Revert "Halp! Stuck in pre-commit loop hell. :("

This reverts commit 47c77fe042.
Halp! Stuck in pre-commit loop hell. :(
2016-12-01 03:08:14 -08:00 · 2016-12-01 03:07:47 -08:00 · 2016-12-01 03:07:21 -08:00 · 2016-12-01 03:07:12 -08:00 · 2016-12-01 03:00:18 -08:00 · 2016-12-01 03:00:02 -08:00
990 changed files with 24690 additions and 11526 deletions
--- a/.env.example
+++ b/.env.example
@@ -20,6 +20,16 @@ DB_PASSWORD=null
 DB_PREFIX=null
 DB_DUMP_PATH='/usr/bin'

+# --------------------------------------------
+# OPTIONAL: SSL DATABASE SETTINGS
+# --------------------------------------------
+DB_SSL=true
+DB_SSL_KEY_PATH=null
+DB_SSL_CERT_PATH=null
+DB_SSL_CA_PATH=null
+DB_SSL_CIPHER=null
+
+
 # --------------------------------------------
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
 # --------------------------------------------
@@ -30,7 +40,9 @@ MAIL_USERNAME=YOURUSERNAME
 MAIL_PASSWORD=YOURPASSWORD
 MAIL_ENCRYPTION=null
 MAIL_FROM_ADDR=you@example.com
-MAIL_FROM_NAME=Snipe-IT
+MAIL_FROM_NAME='Snipe-IT'
+MAIL_REPLYTO_ADDR=you@example.com
+MAIL_REPLYTO_NAME='Snipe-IT'


 # --------------------------------------------
@@ -67,6 +79,11 @@ AWS_KEY=null
 AWS_REGION=null
 AWS_BUCKET=null

+# --------------------------------------------
+# OPTIONAL: LOGIN THROTTLING
+# --------------------------------------------
+LOGIN_MAX_ATTEMPTS=5
+LOGIN_LOCKOUT_DURATION=60

 # --------------------------------------------
 # OPTIONAL: MISC
@@ -74,4 +91,5 @@ AWS_BUCKET=null
 APP_LOG=single
 APP_LOCKED=false
 FILESYSTEM_DISK=local
-APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1
+APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1
+ALLOW_IFRAMING=false
--- a/.env.tests
+++ b/.env.tests
@@ -0,0 +1,9 @@
+APP_ENV=local
+APP_DEBUG=true
+APP_URL=http://snipe-it.localapp
+DB_CONNECTION=mysql
+DB_HOST=localhost
+DB_DATABASE=snipeittests
+DB_USERNAME=snipeit
+DB_PASSWORD=snipe
+APP_KEY=base64:tu9NRh/a6+dCXBDGvg0Gv/0TcABnFsbT4AKxrr8mwQo=
--- a/.github/ISSUE_TEMPLATE.md
+++ b/.github/ISSUE_TEMPLATE.md
@@ -13,7 +13,7 @@
 #### Please confirm you have done the following before posting your bug report:

 - [ ] I have enabled debug mode
- [ ] I have read [checked the Common Issues page](http://docs.snipeitapp.com/common-issues.html)
+- [ ] I have read [checked the Common Issues page](https://snipe-it.readme.io/docs/common-issues)

 -----
 #### Please provide answers to these questions before posting your bug report:
@@ -21,7 +21,7 @@
 - Version of Snipe-IT you're running
 - What OS and web server you're running Snipe-IT on
 - What method you used to install Snipe-IT (install.sh, manual installation, docker, etc)
- If you're getting an error in your browser, include that error
+- WITH DEBUG TURNED ON, if you're getting an error in your browser, include that error
 - What specific Snipe-IT page you're on, and what specific element you're interacting with to trigger the error
 - If a stacktrace is provided in the error, include that too.
 - Any errors that appear in your browser's error console.
--- a/.gitignore
+++ b/.gitignore
@@ -1,49 +1,39 @@
-/vendor
-/node_modules
-Homestead.yaml
-Homestead.json
-.env
-
-tests/_output/*
+.couscous
 .DS_Store
-public/uploads/models/*
-public/uploads/avatars/*
-public/uploads/suppliers/*
-public/uploads/assets/*
-public/uploads/users/*
-public/uploads/*.gif
-public/uploads/*.jpg
-public/uploads/*.png
-public/uploads/*.tif
-public/uploads/*.svg
-storage/app/private_uploads/users/*
-phpDocumentor.phar
-output
-tests/_support/_generated/*
-
-
+.env
+.idea
+/bin/
 /bootstrap/compiled.php
-composer.phar
-app/config/database.php
-app/config/mail.php
+/node_modules
+/vendor
 app/database/*.sqlite
 app/storage/meta/services.json
-app/config/*/mail.php
-app/config/*/session.php
-app/config/*/database.php
-app/config/*/app.php
-app/config/*/ldap.php
-public/packages/*
-storage/logs/*
-storage/debugbar/
-/bin/
-.idea
+composer.phar
 crowdin.yaml
+Homestead.json
+Homestead.yaml
+output
+phpDocumentor.phar
+public/uploads/*.gif
+public/uploads/barcodes/*.png
+public/uploads/*.jpg
+public/uploads/*.png
+public/uploads/*.svg
+public/uploads/*.tif
+public/uploads/assets/*
+public/uploads/avatars/*
 public/uploads/logo.gif
-public/uploads/logo.svg
 public/uploads/logo.png
-.couscous
+public/uploads/logo.svg
+public/uploads/models/*
+public/uploads/suppliers/*
+public/uploads/users/*
+storage/app/private_uploads/users/*
+storage/debugbar/
 storage/dumps/*
-tests/_data/scenarios
 storage/laravel-backups
+storage/logs/*
 storage/private_uploads/users/*
+tests/_data/scenarios
+tests/_output/*
+tests/_support/_generated/*
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
@@ -0,0 +1,74 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, gender identity and expression, level of experience,
+nationality, personal appearance, race, religion, or sexual identity and
+orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+  address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at [INSERT EMAIL ADDRESS]. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at [http://contributor-covenant.org/version/1/4][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/
--- a/12
+++ b/12
@@ -54,12 +54,10 @@ COPY docker/docker.env /var/www/html/.env
 RUN chown -R docker /var/www/html

 RUN \
-	rm -r "/var/www/html/storage/private_uploads"      && ln -fs "/var/lib/snipeit/data/private_uploads"   "/var/www/html/storage/private_uploads"      && \
-	mkdir -p "/var/www/html/public/uploads" && \
-	rm -rf "/var/www/html/public/uploads/avatars"   && ln -fs "/var/lib/snipeit/data/uploads/avatars"   "/var/www/html/public/uploads/avatars"   && \
-	rm -rf "/var/www/html/public/uploads/models"    && ln -fs "/var/lib/snipeit/data/uploads/models"    "/var/www/html/public/uploads/models"    && \
-	rm -rf "/var/www/html/public/uploads/suppliers" && ln -fs "/var/lib/snipeit/data/uploads/suppliers" "/var/www/html/public/uploads/suppliers" && \
-	rm -r "/var/www/html/storage/app/backups"        && ln -fs "/var/lib/snipeit/dumps"                  "/var/www/html/storage/app/backups"
+	rm -r "/var/www/html/storage/private_uploads" && ln -fs "/var/lib/snipeit/data/private_uploads" "/var/www/html/storage/private_uploads" \
+      && mkdir -p "/var/lib/snipeit/data/uploads/{assets,avatars,barcodes,models,suppliers}" \
+      && rm -rf "/var/www/html/public/uploads" && ln -fs "/var/lib/snipeit/data/uploads" "/var/www/html/public/uploads" \
+      && rm -r "/var/www/html/storage/app/backups" && ln -fs "/var/lib/snipeit/dumps" "/var/www/html/storage/app/backups"

 ############## DEPENDENCIES via COMPOSER ###################

@@ -80,7 +78,7 @@ RUN cd /var/www/html;composer install

 ############### DATA VOLUME #################

-VOLUME [/var/lib/snipeit]
+VOLUME ["/var/lib/snipeit"]

 ##### START SERVER

--- a/app/Console/Commands/LdapSync.php
+++ b/app/Console/Commands/LdapSync.php
@@ -0,0 +1,164 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+use App\Models\Setting;
+use App\Models\Ldap;
+use App\Models\User;
+use App\Models\Location;
+use Log;
+
+class LdapSync extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:ldap-sync {--location=} {--location_id=} {--summary}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Command line LDAP sync';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+        ini_set('max_execution_time', 600); //600 seconds = 10 minutes
+        ini_set('memory_limit', '500M');
+
+        $ldap_result_username = Setting::getSettings()->ldap_username_field;
+        $ldap_result_last_name = Setting::getSettings()->ldap_lname_field;
+        $ldap_result_first_name = Setting::getSettings()->ldap_fname_field;
+
+        $ldap_result_active_flag = Setting::getSettings()->ldap_active_flag_field;
+        $ldap_result_emp_num = Setting::getSettings()->ldap_emp_num;
+        $ldap_result_email = Setting::getSettings()->ldap_email;
+
+        try {
+            $ldapconn = Ldap::connectToLdap();
+        } catch (\Exception $e) {
+            LOG::error($e);
+        }
+
+        try {
+            Ldap::bindAdminToLdap($ldapconn);
+        } catch (\Exception $e) {
+            LOG::error($e);
+        }
+
+        $summary = array();
+
+        $results = Ldap::findLdapUsers();
+
+        if ($this->option('location')!='') {
+            $location = Location::where('name','=',$this->option('location'))->first();
+            LOG::debug('Location name '.$this->option('location').' passed');
+            LOG::debug('Importing to '.$location->name.' ('.$location->id.')');
+        } elseif ($this->option('location_id')!='') {
+            $location = Location::where('id','=',$this->option('location_id'))->first();
+            LOG::debug('Location ID '.$this->option('location_id').' passed');
+            LOG::debug('Importing to '.$location->name.' ('.$location->id.')');
+        } else {
+            $location = new Location;
+        }
+
+        if (!isset($location)) {
+            LOG::debug('That location is invalid, so no location will be assigned.');
+        }
+
+
+        $tmp_pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
+        $pass = bcrypt($tmp_pass);
+
+
+        for ($i = 0; $i < $results["count"]; $i++) {
+            if (empty($ldap_result_active_flag) || $results[$i][$ldap_result_active_flag][0] == "TRUE") {
+
+                $item = array();
+                $item["username"] = isset($results[$i][$ldap_result_username][0]) ? $results[$i][$ldap_result_username][0] : "";
+                $item["employee_number"] = isset($results[$i][$ldap_result_emp_num][0]) ? $results[$i][$ldap_result_emp_num][0] : "";
+                $item["lastname"] = isset($results[$i][$ldap_result_last_name][0]) ? $results[$i][$ldap_result_last_name][0] : "";
+                $item["firstname"] = isset($results[$i][$ldap_result_first_name][0]) ? $results[$i][$ldap_result_first_name][0] : "";
+                $item["email"] = isset($results[$i][$ldap_result_email][0]) ? $results[$i][$ldap_result_email][0] : "" ;
+
+                // User exists
+                $item["createorupdate"] = 'updated';
+                if (!$user = User::where('username', $item["username"])->first()) {
+                    $user = new User;
+                    $user->password = $pass;
+                    $item["createorupdate"] = 'created';
+                }
+
+                // Create the user if they don't exist.
+
+
+                $user->first_name = e($item["firstname"]);
+                $user->last_name = e($item["lastname"]);
+                $user->username = e($item["username"]);
+                $user->email = e($item["email"]);
+                $user->employee_num = e($item["employee_number"]);
+                $user->activated = 1;
+
+                if ($location) {
+                    $user->location_id = e($location->id);
+                }
+
+                $user->notes = 'Imported from LDAP';
+                $user->ldap_import = 1;
+
+                $errors = '';
+
+                if ($user->save()) {
+                    $item["note"] = $item["createorupdate"];
+                    $item["status"]='success';
+                } else {
+                    foreach ($user->getErrors()->getMessages() as $key => $err) {
+                        $errors .= $err[0];
+                    }
+                    $item["note"] = $errors;
+                    $item["status"]='error';
+                }
+
+                array_push($summary, $item);
+            }
+
+        }
+
+        if ($this->option('summary')) {
+            for ($x = 0; $x < count($summary); $x++) {
+                if ($summary[$x]['status']=='error') {
+                    $this->error('ERROR: '.$summary[$x]['firstname'].' '.$summary[$x]['lastname'].' (username:  '.$summary[$x]['username'].' was not imported: '.$summary[$x]['note'] );
+                } else {
+                    $this->info('User '.$summary[$x]['firstname'].' '.$summary[$x]['lastname'].' (username:  '.$summary[$x]['username'].' was '.strtoupper($summary[$x]['createorupdate']).'.');
+                }
+
+            }
+        } else {
+            return $summary;
+        }
+
+
+
+    }
+
+
+}
--- a/app/Console/Commands/ObjectImportCommand.php
+++ b/app/Console/Commands/ObjectImportCommand.php
@@ -1,25 +1,27 @@
 <?php
 namespace App\Console\Commands;

-use Illuminate\Console\Command;
-use Symfony\Component\Console\Input\InputOption;
-use Symfony\Component\Console\Input\InputArgument;
-use League\Csv\Reader;
+use App\Helpers\Helper;
 use App\Models\Accessory;
 use App\Models\Asset;
 use App\Models\AssetModel;
 use App\Models\Category;
 use App\Models\Company;
 use App\Models\Consumable;
+use App\Models\CustomField;
 use App\Models\Location;
 use App\Models\Manufacturer;
+use App\Models\Setting;
 use App\Models\Statuslabel;
 use App\Models\Supplier;
 use App\Models\User;
-use App\Models\CustomField;
 use DB;
-use App\Models\Setting;
+use Illuminate\Console\Command;
 use Illuminate\Database\Eloquent\Model;
+use League\Csv\Reader;
+use Symfony\Component\Console\Input\InputArgument;
+use Symfony\Component\Console\Input\InputOption;
+use ForceUTF8\Encoding;

 ini_set('max_execution_time', 600); //600 seconds = 10 minutes
 ini_set('memory_limit', '500M');
@@ -63,7 +65,10 @@ class ObjectImportCommand extends Command
    {
        $filename = $this->argument('filename');

+        $tmp_password  = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
+        $password = bcrypt($tmp_password);

+        $this->updating = $this->option('update');
        if (!$this->option('web-importer')) {
            $logFile = $this->option('logfile');
            \Log::useFiles($logFile);
@@ -95,13 +100,21 @@ class ObjectImportCommand extends Command
        $this->locations = Location::All(['name', 'id']);
        $this->categories = Category::All(['name', 'category_type', 'id']);
        $this->manufacturers = Manufacturer::All(['name', 'id']);
-        $this->asset_models = AssetModel::All(['name','modelno','category_id','manufacturer_id', 'id']);
+        $this->asset_models = AssetModel::All(['name','model_number','category_id','manufacturer_id', 'id']);
        $this->companies = Company::All(['name', 'id']);
        $this->status_labels = Statuslabel::All(['name', 'id']);
        $this->suppliers = Supplier::All(['name', 'id']);
-        $this->assets = Asset::all(['asset_tag']);
-        $this->accessories = Accessory::All(['name']);
-        $this->consumables = Consumable::All(['name']);
+        switch (strtolower($this->option('item-type'))) {
+            case "asset":
+                $this->assets = Asset::all();
+                break;
+            case "accessory":
+                $this->accessories = Accessory::All();
+                break;
+            case "consumable":
+                $this->consumables = Consumable::All();
+                break;
+        }
        $this->customfields = CustomField::All(['name']);
        $bar = null;

@@ -109,7 +122,7 @@ class ObjectImportCommand extends Command
            $bar = $this->output->createProgressBar(count($newarray));
        }
        // Loop through the records
-        DB::transaction(function () use (&$newarray, $bar) {
+        DB::transaction(function () use (&$newarray, $bar, $password) {
            Model::unguard();
            $item_type = strtolower($this->option('item-type'));

@@ -125,7 +138,7 @@ class ObjectImportCommand extends Command
                $item_category = $this->array_smart_fetch($row, "category");
                $item_company_name = $this->array_smart_fetch($row, "company");
                $item_location = $this->array_smart_fetch($row, "location");
-
+                $item_manufacturer = $this->array_smart_fetch($row, "manufacturer");
                $item_status_name = $this->array_smart_fetch($row, "status");

                $item["item_name"] = $this->array_smart_fetch($row, "item name");
@@ -149,19 +162,31 @@ class ObjectImportCommand extends Command
                }
                $this->log('Category: ' . $item_category);
                $this->log('Location: ' . $item_location);
+                $this->log('Manufacturer: ' . $item_manufacturer);
                $this->log('Purchase Date: ' . $item["purchase_date"]);
                $this->log('Purchase Cost: ' . $item["purchase_cost"]);
                $this->log('Company Name: ' . $item_company_name);
                $this->log('Status: ' . $item_status_name);

-                $item["user"] = $this->createOrFetchUser($row);

-                $item["location"] = $this->createOrFetchLocation($item_location);
-                $item["category"] = $this->createOrFetchCategory($item_category, $item_type);
-                $item["manufacturer"] = $this->createOrFetchManufacturer($row);
-                $item["company"] = $this->createOrFetchCompany($item_company_name);
+                $item["user"] = $this->createOrFetchUser($row, $password);

-                $item["status_label"] = $this->createOrFetchStatusLabel($item_status_name);
+                if (!($this->updating && empty($item_location))) {
+                    $item["location"] = $this->createOrFetchLocation($item_location);
+                }
+                if (!($this->updating && empty($item_category))) {
+                    $item["category"] = $this->createOrFetchCategory($item_category, $item_type);
+                }
+                if (!($this->updating && empty($item_manufacturer))) {
+                    $item["manufacturer"] = $this->createOrFetchManufacturer($item_manufacturer);
+                }
+                if (!($this->updating && empty($item_company_name))) {
+                    $item["company"] = $this->createOrFetchCompany($item_company_name);
+                }
+
+                if (!($this->updating && empty($item_status_name))) {
+                    $item["status_label"] = $this->createOrFetchStatusLabel($item_status_name);
+                }

                switch ($item_type) {
                    case "asset":
@@ -222,7 +247,7 @@ class ObjectImportCommand extends Command
    }
    // Tracks the current item for error messages
    private $current_assetId;
-
+    private $updating;
    // An array of errors encountered while parsing
    private $errors;

@@ -271,7 +296,7 @@ class ObjectImportCommand extends Command
     */
    public function array_smart_fetch(array $array, $key, $default = '')
    {
-        return array_key_exists($key, $array) ? e(trim($array[ $key ])) : $default;
+        return array_key_exists(trim($key), $array) ? e(Encoding::fixUTF8(trim($array[ $key ]))) : $default;
    }


@@ -308,8 +333,10 @@ class ObjectImportCommand extends Command

        $asset_model_name = $this->array_smart_fetch($row, "model name");
        $asset_modelno = $this->array_smart_fetch($row, "model number");
-        if (empty($asset_model_name)) {
-            $asset_model_name='Unknown';
+        if ((empty($asset_model_name))  && (!empty($asset_modelno))) {
+            $asset_model_name = $asset_modelno;
+        } elseif ((empty($asset_model_name))  && (empty($asset_modelno))) {
+            $asset_model_name ='Unknown';
        }
        if (empty($asset_modelno)) {
            $asset_modelno='';
@@ -317,31 +344,44 @@ class ObjectImportCommand extends Command
        $this->log('Model Name: ' . $asset_model_name);
        $this->log('Model No: ' . $asset_modelno);

-
+        $asset_model = null;
+        $editingModel = false;
        foreach ($this->asset_models as $tempmodel) {
-            if ((strcasecmp($tempmodel->name, $asset_model_name) == 0)
-                && $tempmodel->modelno == $asset_modelno
-                && $tempmodel->category_id == $category->id
-                && $tempmodel->manufacturer_id == $manufacturer->id ) {
-                $this->log('A matching model ' . $asset_model_name . ' with model number ' . $asset_modelno . ' already exists');
-                return $tempmodel;
+            if (strcasecmp($tempmodel->name, $asset_model_name) == 0
+                && $tempmodel->model_number == $asset_modelno) {
+                $this->log('A matching model ' . $asset_model_name . ' already exists');
+                if (!$this->option('update')) {
+                    return $tempmodel;
+                }
+                $this->log('Updating matching model with new values');
+                $editingModel = true;
+                $asset_model = $tempmodel;
            }
        }
-        $asset_model = new AssetModel();
-        $asset_model->name = $asset_model_name;
-        $asset_model->manufacturer_id = $manufacturer->id;
-        $asset_model->modelno = $asset_modelno;
-        $asset_model->category_id = $category->id;
+        if (is_null($asset_model)) {
+            $this->log("No Matching Model, Creating a new one");
+            $asset_model = new AssetModel();
+        }
+        if (($editingModel && (!$asset_model_name === "Unknown")) || (!$editingModel)) {
+            $asset_model->name = $asset_model_name;
+        }
+        isset($manufacturer) && $manufacturer->exists && $asset_model->manufacturer_id = $manufacturer->id;
+        isset($asset_modelno) && $asset_model->model_number = $asset_modelno;
+        if (isset($category) && $category->exists) {
+            $asset_model->category_id = $category->id;
+        }
        $asset_model->user_id = $this->option('user_id');

-
+        if (!$editingModel) {
+                $this->asset_models->add($asset_model);
+        }
        if (!$this->option('testrun')) {
            if ($asset_model->save()) {
-                $this->asset_models->add($asset_model);
                $this->log('Asset Model ' . $asset_model_name . ' with model number ' . $asset_modelno . ' was created');
                return $asset_model;
            } else {
                $this->jsonError('Asset Model "' . $asset_model_name . '"', $asset_model->getErrors());
+                $this->log('Asset Model "' . $asset_model_name . '"', $asset_model->getErrors());
                return $asset_model;
            }
        } else {
@@ -456,6 +496,10 @@ class ObjectImportCommand extends Command
        $status = new Statuslabel();
        $status->name = $asset_statuslabel_name;

+        $status->deployable = 1;
+        $status->pending = 0;
+        $status->archived = 0;
+

        if (!$this->option('testrun')) {
            if ($status->save()) {
@@ -479,23 +523,20 @@ class ObjectImportCommand extends Command
     *
     * @author Daniel Melzter
     * @since 3.0
-     * @param $row array
+     * @param $item_manufacturer string
     * @return Manufacturer
-     * @internal param $asset_mfgr string
     */

-    public function createOrFetchManufacturer(array $row)
+    public function createOrFetchManufacturer($item_manufacturer)
    {
-        $asset_mfgr = $this->array_smart_fetch($row, "manufacturer");

-        if (empty($asset_mfgr)) {
-            $asset_mfgr='Unknown';
+        if (empty($item_manufacturer)) {
+            $item_manufacturer='Unknown';
        }
-        $this->log('Manufacturer ID: ' . $asset_mfgr);

        foreach ($this->manufacturers as $tempmanufacturer) {
-            if (strcasecmp($tempmanufacturer->name, $asset_mfgr) == 0) {
-                $this->log('Manufacturer ' . $asset_mfgr . ' already exists') ;
+            if (strcasecmp($tempmanufacturer->name, $item_manufacturer) == 0) {
+                $this->log('Manufacturer ' . $item_manufacturer . ' already exists') ;
                return $tempmanufacturer;
            }
        }
@@ -503,7 +544,7 @@ class ObjectImportCommand extends Command
        //Otherwise create a manufacturer.

        $manufacturer = new Manufacturer();
-        $manufacturer->name = $asset_mfgr;
+        $manufacturer->name = $item_manufacturer;
        $manufacturer->user_id = $this->option('user_id');

        if (!$this->option('testrun')) {
@@ -583,27 +624,26 @@ class ObjectImportCommand extends Command
     * @param $row array
     * @return Supplier
     */
-    public function createOrFetchSupplier(array $row)
+    public function createOrFetchSupplier($item_supplier)
    {
-        $supplier_name = $this->array_smart_fetch($row, "supplier");
-        if (empty($supplier_name)) {
-            $supplier_name='Unknown';
+        if (empty($item_supplier)) {
+            $item_supplier='Unknown';
        }
        foreach ($this->suppliers as $tempsupplier) {
-            if (strcasecmp($tempsupplier->name, $supplier_name) == 0) {
-                $this->log('A matching Company ' . $supplier_name . ' already exists');
+            if (strcasecmp($tempsupplier->name, $item_supplier) == 0) {
+                $this->log('A matching Supplier ' . $item_supplier . ' already exists');
                return $tempsupplier;
            }
        }

        $supplier = new Supplier();
-        $supplier->name = $supplier_name;
+        $supplier->name = $item_supplier;
        $supplier->user_id = $this->option('user_id');

        if (!$this->option('testrun')) {
            if ($supplier->save()) {
                $this->suppliers->add($supplier);
-                $this->log('Supplier ' . $supplier_name . ' was created');
+                $this->log('Supplier ' . $item_supplier . ' was created');
                return $supplier;
            } else {
                $this->log('Supplier', $supplier->getErrors());
@@ -627,7 +667,7 @@ class ObjectImportCommand extends Command
     * @internal param string $first_name
     * @internal param string $last_name
     */
-    public function createOrFetchUser($row)
+    public function createOrFetchUser($row, $password = null)
    {
        $user_name = $this->array_smart_fetch($row, "name");
        $user_email = $this->array_smart_fetch($row, "email");
@@ -652,7 +692,12 @@ class ObjectImportCommand extends Command
            $last_name = $user_email_array['last_name'];

            if ($user_email=='') {
-                $user_email = $user_email_array['username'].'@'.Setting::getSettings()->email_domain;
+                if (Setting::getSettings()->email_domain) {
+                    $user_email = str_slug($user_email_array['username']).'@'.Setting::getSettings()->email_domain;
+                } else {
+                    $user_email = '';
+                }
+
            }

            if ($user_username=='') {
@@ -685,14 +730,13 @@ class ObjectImportCommand extends Command
                $this->log('User '.$user_username.' already exists');
            } elseif (( $first_name != '') && ($last_name != '') && ($user_username != '')) {
                $user = new \App\Models\User;
-                $password  = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
-
                $user->first_name = $first_name;
                $user->last_name = $last_name;
                $user->username = $user_username;
                $user->email = $user_email;
-                $user->password = bcrypt($password);
                $user->activated = 1;
+                $user->password = $password;
+
                if ($user->save()) {
                    $this->log('User '.$first_name.' created');
                } else {
@@ -720,6 +764,24 @@ class ObjectImportCommand extends Command
     */
    public function createAssetIfNotExists(array $row, array $item)
    {
+        $asset = null;
+        $editingAsset = false;
+        foreach ($this->assets as $tempasset) {
+            if (strcasecmp($tempasset->asset_tag, $item['asset_tag']) == 0) {
+                $this->log('A matching Asset ' . $item['asset_tag'] . ' already exists');
+                if (!$this->option('update')) {
+                    $this->log("Skipping item.");
+                    return;
+                }
+                $this->log('Updating matching asset with new values');
+                $editingAsset = true;
+                $asset = $tempasset;
+            }
+        }
+        if (is_null($asset)) {
+            $this->log("No Matching Asset, Creating a new one");
+            $asset = new Asset;
+        }
        $asset_serial = $this->array_smart_fetch($row, "serial number");
        $asset_image = $this->array_smart_fetch($row, "image");
        $asset_warranty_months = intval($this->array_smart_fetch($row, "warranty months"));
@@ -727,36 +789,42 @@ class ObjectImportCommand extends Command
            $asset_warranty_months = null;
        }
        // Check for the asset model match and create it if it doesn't exist
-        $asset_model = $this->createOrFetchAssetModel($row, $item["category"], $item["manufacturer"]);
-        $supplier = $this->createOrFetchSupplier($row);
+        if (!($editingAsset && empty($this->array_smart_fetch($row, 'model name')))) {
+            // Ignore the asset_model
+            isset($item["category"]) || $item["category"] = new Category();
+            isset($item["manufacturer"]) || $item["manufacturer"] = new Manufacturer();
+            $asset_model = $this->createOrFetchAssetModel($row, $item["category"], $item["manufacturer"]);
+        }
+        $item_supplier = $this->array_smart_fetch($row, "supplier");
+        // If we're editing, only update if value isn't empty
+        if (!($editingAsset && empty($item_supplier))) {
+            $supplier = $this->createOrFetchSupplier($item_supplier);
+        }

        $this->log('Serial No: '.$asset_serial);
        $this->log('Asset Tag: '.$item['asset_tag']);
        $this->log('Notes: '.$item["notes"]);
        $this->log('Warranty Months: ' . $asset_warranty_months);

-        foreach ($this->assets as $tempasset) {
-            if (strcasecmp($tempasset->asset_tag, $item['asset_tag']) == 0) {
-                $this->log('A matching Asset ' . $item['asset_tag'] . ' already exists');
-                return;
-            }
-        }

-        if ($item["status_label"]) {
+
+        if (isset($item["status_label"])) {
            $status_id = $item["status_label"]->id;
-
-        } else {
+        } else if (!$editingAsset) {
+            // Assume if we are editing, we already have a status and can ignore.
            // FIXME: We're already grabbing the list of statuses, we should probably not hardcode here
            $this->log("No status field found, defaulting to id 1.");
-            $status_id = 1;
+            $status_id = $this->status_labels->first()->id;
        }

-        $asset = new Asset();
-        $asset->name = $item["item_name"];
-        if ($item["purchase_date"] != '') {
+        if (!$editingAsset) {
+            $asset->asset_tag = $item['asset_tag']; // This doesn't need to be guarded for empty because it's the key we use to identify the asset.
+        }
+        if (!empty($item['item_name'])) {
+            $asset->name = $item["item_name"];
+        }
+        if (!empty($item["purchase_date"])) {
            $asset->purchase_date = $item["purchase_date"];
-        } else {
-            $asset->purchase_date = null;
        }

        if (array_key_exists('custom_fields', $item)) {
@@ -768,40 +836,57 @@ class ObjectImportCommand extends Command
        if (!empty($item["purchase_cost"])) {
            //TODO How to generalize this for not USD?
            $purchase_cost = substr($item["purchase_cost"], 0, 1) === '$' ? substr($item["purchase_cost"], 1) : $item["purchase_cost"];
-            $asset->purchase_cost = number_format($purchase_cost, 2);
+            // $asset->purchase_cost = number_format($purchase_cost, 2, '.', '');
+            $asset->purchase_cost = Helper::ParseFloat($purchase_cost);
            $this->log("Asset cost parsed: " . $asset->purchase_cost);
        } else {
            $asset->purchase_cost = 0.00;
        }
-        $asset->serial = $asset_serial;
-        $asset->asset_tag = $item['asset_tag'];
-                $asset->warranty_months = $asset_warranty_months;
+        if (!empty($asset_serial)) {
+            $asset->serial = $asset_serial;
+        }
+        if (!empty($asset_warranty_months)) {
+            $asset->warranty_months = $asset_warranty_months;
+        }

-        if ($asset_model) {
+        if (isset($asset_model)) {
            $asset->model_id = $asset_model->id;
        }
+
        if ($item["user"]) {
            $asset->assigned_to = $item["user"]->id;
        }
-        if ($item["location"]) {
+
+        if (isset($item["location"])) {
            $asset->rtd_location_id = $item["location"]->id;
        }
+
        $asset->user_id = $this->option('user_id');
-        $this->log("status_id: " . $status_id);
-        $asset->status_id = $status_id;
-        if ($item["company"]) {
+        if (isset($status_id)) {
+            $asset->status_id = $status_id;
+        }
+        if (isset($item["company"])) {
            $asset->company_id = $item["company"]->id;
        }
-        $asset->order_number = $item["order_number"];
-        if ($supplier) {
+        if ($item["order_number"]) {
+            $asset->order_number = $item["order_number"];
+        }
+        if (isset($supplier)) {
            $asset->supplier_id = $supplier->id;
        }
-        $asset->notes = $item["notes"];
-        $asset->image = $asset_image;
-        $this->assets->add($asset);
+        if ($item["notes"]) {
+            $asset->notes = $item["notes"];
+        }
+        if (!empty($asset_image)) {
+            $asset->image = $asset_image;
+        }
+        if (!$editingAsset) {
+            $this->assets->add($asset);
+        }
        if (!$this->option('testrun')) {

            if ($asset->save()) {
+                $asset->logCreate('Imported using csv importer');
                $this->log('Asset ' . $item["item_name"] . ' with serial number ' . $asset_serial . ' was created');
            } else {
                $this->jsonError('Asset', $asset->getErrors());
@@ -823,17 +908,29 @@ class ObjectImportCommand extends Command
     */
    public function createAccessoryIfNotExists(array $item)
    {
+        $accessory = null;
+        $editingAccessory = false;
        $this->log("Creating Accessory");
        foreach ($this->accessories as $tempaccessory) {
            if (strcasecmp($tempaccessory->name, $item["item_name"]) == 0) {
                $this->log('A matching Accessory ' . $item["item_name"] . ' already exists.  ');
-                // FUTURE: Adjust quantity on import maybe?
-                return;
+                if (!$this->option('update')) {
+                    $this->log("Skipping accessory.");
+                    return;
+                }
+                $this->log('Updating matching accessory with new values');
+                $editingAccessory = true;
+                $accessory = $tempaccessory;
            }
        }
+        if (is_null($accessory)) {
+            $this->log("No Matching Accessory, Creating a new one");
+            $accessory = new Accessory();
+        }

-        $accessory = new Accessory();
-        $accessory->name = $item["item_name"];
+        if (!$editingAccessory) {
+            $accessory->name = $item["item_name"];
+        }

        if (!empty($item["purchase_date"])) {
            $accessory->purchase_date = $item["purchase_date"];
@@ -841,35 +938,41 @@ class ObjectImportCommand extends Command
            $accessory->purchase_date = null;
        }
        if (!empty($item["purchase_cost"])) {
-            $accessory->purchase_cost = number_format(e($item["purchase_cost"]), 2);
-        } else {
-            $accessory->purchase_cost = 0.00;
+            $accessory->purchase_cost = Helper::ParseFloat($item["purchase_cost"]);
        }
-        if ($item["location"]) {
+
+        if (isset($item["location"])) {
            $accessory->location_id = $item["location"]->id;
        }
        $accessory->user_id = $this->option('user_id');
-        if ($item["company"]) {
+        if (isset($item["company"])) {
            $accessory->company_id = $item["company"]->id;
        }
-        $accessory->order_number = $item["order_number"];
-        if ($item["category"]) {
+        if (!empty($item["order_number"])) {
+            $accessory->order_number = $item["order_number"];
+        }
+        if (isset($item["category"])) {
            $accessory->category_id = $item["category"]->id;
        }

        //TODO: Implement
 //		$accessory->notes = e($item_notes);
-        $accessory->requestable = filter_var($item["requestable"], FILTER_VALIDATE_BOOLEAN);
+        if (!empty($item["requestable"])) {
+            $accessory->requestable = filter_var($item["requestable"], FILTER_VALIDATE_BOOLEAN);
+        }

        //Must have at least zero of the item if we import it.
-        if ($item["quantity"] > -1) {
-            $accessory->qty = $item["quantity"];
-        } else {
-            $accessory->qty = 1;
+        if (!empty($item["quantity"])) {
+            if ($item["quantity"] > -1) {
+                $accessory->qty = $item["quantity"];
+            } else {
+                $accessory->qty = 1;
+            }
        }

        if (!$this->option('testrun')) {
            if ($accessory->save()) {
+                $accessory->logCreate('Imported using CSV Importer');
                $this->log('Accessory ' . $item["item_name"] . ' was created');
                // $this->comment('Accessory ' . $item["item_name"] . ' was created');

@@ -892,18 +995,29 @@ class ObjectImportCommand extends Command
     */
    public function createConsumableIfNotExists(array $item)
    {
+        $consumable = null;
+        $editingConsumable = false;
        $this->log("Creating Consumable");
        foreach ($this->consumables as $tempconsumable) {
            if (strcasecmp($tempconsumable->name, $item["item_name"]) == 0) {
                $this->log("A matching consumable " . $item["item_name"] . " already exists");
-                //TODO: Adjust quantity if different maybe?
-                return;
+                if (!$this->option('update')) {
+                    $this->log("Skipping consumable.");
+                    return;
+                }
+                $this->log('Updating matching consumable with new values');
+                $editingConsumable = true;
+                $consumable = $tempconsumable;
            }
        }

-        $consumable = new Consumable();
-        $consumable->name = $item["item_name"];
-
+        if (is_null($consumable)) {
+            $this->log("No matching consumable, creating one");
+            $consumable = new Consumable();
+        }
+        if (!$editingConsumable) {
+            $consumable->name = $item["item_name"];
+        }
        if (!empty($item["purchase_date"])) {
            $consumable->purchase_date = $item["purchase_date"];
        } else {
@@ -911,27 +1025,39 @@ class ObjectImportCommand extends Command
        }

        if (!empty($item["purchase_cost"])) {
-            $consumable->purchase_cost = number_format(e($item["purchase_cost"]), 2);
-        } else {
-            $consumable->purchase_cost = 0.00;
+            $consumable->purchase_cost = Helper::ParseFloat($item["purchase_cost"]);
+        }
+        if (isset($item["location"])) {
+            $consumable->location_id = $item["location"]->id;
        }
-        $consumable->location_id = $item["location"]->id;
        $consumable->user_id = $this->option('user_id');
-        $consumable->company_id = $item["company"]->id;
-        $consumable->order_number = $item["order_number"];
-        $consumable->category_id = $item["category"]->id;
+        if (isset($item["company"])) {
+            $consumable->company_id = $item["company"]->id;
+        }
+        if (!empty($item["order_number"])) {
+            $consumable->order_number = $item["order_number"];
+        }
+        if (isset($item["category"])) {
+            $consumable->category_id = $item["category"]->id;
+        }
        // TODO:Implement
        //$consumable->notes= e($item_notes);
-        $consumable->requestable = filter_var($item["requestable"], FILTER_VALIDATE_BOOLEAN);
+        if (!empty($item["requestable"])) {
+            $consumable->requestable = filter_var($item["requestable"], FILTER_VALIDATE_BOOLEAN);
+        }

-        if ($item["quantity"] > -1) {
-            $consumable->qty = $item["quantity"];
-        } else {
-            $consumable->qty = 1;
+        if (!empty($item["quantity"])) {
+            if ($item["quantity"] > -1) {
+                $consumable->qty = $item["quantity"];
+            } else {
+                $consumable->qty = 1;
+            }
        }

        if (!$this->option("testrun")) {
+            // dd($consumable);
            if ($consumable->save()) {
+                $consumable->logCreate('Imported using CSV Importer');
                $this->log("Consumable " . $item["item_name"] . ' was created');
                // $this->comment("Consumable " . $item["item_name"] . ' was created');

@@ -973,8 +1099,9 @@ class ObjectImportCommand extends Command
        array('testrun', null, InputOption::VALUE_NONE, 'If set, will parse and output data without adding to database', null),
        array('logfile', null, InputOption::VALUE_REQUIRED, 'The path to log output to.  storage/logs/importer.log by default', storage_path('logs/importer.log') ),
        array('item-type', null, InputOption::VALUE_REQUIRED, 'Item Type To import.  Valid Options are Asset, Consumable, Or Accessory', 'Asset'),
-                array('web-importer', null, InputOption::VALUE_NONE, 'Internal: packages output for use with the web importer'),
-                array('user_id', null, InputOption::VALUE_REQUIRED, 'ID of user creating items', 1)
+        array('web-importer', null, InputOption::VALUE_NONE, 'Internal: packages output for use with the web importer'),
+        array('user_id', null, InputOption::VALUE_REQUIRED, 'ID of user creating items', 1),
+        array('update', null, InputOption::VALUE_NONE, 'If a matching item is found, update item information'),
        );

    }
--- a/app/Console/Commands/PaveIt.php
+++ b/app/Console/Commands/PaveIt.php
@@ -77,6 +77,8 @@ class PaveIt extends Command
                DB::statement('delete from asset_logs');
                DB::statement('delete from asset_maintenances');
                DB::statement('delete from asset_uploads');
+                DB::statement('delete from action_logs');
+                DB::statement('delete from checkout_requests');
                DB::statement('delete from consumables_users');
                DB::statement('delete from custom_field_custom_fieldset');
                DB::statement('delete from custom_fields');
@@ -92,10 +94,12 @@ class PaveIt extends Command
                \DB::statement('drop table IF EXISTS accessories_users');
                \DB::statement('drop table IF EXISTS accessories');
                \DB::statement('drop table IF EXISTS asset_logs');
+                \DB::statement('drop table IF EXISTS action_logs');
                \DB::statement('drop table IF EXISTS asset_maintenances');
                \DB::statement('drop table IF EXISTS asset_uploads');
                \DB::statement('drop table IF EXISTS assets');
                \DB::statement('drop table IF EXISTS categories');
+                \DB::statement('drop table IF EXISTS checkout_requests');
                \DB::statement('drop table IF EXISTS companies');
                \DB::statement('drop table IF EXISTS consumables_users');
                \DB::statement('drop table IF EXISTS consumables');
--- a/app/Console/Commands/Purge.php
+++ b/app/Console/Commands/Purge.php
@@ -62,15 +62,19 @@ class Purge extends Command
            $assetcount = $assets->count();
            $this->info($assets->count().' assets purged.');
            $asset_assoc = 0;
+            $asset_maintenances = 0;

            foreach ($assets as $asset) {
                $this->info('- Asset "'.$asset->showAssetName().'" deleted.');
                $asset_assoc += $asset->assetlog()->count();
                $asset->assetlog()->forceDelete();
+                $asset_maintenances += $asset->assetmaintenances()->count();
+                $asset->assetmaintenances()->forceDelete();
                $asset->forceDelete();
            }

            $this->info($asset_assoc.' corresponding log records purged.');
+            $this->info($asset_maintenances.' corresponding maintenance records purged.');

            $locations = Location::whereNotNull('deleted_at')->withTrashed()->get();
            $this->info($locations->count().' locations purged.');
--- a/app/Console/Commands/SendExpirationAlerts.php
+++ b/app/Console/Commands/SendExpirationAlerts.php
@@ -66,7 +66,7 @@ class SendExpirationAlerts extends Command
            $asset_data['email_content'] .= '<td><a href="'.config('app.url').'/hardware/'.e($asset->id).'/view">';
            $asset_data['email_content'] .= $asset->showAssetName().'</a></td><td>'.e($asset->asset_tag).'</td>';
            $asset_data['email_content'] .= '<td>'.e($asset->warrantee_expires()).'</td>';
-            $asset_data['email_content'] .= '<td>'.$difference.' days</td>';
+            $asset_data['email_content'] .= '<td>'.$difference.' '.trans('mail.days').'</td>';
            $asset_data['email_content'] .= '<td>'.($asset->supplier ? e($asset->supplier->name) : '').'</td>';
            $asset_data['email_content'] .= '<td>'.($asset->assigneduser ? e($asset->assigneduser->fullName()) : '').'</td>';
            $asset_data['email_content'] .= '</tr>';
@@ -100,17 +100,21 @@ class SendExpirationAlerts extends Command


            if (count($expiring_assets) > 0) {
+                $this->info('Report sent to '.Setting::getSettings()->alert_email);
                \Mail::send('emails.expiring-assets-report', $asset_data, function ($m) {
                    $m->to(explode(',', Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
-                    $m->subject('Expiring Assets Report');
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.Expiring_Assets_Report'));
                });

            }

            if (count($expiring_licenses) > 0) {
+                $this->info('Report sent to '.Setting::getSettings()->alert_email);
                \Mail::send('emails.expiring-licenses-report', $license_data, function ($m) {
                    $m->to(explode(',', Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
-                    $m->subject('Expiring Licenses Report');
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.Expiring_Licenses_Report'));
                });

            }
--- a/app/Console/Commands/SendInventoryAlerts.php
+++ b/app/Console/Commands/SendInventoryAlerts.php
@@ -50,7 +50,8 @@ class SendInventoryAlerts extends Command
            if (count($data['data']) > 0) {
                \Mail::send('emails.low-inventory', $data, function ($m) {
                    $m->to(explode(',', Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
-                    $m->subject('Low Inventory Report');
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.Low_Inventory_Report'));
                });

            }
--- a/app/Console/Commands/Versioning.php
+++ b/app/Console/Commands/Versioning.php
@@ -40,20 +40,19 @@ class Versioning extends Command
     */
    public function fire()
    {
-        // Path to the file containing your version
-        // This will be overwritten everything you commit a message
-        $versionFile = app_path().'/config/version.php';

-        // The git's output
-        // get the argument passed in the git command
-         $hash_version = $this->argument('app_version');
+        $versionFile = 'config/version.php';
+        $hash_version = str_replace("\n",'',shell_exec('git describe --tags'));

-         // discard the commit hash
-         $version = explode('-', $hash_version);
-         $realVersion = $version[0] . '-' . $version[1];
+        $version = explode('-', $hash_version);

-         // save the version array to a variable
-         $array = var_export(array('app_version' => $realVersion,'hash_version' => $hash_version), true);
+        $array = var_export(
+            array(
+            'app_version' => $version[0],
+            'build_version' => $version[1],
+            'hash_version' => $version[2],
+            'full_hash' => $hash_version),
+        true);


        // Construct our file content
@@ -64,7 +63,7 @@ CON;

        // And finally write the file and output the current version
        \File::put($versionFile, $content);
-        $this->line('Setting version: '. \config('version.latest'));
+        $this->line('Setting version: '. config('version.app_version').' build '.config('version.build_version').' ('.config('version.hash_version').')');
    }

    /**
@@ -75,7 +74,6 @@ CON;
    protected function getArguments()
    {
        return array(
-            array('app_version', InputArgument::REQUIRED, 'version number is required.'),
        );
    }

--- a/app/Console/Kernel.php
+++ b/app/Console/Kernel.php
@@ -23,6 +23,7 @@ class Kernel extends ConsoleKernel
        Commands\SystemBackup::class,
        Commands\DisableLDAP::class,
        Commands\Purge::class,
+        Commands\LdapSync::class,
    ];

    /**
--- a/app/Helpers/Helper.php
+++ b/app/Helpers/Helper.php
@@ -17,16 +17,20 @@ use App\Models\Component;
 use App\Models\Accessory;
 use App\Models\Consumable;
 use App\Models\Asset;
+use Crypt;
+use Illuminate\Contracts\Encryption\DecryptException;

-/*
- * To change this license header, choose License Headers in Project Properties.
- * To change this template file, choose Tools | Templates
- * and open the template in the editor.
- */
 class Helper
 {


+    /**
+     * Simple helper to invoke the markdown parser
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.0]
+     * @return String
+     */
    public static function parseEscapedMarkedown($str) {
        $Parsedown = new \Parsedown();

@@ -36,20 +40,33 @@ class Helper
    }


-    // This doesn't do anything yet
-    public static function parseEmailList($emails)
+    /**
+     * The importer has formatted number strings since v3,
+     * so the value might be a string, or an integer.
+     * If it's a number, format it as a string.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.0]
+     * @return String
+     */
+    public static function formatCurrencyOutput($cost)
    {
-        $emails_array = explode(',', $emails);
-        return array_walk($emails_array, 'trim_value');
+        if (is_numeric($cost)) {
+            return number_format($cost, 2, '.', '');
+        }
+        // It's already been parsed.
+        return $cost;
    }

-    // This doesn't do anything yet
-    public static function trim_value(&$value)
-    {
-        return trim($value);
-    }

-    // Static colors for pie charts
+    /**
+     * Static colors for pie charts.
+     * This is inelegant, and could be refactored later.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.3]
+     * @return Array
+     */
    public static function chartColors()
    {
        $colors = [
@@ -67,8 +84,15 @@ class Helper
        return $colors;
    }

-    // Static background (highlight) colors for pie charts
-    // This is not currently used, but might be in the near future.
+
+    /**
+     * Static background (highlight) colors for pie charts
+     * This is inelegant, and could be refactored later.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.2]
+     * @return Array
+     */
    public static function chartBackgroundColors()
    {
        $colors = [
@@ -87,10 +111,15 @@ class Helper
    }


-
+    /**
+     * Format currency using comma for thousands until local info is property used.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.7]
+     * @return String
+     */
    public static function ParseFloat($floatString)
    {
-        // use comma for thousands until local info is property used
        $LocaleInfo = localeconv();
        $floatString = str_replace(",", "", $floatString);
        $floatString = str_replace($LocaleInfo["decimal_point"], ".", $floatString);
@@ -98,6 +127,13 @@ class Helper
    }


+    /**
+     * Get the list of models in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function modelList()
    {
        $models = AssetModel::with('manufacturer')->get();
@@ -108,6 +144,13 @@ class Helper
        return $model_array;
    }

+    /**
+     * Get the list of companies in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function companyList()
    {
        $company_list = array('0' => trans('general.select_company')) + DB::table('companies')
@@ -117,6 +160,13 @@ class Helper
    }


+    /**
+     * Get the list of categories in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function categoryList($category_type = null)
    {
        $categories = Category::orderBy('name', 'asc')
@@ -128,6 +178,13 @@ class Helper
        return $category_list;
    }

+    /**
+     * Get the list of suppliers in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function suppliersList()
    {
        $supplier_list = array('' => trans('general.select_supplier')) + Supplier::orderBy('name', 'asc')
@@ -136,6 +193,14 @@ class Helper
        return $supplier_list;
    }

+
+    /**
+     * Get the list of status labels in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function statusLabelList()
    {
        $statuslabel_list = array('' => trans('general.select_statuslabel')) + Statuslabel::orderBy('name', 'asc')
@@ -143,6 +208,14 @@ class Helper
        return $statuslabel_list;
    }

+
+    /**
+     * Get the list of locations in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function locationsList()
    {
        $location_list = array('' => trans('general.select_location')) + Location::orderBy('name', 'asc')
@@ -150,6 +223,14 @@ class Helper
        return $location_list;
    }

+
+    /**
+     * Get the list of manufacturers in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function manufacturerList()
    {
        $manufacturer_list = array('' => trans('general.select_manufacturer')) +
@@ -158,12 +239,26 @@ class Helper
        return $manufacturer_list;
    }

+    /**
+     * Get the list of status label types in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function statusTypeList()
    {
        $statuslabel_types = array('' => trans('admin/hardware/form.select_statustype')) + array('undeployable' => trans('admin/hardware/general.undeployable')) + array('pending' => trans('admin/hardware/general.pending')) + array('archived' => trans('admin/hardware/general.archived')) + array('deployable' => trans('admin/hardware/general.deployable'));
        return $statuslabel_types;
    }

+    /**
+     * Get the list of managers in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function managerList()
    {
        $manager_list = array('' => trans('general.select_user')) +
@@ -175,6 +270,13 @@ class Helper
        return $manager_list;
    }

+    /**
+     * Get the list of depreciations in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function depreciationList()
    {
        $depreciation_list = ['' => 'Do Not Depreciate'] + Depreciation::orderBy('name', 'asc')
@@ -182,16 +284,30 @@ class Helper
        return $depreciation_list;
    }

+    /**
+     * Get the list of category types in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function categoryTypeList()
    {
        $category_types = array('' => '','accessory' => 'Accessory', 'asset' => 'Asset', 'consumable' => 'Consumable','component' => 'Component');
        return $category_types;
    }

+    /**
+     * Get the list of users in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function usersList()
    {
        $users_list =   array( '' => trans('general.select_user')) +
-                        User::where('deleted_at', '=', null)
+                        Company::scopeCompanyables(User::where('deleted_at', '=', null))
                        ->where('show_in_list','=',1)
                        ->orderBy('last_name', 'asc')
                        ->orderBy('first_name', 'asc')->get()
@@ -200,6 +316,13 @@ class Helper
        return $users_list;
    }

+    /**
+     * Get the list of assets in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function assetsList()
    {
        $assets_list = array('' => trans('general.select_asset')) + Asset::orderBy('name', 'asc')
@@ -208,27 +331,54 @@ class Helper
        return $assets_list;
    }

+    /**
+     * Get the detailed list of assets in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function detailedAssetList()
    {
-
-        $assets = array('' => trans('general.select_asset')) + Company::scopeCompanyables(Asset::all(), 'assets.company_id')->lists('detailed_name', 'id')->toArray();
+        $assets = array('' => trans('general.select_asset')) + Company::scopeCompanyables(Asset::with('assignedUser', 'model'), 'assets.company_id')->get()->lists('detailed_name', 'id')->toArray();
        return $assets;
    }


+    /**
+     * Get the list of custom fields in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function customFieldsetList()
    {
        $customfields = array('' => trans('admin/models/general.no_custom_field')) + CustomFieldset::pluck('name', 'id')->toArray();
        return  $customfields;
    }

+    /**
+     * Get the list of custom field formats in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.4]
+     * @return Array
+     */
    public static function predefined_formats()
    {
        $keys=array_keys(CustomField::$PredefinedFormats);
        $stuff=array_combine($keys, $keys);
-        return $stuff+["" => "Custom Format..."];
+        return $stuff+["" => trans('admin/custom_fields/general.custom_format')];
    }

+    /**
+     * Get the list of barcode dimensions
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.3]
+     * @return Array
+     */
    public static function barcodeDimensions($barcode_type = 'QRCODE')
    {
        if ($barcode_type == 'C128') {
@@ -244,6 +394,13 @@ class Helper
        return $size;
    }

+    /**
+     * Generates a random string
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return Array
+     */
    public static function generateRandomString($length = 10)
    {
        $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
@@ -255,10 +412,15 @@ class Helper
        return $randomString;
    }

+
    /**
     * This nasty little method gets the low inventory info for the
     * alert dropdown
-     **/
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return Array
+     */
    public static function checkLowInventory()
    {
        $consumables = Consumable::with('users')->whereNotNull('min_amt')->get();
@@ -272,8 +434,8 @@ class Helper
        foreach ($consumables as $consumable) {
            $avail = $consumable->numRemaining();
            if ($avail < ($consumable->min_amt) + \App\Models\Setting::getSettings()->alert_threshold) {
-                if ($consumable->total_qty > 0) {
-                    $percent = number_format((($consumable->numRemaining() / $consumable->total_qty) * 100), 0);
+                if ($consumable->qty > 0) {
+                    $percent = number_format((($consumable->numRemaining() / $consumable->qty) * 100), 0);
                } else {
                    $percent = 100;
                }
@@ -294,8 +456,8 @@ class Helper
            $avail = $accessory->numRemaining();
            if ($avail < ($accessory->min_amt) + \App\Models\Setting::getSettings()->alert_threshold) {

-                if ($accessory->total_qty > 0) {
-                    $percent = number_format((($accessory->numRemaining() / $accessory->total_qty) * 100), 0);
+                if ($accessory->qty > 0) {
+                    $percent = number_format((($accessory->numRemaining() / $accessory->qty) * 100), 0);
                } else {
                    $percent = 100;
                }
@@ -314,8 +476,8 @@ class Helper
        foreach ($components as $component) {
            $avail = $component->numRemaining();
            if ($avail < ($component->min_amt) + \App\Models\Setting::getSettings()->alert_threshold) {
-                if ($component->total_qty > 0) {
-                    $percent = number_format((($component->numRemaining() / $component->total_qty) * 100), 0);
+                if ($component->qty > 0) {
+                    $percent = number_format((($component->numRemaining() / $component->qty) * 100), 0);
                } else {
                    $percent = 100;
                }
@@ -339,9 +501,16 @@ class Helper
    }


+    /**
+     * Check if the file is an image, so we can show a preview
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @param File $file
+     * @return String | Boolean
+     */
    public static function checkUploadIsImage($file)
    {
-        // Check if the file is an image, so we can show a preview
        $finfo = @finfo_open(FILEINFO_MIME_TYPE); // return mime type ala mimetype extension
        $filetype = @finfo_file($finfo, $file);
        finfo_close($finfo);
@@ -403,4 +572,117 @@ class Helper
        return $permissions_arr;
    }

+    /**
+     * Introspects into the model validation to see if the field passed is required.
+     * This is used by the blades to add a required class onto the HTML element.
+     * This isn't critical, but is helpful to keep form fields in sync with the actual
+     * model level validation.
+     *
+     * This does not currently handle form request validation requiredness :(
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return boolean
+     */
+    public static function checkIfRequired($class, $field) {
+        $rules = $class::rules();
+        foreach ($rules as $rule_name => $rule) {
+            if ($rule_name == $field) {
+                if (strpos($rule, 'required') === false) {
+                    return false;
+                } else {
+                    return true;
+                }
+
+            }
+        }
+    }
+
+
+    /**
+     * Check to see if the given key exists in the array, and trim excess white space before returning it
+     *
+     * @author Daniel Melzter
+     * @since 3.0
+     * @param $array array
+     * @param $key string
+     * @param $default string
+     * @return string
+     */
+    public static function array_smart_fetch(array $array, $key, $default = '')
+    {
+       array_change_key_case($array, CASE_LOWER);
+        return array_key_exists(strtolower($key), array_change_key_case($array)) ? e(trim($array[ $key ])) : $default;
+    }
+
+    /**
+     * Check to see if the given key exists in the array, and trim excess white space before returning it
+     *
+     * @author A. Gianotto
+     * @since 3.2
+     * @param $array array
+     * @return string
+     */
+    public static function getLastDateFromHistoryArray(array $array)
+    {
+        foreach ($array as $key => $value) {
+//            echo '<pre>';
+//            echo 'last:'.$key;
+//            print_r($array);
+//            echo '</pre>';
+        }
+    }
+
+
+    /**
+     * Gracefully handle decrypting the legacy data (encrypted via mcrypt) and use the new
+     * decryption method instead.
+     *
+     * This is not currently used, but will be.
+     *
+     * @author A. Gianotto
+     * @since 3.6
+     * @param CustomField $field
+     * @param String $string
+     * @return string
+     */
+    public static function gracefulDecrypt(CustomField $field, $string) {
+
+        if ($field->isFieldDecryptable($string)) {
+
+            try {
+                Crypt::decrypt($string);
+                return Crypt::decrypt($string);
+
+            } catch (DecryptException $e) {
+                return 'Error Decrypting: '.$e->getMessage();
+            }
+
+        }
+        return $string;
+
+    }
+
+    /**
+     * Strip HTML out of returned JSON. This is pretty gross, and I'd like to find a better way
+     * to handle this, but the REST API will solve some of these problems anyway.
+     *
+     * This is not currently used, but will be.
+     *
+     * @author A. Gianotto
+     * @since 3.4
+     * @param $array array
+     * @return Array
+     */
+    public static function stripTagsFromJSON(Array $array) {
+
+        foreach ($array as $key => $value) {
+            $clean_value = strip_tags($value);
+            $clean_array[$key] = $clean_value;
+        }
+        return $clean_array;
+
+    }
+
+
 }
--- a/app/Http/Controllers/AccessoriesController.php
+++ b/app/Http/Controllers/AccessoriesController.php
@@ -7,18 +7,19 @@ use App\Models\Actionlog;
 use App\Models\Company;
 use App\Models\Setting;
 use App\Models\User;
+use Auth;
 use Carbon\Carbon;
 use Config;
 use DB;
+use Gate;
 use Input;
 use Lang;
 use Mail;
 use Redirect;
+use Request;
 use Slack;
 use Str;
 use View;
-use Auth;
-use Request;

 /** This controller handles all actions related to Accessories for
 * the Snipe-IT Asset Management application.
@@ -52,14 +53,12 @@ class AccessoriesController extends Controller
    public function getCreate(Request $request)
    {
        // Show the page
-        $category_list = Helper::categoryList('accessory');
-        $company_list = Helper::companyList();
-        $location_list = Helper::locationsList();
        return View::make('accessories/edit')
-          ->with('accessory', new Accessory)
-          ->with('category_list', $category_list)
-          ->with('company_list', $company_list)
-          ->with('location_list', $location_list);
+          ->with('item', new Accessory)
+          ->with('category_list', Helper::categoryList('accessory'))
+          ->with('company_list', Helper::companyList())
+          ->with('location_list', Helper::locationsList())
+          ->with('manufacturer_list', Helper::manufacturerList());
    }


@@ -76,12 +75,14 @@ class AccessoriesController extends Controller
        $accessory = new Accessory();

        // Update the accessory data
-        $accessory->name                  = e(Input::get('name'));
-        $accessory->category_id               = e(Input::get('category_id'));
-        $accessory->location_id               = e(Input::get('location_id'));
-        $accessory->min_amt               = e(Input::get('min_amt'));
+        $accessory->name                    = e(Input::get('name'));
+        $accessory->category_id             = e(Input::get('category_id'));
+        $accessory->location_id             = e(Input::get('location_id'));
+        $accessory->min_amt                 = e(Input::get('min_amt'));
        $accessory->company_id              = Company::getIdForCurrentUser(Input::get('company_id'));
        $accessory->order_number            = e(Input::get('order_number'));
+        $accessory->manufacturer_id         = e(Input::get('manufacturer_id'));
+        $accessory->model_number            = e(Input::get('model_number'));

        if (e(Input::get('purchase_date')) == '') {
            $accessory->purchase_date       =  null;
@@ -92,14 +93,15 @@ class AccessoriesController extends Controller
        if (e(Input::get('purchase_cost')) == '0.00') {
            $accessory->purchase_cost       =  null;
        } else {
-            $accessory->purchase_cost       = e(Input::get('purchase_cost'));
+            $accessory->purchase_cost       = Helper::ParseFloat(e(Input::get('purchase_cost')));
        }

-        $accessory->qty                       = e(Input::get('qty'));
-        $accessory->user_id               = Auth::user()->id;
+        $accessory->qty                     = e(Input::get('qty'));
+        $accessory->user_id                 = Auth::user()->id;

        // Was the accessory created?
        if ($accessory->save()) {
+            $accessory->logCreate();
            // Redirect to the new accessory  page
            return redirect()->to("admin/accessories")->with('success', trans('admin/accessories/message.create.success'));
        }
@@ -118,21 +120,18 @@ class AccessoriesController extends Controller
    public function getEdit(Request $request, $accessoryId = null)
    {
        // Check if the accessory exists
-        if (is_null($accessory = Accessory::find($accessoryId))) {
+        if (is_null($item = Accessory::find($accessoryId))) {
            // Redirect to the blogs management page
            return redirect()->to('admin/accessories')->with('error', trans('admin/accessories/message.does_not_exist'));
-        } elseif (!Company::isCurrentUserHasAccess($accessory)) {
+        } elseif (!Company::isCurrentUserHasAccess($item)) {
            return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
        }

-        $category_list = Helper::categoryList('accessory');
-        $company_list = Helper::companyList();
-        $location_list = Helper::locationsList();
-
-        return View::make('accessories/edit', compact('accessory'))
-          ->with('category_list', $category_list)
-          ->with('company_list', $company_list)
-          ->with('location_list', $location_list);
+        return View::make('accessories/edit', compact('item'))
+          ->with('category_list', Helper::categoryList('accessory'))
+          ->with('company_list', Helper::companyList())
+          ->with('location_list', Helper::locationsList())
+          ->with('manufacturer_list', Helper::manufacturerList());
    }


@@ -145,9 +144,9 @@ class AccessoriesController extends Controller
   */
    public function postEdit(Request $request, $accessoryId = null)
    {
-      // Check if the blog post exists
+      // Check if the accessory exists
        if (is_null($accessory = Accessory::find($accessoryId))) {
-            // Redirect to the blogs management page
+            // Redirect to the accessory index page
            return redirect()->to('admin/accessories')->with('error', trans('admin/accessories/message.does_not_exist'));
        } elseif (!Company::isCurrentUserHasAccess($accessory)) {
            return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
@@ -159,12 +158,14 @@ class AccessoriesController extends Controller
        if (e(Input::get('location_id')) == '') {
            $accessory->location_id = null;
        } else {
-            $accessory->location_id     = e(Input::get('location_id'));
+            $accessory->location_id         = e(Input::get('location_id'));
        }
-        $accessory->min_amt             = e(Input::get('min_amt'));
+        $accessory->min_amt                 = e(Input::get('min_amt'));
        $accessory->category_id             = e(Input::get('category_id'));
        $accessory->company_id              = Company::getIdForCurrentUser(Input::get('company_id'));
+        $accessory->manufacturer_id         = e(Input::get('manufacturer_id'));
        $accessory->order_number            = e(Input::get('order_number'));
+        $accessory->model_number            = e(Input::get('model_number'));

        if (e(Input::get('purchase_date')) == '') {
            $accessory->purchase_date       =  null;
@@ -180,9 +181,9 @@ class AccessoriesController extends Controller

        $accessory->qty                     = e(Input::get('qty'));

-      // Was the accessory created?
+      // Was the accessory updated?
        if ($accessory->save()) {
-            // Redirect to the new accessory page
+            // Redirect to the updated accessory page
            return redirect()->to("admin/accessories")->with('success', trans('admin/accessories/message.update.success'));
        }

@@ -311,14 +312,7 @@ class AccessoriesController extends Controller
        'user_id' => Auth::user()->id,
        'assigned_to' => e(Input::get('assigned_to'))));

-        $logaction = new Actionlog();
-        $logaction->accessory_id = $accessory->id;
-        $logaction->asset_id = 0;
-        $logaction->checkedout_to = $accessory->assigned_to;
-        $logaction->asset_type = 'accessory';
-        $logaction->location_id = $user->location_id;
-        $logaction->user_id = Auth::user()->id;
-        $logaction->note = e(Input::get('note'));
+        $logaction = $accessory->logCheckout(e(Input::get('note')));



@@ -342,11 +336,11 @@ class AccessoriesController extends Controller
                'fields' => [
                  [
                  'title' => 'Checked Out:',
-                  'value' => strtoupper($logaction->asset_type).' <'.config('app.url').'/admin/accessories/'.$accessory->id.'/view'.'|'.$accessory->name.'> checked out to <'.config('app.url').'/admin/users/'.$user->id.'/view|'.$user->fullName().'> by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
+                  'value' => 'Accessory <'.config('app.url').'/admin/accessories/'.$accessory->id.'/view'.'|'.$accessory->name.'> checked out to <'.config('app.url').'/admin/users/'.$user->id.'/view|'.$user->fullName().'> by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
                  ],
                  [
                      'title' => 'Note:',
-                      'value' => e($logaction->note)
+                      'value' => e(Input::get('note'))
                  ],
                ]
                ])->send('Accessory Checked Out');
@@ -357,9 +351,6 @@ class AccessoriesController extends Controller
        }


-
-        $log = $logaction->logaction('checkout');
-
        $accessory_user = DB::table('accessories_users')->where('assigned_to', '=', $accessory->assigned_to)->where('accessory_id', '=', $accessory->id)->first();

        $data['log_id'] = $logaction->id;
@@ -377,7 +368,8 @@ class AccessoriesController extends Controller

            Mail::send('emails.accept-accessory', $data, function ($m) use ($user) {
                $m->to($user->email, $user->first_name . ' ' . $user->last_name);
-                $m->subject('Confirm accessory delivery');
+                $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                $m->subject(trans('mail.Confirm_accessory_delivery'));
            });
        }

@@ -437,21 +429,14 @@ class AccessoriesController extends Controller
            return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
        }

-        $logaction = new Actionlog();
-        $logaction->checkedout_to = e($accessory_user->assigned_to);
        $return_to = e($accessory_user->assigned_to);
+        $logaction = $accessory->logCheckin(User::find($return_to), e(Input::get('note')));
        $admin_user = Auth::user();


      // Was the accessory updated?
        if (DB::table('accessories_users')->where('id', '=', $accessory_user->id)->delete()) {

-            $logaction->accessory_id = e($accessory->id);
-            $logaction->location_id = null;
-            $logaction->asset_type = 'accessory';
-            $logaction->user_id = e($admin_user->id);
-            $logaction->note = e(Input::get('note'));
-
            $settings = Setting::getSettings();

            if ($settings->slack_endpoint) {
@@ -471,7 +456,7 @@ class AccessoriesController extends Controller
                        'fields' => [
                            [
                                'title' => 'Checked In:',
-                                'value' => strtoupper($logaction->asset_type).' <'.config('app.url').'/admin/accessories/'.e($accessory->id).'/view'.'|'.e($accessory->name).'> checked in by <'.config('app.url').'/admin/users/'.e($admin_user->id).'/view'.'|'.e($admin_user->fullName()).'>.'
+                                'value' => class_basename(strtoupper($logaction->item_type)).' <'.config('app.url').'/admin/accessories/'.e($accessory->id).'/view'.'|'.e($accessory->name).'> checked in by <'.config('app.url').'/admin/users/'.e($admin_user->id).'/view'.'|'.e($admin_user->fullName()).'>.'
                            ],
                            [
                                'title' => 'Note:',
@@ -487,9 +472,6 @@ class AccessoriesController extends Controller

            }

-
-            $log = $logaction->logaction('checkin from');
-
            if (!is_null($accessory_user->assigned_to)) {
                $user = User::find($accessory_user->assigned_to);
            }
@@ -505,7 +487,8 @@ class AccessoriesController extends Controller

                Mail::send('emails.checkin-asset', $data, function ($m) use ($user) {
                    $m->to($user->email, $user->first_name . ' ' . $user->last_name);
-                    $m->subject('Confirm Accessory Checkin');
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.Confirm_Accessory_Checkin'));
                });
            }

@@ -549,9 +532,11 @@ class AccessoriesController extends Controller
    **/
    public function getDatatable(Request $request)
    {
-        $accessories = Accessory::select('accessories.*')->with('category', 'company')
-        ->whereNull('accessories.deleted_at');
-
+        $accessories = Company::scopeCompanyables(
+            Accessory::select('accessories.*')
+            ->whereNull('accessories.deleted_at')
+            ->with('category', 'company', 'manufacturer', 'users', 'location')
+        );
        if (Input::has('search')) {
            $accessories = $accessories->TextSearch(e(Input::get('search')));
        }
@@ -569,7 +554,7 @@ class AccessoriesController extends Controller
        }


-        $allowed_columns = ['name','min_amt','order_number','purchase_date','purchase_cost','companyName','category'];
+        $allowed_columns = ['name','min_amt','order_number','purchase_date','purchase_cost','companyName','category','model_number'];
        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';

@@ -591,21 +576,38 @@ class AccessoriesController extends Controller
        $rows = array();

        foreach ($accessories as $accessory) {
-            $actions = '<nobr><a href="'.route('checkout/accessory', $accessory->id).'" style="margin-right:5px;" class="btn btn-info btn-sm" '.(($accessory->numRemaining() > 0 ) ? '' : ' disabled').'>'.trans('general.checkout').'</a><a href="'.route('update/accessory', $accessory->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/accessory', $accessory->id).'" data-content="'.trans('admin/accessories/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($accessory->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></nobr>';
+
+            $actions = '<nobr>';
+            if (Gate::allows('accessories.checkout')) {
+                $actions .= '<a href="' . route('checkout/accessory',
+                        $accessory->id) . '" style="margin-right:5px;" class="btn btn-info btn-sm" ' . (($accessory->numRemaining() > 0) ? '' : ' disabled') . '>' . trans('general.checkout') . '</a>';
+            }
+            if (Gate::allows('accessories.edit')) {
+                $actions .= '<a href="' . route('update/accessory',
+                        $accessory->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
+            }
+            if (Gate::allows('accessories.delete')) {
+                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/accessory',
+                        $accessory->id) . '" data-content="' . trans('admin/accessories/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($accessory->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
+            }
+            $actions .= '</nobr>';
            $company = $accessory->company;

            $rows[] = array(
            'name'          => '<a href="'.url('admin/accessories/'.$accessory->id).'/view">'. $accessory->name.'</a>',
            'category'      => ($accessory->category) ? (string)link_to('admin/settings/categories/'.$accessory->category->id.'/view', $accessory->category->name) : '',
+            'model_number'      =>  e($accessory->model_number),
            'qty'           => e($accessory->qty),
            'order_number'  => e($accessory->order_number),
            'min_amt'  => e($accessory->min_amt),
            'location'      => ($accessory->location) ? e($accessory->location->name): '',
            'purchase_date' => e($accessory->purchase_date),
-            'purchase_cost' => number_format($accessory->purchase_cost, 2),
+            'purchase_cost' => Helper::formatCurrencyOutput($accessory->purchase_cost),
            'numRemaining'  => $accessory->numRemaining(),
            'actions'       => $actions,
-            'companyName'   => is_null($company) ? '' : e($company->name)
+            'companyName'   => is_null($company) ? '' : e($company->name),
+            'manufacturer'      => $accessory->manufacturer ? (string) link_to('/admin/settings/manufacturers/'.$accessory->manufacturer_id.'/view', $accessory->manufacturer->name) : ''
+
            );
        }

@@ -654,10 +656,20 @@ class AccessoriesController extends Controller
        $rows = array();

        foreach ($accessory_users as $user) {
-            $actions = '<a href="'.route('checkin/accessory', $user->pivot->id).'" class="btn btn-info btn-sm">Checkin</a>';
+            $actions = '';
+            if (Gate::allows('accessories.checkin')) {
+                $actions .= '<a href="' . route('checkin/accessory',
+                        $user->pivot->id) . '" class="btn btn-info btn-sm">Checkin</a>';
+            }
+
+            if (Gate::allows('users.view')) {
+                $name = (string) link_to('/admin/users/'.$user->id.'/view', e($user->fullName()));
+            } else {
+                $name = e($user->fullName());
+            }

            $rows[] = array(
-              'name'          =>(string) link_to('/admin/users/'.$user->id.'/view', e($user->fullName())),
+              'name'          => $name,
              'actions'       => $actions
              );
        }
--- a/app/Http/Controllers/ActionlogController.php
+++ b/app/Http/Controllers/ActionlogController.php
@@ -0,0 +1,18 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Helpers\Helper;
+use Response;
+
+class ActionlogController extends Controller
+{
+    public function displaySig($filename)
+    {
+
+        $file = config('app.private_uploads') . '/signatures/' . $filename;
+        $filetype = Helper::checkUploadIsImage($file);
+        $contents = file_get_contents($file);
+        return Response::make($contents)->header('Content-Type', $filetype);
+    }
+}
--- a/app/Http/Controllers/AssetMaintenancesController.php
+++ b/app/Http/Controllers/AssetMaintenancesController.php
@@ -21,6 +21,7 @@ use App\Models\Setting;
 use App\Models\Asset;
 use App\Helpers\Helper;
 use Auth;
+use Gate;

 /**
 * This controller handles all actions related to Asset Maintenance for
@@ -75,8 +76,7 @@ class AssetMaintenancesController extends Controller
    */
    public function getDatatable()
    {
-        $maintenances = AssetMaintenance::with('asset', 'supplier', 'asset.company','admin')
-        ->withTrashed();
+        $maintenances = AssetMaintenance::with('asset', 'supplier', 'asset.company','admin');

        if (Input::has('search')) {
            $maintenances = $maintenances->TextSearch(e(Input::get('search')));
@@ -119,23 +119,25 @@ class AssetMaintenancesController extends Controller
        $settings = Setting::getSettings();

        foreach ($maintenances as $maintenance) {
+            $actions = '';
+            if (Gate::allows('assets.edit')) {
+                $actions .= '<nobr><a href="' . route('update/asset_maintenance',
+                        $maintenance->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/asset_maintenance',
+                        $maintenance->id) . '" data-content="' . trans('admin/asset_maintenances/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($maintenance->title) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></nobr>';
+            }

-            $actions = '<nobr><a href="'.route('update/asset_maintenance', $maintenance->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/asset_maintenance', $maintenance->id).'" data-content="'.trans('admin/asset_maintenances/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($maintenance->title).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></nobr>';
-
-            if (($maintenance->cost) && ($maintenance->asset->assetloc) &&  ($maintenance->asset->assetloc->currency!='')) {
+            if (($maintenance->cost) && (isset($maintenance->asset)) && ($maintenance->asset->assetloc) &&  ($maintenance->asset->assetloc->currency!='')) {
                $maintenance_cost = $maintenance->asset->assetloc->currency.$maintenance->cost;
            } else {
                $maintenance_cost = $settings->default_currency.$maintenance->cost;
            }
-
-            $company = $maintenance->asset->company;
-
+            
            $rows[] = array(
                'id'            => $maintenance->id,
-                'asset_name'    =>  (string)link_to('/hardware/'.$maintenance->asset->id.'/view', $maintenance->asset->showAssetName()) ,
+                'asset_name'    =>  ($maintenance->asset) ? (string)link_to('/hardware/'.$maintenance->asset->id.'/view', $maintenance->asset->showAssetName()) : 'Deleted Asset' ,
                'title'         => $maintenance->title,
                'notes'         => $maintenance->notes,
-                'supplier'      => $maintenance->supplier->name,
+                'supplier'      => ($maintenance->supplier) ? (string)link_to('/admin/settings/suppliers/'.$maintenance->supplier->id.'/view', $maintenance->supplier->name) : 'Deleted Supplier',
                'cost'          => $maintenance_cost,
                'asset_maintenance_type'          => e($maintenance->asset_maintenance_type),
                'start_date'         => $maintenance->start_date,
@@ -143,7 +145,7 @@ class AssetMaintenancesController extends Controller
                'completion_date'     => $maintenance->completion_date,
                'user_id'       => ($maintenance->admin) ? (string)link_to('/admin/users/'.$maintenance->admin->id.'/view', $maintenance->admin->fullName()) : '',
                'actions'       => $actions,
-                'companyName'   => is_null($company) ? '' : $company->name
+                'companyName'   => ($maintenance->asset->company) ? $maintenance->asset->company->name : ''
            );
        }

@@ -180,7 +182,7 @@ class AssetMaintenancesController extends Controller
                   ->with('selectedAsset', $selectedAsset)
                   ->with('supplier_list', $supplier_list)
                   ->with('assetMaintenanceType', $assetMaintenanceType)
-                   ->with('assetMaintenance', new AssetMaintenance);
+                   ->with('item', new AssetMaintenance);
    }

    /**
@@ -217,7 +219,7 @@ class AssetMaintenancesController extends Controller
        if (e(Input::get('cost')) == '') {
            $assetMaintenance->cost = '';
        } else {
-            $assetMaintenance->cost =  e(Input::get('cost'));
+            $assetMaintenance->cost =  Helper::ParseFloat(e(Input::get('cost')));
        }

        if (e(Input::get('notes')) == '') {
@@ -309,7 +311,7 @@ class AssetMaintenancesController extends Controller
                                    '' => 'Select an improvement type',
                                ] + AssetMaintenance::getImprovementOptions();

-        $assets = Company::scopeCompanyables(Asset::all(), 'assets.company_id')->lists('detailed_name', 'id');
+        $assets = Company::scopeCompanyables(Asset::with('model','assignedUser')->get(), 'assets.company_id')->lists('detailed_name', 'id');
        // Get Supplier List
        $supplier_list = Helper::suppliersList();

@@ -319,7 +321,7 @@ class AssetMaintenancesController extends Controller
                   ->with('selectedAsset', null)
                   ->with('supplier_list', $supplier_list)
                   ->with('assetMaintenanceType', $assetMaintenanceType)
-                   ->with('assetMaintenance', $assetMaintenance);
+                   ->with('item', $assetMaintenance);

    }

@@ -365,7 +367,7 @@ class AssetMaintenancesController extends Controller
        if (e(Input::get('cost')) == '') {
            $assetMaintenance->cost = '';
        } else {
-            $assetMaintenance->cost =  e(Input::get('cost'));
+            $assetMaintenance->cost =  Helper::ParseFloat(e(Input::get('cost')));
        }

        if (e(Input::get('notes')) == '') {
--- a/app/Http/Controllers/AssetModelsController.php
+++ b/app/Http/Controllers/AssetModelsController.php
@@ -6,11 +6,8 @@ use Input;
 use Lang;
 use App\Models\AssetModel;
 use Redirect;
-use App\Models\Setting;
 use Auth;
 use DB;
-use App\Models\Depreciation;
-use App\Models\Manufacturer;
 use Str;
 use Validator;
 use View;
@@ -62,7 +59,7 @@ class AssetModelsController extends Controller
        ->with('category_list', $category_list)
        ->with('depreciation_list', $depreciation_list)
        ->with('manufacturer_list', $manufacturer_list)
-        ->with('model', new AssetModel);
+        ->with('item', new AssetModel);
    }


@@ -92,19 +89,19 @@ class AssetModelsController extends Controller
            $model->eol = e(Input::get('eol'));
        }

-            // Save the model data
-            $model->name                = e(Input::get('name'));
-            $model->modelno             = e(Input::get('modelno'));
-            $model->manufacturer_id     = e(Input::get('manufacturer_id'));
-            $model->category_id         = e(Input::get('category_id'));
-            $model->note            = e(Input::get('note'));
-            $model->user_id             = Auth::user()->id;
+        // Save the model data
+        $model->name                = e(Input::get('name'));
+        $model->model_number             = e(Input::get('model_number'));
+        $model->manufacturer_id     = e(Input::get('manufacturer_id'));
+        $model->category_id         = e(Input::get('category_id'));
+        $model->notes               = e(Input::get('notes'));
+        $model->user_id             = Auth::user()->id;
+        $model->requestable         = Input::has('requestable');
+
        if (Input::get('custom_fieldset')!='') {
            $model->fieldset_id = e(Input::get('custom_fieldset'));
        }

-            //$model->show_mac_address 	= e(Input::get('show_mac_address', '0'));
-

        if (Input::file('image')) {
            $image = Input::file('image');
@@ -141,15 +138,15 @@ class AssetModelsController extends Controller
        $model = new AssetModel;

        $settings=Input::all();
-        $settings['eol']=0;
+        $settings['eol']= null;

        $model->name=e(Input::get('name'));
        $model->manufacturer_id = e(Input::get('manufacturer_id'));
        $model->category_id = e(Input::get('category_id'));
-        $model->modelno = e(Input::get('modelno'));
+        $model->model_number = e(Input::get('model_number'));
        $model->user_id = Auth::user()->id;
        $model->note            = e(Input::get('note'));
-        $model->eol=0;
+        $model->eol= null;

        if (Input::get('fieldset_id')=='') {
            $model->fieldset_id = null;
@@ -176,7 +173,7 @@ class AssetModelsController extends Controller
    public function getEdit($modelId = null)
    {
        // Check if the model exists
-        if (is_null($model = AssetModel::find($modelId))) {
+        if (is_null($item = AssetModel::find($modelId))) {
            // Redirect to the model management page
            return redirect()->to('assets/models')->with('error', trans('admin/models/message.does_not_exist'));
        }
@@ -184,7 +181,8 @@ class AssetModelsController extends Controller
        $depreciation_list = Helper::depreciationList();
        $manufacturer_list = Helper::manufacturerList();
        $category_list = Helper::categoryList('asset');
-        $view = View::make('models/edit', compact('model'));
+
+        $view = View::make('models/edit', compact('item'));
        $view->with('category_list', $category_list);
        $view->with('depreciation_list', $depreciation_list);
        $view->with('manufacturer_list', $manufacturer_list);
@@ -217,17 +215,19 @@ class AssetModelsController extends Controller
        }

        if (e(Input::get('eol')) == '') {
-            $model->eol =  0;
+            $model->eol =  null;
        } else {
            $model->eol = e(Input::get('eol'));
        }
-
        // Update the model data
        $model->name                = e(Input::get('name'));
-        $model->modelno             = e(Input::get('modelno'));
+        $model->model_number        = e(Input::get('model_number'));
        $model->manufacturer_id     = e(Input::get('manufacturer_id'));
        $model->category_id         = e(Input::get('category_id'));
-        $model->note            = e(Input::get('note'));
+        $model->notes               = e(Input::get('notes'));
+
+        $model->requestable = Input::has('requestable');
+
        if (Input::get('custom_fieldset')=='') {
            $model->fieldset_id = null;
        } else {
@@ -378,7 +378,7 @@ class AssetModelsController extends Controller
        $view->with('category_list', $category_list);
        $view->with('depreciation_list', $depreciation_list);
        $view->with('manufacturer_list', $manufacturer_list);
-        $view->with('model', $model);
+        $view->with('item', $model);
        $view->with('clone_model', $model_to_clone);
        return $view;

@@ -395,7 +395,7 @@ class AssetModelsController extends Controller
    */
    public function getCustomFields($modelId)
    {
-        $model=AssetModel::find($modelId);
+        $model = AssetModel::find($modelId);
        return View::make("models.custom_fields_form")->with("model", $model);
    }

@@ -413,7 +413,7 @@ class AssetModelsController extends Controller

    public function getDatatable($status = null)
    {
-        $models = AssetModel::with('category', 'assets', 'depreciation');
+        $models = AssetModel::with('category', 'assets', 'depreciation', 'manufacturer');

        switch ($status) {
            case 'Deleted':
@@ -439,7 +439,7 @@ class AssetModelsController extends Controller
        }


-        $allowed_columns = ['id','name','modelno'];
+        $allowed_columns = ['id','name','model_number'];
        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';

@@ -462,12 +462,13 @@ class AssetModelsController extends Controller
                'manufacturer'      => (string)link_to('/admin/settings/manufacturers/'.$model->manufacturer->id.'/view', $model->manufacturer->name),
                'name'              => (string)link_to('/hardware/models/'.$model->id.'/view', $model->name),
                'image' => ($model->image!='') ? '<img src="'.config('app.url').'/uploads/models/'.$model->image.'" height=50 width=50>' : '',
-                'modelnumber'       => $model->modelno,
+                'modelnumber'       => $model->model_number,
                'numassets'         => $model->assets->count(),
-                'depreciation'      => (($model->depreciation)&&($model->depreciation->id > 0)) ? $model->depreciation->name.' ('.$model->depreciation->months.')' : trans('general.no_depreciation'),
-                'category'          => ($model->category) ? $model->category->name : '',
+                'depreciation'      => (($model->depreciation) && ($model->depreciation->id > 0)) ? $model->depreciation->name.' ('.$model->depreciation->months.')' : trans('general.no_depreciation'),
+                'category'          => ($model->category) ? (string)link_to('admin/settings/categories/'.$model->category->id.'/view', $model->category->name) : '',
                'eol'               => ($model->eol) ? $model->eol.' '.trans('general.months') : '',
-                'note'       => $model->getNote(),
+                'note'              => $model->getNote(),
+                'fieldset'          => ($model->fieldset) ? (string)link_to('admin/custom_fields/'.$model->fieldset->id, $model->fieldset->name) : '',
                'actions'           => $actions
                );
        }
@@ -488,7 +489,7 @@ class AssetModelsController extends Controller
    */
    public function getDataView($modelID)
    {
-        $assets = Asset::where('model_id', '=', $modelID)->with('company');
+        $assets = Asset::where('model_id', '=', $modelID)->with('company', 'assetstatus');

        if (Input::has('search')) {
            $assets = $assets->TextSearch(e(Input::get('search')));
--- a/app/Http/Controllers/AssetsController.php
+++ b/app/Http/Controllers/AssetsController.php
@@ -23,6 +23,7 @@ use Validator;
 use Artisan;
 use Auth;
 use Config;
+use League\Csv\Reader;
 use DB;
 use Image;
 use Input;
@@ -39,6 +40,8 @@ use Symfony\Component\Console\Output\BufferedOutput;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use TCPDF;
 use View;
+use Carbon\Carbon;
+use Gate;

 /**
 * This class controls all actions related to assets for
@@ -121,7 +124,7 @@ class AssetsController extends Controller
        $view->with('statuslabel_list', $statuslabel_list);
        $view->with('assigned_to', $assigned_to);
        $view->with('location_list', $location_list);
-        $view->with('asset', new Asset);
+        $view->with('item', new Asset);
        $view->with('manufacturer', $manufacturer_list);
        $view->with('category', $category_list);
        $view->with('statuslabel_types', $statuslabel_types);
@@ -175,7 +178,7 @@ class AssetsController extends Controller
        if (e(Input::get('purchase_cost')) == '') {
            $asset->purchase_cost =  null;
        } else {
-            $asset->purchase_cost = (e(Input::get('purchase_cost')));
+            $asset->purchase_cost = Helper::ParseFloat(e(Input::get('purchase_cost')));
        }

        if (e(Input::get('purchase_date')) == '') {
@@ -228,7 +231,7 @@ class AssetsController extends Controller
            $directory= public_path('uploads/assets/');
            // Check if the uploads directory exists.  If not, try to create it.
            if (!file_exists($directory)) {
-                mkdir($directory, 0755);
+                mkdir($directory, 0755, true);
            }
            $path = public_path('uploads/assets/'.$file_name);
            try {
@@ -237,7 +240,7 @@ class AssetsController extends Controller
                    $constraint->upsize();
                })->save($path);
                $asset->image = $file_name;
-            } catch(\Exception $e) {
+            } catch (\Exception $e) {
                \Input::flash();
                $messageBag = new \Illuminate\Support\MessageBag();
                $messageBag->add('image', $e->getMessage());
@@ -261,15 +264,10 @@ class AssetsController extends Controller

            // Was the asset created?
        if ($asset->save()) {
-
+            $asset->logCreate();
            if (Input::get('assigned_to')!='') {
-                    $logaction = new Actionlog();
-                    $logaction->asset_id = $asset->id;
-                    $logaction->checkedout_to = $asset->assigned_to;
-                    $logaction->asset_type = 'hardware';
-                    $logaction->user_id = Auth::user()->id;
-                    $logaction->note = e(Input::get('note'));
-                    $log = $logaction->logaction('checkout');
+                $user = User::find(e(Input::get('assigned_to')));
+                $asset->checkOutToUser($user, Auth::user(), date('Y-m-d H:i:s'), '', 'Checked out on asset creation', e(Input::get('name')));
            }
            // Redirect to the asset listing page
            \Session::flash('success', trans('admin/hardware/message.create.success'));
@@ -290,12 +288,12 @@ class AssetsController extends Controller
    */
    public function getEdit($assetId = null)
    {
-        
+
        // Check if the asset exists
-        if (!$asset = Asset::find($assetId)) {
+        if (!$item = Asset::find($assetId)) {
            // Redirect to the asset management page
            return redirect()->to('hardware')->with('error', trans('admin/hardware/message.does_not_exist'));
-        } elseif (!Company::isCurrentUserHasAccess($asset)) {
+        } elseif (!Company::isCurrentUserHasAccess($item)) {
            return redirect()->to('hardware')->with('error', trans('general.insufficient_permissions'));
        }

@@ -310,7 +308,7 @@ class AssetsController extends Controller
        $assigned_to = Helper::usersList();
        $statuslabel_types =Helper::statusTypeList();

-        return View::make('hardware/edit', compact('asset'))
+        return View::make('hardware/edit', compact('item'))
        ->with('model_list', $model_list)
        ->with('supplier_list', $supplier_list)
        ->with('company_list', $company_list)
@@ -356,7 +354,7 @@ class AssetsController extends Controller
        }

        if ($request->has('purchase_cost')) {
-            $asset->purchase_cost = e($request->input('purchase_cost'));
+            $asset->purchase_cost = Helper::ParseFloat(e($request->input('purchase_cost')));
        } else {
            $asset->purchase_cost =  null;
        }
@@ -409,7 +407,7 @@ class AssetsController extends Controller
            $directory= public_path('uploads/assets/');
            // Check if the uploads directory exists.  If not, try to create it.
            if (!file_exists($directory)) {
-                mkdir($directory, 0755);
+                mkdir($directory, 0755, true);
            }

            $file_name = str_random(25).".".$extension;
@@ -420,7 +418,7 @@ class AssetsController extends Controller
                    $constraint->upsize();
                })->save($path);
                $asset->image = $file_name;
-            } catch(\Exception $e) {
+            } catch (\Exception $e) {
                \Input::flash();
                $messageBag = new \Illuminate\Support\MessageBag();
                $messageBag->add('image', $e->getMessage());
@@ -438,14 +436,22 @@ class AssetsController extends Controller
        $model = AssetModel::find($request->get('model_id'));
        if ($model->fieldset) {
            foreach ($model->fieldset->fields as $field) {
-                $asset->{\App\Models\CustomField::name_to_db_name($field->name)} = e($request->input(\App\Models\CustomField::name_to_db_name($field->name)));
-    //                LOG::debug($field->name);
-    //                LOG::debug(\App\Models\CustomField::name_to_db_name($field->name));
-    //                LOG::debug($field->db_column_name());
+
+
+                if ($field->field_encrypted=='1') {
+                    if (Gate::allows('admin')) {
+                        $asset->{\App\Models\CustomField::name_to_db_name($field->name)} = \Crypt::encrypt(e($request->input(\App\Models\CustomField::name_to_db_name($field->name))));
+                    }
+
+                } else {
+                    $asset->{\App\Models\CustomField::name_to_db_name($field->name)} = e($request->input(\App\Models\CustomField::name_to_db_name($field->name)));
+                }
+

            }
        }

+
        if ($asset->save()) {
            // Redirect to the new asset page
            \Session::flash('success', trans('admin/hardware/message.update.success'));
@@ -532,6 +538,8 @@ class AssetsController extends Controller
            return redirect()->to('hardware')->with('error', trans('admin/hardware/message.does_not_exist'));
        } elseif (!Company::isCurrentUserHasAccess($asset)) {
            return redirect()->to('hardware')->with('error', trans('general.insufficient_permissions'));
+        } elseif (!$asset->availableForCheckout()) {
+            return redirect()->to('hardware')->with('error', trans('admin/hardware/message.checkout.not_available'));
        }

        $user = User::find(e(Input::get('assigned_to')));
@@ -624,8 +632,13 @@ class AssetsController extends Controller
        // Was the asset updated?
        if ($asset->save()) {

-            $checkout_at = e(Input::get('checkin_at'));
-            $logaction = $asset->createLogRecord('checkin', $asset, $admin, $user, null, e(Input::get('note')), $checkout_at);
+            if ($request->input('checkin_at') == Carbon::now()->format('Y-m-d')) {
+                $checkin_at = Carbon::now();
+            } else {
+                $checkin_at = $request->input('checkin_at').' 00:00:00';
+            }
+            //$checkin_at = e(Input::get('checkin_at'));
+            $logaction = $asset->createLogRecord('checkin', $asset, $admin, $user, null, e(Input::get('note')), $checkin_at);


            $settings = Setting::getSettings();
@@ -646,7 +659,7 @@ class AssetsController extends Controller
                            'fields' => [
                                [
                                    'title' => 'Checked In:',
-                                    'value' => strtoupper($logaction->asset_type).' asset <'.config('app.url').'/hardware/'.$asset->id.'/view'.'|'.e($asset->showAssetName()).'> checked in by <'.config('app.url').'/admin/users/'.Auth::user()->id.'/view'.'|'.e(Auth::user()->fullName()).'>.'
+                                    'value' => class_basename(strtoupper($logaction->item_type)).' asset <'.config('app.url').'/hardware/'.$asset->id.'/view'.'|'.e($asset->showAssetName()).'> checked in by <'.config('app.url').'/admin/users/'.Auth::user()->id.'/view'.'|'.e(Auth::user()->fullName()).'>.'
                                ],
                                [
                                    'title' => 'Note:',
@@ -673,7 +686,8 @@ class AssetsController extends Controller
            if ((($asset->checkin_email()=='1')) && ($user) && (!config('app.lock_passwords'))) {
                Mail::send('emails.checkin-asset', $data, function ($m) use ($user) {
                    $m->to($user->email, $user->first_name . ' ' . $user->last_name);
-                    $m->subject('Confirm Asset Checkin');
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.Confirm_Asset_Checkin'));
                });
            }

@@ -755,14 +769,20 @@ class AssetsController extends Controller
        if ($settings->qr_code == '1') {
            $asset = Asset::find($assetId);
            $size = Helper::barcodeDimensions($settings->barcode_type);
-
-
+            $qr_file = public_path().'/uploads/barcodes/qr-'.str_slug($asset->asset_tag).'.png';

            if (isset($asset->id,$asset->asset_tag)) {
-                $barcode = new \Com\Tecnick\Barcode\Barcode();
-                $barcode_obj =  $barcode->getBarcodeObj($settings->barcode_type, route('view/hardware', $asset->id), $size['height'], $size['width'], 'black', array(-2, -2, -2, -2));

-                return response($barcode_obj->getPngData())->header('Content-type', 'image/png');
+                if (file_exists($qr_file)) {
+                    $header = ['Content-type' => 'image/png'];
+                    return response()->file($qr_file, $header);
+                } else {
+                    $barcode = new \Com\Tecnick\Barcode\Barcode();
+                    $barcode_obj =  $barcode->getBarcodeObj($settings->barcode_type, route('view/hardware', $asset->id), $size['height'], $size['width'], 'black', array(-2, -2, -2, -2));
+                    file_put_contents($qr_file, $barcode_obj->getPngData());
+                    return response($barcode_obj->getPngData())->header('Content-type', 'image/png');
+                }
+
            }
        }

@@ -782,12 +802,20 @@ class AssetsController extends Controller

        $settings = Setting::getSettings();
        $asset = Asset::find($assetId);
+        $barcode_file = public_path().'/uploads/barcodes/'.str_slug($settings->alt_barcode).'-'.str_slug($asset->asset_tag).'.png';


        if (isset($asset->id,$asset->asset_tag)) {
-            $barcode = new \Com\Tecnick\Barcode\Barcode();
-            $barcode_obj =  $barcode->getBarcodeObj($settings->alt_barcode, $asset->asset_tag, 250, 20);
-            return response($barcode_obj->getPngData())->header('Content-type', 'image/png');
+
+            if (file_exists($barcode_file)) {
+                $header = ['Content-type' => 'image/png'];
+                return response()->file($barcode_file, $header);
+            } else {
+                $barcode = new \Com\Tecnick\Barcode\Barcode();
+                $barcode_obj = $barcode->getBarcodeObj($settings->alt_barcode, $asset->asset_tag, 250, 20);
+                file_put_contents($barcode_file, $barcode_obj->getPngData());
+                return response($barcode_obj->getPngData())->header('Content-type', 'image/png');
+            }
        }

    }
@@ -812,7 +840,7 @@ class AssetsController extends Controller

        // Check if the uploads directory exists.  If not, try to create it.
        if (!file_exists($path)) {
-            mkdir($path, 0755);
+            mkdir($path, 0755, true);
        }
        if ($handle = opendir($path)) {

@@ -873,11 +901,11 @@ class AssetsController extends Controller
                try {
                    $file->move($path, $date.'-'.$fixed_filename);
                } catch (\Symfony\Component\HttpFoundation\File\Exception\FileException $exception) {
-                        $results['error']=trans('admin/hardware/message.upload.error');
-                        if( config('app.debug')) {
-                            $results['error'].= ' ' . $exception->getMessage();
-                        }
-                        return $results;
+                    $results['error']=trans('admin/hardware/message.upload.error');
+                    if (config('app.debug')) {
+                        $results['error'].= ' ' . $exception->getMessage();
+                    }
+                    return $results;
                }
                $name = date('Y-m-d-his').'-'.$fixed_filename;
                $filesize = Setting::fileSizeConvert(filesize($path.'/'.$name));
@@ -900,6 +928,18 @@ class AssetsController extends Controller

    }

+    public function getDeleteImportFile($filename)
+    {
+        if (!Company::isCurrentUserAuthorized()) {
+            return redirect()->to('hardware')->with('error', trans('general.insufficient_permissions'));
+        }
+
+        if (unlink(config('app.private_uploads').'/imports/assets/'.$filename)) {
+            return redirect()->back()->with('success', trans('admin/hardware/message.import.file_delete_success'));
+        }
+        return redirect()->back()->with('error', trans('admin/hardware/message.import.file_delete_error'));
+    }
+

    /**
    * Process the uploaded file
@@ -909,28 +949,47 @@ class AssetsController extends Controller
    * @since [v2.0]
    * @return Redirect
    */
-    public function getProcessImportFile($filename)
+    public function postProcessImportFile()
    {
        // php artisan asset-import:csv path/to/your/file.csv --domain=yourdomain.com --email_format=firstname.lastname
+        $filename = Input::get('filename');
+        $itemType = Input::get('import-type');
+        $updateItems  = Input::get('import-update');

        if (!Company::isCurrentUserAuthorized()) {
            return redirect()->to('hardware')->with('error', trans('general.insufficient_permissions'));
        }
-
-        $return = Artisan::call(
-            'snipeit:import',
-            ['filename'=> config('app.private_uploads').'/imports/assets/'.$filename,
+        $importOptions =    ['filename'=> config('app.private_uploads').'/imports/assets/'.$filename,
                                '--email_format'=>'firstname.lastname',
                                '--username_format'=>'firstname.lastname',
                                '--web-importer' => true,
-                                '--user_id' => Auth::user()->id
-                                ]
-        );
+                                '--user_id' => Auth::user()->id,
+                                '--item-type' => $itemType,
+                            ];
+        if ($updateItems) {
+            $importOptions['--update'] = true;
+        }
+
+        $return = Artisan::call('snipeit:import', $importOptions);
        $display_output =  Artisan::output();
        $file = config('app.private_uploads').'/imports/assets/'.str_replace('.csv', '', $filename).'-output-'.date("Y-m-d-his").'.txt';
        file_put_contents($file, $display_output);
+        // We use hardware instead of asset in the url
+        $redirectTo = "hardware";
+        switch($itemType) {
+            case "asset":
+                $redirectTo = "hardware";
+                break;
+            case "accessory":
+                $redirectTo = "accessories";
+                break;
+            case "consumable":
+                $redirectTo = "consumables";
+                break;
+        }
+
        if ($return === 0) { //Success
-            return redirect()->to('hardware')->with('success', trans('admin/hardware/message.import.success'));
+            return redirect()->to(route($redirectTo))->with('success', trans('admin/hardware/message.import.success'));
        } elseif ($return === 1) { // Failure
            return redirect()->back()->with('import_errors', json_decode($display_output))->with('error', trans('admin/hardware/message.import.error'));
        }
@@ -979,7 +1038,7 @@ class AssetsController extends Controller
        ->with('statuslabel_list', $statuslabel_list)
        ->with('statuslabel_types', $statuslabel_types)
        ->with('assigned_to', $assigned_to)
-        ->with('asset', $asset)
+        ->with('item', $asset)
        ->with('location_list', $location_list)
        ->with('manufacturer', $manufacturer_list)
        ->with('category', $category_list)
@@ -988,6 +1047,178 @@ class AssetsController extends Controller
    }


+    /**
+     * Return history import view
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @return View
+     */
+    public function getImportHistory()
+    {
+
+        return View::make('hardware/history');
+    }
+
+    /**
+     * Import history
+     *
+     * This needs a LOT of love. It's done very inelegantly right now, and there are
+     * a ton of optimizations that could (and should) be done.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.3]
+     * @return View
+     */
+    public function postImportHistory(Request $request)
+    {
+
+        if (!ini_get("auto_detect_line_endings")) {
+            ini_set("auto_detect_line_endings", '1');
+        }
+
+        $assets = Asset::all(['asset_tag']);
+
+        $csv = Reader::createFromPath(Input::file('user_import_csv'));
+        $csv->setNewline("\r\n");
+        //get the first row, usually the CSV header
+        //$headers = $csv->fetchOne();
+
+        $results = $csv->fetchAssoc();
+        $item = array();
+        $status = array();
+        $status['error'] = array();
+        $status['success'] = array();
+
+
+        foreach($results as $row) {
+
+            if (is_array($row)) {
+
+                $row = array_change_key_case($row, CASE_LOWER);
+                $asset_tag = Helper::array_smart_fetch($row, "asset tag");
+                if (!array_key_exists($asset_tag, $item)) {
+                    $item[$asset_tag] = array();
+                }
+                $batch_counter = count($item[$asset_tag]);
+
+                $item[$asset_tag][$batch_counter]['checkout_date'] = Carbon::parse(Helper::array_smart_fetch($row, "date"))->format('Y-m-d H:i:s');
+
+                $item[$asset_tag][$batch_counter]['asset_tag'] = Helper::array_smart_fetch($row, "asset tag");
+                $item[$asset_tag][$batch_counter]['name'] = Helper::array_smart_fetch($row, "name");
+                $item[$asset_tag][$batch_counter]['email'] = Helper::array_smart_fetch($row, "email");
+
+                if ($asset = Asset::where('asset_tag','=',$asset_tag)->first()) {
+
+                    $item[$asset_tag][$batch_counter]['asset_id'] = $asset->id;
+
+                    $base_username = User::generateFormattedNameFromFullName(Setting::getSettings()->username_format,$item[$asset_tag][$batch_counter]['name']);
+                    $user = User::where('username','=',$base_username['username']);
+                    $user_query = ' on username '.$base_username['username'];
+
+                    if ($request->input('match_firstnamelastname')=='1') {
+                        $firstnamedotlastname = User::generateFormattedNameFromFullName('firstname.lastname',$item[$asset_tag][$batch_counter]['name']);
+                        $item[$asset_tag][$batch_counter]['username'][] = $firstnamedotlastname['username'];
+                        $user->orWhere('username','=',$firstnamedotlastname['username']);
+                        $user_query .= ', or on username '.$firstnamedotlastname['username'];
+                    }
+
+                    if ($request->input('match_flastname')=='1') {
+                        $flastname = User::generateFormattedNameFromFullName('filastname',$item[$asset_tag][$batch_counter]['name']);
+                        $item[$asset_tag][$batch_counter]['username'][] = $flastname['username'];
+                        $user->orWhere('username','=',$flastname['username']);
+                        $user_query .= ', or on username '.$flastname['username'];
+                    }
+                    if ($request->input('match_firstname')=='1') {
+                        $firstname = User::generateFormattedNameFromFullName('firstname',$item[$asset_tag][$batch_counter]['name']);
+                        $item[$asset_tag][$batch_counter]['username'][] = $firstname['username'];
+                        $user->orWhere('username','=',$firstname['username']);
+                        $user_query .= ', or on username '.$firstname['username'];
+                    }
+                    if ($request->input('match_email')=='1') {
+                        if ($item[$asset_tag][$batch_counter]['email']=='') {
+                            $item[$asset_tag][$batch_counter]['username'][] = $user_email = User::generateEmailFromFullName($item[$asset_tag][$batch_counter]['name']);
+                            $user->orWhere('username','=',$user_email);
+                            $user_query .= ', or on username '.$user_email;
+                        }
+                    }
+
+                    // A matching user was found
+                    if ($user = $user->first()) {
+                        $item[$asset_tag][$batch_counter]['checkedout_to'] = $user->id;
+                        $item[$asset_tag][$batch_counter]['user_id'] = $user->id;
+
+                        Actionlog::firstOrCreate(array(
+                                'item_id' => $asset->id,
+                                'item_type' => Asset::class,
+                                'user_id' =>  Auth::user()->id,
+                                'note' => 'Checkout imported by '.Auth::user()->fullName().' from history importer',
+                                'target_id' => $item[$asset_tag][$batch_counter]['user_id'],
+                                'target_type' => User::class,
+                                'created_at' =>  $item[$asset_tag][$batch_counter]['checkout_date'],
+                                'action_type'   => 'checkout',
+                            )
+                        );
+
+                        $asset->assigned_to = $user->id;
+
+                        if ($asset->save()) {
+                            $status['success'][]['asset'][$asset_tag]['msg'] = 'Asset successfully matched for '.Helper::array_smart_fetch($row, "name").$user_query.' on '.$item[$asset_tag][$batch_counter]['checkout_date'];
+                        } else {
+                            $status['error'][]['asset'][$asset_tag]['msg'] = 'Asset and user was matched but could not be saved.';
+                        }
+
+                    } else {
+                        $item[$asset_tag][$batch_counter]['checkedout_to'] = null;
+                        $status['error'][]['user'][Helper::array_smart_fetch($row, "name")]['msg'] = 'User does not exist so no checkin log was created.';
+                    }
+
+                } else {
+                    $item[$asset_tag][$batch_counter]['asset_id'] = null;
+                    $status['error'][]['asset'][$asset_tag]['msg'] = 'Asset does not exist so no match was attempted.';
+                }
+
+
+
+
+            }
+        }
+
+        // Loop through and backfill the checkins
+        foreach ($item as $key => $asset_batch) {
+            $total_in_batch = count($asset_batch);
+            for($x = 0; $x < $total_in_batch; $x++) {
+                $next = $x + 1;
+
+                // Only do this if a matching user was found
+                if ((array_key_exists('checkedout_to',$asset_batch[$x])) && ($asset_batch[$x]['checkedout_to']!='')) {
+
+                    if (($total_in_batch > 1) && ($x < $total_in_batch) && (array_key_exists($next,$asset_batch))) {
+                        $checkin_date = Carbon::parse($asset_batch[$next]['checkout_date'])->subDay(1)->format('Y-m-d H:i:s');
+                        $asset_batch[$x]['real_checkin'] = $checkin_date;
+
+                        Actionlog::firstOrCreate(array(
+                                'item_id' => $asset_batch[$x]['asset_id'],
+                                'item_type' => Asset::class,
+                                'user_id' => Auth::user()->id,
+                                'note' => 'Checkin imported by ' . Auth::user()->fullName() . ' from history importer',
+                                'target_id' => null,
+                                'created_at' => $checkin_date,
+                                'action_type' => 'checkin'
+                            )
+                        );
+                    }
+                }
+
+
+            }
+        }
+
+
+        return View::make('hardware/history')->with('status',$status);
+    }
+
+
    /**
    * Retore a deleted asset.
    *
@@ -1049,15 +1280,8 @@ class AssetsController extends Controller
                $upload_success = $file->move($destinationPath, $filename);

                //Log the deletion of seats to the log
-                $logaction = new Actionlog();
-                $logaction->asset_id = $asset->id;
-                $logaction->asset_type = 'hardware';
-                $logaction->user_id = Auth::user()->id;
-                $logaction->note = e(Input::get('notes'));
-                $logaction->checkedout_to =  null;
-                $logaction->created_at =  date("Y-m-d H:i:s");
-                $logaction->filename =  $filename;
-                $log = $logaction->logaction('uploaded');
+                $asset->logUpload($filename, e(Input::get('notes')));
+
            }
        } else {
            return redirect()->back()->with('error', trans('admin/hardware/message.upload.nofiles'));
@@ -1200,7 +1424,7 @@ class AssetsController extends Controller

                    return View::make('hardware/labels')->with('assets', $assets)->with('settings', $settings)->with('count', $count)->with('settings', $settings);

-                
+

            } elseif (Input::get('bulk_actions')=='delete') {

@@ -1268,7 +1492,7 @@ class AssetsController extends Controller
                    }

                    if (Input::has('purchase_cost')) {
-                        $update_array['purchase_cost'] =  e(Input::get('purchase_cost'));
+                        $update_array['purchase_cost'] =  Helper::ParseFloat(e(Input::get('purchase_cost')));
                    }

                    if (Input::has('supplier_id')) {
@@ -1314,8 +1538,8 @@ class AssetsController extends Controller
                    ->update($update_array)) {

                        $logaction = new Actionlog();
-                        $logaction->asset_id = $key;
-                        $logaction->asset_type = 'hardware';
+                        $logaction->item_type = Asset::class;
+                        $logaction->item_id = $key;
                        $logaction->created_at =  date("Y-m-d H:i:s");

                        if (Input::has('rtd_location_id')) {
@@ -1364,7 +1588,7 @@ class AssetsController extends Controller

            foreach ($assets as $asset) {
          //echo '<li>'.$asset;
-                $update_array['deleted_at'] = date('Y-m-d h:i:s');
+                $update_array['deleted_at'] = date('Y-m-d H:i:s');
                $update_array['assigned_to'] = null;

                if (DB::table('assets')
@@ -1372,8 +1596,8 @@ class AssetsController extends Controller
                ->update($update_array)) {

                    $logaction = new Actionlog();
-                    $logaction->asset_id = $asset->id;
-                    $logaction->asset_type = 'hardware';
+                    $logaction->item_type = Asset::class;
+                    $logaction->item_id = $asset->id;
                    $logaction->created_at =  date("Y-m-d H:i:s");
                    $logaction->user_id = Auth::user()->id;
                    $log = $logaction->logaction('deleted');
@@ -1404,31 +1628,31 @@ class AssetsController extends Controller
    * @since [v2.0]
    * @return String JSON
    */
-    public function getDatatable($status = null)
+    public function getDatatable(Request $request, $status = null)
    {


-        $assets = Asset::select('assets.*')->with('model', 'assigneduser', 'assigneduser.userloc', 'assetstatus', 'defaultLoc', 'assetlog', 'model', 'model.category', 'model.manufacturer', 'model.fieldset', 'assetstatus', 'assetloc', 'company')
+        $assets = Company::scopeCompanyables(Asset::select('assets.*'))->with('model', 'assigneduser', 'assigneduser.userloc', 'assetstatus', 'defaultLoc', 'assetlog', 'model', 'model.category', 'model.manufacturer', 'model.fieldset', 'assetstatus', 'assetloc', 'company')
        ->Hardware();

-        if (Input::has('search')) {
-             $assets = $assets->TextSearch(e(Input::get('search')));
+        if ($request->has('search')) {
+             $assets = $assets->TextSearch(e($request->get('search')));
        }

-        if (Input::has('offset')) {
-             $offset = e(Input::get('offset'));
+        if ($request->has('offset')) {
+             $offset = e($request->get('offset'));
        } else {
             $offset = 0;
        }

-        if (Input::has('limit')) {
-             $limit = e(Input::get('limit'));
+        if ($request->has('limit')) {
+             $limit = e($request->get('limit'));
        } else {
             $limit = 50;
        }

-        if (Input::has('order_number')) {
-            $assets->where('order_number', '=', e(Input::get('order_number')));
+        if ($request->has('order_number')) {
+            $assets->where('order_number', '=', e($request->get('order_number')));
        }

        switch ($status) {
@@ -1453,9 +1677,14 @@ class AssetsController extends Controller
            case 'Deployed':
                $assets->Deployed();
                break;
-
        }

+        if ($request->has('status_id')) {
+            $assets->where('status_id','=', e($request->get('status_id')));
+        }
+
+
+
        $allowed_columns = [
        'id',
        'name',
@@ -1485,8 +1714,8 @@ class AssetsController extends Controller
            $allowed_columns[]=$field->db_column_name();
        }

-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'asset_tag';
+        $order = $request->get('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->get('sort'), $allowed_columns) ? $request->get('sort') : 'asset_tag';

        switch ($sort) {
            case 'model':
@@ -1525,23 +1754,42 @@ class AssetsController extends Controller
        $rows = array();
        foreach ($assets as $asset) {
            $inout = '';
-            $actions = '';
+            $actions = '<div style="white-space: nowrap;">';
            if ($asset->deleted_at=='') {
-                $actions = '<div style=" white-space: nowrap;"><a href="'.route('clone/hardware', $asset->id).'" class="btn btn-info btn-sm" title="Clone asset" data-toggle="tooltip"><i class="fa fa-clone"></i></a> <a href="'.route('update/hardware', $asset->id).'" class="btn btn-warning btn-sm" title="Edit asset" data-toggle="tooltip"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/hardware', $asset->id).'" data-content="'.trans('admin/hardware/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($asset->asset_tag).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
+                if (Gate::allows('assets.create')) {
+                    $actions .= '<a href="' . route('clone/hardware',
+                            $asset->id) . '" class="btn btn-info btn-sm" title="Clone asset" data-toggle="tooltip"><i class="fa fa-clone"></i></a> ';
+                }
+                if (Gate::allows('assets.edit')) {
+                    $actions .= '<a href="' . route('update/hardware',
+                            $asset->id) . '" class="btn btn-warning btn-sm" title="Edit asset" data-toggle="tooltip"><i class="fa fa-pencil icon-white"></i></a> ';
+                }
+                if (Gate::allows('assets.delete')) {
+                    $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/hardware',
+                            $asset->id) . '" data-content="' . trans('admin/hardware/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($asset->asset_tag) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
+                }
            } elseif ($asset->model->deleted_at=='') {
-                $actions = '<a href="'.route('restore/hardware', $asset->id).'" title="Restore asset" data-toggle="tooltip" class="btn btn-warning btn-sm"><i class="fa fa-recycle icon-white"></i></a>';
+                $actions .= '<a href="'.route('restore/hardware', $asset->id).'" title="Restore asset" data-toggle="tooltip" class="btn btn-warning btn-sm"><i class="fa fa-recycle icon-white"></i></a>';
            }

-            if ($asset->assetstatus) {
-                if (($asset->assetstatus->deployable != 0) && ($asset->deleted_at=='')) {
-                    if (($asset->assigned_to !='') && ($asset->assigned_to > 0)) {
-                        $inout = '<a href="'.route('checkin/hardware', $asset->id).'" class="btn btn-primary btn-sm" title="Checkin this asset" data-toggle="tooltip">'.trans('general.checkin').'</a>';
-                    } else {
-                        $inout = '<a href="'.route('checkout/hardware', $asset->id).'" class="btn btn-info btn-sm" title="Checkout this asset to a user" data-toggle="tooltip">'.trans('general.checkout').'</a>';
-                    }
+            $actions .= '</div>';
+
+            if (($asset->availableForCheckout()))
+            {
+                if (Gate::allows('assets.checkout')) {
+                    $inout = '<a href="' . route('checkout/hardware',
+                            $asset->id) . '" class="btn btn-info btn-sm" title="Checkout this asset to a user" data-toggle="tooltip">' . trans('general.checkout') . '</a>';
+                }
+
+            } else {
+                if (Gate::allows('assets.checkin')) {
+                    $inout = '<a href="' . route('checkin/hardware',
+                            $asset->id) . '" class="btn btn-primary btn-sm" title="Checkin this asset" data-toggle="tooltip">' . trans('general.checkin') . '</a>';
                }
            }

+            $purchase_cost = Helper::formatCurrencyOutput($asset->purchase_cost);
+
            $row = array(
            'checkbox'      =>'<div class="text-center"><input type="checkbox" name="edit_asset['.$asset->id.']" class="one_required"></div>',
            'id'        => $asset->id,
@@ -1550,14 +1798,14 @@ class AssetsController extends Controller
            'asset_tag'     => '<a title="'.e($asset->asset_tag).'" href="hardware/'.$asset->id.'/view">'.e($asset->asset_tag).'</a>',
            'serial'        => e($asset->serial),
            'model'         => ($asset->model) ? (string)link_to('/hardware/models/'.$asset->model->id.'/view', e($asset->model->name)) : 'No model',
-            'model_number'  => ($asset->model && $asset->model->modelno) ? (string)$asset->model->modelno : '',
+            'model_number'  => ($asset->model && $asset->model->model_number) ? (string)$asset->model->model_number : '',
            'status_label'        => ($asset->assigneduser) ? 'Deployed' : ((e($asset->assetstatus)) ? e($asset->assetstatus->name) : ''),
            'assigned_to'        => ($asset->assigneduser) ? (string)link_to(config('app.url').'/admin/users/'.$asset->assigned_to.'/view', e($asset->assigneduser->fullName())) : '',
-            'location'      => (($asset->assigneduser) && ($asset->assigneduser->userloc!='')) ? (string)link_to('admin/settings/locations/'.$asset->assigneduser->userloc->id.'/view', e($asset->assigneduser->userloc->name)) : (($asset->defaultLoc!='') ? (string)link_to('admin/settings/locations/'.$asset->defaultLoc->id.'/edit', e($asset->defaultLoc->name)) : ''),
+            'location'      => (($asset->assigneduser) && ($asset->assigneduser->userloc!='')) ? (string)link_to('admin/settings/locations/'.$asset->assigneduser->userloc->id.'/view', e($asset->assigneduser->userloc->name)) : (($asset->defaultLoc!='') ? (string)link_to('admin/settings/locations/'.$asset->defaultLoc->id.'/view', e($asset->defaultLoc->name)) : ''),
            'category'      => (($asset->model) && ($asset->model->category)) ?(string)link_to('/admin/settings/categories/'.$asset->model->category->id.'/view', e($asset->model->category->name)) : '',
            'manufacturer'      => (($asset->model) && ($asset->model->manufacturer)) ? (string)link_to('/admin/settings/manufacturers/'.$asset->model->manufacturer->id.'/view', e($asset->model->manufacturer->name)) : '',
            'eol'           => ($asset->eol_date()) ? $asset->eol_date() : '',
-            'purchase_cost'           => ($asset->purchase_cost) ? number_format($asset->purchase_cost, 2) : '',
+            'purchase_cost'           => $purchase_cost,
            'purchase_date'           => ($asset->purchase_date) ? $asset->purchase_date : '',
            'notes'         => e($asset->notes),
            'order_number'  => ($asset->order_number!='') ? '<a href="'.config('app.url').'/hardware?order_number='.e($asset->order_number).'">'.e($asset->order_number).'</a>' : '',
@@ -1569,13 +1817,104 @@ class AssetsController extends Controller
            'companyName'   => is_null($asset->company) ? '' : e($asset->company->name)
            );
            foreach ($all_custom_fields as $field) {
-                $row[$field->db_column_name()]=$asset->{$field->db_column_name()};
+                $column_name = $field->db_column_name();
+
+                if ($field->isFieldDecryptable($asset->{$column_name})) {
+
+                    if (Gate::allows('admin')) {
+                        if (($field->format=='URL') && ($asset->{$column_name}!='')) {
+                            $row[$column_name] = '<a href="'.Helper::gracefulDecrypt($field, $asset->{$column_name}).'" target="_blank">'.Helper::gracefulDecrypt($field, $asset->{$column_name}).'</a>';
+                        } else {
+                            $row[$column_name] = Helper::gracefulDecrypt($field, $asset->{$column_name});
+                        }
+
+                    } else {
+                        $row[$field->db_column_name()] = strtoupper(trans('admin/custom_fields/general.encrypted'));
+                    }
+                } else {
+                    if (($field->format=='URL') && ($asset->{$field->db_column_name()}!='')) {
+                        $row[$field->db_column_name()] = '<a href="'.$asset->{$field->db_column_name()}.'" target="_blank">'.$asset->{$field->db_column_name()}.'</a>';
+                    } else {
+                        $row[$field->db_column_name()] = e($asset->{$field->db_column_name()});
+                    }
+                }
+
            }
-            $rows[]=$row;
+
+            if (($request->has('report')) && ($request->get('report')=='true')) {
+                $rows[]= Helper::stripTagsFromJSON($row);
+            } else {
+                $rows[]= $row;
+            }
+
        }

        $data = array('total'=>$assetCount, 'rows'=>$rows);

        return $data;
    }
+
+      public function getBulkCheckout()
+      {
+          // Get the dropdown of users and then pass it to the checkout view
+          $users_list = Helper::usersList();
+          // Filter out assets that are not deployable.
+          $assets = Asset::RTD()->get();
+
+          $assets_list = Company::scopeCompanyables($assets, 'assets.company_id')->lists('detailed_name', 'id')->toArray();
+
+          return View::make('hardware/bulk-checkout')->with('users_list', $users_list)->with('assets_list', $assets_list);
+      }
+
+      public function postBulkCheckout(Request $request)
+      {
+
+          $this->validate($request, [
+             "assigned_to"   => 'required'
+          ]);
+
+          $user = User::find(e(Input::get('assigned_to')));
+          $admin = Auth::user();
+
+          $asset_ids = array_filter(Input::get('selected_assets'));
+
+          if ((Input::has('checkout_at')) && (Input::get('checkout_at')!= date("Y-m-d"))) {
+              $checkout_at = e(Input::get('checkout_at'));
+          } else {
+              $checkout_at = date("Y-m-d H:i:s");
+          }
+
+          if (Input::has('expected_checkin')) {
+              $expected_checkin = e(Input::get('expected_checkin'));
+          } else {
+              $expected_checkin = '';
+          }
+
+          $has_errors = false;
+          $errors = [];
+          DB::transaction(function() use ($user, $admin, $checkout_at, $expected_checkin, $errors, $asset_ids)
+          {
+              foreach($asset_ids as $asset_id)
+              {
+                  $asset = Asset::find($asset_id);
+
+                  $error = $asset->checkOutToUser($user, $admin, $checkout_at, $expected_checkin, e(Input::get('note')), null);
+
+                  if($error)
+                  {
+                      $has_errors = true;
+                      array_merge_recursive($errors, $asset->getErrors()->toArray());
+                  }
+              }
+            });
+
+          if (!$errors) {
+            // Redirect to the new asset page
+              return redirect()->to("hardware")->with('success', trans('admin/hardware/message.checkout.success'));
+          }
+
+        // Redirect to the asset management page with error
+          return redirect()->to("hardware/bulk-checkout")->with('error', trans('admin/hardware/message.checkout.error'))->withErrors($errors);
+      }
+
 }
--- a/app/Http/Controllers/Auth/AuthController.php
+++ b/app/Http/Controllers/Auth/AuthController.php
@@ -5,6 +5,7 @@ namespace App\Http\Controllers\Auth;
 use Validator;
 use App\Http\Controllers\Controller;
 use Illuminate\Foundation\Auth\ThrottlesLogins;
+use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers;
 use App\Models\Setting;
 use App\Models\Ldap;
 use App\Models\User;
@@ -15,6 +16,7 @@ use Input;
 use Redirect;
 use Log;
 use View;
+use PragmaRX\Google2FA\Google2FA;



@@ -29,7 +31,7 @@ use View;
 class AuthController extends Controller
 {

-    use ThrottlesLogins;
+    use AuthenticatesAndRegistersUsers, ThrottlesLogins;

    // This tells the auth controller to use username instead of email address
    protected $username = 'username';
@@ -48,22 +50,65 @@ class AuthController extends Controller
     */
    public function __construct()
    {
-        $this->middleware('guest', ['except' => 'logout']);
+        $this->middleware('guest', ['except' => ['logout','postTwoFactorAuth','getTwoFactorAuth','getTwoFactorEnroll']]);
    }


    function showLoginForm()
    {
-      // Is the user logged in?
        if (Auth::check()) {
            return redirect()->intended('dashboard');
        }
-
-      // Show the page
        return View::make('auth.login');
    }


+    private function login_via_ldap(Request $request)
+    {
+        LOG::debug("Binding user to LDAP.");
+        $ldap_user = Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'));
+        if(!$ldap_user) {
+            LOG::debug("LDAP user ".$request->input('username')." not found in LDAP or could not bind");
+            throw new \Exception("Could not find user in LDAP directory");
+        } else {
+            LOG::debug("LDAP user ".$request->input('username')." successfully bound to LDAP");
+        }
+
+        // Check if the user already exists in the database and was imported via LDAP
+        $user = User::where('username', '=', Input::get('username'))->whereNull('deleted_at')->where('ldap_import','=',1)->first();
+        LOG::debug("Local auth lookup complete");
+
+        // The user does not exist in the database. Try to get them from LDAP.
+        // If user does not exist and authenticates successfully with LDAP we
+        // will create it on the fly and sign in with default permissions
+        if (!$user) {
+            LOG::debug("Local user ".Input::get('username')." does not exist");
+            LOG::debug("Creating local user ".Input::get('username'));
+
+            if ($user = Ldap::createUserFromLdap($ldap_user)) { //this handles passwords on its own
+                LOG::debug("Local user created.");
+            } else {
+                LOG::debug("Could not create local user.");
+                throw new \Exception("Could not create local user");
+            }
+            // If the user exists and they were imported from LDAP already
+        } else {
+            LOG::debug("Local user ".$request->input('username')." exists in database. Updating existing user against LDAP.");
+
+            $ldap_attr = Ldap::parseAndMapLdapAttributes($ldap_user);
+
+            if (Setting::getSettings()->ldap_pw_sync=='1') {
+                $user->password = bcrypt($request->input('password'));
+            }
+
+            $user->email = $ldap_attr['email'];
+            $user->first_name = $ldap_attr['firstname'];
+            $user->last_name = $ldap_attr['lastname'];
+            $user->save();
+        } // End if(!user)
+        return $user;
+    }
+

    /**
     * Account sign in form processing.
@@ -78,80 +123,52 @@ class AuthController extends Controller
            return redirect()->back()->withInput()->withErrors($validator);
        }

-        // Should we even check for LDAP users?
-        if (Setting::getSettings()->ldap_enabled=='1') {
+        // If the class is using the ThrottlesLogins trait, we can automatically throttle
+        // the login attempts for this application. We'll key this by the username and
+        // the IP address of the client making these requests into this application.
+        $throttles = $this->isUsingThrottlesLoginsTrait();
+        $this->maxLoginAttempts = config('auth.throttle.max_attempts');
+        $this->lockoutTime = config('auth.throttle.lockout_duration');

-            LOG::debug("LDAP is enabled.");
-            // Check if the user exists in the database
-            $user = User::where('username', '=', Input::get('username'))->whereNull('deleted_at')->first();
-            LOG::debug("Local auth lookup complete");
+        if ($throttles && $lockedOut = $this->hasTooManyLoginAttempts($request)) {
+            $this->fireLockoutEvent($request);

-            try {
-                Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'));
-                LOG::debug("Binding user to LDAP.");
-            } catch (\Exception $e) {
-                LOG::debug("User ".Input::get('username').' did not authenticate successfully against LDAP.');
-                //$ldap_error = $e->getMessage();
-                // return redirect()->back()->withInput()->with('error',$e->getMessage());
-            }
-
-
-            // The user does not exist in the database. Try to get them from LDAP.
-            // If user does not exist and authenticates sucessfully with LDAP we
-            // will create it on the fly and sign in with default permissions
-            if (!$user) {
-                LOG::debug("Local user ".Input::get('username')." does not exist");
-
-                try {
-
-                    if ($userattr = Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'))) {
-                        LOG::debug("Creating local user ".Input::get('username'));
-
-                        if ($newuser = Ldap::createUserFromLdap($userattr)) {
-                            LOG::debug("Local user created..");
-                        } else {
-                            LOG::debug("Could not create local user.");
-                        }
-
-                    } else {
-                        LOG::debug("User did not authenticate correctly against LDAP. No local user was created.");
-                    }
-
-                } catch (\Exception $e) {
-                    return redirect()->back()->withInput()->with('error',$e->getMessage());
-                }
-
-            // If the user exists and they were imported from LDAP already
-            } else {
-
-                LOG::debug("Local user ".Input::get('username')." exists in database. Authenticating existing user against LDAP.");
-
-                if ($ldap_user = Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'))) {
-                    $ldap_attr = Ldap::parseAndMapLdapAttributes($ldap_user);
-
-                    LOG::debug("Valid LDAP login. Updating the local data.");
-
-                    $user->password = bcrypt($request->input('password'));
-                    $user->email = $ldap_attr['email'];
-                    $user->first_name = $ldap_attr['firstname'];
-                    $user->last_name = $ldap_attr['lastname'];
-                    $user->save();
-
-                } else {
-                    LOG::debug("User ".Input::get('username')." did not authenticate correctly against LDAP. Local user was not updated.");
-                }// End LDAP auth
-
-            } // End if(!user)
-
-        // NO LDAP enabled - just try to login the user normally
+            return $this->sendLockoutResponse($request);
        }

-        LOG::debug("Authenticating user against database.");
-        // Try to log the user in
-        if (!Auth::attempt(Input::only('username', 'password'), Input::get('remember-me', 0))) {
-            LOG::debug("Local authentication failed.");
-          // throw new Cartalyst\Sentry\Users\UserNotFoundException();
-            return redirect()->back()->withInput()->with('error', trans('auth/message.account_not_found'));
+        $user = null;
+
+        // Should we even check for LDAP users?
+        if (Setting::getSettings()->ldap_enabled=='1') {
+            LOG::debug("LDAP is enabled.");
+            try {
+              $user = $this->login_via_ldap($request);
+              Auth::login($user, true);
+
+            // If the user was unable to login via LDAP, log the error and let them fall through to
+            // local authentication.
+            } catch (\Exception $e) {
+                LOG::error("There was an error authenticating the LDAP user: ".$e->getMessage());
+            }
+        }
+
+        // If the user wasn't authenticated via LDAP, skip to local auth
+        if(!$user) {
+          LOG::debug("Authenticating user against database.");
+          // Try to log the user in
+          if (!Auth::attempt(Input::only('username', 'password'), Input::get('remember-me', 0))) {
+
+              if ($throttles && ! $lockedOut) {
+                  $this->incrementLoginAttempts($request);
+              }
+
+              LOG::debug("Local authentication failed.");
+              return redirect()->back()->withInput()->with('error', trans('auth/message.account_not_found'));
+          } else {
+              if ($throttles) {
+                  $this->clearLoginAttempts($request);
+              }
+          }
        }

        // Get the page we were before
@@ -162,23 +179,89 @@ class AuthController extends Controller

        // Redirect to the users page
        return redirect()->to($redirect)->with('success', trans('auth/message.signin.success'));
-
-        // Ooops.. something went wrong
-        return redirect()->back()->withInput()->withErrors($this->messageBag);
    }

+
+    /**
+     * Two factor enrollment page
+     *
+     * @return Redirect
+     */
+    public function getTwoFactorEnroll()
+    {
+
+        if (!Auth::check()) {
+            return redirect()->route('login')->with('error', 'You must be logged in.');
+        }
+
+        $user = Auth::user();
+        $google2fa = app()->make('PragmaRX\Google2FA\Contracts\Google2FA');
+
+        if ($user->two_factor_secret=='') {
+            $user->two_factor_secret = $google2fa->generateSecretKey(32);
+            $user->save();
+        }
+
+
+        $google2fa_url = $google2fa->getQRCodeGoogleUrl(
+            urlencode(Setting::getSettings()->site_name),
+            urlencode($user->username),
+            $user->two_factor_secret
+        );
+
+        return View::make('auth.two_factor_enroll')->with('google2fa_url',$google2fa_url);
+
+    }
+
+
+    /**
+     * Two factor code form page
+     *
+     * @return Redirect
+     */
+    public function getTwoFactorAuth() {
+        return View::make('auth.two_factor');
+    }
+
+    /**
+     * Two factor code submission
+     *
+     * @return Redirect
+     */
+    public function postTwoFactorAuth(Request $request) {
+
+        if (!Auth::check()) {
+            return redirect()->route('login')->with('error', 'You must be logged in.');
+        }
+
+        $user = Auth::user();
+        $secret = $request->get('two_factor_secret');
+        $google2fa = app()->make('PragmaRX\Google2FA\Contracts\Google2FA');
+        $valid = $google2fa->verifyKey($user->two_factor_secret, $secret);
+
+        if ($valid) {
+            $user->two_factor_enrolled = 1;
+            $user->save();
+            $request->session()->put('2fa_authed', 'true');
+            return redirect()->route('home')->with('success', 'You are logged in!');
+        }
+
+        return redirect()->route('two-factor')->with('error', 'Invalid two-factor code');
+
+
+    }
+
+
    /**
     * Logout page.
     *
     * @return Redirect
     */
-    public function logout()
+    public function logout(Request $request)
    {
-        // Log the user out
+        $request->session()->forget('2fa_authed');
        Auth::logout();
-
-        // Redirect to the users page
-        return redirect()->route('home')->with('success', 'You have successfully logged out!');
+        return redirect()->route('login')->with('success', 'You have successfully logged out!');
    }


@@ -195,4 +278,19 @@ class AuthController extends Controller
            'password' => 'required',
        ]);
    }
+
+    /**
+     * Get the login lockout error message.
+     *
+     * @param  int  $seconds
+     * @return string
+     */
+    protected function getLockoutErrorMessage($seconds)
+    {
+        return \Lang::has('auth/message.throttle')
+            ? \Lang::get('auth/message.throttle', ['seconds' => $seconds])
+            : 'Too many login attempts. Please try again in '.$seconds.' seconds.';
+    }
+
+
 }
--- a/app/Http/Controllers/Auth/PasswordController.php
+++ b/app/Http/Controllers/Auth/PasswordController.php
@@ -37,4 +37,24 @@ class PasswordController extends Controller
    {
        $this->middleware('guest');
    }
+
+    /**
+     * Get the e-mail subject line to be used for the reset link email.
+     * Overriding method "getEmailSubject()" from trait "use ResetsPasswords"
+     * @return string
+     */
+    public function getEmailSubject(){
+        return property_exists($this, 'subject') ? $this->subject : \Lang::get('mail.reset_link');
+    }
+
+    /**
+     * Get the response for after the reset link has been successfully sent.
+     *
+     * @param  string  $response
+     * @return \Symfony\Component\HttpFoundation\Response
+     */
+    protected function getSendResetLinkEmailSuccessResponse($response)
+    {
+        return redirect()->route('login')->with('status', trans($response));
+    }
 }
--- a/app/Http/Controllers/CategoriesController.php
+++ b/app/Http/Controllers/CategoriesController.php
@@ -7,6 +7,8 @@ use App\Models\Company;
 use App\Models\Setting;
 use Auth;
 use DB;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Gate;
 use Input;
 use Lang;
 use Redirect;
@@ -51,7 +53,7 @@ class CategoriesController extends Controller
    {
        // Show the page
         $category_types= Helper::categoryTypeList();
-        return View::make('categories/edit')->with('category', new Category)
+        return View::make('categories/edit')->with('item', new Category)
        ->with('category_types', $category_types);
    }

@@ -107,7 +109,7 @@ class CategoriesController extends Controller
    public function getEdit($categoryId = null)
    {
        // Check if the category exists
-        if (is_null($category = Category::find($categoryId))) {
+        if (is_null($item = Category::find($categoryId))) {
            // Redirect to the blogs management page
            return redirect()->to('admin/settings/categories')->with('error', trans('admin/categories/message.does_not_exist'));
        }
@@ -118,7 +120,7 @@ class CategoriesController extends Controller
        $category_options = array('' => 'Top Level') + DB::table('categories')->where('id', '!=', $categoryId)->lists('name', 'id');
        $category_types= Helper::categoryTypeList();

-        return View::make('categories/edit', compact('category'))
+        return View::make('categories/edit', compact('item'))
        ->with('category_options', $category_options)
        ->with('category_types', $category_types);
    }
@@ -133,7 +135,7 @@ class CategoriesController extends Controller
    * @since [v1.0]
    * @return Redirect
    */
-    public function postEdit($categoryId = null)
+    public function postEdit(Request $request, $categoryId = null)
    {
        // Check if the blog post exists
        if (is_null($category = Category::find($categoryId))) {
@@ -142,12 +144,14 @@ class CategoriesController extends Controller
        }

        // Update the category data
-        $category->name            = e(Input::get('name'));
-        $category->category_type        = e(Input::get('category_type'));
-        $category->eula_text            = e(Input::get('eula_text'));
-        $category->use_default_eula     = e(Input::get('use_default_eula', '0'));
-        $category->require_acceptance   = e(Input::get('require_acceptance', '0'));
-        $category->checkin_email        = e(Input::get('checkin_email', '0'));
+        $category->name            = e($request->input('name'));
+        // If the item count is > 0, we disable the category type in the edit. Disabled items
+        // don't POST, so if the category_type is blank we just set it to the default.
+        $category->category_type        = e($request->input('category_type', $category->category_type));
+        $category->eula_text            = e($request->input('eula_text'));
+        $category->use_default_eula     = e($request->input('use_default_eula', '0'));
+        $category->require_acceptance   = e($request->input('require_acceptance', '0'));
+        $category->checkin_email        = e($request->input('checkin_email', '0'));

        if ($category->save()) {
        // Redirect to the new category page
@@ -289,7 +293,6 @@ class CategoriesController extends Controller
                'category_type' => ucwords($category->category_type),
                'count'         => $category->itemCount(),
                'acceptance'    => ($category->require_acceptance=='1') ? '<i class="fa fa-check"></i>' : '',
-                //EULA is still not working correctly
                'eula'          => ($category->getEula()) ? '<i class="fa fa-check"></i>' : '',
                'actions'       => $actions
            );
@@ -303,9 +306,9 @@ class CategoriesController extends Controller
    public function getDataViewAssets($categoryID)
    {

-        $category = Category::with('assets.company')->find($categoryID);
+        $category = Category::find($categoryID);
+        $category = $category->load('assets.company', 'assets.model', 'assets.assetstatus', 'assets.assigneduser');
        $category_assets = $category->assets();
-
        if (Input::has('search')) {
            $category_assets = $category_assets->TextSearch(e(Input::get('search')));
        }
@@ -329,7 +332,6 @@ class CategoriesController extends Controller
        $count = $category_assets->count();
        $category_assets = $category_assets->skip($offset)->take($limit)->get();
        $rows = array();
-
        foreach ($category_assets as $asset) {

            $actions = '';
@@ -341,26 +343,26 @@ class CategoriesController extends Controller
                $actions = '<a href="'.route('restore/hardware', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-recycle icon-white"></i></a>';
            }

-            if ($asset->assetstatus) {
-                if ($asset->assetstatus->deployable != 0) {
-                    if (($asset->assigned_to !='') && ($asset->assigned_to > 0)) {
-                        $inout = '<a href="'.route('checkin/hardware', $asset->id).'" class="btn btn-primary btn-sm">'.trans('general.checkin').'</a>';
-                    } else {
-                        $inout = '<a href="'.route('checkout/hardware', $asset->id).'" class="btn btn-info btn-sm">'.trans('general.checkout').'</a>';
-                    }
+            if ($asset->availableForCheckout()) {
+                if (Gate::allows('assets.checkout')) {
+                    $inout = '<a href="'.route('checkout/hardware', $asset->id).'" class="btn btn-info btn-sm">'.trans('general.checkout').'</a>';
+                }
+            } else {
+                if (Gate::allows('assets.checkin')) {
+                    $inout = '<a href="'.route('checkin/hardware', $asset->id).'" class="btn btn-primary btn-sm">'.trans('general.checkin').'</a>';
                }
            }

            $rows[] = array(
                'id' => $asset->id,
                'name' => (string)link_to('/hardware/'.$asset->id.'/view', $asset->showAssetName()),
-                'model' => $asset->model->name,
+                'model' => ($asset->model) ? (string)link_to('hardware/models/'.$asset->model->id.'/view', $asset->model->name) : '',
                'asset_tag' => $asset->asset_tag,
                'serial' => $asset->serial,
                'assigned_to' => ($asset->assigneduser) ? (string)link_to('/admin/users/'.$asset->assigneduser->id.'/view', $asset->assigneduser->fullName()): '',
                'change' => $inout,
                'actions' => $actions,
-                'companyName' => Company::getName($asset),
+                'companyName'   => is_null($asset->company) ? '' : e($asset->company->name)
            );
        }

--- a/app/Http/Controllers/CompaniesController.php
+++ b/app/Http/Controllers/CompaniesController.php
@@ -38,7 +38,7 @@ final class CompaniesController extends Controller
    */
    public function getCreate()
    {
-        return View::make('companies/edit')->with('company', new Company);
+        return View::make('companies/edit')->with('item', new Company);
    }

    /**
@@ -74,11 +74,11 @@ final class CompaniesController extends Controller
    */
    public function getEdit($companyId)
    {
-        if (is_null($company = Company::find($companyId))) {
+        if (is_null($item = Company::find($companyId))) {
            return redirect()->to('admin/settings/companies')
                ->with('error', trans('admin/companies/message.does_not_exist'));
        } else {
-            return View::make('companies/edit')->with('company', $company);
+            return View::make('companies/edit')->with('item', $item);
        }
    }

--- a/app/Http/Controllers/ComponentsController.php
+++ b/app/Http/Controllers/ComponentsController.php
@@ -20,6 +20,7 @@ use Str;
 use View;
 use Validator;
 use Illuminate\Http\Request;
+use Gate;

 /**
 * This class controls all actions related to Components for
@@ -60,7 +61,7 @@ class ComponentsController extends Controller
        $location_list = Helper::locationsList();

        return View::make('components/edit')
-            ->with('component', new Component)
+            ->with('item', new Component)
            ->with('category_list', $category_list)
            ->with('company_list', $company_list)
            ->with('location_list', $location_list);
@@ -88,6 +89,7 @@ class ComponentsController extends Controller
        $component->company_id             = Company::getIdForCurrentUser(Input::get('company_id'));
        $component->order_number           = e(Input::get('order_number'));
        $component->min_amt                = e(Input::get('min_amt'));
+        $component->serial                 = e(Input::get('serial'));

        if (e(Input::get('purchase_date')) == '') {
            $component->purchase_date       =  null;
@@ -98,14 +100,15 @@ class ComponentsController extends Controller
        if (e(Input::get('purchase_cost')) == '0.00') {
            $component->purchase_cost       =  null;
        } else {
-            $component->purchase_cost       = e(Input::get('purchase_cost'));
+            $component->purchase_cost       = Helper::ParseFloat(e(Input::get('purchase_cost')));
        }

-        $component->total_qty                    = e(Input::get('total_qty'));
+        $component->qty                    = e(Input::get('qty'));
        $component->user_id                = Auth::user()->id;

        // Was the component created?
        if ($component->save()) {
+            $component->logCreate();
            // Redirect to the new component  page
            return redirect()->to("admin/components")->with('success', trans('admin/components/message.create.success'));
        }
@@ -127,10 +130,10 @@ class ComponentsController extends Controller
    public function getEdit($componentId = null)
    {
        // Check if the component exists
-        if (is_null($component = Component::find($componentId))) {
+        if (is_null($item = Component::find($componentId))) {
            // Redirect to the blogs management page
            return redirect()->to('admin/components')->with('error', trans('admin/components/message.does_not_exist'));
-        } elseif (!Company::isCurrentUserHasAccess($component)) {
+        } elseif (!Company::isCurrentUserHasAccess($item)) {
            return redirect()->to('admin/components')->with('error', trans('general.insufficient_permissions'));
        }

@@ -138,7 +141,7 @@ class ComponentsController extends Controller
        $company_list = Helper::companyList();
        $location_list = Helper::locationsList();

-        return View::make('components/edit', compact('component'))
+        return View::make('components/edit', compact('item'))
            ->with('category_list', $category_list)
            ->with('company_list', $company_list)
            ->with('location_list', $location_list);
@@ -171,7 +174,8 @@ class ComponentsController extends Controller
        $component->location_id            = e(Input::get('location_id'));
        $component->company_id             = Company::getIdForCurrentUser(Input::get('company_id'));
        $component->order_number           = e(Input::get('order_number'));
-        $component->min_amt             = e(Input::get('min_amt'));
+        $component->min_amt                = e(Input::get('min_amt'));
+        $component->serial                 = e(Input::get('serial'));

        if (e(Input::get('purchase_date')) == '') {
            $component->purchase_date       =  null;
@@ -182,10 +186,10 @@ class ComponentsController extends Controller
        if (e(Input::get('purchase_cost')) == '0.00') {
            $component->purchase_cost       =  null;
        } else {
-            $component->purchase_cost       = e(Input::get('purchase_cost'));
+            $component->purchase_cost       = Helper::ParseFloat(e(Input::get('purchase_cost')));
        }

-        $component->total_qty                    = e(Input::get('total_qty'));
+        $component->qty                    = e(Input::get('qty'));

        // Was the component created?
        if ($component->save()) {
@@ -344,17 +348,11 @@ class ComponentsController extends Controller
        $component->assets()->attach($component->id, array(
        'component_id' => $component->id,
        'user_id' => $admin_user->id,
-        'created_at' => date('Y-m-d h:i:s'),
+        'created_at' => date('Y-m-d H:i:s'),
        'assigned_qty' => e(Input::get('assigned_qty')),
        'asset_id' => $asset_id));

-        $logaction = new Actionlog();
-        $logaction->component_id = $component->id;
-        $logaction->asset_id = $asset_id;
-        $logaction->asset_type = 'component';
-        $logaction->location_id = $asset->location_id;
-        $logaction->user_id = Auth::user()->id;
-        $logaction->note = e(Input::get('note'));
+        $logaction = $component->logCheckout(e(Input::get('note')), $asset_id);

        $settings = Setting::getSettings();

@@ -374,7 +372,7 @@ class ComponentsController extends Controller
                        'fields' => [
                            [
                                'title' => 'Checked Out:',
-                                'value' => strtoupper($logaction->asset_type).' <'.config('app.url').'/admin/components/'.$component->id.'/view'.'|'.$component->name.'> checked out to <'.config('app.url').'/hardware/'.$asset->id.'/view|'.$asset->name.'> by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
+                                'value' => class_basename(strtoupper($logaction->item_type)).' <'.config('app.url').'/admin/components/'.$component->id.'/view'.'|'.$component->name.'> checked out to <'.config('app.url').'/hardware/'.$asset->id.'/view|'.$asset->showAssetName().'> by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
                            ],
                            [
                                'title' => 'Note:',
@@ -388,9 +386,6 @@ class ComponentsController extends Controller
            }
        }

-
-        $log = $logaction->logaction('checkout');
-
      // Redirect to the new component page
        return redirect()->to("admin/components")->with('success', trans('admin/components/message.checkout.success'));

@@ -410,8 +405,8 @@ class ComponentsController extends Controller
    **/
    public function getDatatable()
    {
-        $components = Component::select('components.*')->whereNull('components.deleted_at')
-            ->with('company', 'location', 'category');
+        $components = Company::scopeCompanyables(Component::select('components.*')->whereNull('components.deleted_at')
+            ->with('company', 'location', 'category'));

        if (Input::has('search')) {
            $components = $components->TextSearch(Input::get('search'));
@@ -429,7 +424,7 @@ class ComponentsController extends Controller
            $limit = 50;
        }

-        $allowed_columns = ['id','name','min_amt','order_number','purchase_date','purchase_cost','companyName','category','total_qty'];
+        $allowed_columns = ['id','name','min_amt','order_number','serial','purchase_date','purchase_cost','companyName','category','total_qty'];
        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';

@@ -454,20 +449,37 @@ class ComponentsController extends Controller
        $rows = array();

        foreach ($components as $component) {
-            $actions = '<nobr><a href="'.route('checkout/component', $component->id).'" style="margin-right:5px;" class="btn btn-info btn-sm '.(($component->numRemaining() > 0 ) ? '' : ' disabled').'" '.(($component->numRemaining() > 0 ) ? '' : ' disabled').'>'.trans('general.checkout').'</a><a href="'.route('update/component', $component->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/component', $component->id).'" data-content="'.trans('admin/components/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($component->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></nobr>';
+            $actions = '<nobr>';
+            if (Gate::allows('components.checkout')) {
+                $actions .= '<a href="' . route('checkout/component',
+                        $component->id) . '" style="margin-right:5px;" class="btn btn-info btn-sm ' . (($component->numRemaining() > 0) ? '' : ' disabled') . '" ' . (($component->numRemaining() > 0) ? '' : ' disabled') . '>' . trans('general.checkout') . '</a>';
+            }
+
+            if (Gate::allows('components.edit')) {
+                $actions .= '<a href="' . route('update/component',
+                        $component->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
+            }
+
+            if (Gate::allows('components.delete')) {
+                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/component',
+                        $component->id) . '" data-content="' . trans('admin/components/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($component->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
+            }
+
+            $actions .='</nobr>';
            $company = $component->company;

            $rows[] = array(
                'checkbox'      =>'<div class="text-center"><input type="checkbox" name="component['.$component->id.']" class="one_required"></div>',
                'id'            => $component->id,
                'name'          => (string)link_to('admin/components/'.$component->id.'/view', e($component->name)),
+                'serial_number'          => $component->serial,
                'location'   => ($component->location) ? e($component->location->name) : '',
-                'total_qty'           => e($component->total_qty),
+                'qty'           => e($component->qty),
                'min_amt'           => e($component->min_amt),
                'category'           => ($component->category) ? e($component->category->name) : 'Missing category',
                'order_number'  => e($component->order_number),
                'purchase_date'  => e($component->purchase_date),
-                'purchase_cost'  => ($component->purchase_cost!='') ? number_format($component->purchase_cost, 2): '' ,
+                'purchase_cost'  => Helper::formatCurrencyOutput($component->purchase_cost),
                'numRemaining'  => $component->numRemaining(),
                'actions'       => $actions,
                'companyName'   => is_null($company) ? '' : e($company->name),
@@ -503,7 +515,7 @@ class ComponentsController extends Controller

        foreach ($component->assets as $component_assignment) {
            $rows[] = array(
-            'name' => (string)link_to('/hardware/'.$component_assignment->id.'/view', e($component_assignment->name)),
+            'name' => (string)link_to('/hardware/'.$component_assignment->id.'/view', e($component_assignment->showAssetName())),
            'qty' => e($component_assignment->pivot->assigned_qty),
            'created_at' => ($component_assignment->created_at->format('Y-m-d H:i:s')=='-0001-11-30 00:00:00') ? '' : $component_assignment->created_at->format('Y-m-d H:i:s'),
            );
--- a/app/Http/Controllers/ConsumablesController.php
+++ b/app/Http/Controllers/ConsumablesController.php
@@ -18,6 +18,7 @@ use Redirect;
 use Slack;
 use Str;
 use View;
+use Gate;

 /**
 * This controller handles all actions related to Consumables for
@@ -58,7 +59,7 @@ class ConsumablesController extends Controller
        $manufacturer_list = Helper::manufacturerList();

        return View::make('consumables/edit')
-            ->with('consumable', new Consumable)
+            ->with('item', new Consumable)
            ->with('category_list', $category_list)
            ->with('company_list', $company_list)
            ->with('location_list', $location_list)
@@ -84,7 +85,7 @@ class ConsumablesController extends Controller
        $consumable->order_number           = e(Input::get('order_number'));
        $consumable->min_amt                = e(Input::get('min_amt'));
        $consumable->manufacturer_id         = e(Input::get('manufacturer_id'));
-        $consumable->model_no               = e(Input::get('model_no'));
+        $consumable->model_number               = e(Input::get('model_number'));
        $consumable->item_no         = e(Input::get('item_no'));

        if (e(Input::get('purchase_date')) == '') {
@@ -96,7 +97,7 @@ class ConsumablesController extends Controller
        if (e(Input::get('purchase_cost')) == '0.00') {
            $consumable->purchase_cost       =  null;
        } else {
-            $consumable->purchase_cost       = e(Input::get('purchase_cost'));
+            $consumable->purchase_cost       = Helper::ParseFloat(e(Input::get('purchase_cost')));
        }

        $consumable->qty                    = e(Input::get('qty'));
@@ -104,6 +105,7 @@ class ConsumablesController extends Controller

        // Was the consumable created?
        if ($consumable->save()) {
+            $consumable->logCreate();
            // Redirect to the new consumable  page
            return redirect()->to("admin/consumables")->with('success', trans('admin/consumables/message.create.success'));
        }
@@ -125,10 +127,10 @@ class ConsumablesController extends Controller
    public function getEdit($consumableId = null)
    {
        // Check if the consumable exists
-        if (is_null($consumable = Consumable::find($consumableId))) {
+        if (is_null($item = Consumable::find($consumableId))) {
            // Redirect to the blogs management page
            return redirect()->to('admin/consumables')->with('error', trans('admin/consumables/message.does_not_exist'));
-        } elseif (!Company::isCurrentUserHasAccess($consumable)) {
+        } elseif (!Company::isCurrentUserHasAccess($item)) {
            return redirect()->to('admin/consumables')->with('error', trans('general.insufficient_permissions'));
        }

@@ -137,7 +139,7 @@ class ConsumablesController extends Controller
        $location_list = Helper::locationsList();
        $manufacturer_list = Helper::manufacturerList();

-        return View::make('consumables/edit', compact('consumable'))
+        return View::make('consumables/edit', compact('item'))
            ->with('category_list', $category_list)
            ->with('company_list', $company_list)
            ->with('location_list', $location_list)
@@ -169,7 +171,7 @@ class ConsumablesController extends Controller
        $consumable->order_number           = e(Input::get('order_number'));
        $consumable->min_amt                   = e(Input::get('min_amt'));
        $consumable->manufacturer_id         = e(Input::get('manufacturer_id'));
-        $consumable->model_no               = e(Input::get('model_no'));
+        $consumable->model_number               = e(Input::get('model_number'));
        $consumable->item_no         = e(Input::get('item_no'));

        if (e(Input::get('purchase_date')) == '') {
@@ -181,10 +183,10 @@ class ConsumablesController extends Controller
        if (e(Input::get('purchase_cost')) == '0.00') {
            $consumable->purchase_cost       =  null;
        } else {
-            $consumable->purchase_cost       = e(Input::get('purchase_cost'));
+            $consumable->purchase_cost       = Helper::ParseFloat(e(Input::get('purchase_cost')));
        }

-        $consumable->qty                    = e(Input::get('qty'));
+        $consumable->qty                    = Helper::ParseFloat(e(Input::get('qty')));

        if ($consumable->save()) {
            return redirect()->to("admin/consumables")->with('success', trans('admin/consumables/message.update.success'));
@@ -315,14 +317,7 @@ class ConsumablesController extends Controller
        'user_id' => $admin_user->id,
        'assigned_to' => e(Input::get('assigned_to'))));

-        $logaction = new Actionlog();
-        $logaction->consumable_id = $consumable->id;
-        $logaction->checkedout_to = $consumable->assigned_to;
-        $logaction->asset_type = 'consumable';
-        $logaction->asset_id = 0;
-        $logaction->location_id = $user->location_id;
-        $logaction->user_id = Auth::user()->id;
-        $logaction->note = e(Input::get('note'));
+        $logaction = $consumable->logCheckout(e(Input::get('note')));

        $settings = Setting::getSettings();

@@ -342,7 +337,7 @@ class ConsumablesController extends Controller
                        'fields' => [
                            [
                                'title' => 'Checked Out:',
-                                'value' => strtoupper($logaction->asset_type).' <'.config('app.url').'/admin/consumables/'.$consumable->id.'/view'.'|'.$consumable->name.'> checked out to <'.config('app.url').'/admin/users/'.$user->id.'/view|'.$user->fullName().'> by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
+                                'value' => 'Consumable <'.config('app.url').'/admin/consumables/'.$consumable->id.'/view'.'|'.$consumable->name.'> checked out to <'.config('app.url').'/admin/users/'.$user->id.'/view|'.$user->fullName().'> by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
                            ],
                            [
                                'title' => 'Note:',
@@ -356,9 +351,6 @@ class ConsumablesController extends Controller
            }
        }

-
-        $log = $logaction->logaction('checkout');
-
        $consumable_user = DB::table('consumables_users')->where('assigned_to', '=', $consumable->assigned_to)->where('consumable_id', '=', $consumable->id)->first();

        $data['log_id'] = $logaction->id;
@@ -374,7 +366,8 @@ class ConsumablesController extends Controller

            Mail::send('emails.accept-asset', $data, function ($m) use ($user) {
                $m->to($user->email, $user->first_name . ' ' . $user->last_name);
-                $m->subject('Confirm consumable delivery');
+                $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                $m->subject(trans('mail.Confirm_consumable_delivery'));
            });
        }

@@ -397,8 +390,11 @@ class ConsumablesController extends Controller
    */
    public function getDatatable()
    {
-        $consumables = Consumable::select('consumables.*')->whereNull('consumables.deleted_at')
-            ->with('company', 'location', 'category', 'users');
+        $consumables = Company::scopeCompanyables(
+            Consumable::select('consumables.*')
+            ->whereNull('consumables.deleted_at')
+            ->with('company', 'location', 'category', 'users', 'manufacturer')
+        );

        if (Input::has('search')) {
            $consumables = $consumables->TextSearch(e(Input::get('search')));
@@ -416,7 +412,7 @@ class ConsumablesController extends Controller
            $limit = 50;
        }

-        $allowed_columns = ['id','name','order_number','min_amt','purchase_date','purchase_cost','companyName','category','model_no', 'item_no', 'manufacturer'];
+        $allowed_columns = ['id','name','order_number','min_amt','purchase_date','purchase_cost','companyName','category','model_number', 'item_no', 'manufacturer'];
        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';

@@ -444,7 +440,23 @@ class ConsumablesController extends Controller
        $rows = array();

        foreach ($consumables as $consumable) {
-            $actions = '<nobr><a href="'.route('checkout/consumable', $consumable->id).'" style="margin-right:5px;" class="btn btn-info btn-sm" '.(($consumable->numRemaining() > 0 ) ? '' : ' disabled').'>'.trans('general.checkout').'</a><a href="'.route('update/consumable', $consumable->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/consumable', $consumable->id).'" data-content="'.trans('admin/consumables/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($consumable->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></nobr>';
+            $actions = '<nobr>';
+            if (Gate::allows('consumables.checkout')) {
+                $actions .= '<a href="' . route('checkout/consumable',
+                        $consumable->id) . '" style="margin-right:5px;" class="btn btn-info btn-sm" ' . (($consumable->numRemaining() > 0) ? '' : ' disabled') . '>' . trans('general.checkout') . '</a>';
+            }
+
+            if (Gate::allows('consumables.edit')) {
+                $actions .= '<a href="' . route('update/consumable',
+                        $consumable->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
+            }
+            if (Gate::allows('consumables.delete')) {
+                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/consumable',
+                        $consumable->id) . '" data-content="' . trans('admin/consumables/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($consumable->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
+            }
+
+            $actions .='</nobr>';
+
            $company = $consumable->company;

            $rows[] = array(
@@ -453,13 +465,13 @@ class ConsumablesController extends Controller
                'location'   => ($consumable->location) ? e($consumable->location->name) : '',
                'min_amt'           => e($consumable->min_amt),
                'qty'           => e($consumable->qty),
-                'manufacturer'           => ($consumable->manufacturer) ? e($consumable->manufacturer->name) : '',
-                'model_no'           => e($consumable->model_no),
-                'item_no'           => e($consumable->item_no),
-                'category'           => ($consumable->category) ? e($consumable->category->name) : 'Missing category',
+                'manufacturer'  => ($consumable->manufacturer) ? (string) link_to('/admin/settings/manufacturers/'.$consumable->manufacturer_id.'/view', $consumable->manufacturer->name): '',
+                'model_number'      => e($consumable->model_number),
+                'item_no'       => e($consumable->item_no),
+                'category'      => ($consumable->category) ? (string) link_to('/admin/settings/categories/'.$consumable->category_id.'/view', $consumable->category->name) : 'Missing category',
                'order_number'  => e($consumable->order_number),
                'purchase_date'  => e($consumable->purchase_date),
-                'purchase_cost'  => ($consumable->purchase_cost!='') ? number_format($consumable->purchase_cost, 2): '' ,
+                'purchase_cost'  => Helper::formatCurrencyOutput($consumable->purchase_cost),
                'numRemaining'  => $consumable->numRemaining(),
                'actions'       => $actions,
                'companyName'   => is_null($company) ? '' : e($company->name),
--- a/app/Http/Controllers/CustomFieldsController.php
+++ b/app/Http/Controllers/CustomFieldsController.php
@@ -10,6 +10,8 @@ use Redirect;
 use App\Models\AssetModel;
 use Lang;
 use Auth;
+use Illuminate\Http\Request;
+use Log;

 /**
 * This controller handles all actions related to Custom Asset Fields for
@@ -63,10 +65,15 @@ class CustomFieldsController extends Controller
    * @since [v1.8]
    * @return Redirect
    */
-    public function store()
+    public function store(Request $request)
    {
        //
-        $cfset=new CustomFieldset(["name" => Input::get("name"),"user_id" => Auth::user()->id]);
+        $cfset = new CustomFieldset(
+            [
+                "name" => e($request->get("name")),
+                "user_id" => Auth::user()->id]
+            );
+
        $validator=Validator::make(Input::all(), $cfset->rules);
        if ($validator->passes()) {
            $cfset->save();
@@ -122,24 +129,33 @@ class CustomFieldsController extends Controller
    * @since [v1.8]
    * @return Redirect
    */
-    public function storeField()
+    public function storeField(Request $request)
    {
-        $field=new CustomField(["name" => Input::get("name"),"element" => Input::get("element"),"user_id" => Auth::user()->id]);
+        $field = new CustomField([
+            "name" => e($request->get("name")),
+            "element" => e($request->get("element")),
+            "field_values" => e($request->get("field_values")),
+            "field_encrypted" => e($request->get("field_encrypted", 0)),
+            "user_id" => Auth::user()->id
+        ]);
+


        if (!in_array(Input::get('format'), array_keys(CustomField::$PredefinedFormats))) {
-            $field->format=Input::get("custom_format");
+            $field->format = e($request->get("custom_format"));
        } else {
-            $field->format=Input::get('format');
+            $field->format = e($request->get("format"));
        }

+
+
        $validator=Validator::make(Input::all(), $field->rules);
        if ($validator->passes()) {
-            $results=$field->save();
-            //return "postCreateField: $results";
+            $results = $field->save();
            if ($results) {
                return redirect()->route("admin.custom_fields.index")->with("success", trans('admin/custom_fields/message.field.create.success'));
            } else {
+                dd($field);
                return redirect()->back()->withInput()->with('error', trans('admin/custom_fields/message.field.create.error'));
            }
        } else {
@@ -147,6 +163,25 @@ class CustomFieldsController extends Controller
        }
    }

+
+    /**
+     * Detach a custom field from a fieldset.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return Redirect
+     */
+    public function deleteFieldFromFieldset($field_id, $fieldset_id)
+    {
+        $field = CustomField::find($field_id);
+
+        if ($field->fieldset()->detach($fieldset_id)) {
+            return redirect()->route("admin.custom_fields.index")->with("success", trans('admin/custom_fields/message.field.delete.success'));
+        }
+
+        return redirect()->back()->withErrors(['message' => "Field is in-use"]);
+    }
+
    /**
    * Delete a custom field.
    *
@@ -156,7 +191,7 @@ class CustomFieldsController extends Controller
    */
    public function deleteField($field_id)
    {
-        $field=CustomField::find($field_id);
+        $field = CustomField::find($field_id);

        if ($field->fieldset->count()>0) {
            return redirect()->back()->withErrors(['message' => "Field is in-use"]);
@@ -176,21 +211,15 @@ class CustomFieldsController extends Controller
    */
    public function show($id)
    {
-        //$id=$parameters[0];
-        $cfset=CustomFieldset::find($id);
+        $cfset = CustomFieldset::with('fields')->where('id','=',$id)->orderBy('id','ASC')->first();
+        $custom_fields_list = ["" => "Add New Field to Fieldset"] + CustomField::lists("name", "id")->toArray();

-        //print_r($parameters);
-        //
-        $custom_fields_list=["" => "Add New Field to Fieldset"] + CustomField::lists("name", "id")->toArray();
-        // print_r($custom_fields_list);
-        $maxid=0;
-        foreach ($cfset->fields as $field) {
-            // print "Looking for: ".$field->id;
+        $maxid = 0;
+        foreach ($cfset->fields() as $field) {
            if ($field->pivot->order > $maxid) {
                $maxid=$field->pivot->order;
            }
            if (isset($custom_fields_list[$field->id])) {
-                // print "Found ".$field->id.", so removing it.<br>";
                unset($custom_fields_list[$field->id]);
            }
        }
@@ -240,14 +269,14 @@ class CustomFieldsController extends Controller
    public function destroy($id)
    {
        //
-        $fieldset=CustomFieldset::find($id);
+        $fieldset = CustomFieldset::find($id);

        $models = AssetModel::where("fieldset_id", "=", $id);
-        if ($models->count()==0) {
+        if ($models->count() == 0) {
            $fieldset->delete();
            return redirect()->route("admin.custom_fields.index")->with("success", trans('admin/custom_fields/message.fieldset.delete.success'));
        } else {
-            return redirect()->route("admin.custom_fields.index")->with("error", trans('admin/custom_fields/message.fieldset.delete.in_use')); //->with("models",$models);
+            return redirect()->route("admin.custom_fields.index")->with("error", trans('admin/custom_fields/message.fieldset.delete.in_use'));
        }
    }

@@ -260,18 +289,23 @@ class CustomFieldsController extends Controller
     * @since [v3.0]
     * @return Array
     */
-    public function postReorder($id)
+    public function postReorder(Request $request, $id)
    {
-        $fieldset=CustomFieldset::find($id);
+        $fieldset = CustomFieldset::find($id);
        $fields = array();
+        $order_array = array();

-        $items = Input::get('item');
-        foreach ($fieldset->fields as $field) {
-            $value = array_shift($items);
-            $fields[$field->id] = ['required' => $field->pivot->required, 'order' => $value];
+        $items = $request->input('item');
+
+        foreach ($items as $order => $field_id) {
+            $order_array[$field_id] = $order;
        }
-        return $fieldset->fields()->sync($fields);

+        foreach ($fieldset->fields as $field) {
+            $fields[$field->id] = ['required' => $field->pivot->required, 'order' => $order_array[$field->id]];
+        }
+
+        return $fieldset->fields()->sync($fields);

    }
 }
--- a/app/Http/Controllers/DashboardController.php
+++ b/app/Http/Controllers/DashboardController.php
@@ -30,12 +30,6 @@ class DashboardController extends Controller
        // Show the page
        if (Auth::user()->hasAccess('admin')) {

-            $recent_activity = Actionlog::orderBy('created_at', 'DESC')
-                ->with('accessorylog', 'consumablelog', 'licenselog', 'assetlog', 'adminlog', 'userlog', 'componentlog')
-                ->take(30)
-                ->get();
-
-
            $asset_stats['total'] = Asset::Hardware()->count();

            $asset_stats['rtd']['total'] = Asset::Hardware()->RTD()->count();
@@ -82,10 +76,10 @@ class DashboardController extends Controller
            }


-            return View::make('dashboard')->with('asset_stats', $asset_stats)->with('recent_activity', $recent_activity);
+            return View::make('dashboard')->with('asset_stats', $asset_stats);
        } else {
        // Redirect to the profile page
-            return redirect()->route('view-assets');
+            return redirect()->intended('account/view-assets');
        }
    }
 }
--- a/app/Http/Controllers/DepreciationsController.php
+++ b/app/Http/Controllers/DepreciationsController.php
@@ -46,7 +46,7 @@ class DepreciationsController extends Controller
    public function getCreate()
    {
        // Show the page
-        return View::make('depreciations/edit')->with('depreciation', new Depreciation);
+        return View::make('depreciations/edit')->with('item', new Depreciation);
    }


@@ -94,12 +94,12 @@ class DepreciationsController extends Controller
    public function getEdit($depreciationId = null)
    {
        // Check if the depreciation exists
-        if (is_null($depreciation = Depreciation::find($depreciationId))) {
+        if (is_null($item = Depreciation::find($depreciationId))) {
            // Redirect to the blogs management page
            return redirect()->to('admin/settings/depreciations')->with('error', trans('admin/depreciations/message.does_not_exist'));
        }

-        return View::make('depreciations/edit', compact('depreciation'));
+        return View::make('depreciations/edit', compact('item'));
    }


--- a/app/Http/Controllers/LicensesController.php
+++ b/app/Http/Controllers/LicensesController.php
@@ -23,6 +23,7 @@ use Config;
 use Session;
 use App\Helpers\Helper;
 use Auth;
+use Gate;

 /**
 * This controller handles all actions related to Licenses for
@@ -60,18 +61,17 @@ class LicensesController extends Controller
    public function getCreate()
    {

-        $depreciation_list = Helper::depreciationList();
-        $supplier_list = Helper::suppliersList();
        $maintained_list = array('' => 'Maintained', '1' => 'Yes', '0' => 'No');
-        $company_list = Helper::companyList();

        return View::make('licenses/edit')
            //->with('license_options',$license_options)
-            ->with('depreciation_list', $depreciation_list)
-            ->with('supplier_list', $supplier_list)
+            ->with('depreciation_list', Helper::depreciationList())
+            ->with('supplier_list', Helper::suppliersList())
            ->with('maintained_list', $maintained_list)
-            ->with('company_list', $company_list)
-            ->with('license', new License);
+            ->with('company_list', Helper::companyList())
+            ->with('manufacturer_list', Helper::manufacturerList())
+            ->with('item', new License);
+
    }


@@ -87,17 +87,13 @@ class LicensesController extends Controller
    public function postCreate()
    {

-
-        // get the POST data
-        $new = Input::all();
-
        // create a new model instance
        $license = new License();

        if (e(Input::get('purchase_cost')) == '') {
            $license->purchase_cost =  null;
        } else {
-            $license->purchase_cost = e(Input::get('purchase_cost'));
+            $license->purchase_cost = Helper::ParseFloat(e(Input::get('purchase_cost')));
        }

        if (e(Input::get('supplier_id')) == '') {
@@ -124,6 +120,12 @@ class LicensesController extends Controller
            $license->purchase_order = e(Input::get('purchase_order'));
        }

+        if (empty(e(Input::get('manufacturer_id')))) {
+            $license->manufacturer_id = null;
+        } else {
+            $license->manufacturer_id = e(Input::get('manufacturer_id'));
+        }
+
        // Save the license data
        $license->name              = e(Input::get('name'));
        $license->serial            = e(Input::get('serial'));
@@ -137,6 +139,7 @@ class LicensesController extends Controller
        $license->depreciation_id   = e(Input::get('depreciation_id'));
        $license->company_id        = Company::getIdForCurrentUser(Input::get('company_id'));
        $license->expiration_date   = e(Input::get('expiration_date'));
+        $license->termination_date  = e(Input::get('termination_date'));
        $license->user_id           = Auth::user()->id;

        if (($license->purchase_date == "") || ($license->purchase_date == "0000-00-00")) {
@@ -153,7 +156,7 @@ class LicensesController extends Controller

            // Was the license created?
        if ($license->save()) {
-
+            $license->logCreate();
            $insertedId = $license->id;
          // Save the license seat data
            DB::transaction(function () use (&$insertedId, &$license) {
@@ -188,34 +191,32 @@ class LicensesController extends Controller
    public function getEdit($licenseId = null)
    {
        // Check if the license exists
-        if (is_null($license = License::find($licenseId))) {
+        if (is_null($item = License::find($licenseId))) {
            // Redirect to the blogs management page
            return redirect()->to('admin/licenses')->with('error', trans('admin/licenses/message.does_not_exist'));
-        } elseif (!Company::isCurrentUserHasAccess($license)) {
+        } elseif (!Company::isCurrentUserHasAccess($item)) {
            return redirect()->to('admin/licenses')->with('error', trans('general.insufficient_permissions'));
        }

-        if ($license->purchase_date == "0000-00-00") {
-            $license->purchase_date = null;
+        if ($item->purchase_date == "0000-00-00") {
+            $item->purchase_date = null;
        }

-        if ($license->purchase_cost == "0.00") {
-            $license->purchase_cost = null;
+        if ($item->purchase_cost == "0.00") {
+            $item->purchase_cost = null;
        }

        // Show the page
        $license_options = array('' => 'Top Level') + DB::table('assets')->where('id', '!=', $licenseId)->pluck('name', 'id');
-        $depreciation_list = array('0' => trans('admin/licenses/form.no_depreciation')) + Depreciation::pluck('name', 'id')->toArray();
-        $supplier_list = array('' => 'Select Supplier') + Supplier::orderBy('name', 'asc')->pluck('name', 'id')->toArray();
        $maintained_list = array('' => 'Maintained', '1' => 'Yes', '0' => 'No');
-        $company_list = Helper::companyList();

-        return View::make('licenses/edit', compact('license'))
+        return View::make('licenses/edit', compact('item'))
            ->with('license_options', $license_options)
-            ->with('depreciation_list', $depreciation_list)
-            ->with('supplier_list', $supplier_list)
-            ->with('company_list', $company_list)
-            ->with('maintained_list', $maintained_list);
+            ->with('depreciation_list', Helper::depreciationList())
+            ->with('supplier_list', Helper::suppliersList())
+            ->with('company_list', Helper::companyList())
+            ->with('maintained_list', $maintained_list)
+            ->with('manufacturer_list', Helper::manufacturerList());
    }


@@ -252,6 +253,13 @@ class LicensesController extends Controller
        $license->maintained        = e(Input::get('maintained'));
        $license->reassignable      = e(Input::get('reassignable'));

+        if (empty(e(Input::get('manufacturer_id')))) {
+            $license->manufacturer_id = null;
+        } else {
+            $license->manufacturer_id = e(Input::get('manufacturer_id'));
+        }
+
+
        if (e(Input::get('supplier_id')) == '') {
            $license->supplier_id = null;
        } else {
@@ -278,10 +286,9 @@ class LicensesController extends Controller
        }

        if (e(Input::get('purchase_cost')) == '') {
-              $license->purchase_cost =  null;
+            $license->purchase_cost =  null;
        } else {
-              $license->purchase_cost = e(Input::get('purchase_cost'));
-              //$license->purchase_cost = e(Input::get('purchase_cost'));
+            $license->purchase_cost = Helper::ParseFloat(e(Input::get('purchase_cost')));
        }

        if (e(Input::get('maintained')) == '') {
@@ -323,11 +330,11 @@ class LicensesController extends Controller

                  //Log the deletion of seats to the log
                    $logaction = new Actionlog();
-                    $logaction->asset_id = $license->id;
-                    $logaction->asset_type = 'software';
+                    $logaction->item_type = License::class;
+                    $logaction->item_id = $license->id;
                    $logaction->user_id = Auth::user()->id;
-                    $logaction->note = abs($difference)." seats";
-                    $logaction->checkedout_to =  null;
+                    $logaction->note = '-'.abs($difference)." seats";
+                    $logaction->target_id =  null;
                    $log = $logaction->logaction('delete seats');

                } else {
@@ -348,10 +355,11 @@ class LicensesController extends Controller

                //Log the addition of license to the log.
                $logaction = new Actionlog();
-                $logaction->asset_id = $license->id;
-                $logaction->asset_type = 'software';
+                $logaction->item_type = License::class;
+                $logaction->item_id = $license->id;
                $logaction->user_id = Auth::user()->id;
-                $logaction->note = abs($difference)." seats";
+                $logaction->note = '+'.abs($difference)." seats";
+                $logaction->target_id =  null;
                $log = $logaction->logaction('add seats');
            }
            $license->seats             = e(Input::get('seats'));
@@ -388,7 +396,7 @@ class LicensesController extends Controller
            return redirect()->to('admin/licenses')->with('error', trans('general.insufficient_permissions'));
        }

-        if (($license->assignedcount()) && ($license->assignedcount() > 0)) {
+        if ($license->assigned_seats_count > 0) {

            // Redirect to the license management page
            return redirect()->to('admin/licenses')->with('error', trans('admin/licenses/message.assoc_users'));
@@ -501,7 +509,7 @@ class LicensesController extends Controller
            }


-            if (($asset->assigned_to!='') && (($asset->assigned_to!=$assigned_to)) && ($assigned_to!='') ) {
+            if (($asset->assigned_to!='') && (($asset->assigned_to!=$assigned_to)) && ($assigned_to!='')) {
                return redirect()->to('admin/licenses')->with('error', trans('admin/licenses/message.owner_doesnt_match_asset'));
            }

@@ -532,14 +540,10 @@ class LicensesController extends Controller
        // Was the asset updated?
        if ($licenseseat->save()) {

-            $logaction = new Actionlog();
-
-            //$logaction->location_id = $assigned_to->location_id;
-            $logaction->asset_type = 'software';
-            $logaction->user_id = Auth::user()->id;
-            $logaction->note = e(Input::get('note'));
-            $logaction->asset_id = $licenseseat->license_id;
+            $licenseseat->logCheckout(e(Input::get('note')));

+            $data['license_id'] =$licenseseat->license_id;
+            $data['note'] = e(Input::get('note'));

            $license = License::find($licenseseat->license_id);
            $settings = Setting::getSettings();
@@ -547,11 +551,9 @@ class LicensesController extends Controller

            // Update the asset data
            if (e(Input::get('assigned_to')) == '') {
-                $logaction->checkedout_to = null;
-                $slack_msg = strtoupper($logaction->asset_type).' license <'.config('app.url').'/admin/licenses/'.$license->id.'/view'.'|'.$license->name.'> checked out to <'.config('app.url').'/hardware/'.$asset->id.'/view|'.$asset->showAssetName().'> by <'.config('app.url').'/admin/users/'.$user->id.'/view'.'|'.$user->fullName().'>.';
+                $slack_msg = 'License <'.config('app.url').'/admin/licenses/'.$license->id.'/view'.'|'.$license->name.'> checked out to <'.config('app.url').'/hardware/'.$asset->id.'/view|'.$asset->showAssetName().'> by <'.config('app.url').'/admin/users/'.$user->id.'/view'.'|'.$user->fullName().'>.';
            } else {
-                $logaction->checkedout_to = e(Input::get('assigned_to'));
-                $slack_msg = strtoupper($logaction->asset_type).' license <'.config('app.url').'/admin/licenses/'.$license->id.'/view'.'|'.$license->name.'> checked out to <'.config('app.url').'/admin/users/'.$asset->id.'/view|'.$is_assigned_to->fullName().'> by <'.config('app.url').'/admin/users/'.$user->id.'/view'.'|'.$user->fullName().'>.';
+                $slack_msg = 'License <'.config('app.url').'/admin/licenses/'.$license->id.'/view'.'|'.$license->name.'> checked out to <'.config('app.url').'/admin/users/'.$user->id.'/view|'.$is_assigned_to->fullName().'> by <'.config('app.url').'/admin/users/'.$user->id.'/view'.'|'.$user->fullName().'>.';
            }


@@ -577,7 +579,7 @@ class LicensesController extends Controller
                                ],
                                [
                                    'title' => 'Note:',
-                                    'value' => e($logaction->note)
+                                    'value' => e(Input::get('note'))
                                ],


@@ -591,9 +593,6 @@ class LicensesController extends Controller

            }

-            $log = $logaction->logaction('checkout');
-
-
            // Redirect to the new asset page
            return redirect()->to("admin/licenses")->with('success', trans('admin/licenses/message.checkout.success'));
        }
@@ -671,10 +670,10 @@ class LicensesController extends Controller
            // Ooops.. something went wrong
            return redirect()->back()->withInput()->withErrors($validator);
        }
-        $return_to = $licenseseat->assigned_to;
-        $logaction = new Actionlog();
-        $logaction->checkedout_to = $licenseseat->assigned_to;
-
+        $return_to = User::find($licenseseat->assigned_to);
+        if (!$return_to) {
+            $return_to = Asset::find($licenseseat->asset_id);
+        }
        // Update the asset data
        $licenseseat->assigned_to                   = null;
        $licenseseat->asset_id                      = null;
@@ -683,11 +682,7 @@ class LicensesController extends Controller

        // Was the asset updated?
        if ($licenseseat->save()) {
-            $logaction->asset_id = $licenseseat->license_id;
-            $logaction->location_id = null;
-            $logaction->asset_type = 'software';
-            $logaction->note = e(Input::get('note'));
-            $logaction->user_id = $user->id;
+            $licenseseat->logCheckin($return_to, e(Input::get('note')));

            $settings = Setting::getSettings();

@@ -708,11 +703,11 @@ class LicensesController extends Controller
                            'fields' => [
                                [
                                    'title' => 'Checked In:',
-                                    'value' => strtoupper($logaction->asset_type).' <'.config('app.url').'/admin/licenses/'.$license->id.'/view'.'|'.$license->name.'> checked in by <'.config('app.url').'/admin/users/'.$user->id.'/view'.'|'.$user->fullName().'>.'
+                                    'value' => 'License: <'.config('app.url').'/admin/licenses/'.$license->id.'/view'.'|'.$license->name.'> checked in by <'.config('app.url').'/admin/users/'.$user->id.'/view'.'|'.$user->fullName().'>.'
                                ],
                                [
                                    'title' => 'Note:',
-                                    'value' => e($logaction->note)
+                                    'value' => e(Input::get('note'))
                                ],

                            ]
@@ -725,12 +720,9 @@ class LicensesController extends Controller
            }


-            $log = $logaction->logaction('checkin from');
-
-

            if ($backto=='user') {
-                return redirect()->to("admin/users/".$return_to.'/view')->with('success', trans('admin/licenses/message.checkin.success'));
+                return redirect()->to("admin/users/".$return_to->id.'/view')->with('success', trans('admin/licenses/message.checkin.success'));
            } else {
                return redirect()->to("admin/licenses/".$licenseseat->license_id."/view")->with('success', trans('admin/licenses/message.checkin.success'));
            }
@@ -753,6 +745,7 @@ class LicensesController extends Controller
    {

        $license = License::find($licenseId);
+        $license = $license->load('assignedusers', 'licenseSeats.user', 'licenseSeats.asset');

        if (isset($license->id)) {

@@ -796,9 +789,10 @@ class LicensesController extends Controller
        ->with('license_options', $license_options)
        ->with('depreciation_list', $depreciation_list)
        ->with('supplier_list', $supplier_list)
-        ->with('license', $license)
+        ->with('item', $license)
        ->with('maintained_list', $maintained_list)
-        ->with('company_list', $company_list);
+        ->with('company_list', $company_list)
+        ->with('manufacturer_list', Helper::manufacturerList());

    }

@@ -831,7 +825,7 @@ class LicensesController extends Controller
                foreach (Input::file('licensefile') as $file) {

                    $rules = array(
-                    'licensefile' => 'required|mimes:png,gif,jpg,jpeg,doc,docx,pdf,txt,zip,rar|max:2000'
+                    'licensefile' => 'required|mimes:png,gif,jpg,jpeg,doc,docx,pdf,txt,zip,rar,rtf,xml,lic|max:2000'
                    );
                    $validator = Validator::make(array('licensefile'=> $file), $rules);

@@ -842,16 +836,8 @@ class LicensesController extends Controller
                        $filename .= '-'.str_slug($file->getClientOriginalName()).'.'.$extension;
                        $upload_success = $file->move($destinationPath, $filename);

-                        //Log the deletion of seats to the log
-                        $logaction = new Actionlog();
-                        $logaction->asset_id = $license->id;
-                        $logaction->asset_type = 'software';
-                        $logaction->user_id = Auth::user()->id;
-                        $logaction->note = e(Input::get('notes'));
-                        $logaction->checkedout_to =  null;
-                        $logaction->created_at =  date("Y-m-d h:i:s");
-                        $logaction->filename =  $filename;
-                        $log = $logaction->logaction('uploaded');
+                        //Log the upload to the log
+                        $license->logUpload($filename, e(Input::get('notes')));
                    } else {
                         return redirect()->back()->with('error', trans('admin/licenses/message.upload.invalidfiles'));
                    }
@@ -965,17 +951,28 @@ class LicensesController extends Controller
    */
    public function getDatatable()
    {
-        $licenses = License::with('company');
+        $licenses = Company::scopeCompanyables(License::with('company', 'licenseSeatsRelation', 'manufacturer'));

        if (Input::has('search')) {
            $licenses = $licenses->TextSearch(Input::get('search'));
        }

-        $allowed_columns = ['id','name','purchase_cost','expiration_date','purchase_order','order_number','notes','purchase_date','serial'];
+        $allowed_columns = ['id','name','purchase_cost','expiration_date','purchase_order','order_number','notes','purchase_date','serial','manufacturer','company'];
        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';

-        $licenses = $licenses->orderBy($sort, $order);
+        switch ($sort) {
+            case 'manufacturer':
+                $licenses = $licenses->OrderManufacturer($order);
+                break;
+            case 'company':
+                $licenses = $licenses->OrderCompany($order);
+                break;
+            default:
+                $licenses = $licenses->orderBy($sort, $order);
+                break;
+        }
+

        $licenseCount = $licenses->count();
        $licenses = $licenses->skip(Input::get('offset'))->take(Input::get('limit'))->get();
@@ -983,24 +980,45 @@ class LicensesController extends Controller
        $rows = array();

        foreach ($licenses as $license) {
-            $actions = '<span style="white-space: nowrap;"><a href="'.route('freecheckout/license', $license->id).'" class="btn btn-primary btn-sm'.(($license->remaincount() > 0) ? '' : ' disabled').'" style="margin-right:5px;">'.trans('general.checkout').'</a> <a href="'.route('clone/license', $license->id).'" class="btn btn-info btn-sm" style="margin-right:5px;" title="Clone asset"><i class="fa fa-files-o"></i></a><a href="'.route('update/license', $license->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/license', $license->id).'" data-content="'.trans('admin/licenses/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($license->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></span>';
+            $actions = '<span style="white-space: nowrap;">';
+
+            if (Gate::allows('licenses.checkout')) {
+                $actions .= '<a href="' . route('freecheckout/license', $license->id)
+                . '" class="btn btn-primary btn-sm' . (($license->remaincount() > 0) ? '' : ' disabled') . '" style="margin-right:5px;">' . trans('general.checkout') . '</a> ';
+            }
+
+            if (Gate::allows('licenses.create')) {
+                $actions .= '<a href="' . route('clone/license', $license->id)
+                . '" class="btn btn-info btn-sm" style="margin-right:5px;" title="Clone license"><i class="fa fa-files-o"></i></a>';
+            }
+            if (Gate::allows('licenses.edit')) {
+                $actions .= '<a href="' . route('update/license', $license->id)
+                . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
+            }
+            if (Gate::allows('licenses.delete')) {
+                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'
+                 . route('delete/license', $license->id)
+                 . '" data-content="' . trans('admin/licenses/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($license->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
+            }
+            $actions .='</span>';

            $rows[] = array(
                'id'                => $license->id,
                'name'              => (string) link_to('/admin/licenses/'.$license->id.'/view', $license->name),
                'serial'            => (string) link_to('/admin/licenses/'.$license->id.'/view', mb_strimwidth($license->serial, 0, 50, "...")),
-                'totalSeats'        => $license->totalSeatsByLicenseID(),
+                'totalSeats'        => $license->licenseSeatsCount,
                'remaining'         => $license->remaincount(),
                'license_name'      => e($license->license_name),
-                'license_email'      => e($license->license_email),
+                'license_email'     => e($license->license_email),
                'purchase_date'     => ($license->purchase_date) ? $license->purchase_date : '',
                'expiration_date'     => ($license->expiration_date) ? $license->expiration_date : '',
-                'purchase_cost'     => ($license->purchase_cost) ? number_format($license->purchase_cost, 2) : '',
+                'purchase_cost'     => Helper::formatCurrencyOutput($license->purchase_cost),
                'purchase_order'     => ($license->purchase_order) ? e($license->purchase_order) : '',
                'order_number'     => ($license->order_number) ? e($license->order_number) : '',
                'notes'     => ($license->notes) ? e($license->notes) : '',
                'actions'           => $actions,
-                'companyName'       => is_null($license->company) ? '' : e($license->company->name)
+                'company'       => is_null($license->company) ? '' : e($license->company->name),
+                'manufacturer'      => $license->manufacturer ? (string) link_to('/admin/settings/manufacturers/'.$license->manufacturer_id.'/view', $license->manufacturer->name) : ''
            );
        }

--- a/app/Http/Controllers/LocationsController.php
+++ b/app/Http/Controllers/LocationsController.php
@@ -61,7 +61,7 @@ class LocationsController extends Controller

        return View::make('locations/edit')
        ->with('location_options', $location_options)
-        ->with('location', new Location);
+        ->with('item', new Location);
    }


@@ -159,7 +159,7 @@ class LocationsController extends Controller
    public function getEdit($locationId = null)
    {
        // Check if the location exists
-        if (is_null($location = Location::find($locationId))) {
+        if (is_null($item = Location::find($locationId))) {
            return redirect()->to('admin/settings/locations')->with('error', trans('admin/locations/message.does_not_exist'));
        }

@@ -169,7 +169,7 @@ class LocationsController extends Controller
        $location_options = Location::flattenLocationsArray($location_options_array);
        $location_options = array('' => 'Top Level') + $location_options;

-        return View::make('locations/edit', compact('location'))->with('location_options', $location_options);
+        return View::make('locations/edit', compact('item'))->with('location_options', $location_options);
    }


@@ -318,7 +318,7 @@ class LocationsController extends Controller
                $locations = $locations->OrderParent($order);
                break;
            default:
-                $allowed_columns = ['id','name','address','city','state','country','currency'];
+                $allowed_columns = ['id','name','address','city','state','country','currency','zip'];

                $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
                $locations = $locations->orderBy($sort, $order);
@@ -344,6 +344,7 @@ class LocationsController extends Controller
                'address'       => ($location->address) ? e($location->address): '',
                'city'          => e($location->city),
                'state'         => e($location->state),
+                'zip'           => e($location->zip),
                'country'       => e($location->country),
                'currency'      => e($location->currency),
                'actions'       => $actions
--- a/app/Http/Controllers/ManufacturersController.php
+++ b/app/Http/Controllers/ManufacturersController.php
@@ -2,14 +2,15 @@
 namespace App\Http\Controllers;

 use App\Models\Company;
+use App\Models\Manufacturer;
+use App\Models\Setting;
+use Auth;
+use Gate;
 use Input;
 use Lang;
-use App\Models\Manufacturer;
 use Redirect;
-use App\Models\Setting;
 use Str;
 use View;
-use Auth;

 /**
 * This controller handles all actions related to Manufacturers for
@@ -45,7 +46,7 @@ class ManufacturersController extends Controller
    */
    public function getCreate()
    {
-        return View::make('manufacturers/edit')->with('manufacturer', new Manufacturer);
+        return View::make('manufacturers/edit')->with('item', new Manufacturer);
    }


@@ -83,13 +84,13 @@ class ManufacturersController extends Controller
    public function getEdit($manufacturerId = null)
    {
        // Check if the manufacturer exists
-        if (is_null($manufacturer = Manufacturer::find($manufacturerId))) {
+        if (is_null($item = Manufacturer::find($manufacturerId))) {
            // Redirect to the manufacturer  page
            return redirect()->to('admin/settings/manufacturers')->with('error', trans('admin/manufacturers/message.does_not_exist'));
        }

        // Show the page
-        return View::make('manufacturers/edit', compact('manufacturer'));
+        return View::make('manufacturers/edit', compact('item'));
    }


@@ -254,10 +255,28 @@ class ManufacturersController extends Controller
    * @since [v1.0]
    * @return String JSON
    */
-    public function getDataView($manufacturerId)
+    public function getDataView($manufacturerId, $itemtype = null)
    {
+        $manufacturer = Manufacturer::find($manufacturerId);

-        $manufacturer = Manufacturer::with('assets.company')->find($manufacturerId);
+        switch ($itemtype) {
+            case "assets":
+                return $this->getDataAssetsView($manufacturer);
+            case "licenses":
+                return $this->getDataLicensesView($manufacturer);
+            case "accessories":
+                return $this->getDataAccessoriesView($manufacturer);
+            case "consumables":
+                return $this->getDataConsumablesView($manufacturer);
+        }
+
+        throw new Exception("We shouldn't be here");
+
+    }
+
+    protected function getDataAssetsView(Manufacturer $manufacturer)
+    {
+        $manufacturer = $manufacturer->load('assets.model', 'assets.assigneduser', 'assets.assetstatus', 'assets.company');
        $manufacturer_assets = $manufacturer->assets;

        if (Input::has('search')) {
@@ -293,35 +312,229 @@ class ManufacturersController extends Controller
                $actions = '<a href="'.route('restore/hardware', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-recycle icon-white"></i></a>';
            }

-            if ($asset->assetstatus) {
-                if ($asset->assetstatus->deployable != 0) {
-                    if (($asset->assigned_to !='') && ($asset->assigned_to > 0)) {
-                        $inout = '<a href="'.route('checkin/hardware', $asset->id).'" class="btn btn-primary btn-sm">'.trans('general.checkin').'</a>';
-                    } else {
-                        $inout = '<a href="'.route('checkout/hardware', $asset->id).'" class="btn btn-info btn-sm">'.trans('general.checkout').'</a>';
-                    }
+            if ($asset->availableForCheckout()) {
+                if (Gate::allows('assets.checkout')) {
+                    $inout = '<a href="'.route('checkout/hardware', $asset->id).'" class="btn btn-info btn-sm">'.trans('general.checkout').'</a>';
+                }
+            } else {
+                if (Gate::allows('assets.checkin')) {
+                    $inout = '<a href="'.route('checkin/hardware', $asset->id).'" class="btn btn-primary btn-sm">'.trans('general.checkin').'</a>';
                }
            }

-            $row = array(
-            'id' => $asset->id,
-            'name' => (string)link_to('/hardware/'.$asset->id.'/view', e($asset->showAssetName())),
-            'model' => e($asset->model->name),
-            'asset_tag' => e($asset->asset_tag),
-            'serial' => e($asset->serial),
-            'assigned_to' => ($asset->assigneduser) ? (string)link_to('/admin/users/'.$asset->assigneduser->id.'/view', e($asset->assigneduser->fullName())): '',
-            'actions' => $actions,
-            'companyName' => e(Company::getName($asset)),
-            );
+            $rows[] = array(
+                'id' => $asset->id,
+                'name' => (string)link_to('/hardware/'.$asset->id.'/view', e($asset->showAssetName())),
+                'model' => e($asset->model->name),
+                'asset_tag' => e($asset->asset_tag),
+                'serial' => e($asset->serial),
+                'assigned_to' => ($asset->assigneduser) ? (string)link_to('/admin/users/'.$asset->assigneduser->id.'/view', e($asset->assigneduser->fullName())): '',
+                'actions' => $actions,
+                // 'companyName' => e(Company::getName($asset)),
+                'companyName' => is_null($asset->company) ? '' : $asset->company->name
+                );

            if (isset($inout)) {
                $row['change'] = $inout;
            }
-
-            $rows[] = $row;
        }

        $data = array('total' => $count, 'rows' => $rows);
        return $data;
    }
+
+    protected function getDataLicensesView(Manufacturer $manufacturer)
+    {
+        $manufacturer = $manufacturer->load('licenses.company', 'licenses.manufacturer', 'licenses.licenseSeatsRelation');
+        $licenses = $manufacturer->licenses;
+
+        if (Input::has('search')) {
+            $licenses = $licenses->TextSearch(Input::get('search'));
+        }
+
+        $licenseCount = $licenses->count();
+
+        $rows = array();
+
+        foreach ($licenses as $license) {
+            $actions = '<span style="white-space: nowrap;">';
+
+            if (Gate::allows('licenses.checkout')) {
+                $actions .= '<a href="' . route('freecheckout/license', $license->id)
+                . '" class="btn btn-primary btn-sm' . (($license->remaincount() > 0) ? '' : ' disabled') . '" style="margin-right:5px;">' . trans('general.checkout') . '</a> ';
+            }
+
+            if (Gate::allows('licenses.create')) {
+                $actions .= '<a href="' . route('clone/license', $license->id)
+                . '" class="btn btn-info btn-sm" style="margin-right:5px;" title="Clone asset"><i class="fa fa-files-o"></i></a>';
+            }
+            if (Gate::allows('licenses.edit')) {
+                $actions .= '<a href="' . route('update/license', $license->id)
+                . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
+            }
+            if (Gate::allows('licenses.delete')) {
+                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'
+                 . route('delete/license', $license->id)
+                 . '" data-content="' . trans('admin/licenses/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($license->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
+            }
+            $actions .='</span>';
+
+            $rows[] = array(
+                'id'                => $license->id,
+                'name'              => (string) link_to('/admin/licenses/'.$license->id.'/view', $license->name),
+                'serial'            => (string) link_to('/admin/licenses/'.$license->id.'/view', mb_strimwidth($license->serial, 0, 50, "...")),
+                'totalSeats'        => $license->licenseSeatCount,
+                'remaining'         => $license->remaincount(),
+                'license_name'      => e($license->license_name),
+                'license_email'     => e($license->license_email),
+                'purchase_date'     => ($license->purchase_date) ? $license->purchase_date : '',
+                'expiration_date'   => ($license->expiration_date) ? $license->expiration_date : '',
+                'purchase_cost'     => ($license->purchase_cost) ? number_format($license->purchase_cost, 2) : '',
+                'purchase_order'    => ($license->purchase_order) ? e($license->purchase_order) : '',
+                'order_number'      => ($license->order_number) ? e($license->order_number) : '',
+                'notes'             => ($license->notes) ? e($license->notes) : '',
+                'actions'           => $actions,
+                'companyName'       => is_null($license->company) ? '' : e($license->company->name),
+                'manufacturer'      => $license->manufacturer ? (string) link_to('/admin/settings/manufacturers/'.$license->manufacturer_id.'/view', $license->manufacturer->name) : ''
+            );
+        }
+
+        $data = array('total' => $licenseCount, 'rows' => $rows);
+
+        return $data;
+    }
+
+    public function getDataAccessoriesView(Manufacturer $manufacturer)
+    {
+        $manufacturer = $manufacturer->load(
+            'accessories.location',
+            'accessories.company',
+            'accessories.category',
+            'accessories.manufacturer',
+            'accessories.users'
+            );
+        $accessories = $manufacturer->accessories;
+
+        if (Input::has('search')) {
+            $accessories = $accessories->TextSearch(e(Input::get('search')));
+        }
+
+        if (Input::has('limit')) {
+            $limit = e(Input::get('limit'));
+        } else {
+            $limit = 50;
+        }
+
+        $accessCount = $accessories->count();
+
+        $rows = array();
+
+        foreach ($accessories as $accessory) {
+
+            $actions = '<nobr>';
+            if (Gate::allows('accessories.checkout')) {
+                $actions .= '<a href="' . route('checkout/accessory',
+                        $accessory->id) . '" style="margin-right:5px;" class="btn btn-info btn-sm" ' . (($accessory->numRemaining() > 0) ? '' : ' disabled') . '>' . trans('general.checkout') . '</a>';
+            }
+            if (Gate::allows('accessories.edit')) {
+                $actions .= '<a href="' . route('update/accessory',
+                        $accessory->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
+            }
+            if (Gate::allows('accessories.delete')) {
+                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/accessory',
+                        $accessory->id) . '" data-content="' . trans('admin/accessories/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($accessory->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
+            }
+            $actions .= '</nobr>';
+            $company = $accessory->company;
+
+            $rows[] = array(
+            'name'          => '<a href="'.url('admin/accessories/'.$accessory->id).'/view">'. $accessory->name.'</a>',
+            'category'      => ($accessory->category) ? (string)link_to('admin/settings/categories/'.$accessory->category->id.'/view', $accessory->category->name) : '',
+            'qty'           => e($accessory->qty),
+            'order_number'  => e($accessory->order_number),
+            'min_amt'  => e($accessory->min_amt),
+            'location'      => ($accessory->location) ? e($accessory->location->name): '',
+            'purchase_date' => e($accessory->purchase_date),
+            'purchase_cost' => number_format($accessory->purchase_cost, 2),
+            'numRemaining'  => $accessory->numRemaining(),
+            'actions'       => $actions,
+            'companyName'   => is_null($company) ? '' : e($company->name),
+            'manufacturer'      => $accessory->manufacturer ? (string) link_to('/admin/settings/manufacturers/'.$accessory->manufacturer_id.'/view', $accessory->manufacturer->name) : ''
+
+            );
+        }
+
+        $data = array('total'=>$accessCount, 'rows'=>$rows);
+
+        return $data;
+    }
+
+    public function getDataConsumablesView($manufacturer)
+    {
+        $manufacturer = $manufacturer->load(
+            'consumables.location',
+            'consumables.company',
+            'consumables.category',
+            'consumables.manufacturer',
+            'consumables.users'
+        );
+        $consumables = $manufacturer->consumables;
+
+        if (Input::has('search')) {
+            $consumables = $consumables->TextSearch(e(Input::get('search')));
+        }
+
+        if (Input::has('limit')) {
+            $limit = e(Input::get('limit'));
+        } else {
+            $limit = 50;
+        }
+
+        $consumCount = $consumables->count();
+
+        $rows = array();
+
+        foreach ($consumables as $consumable) {
+            $actions = '<nobr>';
+            if (Gate::allows('consumables.checkout')) {
+                $actions .= '<a href="' . route('checkout/consumable',
+                        $consumable->id) . '" style="margin-right:5px;" class="btn btn-info btn-sm" ' . (($consumable->numRemaining() > 0) ? '' : ' disabled') . '>' . trans('general.checkout') . '</a>';
+            }
+
+            if (Gate::allows('consumables.edit')) {
+                $actions .= '<a href="' . route('update/consumable',
+                        $consumable->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
+            }
+            if (Gate::allows('consumables.delete')) {
+                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/consumable',
+                        $consumable->id) . '" data-content="' . trans('admin/consumables/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($consumable->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
+            }
+
+            $actions .='</nobr>';
+
+            $company = $consumable->company;
+
+            $rows[] = array(
+                'id'            => $consumable->id,
+                'name'          => (string)link_to('admin/consumables/'.$consumable->id.'/view', e($consumable->name)),
+                'location'      => ($consumable->location) ? e($consumable->location->name) : '',
+                'min_amt'       => e($consumable->min_amt),
+                'qty'           => e($consumable->qty),
+                'manufacturer'  => ($consumable->manufacturer) ? (string) link_to('/admin/settings/manufacturers/'.$consumable->manufacturer_id.'/view', $consumable->manufacturer->name): '',
+                'model_number'  => e($consumable->model_number),
+                'item_no'       => e($consumable->item_no),
+                'category'      => ($consumable->category) ? (string) link_to('/admin/settings/categories/'.$consumable->category_id.'/view', $consumable->category->name) : 'Missing category',
+                'order_number'  => e($consumable->order_number),
+                'purchase_date' => e($consumable->purchase_date),
+                'purchase_cost' => ($consumable->purchase_cost!='') ? number_format($consumable->purchase_cost, 2): '' ,
+                'numRemaining'  => $consumable->numRemaining(),
+                'actions'       => $actions,
+                'companyName'   => is_null($company) ? '' : e($company->name),
+            );
+        }
+
+        $data = array('total' => $consumCount, 'rows' => $rows);
+
+        return $data;
+    }
 }
--- a/app/Http/Controllers/ProfileController.php
+++ b/app/Http/Controllers/ProfileController.php
@@ -8,6 +8,8 @@ use App\Models\Location;
 use View;
 use Auth;
 use App\Helpers\Helper;
+use App\Models\Setting;
+use Gate;

 /**
 * This controller handles all actions related to User Profiles for
@@ -53,9 +55,14 @@ class ProfileController extends Controller
        $user->gravatar   = e(Input::get('gravatar'));
        $user->locale = e(Input::get('locale'));

+
+        if ((Gate::allows('self.two_factor')) && ((Setting::getSettings()->two_factor_enabled=='1') && (!config('app.lock_passwords')))) {
+            $user->two_factor_optin = e(Input::get('two_factor_optin', '0'));
+        }
+        
        if (Input::file('avatar')) {
            $image = Input::file('avatar');
-            $file_name = $user->first_name."-".$user->last_name.".".$image->getClientOriginalExtension();
+            $file_name = str_slug($user->first_name."-".$user->last_name).".".$image->getClientOriginalExtension();
            $path = public_path('uploads/avatars/'.$file_name);
            Image::make($image->getRealPath())->resize(84, 84)->save($path);
            $user->avatar = $file_name;
--- a/app/Http/Controllers/ReportsController.php
+++ b/app/Http/Controllers/ReportsController.php
@@ -1,25 +1,27 @@
 <?php
 namespace App\Http\Controllers;

+use App\Helpers\Helper;
 use App\Models\Accessory;
 use App\Models\Actionlog;
 use App\Models\Asset;
 use App\Models\AssetMaintenance;
-use Carbon\Carbon;
-use Category;
+use App\Models\AssetModel;
 use App\Models\Company;
+use App\Models\CustomField;
+use App\Models\License;
+use App\Models\Location;
+use App\Models\Setting;
+use App\Models\User;
+use Carbon\Carbon;
 use Illuminate\Support\Facades\Lang;
 use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\View;
 use Input;
 use League\Csv\Reader;
-use App\Models\License;
-use App\Models\Location;
-use App\Models\AssetModel;
 use Redirect;
-use App\Models\Setting;
-use App\Models\User;
+use Symfony\Component\HttpFoundation\StreamedResponse;

 /**
 * This controller handles all actions related to Reports for
@@ -31,7 +33,7 @@ class ReportsController extends Controller
 {

    /**
-    * Returns a view that displaysthe accessories report.
+    * Returns a view that displays the accessories report.
    *
    * @author [A. Gianotto] [<snipe@snipe.net>]
    * @since [v1.0]
@@ -87,7 +89,7 @@ class ReportsController extends Controller
    }

    /**
-    * Display asset report.
+    * Display asset report view.
    *
    * @author [A. Gianotto] [<snipe@snipe.net>]
    * @since [v1.0]
@@ -96,23 +98,11 @@ class ReportsController extends Controller
    public function getAssetsReport()
    {
        $settings = \App\Models\Setting::first();
-        // Grab all the assets
-        $assets = Asset::with(
-            'model',
-            'assigneduser.userLoc',
-            'assetstatus',
-            'defaultLoc',
-            'assetlog',
-            'supplier',
-            'model.manufacturer',
-            'company'
-        )
-                       ->orderBy('created_at', 'DESC')
-                       ->get();
-
        return View::make('reports/asset', compact('assets'))->with('settings', $settings);
    }

+
+
    /**
    * Exports the assets to CSV
    *
@@ -122,103 +112,76 @@ class ReportsController extends Controller
    */
    public function exportAssetReport()
    {
-        // Grab all the assets
-        $assets = Asset::orderBy('created_at', 'DESC')->get();

-        $rows = [ ];
+         \Debugbar::disable();

-        // Create the header row
-        $header = [
-            trans('admin/hardware/table.asset_tag'),
-            trans('admin/hardware/form.manufacturer'),
-            trans('admin/hardware/form.model'),
-            trans('general.model_no'),
-            trans('general.name'),
-            trans('admin/hardware/table.serial'),
-            trans('general.status'),
-            trans('admin/hardware/table.purchase_date'),
-            trans('admin/hardware/table.purchase_cost'),
-            trans('admin/hardware/form.order'),
-            trans('admin/hardware/form.supplier'),
-            trans('admin/hardware/table.checkoutto'),
-            trans('admin/hardware/table.location'),
-            trans('general.notes'),
-        ];
-        $header = array_map('trim', $header);
-        $rows[] = implode($header, ',');
+        $customfields = CustomField::get();

-        // Create a row per asset
-        foreach ($assets as $asset) {
-            $row   = [ ];
-            $row[] = e($asset->asset_tag);
-            if ($asset->model->manufacturer) {
-                $row[] = e($asset->model->manufacturer->name);
-            } else {
-                $row[] = '';
-            }
-            $row[] = '"' . e($asset->model->name) . '"';
-            $row[] = '"' . e($asset->model->modelno) . '"';
-            $row[] = e($asset->name);
-            $row[] = e($asset->serial);
-            if ($asset->assetstatus) {
-                $row[] = e($asset->assetstatus->name);
-            } else {
-                $row[] = '';
-            }
-            $row[] = $asset->purchase_date;
-            $row[] = '"' . number_format($asset->purchase_cost, 2) . '"';
-            if ($asset->order_number) {
-                $row[] = e($asset->order_number);
-            } else {
-                $row[] = '';
-            }
-            if ($asset->supplier_id) {
-                $row[] = e($asset->supplier->name);
-            } else {
-                $row[] = '';
-            }
+        $response = new StreamedResponse(function() use ($customfields) {
+            // Open output stream
+            $handle = fopen('php://output', 'w');

-            if ($asset->assigned_to > 0) {
-                $user  = User::find($asset->assigned_to);
-                $row[] = e($user->fullName());
-            } else {
-                $row[] = ''; // Empty string if unassigned
-            }
-
-            if (( $asset->assigned_to > 0 ) && ( $asset->assigneduser->location_id > 0 )) {
-                $location = Location::find($asset->assigneduser->location_id);
-                if ($location) {
-                    $row[] = e($location->name);
-                } else {
-                    $row[] = '';
+            Asset::with('assigneduser', 'assetloc','defaultLoc','assigneduser.userloc','model','supplier','assetstatus','model.manufacturer')->orderBy('created_at', 'DESC')->chunk(500, function($assets) use($handle, $customfields) {
+                $headers=[
+                    trans('general.company'),
+                    trans('admin/hardware/table.asset_tag'),
+                    trans('admin/hardware/form.manufacturer'),
+                    trans('admin/hardware/form.model'),
+                    trans('general.model_no'),
+                    trans('general.name'),
+                    trans('admin/hardware/table.serial'),
+                    trans('general.status'),
+                    trans('admin/hardware/table.purchase_date'),
+                    trans('admin/hardware/table.purchase_cost'),
+                    trans('admin/hardware/form.order'),
+                    trans('admin/hardware/form.supplier'),
+                    trans('admin/hardware/table.checkoutto'),
+                    trans('admin/hardware/table.checkout_date'),
+                    trans('admin/hardware/table.location'),
+                    trans('general.notes'),
+                ];
+                foreach($customfields as $field) {
+                    $headers[]=$field->name;
                }
-            } elseif ($asset->rtd_location_id) {
-                $location = Location::find($asset->rtd_location_id);
-                if ($location->name) {
-                    $row[] = e($location->name);
-                } else {
-                    $row[] = '';
+                fputcsv($handle, $headers);
+
+                foreach ($assets as $asset) {
+                    // Add a new row with data
+                    $values=[
+                        ($asset->company) ? $asset->company->name : '',
+                        $asset->asset_tag,
+                        ($asset->model->manufacturer) ? $asset->model->manufacturer->name : '',
+                        ($asset->model) ? $asset->model->name : '',
+                        ($asset->model->model_number) ? $asset->model->model_number : '',
+                        ($asset->name) ? $asset->name : '',
+                        ($asset->serial) ? $asset->serial : '',
+                        ($asset->assetstatus) ? e($asset->assetstatus->name) : '',
+                        ($asset->purchase_date) ? e($asset->purchase_date) : '',
+                        ($asset->purchase_cost > 0) ? Helper::formatCurrencyOutput($asset->purchase_cost) : '',
+                        ($asset->order_number) ? e($asset->order_number) : '',
+                        ($asset->supplier) ? e($asset->supplier->name) : '',
+                        ($asset->assigneduser) ? e($asset->assigneduser->fullName()) : '',
+                        ($asset->last_checkout!='') ? e($asset->last_checkout) : '',
+                        ($asset->assigneduser && $asset->assigneduser->userloc!='') ?
+                            e($asset->assigneduser->userloc->name) : ( ($asset->defaultLoc!='') ? e($asset->defaultLoc->name) : ''),
+                        ($asset->notes) ? e($asset->notes) : '',
+                    ];
+                    foreach($customfields as $field) {
+                        $values[]=$asset->{$field->db_column_name()};
+                    }
+                    fputcsv($handle, $values);
                }
-            } else {
-                $row[] = '';  // Empty string if location is not set
-            }
+            });

-            if ($asset->notes) {
-                $row[] = '"' . e($asset->notes) . '"';
-            } else {
-                $row[] = '';
-            }
-
-            $rows[] = implode($row, ',');
-        }
-
-        // spit out a csv
-        $csv      = implode($rows, "\n");
-        $response = Response::make($csv, 200);
-        $response->header('Content-Type', 'text/csv');
-        $response->header('Content-disposition', 'attachment;filename=report.csv');
+            // Close the output stream
+            fclose($handle);
+        }, 200, [
+            'Content-Type' => 'text/csv',
+            'Content-Disposition' => 'attachment; filename="assets-'.date('Y-m-d-his').'.csv"',
+        ]);

        return $response;
+
    }

    /**
@@ -308,9 +271,9 @@ class ReportsController extends Controller
            }

            $row[] = $asset->purchase_date;
-            $row[] = $currency . number_format($asset->purchase_cost, 2);
-            $row[] = $currency . number_format($asset->getDepreciatedValue(), 2);
-            $row[] = $currency . number_format(( $asset->purchase_cost - $asset->getDepreciatedValue() ), 2);
+            $row[] = $currency . Helper::formatCurrencyOutput($asset->purchase_cost);
+            $row[] = $currency . Helper::formatCurrencyOutput($asset->getDepreciatedValue());
+            $row[] = $currency . Helper::formatCurrencyOutput(( $asset->purchase_cost - $asset->getDepreciatedValue() ));
            $csv->insertOne($row);
        }

@@ -329,11 +292,7 @@ class ReportsController extends Controller
    public function getActivityReport()
    {
        $log_actions = Actionlog::orderBy('created_at', 'DESC')
-                                ->with('adminlog')
-                                ->with('accessorylog')
-                                ->with('assetlog')
-                                ->with('licenselog')
-                                ->with('userlog')
+                                ->with('item')
                                ->orderBy('created_at', 'DESC')
                                ->get();

@@ -341,16 +300,134 @@ class ReportsController extends Controller
    }

    /**
-    * Displays license report
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v1.0]
-    * @return View
-    */
+     * Returns Activity Report JSON.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @return View
+     */
+    public function getActivityReportDataTable()
+    {
+        $activitylogs = Company::scopeCompanyables(Actionlog::with('item', 'user', 'target'))->orderBy('created_at', 'DESC');
+
+        if (Input::has('search')) {
+            $activitylogs = $activitylogs->TextSearch(e(Input::get('search')));
+        }
+
+        if (Input::has('offset')) {
+            $offset = e(Input::get('offset'));
+        } else {
+            $offset = 0;
+        }
+
+        if (Input::has('limit')) {
+            $limit = e(Input::get('limit'));
+        } else {
+            $limit = 50;
+        }
+
+
+        $allowed_columns = ['created_at'];
+        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
+
+
+        $activityCount = $activitylogs->count();
+        $activitylogs = $activitylogs->offset($offset)->limit($limit)->get();
+
+        $rows = array();
+        foreach ($activitylogs as $activity) {
+
+            if ($activity->itemType() == "asset") {
+                $activity_icons = '<i class="fa fa-barcode"></i>';
+            } elseif ($activity->itemType() == "accessory") {
+                $activity_icons = '<i class="fa fa-keyboard-o"></i>';
+            } elseif ($activity->itemType()=="consumable") {
+                $activity_icons = '<i class="fa fa-tint"></i>';
+            } elseif ($activity->itemType()=="license"){
+                $activity_icons = '<i class="fa fa-floppy-o"></i>';
+            } elseif ($activity->itemType()=="component") {
+                $activity_icons = '<i class="fa fa-hdd-o"></i>';
+            } else {
+                $activity_icons = '<i class="fa fa-paperclip"></i>';
+            }
+
+            if (($activity->item) && ($activity->itemType()=="asset")) {
+              $activity_item = '<a href="'.route('view/hardware', $activity->item_id).'">'.e($activity->item->asset_tag).' - '. e($activity->item->showAssetName()).'</a>';
+                $item_type = 'asset';
+            } elseif ($activity->item) {
+                $activity_item = '<a href="' . route('view/' . $activity->itemType(),
+                        $activity->item_id) . '">' . e($activity->item->name) . '</a>';
+                $item_type = $activity->itemType();
+
+            } else {
+                $activity_item = "unkonwn";
+                $item_type = "null";
+            }
+            
+
+            if (($activity->user) && ($activity->action_type=="uploaded") && ($activity->itemType()=="user")) {
+                $activity_target = '<a href="'.route('view/user', $activity->target_id).'">'.$activity->user->fullName().'</a>';
+            } elseif ($activity->target_type === "App\Models\Asset") {
+                if($activity->target) {
+                    $activity_target = '<a href="'.route('view/hardware', $activity->target_id).'">'.$activity->target->showAssetName().'</a>';
+                } else {
+                    $activity_target = "";
+                }
+            } elseif ( $activity->target_type === "App\Models\User") {
+                if($activity->target) {
+                   $activity_target = '<a href="'.route('view/user', $activity->target_id).'">'.$activity->target->fullName().'</a>';
+                } else {
+                    $activity_target = '';
+                }
+            } elseif (($activity->action_type=='accepted') || ($activity->action_type=='declined')) {
+                $activity_target = '<a href="' . route('view/user', $activity->item->assigneduser->id) . '">' . e($activity->item->assigneduser->fullName()) . '</a>';
+
+            } elseif ($activity->action_type=='requested') {
+                if ($activity->user) {
+                    $activity_target =  '<a href="'.route('view/user', $activity->user_id).'">'.$activity->user->fullName().'</a>';
+                } else {
+                    $activity_target = '';
+                }
+            } else {
+                if($activity->target) {
+                    $activity_target = $activity->target->id;
+                } else {
+                    $activity_target = "";
+                }
+            }
+
+            
+            $rows[] = array(
+                'icon'          => $activity_icons,
+                'created_at'    => date("M d, Y g:iA", strtotime($activity->created_at)),
+                'action_type'              => strtolower(trans('general.'.str_replace(' ','_',$activity->action_type))),
+                'admin'         =>  $activity->user ? (string) link_to('/admin/users/'.$activity->user_id.'/view', $activity->user->fullName()) : '',
+                'target'          => $activity_target,
+                'item'          => $activity_item,
+                'item_type'     => $item_type,
+                'note'     => e($activity->note),
+
+            );
+        }
+
+        $data = array('total'=>$activityCount, 'rows'=>$rows);
+
+        return $data;
+
+    }
+
+    /**
+     * Displays license report
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @return View
+     */
    public function getLicenseReport()
    {

-        $licenses = License::orderBy('created_at', 'DESC')
+        $licenses = License::with('depreciation')->orderBy('created_at', 'DESC')
                           ->with('company')
                           ->get();

@@ -376,8 +453,9 @@ class ReportsController extends Controller
            trans('admin/licenses/form.seats'),
            trans('admin/licenses/form.remaining_seats'),
            trans('admin/licenses/form.expiration'),
-            trans('admin/licenses/form.date'),
-            trans('admin/licenses/form.cost')
+            trans('general.purchase_date'),
+            trans('general.depreciation'),
+            trans('general.purchase_cost')
        ];

        $header = array_map('trim', $header);
@@ -392,7 +470,8 @@ class ReportsController extends Controller
            $row[] = $license->remaincount();
            $row[] = $license->expiration_date;
            $row[] = $license->purchase_date;
-            $row[] = '"' . number_format($license->purchase_cost, 2) . '"';
+            $row[] = ($license->depreciation!='') ? '' : e($license->depreciation->name);
+            $row[] = '"' . Helper::formatCurrencyOutput($license->purchase_cost) . '"';

            $rows[] = implode($row, ',');
        }
@@ -415,25 +494,30 @@ class ReportsController extends Controller
    */
    public function getCustomReport()
    {
-
-        return View::make('reports/custom');
+        $customfields = CustomField::get();
+        return View::make('reports/custom')->with('customfields', $customfields);
    }

    /**
-    * Exports the custom report to CSV
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ReportsController::getCustomReport() method that generates form view
-    * @since [v1.0]
-    * @return \Illuminate\Http\Response
-    */
+     * Exports the custom report to CSV
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @see ReportsController::getCustomReport() method that generates form view
+     * @since [v1.0]
+     * @return \Illuminate\Http\Response
+     */
    public function postCustom()
    {
-        $assets = Asset::orderBy('created_at', 'DESC')->get();
+        $assets = Asset::orderBy('created_at', 'DESC')->with('company','assigneduser', 'assetloc','defaultLoc','assigneduser.userloc','model','supplier','assetstatus','model.manufacturer')->get();
+        $customfields = CustomField::get();

        $rows   = [ ];
        $header = [ ];

+        if (e(Input::get('company')) == '1') {
+            $header[] = 'Company Name';
+        }
+
        if (e(Input::get('asset_name')) == '1') {
            $header[] = 'Asset Name';
        }
@@ -459,6 +543,9 @@ class ReportsController extends Controller
        if (( e(Input::get('purchase_cost')) == '1' ) && ( e(Input::get('depreciation')) != '1' )) {
            $header[] = 'Purchase Cost';
        }
+        if (e(Input::get('eol')) == '1') {
+            $header[] = 'EOL';
+        }
        if (e(Input::get('order')) == '1') {
            $header[] = 'Order Number';
        }
@@ -471,6 +558,12 @@ class ReportsController extends Controller
        if (e(Input::get('assigned_to')) == '1') {
            $header[] = 'Assigned To';
        }
+        if (e(Input::get('username')) == '1') {
+            $header[] = 'Username';
+        }
+        if (e(Input::get('employee_num')) == '1') {
+            $header[] = 'Employee No.';
+        }
        if (e(Input::get('status')) == '1') {
            $header[] = 'Status';
        }
@@ -483,12 +576,28 @@ class ReportsController extends Controller
            $header[] = 'Value';
            $header[] = 'Diff';
        }
+        if (e(Input::get('expected_checkin')) == '1') {
+            $header[] = trans('admin/hardware/form.expected_checkin');
+        }
+
+
+        foreach ($customfields as $customfield) {
+            if (e(Input::get($customfield->db_column_name())) == '1') {
+                $header[] = $customfield->name;
+            }
+        }
+

        $header = array_map('trim', $header);
        $rows[] = implode($header, ',');

        foreach ($assets as $asset) {
            $row = [ ];
+
+            if (e(Input::get('company')) == '1') {
+                $row[] = is_null($asset->company) ? '' : '"'.$asset->company->name.'"';
+            }
+
            if (e(Input::get('asset_name')) == '1') {
                $row[] = '"' .e($asset->name) . '"';
            }
@@ -504,7 +613,7 @@ class ReportsController extends Controller
            }
            if (e(Input::get('model')) == '1') {
                $row[] = '"' . e($asset->model->name) . '"';
-                $row[] = '"' . e($asset->model->modelno) . '"';
+                $row[] = '"' . e($asset->model->model_number) . '"';
            }
            if (e(Input::get('category')) == '1') {
                $row[] = '"' .e($asset->model->category->name) . '"';
@@ -517,7 +626,10 @@ class ReportsController extends Controller
                $row[] = e($asset->purchase_date);
            }
            if (e(Input::get('purchase_cost')) == '1' && ( e(Input::get('depreciation')) != '1' )) {
-                $row[] = '"' . number_format($asset->purchase_cost, 2) . '"';
+                $row[] = '"' . Helper::formatCurrencyOutput($asset->purchase_cost) . '"';
+            }
+            if (e(Input::get('eol')) == '1') {
+                $row[] = '"' .($asset->eol_date()) ? $asset->eol_date() : ''. '"';
            }
            if (e(Input::get('order')) == '1') {
                if ($asset->order_number) {
@@ -527,21 +639,19 @@ class ReportsController extends Controller
                }
            }
            if (e(Input::get('supplier')) == '1') {
-                if ($asset->supplier_id) {
+                if ($asset->supplier) {
                    $row[] = '"' .e($asset->supplier->name) . '"';
                } else {
                    $row[] = '';
                }
            }
+
            if (e(Input::get('location')) == '1') {
                $show_loc = '';
-                if (( $asset->assigned_to > 0 ) && ( $asset->assigneduser->location_id !='' )) {
-                    $location = Location::find($asset->assigneduser->location_id);
-                    if ($location) {
-                        $show_loc .= '"' .e($location->name). '"';
-                    } else {
-                        $show_loc .= 'User location '.$asset->assigneduser->location_id.' is invalid';
-                    }
+
+
+                if (($asset->assigned_to > 0) && ($asset->assigneduser) && ($asset->assigneduser->location)) {
+                    $show_loc .= '"' .e($asset->assigneduser->location->name). '"';
                } elseif ($asset->rtd_location_id!='') {
                    $location = Location::find($asset->rtd_location_id);
                    if ($location) {
@@ -554,14 +664,32 @@ class ReportsController extends Controller
                $row[] = $show_loc;

            }
+
+
            if (e(Input::get('assigned_to')) == '1') {
-                if ($asset->assigned_to > 0) {
-                    $user  = User::find($asset->assigned_to);
-                    $row[] = '"' .e($user->fullName()). '"';
+                if ($asset->assigneduser) {
+                    $row[] = '"' .e($asset->assigneduser->fullName()). '"';
                } else {
                    $row[] = ''; // Empty string if unassigned
                }
            }
+
+            if (e(Input::get('username')) == '1') {
+                if ($asset->assigneduser) {
+                    $row[] = '"' .e($asset->assigneduser->username). '"';
+                } else {
+                    $row[] = ''; // Empty string if unassigned
+                }
+            }
+
+            if (e(Input::get('employee_num')) == '1') {
+                if ($asset->assigneduser) {
+                    $row[] = '"' .e($asset->assigneduser->employee_num). '"';
+                } else {
+                    $row[] = ''; // Empty string if unassigned
+                }
+            }
+
            if (e(Input::get('status')) == '1') {
                if (( $asset->status_id == '0' ) && ( $asset->assigned_to == '0' )) {
                    $row[] = trans('general.ready_to_deploy');
@@ -584,10 +712,26 @@ class ReportsController extends Controller
            }
            if (e(Input::get('depreciation')) == '1') {
                $depreciation = $asset->getDepreciatedValue();
-                $row[]        = '"' . number_format($asset->purchase_cost, 2) . '"';
-                $row[]        = '"' . number_format($depreciation, 2) . '"';
-                $row[]        = '"' . number_format($asset->purchase_cost - $depreciation, 2) . '"';
+                $row[]        = '"' . Helper::formatCurrencyOutput($asset->purchase_cost) . '"';
+                $row[]        = '"' . Helper::formatCurrencyOutput($depreciation) . '"';
+                $row[]        = '"' . Helper::formatCurrencyOutput($asset->purchase_cost) . '"';
            }
+            if (e(Input::get('expected_checkin')) == '1') {
+                if ($asset->expected_checkin) {
+                    $row[] = '"' .e($asset->expected_checkin). '"';
+                } else {
+                    $row[] = ''; // Empty string if blankd
+                }
+            }
+
+            foreach ($customfields as $customfield) {
+                $column_name = $customfield->db_column_name();
+                if (e(Input::get($customfield->db_column_name())) == '1') {
+                    $row[] = str_replace(",", "\,", $asset->$column_name);
+                }
+            }
+
+
            $rows[] = implode($row, ',');
        }

@@ -596,14 +740,15 @@ class ReportsController extends Controller
            $csv      = implode($rows, "\n");
            $response = Response::make($csv, 200);
            $response->header('Content-Type', 'text/csv');
-            $response->header('Content-disposition', 'attachment;filename=report.csv');
+            $response->header('Content-disposition', 'attachment;filename='.date('Y-m-d-His').'-custom-asset-report.csv');

            return $response;
        } else {
            return redirect()->to("reports/custom")
-                           ->with('error', trans('admin/reports/message.error'));
+                ->with('error', trans('admin/reports/message.error'));
        }
    }
+    

    /**
     * getImprovementsReport
@@ -640,8 +785,9 @@ class ReportsController extends Controller
        $rows = [ ];

        $header = [
+            trans('admin/hardware/table.asset_tag'),
            trans('admin/asset_maintenances/table.asset_name'),
-            trans('admin/asset_maintenances/table.supplier_name'),
+            trans('general.supplier'),
            trans('admin/asset_maintenances/form.asset_maintenance_type'),
            trans('admin/asset_maintenances/form.title'),
            trans('admin/asset_maintenances/form.start_date'),
@@ -655,6 +801,7 @@ class ReportsController extends Controller

        foreach ($assetMaintenances as $assetMaintenance) {
            $row   = [ ];
+            $row[] = str_replace(',', '', e($assetMaintenance->asset->asset_tag));
            $row[] = str_replace(',', '', e($assetMaintenance->asset->name));
            $row[] = str_replace(',', '', e($assetMaintenance->supplier->name));
            $row[] = e($assetMaintenance->improvement_type);
@@ -668,7 +815,7 @@ class ReportsController extends Controller
                $improvementTime = intval($assetMaintenance->asset_maintenance_time);
            }
            $row[]  = $improvementTime;
-            $row[]  = trans('general.currency') . number_format($assetMaintenance->cost, 2);
+            $row[]  = trans('general.currency') . Helper::formatCurrencyOutput($assetMaintenance->cost);
            $rows[] = implode($row, ',');
        }

--- a/app/Http/Controllers/SettingsController.php
+++ b/app/Http/Controllers/SettingsController.php
@@ -15,6 +15,7 @@ use Response;
 use Artisan;
 use Crypt;
 use Mail;
+use Auth;
 use App\Models\User;
 use App\Http\Requests\SetupUserRequest;

@@ -52,29 +53,18 @@ class SettingsController extends Controller

        $protocol = array_key_exists('HTTPS', $_SERVER) && ( $_SERVER['HTTPS'] == "on") ? 'https://' : 'http://';

-
-        $pageURL = $protocol;
-        if ($_SERVER["SERVER_PORT"] != "80") {
-            $main_page = $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"];
-            $pageURL .= $main_page.$_SERVER["REQUEST_URI"];
-        } else {
-            $main_page = $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
-            $pageURL .= $main_page;
+        $host = $_SERVER['SERVER_NAME'];
+        if (($protocol === 'http://' && $_SERVER['SERVER_PORT'] != '80') || ($protocol === 'https://' && $_SERVER['SERVER_PORT'] != '443')) {
+          $host .= ':' . $_SERVER['SERVER_PORT'];
        }
+        $pageURL = $protocol . $host . $_SERVER['REQUEST_URI'];

-        $start_settings['env_location'] = $pageURL.'../.env';
+        $start_settings['url_valid'] = (config('app.url').'/setup' === $pageURL);

+        $start_settings['url_config'] = config('app.url');
+        $start_settings['real_url'] = $pageURL;

-        if (config('app.url').'/setup'!=$pageURL) {
-            $start_settings['url_valid']= false;
-        } else {
-            $start_settings['url_valid']= true;
-        }
-
-        $start_settings['url_config']= config('app.url');
-        $start_settings['real_url']= $pageURL;
-
-        $exposed_env = @file_get_contents($main_page.'/.env');
+        $exposed_env = @file_get_contents($protocol . $host.'/.env');

        if ($exposed_env) {
            $start_settings['env_exposed'] = true;
@@ -147,7 +137,8 @@ class SettingsController extends Controller
        try {
            Mail::send('emails.test', [], function ($m) {
                $m->to(config('mail.from.address'), config('mail.from.name'));
-                $m->subject('Test Email from Snipe-IT');
+                $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                $m->subject(trans('mail.test_email'));
            });
            return 'success';
        } catch (Exception $e) {
@@ -194,16 +185,19 @@ class SettingsController extends Controller
            return redirect()->back()->withInput()->withErrors($user->getErrors())->withErrors($settings->getErrors());
        } else {
            $user->save();
+            Auth::login($user, true);
            $settings->save();
-            
+
            if (Input::get('email_creds')=='1') {
                Mail::send(['text' => 'emails.firstadmin'], $data, function ($m) use ($data) {
                    $m->to($data['email'], $data['first_name']);
-                    $m->subject('Your Snipe-IT credentials');
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.your_credentials'));
                });
            }


+
            return redirect()->route('setup.done');
        }

@@ -233,6 +227,7 @@ class SettingsController extends Controller
    */
    public function getSetupDone()
    {
+
        return View::make('setup/done')
        ->with('step', 4)
        ->with('section', 'Done!');
@@ -269,10 +264,7 @@ class SettingsController extends Controller
    */
    public function getIndex()
    {
-        // Grab all the settings
        $settings = Setting::all();
-
-        // Show the page
        return View::make('settings/index', compact('settings'));
    }

@@ -323,12 +315,19 @@ class SettingsController extends Controller
                $setting->logo = $file_name;
            }
        }
-        

-        if (config('app.lock_passwords')==false) {
+
+        if (!config('app.lock_passwords')) {
            $setting->site_name = e(Input::get('site_name'));
            $setting->brand = e(Input::get('brand'));
            $setting->custom_css = e(Input::get('custom_css'));
+
+            if (Input::get('two_factor_enabled')=='') {
+                $setting->two_factor_enabled = null;
+            } else {
+                $setting->two_factor_enabled = e(Input::get('two_factor_enabled'));
+            }
+
        }

        if (Input::get('per_page')!='') {
@@ -348,11 +347,13 @@ class SettingsController extends Controller
        $setting->qr_text = e(Input::get('qr_text'));
        $setting->auto_increment_prefix = e(Input::get('auto_increment_prefix'));
        $setting->auto_increment_assets = e(Input::get('auto_increment_assets', '0'));
+        $setting->zerofill_count = e(Input::get('zerofill_count'));
        $setting->alert_interval = e(Input::get('alert_interval'));
        $setting->alert_threshold = e(Input::get('alert_threshold'));
        $setting->email_domain = e(Input::get('email_domain'));
        $setting->email_format = e(Input::get('email_format'));
        $setting->username_format = e(Input::get('username_format'));
+        $setting->require_accept_signature = e(Input::get('require_accept_signature'));


        $setting->labels_per_page = e(Input::get('labels_per_page'));
@@ -368,6 +369,7 @@ class SettingsController extends Controller
        $setting->labels_pagewidth = e(Input::get('labels_pagewidth'));
        $setting->labels_pageheight = e(Input::get('labels_pageheight'));

+
        if (Input::has('labels_display_name')) {
            $setting->labels_display_name = 1;
        } else {
@@ -387,7 +389,7 @@ class SettingsController extends Controller
        }

        $alert_email = rtrim(Input::get('alert_email'), ',');
-        $alert_email = trim(Input::get('alert_email'));
+        $alert_email = trim($alert_email);

        $setting->alert_email = e($alert_email);
        $setting->alerts_enabled = e(Input::get('alerts_enabled', '0'));
@@ -415,11 +417,11 @@ class SettingsController extends Controller
        $setting->ldap_email = e(Input::get('ldap_email'));
        $setting->ad_domain = e(Input::get('ad_domain'));
        $setting->is_ad = e(Input::get('is_ad', '0'));
+        $setting->ldap_tls = e(Input::get('ldap_tls', '0'));
+        $setting->ldap_pw_sync = e(Input::get('ldap_pw_sync', '0'));

-        // If validation fails, we'll exit the operation now.
        if ($setting->save()) {
            return redirect()->to("admin/settings/app")->with('success', trans('admin/settings/message.update.success'));
-
        } else {
            return redirect()->back()->withInput()->withErrors($setting->getErrors());
        }
@@ -479,7 +481,7 @@ class SettingsController extends Controller

            }
            closedir($handle);
-            $files = array_reverse($files);
+            rsort($files);
        }


--- a/app/Http/Controllers/StatuslabelsController.php
+++ b/app/Http/Controllers/StatuslabelsController.php
@@ -47,23 +47,32 @@ class StatuslabelsController extends Controller
    {
        $colors = [];

-        $statuslabels = Statuslabel::get();
+        $statuslabels = Statuslabel::with('assets')->get();
        $labels=[];
        $points=[];
-
+        $colors=[];
        foreach ($statuslabels as $statuslabel) {
-            $labels[]=$statuslabel->name;
-            $points[]=$statuslabel->assets()->whereNull('assigned_to')->count();
+            if ($statuslabel->assets->count() > 0) {
+                $labels[]=$statuslabel->name;
+                $points[]=$statuslabel->assets()->whereNull('assigned_to')->count();
+                if ($statuslabel->color!='') {
+                    $colors[]=$statuslabel->color;
+                }
+            }
+
+
        }
        $labels[]='Deployed';
        $points[]=Asset::whereNotNull('assigned_to')->count();

+        $colors_array = array_merge($colors, Helper::chartColors());
+
        $result= [
            "labels" => $labels,
            "datasets" => [ [
                "data" => $points,
-                "backgroundColor" => Helper::chartColors(),
-                "hoverBackgroundColor" =>  Helper::chartColors()
+                "backgroundColor" => $colors_array,
+                "hoverBackgroundColor" =>  $colors_array
            ]]
        ];
        return $result;
@@ -78,11 +87,11 @@ class StatuslabelsController extends Controller
    public function getCreate()
    {
        // Show the page
-        $statuslabel = new Statuslabel;
-        $use_statuslabel_type = $statuslabel->getStatuslabelType();
+        $item = new Statuslabel;
+        $use_statuslabel_type = $item->getStatuslabelType();
        $statuslabel_types = Helper::statusTypeList();

-        return View::make('statuslabels/edit', compact('statuslabel_types', 'statuslabel'))->with('use_statuslabel_type', $use_statuslabel_type);
+        return View::make('statuslabels/edit', compact('statuslabel_types', 'item'))->with('use_statuslabel_type', $use_statuslabel_type);
    }


@@ -110,6 +119,8 @@ class StatuslabelsController extends Controller
        $statuslabel->deployable          =  $statustype['deployable'];
        $statuslabel->pending          =  $statustype['pending'];
        $statuslabel->archived          =  $statustype['archived'];
+        $statuslabel->color          =  e(Input::get('color'));
+        $statuslabel->show_in_nav          =  e(Input::get('show_in_nav'),0);


        // Was the asset created?
@@ -158,16 +169,16 @@ class StatuslabelsController extends Controller
    public function getEdit($statuslabelId = null)
    {
        // Check if the Statuslabel exists
-        if (is_null($statuslabel = Statuslabel::find($statuslabelId))) {
+        if (is_null($item = Statuslabel::find($statuslabelId))) {
            // Redirect to the blogs management page
            return redirect()->to('admin/settings/statuslabels')->with('error', trans('admin/statuslabels/message.does_not_exist'));
        }

-        $use_statuslabel_type = $statuslabel->getStatuslabelType();
+        $use_statuslabel_type = $item->getStatuslabelType();

        $statuslabel_types = array('' => trans('admin/hardware/form.select_statustype')) + array('undeployable' => trans('admin/hardware/general.undeployable')) + array('pending' => trans('admin/hardware/general.pending')) + array('archived' => trans('admin/hardware/general.archived')) + array('deployable' => trans('admin/hardware/general.deployable'));

-        return View::make('statuslabels/edit', compact('statuslabel', 'statuslabel_types'))->with('use_statuslabel_type', $use_statuslabel_type);
+        return View::make('statuslabels/edit', compact('item', 'statuslabel_types'))->with('use_statuslabel_type', $use_statuslabel_type);
    }


@@ -197,6 +208,8 @@ class StatuslabelsController extends Controller
        $statuslabel->deployable          =  $statustype['deployable'];
        $statuslabel->pending          =  $statustype['pending'];
        $statuslabel->archived          =  $statustype['archived'];
+        $statuslabel->color          =  e(Input::get('color'));
+        $statuslabel->show_in_nav          =  e(Input::get('show_in_nav'),0);


        // Was the asset created?
@@ -247,7 +260,7 @@ class StatuslabelsController extends Controller

    public function getDatatable()
    {
-        $statuslabels = Statuslabel::select(array('id','name','deployable','pending','archived'))
+        $statuslabels = Statuslabel::select(array('id','name','deployable','pending','archived','color','show_in_nav'))
        ->whereNull('deleted_at');

        if (Input::has('search')) {
@@ -291,10 +304,19 @@ class StatuslabelsController extends Controller

            $actions = '<a href="'.route('update/statuslabel', $statuslabel->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/statuslabel', $statuslabel->id).'" data-content="'.trans('admin/statuslabels/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($statuslabel->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';

+            if ($statuslabel->color!='') {
+                $color = '<div class="pull-left" style="margin-right: 5px; height: 20px; width: 20px; background-color: '.e($statuslabel->color).'"></div>'.e($statuslabel->color);
+            } else {
+                $color = '';
+            }
+
+
            $rows[] = array(
                'id'            => e($statuslabel->id),
                'type'          => e($label_type),
                'name'          => e($statuslabel->name),
+                'color'          => $color,
+                'show_in_nav' => ($statuslabel->show_in_nav=='1') ? trans('general.yes') : trans('general.no'),
                'actions'       => $actions
            );
        }
--- a/app/Http/Controllers/SuppliersController.php
+++ b/app/Http/Controllers/SuppliersController.php
@@ -45,7 +45,7 @@ class SuppliersController extends Controller
     */
    public function getCreate()
    {
-        return View::make('suppliers/edit')->with('supplier', new Supplier);
+        return View::make('suppliers/edit')->with('item', new Supplier);
    }


@@ -125,13 +125,13 @@ class SuppliersController extends Controller
    public function getEdit($supplierId = null)
    {
        // Check if the supplier exists
-        if (is_null($supplier = Supplier::find($supplierId))) {
+        if (is_null($item = Supplier::find($supplierId))) {
            // Redirect to the supplier  page
            return redirect()->to('admin/settings/suppliers')->with('error', trans('admin/suppliers/message.does_not_exist'));
        }

        // Show the page
-        return View::make('suppliers/edit', compact('supplier'));
+        return View::make('suppliers/edit', compact('item'));
    }


@@ -242,7 +242,7 @@ class SuppliersController extends Controller

    public function getDatatable()
    {
-        $suppliers = Supplier::select(array('id','name','address','address2','city','state','country','fax', 'phone','email','contact'))
+        $suppliers = Supplier::with('assets', 'licenses')->select(array('id','name','address','address2','city','state','country','fax', 'phone','email','contact'))
        ->whereNull('deleted_at');

        if (Input::has('search')) {
@@ -283,8 +283,8 @@ class SuppliersController extends Controller
                'phone'             => e($supplier->phone),
                'fax'             => e($supplier->fax),
                'email'             => ($supplier->email!='') ? '<a href="mailto:'.e($supplier->email).'">'.e($supplier->email).'</a>' : '',
-                'assets'            => $supplier->num_assets(),
-                'licenses'          => $supplier->num_licenses(),
+                'assets'            => $supplier->assets->count(),
+                'licenses'          => $supplier->licenses->count(),
                'actions'           => $actions
            );
        }
--- a/app/Http/Controllers/UsersController.php
+++ b/app/Http/Controllers/UsersController.php
@@ -14,6 +14,7 @@ use App\Models\Setting;
 use App\Models\Statuslabel;
 use App\Http\Requests\SaveUserRequest;
 use App\Http\Requests\UpdateUserRequest;
+use Symfony\Component\HttpFoundation\StreamedResponse;
 use App\Models\User;
 use App\Models\Ldap;
 use Auth;
@@ -33,6 +34,7 @@ use Symfony\Component\HttpFoundation\JsonResponse;
 use URL;
 use View;
 use Illuminate\Http\Request;
+use Gate;

 /**
 * This controller handles all actions related to Users for
@@ -80,6 +82,7 @@ class UsersController extends Controller

        $permissions = config('permissions');
        $userPermissions = Helper::selectedPermissionsArray($permissions, Input::old('permissions', array()));
+        $permissions = $this->filterDisplayable($permissions);

        $location_list = Helper::locationsList();
        $manager_list = Helper::managerList();
@@ -122,7 +125,16 @@ class UsersController extends Controller
        $user->company_id = e(Company::getIdForUser($request->input('company_id')));
        $user->manager_id = e($request->input('manager_id'));
        $user->notes = e($request->input('notes'));
-        $user->permissions = json_encode($request->input('permission'));
+
+        // Strip out the superuser permission if the user isn't a superadmin
+        $permissions_array = $request->input('permission');
+
+        if (!Auth::user()->isSuperUser()) {
+            unset($permissions_array['superuser']);
+        }
+
+        $user->permissions =  json_encode($permissions_array);
+


        if ($user->manager_id == "") {
@@ -145,7 +157,7 @@ class UsersController extends Controller
            } else {
                $user->groups()->sync(array());
            }
-            
+
            if (($request->input('email_user') == 1) && ($request->has('email'))) {
              // Send the credentials through email
                $data = array();
@@ -156,7 +168,8 @@ class UsersController extends Controller

                Mail::send('emails.send-login', $data, function ($m) use ($user) {
                    $m->to($user->email, $user->first_name . ' ' . $user->last_name);
-                    $m->subject('Welcome ' . $user->first_name);
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.welcome', ['name' => $user->first_name]));
                });
            }
            return redirect::route('users')->with('success', trans('admin/users/message.success.create'));
@@ -208,7 +221,8 @@ class UsersController extends Controller

                Mail::send('emails.send-login', $data, function ($m) use ($user) {
                    $m->to($user->email, $user->first_name . ' ' . $user->last_name);
-                    $m->subject('Welcome ' . $user->first_name);
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.welcome', ['name' => $user->first_name]));
                });
            }

@@ -230,6 +244,17 @@ class UsersController extends Controller
    * @param int $id
    * @return View
    */
+
+    private function filterDisplayable($permissions) {
+        $output = null;
+        foreach($permissions as $key=>$permission) {
+                $output[$key] = array_filter($permission, function($p) {
+                    return $p['display'] === true;
+                });
+            }
+        return $output;
+    }
+
    public function getEdit($id = null)
    {
        try {
@@ -246,7 +271,7 @@ class UsersController extends Controller
            $userGroups = $user->groups()->pluck('name', 'id');
            $user->permissions = $user->decodePermissions();
            $userPermissions = Helper::selectedPermissionsArray($permissions, $user->permissions);
-
+            $permissions = $this->filterDisplayable($permissions);
            $location_list = Helper::locationsList();
            $company_list = Helper::companyList();
            $manager_list = Helper::managerList();
@@ -279,33 +304,48 @@ class UsersController extends Controller
        // permissions here before we update the user.
        $permissions = $request->input('permissions', array());
        app('request')->request->set('permissions', $permissions);
-
        // Only update the email address if locking is set to false
        if (config('app.lock_passwords')) {
            return redirect()->route('users')->with('error', 'Denied! You cannot update user information on the demo.');
        }

        try {
-            // Get the user information
+
            $user = User::find($id);

+            // Figure out of this user was an admin before this edit
+            $orig_permissions_array = $user->decodePermissions();
+
+            if (is_array($orig_permissions_array)) {
+                if (array_key_exists('superuser', $orig_permissions_array)) {
+                    $orig_superuser = $orig_permissions_array['superuser'];
+                } else {
+                    $orig_superuser = '0';
+                }
+            } else {
+                $orig_superuser = '0';
+            }
+
+
            if (!Company::isCurrentUserHasAccess($user)) {
                return redirect()->route('users')->with('error', trans('general.insufficient_permissions'));
            }
+            
        } catch (UserNotFoundException $e) {
-            // Prepare the error message
            $error = trans('admin/users/message.user_not_found', compact('id'));
-
-            // Redirect to the user management page
            return redirect()->route('users')->with('error', $error);
        }

-        // First handle anything exclusive to editing.
-        if ($request->has('groups')) {
-            $user->groups()->sync($request->input('groups'));
-        } else {
-            $user->groups()->sync(array());
+
+        // Only save groups if the user is a super user
+        if (Auth::user()->isSuperUser()) {
+            if ($request->has('groups')) {
+                $user->groups()->sync($request->input('groups'));
+            } else {
+                $user->groups()->sync(array());
+            }
        }
+
        // Do we want to update the user password?
        if ($request->has('password')) {
            $user->password = bcrypt($request->input('password'));
@@ -319,6 +359,7 @@ class UsersController extends Controller
       // Update the user
        $user->first_name = e($request->input('first_name'));
        $user->last_name = e($request->input('last_name'));
+        $user->two_factor_optin = e($request->input('two_factor_optin'));
        $user->locale = e($request->input('locale'));
        $user->employee_num = e($request->input('employee_num'));
        $user->activated = e($request->input('activated', $user->activated));
@@ -328,8 +369,17 @@ class UsersController extends Controller
        $user->company_id = e(Company::getIdForUser($request->input('company_id')));
        $user->manager_id = e($request->input('manager_id'));
        $user->notes = e($request->input('notes'));
-        $user->permissions = json_encode($request->input('permission'));

+        // Strip out the superuser permission if the user isn't a superadmin
+        $permissions_array = $request->input('permission');
+
+        if (!Auth::user()->isSuperUser()) {
+            unset($permissions_array['superuser']);
+            $permissions_array['superuser'] = $orig_superuser;
+       }
+
+
+        $user->permissions =  json_encode($permissions_array);

        if ($user->manager_id == "") {
            $user->manager_id = null;
@@ -494,9 +544,10 @@ class UsersController extends Controller

                    // Update the asset log
                    $logaction = new Actionlog();
-                    $logaction->asset_id = $asset->id;
-                    $logaction->checkedout_to = $asset->assigned_to;
-                    $logaction->asset_type = 'hardware';
+                    $logaction->item_id = $asset->id;
+                    $logaction->item_type = Asset::class;
+                    $logaction->target_id = $asset->assigned_to;
+                    $logaction->target_type = User::class;
                    $logaction->user_id = Auth::user()->id;
                    $logaction->note = 'Bulk checkin asset and delete user';
                    $logaction->logaction('checkin from');
@@ -513,9 +564,10 @@ class UsersController extends Controller
                    $accessory_array[] = $accessory->accessory_id;
                    // Update the asset log
                    $logaction = new Actionlog();
-                    $logaction->accessory_id = $accessory->id;
-                    $logaction->checkedout_to = $accessory->assigned_to;
-                    $logaction->asset_type = 'accessory';
+                    $logaction->item_id = $accessory->id;
+                    $logaction->item_type = Accessory::class;
+                    $logaction->target_id = $accessory->assigned_to;
+                    $logaction->target_type = User::class;
                    $logaction->user_id = Auth::user()->id;
                    $logaction->note = 'Bulk checkin accessory and delete user';
                    $logaction->logaction('checkin from');
@@ -527,9 +579,10 @@ class UsersController extends Controller
                    $license_array[] = $license->id;
                    // Update the asset log
                    $logaction = new Actionlog();
-                    $logaction->asset_id = $license->id;
-                    $logaction->checkedout_to = $license->assigned_to;
-                    $logaction->asset_type = 'software';
+                    $logaction->item_id = $license->id;
+                    $logaction->item_type = License::class;
+                    $logaction->target_id = $license->assigned_to;
+                    $logaction->target_type = User::class;
                    $logaction->user_id = Auth::user()->id;
                    $logaction->note = 'Bulk checkin license and delete user';
                    $logaction->logaction('checkin from');
@@ -597,7 +650,7 @@ class UsersController extends Controller

        $user = User::with('assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc')->withTrashed()->find($userId);

-        $userlog = $user->userlog->load('assetlog', 'consumablelog', 'assetlog.model', 'licenselog', 'accessorylog', 'userlog', 'adminlog');
+        $userlog = $user->userlog->load('item');

        if (isset($user->id)) {

@@ -808,7 +861,7 @@ class UsersController extends Controller
                            'phone' => trim(e($row[5])),
                            'jobtitle' => trim(e($row[6])),
                            'employee_num' => trim(e($row[7])),
-                            //'company_id' => Company::getIdForUser($row[8]),
+                            'company_id' => Company::getIdForUser($row[8]),
                            'permissions' => '{"user":1}',
                            'notes' => 'Imported user'
                        );
@@ -828,7 +881,8 @@ class UsersController extends Controller
                                if ($newuser['email']) {
                                    Mail::send('emails.send-login', $data, function ($m) use ($newuser) {
                                        $m->to($newuser['email'], $newuser['first_name'] . ' ' . $newuser['last_name']);
-                                        $m->subject('Welcome ' . $newuser['first_name']);
+                                        $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                                        $m->subject(trans('mail.welcome', ['name' => $newuser['first_name']]));
                                    });
                                }
                            }
@@ -853,7 +907,7 @@ class UsersController extends Controller
    * @see UsersController::getIndex() method that consumed this JSON response
    * @return string JSON
    */
-    public function getDatatable($status = null)
+    public function getDatatable(Request $request, $status = null)
    {

        if (Input::has('offset')) {
@@ -874,8 +928,8 @@ class UsersController extends Controller
            $sort = e(Input::get('sort'));
        }

-        $users = User::select(array('users.id','users.employee_num','users.email','users.username','users.location_id','users.manager_id','users.first_name','users.last_name','users.created_at','users.notes','users.company_id', 'users.deleted_at','users.activated'))
-        ->with('assets', 'accessories', 'consumables', 'licenses', 'manager', 'groups', 'userloc', 'company');
+        $users = User::select(array('users.id','users.employee_num','users.two_factor_enrolled','users.jobtitle','users.email','users.username','users.location_id','users.manager_id','users.first_name','users.last_name','users.created_at','users.notes','users.company_id', 'users.deleted_at','users.activated'))
+        ->with('assets', 'accessories', 'consumables', 'licenses', 'manager', 'groups', 'userloc', 'company','throttle');
        $users = Company::scopeCompanyables($users);

        switch ($status) {
@@ -900,8 +954,9 @@ class UsersController extends Controller
            default:
                $allowed_columns =
                [
-                 'last_name','first_name','email','username','employee_num',
-                 'assets','accessories', 'consumables','licenses','groups','activated','created_at'
+                 'last_name','first_name','email','jobtitle','username','employee_num',
+                 'assets','accessories', 'consumables','licenses','groups','activated','created_at',
+                 'two_factor_enrolled','two_factor_optin'
                ];

                $sort = in_array($sort, $allowed_columns) ? $sort : 'first_name';
@@ -923,38 +978,52 @@ class UsersController extends Controller
            }


-            if (!is_null($user->deleted_at)) {
-
-                $actions .= '<a href="' . route('restore/user', $user->id) . '" class="btn btn-warning btn-sm"><i class="fa fa-share icon-white"></i></a> ';
-            } else {
-
-                if ($user->accountStatus() == 'suspended') {
-                    $actions .= '<a href="' . route('unsuspend/user', $user->id) . '" class="btn btn-default btn-sm"><span class="fa fa-clock-o"></span></a> ';
-                }
-
-                $actions .= '<a href="' . route('update/user', $user->id) . '" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> ';
-
-                $actions .= '<a href="' . route('clone/user', $user->id) . '" class="btn btn-info btn-sm"><i class="fa fa-clone"></i></a>';
-
-                if ((Auth::user()->id !== $user->id) && (!config('app.lock_passwords'))) {
-                    $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/user', $user->id) . '" data-content="Are you sure you wish to delete this user?" data-title="Delete ' . htmlspecialchars($user->first_name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a> ';
+                if (!is_null($user->deleted_at)) {
+                    if (Gate::allows('users.delete')) {
+                        $actions .= '<a href="' . route('restore/user',
+                                $user->id) . '" class="btn btn-warning btn-sm"><i class="fa fa-share icon-white"></i></a> ';
+                    }
                } else {
-                    $actions .= ' <span class="btn delete-asset btn-danger btn-sm disabled"><i class="fa fa-trash icon-white"></i></span>';
+
+                    if (Gate::allows('users.delete')) {
+                        if ($user->accountStatus() == 'suspended') {
+                            $actions .= '<a href="' . route('unsuspend/user',
+                                    $user->id) . '" class="btn btn-default btn-sm"><span class="fa fa-clock-o"></span></a> ';
+                        }
+                    }
+                    if (Gate::allows('users.edit')) {
+                        $actions .= '<a href="' . route('update/user',
+                                $user->id) . '" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> ';
+
+                        $actions .= '<a href="' . route('clone/user',
+                                $user->id) . '" class="btn btn-info btn-sm"><i class="fa fa-clone"></i></a>';
+                    }
+                    if (Gate::allows('users.delete')) {
+                        if ((Auth::user()->id !== $user->id) && (!config('app.lock_passwords'))) {
+                            $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/user',
+                                    $user->id) . '" data-content="Are you sure you wish to delete this user?" data-title="Delete ' . htmlspecialchars($user->first_name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a> ';
+                        } else {
+                            $actions .= ' <span class="btn delete-asset btn-danger btn-sm disabled"><i class="fa fa-trash icon-white"></i></span>';
+                        }
+                    } else {
+                        $actions.='';
+                    }
                }
-            }
+
            $actions .= '</nobr>';

            $rows[] = array(
                'id'         => $user->id,
                'checkbox'      => ($status!='deleted') ? '<div class="text-center hidden-xs hidden-sm"><input type="checkbox" name="edit_user['.e($user->id).']" class="one_required"></div>' : '',
-                'name'          => '<a title="'.e($user->fullName()).'" href="../admin/users/'.e($user->id).'/view">'.e($user->fullName()).'</a>',
+                'name'          => '<a title="'.e($user->fullName()).'" href="'.config('app.url').'/admin/users/'.e($user->id).'/view">'.e($user->fullName()).'</a>',
+                'jobtitle'          => e($user->jobtitle),
                'email'         => ($user->email!='') ?
                            '<a href="mailto:'.e($user->email).'" class="hidden-md hidden-lg">'.e($user->email).'</a>'
                            .'<a href="mailto:'.e($user->email).'" class="hidden-xs hidden-sm"><i class="fa fa-envelope"></i></a>'
                            .'</span>' : '',
                'username'         => e($user->username),
                'location'      => ($user->userloc) ? e($user->userloc->name) : '',
-                'manager'         => ($user->manager) ? '<a title="' . e($user->manager->fullName()) . '" href="users/' . e($user->manager->id) . '/view">' . e($user->manager->fullName()) . '</a>' : '',
+                'manager'         => ($user->manager) ? '<a title="' . e($user->manager->fullName()) . '" href="'.config('app.url').'/' . e($user->manager->id) . '/view">' . e($user->manager->fullName()) . '</a>' : '',
                'assets'        => $user->assets->count(),
                'employee_num'  => e($user->employee_num),
                'licenses'        => $user->licenses->count(),
@@ -962,8 +1031,10 @@ class UsersController extends Controller
                'consumables'        => $user->consumables->count(),
                'groups'        => $group_names,
                'notes'         => e($user->notes),
+                'two_factor_enrolled'        => ($user->two_factor_enrolled=='1') ? '<i class="fa fa-check text-success"></i>' : '<i class="fa fa-times  text-danger"></i>',
+                'two_factor_optin'        => (($user->two_factor_optin=='1') || (Setting::getSettings()->two_factor_enabled=='2') ) ? '<i class="fa fa-check text-success"></i>' : '<i class="fa fa-times  text-danger"></i>',
                'created_at' => ($user->created_at!='')  ? e($user->created_at->format('F j, Y h:iA')) : '',
-                'activated'      => ($user->activated=='1') ? '<i class="fa fa-check"></i>' : '<i class="fa fa-times"></i>',
+                'activated'      => ($user->activated=='1') ? '<i class="fa fa-check text-success"></i>' : '<i class="fa fa-times  text-danger"></i>',
                'actions'       => ($actions) ? $actions : '',
                'companyName'   => is_null($user->company) ? '' : e($user->company->name)
            );
@@ -1003,12 +1074,12 @@ class UsersController extends Controller

              //Log the deletion of seats to the log
                $logaction = new Actionlog();
-                $logaction->asset_id = $user->id;
-                $logaction->asset_type = 'user';
+                $logaction->item_id = $user->id;
+                $logaction->item_type = User::class;
                $logaction->user_id = Auth::user()->id;
                $logaction->note = e(Input::get('notes'));
-                $logaction->checkedout_to = null;
-                $logaction->created_at = date("Y-m-d h:i:s");
+                $logaction->target_id = null;
+                $logaction->created_at = date("Y-m-d H:i:s");
                $logaction->filename = $filename;
                $logaction->action_type = 'uploaded';
                $logaction->save();
@@ -1079,7 +1150,7 @@ class UsersController extends Controller
                return redirect()->route('users')->with('error', trans('general.insufficient_permissions'));
            } else {
                $log = Actionlog::find($fileId);
-                $file = $log->get_src();
+                $file = $log->get_src('users');
                return Response::download($file);
            }
        } else {
@@ -1135,7 +1206,6 @@ class UsersController extends Controller

    protected $ldapValidationRules = array(
        'firstname' => 'required|string|min:2',
-        'lastname' => 'required|string|min:2',
        'employee_number' => 'string',
        'username' => 'required|min:2|unique:users,username',
        'email' => 'email|unique:users,email',
@@ -1148,7 +1218,7 @@ class UsersController extends Controller
    * @since [v1.8]
    * @return Redirect
    */
-    public function postLDAP()
+    public function postLDAP(Request $request)
    {
        ini_set('max_execution_time', 600); //600 seconds = 10 minutes
        ini_set('memory_limit', '500M');
@@ -1161,9 +1231,6 @@ class UsersController extends Controller
        $ldap_result_emp_num = Setting::getSettings()->ldap_emp_num;
        $ldap_result_email = Setting::getSettings()->ldap_email;

-
-        $location_id = e(Input::get('location_id'));
-
        try {
            $ldapconn = Ldap::connectToLdap();
        } catch (\Exception $e) {
@@ -1180,6 +1247,10 @@ class UsersController extends Controller

        $results = Ldap::findLdapUsers();

+        $tmp_pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
+        $pass = bcrypt($tmp_pass);
+
+
        for ($i = 0; $i < $results["count"]; $i++) {
            if (empty($ldap_result_active_flag) || $results[$i][$ldap_result_active_flag][0] == "TRUE") {

@@ -1194,21 +1265,22 @@ class UsersController extends Controller
                $item["createorupdate"] = 'updated';
                if (!$user = User::where('username', $item["username"])->first()) {
                    $user = new User;
+                    $user->password = $pass;
                    $item["createorupdate"] = 'created';
                }

-
              // Create the user if they don't exist.
-                $pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
+

                $user->first_name = e($item["firstname"]);
                $user->last_name = e($item["lastname"]);
                $user->username = e($item["username"]);
                $user->email = e($item["email"]);
                $user->employee_num = e($item["employee_number"]);
-                $user->password = bcrypt($pass);
                $user->activated = 1;
-                $user->location_id = e($location_id);
+                if ($request->input('location_id')!='') {
+                    $user->location_id = e($request->input('location_id'));
+                }
                $user->notes = 'Imported from LDAP';
                $user->ldap_import = 1;

@@ -1218,9 +1290,7 @@ class UsersController extends Controller
                    $item["note"] = $item["createorupdate"];
                    $item["status"]='success';
                } else {
-                  //$errors_array = array($user->getErrors());
                    foreach ($user->getErrors()->getMessages() as $key => $err) {
-                      //echo $user->getErrors();
                        $errors .='<li>'.$err[0];
                    }
                    $item["note"] = $errors;
@@ -1234,7 +1304,7 @@ class UsersController extends Controller



-        return redirect()->route('ldap/user')->with('success', "OK")->with('summary', $summary);
+        return redirect()->route('ldap/user')->with('success', "LDAP Import successful.")->with('summary', $summary);
    }

    /**
@@ -1246,9 +1316,113 @@ class UsersController extends Controller
    */
    public function getAssetList($userId)
    {
-        $assets = Asset::where('assigned_to', '=', $userId)->get();
+        $assets = Asset::where('assigned_to', '=', $userId)->with('model')->get();
        return response()->json($assets);
-        //$foo = Asset::where('assigned_to','=',$userId)->get();
-        //print_r($foo);
    }
+
+    /**
+     * Exports users to CSV
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.5]
+     * @return \Illuminate\Http\Response
+     */
+    public function getExportUserCsv()
+    {
+
+        \Debugbar::disable();
+
+
+        $response = new StreamedResponse(function() {
+            // Open output stream
+            $handle = fopen('php://output', 'w');
+
+            User::with('assets', 'accessories', 'consumables', 'licenses', 'manager', 'groups', 'userloc', 'company','throttle')->orderBy('created_at', 'DESC')->chunk(500, function($users) use($handle) {
+                $headers=[
+                    // strtolower to prevent Excel from trying to open it as a SYLK file
+                    strtolower(trans('general.id')),
+                    trans('admin/companies/table.title'),
+                    trans('admin/users/table.title'),
+                    trans('admin/users/table.employee_num'),
+                    trans('admin/users/table.name'),
+                    trans('admin/users/table.username'),
+                    trans('admin/users/table.email'),
+                    trans('admin/users/table.manager'),
+                    trans('admin/users/table.location'),
+                    trans('general.assets'),
+                    trans('general.licenses'),
+                    trans('general.accessories'),
+                    trans('general.consumables'),
+                    trans('admin/users/table.groups'),
+                    trans('general.notes'),
+                    trans('admin/users/table.activated'),
+                    trans('general.created_at')
+                ];
+                
+                fputcsv($handle, $headers);
+
+                foreach ($users as $user) {
+                    $user_groups = '';
+
+                    foreach ($user->groups as $user_group) {
+                        $user_groups .= $user_group->name.', ';
+                    }
+
+                    // Add a new row with data
+                    $values = [
+                        $user->id,
+                        ($user->company) ? $user->company->name : '',
+                        $user->jobtitle,
+                        $user->employee_num,
+                        $user->fullName(),
+                        $user->username,
+                        $user->email,
+                        ($user->manager) ? $user->manager->fullName() : '',
+                        ($user->location) ? $user->location->name : '',
+                        $user->assets->count(),
+                        $user->licenses->count(),
+                        $user->accessories->count(),
+                        $user->consumables->count(),
+                        $user_groups,
+                        $user->notes,
+                        ($user->activated=='1') ?  trans('general.yes') : trans('general.no'),
+                        $user->created_at,
+
+                    ];
+
+                    fputcsv($handle, $values);
+                }
+            });
+
+            // Close the output stream
+            fclose($handle);
+        }, 200, [
+            'Content-Type' => 'text/csv',
+            'Content-Disposition' => 'attachment; filename="users-'.date('Y-m-d-his').'.csv"',
+        ]);
+
+        return $response;
+
+    }
+
+
+    public function postTwoFactorReset(Request $request)
+    {
+        if (Gate::denies('users.edit')) {
+            return response()->json(['message' => trans('general.insufficient_permissions')], 500);
+        }
+
+        try {
+            $user = User::find($request->get('id'));
+            $user->two_factor_secret = null;
+            $user->two_factor_enrolled = 0;
+            $user->save();
+            return response()->json(['message' => trans('admin/settings/general.two_factor_reset_success')], 200);
+        } catch (\Exception $e) {
+            return response()->json(['message' => trans('admin/settings/general.two_factor_reset_error')], 500);
+        }
+
+    }
+
+
 }
--- a/app/Http/Controllers/ViewAssetsController.php
+++ b/app/Http/Controllers/ViewAssetsController.php
@@ -4,12 +4,14 @@ namespace App\Http\Controllers;
 use App\Models\Accessory;
 use App\Models\Actionlog;
 use App\Models\Asset;
+use App\Models\AssetModel;
+use App\Models\CheckoutRequest;
 use App\Models\Company;
-use App\Models\Consumable;
 use App\Models\Component;
+use App\Models\Consumable;
+use App\Models\License;
 use App\Models\Setting;
 use App\Models\User;
-use App\Models\License;
 use Auth;
 use Config;
 use DB;
@@ -20,6 +22,7 @@ use Redirect;
 use Slack;
 use Validator;
 use View;
+use Illuminate\Http\Request;

 /**
 * This controller handles all actions related to the ability for users
@@ -37,11 +40,18 @@ class ViewAssetsController extends Controller
    public function getIndex()
    {

-        $user = User::with('assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc')->withTrashed()->find(Auth::user()->id);
-
-        $userlog = $user->userlog->load('assetlog', 'consumablelog', 'assetlog.model', 'licenselog', 'accessorylog', 'userlog', 'adminlog');
+        $user = User::with(
+            'assets',
+            'assets.model',
+            'consumables',
+            'accessories',
+            'licenses',
+            'userloc',
+            'userlog'
+        )->withTrashed()->find(Auth::user()->id);


+        $userlog = $user->userlog->load('item', 'user', 'target');

        if (isset($user->id)) {
            return View::make('account/view-assets', compact('user', 'userlog'));
@@ -60,11 +70,132 @@ class ViewAssetsController extends Controller
    {

        $assets = Asset::with('model', 'defaultLoc', 'assetloc', 'assigneduser')->Hardware()->RequestableAssets()->get();
+        $models = AssetModel::with('category')->RequestableModels()->get();

-        return View::make('account/requestable-assets', compact('user', 'assets'));
+        return View::make('account/requestable-assets', compact('user', 'assets', 'models'));
+    }
+
+    public function getRequestedIndex()
+    {
+        $requestedItems = CheckoutRequest::with('user', 'requestedItem')->get();
+        return View::make('admin/requested-assets', compact('requestedItems'));
    }


+    public function getRequestItem($itemType, $itemId = null)
+    {
+        $item = null;
+        $fullItemType = 'App\\Models\\' . studly_case($itemType);
+        if ($itemType == "asset_model") {
+            $itemType = "model";
+        }
+        $item = call_user_func(array($fullItemType, 'find'), $itemId);
+        $user = Auth::user();
+        $quantity = $data['item_quantity'] = Input::has('request-quantity') ? e(Input::get('request-quantity')) : 1;
+
+        $logaction = new Actionlog();
+        $logaction->item_id = $data['asset_id'] = $item->id;
+        $logaction->item_type = $fullItemType;
+        $logaction->created_at = $data['requested_date'] = date("Y-m-d H:i:s");
+        if ($user->location_id) {
+            $logaction->location_id = $user->location_id;
+        }
+        $logaction->target_id = $data['user_id'] = Auth::user()->id;
+        $logaction->target_type = User::class;
+
+        $data['requested_by'] = $user->fullName();
+        $data['item_name'] = $item->name;
+        $data['item_type'] = $itemType;
+
+        if ($fullItemType == Asset::class) {
+            $data['item_url'] = route('view/hardware', $item->id);
+            $slackMessage = ' Asset <'.config('app.url').'/hardware/'.$item->id.'/view'.'|'.$item->showAssetName().'> requested by <'.config('app.url').'/users/'.$item->user_id.'/view'.'|'.$user->fullName().'>.';
+        } else {
+            $data['item_url'] = route("view/${itemType}", $item->id);
+            $slackMessage = $quantity. ' ' . class_basename(strtoupper($logaction->item_type)).' <'.$data['item_url'].'|'.$item->name.'> requested by <'.config('app.url').'/user/'.$item->id.'/view'.'|'.$user->fullName().'>.';
+        }
+
+        $settings = Setting::getSettings();
+
+        if ($settings->slack_endpoint) {
+
+            $slack_settings = [
+                'username' => $settings->botname,
+                'channel' => $settings->slack_channel,
+                'link_names' => true
+            ];
+
+            $slackClient = new \Maknz\Slack\Client($settings->slack_endpoint, $slack_settings);
+        }
+
+        if ($item->isRequestedBy($user)) {
+
+            $item->cancelRequest();
+            $log = $logaction->logaction('request_canceled');
+
+            if (($settings->alert_email!='')  && ($settings->alerts_enabled=='1') && (!config('app.lock_passwords'))) {
+                Mail::send('emails.asset-canceled', $data, function ($m) use ($user, $settings) {
+                    $m->to(explode(',', $settings->alert_email), $settings->site_name);
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.Item_Request_Canceled'));
+                });
+            }
+
+            if ($settings->slack_endpoint) {
+                try {
+                        $slackClient->attach([
+                            'color' => 'good',
+                            'fields' => [
+                                [
+                                    'title' => 'CANCELED:',
+                                    'value' => $slackMessage
+                                ]
+
+                            ]
+                        ])->send('Item Request Canceled');
+
+                } catch (Exception $e) {
+
+                }
+            }
+
+            return redirect()->route('requestable-assets')->with('success')->with('success', trans('admin/hardware/message.requests.canceled'));
+
+        } else {
+            $item->request();
+
+            $log = $logaction->logaction('requested');
+
+
+            if (($settings->alert_email!='')  && ($settings->alerts_enabled=='1') && (!config('app.lock_passwords'))) {
+                Mail::send('emails.asset-requested', $data, function ($m) use ($user, $settings) {
+                    $m->to(explode(',', $settings->alert_email), $settings->site_name);
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.Item_Requested'));
+                });
+            }
+
+            if ($settings->slack_endpoint) {
+                try {
+                        $slackClient->attach([
+                            'color' => 'good',
+                            'fields' => [
+                                [
+                                    'title' => 'REQUESTED:',
+                                    'value' => $slackMessage
+                                ]
+
+                            ]
+                        ])->send('Item Requested');
+
+                } catch (Exception $e) {
+
+                }
+            }
+
+            return redirect()->route('requestable-assets')->with('success')->with('success', trans('admin/hardware/message.requests.success'));
+        }
+    }
    public function getRequestAsset($assetId = null)
    {

@@ -76,17 +207,23 @@ class ViewAssetsController extends Controller
            return redirect()->route('requestable-assets')->with('error', trans('admin/hardware/message.does_not_exist_or_not_requestable'));
        } elseif (!Company::isCurrentUserHasAccess($asset)) {
            return redirect()->route('requestable-assets')->with('error', trans('general.insufficient_permissions'));
+        }
+        // If it's requested, cancel the request.
+        if ($asset->isRequestedBy(Auth::user())) {
+            $asset->cancelRequest();
+            return redirect()->route('requestable-assets')->with('success')->with('success', trans('admin/hardware/message.requests.success'));
        } else {

            $logaction = new Actionlog();
-            $logaction->asset_id = $data['asset_id'] = $asset->id;
-            $logaction->asset_type = $data['asset_type']  = 'hardware';
-            $logaction->created_at = $data['requested_date'] = date("Y-m-d h:i:s");
-
+            $logaction->item_id = $data['asset_id'] = $asset->id;
+            $logaction->item_type = Asset::class;
+            $logaction->created_at = $data['requested_date'] = date("Y-m-d H:i:s");
+            $data['asset_type'] = 'hardware';
            if ($user->location_id) {
                $logaction->location_id = $user->location_id;
            }
-            $logaction->user_id = $data['user_id'] = Auth::user()->id;
+            $logaction->target_id = $data['user_id'] = Auth::user()->id;
+            $logaction->target_type = User::class;
            $log = $logaction->logaction('requested');

            $data['requested_by'] = $user->fullName();
@@ -97,10 +234,13 @@ class ViewAssetsController extends Controller
            if (($settings->alert_email!='')  && ($settings->alerts_enabled=='1') && (!config('app.lock_passwords'))) {
                Mail::send('emails.asset-requested', $data, function ($m) use ($user, $settings) {
                    $m->to(explode(',', $settings->alert_email), $settings->site_name);
-                    $m->subject('Asset Requested');
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.asset_requested'));
                });
            }

+            $asset->request();
+

            if ($settings->slack_endpoint) {

@@ -119,7 +259,7 @@ class ViewAssetsController extends Controller
                            'fields' => [
                                [
                                    'title' => 'REQUESTED:',
-                                    'value' => strtoupper($logaction->asset_type).' asset <'.config('app.url').'/hardware/'.$asset->id.'/view'.'|'.$asset->showAssetName().'> requested by <'.config('app.url').'/hardware/'.$asset->id.'/view'.'|'.Auth::user()->fullName().'>.'
+                                    'value' => class_basename(strtoupper($logaction->item_type)).' asset <'.config('app.url').'/hardware/'.$asset->id.'/view'.'|'.$asset->showAssetName().'> requested by <'.config('app.url').'/hardware/'.$asset->id.'/view'.'|'.Auth::user()->fullName().'>.'
                                ]

                            ]
@@ -137,41 +277,36 @@ class ViewAssetsController extends Controller

    }

+    public function getRequestedAssets()
+    {
+        $checkoutrequests = CheckoutRequest::all();
+
+        return View::make('account/requested-items', compact($checkoutrequests));
+    }
+


    // Get the acceptance screen
    public function getAcceptAsset($logID = null)
    {

-        if (!$findlog = DB::table('asset_logs')->where('id', '=', $logID)->first()) {
+        if (!$findlog = Actionlog::where('id', $logID)->first()) {
            echo 'no record';
            //return redirect()->to('account')->with('error', trans('admin/hardware/message.does_not_exist'));
        }

+        if ($findlog->accepted_id!='') {
+            return redirect()->to('account/view-assets')->with('error', trans('admin/users/message.error.asset_already_accepted'));
+        }

        $user = Auth::user();

-        if ($user->id != $findlog->checkedout_to) {
+
+        if ($user->id != $findlog->item->assigned_to) {
            return redirect()->to('account/view-assets')->with('error', trans('admin/users/message.error.incorrect_user_accepted'));
        }

-        // Asset
-        if (($findlog->asset_id!='') && ($findlog->asset_type=='hardware')) {
-            $item = Asset::find($findlog->asset_id);
-
-        // software
-        } elseif (($findlog->asset_id!='') && ($findlog->asset_type=='software')) {
-            $item = License::find($findlog->asset_id);
-        // accessories
-        } elseif ($findlog->accessory_id!='') {
-            $item = Accessory::find($findlog->accessory_id);
-        // consumable
-        } elseif ($findlog->consumable_id!='') {
-            $item = Consumable::find($findlog->consumable_id);
-        // components
-        } elseif ($findlog->component_id!='') {
-            $item = Component::find($findlog->component_id);
-        }
+        $item = $findlog->item;

        // Check if the asset exists
        if (is_null($item)) {
@@ -180,20 +315,20 @@ class ViewAssetsController extends Controller
        } elseif (!Company::isCurrentUserHasAccess($item)) {
            return redirect()->route('requestable-assets')->with('error', trans('general.insufficient_permissions'));
        } else {
-            return View::make('account/accept-asset', compact('item'))->with('findlog', $findlog);
+            return View::make('account/accept-asset', compact('item'))->with('findlog', $findlog)->with('item',$item);
        }
    }

    // Save the acceptance
-    public function postAcceptAsset($logID = null)
+    public function postAcceptAsset(Request $request, $logID = null)
    {

        // Check if the asset exists
-        if (is_null($findlog = DB::table('asset_logs')->where('id', '=', $logID)->first())) {
+        if (is_null($findlog = Actionlog::where('id', $logID)->first())) {
            // Redirect to the asset management page
            return redirect()->to('account/view-assets')->with('error', trans('admin/hardware/message.does_not_exist'));
        }
-        
+

        if ($findlog->accepted_id!='') {
            // Redirect to the asset management page
@@ -201,15 +336,25 @@ class ViewAssetsController extends Controller
        }

        if (!Input::has('asset_acceptance')) {
-            return redirect()->to('account/view-assets')->with('error', trans('admin/users/message.error.accept_or_decline'));
+            return redirect()->back()->with('error', trans('admin/users/message.error.accept_or_decline'));
        }

        $user = Auth::user();

-        if ($user->id != $findlog->checkedout_to) {
+        if ($user->id != $findlog->item->assigned_to) {
            return redirect()->to('account/view-assets')->with('error', trans('admin/users/message.error.incorrect_user_accepted'));
        }

+        if ($request->has('signature_output')) {
+            $path = config('app.private_uploads').'/signatures';
+            $sig_filename = "siglog-".$findlog->id.'-'.date('Y-m-d-his').".png";
+            $data_uri = e($request->get('signature_output'));
+            $encoded_image = explode(",", $data_uri);
+            $decoded_image = base64_decode($encoded_image[1]);
+            file_put_contents($path."/".$sig_filename, $decoded_image);
+        }
+
+
        $logaction = new Actionlog();

        if (Input::get('asset_acceptance')=='accepted') {
@@ -221,61 +366,35 @@ class ViewAssetsController extends Controller
            $accepted="rejected";
            $return_msg = trans('admin/users/message.declined');
        }
+            $logaction->item_id      = $findlog->item_id;
+            $logaction->item_type    = $findlog->item_type;

        // Asset
-        if (($findlog->asset_id!='') && ($findlog->asset_type=='hardware')) {
-            $logaction->asset_id = $findlog->asset_id;
-            $logaction->accessory_id = null;
-            $logaction->asset_type = 'hardware';
-
+        if (($findlog->item_id!='') && ($findlog->item_type==Asset::class)) {
            if (Input::get('asset_acceptance')!='accepted') {
                DB::table('assets')
-                ->where('id', $findlog->asset_id)
+                ->where('id', $findlog->item_id)
                ->update(array('assigned_to' => null));
            }
-
-
-        // software
-        } elseif (($findlog->asset_id!='') && ($findlog->asset_type=='software')) {
-            $logaction->asset_id = $findlog->asset_id;
-            $logaction->accessory_id = null;
-            $logaction->component_id = null;
-            $logaction->asset_type = 'software';
-
-        // accessories
-        } elseif ($findlog->accessory_id!='') {
-            $logaction->asset_id = null;
-            $logaction->component_id = null;
-            $logaction->accessory_id = $findlog->accessory_id;
-            $logaction->asset_type = 'accessory';
-            // accessories
-        } elseif ($findlog->consumable_id!='') {
-            $logaction->asset_id = null;
-            $logaction->accessory_id = null;
-            $logaction->component_id = null;
-            $logaction->consumable_id = $findlog->consumable_id;
-            $logaction->asset_type = 'consumable';
-        } elseif ($findlog->component_id!='') {
-            $logaction->asset_id = null;
-            $logaction->accessory_id = null;
-            $logaction->consumable_id = null;
-            $logaction->component_id = $findlog->component_id;
-            $logaction->asset_type = 'component';
        }

-        $logaction->checkedout_to = $findlog->checkedout_to;
-
+        $logaction->target_id = $findlog->target_id;
+        $logaction->target_type = User::class;
        $logaction->note = e(Input::get('note'));
-        $logaction->user_id = $user->id;
-        $logaction->accepted_at = date("Y-m-d h:i:s");
+        $logaction->updated_at = date("Y-m-d H:i:s");
+
+
+        if (isset($sig_filename)) {
+            $logaction->accept_signature = $sig_filename;
+        }
        $log = $logaction->logaction($logaction_msg);

-        $update_checkout = DB::table('asset_logs')
+        $update_checkout = DB::table('action_logs')
        ->where('id', $findlog->id)
        ->update(array('accepted_id' => $logaction->id));

-            $affected_asset=$logaction->assetlog;
-            $affected_asset->accepted=$accepted;
+            $affected_asset = $logaction->item;
+            $affected_asset->accepted = $accepted;
            $affected_asset->save();

        if ($update_checkout) {
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@@ -14,7 +14,7 @@ class Kernel extends HttpKernel
     * @var array
     */
    protected $middleware = [
-        \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
+        \MisterPhilip\MaintenanceMode\Http\Middleware\CheckForMaintenanceMode::class,
        \Illuminate\Session\Middleware\StartSession::class,
        \Illuminate\View\Middleware\ShareErrorsFromSession::class,
        \App\Http\Middleware\FrameGuard::class,
@@ -22,6 +22,7 @@ class Kernel extends HttpKernel
        \App\Http\Middleware\NosniffGuard::class,
        \App\Http\Middleware\CheckForSetup::class,
        \Fideloper\Proxy\TrustProxies::class,
+        \App\Http\Middleware\CheckForDebug::class,
    ];

    /**
@@ -35,6 +36,7 @@ class Kernel extends HttpKernel
            \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
            \App\Http\Middleware\VerifyCsrfToken::class,
            \App\Http\Middleware\CheckLocale::class,
+            \App\Http\Middleware\CheckForTwoFactor::class,
        ],

        'api' => [
--- a/app/Http/Middleware/CheckForDebug.php
+++ b/app/Http/Middleware/CheckForDebug.php
@@ -0,0 +1,27 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Auth;
+
+class CheckForDebug
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        view()->share('debug_in_production', false);
+
+        if (((Auth::check() && (Auth::user()->isSuperUser()))) && (app()->environment()=='production') && (config('app.warn_debug')===true) && (config('app.debug')===true)) {
+          view()->share('debug_in_production', true);
+        }
+
+        return $next($request);
+    }
+}
--- a/app/Http/Middleware/CheckForSetup.php
+++ b/app/Http/Middleware/CheckForSetup.php
@@ -14,6 +14,11 @@ class CheckForSetup
    public function handle($request, Closure $next, $guard = null)
    {

+        // This is dumb
+        if ($request->is('_debugbar*')) {
+            return $next($request);
+        }
+
        if (Setting::setupCompleted()) {

            if ($request->is('setup*')) {
@@ -23,7 +28,7 @@ class CheckForSetup
            }

        } else {
-            if (!$request->is('setup*')) {
+            if (!($request->is('setup*')) && !($request->is('.env'))) {
                return redirect(config('app.url').'/setup')->with('Request', $request);
            }

--- a/app/Http/Middleware/CheckForTwoFactor.php
+++ b/app/Http/Middleware/CheckForTwoFactor.php
@@ -0,0 +1,52 @@
+<?php
+namespace App\Http\Middleware;
+
+use App\Models\Setting;
+use Auth;
+use Closure;
+use Illuminate\Support\Facades\Schema;
+use Log;
+
+class CheckForTwoFactor
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+
+        // Skip the logic if the user is on the two factor pages or the setup pages
+        if (($request->route()->getName()=='two-factor') || ($request->route()->getName()=='two-factor-enroll') || ($request->route()->getPrefix()=='setup') || ($request->route()->getName()=='logout')) {
+            return $next($request);
+        }
+
+        // Two-factor is enabled (either optional or required)
+        if (Setting::getSettings()) {
+            if (Auth::check() && (Setting::getSettings()->two_factor_enabled!='')) {
+
+                // This user is already 2fa-authed
+                if ($request->session()->get('2fa_authed')) {
+                    return $next($request);
+                }
+
+                // Two-factor is optional and the user has NOT opted in, let them through
+                if ((Setting::getSettings()->two_factor_enabled=='1') && (Auth::user()->two_factor_optin!='1')) {
+                    return $next($request);
+                }
+
+                // Otherwise make sure they're enrolled and show them the 2FA code screen
+                if ((Auth::user()->two_factor_secret!='') && (Auth::user()->two_factor_enrolled=='1')) {
+                    return redirect()->route('two-factor')->with('info', 'Please enter your two-factor authentication code.');
+                }
+
+                return redirect()->route('two-factor-enroll')->with('success', 'Please enroll a device in two-factor authentication.');
+            }
+        }
+        return $next($request);
+
+    }
+}
--- a/app/Http/Middleware/CheckLocale.php
+++ b/app/Http/Middleware/CheckLocale.php
@@ -21,7 +21,9 @@ class CheckLocale

    public function handle($request, Closure $next, $guard = null)
    {
-        if (Schema::hasTable('settings')) {
+
+
+        if (Setting::getSettings()) {
            // User's preference
            if (($request->user()) && ($request->user()->locale)) {
                \App::setLocale($request->user()->locale);
--- a/app/Http/Middleware/CheckPermissions.php
+++ b/app/Http/Middleware/CheckPermissions.php
@@ -22,7 +22,8 @@ class CheckPermissions
   */
    public function handle($request, Closure $next, $section = null)
    {
-        
+
+
        if (Gate::allows($section)) {
            return $next($request);
        }
--- a/app/Http/Middleware/FrameGuard.php
+++ b/app/Http/Middleware/FrameGuard.php
@@ -15,7 +15,10 @@ class FrameGuard
    public function handle($request, Closure $next)
    {
        $response = $next($request);
-        $response->headers->set('X-Frame-Options', 'SAMEORIGIN', false);
+        if (config('app.allow_iframing') == false) {
+            $response->headers->set('X-Frame-Options', 'SAMEORIGIN', false);
+        }
        return $response;
+
    }
 }
--- a/app/Http/Middleware/RedirectIfAuthenticated.php
+++ b/app/Http/Middleware/RedirectIfAuthenticated.php
@@ -18,7 +18,7 @@ class RedirectIfAuthenticated
    public function handle($request, Closure $next, $guard = null)
    {
        if (Auth::guard($guard)->check()) {
-            return redirect('/');
+            return redirect()->intended('/');
        }

        return $next($request);
--- a/app/Http/Requests/AssetRequest.php
+++ b/app/Http/Requests/AssetRequest.php
@@ -37,6 +37,7 @@ class AssetRequest extends Request
          'supplier_id'     => 'integer',
          'status'          => 'integer',
          'asset_tag'       => 'required',
+          'purchase_cost'   => 'numeric',
    
        ];

--- a/app/Http/Requests/SaveUserRequest.php
+++ b/app/Http/Requests/SaveUserRequest.php
@@ -25,11 +25,10 @@ class SaveUserRequest extends Request
    {
        return [
            'first_name'              => 'required|string|min:1',
-            'last_name'               => 'required|string|min:1',
-            'username'                => 'required|string|min:2|unique:users,username,NULL,deleted_at',
            'email'                   => 'email',
            'password'                => 'required|min:6',
            'password_confirm'        => 'sometimes|required_with:password',
+            'username'                => 'required|string|min:2|unique:users,username,NULL,deleted_at',
        ];
    }
 }
--- a/app/Http/Requests/UpdateUserRequest.php
+++ b/app/Http/Requests/UpdateUserRequest.php
@@ -25,7 +25,6 @@ class UpdateUserRequest extends Request
    {
        return [
            'first_name'              => 'required|string|min:1',
-            'last_name'               => 'required|string|min:1',
            'email'                   => 'email',
            'password_confirm'        => 'sometimes|required_with:password',
        ];
--- a/app/Http/Traits/UniqueUndeletedTrait.php
+++ b/app/Http/Traits/UniqueUndeletedTrait.php
@@ -0,0 +1,23 @@
+<?php
+namespace App\Http\Traits;
+
+trait UniqueUndeletedTrait
+{
+
+    /**
+    * Prepare a unique_ids rule, adding a model identifier if required.
+    *
+    * @param  array  $parameters
+    * @param  string $field
+    * @return string
+    */
+    protected function prepareUniqueUndeletedRule($parameters, $field)
+    {
+        // Only perform a replacement if the model has been persisted.
+        if ($this->exists) {
+            return 'unique_undeleted:'.$this->table.','. $this->getKey();
+        }
+
+        return 'unique_undeleted:'.$this->table.',0';
+    }
+}
--- a/app/Http/routes.php
+++ b/app/Http/routes.php
@@ -1,6 +1,7 @@
 <?php
-use App\Models\Statuslabel;
+use App\Models\CheckoutRequest;
 use App\Models\Location;
+use App\Models\Statuslabel;

 /*
 |--------------------------------------------------------------------------
@@ -78,7 +79,7 @@ Route::group([ 'prefix' => 'api', 'middleware' => 'auth' ], function () {
    /*---Manufacturers API---*/
    Route::group(array('prefix'=>'manufacturers'), function () {
        Route::get('list', array('as'=>'api.manufacturers.list', 'uses'=>'ManufacturersController@getDatatable'));
-        Route::get('{manufacturerID}/view', array('as'=>'api.manufacturers.view', 'uses'=>'ManufacturersController@getDataView'));
+        Route::get('{manufacturerID}/view/{itemtype}', array('as'=>'api.manufacturers.view', 'uses'=>'ManufacturersController@getDataView'));
    });

    /*---Suppliers API---*/
@@ -89,6 +90,7 @@ Route::group([ 'prefix' => 'api', 'middleware' => 'auth' ], function () {
    /*---Users API---*/
    Route::group([ 'prefix' => 'users' ], function () {
        Route::post('/', [ 'as' => 'api.users.store', 'uses' => 'UsersController@store' ]);
+        Route::post('two_factor_reset', [ 'as' => 'api.users.two_factor_reset', 'uses' => 'UsersController@postTwoFactorReset' ]);
        Route::get('list/{status?}', [ 'as' => 'api.users.list', 'uses' => 'UsersController@getDatatable' ]);
        Route::get('{userId}/assets', [ 'as' => 'api.users.assetlist', 'uses' => 'UsersController@getAssetList' ]);
        Route::post('{userId}/upload', [ 'as' => 'upload/user', 'uses' => 'UsersController@postUpload' ]);
@@ -184,79 +186,142 @@ Route::group([ 'prefix' => 'api', 'middleware' => 'auth' ], function () {
 Route::group(
    [ 'prefix' => 'hardware',
    'middleware' => ['web',
-    'auth',
-    'authorize:assets.view']],
+    'auth']],
    function () {

+        Route::get('history', [
+            'as' => 'asset.import-history',
+            'middleware' => 'authorize:assets.checkout',
+            'uses' => 'AssetsController@getImportHistory'
+        ]);
+
+        Route::post('history', [
+            'as' => 'asset.process-import-history',
+            'middleware' => 'authorize:assets.checkout',
+            'uses' => 'AssetsController@postImportHistory'
+        ]);
+
+
        Route::get('create/{model?}', [
                'as'   => 'create/hardware',
+                'middleware' => 'authorize:assets.create',
                'uses' => 'AssetsController@getCreate'
            ]);

        Route::post('create', [
                'as'   => 'savenew/hardware',
+                'middleware' => 'authorize:assets.create',
                'uses' => 'AssetsController@postCreate'
            ]);

        Route::get('{assetId}/edit', [
                'as'   => 'update/hardware',
+                'middleware' => 'authorize:assets.edit',
                'uses' => 'AssetsController@getEdit'
            ]);
        Route::get('/bytag', [
            'as'   => 'findbytag/hardware',
+            'middleware' => 'authorize:assets.view',
            'uses' => 'AssetsController@getAssetByTag'
        ]);

-        Route::get('{assetId}/clone', [ 'as' => 'clone/hardware', 'uses' => 'AssetsController@getClone' ]);
+        Route::get('{assetId}/clone', [
+            'as' => 'clone/hardware',
+            'middleware' => 'authorize:assets.create',
+            'uses' => 'AssetsController@getClone'
+        ]);
+
        Route::post('{assetId}/clone', 'AssetsController@postCreate');
-        Route::get('{assetId}/delete', [ 'as' => 'delete/hardware', 'uses' => 'AssetsController@getDelete' ]);
-        Route::get(
-            '{assetId}/checkout',
-            [ 'as' => 'checkout/hardware', 'uses' => 'AssetsController@getCheckout' ]
-        );
-        Route::post('{assetId}/checkout', 'AssetsController@postCheckout');
-        Route::get(
-            '{assetId}/checkin/{backto?}',
-            [ 'as' => 'checkin/hardware', 'uses' => 'AssetsController@getCheckin' ]
-        );
-        Route::post('{assetId}/checkin/{backto?}', 'AssetsController@postCheckin');
-        Route::get('{assetId}/view', [ 'as' => 'view/hardware', 'uses' => 'AssetsController@getView' ]);
+        Route::get('{assetId}/delete', [
+            'as' => 'delete/hardware',
+            'middleware' => 'authorize:assets.delete',
+            'uses' => 'AssetsController@getDelete'
+        ]);
+        Route::get('{assetId}/checkout', [
+            'as' => 'checkout/hardware',
+            'middleware' => 'authorize:assets.checkout',
+            'uses' => 'AssetsController@getCheckout'
+        ]);
+        Route::post('{assetId}/checkout', [
+            'as' => 'checkout/hardware',
+            'middleware' => 'authorize:assets.checkout',
+            'uses' => 'AssetsController@postCheckout'
+        ]);
+        Route::get('{assetId}/checkin/{backto?}', [
+            'as' => 'checkin/hardware',
+            'middleware' => 'authorize:assets.checkin',
+            'uses' => 'AssetsController@getCheckin'
+        ]);
+
+        Route::post('{assetId}/checkin/{backto?}', [
+            'as' => 'checkin/hardware',
+            'middleware' => 'authorize:assets.checkin',
+            'uses' => 'AssetsController@postCheckin'
+        ]);
+        Route::get('{assetId}/view', [
+            'as' => 'view/hardware',
+            'middleware' => ['authorize:assets.view'],
+            'uses' => 'AssetsController@getView'
+        ]);
        Route::get('{assetId}/qr-view', [ 'as' => 'qr-view/hardware', 'uses' => 'AssetsController@getView' ]);
        Route::get('{assetId}/qr_code', [ 'as' => 'qr_code/hardware', 'uses' => 'AssetsController@getQrCode' ]);
        Route::get('{assetId}/barcode', [ 'as' => 'barcode/hardware', 'uses' => 'AssetsController@getBarCode' ]);
-        Route::get('{assetId}/restore', [ 'as' => 'restore/hardware', 'uses' => 'AssetsController@getRestore' ]);
-        Route::post('{assetId}/upload', [ 'as' => 'upload/asset', 'uses' => 'AssetsController@postUpload' ]);
-        Route::get(
-            '{assetId}/deletefile/{fileId}',
-            [ 'as' => 'delete/assetfile', 'uses' => 'AssetsController@getDeleteFile' ]
-        );
-        Route::get(
-            '{assetId}/showfile/{fileId}',
-            [ 'as' => 'show/assetfile', 'uses' => 'AssetsController@displayFile' ]
-        );
+        Route::get('{assetId}/restore', [
+            'as' => 'restore/hardware',
+            'middleware' => 'authorize:assets.delete',
+            'uses' => 'AssetsController@getRestore'
+        ]);
+        Route::post('{assetId}/upload', [
+            'as' => 'upload/asset',
+            'middleware' => 'authorize:assets.edit',
+            'uses' => 'AssetsController@postUpload'
+        ]);

-        Route::get(
-            'import/delete-import/{filename}',
-            [ 'as' => 'assets/import/delete-file', 'uses' => 'AssetsController@getDeleteImportFile' ]
-        );
+        Route::get('{assetId}/deletefile/{fileId}', [
+            'as' => 'delete/assetfile',
+            'middleware' => 'authorize:assets.edit',
+            'uses' => 'AssetsController@getDeleteFile'
+        ]);

-        Route::get(
-            'import/process/{filename}',
-            [ 'as' => 'assets/import/process-file', 'uses' => 'AssetsController@getProcessImportFile' ]
-        );
+        Route::get('{assetId}/showfile/{fileId}', [
+            'as' => 'show/assetfile',
+            'middleware' => 'authorize:assets.view',
+            'uses' => 'AssetsController@displayFile'
+        ]);

-        Route::get(
-            'import',
-            [ 'as' => 'assets/import', 'uses' => 'AssetsController@getImportUpload' ]
-        );
+        Route::get('import/delete-import/{filename}',  [
+                'as' => 'assets/import/delete-file',
+                'middleware' => 'authorize:assets.create',
+                'uses' => 'AssetsController@getDeleteImportFile'
+        ]);
+
+        Route::post( 'import/process/', [ 'as' => 'assets/import/process-file',
+                'middleware' => 'authorize:assets.create',
+                'uses' => 'AssetsController@postProcessImportFile'
+        ]);
+        Route::get( 'import/delete/{filename}', [ 'as' => 'assets/import/delete-file',
+                'middleware' => 'authorize:assets.create', // TODO What permissions should this require?
+                'uses' => 'AssetsController@getDeleteImportFile'
+        ]);
+
+        Route::get('import',[
+                'as' => 'assets/import',
+                'middleware' => 'authorize:assets.create',
+                'uses' => 'AssetsController@getImportUpload'
+        ]);


-        Route::post('{assetId}/edit', 'AssetsController@postEdit');
+        Route::post('{assetId}/edit',[
+            'as' => 'assets/import',
+            'middleware' => 'authorize:assets.edit',
+            'uses' => 'AssetsController@postEdit'
+        ]);

        Route::post(
            'bulkedit',
            [
                'as'   => 'hardware/bulkedit',
+                'middleware' => 'authorize:assets.edit',
                'uses' => 'AssetsController@postBulkEdit'
            ]
        );
@@ -264,6 +329,7 @@ Route::group(
            'bulkdelete',
            [
                'as'   => 'hardware/bulkdelete',
+                'middleware' => 'authorize:assets.delete',
                'uses' => 'AssetsController@postBulkDelete'
            ]
        );
@@ -271,34 +337,72 @@ Route::group(
            'bulksave',
            [
                'as'   => 'hardware/bulksave',
+                'middleware' => 'authorize:assets.edit',
                'uses' => 'AssetsController@postBulkSave'
            ]
        );

-        # Asset Model Management
-        Route::group([ 'prefix' => 'models', 'middleware' => 'auth' ], function () {
+        # Bulk checkout / checkin
+         Route::get( 'bulkcheckout',  [
+                 'as' => 'hardware/bulkcheckout',
+                 'middleware' => 'authorize:assets.checkout',
+                 'uses' => 'AssetsController@getBulkCheckout'
+         ]);
+        Route::post( 'bulkcheckout',  [
+            'as' => 'hardware/bulkcheckout',
+            'middleware' => 'authorize:assets.checkout',
+            'uses' => 'AssetsController@postBulkCheckout'
+        ]);

-            Route::get('/', [ 'as' => 'models', 'uses' => 'AssetModelsController@getIndex' ]);
-            Route::get('create', [ 'as' => 'create/model', 'uses' => 'AssetModelsController@getCreate' ]);
+        # Asset Model Management
+        Route::group([ 'prefix' => 'models', 'middleware' => ['auth'] ], function () {
+
+            Route::get('create', [ 'as' => 'create/model', 'uses' => 'AssetModelsController@getCreate', 'middleware' => ['authorize:superuser'] ]);
            Route::post('create', 'AssetModelsController@postCreate');
-            Route::get('{modelId}/edit', [ 'as' => 'update/model', 'uses' => 'AssetModelsController@getEdit' ]);
-            Route::post('{modelId}/edit', 'AssetModelsController@postEdit');
+            Route::get('{modelId}/edit', [ 'as' => 'update/model', 'uses' => 'AssetModelsController@getEdit' , 'middleware' => ['authorize:superuser']]);
+            Route::post('{modelId}/edit', [ 'uses' => 'AssetModelsController@postEdit', 'middleware' => ['authorize:superuser']]);
            Route::get('{modelId}/clone', [ 'as' => 'clone/model', 'uses' => 'AssetModelsController@getClone' ]);
            Route::post('{modelId}/clone', 'AssetModelsController@postCreate');
-            Route::get('{modelId}/delete', [ 'as' => 'delete/model', 'uses' => 'AssetModelsController@getDelete' ]);
+            Route::get('{modelId}/delete', [ 'as' => 'delete/model', 'uses' => 'AssetModelsController@getDelete', 'middleware' => ['authorize:superuser'] ]);
            Route::get('{modelId}/view', [ 'as' => 'view/model', 'uses' => 'AssetModelsController@getView' ]);
-            Route::get('{modelID}/restore', [ 'as' => 'restore/model', 'uses' => 'AssetModelsController@getRestore' ]);
+            Route::get('{modelID}/restore', [ 'as' => 'restore/model', 'uses' => 'AssetModelsController@getRestore', 'middleware' => ['authorize:superuser'] ]);
            Route::get('{modelId}/custom_fields', ['as' => 'custom_fields/model','uses' => 'AssetModelsController@getCustomFields']);
+            Route::get('/', [ 'as' => 'models', 'uses' => 'AssetModelsController@getIndex' ,'middleware' => ['authorize:superuser'] ]);
        });

        Route::get('/', [
                'as'   => 'hardware',
+                'middleware' => 'authorize:assets.view',
                'uses' => 'AssetsController@getIndex'
            ]);

    }
 );

+/*
+|--------------------------------------------------------------------------
+| Log Routes
+|--------------------------------------------------------------------------
+|
+| Register all the admin routes.
+|
+*/
+
+Route::group(['middleware' => 'auth'], function () {
+
+    Route::get(
+        'display-sig/{filename}',
+        [
+            'as' => 'log.signature.view',
+            'middleware' => 'authorize:assets.view',
+            'uses' => 'ActionlogController@displaySig' ]
+    );
+
+
+});
+
+
+
 /*
 |--------------------------------------------------------------------------
 | Admin Routes
@@ -310,60 +414,97 @@ Route::group(

 Route::group([ 'prefix' => 'admin','middleware' => ['web','auth']], function () {

+    Route::get('requests',
+        // foreach( CheckoutRequest::with('user')->get() as $requestedItem) {
+        //     echo $requestedItem->user->username . ' requested ' . $requestedItem->requestedItem->name;
+            [
+            'as' => 'requests',
+            'middleware' => 'authorize:admin',
+            'uses' => 'ViewAssetsController@getRequestedIndex'
+            ]);
    # Licenses
    Route::group([ 'prefix' => 'licenses', 'middleware'=>'authorize:licenses.view' ], function () {

-        Route::get('create', [ 'as' => 'create/licenses', 'uses' => 'LicensesController@getCreate' ]);
-        Route::post('create', 'LicensesController@postCreate');
-        Route::get('{licenseId}/edit', [ 'as' => 'update/license', 'uses' => 'LicensesController@getEdit' ]);
-        Route::post('{licenseId}/edit', 'LicensesController@postEdit');
-        Route::get('{licenseId}/clone', [ 'as' => 'clone/license', 'uses' => 'LicensesController@getClone' ]);
-        Route::post('{licenseId}/clone', 'LicensesController@postCreate');
-        Route::get('{licenseId}/delete', [ 'as' => 'delete/license', 'uses' => 'LicensesController@getDelete' ]);
-        Route::get(
-            '{licenseId}/freecheckout',
-            [ 'as' => 'freecheckout/license', 'uses' => 'LicensesController@getFreeLicense' ]
-        );
+        Route::get('create', [ 'as' => 'create/licenses', 'middleware' => 'authorize:licenses.create','uses' => 'LicensesController@getCreate' ]);
+        Route::post('create', [ 'as' => 'create/licenses', 'middleware' => 'authorize:licenses.create','uses' => 'LicensesController@postCreate' ]);
+        Route::get('{licenseId}/edit', [ 'as' => 'update/license', 'middleware' => 'authorize:licenses.edit', 'uses' => 'LicensesController@getEdit' ]);
+        Route::post('{licenseId}/edit', [ 'as' => 'update/license', 'middleware' => 'authorize:licenses.edit', 'uses' => 'LicensesController@postEdit' ]);
+        Route::get('{licenseId}/clone', [ 'as' => 'clone/license', 'middleware' => 'authorize:licenses.create', 'uses' => 'LicensesController@getClone' ]);
+        Route::post('{licenseId}/clone', [ 'as' => 'clone/license', 'middleware' => 'authorize:licenses.create', 'uses' => 'LicensesController@postCreate' ]);
+        Route::get('{licenseId}/delete', [ 'as' => 'delete/license', 'middleware' => 'authorize:licenses.delete', 'uses' => 'LicensesController@getDelete' ]);
+        Route::get('{licenseId}/freecheckout', [
+            'as' => 'freecheckout/license',
+            'middleware' => 'authorize:licenses.checkout',
+            'uses' => 'LicensesController@getFreeLicense'
+        ]);
        Route::get(
            '{licenseId}/checkout',
-            [ 'as' => 'checkout/license', 'uses' => 'LicensesController@getCheckout' ]
+            [ 'as' => 'checkout/license', 'middleware' => 'authorize:licenses.checkout','uses' => 'LicensesController@getCheckout' ]
        );
-        Route::post('{licenseId}/checkout', 'LicensesController@postCheckout');
-        Route::get(
-            '{licenseId}/checkin/{backto?}',
-            [ 'as' => 'checkin/license', 'uses' => 'LicensesController@getCheckin' ]
+        Route::post(
+            '{licenseId}/checkout',
+            [ 'as' => 'checkout/license', 'middleware' => 'authorize:licenses.checkout','uses' => 'LicensesController@postCheckout' ]
        );
-        Route::post('{licenseId}/checkin/{backto?}', 'LicensesController@postCheckin');
-        Route::get('{licenseId}/view', [ 'as' => 'view/license', 'uses' => 'LicensesController@getView' ]);
+        Route::get('{licenseId}/checkin/{backto?}', [
+            'as' => 'checkin/license',
+            'middleware' => 'authorize:licenses.checkin',
+            'uses' => 'LicensesController@getCheckin'
+        ]);
+
+        Route::post('{licenseId}/checkin/{backto?}', [
+            'as' => 'checkin/license',
+            'middleware' => 'authorize:licenses.checkin',
+            'uses' => 'LicensesController@postCheckin'
+        ]);
+
+        Route::get('{licenseId}/view', [
+            'as' => 'view/license',
+            'middleware' => 'authorize:licenses.view',
+            'uses' => 'LicensesController@getView'
+        ]);
+
        Route::post(
            '{licenseId}/upload',
-            [ 'as' => 'upload/license', 'uses' => 'LicensesController@postUpload' ]
+            [ 'as' => 'upload/license', 'middleware' => 'authorize:licenses.edit','uses' => 'LicensesController@postUpload' ]
        );
        Route::get(
            '{licenseId}/deletefile/{fileId}',
-            [ 'as' => 'delete/licensefile', 'uses' => 'LicensesController@getDeleteFile' ]
+            [ 'as' => 'delete/licensefile', 'middleware' => 'authorize:licenses.edit', 'uses' => 'LicensesController@getDeleteFile' ]
        );
        Route::get(
            '{licenseId}/showfile/{fileId}',
-            [ 'as' => 'show/licensefile', 'uses' => 'LicensesController@displayFile' ]
+            [ 'as' => 'show/licensefile', 'middleware' => 'authorize:licenses.view','uses' => 'LicensesController@displayFile' ]
        );
-        Route::get('/', [ 'as' => 'licenses', 'uses' => 'LicensesController@getIndex' ]);
+        Route::get('/', [ 'as' => 'licenses', 'middleware' => 'authorize:licenses.view','uses' => 'LicensesController@getIndex' ]);
    });

    # Asset Maintenances
    Route::group([ 'prefix' => 'asset_maintenances', 'middleware'=>'authorize:assets.view'  ], function () {

-        Route::get(
-            'create/{assetId?}',
-            [ 'as' => 'create/asset_maintenances', 'uses' => 'AssetMaintenancesController@getCreate' ]
-        );
-        Route::post('create/{assetId?}', 'AssetMaintenancesController@postCreate');
-        Route::get('/', [ 'as' => 'asset_maintenances', 'uses' => 'AssetMaintenancesController@getIndex' ]);
-        Route::get(
-            '{assetMaintenanceId}/edit',
-            [ 'as' => 'update/asset_maintenance', 'uses' => 'AssetMaintenancesController@getEdit' ]
-        );
-        Route::post('{assetMaintenanceId}/edit', 'AssetMaintenancesController@postEdit');
+        Route::get('create/{assetId?}',
+            [ 'as' => 'create/asset_maintenances',
+                'middleware' => 'authorize:assets.edit',
+                'uses' => 'AssetMaintenancesController@getCreate'
+            ]);
+
+        Route::post('create/{assetId?}',
+            [ 'as' => 'create/asset_maintenances.save',
+                'middleware' => 'authorize:assets.edit',
+                'uses' => 'AssetMaintenancesController@postCreate'
+            ]);
+
+        Route::get('{assetMaintenanceId}/edit',
+            [ 'as' => 'update/asset_maintenance',
+                'middleware' => 'authorize:assets.edit',
+                'uses' => 'AssetMaintenancesController@getEdit'
+            ]);
+
+        Route::post('{assetMaintenanceId}/edit',
+            [ 'as' => 'update/asset_maintenance.save',
+                'middleware' => 'authorize:assets.edit',
+                'uses' => 'AssetMaintenancesController@postEdit'
+            ]);
+
        Route::get(
            '{assetMaintenanceId}/delete',
            [ 'as' => 'delete/asset_maintenance', 'uses' => 'AssetMaintenancesController@getDelete' ]
@@ -372,89 +513,110 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth']], function ()
            '{assetMaintenanceId}/view',
            [ 'as' => 'view/asset_maintenance', 'uses' => 'AssetMaintenancesController@getView' ]
        );
+
+        Route::get('/', [ 'as' => 'asset_maintenances', 'uses' => 'AssetMaintenancesController@getIndex' ]);
    });

    # Accessories
    Route::group([ 'prefix' => 'accessories', 'middleware'=>'authorize:accessories.view'  ], function () {

-        Route::get('create', [ 'as' => 'create/accessory', 'uses' => 'AccessoriesController@getCreate' ]);
+        Route::get('create', [ 'as' => 'create/accessory', 'middleware' => 'authorize:accessories.create','uses' => 'AccessoriesController@getCreate' ]);
        Route::post('create', 'AccessoriesController@postCreate');
        Route::get(
            '{accessoryID}/edit',
-            [ 'as' => 'update/accessory', 'uses' => 'AccessoriesController@getEdit' ]
+            [ 'as' => 'update/accessory', 'middleware' => 'authorize:accessories.edit','uses' => 'AccessoriesController@getEdit' ]
        );
        Route::post('{accessoryID}/edit', 'AccessoriesController@postEdit');
        Route::get(
            '{accessoryID}/delete',
-            [ 'as' => 'delete/accessory', 'uses' => 'AccessoriesController@getDelete' ]
+            [ 'as' => 'delete/accessory', 'middleware' => 'authorize:accessories.delete','uses' => 'AccessoriesController@getDelete' ]
        );
-        Route::get('{accessoryID}/view', [ 'as' => 'view/accessory', 'uses' => 'AccessoriesController@getView' ]);
+        Route::get('{accessoryID}/view', [ 'as' => 'view/accessory', 'middleware' => 'authorize:accessories.view','uses' => 'AccessoriesController@getView' ]);
        Route::get(
            '{accessoryID}/checkout',
-            [ 'as' => 'checkout/accessory', 'uses' => 'AccessoriesController@getCheckout' ]
+            [ 'as' => 'checkout/accessory', 'middleware' => 'authorize:accessories.checkout','uses' => 'AccessoriesController@getCheckout' ]
        );
-        Route::post('{accessoryID}/checkout', 'AccessoriesController@postCheckout');
+        Route::post(
+            '{accessoryID}/checkout',
+            [ 'as' => 'checkout/accessory', 'middleware' => 'authorize:accessories.checkout','uses' => 'AccessoriesController@postCheckout' ]
+        );
+
        Route::get(
            '{accessoryID}/checkin/{backto?}',
-            [ 'as' => 'checkin/accessory', 'uses' => 'AccessoriesController@getCheckin' ]
+            [ 'as' => 'checkin/accessory', 'middleware' => 'authorize:accessories.checkin','uses' => 'AccessoriesController@getCheckin' ]
+        );
+        Route::post(
+            '{accessoryID}/checkin/{backto?}',
+            [ 'as' => 'checkin/accessory', 'middleware' => 'authorize:accessories.checkin','uses' => 'AccessoriesController@postCheckin' ]
        );
-        Route::post('{accessoryID}/checkin/{backto?}', 'AccessoriesController@postCheckin');

-        Route::get('/', [ 'as' => 'accessories', 'uses' => 'AccessoriesController@getIndex' ]);
+        Route::get('/', [ 'as' => 'accessories', 'middleware'=>'authorize:accessories.view', 'uses' => 'AccessoriesController@getIndex' ]);
    });

    # Consumables
    Route::group([ 'prefix' => 'consumables', 'middleware'=>'authorize:consumables.view'  ], function () {

-        Route::get('create', [ 'as' => 'create/consumable', 'uses' => 'ConsumablesController@getCreate' ]);
-        Route::post('create', 'ConsumablesController@postCreate');
+        Route::get('create', [ 'as' => 'create/consumable','middleware'=>'authorize:consumables.create', 'uses' => 'ConsumablesController@getCreate' ]);
+        Route::post('create', [ 'as' => 'create/consumable','middleware'=>'authorize:consumables.create', 'uses' => 'ConsumablesController@postCreate' ]);
        Route::get(
            '{consumableID}/edit',
-            [ 'as' => 'update/consumable', 'uses' => 'ConsumablesController@getEdit' ]
+            [ 'as' => 'update/consumable', 'middleware'=>'authorize:consumables.edit', 'uses' => 'ConsumablesController@getEdit' ]
+        );
+        Route::post(
+            '{consumableID}/edit',
+            [ 'as' => 'update/consumable', 'middleware'=>'authorize:consumables.edit', 'uses' => 'ConsumablesController@postEdit' ]
        );
-        Route::post('{consumableID}/edit', 'ConsumablesController@postEdit');
        Route::get(
            '{consumableID}/delete',
-            [ 'as' => 'delete/consumable', 'uses' => 'ConsumablesController@getDelete' ]
+            [ 'as' => 'delete/consumable',  'middleware'=>'authorize:consumables.delete','uses' => 'ConsumablesController@getDelete' ]
        );
        Route::get(
            '{consumableID}/view',
-            [ 'as' => 'view/consumable', 'uses' => 'ConsumablesController@getView' ]
+            [ 'as' => 'view/consumable',  'middleware'=>'authorize:consumables.view','uses' => 'ConsumablesController@getView' ]
        );
        Route::get(
            '{consumableID}/checkout',
-            [ 'as' => 'checkout/consumable', 'uses' => 'ConsumablesController@getCheckout' ]
+            [ 'as' => 'checkout/consumable',  'middleware'=>'authorize:consumables.checkout','uses' => 'ConsumablesController@getCheckout' ]
        );
-        Route::post('{consumableID}/checkout', 'ConsumablesController@postCheckout');
-        Route::get('/', [ 'as' => 'consumables', 'uses' => 'ConsumablesController@getIndex' ]);
+        Route::post(
+            '{consumableID}/checkout',
+            [ 'as' => 'checkout/consumable',  'middleware'=>'authorize:consumables.checkout','uses' => 'ConsumablesController@postCheckout' ]
+        );
+        Route::get('/', [ 'as' => 'consumables', 'middleware'=>'authorize:consumables.view','uses' => 'ConsumablesController@getIndex' ]);
    });

    # Components
    Route::group([ 'prefix' => 'components', 'middleware'=>'authorize:components.view'  ], function () {

-        Route::get('create', [ 'as' => 'create/component', 'uses' => 'ComponentsController@getCreate' ]);
-        Route::post('create', 'ComponentsController@postCreate');
+        Route::get('create', [ 'as' => 'create/component', 'middleware'=>'authorize:components.create','uses' => 'ComponentsController@getCreate' ]);
+        Route::post('create', [ 'as' => 'create/component', 'middleware'=>'authorize:components.create','uses' => 'ComponentsController@postCreate' ]);
        Route::get(
            '{componentID}/edit',
-            [ 'as' => 'update/component', 'uses' => 'ComponentsController@getEdit' ]
+            [ 'as' => 'update/component', 'middleware'=>'authorize:components.edit','uses' => 'ComponentsController@getEdit' ]
+        );
+        Route::post(
+            '{componentID}/edit',
+            [ 'as' => 'update/component', 'middleware'=>'authorize:components.edit','uses' => 'ComponentsController@postEdit' ]
        );
-        Route::post('{componentID}/edit', 'ComponentsController@postEdit');
        Route::get(
            '{componentID}/delete',
-            [ 'as' => 'delete/component', 'uses' => 'ComponentsController@getDelete' ]
+            [ 'as' => 'delete/component', 'middleware'=>'authorize:components.delete','uses' => 'ComponentsController@getDelete' ]
        );
        Route::get(
            '{componentID}/view',
-            [ 'as' => 'view/component', 'uses' => 'ComponentsController@getView' ]
+            [ 'as' => 'view/component', 'middleware'=>'authorize:components.view','uses' => 'ComponentsController@getView' ]
        );
        Route::get(
            '{componentID}/checkout',
-            [ 'as' => 'checkout/component', 'uses' => 'ComponentsController@getCheckout' ]
+            [ 'as' => 'checkout/component', 'middleware'=>'authorize:components.checkout','uses' => 'ComponentsController@getCheckout' ]
        );
-        Route::post('{componentID}/checkout', 'ComponentsController@postCheckout');
-        Route::post('bulk', [ 'as' => 'component/bulk-form', 'uses' => 'ComponentsController@postBulk' ]);
-        Route::post('bulksave', [ 'as' => 'component/bulk-save', 'uses' => 'ComponentsController@postBulkSave' ]);
-        Route::get('/', [ 'as' => 'components', 'uses' => 'ComponentsController@getIndex' ]);
+        Route::post(
+            '{componentID}/checkout',
+            [ 'as' => 'checkout/component', 'middleware'=>'authorize:components.checkout','uses' => 'ComponentsController@postCheckout' ]
+        );
+        Route::post('bulk', [ 'as' => 'component/bulk-form', 'middleware'=>'authorize:components.checkout','uses' => 'ComponentsController@postBulk' ]);
+        Route::post('bulksave', [ 'as' => 'component/bulk-save', 'middleware'=>'authorize:components.edit','uses' => 'ComponentsController@postBulkSave' ]);
+        Route::get('/', [ 'as' => 'components', 'middleware'=>'authorize:components.view','uses' => 'ComponentsController@getIndex' ]);
    });

    # Admin Settings Routes (for categories, maufactureres, etc)
@@ -608,7 +770,7 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth']], function ()
                [ 'as' => 'update/location', 'uses' => 'LocationsController@getEdit' ]
            );
            Route::post('{locationId}/edit', 'LocationsController@postEdit');
-            Route::get('{locationId}/view', 'LocationsController@getView');
+            Route::get('{locationId}/view', [ 'as' => 'view/location', 'uses' => 'LocationsController@getView' ]);
            Route::get(
                '{locationId}/delete',
                [ 'as' => 'delete/location', 'uses' => 'LocationsController@getDelete' ]
@@ -638,27 +800,29 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth']], function ()
    Route::get('custom_fields/create-field', ['uses' =>'CustomFieldsController@createField','as' => 'admin.custom_fields.create-field']);
    Route::post('custom_fields/create-field', ['uses' => 'CustomFieldsController@storeField','as' => 'admin.custom_fields.store-field']);
    Route::post('custom_fields/{id}/associate', ['uses' => 'CustomFieldsController@associate','as' => 'admin.custom_fields.associate']);
+    Route::get('custom_fields/{field_id}/{fieldset_id}/disassociate', ['uses' => 'CustomFieldsController@deleteFieldFromFieldset','as' => 'admin.custom_fields.disassociate']);
    Route::match(['DELETE'], 'custom_fields/delete-field/{id}', ['uses' => 'CustomFieldsController@deleteField','as' => 'admin.custom_fields.delete-field']);
    Route::resource('custom_fields', 'CustomFieldsController');

    # User Management
    Route::group([ 'prefix' => 'users', 'middleware' => ['web','auth','authorize:users.view']], function () {

-        Route::get('ldap', ['as' => 'ldap/user', 'uses' => 'UsersController@getLDAP' ]);
+        Route::get('ldap', ['as' => 'ldap/user', 'uses' => 'UsersController@getLDAP', 'middleware' => ['authorize:users.edit'] ]);
        Route::post('ldap', 'UsersController@postLDAP');

-        Route::get('create', [ 'as' => 'create/user', 'uses' => 'UsersController@getCreate' ]);
-        Route::post('create', 'UsersController@postCreate');
-        Route::get('import', [ 'as' => 'import/user', 'uses' => 'UsersController@getImport' ]);
-        Route::post('import', 'UsersController@postImport');
-        Route::get('{userId}/edit', [ 'as' => 'update/user', 'uses' => 'UsersController@getEdit' ]);
-        Route::post('{userId}/edit', 'UsersController@postEdit');
-        Route::get('{userId}/clone', [ 'as' => 'clone/user', 'uses' => 'UsersController@getClone' ]);
-        Route::post('{userId}/clone', 'UsersController@postCreate');
-        Route::get('{userId}/delete', [ 'as' => 'delete/user', 'uses' => 'UsersController@getDelete' ]);
-        Route::get('{userId}/restore', [ 'as' => 'restore/user', 'uses' => 'UsersController@getRestore' ]);
-        Route::get('{userId}/view', [ 'as' => 'view/user', 'uses' => 'UsersController@getView' ]);
-        Route::get('{userId}/unsuspend', [ 'as' => 'unsuspend/user', 'uses' => 'UsersController@getUnsuspend' ]);
+        Route::get('create', [ 'as' => 'create/user', 'uses' => 'UsersController@getCreate', 'middleware' => ['authorize:users.edit']  ]);
+        Route::post('create', [ 'uses' => 'UsersController@postCreate', 'middleware' => ['authorize:users.edit']  ]);
+        Route::get('import', [ 'as' => 'import/user', 'uses' => 'UsersController@getImport', 'middleware' => ['authorize:users.edit']  ]);
+        Route::post('import', [ 'uses' => 'UsersController@postImport', 'middleware' => ['authorize:users.edit']  ]);
+        Route::get('export', [ 'uses' => 'UsersController@getExportUserCsv', 'middleware' => ['authorize:users.view']  ]);
+        Route::get('{userId}/edit', [ 'as' => 'update/user', 'uses' => 'UsersController@getEdit', 'middleware' => ['authorize:users.edit']  ]);
+        Route::post('{userId}/edit', [ 'uses' => 'UsersController@postEdit', 'middleware' => ['authorize:users.edit']  ]);
+        Route::get('{userId}/clone', [ 'as' => 'clone/user', 'uses' => 'UsersController@getClone', 'middleware' => ['authorize:users.edit']  ]);
+        Route::post('{userId}/clone', [ 'uses' => 'UsersController@postCreate', 'middleware' => ['authorize:users.edit']  ]);
+        Route::get('{userId}/delete', [ 'as' => 'delete/user', 'uses' => 'UsersController@getDelete', 'middleware' => ['authorize:users.edit']  ]);
+        Route::get('{userId}/restore', [ 'as' => 'restore/user', 'uses' => 'UsersController@getRestore', 'middleware' => ['authorize:users.edit']  ]);
+        Route::get('{userId}/view', [ 'as' => 'view/user', 'uses' => 'UsersController@getView' , 'middleware' => ['authorize:users.view'] ]);
+        Route::get('{userId}/unsuspend', [ 'as' => 'unsuspend/user', 'uses' => 'UsersController@getUnsuspend', 'middleware' => ['authorize:users.edit'] ]);
        Route::get(
            '{userId}/deletefile/{fileId}',
            [ 'as' => 'delete/userfile', 'uses' => 'UsersController@getDeleteFile' ]
@@ -672,14 +836,16 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth']], function ()
            'bulkedit',
            [
                'as'   => 'users/bulkedit',
-                'uses' => 'UsersController@postBulkEdit'
+                'uses' => 'UsersController@postBulkEdit',
+                'middleware' => ['authorize:users.edit'],
            ]
        );
        Route::post(
            'bulksave',
            [
                'as'   => 'users/bulksave',
-                'uses' => 'UsersController@postBulkSave'
+                'uses' => 'UsersController@postBulkSave',
+                'middleware' => ['authorize:users.edit'],
            ]
        );

@@ -742,6 +908,11 @@ Route::group([ 'prefix' => 'account', 'middleware' => ['web', 'auth']], function
        [ 'as' => 'account/request-asset', 'uses' => 'ViewAssetsController@getRequestAsset' ]
    );

+    Route::post(
+        'request/{itemType}/{itemId}',
+        [ 'as' => 'account/request-item', 'uses' => 'ViewAssetsController@getRequestItem']
+    );
+
    # Account Dashboard
    Route::get('/', [ 'as' => 'account', 'uses' => 'ViewAssetsController@getIndex' ]);

@@ -794,6 +965,12 @@ Route::group(['middleware' => ['web','auth','authorize:reports.view']], function
        'reports/activity',
        [ 'as' => 'reports/activity', 'uses' => 'ReportsController@getActivityReport' ]
    );
+
+    Route::get(
+        'reports/activity/json',
+        [ 'as' => 'api.activity.list', 'uses' => 'ReportsController@getActivityReportDataTable' ]
+    );
+    
    Route::get(
        'reports/unaccepted_assets',
        [ 'as' => 'reports/unaccepted_assets', 'uses' => 'ReportsController@getAssetAcceptanceReport' ]
@@ -860,6 +1037,29 @@ Route::group([ 'prefix' => 'setup', 'middleware' => 'web'], function () {

 });

+Route::get(
+    'two-factor-enroll',
+    [
+        'as' => 'two-factor-enroll',
+        'middleware' => ['web'],
+        'uses' => 'Auth\AuthController@getTwoFactorEnroll' ]
+);
+
+Route::get(
+    'two-factor',
+    [
+        'as' => 'two-factor',
+        'middleware' => ['web'],
+        'uses' => 'Auth\AuthController@getTwoFactorAuth' ]
+);
+
+Route::post(
+    'two-factor',
+    [
+        'as' => 'two-factor',
+        'middleware' => ['web'],
+        'uses' => 'Auth\AuthController@postTwoFactorAuth' ]
+);

 Route::get(
    '/',
@@ -869,8 +1069,24 @@ Route::get(
    'uses' => 'DashboardController@getIndex' ]
 );

+
+
 Route::group(['middleware' => 'web'], function () {
    Route::auth();
+    Route::get(
+        'login',
+        [
+            'as' => 'login',
+            'middleware' => ['web'],
+            'uses' => 'Auth\AuthController@showLoginForm' ]
+    );
+    Route::get(
+        'logout',
+        [
+            'as' => 'logout',
+            'uses' => 'Auth\AuthController@logout' ]
+    );
+
 });

 Route::get('home', function () {
--- a/app/Models/Accessory.php
+++ b/app/Models/Accessory.php
@@ -1,6 +1,8 @@
 <?php
 namespace App\Models;

+use App\Models\Loggable;
+use App\Models\SnipeModel;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Watson\Validating\ValidatingTrait;
@@ -10,10 +12,11 @@ use Watson\Validating\ValidatingTrait;
 *
 * @version    v1.0
 */
-class Accessory extends Model
+class Accessory extends SnipeModel
 {
-    use SoftDeletes;
    use CompanyableTrait;
+    use Loggable;
+    use SoftDeletes;

    protected $dates = ['deleted_at'];
    protected $table = 'accessories';
@@ -22,11 +25,12 @@ class Accessory extends Model
    * Accessory validation rules
    */
    public $rules = array(
-      'name'        => 'required|min:3|max:255',
-      'qty'         => 'required|integer|min:1',
-      'category_id' => 'required|integer',
-      'company_id'  => 'integer',
-      'min_amt'     => 'integer|min:1',
+        'name'              => 'required|min:3|max:255',
+        'qty'               => 'required|integer|min:1',
+        'category_id'       => 'required|integer',
+        'company_id'        => 'integer',
+        'min_amt'           => 'integer|min:0',
+        'purchase_cost'     => 'numeric',
    );


@@ -67,7 +71,7 @@ class Accessory extends Model
    */
    public function assetlog()
    {
-        return $this->hasMany('\App\Models\Actionlog', 'accessory_id')->where('asset_type', '=', 'accessory')->orderBy('created_at', 'desc')->withTrashed();
+        return $this->hasMany('\App\Models\Actionlog', 'item_id')->where('item_type', Accessory::class)->orderBy('created_at', 'desc')->withTrashed();
    }


@@ -81,6 +85,11 @@ class Accessory extends Model
        return $this->belongsToMany('\App\Models\User', 'accessories_users', 'accessory_id', 'assigned_to')->count();
    }

+    public function manufacturer()
+    {
+        return $this->belongsTo('\App\Models\Manufacturer', 'manufacturer_id');
+    }
+
    public function checkin_email()
    {
        return $this->category->checkin_email;
--- a/app/Models/Actionlog.php
+++ b/app/Models/Actionlog.php
@@ -2,9 +2,9 @@
 namespace App\Models;

 use Illuminate\Database\Eloquent\Model;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Log;
 use Illuminate\Database\Eloquent\SoftDeletes;
+use Illuminate\Support\Facades\Auth;
+use Response;

 /**
 * Model for the Actionlog (the table that keeps a historical log of
@@ -12,103 +12,96 @@ use Illuminate\Database\Eloquent\SoftDeletes;
 *
 * @version    v1.0
 */
-class Actionlog extends Model implements ICompanyableChild
+class Actionlog extends Model
 {
    use SoftDeletes;
-    use CompanyableChildTrait;

    protected $dates = [ 'deleted_at' ];

-    protected $table      = 'asset_logs';
+    protected $table      = 'action_logs';
    public $timestamps = true;
-    protected $fillable   = [ 'created_at', 'asset_type' ];
+    protected $fillable   = [ 'created_at', 'item_type','user_id','item_id','action_type','note','target_id', 'target_type' ];

-    public function getCompanyableParents()
+    // Overridden from Builder to automatically add the company
+    public static function boot()
    {
-        return [ 'accessorylog', 'assetlog', 'licenselog', 'consumablelog' ];
+        parent::boot();
+        static::creating( function (Actionlog $actionlog) {
+            // If the admin is a superadmin, let's see if the target instead has a company.
+            if (Auth::user() && Auth::user()->isSuperUser()) {
+                if ($actionlog->target) {
+                    $actionlog->company_id = $actionlog->target->company_id;
+                } else if ($actionlog->item) {
+                    $actionlog->company_id = $actionlog->item->company_id;
+                }
+            } else if (Auth::user() && Auth::user()->company) {
+                $actionlog->company_id = Auth::user()->company_id;
+            }
+        });
+    }
+    // Eloquent Relationships below
+    public function item()
+    {
+        return $this->morphTo('item')->withTrashed();
    }

-    public function assetlog()
+    public function company() {
+        return $this->hasMany('\App\Models\Company', 'id','company_id');
+    }
+
+    public function itemType()
    {

-        return $this->belongsTo('\App\Models\Asset', 'asset_id')
-                    ->withTrashed();
+        if($this->item_type == AssetModel::class) {
+            return "model";
+        }
+        return camel_case(class_basename($this->item_type));
    }

    public function uploads()
    {
-
-        return $this->belongsTo('\App\Models\Asset', 'asset_id')
+        return $this->morphTo('item')
                    ->where('action_type', '=', 'uploaded')
                    ->withTrashed();
    }

-    public function licenselog()
-    {
-
-        return $this->belongsTo('\App\Models\License', 'asset_id')
-                    ->withTrashed();
-    }
-
-    public function componentlog()
-    {
-
-        return $this->belongsTo('\App\Models\Component', 'component_id')
-            ->withTrashed();
-    }
-
-    public function accessorylog()
-    {
-
-        return $this->belongsTo('\App\Models\Accessory', 'accessory_id')
-                    ->withTrashed();
-    }
-
-    public function consumablelog()
-    {
-
-        return $this->belongsTo('\App\Models\Consumable', 'consumable_id')
-                    ->withTrashed();
-    }
-
-    public function adminlog()
-    {
-
-        return $this->belongsTo('\App\Models\User', 'user_id')
-                    ->withTrashed();
-    }
-
    public function userlog()
    {
+        return $this->target();
+    }

-        return $this->belongsTo('\App\Models\User', 'checkedout_to')
+    public function user()
+    {
+        return $this->belongsTo(User::class, 'user_id')
                    ->withTrashed();
    }

+    public function target()
+    {
+        return $this->morphTo('target');
+    }
+
    public function childlogs()
    {
-
        return $this->hasMany('\App\Models\ActionLog', 'thread_id');
    }

    public function parentlog()
    {
-
        return $this->belongsTo('\App\Models\ActionLog', 'thread_id');
    }

    /**
       * Check if the file exists, and if it does, force a download
       **/
-    public function get_src($type = 'assets')
+    public function get_src($type = 'assets', $fieldname = 'filename')
    {
-
-        $file = config('app.private_uploads') . '/' . $type . '/' . $this->filename;
-
+        $file = config('app.private_uploads') . '/' . $type . '/' . $this->{$fieldname};
        return $file;
-
    }

+
+
    /**
       * Get the parent category name
       */
@@ -134,44 +127,36 @@ class Actionlog extends Model implements ICompanyableChild
    public function getListingOfActionLogsChronologicalOrder()
    {

-        return DB::table('asset_logs')
-                 ->select('*')
+        return $this->all()
                 ->where('action_type', '!=', 'uploaded')
-                 ->orderBy('asset_id', 'asc')
+                 ->orderBy('item_id', 'asc')
                 ->orderBy('created_at', 'asc')
                 ->get();
    }

    /**
-       * getLatestCheckoutActionForAssets
-       *
-       * @return mixed
-       * @author  Vincent Sposato <vincent.sposato@gmail.com>
-       * @version v1.0
-       */
-    public function getLatestCheckoutActionForAssets()
+     * Query builder scope to search on text for complex Bootstrap Tables API
+     *
+     * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
+     * @param  text                              $search      Search term
+     *
+     * @return Illuminate\Database\Query\Builder          Modified query builder
+     */
+    public function scopeTextSearch($query, $search)
    {
+        $search = explode(' OR ', $search);

-        return DB::table('asset_logs')
-                 ->select(DB::raw('asset_id, MAX(created_at) as last_created'))
-                 ->where('action_type', '=', 'checkout')
-                 ->groupBy('asset_id')
-                 ->get();
-    }
+        return $query->where(function ($query) use ($search) {

-    /**
-       * scopeCheckoutWithoutAcceptance
-       *
-       * @param $query
-       *
-       * @return mixed
-       * @author  Vincent Sposato <vincent.sposato@gmail.com>
-       * @version v1.0
-       */
-    public function scopeCheckoutWithoutAcceptance($query)
-    {
+            foreach ($search as $search) {
+                $query->where(function ($query) use ($search) {
+                    $query->whereHas('company', function ($query) use ($search) {
+                        $query->where('companies.name', 'LIKE', '%'.$search.'%');
+                    });
+                })->orWhere('action_type', 'LIKE', '%'.$search.'%')
+                    ->orWhere('note', 'LIKE', '%'.$search.'%');
+            }

-        return $query->where('action_type', '=', 'checkout')
-                     ->where('accepted_id', '=', null);
+        });
    }
 }
--- a/app/Models/Asset.php
+++ b/app/Models/Asset.php
@@ -1,19 +1,22 @@
 <?php
 namespace App\Models;

+use App\Helpers\Helper;
+use App\Http\Traits\UniqueUndeletedTrait;
 use App\Models\Actionlog;
 use App\Models\Company;
 use App\Models\Location;
+use App\Models\Loggable;
+use App\Models\Requestable;
+use App\Models\Setting;
+use Auth;
 use Config;
+use DateTime;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Log;
 use Parsedown;
 use Watson\Validating\ValidatingTrait;
-use DateTime;
-use App\Models\Setting;
-use App\Helpers\Helper;
-use Auth;

 /**
 * Model for Assets.
@@ -22,7 +25,9 @@ use Auth;
 */
 class Asset extends Depreciable
 {
+    use Loggable;
    use SoftDeletes;
+    use Requestable;

  /**
  * The database table used by the model.
@@ -40,6 +45,7 @@ class Asset extends Depreciable
  */
    protected $injectUniqueIdentifier = true;
    use ValidatingTrait;
+    use UniqueUndeletedTrait;

    protected $rules = [
    'name'            => 'min:2|max:255',
@@ -51,8 +57,9 @@ class Asset extends Depreciable
    'checkout_date'   => 'date|max:10|min:10',
    'checkin_date'    => 'date|max:10|min:10',
    'supplier_id'     => 'integer',
-    'asset_tag'       => 'required|min:1|max:255|unique:assets,asset_tag,NULL,deleted_at',
+    'asset_tag'       => 'required|min:1|max:255|unique_undeleted',
    'status'          => 'integer',
+    'purchase_cost'   => 'numeric',
    ];


@@ -70,20 +77,36 @@ class Asset extends Depreciable
    }


+    public function availableForCheckout()
+    {
+      return (
+          empty($this->assigned_to) &&
+          $this->assetstatus->deployable == 1 &&
+          empty($this->deleted_at)
+        );
+    }
+
  /**
  * Checkout asset
  */
    public function checkOutToUser($user, $admin, $checkout_at = null, $expected_checkin = null, $note = null, $name = null)
    {
+        if (!$user) {
+            return false;
+        }

        if ($expected_checkin) {
-            $this->expected_checkin = $expected_checkin ;
+            $this->expected_checkin = $expected_checkin;
        }

        $this->last_checkout = $checkout_at;

        $this->assigneduser()->associate($user);
-        $this->name = $name;
+
+        if($name != null)
+        {
+            $this->name = $name;
+        }

        $settings = Setting::getSettings();

@@ -91,9 +114,7 @@ class Asset extends Depreciable
            $this->accepted="pending";
        }

-        if (!$user) {
-            return false;
-        }
+

        if ($this->save()) {

@@ -131,7 +152,8 @@ class Asset extends Depreciable

            \Mail::send('emails.accept-asset', $data, function ($m) use ($user) {
                $m->to($user->email, $user->first_name . ' ' . $user->last_name);
-                $m->subject('Confirm asset delivery');
+                $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                $m->subject(trans('mail.Confirm_asset_delivery'));
            });
        }

@@ -175,8 +197,8 @@ class Asset extends Depreciable

    public function getDetailedNameAttribute()
    {
-        if ($this->assigned_user) {
-            $user_name = $user->fullName();
+        if ($this->assignedUser) {
+            $user_name = $this->assignedUser->fullName();
        } else {
            $user_name = "Unassigned";
        }
@@ -192,10 +214,13 @@ class Asset extends Depreciable
    {

        $logaction = new Actionlog();
-        $logaction->asset_id = $this->id;
-        $logaction->checkedout_to = $this->assigned_to;
-        $logaction->asset_type = 'hardware';
+        $logaction->item_type = Asset::class;
+        $logaction->item_id = $this->id;
+        $logaction->target_type = User::class;
+        // On Checkin, this is the user that previously had the asset.
+        $logaction->target_id = $user->id;
        $logaction->note = $note;
+        $logaction->user_id = $admin->id;
        if ($checkout_at!='') {
            $logaction->created_at = \Carbon\Carbon::createFromFormat('Y-m-d H:i:s', date('Y-m-d H:i:s', strtotime($checkout_at)));
        } else {
@@ -208,15 +233,9 @@ class Asset extends Depreciable
            }
        } else {
            // Update the asset data to null, since it's being checked in
-            $logaction->checkedout_to = $asset->assigned_to;
-            $logaction->checkedout_to = '';
-            $logaction->asset_id = $asset->id;
            $logaction->location_id = null;
-            $logaction->asset_type = 'hardware';
-            $logaction->note = $note;
-            $logaction->user_id = $admin->id;
        }
-        $logaction->adminlog()->associate($admin);
+        $logaction->user()->associate($admin);
        $log = $logaction->logaction($action);

        return $logaction;
@@ -253,8 +272,8 @@ class Asset extends Depreciable
    public function uploads()
    {

-        return $this->hasMany('\App\Models\Actionlog', 'asset_id')
-                  ->where('asset_type', '=', 'hardware')
+        return $this->hasMany('\App\Models\Actionlog', 'item_id')
+                  ->where('item_type', '=', Asset::class)
                  ->where('action_type', '=', 'uploaded')
                  ->whereNotNull('filename')
                  ->orderBy('created_at', 'desc');
@@ -291,8 +310,8 @@ class Asset extends Depreciable
   */
    public function assetlog()
    {
-        return $this->hasMany('\App\Models\Actionlog', 'asset_id')
-                  ->where('asset_type', '=', 'hardware')
+        return $this->hasMany('\App\Models\Actionlog', 'item_id')
+                  ->where('item_type', '=', Asset::class)
                  ->orderBy('created_at', 'desc')
                  ->withTrashed();
    }
@@ -310,8 +329,7 @@ class Asset extends Depreciable
    {

        return $this->hasMany('\App\Models\AssetMaintenance', 'asset_id')
-                  ->orderBy('created_at', 'desc')
-                  ->withTrashed();
+                  ->orderBy('created_at', 'desc');
    }

  /**
@@ -328,7 +346,7 @@ class Asset extends Depreciable
    public static function assetcount()
    {

-        return Asset::where('physical', '=', '1')
+        return Company::scopeCompanyables(Asset::where('physical', '=', '1'))
               ->whereNull('deleted_at', 'and')
               ->count();
    }
@@ -372,12 +390,20 @@ class Asset extends Depreciable
    {

        if ($this->name == '') {
-            return $this->model->name;
+            if ($this->model) {
+                return $this->model->name.' ('.$this->asset_tag.')';
+            }
+            return $this->asset_tag;
        } else {
            return $this->name;
        }
    }

+    public function getDisplayNameAttribute()
+    {
+        return $this->showAssetName();
+    }
+
    public function warrantee_expires()
    {
        $date = date_create($this->purchase_date);
@@ -462,13 +488,24 @@ class Asset extends Depreciable
            $asset_tag = \DB::table('assets')
                ->where('physical', '=', '1')
                ->max('id');
+
+            if ($settings->zerofill_count > 0) {
+                return $settings->auto_increment_prefix.Asset::zerofill(($asset_tag + 1),$settings->zerofill_count);
+            }
            return $settings->auto_increment_prefix.($asset_tag + 1);
        } else {
            return false;
        }
    }

-    public function checkin_email()
+
+    public static function zerofill ($num, $zerofill = 3)
+    {
+        return str_pad($num, $zerofill, '0', STR_PAD_LEFT);
+    }
+
+
+public function checkin_email()
    {
        return $this->model->category->checkin_email;
    }
@@ -545,12 +582,12 @@ class Asset extends Depreciable
    public function scopeAssetsByLocation($query, $location)
    {
        return $query->where(function ($query) use ($location) {
-        
+
            $query->whereHas('assigneduser', function ($query) use ($location) {
-            
+
                $query->where('users.location_id', '=', $location->id);
            })->orWhere(function ($query) use ($location) {
-            
+
                $query->where('assets.rtd_location_id', '=', $location->id);
                $query->whereNull('assets.assigned_to');
            });
@@ -597,6 +634,23 @@ class Asset extends Depreciable
        });
    }

+    /**
+     * Query builder scope for non-Archived assets
+     *
+     * @param  Illuminate\Database\Query\Builder $query Query builder instance
+     *
+     * @return Illuminate\Database\Query\Builder          Modified query builder
+     */
+
+    public function scopeNotArchived($query)
+    {
+
+        return $query->whereHas('assetstatus', function ($query) {
+
+            $query->where('archived', '=', 0);
+        });
+    }
+
  /**
   * Query builder scope for Archived assets
   *
@@ -641,7 +695,7 @@ class Asset extends Depreciable
    public function scopeRequestableAssets($query)
    {

-        return $query->where('requestable', '=', 1)
+        return Company::scopeCompanyables($query->where('requestable', '=', 1))
        ->whereHas('assetstatus', function ($query) {

            $query->where('deployable', '=', 1)
@@ -738,7 +792,7 @@ class Asset extends Depreciable
                        $query->where(function ($query) use ($search) {
                            $query->where('categories.name', 'LIKE', '%'.$search.'%')
                            ->orWhere('models.name', 'LIKE', '%'.$search.'%')
-                            ->orWhere('models.modelno', 'LIKE', '%'.$search.'%');
+                            ->orWhere('models.model_number', 'LIKE', '%'.$search.'%');
                        });
                    });
                })->orWhereHas('model', function ($query) use ($search) {
@@ -806,21 +860,21 @@ class Asset extends Depreciable
    */
    public function scopeOrderModelNumber($query, $order)
    {
-        return $query->join('models', 'assets.model_id', '=', 'models.id')->orderBy('models.modelno', $order);
+        return $query->join('models', 'assets.model_id', '=', 'models.id')->orderBy('models.model_number', $order);
    }


-        /**
-        * Query builder scope to order on assigned user
-        *
-        * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
-        * @param  text                              $order       Order
-        *
-        * @return Illuminate\Database\Query\Builder          Modified query builder
-        */
+    /**
+    * Query builder scope to order on assigned user
+    *
+    * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
+    * @param  text                              $order       Order
+    *
+    * @return Illuminate\Database\Query\Builder          Modified query builder
+    */
    public function scopeOrderAssigned($query, $order)
    {
-        return $query->join('users', 'assets.assigned_to', '=', 'users.id')->orderBy('users.first_name', $order)->orderBy('users.last_name', $order);
+        return $query->leftJoin('users', 'assets.assigned_to', '=', 'users.id')->select('assets.*')->orderBy('users.first_name', $order)->orderBy('users.last_name', $order);
    }

    /**
--- a/app/Models/AssetModel.php
+++ b/app/Models/AssetModel.php
@@ -1,6 +1,8 @@
 <?php
 namespace App\Models;

+use App\Models\Requestable;
+use App\Models\SnipeModel;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Watson\Validating\ValidatingTrait;
@@ -11,16 +13,17 @@ use Watson\Validating\ValidatingTrait;
 *
 * @version    v1.0
 */
-class AssetModel extends Model
+class AssetModel extends SnipeModel
 {
    use SoftDeletes;
+    use Requestable;
    protected $dates = ['deleted_at'];
    protected $table = 'models';

    // Declare the rules for the model validation
    protected $rules = array(
        'name'          => 'required|min:1|max:255',
-        'modelno'           => 'min:1|max:255',
+        'model_number'      => 'min:1|max:255',
        'category_id'       => 'required|integer',
        'manufacturer_id'   => 'required|integer',
        'eol'   => 'integer:min:0|max:240',
@@ -90,8 +93,8 @@ class AssetModel extends Model
    public function displayModelName()
    {
        $name = $this->manufacturer->name.' '.$this->name;
-        if ($this->modelno) {
-            $name .=" / ".$this->modelno;
+        if ($this->model_number) {
+            $name .=" / ".$this->model_number;
        }
        return $name;
    }
@@ -131,6 +134,22 @@ class AssetModel extends Model
        return $query->whereIn('category_id', $categoryIdListing);
    }

+    /**
+     * scopeRequestable
+     * Get all models that are requestable by a user.
+     *
+     * @param       $query
+     *
+     * @return $query
+     * @author  Daniel Meltzer <parallelgrapefruit@gmail.com
+     * @version v3.5
+     */
+    public function scopeRequestableModels($query)
+    {
+
+        return $query->where('requestable', '1');
+    }
+
    /**
    * Query builder scope to search on text
    *
@@ -143,7 +162,7 @@ class AssetModel extends Model
    {

        return $query->where('name', 'LIKE', "%$search%")
-            ->orWhere('modelno', 'LIKE', "%$search%")
+            ->orWhere('model_number', 'LIKE', "%$search%")
            ->orWhere(function ($query) use ($search) {
                $query->whereHas('depreciation', function ($query) use ($search) {
                    $query->where('name', 'LIKE', '%'.$search.'%');
--- a/app/Models/Category.php
+++ b/app/Models/Category.php
@@ -1,6 +1,8 @@
 <?php
 namespace App\Models;

+use App\Http\Traits\UniqueUndeletedTrait;
+use App\Models\SnipeModel;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Watson\Validating\ValidatingTrait;
@@ -13,7 +15,7 @@ use Watson\Validating\ValidatingTrait;
 *
 * @version    v1.0
 */
-class Category extends Model
+class Category extends SnipeModel
 {

    use SoftDeletes;
@@ -25,7 +27,7 @@ class Category extends Model
    */
    public $rules = array(
        'user_id' => 'numeric',
-        'name'   => 'required|min:1|max:255|unique:categories,name,NULL,deleted_at',
+        'name'   => 'required|min:1|max:255|unique_undeleted',
        'category_type'   => 'required',
    );

@@ -38,6 +40,7 @@ class Category extends Model
    */
    protected $injectUniqueIdentifier = true;
    use ValidatingTrait;
+    use UniqueUndeletedTrait;


    /**
--- a/app/Models/CheckoutRequest.php
+++ b/app/Models/CheckoutRequest.php
@@ -0,0 +1,59 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Model;
+
+class CheckoutRequest extends Model
+{
+    //
+    protected $fillable = ['user_id'];
+    protected $table = 'checkout_requests';
+
+    public function user()
+    {
+        return $this->belongsTo(User::class);
+    }
+
+    public function requestingUser()
+    {
+        return $this->user()->first();
+    }
+
+    public function requestedItem()
+    {
+        return $this->morphTo('requestable');
+    }
+
+    public function itemRequested() // Workaround for laravel polymorphic issue that's not being solved :(
+    {
+        return $this->requestedItem()->first();
+    }
+
+    public function itemType()
+    {
+        return snake_case(class_basename($this->requestable_type));
+    }
+
+    public function location()
+    {
+        if ($this->itemType() == "asset") {
+            $asset = $this->itemRequested();
+            if ($asset->assigneduser && $asset->assetloc) {
+                return $asset->assetloc;
+            } elseif ($asset->defaultLoc) {
+                return $asset->defaultLoc;
+            }
+        }
+        return $this->itemRequested()->location;
+    }
+
+    public function name()
+    {
+        if ($this->itemType() == "asset") {
+            return $this->itemRequested()->showAssetName();
+        }
+        return $this->itemRequested()->name;
+
+    }
+}
--- a/app/Models/Company.php
+++ b/app/Models/Company.php
@@ -1,22 +1,27 @@
 <?php
 namespace App\Models;

-use Illuminate\Database\Eloquent\Model;
-use Watson\Validating\ValidatingTrait;
+use App\Models\SnipeModel;
 use Auth;
 use DB;
+use Illuminate\Database\Eloquent\Model;
+use Watson\Validating\ValidatingTrait;

 /**
 * Model for Companies.
 *
 * @version    v1.8
 */
-final class Company extends Model
+final class Company extends SnipeModel
 {
    protected $table = 'companies';

    // Declare the rules for the model validation
-    protected $rules = ['name' => 'required|min:1|max:255|unique:companies,name'];
+    protected $rules = [
+        'name' => 'required|min:1|max:255|unique:companies,name'
+    ];
+
+
    /**
    * Whether the model should inject it's identifier to the unique
    * validation rules before attempting validation. If this property
@@ -55,11 +60,7 @@ final class Company extends Model
            $company_id = null;
        }

-        if ($company_id == null) {
-            return $query;
-        } else {
-            return $query->where($column, '=', $company_id);
-        }
+        return $query->where($column, '=', $company_id);
    }

    public static function getSelectList()
@@ -86,11 +87,17 @@ final class Company extends Model
        } else {
            $current_user = Auth::user();

-            if ($current_user->company_id != null) {
-                return $current_user->company_id;
-            } else {
+            // Super users should be able to set a company to whatever they need
+            if ($current_user->isSuperUser()) {
                return static::getIdFromInput($unescaped_input);
+            } else {
+                if ($current_user->company_id != null) {
+                    return $current_user->company_id;
+                } else {
+                    return static::getIdFromInput($unescaped_input);
+                }
            }
+
        }
    }

@@ -110,7 +117,7 @@ final class Company extends Model
    public static function isCurrentUserAuthorized()
    {

-        return ((!static::isFullMultipleCompanySupportEnabled()) || (Auth::user()->company_id == null) || (Auth::user()->isSuperUser()));
+        return ((!static::isFullMultipleCompanySupportEnabled()) || (Auth::user()->isSuperUser()));
    }

    public static function canManageUsersCompanies()
@@ -130,7 +137,8 @@ final class Company extends Model

    public static function scopeCompanyables($query, $column = 'company_id')
    {
-        if (!static::isFullMultipleCompanySupportEnabled() || (Auth::check() && Auth::user()->isSuperUser())) {
+        // If not logged in and hitting this, assume we are on the command line and don't scope?'
+        if (!static::isFullMultipleCompanySupportEnabled() || (Auth::check() && Auth::user()->isSuperUser()) || (!Auth::check())) {
            return $query;
        } else {
            return static::scopeCompanyablesDirectly($query, $column);
@@ -141,7 +149,7 @@ final class Company extends Model
    {
        if (count($companyable_names) == 0) {
            throw new Exception('No Companyable Children to scope');
-        } elseif (!static::isFullMultipleCompanySupportEnabled()) {
+        } elseif (!static::isFullMultipleCompanySupportEnabled() || (Auth::check() && Auth::user()->isSuperUser())) {
            return $query;
        } else {
            $f = function ($q) {
@@ -170,4 +178,27 @@ final class Company extends Model
            return e($company->name);
        }
    }
+
+    public function users() {
+        return $this->hasMany(User::class);
+    }
+
+    public function assets() {
+        return $this->hasMany(Asset::class);
+    }
+
+    public function licenses() {
+        return $this->hasMany(License::class);
+    }
+    public function accessories() {
+        return $this->hasMany(Accessory::class);
+    }
+
+    public function consumables() {
+        return $this->hasMany(Consumable::class);
+    }
+
+    public function components() {
+        return $this->hasMany(Component::class);
+    }
 }
--- a/app/Models/Component.php
+++ b/app/Models/Component.php
@@ -1,12 +1,14 @@
 <?php
 namespace App\Models;

-use App\Models\User;
-use App\Models\ConsumableAssignment;
-use App\Models\Company;
-use App\Models\Location;
-use App\Models\Category;
 use App\Models\ActionLog;
+use App\Models\Category;
+use App\Models\Company;
+use App\Models\ConsumableAssignment;
+use App\Models\Location;
+use App\Models\Loggable;
+use App\Models\SnipeModel;
+use App\Models\User;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Watson\Validating\ValidatingTrait;
@@ -16,10 +18,11 @@ use Watson\Validating\ValidatingTrait;
 *
 * @version    v1.0
 */
-class Component extends Model
+class Component extends SnipeModel
 {
-    use SoftDeletes;
    use CompanyableTrait;
+    use Loggable;
+    use SoftDeletes;

    protected $dates = ['deleted_at'];
    protected $table = 'components';
@@ -30,10 +33,11 @@ class Component extends Model
    */
    public $rules = array(
        'name'        => 'required|min:3|max:255',
-        'total_qty'     => 'required|integer|min:1',
+        'qty'     => 'required|integer|min:1',
        'category_id' => 'required|integer',
        'company_id'  => 'integer',
        'purchase_date'  => 'date',
+        'purchase_cost'   => 'numeric',
    );

    /**
@@ -84,7 +88,7 @@ class Component extends Model
    */
    public function assetlog()
    {
-        return $this->hasMany('\App\Models\Actionlog', 'component_id')->where('asset_type', '=', 'component')->orderBy('created_at', 'desc')->withTrashed();
+        return $this->hasMany('\App\Models\Actionlog', 'item_id')->where('item_type', Component::class)->orderBy('created_at', 'desc')->withTrashed();
    }


@@ -97,7 +101,7 @@ class Component extends Model
        }


-        $total = $this->total_qty;
+        $total = $this->qty;
        $remaining = $total - $checkedout;
        return $remaining;
    }
@@ -138,6 +142,7 @@ class Component extends Model
                        });
                    })->orWhere('components.name', 'LIKE', '%'.$search.'%')
                            ->orWhere('components.order_number', 'LIKE', '%'.$search.'%')
+                            ->orWhere('components.serial', 'LIKE', '%'.$search.'%')
                            ->orWhere('components.purchase_cost', 'LIKE', '%'.$search.'%')
                            ->orWhere('components.purchase_date', 'LIKE', '%'.$search.'%');
            }
--- a/app/Models/Consumable.php
+++ b/app/Models/Consumable.php
@@ -1,20 +1,23 @@
 <?php
 namespace App\Models;

-use App\Models\User;
-use App\Models\ConsumableAssignment;
-use App\Models\Company;
-use App\Models\Location;
-use App\Models\Category;
 use App\Models\ActionLog;
+use App\Models\Category;
+use App\Models\Company;
+use App\Models\ConsumableAssignment;
+use App\Models\Location;
+use App\Models\Loggable;
+use App\Models\SnipeModel;
+use App\Models\User;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Watson\Validating\ValidatingTrait;

-class Consumable extends Model
+class Consumable extends SnipeModel
 {
-    use SoftDeletes;
    use CompanyableTrait;
+    use Loggable;
+    use SoftDeletes;

    protected $dates = ['deleted_at'];
    protected $table = 'consumables';
@@ -29,6 +32,7 @@ class Consumable extends Model
        'category_id' => 'required|integer',
        'company_id'  => 'integer',
        'min_amt'     => 'integer|min:1',
+        'purchase_cost'   => 'numeric',
    );

    /**
@@ -84,7 +88,7 @@ class Consumable extends Model
    */
    public function assetlog()
    {
-        return $this->hasMany('\App\Models\Actionlog', 'consumable_id')->where('asset_type', '=', 'consumable')->orderBy('created_at', 'desc')->withTrashed();
+        return $this->hasMany('\App\Models\Actionlog', 'item_id')->where('item_type', Consumable::class)->orderBy('created_at', 'desc')->withTrashed();
    }


--- a/app/Models/CustomField.php
+++ b/app/Models/CustomField.php
@@ -2,6 +2,7 @@
 namespace App\Models;

 use Illuminate\Database\Eloquent\Model;
+use Schema;

 class CustomField extends Model
 {
@@ -11,18 +12,18 @@ class CustomField extends Model

    */
    public static $PredefinedFormats=[
-    "ANY" => "",
-    "ALPHA" => "alpha",
-    "EMAIL" => "email",
-    "DATE" => "date",
-    "URL" => "url",
-    "NUMERIC" => "numeric",
-    "MAC" => "regex:/^[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}$/",
-    "IP" => "ip"
+        "ANY" => "",
+        "ALPHA" => "alpha",
+        "EMAIL" => "email",
+        "DATE" => "date",
+        "URL" => "url",
+        "NUMERIC" => "numeric",
+        "MAC" => "regex:/^[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}$/",
+        "IP" => "ip",
    ];

    public $rules=[
-    "name" => "required|unique:custom_fields"
+      "name" => "required|unique:custom_fields"
    ];

    public static $table_name="assets";
@@ -36,12 +37,12 @@ class CustomField extends Model
    {
        self::creating(function ($custom_field) {

-            if (in_array($custom_field->db_column_name(), \Schema::getColumnListing(\DB::getTablePrefix().CustomField::$table_name))) {
+            if (Schema::hasColumn(CustomField::$table_name,$custom_field->db_column_name())) {
              //field already exists when making a new custom field; fail.
                return false;
            }

-            \Schema::table(\DB::getTablePrefix().\App\Models\CustomField::$table_name, function ($table) use ($custom_field) {
+            Schema::table(CustomField::$table_name, function ($table) use ($custom_field) {
                $table->text($custom_field->db_column_name())->nullable();
            });

@@ -49,17 +50,21 @@ class CustomField extends Model

        self::updating(function ($custom_field) {
            if ($custom_field->isDirty("name")) {
-                if (in_array($custom_field->db_column_name(), \Schema::getColumnListing(CustomField::$table_name))) {
+                if (Schema::hasColumn(CustomField::$table_name,$custom_field->db_column_name())) {
                  //field already exists when renaming a custom field
                    return false;
                }
-                return \DB::statement("UPDATE ".CustomField::$table_name." RENAME ".self::name_to_db_name($custom_field->get_original("name"))." TO ".$custom_field->db_column_name());
+                return Schema::table(CustomField::$table_name, function ($table) use ($custom_field) {
+                  $table->renameColumn(self::name_to_db_name($custom_field->getOriginal("name")),$custom_field->db_column_name());
+                });
            }
            return true;
        });

        self::deleting(function ($custom_field) {
-            return \DB::statement("ALTER TABLE ".CustomField::$table_name." DROP COLUMN ".$custom_field->db_column_name());
+            return Schema::table(CustomField::$table_name,function ($table) use ($custom_field) {
+              $table->dropColumn(self::name_to_db_name($custom_field->getOriginal("name")));
+            });
        });
    }

@@ -109,4 +114,43 @@ class CustomField extends Model
            $this->attributes['format']=$value;
        }
    }
+
+    /**
+     * Format a value string as an array for select boxes and checkboxes.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.4]
+     * @return Array
+     */
+    public function formatFieldValuesAsArray() {
+        $arr = preg_split("/\\r\\n|\\r|\\n/", $this->field_values);
+
+        $result[''] = 'Select '.strtolower($this->format);
+
+        for ($x = 0; $x < count($arr); $x++) {
+            $arr_parts = explode('|', $arr[$x]);
+            if ($arr_parts[0]!='') {
+                if (key_exists('1',$arr_parts)) {
+                    $result[$arr_parts[0]] = $arr_parts[1];
+                } else {
+                    $result[$arr_parts[0]] = $arr_parts[0];
+                }
+            }
+
+        }
+
+
+        return $result;
+    }
+
+    public function isFieldDecryptable($string) {
+        if (($this->field_encrypted=='1') && ($string!='')) {
+            return true;
+        }
+        return false;
+    }
+
+
+
+
 }
--- a/app/Models/CustomFieldset.php
+++ b/app/Models/CustomFieldset.php
@@ -2,6 +2,7 @@
 namespace App\Models;

 use Illuminate\Database\Eloquent\Model;
+use Gate;

 class CustomFieldset extends Model
 {
@@ -30,16 +31,21 @@ class CustomFieldset extends Model
    {
        $rules=[];
        foreach ($this->fields as $field) {
-            $rule=[];
-            if ($field->pivot->required) {
-                $rule[]="required";
+            $rule = [];
+
+            if (($field->field_encrypted!='1') ||
+                  (($field->field_encrypted =='1')  && (Gate::allows('admin')) ))
+                  {
+
+                if ($field->pivot->required) {
+                    $rule[]="required";
+                }
            }
+
            array_push($rule, $field->attributes['format']);
            $rules[$field->db_column_name()]=$rule;
        }
        return $rules;
    }

-  //requiredness goes *here*
-  //sequence goes here?
 }
--- a/app/Models/Depreciable.php
+++ b/app/Models/Depreciable.php
@@ -1,10 +1,11 @@
 <?php
 namespace App\Models;

-use Illuminate\Database\Eloquent\Model;
 use App\Models\Depreciation;
+use App\Models\SnipeModel;
+use Illuminate\Database\Eloquent\Model;

-class Depreciable extends Model
+class Depreciable extends SnipeModel
 {
    /**
    * Depreciation Relation, and associated helper methods
--- a/app/Models/Depreciation.php
+++ b/app/Models/Depreciation.php
@@ -1,10 +1,11 @@
 <?php
 namespace App\Models;

+use App\Models\SnipeModel;
 use Illuminate\Database\Eloquent\Model;
 use Watson\Validating\ValidatingTrait;

-class Depreciation extends Model
+class Depreciation extends SnipeModel
 {
    // Declare the rules for the form validation
    protected $rules = array(
--- a/app/Models/Group.php
+++ b/app/Models/Group.php
@@ -1,11 +1,10 @@
 <?php
 namespace App\Models;

+use App\Models\SnipeModel;
 use Watson\Validating\ValidatingTrait;

-use Illuminate\Database\Eloquent\Model;
-
-class Group extends Model
+class Group extends SnipeModel
 {
    protected $table = 'groups';

--- a/app/Models/Ldap.php
+++ b/app/Models/Ldap.php
@@ -26,25 +26,34 @@ class Ldap extends Model
        $ldap_host    = Setting::getSettings()->ldap_server;
        $ldap_version = Setting::getSettings()->ldap_version;
        $ldap_server_cert_ignore = Setting::getSettings()->ldap_server_cert_ignore;
+        $ldap_use_tls = Setting::getSettings()->ldap_tls;


        // If we are ignoring the SSL cert we need to setup the environment variable
        // before we create the connection
-        if ($ldap_server_cert_ignore) {
+        if ($ldap_server_cert_ignore=='1') {
            putenv('LDAPTLS_REQCERT=never');
        }

-        // Connecting to LDAP
-        $connection = @ldap_connect($ldap_host) or die("Could not connect to {$ldap_host}");
+        // If the user specifies where CA Certs are, make sure to use them
+        if(env("LDAPTLS_CACERT")) {
+          putenv("LDAPTLS_CACERT=".env("LDAPTLS_CACERT"));
+        }
+
+        $connection = @ldap_connect($ldap_host);

        if (!$connection) {
-            throw new Exception('Could not connect to LDAP server at '.$ldap_host.': '.ldap_error($connection));
+            throw new Exception('Could not connect to LDAP server at '.$ldap_host.'. Please check your LDAP server name and port number in your settings.');
        }

        // Needed for AD
        ldap_set_option($connection, LDAP_OPT_REFERRALS, 0);
        ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, $ldap_version);

+        if ($ldap_use_tls=='1') {
+            ldap_start_tls($connection);
+        }
+
        return $connection;
    }

@@ -72,11 +81,18 @@ class Ldap extends Model
        if ($settings->is_ad =='1')
        {

-            // In case they haven't added an AD domain
-            if ($settings->ad_domain == '') {
-                $userDn      = $username.'@'.$settings->email_domain;
+            // Check if they are using the userprincipalname for the username field.
+            // If they are, we can skip building the UPN to authenticate against AD
+            if ($ldap_username_field=='userprincipalname')
+            {
+                $userDn = $username;
            } else {
-               $userDn      = $username.'@'.$settings->ad_domain;
+                // In case they haven't added an AD domain
+                if ($settings->ad_domain == '') {
+                    $userDn      = $username.'@'.$settings->email_domain;
+                } else {
+                    $userDn      = $username.'@'.$settings->ad_domain;
+                }
            }

        } else {
@@ -182,6 +198,7 @@ class Ldap extends Model
    {
        $item = Ldap::parseAndMapLdapAttributes($ldapatttibutes);

+
        // Create user from LDAP data
        if (!empty($item["username"])) {
            $user = new User;
@@ -189,7 +206,14 @@ class Ldap extends Model
            $user->last_name = $item["lastname"];
            $user->username = $item["username"];
            $user->email = $item["email"];
-            $user->password = bcrypt(Input::get("password"));
+
+            if (Setting::getSettings()->ldap_pw_sync=='1') {
+                $user->password = bcrypt(Input::get("password"));
+            } else {
+                $pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 25);
+                $user->password = bcrypt($pass);
+            }
+
            $user->activated = 1;
            $user->ldap_import = 1;
            $user->notes = 'Imported on first login from LDAP';
@@ -198,7 +222,7 @@ class Ldap extends Model
                return true;
            } else {
                LOG::debug('Could not create user.'.$user->getErrors());
-                exit;
+                throw new Exception("Could not create user: ".$user->getErrors());
            }
        }

@@ -230,8 +254,12 @@ class Ldap extends Model

        // Perform the search
        do {
+
            // Paginate (non-critical, if not supported by server)
-            ldap_control_paged_result($ldapconn, $page_size, false, $cookie);
+            if (!$ldap_paging = @ldap_control_paged_result($ldapconn, $page_size, false, $cookie)) {
+                throw new Exception('Problem with your LDAP connection. Try checking the Use TLS setting in Admin > Settings. ');
+            }
+

            $search_results = ldap_search($ldapconn, $base_dn, '('.$filter.')');

--- a/app/Models/License.php
+++ b/app/Models/License.php
@@ -2,15 +2,16 @@
 namespace App\Models;

 use App\Models\Company;
+use App\Models\Loggable;
 use DB;
-use Watson\Validating\ValidatingTrait;
-
 use Illuminate\Database\Eloquent\SoftDeletes;
+use Watson\Validating\ValidatingTrait;

 class License extends Depreciable
 {
    use SoftDeletes;
    use CompanyableTrait;
+    use Loggable;
    protected $injectUniqueIdentifier = true;
    use ValidatingTrait;

@@ -22,7 +23,6 @@ class License extends Depreciable
    protected $table = 'licenses';
    protected $rules = array(
        'name'   => 'required|string|min:3|max:255',
-        'serial'   => 'required|min:5',
        'seats'   => 'required|min:1|max:10000|integer',
        'license_email'   => 'email|min:0|max:120',
        'license_name'   => 'string|min:0|max:100',
@@ -36,6 +36,11 @@ class License extends Depreciable
        return $this->belongsTo('\App\Models\Company', 'company_id');
    }

+    public function manufacturer()
+    {
+        return $this->belongsTo('\App\Models\Manufacturer', 'manufacturer_id');
+    }
+
    /**
     * Get the assigned user
     */
@@ -49,8 +54,8 @@ class License extends Depreciable
    */
    public function assetlog()
    {
-        return $this->hasMany('\App\Models\Actionlog', 'asset_id')
-            ->where('asset_type', '=', 'software')
+        return $this->hasMany('\App\Models\Actionlog', 'item_id')
+            ->where('item_type', '=', License::class)
            ->orderBy('created_at', 'desc');
    }

@@ -59,8 +64,8 @@ class License extends Depreciable
    */
    public function uploads()
    {
-        return $this->hasMany('\App\Models\Actionlog', 'asset_id')
-            ->where('asset_type', '=', 'software')
+        return $this->hasMany('\App\Models\Actionlog', 'item_id')
+            ->where('item_type', '=', License::class)
            ->where('action_type', '=', 'uploaded')
            ->whereNotNull('filename')
            ->orderBy('created_at', 'desc');
@@ -95,6 +100,20 @@ class License extends Depreciable
                   ->count();
    }

+    // We do this to eager load the "count" of seats from the controller.  Otherwise calling "count()" on each model results in n+1
+    public function licenseSeatsRelation()
+    {
+        return $this->hasMany(LicenseSeat::class)->whereNull('deleted_at')->selectRaw('license_id, count(*) as count')->groupBy('license_id');
+    }
+
+    public function getLicenseSeatsCountAttribute()
+    {
+        if ($this->licenseSeatsRelation->first()) {
+            return $this->licenseSeatsRelation->first()->count;
+        }
+
+        return 0;
+    }

    /**
    * Get total licenses not checked out
@@ -110,37 +129,47 @@ class License extends Depreciable
    /**
     * Get the number of available seats
     */
-    public function availcount()
+    public function availCount()
    {
-        return LicenseSeat::whereNull('assigned_to')
-                    ->whereNull('asset_id')
-                    ->where('license_id', '=', $this->id)
-                    ->whereNull('deleted_at')
-                    ->count();
+        return $this->licenseSeatsRelation()
+            ->whereNull('asset_id');
+    }
+
+    public function getAvailSeatsCountAttribute()
+    {
+        if ($this->availCount->first()) {
+            return $this->availCount->first()->count;
+        }
+
+        return 0;
    }

    /**
     * Get the number of assigned seats
     *
     */
-    public function assignedcount()
+    public function assignedCount()
    {
+        return $this->licenseSeatsRelation()->where(function ($query) {
+            $query->whereNotNull('assigned_to')
+            ->orWhereNotNull('asset_id');
+        });
+    }

-        return \App\Models\LicenseSeat::where('license_id', '=', $this->id)
-            ->where(function ($query) {
-
-                $query->whereNotNull('assigned_to')
-                ->orWhereNotNull('asset_id');
-            })
-        ->count();
-
+    public function getAssignedSeatsCountAttribute()
+    {
+        // dd($this->licenseSeatsRelation->first());
+        if ($this->assignedCount->first()) {
+            return $this->assignedCount->first()->count;
+        }

+        return 0;
    }

    public function remaincount()
    {
-        $total = $this->totalSeatsByLicenseID();
-        $taken =  $this->assignedcount();
+        $total = $this->licenseSeatsCount;
+        $taken =  $this->assigned_seats_count;
        $diff =   ($total - $taken);
        return $diff;
    }
@@ -150,7 +179,7 @@ class License extends Depreciable
     */
    public function totalcount()
    {
-        $avail =  $this->availcount();
+        $avail =  $this->availSeatsCount;
        $taken =  $this->assignedcount();
        $diff =   ($avail + $taken);
        return $diff;
@@ -204,12 +233,51 @@ class License extends Depreciable

        return $query->where(function ($query) use ($search) {

-            $query->where('name', 'LIKE', '%'.$search.'%')
-                ->orWhere('serial', 'LIKE', '%'.$search.'%')
-                ->orWhere('notes', 'LIKE', '%'.$search.'%')
-                ->orWhere('order_number', 'LIKE', '%'.$search.'%')
-                ->orWhere('purchase_date', 'LIKE', '%'.$search.'%')
-                ->orWhere('purchase_cost', 'LIKE', '%'.$search.'%');
+            $query->where('licenses.name', 'LIKE', '%'.$search.'%')
+                ->orWhere('licenses.serial', 'LIKE', '%'.$search.'%')
+                ->orWhere('licenses.notes', 'LIKE', '%'.$search.'%')
+                ->orWhere('licenses.order_number', 'LIKE', '%'.$search.'%')
+                ->orWhere('licenses.purchase_order', 'LIKE', '%'.$search.'%')
+                ->orWhere('licenses.purchase_date', 'LIKE', '%'.$search.'%')
+                ->orWhere('licenses.purchase_cost', 'LIKE', '%'.$search.'%')
+             ->orWhereHas('manufacturer', function ($query) use ($search) {
+                        $query->where(function ($query) use ($search) {
+                            $query->where('manufacturers.name', 'LIKE', '%'.$search.'%');
+                    });
+                })
+            ->orWhereHas('company', function ($query) use ($search) {
+                $query->where(function ($query) use ($search) {
+                    $query->where('companies.name', 'LIKE', '%'.$search.'%');
+                });
+            });
        });
    }
+
+    /**
+     * Query builder scope to order on manufacturer
+     *
+     * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
+     * @param  text                              $order         Order
+     *
+     * @return Illuminate\Database\Query\Builder          Modified query builder
+     */
+    public function scopeOrderManufacturer($query, $order)
+    {
+        return $query->leftJoin('manufacturers', 'licenses.manufacturer_id', '=', 'manufacturers.id')->select('licenses.*')
+            ->orderBy('manufacturers.name', $order);
+    }
+
+    /**
+     * Query builder scope to order on company
+     *
+     * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
+     * @param  text                              $order         Order
+     *
+     * @return Illuminate\Database\Query\Builder          Modified query builder
+     */
+    public function scopeOrderCompany($query, $order)
+    {
+        return $query->leftJoin('companies as companies', 'licenses.company_id', '=', 'companies.id')->select('licenses.*')
+            ->orderBy('companies.name', $order);
+    }
 }
--- a/app/Models/LicenseSeat.php
+++ b/app/Models/LicenseSeat.php
@@ -1,6 +1,7 @@
 <?php
 namespace App\Models;

+use App\Models\Loggable;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;

@@ -8,6 +9,7 @@ class LicenseSeat extends Model implements ICompanyableChild
 {
    use CompanyableChildTrait;
    use SoftDeletes;
+    use Loggable;

    protected $dates = ['deleted_at'];
    protected $guarded = 'id';
--- a/app/Models/Location.php
+++ b/app/Models/Location.php
@@ -1,22 +1,24 @@
 <?php
 namespace App\Models;

+use App\Http\Traits\UniqueUndeletedTrait;
+use App\Models\Asset;
+use App\Models\SnipeModel;
+use App\Models\User;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
-use App\Models\User;
-use App\Models\Asset;
 use Watson\Validating\ValidatingTrait;

-class Location extends Model
+class Location extends SnipeModel
 {
    use SoftDeletes;
    protected $dates = ['deleted_at'];
    protected $table = 'locations';
    protected $rules = array(
-      'name'        => 'required|min:3|max:255|unique:locations,name,NULL,deleted_at',
+      'name'        => 'required|min:3|max:255|unique_undeleted',
      'city'        => 'min:3|max:255',
-      'state'           => 'min:2|max:32',
-      'country'     => 'min:2|max:2|max:2',
+      'state'           => 'min:0|max:2',
+      'country'     => 'min:2|max:2',
      'address'         => 'min:5|max:80',
      'address2'        => 'min:2|max:80',
      'zip'         => 'min:3|max:10',
@@ -31,6 +33,7 @@ class Location extends Model
    */
    protected $injectUniqueIdentifier = true;
    use ValidatingTrait;
+    use UniqueUndeletedTrait;


    /**
@@ -47,7 +50,7 @@ class Location extends Model

    public function assets()
    {
-        return $this->hasManyThrough('\App\Models\Asset', '\App\Models\Actionlog', 'location_id', 'id');
+        return $this->hasManyThrough('\App\Models\Asset', '\App\Models\User', 'location_id', 'assigned_to', 'id');
    }

    public function assignedassets()
--- a/app/Models/Loggable.php
+++ b/app/Models/Loggable.php
@@ -0,0 +1,137 @@
+<?php
+
+namespace App\Models;
+
+use App\Models\Actionlog;
+use App\Models\Asset;
+use App\Models\CheckoutRequest;
+use App\Models\User;
+use Illuminate\Support\Facades\Auth;
+
+trait Loggable
+{
+
+    /**
+     * @author  Daniel Meltzer <parallelgrapefruit@gmail.com
+     * @since [v3.4]
+     * @return \App\Models\Actionlog
+     */
+
+    public function log()
+    {
+        return $this->morphMany(Actionlog::class, 'item');
+    }
+
+    /**
+     * @author  Daniel Meltzer <parallelgrapefruit@gmail.com
+     * @since [v3.4]
+     * @return \App\Models\Actionlog
+     */
+    public function logCheckout($note, $target = null /*target is overridable for components*/)
+    {
+        $log = new Actionlog;
+
+        // We need to special case licenses because of license_seat vs license.  So much for clean polymorphism :)
+        if (static::class == LicenseSeat::class) {
+            $log->item_type = License::class;
+            $log->item_id = $this->license_id;
+        } else {
+            $log->item_type = static::class;
+            $log->item_id = $this->id;
+        }
+
+        $log->user_id = Auth::user()->id;
+
+        if (!is_null($this->asset_id) || isset($target)) {
+            $log->target_type = Asset::class;
+            $log->target_id = $this->asset_id;
+        } else if (!is_null($this->assigned_to)) {
+            $log->target_type = User::class;
+            $log->target_id = $this->assigned_to;
+        }
+
+        $item = call_user_func(array($log->target_type, 'find'), $log->target_id);
+        $log->location_id = $item->location_id;
+        $log->note = $note;
+        $log->logaction('checkout');
+
+        return $log;
+    }
+
+    /**
+     * @author  Daniel Meltzer <parallelgrapefruit@gmail.com
+     * @since [v3.4]
+     * @return \App\Models\Actionlog
+     */
+    public function logCheckin($target, $note)
+    {
+        $log = new Actionlog;
+        $log->target_type = get_class($target);
+        $log->target_id = $target->id;
+        if (static::class == LicenseSeat::class) {
+            $log->item_type = License::class;
+            $log->item_id = $this->license_id;
+        } else {
+            $log->item_type = static::class;
+            $log->item_id = $this->id;
+        }
+        $log->location_id = null;
+        $log->note = $note;
+        $log->user_id = Auth::user()->id;
+        $log->logaction('checkin from');
+
+        return $log;
+    }
+
+    /**
+     * @author  Daniel Meltzer <parallelgrapefruit@gmail.com
+     * @since [v3.5]
+     * @return \App\Models\Actionlog
+     */
+    public function logCreate($note = null)
+    {
+        $user_id = -1;
+        if (Auth::user()) {
+            $user_id = Auth::user()->id;
+        }
+        $log = new Actionlog;
+        if (static::class == LicenseSeat::class) {
+            $log->item_type = License::class;
+            $log->item_id = $this->license_id;
+        } else {
+            $log->item_type = static::class;
+            $log->item_id = $this->id;
+        }
+        $log->location_id = null;
+        $log->note = $note;
+        $log->user_id = $user_id;
+        $log->logaction('created');
+        $log->save();
+        return $log;
+    }
+
+    /**
+     * @author  Daniel Meltzer <parallelgrapefruit@gmail.com
+     * @since [v3.4]
+     * @return \App\Models\Actionlog
+     */
+    public function logUpload($filename, $note)
+    {
+        $log = new Actionlog;
+        if (static::class == LicenseSeat::class) {
+            $log->item_type = License::class;
+            $log->item_id = $this->license_id;
+        } else {
+            $log->item_type = static::class;
+            $log->item_id = $this->id;
+        }
+        $log->user_id = Auth::user()->id;
+        $log->note = $note;
+        $log->target_id =  null;
+        $log->created_at =  date("Y-m-d h:i:s");
+        $log->filename =  $filename;
+        $log->logaction('uploaded');
+
+        return $log;
+    }
+}
--- a/app/Models/Manufacturer.php
+++ b/app/Models/Manufacturer.php
@@ -1,11 +1,12 @@
 <?php
 namespace App\Models;

+use App\Models\SnipeModel;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Watson\Validating\ValidatingTrait;

-class Manufacturer extends Model
+class Manufacturer extends SnipeModel
 {
    use SoftDeletes;
    protected $dates = ['deleted_at'];
@@ -46,6 +47,26 @@ class Manufacturer extends Model
        return $this->hasManyThrough('\App\Models\Asset', '\App\Models\AssetModel', 'manufacturer_id', 'model_id');
    }

+    public function models()
+    {
+        return $this->hasMany('\App\Models\AssetModel', 'manufacturer_id');
+    }
+
+    public function licenses()
+    {
+        return $this->hasMany('\App\Models\License', 'manufacturer_id');
+    }
+
+    public function accessories()
+    {
+        return $this->hasMany('\App\Models\Accessory', 'manufacturer_id');
+    }
+
+    public function consumables()
+    {
+        return $this->hasMany('\App\Models\Consumable', 'manufacturer_id');
+    }
+
    /**
    * Query builder scope to search on text
    *
--- a/app/Models/Requestable.php
+++ b/app/Models/Requestable.php
@@ -0,0 +1,45 @@
+<?php
+
+namespace App\Models;
+
+use App\Models\CheckoutRequest;
+use App\Models\User;
+use Illuminate\Support\Facades\Auth;
+
+// $asset->requests
+// $asset->isRequestedBy($user)
+// $asset->whereRequestedBy($user)
+trait Requestable
+{
+
+    public function requests()
+    {
+        return $this->morphMany(CheckoutRequest::class, 'requestable');
+    }
+
+    public function isRequestedBy(User $user)
+    {
+        return $this->requests()
+            ->where('user_id', $user->id)
+            ->exists();
+    }
+
+    public function scopeRequestedBy($query, User $user)
+    {
+        return $query->whereHas('requests', function ($query) use ($user) {
+            $query->where('user_id', $user->id);
+        });
+    }
+
+    public function request()
+    {
+        $this->requests()->save(
+            new CheckoutRequest(['user_id' => Auth::id()])
+        );
+    }
+
+    public function cancelRequest()
+    {
+        $this->requests()->where('user_id', Auth::id())->delete();
+    }
+}
--- a/app/Models/Setting.php
+++ b/app/Models/Setting.php
@@ -49,10 +49,14 @@ class Setting extends Model
    {
        static $static_cache = null;

-        if (!$static_cache) {
-            $static_cache = Setting::first();
-        }
-        return $static_cache;
+            if (!$static_cache) {
+                if (Schema::hasTable('settings')) {
+                    $static_cache = Setting::first();
+                }
+            }
+
+            return $static_cache;
+
    }

    public static function setupCompleted()
--- a/app/Models/SnipeModel.php
+++ b/app/Models/SnipeModel.php
@@ -0,0 +1,14 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Model;
+
+class SnipeModel extends Model
+{
+    //
+    public function getDisplayNameAttribute()
+    {
+        return $this->name;
+    }
+}
--- a/app/Models/Statuslabel.php
+++ b/app/Models/Statuslabel.php
@@ -1,14 +1,17 @@
 <?php
 namespace App\Models;

+use App\Http\Traits\UniqueUndeletedTrait;
+use App\Models\SnipeModel;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Watson\Validating\ValidatingTrait;

-class Statuslabel extends Model
+class Statuslabel extends SnipeModel
 {
    use SoftDeletes;
    use ValidatingTrait;
+    use UniqueUndeletedTrait;

    protected $injectUniqueIdentifier = true;
    protected $dates = ['deleted_at'];
@@ -16,14 +19,14 @@ class Statuslabel extends Model


    protected $rules = array(
-        'name'  => 'required|string|unique:status_labels,name,NULL,deleted_at',
+        'name'  => 'required|string|unique_undeleted',
        'notes'   => 'string',
        'deployable' => 'required',
        'pending' => 'required',
        'archived' => 'required',
    );

-    protected $fillable = ['name'];
+    protected $fillable = ['name', 'deployable', 'pending', 'archived'];

    /**
     * Show count of assets with status label
--- a/app/Models/Supplier.php
+++ b/app/Models/Supplier.php
@@ -1,25 +1,28 @@
 <?php
 namespace App\Models;

+use App\Http\Traits\UniqueUndeletedTrait;
+use App\Models\SnipeModel;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Watson\Validating\ValidatingTrait;

-class Supplier extends Model
+class Supplier extends SnipeModel
 {
    use SoftDeletes;
    protected $dates = ['deleted_at'];
+    protected $table = 'suppliers';

    protected $rules = array(
-        'name'              => 'required|min:3|max:255|unique:suppliers,name,NULL,deleted_at',
-        'address'           => 'min:3|max:255',
-        'address2'          => 'min:2|max:255',
+        'name'              => 'required|min:3|max:255|unique_undeleted',
+        'address'           => 'min:3|max:50',
+        'address2'          => 'min:2|max:50',
        'city'              => 'min:3|max:255',
-        'state'             => 'min:0|max:32',
+        'state'             => 'min:0|max:2',
        'country'           => 'min:0|max:2',
        'fax'               => 'min:7|max:20',
        'phone'             => 'min:7|max:20',
-        'contact'           => 'min:0|max:255',
+        'contact'           => 'min:0|max:100',
        'notes'             => 'min:0|max:255',
        'email'             => 'email|min:5|max:150',
        'zip'               => 'min:0|max:10',
@@ -35,6 +38,7 @@ class Supplier extends Model
    */
    protected $injectUniqueIdentifier = true;
    use ValidatingTrait;
+    use UniqueUndeletedTrait;

    /**
     * The attributes that are mass assignable.
@@ -44,6 +48,21 @@ class Supplier extends Model
    protected $fillable = ['name'];


+    // Eager load counts.
+    // We do this to eager load the "count" of seats from the controller.  Otherwise calling "count()" on each model results in n+1
+    public function assetsRelation()
+    {
+        return $this->hasMany(Asset::class)->whereNull('deleted_at')->selectRaw('supplier_id, count(*) as count')->groupBy('supplier_id');
+    }
+
+    public function getLicenseSeatsCountAttribute()
+    {
+        if ($this->licenseSeatsRelation->first()) {
+            return $this->licenseSeatsRelation->first()->count;
+        }
+
+        return 0;
+    }
    public function assets()
    {
        return $this->hasMany('\App\Models\Asset', 'supplier_id');
@@ -56,7 +75,11 @@ class Supplier extends Model

    public function num_assets()
    {
-        return $this->hasMany('\App\Models\Asset', 'supplier_id')->count();
+        if ($this->assetsRelation->first()) {
+            return $this->assetsRelation->first()->count;
+        }
+
+        return 0;
    }

    public function licenses()
@@ -66,7 +89,7 @@ class Supplier extends Model

    public function num_licenses()
    {
-        return $this->hasMany('\App\Models\License', 'supplier_id')->count();
+        return $this->licenses()->count();
    }

    public function addhttp($url)
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -7,8 +7,9 @@ use Illuminate\Auth\Passwords\CanResetPassword;
 use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
 use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
 use Watson\Validating\ValidatingTrait;
-use App\Models\Company;
 use Illuminate\Database\Eloquent\SoftDeletes;
+use App\Http\Traits\UniqueUndeletedTrait;
+use App\Models\Setting;

 class User extends Model implements AuthenticatableContract, CanResetPasswordContract
 {
@@ -17,6 +18,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
    use ValidatingTrait;
    use Authenticatable;
    use CanResetPassword;
+    use UniqueUndeletedTrait;

    protected $dates = ['deleted_at'];
    protected $table = 'users';
@@ -32,8 +34,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon

    protected $rules = [
        'first_name'              => 'required|string|min:1',
-        'last_name'               => 'required|string|min:1',
-        'username'                => 'required|string|min:2|unique:users,username,NULL,deleted_at',
+        'username'                => 'required|string|min:2|unique_undeleted',
        'email'                   => 'email',
        'password'                => 'required|min:6',
    ];
@@ -55,7 +56,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon

        $user_permissions = json_decode($this->permissions, true);

-        //If the user is explicitly granted, return false
+        //If the user is explicitly granted, return true
        if (($user_permissions!='') && ((array_key_exists($section, $user_permissions)) && ($user_permissions[$section]=='1'))) {
            return true;
        }
@@ -67,7 +68,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon

        // Loop through the groups to see if any of them grant this permission
        foreach ($user_groups as $user_group) {
-            $group_permissions = json_decode($user_group->permissions, true);
+            $group_permissions = (array) json_decode($user_group->permissions, true);
            if (((array_key_exists($section, $group_permissions)) && ($group_permissions[$section]=='1'))) {
                return true;
            }
@@ -84,7 +85,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon

        foreach ($this->groups as $user_group) {
            $group_permissions = json_decode($user_group->permissions, true);
-            $group_array = $group_permissions;
+            $group_array = (array)$group_permissions;
            if ((array_key_exists('superuser', $group_array)) && ($group_permissions['superuser']=='1')) {
                return true;
            }
@@ -146,10 +147,8 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
            return config('app.url').'/uploads/avatars/'.$this->avatar;
        }

-        if ($this->email) {
-            // Generate the Gravatar hash
+        if ((Setting::getSettings()->load_remote=='1') && ($this->email!='')) {
            $gravatar = md5(strtolower(trim($this->email)));
-            // Return the Gravatar url
            return "//gravatar.com/avatar/".$gravatar;
        }

@@ -202,7 +201,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
     */
    public function userlog()
    {
-        return $this->hasMany('\App\Models\Actionlog', 'checkedout_to')->orderBy('created_at', 'DESC')->withTrashed();
+        return $this->hasMany('\App\Models\Actionlog', 'target_id')->orderBy('created_at', 'DESC')->withTrashed();
    }

    /**
@@ -232,10 +231,10 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon

    public function accountStatus()
    {
-        if ($this->sentryThrottle) {
-            if ($this->sentryThrottle->suspended==1) {
+        if ($this->throttle) {
+            if ($this->throttle->suspended==1) {
                return 'suspended';
-            } elseif ($this->sentryThrottle->banned==1) {
+            } elseif ($this->throttle->banned==1) {
                return 'banned';
            } else {
                return false;
@@ -255,14 +254,22 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
     */
    public function uploads()
    {
-        return $this->hasMany('\App\Models\Actionlog', 'asset_id')
-            ->where('asset_type', '=', 'user')
+        return $this->hasMany('\App\Models\Actionlog', 'item_id')
+            ->where('item_type', User::class)
            ->where('action_type', '=', 'uploaded')
            ->whereNotNull('filename')
            ->orderBy('created_at', 'desc');
    }

-    public function sentryThrottle()
+    /**
+     * Fetch Items User has requested
+     */
+    public function checkoutRequests()
+    {
+        return $this->belongsToMany(Asset::class, 'checkout_requests');
+    }
+
+    public function throttle()
    {
        return $this->hasOne('\App\Models\Throttle');
    }
@@ -302,6 +309,10 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
            ->orWhere('username', '=', $user_email);
    }

+    public static function generateEmailFromFullName($name) {
+        $username = User::generateFormattedNameFromFullName(Setting::getSettings()->email_format, $name);
+        return $username['username'].'@'.Setting::getSettings()->email_domain;
+    }

    public static function generateFormattedNameFromFullName($format = 'filastname', $users_name)
    {
@@ -333,8 +344,9 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
            } elseif ($format=='firstname') {
                $email_last_name.=str_replace(' ', '', $last_name);
                $email_prefix = $first_name;
-
            }
+
+
        }

        $user_username = $email_prefix;
@@ -370,12 +382,18 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
                ->orWhere('users.email', 'LIKE', "%$search%")
                ->orWhere('users.username', 'LIKE', "%$search%")
                ->orWhere('users.notes', 'LIKE', "%$search%")
+                ->orWhere('users.jobtitle', 'LIKE', "%$search%")
                ->orWhere('users.employee_num', 'LIKE', "%$search%")
                ->orWhere(function ($query) use ($search) {
                    $query->whereHas('userloc', function ($query) use ($search) {
                        $query->where('locations.name', 'LIKE', '%'.$search.'%');
                    });
                })
+                ->orWhere(function ($query) use ($search) {
+                    $query->whereHas('groups', function ($query) use ($search) {
+                        $query->where('groups.name', 'LIKE', '%'.$search.'%');
+                    });
+                })

                // Ugly, ugly code because Laravel sucks at self-joins
                ->orWhere(function ($query) use ($search) {
--- a/app/Providers/AppServiceProvider.php
+++ b/app/Providers/AppServiceProvider.php
@@ -3,6 +3,9 @@ namespace App\Providers;

 use Validator;
 use Illuminate\Support\ServiceProvider;
+use DB;
+use Log;
+

 /**
 * This service provider handles a few custom validation rules.
@@ -47,6 +50,26 @@ class AppServiceProvider extends ServiceProvider
            }

        });
+
+        // Unique only if undeleted
+        // This works around the use case where multiple deleted items have the same unique attribute.
+        // (I think this is a bug in Laravel's validator?)
+        Validator::extend('unique_undeleted', function($attribute, $value, $parameters, $validator) {
+
+            $count = DB::table($parameters[0])->select('id')->where($attribute,'=',$value)->whereNull('deleted_at')->where('id','!=',$parameters[1])->count();
+
+            if ($count < 1) {
+                return true;
+            } else {
+                return false;
+            }
+
+        });
+
+        // Share common variables with all views.
+        view()->composer('*', function ($view) {
+            $view->with('snipeSettings', \App\Models\Setting::getSettings());
+        });
    }

    /**
@@ -56,6 +79,20 @@ class AppServiceProvider extends ServiceProvider
     */
    public function register()
    {
-        //
+        $monolog = Log::getMonolog();
+
+        if (config('app.debug')) {
+            $log_level = 'debug';
+        } else {
+            if (config('log-level')) {
+                $log_level = config('log-level');
+            } else {
+                $log_level = 'error';
+            }
+        }
+
+        foreach($monolog->getHandlers() as $handler) {
+            $handler->setLevel($log_level);
+        }
    }
 }
--- a/app/Providers/AuthServiceProvider.php
+++ b/app/Providers/AuthServiceProvider.php
@@ -91,6 +91,19 @@ class AuthServiceProvider extends ServiceProvider
            }
        });

+        $gate->define('assets.edit', function ($user) {
+            if (($user->hasAccess('assets.edit')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        // Checks for some level of management
+        $gate->define('assets.manage', function ($user) {
+            if (($user->hasAccess('assets.checkin')) || ($user->hasAccess('assets.edit')) || ($user->hasAccess('assets.delete')) || ($user->hasAccess('assets.checkout')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+

        # -----------------------------------------
        # Accessories
@@ -131,6 +144,13 @@ class AuthServiceProvider extends ServiceProvider
            }
        });

+        // Checks for some level of management
+        $gate->define('accessories.manage', function ($user) {
+            if (($user->hasAccess('accessories.checkin')) || ($user->hasAccess('accessories.edit')) || ($user->hasAccess('accessories.checkout')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
        # -----------------------------------------
        # Consumables
        # -----------------------------------------
@@ -170,6 +190,13 @@ class AuthServiceProvider extends ServiceProvider
            }
        });

+        // Checks for some level of management
+        $gate->define('consumables.manage', function ($user) {
+            if (($user->hasAccess('consumables.checkin')) || ($user->hasAccess('consumables.edit')) || ($user->hasAccess('consumables.delete')) || ($user->hasAccess('consumables.checkout')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+


        # -----------------------------------------
@@ -205,7 +232,7 @@ class AuthServiceProvider extends ServiceProvider
        # Components
        # -----------------------------------------
        $gate->define('components.view', function ($user) {
-            if (($user->hasAccess('components.create')) || ($user->hasAccess('admin'))) {
+            if (($user->hasAccess('components.view')) || ($user->hasAccess('admin'))) {
                return true;
            }
        });
@@ -228,6 +255,25 @@ class AuthServiceProvider extends ServiceProvider
            }
        });

+        $gate->define('components.checkout', function ($user) {
+            if (($user->hasAccess('components.checkout')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('components.checkout', function ($user) {
+            if (($user->hasAccess('components.checkout')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        // Checks for some level of management
+        $gate->define('components.manage', function ($user) {
+            if (($user->hasAccess('components.edit')) || ($user->hasAccess('components.delete')) || ($user->hasAccess('components.checkout')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+

        # -----------------------------------------
        # Licenses
@@ -268,6 +314,29 @@ class AuthServiceProvider extends ServiceProvider
            }
        });

+        $gate->define('licenses.keys', function ($user) {
+            if (($user->hasAccess('licenses.keys')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        // Checks for some level of management
+        $gate->define('licenses.manage', function ($user) {
+            if (($user->hasAccess('licenses.checkin')) || ($user->hasAccess('licenses.edit')) || ($user->hasAccess('licenses.delete')) || ($user->hasAccess('licenses.checkout')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+
+        # -----------------------------------------
+        # Self
+        # -----------------------------------------
+        $gate->define('self.two_factor', function ($user) {
+            if (($user->hasAccess('self.two_factor')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+

    }
 }
--- a/codeception.yml
+++ b/codeception.yml
@@ -12,13 +12,6 @@ settings:
 extensions:
    enabled:
        - Codeception\Extension\RunFailed
-modules:
-    config:
-        Db:
-            dsn: ''
-            user: ''
-            password: ''
-            dump: tests/_data/dump.sql
 coverage:
    enabled: true
    include:
--- a/composer.json
+++ b/composer.json
@@ -21,7 +21,10 @@
      "doctrine/common": "v2.5.3",
      "doctrine/dbal": "v2.4.2",
      "barryvdh/laravel-debugbar": "^2.1",
-      "spatie/laravel-backup": "3.8.1"
+      "spatie/laravel-backup": "3.8.1",
+      "misterphilip/maintenance-mode": "1.0.*",
+      "neitanod/forceutf8": "dev-master",
+      "pragmarx/google2fa": "^1.0"
    },
    "require-dev": {
      "fzaninotto/faker": "~1.4",
--- a/composer.lock
+++ b/composer.lock
--- a/config/app.php
+++ b/config/app.php
@@ -27,6 +27,7 @@ return [
    */

    'debug' => env('APP_DEBUG', false),
+    'warn_debug' => env('WARN_DEBUG', true),

    /*
    |--------------------------------------------------------------------------
@@ -109,6 +110,7 @@ return [
    */

    'log' => env('APP_LOG', 'single'),
+    'log-level' => env('APP_LOG_LEVEL', 'error'),


    /*
@@ -117,7 +119,7 @@ return [
    |--------------------------------------------------------------------------
    | This is the path for any uploaded files that have to be run through the
    | auth system to ensure they are not visible to the public. These should be
-    | stored somewhere outside of the web root so that an unautenticated user
+    | stored somewhere outside of the web root so that an unauthenticated user
    | cannot access them.
    |
    | For example: license keys, contracts, etc.
@@ -127,6 +129,20 @@ return [
    'private_uploads' => storage_path().'/private_uploads',


+    /*
+    |--------------------------------------------------------------------------
+    | ALLOW I-FRAMING
+    |--------------------------------------------------------------------------
+    |
+    | Normal users will never need to edit this. This option lets you run
+    | Snipe-IT within an I-Frame, which is normally disabled by default for
+    | security reasons, to prevent clickjacking. It should normally be set to false.
+    |
+    */
+
+    'allow_iframing' => env('ALLOW_IFRAMING', false),
+
+
    /*
    |--------------------------------------------------------------------------
    | Demo Mode Lockdown
@@ -140,7 +156,6 @@ return [
    'lock_passwords' => env('APP_LOCKED', false),


-
    /*
    |--------------------------------------------------------------------------
    | Autoloaded Service Providers
@@ -197,7 +212,9 @@ return [
        Collective\Html\HtmlServiceProvider::class,
        Spatie\Backup\BackupServiceProvider::class,
        Fideloper\Proxy\TrustedProxyServiceProvider::class,
-
+        MisterPhilip\MaintenanceMode\MaintenanceModeServiceProvider::class,
+        MisterPhilip\MaintenanceMode\MaintenanceCommandServiceProvider::class,
+        PragmaRX\Google2FA\Vendor\Laravel\ServiceProvider::class,
        /*
         * Custom service provider
         */
@@ -254,6 +271,7 @@ return [
        'View'      => Illuminate\Support\Facades\View::class,
        'Form'      => 'Collective\Html\FormFacade',
        'Html'      => 'Collective\Html\HtmlFacade',
+        'Google2FA' => PragmaRX\Google2FA\Vendor\Laravel\Facade::class,
    ],

 ];
--- a/config/auth.php
+++ b/config/auth.php
@@ -104,4 +104,21 @@ return [
        ],
    ],

+    /*
+   |--------------------------------------------------------------------------
+   | Login throttling
+   |--------------------------------------------------------------------------
+   |
+   | This handles the max failed login attempt throttling.
+   | You should not change the values here, but should change them in your
+   | application's .env file instead, as future changes to this file could
+   | overwrite your changes here.
+   |
+   */
+
+    'throttle' => [
+        'max_attempts' => env('LOGIN_MAX_ATTEMPTS', 10),
+        'lockout_duration' =>  env('LOGIN_LOCKOUT_DURATION', 60),
+    ],
+
 ];
--- a/config/database.php
+++ b/config/database.php
@@ -73,6 +73,12 @@ return [
            'dump_command_path' => env('DB_DUMP_PATH', '/usr/local/bin'),  // only the path, so without 'mysqldump'
            'dump_command_timeout' => 60 * 5, // 5 minute timeout
            'dump_using_single_transaction' => true, // perform dump using a single transaction
+            'options' => (env('DB_SSL')) ? [
+                PDO::MYSQL_ATTR_SSL_KEY    => env('DB_SSL_KEY'),  // /path/to/key.pem
+                PDO::MYSQL_ATTR_SSL_CERT   => env('DB_SSL_CERT'), // /path/to/cert.pem
+                PDO::MYSQL_ATTR_SSL_CA     => env('DB_SSL_CA'),   // /path/to/ca.pem
+                PDO::MYSQL_ATTR_SSL_CIPHER => env('DB_SSL_CIPHER')
+            ] : []
        ],

        'pgsql' => [
--- a/config/mail.php
+++ b/config/mail.php
@@ -3,6 +3,12 @@
 return [

    /*
+    | ***************************************************************************
+    | DO NOT MAKE CHANGES DIRECTLY TO THIS FILE.
+    |
+    | Instead use your .env file to set your application configuration settings.
+    | See https://snipe-it.readme.io/docs/configuration for more info.
+    |
    |--------------------------------------------------------------------------
    | Mail Driver
    |--------------------------------------------------------------------------
@@ -11,6 +17,7 @@ return [
    | sending of e-mail. You may specify which one you're using throughout
    | your application here. By default, Laravel is setup for SMTP mail.
    |
+    |
    | Supported: "smtp", "mail", "sendmail", "mailgun", "mandrill", "ses", "log"
    |
    */
@@ -56,6 +63,23 @@ return [

    'from' => ['address' => env('MAIL_FROM_ADDR', null), 'name' => env('MAIL_FROM_NAME', null)],

+
+    /*
+    |--------------------------------------------------------------------------
+    | Global "Reply-To" Address
+    |--------------------------------------------------------------------------
+    |
+    | You may wish for all e-mails sent by your application to have a different "Reply-to"
+    | address than the "From" address. If this is left blank, the application will use
+    | your MAIL_FROM information. 
+    |
+    */
+
+    'reply_to' => [
+        'address' => env('MAIL_REPLYTO_ADDR', env('MAIL_FROM_ADDR', null)),
+        'name' => env('MAIL_REPLYTO_NAME', env('MAIL_FROM_NAME', null))
+    ],
+
    /*
    |--------------------------------------------------------------------------
    | E-Mail Encryption Protocol
--- a/config/permissions.php
+++ b/config/permissions.php
@@ -46,19 +46,19 @@ return array(
            'permission' => 'assets.create',
            'label'      => 'Create ',
            'note'       => '',
-            'display'    => false,
+            'display'    => true,
        ),
        array(
            'permission' => 'assets.edit',
-            'label'      => 'Edit ',
+            'label'      => 'Edit  ',
            'note'       => '',
-            'display'    => false,
+            'display'    => true,
        ),
        array(
            'permission' => 'assets.delete',
            'label'      => 'Delete ',
            'note'       => '',
-            'display'    => false,
+            'display'    => true,
        ),
        array(
            'permission' => 'assets.checkout',
@@ -71,7 +71,14 @@ return array(
            'permission' => 'assets.checkin',
            'label'      => 'Checkin ',
            'note'       => '',
-            'display'    => false,
+            'display'    => true,
+        ),
+
+        array(
+            'permission' => 'assets.checkout',
+            'label'      => 'Checkout ',
+            'note'       => '',
+            'display'    => true,
        ),

        array(
@@ -88,6 +95,7 @@ return array(
            'note'       => '',
            'display'    => true,
        ),
+
    ),

    'Accessories' => array(
@@ -98,34 +106,34 @@ return array(
            'display'    => true,
        ),
        array(
-            'permission' => 'accessory.create',
+            'permission' => 'accessories.create',
            'label'      => 'Create ',
            'note'       => '',
-            'display'    => false,
+            'display'    => true,
        ),
        array(
            'permission' => 'accessories.edit',
            'label'      => 'Edit ',
            'note'       => '',
-            'display'    => false,
+            'display'    => true,
        ),
        array(
            'permission' => 'accessories.delete',
            'label'      => 'Delete ',
            'note'       => '',
-            'display'    => false,
+            'display'    => true,
        ),
        array(
            'permission' => 'accessories.checkout',
            'label'      => 'Checkout ',
            'note'       => '',
-            'display'    => false,
+            'display'    => true,
        ),
        array(
            'permission' => 'accessories.checkin',
            'label'      => 'Checkin ',
            'note'       => '',
-            'display'    => false,
+            'display'    => true,
        ),
    ),

@@ -140,25 +148,25 @@ return array(
            'permission' => 'consumables.create',
            'label'      => 'Create ',
            'note'       => '',
-            'display'    => false,
+            'display'    => true,
        ),
        array(
            'permission' => 'consumables.edit',
            'label'      => 'Edit ',
            'note'       => '',
-            'display'    => false,
+            'display'    => true,
        ),
        array(
            'permission' => 'consumables.delete',
            'label'      => 'Delete ',
            'note'       => '',
-            'display'    => false,
+            'display'    => true,
        ),
        array(
            'permission' => 'consumables.checkout',
            'label'      => 'Checkout ',
            'note'       => '',
-            'display'    => false,
+            'display'    => true,
        ),
    ),

@@ -172,27 +180,27 @@ return array(
        ),
        array(
            'permission' => 'licenses.create',
-            'label'      => 'Create Licenses',
+            'label'      => 'Create ',
            'note'       => '',
-            'display'    => false,
+            'display'    => true,
        ),
        array(
            'permission' => 'licenses.edit',
-            'label'      => 'Edit Licenses',
+            'label'      => 'Edit ',
            'note'       => '',
-            'display'    => false,
+            'display'    => true,
        ),
        array(
            'permission' => 'licenses.delete',
-            'label'      => 'Delete Licenses',
+            'label'      => 'Delete ',
            'note'       => '',
-            'display'    => false,
+            'display'    => true,
        ),
        array(
            'permission' => 'licenses.checkout',
-            'label'      => 'Checkout Licenses',
+            'label'      => 'Checkout ',
            'note'       => '',
-            'display'    => false,
+            'display'    => true,
        ),
        array(
            'permission' => 'licenses.keys',
@@ -212,33 +220,33 @@ return array(
        ),
        array(
            'permission' => 'components.create',
-            'label'      => 'Create Components',
+            'label'      => 'Create ',
            'note'       => '',
-            'display'    => false,
+            'display'    => true,
        ),
        array(
            'permission' => 'components.edit',
-            'label'      => 'Edit Components',
+            'label'      => 'Edit ',
            'note'       => '',
-            'display'    => false,
+            'display'    => true,
        ),
        array(
            'permission' => 'components.delete',
-            'label'      => 'Delete Components',
+            'label'      => 'Delete ',
            'note'       => '',
-            'display'    => false,
+            'display'    => true,
        ),
        array(
            'permission' => 'components.checkout',
-            'label'      => 'Checkout Components',
+            'label'      => 'Checkout ',
            'note'       => '',
-            'display'    => false,
+            'display'    => true,
        ),
        array(
            'permission' => 'components.checkin',
-            'label'      => 'Checkin Components',
+            'label'      => 'Checkin ',
            'note'       => '',
-            'display'    => false,
+            'display'    => true,
        ),

    ),
@@ -254,19 +262,29 @@ return array(
            'permission' => 'users.create',
            'label'      => 'Create Users',
            'note'       => '',
-            'display'    => false,
+            'display'    => true,
        ),
        array(
            'permission' => 'users.edit',
            'label'      => 'Edit Users',
            'note'       => '',
-            'display'    => false,
+            'display'    => true,
        ),
        array(
            'permission' => 'users.delete',
            'label'      => 'Delete Users',
            'note'       => '',
-            'display'    => false,
+            'display'    => true,
+        ),
+
+    ),
+
+    'Self' => array(
+        array(
+            'permission' => 'self.two_factor',
+            'label'      => 'Two-Factor Authentication',
+            'note'       => 'The user may disable/enable two-factor authentication themselves if two-factor is enabled and set to selective.',
+            'display'    => true,
        ),

    ),
--- a/config/version.php
+++ b/config/version.php
@@ -1,5 +1,7 @@
 <?php
 return array (
-  'app_version' => 'v3.0',
-  'hash_version' => 'v3.0-ebc74a65',
+  'app_version' => 'v3.6.1-pre',
+  'build_version' => '73',
+  'hash_version' => 'ge587b2d',
+  'full_hash' => 'v3.6.1-pre-73-ge587b2d',
 );
--- a/database/2016_02_13_071006_create_snipeit_laravel_database.php
+++ b/database/2016_02_13_071006_create_snipeit_laravel_database.php
@@ -1,636 +0,0 @@
-<?php
-
-//
-// NOTE Migration Created: 2016-02-13 07:10:06
-// --------------------------------------------------
-
-class CreateSnipeitLaravelDatabase {
-//
-// NOTE - Make changes to the database.
-// --------------------------------------------------
-
-public function up()
-{
-
-//
-// NOTE -- accessories
-// --------------------------------------------------
-
-Schema::create('accessories', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255)->nullable();
- $table->integer('category_id')->nullable();
- $table->integer('user_id')->nullable();
- $table->integer('qty');
- $table->boolean('requestable');
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->timestamp('deleted_at')->nullable();
- $table->integer('location_id')->nullable();
- $table->date('purchase_date')->nullable();
- $table->decimal('purchase_cost', 13,4)->nullable();
- $table->string('order_number', 255)->nullable();
- $table->integer('company_id')->nullable()->unsigned();
- });
-
-
-//
-// NOTE -- accessories_users
-// --------------------------------------------------
-
-Schema::create('accessories_users', function($table) {
- $table->increments('id')->unsigned();
- $table->integer('user_id')->nullable();
- $table->integer('accessory_id')->nullable();
- $table->integer('assigned_to')->nullable();
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- });
-
-
-//
-// NOTE -- asset_logs
-// --------------------------------------------------
-
-Schema::create('asset_logs', function($table) {
- $table->increments('id')->unsigned();
- $table->integer('user_id');
- $table->string('action_type', 255);
- $table->integer('asset_id')->nullable();
- $table->integer('checkedout_to')->nullable();
- $table->integer('location_id')->nullable();
- $table->dateTime('created_at')->default("0000-00-00 00:00:00");
- $table->string('asset_type', 100)->nullable();
- $table->text('note')->nullable();
- $table->text('filename')->nullable();
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->timestamp('deleted_at')->nullable();
- $table->dateTime('requested_at')->nullable();
- $table->dateTime('accepted_at')->nullable();
- $table->integer('accessory_id')->nullable();
- $table->integer('accepted_id')->nullable();
- $table->integer('consumable_id')->nullable();
- $table->date('expected_checkin')->nullable();
- $table->integer('thread_id')->nullable();
- });
-
-
-//
-// NOTE -- asset_maintenances
-// --------------------------------------------------
-
-Schema::create('asset_maintenances', function($table) {
- $table->increments('id')->unsigned();
- $table->integer('asset_id')->unsigned();
- $table->integer('supplier_id')->unsigned();
- $table->enum('asset_maintenance_type', array('Maintenance','Repair','Upgrade'));
- $table->string('title', 100);
- $table->boolean('is_warranty');
- $table->date('start_date');
- $table->date('completion_date')->nullable();
- $table->integer('asset_maintenance_time')->nullable();
- $table->string('notes')->nullable();
- $table->decimal('cost', 10,2)->nullable();
- $table->dateTime('deleted_at')->nullable();
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- });
-
-
-//
-// NOTE -- asset_uploads
-// --------------------------------------------------
-
-Schema::create('asset_uploads', function($table) {
- $table->increments('id')->unsigned();
- $table->integer('user_id');
- $table->string('filename', 255);
- $table->integer('asset_id');
- $table->string('filenotes', 255);
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->timestamp('deleted_at')->nullable();
- });
-
-
-//
-// NOTE -- assets
-// --------------------------------------------------
-
-Schema::create('assets', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255)->nullable();
- $table->string('asset_tag', 255);
- $table->integer('model_id');
- $table->string('serial', 255);
- $table->date('purchase_date')->nullable();
- $table->decimal('purchase_cost', 13,4)->default("0.0000");
- $table->string('order_number', 255)->nullable();
- $table->integer('assigned_to')->nullable();
- $table->text('notes')->nullable();
- $table->text('image')->nullable();
- $table->integer('user_id');
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->boolean('physical')->default("1");
- $table->timestamp('deleted_at')->nullable();
- $table->integer('status_id')->nullable();
- $table->boolean('archived');
- $table->integer('warranty_months')->nullable();
- $table->boolean('depreciate');
- $table->integer('supplier_id')->nullable();
- $table->boolean('requestable');
- $table->integer('rtd_location_id')->nullable();
- $table->string('_snipeit_mac_address', 255)->nullable();
- $table->enum('accepted', array('pending','accepted','rejected'))->nullable();
- $table->dateTime('last_checkout')->nullable();
- $table->date('expected_checkin')->nullable();
- $table->integer('company_id')->nullable()->unsigned();
- });
-
-
-//
-// NOTE -- categories
-// --------------------------------------------------
-
-Schema::create('categories', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255);
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->integer('user_id');
- $table->timestamp('deleted_at')->nullable();
- $table->text('eula_text')->nullable();
- $table->boolean('use_default_eula');
- $table->boolean('require_acceptance');
- $table->string('category_type', 255)->nullable()->default("asset");
- $table->boolean('checkin_email');
- });
-
-
-//
-// NOTE -- companies
-// --------------------------------------------------
-
-Schema::create('companies', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255)->unique();
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- });
-
-
-//
-// NOTE -- consumables
-// --------------------------------------------------
-
-Schema::create('consumables', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255)->nullable();
- $table->integer('category_id')->nullable();
- $table->integer('location_id')->nullable();
- $table->integer('user_id')->nullable();
- $table->integer('qty');
- $table->boolean('requestable');
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->timestamp('deleted_at')->nullable();
- $table->date('purchase_date')->nullable();
- $table->decimal('purchase_cost', 13,4)->nullable();
- $table->string('order_number', 255)->nullable();
- $table->integer('company_id')->nullable()->unsigned();
- });
-
-
-//
-// NOTE -- consumables_users
-// --------------------------------------------------
-
-Schema::create('consumables_users', function($table) {
- $table->increments('id')->unsigned();
- $table->integer('user_id')->nullable();
- $table->integer('consumable_id')->nullable();
- $table->integer('assigned_to')->nullable();
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- });
-
-
-//
-// NOTE -- custom_field_custom_fieldset
-// --------------------------------------------------
-
-Schema::create('custom_field_custom_fieldset', function($table) {
- $table->integer('custom_field_id');
- $table->integer('custom_fieldset_id');
- $table->integer('order');
- $table->boolean('required');
- });
-
-
-//
-// NOTE -- custom_fields
-// --------------------------------------------------
-
-Schema::create('custom_fields', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255);
- $table->string('format', 255);
- $table->string('element', 255);
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->integer('user_id')->nullable();
- });
-
-
-//
-// NOTE -- custom_fieldsets
-// --------------------------------------------------
-
-Schema::create('custom_fieldsets', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255);
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->integer('user_id')->nullable();
- });
-
-
-//
-// NOTE -- depreciations
-// --------------------------------------------------
-
-Schema::create('depreciations', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255);
- $table->integer('months');
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->integer('user_id');
- });
-
-
-//
-// NOTE -- groups
-// --------------------------------------------------
-
-Schema::create('groups', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255)->unique();
- $table->text('permissions')->nullable();
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- });
-
-
-//
-// NOTE -- history
-// --------------------------------------------------
-
-Schema::create('history', function($table) {
- $table->increments('id')->unsigned();
- $table->integer('checkedout_to');
- $table->integer('location_id');
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->integer('user_id');
- });
-
-
-//
-// NOTE -- license_seats
-// --------------------------------------------------
-
-Schema::create('license_seats', function($table) {
- $table->increments('id')->unsigned();
- $table->integer('license_id');
- $table->integer('assigned_to')->nullable();
- $table->text('notes')->nullable();
- $table->integer('user_id');
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->timestamp('deleted_at')->nullable();
- $table->integer('asset_id')->nullable();
- });
-
-
-//
-// NOTE -- licenses
-// --------------------------------------------------
-
-Schema::create('licenses', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255);
- $table->text('serial')->nullable();
- $table->date('purchase_date')->nullable();
- $table->decimal('purchase_cost', 13,4)->nullable();
- $table->string('order_number', 50)->nullable();
- $table->integer('seats')->default("1");
- $table->text('notes')->nullable();
- $table->integer('user_id');
- $table->boolean('depreciation_id');
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->timestamp('deleted_at')->nullable();
- $table->string('license_name', 100)->nullable();
- $table->string('license_email', 120)->nullable();
- $table->boolean('depreciate')->nullable();
- $table->integer('supplier_id')->nullable();
- $table->date('expiration_date')->nullable();
- $table->string('purchase_order', 255)->nullable();
- $table->date('termination_date')->nullable();
- $table->boolean('maintained');
- $table->boolean('reassignable')->default("1");
- $table->integer('company_id')->nullable()->unsigned();
- });
-
-
-//
-// NOTE -- locations
-// --------------------------------------------------
-
-Schema::create('locations', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255);
- $table->string('city', 255);
- $table->string('state', 255);
- $table->string('country', 2);
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->integer('user_id');
- $table->string('address', 80);
- $table->string('address2', 255)->nullable();
- $table->string('zip', 10)->nullable();
- $table->timestamp('deleted_at')->nullable();
- $table->integer('parent_id')->nullable();
- $table->string('currency', 10)->nullable();
- });
-
-
-//
-// NOTE -- manufacturers
-// --------------------------------------------------
-
-Schema::create('manufacturers', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255);
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->integer('user_id');
- $table->timestamp('deleted_at')->nullable();
- });
-
-
-//
-// NOTE -- models
-// --------------------------------------------------
-
-Schema::create('models', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255);
- $table->string('modelno', 255)->nullable();
- $table->integer('manufacturer_id');
- $table->integer('category_id');
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->integer('depreciation_id');
- $table->integer('user_id');
- $table->integer('eol')->nullable();
- $table->string('image', 255)->nullable();
- $table->boolean('deprecated_mac_address');
- $table->timestamp('deleted_at')->nullable();
- $table->integer('fieldset_id')->nullable();
- $table->text('note')->nullable();
- });
-
-
-//
-// NOTE -- requested_assets
-// --------------------------------------------------
-
-Schema::create('requested_assets', function($table) {
- $table->increments('id')->unsigned();
- $table->integer('asset_id');
- $table->integer('user_id');
- $table->dateTime('accepted_at')->nullable();
- $table->dateTime('denied_at')->nullable();
- $table->string('notes', 255);
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- });
-
-
-//
-// NOTE -- requests
-// --------------------------------------------------
-
-Schema::create('requests', function($table) {
- $table->increments('id')->unsigned();
- $table->integer('asset_id');
- $table->integer('user_id');
- $table->text('request_code');
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->timestamp('deleted_at')->nullable();
- });
-
-
-//
-// NOTE -- settings
-// --------------------------------------------------
-
-Schema::create('settings', function($table) {
- $table->increments('id')->unsigned();
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->integer('user_id');
- $table->integer('per_page')->default("20");
- $table->string('site_name', 100)->default("Snipe IT Asset Management");
- $table->integer('qr_code')->nullable();
- $table->string('qr_text', 32)->nullable();
- $table->integer('display_asset_name')->nullable();
- $table->integer('display_checkout_date')->nullable();
- $table->integer('display_eol')->nullable();
- $table->integer('auto_increment_assets');
- $table->string('auto_increment_prefix', 255);
- $table->boolean('load_remote')->default("1");
- $table->string('logo', 255)->nullable();
- $table->string('header_color', 255)->nullable();
- $table->string('alert_email', 255)->nullable();
- $table->boolean('alerts_enabled')->default("1");
- $table->text('default_eula_text')->nullable();
- $table->string('barcode_type', 255)->nullable()->default("QRCODE");
- $table->string('slack_endpoint', 255)->nullable();
- $table->string('slack_channel', 255)->nullable();
- $table->string('slack_botname', 255)->nullable();
- $table->string('default_currency', 10)->nullable();
- $table->text('custom_css')->nullable();
- $table->boolean('brand')->default("1");
- $table->string('ldap_enabled', 255)->nullable();
- $table->string('ldap_server', 255)->nullable();
- $table->string('ldap_uname', 255)->nullable();
- $table->string('ldap_pword')->nullable();
- $table->string('ldap_basedn', 255)->nullable();
- $table->string('ldap_filter', 255)->nullable()->default("cn=*");
- $table->string('ldap_username_field', 255)->nullable()->default("samaccountname");
- $table->string('ldap_lname_field', 255)->nullable()->default("sn");
- $table->string('ldap_fname_field', 255)->nullable()->default("givenname");
- $table->string('ldap_auth_filter_query', 255)->nullable()->default("uid=samaccountname");
- $table->integer('ldap_version')->nullable()->default("3");
- $table->string('ldap_active_flag', 255)->nullable();
- $table->string('ldap_emp_num', 255)->nullable();
- $table->string('ldap_email', 255)->nullable();
- $table->boolean('full_multiple_companies_support');
- $table->boolean('ldap_server_cert_ignore');
- });
-
-
-//
-// NOTE -- status_labels
-// --------------------------------------------------
-
-Schema::create('status_labels', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 100);
- $table->integer('user_id');
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->timestamp('deleted_at')->nullable();
- $table->boolean('deployable');
- $table->boolean('pending');
- $table->boolean('archived');
- $table->text('notes')->nullable();
- });
-
-
-//
-// NOTE -- suppliers
-// --------------------------------------------------
-
-Schema::create('suppliers', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255);
- $table->string('address', 50)->nullable();
- $table->string('address2', 50)->nullable();
- $table->string('city', 255)->nullable();
- $table->string('state', 32)->nullable();
- $table->string('country', 2)->nullable();
- $table->string('phone', 20)->nullable();
- $table->string('fax', 20)->nullable();
- $table->string('email', 150)->nullable();
- $table->string('contact', 100)->nullable();
- $table->string('notes', 255)->nullable();
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->integer('user_id');
- $table->timestamp('deleted_at')->nullable();
- $table->string('zip', 10)->nullable();
- $table->string('url', 250)->nullable();
- $table->string('image', 255)->nullable();
- });
-
-
-//
-// NOTE -- throttle
-// --------------------------------------------------
-
-Schema::create('throttle', function($table) {
- $table->increments('id')->unsigned();
- $table->integer('user_id')->nullable()->unsigned();
- $table->string('ip_address', 255)->nullable();
- $table->integer('attempts');
- $table->boolean('suspended');
- $table->boolean('banned');
- $table->timestamp('last_attempt_at')->nullable();
- $table->timestamp('suspended_at')->nullable();
- $table->timestamp('banned_at')->nullable();
- });
-
-
-//
-// NOTE -- users
-// --------------------------------------------------
-
-Schema::create('users', function($table) {
- $table->increments('id')->unsigned();
- $table->string('email', 255)->nullable();
- $table->string('password', 255);
- $table->text('permissions')->nullable();
- $table->boolean('activated');
- $table->string('activation_code', 255)->nullable();
- $table->timestamp('activated_at')->nullable();
- $table->timestamp('last_login')->nullable();
- $table->string('persist_code', 255)->nullable();
- $table->string('reset_password_code', 255)->nullable();
- $table->string('first_name', 255);
- $table->string('last_name', 255);
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->timestamp('deleted_at')->nullable();
- $table->string('website', 255)->nullable();
- $table->string('country', 255)->nullable();
- $table->string('gravatar', 255)->nullable();
- $table->integer('location_id')->nullable();
- $table->string('phone', 20)->nullable();
- $table->string('jobtitle', 100)->nullable();
- $table->integer('manager_id')->nullable();
- $table->text('employee_num')->nullable();
- $table->string('avatar', 255)->nullable();
- $table->string('username', 255)->nullable();
- $table->string('notes', 255)->nullable();
- $table->integer('company_id')->nullable()->unsigned();
- });
-
-
-//
-// NOTE -- users_groups
-// --------------------------------------------------
-
-Schema::create('users_groups', function($table) {
- $table->increments('user_id')->unsigned();
- $table->integer('group_id')->unsigned();
- });
-
-
-
-}
-
-//
-// NOTE - Revert the changes to the database.
-// --------------------------------------------------
-
-public function down()
-{
-
-Schema::drop('accessories');
-Schema::drop('accessories_users');
-Schema::drop('asset_logs');
-Schema::drop('asset_maintenances');
-Schema::drop('asset_uploads');
-Schema::drop('assets');
-Schema::drop('categories');
-Schema::drop('companies');
-Schema::drop('consumables');
-Schema::drop('consumables_users');
-Schema::drop('custom_field_custom_fieldset');
-Schema::drop('custom_fields');
-Schema::drop('custom_fieldsets');
-Schema::drop('depreciations');
-Schema::drop('groups');
-Schema::drop('history');
-Schema::drop('license_seats');
-Schema::drop('licenses');
-Schema::drop('locations');
-Schema::drop('manufacturers');
-Schema::drop('models');
-Schema::drop('requested_assets');
-Schema::drop('requests');
-Schema::drop('settings');
-Schema::drop('status_labels');
-Schema::drop('suppliers');
-Schema::drop('throttle');
-Schema::drop('users');
-Schema::drop('users_groups');
-
-}
-}
--- a/database/factories/ModelFactory.php
+++ b/database/factories/ModelFactory.php
@@ -11,6 +11,11 @@
 |
 */

+use App\Models\Company;
+use App\Models\Location;
+use App\Models\Manufacturer;
+use App\Models\Supplier;
+
 $factory->defineAs(App\Models\Asset::class, 'asset', function (Faker\Generator $faker) {
  return [
    'name' => $faker->catchPhrase,
@@ -22,9 +27,12 @@ $factory->defineAs(App\Models\Asset::class, 'asset', function (Faker\Generator $
    'asset_tag' => $faker->unixTime('now'),
    'notes'   => $faker->sentence,
    'purchase_date' 		=> $faker->dateTime(),
+    'purchase_cost' 		=> $faker->randomFloat(2),
    'order_number' => $faker->numberBetween(1000000,50000000),
    'supplier_id' => $faker->numberBetween(1,5),
    'requestable' => $faker->numberBetween(0,1),
+    'company_id' => Company::inRandomOrder()->first()->id,
+    'requestable' => $faker->boolean()
  ];
 });

@@ -34,25 +42,33 @@ $factory->defineAs(App\Models\AssetModel::class, 'assetmodel', function (Faker\G
    'name' => $faker->catchPhrase,
    'manufacturer_id' => $faker->numberBetween(1,10),
    'category_id' => $faker->numberBetween(1,9),
-    'modelno' => $faker->numberBetween(1000000,50000000),
+    'model_number' => $faker->numberBetween(1000000,50000000),
    'eol' => 1,
+    'notes' => $faker->paragraph(),
+    'requestable' => $faker->boolean(),
  ];
 });

 $factory->defineAs(App\Models\Location::class, 'location', function (Faker\Generator $faker) {
-  return [
-    'name' => $faker->city,
-    'city' => $faker->city,
-    'state' => $faker->stateAbbr,
-    'country' => $faker->countryCode,
-    'currency' => $faker->currencyCode,
-  ];
+    return [
+        'name' => $faker->catchPhrase,
+        'address' => $faker->streetAddress,
+        'address2' => $faker->secondaryAddress,
+        'city' => $faker->city,
+        'state' => $faker->stateAbbr,
+        'country' => $faker->countryCode,
+        'currency' => $faker->currencyCode,
+        'zip' => $faker->postcode
+    ];
 });

 $factory->defineAs(App\Models\Category::class, 'asset-category', function (Faker\Generator $faker) {
  return [
    'name' => $faker->text(20),
    'category_type' => $faker->randomElement($array = array ('asset')),
+    'eula_text' => $faker->paragraph(),
+    'require_acceptance' => $faker->boolean(),
+    'checkin_email' => $faker->boolean()
  ];
 });

@@ -94,8 +110,14 @@ $factory->defineAs(App\Models\Component::class, 'component', function (Faker\Gen
  return [
    'name' => $faker->text(20),
    'category_id' => $faker->numberBetween(21,25),
-    'total_qty' => $faker->numberBetween(3, 10),
+    'location_id' => Location::inRandomOrder()->first()->id,
+    'serial'   => $faker->uuid,
+    'qty' => $faker->numberBetween(3, 10),
+    'order_number' => $faker->numberBetween(1000000,50000000),
+    'purchase_date' 		=> $faker->dateTime(),
+    'purchase_cost' 		=> $faker->randomFloat(2),
    'min_amt' => $faker->numberBetween($min = 1, $max = 2),
+    'company_id' => Company::inRandomOrder()->first()->id
  ];
 });

@@ -108,37 +130,52 @@ $factory->defineAs(App\Models\Depreciation::class, 'depreciation', function (Fak

 $factory->defineAs(App\Models\Accessory::class, 'accessory', function (Faker\Generator $faker) {
  return [
+    'company_id' => Company::inRandomOrder()->first()->id,
    'name' => $faker->text(20),
    'category_id' => $faker->numberBetween(11,15),
-    'qty' => $faker->numberBetween(5, 10),
+    'manufacturer_id' => Manufacturer::inRandomOrder()->first()->id,
    'location_id' => $faker->numberBetween(1,5),
+    'order_number' => $faker->numberBetween(1000000,50000000),
+    'purchase_date' 		=> $faker->dateTime(),
+    'purchase_cost' 		=> $faker->randomFloat(2),
+    'qty' => $faker->numberBetween(5, 10),
    'min_amt' => $faker->numberBetween($min = 1, $max = 2),
  ];
+
 });


 $factory->defineAs(App\Models\Supplier::class, 'supplier', function (Faker\Generator $faker) {
-  return [
-    'name' => $faker->company,
-    'address' => $faker->streetAddress,
-    'city' => $faker->city,
-    'state' => $faker->stateAbbr,
-    'country' => $faker->countryCode,
-    'contact' => $faker->name,
-    'phone' => $faker->phoneNumber,
-    'email' => $faker->safeEmail,
-  ];
+    return [
+        'name' => $faker->company,
+        'address' => $faker->streetAddress,
+        'address2' => $faker->secondaryAddress,
+        'city' => $faker->city,
+        'state' => $faker->stateAbbr,
+        'zip' => $faker->postCode,
+        'country' => $faker->countryCode,
+        'contact' => $faker->name,
+        'phone' => $faker->phoneNumber,
+        'fax'   => $faker->phoneNumber,
+        'email' => $faker->safeEmail,
+        'url'   => $faker->url,
+        'notes' => $faker->paragraph
+    ];
 });


 $factory->defineAs(App\Models\Consumable::class, 'consumable', function (Faker\Generator $faker) {
  return [
    'name' => $faker->text(20),
+    'company_id' => Company::inRandomOrder()->first()->id,
    'category_id' => $faker->numberBetween(16, 20),
-    'company_id' => $faker->numberBetween(1, 10),
+    'model_number' => $faker->numberBetween(1000000,50000000),
+    'item_no' => $faker->numberBetween(1000000,50000000),
+    'order_number' => $faker->numberBetween(1000000,50000000),
+    'purchase_date' 		=> $faker->dateTime(),
+    'purchase_cost' 		=> $faker->randomFloat(2),
    'qty' => $faker->numberBetween(5, 10),
    'min_amt' => $faker->numberBetween($min = 1, $max = 2),
-
  ];
 });

@@ -167,7 +204,7 @@ $factory->defineAs(App\Models\Statuslabel::class, 'pending', function (Faker\Gen
    'deployable'	=> 0,
    'pending'	=> 1,
    'archived' => 0,
-    'notes' => ''
+    'notes' => $faker->sentence
  ];
 });

@@ -242,16 +279,20 @@ $factory->defineAs(App\Models\Statuslabel::class, 'lost', function (Faker\Genera
 });

 $factory->defineAs(App\Models\License::class, 'license', function (Faker\Generator $faker) {
-  return [
-    'name'   => $faker->catchPhrase,
-    'serial'   => $faker->uuid,
-    'seats'   => $faker->numberBetween(1, 10),
-    'license_email'   => $faker->safeEmail,
-    'license_name'   => $faker->name,
-    'purchase_date' 		=> $faker->dateTime(),
-    'purchase_cost' 		=> $faker->randomFloat(2),
-    'notes'   => $faker->sentence,
-  ];
+    return [
+        'name'   => $faker->catchPhrase,
+        'serial'   => $faker->uuid,
+        'seats'   => $faker->numberBetween(1, 10),
+        'license_email'   => $faker->safeEmail,
+        'license_name'   => $faker->name,
+        'order_number' => $faker->numberBetween(1500, 13250),
+        'purchase_order' => $faker->numberBetween(1500, 13250),
+        'purchase_date' 		=> $faker->dateTime(),
+        'purchase_cost' 		=> $faker->randomFloat(2),
+        'notes'   => $faker->sentence,
+        'supplier_id' => Supplier::inRandomOrder()->first()->id,
+        'company_id' => Company::inRandomOrder()->first()->id
+    ];
 });

 $factory->defineAs(App\Models\LicenseSeat::class, 'license-seat', function (Faker\Generator $faker) {
@@ -265,18 +306,82 @@ $factory->defineAs(App\Models\LicenseSeat::class, 'license-seat', function (Fake
 });

 $factory->defineAs(App\Models\Actionlog::class, 'asset-checkout', function (Faker\Generator $faker) {
+  $company = Company::has('users')->has('assets')->inRandomOrder()->first();
  return [
-    'user_id'      	=> 1,
+    'user_id'      	=> $company->users()->inRandomOrder()->first()->id,
    'action_type' 		=> 'checkout',
-    'asset_id' 		=> $faker->numberBetween(1, 10),
-    'checkedout_to' => 1,
+    'item_id' 		=> $company->assets()->inRandomOrder()->first()->id,
+    'target_id' => $company->users()->inRandomOrder()->first()->id,
+    'target_type' => 'App\\Models\\User',
    'created_at'  => $faker->dateTime(),
-    'asset_type'  => 'hardware',
+    'item_type'  => 'App\\Models\\Asset',
    'note' 			=> $faker->sentence,
-    'user_id' 			=> '1',
+    'company_id' => $company->id
  ];
 });

+$factory->defineAs(App\Models\Actionlog::class, 'license-checkout-asset', function (Faker\Generator $faker) {
+  $company = Company::has('users')->has('licenses')->inRandomOrder()->first();
+
+  return [
+    'user_id'      	=> $company->users()->inRandomOrder()->first()->id,
+    'action_type' 		=> 'checkout',
+    'item_id' 		=> $company->licenses()->whereNotNull('company_id')->inRandomOrder()->first()->id,
+    'target_id' => $company->assets()->inRandomOrder()->first()->id,
+    'target_type' => 'App\\Models\\Asset',
+    'created_at'  => $faker->dateTime(),
+    'item_type'  => 'App\\Models\\License',
+    'note' 			=> $faker->sentence,
+    'company_id' => $company->id
+  ];
+});
+
+$factory->defineAs(App\Models\Actionlog::class, 'accessory-checkout', function (Faker\Generator $faker) {
+    $company = Company::has('users')->has('accessories')->inRandomOrder()->first();
+  return [
+    'user_id'      	=> $company->users()->inRandomOrder()->first()->id,
+    'action_type' 		=> 'checkout',
+    'item_id' 		=> $company->accessories()->whereNotNull('company_id')->inRandomOrder()->first()->id,
+    'target_id' => $company->users()->inRandomOrder()->first()->id,
+    'target_type' => 'App\\Models\\User',
+    'created_at'  => $faker->dateTime(),
+    'item_type'  => 'App\\Models\\Accessory',
+    'note' 			=> $faker->sentence,
+    'company_id' => $company->id
+  ];
+});
+
+$factory->defineAs(App\Models\Actionlog::class, 'consumable-checkout', function (Faker\Generator $faker) {
+    $company = Company::has('users')->has('consumables')->inRandomOrder()->first();
+
+  return [
+    'user_id'      	=> $company->users()->inRandomOrder()->first()->id,
+    'action_type' 		=> 'checkout',
+    'item_id' 		=> $company->consumables()->whereNotNull('company_id')->inRandomOrder()->first()->id,
+    'target_id' => $company->users()->inRandomOrder()->first()->id,
+    'target_type' => 'App\\Models\\User',
+    'created_at'  => $faker->dateTime(),
+    'item_type'  => 'App\\Models\\Consumable',
+    'note' 			=> $faker->sentence,
+    'company_id' => $company->id
+  ];
+});
+
+$factory->defineAs(App\Models\Actionlog::class, 'component-checkout', function (Faker\Generator $faker) {
+   $company = Company::has('users')->has('components')->inRandomOrder()->first();
+
+  return [
+    'user_id'      	=> $company->users()->inRandomOrder()->first()->id,
+    'action_type' 		=> 'checkout',
+    'item_id' 		=> $company->components()->whereNotNull('company_id')->inRandomOrder()->first()->id,
+    'target_id' => $company->users()->inRandomOrder()->first()->id,
+    'target_type' => 'App\\Models\\User',
+    'created_at'  => $faker->dateTime(),
+    'item_type'  => 'App\\Models\\Component',
+    'note' 			=> $faker->sentence,
+    'company_id' => $company->id
+  ];
+});

 $factory->defineAs(App\Models\CustomField::class, 'customfield-ip', function (Faker\Generator $faker) {
  return [
@@ -288,11 +393,17 @@ $factory->defineAs(App\Models\CustomField::class, 'customfield-ip', function (Fa


 $factory->defineAs(App\Models\User::class, 'valid-user', function (Faker\Generator $faker) {
-  return [
-    'first_name' => $faker->firstName,
-    'last_name' => $faker->lastName,
-    'email' => $faker->safeEmail,
-    'password' => $faker->password,
-    'username' => $faker->username,
-  ];
+    return [
+        'first_name' => $faker->firstName,
+        'last_name' => $faker->lastName,
+        'username' => $faker->username,
+        'password' => $faker->password,
+        'email' => $faker->safeEmail,
+        'company_id' => Company::inRandomOrder()->first()->id,
+        'locale' => $faker->locale,
+        'employee_num' => $faker->numberBetween(3500, 35050),
+        'jobtitle' => $faker->word,
+        'phone' => $faker->phoneNumber,
+        'notes' => $faker->sentence
+    ];
 });
--- a/database/migrations/2014_11_04_231416_update_group_field_for_reporting.php
+++ b/database/migrations/2014_11_04_231416_update_group_field_for_reporting.php
@@ -18,9 +18,9 @@ class UpdateGroupFieldForReporting extends Migration {
 		// 	//
 		// });

-    DB::update('update groups set permissions = ? where id = ?', ['{"admin":1,"users":1,"reports":1}', 1]);
+    DB::update('update '.DB::getTablePrefix().'groups set permissions = ? where id = ?', ['{"admin":1,"users":1,"reports":1}', 1]);

-    DB::update('update groups set permissions = ? where id = ?', ['{"users":1,"reports":1}', 2]);
+    DB::update('update '.DB::getTablePrefix().'groups set permissions = ? where id = ?', ['{"users":1,"reports":1}', 2]);

      // DB::statement('UPDATE '.$prefix.'groups SET permissions="{\"admin\":1,\"users\":1,\"reports\":1}" where id=1');
      // DB::statement('UPDATE '.$prefix.'groups SET permissions="{\"users\":1,\"reports\":1}" where id=2');
--- a/database/migrations/2015_03_01_231912_update_accepted_at_to_acceptance_id.php
+++ b/database/migrations/2015_03_01_231912_update_accepted_at_to_acceptance_id.php
@@ -18,11 +18,11 @@ class UpdateAcceptedAtToAcceptanceId extends Migration {
 			$table->integer('accepted_id')->nullable()->default(NULL);
 		});

-		$results = DB::select('select invitation.id AS invitation_id, acceptance.id AS acceptance_id FROM asset_logs invitation INNER JOIN asset_logs acceptance ON (invitation.checkedout_to=acceptance.checkedout_to AND invitation.asset_id=acceptance.asset_id) WHERE invitation.action_type="checkout" AND acceptance.action_type="accepted"');
+		$results = DB::select('select invitation.id AS invitation_id, acceptance.id AS acceptance_id FROM '.DB::getTablePrefix().'asset_logs invitation INNER JOIN '.DB::getTablePrefix().'asset_logs acceptance ON (invitation.checkedout_to=acceptance.checkedout_to AND invitation.asset_id=acceptance.asset_id) WHERE invitation.action_type="checkout" AND acceptance.action_type="accepted"');


 		foreach ($results as $result) {
-			$update = DB::update('update asset_logs set accepted_id=? where id=?', [$result->acceptance_id, $result->invitation_id]);
+			$update = DB::update('update '.DB::getTablePrefix().'asset_logs set accepted_id=? where id=?', [$result->acceptance_id, $result->invitation_id]);
 		}

 	}
--- a/database/migrations/2015_07_29_230054_add_thread_id_to_asset_logs_table.php
+++ b/database/migrations/2015_07_29_230054_add_thread_id_to_asset_logs_table.php
@@ -64,39 +64,39 @@
        public function up()
        {

-            if (!Schema::hasColumn('asset_logs', 'thread_id')) {
+            // if (!Schema::hasColumn('asset_logs', 'thread_id')) {

-                Schema::table( 'asset_logs', function ( Blueprint $table ) {
+            //     Schema::table( 'asset_logs', function ( Blueprint $table ) {

-                    $table->integer( 'thread_id' )
-                          ->nullable()
-                          ->default( null );
-                    $table->index( 'thread_id' );
-                } );
-            }
+            //         $table->integer( 'thread_id' )
+            //               ->nullable()
+            //               ->default( null );
+            //         $table->index( 'thread_id' );
+            //     } );
+            // }

-            $this->actionlog = new App\Models\Actionlog();
-            $this->assetLogs = $this->actionlog->getListingOfActionLogsChronologicalOrder();
+            // $this->actionlog = new App\Models\Actionlog();
+            // $this->assetLogs = $this->actionlog->getListingOfActionLogsChronologicalOrder();

-            foreach ($this->assetLogs as $assetLog) {
+            // foreach ($this->assetLogs as $assetLog) {

-                if ($this->hasAssetChanged( $assetLog )) {
-                    $this->resetCurrentAssetInformation( $assetLog );
-                }
+            //     if ($this->hasAssetChanged( $assetLog )) {
+            //         $this->resetCurrentAssetInformation( $assetLog );
+            //     }

-                if ($this->hasBegunNewChain( $assetLog )) {
-                    $this->startOfCurrentThread = false;
-                    continue;
-                }
+            //     if ($this->hasBegunNewChain( $assetLog )) {
+            //         $this->startOfCurrentThread = false;
+            //         continue;
+            //     }

-                $this->updateAssetLogWithThreadInformation( $assetLog );
+            //     $this->updateAssetLogWithThreadInformation( $assetLog );

-                if ($this->hasReachedEndOfChain( $assetLog )
-                ) {
-                    $this->clearCurrentAssetInformation();
-                }
+            //     if ($this->hasReachedEndOfChain( $assetLog )
+            //     ) {
+            //         $this->clearCurrentAssetInformation();
+            //     }

-            }
+            // }
        }


--- a/database/migrations/2015_10_23_182625_add_checkout_time_and_expected_checkout_date_to_assets.php
+++ b/database/migrations/2015_10_23_182625_add_checkout_time_and_expected_checkout_date_to_assets.php
@@ -18,8 +18,8 @@ class AddCheckoutTimeAndExpectedCheckoutDateToAssets extends Migration {
 			$answer=$table->dateTime('last_checkout')->nullable();
 			$table->date('expected_checkin')->nullable();
 		});
-		DB::statement("UPDATE assets SET last_checkout=(SELECT MAX(created_at) FROM asset_logs WHERE asset_logs.id=assets.id AND action_type='checkout') WHERE assigned_to IS NOT NULL");
-		DB::statement("UPDATE assets SET expected_checkin=(SELECT expected_checkin FROM asset_logs WHERE asset_logs.id=assets.id AND action_type='checkout' ORDER BY id DESC limit 1) WHERE assigned_to IS NOT NULL");
+		DB::statement("UPDATE ".DB::getTablePrefix()."assets SET last_checkout=(SELECT MAX(created_at) FROM ".DB::getTablePrefix()."asset_logs WHERE ".DB::getTablePrefix()."asset_logs.id=".DB::getTablePrefix()."assets.id AND action_type='checkout') WHERE assigned_to IS NOT NULL");
+		DB::statement("UPDATE ".DB::getTablePrefix()."assets SET expected_checkin=(SELECT expected_checkin FROM ".DB::getTablePrefix()."asset_logs WHERE ".DB::getTablePrefix()."asset_logs.id=".DB::getTablePrefix()."assets.id AND action_type='checkout' ORDER BY id DESC limit 1) WHERE assigned_to IS NOT NULL");
 	}

 	/**
--- a/database/migrations/2016_07_22_003348_fix_custom_fields_regex_stuff.php
+++ b/database/migrations/2016_07_22_003348_fix_custom_fields_regex_stuff.php
@@ -0,0 +1,78 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class FixCustomFieldsRegexStuff extends Migration
+{
+    /**
+     * Run the migrations.
+     * "ANY" => "",
+     * "ALPHA" => "alpha",
+     * "EMAIL" => "email",
+     * "DATE" => "date",
+     *  "URL" => "url",
+     * "NUMERIC" => "numeric",
+     * "MAC" => "regex:/^[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}$/",
+     * "IP" => "ip"
+     *
+     * @return void
+     */
+    public function up()
+    {
+        foreach(\App\Models\CustomField::all() as $custom_field) {
+
+            // Handle alphanumeric
+            if (stripos($custom_field->format, 'ALPHA') !== false) {
+                $custom_field->format='alpha';
+
+            // Numeric
+            } elseif (stripos($custom_field->format, 'NUMERIC') !== false) {
+                $custom_field->format='numeric';
+
+            // IP
+            } elseif (stripos($custom_field->format, 'IP') !== false) {
+                $custom_field->format='ip';
+
+            // Email
+            } elseif (stripos($custom_field->format, 'EMAIL') !== false) {
+                $custom_field->format='email';
+
+            // MAC
+            } elseif (stripos($custom_field->format, 'regex:/^[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}$/') !== false) {
+                $custom_field->format='regex:/^[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}$/';
+
+            // Date
+            } elseif (stripos($custom_field->format, 'DATE') !== false) {
+                $custom_field->format='date';
+
+
+            // URL
+            } elseif (stripos($custom_field->format, 'URL') !== false) {
+                $custom_field->format='url';
+
+            // ANY
+            } elseif (stripos($custom_field->format, 'ANY') !== false) {
+                $custom_field->format='';
+
+            // Fix any custom regexes
+            } else {
+                $tmp_custom = str_replace('regex:/^', '', $custom_field->format);
+                $tmp_custom = str_replace('$/', '', $tmp_custom);
+                $custom_field->format = 'regex:/^'.$tmp_custom.'$/';
+            }
+
+            $custom_field->save();
+        }
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        //
+    }
+}
--- a/database/migrations/2016_07_22_054850_one_more_mac_addr_fix.php
+++ b/database/migrations/2016_07_22_054850_one_more_mac_addr_fix.php
@@ -0,0 +1,34 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class OneMoreMacAddrFix extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        foreach(\App\Models\CustomField::all() as $custom_field) {
+
+            if ($custom_field->format=='regex:/^MAC$/') {
+                $custom_field->format = 'regex:/^[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}$/';
+            }
+            $custom_field->save();
+
+        }
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        //
+    }
+}
--- a/database/migrations/2016_07_22_143045_add_port_to_ldap_settings.php
+++ b/database/migrations/2016_07_22_143045_add_port_to_ldap_settings.php
@@ -0,0 +1,31 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddPortToLdapSettings extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('settings', function (Blueprint $table) {
+            $table->string('ldap_port', 5)->default('389');
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('settings', function ($table) {
+            $table->dropColumn('ldap_port');
+        });
+    }
+}
--- a/database/migrations/2016_07_22_153432_add_tls_to_ldap_settings.php
+++ b/database/migrations/2016_07_22_153432_add_tls_to_ldap_settings.php
@@ -0,0 +1,31 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddTlsToLdapSettings extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('settings', function (Blueprint $table) {
+            $table->boolean('ldap_tls')->default(0);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('settings', function ($table) {
+            $table->dropColumn('ldap_tls');
+        });
+    }
+}
--- a/database/migrations/2016_07_27_211034_add_zerofill_to_settings.php
+++ b/database/migrations/2016_07_27_211034_add_zerofill_to_settings.php
@@ -0,0 +1,31 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddZerofillToSettings extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('settings', function (Blueprint $table) {
+            $table->integer('zerofill_count')->default(5);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('settings', function ($table) {
+            $table->dropColumn('zerofill_count');
+        });
+    }
+}
--- a/Show More
+++ b/Show More