->min_amt                = $request->input('min_amt');
+        $consumable->manufacturer_id        = $request->input('manufacturer_id');
+        $consumable->model_number           = $request->input('model_number');
+        $consumable->item_no                = $request->input('item_no');
+        $consumable->purchase_date          = $request->input('purchase_date');
+        $consumable->purchase_cost          = Helper::ParseFloat($request->input('purchase_cost'));
+        $consumable->qty                    = $request->input('qty');
+        $consumable->user_id                = Auth::id();
 
-        if (e(Input::get('purchase_date')) == '') {
-            $consumable->purchase_date       =  null;
-        } else {
-            $consumable->purchase_date       = e(Input::get('purchase_date'));
+
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_random(25).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/consumables/'.$file_name);
+            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $consumable->image = $file_name;
         }
 
-        if (e(Input::get('purchase_cost')) == '0.00') {
-            $consumable->purchase_cost       =  null;
-        } else {
-            $consumable->purchase_cost       = e(Input::get('purchase_cost'));
-        }
-
-        $consumable->qty                    = e(Input::get('qty'));
-        $consumable->user_id                = Auth::user()->id;
-
-        // Was the consumable created?
         if ($consumable->save()) {
-            // Redirect to the new consumable  page
-            return redirect()->to("admin/consumables")->with('success', trans('admin/consumables/message.create.success'));
+            return redirect()->route('consumables.index')->with('success', trans('admin/consumables/message.create.success'));
         }
 
         return redirect()->back()->withInput()->withErrors($consumable->getErrors());
 
-
     }
 
     /**
@@ -120,28 +113,18 @@ class ConsumablesController extends Controller
     * @param  int $consumableId
     * @see ConsumablesController::postEdit() method that stores the form data.
     * @since [v1.0]
-    * @return View
-    */
-    public function getEdit($consumableId = null)
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function edit($consumableId = null)
     {
-        // Check if the consumable exists
-        if (is_null($consumable = Consumable::find($consumableId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/consumables')->with('error', trans('admin/consumables/message.does_not_exist'));
-        } elseif (!Company::isCurrentUserHasAccess($consumable)) {
-            return redirect()->to('admin/consumables')->with('error', trans('general.insufficient_permissions'));
+        if ($item = Consumable::find($consumableId)) {
+            $this->authorize($item);
+            $category_type = 'consumable';
+            return view('consumables/edit', compact('item'))->with('category_type', $category_type);
         }
 
-            $category_list =  Helper::categoryList();
-        $company_list = Helper::companyList();
-        $location_list = Helper::locationsList();
-        $manufacturer_list = Helper::manufacturerList();
+        return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.does_not_exist'));
 
-        return View::make('consumables/edit', compact('consumable'))
-            ->with('category_list', $category_list)
-            ->with('company_list', $company_list)
-            ->with('location_list', $location_list)
-            ->with('manufacturer_list', $manufacturer_list);
     }
 
 
@@ -152,46 +135,46 @@ class ConsumablesController extends Controller
     * @param  int $consumableId
     * @see ConsumablesController::getEdit() method that stores the form data.
     * @since [v1.0]
-    * @return Redirect
-    */
-    public function postEdit($consumableId = null)
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function update(ImageUploadRequest $request,  $consumableId = null)
     {
         if (is_null($consumable = Consumable::find($consumableId))) {
-            return redirect()->to('admin/consumables')->with('error', trans('admin/consumables/message.does_not_exist'));
-        } elseif (!Company::isCurrentUserHasAccess($consumable)) {
-            return redirect()->to('admin/consumables')->with('error', trans('general.insufficient_permissions'));
+            return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.does_not_exist'));
         }
 
-        $consumable->name                   = e(Input::get('name'));
-        $consumable->category_id            = e(Input::get('category_id'));
-        $consumable->location_id            = e(Input::get('location_id'));
-        $consumable->company_id             = Company::getIdForCurrentUser(Input::get('company_id'));
-        $consumable->order_number           = e(Input::get('order_number'));
-        $consumable->min_amt                   = e(Input::get('min_amt'));
-        $consumable->manufacturer_id         = e(Input::get('manufacturer_id'));
-        $consumable->model_no               = e(Input::get('model_no'));
-        $consumable->item_no         = e(Input::get('item_no'));
+        $this->authorize($consumable);
 
-        if (e(Input::get('purchase_date')) == '') {
-            $consumable->purchase_date       =  null;
-        } else {
-            $consumable->purchase_date       = e(Input::get('purchase_date'));
+        $consumable->name                   = $request->input('name');
+        $consumable->category_id            = $request->input('category_id');
+        $consumable->location_id            = $request->input('location_id');
+        $consumable->company_id             = Company::getIdForCurrentUser($request->input('company_id'));
+        $consumable->order_number           = $request->input('order_number');
+        $consumable->min_amt                = $request->input('min_amt');
+        $consumable->manufacturer_id        = $request->input('manufacturer_id');
+        $consumable->model_number           = $request->input('model_number');
+        $consumable->item_no                = $request->input('item_no');
+        $consumable->purchase_date          = $request->input('purchase_date');
+        $consumable->purchase_cost          = Helper::ParseFloat(Input::get('purchase_cost'));
+        $consumable->qty                    = Helper::ParseFloat(Input::get('qty'));
+
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_random(25).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/consumables/'.$file_name);
+            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $consumable->image = $file_name;
+        } elseif ($request->input('image_delete')=='1') {
+            $consumable->image = null;
         }
 
-        if (e(Input::get('purchase_cost')) == '0.00') {
-            $consumable->purchase_cost       =  null;
-        } else {
-            $consumable->purchase_cost       = e(Input::get('purchase_cost'));
-        }
-
-        $consumable->qty                    = e(Input::get('qty'));
-
         if ($consumable->save()) {
-            return redirect()->to("admin/consumables")->with('success', trans('admin/consumables/message.update.success'));
+            return redirect()->route('consumables.index')->with('success', trans('admin/consumables/message.update.success'));
         }
-
         return redirect()->back()->withInput()->withErrors($consumable->getErrors());
-
     }
 
     /**
@@ -200,27 +183,19 @@ class ConsumablesController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param  int $consumableId
     * @since [v1.0]
-    * @return Redirect
-    */
-    public function getDelete($consumableId)
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function destroy($consumableId)
     {
-        // Check if the blog post exists
         if (is_null($consumable = Consumable::find($consumableId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/consumables')->with('error', trans('admin/consumables/message.not_found'));
-        } elseif (!Company::isCurrentUserHasAccess($consumable)) {
-            return redirect()->to('admin/consumables')->with('error', trans('general.insufficient_permissions'));
+            return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.not_found'));
         }
-
-            $consumable->delete();
-
-            // Redirect to the locations management page
-            return redirect()->to('admin/consumables')->with('success', trans('admin/consumables/message.delete.success'));
-
+        $this->authorize($consumable);
+        $consumable->delete();
+        // Redirect to the locations management page
+        return redirect()->route('consumables.index')->with('success', trans('admin/consumables/message.delete.success'));
     }
 
-
-
     /**
     * Return a view to display component information.
     *
@@ -228,29 +203,16 @@ class ConsumablesController extends Controller
     * @see ConsumablesController::getDataView() method that generates the JSON response
     * @since [v1.0]
     * @param int $consumableId
-    * @return View
-    */
-    public function getView($consumableId = null)
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function show($consumableId = null)
     {
         $consumable = Consumable::find($consumableId);
-
+        $this->authorize($consumable);
         if (isset($consumable->id)) {
-
-
-            if (!Company::isCurrentUserHasAccess($consumable)) {
-                return redirect()->to('admin/consumables')->with('error', trans('general.insufficient_permissions'));
-            } else {
-                return View::make('consumables/view', compact('consumable'));
-            }
-        } else {
-            // Prepare the error message
-            $error = trans('admin/consumables/message.does_not_exist', compact('id'));
-
-            // Redirect to the user management page
-            return redirect()->route('consumables')->with('error', $error);
+            return view('consumables/view', compact('consumable'));
         }
-
-
+        return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.does_not_exist', compact('id')));
     }
 
     /**
@@ -260,23 +222,15 @@ class ConsumablesController extends Controller
     * @see ConsumablesController::postCheckout() method that stores the data.
     * @since [v1.0]
     * @param int $consumableId
-    * @return View
-    */
+    * @return \Illuminate\Contracts\View\View
+     */
     public function getCheckout($consumableId)
     {
-        // Check if the consumable exists
         if (is_null($consumable = Consumable::find($consumableId))) {
-            // Redirect to the consumable management page with error
-            return redirect()->to('consumables')->with('error', trans('admin/consumables/message.not_found'));
-        } elseif (!Company::isCurrentUserHasAccess($consumable)) {
-            return redirect()->to('admin/consumables')->with('error', trans('general.insufficient_permissions'));
+            return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.does_not_exist'));
         }
-
-        // Get the dropdown of users and then pass it to the checkout view
-        $users_list = Helper::usersList();
-
-        return View::make('consumables/checkout', compact('consumable'))->with('users_list', $users_list);
-
+        $this->authorize('checkout', $consumable);
+        return view('consumables/checkout', compact('consumable'));
     }
 
     /**
@@ -286,233 +240,47 @@ class ConsumablesController extends Controller
     * @see ConsumablesController::getCheckout() method that returns the form.
     * @since [v1.0]
     * @param int $consumableId
-    * @return Redirect
-    */
+    * @return \Illuminate\Http\RedirectResponse
+     */
     public function postCheckout($consumableId)
     {
-      // Check if the consumable exists
         if (is_null($consumable = Consumable::find($consumableId))) {
-            // Redirect to the consumable management page with error
-            return redirect()->to('consumables')->with('error', trans('admin/consumables/message.not_found'));
-        } elseif (!Company::isCurrentUserHasAccess($consumable)) {
-            return redirect()->to('admin/consumables')->with('error', trans('general.insufficient_permissions'));
+            return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.not_found'));
         }
 
+        $this->authorize('checkout', $consumable);
+
         $admin_user = Auth::user();
         $assigned_to = e(Input::get('assigned_to'));
 
-      // Check if the user exists
+        // Check if the user exists
         if (is_null($user = User::find($assigned_to))) {
             // Redirect to the consumable management page with error
-            return redirect()->to('admin/consumables')->with('error', trans('admin/consumables/message.user_does_not_exist'));
+            return redirect()->route('checkout/consumable', $consumable)->with('error', trans('admin/consumables/message.checkout.user_does_not_exist'));
         }
 
-      // Update the consumable data
+        // Update the consumable data
         $consumable->assigned_to = e(Input::get('assigned_to'));
 
-        $consumable->users()->attach($consumable->id, array(
-        'consumable_id' => $consumable->id,
-        'user_id' => $admin_user->id,
-        'assigned_to' => e(Input::get('assigned_to'))));
-
-        $logaction = new Actionlog();
-        $logaction->consumable_id = $consumable->id;
-        $logaction->checkedout_to = $consumable->assigned_to;
-        $logaction->asset_type = 'consumable';
-        $logaction->location_id = $user->location_id;
-        $logaction->user_id = Auth::user()->id;
-        $logaction->note = e(Input::get('note'));
-
-        $settings = Setting::getSettings();
-
-        if ($settings->slack_endpoint) {
-
-            $slack_settings = [
-                'username' => $settings->botname,
-                'channel' => $settings->slack_channel,
-                'link_names' => true
-            ];
-
-            $client = new \Maknz\Slack\Client($settings->slack_endpoint, $slack_settings);
-
-            try {
-                    $client->attach([
-                        'color' => 'good',
-                        'fields' => [
-                            [
-                                'title' => 'Checked Out:',
-                                'value' => strtoupper($logaction->asset_type).' <'.config('app.url').'/admin/consumables/'.$consumable->id.'/view'.'|'.$consumable->name.'> checked out to <'.config('app.url').'/admin/users/'.$user->id.'/view|'.$user->fullName().'> by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
-                            ],
-                            [
-                                'title' => 'Note:',
-                                'value' => e($logaction->note)
-                            ],
-                        ]
-                    ])->send('Consumable Checked Out');
-
-            } catch (Exception $e) {
-
-            }
-        }
-
-
-        $log = $logaction->logaction('checkout');
-
-        $consumable_user = DB::table('consumables_users')->where('assigned_to', '=', $consumable->assigned_to)->where('consumable_id', '=', $consumable->id)->first();
+        $consumable->users()->attach($consumable->id, [
+            'consumable_id' => $consumable->id,
+            'user_id' => $admin_user->id,
+            'assigned_to' => e(Input::get('assigned_to'))
+        ]);
 
+        $logaction = $consumable->logCheckout(e(Input::get('note')), $user);
         $data['log_id'] = $logaction->id;
         $data['eula'] = $consumable->getEula();
         $data['first_name'] = $user->first_name;
         $data['item_name'] = $consumable->name;
         $data['checkout_date'] = $logaction->created_at;
-        $data['item_tag'] = '';
-        $data['expected_checkin'] = '';
         $data['note'] = $logaction->note;
         $data['require_acceptance'] = $consumable->requireAcceptance();
 
 
-        if (($consumable->requireAcceptance()=='1')  || ($consumable->getEula())) {
-
-            Mail::send('emails.accept-asset', $data, function ($m) use ($user) {
-                $m->to($user->email, $user->first_name . ' ' . $user->last_name);
-                $m->subject('Confirm consumable delivery');
-            });
-        }
-
       // Redirect to the new consumable page
-        return redirect()->to("admin/consumables")->with('success', trans('admin/consumables/message.checkout.success'));
-
-
+        return redirect()->route('consumables.index')->with('success', trans('admin/consumables/message.checkout.success'));
 
     }
 
-
-    /**
-    * Returns the JSON response containing the the consumables data.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ConsumablesController::getIndex() method that returns the view that consumes the JSON.
-    * @since [v1.0]
-    * @param int $consumableId
-    * @return View
-    */
-    public function getDatatable()
-    {
-        $consumables = Consumable::select('consumables.*')->whereNull('consumables.deleted_at')
-            ->with('company', 'location', 'category', 'users');
-
-        if (Input::has('search')) {
-            $consumables = $consumables->TextSearch(e(Input::get('search')));
-        }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        $allowed_columns = ['id','name','order_number','min_amt','purchase_date','purchase_cost','companyName','category','model_no', 'item_no', 'manufacturer'];
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
-
-        switch ($sort) {
-            case 'category':
-                $consumables = $consumables->OrderCategory($order);
-                break;
-            case 'location':
-                $consumables = $consumables->OrderLocation($order);
-                break;
-            case 'manufacturer':
-                $consumables = $consumables->OrderManufacturer($order);
-                break;
-            case 'companyName':
-                $consumables = $consumables->OrderCompany($order);
-                break;
-            default:
-                $consumables = $consumables->orderBy($sort, $order);
-                break;
-        }
-
-        $consumCount = $consumables->count();
-        $consumables = $consumables->skip($offset)->take($limit)->get();
-
-        $rows = array();
-
-        foreach ($consumables as $consumable) {
-            $actions = '<nobr><a href="'.route('checkout/consumable', $consumable->id).'" style="margin-right:5px;" class="btn btn-info btn-sm" '.(($consumable->numRemaining() > 0 ) ? '' : ' disabled').'>'.trans('general.checkout').'</a><a href="'.route('update/consumable', $consumable->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/consumable', $consumable->id).'" data-content="'.trans('admin/consumables/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($consumable->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></nobr>';
-            $company = $consumable->company;
-
-            $rows[] = array(
-                'id'            => $consumable->id,
-                'name'          => (string)link_to('admin/consumables/'.$consumable->id.'/view', e($consumable->name)),
-                'location'   => ($consumable->location) ? e($consumable->location->name) : '',
-                'min_amt'           => e($consumable->min_amt),
-                'qty'           => e($consumable->qty),
-                'manufacturer'           => ($consumable->manufacturer) ? e($consumable->manufacturer->name) : '',
-                'model_no'           => e($consumable->model_no),
-                'item_no'           => e($consumable->item_no),
-                'category'           => ($consumable->category) ? e($consumable->category->name) : 'Missing category',
-                'order_number'  => e($consumable->order_number),
-                'purchase_date'  => e($consumable->purchase_date),
-                'purchase_cost'  => ($consumable->purchase_cost!='') ? number_format($consumable->purchase_cost, 2): '' ,
-                'numRemaining'  => $consumable->numRemaining(),
-                'actions'       => $actions,
-                'companyName'   => is_null($company) ? '' : e($company->name),
-            );
-        }
-
-        $data = array('total' => $consumCount, 'rows' => $rows);
-
-        return $data;
-
-    }
-
-    /**
-    * Returns a JSON response containing details on the users associated with this consumable.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ConsumablesController::getView() method that returns the form.
-    * @since [v1.0]
-    * @param int $consumableId
-    * @return View
-    */
-    public function getDataView($consumableId)
-    {
-        //$consumable = Consumable::find($consumableID);
-        $consumable = Consumable::with(array('consumableAssigments'=>
-        function ($query) {
-            $query->orderBy('created_at', 'DESC');
-        },
-        'consumableAssigments.admin'=> function ($query) {
-        },
-        'consumableAssigments.user'=> function ($query) {
-        },
-        ))->find($consumableId);
-
-  //  $consumable->load('consumableAssigments.admin','consumableAssigments.user');
-
-        if (!Company::isCurrentUserHasAccess($consumable)) {
-            return ['total' => 0, 'rows' => []];
-        }
-
-        $rows = array();
-
-        foreach ($consumable->consumableAssigments as $consumable_assignment) {
-            $rows[] = array(
-            'name' => (string)link_to('/admin/users/'.$consumable_assignment->user->id.'/view', e($consumable_assignment->user->fullName())),
-            'created_at' => ($consumable_assignment->created_at->format('Y-m-d H:i:s')=='-0001-11-30 00:00:00') ? '' : $consumable_assignment->created_at->format('Y-m-d H:i:s'),
-            'admin' => ($consumable_assignment->admin) ? e($consumable_assignment->admin->fullName()) : '',
-            );
-        }
-
-        $consumableCount = $consumable->users->count();
-        $data = array('total' => $consumableCount, 'rows' => $rows);
-        return $data;
-    }
 }

app/Http/Controllers/CustomFieldsController.php

@@ -1,6 +1,7 @@
 <?php
 namespace App\Http\Controllers;
 
+use App\Http\Requests\CustomFieldRequest;
 use View;
 use App\Models\CustomFieldset;
 use App\Models\CustomField;
@@ -10,6 +11,9 @@ use Redirect;
 use App\Models\AssetModel;
 use Lang;
 use Auth;
+use Illuminate\Http\Request;
+use App\Helpers\Helper;
+use Log;
 
 /**
  * This controller handles all actions related to Custom Asset Fields for
@@ -33,72 +37,16 @@ class CustomFieldsController extends Controller
     */
     public function index()
     {
-        //
-        $fieldsets=CustomFieldset::with("fields", "models")->get();
-        //$fieldsets=CustomFieldset::all();
-        $fields=CustomField::with("fieldset")->get();
-        //$fields=CustomField::all();
-        return View::make("custom_fields.index")->with("custom_fieldsets", $fieldsets)->with("custom_fields", $fields);
+        $this->authorize('view', CustomField::class);
+
+        $fieldsets = CustomFieldset::with("fields", "models")->get();
+        $fields = CustomField::with("fieldset")->get();
+        return view("custom_fields.index")->with("custom_fieldsets", $fieldsets)->with("custom_fields", $fields);
     }
 
 
-    /**
-    * Returns a view with a form for creating a new custom fieldset.
-    *
-    * @author [Brady Wetherington] [<uberbrady@gmail.com>]
-    * @since [v1.8]
-    * @return View
-    */
-    public function create()
-    {
-        //
-        return View::make("custom_fields.create");
-    }
 
 
-    /**
-    * Validates and stores a new custom fieldset.
-    *
-    * @author [Brady Wetherington] [<uberbrady@gmail.com>]
-    * @since [v1.8]
-    * @return Redirect
-    */
-    public function store()
-    {
-        //
-        $cfset=new CustomFieldset(["name" => Input::get("name"),"user_id" => Auth::user()->id]);
-        $validator=Validator::make(Input::all(), $cfset->rules);
-        if ($validator->passes()) {
-            $cfset->save();
-            return redirect()->route("admin.custom_fields.show", [$cfset->id])->with('success', trans('admin/custom_fields/message.fieldset.create.success'));
-        } else {
-            return redirect()->back()->withInput()->withErrors($validator);
-        }
-    }
-
-    /**
-    * Associate the custom field with a custom fieldset.
-    *
-    * @author [Brady Wetherington] [<uberbrady@gmail.com>]
-    * @since [v1.8]
-    * @return View
-    */
-    public function associate($id)
-    {
-
-        $set = CustomFieldset::find($id);
-
-        foreach ($set->fields as $field) {
-            if ($field->id == Input::get('field_id')) {
-                return redirect()->route("admin.custom_fields.show", [$id])->withInput()->withErrors(['field_id' => trans('admin/custom_fields/message.field.already_added')]);
-            }
-        }
-
-        $results=$set->fields()->attach(Input::get('field_id'), ["required" => (Input::get('required') == "on"),"order" => Input::get('order')]);
-
-        return redirect()->route("admin.custom_fields.show", [$id])->with("success", trans('admin/custom_fields/message.field.create.assoc_success'));
-    }
-
 
     /**
     * Returns a view with a form to create a new custom field.
@@ -108,9 +56,11 @@ class CustomFieldsController extends Controller
     * @since [v1.8]
     * @return View
     */
-    public function createField()
+    public function create()
     {
-        return View::make("custom_fields.create_field");
+        $this->authorize('create', CustomField::class);
+
+        return view("custom_fields.fields.edit")->with('field', new CustomField());
     }
 
 
@@ -122,29 +72,54 @@ class CustomFieldsController extends Controller
     * @since [v1.8]
     * @return Redirect
     */
-    public function storeField()
+    public function store(CustomFieldRequest $request)
     {
-        $field=new CustomField(["name" => Input::get("name"),"element" => Input::get("element"),"user_id" => Auth::user()->id]);
+        $this->authorize('create', CustomField::class);
+
+        $field = new CustomField([
+            "name" => $request->get("name"),
+            "element" => $request->get("element"),
+            "help_text" => $request->get("help_text"),
+            "field_values" => $request->get("field_values"),
+            "field_encrypted" => $request->get("field_encrypted", 0),
+            "show_in_email" => $request->get("show_in_email", 0),
+            "user_id" => Auth::user()->id
+        ]);
 
 
-        if (!in_array(Input::get('format'), array_keys(CustomField::$PredefinedFormats))) {
-            $field->format=Input::get("custom_format");
+        if ($request->has("custom_format")) {
+            $field->format = e($request->get("custom_format"));
         } else {
-            $field->format=Input::get('format');
+            $field->format = e($request->get("format"));
         }
 
-        $validator=Validator::make(Input::all(), $field->rules);
-        if ($validator->passes()) {
-            $results=$field->save();
-            //return "postCreateField: $results";
-            if ($results) {
-                return redirect()->route("admin.custom_fields.index")->with("success", trans('admin/custom_fields/message.field.create.success'));
-            } else {
-                return redirect()->back()->withInput()->with('error', trans('admin/custom_fields/message.field.create.error'));
-            }
+        if ($field->save()) {
+            return redirect()->route("fields.index")->with("success", trans('admin/custom_fields/message.field.create.success'));
         } else {
-            return redirect()->back()->withInput()->withErrors($validator);
+            return redirect()->back()->withInput()->with('error', trans('admin/custom_fields/message.field.create.error'));
         }
+
+    }
+
+
+    /**
+     * Detach a custom field from a fieldset.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return Redirect
+     */
+    public function deleteFieldFromFieldset($field_id, $fieldset_id)
+    {
+        $field = CustomField::find($field_id);
+
+        $this->authorize('update', $field);
+
+        if ($field->fieldset()->detach($fieldset_id)) {
+            return redirect()->route('fieldsets.show', ['fieldset' => $fieldset_id])->with("success", trans('admin/custom_fields/message.field.delete.success'));
+        }
+
+        return redirect()->back()->withErrors(['message' => "Field is in-use"]);
     }
 
     /**
@@ -154,123 +129,76 @@ class CustomFieldsController extends Controller
     * @since [v1.8]
     * @return Redirect
     */
-    public function deleteField($field_id)
+    public function destroy($field_id)
     {
-        $field=CustomField::find($field_id);
+        $field = CustomField::find($field_id);
+
+        $this->authorize('delete', $field);
 
         if ($field->fieldset->count()>0) {
             return redirect()->back()->withErrors(['message' => "Field is in-use"]);
         } else {
             $field->delete();
-            return redirect()->route("admin.custom_fields.index")->with("success", trans('admin/custom_fields/message.field.delete.success'));
+            return redirect()->route("fields.index")->with("success", trans('admin/custom_fields/message.field.delete.success'));
         }
     }
 
-    /**
-    * Validates and stores a new custom field.
-    *
-    * @author [Brady Wetherington] [<uberbrady@gmail.com>]
-    * @param int $id
-    * @since [v1.8]
-    * @return View
-    */
-    public function show($id)
-    {
-        //$id=$parameters[0];
-        $cfset=CustomFieldset::find($id);
-
-        //print_r($parameters);
-        //
-        $custom_fields_list=["" => "Add New Field to Fieldset"] + CustomField::lists("name", "id")->toArray();
-        // print_r($custom_fields_list);
-        $maxid=0;
-        foreach ($cfset->fields as $field) {
-            // print "Looking for: ".$field->id;
-            if ($field->pivot->order > $maxid) {
-                $maxid=$field->pivot->order;
-            }
-            if (isset($custom_fields_list[$field->id])) {
-                // print "Found ".$field->id.", so removing it.<br>";
-                unset($custom_fields_list[$field->id]);
-            }
-        }
-
-        return View::make("custom_fields.show")->with("custom_fieldset", $cfset)->with("maxid", $maxid+1)->with("custom_fields_list", $custom_fields_list);
-    }
 
 
     /**
-    * What the actual fuck, Brady?
+    * Return a view to edit a custom field
     *
-    * @todo Uhh, build this?
-    * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+    * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param  int  $id
-    * @since [v1.8]
-    * @return Fuckall
+    * @since [v4.0]
+    * @return View
     */
     public function edit($id)
     {
-        //
+        $field = CustomField::find($id);
+
+        $this->authorize('update', $field);
+
+        return view("custom_fields.fields.edit")->with('field', $field);
     }
 
 
     /**
-    * GET IN THE SEA BRADY.
+    * Store the updated field
     *
-    * @todo Uhh, build this too?
-    * @author [Brady Wetherington] [<uberbrady@gmail.com>]
-    * @param  int  $id
-    * @since [v1.8]
-    * @return Fuckall
-    */
-    public function update($id)
-    {
-        //
-    }
-
-
-    /**
-    * Validates a custom fieldset and then deletes if it has no models associated.
+    * @todo Allow encrypting/decrypting if encryption status changes
     *
-    * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+    * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param  int  $id
-    * @since [v1.8]
-    * @return View
+    * @since [v4.0]
+    * @return Redirect
     */
-    public function destroy($id)
+    public function update(CustomFieldRequest $request, $id)
     {
-        //
-        $fieldset=CustomFieldset::find($id);
+        $field =  CustomField::find($id);
 
-        $models = AssetModel::where("fieldset_id", "=", $id);
-        if ($models->count()==0) {
-            $fieldset->delete();
-            return redirect()->route("admin.custom_fields.index")->with("success", trans('admin/custom_fields/message.fieldset.delete.success'));
+        $this->authorize('update', $field);
+
+        $field->name = e($request->get("name"));
+        $field->element = e($request->get("element"));
+        $field->field_values = e($request->get("field_values"));
+        $field->user_id = Auth::user()->id;
+        $field->help_text = $request->get("help_text");
+        $field->show_in_email = $request->get("show_in_email", 0);
+
+        if (!in_array(Input::get('format'), array_keys(CustomField::$PredefinedFormats))) {
+            $field->format = e($request->get("custom_format"));
         } else {
-            return redirect()->route("admin.custom_fields.index")->with("error", trans('admin/custom_fields/message.fieldset.delete.in_use')); //->with("models",$models);
+            $field->format = e($request->get("format"));
         }
+
+        if ($field->save()) {
+           return redirect()->route("fields.index")->with("success", trans('admin/custom_fields/message.field.update.success'));
+        }
+
+        return redirect()->back()->withInput()->with('error', trans('admin/custom_fields/message.field.update.error'));
     }
 
 
-    /**
-     * Reorder the custom fields within a fieldset
-     *
-     * @author [Brady Wetherington] [<uberbrady@gmail.com>]
-     * @param  int  $id
-     * @since [v3.0]
-     * @return Array
-     */
-    public function postReorder($id) {
-        $fieldset=CustomFieldset::find($id);
-        $fields = array();
 
-        $items = Input::get('item');
-        foreach ($fieldset->fields as $field) {
-            $value = array_shift($items);
-            $fields[$field->id] = ['required' => $field->pivot->required, 'order' => $value];
-        }
-        return $fieldset->fields()->sync($fields);
-
-
-    }
 }

app/Http/Controllers/CustomFieldsetsController.php

@@ -0,0 +1,192 @@
+<?php
+namespace App\Http\Controllers;
+
+use View;
+use App\Models\CustomFieldset;
+use App\Models\CustomField;
+use Input;
+use Validator;
+use Redirect;
+use App\Models\AssetModel;
+use Lang;
+use Auth;
+use Illuminate\Http\Request;
+use Log;
+
+/**
+ * This controller handles all actions related to Custom Asset Fields for
+ * the Snipe-IT Asset Management application.
+ *
+ * @todo Improve documentation here.
+ * @todo Check for raw DB queries and try to convert them to query builder statements
+ * @version    v2.0
+ * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+ */
+
+class CustomFieldsetsController extends Controller
+{
+
+        /**
+        * Validates and stores a new custom field.
+        *
+        * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+        * @param int $id
+        * @since [v1.8]
+        * @return View
+        */
+    public function show($id)
+    {
+        $cfset = CustomFieldset::with('fields')->where('id', '=', $id)->orderBy('id', 'ASC')->first();
+
+        $this->authorize('view', $cfset);
+
+        if ($cfset) {
+            $custom_fields_list = ["" => "Add New Field to Fieldset"] + CustomField::pluck("name", "id")->toArray();
+
+            $maxid = 0;
+            foreach ($cfset->fields() as $field) {
+                if ($field->pivot->order > $maxid) {
+                    $maxid=$field->pivot->order;
+                }
+                if (isset($custom_fields_list[$field->id])) {
+                    unset($custom_fields_list[$field->id]);
+                }
+            }
+
+            return view("custom_fields.fieldsets.view")->with("custom_fieldset", $cfset)->with("maxid", $maxid+1)->with("custom_fields_list", $custom_fields_list);
+        }
+
+        return redirect()->route("fields.index")->with("error", trans('admin/custom_fields/message.fieldset.does_not_exist'));
+
+    }
+
+
+    /**
+    * Returns a view with a form for creating a new custom fieldset.
+    *
+    * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+    * @since [v1.8]
+    * @return View
+    */
+    public function create()
+    {
+        $this->authorize('create', CustomFieldset::class);
+
+        return view("custom_fields.fieldsets.edit");
+    }
+
+
+    /**
+    * Validates and stores a new custom fieldset.
+    *
+    * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+    * @since [v1.8]
+    * @return Redirect
+    */
+    public function store(Request $request)
+    {
+        $this->authorize('create', CustomFieldset::class);
+
+        $cfset = new CustomFieldset(
+            [
+                "name" => e($request->get("name")),
+                "user_id" => Auth::user()->id]
+        );
+
+        $validator = Validator::make(Input::all(), $cfset->rules);
+        if ($validator->passes()) {
+            $cfset->save();
+            return redirect()->route("fieldsets.show", [$cfset->id])->with('success', trans('admin/custom_fields/message.fieldset.create.success'));
+        } else {
+            return redirect()->back()->withInput()->withErrors($validator);
+        }
+    }
+
+
+
+
+    /**
+    * What the actual fuck, Brady?
+    *
+    * @todo Uhh, build this?
+    * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+    * @param  int  $id
+    * @since [v1.8]
+    * @return Fuckall
+    */
+    public function edit($id)
+    {
+        //
+    }
+
+
+    /**
+    * GET IN THE SEA BRADY.
+    *
+    * @todo Uhh, build this too?
+    * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+    * @param  int  $id
+    * @since [v1.8]
+    * @return Fuckall
+    */
+    public function update($id)
+    {
+        //
+    }
+
+
+    /**
+    * Validates a custom fieldset and then deletes if it has no models associated.
+    *
+    * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+    * @param  int  $id
+    * @since [v1.8]
+    * @return View
+    */
+    public function destroy($id)
+    {
+        $fieldset = CustomFieldset::find($id);
+
+        $this->authorize('delete', $fieldset);
+
+        if ($fieldset) {
+            $models = AssetModel::where("fieldset_id", "=", $id);
+            if ($models->count() == 0) {
+                $fieldset->delete();
+                return redirect()->route("fields.index")->with("success", trans('admin/custom_fields/message.fieldset.delete.success'));
+            } else {
+                return redirect()->route("fields.index")->with("error", trans('admin/custom_fields/message.fieldset.delete.in_use'));
+            }
+        }
+
+        return redirect()->route("fields.index")->with("error", trans('admin/custom_fields/message.fieldset.does_not_exist'));
+
+
+    }
+
+
+    /**
+    * Associate the custom field with a custom fieldset.
+    *
+    * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+    * @since [v1.8]
+    * @return View
+    */
+    public function associate($id)
+    {
+
+        $set = CustomFieldset::find($id);
+
+        $this->authorize('update', $set);
+
+        foreach ($set->fields as $field) {
+            if ($field->id == Input::get('field_id')) {
+                return redirect()->route("fieldsets.show", [$id])->withInput()->withErrors(['field_id' => trans('admin/custom_fields/message.field.already_added')]);
+            }
+        }
+
+        $results=$set->fields()->attach(Input::get('field_id'), ["required" => (Input::get('required') == "on"),"order" => Input::get('order')]);
+
+        return redirect()->route("fieldsets.show", [$id])->with("success", trans('admin/custom_fields/message.field.create.assoc_success'));
+    }
+}

app/Http/Controllers/DashboardController.php

@@ -30,62 +30,23 @@ class DashboardController extends Controller
         // Show the page
         if (Auth::user()->hasAccess('admin')) {
 
-            $recent_activity = Actionlog::orderBy('created_at', 'DESC')
-                ->with('accessorylog', 'consumablelog', 'licenselog', 'assetlog', 'adminlog', 'userlog', 'componentlog')
-                ->take(30)
-                ->get();
+            $asset_stats=null;
 
+            $counts['asset'] = \App\Models\Asset::count();
+            $counts['accessory'] = \App\Models\Accessory::count();
+            $counts['license'] = \App\Models\License::assetcount();
+            $counts['consumable'] = \App\Models\Consumable::count();
+            $counts['grand_total'] =  $counts['asset'] +  $counts['accessory'] +  $counts['license'] +  $counts['consumable'];
 
-            $asset_stats['total'] = Asset::Hardware()->count();
-
-            $asset_stats['rtd']['total'] = Asset::Hardware()->RTD()->count();
-
-            if ($asset_stats['rtd']['total'] > 0) {
-                $asset_stats['rtd']['percent'] = round(($asset_stats['rtd']['total']/$asset_stats['total']) * 100);
-            } else {
-                $asset_stats['rtd']['percent'] = 0;
+            if ((!file_exists(storage_path().'/oauth-private.key')) || (!file_exists(storage_path().'/oauth-public.key'))) {
+                \Artisan::call('migrate', ['--force' => true]);
+                \Artisan::call('passport:install');
             }
 
-
-            $asset_stats['pending']['total'] = Asset::Hardware()->Pending()->count();
-
-            if ($asset_stats['pending']['total'] > 0) {
-                $asset_stats['pending']['percent'] = round(($asset_stats['pending']['total']/$asset_stats['total']) * 100);
-            } else {
-                $asset_stats['pending']['percent'] = 0;
-            }
-
-
-            $asset_stats['deployed']['total'] = Asset::Hardware()->Deployed()->count();
-
-            if ($asset_stats['deployed']['total'] > 0) {
-                 $asset_stats['deployed']['percent'] = round(($asset_stats['deployed']['total']/$asset_stats['total']) * 100);
-            } else {
-                $asset_stats['deployed']['percent'] = 0;
-            }
-
-
-            $asset_stats['undeployable']['total'] = Asset::Hardware()->Undeployable()->count();
-
-            if ($asset_stats['undeployable']['total'] > 0) {
-                $asset_stats['undeployable']['percent'] = round(($asset_stats['undeployable']['total']/$asset_stats['total']) * 100);
-            } else {
-                $asset_stats['undeployable']['percent'] = 0;
-            }
-
-            $asset_stats['archived']['total'] = Asset::Hardware()->Archived()->count();
-
-            if ($asset_stats['archived']['total'] > 0) {
-                $asset_stats['archived']['percent'] = round(($asset_stats['archived']['total']/$asset_stats['total']) * 100);
-            } else {
-                $asset_stats['archived']['percent'] = 0;
-            }
-
-
-            return View::make('dashboard')->with('asset_stats', $asset_stats)->with('recent_activity', $recent_activity);
+            return view('dashboard')->with('asset_stats', $asset_stats)->with('counts', $counts);
         } else {
         // Redirect to the profile page
-            return redirect()->route('view-assets');
+            return redirect()->intended('account/view-assets');
         }
     }
 }

app/Http/Controllers/DepartmentsController.php

@@ -0,0 +1,203 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use Illuminate\Http\Request;
+use App\Models\Department;
+use App\Helpers\Helper;
+use Auth;
+use Image;
+use App\Http\Requests\ImageUploadRequest;
+
+class DepartmentsController extends Controller
+{
+    public function __construct()
+    {
+        $this->middleware('auth');
+        parent::__construct();
+    }
+
+    /**
+     * Returns a view that invokes the ajax tables which actually contains
+     * the content for the assets listing, which is generated in getDatatable.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @see AssetController::getDatatable() method that generates the JSON response
+     * @since [v4.0]
+     * @return View
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('index', Department::class);
+        $company = null;
+        if ($request->has('company_id')) {
+            $company = Company::find($request->input('company_id'));
+        }
+        return view('departments/index')->with('company', $company);
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(ImageUploadRequest $request)
+    {
+        $this->authorize('create', Department::class);
+        $department = new Department;
+        $department->fill($request->all());
+        $department->user_id = Auth::user()->id;
+        $department->manager_id = ($request->has('manager_id' ) ? $request->input('manager_id') : null);
+
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_random(25).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/departments/'.$file_name);
+            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $department->image = $file_name;
+        }
+
+        if ($department->save()) {
+            return redirect()->route("departments.index")->with('success', trans('admin/departments/message.create.success'));
+        }
+        return redirect()->back()->withInput()->withErrors($department->getErrors());
+    }
+
+    /**
+     * Returns a view that invokes the ajax tables which actually contains
+     * the content for the department detail page.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $id
+     * @since [v4.0]
+     * @return \Illuminate\Contracts\View\View
+     */
+    public function show($id)
+    {
+        $department = Department::find($id);
+
+        $this->authorize('view', $department);
+
+        if (isset($department->id)) {
+            return view('departments/view', compact('department'));
+        }
+        return redirect()->route('departments.index')->with('error', trans('admin/departments/message.does_not_exist', compact('id')));
+    }
+
+
+    /**
+     * Returns a form view used to create a new department.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @see DepartmentsController::postCreate() method that validates and stores the data
+     * @since [v4.0]
+     * @return \Illuminate\Contracts\View\View
+     */
+    public function create()
+    {
+        $this->authorize('create', Department::class);
+
+        return view('departments/edit')->with('item', new Department);
+    }
+
+
+    /**
+     * Validates and deletes selected department.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $locationId
+     * @since [v4.0]
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function destroy($id)
+    {
+        if (is_null($department = Department::find($id))) {
+            return redirect()->to(route('departments.index'))->with('error', trans('admin/departments/message.not_found'));
+        }
+
+        $this->authorize('delete', $department);
+
+        if ($department->users->count() > 0) {
+            return redirect()->to(route('departments.index'))->with('error', trans('admin/departments/message.assoc_users'));
+        }
+
+        $department->delete();
+        return redirect()->back()->with('success', trans('admin/departments/message.delete.success'));
+
+    }
+
+    /**
+     * Makes a form view to edit location information.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @see LocationsController::postCreate() method that validates and stores
+     * @param int $locationId
+     * @since [v1.0]
+     * @return \Illuminate\Contracts\View\View
+     */
+    public function edit($id = null)
+    {
+        if (is_null($item = Department::find($id))) {
+            return redirect()->back()->with('error', trans('admin/locations/message.does_not_exist'));
+        }
+
+        $this->authorize('update', $item);
+
+        return view('departments/edit', compact('item'));
+    }
+
+    public function update(ImageUploadRequest $request, $id) {
+
+        if (is_null($department = Department::find($id))) {
+            return redirect()->route('departments.index')->with('error', trans('admin/departments/message.does_not_exist'));
+        }
+
+        $this->authorize('update', $department);
+
+        $department->fill($request->all());
+        $department->manager_id = ($request->has('manager_id' ) ? $request->input('manager_id') : null);
+
+        $old_image = $department->image;
+
+        // Set the model's image property to null if the image is being deleted
+        if ($request->input('image_delete') == 1) {
+            $department->image = null;
+        }
+
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = $department->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
+
+            if ($image->getClientOriginalExtension()!='svg') {
+                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                    $constraint->aspectRatio();
+                    $constraint->upsize();
+                })->save(app('departments_upload_path').$file_name);
+            } else {
+                $image->move(app('departments_upload_path'), $file_name);
+            }
+            $department->image = $file_name;
+
+        }
+
+        if ((($request->file('image')) && (isset($old_image)) && ($old_image!='')) || ($request->input('image_delete') == 1)) {
+            try  {
+                unlink(app('departments_upload_path').$old_image);
+            } catch (\Exception $e) {
+                \Log::info($e);
+            }
+        }
+
+        if ($department->save()) {
+            return redirect()->route("departments.index")->with('success', trans('admin/departments/message.update.success'));
+        }
+        return redirect()->back()->withInput()->withErrors($department->getErrors());
+    }
+}

app/Http/Controllers/DepreciationsController.php

@@ -1,7 +1,7 @@
 <?php
 namespace App\Http\Controllers;
 
-use Input;
+use App\Helpers\Helper;
 use Lang;
 use App\Models\Depreciation;
 use Redirect;
@@ -10,7 +10,7 @@ use DB;
 use Str;
 use View;
 use Auth;
-
+use Illuminate\Http\Request;
 
 /**
  * This controller handles all actions related to Depreciations for
@@ -27,12 +27,14 @@ class DepreciationsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net]
     * @see DepreciationsController::getDatatable() method that generates the JSON response
     * @since [v1.0]
-    * @return View
-    */
-    public function getIndex()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function index()
     {
+        $this->authorize('view', Depreciation::class);
+
         // Show the page
-        return View::make('depreciations/index', compact('depreciations'));
+        return view('depreciations/index');
     }
 
 
@@ -42,45 +44,43 @@ class DepreciationsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net]
     * @see DepreciationsController::postCreate()
     * @since [v1.0]
-    * @return View
-    */
-    public function getCreate()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function create()
     {
+        $this->authorize('create', Depreciation::class);
+
         // Show the page
-        return View::make('depreciations/edit')->with('depreciation', new Depreciation);
+        return view('depreciations/edit')->with('item', new Depreciation);
     }
 
 
     /**
-    * Validates and stores the new depreciation data.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net]
-    * @see DepreciationsController::postCreate()
-    * @since [v1.0]
-    * @return Redirect
-    */
-    public function postCreate()
+     * Validates and stores the new depreciation data.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net]
+     * @see DepreciationsController::postCreate()
+     * @since [v1.0]
+     * @param Request $request
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function store(Request $request)
     {
+        $this->authorize('create', Depreciation::class);
 
-      // get the POST data
-        $new = Input::all();
-
-      // create a new instance
+        // create a new instance
         $depreciation = new Depreciation();
+        // Depreciation data
+        $depreciation->name             = $request->input('name');
+        $depreciation->months           = $request->input('months');
+        $depreciation->user_id          = Auth::id();
 
-      // Depreciation data
-        $depreciation->name            = e(Input::get('name'));
-        $depreciation->months    = e(Input::get('months'));
-        $depreciation->user_id          = Auth::user()->id;
-
-      // Was the asset created?
+        // Was the asset created?
         if ($depreciation->save()) {
             // Redirect to the new depreciation  page
-            return redirect()->to("admin/settings/depreciations")->with('success', trans('admin/depreciations/message.create.success'));
+            return redirect()->route('depreciations.index')->with('success', trans('admin/depreciations/message.create.success'));
         }
-
         return redirect()->back()->withInput()->withErrors($depreciation->getErrors());
-
     }
 
     /**
@@ -90,138 +90,103 @@ class DepreciationsController extends Controller
     * @see DepreciationsController::postEdit()
     * @param int $depreciationId
     * @since [v1.0]
-    * @return View
-    */
-    public function getEdit($depreciationId = null)
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function edit($depreciationId = null)
     {
         // Check if the depreciation exists
-        if (is_null($depreciation = Depreciation::find($depreciationId))) {
+        if (is_null($item = Depreciation::find($depreciationId))) {
             // Redirect to the blogs management page
-            return redirect()->to('admin/settings/depreciations')->with('error', trans('admin/depreciations/message.does_not_exist'));
+            return redirect()->route('depreciations.index')->with('error', trans('admin/depreciations/message.does_not_exist'));
         }
 
-        return View::make('depreciations/edit', compact('depreciation'));
+        $this->authorize('update', $item);
+
+        return view('depreciations/edit', compact('item'));
     }
 
 
     /**
-    * Validates and stores the updated depreciation data.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net]
-    * @see DepreciationsController::getEdit()
-    * @param int $depreciationId
-    * @since [v1.0]
-    * @return Redirect
-    */
-    public function postEdit($depreciationId = null)
+     * Validates and stores the updated depreciation data.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net]
+     * @see DepreciationsController::getEdit()
+     * @param Request $request
+     * @param int $depreciationId
+     * @return \Illuminate\Http\RedirectResponse
+     * @since [v1.0]
+     */
+    public function update(Request $request, $depreciationId = null)
     {
         // Check if the depreciation exists
         if (is_null($depreciation = Depreciation::find($depreciationId))) {
             // Redirect to the blogs management page
-            return redirect()->to('admin/settings/depreciations')->with('error', trans('admin/depreciations/message.does_not_exist'));
+            return redirect()->route('depreciations.index')->with('error', trans('admin/depreciations/message.does_not_exist'));
         }
 
+        $this->authorize('update', $depreciation);
+
         // Depreciation data
-        $depreciation->name      = e(Input::get('name'));
-        $depreciation->months    = e(Input::get('months'));
+        $depreciation->name      = $request->input('name');
+        $depreciation->months    = $request->input('months');
 
         // Was the asset created?
         if ($depreciation->save()) {
             // Redirect to the depreciation page
-            return redirect()->to("admin/settings/depreciations/")->with('success', trans('admin/depreciations/message.update.success'));
+            return redirect()->route("depreciations.index")->with('success', trans('admin/depreciations/message.update.success'));
         }
-
         return redirect()->back()->withInput()->withErrors($depreciation->getErrors());
-
-
     }
 
     /**
-    * Validates and deletes a selected depreciation.
-    *
-    * This is a hard-delete. We do not currently soft-delete depreciations.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net]
-    * @since [v1.0]
-    * @return Redirect
-    */
-    public function getDelete($depreciationId)
+     * Validates and deletes a selected depreciation.
+     *
+     * This is a hard-delete. We do not currently soft-delete depreciations.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net]
+     * @since [v1.0]
+     * @param integer $depreciationId
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function destroy($depreciationId)
     {
         // Check if the depreciation exists
         if (is_null($depreciation = Depreciation::find($depreciationId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/settings/depreciations')->with('error', trans('admin/depreciations/message.not_found'));
+            return redirect()->route('depreciations.index')->with('error', trans('admin/depreciations/message.not_found'));
         }
 
+        $this->authorize('delete', $depreciation);
+
         if ($depreciation->has_models() > 0) {
-
             // Redirect to the asset management page
-            return redirect()->to('admin/settings/depreciations')->with('error', trans('admin/depreciations/message.assoc_users'));
-        } else {
-
-            $depreciation->delete();
-
-            // Redirect to the depreciations management page
-            return redirect()->to('admin/settings/depreciations')->with('success', trans('admin/depreciations/message.delete.success'));
+            return redirect()->route('depreciations.index')->with('error', trans('admin/depreciations/message.assoc_users'));
         }
 
+        $depreciation->delete();
+        // Redirect to the depreciations management page
+        return redirect()->route('depreciations.index')->with('success', trans('admin/depreciations/message.delete.success'));
     }
 
-
     /**
-    * Generates the JSON used to display the depreciation listing.
-    *
-    * @see DepreciationsController::getIndex()
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @param  string  $status
-    * @since [v1.2]
-    * @return String JSON
-    */
-    public function getDatatable()
+     * Returns a view that displays a form to display depreciation listing
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net]
+     * @see DepreciationsController::postEdit()
+     * @param int $depreciationId
+     * @since [v1.0]
+     * @return \Illuminate\Contracts\View\View
+     */
+    public function show($id)
     {
-        $depreciations = Depreciation::select(array('id','name','months'));
-
-        if (Input::has('search')) {
-            $depreciations = $depreciations->TextSearch(e(Input::get('search')));
+        if (is_null($depreciation = Depreciation::find($id))) {
+            // Redirect to the blogs management page
+            return redirect()->route('depreciations.index')->with('error', trans('admin/depreciations/message.does_not_exist'));
         }
 
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        $allowed_columns = ['id','name','months'];
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
-
-        $depreciations->orderBy($sort, $order);
-
-        $depreciationsCount = $depreciations->count();
-        $depreciations = $depreciations->skip($offset)->take($limit)->get();
-
-        $rows = array();
-
-        foreach ($depreciations as $depreciation) {
-            $actions = '<a href="'.route('update/depreciations', $depreciation->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/depreciations', $depreciation->id).'" data-content="'.trans('admin/depreciations/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($depreciation->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
-
-            $rows[] = array(
-                'id'            => $depreciation->id,
-                'name'          => e($depreciation->name),
-                'months'        => e($depreciation->months),
-                'actions'       => $actions
-            );
-        }
-
-        $data = array('total' => $depreciationsCount, 'rows' => $rows);
-
-        return $data;
+        $this->authorize('view', $depreciation);
 
+        return view('depreciations/view', compact('depreciation'));
     }
+
+
 }

app/Http/Controllers/GroupsController.php

@@ -26,12 +26,12 @@ class GroupsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net]
     * @see GroupsController::getDatatable() method that generates the JSON response
     * @since [v1.0]
-    * @return View
-    */
-    public function getIndex()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function index()
     {
         // Show the page
-        return View::make('groups/index', compact('groups'));
+        return view('groups/index');
     }
 
     /**
@@ -40,18 +40,18 @@ class GroupsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net]
     * @see GroupsController::postCreate()
     * @since [v1.0]
-    * @return View
-    */
-    public function getCreate()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function create()
     {
         $group = new Group;
         // Get all the available permissions
         $permissions = config('permissions');
-
-        $selectedPermissions = Input::old('permissions', array());
+        $groupPermissions = Helper::selectedPermissionsArray($permissions, $permissions);
+        $selectedPermissions = Input::old('permissions', $groupPermissions);
 
         // Show the page
-        return View::make('groups/edit', compact('permissions', 'selectedPermissions'))->with('group', $group);
+        return view('groups/edit', compact('permissions', 'selectedPermissions', 'groupPermissions'))->with('group', $group);
     }
 
     /**
@@ -60,9 +60,9 @@ class GroupsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net]
     * @see GroupsController::getCreate()
     * @since [v1.0]
-    * @return Redirect
-    */
-    public function postCreate()
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function store()
     {
         // create a new group instance
         $group = new Group();
@@ -70,12 +70,9 @@ class GroupsController extends Controller
         $group->permissions = json_encode(Input::get('permission'));
 
         if ($group->save()) {
-            return redirect()->to("admin/groups")->with('success', trans('admin/groups/message.create.success'));
+            return redirect()->route("groups.index")->with('success', trans('admin/groups/message.success.create'));
         }
-
         return redirect()->back()->withInput()->withErrors($group->getErrors());
-
-
     }
 
     /**
@@ -85,15 +82,20 @@ class GroupsController extends Controller
     * @see GroupsController::postEdit()
     * @param int $id
     * @since [v1.0]
-    * @return View
-    */
-    public function getEdit($id = null)
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function edit($id)
     {
         $group = Group::find($id);
-        $permissions = config('permissions');
-        $group->permissions = $group->decodePermissions();
-        $selected_array = Helper::selectedPermissionsArray($permissions, $group->permissions);
-        return View::make('groups/edit', compact('group', 'permissions','selected_array'));
+
+        if ($group) {
+            $permissions = config('permissions');
+            $groupPermissions = $group->decodePermissions();
+            $selected_array = Helper::selectedPermissionsArray($permissions, $groupPermissions);
+            return view('groups.edit', compact('group', 'permissions', 'selected_array', 'groupPermissions'));
+        }
+
+        return redirect()->route('groups.index')->with('error', trans('admin/groups/message.group_not_found'));
     }
 
     /**
@@ -103,30 +105,24 @@ class GroupsController extends Controller
     * @see GroupsController::getEdit()
     * @param int $id
     * @since [v1.0]
-    * @return Redirect
-    */
-    public function postEdit($id = null)
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function update($id = null)
     {
         $permissions = config('permissions');
         if (!$group = Group::find($id)) {
-            return redirect()->route('groups')->with('error', trans('admin/groups/message.group_not_found', compact('id')));
-
+            return redirect()->route('groups.index')->with('error', trans('admin/groups/message.group_not_found', compact('id')));
         }
         $group->name = e(Input::get('name'));
         $group->permissions = json_encode(Input::get('permission'));
 
-
         if (!config('app.lock_passwords')) {
-
             if ($group->save()) {
-                return redirect()->to("admin/groups")->with('success', trans('admin/groups/message.create.success'));
+                return redirect()->route('groups.index')->with('success', trans('admin/groups/message.success.update'));
             }
             return redirect()->back()->withInput()->withErrors($group->getErrors());
-
-        } else {
-            return redirect()->route('update/group', $id)->withInput()->with('error', 'Denied! Editing groups is not allowed in the demo.');
         }
-
+        return redirect()->route('groups.index')->with('error', trans('general.feature_disabled'));
     }
 
     /**
@@ -136,103 +132,39 @@ class GroupsController extends Controller
     * @see GroupsController::getEdit()
     * @param int $id
     * @since [v1.0]
-    * @return Redirect
-    */
-    public function getDelete($id = null)
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function destroy($id = null)
     {
         if (!config('app.lock_passwords')) {
-            try {
-                // Get group information
-                $group = Group::find($id);
-                $group->delete();
-
-                // Redirect to the group management page
-                return redirect()->route('groups')->with('success', trans('admin/groups/message.success.delete'));
-            } catch (GroupNotFoundException $e) {
-                // Redirect to the group management page
-                return redirect()->route('groups')->with('error', trans('admin/groups/message.group_not_found', compact('id')));
+            if (!$group = Group::find($id)) {
+                return redirect()->route('groups.index')->with('error', trans('admin/groups/message.group_not_found', compact('id')));
             }
-        } else {
-            return redirect()->route('groups')->with('error', trans('general.feature_disabled'));
+            $group->delete();
+            // Redirect to the group management page
+            return redirect()->route('groups.index')->with('success', trans('admin/groups/message.success.delete'));
         }
+        return redirect()->route('groups.index')->with('error', trans('general.feature_disabled'));
     }
 
-
     /**
-    * Generates the JSON used to display the User Group listing.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v2.0]
-    * @return String JSON
-    */
-    public function getDatatable()
+     * Returns a view that invokes the ajax tables which actually contains
+     * the content for the group detail page.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $locationId
+     * @since [v4.0.11]
+     * @return \Illuminate\Contracts\View\View
+     */
+    public function show($id)
     {
+        $group = Group::find($id);
 
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
+        if ($group) {
+            return view('groups/view', compact('group'));
         }
 
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        if (Input::get('sort')=='name') {
-            $sort = 'first_name';
-        } else {
-            $sort = e(Input::get('sort'));
-        }
-
-        // Grab all the groups
-        $groups = Group::with('users')->orderBy('name', 'ASC');
-        //$users = Company::scopeCompanyables($users);
-
-        if (Input::has('search')) {
-            $groups = $users->TextSearch(e(Input::get('search')));
-        }
-
-         $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-
-        $allowed_columns =
-         [
-           'name','created_at'
-         ];
-
-        $sort = in_array($sort, $allowed_columns) ? $sort : 'name';
-        $groups = $groups->orderBy($sort, $order);
-
-        $groupsCount = $groups->count();
-        $groups = $groups->skip($offset)->take($limit)->get();
-        $rows = array();
-
-        foreach ($groups as $group) {
-            $group_names = '';
-            $inout = '';
-            $actions = '<nobr>';
-
-            $actions .= '<a href="' . route('update/group', $group->id) . '" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> ';
-
-            if (!config('app.lock_passwords')) {
-                  $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/group', $group->id) . '" data-content="'.trans('admin/groups/message.delete.confirm').'" data-title="Delete ' . htmlspecialchars($group->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a> ';
-            } else {
-                $actions .= ' <span class="btn delete-asset btn-danger btn-sm disabled"><i class="fa fa-trash icon-white"></i></span>';
-            }
-
-            $actions .= '</nobr>';
-
-            $rows[] = array(
-                'id'         => $group->id,
-                'name'        => $group->name,
-                'users'         => $group->users->count(),
-                'created_at'        => $group->created_at->format('Y-m-d'),
-                'actions'       => ($actions) ? $actions : '',
-            );
-        }
-
-        $data = array('total'=>$groupsCount, 'rows'=>$rows);
-        return $data;
+        return redirect()->route('groups.index')->with('error', trans('admin/groups/message.group_not_found', compact('id')));
     }
+
 }

app/Http/Controllers/ImportsController.php

@@ -0,0 +1,20 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Http\Transformers\ImportsTransformer;
+use App\Models\Import;
+use Illuminate\Http\Request;
+use App\Models\Asset;
+
+
+class ImportsController extends Controller
+{
+    public function index()
+    {
+        $this->authorize('import');
+        $imports = Import::latest()->get();
+        $imports = (new ImportsTransformer)->transformImports($imports);
+        return view('importer/import')->with('imports', $imports);
+    }
+}

app/Http/Controllers/LocationsController.php

@@ -1,9 +1,11 @@
 <?php
 namespace App\Http\Controllers;
 
+use App\Helpers\Helper;
 use Input;
 use Lang;
 use App\Models\Location;
+use phpDocumentor\Reflection\Types\Array_;
 use Redirect;
 use App\Models\Setting;
 use App\Models\User;
@@ -14,6 +16,8 @@ use Validator;
 use View;
 use Auth;
 use Symfony\Component\HttpFoundation\JsonResponse;
+use Image;
+use App\Http\Requests\ImageUploadRequest;
 
 /**
  * This controller handles all actions related to Locations for
@@ -31,15 +35,16 @@ class LocationsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @see LocationsController::getDatatable() method that generates the JSON response
     * @since [v1.0]
-    * @return View
-    */
-    public function getIndex()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function index()
     {
         // Grab all the locations
+        $this->authorize('view', Location::class);
         $locations = Location::orderBy('created_at', 'DESC')->with('parent', 'assets', 'assignedassets')->get();
 
         // Show the page
-        return View::make('locations/index', compact('locations'));
+        return view('locations/index');
     }
 
 
@@ -49,19 +54,20 @@ class LocationsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @see LocationsController::postCreate() method that validates and stores the data
     * @since [v1.0]
-    * @return View
-    */
-    public function getCreate()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function create()
     {
+        $this->authorize('create', Location::class);
         $locations = Location::orderBy('name', 'ASC')->get();
 
         $location_options_array = Location::getLocationHierarchy($locations);
         $location_options = Location::flattenLocationsArray($location_options_array);
         $location_options = array('' => 'Top Level') + $location_options;
 
-        return View::make('locations/edit')
-        ->with('location_options', $location_options)
-        ->with('location', new Location);
+        return view('locations/edit')
+            ->with('location_options', $location_options)
+            ->with('item', new Location);
     }
 
 
@@ -72,78 +78,40 @@ class LocationsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @see LocationsController::getCreate() method that makes the form
     * @since [v1.0]
-    * @return Redirect
-    */
-    public function postCreate()
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function store(ImageUploadRequest $request)
     {
-
-    // create a new location instance
+        $this->authorize('create', Location::class);
         $location = new Location();
+        $location->name             = $request->input('name');
+        $location->parent_id        = $request->input('parent_id', null);
+        $location->currency         = $request->input('currency', '$');
+        $location->address          = $request->input('address');
+        $location->address2         = $request->input('address2');
+        $location->city             = $request->input('city');
+        $location->state            = $request->input('state');
+        $location->country          = $request->input('country');
+        $location->zip              = $request->input('zip');
+        $location->ldap_ou          = $request->input('ldap_ou');
+        $location->manager_id       = $request->input('manager_id');
+        $location->user_id          = Auth::id();
 
-
-    // Save the location data
-        $location->name             = e(Input::get('name'));
-        if (Input::get('parent_id')=='') {
-            $location->parent_id        = null;
-        } else {
-            $location->parent_id        = e(Input::get('parent_id'));
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_random(25).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/locations/'.$file_name);
+            Image::make($image->getRealPath())->resize(600, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $location->image = $file_name;
         }
-        $location->currency             = e(Input::get('currency', '$'));
-        $location->address          = e(Input::get('address'));
-        $location->address2             = e(Input::get('address2'));
-        $location->city             = e(Input::get('city'));
-        $location->state            = e(Input::get('state'));
-        $location->country          = e(Input::get('country'));
-        $location->zip              = e(Input::get('zip'));
-        $location->user_id          = Auth::user()->id;
 
         if ($location->save()) {
-            // Redirect to the new location  page
-            return redirect()->to("admin/settings/locations")->with('success', trans('admin/locations/message.create.success'));
+            return redirect()->route("locations.index")->with('success', trans('admin/locations/message.create.success'));
         }
-
         return redirect()->back()->withInput()->withErrors($location->getErrors());
-
-    }
-
-    /**
-    * Validates and stores a new location created via the Create Asset form modal.
-    *
-    * @todo Check if a Form Request would work better here.
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see AssetsController::getCreate() method that makes the form
-    * @since [v1.0]
-    * @return String JSON
-    */
-    public function store()
-    {
-
-        $new['currency']=Setting::first()->default_currency;
-
-        // create a new location instance
-        $location = new Location();
-
-        // Save the location data
-        $location->name               = e(Input::get('name'));
-        $location->currency           =  Setting::first()->default_currency; //e(Input::get('currency'));
-        $location->address            = ''; //e(Input::get('address'));
-        // $location->address2			= e(Input::get('address2'));
-        $location->city               = e(Input::get('city'));
-        $location->state          = '';//e(Input::get('state'));
-        $location->country            = e(Input::get('country'));
-        // $location->zip    			= e(Input::get('zip'));
-        $location->user_id          = Auth::user()->id;
-
-        // Was the location created?
-        if ($location->save()) {
-            return JsonResponse::create($location);
-
-        }
-
-        // failure
-        $errors = $location->errors();
-        return JsonResponse::create(["error" => "Failed validation: ".print_r($location->getErrors(), true)], 500);
-
     }
 
 
@@ -154,13 +122,14 @@ class LocationsController extends Controller
     * @see LocationsController::postCreate() method that validates and stores
     * @param int $locationId
     * @since [v1.0]
-    * @return View
-    */
-    public function getEdit($locationId = null)
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function edit($locationId = null)
     {
+        $this->authorize('update', Location::class);
         // Check if the location exists
-        if (is_null($location = Location::find($locationId))) {
-            return redirect()->to('admin/settings/locations')->with('error', trans('admin/locations/message.does_not_exist'));
+        if (is_null($item = Location::find($locationId))) {
+            return redirect()->route('locations.index')->with('error', trans('admin/locations/message.does_not_exist'));
         }
 
         // Show the page
@@ -169,7 +138,8 @@ class LocationsController extends Controller
         $location_options = Location::flattenLocationsArray($location_options_array);
         $location_options = array('' => 'Top Level') + $location_options;
 
-        return View::make('locations/edit', compact('location'))->with('location_options', $location_options);
+        return view('locations/edit', compact('item'))
+            ->with('location_options', $location_options);
     }
 
 
@@ -180,40 +150,65 @@ class LocationsController extends Controller
     * @see LocationsController::getEdit() method that makes the form view
     * @param int $locationId
     * @since [v1.0]
-    * @return Redirect
-    */
-    public function postEdit($locationId = null)
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function update(ImageUploadRequest $request, $locationId = null)
     {
+        $this->authorize('update', Location::class);
         // Check if the location exists
         if (is_null($location = Location::find($locationId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/settings/locations')->with('error', trans('admin/locations/message.does_not_exist'));
+            return redirect()->route('locations.index')->with('error', trans('admin/locations/message.does_not_exist'));
         }
 
         // Update the location data
-        $location->name         = e(Input::get('name'));
-        if (Input::get('parent_id')=='') {
-            $location->parent_id        = null;
-        } else {
-            $location->parent_id        = e(Input::get('parent_id', ''));
-        }
-        $location->currency             = e(Input::get('currency', '$'));
-        $location->address          = e(Input::get('address'));
-        $location->address2             = e(Input::get('address2'));
-        $location->city             = e(Input::get('city'));
-        $location->state            = e(Input::get('state'));
-        $location->country      = e(Input::get('country'));
-        $location->zip            = e(Input::get('zip'));
+        $location->name         = $request->input('name');
+        $location->parent_id    = $request->input('parent_id', null);
+        $location->currency     = $request->input('currency', '$');
+        $location->address      = $request->input('address');
+        $location->address2     = $request->input('address2');
+        $location->city         = $request->input('city');
+        $location->state        = $request->input('state');
+        $location->country      = $request->input('country');
+        $location->zip          = $request->input('zip');
+        $location->ldap_ou      = $request->input('ldap_ou');
+        $location->manager_id   = $request->input('manager_id');
+
+        $old_image = $location->image;
+
+        // Set the model's image property to null if the image is being deleted
+        if ($request->input('image_delete') == 1) {
+            $location->image = null;
+        }
+
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = $location->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
+
+            if ($image->getClientOriginalExtension()!='svg') {
+                Image::make($image->getRealPath())->resize(600, null, function ($constraint) {
+                    $constraint->aspectRatio();
+                    $constraint->upsize();
+                })->save(app('locations_upload_path').$file_name);
+            } else {
+                $image->move(app('locations_upload_path'), $file_name);
+            }
+            $location->image = $file_name;
+
+        }
+
+        if ((($request->file('image')) && (isset($old_image)) && ($old_image!='')) || ($request->input('image_delete') == 1)) {
+            try  {
+                unlink(app('locations_upload_path').$old_image);
+            } catch (\Exception $e) {
+                \Log::info($e);
+            }
+        }
+
 
-        // Was the asset created?
         if ($location->save()) {
-          // Redirect to the saved location page
-            return redirect()->to("admin/settings/locations/")->with('success', trans('admin/locations/message.update.success'));
+            return redirect()->route("locations.index")->with('success', trans('admin/locations/message.update.success'));
         }
-
-        // Redirect to the location management page
         return redirect()->back()->withInput()->withInput()->withErrors($location->getErrors());
-
     }
 
     /**
@@ -222,32 +217,31 @@ class LocationsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param int $locationId
     * @since [v1.0]
-    * @return Redirect
-    */
-    public function getDelete($locationId)
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function destroy($locationId)
     {
-        // Check if the location exists
+        $this->authorize('delete', Location::class);
         if (is_null($location = Location::find($locationId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/settings/locations')->with('error', trans('admin/locations/message.not_found'));
+            return redirect()->to(route('locations.index'))->with('error', trans('admin/locations/message.not_found'));
         }
 
-
         if ($location->users->count() > 0) {
-            return redirect()->to('admin/settings/locations')->with('error', trans('admin/locations/message.assoc_users'));
+            return redirect()->to(route('locations.index'))->with('error', trans('admin/locations/message.assoc_users'));
+
         } elseif ($location->childLocations->count() > 0) {
-            return redirect()->to('admin/settings/locations')->with('error', trans('admin/locations/message.assoc_child_loc'));
+            return redirect()->to(route('locations.index'))->with('error', trans('admin/locations/message.assoc_child_loc'));
+
         } elseif ($location->assets->count() > 0) {
-            return redirect()->to('admin/settings/locations')->with('error', trans('admin/locations/message.assoc_assets'));
+            return redirect()->to(route('locations.index'))->with('error', trans('admin/locations/message.assoc_assets'));
+
         } elseif ($location->assignedassets->count() > 0) {
-            return redirect()->to('admin/settings/locations')->with('error', trans('admin/locations/message.assoc_assets'));
+            return redirect()->to(route('locations.index'))->with('error', trans('admin/locations/message.assoc_assets'));
+
         } else {
             $location->delete();
-            return redirect()->to('admin/settings/locations')->with('success', trans('admin/locations/message.delete.success'));
+            return redirect()->to(route('locations.index'))->with('success', trans('admin/locations/message.delete.success'));
         }
-
-
-
     }
 
 
@@ -256,177 +250,19 @@ class LocationsController extends Controller
     * the content for the locations detail page.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see LocationsController::getDataViewUsers() method that returns JSON for location users
-    * @see LocationsController::getDataViewAssets() method that returns JSON for location assets
     * @param int $locationId
     * @since [v1.0]
-    * @return View
-    */
-    public function getView($locationId = null)
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function show($locationId = null)
     {
         $location = Location::find($locationId);
 
         if (isset($location->id)) {
-                return View::make('locations/view', compact('location'));
-        } else {
-            // Prepare the error message
-            $error = trans('admin/locations/message.does_not_exist', compact('id'));
-
-            // Redirect to the user management page
-            return redirect()->route('locations')->with('error', $error);
+            return view('locations/view', compact('location'));
         }
 
-
+        return redirect()->route('locations.index')->with('error', trans('admin/locations/message.does_not_exist', compact('id')));
     }
 
-
-    /**
-    * Returns the JSON response to populate the bootstrap tables on the locationa view.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see LocationsController::getIndex() method that returns JSON for location index
-    * @since [v1.0]
-    * @return View
-    */
-    public function getDatatable()
-    {
-        $locations = Location::select(array('locations.id','locations.name','locations.address','locations.address2','locations.city','locations.state','locations.zip','locations.country','locations.parent_id','locations.currency'))->with('assets');
-
-
-        if (Input::has('search')) {
-            $locations = $locations->TextSearch(e(Input::get('search')));
-        }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-
-
-
-        switch (Input::get('sort')) {
-            case 'parent':
-                $locations = $locations->OrderParent($order);
-                break;
-            default:
-                $allowed_columns = ['id','name','address','city','state','country','currency'];
-
-                $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
-                $locations = $locations->orderBy($sort, $order);
-                break;
-        }
-
-
-        $locationsCount = $locations->count();
-        $locations = $locations->skip($offset)->take($limit)->get();
-
-        $rows = array();
-
-        foreach ($locations as $location) {
-            $actions = '<nobr><a href="'.route('update/location', $location->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/location', $location->id).'" data-content="'.trans('admin/locations/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($location->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></nobr>';
-
-            $rows[] = array(
-                'id'            => $location->id,
-                'name'          => (string)link_to('admin/settings/locations/'.$location->id.'/view', e($location->name)),
-                'parent'        => ($location->parent) ? e($location->parent->name) : '',
-              //  'assets'        => ($location->assets->count() + $location->assignedassets->count()),
-                'assets_default' => $location->assignedassets->count(),
-                'assets_checkedout' => $location->assets->count(),
-                'address'       => ($location->address) ? e($location->address): '',
-                'city'          => e($location->city),
-                'state'         => e($location->state),
-                'country'       => e($location->country),
-                'currency'      => e($location->currency),
-                'actions'       => $actions
-            );
-        }
-
-        $data = array('total' => $locationsCount, 'rows' => $rows);
-
-        return $data;
-
-    }
-
-
-    /**
-    * Returns a JSON response that contains the users association with the
-    * selected location, to be used by the location detail view.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see LocationsController::getView() method that creates the display view
-    * @param int $locationId
-    * @since [v1.8]
-    * @return View
-    */
-    public function getDataViewUsers($locationID)
-    {
-        $location = Location::find($locationID);
-        $users = User::where('location_id','=',$location->id);
-
-        if (Input::has('search')) {
-            $users = $users->TextSearch(e(Input::get('search')));
-        }
-
-        $users = $users->get();
-        $rows = array();
-
-        foreach ($users as $user) {
-            $rows[] = array(
-              'name' => (string)link_to('/admin/users/'.$user->id.'/view', e($user->fullName()))
-              );
-        }
-
-        $data = array('total' => $users->count(), 'rows' => $rows);
-
-        return $data;
-    }
-
-
-    /**
-    * Returns a JSON response that contains the assets association with the
-    * selected location, to be used by the location detail view.
-    *
-    * @todo This is broken for accessories and consumables.
-    * @todo This is a very naive implementation. Should clean this up with query scopes.
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see LocationsController::getView() method that creates the display view
-    * @param int $locationID
-    * @since [v1.8]
-    * @return View
-    */
-    public function getDataViewAssets($locationID)
-    {
-        $location = Location::find($locationID)->load('assignedassets.model');
-        $assets = Asset::AssetsByLocation($location);
-
-        if (Input::has('search')) {
-            $assets = $assets->TextSearch(e(Input::get('search')));
-        }
-
-        $assets = $assets->get();
-
-        $rows = array();
-
-        foreach ($assets as $asset) {
-            $rows[] = array(
-            'name' => (string)link_to(config('app.url').'/hardware/'.$asset->id.'/view', e($asset->showAssetName())),
-            'asset_tag' => e($asset->asset_tag),
-            'serial' => e($asset->serial),
-            'model' => e($asset->model->name),
-            );
-        }
-
-        $data = array('total' => $assets->count(), 'rows' => $rows);
-        return $data;
-
-    }
 }

app/Http/Controllers/ManufacturersController.php

@@ -1,15 +1,20 @@
 <?php
 namespace App\Http\Controllers;
 
-use App\Models\Company;
+use App\Helpers\Helper;
+use App\Http\Requests\ImageUploadRequest;
+use App\Models\CustomField;
+use App\Models\Manufacturer;
+use Auth;
+use Exception;
+use Gate;
 use Input;
 use Lang;
-use App\Models\Manufacturer;
 use Redirect;
-use App\Models\Setting;
 use Str;
 use View;
-use Auth;
+use Illuminate\Http\Request;
+use Image;
 
 /**
  * This controller handles all actions related to Manufacturers for
@@ -24,14 +29,14 @@ class ManufacturersController extends Controller
     * the content for the manufacturers listing, which is generated in getDatatable.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ManufacturersController::getDatatable() method that generates the JSON response
+    * @see Api\ManufacturersController::index() method that generates the JSON response
     * @since [v1.0]
-    * @return View
-    */
-    public function getIndex()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function index()
     {
-        // Show the page
-        return View::make('manufacturers/index', compact('manufacturers'));
+        $this->authorize('index', Manufacturer::class);
+        return view('manufacturers/index');
     }
 
 
@@ -39,89 +44,141 @@ class ManufacturersController extends Controller
     * Returns a view that displays a form to create a new manufacturer.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ManufacturersController::postCreate()
+    * @see ManufacturersController::store()
     * @since [v1.0]
-    * @return View
-    */
-    public function getCreate()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function create()
     {
-        return View::make('manufacturers/edit')->with('manufacturer', new Manufacturer);
+        $this->authorize('create', Manufacturer::class);
+        return view('manufacturers/edit')->with('item', new Manufacturer);
     }
 
 
     /**
-    * Validates and stores the data for a new manufacturer.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ManufacturersController::postCreate()
-    * @since [v1.0]
-    * @return Redirect
-    */
-    public function postCreate()
+     * Validates and stores the data for a new manufacturer.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @see ManufacturersController::create()
+     * @since [v1.0]
+     * @param Request $request
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function store(ImageUploadRequest $request)
     {
-        $manufacturer = new Manufacturer;
-        $manufacturer->name            = e(Input::get('name'));
-        $manufacturer->user_id          = Auth::user()->id;
 
-        if ($manufacturer->save()) {
-            return redirect()->to("admin/settings/manufacturers")->with('success', trans('admin/manufacturers/message.create.success'));
+        $this->authorize('create', Manufacturer::class);
+        $manufacturer = new Manufacturer;
+        $manufacturer->name            = $request->input('name');
+        $manufacturer->user_id          = Auth::user()->id;
+        $manufacturer->url     = $request->input('url');
+        $manufacturer->support_url     = $request->input('support_url');
+        $manufacturer->support_phone    = $request->input('support_phone');
+        $manufacturer->support_email    = $request->input('support_email');
+
+
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_slug($image->getClientOriginalName()).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/manufacturers/'.$file_name);
+            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $manufacturer->image = $file_name;
         }
 
-        return redirect()->back()->withInput()->withErrors($manufacturer->getErrors());
 
+
+        if ($manufacturer->save()) {
+            return redirect()->route('manufacturers.index')->with('success', trans('admin/manufacturers/message.create.success'));
+        }
+        return redirect()->back()->withInput()->withErrors($manufacturer->getErrors());
     }
 
     /**
     * Returns a view that displays a form to edit a manufacturer.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ManufacturersController::postEdit()
+    * @see ManufacturersController::update()
     * @param int $manufacturerId
     * @since [v1.0]
-    * @return View
-    */
-    public function getEdit($manufacturerId = null)
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function edit($id = null)
     {
+        $this->authorize('edit', Manufacturer::class);
         // Check if the manufacturer exists
-        if (is_null($manufacturer = Manufacturer::find($manufacturerId))) {
-            // Redirect to the manufacturer  page
-            return redirect()->to('admin/settings/manufacturers')->with('error', trans('admin/manufacturers/message.does_not_exist'));
+        if (is_null($item = Manufacturer::find($id))) {
+            return redirect()->route('manufacturers.index')->with('error', trans('admin/manufacturers/message.does_not_exist'));
         }
-
         // Show the page
-        return View::make('manufacturers/edit', compact('manufacturer'));
+        return view('manufacturers/edit', compact('item'));
     }
 
 
     /**
-    * Validates and stores the updated manufacturer data.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ManufacturersController::getEdit()
-    * @param int $manufacturerId
-    * @since [v1.0]
-    * @return View
-    */
-    public function postEdit($manufacturerId = null)
+     * Validates and stores the updated manufacturer data.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @see ManufacturersController::getEdit()
+     * @param Request $request
+     * @param int $manufacturerId
+     * @return \Illuminate\Http\RedirectResponse
+     * @since [v1.0]
+     */
+    public function update(ImageUploadRequest $request, $manufacturerId = null)
     {
+        $this->authorize('edit', Manufacturer::class);
         // Check if the manufacturer exists
         if (is_null($manufacturer = Manufacturer::find($manufacturerId))) {
             // Redirect to the manufacturer  page
-            return redirect()->to('admin/settings/manufacturers')->with('error', trans('admin/manufacturers/message.does_not_exist'));
+            return redirect()->route('manufacturers.index')->with('error', trans('admin/manufacturers/message.does_not_exist'));
         }
 
         // Save the  data
-        $manufacturer->name     = e(Input::get('name'));
+        $manufacturer->name     = $request->input('name');
+        $manufacturer->url     = $request->input('url');
+        $manufacturer->support_url     = $request->input('support_url');
+        $manufacturer->support_phone    = $request->input('support_phone');
+        $manufacturer->support_email    = $request->input('support_email');
 
-        // Was it created?
-        if ($manufacturer->save()) {
-            // Redirect to the new manufacturer page
-            return redirect()->to("admin/settings/manufacturers")->with('success', trans('admin/manufacturers/message.update.success'));
+        $old_image = $manufacturer->image;
+
+        // Set the model's image property to null if the image is being deleted
+        if ($request->input('image_delete') == 1) {
+            $manufacturer->image = null;
         }
 
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = $manufacturer->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
+
+            if ($image->getClientOriginalExtension()!='svg') {
+                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                    $constraint->aspectRatio();
+                    $constraint->upsize();
+                })->save(app('manufacturers_upload_path').$file_name);
+            } else {
+                $image->move(app('manufacturers_upload_path'), $file_name);
+            }
+            $manufacturer->image = $file_name;
+
+        }
+
+        if ((($request->file('image')) && (isset($old_image)) && ($old_image!='')) || ($request->input('image_delete') == 1)) {
+            try  {
+                unlink(app('manufacturers_upload_path').$old_image);
+            } catch (\Exception $e) {
+                \Log::info($e);
+            }
+        }
+
+
+        if ($manufacturer->save()) {
+            return redirect()->route('manufacturers.index')->with('success', trans('admin/manufacturers/message.update.success'));
+        }
         return redirect()->back()->withInput()->withErrors($manufacturer->getErrors());
-
-
     }
 
     /**
@@ -130,198 +187,88 @@ class ManufacturersController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param int $manufacturerId
     * @since [v1.0]
-    * @return View
-    */
-    public function getDelete($manufacturerId)
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function destroy($manufacturerId)
     {
+        $this->authorize('delete', Manufacturer::class);
         // Check if the manufacturer exists
         if (is_null($manufacturer = Manufacturer::find($manufacturerId))) {
             // Redirect to the manufacturers page
-            return redirect()->to('admin/settings/manufacturers')->with('error', trans('admin/manufacturers/message.not_found'));
+            return redirect()->route('manufacturers.index')->with('error', trans('admin/manufacturers/message.not_found'));
         }
 
         if ($manufacturer->has_models() > 0) {
-
             // Redirect to the asset management page
-            return redirect()->to('admin/settings/manufacturers')->with('error', trans('admin/manufacturers/message.assoc_users'));
-        } else {
-
-            // Delete the manufacturer
-            $manufacturer->delete();
-
-            // Redirect to the manufacturers management page
-            return redirect()->to('admin/settings/manufacturers')->with('success', trans('admin/manufacturers/message.delete.success'));
+            return redirect()->route('manufacturers.index')->with('error', trans('admin/manufacturers/message.assoc_users'));
         }
 
+        if ($manufacturer->image) {
+            try  {
+                unlink(public_path().'/uploads/manufacturers/'.$manufacturer->image);
+            } catch (\Exception $e) {
+                \Log::info($e);
+            }
+        }
+
+
+        // Delete the manufacturer
+        $manufacturer->delete();
+        // Redirect to the manufacturers management page
+        return redirect()->route('manufacturers.index')->with('success', trans('admin/manufacturers/message.delete.success'));
     }
 
-
-
     /**
     * Returns a view that invokes the ajax tables which actually contains
-    * the content for the manufacturers detail listing, which is generated in getDatatable.
+    * the content for the manufacturers detail listing, which is generated via API.
     * This data contains a listing of all assets that belong to that manufacturer.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ManufacturersController::getDataView()
     * @param int $manufacturerId
     * @since [v1.0]
-    * @return View
-    */
-    public function getView($manufacturerId = null)
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function show($manufacturerId = null)
     {
+        $this->authorize('view', Manufacturer::class);
         $manufacturer = Manufacturer::find($manufacturerId);
 
         if (isset($manufacturer->id)) {
-                return View::make('manufacturers/view', compact('manufacturer'));
-        } else {
-            // Prepare the error message
-            $error = trans('admin/manufacturers/message.does_not_exist', compact('id'));
-
-            // Redirect to the user management page
-            return redirect()->route('manufacturers')->with('error', $error);
+            return view('manufacturers/view', compact('manufacturer'));
         }
 
-
+        $error = trans('admin/manufacturers/message.does_not_exist');
+        // Redirect to the user management page
+        return redirect()->route('manufacturers.index')->with('error', $error);
     }
 
     /**
-    * Generates the JSON used to display the manufacturer listings.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ManufacturersController::getIndex()
-    * @since [v1.0]
-    * @return String JSON
-    */
-    public function getDatatable()
+     * Restore a given Manufacturer (mark as un-deleted)
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.1.15]
+     * @param int $manufacturers_id
+     * @return Redirect
+     */
+    public function restore($manufacturers_id)
     {
-        $manufacturers = Manufacturer::select(array('id','name'))->with('assets')
-        ->whereNull('deleted_at');
+        $this->authorize('create', Manufacturer::class);
+        $manufacturer = Manufacturer::onlyTrashed()->where('id',$manufacturers_id)->first();
 
-        if (Input::has('search')) {
-            $manufacturers = $manufacturers->TextSearch(e(Input::get('search')));
+        if ($manufacturer) {
+
+            // Not sure why this is necessary - it shouldn't fail validation here, but it fails without this, so....
+            $manufacturer->setValidating(false);
+            if ($manufacturer->restore()) {
+                return redirect()->route('manufacturers.index')->with('success', trans('admin/manufacturers/message.restore.success'));
+            }
+            return redirect()->back()->with('error', 'Could not restore.');
         }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        $allowed_columns = ['id','name'];
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
-
-        $manufacturers->orderBy($sort, $order);
-
-        $manufacturersCount = $manufacturers->count();
-        $manufacturers = $manufacturers->skip($offset)->take($limit)->get();
-
-        $rows = array();
-
-        foreach ($manufacturers as $manufacturer) {
-            $actions = '<a href="'.route('update/manufacturer', $manufacturer->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/manufacturer', $manufacturer->id).'" data-content="'.trans('admin/manufacturers/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($manufacturer->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
-
-            $rows[] = array(
-                'id'              => $manufacturer->id,
-                'name'          => (string)link_to('admin/settings/manufacturers/'.$manufacturer->id.'/view', e($manufacturer->name)),
-                'assets'              => $manufacturer->assets->count(),
-                'actions'       => $actions
-            );
-        }
-
-        $data = array('total' => $manufacturersCount, 'rows' => $rows);
-
-        return $data;
+        return redirect()->back()->with('error', trans('admin/manufacturers/message.does_not_exist'));
 
     }
 
+   
 
-    /**
-    * Generates the JSON used to display the manufacturer detail.
-    * This JSON returns data on all of the assets with the specified
-    * manufacturer ID number.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ManufacturersController::getView()
-    * @param int $manufacturerId
-    * @since [v1.0]
-    * @return String JSON
-    */
-    public function getDataView($manufacturerId)
-    {
 
-        $manufacturer = Manufacturer::with('assets.company')->find($manufacturerId);
-        $manufacturer_assets = $manufacturer->assets;
-
-        if (Input::has('search')) {
-            $manufacturer_assets = $manufacturer_assets->TextSearch(e(Input::get('search')));
-        }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-
-        $allowed_columns = ['id','name','serial','asset_tag'];
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
-        $count = $manufacturer_assets->count();
-
-        $rows = array();
-
-        foreach ($manufacturer_assets as $asset) {
-
-            $actions = '';
-            if ($asset->deleted_at=='') {
-                $actions = '<div style=" white-space: nowrap;"><a href="'.route('clone/hardware', $asset->id).'" class="btn btn-info btn-sm" title="Clone asset"><i class="fa fa-files-o"></i></a> <a href="'.route('update/hardware', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/hardware', $asset->id).'" data-content="'.trans('admin/hardware/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($asset->asset_tag).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
-            } elseif ($asset->deleted_at!='') {
-                $actions = '<a href="'.route('restore/hardware', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-recycle icon-white"></i></a>';
-            }
-
-            if ($asset->assetstatus) {
-                if ($asset->assetstatus->deployable != 0) {
-                    if (($asset->assigned_to !='') && ($asset->assigned_to > 0)) {
-                        $inout = '<a href="'.route('checkin/hardware', $asset->id).'" class="btn btn-primary btn-sm">'.trans('general.checkin').'</a>';
-                    } else {
-                        $inout = '<a href="'.route('checkout/hardware', $asset->id).'" class="btn btn-info btn-sm">'.trans('general.checkout').'</a>';
-                    }
-                }
-            }
-
-            $row = array(
-            'id' => $asset->id,
-            'name' => (string)link_to('/hardware/'.$asset->id.'/view', e($asset->showAssetName())),
-            'model' => e($asset->model->name),
-            'asset_tag' => e($asset->asset_tag),
-            'serial' => e($asset->serial),
-            'assigned_to' => ($asset->assigneduser) ? (string)link_to('/admin/users/'.$asset->assigneduser->id.'/view', e($asset->assigneduser->fullName())): '',
-            'actions' => $actions,
-            'companyName' => e(Company::getName($asset)),
-            );
-
-            if (isset($inout)) {
-                $row['change'] = $inout;
-            }
-
-            $rows[] = $row;
-        }
-
-        $data = array('total' => $count, 'rows' => $rows);
-        return $data;
-    }
 }

app/Http/Controllers/ModalController.php

@@ -0,0 +1,39 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use Illuminate\Http\Request;
+
+use App\Helpers\Helper;
+
+class ModalController extends Controller
+{
+    function location() {
+        return view('modals.location');
+    }
+
+    function model() {
+        return view('modals.model');
+    }
+
+    function statuslabel() {
+        return view('modals.statuslabel')->with('statuslabel_types', Helper::statusTypeList());
+    }
+
+    function supplier() {
+        return view('modals.supplier');
+    }
+
+    function user() {
+        return view('modals.user');
+    }
+
+    function category() {
+        return view('modals.category');
+    }
+
+    function manufacturer() {
+        return view('modals.manufacturer');
+    }
+
+}

app/Http/Controllers/ProfileController.php

@@ -4,10 +4,14 @@ namespace App\Http\Controllers;
 use Image;
 use Input;
 use Redirect;
-use App\Models\Location;
 use View;
 use Auth;
 use App\Helpers\Helper;
+use App\Models\Setting;
+use Gate;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Hash;
+use App\Http\Requests\ImageUploadRequest;
 
 /**
  * This controller handles all actions related to User Profiles for
@@ -22,14 +26,12 @@ class ProfileController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
-    * @return View
-    */
+    * @return \Illuminate\Contracts\View\View
+     */
     public function getIndex()
     {
-        // Get the user information
         $user = Auth::user();
-        $location_list = Helper::locationsList();
-        return View::make('account/profile', compact('user'))->with('location_list', $location_list);
+        return view('account/profile', compact('user'));
     }
 
     /**
@@ -37,25 +39,32 @@ class ProfileController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
-    * @return Redirect
-    */
-    public function postIndex()
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function postIndex(ImageUploadRequest $request)
     {
 
-      // Grab the user
         $user = Auth::user();
+        $user->first_name = $request->input('first_name');
+        $user->last_name  = $request->input('last_name');
+        $user->website    = $request->input('website');
+        $user->gravatar   = $request->input('gravatar');
 
-      // Update the user information
-        $user->first_name = e(Input::get('first_name'));
-        $user->last_name  = e(Input::get('last_name'));
-        $user->website    = e(Input::get('website'));
-        $user->location_id    = e(Input::get('location_id'));
-        $user->gravatar   = e(Input::get('gravatar'));
-        $user->locale = e(Input::get('locale'));
+        if (!config('app.lock_passwords')) {
+            $user->locale = $request->input('locale', 'en');
+        }
 
+        if ((Gate::allows('self.two_factor')) && ((Setting::getSettings()->two_factor_enabled=='1') && (!config('app.lock_passwords')))) {
+            $user->two_factor_optin = $request->input('two_factor_optin', '0');
+        }
+
+        if (Gate::allows('self.edit_location')  && (!config('app.lock_passwords'))) {
+            $user->location_id    = $request->input('location_id');
+        }
+        
         if (Input::file('avatar')) {
             $image = Input::file('avatar');
-            $file_name = $user->first_name."-".$user->last_name.".".$image->getClientOriginalExtension();
+            $file_name = str_slug($user->first_name."-".$user->last_name).".".$image->getClientOriginalExtension();
             $path = public_path('uploads/avatars/'.$file_name);
             Image::make($image->getRealPath())->resize(84, 84)->save($path);
             $user->avatar = $file_name;
@@ -70,4 +79,94 @@ class ProfileController extends Controller
         }
         return redirect()->back()->withInput()->withErrors($user->getErrors());
     }
+
+
+    /**
+     * Returns a page with the API token generation interface.
+     *
+     * We created a controller method for this because closures aren't allowed
+     * in the routes file if you want to be able to cache the routes.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return View
+     */
+    public function api() {
+        return view('account/api');
+    }
+
+    /**
+     * User change email page.
+     *
+     * @return View
+     */
+    public function password()
+    {
+        $user = Auth::user();
+        return view('account/change-password', compact('user'));
+    }
+
+    /**
+     * Users change password form processing page.
+     *
+     * @return Redirect
+     */
+    public function passwordSave(Request $request)
+    {
+
+        if (config('app.lock_passwords')) {
+            return redirect()->route('account.password.index')->with('error', trans('admin/users/table.lock_passwords'));
+        }
+
+        $user = Auth::user();
+        if ($user->ldap_import=='1') {
+            return redirect()->route('account.password.index')->with('error', trans('admin/users/message.error.password_ldap'));
+        }
+
+        $rules = array(
+            'current_password'     => 'required',
+            'password'         => Setting::passwordComplexityRulesSaving('store').'|confirmed',
+        );
+
+        $validator = \Validator::make($request->all(), $rules);
+        $validator->after(function($validator) use ($request, $user) {
+
+            if (!Hash::check($request->input('current_password'), $user->password)) {
+                $validator->errors()->add('current_password', trans('validation.hashed_pass'));
+            }
+            
+        });
+
+        if (!$validator->fails()) {
+            $user->password = Hash::make($request->input('password'));
+            $user->save();
+            return redirect()->route('account.password.index')->with('success', 'Password updated!');
+
+        }
+        return redirect()->back()->withInput()->withErrors($validator);
+
+
+    }
+
+    /**
+     * Save the menu state of open/closed when the user clicks on the hamburger
+     * menu.
+     *
+     * This URL is triggered via jquery in
+     * resources/views/layouts/default.blade.php
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return View
+     */
+
+    public function getMenuState(Request $request) {
+        if ($request->input('state')=='open') {
+            $request->session()->put('menu_state', 'open');
+        } else {
+            $request->session()->put('menu_state', 'closed');
+        }
+    }
+
+
 }